test: prepare test-crypto-rsa-dsa for newer OpenSSL

Update `parallel/test-crypto-rsa-dsa` to prepare for updating `deps/openssl` to later versions of OpenSSL which support implicit rejections with `RSA_PKCS1_PADDING`. PR-URL: https://github.com/nodejs/node/pull/58100 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com>
2025-08-15 13:48:44 +02:00 · 2025-05-01 15:50:23 +00:00 · 2025-05-01 15:50:23 +00:00 · cb531b0616
commit cb531b0616
parent 0259df9faf
1 changed files with 25 additions and 7 deletions
--- a/test/parallel/test-crypto-rsa-dsa.js
+++ b/test/parallel/test-crypto-rsa-dsa.js
@ -9,7 +9,7 @@ const crypto = require('crypto');
 const constants = crypto.constants;

 const fixtures = require('../common/fixtures');
-const { hasOpenSSL3 } = require('../common/crypto');
+const { hasOpenSSL, hasOpenSSL3 } = require('../common/crypto');

 // Test certificates
 const certPem = fixtures.readKey('rsa_cert.crt');
@ -225,20 +225,38 @@ function test_rsa(padding, encryptOaepHash, decryptOaepHash) {

  if (padding === constants.RSA_PKCS1_PADDING) {
    if (!process.config.variables.node_shared_openssl) {
-      assert.throws(() => {
-        crypto.privateDecrypt({
+      // TODO(richardlau) remove check and else branch after deps/openssl
+      // is upgraded.
+      if (hasOpenSSL(3, 2)) {
+        let decryptedBuffer = crypto.privateDecrypt({
          key: rsaKeyPem,
          padding: padding,
          oaepHash: decryptOaepHash
        }, encryptedBuffer);
-      }, { code: 'ERR_INVALID_ARG_VALUE' });
-      assert.throws(() => {
-        crypto.privateDecrypt({
+        assert.deepStrictEqual(decryptedBuffer, input);
+
+        decryptedBuffer = crypto.privateDecrypt({
          key: rsaPkcs8KeyPem,
          padding: padding,
          oaepHash: decryptOaepHash
        }, encryptedBuffer);
-      }, { code: 'ERR_INVALID_ARG_VALUE' });
+        assert.deepStrictEqual(decryptedBuffer, input);
+      } else {
+        assert.throws(() => {
+          crypto.privateDecrypt({
+            key: rsaKeyPem,
+            padding: padding,
+            oaepHash: decryptOaepHash
+          }, encryptedBuffer);
+        }, { code: 'ERR_INVALID_ARG_VALUE' });
+        assert.throws(() => {
+          crypto.privateDecrypt({
+            key: rsaPkcs8KeyPem,
+            padding: padding,
+            oaepHash: decryptOaepHash
+          }, encryptedBuffer);
+        }, { code: 'ERR_INVALID_ARG_VALUE' });
+      }
    } else {
      // The version of a linked against OpenSSL. May
      // or may not support implicit rejection. Figuring