KotJohansson/palemoon27
1
0
Fork 0
mirror of https://github.com/roytam1/palemoon27.git synced 2026-05-26 13:43:44 +00:00
Code Issues Projects Releases Wiki Activity

import changes from `dev' branch of rmottola/Arctic-Fox:

Browse Source 
- Bug 1147247 - Use PRErrorCodeSuccess constant instead of literal 0 to represent success in PSM xpcshell tests. r=dkeeler (493559944)
- bug 1151512 - only allow whitelisted certificates to be issued by CNNIC root certificates r=jcj r=rbarnes (cd2131810)
- bug 1157873 - remove certificates from CNNIC whitelist that aren't in the Pilot Certificate Transparency log r=rbarnes (a1a1a01a8)
- Bug 996872 - Reduce calls to getXPCOMStatusFromNSS() in PSM xpcshell tests. r=keeler relanding on a CLOSED TREE (c26cb3a1c)
- Bug 1149805 - Switch head_psm.js to Assert.jsm methods and add expected result strings. r=keeler (a97667d2f)
- bug 1102436 - remove PublicKeyPinningService::CheckChainAgainstAllNames r=Cykesiopka (2fdfc2694)
- Bug 1164409 - Reduce PSM xpcshell script code duplication. r=keeler (eaf339d67)
- Bug 1170431 - Pass buildid as input to pycert.py. r=gps (0ad7492ef)
- pointer and comment style (f659d45ec)
- add missing test of Bug 1138195 - Ensure that the bytecode analysis is consistent with the bindings. r=jandem (a4aa50c3e)
- And fix this to actually compile... Still bug 1160311. (f15aef67f)
- pointer style (d41e7fda2)
- Bug 1194139 - Fix includes order to make the SM style checker happy. (d02e8c839)
- pointer style (4ac1a858a)
- Bug 1193212 - Ensure properties deleted by setting Array#length are suppressed in active for..in iteration. r=jandem (b5b3b479d)
- Bug 1176712 - Cannot have two activities with same name and different filters. r=fabrice (231b5a89d)
- Bug 1161537 - Intermittent test_dev_mode_activity.html | Got error: undefined - expected PASS r=me (c1b0c88d0)
- Bug 1105766 - Part 1: Extend the GC allocation logic to work on Windows Phone. r=terrence (e17916f5b)
- Bug 1105766 - Part 2: A couple of additions to enable compilation on Windows Phone 8. r=terrence r=ehoogeveen (1d3d809fe)
- Bug 1189967 - Avoid including <string> from Char16.h. r=nfroyd (695a687bb)
- Bug 1345331: Include <intrin.h> at top-level before lz4.c can include it in a namespace. r=Waldo (63216582f)
- remove namespace (09dd2830c)
- Bug 1145056 - Coverity complains on every use of MutexAutoLock and GuardObjectNotifier. r=froydnj (0f891929d)
- Bug 1145056 - Assert that the guard notifier has been initialized. r=froydnj (061895ad3)
- spacing (56b8e1fea)
- Bug 1113300 - Add a way to use SegmentedVector like a stack. r=froydnj (2fdaf928e)
- bug 606080 - add SplayTree::LookupOrAdd r=froydnj (95591b341)
- Bug 1177541 - Remove warning if file is not found during deferred open. r=mcmanus (f15650a51)
- spaces and style (2b0558951)
This commit is contained in:
roytam1
2021-12-02 09:22:42 +08:00
parent 6aebd225b3
commit 2c42679c4c
149 changed files with 9280 additions and 1362 deletions
Download Patch File Download Diff File Expand all files Collapse all files
build/virtualenv_packages.txt
+2
View File
@@ -24,6 +24,8 @@ packages.txt:testing/mozbase/packages.txt
objdir:build
gyp.pth:media/webrtc/trunk/tools/gyp/pylib
pyasn1.pth:python/pyasn1
pyasn1_modules.pth:python/pyasn1-modules
bitstring.pth:python/bitstring
redo.pth:python/redo
requests.pth:python/requests
rsa.pth:python/rsa
dom/activities/ActivitiesService.jsm
+86 -11
View File
@@ -34,7 +34,7 @@ function debug(aMsg) {
}
const DB_NAME = "activities";
const DB_VERSION = 1;
const DB_VERSION = 2;
const STORE_NAME = "activities";
function ActivitiesDb() {
@@ -63,6 +63,25 @@ ActivitiesDb.prototype = {
*/
upgradeSchema: function actdb_upgradeSchema(aTransaction, aDb, aOldVersion, aNewVersion) {
debug("Upgrade schema " + aOldVersion + " -> " + aNewVersion);
let self = this;
function upgrade(currentVersion) {
let next = upgrade.bind(self, currentVersion + 1);
switch (currentVersion) {
case 0:
self.createSchema(aDb, next);
break;
case 1:
self.upgradeSchemaVersion2(aDb, aTransaction, next);
break;
}
}
upgrade(aOldVersion);
},
createSchema: function(aDb, aNext) {
let objectStore = aDb.createObjectStore(STORE_NAME, { keyPath: "id" });
// indexes
@@ -70,6 +89,49 @@ ActivitiesDb.prototype = {
objectStore.createIndex("manifest", "manifest", { unique: false });
debug("Created object stores and indexes");
aNext();
},
upgradeSchemaVersion2: function(aDb, aTransaction, aNext) {
debug("Upgrading DB to version 2");
// In order to be able to have multiple activities with same name
// but different descriptions, we need to update the keypath from
// a hash made from {manifest, name} to a hash made from {manifest,
// name, description}.
//
// Unfortunately, updating the keypath is not allowed by IDB, so we
// need to remove and recreate the activities object store.
let activities = [];
let objectStore = aTransaction.objectStore(STORE_NAME);
objectStore.openCursor().onsuccess = (event) => {
let cursor = event.target.result;
if (!cursor) {
aDb.deleteObjectStore(STORE_NAME);
let objectStore = aDb.createObjectStore(STORE_NAME, { keyPath: "id" });
// indexes
objectStore.createIndex("name", "name", { unique: false });
objectStore.createIndex("manifest", "manifest", { unique: false });
this.add(activities, () => {
debug("DB upgraded to version 2");
aNext();
}, () => {
dump("Error upgrading DB to version 2 " + error + "\n");
});
return;
}
let activity = cursor.value;
debug("Upgrading activity " + JSON.stringify(activity));
activity.id = this.createId(activity);
activities.push(activity);
cursor.continue();
};
},
// unique ids made of (uri, action)
@@ -83,8 +145,17 @@ ActivitiesDb.prototype = {
hasher.init(hasher.SHA1);
// add uri and action to the hash
["manifest", "name"].forEach(function(aProp) {
let data = converter.convertToByteArray(aObject[aProp], {});
["manifest", "name", "description"].forEach(function(aProp) {
if (!aObject[aProp]) {
return;
}
let property = aObject[aProp];
if (aProp == "description") {
property = JSON.stringify(aObject[aProp]);
}
let data = converter.convertToByteArray(property, {});
hasher.update(data, data.length);
});
@@ -110,16 +181,17 @@ ActivitiesDb.prototype = {
// Remove all the activities carried in the |aObjects| array.
remove: function actdb_remove(aObjects) {
this.newTxn("readwrite", STORE_NAME, function (txn, store) {
aObjects.forEach(function (aObject) {
this.newTxn("readwrite", STORE_NAME, (txn, store) => {
aObjects.forEach((aObject) => {
let object = {
manifest: aObject.manifest,
name: aObject.name
name: aObject.name,
description: aObject.description
};
debug("Going to remove " + JSON.stringify(object));
store.delete(this.createId(object));
}, this);
}.bind(this), function() {}, function() {});
});
}, function() {}, function() {});
},
// Remove all activities associated with the given |aManifest| URL.
@@ -247,8 +319,8 @@ let Activities = {
debug("Activity choice: " + aResult);
// We have no matching activity registered, let's fire an error.
// Don't do this check until we have passed to UIGlue so the glue can choose to launch
// its own activity if needed.
// Don't do this check until we have passed to UIGlue so the glue
// can choose to launch its own activity if needed.
if (aResults.options.length === 0) {
self.trySendAndCleanup(aMsg.id, "Activity:FireError", {
"id": aMsg.id,
@@ -429,13 +501,16 @@ let Activities = {
break;
case "Activities:Register":
let self = this;
this.db.add(msg,
function onSuccess(aEvent) {
debug("Activities:Register:OK");
Services.obs.notifyObservers(null, "new-activity-registered-success", null);
mm.sendAsyncMessage("Activities:Register:OK", null);
},
function onError(aEvent) {
msg.error = "REGISTER_ERROR";
debug("Activities:Register:KO");
Services.obs.notifyObservers(null, "new-activity-registered-failure", null);
mm.sendAsyncMessage("Activities:Register:KO", msg);
});
break;
dom/activities/tests/mochi/test_dev_mode_activity.html
+16 -4
View File
@@ -184,8 +184,14 @@ function continueTest() {
}
}
var obsService = Cc["@mozilla.org/observer-service;1"]
.getService(Ci.nsIObserverService);
obsService.addObserver(continueTest, "new-activity-registered-success", false);
obsService.addObserver(continueTest, "new-activity-registered-failure", false);
/**
* Test exporting and importing hosted and packaged apps.
* Test dev mode activity.
*/
function runTest() {
SpecialPowers.setAllAppsLaunchable(true);
@@ -227,6 +233,9 @@ function runTest() {
var systemApp = request.result;
ok(systemApp, "systemApp is non-null");
// yielding for the activity install observer.
yield undefined;
activity = new MozActivity({ name: "import-app" });
activity.onerror = function() {
ok(true, "2) No dev mode, system app installed");
@@ -241,6 +250,9 @@ function runTest() {
var otherApp = request.result;
ok(otherApp, "otherApp is non-null");
// yielding for the activity install observer.
yield undefined;
activity = new MozActivity({ name: "import-app" });
activity.onerror = function() {
ok(true, "3) No dev mode, system app and other app installed");
@@ -249,7 +261,7 @@ function runTest() {
activity.onsuccess = unexpectedSuccess("3) No dev mode, system app and other app installed");
yield undefined;
// 4) Dev mode, no system app installed.
// 4) Dev mode, system app and other app installed.
SpecialPowers.pushPrefEnv(
{'set': [["dom.apps.developer_mode", true]]},
continueTest);
@@ -260,8 +272,8 @@ function runTest() {
ok(true, "4) Dev mode, system app and other app installed");
continueTest();
}
activity.onerror = function(aError) {
ok(false, "Got error: " + aError.name);
activity.onerror = function(aEvent) {
ok(false, "4) Got error: " + aEvent.error.name);
finish();
}
yield undefined;
dom/apps/Webapps.jsm
+47 -58
View File
@@ -976,7 +976,8 @@ this.DOMApplicationRegistry = {
// |aEntryPoint| is either the entry_point name or the null in which case we
// use the root of the manifest.
_createActivitiesToRegister: function(aManifest, aApp, aEntryPoint, aRunUpdate) {
_createActivitiesToRegister: function(aManifest, aApp, aEntryPoint,
aRunUpdate, aUninstall) {
let activitiesToRegister = [];
let root = aManifest;
if (aEntryPoint && aManifest.entry_points[aEntryPoint]) {
@@ -989,46 +990,56 @@ this.DOMApplicationRegistry = {
let manifest = new ManifestHelper(aManifest, aApp.origin, aApp.manifestURL);
for (let activity in root.activities) {
let description = root.activities[activity];
let href = description.href;
if (!href) {
href = manifest.launch_path;
let entry = root.activities[activity];
if (!Array.isArray(entry)) {
entry = [entry];
}
for (let i = 0; i < entry.length; i++) {
let description = entry[i];
let href = description.href;
if (!href) {
href = manifest.launch_path;
}
try {
href = manifest.resolveURL(href);
} catch (e) {
debug("Activity href (" + href + ") is invalid, skipping. " +
"Error is: " + e);
continue;
}
try {
href = manifest.resolveURL(href);
} catch (e) {
debug("Activity href (" + href + ") is invalid, skipping. " +
"Error is: " + e);
continue;
}
// Make a copy of the description object since we don't want to modify
// the manifest itself, but need to register with a resolved URI.
let newDesc = {};
for (let prop in description) {
newDesc[prop] = description[prop];
}
newDesc.href = href;
// Make a copy of the description object since we don't want to modify
// the manifest itself, but need to register with a resolved URI.
let newDesc = {};
for (let prop in description) {
newDesc[prop] = description[prop];
}
newDesc.href = href;
debug('_createActivitiesToRegister: ' + aApp.manifestURL + ', activity ' +
activity + ', description.href is ' + newDesc.href);
debug('_createActivitiesToRegister: ' + aApp.manifestURL + ', activity ' +
activity + ', description.href is ' + newDesc.href);
if (aRunUpdate) {
activitiesToRegister.push({ "manifest": aApp.manifestURL,
"name": activity,
"icon": manifest.iconURLForSize(128),
"description": newDesc });
}
if (aRunUpdate || aUninstall) {
activitiesToRegister.push({ "manifest": aApp.manifestURL,
"name": activity,
"icon": manifest.iconURLForSize(128),
"description": newDesc });
}
let launchPathURI = Services.io.newURI(href, null, null);
let manifestURI = Services.io.newURI(aApp.manifestURL, null, null);
if (aUninstall) {
continue;
}
if (SystemMessagePermissionsChecker
.isSystemMessagePermittedToRegister("activity",
aApp.manifestURL,
aManifest)) {
msgmgr.registerPage("activity", launchPathURI, manifestURI);
let launchPathURI = Services.io.newURI(href, null, null);
let manifestURI = Services.io.newURI(aApp.manifestURL, null, null);
if (SystemMessagePermissionsChecker
.isSystemMessagePermittedToRegister("activity",
aApp.manifestURL,
aManifest)) {
msgmgr.registerPage("activity", launchPathURI, manifestURI);
}
}
}
return activitiesToRegister;
@@ -1074,28 +1085,6 @@ this.DOMApplicationRegistry = {
this._registerActivitiesForApps([{ manifest: aManifest, app: aApp }], aRunUpdate);
},
// |aEntryPoint| is either the entry_point name or the null in which case we
// use the root of the manifest.
_createActivitiesToUnregister: function(aManifest, aApp, aEntryPoint) {
let activitiesToUnregister = [];
let root = aManifest;
if (aEntryPoint && aManifest.entry_points[aEntryPoint]) {
root = aManifest.entry_points[aEntryPoint];
}
if (!root.activities) {
return activitiesToUnregister;
}
for (let activity in root.activities) {
let description = root.activities[activity];
activitiesToUnregister.push({ "manifest": aApp.manifestURL,
"name": activity,
"description": description });
}
return activitiesToUnregister;
},
// |aAppsToUnregister| contains an array of apps to be unregistered, where
// each element is an object in the format of {manifest: foo, app: bar}.
_unregisterActivitiesForApps: function(aAppsToUnregister) {
@@ -1105,7 +1094,7 @@ this.DOMApplicationRegistry = {
let manifest = aApp.manifest;
let app = aApp.app;
activitiesToUnregister.push.apply(activitiesToUnregister,
this._createActivitiesToUnregister(manifest, app, null));
this._createActivitiesToRegister(manifest, app, null, false, true));
if (!manifest.entry_points) {
return;
@@ -1113,7 +1102,7 @@ this.DOMApplicationRegistry = {
for (let entryPoint in manifest.entry_points) {
activitiesToUnregister.push.apply(activitiesToUnregister,
this._createActivitiesToUnregister(manifest, app, entryPoint));
this._createActivitiesToRegister(manifest, app, entryPoint, false, true));
}
}, this);
image/decoders/icon/gtk/nsIconChannel.cpp
+1
View File
@@ -207,6 +207,7 @@ ScaleIconBuf(GdkPixbuf** aBuf, int32_t iconSize)
}
return NS_OK;
}
nsresult
nsIconChannel::InitWithGIO(nsIMozIconURI* aIconURI)
{
image/encoders/png/nsPNGEncoder.cpp
+3
View File
@@ -524,6 +524,7 @@ nsPNGEncoder::ParseOptions(const nsAString& aOptions,
}
/* void close (); */
NS_IMETHODIMP
nsPNGEncoder::Close()
{
@@ -537,6 +538,7 @@ nsPNGEncoder::Close()
return NS_OK;
}
/* unsigned long available (); */
NS_IMETHODIMP
nsPNGEncoder::Available(uint64_t* _retval)
{
@@ -590,6 +592,7 @@ nsPNGEncoder::ReadSegments(nsWriteSegmentFun aWriter,
return NS_OK;
}
/* boolean isNonBlocking (); */
NS_IMETHODIMP
nsPNGEncoder::IsNonBlocking(bool* _retval)
{
js/public/UbiNode.h
+7 -7
View File
@@ -145,13 +145,13 @@ namespace ubi {
class Edge;
class EdgeRange;
}
}
} // namespace ubi
} // namespace JS
namespace mozilla {
template<>
class DefaultDelete<JS::ubi::EdgeRange> : public JS::DeletePolicy<JS::ubi::EdgeRange> { };
}
} // namespace mozilla
namespace JS {
namespace ubi {
@@ -258,8 +258,8 @@ class JS_FRIEND_API(Base) {
}
private:
Base(const Base &rhs) = delete;
Base &operator=(const Base &rhs) = delete;
Base(const Base& rhs) = delete;
Base& operator=(const Base& rhs) = delete;
};
// A traits template with a specialization for each referent type that
@@ -681,10 +681,10 @@ template<> struct Concrete<JSString> : TracerConcrete<JSString> {
size_t size(mozilla::MallocSizeOf mallocSizeOf) const override;
protected:
explicit Concrete(JSString* ptr) : TracerConcrete<JSString>(ptr) { }
explicit Concrete(JSString *ptr) : TracerConcrete<JSString>(ptr) { }
public:
static void construct(void* storage, JSString* ptr) { new (storage) Concrete(ptr); }
static void construct(void *storage, JSString *ptr) { new (storage) Concrete(ptr); }
};
// The ubi::Node null pointer. Any attempt to operate on a null ubi::Node asserts.
js/src/builtin/SIMD.cpp
+1 -1
View File
@@ -524,7 +524,7 @@ SIMDObject::initClass(JSContext* cx, Handle<GlobalObject*> global)
}
JSObject*
js::InitSIMDClass(JSContext *cx, HandleObject obj)
js::InitSIMDClass(JSContext* cx, HandleObject obj)
{
MOZ_ASSERT(obj->is<GlobalObject>());
Rooted<GlobalObject*> global(cx, &obj->as<GlobalObject>());
js/src/builtin/SIMD.h
+1 -1
View File
@@ -505,7 +505,7 @@ INT32X4_FUNCTION_LIST(DECLARE_SIMD_INT32x4_FUNCTION)
#undef DECLARE_SIMD_INT32x4_FUNCTION
JSObject*
InitSIMDClass(JSContext *cx, HandleObject obj);
InitSIMDClass(JSContext* cx, HandleObject obj);
} /* namespace js */
js/src/ctypes/CTypes.cpp
+6 -6
View File
@@ -327,7 +327,7 @@ namespace FunctionType {
bool ReturnTypeGetter(JSContext* cx, const JS::CallArgs& args);
bool ABIGetter(JSContext* cx, const JS::CallArgs& args);
bool IsVariadicGetter(JSContext* cx, const JS::CallArgs& args);
}
} // namespace FunctionType
namespace CClosure {
static void Trace(JSTracer* trc, JSObject* obj);
@@ -348,7 +348,7 @@ namespace CClosure {
void** args;
ClosureInfo* cinfo;
};
}
} // namespace CClosure
namespace CData {
static void Finalize(JSFreeOp* fop, JSObject* obj);
@@ -1488,7 +1488,7 @@ TypeError(JSContext* cx, const char* expected, HandleValue actual)
static JSObject*
InitCTypeClass(JSContext* cx, HandleObject ctypesObj)
{
JSFunction *fun = JS_DefineFunction(cx, ctypesObj, "CType", ConstructAbstract, 0,
JSFunction* fun = JS_DefineFunction(cx, ctypesObj, "CType", ConstructAbstract, 0,
CTYPESCTOR_FLAGS);
if (!fun)
return nullptr;
@@ -5245,7 +5245,7 @@ ArrayType::Getter(JSContext* cx, HandleObject obj, HandleId idval, MutableHandle
bool
ArrayType::Setter(JSContext* cx, HandleObject obj, HandleId idval, MutableHandleValue vp,
ObjectOpResult &result)
ObjectOpResult& result)
{
// This should never happen, but we'll check to be safe.
if (!CData::IsCData(obj)) {
@@ -7649,7 +7649,7 @@ CDataFinalizer::Construct(JSContext* cx, unsigned argc, Value* vp)
// Get arguments
if (args.length() == 0) { // Special case: the empty (already finalized) object
JSObject *objResult = JS_NewObjectWithGivenProto(cx, &sCDataFinalizerClass, objProto);
JSObject* objResult = JS_NewObjectWithGivenProto(cx, &sCDataFinalizerClass, objProto);
args.rval().setObject(*objResult);
return true;
}
@@ -7748,7 +7748,7 @@ CDataFinalizer::Construct(JSContext* cx, unsigned argc, Value* vp)
// 5. Create |objResult|
JSObject *objResult = JS_NewObjectWithGivenProto(cx, &sCDataFinalizerClass, objProto);
JSObject* objResult = JS_NewObjectWithGivenProto(cx, &sCDataFinalizerClass, objProto);
if (!objResult) {
return false;
}
js/src/ctypes/Library.cpp
+1 -1
View File
@@ -147,7 +147,7 @@ Library::Create(JSContext* cx, Value path_, const JSCTypesCallbacks* callbacks)
PRLibrary* library = PR_LoadLibraryWithFlags(libSpec, 0);
if (!library) {
char *error = (char*) JS_malloc(cx, PR_GetErrorTextLength() + 1);
char* error = (char*) JS_malloc(cx, PR_GetErrorTextLength() + 1);
if (error)
PR_GetErrorText(error);
js/src/frontend/ParseNode.h
+13 -13
View File
@@ -637,8 +637,8 @@ class ParseNode
} unary;
struct { /* name, labeled statement, etc. */
union {
JSAtom* atom; /* lexical name or label atom */
ObjectBox* objbox; /* block or regexp object */
JSAtom* atom; /* lexical name or label atom */
ObjectBox* objbox; /* block or regexp object */
FunctionBox* funbox; /* function object */
};
union {
@@ -1375,7 +1375,7 @@ struct ClassMethod : public BinaryNode {
};
struct ClassNames : public BinaryNode {
ClassNames(ParseNode *outerBinding, ParseNode *innerBinding, const TokenPos &pos)
ClassNames(ParseNode* outerBinding, ParseNode* innerBinding, const TokenPos& pos)
: BinaryNode(PNK_CLASSNAMES, JSOP_NOP, pos, outerBinding, innerBinding)
{
MOZ_ASSERT_IF(outerBinding, outerBinding->isKind(PNK_NAME));
@@ -1383,7 +1383,7 @@ struct ClassNames : public BinaryNode {
MOZ_ASSERT_IF(outerBinding, innerBinding->pn_atom == outerBinding->pn_atom);
}
static bool test(const ParseNode &node) {
static bool test(const ParseNode& node) {
bool match = node.isKind(PNK_CLASSNAMES);
MOZ_ASSERT_IF(match, node.isArity(PN_BINARY));
return match;
@@ -1397,16 +1397,16 @@ struct ClassNames : public BinaryNode {
* giving the methods access to the static members of the class even if
* the outer binding has been overwritten.
*/
ParseNode *outerBinding() const {
ParseNode* outerBinding() const {
return pn_u.binary.left;
}
ParseNode *innerBinding() const {
ParseNode* innerBinding() const {
return pn_u.binary.right;
}
};
struct ClassNode : public TernaryNode {
ClassNode(ParseNode *names, ParseNode *heritage, ParseNode *methodsOrBlock)
ClassNode(ParseNode* names, ParseNode* heritage, ParseNode* methodsOrBlock)
: TernaryNode(PNK_CLASS, JSOP_NOP, names, heritage, methodsOrBlock)
{
MOZ_ASSERT_IF(names, names->is<ClassNames>());
@@ -1414,28 +1414,28 @@ struct ClassNode : public TernaryNode {
methodsOrBlock->isKind(PNK_CLASSMETHODLIST));
}
static bool test(const ParseNode &node) {
static bool test(const ParseNode& node) {
bool match = node.isKind(PNK_CLASS);
MOZ_ASSERT_IF(match, node.isArity(PN_TERNARY));
return match;
}
ClassNames *names() const {
ClassNames* names() const {
return pn_kid1 ? &pn_kid1->as<ClassNames>() : nullptr;
}
ParseNode *heritage() const {
ParseNode* heritage() const {
return pn_kid2;
}
ParseNode *methodList() const {
ParseNode* methodList() const {
if (pn_kid3->isKind(PNK_CLASSMETHODLIST))
return pn_kid3;
MOZ_ASSERT(pn_kid3->is<LexicalScopeNode>());
ParseNode *list = pn_kid3->pn_expr;
ParseNode* list = pn_kid3->pn_expr;
MOZ_ASSERT(list->isKind(PNK_CLASSMETHODLIST));
return list;
}
ObjectBox *scopeObject() const {
ObjectBox* scopeObject() const {
MOZ_ASSERT(pn_kid3->is<LexicalScopeNode>());
return pn_kid3->pn_objbox;
}
js/src/gc/GCInternals.h
+2 -2
View File
@@ -155,7 +155,7 @@ struct MovingTracer : JS::CallbackTracer
class AutoMaybeStartBackgroundAllocation
{
private:
JSRuntime *runtime;
JSRuntime* runtime;
MOZ_DECL_USE_GUARD_OBJECT_NOTIFIER
public:
@@ -165,7 +165,7 @@ class AutoMaybeStartBackgroundAllocation
MOZ_GUARD_OBJECT_NOTIFIER_INIT;
}
void tryToStartBackgroundAllocation(JSRuntime *rt) {
void tryToStartBackgroundAllocation(JSRuntime* rt) {
runtime = rt;
}
js/src/gc/Memory.cpp
+59
View File
@@ -103,6 +103,8 @@ InitMemorySubsystem()
}
}
# if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
static inline void*
MapMemoryAt(void* desired, size_t length, int flags, int prot = PAGE_READWRITE)
{
@@ -279,6 +281,57 @@ GetPageFaultCount()
return pmc.PageFaultCount;
}
# else // Various APIs are unavailable.
void*
MapAlignedPages(size_t size, size_t alignment)
{
MOZ_ASSERT(size >= alignment);
MOZ_ASSERT(size % alignment == 0);
MOZ_ASSERT(size % pageSize == 0);
MOZ_ASSERT(alignment % allocGranularity == 0);
void* p = _aligned_malloc(size, alignment);
MOZ_ASSERT(OffsetFromAligned(p, alignment) == 0);
return p;
}
static void*
MapAlignedPagesLastDitch(size_t size, size_t alignment)
{
return nullptr;
}
void
UnmapPages(void* p, size_t size)
{
_aligned_free(p);
}
bool
MarkPagesUnused(void* p, size_t size)
{
MOZ_ASSERT(OffsetFromAligned(p, pageSize) == 0);
return true;
}
bool
MarkPagesInUse(void* p, size_t size)
{
MOZ_ASSERT(OffsetFromAligned(p, pageSize) == 0);
return true;
}
size_t
GetPageFaultCount()
{
// GetProcessMemoryInfo is unavailable.
return 0;
}
# endif
void*
AllocateMappedContent(int fd, size_t offset, size_t length, size_t alignment)
{
@@ -323,6 +376,12 @@ MapAlignedPages(size_t size, size_t alignment)
return p;
}
static void*
MapAlignedPagesLastDitch(size_t size, size_t alignment)
{
return nullptr;
}
void
UnmapPages(void* p, size_t size)
{
js/src/jit-test/tests/self-test/getBacktrace-bug1138195.js
+8
View File
@@ -0,0 +1,8 @@
function f(x) {
for (var i = 0; i < 40; ++i) {
var stack = getBacktrace({args: true});
(function() { g = x;});
}
}
f(1);
js/src/jit/CodeGenerator.h
+24 -24
View File
@@ -208,19 +208,19 @@ class CodeGenerator : public CodeGeneratorSpecific
void visitBoundsCheck(LBoundsCheck* lir);
void visitBoundsCheckRange(LBoundsCheckRange* lir);
void visitBoundsCheckLower(LBoundsCheckLower* lir);
void visitLoadFixedSlotV(LLoadFixedSlotV *ins);
void visitLoadFixedSlotT(LLoadFixedSlotT *ins);
void visitStoreFixedSlotV(LStoreFixedSlotV *ins);
void visitStoreFixedSlotT(LStoreFixedSlotT *ins);
void visitLoadFixedSlotV(LLoadFixedSlotV* ins);
void visitLoadFixedSlotT(LLoadFixedSlotT* ins);
void visitStoreFixedSlotV(LStoreFixedSlotV* ins);
void visitStoreFixedSlotT(LStoreFixedSlotT* ins);
void emitGetPropertyPolymorphic(LInstruction* lir, Register obj,
Register scratch, const TypedOrValueRegister &output);
void visitGetPropertyPolymorphicV(LGetPropertyPolymorphicV *ins);
void visitGetPropertyPolymorphicT(LGetPropertyPolymorphicT *ins);
Register scratch, const TypedOrValueRegister& output);
void visitGetPropertyPolymorphicV(LGetPropertyPolymorphicV* ins);
void visitGetPropertyPolymorphicT(LGetPropertyPolymorphicT* ins);
void emitSetPropertyPolymorphic(LInstruction* lir, Register obj,
Register scratch, const ConstantOrRegister &value);
void visitSetPropertyPolymorphicV(LSetPropertyPolymorphicV *ins);
void visitArraySplice(LArraySplice *splice);
void visitSetPropertyPolymorphicT(LSetPropertyPolymorphicT *ins);
Register scratch, const ConstantOrRegister& value);
void visitSetPropertyPolymorphicV(LSetPropertyPolymorphicV* ins);
void visitArraySplice(LArraySplice* splice);
void visitSetPropertyPolymorphicT(LSetPropertyPolymorphicT* ins);
void visitAbsI(LAbsI* lir);
void visitAtan2D(LAtan2D* lir);
void visitHypot(LHypot* lir);
@@ -251,11 +251,11 @@ class CodeGenerator : public CodeGeneratorSpecific
void visitCallInitElementArray(LCallInitElementArray* lir);
void visitThrow(LThrow* lir);
void visitTypeOfV(LTypeOfV* lir);
void visitOutOfLineTypeOfV(OutOfLineTypeOfV *ool);
void visitOutOfLineTypeOfV(OutOfLineTypeOfV* ool);
void visitToIdV(LToIdV* lir);
template<typename T> void emitLoadElementT(LLoadElementT* lir, const T &source);
template<typename T> void emitLoadElementT(LLoadElementT* lir, const T& source);
void visitLoadElementT(LLoadElementT* lir);
void visitLoadElementV(LLoadElementV *load);
void visitLoadElementV(LLoadElementV* load);
void visitLoadElementHole(LLoadElementHole* lir);
void visitLoadUnboxedPointerV(LLoadUnboxedPointerV* lir);
void visitLoadUnboxedPointerT(LLoadUnboxedPointerT* lir);
@@ -300,19 +300,19 @@ class CodeGenerator : public CodeGeneratorSpecific
void visitRunOncePrologue(LRunOncePrologue* lir);
void emitRest(LInstruction* lir, Register array, Register numActuals,
Register temp0, Register temp1, unsigned numFormals,
JSObject *templateObject, bool saveAndRestore, Register resultreg);
JSObject* templateObject, bool saveAndRestore, Register resultreg);
void visitRest(LRest* lir);
void visitCallSetProperty(LCallSetProperty *ins);
void visitCallSetProperty(LCallSetProperty* ins);
void visitCallDeleteProperty(LCallDeleteProperty* lir);
void visitCallDeleteElement(LCallDeleteElement* lir);
void visitBitNotV(LBitNotV* lir);
void visitBitOpV(LBitOpV* lir);
void emitInstanceOf(LInstruction *ins, JSObject *prototypeObject);
void visitIn(LIn *ins);
void visitInArray(LInArray *ins);
void visitInstanceOfO(LInstanceOfO *ins);
void visitInstanceOfV(LInstanceOfV *ins);
void visitCallInstanceOf(LCallInstanceOf *ins);
void emitInstanceOf(LInstruction* ins, JSObject* prototypeObject);
void visitIn(LIn* ins);
void visitInArray(LInArray* ins);
void visitInstanceOfO(LInstanceOfO* ins);
void visitInstanceOfV(LInstanceOfV* ins);
void visitCallInstanceOf(LCallInstanceOf* ins);
void visitGetDOMProperty(LGetDOMProperty* lir);
void visitGetDOMMemberV(LGetDOMMemberV* lir);
void visitGetDOMMemberT(LGetDOMMemberT* lir);
@@ -320,13 +320,13 @@ class CodeGenerator : public CodeGeneratorSpecific
void visitCallDOMNative(LCallDOMNative* lir);
void visitCallGetIntrinsicValue(LCallGetIntrinsicValue* lir);
void visitIsCallable(LIsCallable* lir);
void visitOutOfLineIsCallable(OutOfLineIsCallable *ool);
void visitOutOfLineIsCallable(OutOfLineIsCallable* ool);
void visitIsObject(LIsObject* lir);
void visitIsObjectAndBranch(LIsObjectAndBranch* lir);
void visitHasClass(LHasClass* lir);
void visitAsmJSParameter(LAsmJSParameter* lir);
void visitAsmJSReturn(LAsmJSReturn* ret);
void visitAsmJSVoidReturn(LAsmJSVoidReturn *ret);
void visitAsmJSVoidReturn(LAsmJSVoidReturn* ret);
void visitLexicalCheck(LLexicalCheck* ins);
void visitThrowUninitializedLexical(LThrowUninitializedLexical* ins);
void visitDebugger(LDebugger* ins);
js/src/jit/Ion.h
+8 -8
View File
@@ -183,22 +183,22 @@ TooManyFormalArguments(unsigned nargs)
}
inline size_t
NumLocalsAndArgs(JSScript *script)
NumLocalsAndArgs(JSScript* script)
{
size_t num = 1 /* this */ + script->nfixed();
if (JSFunction *fun = script->functionNonDelazifying())
if (JSFunction* fun = script->functionNonDelazifying())
num += fun->nargs();
return num;
}
bool OffThreadCompilationAvailable(JSContext *cx);
bool OffThreadCompilationAvailable(JSContext* cx);
void ForbidCompilation(JSContext *cx, JSScript *script);
void ForbidCompilation(JSContext* cx, JSScript* script);
void PurgeCaches(JSScript *script);
size_t SizeOfIonData(JSScript *script, mozilla::MallocSizeOf mallocSizeOf);
void DestroyJitScripts(FreeOp *fop, JSScript *script);
void TraceJitScripts(JSTracer* trc, JSScript *script);
void PurgeCaches(JSScript* script);
size_t SizeOfIonData(JSScript* script, mozilla::MallocSizeOf mallocSizeOf);
void DestroyJitScripts(FreeOp* fop, JSScript* script);
void TraceJitScripts(JSTracer* trc, JSScript* script);
bool JitSupportsFloatingPoint();
bool JitSupportsSimd();
js/src/jit/LIR.h
+17 -17
View File
@@ -993,40 +993,40 @@ namespace details {
size_t numDefs() const final override {
return Defs;
}
LDefinition *getDef(size_t index) final override {
LDefinition* getDef(size_t index) final override {
return &defs_[index];
}
size_t numTemps() const final override {
return Temps;
}
LDefinition *getTemp(size_t index) final override {
LDefinition* getTemp(size_t index) final override {
return &temps_[index];
}
void setDef(size_t index, const LDefinition &def) final override {
void setDef(size_t index, const LDefinition& def) final override {
defs_[index] = def;
}
void setTemp(size_t index, const LDefinition &a) final override {
void setTemp(size_t index, const LDefinition& a) final override {
temps_[index] = a;
}
size_t numSuccessors() const override {
return 0;
}
MBasicBlock *getSuccessor(size_t i) const override {
MBasicBlock* getSuccessor(size_t i) const override {
MOZ_ASSERT(false);
return nullptr;
}
void setSuccessor(size_t i, MBasicBlock *successor) override {
void setSuccessor(size_t i, MBasicBlock* successor) override {
MOZ_ASSERT(false);
}
// Default accessors, assuming a single input and output, respectively.
const LAllocation *input() {
const LAllocation* input() {
MOZ_ASSERT(numOperands() == 1);
return getOperand(0);
}
const LDefinition *output() {
const LDefinition* output() {
MOZ_ASSERT(numDefs() == 1);
return getDef(0);
}
@@ -1042,10 +1042,10 @@ class LInstructionHelper : public details::LInstructionFixedDefsTempsHelper<Defs
size_t numOperands() const final override {
return Operands;
}
LAllocation *getOperand(size_t index) final override {
LAllocation* getOperand(size_t index) final override {
return &operands_[index];
}
void setOperand(size_t index, const LAllocation &a) final override {
void setOperand(size_t index, const LAllocation& a) final override {
operands_[index] = a;
}
};
@@ -1056,16 +1056,16 @@ class LVariadicInstruction : public details::LInstructionFixedDefsTempsHelper<De
FixedList<LAllocation> operands_;
public:
bool init(TempAllocator &alloc, size_t length) {
bool init(TempAllocator& alloc, size_t length) {
return operands_.init(alloc, length);
}
size_t numOperands() const final override {
return operands_.length();
}
LAllocation *getOperand(size_t index) final override {
LAllocation* getOperand(size_t index) final override {
return &operands_[index];
}
void setOperand(size_t index, const LAllocation &a) final override {
void setOperand(size_t index, const LAllocation& a) final override {
operands_[index] = a;
}
};
@@ -1364,7 +1364,7 @@ class LSafepoint : public TempObject
liveRegs_.addUnchecked(reg);
assertInvariants();
}
const LiveRegisterSet &liveRegs() const {
const LiveRegisterSet& liveRegs() const {
return liveRegs_;
}
#ifdef CHECK_OSIPOINT_REGISTERS
@@ -1372,7 +1372,7 @@ class LSafepoint : public TempObject
clobberedRegs_.addUnchecked(reg);
assertInvariants();
}
const LiveRegisterSet &clobberedRegs() const {
const LiveRegisterSet& clobberedRegs() const {
return clobberedRegs_;
}
#endif
@@ -1389,11 +1389,11 @@ class LSafepoint : public TempObject
assertInvariants();
return result;
}
SlotList &gcSlots() {
SlotList& gcSlots() {
return gcSlots_;
}
SlotList &slotsOrElementsSlots() {
SlotList& slotsOrElementsSlots() {
return slotsOrElementsSlots_;
}
LiveGeneralRegisterSet slotsOrElementsRegs() const {
js/src/jit/Linker.h
+1 -1
View File
@@ -23,7 +23,7 @@ class Linker
{
MacroAssembler& masm;
JitCode *fail(JSContext *cx) {
JitCode* fail(JSContext* cx) {
ReportOutOfMemory(cx);
return nullptr;
}
js/src/jit/MIRGraph.h
+1 -1
View File
@@ -57,7 +57,7 @@ class MBasicBlock : public TempObject, public InlineListNode<MBasicBlock>
// This block cannot be reached by any means.
bool unreachable_;
MResumePoint *callerResumePoint_;
MResumePoint* callerResumePoint_;
// Pushes a copy of a local variable or argument.
void pushVariable(uint32_t slot);
js/src/jit/OptimizationTracking.h
+4 -4
View File
@@ -323,7 +323,7 @@ class IonTrackedOptimizationsRegion
// Find the index of tracked optimization info (e.g., type info and
// attempts) at a native code offset.
mozilla::Maybe<uint8_t> findIndex(uint32_t offset, uint32_t *entryOffsetOut) const;
mozilla::Maybe<uint8_t> findIndex(uint32_t offset, uint32_t* entryOffsetOut) const;
// For the variants below, S stands for startDelta, L for length, and I
// for index. These were automatically generated from training on the
@@ -503,14 +503,14 @@ class IonTrackedOptimizationsTypeInfo
class ForEachOpAdapter : public ForEachOp
{
JS::ForEachTrackedOptimizationTypeInfoOp &op_;
JS::ForEachTrackedOptimizationTypeInfoOp& op_;
public:
explicit ForEachOpAdapter(JS::ForEachTrackedOptimizationTypeInfoOp &op)
explicit ForEachOpAdapter(JS::ForEachTrackedOptimizationTypeInfoOp& op)
: op_(op)
{ }
void readType(const IonTrackedTypeWithAddendum &tracked) override;
void readType(const IonTrackedTypeWithAddendum& tracked) override;
void operator()(JS::TrackedTypeSite site, MIRType mirType) override;
};
js/src/jit/Recover.cpp
+4 -4
View File
@@ -1308,23 +1308,23 @@ RLambda::recover(JSContext* cx, SnapshotIterator& iter) const
}
bool
MSimdBox::writeRecoverData(CompactBufferWriter &writer) const
MSimdBox::writeRecoverData(CompactBufferWriter& writer) const
{
MOZ_ASSERT(canRecoverOnBailout());
writer.writeUnsigned(uint32_t(RInstruction::Recover_SimdBox));
SimdTypeDescr &simdTypeDescr = templateObject()->typeDescr().as<SimdTypeDescr>();
SimdTypeDescr& simdTypeDescr = templateObject()->typeDescr().as<SimdTypeDescr>();
SimdTypeDescr::Type type = simdTypeDescr.type();
writer.writeByte(uint8_t(type));
return true;
}
RSimdBox::RSimdBox(CompactBufferReader &reader)
RSimdBox::RSimdBox(CompactBufferReader& reader)
{
type_ = reader.readByte();
}
bool
RSimdBox::recover(JSContext* cx, SnapshotIterator &iter) const
RSimdBox::recover(JSContext* cx, SnapshotIterator& iter) const
{
JSObject* resultObject = nullptr;
RValueAllocation a = iter.readAllocation();
js/src/jit/Recover.h
+2 -2
View File
@@ -732,7 +732,7 @@ class RSimdBox final : public RInstruction
return 1;
}
bool recover(JSContext* cx, SnapshotIterator &iter) const;
bool recover(JSContext* cx, SnapshotIterator& iter) const;
};
class RObjectState final : public RInstruction
@@ -795,7 +795,7 @@ class RAssertRecoveredOnBailout final : public RInstruction
return 1;
}
bool recover(JSContext *cx, SnapshotIterator &iter) const;
bool recover(JSContext* cx, SnapshotIterator& iter) const;
};
#undef RINSTRUCTION_HEADER_
js/src/jit/Registers.h
+1 -1
View File
@@ -154,7 +154,7 @@ class MachineState
static MachineState FromBailout(RegisterDump::GPRArray& regs, RegisterDump::FPUArray& fpregs);
void setRegisterLocation(Register reg, uintptr_t* up) {
regs_[reg.code()] = (Registers::RegisterContent* ) up;
regs_[reg.code()] = (Registers::RegisterContent*) up;
}
void setRegisterLocation(FloatRegister reg, float* fp) {
MOZ_ASSERT(reg.isSingle());
js/src/jit/TypePolicy.h
+10 -10
View File
@@ -324,7 +324,7 @@ class SimdAllPolicy final : public TypePolicy
{
public:
SPECIALIZATION_DATA_;
virtual bool adjustInputs(TempAllocator &alloc, MInstruction *ins) override;
virtual bool adjustInputs(TempAllocator& alloc, MInstruction* ins) override;
};
template <unsigned Op>
@@ -332,21 +332,21 @@ class SimdPolicy final : public TypePolicy
{
public:
SPECIALIZATION_DATA_;
virtual bool adjustInputs(TempAllocator &alloc, MInstruction *ins) override;
virtual bool adjustInputs(TempAllocator& alloc, MInstruction* ins) override;
};
class SimdSelectPolicy final : public TypePolicy
{
public:
SPECIALIZATION_DATA_;
virtual bool adjustInputs(TempAllocator &alloc, MInstruction *ins) override;
virtual bool adjustInputs(TempAllocator& alloc, MInstruction* ins) override;
};
class SimdShufflePolicy final : public TypePolicy
{
public:
SPECIALIZATION_DATA_;
virtual bool adjustInputs(TempAllocator &alloc, MInstruction *ins) override;
virtual bool adjustInputs(TempAllocator& alloc, MInstruction* ins) override;
};
// SIMD value-type policy, use the returned type of the instruction to determine
@@ -454,36 +454,36 @@ class StoreTypedArrayElementStaticPolicy;
class StoreUnboxedScalarPolicy : public TypePolicy
{
private:
static bool adjustValueInput(TempAllocator &alloc, MInstruction *ins, Scalar::Type arrayType,
MDefinition *value, int valueOperand);
static bool adjustValueInput(TempAllocator& alloc, MInstruction* ins, Scalar::Type arrayType,
MDefinition* value, int valueOperand);
friend class StoreTypedArrayHolePolicy;
friend class StoreTypedArrayElementStaticPolicy;
public:
EMPTY_DATA_;
virtual bool adjustInputs(TempAllocator &alloc, MInstruction *ins) override;
virtual bool adjustInputs(TempAllocator& alloc, MInstruction* ins) override;
};
class StoreTypedArrayHolePolicy final : public StoreUnboxedScalarPolicy
{
public:
EMPTY_DATA_;
virtual bool adjustInputs(TempAllocator &alloc, MInstruction *ins) override;
virtual bool adjustInputs(TempAllocator& alloc, MInstruction* ins) override;
};
class StoreTypedArrayElementStaticPolicy final : public StoreUnboxedScalarPolicy
{
public:
EMPTY_DATA_;
virtual bool adjustInputs(TempAllocator &alloc, MInstruction *ins) override;
virtual bool adjustInputs(TempAllocator& alloc, MInstruction* ins) override;
};
class StoreUnboxedObjectOrNullPolicy final : public TypePolicy
{
public:
EMPTY_DATA_;
virtual bool adjustInputs(TempAllocator &alloc, MInstruction *def) override;
virtual bool adjustInputs(TempAllocator& alloc, MInstruction* def) override;
};
// Accepts integers and doubles. Everything else is boxed.
js/src/jit/VMFunctions.h
+2 -2
View File
@@ -57,7 +57,7 @@ enum MaybeTailCall {
// specified. In this case, the return type must be boolean to indicate
// failure.
//
// All functions described by VMFunction take a JSContext* as a first
// All functions described by VMFunction take a JSContext * as a first
// argument, and are treated as re-entrant into the VM and therefore fallible.
struct VMFunction
{
@@ -68,7 +68,7 @@ struct VMFunction
// Address of the C function.
void* wrapped;
// Number of arguments expected, excluding JSContext* as an implicit
// Number of arguments expected, excluding JSContext * as an implicit
// first argument and an outparam as a possible implicit final argument.
uint32_t explicitArgs;
js/src/jit/mips32/Architecture-mips32.h
+2 -2
View File
@@ -12,8 +12,6 @@
#include <limits.h>
#include <stdint.h>
#include "js/Utility.h"
#define REGISTERS_NAMES \
{ "zero", "at", "v0", "v1", "a0", "a1", "a2", "a3", \
"t0", "t1", "t2", "t3", "t4", "t5", "t6", "t7", \
@@ -33,6 +31,8 @@
#include "jit/mips-shared/Architecture-mips-shared.h"
#include "js/Utility.h"
namespace js {
namespace jit {
js/src/jit/none/Architecture-none.h
+2 -2
View File
@@ -122,12 +122,12 @@ struct FloatRegister
bool equiv(FloatRegister) const { MOZ_CRASH(); }
uint32_t size() const { MOZ_CRASH(); }
uint32_t numAlignedAliased() const { MOZ_CRASH(); }
void alignedAliased(uint32_t, FloatRegister *) { MOZ_CRASH(); }
void alignedAliased(uint32_t, FloatRegister*) { MOZ_CRASH(); }
SetType alignedOrDominatedAliasedSet() const { MOZ_CRASH(); }
template <typename T> static T ReduceSetForPush(T) { MOZ_CRASH(); }
uint32_t getRegisterDumpOffsetInBytes() { MOZ_CRASH(); }
static uint32_t SetSize(SetType x) { MOZ_CRASH(); }
static Code FromName(const char *name) { MOZ_CRASH(); }
static Code FromName(const char* name) { MOZ_CRASH(); }
// This is used in static initializers, so produce a bogus value instead of crashing.
static uint32_t GetPushSizeInBytes(const TypedRegisterSet<FloatRegister>&) { return 0; }
js/src/jit/shared/Lowering-shared-inl.h
+5 -5
View File
@@ -36,7 +36,7 @@ LIRGeneratorShared::use(MDefinition* mir, LUse policy)
}
template <size_t X> void
LIRGeneratorShared::define(details::LInstructionFixedDefsTempsHelper<1, X> *lir, MDefinition *mir,
LIRGeneratorShared::define(details::LInstructionFixedDefsTempsHelper<1, X>* lir, MDefinition* mir,
LDefinition::Policy policy)
{
LDefinition::Type type = LDefinition::TypeFrom(mir->type());
@@ -44,8 +44,8 @@ LIRGeneratorShared::define(details::LInstructionFixedDefsTempsHelper<1, X> *lir,
}
template <size_t X> void
LIRGeneratorShared::define(details::LInstructionFixedDefsTempsHelper<1, X> *lir, MDefinition *mir,
const LDefinition &def)
LIRGeneratorShared::define(details::LInstructionFixedDefsTempsHelper<1, X>* lir, MDefinition* mir,
const LDefinition& def)
{
// Call instructions should use defineReturn.
MOZ_ASSERT(!lir->isCall());
@@ -320,7 +320,7 @@ LIRGeneratorShared::useRegisterOrConstantAtStart(MDefinition* mir)
}
LAllocation
LIRGeneratorShared::useRegisterOrZeroAtStart(MDefinition *mir)
LIRGeneratorShared::useRegisterOrZeroAtStart(MDefinition* mir)
{
if (mir->isConstant() && mir->toConstant()->value().isInt32(0))
return LAllocation();
@@ -550,7 +550,7 @@ LIRGeneratorShared::useRegisterForTypedLoad(MDefinition* mir, MIRType type)
}
void
LIRGeneratorShared::useBox(LInstruction *lir, size_t n, MDefinition *mir,
LIRGeneratorShared::useBox(LInstruction* lir, size_t n, MDefinition* mir,
LUse::Policy policy, bool useAtStart)
{
MOZ_ASSERT(mir->type() == MIRType_Value);
js/src/jit/shared/Lowering-shared.h
+2 -2
View File
@@ -107,7 +107,7 @@ class LIRGeneratorShared : public MDefinitionVisitor
inline LAllocation useKeepaliveOrConstant(MDefinition* mir);
inline LAllocation useRegisterOrConstant(MDefinition* mir);
inline LAllocation useRegisterOrConstantAtStart(MDefinition* mir);
inline LAllocation useRegisterOrZeroAtStart(MDefinition *mir);
inline LAllocation useRegisterOrZeroAtStart(MDefinition* mir);
inline LAllocation useRegisterOrNonDoubleConstant(MDefinition* mir);
inline LUse useRegisterForTypedLoad(MDefinition* mir, MIRType type);
@@ -150,7 +150,7 @@ class LIRGeneratorShared : public MDefinitionVisitor
LDefinition::Policy policy = LDefinition::REGISTER);
template <size_t X>
inline void define(details::LInstructionFixedDefsTempsHelper<1, X>* lir, MDefinition* mir,
const LDefinition &def);
const LDefinition& def);
template <size_t Ops, size_t Temps>
inline void defineReuseInput(LInstructionHelper<1, Ops, Temps>* lir, MDefinition* mir, uint32_t operand);
js/src/jsapi-tests/testChromeBuffer.cpp
+1 -1
View File
@@ -63,8 +63,8 @@ BEGIN_TEST(testChromeBuffer)
* buffer space.
*/
{
JSRuntimeOptions oldOptions = JS::RuntimeOptionsRef(rt);
// Disable the JIT because if we don't this test fails. See bug 1160414.
JS::RuntimeOptions oldOptions = JS::RuntimeOptionsRef(rt);
JS::RuntimeOptionsRef(rt).setIon(false).setBaseline(false);
{
JSAutoCompartment ac(cx, trusted_glob);
js/src/jsapi-tests/testGCAllocator.cpp
+21 -4
View File
@@ -30,14 +30,19 @@
BEGIN_TEST(testGCAllocator)
{
size_t PageSize = 0;
#if defined(XP_WIN)
# if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
SYSTEM_INFO sysinfo;
GetSystemInfo(&sysinfo);
const size_t PageSize = sysinfo.dwPageSize;
PageSize = sysinfo.dwPageSize;
# else // Various APIs are unavailable. This test is disabled.
return true;
# endif
#elif defined(SOLARIS)
return true;
#elif defined(XP_UNIX)
const size_t PageSize = size_t(sysconf(_SC_PAGESIZE));
PageSize = size_t(sysconf(_SC_PAGESIZE));
#else
return true;
#endif
@@ -269,6 +274,7 @@ positionIsCorrect(const char* str, void* base, void** chunkPool, int tempChunks,
}
#if defined(XP_WIN)
# if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
void*
mapMemoryAt(void* desired, size_t length)
@@ -288,8 +294,19 @@ unmapPages(void* p, size_t size)
MOZ_ALWAYS_TRUE(VirtualFree(p, 0, MEM_RELEASE));
}
#elif defined(SOLARIS)
// This test doesn't apply to Solaris.
# else // Various APIs are unavailable. This test is disabled.
void* mapMemoryAt(void* desired, size_t length) { return nullptr; }
void* mapMemory(size_t length) { return nullptr; }
void unmapPages(void* p, size_t size) { }
# endif
#elif defined(SOLARIS) // This test doesn't apply to Solaris.
void* mapMemoryAt(void* desired, size_t length) { return nullptr; }
void* mapMemory(size_t length) { return nullptr; }
void unmapPages(void* p, size_t size) { }
#elif defined(XP_UNIX)
void*
js/src/jsapi.h
+4 -4
View File
@@ -2666,9 +2666,9 @@ class MutablePropertyDescriptorOperations : public PropertyDescriptorOperations<
JS::MutableHandleObject object() {
return JS::MutableHandleObject::fromMarkedLocation(&desc()->obj);
}
unsigned &attributesRef() { return desc()->attrs; }
JSGetterOp &getter() { return desc()->getter; }
JSSetterOp &setter() { return desc()->setter; }
unsigned& attributesRef() { return desc()->attrs; }
JSGetterOp& getter() { return desc()->getter; }
JSSetterOp& setter() { return desc()->setter; }
JS::MutableHandleValue value() {
return JS::MutableHandleValue::fromMarkedLocation(&desc()->value);
}
@@ -5405,7 +5405,7 @@ GetSavedFrameSource(JSContext* cx, HandleObject savedFrame, MutableHandleString
* Given a SavedFrame JSObject, get its line property. Defaults to 0.
*/
extern JS_PUBLIC_API(SavedFrameResult)
GetSavedFrameLine(JSContext *cx, HandleObject savedFrame, uint32_t *linep);
GetSavedFrameLine(JSContext* cx, HandleObject savedFrame, uint32_t* linep);
/*
* Given a SavedFrame JSObject, get its column property. Defaults to 0.
js/src/jsarray.cpp
+8 -1
View File
@@ -612,7 +612,14 @@ js::ArraySetLength(JSContext* cx, Handle<ArrayObject*> arr, HandleId id,
// that element must prevent any deletions below it. Bug 586842 should
// fix this inefficiency by moving indexed storage to be entirely
// separate from non-indexed storage.
if (!arr->isIndexed()) {
// A second reason for this optimization to be invalid is an active
// for..in iteration over the array. Keys deleted before being reached
// during the iteration must not be visited, and suppressing them here
// would be too costly.
ObjectGroup* arrGroup = arr->getGroup(cx);
if (!arr->isIndexed() &&
!MOZ_UNLIKELY(!arrGroup || arrGroup->hasAllFlags(OBJECT_FLAG_ITERATED)))
{
if (!arr->maybeCopyElementsForWrite(cx))
return false;
js/src/jsgc.h
+4 -4
View File
@@ -1269,11 +1269,11 @@ enum VerifierType {
#ifdef JS_GC_ZEAL
extern const char *ZealModeHelpText;
extern const char* ZealModeHelpText;
/* Check that write barriers have been used correctly. See jsgc.cpp. */
void
VerifyBarriers(JSRuntime *rt, VerifierType type);
VerifyBarriers(JSRuntime* rt, VerifierType type);
void
MaybeVerifyBarriers(JSContext* cx, bool always = false);
@@ -1341,8 +1341,8 @@ class ZoneList
ZoneList& operator=(const ZoneList& other) = delete;
};
JSObject *
NewMemoryStatisticsObject(JSContext *cx);
JSObject*
NewMemoryStatisticsObject(JSContext* cx);
} /* namespace gc */
js/src/jsiter.cpp
+5 -5
View File
@@ -511,8 +511,8 @@ Compare(T* a, T* b, size_t c)
static bool legacy_iterator_next(JSContext* cx, unsigned argc, Value* vp);
static inline PropertyIteratorObject *
NewPropertyIteratorObject(JSContext *cx, unsigned flags)
static inline PropertyIteratorObject*
NewPropertyIteratorObject(JSContext* cx, unsigned flags)
{
if (flags & JSITER_ENUMERATE) {
RootedObjectGroup group(cx, ObjectGroup::defaultNewGroup(cx, &PropertyIteratorObject::class_,
@@ -520,18 +520,18 @@ NewPropertyIteratorObject(JSContext *cx, unsigned flags)
if (!group)
return nullptr;
const Class *clasp = &PropertyIteratorObject::class_;
const Class* clasp = &PropertyIteratorObject::class_;
RootedShape shape(cx, EmptyShape::getInitialShape(cx, clasp, TaggedProto(nullptr),
ITERATOR_FINALIZE_KIND));
if (!shape)
return nullptr;
JSObject *obj = JSObject::create(cx, ITERATOR_FINALIZE_KIND,
JSObject* obj = JSObject::create(cx, ITERATOR_FINALIZE_KIND,
GetInitialHeap(GenericObject, clasp), shape, group);
if (!obj)
return nullptr;
PropertyIteratorObject *res = &obj->as<PropertyIteratorObject>();
PropertyIteratorObject* res = &obj->as<PropertyIteratorObject>();
MOZ_ASSERT(res->numFixedSlots() == JSObject::ITER_CLASS_NFIXED_SLOTS);
return res;
js/src/jsnativestack.cpp
+4
View File
@@ -47,6 +47,10 @@ js::GetNativeStackBaseImpl()
PNT_TIB64 pTib = reinterpret_cast<PNT_TIB64>(NtCurrentTeb());
return reinterpret_cast<void*>(pTib->StackBase);
# elif defined(_M_ARM)
PNT_TIB pTib = reinterpret_cast<PNT_TIB>(NtCurrentTeb());
return static_cast<void*>(pTib->StackBase);
# elif defined(_WIN32) && defined(__GNUC__)
NT_TIB* pTib;
asm ("movl %%fs:0x18, %0\n" : "=r" (pTib));
js/src/jsnum.cpp
+1 -1
View File
@@ -681,7 +681,7 @@ Int32ToCString(ToCStringBuf* cbuf, int32_t i, size_t* len, int base = 10)
}
template <AllowGC allowGC>
static JSString *
static JSString*
NumberToStringWithBase(ExclusiveContext* cx, double d, int base);
MOZ_ALWAYS_INLINE bool
js/src/jsobj.cpp
+8 -8
View File
@@ -871,7 +871,7 @@ js::NewObjectWithGroupCommon(ExclusiveContext* cx, HandleObjectGroup group,
return nullptr;
if (isCachable && !obj->as<NativeObject>().hasDynamicSlots()) {
NewObjectCache &cache = cx->asJSContext()->runtime()->newObjectCache;
NewObjectCache& cache = cx->asJSContext()->runtime()->newObjectCache;
NewObjectCache::EntryIndex entry = -1;
cache.lookupGroup(group, allocKind, &entry);
cache.fillGroup(entry, group, allocKind, &obj->as<NativeObject>());
@@ -915,7 +915,7 @@ js::CreateThis(JSContext* cx, const Class* newclasp, HandleObject callee)
return NewObjectWithClassProto(cx, newclasp, proto, kind);
}
static inline JSObject*
static inline JSObject*
CreateThisForFunctionWithGroup(JSContext* cx, HandleObjectGroup group,
NewObjectKind newKind)
{
@@ -2678,7 +2678,7 @@ js::DefineProperty(ExclusiveContext* cx, HandleObject obj, PropertyName* name, H
bool
js::DefineElement(ExclusiveContext* cx, HandleObject obj, uint32_t index, HandleValue value,
JSGetterOp getter, JSSetterOp setter, unsigned attrs)
JSGetterOp getter, JSSetterOp setter, unsigned attrs)
{
MOZ_ASSERT(getter != JS_PropertyStub);
MOZ_ASSERT(setter != JS_StrictPropertyStub);
@@ -3237,7 +3237,7 @@ dumpValue(const Value& v)
}
JS_FRIEND_API(void)
js::DumpValue(const Value &val)
js::DumpValue(const Value& val)
{
dumpValue(val);
fputc('\n', stderr);
@@ -3635,17 +3635,17 @@ JSObject::sizeOfIncludingThisInNursery() const
MOZ_ASSERT(!isTenured());
const Nursery &nursery = compartment()->runtimeFromAnyThread()->gc.nursery;
const Nursery& nursery = compartment()->runtimeFromAnyThread()->gc.nursery;
size_t size = Arena::thingSize(allocKindForTenure(nursery));
if (is<NativeObject>()) {
const NativeObject &native = as<NativeObject>();
const NativeObject& native = as<NativeObject>();
size += native.numFixedSlots() * sizeof(Value);
size += native.numDynamicSlots() * sizeof(Value);
if (native.hasDynamicElements()) {
js::ObjectElements &elements = *native.getElementsHeader();
js::ObjectElements& elements = *native.getElementsHeader();
if (!elements.isCopyOnWrite() || elements.ownerObject() == this)
size += elements.capacity * sizeof(HeapSlot);
}
@@ -3660,7 +3660,7 @@ JSObject::sizeOfIncludingThisInNursery() const
size_t
JS::ubi::Concrete<JSObject>::size(mozilla::MallocSizeOf mallocSizeOf) const
{
JSObject &obj = get();
JSObject& obj = get();
if (!obj.isTenured())
return obj.sizeOfIncludingThisInNursery();
js/src/jsobjinlines.h
+12 -12
View File
@@ -363,16 +363,16 @@ JSObject::create(js::ExclusiveContext* cx, js::gc::AllocKind kind, js::gc::Initi
}
inline void
JSObject::setInitialShapeMaybeNonNative(js::Shape *shape)
JSObject::setInitialShapeMaybeNonNative(js::Shape* shape)
{
static_cast<js::NativeObject *>(this)->shape_.init(shape);
static_cast<js::NativeObject*>(this)->shape_.init(shape);
}
inline void
JSObject::setShapeMaybeNonNative(js::Shape *shape)
JSObject::setShapeMaybeNonNative(js::Shape* shape)
{
MOZ_ASSERT(!is<js::UnboxedPlainObject>());
static_cast<js::NativeObject *>(this)->shape_ = shape;
static_cast<js::NativeObject*>(this)->shape_ = shape;
}
inline void
@@ -382,12 +382,12 @@ JSObject::setInitialSlotsMaybeNonNative(js::HeapSlot* slots)
}
inline void
JSObject::setInitialElementsMaybeNonNative(js::HeapSlot *elements)
JSObject::setInitialElementsMaybeNonNative(js::HeapSlot* elements)
{
static_cast<js::NativeObject *>(this)->elements_ = elements;
static_cast<js::NativeObject*>(this)->elements_ = elements;
}
inline js::GlobalObject &
inline js::GlobalObject&
JSObject::global() const
{
/*
@@ -487,7 +487,7 @@ JSObject::wasNewScriptCleared() const
namespace js {
static MOZ_ALWAYS_INLINE bool
IsFunctionObject(const js::Value &v)
IsFunctionObject(const js::Value& v)
{
return v.isObject() && v.toObject().is<JSFunction>();
}
@@ -689,15 +689,15 @@ NewObjectWithClassProto(ExclusiveContext* cx, const Class* clasp, HandleObject p
* Create a native instance of the given class with parent and proto set
* according to the context's active global.
*/
inline JSObject *
NewBuiltinClassInstance(ExclusiveContext *cx, const Class *clasp, gc::AllocKind allocKind,
inline JSObject*
NewBuiltinClassInstance(ExclusiveContext* cx, const Class* clasp, gc::AllocKind allocKind,
NewObjectKind newKind = GenericObject)
{
return NewObjectWithClassProto(cx, clasp, nullptr, allocKind, newKind);
}
inline JSObject *
NewBuiltinClassInstance(ExclusiveContext *cx, const Class *clasp, NewObjectKind newKind = GenericObject)
inline JSObject*
NewBuiltinClassInstance(ExclusiveContext* cx, const Class* clasp, NewObjectKind newKind = GenericObject)
{
gc::AllocKind allocKind = gc::GetGCObjectKind(clasp);
return NewBuiltinClassInstance(cx, clasp, allocKind, newKind);
js/src/jsscript.h
+1 -1
View File
@@ -66,7 +66,7 @@ CopyScript(JSContext* cx, HandleObject scriptStaticScope, HandleScript src, Hand
} // namespace detail
}
} // namespace js
/*
* Type of try note associated with each catch or finally block, and also with
js/src/jsstr.h
+4 -4
View File
@@ -115,14 +115,14 @@ js_strncpy(char16_t* dst, const char16_t* src, size_t nelem)
namespace js {
/* Initialize the String class, returning its prototype object. */
extern JSObject *
InitStringClass(JSContext *cx, HandleObject obj);
extern JSObject*
InitStringClass(JSContext* cx, HandleObject obj);
/*
* Convert a value to a printable C string.
*/
extern const char *
ValueToPrintable(JSContext *cx, const Value &, JSAutoByteString *bytes, bool asSource = false);
extern const char*
ValueToPrintable(JSContext* cx, const Value&, JSAutoByteString* bytes, bool asSource = false);
extern mozilla::UniquePtr<char[], JS::FreePolicy>
DuplicateString(ExclusiveContext* cx, const char* s);
js/src/jstypes.h
+2 -2
View File
@@ -199,9 +199,9 @@
** size. Use them like this:
**
** JSGetterOp nativeGetter;
** JSObject *scriptedGetter;
** JSObject* scriptedGetter;
** ...
** scriptedGetter = JS_FUNC_TO_DATA_PTR(JSObject *, nativeGetter);
** scriptedGetter = JS_FUNC_TO_DATA_PTR(JSObject*, nativeGetter);
** ...
** nativeGetter = JS_DATA_TO_FUNC_PTR(JSGetterOp, scriptedGetter);
**
js/src/jswrapper.h
+1 -1
View File
@@ -120,7 +120,7 @@ class JS_FRIEND_API(CrossCompartmentWrapper) : public Wrapper
virtual bool ownPropertyKeys(JSContext* cx, HandleObject wrapper,
AutoIdVector& props) const override;
virtual bool delete_(JSContext* cx, HandleObject wrapper, HandleId id,
ObjectOpResult &result) const override;
ObjectOpResult& result) const override;
virtual bool enumerate(JSContext* cx, HandleObject wrapper, MutableHandleObject objp) const override;
virtual bool getPrototype(JSContext* cx, HandleObject proxy,
MutableHandleObject protop) const override;
js/src/tests/ecma/Array/array-length-set-during-for-in.js
+10
View File
@@ -0,0 +1,10 @@
var a = [0, 1];
var iterations = 0;
for (var k in a) {
iterations++;
a.length = 1;
}
assertEq(iterations, 1);
if (typeof reportCompare === "function")
reportCompare(true, true);
js/src/vm/BooleanObject.h
+1 -1
View File
@@ -40,7 +40,7 @@ class BooleanObject : public NativeObject
/* For access to init, as Boolean.prototype is special. */
friend JSObject*
js::InitBooleanClass(JSContext *cx, js::HandleObject global);
js::InitBooleanClass(JSContext* cx, js::HandleObject global);
};
} // namespace js
js/src/vm/Interpreter.h
+4 -4
View File
@@ -341,7 +341,7 @@ class MOZ_STACK_CLASS TryNoteIter
};
bool
HandleClosingGeneratorReturn(JSContext *cx, AbstractFramePtr frame, bool ok);
HandleClosingGeneratorReturn(JSContext* cx, AbstractFramePtr frame, bool ok);
/************************************************************************/
@@ -445,13 +445,13 @@ bool
InitGetterSetterOperation(JSContext* cx, jsbytecode* pc, HandleObject obj, HandleId id,
HandleObject val);
unsigned
GetInitDataPropAttrs(JSOp op);
bool
InitGetterSetterOperation(JSContext* cx, jsbytecode* pc, HandleObject obj, HandlePropertyName name,
HandleObject val);
unsigned
GetInitDataPropAttrs(JSOp op);
bool
EnterWithOperation(JSContext* cx, AbstractFramePtr frame, HandleValue val, HandleObject staticWith);
js/src/vm/Stack.h
+6 -6
View File
@@ -30,8 +30,8 @@ struct JSCompartment;
namespace JS {
namespace dbg {
class AutoEntryMonitor;
}
}
} // namespace dbg
} // namespace JS
namespace js {
@@ -608,7 +608,7 @@ class InterpreterFrame
inline void pushOnScopeChain(ScopeObject& scope);
inline void popOffScopeChain();
inline void replaceInnermostScope(ScopeObject &scope);
inline void replaceInnermostScope(ScopeObject& scope);
/*
* For blocks with aliased locals, these interfaces push and pop entries on
@@ -619,7 +619,7 @@ class InterpreterFrame
bool pushBlock(JSContext* cx, StaticBlockObject& block);
void popBlock(JSContext* cx);
bool freshenBlock(JSContext *cx);
bool freshenBlock(JSContext* cx);
/*
* With
@@ -1392,11 +1392,11 @@ class Activation
return offsetof(Activation, prevProfiling_);
}
SavedFrame *asyncStack() {
SavedFrame* asyncStack() {
return asyncStack_;
}
JSString *asyncCause() {
JSString* asyncCause() {
return asyncCause_;
}
js/src/vm/String-inl.h
+21 -21
View File
@@ -125,7 +125,7 @@ JSRope::new_(js::ExclusiveContext* cx,
{
if (!validateLength(cx, length))
return nullptr;
JSRope *str = static_cast<JSRope *>(js::Allocate<JSString, allowGC>(cx));
JSRope* str = static_cast<JSRope*>(js::Allocate<JSString, allowGC>(cx));
if (!str)
return nullptr;
str->init(cx, left, right, length);
@@ -133,7 +133,7 @@ JSRope::new_(js::ExclusiveContext* cx,
}
MOZ_ALWAYS_INLINE void
JSDependentString::init(js::ExclusiveContext *cx, JSLinearString *base, size_t start,
JSDependentString::init(js::ExclusiveContext* cx, JSLinearString* base, size_t start,
size_t length)
{
MOZ_ASSERT(start + length <= base->length());
@@ -180,7 +180,7 @@ JSDependentString::new_(js::ExclusiveContext* cx, JSLinearString* baseArg, size_
: js::NewInlineString<char16_t>(cx, base, start, length);
}
JSDependentString *str = static_cast<JSDependentString *>(js::Allocate<JSString, js::NoGC>(cx));
JSDependentString* str = static_cast<JSDependentString*>(js::Allocate<JSString, js::NoGC>(cx));
if (str) {
str->init(cx, baseArg, start, length);
return str;
@@ -188,7 +188,7 @@ JSDependentString::new_(js::ExclusiveContext* cx, JSLinearString* baseArg, size_
js::RootedLinearString base(cx, baseArg);
str = static_cast<JSDependentString *>(js::Allocate<JSString>(cx));
str = static_cast<JSDependentString*>(js::Allocate<JSString>(cx));
if (!str)
return nullptr;
str->init(cx, base, start, length);
@@ -196,7 +196,7 @@ JSDependentString::new_(js::ExclusiveContext* cx, JSLinearString* baseArg, size_
}
MOZ_ALWAYS_INLINE void
JSFlatString::init(const char16_t *chars, size_t length)
JSFlatString::init(const char16_t* chars, size_t length)
{
d.u1.length = length;
d.u1.flags = FLAT_BIT;
@@ -220,7 +220,7 @@ JSFlatString::new_(js::ExclusiveContext* cx, const CharT* chars, size_t length)
if (!validateLength(cx, length))
return nullptr;
JSFlatString *str = static_cast<JSFlatString *>(js::Allocate<JSString, allowGC>(cx));
JSFlatString* str = static_cast<JSFlatString*>(js::Allocate<JSString, allowGC>(cx));
if (!str)
return nullptr;
@@ -244,15 +244,15 @@ JSFlatString::toPropertyName(JSContext* cx)
}
template <js::AllowGC allowGC>
MOZ_ALWAYS_INLINE JSThinInlineString *
JSThinInlineString::new_(js::ExclusiveContext *cx)
MOZ_ALWAYS_INLINE JSThinInlineString*
JSThinInlineString::new_(js::ExclusiveContext* cx)
{
return static_cast<JSThinInlineString *>(js::Allocate<JSString, allowGC>(cx));
return static_cast<JSThinInlineString*>(js::Allocate<JSString, allowGC>(cx));
}
template <js::AllowGC allowGC>
MOZ_ALWAYS_INLINE JSFatInlineString *
JSFatInlineString::new_(js::ExclusiveContext *cx)
MOZ_ALWAYS_INLINE JSFatInlineString*
JSFatInlineString::new_(js::ExclusiveContext* cx)
{
return js::Allocate<JSFatInlineString, allowGC>(cx);
}
@@ -308,15 +308,15 @@ JSExternalString::init(const char16_t* chars, size_t length, const JSStringFinal
d.s.u3.externalFinalizer = fin;
}
MOZ_ALWAYS_INLINE JSExternalString *
JSExternalString::new_(JSContext *cx, const char16_t *chars, size_t length,
const JSStringFinalizer *fin)
MOZ_ALWAYS_INLINE JSExternalString*
JSExternalString::new_(JSContext* cx, const char16_t* chars, size_t length,
const JSStringFinalizer* fin)
{
MOZ_ASSERT(chars[length] == 0);
if (!validateLength(cx, length))
return nullptr;
JSExternalString *str = js::Allocate<JSExternalString>(cx);
JSExternalString* str = js::Allocate<JSExternalString>(cx);
if (!str)
return nullptr;
str->init(chars, length, fin);
@@ -347,7 +347,7 @@ js::StaticStrings::getLength2(char16_t c1, char16_t c2)
}
MOZ_ALWAYS_INLINE void
JSString::finalize(js::FreeOp *fop)
JSString::finalize(js::FreeOp* fop)
{
/* FatInline strings are in a different arena. */
MOZ_ASSERT(getAllocKind() != js::gc::AllocKind::FAT_INLINE_STRING);
@@ -359,7 +359,7 @@ JSString::finalize(js::FreeOp *fop)
}
inline void
JSFlatString::finalize(js::FreeOp *fop)
JSFlatString::finalize(js::FreeOp* fop)
{
MOZ_ASSERT(getAllocKind() != js::gc::AllocKind::FAT_INLINE_STRING);
@@ -368,7 +368,7 @@ JSFlatString::finalize(js::FreeOp *fop)
}
inline void
JSFatInlineString::finalize(js::FreeOp *fop)
JSFatInlineString::finalize(js::FreeOp* fop)
{
MOZ_ASSERT(getAllocKind() == js::gc::AllocKind::FAT_INLINE_STRING);
@@ -377,7 +377,7 @@ JSFatInlineString::finalize(js::FreeOp *fop)
}
inline void
JSAtom::finalize(js::FreeOp *fop)
JSAtom::finalize(js::FreeOp* fop)
{
MOZ_ASSERT(JSString::isAtom());
MOZ_ASSERT(JSString::isFlat());
@@ -387,9 +387,9 @@ JSAtom::finalize(js::FreeOp *fop)
}
inline void
JSExternalString::finalize(js::FreeOp *fop)
JSExternalString::finalize(js::FreeOp* fop)
{
const JSStringFinalizer *fin = externalFinalizer();
const JSStringFinalizer* fin = externalFinalizer();
fin->finalize(fin, const_cast<char16_t*>(rawTwoByteChars()));
}
js/src/vm/TypeInference-inl.h
+8 -8
View File
@@ -397,13 +397,13 @@ HasTypePropertyId(JSObject* obj, jsid id, TypeSet::Type type)
}
inline bool
HasTypePropertyId(JSObject* obj, jsid id, const Value &value)
HasTypePropertyId(JSObject* obj, jsid id, const Value& value)
{
return HasTypePropertyId(obj, id, TypeSet::GetValueType(value));
}
void AddTypePropertyId(ExclusiveContext* cx, ObjectGroup* group, JSObject* obj, jsid id, TypeSet::Type type);
void AddTypePropertyId(ExclusiveContext* cx, ObjectGroup* group, JSObject* obj, jsid id, const Value &value);
void AddTypePropertyId(ExclusiveContext* cx, ObjectGroup* group, JSObject* obj, jsid id, const Value& value);
/* Add a possible type for a property of obj. */
inline void
@@ -584,7 +584,7 @@ TypeScript::MonitorAssign(JSContext* cx, HandleObject obj, jsid id)
// But if we don't have too many properties yet, don't do anything. The
// idea here is that normal object initialization should not trigger
// deoptimization in most cases, while actual usage as a hashmap should.
ObjectGroup *group = obj->group();
ObjectGroup* group = obj->group();
if (group->basePropertyCount() < 128)
return;
MarkObjectGroupUnknownProperties(cx, group);
@@ -991,8 +991,8 @@ ObjectGroup::setBasePropertyCount(uint32_t count)
| (count << OBJECT_FLAG_PROPERTY_COUNT_SHIFT);
}
inline HeapTypeSet *
ObjectGroup::getProperty(ExclusiveContext *cx, JSObject *obj, jsid id)
inline HeapTypeSet*
ObjectGroup::getProperty(ExclusiveContext* cx, JSObject* obj, jsid id)
{
MOZ_ASSERT(JSID_IS_VOID(id) || JSID_IS_EMPTY(id) || JSID_IS_STRING(id) || JSID_IS_SYMBOL(id));
MOZ_ASSERT_IF(!JSID_IS_EMPTY(id), id == IdToTypeId(id));
@@ -1000,17 +1000,17 @@ ObjectGroup::getProperty(ExclusiveContext *cx, JSObject *obj, jsid id)
MOZ_ASSERT_IF(obj, obj->group() == this);
MOZ_ASSERT_IF(singleton(), obj);
if (HeapTypeSet *types = maybeGetProperty(id))
if (HeapTypeSet* types = maybeGetProperty(id))
return types;
Property *base = cx->typeLifoAlloc().new_<Property>(id);
Property* base = cx->typeLifoAlloc().new_<Property>(id);
if (!base) {
markUnknown(cx);
return nullptr;
}
uint32_t propertyCount = basePropertyCount();
Property **pprop = TypeHashSet::Insert<jsid, Property, Property>
Property** pprop = TypeHashSet::Insert<jsid, Property, Property>
(cx->typeLifoAlloc(), propertySet, propertyCount, id);
if (!pprop) {
markUnknown(cx);
mfbt/Char16.h
+1 -5
View File
@@ -49,7 +49,7 @@ typedef unsigned int char32_t;
#endif
#ifdef MOZ_USE_CHAR16_WRAPPER
# include <string>
# include <cstdint>
/**
* Win32 API extensively uses wchar_t, which is represented by a separated
* builtin type than char16_t per spec. It's not the case for MSVC prior to
@@ -93,10 +93,6 @@ public:
{
return mPtr != nullptr;
}
operator std::wstring() const
{
return std::wstring(static_cast<const wchar_t*>(*this));
}
/* Explicit cast operators to allow things like (char16_t*)str. */
explicit operator char16_t*() const
mfbt/Compression.cpp
+14 -4
View File
@@ -7,16 +7,26 @@
#include "mozilla/Compression.h"
#include "mozilla/CheckedInt.h"
// Without including <string>, MSVC 2015 complains about e.g. the impossibility
// to convert `const void* const` to `void*` when calling memchr from
// corecrt_memory.h.
#include <string>
// Because we wrap lz4.c in an anonymous namespace, all of its #includes
// go in the anonymous namespace too. This would create conflicting
// declarations for intrinsic functions that are internally defined
// at top-level. Including intrin.h here prevents it from being included
// later within the anonymous namespace.
#ifdef _MSC_VER
#include <intrin.h>
#endif
using namespace mozilla::Compression;
namespace {
extern "C" {
#include "lz4.c"
}
}/* anonymous namespace */
/* Our wrappers */
mfbt/Endian.h
+2
View File
@@ -89,6 +89,8 @@
#elif defined(_WIN32)
# if defined(_M_IX86)
# define MOZ_LITTLE_ENDIAN 1
# elif defined(_M_ARM)
# define MOZ_LITTLE_ENDIAN 1
# else
# error "CPU type is unknown"
# endif
mfbt/GuardObjects.h
+31 -16
View File
@@ -10,12 +10,20 @@
#define mozilla_GuardObjects_h
#include "mozilla/Assertions.h"
#include "mozilla/Move.h"
#include "mozilla/Types.h"
#ifdef __cplusplus
#ifdef DEBUG
/**
* A custom define is used rather than |mozPoisonValue()| due to cascading
* build failures relating to how mfbt is linked on different operating
* systems. See bug 1160253.
*/
#define MOZ_POISON uintptr_t(-1)
namespace mozilla {
namespace detail {
@@ -73,9 +81,20 @@ private:
bool* mStatementDone;
public:
GuardObjectNotifier() : mStatementDone(nullptr) { }
GuardObjectNotifier()
: mStatementDone(reinterpret_cast<bool*>(MOZ_POISON))
{
}
~GuardObjectNotifier() { *mStatementDone = true; }
~GuardObjectNotifier()
{
// Assert that the GuardObjectNotifier has been properly initialized by
// using the |MOZ_GUARD_OBJECT_NOTIFIER_INIT| macro. A poison value is
// used rather than a null check to appease static analyzers that were
// (incorrectly) detecting null pointer dereferences.
MOZ_ASSERT(mStatementDone != reinterpret_cast<bool*>(MOZ_POISON));
*mStatementDone = true;
}
void setStatementDone(bool* aStatementIsDone)
{
@@ -100,40 +119,36 @@ public:
MOZ_ASSERT(mStatementDone);
}
void init(const GuardObjectNotifier& aConstNotifier)
void init(GuardObjectNotifier& aNotifier)
{
/*
* aConstNotifier is passed as a const reference so that we can pass a
* temporary, but we really intend it as non-const.
*/
GuardObjectNotifier& notifier =
const_cast<GuardObjectNotifier&>(aConstNotifier);
notifier.setStatementDone(&mStatementDone);
aNotifier.setStatementDone(&mStatementDone);
}
};
} /* namespace detail */
} /* namespace mozilla */
#undef MOZ_POISON
#endif /* DEBUG */
#ifdef DEBUG
# define MOZ_DECL_USE_GUARD_OBJECT_NOTIFIER \
mozilla::detail::GuardObjectNotificationReceiver _mCheckNotUsedAsTemporary;
# define MOZ_GUARD_OBJECT_NOTIFIER_PARAM \
, const mozilla::detail::GuardObjectNotifier& _notifier = \
, mozilla::detail::GuardObjectNotifier&& _notifier = \
mozilla::detail::GuardObjectNotifier()
# define MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM \
const mozilla::detail::GuardObjectNotifier& _notifier = \
mozilla::detail::GuardObjectNotifier&& _notifier = \
mozilla::detail::GuardObjectNotifier()
# define MOZ_GUARD_OBJECT_NOTIFIER_PARAM_IN_IMPL \
, const mozilla::detail::GuardObjectNotifier& _notifier
, mozilla::detail::GuardObjectNotifier&& _notifier
# define MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM_IN_IMPL \
const mozilla::detail::GuardObjectNotifier& _notifier
mozilla::detail::GuardObjectNotifier&& _notifier
# define MOZ_GUARD_OBJECT_NOTIFIER_PARAM_TO_PARENT \
, _notifier
, mozilla::Move(_notifier)
# define MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM_TO_PARENT \
_notifier
mozilla::Move(_notifier)
# define MOZ_GUARD_OBJECT_NOTIFIER_INIT \
do { _mCheckNotUsedAsTemporary.init(_notifier); } while (0)
#else
mfbt/IndexSequence.h
+1 -1
View File
@@ -109,7 +109,7 @@ struct MakeIndexSequenceImpl<N, IndexTuple<Indices...>>
typedef IndexSequence<Indices...> Type;
};
} // namespace detail
} // namespace detail
/**
* A utility for building an IndexSequence of consecutive indices.
mfbt/SegmentedVector.h
+33
View File
@@ -92,6 +92,13 @@ class SegmentedVector : private AllocPolicy
new (elem) T(mozilla::Forward<U>(aU));
}
void PopLast()
{
MOZ_ASSERT(mLength > 0);
(*this)[mLength - 1].~T();
mLength--;
}
uint32_t mLength;
// The union ensures that the elements are appropriately aligned.
@@ -185,6 +192,32 @@ public:
}
}
T& GetLast()
{
MOZ_ASSERT(!IsEmpty());
Segment* last = mSegments.getLast();
return (*last)[last->Length() - 1];
}
const T& GetLast() const
{
MOZ_ASSERT(!IsEmpty());
Segment* last = mSegments.getLast();
return (*last)[last->Length() - 1];
}
void PopLast()
{
MOZ_ASSERT(!IsEmpty());
Segment* last = mSegments.getLast();
last->PopLast();
if (!last->Length()) {
mSegments.popLast();
last->~Segment();
this->free_(last);
}
}
// Use this class to iterate over a SegmentedVector, like so:
//
// for (auto iter = v.Iter(); !iter.Done(); iter.Next()) {
mfbt/SplayTree.h
+36 -7
View File
@@ -13,6 +13,7 @@
#define mozilla_SplayTree_h
#include "mozilla/Assertions.h"
#include "mozilla/Attributes.h"
namespace mozilla {
@@ -55,7 +56,7 @@ class SplayTree
T* mRoot;
public:
SplayTree()
MOZ_CONSTEXPR SplayTree()
: mRoot(nullptr)
{}
@@ -86,15 +87,12 @@ public:
T* last = lookup(*aValue);
int cmp = Comparator::compare(*aValue, *last);
T** parentPointer = (cmp < 0) ? &last->mLeft : &last->mRight;
MOZ_ASSERT(!*parentPointer);
*parentPointer = aValue;
aValue->mParent = last;
splay(aValue);
finishInsertion(last, cmp, aValue);
return true;
}
T* findOrInsert(const T& aValue);
T* remove(const T& aValue)
{
T* last = lookup(aValue);
@@ -196,6 +194,19 @@ private:
return parent;
}
T* finishInsertion(T* aLast, int32_t aCmp, T* aNew)
{
MOZ_ASSERT(aCmp, "Nodes shouldn't be equal!");
T** parentPointer = (aCmp < 0) ? &aLast->mLeft : &aLast->mRight;
MOZ_ASSERT(!*parentPointer);
*parentPointer = aNew;
aNew->mParent = aLast;
splay(aNew);
return aNew;
}
/**
* Rotate the tree until |node| is at the root of the tree. Performing
* the rotations in this fashion preserves the amortized balancing of
@@ -295,6 +306,24 @@ private:
void operator=(const SplayTree&) = delete;
};
template<typename T, class Comparator>
T*
SplayTree<T, Comparator>::findOrInsert(const T& aValue)
{
if (!mRoot) {
mRoot = new T(aValue);
return mRoot;
}
T* last = lookup(aValue);
int cmp = Comparator::compare(aValue, *last);
if (!cmp) {
return last;
}
return finishInsertion(last, cmp, new T(aValue));
}
} /* namespace mozilla */
#endif /* mozilla_SplayTree_h */
mfbt/Tuple.h
+2 -2
View File
@@ -161,7 +161,7 @@ private:
HeadT mHead; // The element stored at this index in the tuple.
};
} // namespace detail
} // namespace detail
/**
* Tuple is a class that stores zero or more objects, whose types are specified
@@ -242,7 +242,7 @@ auto TupleGetHelper(const TupleImpl<Index, Elements...>& aTuple)
return TupleImpl<Index, Elements...>::Head(aTuple);
}
} // namespace detail
} // namespace detail
/**
* Index-based access to an element of a tuple.
mfbt/TypeTraits.h
+1 -1
View File
@@ -637,7 +637,7 @@ public:
* For obscure reasons, you can't use IsConvertible when the types being tested
* are related through private inheritance, and you'll get a compile error if
* you try. Just don't do it!
*
*
* Note - we need special handling for void, which ConvertibleTester doesn't
* handle. The void handling here doesn't handle const/volatile void correctly,
* which could be easily fixed if the need arises.
mfbt/tests/TestSegmentedVector.cpp
+19 -1
View File
@@ -80,6 +80,22 @@ void TestBasics()
}
MOZ_RELEASE_ASSERT(n == 1000);
// Pop off all of the elements.
MOZ_RELEASE_ASSERT(v.Length() == 1000);
for (int len = (int)v.Length(); len > 0; len--) {
MOZ_RELEASE_ASSERT(v.GetLast() == len - 1);
v.PopLast();
}
MOZ_RELEASE_ASSERT(v.IsEmpty());
MOZ_RELEASE_ASSERT(v.Length() == 0);
// Fill the vector up again to prepare for the clear.
for (i = 0; i < 1000; i++) {
v.InfallibleAppend(mozilla::Move(i));
}
MOZ_RELEASE_ASSERT(!v.IsEmpty());
MOZ_RELEASE_ASSERT(v.Length() == 1000);
v.Clear();
MOZ_RELEASE_ASSERT(v.IsEmpty());
MOZ_RELEASE_ASSERT(v.Length() == 0);
@@ -115,7 +131,9 @@ void TestConstructorsAndDestructors()
gDummy = v.Append(mozilla::Move(y)); // move constructor called
NonPOD z(1); // explicit constructor called
v.InfallibleAppend(mozilla::Move(z)); // move constructor called
v.Clear(); // destructor called 3 times
v.PopLast(); // destructor called 1 time
MOZ_RELEASE_ASSERT(gNumDtors == 1);
v.Clear(); // destructor called 2 times
MOZ_RELEASE_ASSERT(gNumDefaultCtors == 0);
MOZ_RELEASE_ASSERT(gNumExplicitCtors == 3);
mfbt/tests/TestSplayTree.cpp
+45 -1
View File
@@ -105,6 +105,16 @@ struct SplayInt : SplayTreeNode<SplayInt>
int mValue;
};
struct SplayNoCopy : SplayTreeNode<SplayNoCopy>
{
SplayNoCopy(const SplayNoCopy&) = delete;
SplayNoCopy(SplayNoCopy&&) = delete;
static int compare(const SplayNoCopy&, const SplayNoCopy&) {}
};
static SplayTree<SplayNoCopy, SplayNoCopy> testNoCopy;
int
main()
{
@@ -119,13 +129,47 @@ main()
// Insert the values, and check each one is findable just after insertion.
for (int i = 0; i < N; i++) {
tree.insert(new SplayInt(gValues[i]));
MOZ_RELEASE_ASSERT(tree.find(SplayInt(gValues[i])));
SplayInt* inserted = tree.find(SplayInt(gValues[i]));
MOZ_RELEASE_ASSERT(inserted);
MOZ_RELEASE_ASSERT(tree.findOrInsert(SplayInt(gValues[i])) == inserted);
tree.checkCoherency();
}
// Check they're all findable after all insertions.
for (int i = 0; i < N; i++) {
MOZ_RELEASE_ASSERT(tree.find(SplayInt(gValues[i])));
MOZ_RELEASE_ASSERT(tree.findOrInsert(SplayInt(gValues[i])));
tree.checkCoherency();
}
// Check that non-inserted values cannot be found.
MOZ_RELEASE_ASSERT(!tree.find(SplayInt(-1)));
MOZ_RELEASE_ASSERT(!tree.find(SplayInt(N)));
MOZ_RELEASE_ASSERT(!tree.find(SplayInt(0x7fffffff)));
// Remove the values, and check each one is not findable just after removal.
for (int i = 0; i < N; i++) {
SplayInt* removed = tree.remove(SplayInt(gValues[i]));
MOZ_RELEASE_ASSERT(removed->mValue == gValues[i]);
MOZ_RELEASE_ASSERT(!tree.find(*removed));
delete removed;
tree.checkCoherency();
}
MOZ_RELEASE_ASSERT(tree.empty());
// Insert the values, and check each one is findable just after insertion.
for (int i = 0; i < N; i++) {
SplayInt* inserted = tree.findOrInsert(SplayInt(gValues[i]));
MOZ_RELEASE_ASSERT(tree.find(SplayInt(gValues[i])) == inserted);
MOZ_RELEASE_ASSERT(tree.findOrInsert(SplayInt(gValues[i])) == inserted);
tree.checkCoherency();
}
// Check they're all findable after all insertions.
for (int i = 0; i < N; i++) {
MOZ_RELEASE_ASSERT(tree.find(SplayInt(gValues[i])));
MOZ_RELEASE_ASSERT(tree.findOrInsert(SplayInt(gValues[i])));
tree.checkCoherency();
}
netwerk/base/nsFileStreams.cpp
+11 -1
View File
@@ -202,6 +202,11 @@ nsresult
nsFileStreamBase::Read(char* aBuf, uint32_t aCount, uint32_t* aResult)
{
nsresult rv = DoPendingOpen();
if (rv == NS_ERROR_FILE_NOT_FOUND) {
// Don't warn if this is just a deferred file not found.
return rv;
}
NS_ENSURE_SUCCESS(rv, rv);
if (!mFD) {
@@ -408,7 +413,7 @@ nsFileInputStream::Create(nsISupports *aOuter, REFNSIID aIID, void **aResult)
nsresult
nsFileInputStream::Open(nsIFile* aFile, int32_t aIOFlags, int32_t aPerm)
{
{
nsresult rv = NS_OK;
// If the previous file is open, close it
@@ -489,6 +494,11 @@ NS_IMETHODIMP
nsFileInputStream::Read(char* aBuf, uint32_t aCount, uint32_t* _retval)
{
nsresult rv = nsFileStreamBase::Read(aBuf, aCount, _retval);
if (rv == NS_ERROR_FILE_NOT_FOUND) {
// Don't warn if this is a deffered file not found.
return rv;
}
NS_ENSURE_SUCCESS(rv, rv);
// Check if we're at the end of file and need to close
security/certverifier/CNNICHashWhitelist.inc
+5727
View File
File diff suppressed because it is too large Load Diff
security/certverifier/CertVerifier.cpp
-50
View File
@@ -11,7 +11,6 @@
#include "ExtendedValidation.h"
#include "NSSCertDBTrustDomain.h"
#include "NSSErrorsService.h"
#include "PublicKeyPinningService.h"
#include "cert.h"
#include "pk11pub.h"
#include "pkix/pkix.h"
@@ -77,55 +76,6 @@ IsCertBuiltInRoot(CERTCertificate* cert, bool& result) {
return SECSuccess;
}
Result
CertListContainsExpectedKeys(const CERTCertList* certList,
const char* hostname, Time time,
CertVerifier::PinningMode pinningMode)
{
if (pinningMode == CertVerifier::pinningDisabled) {
MOZ_LOG(gCertVerifierLog, LogLevel::Debug,
("Pinning is disabled; not checking keys."));
return Success;
}
if (!certList) {
return Result::FATAL_ERROR_INVALID_ARGS;
}
CERTCertListNode* rootNode = CERT_LIST_TAIL(certList);
if (CERT_LIST_END(rootNode, certList)) {
return Result::FATAL_ERROR_INVALID_ARGS;
}
bool isBuiltInRoot = false;
SECStatus srv = IsCertBuiltInRoot(rootNode->cert, isBuiltInRoot);
if (srv != SECSuccess) {
return MapPRErrorCodeToResult(PR_GetError());
}
// If desired, the user can enable "allow user CA MITM mode", in which
// case key pinning is not enforced for certificates that chain to trust
// anchors that are not in Mozilla's root program
if (!isBuiltInRoot && pinningMode == CertVerifier::pinningAllowUserCAMITM) {
return Success;
}
bool enforceTestMode = (pinningMode == CertVerifier::pinningEnforceTestMode);
bool chainHasValidPins;
nsresult rv = PublicKeyPinningService::ChainHasValidPins(certList,
hostname,
time,
enforceTestMode,
chainHasValidPins);
if (NS_FAILED(rv)) {
return Result::FATAL_ERROR_LIBRARY_FAILURE;
}
if (!chainHasValidPins) {
return Result::ERROR_KEY_PINNING_FAILURE;
}
return Success;
}
static Result
BuildCertChainForOneKeyUsage(NSSCertDBTrustDomain& trustDomain, Input certDER,
Time time, KeyUsage ku1, KeyUsage ku2,
security/certverifier/NSSCertDBTrustDomain.cpp
+105 -4
View File
@@ -22,9 +22,12 @@
#include "prerror.h"
#include "prmem.h"
#include "prprf.h"
#include "PublicKeyPinningService.h"
#include "ScopedNSSTypes.h"
#include "secerr.h"
#include "CNNICHashWhitelist.inc"
using namespace mozilla;
using namespace mozilla::pkix;
@@ -685,6 +688,40 @@ NSSCertDBTrustDomain::VerifyAndMaybeCacheEncodedOCSPResponse(
return rv;
}
static const uint8_t CNNIC_ROOT_CA_SUBJECT_DATA[] =
"\x30\x32\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x0E\x30"
"\x0C\x06\x03\x55\x04\x0A\x13\x05\x43\x4E\x4E\x49\x43\x31\x13\x30\x11\x06"
"\x03\x55\x04\x03\x13\x0A\x43\x4E\x4E\x49\x43\x20\x52\x4F\x4F\x54";
static const uint8_t CNNIC_EV_ROOT_CA_SUBJECT_DATA[] =
"\x30\x81\x8A\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x32"
"\x30\x30\x06\x03\x55\x04\x0A\x0C\x29\x43\x68\x69\x6E\x61\x20\x49\x6E\x74"
"\x65\x72\x6E\x65\x74\x20\x4E\x65\x74\x77\x6F\x72\x6B\x20\x49\x6E\x66\x6F"
"\x72\x6D\x61\x74\x69\x6F\x6E\x20\x43\x65\x6E\x74\x65\x72\x31\x47\x30\x45"
"\x06\x03\x55\x04\x03\x0C\x3E\x43\x68\x69\x6E\x61\x20\x49\x6E\x74\x65\x72"
"\x6E\x65\x74\x20\x4E\x65\x74\x77\x6F\x72\x6B\x20\x49\x6E\x66\x6F\x72\x6D"
"\x61\x74\x69\x6F\x6E\x20\x43\x65\x6E\x74\x65\x72\x20\x45\x56\x20\x43\x65"
"\x72\x74\x69\x66\x69\x63\x61\x74\x65\x73\x20\x52\x6F\x6F\x74";
class WhitelistedCNNICHashBinarySearchComparator
{
public:
explicit WhitelistedCNNICHashBinarySearchComparator(const uint8_t* aTarget,
size_t aTargetLength)
: mTarget(aTarget)
{
MOZ_ASSERT(aTargetLength == CNNIC_WHITELIST_HASH_LEN,
"Hashes should be of the same length.");
}
int operator()(const WhitelistedCNNICHash val) const {
return memcmp(mTarget, val.hash, CNNIC_WHITELIST_HASH_LEN);
}
private:
const uint8_t* mTarget;
};
Result
NSSCertDBTrustDomain::IsChainValid(const DERArray& certArray, Time time)
{
@@ -697,11 +734,75 @@ NSSCertDBTrustDomain::IsChainValid(const DERArray& certArray, Time time)
if (srv != SECSuccess) {
return MapPRErrorCodeToResult(PR_GetError());
}
if (CERT_LIST_EMPTY(certList)) {
return Result::FATAL_ERROR_LIBRARY_FAILURE;
}
Result result = CertListContainsExpectedKeys(certList, mHostname, time,
mPinningMode);
if (result != Success) {
return result;
// If the certificate appears to have been issued by a CNNIC root, only allow
// it if it is on the whitelist.
CERTCertListNode* rootNode = CERT_LIST_TAIL(certList);
if (!rootNode) {
return Result::FATAL_ERROR_LIBRARY_FAILURE;
}
CERTCertificate* root = rootNode->cert;
if (!root) {
return Result::FATAL_ERROR_LIBRARY_FAILURE;
}
if ((root->derSubject.len == sizeof(CNNIC_ROOT_CA_SUBJECT_DATA) - 1 &&
memcmp(root->derSubject.data, CNNIC_ROOT_CA_SUBJECT_DATA,
root->derSubject.len) == 0) ||
(root->derSubject.len == sizeof(CNNIC_EV_ROOT_CA_SUBJECT_DATA) - 1 &&
memcmp(root->derSubject.data, CNNIC_EV_ROOT_CA_SUBJECT_DATA,
root->derSubject.len) == 0)) {
CERTCertListNode* certNode = CERT_LIST_HEAD(certList);
if (!certNode) {
return Result::FATAL_ERROR_LIBRARY_FAILURE;
}
CERTCertificate* cert = certNode->cert;
if (!cert) {
return Result::FATAL_ERROR_LIBRARY_FAILURE;
}
Digest digest;
nsresult nsrv = digest.DigestBuf(SEC_OID_SHA256, cert->derCert.data,
cert->derCert.len);
if (NS_FAILED(nsrv)) {
return Result::FATAL_ERROR_LIBRARY_FAILURE;
}
const uint8_t* certHash(
reinterpret_cast<const uint8_t*>(digest.get().data));
size_t certHashLen = digest.get().len;
size_t unused;
if (!mozilla::BinarySearchIf(WhitelistedCNNICHashes, 0,
ArrayLength(WhitelistedCNNICHashes),
WhitelistedCNNICHashBinarySearchComparator(
certHash, certHashLen),
&unused)) {
return Result::ERROR_REVOKED_CERTIFICATE;
}
}
bool isBuiltInRoot = false;
srv = IsCertBuiltInRoot(root, isBuiltInRoot);
if (srv != SECSuccess) {
return MapPRErrorCodeToResult(PR_GetError());
}
bool skipPinningChecksBecauseOfMITMMode =
(!isBuiltInRoot && mPinningMode == CertVerifier::pinningAllowUserCAMITM);
// If mHostname isn't set, we're not verifying in the context of a TLS
// handshake, so don't verify HPKP in those cases.
if (mHostname && (mPinningMode != CertVerifier::pinningDisabled) &&
!skipPinningChecksBecauseOfMITMMode) {
bool enforceTestMode =
(mPinningMode == CertVerifier::pinningEnforceTestMode);
bool chainHasValidPins;
nsresult nsrv = PublicKeyPinningService::ChainHasValidPins(
certList, mHostname, time, enforceTestMode, chainHasValidPins);
if (NS_FAILED(nsrv)) {
return Result::FATAL_ERROR_LIBRARY_FAILURE;
}
if (!chainHasValidPins) {
return Result::ERROR_KEY_PINNING_FAILURE;
}
}
if (mBuiltChain) {
security/manager/ssl/PublicKeyPinningService.cpp
+4 -77
View File
@@ -4,15 +4,12 @@
#include "PublicKeyPinningService.h"
#include "cert.h"
#include "mozilla/Base64.h"
#include "mozilla/Telemetry.h"
#include "nsISiteSecurityService.h"
#include "nssb64.h"
#include "nsServiceManagerUtils.h"
#include "nsSiteSecurityService.h"
#include "nsString.h"
#include "nsTArray.h"
#include "nssb64.h"
#include "pkix/pkixtypes.h"
#include "mozilla/Logging.h"
#include "RootCertificateTelemetryUtils.h"
@@ -20,6 +17,8 @@
#include "seccomon.h"
#include "sechash.h"
#include "StaticHPKPins.h" // autogenerated by genHPKPStaticpins.js
using namespace mozilla;
using namespace mozilla::pkix;
using namespace mozilla::psm;
@@ -208,77 +207,6 @@ CheckPinsForHostname(const CERTCertList* certList, const char* hostname,
&dynamicFingerprints, chainHasValidPins);
}
/**
* Extract all the DNS names for a host (including CN) and evaluate the
* certifiate pins against all of them (Currently is an OR so we stop
* evaluating at the first OK pin).
*/
static nsresult
CheckChainAgainstAllNames(const CERTCertList* certList, bool enforceTestMode,
mozilla::pkix::Time time,
/*out*/ bool& chainHasValidPins)
{
chainHasValidPins = false;
MOZ_LOG(gPublicKeyPinningLog, LogLevel::Debug,
("pkpin: top of checkChainAgainstAllNames"));
CERTCertListNode* node = CERT_LIST_HEAD(certList);
if (!node) {
return NS_ERROR_INVALID_ARG;
}
CERTCertificate* cert = node->cert;
if (!cert) {
return NS_ERROR_INVALID_ARG;
}
ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
if (!arena) {
return NS_ERROR_FAILURE;
}
CERTGeneralName* nameList;
CERTGeneralName* currentName;
nameList = CERT_GetConstrainedCertificateNames(cert, arena.get(), PR_TRUE);
if (!nameList) {
return NS_ERROR_FAILURE;
}
currentName = nameList;
do {
if (currentName->type == certDNSName
&& currentName->name.other.data[0] != 0) {
// no need to cleaup, as the arena cleanup will do
char *hostName = (char *)PORT_ArenaAlloc(arena.get(),
currentName->name.other.len + 1);
if (!hostName) {
break;
}
// We use a temporary buffer as the hostname as returned might not be
// null terminated.
hostName[currentName->name.other.len] = 0;
memcpy(hostName, currentName->name.other.data,
currentName->name.other.len);
if (!hostName[0]) {
// cannot call CheckPinsForHostname on empty or null hostname
break;
}
nsAutoCString canonicalizedHostname(
PublicKeyPinningService::CanonicalizeHostname(hostName));
nsresult rv = CheckPinsForHostname(certList, canonicalizedHostname.get(),
enforceTestMode, time,
chainHasValidPins);
if (NS_FAILED(rv)) {
return rv;
}
if (chainHasValidPins) {
return NS_OK;
}
}
currentName = CERT_GetNextGeneralName(currentName);
} while (currentName != nameList);
return NS_OK;
}
nsresult
PublicKeyPinningService::ChainHasValidPins(const CERTCertList* certList,
const char* hostname,
@@ -291,8 +219,7 @@ PublicKeyPinningService::ChainHasValidPins(const CERTCertList* certList,
return NS_ERROR_INVALID_ARG;
}
if (!hostname || hostname[0] == 0) {
return CheckChainAgainstAllNames(certList, enforceTestMode, time,
chainHasValidPins);
return NS_ERROR_INVALID_ARG;
}
nsAutoCString canonicalizedHostname(CanonicalizeHostname(hostname));
return CheckPinsForHostname(certList, canonicalizedHostname.get(),
security/manager/ssl/StaticHPKPins.h
+1152
View File
File diff suppressed because it is too large Load Diff
security/manager/ssl/nsIX509CertDB.idl
+5 -3
View File
@@ -46,7 +46,7 @@ interface nsIVerifySignedManifestCallback : nsISupports
* This represents a service to access and manipulate
* X.509 certificates stored in a database.
*/
[scriptable, uuid(8b01c2af-3a44-44d3-8ea5-51c2455e6c4b)]
[scriptable, uuid(fbe2a0c8-ec51-4ea4-80b3-e16793141967)]
interface nsIX509CertDB : nsISupports {
/**
@@ -384,7 +384,8 @@ interface nsIX509CertDB : nsISupports {
* @param aCert Obtain the stored trust of this certificate
* @param aUsage a integer representing the usage from NSS
* @param aFlags flags as described above
* @param verifedChain chain of verification up to the root if success
* @param aHostname the (optional) hostname to verify for
* @param aVerifiedChain chain of verification up to the root if success
* @param aHasEVPolicy bool that signified that the cert was an EV cert
* @return 0 if success or the value or the error code for the verification
* failure
@@ -393,7 +394,8 @@ interface nsIX509CertDB : nsISupports {
verifyCertNow(in nsIX509Cert aCert,
in int64_t /*SECCertificateUsage*/ aUsage,
in uint32_t aFlags,
out nsIX509CertList verifiedChain,
in string aHostname,
out nsIX509CertList aVerifiedChain,
out bool aHasEVPolicy);
// Clears the OCSP cache for the current certificate verification
security/manager/ssl/nsNSSCertificateDB.cpp
+24 -11
View File
@@ -1702,16 +1702,17 @@ NS_IMETHODIMP
nsNSSCertificateDB::VerifyCertNow(nsIX509Cert* aCert,
int64_t /*SECCertificateUsage*/ aUsage,
uint32_t aFlags,
nsIX509CertList** verifiedChain,
const char* aHostname,
nsIX509CertList** aVerifiedChain,
bool* aHasEVPolicy,
int32_t* /*PRErrorCode*/ _retval )
{
NS_ENSURE_ARG_POINTER(aCert);
NS_ENSURE_ARG_POINTER(aHasEVPolicy);
NS_ENSURE_ARG_POINTER(verifiedChain);
NS_ENSURE_ARG_POINTER(aVerifiedChain);
NS_ENSURE_ARG_POINTER(_retval);
*verifiedChain = nullptr;
*aVerifiedChain = nullptr;
*aHasEVPolicy = false;
*_retval = PR_UNKNOWN_ERROR;
@@ -1736,13 +1737,25 @@ nsNSSCertificateDB::VerifyCertNow(nsIX509Cert* aCert,
SECOidTag evOidPolicy;
SECStatus srv;
srv = certVerifier->VerifyCert(nssCert, aUsage, mozilla::pkix::Now(),
nullptr, // Assume no context
nullptr, // hostname
aFlags,
nullptr, // stapledOCSPResponse
&resultChain,
&evOidPolicy);
if (aHostname && aUsage == certificateUsageSSLServer) {
srv = certVerifier->VerifySSLServerCert(nssCert,
nullptr, // stapledOCSPResponse
mozilla::pkix::Now(),
nullptr, // Assume no context
aHostname,
false, // don't save intermediates
aFlags,
&resultChain,
&evOidPolicy);
} else {
srv = certVerifier->VerifyCert(nssCert, aUsage, mozilla::pkix::Now(),
nullptr, // Assume no context
aHostname,
aFlags,
nullptr, // stapledOCSPResponse
&resultChain,
&evOidPolicy);
}
PRErrorCode error = PR_GetError();
@@ -1761,7 +1774,7 @@ nsNSSCertificateDB::VerifyCertNow(nsIX509Cert* aCert,
NS_ENSURE_TRUE(error != 0, NS_ERROR_FAILURE);
*_retval = error;
}
nssCertList.forget(verifiedChain);
nssCertList.forget(aVerifiedChain);
return NS_OK;
}
security/manager/ssl/tests/unit/head_psm.js
+102 -46
View File
@@ -30,21 +30,20 @@ const SEC_ERROR_BASE = Ci.nsINSSErrorsService.NSS_SEC_ERROR_BASE;
const SSL_ERROR_BASE = Ci.nsINSSErrorsService.NSS_SSL_ERROR_BASE;
const MOZILLA_PKIX_ERROR_BASE = Ci.nsINSSErrorsService.MOZILLA_PKIX_ERROR_BASE;
// This isn't really a valid PRErrorCode, but is useful for signalling that
// a test is expected to succeed.
const PRErrorCodeSuccess = 0;
// Sort in numerical order
const SEC_ERROR_INVALID_ARGS = SEC_ERROR_BASE + 5; // -8187
const SEC_ERROR_INVALID_TIME = SEC_ERROR_BASE + 8;
const SEC_ERROR_BAD_DER = SEC_ERROR_BASE + 9;
const SEC_ERROR_EXPIRED_CERTIFICATE = SEC_ERROR_BASE + 11;
const SEC_ERROR_REVOKED_CERTIFICATE = SEC_ERROR_BASE + 12; // -8180
const SEC_ERROR_UNKNOWN_ISSUER = SEC_ERROR_BASE + 13;
const SEC_ERROR_BAD_DATABASE = SEC_ERROR_BASE + 18;
const SEC_ERROR_UNTRUSTED_ISSUER = SEC_ERROR_BASE + 20; // -8172
const SEC_ERROR_UNTRUSTED_CERT = SEC_ERROR_BASE + 21; // -8171
const SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE = SEC_ERROR_BASE + 30; // -8162
const SEC_ERROR_EXTENSION_VALUE_INVALID = SEC_ERROR_BASE + 34; // -8158
const SEC_ERROR_EXTENSION_NOT_FOUND = SEC_ERROR_BASE + 35; // -8157
const SEC_ERROR_CA_CERT_INVALID = SEC_ERROR_BASE + 36;
const SEC_ERROR_INVALID_KEY = SEC_ERROR_BASE + 40; // -8152
const SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION = SEC_ERROR_BASE + 41;
const SEC_ERROR_INADEQUATE_KEY_USAGE = SEC_ERROR_BASE + 90; // -8102
const SEC_ERROR_INADEQUATE_CERT_TYPE = SEC_ERROR_BASE + 91; // -8101
@@ -64,7 +63,6 @@ const SEC_ERROR_OCSP_INVALID_SIGNING_CERT = SEC_ERROR_BASE + 144;
const SEC_ERROR_POLICY_VALIDATION_FAILED = SEC_ERROR_BASE + 160; // -8032
const SEC_ERROR_OCSP_BAD_SIGNATURE = SEC_ERROR_BASE + 157;
const SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED = SEC_ERROR_BASE + 176;
const SEC_ERROR_APPLICATION_CALLBACK_ERROR = SEC_ERROR_BASE + 178;
const SSL_ERROR_BAD_CERT_DOMAIN = SSL_ERROR_BASE + 12;
const SSL_ERROR_BAD_CERT_ALERT = SSL_ERROR_BASE + 17;
@@ -89,6 +87,23 @@ const certificateUsageStatusResponder = 0x0400;
const NO_FLAGS = 0;
// Commonly certificates are represented as PEM. The format is roughly as
// follows:
//
// -----BEGIN CERTIFICATE-----
// [some lines of base64, each typically 64 characters long]
// -----END CERTIFICATE-----
//
// However, nsIX509CertDB.constructX509FromBase64 and related functions do not
// handle input of this form. Instead, they require a single string of base64
// with no newlines or BEGIN/END headers. This is a helper function to convert
// PEM to the format that nsIX509CertDB requires.
function pemToBase64(pem) {
return pem.replace(/-----BEGIN CERTIFICATE-----/, "")
.replace(/-----END CERTIFICATE-----/, "")
.replace(/[\r\n]/g, "");
}
function readFile(file) {
let fstream = Cc["@mozilla.org/network/file-input-stream;1"]
.createInstance(Ci.nsIFileInputStream);
@@ -100,8 +115,16 @@ function readFile(file) {
function addCertFromFile(certdb, filename, trustString) {
let certFile = do_get_file(filename, false);
let der = readFile(certFile);
certdb.addCert(der, trustString, null);
let certBytes = readFile(certFile);
let successful = false;
try {
certdb.addCert(certBytes, trustString, null);
successful = true;
} catch (e) {}
if (!successful) {
// It might be PEM instead of DER.
certdb.addCertFromBase64(pemToBase64(certBytes), trustString, null);
}
}
function constructCertFromFile(filename) {
@@ -124,17 +147,27 @@ function getXPCOMStatusFromNSS(statusNSS) {
return nssErrorsService.getXPCOMFromNSSError(statusNSS);
}
function checkCertErrorGeneric(certdb, cert, expectedError, usage) {
let hasEVPolicy = {};
// certdb implements nsIX509CertDB. See nsIX509CertDB.idl for documentation.
// In particular, hostname is optional.
function checkCertErrorGeneric(certdb, cert, expectedError, usage,
/*optional*/ hasEVPolicy,
/*optional*/ hostname) {
do_print(`cert cn=${cert.commonName}`);
do_print(`cert issuer cn=${cert.issuerCommonName}`);
let verifiedChain = {};
let error = certdb.verifyCertNow(cert, usage, NO_FLAGS, verifiedChain,
hasEVPolicy);
// expected error == -1 is a special marker for any error is OK
if (expectedError != -1 ) {
do_check_eq(error, expectedError);
} else {
do_check_neq (error, 0);
}
let error = certdb.verifyCertNow(cert, usage, NO_FLAGS, hostname,
verifiedChain, hasEVPolicy || {});
Assert.equal(error, expectedError,
"Actual and expected error should match");
}
function checkEVStatus(certDB, cert, usage, isEVExpected) {
do_print(`cert o=${cert.organization}`);
do_print(`cert issuer o=${cert.issuerOrganization}`);
let hasEVPolicy = {};
checkCertErrorGeneric(certDB, cert, PRErrorCodeSuccess, usage, hasEVPolicy);
Assert.equal(hasEVPolicy.value, isEVExpected,
"Actual and expected EV status should match");
}
function _getLibraryFunctionWithNoArguments(functionName, libraryName) {
@@ -217,12 +250,12 @@ function run_test() {
add_tls_server_setup("<test-server-name>");
add_connection_test("<test-name-1>.example.com",
getXPCOMStatusFromNSS(SEC_ERROR_xxx),
SEC_ERROR_xxx,
function() { ... },
function(aTransportSecurityInfo) { ... },
function(aTransport) { ... });
[...]
add_connection_test("<test-name-n>.example.com", Cr.NS_OK);
add_connection_test("<test-name-n>.example.com", PRErrorCodeSuccess);
run_next_test();
}
@@ -234,15 +267,25 @@ function add_tls_server_setup(serverBinName) {
});
}
// Add a TLS connection test case. aHost is the hostname to pass in the SNI TLS
// extension; this should unambiguously identifiy which test is being run.
// aExpectedResult is the expected nsresult of the connection.
// aBeforeConnect is a callback function that takes no arguments that will be
// called before the connection is attempted.
// aWithSecurityInfo is a callback function that takes an
// nsITransportSecurityInfo, which is called after the TLS handshake succeeds.
// aAfterStreamOpen is a callback function that is called with the
// nsISocketTransport once the output stream is ready.
/**
* Add a TLS connection test case.
*
* @param {String} aHost
* The hostname to pass in the SNI TLS extension; this should unambiguously
* identify which test is being run.
* @param {PRErrorCode} aExpectedResult
* The expected result of the connection. If an error is not expected, pass
* in PRErrorCodeSuccess.
* @param {Function} aBeforeConnect
* A callback function that takes no arguments that will be called before the
* connection is attempted.
* @param {Function} aWithSecurityInfo
* A callback function that takes an nsITransportSecurityInfo, which is called
* after the TLS handshake succeeds.
* @param {Function} aAfterStreamOpen
* A callback function that is called with the nsISocketTransport once the
* output stream is ready.
*/
function add_connection_test(aHost, aExpectedResult,
aBeforeConnect, aWithSecurityInfo,
aAfterStreamOpen) {
@@ -280,7 +323,8 @@ function add_connection_test(aHost, aExpectedResult,
try {
// this will throw if the stream has been closed by an error
let str = NetUtil.readInputStreamToString(aStream, aStream.available());
do_check_eq(str, "0");
Assert.equal(str, "0",
"Should have received ASCII '0' from server");
this.inputStream.close();
this.outputStream.close();
this.result = Cr.NS_OK;
@@ -326,7 +370,11 @@ function add_connection_test(aHost, aExpectedResult,
}
connectTo(aHost).then(function(conn) {
do_print("handling " + aHost);
do_check_eq(conn.result, aExpectedResult);
let expectedNSResult = aExpectedResult == PRErrorCodeSuccess
? Cr.NS_OK
: getXPCOMStatusFromNSS(aExpectedResult);
Assert.equal(conn.result, expectedNSResult,
"Actual and expected connection result should match");
if (aWithSecurityInfo) {
aWithSecurityInfo(conn.transport.securityInfo
.QueryInterface(Ci.nsITransportSecurityInfo));
@@ -357,7 +405,7 @@ function _getBinaryUtil(binaryUtilName) {
utilBin.initWithPath("/data/local/xpcb/");
utilBin.append(binaryUtilName);
}
do_check_true(utilBin.exists());
Assert.ok(utilBin.exists(), `Binary util ${binaryUtilName} should exist`);
return utilBin;
}
@@ -377,8 +425,8 @@ function _setupTLSServerTest(serverBinName)
.getService(Ci.nsIEnvironment);
let greBinDir = directoryService.get("GreBinD", Ci.nsIFile);
envSvc.set("DYLD_LIBRARY_PATH", greBinDir.path);
// Android libraries are in /data/local/xpcb, but "GreBinD" does not return
// this path on Android, so hard code it here.
// TODO(bug 1107794): Android libraries are in /data/local/xpcb, but "GreBinD"
// does not return this path on Android, so hard code it here.
envSvc.set("LD_LIBRARY_PATH", greBinDir.path + ":/data/local/xpcb");
envSvc.set("MOZ_TLS_SERVER_DEBUG_LEVEL", "3");
envSvc.set("MOZ_TLS_SERVER_CALLBACK_PORT", CALLBACK_PORT);
@@ -401,7 +449,7 @@ function _setupTLSServerTest(serverBinName)
process.init(serverBin);
let certDir = directoryService.get("CurWorkD", Ci.nsILocalFile);
certDir.append("tlsserver");
do_check_true(certDir.exists());
Assert.ok(certDir.exists(), "tlsserver folder should exist");
// Using "sql:" causes the SQL DB to be used so we can run tests on Android.
process.run(false, [ "sql:" + certDir.path ], 1);
@@ -436,7 +484,7 @@ function generateOCSPResponses(ocspRespArray, nssDBlocation)
.createInstance(Ci.nsIProcess);
process.init(ocspGenBin);
process.run(true, argArray, 5);
do_check_eq(0, process.exitValue);
Assert.equal(0, process.exitValue, "Process exit value should be 0");
let ocspFile = do_get_file(i.toString() + ".ocsp", false);
retArray.push(readFile(ocspFile));
ocspFile.remove(false);
@@ -450,7 +498,7 @@ function generateOCSPResponses(ocspRespArray, nssDBlocation)
function getFailingHttpServer(serverPort, serverIdentities) {
let httpServer = new HttpServer();
httpServer.registerPrefixHandler("/", function(request, response) {
do_check_true(false);
Assert.ok(false, "HTTP responder should not have been queried");
});
httpServer.identity.setPrimary("http", serverIdentities.shift(), serverPort);
serverIdentities.forEach(function(identity) {
@@ -474,7 +522,7 @@ function getFailingHttpServer(serverPort, serverIdentities) {
// identity is the http hostname that will answer the OCSP requests
// invalidIdentities is an array of identities that if used an
// will cause a test failure
// nssDBlocaion is the location of the NSS database from where the OCSP
// nssDBLocation is the location of the NSS database from where the OCSP
// responses will be generated (assumes appropiate keys are present)
// expectedCertNames is an array of nicks of the certs to be responsed
// expectedBasePaths is an optional array that is used to indicate
@@ -498,16 +546,20 @@ function startOCSPResponder(serverPort, identity, invalidIdentities,
httpServer.registerPrefixHandler("/",
function handleServerCallback(aRequest, aResponse) {
invalidIdentities.forEach(function(identity) {
do_check_neq(aRequest.host, identity)
Assert.notEqual(aRequest.host, identity,
"Request host and invalid identity should not match")
});
do_print("got request for: " + aRequest.path);
let basePath = aRequest.path.slice(1).split("/")[0];
if (expectedBasePaths.length >= 1) {
do_check_eq(basePath, expectedBasePaths.shift());
Assert.equal(basePath, expectedBasePaths.shift(),
"Actual and expected base path should match");
}
do_check_true(expectedCertNames.length >= 1);
Assert.ok(expectedCertNames.length >= 1,
"expectedCertNames should contain >= 1 entries");
if (expectedMethods && expectedMethods.length >= 1) {
do_check_eq(aRequest.method, expectedMethods.shift());
Assert.equal(aRequest.method, expectedMethods.shift(),
"Actual and expected fetch method should match");
}
aResponse.setStatusLine(aRequest.httpVersion, 200, "OK");
aResponse.setHeader("Content-Type", "application/ocsp-response");
@@ -521,15 +573,19 @@ function startOCSPResponder(serverPort, identity, invalidIdentities,
return {
stop: function(callback) {
// make sure we consumed each expected response
do_check_eq(ocspResponses.length, 0);
Assert.equal(ocspResponses.length, 0,
"Should have 0 remaining expected OCSP responses");
if (expectedMethods) {
do_check_eq(expectedMethods.length, 0);
Assert.equal(expectedMethods.length, 0,
"Should have 0 remaining expected fetch methods");
}
if (expectedBasePaths) {
do_check_eq(expectedBasePaths.length, 0);
Assert.equal(expectedBasePaths.length, 0,
"Should have 0 remaining expected base paths");
}
if (expectedResponseTypes) {
do_check_eq(expectedResponseTypes.length, 0);
Assert.equal(expectedResponseTypes.length, 0,
"Should have 0 remaining expected response types");
}
httpServer.stop(callback);
}
security/manager/ssl/tests/unit/moz.build
+1
View File
@@ -5,6 +5,7 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
DIRS += ['tlsserver']
TEST_DIRS += ['test_intermediate_basic_usage_constraints']
if not CONFIG['MOZ_NO_SMART_CARDS']:
DIRS += ['pkcs11testmodule']
security/manager/ssl/tests/unit/psm_common_py/CertUtils.py
+9
View File
@@ -10,6 +10,15 @@ import pexpect
import time
import sys
aia_prefix = 'authorityInfoAccess = OCSP;URI:http://www.example.com:8888/'
aia_suffix = '/\n'
mozilla_testing_ev_policy = ('certificatePolicies = @v3_ca_ev_cp\n\n' +
'[ v3_ca_ev_cp ]\n' +
'policyIdentifier = ' +
'1.3.6.1.4.1.13769.666.666.666.1.500.9.1\n\n' +
'CPS.1 = "http://mytestdomain.local/cps"')
def generate_cert_generic(db_dir, dest_dir, serial_num, key_type, name,
ext_text, signer_key_filename = "",
signer_cert_filename = "",
security/manager/ssl/tests/unit/pycert.py
+394
View File
@@ -0,0 +1,394 @@
#!/usr/bin/env python
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
"""
Reads a certificate specification from stdin or a file and outputs a
signed x509 certificate with the desired properties.
The input format is as follows:
issuer:<string to use as the issuer common name>
subject:<string to use as the subject common name>
[extension:<extension name:<extension-specific data>>]
[...]
Known extensions are:
basicConstraints:[cA],[pathLenConstraint]
keyUsage:[digitalSignature,nonRepudiation,keyEncipherment,
dataEncipherment,keyAgreement,keyCertSign,cRLSign]
extKeyUsage:[serverAuth,clientAuth]
In the future it will be possible to specify other properties of the
generated certificate (for example, its validity period, signature
algorithm, etc.). For now, those fields have reasonable default values.
Currently one shared RSA key is used for all signatures.
"""
from pyasn1.codec.der import decoder
from pyasn1.codec.der import encoder
from pyasn1.type import constraint, namedtype, tag, univ, useful
from pyasn1_modules import rfc2459
import base64
import binascii
import datetime
import hashlib
import sys
import rsa
class UnknownBaseError(Exception):
"""Base class for handling unexpected input in this module."""
def __init__(self, value):
self.value = value
self.category = 'input'
def __str__(self):
return 'Unknown %s type "%s"' % (self.category, repr(self.value))
class UnknownAlgorithmTypeError(UnknownBaseError):
"""Helper exception type to handle unknown algorithm types."""
def __init__(self, value):
UnknownBaseError.__init__(self, value)
self.category = 'algorithm'
class UnknownParameterTypeError(UnknownBaseError):
"""Helper exception type to handle unknown input parameters."""
def __init__(self, value):
UnknownBaseError.__init__(self, value)
self.category = 'parameter'
class UnknownExtensionTypeError(UnknownBaseError):
"""Helper exception type to handle unknown input extensions."""
def __init__(self, value):
UnknownBaseError.__init__(self, value)
self.category = 'extension'
class UnknownKeyPurposeTypeError(UnknownBaseError):
"""Helper exception type to handle unknown key purposes."""
def __init__(self, value):
UnknownBaseError.__init__(self, value)
self.category = 'keyPurpose'
def getASN1Tag(asn1Type):
"""Helper function for returning the base tag value of a given
type from the pyasn1 package"""
return asn1Type.baseTagSet.getBaseTag().asTuple()[2]
def stringToAlgorithmIdentifier(string):
"""Helper function that converts a description of an algorithm
to a representation usable by the pyasn1 package"""
algorithmIdentifier = rfc2459.AlgorithmIdentifier()
algorithm = None
if string == 'sha256WithRSAEncryption':
algorithm = univ.ObjectIdentifier('1.2.840.113549.1.1.11')
# In the future, more algorithms will be supported.
if algorithm == None:
raise UnknownAlgorithmTypeError(string)
algorithmIdentifier.setComponentByName('algorithm', algorithm)
return algorithmIdentifier
def stringToCommonName(string):
"""Helper function for taking a string and building an x520 name
representation usable by the pyasn1 package. Currently returns one
RDN with one AVA consisting of a Common Name encoded as a
UTF8String."""
commonName = rfc2459.X520CommonName()
commonName.setComponentByName('utf8String', string)
ava = rfc2459.AttributeTypeAndValue()
ava.setComponentByName('type', rfc2459.id_at_commonName)
ava.setComponentByName('value', commonName)
rdn = rfc2459.RelativeDistinguishedName()
rdn.setComponentByPosition(0, ava)
rdns = rfc2459.RDNSequence()
rdns.setComponentByPosition(0, rdn)
name = rfc2459.Name()
name.setComponentByPosition(0, rdns)
return name
def datetimeToTime(dt):
"""Takes a datetime object and returns an rfc2459.Time object with
that time as its value as a GeneralizedTime"""
time = rfc2459.Time()
time.setComponentByName('generalTime', useful.GeneralizedTime(dt.strftime('%Y%m%d%H%M%SZ')))
return time
def byteStringToHexifiedBitString(string):
"""Takes a string of bytes and returns a hex string representing
those bytes for use with pyasn1.type.univ.BitString. It must be of
the form "'<hex bytes>'H", where the trailing 'H' indicates to
pyasn1 that the input is a hex string."""
return "'%s'H" % binascii.hexlify(string)
class RSAPublicKey(univ.Sequence):
"""Helper type for encoding an RSA public key"""
componentType = namedtype.NamedTypes(
namedtype.NamedType('N', univ.Integer()),
namedtype.NamedType('E', univ.Integer()))
class Certificate:
"""Utility class for reading a certificate specification and
generating a signed x509 certificate"""
sharedRSA_N = long(
'00ba8851a8448e16d641fd6eb6880636103d3c13d9eae4354ab4ecf56857'
'6c247bc1c725a8e0d81fbdb19c069b6e1a86f26be2af5a756b6a6471087a'
'a55aa74587f71cd5249c027ecd43fc1e69d038202993ab20c349e4dbb94c'
'c26b6c0eed15820ff17ead691ab1d3023a8b2a41eea770e00f0d8dfd660b'
'2bb02492a47db988617990b157903dd23bc5e0b8481fa837d38843ef2716'
'd855b7665aaa7e02902f3a7b10800624cc1c6c97ad96615bb7e29612c075'
'31a30c91ddb4caf7fcad1d25d309efb9170ea768e1b37b2f226f69e3b48a'
'95611dee26d6259dab91084e36cb1c24042cbf168b2fe5f18f991731b8b3'
'fe4923fa7251c431d503acda180a35ed8d', 16)
sharedRSA_E = 65537L
sharedRSA_D = long(
'009ecbce3861a454ecb1e0fe8f85dd43c92f5825ce2e997884d0e1a949da'
'a2c5ac559b240450e5ac9fe0c3e31c0eefa6525a65f0c22194004ee1ab46'
'3dde9ee82287cc93e746a91929c5e6ac3d88753f6c25ba5979e73e5d8fb2'
'39111a3cdab8a4b0cdf5f9cab05f1233a38335c64b5560525e7e3b92ad7c'
'7504cf1dc7cb005788afcbe1e8f95df7402a151530d5808346864eb370aa'
'79956a587862cb533791307f70d91c96d22d001a69009b923c683388c9f3'
'6cb9b5ebe64302041c78d908206b87009cb8cabacad3dbdb2792fb911b2c'
'f4db6603585be9ae0ca3b8e6417aa04b06e470ea1a3b581ca03a6781c931'
'5b62b30e6011f224725946eec57c6d9441', 16)
sharedRSA_P = long(
'00dd6e1d4fffebf68d889c4d114cdaaa9caa63a59374286c8a5c29a717bb'
'a60375644d5caa674c4b8bc7326358646220e4550d7608ac27d55b6db74f'
'8d8127ef8fa09098b69147de065573447e183d22fe7d885aceb513d9581d'
'd5e07c1a90f5ce0879de131371ecefc9ce72e9c43dc127d238190de81177'
'3ca5d19301f48c742b', 16)
sharedRSA_Q = long(
'00d7a773d9ebc380a767d2fec0934ad4e8b5667240771acdebb5ad796f47'
'8fec4d45985efbc9532968289c8d89102fadf21f34e2dd4940eba8c09d6d'
'1f16dcc29729774c43275e9251ddbe4909e1fd3bf1e4bedf46a39b8b3833'
'28ef4ae3b95b92f2070af26c9e7c5c9b587fedde05e8e7d86ca57886fb16'
'5810a77b9845bc3127', 16)
def __init__(self, paramStream, now=datetime.datetime.utcnow()):
self.version = 'v3'
self.signature = 'sha256WithRSAEncryption'
self.issuer = 'Default Issuer'
oneYear = datetime.timedelta(days=365)
self.notBefore = now - oneYear
self.notAfter = now + oneYear
self.subject = 'Default Subject'
self.signatureAlgorithm = 'sha256WithRSAEncryption'
self.extensions = None
self.decodeParams(paramStream)
self.serialNumber = self.generateSerialNumber()
def generateSerialNumber(self):
"""Generates a serial number for this certificate based on its
contents. Intended to be reproducible for compatibility with
the build system on OS X (see the comment above main, later in
this file)."""
hasher = hashlib.sha256()
hasher.update(self.version)
hasher.update(self.signature)
hasher.update(self.issuer)
hasher.update(str(self.notBefore))
hasher.update(str(self.notAfter))
hasher.update(self.subject)
hasher.update(self.signatureAlgorithm)
if self.extensions:
for extension in self.extensions:
hasher.update(str(extension))
serialBytes = [ord(c) for c in hasher.digest()[:20]]
# Ensure that the most significant bit isn't set (which would
# indicate a negative number, which isn't valid for serial
# numbers).
serialBytes[0] &= 0x7f
# Also ensure that the least significant bit on the most
# significant byte is set (to prevent a leading zero byte,
# which also wouldn't be valid).
serialBytes[0] |= 0x01
# Now prepend the ASN.1 INTEGER tag and length bytes.
serialBytes.insert(0, len(serialBytes))
serialBytes.insert(0, getASN1Tag(univ.Integer))
return ''.join(chr(b) for b in serialBytes)
def decodeParams(self, paramStream):
for line in paramStream.readlines():
self.decodeParam(line.strip())
def decodeParam(self, line):
param = line.split(':')[0]
value = ':'.join(line.split(':')[1:])
if param == 'subject':
self.subject = value
elif param == 'issuer':
self.issuer = value
elif param == 'extension':
self.decodeExtension(value)
else:
raise UnknownParameterTypeError(param)
def decodeExtension(self, extension):
extensionType = extension.split(':')[0]
value = ':'.join(extension.split(':')[1:])
if extensionType == 'basicConstraints':
self.addBasicConstraints(value)
elif extensionType == 'keyUsage':
self.addKeyUsage(value)
elif extensionType == 'extKeyUsage':
self.addExtKeyUsage(value)
else:
raise UnknownExtensionTypeError(extensionType)
def addExtension(self, extensionType, extensionValue):
if not self.extensions:
self.extensions = []
encapsulated = univ.OctetString(encoder.encode(extensionValue))
extension = rfc2459.Extension()
extension.setComponentByName('extnID', extensionType)
extension.setComponentByName('extnValue', encapsulated)
self.extensions.append(extension)
def addBasicConstraints(self, basicConstraints):
cA = basicConstraints.split(',')[0]
pathLenConstraint = basicConstraints.split(',')[1]
basicConstraintsExtension = rfc2459.BasicConstraints()
basicConstraintsExtension.setComponentByName('cA', cA == 'cA')
if pathLenConstraint:
pathLenConstraintValue = \
univ.Integer(int(pathLenConstraint)).subtype(
subtypeSpec=constraint.ValueRangeConstraint(0, 64))
basicConstraintsExtension.setComponentByName('pathLenConstraint',
pathLenConstraintValue)
self.addExtension(rfc2459.id_ce_basicConstraints, basicConstraintsExtension)
def addKeyUsage(self, keyUsage):
keyUsageExtension = rfc2459.KeyUsage(keyUsage)
self.addExtension(rfc2459.id_ce_keyUsage, keyUsageExtension)
def keyPurposeToOID(self, keyPurpose):
if keyPurpose == 'serverAuth':
# the OID for id_kp_serverAuth is incorrect in the
# pyasn1-modules implementation
return univ.ObjectIdentifier('1.3.6.1.5.5.7.3.1')
if keyPurpose == 'clientAuth':
return rfc2459.id_kp_clientAuth
raise UnknownKeyPurposeTypeError(keyPurpose)
def addExtKeyUsage(self, extKeyUsage):
extKeyUsageExtension = rfc2459.ExtKeyUsageSyntax()
count = 0
for keyPurpose in extKeyUsage.split(','):
extKeyUsageExtension.setComponentByPosition(count, self.keyPurposeToOID(keyPurpose))
count += 1
self.addExtension(rfc2459.id_ce_extKeyUsage, extKeyUsageExtension)
def getVersion(self):
return rfc2459.Version(self.version).subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))
def getSerialNumber(self):
return decoder.decode(self.serialNumber)[0]
def getSignature(self):
return stringToAlgorithmIdentifier(self.signature)
def getIssuer(self):
return stringToCommonName(self.issuer)
def getValidity(self):
validity = rfc2459.Validity()
validity.setComponentByName('notBefore', self.getNotBefore())
validity.setComponentByName('notAfter', self.getNotAfter())
return validity
def getNotBefore(self):
return datetimeToTime(self.notBefore)
def getNotAfter(self):
return datetimeToTime(self.notAfter)
def getSubject(self):
return stringToCommonName(self.subject)
def getSignatureAlgorithm(self):
return stringToAlgorithmIdentifier(self.signature)
def getSubjectPublicKey(self):
rsaKey = RSAPublicKey()
rsaKey.setComponentByName('N', univ.Integer(self.sharedRSA_N))
rsaKey.setComponentByName('E', univ.Integer(self.sharedRSA_E))
return univ.BitString(byteStringToHexifiedBitString(encoder.encode(rsaKey)))
def getSubjectPublicKeyInfo(self):
algorithmIdentifier = rfc2459.AlgorithmIdentifier()
algorithmIdentifier.setComponentByName('algorithm', rfc2459.rsaEncryption)
algorithmIdentifier.setComponentByName('parameters', univ.Null())
spki = rfc2459.SubjectPublicKeyInfo()
spki.setComponentByName('algorithm', algorithmIdentifier)
spki.setComponentByName('subjectPublicKey', self.getSubjectPublicKey())
return spki
def toDER(self):
tbsCertificate = rfc2459.TBSCertificate()
tbsCertificate.setComponentByName('version', self.getVersion())
tbsCertificate.setComponentByName('serialNumber', self.getSerialNumber())
tbsCertificate.setComponentByName('signature', self.getSignature())
tbsCertificate.setComponentByName('issuer', self.getIssuer())
tbsCertificate.setComponentByName('validity', self.getValidity())
tbsCertificate.setComponentByName('subject', self.getSubject())
tbsCertificate.setComponentByName('subjectPublicKeyInfo', self.getSubjectPublicKeyInfo())
if self.extensions:
extensions = rfc2459.Extensions().subtype(
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))
count = 0
for extension in self.extensions:
extensions.setComponentByPosition(count, extension)
count += 1
tbsCertificate.setComponentByName('extensions', extensions)
tbsDER = encoder.encode(tbsCertificate)
rsaPrivateKey = rsa.PrivateKey(self.sharedRSA_N, self.sharedRSA_E, self.sharedRSA_D,
self.sharedRSA_P, self.sharedRSA_Q)
signature = rsa.sign(tbsDER, rsaPrivateKey, 'SHA-256')
certificate = rfc2459.Certificate()
certificate.setComponentByName('tbsCertificate', tbsCertificate)
certificate.setComponentByName('signatureAlgorithm', self.getSignatureAlgorithm())
certificate.setComponentByName('signatureValue', byteStringToHexifiedBitString(signature))
return encoder.encode(certificate)
def toPEM(self):
output = '-----BEGIN CERTIFICATE-----'
der = self.toDER()
b64 = base64.b64encode(der)
while b64:
output += '\n' + b64[:64]
b64 = b64[64:]
output += '\n-----END CERTIFICATE-----'
return output
# The build harness will call this function with an output file-like
# object, a path to a file containing a specification, and the path to
# the directory containing the buildid file. This will read the
# specification and output the certificate as PEM. The purpose of the
# buildid file is to provide a single definition of 'now'. This is
# particularly important when building on OS X, where we generate
# everything twice for unified builds. During the unification step, if
# any pair of input files differ, the build system throws an error.
def main(output, inputPath, buildIDPath):
with open(buildIDPath) as buildidFile:
buildid = buildidFile.read().strip()
now = datetime.datetime.strptime(buildid, '%Y%m%d%H%M%S')
with open(inputPath) as configStream:
output.write(Certificate(configStream, now=now).toPEM())
# When run as a standalone program, this will read a specification from
# stdin and output the certificate as PEM to stdout.
if __name__ == '__main__':
print Certificate(sys.stdin).toPEM()
security/manager/ssl/tests/unit/test_add_preexisting_cert.js
+6 -10
View File
@@ -7,7 +7,7 @@ let certDB = Cc["@mozilla.org/security/x509certdb;1"]
.getService(Ci.nsIX509CertDB);
function load_cert(cert, trust) {
let file = "test_intermediate_basic_usage_constraints/" + cert + ".der";
let file = "test_intermediate_basic_usage_constraints/" + cert + ".pem";
addCertFromFile(certDB, file, trust);
}
@@ -28,10 +28,8 @@ function run_test() {
let file = "test_intermediate_basic_usage_constraints/ee-int-limited-depth.der";
let cert_der = readFile(do_get_file(file));
let ee = certDB.constructX509(cert_der, cert_der.length);
let hasEVPolicy = {};
let verifiedChain = {};
equal(Cr.NS_OK, certDB.verifyCertNow(ee, certificateUsageSSLServer,
NO_FLAGS, verifiedChain, hasEVPolicy));
checkCertErrorGeneric(certDB, ee, PRErrorCodeSuccess,
certificateUsageSSLServer);
// Change the already existing intermediate certificate's trust using
// addCertFromBase64(). We use findCertByNickname first to ensure that the
// certificate already exists.
@@ -39,8 +37,6 @@ function run_test() {
ok(int_cert);
let base64_cert = btoa(getDERString(int_cert));
certDB.addCertFromBase64(base64_cert, "p,p,p", "ignored_argument");
equal(SEC_ERROR_UNTRUSTED_ISSUER, certDB.verifyCertNow(ee,
certificateUsageSSLServer,
NO_FLAGS, verifiedChain,
hasEVPolicy));
}
checkCertErrorGeneric(certDB, ee, SEC_ERROR_UNTRUSTED_ISSUER,
certificateUsageSSLServer);
}
security/manager/ssl/tests/unit/test_cert_blocklist.js
+4 -5
View File
@@ -153,8 +153,7 @@ converter.charset = "UTF-8";
function verify_cert(file, expectedError) {
let cert_der = readFile(do_get_file(file));
let ee = certDB.constructX509(cert_der, cert_der.length);
equal(expectedError, certDB.verifyCertNow(ee, certificateUsageSSLServer,
NO_FLAGS, {}, {}));
checkCertErrorGeneric(certDB, ee, expectedError, certificateUsageSSLServer);
}
function load_cert(cert, trust) {
@@ -221,12 +220,12 @@ function run_test() {
// test-int-ee.der.
// Check the cert validates before we load the blocklist
let file = "tlsserver/test-int-ee.der";
verify_cert(file, Cr.NS_OK);
verify_cert(file, PRErrorCodeSuccess);
// The blocklist also revokes other-test-ca.der, which issued other-ca-ee.der.
// Check the cert validates before we load the blocklist
file = "tlsserver/default-ee.der";
verify_cert(file, Cr.NS_OK);
verify_cert(file, PRErrorCodeSuccess);
// blocklist load is async so we must use add_test from here
add_test(function() {
@@ -296,7 +295,7 @@ function run_test() {
// Check a non-blocklisted chain still validates OK
file = "tlsserver/default-ee.der";
verify_cert(file, Cr.NS_OK);
verify_cert(file, PRErrorCodeSuccess);
// Check a bad cert is still bad (unknown issuer)
file = "tlsserver/unknown-issuer.der";
security/manager/ssl/tests/unit/test_cert_chains.js
+3 -3
View File
@@ -101,7 +101,7 @@ function run_test() {
// Test successful connection (failedCertChain should be null)
add_connection_test(
// re-use pinning certs (keeler)
"good.include-subdomains.pinning.example.com", Cr.NS_OK, null,
"good.include-subdomains.pinning.example.com", PRErrorCodeSuccess, null,
function withSecurityInfo(aTransportSecurityInfo) {
aTransportSecurityInfo.QueryInterface(Ci.nsITransportSecurityInfo);
test_security_info_serialization(aTransportSecurityInfo, 0);
@@ -112,7 +112,7 @@ function run_test() {
// Test overrideable connection failure (failedCertChain should be non-null)
add_connection_test(
"expired.example.com",
getXPCOMStatusFromNSS(SEC_ERROR_EXPIRED_CERTIFICATE),
SEC_ERROR_EXPIRED_CERTIFICATE,
null,
function withSecurityInfo(securityInfo) {
securityInfo.QueryInterface(Ci.nsITransportSecurityInfo);
@@ -126,7 +126,7 @@ function run_test() {
// Test non-overrideable error (failedCertChain should be non-null)
add_connection_test(
"inadequatekeyusage.example.com",
getXPCOMStatusFromNSS(SEC_ERROR_INADEQUATE_KEY_USAGE),
SEC_ERROR_INADEQUATE_KEY_USAGE,
null,
function withSecurityInfo(securityInfo) {
securityInfo.QueryInterface(Ci.nsITransportSecurityInfo);
security/manager/ssl/tests/unit/test_cert_eku-CA.js
+6 -6
View File
@@ -25,13 +25,13 @@ function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-CA', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -43,7 +43,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -55,13 +55,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -97,7 +97,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
security/manager/ssl/tests/unit/test_cert_eku-CA_EP.js
+18 -18
View File
@@ -25,17 +25,17 @@ function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_EP', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -43,7 +43,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -55,13 +55,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -70,14 +70,14 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -88,20 +88,20 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
security/manager/ssl/tests/unit/test_cert_eku-CA_EP_NS_OS_SA_TS.js
+32 -32
View File
@@ -24,26 +24,26 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_EP_NS_OS_SA_TS', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_EP_NS_OS_SA_TS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -54,14 +54,14 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -70,38 +70,38 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -114,9 +114,9 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -132,27 +132,27 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-CA_NS.js
+13 -13
View File
@@ -24,14 +24,14 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_NS', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_NS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -43,7 +43,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -55,13 +55,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -86,7 +86,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -97,8 +97,8 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -116,7 +116,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -146,13 +146,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-CA_OS.js
+13 -13
View File
@@ -25,13 +25,13 @@ function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_OS', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -42,8 +42,8 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -54,14 +54,14 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -84,7 +84,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -97,7 +97,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -114,7 +114,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -132,19 +132,19 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
security/manager/ssl/tests/unit/test_cert_eku-CA_SA.js
+13 -13
View File
@@ -24,14 +24,14 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_SA', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_SA', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -43,7 +43,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -55,13 +55,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -86,7 +86,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -97,8 +97,8 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -116,7 +116,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -146,13 +146,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-CA_TS.js
+6 -6
View File
@@ -25,13 +25,13 @@ function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_TS', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -43,7 +43,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -55,13 +55,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -97,7 +97,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
security/manager/ssl/tests/unit/test_cert_eku-EP.js
+12 -12
View File
@@ -34,8 +34,8 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -70,14 +70,14 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -88,20 +88,20 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
security/manager/ssl/tests/unit/test_cert_eku-EP_NS.js
+19 -19
View File
@@ -24,7 +24,7 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-EP_NS', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, load_cert('int-EKU-EP_NS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -34,8 +34,8 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -56,7 +56,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -70,14 +70,14 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -86,22 +86,22 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -116,7 +116,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -146,13 +146,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-EP_OS.js
+19 -19
View File
@@ -34,15 +34,15 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -54,7 +54,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -70,38 +70,38 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -114,7 +114,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -132,19 +132,19 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
security/manager/ssl/tests/unit/test_cert_eku-EP_SA.js
+19 -19
View File
@@ -24,7 +24,7 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-EP_SA', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, load_cert('int-EKU-EP_SA', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -34,8 +34,8 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -56,7 +56,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -70,14 +70,14 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -86,22 +86,22 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -116,7 +116,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -146,13 +146,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-EP_TS.js
+12 -12
View File
@@ -34,8 +34,8 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -70,14 +70,14 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -88,20 +88,20 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
security/manager/ssl/tests/unit/test_cert_eku-NONE.js
+32 -32
View File
@@ -24,26 +24,26 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-NONE', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, load_cert('int-EKU-NONE', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -54,14 +54,14 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
@@ -70,38 +70,38 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), 0, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), 0, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), 0, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
@@ -114,9 +114,9 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -132,27 +132,27 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-NS.js
+7 -7
View File
@@ -24,7 +24,7 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-NS', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, load_cert('int-EKU-NS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -56,7 +56,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -86,7 +86,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -98,7 +98,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -116,7 +116,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -146,13 +146,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-NS_OS.js
+14 -14
View File
@@ -24,7 +24,7 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-NS_OS', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, load_cert('int-EKU-NS_OS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -42,7 +42,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -54,9 +54,9 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -84,9 +84,9 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -98,7 +98,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -114,9 +114,9 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -132,27 +132,27 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-NS_SA.js
+7 -7
View File
@@ -24,7 +24,7 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-NS_SA', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, load_cert('int-EKU-NS_SA', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -56,7 +56,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -86,7 +86,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -98,7 +98,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -116,7 +116,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -146,13 +146,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-NS_TS.js
+7 -7
View File
@@ -24,7 +24,7 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-NS_TS', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, load_cert('int-EKU-NS_TS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -56,7 +56,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -86,7 +86,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -98,7 +98,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -116,7 +116,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -146,13 +146,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-OS.js
+7 -7
View File
@@ -42,7 +42,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -54,7 +54,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -84,7 +84,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -114,7 +114,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -132,19 +132,19 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
security/manager/ssl/tests/unit/test_cert_eku-OS_SA.js
+14 -14
View File
@@ -24,7 +24,7 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-OS_SA', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, load_cert('int-EKU-OS_SA', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -42,7 +42,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -54,9 +54,9 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -84,9 +84,9 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -98,7 +98,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -114,9 +114,9 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -132,27 +132,27 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-OS_TS.js
+7 -7
View File
@@ -42,7 +42,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -54,7 +54,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -84,7 +84,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -114,7 +114,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -132,19 +132,19 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), 0, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
security/manager/ssl/tests/unit/test_cert_eku-SA.js
+7 -7
View File
@@ -24,7 +24,7 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-SA', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, load_cert('int-EKU-SA', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -56,7 +56,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -86,7 +86,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -98,7 +98,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -116,7 +116,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -146,13 +146,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku-SA_TS.js
+7 -7
View File
@@ -24,7 +24,7 @@ function load_cert(cert_name, trust_string) {
function run_test() {
load_cert("ca", "CT,CT,CT");
checkCertErrorGeneric(certdb, load_cert('int-EKU-SA_TS', ',,'), 0, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, load_cert('int-EKU-SA_TS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
@@ -56,7 +56,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -86,7 +86,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -98,7 +98,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -116,7 +116,7 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
@@ -146,13 +146,13 @@ function run_test() {
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), 0, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient);
security/manager/ssl/tests/unit/test_cert_eku/generate.py
+4 -4
View File
@@ -81,7 +81,7 @@ def gen_int_js_output(int_string):
# usage (the second of which is deprecated but currently supported for
# compatibility purposes).
if ("NONE" in int_string or "SA" in int_string or "NS" in int_string):
expectedResult = "0"
expectedResult = "PRErrorCodeSuccess"
return (" checkCertErrorGeneric(certdb, load_cert('" + int_string +
"', ',,'), " + expectedResult + ", certificateUsageSSLCA);\n")
@@ -123,7 +123,7 @@ def gen_ee_js_output(int_string, ee_string, cert_usage, ee_name):
if not has_compatible_eku(int_string, usage_abbreviation):
return single_test_output(ee_name, cert_usage,
"SEC_ERROR_INADEQUATE_CERT_TYPE")
return single_test_output(ee_name, cert_usage, "0")
return single_test_output(ee_name, cert_usage, "PRErrorCodeSuccess")
# If the usage isn't Status Responder, if the end-entity certificate has
# the OCSP Signing usage in its EKU, it is not valid for any other usage.
@@ -142,7 +142,7 @@ def gen_ee_js_output(int_string, ee_string, cert_usage, ee_name):
"NS" not in int_string):
return single_test_output(ee_name, cert_usage,
"SEC_ERROR_INADEQUATE_CERT_TYPE")
return single_test_output(ee_name, cert_usage, "0")
return single_test_output(ee_name, cert_usage, "PRErrorCodeSuccess")
if not has_compatible_eku(ee_string, usage_abbreviation):
return single_test_output(ee_name, cert_usage,
@@ -151,7 +151,7 @@ def gen_ee_js_output(int_string, ee_string, cert_usage, ee_name):
return single_test_output(ee_name, cert_usage,
"SEC_ERROR_INADEQUATE_CERT_TYPE")
return single_test_output(ee_name, cert_usage, "0")
return single_test_output(ee_name, cert_usage, "PRErrorCodeSuccess")
def generate_test_eku():
outmap = { "NONE" : ""}
security/manager/ssl/tests/unit/test_cert_overrides.js
+25 -29
View File
@@ -15,7 +15,7 @@ do_get_profile();
function add_non_overridable_test(aHost, aExpectedError) {
add_connection_test(
aHost, getXPCOMStatusFromNSS(aExpectedError), null,
aHost, aExpectedError, null,
function (securityInfo) {
// bug 754369 - no SSLStatus probably means this is a non-overridable
// error, which is what we're testing (although it would be best to test
@@ -44,44 +44,41 @@ function run_test() {
function add_simple_tests() {
add_cert_override_test("expired.example.com",
Ci.nsICertOverrideService.ERROR_TIME,
getXPCOMStatusFromNSS(SEC_ERROR_EXPIRED_CERTIFICATE));
SEC_ERROR_EXPIRED_CERTIFICATE);
add_cert_override_test("notyetvalid.example.com",
Ci.nsICertOverrideService.ERROR_TIME,
getXPCOMStatusFromNSS(
MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE));
MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE);
add_cert_override_test("before-epoch.example.com",
Ci.nsICertOverrideService.ERROR_TIME,
getXPCOMStatusFromNSS(SEC_ERROR_INVALID_TIME));
SEC_ERROR_INVALID_TIME);
add_cert_override_test("selfsigned.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(SEC_ERROR_UNKNOWN_ISSUER));
SEC_ERROR_UNKNOWN_ISSUER);
add_cert_override_test("unknownissuer.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(SEC_ERROR_UNKNOWN_ISSUER));
SEC_ERROR_UNKNOWN_ISSUER);
add_cert_override_test("expiredissuer.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE));
SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE);
add_cert_override_test("notyetvalidissuer.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(
MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE));
MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE);
add_cert_override_test("before-epoch-issuer.example.com",
Ci.nsICertOverrideService.ERROR_TIME,
getXPCOMStatusFromNSS(SEC_ERROR_INVALID_TIME));
SEC_ERROR_INVALID_TIME);
add_cert_override_test("md5signature.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(
SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED));
SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED);
add_cert_override_test("mismatch.example.com",
Ci.nsICertOverrideService.ERROR_MISMATCH,
getXPCOMStatusFromNSS(SSL_ERROR_BAD_CERT_DOMAIN));
SSL_ERROR_BAD_CERT_DOMAIN);
// A Microsoft IIS utility generates self-signed certificates with
// properties similar to the one this "host" will present (see
// tlsserver/generate_certs.sh).
add_cert_override_test("selfsigned-inadequateEKU.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(SEC_ERROR_UNKNOWN_ISSUER));
SEC_ERROR_UNKNOWN_ISSUER);
add_non_overridable_test("inadequatekeyusage.example.com",
SEC_ERROR_INADEQUATE_KEY_USAGE);
@@ -107,17 +104,17 @@ function add_simple_tests() {
// is a scenario in which an override is allowed.
add_cert_override_test("self-signed-end-entity-with-cA-true.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(SEC_ERROR_UNKNOWN_ISSUER));
SEC_ERROR_UNKNOWN_ISSUER);
add_cert_override_test("ca-used-as-end-entity.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY));
MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY);
// If an X.509 version 1 certificate is not a trust anchor, we will
// encounter an overridable error.
add_cert_override_test("end-entity-issued-by-v1-cert.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA));
MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA);
// If we make that certificate a trust anchor, the connection will succeed.
add_test(function() {
let certOverrideService = Cc["@mozilla.org/security/certoverride;1"]
@@ -128,7 +125,8 @@ function add_simple_tests() {
clearSessionCache();
run_next_test();
});
add_connection_test("end-entity-issued-by-v1-cert.example.com", Cr.NS_OK);
add_connection_test("end-entity-issued-by-v1-cert.example.com",
PRErrorCodeSuccess);
// Reset the trust for that certificate.
add_test(function() {
let v1Cert = constructCertFromFile("tlsserver/v1Cert.der");
@@ -141,7 +139,7 @@ function add_simple_tests() {
// certificates that are not valid CAs.
add_cert_override_test("end-entity-issued-by-non-CA.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(SEC_ERROR_CA_CERT_INVALID));
SEC_ERROR_CA_CERT_INVALID);
// This host presents a 1008-bit RSA key. NSS determines this key is too
// small and terminates the connection. The error is not overridable.
@@ -153,40 +151,38 @@ function add_combo_tests() {
add_cert_override_test("mismatch-expired.example.com",
Ci.nsICertOverrideService.ERROR_MISMATCH |
Ci.nsICertOverrideService.ERROR_TIME,
getXPCOMStatusFromNSS(SSL_ERROR_BAD_CERT_DOMAIN));
add_cert_override_test("mismatch-notYetValid.example.com",
Ci.nsICertOverrideService.ERROR_MISMATCH |
Ci.nsICertOverrideService.ERROR_TIME,
getXPCOMStatusFromNSS(SSL_ERROR_BAD_CERT_DOMAIN));
SSL_ERROR_BAD_CERT_DOMAIN);
add_cert_override_test("mismatch-untrusted.example.com",
Ci.nsICertOverrideService.ERROR_MISMATCH |
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(SEC_ERROR_UNKNOWN_ISSUER));
SEC_ERROR_UNKNOWN_ISSUER);
add_cert_override_test("untrusted-expired.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED |
Ci.nsICertOverrideService.ERROR_TIME,
getXPCOMStatusFromNSS(SEC_ERROR_UNKNOWN_ISSUER));
SEC_ERROR_UNKNOWN_ISSUER);
add_cert_override_test("mismatch-untrusted-expired.example.com",
Ci.nsICertOverrideService.ERROR_MISMATCH |
Ci.nsICertOverrideService.ERROR_UNTRUSTED |
Ci.nsICertOverrideService.ERROR_TIME,
getXPCOMStatusFromNSS(SEC_ERROR_UNKNOWN_ISSUER));
SEC_ERROR_UNKNOWN_ISSUER);
add_cert_override_test("md5signature-expired.example.com",
Ci.nsICertOverrideService.ERROR_UNTRUSTED |
Ci.nsICertOverrideService.ERROR_TIME,
getXPCOMStatusFromNSS(
SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED));
SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED);
add_cert_override_test("ca-used-as-end-entity-name-mismatch.example.com",
Ci.nsICertOverrideService.ERROR_MISMATCH |
Ci.nsICertOverrideService.ERROR_UNTRUSTED,
getXPCOMStatusFromNSS(MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY));
MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY);
}
function add_distrust_tests() {
// Before we specifically distrust this certificate, it should be trusted.
add_connection_test("untrusted.example.com", Cr.NS_OK);
add_connection_test("untrusted.example.com", PRErrorCodeSuccess);
add_distrust_test("tlsserver/default-ee.der", "untrusted.example.com",
SEC_ERROR_UNTRUSTED_CERT);

Some files were not shown because too many files have changed in this diff Show More