jiangcuo/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2025-05-20 22:43:26 +00:00
Code Issues Actions 13 Packages Projects Releases Wiki Activity
c2ceb15fd5
node/test/parallel/test-crypto-private-decrypt-gh32240.js
Ben Noordhuis c37d4ccee8
crypto: clear openssl error stack after en/decrypt 
The publicEncrypt/privateDecrypt/etc. family of functions didn't clear
OpenSSL's error stack on early return.

Notably, trying to use an encrypted key with the wrong passphrase left
an error on the stack that made subsequent encrypt or decrypt operations
fail, even with an unencrypted key.

Fixes: https://github.com/nodejs/node/issues/32240

PR-URL: https://github.com/nodejs/node/pull/32248
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2020-03-30 17:13:45 +02:00

39 lines
1004 B
JavaScript
Raw Blame History

'use strict';
// Verify that privateDecrypt() does not leave an error on the
// openssl error stack that is visible to subsequent operations.
const common = require('../common');
if (!common.hasCrypto)
common.skip('missing crypto');
const assert = require('assert');
const {
generateKeyPairSync,
publicEncrypt,
privateDecrypt,
} = require('crypto');
const pair = generateKeyPairSync('rsa', { modulusLength: 512 });
const expected = Buffer.from('shibboleth');
const encrypted = publicEncrypt(pair.publicKey, expected);
const pkey = pair.privateKey.export({ type: 'pkcs1', format: 'pem' });
const pkeyEncrypted =
pair.privateKey.export({
type: 'pkcs1',
format: 'pem',
cipher: 'aes128',
passphrase: 'secret',
});
function decrypt(key) {
const decrypted = privateDecrypt(key, encrypted);
assert.deepStrictEqual(decrypted, expected);
}
decrypt(pkey);
assert.throws(() => decrypt(pkeyEncrypted), { code: 'ERR_MISSING_PASSPHRASE' });
decrypt(pkey); // Should not throw.
Reference in New Issue View Git Blame Copy Permalink