-
Notifications
You must be signed in to change notification settings - Fork 30.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
test: update test-crypto-async-sign-verify to use node:test
- Loading branch information
Showing
1 changed file
with
155 additions
and
139 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,143 +1,159 @@ | ||
| 'use strict'; | ||
| const common = require('../common'); | ||
| if (!common.hasCrypto) | ||
| common.skip('missing crypto'); | ||
|
|
||
| const assert = require('assert'); | ||
| const util = require('util'); | ||
| const crypto = require('crypto'); | ||
| const fixtures = require('../common/fixtures'); | ||
|
|
||
| function test( | ||
| publicFixture, | ||
| privateFixture, | ||
| algorithm, | ||
| deterministic, | ||
| options | ||
| ) { | ||
| let publicPem = fixtures.readKey(publicFixture); | ||
| let privatePem = fixtures.readKey(privateFixture); | ||
| let privateKey = crypto.createPrivateKey(privatePem); | ||
| let publicKey = crypto.createPublicKey(publicPem); | ||
| const privateDer = { | ||
| key: privateKey.export({ format: 'der', type: 'pkcs8' }), | ||
| format: 'der', | ||
| type: 'pkcs8', | ||
| ...options | ||
| }; | ||
| const publicDer = { | ||
| key: publicKey.export({ format: 'der', type: 'spki' }), | ||
| format: 'der', | ||
| type: 'spki', | ||
| ...options | ||
| }; | ||
|
|
||
| if (options) { | ||
| publicPem = { ...options, key: publicPem }; | ||
| privatePem = { ...options, key: privatePem }; | ||
| privateKey = { ...options, key: privateKey }; | ||
| publicKey = { ...options, key: publicKey }; | ||
| } | ||
|
|
||
| const data = Buffer.from('Hello world'); | ||
| const expected = crypto.sign(algorithm, data, privateKey); | ||
|
|
||
| for (const key of [privatePem, privateKey, privateDer]) { | ||
| crypto.sign(algorithm, data, key, common.mustSucceed((actual) => { | ||
| if (deterministic) { | ||
| assert.deepStrictEqual(actual, expected); | ||
| } | ||
|
|
||
| assert.strictEqual( | ||
| crypto.verify(algorithm, data, key, actual), true); | ||
| })); | ||
| const common = require('../common'); | ||
| const { describe, it } = require('node:test'); | ||
|
|
||
| // Disabling the unnecessary lint rule here. We're testing the common.hasCrypto | ||
| // in the skip option of the describe block. | ||
| /* eslint-disable node-core/crypto-check */ | ||
|
|
||
| describe('async sign/verify...', { skip: !common.hasCrypto }, () => { | ||
| const assert = require('assert'); | ||
| const util = require('util'); | ||
| const crypto = require('crypto'); | ||
| const fixtures = require('../common/fixtures'); | ||
|
|
||
| function test( | ||
| publicFixture, | ||
| privateFixture, | ||
| algorithm, | ||
| deterministic, | ||
| options | ||
| ) { | ||
| let publicPem = fixtures.readKey(publicFixture); | ||
| let privatePem = fixtures.readKey(privateFixture); | ||
| let privateKey = crypto.createPrivateKey(privatePem); | ||
| let publicKey = crypto.createPublicKey(publicPem); | ||
| const privateDer = { | ||
| key: privateKey.export({ format: 'der', type: 'pkcs8' }), | ||
| format: 'der', | ||
| type: 'pkcs8', | ||
| ...options | ||
| }; | ||
| const publicDer = { | ||
| key: publicKey.export({ format: 'der', type: 'spki' }), | ||
| format: 'der', | ||
| type: 'spki', | ||
| ...options | ||
| }; | ||
|
|
||
| if (options) { | ||
| publicPem = { ...options, key: publicPem }; | ||
| privatePem = { ...options, key: privatePem }; | ||
| privateKey = { ...options, key: privateKey }; | ||
| publicKey = { ...options, key: publicKey }; | ||
| } | ||
|
|
||
| const data = Buffer.from('Hello world'); | ||
| const expected = crypto.sign(algorithm, data, privateKey); | ||
|
|
||
| for (const key of [privatePem, privateKey, privateDer]) { | ||
| crypto.sign(algorithm, data, key, common.mustSucceed((actual) => { | ||
| if (deterministic) { | ||
| assert.deepStrictEqual(actual, expected); | ||
| } | ||
|
|
||
| assert.strictEqual( | ||
| crypto.verify(algorithm, data, key, actual), true); | ||
| })); | ||
| } | ||
|
|
||
| const verifyInputs = [ | ||
| publicPem, publicKey, publicDer, privatePem, privateKey, privateDer]; | ||
| for (const key of verifyInputs) { | ||
| crypto.verify(algorithm, data, key, expected, common.mustSucceed( | ||
| (verified) => assert.strictEqual(verified, true))); | ||
|
|
||
| crypto.verify(algorithm, data, key, Buffer.from(''), common.mustSucceed( | ||
| (verified) => assert.strictEqual(verified, false))); | ||
| } | ||
| } | ||
|
|
||
| const verifyInputs = [ | ||
| publicPem, publicKey, publicDer, privatePem, privateKey, privateDer]; | ||
| for (const key of verifyInputs) { | ||
| crypto.verify(algorithm, data, key, expected, common.mustSucceed( | ||
| (verified) => assert.strictEqual(verified, true))); | ||
|
|
||
| crypto.verify(algorithm, data, key, Buffer.from(''), common.mustSucceed( | ||
| (verified) => assert.strictEqual(verified, false))); | ||
| } | ||
| } | ||
|
|
||
| // RSA w/ default padding | ||
| test('rsa_public.pem', 'rsa_private.pem', 'sha256', true); | ||
| test('rsa_public.pem', 'rsa_private.pem', 'sha256', true, | ||
| { padding: crypto.constants.RSA_PKCS1_PADDING }); | ||
|
|
||
| // RSA w/ PSS_PADDING and default saltLength | ||
| test('rsa_public.pem', 'rsa_private.pem', 'sha256', false, | ||
| { padding: crypto.constants.RSA_PKCS1_PSS_PADDING }); | ||
| test('rsa_public.pem', 'rsa_private.pem', 'sha256', false, | ||
| { | ||
| padding: crypto.constants.RSA_PKCS1_PSS_PADDING, | ||
| saltLength: crypto.constants.RSA_PSS_SALTLEN_MAX_SIGN | ||
| }); | ||
|
|
||
| // RSA w/ PSS_PADDING and PSS_SALTLEN_DIGEST | ||
| test('rsa_public.pem', 'rsa_private.pem', 'sha256', false, | ||
| { | ||
| padding: crypto.constants.RSA_PKCS1_PSS_PADDING, | ||
| saltLength: crypto.constants.RSA_PSS_SALTLEN_DIGEST | ||
| }); | ||
|
|
||
| // ED25519 | ||
| test('ed25519_public.pem', 'ed25519_private.pem', undefined, true); | ||
| // ED448 | ||
| test('ed448_public.pem', 'ed448_private.pem', undefined, true); | ||
|
|
||
| // ECDSA w/ der signature encoding | ||
| test('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384', | ||
| false); | ||
| test('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384', | ||
| false, { dsaEncoding: 'der' }); | ||
|
|
||
| // ECDSA w/ ieee-p1363 signature encoding | ||
| test('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384', false, | ||
| { dsaEncoding: 'ieee-p1363' }); | ||
|
|
||
| // DSA w/ der signature encoding | ||
| test('dsa_public.pem', 'dsa_private.pem', 'sha256', | ||
| false); | ||
| test('dsa_public.pem', 'dsa_private.pem', 'sha256', | ||
| false, { dsaEncoding: 'der' }); | ||
|
|
||
| // DSA w/ ieee-p1363 signature encoding | ||
| test('dsa_public.pem', 'dsa_private.pem', 'sha256', false, | ||
| { dsaEncoding: 'ieee-p1363' }); | ||
|
|
||
| // Test Parallel Execution w/ KeyObject is threadsafe in openssl3 | ||
| { | ||
| const publicKey = { | ||
| key: crypto.createPublicKey( | ||
| fixtures.readKey('ec_p256_public.pem')), | ||
| dsaEncoding: 'ieee-p1363', | ||
| }; | ||
| const privateKey = { | ||
| key: crypto.createPrivateKey( | ||
| fixtures.readKey('ec_p256_private.pem')), | ||
| dsaEncoding: 'ieee-p1363', | ||
| }; | ||
|
|
||
| const sign = util.promisify(crypto.sign); | ||
| const verify = util.promisify(crypto.verify); | ||
|
|
||
| const data = Buffer.from('hello world'); | ||
|
|
||
| Promise.all([ | ||
| sign('sha256', data, privateKey), | ||
| sign('sha256', data, privateKey), | ||
| sign('sha256', data, privateKey), | ||
| ]).then(([signature]) => { | ||
| return Promise.all([ | ||
| verify('sha256', data, publicKey, signature), | ||
| verify('sha256', data, publicKey, signature), | ||
| verify('sha256', data, publicKey, signature), | ||
| ]).then(common.mustCall()); | ||
| }) | ||
| .catch(common.mustNotCall()); | ||
| } | ||
| it('handles RSA with default padding', () => { | ||
| test('rsa_public.pem', 'rsa_private.pem', 'sha256', true); | ||
| test('rsa_public.pem', 'rsa_private.pem', 'sha256', true, | ||
| { padding: crypto.constants.RSA_PKCS1_PADDING }); | ||
| }); | ||
|
|
||
| it('handles RSA with PSS padding', () => { | ||
| test('rsa_public.pem', 'rsa_private.pem', 'sha256', false, | ||
| { padding: crypto.constants.RSA_PKCS1_PSS_PADDING }); | ||
| test('rsa_public.pem', 'rsa_private.pem', 'sha256', false, | ||
| { | ||
| padding: crypto.constants.RSA_PKCS1_PSS_PADDING, | ||
| saltLength: crypto.constants.RSA_PSS_SALTLEN_MAX_SIGN | ||
| }); | ||
| }); | ||
|
|
||
| it('handles RSA with PSS_PADDING and PSS_SALTLEN_DIGEST', () => { | ||
| test('rsa_public.pem', 'rsa_private.pem', 'sha256', false, | ||
| { | ||
| padding: crypto.constants.RSA_PKCS1_PSS_PADDING, | ||
| saltLength: crypto.constants.RSA_PSS_SALTLEN_DIGEST | ||
| }); | ||
| }); | ||
|
|
||
| it('handles ED25519', () => { | ||
| test('ed25519_public.pem', 'ed25519_private.pem', undefined, true); | ||
| }); | ||
|
|
||
| it('handles ED448', () => { | ||
| test('ed448_public.pem', 'ed448_private.pem', undefined, true); | ||
| }); | ||
|
|
||
| it('handles ECDSA with der signature encoding', () => { | ||
| test('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384', | ||
| false); | ||
| test('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384', | ||
| false, { dsaEncoding: 'der' }); | ||
| }); | ||
|
|
||
| it('handles ECDSA with ieee-p1363 signature encoding', () => { | ||
| test('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384', false, | ||
| { dsaEncoding: 'ieee-p1363' }); | ||
| }); | ||
|
|
||
| it('handles DSA with der signature encoding', () => { | ||
| test('dsa_public.pem', 'dsa_private.pem', 'sha256', false); | ||
| test('dsa_public.pem', 'dsa_private.pem', 'sha256', | ||
| false, { dsaEncoding: 'der' }); | ||
| }); | ||
|
|
||
| it('handles DSA with ieee-p1363 signature encoding', () => { | ||
| test('dsa_public.pem', 'dsa_private.pem', 'sha256', false, | ||
| { dsaEncoding: 'ieee-p1363' }); | ||
| }); | ||
|
|
||
| it('handles concurrency', async () => { | ||
| const publicKey = { | ||
| key: crypto.createPublicKey( | ||
| fixtures.readKey('ec_p256_public.pem')), | ||
| dsaEncoding: 'ieee-p1363', | ||
| }; | ||
| const privateKey = { | ||
| key: crypto.createPrivateKey( | ||
| fixtures.readKey('ec_p256_private.pem')), | ||
| dsaEncoding: 'ieee-p1363', | ||
| }; | ||
|
|
||
| const sign = util.promisify(crypto.sign); | ||
| const verify = util.promisify(crypto.verify); | ||
|
|
||
| const data = Buffer.from('hello world'); | ||
|
|
||
| await Promise.all([ | ||
| sign('sha256', data, privateKey), | ||
| sign('sha256', data, privateKey), | ||
| sign('sha256', data, privateKey), | ||
| ]).then(([signature]) => { | ||
| return Promise.all([ | ||
| verify('sha256', data, publicKey, signature), | ||
| verify('sha256', data, publicKey, signature), | ||
| verify('sha256', data, publicKey, signature), | ||
| ]).then(common.mustCall()); | ||
| }) | ||
| .catch(common.mustNotCall()); | ||
| }); | ||
| }); | ||
|
|
||
| /* eslint-enable node-core/crypto-check */ |