11cb0ef41Sopenharmony_ci// Copyright Joyent, Inc. and other Node contributors. 21cb0ef41Sopenharmony_ci// 31cb0ef41Sopenharmony_ci// Permission is hereby granted, free of charge, to any person obtaining a 41cb0ef41Sopenharmony_ci// copy of this software and associated documentation files (the 51cb0ef41Sopenharmony_ci// "Software"), to deal in the Software without restriction, including 61cb0ef41Sopenharmony_ci// without limitation the rights to use, copy, modify, merge, publish, 71cb0ef41Sopenharmony_ci// distribute, sublicense, and/or sell copies of the Software, and to permit 81cb0ef41Sopenharmony_ci// persons to whom the Software is furnished to do so, subject to the 91cb0ef41Sopenharmony_ci// following conditions: 101cb0ef41Sopenharmony_ci// 111cb0ef41Sopenharmony_ci// The above copyright notice and this permission notice shall be included 121cb0ef41Sopenharmony_ci// in all copies or substantial portions of the Software. 131cb0ef41Sopenharmony_ci// 141cb0ef41Sopenharmony_ci// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 151cb0ef41Sopenharmony_ci// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 161cb0ef41Sopenharmony_ci// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN 171cb0ef41Sopenharmony_ci// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, 181cb0ef41Sopenharmony_ci// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR 191cb0ef41Sopenharmony_ci// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE 201cb0ef41Sopenharmony_ci// USE OR OTHER DEALINGS IN THE SOFTWARE. 211cb0ef41Sopenharmony_ci 221cb0ef41Sopenharmony_ci'use strict'; 231cb0ef41Sopenharmony_ciconst common = require('../common'); 241cb0ef41Sopenharmony_ci 251cb0ef41Sopenharmony_ciif (!common.hasCrypto) 261cb0ef41Sopenharmony_ci common.skip('node compiled without OpenSSL.'); 271cb0ef41Sopenharmony_ci 281cb0ef41Sopenharmony_ciconst assert = require('assert'); 291cb0ef41Sopenharmony_ciconst crypto = require('crypto'); 301cb0ef41Sopenharmony_ci 311cb0ef41Sopenharmony_ci// This test verifies padding with leading zeroes for shared 321cb0ef41Sopenharmony_ci// secrets that are strictly smaller than the modulus (prime). 331cb0ef41Sopenharmony_ci// See: 341cb0ef41Sopenharmony_ci// RFC 4346: https://www.ietf.org/rfc/rfc4346.txt 351cb0ef41Sopenharmony_ci// https://github.com/nodejs/node-v0.x-archive/issues/7906 361cb0ef41Sopenharmony_ci// https://github.com/nodejs/node-v0.x-archive/issues/5239 371cb0ef41Sopenharmony_ci// 381cb0ef41Sopenharmony_ci// In FIPS mode OPENSSL_DH_FIPS_MIN_MODULUS_BITS = 1024, meaning we need 391cb0ef41Sopenharmony_ci// a FIPS-friendly >= 1024 bit prime, we can use MODP 14 from RFC 3526: 401cb0ef41Sopenharmony_ci// https://www.ietf.org/rfc/rfc3526.txt 411cb0ef41Sopenharmony_ci// 421cb0ef41Sopenharmony_ci// We can generate appropriate values with this code: 431cb0ef41Sopenharmony_ci// 441cb0ef41Sopenharmony_ci// crypto = require('crypto'); 451cb0ef41Sopenharmony_ci// 461cb0ef41Sopenharmony_ci// for (;;) { 471cb0ef41Sopenharmony_ci// var a = crypto.getDiffieHellman('modp14'), 481cb0ef41Sopenharmony_ci// var b = crypto.getDiffieHellman('modp14'); 491cb0ef41Sopenharmony_ci// 501cb0ef41Sopenharmony_ci// a.generateKeys(); 511cb0ef41Sopenharmony_ci// b.generateKeys(); 521cb0ef41Sopenharmony_ci// 531cb0ef41Sopenharmony_ci// var aSecret = a.computeSecret(b.getPublicKey()).toString('hex'); 541cb0ef41Sopenharmony_ci// console.log("A public: " + a.getPublicKey().toString('hex')); 551cb0ef41Sopenharmony_ci// console.log("A private: " + a.getPrivateKey().toString('hex')); 561cb0ef41Sopenharmony_ci// console.log("B public: " + b.getPublicKey().toString('hex')); 571cb0ef41Sopenharmony_ci// console.log("B private: " + b.getPrivateKey().toString('hex')); 581cb0ef41Sopenharmony_ci// console.log("A secret: " + aSecret); 591cb0ef41Sopenharmony_ci// console.log('-------------------------------------------------'); 601cb0ef41Sopenharmony_ci// if(aSecret.substring(0,2) === "00") { 611cb0ef41Sopenharmony_ci// console.log("found short key!"); 621cb0ef41Sopenharmony_ci// return; 631cb0ef41Sopenharmony_ci// } 641cb0ef41Sopenharmony_ci// } 651cb0ef41Sopenharmony_ci 661cb0ef41Sopenharmony_ciconst apub = 671cb0ef41Sopenharmony_ci'5484455905d3eff34c70980e871f27f05448e66f5a6efbb97cbcba4e927196c2bd9ea272cded91\ 681cb0ef41Sopenharmony_ci10a4977afa8d9b16c9139a444ed2d954a794650e5d7cb525204f385e1af81530518563822ecd0f9\ 691cb0ef41Sopenharmony_ci524a958d02b3c269e79d6d69850f0968ad567a4404fbb0b19efc8bc73e267b6136b88cafb33299f\ 701cb0ef41Sopenharmony_cif7c7cace3ffab1a88c2c9ee841f88b4c3679b4efc465f5c93cca11d487be57373e4c5926f634c4e\ 711cb0ef41Sopenharmony_ciefee6721d01db91cd66321615b2522f96368dbc818875d422140d0edf30bdb97d9721feddcb9ff6\ 721cb0ef41Sopenharmony_ci453741a4f687ee46fc54bf1198801f1210ac789879a5ee123f79e2d2ce1209df2445d32166bc9e4\ 731cb0ef41Sopenharmony_ci8f89e944ec9c3b2e16c8066cd8eebd4e33eb941'; 741cb0ef41Sopenharmony_ciconst bpub = 751cb0ef41Sopenharmony_ci'3fca64510e36bc7da8a3a901c7b74c2eabfa25deaf7cbe1d0c50235866136ad677317279e1fb0\ 761cb0ef41Sopenharmony_ci06e9c0a07f63e14a3363c8e016fbbde2b2c7e79fed1cc3e08e95f7459f547a8cd0523ee9dc744d\ 771cb0ef41Sopenharmony_cie5a956d92b937db4448917e1f6829437f05e408ee7aea70c0362b37370c7c75d14449d8b2d2133\ 781cb0ef41Sopenharmony_ci04ac972302d349975e2265ca7103cfebd019d9e91234d638611abd049014f7abf706c1c5da6c88\ 791cb0ef41Sopenharmony_ci788a1fdc6cdf17f5fffaf024ce8711a2ebde0b52e9f1cb56224483826d6e5ac6ecfaae07b75d20\ 801cb0ef41Sopenharmony_ci6e8ac97f5be1a5b68f20382f2a7dac189cf169325c4cf845b26a0cd616c31fec905c5d9035e5f7\ 811cb0ef41Sopenharmony_ci8e9880c812374ac0f3ca3d365f06e4be526b5affd4b79'; 821cb0ef41Sopenharmony_ciconst apriv = 831cb0ef41Sopenharmony_ci'62411e34704637d99c6c958a7db32ac22fcafafbe1c33d2cfdb76e12ded41f38fc16b792b9041\ 841cb0ef41Sopenharmony_ci2e4c82755a3815ba52f780f0ee296ad46e348fc4d1dcd6b64f4eea1b231b2b7d95c5b1c2e26d34\ 851cb0ef41Sopenharmony_ci83520558b9860a6eb668f01422a54e6604aa7702b4e67511397ef3ecb912bff1a83899c5a5bfb2\ 861cb0ef41Sopenharmony_ci0ee29249a91b8a698e62486f7009a0e9eaebda69d77ecfa2ca6ba2db6c8aa81759c8c90c675979\ 871cb0ef41Sopenharmony_ci08c3b3e6fc60668f7be81cce6784482af228dd7f489005253a165e292802cfd0399924f6c56827\ 881cb0ef41Sopenharmony_ci7012f68255207722355634290acc7fddeefbba75650a85ece95b6a12de67eac016ba78960108dd\ 891cb0ef41Sopenharmony_ci5dbadfaa43cc9fed515a1f307b7d90ae0623bc7b8cefb'; 901cb0ef41Sopenharmony_ciconst secret = 911cb0ef41Sopenharmony_ci'00c37b1e06a436d6717816a40e6d72907a6f255638b93032267dcb9a5f0b4a9aa0236f3dce63b\ 921cb0ef41Sopenharmony_ci1c418c60978a00acd1617dfeecf1661d8a3fafb4d0d8824386750f4853313400e7e4afd22847e4\ 931cb0ef41Sopenharmony_cifa56bc9713872021265111906673b38db83d10cbfa1dea3b6b4c97c8655f4ae82125281af7f234\ 941cb0ef41Sopenharmony_ci8916a15c6f95649367d169d587697480df4d10b381479e86d5518b520d9d8fb764084eab518224\ 951cb0ef41Sopenharmony_cidc8fe984ddaf532fc1531ce43155fa0ab32532bf1ece5356b8a3447b5267798a904f16f3f4e635\ 961cb0ef41Sopenharmony_ci597adc0179d011132dcffc0bbcb0dd2c8700872f8663ec7ddd897c659cc2efebccc73f38f0ec96\ 971cb0ef41Sopenharmony_ci8612314311231f905f91c63a1aea52e0b60cead8b57df'; 981cb0ef41Sopenharmony_ci 991cb0ef41Sopenharmony_ci/* FIPS-friendly 2048 bit prime */ 1001cb0ef41Sopenharmony_ciconst p = crypto.createDiffieHellman( 1011cb0ef41Sopenharmony_ci crypto.getDiffieHellman('modp14').getPrime()); 1021cb0ef41Sopenharmony_ci 1031cb0ef41Sopenharmony_cip.setPublicKey(apub, 'hex'); 1041cb0ef41Sopenharmony_cip.setPrivateKey(apriv, 'hex'); 1051cb0ef41Sopenharmony_ci 1061cb0ef41Sopenharmony_ciassert.strictEqual( 1071cb0ef41Sopenharmony_ci p.computeSecret(bpub, 'hex', 'hex').toString('hex'), 1081cb0ef41Sopenharmony_ci secret 1091cb0ef41Sopenharmony_ci); 110