Skip to content

Commit e787797

Browse files
haramjharamj
committed
tls: improve tls.getCACertificates() to simplify certificate handling
1 parent cea9639 commit e787797

1 file changed

Lines changed: 26 additions & 37 deletions

File tree

lib/tls.js

Lines changed: 26 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -184,20 +184,29 @@ function cacheDefaultCACertificates() {
184184
return defaultCACertificates;
185185
}
186186

187+
function getCACertificatesAsStrings(type = 'default') {
188+
validateString(type, 'type');
189+
190+
switch (type) {
191+
case 'default':
192+
return cacheDefaultCACertificates();
193+
case 'bundled':
194+
return cacheBundledRootCertificates();
195+
case 'system':
196+
return cacheSystemCACertificates();
197+
case 'extra':
198+
return cacheExtraCACertificates();
199+
default:
200+
throw new ERR_INVALID_ARG_VALUE('type', type);
201+
}
202+
}
203+
187204
function getCACertificates(options = undefined) {
188205
if (typeof options === 'string' || options === undefined) {
189-
const type = (typeof options === 'string') ? options : 'default';
190-
191-
validateString(type, 'type');
206+
return getCACertificatesAsStrings(options);
207+
}
192208

193-
switch (type) {
194-
case 'default': return cacheDefaultCACertificates();
195-
case 'bundled': return cacheBundledRootCertificates();
196-
case 'system': return cacheSystemCACertificates();
197-
case 'extra': return cacheExtraCACertificates();
198-
default: throw new ERR_INVALID_ARG_VALUE('type', type);
199-
}
200-
} else if (typeof options === 'object' && options !== null) {
209+
if (typeof options === 'object' && options !== null) {
201210
const {
202211
type = 'default',
203212
format = 'pem',
@@ -206,44 +215,24 @@ function getCACertificates(options = undefined) {
206215
validateString(type, 'type');
207216
validateOneOf(format, 'format', ['pem', 'der', 'x509', 'string', 'buffer']);
208217

209-
let effectiveFormat = format;
210-
if (format === 'string') {
211-
effectiveFormat = 'pem';
212-
} else if (format === 'buffer') {
213-
effectiveFormat = 'der';
214-
}
218+
const certs = getCACertificatesAsStrings(type);
215219

216-
let certs;
217-
switch (type) {
218-
case 'default': certs = cacheDefaultCACertificates(); break;
219-
case 'bundled': certs = cacheBundledRootCertificates(); break;
220-
case 'system': certs = cacheSystemCACertificates(); break;
221-
case 'extra': certs = cacheExtraCACertificates(); break;
222-
default: throw new ERR_INVALID_ARG_VALUE('type', type);
220+
if (format === 'x509') {
221+
return certs.map((cert) => new X509Certificate(cert));
223222
}
224223

225-
if (effectiveFormat === 'pem') {
226-
return certs.map((cert) => {
227-
if (typeof cert === 'string') {
228-
return cert;
229-
}
230-
return `-----BEGIN CERTIFICATE-----\n${cert.toString('base64').match(/.{1,64}/g).join('\n')}\n-----END CERTIFICATE-----`;
231-
});
224+
if (format === 'pem' || format === 'string') {
225+
return certs;
232226
}
233227

234228
const buffers = certs.map((cert) => {
235-
if (Buffer.isBuffer(cert)) {
236-
return cert;
237-
}
238229
const base64 = cert.replace(/(?:\s|-----BEGIN CERTIFICATE-----|-----END CERTIFICATE-----)+/g, '');
239230
return Buffer.from(base64, 'base64');
240231
});
241232

242-
if (effectiveFormat === 'der') {
233+
if (format === 'der' || format === 'buffer') {
243234
return buffers;
244235
}
245-
246-
return buffers.map((buf) => new X509Certificate(buf));
247236
}
248237

249238
throw new ERR_INVALID_ARG_TYPE('options', ['string', 'object'], options);

0 commit comments

Comments
 (0)