DXR is a code search and navigation tool aimed at making sense of large projects. It supports full-text and regex searches as well as structural queries.

Mercurial (c68fe15a81fc)

VCS Links

Line Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138
<!doctype html>
<meta charset="utf-8">
<title>Test RTCPeerConnection.generateCertificate</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script>
  'use strict';

  // Test is based on the following editor draft:
  // https://w3c.github.io/webrtc-pc/archives/20170515/webrtc.html

  /*
   *  4.10. Certificate Management
   *    partial interface RTCPeerConnection {
   *      static Promise<RTCCertificate> generateCertificate(
   *        AlgorithmIdentifier keygenAlgorithm);
   *    };
   *
   *  4.10.2. RTCCertificate Interface
   *    interface RTCCertificate {
   *      readonly attribute DOMTimeStamp expires;
   *      ...
   *    };
   *
   *  [WebCrypto]
   *  11. Algorithm Dictionary
   *    typedef (object or DOMString) AlgorithmIdentifier;
   */

  /*
   *  4.10. The following values must be supported by a user agent:
   *        { name: "RSASSA-PKCS1-v1_5", modulusLength: 2048,
   *          publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-256" },
   *        and { name: "ECDSA", namedCurve: "P-256" }.
   */
  promise_test(t =>
    RTCPeerConnection.generateCertificate({
      name: 'RSASSA-PKCS1-v1_5',
      modulusLength: 2048,
      publicExponent: new Uint8Array([1, 0, 1]),
      hash: 'SHA-256'
    }).then(cert => {
      assert_true(cert instanceof RTCCertificate,
        'Expect cert to be instance of RTCCertificate');

      assert_greater_than(cert.expires, Date.now(),
        'Expect generated certificate to expire reasonably long after current time');
    }),
    'generateCertificate() with compulsary RSASSA-PKCS1-v1_5 parameters should succeed');

  promise_test(t =>
    RTCPeerConnection.generateCertificate({
      name: 'ECDSA',
      namedCurve: 'P-256'
    }).then(cert => {
      assert_true(cert instanceof RTCCertificate,
        'Expect cert to be instance of RTCCertificate');

      assert_greater_than(cert.expires, Date.now(),
        'Expect generated certificate to expire reasonably long after current time');
    }),
    'generateCertificate() with compulsary ECDSA parameters should succeed');

  /*
   *  4.10. A user agent must reject a call to generateCertificate() with a
   *        DOMException of type NotSupportedError if the keygenAlgorithm
   *        parameter identifies an algorithm that the user agent cannot or
   *        will not use to generate a certificate for RTCPeerConnection.
   */
  promise_test(t =>
    promise_rejects_dom(t, 'NotSupportedError',
      RTCPeerConnection.generateCertificate('invalid-algo')),
    'generateCertificate() with invalid string algorithm should reject with NotSupportedError');

  promise_test(t =>
    promise_rejects_dom(t, 'NotSupportedError',
      RTCPeerConnection.generateCertificate({
        name: 'invalid-algo'
      })),
    'generateCertificate() with invalid algorithm dict should reject with NotSupportedError');

  /*
   *  4.10.1. Dictionary RTCCertificateExpiration
   *    dictionary RTCCertificateExpiration {
   *      [EnforceRange]
   *      DOMTimeStamp expires;
   *    };
   *
   *    If this parameter is present it indicates the maximum time that
   *    the RTCCertificate is valid for relative to the current time.
   *
   *    When generateCertificate is called with an object argument,
   *    the user agent attempts to convert the object into a
   *    RTCCertificateExpiration. If this is unsuccessful, immediately
   *    return a promise that is rejected with a newly created TypeError
   *    and abort processing.
   */

  promise_test(t => {
    const start = Date.now();
    return RTCPeerConnection.generateCertificate({
      name: 'ECDSA',
      namedCurve: 'P-256',
      expires: 2000
    }).then(cert => {
      assert_approx_equals(cert.expires, start+2000, 1000);
    })
  }, 'generateCertificate() with valid expires parameter should succeed');

  promise_test(t => {
    return RTCPeerConnection.generateCertificate({
      name: 'ECDSA',
      namedCurve: 'P-256',
      expires: 0
    }).then(cert => {
      assert_less_than_equal(cert.expires, Date.now());
    })
  }, 'generateCertificate() with 0 expires parameter should generate expired cert');

  promise_test(t => {
    return promise_rejects_js(t, TypeError,
      RTCPeerConnection.generateCertificate({
        name: 'ECDSA',
        namedCurve: 'P-256',
        expires: -1
      }))
  }, 'generateCertificate() with invalid range for expires should reject with TypeError');

  promise_test(t => {
    return promise_rejects_js(t, TypeError,
      RTCPeerConnection.generateCertificate({
        name: 'ECDSA',
        namedCurve: 'P-256',
        expires: 'invalid'
      }))
  }, 'generateCertificate() with invalid type for expires should reject with TypeError');

</script>