탐색 도움말
로그인
Helios
/
HeliosAPI
5
0
포크 0
파일 이슈 0 풀 리퀘스트 0 위키
브렌치: master
브랜치 태그
HeliosAPI
/
node_modules
/
ssh2
/
test
/
test-protocol-crypto.js

test-protocol-crypto.js 19 KB
고유링크 히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609 
  1. 'use strict';
    2. 

  2. 

  3. const assert = require('assert');
    4. 

  4. const { randomBytes } = require('crypto');
    5. 

  5. 

  6. const {
    7. 

  7.   CIPHER_INFO,
    8. 

  8.   MAC_INFO,
    9. 

  9.   bindingAvailable,
    10. 

  10.   NullCipher,
    11. 

  11.   createCipher,
    12. 

  12.   NullDecipher,
    13. 

  13.   createDecipher,
    14. 

  14.   init: cryptoInit,
    15. 

  15. } = require('../lib/protocol/crypto.js');
    16. 

  16. 

  17. (async () => {
    18. 

  18.   await cryptoInit;
    19. 

  19. 

  20.   console.log(`Crypto binding ${bindingAvailable ? '' : 'not '}available`);
    21. 

  21.   {
    22. 

  22.     const PAIRS = [
    23. 

  23.       // cipher, decipher
    24. 

  24.       ['native', 'native'],
    25. 

  25.       ['binding', 'native'],
    26. 

  26.       ['native', 'binding'],
    27. 

  27.       ['binding', 'binding'],
    28. 

  28.     ].slice(0, bindingAvailable ? 4 : 1);
    29. 

  29. 

  30.     [
    31. 

  31.       { cipher: null },
    32. 

  32.       { cipher: 'chacha20-poly1305@openssh.com' },
    33. 

  33.       { cipher: 'aes128-gcm@openssh.com' },
    34. 

  34.       { cipher: 'aes128-cbc', mac: 'hmac-sha1-etm@openssh.com' },
    35. 

  35.       { cipher: 'aes128-ctr', mac: 'hmac-sha1' },
    36. 

  36.       { cipher: 'arcfour', mac: 'hmac-sha2-256-96' },
    37. 

  37.     ].forEach((testConfig) => {
    38. 

  38.       for (const pair of PAIRS) {
    39. 

  39.         function onCipherData(data) {
    40. 

  40.           ciphered = Buffer.concat([ciphered, data]);
    41. 

  41.         }
    42. 

  42. 

  43.         function onDecipherPayload(payload) {
    44. 

  44.           deciphered.push(payload);
    45. 

  45.         }
    46. 

  46. 

  47.         function reset() {
    48. 

  48.           ciphered = Buffer.alloc(0);
    49. 

  49.           deciphered = [];
    50. 

  50.         }
    51. 

  51. 

  52.         function reinit() {
    53. 

  53.           if (testConfig.cipher === null) {
    54. 

  54.             cipher = new NullCipher(1, onCipherData);
    55. 

  55.             decipher = new NullDecipher(1, onDecipherPayload);
    56. 

  56.           } else {
    57. 

  57.             cipher = createCipher(config);
    58. 

  58.             decipher = createDecipher(config);
    59. 

  59.           }
    60. 

  60.         }
    61. 

  61. 

  62.         let ciphered;
    63. 

  63.         let deciphered;
    64. 

  64.         let cipher;
    65. 

  65.         let decipher;
    66. 

  66.         let macSize;
    67. 

  67.         let packet;
    68. 

  68.         let payload;
    69. 

  69.         let cipherInfo;
    70. 

  70.         let config;
    71. 

  71. 

  72.         console.log('Testing cipher: %s, mac: %s (%s encrypt, %s decrypt) ...',
    73. 

  73.                     testConfig.cipher,
    74. 

  74.                     testConfig.mac
    75. 

  75.                       || (testConfig.cipher === null ? '<none>' : '<implicit>'),
    76. 

  76.                     pair[0],
    77. 

  77.                     pair[1]);
    78. 

  78. 

  79.         if (testConfig.cipher === null) {
    80. 

  80.           cipher = new NullCipher(1, onCipherData);
    81. 

  81.           decipher = new NullDecipher(1, onDecipherPayload);
    82. 

  82.           macSize = 0;
    83. 

  83.         } else {
    84. 

  84.           cipherInfo = CIPHER_INFO[testConfig.cipher];
    85. 

  85.           let macInfo;
    86. 

  86.           let macKey;
    87. 

  87.           if (testConfig.mac) {
    88. 

  88.             macInfo = MAC_INFO[testConfig.mac];
    89. 

  89.             macKey = randomBytes(macInfo.len);
    90. 

  90.             macSize = macInfo.actualLen;
    91. 

  91.           } else if (cipherInfo.authLen) {
    92. 

  92.             macSize = cipherInfo.authLen;
    93. 

  93.           } else {
    94. 

  94.             throw new Error('Missing MAC for cipher');
    95. 

  95.           }
    96. 

  96.           const key = randomBytes(cipherInfo.keyLen);
    97. 

  97.           const iv = (cipherInfo.ivLen
    98. 

  98.                       ? randomBytes(cipherInfo.ivLen)
    99. 

  99.                       : Buffer.alloc(0));
    100. 

  100.           config = {
    101. 

  101.             outbound: {
    102. 

  102.               onWrite: onCipherData,
    103. 

  103.               cipherInfo,
    104. 

  104.               cipherKey: Buffer.from(key),
    105. 

  105.               cipherIV: Buffer.from(iv),
    106. 

  106.               seqno: 1,
    107. 

  107.               macInfo,
    108. 

  108.               macKey: (macKey && Buffer.from(macKey)),
    109. 

  109.               forceNative: (pair[0] === 'native'),
    110. 

  110.             },
    111. 

  111.             inbound: {
    112. 

  112.               onPayload: onDecipherPayload,
    113. 

  113.               decipherInfo: cipherInfo,
    114. 

  114.               decipherKey: Buffer.from(key),
    115. 

  115.               decipherIV: Buffer.from(iv),
    116. 

  116.               seqno: 1,
    117. 

  117.               macInfo,
    118. 

  118.               macKey: (macKey && Buffer.from(macKey)),
    119. 

  119.               forceNative: (pair[1] === 'native'),
    120. 

  120.             },
    121. 

  121.           };
    122. 

  122.           cipher = createCipher(config);
    123. 

  123.           decipher = createDecipher(config);
    124. 

  124. 

  125.           if (pair[0] === 'binding')
    126. 

  126.             assert(/binding/i.test(cipher.constructor.name));
    127. 

  127.           else
    128. 

  128.             assert(/native/i.test(cipher.constructor.name));
    129. 

  129.           if (pair[1] === 'binding')
    130. 

  130.             assert(/binding/i.test(decipher.constructor.name));
    131. 

  131.           else
    132. 

  132.             assert(/native/i.test(decipher.constructor.name));
    133. 

  133.         }
    134. 

  134. 

  135.         let expectedSeqno;
    136. 

  136.         // Test zero-length payload ============================================
    137. 

  137.         payload = Buffer.alloc(0);
    138. 

  138.         expectedSeqno = 2;
    139. 

  139. 

  140.         reset();
    141. 

  141.         packet = cipher.allocPacket(payload.length);
    142. 

  142.         payload.copy(packet, 5);
    143. 

  143.         cipher.encrypt(packet);
    144. 

  144.         assert.strictEqual(decipher.decrypt(ciphered, 0, ciphered.length),
    145. 

  145.                            undefined);
    146. 

  146. 

  147.         assert.strictEqual(cipher.outSeqno, expectedSeqno);
    148. 

  148.         assert(ciphered.length >= 9 + macSize);
    149. 

  149.         assert.strictEqual(decipher.inSeqno, cipher.outSeqno);
    150. 

  150.         assert.strictEqual(deciphered.length, 1);
    151. 

  151.         assert.deepStrictEqual(deciphered[0], payload);
    152. 

  152. 

  153.         // Test single byte payload ============================================
    154. 

  154.         payload = Buffer.from([ 0xEF ]);
    155. 

  155.         expectedSeqno = 3;
    156. 

  156. 

  157.         reset();
    158. 

  158.         packet = cipher.allocPacket(payload.length);
    159. 

  159.         payload.copy(packet, 5);
    160. 

  160.         cipher.encrypt(packet);
    161. 

  161.         assert.strictEqual(decipher.decrypt(ciphered, 0, ciphered.length),
    162. 

  162.                            undefined);
    163. 

  163. 

  164.         assert.strictEqual(cipher.outSeqno, 3);
    165. 

  165.         assert(ciphered.length >= 9 + macSize);
    166. 

  166.         assert.strictEqual(decipher.inSeqno, cipher.outSeqno);
    167. 

  167.         assert.strictEqual(deciphered.length, 1);
    168. 

  168.         assert.deepStrictEqual(deciphered[0], payload);
    169. 

  169. 

  170.         // Test large payload ==================================================
    171. 

  171.         payload = randomBytes(32 * 1024);
    172. 

  172.         expectedSeqno = 4;
    173. 

  173. 

  174.         reset();
    175. 

  175.         packet = cipher.allocPacket(payload.length);
    176. 

  176.         payload.copy(packet, 5);
    177. 

  177.         cipher.encrypt(packet);
    178. 

  178.         assert.strictEqual(decipher.decrypt(ciphered, 0, ciphered.length),
    179. 

  179.                            undefined);
    180. 

  180. 

  181.         assert.strictEqual(cipher.outSeqno, expectedSeqno);
    182. 

  182.         assert(ciphered.length >= 9 + macSize);
    183. 

  183.         assert.strictEqual(decipher.inSeqno, cipher.outSeqno);
    184. 

  184.         assert.strictEqual(deciphered.length, 1);
    185. 

  185.         assert.deepStrictEqual(deciphered[0], payload);
    186. 

  186. 

  187.         // Test sequnce number rollover ========================================
    188. 

  188.         payload = randomBytes(4);
    189. 

  189.         expectedSeqno = 0;
    190. 

  190.         cipher.outSeqno = decipher.inSeqno = (2 ** 32) - 1;
    191. 

  191. 

  192.         reset();
    193. 

  193.         packet = cipher.allocPacket(payload.length);
    194. 

  194.         payload.copy(packet, 5);
    195. 

  195.         cipher.encrypt(packet);
    196. 

  196.         assert.strictEqual(decipher.decrypt(ciphered, 0, ciphered.length),
    197. 

  197.                            undefined);
    198. 

  198. 

  199.         assert.strictEqual(cipher.outSeqno, expectedSeqno);
    200. 

  200.         assert(ciphered.length >= 9 + macSize);
    201. 

  201.         assert.strictEqual(decipher.inSeqno, cipher.outSeqno);
    202. 

  202.         assert.strictEqual(deciphered.length, 1);
    203. 

  203.         assert.deepStrictEqual(deciphered[0], payload);
    204. 

  204. 

  205.         // Test chunked input -- split length bytes ============================
    206. 

  206.         payload = randomBytes(32 * 768);
    207. 

  207.         expectedSeqno = 1;
    208. 

  208. 

  209.         reset();
    210. 

  210.         packet = cipher.allocPacket(payload.length);
    211. 

  211.         payload.copy(packet, 5);
    212. 

  212.         cipher.encrypt(packet);
    213. 

  213.         assert.strictEqual(decipher.decrypt(ciphered, 0, 2), undefined);
    214. 

  214.         assert.strictEqual(decipher.decrypt(ciphered, 2, ciphered.length),
    215. 

  215.                            undefined);
    216. 

  216. 

  217.         assert.strictEqual(cipher.outSeqno, expectedSeqno);
    218. 

  218.         assert(ciphered.length >= 9 + macSize);
    219. 

  219.         assert.strictEqual(decipher.inSeqno, cipher.outSeqno);
    220. 

  220.         assert.strictEqual(deciphered.length, 1);
    221. 

  221.         assert.deepStrictEqual(deciphered[0], payload);
    222. 

  222. 

  223.         // Test chunked input -- split length from payload =====================
    224. 

  224.         payload = randomBytes(32 * 768);
    225. 

  225.         expectedSeqno = 2;
    226. 

  226. 

  227.         reset();
    228. 

  228.         packet = cipher.allocPacket(payload.length);
    229. 

  229.         payload.copy(packet, 5);
    230. 

  230.         cipher.encrypt(packet);
    231. 

  231.         assert.strictEqual(decipher.decrypt(ciphered, 0, 4), undefined);
    232. 

  232.         assert.strictEqual(decipher.decrypt(ciphered, 4, ciphered.length),
    233. 

  233.                            undefined);
    234. 

  234. 

  235.         assert.strictEqual(cipher.outSeqno, expectedSeqno);
    236. 

  236.         assert(ciphered.length >= 9 + macSize);
    237. 

  237.         assert.strictEqual(decipher.inSeqno, cipher.outSeqno);
    238. 

  238.         assert.strictEqual(deciphered.length, 1);
    239. 

  239.         assert.deepStrictEqual(deciphered[0], payload);
    240. 

  240. 

  241.         // Test chunked input -- split length and payload from MAC =============
    242. 

  242.         payload = randomBytes(32 * 768);
    243. 

  243.         expectedSeqno = 3;
    244. 

  244. 

  245.         reset();
    246. 

  246.         packet = cipher.allocPacket(payload.length);
    247. 

  247.         payload.copy(packet, 5);
    248. 

  248.         cipher.encrypt(packet);
    249. 

  249.         assert.strictEqual(
    250. 

  250.           decipher.decrypt(ciphered, 0, ciphered.length - macSize),
    251. 

  251.           undefined
    252. 

  252.         );
    253. 

  253.         assert.strictEqual(
    254. 

  254.           decipher.decrypt(ciphered,
    255. 

  255.                            ciphered.length - macSize,
    256. 

  256.                            ciphered.length),
    257. 

  257.           undefined
    258. 

  258.         );
    259. 

  259. 

  260.         assert.strictEqual(cipher.outSeqno, expectedSeqno);
    261. 

  261.         assert(ciphered.length >= 9 + macSize);
    262. 

  262.         assert.strictEqual(decipher.inSeqno, cipher.outSeqno);
    263. 

  263.         assert.strictEqual(deciphered.length, 1);
    264. 

  264.         assert.deepStrictEqual(deciphered[0], payload);
    265. 

  265. 

  266.         // Test packet length checks ===========================================
    267. 

  267.         [0, 2 ** 32 - 1].forEach((n) => {
    268. 

  268.           reset();
    269. 

  269.           packet = cipher.allocPacket(0);
    270. 

  270.           packet.writeUInt32BE(n, 0); // Overwrite packet length field
    271. 

  271.           cipher.encrypt(packet);
    272. 

  272.           let threw = false;
    273. 

  273.           try {
    274. 

  274.             decipher.decrypt(ciphered, 0, ciphered.length);
    275. 

  275.           } catch (ex) {
    276. 

  276.             threw = true;
    277. 

  277.             assert(ex instanceof Error);
    278. 

  278.             assert(/packet length/i.test(ex.message));
    279. 

  279.           }
    280. 

  280.           if (!threw)
    281. 

  281.             throw new Error('Expected error');
    282. 

  282. 

  283.           // Recreate deciphers since errors leave them in an unusable state.
    284. 

  284.           // We recreate the ciphers as well so that internal states of both
    285. 

  285.           // ends match again.
    286. 

  286.           reinit();
    287. 

  287.         });
    288. 

  288. 

  289.         // Test minimum padding length check ===================================
    290. 

  290.         if (testConfig.cipher !== null) {
    291. 

  291.           let payloadLen;
    292. 

  292.           const blockLen = cipherInfo.blockLen;
    293. 

  293.           if (/chacha|gcm/i.test(testConfig.cipher)
    294. 

  294.               || /etm/i.test(testConfig.mac)) {
    295. 

  295.             payloadLen = blockLen - 2;
    296. 

  296.           } else {
    297. 

  297.             payloadLen = blockLen - 6;
    298. 

  298.           }
    299. 

  299.           const minLen = 4 + 1 + payloadLen + (blockLen + 1);
    300. 

  300.           // We don't do strict equality checks here since the length of the
    301. 

  301.           // returned Buffer can vary due to implementation details.
    302. 

  302.           assert(cipher.allocPacket(payloadLen).length >= minLen);
    303. 

  303.         }
    304. 

  304. 

  305.         // =====================================================================
    306. 

  306.         cipher.free();
    307. 

  307.         decipher.free();
    308. 

  308.         if (testConfig.cipher === null)
    309. 

  309.           break;
    310. 

  310.       }
    311. 

  311.     });
    312. 

  312.   }
    313. 

  313. 

  314.   // Test createCipher()/createDecipher() exceptions
    315. 

  315.   {
    316. 

  316.     [
    317. 

  317.       [
    318. 

  318.         [true, null],
    319. 

  319.         /invalid config/i
    320. 

  320.       ],
    321. 

  321.       [
    322. 

  322.         [{}],
    323. 

  323.         [/invalid outbound/i, /invalid inbound/i]
    324. 

  324.       ],
    325. 

  325.       [
    326. 

  326.         [{ outbound: {}, inbound: {} }],
    327. 

  327.         [/invalid outbound\.onWrite/i, /invalid inbound\.onPayload/i]
    328. 

  328.       ],
    329. 

  329.       [
    330. 

  330.         [
    331. 

  331.           { outbound: {
    332. 

  332.               onWrite: () => {},
    333. 

  333.               cipherInfo: true
    334. 

  334.             },
    335. 

  335.             inbound: {
    336. 

  336.               onPayload: () => {},
    337. 

  337.               decipherInfo: true
    338. 

  338.             },
    339. 

  339.           },
    340. 

  340.           { outbound: {
    341. 

  341.               onWrite: () => {},
    342. 

  342.               cipherInfo: null
    343. 

  343.             },
    344. 

  344.             inbound: {
    345. 

  345.               onPayload: () => {},
    346. 

  346.               decipherInfo: null
    347. 

  347.             },
    348. 

  348.           },
    349. 

  349.         ],
    350. 

  350.         [/invalid outbound\.cipherInfo/i, /invalid inbound\.decipherInfo/i]
    351. 

  351.       ],
    352. 

  352.       [
    353. 

  353.         [
    354. 

  354.           { outbound: {
    355. 

  355.               onWrite: () => {},
    356. 

  356.               cipherInfo: {},
    357. 

  357.               cipherKey: {},
    358. 

  358.             },
    359. 

  359.             inbound: {
    360. 

  360.               onPayload: () => {},
    361. 

  361.               decipherInfo: {},
    362. 

  362.               decipherKey: {},
    363. 

  363.             },
    364. 

  364.           },
    365. 

  365.           { outbound: {
    366. 

  366.               onWrite: () => {},
    367. 

  367.               cipherInfo: { keyLen: 32 },
    368. 

  368.               cipherKey: Buffer.alloc(8),
    369. 

  369.             },
    370. 

  370.             inbound: {
    371. 

  371.               onPayload: () => {},
    372. 

  372.               decipherInfo: { keyLen: 32 },
    373. 

  373.               decipherKey: Buffer.alloc(8),
    374. 

  374.             },
    375. 

  375.           },
    376. 

  376.         ],
    377. 

  377.         [/invalid outbound\.cipherKey/i, /invalid inbound\.decipherKey/i]
    378. 

  378.       ],
    379. 

  379.       [
    380. 

  380.         [
    381. 

  381.           { outbound: {
    382. 

  382.               onWrite: () => {},
    383. 

  383.               cipherInfo: { keyLen: 1, ivLen: 12 },
    384. 

  384.               cipherKey: Buffer.alloc(1),
    385. 

  385.               cipherIV: true
    386. 

  386.             },
    387. 

  387.             inbound: {
    388. 

  388.               onPayload: () => {},
    389. 

  389.               decipherInfo: { keyLen: 1, ivLen: 12 },
    390. 

  390.               decipherKey: Buffer.alloc(1),
    391. 

  391.               cipherIV: true
    392. 

  392.             },
    393. 

  393.           },
    394. 

  394.           { outbound: {
    395. 

  395.               onWrite: () => {},
    396. 

  396.               cipherInfo: { keyLen: 1, ivLen: 12 },
    397. 

  397.               cipherKey: Buffer.alloc(1),
    398. 

  398.               cipherIV: null
    399. 

  399.             },
    400. 

  400.             inbound: {
    401. 

  401.               onPayload: () => {},
    402. 

  402.               decipherInfo: { keyLen: 1, ivLen: 12 },
    403. 

  403.               decipherKey: Buffer.alloc(1),
    404. 

  404.               cipherIV: null
    405. 

  405.             },
    406. 

  406.           },
    407. 

  407.           { outbound: {
    408. 

  408.               onWrite: () => {},
    409. 

  409.               cipherInfo: { keyLen: 1, ivLen: 12 },
    410. 

  410.               cipherKey: Buffer.alloc(1),
    411. 

  411.               cipherIV: {}
    412. 

  412.             },
    413. 

  413.             inbound: {
    414. 

  414.               onPayload: () => {},
    415. 

  415.               decipherInfo: { keyLen: 1, ivLen: 12 },
    416. 

  416.               decipherKey: Buffer.alloc(1),
    417. 

  417.               cipherIV: {}
    418. 

  418.             },
    419. 

  419.           },
    420. 

  420.           { outbound: {
    421. 

  421.               onWrite: () => {},
    422. 

  422.               cipherInfo: { keyLen: 1, ivLen: 12 },
    423. 

  423.               cipherKey: Buffer.alloc(1),
    424. 

  424.               cipherIV: Buffer.alloc(1)
    425. 

  425.             },
    426. 

  426.             inbound: {
    427. 

  427.               onPayload: () => {},
    428. 

  428.               decipherInfo: { keyLen: 1, ivLen: 12 },
    429. 

  429.               decipherKey: Buffer.alloc(1),
    430. 

  430.               cipherIV: Buffer.alloc(1)
    431. 

  431.             },
    432. 

  432.           },
    433. 

  433.         ],
    434. 

  434.         [/invalid outbound\.cipherIV/i, /invalid inbound\.decipherIV/i]
    435. 

  435.       ],
    436. 

  436.       [
    437. 

  437.         [
    438. 

  438.           { outbound: {
    439. 

  439.               onWrite: () => {},
    440. 

  440.               cipherInfo: { keyLen: 1, ivLen: 0 },
    441. 

  441.               cipherKey: Buffer.alloc(1),
    442. 

  442.               seqno: true
    443. 

  443.             },
    444. 

  444.             inbound: {
    445. 

  445.               onPayload: () => {},
    446. 

  446.               decipherInfo: { keyLen: 1, ivLen: 0 },
    447. 

  447.               decipherKey: Buffer.alloc(1),
    448. 

  448.               seqno: true
    449. 

  449.             },
    450. 

  450.           },
    451. 

  451.           { outbound: {
    452. 

  452.               onWrite: () => {},
    453. 

  453.               cipherInfo: { keyLen: 1, ivLen: 0 },
    454. 

  454.               cipherKey: Buffer.alloc(1),
    455. 

  455.               seqno: -1
    456. 

  456.             },
    457. 

  457.             inbound: {
    458. 

  458.               onPayload: () => {},
    459. 

  459.               decipherInfo: { keyLen: 1, ivLen: 0 },
    460. 

  460.               decipherKey: Buffer.alloc(1),
    461. 

  461.               seqno: -1
    462. 

  462.             },
    463. 

  463.           },
    464. 

  464.           { outbound: {
    465. 

  465.               onWrite: () => {},
    466. 

  466.               cipherInfo: { keyLen: 1, ivLen: 0 },
    467. 

  467.               cipherKey: Buffer.alloc(1),
    468. 

  468.               seqno: 2 ** 32
    469. 

  469.             },
    470. 

  470.             inbound: {
    471. 

  471.               onPayload: () => {},
    472. 

  472.               decipherInfo: { keyLen: 1, ivLen: 0 },
    473. 

  473.               decipherKey: Buffer.alloc(1),
    474. 

  474.               seqno: 2 ** 32
    475. 

  475.             },
    476. 

  476.           },
    477. 

  477.         ],
    478. 

  478.         [/invalid outbound\.seqno/i, /invalid inbound\.seqno/i]
    479. 

  479.       ],
    480. 

  480.       [
    481. 

  481.         [
    482. 

  482.           { outbound: {
    483. 

  483.               onWrite: () => {},
    484. 

  484.               cipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    485. 

  485.               cipherKey: Buffer.alloc(1),
    486. 

  486.               seqno: 0
    487. 

  487.             },
    488. 

  488.             inbound: {
    489. 

  489.               onPayload: () => {},
    490. 

  490.               decipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    491. 

  491.               decipherKey: Buffer.alloc(1),
    492. 

  492.               seqno: 0
    493. 

  493.             },
    494. 

  494.           },
    495. 

  495.           { outbound: {
    496. 

  496.               onWrite: () => {},
    497. 

  497.               cipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    498. 

  498.               cipherKey: Buffer.alloc(1),
    499. 

  499.               seqno: 0,
    500. 

  500.               macInfo: true
    501. 

  501.             },
    502. 

  502.             inbound: {
    503. 

  503.               onPayload: () => {},
    504. 

  504.               decipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    505. 

  505.               decipherKey: Buffer.alloc(1),
    506. 

  506.               seqno: 0,
    507. 

  507.               macInfo: true
    508. 

  508.             },
    509. 

  509.           },
    510. 

  510.           { outbound: {
    511. 

  511.               onWrite: () => {},
    512. 

  512.               cipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    513. 

  513.               cipherKey: Buffer.alloc(1),
    514. 

  514.               seqno: 0,
    515. 

  515.               macInfo: null
    516. 

  516.             },
    517. 

  517.             inbound: {
    518. 

  518.               onPayload: () => {},
    519. 

  519.               decipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    520. 

  520.               decipherKey: Buffer.alloc(1),
    521. 

  521.               seqno: 0,
    522. 

  522.               macInfo: null
    523. 

  523.             },
    524. 

  524.           },
    525. 

  525.         ],
    526. 

  526.         [/invalid outbound\.macInfo/i, /invalid inbound\.macInfo/i]
    527. 

  527.       ],
    528. 

  528.       [
    529. 

  529.         [
    530. 

  530.           { outbound: {
    531. 

  531.               onWrite: () => {},
    532. 

  532.               cipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    533. 

  533.               cipherKey: Buffer.alloc(1),
    534. 

  534.               seqno: 0,
    535. 

  535.               macInfo: { keyLen: 16 }
    536. 

  536.             },
    537. 

  537.             inbound: {
    538. 

  538.               onPayload: () => {},
    539. 

  539.               decipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    540. 

  540.               decipherKey: Buffer.alloc(1),
    541. 

  541.               seqno: 0,
    542. 

  542.               macInfo: { keyLen: 16 }
    543. 

  543.             },
    544. 

  544.           },
    545. 

  545.           { outbound: {
    546. 

  546.               onWrite: () => {},
    547. 

  547.               cipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    548. 

  548.               cipherKey: Buffer.alloc(1),
    549. 

  549.               seqno: 0,
    550. 

  550.               macInfo: { keyLen: 16 },
    551. 

  551.               macKey: true
    552. 

  552.             },
    553. 

  553.             inbound: {
    554. 

  554.               onPayload: () => {},
    555. 

  555.               decipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    556. 

  556.               decipherKey: Buffer.alloc(1),
    557. 

  557.               seqno: 0,
    558. 

  558.               macInfo: { keyLen: 16 },
    559. 

  559.               macKey: true
    560. 

  560.             },
    561. 

  561.           },
    562. 

  562.           { outbound: {
    563. 

  563.               onWrite: () => {},
    564. 

  564.               cipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    565. 

  565.               cipherKey: Buffer.alloc(1),
    566. 

  566.               seqno: 0,
    567. 

  567.               macInfo: { keyLen: 16 },
    568. 

  568.               macKey: null
    569. 

  569.             },
    570. 

  570.             inbound: {
    571. 

  571.               onPayload: () => {},
    572. 

  572.               decipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    573. 

  573.               decipherKey: Buffer.alloc(1),
    574. 

  574.               seqno: 0,
    575. 

  575.               macInfo: { keyLen: 16 },
    576. 

  576.               macKey: null
    577. 

  577.             },
    578. 

  578.           },
    579. 

  579.           { outbound: {
    580. 

  580.               onWrite: () => {},
    581. 

  581.               cipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    582. 

  582.               cipherKey: Buffer.alloc(1),
    583. 

  583.               seqno: 0,
    584. 

  584.               macInfo: { keyLen: 16 },
    585. 

  585.               macKey: Buffer.alloc(1)
    586. 

  586.             },
    587. 

  587.             inbound: {
    588. 

  588.               onPayload: () => {},
    589. 

  589.               decipherInfo: { keyLen: 1, ivLen: 0, sslName: 'foo' },
    590. 

  590.               decipherKey: Buffer.alloc(1),
    591. 

  591.               seqno: 0,
    592. 

  592.               macInfo: { keyLen: 16 },
    593. 

  593.               macKey: Buffer.alloc(1)
    594. 

  594.             },
    595. 

  595.           },
    596. 

  596.         ],
    597. 

  597.         [/invalid outbound\.macKey/i, /invalid inbound\.macKey/i]
    598. 

  598.       ],
    599. 

  599.     ].forEach((testCase) => {
    600. 

  600.       let errorChecks = testCase[1];
    601. 

  601.       if (!Array.isArray(errorChecks))
    602. 

  602.         errorChecks = [errorChecks[0], errorChecks[0]];
    603. 

  603.       for (const input of testCase[0]) {
    604. 

  604.         assert.throws(() => createCipher(input), errorChecks[0]);
    605. 

  605.         assert.throws(() => createDecipher(input), errorChecks[1]);
    606. 

  606.       }
    607. 

  607.     });
    608. 

  608.   }
    609. 

  609. })();
    610.