11cb0ef41Sopenharmony_ci// Copyright Joyent, Inc. and other Node contributors. 21cb0ef41Sopenharmony_ci// 31cb0ef41Sopenharmony_ci// Permission is hereby granted, free of charge, to any person obtaining a 41cb0ef41Sopenharmony_ci// copy of this software and associated documentation files (the 51cb0ef41Sopenharmony_ci// "Software"), to deal in the Software without restriction, including 61cb0ef41Sopenharmony_ci// without limitation the rights to use, copy, modify, merge, publish, 71cb0ef41Sopenharmony_ci// distribute, sublicense, and/or sell copies of the Software, and to permit 81cb0ef41Sopenharmony_ci// persons to whom the Software is furnished to do so, subject to the 91cb0ef41Sopenharmony_ci// following conditions: 101cb0ef41Sopenharmony_ci// 111cb0ef41Sopenharmony_ci// The above copyright notice and this permission notice shall be included 121cb0ef41Sopenharmony_ci// in all copies or substantial portions of the Software. 131cb0ef41Sopenharmony_ci// 141cb0ef41Sopenharmony_ci// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 151cb0ef41Sopenharmony_ci// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 161cb0ef41Sopenharmony_ci// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN 171cb0ef41Sopenharmony_ci// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, 181cb0ef41Sopenharmony_ci// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR 191cb0ef41Sopenharmony_ci// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE 201cb0ef41Sopenharmony_ci// USE OR OTHER DEALINGS IN THE SOFTWARE. 211cb0ef41Sopenharmony_ci 221cb0ef41Sopenharmony_ci'use strict'; 231cb0ef41Sopenharmony_ci 241cb0ef41Sopenharmony_ciconst common = require('../common'); 251cb0ef41Sopenharmony_ci 261cb0ef41Sopenharmony_ciif (!common.opensslCli) 271cb0ef41Sopenharmony_ci common.skip('node compiled without OpenSSL CLI.'); 281cb0ef41Sopenharmony_ci 291cb0ef41Sopenharmony_ciif (!common.hasCrypto) 301cb0ef41Sopenharmony_ci common.skip('missing crypto'); 311cb0ef41Sopenharmony_ci 321cb0ef41Sopenharmony_ciif (common.isWindows) 331cb0ef41Sopenharmony_ci common.skip('test does not work on Windows'); // ...but it should! 341cb0ef41Sopenharmony_ci 351cb0ef41Sopenharmony_ciconst net = require('net'); 361cb0ef41Sopenharmony_ciconst assert = require('assert'); 371cb0ef41Sopenharmony_ciconst fixtures = require('../common/fixtures'); 381cb0ef41Sopenharmony_ciconst tls = require('tls'); 391cb0ef41Sopenharmony_ciconst spawn = require('child_process').spawn; 401cb0ef41Sopenharmony_ci 411cb0ef41Sopenharmony_ciconst useIPv4 = !common.hasIPv6; 421cb0ef41Sopenharmony_ci 431cb0ef41Sopenharmony_citest1(); 441cb0ef41Sopenharmony_ci 451cb0ef41Sopenharmony_ci// simple/test-tls-securepair-client 461cb0ef41Sopenharmony_cifunction test1() { 471cb0ef41Sopenharmony_ci test('keys/rsa_private.pem', 'keys/rsa_cert.crt', null, test2); 481cb0ef41Sopenharmony_ci} 491cb0ef41Sopenharmony_ci 501cb0ef41Sopenharmony_ci// simple/test-tls-ext-key-usage 511cb0ef41Sopenharmony_cifunction test2() { 521cb0ef41Sopenharmony_ci function check(pair) { 531cb0ef41Sopenharmony_ci // "TLS Web Client Authentication" 541cb0ef41Sopenharmony_ci assert.strictEqual(pair.cleartext.getPeerCertificate().ext_key_usage.length, 551cb0ef41Sopenharmony_ci 1); 561cb0ef41Sopenharmony_ci assert.strictEqual(pair.cleartext.getPeerCertificate().ext_key_usage[0], 571cb0ef41Sopenharmony_ci '1.3.6.1.5.5.7.3.2'); 581cb0ef41Sopenharmony_ci } 591cb0ef41Sopenharmony_ci test('keys/agent4-key.pem', 'keys/agent4-cert.pem', check); 601cb0ef41Sopenharmony_ci} 611cb0ef41Sopenharmony_ci 621cb0ef41Sopenharmony_cifunction test(keyPath, certPath, check, next) { 631cb0ef41Sopenharmony_ci const key = fixtures.readSync(keyPath).toString(); 641cb0ef41Sopenharmony_ci const cert = fixtures.readSync(certPath).toString(); 651cb0ef41Sopenharmony_ci 661cb0ef41Sopenharmony_ci const server = spawn(common.opensslCli, ['s_server', 671cb0ef41Sopenharmony_ci '-accept', 0, 681cb0ef41Sopenharmony_ci '-cert', fixtures.path(certPath), 691cb0ef41Sopenharmony_ci '-key', fixtures.path(keyPath), 701cb0ef41Sopenharmony_ci ...(useIPv4 ? ['-4'] : []), 711cb0ef41Sopenharmony_ci ]); 721cb0ef41Sopenharmony_ci server.stdout.pipe(process.stdout); 731cb0ef41Sopenharmony_ci server.stderr.pipe(process.stdout); 741cb0ef41Sopenharmony_ci 751cb0ef41Sopenharmony_ci 761cb0ef41Sopenharmony_ci let state = 'WAIT-ACCEPT'; 771cb0ef41Sopenharmony_ci 781cb0ef41Sopenharmony_ci let serverStdoutBuffer = ''; 791cb0ef41Sopenharmony_ci server.stdout.setEncoding('utf8'); 801cb0ef41Sopenharmony_ci server.stdout.on('data', function(s) { 811cb0ef41Sopenharmony_ci serverStdoutBuffer += s; 821cb0ef41Sopenharmony_ci console.log(state); 831cb0ef41Sopenharmony_ci switch (state) { 841cb0ef41Sopenharmony_ci case 'WAIT-ACCEPT': { 851cb0ef41Sopenharmony_ci const matches = serverStdoutBuffer.match(/ACCEPT .*?:(\d+)/); 861cb0ef41Sopenharmony_ci if (matches) { 871cb0ef41Sopenharmony_ci const port = matches[1]; 881cb0ef41Sopenharmony_ci state = 'WAIT-HELLO'; 891cb0ef41Sopenharmony_ci startClient(port); 901cb0ef41Sopenharmony_ci } 911cb0ef41Sopenharmony_ci break; 921cb0ef41Sopenharmony_ci } 931cb0ef41Sopenharmony_ci case 'WAIT-HELLO': 941cb0ef41Sopenharmony_ci if (/hello/.test(serverStdoutBuffer)) { 951cb0ef41Sopenharmony_ci 961cb0ef41Sopenharmony_ci // End the current SSL connection and exit. 971cb0ef41Sopenharmony_ci // See s_server(1ssl). 981cb0ef41Sopenharmony_ci server.stdin.write('Q'); 991cb0ef41Sopenharmony_ci 1001cb0ef41Sopenharmony_ci state = 'WAIT-SERVER-CLOSE'; 1011cb0ef41Sopenharmony_ci } 1021cb0ef41Sopenharmony_ci break; 1031cb0ef41Sopenharmony_ci 1041cb0ef41Sopenharmony_ci default: 1051cb0ef41Sopenharmony_ci break; 1061cb0ef41Sopenharmony_ci } 1071cb0ef41Sopenharmony_ci }); 1081cb0ef41Sopenharmony_ci 1091cb0ef41Sopenharmony_ci 1101cb0ef41Sopenharmony_ci const timeout = setTimeout(function() { 1111cb0ef41Sopenharmony_ci server.kill(); 1121cb0ef41Sopenharmony_ci process.exit(1); 1131cb0ef41Sopenharmony_ci }, 5000); 1141cb0ef41Sopenharmony_ci 1151cb0ef41Sopenharmony_ci let gotWriteCallback = false; 1161cb0ef41Sopenharmony_ci let serverExitCode = -1; 1171cb0ef41Sopenharmony_ci 1181cb0ef41Sopenharmony_ci server.on('exit', function(code) { 1191cb0ef41Sopenharmony_ci serverExitCode = code; 1201cb0ef41Sopenharmony_ci clearTimeout(timeout); 1211cb0ef41Sopenharmony_ci if (next) next(); 1221cb0ef41Sopenharmony_ci }); 1231cb0ef41Sopenharmony_ci 1241cb0ef41Sopenharmony_ci 1251cb0ef41Sopenharmony_ci function startClient(port) { 1261cb0ef41Sopenharmony_ci const s = new net.Stream(); 1271cb0ef41Sopenharmony_ci 1281cb0ef41Sopenharmony_ci const sslcontext = tls.createSecureContext({ key, cert }); 1291cb0ef41Sopenharmony_ci sslcontext.context.setCiphers('RC4-SHA:AES128-SHA:AES256-SHA'); 1301cb0ef41Sopenharmony_ci 1311cb0ef41Sopenharmony_ci const pair = tls.createSecurePair(sslcontext, false); 1321cb0ef41Sopenharmony_ci 1331cb0ef41Sopenharmony_ci assert.ok(pair.encrypted.writable); 1341cb0ef41Sopenharmony_ci assert.ok(pair.cleartext.writable); 1351cb0ef41Sopenharmony_ci 1361cb0ef41Sopenharmony_ci pair.encrypted.pipe(s); 1371cb0ef41Sopenharmony_ci s.pipe(pair.encrypted); 1381cb0ef41Sopenharmony_ci 1391cb0ef41Sopenharmony_ci s.connect(port); 1401cb0ef41Sopenharmony_ci 1411cb0ef41Sopenharmony_ci s.on('connect', function() { 1421cb0ef41Sopenharmony_ci console.log('client connected'); 1431cb0ef41Sopenharmony_ci setTimeout(function() { 1441cb0ef41Sopenharmony_ci pair.cleartext.write('hello\r\n', function() { 1451cb0ef41Sopenharmony_ci gotWriteCallback = true; 1461cb0ef41Sopenharmony_ci }); 1471cb0ef41Sopenharmony_ci }, 500); 1481cb0ef41Sopenharmony_ci }); 1491cb0ef41Sopenharmony_ci 1501cb0ef41Sopenharmony_ci pair.on('secure', function() { 1511cb0ef41Sopenharmony_ci console.log('client: connected+secure!'); 1521cb0ef41Sopenharmony_ci console.log('client pair.cleartext.getPeerCertificate(): %j', 1531cb0ef41Sopenharmony_ci pair.cleartext.getPeerCertificate()); 1541cb0ef41Sopenharmony_ci console.log('client pair.cleartext.getCipher(): %j', 1551cb0ef41Sopenharmony_ci pair.cleartext.getCipher()); 1561cb0ef41Sopenharmony_ci if (check) check(pair); 1571cb0ef41Sopenharmony_ci }); 1581cb0ef41Sopenharmony_ci 1591cb0ef41Sopenharmony_ci pair.cleartext.on('data', function(d) { 1601cb0ef41Sopenharmony_ci console.log('cleartext: %s', d.toString()); 1611cb0ef41Sopenharmony_ci }); 1621cb0ef41Sopenharmony_ci 1631cb0ef41Sopenharmony_ci s.on('close', function() { 1641cb0ef41Sopenharmony_ci console.log('client close'); 1651cb0ef41Sopenharmony_ci }); 1661cb0ef41Sopenharmony_ci 1671cb0ef41Sopenharmony_ci pair.encrypted.on('error', function(err) { 1681cb0ef41Sopenharmony_ci console.log(`encrypted error: ${err}`); 1691cb0ef41Sopenharmony_ci }); 1701cb0ef41Sopenharmony_ci 1711cb0ef41Sopenharmony_ci s.on('error', function(err) { 1721cb0ef41Sopenharmony_ci console.log(`socket error: ${err}`); 1731cb0ef41Sopenharmony_ci }); 1741cb0ef41Sopenharmony_ci 1751cb0ef41Sopenharmony_ci pair.on('error', function(err) { 1761cb0ef41Sopenharmony_ci console.log(`secure error: ${err}`); 1771cb0ef41Sopenharmony_ci }); 1781cb0ef41Sopenharmony_ci } 1791cb0ef41Sopenharmony_ci 1801cb0ef41Sopenharmony_ci 1811cb0ef41Sopenharmony_ci process.on('exit', function() { 1821cb0ef41Sopenharmony_ci assert.strictEqual(serverExitCode, 0); 1831cb0ef41Sopenharmony_ci assert.strictEqual(state, 'WAIT-SERVER-CLOSE'); 1841cb0ef41Sopenharmony_ci assert.ok(gotWriteCallback); 1851cb0ef41Sopenharmony_ci }); 1861cb0ef41Sopenharmony_ci} 187