| blob | 7f0b8888c1d5382da89744eaa012774f998192b7 |
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 "use strict";
6 // Repeatedly opens the certificate viewer dialog with various certificates and
7 // determines that the viewer correctly identifies either what usages those
8 // certificates are valid for or what errors prevented the certificates from
9 // being verified.
11 add_task(async function testCAandTitle() {
12 let cert = await readCertificate("ca.pem", "CTu,CTu,CTu");
13 let url = getURL(cert);
14 await openCertViewerAndCheckTabName(url, "ca");
15 });
17 add_task(async function testSSLEndEntity() {
18 let cert = await readCertificate("ssl-ee.pem", ",,");
19 let url = getURL(cert);
20 await openCertViewerAndCheckTabName(url, "ssl-ee");
21 });
23 add_task(async function testEmailEndEntity() {
24 let cert = await readCertificate("email-ee.pem", ",,");
25 let url = getURL(cert);
26 await openCertViewerAndCheckTabName(url, "email-ee");
27 });
29 add_task(async function testCodeSignEndEntity() {
30 let cert = await readCertificate("code-ee.pem", ",,");
31 let url = getURL(cert);
32 await openCertViewerAndCheckTabName(url, "code-ee");
33 });
35 add_task(async function testExpired() {
36 let cert = await readCertificate("expired-ca.pem", ",,");
37 let url = getURL(cert);
38 await openCertViewerAndCheckTabName(url, "expired-ca");
39 });
41 add_task(async function testUntrusted() {
42 let cert = await readCertificate("untrusted-ca.pem", "p,p,p");
43 let url = getURL(cert);
44 await openCertViewerAndCheckTabName(url, "untrusted-ca");
45 });
47 add_task(async function testInvalid() {
48 // This certificate has a keyUsage extension asserting cRLSign and
49 // keyCertSign, but it doesn't have a basicConstraints extension. This
50 // shouldn't be valid for any usage. Sadly, we give a pretty bad error
51 // message in this case.
52 let cert = await readCertificate("invalid.pem", ",,");
53 let url = getURL(cert);
54 await openCertViewerAndCheckTabName(url, "invalid");
55 });
57 add_task(async function testLongOID() {
58 // This certificate has a certificatePolicies extension with a policy with a
59 // very long OID. This tests that we don't crash when looking at it.
60 let cert = await readCertificate("longOID.pem", ",,");
61 let url = getURL(cert);
62 await openCertViewerAndCheckTabName(url, "Long OID");
63 });
65 /**
66 * Given a certificate, returns its PEMs (each one of the certificate chain) string in a url.
67 *
68 * @param {object} cert
69 * A certificate object
70 * @returns {string} an URL for opening the certificate viewer
71 */
72 function getURL(cert) {
73 // Note that we don't get the certificate chain as in e.g browser/base/content/browser.js,
74 // because all the .pem files when opened with CS (https://github.com/april/certainly-something)
75 // shows only one certificate
76 let derb64 = encodeURIComponent(cert.getBase64DERString());
77 return `about:certificate?cert=${derb64}`;
78 }
80 /**
81 * Given an certificate URL, opens the new certificate viewer and check
82 * if a certain element exists, with its expected result.
83 *
84 * @param {string} url
85 * The URL with the certificate info
86 * @param {string} expectedTabName
87 * The expected name of the tab in the certificate viewer
88 */
89 async function openCertViewerAndCheckTabName(url, expectedTabName) {
90 await BrowserTestUtils.withNewTab(
91 { gBrowser, url },
92 async function (browser) {
93 await SpecialPowers.spawn(
94 browser,
95 [expectedTabName],
96 async function (expectedTabName) {
97 let certificateSection = await ContentTaskUtils.waitForCondition(
98 () => {
99 return content.document.querySelector("certificate-section");
100 },
101 "Certificate section found"
102 );
103 let tabName =
104 certificateSection.shadowRoot.querySelector(
105 ".tab[idnumber='0']"
106 ).textContent;
107 Assert.equal(tabName, expectedTabName);
108 }
109 );
110 }
111 );
112 }