Browse Source

Additional OpenSSL tests

v0.7.4-release
Rhys Jones 15 years ago
committed by Ryan Dahl
parent
commit
1a317135c5
  1. 26
      lib/crypto.js
  2. 2
      src/node_crypto.cc
  3. 72
      test/simple/test-crypto.js
  4. 6
      test/simple/test-http-tls.js
  5. 96
      test/simple/test-tcp-tls.js

26
lib/crypto.js

@ -3,7 +3,10 @@ try {
var binding = process.binding('crypto');
var SecureContext = binding.SecureContext;
var SecureStream = binding.SecureStream;
var Hmac = binding.Hmac;
var Hash = binding.Hash;
var Cipher = binding.Cipher;
var Decipher = binding.Decipher;
var Sign = binding.Sign;
var Verify = binding.Verify;
var crypto = true;
@ -41,6 +44,29 @@ exports.createHash = function(hash) {
return (new Hash).init(hash);
}
exports.Hmac = Hmac;
exports.createHmac = function(hmac, key) {
return (new Hmac).init(hmac, key);
}
exports.Cipher = Cipher;
exports.createCipher = function(cipher, key) {
return (new Cipher).init(cipher, key);
}
exports.createCipheriv = function(cipher, key, iv) {
return (new Cipher).initiv(cipher, key, iv);
}
exports.Decipher = Decipher;
exports.createDecipher = function(cipher, key) {
return (new Decipher).init(cipher, key);
}
exports.createDecipheriv = function(cipher, key, iv) {
return (new Decipher).initiv(cipher, key, iv);
}
exports.Sign = Sign;
exports.createSign = function(algorithm) {
return (new Sign).init(algorithm);

2
src/node_crypto.cc

@ -2530,7 +2530,7 @@ void InitCrypto(Handle<Object> target) {
HandleScope scope;
SSL_library_init();
OpenSSL_add_ssl_algorithms();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_digests();
SSL_load_error_strings();
ERR_load_crypto_strings();

72
test/simple/test-crypto.js

@ -0,0 +1,72 @@
require("../common");
var fs = require('fs');
var sys = require('sys');
var have_openssl;
try {
var crypto = require('crypto');
have_openssl=true;
} catch (e) {
have_openssl=false;
puts("Not compiled with OPENSSL support.");
process.exit();
}
var caPem = fs.readFileSync(fixturesDir+"/test_ca.pem");
var certPem = fs.readFileSync(fixturesDir+"/test_cert.pem");
var keyPem = fs.readFileSync(fixturesDir+"/test_key.pem");
var credentials = crypto.createCredentials({key:keyPem, cert:certPem, ca:caPem});
// Test HMAC
//var h1 = (new crypto.Hmac).init("sha1", "Node").update("some data").update("to hmac").digest("hex");
var h1 = crypto.createHmac("sha1", "Node").update("some data").update("to hmac").digest("hex");
assert.equal(h1, '19fd6e1ba73d9ed2224dd5094a71babe85d9a892', "test HMAC");
// Test hashing
var a0 = crypto.createHash("sha1").update("Test123").digest("hex");
var a1 = crypto.createHash("md5").update("Test123").digest("binary");
var a2= crypto.createHash("sha256").update("Test123").digest("base64");
var a3 = crypto.createHash("sha512").update("Test123").digest(); // binary
// Test multiple updates to same hash
var h1 = crypto.createHash("sha1").update("Test123").digest("hex");
var h2 = (new crypto.Hash).init("sha1").update("Test").update("123").digest("hex");
assert.equal(h1, h2, "multipled updates");
// Test signing and verifying
var s1 = crypto.createSign("RSA-SHA1").update("Test123").sign(keyPem, "base64");
var verified = crypto.createVerify("RSA-SHA1").update("Test").update("123").verify(certPem, s1, "base64");
assert.ok(verified, "sign and verify (base 64)");
var s2 = crypto.createSign("RSA-SHA256").update("Test123").sign(keyPem); // binary
var verified = crypto.createVerify("RSA-SHA256").update("Test").update("123").verify(certPem, s2); // binary
assert.ok(verified, "sign and verify (binary)");
// Test encryption and decryption
var plaintext="Keep this a secret? No! Tell everyone about node.js!";
var cipher=crypto.createCipher("aes192", "MySecretKey123");
var ciph=cipher.update(plaintext, 'utf8', 'hex'); // encrypt plaintext which is in utf8 format to a ciphertext which will be in hex
ciph+=cipher.final('hex'); // Only use binary or hex, not base64.
var decipher=crypto.createDecipher("aes192", "MySecretKey123");
var txt = decipher.update(ciph, 'hex', 'utf8');
txt += decipher.final('utf8');
assert.equal(txt, plaintext, "encryption and decryption");
// Test encyrption and decryption with explicit key and iv
var encryption_key='0123456789abcd0123456789';
var iv = '12345678';
var cipher=crypto.createCipheriv("des-ede3-cbc", encryption_key, iv);
var ciph=cipher.update(plaintext, 'utf8', 'hex');
ciph+=cipher.final('hex');
var decipher=crypto.createDecipheriv("des-ede3-cbc",encryption_key,iv);
var txt = decipher.update(ciph, 'hex', 'utf8');
txt += decipher.final('utf8');
assert.equal(txt, plaintext, "encryption and decryption with key and iv");

6
test/simple/test-http-tls.js

@ -32,8 +32,8 @@ var https_server = http.createServer(function (req, res) {
res.id = request_number;
req.id = request_number++;
var verified = c.verifyPeer();
var peerDN = JSON.stringify(c.getPeerCertificate());
var verified = res.connection.verifyPeer();
var peerDN = JSON.stringify(req.connection.getPeerCertificate());
assert.equal(verified, true);
assert.equal(peerDN, '{"subject":"/C=UK/ST=Acknack Ltd/L=Rhys Jones'
+ '/O=node.js/OU=Test TLS Certificate/CN=localhost",'
@ -84,7 +84,7 @@ c.addListener("connect", function () {
c.addListener("secure", function () {
var verified = c.verifyPeer();
var peerDN = JSON.stringify(c.getPeerCertificate());
//assert.equal(verified, 1);
assert.equal(verified, true);
assert.equal(peerDN, '{"subject":"/C=UK/ST=Acknack Ltd/L=Rhys Jones'
+ '/O=node.js/OU=Test TLS Certificate/CN=localhost",'
+ '"issuer":"/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js'

96
test/simple/test-tcp-tls.js

@ -0,0 +1,96 @@
require("../common");
var fs = require('fs');
var sys = require('sys');
var net = require('net');
var have_openssl;
try {
var crypto = require('crypto');
have_openssl=true;
} catch (e) {
have_openssl=false;
puts("Not compiled with OPENSSL support.");
process.exit();
}
var caPem = fs.readFileSync(fixturesDir+"/test_ca.pem");
var certPem = fs.readFileSync(fixturesDir+"/test_cert.pem");
var keyPem = fs.readFileSync(fixturesDir+"/test_key.pem");
var credentials = crypto.createCredentials({key:keyPem, cert:certPem, ca:caPem});
var testData = "TEST123";
var serverData = '';
var clientData = '';
var gotSecureServer = false;
var gotSecureClient = false;
var secureServer = net.createServer(function (connection) {
var self = this;
connection.setSecure(credentials);
connection.setEncoding("UTF8");
connection.addListener("secure", function () {
gotSecureServer = true;
var verified = connection.verifyPeer();
var peerDN = JSON.stringify(connection.getPeerCertificate());
assert.equal(verified, true);
assert.equal(peerDN, '{"subject":"/C=UK/ST=Acknack Ltd/L=Rhys Jones'
+ '/O=node.js/OU=Test TLS Certificate/CN=localhost",'
+ '"issuer":"/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js'
+ '/OU=Test TLS Certificate/CN=localhost","valid_from":'
+ '"Nov 11 09:52:22 2009 GMT","valid_to":'
+ '"Nov 6 09:52:22 2029 GMT"}');
});
connection.addListener("data", function (chunk) {
serverData += chunk;
connection.write(chunk);
});
connection.addListener("end", function () {
assert.equal(serverData, testData);
connection.end();
self.close();
});
});
secureServer.listen(PORT);
var secureClient = net.createConnection(PORT);
secureClient.setEncoding("UTF8");
secureClient.addListener("connect", function () {
secureClient.setSecure(credentials);
});
secureClient.addListener("secure", function () {
gotSecureClient = true;
var verified = secureClient.verifyPeer();
var peerDN = JSON.stringify(secureClient.getPeerCertificate());
assert.equal(verified, true);
assert.equal(peerDN, '{"subject":"/C=UK/ST=Acknack Ltd/L=Rhys Jones'
+ '/O=node.js/OU=Test TLS Certificate/CN=localhost",'
+ '"issuer":"/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js'
+ '/OU=Test TLS Certificate/CN=localhost","valid_from":'
+ '"Nov 11 09:52:22 2009 GMT","valid_to":'
+ '"Nov 6 09:52:22 2029 GMT"}');
secureClient.write(testData);
secureClient.end();
});
secureClient.addListener("data", function (chunk) {
clientData += chunk;
});
secureClient.addListener("end", function () {
assert.equal(clientData, testData);
});
process.addListener("exit", function () {
assert.ok(gotSecureServer, "Did not get secure event for server");
assert.ok(gotSecureClient, "Did not get secure event for clientr");
});
Loading…
Cancel
Save