Additional OpenSSL tests
This commit is contained in:
Rhys Jones
Ryan Dahl
Родитель
430cfd1825
Коммит
1a317135c5
|
|
@ -3,7 +3,10 @@ try {
|
|||
var binding = process.binding('crypto');
|
||||
var SecureContext = binding.SecureContext;
|
||||
var SecureStream = binding.SecureStream;
|
||||
var Hmac = binding.Hmac;
|
||||
var Hash = binding.Hash;
|
||||
var Cipher = binding.Cipher;
|
||||
var Decipher = binding.Decipher;
|
||||
var Sign = binding.Sign;
|
||||
var Verify = binding.Verify;
|
||||
var crypto = true;
|
||||
|
|
@ -41,6 +44,29 @@ exports.createHash = function(hash) {
|
|||
return (new Hash).init(hash);
|
||||
}
|
||||
|
||||
exports.Hmac = Hmac;
|
||||
exports.createHmac = function(hmac, key) {
|
||||
return (new Hmac).init(hmac, key);
|
||||
}
|
||||
|
||||
exports.Cipher = Cipher;
|
||||
exports.createCipher = function(cipher, key) {
|
||||
return (new Cipher).init(cipher, key);
|
||||
}
|
||||
|
||||
exports.createCipheriv = function(cipher, key, iv) {
|
||||
return (new Cipher).initiv(cipher, key, iv);
|
||||
}
|
||||
|
||||
exports.Decipher = Decipher;
|
||||
exports.createDecipher = function(cipher, key) {
|
||||
return (new Decipher).init(cipher, key);
|
||||
}
|
||||
|
||||
exports.createDecipheriv = function(cipher, key, iv) {
|
||||
return (new Decipher).initiv(cipher, key, iv);
|
||||
}
|
||||
|
||||
exports.Sign = Sign;
|
||||
exports.createSign = function(algorithm) {
|
||||
return (new Sign).init(algorithm);
|
||||
|
|
|
|||
|
|
@ -2530,7 +2530,7 @@ void InitCrypto(Handle<Object> target) {
|
|||
HandleScope scope;
|
||||
|
||||
SSL_library_init();
|
||||
OpenSSL_add_ssl_algorithms();
|
||||
OpenSSL_add_all_algorithms();
|
||||
OpenSSL_add_all_digests();
|
||||
SSL_load_error_strings();
|
||||
ERR_load_crypto_strings();
|
||||
|
|
|
|||
|
|
@ -0,0 +1,72 @@
|
|||
require("../common");
|
||||
var fs = require('fs');
|
||||
var sys = require('sys');
|
||||
|
||||
var have_openssl;
|
||||
try {
|
||||
var crypto = require('crypto');
|
||||
have_openssl=true;
|
||||
} catch (e) {
|
||||
have_openssl=false;
|
||||
puts("Not compiled with OPENSSL support.");
|
||||
process.exit();
|
||||
}
|
||||
|
||||
var caPem = fs.readFileSync(fixturesDir+"/test_ca.pem");
|
||||
var certPem = fs.readFileSync(fixturesDir+"/test_cert.pem");
|
||||
var keyPem = fs.readFileSync(fixturesDir+"/test_key.pem");
|
||||
|
||||
var credentials = crypto.createCredentials({key:keyPem, cert:certPem, ca:caPem});
|
||||
|
||||
// Test HMAC
|
||||
//var h1 = (new crypto.Hmac).init("sha1", "Node").update("some data").update("to hmac").digest("hex");
|
||||
var h1 = crypto.createHmac("sha1", "Node").update("some data").update("to hmac").digest("hex");
|
||||
assert.equal(h1, '19fd6e1ba73d9ed2224dd5094a71babe85d9a892', "test HMAC");
|
||||
|
||||
// Test hashing
|
||||
var a0 = crypto.createHash("sha1").update("Test123").digest("hex");
|
||||
var a1 = crypto.createHash("md5").update("Test123").digest("binary");
|
||||
var a2= crypto.createHash("sha256").update("Test123").digest("base64");
|
||||
var a3 = crypto.createHash("sha512").update("Test123").digest(); // binary
|
||||
|
||||
// Test multiple updates to same hash
|
||||
var h1 = crypto.createHash("sha1").update("Test123").digest("hex");
|
||||
var h2 = (new crypto.Hash).init("sha1").update("Test").update("123").digest("hex");
|
||||
assert.equal(h1, h2, "multipled updates");
|
||||
|
||||
|
||||
// Test signing and verifying
|
||||
var s1 = crypto.createSign("RSA-SHA1").update("Test123").sign(keyPem, "base64");
|
||||
var verified = crypto.createVerify("RSA-SHA1").update("Test").update("123").verify(certPem, s1, "base64");
|
||||
assert.ok(verified, "sign and verify (base 64)");
|
||||
|
||||
var s2 = crypto.createSign("RSA-SHA256").update("Test123").sign(keyPem); // binary
|
||||
var verified = crypto.createVerify("RSA-SHA256").update("Test").update("123").verify(certPem, s2); // binary
|
||||
assert.ok(verified, "sign and verify (binary)");
|
||||
|
||||
// Test encryption and decryption
|
||||
var plaintext="Keep this a secret? No! Tell everyone about node.js!";
|
||||
|
||||
var cipher=crypto.createCipher("aes192", "MySecretKey123");
|
||||
var ciph=cipher.update(plaintext, 'utf8', 'hex'); // encrypt plaintext which is in utf8 format to a ciphertext which will be in hex
|
||||
ciph+=cipher.final('hex'); // Only use binary or hex, not base64.
|
||||
|
||||
var decipher=crypto.createDecipher("aes192", "MySecretKey123");
|
||||
var txt = decipher.update(ciph, 'hex', 'utf8');
|
||||
txt += decipher.final('utf8');
|
||||
assert.equal(txt, plaintext, "encryption and decryption");
|
||||
|
||||
// Test encyrption and decryption with explicit key and iv
|
||||
var encryption_key='0123456789abcd0123456789';
|
||||
var iv = '12345678';
|
||||
|
||||
var cipher=crypto.createCipheriv("des-ede3-cbc", encryption_key, iv);
|
||||
|
||||
var ciph=cipher.update(plaintext, 'utf8', 'hex');
|
||||
ciph+=cipher.final('hex');
|
||||
|
||||
var decipher=crypto.createDecipheriv("des-ede3-cbc",encryption_key,iv);
|
||||
var txt = decipher.update(ciph, 'hex', 'utf8');
|
||||
txt += decipher.final('utf8');
|
||||
assert.equal(txt, plaintext, "encryption and decryption with key and iv");
|
||||
|
||||
|
|
@ -32,10 +32,10 @@ var https_server = http.createServer(function (req, res) {
|
|||
res.id = request_number;
|
||||
req.id = request_number++;
|
||||
|
||||
var verified = c.verifyPeer();
|
||||
var peerDN = JSON.stringify(c.getPeerCertificate());
|
||||
assert.equal(verified, true);
|
||||
assert.equal(peerDN, '{"subject":"/C=UK/ST=Acknack Ltd/L=Rhys Jones'
|
||||
var verified = res.connection.verifyPeer();
|
||||
var peerDN = JSON.stringify(req.connection.getPeerCertificate());
|
||||
assert.equal(verified, true);
|
||||
assert.equal(peerDN, '{"subject":"/C=UK/ST=Acknack Ltd/L=Rhys Jones'
|
||||
+ '/O=node.js/OU=Test TLS Certificate/CN=localhost",'
|
||||
+ '"issuer":"/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js'
|
||||
+ '/OU=Test TLS Certificate/CN=localhost","valid_from":'
|
||||
|
|
@ -84,7 +84,7 @@ c.addListener("connect", function () {
|
|||
c.addListener("secure", function () {
|
||||
var verified = c.verifyPeer();
|
||||
var peerDN = JSON.stringify(c.getPeerCertificate());
|
||||
//assert.equal(verified, 1);
|
||||
assert.equal(verified, true);
|
||||
assert.equal(peerDN, '{"subject":"/C=UK/ST=Acknack Ltd/L=Rhys Jones'
|
||||
+ '/O=node.js/OU=Test TLS Certificate/CN=localhost",'
|
||||
+ '"issuer":"/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js'
|
||||
|
|
|
|||
|
|
@ -0,0 +1,96 @@
|
|||
require("../common");
|
||||
var fs = require('fs');
|
||||
var sys = require('sys');
|
||||
var net = require('net');
|
||||
|
||||
var have_openssl;
|
||||
try {
|
||||
var crypto = require('crypto');
|
||||
have_openssl=true;
|
||||
} catch (e) {
|
||||
have_openssl=false;
|
||||
puts("Not compiled with OPENSSL support.");
|
||||
process.exit();
|
||||
}
|
||||
|
||||
var caPem = fs.readFileSync(fixturesDir+"/test_ca.pem");
|
||||
var certPem = fs.readFileSync(fixturesDir+"/test_cert.pem");
|
||||
var keyPem = fs.readFileSync(fixturesDir+"/test_key.pem");
|
||||
|
||||
var credentials = crypto.createCredentials({key:keyPem, cert:certPem, ca:caPem});
|
||||
|
||||
var testData = "TEST123";
|
||||
var serverData = '';
|
||||
var clientData = '';
|
||||
var gotSecureServer = false;
|
||||
var gotSecureClient = false;
|
||||
|
||||
var secureServer = net.createServer(function (connection) {
|
||||
var self = this;
|
||||
connection.setSecure(credentials);
|
||||
connection.setEncoding("UTF8");
|
||||
|
||||
connection.addListener("secure", function () {
|
||||
gotSecureServer = true;
|
||||
var verified = connection.verifyPeer();
|
||||
var peerDN = JSON.stringify(connection.getPeerCertificate());
|
||||
assert.equal(verified, true);
|
||||
assert.equal(peerDN, '{"subject":"/C=UK/ST=Acknack Ltd/L=Rhys Jones'
|
||||
+ '/O=node.js/OU=Test TLS Certificate/CN=localhost",'
|
||||
+ '"issuer":"/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js'
|
||||
+ '/OU=Test TLS Certificate/CN=localhost","valid_from":'
|
||||
+ '"Nov 11 09:52:22 2009 GMT","valid_to":'
|
||||
+ '"Nov 6 09:52:22 2029 GMT"}');
|
||||
|
||||
});
|
||||
|
||||
connection.addListener("data", function (chunk) {
|
||||
serverData += chunk;
|
||||
connection.write(chunk);
|
||||
});
|
||||
|
||||
connection.addListener("end", function () {
|
||||
assert.equal(serverData, testData);
|
||||
connection.end();
|
||||
self.close();
|
||||
});
|
||||
});
|
||||
secureServer.listen(PORT);
|
||||
|
||||
var secureClient = net.createConnection(PORT);
|
||||
|
||||
secureClient.setEncoding("UTF8");
|
||||
secureClient.addListener("connect", function () {
|
||||
secureClient.setSecure(credentials);
|
||||
});
|
||||
|
||||
secureClient.addListener("secure", function () {
|
||||
gotSecureClient = true;
|
||||
var verified = secureClient.verifyPeer();
|
||||
var peerDN = JSON.stringify(secureClient.getPeerCertificate());
|
||||
assert.equal(verified, true);
|
||||
assert.equal(peerDN, '{"subject":"/C=UK/ST=Acknack Ltd/L=Rhys Jones'
|
||||
+ '/O=node.js/OU=Test TLS Certificate/CN=localhost",'
|
||||
+ '"issuer":"/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js'
|
||||
+ '/OU=Test TLS Certificate/CN=localhost","valid_from":'
|
||||
+ '"Nov 11 09:52:22 2009 GMT","valid_to":'
|
||||
+ '"Nov 6 09:52:22 2029 GMT"}');
|
||||
|
||||
secureClient.write(testData);
|
||||
secureClient.end();
|
||||
});
|
||||
|
||||
secureClient.addListener("data", function (chunk) {
|
||||
clientData += chunk;
|
||||
});
|
||||
|
||||
secureClient.addListener("end", function () {
|
||||
assert.equal(clientData, testData);
|
||||
});
|
||||
|
||||
process.addListener("exit", function () {
|
||||
assert.ok(gotSecureServer, "Did not get secure event for server");
|
||||
assert.ok(gotSecureClient, "Did not get secure event for clientr");
|
||||
});
|
||||
|
||||
|
||||
Загрузка…
Ссылка в новой задаче