summaryrefslogtreecommitdiffstats
path: root/security/manager/ssl/tests/unit/test_local_cert.js
blob: 2b0e8043801b1353215c0a4b0e2b9c8f85e0fc7e (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

/* Any copyright is dedicated to the Public Domain.
   http://creativecommons.org/publicdomain/zero/1.0/ */

"use strict";

const certService = Cc["@mozilla.org/security/local-cert-service;1"].getService(
  Ci.nsILocalCertService
);

const gNickname = "local-cert-test";

function run_test() {
  // Need profile dir to store the key / cert
  do_get_profile();
  // Ensure PSM is initialized
  Cc["@mozilla.org/psm;1"].getService(Ci.nsISupports);
  run_next_test();
}

function getOrCreateCert(nickname) {
  return new Promise((resolve, reject) => {
    certService.getOrCreateCert(nickname, {
      handleCert(c, rv) {
        if (rv) {
          reject(rv);
          return;
        }
        resolve(c);
      },
    });
  });
}

function removeCert(nickname) {
  return new Promise((resolve, reject) => {
    certService.removeCert(nickname, {
      handleResult(rv) {
        if (rv) {
          reject(rv);
          return;
        }
        resolve();
      },
    });
  });
}

add_task(async function() {
  // No master password, so no prompt required here
  ok(!certService.loginPromptRequired);

  let certA = await getOrCreateCert(gNickname);
  // The local cert service implementation takes the given nickname and uses it
  // as the common name for the certificate it creates. nsIX509Cert.displayName
  // uses the common name if it is present, so these should match. Should either
  // implementation change to do something else, this won't necessarily work.
  equal(certA.displayName, gNickname);

  // Getting again should give the same cert
  let certB = await getOrCreateCert(gNickname);
  equal(certB.displayName, gNickname);

  // Should be matching instances
  ok(certA.equals(certB));

  // Check an expected attribute
  equal(certA.certType, Ci.nsIX509Cert.USER_CERT);

  // New nickname should give a different cert
  let diffNameCert = await getOrCreateCert("cool-stuff");
  ok(!diffNameCert.equals(certA));

  // Remove the cert, and get a new one again
  await removeCert(gNickname);
  let newCert = await getOrCreateCert(gNickname);
  ok(!newCert.equals(certA));

  // Drop all cert references and GC
  let serial = newCert.serialNumber;
  certA = certB = diffNameCert = newCert = null;
  Cu.forceGC();
  Cu.forceCC();

  // Should still get the same cert back
  let certAfterGC = await getOrCreateCert(gNickname);
  equal(certAfterGC.serialNumber, serial);
});
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-24 09:59:45 +0000