Skip to content

Commit

Permalink
crypto: use correct webcrypto RSASSA-PKCS1-v1_5 algorithm name
Browse files Browse the repository at this point in the history
PR-URL: #38029
Refs: https://www.w3.org/TR/WebCryptoAPI/#rsassa-pkcs1
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
  • Loading branch information
panva committed Apr 3, 2021
1 parent a44392d commit c81d0fa
Show file tree
Hide file tree
Showing 10 changed files with 52 additions and 47 deletions.
4 changes: 2 additions & 2 deletions lib/internal/crypto/keygen.js
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ const {
kCryptoJobAsync,
kCryptoJobSync,
kKeyVariantRSA_PSS,
kKeyVariantRSA_SSA_PKCS1_V1_5,
kKeyVariantRSA_SSA_PKCS1_v1_5,
EVP_PKEY_ED25519,
EVP_PKEY_ED448,
EVP_PKEY_X25519,
Expand Down Expand Up @@ -183,7 +183,7 @@ function createJob(mode, type, options) {
if (type === 'rsa') {
return new RsaKeyPairGenJob(
mode,
kKeyVariantRSA_SSA_PKCS1_V1_5, // Used also for RSA-OAEP
kKeyVariantRSA_SSA_PKCS1_v1_5, // Used also for RSA-OAEP
modulusLength,
publicExponent,
...encoding);
Expand Down
4 changes: 2 additions & 2 deletions lib/internal/crypto/rsa.js
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ const {
kCryptoJobAsync,
kSignJobModeSign,
kSignJobModeVerify,
kKeyVariantRSA_SSA_PKCS1_V1_5,
kKeyVariantRSA_SSA_PKCS1_v1_5,
kKeyVariantRSA_PSS,
kKeyVariantRSA_OAEP,
kKeyTypePrivate,
Expand Down Expand Up @@ -66,7 +66,7 @@ const {
} = require('internal/crypto/keygen');

const kRsaVariants = {
'RSASSA-PKCS1-V1_5': kKeyVariantRSA_SSA_PKCS1_V1_5,
'RSASSA-PKCS1-v1_5': kKeyVariantRSA_SSA_PKCS1_v1_5,
'RSA-PSS': kKeyVariantRSA_PSS,
'RSA-OAEP': kKeyVariantRSA_OAEP,
};
Expand Down
57 changes: 31 additions & 26 deletions lib/internal/crypto/util.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ const {
BigInt,
FunctionPrototypeBind,
Number,
ObjectKeys,
Promise,
StringPrototypeToLowerCase,
StringPrototypeToUpperCase,
Symbol,
} = primordials;

Expand Down Expand Up @@ -159,31 +159,32 @@ const kAesKeyLengths = [128, 192, 256];

// These are the only algorithms we currently support
// via the Web Crypto API
const kAlgorithms = [
'rsassa-pkcs1-v1_5',
'rsa-pss',
'rsa-oaep',
'ecdsa',
'ecdh',
'aes-ctr',
'aes-cbc',
'aes-gcm',
'aes-kw',
'hmac',
'sha-1',
'sha-256',
'sha-384',
'sha-512',
'hkdf',
'pbkdf2',
const kAlgorithms = {
'rsassa-pkcs1-v1_5': 'RSASSA-PKCS1-v1_5',
'rsa-pss': 'RSA-PSS',
'rsa-oaep': 'RSA-OAEP',
'ecdsa': 'ECDSA',
'ecdh': 'ECDH',
'aes-ctr': 'AES-CTR',
'aes-cbc': 'AES-CBC',
'aes-gcm': 'AES-GCM',
'aes-kw': 'AES-KW',
'hmac': 'HMAC',
'sha-1': 'SHA-1',
'sha-256': 'SHA-256',
'sha-384': 'SHA-384',
'sha-512': 'SHA-512',
'hkdf': 'HKDF',
'pbkdf2': 'PBKDF2',
// Following here are Node.js specific extensions. All
// should be prefixed with 'node-'
'node-dsa',
'node-dh',
'node-scrypt',
'node-ed25519',
'node-ed448',
];
'node-dsa': 'NODE-DSA',
'node-dh': 'NODE-DH',
'node-scrypt': 'NODE-SCRYPT',
'node-ed25519': 'NODE-ED25519',
'node-ed448': 'NODE-ED448',
};
const kAlgorithmsKeys = ObjectKeys(kAlgorithms);

// These are the only export and import formats we currently
// support via the Web Crypto API
Expand Down Expand Up @@ -221,7 +222,7 @@ function normalizeAlgorithm(algorithm, label = 'algorithm') {
let hash;
if (typeof name !== 'string' ||
!ArrayPrototypeIncludes(
kAlgorithms,
kAlgorithmsKeys,
StringPrototypeToLowerCase(name))) {
throw lazyDOMException('Unrecognized name.', 'NotSupportedError');
}
Expand All @@ -230,7 +231,11 @@ function normalizeAlgorithm(algorithm, label = 'algorithm') {
if (!ArrayPrototypeIncludes(kHashTypes, hash.name))
throw lazyDOMException('Unrecognized name.', 'NotSupportedError');
}
return { ...algorithm, name: StringPrototypeToUpperCase(name), hash };
return {
...algorithm,
name: kAlgorithms[StringPrototypeToLowerCase(name)],
hash,
};
}
}
throw lazyDOMException('Unrecognized name.', 'NotSupportedError');
Expand Down
12 changes: 6 additions & 6 deletions lib/internal/crypto/webcrypto.js
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ async function generateKey(
validateBoolean(extractable, 'extractable');
validateArray(keyUsages, 'keyUsages');
switch (algorithm.name) {
case 'RSASSA-PKCS1-V1_5':
case 'RSASSA-PKCS1-v1_5':
// Fall through
case 'RSA-PSS':
// Fall through
Expand Down Expand Up @@ -199,7 +199,7 @@ async function deriveKey(

async function exportKeySpki(key) {
switch (key.algorithm.name) {
case 'RSASSA-PKCS1-V1_5':
case 'RSASSA-PKCS1-v1_5':
// Fall through
case 'RSA-PSS':
// Fall through
Expand Down Expand Up @@ -242,7 +242,7 @@ async function exportKeySpki(key) {

async function exportKeyPkcs8(key) {
switch (key.algorithm.name) {
case 'RSASSA-PKCS1-V1_5':
case 'RSASSA-PKCS1-v1_5':
// Fall through
case 'RSA-PSS':
// Fall through
Expand Down Expand Up @@ -321,7 +321,7 @@ async function exportKeyJWK(key) {
ext: key.extractable,
});
switch (key.algorithm.name) {
case 'RSASSA-PKCS1-V1_5':
case 'RSASSA-PKCS1-v1_5':
jwk.alg = normalizeHashName(
key.algorithm.hash.name,
normalizeHashName.kContextJwkRsa);
Expand Down Expand Up @@ -461,7 +461,7 @@ async function importKey(
validateBoolean(extractable, 'extractable');
validateArray(keyUsages, 'keyUsages');
switch (algorithm.name) {
case 'RSASSA-PKCS1-V1_5':
case 'RSASSA-PKCS1-v1_5':
// Fall through
case 'RSA-PSS':
// Fall through
Expand Down Expand Up @@ -588,7 +588,7 @@ function signVerify(algorithm, key, data, signature) {
switch (algorithm.name) {
case 'RSA-PSS':
// Fall through
case 'RSASSA-PKCS1-V1_5':
case 'RSASSA-PKCS1-v1_5':
return lazyRequire('internal/crypto/rsa')
.rsaSignVerify(key, data, algorithm, signature);
case 'NODE-ED25519':
Expand Down
2 changes: 1 addition & 1 deletion src/crypto/crypto_rsa.cc
Original file line number Diff line number Diff line change
Expand Up @@ -559,7 +559,7 @@ void Initialize(Environment* env, Local<Object> target) {
RSAKeyExportJob::Initialize(env, target);
RSACipherJob::Initialize(env, target);

NODE_DEFINE_CONSTANT(target, kKeyVariantRSA_SSA_PKCS1_V1_5);
NODE_DEFINE_CONSTANT(target, kKeyVariantRSA_SSA_PKCS1_v1_5);
NODE_DEFINE_CONSTANT(target, kKeyVariantRSA_PSS);
NODE_DEFINE_CONSTANT(target, kKeyVariantRSA_OAEP);
}
Expand Down
4 changes: 2 additions & 2 deletions src/crypto/crypto_rsa.h
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
namespace node {
namespace crypto {
enum RSAKeyVariant {
kKeyVariantRSA_SSA_PKCS1_V1_5,
kKeyVariantRSA_SSA_PKCS1_v1_5,
kKeyVariantRSA_PSS,
kKeyVariantRSA_OAEP
};
Expand Down Expand Up @@ -53,7 +53,7 @@ struct RsaKeyGenTraits final {
using RSAKeyPairGenJob = KeyGenJob<KeyPairGenTraits<RsaKeyGenTraits>>;

struct RSAKeyExportConfig final : public MemoryRetainer {
RSAKeyVariant variant = kKeyVariantRSA_SSA_PKCS1_V1_5;
RSAKeyVariant variant = kKeyVariantRSA_SSA_PKCS1_v1_5;
SET_NO_MEMORY_INFO()
SET_MEMORY_INFO_NAME(RSAKeyExportConfig)
SET_SELF_SIZE(RSAKeyExportConfig)
Expand Down
2 changes: 1 addition & 1 deletion test/parallel/test-webcrypto-export-import-rsa.js
Original file line number Diff line number Diff line change
Expand Up @@ -457,7 +457,7 @@ const testVectors = [
publicUsages: ['verify']
},
{
name: 'RSASSA-PKCS1-V1_5',
name: 'RSASSA-PKCS1-v1_5',
privateUsages: ['sign'],
publicUsages: ['verify']
},
Expand Down
4 changes: 2 additions & 2 deletions test/parallel/test-webcrypto-keygen.js
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ const vectors = {
],
mandatoryUsages: []
},
'RSASSA-PKCS1-V1_5': {
'RSASSA-PKCS1-v1_5': {
algorithm: {
modulusLength: 1024,
publicExponent: new Uint8Array([1, 0, 1]),
Expand Down Expand Up @@ -317,7 +317,7 @@ const vectors = {

const kTests = [
[
'RSASSA-PKCS1-V1_5',
'RSASSA-PKCS1-v1_5',
1024,
Buffer.from([1, 0, 1]),
'SHA-256',
Expand Down
8 changes: 4 additions & 4 deletions test/parallel/test-webcrypto-sign-verify.js
Original file line number Diff line number Diff line change
Expand Up @@ -11,23 +11,23 @@ const { subtle } = require('crypto').webcrypto;
// This is only a partial test. The WebCrypto Web Platform Tests
// will provide much greater coverage.

// Test Sign/Verify RSASSA-PKCS1-V1_5
// Test Sign/Verify RSASSA-PKCS1-v1_5
{
async function test(data) {
const ec = new TextEncoder();
const { publicKey, privateKey } = await subtle.generateKey({
name: 'RSASSA-PKCS1-V1_5',
name: 'RSASSA-PKCS1-v1_5',
modulusLength: 1024,
publicExponent: new Uint8Array([1, 0, 1]),
hash: 'SHA-256'
}, true, ['sign', 'verify']);

const signature = await subtle.sign({
name: 'RSASSA-PKCS1-V1_5'
name: 'RSASSA-PKCS1-v1_5'
}, privateKey, ec.encode(data));

assert(await subtle.verify({
name: 'RSASSA-PKCS1-V1_5'
name: 'RSASSA-PKCS1-v1_5'
}, publicKey, signature, ec.encode(data)));
}

Expand Down
2 changes: 1 addition & 1 deletion test/parallel/test-webcrypto-wrap-unwrap.js
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ async function generateKeysToWrap() {
const parameters = [
{
algorithm: {
name: 'RSASSA-PKCS1-V1_5',
name: 'RSASSA-PKCS1-v1_5',
modulusLength: 1024,
publicExponent: new Uint8Array([1, 0, 1]),
hash: 'SHA-256'
Expand Down

0 comments on commit c81d0fa

Please sign in to comment.