diff options
author | Sam Roberts <vieuxtech@gmail.com> | 2016-12-20 14:16:29 -0800 |
---|---|---|
committer | Sam Roberts <vieuxtech@gmail.com> | 2017-01-12 11:10:41 -0800 |
commit | 733c4a813b39fc78c1b8e36f461e4b1251362f4a (patch) | |
tree | b0ea9205f185ef70831df58b9ac29dfe40b2582e /test/parallel/test-tls-cert-chains-concat.js | |
parent | f9665280a495d80b7ace32d59ab29b1983f96731 (diff) | |
download | android-node-v8-733c4a813b39fc78c1b8e36f461e4b1251362f4a.tar.gz android-node-v8-733c4a813b39fc78c1b8e36f461e4b1251362f4a.tar.bz2 android-node-v8-733c4a813b39fc78c1b8e36f461e4b1251362f4a.zip |
test: tls cert chain completion scenarios
PR-URL: https://github.com/nodejs/node/pull/10389
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Diffstat (limited to 'test/parallel/test-tls-cert-chains-concat.js')
-rw-r--r-- | test/parallel/test-tls-cert-chains-concat.js | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/test/parallel/test-tls-cert-chains-concat.js b/test/parallel/test-tls-cert-chains-concat.js new file mode 100644 index 0000000000..d53edef898 --- /dev/null +++ b/test/parallel/test-tls-cert-chains-concat.js @@ -0,0 +1,50 @@ +'use strict'; +const common = require('../common'); + +// Check cert chain is received by client, and is completed with the ca cert +// known to the client. + +const join = require('path').join; +const { + assert, connect, debug, keys +} = require(join(common.fixturesDir, 'tls-connect'))(); + +// agent6-cert.pem includes cert for agent6 and ca3 +connect({ + client: { + checkServerIdentity: (servername, cert) => { }, + ca: keys.agent6.ca, + }, + server: { + cert: keys.agent6.cert, + key: keys.agent6.key, + }, +}, function(err, pair, cleanup) { + assert.ifError(err); + + const peer = pair.client.conn.getPeerCertificate(); + debug('peer:\n', peer); + assert.strictEqual(peer.subject.emailAddress, 'adam.lippai@tresorit.com'); + assert.strictEqual(peer.subject.CN, 'Ádám Lippai'), + assert.strictEqual(peer.issuer.CN, 'ca3'); + assert.strictEqual(peer.serialNumber, 'C4CD893EF9A75DCC'); + + const next = pair.client.conn.getPeerCertificate(true).issuerCertificate; + const root = next.issuerCertificate; + delete next.issuerCertificate; + debug('next:\n', next); + assert.strictEqual(next.subject.CN, 'ca3'); + assert.strictEqual(next.issuer.CN, 'ca1'); + assert.strictEqual(next.serialNumber, '9A84ABCFB8A72ABF'); + + debug('root:\n', root); + assert.strictEqual(root.subject.CN, 'ca1'); + assert.strictEqual(root.issuer.CN, 'ca1'); + assert.strictEqual(root.serialNumber, '8DF21C01468AF393'); + + // No client cert, so empty object returned. + assert.deepStrictEqual(pair.server.conn.getPeerCertificate(), {}); + assert.deepStrictEqual(pair.server.conn.getPeerCertificate(true), {}); + + return cleanup(); +}); |