@@ -1544,44 +1544,65 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
15441544 }
15451545}
15461546
1547- if ( ! common . hasOpenSSL3 ) {
1548- // Passing an empty passphrase string should not cause OpenSSL's default
1549- // passphrase prompt in the terminal.
1550- // See https://github.com/nodejs/node/issues/35898.
1551-
1552- for ( const type of [ 'pkcs1' , 'pkcs8' ] ) {
1553- generateKeyPair ( 'rsa' , {
1554- modulusLength : 1024 ,
1555- privateKeyEncoding : {
1556- type,
1557- format : 'pem' ,
1558- cipher : 'aes-256-cbc' ,
1559- passphrase : ''
1560- }
1561- } , common . mustSucceed ( ( publicKey , privateKey ) => {
1562- assert . strictEqual ( publicKey . type , 'public' ) ;
1547+ // Passing an empty passphrase string should not cause OpenSSL's default
1548+ // passphrase prompt in the terminal.
1549+ // See https://github.com/nodejs/node/issues/35898.
15631550
1564- for ( const passphrase of [ '' , Buffer . alloc ( 0 ) ] ) {
1565- const privateKeyObject = createPrivateKey ( {
1566- passphrase,
1567- key : privateKey
1568- } ) ;
1569- assert . strictEqual ( privateKeyObject . asymmetricKeyType , 'rsa' ) ;
1570- }
1551+ for ( const type of [ 'pkcs1' , 'pkcs8' ] ) {
1552+ generateKeyPair ( 'rsa' , {
1553+ modulusLength : 1024 ,
1554+ privateKeyEncoding : {
1555+ type,
1556+ format : 'pem' ,
1557+ cipher : 'aes-256-cbc' ,
1558+ passphrase : ''
1559+ }
1560+ } , common . mustSucceed ( ( publicKey , privateKey ) => {
1561+ assert . strictEqual ( publicKey . type , 'public' ) ;
15711562
1572- // Encrypting with an empty passphrase is not the same as not encrypting
1573- // the key, and not specifying a passphrase should fail when decoding it.
1574- assert . throws ( ( ) => {
1575- return testSignVerify ( publicKey , privateKey ) ;
1576- } , {
1577- name : 'TypeError' ,
1578- code : 'ERR_MISSING_PASSPHRASE' ,
1579- message : 'Passphrase required for encrypted key'
1563+ for ( const passphrase of [ '' , Buffer . alloc ( 0 ) ] ) {
1564+ const privateKeyObject = createPrivateKey ( {
1565+ passphrase,
1566+ key : privateKey
15801567 } ) ;
1581- } ) ) ;
1582- }
1568+ assert . strictEqual ( privateKeyObject . asymmetricKeyType , 'rsa' ) ;
1569+ }
1570+
1571+ // Encrypting with an empty passphrase is not the same as not encrypting
1572+ // the key, and not specifying a passphrase should fail when decoding it.
1573+ assert . throws ( ( ) => {
1574+ return testSignVerify ( publicKey , privateKey ) ;
1575+ } , common . hasOpenSSL3 ? {
1576+ name : 'Error' ,
1577+ code : 'ERR_OSSL_CRYPTO_INTERRUPTED_OR_CANCELLED' ,
1578+ message : 'error:07880109:common libcrypto routines::interrupted or cancelled'
1579+ } : {
1580+ name : 'TypeError' ,
1581+ code : 'ERR_MISSING_PASSPHRASE' ,
1582+ message : 'Passphrase required for encrypted key'
1583+ } ) ;
1584+ } ) ) ;
15831585}
15841586
1587+ // Passing an empty passphrase string should not throw ERR_OSSL_CRYPTO_MALLOC_FAILURE even on OpenSSL 3.
1588+ // Regression test for https://github.com/nodejs/node/issues/41428.
1589+ generateKeyPair ( 'rsa' , {
1590+ modulusLength : 4096 ,
1591+ publicKeyEncoding : {
1592+ type : 'spki' ,
1593+ format : 'pem'
1594+ } ,
1595+ privateKeyEncoding : {
1596+ type : 'pkcs8' ,
1597+ format : 'pem' ,
1598+ cipher : 'aes-256-cbc' ,
1599+ passphrase : ''
1600+ }
1601+ } , common . mustSucceed ( ( publicKey , privateKey ) => {
1602+ assert . strictEqual ( typeof publicKey , 'string' ) ;
1603+ assert . strictEqual ( typeof privateKey , 'string' ) ;
1604+ } ) ) ;
1605+
15851606{
15861607 // Proprietary Web Cryptography API ECDH/ECDSA namedCurve parameters
15871608 // should not be recognized in this API.
0 commit comments