@@ -7,6 +7,21 @@ const assert = require('assert');
77const crypto = require ( 'crypto' ) ;
88const { hasOpenSSL } = require ( '../common/crypto' ) ;
99
10+ // Error code for a key-type mismatch during (EC)DH. The underlying OpenSSL
11+ // error code varies by version, and in OpenSSL 4.0 by platform: some builds
12+ // report a generic internal error instead of a typed key-type mismatch.
13+ // https://github.com/openssl/openssl/issues/30895
14+ // TODO(panva): Tighten this check once/if fixed.
15+ let keyTypeMismatchCode ;
16+ if ( hasOpenSSL ( 4 , 0 ) ) {
17+ keyTypeMismatchCode =
18+ / ^ E R R _ O S S L _ E V P _ ( O P E R A T I O N _ N O T _ S U P P O R T E D _ F O R _ T H I S _ K E Y T Y P E | I N T E R N A L _ E R R O R ) $ / ;
19+ } else if ( hasOpenSSL ( 3 ) ) {
20+ keyTypeMismatchCode = 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' ;
21+ } else {
22+ keyTypeMismatchCode = 'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES' ;
23+ }
24+
1025assert . throws ( ( ) => crypto . diffieHellman ( ) , {
1126 name : 'TypeError' ,
1227 code : 'ERR_INVALID_ARG_TYPE' ,
@@ -397,9 +412,7 @@ test(crypto.generateKeyPairSync('x25519'),
397412 privateKey : crypto . generateKeyPairSync ( 'x448' ) . privateKey ,
398413 publicKey : crypto . generateKeyPairSync ( 'x25519' ) . publicKey ,
399414 } ;
400- testDHError ( options , { code : hasOpenSSL ( 3 ) ?
401- 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' :
402- 'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES' } ) ;
415+ testDHError ( options , { code : keyTypeMismatchCode } ) ;
403416}
404417
405418// Test all key encoding formats
@@ -541,23 +554,21 @@ for (const { privateKey: alicePriv, publicKey: bobPub } of [
541554 testDHError ( {
542555 privateKey : privKey ( ec256 . privateKey ) ,
543556 publicKey : pubKey ( x25519 . publicKey ) ,
544- } , { code : hasOpenSSL ( 3 ) ?
545- 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' :
546- 'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES' } ) ;
557+ } , { code : keyTypeMismatchCode } ) ;
547558
548559 // Unsupported key type (ed25519)
549560 testDHError ( {
550561 privateKey : privKey ( ed25519 . privateKey ) ,
551562 publicKey : pubKey ( ed25519 . publicKey ) ,
552- } , { code : 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' } ) ;
563+ } , { code : hasOpenSSL ( 4 , 0 ) ?
564+ / ^ E R R _ O S S L _ E V P _ ( O P E R A T I O N _ N O T _ S U P P O R T E D _ F O R _ T H I S _ K E Y T Y P E | I N T E R N A L _ E R R O R ) $ /
565+ 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' } ) ;
553566
554567 // Incompatible key types (x448 + x25519)
555568 testDHError ( {
556569 privateKey : privKey ( x448 . privateKey ) ,
557570 publicKey : pubKey ( x25519 . publicKey ) ,
558- } , { code : hasOpenSSL ( 3 ) ?
559- 'ERR_OSSL_EVP_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE' :
560- 'ERR_OSSL_EVP_DIFFERENT_KEY_TYPES' } ) ;
571+ } , { code : keyTypeMismatchCode } ) ;
561572
562573 // Zero x25519 public key
563574 testDHError ( {
0 commit comments