summaryrefslogtreecommitdiffstats
path: root/modules/libjar/test/chrome/test_bug386153.html
blob: 3fe541a1a8488d568cd7907f14b96fcdcace6429 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=386153
-->
<head>
  <title>Test for Bug 386153</title>
  <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
  <script type="application/javascript" src="chrome://mochikit/content/chrome-harness.js"></script>
  <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"/>
</head>
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=386153">Mozilla Bug 386153</a>
<p id="display"></p>
<div id="content" style="display: none">
  
</div>
<pre id="test">
<script type="application/javascript">

/** Test for Bug 386153 **/

const Cc = Components.classes;
const Ci = Components.interfaces;

// Opens a zip file from the test directory.
function openZip(path) {

  var location = window.location.href;
  location = getRootDirectory(location);
  var jar = getJar(location);
  if (jar != null) {
    var resolved = extractJarToTmp(jar);
  } else {
    var resolvedURI = getResolvedURI(window.location.href);
    var resolved = getChromeDir(resolvedURI);
  }
  resolved.append(path);

  var zip = Cc["@mozilla.org/libjar/zip-reader;1"].
            createInstance(Ci.nsIZipReader);
  zip.open(resolved);
  return zip;
}

// Gets the pretty name from the signing cert or null if the zip is unsigned.
function getSigner(zip) {
  var signingCert = zip.getSigningCert(null);
  if (signingCert) {
    return signingCert.organization;
  }
  return null;
}

function verifySigning(zip) {
  var signingCert = zip.getSigningCert(null);
  var count = 0;
  var entries = zip.findEntries(null);
  while (entries.hasMore()) {
    var entry = entries.getNext();
    // Nothing in META-INF is in the manifest.
    if (entry.substr(0, 9) == "META-INF/")
      continue;
    // Directory entries aren't in the manifest.
    if (entry.substr(-1) == "/")
      continue;
    count++;
    var entryCert = zip.getSigningCert(entry);
    if (!entryCert || !signingCert.equals(entryCert)) {
      return false;
    }
  }
  return zip.manifestEntriesCount == count;
}

var zip = openZip("unsigned.zip");
is(getSigner(zip), null, "Should not be signed");

zip = openZip("signed.zip");
is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert");
ok(verifySigning(zip), "Should be correctly signed");

zip = openZip("signed-added.zip");
is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert");
ok(!verifySigning(zip), "Should be incorrectly signed");

zip = openZip("signed-tampered.zip");
is(getSigner(zip), "Mozilla Testing", "Should be signed by the right cert");
ok(!verifySigning(zip), "Should be incorrectly signed");

zip = openZip("signed-badca.zip");
is(getSigner(zip), null, "Should not appear to be signed");

</script>
</pre>
</body>
</html>