Adding upstream version 115.8.0esr.upstream/115.8.0esr

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 01:47:29 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 01:47:29 +0000
commit: 0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d (patch)
tree: a31f07c9bcca9d56ce61e9a1ffd30ef350d513aa /dom/webauthn/tests/test_webauthn_make_credential.html
parent: Initial commit. (diff)
download: firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.tar.xz
firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.zip
1 files changed, 413 insertions, 0 deletions
diff --git a/dom/webauthn/tests/test_webauthn_make_credential.html b/dom/webauthn/tests/test_webauthn_make_credential.html
new file mode 100644
index 0000000000..b6819acaff
--- /dev/null
+++ b/dom/webauthn/tests/test_webauthn_make_credential.html
@@ -0,0 +1,413 @@
+<!DOCTYPE html>
+<meta charset=utf-8>
+<head>
+  <title>Test for MakeCredential for W3C Web Authentication</title>
+  <script src="/tests/SimpleTest/SimpleTest.js"></script>
+  <script type="text/javascript" src="u2futil.js"></script>
+  <script type="text/javascript" src="pkijs/common.js"></script>
+  <script type="text/javascript" src="pkijs/asn1.js"></script>
+  <script type="text/javascript" src="pkijs/x509_schema.js"></script>
+  <script type="text/javascript" src="pkijs/x509_simpl.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+
+  <h1>Test for MakeCredential for W3C Web Authentication</h1>
+  <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1309284">Mozilla Bug 1309284</a>
+
+  <script class="testbody" type="text/javascript">
+    "use strict";
+
+    is(navigator.authentication, undefined, "navigator.authentication does not exist any longer");
+    isnot(navigator.credentials, undefined, "Credential Management API endpoint must exist");
+    isnot(navigator.credentials.create, undefined, "CredentialManagement create API endpoint must exist");
+    isnot(navigator.credentials.get, undefined, "CredentialManagement get API endpoint must exist");
+
+    let credm;
+    let gCredentialChallenge;
+    let rp;
+    let user;
+    let param;
+    let unsupportedParam;
+    let unknownParam;
+
+    // Setup test env
+    add_task(() => {
+      gCredentialChallenge = new Uint8Array(16);
+      window.crypto.getRandomValues(gCredentialChallenge);
+
+      rp = {id: document.domain, name: "none", icon: "none"};
+      user = {id: new Uint8Array(64), name: "none", icon: "none", displayName: "none"};
+      param = {type: "public-key", alg: cose_alg_ECDSA_w_SHA256};
+      unsupportedParam = {type: "public-key", alg: cose_alg_ECDSA_w_SHA512};
+      unknownParam = {type: "SimplePassword", alg: "MaxLength=2"};
+      credm = navigator.credentials;
+    });
+    // Add tests
+    add_task(test_good_call);
+    add_task(test_empty_account);
+    add_task(test_without_rp_name);
+    add_task(test_without_user_id);
+    add_task(test_without_user_name);
+    add_task(test_without_user_displayname);
+    add_task(test_user_too_large);
+    add_task(test_empty_parameters);
+    add_task(test_without_parameters);
+    add_task(test_unsupported_parameter);
+    add_task(test_unsupported_but_one_param);
+    add_task(test_one_unknown_parameter);
+    add_task(test_one_unknown_one_unsupported_param);
+    add_task(test_one_of_each_parameters);
+    add_task(test_without_challenge);
+    add_task(test_invalid_challenge);
+    add_task(test_duplicate_pub_key);
+    add_task(test_invalid_rp_id);
+    add_task(test_invalid_rp_id_2);
+    add_task(test_missing_rp);
+    add_task(test_incorrect_user_id_type);
+    add_task(test_missing_user);
+    add_task(test_complete_account);
+    add_task(test_too_large_user_id);
+    add_task(test_excluding_unknown_transports);
+    add_task(test_unknown_attestation_type);
+    add_task(test_unknown_selection_criteria);
+
+    function arrivingHereIsGood(aResult) {
+      ok(true, "Good result! Received a: " + aResult);
+      return Promise.resolve();
+    }
+
+    function arrivingHereIsBad(aResult) {
+      ok(false, "Bad result! Received a: " + aResult);
+      return Promise.resolve();
+    }
+
+    function expectNotAllowedError(aResult) {
+      ok(aResult.toString().startsWith("NotAllowedError"), "Expecting a NotAllowedError");
+      return Promise.resolve();
+    }
+
+    function expectTypeError(aResult) {
+      ok(aResult.toString().startsWith("TypeError"), "Expecting a TypeError");
+      return Promise.resolve();
+    }
+
+    function expectNotSupportedError(aResult) {
+      ok(aResult.toString().startsWith("NotSupportedError"), "Expecting a NotSupportedError");
+      return Promise.resolve();
+    }
+
+    // Test basic good call
+    async function test_good_call() {
+      let makeCredentialOptions = {
+        rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsGood)
+                  .catch(arrivingHereIsBad);
+    }
+
+    // Test empty account
+    async function test_empty_account() {
+      let makeCredentialOptions = {
+        challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectTypeError);
+    }
+
+    // Test without rp.name
+    async function test_without_rp_name() {
+      let rp1 = {id: document.domain, icon: "none"};
+      let makeCredentialOptions = {
+        rp: rp1, user, challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectTypeError);
+    }
+
+    // Test without user.id
+    async function test_without_user_id() {
+      let user1 = {name: "none", icon: "none", displayName: "none"};
+      let makeCredentialOptions = {
+        rp, user: user1, challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectTypeError);
+    }
+
+    // Test without user.name
+    async function test_without_user_name() {
+      let user1 = {id: new Uint8Array(64), icon: "none", displayName: "none"};
+      let makeCredentialOptions = {
+        rp, user: user1, challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectTypeError);
+    }
+
+    // Test without user.displayName
+    async function test_without_user_displayname() {
+      let user1 = {id: new Uint8Array(64), name: "none", icon: "none"};
+      let makeCredentialOptions = {
+        rp, user: user1, challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectTypeError);
+    }
+
+    // Test with a user handle that exceeds the max length
+    async function test_user_too_large() {
+      let user1 = {id: new Uint8Array(65), name: "none", icon: "none", displayName: "none"};
+      let makeCredentialOptions = {
+        rp, user: user1, challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectTypeError);
+    }
+
+    // Test without any parameters; this is acceptable meaning the RP ID is
+    // happy to accept either ECDSA-SHA256 or RSA-SHA256
+    async function test_empty_parameters() {
+      let makeCredentialOptions = {
+        rp, user, challenge: gCredentialChallenge, pubKeyCredParams: []
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsGood)
+                  .catch(arrivingHereIsBad);
+    }
+
+    // Test without a parameter array at all
+    async function test_without_parameters() {
+      let makeCredentialOptions = {
+        rp, user, challenge: gCredentialChallenge
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+           .then(arrivingHereIsBad)
+           .catch(expectTypeError);
+    }
+
+    // Test with an unsupported parameter
+    async function test_unsupported_parameter() {
+      let makeCredentialOptions = {
+        rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [unsupportedParam]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectNotSupportedError);
+    }
+
+    // Test with an unsupported parameter and a good one
+    async function test_unsupported_but_one_param() {
+      let makeCredentialOptions = {
+        rp, user, challenge: gCredentialChallenge,
+        pubKeyCredParams: [param, unsupportedParam]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsGood)
+                  .catch(arrivingHereIsBad);
+    }
+
+    // Test with one unknown parameter.
+    async function test_one_unknown_parameter() {
+      let makeCredentialOptions = {
+        rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [unknownParam]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+           .then(arrivingHereIsBad)
+           .catch(expectNotSupportedError);
+    }
+
+    // Test with an unsupported parameter, and an unknown one
+    async function test_one_unknown_one_unsupported_param() {
+      let makeCredentialOptions = {
+        rp, user, challenge: gCredentialChallenge,
+        pubKeyCredParams: [unsupportedParam, unknownParam]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectNotSupportedError);
+    }
+
+    // Test with an unsupported parameter, an unknown one, and a good one. This
+    // should succeed, as the unsupported and unknown should be ignored.
+    async function test_one_of_each_parameters() {
+      let makeCredentialOptions = {
+        rp, user, challenge: gCredentialChallenge,
+        pubKeyCredParams: [param, unsupportedParam, unknownParam]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsGood)
+                  .catch(arrivingHereIsBad);
+    }
+
+    // Test without a challenge
+    async function test_without_challenge() {
+      let makeCredentialOptions = {
+        rp, user, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectTypeError);
+    }
+
+    // Test with an invalid challenge
+    async function test_invalid_challenge() {
+      let makeCredentialOptions = {
+        rp, user, challenge: "begone, thou ill-fitting moist glove!",
+        pubKeyCredParams: [unsupportedParam]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+           .then(arrivingHereIsBad)
+           .catch(expectTypeError);
+    }
+
+    // Test with duplicate pubKeyCredParams
+    async function test_duplicate_pub_key() {
+      let makeCredentialOptions = {
+        rp, user, challenge: gCredentialChallenge,
+        pubKeyCredParams: [param, param, param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsGood)
+                  .catch(arrivingHereIsBad);
+    }
+
+    // Test with an RP ID that is not a valid domain string
+    async function test_invalid_rp_id() {
+      let rp1 = { id: document.domain + ":somejunk", name: "none", icon: "none" };
+      let makeCredentialOptions = {
+        rp: rp1, user, challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(arrivingHereIsGood);
+    }
+
+    // Test with another RP ID that is not a valid domain string
+    async function test_invalid_rp_id_2() {
+      let rp1 = { id: document.domain + ":8888", name: "none", icon: "none" };
+      let makeCredentialOptions = {
+        rp: rp1, user, challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(arrivingHereIsGood);
+    }
+
+    // Test with missing rp
+    async function test_missing_rp() {
+      let makeCredentialOptions = {
+        user, challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectTypeError);
+    }
+
+    // Test with incorrect user ID type
+    async function test_incorrect_user_id_type() {
+      let invalidType = {id: "a string, which is not a buffer", name: "none", icon: "none", displayName: "none"};
+      let makeCredentialOptions = {
+        user: invalidType, challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectTypeError);
+    }
+
+    // Test with missing user
+    async function test_missing_user() {
+      let makeCredentialOptions = {
+        rp, challenge: gCredentialChallenge, pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectTypeError);
+    }
+
+    // Test a complete account
+    async function test_complete_account() {
+      let completeRP = {id: document.domain, name: "Foxxy Name",
+                        icon: "https://example.com/fox.svg"};
+      let completeUser = {id: string2buffer("foxes_are_the_best@example.com"),
+                          name: "Fox F. Foxington",
+                          icon: "https://example.com/fox.svg",
+                          displayName: "Foxxy V"};
+      let makeCredentialOptions = {
+        rp: completeRP, user: completeUser, challenge: gCredentialChallenge,
+        pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsGood)
+                  .catch(arrivingHereIsBad);
+    }
+
+    // Test with too-large user ID buffer
+    async function test_too_large_user_id() {
+      let hugeUser = {id: new Uint8Array(65),
+                          name: "Fox F. Foxington",
+                          icon: "https://example.com/fox.svg",
+                          displayName: "Foxxy V"};
+      let makeCredentialOptions = {
+        rp, user: hugeUser, challenge: gCredentialChallenge,
+        pubKeyCredParams: [param]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsBad)
+                  .catch(expectTypeError);
+    }
+
+    // Test with excluding unknown transports
+    async function test_excluding_unknown_transports() {
+      let completeRP = {id: document.domain, name: "Foxxy Name",
+                        icon: "https://example.com/fox.svg"};
+      let completeUser = {id: string2buffer("foxes_are_the_best@example.com"),
+                          name: "Fox F. Foxington",
+                          icon: "https://example.com/fox.svg",
+                          displayName: "Foxxy V"};
+      let excludedUnknownTransport = {type: "public-key",
+                                      id: string2buffer("123"),
+                                      transports: ["unknown", "usb"]};
+      let makeCredentialOptions = {
+        rp: completeRP, user: completeUser, challenge: gCredentialChallenge,
+        pubKeyCredParams: [param], excludeCredentials: [excludedUnknownTransport]
+      };
+      return credm.create({publicKey: makeCredentialOptions})
+                  .then(arrivingHereIsGood)
+                  .catch(arrivingHereIsBad);
+    }
+
+    async function test_unknown_attestation_type() {
+      let makeCredentialOptions = {
+        rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param],
+        attestation: "unknown"
+      };
+      return credm.create({publicKey: makeCredentialOptions })
+                  .then(arrivingHereIsGood)
+                  .catch(arrivingHereIsBad);
+    }
+
+    async function test_unknown_selection_criteria() {
+      let makeCredentialOptions = {
+        rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param],
+            authenticatorSelection: {
+                  userVerificationRequirement: "unknown UV requirement",
+                  authenticatorAttachment: "unknown authenticator attachment type"
+            },
+      };
+      return credm.create({publicKey: makeCredentialOptions })
+                  .then(arrivingHereIsGood)
+                  .catch(arrivingHereIsBad);
+    }
+
+  </script>
+
+</body>
+</html>
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 01:47:29 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 01:47:29 +0000
commit	0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d (patch)
tree	a31f07c9bcca9d56ce61e9a1ffd30ef350d513aa /dom/webauthn/tests/test_webauthn_make_credential.html
parent	Initial commit. (diff)
download	firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.tar.xz firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.zip