search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
history | raw | HEAD
no bug - Import translations from android-l10n r=release a=l10n CLOSED TREE
[gecko.git] / security / manager / ssl / tests / unit / test_cert_storage_preexisting_crlite.js
blobc444bdd9455fd920da6c61be61c43dbedee85595
1 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
2 /* This Source Code Form is subject to the terms of the Mozilla Public
3  * License, v. 2.0. If a copy of the MPL was not distributed with this
4  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5 "use strict";
6
7 // This file tests that cert_storage correctly persists its information across
8 // runs of the browser specifically in the case of CRLite.
9 // (The test DB files for this test were created by running the test
10 // `test_cert_storage_direct.js` and copying them from that test's profile
11 // directory.)
12
13 /* eslint-disable no-unused-vars */
14 add_task(async function () {
15   Services.prefs.setIntPref(
16     "security.pki.crlite_mode",
17     CRLiteModeEnforcePrefValue
18   );
19
20   let dbDirectory = do_get_profile();
21   dbDirectory.append("security_state");
22   let crliteFile = do_get_file(
23     "test_cert_storage_preexisting_crlite/crlite.filter"
24   );
25   crliteFile.copyTo(dbDirectory, "crlite.filter");
26   let coverageFile = do_get_file(
27     "test_cert_storage_preexisting_crlite/crlite.coverage"
28   );
29   coverageFile.copyTo(dbDirectory, "crlite.coverage");
30   let enrollmentFile = do_get_file(
31     "test_cert_storage_preexisting_crlite/crlite.enrollment"
32   );
33   enrollmentFile.copyTo(dbDirectory, "crlite.enrollment");
34
35   let certStorage = Cc["@mozilla.org/security/certstorage;1"].getService(
36     Ci.nsICertStorage
37   );
38
39   // Add an empty stash to ensure the filter is considered to be fresh.
40   await new Promise(resolve => {
41     certStorage.addCRLiteStash(new Uint8Array([]), (rv, _) => {
42       Assert.equal(rv, Cr.NS_OK, "marked filter as fresh");
43       resolve();
44     });
45   });
46
47   let certdb = Cc["@mozilla.org/security/x509certdb;1"].getService(
48     Ci.nsIX509CertDB
49   );
50   let validCertIssuer = constructCertFromFile(
51     "test_cert_storage_direct/valid-cert-issuer.pem"
52   );
53   let validCert = constructCertFromFile(
54     "test_cert_storage_direct/valid-cert.pem"
55   );
56   await checkCertErrorGenericAtTime(
57     certdb,
58     validCert,
59     PRErrorCodeSuccess,
60     certificateUsageSSLServer,
61     new Date("2019-10-28T00:00:00Z").getTime() / 1000,
62     false,
63     "skynew.jp",
64     Ci.nsIX509CertDB.FLAG_LOCAL_ONLY
65   );
66
67   let revokedCertIssuer = constructCertFromFile(
68     "test_cert_storage_direct/revoked-cert-issuer.pem"
69   );
70   let revokedCert = constructCertFromFile(
71     "test_cert_storage_direct/revoked-cert.pem"
72   );
73   await checkCertErrorGenericAtTime(
74     certdb,
75     revokedCert,
76     SEC_ERROR_REVOKED_CERTIFICATE,
77     certificateUsageSSLServer,
78     new Date("2019-11-04T00:00:00Z").getTime() / 1000,
79     false,
80     "schunk-group.com",
81     Ci.nsIX509CertDB.FLAG_LOCAL_ONLY
82   );
83 });