From 43a97878ce14b72f0981164f87f2e35e14151312 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 11:22:09 +0200 Subject: Adding upstream version 110.0.1. Signed-off-by: Daniel Baumann --- dom/u2f/tests/browser/browser.ini | 10 ++ dom/u2f/tests/browser/browser_abort_visibility.js | 137 ++++++++++++++++++++++ dom/u2f/tests/browser/browser_appid_localhost.js | 98 ++++++++++++++++ dom/u2f/tests/browser/head.js | 21 ++++ dom/u2f/tests/browser/tab_u2f_result.html | 14 +++ 5 files changed, 280 insertions(+) create mode 100644 dom/u2f/tests/browser/browser.ini create mode 100644 dom/u2f/tests/browser/browser_abort_visibility.js create mode 100644 dom/u2f/tests/browser/browser_appid_localhost.js create mode 100644 dom/u2f/tests/browser/head.js create mode 100644 dom/u2f/tests/browser/tab_u2f_result.html (limited to 'dom/u2f/tests/browser') diff --git a/dom/u2f/tests/browser/browser.ini b/dom/u2f/tests/browser/browser.ini new file mode 100644 index 0000000000..705fba44dc --- /dev/null +++ b/dom/u2f/tests/browser/browser.ini @@ -0,0 +1,10 @@ +[DEFAULT] +support-files = + head.js + tab_u2f_result.html +skip-if = + win10_2004 # Test not relevant on 1903+ + win11_2009 # Test not relevant on 1903+ + +[browser_abort_visibility.js] +[browser_appid_localhost.js] diff --git a/dom/u2f/tests/browser/browser_abort_visibility.js b/dom/u2f/tests/browser/browser_abort_visibility.js new file mode 100644 index 0000000000..1eb915fc76 --- /dev/null +++ b/dom/u2f/tests/browser/browser_abort_visibility.js @@ -0,0 +1,137 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +const TEST_URL = + "https://example.com/browser/dom/u2f/tests/browser/tab_u2f_result.html"; + +async function assertStatus(tab, expected) { + let actual = await SpecialPowers.spawn( + tab.linkedBrowser, + [], + async function() { + return content.document.getElementById("status").value; + } + ); + is(actual, expected, "u2f request " + expected); +} + +async function waitForStatus(tab, expected) { + /* eslint-disable no-shadow */ + await SpecialPowers.spawn(tab.linkedBrowser, [[expected]], async function( + expected + ) { + return ContentTaskUtils.waitForCondition(() => { + return content.document.getElementById("status").value == expected; + }); + }); + /* eslint-enable no-shadow */ + + await assertStatus(tab, expected); +} + +function startMakeCredentialRequest(tab) { + let challenge = crypto.getRandomValues(new Uint8Array(16)); + challenge = bytesToBase64UrlSafe(challenge); + + /* eslint-disable no-shadow */ + return SpecialPowers.spawn(tab.linkedBrowser, [[challenge]], async function([ + challenge, + ]) { + let appId = content.location.origin; + let request = { version: "U2F_V2", challenge }; + + let status = content.document.getElementById("status"); + + content.u2f.register(appId, [request], [], result => { + status.value = result.errorCode ? "aborted" : completed; + }); + + status.value = "pending"; + }); + /* eslint-enable no-shadow */ +} + +function startGetAssertionRequest(tab) { + let challenge = crypto.getRandomValues(new Uint8Array(16)); + challenge = bytesToBase64UrlSafe(challenge); + + let keyHandle = crypto.getRandomValues(new Uint8Array(16)); + keyHandle = bytesToBase64UrlSafe(keyHandle); + + /* eslint-disable no-shadow */ + return SpecialPowers.spawn( + tab.linkedBrowser, + [[challenge, keyHandle]], + async function([challenge, keyHandle]) { + let appId = content.location.origin; + let key = { version: "U2F_V2", keyHandle }; + + let status = content.document.getElementById("status"); + + content.u2f.sign(appId, challenge, [key], result => { + status.value = result.errorCode ? "aborted" : completed; + }); + + status.value = "pending"; + } + ); + /* eslint-enable no-shadow */ +} + +// Test that MakeCredential() and GetAssertion() requests +// are aborted when the current tab loses its focus. +add_task(async function test_abort() { + // Enable the USB token. + Services.prefs.setBoolPref("security.webauth.u2f", true); + Services.prefs.setBoolPref( + "security.webauth.webauthn_enable_softtoken", + false + ); + Services.prefs.setBoolPref("security.webauth.webauthn_enable_usbtoken", true); + Services.prefs.setBoolPref( + "security.webauth.webauthn_enable_android_fido2", + false + ); + + // Create a new tab for the MakeCredential() request. + let tab_create = await BrowserTestUtils.openNewForegroundTab( + gBrowser, + TEST_URL + ); + + // Start the request. + await startMakeCredentialRequest(tab_create); + await assertStatus(tab_create, "pending"); + + // Open another tab and switch to it. The first will lose focus. + let tab_get = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL); + + // Start a GetAssertion() request in the second tab. That will abort the first. + await startGetAssertionRequest(tab_get); + await waitForStatus(tab_get, "pending"); + await waitForStatus(tab_create, "aborted"); + + // Start a second request in the second tab. It should remain pending. + await startGetAssertionRequest(tab_get); + await waitForStatus(tab_get, "pending"); + + // Switch back to the first tab. The second should still be pending + await BrowserTestUtils.switchTab(gBrowser, tab_create); + await assertStatus(tab_get, "pending"); + + // Switch back to the get tab. The second should remain pending + await BrowserTestUtils.switchTab(gBrowser, tab_get); + await assertStatus(tab_get, "pending"); + + // Close tabs. + BrowserTestUtils.removeTab(tab_create); + BrowserTestUtils.removeTab(tab_get); + + // Cleanup. + Services.prefs.clearUserPref("security.webauth.u2f"); + Services.prefs.clearUserPref("security.webauth.webauthn_enable_softtoken"); + Services.prefs.clearUserPref("security.webauth.webauthn_enable_usbtoken"); +}); diff --git a/dom/u2f/tests/browser/browser_appid_localhost.js b/dom/u2f/tests/browser/browser_appid_localhost.js new file mode 100644 index 0000000000..6ffb3b486e --- /dev/null +++ b/dom/u2f/tests/browser/browser_appid_localhost.js @@ -0,0 +1,98 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +const TEST_URL = "https://localhost/"; + +function promiseU2FRegister(tab, app_id) { + let challenge = crypto.getRandomValues(new Uint8Array(16)); + challenge = bytesToBase64UrlSafe(challenge); + + /* eslint-disable no-shadow */ + return SpecialPowers.spawn( + tab.linkedBrowser, + [[app_id, challenge]], + async function([app_id, challenge]) { + return new Promise(resolve => { + let version = "U2F_V2"; + content.u2f.register(app_id, [{ version, challenge }], [], resolve); + }); + } + ); + /* eslint-enable no-shadow */ +} + +add_task(async function() { + // By default, proxies don't apply to localhost. We need them to for this test, though: + await SpecialPowers.pushPrefEnv({ + set: [["network.proxy.allow_hijacking_localhost", true]], + }); + // Enable the soft token. + Services.prefs.setBoolPref("security.webauth.u2f", true); + Services.prefs.setBoolPref( + "security.webauth.webauthn_enable_softtoken", + true + ); + Services.prefs.setBoolPref( + "security.webauth.webauthn_enable_usbtoken", + false + ); + Services.prefs.setBoolPref( + "security.webauth.webauthn_enable_android_fido2", + false + ); + + // Open a new tab. + let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL); + + // Check that we have the right origin, and U2F is available. + let ready = await SpecialPowers.spawn(tab.linkedBrowser, [], async () => { + return content.location.origin == "https://localhost" && !!content.u2f; + }); + ok(ready, "Origin is https://localhost. U2F is available."); + + // Test: Null AppID + await promiseU2FRegister(tab, null).then(res => { + is(res.errorCode, 0, "Null AppID should work."); + }); + + // Test: Empty AppID + await promiseU2FRegister(tab, "").then(res => { + is(res.errorCode, 0, "Empty AppID should work."); + }); + + // Test: Correct TLD, incorrect scheme + await promiseU2FRegister(tab, "http://localhost/appId").then(res => { + isnot(res.errorCode, 0, "Incorrect scheme."); + }); + + // Test: Incorrect TLD + await promiseU2FRegister(tab, "https://localhost.ssl/appId").then(res => { + isnot(res.errorCode, 0, "Incorrect TLD."); + }); + + // Test: Incorrect TLD + await promiseU2FRegister(tab, "https://sub.localhost/appId").then(res => { + isnot(res.errorCode, 0, "Incorrect TLD."); + }); + + // Test: Correct TLD + await promiseU2FRegister(tab, "https://localhost/appId").then(res => { + is(res.errorCode, 0, "https://localhost/appId should work."); + }); + + // Test: Correct TLD + await promiseU2FRegister(tab, "https://localhost:443/appId").then(res => { + is(res.errorCode, 0, "https://localhost:443/appId should work."); + }); + + // Close tab. + BrowserTestUtils.removeTab(tab); + + // Cleanup. + Services.prefs.clearUserPref("security.webauth.u2f"); + Services.prefs.clearUserPref("security.webauth.webauthn_enable_softtoken"); + Services.prefs.clearUserPref("security.webauth.webauthn_enable_usbtoken"); +}); diff --git a/dom/u2f/tests/browser/head.js b/dom/u2f/tests/browser/head.js new file mode 100644 index 0000000000..ba79b94853 --- /dev/null +++ b/dom/u2f/tests/browser/head.js @@ -0,0 +1,21 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +function bytesToBase64(u8a) { + let CHUNK_SZ = 0x8000; + let c = []; + for (let i = 0; i < u8a.length; i += CHUNK_SZ) { + c.push(String.fromCharCode.apply(null, u8a.subarray(i, i + CHUNK_SZ))); + } + return window.btoa(c.join("")); +} + +function bytesToBase64UrlSafe(buf) { + return bytesToBase64(buf) + .replace(/\+/g, "-") + .replace(/\//g, "_") + .replace(/=/g, ""); +} diff --git a/dom/u2f/tests/browser/tab_u2f_result.html b/dom/u2f/tests/browser/tab_u2f_result.html new file mode 100644 index 0000000000..cc324b61a6 --- /dev/null +++ b/dom/u2f/tests/browser/tab_u2f_result.html @@ -0,0 +1,14 @@ + + + + Generic U2F Test Result Page + + + + +

Generic U2F Test Result Page

+Mozilla Bug 1420906 + + + + -- cgit v1.2.3