Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rsa-oaep decrypt the ciphertext (an empty string) got an unexpected string #57553

Open
TheNorthMemory opened this issue Mar 20, 2025 · 3 comments · May be fixed by #57575
Open

rsa-oaep decrypt the ciphertext (an empty string) got an unexpected string #57553

TheNorthMemory opened this issue Mar 20, 2025 · 3 comments · May be fixed by #57575
Labels
confirmed-bug Issues with confirmed bugs. crypto Issues and PRs related to the crypto subsystem.

Comments

@TheNorthMemory
Copy link

TheNorthMemory commented Mar 20, 2025
edited
Loading

Version

23.7.0

Platform

Windows, macOS, Linux

Subsystem

crypto

What steps will reproduce the bug?

the crypto.privateDecrypt method sames changed the behavior since node23.7. I'm not sure that is a bug or feature. Reproduce codes as below:

// file: test-crypto-private-decrypt.js
const crypto = require('crypto');

const keys = crypto.generateKeyPairSync(
    'rsa',
    {
        modulusLength: 2048,
        publicKeyEncoding: { type: 'spki', format: 'pem' },
        privateKeyEncoding: { type: 'pkcs8', format: 'pem' },
    }
);

const empty = '';

const ciphertext = crypto.publicEncrypt({
    oaepHash:'sha1',
    padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
    key: keys.publicKey,
}, Buffer.from(empty)).toString('base64');

const plaintext = crypto.privateDecrypt({
    oaepHash: 'sha1',
    padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
    key: keys.privateKey
}, Buffer.from(ciphertext, 'base64')).toString('utf8');

console.assert(empty === plaintext, 'rsa-oaep `encrypt` empty string is success, but `decrypt` got unexpected string.');

when run the code, such as node test-crypto-private-decrypt.js in node23.7.0. The terminal prompted the message:

Assertion failed: rsa-oaep `encrypt` empty string is success, but `decrypt` got unexpected string.

How often does it reproduce? Is there a required condition?

no extra conditions.

What is the expected behavior? Why is that the expected behavior?

the privateDecrypt behavior should be same as before >= 10 < 23.7

What do you see instead?

Assertion failed: rsa-oaep encrypt empty string is success, but decrypt got unexpected string.

Additional information

The failed CI was here, message as below:

 1) lib/rsa
       Rsa::decrypt
         method `decrypt` should returns an empty string when `ciphertext` is the input via `Rsa.encrypt` and `privateKeyCertificate` is a `pem` buffer:
     AssertionError: expected '\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000' to be empty
      at Assertion.fail (node_modules/should/cjs/should.js:275:17)
      at Assertion.value [as empty] (node_modules/should/cjs/should.js:356:19)
      at Context.<anonymous> (tests/lib/rsa.test.js:120:68)
      at process.processImmediate (node:internal/timers:511:21)

  2) lib/rsa
       Rsa::decrypt
         method `decrypt` should returns an empty string when `ciphertext` is the input via `Rsa.encrypt` and `privateKeyCertificate` is a pkcs8 `pem` String:
     AssertionError: expected '\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000' to be empty
      at Assertion.fail (node_modules/should/cjs/should.js:275:17)
      at Assertion.value [as empty] (node_modules/should/cjs/should.js:356:19)
      at Context.<anonymous> (tests/lib/rsa.test.js:135:68)
      at process.processImmediate (node:internal/timers:511:21)
@panva panva added confirmed-bug Issues with confirmed bugs. crypto Issues and PRs related to the crypto subsystem. labels Mar 20, 2025
@panva
Copy link
Member

panva commented Mar 20, 2025
edited
Loading

I can confirm this regressed in v23.7.0

Likely suspects #56653, #56526, or #56421

@jasnell can you please take a look? #56653 is the most likely since it did not land on 22.x and the issue is not present in the latest 22.x but it could be a interaction of the three as well.

@TheNorthMemory TheNorthMemory changed the title since v23.7, ras-oaep decrypt the ciphertext (plain of the empty string) got an expected string since v23.7, ras-oaep decrypt the ciphertext (plain of the empty string) got an unexpected string Mar 20, 2025
@AmitPrajapati-1
Copy link

I've updated the PR with the requested changes. Please review when possible. #57558

@AmitPrajapati-1
Copy link

can you check this PR #57572

@panva panva mentioned this issue Mar 21, 2025
Open
panva added a commit to panva/node that referenced this issue Mar 21, 2025
@panva
crypto: fix output of privateDecrypt with zero-length data
057f4c5 
closes nodejs#57553
closes nodejs#57572
closes nodejs#57558
@panva panva linked a pull request Mar 21, 2025 that will close this issue
Open
@TheNorthMemory TheNorthMemory changed the title since v23.7, ras-oaep decrypt the ciphertext (plain of the empty string) got an unexpected string rsa-oaep decrypt the ciphertext (an empty string) got an unexpected string Mar 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
confirmed-bug Issues with confirmed bugs. crypto Issues and PRs related to the crypto subsystem.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

crypto: fix output of privateDecrypt with zero-length data panva/node
3 participants
@panva @TheNorthMemory @AmitPrajapati-1