| Soares Chen | 73f572e | 2017-06-01 17:23:56 | [diff] [blame] | 1 | <!doctype html> |
| 2 | <meta charset="utf-8"> |
| 3 | <title>Test RTCPeerConnection.generateCertificate</title> |
| 4 | <script src="/resources/testharness.js"></script> |
| 5 | <script src="/resources/testharnessreport.js"></script> |
| 6 | <script> |
| 7 | 'use strict'; |
| 8 | |
| 9 | // Test is based on the following editor draft: |
| 10 | // https://w3c.github.io/webrtc-pc/archives/20170515/webrtc.html |
| 11 | |
| 12 | /* |
| 13 | * 4.10. Certificate Management |
| 14 | * partial interface RTCPeerConnection { |
| 15 | * static Promise<RTCCertificate> generateCertificate( |
| 16 | * AlgorithmIdentifier keygenAlgorithm); |
| 17 | * }; |
| 18 | * |
| 19 | * 4.10.2. RTCCertificate Interface |
| 20 | * interface RTCCertificate { |
| 21 | * readonly attribute DOMTimeStamp expires; |
| 22 | * ... |
| 23 | * }; |
| 24 | * |
| 25 | * [WebCrypto] |
| 26 | * 11. Algorithm Dictionary |
| 27 | * typedef (object or DOMString) AlgorithmIdentifier; |
| 28 | */ |
| 29 | |
| 30 | /* |
| 31 | * 4.10. The following values must be supported by a user agent: |
| 32 | * { name: "RSASSA-PKCS1-v1_5", modulusLength: 2048, |
| 33 | * publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-256" }, |
| 34 | * and { name: "ECDSA", namedCurve: "P-256" }. |
| 35 | */ |
| 36 | promise_test(t => |
| 37 | RTCPeerConnection.generateCertificate({ |
| 38 | name: 'RSASSA-PKCS1-v1_5', |
| 39 | modulusLength: 2048, |
| 40 | publicExponent: new Uint8Array([1, 0, 1]), |
| 41 | hash: 'SHA-256' |
| 42 | }).then(cert => { |
| 43 | assert_true(cert instanceof RTCCertificate, |
| 44 | 'Expect cert to be instance of RTCCertificate'); |
| 45 | |
| 46 | assert_greater_than(cert.expires, Date.now(), |
| 47 | 'Expect generated certificate to expire reasonably long after current time'); |
| 48 | }), |
| 49 | 'generateCertificate() with compulsary RSASSA-PKCS1-v1_5 parameters should succeed'); |
| 50 | |
| 51 | promise_test(t => |
| 52 | RTCPeerConnection.generateCertificate({ |
| 53 | name: 'ECDSA', |
| 54 | namedCurve: 'P-256' |
| 55 | }).then(cert => { |
| 56 | assert_true(cert instanceof RTCCertificate, |
| 57 | 'Expect cert to be instance of RTCCertificate'); |
| 58 | |
| 59 | assert_greater_than(cert.expires, Date.now(), |
| 60 | 'Expect generated certificate to expire reasonably long after current time'); |
| 61 | }), |
| 62 | 'generateCertificate() with compulsary ECDSA parameters should succeed'); |
| 63 | |
| 64 | /* |
| 65 | * 4.10. A user agent must reject a call to generateCertificate() with a |
| 66 | * DOMException of type NotSupportedError if the keygenAlgorithm |
| 67 | * parameter identifies an algorithm that the user agent cannot or |
| 68 | * will not use to generate a certificate for RTCPeerConnection. |
| 69 | */ |
| 70 | promise_test(t => |
| 71 | promise_rejects(t, 'NotSupportedError', |
| 72 | RTCPeerConnection.generateCertificate('invalid-algo')), |
| 73 | 'generateCertificate() with invalid string algorithm should reject with NotSupportedError'); |
| 74 | |
| 75 | promise_test(t => |
| 76 | promise_rejects(t, 'NotSupportedError', |
| 77 | RTCPeerConnection.generateCertificate({ |
| 78 | name: 'invalid-algo' |
| 79 | })), |
| 80 | 'generateCertificate() with invalid algorithm dict should reject with NotSupportedError'); |
| 81 | |
| 82 | /* |
| 83 | * 4.10.1. Dictionary RTCCertificateExpiration |
| 84 | * dictionary RTCCertificateExpiration { |
| 85 | * [EnforceRange] |
| 86 | * DOMTimeStamp expires; |
| 87 | * }; |
| 88 | * |
| 89 | * If this parameter is present it indicates the maximum time that |
| 90 | * the RTCCertificate is valid for relative to the current time. |
| 91 | * |
| 92 | * When generateCertificate is called with an object argument, |
| 93 | * the user agent attempts to convert the object into a |
| 94 | * RTCCertificateExpiration. If this is unsuccessful, immediately |
| 95 | * return a promise that is rejected with a newly created TypeError |
| 96 | * and abort processing. |
| 97 | */ |
| 98 | |
| 99 | promise_test(t => { |
| 100 | const start = Date.now(); |
| 101 | return RTCPeerConnection.generateCertificate({ |
| 102 | name: 'ECDSA', |
| 103 | namedCurve: 'P-256', |
| 104 | expires: 2000 |
| 105 | }).then(cert => { |
| 106 | assert_approx_equals(cert.expires, start+2000, 1000); |
| 107 | }) |
| 108 | }, 'generateCertificate() with valid expires parameter should succeed'); |
| 109 | |
| 110 | promise_test(t => { |
| 111 | return RTCPeerConnection.generateCertificate({ |
| 112 | name: 'ECDSA', |
| 113 | namedCurve: 'P-256', |
| 114 | expires: 0 |
| 115 | }).then(cert => { |
| 116 | assert_less_than_equal(cert.expires, Date.now()); |
| 117 | }) |
| 118 | }, 'generateCertificate() with 0 expires parameter should generate expired cert'); |
| 119 | |
| 120 | promise_test(t => { |
| 121 | return promise_rejects(t, new TypeError(), |
| 122 | RTCPeerConnection.generateCertificate({ |
| 123 | name: 'ECDSA', |
| 124 | namedCurve: 'P-256', |
| 125 | expires: -1 |
| 126 | })) |
| 127 | }, 'generateCertificate() with invalid range for expires should reject with TypeError'); |
| 128 | |
| 129 | promise_test(t => { |
| 130 | return promise_rejects(t, new TypeError(), |
| 131 | RTCPeerConnection.generateCertificate({ |
| 132 | name: 'ECDSA', |
| 133 | namedCurve: 'P-256', |
| 134 | expires: 'invalid' |
| 135 | })) |
| 136 | }, 'generateCertificate() with invalid type for expires should reject with TypeError'); |
| 137 | |
| 138 | </script> |
