feat: `Deno.ConnectTlsOptions.{cert,key}` (#22274)

Towards #22197
author: Asher Gomez <ashersaupingomez@gmail.com> 2024-02-19 01:30:58 +1100
committer: GitHub <noreply@github.com> 2024-02-18 07:30:58 -0700
commit: 9a43a2b4959be288034ef0c43f638542de2028b8 (patch)
tree: a1a54e374b3616b9d4ebf318d71fa5c0f5931c9f /tests
parent: 3c7057d5832bae61de7f5001df85d2505d6aa9db (diff)
1 files changed, 123 insertions, 0 deletions
diff --git a/tests/unit/tls_test.ts b/tests/unit/tls_test.ts
index 0ad69d3e4..1ac5e8d98 100644
--- a/tests/unit/tls_test.ts
+++ b/tests/unit/tls_test.ts
@@ -1176,6 +1176,22 @@ Deno.test(
 
 Deno.test(
   { permissions: { read: true, net: true } },
+  async function connectTLSBadCertKey(): Promise<void> {
+    await assertRejects(async () => {
+      await Deno.connectTls({
+        hostname: "deno.land",
+        port: 443,
+        cert: "bad data",
+        key: await Deno.readTextFile(
+          "tests/testdata/tls/localhost.key",
+        ),
+      });
+    }, Deno.errors.InvalidData);
+  },
+);
+
+Deno.test(
+  { permissions: { read: true, net: true } },
   async function connectTLSBadPrivateKey(): Promise<void> {
     await assertRejects(async () => {
       await Deno.connectTls({
@@ -1192,6 +1208,22 @@ Deno.test(
 
 Deno.test(
   { permissions: { read: true, net: true } },
+  async function connectTLSBadKey(): Promise<void> {
+    await assertRejects(async () => {
+      await Deno.connectTls({
+        hostname: "deno.land",
+        port: 443,
+        cert: await Deno.readTextFile(
+          "tests/testdata/tls/localhost.crt",
+        ),
+        key: "bad data",
+      });
+    }, Deno.errors.InvalidData);
+  },
+);
+
+Deno.test(
+  { permissions: { read: true, net: true } },
   async function connectTLSNotPrivateKey(): Promise<void> {
     await assertRejects(async () => {
       await Deno.connectTls({
@@ -1208,6 +1240,22 @@ Deno.test(
 
 Deno.test(
   { permissions: { read: true, net: true } },
+  async function connectTLSNotKey(): Promise<void> {
+    await assertRejects(async () => {
+      await Deno.connectTls({
+        hostname: "deno.land",
+        port: 443,
+        cert: await Deno.readTextFile(
+          "tests/testdata/tls/localhost.crt",
+        ),
+        key: "",
+      });
+    }, Deno.errors.InvalidData);
+  },
+);
+
+Deno.test(
+  { permissions: { read: true, net: true } },
   async function connectWithClientCert() {
     // The test_server running on port 4552 responds with 'PASS' if client
     // authentication was successful. Try it by running test_server and
@@ -1233,6 +1281,81 @@ Deno.test(
 
 Deno.test(
   { permissions: { read: true, net: true } },
+  async function connectWithCert() {
+    // The test_server running on port 4552 responds with 'PASS' if client
+    // authentication was successful. Try it by running test_server and
+    //   curl --key cli/tests/testdata/tls/localhost.key \
+    //        --cert cli/tests/testdata/tls/localhost.crt \
+    //        --cacert cli/tests/testdata/tls/RootCA.crt https://localhost:4552/
+    const conn = await Deno.connectTls({
+      hostname: "localhost",
+      port: 4552,
+      cert: await Deno.readTextFile(
+        "tests/testdata/tls/localhost.crt",
+      ),
+      key: await Deno.readTextFile(
+        "tests/testdata/tls/localhost.key",
+      ),
+      caCerts: [Deno.readTextFileSync("tests/testdata/tls/RootCA.pem")],
+    });
+    const result = decoder.decode(await readAll(conn));
+    assertEquals(result, "PASS");
+    conn.close();
+  },
+);
+
+Deno.test(
+  { permissions: { read: true, net: true } },
+  async function connectTlsConflictingCertOptions(): Promise<void> {
+    await assertRejects(
+      async () => {
+        await Deno.connectTls({
+          hostname: "deno.land",
+          port: 443,
+          cert: await Deno.readTextFile(
+            "tests/testdata/tls/localhost.crt",
+          ),
+          certChain: await Deno.readTextFile(
+            "tests/testdata/tls/localhost.crt",
+          ),
+          key: await Deno.readTextFile(
+            "tests/testdata/tls/localhost.key",
+          ),
+        });
+      },
+      TypeError,
+      "Cannot specify both `certChain` and `cert`",
+    );
+  },
+);
+
+Deno.test(
+  { permissions: { read: true, net: true } },
+  async function connectTlsConflictingKeyOptions(): Promise<void> {
+    await assertRejects(
+      async () => {
+        await Deno.connectTls({
+          hostname: "deno.land",
+          port: 443,
+          cert: await Deno.readTextFile(
+            "tests/testdata/tls/localhost.crt",
+          ),
+          privateKey: await Deno.readTextFile(
+            "tests/testdata/tls/localhost.crt",
+          ),
+          key: await Deno.readTextFile(
+            "tests/testdata/tls/localhost.key",
+          ),
+        });
+      },
+      TypeError,
+      "Cannot specify both `privateKey` and `key`",
+    );
+  },
+);
+
+Deno.test(
+  { permissions: { read: true, net: true } },
   async function connectTLSCaCerts() {
     const conn = await Deno.connectTls({
       hostname: "localhost",
author	Asher Gomez <ashersaupingomez@gmail.com>	2024-02-19 01:30:58 +1100
committer	GitHub <noreply@github.com>	2024-02-18 07:30:58 -0700
commit	9a43a2b4959be288034ef0c43f638542de2028b8 (patch)
tree	a1a54e374b3616b9d4ebf318d71fa5c0f5931c9f /tests
parent	3c7057d5832bae61de7f5001df85d2505d6aa9db (diff)