From bbad7c592282dace88c77b0e089d53cb32878673 Mon Sep 17 00:00:00 2001 From: Divy Srivastava Date: Mon, 14 Oct 2024 14:24:26 +0530 Subject: fix(ext/node): compute pem length (upper bound) for key exports (#26231) Fixes https://github.com/denoland/deno/issues/26188 --- tests/unit_node/crypto/crypto_key_test.ts | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'tests/unit_node/crypto') diff --git a/tests/unit_node/crypto/crypto_key_test.ts b/tests/unit_node/crypto/crypto_key_test.ts index 7995ce5d3..3c7ad4423 100644 --- a/tests/unit_node/crypto/crypto_key_test.ts +++ b/tests/unit_node/crypto/crypto_key_test.ts @@ -656,3 +656,24 @@ z6TExWlQMjt66nV7R8cRAkzmABrG+NW3e8Zpac7Lkuv+zu0S+K7c assertEquals(publicKey.type, "public"); assertEquals(publicKey.asymmetricKeyType, "rsa"); }); + +// https://github.com/denoland/deno/issues/26188 +Deno.test("generateKeyPair large pem", function () { + const passphrase = "mypassphrase"; + const cipher = "aes-256-cbc"; + const modulusLength = 4096; + + generateKeyPairSync("rsa", { + modulusLength, + publicKeyEncoding: { + type: "spki", + format: "pem", + }, + privateKeyEncoding: { + type: "pkcs8", + format: "pem", + cipher, + passphrase, + }, + }); +}); -- cgit v1.2.3 From 21fa953f320c66a897822c4c731b2fae5f07c78b Mon Sep 17 00:00:00 2001 From: Divy Srivastava Date: Wed, 16 Oct 2024 14:27:28 +0530 Subject: fix(ext/node): timingSafeEqual account for AB byteOffset (#26292) Fixes https://github.com/denoland/deno/issues/26276 --- tests/unit_node/crypto/crypto_misc_test.ts | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'tests/unit_node/crypto') diff --git a/tests/unit_node/crypto/crypto_misc_test.ts b/tests/unit_node/crypto/crypto_misc_test.ts index 47a48b1bf..007009339 100644 --- a/tests/unit_node/crypto/crypto_misc_test.ts +++ b/tests/unit_node/crypto/crypto_misc_test.ts @@ -1,5 +1,6 @@ // Copyright 2018-2024 the Deno authors. All rights reserved. MIT license. -import { randomFillSync, randomUUID } from "node:crypto"; +import { randomFillSync, randomUUID, timingSafeEqual } from "node:crypto"; +import { Buffer } from "node:buffer"; import { assert, assertEquals } from "../../unit/test_util.ts"; import { assertNotEquals } from "@std/assert"; @@ -28,3 +29,10 @@ Deno.test("[node/crypto.randomFillSync] array buffer view", () => { assertEquals(buf.subarray(0, 8), new Uint8Array(8)); assertEquals(buf.subarray(24, 32), new Uint8Array(8)); }); + +Deno.test("[node/crypto.timingSafeEqual] compares equal Buffer with different byteOffset", () => { + const a = Buffer.from([212, 213]); + const b = Buffer.from([0, 0, 0, 0, 0, 0, 0, 0, 212, 213]).subarray(8); + + assert(timingSafeEqual(a, b)); +}); -- cgit v1.2.3 From df1d36324ffd4f687c406e412f9255bf7a9d8a61 Mon Sep 17 00:00:00 2001 From: Marvin Hagemeister Date: Tue, 19 Nov 2024 01:39:40 +0100 Subject: fix(node/crypto): support promisify on generateKeyPair (#26913) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Calling `promisify(generateKeyPair)` didn't work as expected. It requires a custom promisify implementation. This was easy to fix thanks to the excellent debugging investigation in https://github.com/denoland/deno/issues/26910 Fixes https://github.com/denoland/deno/issues/26910 Co-authored-by: Bartek IwaƄczuk --- tests/unit_node/crypto/crypto_key_test.ts | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'tests/unit_node/crypto') diff --git a/tests/unit_node/crypto/crypto_key_test.ts b/tests/unit_node/crypto/crypto_key_test.ts index 3c7ad4423..5d206acc7 100644 --- a/tests/unit_node/crypto/crypto_key_test.ts +++ b/tests/unit_node/crypto/crypto_key_test.ts @@ -677,3 +677,26 @@ Deno.test("generateKeyPair large pem", function () { }, }); }); + +Deno.test("generateKeyPair promisify", async () => { + const passphrase = "mypassphrase"; + const cipher = "aes-256-cbc"; + const modulusLength = 4096; + + const { privateKey, publicKey } = await promisify(generateKeyPair)("rsa", { + modulusLength, + publicKeyEncoding: { + type: "spki", + format: "pem", + }, + privateKeyEncoding: { + type: "pkcs8", + format: "pem", + cipher, + passphrase, + }, + }); + + assert(publicKey.startsWith("-----BEGIN PUBLIC KEY-----")); + assert(privateKey.startsWith("-----BEGIN PRIVATE KEY-----")); +}); -- cgit v1.2.3