denoland-deno/tests/node_compat/test/parallel/test-crypto-psychic-signatures.js

// deno-fmt-ignore-file
// deno-lint-ignore-file

// Copyright Joyent and Node contributors. All rights reserved. MIT license.
// Taken from Node 20.11.1
// This file is automatically generated by `tests/node_compat/runner/setup.ts`. Do not modify this file manually.

'use strict';
const common = require('../common');
if (!common.hasCrypto)
  common.skip('missing crypto');

const assert = require('assert');

const crypto = require('crypto');

// Tests for CVE-2022-21449
// https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/
// Dubbed "Psychic Signatures", these signatures bypassed the ECDSA signature
// verification implementation in Java in 15, 16, 17, and 18. OpenSSL is not
// (and was not) vulnerable so these are a precaution.

const vectors = {
  'ieee-p1363': [
    Buffer.from('0000000000000000000000000000000000000000000000000000000000000000' +
      '0000000000000000000000000000000000000000000000000000000000000000', 'hex'),
    Buffer.from('ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551' +
      'ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551', 'hex'),
  ],
  'der': [
    Buffer.from('3046022100' +
      '0000000000000000000000000000000000000000000000000000000000000000' +
      '022100' +
      '0000000000000000000000000000000000000000000000000000000000000000', 'hex'),
    Buffer.from('3046022100' +
      'ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551' +
      '022100' +
      'ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551', 'hex'),
  ],
};

const keyPair = crypto.generateKeyPairSync('ec', {
  namedCurve: 'P-256',
  publicKeyEncoding: {
    format: 'der',
    type: 'spki'
  },
});

const data = Buffer.from('Hello!');

for (const [encoding, signatures] of Object.entries(vectors)) {
  for (const signature of signatures) {
    const key = {
      key: keyPair.publicKey,
      format: 'der',
      type: 'spki',
      dsaEncoding: encoding,
    };

    // one-shot sync
    assert.strictEqual(
      crypto.verify(
        'sha256',
        data,
        key,
        signature,
      ),
      false,
    );

    // one-shot async
    crypto.verify(
      'sha256',
      data,
      key,
      signature,
      common.mustSucceed((verified) => assert.strictEqual(verified, false)),
    );

    // stream
    assert.strictEqual(
      crypto.createVerify('sha256')
        .update(data)
        .verify(key, signature),
      false,
    );

    // webcrypto
    globalThis.crypto.subtle.importKey(
      'spki',
      keyPair.publicKey,
      { name: 'ECDSA', namedCurve: 'P-256' },
      false,
      ['verify'],
    ).then((publicKey) => {
      return globalThis.crypto.subtle.verify(
        { name: 'ECDSA', hash: 'SHA-256' },
        publicKey,
        signature,
        data,
      );
    }).then(common.mustCall((verified) => {
      assert.strictEqual(verified, false);
    }));
  }
}
test: add node compat test cases (#27134) This PR enables node compat test cases found passing by using the tool added in #27122 The percentage of passing test case increases from 16.16% to 30.43% by this change. 2024-12-03 21:37:20 -05:00			`// deno-fmt-ignore-file`
			`// deno-lint-ignore-file`

			`// Copyright Joyent and Node contributors. All rights reserved. MIT license.`
			`// Taken from Node 20.11.1`
			// This file is automatically generated by `tests/node_compat/runner/setup.ts`. Do not modify this file manually.

			`'use strict';`
			`const common = require('../common');`
			`if (!common.hasCrypto)`
			`common.skip('missing crypto');`

			`const assert = require('assert');`

			`const crypto = require('crypto');`

			`// Tests for CVE-2022-21449`
			`// https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/`
			`// Dubbed "Psychic Signatures", these signatures bypassed the ECDSA signature`
			`// verification implementation in Java in 15, 16, 17, and 18. OpenSSL is not`
			`// (and was not) vulnerable so these are a precaution.`

			`const vectors = {`
			`'ieee-p1363': [`
			`Buffer.from('0000000000000000000000000000000000000000000000000000000000000000' +`
			`'0000000000000000000000000000000000000000000000000000000000000000', 'hex'),`
			`Buffer.from('ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551' +`
			`'ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551', 'hex'),`
			`],`
			`'der': [`
			`Buffer.from('3046022100' +`
			`'0000000000000000000000000000000000000000000000000000000000000000' +`
			`'022100' +`
			`'0000000000000000000000000000000000000000000000000000000000000000', 'hex'),`
			`Buffer.from('3046022100' +`
			`'ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551' +`
			`'022100' +`
			`'ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551', 'hex'),`
			`],`
			`};`

			`const keyPair = crypto.generateKeyPairSync('ec', {`
			`namedCurve: 'P-256',`
			`publicKeyEncoding: {`
			`format: 'der',`
			`type: 'spki'`
			`},`
			`});`

			`const data = Buffer.from('Hello!');`

			`for (const [encoding, signatures] of Object.entries(vectors)) {`
			`for (const signature of signatures) {`
			`const key = {`
			`key: keyPair.publicKey,`
			`format: 'der',`
			`type: 'spki',`
			`dsaEncoding: encoding,`
			`};`

			`// one-shot sync`
			`assert.strictEqual(`
			`crypto.verify(`
			`'sha256',`
			`data,`
			`key,`
			`signature,`
			`),`
			`false,`
			`);`

			`// one-shot async`
			`crypto.verify(`
			`'sha256',`
			`data,`
			`key,`
			`signature,`
			`common.mustSucceed((verified) => assert.strictEqual(verified, false)),`
			`);`

			`// stream`
			`assert.strictEqual(`
			`crypto.createVerify('sha256')`
			`.update(data)`
			`.verify(key, signature),`
			`false,`
			`);`

			`// webcrypto`
			`globalThis.crypto.subtle.importKey(`
			`'spki',`
			`keyPair.publicKey,`
			`{ name: 'ECDSA', namedCurve: 'P-256' },`
			`false,`
			`['verify'],`
			`).then((publicKey) => {`
			`return globalThis.crypto.subtle.verify(`
			`{ name: 'ECDSA', hash: 'SHA-256' },`
			`publicKey,`
			`signature,`
			`data,`
			`);`
			`}).then(common.mustCall((verified) => {`
			`assert.strictEqual(verified, false);`
			`}));`
			`}`
			`}`