search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
history | raw | HEAD
no bug - Import translations from android-l10n r=release a=l10n CLOSED TREE
[gecko.git] / security / manager / ssl / tests / unit / test_delegated_credentials.js
blob1bb6f70aadaa7847db5892bcde798fdfd6b2642a
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2  * License, v. 2.0. If a copy of the MPL was not distributed with this
3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 "use strict";
5
6 // Tests handling of certificates marked as permitting delegated credentials
7
8 function shouldBeDelegatedCredential(aTransportSecurityInfo) {
9   Assert.ok(
10     aTransportSecurityInfo.isDelegatedCredential,
11     "This host should have used a delegated credential"
12   );
13 }
14
15 function shouldNotBeDelegatedCredential(aTransportSecurityInfo) {
16   Assert.ok(
17     !aTransportSecurityInfo.isDelegatedCredential,
18     "This host should not have used a delegated credential"
19   );
20 }
21
22 do_get_profile();
23
24 add_tls_server_setup(
25   "DelegatedCredentialsServer",
26   "test_delegated_credentials"
27 );
28
29 // Test:
30 // Server certificate supports DC
31 // Server DC support enabled
32 // Client DC support disabled
33 // Result: Successful connection without DC
34 add_test(function () {
35   clearSessionCache();
36   Services.prefs.setBoolPref(
37     "security.tls.enable_delegated_credentials",
38     false
39   );
40   run_next_test();
41 });
42 add_connection_test(
43   "delegated-enabled.example.com",
44   PRErrorCodeSuccess,
45   null,
46   shouldNotBeDelegatedCredential
47 );
48
49 // Test:
50 // Server certificate does not support DC
51 // Server DC support enabled
52 // Client DC support enabled
53 // Result: SSL_ERROR_DC_INVALID_KEY_USAGE from client when
54 //         checking DC against EE cert, no DC in aTransportSecurityInfo.
55 add_test(function () {
56   clearSessionCache();
57   Services.prefs.setBoolPref("security.tls.enable_delegated_credentials", true);
58   run_next_test();
59 });
60 add_connection_test(
61   "standard-enabled.example.com",
62   SSL_ERROR_DC_INVALID_KEY_USAGE,
63   null,
64   // We'll never |mHaveCipherSuiteAndProtocol|,
65   // and therefore can't check IsDelegatedCredential
66   null
67 );
68
69 // Test:
70 // Server certificate supports DC
71 // Server DC support disabled
72 // Client DC support enabled
73 // Result: Successful connection without DC
74 add_connection_test(
75   "delegated-disabled.example.com",
76   PRErrorCodeSuccess,
77   null,
78   shouldNotBeDelegatedCredential
79 );
80
81 // Test:
82 // Server certificate supports DC
83 // Server DC support enabled
84 // Client DC support enabled
85 // Result: Successful connection with DC
86 add_connection_test(
87   "delegated-enabled.example.com",
88   PRErrorCodeSuccess,
89   null,
90   shouldBeDelegatedCredential
91 );