From bd5e12764c46f0b754942e471924156df113bd2e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= <tniessen@tnie.de>
Date: Tue, 25 Dec 2018 13:13:52 +0100
Subject: [PATCH 1/4] crypto: always accept private keys as public keys

Some APIs already accept private keys instead of public keys. This
changes all relevant crypto APIs to do so.
---
 doc/api/crypto.md                   | 17 +++++++++++++++++
 lib/internal/crypto/keys.js         |  7 +------
 lib/internal/crypto/sig.js          |  9 +++++----
 src/node_crypto.cc                  | 28 ++--------------------------
 test/parallel/test-crypto-keygen.js | 16 ++++++++++------
 5 files changed, 35 insertions(+), 42 deletions(-)

diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 2ba721d062296f..75f05f1fac7019 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -1369,6 +1369,9 @@ This can be called many times with new data as it is streamed.
 <!-- YAML
 added: v0.1.92
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/???
+    description: The key can now be a private key instead of a public key.
   - version: v8.0.0
     pr-url: https://github.com/nodejs/node/pull/11705
     description: Support for RSASSA-PSS and additional options was added.
@@ -1409,6 +1412,9 @@ The `verify` object can not be used again after `verify.verify()` has been
 called. Multiple calls to `verify.verify()` will result in an error being
 thrown.
 
+Because public keys can be derived from private keys, a private key may
+be passed instead of a public key.
+
 ## `crypto` module methods and properties
 
 ### crypto.constants
@@ -1819,6 +1825,11 @@ must be an object with the properties described above.
 ### crypto.createPublicKey(key)
 <!-- YAML
 added: v11.6.0
+added: REPLACEME
+changes:
+  - version: REPLACEME
+    pr-url: TODO
+    description: The `key` argument can now be a private key.
 -->
 * `key` {Object | string | Buffer}
   - `key`: {string | Buffer}
@@ -1833,6 +1844,12 @@ must be an object with the properties described above.
 
 If the format is `'pem'`, the `'key'` may also be an X.509 certificate.
 
+Because public keys can be derived from private keys, a private key may be
+passed instead of a public key. In that case, this function behaves as if
+[`crypto.createPrivateKey()`][] had been called, except that the type of the
+returned `KeyObject` will be `public` and that the private key cannot be
+extracted from the returned `KeyObject`.
+
 ### crypto.createSecretKey(key)
 <!-- YAML
 added: v11.6.0
diff --git a/lib/internal/crypto/keys.js b/lib/internal/crypto/keys.js
index ad828350806f3a..db7be824ac3e16 100644
--- a/lib/internal/crypto/keys.js
+++ b/lib/internal/crypto/keys.js
@@ -261,10 +261,6 @@ function prepareAsymmetricKey(key, isPublic, allowKeyObject = true) {
   }
 }
 
-function preparePublicKey(key, allowKeyObject) {
-  return prepareAsymmetricKey(key, true, allowKeyObject);
-}
-
 function preparePrivateKey(key, allowKeyObject) {
   return prepareAsymmetricKey(key, false, allowKeyObject);
 }
@@ -300,7 +296,7 @@ function createSecretKey(key) {
 }
 
 function createPublicKey(key) {
-  const { format, type, data } = preparePublicKey(key, false);
+  const { format, type, data } = preparePublicOrPrivateKey(key, false);
   const handle = new KeyObjectHandle(kKeyTypePublic);
   handle.init(data, format, type);
   return new PublicKeyObject(handle);
@@ -326,7 +322,6 @@ module.exports = {
   // These are designed for internal use only and should not be exposed.
   parsePublicKeyEncoding,
   parsePrivateKeyEncoding,
-  preparePublicKey,
   preparePrivateKey,
   preparePublicOrPrivateKey,
   prepareSecretKey,
diff --git a/lib/internal/crypto/sig.js b/lib/internal/crypto/sig.js
index 32f7c37ec271f9..4a0c66f9cf5a70 100644
--- a/lib/internal/crypto/sig.js
+++ b/lib/internal/crypto/sig.js
@@ -19,7 +19,7 @@ const {
 } = require('internal/crypto/util');
 const {
   preparePrivateKey,
-  preparePublicKey
+  preparePublicOrPrivateKey
 } = require('internal/crypto/keys');
 const { Writable } = require('stream');
 
@@ -112,8 +112,9 @@ Verify.prototype.verify = function verify(options, signature, sigEncoding) {
   const {
     data,
     format,
-    type
-  } = preparePublicKey(options, true);
+    type,
+    passphrase
+  } = preparePublicOrPrivateKey(options, true);
 
   sigEncoding = sigEncoding || getDefaultEncoding();
 
@@ -125,7 +126,7 @@ Verify.prototype.verify = function verify(options, signature, sigEncoding) {
   signature = validateArrayBufferView(toBuf(signature, sigEncoding),
                                       'signature');
 
-  return this[kHandle].verify(data, format, type, signature,
+  return this[kHandle].verify(data, format, type, passphrase, signature,
                               rsaPadding, pssSaltLength);
 };
 
diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index ab355688888ee3..ff3713eeecb133 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -3012,30 +3012,6 @@ static PublicKeyEncodingConfig GetPublicKeyEncodingFromJs(
   return result;
 }
 
-static ManagedEVPPKey GetPublicKeyFromJs(
-    const FunctionCallbackInfo<Value>& args,
-    unsigned int* offset,
-    bool allow_key_object) {
-  if (args[*offset]->IsString() || Buffer::HasInstance(args[*offset])) {
-    Environment* env = Environment::GetCurrent(args);
-    ByteSource key = ByteSource::FromStringOrBuffer(env, args[(*offset)++]);
-    PublicKeyEncodingConfig config =
-        GetPublicKeyEncodingFromJs(args, offset, kKeyContextInput);
-    EVPKeyPointer pkey;
-    ParsePublicKey(&pkey, config, key.get(), key.size());
-    if (!pkey)
-      ThrowCryptoError(env, ERR_get_error(), "Failed to read public key");
-    return ManagedEVPPKey(pkey.release());
-  } else {
-    CHECK(args[*offset]->IsObject() && allow_key_object);
-    KeyObject* key;
-    ASSIGN_OR_RETURN_UNWRAP(&key, args[*offset].As<Object>(), ManagedEVPPKey());
-    CHECK_EQ(key->GetKeyType(), kKeyTypePublic);
-    (*offset) += 3;
-    return key->GetAsymmetricKey();
-  }
-}
-
 static NonCopyableMaybe<PrivateKeyEncodingConfig> GetPrivateKeyEncodingFromJs(
     const FunctionCallbackInfo<Value>& args,
     unsigned int* offset,
@@ -3397,7 +3373,7 @@ void KeyObject::Init(const FunctionCallbackInfo<Value>& args) {
     CHECK_EQ(args.Length(), 3);
 
     offset = 0;
-    pkey = GetPublicKeyFromJs(args, &offset, false);
+    pkey = GetPublicOrPrivateKeyFromJs(args, &offset, false);
     if (!pkey)
       return;
     key->InitPublic(pkey);
@@ -4679,7 +4655,7 @@ void Verify::VerifyFinal(const FunctionCallbackInfo<Value>& args) {
   ASSIGN_OR_RETURN_UNWRAP(&verify, args.Holder());
 
   unsigned int offset = 0;
-  ManagedEVPPKey pkey = GetPublicKeyFromJs(args, &offset, true);
+  ManagedEVPPKey pkey = GetPublicOrPrivateKeyFromJs(args, &offset, true);
 
   char* hbuf = Buffer::Data(args[offset]);
   ssize_t hlen = Buffer::Length(args[offset]);
diff --git a/test/parallel/test-crypto-keygen.js b/test/parallel/test-crypto-keygen.js
index 43319c38599ebf..f0dfb635007e07 100644
--- a/test/parallel/test-crypto-keygen.js
+++ b/test/parallel/test-crypto-keygen.js
@@ -31,9 +31,11 @@ function assertApproximateSize(key, expectedSize) {
 function testEncryptDecrypt(publicKey, privateKey) {
   const message = 'Hello Node.js world!';
   const plaintext = Buffer.from(message, 'utf8');
-  const ciphertext = publicEncrypt(publicKey, plaintext);
-  const received = privateDecrypt(privateKey, ciphertext);
-  assert.strictEqual(received.toString('utf8'), message);
+  for (const key of [publicKey, privateKey]) {
+    const ciphertext = publicEncrypt(key, plaintext);
+    const received = privateDecrypt(privateKey, ciphertext);
+    assert.strictEqual(received.toString('utf8'), message);
+  }
 }
 
 // Tests that a key pair can be used for signing / verification.
@@ -41,9 +43,11 @@ function testSignVerify(publicKey, privateKey) {
   const message = 'Hello Node.js world!';
   const signature = createSign('SHA256').update(message)
                                         .sign(privateKey, 'hex');
-  const okay = createVerify('SHA256').update(message)
-                                     .verify(publicKey, signature, 'hex');
-  assert(okay);
+  for (const key of [publicKey, privateKey]) {
+    const okay = createVerify('SHA256').update(message)
+                                       .verify(key, signature, 'hex');
+    assert(okay);
+  }
 }
 
 // Constructs a regular expression for a PEM-encoded key with the given label.

From 8f6040b4f0d0bd764f22cb24ce916f0c785c646f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= <tniessen@tnie.de>
Date: Thu, 3 Jan 2019 20:42:14 +0100
Subject: [PATCH 2/4] fixup! crypto: always accept private keys as public keys

---
 doc/api/crypto.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 75f05f1fac7019..53f0f06e7e64e8 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -1370,7 +1370,7 @@ This can be called many times with new data as it is streamed.
 added: v0.1.92
 changes:
   - version: REPLACEME
-    pr-url: https://github.com/nodejs/node/pull/???
+    pr-url: https://github.com/nodejs/node/pull/25217
     description: The key can now be a private key instead of a public key.
   - version: v8.0.0
     pr-url: https://github.com/nodejs/node/pull/11705
@@ -1828,7 +1828,7 @@ added: v11.6.0
 added: REPLACEME
 changes:
   - version: REPLACEME
-    pr-url: TODO
+    pr-url: https://github.com/nodejs/node/pull/25217
     description: The `key` argument can now be a private key.
 -->
 * `key` {Object | string | Buffer}

From 6602a44ef7c124ebf7637b771146323e6ecc0eaf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= <tniessen@tnie.de>
Date: Fri, 4 Jan 2019 00:11:44 +0100
Subject: [PATCH 3/4] fixup! crypto: always accept private keys as public keys

---
 doc/api/crypto.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 53f0f06e7e64e8..1e10c16172c179 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -1825,7 +1825,6 @@ must be an object with the properties described above.
 ### crypto.createPublicKey(key)
 <!-- YAML
 added: v11.6.0
-added: REPLACEME
 changes:
   - version: REPLACEME
     pr-url: https://github.com/nodejs/node/pull/25217

From 63dabd50d61de7098711995b1d33dc92767ac6a6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= <tniessen@tnie.de>
Date: Mon, 7 Jan 2019 19:03:05 +0100
Subject: [PATCH 4/4] fixup! fixup! crypto: always accept private keys as
 public keys

---
 doc/api/crypto.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 1e10c16172c179..4a3f9a7e3d202f 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -1371,7 +1371,7 @@ added: v0.1.92
 changes:
   - version: REPLACEME
     pr-url: https://github.com/nodejs/node/pull/25217
-    description: The key can now be a private key instead of a public key.
+    description: The key can now be a private key.
   - version: v8.0.0
     pr-url: https://github.com/nodejs/node/pull/11705
     description: Support for RSASSA-PSS and additional options was added.