Inconsistent secret key generation with asKey function for same secret ?

[Totalus]

I realised the secret key generation with asKey(<object>) and asKey(<string>) give different result for the same given secret.

The asKey(<string>) performs a base64 encoding of the secret prior to generation. The asKey(<object>) does not.

See the following example:

const JWK = require('jose').JWK; # jose v1.28.0

let key1 = JWK.asKey({k: 'secret',kty: 'oct'});
let key2 = JWK.asKey('secret');
let key3 = JWK.asKey({k: 'c2VjcmV0',kty: 'oct'}); // base64('secret') = 'c2VjcmV0'

console.log(key1);
// OctKey {
//   kid: 'JjvgvhKsqj5lIftVdyBo7IjNUfHYrpZMAecBuy5PjHo',
//   kty: 'oct'
// }

console.log(key2);
// OctKey {
//   kid: 'DWBh0SEIAPYh1x5uvot4z3AhaikHkxNJa3Ada2fT-Cg',
//   kty: 'oct'
// }

console.log(key3);
// OctKey {
//   kid: 'DWBh0SEIAPYh1x5uvot4z3AhaikHkxNJa3Ada2fT-Cg',
//   kty: 'oct'
// }

In the example above, I would expect key1 and key2 to be the same key as they are fed with the same secret and key3 to be different.

Is that an intended behavior ?

I haven't find anything clarifying that in the doc.

[panva]

When passing an object you’re expected to pass a JWK. That means k should already be base64url encoded as per the spec. When passing a string or a buffer it’s by design that the value you passed be the actual secret so it’s encoded into a JWK for you.

You haven’t found anything in the doc because this is the spec.