Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit ff89b7b

Browse filesBrowse files
panvaaduh95
panva
authored and
aduh95
committed
crypto: ensure documented RSA-PSS saltLength default is used
PR-URL: #60662 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
1 parent ca878bc commit ff89b7b
Copy full SHA for ff89b7b

File tree

Expand file treeCollapse file tree

2 files changed

+44
-1
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

2 files changed

+44
-1
lines changed
Open diff view settings
Collapse file

‎lib/internal/crypto/sig.js‎

Copy file name to clipboardExpand all lines: lib/internal/crypto/sig.js
+7-1Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,8 @@ const {
5050
isArrayBufferView,
5151
} = require('internal/util/types');
5252

53+
const constants = internalBinding('constants').crypto;
54+
5355
function Sign(algorithm, options) {
5456
if (!(this instanceof Sign))
5557
return new Sign(algorithm, options);
@@ -85,7 +87,11 @@ function getPadding(options) {
8587
}
8688

8789
function getSaltLength(options) {
88-
return getIntOption('saltLength', options);
90+
let saltLength = getIntOption('saltLength', options);
91+
if (options.padding === constants.RSA_PKCS1_PSS_PADDING && saltLength === undefined) {
92+
saltLength = constants.RSA_PSS_SALTLEN_MAX_SIGN;
93+
}
94+
return saltLength;
8995
}
9096

9197
function getDSASignatureEncoding(options) {
Collapse file

‎test/parallel/test-crypto-rsa-pss-default-salt-length.js‎

Copy file name to clipboard
+37Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
'use strict';
2+
const common = require('../common');
3+
if (!common.hasCrypto)
4+
common.skip('missing crypto');
5+
6+
const assert = require('assert');
7+
const crypto = require('crypto');
8+
9+
const fixtures = require('../common/fixtures');
10+
11+
const privateKey = crypto.createPrivateKey(fixtures.readKey('rsa_private.pem', 'ascii'));
12+
const publicKey = crypto.createPublicKey(fixtures.readKey('rsa_public.pem', 'ascii'));
13+
14+
const data = crypto.randomBytes(32);
15+
16+
for (const digest of ['sha256', 'sha384', 'sha512']) {
17+
const hLen = crypto.hash(digest, data, 'buffer').byteLength;
18+
const maxSaltLength =
19+
privateKey.asymmetricKeyDetails.modulusLength / 8 - hLen - 2;
20+
21+
const sig = crypto.sign(digest, data, {
22+
key: privateKey,
23+
padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
24+
// No "saltLength" provided, documented default RSA_PSS_SALTLEN_MAX_SIGN expected
25+
});
26+
27+
assert.strictEqual(crypto.verify(
28+
digest,
29+
data,
30+
{
31+
key: publicKey,
32+
padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
33+
saltLength: maxSaltLength,
34+
},
35+
sig
36+
), true);
37+
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.