Using JWK as encoding format for public key in crypto.generateKeyPairSync() throws an error

[johannesnydahl]

• Version: v16.4.0
• Platform: Microsoft Windows NT 10.0.18363.0 x64
• Subsystem: Crypto

What steps will reproduce the bug?

main.js

const crypto = require("crypto");

const keys = crypto.generateKeyPairSync("ec", {
	namedCurve: "P-384",
	publicKeyEncoding: { type: "spki", format: "jwk" },
	privateKeyEncoding: { type: "pkcs8", format: "pem" }
});

console.log(keys.publicKey);

then just execute the command node main.js

How often does it reproduce? Is there a required condition?

Everytime. If I change the public key encoding format to "pem" or "der" it dosen't throw an error. It seems like "jwk" is the only broken format.

What is the expected behavior?

Should probably look something like the output below. I used the keyObject.export() to create this output because as mentioned above, crypto.generateKeyPairSync() dosen't work at all with "jwk".

Code to produce the expected output:

const crypto = require("crypto");

const keys = crypto.generateKeyPairSync("ec", {
	namedCurve: "P-384"
});

console.log(keys.publicKey.export({ format: "jwk" }));

Expected output:

{
  crv: 'P-384',
  kty: 'EC',
  x: 'BC-y_ZyH6rYMv_YAREfUainM1c9iwhHc9KEPPRD1u2zGJMuGV1LvEWh2igD3kAS5',
  y: 'LX7TofWICe4_nJZNBkS0rtqDCDoTp9_TuKHqKQHh1wDH3hvgSZjPWZN1TnrvbfR4'
}

What do you see instead?

node:internal/crypto/keys:268
  throw new ERR_INVALID_ARG_VALUE(optionName, formatStr);
  ^

TypeError [ERR_INVALID_ARG_VALUE]: The property 'options.publicKeyEncoding.format' is invalid. Received 'jwk'
    at new NodeError (node:internal/errors:363:5)
    at parseKeyFormat (node:internal/crypto/keys:268:9)
    at parseKeyFormatAndType (node:internal/crypto/keys:304:18)
    at parseKeyEncoding (node:internal/crypto/keys:332:7)
    at parsePublicKeyEncoding (node:internal/crypto/keys:371:10)
    at parseKeyEncoding (node:internal/crypto/keygen:125:9)
    at createJob (node:internal/crypto/keygen:161:42)
    at Object.generateKeyPairSync (node:internal/crypto/keygen:95:22)
    at Object.<anonymous> (C:\Users\johannes.nydahl\Desktop\Playground\main.js:3:21)
    at Module._compile (node:internal/modules/cjs/loader:1095:14) {
  code: 'ERR_INVALID_ARG_VALUE'
}

Additional information

Tested on both node version v16.4.0 and v15.9.0 (v15.9.0 was when keyObject.export() first started to support "jwk" as format.

[tniessen]

cc @nodejs/crypto (especially @panva @jasnell)

[tniessen]

The combination { type: "spki", format: "jwk" } makes little sense. SPKI is a traditional cryptographic format, JWK is a new format that's incompatible with these older formats.

[johannesnydahl]

@tniessen

My cryptographic skills are lacking so I just picked "spki" because it was the only type that private EC keys supported according to the documentation. But from what I've tested, not using the "type" option at all throws the same error.

[panva]

🤦‍♂️ i forgot about this interaction

If a publicKeyEncoding or privateKeyEncoding was specified, this function behaves as if keyObject.export() had been called on its result.

A simple { format: 'jwk' } should work for the supported key types but currently doesn't.

[D4nte]

I believe the issue also exist on node 15 but was not fixed: https://github.com/D4nte/js-libp2p-crypto/runs/4438572378?check_suite_focus=true

Can the fix be backported to 15?

Cc @jasnell

[panva]

@D4nte the fix was never meant to land on v15.x since it has reached End-Of-Life on 2021-06-01.