Skip to content

Commit

Permalink
fixup! test: well-defined DH groups now verify clean
Browse files Browse the repository at this point in the history
  • Loading branch information
sam-github committed Sep 19, 2019
1 parent 13f3159 commit 94c599e
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 17 deletions.
3 changes: 1 addition & 2 deletions test/parallel/test-crypto-binary-default.js
Original file line number Diff line number Diff line change
Expand Up @@ -614,8 +614,7 @@ common.expectsError(
'020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' +
'4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' +
'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF';
const d = crypto.createDiffieHellman(p, 'hex');
assert.strictEqual(d.verifyError, 0);
crypto.createDiffieHellman(p, 'hex');

// Test RSA key signing/verification
const rsaSign = crypto.createSign('SHA1');
Expand Down
17 changes: 2 additions & 15 deletions test/parallel/test-crypto-dh.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,6 @@ if (!common.hasCrypto)
const assert = require('assert');
const crypto = require('crypto');

const DH_CHECK_P_NOT_PRIME = crypto.constants.DH_CHECK_P_NOT_PRIME;
const DH_CHECK_P_NOT_SAFE_PRIME = crypto.constants.DH_CHECK_P_NOT_SAFE_PRIME;
const DH_NOT_SUITABLE_GENERATOR = crypto.constants.DH_NOT_SUITABLE_GENERATOR;

// Test Diffie-Hellman with two parties sharing a secret,
// using various encodings as we go along
const dh1 = crypto.createDiffieHellman(common.hasFipsCrypto ? 1024 : 256);
Expand Down Expand Up @@ -128,8 +124,6 @@ bob.generateKeys();
const aSecret = alice.computeSecret(bob.getPublicKey()).toString('hex');
const bSecret = bob.computeSecret(alice.getPublicKey()).toString('hex');
assert.strictEqual(aSecret, bSecret);
assert.strictEqual(alice.verifyError, 0);
assert.strictEqual(bob.verifyError, 0);

/* Ensure specific generator (buffer) works as expected.
* The values below (modp2/modp2buf) are for a 1024 bits long prime from
Expand Down Expand Up @@ -160,8 +154,6 @@ const modp2buf = Buffer.from([
const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
.toString('hex');
assert.strictEqual(modp2Secret, exmodp2Secret);
assert.strictEqual(modp2.verifyError, 0);
assert.strictEqual(exmodp2.verifyError, 0);
}

for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
Expand All @@ -174,7 +166,6 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
.toString('hex');
assert.strictEqual(modp2Secret, exmodp2Secret);
assert.strictEqual(exmodp2.verifyError, 0);
}

{
Expand All @@ -186,7 +177,6 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
.toString('hex');
assert.strictEqual(modp2Secret, exmodp2Secret);
assert.strictEqual(exmodp2.verifyError, 0);
}

{
Expand All @@ -198,7 +188,6 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
.toString('hex');
assert.strictEqual(modp2Secret, exmodp2Secret);
assert.strictEqual(exmodp2.verifyError, 0);
}

// Second OAKLEY group, see
Expand All @@ -208,13 +197,11 @@ const p = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' +
'020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' +
'4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' +
'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF';
const dh = crypto.createDiffieHellman(p, 'hex');
assert.strictEqual(dh.verifyError, 0);
crypto.createDiffieHellman(p, 'hex');

// Confirm DH_check() results are exposed for optional examination.
const bad_dh = crypto.createDiffieHellman('02', 'hex');
assert.strictEqual(bad_dh.verifyError, DH_CHECK_P_NOT_PRIME |
DH_CHECK_P_NOT_SAFE_PRIME | DH_NOT_SUITABLE_GENERATOR);
assert.notStrictEqual(bad_dh.verifyError, 0);

const availableCurves = new Set(crypto.getCurves());
const availableHashes = new Set(crypto.getHashes());
Expand Down

0 comments on commit 94c599e

Please sign in to comment.