const crypto = require('crypto');
console.log('=== DIFFIEHELLMAN ERRORS ===\n');
// 1. Invalid prime length
console.log('1. Creating with invalid prime length:');
try {
// Prime length must be a multiple of 8 and >= 8
const dh = crypto.createDiffieHellman(7);
console.log(' - Should not reach here');
} catch (err) {
console.log(` - Error: ${err.code} - ${err.message}`);
}
// 2. Invalid prime
console.log('\n2. Creating with invalid prime:');
try {
// Prime must be a prime number
const prime = Buffer.from('0f', 'hex');
const dh = crypto.createDiffieHellman(prime);
dh.generateKeys();
console.log(' - Should not reach here');
} catch (err) {
console.log(` - Error: ${err.code} - ${err.message}`);
}
// 3. Invalid generator
console.log('\n3. Using invalid generator:');
try {
const prime = crypto.createDiffieHellman(512).getPrime();
const dh = crypto.createDiffieHellman(prime, Buffer.from('01', 'hex')); // Generator too small
dh.generateKeys();
console.log(' - Should not reach here');
} catch (err) {
console.log(` - Error: ${err.code} - ${err.message}`);
}
// 4. Invalid public key in computeSecret
console.log('\n4. Computing secret with invalid public key:');
try {
const alice = crypto.createDiffieHellman(512);
const bob = crypto.createDiffieHellman(512);
alice.generateKeys();
bob.generateKeys();
// Using a key that's too short
const invalidKey = Buffer.alloc(10);
alice.computeSecret(invalidKey);
console.log(' - Should not reach here');
} catch (err) {
console.log(` - Error: ${err.code} - ${err.message}`);
}
// 5. Using wrong group parameters
console.log('\n5. Using mismatched group parameters:');
try {
const alice = crypto.createDiffieHellman(512);
const bob = crypto.createDiffieHellman(512); // Different prime/generator
alice.generateKeys();
bob.generateKeys();
// Exchange public keys
const alicePublicKey = alice.getPublicKey();
const bobPublicKey = bob.getPublicKey();
// This will work (but the shared secret will be different)
alice.computeSecret(bobPublicKey);
bob.computeSecret(alicePublicKey);
console.log(' - Warning: This works but is insecure! Different groups should not be used together');
} catch (err) {
console.log(` - Error: ${err.code} - ${err.message}`);
}
// 6. Invalid encoding in getPublicKey
console.log('\n6. Using invalid encoding:');
try {
const dh = crypto.createDiffieHellman(512);
dh.generateKeys();
// Invalid encoding
dh.getPublicKey('invalid-encoding');
console.log(' - Should not reach here');
} catch (err) {
console.log(` - Error: ${err.code} - ${err.message}`);
}
// 7. Verify error codes
console.log('\n7. Verifying parameters:');
try {
// Create a valid DH instance
const dh = crypto.createDiffieHellman(512);
dh.generateKeys();
// Force an error by setting an invalid public key
const invalidKey = Buffer.alloc(64);
dh.setPublicKey(invalidKey);
// Check verifyError
console.log(` - Verify error code: ${dh.verifyError}`);
console.log(` - Verify error message: ${dh.verifyError ? 'Invalid public key' : 'No error'}`);
} catch (err) {
console.log(` - Error: ${err.code} - ${err.message}`);
}
// 8. Using unsupported group
console.log('\n8. Using unsupported group:');
try {
const dh = crypto.getDiffieHellman('nonexistent-group');
console.log(' - Should not reach here');
} catch (err) {
console.log(` - Error: ${err.code} - ${err.message}`);
}
