Skip to content

Commit e2879a5

Browse files
haramjharamj
committed
tls: improve tls.getCACertificates() to simplify certificate handling
1 parent 95c07aa commit e2879a5

File tree

1 file changed

+26
-37
lines changed

1 file changed

+26
-37
lines changed

lib/tls.js

Lines changed: 26 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -168,20 +168,29 @@ function cacheDefaultCACertificates() {
168168
return defaultCACertificates;
169169
}
170170

171+
function getCACertificatesAsStrings(type = 'default') {
172+
validateString(type, 'type');
173+
174+
switch (type) {
175+
case 'default':
176+
return cacheDefaultCACertificates();
177+
case 'bundled':
178+
return cacheBundledRootCertificates();
179+
case 'system':
180+
return cacheSystemCACertificates();
181+
case 'extra':
182+
return cacheExtraCACertificates();
183+
default:
184+
throw new ERR_INVALID_ARG_VALUE('type', type);
185+
}
186+
}
187+
171188
function getCACertificates(options = undefined) {
172189
if (typeof options === 'string' || options === undefined) {
173-
const type = (typeof options === 'string') ? options : 'default';
174-
175-
validateString(type, 'type');
190+
return getCACertificatesAsStrings(options);
191+
}
176192

177-
switch (type) {
178-
case 'default': return cacheDefaultCACertificates();
179-
case 'bundled': return cacheBundledRootCertificates();
180-
case 'system': return cacheSystemCACertificates();
181-
case 'extra': return cacheExtraCACertificates();
182-
default: throw new ERR_INVALID_ARG_VALUE('type', type);
183-
}
184-
} else if (typeof options === 'object' && options !== null) {
193+
if (typeof options === 'object' && options !== null) {
185194
const {
186195
type = 'default',
187196
format = 'pem',
@@ -190,44 +199,24 @@ function getCACertificates(options = undefined) {
190199
validateString(type, 'type');
191200
validateOneOf(format, 'format', ['pem', 'der', 'x509', 'string', 'buffer']);
192201

193-
let effectiveFormat = format;
194-
if (format === 'string') {
195-
effectiveFormat = 'pem';
196-
} else if (format === 'buffer') {
197-
effectiveFormat = 'der';
198-
}
202+
const certs = getCACertificatesAsStrings(type);
199203

200-
let certs;
201-
switch (type) {
202-
case 'default': certs = cacheDefaultCACertificates(); break;
203-
case 'bundled': certs = cacheBundledRootCertificates(); break;
204-
case 'system': certs = cacheSystemCACertificates(); break;
205-
case 'extra': certs = cacheExtraCACertificates(); break;
206-
default: throw new ERR_INVALID_ARG_VALUE('type', type);
204+
if (format === 'x509') {
205+
return certs.map((cert) => new X509Certificate(cert));
207206
}
208207

209-
if (effectiveFormat === 'pem') {
210-
return certs.map((cert) => {
211-
if (typeof cert === 'string') {
212-
return cert;
213-
}
214-
return `-----BEGIN CERTIFICATE-----\n${cert.toString('base64').match(/.{1,64}/g).join('\n')}\n-----END CERTIFICATE-----`;
215-
});
208+
if (format === 'pem' || format === 'string') {
209+
return certs;
216210
}
217211

218212
const buffers = certs.map((cert) => {
219-
if (Buffer.isBuffer(cert)) {
220-
return cert;
221-
}
222213
const base64 = cert.replace(/(?:\s|-----BEGIN CERTIFICATE-----|-----END CERTIFICATE-----)+/g, '');
223214
return Buffer.from(base64, 'base64');
224215
});
225216

226-
if (effectiveFormat === 'der') {
217+
if (format === 'der' || format === 'buffer') {
227218
return buffers;
228219
}
229-
230-
return buffers.map((buf) => new X509Certificate(buf));
231220
}
232221

233222
throw new ERR_INVALID_ARG_TYPE('options', ['string', 'object'], options);

0 commit comments

Comments
 (0)