| 'use strict'; |
| const common = require('../common'); |
| const fixtures = require('../common/fixtures'); |
| |
| // Test the honorCipherOrder property |
| |
| if (!common.hasCrypto) |
| common.skip('missing crypto'); |
| |
| const assert = require('assert'); |
| const mustCall = common.mustCall; |
| const tls = require('tls'); |
| const util = require('util'); |
| |
| // We explicitly set TLS version to 1.2 so as to be safe when the |
| // default method is updated in the future |
| const SSL_Method = 'TLSv1_2_method'; |
| const localhost = '127.0.0.1'; |
| |
| function test(honorCipherOrder, clientCipher, expectedCipher, defaultCiphers) { |
| const soptions = { |
| secureProtocol: SSL_Method, |
| key: fixtures.readKey('agent2-key.pem'), |
| cert: fixtures.readKey('agent2-cert.pem'), |
| ciphers: 'AES256-SHA256:AES128-GCM-SHA256:AES128-SHA256:' + |
| 'ECDHE-RSA-AES128-GCM-SHA256', |
| honorCipherOrder: honorCipherOrder, |
| }; |
| |
| const server = tls.createServer(soptions, mustCall(function(clearTextStream) { |
| // End socket to send CLOSE_NOTIFY and TCP FIN packet, otherwise |
| // it may hang for ~30 seconds in FIN_WAIT_1 state (at least on OSX). |
| clearTextStream.end(); |
| })); |
| server.listen(0, localhost, mustCall(function() { |
| const coptions = { |
| rejectUnauthorized: false, |
| secureProtocol: SSL_Method |
| }; |
| if (clientCipher) { |
| coptions.ciphers = clientCipher; |
| } |
| const port = this.address().port; |
| const savedDefaults = tls.DEFAULT_CIPHERS; |
| tls.DEFAULT_CIPHERS = defaultCiphers || savedDefaults; |
| const client = tls.connect(port, localhost, coptions, mustCall(function() { |
| const cipher = client.getCipher(); |
| client.end(); |
| server.close(); |
| const msg = util.format( |
| 'honorCipherOrder=%j, clientCipher=%j, expect=%j, got=%j', |
| honorCipherOrder, clientCipher, expectedCipher, cipher.name); |
| assert.strictEqual(cipher.name, expectedCipher, msg); |
| })); |
| tls.DEFAULT_CIPHERS = savedDefaults; |
| })); |
| } |
| |
| // Client explicitly has the preference of cipher suites, not the default. |
| test(false, 'AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256', |
| 'AES128-GCM-SHA256'); |
| |
| // Server has the preference of cipher suites, and AES256-SHA256 is |
| // the server's top choice. |
| test(true, 'AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256', |
| 'AES256-SHA256'); |
| test(undefined, 'AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256', |
| 'AES256-SHA256'); |
| |
| // Server has the preference of cipher suites. AES128-GCM-SHA256 is given |
| // higher priority over AES128-SHA256 among client cipher suites. |
| test(true, 'AES128-SHA256:AES128-GCM-SHA256', 'AES128-GCM-SHA256'); |
| test(undefined, 'AES128-SHA256:AES128-GCM-SHA256', 'AES128-GCM-SHA256'); |
| |
| |
| // As client has only one cipher, server has no choice, irrespective |
| // of honorCipherOrder. |
| test(true, 'AES128-SHA256', 'AES128-SHA256'); |
| test(undefined, 'AES128-SHA256', 'AES128-SHA256'); |
| |
| // Client did not explicitly set ciphers and client offers |
| // tls.DEFAULT_CIPHERS. All ciphers of the server are included in the |
| // default list so the negotiated cipher is selected according to the |
| // server's top preference of AES256-SHA256. |
| test(true, tls.DEFAULT_CIPHERS, 'AES256-SHA256'); |
| test(true, null, 'AES256-SHA256'); |
| test(undefined, null, 'AES256-SHA256'); |
| |
| // Ensure that `tls.DEFAULT_CIPHERS` is used when its a limited cipher set. |
| test(true, null, 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES128-GCM-SHA256'); |
