122 lines
3 KiB
JavaScript
122 lines
3 KiB
JavaScript
/* Any copyright is dedicated to the Public Domain.
|
|
http://creativecommons.org/publicdomain/zero/1.0/ */
|
|
"use strict";
|
|
|
|
// Tests that security info parser gives correct general security state for
|
|
// different cases.
|
|
|
|
const wpl = Ci.nsIWebProgressListener;
|
|
|
|
// This *cannot* be used as an nsITransportSecurityInfo (since that interface is
|
|
// builtinclass) but the methods being tested aren't defined by XPCOM and aren't
|
|
// calling QueryInterface, so this usage is fine.
|
|
const MockSecurityInfo = {
|
|
securityState: wpl.STATE_IS_BROKEN,
|
|
errorCode: 0,
|
|
// nsISSLStatus.TLS_VERSION_1_2
|
|
protocolVersion: 3,
|
|
cipherName: "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
|
|
};
|
|
|
|
add_task(async function run_test() {
|
|
await test_nullSecurityInfo();
|
|
await test_insecureSecurityInfoWithNSSError();
|
|
await test_insecureSecurityInfoWithoutNSSError();
|
|
await test_brokenSecurityInfo();
|
|
await test_secureSecurityInfo();
|
|
});
|
|
|
|
/**
|
|
* Test that undefined security information is returns "insecure".
|
|
*/
|
|
async function test_nullSecurityInfo() {
|
|
const result = await NetworkHelper.parseSecurityInfo(null, {}, {}, new Map());
|
|
equal(
|
|
result.state,
|
|
"insecure",
|
|
"state == 'insecure' when securityInfo was undefined"
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Test that STATE_IS_INSECURE with NSSError returns "broken"
|
|
*/
|
|
async function test_insecureSecurityInfoWithNSSError() {
|
|
MockSecurityInfo.securityState = wpl.STATE_IS_INSECURE;
|
|
|
|
// Taken from security/manager/ssl/tests/unit/head_psm.js.
|
|
MockSecurityInfo.errorCode = -8180;
|
|
|
|
const result = await NetworkHelper.parseSecurityInfo(
|
|
MockSecurityInfo,
|
|
{},
|
|
{},
|
|
new Map()
|
|
);
|
|
equal(
|
|
result.state,
|
|
"broken",
|
|
"state == 'broken' if securityState contains STATE_IS_INSECURE flag AND " +
|
|
"errorCode is NSS error."
|
|
);
|
|
|
|
MockSecurityInfo.errorCode = 0;
|
|
}
|
|
|
|
/**
|
|
* Test that STATE_IS_INSECURE without NSSError returns "insecure"
|
|
*/
|
|
async function test_insecureSecurityInfoWithoutNSSError() {
|
|
MockSecurityInfo.securityState = wpl.STATE_IS_INSECURE;
|
|
|
|
const result = await NetworkHelper.parseSecurityInfo(
|
|
MockSecurityInfo,
|
|
{},
|
|
{},
|
|
new Map()
|
|
);
|
|
equal(
|
|
result.state,
|
|
"insecure",
|
|
"state == 'insecure' if securityState contains STATE_IS_INSECURE flag BUT " +
|
|
"errorCode is not NSS error."
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Test that STATE_IS_SECURE returns "secure"
|
|
*/
|
|
async function test_secureSecurityInfo() {
|
|
MockSecurityInfo.securityState = wpl.STATE_IS_SECURE;
|
|
|
|
const result = await NetworkHelper.parseSecurityInfo(
|
|
MockSecurityInfo,
|
|
{},
|
|
{},
|
|
new Map()
|
|
);
|
|
equal(
|
|
result.state,
|
|
"secure",
|
|
"state == 'secure' if securityState contains STATE_IS_SECURE flag"
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Test that STATE_IS_BROKEN returns "weak"
|
|
*/
|
|
async function test_brokenSecurityInfo() {
|
|
MockSecurityInfo.securityState = wpl.STATE_IS_BROKEN;
|
|
|
|
const result = await NetworkHelper.parseSecurityInfo(
|
|
MockSecurityInfo,
|
|
{},
|
|
{},
|
|
new Map()
|
|
);
|
|
equal(
|
|
result.state,
|
|
"weak",
|
|
"state == 'weak' if securityState contains STATE_IS_BROKEN flag"
|
|
);
|
|
}
|