From 85546c2a0489ebbddc9ce824e1f6f688553be6a9 Mon Sep 17 00:00:00 2001 From: Daiki Ihara Date: Mon, 25 Mar 2019 12:08:09 +0900 Subject: test: add test about unencrypted PKCS#8 private key for RSA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PR-URL: https://github.com/nodejs/node/pull/26898 Refs: https://github.com/nodejs/node/issues/24928 Reviewed-By: Ben Noordhuis Reviewed-By: James M Snell Reviewed-By: Ruben Bridgewater Reviewed-By: Tobias Nießen --- test/parallel/test-crypto-rsa-dsa.js | 46 +++++++++++++++++++++++++++++++++--- 1 file changed, 43 insertions(+), 3 deletions(-) (limited to 'test/parallel/test-crypto-rsa-dsa.js') diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js index 348fd15b74..589fa57a1c 100644 --- a/test/parallel/test-crypto-rsa-dsa.js +++ b/test/parallel/test-crypto-rsa-dsa.js @@ -21,6 +21,8 @@ const dsaPubPem = fixtures.readSync('test_dsa_pubkey.pem', 'ascii'); const dsaKeyPem = fixtures.readSync('test_dsa_privkey.pem', 'ascii'); const dsaKeyPemEncrypted = fixtures.readSync('test_dsa_privkey_encrypted.pem', 'ascii'); +const rsaPkcs8KeyPem = fixtures.readSync('test_rsa_pkcs8_privkey.pem'); +const dsaPkcs8KeyPem = fixtures.readSync('test_dsa_pkcs8_privkey.pem'); const decryptError = /^Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt$/; @@ -35,6 +37,9 @@ const decryptError = let decryptedBuffer = crypto.privateDecrypt(rsaKeyPem, encryptedBuffer); assert.strictEqual(decryptedBuffer.toString(), input); + decryptedBuffer = crypto.privateDecrypt(rsaPkcs8KeyPem, encryptedBuffer); + assert.strictEqual(decryptedBuffer.toString(), input); + let decryptedBufferWithPassword = crypto.privateDecrypt({ key: rsaKeyPemEncrypted, passphrase: 'password' @@ -119,11 +124,17 @@ function test_rsa(padding) { padding: padding }, bufferToEncrypt); - const decryptedBuffer = crypto.privateDecrypt({ + let decryptedBuffer = crypto.privateDecrypt({ key: rsaKeyPem, padding: padding }, encryptedBuffer); assert.deepStrictEqual(decryptedBuffer, input); + + decryptedBuffer = crypto.privateDecrypt({ + key: rsaPkcs8KeyPem, + padding: padding + }, encryptedBuffer); + assert.deepStrictEqual(decryptedBuffer, input); } test_rsa('RSA_NO_PADDING'); @@ -150,6 +161,16 @@ assert.strictEqual(rsaSignature, expectedSignature); rsaVerify.update(rsaPubPem); assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true); +// Test RSA PKCS#8 key signing/verification +rsaSign = crypto.createSign('SHA1'); +rsaSign.update(rsaPubPem); +rsaSignature = rsaSign.sign(rsaPkcs8KeyPem, 'hex'); +assert.strictEqual(rsaSignature, expectedSignature); + +rsaVerify = crypto.createVerify('SHA1'); +rsaVerify.update(rsaPubPem); +assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true); + // Test RSA key signing/verification with encrypted key rsaSign = crypto.createSign('SHA1'); rsaSign.update(rsaPubPem); @@ -216,7 +237,7 @@ assert.throws(() => { const input = 'I AM THE WALRUS'; // DSA signatures vary across runs so there is no static string to verify - // against + // against. const sign = crypto.createSign('SHA1'); sign.update(input); const signature = sign.sign(dsaKeyPem, 'hex'); @@ -238,6 +259,25 @@ assert.throws(() => { } +// +// Test DSA signing and verification with PKCS#8 private key +// +{ + const input = 'I AM THE WALRUS'; + + // DSA signatures vary across runs so there is no static string to verify + // against. + const sign = crypto.createSign('SHA1'); + sign.update(input); + const signature = sign.sign(dsaPkcs8KeyPem, 'hex'); + + const verify = crypto.createVerify('SHA1'); + verify.update(input); + + assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true); +} + + // // Test DSA signing and verification with encrypted key // @@ -253,7 +293,7 @@ const input = 'I AM THE WALRUS'; { // DSA signatures vary across runs so there is no static string to verify - // against + // against. const sign = crypto.createSign('SHA1'); sign.update(input); const signOptions = { key: dsaKeyPemEncrypted, passphrase: 'password' }; -- cgit v1.2.1