Introduced in #37500 (released with v15.12.0) the function call crashes node when a private key object is passed to verify when using the callback argument.
const crypto = require('crypto');
const assert = require('assert');
const data = Buffer.from('hello');
const { privateKey } = crypto.generateKeyPairSync('ed25519');
const signature = crypto.sign(null, data, privateKey);
assert(crypto.verify(null, data, privateKey, signature)); // OK
crypto.verify(null, data, privateKey, signature, (err, verified) => { // 💥
assert(!err);
assert(verified);
});node[49326]: ../src/crypto/crypto_sig.cc:850:static bool node::crypto::SignTraits::DeriveBits(node::Environment *, const node::crypto::SignConfiguration &, node::crypto::ByteSource *): Assertion `(params.key->GetKeyType()) == (kKeyTypePublic)' failed.
This can never happen in webcrypto where this implementation was first used but it is a valid input for one shot verify.
I'm looking into a fix and expanding the test suite.
cc @jasnell
Introduced in #37500 (released with v15.12.0) the function call crashes node when a private key object is passed to verify when using the callback argument.
This can never happen in webcrypto where this implementation was first used but it is a valid input for one shot verify.
I'm looking into a fix and expanding the test suite.
cc @jasnell