test,crypto: adjust tests for BoringSSL

Author: codebytere

test/parallel/test-crypto-async-sign-verify.js

@@ -102,17 +102,17 @@ if (!process.features.openssl_is_boringssl) {
   // ECDSA w/ ieee-p1363 signature encoding
   test('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384', false,
        { dsaEncoding: 'ieee-p1363' });
-}
 
-// DSA w/ der signature encoding
-test('dsa_public.pem', 'dsa_private.pem', 'sha256',
-     false);
-test('dsa_public.pem', 'dsa_private.pem', 'sha256',
-     false, { dsaEncoding: 'der' });
+  // DSA w/ der signature encoding
+  test('dsa_public.pem', 'dsa_private.pem', 'sha256',
+    false);
+  test('dsa_public.pem', 'dsa_private.pem', 'sha256',
+    false, { dsaEncoding: 'der' });
 
-// DSA w/ ieee-p1363 signature encoding
-test('dsa_public.pem', 'dsa_private.pem', 'sha256', false,
-     { dsaEncoding: 'ieee-p1363' });
+  // DSA w/ ieee-p1363 signature encoding
+  test('dsa_public.pem', 'dsa_private.pem', 'sha256', false,
+    { dsaEncoding: 'ieee-p1363' });
+}
 
 // Test Parallel Execution w/ KeyObject is threadsafe in openssl3
 {

test/parallel/test-crypto-authenticated.js

@@ -626,19 +626,22 @@ for (const test of TEST_CASES) {
 
 {
   // CCM cipher without data should not crash, see https://github.com/nodejs/node/issues/38035.
-  const algo = 'aes-128-ccm';
-  const key = Buffer.alloc(16);
-  const iv = Buffer.alloc(12);
-  const opts = { authTagLength: 10 };
+  if (!ciphers.includes('aes-128-ccm')) {
+    common.printSkipMessage(`unsupported aes-128-ccm test`);
+  } else {
+    const key = Buffer.alloc(16);
+    const iv = Buffer.alloc(12);
+    const opts = { authTagLength: 10 };
 
-  const cipher = crypto.createCipheriv(algo, key, iv, opts);
-  assert.throws(() => {
-    cipher.final();
-  }, hasOpenSSL3 ? {
-    code: 'ERR_OSSL_TAG_NOT_SET'
-  } : {
-    message: /Unsupported state/
-  });
+    const cipher = crypto.createCipheriv('aes-128-ccm', key, iv, opts);
+    assert.throws(() => {
+      cipher.final();
+    }, hasOpenSSL3 ? {
+      code: 'ERR_OSSL_TAG_NOT_SET'
+    } : {
+      message: /Unsupported state/
+    });
+  }
 }
 
 {

test/parallel/test-crypto-dh-curves.js

@@ -16,7 +16,7 @@ const p = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' +
 crypto.createDiffieHellman(p, 'hex');
 
 // Confirm DH_check() results are exposed for optional examination.
-const bad_dh = crypto.createDiffieHellman('02', 'hex');
+const bad_dh = crypto.createDiffieHellman('abcd', 'hex', 0);
 assert.notStrictEqual(bad_dh.verifyError, 0);
 
 const availableCurves = new Set(crypto.getCurves());

test/parallel/test-crypto-dh-errors.js

@@ -27,13 +27,13 @@ assert.throws(() => crypto.createDiffieHellman('abcdef', 13.37), {
 for (const bits of [-1, 0, 1]) {
   if (hasOpenSSL3) {
     assert.throws(() => crypto.createDiffieHellman(bits), {
-      code: 'ERR_OSSL_DH_MODULUS_TOO_SMALL',
+      code: /ERR_OSSL_(BN_BITS|DH_MODULUS)_TOO_SMALL/,
       name: 'Error',
       message: /modulus too small/,
     });
   } else {
     assert.throws(() => crypto.createDiffieHellman(bits), {
-      code: 'ERR_OSSL_BN_BITS_TOO_SMALL',
+      code: /ERR_OSSL_(BN_BITS|DH_MODULUS)_TOO_SMALL/,
       name: 'Error',
       message: /bits[\s_]too[\s_]small/i,
     });

test/parallel/test-crypto-dh-group-setters.js

@@ -6,6 +6,10 @@ if (!common.hasCrypto)
 const assert = require('assert');
 const crypto = require('crypto');
 
+if (process.features.openssl_is_boringssl) {
+  common.skip('Skipping unsupported Diffie-Hellman tests');
+}
+
 // Unlike DiffieHellman, DiffieHellmanGroup does not have any setters.
 const dhg = crypto.getDiffieHellman('modp1');
 assert.strictEqual(dhg.constructor, crypto.DiffieHellmanGroup);

test/parallel/test-crypto-dh-modp2-views.js

@@ -7,6 +7,10 @@ const assert = require('assert');
 const crypto = require('crypto');
 const { modp2buf } = require('../common/crypto');
 
+if (process.features.openssl_is_boringssl) {
+  common.skip('Skipping unsupported Diffie-Hellman tests');
+}
+
 const modp2 = crypto.createDiffieHellmanGroup('modp2');
 
 const views = common.getArrayBufferViews(modp2buf);

test/parallel/test-crypto-dh-modp2.js

@@ -6,6 +6,11 @@ if (!common.hasCrypto)
 const assert = require('assert');
 const crypto = require('crypto');
 const { modp2buf } = require('../common/crypto');
+
+if (process.features.openssl_is_boringssl) {
+  common.skip('Skipping unsupported Diffie-Hellman tests');
+}
+
 const modp2 = crypto.createDiffieHellmanGroup('modp2');
 
 {

test/parallel/test-crypto-dh.js

@@ -97,17 +97,21 @@ const {
       dh3.computeSecret('');
     }, { message: hasOpenSSL3 && !hasOpenSSL3WithNewErrorMessage ?
       'Unspecified validation error' :
-      'Supplied key is too small' });
+      /Supplied key is (too small|invalid)/ });
   }
 }
 
 // Through a fluke of history, g=0 defaults to DH_GENERATOR (2).
-{
+if (!process.features.openssl_is_boringssl) {
   const g = 0;
   crypto.createDiffieHellman('abcdef', g);
   crypto.createDiffieHellman('abcdef', 'hex', g);
+} else {
+  common.printSkipMessage('Skipping unsupported g=0 Diffie-Hellman tests');
 }
 
-{
+if (!process.features.openssl_is_boringssl) {
   crypto.createDiffieHellman('abcdef', Buffer.from([2]));  // OK
+} else {
+  common.printSkipMessage('Skipping unsupported g=0 Diffie-Hellman tests');
 }

test/parallel/test-crypto-hash-stream-pipe.js

@@ -30,11 +30,11 @@ const crypto = require('crypto');
 
 const stream = require('stream');
 const s = new stream.PassThrough();
-const h = crypto.createHash('sha3-512');
-const expect = '36a38a2a35e698974d4e5791a3f05b05' +
-               '198235381e864f91a0e8cd6a26b677ec' +
-               'dcde8e2b069bd7355fabd68abd6fc801' +
-               '19659f25e92f8efc961ee3a7c815c758';
+const h = crypto.createHash('sha512');
+const expect = 'fba055c6fd0c5b6645407749ed7a8b41' +
+               'b8f629f2163c3ca3701d864adabda1f8' +
+               '93c37bf82b22fdd151ba8e357f611da4' +
+               '88a74b6a5525dd9b69554c6ce5138ad7';
 
 s.pipe(h).on('data', common.mustCall(function(c) {
   assert.strictEqual(c, expect);

test/parallel/test-crypto-key-objects.js

@@ -302,11 +302,11 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
   }, hasOpenSSL3 ? {
     message: 'error:1E08010C:DECODER routines::unsupported',
   } : {
-    message: 'error:0909006C:PEM routines:get_name:no start line',
+    message: /no.start.line/i,
     code: 'ERR_OSSL_PEM_NO_START_LINE',
-    reason: 'no start line',
+    reason: /no.start.line/i,
     library: 'PEM routines',
-    function: 'get_name',
+    function: /get_name|OPENSSL_internal/,
   });
 
   // This should not abort either: https://github.com/nodejs/node/issues/29904
@@ -329,53 +329,65 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
     message: /error:1E08010C:DECODER routines::unsupported/,
     library: 'DECODER routines'
   } : {
-    message: /asn1 encoding/,
-    library: 'asn1 encoding routines'
+    message: /asn1 encoding|public key routines/,
+    library: /asn1 encoding routines|public key routines/
   });
 }
 
-[
-  { private: fixtures.readKey('ed25519_private.pem', 'ascii'),
+const infos = [
+  {
+    private: fixtures.readKey('ed25519_private.pem', 'ascii'),
     public: fixtures.readKey('ed25519_public.pem', 'ascii'),
     keyType: 'ed25519',
     jwk: {
       crv: 'Ed25519',
       x: 'K1wIouqnuiA04b3WrMa-xKIKIpfHetNZRv3h9fBf768',
       d: 'wVK6M3SMhQh3NK-7GRrSV-BVWQx1FO5pW8hhQeu_NdA',
       kty: 'OKP'
-    } },
-  { private: fixtures.readKey('ed448_private.pem', 'ascii'),
-    public: fixtures.readKey('ed448_public.pem', 'ascii'),
-    keyType: 'ed448',
-    jwk: {
-      crv: 'Ed448',
-      x: 'oX_ee5-jlcU53-BbGRsGIzly0V-SZtJ_oGXY0udf84q2hTW2RdstLktvwpkVJOoNb7o' +
-         'Dgc2V5ZUA',
-      d: '060Ke71sN0GpIc01nnGgMDkp0sFNQ09woVo4AM1ffax1-mjnakK0-p-S7-Xf859QewX' +
-         'jcR9mxppY',
-      kty: 'OKP'
-    } },
-  { private: fixtures.readKey('x25519_private.pem', 'ascii'),
+    }
+  },
+  {
+    private: fixtures.readKey('x25519_private.pem', 'ascii'),
     public: fixtures.readKey('x25519_public.pem', 'ascii'),
     keyType: 'x25519',
     jwk: {
       crv: 'X25519',
       x: 'aSb8Q-RndwfNnPeOYGYPDUN3uhAPnMLzXyfi-mqfhig',
       d: 'mL_IWm55RrALUGRfJYzw40gEYWMvtRkesP9mj8o8Omc',
       kty: 'OKP'
-    } },
-  { private: fixtures.readKey('x448_private.pem', 'ascii'),
+    }
+  },
+]
+
+if (!process.features.openssl_is_boringssl) {
+  infos.push({
+    private: fixtures.readKey('ed448_private.pem', 'ascii'),
+    public: fixtures.readKey('ed448_public.pem', 'ascii'),
+    keyType: 'ed448',
+    jwk: {
+      crv: 'Ed448',
+      x: 'oX_ee5-jlcU53-BbGRsGIzly0V-SZtJ_oGXY0udf84q2hTW2RdstLktvwpkVJOoNb7o' +
+        'Dgc2V5ZUA',
+      d: '060Ke71sN0GpIc01nnGgMDkp0sFNQ09woVo4AM1ffax1-mjnakK0-p-S7-Xf859QewX' +
+        'jcR9mxppY',
+      kty: 'OKP'
+    }
+  }, {
+    private: fixtures.readKey('x448_private.pem', 'ascii'),
     public: fixtures.readKey('x448_public.pem', 'ascii'),
     keyType: 'x448',
     jwk: {
       crv: 'X448',
       x: 'ioHSHVpTs6hMvghosEJDIR7ceFiE3-Xccxati64oOVJ7NWjfozE7ae31PXIUFq6cVYg' +
-         'vSKsDFPA',
+        'vSKsDFPA',
       d: 'tMNtrO_q8dlY6Y4NDeSTxNQ5CACkHiPvmukidPnNIuX_EkcryLEXt_7i6j6YZMKsrWy' +
-         'S0jlSYJk',
+        'S0jlSYJk',
       kty: 'OKP'
-    } },
-].forEach((info) => {
+    }
+  });
+}
+
+infos.forEach((info) => {
   const keyType = info.keyType;
 
   {
@@ -417,8 +429,9 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
   }
 });
 
-[
-  { private: fixtures.readKey('ec_p256_private.pem', 'ascii'),
+const ecInfos = [
+  {
+    private: fixtures.readKey('ec_p256_private.pem', 'ascii'),
     public: fixtures.readKey('ec_p256_public.pem', 'ascii'),
     keyType: 'ec',
     namedCurve: 'prime256v1',
@@ -428,19 +441,10 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
       kty: 'EC',
       x: 'X0mMYR_uleZSIPjNztIkAS3_ud5LhNpbiIFp6fNf2Gs',
       y: 'UbJuPy2Xi0lW7UYTBxPK3yGgDu9EAKYIecjkHX5s2lI'
-    } },
-  { private: fixtures.readKey('ec_secp256k1_private.pem', 'ascii'),
-    public: fixtures.readKey('ec_secp256k1_public.pem', 'ascii'),
-    keyType: 'ec',
-    namedCurve: 'secp256k1',
-    jwk: {
-      crv: 'secp256k1',
-      d: 'c34ocwTwpFa9NZZh3l88qXyrkoYSxvC0FEsU5v1v4IM',
-      kty: 'EC',
-      x: 'cOzhFSpWxhalCbWNdP2H_yUkdC81C9T2deDpfxK7owA',
-      y: '-A3DAZTk9IPppN-f03JydgHaFvL1fAHaoXf4SX4NXyo'
-    } },
-  { private: fixtures.readKey('ec_p384_private.pem', 'ascii'),
+    }
+  },
+  {
+    private: fixtures.readKey('ec_p384_private.pem', 'ascii'),
     public: fixtures.readKey('ec_p384_public.pem', 'ascii'),
     keyType: 'ec',
     namedCurve: 'secp384r1',
@@ -450,8 +454,10 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
       kty: 'EC',
       x: 'hON3nzGJgv-08fdHpQxgRJFZzlK-GZDGa5f3KnvM31cvvjJmsj4UeOgIdy3rDAjV',
       y: 'fidHhtecNCGCfLqmrLjDena1NSzWzWH1u_oUdMKGo5XSabxzD7-8JZxjpc8sR9cl'
-    } },
-  { private: fixtures.readKey('ec_p521_private.pem', 'ascii'),
+    }
+  },
+  {
+    private: fixtures.readKey('ec_p521_private.pem', 'ascii'),
     public: fixtures.readKey('ec_p521_public.pem', 'ascii'),
     keyType: 'ec',
     namedCurve: 'secp521r1',
@@ -464,8 +470,27 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
          'CbhMeHRavUS6P10rsTtBn',
       y: 'Ad3flexBeAfXceNzRBH128kFbOWD6W41NjwKRqqIF26vmgW_8COldGKZjFkOSEASxPB' +
          'cvA2iFJRUyQ3whC00j0Np'
-    } },
-].forEach((info) => {
+    }
+  },
+]
+
+if (!process.features.openssl_is_boringssl) {
+  ecInfos.push({
+    private: fixtures.readKey('ec_secp256k1_private.pem', 'ascii'),
+    public: fixtures.readKey('ec_secp256k1_public.pem', 'ascii'),
+    keyType: 'ec',
+    namedCurve: 'secp256k1',
+    jwk: {
+      crv: 'secp256k1',
+      d: 'c34ocwTwpFa9NZZh3l88qXyrkoYSxvC0FEsU5v1v4IM',
+      kty: 'EC',
+      x: 'cOzhFSpWxhalCbWNdP2H_yUkdC81C9T2deDpfxK7owA',
+      y: '-A3DAZTk9IPppN-f03JydgHaFvL1fAHaoXf4SX4NXyo'
+    }
+  });
+}
+
+ecInfos.forEach((info) => {
   const { keyType, namedCurve } = info;
 
   {
@@ -540,7 +565,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
     format: 'pem',
     passphrase: Buffer.alloc(1024, 'a')
   }), {
-    message: /bad decrypt/
+    message: /bad.decrypt/i
   });
 
   const publicKey = createPublicKey(publicDsa);
@@ -566,7 +591,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
 
 {
   // Test RSA-PSS.
-  {
+  if (!process.features.openssl_is_boringssl) {
     // This key pair does not restrict the message digest algorithm or salt
     // length.
     const publicPem = fixtures.readKey('rsa_pss_public_2048.pem');
@@ -625,6 +650,8 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
     }, {
       code: 'ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS'
     });
+  } else {
+    common.skip('Skipping unsupported RSA-PSS key test');
   }
 
   {