Update - This is an automated commit

1 files changed, 602 insertions, 0 deletions

diff --git a/school/node_modules/node-forge/nodejs/test/rsa.js b/school/node_modules/node-forge/nodejs/test/rsa.js
new file mode 100644
index 0000000..434d7a3
--- /dev/null
+++ b/school/node_modules/node-forge/nodejs/test/rsa.js
@@ -0,0 +1,602 @@
+(function() {
+
+function Tests(ASSERT, PKI, RSA, MD, MGF, PSS, RANDOM, UTIL) {
+  var _pem = {
+    privateKey: '-----BEGIN RSA PRIVATE KEY-----\r\n' +
+      'MIICXQIBAAKBgQDL0EugUiNGMWscLAVM0VoMdhDZEJOqdsUMpx9U0YZI7szokJqQ\r\n' +
+      'NIwokiQ6EonNnWSMlIvy46AhnlRYn+ezeTeU7eMGTkP3VF29vXBo+dLq5e+8VyAy\r\n' +
+      'Q3FzM1wI4ts4hRACF8w6mqygXQ7i/SDu8/rXqRGtvnM+z0MYDdKo80efzwIDAQAB\r\n' +
+      'AoGAIzkGONi5G+JifmXlLJdplom486p3upf4Ce2/7mqfaG9MnkyPSairKD/JXvfh\r\n' +
+      'NNWkkN8DKKDKBcVVElPgORYT0qwrWc7ueLBMUCbRXb1ZyfEulimG0R3kjUh7NYau\r\n' +
+      'DaIkVgfykXGSQMZx8FoaT6L080zd+0emKDDYRrb+/kgJNJECQQDoUZoiC2K/DWNY\r\n' +
+      'h3/ppZ0ane2y4SBmJUHJVMPQ2CEgxsrJTxet668ckNCKaOP/3VFPoWC41f17DvKq\r\n' +
+      'noYINNntAkEA4JbZBZBVUrQFhHlrpXT4jzqtO2RlKZzEq8qmFZfEErxOT1WMyyCi\r\n' +
+      'lAQ5gUKardo1Kf0omC8Xq/uO9ZYdED55KwJBALs6cJ65UFaq4oLJiQPzLd7yokuE\r\n' +
+      'dcj8g71PLBTW6jPxIiMFNA89nz3FU9wIVp+xbMNhSoMMKqIPVPC+m0Rn260CQQDA\r\n' +
+      'I83fWK/mZWUjBM33a68KumRiH238v8XyQxj7+C8i6D8G2GXvkigFAehAkb7LZZd+\r\n' +
+      'KLuGFyPlWv3fVWHf99KpAkBQFKk3MRMl6IGJZUEFQe4l5whm8LkGU4acSqv9B3xt\r\n' +
+      'qROkCrsFrMPqjuuzEmyHoQZ64r2PLJg7FOuyhBnQUOt4\r\n' +
+      '-----END RSA PRIVATE KEY-----\r\n',
+    privateKeyInfo: '-----BEGIN PRIVATE KEY-----\r\n' +
+      'MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMvQS6BSI0Yxaxws\r\n' +
+      'BUzRWgx2ENkQk6p2xQynH1TRhkjuzOiQmpA0jCiSJDoSic2dZIyUi/LjoCGeVFif\r\n' +
+      '57N5N5Tt4wZOQ/dUXb29cGj50url77xXIDJDcXMzXAji2ziFEAIXzDqarKBdDuL9\r\n' +
+      'IO7z+tepEa2+cz7PQxgN0qjzR5/PAgMBAAECgYAjOQY42Lkb4mJ+ZeUsl2mWibjz\r\n' +
+      'qne6l/gJ7b/uap9ob0yeTI9JqKsoP8le9+E01aSQ3wMooMoFxVUSU+A5FhPSrCtZ\r\n' +
+      'zu54sExQJtFdvVnJ8S6WKYbRHeSNSHs1hq4NoiRWB/KRcZJAxnHwWhpPovTzTN37\r\n' +
+      'R6YoMNhGtv7+SAk0kQJBAOhRmiILYr8NY1iHf+mlnRqd7bLhIGYlQclUw9DYISDG\r\n' +
+      'yslPF63rrxyQ0Ipo4//dUU+hYLjV/XsO8qqehgg02e0CQQDgltkFkFVStAWEeWul\r\n' +
+      'dPiPOq07ZGUpnMSryqYVl8QSvE5PVYzLIKKUBDmBQpqt2jUp/SiYLxer+471lh0Q\r\n' +
+      'PnkrAkEAuzpwnrlQVqrigsmJA/Mt3vKiS4R1yPyDvU8sFNbqM/EiIwU0Dz2fPcVT\r\n' +
+      '3AhWn7Fsw2FKgwwqog9U8L6bRGfbrQJBAMAjzd9Yr+ZlZSMEzfdrrwq6ZGIfbfy/\r\n' +
+      'xfJDGPv4LyLoPwbYZe+SKAUB6ECRvstll34ou4YXI+Va/d9VYd/30qkCQFAUqTcx\r\n' +
+      'EyXogYllQQVB7iXnCGbwuQZThpxKq/0HfG2pE6QKuwWsw+qO67MSbIehBnrivY8s\r\n' +
+      'mDsU67KEGdBQ63g=\r\n' +
+      '-----END PRIVATE KEY-----\r\n',
+    publicKey: '-----BEGIN PUBLIC KEY-----\r\n' +
+      'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDL0EugUiNGMWscLAVM0VoMdhDZ\r\n' +
+      'EJOqdsUMpx9U0YZI7szokJqQNIwokiQ6EonNnWSMlIvy46AhnlRYn+ezeTeU7eMG\r\n' +
+      'TkP3VF29vXBo+dLq5e+8VyAyQ3FzM1wI4ts4hRACF8w6mqygXQ7i/SDu8/rXqRGt\r\n' +
+      'vnM+z0MYDdKo80efzwIDAQAB\r\n' +
+      '-----END PUBLIC KEY-----\r\n'
+  };
+  var _signature =
+    '9200ece65cdaed36bcc20b94c65af852e4f88f0b4fe5b249d54665f815992ac4' +
+    '3a1399e65d938c6a7f16dd39d971a53ca66523209dbbfbcb67afa579dbb0c220' +
+    '672813d9e6f4818f29b9becbb29da2032c5e422da97e0c39bfb7a2e7d568615a' +
+    '5073af0337ff215a8e1b2332d668691f4fb731440055420c24ac451dd3c913f4';
+
+  describe('rsa', function() {
+    it('should generate 512 bit key pair', function() {
+      var pair = RSA.generateKeyPair(512);
+      ASSERT.equal(PKI.privateKeyToPem(pair.privateKey).indexOf('-----BEGIN RSA PRIVATE KEY-----'), 0);
+      ASSERT.equal(PKI.publicKeyToPem(pair.publicKey).indexOf('-----BEGIN PUBLIC KEY-----'), 0);
+
+      // sign and verify
+      var md = MD.sha1.create();
+      md.update('0123456789abcdef');
+      var signature = pair.privateKey.sign(md);
+      ASSERT.ok(pair.publicKey.verify(md.digest().getBytes(), signature));
+    });
+
+    it('should generate the same 512 bit key pair', function() {
+      var prng = RANDOM.createInstance();
+      prng.seedFileSync = function(needed) {
+        return UTIL.fillString('a', needed);
+      };
+      var pair = RSA.generateKeyPair(512, {prng: prng});
+      var pem = {
+        privateKey: PKI.privateKeyToPem(pair.privateKey),
+        publicKey: PKI.publicKeyToPem(pair.publicKey)
+      };
+      ASSERT.equal(pem.privateKey.indexOf('-----BEGIN RSA PRIVATE KEY-----'), 0);
+      ASSERT.equal(pem.publicKey.indexOf('-----BEGIN PUBLIC KEY-----'), 0);
+
+      // sign and verify
+      var md = MD.sha1.create();
+      md.update('0123456789abcdef');
+      var signature = pair.privateKey.sign(md);
+      ASSERT.ok(pair.publicKey.verify(md.digest().getBytes(), signature));
+
+      // create same key pair by using same PRNG
+      prng = RANDOM.createInstance();
+      prng.seedFileSync = function(needed) {
+        return UTIL.fillString('a', needed);
+      };
+      var pair2 = RSA.generateKeyPair(512, {prng: prng});
+      var pem2 = {
+        privateKey: PKI.privateKeyToPem(pair2.privateKey),
+        publicKey: PKI.publicKeyToPem(pair2.publicKey)
+      };
+      ASSERT.equal(pem.privateKey, pem2.privateKey);
+      ASSERT.equal(pem.publicKey, pem2.publicKey);
+    });
+
+    it('should convert private key to/from PEM', function() {
+      var privateKey = PKI.privateKeyFromPem(_pem.privateKey);
+      ASSERT.equal(PKI.privateKeyToPem(privateKey), _pem.privateKey);
+    });
+
+    it('should convert public key to/from PEM', function() {
+      var publicKey = PKI.publicKeyFromPem(_pem.publicKey);
+      ASSERT.equal(PKI.publicKeyToPem(publicKey), _pem.publicKey);
+    });
+
+    it('should convert a PKCS#8 PrivateKeyInfo to/from PEM', function() {
+      var privateKey = PKI.privateKeyFromPem(_pem.privateKeyInfo);
+      var rsaPrivateKey = PKI.privateKeyToAsn1(privateKey);
+      var pki = PKI.wrapRsaPrivateKey(rsaPrivateKey);
+      ASSERT.equal(PKI.privateKeyInfoToPem(pki), _pem.privateKeyInfo);
+    });
+
+    (function() {
+      var algorithms = ['aes128', 'aes192', 'aes256', '3des', 'des'];
+      for(var i = 0; i < algorithms.length; ++i) {
+        var algorithm = algorithms[i];
+        it('should PKCS#8 encrypt and decrypt private key with ' + algorithm, function() {
+          var privateKey = PKI.privateKeyFromPem(_pem.privateKey);
+          var encryptedPem = PKI.encryptRsaPrivateKey(
+             privateKey, 'password', {algorithm: algorithm});
+          privateKey = PKI.decryptRsaPrivateKey(encryptedPem, 'password');
+          ASSERT.equal(PKI.privateKeyToPem(privateKey), _pem.privateKey);
+        });
+      }
+    })();
+
+    (function() {
+      var algorithms = ['aes128', 'aes192', 'aes256', '3des', 'des'];
+      for(var i = 0; i < algorithms.length; ++i) {
+        var algorithm = algorithms[i];
+        it('should legacy (OpenSSL style) encrypt and decrypt private key with ' + algorithm, function() {
+          var privateKey = PKI.privateKeyFromPem(_pem.privateKey);
+          var encryptedPem = PKI.encryptRsaPrivateKey(
+             privateKey, 'password', {algorithm: algorithm, legacy: true});
+          privateKey = PKI.decryptRsaPrivateKey(encryptedPem, 'password');
+          ASSERT.equal(PKI.privateKeyToPem(privateKey), _pem.privateKey);
+        });
+      }
+    })();
+
+    it('should verify signature', function() {
+      var publicKey = PKI.publicKeyFromPem(_pem.publicKey);
+      var md = MD.sha1.create();
+      md.update('0123456789abcdef');
+      var signature = UTIL.hexToBytes(_signature);
+      ASSERT.ok(publicKey.verify(md.digest().getBytes(), signature));
+    });
+
+    it('should sign and verify', function() {
+      var privateKey = PKI.privateKeyFromPem(_pem.privateKey);
+      var publicKey = PKI.publicKeyFromPem(_pem.publicKey);
+      var md = MD.sha1.create();
+      md.update('0123456789abcdef');
+      var signature = privateKey.sign(md);
+      ASSERT.ok(publicKey.verify(md.digest().getBytes(), signature));
+    });
+
+    it('should generate missing CRT parameters, sign, and verify', function() {
+      var privateKey = PKI.privateKeyFromPem(_pem.privateKey);
+
+      // remove dQ, dP, and qInv
+      privateKey = RSA.setPrivateKey(
+        privateKey.n, privateKey.e, privateKey.d,
+        privateKey.p, privateKey.q);
+
+      var publicKey = PKI.publicKeyFromPem(_pem.publicKey);
+      var md = MD.sha1.create();
+      md.update('0123456789abcdef');
+      var signature = privateKey.sign(md);
+      ASSERT.ok(publicKey.verify(md.digest().getBytes(), signature));
+    });
+
+    it('should sign and verify with a private key containing only e, n, and d parameters', function() {
+      var privateKey = PKI.privateKeyFromPem(_pem.privateKey);
+
+      // remove all CRT parameters from private key, so that it consists
+      // only of e, n and d (which make a perfectly valid private key, but its
+      // operations are slower)
+      privateKey = RSA.setPrivateKey(
+        privateKey.n, privateKey.e, privateKey.d);
+
+      var publicKey = PKI.publicKeyFromPem(_pem.publicKey);
+      var md = MD.sha1.create();
+      md.update('0123456789abcdef');
+      var signature = privateKey.sign(md);
+      ASSERT.ok(publicKey.verify(md.digest().getBytes(), signature));
+    });
+
+    (function() {
+      var tests = [{
+        keySize: 1024,
+        privateKeyPem: '-----BEGIN RSA PRIVATE KEY-----\r\n' +
+          'MIICWwIBAAKBgQDCjvkkLWNTeYXqEsqGiVCW/pDt3/qAodNMHcU9gOU2rxeWwiRu\r\n' +
+          'OhhLqmMxXHLi0oP5Xmg0m7zdOiLMEyzzyRzdp21aqp3k5qtuSDkZcf1prsp1jpYm\r\n' +
+          '6z9EGpaSHb64BCuUsQGmUPKutd5RERKHGZXtiRuvvIyue7ETq6VjXrOUHQIDAQAB\r\n' +
+          'AoGAOKeBjTNaVRhyEnNeXkbmHNIMSfiK7aIx8VxJ71r1ZDMgX1oxWZe5M29uaxVM\r\n' +
+          'rxg2Lgt7tLYVDSa8s0hyMptBuBdy3TJUWruDx85uwCrWnMerCt/iKVBS22fv5vm0\r\n' +
+          'LEq/4gjgIVTZwgqbVxGsBlKcY2VzxAfYqYzU8EOZBeNhZdECQQDy+PJAPcUN2xOs\r\n' +
+          '6qy66S91x6y3vMjs900OeX4+bgT4VSVKmLpqRTPizzcL07tT4+Y+pAAOX6VstZvZ\r\n' +
+          '6iFDL5rPAkEAzP1+gaRczboKoJWKJt0uEMUmztcY9NXJFDmjVLqzKwKjcAoGgIal\r\n' +
+          'h+uBFT9VJ16QajC7KxTRLlarzmMvspItUwJAeUMNhEpPwm6ID1DADDi82wdgiALM\r\n' +
+          'NJfn+UVhYD8Ac//qsKQwxUDseFH6owh1AZVIIBMxg/rwUKUCt2tGVoW3uQJAIt6M\r\n' +
+          'Aml/D8+xtxc45NuC1n9y1oRoTl1/Ut1rFyKbD5nnS0upR3uf9LruvjqDtaq0Thvz\r\n' +
+          '+qQT4RoFJ5pfprSO2QJAdMkfNWRqECfAhZyQuUrapeWU3eQ0wjvktIynCIwiBDd2\r\n' +
+          'MfjmVXzBJhMk6dtINt+vBEITVQEOdtyTgDt0y3n2Lw==\r\n' +
+          '-----END RSA PRIVATE KEY-----\r\n',
+        publicKeyPem: '-----BEGIN PUBLIC KEY-----\r\n' +
+          'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCjvkkLWNTeYXqEsqGiVCW/pDt\r\n' +
+          '3/qAodNMHcU9gOU2rxeWwiRuOhhLqmMxXHLi0oP5Xmg0m7zdOiLMEyzzyRzdp21a\r\n' +
+          'qp3k5qtuSDkZcf1prsp1jpYm6z9EGpaSHb64BCuUsQGmUPKutd5RERKHGZXtiRuv\r\n' +
+          'vIyue7ETq6VjXrOUHQIDAQAB\r\n' +
+          '-----END PUBLIC KEY-----\r\n',
+        encrypted: 'jsej3OoacmJ1VjWrlw68F+drnQORAuKAqVu6RMbz1xSXjzA355vctrJZXolRU0mvzuu/6VuNynkKGGyRJ6DHt85CvwTMChw4tOMV4Dy6bgnUt3j+DZA2sWTwFhOlpzvNQMK70QpuqrXtOZmAO59EwoDeJkW/iH6t4YzNOVYo9Jg=',
+        signature: 'GT0/3EV2zrXxPd1ydijJq3R7lkI4c0GtcprgpG04dSECv/xyXtikuzivxv7XzUdHpu6QiYmM0xE4D4i7LK3Mzy+f7aB4o/dg8XXO3htLiBzVI+ZJCRh06RdYctPtclAWmyZikZ8Etw3NnA/ldKuG4jApbwRb21UFm5gYLrJ4SP4=',
+        signaturePss: 'F4xffaANDBjhFxeSJx8ANuBbdhaWZjUHRQh4ueYQMPPCaR2mpwdqxE04sbgNgIiZzBuLIAI4HpTMMoDk3Rruhjefx3+9UhzTxgB0hRI+KzRChRs+ToltWWDZdYzt9T8hfTlELeqT4V8HgjDuteO/IAvIVlRIBwMNv53Iebu1FY4=',
+        signatureWithAbcSalt: 'GYA/Zp8G+jqG2Fu7Um+XP7Cr/yaVdzJN8lyt57Lw6gFflia2CPbOVMLyqLzD7fKoE8UD0Rc6DF8k04xhEu60sudw2nxGHeDvpL4M9du0uYra/WSr9kv7xNjAW62NyNerDngHD2J7O8gQ07TZiTXkrfS724vQab5xZL/+FhvisMY=',
+        signatureWithCustomPrng: 'LzWcUpUYK+URDp72hJbz1GVEp0rG0LHjd+Pdh2w5rfQFbUThbmXDl3X6DUT5UZr5RjUSHtc2usvH+w49XskyIJJO929sUk9EkMJMK/6QAnYYEp5BA+48pdGNNMZyjIbhyl9Y4lInzFPX8XYMM8o+tdSK+hj+dW5OPdnwWbDtR7U='
+      }, {
+        keySize: 1025,
+        privateKeyPem: '-----BEGIN RSA PRIVATE KEY-----\r\n' +
+          'MIICXgIBAAKBgQGIkej4PDlAigUh5fbbHp1WXuTHhOdQfAke+LoH0TM4uzn0QmgK\r\n' +
+          'SJqxzB1COJ5o0DwZw/NR+CNy7NUrly+vmh2YPwsaqN+AsYBF9qsF93oN8/TBtaL/\r\n' +
+          'GRoRGpDcCglkj1kZnDaWR79NsG8mC0TrvQCkcCLOP0c2Ux1hRbntOetGXwIDAQAB\r\n' +
+          'AoGBAIaJWsoX+ZcAthmT8jHOICXFh6pJBe0zVPzkSPz82Q0MPSRUzcsYbsuYJD7Z\r\n' +
+          'oJBTLQW3feANpjhwqe2ydok7y//ONm3Th53Bcu8jLfoatg4KYxNFIwXEO10mPOld\r\n' +
+          'VuDIGrBkTABe6q2P5PeUKGCKLT6i/u/2OTXTrQiJbQ0gU8thAkEBjqcFivWMXo34\r\n' +
+          'Cb9/EgfWCCtv9edRMexgvcFMysRsbHJHDK9JjRLobZltwtAv3cY7F3a/Cu1afg+g\r\n' +
+          'jAzm5E3gowJBAPwYFHTLzaZToxFKNQztWrPsXF6YfqHpPUUIpT4UzL6DhGG0M00U\r\n' +
+          'qMyhkYRRqmGOSrSovjg2hjM2643MUUWxUxUCQDPkk/khu5L3YglKzyy2rmrD1MAq\r\n' +
+          'y0v3XCR3TBq89Ows+AizrJxbkLvrk/kfBowU6M5GG9o9SWFNgXWZnFittocCQQDT\r\n' +
+          'e1P1419DUFi1UX6NuLTlybx3sxBQvf0jY6xUF1jn3ib5XBXJbTJqcIRF78iyjI9J\r\n' +
+          'XWIugDc20bTsQOJRSAA9AkEBU8kpueHBaiXTikqqlK9wvc2Lp476hgyKVmVyBGye\r\n' +
+          '9TLTWkTCzDPtManLy47YtXkXnmyazS+DlKFU61XAGEnZfg==\r\n' +
+          '-----END RSA PRIVATE KEY-----\r\n',
+        publicKeyPem: '-----BEGIN PUBLIC KEY-----\r\n' +
+          'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQGIkej4PDlAigUh5fbbHp1WXuTH\r\n' +
+          'hOdQfAke+LoH0TM4uzn0QmgKSJqxzB1COJ5o0DwZw/NR+CNy7NUrly+vmh2YPwsa\r\n' +
+          'qN+AsYBF9qsF93oN8/TBtaL/GRoRGpDcCglkj1kZnDaWR79NsG8mC0TrvQCkcCLO\r\n' +
+          'P0c2Ux1hRbntOetGXwIDAQAB\r\n' +
+          '-----END PUBLIC KEY-----\r\n',
+        encrypted: 'AOVeCUN8BOVkZvt4mxyNn/yCYE1MZ40A3e/osh6EvCBcJ09hyYbx7bzKSrdkhRnDyW0pGtgP352CollasllQZ9HlfI2Wy9zKM0aYZZn8OHBA+60Tc3xHHDGznLZqggUKuhoNpj+faVZ1uzb285eTpQQa+4mLUue2svJD4ViM8+ng',
+        signature: 'AFSx0axDYXlF2rO3ofgUhYSI8ZlIWtJUUZ62PhgdBp9O5zFqMX3DXoiov1e7NenSOz1khvTSMctFWzKP3GU3F0yewe+Yd3UAZE0dM8vAxigSSfAchUkBDmp9OFuszUie63zwWwpG+gXtvyfueZs1RniBvW1ZmXJvS+HFgX4ouzwd',
+        signaturePss: 'AQvBdhAXDpu+7RpcybMgwuTUk6w+qa08Lcq3G1xHY4kC7ZUzauZd/Jn9e0ePKApDqs7eDNAOV+dQkU2wiH/uBg6VGelzb0hFwcpSLyBW92Vw0q3GlzY7myWn8qnNzasrt110zFflWQa1GiuzH/C8f+Z82/MzlWDxloJIYbq2PRC8',
+        signatureWithAbcSalt: 'AW4bKnG/0TGvAZgqX5Dk+fXpUNgX7INFelE46d3m+spaMTG5XalY0xP1sxWfaE/+Zl3FmZcfTNtfOCo0eNRO1h1+GZZfp32ZQZmZvkdUG+dUQp318LNzgygrVf/5iIX+QKV5/soSDuAHBzS7yDfMgzJfnXNpFE/zPLOgZIoOIuLq',
+        signatureWithCustomPrng: 'AVxfCyGC/7Y3kz//eYFEuWQijjR7eR05AM36CwDlLsVkDRtXoeVzz2yTFBdP+i+QgQ73C/I3lLtvXTwfleorvIX9YncVBeGDQXssmULxzqsM3izaLfJXCRAGx9ErL1Az10+fAqPZpq954OVSDqrR/61Q7CsMY7CiQO3nfIIaxgVL'
+      }, {
+        keySize: 1031,
+        privateKeyPem: '-----BEGIN RSA PRIVATE KEY-----\r\n' +
+          'MIICXwIBAAKBgWyeKqA2oA4klYrKT9hjjutYQksJNN0cxwaQwIm9AYiLxOsYtT/C\r\n' +
+          'ovJx5Oy1EvkbYQbfvYsGISUx9bW8yasZkTHR55IbW3+UptvQjTDtdxBQTgQOpsAh\r\n' +
+          'BJtZYY3OmyH9Sj3F3oB//oyriNoj0QYyfsvlO8UsMmLzpnf6qfZBDHA/9QIDAQAB\r\n' +
+          'AoGBBj/3ne5muUmbnTfU7lOUNrCGaADonMx6G0ObAJHyk6PPOePbEgcmDyNEk+Y7\r\n' +
+          'aEAODjIzmttIbvZ39/Qb+o9nDmCSZC9VxiYPP+rjOzPglCDT5ks2Xcjwzd3If6Ya\r\n' +
+          'Uw6P31Y760OCYeTb4Ib+8zz5q51CkjkdX5Hq/Yu+lZn0Vx7BAkENo83VfL+bwxTm\r\n' +
+          'V7vR6gXqTD5IuuIGHL3uTmMNNURAP6FQDHu//duipys83iMChcOeXtboE16qYrO0\r\n' +
+          '9KC0cqL4JQJBB/aYo/auVUGZA6f50YBp0b2slGMk9TBQG0iQefuuSyH4kzKnt2e3\r\n' +
+          'Q40SBmprcM+DfttWJ11bouec++goXjz+95ECQQyiTWYRxulgKVuyqCYnvpLnTEnR\r\n' +
+          '0MoYlVTHBriVPkLErYaYCYgse+SNM1+N4p/Thv6KmkUcq/Lmuc5DSRfbl1iBAkEE\r\n' +
+          '7GKtJQvd7EO1bfpXnARQx+tWhwHHkgpFBBVHReMZ0rQEFhJ5o2c8HZEiZFNvGO2c\r\n' +
+          '1fErP14zlu2JFZ03vpCI8QJBCQz9HL28VNjafSAF2mon/SNjKablRjoGGKSoSdyA\r\n' +
+          'DHDZ/LeRsTp2dg8+bSiG1R+vPqw0f/BT+ux295Sy9ocGEM8=\r\n' +
+          '-----END RSA PRIVATE KEY-----\r\n',
+        publicKeyPem: '-----BEGIN PUBLIC KEY-----\r\n' +
+          'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgWyeKqA2oA4klYrKT9hjjutYQksJ\r\n' +
+          'NN0cxwaQwIm9AYiLxOsYtT/CovJx5Oy1EvkbYQbfvYsGISUx9bW8yasZkTHR55Ib\r\n' +
+          'W3+UptvQjTDtdxBQTgQOpsAhBJtZYY3OmyH9Sj3F3oB//oyriNoj0QYyfsvlO8Us\r\n' +
+          'MmLzpnf6qfZBDHA/9QIDAQAB\r\n' +
+          '-----END PUBLIC KEY-----\r\n',
+        encrypted: 'ShSS4/fEAkuS6XiQakhOpWp82IXaaCaDNtsndU4uokvriqgCGZyqc+IkIk3eVmZ8bn4vVIRR43ydFuvGgsptVjizOdLGZudph3TJ1clcYEMcCXk4z5HaEu0bx5SW9jmzHhE/z+WV8PB48q7y7C2qtmPmfttG2NMsNLBvkiaDopRO',
+        signature: 'Z3vYgRdezrWmdA3NC1Uz2CcHRTcE+/C2idGZA1FjUGqFztAHQ31k0QW/F5zuJdKvg8LQU45S3KxW+OQpbGPL98QbzJLhml88mFGe6OinLXJbi7UQWrtXwamc2jMdiXwovSLbXaXy6PX2QW089iC8XuAZftVi3T/IKV0458FQQprg',
+        signaturePss: 'R6QsK6b3QinIPZPamm/dP0Zndqti1TzAkFTRSZJaRSa1u2zuvZC5QHF4flDjEtHosWeDyxrBE7PHGQZ0b1bHv9qgHGsJCMwaQPj3AWj9fjYmx7b86KM2vHr8q/vqDaa9pTvVRSSwvD6fwoZPc9twQEfdjdDBAiy23yLDzk/zZiwM',
+        signatureWithAbcSalt: 'Ep9qx4/FPNcWTixWhvL2IAyJR69o5I4MIJi3cMAhDmpuTvAaL/ThQwFWkBPPOPT4Jbumnu6ELjPNjo72wa00e5k64qnZgy1pauBPMlXRlKehRc9UJZ6+xot642z8Qs+rt89OgbYTsvlyr8lzXooUHz/lPpfawYCqd7maRMs8YlYM',
+        signatureWithCustomPrng: 'NHAwyn2MdM5ez/WbDNbu2A2JNS+cRiWk/zBoh0lg3aq/RsBS0nrYr4AGiC5jt6KWVcN4AIVOomYtX2k+MhLoemN2t2rDj/+LXOeU7kgCAz0q0ED2NFQz7919JU+PuYXMy03qTMfl5jbvStdi/00eQHjJKGEH+xAgrDcED2lrhtCu'
+      }, {
+        keySize: 1032,
+        privateKeyPem: '-----BEGIN RSA PRIVATE KEY-----\r\n' +
+          'MIICYQIBAAKBggDPhzn5I3GecxWt5DKbP+VhM2AFNSOL0+VbYEOR1hnlZdLbxGK4\r\n' +
+          'cPQzMr2qT6dyttJcsgWr3xKobPkz7vsTZzQATSiekm5Js5dGpaj5lrq/x2+WTZvn\r\n' +
+          '55x9M5Y5dlpusDMKcC3KaIX/axc+MbvPFzo6Eli7JLCWdBg01eKo30knil0CAwEA\r\n' +
+          'AQKBggCNl/sjFF7SOD1jbt5kdL0hi7cI9o+xOLs1lEGmAEmc7dNnZN/ibhb/06/6\r\n' +
+          'wuxB5aEz47bg5IvLZMbG+1hNjc26D0J6Y3Ltwrg8f4ZMdDrh4v0DZ8hy/HbEpMrJ\r\n' +
+          'Td5dk3mtw9FLow10MB5udPLTDKhfDpTcWiObKm2STtFeBk3xeEECQQ6Cx6bZxQJ1\r\n' +
+          'zCxflV5Xi8BgAQaUKMqygugte+HpOLflL0j1fuZ0rPosUyDOEFkTzOsPxBYYOU8i\r\n' +
+          'Gzan1GvW3WwRAkEOTTRt849wpgC9xx2pF0IrYEVmv5gEMy3IiRfCNgEoBwpTWVf4\r\n' +
+          'QFpN3V/9GFz0WQEEYo6OTmkNcC3Of5zbHhu1jQJBBGxXAYQ2KnbP4uLL/DMBdYWO\r\n' +
+          'Knw1JvxdLPrYXVejI2MoE7xJj2QXajbirAhEMXL4rtpicj22EmoaE4H7HVgkrJEC\r\n' +
+          'QQq2V5w4AGwvW4TLHXNnYX/eB33z6ujScOuxjGNDUlBqHZja5iKkCUAjnl+UnSPF\r\n' +
+          'exaOwBrlrpiLOzRer94MylKNAkEBmI58bqfkI5OCGDArAsJ0Ih58V0l1UW35C1SX\r\n' +
+          '4yDoXSM5A/xQu2BJbXO4jPe3PnDvCVCEyKpbCK6bWbe26Y7zuw==\r\n' +
+          '-----END RSA PRIVATE KEY-----\r\n',
+        publicKeyPem: '-----BEGIN PUBLIC KEY-----\r\n' +
+          'MIGgMA0GCSqGSIb3DQEBAQUAA4GOADCBigKBggDPhzn5I3GecxWt5DKbP+VhM2AF\r\n' +
+          'NSOL0+VbYEOR1hnlZdLbxGK4cPQzMr2qT6dyttJcsgWr3xKobPkz7vsTZzQATSie\r\n' +
+          'km5Js5dGpaj5lrq/x2+WTZvn55x9M5Y5dlpusDMKcC3KaIX/axc+MbvPFzo6Eli7\r\n' +
+          'JLCWdBg01eKo30knil0CAwEAAQ==\r\n' +
+          '-----END PUBLIC KEY-----\r\n',
+        encrypted: 'pKTbv+xgXPDc+wbjsANFu1/WTcmy4aZFKXKnxddHbU5S0Dpdj2OqCACiBwu1oENPMgPAJ27XRbFtKG+eS8tX47mKP2Fo0Bi+BPFtzuQ1bj3zUzTwzjemT+PU+a4Tho/eKjPhm6xrwGAoQH2VEDEpvcYf+SRmGFJpJ/zPUrSxgffj',
+        signature: 'R9WBFprCfcIC4zY9SmBpEM0E+cr5j4gMn3Ido5mktoR9VBoJqC6eR6lubIPvZZUz9e4yUSYX0squ56Q9Y0yZFQjTHgsrlmhB2YW8kpv4h8P32Oz2TLcMJK9R2tIh9vvyxwBkd/Ml1qG60GnOFUFzxUad9VIlzaF1PFR6EfnkgBUW',
+        signaturePss: 'v9UBd4XzBxSRz8yhWKjUkFpBX4Fr2G+ImjqbePL4sAZvYw1tWL+aUQpzG8eOyMxxE703VDh9nIZULYI/uIb9HYHQoGYQ3WoUaWqtZg1x8pZP+Ad7ilUWk5ImRl57fTznNQiVdwlkS5Wgheh1yJCES570a4eujiK9OyB0ba4rKIcM',
+        signatureWithAbcSalt: 'HCm0FI1jE6wQgwwi0ZwPTkGjssxAPtRh6tWXhNd2J2IoJYj9oQMMjCEElnvQFBa/l00sIsw2YV1tKyoTABaSTGV4vlJcDF+K0g/wiAf30TRUZo72DZKDNdyffDlH0wBDkNVW+F6uqdciJqBC6zz+unNh7x+FRwYaY8xhudIPXdyP',
+        signatureWithCustomPrng: 'AGyN8xu+0yfCR1tyB9mCXcTGb2vdLnsX9ro2Qy5KV6Hw5YMVNltAt65dKR4Y8pfu6D4WUyyJRUtJ8td2ZHYzIVtWY6bG1xFt5rkjTVg4v1tzQgUQq8AHvRE2qLzwDXhazJ1e6Id2Nuxb1uInFyRC6/gLmiPga1WRDEVvFenuIA48'
+      }];
+      for(var i = 0; i < tests.length; ++i) {
+        createTests(tests[i]);
+      }
+
+      it('should ensure maximum message length for a 1024-bit key is exceeded', function() {
+        /* For PKCS#1 v1.5, the message must be padded with at least eight bytes,
+          two zero bytes and one byte telling what the block type is. This is 11
+          extra bytes are added to the message. The test uses a message of 118
+          bytes.Together with the 11 extra bytes the encryption block needs to be
+          at least 129 bytes long. This requires a key of 1025-bits. */
+        var key = PKI.publicKeyFromPem(tests[0].publicKeyPem);
+        var message = UTIL.createBuffer().fillWithByte(0, 118);
+        ASSERT.throws(function() {
+          key.encrypt(message.getBytes());
+        });
+      });
+
+      it('should ensure maximum message length for a 1025-bit key is not exceeded', function() {
+        var key = PKI.publicKeyFromPem(tests[1].publicKeyPem);
+        var message = UTIL.createBuffer().fillWithByte(0, 118);
+        ASSERT.doesNotThrow(function() {
+          key.encrypt(message.getBytes());
+        });
+      });
+
+      /**
+       * Creates RSA encryption & decryption tests.
+       *
+       * Uses different key sizes (1024, 1025, 1031, 1032). The test functions are
+       * generated from "templates" below, one for each key size to provide sensible
+       * output.
+       *
+       * Key material in was created with OpenSSL using these commands:
+       *
+       * openssl genrsa -out rsa_1024_private.pem 1024
+       * openssl rsa -in rsa_1024_private.pem -out rsa_1024_public.pem \
+       *   -outform PEM -pubout
+       * echo 'too many secrets' | openssl rsautl -encrypt \
+       *   -inkey rsa_1024_public.pem -pubin -out rsa_1024_encrypted.bin
+       *
+       * echo -n 'just testing' | openssl dgst -sha1 -binary > tosign.sha1
+       * openssl pkeyutl -sign -in tosign.sha1 -inkey rsa_1024_private.pem \
+       *   -out rsa_1024_sig.bin -pkeyopt digest:sha1
+       * openssl pkeyutl -sign -in tosign.sha1 -inkey rsa_1024_private.pem \
+       *   -out rsa_1024_sigpss.bin -pkeyopt digest:sha1 \
+       *   -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:20
+       *
+       * OpenSSL commands for signature verification:
+       *
+       * openssl pkeyutl -verify -in tosign.sha1 -sigfile rsa_1024_sig.bin \
+       *   -pubin -inkey rsa_1024_public.pem -pkeyopt digest:sha1
+       * openssl pkeyutl -verify -in tosign.sha1 -sigfile rsa_1025_sigpss.bin \
+       *   -pubin -inkey rsa_1025_public.pem -pkeyopt digest:sha1 \
+       *   -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:20
+       */
+      function createTests(params) {
+        var keySize = params.keySize;
+
+        it('should rsa encrypt using a ' + keySize + '-bit key', function() {
+          var message = "it need's to be about 20% cooler"; // it need's better grammar too
+
+          /* First step, do public key encryption */
+          var key = PKI.publicKeyFromPem(params.publicKeyPem);
+          var data = key.encrypt(message);
+
+          /* Second step, use private key decryption to verify successful
+            encryption. The encrypted message differs every time, since it is
+            padded with random data. Therefore just rely on the decryption
+            routine to work, which is tested seperately against an externally
+            provided encrypted message. */
+          key = PKI.privateKeyFromPem(params.privateKeyPem);
+          ASSERT.equal(key.decrypt(data), message);
+        });
+
+        it('should rsa decrypt using a ' + keySize + '-bit key', function() {
+          var data = UTIL.decode64(params.encrypted);
+          var key = PKI.privateKeyFromPem(params.privateKeyPem);
+          ASSERT.equal(key.decrypt(data), 'too many secrets\n');
+        });
+
+        it('should rsa sign using a ' + keySize + '-bit key and PKCS#1 v1.5 padding', function() {
+          var key = PKI.privateKeyFromPem(params.privateKeyPem);
+
+          var md = MD.sha1.create();
+          md.start();
+          md.update('just testing');
+
+          var signature = UTIL.decode64(params.signature);
+          ASSERT.equal(key.sign(md), signature);
+        });
+
+        it('should verify an rsa signature using a ' + keySize + '-bit key and PKCS#1 v1.5 padding', function() {
+          var signature = UTIL.decode64(params.signature);
+          var key = PKI.publicKeyFromPem(params.publicKeyPem);
+
+          var md = MD.sha1.create();
+          md.start();
+          md.update('just testing');
+
+          ASSERT.equal(key.verify(md.digest().getBytes(), signature), true);
+        });
+
+        /* Note: signatures are *not* deterministic (the point of RSASSA-PSS),
+          so they can't be compared easily -- instead they are just verified
+          using the verify() function which is tested against OpenSSL-generated
+          signatures. */
+        it('should rsa sign using a ' + keySize + '-bit key and PSS padding', function() {
+          var privateKey = PKI.privateKeyFromPem(params.privateKeyPem);
+          var publicKey = PKI.publicKeyFromPem(params.publicKeyPem);
+
+          var md = MD.sha1.create();
+          md.start();
+          md.update('just testing');
+
+          // create signature
+          var pss = PSS.create(
+            MD.sha1.create(), MGF.mgf1.create(MD.sha1.create()), 20);
+          var signature = privateKey.sign(md, pss);
+
+          // verify signature
+          md.start();
+          md.update('just testing');
+          ASSERT.equal(
+            publicKey.verify(md.digest().getBytes(), signature, pss), true);
+        });
+
+        it('should verify an rsa signature using a ' + keySize + '-bit key and PSS padding', function() {
+          var signature = UTIL.decode64(params.signaturePss);
+          var key = PKI.publicKeyFromPem(params.publicKeyPem);
+
+          var md = MD.sha1.create();
+          md.start();
+          md.update('just testing');
+
+          var pss = PSS.create(
+            MD.sha1.create(), MGF.mgf1.create(MD.sha1.create()), 20);
+          ASSERT.equal(
+            key.verify(md.digest().getBytes(), signature, pss), true);
+        });
+
+        it('should rsa sign using a ' + keySize + '-bit key and PSS padding using pss named-param API', function() {
+          var privateKey = PKI.privateKeyFromPem(params.privateKeyPem);
+          var publicKey = PKI.publicKeyFromPem(params.publicKeyPem);
+
+          var md = MD.sha1.create();
+          md.start();
+          md.update('just testing');
+
+          // create signature
+          var pss = PSS.create({
+            md: MD.sha1.create(),
+            mgf: MGF.mgf1.create(MD.sha1.create()),
+            saltLength: 20
+          });
+          var signature = privateKey.sign(md, pss);
+
+          // verify signature
+          md.start();
+          md.update('just testing');
+          ASSERT.equal(
+            publicKey.verify(md.digest().getBytes(), signature, pss), true);
+        });
+
+        it('should verify an rsa signature using a ' + keySize + '-bit key and PSS padding using pss named-param API', function() {
+          var signature = UTIL.decode64(params.signaturePss);
+          var key = PKI.publicKeyFromPem(params.publicKeyPem);
+
+          var md = MD.sha1.create();
+          md.start();
+          md.update('just testing');
+
+          var pss = PSS.create({
+            md: MD.sha1.create(),
+            mgf: MGF.mgf1.create(MD.sha1.create()),
+            saltLength: 20
+          });
+          ASSERT.equal(
+            key.verify(md.digest().getBytes(), signature, pss), true);
+        });
+
+        it('should rsa sign using a ' + keySize + '-bit key and PSS padding using salt "abc"', function() {
+          var privateKey = PKI.privateKeyFromPem(params.privateKeyPem);
+
+          var md = MD.sha1.create();
+          md.start();
+          md.update('just testing');
+
+          // create signature
+          var pss = PSS.create({
+            md: MD.sha1.create(),
+            mgf: MGF.mgf1.create(MD.sha1.create()),
+            salt: UTIL.createBuffer('abc')
+          });
+          var signature = privateKey.sign(md, pss);
+          var b64 = UTIL.encode64(signature);
+          ASSERT.equal(b64, params.signatureWithAbcSalt);
+        });
+
+        it('should verify an rsa signature using a ' + keySize + '-bit key and PSS padding using salt "abc"', function() {
+          var signature = UTIL.decode64(params.signatureWithAbcSalt);
+          var key = PKI.publicKeyFromPem(params.publicKeyPem);
+
+          var md = MD.sha1.create();
+          md.start();
+          md.update('just testing');
+
+          var pss = PSS.create({
+            md: MD.sha1.create(),
+            mgf: MGF.mgf1.create(MD.sha1.create()),
+            saltLength: 3
+          });
+          ASSERT.equal(
+            key.verify(md.digest().getBytes(), signature, pss), true);
+        });
+
+        it('should rsa sign using a ' + keySize + '-bit key and PSS padding using custom PRNG', function() {
+          var prng = RANDOM.createInstance();
+          prng.seedFileSync = function(needed) {
+            return UTIL.fillString('a', needed);
+          };
+          var privateKey = PKI.privateKeyFromPem(params.privateKeyPem);
+
+          var md = MD.sha1.create();
+          md.start();
+          md.update('just testing');
+
+          // create signature
+          var pss = PSS.create({
+            md: MD.sha1.create(),
+            mgf: MGF.mgf1.create(MD.sha1.create()),
+            saltLength: 20,
+            prng: prng
+          });
+          var signature = privateKey.sign(md, pss);
+          var b64 = UTIL.encode64(signature);
+          ASSERT.equal(b64, params.signatureWithCustomPrng);
+        });
+
+        it('should verify an rsa signature using a ' + keySize + '-bit key and PSS padding using custom PRNG', function() {
+          var prng = RANDOM.createInstance();
+          prng.seedFileSync = function(needed) {
+            return UTIL.fillString('a', needed);
+          };
+          var signature = UTIL.decode64(params.signatureWithCustomPrng);
+          var key = PKI.publicKeyFromPem(params.publicKeyPem);
+
+          var md = MD.sha1.create();
+          md.start();
+          md.update('just testing');
+
+          var pss = PSS.create({
+            md: MD.sha1.create(),
+            mgf: MGF.mgf1.create(MD.sha1.create()),
+            saltLength: 20,
+            prng: prng
+          });
+          ASSERT.equal(
+            key.verify(md.digest().getBytes(), signature, pss), true);
+        });
+      }
+    })();
+  });
+}
+
+// check for AMD
+if(typeof define === 'function') {
+  define([
+    'forge/pki',
+    'forge/rsa',
+    'forge/md',
+    'forge/mgf',
+    'forge/pss',
+    'forge/random',
+    'forge/util'
+  ], function(PKI, RSA, MD, MGF, PSS, RANDOM, UTIL) {
+    Tests(
+      // Global provided by test harness
+      ASSERT,
+      PKI(),
+      RSA(),
+      MD(),
+      MGF(),
+      PSS(),
+      RANDOM(),
+      UTIL()
+    );
+  });
+} else if(typeof module === 'object' && module.exports) {
+  // assume NodeJS
+  Tests(
+    require('assert'),
+    require('../../js/pki')(),
+    require('../../js/rsa')(),
+    require('../../js/md')(),
+    require('../../js/mgf')(),
+    require('../../js/pss')(),
+    require('../../js/random')(),
+    require('../../js/util')());
+}
+
+})();