browser_certViewer.js (3663B)
1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 "use strict"; 5 6 const { getCertViewerUrl } = ChromeUtils.importESModule( 7 "resource://gre/modules/psm/pippki.sys.mjs" 8 ); 9 10 // Repeatedly opens the certificate viewer dialog with various certificates and 11 // determines that the viewer correctly identifies either what usages those 12 // certificates are valid for or what errors prevented the certificates from 13 // being verified. 14 15 add_task(async function testCAandTitle() { 16 let cert = await readCertificate("ca.pem", "CTu,CTu,CTu"); 17 let url = await getCertViewerUrl(cert); 18 await openCertViewerAndCheckTabName(url, "ca"); 19 }); 20 21 add_task(async function testSSLEndEntity() { 22 let cert = await readCertificate("ssl-ee.pem", ",,"); 23 let url = await getCertViewerUrl(cert); 24 await openCertViewerAndCheckTabName(url, "ssl-ee"); 25 }); 26 27 add_task(async function testEmailEndEntity() { 28 let cert = await readCertificate("email-ee.pem", ",,"); 29 let url = await getCertViewerUrl(cert); 30 await openCertViewerAndCheckTabName(url, "email-ee"); 31 }); 32 33 add_task(async function testCodeSignEndEntity() { 34 let cert = await readCertificate("code-ee.pem", ",,"); 35 let url = await getCertViewerUrl(cert); 36 await openCertViewerAndCheckTabName(url, "code-ee"); 37 }); 38 39 add_task(async function testExpired() { 40 let cert = await readCertificate("expired-ca.pem", ",,"); 41 let url = await getCertViewerUrl(cert); 42 await openCertViewerAndCheckTabName(url, "expired-ca"); 43 }); 44 45 add_task(async function testUntrusted() { 46 let cert = await readCertificate("untrusted-ca.pem", "p,p,p"); 47 let url = await getCertViewerUrl(cert); 48 await openCertViewerAndCheckTabName(url, "untrusted-ca"); 49 }); 50 51 add_task(async function testInvalid() { 52 // This certificate has a keyUsage extension asserting cRLSign and 53 // keyCertSign, but it doesn't have a basicConstraints extension. This 54 // shouldn't be valid for any usage. Sadly, we give a pretty bad error 55 // message in this case. 56 let cert = await readCertificate("invalid.pem", ",,"); 57 let url = await getCertViewerUrl(cert); 58 await openCertViewerAndCheckTabName(url, "invalid"); 59 }); 60 61 add_task(async function testLongOID() { 62 // This certificate has a certificatePolicies extension with a policy with a 63 // very long OID. This tests that we don't crash when looking at it. 64 let cert = await readCertificate("longOID.pem", ",,"); 65 let url = await getCertViewerUrl(cert); 66 await openCertViewerAndCheckTabName(url, "Long OID"); 67 }); 68 69 /** 70 * Given an certificate URL, opens the new certificate viewer and check 71 * if a certain element exists, with its expected result. 72 * 73 * @param {string} url 74 * The URL with the certificate info 75 * @param {string} expectedTabName 76 * The expected name of the tab in the certificate viewer 77 */ 78 async function openCertViewerAndCheckTabName(url, expectedTabName) { 79 await BrowserTestUtils.withNewTab( 80 { gBrowser, url }, 81 async function (browser) { 82 await SpecialPowers.spawn( 83 browser, 84 [expectedTabName], 85 async function (expectedTabName) { 86 let certificateSection = await ContentTaskUtils.waitForCondition( 87 () => { 88 return content.document.querySelector("certificate-section"); 89 }, 90 "Certificate section found" 91 ); 92 let tabName = 93 certificateSection.shadowRoot.querySelector( 94 ".tab[idnumber='0']" 95 ).textContent; 96 Assert.equal(tabName, expectedTabName); 97 } 98 ); 99 } 100 ); 101 }