11cb0ef41Sopenharmony_ci'use strict'; 21cb0ef41Sopenharmony_ciconst common = require('../common'); 31cb0ef41Sopenharmony_ciconst fixtures = require('../common/fixtures'); 41cb0ef41Sopenharmony_ci 51cb0ef41Sopenharmony_ci// Check cert chain is received by client, and is completed with the ca cert 61cb0ef41Sopenharmony_ci// known to the client. 71cb0ef41Sopenharmony_ci 81cb0ef41Sopenharmony_ciconst { 91cb0ef41Sopenharmony_ci assert, connect, debug, keys 101cb0ef41Sopenharmony_ci} = require(fixtures.path('tls-connect')); 111cb0ef41Sopenharmony_ci 121cb0ef41Sopenharmony_ci// agent6-cert.pem includes cert for agent6 and ca3 131cb0ef41Sopenharmony_ciconnect({ 141cb0ef41Sopenharmony_ci client: { 151cb0ef41Sopenharmony_ci checkServerIdentity: (servername, cert) => { }, 161cb0ef41Sopenharmony_ci ca: keys.agent6.ca, 171cb0ef41Sopenharmony_ci }, 181cb0ef41Sopenharmony_ci server: { 191cb0ef41Sopenharmony_ci cert: keys.agent6.cert, 201cb0ef41Sopenharmony_ci key: keys.agent6.key, 211cb0ef41Sopenharmony_ci }, 221cb0ef41Sopenharmony_ci}, common.mustSucceed((pair, cleanup) => { 231cb0ef41Sopenharmony_ci const peer = pair.client.conn.getPeerCertificate(); 241cb0ef41Sopenharmony_ci debug('peer:\n', peer); 251cb0ef41Sopenharmony_ci assert.strictEqual(peer.subject.emailAddress, 'adam.lippai@tresorit.com'); 261cb0ef41Sopenharmony_ci assert.strictEqual(peer.subject.CN, 'Ádám Lippai'); 271cb0ef41Sopenharmony_ci assert.strictEqual(peer.issuer.CN, 'ca3'); 281cb0ef41Sopenharmony_ci assert.match(peer.serialNumber, /5B75D77EDC7FB5B7FA9F1424DA4C64FB815DCBDE/i); 291cb0ef41Sopenharmony_ci 301cb0ef41Sopenharmony_ci const next = pair.client.conn.getPeerCertificate(true).issuerCertificate; 311cb0ef41Sopenharmony_ci const root = next.issuerCertificate; 321cb0ef41Sopenharmony_ci delete next.issuerCertificate; 331cb0ef41Sopenharmony_ci debug('next:\n', next); 341cb0ef41Sopenharmony_ci assert.strictEqual(next.subject.CN, 'ca3'); 351cb0ef41Sopenharmony_ci assert.strictEqual(next.issuer.CN, 'ca1'); 361cb0ef41Sopenharmony_ci assert.match(next.serialNumber, /147D36C1C2F74206DE9FAB5F2226D78ADB00A425/i); 371cb0ef41Sopenharmony_ci 381cb0ef41Sopenharmony_ci debug('root:\n', root); 391cb0ef41Sopenharmony_ci assert.strictEqual(root.subject.CN, 'ca1'); 401cb0ef41Sopenharmony_ci assert.strictEqual(root.issuer.CN, 'ca1'); 411cb0ef41Sopenharmony_ci assert.match(root.serialNumber, /4AB16C8DFD6A7D0D2DFCABDF9C4B0E92C6AD0229/i); 421cb0ef41Sopenharmony_ci 431cb0ef41Sopenharmony_ci // No client cert, so empty object returned. 441cb0ef41Sopenharmony_ci assert.deepStrictEqual(pair.server.conn.getPeerCertificate(), {}); 451cb0ef41Sopenharmony_ci assert.deepStrictEqual(pair.server.conn.getPeerCertificate(true), {}); 461cb0ef41Sopenharmony_ci 471cb0ef41Sopenharmony_ci return cleanup(); 481cb0ef41Sopenharmony_ci})); 49