Skip to content
Permalink
Browse files

crypto: fix key requirements in asymmetric cipher

PR-URL: #30249
Fixes: #30237
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
  • Loading branch information
tniessen authored and MylesBorins committed Nov 4, 2019
1 parent d2c85f3 commit bb7e78a2a0be5775a9edc2bb71bc202032840753
Showing with 30 additions and 14 deletions.
  1. +2 −2 lib/internal/crypto/cipher.js
  2. +28 −12 test/parallel/test-crypto-key-objects.js
@@ -66,11 +66,11 @@ function rsaFunctionFor(method, defaultPadding, keyType) {
const publicEncrypt = rsaFunctionFor(_publicEncrypt, RSA_PKCS1_OAEP_PADDING,
'public');
const publicDecrypt = rsaFunctionFor(_publicDecrypt, RSA_PKCS1_PADDING,
'private');
'public');
const privateEncrypt = rsaFunctionFor(_privateEncrypt, RSA_PKCS1_PADDING,
'private');
const privateDecrypt = rsaFunctionFor(_privateDecrypt, RSA_PKCS1_OAEP_PADDING,
'public');
'private');

function getDecoder(decoder, encoding) {
encoding = normalizeEncoding(encoding);
@@ -15,8 +15,10 @@ const {
createPrivateKey,
KeyObject,
randomBytes,
publicDecrypt,
publicEncrypt,
privateDecrypt
privateDecrypt,
privateEncrypt
} = require('crypto');

const fixtures = require('../common/fixtures');
@@ -156,7 +158,16 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
assert(Buffer.isBuffer(privateDER));

const plaintext = Buffer.from('Hello world', 'utf8');
const ciphertexts = [
const testDecryption = (fn, ciphertexts, decryptionKeys) => {
for (const ciphertext of ciphertexts) {
for (const key of decryptionKeys) {
const deciphered = fn(key, ciphertext);
assert.deepStrictEqual(deciphered, plaintext);
}
}
};

testDecryption(privateDecrypt, [
// Encrypt using the public key.
publicEncrypt(publicKey, plaintext),
publicEncrypt({ key: publicKey }, plaintext),
@@ -173,20 +184,25 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
// DER-encoded data only.
publicEncrypt({ format: 'der', type: 'pkcs1', key: publicDER }, plaintext),
publicEncrypt({ format: 'der', type: 'pkcs1', key: privateDER }, plaintext)
];

const decryptionKeys = [
], [
privateKey,
{ format: 'pem', key: privatePem },
{ format: 'der', type: 'pkcs1', key: privateDER }
];
]);

for (const ciphertext of ciphertexts) {
for (const key of decryptionKeys) {
const deciphered = privateDecrypt(key, ciphertext);
assert(plaintext.equals(deciphered));
}
}
testDecryption(publicDecrypt, [
privateEncrypt(privateKey, plaintext)
], [
// Decrypt using the public key.
publicKey,
{ format: 'pem', key: publicPem },
{ format: 'der', type: 'pkcs1', key: publicDER },

// Decrypt using the private key.
privateKey,
{ format: 'pem', key: privatePem },
{ format: 'der', type: 'pkcs1', key: privateDER }
]);
}

{

0 comments on commit bb7e78a

Please sign in to comment.
You can’t perform that action at this time.