11cb0ef41Sopenharmony_ci'use strict'; 21cb0ef41Sopenharmony_ci 31cb0ef41Sopenharmony_ci// Test return value of tlsSocket.exportKeyingMaterial 41cb0ef41Sopenharmony_ci 51cb0ef41Sopenharmony_ciconst common = require('../common'); 61cb0ef41Sopenharmony_ci 71cb0ef41Sopenharmony_ciif (!common.hasCrypto) 81cb0ef41Sopenharmony_ci common.skip('missing crypto'); 91cb0ef41Sopenharmony_ci 101cb0ef41Sopenharmony_ciconst assert = require('assert'); 111cb0ef41Sopenharmony_ciconst net = require('net'); 121cb0ef41Sopenharmony_ciconst tls = require('tls'); 131cb0ef41Sopenharmony_ciconst fixtures = require('../common/fixtures'); 141cb0ef41Sopenharmony_ci 151cb0ef41Sopenharmony_ciconst key = fixtures.readKey('agent1-key.pem'); 161cb0ef41Sopenharmony_ciconst cert = fixtures.readKey('agent1-cert.pem'); 171cb0ef41Sopenharmony_ci 181cb0ef41Sopenharmony_ciconst server = net.createServer(common.mustCall((s) => { 191cb0ef41Sopenharmony_ci const tlsSocket = new tls.TLSSocket(s, { 201cb0ef41Sopenharmony_ci isServer: true, 211cb0ef41Sopenharmony_ci server: server, 221cb0ef41Sopenharmony_ci secureContext: tls.createSecureContext({ key, cert }) 231cb0ef41Sopenharmony_ci }); 241cb0ef41Sopenharmony_ci 251cb0ef41Sopenharmony_ci assert.throws(() => { 261cb0ef41Sopenharmony_ci tlsSocket.exportKeyingMaterial(128, 'label'); 271cb0ef41Sopenharmony_ci }, { 281cb0ef41Sopenharmony_ci name: 'Error', 291cb0ef41Sopenharmony_ci message: 'TLS socket connection must be securely established', 301cb0ef41Sopenharmony_ci code: 'ERR_TLS_INVALID_STATE' 311cb0ef41Sopenharmony_ci }); 321cb0ef41Sopenharmony_ci 331cb0ef41Sopenharmony_ci tlsSocket.on('secure', common.mustCall(() => { 341cb0ef41Sopenharmony_ci const label = 'client finished'; 351cb0ef41Sopenharmony_ci 361cb0ef41Sopenharmony_ci const validKeyingMaterial = tlsSocket.exportKeyingMaterial(128, label); 371cb0ef41Sopenharmony_ci assert.strictEqual(validKeyingMaterial.length, 128); 381cb0ef41Sopenharmony_ci 391cb0ef41Sopenharmony_ci const validKeyingMaterialWithContext = tlsSocket 401cb0ef41Sopenharmony_ci .exportKeyingMaterial(128, label, Buffer.from([0, 1, 2, 3])); 411cb0ef41Sopenharmony_ci assert.strictEqual(validKeyingMaterialWithContext.length, 128); 421cb0ef41Sopenharmony_ci 431cb0ef41Sopenharmony_ci // Ensure providing a context results in a different key than without 441cb0ef41Sopenharmony_ci assert.notStrictEqual(validKeyingMaterial, validKeyingMaterialWithContext); 451cb0ef41Sopenharmony_ci 461cb0ef41Sopenharmony_ci const validKeyingMaterialWithEmptyContext = tlsSocket 471cb0ef41Sopenharmony_ci .exportKeyingMaterial(128, label, Buffer.from([])); 481cb0ef41Sopenharmony_ci assert.strictEqual(validKeyingMaterialWithEmptyContext.length, 128); 491cb0ef41Sopenharmony_ci 501cb0ef41Sopenharmony_ci assert.throws(() => { 511cb0ef41Sopenharmony_ci tlsSocket.exportKeyingMaterial(128, label, 'stringAsContextNotSupported'); 521cb0ef41Sopenharmony_ci }, { 531cb0ef41Sopenharmony_ci name: 'TypeError', 541cb0ef41Sopenharmony_ci code: 'ERR_INVALID_ARG_TYPE' 551cb0ef41Sopenharmony_ci }); 561cb0ef41Sopenharmony_ci 571cb0ef41Sopenharmony_ci assert.throws(() => { 581cb0ef41Sopenharmony_ci tlsSocket.exportKeyingMaterial(128, label, 1234); 591cb0ef41Sopenharmony_ci }, { 601cb0ef41Sopenharmony_ci name: 'TypeError', 611cb0ef41Sopenharmony_ci code: 'ERR_INVALID_ARG_TYPE' 621cb0ef41Sopenharmony_ci }); 631cb0ef41Sopenharmony_ci 641cb0ef41Sopenharmony_ci assert.throws(() => { 651cb0ef41Sopenharmony_ci tlsSocket.exportKeyingMaterial(10, null); 661cb0ef41Sopenharmony_ci }, { 671cb0ef41Sopenharmony_ci name: 'TypeError', 681cb0ef41Sopenharmony_ci code: 'ERR_INVALID_ARG_TYPE' 691cb0ef41Sopenharmony_ci }); 701cb0ef41Sopenharmony_ci 711cb0ef41Sopenharmony_ci assert.throws(() => { 721cb0ef41Sopenharmony_ci tlsSocket.exportKeyingMaterial('length', 1234); 731cb0ef41Sopenharmony_ci }, { 741cb0ef41Sopenharmony_ci name: 'TypeError', 751cb0ef41Sopenharmony_ci code: 'ERR_INVALID_ARG_TYPE' 761cb0ef41Sopenharmony_ci }); 771cb0ef41Sopenharmony_ci 781cb0ef41Sopenharmony_ci assert.throws(() => { 791cb0ef41Sopenharmony_ci tlsSocket.exportKeyingMaterial(-3, 'a'); 801cb0ef41Sopenharmony_ci }, { 811cb0ef41Sopenharmony_ci name: 'RangeError', 821cb0ef41Sopenharmony_ci code: 'ERR_OUT_OF_RANGE' 831cb0ef41Sopenharmony_ci }); 841cb0ef41Sopenharmony_ci 851cb0ef41Sopenharmony_ci assert.throws(() => { 861cb0ef41Sopenharmony_ci tlsSocket.exportKeyingMaterial(0, 'a'); 871cb0ef41Sopenharmony_ci }, { 881cb0ef41Sopenharmony_ci name: 'RangeError', 891cb0ef41Sopenharmony_ci code: 'ERR_OUT_OF_RANGE' 901cb0ef41Sopenharmony_ci }); 911cb0ef41Sopenharmony_ci 921cb0ef41Sopenharmony_ci tlsSocket.end(); 931cb0ef41Sopenharmony_ci server.close(); 941cb0ef41Sopenharmony_ci })); 951cb0ef41Sopenharmony_ci})).listen(0, () => { 961cb0ef41Sopenharmony_ci const opts = { 971cb0ef41Sopenharmony_ci port: server.address().port, 981cb0ef41Sopenharmony_ci rejectUnauthorized: false 991cb0ef41Sopenharmony_ci }; 1001cb0ef41Sopenharmony_ci 1011cb0ef41Sopenharmony_ci tls.connect(opts, common.mustCall(function() { this.end(); })); 1021cb0ef41Sopenharmony_ci}); 103