Open tonesandtones opened 10 months ago
encryptEngines/io.js#L35-L36 should pass the OAEP label and hash function to crypto.publicEncrypt()
here.
return crypto.publicEncrypt({
key: options.rsaUtils.exportKey('public'),
padding: padding
// <-- oaepLabel: options.encryptionSchemeOptions.label
// <-- oaepHash: options.encryptionSchemeOptions.hash
}, data);
The problem
When running in a Node process, encrypting with PKCS1 OAEP padding with custom label and SHA 256 hash algorithm,
io.js
does not pass the OAEP hash and OAEP label parameters tocrypto.publicEncrypt()
.Expected behaviour
When run in a node process, OAEP padding is applied with the chosen hash function and label before being encrypted.
Actual behaviour
OAEP padding is applied with node crypto defaults of SHA1 and no label instead of the requested hash and label. See https://nodejs.org/api/crypto.html#cryptopublicencryptkey-buffer
The cause
When running in a node process,
node-rsa
selects an encrypt engine wrapper encryptEngines/io.js or encryptEngines/node12.js. Neither passes the configured oaep hash or label to crypto.publicEncrypt().Workaround
When specifying your NodeRSA options object, set
environment: 'browser'
to causenode-rsa
to select the encrypt engine encryptEngines/js.js, which implements is own oaep padding.Example workaround