From a620fc0276a39f22dd4f37336191f7e5854e3fcd Mon Sep 17 00:00:00 2001 From: Daniel Huigens Date: Mon, 14 Sep 2020 18:09:32 +0200 Subject: [PATCH] Don't use unexported low-level functions in tests --- test/crypto/ecdh.js | 160 ++++++++++++++++++++++++++-------------- test/crypto/elliptic.js | 51 ++++++------- test/crypto/rsa.js | 108 +++++++++++---------------- 3 files changed, 171 insertions(+), 148 deletions(-) diff --git a/test/crypto/ecdh.js b/test/crypto/ecdh.js index 7bb22004..7c2eec5c 100644 --- a/test/crypto/ecdh.js +++ b/test/crypto/ecdh.js @@ -199,86 +199,132 @@ module.exports = () => describe('ECDH key exchange @lightweight', function () { } describe('ECDHE key generation', function () { - it('Invalid curve', function (done) { + it('Invalid curve', async function () { if (!openpgp.config.useIndutnyElliptic && !openpgp.util.getNodeCrypto()) { this.skip(); } - expect(genPublicEphemeralKey("secp256k1", Q1, fingerprint1) - ).to.be.rejectedWith(Error, /Public key is not valid for specified curve|Failed to translate Buffer to a EC_POINT|Unknown point format/).notify(done); + const { key: publicKey } = await openpgp.generateKey({ curve: "secp256k1", userIds: [{ name: 'Test' }] }); + publicKey.subKeys[0].keyPacket.publicParams.Q = Q1; + publicKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + await expect( + openpgp.encrypt({ publicKeys: [publicKey], message: openpgp.Message.fromText('test') }) + ).to.be.rejectedWith(Error, /Public key is not valid for specified curve|Failed to translate Buffer to a EC_POINT|Unknown point format/); }); it('Invalid public part of ephemeral key and private key', async function () { - const ECDHE_VZ1 = await genPublicEphemeralKey("curve25519", Q1, fingerprint1); - const ECDHE_Z12 = await genPrivateEphemeralKey("curve25519", ECDHE_VZ1.V, Q2, d2, fingerprint1); - expect(Array.from(ECDHE_Z12).join(' ') === Array.from(ECDHE_VZ1.Z).join(' ')).to.be.false; + const { key: publicKey } = await openpgp.generateKey({ curve: "curve25519", userIds: [{ name: 'Test' }] }); + publicKey.subKeys[0].keyPacket.publicParams.Q = Q1; + publicKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const { key: privateKey } = await openpgp.generateKey({ curve: "curve25519", userIds: [{ name: 'Test' }] }); + privateKey.subKeys[0].keyPacket.publicParams.Q = Q2; + privateKey.subKeys[0].keyPacket.privateParams.d = d2; + privateKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const message = await openpgp.encrypt({ publicKeys: [publicKey], message: openpgp.Message.fromText('test') }); + await expect( + openpgp.decrypt({ privateKeys: [privateKey], message: await openpgp.readArmoredMessage(message) }) + ).to.be.rejectedWith('Error decrypting message: Key Data Integrity failed'); }); it('Invalid fingerprint', async function () { - const ECDHE_VZ2 = await genPublicEphemeralKey("curve25519", Q2, fingerprint1); - const ECDHE_Z2 = await genPrivateEphemeralKey("curve25519", ECDHE_VZ2.V, Q2, d2, fingerprint2); - expect(Array.from(ECDHE_Z2).join(' ') === Array.from(ECDHE_VZ2.Z).join(' ')).to.be.false; + const { key: publicKey } = await openpgp.generateKey({ curve: "curve25519", userIds: [{ name: 'Test' }] }); + publicKey.subKeys[0].keyPacket.publicParams.Q = Q1; + publicKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const { key: privateKey } = await openpgp.generateKey({ curve: "curve25519", userIds: [{ name: 'Test' }] }); + privateKey.subKeys[0].keyPacket.publicParams.Q = Q2; + privateKey.subKeys[0].keyPacket.privateParams.d = d2; + privateKey.subKeys[0].keyPacket.fingerprint = fingerprint2; + const message = await openpgp.encrypt({ publicKeys: [publicKey], message: openpgp.Message.fromText('test') }); + await expect( + openpgp.decrypt({ privateKeys: [privateKey], message: await openpgp.readArmoredMessage(message) }) + ).to.be.rejectedWith('Error decrypting message: Session key decryption failed'); }); it('Different keys', async function () { - const ECDHE_VZ1 = await genPublicEphemeralKey("curve25519", Q1, fingerprint1); - const ECDHE_VZ2 = await genPublicEphemeralKey("curve25519", Q2, fingerprint1); - const ECDHE_Z1 = await genPrivateEphemeralKey("curve25519", ECDHE_VZ1.V, Q1, d1, fingerprint1); - expect(Array.from(ECDHE_Z1).join(' ') === Array.from(ECDHE_VZ2.Z).join(' ')).to.be.false; + const { key: publicKey } = await openpgp.generateKey({ curve: "curve25519", userIds: [{ name: 'Test' }] }); + publicKey.subKeys[0].keyPacket.publicParams.Q = Q2; + publicKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const { key: privateKey } = await openpgp.generateKey({ curve: "curve25519", userIds: [{ name: 'Test' }] }); + privateKey.subKeys[0].keyPacket.publicParams.Q = Q1; + privateKey.subKeys[0].keyPacket.privateParams.d = d1; + privateKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const message = await openpgp.encrypt({ publicKeys: [publicKey], message: openpgp.Message.fromText('test') }); + await expect( + openpgp.decrypt({ privateKeys: [privateKey], message: await openpgp.readArmoredMessage(message) }) + ).to.be.rejectedWith('Error decrypting message: Key Data Integrity failed'); }); it('Successful exchange curve25519', async function () { - const ECDHE_VZ1 = await genPublicEphemeralKey("curve25519", Q1, fingerprint1); - const ECDHE_Z1 = await genPrivateEphemeralKey("curve25519", ECDHE_VZ1.V, Q1, d1, fingerprint1); - expect(Array.from(ECDHE_Z1).join(' ') === Array.from(ECDHE_VZ1.Z).join(' ')).to.be.true; + const { key: publicKey } = await openpgp.generateKey({ curve: "curve25519", userIds: [{ name: 'Test' }] }); + publicKey.subKeys[0].keyPacket.publicParams.Q = Q1; + publicKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const { key: privateKey } = await openpgp.generateKey({ curve: "curve25519", userIds: [{ name: 'Test' }] }); + privateKey.subKeys[0].keyPacket.publicParams.Q = Q1; + privateKey.subKeys[0].keyPacket.privateParams.d = d1; + privateKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const message = await openpgp.encrypt({ publicKeys: [publicKey], message: openpgp.Message.fromText('test') }); + expect(( + await openpgp.decrypt({ privateKeys: [privateKey], message: await openpgp.readArmoredMessage(message) }) + ).data).to.equal('test'); }); it('Successful exchange NIST P256', async function () { - const ECDHE_VZ1 = await genPublicEphemeralKey("p256", key_data.p256.pub, fingerprint1); - const ECDHE_Z1 = await genPrivateEphemeralKey("p256", ECDHE_VZ1.V, key_data.p256.pub, key_data.p256.priv, fingerprint1); - expect(Array.from(ECDHE_Z1).join(' ') === Array.from(ECDHE_VZ1.Z).join(' ')).to.be.true; + const { key: publicKey } = await openpgp.generateKey({ curve: "p256", userIds: [{ name: 'Test' }] }); + publicKey.subKeys[0].keyPacket.publicParams.Q = key_data.p256.pub; + publicKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const { key: privateKey } = await openpgp.generateKey({ curve: "p256", userIds: [{ name: 'Test' }] }); + privateKey.subKeys[0].keyPacket.publicParams.Q = key_data.p256.pub; + privateKey.subKeys[0].keyPacket.privateParams.d = key_data.p256.priv; + privateKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const message = await openpgp.encrypt({ publicKeys: [publicKey], message: openpgp.Message.fromText('test') }); + expect(( + await openpgp.decrypt({ privateKeys: [privateKey], message: await openpgp.readArmoredMessage(message) }) + ).data).to.equal('test'); }); it('Successful exchange NIST P384', async function () { - const ECDHE_VZ1 = await genPublicEphemeralKey("p384", key_data.p384.pub, fingerprint1); - const ECDHE_Z1 = await genPrivateEphemeralKey("p384", ECDHE_VZ1.V, key_data.p384.pub, key_data.p384.priv, fingerprint1); - expect(Array.from(ECDHE_Z1).join(' ') === Array.from(ECDHE_VZ1.Z).join(' ')).to.be.true; + const { key: publicKey } = await openpgp.generateKey({ curve: "p384", userIds: [{ name: 'Test' }] }); + publicKey.subKeys[0].keyPacket.publicParams.Q = key_data.p384.pub; + publicKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const { key: privateKey } = await openpgp.generateKey({ curve: "p384", userIds: [{ name: 'Test' }] }); + privateKey.subKeys[0].keyPacket.publicParams.Q = key_data.p384.pub; + privateKey.subKeys[0].keyPacket.privateParams.d = key_data.p384.priv; + privateKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const message = await openpgp.encrypt({ publicKeys: [publicKey], message: openpgp.Message.fromText('test') }); + expect(( + await openpgp.decrypt({ privateKeys: [privateKey], message: await openpgp.readArmoredMessage(message) }) + ).data).to.equal('test'); }); it('Successful exchange NIST P521', async function () { - const ECDHE_VZ1 = await genPublicEphemeralKey("p521", key_data.p521.pub, fingerprint1); - const ECDHE_Z1 = await genPrivateEphemeralKey("p521", ECDHE_VZ1.V, key_data.p521.pub, key_data.p521.priv, fingerprint1); - expect(Array.from(ECDHE_Z1).join(' ') === Array.from(ECDHE_VZ1.Z).join(' ')).to.be.true; + const { key: publicKey } = await openpgp.generateKey({ curve: "p521", userIds: [{ name: 'Test' }] }); + publicKey.subKeys[0].keyPacket.publicParams.Q = key_data.p521.pub; + publicKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const { key: privateKey } = await openpgp.generateKey({ curve: "p521", userIds: [{ name: 'Test' }] }); + privateKey.subKeys[0].keyPacket.publicParams.Q = key_data.p521.pub; + privateKey.subKeys[0].keyPacket.privateParams.d = key_data.p521.priv; + privateKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const message = await openpgp.encrypt({ publicKeys: [publicKey], message: openpgp.Message.fromText('test') }); + expect(( + await openpgp.decrypt({ privateKeys: [privateKey], message: await openpgp.readArmoredMessage(message) }) + ).data).to.equal('test'); }); - it('Comparing keys derived using webCrypto and elliptic', async function () { + it('Comparing decrypting with useNative = true and false', async function () { const names = ["p256", "p384", "p521"]; - if (!openpgp.util.getWebCrypto() || !openpgp.config.useIndutnyElliptic) { - // eslint-disable-next-line no-invalid-this - this.skip(); - } return Promise.all(names.map(async function (name) { - const curve = new elliptic_curves.Curve(name); + const { key: publicKey } = await openpgp.generateKey({ curve: name, userIds: [{ name: 'Test' }] }); + publicKey.subKeys[0].keyPacket.publicParams.Q = key_data[name].pub; + publicKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const { key: privateKey } = await openpgp.generateKey({ curve: name, userIds: [{ name: 'Test' }] }); + privateKey.subKeys[0].keyPacket.publicParams.Q = key_data[name].pub; + privateKey.subKeys[0].keyPacket.privateParams.d = key_data[name].priv; + privateKey.subKeys[0].keyPacket.fingerprint = fingerprint1; + const message = await openpgp.encrypt({ publicKeys: [publicKey], message: openpgp.Message.fromText('test') }); + expect(( + await openpgp.decrypt({ privateKeys: [privateKey], message: await openpgp.readArmoredMessage(message) }) + ).data).to.equal('test'); + const useNative = openpgp.config.useNative; + openpgp.config.useNative = !useNative; try { - await window.crypto.subtle.generateKey({ - name: "ECDSA", - namedCurve: curve.web.web - }, false, ["sign", "verify"]); - } catch (err) { - openpgp.util.printDebugError(err); - return; + expect(( + await openpgp.decrypt({ privateKeys: [privateKey], message: await openpgp.readArmoredMessage(message) }) + ).data).to.equal('test'); + } finally { + openpgp.config.useNative = useNative; } - const ECDHE_VZ1 = await genPublicEphemeralKey(name, key_data[name].pub, fingerprint1); - const ECDHE_Z1 = await genPrivateEphemeralKeySpecific('ellipticPrivateEphemeralKey', name, ECDHE_VZ1.V, key_data[name].pub, key_data[name].priv, fingerprint1); - const ECDHE_Z2 = await genPrivateEphemeralKeySpecific('webPrivateEphemeralKey', name, ECDHE_VZ1.V, key_data[name].pub, key_data[name].priv, fingerprint1); - expect(Array.from(ECDHE_Z1).join(' ') === Array.from(ECDHE_VZ1.Z).join(' ')).to.be.true; - expect(Array.from(ECDHE_Z1).join(' ') === Array.from(ECDHE_Z2).join(' ')).to.be.true; - })); - }); - it('Comparing keys derived using nodeCrypto and elliptic', async function () { - const names = ["p256", "p384", "p521"]; - if (!openpgp.util.getNodeCrypto() || !openpgp.config.useIndutnyElliptic) { - // eslint-disable-next-line no-invalid-this - this.skip(); - } - return Promise.all(names.map(async function (name) { - const ECDHE_VZ1 = await genPublicEphemeralKey(name, key_data[name].pub, fingerprint1); - const ECDHE_Z1 = await genPrivateEphemeralKeySpecific('ellipticPrivateEphemeralKey', name, ECDHE_VZ1.V, key_data[name].pub, key_data[name].priv, fingerprint1); - const ECDHE_Z2 = await genPrivateEphemeralKeySpecific('nodePrivateEphemeralKey', name, ECDHE_VZ1.V, key_data[name].pub, key_data[name].priv, fingerprint1); - expect(Array.from(ECDHE_Z1).join(' ') === Array.from(ECDHE_VZ1.Z).join(' ')).to.be.true; - expect(Array.from(ECDHE_Z1).join(' ') === Array.from(ECDHE_Z2).join(' ')).to.be.true; })); }); }); diff --git a/test/crypto/elliptic.js b/test/crypto/elliptic.js index 47929612..bffb7dd9 100644 --- a/test/crypto/elliptic.js +++ b/test/crypto/elliptic.js @@ -94,12 +94,6 @@ module.exports = () => describe('Elliptic Curve Cryptography @lightweight', func ).to.eventually.be.true; }); }); - it('Shared secret generation', async function () { - const curve = new elliptic_curves.Curve('p256'); - const { sharedKey: shared1 } = await elliptic_curves.ecdh.genPrivateEphemeralKey(curve, signature_data.pub, key_data.p256.pub, key_data.p256.priv); - const { sharedKey: shared2 } = await elliptic_curves.ecdh.genPrivateEphemeralKey(curve, key_data.p256.pub, signature_data.pub, signature_data.priv); - expect(shared1).to.deep.equal(shared2); - }); }); describe('ECDSA signature', function () { const verify_signature = async function (oid, hash, r, s, message, pub) { @@ -113,17 +107,6 @@ module.exports = () => describe('Elliptic Curve Cryptography @lightweight', func oid, hash, { r: new Uint8Array(r), s: new Uint8Array(s) }, message, new Uint8Array(pub), await openpgp.crypto.hash.digest(hash, message) ); }; - const verify_signature_elliptic = async function (oid, hash, r, s, message, pub) { - if (openpgp.util.isString(message)) { - message = openpgp.util.strToUint8Array(message); - } else if (!openpgp.util.isUint8Array(message)) { - message = new Uint8Array(message); - } - const ecdsa = elliptic_curves.ecdsa; - return ecdsa.ellipticVerify( - new elliptic_curves.Curve(oid), { r: new Uint8Array(r), s: new Uint8Array(s) }, await openpgp.crypto.hash.digest(hash, message), new Uint8Array(pub) - ); - }; const secp256k1_point = new Uint8Array([ 0x04, 0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, @@ -176,14 +159,20 @@ module.exports = () => describe('Elliptic Curve Cryptography @lightweight', func )).to.eventually.be.false; } if (openpgp.config.useIndutnyElliptic) { - return Promise.all([ - expect(verify_signature_elliptic( - 'secp256k1', 8, [], [], [], [] - )).to.be.rejectedWith(Error, /Unknown point format/), - expect(verify_signature_elliptic( - 'secp256k1', 8, [], [], [], secp256k1_invalid_point_format - )).to.be.rejectedWith(Error, /Unknown point format/) - ]); + const useNative = openpgp.config.useNative; + openpgp.config.useNative = false; + try { + await Promise.all([ + expect(verify_signature( + 'secp256k1', 8, [], [], [], [] + )).to.be.rejectedWith(Error, /Unknown point format/), + expect(verify_signature( + 'secp256k1', 8, [], [], [], secp256k1_invalid_point_format + )).to.be.rejectedWith(Error, /Unknown point format/) + ]); + } finally { + openpgp.config.useNative = useNative; + } } }); it('Invalid point', async function () { @@ -196,9 +185,15 @@ module.exports = () => describe('Elliptic Curve Cryptography @lightweight', func )).to.eventually.be.false; } if (openpgp.config.useIndutnyElliptic) { - await expect(verify_signature_elliptic( - 'secp256k1', 8, [], [], [], secp256k1_invalid_point - )).to.be.rejectedWith(Error, /Invalid elliptic public key/); + const useNative = openpgp.config.useNative; + openpgp.config.useNative = false; + try { + await expect(verify_signature( + 'secp256k1', 8, [], [], [], secp256k1_invalid_point + )).to.be.rejectedWith(Error, /Invalid elliptic public key/); + } finally { + openpgp.config.useNative = useNative; + } } }); it('Invalid signature', function (done) { diff --git a/test/crypto/rsa.js b/test/crypto/rsa.js index 672c889f..3719f702 100644 --- a/test/crypto/rsa.js +++ b/test/crypto/rsa.js @@ -52,18 +52,23 @@ module.exports = () => (!native ? describe.skip : describe)('basic RSA cryptogra const { publicParams, privateParams } = await openpgp.crypto.generateParams(openpgp.enums.publicKey.rsaSign, bits); const { n, e, d, p, q, u } = { ...publicParams, ...privateParams }; const message = await openpgp.crypto.generateSessionKey('aes256'); - const encryptedBn = await openpgp.crypto.publicKey.rsa.bnEncrypt(message, n, e); - const decrypted1 = await openpgp.crypto.publicKey.rsa.nodeDecrypt(encryptedBn, n, e, d, p, q, u); - expect(decrypted1).to.deep.equal(message); - const encryptedNode = await openpgp.crypto.publicKey.rsa.nodeEncrypt(message, n, e); - const decrypted2 = await openpgp.crypto.publicKey.rsa.bnDecrypt(encryptedNode, n, e, d, p, q, u); - expect(decrypted2).to.deep.equal(message); + const useNative = openpgp.config.useNative; + try { + openpgp.config.useNative = false; + const encryptedBn = await openpgp.crypto.publicKey.rsa.encrypt(message, n, e); + openpgp.config.useNative = true; + const decrypted1 = await openpgp.crypto.publicKey.rsa.decrypt(encryptedBn, n, e, d, p, q, u); + expect(decrypted1).to.deep.equal(message); + const encryptedNode = await openpgp.crypto.publicKey.rsa.encrypt(message, n, e); + openpgp.config.useNative = false; + const decrypted2 = await openpgp.crypto.publicKey.rsa.decrypt(encryptedNode, n, e, d, p, q, u); + expect(decrypted2).to.deep.equal(message); + } finally { + openpgp.config.useNative = useNative; + } }); - it('compare webCrypto and bn math sign', async function() { - if (!openpgp.util.getWebCrypto()) { - this.skip(); - } + it('compare native crypto and bn math sign', async function() { const bits = openpgp.util.getWebCrypto() ? 2048 : 1024; const { publicParams, privateParams } = await openpgp.crypto.generateParams(openpgp.enums.publicKey.rsaSign, bits); const { n, e, d, p, q, u } = { ...publicParams, ...privateParams }; @@ -71,21 +76,25 @@ module.exports = () => (!native ? describe.skip : describe)('basic RSA cryptogra const hashName = 'sha256'; const hash_algo = openpgp.enums.write(openpgp.enums.hash, hashName); const hashed = await openpgp.crypto.hash.digest(hash_algo, message); - let signatureWeb; + const useNative = openpgp.config.useNative; try { - signatureWeb = await openpgp.crypto.publicKey.rsa.webSign('SHA-256', message, n, e, d, p, q, u, hashed); - } catch (error) { - openpgp.util.printDebugError('web crypto error'); - this.skip(); + openpgp.config.useNative = true; + let signatureWeb; + try { + signatureWeb = await openpgp.crypto.publicKey.rsa.sign(hash_algo, message, n, e, d, p, q, u, hashed); + } catch (error) { + openpgp.util.printDebugError('web crypto error'); + this.skip(); + } + openpgp.config.useNative = false; + const signatureBN = await openpgp.crypto.publicKey.rsa.sign(hash_algo, message, n, e, d, p, q, u, hashed); + expect(openpgp.util.uint8ArrayToHex(signatureWeb)).to.be.equal(openpgp.util.uint8ArrayToHex(signatureBN)); + } finally { + openpgp.config.useNative = useNative; } - const signatureBN = await openpgp.crypto.publicKey.rsa.bnSign(hash_algo, n, d, hashed); - expect(openpgp.util.uint8ArrayToHex(signatureWeb)).to.be.equal(openpgp.util.uint8ArrayToHex(signatureBN)); }); - it('compare webCrypto and bn math verify', async function() { - if (!openpgp.util.getWebCrypto()) { - this.skip(); - } + it('compare native crypto and bn math verify', async function() { const bits = openpgp.util.getWebCrypto() ? 2048 : 1024; const { publicParams, privateParams } = await openpgp.crypto.generateParams(openpgp.enums.publicKey.rsaSign, bits); const { n, e, d, p, q, u } = { ...publicParams, ...privateParams }; @@ -95,49 +104,22 @@ module.exports = () => (!native ? describe.skip : describe)('basic RSA cryptogra const hashed = await openpgp.crypto.hash.digest(hash_algo, message); let verifyWeb; let signature; + const useNative = openpgp.config.useNative; try { - signature = await openpgp.crypto.publicKey.rsa.webSign('SHA-256', message, n, e, d, p, q, u, hashed); - verifyWeb = await openpgp.crypto.publicKey.rsa.webVerify('SHA-256', message, signature, n, e); - } catch (error) { - openpgp.util.printDebugError('web crypto error'); - this.skip(); + openpgp.config.useNative = true; + try { + signature = await openpgp.crypto.publicKey.rsa.sign(hash_algo, message, n, e, d, p, q, u, hashed); + verifyWeb = await openpgp.crypto.publicKey.rsa.verify(hash_algo, message, signature, n, e); + } catch (error) { + openpgp.util.printDebugError('web crypto error'); + this.skip(); + } + openpgp.config.useNative = false; + const verifyBN = await openpgp.crypto.publicKey.rsa.verify(hash_algo, message, signature, n, e, hashed); + expect(verifyWeb).to.be.true; + expect(verifyBN).to.be.true; + } finally { + openpgp.config.useNative = useNative; } - const verifyBN = await openpgp.crypto.publicKey.rsa.bnVerify(hash_algo, signature, n, e, hashed); - expect(verifyWeb).to.be.true; - expect(verifyBN).to.be.true; - }); - - it('compare nodeCrypto and bn math sign', async function() { - if (!openpgp.util.getNodeCrypto()) { - this.skip(); - } - const bits = 1024; - const { publicParams, privateParams } = await openpgp.crypto.generateParams(openpgp.enums.publicKey.rsaSign, bits); - const { n, e, d, p, q, u } = { ...publicParams, ...privateParams }; - const message = await openpgp.crypto.random.getRandomBytes(64); - const hashName = 'sha256'; - const hash_algo = openpgp.enums.write(openpgp.enums.hash, hashName); - const hashed = await openpgp.crypto.hash.digest(hash_algo, message); - const signatureNode = await openpgp.crypto.publicKey.rsa.nodeSign(hash_algo, message, n, e, d, p, q, u); - const signatureBN = await openpgp.crypto.publicKey.rsa.bnSign(hash_algo, n, d, hashed); - expect(openpgp.util.uint8ArrayToHex(signatureNode)).to.be.equal(openpgp.util.uint8ArrayToHex(signatureBN)); - }); - - it('compare nodeCrypto and bn math verify', async function() { - if (!openpgp.util.getNodeCrypto()) { - this.skip(); - } - const bits = openpgp.util.getWebCrypto() ? 2048 : 1024; - const { publicParams, privateParams } = await openpgp.crypto.generateParams(openpgp.enums.publicKey.rsaSign, bits); - const { n, e, d, p, q, u } = { ...publicParams, ...privateParams }; - const message = await openpgp.crypto.random.getRandomBytes(64); - const hashName = 'sha256'; - const hash_algo = openpgp.enums.write(openpgp.enums.hash, hashName); - const hashed = await openpgp.crypto.hash.digest(hash_algo, message); - const signatureNode = await openpgp.crypto.publicKey.rsa.nodeSign(hash_algo, message, n, e, d, p, q, u); - const verifyNode = await openpgp.crypto.publicKey.rsa.nodeVerify(hash_algo, message, signatureNode, n, e); - const verifyBN = await openpgp.crypto.publicKey.rsa.bnVerify(hash_algo, signatureNode, n, e, hashed); - expect(verifyNode).to.be.true; - expect(verifyBN).to.be.true; }); });