зеркало из https://github.com/mozilla/gecko-dev.git
Bug 841135: Remove the marketplace test root cert, r=honzab
--HG-- extra : source : cad6855a3b4a862989873ef30675a115c4341ce1
This commit is contained in:
Brian Smith
Родитель
2dd8ee7c66
Коммит
72af5c5f65
|
|
@ -1,154 +1,4 @@
|
|||
|
||||
#
|
||||
# Certificate "test-b2g-app-root-cert"
|
||||
#
|
||||
# Issuer: C=US,ST=CA,L=Mountain View,O=MarketplaceTest Corporation,OU=MarketplaceTest CA,CN=MarketplaceTest Root CA 1
|
||||
# Serial Number: 1 (0x1)
|
||||
# Subject: C=US,ST=CA,L=Mountain View,O=MarketplaceTest Corporation,OU=MarketplaceTest CA,CN=MarketplaceTest Root CA 1
|
||||
# Not Valid Before: Thu Dec 13 20:14:18 2012
|
||||
# Not Valid After : Sun Dec 11 20:14:18 2022
|
||||
# Fingerprint (MD5): 16:FA:62:5A:EB:A6:E0:35:72:EB:95:B0:7D:58:EE:79
|
||||
# Fingerprint (SHA1): 36:C7:33:40:5E:5C:53:8E:BD:31:B9:0F:4A:6C:30:86:64:F2:D2:E1
|
||||
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
|
||||
CKA_TOKEN CK_BBOOL CK_TRUE
|
||||
CKA_PRIVATE CK_BBOOL CK_FALSE
|
||||
CKA_MODIFIABLE CK_BBOOL CK_FALSE
|
||||
CKA_LABEL UTF8 "test-b2g-app-root-cert"
|
||||
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
|
||||
CKA_SUBJECT MULTILINE_OCTAL
|
||||
\060\201\231\061\042\060\040\006\003\125\004\003\023\031\115\141
|
||||
\162\153\145\164\160\154\141\143\145\124\145\163\164\040\122\157
|
||||
\157\164\040\103\101\040\061\061\033\060\031\006\003\125\004\013
|
||||
\023\022\115\141\162\153\145\164\160\154\141\143\145\124\145\163
|
||||
\164\040\103\101\061\044\060\042\006\003\125\004\012\023\033\115
|
||||
\141\162\153\145\164\160\154\141\143\145\124\145\163\164\040\103
|
||||
\157\162\160\157\162\141\164\151\157\156\061\026\060\024\006\003
|
||||
\125\004\007\023\015\115\157\165\156\164\141\151\156\040\126\151
|
||||
\145\167\061\013\060\011\006\003\125\004\010\023\002\103\101\061
|
||||
\013\060\011\006\003\125\004\006\023\002\125\123
|
||||
END
|
||||
CKA_ID UTF8 "0"
|
||||
CKA_ISSUER MULTILINE_OCTAL
|
||||
\060\201\231\061\042\060\040\006\003\125\004\003\023\031\115\141
|
||||
\162\153\145\164\160\154\141\143\145\124\145\163\164\040\122\157
|
||||
\157\164\040\103\101\040\061\061\033\060\031\006\003\125\004\013
|
||||
\023\022\115\141\162\153\145\164\160\154\141\143\145\124\145\163
|
||||
\164\040\103\101\061\044\060\042\006\003\125\004\012\023\033\115
|
||||
\141\162\153\145\164\160\154\141\143\145\124\145\163\164\040\103
|
||||
\157\162\160\157\162\141\164\151\157\156\061\026\060\024\006\003
|
||||
\125\004\007\023\015\115\157\165\156\164\141\151\156\040\126\151
|
||||
\145\167\061\013\060\011\006\003\125\004\010\023\002\103\101\061
|
||||
\013\060\011\006\003\125\004\006\023\002\125\123
|
||||
END
|
||||
CKA_SERIAL_NUMBER MULTILINE_OCTAL
|
||||
\002\001\001
|
||||
END
|
||||
CKA_VALUE MULTILINE_OCTAL
|
||||
\060\202\003\352\060\202\002\322\240\003\002\001\002\002\001\001
|
||||
\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
|
||||
\201\231\061\042\060\040\006\003\125\004\003\023\031\115\141\162
|
||||
\153\145\164\160\154\141\143\145\124\145\163\164\040\122\157\157
|
||||
\164\040\103\101\040\061\061\033\060\031\006\003\125\004\013\023
|
||||
\022\115\141\162\153\145\164\160\154\141\143\145\124\145\163\164
|
||||
\040\103\101\061\044\060\042\006\003\125\004\012\023\033\115\141
|
||||
\162\153\145\164\160\154\141\143\145\124\145\163\164\040\103\157
|
||||
\162\160\157\162\141\164\151\157\156\061\026\060\024\006\003\125
|
||||
\004\007\023\015\115\157\165\156\164\141\151\156\040\126\151\145
|
||||
\167\061\013\060\011\006\003\125\004\010\023\002\103\101\061\013
|
||||
\060\011\006\003\125\004\006\023\002\125\123\060\036\027\015\061
|
||||
\062\061\062\061\063\062\060\061\064\061\070\132\027\015\062\062
|
||||
\061\062\061\061\062\060\061\064\061\070\132\060\201\231\061\042
|
||||
\060\040\006\003\125\004\003\023\031\115\141\162\153\145\164\160
|
||||
\154\141\143\145\124\145\163\164\040\122\157\157\164\040\103\101
|
||||
\040\061\061\033\060\031\006\003\125\004\013\023\022\115\141\162
|
||||
\153\145\164\160\154\141\143\145\124\145\163\164\040\103\101\061
|
||||
\044\060\042\006\003\125\004\012\023\033\115\141\162\153\145\164
|
||||
\160\154\141\143\145\124\145\163\164\040\103\157\162\160\157\162
|
||||
\141\164\151\157\156\061\026\060\024\006\003\125\004\007\023\015
|
||||
\115\157\165\156\164\141\151\156\040\126\151\145\167\061\013\060
|
||||
\011\006\003\125\004\010\023\002\103\101\061\013\060\011\006\003
|
||||
\125\004\006\023\002\125\123\060\202\001\042\060\015\006\011\052
|
||||
\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060
|
||||
\202\001\012\002\202\001\001\000\274\203\257\274\062\142\054\152
|
||||
\063\120\342\237\046\350\213\024\052\144\011\127\322\132\151\033
|
||||
\346\154\213\124\062\111\265\217\032\077\207\305\147\365\256\372
|
||||
\041\212\170\064\145\372\245\010\226\224\355\200\170\341\172\213
|
||||
\237\240\324\261\263\230\040\044\173\201\146\126\062\335\124\334
|
||||
\170\013\101\150\057\225\047\154\254\127\047\100\154\121\262\216
|
||||
\071\346\055\363\125\263\222\321\127\003\334\347\102\352\053\317
|
||||
\176\366\343\114\355\001\241\321\374\152\344\144\075\244\324\317
|
||||
\200\064\321\034\000\167\036\251\316\330\317\073\370\262\170\157
|
||||
\217\106\067\300\200\100\022\053\265\076\373\104\163\107\313\215
|
||||
\223\262\325\024\120\050\111\352\201\174\315\051\222\320\367\224
|
||||
\363\233\217\301\324\353\050\077\314\217\262\327\163\142\345\065
|
||||
\100\063\144\000\107\213\240\220\203\037\257\054\245\040\213\225
|
||||
\313\321\156\174\342\236\332\300\301\016\377\355\233\216\207\066
|
||||
\023\256\062\275\250\035\250\143\365\041\271\025\277\156\273\330
|
||||
\330\151\257\105\122\272\220\234\015\216\375\335\302\354\042\132
|
||||
\076\204\122\004\222\141\022\367\002\003\001\000\001\243\073\060
|
||||
\071\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
|
||||
\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002
|
||||
\002\004\060\026\006\003\125\035\045\001\001\377\004\014\060\012
|
||||
\006\010\053\006\001\005\005\007\003\003\060\015\006\011\052\206
|
||||
\110\206\367\015\001\001\005\005\000\003\202\001\001\000\164\037
|
||||
\012\101\256\130\023\311\005\143\361\352\336\021\173\017\251\137
|
||||
\304\134\323\311\031\260\214\364\346\161\364\162\363\236\106\347
|
||||
\146\301\371\352\373\167\174\323\065\106\141\306\131\200\024\152
|
||||
\116\114\267\040\036\047\244\007\066\205\022\250\172\177\250\103
|
||||
\120\325\214\013\131\342\052\117\364\057\344\071\371\003\337\204
|
||||
\207\065\032\261\206\245\323\050\222\061\063\026\035\217\124\360
|
||||
\054\234\045\357\356\107\011\165\071\253\327\040\174\341\353\137
|
||||
\206\352\044\315\373\173\322\121\041\112\215\305\205\003\300\012
|
||||
\102\326\257\322\351\232\243\370\053\304\063\173\203\173\174\255
|
||||
\376\251\161\362\233\261\361\343\327\005\357\011\161\060\332\107
|
||||
\004\222\324\267\334\341\155\226\104\104\173\050\333\262\305\021
|
||||
\327\053\146\213\335\204\312\275\177\344\045\236\147\176\367\301
|
||||
\004\061\107\346\220\347\054\156\333\071\210\010\275\336\133\160
|
||||
\051\173\225\027\307\260\103\371\354\322\075\232\242\335\372\041
|
||||
\375\250\267\052\203\015\226\151\315\100\257\353\235\351\214\165
|
||||
\306\351\144\072\025\076\343\163\320\131\344\331\332\203
|
||||
END
|
||||
|
||||
# Trust for "test-b2g-app-root-cert"
|
||||
# Issuer: C=US,ST=CA,L=Mountain View,O=MarketplaceTest Corporation,OU=MarketplaceTest CA,CN=MarketplaceTest Root CA 1
|
||||
# Serial Number: 1 (0x1)
|
||||
# Subject: C=US,ST=CA,L=Mountain View,O=MarketplaceTest Corporation,OU=MarketplaceTest CA,CN=MarketplaceTest Root CA 1
|
||||
# Not Valid Before: Thu Dec 13 20:14:18 2012
|
||||
# Not Valid After : Sun Dec 11 20:14:18 2022
|
||||
# Fingerprint (MD5): 16:FA:62:5A:EB:A6:E0:35:72:EB:95:B0:7D:58:EE:79
|
||||
# Fingerprint (SHA1): 36:C7:33:40:5E:5C:53:8E:BD:31:B9:0F:4A:6C:30:86:64:F2:D2:E1
|
||||
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
|
||||
CKA_TOKEN CK_BBOOL CK_TRUE
|
||||
CKA_PRIVATE CK_BBOOL CK_FALSE
|
||||
CKA_MODIFIABLE CK_BBOOL CK_FALSE
|
||||
CKA_LABEL UTF8 "test-b2g-app-root-cert"
|
||||
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
|
||||
\066\307\063\100\136\134\123\216\275\061\271\017\112\154\060\206
|
||||
\144\362\322\341
|
||||
END
|
||||
CKA_CERT_MD5_HASH MULTILINE_OCTAL
|
||||
\026\372\142\132\353\246\340\065\162\353\225\260\175\130\356\171
|
||||
END
|
||||
CKA_ISSUER MULTILINE_OCTAL
|
||||
\060\201\231\061\042\060\040\006\003\125\004\003\023\031\115\141
|
||||
\162\153\145\164\160\154\141\143\145\124\145\163\164\040\122\157
|
||||
\157\164\040\103\101\040\061\061\033\060\031\006\003\125\004\013
|
||||
\023\022\115\141\162\153\145\164\160\154\141\143\145\124\145\163
|
||||
\164\040\103\101\061\044\060\042\006\003\125\004\012\023\033\115
|
||||
\141\162\153\145\164\160\154\141\143\145\124\145\163\164\040\103
|
||||
\157\162\160\157\162\141\164\151\157\156\061\026\060\024\006\003
|
||||
\125\004\007\023\015\115\157\165\156\164\141\151\156\040\126\151
|
||||
\145\167\061\013\060\011\006\003\125\004\010\023\002\103\101\061
|
||||
\013\060\011\006\003\125\004\006\023\002\125\123
|
||||
END
|
||||
CKA_SERIAL_NUMBER MULTILINE_OCTAL
|
||||
\002\001\001
|
||||
END
|
||||
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
|
||||
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
|
||||
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
|
||||
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
|
||||
|
||||
#
|
||||
# Certificate "b2g-app-root-cert"
|
||||
#
|
||||
|
|
|
|||
Двоичные данные
security/build/test-b2g-app-root-cert.der
Двоичные данные
security/build/test-b2g-app-root-cert.der
Двоичный файл не отображается.
|
|
@ -16,23 +16,23 @@ function run_test() {
|
|||
run_next_test();
|
||||
}
|
||||
|
||||
// XXX: NSS has many possible error codes for this, e.g.
|
||||
// SEC_ERROR_UNTRUSTED_ISSUER and others are also reasonable. Future
|
||||
// versions of NSS may return one of these alternate errors; in that case
|
||||
// we need to update this test.
|
||||
//
|
||||
// XXX (bug 812089): Cr.NS_ERROR_SEC_ERROR_UNKNOWN_ISSUER is undefined.
|
||||
//
|
||||
// XXX: Cannot use operator| instead of operator+ to combine bits because
|
||||
// bit 31 trigger's JavaScript's crazy interpretation of the numbers as
|
||||
// two's complement negative integers.
|
||||
const NS_ERROR_SEC_ERROR_UNKNOWN_ISSUER = 0x80000000 /*unsigned (1 << 31)*/
|
||||
+ ( (0x45 + 21) << 16)
|
||||
+ (-(-0x2000 + 13) );
|
||||
|
||||
function check_open_result(name, expectedRv) {
|
||||
if (expectedRv == Cr.NS_OK && !isB2G) {
|
||||
// We do not trust the marketplace trust anchor on non-B2G builds
|
||||
|
||||
// XXX: NSS has many possible error codes for this, e.g.
|
||||
// SEC_ERROR_UNTRUSTED_ISSUER and others are also reasonable. Future
|
||||
// versions of NSS may return one of these alternate errors; in that case
|
||||
// we need to update this test.
|
||||
//
|
||||
// XXX (bug 812089): Cr.NS_ERROR_SEC_ERROR_UNKNOWN_ISSUER is undefined.
|
||||
//
|
||||
// XXX: Cannot use operator| instead of operator+ to combine bits because
|
||||
// bit 31 trigger's JavaScript's crazy interpretation of the numbers as
|
||||
// two's complement negative integers.
|
||||
const NS_ERROR_SEC_ERROR_UNKNOWN_ISSUER = 0x80000000 /*unsigned (1 << 31)*/
|
||||
+ ( (0x45 + 21) << 16)
|
||||
+ (-(-0x2000 + 13) );
|
||||
expectedRv = NS_ERROR_SEC_ERROR_UNKNOWN_ISSUER;
|
||||
}
|
||||
|
||||
|
|
@ -49,12 +49,16 @@ function original_app_path(test_name) {
|
|||
return do_get_file("test_signed_apps/" + test_name + ".zip", false);
|
||||
}
|
||||
|
||||
// Test that we no longer trust the test root cert that was originally used
|
||||
// during development of B2G 1.0.
|
||||
add_test(function () {
|
||||
certdb.openSignedJARFileAsync(
|
||||
original_app_path("test-privileged-app-test-1.0"),
|
||||
check_open_result("test-privileged-app-test-1.0", Cr.NS_OK));
|
||||
check_open_result("test-privileged-app-test-1.0",
|
||||
NS_ERROR_SEC_ERROR_UNKNOWN_ISSUER));
|
||||
});
|
||||
|
||||
// Test that we trust the root cert used by by the Firefox Marketplace.
|
||||
add_test(function () {
|
||||
certdb.openSignedJARFileAsync(
|
||||
original_app_path("privileged-app-test-1.0"),
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче