-
-
Notifications
You must be signed in to change notification settings - Fork 35.4k
Expand file tree
/
Copy pathtest-tls-client-mindhsize.js
More file actions
124 lines (108 loc) Β· 3.59 KB
/
test-tls-client-mindhsize.js
File metadata and controls
124 lines (108 loc) Β· 3.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
// Flags: --expose-internals
'use strict';
const common = require('../common');
if (!common.hasCrypto)
common.skip('missing crypto');
// OpenSSL has a set of security levels which affect what algorithms
// are available by default. Different OpenSSL veresions have different
// default security levels and we use this value to adjust what a test
// expects based on the security level. You can read more in
// https://docs.openssl.org/1.1.1/man3/SSL_CTX_set_security_level/#default-callback-behaviour
const secLevel = require('internal/crypto/util').getOpenSSLSecLevel();
const assert = require('assert');
const tls = require('tls');
const fixtures = require('../common/fixtures');
const { hasOpenSSL } = require('../common/crypto');
const key = fixtures.readKey('agent2-key.pem');
const cert = fixtures.readKey('agent2-cert.pem');
let nsuccess = 0;
let nerror = 0;
function loadDHParam(n) {
return fixtures.readKey(`dh${n}.pem`);
}
function test(size, err, next, minDHSizeOverride) {
const options = {
key: key,
cert: cert,
dhparam: loadDHParam(size),
ciphers: 'DHE-RSA-AES128-GCM-SHA256'
};
const server = tls.createServer(options, function(conn) {
conn.end();
});
server.on('close', common.mustCall(function(isException) {
assert(!isException);
if (next) next();
}));
server.listen(0, common.mustCall(function() {
// Client set minimum DH parameter size to 2048 or 3072 bits
// so that it fails when it makes a connection to the tls
// server where is too small. This depends on the openssl
// security level
const minDHSize = minDHSizeOverride ?? ((secLevel > 1) ? 3072 : 2048);
const client = tls.connect({
minDHSize: minDHSize,
port: this.address().port,
rejectUnauthorized: false,
maxVersion: 'TLSv1.2',
}, function() {
nsuccess++;
server.close();
});
if (err) {
client.on('error', common.mustCall((e) => {
nerror++;
assert.strictEqual(e.code, 'ERR_TLS_DH_PARAM_SIZE');
server.close();
}));
}
}));
}
// A client connection fails with an error when a client has an
// 2048 bits minDHSize option and a server has 1024 bits dhparam
function testDHE1024() {
test(1024, true, testDHE2048(false, null));
}
// Test a client connection when a client has an
// 2048 bits minDHSize option
function testDHE2048(expect_to_fail, next) {
test(2048, expect_to_fail, next);
}
// A client connection successes when a client has an
// 3072 bits minDHSize option and a server has 3072 bits dhparam
function testDHE3072() {
test(3072, false, null);
}
if (hasOpenSSL(4, 0)) {
// OpenSSL 4.0 implements RFC 7919 FFDHE negotiation for TLS 1.2 and
// ignores the server-supplied dhparam in favor of FFDHE-2048. The 3072
// success case is therefore replaced by a 2048 success case.
testDHE2048(true, () => test(2048, false, null, 2048));
} else if (secLevel > 1) {
// Minimum size for OpenSSL security level 2 and above is 2048 by default
testDHE2048(true, testDHE3072);
} else {
testDHE1024();
}
assert.throws(() => test(512, true, common.mustNotCall()),
/DH parameter is less than 1024 bits/);
for (const minDHSize of [0, -1, -Infinity, NaN]) {
assert.throws(() => {
tls.connect({ minDHSize });
}, {
code: 'ERR_OUT_OF_RANGE',
name: 'RangeError',
});
}
for (const minDHSize of [true, false, null, undefined, {}, [], '', '1']) {
assert.throws(() => {
tls.connect({ minDHSize });
}, {
code: 'ERR_INVALID_ARG_TYPE',
name: 'TypeError',
});
}
process.on('exit', function() {
assert.strictEqual(nsuccess, 1);
assert.strictEqual(nerror, 1);
});