11cb0ef41Sopenharmony_ci'use strict'; 21cb0ef41Sopenharmony_ci 31cb0ef41Sopenharmony_ciconst common = require('../common'); 41cb0ef41Sopenharmony_ciif (!common.hasCrypto) 51cb0ef41Sopenharmony_ci common.skip('missing crypto'); 61cb0ef41Sopenharmony_ci 71cb0ef41Sopenharmony_ciconst assert = require('assert'); 81cb0ef41Sopenharmony_ciconst { 91cb0ef41Sopenharmony_ci constants, 101cb0ef41Sopenharmony_ci generateKeyPair, 111cb0ef41Sopenharmony_ci} = require('crypto'); 121cb0ef41Sopenharmony_ciconst { 131cb0ef41Sopenharmony_ci testEncryptDecrypt, 141cb0ef41Sopenharmony_ci testSignVerify, 151cb0ef41Sopenharmony_ci} = require('../common/crypto'); 161cb0ef41Sopenharmony_ci 171cb0ef41Sopenharmony_ci// Test RSA-PSS. 181cb0ef41Sopenharmony_ci{ 191cb0ef41Sopenharmony_ci generateKeyPair('rsa-pss', { 201cb0ef41Sopenharmony_ci modulusLength: 512, 211cb0ef41Sopenharmony_ci saltLength: 16, 221cb0ef41Sopenharmony_ci hashAlgorithm: 'sha256', 231cb0ef41Sopenharmony_ci mgf1HashAlgorithm: 'sha256' 241cb0ef41Sopenharmony_ci }, common.mustSucceed((publicKey, privateKey) => { 251cb0ef41Sopenharmony_ci assert.strictEqual(publicKey.type, 'public'); 261cb0ef41Sopenharmony_ci assert.strictEqual(publicKey.asymmetricKeyType, 'rsa-pss'); 271cb0ef41Sopenharmony_ci assert.deepStrictEqual(publicKey.asymmetricKeyDetails, { 281cb0ef41Sopenharmony_ci modulusLength: 512, 291cb0ef41Sopenharmony_ci publicExponent: 65537n, 301cb0ef41Sopenharmony_ci hashAlgorithm: 'sha256', 311cb0ef41Sopenharmony_ci mgf1HashAlgorithm: 'sha256', 321cb0ef41Sopenharmony_ci saltLength: 16 331cb0ef41Sopenharmony_ci }); 341cb0ef41Sopenharmony_ci 351cb0ef41Sopenharmony_ci assert.strictEqual(privateKey.type, 'private'); 361cb0ef41Sopenharmony_ci assert.strictEqual(privateKey.asymmetricKeyType, 'rsa-pss'); 371cb0ef41Sopenharmony_ci assert.deepStrictEqual(privateKey.asymmetricKeyDetails, { 381cb0ef41Sopenharmony_ci modulusLength: 512, 391cb0ef41Sopenharmony_ci publicExponent: 65537n, 401cb0ef41Sopenharmony_ci hashAlgorithm: 'sha256', 411cb0ef41Sopenharmony_ci mgf1HashAlgorithm: 'sha256', 421cb0ef41Sopenharmony_ci saltLength: 16 431cb0ef41Sopenharmony_ci }); 441cb0ef41Sopenharmony_ci 451cb0ef41Sopenharmony_ci // Unlike RSA, RSA-PSS does not allow encryption. 461cb0ef41Sopenharmony_ci assert.throws(() => { 471cb0ef41Sopenharmony_ci testEncryptDecrypt(publicKey, privateKey); 481cb0ef41Sopenharmony_ci }, /operation not supported for this keytype/); 491cb0ef41Sopenharmony_ci 501cb0ef41Sopenharmony_ci // RSA-PSS also does not permit signing with PKCS1 padding. 511cb0ef41Sopenharmony_ci assert.throws(() => { 521cb0ef41Sopenharmony_ci testSignVerify({ 531cb0ef41Sopenharmony_ci key: publicKey, 541cb0ef41Sopenharmony_ci padding: constants.RSA_PKCS1_PADDING 551cb0ef41Sopenharmony_ci }, { 561cb0ef41Sopenharmony_ci key: privateKey, 571cb0ef41Sopenharmony_ci padding: constants.RSA_PKCS1_PADDING 581cb0ef41Sopenharmony_ci }); 591cb0ef41Sopenharmony_ci }, /illegal or unsupported padding mode/); 601cb0ef41Sopenharmony_ci 611cb0ef41Sopenharmony_ci // The padding should correctly default to RSA_PKCS1_PSS_PADDING now. 621cb0ef41Sopenharmony_ci testSignVerify(publicKey, privateKey); 631cb0ef41Sopenharmony_ci })); 641cb0ef41Sopenharmony_ci} 65