it("publicEncrypt shall produce different encrypted string if call many times with the same input", function () { //xx var bob_public_key = crypto_utils.readCertificate('test/fixtures/certs/server_cert_1024.pem'); // 2048bit long key var bob_public_key = read_sshkey_as_pem('bob_id_rsa.pub'); // 2048bit long key var bob_private_key = read_private_rsa_key('bob_id_rsa'); var initialBuffer = new Buffer(loremIpsum.substr(0, 25)); var encryptedBuffer1 = crypto_utils.publicEncrypt_long(initialBuffer, bob_public_key, 256, 11); var encryptedBuffer2 = crypto_utils.publicEncrypt_long(initialBuffer, bob_public_key, 256, 11); encryptedBuffer1.toString("hex").should.not.equal(encryptedBuffer2.toString("hex")); var decryptedBuffer1 = crypto_utils.privateDecrypt_long(encryptedBuffer1, bob_private_key, 256); var decryptedBuffer2 = crypto_utils.privateDecrypt_long(encryptedBuffer2, bob_private_key, 256); decryptedBuffer1.toString("hex").should.equal(decryptedBuffer2.toString("hex")); });
it("Alice should be able to encrypt a message with bob's public key and Bob shall be able to decrypt it with his Private Key", function () { // see also : http://crypto.stackexchange.com/questions/5458/should-we-sign-then-encrypt-or-encrypt-then-sign // ------------------- this is Alice // // Alice want to send a message to Bob. // Alice want bob to be the only person that can read the message. // Alice will encrypt her message to bob using bob's public key. // // she will sign he message first with her private key var message = "My dear Bob, " + loremIpsum + "... Alice"; debugLog("length of original message = ", message.length); var alice_private_key = read_private_rsa_key('alice_id_rsa'); var bob_public_key = read_sshkey_as_pem('bob_id_rsa.pub'); var signature = crypto.createSign("RSA-SHA256").update(message).sign(alice_private_key); debugLog("signature = ", signature.toString("hex")); debugLog("signature length = ", signature.length); debugLog(bob_public_key); var encryptedMessage = crypto_utils.publicEncrypt_long(new Buffer(message), bob_public_key, 256, 42); debugLog("encrypted message=", encryptedMessage.toString("hex")); debugLog("length of encrypted message = ", encryptedMessage.length); // ------------------- this is Bob // Bob has received a encrypted message from Alice. // Bob must first decipher the message using its own private key var bob_private_key = read_private_rsa_key('bob_id_rsa'); var alice_public_key = read_sshkey_as_pem('alice_id_rsa.pub'); //xx encryptedMessage += "q"; var decryptedMessage = crypto_utils.privateDecrypt_long(encryptedMessage, bob_private_key, 256).toString(); debugLog("decrypted message=", decryptedMessage.toString()); // then Bob must also verify that the signature is matching crypto.createVerify("RSA-SHA256") .update(decryptedMessage) .verify(alice_public_key, signature).should.equal(true); // He wants to verify that the message is really from by Alice. // Alice has given Bob her public_key. // Bob uses Alice's public key to verify that the message is correct });
it("should encrypt a message with the server public key and decrypt it (1024bits RSA)", function () { var messageToEncrypt = new Buffer(require("test/helpers/lorem_ipsum").loremIpsum); var encryptedBuf = crypto_utils.publicEncrypt_long(messageToEncrypt, server_public_key, 128, 11); var decryptedBuf = crypto_utils.privateDecrypt_long(encryptedBuf, server_private_key, 128); decryptedBuf.toString("ascii").should.eql(messageToEncrypt.toString("ascii")); //Xx console.log("decryptedBuf",decryptedBuf.toString("ascii")); });
it("publicEncrypt_long should encrypt a 256 bytes buffer and return a encrypted buffer of 512 bytes", function () { var bob_public_key = read_sshkey_as_pem('bob_id_rsa.pub'); // 2048bit long key var initialBuffer = new Buffer(loremIpsum.substr(0, 256)); var encryptedBuffer = crypto_utils.publicEncrypt_long(initialBuffer, bob_public_key, 256, 11); encryptedBuffer.length.should.eql(256 * 2); var bob_private_key = read_private_rsa_key('bob_id_rsa'); var decryptedBuffer = crypto_utils.privateDecrypt_long(encryptedBuffer, bob_private_key, 256); decryptedBuffer.toString("ascii").should.eql(initialBuffer.toString("ascii")); });
function RSAOAEP_Decrypt(buffer, privateKey) { var block_size = crypto_utils.rsa_length(privateKey); return crypto_utils.privateDecrypt_long(buffer, privateKey, block_size, crypto_utils.RSA_PKCS1_OAEP_PADDING); }