Skip to content

Commit 0d1a8cd

Browse files
connor4312linuxwolf
connor4312
authored and
linuxwolf
committed
Update: Use native RSA/OpenSSL crypto whenever possible (#101)
* Use native Node crypto for key cracking when possible * Complete update to native RSA crypto * Address CR comments
1 parent 538829d commit 0d1a8cd

File tree

3 files changed

+63
-4
lines changed

3 files changed

+63
-4
lines changed

lib/algorithms/rsa-util.js

+19-1
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ function convertToForge(key, isPublic) {
2323
forge.pki.rsa.setPrivateKey;
2424
return fn.apply(forge.pki.rsa, parts);
2525
}
26+
2627
function convertToJWK(key, isPublic) {
2728
var result = clone(key);
2829
var parts = isPublic ?
@@ -49,7 +50,24 @@ function convertToJWK(key, isPublic) {
4950
return result;
5051
}
5152

53+
function convertToPem(key, isPublic) {
54+
if (key.__cachedPem) {
55+
return key.__cachedPem;
56+
}
57+
58+
var value;
59+
if (isPublic) {
60+
value = forge.pki.publicKeyToPem(convertToForge(key, isPublic));
61+
} else {
62+
value = forge.pki.privateKeyToPem(convertToForge(key, isPublic));
63+
}
64+
65+
Object.defineProperty(key, '__cachedPem', { value: value });
66+
return value;
67+
}
68+
5269
module.exports = {
5370
convertToForge: convertToForge,
54-
convertToJWK: convertToJWK
71+
convertToJWK: convertToJWK,
72+
convertToPem: convertToPem
5573
};

lib/algorithms/rsaes.js

+9-1
Original file line numberDiff line numberDiff line change
@@ -138,7 +138,15 @@ function rsaesDecryptFn(name) {
138138
webcrypto = null;
139139
}
140140

141-
return helpers.setupFallback(null, webcrypto, fallback);
141+
var nodejs;
142+
if (helpers.nodeCrypto && name === "RSA-OAEP") { // node only support SHA1, plain RSA-OAEP
143+
nodejs = function(key, pdata) {
144+
key = rsaUtil.convertToPem(key, false);
145+
return helpers.nodeCrypto.privateDecrypt(key, pdata);
146+
};
147+
}
148+
149+
return helpers.setupFallback(nodejs, webcrypto, fallback);
142150
}
143151

144152
// ### Public API

lib/algorithms/rsassa.js

+35-2
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,21 @@ function rsassaV15SignFn(name) {
6060
return promise;
6161
};
6262

63-
return helpers.setupFallback(null, webcrypto, fallback);
63+
var nodejs;
64+
if (helpers.nodeCrypto && helpers.nodeCrypto.getHashes().indexOf(hash) > -1) {
65+
nodejs = function(key, pdata) {
66+
key = rsaUtil.convertToPem(key, false);
67+
var sign = helpers.nodeCrypto.createSign(hash);
68+
sign.update(pdata);
69+
70+
return {
71+
data: pdata,
72+
mac: sign.sign(rsaUtil.convertToPem(key, false))
73+
};
74+
};
75+
}
76+
77+
return helpers.setupFallback(nodejs, webcrypto, fallback);
6478
}
6579

6680
function rsassaV15VerifyFn(name) {
@@ -118,7 +132,26 @@ function rsassaV15VerifyFn(name) {
118132
return promise;
119133
};
120134

121-
return helpers.setupFallback(null, webcrypto, fallback);
135+
var nodejs;
136+
if (helpers.nodeCrypto && helpers.nodeCrypto.getHashes().indexOf(md) > -1) {
137+
nodejs = function(key, pdata, mac) {
138+
var verify = helpers.nodeCrypto.createVerify(md);
139+
verify.update(pdata);
140+
verify.end();
141+
var result = verify.verify(rsaUtil.convertToPem(key, true), mac);
142+
if (!result) {
143+
return Promise.reject(new Error("verification failed"));
144+
}
145+
146+
return {
147+
data: pdata,
148+
mac: mac,
149+
valid: true,
150+
};
151+
};
152+
}
153+
154+
return helpers.setupFallback(nodejs, webcrypto, fallback);
122155
}
123156

124157
// ### RSA-PSS

0 commit comments

Comments
 (0)