11cb0ef41Sopenharmony_ci'use strict';
21cb0ef41Sopenharmony_ciconst common = require('../common');
31cb0ef41Sopenharmony_ciif (!common.hasCrypto)
41cb0ef41Sopenharmony_ci  common.skip('missing crypto');
51cb0ef41Sopenharmony_ci
61cb0ef41Sopenharmony_ciconst assert = require('assert');
71cb0ef41Sopenharmony_ciconst util = require('util');
81cb0ef41Sopenharmony_ciconst crypto = require('crypto');
91cb0ef41Sopenharmony_ciconst fixtures = require('../common/fixtures');
101cb0ef41Sopenharmony_ci
111cb0ef41Sopenharmony_cifunction test(
121cb0ef41Sopenharmony_ci  publicFixture,
131cb0ef41Sopenharmony_ci  privateFixture,
141cb0ef41Sopenharmony_ci  algorithm,
151cb0ef41Sopenharmony_ci  deterministic,
161cb0ef41Sopenharmony_ci  options
171cb0ef41Sopenharmony_ci) {
181cb0ef41Sopenharmony_ci  let publicPem = fixtures.readKey(publicFixture);
191cb0ef41Sopenharmony_ci  let privatePem = fixtures.readKey(privateFixture);
201cb0ef41Sopenharmony_ci  let privateKey = crypto.createPrivateKey(privatePem);
211cb0ef41Sopenharmony_ci  let publicKey = crypto.createPublicKey(publicPem);
221cb0ef41Sopenharmony_ci  const privateDer = {
231cb0ef41Sopenharmony_ci    key: privateKey.export({ format: 'der', type: 'pkcs8' }),
241cb0ef41Sopenharmony_ci    format: 'der',
251cb0ef41Sopenharmony_ci    type: 'pkcs8',
261cb0ef41Sopenharmony_ci    ...options
271cb0ef41Sopenharmony_ci  };
281cb0ef41Sopenharmony_ci  const publicDer = {
291cb0ef41Sopenharmony_ci    key: publicKey.export({ format: 'der', type: 'spki' }),
301cb0ef41Sopenharmony_ci    format: 'der',
311cb0ef41Sopenharmony_ci    type: 'spki',
321cb0ef41Sopenharmony_ci    ...options
331cb0ef41Sopenharmony_ci  };
341cb0ef41Sopenharmony_ci
351cb0ef41Sopenharmony_ci  if (options) {
361cb0ef41Sopenharmony_ci    publicPem = { ...options, key: publicPem };
371cb0ef41Sopenharmony_ci    privatePem = { ...options, key: privatePem };
381cb0ef41Sopenharmony_ci    privateKey = { ...options, key: privateKey };
391cb0ef41Sopenharmony_ci    publicKey = { ...options, key: publicKey };
401cb0ef41Sopenharmony_ci  }
411cb0ef41Sopenharmony_ci
421cb0ef41Sopenharmony_ci  const data = Buffer.from('Hello world');
431cb0ef41Sopenharmony_ci  const expected = crypto.sign(algorithm, data, privateKey);
441cb0ef41Sopenharmony_ci
451cb0ef41Sopenharmony_ci  for (const key of [privatePem, privateKey, privateDer]) {
461cb0ef41Sopenharmony_ci    crypto.sign(algorithm, data, key, common.mustSucceed((actual) => {
471cb0ef41Sopenharmony_ci      if (deterministic) {
481cb0ef41Sopenharmony_ci        assert.deepStrictEqual(actual, expected);
491cb0ef41Sopenharmony_ci      }
501cb0ef41Sopenharmony_ci
511cb0ef41Sopenharmony_ci      assert.strictEqual(
521cb0ef41Sopenharmony_ci        crypto.verify(algorithm, data, key, actual), true);
531cb0ef41Sopenharmony_ci    }));
541cb0ef41Sopenharmony_ci  }
551cb0ef41Sopenharmony_ci
561cb0ef41Sopenharmony_ci  const verifyInputs = [
571cb0ef41Sopenharmony_ci    publicPem, publicKey, publicDer, privatePem, privateKey, privateDer];
581cb0ef41Sopenharmony_ci  for (const key of verifyInputs) {
591cb0ef41Sopenharmony_ci    crypto.verify(algorithm, data, key, expected, common.mustSucceed(
601cb0ef41Sopenharmony_ci      (verified) => assert.strictEqual(verified, true)));
611cb0ef41Sopenharmony_ci
621cb0ef41Sopenharmony_ci    crypto.verify(algorithm, data, key, Buffer.from(''), common.mustSucceed(
631cb0ef41Sopenharmony_ci      (verified) => assert.strictEqual(verified, false)));
641cb0ef41Sopenharmony_ci  }
651cb0ef41Sopenharmony_ci}
661cb0ef41Sopenharmony_ci
671cb0ef41Sopenharmony_ci// RSA w/ default padding
681cb0ef41Sopenharmony_citest('rsa_public.pem', 'rsa_private.pem', 'sha256', true);
691cb0ef41Sopenharmony_citest('rsa_public.pem', 'rsa_private.pem', 'sha256', true,
701cb0ef41Sopenharmony_ci     { padding: crypto.constants.RSA_PKCS1_PADDING });
711cb0ef41Sopenharmony_ci
721cb0ef41Sopenharmony_ci// RSA w/ PSS_PADDING and default saltLength
731cb0ef41Sopenharmony_citest('rsa_public.pem', 'rsa_private.pem', 'sha256', false,
741cb0ef41Sopenharmony_ci     { padding: crypto.constants.RSA_PKCS1_PSS_PADDING });
751cb0ef41Sopenharmony_citest('rsa_public.pem', 'rsa_private.pem', 'sha256', false,
761cb0ef41Sopenharmony_ci     {
771cb0ef41Sopenharmony_ci       padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
781cb0ef41Sopenharmony_ci       saltLength: crypto.constants.RSA_PSS_SALTLEN_MAX_SIGN
791cb0ef41Sopenharmony_ci     });
801cb0ef41Sopenharmony_ci
811cb0ef41Sopenharmony_ci// RSA w/ PSS_PADDING and PSS_SALTLEN_DIGEST
821cb0ef41Sopenharmony_citest('rsa_public.pem', 'rsa_private.pem', 'sha256', false,
831cb0ef41Sopenharmony_ci     {
841cb0ef41Sopenharmony_ci       padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
851cb0ef41Sopenharmony_ci       saltLength: crypto.constants.RSA_PSS_SALTLEN_DIGEST
861cb0ef41Sopenharmony_ci     });
871cb0ef41Sopenharmony_ci
881cb0ef41Sopenharmony_ci// ED25519
891cb0ef41Sopenharmony_citest('ed25519_public.pem', 'ed25519_private.pem', undefined, true);
901cb0ef41Sopenharmony_ci// ED448
911cb0ef41Sopenharmony_citest('ed448_public.pem', 'ed448_private.pem', undefined, true);
921cb0ef41Sopenharmony_ci
931cb0ef41Sopenharmony_ci// ECDSA w/ der signature encoding
941cb0ef41Sopenharmony_citest('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384',
951cb0ef41Sopenharmony_ci     false);
961cb0ef41Sopenharmony_citest('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384',
971cb0ef41Sopenharmony_ci     false, { dsaEncoding: 'der' });
981cb0ef41Sopenharmony_ci
991cb0ef41Sopenharmony_ci// ECDSA w/ ieee-p1363 signature encoding
1001cb0ef41Sopenharmony_citest('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384', false,
1011cb0ef41Sopenharmony_ci     { dsaEncoding: 'ieee-p1363' });
1021cb0ef41Sopenharmony_ci
1031cb0ef41Sopenharmony_ci// DSA w/ der signature encoding
1041cb0ef41Sopenharmony_citest('dsa_public.pem', 'dsa_private.pem', 'sha256',
1051cb0ef41Sopenharmony_ci     false);
1061cb0ef41Sopenharmony_citest('dsa_public.pem', 'dsa_private.pem', 'sha256',
1071cb0ef41Sopenharmony_ci     false, { dsaEncoding: 'der' });
1081cb0ef41Sopenharmony_ci
1091cb0ef41Sopenharmony_ci// DSA w/ ieee-p1363 signature encoding
1101cb0ef41Sopenharmony_citest('dsa_public.pem', 'dsa_private.pem', 'sha256', false,
1111cb0ef41Sopenharmony_ci     { dsaEncoding: 'ieee-p1363' });
1121cb0ef41Sopenharmony_ci
1131cb0ef41Sopenharmony_ci// Test Parallel Execution w/ KeyObject is threadsafe in openssl3
1141cb0ef41Sopenharmony_ci{
1151cb0ef41Sopenharmony_ci  const publicKey = {
1161cb0ef41Sopenharmony_ci    key: crypto.createPublicKey(
1171cb0ef41Sopenharmony_ci      fixtures.readKey('ec_p256_public.pem')),
1181cb0ef41Sopenharmony_ci    dsaEncoding: 'ieee-p1363',
1191cb0ef41Sopenharmony_ci  };
1201cb0ef41Sopenharmony_ci  const privateKey = {
1211cb0ef41Sopenharmony_ci    key: crypto.createPrivateKey(
1221cb0ef41Sopenharmony_ci      fixtures.readKey('ec_p256_private.pem')),
1231cb0ef41Sopenharmony_ci    dsaEncoding: 'ieee-p1363',
1241cb0ef41Sopenharmony_ci  };
1251cb0ef41Sopenharmony_ci
1261cb0ef41Sopenharmony_ci  const sign = util.promisify(crypto.sign);
1271cb0ef41Sopenharmony_ci  const verify = util.promisify(crypto.verify);
1281cb0ef41Sopenharmony_ci
1291cb0ef41Sopenharmony_ci  const data = Buffer.from('hello world');
1301cb0ef41Sopenharmony_ci
1311cb0ef41Sopenharmony_ci  Promise.all([
1321cb0ef41Sopenharmony_ci    sign('sha256', data, privateKey),
1331cb0ef41Sopenharmony_ci    sign('sha256', data, privateKey),
1341cb0ef41Sopenharmony_ci    sign('sha256', data, privateKey),
1351cb0ef41Sopenharmony_ci  ]).then(([signature]) => {
1361cb0ef41Sopenharmony_ci    return Promise.all([
1371cb0ef41Sopenharmony_ci      verify('sha256', data, publicKey, signature),
1381cb0ef41Sopenharmony_ci      verify('sha256', data, publicKey, signature),
1391cb0ef41Sopenharmony_ci      verify('sha256', data, publicKey, signature),
1401cb0ef41Sopenharmony_ci    ]).then(common.mustCall());
1411cb0ef41Sopenharmony_ci  })
1421cb0ef41Sopenharmony_ci  .catch(common.mustNotCall());
1431cb0ef41Sopenharmony_ci}
144