11cb0ef41Sopenharmony_ci'use strict'; 21cb0ef41Sopenharmony_ciconst common = require('../common'); 31cb0ef41Sopenharmony_ci 41cb0ef41Sopenharmony_ciif (!common.hasCrypto) 51cb0ef41Sopenharmony_ci common.skip('missing crypto'); 61cb0ef41Sopenharmony_ci 71cb0ef41Sopenharmony_ciconst assert = require('assert'); 81cb0ef41Sopenharmony_ciconst tls = require('tls'); 91cb0ef41Sopenharmony_ci 101cb0ef41Sopenharmony_ciconst CIPHERS = 'PSK+HIGH:TLS_AES_128_GCM_SHA256'; 111cb0ef41Sopenharmony_ciconst USERS = { 121cb0ef41Sopenharmony_ci UserA: Buffer.allocUnsafe(128), 131cb0ef41Sopenharmony_ci UserB: Buffer.from('82072606b502b0f4025e90eb75fe137d', 'hex'), 141cb0ef41Sopenharmony_ci}; 151cb0ef41Sopenharmony_ciconst TEST_DATA = 'x'; 161cb0ef41Sopenharmony_ci 171cb0ef41Sopenharmony_ciconst serverOptions = { 181cb0ef41Sopenharmony_ci ciphers: CIPHERS, 191cb0ef41Sopenharmony_ci pskCallback(socket, id) { 201cb0ef41Sopenharmony_ci assert.ok(socket instanceof tls.TLSSocket); 211cb0ef41Sopenharmony_ci assert.ok(typeof id === 'string'); 221cb0ef41Sopenharmony_ci return USERS[id]; 231cb0ef41Sopenharmony_ci }, 241cb0ef41Sopenharmony_ci}; 251cb0ef41Sopenharmony_ci 261cb0ef41Sopenharmony_cifunction test(secret, opts, error) { 271cb0ef41Sopenharmony_ci const cb = !error ? 281cb0ef41Sopenharmony_ci common.mustCall((c) => { c.pipe(c); }) : 291cb0ef41Sopenharmony_ci common.mustNotCall(); 301cb0ef41Sopenharmony_ci const server = tls.createServer(serverOptions, cb); 311cb0ef41Sopenharmony_ci server.listen(0, common.mustCall(() => { 321cb0ef41Sopenharmony_ci const options = { 331cb0ef41Sopenharmony_ci port: server.address().port, 341cb0ef41Sopenharmony_ci ciphers: CIPHERS, 351cb0ef41Sopenharmony_ci checkServerIdentity: () => {}, 361cb0ef41Sopenharmony_ci pskCallback: common.mustCall(() => secret), 371cb0ef41Sopenharmony_ci ...opts, 381cb0ef41Sopenharmony_ci }; 391cb0ef41Sopenharmony_ci 401cb0ef41Sopenharmony_ci if (!error) { 411cb0ef41Sopenharmony_ci const client = tls.connect(options, common.mustCall(() => { 421cb0ef41Sopenharmony_ci client.end(TEST_DATA); 431cb0ef41Sopenharmony_ci 441cb0ef41Sopenharmony_ci client.on('data', common.mustCall((data) => { 451cb0ef41Sopenharmony_ci assert.strictEqual(data.toString(), TEST_DATA); 461cb0ef41Sopenharmony_ci })); 471cb0ef41Sopenharmony_ci client.on('close', common.mustCall(() => server.close())); 481cb0ef41Sopenharmony_ci })); 491cb0ef41Sopenharmony_ci } else { 501cb0ef41Sopenharmony_ci const client = tls.connect(options, common.mustNotCall()); 511cb0ef41Sopenharmony_ci client.on('error', common.mustCall((err) => { 521cb0ef41Sopenharmony_ci assert.strictEqual(err.code, error); 531cb0ef41Sopenharmony_ci server.close(); 541cb0ef41Sopenharmony_ci })); 551cb0ef41Sopenharmony_ci } 561cb0ef41Sopenharmony_ci })); 571cb0ef41Sopenharmony_ci} 581cb0ef41Sopenharmony_ci 591cb0ef41Sopenharmony_citest({ psk: USERS.UserA, identity: 'UserA' }); 601cb0ef41Sopenharmony_citest({ psk: USERS.UserA, identity: 'UserA' }, { maxVersion: 'TLSv1.2' }); 611cb0ef41Sopenharmony_citest({ psk: USERS.UserA, identity: 'UserA' }, { minVersion: 'TLSv1.3' }); 621cb0ef41Sopenharmony_citest({ psk: USERS.UserB, identity: 'UserB' }); 631cb0ef41Sopenharmony_citest({ psk: USERS.UserB, identity: 'UserB' }, { minVersion: 'TLSv1.3' }); 641cb0ef41Sopenharmony_ci// Unrecognized user should fail handshake 651cb0ef41Sopenharmony_citest({ psk: USERS.UserB, identity: 'UserC' }, {}, 661cb0ef41Sopenharmony_ci 'ERR_SSL_SSLV3_ALERT_HANDSHAKE_FAILURE'); 671cb0ef41Sopenharmony_ci// Recognized user but incorrect secret should fail handshake 681cb0ef41Sopenharmony_citest({ psk: USERS.UserA, identity: 'UserB' }, {}, 691cb0ef41Sopenharmony_ci 'ERR_SSL_SSLV3_ALERT_ILLEGAL_PARAMETER'); 701cb0ef41Sopenharmony_citest({ psk: USERS.UserB, identity: 'UserB' }); 71