| Quellcodebibliothek Statistik Leitseite products/Sources/formale Sprachen/C/Firefox/dom/webauthn/tests/ (Browser von der Mozilla Stiftung Version 136.0.1©) Datei vom 10.2.2025 mit Größe 17 kB |
|
Quelle test_webauthn_make_credential.html Sprache: HTML |
|||||||||||||||||
<!DOCTYPE html> <meta charset=utf-8> <head> <title>Test for MakeCredential for W3C Web Authentication</title> <script src="/tests/SimpleTest/SimpleTest.js"></script> <script type="text/javascript" src="u2futil.js"></script> <script type="text/javascript" src="pkijs/common.js"></script> <script type="text/javascript" src="pkijs/asn1.js"></script> <script type="text/javascript" src="pkijs/x509_schema.js"></script> <script type="text/javascript" src="pkijs/x509_simpl.js"></script> <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> </head> <body> <h1>Test for MakeCredential for W3C Web Authentication</h1> <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1309284">Mozil <script class="testbody" type="text/javascript"> "use strict"; add_task(async () => { await addVirtualAuthenticator(); }); is(navigator.authentication, undefined, "navigator.authentication does not exist a isnot(navigator.credentials, undefined, "Credential Management API endpoint must e isnot(navigator.credentials.create, undefined, "CredentialManagement create API en isnot(navigator.credentials.get, undefined, "CredentialManagement get API endpoint let credm; let gCredentialChallenge; let rp; let user; let param; let unsupportedParam; let unknownParam; // Setup test env add_task(() => { gCredentialChallenge = new Uint8Array(16); window.crypto.getRandomValues(gCredentialChallenge); rp = {id: document.domain, name: "none"}; user = {id: new Uint8Array(64), name: "none", displayName: "none"}; param = {type: "public-key", alg: cose_alg_ECDSA_w_SHA256}; unsupportedParam = {type: "public-key", alg: cose_alg_ECDSA_w_SHA512}; unknownParam = {type: "SimplePassword", alg: "MaxLength=2"}; credm = navigator.credentials; }); // Add tests add_task(test_good_call); add_task(test_empty_account); add_task(test_without_rp_name); add_task(test_without_user_id); add_task(test_without_user_name); add_task(test_without_user_displayname); add_task(test_user_too_large); add_task(test_empty_parameters); add_task(test_without_parameters); add_task(test_unsupported_parameter); add_task(test_unsupported_but_one_param); add_task(test_one_unknown_parameter); add_task(test_one_unknown_one_unsupported_param); add_task(test_one_of_each_parameters); add_task(test_without_challenge); add_task(test_invalid_challenge); add_task(test_duplicate_pub_key); add_task(test_invalid_rp_id); add_task(test_invalid_rp_id_2); add_task(test_missing_rp); add_task(test_incorrect_user_id_type); add_task(test_missing_user); add_task(test_complete_account); add_task(test_too_large_user_id); add_task(test_excluding_unknown_transports); add_task(test_unknown_attestation_type); add_task(test_unknown_selection_criteria); add_task(test_no_unexpected_extensions); add_task(test_cred_props_with_rk_required); add_task(test_cred_props_with_rk_discouraged); function arrivingHereIsGood(aResult) { ok(true, "Good result! Received a: " + aResult); return Promise.resolve(); } function arrivingHereIsBad(aResult) { ok(false, "Bad result! Received a: " + aResult); return Promise.resolve(); } function expectNotAllowedError(aResult) { ok(aResult.toString().startsWith("NotAllowedError"), "Expecting a NotAllowedError return Promise.resolve(); } function expectTypeError(aResult) { ok(aResult.toString().startsWith("TypeError"), "Expecting a TypeError"); return Promise.resolve(); } function expectNotSupportedError(aResult) { ok(aResult.toString().startsWith("NotSupportedError"), "Expecting a NotSupportedE return Promise.resolve(); } // Test basic good call async function test_good_call() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsGood) .catch(arrivingHereIsBad); } // Test empty account async function test_empty_account() { let makeCredentialOptions = { challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test without rp.name async function test_without_rp_name() { let rp1 = {id: document.domain}; let makeCredentialOptions = { rp: rp1, user, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test without user.id async function test_without_user_id() { let user1 = {name: "none", displayName: "none"}; let makeCredentialOptions = { rp, user: user1, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test without user.name async function test_without_user_name() { let user1 = {id: new Uint8Array(64), displayName: "none"}; let makeCredentialOptions = { rp, user: user1, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test without user.displayName async function test_without_user_displayname() { let user1 = {id: new Uint8Array(64), name: "none"}; let makeCredentialOptions = { rp, user: user1, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test with a user handle that exceeds the max length async function test_user_too_large() { let user1 = {id: new Uint8Array(65), name: "none", displayName: "none"}; let makeCredentialOptions = { rp, user: user1, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test without any parameters; this is acceptable meaning the RP ID is // happy to accept either ECDSA-SHA256 or RSA-SHA256 async function test_empty_parameters() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsGood) .catch(arrivingHereIsBad); } // Test without a parameter array at all async function test_without_parameters() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test with an unsupported parameter // The result depends on the tokens that are available, so we // expect a NotAllowedError so as not to leak this. async function test_unsupported_parameter() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [unsupportedParam] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectNotAllowedError); } // Test with an unsupported parameter and a good one async function test_unsupported_but_one_param() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param, unsupportedParam] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsGood) .catch(arrivingHereIsBad); } // Test with one unknown (not "public-key") parameter. async function test_one_unknown_parameter() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [unknownParam] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectNotSupportedError); } // Test with an unsupported parameter, and an unknown one // The result depends on the tokens that are available, so we // expect a NotAllowedError so as not to leak this. async function test_one_unknown_one_unsupported_param() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [unsupportedParam, unknownParam] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectNotAllowedError); } // Test with an unsupported parameter, an unknown one, and a good one. This // should succeed, as the unsupported and unknown should be ignored. async function test_one_of_each_parameters() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param, unsupportedParam, unknownParam] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsGood) .catch(arrivingHereIsBad); } // Test without a challenge async function test_without_challenge() { let makeCredentialOptions = { rp, user, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test with an invalid challenge async function test_invalid_challenge() { let makeCredentialOptions = { rp, user, challenge: "begone, thou ill-fitting moist glove!", pubKeyCredParams: [unsupportedParam] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test with duplicate pubKeyCredParams async function test_duplicate_pub_key() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param, param, param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsGood) .catch(arrivingHereIsBad); } // Test with an RP ID that is not a valid domain string async function test_invalid_rp_id() { let rp1 = { id: document.domain + ":somejunk", name: "none"}; let makeCredentialOptions = { rp: rp1, user, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(arrivingHereIsGood); } // Test with another RP ID that is not a valid domain string async function test_invalid_rp_id_2() { let rp1 = { id: document.domain + ":8888", name: "none"}; let makeCredentialOptions = { rp: rp1, user, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(arrivingHereIsGood); } // Test with missing rp async function test_missing_rp() { let makeCredentialOptions = { user, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test with incorrect user ID type async function test_incorrect_user_id_type() { let invalidType = {id: "a string, which is not a buffer", name: "none", displayName: "no let makeCredentialOptions = { user: invalidType, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test with missing user async function test_missing_user() { let makeCredentialOptions = { rp, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test a complete account async function test_complete_account() { // the icon fields are deprecated, but including them should not cause an error let completeRP = {id: document.domain, name: "Foxxy Name", icon: "https://example.com/fox.svg"}; let completeUser = {id: string2buffer("foxes_are_the_best@example.com"), name: "Fox F. Foxington", icon: "https://example.com/fox.svg", displayName: "Foxxy V"}; let makeCredentialOptions = { rp: completeRP, user: completeUser, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsGood) .catch(arrivingHereIsBad); } // Test with too-large user ID buffer async function test_too_large_user_id() { let hugeUser = {id: new Uint8Array(65), name: "Fox F. Foxington", displayName: "Foxxy V"}; let makeCredentialOptions = { rp, user: hugeUser, challenge: gCredentialChallenge, pubKeyCredParams: [param] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsBad) .catch(expectTypeError); } // Test with excluding unknown transports async function test_excluding_unknown_transports() { let completeRP = {id: document.domain, name: "Foxxy Name"}; let completeUser = {id: string2buffer("foxes_are_the_best@example.com"), name: "Fox F. Foxington", displayName: "Foxxy V"}; let excludedUnknownTransport = {type: "public-key", id: string2buffer("123"), transports: ["unknown", "usb"]}; let makeCredentialOptions = { rp: completeRP, user: completeUser, challenge: gCredentialChallenge, pubKeyCredParams: [param], excludeCredentials: [excludedUnknownTransport] }; return credm.create({publicKey: makeCredentialOptions}) .then(arrivingHereIsGood) .catch(arrivingHereIsBad); } async function test_unknown_attestation_type() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param], attestation: "unknown" }; return credm.create({publicKey: makeCredentialOptions }) .then(arrivingHereIsGood) .catch(arrivingHereIsBad); } async function test_unknown_selection_criteria() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param], authenticatorSelection: { userVerificationRequirement: "unknown UV requirement", authenticatorAttachment: "unknown authenticator attachment type" }, }; return credm.create({publicKey: makeCredentialOptions }) .then(arrivingHereIsGood) .catch(arrivingHereIsBad); } async function test_no_unexpected_extensions() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param], }; let cred = await credm.create({publicKey: makeCredentialOptions}).catch(arrivingHereI let extensionResults = cred.getClientExtensionResults(); is(extensionResults.credProps, undefined, "no credProps output"); } async function test_cred_props_with_rk_required() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param], authenticatorSelection: { authenticatorAttachment: "cross-platform", residentKey: "required", }, extensions: { credProps: true } }; let cred = await credm.create({publicKey: makeCredentialOptions}).catch(arrivingHereI let extensionResults = cred.getClientExtensionResults(); is(extensionResults.credProps?.rk, true, "rk is true"); } async function test_cred_props_with_rk_discouraged() { let makeCredentialOptions = { rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param], authenticatorSelection: { authenticatorAttachment: "cross-platform", residentKey: "discouraged", }, extensions: { credProps: true } }; let cred = await credm.create({publicKey: makeCredentialOptions}).catch(arrivingHereI let extensionResults = cred.getClientExtensionResults(); is(extensionResults.credProps?.rk, false, "rk is false"); } </script> </body> </html>
¤ Dauer der Verarbeitung: 0.5 Sekunden ¤*© Formatika GbR, Deutschland |
|
||||||||||||||||
2026-04-04