1// Copyright Joyent, Inc. and other Node contributors. 2// 3// Permission is hereby granted, free of charge, to any person obtaining a 4// copy of this software and associated documentation files (the 5// "Software"), to deal in the Software without restriction, including 6// without limitation the rights to use, copy, modify, merge, publish, 7// distribute, sublicense, and/or sell copies of the Software, and to permit 8// persons to whom the Software is furnished to do so, subject to the 9// following conditions: 10// 11// The above copyright notice and this permission notice shall be included 12// in all copies or substantial portions of the Software. 13// 14// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 15// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 16// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN 17// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, 18// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR 19// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE 20// USE OR OTHER DEALINGS IN THE SOFTWARE. 21 22'use strict'; 23const common = require('../common'); 24 25if (!common.hasCrypto) 26 common.skip('missing crypto'); 27 28const assert = require('assert'); 29const tls = require('tls'); 30// Import fixtures directly from its module 31const fixtures = require('../common/fixtures'); 32 33const options = { 34 key: fixtures.readKey('agent2-key.pem'), 35 cert: fixtures.readKey('agent2-cert.pem'), 36 honorCipherOrder: true 37}; 38 39let clients = 0; 40const server = tls.createServer(options, common.mustCall(() => { 41 if (--clients === 0) 42 server.close(); 43}, 2)); 44 45server.listen(0, '127.0.0.1', common.mustCall(function() { 46 clients++; 47 tls.connect({ 48 host: '127.0.0.1', 49 port: this.address().port, 50 ciphers: 'AES128-SHA256', 51 rejectUnauthorized: false 52 }, common.mustCall(function() { 53 const cipher = this.getCipher(); 54 assert.strictEqual(cipher.name, 'AES128-SHA256'); 55 assert.strictEqual(cipher.standardName, 'TLS_RSA_WITH_AES_128_CBC_SHA256'); 56 assert.strictEqual(cipher.version, 'TLSv1.2'); 57 this.end(); 58 })); 59 60 clients++; 61 tls.connect({ 62 host: '127.0.0.1', 63 port: this.address().port, 64 ciphers: 'ECDHE-RSA-AES128-GCM-SHA256', 65 rejectUnauthorized: false 66 }, common.mustCall(function() { 67 const cipher = this.getCipher(); 68 assert.strictEqual(cipher.name, 'ECDHE-RSA-AES128-GCM-SHA256'); 69 assert.strictEqual(cipher.standardName, 70 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256'); 71 assert.strictEqual(cipher.version, 'TLSv1.2'); 72 this.end(); 73 })); 74})); 75 76tls.createServer({ 77 key: fixtures.readKey('agent2-key.pem'), 78 cert: fixtures.readKey('agent2-cert.pem'), 79 ciphers: 'TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_8_SHA256', 80 maxVersion: 'TLSv1.3', 81}, common.mustCall(function() { 82 this.close(); 83})).listen(0, common.mustCall(function() { 84 const client = tls.connect({ 85 port: this.address().port, 86 ciphers: 'TLS_AES_128_CCM_8_SHA256', 87 maxVersion: 'TLSv1.3', 88 rejectUnauthorized: false 89 }, common.mustCall(() => { 90 const cipher = client.getCipher(); 91 assert.strictEqual(cipher.name, 'TLS_AES_128_CCM_8_SHA256'); 92 assert.strictEqual(cipher.standardName, cipher.name); 93 assert.strictEqual(cipher.version, 'TLSv1.3'); 94 client.end(); 95 })); 96})); 97