crypto: fix key requirements in asymmetric cipher

tniessen · targos · commit be0b53d4b2f5 · 2019-12-01T16:58:48.000+01:00
PR-URL: #30249 Fixes: #30237 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: James M Snell <jasnell@gmail.com>
diff --git a/lib/internal/crypto/cipher.js b/lib/internal/crypto/cipher.js
@@ -66,11 +66,11 @@ function rsaFunctionFor(method, defaultPadding, keyType) {
 const publicEncrypt = rsaFunctionFor(_publicEncrypt, RSA_PKCS1_OAEP_PADDING,
                                      'public');
 const publicDecrypt = rsaFunctionFor(_publicDecrypt, RSA_PKCS1_PADDING,
-                                     'private');
+                                     'public');
 const privateEncrypt = rsaFunctionFor(_privateEncrypt, RSA_PKCS1_PADDING,
                                       'private');
 const privateDecrypt = rsaFunctionFor(_privateDecrypt, RSA_PKCS1_OAEP_PADDING,
-                                      'public');
+                                      'private');
 
 function getDecoder(decoder, encoding) {
   encoding = normalizeEncoding(encoding);
diff --git a/test/parallel/test-crypto-key-objects.js b/test/parallel/test-crypto-key-objects.js
@@ -15,8 +15,10 @@ const {
   createPrivateKey,
   KeyObject,
   randomBytes,
+  publicDecrypt,
   publicEncrypt,
-  privateDecrypt
+  privateDecrypt,
+  privateEncrypt
 } = require('crypto');
 
 const fixtures = require('../common/fixtures');
@@ -156,7 +158,16 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
   assert(Buffer.isBuffer(privateDER));
 
   const plaintext = Buffer.from('Hello world', 'utf8');
-  const ciphertexts = [
+  const testDecryption = (fn, ciphertexts, decryptionKeys) => {
+    for (const ciphertext of ciphertexts) {
+      for (const key of decryptionKeys) {
+        const deciphered = fn(key, ciphertext);
+        assert.deepStrictEqual(deciphered, plaintext);
+      }
+    }
+  };
+
+  testDecryption(privateDecrypt, [
     // Encrypt using the public key.
     publicEncrypt(publicKey, plaintext),
     publicEncrypt({ key: publicKey }, plaintext),
@@ -173,20 +184,25 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
     // DER-encoded data only.
     publicEncrypt({ format: 'der', type: 'pkcs1', key: publicDER }, plaintext),
     publicEncrypt({ format: 'der', type: 'pkcs1', key: privateDER }, plaintext)
-  ];
-
-  const decryptionKeys = [
+  ], [
     privateKey,
     { format: 'pem', key: privatePem },
     { format: 'der', type: 'pkcs1', key: privateDER }
-  ];
+  ]);
 
-  for (const ciphertext of ciphertexts) {
-    for (const key of decryptionKeys) {
-      const deciphered = privateDecrypt(key, ciphertext);
-      assert(plaintext.equals(deciphered));
-    }
-  }
+  testDecryption(publicDecrypt, [
+    privateEncrypt(privateKey, plaintext)
+  ], [
+    // Decrypt using the public key.
+    publicKey,
+    { format: 'pem', key: publicPem },
+    { format: 'der', type: 'pkcs1', key: publicDER },
+
+    // Decrypt using the private key.
+    privateKey,
+    { format: 'pem', key: privatePem },
+    { format: 'der', type: 'pkcs1', key: privateDER }
+  ]);
 }
 
 {
