test: add test about unencrypted PKCS#8 private key for RSA · nodejs/node@80e845e (original) (raw)

`@@ -21,6 +21,8 @@ const dsaPubPem = fixtures.readSync('test_dsa_pubkey.pem', 'ascii');

`

21

21

`const dsaKeyPem = fixtures.readSync('test_dsa_privkey.pem', 'ascii');

`

22

22

`const dsaKeyPemEncrypted = fixtures.readSync('test_dsa_privkey_encrypted.pem',

`

23

23

`'ascii');

`

``

24

`+

const rsaPkcs8KeyPem = fixtures.readSync('test_rsa_pkcs8_privkey.pem');

`

``

25

`+

const dsaPkcs8KeyPem = fixtures.readSync('test_dsa_pkcs8_privkey.pem');

`

24

26

``

25

27

`const decryptError =

`

26

28

`/^Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt$/;

`

`@@ -35,6 +37,9 @@ const decryptError =

`

35

37

`let decryptedBuffer = crypto.privateDecrypt(rsaKeyPem, encryptedBuffer);

`

36

38

`assert.strictEqual(decryptedBuffer.toString(), input);

`

37

39

``

``

40

`+

decryptedBuffer = crypto.privateDecrypt(rsaPkcs8KeyPem, encryptedBuffer);

`

``

41

`+

assert.strictEqual(decryptedBuffer.toString(), input);

`

``

42

+

38

43

`let decryptedBufferWithPassword = crypto.privateDecrypt({

`

39

44

`key: rsaKeyPemEncrypted,

`

40

45

`passphrase: 'password'

`

`@@ -119,11 +124,17 @@ function test_rsa(padding) {

`

119

124

`padding: padding

`

120

125

`}, bufferToEncrypt);

`

121

126

``

122

``

`-

const decryptedBuffer = crypto.privateDecrypt({

`

``

127

`+

let decryptedBuffer = crypto.privateDecrypt({

`

123

128

`key: rsaKeyPem,

`

124

129

`padding: padding

`

125

130

`}, encryptedBuffer);

`

126

131

`assert.deepStrictEqual(decryptedBuffer, input);

`

``

132

+

``

133

`+

decryptedBuffer = crypto.privateDecrypt({

`

``

134

`+

key: rsaPkcs8KeyPem,

`

``

135

`+

padding: padding

`

``

136

`+

}, encryptedBuffer);

`

``

137

`+

assert.deepStrictEqual(decryptedBuffer, input);

`

127

138

`}

`

128

139

``

129

140

`test_rsa('RSA_NO_PADDING');

`

`@@ -150,6 +161,16 @@ assert.strictEqual(rsaSignature, expectedSignature);

`

150

161

`rsaVerify.update(rsaPubPem);

`

151

162

`assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true);

`

152

163

``

``

164

`+

// Test RSA PKCS#8 key signing/verification

`

``

165

`+

rsaSign = crypto.createSign('SHA1');

`

``

166

`+

rsaSign.update(rsaPubPem);

`

``

167

`+

rsaSignature = rsaSign.sign(rsaPkcs8KeyPem, 'hex');

`

``

168

`+

assert.strictEqual(rsaSignature, expectedSignature);

`

``

169

+

``

170

`+

rsaVerify = crypto.createVerify('SHA1');

`

``

171

`+

rsaVerify.update(rsaPubPem);

`

``

172

`+

assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true);

`

``

173

+

153

174

`// Test RSA key signing/verification with encrypted key

`

154

175

`rsaSign = crypto.createSign('SHA1');

`

155

176

`rsaSign.update(rsaPubPem);

`

`@@ -216,7 +237,7 @@ assert.throws(() => {

`

216

237

`const input = 'I AM THE WALRUS';

`

217

238

``

218

239

`// DSA signatures vary across runs so there is no static string to verify

`

219

``

`-

// against

`

``

240

`+

// against.

`

220

241

`const sign = crypto.createSign('SHA1');

`

221

242

`sign.update(input);

`

222

243

`const signature = sign.sign(dsaKeyPem, 'hex');

`

`@@ -238,6 +259,25 @@ assert.throws(() => {

`

238

259

`}

`

239

260

``

240

261

``

``

262

`+

//

`

``

263

`+

// Test DSA signing and verification with PKCS#8 private key

`

``

264

`+

//

`

``

265

`+

{

`

``

266

`+

const input = 'I AM THE WALRUS';

`

``

267

+

``

268

`+

// DSA signatures vary across runs so there is no static string to verify

`

``

269

`+

// against.

`

``

270

`+

const sign = crypto.createSign('SHA1');

`

``

271

`+

sign.update(input);

`

``

272

`+

const signature = sign.sign(dsaPkcs8KeyPem, 'hex');

`

``

273

+

``

274

`+

const verify = crypto.createVerify('SHA1');

`

``

275

`+

verify.update(input);

`

``

276

+

``

277

`+

assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true);

`

``

278

`+

}

`

``

279

+

``

280

+

241

281

`//

`

242

282

`// Test DSA signing and verification with encrypted key

`

243

283

`//

`

`@@ -253,7 +293,7 @@ const input = 'I AM THE WALRUS';

`

253

293

``

254

294

`{

`

255

295

`// DSA signatures vary across runs so there is no static string to verify

`

256

``

`-

// against

`

``

296

`+

// against.

`

257

297

`const sign = crypto.createSign('SHA1');

`

258

298

`sign.update(input);

`

259

299

`const signOptions = { key: dsaKeyPemEncrypted, passphrase: 'password' };

`