Checks whether the public key for this certificate is consistent with the given private key.
method
crypto.X509Certificate.checkPrivateKey
@param privateKey
A private key.
Referenced types
class KeyObject
Node.js uses a KeyObject class to represent a symmetric or asymmetric key, and each kind of key exposes different functions. The createSecretKey, createPublicKey and createPrivateKey methods are used to create KeyObjectinstances. KeyObject objects are not to be created directly using the newkeyword.
Most applications should consider using the new KeyObject API instead of passing keys as strings or Buffers due to improved security features.
KeyObject instances can be passed to other threads via postMessage(). The receiver obtains a cloned KeyObject, and the KeyObject does not need to be listed in the transferList argument.
- asymmetricKeyDetails?: AsymmetricKeyDetails
This property exists only on asymmetric keys. Depending on the type of the key, this object contains information about the key. None of the information obtained through this property can be used to uniquely identify a key or to compromise the security of the key.
For RSA-PSS keys, if the key material contains a
RSASSA-PSS-paramssequence, thehashAlgorithm,mgf1HashAlgorithm, andsaltLengthproperties will be set.Other key details might be exposed via this API using additional attributes.
- asymmetricKeyType?: AsymmetricKeyType
For asymmetric keys, this property represents the type of the key. See the supported asymmetric key types.
This property is
undefinedfor unrecognizedKeyObjecttypes and symmetric keys. - symmetricKeySize?: number
For secret keys, this property represents the size of the key in bytes. This property is
undefinedfor asymmetric keys. - type: KeyObjectType
Depending on the type of this
KeyObject, this property is either'secret'for secret (symmetric) keys,'public'for public (asymmetric) keys or'private'for private (asymmetric) keys. - ): boolean;
Returns
trueorfalsedepending on whether the keys have exactly the same type, value, and parameters. This method is not constant time.@param otherKeyObjectA
KeyObjectwith which to comparekeyObject. - options?: T
The result type depends on the selected encoding format, when PEM the result is a string, when DER it will be a buffer containing the data encoded as DER, when JWK it will be an object. Raw formats return a
Buffercontaining the raw key material.Private keys can be encrypted by specifying a
cipherandpassphrase. The PKCS#8typesupports encryption with both PEM and DERformatfor any key algorithm. PKCS#1 and SEC1 can only be encrypted when the PEMformatis used. For maximum compatibility, use PKCS#8 for encrypted private keys. Since PKCS#8 defines its own encryption mechanism, PEM-level encryption is not supported when encrypting a PKCS#8 key. See RFC 5208 for PKCS#8 encryption and RFC 1421 for PKCS#1 and SEC1 encryption. - extractable: boolean,
Converts a
KeyObjectinstance to aCryptoKey. Returns the underlying
KeyObjectof aCryptoKey. The returnedKeyObjectdoes not retain any of the restrictions imposed by the Web Crypto API on the originalCryptoKey, such as the allowed key usages, the algorithm or hash algorithm bindings, and the extractability flag. In particular, the underlying key material of the returnedKeyObjectcan always be exported.const { KeyObject } = await import('node:crypto'); const { subtle } = globalThis.crypto; const key = await subtle.generateKey({ name: 'HMAC', hash: 'SHA-256', length: 256, }, true, ['sign', 'verify']); const keyObject = KeyObject.from(key); console.log(keyObject.symmetricKeySize); // Prints: 32 (symmetric key size in bytes)