Use node-rsa for private pkcs1 decryption.

2025-08-13 19:35:34 +00:00 · 2025-03-26 15:18:06 +01:00
parent b2ae16b933
commit e810ce241f
3 changed files with 19 additions and 6 deletions
--- a/lib/crypto/Crypto.js
+++ b/lib/crypto/Crypto.js
@@ -1,6 +1,7 @@
 'use strict';

 const crypto = require('crypto');
+const NodeRSA = require('node-rsa');

 const BigNumber = require('./BigNumber.js');
 const mgf1 = require('./MGF1');
@@ -54,10 +55,14 @@ module.exports = class Crypto {
 	}

 	static privateDecrypt(key, data) {
-		return crypto.privateDecrypt({
-			key: key.toPem(),
-			padding: crypto.constants.RSA_PKCS1_PADDING,
-		}, data);
+		const keyRSA = new NodeRSA(
+			key.toPem(),
+			'pkcs1-private-pem', {
+				encryptionScheme: 'pkcs1',
+				environment: 'browser', // would use the crypto module by default, which blocks pkcs1
+			},
+		);
+		return keyRSA.decrypt(data);
 	}

 	static privateSign(key, data, outputEncoding = 'base64') {