diff options
author | Fedor Indutny <fedor.indutny@gmail.com> | 2014-03-07 03:27:01 +0400 |
---|---|---|
committer | Fedor Indutny <fedor@indutny.com> | 2014-03-29 12:01:43 +0400 |
commit | 5d2aef17ee56fbbf415ca1e3034cdb02cd97117c (patch) | |
tree | 4cdf828ffa9b6a3c33ff864539ed8afa83437a69 /lib/_tls_common.js | |
parent | b55c9d68aa713e75ff5077cd425cbaafde010b92 (diff) | |
download | android-node-v8-5d2aef17ee56fbbf415ca1e3034cdb02cd97117c.tar.gz android-node-v8-5d2aef17ee56fbbf415ca1e3034cdb02cd97117c.tar.bz2 android-node-v8-5d2aef17ee56fbbf415ca1e3034cdb02cd97117c.zip |
crypto: move `createCredentials` to tls
Move `createCredentials` to `tls` module and rename it to
`createSecureContext`. Make it use default values from `tls` module:
`DEFAULT_CIPHERS` and `DEFAULT_ECDH_CURVE`.
fix #7249
Diffstat (limited to 'lib/_tls_common.js')
-rw-r--r-- | lib/_tls_common.js | 128 |
1 files changed, 128 insertions, 0 deletions
diff --git a/lib/_tls_common.js b/lib/_tls_common.js new file mode 100644 index 0000000000..ce011bc7f3 --- /dev/null +++ b/lib/_tls_common.js @@ -0,0 +1,128 @@ +// Copyright Joyent, Inc. and other Node contributors. +// +// Permission is hereby granted, free of charge, to any person obtaining a +// copy of this software and associated documentation files (the +// "Software"), to deal in the Software without restriction, including +// without limitation the rights to use, copy, modify, merge, publish, +// distribute, sublicense, and/or sell copies of the Software, and to permit +// persons to whom the Software is furnished to do so, subject to the +// following conditions: +// +// The above copyright notice and this permission notice shall be included +// in all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN +// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE +// USE OR OTHER DEALINGS IN THE SOFTWARE. + +var util = require('util'); +var tls = require('tls'); + +// Lazily loaded +var crypto = null; + +var binding = process.binding('crypto'); +var NativeSecureContext = binding.SecureContext; + +function SecureContext(secureProtocol, flags, context) { + if (!(this instanceof SecureContext)) { + return new SecureContext(secureProtocol, flags, context); + } + + if (context) { + this.context = context; + } else { + this.context = new NativeSecureContext(); + + if (secureProtocol) { + this.context.init(secureProtocol); + } else { + this.context.init(); + } + } + + if (flags) this.context.setOptions(flags); +} + +exports.SecureContext = SecureContext; + + +exports.createSecureContext = function createSecureContext(options, context) { + if (!options) options = {}; + + var c = new SecureContext(options.secureProtocol, + options.secureOptions, + context); + + if (context) return c; + + if (options.key) { + if (options.passphrase) { + c.context.setKey(options.key, options.passphrase); + } else { + c.context.setKey(options.key); + } + } + + if (options.cert) c.context.setCert(options.cert); + + if (options.ciphers) + c.context.setCiphers(options.ciphers); + else + c.context.setCiphers(tls.DEFAULT_CIPHERS); + + if (util.isUndefined(options.ecdhCurve)) + c.context.setECDHCurve(tls.DEFAULT_ECDH_CURVE); + else if (options.ecdhCurve) + c.context.setECDHCurve(options.ecdhCurve); + + if (options.ca) { + if (util.isArray(options.ca)) { + for (var i = 0, len = options.ca.length; i < len; i++) { + c.context.addCACert(options.ca[i]); + } + } else { + c.context.addCACert(options.ca); + } + } else { + c.context.addRootCerts(); + } + + if (options.crl) { + if (util.isArray(options.crl)) { + for (var i = 0, len = options.crl.length; i < len; i++) { + c.context.addCRL(options.crl[i]); + } + } else { + c.context.addCRL(options.crl); + } + } + + if (options.sessionIdContext) { + c.context.setSessionIdContext(options.sessionIdContext); + } + + if (options.pfx) { + var pfx = options.pfx; + var passphrase = options.passphrase; + + if (!crypto) + crypto = require('crypto'); + + pfx = crypto._toBuf(pfx); + if (passphrase) + passphrase = crypto._toBuf(passphrase); + + if (passphrase) { + c.context.loadPKCS12(pfx, passphrase); + } else { + c.context.loadPKCS12(pfx); + } + } + + return c; +}; |