Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit b7fdd94

Browse filesBrowse files
panvaaduh95
panva
authored and
aduh95
committed
test: account for RFC 7919 FFDHE negotiation in OpenSSL 4.0
Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #62805 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
1 parent 375a993 commit b7fdd94
Copy full SHA for b7fdd94

3 files changed

+35-9Lines changed: 35 additions & 9 deletions

File tree

Expand file treeCollapse file tree
Open diff view settings
Filter options
Expand file treeCollapse file tree
Open diff view settings
Collapse file

‎test/parallel/test-tls-client-getephemeralkeyinfo.js‎

Copy file name to clipboardExpand all lines: test/parallel/test-tls-client-getephemeralkeyinfo.js
+4-1Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,10 @@ function test(size, type, name, cipher) {
7070

7171
test(undefined, undefined, undefined, 'AES256-SHA256');
7272
test('auto', 'DH', undefined, 'DHE-RSA-AES256-GCM-SHA384');
73-
if (!hasOpenSSL(3, 2)) {
73+
if (hasOpenSSL(4, 0)) {
74+
// OpenSSL 4.0 implements RFC 7919 FFDHE negotiation for TLS 1.2 and
75+
// always selects FFDHE-2048 regardless of the server-supplied dhparam.
76+
} else if (!hasOpenSSL(3, 2)) {
7477
test(1024, 'DH', undefined, 'DHE-RSA-AES256-GCM-SHA384');
7578
} else {
7679
test(3072, 'DH', undefined, 'DHE-RSA-AES256-GCM-SHA384');
Collapse file

‎test/parallel/test-tls-client-mindhsize.js‎

Copy file name to clipboardExpand all lines: test/parallel/test-tls-client-mindhsize.js
+9-3Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ const secLevel = require('internal/crypto/util').getOpenSSLSecLevel();
1313
const assert = require('assert');
1414
const tls = require('tls');
1515
const fixtures = require('../common/fixtures');
16+
const { hasOpenSSL } = require('../common/crypto');
1617

1718
const key = fixtures.readKey('agent2-key.pem');
1819
const cert = fixtures.readKey('agent2-cert.pem');
@@ -24,7 +25,7 @@ function loadDHParam(n) {
2425
return fixtures.readKey(`dh${n}.pem`);
2526
}
2627

27-
function test(size, err, next) {
28+
function test(size, err, next, minDHSizeOverride) {
2829
const options = {
2930
key: key,
3031
cert: cert,
@@ -46,7 +47,7 @@ function test(size, err, next) {
4647
// so that it fails when it makes a connection to the tls
4748
// server where is too small. This depends on the openssl
4849
// security level
49-
const minDHSize = (secLevel > 1) ? 3072 : 2048;
50+
const minDHSize = minDHSizeOverride ?? ((secLevel > 1) ? 3072 : 2048);
5051
const client = tls.connect({
5152
minDHSize: minDHSize,
5253
port: this.address().port,
@@ -84,7 +85,12 @@ function testDHE3072() {
8485
test(3072, false, null);
8586
}
8687

87-
if (secLevel > 1) {
88+
if (hasOpenSSL(4, 0)) {
89+
// OpenSSL 4.0 implements RFC 7919 FFDHE negotiation for TLS 1.2 and
90+
// ignores the server-supplied dhparam in favor of FFDHE-2048. The 3072
91+
// success case is therefore replaced by a 2048 success case.
92+
testDHE2048(true, () => test(2048, false, null, 2048));
93+
} else if (secLevel > 1) {
8894
// Minimum size for OpenSSL security level 2 and above is 2048 by default
8995
testDHE2048(true, testDHE3072);
9096
} else {
Collapse file

‎test/parallel/test-tls-dhe.js‎

Copy file name to clipboardExpand all lines: test/parallel/test-tls-dhe.js
+22-5Lines changed: 22 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@ if (!common.hasCrypto) {
2828

2929
const {
3030
opensslCli,
31+
hasOpenSSL,
3132
} = require('../common/crypto');
3233

3334
// OpenSSL has a set of security levels which affect what algorithms
@@ -104,9 +105,15 @@ function testCustomParam(keylen, expectedCipher) {
104105
}
105106

106107
(async () => {
107-
// By default, DHE is disabled while ECDHE is enabled.
108+
// By default, DHE is disabled while ECDHE is enabled. OpenSSL 4.0
109+
// implements RFC 7919 FFDHE negotiation for TLS 1.2 which enables DHE
110+
// (with FFDHE-2048) even without a server-supplied dhparam.
108111
for (const dhparam of [undefined, null]) {
109-
await test(dhparam, null, ecdheCipher);
112+
if (hasOpenSSL(4, 0)) {
113+
await test(dhparam, 2048, dheCipher);
114+
} else {
115+
await test(dhparam, null, ecdheCipher);
116+
}
110117
}
111118

112119
// The DHE parameters selected by OpenSSL depend on the strength of the
@@ -124,14 +131,24 @@ function testCustomParam(keylen, expectedCipher) {
124131

125132
// Custom DHE parameters are supported (but discouraged).
126133
// 1024 is disallowed at security level 2 and above so use 3072 instead
127-
// for higher security levels
134+
// for higher security levels.
135+
// OpenSSL 4.0 implements RFC 7919 FFDHE negotiation for TLS 1.2 and
136+
// ignores the server-supplied dhparam in favor of FFDHE-2048, so the
137+
// negotiated key length is always 2048.
128138
if (secLevel < 2) {
129139
await testCustomParam(1024, dheCipher);
140+
} else if (hasOpenSSL(4, 0)) {
141+
await test(loadDHParam(3072), 2048, dheCipher);
130142
} else {
131143
await testCustomParam(3072, dheCipher);
132144
}
133145
await testCustomParam(2048, dheCipher);
134146

135-
// Invalid DHE parameters are discarded. ECDHE remains enabled.
136-
await testCustomParam('error', ecdheCipher);
147+
// Invalid DHE parameters are discarded. Prior to OpenSSL 4.0 this
148+
// disabled DHE and ECDHE was negotiated; since 4.0, FFDHE-2048 is used.
149+
if (hasOpenSSL(4, 0)) {
150+
await test(loadDHParam('error'), 2048, dheCipher);
151+
} else {
152+
await testCustomParam('error', ecdheCipher);
153+
}
137154
})().then(common.mustCall());

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.