crypto: reject unintended raw key format string input · nodejs/node@341947e
@@ -32,6 +32,50 @@ const { hasOpenSSL } = require('../common/crypto');
3232}
3333}
343435+// Raw key imports do not support strings.
36+{
37+const pubKeyObj = crypto.createPublicKey(
38+fixtures.readKey('ed25519_public.pem', 'ascii'));
39+const privKeyObj = crypto.createPrivateKey(
40+fixtures.readKey('ed25519_private.pem', 'ascii'));
41+42+const rawPub = pubKeyObj.export({ format: 'raw-public' });
43+const rawPriv = privKeyObj.export({ format: 'raw-private' });
44+45+for (const encoding of ['hex', 'base64', 'utf8', 'latin1', 'ascii']) {
46+assert.throws(() => crypto.createPublicKey({
47+key: rawPub.toString(encoding),
48+ encoding,
49+format: 'raw-public',
50+asymmetricKeyType: 'ed25519',
51+}), { code: 'ERR_INVALID_ARG_TYPE' });
52+53+assert.throws(() => crypto.createPrivateKey({
54+key: rawPriv.toString(encoding),
55+ encoding,
56+format: 'raw-private',
57+asymmetricKeyType: 'ed25519',
58+}), { code: 'ERR_INVALID_ARG_TYPE' });
59+}
60+}
61+62+// Raw seed imports do not support strings.
63+if (hasOpenSSL(3, 5)) {
64+const privKeyObj = crypto.createPrivateKey(
65+fixtures.readKey('ml_dsa_44_private.pem', 'ascii'));
66+67+const rawSeed = privKeyObj.export({ format: 'raw-seed' });
68+69+for (const encoding of ['hex', 'base64']) {
70+assert.throws(() => crypto.createPrivateKey({
71+key: rawSeed.toString(encoding),
72+ encoding,
73+format: 'raw-seed',
74+asymmetricKeyType: 'ml-dsa-44',
75+}), { code: 'ERR_INVALID_ARG_TYPE' });
76+}
77+}
78+3579// Key types that don't support raw-* formats
3680{
3781for (const [type, pub, priv] of [