Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

doc,crypto: further clarify RSA_PKCS1_PADDING support #51799

Closed
wants to merge 1 commit into from
Closed
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 7 additions & 4 deletions doc/api/crypto.md
Original file line number Diff line number Diff line change
Expand Up @@ -4392,8 +4392,9 @@
- v21.6.2
- v20.11.1
- v18.19.1
pr-url: https://github.com/nodejs-private/node-private/pull/525
description: The `RSA_PKCS1_PADDING` padding was disabled.
pr-url: https://github.com/nodejs-private/node-private/pull/515

Check warning on line 4395 in doc/api/crypto.md

View workflow job for this annotation

GitHub Actions / lint-pr-url

pr-url doesn't match the URL of the current PR.
description: The `RSA_PKCS1_PADDING` padding was disabled unless the
OpenSSL build supports implicit rejection.
- version: v15.0.0
pr-url: https://github.com/nodejs/node/pull/35093
description: Added string, ArrayBuffer, and CryptoKey as allowable key
Expand Down Expand Up @@ -4435,8 +4436,10 @@
object, the `padding` property can be passed. Otherwise, this function uses
`RSA_PKCS1_OAEP_PADDING`.

The `crypto.constants.RSA_PKCS1_PADDING` padding is disabled in
[`crypto.privateDecrypt()`][] since the February 2024 security releases. <span class="deprecated-inline"></span>
Using `crypto.constants.RSA_PKCS1_PADDING` in [`crypto.privateDecrypt()`][]
requires OpenSSL to support implicit rejection (`rsa_pkcs1_implicit_rejection`).
If the version of OpenSSL used by Node.js does not support this feature,
attempting to use `RSA_PKCS1_PADDING` will fail.

### `crypto.privateEncrypt(privateKey, buffer)`

Expand Down