rspec/rules/S4426/javascript/how-to-fix-it/node-js.adoc

== How to fix it in Node.js

=== Code examples

include::../../common/fix/code-rationale.adoc[]

==== Noncompliant code example

include::../../common/fix/rsa.adoc[]

[source,javascript,diff-id=1,diff-type=noncompliant]
----
const crypto = require('crypto');

function callback(err, pub, priv) {}

var { privateKey, publicKey } = crypto.generateKeyPairSync('rsa', {
    modulusLength: 1024,  // Noncompliant
    publicKeyEncoding:  { type: 'spki', format: 'pem' },
    privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
  },
  callback);
----

include::../../common/fix/dsa.adoc[]

[source,javascript,diff-id=2,diff-type=noncompliant]
----
const crypto = require('crypto');

function callback(err, pub, priv) {}

var { privateKey, publicKey } = crypto.generateKeyPairSync('dsa', {
    modulusLength: 1024,  // Noncompliant
    publicKeyEncoding:  { type: 'spki', format: 'pem' },
    privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
  },
  callback);
----


include::../../common/fix/ec.adoc[]

[source,javascript,diff-id=3,diff-type=noncompliant]
----
const crypto = require('crypto');

function callback(err, pub, priv) {}

var { privateKey, publicKey } = crypto.generateKeyPair('ec', {
    namedCurve: 'secp112r2', // Noncompliant
    publicKeyEncoding:  { type: 'spki', format: 'pem' },
    privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
  },
  callback);
----

==== Compliant solution

include::../../common/fix/rsa.adoc[]

[source,javascript,diff-id=1,diff-type=compliant]
----
const crypto = require('crypto');

function callback(err, pub, priv) {}

var { privateKey, publicKey } = crypto.generateKeyPairSync('rsa', {
    modulusLength: 2048,
    publicKeyEncoding:  { type: 'spki', format: 'pem' },
    privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
  },
  callback);
----

include::../../common/fix/dsa.adoc[]

[source,javascript,diff-id=2,diff-type=compliant]
----
const crypto = require('crypto');

function callback(err, pub, priv) {}

var { privateKey, publicKey } = crypto.generateKeyPairSync('dsa', {
    modulusLength: 2048,
    publicKeyEncoding:  { type: 'spki', format: 'pem' },
    privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
  },
  callback);
----


include::../../common/fix/ec.adoc[]

[source,javascript,diff-id=3,diff-type=compliant]
----
const crypto = require('crypto');

function callback(err, pub, priv) {}

var { privateKey, publicKey } = crypto.generateKeyPair('ec', {
    namedCurve: 'secp224k1',
    publicKeyEncoding:  { type: 'spki', format: 'pem' },
    privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
  },
  callback);
----

=== How does this work?

include::../../common/fix/fix.adoc[]

=== Going the extra mile

include::../../common/extra-mile/pre-quantum.adoc[]