What is Node crypto.createPrivateKey(key)?

crypto.createPrivateKey is a function that accepts one argument and returns a new key (object(KeyObject)) that contains a private key.

   crypto.createPrivateKey(key)

Thecrypto.createPrivatekey function was added in node version 11.6.0, earlier versions of node don’t support this function.

Parameter

If the key is not a string or buffer, then the key must be an object with the following properties.

  • key: The key material can either be in the PEM, DER, or JWK format. Key can be an instance of any of the following:
    • string
    • ArrayBuffer
    • Buffer
    • TypedArray
    • DataView
    • Object
  • format : Must be pemprivacy-enhanced mail, derdistinguished encoding rules, or jwkjson web key. The Default format is pem and the format must be a string.
  • type : Must be pkcs1public key cryptographic standards 1 , pkcs8public key cryptographic standards 8, or sec1standards for efficient cryptography 1. This option is only required if the format is der; otherwise, it is ignored. The type must be a string.
  • passphrase : Passphrase is used for decryption. If the private key is encrypted, a passphrase must be specified. The length of the passphrase is limited to 1024 bytes. Passphrase must be either a string or Buffer.
  • encoding : The string encoding to be used when key is a string.

Return value

The crypto.createPrivateKey function returns a new Key Object.

Example

The code snippet below shows how to use the crypto.createPrivateKey function. The createPrivateKey function uses the key argument to create and return a new key object.

const crypto = require("crypto");
 //generate encrypted privateKey
 const {publicKey, privateKey } = crypto.generateKeyPairSync('rsa', 
      {
  modulusLength: 4096,
  publicKeyEncoding: {
    type: 'spki',
    format: 'pem'
  },
  privateKeyEncoding: {
    type: 'pkcs8',
    format: 'pem',
    cipher: 'aes-256-cbc',
    passphrase: ''
  }
});
//generate key Object
const keyObject = crypto.createPrivateKey({  
          key: privateKey,
          format: "pem",
          type: "pkcs1",
          passphrase: "",
          encoding: "utf-8"
      });
export default keyObject;

Explanation

  1. Import crypto module.
  2. Use the crypto.generateKeyPairSync function to synchronously get privateKey.
  • Finally, pass the private key generated from the crypto.generateKeyPairSync to the crypto.createPrivateKey function. This, in turn, returns a keyObject.
  • The last line exports the keyObject; thus, making it available for use on other modules.
Free AI Mock Interviews
Coding Interview
Coding PatternsFree Interview
Gain insights and practical experience with coding patterns through targeted MCQs and coding problems, designed to match and challenge your expertise level.
System Design
You TubeFree Interview
Learn to design a video streaming platform like YouTube by tackling functional and non-functional requirements, core components, and high-level to detailed design challenges.

Free Resources

Copyright ©2025 Educative, Inc. All rights reserved