security/manager/ssl/tests/mochitest/bugs/test_bug483440.html@b8a032363ba2 (annotated)
security/manager/ssl/tests/mochitest/bugs/test_bug483440.html
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
| michael@0 | 1 | <html> |
| michael@0 | 2 | <head> |
| michael@0 | 3 | <title>Test bug 483437 and bug 480509</title> |
| michael@0 | 4 | <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> |
| michael@0 | 5 | <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> |
| michael@0 | 6 | </head> |
| michael@0 | 7 | <body> |
| michael@0 | 8 | |
| michael@0 | 9 | <script class="testbody" type="text/javascript"> |
| michael@0 | 10 | |
| michael@0 | 11 | var certdb = SpecialPowers.Cc["@mozilla.org/security/x509certdb;1"] |
| michael@0 | 12 | .getService(SpecialPowers.Ci.nsIX509CertDB); |
| michael@0 | 13 | |
| michael@0 | 14 | function test(certNick, expected) |
| michael@0 | 15 | { |
| michael@0 | 16 | var cert1 = certdb.findCertByNickname(null, certNick); |
| michael@0 | 17 | var certDumpTree1 = SpecialPowers.Cc["@mozilla.org/security/nsASN1Tree;1"] |
| michael@0 | 18 | .createInstance(SpecialPowers.Ci.nsIASN1Tree); |
| michael@0 | 19 | certDumpTree1.loadASN1Structure(cert1.ASN1Structure); |
| michael@0 | 20 | var value1 = certDumpTree1.getDisplayData(9); |
| michael@0 | 21 | |
| michael@0 | 22 | is(value1, expected, "Incorrect OID recognized"); |
| michael@0 | 23 | } |
| michael@0 | 24 | |
| michael@0 | 25 | test("bug483440-attack2b", |
| michael@0 | 26 | "Object Identifier (2 5 4 Unknown) = www.bank.com\n"+ |
| michael@0 | 27 | "OU = Hacking Division\n"+ |
| michael@0 | 28 | "CN = www.badguy.com\nO = Badguy Inc\n"); |
| michael@0 | 29 | |
| michael@0 | 30 | test("bug483440-pk10oflo", |
| michael@0 | 31 | "Object Identifier (2 5 4 Unknown) = www.bank.com\n"+ |
| michael@0 | 32 | "OU = Hacking Division\n"+ |
| michael@0 | 33 | "CN = www.badguy.com\nO = Badguy Inc\n"); |
| michael@0 | 34 | |
| michael@0 | 35 | test("bug483440-attack7", |
| michael@0 | 36 | |
| michael@0 | 37 | // Check 88 80 80 80 01, not leading, have to pass |
| michael@0 | 38 | "Object Identifier (2 5 4 2147483649) = attack1\n"+ |
| michael@0 | 39 | |
| michael@0 | 40 | // Check 90 80 80 80 01, not leading, have to fail |
| michael@0 | 41 | "Object Identifier (2 5 4 Unknown) = attack2\n"+ |
| michael@0 | 42 | |
| michael@0 | 43 | // Check 80 80 80 80 80, not leading, have to fail |
| michael@0 | 44 | "Object Identifier (2 5 4 Unknown) = attack3\n"+ |
| michael@0 | 45 | |
| michael@0 | 46 | // Check 81 81, trailing, have to fail |
| michael@0 | 47 | "Object Identifier (2 5 4 3 Unknown) = attack4\n"+ |
| michael@0 | 48 | |
| michael@0 | 49 | // Check FF FF FF 7F, not leading, have to pass |
| michael@0 | 50 | "Object Identifier (2 5 4 268435455) = attack5\n"+ |
| michael@0 | 51 | |
| michael@0 | 52 | // Check 80 leading, have to fail |
| michael@0 | 53 | "Object Identifier (Unknown 3) = attack6\n"+ |
| michael@0 | 54 | |
| michael@0 | 55 | // Check 14757 = 2*40 + 14677 leading single byle encoded as F325, |
| michael@0 | 56 | // have to pass |
| michael@0 | 57 | "Object Identifier (2 14677 4 3) = attack7\n"); |
| michael@0 | 58 | |
| michael@0 | 59 | </script> |
| michael@0 | 60 | |
| michael@0 | 61 | </body> |
| michael@0 | 62 | </html> |
