The Tor Browser / file revision

security/manager/ssl/tests/mochitest/bugs/test_bug483440.html@b8a032363ba2

security/manager/ssl/tests/mochitest/bugs/test_bug483440.html

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 <html>

     2 <head>

     3   <title>Test bug 483437 and bug 480509</title>

     4   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        

     5   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />

     6 </head>

     7 <body>

     8 

     9 <script class="testbody" type="text/javascript">

    10 

    11 var certdb = SpecialPowers.Cc["@mozilla.org/security/x509certdb;1"]

    12   .getService(SpecialPowers.Ci.nsIX509CertDB);

    13 

    14 function test(certNick, expected)

    15 {

    16   var cert1 = certdb.findCertByNickname(null, certNick);

    17   var certDumpTree1 = SpecialPowers.Cc["@mozilla.org/security/nsASN1Tree;1"]

    18                      .createInstance(SpecialPowers.Ci.nsIASN1Tree);

    19   certDumpTree1.loadASN1Structure(cert1.ASN1Structure);

    20   var value1 = certDumpTree1.getDisplayData(9);

    21   

    22   is(value1, expected, "Incorrect OID recognized");

    23 }

    24 

    25 test("bug483440-attack2b", 

    26      "Object Identifier (2 5 4 Unknown) = www.bank.com\n"+

    27      "OU = Hacking Division\n"+

    28      "CN = www.badguy.com\nO = Badguy Inc\n");

    29 

    30 test("bug483440-pk10oflo",

    31      "Object Identifier (2 5 4 Unknown) = www.bank.com\n"+

    32      "OU = Hacking Division\n"+

    33      "CN = www.badguy.com\nO = Badguy Inc\n");

    34 

    35 test("bug483440-attack7",

    36 

    37      // Check 88 80 80 80 01, not leading, have to pass

    38      "Object Identifier (2 5 4 2147483649) = attack1\n"+

    39      

    40      // Check 90 80 80 80 01, not leading, have to fail

    41      "Object Identifier (2 5 4 Unknown) = attack2\n"+

    42      

    43      // Check 80 80 80 80 80, not leading, have to fail

    44      "Object Identifier (2 5 4 Unknown) = attack3\n"+

    45      

    46      // Check 81 81, trailing, have to fail

    47      "Object Identifier (2 5 4 3 Unknown) = attack4\n"+

    48      

    49      // Check FF FF FF 7F, not leading, have to pass

    50      "Object Identifier (2 5 4 268435455) = attack5\n"+

    51      

    52      // Check 80 leading, have to fail

    53      "Object Identifier (Unknown 3) = attack6\n"+

    54      

    55      // Check 14757 = 2*40 + 14677 leading single byle encoded as F325, 

    56      // have to pass

    57      "Object Identifier (2 14677 4 3) = attack7\n");

    58 

    59 </script>

    60 

    61 </body>

    62 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial