Description
- Version: v15.0.1
- Platform: Darwin DaveMBP.local 18.7.0 Darwin Kernel Version 18.7.0: Mon Aug 31 20:53:32 PDT 2020; root:xnu-4903.278.44~1/RELEASE_X86_64 x86_64
- Subsystem: crypto
What steps will reproduce the bug?
const crypto = require('crypto');
crypto.generateKeyPair('rsa', {
modulusLength: 2048,
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem',
cipher: 'aes-256-cbc',
passphrase: '', // <-- blank string passphrase
},
publicKeyEncoding: { type: 'spki', format: 'pem' },
}, (err, publicKey, privateKey) => console.log(`got key\n\n${publicKey}\n\n${privateKey}`));What is the expected behaviour?
In NodeJS 14 and below, the above generates an output without any prompts.
What do you see instead?
Since NodeJS 15, the above issues a prompt on the terminal:
Enter PEM pass phrase:
Which hangs until the user provides input (i.e. forever on a CI server).
Additional information
It seems reasonable for a blank string to be rejected as an input here if a cipher is being used, but it should either work or throw an exception. Triggering a command-line prompt is not a good user experience, and makes this relatively difficult to track-down.
In my particular case, I allow users of my project to configure a blank passphrase to mean "don't bother encrypting this", which I can achieve myself by detecting a blank passphrase and passing undefined for both cipher and passphrase in Node 15, which is fine. My personal preference would be for this to throw if given a blank passphrase, but that would still be a breaking change from 14, so maybe the way to go is to allow blank passphrases as before.