11cb0ef41Sopenharmony_ci'use strict'; 21cb0ef41Sopenharmony_ciconst common = require('../common'); 31cb0ef41Sopenharmony_ciif (!common.hasCrypto) 41cb0ef41Sopenharmony_ci common.skip('missing crypto'); 51cb0ef41Sopenharmony_ci 61cb0ef41Sopenharmony_ciconst assert = require('assert'); 71cb0ef41Sopenharmony_ciconst crypto = require('crypto'); 81cb0ef41Sopenharmony_ci 91cb0ef41Sopenharmony_ciconst constants = crypto.constants; 101cb0ef41Sopenharmony_ci 111cb0ef41Sopenharmony_ciconst fixtures = require('../common/fixtures'); 121cb0ef41Sopenharmony_ci 131cb0ef41Sopenharmony_ci// Test certificates 141cb0ef41Sopenharmony_ciconst certPem = fixtures.readKey('rsa_cert.crt'); 151cb0ef41Sopenharmony_ciconst keyPem = fixtures.readKey('rsa_private.pem'); 161cb0ef41Sopenharmony_ciconst rsaKeySize = 2048; 171cb0ef41Sopenharmony_ciconst rsaPubPem = fixtures.readKey('rsa_public.pem', 'ascii'); 181cb0ef41Sopenharmony_ciconst rsaKeyPem = fixtures.readKey('rsa_private.pem', 'ascii'); 191cb0ef41Sopenharmony_ciconst rsaKeyPemEncrypted = fixtures.readKey('rsa_private_encrypted.pem', 201cb0ef41Sopenharmony_ci 'ascii'); 211cb0ef41Sopenharmony_ciconst dsaPubPem = fixtures.readKey('dsa_public.pem', 'ascii'); 221cb0ef41Sopenharmony_ciconst dsaKeyPem = fixtures.readKey('dsa_private.pem', 'ascii'); 231cb0ef41Sopenharmony_ciconst dsaKeyPemEncrypted = fixtures.readKey('dsa_private_encrypted.pem', 241cb0ef41Sopenharmony_ci 'ascii'); 251cb0ef41Sopenharmony_ciconst rsaPkcs8KeyPem = fixtures.readKey('rsa_private_pkcs8.pem'); 261cb0ef41Sopenharmony_ciconst dsaPkcs8KeyPem = fixtures.readKey('dsa_private_pkcs8.pem'); 271cb0ef41Sopenharmony_ci 281cb0ef41Sopenharmony_ciconst ec = new TextEncoder(); 291cb0ef41Sopenharmony_ci 301cb0ef41Sopenharmony_ciconst openssl1DecryptError = { 311cb0ef41Sopenharmony_ci message: 'error:06065064:digital envelope routines:EVP_DecryptFinal_ex:' + 321cb0ef41Sopenharmony_ci 'bad decrypt', 331cb0ef41Sopenharmony_ci code: 'ERR_OSSL_EVP_BAD_DECRYPT', 341cb0ef41Sopenharmony_ci reason: 'bad decrypt', 351cb0ef41Sopenharmony_ci function: 'EVP_DecryptFinal_ex', 361cb0ef41Sopenharmony_ci library: 'digital envelope routines', 371cb0ef41Sopenharmony_ci}; 381cb0ef41Sopenharmony_ci 391cb0ef41Sopenharmony_ciconst decryptError = common.hasOpenSSL3 ? 401cb0ef41Sopenharmony_ci { message: 'error:1C800064:Provider routines::bad decrypt' } : 411cb0ef41Sopenharmony_ci openssl1DecryptError; 421cb0ef41Sopenharmony_ci 431cb0ef41Sopenharmony_ciconst decryptPrivateKeyError = common.hasOpenSSL3 ? { 441cb0ef41Sopenharmony_ci message: 'error:1C800064:Provider routines::bad decrypt', 451cb0ef41Sopenharmony_ci} : openssl1DecryptError; 461cb0ef41Sopenharmony_ci 471cb0ef41Sopenharmony_cifunction getBufferCopy(buf) { 481cb0ef41Sopenharmony_ci return buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.byteLength); 491cb0ef41Sopenharmony_ci} 501cb0ef41Sopenharmony_ci 511cb0ef41Sopenharmony_ci// Test RSA encryption/decryption 521cb0ef41Sopenharmony_ci{ 531cb0ef41Sopenharmony_ci const input = 'I AM THE WALRUS'; 541cb0ef41Sopenharmony_ci const bufferToEncrypt = Buffer.from(input); 551cb0ef41Sopenharmony_ci const bufferPassword = Buffer.from('password'); 561cb0ef41Sopenharmony_ci 571cb0ef41Sopenharmony_ci let encryptedBuffer = crypto.publicEncrypt(rsaPubPem, bufferToEncrypt); 581cb0ef41Sopenharmony_ci 591cb0ef41Sopenharmony_ci // Test other input types 601cb0ef41Sopenharmony_ci let otherEncrypted; 611cb0ef41Sopenharmony_ci { 621cb0ef41Sopenharmony_ci const ab = getBufferCopy(ec.encode(rsaPubPem)); 631cb0ef41Sopenharmony_ci const ab2enc = getBufferCopy(bufferToEncrypt); 641cb0ef41Sopenharmony_ci 651cb0ef41Sopenharmony_ci crypto.publicEncrypt(ab, ab2enc); 661cb0ef41Sopenharmony_ci crypto.publicEncrypt(new Uint8Array(ab), new Uint8Array(ab2enc)); 671cb0ef41Sopenharmony_ci crypto.publicEncrypt(new DataView(ab), new DataView(ab2enc)); 681cb0ef41Sopenharmony_ci otherEncrypted = crypto.publicEncrypt({ 691cb0ef41Sopenharmony_ci key: Buffer.from(ab).toString('hex'), 701cb0ef41Sopenharmony_ci encoding: 'hex' 711cb0ef41Sopenharmony_ci }, Buffer.from(ab2enc).toString('hex')); 721cb0ef41Sopenharmony_ci } 731cb0ef41Sopenharmony_ci 741cb0ef41Sopenharmony_ci let decryptedBuffer = crypto.privateDecrypt(rsaKeyPem, encryptedBuffer); 751cb0ef41Sopenharmony_ci const otherDecrypted = crypto.privateDecrypt(rsaKeyPem, otherEncrypted); 761cb0ef41Sopenharmony_ci assert.strictEqual(decryptedBuffer.toString(), input); 771cb0ef41Sopenharmony_ci assert.strictEqual(otherDecrypted.toString(), input); 781cb0ef41Sopenharmony_ci 791cb0ef41Sopenharmony_ci decryptedBuffer = crypto.privateDecrypt(rsaPkcs8KeyPem, encryptedBuffer); 801cb0ef41Sopenharmony_ci assert.strictEqual(decryptedBuffer.toString(), input); 811cb0ef41Sopenharmony_ci 821cb0ef41Sopenharmony_ci let decryptedBufferWithPassword = crypto.privateDecrypt({ 831cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 841cb0ef41Sopenharmony_ci passphrase: 'password' 851cb0ef41Sopenharmony_ci }, encryptedBuffer); 861cb0ef41Sopenharmony_ci 871cb0ef41Sopenharmony_ci const otherDecryptedBufferWithPassword = crypto.privateDecrypt({ 881cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 891cb0ef41Sopenharmony_ci passphrase: ec.encode('password') 901cb0ef41Sopenharmony_ci }, encryptedBuffer); 911cb0ef41Sopenharmony_ci 921cb0ef41Sopenharmony_ci assert.strictEqual( 931cb0ef41Sopenharmony_ci otherDecryptedBufferWithPassword.toString(), 941cb0ef41Sopenharmony_ci decryptedBufferWithPassword.toString()); 951cb0ef41Sopenharmony_ci 961cb0ef41Sopenharmony_ci decryptedBufferWithPassword = crypto.privateDecrypt({ 971cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 981cb0ef41Sopenharmony_ci passphrase: 'password' 991cb0ef41Sopenharmony_ci }, encryptedBuffer); 1001cb0ef41Sopenharmony_ci 1011cb0ef41Sopenharmony_ci assert.strictEqual(decryptedBufferWithPassword.toString(), input); 1021cb0ef41Sopenharmony_ci 1031cb0ef41Sopenharmony_ci encryptedBuffer = crypto.publicEncrypt({ 1041cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1051cb0ef41Sopenharmony_ci passphrase: 'password' 1061cb0ef41Sopenharmony_ci }, bufferToEncrypt); 1071cb0ef41Sopenharmony_ci 1081cb0ef41Sopenharmony_ci decryptedBufferWithPassword = crypto.privateDecrypt({ 1091cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1101cb0ef41Sopenharmony_ci passphrase: 'password' 1111cb0ef41Sopenharmony_ci }, encryptedBuffer); 1121cb0ef41Sopenharmony_ci assert.strictEqual(decryptedBufferWithPassword.toString(), input); 1131cb0ef41Sopenharmony_ci 1141cb0ef41Sopenharmony_ci encryptedBuffer = crypto.privateEncrypt({ 1151cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1161cb0ef41Sopenharmony_ci passphrase: bufferPassword 1171cb0ef41Sopenharmony_ci }, bufferToEncrypt); 1181cb0ef41Sopenharmony_ci 1191cb0ef41Sopenharmony_ci decryptedBufferWithPassword = crypto.publicDecrypt({ 1201cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1211cb0ef41Sopenharmony_ci passphrase: bufferPassword 1221cb0ef41Sopenharmony_ci }, encryptedBuffer); 1231cb0ef41Sopenharmony_ci assert.strictEqual(decryptedBufferWithPassword.toString(), input); 1241cb0ef41Sopenharmony_ci 1251cb0ef41Sopenharmony_ci // Now with explicit RSA_PKCS1_PADDING. 1261cb0ef41Sopenharmony_ci encryptedBuffer = crypto.privateEncrypt({ 1271cb0ef41Sopenharmony_ci padding: crypto.constants.RSA_PKCS1_PADDING, 1281cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1291cb0ef41Sopenharmony_ci passphrase: bufferPassword 1301cb0ef41Sopenharmony_ci }, bufferToEncrypt); 1311cb0ef41Sopenharmony_ci 1321cb0ef41Sopenharmony_ci decryptedBufferWithPassword = crypto.publicDecrypt({ 1331cb0ef41Sopenharmony_ci padding: crypto.constants.RSA_PKCS1_PADDING, 1341cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1351cb0ef41Sopenharmony_ci passphrase: bufferPassword 1361cb0ef41Sopenharmony_ci }, encryptedBuffer); 1371cb0ef41Sopenharmony_ci assert.strictEqual(decryptedBufferWithPassword.toString(), input); 1381cb0ef41Sopenharmony_ci 1391cb0ef41Sopenharmony_ci // Omitting padding should be okay because RSA_PKCS1_PADDING is the default. 1401cb0ef41Sopenharmony_ci decryptedBufferWithPassword = crypto.publicDecrypt({ 1411cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1421cb0ef41Sopenharmony_ci passphrase: bufferPassword 1431cb0ef41Sopenharmony_ci }, encryptedBuffer); 1441cb0ef41Sopenharmony_ci assert.strictEqual(decryptedBufferWithPassword.toString(), input); 1451cb0ef41Sopenharmony_ci 1461cb0ef41Sopenharmony_ci // Now with RSA_NO_PADDING. Plaintext needs to match key size. 1471cb0ef41Sopenharmony_ci // OpenSSL 3.x has a rsa_check_padding that will cause an error if 1481cb0ef41Sopenharmony_ci // RSA_NO_PADDING is used. 1491cb0ef41Sopenharmony_ci if (!common.hasOpenSSL3) { 1501cb0ef41Sopenharmony_ci { 1511cb0ef41Sopenharmony_ci const plaintext = 'x'.repeat(rsaKeySize / 8); 1521cb0ef41Sopenharmony_ci encryptedBuffer = crypto.privateEncrypt({ 1531cb0ef41Sopenharmony_ci padding: crypto.constants.RSA_NO_PADDING, 1541cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1551cb0ef41Sopenharmony_ci passphrase: bufferPassword 1561cb0ef41Sopenharmony_ci }, Buffer.from(plaintext)); 1571cb0ef41Sopenharmony_ci 1581cb0ef41Sopenharmony_ci decryptedBufferWithPassword = crypto.publicDecrypt({ 1591cb0ef41Sopenharmony_ci padding: crypto.constants.RSA_NO_PADDING, 1601cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1611cb0ef41Sopenharmony_ci passphrase: bufferPassword 1621cb0ef41Sopenharmony_ci }, encryptedBuffer); 1631cb0ef41Sopenharmony_ci assert.strictEqual(decryptedBufferWithPassword.toString(), plaintext); 1641cb0ef41Sopenharmony_ci } 1651cb0ef41Sopenharmony_ci } 1661cb0ef41Sopenharmony_ci 1671cb0ef41Sopenharmony_ci encryptedBuffer = crypto.publicEncrypt(certPem, bufferToEncrypt); 1681cb0ef41Sopenharmony_ci 1691cb0ef41Sopenharmony_ci decryptedBuffer = crypto.privateDecrypt(keyPem, encryptedBuffer); 1701cb0ef41Sopenharmony_ci assert.strictEqual(decryptedBuffer.toString(), input); 1711cb0ef41Sopenharmony_ci 1721cb0ef41Sopenharmony_ci encryptedBuffer = crypto.publicEncrypt(keyPem, bufferToEncrypt); 1731cb0ef41Sopenharmony_ci 1741cb0ef41Sopenharmony_ci decryptedBuffer = crypto.privateDecrypt(keyPem, encryptedBuffer); 1751cb0ef41Sopenharmony_ci assert.strictEqual(decryptedBuffer.toString(), input); 1761cb0ef41Sopenharmony_ci 1771cb0ef41Sopenharmony_ci encryptedBuffer = crypto.privateEncrypt(keyPem, bufferToEncrypt); 1781cb0ef41Sopenharmony_ci 1791cb0ef41Sopenharmony_ci decryptedBuffer = crypto.publicDecrypt(keyPem, encryptedBuffer); 1801cb0ef41Sopenharmony_ci assert.strictEqual(decryptedBuffer.toString(), input); 1811cb0ef41Sopenharmony_ci 1821cb0ef41Sopenharmony_ci assert.throws(() => { 1831cb0ef41Sopenharmony_ci crypto.privateDecrypt({ 1841cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1851cb0ef41Sopenharmony_ci passphrase: 'wrong' 1861cb0ef41Sopenharmony_ci }, bufferToEncrypt); 1871cb0ef41Sopenharmony_ci }, decryptError); 1881cb0ef41Sopenharmony_ci 1891cb0ef41Sopenharmony_ci assert.throws(() => { 1901cb0ef41Sopenharmony_ci crypto.publicEncrypt({ 1911cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1921cb0ef41Sopenharmony_ci passphrase: 'wrong' 1931cb0ef41Sopenharmony_ci }, encryptedBuffer); 1941cb0ef41Sopenharmony_ci }, decryptError); 1951cb0ef41Sopenharmony_ci 1961cb0ef41Sopenharmony_ci encryptedBuffer = crypto.privateEncrypt({ 1971cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 1981cb0ef41Sopenharmony_ci passphrase: Buffer.from('password') 1991cb0ef41Sopenharmony_ci }, bufferToEncrypt); 2001cb0ef41Sopenharmony_ci 2011cb0ef41Sopenharmony_ci assert.throws(() => { 2021cb0ef41Sopenharmony_ci crypto.publicDecrypt({ 2031cb0ef41Sopenharmony_ci key: rsaKeyPemEncrypted, 2041cb0ef41Sopenharmony_ci passphrase: Buffer.from('wrong') 2051cb0ef41Sopenharmony_ci }, encryptedBuffer); 2061cb0ef41Sopenharmony_ci }, decryptError); 2071cb0ef41Sopenharmony_ci} 2081cb0ef41Sopenharmony_ci 2091cb0ef41Sopenharmony_cifunction test_rsa(padding, encryptOaepHash, decryptOaepHash) { 2101cb0ef41Sopenharmony_ci const size = (padding === 'RSA_NO_PADDING') ? rsaKeySize / 8 : 32; 2111cb0ef41Sopenharmony_ci const input = Buffer.allocUnsafe(size); 2121cb0ef41Sopenharmony_ci for (let i = 0; i < input.length; i++) 2131cb0ef41Sopenharmony_ci input[i] = (i * 7 + 11) & 0xff; 2141cb0ef41Sopenharmony_ci const bufferToEncrypt = Buffer.from(input); 2151cb0ef41Sopenharmony_ci 2161cb0ef41Sopenharmony_ci padding = constants[padding]; 2171cb0ef41Sopenharmony_ci 2181cb0ef41Sopenharmony_ci const encryptedBuffer = crypto.publicEncrypt({ 2191cb0ef41Sopenharmony_ci key: rsaPubPem, 2201cb0ef41Sopenharmony_ci padding: padding, 2211cb0ef41Sopenharmony_ci oaepHash: encryptOaepHash 2221cb0ef41Sopenharmony_ci }, bufferToEncrypt); 2231cb0ef41Sopenharmony_ci 2241cb0ef41Sopenharmony_ci 2251cb0ef41Sopenharmony_ci if (padding === constants.RSA_PKCS1_PADDING) { 2261cb0ef41Sopenharmony_ci assert.throws(() => { 2271cb0ef41Sopenharmony_ci crypto.privateDecrypt({ 2281cb0ef41Sopenharmony_ci key: rsaKeyPem, 2291cb0ef41Sopenharmony_ci padding: padding, 2301cb0ef41Sopenharmony_ci oaepHash: decryptOaepHash 2311cb0ef41Sopenharmony_ci }, encryptedBuffer); 2321cb0ef41Sopenharmony_ci }, { code: 'ERR_INVALID_ARG_VALUE' }); 2331cb0ef41Sopenharmony_ci assert.throws(() => { 2341cb0ef41Sopenharmony_ci crypto.privateDecrypt({ 2351cb0ef41Sopenharmony_ci key: rsaPkcs8KeyPem, 2361cb0ef41Sopenharmony_ci padding: padding, 2371cb0ef41Sopenharmony_ci oaepHash: decryptOaepHash 2381cb0ef41Sopenharmony_ci }, encryptedBuffer); 2391cb0ef41Sopenharmony_ci }, { code: 'ERR_INVALID_ARG_VALUE' }); 2401cb0ef41Sopenharmony_ci } else { 2411cb0ef41Sopenharmony_ci let decryptedBuffer = crypto.privateDecrypt({ 2421cb0ef41Sopenharmony_ci key: rsaKeyPem, 2431cb0ef41Sopenharmony_ci padding: padding, 2441cb0ef41Sopenharmony_ci oaepHash: decryptOaepHash 2451cb0ef41Sopenharmony_ci }, encryptedBuffer); 2461cb0ef41Sopenharmony_ci assert.deepStrictEqual(decryptedBuffer, input); 2471cb0ef41Sopenharmony_ci 2481cb0ef41Sopenharmony_ci decryptedBuffer = crypto.privateDecrypt({ 2491cb0ef41Sopenharmony_ci key: rsaPkcs8KeyPem, 2501cb0ef41Sopenharmony_ci padding: padding, 2511cb0ef41Sopenharmony_ci oaepHash: decryptOaepHash 2521cb0ef41Sopenharmony_ci }, encryptedBuffer); 2531cb0ef41Sopenharmony_ci assert.deepStrictEqual(decryptedBuffer, input); 2541cb0ef41Sopenharmony_ci } 2551cb0ef41Sopenharmony_ci} 2561cb0ef41Sopenharmony_ci 2571cb0ef41Sopenharmony_citest_rsa('RSA_NO_PADDING'); 2581cb0ef41Sopenharmony_citest_rsa('RSA_PKCS1_PADDING'); 2591cb0ef41Sopenharmony_citest_rsa('RSA_PKCS1_OAEP_PADDING'); 2601cb0ef41Sopenharmony_ci 2611cb0ef41Sopenharmony_ci// Test OAEP with different hash functions. 2621cb0ef41Sopenharmony_citest_rsa('RSA_PKCS1_OAEP_PADDING', undefined, 'sha1'); 2631cb0ef41Sopenharmony_citest_rsa('RSA_PKCS1_OAEP_PADDING', 'sha1', undefined); 2641cb0ef41Sopenharmony_citest_rsa('RSA_PKCS1_OAEP_PADDING', 'sha256', 'sha256'); 2651cb0ef41Sopenharmony_citest_rsa('RSA_PKCS1_OAEP_PADDING', 'sha512', 'sha512'); 2661cb0ef41Sopenharmony_ciassert.throws(() => { 2671cb0ef41Sopenharmony_ci test_rsa('RSA_PKCS1_OAEP_PADDING', 'sha256', 'sha512'); 2681cb0ef41Sopenharmony_ci}, { 2691cb0ef41Sopenharmony_ci code: 'ERR_OSSL_RSA_OAEP_DECODING_ERROR' 2701cb0ef41Sopenharmony_ci}); 2711cb0ef41Sopenharmony_ci 2721cb0ef41Sopenharmony_ci// The following RSA-OAEP test cases were created using the WebCrypto API to 2731cb0ef41Sopenharmony_ci// ensure compatibility when using non-SHA1 hash functions. 2741cb0ef41Sopenharmony_ci{ 2751cb0ef41Sopenharmony_ci const { decryptionTests } = 2761cb0ef41Sopenharmony_ci JSON.parse(fixtures.readSync('rsa-oaep-test-vectors.js', 'utf8')); 2771cb0ef41Sopenharmony_ci 2781cb0ef41Sopenharmony_ci for (const { ct, oaepHash, oaepLabel } of decryptionTests) { 2791cb0ef41Sopenharmony_ci const label = oaepLabel ? Buffer.from(oaepLabel, 'hex') : undefined; 2801cb0ef41Sopenharmony_ci const copiedLabel = oaepLabel ? getBufferCopy(label) : undefined; 2811cb0ef41Sopenharmony_ci 2821cb0ef41Sopenharmony_ci const decrypted = crypto.privateDecrypt({ 2831cb0ef41Sopenharmony_ci key: rsaPkcs8KeyPem, 2841cb0ef41Sopenharmony_ci oaepHash, 2851cb0ef41Sopenharmony_ci oaepLabel: oaepLabel ? label : undefined 2861cb0ef41Sopenharmony_ci }, Buffer.from(ct, 'hex')); 2871cb0ef41Sopenharmony_ci 2881cb0ef41Sopenharmony_ci assert.strictEqual(decrypted.toString('utf8'), 'Hello Node.js'); 2891cb0ef41Sopenharmony_ci 2901cb0ef41Sopenharmony_ci const otherDecrypted = crypto.privateDecrypt({ 2911cb0ef41Sopenharmony_ci key: rsaPkcs8KeyPem, 2921cb0ef41Sopenharmony_ci oaepHash, 2931cb0ef41Sopenharmony_ci oaepLabel: copiedLabel 2941cb0ef41Sopenharmony_ci }, Buffer.from(ct, 'hex')); 2951cb0ef41Sopenharmony_ci 2961cb0ef41Sopenharmony_ci assert.strictEqual(otherDecrypted.toString('utf8'), 'Hello Node.js'); 2971cb0ef41Sopenharmony_ci } 2981cb0ef41Sopenharmony_ci} 2991cb0ef41Sopenharmony_ci 3001cb0ef41Sopenharmony_ci// Test invalid oaepHash and oaepLabel options. 3011cb0ef41Sopenharmony_cifor (const fn of [crypto.publicEncrypt, crypto.privateDecrypt]) { 3021cb0ef41Sopenharmony_ci assert.throws(() => { 3031cb0ef41Sopenharmony_ci fn({ 3041cb0ef41Sopenharmony_ci key: rsaPubPem, 3051cb0ef41Sopenharmony_ci oaepHash: 'Hello world' 3061cb0ef41Sopenharmony_ci }, Buffer.alloc(10)); 3071cb0ef41Sopenharmony_ci }, { 3081cb0ef41Sopenharmony_ci code: 'ERR_OSSL_EVP_INVALID_DIGEST' 3091cb0ef41Sopenharmony_ci }); 3101cb0ef41Sopenharmony_ci 3111cb0ef41Sopenharmony_ci for (const oaepHash of [0, false, null, Symbol(), () => {}]) { 3121cb0ef41Sopenharmony_ci assert.throws(() => { 3131cb0ef41Sopenharmony_ci fn({ 3141cb0ef41Sopenharmony_ci key: rsaPubPem, 3151cb0ef41Sopenharmony_ci oaepHash 3161cb0ef41Sopenharmony_ci }, Buffer.alloc(10)); 3171cb0ef41Sopenharmony_ci }, { 3181cb0ef41Sopenharmony_ci code: 'ERR_INVALID_ARG_TYPE' 3191cb0ef41Sopenharmony_ci }); 3201cb0ef41Sopenharmony_ci } 3211cb0ef41Sopenharmony_ci 3221cb0ef41Sopenharmony_ci for (const oaepLabel of [0, false, null, Symbol(), () => {}, {}]) { 3231cb0ef41Sopenharmony_ci assert.throws(() => { 3241cb0ef41Sopenharmony_ci fn({ 3251cb0ef41Sopenharmony_ci key: rsaPubPem, 3261cb0ef41Sopenharmony_ci oaepLabel 3271cb0ef41Sopenharmony_ci }, Buffer.alloc(10)); 3281cb0ef41Sopenharmony_ci }, { 3291cb0ef41Sopenharmony_ci code: 'ERR_INVALID_ARG_TYPE' 3301cb0ef41Sopenharmony_ci }); 3311cb0ef41Sopenharmony_ci } 3321cb0ef41Sopenharmony_ci} 3331cb0ef41Sopenharmony_ci 3341cb0ef41Sopenharmony_ci// Test RSA key signing/verification 3351cb0ef41Sopenharmony_cilet rsaSign = crypto.createSign('SHA1'); 3361cb0ef41Sopenharmony_cilet rsaVerify = crypto.createVerify('SHA1'); 3371cb0ef41Sopenharmony_ciassert.ok(rsaSign); 3381cb0ef41Sopenharmony_ciassert.ok(rsaVerify); 3391cb0ef41Sopenharmony_ci 3401cb0ef41Sopenharmony_ciconst expectedSignature = fixtures.readKey( 3411cb0ef41Sopenharmony_ci 'rsa_public_sha1_signature_signedby_rsa_private_pkcs8.sha1', 3421cb0ef41Sopenharmony_ci 'hex' 3431cb0ef41Sopenharmony_ci); 3441cb0ef41Sopenharmony_ci 3451cb0ef41Sopenharmony_cirsaSign.update(rsaPubPem); 3461cb0ef41Sopenharmony_cilet rsaSignature = rsaSign.sign(rsaKeyPem, 'hex'); 3471cb0ef41Sopenharmony_ciassert.strictEqual(rsaSignature, expectedSignature); 3481cb0ef41Sopenharmony_ci 3491cb0ef41Sopenharmony_cirsaVerify.update(rsaPubPem); 3501cb0ef41Sopenharmony_ciassert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true); 3511cb0ef41Sopenharmony_ci 3521cb0ef41Sopenharmony_ci// Test RSA PKCS#8 key signing/verification 3531cb0ef41Sopenharmony_cirsaSign = crypto.createSign('SHA1'); 3541cb0ef41Sopenharmony_cirsaSign.update(rsaPubPem); 3551cb0ef41Sopenharmony_cirsaSignature = rsaSign.sign(rsaPkcs8KeyPem, 'hex'); 3561cb0ef41Sopenharmony_ciassert.strictEqual(rsaSignature, expectedSignature); 3571cb0ef41Sopenharmony_ci 3581cb0ef41Sopenharmony_cirsaVerify = crypto.createVerify('SHA1'); 3591cb0ef41Sopenharmony_cirsaVerify.update(rsaPubPem); 3601cb0ef41Sopenharmony_ciassert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true); 3611cb0ef41Sopenharmony_ci 3621cb0ef41Sopenharmony_ci// Test RSA key signing/verification with encrypted key 3631cb0ef41Sopenharmony_cirsaSign = crypto.createSign('SHA1'); 3641cb0ef41Sopenharmony_cirsaSign.update(rsaPubPem); 3651cb0ef41Sopenharmony_ciconst signOptions = { key: rsaKeyPemEncrypted, passphrase: 'password' }; 3661cb0ef41Sopenharmony_cirsaSignature = rsaSign.sign(signOptions, 'hex'); 3671cb0ef41Sopenharmony_ciassert.strictEqual(rsaSignature, expectedSignature); 3681cb0ef41Sopenharmony_ci 3691cb0ef41Sopenharmony_cirsaVerify = crypto.createVerify('SHA1'); 3701cb0ef41Sopenharmony_cirsaVerify.update(rsaPubPem); 3711cb0ef41Sopenharmony_ciassert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true); 3721cb0ef41Sopenharmony_ci 3731cb0ef41Sopenharmony_cirsaSign = crypto.createSign('SHA1'); 3741cb0ef41Sopenharmony_cirsaSign.update(rsaPubPem); 3751cb0ef41Sopenharmony_ciassert.throws(() => { 3761cb0ef41Sopenharmony_ci const signOptions = { key: rsaKeyPemEncrypted, passphrase: 'wrong' }; 3771cb0ef41Sopenharmony_ci rsaSign.sign(signOptions, 'hex'); 3781cb0ef41Sopenharmony_ci}, decryptPrivateKeyError); 3791cb0ef41Sopenharmony_ci 3801cb0ef41Sopenharmony_ci// 3811cb0ef41Sopenharmony_ci// Test RSA signing and verification 3821cb0ef41Sopenharmony_ci// 3831cb0ef41Sopenharmony_ci{ 3841cb0ef41Sopenharmony_ci const privateKey = fixtures.readKey('rsa_private_b.pem'); 3851cb0ef41Sopenharmony_ci const publicKey = fixtures.readKey('rsa_public_b.pem'); 3861cb0ef41Sopenharmony_ci 3871cb0ef41Sopenharmony_ci const input = 'I AM THE WALRUS'; 3881cb0ef41Sopenharmony_ci 3891cb0ef41Sopenharmony_ci const signature = fixtures.readKey( 3901cb0ef41Sopenharmony_ci 'I_AM_THE_WALRUS_sha256_signature_signedby_rsa_private_b.sha256', 3911cb0ef41Sopenharmony_ci 'hex' 3921cb0ef41Sopenharmony_ci ); 3931cb0ef41Sopenharmony_ci 3941cb0ef41Sopenharmony_ci const sign = crypto.createSign('SHA256'); 3951cb0ef41Sopenharmony_ci sign.update(input); 3961cb0ef41Sopenharmony_ci 3971cb0ef41Sopenharmony_ci const output = sign.sign(privateKey, 'hex'); 3981cb0ef41Sopenharmony_ci assert.strictEqual(output, signature); 3991cb0ef41Sopenharmony_ci 4001cb0ef41Sopenharmony_ci const verify = crypto.createVerify('SHA256'); 4011cb0ef41Sopenharmony_ci verify.update(input); 4021cb0ef41Sopenharmony_ci 4031cb0ef41Sopenharmony_ci assert.strictEqual(verify.verify(publicKey, signature, 'hex'), true); 4041cb0ef41Sopenharmony_ci 4051cb0ef41Sopenharmony_ci // Test the legacy signature algorithm name. 4061cb0ef41Sopenharmony_ci const sign2 = crypto.createSign('RSA-SHA256'); 4071cb0ef41Sopenharmony_ci sign2.update(input); 4081cb0ef41Sopenharmony_ci 4091cb0ef41Sopenharmony_ci const output2 = sign2.sign(privateKey, 'hex'); 4101cb0ef41Sopenharmony_ci assert.strictEqual(output2, signature); 4111cb0ef41Sopenharmony_ci 4121cb0ef41Sopenharmony_ci const verify2 = crypto.createVerify('SHA256'); 4131cb0ef41Sopenharmony_ci verify2.update(input); 4141cb0ef41Sopenharmony_ci 4151cb0ef41Sopenharmony_ci assert.strictEqual(verify2.verify(publicKey, signature, 'hex'), true); 4161cb0ef41Sopenharmony_ci} 4171cb0ef41Sopenharmony_ci 4181cb0ef41Sopenharmony_ci 4191cb0ef41Sopenharmony_ci// 4201cb0ef41Sopenharmony_ci// Test DSA signing and verification 4211cb0ef41Sopenharmony_ci// 4221cb0ef41Sopenharmony_ci{ 4231cb0ef41Sopenharmony_ci const input = 'I AM THE WALRUS'; 4241cb0ef41Sopenharmony_ci 4251cb0ef41Sopenharmony_ci // DSA signatures vary across runs so there is no static string to verify 4261cb0ef41Sopenharmony_ci // against. 4271cb0ef41Sopenharmony_ci const sign = crypto.createSign('SHA1'); 4281cb0ef41Sopenharmony_ci sign.update(input); 4291cb0ef41Sopenharmony_ci const signature = sign.sign(dsaKeyPem, 'hex'); 4301cb0ef41Sopenharmony_ci 4311cb0ef41Sopenharmony_ci const verify = crypto.createVerify('SHA1'); 4321cb0ef41Sopenharmony_ci verify.update(input); 4331cb0ef41Sopenharmony_ci 4341cb0ef41Sopenharmony_ci assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true); 4351cb0ef41Sopenharmony_ci 4361cb0ef41Sopenharmony_ci // Test the legacy 'DSS1' name. 4371cb0ef41Sopenharmony_ci const sign2 = crypto.createSign('DSS1'); 4381cb0ef41Sopenharmony_ci sign2.update(input); 4391cb0ef41Sopenharmony_ci const signature2 = sign2.sign(dsaKeyPem, 'hex'); 4401cb0ef41Sopenharmony_ci 4411cb0ef41Sopenharmony_ci const verify2 = crypto.createVerify('DSS1'); 4421cb0ef41Sopenharmony_ci verify2.update(input); 4431cb0ef41Sopenharmony_ci 4441cb0ef41Sopenharmony_ci assert.strictEqual(verify2.verify(dsaPubPem, signature2, 'hex'), true); 4451cb0ef41Sopenharmony_ci} 4461cb0ef41Sopenharmony_ci 4471cb0ef41Sopenharmony_ci 4481cb0ef41Sopenharmony_ci// 4491cb0ef41Sopenharmony_ci// Test DSA signing and verification with PKCS#8 private key 4501cb0ef41Sopenharmony_ci// 4511cb0ef41Sopenharmony_ci{ 4521cb0ef41Sopenharmony_ci const input = 'I AM THE WALRUS'; 4531cb0ef41Sopenharmony_ci 4541cb0ef41Sopenharmony_ci // DSA signatures vary across runs so there is no static string to verify 4551cb0ef41Sopenharmony_ci // against. 4561cb0ef41Sopenharmony_ci const sign = crypto.createSign('SHA1'); 4571cb0ef41Sopenharmony_ci sign.update(input); 4581cb0ef41Sopenharmony_ci const signature = sign.sign(dsaPkcs8KeyPem, 'hex'); 4591cb0ef41Sopenharmony_ci 4601cb0ef41Sopenharmony_ci const verify = crypto.createVerify('SHA1'); 4611cb0ef41Sopenharmony_ci verify.update(input); 4621cb0ef41Sopenharmony_ci 4631cb0ef41Sopenharmony_ci assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true); 4641cb0ef41Sopenharmony_ci} 4651cb0ef41Sopenharmony_ci 4661cb0ef41Sopenharmony_ci 4671cb0ef41Sopenharmony_ci// 4681cb0ef41Sopenharmony_ci// Test DSA signing and verification with encrypted key 4691cb0ef41Sopenharmony_ci// 4701cb0ef41Sopenharmony_ciconst input = 'I AM THE WALRUS'; 4711cb0ef41Sopenharmony_ci 4721cb0ef41Sopenharmony_ci{ 4731cb0ef41Sopenharmony_ci const sign = crypto.createSign('SHA1'); 4741cb0ef41Sopenharmony_ci sign.update(input); 4751cb0ef41Sopenharmony_ci assert.throws(() => { 4761cb0ef41Sopenharmony_ci sign.sign({ key: dsaKeyPemEncrypted, passphrase: 'wrong' }, 'hex'); 4771cb0ef41Sopenharmony_ci }, decryptPrivateKeyError); 4781cb0ef41Sopenharmony_ci} 4791cb0ef41Sopenharmony_ci 4801cb0ef41Sopenharmony_ci{ 4811cb0ef41Sopenharmony_ci // DSA signatures vary across runs so there is no static string to verify 4821cb0ef41Sopenharmony_ci // against. 4831cb0ef41Sopenharmony_ci const sign = crypto.createSign('SHA1'); 4841cb0ef41Sopenharmony_ci sign.update(input); 4851cb0ef41Sopenharmony_ci const signOptions = { key: dsaKeyPemEncrypted, passphrase: 'password' }; 4861cb0ef41Sopenharmony_ci const signature = sign.sign(signOptions, 'hex'); 4871cb0ef41Sopenharmony_ci 4881cb0ef41Sopenharmony_ci const verify = crypto.createVerify('SHA1'); 4891cb0ef41Sopenharmony_ci verify.update(input); 4901cb0ef41Sopenharmony_ci 4911cb0ef41Sopenharmony_ci assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true); 4921cb0ef41Sopenharmony_ci} 493