From ef89084b44d4fb33df02bc3050986e42c4f747fd Mon Sep 17 00:00:00 2001 From: Meghan Denny Date: Mon, 8 Sep 2025 20:10:37 -0700 Subject: [PATCH] fix stripe.test.ts --- src/js/node/tls.ts | 106 ++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 94 insertions(+), 12 deletions(-) diff --git a/src/js/node/tls.ts b/src/js/node/tls.ts index 69da4fdd69..d0dfce77d0 100644 --- a/src/js/node/tls.ts +++ b/src/js/node/tls.ts @@ -171,19 +171,101 @@ function getValidCiphersSet() { "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", - - // Configurations include in the default cipher list - "HIGH", - "!aNULL", - "!eNULL", - "!EXPORT", - "!DES", - "!RC4", - "!MD5", - "!PSK", - "!SRP", - "!CAMELLIA", ]); + + // https://github.com/openssl/openssl/blob/openssl-3.5.2/include/openssl/ssl.h.in#L76 + const txt = [ + "LOW", + "MEDIUM", + "HIGH", + "FIPS", + "aNULL", + "eNULL", + "NULL", + "kRSA", + "kDHr", + "kDHd", + "kDH", + "kEDH", + "kDHE", + "kECDHr", + "kECDHe", + "kECDH", + "kEECDH", + "kECDHE", + "kPSK", + "kRSAPSK", + "kECDHEPSK", + "kDHEPSK", + "kGOST", + "kGOST18", + "kSRP", + "aRSA", + "aDSS", + "aDH", + "aECDH", + "aECDSA", + "aPSK", + "aGOST94", + "aGOST01", + "aGOST12", + "aGOST", + "aSRP", + "DSS", + "DH", + "DHE", + "EDH", + "ADH", + "RSA", + "ECDH", + "EECDH", + "ECDHE", + "AECDH", + "ECDSA", + "PSK", + "SRP", + "DES", + "3DES", + "RC4", + "RC2", + "IDEA", + "SEED", + "AES128", + "AES256", + "AES", + "AESGCM", + "AESCCM", + "AESCCM8", + "CAMELLIA128", + "CAMELLIA256", + "CAMELLIA", + "CHACHA20", + "GOST89", + "ARIA", + "ARIAGCM", + "ARIA128", + "ARIA256", + "GOST2012-GOST8912-GOST8912", + "CBC", + "MD5", + "SHA1", + "SHA", + "GOST94", + "GOST89MAC", + "GOST12", + "GOST89MAC12", + "SHA256", + "SHA384", + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2", + "ALL", + ]; + for (const c of txt) _VALID_CIPHERS_SET.$add(c); + for (const c of txt) _VALID_CIPHERS_SET.$add("!" + c); + _VALID_CIPHERS_SET.$add("!EXPORT"); + _VALID_CIPHERS_SET.$add("!SSLv2"); } return _VALID_CIPHERS_SET; }