Skip to content

Commit

Permalink
crypto: fix key requirements in asymmetric cipher
Browse files Browse the repository at this point in the history
PR-URL: #30249
Fixes: #30237
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
  • Loading branch information
tniessen authored and targos committed Dec 1, 2019
1 parent 671e028 commit be0b53d
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 14 deletions.
4 changes: 2 additions & 2 deletions lib/internal/crypto/cipher.js
Original file line number Diff line number Diff line change
Expand Up @@ -66,11 +66,11 @@ function rsaFunctionFor(method, defaultPadding, keyType) {
const publicEncrypt = rsaFunctionFor(_publicEncrypt, RSA_PKCS1_OAEP_PADDING,
'public');
const publicDecrypt = rsaFunctionFor(_publicDecrypt, RSA_PKCS1_PADDING,
'private');
'public');
const privateEncrypt = rsaFunctionFor(_privateEncrypt, RSA_PKCS1_PADDING,
'private');
const privateDecrypt = rsaFunctionFor(_privateDecrypt, RSA_PKCS1_OAEP_PADDING,
'public');
'private');

function getDecoder(decoder, encoding) {
encoding = normalizeEncoding(encoding);
Expand Down
40 changes: 28 additions & 12 deletions test/parallel/test-crypto-key-objects.js
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,10 @@ const {
createPrivateKey,
KeyObject,
randomBytes,
publicDecrypt,
publicEncrypt,
privateDecrypt
privateDecrypt,
privateEncrypt
} = require('crypto');

const fixtures = require('../common/fixtures');
Expand Down Expand Up @@ -156,7 +158,16 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
assert(Buffer.isBuffer(privateDER));

const plaintext = Buffer.from('Hello world', 'utf8');
const ciphertexts = [
const testDecryption = (fn, ciphertexts, decryptionKeys) => {
for (const ciphertext of ciphertexts) {
for (const key of decryptionKeys) {
const deciphered = fn(key, ciphertext);
assert.deepStrictEqual(deciphered, plaintext);
}
}
};

testDecryption(privateDecrypt, [
// Encrypt using the public key.
publicEncrypt(publicKey, plaintext),
publicEncrypt({ key: publicKey }, plaintext),
Expand All @@ -173,20 +184,25 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
// DER-encoded data only.
publicEncrypt({ format: 'der', type: 'pkcs1', key: publicDER }, plaintext),
publicEncrypt({ format: 'der', type: 'pkcs1', key: privateDER }, plaintext)
];

const decryptionKeys = [
], [
privateKey,
{ format: 'pem', key: privatePem },
{ format: 'der', type: 'pkcs1', key: privateDER }
];
]);

for (const ciphertext of ciphertexts) {
for (const key of decryptionKeys) {
const deciphered = privateDecrypt(key, ciphertext);
assert(plaintext.equals(deciphered));
}
}
testDecryption(publicDecrypt, [
privateEncrypt(privateKey, plaintext)
], [
// Decrypt using the public key.
publicKey,
{ format: 'pem', key: publicPem },
{ format: 'der', type: 'pkcs1', key: publicDER },

// Decrypt using the private key.
privateKey,
{ format: 'pem', key: privatePem },
{ format: 'der', type: 'pkcs1', key: privateDER }
]);
}

{
Expand Down

0 comments on commit be0b53d

Please sign in to comment.