test: add test about unencrypted PKCS#8 private key for RSA

PR-URL: #26898 Refs: #24928 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
nodejs · May 16, 2019 · d22b913 · d22b913
1 parent 57469e6
commit d22b913
Show file tree

Hide file tree

Showing 3 changed files with 74 additions and 3 deletions.
diff --git a/test/fixtures/test_dsa_pkcs8_privkey.pem b/test/fixtures/test_dsa_pkcs8_privkey.pem
@@ -0,0 +1,15 @@
+-----BEGIN PRIVATE KEY-----
+MIICZAIBADCCAjkGByqGSM44BAEwggIsAoIBAQC5CYW1vZHbx/Ytm+/m+oseHbre
+kOd40VOSybqo6Us2NysFq+46rNlnR28Lkolg4nv+XK6YTlB3XbEwbibYa1uwCuAE
+io/Zs2rfOpGNwp31Fg3pb8ZhFrnjmhrQhZfRT6bXXw3hvyXitjgQkwIsRL5OUYlQ
+CEIbf+LsogikQez2+xaYYkqUqSYdb48IkVtDTMweWslpDKUmIfH1cy0osqMC97GR
+8EXXvhK7sig2hhHtj+NFGA7majfEFmTd0mafZBlEFodqvkwV1q7TTMrDWgkO2lcc
+2DEMjZ9on9xVszRhNCGIwuFJLhWBKfNZ59X7LUxEfkelpce0Kr5eFmxwN4n3AiEA
+pK7pu7TqHqiIoGDmAyUm71gx3V5T3mNaih8Y/9h7dMsCggEAJNtfC6LqpU84UMz+
+nsxSch/ylDx1lyh3rOGZ9Wn+2tIhahI+hqDwmPeHvymzDHh2QjuXgzeZmo1753CB
+CtYdU0GnumSEEUUCiTBbSsX6Zy0VI4w/Qy3WV5IoXXkF9YsbkC8JhPq9jHLa5Qt5
+59TF+347OFso5ae+XkkZ8C112UyKnYzvniqlbj0Cb4E7FadCzSggC9c2drYE12Mx
+QEEbddAVNty5wpjh3Qd2y8kKPDSn4OCrSIXAL8WDXJk507RL5moqKnwis/3iPUXi
+U7s8QmJP4B8Mn4vDM1O0rORCmz9KXz0f5M0lw39jdA/AG0fNNz86KCFTPdXz/Iz1
+ThphTQQiAiAhjvXffKp1V3nMiUUUsYzS2Msn14bBFiBwSdNgitRwEA==
+-----END PRIVATE KEY-----
diff --git a/test/fixtures/test_rsa_pkcs8_privkey.pem b/test/fixtures/test_rsa_pkcs8_privkey.pem
@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMIUQ0bDffIaKHL3
+akONlCGXQLfqs8mP4K99ILz6rbyHEDXrVAU1R3XfC4JNRyrRB3aqwF7/aEXJzYMI
+kmDSHUvvz7pnhQxHsQ5yl91QT0d/eb+Gz4VRHjm4El4MrUdIUcPxscoPqS/wU8Z8
+lOi1z7bGMnChiL7WGqnV8h6RrGzJAgMBAAECgYEAlHxmQJS/HmTO/6612XtPkyei
+t1PVO+hdckZcrtln5S68w1QJ03ZA9ziwGIBBa8vDVxIq3kOwpnxQROlg/Lyk9iec
+MTPZ0NiJp7D37ESm5vJ5bagfhnHvXCoG04qSrCtdr+nN2mK5xFGOTq8TphjsQEGz
++Du5qdWkaJs5UASyofUCQQDsOSNUfbxYNSB/Weq9+fYqPoJPuchwTeMYmxlnvOVm
+YGYcUM40wtStdH9mbelHmbS0KYGprlEr3m7jXaO3V08jAkEA0lPe/ymeS2HjxtCj
+98p6Xq4RjJuhG0Dn+4e4eRnoVAXs5SQaiByZImW451zm3qEjVWwufRBkSNBkwQ5a
+v7ApIwJBAILiRckSwcC97vug/oe0b8iISfuSnJRdE28WwMTRzOkkkG8v9pEVQnG5
+Er3WOGMLrywDs2wowaDk5dvkjkmPfrECQQCAhPtoU5gEXAaBABCRY0ou/JKApsBl
+FN4sFpykcy5B2XUN92e28DKqkBnSVjREqZYbpoUpqpB85coLJahSJWSdAkBeuWDJ
+IVyL/a54qUgTVCoiItJnxXw6WkUtGdvWnMjtTXJBedMAQVgznrTImXNSk5vVXhxJ
+wZ3frm2JIy/Es69M
+-----END PRIVATE KEY-----
diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js
@@ -21,6 +21,8 @@ const dsaPubPem = fixtures.readSync('test_dsa_pubkey.pem', 'ascii');
 const dsaKeyPem = fixtures.readSync('test_dsa_privkey.pem', 'ascii');
 const dsaKeyPemEncrypted = fixtures.readSync('test_dsa_privkey_encrypted.pem',
                                              'ascii');
+const rsaPkcs8KeyPem = fixtures.readSync('test_rsa_pkcs8_privkey.pem');
+const dsaPkcs8KeyPem = fixtures.readSync('test_dsa_pkcs8_privkey.pem');
 
 const decryptError =
   /^Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt$/;
@@ -35,6 +37,9 @@ const decryptError =
   let decryptedBuffer = crypto.privateDecrypt(rsaKeyPem, encryptedBuffer);
   assert.strictEqual(decryptedBuffer.toString(), input);
 
+  decryptedBuffer = crypto.privateDecrypt(rsaPkcs8KeyPem, encryptedBuffer);
+  assert.strictEqual(decryptedBuffer.toString(), input);
+
   let decryptedBufferWithPassword = crypto.privateDecrypt({
     key: rsaKeyPemEncrypted,
     passphrase: 'password'
@@ -119,11 +124,17 @@ function test_rsa(padding) {
     padding: padding
   }, bufferToEncrypt);
 
-  const decryptedBuffer = crypto.privateDecrypt({
+  let decryptedBuffer = crypto.privateDecrypt({
     key: rsaKeyPem,
     padding: padding
   }, encryptedBuffer);
   assert.deepStrictEqual(decryptedBuffer, input);
+
+  decryptedBuffer = crypto.privateDecrypt({
+    key: rsaPkcs8KeyPem,
+    padding: padding
+  }, encryptedBuffer);
+  assert.deepStrictEqual(decryptedBuffer, input);
 }
 
 test_rsa('RSA_NO_PADDING');
@@ -150,6 +161,16 @@ assert.strictEqual(rsaSignature, expectedSignature);
 rsaVerify.update(rsaPubPem);
 assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true);
 
+// Test RSA PKCS#8 key signing/verification
+rsaSign = crypto.createSign('SHA1');
+rsaSign.update(rsaPubPem);
+rsaSignature = rsaSign.sign(rsaPkcs8KeyPem, 'hex');
+assert.strictEqual(rsaSignature, expectedSignature);
+
+rsaVerify = crypto.createVerify('SHA1');
+rsaVerify.update(rsaPubPem);
+assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true);
+
 // Test RSA key signing/verification with encrypted key
 rsaSign = crypto.createSign('SHA1');
 rsaSign.update(rsaPubPem);
@@ -216,7 +237,7 @@ assert.throws(() => {
   const input = 'I AM THE WALRUS';
 
   // DSA signatures vary across runs so there is no static string to verify
-  // against
+  // against.
   const sign = crypto.createSign('SHA1');
   sign.update(input);
   const signature = sign.sign(dsaKeyPem, 'hex');
@@ -238,6 +259,25 @@ assert.throws(() => {
 }
 
 
+//
+// Test DSA signing and verification with PKCS#8 private key
+//
+{
+  const input = 'I AM THE WALRUS';
+
+  // DSA signatures vary across runs so there is no static string to verify
+  // against.
+  const sign = crypto.createSign('SHA1');
+  sign.update(input);
+  const signature = sign.sign(dsaPkcs8KeyPem, 'hex');
+
+  const verify = crypto.createVerify('SHA1');
+  verify.update(input);
+
+  assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true);
+}
+
+
 //
 // Test DSA signing and verification with encrypted key
 //
@@ -253,7 +293,7 @@ const input = 'I AM THE WALRUS';
 
 {
   // DSA signatures vary across runs so there is no static string to verify
-  // against
+  // against.
   const sign = crypto.createSign('SHA1');
   sign.update(input);
   const signOptions = { key: dsaKeyPemEncrypted, passphrase: 'password' };