Skip to content

Commit

Permalink
doc: undeprecate RSA_PKCS1_PADDING
Browse files Browse the repository at this point in the history
  • Loading branch information
tniessen authored Feb 18, 2024
1 parent fe22990 commit f7f213e
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions doc/api/crypto.md
Original file line number Diff line number Diff line change
Expand Up @@ -4392,8 +4392,9 @@ changes:
- v21.6.2
- v20.11.1
- v18.19.1
pr-url: https://github.com/nodejs-private/node-private/pull/525
description: The `RSA_PKCS1_PADDING` padding was disabled.
pr-url: https://github.com/nodejs-private/node-private/pull/515

Check warning on line 4395 in doc/api/crypto.md

View workflow job for this annotation

GitHub Actions / lint-pr-url

pr-url doesn't match the URL of the current PR.
description: The `RSA_PKCS1_PADDING` padding was disabled unless the
OpenSSL build supports implicit rejection.
- version: v15.0.0
pr-url: https://github.com/nodejs/node/pull/35093
description: Added string, ArrayBuffer, and CryptoKey as allowable key
Expand Down Expand Up @@ -4435,8 +4436,10 @@ If `privateKey` is not a [`KeyObject`][], this function behaves as if
object, the `padding` property can be passed. Otherwise, this function uses
`RSA_PKCS1_OAEP_PADDING`.

The `crypto.constants.RSA_PKCS1_PADDING` padding is disabled in
[`crypto.privateDecrypt()`][] since the February 2024 security releases. <span class="deprecated-inline"></span>
Using `crypto.constants.RSA_PKCS1_PADDING` in [`crypto.privateDecrypt()`][]
requires OpenSSL to support implicit rejection (`rsa_pkcs1_implicit_rejection`).
If the version of OpenSSL used by Node.js does not support this feature,
attempting to use `RSA_PKCS1_PADDING` will fail.

### `crypto.privateEncrypt(privateKey, buffer)`

Expand Down

0 comments on commit f7f213e

Please sign in to comment.