Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

test: rework ephemeralkeyinfo to run in parallel #25409

Closed
Closed
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
test: rework ephemeralkeyinfo to run in parallel
Remove:
- use of tls global so tests can run in parallel
- test counting in favour of common.mustCall()
- limit of only one cipher suite per ephemeral key type tested

The last change  will allow adding TLS 1.3 cipher suites and testing
'ECDH' key info with them.
  • Loading branch information
sam-github committed Jan 9, 2019
commit da991609ebc731c2c1c9463db5e583a7e8606f3e
71 changes: 15 additions & 56 deletions test/parallel/test-tls-client-getephemeralkeyinfo.js
Original file line number Diff line number Diff line change
Expand Up @@ -10,90 +10,49 @@ const tls = require('tls');
const key = fixtures.readKey('agent2-key.pem');
const cert = fixtures.readKey('agent2-cert.pem');

let ntests = 0;
let nsuccess = 0;

function loadDHParam(n) {
return fixtures.readKey(`dh${n}.pem`);
}

const cipherlist = {
'NOT_PFS': 'AES128-SHA256',
'DH': 'DHE-RSA-AES128-GCM-SHA256',
'ECDH': 'ECDHE-RSA-AES128-GCM-SHA256'
};

function test(size, type, name, next) {
const cipher = type ? cipherlist[type] : cipherlist.NOT_PFS;

if (name) tls.DEFAULT_ECDH_CURVE = name;
function test(size, type, name, cipher) {
assert(cipher);

const options = {
key: key,
cert: cert,
ciphers: cipher
};

if (name) options.ecdhCurve = name;

if (type === 'DH') options.dhparam = loadDHParam(size);

const server = tls.createServer(options, function(conn) {
const server = tls.createServer(options, common.mustCall((conn) => {
assert.strictEqual(conn.getEphemeralKeyInfo(), null);
conn.end();
});
}));

server.on('close', common.mustCall(function(err) {
server.on('close', common.mustCall((err) => {
assert.ifError(err);
if (next) next();
}));

server.listen(0, '127.0.0.1', common.mustCall(function() {
server.listen(0, '127.0.0.1', common.mustCall(() => {
const client = tls.connect({
port: this.address().port,
port: server.address().port,
rejectUnauthorized: false
}, function() {
const ekeyinfo = client.getEphemeralKeyInfo();
assert.strictEqual(ekeyinfo.type, type);
assert.strictEqual(ekeyinfo.size, size);
assert.strictEqual(ekeyinfo.name, name);
nsuccess++;
server.close();
});
}));
}

function testNOT_PFS() {
test(undefined, undefined, undefined, testDHE1024);
ntests++;
}

function testDHE1024() {
test(1024, 'DH', undefined, testDHE2048);
ntests++;
}

function testDHE2048() {
test(2048, 'DH', undefined, testECDHE256);
ntests++;
}

function testECDHE256() {
test(256, 'ECDH', 'prime256v1', testECDHE512);
ntests++;
}

function testECDHE512() {
test(521, 'ECDH', 'secp521r1', testX25519);
ntests++;
}

function testX25519() {
test(253, 'ECDH', 'X25519', null);
ntests++;
}

testNOT_PFS();

process.on('exit', function() {
assert.strictEqual(ntests, nsuccess);
assert.strictEqual(ntests, 6);
});
test(undefined, undefined, undefined, 'AES128-SHA256');
test(1024, 'DH', undefined, 'DHE-RSA-AES128-GCM-SHA256');
test(2048, 'DH', undefined, 'DHE-RSA-AES128-GCM-SHA256');
test(256, 'ECDH', 'prime256v1', 'ECDHE-RSA-AES128-GCM-SHA256');
test(521, 'ECDH', 'secp521r1', 'ECDHE-RSA-AES128-GCM-SHA256');
test(253, 'ECDH', 'X25519', 'ECDHE-RSA-AES128-GCM-SHA256');