doc: public keys don't accept passphrases

Since `crypto.publicDecrypt()` and `crypto.publicEncrypt()` accept both public and private keys, make it clear that the `passphrase` option only applies to private keys. PR-URL: https://github.com/nodejs/node/pull/16087 Ref: https://github.com/nodejs/node/pull/16038 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Nikolai Vavilov <vvnicholas@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2026-01-15 12:15:26 +00:00 · 2017-10-08 19:35:18 +02:00
parent 3e144496d3
commit 3469eb9553
1 changed files with 14 additions and 14 deletions
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -1712,45 +1712,45 @@ Encrypts `buffer` with `privateKey`.
 `privateKey` can be an object or a string. If `privateKey` is a string, it is
 treated as the key with no passphrase and will use `RSA_PKCS1_PADDING`.

-### crypto.publicDecrypt(publicKey, buffer)
+### crypto.publicDecrypt(key, buffer)
 <!-- YAML
 added: v1.1.0
 -->
- `publicKey` {Object | string}
-  - `key` {string} A PEM encoded public key.
-  - `passphrase` {string} An optional passphrase for the public key.
+- `key` {Object | string}
+  - `key` {string} A PEM encoded public or private key.
+  - `passphrase` {string} An optional passphrase for the private key.
  - `padding` {crypto.constants} An optional padding value defined in
    `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING` or
    `RSA_PKCS1_PADDING`.
 - `buffer` {Buffer | TypedArray | DataView}
 - Returns: {Buffer} A new `Buffer` with the decrypted content.

-Decrypts `buffer` with `publicKey`.
+Decrypts `buffer` with `key`.

-`publicKey` can be an object or a string. If `publicKey` is a string, it is
-treated as the key with no passphrase and will use `RSA_PKCS1_PADDING`.
+`key` can be an object or a string. If `key` is a string, it is treated as
+the key with no passphrase and will use `RSA_PKCS1_PADDING`.

 Because RSA public keys can be derived from private keys, a private key may
 be passed instead of a public key.

-### crypto.publicEncrypt(publicKey, buffer)
+### crypto.publicEncrypt(key, buffer)
 <!-- YAML
 added: v0.11.14
 -->
- `publicKey` {Object | string}
-  - `key` {string} A PEM encoded public key.
-  - `passphrase` {string} An optional passphrase for the public key.
+- `key` {Object | string}
+  - `key` {string} A PEM encoded public or private key.
+  - `passphrase` {string} An optional passphrase for the private key.
  - `padding` {crypto.constants} An optional padding value defined in
    `crypto.constants`, which may be: `crypto.constants.RSA_NO_PADDING`,
    `RSA_PKCS1_PADDING`, or `crypto.constants.RSA_PKCS1_OAEP_PADDING`.
 - `buffer` {Buffer | TypedArray | DataView}
 - Returns: {Buffer} A new `Buffer` with the encrypted content.

-Encrypts the content of `buffer` with `publicKey` and returns a new
+Encrypts the content of `buffer` with `key` and returns a new
 [`Buffer`][] with encrypted content.

-`publicKey` can be an object or a string. If `publicKey` is a string, it is
-treated as the key with no passphrase and will use `RSA_PKCS1_OAEP_PADDING`.
+`key` can be an object or a string. If `key` is a string, it is treated as
+the key with no passphrase and will use `RSA_PKCS1_OAEP_PADDING`.

 Because RSA public keys can be derived from private keys, a private key may
 be passed instead of a public key.