Skip to content

Commit 3473e58

Browse files
sam-githubsam-github
committed
test: well-defined DH groups now verify clean
OpenSSL 1.1.1d no longer generates warnings for some DH groups that used to be considered unsafe. See below for discussion. This is considered a bug fix. See: - openssl/openssl#9363 - openssl/openssl#9363 (comment) PR-URL: #29550 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Anna Henningsen <anna@addaleax.net>
1 parent 1ca1e01 commit 3473e58

File tree

2 files changed

+8
-15
lines changed

2 files changed

+8
-15
lines changed

test/parallel/test-crypto-binary-default.js

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,6 @@ const crypto = require('crypto');
3636
const fs = require('fs');
3737
const tls = require('tls');
3838
const fixtures = require('../common/fixtures');
39-
const DH_NOT_SUITABLE_GENERATOR = crypto.constants.DH_NOT_SUITABLE_GENERATOR;
4039

4140
require('internal/crypto/util').setDefaultEncoding('latin1');
4241

@@ -615,8 +614,7 @@ common.expectsError(
615614
'020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' +
616615
'4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' +
617616
'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF';
618-
const d = crypto.createDiffieHellman(p, 'hex');
619-
assert.strictEqual(d.verifyError, DH_NOT_SUITABLE_GENERATOR);
617+
crypto.createDiffieHellman(p, 'hex');
620618

621619
// Test RSA key signing/verification
622620
const rsaSign = crypto.createSign('SHA1');

test/parallel/test-crypto-dh.js

Lines changed: 7 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -6,8 +6,6 @@ if (!common.hasCrypto)
66
const assert = require('assert');
77
const crypto = require('crypto');
88

9-
const DH_NOT_SUITABLE_GENERATOR = crypto.constants.DH_NOT_SUITABLE_GENERATOR;
10-
119
// Test Diffie-Hellman with two parties sharing a secret,
1210
// using various encodings as we go along
1311
const dh1 = crypto.createDiffieHellman(common.hasFipsCrypto ? 1024 : 256);
@@ -126,8 +124,6 @@ bob.generateKeys();
126124
const aSecret = alice.computeSecret(bob.getPublicKey()).toString('hex');
127125
const bSecret = bob.computeSecret(alice.getPublicKey()).toString('hex');
128126
assert.strictEqual(aSecret, bSecret);
129-
assert.strictEqual(alice.verifyError, DH_NOT_SUITABLE_GENERATOR);
130-
assert.strictEqual(bob.verifyError, DH_NOT_SUITABLE_GENERATOR);
131127

132128
/* Ensure specific generator (buffer) works as expected.
133129
* The values below (modp2/modp2buf) are for a 1024 bits long prime from
@@ -158,8 +154,6 @@ const modp2buf = Buffer.from([
158154
const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
159155
.toString('hex');
160156
assert.strictEqual(modp2Secret, exmodp2Secret);
161-
assert.strictEqual(modp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
162-
assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
163157
}
164158

165159
for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
@@ -172,7 +166,6 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
172166
const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
173167
.toString('hex');
174168
assert.strictEqual(modp2Secret, exmodp2Secret);
175-
assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
176169
}
177170

178171
{
@@ -184,7 +177,6 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
184177
const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
185178
.toString('hex');
186179
assert.strictEqual(modp2Secret, exmodp2Secret);
187-
assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
188180
}
189181

190182
{
@@ -196,17 +188,20 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
196188
const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
197189
.toString('hex');
198190
assert.strictEqual(modp2Secret, exmodp2Secret);
199-
assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
200191
}
201192

202-
193+
// Second OAKLEY group, see
194+
// https://github.com/nodejs/node-v0.x-archive/issues/2338 and
195+
// https://xml2rfc.tools.ietf.org/public/rfc/html/rfc2412.html#anchor49
203196
const p = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' +
204197
'020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' +
205198
'4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' +
206199
'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF';
207-
const bad_dh = crypto.createDiffieHellman(p, 'hex');
208-
assert.strictEqual(bad_dh.verifyError, DH_NOT_SUITABLE_GENERATOR);
200+
crypto.createDiffieHellman(p, 'hex');
209201

202+
// Confirm DH_check() results are exposed for optional examination.
203+
const bad_dh = crypto.createDiffieHellman('02', 'hex');
204+
assert.notStrictEqual(bad_dh.verifyError, 0);
210205

211206
const availableCurves = new Set(crypto.getCurves());
212207
const availableHashes = new Set(crypto.getHashes());

0 commit comments

Comments
 (0)