summaryrefslogtreecommitdiff
path: root/benchmark/tls/secure-pair.js
blob: c0409febacda001784c2437062b3169001e8a964 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103

'use strict';
const common = require('../common.js');
const bench = common.createBenchmark(main, {
  dur: [5],
  securing: ['SecurePair', 'TLSSocket'],
  size: [2, 1024, 1024 * 1024]
});

const fixtures = require('../../test/common/fixtures');
const tls = require('tls');
const net = require('net');

const REDIRECT_PORT = 28347;

function main({ dur, size, securing }) {
  const chunk = Buffer.alloc(size, 'b');

  const options = {
    key: fixtures.readKey('rsa_private.pem'),
    cert: fixtures.readKey('rsa_cert.crt'),
    ca: fixtures.readKey('rsa_ca.crt'),
    ciphers: 'AES256-GCM-SHA384',
    isServer: true,
    requestCert: true,
    rejectUnauthorized: true,
  };

  const server = net.createServer(onRedirectConnection);
  server.listen(REDIRECT_PORT, () => {
    const proxy = net.createServer(onProxyConnection);
    proxy.listen(common.PORT, () => {
      const clientOptions = {
        port: common.PORT,
        ca: options.ca,
        key: options.key,
        cert: options.cert,
        isServer: false,
        rejectUnauthorized: false,
      };
      const conn = tls.connect(clientOptions, () => {
        setTimeout(() => {
          const mbits = (received * 8) / (1024 * 1024);
          bench.end(mbits);
          if (conn)
            conn.destroy();
          server.close();
          proxy.close();
        }, dur * 1000);
        bench.start();
        conn.on('drain', write);
        write();
      });
      conn.on('error', (e) => {
        throw new Error(`Client error: ${e}`);
      });

      function write() {
        while (false !== conn.write(chunk));
      }
    });
  });

  function onProxyConnection(conn) {
    const client = net.connect(REDIRECT_PORT, () => {
      switch (securing) {
        case 'SecurePair':
          securePair(conn, client);
          break;
        case 'TLSSocket':
          secureTLSSocket(conn, client);
          break;
        default:
          throw new Error('Invalid securing method');
      }
    });
  }

  function securePair(conn, client) {
    const serverCtx = tls.createSecureContext(options);
    const serverPair = tls.createSecurePair(serverCtx, true, true, false);
    conn.pipe(serverPair.encrypted);
    serverPair.encrypted.pipe(conn);
    serverPair.on('error', (error) => {
      throw new Error(`Pair error: ${error}`);
    });
    serverPair.cleartext.pipe(client);
  }

  function secureTLSSocket(conn, client) {
    const serverSocket = new tls.TLSSocket(conn, options);
    serverSocket.on('error', (e) => {
      throw new Error(`Socket error: ${e}`);
    });
    serverSocket.pipe(client);
  }

  let received = 0;
  function onRedirectConnection(conn) {
    conn.on('data', (chunk) => {
      received += chunk.length;
    });
  }
}
View Lorry Controller Status