crypto: fix output of privateDecrypt with zero-length data

panva · aduh95 · commit 7611fc14de4e · 2025-04-01T11:19:10.000+02:00
closes #57553 closes #57572 closes #57558 PR-URL: #57575 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Darshan Sen <raisinten@gmail.com>
diff --git a/deps/ncrypto/ncrypto.cc b/deps/ncrypto/ncrypto.cc
@@ -215,7 +215,7 @@ Buffer<void> DataPointer::release(){
 DataPointer DataPointer::resize(size_t len){
 size_t actual_len = std::min(len_, len);
 auto buf = release();
- if (actual_len == len_) return DataPointer(buf);
+ if (actual_len == len_) return DataPointer(buf.data, actual_len);
 buf.data = OPENSSL_realloc(buf.data, actual_len);
 buf.len = actual_len;
 return DataPointer(buf);
diff --git a/test/parallel/test-crypto-oaep-zero-length.js b/test/parallel/test-crypto-oaep-zero-length.js
@@ -0,0 +1,56 @@
+'use strict';
+const common = require('../common');
+
+if (!common.hasCrypto)
+ common.skip('missing crypto');
+
+const fixtures = require('../common/fixtures');
+const assert = require('assert');
+const crypto = require('crypto');
+
+const{subtle } = globalThis.crypto;
+
+// Regression test for https://github.com/nodejs/node/issues/57553.
+{
+ const privateKey = crypto.createPrivateKey(fixtures.readKey('rsa_private.pem', 'ascii'));
+ const publicKey = crypto.createPublicKey(fixtures.readKey('rsa_public.pem', 'ascii'));
+
+ const data = Buffer.alloc(0);
+{
+
+ const ciphertext = crypto.publicEncrypt({
+ padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
+ key: publicKey,
+ }, data);
+
+ const plaintext = crypto.privateDecrypt({
+ padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
+ key: privateKey
+ }, ciphertext);
+
+ assert.deepStrictEqual(plaintext, data);
+ }
+
+{
+ const ciphertext = crypto.publicEncrypt(publicKey, data);
+ const plaintext = crypto.privateDecrypt(privateKey, ciphertext);
+
+ assert.deepStrictEqual(plaintext, data);
+ }
+
+{
+ (async () =>{
+ const pkcs8 = privateKey.export({format: 'der', type: 'pkcs8' });
+ const spki = publicKey.export({format: 'der', type: 'spki' });
+
+ const kp ={
+ privateKey: await subtle.importKey('pkcs8', pkcs8,{name: 'RSA-OAEP', hash: 'SHA-1' }, false, ['decrypt']),
+ publicKey: await subtle.importKey('spki', spki,{name: 'RSA-OAEP', hash: 'SHA-1' }, false, ['encrypt']),
+ };
+
+ const ciphertext = await subtle.encrypt('RSA-OAEP', kp.publicKey, data);
+ const plaintext = await subtle.decrypt('RSA-OAEP', kp.privateKey, ciphertext);
+ assert.deepStrictEqual(plaintext, data.buffer);
+ })().then(common.mustCall());
+ }
+}

-Original file line number
+Diff line change
@@ @@ -0,0 +1,56 @@ @@
 +'use strict';
 +constcommon=require('../common');
++
 +if(!common.hasCrypto)
 +common.skip('missing crypto');
++
 +constfixtures=require('../common/fixtures');
 +constassert=require('assert');
 +constcrypto=require('crypto');
++
 +const{ subtle }=globalThis.crypto;
++
 +// Regression test for https://github.com/nodejs/node/issues/57553.
 +{
 +constprivateKey=crypto.createPrivateKey(fixtures.readKey('rsa_private.pem','ascii'));
 +constpublicKey=crypto.createPublicKey(fixtures.readKey('rsa_public.pem','ascii'));
++
 +constdata=Buffer.alloc(0);
 +{
++
 +constciphertext=crypto.publicEncrypt({
 +padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
 +key: publicKey,
 +},data);
++
 +constplaintext=crypto.privateDecrypt({
 +padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
 +key: privateKey
 +},ciphertext);
++
 +assert.deepStrictEqual(plaintext,data);
 +}
++
 +{
 +constciphertext=crypto.publicEncrypt(publicKey,data);
 +constplaintext=crypto.privateDecrypt(privateKey,ciphertext);
++
 +assert.deepStrictEqual(plaintext,data);
 +}
++
 +{
 +(async()=>{
 +constpkcs8=privateKey.export({format: 'der',type: 'pkcs8'});
 +constspki=publicKey.export({format: 'der',type: 'spki'});
++
 +constkp={
 +privateKey: awaitsubtle.importKey('pkcs8',pkcs8,{name: 'RSA-OAEP',hash: 'SHA-1'},false,['decrypt']),
 +publicKey: awaitsubtle.importKey('spki',spki,{name: 'RSA-OAEP',hash: 'SHA-1'},false,['encrypt']),
 +};
++
 +constciphertext=awaitsubtle.encrypt('RSA-OAEP',kp.publicKey,data);
 +constplaintext=awaitsubtle.decrypt('RSA-OAEP',kp.privateKey,ciphertext);
 +assert.deepStrictEqual(plaintext,data.buffer);
 +})().then(common.mustCall());
 +}
 +}