From 83ca5907b708681c799e8f5435181dd068f57e4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Stan=C4=9Bk?= Date: Thu, 16 Jan 2020 09:06:24 +0100 Subject: [PATCH 2/4] Adjust tests for missing OpenSSL features MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jan Staněk --- .../test-crypto-aes-wrap.js | 0 .../test-crypto-des3-wrap.js | 0 .../test-crypto-hash-stream-pipe.js | 0 .../test-make-doc.js | 0 .../test-tls-cli-max-version-1.3.js | 0 .../test-tls-cli-min-max-conflict.js | 0 .../test-tls-cli-min-version-1.3.js | 0 .../test-tls-client-renegotiation-13.js | 0 .../test-tls-keylog-tlsv13.js | 0 .../test-tls-no-sslv3.js | 0 .../test-tls-ticket-12.js | 0 .../test-tls-ticket-cluster.js | 0 .../test-tls-ticket.js | 0 .../test-v8-serdes.js | 0 test/parallel/test-crypto-authenticated.js | 54 +----- test/parallel/test-crypto-hash.js | 68 ------- test/parallel/test-crypto-key-objects.js | 175 ------------------ test/parallel/test-crypto-keygen.js | 54 ------ test/parallel/test-crypto-pbkdf2.js | 18 -- test/parallel/test-crypto-sign-verify.js | 8 - test/parallel/test-crypto.js | 6 +- .../test-https-agent-session-eviction.js | 42 ++++- test/parallel/test-tls-alert-handling.js | 2 +- test/parallel/test-tls-cli-min-version-1.0.js | 2 +- test/parallel/test-tls-cli-min-version-1.1.js | 2 +- test/parallel/test-tls-cli-min-version-1.2.js | 2 +- .../test-tls-client-getephemeralkeyinfo.js | 2 - test/parallel/test-tls-destroy-stream.js | 2 +- test/parallel/test-tls-getcipher.js | 25 +-- test/parallel/test-tls-min-max-version.js | 29 +-- test/parallel/test-tls-multi-key.js | 4 +- test/parallel/test-tls-multi-pfx.js | 4 +- test/parallel/test-tls-passphrase.js | 2 +- test/parallel/test-tls-set-ciphers.js | 27 +-- 34 files changed, 60 insertions(+), 468 deletions(-) rename test/{parallel => known_issues}/test-crypto-aes-wrap.js (100%) rename test/{parallel => known_issues}/test-crypto-des3-wrap.js (100%) rename test/{parallel => known_issues}/test-crypto-hash-stream-pipe.js (100%) rename test/{doctool => known_issues}/test-make-doc.js (100%) rename test/{parallel => known_issues}/test-tls-cli-max-version-1.3.js (100%) rename test/{parallel => known_issues}/test-tls-cli-min-max-conflict.js (100%) rename test/{parallel => known_issues}/test-tls-cli-min-version-1.3.js (100%) rename test/{parallel => known_issues}/test-tls-client-renegotiation-13.js (100%) rename test/{parallel => known_issues}/test-tls-keylog-tlsv13.js (100%) rename test/{parallel => known_issues}/test-tls-no-sslv3.js (100%) rename test/{parallel => known_issues}/test-tls-ticket-12.js (100%) rename test/{parallel => known_issues}/test-tls-ticket-cluster.js (100%) rename test/{parallel => known_issues}/test-tls-ticket.js (100%) rename test/{parallel => known_issues}/test-v8-serdes.js (100%) diff --git a/test/parallel/test-crypto-aes-wrap.js b/test/known_issues/test-crypto-aes-wrap.js similarity index 100% rename from test/parallel/test-crypto-aes-wrap.js rename to test/known_issues/test-crypto-aes-wrap.js diff --git a/test/parallel/test-crypto-des3-wrap.js b/test/known_issues/test-crypto-des3-wrap.js similarity index 100% rename from test/parallel/test-crypto-des3-wrap.js rename to test/known_issues/test-crypto-des3-wrap.js diff --git a/test/parallel/test-crypto-hash-stream-pipe.js b/test/known_issues/test-crypto-hash-stream-pipe.js similarity index 100% rename from test/parallel/test-crypto-hash-stream-pipe.js rename to test/known_issues/test-crypto-hash-stream-pipe.js diff --git a/test/doctool/test-make-doc.js b/test/known_issues/test-make-doc.js similarity index 100% rename from test/doctool/test-make-doc.js rename to test/known_issues/test-make-doc.js diff --git a/test/parallel/test-tls-cli-max-version-1.3.js b/test/known_issues/test-tls-cli-max-version-1.3.js similarity index 100% rename from test/parallel/test-tls-cli-max-version-1.3.js rename to test/known_issues/test-tls-cli-max-version-1.3.js diff --git a/test/parallel/test-tls-cli-min-max-conflict.js b/test/known_issues/test-tls-cli-min-max-conflict.js similarity index 100% rename from test/parallel/test-tls-cli-min-max-conflict.js rename to test/known_issues/test-tls-cli-min-max-conflict.js diff --git a/test/parallel/test-tls-cli-min-version-1.3.js b/test/known_issues/test-tls-cli-min-version-1.3.js similarity index 100% rename from test/parallel/test-tls-cli-min-version-1.3.js rename to test/known_issues/test-tls-cli-min-version-1.3.js diff --git a/test/parallel/test-tls-client-renegotiation-13.js b/test/known_issues/test-tls-client-renegotiation-13.js similarity index 100% rename from test/parallel/test-tls-client-renegotiation-13.js rename to test/known_issues/test-tls-client-renegotiation-13.js diff --git a/test/parallel/test-tls-keylog-tlsv13.js b/test/known_issues/test-tls-keylog-tlsv13.js similarity index 100% rename from test/parallel/test-tls-keylog-tlsv13.js rename to test/known_issues/test-tls-keylog-tlsv13.js diff --git a/test/parallel/test-tls-no-sslv3.js b/test/known_issues/test-tls-no-sslv3.js similarity index 100% rename from test/parallel/test-tls-no-sslv3.js rename to test/known_issues/test-tls-no-sslv3.js diff --git a/test/parallel/test-tls-ticket-12.js b/test/known_issues/test-tls-ticket-12.js similarity index 100% rename from test/parallel/test-tls-ticket-12.js rename to test/known_issues/test-tls-ticket-12.js diff --git a/test/parallel/test-tls-ticket-cluster.js b/test/known_issues/test-tls-ticket-cluster.js similarity index 100% rename from test/parallel/test-tls-ticket-cluster.js rename to test/known_issues/test-tls-ticket-cluster.js diff --git a/test/parallel/test-tls-ticket.js b/test/known_issues/test-tls-ticket.js similarity index 100% rename from test/parallel/test-tls-ticket.js rename to test/known_issues/test-tls-ticket.js diff --git a/test/parallel/test-v8-serdes.js b/test/known_issues/test-v8-serdes.js similarity index 100% rename from test/parallel/test-v8-serdes.js rename to test/known_issues/test-v8-serdes.js diff --git a/test/parallel/test-crypto-authenticated.js b/test/parallel/test-crypto-authenticated.js index 8be7296..c9bf961 100644 --- a/test/parallel/test-crypto-authenticated.js +++ b/test/parallel/test-crypto-authenticated.js @@ -404,7 +404,7 @@ for (const test of TEST_CASES) { // Test that create(De|C)ipher(iv)? throws if the mode is CCM or OCB and no // authentication tag has been specified. { - for (const mode of ['ccm', 'ocb']) { + for (const mode of ['ccm']) { assert.throws(() => { crypto.createCipheriv(`aes-256-${mode}`, 'FxLKsqdmv0E9xrQhp0b1ZgI0K7JFZJM8', @@ -564,7 +564,7 @@ for (const test of TEST_CASES) { const key = Buffer.from('0123456789abcdef', 'utf8'); const iv = Buffer.from('0123456789ab', 'utf8'); - for (const mode of ['gcm', 'ocb']) { + for (const mode of ['gcm']) { for (const authTagLength of mode === 'gcm' ? [undefined, 8] : [8]) { const cipher = crypto.createCipheriv(`aes-128-${mode}`, key, iv, { authTagLength @@ -598,7 +598,7 @@ for (const test of TEST_CASES) { const iv = Buffer.from('0123456789ab', 'utf8'); const opts = { authTagLength: 8 }; - for (const mode of ['gcm', 'ccm', 'ocb']) { + for (const mode of ['gcm', 'ccm']) { const cipher = crypto.createCipheriv(`aes-128-${mode}`, key, iv, opts); const ciphertext = Buffer.concat([cipher.update(plain), cipher.final()]); const tag = cipher.getAuthTag(); @@ -616,51 +616,3 @@ for (const test of TEST_CASES) { assert(plain.equals(plaintext)); } } - - -// Test chacha20-poly1305 rejects invalid IV lengths of 13, 14, 15, and 16 (a -// length of 17 or greater was already rejected). -// - https://www.openssl.org/news/secadv/20190306.txt -{ - // Valid extracted from TEST_CASES, check that it detects IV tampering. - const valid = { - algo: 'chacha20-poly1305', - key: '808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f', - iv: '070000004041424344454647', - plain: '4c616469657320616e642047656e746c656d656e206f662074686520636c6173' + - '73206f66202739393a204966204920636f756c64206f6666657220796f75206f' + - '6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73' + - '637265656e20776f756c642062652069742e', - plainIsHex: true, - aad: '50515253c0c1c2c3c4c5c6c7', - ct: 'd31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5' + - 'a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e06' + - '0b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fa' + - 'b324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d265' + - '86cec64b6116', - tag: '1ae10b594f09e26a7e902ecbd0600691', - tampered: false, - }; - - // Invalid IV lengths should be detected: - // - 12 and below are valid. - // - 13-16 are not detected as invalid by some OpenSSL versions. - check(13); - check(14); - check(15); - check(16); - // - 17 and above were always detected as invalid by OpenSSL. - check(17); - - function check(ivLength) { - const prefix = ivLength - valid.iv.length / 2; - assert.throws(() => crypto.createCipheriv( - valid.algo, - Buffer.from(valid.key, 'hex'), - Buffer.from(H(prefix) + valid.iv, 'hex'), - { authTagLength: valid.tag.length / 2 } - ), errMessages.length, `iv length ${ivLength} was not rejected`); - - function H(length) { return '00'.repeat(length); } - } -} diff --git a/test/parallel/test-crypto-hash.js b/test/parallel/test-crypto-hash.js index 7f752f8..dbfb9a1 100644 --- a/test/parallel/test-crypto-hash.js +++ b/test/parallel/test-crypto-hash.js @@ -181,71 +181,3 @@ common.expectsError( assert(instance instanceof Hash, 'Hash is expected to return a new instance' + ' when called without `new`'); } - -// Test XOF hash functions and the outputLength option. -{ - // Default outputLengths. - assert.strictEqual(crypto.createHash('shake128').digest('hex'), - '7f9c2ba4e88f827d616045507605853e'); - assert.strictEqual(crypto.createHash('shake128', null).digest('hex'), - '7f9c2ba4e88f827d616045507605853e'); - assert.strictEqual(crypto.createHash('shake256').digest('hex'), - '46b9dd2b0ba88d13233b3feb743eeb24' + - '3fcd52ea62b81b82b50c27646ed5762f'); - - // Short outputLengths. - assert.strictEqual(crypto.createHash('shake128', { outputLength: 0 }) - .digest('hex'), - ''); - assert.strictEqual(crypto.createHash('shake128', { outputLength: 5 }) - .digest('hex'), - '7f9c2ba4e8'); - assert.strictEqual(crypto.createHash('shake128', { outputLength: 15 }) - .digest('hex'), - '7f9c2ba4e88f827d61604550760585'); - assert.strictEqual(crypto.createHash('shake256', { outputLength: 16 }) - .digest('hex'), - '46b9dd2b0ba88d13233b3feb743eeb24'); - - // Large outputLengths. - assert.strictEqual(crypto.createHash('shake128', { outputLength: 128 }) - .digest('hex'), - '7f9c2ba4e88f827d616045507605853e' + - 'd73b8093f6efbc88eb1a6eacfa66ef26' + - '3cb1eea988004b93103cfb0aeefd2a68' + - '6e01fa4a58e8a3639ca8a1e3f9ae57e2' + - '35b8cc873c23dc62b8d260169afa2f75' + - 'ab916a58d974918835d25e6a435085b2' + - 'badfd6dfaac359a5efbb7bcc4b59d538' + - 'df9a04302e10c8bc1cbf1a0b3a5120ea'); - const superLongHash = crypto.createHash('shake256', { - outputLength: 1024 * 1024 - }).update('The message is shorter than the hash!') - .digest('hex'); - assert.strictEqual(superLongHash.length, 2 * 1024 * 1024); - assert.ok(superLongHash.endsWith('193414035ddba77bf7bba97981e656ec')); - assert.ok(superLongHash.startsWith('a2a28dbc49cfd6e5d6ceea3d03e77748')); - - // Non-XOF hash functions should accept valid outputLength options as well. - assert.strictEqual(crypto.createHash('sha224', { outputLength: 28 }) - .digest('hex'), - 'd14a028c2a3a2bc9476102bb288234c4' + - '15a2b01f828ea62ac5b3e42f'); - - // Passing invalid sizes should throw during creation. - common.expectsError(() => { - crypto.createHash('sha256', { outputLength: 28 }); - }, { - code: 'ERR_OSSL_EVP_NOT_XOF_OR_INVALID_LENGTH' - }); - - for (const outputLength of [null, {}, 'foo', false]) { - common.expectsError(() => crypto.createHash('sha256', { outputLength }), - { code: 'ERR_INVALID_ARG_TYPE' }); - } - - for (const outputLength of [-1, .5, Infinity, 2 ** 90]) { - common.expectsError(() => crypto.createHash('sha256', { outputLength }), - { code: 'ERR_OUT_OF_RANGE' }); - } -} diff --git a/test/parallel/test-crypto-key-objects.js b/test/parallel/test-crypto-key-objects.js index dc995be..4d2fc4c 100644 --- a/test/parallel/test-crypto-key-objects.js +++ b/test/parallel/test-crypto-key-objects.js @@ -239,42 +239,6 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem', }); } -[ - { private: fixtures.readKey('ed25519_private.pem', 'ascii'), - public: fixtures.readKey('ed25519_public.pem', 'ascii'), - keyType: 'ed25519' }, - { private: fixtures.readKey('ed448_private.pem', 'ascii'), - public: fixtures.readKey('ed448_public.pem', 'ascii'), - keyType: 'ed448' }, - { private: fixtures.readKey('x25519_private.pem', 'ascii'), - public: fixtures.readKey('x25519_public.pem', 'ascii'), - keyType: 'x25519' }, - { private: fixtures.readKey('x448_private.pem', 'ascii'), - public: fixtures.readKey('x448_public.pem', 'ascii'), - keyType: 'x448' }, -].forEach((info) => { - const keyType = info.keyType; - - { - const exportOptions = { type: 'pkcs8', format: 'pem' }; - const key = createPrivateKey(info.private); - assert.strictEqual(key.type, 'private'); - assert.strictEqual(key.asymmetricKeyType, keyType); - assert.strictEqual(key.symmetricKeySize, undefined); - assert.strictEqual(key.export(exportOptions), info.private); - } - - { - const exportOptions = { type: 'spki', format: 'pem' }; - [info.private, info.public].forEach((pem) => { - const key = createPublicKey(pem); - assert.strictEqual(key.type, 'public'); - assert.strictEqual(key.asymmetricKeyType, keyType); - assert.strictEqual(key.symmetricKeySize, undefined); - assert.strictEqual(key.export(exportOptions), info.public); - }); - } -}); { // Reading an encrypted key without a passphrase should fail. @@ -321,145 +285,6 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem', } -{ - // Test RSA-PSS. - { - // This key pair does not restrict the message digest algorithm or salt - // length. - const publicPem = fixtures.readKey('rsa_pss_public_2048.pem'); - const privatePem = fixtures.readKey('rsa_pss_private_2048.pem'); - - const publicKey = createPublicKey(publicPem); - const privateKey = createPrivateKey(privatePem); - - assert.strictEqual(publicKey.type, 'public'); - assert.strictEqual(publicKey.asymmetricKeyType, 'rsa-pss'); - - assert.strictEqual(privateKey.type, 'private'); - assert.strictEqual(privateKey.asymmetricKeyType, 'rsa-pss'); - - for (const key of [privatePem, privateKey]) { - // Any algorithm should work. - for (const algo of ['sha1', 'sha256']) { - // Any salt length should work. - for (const saltLength of [undefined, 8, 10, 12, 16, 18, 20]) { - const signature = createSign(algo) - .update('foo') - .sign({ key, saltLength }); - - for (const pkey of [key, publicKey, publicPem]) { - const okay = createVerify(algo) - .update('foo') - .verify({ key: pkey, saltLength }, signature); - - assert.ok(okay); - } - } - } - } - - // Exporting the key using PKCS#1 should not work since this would discard - // any algorithm restrictions. - common.expectsError(() => { - publicKey.export({ format: 'pem', type: 'pkcs1' }); - }, { - code: 'ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS' - }); - } - - { - // This key pair enforces sha256 as the message digest and the MGF1 - // message digest and a salt length of at least 16 bytes. - const publicPem = - fixtures.readKey('rsa_pss_public_2048_sha256_sha256_16.pem'); - const privatePem = - fixtures.readKey('rsa_pss_private_2048_sha256_sha256_16.pem'); - - const publicKey = createPublicKey(publicPem); - const privateKey = createPrivateKey(privatePem); - - assert.strictEqual(publicKey.type, 'public'); - assert.strictEqual(publicKey.asymmetricKeyType, 'rsa-pss'); - - assert.strictEqual(privateKey.type, 'private'); - assert.strictEqual(privateKey.asymmetricKeyType, 'rsa-pss'); - - for (const key of [privatePem, privateKey]) { - // Signing with anything other than sha256 should fail. - assert.throws(() => { - createSign('sha1').sign(key); - }, /digest not allowed/); - - // Signing with salt lengths less than 16 bytes should fail. - for (const saltLength of [8, 10, 12]) { - assert.throws(() => { - createSign('sha1').sign({ key, saltLength }); - }, /pss saltlen too small/); - } - - // Signing with sha256 and appropriate salt lengths should work. - for (const saltLength of [undefined, 16, 18, 20]) { - const signature = createSign('sha256') - .update('foo') - .sign({ key, saltLength }); - - for (const pkey of [key, publicKey, publicPem]) { - const okay = createVerify('sha256') - .update('foo') - .verify({ key: pkey, saltLength }, signature); - - assert.ok(okay); - } - } - } - } - - { - // This key enforces sha512 as the message digest and sha256 as the MGF1 - // message digest. - const publicPem = - fixtures.readKey('rsa_pss_public_2048_sha512_sha256_20.pem'); - const privatePem = - fixtures.readKey('rsa_pss_private_2048_sha512_sha256_20.pem'); - - const publicKey = createPublicKey(publicPem); - const privateKey = createPrivateKey(privatePem); - - assert.strictEqual(publicKey.type, 'public'); - assert.strictEqual(publicKey.asymmetricKeyType, 'rsa-pss'); - - assert.strictEqual(privateKey.type, 'private'); - assert.strictEqual(privateKey.asymmetricKeyType, 'rsa-pss'); - - // Node.js usually uses the same hash function for the message and for MGF1. - // However, when a different MGF1 message digest algorithm has been - // specified as part of the key, it should automatically switch to that. - // This behavior is required by sections 3.1 and 3.3 of RFC4055. - for (const key of [privatePem, privateKey]) { - // sha256 matches the MGF1 hash function and should be used internally, - // but it should not be permitted as the main message digest algorithm. - for (const algo of ['sha1', 'sha256']) { - assert.throws(() => { - createSign(algo).sign(key); - }, /digest not allowed/); - } - - // sha512 should produce a valid signature. - const signature = createSign('sha512') - .update('foo') - .sign(key); - - for (const pkey of [key, publicKey, publicPem]) { - const okay = createVerify('sha512') - .update('foo') - .verify(pkey, signature); - - assert.ok(okay); - } - } - } -} - { // Exporting an encrypted private key requires a cipher const privateKey = createPrivateKey(privatePem); diff --git a/test/parallel/test-crypto-keygen.js b/test/parallel/test-crypto-keygen.js index 8c3432e..07815e1 100644 --- a/test/parallel/test-crypto-keygen.js +++ b/test/parallel/test-crypto-keygen.js @@ -265,43 +265,6 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher); })); } -{ - // Test RSA-PSS. - generateKeyPair('rsa-pss', { - modulusLength: 512, - saltLength: 16, - hash: 'sha256', - mgf1Hash: 'sha256' - }, common.mustCall((err, publicKey, privateKey) => { - assert.ifError(err); - - assert.strictEqual(publicKey.type, 'public'); - assert.strictEqual(publicKey.asymmetricKeyType, 'rsa-pss'); - - assert.strictEqual(privateKey.type, 'private'); - assert.strictEqual(privateKey.asymmetricKeyType, 'rsa-pss'); - - // Unlike RSA, RSA-PSS does not allow encryption. - assert.throws(() => { - testEncryptDecrypt(publicKey, privateKey); - }, /operation not supported for this keytype/); - - // RSA-PSS also does not permit signing with PKCS1 padding. - assert.throws(() => { - testSignVerify({ - key: publicKey, - padding: constants.RSA_PKCS1_PADDING - }, { - key: privateKey, - padding: constants.RSA_PKCS1_PADDING - }); - }, /illegal or unsupported padding mode/); - - // The padding should correctly default to RSA_PKCS1_PSS_PADDING now. - testSignVerify(publicKey, privateKey); - })); -} - { const privateKeyEncoding = { type: 'pkcs8', @@ -964,23 +927,6 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher); })); } -// Test EdDSA key generation. -{ - if (!/^1\.1\.0/.test(process.versions.openssl)) { - ['ed25519', 'ed448', 'x25519', 'x448'].forEach((keyType) => { - generateKeyPair(keyType, common.mustCall((err, publicKey, privateKey) => { - assert.ifError(err); - - assert.strictEqual(publicKey.type, 'public'); - assert.strictEqual(publicKey.asymmetricKeyType, keyType); - - assert.strictEqual(privateKey.type, 'private'); - assert.strictEqual(privateKey.asymmetricKeyType, keyType); - })); - }); - } -} - // Test invalid key encoding types. { // Invalid public key type. diff --git a/test/parallel/test-crypto-pbkdf2.js b/test/parallel/test-crypto-pbkdf2.js index 1d4e6f6..64e8e8d 100644 --- a/test/parallel/test-crypto-pbkdf2.js +++ b/test/parallel/test-crypto-pbkdf2.js @@ -221,21 +221,3 @@ crypto.pbkdf2Sync(new Float32Array(10), 'salt', 8, 8, 'sha256'); crypto.pbkdf2Sync('pass', new Float32Array(10), 8, 8, 'sha256'); crypto.pbkdf2Sync(new Float64Array(10), 'salt', 8, 8, 'sha256'); crypto.pbkdf2Sync('pass', new Float64Array(10), 8, 8, 'sha256'); - -assert.throws( - () => crypto.pbkdf2('pass', 'salt', 8, 8, 'md55', common.mustNotCall()), - { - code: 'ERR_CRYPTO_INVALID_DIGEST', - name: 'TypeError', - message: 'Invalid digest: md55' - } -); - -assert.throws( - () => crypto.pbkdf2Sync('pass', 'salt', 8, 8, 'md55'), - { - code: 'ERR_CRYPTO_INVALID_DIGEST', - name: 'TypeError', - message: 'Invalid digest: md55' - } -); diff --git a/test/parallel/test-crypto-sign-verify.js b/test/parallel/test-crypto-sign-verify.js index 66c7ac7..2a48025 100644 --- a/test/parallel/test-crypto-sign-verify.js +++ b/test/parallel/test-crypto-sign-verify.js @@ -418,14 +418,6 @@ common.expectsError( } [ - { private: fixtures.readKey('ed25519_private.pem', 'ascii'), - public: fixtures.readKey('ed25519_public.pem', 'ascii'), - algo: null, - sigLen: 64 }, - { private: fixtures.readKey('ed448_private.pem', 'ascii'), - public: fixtures.readKey('ed448_public.pem', 'ascii'), - algo: null, - sigLen: 114 }, { private: fixtures.readKey('rsa_private_2048.pem', 'ascii'), public: fixtures.readKey('rsa_public_2048.pem', 'ascii'), algo: 'sha1', diff --git a/test/parallel/test-crypto.js b/test/parallel/test-crypto.js index 9337621..ac1fcce 100644 --- a/test/parallel/test-crypto.js +++ b/test/parallel/test-crypto.js @@ -129,7 +129,7 @@ validateList(cryptoCiphers); // Assume that we have at least AES256-SHA. const tlsCiphers = tls.getCiphers(); assert(tls.getCiphers().includes('aes256-sha')); -assert(tls.getCiphers().includes('tls_aes_128_ccm_8_sha256')); +//assert(tls.getCiphers().includes('tls_aes_128_ccm_8_sha256')); // TLSv1.3 // There should be no capital letters in any element. const noCapitals = /^[^A-Z]+$/; assert(tlsCiphers.every((value) => noCapitals.test(value))); @@ -235,9 +235,9 @@ assert.throws(function() { }, (err) => { // Do the standard checks, but then do some custom checks afterwards. assert.throws(() => { throw err; }, { - message: 'error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag', + message: 'error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag', library: 'asn1 encoding routines', - function: 'asn1_check_tlen', + function: 'ASN1_CHECK_TLEN', reason: 'wrong tag', code: 'ERR_OSSL_ASN1_WRONG_TAG', }); diff --git a/test/parallel/test-https-agent-session-eviction.js b/test/parallel/test-https-agent-session-eviction.js index 3f5cd36..8e13b15 100644 --- a/test/parallel/test-https-agent-session-eviction.js +++ b/test/parallel/test-https-agent-session-eviction.js @@ -7,8 +7,10 @@ const { readKey } = require('../common/fixtures'); if (!common.hasCrypto) common.skip('missing crypto'); +const assert = require('assert'); const https = require('https'); -const { SSL_OP_NO_TICKET } = require('crypto').constants; +const { OPENSSL_VERSION_NUMBER, SSL_OP_NO_TICKET } = + require('crypto').constants; const options = { key: readKey('agent1-key.pem'), @@ -58,12 +60,38 @@ function second(server, session) { res.resume(); }); - // Although we have a TLS 1.2 session to offer to the TLS 1.0 server, - // connection to the TLS 1.0 server should work. - req.on('response', common.mustCall(function(res) { - // The test is now complete for OpenSSL 1.1.0. - server.close(); - })); + if (OPENSSL_VERSION_NUMBER >= 0x10100000) { + // Although we have a TLS 1.2 session to offer to the TLS 1.0 server, + // connection to the TLS 1.0 server should work. + req.on('response', common.mustCall(function(res) { + // The test is now complete for OpenSSL 1.1.0. + server.close(); + })); + } else { + // OpenSSL 1.0.x mistakenly locked versions based on the session it was + // offering. This causes this sequent request to fail. Let it fail, but + // test that this is mitigated on the next try by invalidating the session. + req.on('error', common.mustCall(function(err) { + assert(/wrong version number/.test(err.message)); + + req.on('close', function() { + third(server); + }); + })); + } + req.end(); +} +// Try one more time - session should be evicted! +function third(server) { + const req = https.request({ + port: server.address().port, + rejectUnauthorized: false + }, function(res) { + res.resume(); + assert(!req.socket.isSessionReused()); + server.close(); + }); + req.on('error', common.mustNotCall()); req.end(); } diff --git a/test/parallel/test-tls-alert-handling.js b/test/parallel/test-tls-alert-handling.js index f9f42e2..9dc4637 100644 --- a/test/parallel/test-tls-alert-handling.js +++ b/test/parallel/test-tls-alert-handling.js @@ -33,7 +33,7 @@ let iter = 0; const errorHandler = common.mustCall((err) => { assert.strictEqual(err.code, 'ERR_SSL_WRONG_VERSION_NUMBER'); assert.strictEqual(err.library, 'SSL routines'); - assert.strictEqual(err.function, 'ssl3_get_record'); + assert.strictEqual(err.function, 'SSL3_GET_RECORD'); assert.strictEqual(err.reason, 'wrong version number'); errorReceived = true; if (canCloseServer()) diff --git a/test/parallel/test-tls-cli-min-version-1.0.js b/test/parallel/test-tls-cli-min-version-1.0.js index 5775627..0a227c0 100644 --- a/test/parallel/test-tls-cli-min-version-1.0.js +++ b/test/parallel/test-tls-cli-min-version-1.0.js @@ -8,7 +8,7 @@ if (!common.hasCrypto) common.skip('missing crypto'); const assert = require('assert'); const tls = require('tls'); -assert.strictEqual(tls.DEFAULT_MAX_VERSION, 'TLSv1.3'); +assert.strictEqual(tls.DEFAULT_MAX_VERSION, 'TLSv1.2'); assert.strictEqual(tls.DEFAULT_MIN_VERSION, 'TLSv1'); // Check the min-max version protocol versions against these CLI settings. diff --git a/test/parallel/test-tls-cli-min-version-1.1.js b/test/parallel/test-tls-cli-min-version-1.1.js index 3af2b39..1219c82 100644 --- a/test/parallel/test-tls-cli-min-version-1.1.js +++ b/test/parallel/test-tls-cli-min-version-1.1.js @@ -8,7 +8,7 @@ if (!common.hasCrypto) common.skip('missing crypto'); const assert = require('assert'); const tls = require('tls'); -assert.strictEqual(tls.DEFAULT_MAX_VERSION, 'TLSv1.3'); +assert.strictEqual(tls.DEFAULT_MAX_VERSION, 'TLSv1.2'); assert.strictEqual(tls.DEFAULT_MIN_VERSION, 'TLSv1.1'); // Check the min-max version protocol versions against these CLI settings. diff --git a/test/parallel/test-tls-cli-min-version-1.2.js b/test/parallel/test-tls-cli-min-version-1.2.js index 8385eab..058dc18 100644 --- a/test/parallel/test-tls-cli-min-version-1.2.js +++ b/test/parallel/test-tls-cli-min-version-1.2.js @@ -8,7 +8,7 @@ if (!common.hasCrypto) common.skip('missing crypto'); const assert = require('assert'); const tls = require('tls'); -assert.strictEqual(tls.DEFAULT_MAX_VERSION, 'TLSv1.3'); +assert.strictEqual(tls.DEFAULT_MAX_VERSION, 'TLSv1.2'); assert.strictEqual(tls.DEFAULT_MIN_VERSION, 'TLSv1.2'); // Check the min-max version protocol versions against these CLI settings. diff --git a/test/parallel/test-tls-client-getephemeralkeyinfo.js b/test/parallel/test-tls-client-getephemeralkeyinfo.js index 5993069..cdfe5de 100644 --- a/test/parallel/test-tls-client-getephemeralkeyinfo.js +++ b/test/parallel/test-tls-client-getephemeralkeyinfo.js @@ -59,5 +59,3 @@ test(1024, 'DH', undefined, 'DHE-RSA-AES128-GCM-SHA256'); test(2048, 'DH', undefined, 'DHE-RSA-AES128-GCM-SHA256'); test(256, 'ECDH', 'prime256v1', 'ECDHE-RSA-AES128-GCM-SHA256'); test(521, 'ECDH', 'secp521r1', 'ECDHE-RSA-AES128-GCM-SHA256'); -test(253, 'ECDH', 'X25519', 'ECDHE-RSA-AES128-GCM-SHA256'); -test(448, 'ECDH', 'X448', 'ECDHE-RSA-AES128-GCM-SHA256'); diff --git a/test/parallel/test-tls-destroy-stream.js b/test/parallel/test-tls-destroy-stream.js index a49e985..1964f67 100644 --- a/test/parallel/test-tls-destroy-stream.js +++ b/test/parallel/test-tls-destroy-stream.js @@ -9,7 +9,7 @@ const net = require('net'); const assert = require('assert'); const tls = require('tls'); -tls.DEFAULT_MAX_VERSION = 'TLSv1.3'; +tls.DEFAULT_MAX_VERSION = 'TLSv1.2'; // This test ensures that an instance of StreamWrap should emit "end" and // "close" when the socket on the other side call `destroy()` instead of diff --git a/test/parallel/test-tls-getcipher.js b/test/parallel/test-tls-getcipher.js index 624f8ef..93ad1f6 100644 --- a/test/parallel/test-tls-getcipher.js +++ b/test/parallel/test-tls-getcipher.js @@ -52,7 +52,7 @@ server.listen(0, '127.0.0.1', common.mustCall(function() { }, common.mustCall(function() { const cipher = this.getCipher(); assert.strictEqual(cipher.name, 'AES128-SHA256'); - assert.strictEqual(cipher.version, 'TLSv1.2'); + assert.strictEqual(cipher.version, 'TLSv1/SSLv3'); this.end(); })); @@ -65,28 +65,7 @@ server.listen(0, '127.0.0.1', common.mustCall(function() { }, common.mustCall(function() { const cipher = this.getCipher(); assert.strictEqual(cipher.name, 'ECDHE-RSA-AES128-GCM-SHA256'); - assert.strictEqual(cipher.version, 'TLSv1.2'); + assert.strictEqual(cipher.version, 'TLSv1/SSLv3'); this.end(); })); })); - -tls.createServer({ - key: fixtures.readKey('agent2-key.pem'), - cert: fixtures.readKey('agent2-cert.pem'), - ciphers: 'TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_8_SHA256', - maxVersion: 'TLSv1.3', -}, common.mustCall(function() { - this.close(); -})).listen(0, common.mustCall(function() { - const client = tls.connect({ - port: this.address().port, - ciphers: 'TLS_AES_128_CCM_8_SHA256', - maxVersion: 'TLSv1.3', - rejectUnauthorized: false - }, common.mustCall(() => { - const cipher = client.getCipher(); - assert.strictEqual(cipher.name, 'TLS_AES_128_CCM_8_SHA256'); - assert.strictEqual(cipher.version, 'TLSv1.3'); - client.end(); - })); -})); diff --git a/test/parallel/test-tls-min-max-version.js b/test/parallel/test-tls-min-max-version.js index 179ae1f..8b5435b 100644 --- a/test/parallel/test-tls-min-max-version.js +++ b/test/parallel/test-tls-min-max-version.js @@ -126,9 +126,9 @@ if (DEFAULT_MIN_VERSION === 'TLSv1.3') { if (DEFAULT_MIN_VERSION === 'TLSv1.2') { test(U, U, 'TLSv1_1_method', U, U, 'SSLv23_method', - U, 'ECONNRESET', 'ERR_SSL_UNSUPPORTED_PROTOCOL'); + U, 'ECONNRESET', 'ERR_SSL_UNKNOWN_PROTOCOL'); test(U, U, 'TLSv1_method', U, U, 'SSLv23_method', - U, 'ECONNRESET', 'ERR_SSL_UNSUPPORTED_PROTOCOL'); + U, 'ECONNRESET', 'ERR_SSL_UNKNOWN_PROTOCOL'); test(U, U, 'SSLv23_method', U, U, 'TLSv1_1_method', U, 'ERR_SSL_UNSUPPORTED_PROTOCOL', 'ERR_SSL_WRONG_VERSION_NUMBER'); test(U, U, 'SSLv23_method', U, U, 'TLSv1_method', @@ -138,7 +138,7 @@ if (DEFAULT_MIN_VERSION === 'TLSv1.2') { if (DEFAULT_MIN_VERSION === 'TLSv1.1') { test(U, U, 'TLSv1_1_method', U, U, 'SSLv23_method', 'TLSv1.1'); test(U, U, 'TLSv1_method', U, U, 'SSLv23_method', - U, 'ECONNRESET', 'ERR_SSL_UNSUPPORTED_PROTOCOL'); + U, 'ECONNRESET', 'ERR_SSL_UNKNOWN_PROTOCOL'); test(U, U, 'SSLv23_method', U, U, 'TLSv1_1_method', 'TLSv1.1'); test(U, U, 'SSLv23_method', U, U, 'TLSv1_method', U, 'ERR_SSL_UNSUPPORTED_PROTOCOL', 'ERR_SSL_WRONG_VERSION_NUMBER'); @@ -160,9 +160,9 @@ test(U, U, 'TLSv1_method', U, U, 'TLSv1_method', 'TLSv1'); // The default default. if (DEFAULT_MIN_VERSION === 'TLSv1.2') { test(U, U, 'TLSv1_1_method', U, U, U, - U, 'ECONNRESET', 'ERR_SSL_UNSUPPORTED_PROTOCOL'); + U, 'ECONNRESET', 'ERR_SSL_UNKNOWN_PROTOCOL'); test(U, U, 'TLSv1_method', U, U, U, - U, 'ECONNRESET', 'ERR_SSL_UNSUPPORTED_PROTOCOL'); + U, 'ECONNRESET', 'ERR_SSL_UNKNOWN_PROTOCOL'); if (DEFAULT_MAX_VERSION === 'TLSv1.2') { test(U, U, U, U, U, 'TLSv1_1_method', @@ -182,7 +182,7 @@ if (DEFAULT_MIN_VERSION === 'TLSv1.2') { if (DEFAULT_MIN_VERSION === 'TLSv1.1') { test(U, U, 'TLSv1_1_method', U, U, U, 'TLSv1.1'); test(U, U, 'TLSv1_method', U, U, U, - U, 'ECONNRESET', 'ERR_SSL_UNSUPPORTED_PROTOCOL'); + U, 'ECONNRESET', 'ERR_SSL_UNKNOWN_PROTOCOL'); test(U, U, U, U, U, 'TLSv1_1_method', 'TLSv1.1'); if (DEFAULT_MAX_VERSION === 'TLSv1.2') { @@ -213,26 +213,9 @@ test(U, U, 'TLSv1_method', 'TLSv1', 'TLSv1.2', U, 'TLSv1'); test(U, U, 'TLSv1_1_method', 'TLSv1', 'TLSv1.2', U, 'TLSv1.1'); test(U, U, 'TLSv1_2_method', 'TLSv1', 'TLSv1.2', U, 'TLSv1.2'); -test('TLSv1', 'TLSv1.1', U, 'TLSv1', 'TLSv1.3', U, 'TLSv1.1'); test('TLSv1', 'TLSv1.1', U, 'TLSv1', 'TLSv1.2', U, 'TLSv1.1'); test('TLSv1', 'TLSv1.2', U, 'TLSv1', 'TLSv1.1', U, 'TLSv1.1'); -test('TLSv1', 'TLSv1.3', U, 'TLSv1', 'TLSv1.1', U, 'TLSv1.1'); test('TLSv1', 'TLSv1', U, 'TLSv1', 'TLSv1.1', U, 'TLSv1'); test('TLSv1', 'TLSv1.2', U, 'TLSv1', 'TLSv1', U, 'TLSv1'); -test('TLSv1', 'TLSv1.3', U, 'TLSv1', 'TLSv1', U, 'TLSv1'); test('TLSv1.1', 'TLSv1.1', U, 'TLSv1', 'TLSv1.2', U, 'TLSv1.1'); test('TLSv1', 'TLSv1.2', U, 'TLSv1.1', 'TLSv1.1', U, 'TLSv1.1'); -test('TLSv1', 'TLSv1.2', U, 'TLSv1', 'TLSv1.3', U, 'TLSv1.2'); - -// v-any client can connect to v-specific server -test('TLSv1', 'TLSv1.3', U, 'TLSv1.3', 'TLSv1.3', U, 'TLSv1.3'); -test('TLSv1', 'TLSv1.3', U, 'TLSv1.2', 'TLSv1.3', U, 'TLSv1.3'); -test('TLSv1', 'TLSv1.3', U, 'TLSv1.2', 'TLSv1.2', U, 'TLSv1.2'); -test('TLSv1', 'TLSv1.3', U, 'TLSv1.1', 'TLSv1.1', U, 'TLSv1.1'); -test('TLSv1', 'TLSv1.3', U, 'TLSv1', 'TLSv1', U, 'TLSv1'); - -// v-specific client can connect to v-any server -test('TLSv1.3', 'TLSv1.3', U, 'TLSv1', 'TLSv1.3', U, 'TLSv1.3'); -test('TLSv1.2', 'TLSv1.2', U, 'TLSv1', 'TLSv1.3', U, 'TLSv1.2'); -test('TLSv1.1', 'TLSv1.1', U, 'TLSv1', 'TLSv1.3', U, 'TLSv1.1'); -test('TLSv1', 'TLSv1', U, 'TLSv1', 'TLSv1.3', U, 'TLSv1'); diff --git a/test/parallel/test-tls-multi-key.js b/test/parallel/test-tls-multi-key.js index c5e66f3..de213f5 100644 --- a/test/parallel/test-tls-multi-key.js +++ b/test/parallel/test-tls-multi-key.js @@ -157,7 +157,7 @@ function test(options) { }, common.mustCall(function() { assert.deepStrictEqual(ecdsa.getCipher(), { name: 'ECDHE-ECDSA-AES256-GCM-SHA384', - version: 'TLSv1.2' + version: 'TLSv1/SSLv3' }); assert.strictEqual(ecdsa.getPeerCertificate().subject.CN, eccCN); assert.strictEqual(ecdsa.getPeerCertificate().asn1Curve, 'prime256v1'); @@ -175,7 +175,7 @@ function test(options) { }, common.mustCall(function() { assert.deepStrictEqual(rsa.getCipher(), { name: 'ECDHE-RSA-AES256-GCM-SHA384', - version: 'TLSv1.2' + version: 'TLSv1/SSLv3' }); assert.strictEqual(rsa.getPeerCertificate().subject.CN, rsaCN); assert(rsa.getPeerCertificate().exponent, 'cert for an RSA key'); diff --git a/test/parallel/test-tls-multi-pfx.js b/test/parallel/test-tls-multi-pfx.js index 3b0c059..28cd945 100644 --- a/test/parallel/test-tls-multi-pfx.js +++ b/test/parallel/test-tls-multi-pfx.js @@ -42,9 +42,9 @@ const server = tls.createServer(options, function(conn) { process.on('exit', function() { assert.deepStrictEqual(ciphers, [{ name: 'ECDHE-ECDSA-AES256-GCM-SHA384', - version: 'TLSv1.2' + version: 'TLSv1/SSLv3' }, { name: 'ECDHE-RSA-AES256-GCM-SHA384', - version: 'TLSv1.2' + version: 'TLSv1/SSLv3' }]); }); diff --git a/test/parallel/test-tls-passphrase.js b/test/parallel/test-tls-passphrase.js index c3a99c3..4bbabb4 100644 --- a/test/parallel/test-tls-passphrase.js +++ b/test/parallel/test-tls-passphrase.js @@ -223,7 +223,7 @@ server.listen(0, common.mustCall(function() { }, onSecureConnect()); })).unref(); -const errMessagePassword = /bad decrypt/; +const errMessagePassword = /bad decrypt|bad password read/; // Missing passphrase assert.throws(function() { diff --git a/test/parallel/test-tls-set-ciphers.js b/test/parallel/test-tls-set-ciphers.js index fbca83b..79fb178 100644 --- a/test/parallel/test-tls-set-ciphers.js +++ b/test/parallel/test-tls-set-ciphers.js @@ -68,36 +68,11 @@ const U = undefined; test(U, 'AES256-SHA', 'AES256-SHA'); test('AES256-SHA', U, 'AES256-SHA'); -test(U, 'TLS_AES_256_GCM_SHA384', 'TLS_AES_256_GCM_SHA384'); -test('TLS_AES_256_GCM_SHA384', U, 'TLS_AES_256_GCM_SHA384'); - // Do not have shared ciphers. -test('TLS_AES_256_GCM_SHA384', 'TLS_CHACHA20_POLY1305_SHA256', - U, 'ECONNRESET', 'ERR_SSL_NO_SHARED_CIPHER'); - -test('AES128-SHA', 'AES256-SHA', U, 'ECONNRESET', 'ERR_SSL_NO_SHARED_CIPHER'); -test('AES128-SHA:TLS_AES_256_GCM_SHA384', - 'TLS_CHACHA20_POLY1305_SHA256:AES256-SHA', - U, 'ECONNRESET', 'ERR_SSL_NO_SHARED_CIPHER'); - -// Cipher order ignored, TLS1.3 chosen before TLS1.2. -test('AES256-SHA:TLS_AES_256_GCM_SHA384', U, 'TLS_AES_256_GCM_SHA384'); -test(U, 'AES256-SHA:TLS_AES_256_GCM_SHA384', 'TLS_AES_256_GCM_SHA384'); - -// TLS_AES_128_CCM_8_SHA256 & TLS_AES_128_CCM_SHA256 are not enabled by -// default, but work. -test('TLS_AES_128_CCM_8_SHA256', U, - U, 'ECONNRESET', 'ERR_SSL_NO_SHARED_CIPHER'); - -test('TLS_AES_128_CCM_8_SHA256', 'TLS_AES_128_CCM_8_SHA256', - 'TLS_AES_128_CCM_8_SHA256'); +test('AES128-SHA', 'AES256-SHA', U, 'ERR_SSL_SSLV3_ALERT_HANDSHAKE_FAILURE', 'ERR_SSL_NO_SHARED_CIPHER'); // Invalid cipher values test(9, 'AES256-SHA', U, 'ERR_INVALID_ARG_TYPE', U); test('AES256-SHA', 9, U, U, 'ERR_INVALID_ARG_TYPE'); test(':', 'AES256-SHA', U, 'ERR_INVALID_OPT_VALUE', U); test('AES256-SHA', ':', U, U, 'ERR_INVALID_OPT_VALUE'); - -// Using '' is synonymous for "use default ciphers" -test('TLS_AES_256_GCM_SHA384', '', 'TLS_AES_256_GCM_SHA384'); -test('', 'TLS_AES_256_GCM_SHA384', 'TLS_AES_256_GCM_SHA384'); -- 2.24.1