nodejs/test/parallel/test-tls-client-getephemeralkeyinfo.js

'use strict';
var common = require('../common');
var assert = require('assert');

if (!common.hasCrypto) {
  common.skip('missing crypto');
  process.exit();
}
var tls = require('tls');

var fs = require('fs');
var key = fs.readFileSync(common.fixturesDir + '/keys/agent2-key.pem');
var cert = fs.readFileSync(common.fixturesDir + '/keys/agent2-cert.pem');

var ntests = 0;
var nsuccess = 0;

function loadDHParam(n) {
  var path = common.fixturesDir;
  if (n !== 'error') path += '/keys';
  return fs.readFileSync(path + '/dh' + n + '.pem');
}

var cipherlist = {
  'NOT_PFS': 'AES128-SHA256',
  'DH': 'DHE-RSA-AES128-GCM-SHA256',
  'ECDH': 'ECDHE-RSA-AES128-GCM-SHA256'
};

function test(size, type, name, next) {
  var cipher = type ? cipherlist[type] : cipherlist['NOT_PFS'];

  if (name) tls.DEFAULT_ECDH_CURVE = name;

  var options = {
    key: key,
    cert: cert,
    ciphers: cipher
  };

  if (type === 'DH') options.dhparam = loadDHParam(size);

  var server = tls.createServer(options, function(conn) {
    assert.strictEqual(conn.getEphemeralKeyInfo(), null);
    conn.end();
  });

  server.on('close', function(err) {
    assert(!err);
    if (next) next();
  });

  server.listen(0, '127.0.0.1', function() {
    var client = tls.connect({
      port: this.address().port,
      rejectUnauthorized: false
    }, function() {
      var ekeyinfo = client.getEphemeralKeyInfo();
      assert.strictEqual(ekeyinfo.type, type);
      assert.strictEqual(ekeyinfo.size, size);
      assert.strictEqual(ekeyinfo.name, name);
      nsuccess++;
      server.close();
    });
  });
}

function testNOT_PFS() {
  test(undefined, undefined, undefined, testDHE1024);
  ntests++;
}

function testDHE1024() {
  test(1024, 'DH', undefined, testDHE2048);
  ntests++;
}

function testDHE2048() {
  test(2048, 'DH', undefined, testECDHE256);
  ntests++;
}

function testECDHE256() {
  test(256, 'ECDH', tls.DEFAULT_ECDH_CURVE, testECDHE512);
  ntests++;
}

function testECDHE512() {
  test(521, 'ECDH', 'secp521r1', null);
  ntests++;
}

testNOT_PFS();

process.on('exit', function() {
  assert.equal(ntests, nsuccess);
  assert.equal(ntests, 5);
});