tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

dtls-fingerprint-validation.html (2111B)

      1 <!DOCTYPE html>
      2 <html>
      3 <head>
      4 <title>DTLS fingerprint validation</title>
      5 <script src="/resources/testharness.js"></script>
      6 <script src="/resources/testharnessreport.js"></script>
      7 <script src="../RTCPeerConnection-helper.js"></script>
      8 </head>
      9 <body>
     10 <script>
     11 
     12 function makeZeroFingerprint(algorithm) {
     13  const length = algorithm === 'sha-1' ? 160 : parseInt(algorithm.split('-')[1], 10);
     14  let zeros = [];
     15  for (let i = 0; i < length; i += 8) {
     16    zeros.push('00');
     17  }
     18  return 'a=fingerprint:' + algorithm + ' ' + zeros.join(':');
     19 }
     20 
     21 // Tests that an invalid fingerprint leads to a connectionState 'failed'.
     22 promise_test(async t => {
     23  const pc1 = new RTCPeerConnection();
     24  t.add_cleanup(() => pc1.close());
     25  const pc2 = new RTCPeerConnection();
     26  t.add_cleanup(() => pc2.close());
     27  pc1.createDataChannel('datachannel');
     28  exchangeIceCandidates(pc1, pc2);
     29  await pc1.setLocalDescription();
     30  await pc2.setRemoteDescription(pc1.localDescription);
     31  const answer = await pc2.createAnswer();
     32  await pc1.setRemoteDescription({
     33    type: answer.type,
     34    sdp: answer.sdp.replace(/a=fingerprint:sha-256 .*/g, makeZeroFingerprint('sha-256')),
     35  });
     36  await pc2.setLocalDescription(answer);
     37 
     38  await waitForConnectionStateChange(pc1, ['failed']);
     39  await waitForConnectionStateChange(pc2, ['failed']);
     40 }, 'Connection fails if one side provides a wrong DTLS fingerprint');
     41 
     42 ['sha-1', 'sha-256', 'sha-384', 'sha-512'].forEach(hashFunc => {
     43  promise_test(async t => {
     44    const pc1 = new RTCPeerConnection();
     45    t.add_cleanup(() => pc1.close());
     46    const pc2 = new RTCPeerConnection();
     47    t.add_cleanup(() => pc2.close());
     48    pc1.createDataChannel('datachannel');
     49 
     50    await pc1.setLocalDescription();
     51    await pc2.setRemoteDescription(pc1.localDescription);
     52    const answer = await pc2.createAnswer();
     53    await pc1.setRemoteDescription({
     54      type: answer.type,
     55      sdp: answer.sdp.replace(/a=fingerprint:sha-256 .*/g, makeZeroFingerprint(hashFunc)),
     56    });
     57    await pc2.setLocalDescription(answer);
     58  }, 'SDP negotiation with a ' + hashFunc + ' fingerprint succeds');
     59 });
     60 
     61 </script>
     62 </body>
     63 </html>