We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 9cebe82 commit 10a7035Copy full SHA for 10a7035
benchmark/crypto/rsa-sign-verify-throughput.js
@@ -18,7 +18,7 @@ keylen_list.forEach(function(key) {
18
19
var bench = common.createBenchmark(main, {
20
writes: [500],
21
- algo: ['RSA-SHA1', 'RSA-SHA224', 'RSA-SHA256', 'RSA-SHA384', 'RSA-SHA512'],
+ algo: ['SHA1', 'SHA224', 'SHA256', 'SHA384', 'SHA512'],
22
keylen: keylen_list,
23
len: [1024, 102400, 2 * 102400, 3 * 102400, 1024 * 1024]
24
});
doc/api/crypto.md
@@ -842,28 +842,31 @@ of two ways:
842
- Using the [`sign.update()`][] and [`sign.sign()`][] methods to produce the
843
signature.
844
845
-The [`crypto.createSign()`][] method is used to create `Sign` instances. `Sign`
846
-objects are not to be created directly using the `new` keyword.
+The [`crypto.createSign()`][] method is used to create `Sign` instances. The
+argument is the string name of the hash function to use. `Sign` objects are not
847
+to be created directly using the `new` keyword.
848
849
Example: Using `Sign` objects as streams:
850
851
```js
852
const crypto = require('crypto');
-const sign = crypto.createSign('RSA-SHA256');
853
+const sign = crypto.createSign('SHA256');
854
855
sign.write('some data to sign');
856
sign.end();
857
858
const privateKey = getPrivateKeySomehow();
859
console.log(sign.sign(privateKey, 'hex'));
-// Prints: the calculated signature
860
+// Prints: the calculated signature using the specified private key and
861
+// SHA-256. For RSA keys, the algorithm is RSASSA-PKCS1-v1_5 (see padding
862
+// parameter below for RSASSA-PSS). For EC keys, the algorithm is ECDSA.
863
```
864
865
Example: Using the [`sign.update()`][] and [`sign.sign()`][] methods:
866
867
868
869
870
871
sign.update('some data to sign');
872
@@ -872,27 +875,22 @@ console.log(sign.sign(privateKey, 'hex'));
875
// Prints: the calculated signature
873
876
874
877
-A `Sign` instance can also be created by just passing in the digest
-algorithm name, in which case OpenSSL will infer the full signature algorithm
-from the type of the PEM-formatted private key, including algorithms that
878
-do not have directly exposed name constants, e.g. 'ecdsa-with-SHA256'.
+In some cases, a `Sign` instance can also be created by passing in a signature
879
+algorithm name, such as 'RSA-SHA256'. This will use the corresponding digest
880
+algorithm. This does not work for all signature algorithms, such as
881
+'ecdsa-with-SHA256'. Use digest names instead.
882
-Example: signing using ECDSA with SHA256
883
+Example: signing using legacy signature algorithm name
884
885
886
-const sign = crypto.createSign('sha256');
887
+const sign = crypto.createSign('RSA-SHA256');
888
889
890
-const privateKey =
-`-----BEGIN EC PRIVATE KEY-----
-MHcCAQEEIF+jnWY1D5kbVYDNvxxo/Y+ku2uJPDwS0r/VuPZQrjjVoAoGCCqGSM49
891
-AwEHoUQDQgAEurOxfSxmqIRYzJVagdZfMMSjRNNhB8i3mXyIMq704m2m52FdfKZ2
892
-pQhByd5eyj3lgZ7m7jbchtdgyOF8Io/1ng==
893
------END EC PRIVATE KEY-----`;
894
-
895
-console.log(sign.sign(privateKey).toString('hex'));
+const privateKey = getPrivateKeySomehow();
+console.log(sign.sign(privateKey, 'hex'));
+// Prints: the calculated signature
896
897
898
### sign.sign(private_key[, output_format])
@@ -965,7 +963,7 @@ Example: Using `Verify` objects as streams:
965
963
966
964
967
968
-const verify = crypto.createVerify('RSA-SHA256');
+const verify = crypto.createVerify('SHA256');
969
970
verify.write('some data to sign');
971
verify.end();
@@ -980,7 +978,7 @@ Example: Using the [`verify.update()`][] and [`verify.verify()`][] methods:
980
978
981
979
982
983
984
985
verify.update('some data to sign');
986
src/node_crypto.cc
@@ -3993,7 +3993,8 @@ void SignBase::CheckThrow(SignBase::Error error) {
3993
3994
static bool ApplyRSAOptions(EVP_PKEY* pkey, EVP_PKEY_CTX* pkctx, int padding,
3995
int salt_len) {
3996
- if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA2) {
+ if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA ||
3997
+ EVP_PKEY_id(pkey) == EVP_PKEY_RSA2) {
3998
if (EVP_PKEY_CTX_set_rsa_padding(pkctx, padding) <= 0)
3999
return false;
4000
if (padding == RSA_PKCS1_PSS_PADDING) {
@@ -4102,33 +4103,23 @@ static int Node_SignFinal(EVP_MD_CTX* mdctx, unsigned char* md,
4102
4103
if (!EVP_DigestFinal_ex(mdctx, m, &m_len))
4104
return rv;
4105
- if (mdctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
4106
- size_t sltmp = static_cast<size_t>(EVP_PKEY_size(pkey));
4107
- pkctx = EVP_PKEY_CTX_new(pkey, nullptr);
4108
- if (pkctx == nullptr)
4109
- goto err;
4110
- if (EVP_PKEY_sign_init(pkctx) <= 0)
4111
4112
- if (!ApplyRSAOptions(pkey, pkctx, padding, pss_salt_len))
4113
4114
- if (EVP_PKEY_CTX_set_signature_md(pkctx, mdctx->digest) <= 0)
4115
4116
- if (EVP_PKEY_sign(pkctx, md, &sltmp, m, m_len) <= 0)
4117
4118
- *sig_len = sltmp;
4119
- rv = 1;
4120
- err:
4121
- EVP_PKEY_CTX_free(pkctx);
4122
- return rv;
4123
- }
4124
4125
- if (mdctx->digest->sign == nullptr) {
4126
- EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
4127
- return 0;
4128
4129
4130
- return mdctx->digest->sign(mdctx->digest->type, m, m_len, md, sig_len,
4131
- pkey->pkey.ptr);
+ size_t sltmp = static_cast<size_t>(EVP_PKEY_size(pkey));
+ pkctx = EVP_PKEY_CTX_new(pkey, nullptr);
+ if (pkctx == nullptr)
+ goto err;
+ if (EVP_PKEY_sign_init(pkctx) <= 0)
+ if (!ApplyRSAOptions(pkey, pkctx, padding, pss_salt_len))
+ if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_md(mdctx)) <= 0)
+ if (EVP_PKEY_sign(pkctx, md, &sltmp, m, m_len) <= 0)
+ *sig_len = sltmp;
+ rv = 1;
+ err:
+ EVP_PKEY_CTX_free(pkctx);
+ return rv;
4132
}
4133
4134
SignBase::Error Sign::SignFinal(const char* key_pem,
test/fixtures/0-dns/create-cert.js
@@ -8,7 +8,7 @@ const BN = asn1.bignum;
8
const id_at_commonName = [ 2, 5, 4, 3 ];
9
const rsaEncryption = [1, 2, 840, 113549, 1, 1, 1];
10
const sha256WithRSAEncryption = [1, 2, 840, 113549, 1, 1, 11];
11
-const sigalg = 'RSA-SHA256';
+const digest = 'SHA256';
12
13
const private_key = fs.readFileSync('./0-dns-key.pem');
14
// public key file can be generated from the private key with
@@ -59,7 +59,7 @@ const tbs = {
59
60
const tbs_der = rfc5280.TBSCertificate.encode(tbs, 'der');
61
62
-const sign = crypto.createSign(sigalg);
+const sign = crypto.createSign(digest);
63
sign.update(tbs_der);
64
const signature = sign.sign(private_key);
65
test/parallel/test-crypto-binary-default.js
@@ -404,28 +404,28 @@ assert.throws(function() {
404
}, /^Error: Digest method not supported$/);
405
406
// Test signing and verifying
407
-const s1 = crypto.createSign('RSA-SHA1')
+const s1 = crypto.createSign('SHA1')
408
.update('Test123')
409
.sign(keyPem, 'base64');
410
-const s1Verified = crypto.createVerify('RSA-SHA1')
+const s1Verified = crypto.createVerify('SHA1')
411
.update('Test')
412
.update('123')
413
.verify(certPem, s1, 'base64');
414
assert.strictEqual(s1Verified, true, 'sign and verify (base 64)');
415
416
-const s2 = crypto.createSign('RSA-SHA256')
+const s2 = crypto.createSign('SHA256')
417
418
.sign(keyPem); // binary
419
-const s2Verified = crypto.createVerify('RSA-SHA256')
+const s2Verified = crypto.createVerify('SHA256')
420
421
422
.verify(certPem, s2); // binary
423
assert.strictEqual(s2Verified, true, 'sign and verify (binary)');
424
425
-const s3 = crypto.createSign('RSA-SHA1')
+const s3 = crypto.createSign('SHA1')
426
427
.sign(keyPem, 'buffer');
428
-const s3Verified = crypto.createVerify('RSA-SHA1')
+const s3Verified = crypto.createVerify('SHA1')
429
430
431
.verify(certPem, s3);
@@ -569,8 +569,8 @@ const d = crypto.createDiffieHellman(p, 'hex');
569
assert.strictEqual(d.verifyError, DH_NOT_SUITABLE_GENERATOR);
570
571
// Test RSA key signing/verification
572
-const rsaSign = crypto.createSign('RSA-SHA1');
573
-const rsaVerify = crypto.createVerify('RSA-SHA1');
+const rsaSign = crypto.createSign('SHA1');
+const rsaVerify = crypto.createVerify('SHA1');
574
assert.ok(rsaSign instanceof crypto.Sign);
575
assert.ok(rsaVerify instanceof crypto.Verify);
576
@@ -606,13 +606,13 @@ assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true);
606
'8195e0268da7eda23d9825ac43c724e86ceeee0d0d4465678652ccaf6501' +
607
'0ddfb299bedeb1ad';
608
609
- const sign = crypto.createSign('RSA-SHA256');
+ const sign = crypto.createSign('SHA256');
610
sign.update(input);
611
612
const output = sign.sign(privateKey, 'hex');
613
assert.strictEqual(output, signature);
614
615
- const verify = crypto.createVerify('RSA-SHA256');
+ const verify = crypto.createVerify('SHA256');
616
verify.update(input);
617
618
assert.strictEqual(verify.verify(publicKey, signature, 'hex'), true);
@@ -631,11 +631,11 @@ assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true);
631
632
// DSA signatures vary across runs so there is no static string to verify
633
// against
634
- const sign = crypto.createSign('DSS1');
+ const sign = crypto.createSign('SHA1');
635
636
const signature = sign.sign(privateKey, 'hex');
637
638
- const verify = crypto.createVerify('DSS1');
+ const verify = crypto.createVerify('SHA1');
639
640
641
test/parallel/test-crypto-rsa-dsa.js
@@ -132,8 +132,8 @@ test_rsa('RSA_PKCS1_PADDING');
132
test_rsa('RSA_PKCS1_OAEP_PADDING');
133
134
135
-let rsaSign = crypto.createSign('RSA-SHA1');
136
-let rsaVerify = crypto.createVerify('RSA-SHA1');
+let rsaSign = crypto.createSign('SHA1');
+let rsaVerify = crypto.createVerify('SHA1');
137
assert.ok(rsaSign);
138
assert.ok(rsaVerify);
139
@@ -152,19 +152,19 @@ rsaVerify.update(rsaPubPem);
152
assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true);
153
154
// Test RSA key signing/verification with encrypted key
155
-rsaSign = crypto.createSign('RSA-SHA1');
+rsaSign = crypto.createSign('SHA1');
156
rsaSign.update(rsaPubPem);
157
assert.doesNotThrow(() => {
158
const signOptions = { key: rsaKeyPemEncrypted, passphrase: 'password' };
159
rsaSignature = rsaSign.sign(signOptions, 'hex');
160
161
assert.strictEqual(rsaSignature, expectedSignature);
162
163
-rsaVerify = crypto.createVerify('RSA-SHA1');
+rsaVerify = crypto.createVerify('SHA1');
164
rsaVerify.update(rsaPubPem);
165
166
167
168
169
assert.throws(() => {
170
const signOptions = { key: rsaKeyPemEncrypted, passphrase: 'wrong' };
@@ -188,16 +188,28 @@ assert.throws(() => {
188
189
190
191
192
193
194
195
assert.strictEqual(signature, output);
196
197
198
199
200
201
+
202
+ // Test the legacy signature algorithm name.
203
+ const sign2 = crypto.createSign('RSA-SHA256');
204
+ sign2.update(input);
205
206
+ const output2 = sign2.sign(privateKey, 'hex');
207
+ assert.strictEqual(signature, output2);
208
209
+ const verify2 = crypto.createVerify('SHA256');
210
+ verify2.update(input);
211
212
+ assert.strictEqual(verify2.verify(publicKey, signature, 'hex'), true);
213
214
215
@@ -209,14 +221,24 @@ assert.throws(() => {
221
222
223
224
225
226
const signature = sign.sign(dsaKeyPem, 'hex');
227
216
228
217
229
218
230
219
231
assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true);
232
233
+ // Test the legacy 'DSS1' name.
234
+ const sign2 = crypto.createSign('DSS1');
235
236
+ const signature2 = sign2.sign(dsaKeyPem, 'hex');
237
238
+ const verify2 = crypto.createVerify('DSS1');
239
240
241
+ assert.strictEqual(verify2.verify(dsaPubPem, signature2, 'hex'), true);
220
242
243
244
@@ -226,7 +248,7 @@ assert.throws(() => {
248
const input = 'I AM THE WALRUS';
249
250
{
251
252
253
254
sign.sign({ key: dsaKeyPemEncrypted, passphrase: 'wrong' }, 'hex');
@@ -236,7 +258,7 @@ const input = 'I AM THE WALRUS';
258
259
260
261
262
263
264
let signature;
@@ -245,7 +267,7 @@ const input = 'I AM THE WALRUS';
245
267
signature = sign.sign(signOptions, 'hex');
246
268
247
269
270
271
272
273