search

kjur / jsrsasign

The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES and JSON Web Signature/Token in pure JavaScript.
https://kjur.github.io/jsrsasign
Other
3.25k stars 646 forks source link

Encryption and decryption errors occur repeatedly #582

Closed yuanchangjian closed 1 year ago

yuanchangjian commented 1 year ago

` export class LYRSA extends LYObject implements ILYRSA { private _publicKey: string;

protected async getPublicKey(): Promise<string> {
    if (!this._publicKey) {
        const publicKey = await rootHttp.getPublicKey();
        this._publicKey = publicKey.pubSubjectKey;
    }
    return this._publicKey;
}

protected async getPrivateKey(): Promise<string> {
    throw new Error('Method not implemented.');
}

async encrypt(data: string): Promise<string> {
    const publicKey = await this.getPublicKey();
    const key = '-----BEGIN PUBLIC KEY-----\n' + publicKey + '\n-----END PUBLIC KEY-----';
    return hextob64(KJUR.crypto.Cipher.encrypt(data, KEYUTIL.getKey(key) as RSAKey, 'RSAOAEP256'));
}

async decrypt(data: string): Promise<string> {
    const privateKey = await this.getPrivateKey();
    const key = "-----BEGIN RSA PRIVATE KEY-----\n"+ privateKey + "\n" + "-----END RSA PRIVATE KEY-----"
    return KJUR.crypto.Cipher.decrypt(b64utohex(data), KEYUTIL.getKey(key) as RSAKey, 'RSAOAEP256');
}

} `

` const key = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kw0JFxZqgxISVe54G+ZHeyOoIpGr++DqplOQuijlR48GhkPjYd99J5DwQQXwb8lbNUPU7iwlQ7sqfNAMjk/CXmMM56th/jPlMEydZuzn+/SmNMPsVUd+Cn3dUMQMhZZZcNkFZuVuIzTSQsrjUah7dGdiozsKyriBbksiehO2i7Vc61PlTJOU/1PCgKHjsaw5qzB9Qfh2R/esM9miuiOKEiA4kupij3w7GTwi6NZ/VjSD+2uDgCpaIWjhxJQIT6kzE6hjx12wV94eMkKvkv9F/sZGmCBefFVzvahUmINTe4xGdainQ7aHZkYdHWJpnFm7N/u/MdNMAmawLv8RbKlwQIDAQAB" const pKey = "MIIEpAIBAAKCAQEA6kw0JFxZqgxISVe54G+ZHeyOoIpGr++DqplOQuijlR48GhkPjYd99J5DwQQXwb8lbNUPU7iwlQ7sqfNAMjk/CXmMM56th/jPlMEydZuzn+/SmNMPsVUd+Cn3dUMQMhZZZcNkFZuVuIzTSQsrjUah7dGdiozsKyriBbksiehO2i7Vc61PlTJOU/1PCgKHjsaw5qzB9Qfh2R/esM9miuiOKEiA4kupij3w7GTwi6NZ/VjSD+2uDgCpaIWjhxJQIT6kzE6hjx12wV94eMkKvkv9F/sZGmCBefFVzvahUmINTe4xGdainQ7aHZkYdHWJpnFm7N/u/MdNMAmawLv8RbKlwQIDAQABAoIBAHHckKZu/uAl0edaq6lHcqjZMkMQj+OmSV1Z3W+ksQKhy+F+9lD4XJzJYPHnNEhixSRLsoQkSCRYOWkqHrOJoHnRSPI5FenzX6XR8dy3yyZZnQXJ5GFwlPzqICkray58L/vFZdkeYDdssK1ZsVOZ1M3HRYF0lL0xvN+9KsjmTZO3qtG6yt8pL7EZW19AfZFEuNdD6EEV2cEB4zPT0gRWh+uAIIu+XYnSy4dEAqksQM/iiJ+CMrxJceTatfKLPXUdC8qI+IuUiUDwZLsu15C3G0E06DMk10wCSZjZEgDTM5hqWPUWahpUh5lQDW64zlZM3qm/cxcqfA3+VOMlagc/I7ECgYEA+Ft1QoiXPoCRCVYyJ8eiBS7xuMLk91kKyLF8vzi4XwXmy46T2TuPMGRDw+gGl65vS2TfHaD23VS12G90Jv6YyBOEo/A4g9ImpSwblI2kwl3vnR7t5R46gWUveed54QQec9UloEzfB9s0pXDhP9Eng1yo4yOFhC/cQKDd0I9jNUUCgYEA8YH8Mhq+dDmwaf8tvoG/3cEAF/g45qrY1wfPjFYhZGrgGKkpc6DmYTeugYCJFx+VBOtrA7O23lAjuAxhGLYE74KE0tzNQzSXllG0aJG++1Ive6DNu7UXXELaWYjxacojMbPH2e7HMTJTzgVvIOtTtBo5sSr3R6JpX0n+AfEXIE0CgYAR12AhG3biApJovUx1Fx5IiQrMXxPbwQXJTRbNFeII0X+299MfM+whadKEbFKs6tcL738nvbx+QeueVMNfWcLX/K72p/cnYR1tmDGTBmnjnKPuAZ7NatKBISe79ikHRSh64cEGNv9+rPynNei4kOnpwepQBuk8icOk0OmeZe6WkQKBgQDO221uZSXYW0lVoPJHiM8UW6l+3meue4u7sr79DxEO99P2i34rwhdSEeVwmu3RVoXHbvV8eEQb6zyM+l14Uv+rPnoSOnm+JJ/qaxVBtASHM3/kPnm5W4Uky0ZHBlrxJ+g5PCnj6vfGlbrebh0fbzGExCnCLHEddGkY60Gb3CrYyQKBgQCqAqg9InHjP0ma+Co7ptHYAzm46+Jq7QowsCl07SoTujVf9qaYpohdhqp8kXVonwUrQQ+PEwvtK4ORGA3FIPgfDXaV5g7gThsTGTZ11GAKuzdtQSCPRuRR1+wcxZaGF0WfLJw1Jvd8vKEt2qBJ+Jrlj4rnH2mZ9n3ZFEof14L7iQ=="

@register('LYTestRSA') class LYTestRSA extends LYRSA { protected getPublicKey(): Promise { return Promise.resolve(key); }

protected getPrivateKey(): Promise<string> {
    return Promise.resolve(pKey);
}

}

describe.only('LYEnv', function () { this.timeout(3000000);

const RSA = new LYTestRSA();

it('encrypt & decrypt', async () => {
    for (let i = 0; i < 10000; i++) {
        console.log(i)
        const data = 'ngzCT7HX5GK3gLaT';
        const encrypt = await RSA.encrypt(data);
        const decrypt = await RSA.decrypt(encrypt);
        assert.equal(decrypt, data);
    }
});

}); `

image

yuanchangjian commented 1 year ago

import { KJUR, hextob64, KEYUTIL, b64utohex, RSAKey } from 'jsrsasign';

yuanchangjian commented 1 year ago

image

yuanchangjian commented 1 year ago

image

kjur commented 1 year ago

I've tried encryption and decryption with your keys and data without your Promise codes 100 times. Then they didn't fail.

#!/usr/bin/env node
var rs = require("jsrsasign");

const key = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kw0JFxZqgxISVe54G+ZHeyOoIpGr++DqplOQuijlR48GhkPjYd99J5DwQQXwb8lbNUPU7iwlQ7sqfNAMjk/CXmMM56th/jPlMEydZuzn+/SmNMPsVUd+Cn3dUMQMhZZZcNkFZuVuIzTSQsrjUah7dGdiozsKyriBbksiehO2i7Vc61PlTJOU/1PCgKHjsaw5qzB9Qfh2R/esM9miuiOKEiA4kupij3w7GTwi6NZ/VjSD+2uDgCpaIWjhxJQIT6kzE6hjx12wV94eMkKvkv9F/sZGmCBefFVzvahUmINTe4xGdainQ7aHZkYdHWJpnFm7N/u/MdNMAmawLv8RbKlwQIDAQAB";
const pKey = "MIIEpAIBAAKCAQEA6kw0JFxZqgxISVe54G+ZHeyOoIpGr++DqplOQuijlR48GhkPjYd99J5DwQQXwb8lbNUPU7iwlQ7sqfNAMjk/CXmMM56th/jPlMEydZuzn+/SmNMPsVUd+Cn3dUMQMhZZZcNkFZuVuIzTSQsrjUah7dGdiozsKyriBbksiehO2i7Vc61PlTJOU/1PCgKHjsaw5qzB9Qfh2R/esM9miuiOKEiA4kupij3w7GTwi6NZ/VjSD+2uDgCpaIWjhxJQIT6kzE6hjx12wV94eMkKvkv9F/sZGmCBefFVzvahUmINTe4xGdainQ7aHZkYdHWJpnFm7N/u/MdNMAmawLv8RbKlwQIDAQABAoIBAHHckKZu/uAl0edaq6lHcqjZMkMQj+OmSV1Z3W+ksQKhy+F+9lD4XJzJYPHnNEhixSRLsoQkSCRYOWkqHrOJoHnRSPI5FenzX6XR8dy3yyZZnQXJ5GFwlPzqICkray58L/vFZdkeYDdssK1ZsVOZ1M3HRYF0lL0xvN+9KsjmTZO3qtG6yt8pL7EZW19AfZFEuNdD6EEV2cEB4zPT0gRWh+uAIIu+XYnSy4dEAqksQM/iiJ+CMrxJceTatfKLPXUdC8qI+IuUiUDwZLsu15C3G0E06DMk10wCSZjZEgDTM5hqWPUWahpUh5lQDW64zlZM3qm/cxcqfA3+VOMlagc/I7ECgYEA+Ft1QoiXPoCRCVYyJ8eiBS7xuMLk91kKyLF8vzi4XwXmy46T2TuPMGRDw+gGl65vS2TfHaD23VS12G90Jv6YyBOEo/A4g9ImpSwblI2kwl3vnR7t5R46gWUveed54QQec9UloEzfB9s0pXDhP9Eng1yo4yOFhC/cQKDd0I9jNUUCgYEA8YH8Mhq+dDmwaf8tvoG/3cEAF/g45qrY1wfPjFYhZGrgGKkpc6DmYTeugYCJFx+VBOtrA7O23lAjuAxhGLYE74KE0tzNQzSXllG0aJG++1Ive6DNu7UXXELaWYjxacojMbPH2e7HMTJTzgVvIOtTtBo5sSr3R6JpX0n+AfEXIE0CgYAR12AhG3biApJovUx1Fx5IiQrMXxPbwQXJTRbNFeII0X+299MfM+whadKEbFKs6tcL738nvbx+QeueVMNfWcLX/K72p/cnYR1tmDGTBmnjnKPuAZ7NatKBISe79ikHRSh64cEGNv9+rPynNei4kOnpwepQBuk8icOk0OmeZe6WkQKBgQDO221uZSXYW0lVoPJHiM8UW6l+3meue4u7sr79DxEO99P2i34rwhdSEeVwmu3RVoXHbvV8eEQb6zyM+l14Uv+rPnoSOnm+JJ/qaxVBtASHM3/kPnm5W4Uky0ZHBlrxJ+g5PCnj6vfGlbrebh0fbzGExCnCLHEddGkY60Gb3CrYyQKBgQCqAqg9InHjP0ma+Co7ptHYAzm46+Jq7QowsCl07SoTujVf9qaYpohdhqp8kXVonwUrQQ+PEwvtK4ORGA3FIPgfDXaV5g7gThsTGTZ11GAKuzdtQSCPRuRR1+wcxZaGF0WfLJw1Jvd8vKEt2qBJ+Jrlj4rnH2mZ9n3ZFEof14L7iQ==";
var data = "ngzCT7HX5GK3gLaT";

let pubkey = rs.KEYUTIL.getKey(rs.b64topem(key, "PUBLIC KEY"));
let prvkey = rs.KEYUTIL.getKey(rs.b64topem(pKey, "RSA PRIVATE KEY"));

let countSuccess = 0;
for (let i = 0; i < 100; i++) {
    //console.log(data);
    let hEnc = rs.KJUR.crypto.Cipher.encrypt(data, pubkey, "RSAOAEP256");
    //console.log(hEnc);
    let sDec = rs.KJUR.crypto.Cipher.decrypt(hEnc, prvkey, "RSAOAEP256");
    //console.log(sDec);
    if (data == sDec) countSuccess++;
}
console.log(`SUCCESS=${countSuccess} FAIL=${100 - countSuccess}`);

This shows:

SUCCESS=100 FAIL=0

It seems to having issue in your code. Thank you.

yuanchangjian commented 1 year ago

I've tried encryption and decryption with your keys and data without your Promise codes 100 times. Then they didn't fail.

#!/usr/bin/env node
var rs = require("jsrsasign");

const key = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kw0JFxZqgxISVe54G+ZHeyOoIpGr++DqplOQuijlR48GhkPjYd99J5DwQQXwb8lbNUPU7iwlQ7sqfNAMjk/CXmMM56th/jPlMEydZuzn+/SmNMPsVUd+Cn3dUMQMhZZZcNkFZuVuIzTSQsrjUah7dGdiozsKyriBbksiehO2i7Vc61PlTJOU/1PCgKHjsaw5qzB9Qfh2R/esM9miuiOKEiA4kupij3w7GTwi6NZ/VjSD+2uDgCpaIWjhxJQIT6kzE6hjx12wV94eMkKvkv9F/sZGmCBefFVzvahUmINTe4xGdainQ7aHZkYdHWJpnFm7N/u/MdNMAmawLv8RbKlwQIDAQAB";
const pKey = "MIIEpAIBAAKCAQEA6kw0JFxZqgxISVe54G+ZHeyOoIpGr++DqplOQuijlR48GhkPjYd99J5DwQQXwb8lbNUPU7iwlQ7sqfNAMjk/CXmMM56th/jPlMEydZuzn+/SmNMPsVUd+Cn3dUMQMhZZZcNkFZuVuIzTSQsrjUah7dGdiozsKyriBbksiehO2i7Vc61PlTJOU/1PCgKHjsaw5qzB9Qfh2R/esM9miuiOKEiA4kupij3w7GTwi6NZ/VjSD+2uDgCpaIWjhxJQIT6kzE6hjx12wV94eMkKvkv9F/sZGmCBefFVzvahUmINTe4xGdainQ7aHZkYdHWJpnFm7N/u/MdNMAmawLv8RbKlwQIDAQABAoIBAHHckKZu/uAl0edaq6lHcqjZMkMQj+OmSV1Z3W+ksQKhy+F+9lD4XJzJYPHnNEhixSRLsoQkSCRYOWkqHrOJoHnRSPI5FenzX6XR8dy3yyZZnQXJ5GFwlPzqICkray58L/vFZdkeYDdssK1ZsVOZ1M3HRYF0lL0xvN+9KsjmTZO3qtG6yt8pL7EZW19AfZFEuNdD6EEV2cEB4zPT0gRWh+uAIIu+XYnSy4dEAqksQM/iiJ+CMrxJceTatfKLPXUdC8qI+IuUiUDwZLsu15C3G0E06DMk10wCSZjZEgDTM5hqWPUWahpUh5lQDW64zlZM3qm/cxcqfA3+VOMlagc/I7ECgYEA+Ft1QoiXPoCRCVYyJ8eiBS7xuMLk91kKyLF8vzi4XwXmy46T2TuPMGRDw+gGl65vS2TfHaD23VS12G90Jv6YyBOEo/A4g9ImpSwblI2kwl3vnR7t5R46gWUveed54QQec9UloEzfB9s0pXDhP9Eng1yo4yOFhC/cQKDd0I9jNUUCgYEA8YH8Mhq+dDmwaf8tvoG/3cEAF/g45qrY1wfPjFYhZGrgGKkpc6DmYTeugYCJFx+VBOtrA7O23lAjuAxhGLYE74KE0tzNQzSXllG0aJG++1Ive6DNu7UXXELaWYjxacojMbPH2e7HMTJTzgVvIOtTtBo5sSr3R6JpX0n+AfEXIE0CgYAR12AhG3biApJovUx1Fx5IiQrMXxPbwQXJTRbNFeII0X+299MfM+whadKEbFKs6tcL738nvbx+QeueVMNfWcLX/K72p/cnYR1tmDGTBmnjnKPuAZ7NatKBISe79ikHRSh64cEGNv9+rPynNei4kOnpwepQBuk8icOk0OmeZe6WkQKBgQDO221uZSXYW0lVoPJHiM8UW6l+3meue4u7sr79DxEO99P2i34rwhdSEeVwmu3RVoXHbvV8eEQb6zyM+l14Uv+rPnoSOnm+JJ/qaxVBtASHM3/kPnm5W4Uky0ZHBlrxJ+g5PCnj6vfGlbrebh0fbzGExCnCLHEddGkY60Gb3CrYyQKBgQCqAqg9InHjP0ma+Co7ptHYAzm46+Jq7QowsCl07SoTujVf9qaYpohdhqp8kXVonwUrQQ+PEwvtK4ORGA3FIPgfDXaV5g7gThsTGTZ11GAKuzdtQSCPRuRR1+wcxZaGF0WfLJw1Jvd8vKEt2qBJ+Jrlj4rnH2mZ9n3ZFEof14L7iQ==";
var data = "ngzCT7HX5GK3gLaT";

let pubkey = rs.KEYUTIL.getKey(rs.b64topem(key, "PUBLIC KEY"));
let prvkey = rs.KEYUTIL.getKey(rs.b64topem(pKey, "RSA PRIVATE KEY"));

let countSuccess = 0;
for (let i = 0; i < 100; i++) {
    //console.log(data);
    let hEnc = rs.KJUR.crypto.Cipher.encrypt(data, pubkey, "RSAOAEP256");
    //console.log(hEnc);
    let sDec = rs.KJUR.crypto.Cipher.decrypt(hEnc, prvkey, "RSAOAEP256");
    //console.log(sDec);
    if (data == sDec) countSuccess++;
}
console.log(`SUCCESS=${countSuccess} FAIL=${100 - countSuccess}`);

This shows:

SUCCESS=100 FAIL=0

It seems to having issue in your code. Thank you.

image

Adding a little bit more frequency will make it appear

yuanchangjian commented 1 year ago

image

I encountered an issue when I increased the loop count using the use case you provided. Could you please try increasing the loop count and see if the issue persists?

yuanchangjian commented 1 year ago

@kjur

kjur commented 1 year ago

Hello @davedoesdev ,

Thank you so much for your contribution for RSA OAEP encryption and decryption. As reported above, your OAEP encryption function will occasionally generate wrong encrypted data which can't be decrypted. Failure rate is approxmately 0.5% or so.

Could you help me to fix it?

Here is a test code to reproduce the issue:

#!/usr/bin/env node

var rs = require("jsrsasign");

const key = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kw0JFxZqgxISVe54G+ZHeyOoIpGr++DqplOQuijlR48GhkPjYd99J5DwQQXwb8lbNUPU7iwlQ7sqfNAMjk/CXmMM56th/jPlMEydZuzn+/SmNMPsVUd+Cn3dUMQMhZZZcNkFZuVuIzTSQsrjUah7dGdiozsKyriBbksiehO2i7Vc61PlTJOU/1PCgKHjsaw5qzB9Qfh2R/esM9miuiOKEiA4kupij3w7GTwi6NZ/VjSD+2uDgCpaIWjhxJQIT6kzE6hjx12wV94eMkKvkv9F/sZGmCBefFVzvahUmINTe4xGdainQ7aHZkYdHWJpnFm7N/u/MdNMAmawLv8RbKlwQIDAQAB";
const pKey = "MIIEpAIBAAKCAQEA6kw0JFxZqgxISVe54G+ZHeyOoIpGr++DqplOQuijlR48GhkPjYd99J5DwQQXwb8lbNUPU7iwlQ7sqfNAMjk/CXmMM56th/jPlMEydZuzn+/SmNMPsVUd+Cn3dUMQMhZZZcNkFZuVuIzTSQsrjUah7dGdiozsKyriBbksiehO2i7Vc61PlTJOU/1PCgKHjsaw5qzB9Qfh2R/esM9miuiOKEiA4kupij3w7GTwi6NZ/VjSD+2uDgCpaIWjhxJQIT6kzE6hjx12wV94eMkKvkv9F/sZGmCBefFVzvahUmINTe4xGdainQ7aHZkYdHWJpnFm7N/u/MdNMAmawLv8RbKlwQIDAQABAoIBAHHckKZu/uAl0edaq6lHcqjZMkMQj+OmSV1Z3W+ksQKhy+F+9lD4XJzJYPHnNEhixSRLsoQkSCRYOWkqHrOJoHnRSPI5FenzX6XR8dy3yyZZnQXJ5GFwlPzqICkray58L/vFZdkeYDdssK1ZsVOZ1M3HRYF0lL0xvN+9KsjmTZO3qtG6yt8pL7EZW19AfZFEuNdD6EEV2cEB4zPT0gRWh+uAIIu+XYnSy4dEAqksQM/iiJ+CMrxJceTatfKLPXUdC8qI+IuUiUDwZLsu15C3G0E06DMk10wCSZjZEgDTM5hqWPUWahpUh5lQDW64zlZM3qm/cxcqfA3+VOMlagc/I7ECgYEA+Ft1QoiXPoCRCVYyJ8eiBS7xuMLk91kKyLF8vzi4XwXmy46T2TuPMGRDw+gGl65vS2TfHaD23VS12G90Jv6YyBOEo/A4g9ImpSwblI2kwl3vnR7t5R46gWUveed54QQec9UloEzfB9s0pXDhP9Eng1yo4yOFhC/cQKDd0I9jNUUCgYEA8YH8Mhq+dDmwaf8tvoG/3cEAF/g45qrY1wfPjFYhZGrgGKkpc6DmYTeugYCJFx+VBOtrA7O23lAjuAxhGLYE74KE0tzNQzSXllG0aJG++1Ive6DNu7UXXELaWYjxacojMbPH2e7HMTJTzgVvIOtTtBo5sSr3R6JpX0n+AfEXIE0CgYAR12AhG3biApJovUx1Fx5IiQrMXxPbwQXJTRbNFeII0X+299MfM+whadKEbFKs6tcL738nvbx+QeueVMNfWcLX/K72p/cnYR1tmDGTBmnjnKPuAZ7NatKBISe79ikHRSh64cEGNv9+rPynNei4kOnpwepQBuk8icOk0OmeZe6WkQKBgQDO221uZSXYW0lVoPJHiM8UW6l+3meue4u7sr79DxEO99P2i34rwhdSEeVwmu3RVoXHbvV8eEQb6zyM+l14Uv+rPnoSOnm+JJ/qaxVBtASHM3/kPnm5W4Uky0ZHBlrxJ+g5PCnj6vfGlbrebh0fbzGExCnCLHEddGkY60Gb3CrYyQKBgQCqAqg9InHjP0ma+Co7ptHYAzm46+Jq7QowsCl07SoTujVf9qaYpohdhqp8kXVonwUrQQ+PEwvtK4ORGA3FIPgfDXaV5g7gThsTGTZ11GAKuzdtQSCPRuRR1+wcxZaGF0WfLJw1Jvd8vKEt2qBJ+Jrlj4rnH2mZ9n3ZFEof14L7iQ==";
var data = "ngzCT7HX5GK3gLaT";

let pubkey = rs.KEYUTIL.getKey(rs.b64topem(key, "PUBLIC KEY"));
let prvkey = rs.KEYUTIL.getKey(rs.b64topem(pKey, "RSA PRIVATE KEY"));

let numTry = 1000;
let countSuccess = 0;
let countException = 0;
for (let i = 0; i < numTry; i++) {
    let hEnc, sDec;
    hEnc = pubkey.encryptOAEP(data, "sha256");
    try {
    sDec = prvkey.decryptOAEP(hEnc, "sha256");
    if (data == sDec) countSuccess++;
    } catch(ex) {
    console.log("DECRYPT FAILED");
    console.log(hEnc);
    countException++;
    }
}
console.log(`SUCCESS=${countSuccess} FAIL=${numTry - countSuccess - countException} EXCEPTION=${countException}`);

And below is its output:

DECRYPT FAILED
6a521cca0e3e0868e832804a9120e70c36d42c66091b7c18a64afc65ce17f59663bb4b58ea1bcd2ed4567b0052a68a3baeb6cd15b20b4f90cae371236ef4bf9c87c63438cd223e0962b86a973af9d3b58ccce453fe9fe79fae38a925569a32ff9a1d4a162acf4b401dbe2bad478d026bed4276df5ea41abddb7869c72df87ef0a8904819e99707f63bb8c28d834c092c8a848543eb7d08c5e2290d14173e93651a84bed20ed22ddd3ae346f6b9cbcdcb8af8e09385c966a8e54ea1978120dce28b544e58352ae3cc8b16ccc2d3e62d99a4ad32b6df026e1ccd16976c5598e9b821d83aa7884cea85db2b1be7357c05aa675c2d999290e648d4a14d7c2f33d2
DECRYPT FAILED
b05cb71730e546ebd346e8654b1881879c99dac51bb6baf5c815a4c298f38ae2cd637728b887026e0395e85a6ed3a8cc320cd66645a6905db4a7df108fad0f81f81c7eceb6732cc264a883342a0460a1d6237d0ab94c5a4edb2a2dd798688252f0cdacfe0368be8abcbdb97ef857b8a6f0d677d66472361aa79e9f5bde9160acf1c7f941b6f93e19a38432e115dda69113934807628e0b0905f6e359fb2b27c066103d279bcdb255b73aa55bc8ce0f158db0f5f629f86896958f7b687102e18a7a18d04d6a472b803a68d462242eefeefb8b0a684ca8905700223f4c9f1d2486344ee2735252f7e86aec1797355b343ed489e67dcd395fb88fffe3ece624d9
DECRYPT FAILED
263f463cdb7be8680091b098facd2210da443820006982239b8cb3f46c58e3c5753c52d1143c369898ae145aef68b5283b0b57bcffad42d21209b9efe9fa9a6c8b4900c3e02645d0b815a042975bc88f45cec33eb77e5bd2f1439029872531263d32d5d7bd8300a87f88f2f235e7a5d8a79eb7202633cb6d132ca1d4b2ba2a0cfb2a4682981e484b756e3ac3009a18db73032c43fe74aa4f2607173e23777e664d1b2db5b6e2a10f968f4c3c74d99beb648f570f533ca99ef738eefd38b0f1ce86e976ac4f1183ec460d9e34155cfcb62aa0df8ff107accb1ff1dab8ab8ebcdfe915c68984a98e16ea48604cbdd79541d051110533db09e30f45e75a15f698
DECRYPT FAILED
4b69ada7f41fa0d7dfab59a727d1d0b079d1c3e4fe8fa88d37ba047f946b90f23d76439f8341831d1b71109aecf5e767ccdb68be74895c7dbb1def047d1e7c2d011360cef616c81b58c7bced7e835b250cfac44af0a4a00b9431107ee537f3ec961357b550a282c4281be9766256ce8f07a405497a751d7726ef1dafe632ac1ece6f2c9998f984b0fae1ecca2c437d578e7ce1e8921c4277d33c4caf42f0d67843f7880066ee0191ce8035c4a39c48a94a2df7c80efff9ee63f6fc0ee3c33c62fd9f6731b3c5b0e1b834c7955fb69ebef9a438a61da61ff1c3c025f264b6e2566aa0b3ebdde49d36aa05ac1a6e3bfc3aa717dd86e69286939952cf086c9df0
DECRYPT FAILED
8c13344968905a02a867b05a9e1fd12f9d2d18966d84db1cd50ae36c549dae326a2c9f369572f2c4639624495c3a85171c758965f4608233422bc1cda3f2b4d87c21233f7338bbba0914ca8fe38102336068393c12b09e8977a9154522eadefde47d9b3ab897dd81618d79e099832b0ff4890659180ae70499b9bd9b020ac276d9780f4f82c028c4deb4b07c88ffd7b9da0b8eb0d93af26ac3f8531fcd5fbea03ead52941001fc0a1964d664333b8cc03397e637a138b38dd1b4b244f6d7b03c68b12053dc28c57c608c27247de3938cb583acfd11be916c0d0594240b395b950fe3327e0d05e8f777425816ab0fa2cd5fa5b42f806f1d32d9310e7de84400
DECRYPT FAILED
0e12454f6c1d2cdf7e6e982066b49c7edbf24d23ef393dacaf81d9dbb073961c9dc918e90c75f31e3a877e83b04eef3cb2e4fddd3d474bd526623bae5e6bc808bbd1622be7ea6a2e25aa333706cdc2821b7f68c02f8536ce3d51be0db6f3f260c1b2e103ebf5c78d0035515488e5a8500c46d28ccec096e4b3d26d0a1f67a05978a8fa77228d464aa48e90d0d27af0e9db5b1e7a5ddb64294bf7f3fdddcf8b34d34c3aeba17b05dc42b368452e32507f5c1a3047b9d882305369e79357e1b9cf0a541a91059b48197cd64e3486428d3dbcf1eb38a34e79f687ca0778cc0e3056f11fa67b9c45c7e4a34388919fd8c0b4b8af594fa0ccd31d9ca66f4dd30213
DECRYPT FAILED
ed47cabb9e654ae69a9c6b9899ab7007ffbb70c0226d5be10b9e56101fbb295cd12a173c581c139fcc8cda25df9f8ed5dc2894a808114af9629ef2f5260d02b7366ffe41630e1fd31f1bc6d6d758bf2f6198390133ebcff94b82b88b798e062695c37954b21692f5cc8f6cd555f2c34296706a75d84e3a6e893d663f7326cf472e08a31d3bc4f4659b3bd831a1607ec7c4cf3aad09e7f55f975eee2b081391870e237f2163dfa4219bc540dfbf0d7274637f8037949a1a0f87a8cb4f9607cf4900985c57f9d48c1394ea90c46a65f85165a7d7a4b6ba994ef9f510b8e98ddfc8fbbf6dcfe735bf7ed1d2e0448bc5a98af23471a2a7065ce92b9734c465838a
DECRYPT FAILED
bcc03ea3aa3efb89f9626dd4531cc918b3586d7a2d942c434b832c79b673e2d82f877f679f413d0426caa2978c377ecc865d7a165ee8afa637f65e20bbd7968118ef6190db2bd24cd591e394eeb812b939eda7c8a1dfc4b1bbdc16e105790751106c424ef7546479724b2b9c30a838660b6de26504ae6cc65bb373f0c1aa0aa3f4921d2fe3c8badbeb14dbc59332ffe461457ada3a8bb3784f402063b2cc47ff4d6705b64b3f1cf1f2e1412b377445e5617ec015db45c3409de5f00de56767eab6680c579fee7ed59cd27840422f6cb8bf8220966ba0edd5a12941d6a78d90c07d3059010d3e0a1b84897af05b75c2d3bf61b0fdc1d6cbe3b4a8acb13be544
DECRYPT FAILED
fbb3abf1b56094d5c6ffbaaaac0967464e10fad8f801b2e9ac45a82bd1f6a55c56ea9e248ac5d5e7db164bfdbf86f9a23d15390ec14d9413e9da8250f998441a1f55a7a07128877d8ee2049023fbd61b38a3c9720b110cadec342ef8fba9c21b96260e6b29098a131ec8b3cdc92064cad1f6ed866a54c86e2d401203f00ec58e70f1db02dd17b4eae74443cc5256136fcd05b5691953e734a28579aad148aa6b895a52068aaf8745ffc87685070946ab7fa7b22288051638fede2d7d884516c92cc79193cb15f35ca6fecafd448bc66af9b71ff0eb5145a812704918a7c5b51c790c2f63d3876b446e9659690a4b30b90bdc3c66e42aa6e6881c4604069424
SUCCESS=991 FAIL=0 EXCEPTION=9
davedoesdev commented 1 year ago

Sure, I'll take a look. Might be a few days though.

davedoesdev commented 1 year ago

@kjur How do I build jsrsasign-all-min.js?

kjur commented 1 year ago

Hi @davedoesdev ,

I've attached some script to generate jsrsasign.js or jsrsasign-all-min.js without minification. mktestlib.zip

These scripts will generate "lib/jsrsasign.js" and "lib/jsrsasign-all-min.js".

USAGE

  1. copy this archive to npm directory % cp mktestlib.zip npm/

  2. unzip it % unzip mktestlib.zip

  3. to generate lib/jsrsasign-all-min.js % mktestlib_libjsrsasignallmin.sh Then file "testlib_libjsrsasignallmin.js" will be generated. This can be replacement of "lib/jsrsasign-all-min.js".

  4. to generate lib/jsrsasign.js % mktestlib_libjsrsasign.sh Then file "testlib_libjsrsasign.js" will be generated. This can be replacement of "lib/jsrsasign.js".

kjur commented 1 year ago

Hi @davedoesdev san,

Current lib/jsrsasign.js and lib/jsrsasign-all-min.js generator depend on old and wrong "YUI compressor" and I think it would be better not to introduce you such generator. For your debugging, above scripts may enough.

kjur commented 1 year ago

Otherwise I can write a QUnit test script for the issue like other test/qunit-*.html test scripts. Please ask me if you want it.

kjur commented 1 year ago

Hi @yuanchangjian , this issue was fixed in 10.8.2 release today.

Hi @davedoesdev san, thank you kindly for your help.

kjur commented 1 year ago

Just FYI. Here is mocha test code for 10,000 times RSA OAEP encryption and decryption. It takes too much time so that it is not included in the release:

// for issue 582, 583
var assert = require('assert');
var rs = require('../lib/jsrsasign.js');

const pubb64 = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kw0JFxZqgxISVe54G+ZHeyOoIpGr++DqplOQuijlR48GhkPjYd99J5DwQQXwb8lbNUPU7iwlQ7sqfNAMjk/CXmMM56th/jPlMEydZuzn+/SmNMPsVUd+Cn3dUMQMhZZZcNkFZuVuIzTSQsrjUah7dGdiozsKyriBbksiehO2i7Vc61PlTJOU/1PCgKHjsaw5qzB9Qfh2R/esM9miuiOKEiA4kupij3w7GTwi6NZ/VjSD+2uDgCpaIWjhxJQIT6kzE6hjx12wV94eMkKvkv9F/sZGmCBefFVzvahUmINTe4xGdainQ7aHZkYdHWJpnFm7N/u/MdNMAmawLv8RbKlwQIDAQAB";
const prvb64 = "MIIEpAIBAAKCAQEA6kw0JFxZqgxISVe54G+ZHeyOoIpGr++DqplOQuijlR48GhkPjYd99J5DwQQXwb8lbNUPU7iwlQ7sqfNAMjk/CXmMM56th/jPlMEydZuzn+/SmNMPsVUd+Cn3dUMQMhZZZcNkFZuVuIzTSQsrjUah7dGdiozsKyriBbksiehO2i7Vc61PlTJOU/1PCgKHjsaw5qzB9Qfh2R/esM9miuiOKEiA4kupij3w7GTwi6NZ/VjSD+2uDgCpaIWjhxJQIT6kzE6hjx12wV94eMkKvkv9F/sZGmCBefFVzvahUmINTe4xGdainQ7aHZkYdHWJpnFm7N/u/MdNMAmawLv8RbKlwQIDAQABAoIBAHHckKZu/uAl0edaq6lHcqjZMkMQj+OmSV1Z3W+ksQKhy+F+9lD4XJzJYPHnNEhixSRLsoQkSCRYOWkqHrOJoHnRSPI5FenzX6XR8dy3yyZZnQXJ5GFwlPzqICkray58L/vFZdkeYDdssK1ZsVOZ1M3HRYF0lL0xvN+9KsjmTZO3qtG6yt8pL7EZW19AfZFEuNdD6EEV2cEB4zPT0gRWh+uAIIu+XYnSy4dEAqksQM/iiJ+CMrxJceTatfKLPXUdC8qI+IuUiUDwZLsu15C3G0E06DMk10wCSZjZEgDTM5hqWPUWahpUh5lQDW64zlZM3qm/cxcqfA3+VOMlagc/I7ECgYEA+Ft1QoiXPoCRCVYyJ8eiBS7xuMLk91kKyLF8vzi4XwXmy46T2TuPMGRDw+gGl65vS2TfHaD23VS12G90Jv6YyBOEo/A4g9ImpSwblI2kwl3vnR7t5R46gWUveed54QQec9UloEzfB9s0pXDhP9Eng1yo4yOFhC/cQKDd0I9jNUUCgYEA8YH8Mhq+dDmwaf8tvoG/3cEAF/g45qrY1wfPjFYhZGrgGKkpc6DmYTeugYCJFx+VBOtrA7O23lAjuAxhGLYE74KE0tzNQzSXllG0aJG++1Ive6DNu7UXXELaWYjxacojMbPH2e7HMTJTzgVvIOtTtBo5sSr3R6JpX0n+AfEXIE0CgYAR12AhG3biApJovUx1Fx5IiQrMXxPbwQXJTRbNFeII0X+299MfM+whadKEbFKs6tcL738nvbx+QeueVMNfWcLX/K72p/cnYR1tmDGTBmnjnKPuAZ7NatKBISe79ikHRSh64cEGNv9+rPynNei4kOnpwepQBuk8icOk0OmeZe6WkQKBgQDO221uZSXYW0lVoPJHiM8UW6l+3meue4u7sr79DxEO99P2i34rwhdSEeVwmu3RVoXHbvV8eEQb6zyM+l14Uv+rPnoSOnm+JJ/qaxVBtASHM3/kPnm5W4Uky0ZHBlrxJ+g5PCnj6vfGlbrebh0fbzGExCnCLHEddGkY60Gb3CrYyQKBgQCqAqg9InHjP0ma+Co7ptHYAzm46+Jq7QowsCl07SoTujVf9qaYpohdhqp8kXVonwUrQQ+PEwvtK4ORGA3FIPgfDXaV5g7gThsTGTZ11GAKuzdtQSCPRuRR1+wcxZaGF0WfLJw1Jvd8vKEt2qBJ+Jrlj4rnH2mZ9n3ZFEof14L7iQ==";
const data = "ngzCT7HX5GK3gLaT";

describe("rsa oaep enc dec loop", function() {
    describe("test", function() {
        let pubkey = rs.KEYUTIL.getKey(rs.b64topem(pubb64, "PUBLIC KEY"));
        let prvkey = rs.KEYUTIL.getKey(rs.b64topem(prvb64, "RSA PRIVATE KEY"));

        let numTry = 10000;
        //let numTry = 1;
        let countSuccess = 0;
        let countException = 0;
        for (let i = 0; i < numTry; i++) {
            let hEnc, sDec;
            hEnc = pubkey.encryptOAEP(data, "sha256");
            //console.log(hEnc);
            try {
                sDec = prvkey.decryptOAEP(hEnc, "sha256");
                if (data == sDec) countSuccess++;
            } catch(ex) {
                console.log(ex);
                countException++;
            }
        }
        //console.log(`${countSuccess} ${countException}`);
        assert.equal(countSuccess, numTry);
        assert.equal(countException, 0);
    });
});