nodejs/test/parallel/test-crypto-dh-generate-keys.js

'use strict';

const common = require('../common');
if (!common.hasCrypto)
  common.skip('missing crypto');

const assert = require('assert');
const crypto = require('crypto');
const { hasOpenSSL3 } = require('../common/crypto');

{
  const size = crypto.getFips() || hasOpenSSL3 ? 1024 : 256;

  function unlessInvalidState(f) {
    try {
      return f();
    } catch (err) {
      if (err.code !== 'ERR_CRYPTO_INVALID_STATE') {
        throw err;
      }
    }
  }

  function testGenerateKeysChangesKeys(setup, expected) {
    const dh = crypto.createDiffieHellman(size);
    setup(dh);
    const firstPublicKey = unlessInvalidState(() => dh.getPublicKey());
    const firstPrivateKey = unlessInvalidState(() => dh.getPrivateKey());
    dh.generateKeys();
    const secondPublicKey = dh.getPublicKey();
    const secondPrivateKey = dh.getPrivateKey();
    function changed(shouldChange, first, second) {
      if (shouldChange) {
        assert.notDeepStrictEqual(first, second);
      } else {
        assert.deepStrictEqual(first, second);
      }
    }
    changed(expected.includes('public'), firstPublicKey, secondPublicKey);
    changed(expected.includes('private'), firstPrivateKey, secondPrivateKey);
  }

  // Both the private and the public key are missing: generateKeys() generates both.
  testGenerateKeysChangesKeys(() => {
    // No setup.
  }, ['public', 'private']);

  // Neither key is missing: generateKeys() does nothing.
  testGenerateKeysChangesKeys((dh) => {
    dh.generateKeys();
  }, []);

  // Only the public key is missing: generateKeys() generates only the public key.
  testGenerateKeysChangesKeys((dh) => {
    dh.setPrivateKey(Buffer.from('01020304', 'hex'));
  }, ['public']);

  // The public key is outdated: generateKeys() generates only the public key.
  testGenerateKeysChangesKeys((dh) => {
    const oldPublicKey = dh.generateKeys();
    dh.setPrivateKey(Buffer.from('01020304', 'hex'));
    assert.deepStrictEqual(dh.getPublicKey(), oldPublicKey);
  }, ['public']);
}
test: split test-crypto-dh to avoid timeout on slow machines in the CI Locally this speeds up running test-crypto-dh* from 7s to 2s. This was previously timing out in CI (took more than 2 minutes) so should see a bigger gap in the CI. PR-URL: https://github.com/nodejs/node/pull/49492 Refs: https://github.com/nodejs/node/issues/49202 Refs: https://github.com/nodejs/reliability/issues/655 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Chemi Atlow <chemi@atlow.co.il> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> 2023-09-07 16:43:29 +02:00			`'use strict';`

			`const common = require('../common');`
			`if (!common.hasCrypto)`
			`common.skip('missing crypto');`

			`const assert = require('assert');`
			`const crypto = require('crypto');`
test: move crypto related common utilities in common/crypto Since `common/crypto` already exists, it makes sense to keep crypto-related utilities there. The only exception being common.hasCrypto which is needed up front to determine if tests should be skipped. Eliminate the redundant check in hasFipsCrypto and just use crypto.getFips() directly where needed. PR-URL: https://github.com/nodejs/node/pull/56714 Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> 2025-01-24 16:58:32 -08:00			`const { hasOpenSSL3 } = require('../common/crypto');`
test: split test-crypto-dh to avoid timeout on slow machines in the CI Locally this speeds up running test-crypto-dh* from 7s to 2s. This was previously timing out in CI (took more than 2 minutes) so should see a bigger gap in the CI. PR-URL: https://github.com/nodejs/node/pull/49492 Refs: https://github.com/nodejs/node/issues/49202 Refs: https://github.com/nodejs/reliability/issues/655 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Chemi Atlow <chemi@atlow.co.il> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> 2023-09-07 16:43:29 +02:00
			`{`
test: move crypto related common utilities in common/crypto Since `common/crypto` already exists, it makes sense to keep crypto-related utilities there. The only exception being common.hasCrypto which is needed up front to determine if tests should be skipped. Eliminate the redundant check in hasFipsCrypto and just use crypto.getFips() directly where needed. PR-URL: https://github.com/nodejs/node/pull/56714 Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> 2025-01-24 16:58:32 -08:00			`const size = crypto.getFips() \|\| hasOpenSSL3 ? 1024 : 256;`
test: split test-crypto-dh to avoid timeout on slow machines in the CI Locally this speeds up running test-crypto-dh* from 7s to 2s. This was previously timing out in CI (took more than 2 minutes) so should see a bigger gap in the CI. PR-URL: https://github.com/nodejs/node/pull/49492 Refs: https://github.com/nodejs/node/issues/49202 Refs: https://github.com/nodejs/reliability/issues/655 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Chemi Atlow <chemi@atlow.co.il> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> 2023-09-07 16:43:29 +02:00
			`function unlessInvalidState(f) {`
			`try {`
			`return f();`
			`} catch (err) {`
			`if (err.code !== 'ERR_CRYPTO_INVALID_STATE') {`
			`throw err;`
			`}`
			`}`
			`}`

			`function testGenerateKeysChangesKeys(setup, expected) {`
			`const dh = crypto.createDiffieHellman(size);`
			`setup(dh);`
			`const firstPublicKey = unlessInvalidState(() => dh.getPublicKey());`
			`const firstPrivateKey = unlessInvalidState(() => dh.getPrivateKey());`
			`dh.generateKeys();`
			`const secondPublicKey = dh.getPublicKey();`
			`const secondPrivateKey = dh.getPrivateKey();`
			`function changed(shouldChange, first, second) {`
			`if (shouldChange) {`
			`assert.notDeepStrictEqual(first, second);`
			`} else {`
			`assert.deepStrictEqual(first, second);`
			`}`
			`}`
			`changed(expected.includes('public'), firstPublicKey, secondPublicKey);`
			`changed(expected.includes('private'), firstPrivateKey, secondPrivateKey);`
			`}`

			`// Both the private and the public key are missing: generateKeys() generates both.`
			`testGenerateKeysChangesKeys(() => {`
			`// No setup.`
			`}, ['public', 'private']);`

			`// Neither key is missing: generateKeys() does nothing.`
			`testGenerateKeysChangesKeys((dh) => {`
			`dh.generateKeys();`
			`}, []);`

			`// Only the public key is missing: generateKeys() generates only the public key.`
			`testGenerateKeysChangesKeys((dh) => {`
			`dh.setPrivateKey(Buffer.from('01020304', 'hex'));`
			`}, ['public']);`

			`// The public key is outdated: generateKeys() generates only the public key.`
			`testGenerateKeysChangesKeys((dh) => {`
			`const oldPublicKey = dh.generateKeys();`
			`dh.setPrivateKey(Buffer.from('01020304', 'hex'));`
			`assert.deepStrictEqual(dh.getPublicKey(), oldPublicKey);`
			`}, ['public']);`
			`}`