forked from nodejs/node
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathtest-tls-server-setkeycert.js
More file actions
56 lines (49 loc) · 1.48 KB
/
test-tls-server-setkeycert.js
File metadata and controls
56 lines (49 loc) · 1.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
'use strict';
const common = require('../common');
if (!common.hasCrypto)
common.skip('missing crypto');
const assert = require('assert');
const { X509Certificate } = require('crypto');
const tls = require('tls');
const fixtures = require('../common/fixtures');
const altKeyCert = {
key: fixtures.readKey('agent2-key.pem'),
cert: fixtures.readKey('agent2-cert.pem'),
minVersion: 'TLSv1.2',
};
const altKeyCertVals = [
altKeyCert,
tls.createSecureContext(altKeyCert),
];
(function next() {
if (!altKeyCertVals.length)
return;
const altKeyCertVal = altKeyCertVals.shift();
const options = {
key: fixtures.readKey('agent1-key.pem'),
cert: fixtures.readKey('agent1-cert.pem'),
minVersion: 'TLSv1.3',
ALPNCallback: common.mustCall(function({ servername, protocols }) {
this.setKeyCert(altKeyCertVal);
assert.deepStrictEqual(protocols, ['acme-tls/1']);
return protocols[0];
}),
};
tls.createServer(options, (s) => s.end()).listen(0, function() {
this.on('connection', common.mustCall((socket) => this.close()));
tls.connect({
port: this.address().port,
rejectUnauthorized: false,
ALPNProtocols: ['acme-tls/1'],
}, common.mustCall(function() {
assert.strictEqual(this.getProtocol(), 'TLSv1.3');
const altCert = new X509Certificate(altKeyCert.cert);
assert.strictEqual(
this.getPeerX509Certificate().raw.equals(altCert.raw),
true
);
this.end();
next();
}));
});
})();