Skip to content

Commit

Permalink
test: add test about unencrypted PKCS#8 private key for RSA
Browse files Browse the repository at this point in the history
PR-URL: #26898
Refs: #24928
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
  • Loading branch information
sasurau4 authored and MylesBorins committed May 16, 2019
1 parent 89dd890 commit 3ac2e3e
Show file tree
Hide file tree
Showing 3 changed files with 74 additions and 3 deletions.
15 changes: 15 additions & 0 deletions test/fixtures/test_dsa_pkcs8_privkey.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
-----BEGIN PRIVATE KEY-----
MIICZAIBADCCAjkGByqGSM44BAEwggIsAoIBAQC5CYW1vZHbx/Ytm+/m+oseHbre
kOd40VOSybqo6Us2NysFq+46rNlnR28Lkolg4nv+XK6YTlB3XbEwbibYa1uwCuAE
io/Zs2rfOpGNwp31Fg3pb8ZhFrnjmhrQhZfRT6bXXw3hvyXitjgQkwIsRL5OUYlQ
CEIbf+LsogikQez2+xaYYkqUqSYdb48IkVtDTMweWslpDKUmIfH1cy0osqMC97GR
8EXXvhK7sig2hhHtj+NFGA7majfEFmTd0mafZBlEFodqvkwV1q7TTMrDWgkO2lcc
2DEMjZ9on9xVszRhNCGIwuFJLhWBKfNZ59X7LUxEfkelpce0Kr5eFmxwN4n3AiEA
pK7pu7TqHqiIoGDmAyUm71gx3V5T3mNaih8Y/9h7dMsCggEAJNtfC6LqpU84UMz+
nsxSch/ylDx1lyh3rOGZ9Wn+2tIhahI+hqDwmPeHvymzDHh2QjuXgzeZmo1753CB
CtYdU0GnumSEEUUCiTBbSsX6Zy0VI4w/Qy3WV5IoXXkF9YsbkC8JhPq9jHLa5Qt5
59TF+347OFso5ae+XkkZ8C112UyKnYzvniqlbj0Cb4E7FadCzSggC9c2drYE12Mx
QEEbddAVNty5wpjh3Qd2y8kKPDSn4OCrSIXAL8WDXJk507RL5moqKnwis/3iPUXi
U7s8QmJP4B8Mn4vDM1O0rORCmz9KXz0f5M0lw39jdA/AG0fNNz86KCFTPdXz/Iz1
ThphTQQiAiAhjvXffKp1V3nMiUUUsYzS2Msn14bBFiBwSdNgitRwEA==
-----END PRIVATE KEY-----
16 changes: 16 additions & 0 deletions test/fixtures/test_rsa_pkcs8_privkey.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
-----BEGIN PRIVATE KEY-----
MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMIUQ0bDffIaKHL3
akONlCGXQLfqs8mP4K99ILz6rbyHEDXrVAU1R3XfC4JNRyrRB3aqwF7/aEXJzYMI
kmDSHUvvz7pnhQxHsQ5yl91QT0d/eb+Gz4VRHjm4El4MrUdIUcPxscoPqS/wU8Z8
lOi1z7bGMnChiL7WGqnV8h6RrGzJAgMBAAECgYEAlHxmQJS/HmTO/6612XtPkyei
t1PVO+hdckZcrtln5S68w1QJ03ZA9ziwGIBBa8vDVxIq3kOwpnxQROlg/Lyk9iec
MTPZ0NiJp7D37ESm5vJ5bagfhnHvXCoG04qSrCtdr+nN2mK5xFGOTq8TphjsQEGz
+Du5qdWkaJs5UASyofUCQQDsOSNUfbxYNSB/Weq9+fYqPoJPuchwTeMYmxlnvOVm
YGYcUM40wtStdH9mbelHmbS0KYGprlEr3m7jXaO3V08jAkEA0lPe/ymeS2HjxtCj
98p6Xq4RjJuhG0Dn+4e4eRnoVAXs5SQaiByZImW451zm3qEjVWwufRBkSNBkwQ5a
v7ApIwJBAILiRckSwcC97vug/oe0b8iISfuSnJRdE28WwMTRzOkkkG8v9pEVQnG5
Er3WOGMLrywDs2wowaDk5dvkjkmPfrECQQCAhPtoU5gEXAaBABCRY0ou/JKApsBl
FN4sFpykcy5B2XUN92e28DKqkBnSVjREqZYbpoUpqpB85coLJahSJWSdAkBeuWDJ
IVyL/a54qUgTVCoiItJnxXw6WkUtGdvWnMjtTXJBedMAQVgznrTImXNSk5vVXhxJ
wZ3frm2JIy/Es69M
-----END PRIVATE KEY-----
46 changes: 43 additions & 3 deletions test/parallel/test-crypto-rsa-dsa.js
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ const dsaPubPem = fixtures.readSync('test_dsa_pubkey.pem', 'ascii');
const dsaKeyPem = fixtures.readSync('test_dsa_privkey.pem', 'ascii');
const dsaKeyPemEncrypted = fixtures.readSync('test_dsa_privkey_encrypted.pem',
'ascii');
const rsaPkcs8KeyPem = fixtures.readSync('test_rsa_pkcs8_privkey.pem');
const dsaPkcs8KeyPem = fixtures.readSync('test_dsa_pkcs8_privkey.pem');

const decryptError =
/^Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt$/;
Expand All @@ -35,6 +37,9 @@ const decryptError =
let decryptedBuffer = crypto.privateDecrypt(rsaKeyPem, encryptedBuffer);
assert.strictEqual(decryptedBuffer.toString(), input);

decryptedBuffer = crypto.privateDecrypt(rsaPkcs8KeyPem, encryptedBuffer);
assert.strictEqual(decryptedBuffer.toString(), input);

let decryptedBufferWithPassword = crypto.privateDecrypt({
key: rsaKeyPemEncrypted,
passphrase: 'password'
Expand Down Expand Up @@ -119,11 +124,17 @@ function test_rsa(padding) {
padding: padding
}, bufferToEncrypt);

const decryptedBuffer = crypto.privateDecrypt({
let decryptedBuffer = crypto.privateDecrypt({
key: rsaKeyPem,
padding: padding
}, encryptedBuffer);
assert.deepStrictEqual(decryptedBuffer, input);

decryptedBuffer = crypto.privateDecrypt({
key: rsaPkcs8KeyPem,
padding: padding
}, encryptedBuffer);
assert.deepStrictEqual(decryptedBuffer, input);
}

test_rsa('RSA_NO_PADDING');
Expand All @@ -150,6 +161,16 @@ assert.strictEqual(rsaSignature, expectedSignature);
rsaVerify.update(rsaPubPem);
assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true);

// Test RSA PKCS#8 key signing/verification
rsaSign = crypto.createSign('SHA1');
rsaSign.update(rsaPubPem);
rsaSignature = rsaSign.sign(rsaPkcs8KeyPem, 'hex');
assert.strictEqual(rsaSignature, expectedSignature);

rsaVerify = crypto.createVerify('SHA1');
rsaVerify.update(rsaPubPem);
assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true);

// Test RSA key signing/verification with encrypted key
rsaSign = crypto.createSign('SHA1');
rsaSign.update(rsaPubPem);
Expand Down Expand Up @@ -216,7 +237,7 @@ assert.throws(() => {
const input = 'I AM THE WALRUS';

// DSA signatures vary across runs so there is no static string to verify
// against
// against.
const sign = crypto.createSign('SHA1');
sign.update(input);
const signature = sign.sign(dsaKeyPem, 'hex');
Expand All @@ -238,6 +259,25 @@ assert.throws(() => {
}


//
// Test DSA signing and verification with PKCS#8 private key
//
{
const input = 'I AM THE WALRUS';

// DSA signatures vary across runs so there is no static string to verify
// against.
const sign = crypto.createSign('SHA1');
sign.update(input);
const signature = sign.sign(dsaPkcs8KeyPem, 'hex');

const verify = crypto.createVerify('SHA1');
verify.update(input);

assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true);
}


//
// Test DSA signing and verification with encrypted key
//
Expand All @@ -253,7 +293,7 @@ const input = 'I AM THE WALRUS';

{
// DSA signatures vary across runs so there is no static string to verify
// against
// against.
const sign = crypto.createSign('SHA1');
sign.update(input);
const signOptions = { key: dsaKeyPemEncrypted, passphrase: 'password' };
Expand Down

0 comments on commit 3ac2e3e

Please sign in to comment.