1// Copyright Joyent, Inc. and other Node contributors. 2// 3// Permission is hereby granted, free of charge, to any person obtaining a 4// copy of this software and associated documentation files (the 5// "Software"), to deal in the Software without restriction, including 6// without limitation the rights to use, copy, modify, merge, publish, 7// distribute, sublicense, and/or sell copies of the Software, and to permit 8// persons to whom the Software is furnished to do so, subject to the 9// following conditions: 10// 11// The above copyright notice and this permission notice shall be included 12// in all copies or substantial portions of the Software. 13// 14// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 15// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 16// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN 17// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, 18// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR 19// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE 20// USE OR OTHER DEALINGS IN THE SOFTWARE. 21 22'use strict'; 23const common = require('../common'); 24if (!common.hasCrypto) 25 common.skip('missing crypto'); 26 27const assert = require('assert'); 28const crypto = require('crypto'); 29const { Certificate } = crypto; 30const fixtures = require('../common/fixtures'); 31 32// Test Certificates 33const spkacValid = fixtures.readKey('rsa_spkac.spkac'); 34const spkacChallenge = 'this-is-a-challenge'; 35const spkacFail = fixtures.readKey('rsa_spkac_invalid.spkac'); 36const spkacPublicPem = fixtures.readKey('rsa_public.pem'); 37 38function copyArrayBuffer(buf) { 39 return buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.byteLength); 40} 41 42function checkMethods(certificate) { 43 44 assert.strictEqual(certificate.verifySpkac(spkacValid), true); 45 assert.strictEqual(certificate.verifySpkac(spkacFail), false); 46 47 assert.strictEqual( 48 stripLineEndings(certificate.exportPublicKey(spkacValid).toString('utf8')), 49 stripLineEndings(spkacPublicPem.toString('utf8')) 50 ); 51 assert.strictEqual(certificate.exportPublicKey(spkacFail), ''); 52 53 assert.strictEqual( 54 certificate.exportChallenge(spkacValid).toString('utf8'), 55 spkacChallenge 56 ); 57 assert.strictEqual(certificate.exportChallenge(spkacFail), ''); 58 59 const ab = copyArrayBuffer(spkacValid); 60 assert.strictEqual(certificate.verifySpkac(ab), true); 61 assert.strictEqual(certificate.verifySpkac(new Uint8Array(ab)), true); 62 assert.strictEqual(certificate.verifySpkac(new DataView(ab)), true); 63} 64 65{ 66 // Test maximum size of input buffer 67 let buf; 68 let skip = false; 69 try { 70 buf = Buffer.alloc(2 ** 31); 71 } catch { 72 // The allocation may fail on some systems. That is expected due 73 // to architecture and memory constraints. If it does, go ahead 74 // and skip this test. 75 skip = true; 76 } 77 if (!skip) { 78 assert.throws( 79 () => Certificate.verifySpkac(buf), { 80 code: 'ERR_OUT_OF_RANGE' 81 }); 82 assert.throws( 83 () => Certificate.exportChallenge(buf), { 84 code: 'ERR_OUT_OF_RANGE' 85 }); 86 assert.throws( 87 () => Certificate.exportPublicKey(buf), { 88 code: 'ERR_OUT_OF_RANGE' 89 }); 90 } 91} 92 93{ 94 // Test instance methods 95 checkMethods(new Certificate()); 96} 97 98{ 99 // Test static methods 100 checkMethods(Certificate); 101} 102 103function stripLineEndings(obj) { 104 return obj.replace(/\n/g, ''); 105} 106 107// Direct call Certificate() should return instance 108assert(Certificate() instanceof Certificate); 109 110[1, {}, [], Infinity, true, undefined, null].forEach((val) => { 111 assert.throws( 112 () => Certificate.verifySpkac(val), 113 { code: 'ERR_INVALID_ARG_TYPE' } 114 ); 115}); 116 117[1, {}, [], Infinity, true, undefined, null].forEach((val) => { 118 const errObj = { code: 'ERR_INVALID_ARG_TYPE' }; 119 assert.throws(() => Certificate.exportPublicKey(val), errObj); 120 assert.throws(() => Certificate.exportChallenge(val), errObj); 121}); 122