tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

public-key-credential-creation-options-from-json.https.window.js (6626B)

      1 // META: script=/resources/testdriver.js
      2 // META: script=/resources/testdriver-vendor.js
      3 // META: script=/resources/utils.js
      4 // META: script=helpers.js
      5 
      6 // The string "test" as ASCII bytes and base64url-encoded.
      7 const test_bytes = new Uint8Array([0x74, 0x65, 0x73, 0x74]);
      8 const test_b64 = "dGVzdA";
      9 
     10 test(() => {
     11  let actual = PublicKeyCredential.parseCreationOptionsFromJSON({
     12    rp: {
     13      id: "example.com",
     14      name: "Example Inc",
     15    },
     16    user: {
     17      id: test_b64,
     18      name: "test@example.com",
     19      displayName: "test user"
     20    },
     21    challenge: test_b64,
     22    pubKeyCredParams: [
     23      {
     24        type: "public-key",
     25        alg: -7,
     26      },
     27    ],
     28  });
     29  let expected = {
     30    rp: {
     31      id: "example.com",
     32      name: "Example Inc",
     33    },
     34    user: {
     35      id: test_bytes,
     36      name: "test@example.com",
     37      displayName: "test user"
     38    },
     39    challenge: test_bytes,
     40    pubKeyCredParams: [
     41      {
     42        type: "public-key",
     43        alg: -7,
     44      },
     45    ],
     46    // The spec defaults the following fields:
     47    attestation: "none",
     48    hints: [],
     49  };
     50 
     51  assertJsonEquals(actual.rp, expected.rp);
     52  assert_true(userEntityEquals(actual.user, expected.user));
     53  assert_true(bytesEqual(actual.challenge, expected.challenge));
     54  assertJsonEquals(actual.pubKeyCredParams, expected.pubKeyCredParams, "pk");
     55  assert_equals(actual.attestation, expected.attestation);
     56  if (actual.hasOwnProperty('hints')) {
     57    // Not all implementations support hints yet.
     58    assertJsonEquals(actual.hints, expected.hints);
     59  }
     60 }, "parseCreationOptionsFromJSON()");
     61 
     62 test(() => {
     63  assert_throws_dom("EncodingError", () => {
     64    PublicKeyCredential.parseCreationOptionsFromJSON({
     65      rp: {
     66        id: "example.com",
     67        name: "Example Inc",
     68      },
     69      user: {
     70        id: "not valid base64url",
     71        name: "test@example.com",
     72        displayName: "test user"
     73      },
     74      challenge: "not valid base64url",
     75      pubKeyCredParams: [
     76        {
     77          type: "public-key",
     78          alg: -7,
     79        },
     80      ],
     81    });
     82  });
     83 }, "parseCreationOptionsFromJSON() throws EncodingError");
     84 
     85 test(() => {
     86  let actual = PublicKeyCredential.parseCreationOptionsFromJSON({
     87    rp: {
     88      id: "example.com",
     89      name: "Example Inc",
     90    },
     91    user: {
     92      id: test_b64,
     93      name: "test@example.com",
     94      displayName: "test user"
     95    },
     96    challenge: test_b64,
     97    pubKeyCredParams: [
     98      {
     99        type: "public-key",
    100        alg: -7,
    101      },
    102    ],
    103    extensions: {
    104      appidExclude: "https://example.com/appid",
    105      hmacCreateSecret: true,
    106      credentialProtectionPolicy: "userVerificationRequired",
    107      enforceCredentialProtectionPolicy: true,
    108      minPinLength: true,
    109      credProps: true,
    110      largeBlob: {
    111        support: "required",
    112        write: test_b64,
    113      },
    114      credBlob: test_b64,
    115      supplementalPubKeys: {
    116        scopes: ["spk scope"],
    117        attestation: "directest",
    118        attestationFormats: ["asn2"],
    119      },
    120      prf: {
    121        eval: {
    122          first: test_b64,
    123          second: test_b64,
    124        },
    125        evalByCredential: {
    126          "test cred": {
    127            first: test_b64,
    128            second: test_b64,
    129          },
    130        },
    131      },
    132    },
    133  });
    134  let expected = {
    135    rp: {
    136      id: "example.com",
    137      name: "Example Inc",
    138    },
    139    user: {
    140      id: test_bytes,
    141      name: "test@example.com",
    142      displayName: "test user"
    143    },
    144    challenge: test_bytes,
    145    pubKeyCredParams: [
    146      {
    147        type: "public-key",
    148        alg: -7,
    149      },
    150    ],
    151    extensions: {
    152      appidExclude: "https://example.com/appid",
    153      hmacCreateSecret: true,
    154      credentialProtectionPolicy: "userVerificationRequired",
    155      enforceCredentialProtectionPolicy: true,
    156      minPinLength: true,
    157      credProps: true,
    158      largeBlob: {
    159        support: "required",
    160        write: test_bytes,
    161      },
    162      credBlob: test_bytes,
    163      supplementalPubKeys: {
    164        scopes: ["spk scope"],
    165        attestation: "directest",
    166        attestationFormats: ["asn2"],
    167      },
    168      prf: {
    169        eval: {
    170          first: test_bytes,
    171          second: test_bytes,
    172        },
    173        evalByCredential: {
    174          "test cred": {
    175            first: test_bytes,
    176            second: test_bytes,
    177          },
    178        },
    179      },
    180    },
    181  };
    182 
    183  // Some implementations do not support all of these extensions.
    184  if (actual.extensions.hasOwnProperty('appidExclude')) {
    185    assert_equals(
    186        actual.extensions.appidExclude, expected.extensions.appidExclude);
    187  }
    188  if (actual.extensions.hasOwnProperty('hmacCreateSecret')) {
    189    assert_equals(
    190        actual.extensions.hmacCreateSecret,
    191        expected.extensions.hmacCreateSecret);
    192  }
    193  if (actual.extensions.hasOwnProperty('credentialProtectionPolicy')) {
    194    assert_equals(
    195        actual.extensions.credentialProtectionPolicy,
    196        expected.extensions.credentialProtectionPolicy);
    197  }
    198  if (actual.extensions.hasOwnProperty('enforceCredentialProtectionPolicy')) {
    199    assert_equals(
    200        actual.extensions.enforceCredentialProtectionPolicy,
    201        expected.extensions.enforceCredentialProtectionPolicy);
    202  }
    203  if (actual.extensions.hasOwnProperty('minPinLength')) {
    204    assert_equals(
    205        actual.extensions.minPinLength, expected.extensions.minPinLength);
    206  }
    207  if (actual.extensions.hasOwnProperty('credProps')) {
    208    assert_equals(actual.extensions.credProps, expected.extensions.credProps);
    209  }
    210  if (actual.extensions.hasOwnProperty('largeBlob')) {
    211    assert_equals(
    212        actual.extensions.largeBlob.support,
    213        expected.extensions.largeBlob.support);
    214    assert_true(bytesEqual(
    215        actual.extensions.largeBlob.write,
    216        expected.extensions.largeBlob.write));
    217  }
    218  if (actual.extensions.hasOwnProperty('credBlob')) {
    219    assert_true(
    220        bytesEqual(actual.extensions.credBlob, expected.extensions.credBlob));
    221  }
    222  if (actual.extensions.hasOwnProperty('supplementalPubKeys')) {
    223    assertJsonEquals(
    224        actual.extensions.supplementalPubKeys,
    225        expected.extensions.supplementalPubKeys);
    226  }
    227  if (actual.extensions.hasOwnProperty('prf')) {
    228    let prfValuesEquals = (a, b) => {
    229      return bytesEqual(a.first, b.first) && bytesEqual(a.second, b.second);
    230    };
    231    assert_true(
    232        prfValuesEquals(
    233            actual.extensions.prf.eval, expected.extensions.prf.eval),
    234        'prf eval');
    235    assert_true(
    236        prfValuesEquals(
    237            actual.extensions.prf.evalByCredential['test cred'],
    238            expected.extensions.prf.evalByCredential['test cred']),
    239        'prf ebc');
    240  }
    241 }, "parseCreationOptionsFromJSON() with extensions");