<!DOCTYPE HTML> <html> <!-- https://bugzilla.mozilla.org/show_bug.cgi?id=386153 --> <head> <title>Test for Bug 386153</title> <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script> <script type="application/javascript" src="chrome://mochikit/content/chrome-harness.js"></script> <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"/> </head> <body> <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=386153">Mozilla Bug 386153</a> <p id="display"></p> <div id="content" style="display: none"> </div> <pre id="test"> <script type="application/javascript"> /** Test for Bug 386153 **/ const Cc = Components.classes; const Ci = Components.interfaces; // Opens a zip file from the test directory. function openZip(path) { var location = window.location.href; location = getRootDirectory(location); var jar = getJar(location); if (jar != null) { var resolved = extractJarToTmp(jar); } else { var resolvedURI = getResolvedURI(window.location.href); var resolved = getChromeDir(resolvedURI); } resolved.append(path); var zip = Cc["@mozilla.org/libjar/zip-reader;1"]. createInstance(Ci.nsIZipReader); zip.open(resolved); return zip; } // Gets the pretty name from the signing cert or null if the zip is unsigned. function getSigner(zip) { var signingCert = zip.getSigningCert(null); if (signingCert) { return signingCert.organization; } return null; } function verifySigning(zip) { var signingCert = zip.getSigningCert(null); var count = 0; var entries = zip.findEntries(null); while (entries.hasMore()) { var entry = entries.getNext(); // Nothing in META-INF is in the manifest. if (entry.substr(0, 9) == "META-INF/") continue; // Directory entries aren't in the manifest. if (entry.substr(-1) == "/") continue; count++; var entryCert = zip.getSigningCert(entry); if (!entryCert || !signingCert.equals(entryCert)) { return false; } } return zip.manifestEntriesCount == count; } var zip = openZip("unsigned.zip"); is(getSigner(zip), null, "Should not be signed"); zip = openZip("signed.zip"); is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert"); ok(verifySigning(zip), "Should be correctly signed"); zip = openZip("signed-added.zip"); is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert"); ok(!verifySigning(zip), "Should be incorrectly signed"); zip = openZip("signed-tampered.zip"); is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert"); ok(!verifySigning(zip), "Should be incorrectly signed"); zip = openZip("signed-badca.zip"); is(getSigner(zip), null, "Should not appear to be signed"); </script> </pre> </body> </html>