test: well-defined DH groups now verify clean

OpenSSL 1.1.1d no longer generates warnings for some DH groups that used to be considered unsafe. See below for discussion. This is considered a bug fix. See: - https://github.com/openssl/openssl/pull/9363 - https://github.com/openssl/openssl/pull/9363#discussion_r324802618 PR-URL: https://github.com/nodejs/node/pull/29550 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Anna Henningsen <anna@addaleax.net>
author: Sam Roberts <vieuxtech@gmail.com> 2019-09-13 13:19:06 -0700
committer: Sam Roberts <vieuxtech@gmail.com> 2019-10-01 11:11:18 -0700
commit: 3473e58fee153a7fee143a33c512ee9cda08d20a (patch)
tree: cb8ca98a350ea0cf68a14232660144a16967f168
parent: 1ca1e0163e62cd9df771a6f0809e30a3382c54b6 (diff)
download: android-node-v8-3473e58fee153a7fee143a33c512ee9cda08d20a.tar.gz
android-node-v8-3473e58fee153a7fee143a33c512ee9cda08d20a.tar.bz2
android-node-v8-3473e58fee153a7fee143a33c512ee9cda08d20a.zip
2 files changed, 8 insertions, 15 deletions
diff --git a/test/parallel/test-crypto-binary-default.js b/test/parallel/test-crypto-binary-default.js
index c96253bc44..93ac0ef23e 100644
--- a/test/parallel/test-crypto-binary-default.js
+++ b/test/parallel/test-crypto-binary-default.js
@@ -36,7 +36,6 @@ const crypto = require('crypto');
 const fs = require('fs');
 const tls = require('tls');
 const fixtures = require('../common/fixtures');
-const DH_NOT_SUITABLE_GENERATOR = crypto.constants.DH_NOT_SUITABLE_GENERATOR;
 
 require('internal/crypto/util').setDefaultEncoding('latin1');
 
@@ -615,8 +614,7 @@ common.expectsError(
             '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' +
             '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' +
             'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF';
-  const d = crypto.createDiffieHellman(p, 'hex');
-  assert.strictEqual(d.verifyError, DH_NOT_SUITABLE_GENERATOR);
+  crypto.createDiffieHellman(p, 'hex');
 
   // Test RSA key signing/verification
   const rsaSign = crypto.createSign('SHA1');
diff --git a/test/parallel/test-crypto-dh.js b/test/parallel/test-crypto-dh.js
index 1fc8564ca1..bf991a5c34 100644
--- a/test/parallel/test-crypto-dh.js
+++ b/test/parallel/test-crypto-dh.js
@@ -6,8 +6,6 @@ if (!common.hasCrypto)
 const assert = require('assert');
 const crypto = require('crypto');
 
-const DH_NOT_SUITABLE_GENERATOR = crypto.constants.DH_NOT_SUITABLE_GENERATOR;
-
 // Test Diffie-Hellman with two parties sharing a secret,
 // using various encodings as we go along
 const dh1 = crypto.createDiffieHellman(common.hasFipsCrypto ? 1024 : 256);
@@ -126,8 +124,6 @@ bob.generateKeys();
 const aSecret = alice.computeSecret(bob.getPublicKey()).toString('hex');
 const bSecret = bob.computeSecret(alice.getPublicKey()).toString('hex');
 assert.strictEqual(aSecret, bSecret);
-assert.strictEqual(alice.verifyError, DH_NOT_SUITABLE_GENERATOR);
-assert.strictEqual(bob.verifyError, DH_NOT_SUITABLE_GENERATOR);
 
 /* Ensure specific generator (buffer) works as expected.
  * The values below (modp2/modp2buf) are for a 1024 bits long prime from
@@ -158,8 +154,6 @@ const modp2buf = Buffer.from([
   const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
       .toString('hex');
   assert.strictEqual(modp2Secret, exmodp2Secret);
-  assert.strictEqual(modp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
-  assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
 }
 
 for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
@@ -172,7 +166,6 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
   const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
       .toString('hex');
   assert.strictEqual(modp2Secret, exmodp2Secret);
-  assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
 }
 
 {
@@ -184,7 +177,6 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
   const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
       .toString('hex');
   assert.strictEqual(modp2Secret, exmodp2Secret);
-  assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
 }
 
 {
@@ -196,17 +188,20 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
   const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
       .toString('hex');
   assert.strictEqual(modp2Secret, exmodp2Secret);
-  assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
 }
 
-
+// Second OAKLEY group, see
+// https://github.com/nodejs/node-v0.x-archive/issues/2338 and
+// https://xml2rfc.tools.ietf.org/public/rfc/html/rfc2412.html#anchor49
 const p = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' +
           '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' +
           '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' +
           'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF';
-const bad_dh = crypto.createDiffieHellman(p, 'hex');
-assert.strictEqual(bad_dh.verifyError, DH_NOT_SUITABLE_GENERATOR);
+crypto.createDiffieHellman(p, 'hex');
 
+// Confirm DH_check() results are exposed for optional examination.
+const bad_dh = crypto.createDiffieHellman('02', 'hex');
+assert.notStrictEqual(bad_dh.verifyError, 0);
 
 const availableCurves = new Set(crypto.getCurves());
 const availableHashes = new Set(crypto.getHashes());
author	Sam Roberts <vieuxtech@gmail.com>	2019-09-13 13:19:06 -0700
committer	Sam Roberts <vieuxtech@gmail.com>	2019-10-01 11:11:18 -0700
commit	3473e58fee153a7fee143a33c512ee9cda08d20a (patch)
tree	cb8ca98a350ea0cf68a14232660144a16967f168
parent	1ca1e0163e62cd9df771a6f0809e30a3382c54b6 (diff)
download	android-node-v8-3473e58fee153a7fee143a33c512ee9cda08d20a.tar.gz android-node-v8-3473e58fee153a7fee143a33c512ee9cda08d20a.tar.bz2 android-node-v8-3473e58fee153a7fee143a33c512ee9cda08d20a.zip