Skip to content

Commit

Permalink
fix: remove CVE-2023-46809 revert config
Browse files Browse the repository at this point in the history
use RSA_PKCS1_OAEP_PADDING instead of RSA_PKCS1_PADDING

revert #650

run test on Node.js 22
  • Loading branch information
fengmk2 committed May 16, 2024
1 parent 65d6f44 commit 2fee366
Show file tree
Hide file tree
Showing 5 changed files with 5 additions and 10 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/nodejs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
strategy:
fail-fast: false
matrix:
node-version: [18, 20, 21]
node-version: [18, 20, 22]
os: [ubuntu-latest]

steps:
Expand Down Expand Up @@ -83,7 +83,7 @@ jobs:
strategy:
fail-fast: false
matrix:
node-version: [16, 18, 20]
node-version: [18, 20, 22]
os: [ubuntu-latest]

steps:
Expand Down
2 changes: 0 additions & 2 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,3 @@ jobs:
secrets:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
GIT_TOKEN: ${{ secrets.GIT_TOKEN }}
with:
checkTest: false
5 changes: 3 additions & 2 deletions app/common/CryptoUtil.ts
Original file line number Diff line number Diff line change
Expand Up @@ -20,14 +20,15 @@ export function genRSAKeys(): { publicKey: string, privateKey: string } {
export function encryptRSA(publicKey: string, data: string): string {
return publicEncrypt({
key: publicKey,
padding: constants.RSA_PKCS1_PADDING,
// https://zhuanlan.zhihu.com/p/356604821
padding: constants.RSA_PKCS1_OAEP_PADDING,
}, Buffer.from(data, 'utf8')).toString('base64');
}

// decrypt rsa private key
export function decryptRSA(privateKey: string, data: string) {
return privateDecrypt({
key: privateKey,
padding: constants.RSA_PKCS1_PADDING,
padding: constants.RSA_PKCS1_OAEP_PADDING,
}, Buffer.from(data, 'base64')).toString('utf8');
}
3 changes: 0 additions & 3 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -60,9 +60,6 @@
"url": "git@github.com:cnpm/cnpmcore.git"
},
"egg": {
"revert": [
"CVE-2023-46809"
],
"typescript": true
},
"keywords": [
Expand Down
1 change: 0 additions & 1 deletion test/port/webauth/webauthController.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,6 @@ describe('test/port/webauth/webauthController.test.ts', () => {
});

it('should login success', async () => {

const password = encryptRSA(rsaKeys.publicKey, 'flymetothemoon');
const res = await app.httpRequest()
.post(`/-/v1/login/request/session/${sessionId}`)
Expand Down

0 comments on commit 2fee366

Please sign in to comment.