fixme: Revert "crypto: add API for key pair generation"

This reverts commit 8c502f5.

boringssl does not support these APIs.

Author: MarshallOfSound

doc/api/crypto.md

@@ -1893,128 +1893,6 @@ Use [`crypto.getHashes()`][] to obtain an array of names of the available
 signing algorithms. Optional `options` argument controls the
 `stream.Writable` behavior.
 
-In some cases, a `Verify` instance can be created using the name of a signature
-algorithm, such as `'RSA-SHA256'`, instead of a digest algorithm. This will use
-the corresponding digest algorithm. This does not work for all signature
-algorithms, such as `'ecdsa-with-SHA256'`, so it is best to always use digest
-algorithm names.
-
-### crypto.generateKeyPair(type, options, callback)
-<!-- YAML
-added: v10.12.0
-changes:
-  - version: REPLACEME
-    pr-url: https://github.com/nodejs/node/pull/26554
-    description: Add ability to generate Ed25519 and Ed448 key pairs.
-  - version: v11.6.0
-    pr-url: https://github.com/nodejs/node/pull/24234
-    description: The `generateKeyPair` and `generateKeyPairSync` functions now
-                 produce key objects if no encoding was specified.
--->
-* `type`: {string} Must be `'rsa'`, `'dsa'`, `'ec'`, `'ed25519'`, or `'ed448'`.
-* `options`: {Object}
-  - `modulusLength`: {number} Key size in bits (RSA, DSA).
-  - `publicExponent`: {number} Public exponent (RSA). **Default:** `0x10001`.
-  - `divisorLength`: {number} Size of `q` in bits (DSA).
-  - `namedCurve`: {string} Name of the curve to use (EC).
-  - `publicKeyEncoding`: {Object} See [`keyObject.export()`][].
-  - `privateKeyEncoding`: {Object} See [`keyObject.export()`][].
-* `callback`: {Function}
-  - `err`: {Error}
-  - `publicKey`: {string | Buffer | KeyObject}
-  - `privateKey`: {string | Buffer | KeyObject}
-
-Generates a new asymmetric key pair of the given `type`. RSA, DSA, EC, Ed25519
-and Ed448 are currently supported.
-
-If a `publicKeyEncoding` or `privateKeyEncoding` was specified, this function
-behaves as if [`keyObject.export()`][] had been called on its result. Otherwise,
-the respective part of the key is returned as a [`KeyObject`].
-
-It is recommended to encode public keys as `'spki'` and private keys as
-`'pkcs8'` with encryption for long-term storage:
-
-```js
-const { generateKeyPair } = require('crypto');
-generateKeyPair('rsa', {
-  modulusLength: 4096,
-  publicKeyEncoding: {
-    type: 'spki',
-    format: 'pem'
-  },
-  privateKeyEncoding: {
-    type: 'pkcs8',
-    format: 'pem',
-    cipher: 'aes-256-cbc',
-    passphrase: 'top secret'
-  }
-}, (err, publicKey, privateKey) => {
-  // Handle errors and use the generated key pair.
-});
-```
-
-On completion, `callback` will be called with `err` set to `undefined` and
-`publicKey` / `privateKey` representing the generated key pair.
-
-If this method is invoked as its [`util.promisify()`][]ed version, it returns
-a `Promise` for an `Object` with `publicKey` and `privateKey` properties.
-
-### crypto.generateKeyPairSync(type, options)
-<!-- YAML
-added: v10.12.0
-changes:
-  - version: REPLACEME
-    pr-url: https://github.com/nodejs/node/pull/26554
-    description: Add ability to generate Ed25519 and Ed448 key pairs.
-  - version: v11.6.0
-    pr-url: https://github.com/nodejs/node/pull/24234
-    description: The `generateKeyPair` and `generateKeyPairSync` functions now
-                 produce key objects if no encoding was specified.
--->
-* `type`: {string} Must be `'rsa'`, `'dsa'`, `'ec'`, `'ed25519'`, or `'ed448'`.
-* `options`: {Object}
-  - `modulusLength`: {number} Key size in bits (RSA, DSA).
-  - `publicExponent`: {number} Public exponent (RSA). **Default:** `0x10001`.
-  - `divisorLength`: {number} Size of `q` in bits (DSA).
-  - `namedCurve`: {string} Name of the curve to use (EC).
-  - `publicKeyEncoding`: {Object} See [`keyObject.export()`][].
-  - `privateKeyEncoding`: {Object} See [`keyObject.export()`][].
-* Returns: {Object}
-  - `publicKey`: {string | Buffer | KeyObject}
-  - `privateKey`: {string | Buffer | KeyObject}
-
-Generates a new asymmetric key pair of the given `type`. RSA, DSA, EC, Ed25519
-and Ed448 are currently supported.
-
-If a `publicKeyEncoding` or `privateKeyEncoding` was specified, this function
-behaves as if [`keyObject.export()`][] had been called on its result. Otherwise,
-the respective part of the key is returned as a [`KeyObject`].
-
-When encoding public keys, it is recommended to use `'spki'`. When encoding
-private keys, it is recommended to use `'pks8'` with a strong passphrase, and to
-keep the passphrase confidential.
-
-```js
-const { generateKeyPairSync } = require('crypto');
-const { publicKey, privateKey } = generateKeyPairSync('rsa', {
-  modulusLength: 4096,
-  publicKeyEncoding: {
-    type: 'spki',
-    format: 'pem'
-  },
-  privateKeyEncoding: {
-    type: 'pkcs8',
-    format: 'pem',
-    cipher: 'aes-256-cbc',
-    passphrase: 'top secret'
-  }
-});
-```
-
-The return value `{ publicKey, privateKey }` represents the generated key pair.
-When PEM encoding was selected, the respective key will be a string, otherwise
-it will be a buffer containing the data encoded as DER.
-
 ### crypto.getCiphers()
 <!-- YAML
 added: v0.9.3

doc/api/errors.md

@@ -760,11 +760,6 @@ be called no more than one time per instance of a `Hash` object.
 
 [`hash.update()`][] failed for any reason. This should rarely, if ever, happen.
 
-<a id="ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS"></a>
-### ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS
-
-The selected public or private key encoding is incompatible with other options.
-
 <a id="ERR_CRYPTO_INVALID_DIGEST"></a>
 ### ERR_CRYPTO_INVALID_DIGEST
 

lib/crypto.js

@@ -53,16 +53,6 @@ const {
   scrypt,
   scryptSync
 } = require('internal/crypto/scrypt');
-const {
-  generateKeyPair,
-  generateKeyPairSync
-} = require('internal/crypto/keygen');
-const {
-  createSecretKey,
-  createPublicKey,
-  createPrivateKey,
-  KeyObject,
-} = require('internal/crypto/keys');
 const {
   DiffieHellman,
   DiffieHellmanGroup,
@@ -163,8 +153,6 @@ module.exports = exports = {
   getHashes,
   pbkdf2,
   pbkdf2Sync,
-  generateKeyPair,
-  generateKeyPairSync,
   privateDecrypt,
   privateEncrypt,
   publicDecrypt,

lib/internal/errors.js

@@ -597,8 +597,6 @@ E('ERR_CRYPTO_HASH_DIGEST_NO_UTF16', 'hash.digest() does not support UTF-16',
   Error);
 E('ERR_CRYPTO_HASH_FINALIZED', 'Digest already called', Error);
 E('ERR_CRYPTO_HASH_UPDATE_FAILED', 'Hash update failed', Error);
-E('ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS', 'The selected key encoding %s %s.',
-  Error);
 E('ERR_CRYPTO_INVALID_DIGEST', 'Invalid digest: %s', TypeError);
 E('ERR_CRYPTO_INVALID_KEY_OBJECT_TYPE',
   'Invalid key object type %s, expected %s.', TypeError);

node.gyp

@@ -105,8 +105,6 @@
       'lib/internal/crypto/cipher.js',
       'lib/internal/crypto/diffiehellman.js',
       'lib/internal/crypto/hash.js',
-      'lib/internal/crypto/keygen.js',
-      'lib/internal/crypto/keys.js',
       'lib/internal/crypto/pbkdf2.js',
       'lib/internal/crypto/random.js',
       'lib/internal/crypto/scrypt.js',

src/async_wrap.h

@@ -72,7 +72,6 @@ namespace node {
 #if HAVE_OPENSSL
 #define NODE_ASYNC_CRYPTO_PROVIDER_TYPES(V)                                   \
   V(PBKDF2REQUEST)                                                            \
-  V(KEYPAIRGENREQUEST)                                                        \
   V(RANDOMBYTESREQUEST)                                                       \
   V(SCRYPTREQUEST)                                                            \
   V(TLSWRAP)