From a97850a1be50ed19121d54b935987b8f8b2e632f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= Date: Mon, 4 Nov 2019 15:00:25 +0100 Subject: [PATCH 1/2] crypto: fix key requirements in asymmetric cipher Fixes: https://github.com/nodejs/node/issues/30237 --- lib/internal/crypto/cipher.js | 4 +-- test/parallel/test-crypto-key-objects.js | 40 +++++++++++++++++------- 2 files changed, 30 insertions(+), 14 deletions(-) diff --git a/lib/internal/crypto/cipher.js b/lib/internal/crypto/cipher.js index 4eb1aee69c9ecc..133b1e51532fc7 100644 --- a/lib/internal/crypto/cipher.js +++ b/lib/internal/crypto/cipher.js @@ -66,11 +66,11 @@ function rsaFunctionFor(method, defaultPadding, keyType) { const publicEncrypt = rsaFunctionFor(_publicEncrypt, RSA_PKCS1_OAEP_PADDING, 'public'); const publicDecrypt = rsaFunctionFor(_publicDecrypt, RSA_PKCS1_PADDING, - 'private'); + 'public'); const privateEncrypt = rsaFunctionFor(_privateEncrypt, RSA_PKCS1_PADDING, 'private'); const privateDecrypt = rsaFunctionFor(_privateDecrypt, RSA_PKCS1_OAEP_PADDING, - 'public'); + 'private'); function getDecoder(decoder, encoding) { encoding = normalizeEncoding(encoding); diff --git a/test/parallel/test-crypto-key-objects.js b/test/parallel/test-crypto-key-objects.js index 15de241b358fb1..70de220d5ee012 100644 --- a/test/parallel/test-crypto-key-objects.js +++ b/test/parallel/test-crypto-key-objects.js @@ -15,8 +15,10 @@ const { createPrivateKey, KeyObject, randomBytes, + publicDecrypt, publicEncrypt, - privateDecrypt + privateDecrypt, + privateEncrypt } = require('crypto'); const fixtures = require('../common/fixtures'); @@ -156,7 +158,16 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem', assert(Buffer.isBuffer(privateDER)); const plaintext = Buffer.from('Hello world', 'utf8'); - const ciphertexts = [ + const testDecryption = (fn, ciphertexts, decryptionKeys) => { + for (const ciphertext of ciphertexts) { + for (const key of decryptionKeys) { + const deciphered = fn(key, ciphertext); + assert(plaintext.equals(deciphered)); + } + } + }; + + testDecryption(privateDecrypt, [ // Encrypt using the public key. publicEncrypt(publicKey, plaintext), publicEncrypt({ key: publicKey }, plaintext), @@ -173,20 +184,25 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem', // DER-encoded data only. publicEncrypt({ format: 'der', type: 'pkcs1', key: publicDER }, plaintext), publicEncrypt({ format: 'der', type: 'pkcs1', key: privateDER }, plaintext) - ]; - - const decryptionKeys = [ + ], [ privateKey, { format: 'pem', key: privatePem }, { format: 'der', type: 'pkcs1', key: privateDER } - ]; + ]); - for (const ciphertext of ciphertexts) { - for (const key of decryptionKeys) { - const deciphered = privateDecrypt(key, ciphertext); - assert(plaintext.equals(deciphered)); - } - } + testDecryption(publicDecrypt, [ + privateEncrypt(privateKey, plaintext) + ], [ + // Decrypt using the public key. + publicKey, + { format: 'pem', key: publicPem }, + { format: 'der', type: 'pkcs1', key: publicDER }, + + // Decrypt using the private key. + privateKey, + { format: 'pem', key: privatePem }, + { format: 'der', type: 'pkcs1', key: privateDER } + ]); } { From f9bdeb84a97e7e6c9d276b1c25528d5ca06e40dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= Date: Mon, 4 Nov 2019 15:42:33 +0100 Subject: [PATCH 2/2] fixup! crypto: fix key requirements in asymmetric cipher --- test/parallel/test-crypto-key-objects.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/parallel/test-crypto-key-objects.js b/test/parallel/test-crypto-key-objects.js index 70de220d5ee012..dc995be041ed48 100644 --- a/test/parallel/test-crypto-key-objects.js +++ b/test/parallel/test-crypto-key-objects.js @@ -162,7 +162,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem', for (const ciphertext of ciphertexts) { for (const key of decryptionKeys) { const deciphered = fn(key, ciphertext); - assert(plaintext.equals(deciphered)); + assert.deepStrictEqual(deciphered, plaintext); } } };