Skip to content

Commit

Permalink
test: adjust key sizes to support OpenSSL32
Browse files Browse the repository at this point in the history
Refs: nodejs#53382

This test fails on OpenSSL32 because it complains the key
being used is too short.

Adjust the key sizes so that they will pass on OpenSSL32 in
addition to other OpenSSL3 versions.

Since the keys are not public key related I don't think the
increase in key size will be too bad in terms of performance so
I've just increased versus guarding for OpenSSL32

Signed-off-by: Michael Dawson <midawson@redhat.com>
PR-URL: nodejs#54972
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
  • Loading branch information
mhdawson authored and tpoisseau committed Nov 21, 2024
1 parent 9752a73 commit f0d7b52
Showing 1 changed file with 9 additions and 9 deletions.
18 changes: 9 additions & 9 deletions test/parallel/test-tls-getcipher.js
Original file line number Diff line number Diff line change
Expand Up @@ -47,13 +47,13 @@ server.listen(0, '127.0.0.1', common.mustCall(function() {
tls.connect({
host: '127.0.0.1',
port: this.address().port,
ciphers: 'AES128-SHA256',
ciphers: 'AES256-SHA256',
rejectUnauthorized: false,
maxVersion: 'TLSv1.2',
}, common.mustCall(function() {
const cipher = this.getCipher();
assert.strictEqual(cipher.name, 'AES128-SHA256');
assert.strictEqual(cipher.standardName, 'TLS_RSA_WITH_AES_128_CBC_SHA256');
assert.strictEqual(cipher.name, 'AES256-SHA256');
assert.strictEqual(cipher.standardName, 'TLS_RSA_WITH_AES_256_CBC_SHA256');
assert.strictEqual(cipher.version, 'TLSv1.2');
this.end();
}));
Expand All @@ -62,14 +62,14 @@ server.listen(0, '127.0.0.1', common.mustCall(function() {
tls.connect({
host: '127.0.0.1',
port: this.address().port,
ciphers: 'ECDHE-RSA-AES128-GCM-SHA256',
ciphers: 'ECDHE-RSA-AES256-GCM-SHA384',
rejectUnauthorized: false,
maxVersion: 'TLSv1.2',
}, common.mustCall(function() {
const cipher = this.getCipher();
assert.strictEqual(cipher.name, 'ECDHE-RSA-AES128-GCM-SHA256');
assert.strictEqual(cipher.name, 'ECDHE-RSA-AES256-GCM-SHA384');
assert.strictEqual(cipher.standardName,
'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256');
'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384');
assert.strictEqual(cipher.version, 'TLSv1.2');
this.end();
}));
Expand All @@ -78,19 +78,19 @@ server.listen(0, '127.0.0.1', common.mustCall(function() {
tls.createServer({
key: fixtures.readKey('agent2-key.pem'),
cert: fixtures.readKey('agent2-cert.pem'),
ciphers: 'TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_8_SHA256',
ciphers: 'TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384',
maxVersion: 'TLSv1.3',
}, common.mustCall(function() {
this.close();
})).listen(0, common.mustCall(function() {
const client = tls.connect({
port: this.address().port,
ciphers: 'TLS_AES_128_CCM_8_SHA256',
ciphers: 'TLS_AES_256_GCM_SHA384',
maxVersion: 'TLSv1.3',
rejectUnauthorized: false
}, common.mustCall(() => {
const cipher = client.getCipher();
assert.strictEqual(cipher.name, 'TLS_AES_128_CCM_8_SHA256');
assert.strictEqual(cipher.name, 'TLS_AES_256_GCM_SHA384');
assert.strictEqual(cipher.standardName, cipher.name);
assert.strictEqual(cipher.version, 'TLSv1.3');
client.end();
Expand Down

0 comments on commit f0d7b52

Please sign in to comment.