Skip to content

Commit 521deae

Browse files
panvapanva
committed
test: ensure unsupported PQC key generation and import
1 parent 2f37933 commit 521deae

File tree

3 files changed

+68
-41
lines changed

3 files changed

+68
-41
lines changed

test/parallel/test-crypto-pqc-key-objects.js

Lines changed: 52 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -6,9 +6,6 @@ if (!common.hasCrypto)
66

77
const { hasOpenSSL } = require('../common/crypto');
88

9-
if (!hasOpenSSL(3, 5))
10-
common.skip('requires OpenSSL 3.5');
11-
129
const assert = require('assert');
1310
const {
1411
createPublicKey,
@@ -83,20 +80,32 @@ for (const [asymmetricKeyType, pubLen] of [
8380
}
8481
}
8582

86-
const publicKey = createPublicKey(keys.public);
87-
assertPublicKey(publicKey);
88-
89-
{
90-
for (const [pem, hasSeed] of [
91-
[keys.private, true],
92-
[keys.private_seed_only, true],
93-
[keys.private_priv_only, false],
94-
]) {
95-
const pubFromPriv = createPublicKey(pem);
96-
assertPublicKey(pubFromPriv);
97-
assertPrivateKey(createPrivateKey(pem), hasSeed);
98-
assert.strictEqual(pubFromPriv.equals(publicKey), true);
99-
assert.deepStrictEqual(pubFromPriv, publicKey);
83+
if (!hasOpenSSL(3, 5)) {
84+
assert.throws(() => createPublicKey(keys.public), {
85+
code: hasOpenSSL(3) ? 'ERR_OSSL_EVP_DECODE_ERROR' : 'ERR_OSSL_EVP_UNSUPPORTED_ALGORITHM',
86+
});
87+
88+
for (const pem of [keys.private, keys.private_seed_only, keys.private_priv_only]) {
89+
assert.throws(() => createPrivateKey(pem), {
90+
code: hasOpenSSL(3) ? 'ERR_OSSL_UNSUPPORTED' : 'ERR_OSSL_EVP_UNSUPPORTED_ALGORITHM',
91+
});
92+
}
93+
} else {
94+
const publicKey = createPublicKey(keys.public);
95+
assertPublicKey(publicKey);
96+
97+
{
98+
for (const [pem, hasSeed] of [
99+
[keys.private, true],
100+
[keys.private_seed_only, true],
101+
[keys.private_priv_only, false],
102+
]) {
103+
const pubFromPriv = createPublicKey(pem);
104+
assertPublicKey(pubFromPriv);
105+
assertPrivateKey(createPrivateKey(pem), hasSeed);
106+
assert.strictEqual(pubFromPriv.equals(publicKey), true);
107+
assert.deepStrictEqual(pubFromPriv, publicKey);
108+
}
100109
}
101110
}
102111
}
@@ -140,20 +149,32 @@ for (const asymmetricKeyType of ['ml-kem-512', 'ml-kem-768', 'ml-kem-1024']) {
140149
{ code: 'ERR_CRYPTO_JWK_UNSUPPORTED_KEY_TYPE', message: 'Unsupported JWK Key Type.' });
141150
}
142151

143-
const publicKey = createPublicKey(keys.public);
144-
assertPublicKey(publicKey);
145-
146-
{
147-
for (const [pem, hasSeed] of [
148-
[keys.private, true],
149-
[keys.private_seed_only, true],
150-
[keys.private_priv_only, false],
151-
]) {
152-
const pubFromPriv = createPublicKey(pem);
153-
assertPublicKey(pubFromPriv);
154-
assertPrivateKey(createPrivateKey(pem), hasSeed);
155-
assert.strictEqual(pubFromPriv.equals(publicKey), true);
156-
assert.deepStrictEqual(pubFromPriv, publicKey);
152+
if (!hasOpenSSL(3, 5)) {
153+
assert.throws(() => createPublicKey(keys.public), {
154+
code: hasOpenSSL(3) ? 'ERR_OSSL_EVP_DECODE_ERROR' : 'ERR_OSSL_EVP_UNSUPPORTED_ALGORITHM',
155+
});
156+
157+
for (const pem of [keys.private, keys.private_seed_only, keys.private_priv_only]) {
158+
assert.throws(() => createPrivateKey(pem), {
159+
code: hasOpenSSL(3) ? 'ERR_OSSL_UNSUPPORTED' : 'ERR_OSSL_EVP_UNSUPPORTED_ALGORITHM',
160+
});
161+
}
162+
} else {
163+
const publicKey = createPublicKey(keys.public);
164+
assertPublicKey(publicKey);
165+
166+
{
167+
for (const [pem, hasSeed] of [
168+
[keys.private, true],
169+
[keys.private_seed_only, true],
170+
[keys.private_priv_only, false],
171+
]) {
172+
const pubFromPriv = createPublicKey(pem);
173+
assertPublicKey(pubFromPriv);
174+
assertPrivateKey(createPrivateKey(pem), hasSeed);
175+
assert.strictEqual(pubFromPriv.equals(publicKey), true);
176+
assert.deepStrictEqual(pubFromPriv, publicKey);
177+
}
157178
}
158179
}
159180
}

test/parallel/test-crypto-pqc-keygen-ml-dsa.js

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -6,16 +6,19 @@ if (!common.hasCrypto)
66

77
const { hasOpenSSL } = require('../common/crypto');
88

9-
if (!hasOpenSSL(3, 5))
10-
common.skip('requires OpenSSL 3.5');
11-
129
const assert = require('assert');
1310
const {
1411
generateKeyPair,
1512
} = require('crypto');
1613

17-
// ML-DSA
18-
{
14+
if (!hasOpenSSL(3, 5)) {
15+
for (const asymmetricKeyType of ['ml-dsa-44', 'ml-dsa-65', 'ml-dsa-87']) {
16+
assert.throws(() => generateKeyPair(asymmetricKeyType, common.mustNotCall()), {
17+
code: 'ERR_INVALID_ARG_VALUE',
18+
message: /The argument 'type' must be a supported key type/
19+
});
20+
}
21+
} else {
1922
for (const [asymmetricKeyType, pubLen] of [
2023
['ml-dsa-44', 1312], ['ml-dsa-65', 1952], ['ml-dsa-87', 2592],
2124
]) {

test/parallel/test-crypto-pqc-keygen-ml-kem.js

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -6,16 +6,19 @@ if (!common.hasCrypto)
66

77
const { hasOpenSSL } = require('../common/crypto');
88

9-
if (!hasOpenSSL(3, 5))
10-
common.skip('requires OpenSSL 3.5');
11-
129
const assert = require('assert');
1310
const {
1411
generateKeyPair,
1512
} = require('crypto');
1613

17-
// ML-KEM
18-
{
14+
if (!hasOpenSSL(3, 5)) {
15+
for (const asymmetricKeyType of ['ml-kem-512', 'ml-kem-768', 'ml-kem-1024']) {
16+
assert.throws(() => generateKeyPair(asymmetricKeyType, common.mustNotCall()), {
17+
code: 'ERR_INVALID_ARG_VALUE',
18+
message: /The argument 'type' must be a supported key type/
19+
});
20+
}
21+
} else {
1922
for (const asymmetricKeyType of ['ml-kem-512', 'ml-kem-768', 'ml-kem-1024']) {
2023
for (const [publicKeyEncoding, validate] of [
2124
[undefined, (publicKey) => {

0 commit comments

Comments
 (0)