tls: multiple PFX in createSecureContext

Add support for multiple PFX files in tls.createSecureContext.
Also added support for object-style PFX pass.

PR-URL: https://github.com/nodejs/node/pull/14793
Fixes: https://github.com/nodejs/node/issues/14756
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

1 files changed, 50 insertions, 0 deletions

diff --git a/test/parallel/test-tls-multi-pfx.js b/test/parallel/test-tls-multi-pfx.js
new file mode 100644
index 0000000000..f750aec325
--- /dev/null
+++ b/test/parallel/test-tls-multi-pfx.js
@@ -0,0 +1,50 @@
+'use strict';
+const common = require('../common');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const assert = require('assert');
+const tls = require('tls');
+const fixtures = require('../common/fixtures');
+
+const options = {
+  pfx: [
+    {
+      buf: fixtures.readKey('agent1-pfx.pem'),
+      passphrase: 'sample'
+    },
+    fixtures.readKey('ec-pfx.pem')
+  ]
+};
+
+const ciphers = [];
+
+const server = tls.createServer(options, function(conn) {
+  conn.end('ok');
+}).listen(0, function() {
+  const ecdsa = tls.connect(this.address().port, {
+    ciphers: 'ECDHE-ECDSA-AES256-GCM-SHA384',
+    rejectUnauthorized: false
+  }, common.mustCall(function() {
+    ciphers.push(ecdsa.getCipher());
+    const rsa = tls.connect(server.address().port, {
+      ciphers: 'ECDHE-RSA-AES256-GCM-SHA384',
+      rejectUnauthorized: false
+    }, common.mustCall(function() {
+      ciphers.push(rsa.getCipher());
+      ecdsa.end();
+      rsa.end();
+      server.close();
+    }));
+  }));
+});
+
+process.on('exit', function() {
+  assert.deepStrictEqual(ciphers, [{
+    name: 'ECDHE-ECDSA-AES256-GCM-SHA384',
+    version: 'TLSv1/SSLv3'
+  }, {
+    name: 'ECDHE-RSA-AES256-GCM-SHA384',
+    version: 'TLSv1/SSLv3'
+  }]);
+});