Skip to content

Commit

Permalink
fail on private export with a passphrase
Browse files Browse the repository at this point in the history
  • Loading branch information
panva committed Feb 2, 2021
1 parent 44d49e0 commit a6d1e96
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 0 deletions.
4 changes: 4 additions & 0 deletions lib/internal/crypto/keys.js
Original file line number Diff line number Diff line change
Expand Up @@ -228,6 +228,10 @@ const [

export(options) {
if (options && options.format === 'jwk') {
if (options.passphrase !== undefined) {
throw new ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS(
'jwk', 'does not support encryption');
}
const properties = this[kAsymmetricKeyJWKProperties]();
return this[kHandle].exportJwk(properties);
}
Expand Down
9 changes: 9 additions & 0 deletions test/parallel/test-crypto-key-objects.js
Original file line number Diff line number Diff line change
Expand Up @@ -199,6 +199,15 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
jwk
);

// Exporting the key using JWK should not work since this format does not
// support key encryption
assert.throws(() => {
privateKey.export({ format: 'jwk', passphrase: 'secret' });
}, {
message: 'The selected key encoding jwk does not support encryption.',
code: 'ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS'
});

const publicDER = publicKey.export({
format: 'der',
type: 'pkcs1'
Expand Down

0 comments on commit a6d1e96

Please sign in to comment.