From 6bf0a5cb5034a7e684dcc3500e841785237ce2dd Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 19:32:43 +0200 Subject: Adding upstream version 1:115.7.0. Signed-off-by: Daniel Baumann --- .../test/xpcshell/test_ext_pkcs11_management.js | 300 +++++++++++++++++++++ 1 file changed, 300 insertions(+) create mode 100644 browser/components/extensions/test/xpcshell/test_ext_pkcs11_management.js (limited to 'browser/components/extensions/test/xpcshell/test_ext_pkcs11_management.js') diff --git a/browser/components/extensions/test/xpcshell/test_ext_pkcs11_management.js b/browser/components/extensions/test/xpcshell/test_ext_pkcs11_management.js new file mode 100644 index 0000000000..8c713191cc --- /dev/null +++ b/browser/components/extensions/test/xpcshell/test_ext_pkcs11_management.js @@ -0,0 +1,300 @@ +"use strict"; + +ChromeUtils.defineESModuleGetters(this, { + MockRegistry: "resource://testing-common/MockRegistry.sys.mjs", + ctypes: "resource://gre/modules/ctypes.sys.mjs", +}); + +do_get_profile(); + +let tmpDir; +let baseDir; +let slug = + AppConstants.platform === "linux" ? "pkcs11-modules" : "PKCS11Modules"; + +add_task(async function setupTest() { + tmpDir = await IOUtils.createUniqueDirectory( + Services.dirsvc.get("TmpD", Ci.nsIFile).path, + "PKCS11" + ); + + baseDir = PathUtils.join(tmpDir, slug); + await IOUtils.makeDirectory(baseDir); +}); + +registerCleanupFunction(async () => { + await IOUtils.remove(tmpDir, { recursive: true }); +}); + +const testmodule = PathUtils.join( + PathUtils.parent(Services.dirsvc.get("CurWorkD", Ci.nsIFile).path, 5), + "security", + "manager", + "ssl", + "tests", + "unit", + "pkcs11testmodule", + ctypes.libraryName("pkcs11testmodule") +); + +// This function was inspired by the native messaging test under +// toolkit/components/extensions + +async function setupManifests(modules) { + async function writeManifest(module) { + let manifest = { + name: module.name, + description: module.description, + path: module.path, + type: "pkcs11", + allowed_extensions: [module.id], + }; + + let manifestPath = PathUtils.join(baseDir, `${module.name}.json`); + await IOUtils.writeJSON(manifestPath, manifest); + + return manifestPath; + } + + switch (AppConstants.platform) { + case "macosx": + case "linux": + let dirProvider = { + getFile(property) { + if ( + property == "XREUserNativeManifests" || + property == "XRESysNativeManifests" + ) { + return new FileUtils.File(tmpDir); + } + return null; + }, + }; + + Services.dirsvc.registerProvider(dirProvider); + registerCleanupFunction(() => { + Services.dirsvc.unregisterProvider(dirProvider); + }); + + for (let module of modules) { + await writeManifest(module); + } + break; + + case "win": + const REGKEY = String.raw`Software\Mozilla\PKCS11Modules`; + + let registry = new MockRegistry(); + registerCleanupFunction(() => { + registry.shutdown(); + }); + + for (let module of modules) { + let manifestPath = await writeManifest(module); + registry.setValue( + Ci.nsIWindowsRegKey.ROOT_KEY_CURRENT_USER, + `${REGKEY}\\${module.name}`, + "", + manifestPath + ); + } + break; + + default: + ok( + false, + `Loading of PKCS#11 modules is not supported on ${AppConstants.platform}` + ); + } +} + +add_task(async function test_pkcs11() { + async function background() { + try { + const { os } = await browser.runtime.getPlatformInfo(); + if (os !== "win") { + // Expect this call to not throw (explicitly cover regression fixed in Bug 1759162). + let isInstalledNonAbsolute = await browser.pkcs11.isModuleInstalled( + "testmoduleNonAbsolutePath" + ); + browser.test.assertFalse( + isInstalledNonAbsolute, + "PKCS#11 module with non absolute path expected to not be installed" + ); + } + let isInstalled = await browser.pkcs11.isModuleInstalled("testmodule"); + browser.test.assertFalse( + isInstalled, + "PKCS#11 module is not installed before we install it" + ); + await browser.pkcs11.installModule("testmodule", 0); + isInstalled = await browser.pkcs11.isModuleInstalled("testmodule"); + browser.test.assertTrue( + isInstalled, + "PKCS#11 module is installed after we install it" + ); + let slots = await browser.pkcs11.getModuleSlots("testmodule"); + browser.test.assertEq( + "Test PKCS11 Slot", + slots[0].name, + "The first slot name matches the expected name" + ); + browser.test.assertEq( + "Test PKCS11 Slot 二", + slots[1].name, + "The second slot name matches the expected name" + ); + browser.test.assertTrue(slots[1].token, "The second slot has a token"); + browser.test.assertFalse(slots[2].token, "The third slot has no token"); + browser.test.assertEq( + "Test PKCS11 Tokeñ 2 Label", + slots[1].token.name, + "The token name matches the expected name" + ); + browser.test.assertEq( + "Test PKCS11 Manufacturer ID", + slots[1].token.manufacturer, + "The token manufacturer matches the expected manufacturer" + ); + browser.test.assertEq( + "0.0", + slots[1].token.HWVersion, + "The token hardware version matches the expected version" + ); + browser.test.assertEq( + "0.0", + slots[1].token.FWVersion, + "The token firmware version matches the expected version" + ); + browser.test.assertEq( + "", + slots[1].token.serial, + "The token has no serial number" + ); + browser.test.assertFalse( + slots[1].token.isLoggedIn, + "The token is not logged in" + ); + await browser.pkcs11.uninstallModule("testmodule"); + isInstalled = await browser.pkcs11.isModuleInstalled("testmodule"); + browser.test.assertFalse( + isInstalled, + "PKCS#11 module is no longer installed after we uninstall it" + ); + await browser.pkcs11.installModule("testmodule"); + isInstalled = await browser.pkcs11.isModuleInstalled("testmodule"); + browser.test.assertTrue( + isInstalled, + "Installing the PKCS#11 module without flags parameter succeeds" + ); + await browser.pkcs11.uninstallModule("testmodule"); + await browser.test.assertRejects( + browser.pkcs11.isModuleInstalled("nonexistingmodule"), + /No such PKCS#11 module nonexistingmodule/, + "We cannot access modules if no JSON file exists" + ); + await browser.test.assertRejects( + browser.pkcs11.isModuleInstalled("othermodule"), + /No such PKCS#11 module othermodule/, + "We cannot access modules if we're not listed in the module's manifest file's allowed_extensions key" + ); + await browser.test.assertRejects( + browser.pkcs11.uninstallModule("internalmodule"), + /No such PKCS#11 module internalmodule/, + "We cannot uninstall the NSS Builtin Roots Module" + ); + await browser.test.assertRejects( + browser.pkcs11.installModule("osclientcerts", 0), + /No such PKCS#11 module osclientcerts/, + "installModule should not work on the built-in osclientcerts module" + ); + await browser.test.assertRejects( + browser.pkcs11.uninstallModule("osclientcerts"), + /No such PKCS#11 module osclientcerts/, + "uninstallModule should not work on the built-in osclientcerts module" + ); + await browser.test.assertRejects( + browser.pkcs11.isModuleInstalled("osclientcerts"), + /No such PKCS#11 module osclientcerts/, + "isModuleLoaded should not work on the built-in osclientcerts module" + ); + await browser.test.assertRejects( + browser.pkcs11.getModuleSlots("osclientcerts"), + /No such PKCS#11 module osclientcerts/, + "getModuleSlots should not work on the built-in osclientcerts module" + ); + await browser.test.assertRejects( + browser.pkcs11.installModule("ipcclientcerts", 0), + /No such PKCS#11 module ipcclientcerts/, + "installModule should not work on the built-in ipcclientcerts module" + ); + await browser.test.assertRejects( + browser.pkcs11.uninstallModule("ipcclientcerts"), + /No such PKCS#11 module ipcclientcerts/, + "uninstallModule should not work on the built-in ipcclientcerts module" + ); + await browser.test.assertRejects( + browser.pkcs11.isModuleInstalled("ipcclientcerts"), + /No such PKCS#11 module ipcclientcerts/, + "isModuleLoaded should not work on the built-in ipcclientcerts module" + ); + await browser.test.assertRejects( + browser.pkcs11.getModuleSlots("ipcclientcerts"), + /No such PKCS#11 module ipcclientcerts/, + "getModuleSlots should not work on the built-in ipcclientcerts module" + ); + browser.test.notifyPass("pkcs11"); + } catch (e) { + browser.test.fail(`Error: ${String(e)} :: ${e.stack}`); + browser.test.notifyFail("pkcs11 failed"); + } + } + + let libDir = FileUtils.getDir("GreBinD", []); + await setupManifests([ + { + name: "testmodule", + description: "PKCS#11 Test Module", + path: testmodule, + id: "pkcs11@tests.mozilla.org", + }, + { + name: "testmoduleNonAbsolutePath", + description: "PKCS#11 Test Module", + path: ctypes.libraryName("pkcs11testmodule"), + id: "pkcs11@tests.mozilla.org", + }, + { + name: "othermodule", + description: "PKCS#11 Test Module", + path: testmodule, + id: "other@tests.mozilla.org", + }, + { + name: "internalmodule", + description: "Builtin Roots Module", + path: PathUtils.join( + Services.dirsvc.get("CurWorkD", Ci.nsIFile).path, + ctypes.libraryName("nssckbi") + ), + id: "pkcs11@tests.mozilla.org", + }, + { + name: "osclientcerts", + description: "OS Client Cert Module", + path: PathUtils.join(libDir.path, ctypes.libraryName("osclientcerts")), + id: "pkcs11@tests.mozilla.org", + }, + ]); + + let extension = ExtensionTestUtils.loadExtension({ + manifest: { + permissions: ["pkcs11"], + browser_specific_settings: { gecko: { id: "pkcs11@tests.mozilla.org" } }, + }, + background: background, + }); + await extension.startup(); + await extension.awaitFinish("pkcs11"); + await extension.unload(); +}); -- cgit v1.2.3