mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 332442 - Keep track of and delete imported certs in head.js instead of in various test files. r=mgoodwin 

head.js is run/included for every test file in the same folder, so having it
keep track of and clean up imported certs reduces the amount of duplication.

MozReview-Commit-ID: 23482qadMiy

--HG--
extra : rebase_source : e74ebc2d38b4abc58cc344742c98919e137e08ba
This commit is contained in:
Cykesiopka 2016-10-18 00:02:41 +08:00
Родитель 9f8d517918
Коммит 05c6ec703e
3 изменённых файлов: 35 добавлений и 38 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

35
security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
Просмотреть файл

@ -10,53 +10,43 @@
var { OS } = Cu.import("resource://gre/modules/osfile.jsm", {});
var certificates = [];
registerCleanupFunction(function() {
let certdb = Cc["@mozilla.org/security/x509certdb;1"]
.getService(Ci.nsIX509CertDB);
certificates.forEach(cert => {
certdb.deleteCertificate(cert);
});
});
add_task(function* () {
let cert = yield readCertificate("ca.pem", "CTu,CTu,CTu", certificates);
let cert = yield readCertificate("ca.pem", "CTu,CTu,CTu");
let win = yield displayCertificate(cert);
checkUsages(win, ["SSL Certificate Authority"]);
yield BrowserTestUtils.closeWindow(win);
});
add_task(function* () {
let cert = yield readCertificate("ssl-ee.pem", ",,", certificates);
let cert = yield readCertificate("ssl-ee.pem", ",,");
let win = yield displayCertificate(cert);
checkUsages(win, ["SSL Server Certificate", "SSL Client Certificate"]);
yield BrowserTestUtils.closeWindow(win);
});
add_task(function* () {
let cert = yield readCertificate("email-ee.pem", ",,", certificates);
let cert = yield readCertificate("email-ee.pem", ",,");
let win = yield displayCertificate(cert);
checkUsages(win, ["Email Recipient Certificate", "Email Signer Certificate"]);
yield BrowserTestUtils.closeWindow(win);
});
add_task(function* () {
let cert = yield readCertificate("code-ee.pem", ",,", certificates);
let cert = yield readCertificate("code-ee.pem", ",,");
let win = yield displayCertificate(cert);
checkUsages(win, ["Object Signer"]);
yield BrowserTestUtils.closeWindow(win);
});
add_task(function* () {
let cert = yield readCertificate("expired-ca.pem", ",,", certificates);
let cert = yield readCertificate("expired-ca.pem", ",,");
let win = yield displayCertificate(cert);
checkError(win, "Could not verify this certificate because it has expired.");
yield BrowserTestUtils.closeWindow(win);
});
add_task(function* () {
let cert = yield readCertificate("ee-from-expired-ca.pem", ",,", certificates);
let cert = yield readCertificate("ee-from-expired-ca.pem", ",,");
let win = yield displayCertificate(cert);
checkError(win,
"Could not verify this certificate because the CA certificate " +
@ -65,7 +55,7 @@ add_task(function* () {
});
add_task(function* () {
let cert = yield readCertificate("unknown-issuer.pem", ",,", certificates);
let cert = yield readCertificate("unknown-issuer.pem", ",,");
let win = yield displayCertificate(cert);
checkError(win,
"Could not verify this certificate because the issuer is " +
@ -74,7 +64,7 @@ add_task(function* () {
});
add_task(function* () {
let cert = yield readCertificate("md5-ee.pem", ",,", certificates);
let cert = yield readCertificate("md5-ee.pem", ",,");
let win = yield displayCertificate(cert);
checkError(win,
"Could not verify this certificate because it was signed using " +
@ -84,7 +74,7 @@ add_task(function* () {
});
add_task(function* () {
let cert = yield readCertificate("untrusted-ca.pem", "p,p,p", certificates);
let cert = yield readCertificate("untrusted-ca.pem", "p,p,p");
let win = yield displayCertificate(cert);
checkError(win,
"Could not verify this certificate because it is not trusted.");
@ -92,8 +82,7 @@ add_task(function* () {
});
add_task(function* () {
let cert = yield readCertificate("ee-from-untrusted-ca.pem", ",,",
certificates);
let cert = yield readCertificate("ee-from-untrusted-ca.pem", ",,");
let win = yield displayCertificate(cert);
checkError(win,
"Could not verify this certificate because the issuer is not " +
@ -110,7 +99,7 @@ add_task(function* () {
certBlocklist.revokeCertBySubjectAndPubKey(
"MBIxEDAOBgNVBAMMB3Jldm9rZWQ=", // CN=revoked
"VCIlmPM9NkgFQtrs4Oa5TeFcDu6MWRTKSNdePEhOgD8="); // hash of the shared key
let cert = yield readCertificate("revoked.pem", ",,", certificates);
let cert = yield readCertificate("revoked.pem", ",,");
let win = yield displayCertificate(cert);
checkError(win,
"Could not verify this certificate because it has been revoked.");
@ -122,7 +111,7 @@ add_task(function* () {
// keyCertSign, but it doesn't have a basicConstraints extension. This
// shouldn't be valid for any usage. Sadly, we give a pretty lame error
// message in this case.
let cert = yield readCertificate("invalid.pem", ",,", certificates);
let cert = yield readCertificate("invalid.pem", ",,");
let win = yield displayCertificate(cert);
checkError(win, "Could not verify this certificate for unknown reasons.");
yield BrowserTestUtils.closeWindow(win);

11
security/manager/ssl/tests/mochitest/browser/browser_deleteCert_ui.js
Просмотреть файл

@ -14,7 +14,6 @@
* @type nsIMutableArray<nsICertTreeItem>
*/
var gCertArray = Cc["@mozilla.org/array;1"].createInstance(Ci.nsIMutableArray);
var gImportedCerts = [];
const FAKE_HOST_PORT = "Fake host and port";
@ -75,19 +74,11 @@ function openDeleteCertConfirmDialog(tabID) {
});
}
registerCleanupFunction(() => {
let certdb = Cc["@mozilla.org/security/x509certdb;1"]
.getService(Ci.nsIX509CertDB);
for (let cert of gImportedCerts) {
certdb.deleteCertificate(cert);
}
});
add_task(function* setup() {
for (let testCase of TEST_CASES) {
let cert = null;
if (testCase.certFilename) {
cert = yield readCertificate(testCase.certFilename, ",,", gImportedCerts);
cert = yield readCertificate(testCase.certFilename, ",,");
}
let certTreeItem = {
hostPort: FAKE_HOST_PORT,

27
security/manager/ssl/tests/mochitest/browser/head.js
Просмотреть файл

@ -2,6 +2,23 @@
http://creativecommons.org/publicdomain/zero/1.0/ */
"use strict";
var gCertDB = Cc["@mozilla.org/security/x509certdb;1"]
.getService(Ci.nsIX509CertDB);
/**
* List of certs imported via readCertificate(). Certs in this list are
* automatically deleted from the cert DB when a test including this head file
* finishes.
* @type nsIX509Cert[]
*/
var gImportedCerts = [];
registerCleanupFunction(() => {
for (let cert of gImportedCerts) {
gCertDB.deleteCertificate(cert);
}
});
/**
* This function serves the same purpose as the one defined in head_psm.js.
*/
@ -16,18 +33,18 @@ function pemToBase64(pem) {
* a handle to the certificate when that certificate has been read and imported
* with the given trust settings.
*
* Certs imported via this function will automatically be deleted from the cert
* DB once the calling test finishes.
*
* @param {String} filename
* The filename of the certificate (assumed to be in the same directory).
* @param {String} trustString
* A string describing how the certificate should be trusted (see
* `certutil -A --help`).
* @param {nsIX509Cert[]} certificates
* An array to append the imported cert to. Useful for making sure
* imported certs are cleaned up.
* @return {Promise}
* A promise that will resolve with a handle to the certificate.
*/
function readCertificate(filename, trustString, certificates) {
function readCertificate(filename, trustString) {
return OS.File.read(getTestFilePath(filename)).then(data => {
let decoder = new TextDecoder();
let pem = decoder.decode(data);
@ -36,7 +53,7 @@ function readCertificate(filename, trustString, certificates) {
let base64 = pemToBase64(pem);
certdb.addCertFromBase64(base64, trustString, "unused");
let cert = certdb.constructX509FromBase64(base64);
certificates.push(cert);
gImportedCerts.push(cert);
return cert;
}, error => { throw error; });
}