diff options
author | Tobias Nießen <tniessen@tnie.de> | 2019-01-26 13:28:55 +0100 |
---|---|---|
committer | Tobias Nießen <tniessen@tnie.de> | 2019-03-05 16:32:19 +0100 |
commit | fe7162915e2a9de85bb550d8d50679832e46983e (patch) | |
tree | d0639862a806e942fec9ab925935eabf91c29cd8 /test/parallel/test-crypto-key-objects.js | |
parent | 84ebaaa339ffc67cbada5b2ae59061c26efd39ce (diff) | |
download | android-node-v8-fe7162915e2a9de85bb550d8d50679832e46983e.tar.gz android-node-v8-fe7162915e2a9de85bb550d8d50679832e46983e.tar.bz2 android-node-v8-fe7162915e2a9de85bb550d8d50679832e46983e.zip |
crypto: allow deriving public from private keys
This change allows passing private key objects to
crypto.createPublicKey, resulting in a key object that represents a
valid public key for the given private key. The returned public key
object can be used and exported safely without revealing information
about the private key.
PR-URL: https://github.com/nodejs/node/pull/26278
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Diffstat (limited to 'test/parallel/test-crypto-key-objects.js')
-rw-r--r-- | test/parallel/test-crypto-key-objects.js | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/test/parallel/test-crypto-key-objects.js b/test/parallel/test-crypto-key-objects.js index d4ec93fbbf..1ec24e5f6a 100644 --- a/test/parallel/test-crypto-key-objects.js +++ b/test/parallel/test-crypto-key-objects.js @@ -59,10 +59,28 @@ const privatePem = fixtures.readSync('test_rsa_privkey.pem', 'ascii'); } { - // Passing an existing key object should throw. + // Passing an existing public key object to createPublicKey should throw. const publicKey = createPublicKey(publicPem); common.expectsError(() => createPublicKey(publicKey), { type: TypeError, + code: 'ERR_CRYPTO_INVALID_KEY_OBJECT_TYPE', + message: 'Invalid key object type public, expected private.' + }); + + // Constructing a private key from a public key should be impossible, even + // if the public key was derived from a private key. + common.expectsError(() => createPrivateKey(createPublicKey(privatePem)), { + type: TypeError, + code: 'ERR_INVALID_ARG_TYPE', + message: 'The "key" argument must be one of type string, Buffer, ' + + 'TypedArray, or DataView. Received type object' + }); + + // Similarly, passing an existing private key object to createPrivateKey + // should throw. + const privateKey = createPrivateKey(privatePem); + common.expectsError(() => createPrivateKey(privateKey), { + type: TypeError, code: 'ERR_INVALID_ARG_TYPE', message: 'The "key" argument must be one of type string, Buffer, ' + 'TypedArray, or DataView. Received type object' @@ -80,6 +98,12 @@ const privatePem = fixtures.readSync('test_rsa_privkey.pem', 'ascii'); assert.strictEqual(privateKey.asymmetricKeyType, 'rsa'); assert.strictEqual(privateKey.symmetricKeySize, undefined); + // It should be possible to derive a public key from a private key. + const derivedPublicKey = createPublicKey(privateKey); + assert.strictEqual(derivedPublicKey.type, 'public'); + assert.strictEqual(derivedPublicKey.asymmetricKeyType, 'rsa'); + assert.strictEqual(derivedPublicKey.symmetricKeySize, undefined); + const publicDER = publicKey.export({ format: 'der', type: 'pkcs1' @@ -95,8 +119,18 @@ const privatePem = fixtures.readSync('test_rsa_privkey.pem', 'ascii'); const plaintext = Buffer.from('Hello world', 'utf8'); const ciphertexts = [ + // Encrypt using the public key. publicEncrypt(publicKey, plaintext), publicEncrypt({ key: publicKey }, plaintext), + + // Encrypt using the private key. + publicEncrypt(privateKey, plaintext), + publicEncrypt({ key: privateKey }, plaintext), + + // Encrypt using a public key derived from the private key. + publicEncrypt(derivedPublicKey, plaintext), + publicEncrypt({ key: derivedPublicKey }, plaintext), + // Test distinguishing PKCS#1 public and private keys based on the // DER-encoded data only. publicEncrypt({ format: 'der', type: 'pkcs1', key: publicDER }, plaintext), |