11cb0ef41Sopenharmony_ci'use strict';
21cb0ef41Sopenharmony_ci
31cb0ef41Sopenharmony_ciconst common = require('../common');
41cb0ef41Sopenharmony_ciif (!common.hasCrypto)
51cb0ef41Sopenharmony_ci  common.skip('missing crypto');
61cb0ef41Sopenharmony_ci
71cb0ef41Sopenharmony_ciconst assert = require('assert');
81cb0ef41Sopenharmony_ciconst {
91cb0ef41Sopenharmony_ci  generateKeyPair,
101cb0ef41Sopenharmony_ci} = require('crypto');
111cb0ef41Sopenharmony_ciconst {
121cb0ef41Sopenharmony_ci  assertApproximateSize,
131cb0ef41Sopenharmony_ci  testEncryptDecrypt,
141cb0ef41Sopenharmony_ci  testSignVerify,
151cb0ef41Sopenharmony_ci} = require('../common/crypto');
161cb0ef41Sopenharmony_ci
171cb0ef41Sopenharmony_ci// Test async RSA key generation with an encrypted private key, but encoded as DER.
181cb0ef41Sopenharmony_ci{
191cb0ef41Sopenharmony_ci  generateKeyPair('rsa', {
201cb0ef41Sopenharmony_ci    publicExponent: 0x10001,
211cb0ef41Sopenharmony_ci    modulusLength: 512,
221cb0ef41Sopenharmony_ci    publicKeyEncoding: {
231cb0ef41Sopenharmony_ci      type: 'pkcs1',
241cb0ef41Sopenharmony_ci      format: 'der'
251cb0ef41Sopenharmony_ci    },
261cb0ef41Sopenharmony_ci    privateKeyEncoding: {
271cb0ef41Sopenharmony_ci      type: 'pkcs8',
281cb0ef41Sopenharmony_ci      format: 'der',
291cb0ef41Sopenharmony_ci      cipher: 'aes-256-cbc',
301cb0ef41Sopenharmony_ci      passphrase: 'secret'
311cb0ef41Sopenharmony_ci    }
321cb0ef41Sopenharmony_ci  }, common.mustSucceed((publicKeyDER, privateKeyDER) => {
331cb0ef41Sopenharmony_ci    assert(Buffer.isBuffer(publicKeyDER));
341cb0ef41Sopenharmony_ci    assertApproximateSize(publicKeyDER, 74);
351cb0ef41Sopenharmony_ci
361cb0ef41Sopenharmony_ci    assert(Buffer.isBuffer(privateKeyDER));
371cb0ef41Sopenharmony_ci
381cb0ef41Sopenharmony_ci    // Since the private key is encrypted, signing shouldn't work anymore.
391cb0ef41Sopenharmony_ci    const publicKey = {
401cb0ef41Sopenharmony_ci      key: publicKeyDER,
411cb0ef41Sopenharmony_ci      type: 'pkcs1',
421cb0ef41Sopenharmony_ci      format: 'der',
431cb0ef41Sopenharmony_ci    };
441cb0ef41Sopenharmony_ci    assert.throws(() => {
451cb0ef41Sopenharmony_ci      testSignVerify(publicKey, {
461cb0ef41Sopenharmony_ci        key: privateKeyDER,
471cb0ef41Sopenharmony_ci        format: 'der',
481cb0ef41Sopenharmony_ci        type: 'pkcs8'
491cb0ef41Sopenharmony_ci      });
501cb0ef41Sopenharmony_ci    }, {
511cb0ef41Sopenharmony_ci      name: 'TypeError',
521cb0ef41Sopenharmony_ci      code: 'ERR_MISSING_PASSPHRASE',
531cb0ef41Sopenharmony_ci      message: 'Passphrase required for encrypted key'
541cb0ef41Sopenharmony_ci    });
551cb0ef41Sopenharmony_ci
561cb0ef41Sopenharmony_ci    // Signing should work with the correct password.
571cb0ef41Sopenharmony_ci
581cb0ef41Sopenharmony_ci    const privateKey = {
591cb0ef41Sopenharmony_ci      key: privateKeyDER,
601cb0ef41Sopenharmony_ci      format: 'der',
611cb0ef41Sopenharmony_ci      type: 'pkcs8',
621cb0ef41Sopenharmony_ci      passphrase: 'secret'
631cb0ef41Sopenharmony_ci    };
641cb0ef41Sopenharmony_ci    testEncryptDecrypt(publicKey, privateKey);
651cb0ef41Sopenharmony_ci    testSignVerify(publicKey, privateKey);
661cb0ef41Sopenharmony_ci  }));
671cb0ef41Sopenharmony_ci}
68