| blob | 516ba701cee472bd423edd5633d50cf8cae5fd47 |
1 // -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
2 // Any copyright is dedicated to the Public Domain.
3 // http://creativecommons.org/publicdomain/zero/1.0/
4 "use strict";
6 // Tests that the client authentication certificate chooser correctly displays
7 // provided information and correctly returns user input.
9 const TEST_HOSTNAME = "Test Hostname";
10 const TEST_ORG = "Test Org";
11 const TEST_ISSUER_ORG = "Test Issuer Org";
12 const TEST_PORT = 123;
14 var certDB = Cc["@mozilla.org/security/x509certdb;1"].getService(
15 Ci.nsIX509CertDB
16 );
17 /**
18 * Test certificate (i.e. build/pgo/certs/mochitest.client).
19 *
20 * @type {nsIX509Cert}
21 */
22 var cert;
24 /**
25 * Opens the client auth cert chooser dialog.
26 *
27 * @param {nsIX509Cert} cert The cert to pass to the dialog for display.
28 * @returns {Promise}
29 * A promise that resolves when the dialog has finished loading, with
30 * an array consisting of:
31 * 1. The window of the opened dialog.
32 * 2. The return value nsIWritablePropertyBag2 passed to the dialog.
33 */
34 function openClientAuthDialog(cert) {
35 let certList = Cc["@mozilla.org/array;1"].createInstance(Ci.nsIMutableArray);
36 certList.appendElement(cert);
38 let returnVals = Cc["@mozilla.org/hash-property-bag;1"].createInstance(
39 Ci.nsIWritablePropertyBag2
40 );
41 let win = window.openDialog(
42 "chrome://pippki/content/clientauthask.xhtml",
43 "",
44 "",
45 TEST_HOSTNAME,
46 TEST_ORG,
47 TEST_ISSUER_ORG,
48 TEST_PORT,
49 certList,
50 returnVals
51 );
52 return TestUtils.topicObserved("cert-dialog-loaded").then(() => [
53 win,
54 returnVals,
55 ]);
56 }
58 /**
59 * Checks that the contents of the given cert chooser dialog match the details
60 * of build/pgo/certs/mochitest.client.
61 *
62 * @param {window} win The cert chooser window.
63 * @param {string} notBefore
64 * The formatted notBefore date of mochitest.client.
65 * @param {string} notAfter
66 * The formatted notAfter date of mochitest.client.
67 */
68 function checkDialogContents(win, notBefore, notAfter) {
69 is(
70 win.document.getElementById("hostname").textContent,
71 `${TEST_HOSTNAME}:${TEST_PORT}`,
72 "Actual and expected hostname and port should be equal"
73 );
74 is(
75 win.document.getElementById("organization").textContent,
76 `Organization: “${TEST_ORG}”`,
77 "Actual and expected organization should be equal"
78 );
79 is(
80 win.document.getElementById("issuer").textContent,
81 `Issued Under: “${TEST_ISSUER_ORG}”`,
82 "Actual and expected issuer organization should be equal"
83 );
85 is(
86 win.document.getElementById("nicknames").label,
87 "Mochitest client [03]",
88 "Actual and expected selected cert nickname and serial should be equal"
89 );
90 is(
91 win.document.getElementById("nicknames").itemCount,
92 1,
93 "correct number of items"
94 );
96 let [subject, serialNum, validity, issuer, tokenName] = win.document
97 .getElementById("details")
98 .value.split("\n");
99 is(
100 subject,
101 "Issued to: CN=Mochitest client",
102 "Actual and expected subject should be equal"
103 );
104 is(
105 serialNum,
106 "Serial number: 03",
107 "Actual and expected serial number should be equal"
108 );
109 is(
110 validity,
111 `Valid from ${notBefore} to ${notAfter}`,
112 "Actual and expected validity should be equal"
113 );
114 is(
115 issuer,
116 "Issued by: OU=Profile Guided Optimization,O=Mozilla Testing,CN=Temporary Certificate Authority",
117 "Actual and expected issuer should be equal"
118 );
119 is(
120 tokenName,
121 "Stored on: Software Security Device",
122 "Actual and expected token name should be equal"
123 );
124 }
126 function findCertByCommonName(commonName) {
127 for (let cert of certDB.getCerts()) {
128 if (cert.commonName == commonName) {
129 return cert;
130 }
131 }
132 return null;
133 }
135 add_setup(async function () {
136 cert = findCertByCommonName("Mochitest client");
137 isnot(cert, null, "Should be able to find the test client cert");
138 });
140 // Test that the contents of the dialog correspond to the details of the
141 // provided cert.
142 add_task(async function testContents() {
143 const formatter = new Intl.DateTimeFormat(undefined, {
144 dateStyle: "medium",
145 timeStyle: "long",
146 });
147 let [win] = await openClientAuthDialog(cert);
148 checkDialogContents(
149 win,
150 formatter.format(new Date(cert.validity.notBefore / 1000)),
151 formatter.format(new Date(cert.validity.notAfter / 1000))
152 );
153 await BrowserTestUtils.closeWindow(win);
154 });
156 // Test that the right values are returned when the dialog is accepted.
157 add_task(async function testAcceptDialogReturnValues() {
158 let [win, retVals] = await openClientAuthDialog(cert);
159 win.document.getElementById("rememberBox").checked = true;
160 info("Accepting dialog");
161 win.document.getElementById("certAuthAsk").acceptDialog();
162 await BrowserTestUtils.windowClosed(win);
164 ok(
165 retVals.get("certChosen"),
166 "Return value should signal user chose a certificate"
167 );
168 is(
169 retVals.get("selectedIndex"),
170 0,
171 "0 should be returned as the selected index"
172 );
173 ok(
174 retVals.get("rememberSelection"),
175 "Return value should signal 'Remember this decision' checkbox was checked"
176 );
177 });
179 // Test that the right values are returned when the dialog is canceled.
180 add_task(async function testCancelDialogReturnValues() {
181 let [win, retVals] = await openClientAuthDialog(cert);
182 win.document.getElementById("rememberBox").checked = false;
183 info("Canceling dialog");
184 win.document.getElementById("certAuthAsk").cancelDialog();
185 await BrowserTestUtils.windowClosed(win);
187 ok(
188 !retVals.get("certChosen"),
189 "Return value should signal user did not choose a certificate"
190 );
191 ok(
192 !retVals.get("rememberSelection"),
193 "Return value should signal 'Remember this decision' checkbox was unchecked"
194 );
195 });