Skip to main content

Browse the archive

https://github.com/web-platform-tests/wpt
26 December 2018, 22:31:15 UTC
Raw File
Tip revision: 593dea5f1b8e9d90bbcc20adcafe370e8f0b0564 authored by James Graham on 12 April 2018, 12:48:29 UTC
Use version-specific prefs files when running Firefox
Tip revision: 593dea5
RTCPeerConnection-generateCertificate.html 
<!doctype html>
<meta charset="utf-8">
<title>Test RTCPeerConnection.generateCertificate</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script>
  'use strict';

  // Test is based on the following editor draft:
  // https://w3c.github.io/webrtc-pc/archives/20170515/webrtc.html

  /*
   *  4.10. Certificate Management
   *    partial interface RTCPeerConnection {
   *      static Promise<RTCCertificate> generateCertificate(
   *        AlgorithmIdentifier keygenAlgorithm);
   *    };
   *
   *  4.10.2. RTCCertificate Interface
   *    interface RTCCertificate {
   *      readonly attribute DOMTimeStamp expires;
   *      ...
   *    };
   *
   *  [WebCrypto]
   *  11. Algorithm Dictionary
   *    typedef (object or DOMString) AlgorithmIdentifier;
   */

  /*
   *  4.10. The following values must be supported by a user agent:
   *        { name: "RSASSA-PKCS1-v1_5", modulusLength: 2048,
   *          publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-256" },
   *        and { name: "ECDSA", namedCurve: "P-256" }.
   */
  promise_test(t =>
    RTCPeerConnection.generateCertificate({
      name: 'RSASSA-PKCS1-v1_5',
      modulusLength: 2048,
      publicExponent: new Uint8Array([1, 0, 1]),
      hash: 'SHA-256'
    }).then(cert => {
      assert_true(cert instanceof RTCCertificate,
        'Expect cert to be instance of RTCCertificate');

      assert_greater_than(cert.expires, Date.now(),
        'Expect generated certificate to expire reasonably long after current time');
    }),
    'generateCertificate() with compulsary RSASSA-PKCS1-v1_5 parameters should succeed');

  promise_test(t =>
    RTCPeerConnection.generateCertificate({
      name: 'ECDSA',
      namedCurve: 'P-256'
    }).then(cert => {
      assert_true(cert instanceof RTCCertificate,
        'Expect cert to be instance of RTCCertificate');

      assert_greater_than(cert.expires, Date.now(),
        'Expect generated certificate to expire reasonably long after current time');
    }),
    'generateCertificate() with compulsary ECDSA parameters should succeed');

  /*
   *  4.10. A user agent must reject a call to generateCertificate() with a
   *        DOMException of type NotSupportedError if the keygenAlgorithm
   *        parameter identifies an algorithm that the user agent cannot or
   *        will not use to generate a certificate for RTCPeerConnection.
   */
  promise_test(t =>
    promise_rejects(t, 'NotSupportedError',
      RTCPeerConnection.generateCertificate('invalid-algo')),
    'generateCertificate() with invalid string algorithm should reject with NotSupportedError');

  promise_test(t =>
    promise_rejects(t, 'NotSupportedError',
      RTCPeerConnection.generateCertificate({
        name: 'invalid-algo'
      })),
    'generateCertificate() with invalid algorithm dict should reject with NotSupportedError');

  /*
   *  4.10.1. Dictionary RTCCertificateExpiration
   *    dictionary RTCCertificateExpiration {
   *      [EnforceRange]
   *      DOMTimeStamp expires;
   *    };
   *
   *    If this parameter is present it indicates the maximum time that
   *    the RTCCertificate is valid for relative to the current time.
   *
   *    When generateCertificate is called with an object argument,
   *    the user agent attempts to convert the object into a
   *    RTCCertificateExpiration. If this is unsuccessful, immediately
   *    return a promise that is rejected with a newly created TypeError
   *    and abort processing.
   */

  promise_test(t => {
    const start = Date.now();
    return RTCPeerConnection.generateCertificate({
      name: 'ECDSA',
      namedCurve: 'P-256',
      expires: 2000
    }).then(cert => {
      assert_approx_equals(cert.expires, start+2000, 1000);
    })
  }, 'generateCertificate() with valid expires parameter should succeed');

  promise_test(t => {
    return RTCPeerConnection.generateCertificate({
      name: 'ECDSA',
      namedCurve: 'P-256',
      expires: 0
    }).then(cert => {
      assert_less_than_equal(cert.expires, Date.now());
    })
  }, 'generateCertificate() with 0 expires parameter should generate expired cert');

  promise_test(t => {
    return promise_rejects(t, new TypeError(),
      RTCPeerConnection.generateCertificate({
        name: 'ECDSA',
        namedCurve: 'P-256',
        expires: -1
      }))
  }, 'generateCertificate() with invalid range for expires should reject with TypeError');

  promise_test(t => {
    return promise_rejects(t, new TypeError(),
      RTCPeerConnection.generateCertificate({
        name: 'ECDSA',
        namedCurve: 'P-256',
        expires: 'invalid'
      }))
  }, 'generateCertificate() with invalid type for expires should reject with TypeError');

</script>
back to top