Skip to content

Commit

Permalink
test: openssl 3.4 returns decrypt_error upon PSK binder validation fa…
Browse files Browse the repository at this point in the history 
…ilure

According to RFC 8446 (TLS 1.3), a PSK binder validation failure should
result in decrypt_error rather than illegal_parameter which openssl had
been using. Update the tests to match openssl's fix.

Refs: openssl/openssl@02b8b7b
Refs: https://www.rfc-editor.org/rfc/rfc8446
  • Loading branch information
@adrien-n
adrien-n committed Dec 17, 2024
1 parent 6372fca commit cc18241
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions test/parallel/test-tls-psk-circuit.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,11 @@ const expectedHandshakeErr = common.hasOpenSSL(3, 2) ?
'ERR_SSL_SSL/TLS_ALERT_HANDSHAKE_FAILURE' : 'ERR_SSL_SSLV3_ALERT_HANDSHAKE_FAILURE';
test({ psk: USERS.UserB, identity: 'UserC' }, {}, expectedHandshakeErr);
// Recognized user but incorrect secret should fail handshake
const expectedIllegalParameterErr = common.hasOpenSSL(3, 2) ?
'ERR_SSL_SSL/TLS_ALERT_ILLEGAL_PARAMETER' : 'ERR_SSL_SSLV3_ALERT_ILLEGAL_PARAMETER';
const expectedIllegalParameterErr =
common.hasOpenSSL(3, 4)
? 'ERR_SSL_TLSV1_ALERT_DECRYPT_ERROR'

Check failure on line 71 in test/parallel/test-tls-psk-circuit.js

View workflow job for this annotation

GitHub Actions / lint-js-and-md 

Expected indentation of 4 spaces but found 2

Check failure on line 71 in test/parallel/test-tls-psk-circuit.js

View workflow job for this annotation

GitHub Actions / lint-js-and-md 

'?' should be placed at the end of the line
: (common.hasOpenSSL(3, 2)

Check failure on line 72 in test/parallel/test-tls-psk-circuit.js

View workflow job for this annotation

GitHub Actions / lint-js-and-md 

Expected indentation of 4 spaces but found 2

Check failure on line 72 in test/parallel/test-tls-psk-circuit.js

View workflow job for this annotation

GitHub Actions / lint-js-and-md 

':' should be placed at the end of the line
? 'ERR_SSL_SSL/TLS_ALERT_ILLEGAL_PARAMETER'

Check failure on line 73 in test/parallel/test-tls-psk-circuit.js

View workflow job for this annotation

GitHub Actions / lint-js-and-md 

Expected indentation of 6 spaces but found 4

Check failure on line 73 in test/parallel/test-tls-psk-circuit.js

View workflow job for this annotation

GitHub Actions / lint-js-and-md 

'?' should be placed at the end of the line
: 'ERR_SSL_SSLV3_ALERT_ILLEGAL_PARAMETER');

Check failure on line 74 in test/parallel/test-tls-psk-circuit.js

View workflow job for this annotation

GitHub Actions / lint-js-and-md 

Expected indentation of 6 spaces but found 4

Check failure on line 74 in test/parallel/test-tls-psk-circuit.js

View workflow job for this annotation

GitHub Actions / lint-js-and-md 

':' should be placed at the end of the line
test({ psk: USERS.UserA, identity: 'UserB' }, {}, expectedIllegalParameterErr);
test({ psk: USERS.UserB, identity: 'UserB' });

0 comments on commit cc18241

Please sign in to comment.