Skip to content

Commit

Permalink
doc,crypto: further clarify RSA_PKCS1_PADDING support
Browse files Browse the repository at this point in the history
PR-URL: nodejs#51799
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
  • Loading branch information
tniessen authored and rdw-msft committed Mar 20, 2024
1 parent 936284e commit 4ff1abc
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions doc/api/crypto.md
Original file line number Diff line number Diff line change
Expand Up @@ -4392,8 +4392,9 @@ changes:
- v21.6.2
- v20.11.1
- v18.19.1
pr-url: https://github.com/nodejs-private/node-private/pull/525
description: The `RSA_PKCS1_PADDING` padding was disabled.
pr-url: https://github.com/nodejs-private/node-private/pull/515
description: The `RSA_PKCS1_PADDING` padding was disabled unless the
OpenSSL build supports implicit rejection.
- version: v15.0.0
pr-url: https://github.com/nodejs/node/pull/35093
description: Added string, ArrayBuffer, and CryptoKey as allowable key
Expand Down Expand Up @@ -4435,8 +4436,10 @@ If `privateKey` is not a [`KeyObject`][], this function behaves as if
object, the `padding` property can be passed. Otherwise, this function uses
`RSA_PKCS1_OAEP_PADDING`.

The `crypto.constants.RSA_PKCS1_PADDING` padding is disabled in
[`crypto.privateDecrypt()`][] since the February 2024 security releases. <span class="deprecated-inline"></span>
Using `crypto.constants.RSA_PKCS1_PADDING` in [`crypto.privateDecrypt()`][]
requires OpenSSL to support implicit rejection (`rsa_pkcs1_implicit_rejection`).
If the version of OpenSSL used by Node.js does not support this feature,
attempting to use `RSA_PKCS1_PADDING` will fail.

### `crypto.privateEncrypt(privateKey, buffer)`

Expand Down

0 comments on commit 4ff1abc

Please sign in to comment.