1// Copyright Joyent, Inc. and other Node contributors. 2// 3// Permission is hereby granted, free of charge, to any person obtaining a 4// copy of this software and associated documentation files (the 5// "Software"), to deal in the Software without restriction, including 6// without limitation the rights to use, copy, modify, merge, publish, 7// distribute, sublicense, and/or sell copies of the Software, and to permit 8// persons to whom the Software is furnished to do so, subject to the 9// following conditions: 10// 11// The above copyright notice and this permission notice shall be included 12// in all copies or substantial portions of the Software. 13// 14// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 15// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 16// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN 17// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, 18// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR 19// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE 20// USE OR OTHER DEALINGS IN THE SOFTWARE. 21 22'use strict'; 23const common = require('../common'); 24 25if (!common.hasCrypto) 26 common.skip('missing crypto'); 27 28const assert = require('assert'); 29const tls = require('tls'); 30// Import fixtures directly from its module 31const fixtures = require('../common/fixtures'); 32 33const options = { 34 key: fixtures.readKey('agent2-key.pem'), 35 cert: fixtures.readKey('agent2-cert.pem'), 36 honorCipherOrder: true 37}; 38 39let clients = 0; 40const server = tls.createServer(options, common.mustCall(() => { 41 if (--clients === 0) 42 server.close(); 43}, 2)); 44 45server.listen(0, '127.0.0.1', common.mustCall(function() { 46 clients++; 47 tls.connect({ 48 host: '127.0.0.1', 49 port: this.address().port, 50 ciphers: 'AES128-SHA256', 51 rejectUnauthorized: false, 52 maxVersion: 'TLSv1.2', 53 }, common.mustCall(function() { 54 const cipher = this.getCipher(); 55 assert.strictEqual(cipher.name, 'AES128-SHA256'); 56 assert.strictEqual(cipher.standardName, 'TLS_RSA_WITH_AES_128_CBC_SHA256'); 57 assert.strictEqual(cipher.version, 'TLSv1.2'); 58 this.end(); 59 })); 60 61 clients++; 62 tls.connect({ 63 host: '127.0.0.1', 64 port: this.address().port, 65 ciphers: 'ECDHE-RSA-AES128-GCM-SHA256', 66 rejectUnauthorized: false, 67 maxVersion: 'TLSv1.2', 68 }, common.mustCall(function() { 69 const cipher = this.getCipher(); 70 assert.strictEqual(cipher.name, 'ECDHE-RSA-AES128-GCM-SHA256'); 71 assert.strictEqual(cipher.standardName, 72 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256'); 73 assert.strictEqual(cipher.version, 'TLSv1.2'); 74 this.end(); 75 })); 76})); 77 78tls.createServer({ 79 key: fixtures.readKey('agent2-key.pem'), 80 cert: fixtures.readKey('agent2-cert.pem'), 81 ciphers: 'TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_8_SHA256', 82 maxVersion: 'TLSv1.3', 83}, common.mustCall(function() { 84 this.close(); 85})).listen(0, common.mustCall(function() { 86 const client = tls.connect({ 87 port: this.address().port, 88 ciphers: 'TLS_AES_128_CCM_8_SHA256', 89 maxVersion: 'TLSv1.3', 90 rejectUnauthorized: false 91 }, common.mustCall(() => { 92 const cipher = client.getCipher(); 93 assert.strictEqual(cipher.name, 'TLS_AES_128_CCM_8_SHA256'); 94 assert.strictEqual(cipher.standardName, cipher.name); 95 assert.strictEqual(cipher.version, 'TLSv1.3'); 96 client.end(); 97 })); 98})); 99