diff options
author | Anton Gerasimov <agerasimov@twilio.com> | 2019-08-05 12:03:23 +0200 |
---|---|---|
committer | Rich Trott <rtrott@gmail.com> | 2019-09-27 15:50:56 -0700 |
commit | c2ce8d05474c38c503b6ac57e94366421c960762 (patch) | |
tree | def403dc2cec32e1e689023669b23a37f9c03b68 /test/addons/openssl-key-engine/test.js | |
parent | 3de5eae6dbe503485b95bdeb8bddbd67e4613d59 (diff) | |
download | android-node-v8-c2ce8d05474c38c503b6ac57e94366421c960762.tar.gz android-node-v8-c2ce8d05474c38c503b6ac57e94366421c960762.tar.bz2 android-node-v8-c2ce8d05474c38c503b6ac57e94366421c960762.zip |
tls: add option for private keys for OpenSSL engines
Add `privateKeyIdentifier` and `privateKeyEngine` options
to get private key from an OpenSSL engine in tls.createSecureContext().
PR-URL: https://github.com/nodejs/node/pull/28973
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Diffstat (limited to 'test/addons/openssl-key-engine/test.js')
-rw-r--r-- | test/addons/openssl-key-engine/test.js | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/test/addons/openssl-key-engine/test.js b/test/addons/openssl-key-engine/test.js new file mode 100644 index 0000000000..5c93e62636 --- /dev/null +++ b/test/addons/openssl-key-engine/test.js @@ -0,0 +1,62 @@ +'use strict'; +const common = require('../../common'); +const fixture = require('../../common/fixtures'); + +if (!common.hasCrypto) + common.skip('missing crypto'); + +const fs = require('fs'); +const path = require('path'); + +const engine = path.join(__dirname, + `/build/${common.buildType}/testkeyengine.engine`); + +if (!fs.existsSync(engine)) + common.skip('no client cert engine'); + +const assert = require('assert'); +const https = require('https'); + +const agentKey = fs.readFileSync(fixture.path('/keys/agent1-key.pem')); +const agentCert = fs.readFileSync(fixture.path('/keys/agent1-cert.pem')); +const agentCa = fs.readFileSync(fixture.path('/keys/ca1-cert.pem')); + +const serverOptions = { + key: agentKey, + cert: agentCert, + ca: agentCa, + requestCert: true, + rejectUnauthorized: true +}; + +const server = https.createServer(serverOptions, common.mustCall((req, res) => { + res.writeHead(200); + res.end('hello world'); +})).listen(0, common.localhostIPv4, common.mustCall(() => { + const clientOptions = { + method: 'GET', + host: common.localhostIPv4, + port: server.address().port, + path: '/test', + privateKeyEngine: engine, + privateKeyIdentifier: 'dummykey', + cert: agentCert, + rejectUnauthorized: false, // Prevent failing on self-signed certificates + headers: {} + }; + + const req = https.request(clientOptions, common.mustCall(function(response) { + let body = ''; + response.setEncoding('utf8'); + response.on('data', function(chunk) { + body += chunk; + }); + + response.on('end', common.mustCall(function() { + assert.strictEqual(body, 'hello world'); + server.close(); + })); + })); + + req.end(); +})); |