modules/libjar/test/chrome/test_bug386153.html@6474c204b198 (annotated)
modules/libjar/test/chrome/test_bug386153.html
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | <!DOCTYPE HTML> |
| michael@0 | 2 | <html> |
| michael@0 | 3 | <!-- |
| michael@0 | 4 | https://bugzilla.mozilla.org/show_bug.cgi?id=386153 |
| michael@0 | 5 | --> |
| michael@0 | 6 | <head> |
| michael@0 | 7 | <title>Test for Bug 386153</title> |
| michael@0 | 8 | <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script> |
| michael@0 | 9 | <script type="application/javascript" src="chrome://mochikit/content/chrome-harness.js"></script> |
| michael@0 | 10 | <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"/> |
| michael@0 | 11 | </head> |
| michael@0 | 12 | <body> |
| michael@0 | 13 | <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=386153">Mozilla Bug 386153</a> |
| michael@0 | 14 | <p id="display"></p> |
| michael@0 | 15 | <div id="content" style="display: none"> |
| michael@0 | 16 | |
| michael@0 | 17 | </div> |
| michael@0 | 18 | <pre id="test"> |
| michael@0 | 19 | <script type="application/javascript"> |
| michael@0 | 20 | |
| michael@0 | 21 | /** Test for Bug 386153 **/ |
| michael@0 | 22 | |
| michael@0 | 23 | const Cc = Components.classes; |
| michael@0 | 24 | const Ci = Components.interfaces; |
| michael@0 | 25 | |
| michael@0 | 26 | // Opens a zip file from the test directory. |
| michael@0 | 27 | function openZip(path) { |
| michael@0 | 28 | |
| michael@0 | 29 | var location = window.location.href; |
| michael@0 | 30 | location = getRootDirectory(location); |
| michael@0 | 31 | var jar = getJar(location); |
| michael@0 | 32 | if (jar != null) { |
| michael@0 | 33 | var resolved = extractJarToTmp(jar); |
| michael@0 | 34 | } else { |
| michael@0 | 35 | var resolvedURI = getResolvedURI(window.location.href); |
| michael@0 | 36 | var resolved = getChromeDir(resolvedURI); |
| michael@0 | 37 | } |
| michael@0 | 38 | resolved.append(path); |
| michael@0 | 39 | |
| michael@0 | 40 | var zip = Cc["@mozilla.org/libjar/zip-reader;1"]. |
| michael@0 | 41 | createInstance(Ci.nsIZipReader); |
| michael@0 | 42 | zip.open(resolved); |
| michael@0 | 43 | return zip; |
| michael@0 | 44 | } |
| michael@0 | 45 | |
| michael@0 | 46 | // Gets the pretty name from the signing cert or null if the zip is unsigned. |
| michael@0 | 47 | function getSigner(zip) { |
| michael@0 | 48 | var principal = zip.getCertificatePrincipal(null); |
| michael@0 | 49 | if (principal && principal.hasCertificate) |
| michael@0 | 50 | return principal.prettyName; |
| michael@0 | 51 | return null; |
| michael@0 | 52 | } |
| michael@0 | 53 | |
| michael@0 | 54 | function verifySigning(zip) { |
| michael@0 | 55 | var principal = zip.getCertificatePrincipal(null); |
| michael@0 | 56 | var count = 0; |
| michael@0 | 57 | var entries = zip.findEntries(null); |
| michael@0 | 58 | while (entries.hasMore()) { |
| michael@0 | 59 | var entry = entries.getNext(); |
| michael@0 | 60 | // Nothing in META-INF is in the manifest. |
| michael@0 | 61 | if (entry.substr(0, 9) == "META-INF/") |
| michael@0 | 62 | continue; |
| michael@0 | 63 | // Directory entries aren't in the manifest. |
| michael@0 | 64 | if (entry.substr(-1) == "/") |
| michael@0 | 65 | continue; |
| michael@0 | 66 | count++; |
| michael@0 | 67 | var entryPrincipal = zip.getCertificatePrincipal(entry); |
| michael@0 | 68 | if (!entryPrincipal || !principal.equals(entryPrincipal)) |
| michael@0 | 69 | return false; |
| michael@0 | 70 | } |
| michael@0 | 71 | return zip.manifestEntriesCount == count; |
| michael@0 | 72 | } |
| michael@0 | 73 | |
| michael@0 | 74 | var zip = openZip("unsigned.zip"); |
| michael@0 | 75 | is(getSigner(zip), null, "Should not be signed"); |
| michael@0 | 76 | |
| michael@0 | 77 | zip = openZip("signed.zip"); |
| michael@0 | 78 | is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert"); |
| michael@0 | 79 | ok(verifySigning(zip), "Should be correctly signed"); |
| michael@0 | 80 | |
| michael@0 | 81 | zip = openZip("signed-added.zip"); |
| michael@0 | 82 | is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert"); |
| michael@0 | 83 | ok(!verifySigning(zip), "Should be incorrectly signed"); |
| michael@0 | 84 | |
| michael@0 | 85 | zip = openZip("signed-tampered.zip"); |
| michael@0 | 86 | is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert"); |
| michael@0 | 87 | ok(!verifySigning(zip), "Should be incorrectly signed"); |
| michael@0 | 88 | |
| michael@0 | 89 | zip = openZip("signed-badca.zip"); |
| michael@0 | 90 | is(getSigner(zip), null, "Should not appear to be signed"); |
| michael@0 | 91 | |
| michael@0 | 92 | </script> |
| michael@0 | 93 | </pre> |
| michael@0 | 94 | </body> |
| michael@0 | 95 | </html> |
