tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_security-info-state.js (3059B)

      1 /* Any copyright is dedicated to the Public Domain.
      2   http://creativecommons.org/publicdomain/zero/1.0/ */
      3 "use strict";
      4 
      5 // Tests that security info parser gives correct general security state for
      6 // different cases.
      7 
      8 const wpl = Ci.nsIWebProgressListener;
      9 
     10 // This *cannot* be used as an nsITransportSecurityInfo (since that interface is
     11 // builtinclass) but the methods being tested aren't defined by XPCOM and aren't
     12 // calling QueryInterface, so this usage is fine.
     13 const MockSecurityInfo = {
     14  securityState: wpl.STATE_IS_BROKEN,
     15  errorCode: 0,
     16  // nsISSLStatus.TLS_VERSION_1_2
     17  protocolVersion: 3,
     18  cipherName: "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
     19 };
     20 
     21 add_task(async function run_test() {
     22  await test_nullSecurityInfo();
     23  await test_insecureSecurityInfoWithNSSError();
     24  await test_insecureSecurityInfoWithoutNSSError();
     25  await test_brokenSecurityInfo();
     26  await test_secureSecurityInfo();
     27 });
     28 
     29 /**
     30 * Test that undefined security information is returns "insecure".
     31 */
     32 async function test_nullSecurityInfo() {
     33  const result = await NetworkHelper.parseSecurityInfo(null, {}, {}, new Map());
     34  equal(
     35    result.state,
     36    "insecure",
     37    "state == 'insecure' when securityInfo was undefined"
     38  );
     39 }
     40 
     41 /**
     42 * Test that STATE_IS_INSECURE with NSSError returns "broken"
     43 */
     44 async function test_insecureSecurityInfoWithNSSError() {
     45  MockSecurityInfo.securityState = wpl.STATE_IS_INSECURE;
     46 
     47  // Taken from security/manager/ssl/tests/unit/head_psm.js.
     48  MockSecurityInfo.errorCode = -8180;
     49 
     50  const result = await NetworkHelper.parseSecurityInfo(
     51    MockSecurityInfo,
     52    {},
     53    {},
     54    new Map()
     55  );
     56  equal(
     57    result.state,
     58    "broken",
     59    "state == 'broken' if securityState contains STATE_IS_INSECURE flag AND " +
     60      "errorCode is NSS error."
     61  );
     62 
     63  MockSecurityInfo.errorCode = 0;
     64 }
     65 
     66 /**
     67 * Test that STATE_IS_INSECURE without NSSError returns "insecure"
     68 */
     69 async function test_insecureSecurityInfoWithoutNSSError() {
     70  MockSecurityInfo.securityState = wpl.STATE_IS_INSECURE;
     71 
     72  const result = await NetworkHelper.parseSecurityInfo(
     73    MockSecurityInfo,
     74    {},
     75    {},
     76    new Map()
     77  );
     78  equal(
     79    result.state,
     80    "insecure",
     81    "state == 'insecure' if securityState contains STATE_IS_INSECURE flag BUT " +
     82      "errorCode is not NSS error."
     83  );
     84 }
     85 
     86 /**
     87 * Test that STATE_IS_SECURE returns "secure"
     88 */
     89 async function test_secureSecurityInfo() {
     90  MockSecurityInfo.securityState = wpl.STATE_IS_SECURE;
     91 
     92  const result = await NetworkHelper.parseSecurityInfo(
     93    MockSecurityInfo,
     94    {},
     95    {},
     96    new Map()
     97  );
     98  equal(
     99    result.state,
    100    "secure",
    101    "state == 'secure' if securityState contains STATE_IS_SECURE flag"
    102  );
    103 }
    104 
    105 /**
    106 * Test that STATE_IS_BROKEN returns "weak"
    107 */
    108 async function test_brokenSecurityInfo() {
    109  MockSecurityInfo.securityState = wpl.STATE_IS_BROKEN;
    110 
    111  const result = await NetworkHelper.parseSecurityInfo(
    112    MockSecurityInfo,
    113    {},
    114    {},
    115    new Map()
    116  );
    117  equal(
    118    result.state,
    119    "weak",
    120    "state == 'weak' if securityState contains STATE_IS_BROKEN flag"
    121  );
    122 }