Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 55298c4

Browse filesBrowse files
panvapanva
authored
test: accept OpenSSL 4 generic internal error for DH key-type mismatches
Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #62805 Backport-PR-URL: #63129 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
1 parent ca3c309 commit 55298c4
Copy full SHA for 55298c4

2 files changed

+45-7Lines changed: 45 additions & 7 deletions

File tree

Expand file treeCollapse file tree
Open diff view settings
Filter options
Expand file treeCollapse file tree
Open diff view settings
Collapse file

‎test/parallel/test-crypto-dh-stateless-async.js‎

Copy file name to clipboardExpand all lines: test/parallel/test-crypto-dh-stateless-async.js
+26-4Lines changed: 26 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,28 @@ const assert = require('assert');
77
const crypto = require('crypto');
88
const { hasOpenSSL } = require('../common/crypto');
99

10+
// Error code for a key-type mismatch during (EC)DH. The underlying OpenSSL
11+
// error code varies by version, and in OpenSSL 4.0 by platform: some builds
12+
// report a generic internal error instead of a typed key-type mismatch.
13+
// https://github.com/openssl/openssl/issues/30895
14+
// TODO(panva): Tighten this check once/if fixed.
15+
let keyTypeMismatchCode;
16+
if (hasOpenSSL(4, 0)) {
17+
keyTypeMismatchCode =
18+
/^ERR_OSSL_EVP_(OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE|INTERNAL_ERROR)$/;
19+
} else if (hasOpenSSL(3)) {
20+
keyTypeMismatchCode = 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE';
21+
} else {
22+
keyTypeMismatchCode = 'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES';
23+
}
24+
25+
function assertErrorCode(actual, expected) {
26+
if (expected instanceof RegExp)
27+
assert.match(actual, expected);
28+
else
29+
assert.strictEqual(actual, expected);
30+
}
31+
1032
assert.throws(() => crypto.diffieHellman(crypto.generateKeyPairSync('ec', { namedCurve: 'P-256' }), null), {
1133
name: 'TypeError',
1234
code: 'ERR_INVALID_ARG_TYPE',
@@ -341,16 +363,16 @@ for (const { privateKey: alicePriv, publicKey: bobPub } of [
341363
privateKey: ec256.privateKey.export({ type: 'pkcs8', format: 'pem' }),
342364
publicKey: x25519.publicKey.export({ type: 'spki', format: 'pem' }),
343365
}, common.mustCall((err) => {
344-
assert.strictEqual(err.code,
345-
hasOpenSSL(3) ? 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' :
346-
'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES');
366+
assertErrorCode(err.code, keyTypeMismatchCode);
347367
}));
348368

349369
// Unsupported key type (ed25519)
350370
crypto.diffieHellman({
351371
privateKey: ed25519.privateKey.export({ type: 'pkcs8', format: 'pem' }),
352372
publicKey: ed25519.publicKey.export({ type: 'spki', format: 'pem' }),
353373
}, common.mustCall((err) => {
354-
assert.strictEqual(err.code, 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE');
374+
assertErrorCode(err.code, hasOpenSSL(4, 0) ?
375+
/^ERR_OSSL_EVP_(OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE|INTERNAL_ERROR)$/ :
376+
'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE');
355377
}));
356378
}
Collapse file

‎test/parallel/test-crypto-dh-stateless.js‎

Copy file name to clipboardExpand all lines: test/parallel/test-crypto-dh-stateless.js
+19-3Lines changed: 19 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,21 @@ const assert = require('assert');
77
const crypto = require('crypto');
88
const { hasOpenSSL } = require('../common/crypto');
99

10+
// Error code for a key-type mismatch during (EC)DH. The underlying OpenSSL
11+
// error code varies by version, and in OpenSSL 4.0 by platform: some builds
12+
// report a generic internal error instead of a typed key-type mismatch.
13+
// https://github.com/openssl/openssl/issues/30895
14+
// TODO(panva): Tighten this check once/if fixed.
15+
let keyTypeMismatchCode;
16+
if (hasOpenSSL(4, 0)) {
17+
keyTypeMismatchCode =
18+
/^ERR_OSSL_EVP_(OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE|INTERNAL_ERROR)$/;
19+
} else if (hasOpenSSL(3)) {
20+
keyTypeMismatchCode = 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE';
21+
} else {
22+
keyTypeMismatchCode = 'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES';
23+
}
24+
1025
assert.throws(() => crypto.diffieHellman(), {
1126
name: 'TypeError',
1227
code: 'ERR_INVALID_ARG_TYPE',
@@ -459,12 +474,13 @@ for (const { privateKey: alicePriv, publicKey: bobPub } of [
459474
assert.throws(() => crypto.diffieHellman({
460475
privateKey: ec256.privateKey.export({ type: 'pkcs8', format: 'pem' }),
461476
publicKey: x25519.publicKey.export({ type: 'spki', format: 'pem' }),
462-
}), { code: hasOpenSSL(3) ?
463-
'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' : 'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES' });
477+
}), { code: keyTypeMismatchCode });
464478

465479
// Unsupported key type (ed25519)
466480
assert.throws(() => crypto.diffieHellman({
467481
privateKey: ed25519.privateKey.export({ type: 'pkcs8', format: 'pem' }),
468482
publicKey: ed25519.publicKey.export({ type: 'spki', format: 'pem' }),
469-
}), { code: 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' });
483+
}), { code: hasOpenSSL(4, 0) ?
484+
/^ERR_OSSL_EVP_(OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE|INTERNAL_ERROR)$/ :
485+
'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' });
470486
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.