From 121245f25f7ddd0a400d042f7d410d65ddb2cf57 Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Fri, 22 Sep 2017 21:59:16 -0700
Subject: [PATCH] test: add tls clientcertengine tests

---
 ...t-tls-clientcertengine-invalid-arg-type.js | 15 ++++++++++
 .../test-tls-clientcertengine-unsupported.js  | 28 +++++++++++++++++++
 ...-tls-server-setoptions-clientcertengine.js | 15 ++++++++++
 3 files changed, 58 insertions(+)
 create mode 100644 test/parallel/test-tls-clientcertengine-invalid-arg-type.js
 create mode 100644 test/parallel/test-tls-clientcertengine-unsupported.js
 create mode 100644 test/parallel/test-tls-server-setoptions-clientcertengine.js

diff --git a/test/parallel/test-tls-clientcertengine-invalid-arg-type.js b/test/parallel/test-tls-clientcertengine-invalid-arg-type.js
new file mode 100644
index 00000000000000..35915bbde3e98f
--- /dev/null
+++ b/test/parallel/test-tls-clientcertengine-invalid-arg-type.js
@@ -0,0 +1,15 @@
+'use strict';
+const common = require('../common');
+
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const assert = require('assert');
+const tls = require('tls');
+
+{
+  assert.throws(
+    () => { tls.createSecureContext({ clientCertEngine: 0 }); },
+    common.expectsError({ code: 'ERR_INVALID_ARG_TYPE',
+                          message: / Received type number$/ }));
+}
diff --git a/test/parallel/test-tls-clientcertengine-unsupported.js b/test/parallel/test-tls-clientcertengine-unsupported.js
new file mode 100644
index 00000000000000..aaa31b96303240
--- /dev/null
+++ b/test/parallel/test-tls-clientcertengine-unsupported.js
@@ -0,0 +1,28 @@
+'use strict';
+const common = require('../common');
+
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+// Monkey-patch SecureContext
+const binding = process.binding('crypto');
+const NativeSecureContext = binding.SecureContext;
+
+binding.SecureContext = function() {
+  const rv = new NativeSecureContext();
+  rv.setClientCertEngine = undefined;
+  return rv;
+};
+
+const assert = require('assert');
+const tls = require('tls');
+
+{
+  assert.throws(
+    () => { tls.createSecureContext({ clientCertEngine: 'Cannonmouth' }); },
+    common.expectsError({
+      code: 'ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED',
+      message: 'Custom engines not supported by this OpenSSL'
+    })
+  );
+}
diff --git a/test/parallel/test-tls-server-setoptions-clientcertengine.js b/test/parallel/test-tls-server-setoptions-clientcertengine.js
new file mode 100644
index 00000000000000..beafdd7c2be47b
--- /dev/null
+++ b/test/parallel/test-tls-server-setoptions-clientcertengine.js
@@ -0,0 +1,15 @@
+'use strict';
+const common = require('../common');
+
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const assert = require('assert');
+const tls = require('tls');
+
+{
+  const server = tls.createServer();
+  assert.strictEqual(server.clientCertEngine, undefined);
+  server.setOptions({ clientCertEngine: 'Cannonmouth' });
+  assert.strictEqual(server.clientCertEngine, 'Cannonmouth');
+}