fix(ext/crypto): support md4 digest algorithm (#25656)

Fixes #25646
author: Luca Casonato <hello@lcas.dev> 2024-09-16 13:04:40 +0200
committer: GitHub <noreply@github.com> 2024-09-16 11:04:40 +0000
commit: 81c9e0ba25acb6288330b85ba2c558f587d92782 (patch)
tree: 3d53f6a17f8a42f20ec20fba3cc98360e32df18b
parent: eb8ee95f08186c948e5b83501cedd59d6e3b4ef2 (diff)
3 files changed, 45 insertions, 11 deletions
diff --git a/ext/node/ops/crypto/digest.rs b/ext/node/ops/crypto/digest.rs
index 1bb028155..293e8e063 100644
--- a/ext/node/ops/crypto/digest.rs
+++ b/ext/node/ops/crypto/digest.rs
@@ -80,6 +80,10 @@ macro_rules! match_fixed_digest_with_eager_block_buffer {
         type $type = ::sm3::Sm3;
         $body
       }
+      "rsa-md4" | "md4" | "md4withrsaencryption" => {
+        type $type = ::md4::Md4;
+        $body
+      }
       "md5-sha1" => {
         type $type = crate::ops::crypto::md5_sha1::Md5Sha1;
         $body
@@ -260,6 +264,7 @@ impl Hash {
 
   pub fn get_hashes() -> Vec<&'static str> {
     vec![
+      "RSA-MD4",
       "RSA-MD5",
       "RSA-RIPEMD160",
       "RSA-SHA1",
@@ -281,6 +286,8 @@ impl Hash {
       "id-rsassa-pkcs1-v1_5-with-sha3-256",
       "id-rsassa-pkcs1-v1_5-with-sha3-384",
       "id-rsassa-pkcs1-v1_5-with-sha3-512",
+      "md4",
+      "md4WithRSAEncryption",
       "md5",
       "md5-sha1",
       "md5WithRSAEncryption",
diff --git a/tests/unit_node/crypto/crypto_sign_test.ts b/tests/unit_node/crypto/crypto_sign_test.ts
index c33c9758f..97c80b28a 100644
--- a/tests/unit_node/crypto/crypto_sign_test.ts
+++ b/tests/unit_node/crypto/crypto_sign_test.ts
@@ -154,16 +154,21 @@ Deno.test("crypto.createSign|sign - compare with node", async (t) => {
     new URL(import.meta.resolve("../testdata/rsa_private.pem")),
   );
   for (const { digest, signature } of fixtures) {
-    await t.step(digest, () => {
-      let actual: string | null;
-      try {
-        const s = createSign(digest);
-        s.update(DATA);
-        actual = s.sign(privateKey).toString("hex");
-      } catch {
-        actual = null;
-      }
-      assertEquals(actual, signature);
+    await t.step({
+      name: digest,
+      // TODO(lucacasonato): our md4 implementation does not have an OID, so it can't sign/verify
+      ignore: digest.toLowerCase().includes("md4"),
+      fn: () => {
+        let actual: string | null;
+        try {
+          const s = createSign(digest);
+          s.update(DATA);
+          actual = s.sign(privateKey).toString("hex");
+        } catch {
+          actual = null;
+        }
+        assertEquals(actual, signature);
+      },
     });
   }
 });
@@ -176,7 +181,8 @@ Deno.test("crypto.createVerify|verify - compare with node", async (t) => {
   for (const { digest, signature } of fixtures) {
     await t.step({
       name: digest,
-      ignore: signature === null,
+      // TODO(lucacasonato): our md4 implementation does not have an OID, so it can't sign/verify
+      ignore: signature === null || digest.toLowerCase().includes("md4"),
       fn: () => {
         const s = createVerify(digest);
         s.update(DATA);
diff --git a/tests/unit_node/testdata/crypto_digest_fixtures.json b/tests/unit_node/testdata/crypto_digest_fixtures.json
index c5b65261d..984657d24 100644
--- a/tests/unit_node/testdata/crypto_digest_fixtures.json
+++ b/tests/unit_node/testdata/crypto_digest_fixtures.json
@@ -1,5 +1,12 @@
 [
   {
+    "digest": "RSA-MD4",
+    "hash": "0abe9ee1f376caa1bcecad9042f16e73",
+    "signature": "9e0ea2ddcde181d9304e0cc56fd5e83f3bcc7921aa8605c4abb47c3829e79f99e856e323555222765d2b92328ff72b34ccbbc9e417033e1214c79bc4cccaf9d3a7f73105ab8f54507aa6a1909ec4754bd5a3b0ac588836c10c79c28ab81294b91aa5fa622574112dfeb52e8d785aa16193713ff66c11f23277eb27cfc8a6cd658777e3310aa9eede84b638673565f41978d278ef51b68a7e9855543f70e0c7ca823a7dfcfd922ea4973360a58c41132472737c6d68d30c2b4ca50882092e12f3e3b017199f45180a897cd155107ddd7fccca3eea565521b3f75dd8db6b0e8817c20b96e7e0d2bfe5c73e10a2d1e720dc00809def92c419411fcdd6e029fb6053",
+    "pkdf2": "a94d60cc0f44f11f4dd836de5313642956fee6f36ed7460b91d80e5dbc4089f123d6c70c6da4de059248a863af93da1f2776fae7065f008cf3fc7ebfe7592d7a",
+    "hkdf": "0104d69f3cb07f15194061d20905c559fcd1e3e2f71012ef88c964b16dca5253cda26f4c84fbafab14e638be1d1a972109b8725d5fb4dfa50b95d6ad3c4b6a88"
+  },
+  {
     "digest": "RSA-MD5",
     "hash": "6cd3556deb0da54bca060b4c39479839",
     "signature": "45f2e7ac7c0d323c18e9c8554d15e21a8fb72944928e0b7acc2185402448c39af05340391ee9aac64c45a947bc3ed801de8791aaa5788a62e909d7c8d92e63c7f119753219a48c29ea78e371d3a89c0bd64d756b829fa6faaa8fa46bc28228dd4430aca845c02f3b6b835b140247838ac5b96434d1049115785f3f52034e0cc46f6cafc5f2921b9928403aea1edd85f3a99e12324abeeaaaa040b320f8af157c5df7fd7479415771fd116daed933b43eac51b3c274ba9283aaf3f1b6f1f527a0cea76f9a43dca3b9ff03834feed13a0fd488e6750a9d46ddb1ad69ac88090af050458eeafd1e9fa317c4ecc61d90289d5378e6e3693ef6da2e4a4803b6108145",
@@ -147,6 +154,20 @@
     "hkdf": "f27d87f9f6b87718073c8d2ad6bae00b4162cecde350c856252dd611120c433373a0c0d3946a8582bf855bf581439a14ca4f355fcd18881331f4a3b1027e84b2"
   },
   {
+    "digest": "md4",
+    "hash": "0abe9ee1f376caa1bcecad9042f16e73",
+    "signature": "9e0ea2ddcde181d9304e0cc56fd5e83f3bcc7921aa8605c4abb47c3829e79f99e856e323555222765d2b92328ff72b34ccbbc9e417033e1214c79bc4cccaf9d3a7f73105ab8f54507aa6a1909ec4754bd5a3b0ac588836c10c79c28ab81294b91aa5fa622574112dfeb52e8d785aa16193713ff66c11f23277eb27cfc8a6cd658777e3310aa9eede84b638673565f41978d278ef51b68a7e9855543f70e0c7ca823a7dfcfd922ea4973360a58c41132472737c6d68d30c2b4ca50882092e12f3e3b017199f45180a897cd155107ddd7fccca3eea565521b3f75dd8db6b0e8817c20b96e7e0d2bfe5c73e10a2d1e720dc00809def92c419411fcdd6e029fb6053",
+    "pkdf2": "a94d60cc0f44f11f4dd836de5313642956fee6f36ed7460b91d80e5dbc4089f123d6c70c6da4de059248a863af93da1f2776fae7065f008cf3fc7ebfe7592d7a",
+    "hkdf": "0104d69f3cb07f15194061d20905c559fcd1e3e2f71012ef88c964b16dca5253cda26f4c84fbafab14e638be1d1a972109b8725d5fb4dfa50b95d6ad3c4b6a88"
+  },
+  {
+    "digest": "md4WithRSAEncryption",
+    "hash": "0abe9ee1f376caa1bcecad9042f16e73",
+    "signature": "9e0ea2ddcde181d9304e0cc56fd5e83f3bcc7921aa8605c4abb47c3829e79f99e856e323555222765d2b92328ff72b34ccbbc9e417033e1214c79bc4cccaf9d3a7f73105ab8f54507aa6a1909ec4754bd5a3b0ac588836c10c79c28ab81294b91aa5fa622574112dfeb52e8d785aa16193713ff66c11f23277eb27cfc8a6cd658777e3310aa9eede84b638673565f41978d278ef51b68a7e9855543f70e0c7ca823a7dfcfd922ea4973360a58c41132472737c6d68d30c2b4ca50882092e12f3e3b017199f45180a897cd155107ddd7fccca3eea565521b3f75dd8db6b0e8817c20b96e7e0d2bfe5c73e10a2d1e720dc00809def92c419411fcdd6e029fb6053",
+    "pkdf2": "a94d60cc0f44f11f4dd836de5313642956fee6f36ed7460b91d80e5dbc4089f123d6c70c6da4de059248a863af93da1f2776fae7065f008cf3fc7ebfe7592d7a",
+    "hkdf": "0104d69f3cb07f15194061d20905c559fcd1e3e2f71012ef88c964b16dca5253cda26f4c84fbafab14e638be1d1a972109b8725d5fb4dfa50b95d6ad3c4b6a88"
+  },
+  {
     "digest": "md5",
     "hash": "6cd3556deb0da54bca060b4c39479839",
     "signature": "45f2e7ac7c0d323c18e9c8554d15e21a8fb72944928e0b7acc2185402448c39af05340391ee9aac64c45a947bc3ed801de8791aaa5788a62e909d7c8d92e63c7f119753219a48c29ea78e371d3a89c0bd64d756b829fa6faaa8fa46bc28228dd4430aca845c02f3b6b835b140247838ac5b96434d1049115785f3f52034e0cc46f6cafc5f2921b9928403aea1edd85f3a99e12324abeeaaaa040b320f8af157c5df7fd7479415771fd116daed933b43eac51b3c274ba9283aaf3f1b6f1f527a0cea76f9a43dca3b9ff03834feed13a0fd488e6750a9d46ddb1ad69ac88090af050458eeafd1e9fa317c4ecc61d90289d5378e6e3693ef6da2e4a4803b6108145",
author	Luca Casonato <hello@lcas.dev>	2024-09-16 13:04:40 +0200
committer	GitHub <noreply@github.com>	2024-09-16 11:04:40 +0000
commit	81c9e0ba25acb6288330b85ba2c558f587d92782 (patch)
tree	3d53f6a17f8a42f20ec20fba3cc98360e32df18b
parent	eb8ee95f08186c948e5b83501cedd59d6e3b4ef2 (diff)