From 25dff05eede2c078b2ab289212917c71bdbc2abc Mon Sep 17 00:00:00 2001 From: Cykesiopka Date: Wed, 2 Nov 2016 00:08:34 +0800 Subject: [PATCH] Bug 1260626 - Take advantage of the always present test token. r=keeler Now that we have an always present test token, we can add more tests, and make other tests not intermittently fail. MozReview-Commit-ID: LRLmOGGjshb --HG-- extra : rebase_source : 3c92e93d03355633271b79529a4288aa5770424a --- .../tests/unit/test_pkcs11_insert_remove.js | 35 --------------- .../ssl/tests/unit/test_pkcs11_slot.js | 21 ++++----- .../ssl/tests/unit/test_pkcs11_token.js | 12 +++-- .../ssl/tests/unit/test_pkcs11_tokenDB.js | 45 +++++++++++++++++++ .../ssl/tests/unit/xpcshell-smartcards.ini | 1 + 5 files changed, 62 insertions(+), 52 deletions(-) create mode 100644 security/manager/ssl/tests/unit/test_pkcs11_tokenDB.js diff --git a/security/manager/ssl/tests/unit/test_pkcs11_insert_remove.js b/security/manager/ssl/tests/unit/test_pkcs11_insert_remove.js index 94424ac06d48..b0592906c44e 100644 --- a/security/manager/ssl/tests/unit/test_pkcs11_insert_remove.js +++ b/security/manager/ssl/tests/unit/test_pkcs11_insert_remove.js @@ -16,9 +16,6 @@ Cc["@mozilla.org/psm;1"].getService(Ci.nsISupports); const gExpectedTokenLabel = "Test PKCS11 Tokeñ Label"; -const gTokenDB = Cc["@mozilla.org/security/pk11tokendb;1"] - .getService(Ci.nsIPK11TokenDB); - function SmartcardObserver(type) { this.type = type; do_test_pending(); @@ -29,38 +26,6 @@ SmartcardObserver.prototype = { equal(topic, this.type, "Observed and expected types should match"); equal(gExpectedTokenLabel, data, "Expected and observed token labels should match"); - - // Test that the token list contains the test token only when the test - // module is loaded. - // Note: This test is located here out of convenience. In particular, - // observing the "smartcard-insert" event is the only time where it - // is reasonably certain for the test token to be present (see the top - // level comment for this file for why). - let tokenList = gTokenDB.listTokens(); - let testTokenLabelFound = false; - while (tokenList.hasMoreElements()) { - let token = tokenList.getNext().QueryInterface(Ci.nsIPK11Token); - if (token.tokenLabel == gExpectedTokenLabel) { - testTokenLabelFound = true; - break; - } - } - let testTokenShouldBePresent = this.type == "smartcard-insert"; - equal(testTokenLabelFound, testTokenShouldBePresent, - "Should find test token only when the test module is loaded"); - - // Test that the token is findable by name only when the test module is - // loaded. - // Note: Again, this test is located here out of convenience. - if (testTokenShouldBePresent) { - notEqual(gTokenDB.findTokenByName(gExpectedTokenLabel), null, - "Test token should be findable by name"); - } else { - throws(() => gTokenDB.findTokenByName(gExpectedTokenLabel), - /NS_ERROR_FAILURE/, - "Non-present test token should not be findable by name"); - } - Services.obs.removeObserver(this, this.type); do_test_finished(); } diff --git a/security/manager/ssl/tests/unit/test_pkcs11_slot.js b/security/manager/ssl/tests/unit/test_pkcs11_slot.js index bb09ac67c2ca..8aebf0439683 100644 --- a/security/manager/ssl/tests/unit/test_pkcs11_slot.js +++ b/security/manager/ssl/tests/unit/test_pkcs11_slot.js @@ -14,14 +14,11 @@ function run_test() { let moduleDB = Cc["@mozilla.org/security/pkcs11moduledb;1"] .getService(Ci.nsIPKCS11ModuleDB); let testModule = moduleDB.findModuleByName("PKCS11 Test Module"); - // TODO(Bug 1306632): Add a slot to the PSM PKCS 11 test module with a name - // with high codepoints, then add a test to ensure - // findSlotByName() is able to find the slot. - let testSlot = testModule.findSlotByName("Test PKCS11 Slot"); + let testSlot = testModule.findSlotByName("Test PKCS11 Slot 二"); - equal(testSlot.name, "Test PKCS11 Slot", + equal(testSlot.name, "Test PKCS11 Slot 二", "Actual and expected name should match"); - equal(testSlot.desc, "Test PKCS11 Slot", + equal(testSlot.desc, "Test PKCS11 Slot 二", "Actual and expected description should match"); equal(testSlot.manID, "Test PKCS11 Manufacturer ID", "Actual and expected manufacturer ID should match"); @@ -29,15 +26,13 @@ function run_test() { "Actual and expected hardware version should match"); equal(testSlot.FWVersion, "0.0", "Actual and expected firmware version should match"); - // Note: testSlot.status is not tested because the implementation calls - // PK11_IsPresent(), which checks whether the test token is present. - // The test module inserts and removes the test token in a tight loop, - // so the result might not be deterministic. + equal(testSlot.status, Ci.nsIPKCS11Slot.SLOT_READY, + "Actual and expected status should match"); + equal(testSlot.tokenName, "Test PKCS11 Tokeñ 2 Label", + "Actual and expected token name should match"); - // Note: testSlot.tokenName isn't tested for the same reason testSlot.status - // isn't. let testToken = testSlot.getToken(); notEqual(testToken, null, "getToken() should succeed"); - equal(testToken.tokenLabel, "Test PKCS11 Tokeñ Label", + equal(testToken.tokenLabel, "Test PKCS11 Tokeñ 2 Label", "Spot check: the actual and expected test token labels should be equal"); } diff --git a/security/manager/ssl/tests/unit/test_pkcs11_token.js b/security/manager/ssl/tests/unit/test_pkcs11_token.js index f77b6fcbe277..69b2cb384de7 100644 --- a/security/manager/ssl/tests/unit/test_pkcs11_token.js +++ b/security/manager/ssl/tests/unit/test_pkcs11_token.js @@ -5,10 +5,14 @@ // Tests the methods and attributes for interfacing with a PKCS #11 token, using // the internal key token. -// Note: We don't use the test token in the test PKCS #11 module because it is -// inconvenient to test. See the top level comment in -// test_pkcs11_insert_remove.js for why. However, some token DB tests are -// located in that file out of convenience. +// We don't use either of the test tokens in the test PKCS #11 module because: +// 1. Test token 1 cyclically inserts and removes itself in a tight loop. +// Using token 1 would complicate the test and introduce intermittent +// failures. +// 2. Neither test token implements login or password related functionality. +// We want to test such functionality. +// 3. Using the internal token lets us actually test the internal token works +// as expected. // Ensure that the appropriate initialization has happened. do_get_profile(); diff --git a/security/manager/ssl/tests/unit/test_pkcs11_tokenDB.js b/security/manager/ssl/tests/unit/test_pkcs11_tokenDB.js new file mode 100644 index 000000000000..ac382ab82f57 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_pkcs11_tokenDB.js @@ -0,0 +1,45 @@ +// Any copyright is dedicated to the Public Domain. +// http://creativecommons.org/publicdomain/zero/1.0/ +"use strict"; + +// Tests the methods for interfacing with the PKCS #11 token database. + +// Ensure that the appropriate initialization has happened. +do_get_profile(); + +function run_test() { + let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"] + .getService(Ci.nsIPK11TokenDB); + + let tokenListPreLoad = tokenDB.listTokens(); + while (tokenListPreLoad.hasMoreElements()) { + let token = tokenListPreLoad.getNext().QueryInterface(Ci.nsIPK11Token); + notEqual(token.tokenLabel, "Test PKCS11 Tokeñ Label", + "Test PKCS11 Token 1 should not be listed prior to module load"); + notEqual(token.tokenLabel, "Test PKCS11 Tokeñ 2 Label", + "Test PKCS11 Token 2 should not be listed prior to module load"); + } + + throws(() => tokenDB.findTokenByName("Test PKCS11 Tokeñ Label"), + /NS_ERROR_FAILURE/, + "Non-present test token 1 should not be findable by name"); + throws(() => tokenDB.findTokenByName("Test PKCS11 Tokeñ 2 Label"), + /NS_ERROR_FAILURE/, + "Non-present test token 2 should not be findable by name"); + + loadPKCS11TestModule(false); + + // Test Token 1 is simulated to insert and remove itself in a tight loop, so + // we don't bother testing that it's present. + let tokenListPostLoad = tokenDB.listTokens(); + let foundTokenNames = []; + while (tokenListPostLoad.hasMoreElements()) { + let token = tokenListPostLoad.getNext().QueryInterface(Ci.nsIPK11Token); + foundTokenNames.push(token.tokenName); + } + ok(foundTokenNames.includes("Test PKCS11 Tokeñ 2 Label"), + "Test PKCS11 Token 2 should be listed after module load"); + + notEqual(tokenDB.findTokenByName("Test PKCS11 Tokeñ 2 Label"), null, + "Test token 2 should be findable by name after loading test module"); +} diff --git a/security/manager/ssl/tests/unit/xpcshell-smartcards.ini b/security/manager/ssl/tests/unit/xpcshell-smartcards.ini index fb443eb1e216..e26b2048a0d8 100644 --- a/security/manager/ssl/tests/unit/xpcshell-smartcards.ini +++ b/security/manager/ssl/tests/unit/xpcshell-smartcards.ini @@ -11,3 +11,4 @@ support-files = [test_pkcs11_safe_mode.js] [test_pkcs11_slot.js] [test_pkcs11_token.js] +[test_pkcs11_tokenDB.js]