tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_webauthn_no_token.html (3100B)

      1 <!DOCTYPE html>
      2 <meta charset=utf-8>
      3 <head>
      4  <title>Test for W3C Web Authentication with no token</title>
      5  <script src="/tests/SimpleTest/SimpleTest.js"></script>
      6  <script type="text/javascript" src="u2futil.js"></script>
      7  <script type="text/javascript" src="pkijs/common.js"></script>
      8  <script type="text/javascript" src="pkijs/asn1.js"></script>
      9  <script type="text/javascript" src="pkijs/x509_schema.js"></script>
     10  <script type="text/javascript" src="pkijs/x509_simpl.js"></script>
     11  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
     12 </head>
     13 <body>
     14 
     15 <h1>Test for W3C Web Authentication with no token</h1>
     16 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1309284">Mozilla Bug 1309284</a>
     17 
     18 <script class="testbody" type="text/javascript">
     19 "use strict";
     20 
     21 is(navigator.authentication, undefined, "navigator.authentication does not exist any longer");
     22 isnot(navigator.credentials, undefined, "Credential Management API endpoint must exist");
     23 isnot(navigator.credentials.create, undefined, "CredentialManagement create API endpoint must exist");
     24 isnot(navigator.credentials.get, undefined, "CredentialManagement get API endpoint must exist");
     25 
     26 let credm;
     27 let credentialChallenge;
     28 let assertionChallenge;
     29 let credentialId;
     30 
     31 // Setup test env
     32 add_task(async () => {
     33  credentialChallenge = new Uint8Array(16);
     34  window.crypto.getRandomValues(credentialChallenge);
     35  assertionChallenge = new Uint8Array(16);
     36  window.crypto.getRandomValues(assertionChallenge);
     37  credentialId = new Uint8Array(128);
     38  window.crypto.getRandomValues(credentialId);
     39  credm = navigator.credentials;
     40  // Turn off all tokens. This should result in "not allowed" failures
     41  await SpecialPowers.pushPrefEnv({"set": [
     42    ["security.webauth.webauthn_enable_softtoken", false],
     43    ["security.webauth.webauthn_enable_usbtoken", false],
     44  ]});
     45 });
     46 
     47 add_task(async function test_no_token_make_credential() {
     48  let rp = {id: document.domain, name: "none"};
     49  let user = {id: new Uint8Array(), name: "none", displayName: "none"};
     50  let param = {type: "public-key", alg: cose_alg_ECDSA_w_SHA256};
     51  let makeCredentialOptions = {
     52    rp, user, challenge: credentialChallenge, pubKeyCredParams: [param]
     53  };
     54  return credm.create({publicKey: makeCredentialOptions})
     55  .then(function(aResult) {
     56    ok(false, "Should have failed.");
     57  })
     58  .catch(function(aReason) {
     59    ok(aReason.toString().startsWith("NotAllowedError"), aReason);
     60  });
     61 });
     62 
     63 add_task(async function test_no_token_get_assertion() {
     64  let newCredential = {
     65    type: "public-key",
     66    id: credentialId,
     67    transports: ["usb"],
     68  }
     69  let publicKeyCredentialRequestOptions = {
     70    challenge: assertionChallenge,
     71    timeout: 5000, // the minimum timeout is actually 15 seconds
     72    rpId: document.domain,
     73    allowCredentials: [newCredential]
     74  };
     75  return credm.get({publicKey: publicKeyCredentialRequestOptions})
     76  .then(function(aResult) {
     77    ok(false, "Should have failed.");
     78  })
     79  .catch(function(aReason) {
     80    ok(aReason.toString().startsWith("NotAllowedError"), aReason);
     81  })
     82 });
     83 
     84 </script>
     85 
     86 </body>
     87 </html>