diff --git a/security/manager/ssl/tests/mochitest/browser/browser_certViewer.js b/security/manager/ssl/tests/mochitest/browser/browser_certViewer.js index 6aa7c5ada302..bd9e179ce788 100644 --- a/security/manager/ssl/tests/mochitest/browser/browser_certViewer.js +++ b/security/manager/ssl/tests/mochitest/browser/browser_certViewer.js @@ -10,53 +10,43 @@ var { OS } = Cu.import("resource://gre/modules/osfile.jsm", {}); -var certificates = []; - -registerCleanupFunction(function() { - let certdb = Cc["@mozilla.org/security/x509certdb;1"] - .getService(Ci.nsIX509CertDB); - certificates.forEach(cert => { - certdb.deleteCertificate(cert); - }); -}); - add_task(function* () { - let cert = yield readCertificate("ca.pem", "CTu,CTu,CTu", certificates); + let cert = yield readCertificate("ca.pem", "CTu,CTu,CTu"); let win = yield displayCertificate(cert); checkUsages(win, ["SSL Certificate Authority"]); yield BrowserTestUtils.closeWindow(win); }); add_task(function* () { - let cert = yield readCertificate("ssl-ee.pem", ",,", certificates); + let cert = yield readCertificate("ssl-ee.pem", ",,"); let win = yield displayCertificate(cert); checkUsages(win, ["SSL Server Certificate", "SSL Client Certificate"]); yield BrowserTestUtils.closeWindow(win); }); add_task(function* () { - let cert = yield readCertificate("email-ee.pem", ",,", certificates); + let cert = yield readCertificate("email-ee.pem", ",,"); let win = yield displayCertificate(cert); checkUsages(win, ["Email Recipient Certificate", "Email Signer Certificate"]); yield BrowserTestUtils.closeWindow(win); }); add_task(function* () { - let cert = yield readCertificate("code-ee.pem", ",,", certificates); + let cert = yield readCertificate("code-ee.pem", ",,"); let win = yield displayCertificate(cert); checkUsages(win, ["Object Signer"]); yield BrowserTestUtils.closeWindow(win); }); add_task(function* () { - let cert = yield readCertificate("expired-ca.pem", ",,", certificates); + let cert = yield readCertificate("expired-ca.pem", ",,"); let win = yield displayCertificate(cert); checkError(win, "Could not verify this certificate because it has expired."); yield BrowserTestUtils.closeWindow(win); }); add_task(function* () { - let cert = yield readCertificate("ee-from-expired-ca.pem", ",,", certificates); + let cert = yield readCertificate("ee-from-expired-ca.pem", ",,"); let win = yield displayCertificate(cert); checkError(win, "Could not verify this certificate because the CA certificate " + @@ -65,7 +55,7 @@ add_task(function* () { }); add_task(function* () { - let cert = yield readCertificate("unknown-issuer.pem", ",,", certificates); + let cert = yield readCertificate("unknown-issuer.pem", ",,"); let win = yield displayCertificate(cert); checkError(win, "Could not verify this certificate because the issuer is " + @@ -74,7 +64,7 @@ add_task(function* () { }); add_task(function* () { - let cert = yield readCertificate("md5-ee.pem", ",,", certificates); + let cert = yield readCertificate("md5-ee.pem", ",,"); let win = yield displayCertificate(cert); checkError(win, "Could not verify this certificate because it was signed using " + @@ -84,7 +74,7 @@ add_task(function* () { }); add_task(function* () { - let cert = yield readCertificate("untrusted-ca.pem", "p,p,p", certificates); + let cert = yield readCertificate("untrusted-ca.pem", "p,p,p"); let win = yield displayCertificate(cert); checkError(win, "Could not verify this certificate because it is not trusted."); @@ -92,8 +82,7 @@ add_task(function* () { }); add_task(function* () { - let cert = yield readCertificate("ee-from-untrusted-ca.pem", ",,", - certificates); + let cert = yield readCertificate("ee-from-untrusted-ca.pem", ",,"); let win = yield displayCertificate(cert); checkError(win, "Could not verify this certificate because the issuer is not " + @@ -110,7 +99,7 @@ add_task(function* () { certBlocklist.revokeCertBySubjectAndPubKey( "MBIxEDAOBgNVBAMMB3Jldm9rZWQ=", // CN=revoked "VCIlmPM9NkgFQtrs4Oa5TeFcDu6MWRTKSNdePEhOgD8="); // hash of the shared key - let cert = yield readCertificate("revoked.pem", ",,", certificates); + let cert = yield readCertificate("revoked.pem", ",,"); let win = yield displayCertificate(cert); checkError(win, "Could not verify this certificate because it has been revoked."); @@ -122,7 +111,7 @@ add_task(function* () { // keyCertSign, but it doesn't have a basicConstraints extension. This // shouldn't be valid for any usage. Sadly, we give a pretty lame error // message in this case. - let cert = yield readCertificate("invalid.pem", ",,", certificates); + let cert = yield readCertificate("invalid.pem", ",,"); let win = yield displayCertificate(cert); checkError(win, "Could not verify this certificate for unknown reasons."); yield BrowserTestUtils.closeWindow(win); diff --git a/security/manager/ssl/tests/mochitest/browser/browser_deleteCert_ui.js b/security/manager/ssl/tests/mochitest/browser/browser_deleteCert_ui.js index e30e0690fbc9..69e02aa47183 100644 --- a/security/manager/ssl/tests/mochitest/browser/browser_deleteCert_ui.js +++ b/security/manager/ssl/tests/mochitest/browser/browser_deleteCert_ui.js @@ -14,7 +14,6 @@ * @type nsIMutableArray */ var gCertArray = Cc["@mozilla.org/array;1"].createInstance(Ci.nsIMutableArray); -var gImportedCerts = []; const FAKE_HOST_PORT = "Fake host and port"; @@ -75,19 +74,11 @@ function openDeleteCertConfirmDialog(tabID) { }); } -registerCleanupFunction(() => { - let certdb = Cc["@mozilla.org/security/x509certdb;1"] - .getService(Ci.nsIX509CertDB); - for (let cert of gImportedCerts) { - certdb.deleteCertificate(cert); - } -}); - add_task(function* setup() { for (let testCase of TEST_CASES) { let cert = null; if (testCase.certFilename) { - cert = yield readCertificate(testCase.certFilename, ",,", gImportedCerts); + cert = yield readCertificate(testCase.certFilename, ",,"); } let certTreeItem = { hostPort: FAKE_HOST_PORT, diff --git a/security/manager/ssl/tests/mochitest/browser/head.js b/security/manager/ssl/tests/mochitest/browser/head.js index 0d307d9c37a6..d488e6eeb137 100644 --- a/security/manager/ssl/tests/mochitest/browser/head.js +++ b/security/manager/ssl/tests/mochitest/browser/head.js @@ -2,6 +2,23 @@ http://creativecommons.org/publicdomain/zero/1.0/ */ "use strict"; +var gCertDB = Cc["@mozilla.org/security/x509certdb;1"] + .getService(Ci.nsIX509CertDB); + +/** + * List of certs imported via readCertificate(). Certs in this list are + * automatically deleted from the cert DB when a test including this head file + * finishes. + * @type nsIX509Cert[] + */ +var gImportedCerts = []; + +registerCleanupFunction(() => { + for (let cert of gImportedCerts) { + gCertDB.deleteCertificate(cert); + } +}); + /** * This function serves the same purpose as the one defined in head_psm.js. */ @@ -16,18 +33,18 @@ function pemToBase64(pem) { * a handle to the certificate when that certificate has been read and imported * with the given trust settings. * + * Certs imported via this function will automatically be deleted from the cert + * DB once the calling test finishes. + * * @param {String} filename * The filename of the certificate (assumed to be in the same directory). * @param {String} trustString * A string describing how the certificate should be trusted (see * `certutil -A --help`). - * @param {nsIX509Cert[]} certificates - * An array to append the imported cert to. Useful for making sure - * imported certs are cleaned up. * @return {Promise} * A promise that will resolve with a handle to the certificate. */ -function readCertificate(filename, trustString, certificates) { +function readCertificate(filename, trustString) { return OS.File.read(getTestFilePath(filename)).then(data => { let decoder = new TextDecoder(); let pem = decoder.decode(data); @@ -36,7 +53,7 @@ function readCertificate(filename, trustString, certificates) { let base64 = pemToBase64(pem); certdb.addCertFromBase64(base64, trustString, "unused"); let cert = certdb.constructX509FromBase64(base64); - certificates.push(cert); + gImportedCerts.push(cert); return cert; }, error => { throw error; }); }