test: tls cert chain completion scenarios

PR-URL: https://github.com/nodejs/node/pull/10389 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
author: Sam Roberts <vieuxtech@gmail.com> 2016-12-20 14:16:29 -0800
committer: Sam Roberts <vieuxtech@gmail.com> 2017-01-12 11:10:41 -0800
commit: 733c4a813b39fc78c1b8e36f461e4b1251362f4a (patch)
tree: b0ea9205f185ef70831df58b9ac29dfe40b2582e /test/parallel/test-tls-cert-chains-concat.js
parent: f9665280a495d80b7ace32d59ab29b1983f96731 (diff)
download: android-node-v8-733c4a813b39fc78c1b8e36f461e4b1251362f4a.tar.gz
android-node-v8-733c4a813b39fc78c1b8e36f461e4b1251362f4a.tar.bz2
android-node-v8-733c4a813b39fc78c1b8e36f461e4b1251362f4a.zip
1 files changed, 50 insertions, 0 deletions
diff --git a/test/parallel/test-tls-cert-chains-concat.js b/test/parallel/test-tls-cert-chains-concat.js
new file mode 100644
index 0000000000..d53edef898
--- /dev/null
+++ b/test/parallel/test-tls-cert-chains-concat.js
@@ -0,0 +1,50 @@
+'use strict';
+const common = require('../common');
+
+// Check cert chain is received by client, and is completed with the ca cert
+// known to the client.
+
+const join = require('path').join;
+const {
+  assert, connect, debug, keys
+} = require(join(common.fixturesDir, 'tls-connect'))();
+
+// agent6-cert.pem includes cert for agent6 and ca3
+connect({
+  client: {
+    checkServerIdentity: (servername, cert) => { },
+    ca: keys.agent6.ca,
+  },
+  server: {
+    cert: keys.agent6.cert,
+    key: keys.agent6.key,
+  },
+}, function(err, pair, cleanup) {
+  assert.ifError(err);
+
+  const peer = pair.client.conn.getPeerCertificate();
+  debug('peer:\n', peer);
+  assert.strictEqual(peer.subject.emailAddress, 'adam.lippai@tresorit.com');
+  assert.strictEqual(peer.subject.CN, 'Ádám Lippai'),
+  assert.strictEqual(peer.issuer.CN, 'ca3');
+  assert.strictEqual(peer.serialNumber, 'C4CD893EF9A75DCC');
+
+  const next = pair.client.conn.getPeerCertificate(true).issuerCertificate;
+  const root = next.issuerCertificate;
+  delete next.issuerCertificate;
+  debug('next:\n', next);
+  assert.strictEqual(next.subject.CN, 'ca3');
+  assert.strictEqual(next.issuer.CN, 'ca1');
+  assert.strictEqual(next.serialNumber, '9A84ABCFB8A72ABF');
+
+  debug('root:\n', root);
+  assert.strictEqual(root.subject.CN, 'ca1');
+  assert.strictEqual(root.issuer.CN, 'ca1');
+  assert.strictEqual(root.serialNumber, '8DF21C01468AF393');
+
+  // No client cert, so empty object returned.
+  assert.deepStrictEqual(pair.server.conn.getPeerCertificate(), {});
+  assert.deepStrictEqual(pair.server.conn.getPeerCertificate(true), {});
+
+  return cleanup();
+});
author	Sam Roberts <vieuxtech@gmail.com>	2016-12-20 14:16:29 -0800
committer	Sam Roberts <vieuxtech@gmail.com>	2017-01-12 11:10:41 -0800
commit	733c4a813b39fc78c1b8e36f461e4b1251362f4a (patch)
tree	b0ea9205f185ef70831df58b9ac29dfe40b2582e /test/parallel/test-tls-cert-chains-concat.js
parent	f9665280a495d80b7ace32d59ab29b1983f96731 (diff)
download	android-node-v8-733c4a813b39fc78c1b8e36f461e4b1251362f4a.tar.gz android-node-v8-733c4a813b39fc78c1b8e36f461e4b1251362f4a.tar.bz2 android-node-v8-733c4a813b39fc78c1b8e36f461e4b1251362f4a.zip