crypto: fix output of privateDecrypt with zero-length data

panva · aduh95 · commit 7611fc14de4e · 2025-04-01T11:19:10.000+02:00
closes #57553 closes #57572 closes #57558 PR-URL: #57575 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Darshan Sen <raisinten@gmail.com>
diff --git a/deps/ncrypto/ncrypto.cc b/deps/ncrypto/ncrypto.cc
@@ -215,7 +215,7 @@ Buffer<void> DataPointer::release() {
 DataPointer DataPointer::resize(size_t len) {
   size_t actual_len = std::min(len_, len);
   auto buf = release();
-  if (actual_len == len_) return DataPointer(buf);
+  if (actual_len == len_) return DataPointer(buf.data, actual_len);
   buf.data = OPENSSL_realloc(buf.data, actual_len);
   buf.len = actual_len;
   return DataPointer(buf);
diff --git a/test/parallel/test-crypto-oaep-zero-length.js b/test/parallel/test-crypto-oaep-zero-length.js
@@ -0,0 +1,56 @@
+'use strict';
+const common = require('../common');
+
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const fixtures = require('../common/fixtures');
+const assert = require('assert');
+const crypto = require('crypto');
+
+const { subtle } = globalThis.crypto;
+
+// Regression test for https://github.com/nodejs/node/issues/57553.
+{
+  const privateKey = crypto.createPrivateKey(fixtures.readKey('rsa_private.pem', 'ascii'));
+  const publicKey = crypto.createPublicKey(fixtures.readKey('rsa_public.pem', 'ascii'));
+
+  const data = Buffer.alloc(0);
+  {
+
+    const ciphertext = crypto.publicEncrypt({
+      padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
+      key: publicKey,
+    }, data);
+
+    const plaintext = crypto.privateDecrypt({
+      padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
+      key: privateKey
+    }, ciphertext);
+
+    assert.deepStrictEqual(plaintext, data);
+  }
+
+  {
+    const ciphertext = crypto.publicEncrypt(publicKey, data);
+    const plaintext = crypto.privateDecrypt(privateKey, ciphertext);
+
+    assert.deepStrictEqual(plaintext, data);
+  }
+
+  {
+    (async () => {
+      const pkcs8 = privateKey.export({ format: 'der', type: 'pkcs8' });
+      const spki = publicKey.export({ format: 'der', type: 'spki' });
+
+      const kp = {
+        privateKey: await subtle.importKey('pkcs8', pkcs8, { name: 'RSA-OAEP', hash: 'SHA-1' }, false, ['decrypt']),
+        publicKey: await subtle.importKey('spki', spki, { name: 'RSA-OAEP', hash: 'SHA-1' }, false, ['encrypt']),
+      };
+
+      const ciphertext = await subtle.encrypt('RSA-OAEP', kp.publicKey, data);
+      const plaintext = await subtle.decrypt('RSA-OAEP', kp.privateKey, ciphertext);
+      assert.deepStrictEqual(plaintext, data.buffer);
+    })().then(common.mustCall());
+  }
+}
