File: dhe_compat.js

package info (click to toggle)
node-sshpk 1.17.0%2Bdfsg-2
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, sid, trixie
  • size: 996 kB
  • sloc: javascript: 8,446; makefile: 44
file content (112 lines) | stat: -rw-r--r-- 3,172 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
 
// Copyright 2017 Joyent, Inc.  All rights reserved.

var test = require('tape').test;

var sshpk = require('../lib/index');
var sshpk_dhe;
var fs = require('fs');
var path = require('path');
var crypto = require('crypto');
var sinon = require('sinon');
var Buffer = require('safer-buffer').Buffer;

/* No need to do these on an older node */
if (crypto.createECDH === undefined)
	return;

var ED_KEY, ED2_KEY, EC_KEY, EC2_KEY, ECOUT_KEY, DS_KEY, DS2_KEY, DSOUT_KEY;
var C_KEY, C2_KEY;
var C_SSH;

var testDir = path.join(__dirname, 'assets');

var sandbox;

test('set up sandbox', function (t) {
	sandbox = sinon.createSandbox();
	sandbox.stub(crypto, 'createECDH');
	t.ok(crypto.createECDH('prime256v1') === undefined);

	var name = require.resolve('../lib/dhe');
	delete (require.cache[name]);
	sshpk_dhe = require('../lib/dhe');

	t.end();
});

test('setup', function (t) {
	var k = fs.readFileSync(path.join(testDir, 'id_ed25519'));
	ED_KEY = sshpk.parsePrivateKey(k);
	k = fs.readFileSync(path.join(testDir, 'id_ed255192'));
	ED2_KEY = sshpk.parsePrivateKey(k);
	k = fs.readFileSync(path.join(testDir, 'id_ecdsa2'));
	EC_KEY = sshpk.parsePrivateKey(k);
	k = fs.readFileSync(path.join(testDir, 'id_ecdsa3'));
	EC2_KEY = sshpk.parsePrivateKey(k);
	k = fs.readFileSync(path.join(testDir, 'id_ecdsa'));
	ECOUT_KEY = sshpk.parsePrivateKey(k);
	k = fs.readFileSync(path.join(testDir, 'id_dsa2'));
	DS_KEY = sshpk.parsePrivateKey(k);
	k = fs.readFileSync(path.join(testDir, 'id_dsa3'));
	DS2_KEY = sshpk.parsePrivateKey(k);
	k = fs.readFileSync(path.join(testDir, 'id_dsa'));
	DSOUT_KEY = sshpk.parsePrivateKey(k);
	t.end();
});

test('ecdhe shared secret', function (t) {
	var dh1 = new sshpk_dhe.DiffieHellman(EC_KEY);
	var secret1 = dh1.computeSecret(EC2_KEY.toPublic());
	t.ok(Buffer.isBuffer(secret1));
	t.deepEqual(secret1, Buffer.from(
	    'UoKiio/gnWj4BdV41YvoHu9yhjynGBmphZ1JFbpk30o=', 'base64'));

	var dh2 = new sshpk_dhe.DiffieHellman(EC2_KEY);
	var secret2 = dh2.computeSecret(EC_KEY.toPublic());
	t.deepEqual(secret1, secret2);
	t.end();
});

test('ecdhe generate ephemeral', function (t) {
	var dh = new sshpk_dhe.DiffieHellman(EC_KEY);
	var ek = dh.generateKey();
	t.ok(ek instanceof sshpk.PrivateKey);
	t.strictEqual(ek.type, 'ecdsa');
	t.strictEqual(ek.curve, 'nistp256');

	var secret1 = dh.computeSecret(EC_KEY);
	var secret2 = (new sshpk_dhe.DiffieHellman(EC_KEY)).computeSecret(ek);
	t.deepEqual(secret1, secret2);
	t.end();
});

test('ecdhe reject diff curves', function (t) {
	var dh = new sshpk_dhe.DiffieHellman(EC_KEY);
	t.throws(function () {
		dh.computeSecret(ECOUT_KEY.toPublic());
	});
	t.throws(function () {
		dh.setKey(ECOUT_KEY);
	});
	dh.setKey(EC2_KEY);
	t.strictEqual(dh.getKey().fingerprint().toString(),
	    EC2_KEY.fingerprint().toString());
	t.strictEqual(dh.getPublicKey().fingerprint().toString(),
	    EC2_KEY.fingerprint().toString());

	var dh2 = new sshpk_dhe.DiffieHellman(ECOUT_KEY);
	t.throws(function () {
		dh2.setKey(EC_KEY);
	});

	dh2 = new sshpk_dhe.DiffieHellman(EC_KEY);
	t.throws(function () {
		dh2.setKey(C_KEY);
	});
	t.end();
});

test('tear down sandbox', function (t) {
	sandbox.restore();
	t.end();
});