(options)
| 143 | }); |
| 144 | |
| 145 | function test(options) { |
| 146 | const rsaCN = options.rsaCN || 'agent1'; |
| 147 | const eccCN = options.eccCN || 'agent2'; |
| 148 | const clientTrustRoots = options.client.ca; |
| 149 | delete options.rsaCN; |
| 150 | delete options.eccCN; |
| 151 | delete options.client; |
| 152 | const server = tls.createServer(options, function(conn) { |
| 153 | conn.end('ok'); |
| 154 | }).listen(0, common.mustCall(connectWithEcdsa)); |
| 155 | |
| 156 | function connectWithEcdsa() { |
| 157 | const ecdsa = tls.connect(this.address().port, { |
| 158 | ciphers: 'ECDHE-ECDSA-AES256-GCM-SHA384', |
| 159 | rejectUnauthorized: true, |
| 160 | ca: clientTrustRoots, |
| 161 | checkServerIdentity: common.mustCall((_, c) => assert.strictEqual(c.subject.CN, eccCN)), |
| 162 | maxVersion: 'TLSv1.2', |
| 163 | }, common.mustCall(function() { |
| 164 | assert.deepStrictEqual(ecdsa.getCipher(), { |
| 165 | name: 'ECDHE-ECDSA-AES256-GCM-SHA384', |
| 166 | standardName: 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384', |
| 167 | version: 'TLSv1.2', |
| 168 | }); |
| 169 | |
| 170 | assert.strictEqual(ecdsa.getPeerCertificate().subject.CN, eccCN); |
| 171 | assert.strictEqual(ecdsa.getPeerCertificate().asn1Curve, 'prime256v1'); |
| 172 | ecdsa.end(); |
| 173 | connectWithRsa(); |
| 174 | })); |
| 175 | } |
| 176 | |
| 177 | function connectWithRsa() { |
| 178 | const rsa = tls.connect(server.address().port, { |
| 179 | ciphers: 'ECDHE-RSA-AES256-GCM-SHA384', |
| 180 | rejectUnauthorized: true, |
| 181 | ca: clientTrustRoots, |
| 182 | checkServerIdentity: common.mustCallAtLeast((_, c) => assert.strictEqual(c.subject.CN, rsaCN)), |
| 183 | maxVersion: 'TLSv1.2', |
| 184 | }, common.mustCall(function() { |
| 185 | assert.deepStrictEqual(rsa.getCipher(), { |
| 186 | name: 'ECDHE-RSA-AES256-GCM-SHA384', |
| 187 | standardName: 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384', |
| 188 | version: 'TLSv1.2', |
| 189 | }); |
| 190 | assert.strictEqual(rsa.getPeerCertificate().subject.CN, rsaCN); |
| 191 | assert(rsa.getPeerCertificate().exponent, 'cert for an RSA key'); |
| 192 | rsa.end(); |
| 193 | server.close(); |
| 194 | })); |
| 195 | } |
| 196 | } |
no test coverage detected
searching dependent graphs…