feat(ext/node): add rootCertificates to node:tls (#25707)

Closes https://github.com/denoland/deno/issues/25604 Signed-off-by: Satya Rohith <me@satyarohith.com> Co-authored-by: Satya Rohith <me@satyarohith.com>
author: Luca Casonato <hello@lcas.dev> 2024-09-18 21:14:26 +0200
committer: GitHub <noreply@github.com> 2024-09-18 21:14:26 +0200
commit: ab1e391e1d700a68964e899963670e903f498cdf (patch)
tree: 923a469665b841605d81b7f615658a0bb363c35c /ext/node/ops/tls.rs
parent: 5b14c71dafc119d5cf251d6e63cb5f53a661a391 (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/ext/node/ops/tls.rs b/ext/node/ops/tls.rs
new file mode 100644
index 000000000..86b177960
--- /dev/null
+++ b/ext/node/ops/tls.rs
@@ -0,0 +1,29 @@
+// Copyright 2018-2024 the Deno authors. All rights reserved. MIT license.
+use base64::Engine;
+use deno_core::op2;
+use webpki_root_certs;
+
+#[op2]
+#[serde]
+pub fn op_get_root_certificates() -> Vec<String> {
+  let certs = webpki_root_certs::TLS_SERVER_ROOT_CERTS
+    .iter()
+    .map(|cert| {
+      let b64 = base64::engine::general_purpose::STANDARD.encode(cert);
+      let pem_lines = b64
+        .chars()
+        .collect::<Vec<char>>()
+        // Node uses 72 characters per line, so we need to follow node even though
+        // it's not spec compliant https://datatracker.ietf.org/doc/html/rfc7468#section-2
+        .chunks(72)
+        .map(|c| c.iter().collect::<String>())
+        .collect::<Vec<String>>()
+        .join("\n");
+      let pem = format!(
+        "-----BEGIN CERTIFICATE-----\n{pem_lines}\n-----END CERTIFICATE-----\n",
+      );
+      pem
+    })
+    .collect::<Vec<String>>();
+  certs
+}
author	Luca Casonato <hello@lcas.dev>	2024-09-18 21:14:26 +0200
committer	GitHub <noreply@github.com>	2024-09-18 21:14:26 +0200
commit	ab1e391e1d700a68964e899963670e903f498cdf (patch)
tree	923a469665b841605d81b7f615658a0bb363c35c /ext/node/ops/tls.rs
parent	5b14c71dafc119d5cf251d6e63cb5f53a661a391 (diff)