From 0a0e4c340d09d19a8b8a37eeb7def7c13228c372 Mon Sep 17 00:00:00 2001 From: Daiki Ihara Date: Mon, 25 Mar 2019 12:08:09 +0900 Subject: [PATCH 1/5] test: add test about unencrypted PKCS#8 private key for RSA --- test/fixtures/test_rsa_pkcs8_privkey.pem | 16 ++++++++++++++++ test/parallel/test-crypto-rsa-dsa.js | 22 +++++++++++++++++++++- 2 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 test/fixtures/test_rsa_pkcs8_privkey.pem diff --git a/test/fixtures/test_rsa_pkcs8_privkey.pem b/test/fixtures/test_rsa_pkcs8_privkey.pem new file mode 100644 index 00000000000000..0d8d1e5cdae916 --- /dev/null +++ b/test/fixtures/test_rsa_pkcs8_privkey.pem @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMIUQ0bDffIaKHL3 +akONlCGXQLfqs8mP4K99ILz6rbyHEDXrVAU1R3XfC4JNRyrRB3aqwF7/aEXJzYMI +kmDSHUvvz7pnhQxHsQ5yl91QT0d/eb+Gz4VRHjm4El4MrUdIUcPxscoPqS/wU8Z8 +lOi1z7bGMnChiL7WGqnV8h6RrGzJAgMBAAECgYEAlHxmQJS/HmTO/6612XtPkyei +t1PVO+hdckZcrtln5S68w1QJ03ZA9ziwGIBBa8vDVxIq3kOwpnxQROlg/Lyk9iec +MTPZ0NiJp7D37ESm5vJ5bagfhnHvXCoG04qSrCtdr+nN2mK5xFGOTq8TphjsQEGz ++Du5qdWkaJs5UASyofUCQQDsOSNUfbxYNSB/Weq9+fYqPoJPuchwTeMYmxlnvOVm +YGYcUM40wtStdH9mbelHmbS0KYGprlEr3m7jXaO3V08jAkEA0lPe/ymeS2HjxtCj +98p6Xq4RjJuhG0Dn+4e4eRnoVAXs5SQaiByZImW451zm3qEjVWwufRBkSNBkwQ5a +v7ApIwJBAILiRckSwcC97vug/oe0b8iISfuSnJRdE28WwMTRzOkkkG8v9pEVQnG5 +Er3WOGMLrywDs2wowaDk5dvkjkmPfrECQQCAhPtoU5gEXAaBABCRY0ou/JKApsBl +FN4sFpykcy5B2XUN92e28DKqkBnSVjREqZYbpoUpqpB85coLJahSJWSdAkBeuWDJ +IVyL/a54qUgTVCoiItJnxXw6WkUtGdvWnMjtTXJBedMAQVgznrTImXNSk5vVXhxJ +wZ3frm2JIy/Es69M +-----END PRIVATE KEY----- diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js index 348fd15b74d495..f93969ff3dbfc2 100644 --- a/test/parallel/test-crypto-rsa-dsa.js +++ b/test/parallel/test-crypto-rsa-dsa.js @@ -21,6 +21,7 @@ const dsaPubPem = fixtures.readSync('test_dsa_pubkey.pem', 'ascii'); const dsaKeyPem = fixtures.readSync('test_dsa_privkey.pem', 'ascii'); const dsaKeyPemEncrypted = fixtures.readSync('test_dsa_privkey_encrypted.pem', 'ascii'); +const rsaPkcs8KeyPem = fixtures.readSync('test_rsa_pkcs8_privkey.pem'); const decryptError = /^Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt$/; @@ -35,6 +36,9 @@ const decryptError = let decryptedBuffer = crypto.privateDecrypt(rsaKeyPem, encryptedBuffer); assert.strictEqual(decryptedBuffer.toString(), input); + decryptedBuffer = crypto.privateDecrypt(rsaPkcs8KeyPem, encryptedBuffer); + assert.strictEqual(decryptedBuffer.toString(), input); + let decryptedBufferWithPassword = crypto.privateDecrypt({ key: rsaKeyPemEncrypted, passphrase: 'password' @@ -119,11 +123,17 @@ function test_rsa(padding) { padding: padding }, bufferToEncrypt); - const decryptedBuffer = crypto.privateDecrypt({ + let decryptedBuffer = crypto.privateDecrypt({ key: rsaKeyPem, padding: padding }, encryptedBuffer); assert.deepStrictEqual(decryptedBuffer, input); + + decryptedBuffer = crypto.privateDecrypt({ + key: rsaPkcs8KeyPem, + padding: padding + }, encryptedBuffer); + assert.deepStrictEqual(decryptedBuffer, input); } test_rsa('RSA_NO_PADDING'); @@ -150,6 +160,16 @@ assert.strictEqual(rsaSignature, expectedSignature); rsaVerify.update(rsaPubPem); assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true); +// Test RSA pkcs8 key signing/verification +rsaSign = crypto.createSign('SHA1'); +rsaSign.update(rsaPubPem); +rsaSignature = rsaSign.sign(rsaPkcs8KeyPem, 'hex'); +assert.strictEqual(rsaSignature, expectedSignature); + +rsaVerify = crypto.createVerify('SHA1'); +rsaVerify.update(rsaPubPem); +assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true); + // Test RSA key signing/verification with encrypted key rsaSign = crypto.createSign('SHA1'); rsaSign.update(rsaPubPem); From 57fd106454832c2595f3b50d06b447677b1e0039 Mon Sep 17 00:00:00 2001 From: Daiki Ihara Date: Mon, 25 Mar 2019 12:59:56 +0900 Subject: [PATCH 2/5] test: add test about unencrypted PKCS#8 private key for DSA --- test/fixtures/test_dsa_pkcs8_privkey.pem | 15 ++++++++++++ test/parallel/test-crypto-rsa-dsa.js | 30 ++++++++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 test/fixtures/test_dsa_pkcs8_privkey.pem diff --git a/test/fixtures/test_dsa_pkcs8_privkey.pem b/test/fixtures/test_dsa_pkcs8_privkey.pem new file mode 100644 index 00000000000000..3d15aa1162a97d --- /dev/null +++ b/test/fixtures/test_dsa_pkcs8_privkey.pem @@ -0,0 +1,15 @@ +-----BEGIN PRIVATE KEY----- +MIICZAIBADCCAjkGByqGSM44BAEwggIsAoIBAQC5CYW1vZHbx/Ytm+/m+oseHbre +kOd40VOSybqo6Us2NysFq+46rNlnR28Lkolg4nv+XK6YTlB3XbEwbibYa1uwCuAE +io/Zs2rfOpGNwp31Fg3pb8ZhFrnjmhrQhZfRT6bXXw3hvyXitjgQkwIsRL5OUYlQ +CEIbf+LsogikQez2+xaYYkqUqSYdb48IkVtDTMweWslpDKUmIfH1cy0osqMC97GR +8EXXvhK7sig2hhHtj+NFGA7majfEFmTd0mafZBlEFodqvkwV1q7TTMrDWgkO2lcc +2DEMjZ9on9xVszRhNCGIwuFJLhWBKfNZ59X7LUxEfkelpce0Kr5eFmxwN4n3AiEA +pK7pu7TqHqiIoGDmAyUm71gx3V5T3mNaih8Y/9h7dMsCggEAJNtfC6LqpU84UMz+ +nsxSch/ylDx1lyh3rOGZ9Wn+2tIhahI+hqDwmPeHvymzDHh2QjuXgzeZmo1753CB +CtYdU0GnumSEEUUCiTBbSsX6Zy0VI4w/Qy3WV5IoXXkF9YsbkC8JhPq9jHLa5Qt5 +59TF+347OFso5ae+XkkZ8C112UyKnYzvniqlbj0Cb4E7FadCzSggC9c2drYE12Mx +QEEbddAVNty5wpjh3Qd2y8kKPDSn4OCrSIXAL8WDXJk507RL5moqKnwis/3iPUXi +U7s8QmJP4B8Mn4vDM1O0rORCmz9KXz0f5M0lw39jdA/AG0fNNz86KCFTPdXz/Iz1 +ThphTQQiAiAhjvXffKp1V3nMiUUUsYzS2Msn14bBFiBwSdNgitRwEA== +-----END PRIVATE KEY----- diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js index f93969ff3dbfc2..090037f9a924d3 100644 --- a/test/parallel/test-crypto-rsa-dsa.js +++ b/test/parallel/test-crypto-rsa-dsa.js @@ -22,6 +22,7 @@ const dsaKeyPem = fixtures.readSync('test_dsa_privkey.pem', 'ascii'); const dsaKeyPemEncrypted = fixtures.readSync('test_dsa_privkey_encrypted.pem', 'ascii'); const rsaPkcs8KeyPem = fixtures.readSync('test_rsa_pkcs8_privkey.pem'); +const dsaPkcs8KeyPem = fixtures.readSync('test_dsa_pkcs8_privkey.pem'); const decryptError = /^Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt$/; @@ -258,6 +259,35 @@ assert.throws(() => { } +// +// Test DSA signing and verification with PKCS#8 private key +// +{ + const input = 'I AM THE WALRUS'; + + // DSA signatures vary across runs so there is no static string to verify + // against + const sign = crypto.createSign('SHA1'); + sign.update(input); + const signature = sign.sign(dsaPkcs8KeyPem, 'hex'); + + const verify = crypto.createVerify('SHA1'); + verify.update(input); + + assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true); + + // Test the legacy 'DSS1' name. + const sign2 = crypto.createSign('DSS1'); + sign2.update(input); + const signature2 = sign2.sign(dsaPkcs8KeyPem, 'hex'); + + const verify2 = crypto.createVerify('DSS1'); + verify2.update(input); + + assert.strictEqual(verify2.verify(dsaPubPem, signature2, 'hex'), true); +} + + // // Test DSA signing and verification with encrypted key // From a2dbfb7bc644f39c588febcf36af50c7a587f790 Mon Sep 17 00:00:00 2001 From: Daiki Ihara Date: Tue, 26 Mar 2019 09:53:47 +0900 Subject: [PATCH 3/5] test: remove excess test about unencrypted PKCS#8 private key for DSS1 --- test/parallel/test-crypto-rsa-dsa.js | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js index 090037f9a924d3..d78a1de109d202 100644 --- a/test/parallel/test-crypto-rsa-dsa.js +++ b/test/parallel/test-crypto-rsa-dsa.js @@ -275,16 +275,6 @@ assert.throws(() => { verify.update(input); assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true); - - // Test the legacy 'DSS1' name. - const sign2 = crypto.createSign('DSS1'); - sign2.update(input); - const signature2 = sign2.sign(dsaPkcs8KeyPem, 'hex'); - - const verify2 = crypto.createVerify('DSS1'); - verify2.update(input); - - assert.strictEqual(verify2.verify(dsaPubPem, signature2, 'hex'), true); } From c0211041fdae54e7ad0b2050325680c65be6c4ea Mon Sep 17 00:00:00 2001 From: Daiki Ihara Date: Wed, 27 Mar 2019 08:21:38 +0900 Subject: [PATCH 4/5] test: replace pkcs8 to #PKCS#8 in comments for consistency --- test/parallel/test-crypto-rsa-dsa.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js index d78a1de109d202..0669f1cde5a338 100644 --- a/test/parallel/test-crypto-rsa-dsa.js +++ b/test/parallel/test-crypto-rsa-dsa.js @@ -161,7 +161,7 @@ assert.strictEqual(rsaSignature, expectedSignature); rsaVerify.update(rsaPubPem); assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true); -// Test RSA pkcs8 key signing/verification +// Test RSA PKCS#8 key signing/verification rsaSign = crypto.createSign('SHA1'); rsaSign.update(rsaPubPem); rsaSignature = rsaSign.sign(rsaPkcs8KeyPem, 'hex'); From 4449c10b0afe4283662fa70e7c42e78b1800e4d0 Mon Sep 17 00:00:00 2001 From: Daiki Ihara Date: Wed, 27 Mar 2019 08:26:03 +0900 Subject: [PATCH 5/5] test: add missing period in comments about crypto test --- test/parallel/test-crypto-rsa-dsa.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js index 0669f1cde5a338..589fa57a1c9e77 100644 --- a/test/parallel/test-crypto-rsa-dsa.js +++ b/test/parallel/test-crypto-rsa-dsa.js @@ -237,7 +237,7 @@ assert.throws(() => { const input = 'I AM THE WALRUS'; // DSA signatures vary across runs so there is no static string to verify - // against + // against. const sign = crypto.createSign('SHA1'); sign.update(input); const signature = sign.sign(dsaKeyPem, 'hex'); @@ -266,7 +266,7 @@ assert.throws(() => { const input = 'I AM THE WALRUS'; // DSA signatures vary across runs so there is no static string to verify - // against + // against. const sign = crypto.createSign('SHA1'); sign.update(input); const signature = sign.sign(dsaPkcs8KeyPem, 'hex'); @@ -293,7 +293,7 @@ const input = 'I AM THE WALRUS'; { // DSA signatures vary across runs so there is no static string to verify - // against + // against. const sign = crypto.createSign('SHA1'); sign.update(input); const signOptions = { key: dsaKeyPemEncrypted, passphrase: 'password' };