mirror of
https://github.com/nodejs/node.git
synced 2024-11-21 10:59:27 +00:00
crypto: return a clearer error when loading an unsupported pkcs12
PR-URL: https://github.com/nodejs/node/pull/54485 Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This commit is contained in:
parent
a48852be17
commit
65b4fb840e
@ -1148,6 +1148,16 @@ done:
|
|||||||
if (!ret) {
|
if (!ret) {
|
||||||
// TODO(@jasnell): Should this use ThrowCryptoError?
|
// TODO(@jasnell): Should this use ThrowCryptoError?
|
||||||
unsigned long err = ERR_get_error(); // NOLINT(runtime/int)
|
unsigned long err = ERR_get_error(); // NOLINT(runtime/int)
|
||||||
|
|
||||||
|
#if OPENSSL_VERSION_MAJOR >= 3
|
||||||
|
if (ERR_GET_REASON(err) == ERR_R_UNSUPPORTED) {
|
||||||
|
// OpenSSL's "unsupported" error without any context is very
|
||||||
|
// common and not very helpful, so we override it:
|
||||||
|
return THROW_ERR_CRYPTO_UNSUPPORTED_OPERATION(
|
||||||
|
env, "Unsupported PKCS12 PFX data");
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
const char* str = ERR_reason_error_string(err);
|
const char* str = ERR_reason_error_string(err);
|
||||||
str = str != nullptr ? str : "Unknown error";
|
str = str != nullptr ? str : "Unknown error";
|
||||||
|
|
||||||
|
BIN
test/fixtures/keys/legacy.pfx
vendored
Normal file
BIN
test/fixtures/keys/legacy.pfx
vendored
Normal file
Binary file not shown.
27
test/parallel/test-tls-legacy-pfx.js
Normal file
27
test/parallel/test-tls-legacy-pfx.js
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
'use strict';
|
||||||
|
const common = require('../common');
|
||||||
|
if (!common.hasCrypto)
|
||||||
|
common.skip('missing crypto');
|
||||||
|
if (!common.hasOpenSSL3)
|
||||||
|
common.skip('OpenSSL legacy failures are only testable with OpenSSL 3+');
|
||||||
|
|
||||||
|
const fixtures = require('../common/fixtures');
|
||||||
|
|
||||||
|
const {
|
||||||
|
assert, connect, keys
|
||||||
|
} = require(fixtures.path('tls-connect'));
|
||||||
|
|
||||||
|
const legacyPfx = fixtures.readKey('legacy.pfx');
|
||||||
|
|
||||||
|
connect({
|
||||||
|
client: {
|
||||||
|
pfx: legacyPfx,
|
||||||
|
passphrase: 'legacy',
|
||||||
|
rejectUnauthorized: false
|
||||||
|
},
|
||||||
|
server: keys.agent1
|
||||||
|
}, common.mustCall((e, pair, cleanup) => {
|
||||||
|
assert.strictEqual(e.code, 'ERR_CRYPTO_UNSUPPORTED_OPERATION');
|
||||||
|
assert.strictEqual(e.message, 'Unsupported PKCS12 PFX data');
|
||||||
|
cleanup();
|
||||||
|
}));
|
Loading…
Reference in New Issue
Block a user