Skip to content

Commit

Permalink
test: add test cases for paramEncoding 'explicit'
Browse files Browse the repository at this point in the history
PR-URL: #27900
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Ujjwal Sharma <[email protected]>
Reviewed-By: Ruben Bridgewater <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
  • Loading branch information
oksemonenko authored and targos committed May 31, 2019
1 parent 682319f commit 6f9aa3f
Showing 1 changed file with 92 additions and 0 deletions.
92 changes: 92 additions & 0 deletions test/parallel/test-crypto-keygen.js
Original file line number Diff line number Diff line change
Expand Up @@ -378,6 +378,30 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
testSignVerify(publicKey, privateKey);
}));

// Test async elliptic curve key generation, e.g. for ECDSA, with a SEC1
// private key with paramEncoding explicit.
generateKeyPair('ec', {
namedCurve: 'prime256v1',
paramEncoding: 'explicit',
publicKeyEncoding: {
type: 'spki',
format: 'pem'
},
privateKeyEncoding: {
type: 'sec1',
format: 'pem'
}
}, common.mustCall((err, publicKey, privateKey) => {
assert.ifError(err);

assert.strictEqual(typeof publicKey, 'string');
assert(spkiExp.test(publicKey));
assert.strictEqual(typeof privateKey, 'string');
assert(sec1Exp.test(privateKey));

testSignVerify(publicKey, privateKey);
}));

// Do the same with an encrypted private key.
generateKeyPair('ec', {
namedCurve: 'prime256v1',
Expand Down Expand Up @@ -409,6 +433,38 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);

testSignVerify(publicKey, { key: privateKey, passphrase: 'secret' });
}));

// Do the same with an encrypted private key with paramEncoding explicit.
generateKeyPair('ec', {
namedCurve: 'prime256v1',
paramEncoding: 'explicit',
publicKeyEncoding: {
type: 'spki',
format: 'pem'
},
privateKeyEncoding: {
type: 'sec1',
format: 'pem',
cipher: 'aes-128-cbc',
passphrase: 'secret'
}
}, common.mustCall((err, publicKey, privateKey) => {
assert.ifError(err);

assert.strictEqual(typeof publicKey, 'string');
assert(spkiExp.test(publicKey));
assert.strictEqual(typeof privateKey, 'string');
assert(sec1EncExp('AES-128-CBC').test(privateKey));

// Since the private key is encrypted, signing shouldn't work anymore.
common.expectsError(() => testSignVerify(publicKey, privateKey), {
type: TypeError,
code: 'ERR_MISSING_PASSPHRASE',
message: 'Passphrase required for encrypted key'
});

testSignVerify(publicKey, { key: privateKey, passphrase: 'secret' });
}));
}

{
Expand Down Expand Up @@ -447,6 +503,42 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
passphrase: 'top secret'
});
}));

// Test async elliptic curve key generation, e.g. for ECDSA, with an encrypted
// private key with paramEncoding explicit.
generateKeyPair('ec', {
namedCurve: 'P-256',
paramEncoding: 'explicit',
publicKeyEncoding: {
type: 'spki',
format: 'pem'
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem',
cipher: 'aes-128-cbc',
passphrase: 'top secret'
}
}, common.mustCall((err, publicKey, privateKey) => {
assert.ifError(err);

assert.strictEqual(typeof publicKey, 'string');
assert(spkiExp.test(publicKey));
assert.strictEqual(typeof privateKey, 'string');
assert(pkcs8EncExp.test(privateKey));

// Since the private key is encrypted, signing shouldn't work anymore.
common.expectsError(() => testSignVerify(publicKey, privateKey), {
type: TypeError,
code: 'ERR_MISSING_PASSPHRASE',
message: 'Passphrase required for encrypted key'
});

testSignVerify(publicKey, {
key: privateKey,
passphrase: 'top secret'
});
}));
}

// Test invalid parameter encoding.
Expand Down

0 comments on commit 6f9aa3f

Please sign in to comment.