1'use strict'; 2const common = require('../common'); 3const fixtures = require('../common/fixtures'); 4 5// Test the honorCipherOrder property 6 7if (!common.hasCrypto) 8 common.skip('missing crypto'); 9 10const assert = require('assert'); 11const mustCall = common.mustCall; 12const tls = require('tls'); 13const util = require('util'); 14 15// We explicitly set TLS version to 1.2 so as to be safe when the 16// default method is updated in the future 17const SSL_Method = 'TLSv1_2_method'; 18const localhost = '127.0.0.1'; 19 20function test(honorCipherOrder, clientCipher, expectedCipher, defaultCiphers) { 21 const soptions = { 22 secureProtocol: SSL_Method, 23 key: fixtures.readKey('agent2-key.pem'), 24 cert: fixtures.readKey('agent2-cert.pem'), 25 ciphers: 'AES256-SHA256:AES128-GCM-SHA256:AES128-SHA256:' + 26 'ECDHE-RSA-AES128-GCM-SHA256', 27 honorCipherOrder: honorCipherOrder, 28 }; 29 30 const server = tls.createServer(soptions, mustCall(function(clearTextStream) { 31 // End socket to send CLOSE_NOTIFY and TCP FIN packet, otherwise 32 // it may hang for ~30 seconds in FIN_WAIT_1 state (at least on OSX). 33 clearTextStream.end(); 34 })); 35 server.listen(0, localhost, mustCall(function() { 36 const coptions = { 37 rejectUnauthorized: false, 38 secureProtocol: SSL_Method 39 }; 40 if (clientCipher) { 41 coptions.ciphers = clientCipher; 42 } 43 const port = this.address().port; 44 const savedDefaults = tls.DEFAULT_CIPHERS; 45 tls.DEFAULT_CIPHERS = defaultCiphers || savedDefaults; 46 const client = tls.connect(port, localhost, coptions, mustCall(function() { 47 const cipher = client.getCipher(); 48 client.end(); 49 server.close(); 50 const msg = util.format( 51 'honorCipherOrder=%j, clientCipher=%j, expect=%j, got=%j', 52 honorCipherOrder, clientCipher, expectedCipher, cipher.name); 53 assert.strictEqual(cipher.name, expectedCipher, msg); 54 })); 55 tls.DEFAULT_CIPHERS = savedDefaults; 56 })); 57} 58 59// Client explicitly has the preference of cipher suites, not the default. 60test(false, 'AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256', 61 'AES128-GCM-SHA256'); 62 63// Server has the preference of cipher suites, and AES256-SHA256 is 64// the server's top choice. 65test(true, 'AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256', 66 'AES256-SHA256'); 67test(undefined, 'AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256', 68 'AES256-SHA256'); 69 70// Server has the preference of cipher suites. AES128-GCM-SHA256 is given 71// higher priority over AES128-SHA256 among client cipher suites. 72test(true, 'AES128-SHA256:AES128-GCM-SHA256', 'AES128-GCM-SHA256'); 73test(undefined, 'AES128-SHA256:AES128-GCM-SHA256', 'AES128-GCM-SHA256'); 74 75 76// As client has only one cipher, server has no choice, irrespective 77// of honorCipherOrder. 78test(true, 'AES128-SHA256', 'AES128-SHA256'); 79test(undefined, 'AES128-SHA256', 'AES128-SHA256'); 80 81// Client did not explicitly set ciphers and client offers 82// tls.DEFAULT_CIPHERS. All ciphers of the server are included in the 83// default list so the negotiated cipher is selected according to the 84// server's top preference of AES256-SHA256. 85test(true, tls.DEFAULT_CIPHERS, 'AES256-SHA256'); 86test(true, null, 'AES256-SHA256'); 87test(undefined, null, 'AES256-SHA256'); 88 89// Ensure that `tls.DEFAULT_CIPHERS` is used when its a limited cipher set. 90test(true, null, 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES128-GCM-SHA256'); 91