Misleading documentation in crypto.publicEncrypt and publicDecrypt
- Version: Any > 4.0
- Platform: Any
- Subsystem: crypto / documentation
$ node -p process.versions
{ http_parser: '2.7.0',
node: '8.1.0',
v8: '5.8.283.41',
uv: '1.12.0',
zlib: '1.2.11',
ares: '1.10.1-DEV',
modules: '57',
openssl: '1.0.2l',
icu: '58.2',
unicode: '9.0',
cldr: '30.0.3',
tz: '2016j' }
$ node -p process.versions
{ http_parser: '2.7.0',
node: '4.6.1',
v8: '4.5.103.37',
uv: '1.9.1',
zlib: '1.2.8',
ares: '1.10.1-DEV',
modules: '46',
openssl: '1.0.2j-fips' }
Documentation of the crypto session of node.js is wrong. Even in public key encrypt/decrypt it talks about:
crypto.publicEncrypt(public_key, buffer)
Added in: v0.11.14
public_key <Object> | <string>
key <string> A PEM encoded private key.
...
It does say later that the private key can be used instead of the public key, but still it's clearly wrong. Also it is related to #13612 (closed) in a way, that whereas if private key is submitted to this function, it can contain whitespace and/or other garble before the key. On the other hand, if a public key is submitted, the public key header must start immediately from the beginning of the string without any leading whitespace or line feeds or the operation fails.