Skip to content

Commit 55298c4

Browse files
panvapanva
authored
test: accept OpenSSL 4 generic internal error for DH key-type mismatches
Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #62805 Backport-PR-URL: #63129 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
1 parent ca3c309 commit 55298c4

2 files changed

Lines changed: 45 additions & 7 deletions

File tree

test/parallel/test-crypto-dh-stateless-async.js

Lines changed: 26 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,28 @@ const assert = require('assert');
77
const crypto = require('crypto');
88
const { hasOpenSSL } = require('../common/crypto');
99

10+
// Error code for a key-type mismatch during (EC)DH. The underlying OpenSSL
11+
// error code varies by version, and in OpenSSL 4.0 by platform: some builds
12+
// report a generic internal error instead of a typed key-type mismatch.
13+
// https://github.com/openssl/openssl/issues/30895
14+
// TODO(panva): Tighten this check once/if fixed.
15+
let keyTypeMismatchCode;
16+
if (hasOpenSSL(4, 0)) {
17+
keyTypeMismatchCode =
18+
/^ERR_OSSL_EVP_(OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE|INTERNAL_ERROR)$/;
19+
} else if (hasOpenSSL(3)) {
20+
keyTypeMismatchCode = 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE';
21+
} else {
22+
keyTypeMismatchCode = 'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES';
23+
}
24+
25+
function assertErrorCode(actual, expected) {
26+
if (expected instanceof RegExp)
27+
assert.match(actual, expected);
28+
else
29+
assert.strictEqual(actual, expected);
30+
}
31+
1032
assert.throws(() => crypto.diffieHellman(crypto.generateKeyPairSync('ec', { namedCurve: 'P-256' }), null), {
1133
name: 'TypeError',
1234
code: 'ERR_INVALID_ARG_TYPE',
@@ -341,16 +363,16 @@ for (const { privateKey: alicePriv, publicKey: bobPub } of [
341363
privateKey: ec256.privateKey.export({ type: 'pkcs8', format: 'pem' }),
342364
publicKey: x25519.publicKey.export({ type: 'spki', format: 'pem' }),
343365
}, common.mustCall((err) => {
344-
assert.strictEqual(err.code,
345-
hasOpenSSL(3) ? 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' :
346-
'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES');
366+
assertErrorCode(err.code, keyTypeMismatchCode);
347367
}));
348368

349369
// Unsupported key type (ed25519)
350370
crypto.diffieHellman({
351371
privateKey: ed25519.privateKey.export({ type: 'pkcs8', format: 'pem' }),
352372
publicKey: ed25519.publicKey.export({ type: 'spki', format: 'pem' }),
353373
}, common.mustCall((err) => {
354-
assert.strictEqual(err.code, 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE');
374+
assertErrorCode(err.code, hasOpenSSL(4, 0) ?
375+
/^ERR_OSSL_EVP_(OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE|INTERNAL_ERROR)$/ :
376+
'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE');
355377
}));
356378
}

test/parallel/test-crypto-dh-stateless.js

Lines changed: 19 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,21 @@ const assert = require('assert');
77
const crypto = require('crypto');
88
const { hasOpenSSL } = require('../common/crypto');
99

10+
// Error code for a key-type mismatch during (EC)DH. The underlying OpenSSL
11+
// error code varies by version, and in OpenSSL 4.0 by platform: some builds
12+
// report a generic internal error instead of a typed key-type mismatch.
13+
// https://github.com/openssl/openssl/issues/30895
14+
// TODO(panva): Tighten this check once/if fixed.
15+
let keyTypeMismatchCode;
16+
if (hasOpenSSL(4, 0)) {
17+
keyTypeMismatchCode =
18+
/^ERR_OSSL_EVP_(OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE|INTERNAL_ERROR)$/;
19+
} else if (hasOpenSSL(3)) {
20+
keyTypeMismatchCode = 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE';
21+
} else {
22+
keyTypeMismatchCode = 'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES';
23+
}
24+
1025
assert.throws(() => crypto.diffieHellman(), {
1126
name: 'TypeError',
1227
code: 'ERR_INVALID_ARG_TYPE',
@@ -459,12 +474,13 @@ for (const { privateKey: alicePriv, publicKey: bobPub } of [
459474
assert.throws(() => crypto.diffieHellman({
460475
privateKey: ec256.privateKey.export({ type: 'pkcs8', format: 'pem' }),
461476
publicKey: x25519.publicKey.export({ type: 'spki', format: 'pem' }),
462-
}), { code: hasOpenSSL(3) ?
463-
'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' : 'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES' });
477+
}), { code: keyTypeMismatchCode });
464478

465479
// Unsupported key type (ed25519)
466480
assert.throws(() => crypto.diffieHellman({
467481
privateKey: ed25519.privateKey.export({ type: 'pkcs8', format: 'pem' }),
468482
publicKey: ed25519.publicKey.export({ type: 'spki', format: 'pem' }),
469-
}), { code: 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' });
483+
}), { code: hasOpenSSL(4, 0) ?
484+
/^ERR_OSSL_EVP_(OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE|INTERNAL_ERROR)$/ :
485+
'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' });
470486
}

0 commit comments

Comments
 (0)