From 6dfa3e46d3d2f8cfba7da636d48a5c41b0132cd7 Mon Sep 17 00:00:00 2001 From: Michael Dawson Date: Wed, 18 Sep 2024 15:26:45 -0400 Subject: [PATCH] test: adjust key sizes to support OpenSSL32 Refs: https://github.com/nodejs/node/issues/53382 This test fails on OpenSSL32 because it complains the key being used is too short. Adjust the key sizes so that they will pass on OpenSSL32 in addition to other OpenSSL3 versions. Since the keys are not public key related I don't think the increase in key size will be too bad in terms of performance so I've just increased versus guarding for OpenSSL32 Signed-off-by: Michael Dawson PR-URL: https://github.com/nodejs/node/pull/54972 Reviewed-By: Yagiz Nizipli Reviewed-By: Luigi Pinca --- test/parallel/test-tls-getcipher.js | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/test/parallel/test-tls-getcipher.js b/test/parallel/test-tls-getcipher.js index 2a234d59016..4d5042d6e6b 100644 --- a/test/parallel/test-tls-getcipher.js +++ b/test/parallel/test-tls-getcipher.js @@ -47,13 +47,13 @@ server.listen(0, '127.0.0.1', common.mustCall(function() { tls.connect({ host: '127.0.0.1', port: this.address().port, - ciphers: 'AES128-SHA256', + ciphers: 'AES256-SHA256', rejectUnauthorized: false, maxVersion: 'TLSv1.2', }, common.mustCall(function() { const cipher = this.getCipher(); - assert.strictEqual(cipher.name, 'AES128-SHA256'); - assert.strictEqual(cipher.standardName, 'TLS_RSA_WITH_AES_128_CBC_SHA256'); + assert.strictEqual(cipher.name, 'AES256-SHA256'); + assert.strictEqual(cipher.standardName, 'TLS_RSA_WITH_AES_256_CBC_SHA256'); assert.strictEqual(cipher.version, 'TLSv1.2'); this.end(); })); @@ -62,14 +62,14 @@ server.listen(0, '127.0.0.1', common.mustCall(function() { tls.connect({ host: '127.0.0.1', port: this.address().port, - ciphers: 'ECDHE-RSA-AES128-GCM-SHA256', + ciphers: 'ECDHE-RSA-AES256-GCM-SHA384', rejectUnauthorized: false, maxVersion: 'TLSv1.2', }, common.mustCall(function() { const cipher = this.getCipher(); - assert.strictEqual(cipher.name, 'ECDHE-RSA-AES128-GCM-SHA256'); + assert.strictEqual(cipher.name, 'ECDHE-RSA-AES256-GCM-SHA384'); assert.strictEqual(cipher.standardName, - 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256'); + 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384'); assert.strictEqual(cipher.version, 'TLSv1.2'); this.end(); })); @@ -78,19 +78,19 @@ server.listen(0, '127.0.0.1', common.mustCall(function() { tls.createServer({ key: fixtures.readKey('agent2-key.pem'), cert: fixtures.readKey('agent2-cert.pem'), - ciphers: 'TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_8_SHA256', + ciphers: 'TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384', maxVersion: 'TLSv1.3', }, common.mustCall(function() { this.close(); })).listen(0, common.mustCall(function() { const client = tls.connect({ port: this.address().port, - ciphers: 'TLS_AES_128_CCM_8_SHA256', + ciphers: 'TLS_AES_256_GCM_SHA384', maxVersion: 'TLSv1.3', rejectUnauthorized: false }, common.mustCall(() => { const cipher = client.getCipher(); - assert.strictEqual(cipher.name, 'TLS_AES_128_CCM_8_SHA256'); + assert.strictEqual(cipher.name, 'TLS_AES_256_GCM_SHA384'); assert.strictEqual(cipher.standardName, cipher.name); assert.strictEqual(cipher.version, 'TLSv1.3'); client.end();