Exposing OpenSSL RSA KeyGen

[daviddias]

I'm trying to understand if there is a reason why RSA KeyGen was never exposed as an API in the crypto module. I'm familiar with the pure js solutions such as keypair but they are really slow compared to using OpenSSL.

Was there any other thread about this where a decision was made?

[benjamingr]

@nodejs/crypto

[bnoordhuis]

There hasn't been much demand. It has been discussed a few times but since most people generate their keys ahead of time and since you can shell out to (for example) openssl genrsa, there doesn't seem to be a pressing need.

[bnoordhuis]

I'll close this out. Feel free to reopen if needed.

[daviddias]

We use it extensively in js-ipfs as we spawn multiple nodes and use RSA keys as Peer Identities. Is this something that can still be considered or should we look for another route?

[tniessen]

Is this something that can still be considered or should we look for another route?

I would like to wait until we have a final decision about createCipher (see e.g. #13941) before making any further changes to the crypto API. Afterwards, I might consider implementing this.

[bnoordhuis]

I'll reopen this in the mean time so it's not forgotten about.

[bsZeroFive]

I would also love to see this as a feature in the default crypto module. Always wondered why this wrapper wasn't integrated. Are there any updates on this request?

[tniessen]

@bsZeroFive Not yet, I will comment here once a decision has been made. Please use the button on the right to subscribe to this issue if you wish to be notified.

Implementation heavily relies on asynchronous crypto, I believe @jasnell is working on that.