openssl list-public-key-algorithms on crypto docs

[yagop]

According with docs openssl list-public-key-algorithms shows the available signing algorithms, but isn't very helpfull, in fact I'm still unable to figure out which parameter to pass to crypto.createVerify(algorithm) 😢

By the way, on openssl 1.1.0b does not exists that command:

$ openssl version
OpenSSL 1.1.0b  26 Sep 2016
$ openssl list-public-key-algorithms
Invalid command 'list-public-key-algorithms'; type "help" for a list.
$ openssl list -public-key-algorithms
Name: OpenSSL RSA method
    Type: Builtin Algorithm
    OID: rsaEncryption
    PEM string: RSA
Name: rsa
    Alias for: rsaEncryption
Name: OpenSSL PKCS#3 DH method
    Type: Builtin Algorithm
    OID: dhKeyAgreement
    PEM string: DH
...

[Fishrock123]

cc @nodejs/crypto

[mscdex]

Perhaps we should just add a crypto.getPubKeyAlgos() or similar.

[bnoordhuis]

I see openssl list-public-key-algorithms mentioned for crypto.createSign() and crypto.createVerify() but I have no idea why. What you want to use is one of the digests from crypto.getHashes(), like RSA-SHA256.

[indutny]

Yeah, it is basically contained in crypto.getHashes() as @bnoordhuis pointed out.

[bnoordhuis]

Looks like the documentation has basically always been wrong -- I traced it back to commit afce4c3 from May 2010, released in v0.1.94! In fairness, we didn't have crypto.getHashes() back then. :-)

[indutny]

Nor did anyone know how these things work ;)

[gibfahn]

Sounds like we're somewhat overdue a documentation update then?

[bnoordhuis]

Yep.

[sstern6]

Would like to make a PR for this, from what I understand from the thread I need to:

1. Remove openssl list-public-key-algorithms explanation from crypto.createSign() and crypto.createVerify() sections in the docs.
2. Update the crypto.getHashes() to be more clear about listing supported hash algorithms?

Can have a PR open for this shortly!

cc @bnoordhuis

Thanks!

[bnoordhuis]

@sstern6 Correct. I'd also cross-reference crypto.getHashes() from crypto.createSign() and crypto.createVerify().

[sstern6]

@bnoordhuis ON IT! Will have a PR open today! Thank you