Skip to content

Commit

Permalink
test: add test for invalid DSA key size
Browse files Browse the repository at this point in the history
Check that invalid DSA key sizes are rejected in FIPS mode.

PR-URL: #3756
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Reviewed-By: James M Snell <jasnell@gmail.com>
  • Loading branch information
stefanmb authored and jasnell committed Nov 14, 2015
1 parent 4adaaa4 commit 20cd932
Show file tree
Hide file tree
Showing 5 changed files with 67 additions and 1 deletion.
11 changes: 10 additions & 1 deletion test/fixtures/keys/Makefile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
all: agent1-cert.pem agent2-cert.pem agent3-cert.pem agent4-cert.pem agent5-cert.pem ca2-crl.pem ec-cert.pem dh512.pem dh1024.pem dh2048.pem rsa_private_1024.pem rsa_private_2048.pem rsa_private_4096.pem rsa_public_1024.pem rsa_public_2048.pem rsa_public_4096.pem
all: agent1-cert.pem agent2-cert.pem agent3-cert.pem agent4-cert.pem agent5-cert.pem ca2-crl.pem ec-cert.pem dh512.pem dh1024.pem dh2048.pem dsa1025.pem dsa_private_1025.pem dsa_public_1025.pem rsa_private_1024.pem rsa_private_2048.pem rsa_private_4096.pem rsa_public_1024.pem rsa_public_2048.pem rsa_public_4096.pem


#
Expand Down Expand Up @@ -267,6 +267,15 @@ dh1024.pem:
dh2048.pem:
openssl dhparam -out dh2048.pem 2048

dsa1025.pem:
openssl dsaparam -out dsa1025.pem 1025

dsa_private_1025.pem:
openssl gendsa -out dsa_private_1025.pem dsa1025.pem

dsa_public_1025.pem:
openssl dsa -in dsa_private_1025.pem -pubout -out dsa_public_1025.pem

rsa_private_1024.pem:
openssl genrsa -out rsa_private_1024.pem 1024

Expand Down
9 changes: 9 additions & 0 deletions test/fixtures/keys/dsa1025.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
-----BEGIN DSA PARAMETERS-----
MIIBLgKBiQCtjGXOH3Rq+lM09nwe6nbShOduCyfjgZhgMZ2WfY6PYLW3gNnhNYT7
88rZbECcyKlyzRApFgs9KMfiqWfWIhQn+FmolmeUNdRXpmkGyJAqY63GobI8S1Jn
xYbwdH7PsV1IwM56ylrnpdUDhSH7+Y95rgEIUXX9OHS503gzFFEHCmQl1/RS7Qxp
AhUApmbNUvRisdjnyjhDK6RO3pafN90CgYhQLHJ+qq+nxLX/lqQL/tCFY3P6DlYc
3ezT3Ic+3GhEMMXMBMJ+WRmRkCW5vh1grQyLVa/MLWvYgNkoUAO8eGElcloUero8
m5Tp3bFArEqb8rJXWYM1sAlnl/Y0uFpw1AyHLuZC26z+SSeDbV9REtz14EknkFXk
su4QN55ZQKoiBv2cFDMsIf9b
-----END DSA PARAMETERS-----
12 changes: 12 additions & 0 deletions test/fixtures/keys/dsa_private_1025.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
-----BEGIN DSA PRIVATE KEY-----
MIIB0QIBAAKBiQCtjGXOH3Rq+lM09nwe6nbShOduCyfjgZhgMZ2WfY6PYLW3gNnh
NYT788rZbECcyKlyzRApFgs9KMfiqWfWIhQn+FmolmeUNdRXpmkGyJAqY63GobI8
S1JnxYbwdH7PsV1IwM56ylrnpdUDhSH7+Y95rgEIUXX9OHS503gzFFEHCmQl1/RS
7QxpAhUApmbNUvRisdjnyjhDK6RO3pafN90CgYhQLHJ+qq+nxLX/lqQL/tCFY3P6
DlYc3ezT3Ic+3GhEMMXMBMJ+WRmRkCW5vh1grQyLVa/MLWvYgNkoUAO8eGElcloU
ero8m5Tp3bFArEqb8rJXWYM1sAlnl/Y0uFpw1AyHLuZC26z+SSeDbV9REtz14Ekn
kFXksu4QN55ZQKoiBv2cFDMsIf9bAoGHFPpl8uRj7sNjsnIPPI9CuqlIoZXFNXeM
X9Yu7T3s5mn5Q2ATcgnryDXwqpqle630wy1LZjjmtyE84oVJd4W6YTlzHNwIv2ql
ymMzWBE5+BrRXtqIndvkaWJRSUwtZ7XPPeeCzqR5uXRAsy54azoFDoisuOO5dVOm
VZERfp4Up+Duvws5+Gq2AhQlmsEI+CInYqsDR2ha+UcwXmGJSg==
-----END DSA PRIVATE KEY-----
12 changes: 12 additions & 0 deletions test/fixtures/keys/dsa_public_1025.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
-----BEGIN PUBLIC KEY-----
MIIBzTCCATsGByqGSM44BAEwggEuAoGJAK2MZc4fdGr6UzT2fB7qdtKE524LJ+OB
mGAxnZZ9jo9gtbeA2eE1hPvzytlsQJzIqXLNECkWCz0ox+KpZ9YiFCf4WaiWZ5Q1
1FemaQbIkCpjrcahsjxLUmfFhvB0fs+xXUjAznrKWuel1QOFIfv5j3muAQhRdf04
dLnTeDMUUQcKZCXX9FLtDGkCFQCmZs1S9GKx2OfKOEMrpE7elp833QKBiFAscn6q
r6fEtf+WpAv+0IVjc/oOVhzd7NPchz7caEQwxcwEwn5ZGZGQJbm+HWCtDItVr8wt
a9iA2ShQA7x4YSVyWhR6ujyblOndsUCsSpvysldZgzWwCWeX9jS4WnDUDIcu5kLb
rP5JJ4NtX1ES3PXgSSeQVeSy7hA3nllAqiIG/ZwUMywh/1sDgYsAAoGHFPpl8uRj
7sNjsnIPPI9CuqlIoZXFNXeMX9Yu7T3s5mn5Q2ATcgnryDXwqpqle630wy1LZjjm
tyE84oVJd4W6YTlzHNwIv2qlymMzWBE5+BrRXtqIndvkaWJRSUwtZ7XPPeeCzqR5
uXRAsy54azoFDoisuOO5dVOmVZERfp4Up+Duvws5+Gq2
-----END PUBLIC KEY-----
24 changes: 24 additions & 0 deletions test/parallel/test-dsa-fips-invalid-key.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
'use strict';
var common = require('../common');
var assert = require('assert');

if (!common.hasFipsCrypto) {
console.log('1..0 # Skipped: node compiled without FIPS OpenSSL.');
return;
}

var crypto = require('crypto');
var fs = require('fs');

var input = 'hello';

var dsapub = fs.readFileSync(common.fixturesDir +
'/keys/dsa_public_1025.pem');
var dsapri = fs.readFileSync(common.fixturesDir +
'/keys/dsa_private_1025.pem');
var sign = crypto.createSign('DSS1');
sign.update(input);

assert.throws(function() {
sign.sign(dsapri);
}, /PEM_read_bio_PrivateKey failed/);

0 comments on commit 20cd932

Please sign in to comment.