tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

RTCCertificate-postMessage.html (3150B)

      1 <!doctype html>
      2 <meta charset="utf-8">
      3 <title>RTCCertificate persistent Tests</title>
      4 <script src="/resources/testharness.js"></script>
      5 <script src="/resources/testharnessreport.js"></script>
      6 <script src="/common/get-host-info.sub.js"></script>
      7 <body>
      8 <script>
      9    function findMatchingFingerprint(fingerprints, fingerprint) {
     10        for (let f of fingerprints) {
     11            if (f.value == fingerprint.value && f.algorithm == fingerprint.algorithm)
     12                return true;
     13        }
     14        return false;
     15    }
     16 
     17    function with_iframe(url) {
     18        return new Promise(function(resolve) {
     19            var frame = document.createElement('iframe');
     20            frame.src = url;
     21            frame.onload = function() { resolve(frame); };
     22            document.body.appendChild(frame);
     23        });
     24    }
     25 
     26    function testPostMessageCertificate(isCrossOrigin) {
     27        promise_test(async t => {
     28            let certificate = await  RTCPeerConnection.generateCertificate({ name: 'ECDSA', namedCurve: 'P-256' });
     29 
     30            let url = "resources/RTCCertificate-postMessage-iframe.html";
     31            if (isCrossOrigin)
     32                url = get_host_info().HTTP_REMOTE_ORIGIN + "/webrtc/" + url;
     33 
     34            let iframe = await with_iframe(url);
     35 
     36            let promise = new Promise((resolve, reject) => {
     37                window.onmessage = (event) => {
     38                    resolve(event.data);
     39                };
     40                t.step_timeout(() => reject("Timed out waiting for frame to send back certificate"), 5000);
     41            });
     42            iframe.contentWindow.postMessage(certificate, "*");
     43            let certificate2 = await promise;
     44 
     45            const pc1 = new RTCPeerConnection({certificates: [certificate]});
     46            t.add_cleanup(() => pc1.close());
     47            const pc2 = new RTCPeerConnection({certificates: [certificate2]});
     48            t.add_cleanup(() => pc2.close());
     49 
     50            assert_equals(certificate.expires, certificate2.expires);
     51            for (let fingerprint of certificate2.getFingerprints())
     52                assert_true(findMatchingFingerprint(certificate.getFingerprints(), fingerprint), "check fingerprints");
     53 
     54            iframe.remove();
     55        }, "Check " + (isCrossOrigin ? "cross-origin" : "same-origin") + " RTCCertificate serialization");
     56    }
     57 
     58    testPostMessageCertificate(false);
     59    testPostMessageCertificate(true);
     60 
     61    promise_test(async t => {
     62        let url = get_host_info().HTTP_REMOTE_ORIGIN + "/webrtc/resources/RTCCertificate-postMessage-iframe.html";
     63        let iframe = await with_iframe(url);
     64 
     65        let promise = new Promise((resolve, reject) => {
     66            window.onmessage = (event) => {
     67                resolve(event.data);
     68            };
     69            t.step_timeout(() => reject("Timed out waiting for frame to send back certificate"), 5000);
     70        });
     71        iframe.contentWindow.postMessage(null, "*");
     72        let certificate2 = await promise;
     73 
     74        assert_throws_dom("InvalidAccessError", () => { new RTCPeerConnection({certificates: [certificate2]}) });
     75        iframe.remove();
     76    }, "Check cross-origin created RTCCertificate");
     77 </script>
     78 </body>