From d13b1358db3c516345d225b40865078f450ed154 Mon Sep 17 00:00:00 2001 From: Divy Srivastava Date: Mon, 14 Oct 2024 12:57:25 +0530 Subject: [PATCH 1/2] fix(ext/node): compute pem length (upper bound) for key exports Fixes https://github.com/denoland/deno/issues/26188 --- ext/node/ops/crypto/keys.rs | 8 ++++++-- tests/unit_node/crypto/crypto_key_test.ts | 21 +++++++++++++++++++++ 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/ext/node/ops/crypto/keys.rs b/ext/node/ops/crypto/keys.rs index 867b34e04454f7..ac62f5ccaede58 100644 --- a/ext/node/ops/crypto/keys.rs +++ b/ext/node/ops/crypto/keys.rs @@ -2024,7 +2024,9 @@ pub fn op_node_export_public_key_pem( _ => unreachable!("export_der would have errored"), }; - let mut out = vec![0; 2048]; + let pem_len = der::pem::encapsulated_len(label, LineEnding::LF, data.len()) + .map_err(|_| type_error("very large data"))?; + let mut out = vec![0; pem_len]; let mut writer = PemWriter::new(label, LineEnding::LF, &mut out)?; writer.write(&data)?; let len = writer.finish()?; @@ -2063,7 +2065,9 @@ pub fn op_node_export_private_key_pem( _ => unreachable!("export_der would have errored"), }; - let mut out = vec![0; 2048]; + let pem_len = der::pem::encapsulated_len(label, LineEnding::LF, data.len()) + .map_err(|_| type_error("very large data"))?; + let mut out = vec![0; pem_len]; let mut writer = PemWriter::new(label, LineEnding::LF, &mut out)?; writer.write(&data)?; let len = writer.finish()?; diff --git a/tests/unit_node/crypto/crypto_key_test.ts b/tests/unit_node/crypto/crypto_key_test.ts index 7995ce5d3f8d17..efd8ea17585d97 100644 --- a/tests/unit_node/crypto/crypto_key_test.ts +++ b/tests/unit_node/crypto/crypto_key_test.ts @@ -656,3 +656,24 @@ z6TExWlQMjt66nV7R8cRAkzmABrG+NW3e8Zpac7Lkuv+zu0S+K7c assertEquals(publicKey.type, "public"); assertEquals(publicKey.asymmetricKeyType, "rsa"); }); + +// https://github.com/denoland/deno/issues/26188 +Deno.test("generateKeyPair large pem", async function () { + const passphrase = "mypassphrase"; + const cipher = "aes-256-cbc"; + const modulusLength = 4096; + + generateKeyPairSync("rsa", { + modulusLength, + publicKeyEncoding: { + type: "spki", + format: "pem", + }, + privateKeyEncoding: { + type: "pkcs8", + format: "pem", + cipher, + passphrase, + }, + }); +}); From 85b38c4ce1a59a3729798a7ed7fb501db4406159 Mon Sep 17 00:00:00 2001 From: Divy Srivastava Date: Mon, 14 Oct 2024 13:05:51 +0530 Subject: [PATCH 2/2] Lint --- tests/unit_node/crypto/crypto_key_test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/unit_node/crypto/crypto_key_test.ts b/tests/unit_node/crypto/crypto_key_test.ts index efd8ea17585d97..3c7ad4423278b6 100644 --- a/tests/unit_node/crypto/crypto_key_test.ts +++ b/tests/unit_node/crypto/crypto_key_test.ts @@ -658,7 +658,7 @@ z6TExWlQMjt66nV7R8cRAkzmABrG+NW3e8Zpac7Lkuv+zu0S+K7c }); // https://github.com/denoland/deno/issues/26188 -Deno.test("generateKeyPair large pem", async function () { +Deno.test("generateKeyPair large pem", function () { const passphrase = "mypassphrase"; const cipher = "aes-256-cbc"; const modulusLength = 4096;