<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=386153
-->
<head>
  <title>Test for Bug 386153</title>
  <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
  <script type="application/javascript" src="chrome://mochikit/content/chrome-harness.js"></script>
  <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"/>
</head>
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=386153">Mozilla Bug 386153</a>
<p id="display"></p>
<div id="content" style="display: none">
  
</div>
<pre id="test">
<script type="application/javascript">

/** Test for Bug 386153 **/

const Cc = Components.classes;
const Ci = Components.interfaces;

// Opens a zip file from the test directory.
function openZip(path) {

  var location = window.location.href;
  location = getRootDirectory(location);
  var jar = getJar(location);
  if (jar != null) {
    var resolved = extractJarToTmp(jar);
  } else {
    var resolvedURI = getResolvedURI(window.location.href);
    var resolved = getChromeDir(resolvedURI);
  }
  resolved.append(path);

  var zip = Cc["@mozilla.org/libjar/zip-reader;1"].
            createInstance(Ci.nsIZipReader);
  zip.open(resolved);
  return zip;
}

// Gets the pretty name from the signing cert or null if the zip is unsigned.
function getSigner(zip) {
  var signingCert = zip.getSigningCert(null);
  if (signingCert) {
    return signingCert.organization;
  }
  return null;
}

function verifySigning(zip) {
  var signingCert = zip.getSigningCert(null);
  var count = 0;
  var entries = zip.findEntries(null);
  while (entries.hasMore()) {
    var entry = entries.getNext();
    // Nothing in META-INF is in the manifest.
    if (entry.substr(0, 9) == "META-INF/")
      continue;
    // Directory entries aren't in the manifest.
    if (entry.substr(-1) == "/")
      continue;
    count++;
    var entryCert = zip.getSigningCert(entry);
    if (!entryCert || !signingCert.equals(entryCert)) {
      return false;
    }
  }
  return zip.manifestEntriesCount == count;
}

var zip = openZip("unsigned.zip");
is(getSigner(zip), null, "Should not be signed");

zip = openZip("signed.zip");
is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert");
ok(verifySigning(zip), "Should be correctly signed");

zip = openZip("signed-added.zip");
is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert");
ok(!verifySigning(zip), "Should be incorrectly signed");

zip = openZip("signed-tampered.zip");
is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert");
ok(!verifySigning(zip), "Should be incorrectly signed");

zip = openZip("signed-badca.zip");
is(getSigner(zip), null, "Should not appear to be signed");

</script>
</pre>
</body>
</html>