test: prepare test-crypto-rsa-dsa for newer OpenSSL

richardlau · richardlau · commit 1ec846f815f7 · 2025-05-01T17:17:39.000Z
Update `parallel/test-crypto-rsa-dsa` to prepare for updating
`deps/openssl` to later versions of OpenSSL which support implicit
rejections with `RSA_PKCS1_PADDING`.
diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js
@@ -9,7 +9,7 @@ const crypto = require('crypto');
 const constants = crypto.constants;
 
 const fixtures = require('../common/fixtures');
-const { hasOpenSSL3 } = require('../common/crypto');
+const { hasOpenSSL, hasOpenSSL3 } = require('../common/crypto');
 
 // Test certificates
 const certPem = fixtures.readKey('rsa_cert.crt');
@@ -225,20 +225,38 @@ function test_rsa(padding, encryptOaepHash, decryptOaepHash) {
 
   if (padding === constants.RSA_PKCS1_PADDING) {
     if (!process.config.variables.node_shared_openssl) {
-      assert.throws(() => {
-        crypto.privateDecrypt({
+      // TODO(richardlau) remove check and else branch after deps/openssl
+      // is upgraded.
+      if (hasOpenSSL(3, 2)) {
+        let decryptedBuffer = crypto.privateDecrypt({
           key: rsaKeyPem,
           padding: padding,
           oaepHash: decryptOaepHash
         }, encryptedBuffer);
-      }, { code: 'ERR_INVALID_ARG_VALUE' });
-      assert.throws(() => {
-        crypto.privateDecrypt({
+        assert.deepStrictEqual(decryptedBuffer, input);
+
+        decryptedBuffer = crypto.privateDecrypt({
           key: rsaPkcs8KeyPem,
           padding: padding,
           oaepHash: decryptOaepHash
         }, encryptedBuffer);
-      }, { code: 'ERR_INVALID_ARG_VALUE' });
+        assert.deepStrictEqual(decryptedBuffer, input);
+      } else {
+        assert.throws(() => {
+          crypto.privateDecrypt({
+            key: rsaKeyPem,
+            padding: padding,
+            oaepHash: decryptOaepHash
+          }, encryptedBuffer);
+        }, { code: 'ERR_INVALID_ARG_VALUE' });
+        assert.throws(() => {
+          crypto.privateDecrypt({
+            key: rsaPkcs8KeyPem,
+            padding: padding,
+            oaepHash: decryptOaepHash
+          }, encryptedBuffer);
+        }, { code: 'ERR_INVALID_ARG_VALUE' });
+      }
     } else {
       // The version of a linked against OpenSSL. May
       // or may not support implicit rejection. Figuring
