Some parts of pummel/test-crypto-dh.js will be just fine in
parallel/test-crypto-dh.js. Move them there.
PR-URL: https://github.com/nodejs/node/pull/28390
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Don't force the user to parse the long-style OpenSSL error message,
decorate the error with the library, reason, code, function.
PR-URL: https://github.com/nodejs/node/pull/26868
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
This updates a lot of comments.
PR-URL: https://github.com/nodejs/node/pull/26223
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com>
This makes a effort to make sure all of these errors will actually
also show the received input.
On top of that it refactors a few tests for better maintainability.
It will also change the returned type to always be a simple typeof
instead of special handling null.
PR-URL: https://github.com/nodejs/node/pull/19445
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
There is actually no reason to use `assert.doesNotThrow()` in the
tests. If a test throws, just let the error bubble up right away
instead of first catching it and then rethrowing it.
PR-URL: https://github.com/nodejs/node/pull/18669
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/17728
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jon Moss <me@jonathanmoss.me>
changes in c++ are in the computeSecret function, but the thrown
exception that was moved to JS land was in BufferToPoint
function, here i let the allocation error be thrown so the only value
returned is the nullptr that i use later to catch the error in
computeSecret, to then construct the exception in JS land.
an ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY error was added to errors.js
and with that, subsequent changes to docs and tests were made.
PR-URL: https://github.com/nodejs/node/pull/16849
Refs: https://www.iacr.org/archive/pkc2003/25670211/25670211.pdf
Fixes: https://github.com/nodejs/node/issues/16625
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
* Split single monolithic file into multiple
* Make Certificate methods static
* Allow randomFill(Sync) to use any ArrayBufferView
* Use internal/errors throughout
* Improve arg validation in Hash/Hmac
* Doc updates
PR-URL: https://github.com/nodejs/node/pull/15231
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
* Remove needless RegExp flag
In fixed case, `/g` flag is needless in the boolean context.
* Remove needless RegExp capturing
Use non-capturing grouping or remove capturing completely when:
* capturing is useless per se, e.g. in test() check;
* captured groups are not used afterward at all;
* some of the later captured groups are not used afterward.
* Use test, not match/exec in boolean context
match() and exec() return a complicated object,
unneeded in a boolean context.
* Do not needlessly repeat RegExp creation
This commit takes RegExp creation out of cycles and other repetitions.
As long as the RegExp does not use /g flag and match indices,
we are safe here.
In tests, this fix hardly gives a significant performance gain,
but it increases clarity and maintainability,
reassuring some RegExps to be identical.
RegExp in functions are not taken out of their functions:
while these functions are called many times
and their RegExps are recreated with each call,
the performance gain in test cases
does not seem to be worth decreasing function self-dependency.
PR-URL: https://github.com/nodejs/node/pull/13770
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Functions that call `ECDH::BufferToPoint` were not clearing the
error stack on failure, so an invalid key could leave leftover
error state and cause subsequent (unrelated) signing operations
to fail.
PR-URL: https://github.com/nodejs/node/pull/13275
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/12223
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
parallel/test-crypto-dh.js assumes particular curve algorithms
(e.g. Oakley-EC2N-3) are supported, though this may not necessarily be
the case if Node.js was built with a system version of OpenSSL.
PR-URL: https://github.com/nodejs/node/pull/12265
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/nodejs/node/pull/11983
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
* check exception when ECDH curve is undefined
* check exception when getPublicKey format is invalid
PR-URL: https://github.com/nodejs/node/pull/11279
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
* validate the errors for all assert.throws
* use arrow functions
PR-URL: https://github.com/nodejs/node/pull/10734
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Use assert.strictEqual instead of assert.equal in tests, manually
convert types where necessary.
PR-URL: https://github.com/nodejs/node/pull/10698
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Teddy Katz <teddy.katz@gmail.com>
Manually fix issues that eslint --fix couldn't do automatically.
PR-URL: https://github.com/nodejs/node/pull/10685
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
A number of test files use IIFEs to separate distinct tests from
each other in the same file. The project has been moving toward
using block scopes and let/const in favor of IIFEs. This commit
moves IIFE tests to block scopes. Some additional cleanup such
as use of strictEqual() and common.mustCall() is also included.
PR-URL: https://github.com/nodejs/node/pull/7694
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
When node began using the OneByte API (f150d56) it also switched to
officially supporting ISO-8859-1. Though at the time no new encoding
string was introduced.
Introduce the new encoding string 'latin1' to be more explicit. The
previous 'binary' and documented as an alias to 'latin1'. While many
tests have switched to use 'latin1', there are still plenty that do both
'binary' and 'latin1' checks side-by-side to ensure there is no
regression.
PR-URL: https://github.com/nodejs/node/pull/7111
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
The require('constants') module is currently undocumented and mashes
together unrelated constants. This refactors the require('constants')
in favor of distinct os.constants, fs.constants, and crypto.constants
that are specific to the modules for which they are relevant. The
next step is to document those within the specific modules.
PR-URL: https://github.com/nodejs/node/pull/6534
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Robert Lindstaedt <robert.lindstaedt@gmail.com>
The tap skipping output is so prevalent yet obscure in nature that we
ought to move it into it's own function in test/common.js
PR-URL: https://github.com/nodejs/node/pull/6697
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
In preparation for a lint rule that will enforce
assert.deepStrictEqual() over assert.deepEqual(), change tests and
benchmarks accordingly. For tests and benchmarks that are testing or
benchmarking assert.deepEqual() itself, apply a comment to ignore the
upcoming rule.
PR-URL: https://github.com/nodejs/node/pull/6213
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Several changes:
* Soft-Deprecate Buffer() constructors
* Add `Buffer.from()`, `Buffer.alloc()`, and `Buffer.allocUnsafe()`
* Add `--zero-fill-buffers` command line option
* Add byteOffset and length to `new Buffer(arrayBuffer)` constructor
* buffer.fill('') previously had no effect, now zero-fills
* Update the docs
PR-URL: https://github.com/nodejs/node/pull/4682
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Clean up OpenSSL error stack in `ECDH::Initialize`, some curves have
faulty implementations that are leaving dangling errors after
initializing the curve.
Fix: #4686
PR-URL: https://github.com/nodejs/node/pull/4689
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
These changes simplify using ECDH with private keys that are not
dynamically generated with ECDH.generateKeys.
Support for computing the public key corresponding to the given private
key was added. Validity checks to reduce the possibility of computing
a weak or invalid shared secret were also added.
Finally, ECDH.setPublicKey was softly deprecated.
PR-URL: https://github.com/nodejs/node/pull/3511
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
FIPS 140-2 disallows use of MD5, which is used to derive the
initialization vector and key for createCipher(). Modify
all tests to expect exceptions in FIPS mode when disallowed
API is used, or to avoid testing such API in FIPS Mode.
PR-URL: https://github.com/nodejs/node/pull/3754
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Reviewed-By: James M Snell <jasnell@gmail.com>
Generating 1024-bit primes on rpi test machines sometimes
causes timeouts. Avoid this situation by using 256-bit
primes when not running in FIPS mode.
Fixes: https://github.com/nodejs/node/issues/3881
PR-URL: https://github.com/nodejs/node/pull/3902
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Ben Noordhuis <ben@strongloop.com>
Use stronger crypto (larger keys, etc.) for arbitrary tests so
they will pass in both FIPS and non-FIPS mode without altering
the original intent of the test cases.
PR-URL: https://github.com/nodejs/node/pull/3758
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Reviewed-By: James M Snell <jasnell@gmail.com>
This patch uses `return` statement to skip the test instead of using
`process.exit` call.
PR-URL: https://github.com/nodejs/io.js/pull/2109
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Enable linting for the test directory. A number of changes was made so
all tests conform the current rules used by lib and src directories. The
only exception for tests is that unreachable (dead) code is allowed.
test-fs-non-number-arguments-throw had to be excluded from the changes
because of a weird issue on Windows CI.
PR-URL: https://github.com/nodejs/io.js/pull/1721
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
we had a few ways versions of looking for support before executing a test. this
commit unifies them as well as add the check for all tests that previously
lacked them. found by running `./configure --without-ssl && make test`. also,
produce tap skip output if the test is skipped.
PR-URL: https://github.com/iojs/io.js/pull/1049
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
This commit distributes many of the various tests that were previously
strewn about `test-crypto.js` into their own files, such as for Ciphers
and Deciphers, Hashing, and HMACs. Copy pasta, and no style changes
besides removing a few now-unnecessary closures.
Helps eliminate file bloat and allows for easier test prognosis.
PR-URL: https://github.com/iojs/io.js/pull/827
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
