Skip to content

Commit 057f4c5

Browse files
panvapanva
committed
crypto: fix output of privateDecrypt with zero-length data
closes nodejs#57553 closes nodejs#57572 closes nodejs#57558
1 parent 417eecf commit 057f4c5

2 files changed

Lines changed: 52 additions & 1 deletion

File tree

deps/ncrypto/ncrypto.cc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -215,7 +215,7 @@ Buffer<void> DataPointer::release() {
215215
DataPointer DataPointer::resize(size_t len) {
216216
size_t actual_len = std::min(len_, len);
217217
auto buf = release();
218-
if (actual_len == len_) return DataPointer(buf);
218+
if (actual_len == len_) return DataPointer(buf.data, actual_len);
219219
buf.data = OPENSSL_realloc(buf.data, actual_len);
220220
buf.len = actual_len;
221221
return DataPointer(buf);

test/parallel/test-crypto-zero-lengths.mjs

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,51 @@
1+
import * as common from '../common/index.mjs';
2+
3+
if (!common.hasCrypto)
4+
common.skip('missing crypto');
5+
6+
import * as fixtures from '../common/fixtures.mjs';
7+
import assert from 'assert';
8+
import crypto from 'crypto';
9+
10+
const { subtle } = globalThis.crypto;
11+
12+
{
13+
const privateKey = crypto.createPrivateKey(fixtures.readKey('rsa_private.pem', 'ascii'));
14+
const publicKey = crypto.createPublicKey(fixtures.readKey('rsa_public.pem', 'ascii'));
15+
16+
const data = Buffer.alloc(0);
17+
{
18+
19+
const ciphertext = crypto.publicEncrypt({
20+
padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
21+
key: publicKey,
22+
}, data);
23+
24+
const plaintext = crypto.privateDecrypt({
25+
padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
26+
key: privateKey
27+
}, ciphertext);
28+
29+
assert.deepStrictEqual(plaintext, data);
30+
}
31+
32+
{
33+
const ciphertext = crypto.publicEncrypt(publicKey, data);
34+
const plaintext = crypto.privateDecrypt(privateKey, ciphertext);
35+
36+
assert.deepStrictEqual(plaintext, data);
37+
}
38+
39+
{
40+
const pkcs8 = privateKey.export({ format: 'der', type: 'pkcs8' });
41+
const spki = publicKey.export({ format: 'der', type: 'spki' });
42+
const kp = {
43+
privateKey: await subtle.importKey('pkcs8', pkcs8, { name: 'RSA-OAEP', hash: 'SHA-1' }, false, ['decrypt']),
44+
publicKey: await subtle.importKey('spki', spki, { name: 'RSA-OAEP', hash: 'SHA-1' }, false, ['encrypt']),
45+
};
46+
47+
const ciphertext = await subtle.encrypt('RSA-OAEP', kp.publicKey, data);
48+
const plaintext = await subtle.decrypt('RSA-OAEP', kp.privateKey, ciphertext);
49+
assert.deepStrictEqual(plaintext, data.buffer);
50+
}
51+
}

0 commit comments

Comments
 (0)