--- a/security/manager/.eslintrc.js
+++ b/security/manager/.eslintrc.js
@@ -1,36 +1,24 @@
"use strict";
-module.exports = { // eslint-disable-line no-undef
+module.exports = {
+ "extends": [
+ "../../toolkit/.eslintrc.js"
+ ],
"rules": {
// Enforce return statements in callbacks of array methods.
"array-callback-return": "error",
// Braces only needed for multi-line arrow function blocks
"arrow-body-style": ["error", "as-needed"],
- // Require spacing around =>
- "arrow-spacing": "error",
-
- // Always require spacing around a single line block
- "block-spacing": "error",
-
- // No space before always a space after a comma
- "comma-spacing": ["error", {"before": false, "after": true}],
-
// Commas at the end of the line not the start
"comma-style": "error",
- // Don't require spaces around computed properties
- "computed-property-spacing": ["error", "never"],
-
- // Functions must always return something or nothing
- "consistent-return": "error",
-
// Verify calls of super() in constructors.
"constructor-super": "error",
// Require braces around blocks that start a new line
"curly": ["error", "multi-line"],
// Require default case in switch statements.
"default-case": "error",
@@ -45,22 +33,16 @@ module.exports = { // eslint-disable-lin
"func-call-spacing": ["error", "never"],
// Require function* name()
"generator-star-spacing": ["error", {"before": false, "after": true}],
// Space after colon not before in property declarations
"key-spacing": ["error", { "beforeColon": false, "afterColon": true, "mode": "minimum" }],
- // Require spaces around keywords
- "keyword-spacing": "error",
-
- // Unix linebreaks
- "linebreak-style": ["error", "unix"],
-
// Always require parenthesis for new calls
"new-parens": "error",
// Disallow use of alert(), confirm(), and prompt().
"no-alert": "error",
// Use [] instead of Array()
"no-array-constructor": "error",
@@ -70,212 +52,97 @@ module.exports = { // eslint-disable-lin
// Disallow likely erroneous `switch` scoped lexical declarations in
// case/default clauses.
"no-case-declarations": "error",
// Disallow modifying variables of class declarations.
"no-class-assign": "error",
- // Disallow assignment in conditional expressions, except if the assignment
- // is within parentheses.
- "no-cond-assign": ["error", "except-parens"],
-
// Disallow use of the console API.
"no-console": "error",
// Disallow modifying variables that are declared using const.
"no-const-assign": "error",
// Disallow constant expressions in conditions (except for loops).
"no-constant-condition": ["error", { "checkLoops": false }],
// Disallow control characters in regular expressions.
"no-control-regex": "error",
- // Disallow use of debugger
- "no-debugger": "error",
-
- // Disallow deletion of variables (deleting properties is fine though).
- "no-delete-var": "error",
-
- // No duplicate arguments in function declarations
- "no-dupe-args": "error",
-
// Disallow duplicate class members.
"no-dupe-class-members": "error",
- // No duplicate keys in object declarations
- "no-dupe-keys": "error",
-
- // No duplicate cases in switch statements
- "no-duplicate-case": "error",
-
- // If an if block ends with a return no need for an else block
- "no-else-return": "error",
-
- // No empty statements (except for catch blocks).
- "no-empty": ["error", { "allowEmptyCatch": true }],
-
- // No empty character classes in regex
- "no-empty-character-class": "error",
-
- // Disallow empty destructuring
- "no-empty-pattern": "error",
-
// Disallow use of eval().
"no-eval": "error",
- // No assigning to exception variable
- "no-ex-assign": "error",
-
// Disallow extending of native objects.
"no-extend-native": "error",
- // Disallow unnecessary function binding.
- "no-extra-bind": "error",
-
- // No using !! where casting to boolean is already happening
- "no-extra-boolean-cast": "error",
-
- // No double semicolon
- "no-extra-semi": "error",
-
// Disallow case statement fallthrough without explicit `// falls through`
// annotation.
"no-fallthrough": "error",
- // No overwriting defined functions
- "no-func-assign": "error",
-
// No reassigning native JS objects or read only globals.
"no-global-assign": "error",
// Disallow implied eval().
"no-implied-eval": "error",
- // No invalid regular expressions
- "no-invalid-regexp": "error",
-
- // No odd whitespace characters
- "no-irregular-whitespace": "error",
-
- // No labels.
- "no-labels": "error",
-
- // No single if block inside an else block
- "no-lonely-if": "error",
-
- // No unnecessary spacing
- "no-multi-spaces": ["error", { "exceptions": {
- "AssignmentExpression": true,
- "VariableDeclarator": true,
- "ArrayExpression": true,
- "ObjectExpression": true
- }}],
-
- // Nested ternary statements are confusing
- "no-nested-ternary": "error",
-
- // Use {} instead of new Object()
- "no-new-object": "error",
-
// Disallow primitive wrapper instances like `new Boolean(false)`, which
// seem like they should act like primitives but don't.
"no-new-wrappers": "error",
- // No Math() or JSON()
- "no-obj-calls": "error",
-
- // No octal literals
- "no-octal": "error",
-
- // No redeclaring variables
- "no-redeclare": "error",
-
// Disallow use of assignment in return statement.
"no-return-assign": ["error", "always"],
- // Disallow self assignment such as |foo = foo|.
- "no-self-assign": "error",
-
- // No unnecessary comparisons
- "no-self-compare": "error",
-
// Disallow use of the comma operator.
"no-sequences": "error",
- // No declaring variables that hide things like arguments
- "no-shadow-restricted-names": "error",
-
- // Disallow sparse arrays, eg. let arr = [,,"error"].
- "no-sparse-arrays": "error",
-
// Disallow tabs.
"no-tabs": "error",
// Disallow template literal placeholder syntax in regular strings.
"no-template-curly-in-string": "error",
// Disallow use of this/super before calling super() in constructors.
"no-this-before-super": "error",
// Disallow throwing literals (eg. |throw "error"| instead of
// |throw new Error("error")|)
"no-throw-literal": "error",
- // No trailing whitespace
- "no-trailing-spaces": "error",
-
// No using undeclared variables
"no-undef": "error",
- // Error on newline where a semicolon is needed
- "no-unexpected-multiline": "error",
-
// Disallow unmodified loop conditions.
"no-unmodified-loop-condition": "error",
// Disallow ternary operators when simpler alternatives exist.
"no-unneeded-ternary": "error",
- // No unreachable statements
- "no-unreachable": "error",
-
- // Disallow unsafe control flow statements in finally blocks.
- "no-unsafe-finally": "error",
-
// No expressions where a statement is expected
"no-unused-expressions": "error",
// Disallow unnecessary escape usage in strings and regular expressions.
"no-useless-escape": "error",
// Disallow whitespace before properties.
"no-whitespace-before-property": "error",
- // No using with
- "no-with": "error",
-
// Disallow blank line padding within blocks.
"padded-blocks": ["error", "never"],
- // Require double quote strings to be used, except cases where another quote
- // type is used to avoid escaping.
- "quotes": ["error", "double", { "avoidEscape": true }],
-
// Always require semicolon at end of statement
"semi": ["error", "always"],
// Enforce spacing after semicolons.
"semi-spacing": ["error", { "before": false, "after": true }],
- // Require space before blocks
- "space-before-blocks": "error",
-
// Never use spaces before named function parentheses, but always for async
// arrow functions.
"space-before-function-paren": ["error", {
"anonymous": "ignore",
"asyncArrow": "always",
"named": "never",
}],
@@ -286,32 +153,24 @@ module.exports = { // eslint-disable-lin
"space-infix-ops": "error",
// ++ and -- should not need spacing
"space-unary-ops": ["error", { "words": true, "nonwords": false }],
// Require "use strict" to be defined globally in the script.
"strict": ["error", "global"],
- // No comparisons to NaN
- "use-isnan": "error",
-
// Enforce valid JSDoc comments.
"valid-jsdoc": ["error", {
"requireParamDescription": false,
"requireReturn": false,
"requireReturnDescription": false,
}],
- // Only check typeof against valid results
- "valid-typeof": "error",
-
// Disallow Yoda conditions.
"yoda": ["error", "never"],
},
- "env": {
- "browser": true
- },
+
"globals": {
"Components": false,
"dump": false
}
};
--- a/security/manager/pki/resources/content/certManager.js
+++ b/security/manager/pki/resources/content/certManager.js
@@ -52,29 +52,27 @@ var emailTreeView;
var userTreeView;
/**
* Cert tree for the "Other" tab.
* @type nsICertTree
*/
var orphanTreeView;
var smartCardObserver = {
- observe: function() {
+ observe() {
onSmartCardChange();
}
};
-function DeregisterSmartCardObservers()
-{
+function DeregisterSmartCardObservers() {
Services.obs.removeObserver(smartCardObserver, "smartcard-insert");
Services.obs.removeObserver(smartCardObserver, "smartcard-remove");
}
-function LoadCerts()
-{
+function LoadCerts() {
Services.obs.addObserver(smartCardObserver, "smartcard-insert", false);
Services.obs.addObserver(smartCardObserver, "smartcard-remove", false);
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
var certcache = certdb.getCerts();
caTreeView = Components.classes[nsCertTree]
.createInstance(nsICertTree);
@@ -99,24 +97,22 @@ function LoadCerts()
orphanTreeView = Components.classes[nsCertTree]
.createInstance(nsICertTree);
orphanTreeView.loadCertsFromCache(certcache, nsIX509Cert.UNKNOWN_CERT);
document.getElementById("orphan-tree").view = orphanTreeView;
enableBackupAllButton();
}
-function enableBackupAllButton()
-{
+function enableBackupAllButton() {
let backupAllButton = document.getElementById("mine_backupAllButton");
backupAllButton.disabled = userTreeView.rowCount < 1;
}
-function getSelectedCerts()
-{
+function getSelectedCerts() {
var ca_tab = document.getElementById("ca_tab");
var mine_tab = document.getElementById("mine_tab");
var others_tab = document.getElementById("others_tab");
var websites_tab = document.getElementById("websites_tab");
var orphan_tab = document.getElementById("orphan_tab");
var items = null;
if (ca_tab.selected) {
items = caTreeView.selection;
@@ -157,18 +153,17 @@ function getSelectedCerts()
selected_certs[sc] = cert;
selected_index[sc] = j;
}
}
}
}
}
-function getSelectedTreeItems()
-{
+function getSelectedTreeItems() {
var ca_tab = document.getElementById("ca_tab");
var mine_tab = document.getElementById("mine_tab");
var others_tab = document.getElementById("others_tab");
var websites_tab = document.getElementById("websites_tab");
var orphan_tab = document.getElementById("orphan_tab");
var items = null;
if (ca_tab.selected) {
items = caTreeView.selection;
@@ -218,18 +213,17 @@ function getSelectedTreeItems()
/**
* Returns true if nothing in the given cert tree is selected or if the
* selection includes a container. Returns false otherwise.
*
* @param {nsICertTree} certTree
* @returns {Boolean}
*/
-function nothingOrContainerSelected(certTree)
-{
+function nothingOrContainerSelected(certTree) {
var certTreeSelection = certTree.selection;
var numSelectionRanges = certTreeSelection.getRangeCount();
if (numSelectionRanges == 0) {
return true;
}
for (var i = 0; i < numSelectionRanges; i++) {
@@ -251,78 +245,71 @@ function nothingOrContainerSelected(cert
/**
* Enables or disables buttons corresponding to a cert tree depending on what
* is selected in the cert tree.
*
* @param {nsICertTree} certTree
* @param {Array} idList A list of string identifiers for button elements to
* enable or disable.
*/
-function enableButtonsForCertTree(certTree, idList)
-{
+function enableButtonsForCertTree(certTree, idList) {
let disableButtons = nothingOrContainerSelected(certTree);
for (let id of idList) {
document.getElementById(id).setAttribute("disabled", disableButtons);
}
}
-function ca_enableButtons()
-{
+function ca_enableButtons() {
let idList = [
"ca_viewButton",
"ca_editButton",
"ca_exportButton",
"ca_deleteButton",
];
enableButtonsForCertTree(caTreeView, idList);
}
-function mine_enableButtons()
-{
+function mine_enableButtons() {
let idList = [
"mine_viewButton",
"mine_backupButton",
"mine_deleteButton",
];
enableButtonsForCertTree(userTreeView, idList);
}
-function websites_enableButtons()
-{
+function websites_enableButtons() {
let idList = [
"websites_viewButton",
"websites_exportButton",
"websites_deleteButton",
];
enableButtonsForCertTree(serverTreeView, idList);
}
-function email_enableButtons()
-{
+function email_enableButtons() {
let idList = [
"email_viewButton",
"email_exportButton",
"email_deleteButton",
];
enableButtonsForCertTree(emailTreeView, idList);
}
-function orphan_enableButtons()
-{
+function orphan_enableButtons() {
let idList = [
"orphan_viewButton",
"orphan_exportButton",
"orphan_deleteButton",
];
enableButtonsForCertTree(orphanTreeView, idList);
}
-function backupCerts()
-{
+function backupCerts() {
getSelectedCerts();
var numcerts = selected_certs.length;
if (numcerts == 0) {
return;
}
var bundle = document.getElementById("pippki_bundle");
var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
@@ -334,35 +321,32 @@ function backupCerts()
fp.appendFilters(nsIFilePicker.filterAll);
fp.open(rv => {
if (rv == nsIFilePicker.returnOK || rv == nsIFilePicker.returnReplace) {
certdb.exportPKCS12File(fp.file, selected_certs.length, selected_certs);
}
});
}
-function backupAllCerts()
-{
+function backupAllCerts() {
// Select all rows, then call doBackup()
- var items = userTreeView.selection.selectAll();
+ userTreeView.selection.selectAll();
backupCerts();
}
-function editCerts()
-{
+function editCerts() {
getSelectedCerts();
for (let cert of selected_certs) {
window.openDialog("chrome://pippki/content/editcacert.xul", "",
"chrome,centerscreen,modal", cert);
}
}
-function restoreCerts()
-{
+function restoreCerts() {
var bundle = document.getElementById("pippki_bundle");
var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
fp.init(window,
bundle.getString("chooseP12RestoreFileDialog2"),
nsIFilePicker.modeOpen);
fp.appendFilter(bundle.getString("file_browse_PKCS12_spec"),
"*.p12; *.pfx");
fp.appendFilter(bundle.getString("file_browse_Certificate_spec"),
@@ -391,17 +375,17 @@ function restoreCerts()
let dataString = NetUtil.readInputStreamToString(fstream, fstream.available());
let dataArray = [];
for (let i = 0; i < dataString.length; i++) {
dataArray.push(dataString.charCodeAt(i));
}
fstream.close();
let prompter = Services.ww.getNewPrompter(window);
let interfaceRequestor = {
- getInterface: function() {
+ getInterface() {
return prompter;
}
};
certdb.importUserCertificate(dataArray, dataArray.length, interfaceRequestor);
} else {
// Otherwise, assume it's a PKCS12 file and import it that way.
certdb.importPKCS12File(fp.file);
}
@@ -410,18 +394,17 @@ function restoreCerts()
userTreeView.loadCertsFromCache(certcache, nsIX509Cert.USER_CERT);
userTreeView.selection.clearSelection();
caTreeView.loadCertsFromCache(certcache, nsIX509Cert.CA_CERT);
caTreeView.selection.clearSelection();
enableBackupAllButton();
});
}
-function exportCerts()
-{
+function exportCerts() {
getSelectedCerts();
for (let cert of selected_certs) {
exportToFile(window, cert);
}
}
/**
@@ -466,27 +449,25 @@ function deleteCerts() {
selected_index = [];
treeView.selection.clearSelection();
if (selTabID == "mine_tab") {
enableBackupAllButton();
}
}
}
-function viewCerts()
-{
+function viewCerts() {
getSelectedCerts();
for (let cert of selected_certs) {
viewCertHelper(window, cert);
}
}
-function addCACerts()
-{
+function addCACerts() {
var bundle = document.getElementById("pippki_bundle");
var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
fp.init(window,
bundle.getString("importCACertsPrompt"),
nsIFilePicker.modeOpen);
fp.appendFilter(bundle.getString("file_browse_Certificate_spec"),
gCertFileTypes);
fp.appendFilters(nsIFilePicker.filterAll);
@@ -494,35 +475,33 @@ function addCACerts()
if (rv == nsIFilePicker.returnOK) {
certdb.importCertsFromFile(fp.file, nsIX509Cert.CA_CERT);
caTreeView.loadCerts(nsIX509Cert.CA_CERT);
caTreeView.selection.clearSelection();
}
});
}
-function onSmartCardChange()
-{
+function onSmartCardChange() {
var certcache = certdb.getCerts();
// We've change the state of the smart cards inserted or removed
// that means the available certs may have changed. Update the display
userTreeView.loadCertsFromCache(certcache, nsIX509Cert.USER_CERT);
userTreeView.selection.clearSelection();
caTreeView.loadCertsFromCache(certcache, nsIX509Cert.CA_CERT);
caTreeView.selection.clearSelection();
serverTreeView.loadCertsFromCache(certcache, nsIX509Cert.SERVER_CERT);
serverTreeView.selection.clearSelection();
emailTreeView.loadCertsFromCache(certcache, nsIX509Cert.EMAIL_CERT);
emailTreeView.selection.clearSelection();
orphanTreeView.loadCertsFromCache(certcache, nsIX509Cert.UNKNOWN_CERT);
orphanTreeView.selection.clearSelection();
}
-function addEmailCert()
-{
+function addEmailCert() {
var bundle = document.getElementById("pippki_bundle");
var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
fp.init(window,
bundle.getString("importEmailCertPrompt"),
nsIFilePicker.modeOpen);
fp.appendFilter(bundle.getString("file_browse_Certificate_spec"),
gCertFileTypes);
fp.appendFilters(nsIFilePicker.filterAll);
@@ -533,18 +512,17 @@ function addEmailCert()
emailTreeView.loadCertsFromCache(certcache, nsIX509Cert.EMAIL_CERT);
emailTreeView.selection.clearSelection();
caTreeView.loadCertsFromCache(certcache, nsIX509Cert.CA_CERT);
caTreeView.selection.clearSelection();
}
});
}
-function addException()
-{
+function addException() {
window.openDialog("chrome://pippki/content/exceptionDialog.xul", "",
"chrome,centerscreen,modal");
var certcache = certdb.getCerts();
serverTreeView.loadCertsFromCache(certcache, nsIX509Cert.SERVER_CERT);
serverTreeView.selection.clearSelection();
orphanTreeView.loadCertsFromCache(certcache, nsIX509Cert.UNKNOWN_CERT);
orphanTreeView.selection.clearSelection();
}
--- a/security/manager/pki/resources/content/certViewer.js
+++ b/security/manager/pki/resources/content/certViewer.js
@@ -22,61 +22,57 @@ const nsIPK11TokenDB = Ci.nsIPK11TokenDB
const nsIASN1Object = Ci.nsIASN1Object;
const nsIASN1Sequence = Ci.nsIASN1Sequence;
const nsIASN1PrintableItem = Ci.nsIASN1PrintableItem;
const nsIASN1Tree = Ci.nsIASN1Tree;
const nsASN1Tree = "@mozilla.org/security/nsASN1Tree;1";
var bundle;
-function doPrompt(msg)
-{
+function doPrompt(msg) {
let prompts = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].
getService(Components.interfaces.nsIPromptService);
prompts.alert(window, null, msg);
}
/**
* Fills out the "Certificate Hierarchy" tree of the cert viewer "Details" tab.
*
* @param {tree} node
* Parent tree node to append to.
* @param {nsIArray<nsIX509Cert>} chain
* Chain where cert element n is issued by cert element n + 1.
*/
-function AddCertChain(node, chain)
-{
+function AddCertChain(node, chain) {
let child = document.getElementById(node);
for (let i = chain.length - 1; i >= 0; i--) {
let currCert = chain.queryElementAt(i, nsIX509Cert);
let displayValue = currCert.displayName;
let addTwistie = i != 0;
child = addChildrenToTree(child, displayValue, currCert.dbKey, addTwistie);
}
}
/**
* Adds a "verified usage" of a cert to the "General" tab of the cert viewer.
*
* @param {String} usage
* Verified usage to add.
*/
-function AddUsage(usage)
-{
+function AddUsage(usage) {
let verifyInfoBox = document.getElementById("verify_info_box");
let text = document.createElement("textbox");
text.setAttribute("value", usage);
text.setAttribute("style", "margin: 2px 5px");
text.setAttribute("readonly", "true");
text.setAttribute("class", "scrollfield");
verifyInfoBox.appendChild(text);
}
-function setWindowName()
-{
+function setWindowName() {
bundle = document.getElementById("pippki_bundle");
let cert = window.arguments[0].QueryInterface(Ci.nsIX509Cert);
document.title = bundle.getFormattedString("certViewerTitle",
[cert.displayName]);
//
// Set the cert attributes for viewing
@@ -144,17 +140,17 @@ function asyncDetermineUsages(cert) {
let now = Date.now() / 1000;
let certdb = Cc["@mozilla.org/security/x509certdb;1"]
.getService(Ci.nsIX509CertDB);
Object.keys(certificateUsages).forEach(usageString => {
promises.push(new Promise((resolve, reject) => {
let usage = certificateUsages[usageString];
certdb.asyncVerifyCertAtTime(cert, usage, 0, null, now,
(aPRErrorCode, aVerifiedChain, aHasEVPolicy) => {
- resolve({ usageString: usageString, errorCode: aPRErrorCode });
+ resolve({ usageString, errorCode: aPRErrorCode });
});
}));
});
Promise.all(promises).then(displayUsages);
}
/**
* Updates the usage display area given the results from asyncDetermineUsages.
@@ -217,27 +213,25 @@ function displayUsages(results) {
verified.textContent = verifystr;
}
// Notify that we are done determining the certificate's valid usages (this
// should be treated as an implementation detail that enables tests to run
// efficiently - other code in the browser probably shouldn't rely on this).
Services.obs.notifyObservers(window, "ViewCertDetails:CertUsagesDone", null);
}
-function addChildrenToTree(parentTree, label, value, addTwistie)
-{
+function addChildrenToTree(parentTree, label, value, addTwistie) {
let treeChild1 = document.createElement("treechildren");
let treeElement = addTreeItemToTreeChild(treeChild1, label, value,
addTwistie);
parentTree.appendChild(treeChild1);
return treeElement;
}
-function addTreeItemToTreeChild(treeChild, label, value, addTwistie)
-{
+function addTreeItemToTreeChild(treeChild, label, value, addTwistie) {
let treeElem1 = document.createElement("treeitem");
if (addTwistie) {
treeElem1.setAttribute("container", "true");
treeElem1.setAttribute("open", "true");
}
let treeRow = document.createElement("treerow");
let treeCell = document.createElement("treecell");
treeCell.setAttribute("label", label);
@@ -258,76 +252,71 @@ function displaySelected() {
if (items.currentIndex != -1) {
var value = asn1Tree.getDisplayData(items.currentIndex);
certDumpVal.value = value;
} else {
certDumpVal.value = "";
}
}
-function BuildPrettyPrint(cert)
-{
+function BuildPrettyPrint(cert) {
var certDumpTree = Components.classes[nsASN1Tree].
createInstance(nsIASN1Tree);
certDumpTree.loadASN1Structure(cert.ASN1Structure);
document.getElementById("prettyDumpTree").view = certDumpTree;
}
-function addAttributeFromCert(nodeName, value)
-{
+function addAttributeFromCert(nodeName, value) {
var node = document.getElementById(nodeName);
if (!value) {
value = bundle.getString("notPresent");
}
node.setAttribute("value", value);
}
/**
* Displays information about a cert in the "General" tab of the cert viewer.
*
* @param {nsIX509Cert} cert
* Cert to display information about.
*/
-function DisplayGeneralDataFromCert(cert)
-{
+function DisplayGeneralDataFromCert(cert) {
addAttributeFromCert("commonname", cert.commonName);
addAttributeFromCert("organization", cert.organization);
addAttributeFromCert("orgunit", cert.organizationalUnit);
addAttributeFromCert("serialnumber", cert.serialNumber);
addAttributeFromCert("sha256fingerprint", cert.sha256Fingerprint);
addAttributeFromCert("sha1fingerprint", cert.sha1Fingerprint);
addAttributeFromCert("validitystart", cert.validity.notBeforeLocalDay);
addAttributeFromCert("validityend", cert.validity.notAfterLocalDay);
addAttributeFromCert("issuercommonname", cert.issuerCommonName);
addAttributeFromCert("issuerorganization", cert.issuerOrganization);
addAttributeFromCert("issuerorgunit", cert.issuerOrganizationUnit);
}
-function updateCertDump()
-{
+function updateCertDump() {
var asn1Tree = document.getElementById("prettyDumpTree")
.view.QueryInterface(nsIASN1Tree);
var tree = document.getElementById("treesetDump");
if (tree.currentIndex < 0) {
- doPrompt("No items are selected."); //This should never happen.
+ doPrompt("No items are selected."); // This should never happen.
} else {
var item = tree.contentView.getItemAtIndex(tree.currentIndex);
var dbKey = item.firstChild.firstChild.getAttribute("display");
// Get the cert from the cert database
var certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
var cert = certdb.findCertByDBKey(dbKey);
asn1Tree.loadASN1Structure(cert.ASN1Structure);
}
displaySelected();
}
-function getCurrentCert()
-{
+function getCurrentCert() {
var realIndex;
var tree = document.getElementById("treesetDump");
if (tree.view.selection.isSelected(tree.currentIndex)
&& document.getElementById("prettyprint_tab").selected) {
/* if the user manually selected a cert on the Details tab,
then take that one */
realIndex = tree.currentIndex;
} else {
--- a/security/manager/pki/resources/content/changepassword.js
+++ b/security/manager/pki/resources/content/changepassword.js
@@ -10,38 +10,35 @@ const nsPKCS11ModuleDB = "@mozilla.org/s
const nsIPKCS11ModuleDB = Components.interfaces.nsIPKCS11ModuleDB;
const nsIPKCS11Slot = Components.interfaces.nsIPKCS11Slot;
const nsIPK11Token = Components.interfaces.nsIPK11Token;
var params;
var tokenName = "";
var pw1;
-function doPrompt(msg)
-{
+function doPrompt(msg) {
let prompts = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].
getService(Components.interfaces.nsIPromptService);
prompts.alert(window, null, msg);
}
-function onLoad()
-{
+function onLoad() {
document.documentElement.getButton("accept").disabled = true;
pw1 = document.getElementById("pw1");
params = window.arguments[0].QueryInterface(Ci.nsIDialogParamBlock);
tokenName = params.GetString(1);
document.getElementById("tokenName").setAttribute("value", tokenName);
process();
}
-function process()
-{
+function process() {
let bundle = document.getElementById("pippki_bundle");
// If the token is unitialized, don't use the old password box.
// Otherwise, do.
let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"]
.getService(Ci.nsIPK11TokenDB);
let token;
@@ -78,18 +75,17 @@ function process()
if (params) {
// Return value 0 means "canceled"
params.SetInt(1, 0);
}
checkPasswords();
}
-function setPassword()
-{
+function setPassword() {
let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"]
.getService(Ci.nsIPK11TokenDB);
let token;
if (tokenName.length > 0) {
token = tokenDB.findTokenByName(tokenName);
} else {
token = tokenDB.getInternalKeyToken();
}
@@ -157,18 +153,17 @@ function setPassword()
// Return value 1 means "successfully executed ok"
params.SetInt(1, 1);
}
// Terminate dialog
return success;
}
-function setPasswordStrength()
-{
+function setPasswordStrength() {
// We weigh the quality of the password by checking the number of:
// - Characters
// - Numbers
// - Non-alphanumeric chars
// - Upper and lower case characters
let pw = document.getElementById("pw1").value;
@@ -203,22 +198,19 @@ function setPasswordStrength()
pwstrength = 0;
}
if (pwstrength > 100) {
pwstrength = 100;
}
let meter = document.getElementById("pwmeter");
meter.setAttribute("value", pwstrength);
-
- return;
}
-function checkPasswords()
-{
+function checkPasswords() {
let pw1 = document.getElementById("pw1").value;
let pw2 = document.getElementById("pw2").value;
var oldpwbox = document.getElementById("oldpw");
if (oldpwbox) {
var initpw = oldpwbox.getAttribute("inited");
if (initpw == "empty" && pw1 == "") {
--- a/security/manager/pki/resources/content/choosetoken.js
+++ b/security/manager/pki/resources/content/choosetoken.js
@@ -5,40 +5,37 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* import-globals-from pippki.js */
"use strict";
const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
var dialogParams;
-function onLoad()
-{
+function onLoad() {
dialogParams = window.arguments[0].QueryInterface(nsIDialogParamBlock);
let selectElement = document.getElementById("tokens");
let count = dialogParams.GetInt(0);
for (let i = 0; i < count; i++) {
let menuItemNode = document.createElement("menuitem");
let token = dialogParams.GetString(i);
menuItemNode.setAttribute("value", token);
menuItemNode.setAttribute("label", token);
selectElement.firstChild.appendChild(menuItemNode);
if (i == 0) {
selectElement.selectedItem = menuItemNode;
}
}
}
-function doOK()
-{
+function doOK() {
let tokenList = document.getElementById("tokens");
// Signal that the user accepted.
dialogParams.SetInt(0, 1);
// Signal the name of the token the user chose.
dialogParams.SetString(0, tokenList.value);
return true;
}
-function doCancel()
-{
+function doCancel() {
dialogParams.SetInt(0, 0); // Signal that the user cancelled.
return true;
}
--- a/security/manager/pki/resources/content/createCertInfo.js
+++ b/security/manager/pki/resources/content/createCertInfo.js
@@ -3,18 +3,17 @@
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* import-globals-from pippki.js */
"use strict";
var keygenThread;
-function onLoad()
-{
+function onLoad() {
keygenThread = window.arguments[0].QueryInterface(Components.interfaces.nsIKeygenThread);
if (!keygenThread) {
window.close();
return;
}
window.setCursor("wait");
@@ -25,15 +24,14 @@ function onLoad()
window.close();
}
}
};
keygenThread.startKeyGeneration(obs);
}
-function onClose()
-{
+function onClose() {
window.setCursor("auto");
var alreadyClosed = {};
keygenThread.userCanceled(alreadyClosed);
}
--- a/security/manager/pki/resources/content/device_manager.js
+++ b/security/manager/pki/resources/content/device_manager.js
@@ -19,64 +19,57 @@ const nsPKCS11ContractID = "@mozilla.org
var { Services } = Components.utils.import("resource://gre/modules/Services.jsm", {});
var bundle;
var secmoddb;
var skip_enable_buttons = false;
var smartCardObserver = {
- observe: function() {
+ observe() {
onSmartCardChange();
}
};
-function DeregisterSmartCardObservers()
-{
+function DeregisterSmartCardObservers() {
Services.obs.removeObserver(smartCardObserver, "smartcard-insert");
Services.obs.removeObserver(smartCardObserver, "smartcard-remove");
}
/* Do the initial load of all PKCS# modules and list them. */
-function LoadModules()
-{
+function LoadModules() {
bundle = document.getElementById("pippki_bundle");
secmoddb = Components.classes[nsPKCS11ModuleDB].getService(nsIPKCS11ModuleDB);
Services.obs.addObserver(smartCardObserver, "smartcard-insert", false);
Services.obs.addObserver(smartCardObserver, "smartcard-remove", false);
RefreshDeviceList();
}
-function getPKCS11()
-{
+function getPKCS11() {
return Components.classes[nsPKCS11ContractID].getService(nsIPKCS11);
}
-function getNSSString(name)
-{
+function getNSSString(name) {
return document.getElementById("pipnss_bundle").getString(name);
}
-function doPrompt(msg)
-{
+function doPrompt(msg) {
let prompts = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].
getService(Components.interfaces.nsIPromptService);
prompts.alert(window, null, msg);
}
-function doConfirm(msg)
-{
+function doConfirm(msg) {
let prompts = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].
getService(Components.interfaces.nsIPromptService);
return prompts.confirm(window, null, msg);
}
-function RefreshDeviceList()
-{
+function RefreshDeviceList() {
let modules = secmoddb.listModules();
while (modules.hasMoreElements()) {
let module = modules.getNext().QueryInterface(nsIPKCS11Module);
let slotnames = [];
let slots = module.listSlots();
while (slots.hasMoreElements()) {
let slot = slots.getNext().QueryInterface(nsIPKCS11Slot);
// Token names are preferred because NSS prefers lookup by token name.
@@ -84,18 +77,17 @@ function RefreshDeviceList()
}
AddModule(module.name, slotnames);
}
// Set the text on the FIPS button.
SetFIPSButton();
}
-function SetFIPSButton()
-{
+function SetFIPSButton() {
var fipsButton = document.getElementById("fipsbutton");
var label;
if (secmoddb.isFIPSEnabled) {
label = bundle.getString("disable_fips");
} else {
label = bundle.getString("enable_fips");
}
fipsButton.setAttribute("label", label);
@@ -106,18 +98,17 @@ function SetFIPSButton()
} else {
fipsButton.setAttribute("disabled", "true");
}
}
/* Add a module to the tree. slots is the array of slots in the module,
* to be represented as children.
*/
-function AddModule(module, slots)
-{
+function AddModule(module, slots) {
var tree = document.getElementById("device_list");
var item = document.createElement("treeitem");
var row = document.createElement("treerow");
var cell = document.createElement("treecell");
cell.setAttribute("label", module);
row.appendChild(cell);
item.appendChild(row);
var parent = document.createElement("treechildren");
@@ -137,18 +128,17 @@ function AddModule(module, slots)
item.setAttribute("container", "true");
tree.appendChild(item);
}
var selected_slot;
var selected_module;
/* get the slot selected by the user (can only be one-at-a-time) */
-function getSelectedItem()
-{
+function getSelectedItem() {
var tree = document.getElementById("device_tree");
if (tree.currentIndex < 0) return;
var item = tree.contentView.getItemAtIndex(tree.currentIndex);
selected_slot = null;
selected_module = null;
if (item) {
var kind = item.getAttribute("pk11kind");
var module_name;
@@ -165,18 +155,17 @@ function getSelectedItem()
// get the cell for the selected row (the module to display)
cell = item.firstChild.firstChild;
module_name = cell.getAttribute("label");
selected_module = secmoddb.findModuleByName(module_name);
}
}
}
-function enableButtons()
-{
+function enableButtons() {
if (skip_enable_buttons) {
return;
}
var login_toggle = "true";
var logout_toggle = "true";
var pw_toggle = "true";
var unload_toggle = "true";
@@ -208,26 +197,24 @@ function enableButtons()
.setAttribute("disabled", logout_toggle);
document.getElementById("change_pw_button")
.setAttribute("disabled", pw_toggle);
document.getElementById("unload_button")
.setAttribute("disabled", unload_toggle);
}
// clear the display of information for the slot
-function ClearInfoList()
-{
+function ClearInfoList() {
let infoList = document.getElementById("info_list");
while (infoList.hasChildNodes()) {
infoList.removeChild(infoList.firstChild);
}
}
-function ClearDeviceList()
-{
+function ClearDeviceList() {
ClearInfoList();
skip_enable_buttons = true;
var tree = document.getElementById("device_tree");
tree.view.selection.clearSelection();
skip_enable_buttons = false;
// Remove the existing listed modules so that a refresh doesn't display the
@@ -235,18 +222,17 @@ function ClearDeviceList()
let deviceList = document.getElementById("device_list");
while (deviceList.hasChildNodes()) {
deviceList.removeChild(deviceList.firstChild);
}
}
// show a list of info about a slot
-function showSlotInfo()
-{
+function showSlotInfo() {
var present = true;
ClearInfoList();
switch (selected_slot.status) {
case nsIPKCS11Slot.SLOT_DISABLED:
AddInfoRow(bundle.getString("devinfo_status"),
bundle.getString("devinfo_stat_disabled"),
"tok_status");
present = false;
@@ -288,28 +274,26 @@ function showSlotInfo()
selected_slot.HWVersion, "slot_hwv");
AddInfoRow(bundle.getString("devinfo_fwversion"),
selected_slot.FWVersion, "slot_fwv");
if (present) {
showTokenInfo();
}
}
-function showModuleInfo()
-{
+function showModuleInfo() {
ClearInfoList();
AddInfoRow(bundle.getString("devinfo_modname"),
selected_module.name, "module_name");
AddInfoRow(bundle.getString("devinfo_modpath"),
selected_module.libName, "module_path");
}
// add a row to the info list, as [col1 col2] (ex.: ["status" "logged in"])
-function AddInfoRow(col1, col2, cell_id)
-{
+function AddInfoRow(col1, col2, cell_id) {
var tree = document.getElementById("info_list");
var item = document.createElement("treeitem");
var row = document.createElement("treerow");
var cell1 = document.createElement("treecell");
cell1.setAttribute("label", col1);
cell1.setAttribute("crop", "never");
row.appendChild(cell1);
var cell2 = document.createElement("treecell");
@@ -317,18 +301,17 @@ function AddInfoRow(col1, col2, cell_id)
cell2.setAttribute("crop", "never");
cell2.setAttribute("id", cell_id);
row.appendChild(cell2);
item.appendChild(row);
tree.appendChild(item);
}
// log in to a slot
-function doLogin()
-{
+function doLogin() {
getSelectedItem();
// here's the workaround - login functions are with token
var selected_token = selected_slot.getToken();
try {
selected_token.login(false);
var tok_status = document.getElementById("tok_status");
if (selected_token.isLoggedIn()) {
tok_status.setAttribute("label",
@@ -339,18 +322,17 @@ function doLogin()
}
} catch (e) {
doPrompt(bundle.getString("login_failed"));
}
enableButtons();
}
// log out of a slot
-function doLogout()
-{
+function doLogout() {
getSelectedItem();
// here's the workaround - login functions are with token
var selected_token = selected_slot.getToken();
try {
selected_token.logoutAndDropAuthenticatedResources();
var tok_status = document.getElementById("tok_status");
if (selected_token.isLoggedIn()) {
tok_status.setAttribute("label",
@@ -360,90 +342,82 @@ function doLogout()
bundle.getString("devinfo_stat_notloggedin"));
}
} catch (e) {
}
enableButtons();
}
// load a new device
-function doLoad()
-{
+function doLoad() {
window.open("load_device.xul", "loaddevice", "chrome,centerscreen,modal");
ClearDeviceList();
RefreshDeviceList();
}
-function deleteSelected()
-{
+function deleteSelected() {
getSelectedItem();
if (selected_module &&
doConfirm(getNSSString("DelModuleWarning"))) {
try {
getPKCS11().deleteModule(selected_module.name);
- }
- catch (e) {
+ } catch (e) {
doPrompt(getNSSString("DelModuleError"));
return false;
}
selected_module = null;
return true;
}
return false;
}
-function doUnload()
-{
+function doUnload() {
if (deleteSelected()) {
ClearDeviceList();
RefreshDeviceList();
}
}
// handle card insertion and removal
-function onSmartCardChange()
-{
+function onSmartCardChange() {
var tree = document.getElementById("device_tree");
var index = tree.currentIndex;
tree.currentIndex = 0;
ClearDeviceList();
RefreshDeviceList();
tree.currentIndex = index;
enableButtons();
}
-function changePassword()
-{
+function changePassword() {
getSelectedItem();
let params = Components.classes[nsDialogParamBlock]
.createInstance(nsIDialogParamBlock);
params.SetString(1, selected_slot.tokenName);
window.openDialog("changepassword.xul", "", "chrome,centerscreen,modal",
params);
showSlotInfo();
enableButtons();
}
// browse fs for PKCS#11 device
-function doBrowseFiles()
-{
+function doBrowseFiles() {
var srbundle = document.getElementById("pippki_bundle");
var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
fp.init(window,
srbundle.getString("loadPK11TokenDialog"),
nsIFilePicker.modeOpen);
fp.appendFilters(nsIFilePicker.filterAll);
if (fp.show() == nsIFilePicker.returnOK) {
var pathbox = document.getElementById("device_path");
pathbox.setAttribute("value", fp.file.path);
}
}
-function doLoadDevice()
-{
+function doLoadDevice() {
var name_box = document.getElementById("device_name");
var path_box = document.getElementById("device_path");
try {
getPKCS11().addModule(name_box.value, path_box.value, 0, 0);
} catch (e) {
if (e.result == Components.results.NS_ERROR_ILLEGAL_VALUE) {
doPrompt(getNSSString("AddModuleDup"));
} else {
@@ -452,52 +426,48 @@ function doLoadDevice()
return false;
}
return true;
}
// ------------------------------------- Old code
-function showTokenInfo()
-{
- //ClearInfoList();
+function showTokenInfo() {
var selected_token = selected_slot.getToken();
AddInfoRow(bundle.getString("devinfo_label"),
selected_token.tokenLabel, "tok_label");
AddInfoRow(bundle.getString("devinfo_manID"),
selected_token.tokenManID, "tok_manID");
AddInfoRow(bundle.getString("devinfo_serialnum"),
selected_token.tokenSerialNumber, "tok_sNum");
AddInfoRow(bundle.getString("devinfo_hwversion"),
selected_token.tokenHWVersion, "tok_hwv");
AddInfoRow(bundle.getString("devinfo_fwversion"),
selected_token.tokenFWVersion, "tok_fwv");
}
-function toggleFIPS()
-{
+function toggleFIPS() {
if (!secmoddb.isFIPSEnabled) {
// A restriction of FIPS mode is, the password must be set
// In FIPS mode the password must be non-empty.
// This is different from what we allow in NON-Fips mode.
var tokendb = Components.classes[nsPK11TokenDB].getService(nsIPK11TokenDB);
var internal_token = tokendb.getInternalKeyToken(); // nsIPK11Token
if (!internal_token.hasPassword) {
// Token has either no or an empty password.
doPrompt(bundle.getString("fips_nonempty_password_required"));
return;
}
}
try {
secmoddb.toggleFIPSMode();
- }
- catch (e) {
+ } catch (e) {
doPrompt(bundle.getString("unable_to_toggle_fips"));
return;
}
// Remove the existing listed modules so that a refresh doesn't display the
// module that just changed.
ClearDeviceList();
--- a/security/manager/pki/resources/content/exceptionDialog.js
+++ b/security/manager/pki/resources/content/exceptionDialog.js
@@ -14,29 +14,29 @@ var gBroken;
var gNeedReset;
var gSecHistogram;
var gNsISecTel;
Components.utils.import("resource://gre/modules/PrivateBrowsingUtils.jsm");
function badCertListener() {}
badCertListener.prototype = {
- getInterface: function (aIID) {
+ getInterface(aIID) {
return this.QueryInterface(aIID);
},
- QueryInterface: function(aIID) {
+ QueryInterface(aIID) {
if (aIID.equals(Components.interfaces.nsIBadCertListener2) ||
aIID.equals(Components.interfaces.nsIInterfaceRequestor) ||
aIID.equals(Components.interfaces.nsISupports)) {
return this;
}
throw new Error(Components.results.NS_ERROR_NO_INTERFACE);
},
- handle_test_result: function () {
+ handle_test_result() {
if (gSSLStatus) {
gCert = gSSLStatus.QueryInterface(Components.interfaces.nsISSLStatus).serverCert;
}
},
notifyCertProblem: function MSR_notifyCertProblem(socketInfo, sslStatus, targetHost) {
gBroken = true;
gSSLStatus = sslStatus;
this.handle_test_result();
@@ -211,18 +211,17 @@ function updateCertStatus() {
longDesc = mml;
}
if (gSSLStatus.isNotValidAtThisTime) {
bucketId += gNsISecTel.WARNING_BAD_CERT_TOP_ADD_EXCEPTION_FLAG_TIME;
if (!use1) {
use1 = true;
shortDesc = exs;
longDesc = exl;
- }
- else {
+ } else {
use2 = true;
shortDesc2 = exs;
longDesc2 = exl;
}
}
if (gSSLStatus.isUntrusted) {
bucketId += gNsISecTel.WARNING_BAD_CERT_TOP_ADD_EXCEPTION_FLAG_UNTRUSTED;
if (!use1) {
@@ -248,45 +247,42 @@ function updateCertStatus() {
// don't store permanent exceptions, since they would persist after
// private browsing mode was disabled.
var inPrivateBrowsing = inPrivateBrowsingMode();
var pe = document.getElementById("permanent");
pe.disabled = inPrivateBrowsing;
pe.checked = !inPrivateBrowsing;
setText("headerDescription", gPKIBundle.getString("addExceptionInvalidHeader"));
- }
- else {
+ } else {
shortDesc = "addExceptionValidShort";
longDesc = "addExceptionValidLong";
gDialog.getButton("extra1").disabled = true;
document.getElementById("permanent").disabled = true;
}
// We're done checking the certificate, so allow the user to check it again.
document.getElementById("checkCertButton").disabled = false;
document.getElementById("viewCertButton").disabled = false;
// Notify observers about the availability of the certificate
Components.classes["@mozilla.org/observer-service;1"]
.getService(Components.interfaces.nsIObserverService)
.notifyObservers(null, "cert-exception-ui-ready", null);
- }
- else if (gChecking) {
+ } else if (gChecking) {
shortDesc = "addExceptionCheckingShort";
longDesc = "addExceptionCheckingLong2";
// We're checking the certificate, so we disable the Get Certificate
// button to make sure that the user can't interrupt the process and
// trigger another certificate fetch.
document.getElementById("checkCertButton").disabled = true;
document.getElementById("viewCertButton").disabled = true;
gDialog.getButton("extra1").disabled = true;
document.getElementById("permanent").disabled = true;
- }
- else {
+ } else {
shortDesc = "addExceptionNoCertShort";
longDesc = "addExceptionNoCertLong2";
// We're done checking the certificate, so allow the user to check it again.
document.getElementById("checkCertButton").disabled = false;
document.getElementById("viewCertButton").disabled = true;
gDialog.getButton("extra1").disabled = true;
document.getElementById("permanent").disabled = true;
}
--- a/security/manager/pki/resources/content/pippki.js
+++ b/security/manager/pki/resources/content/pippki.js
@@ -28,51 +28,47 @@ function viewCertHelper(parent, cert) {
if (!cert) {
return;
}
var cd = Components.classes[nsCertificateDialogs].getService(nsICertificateDialogs);
cd.viewCert(parent, cert);
}
-function getDERString(cert)
-{
+function getDERString(cert) {
var length = {};
var derArray = cert.getRawDER(length);
var derString = "";
for (var i = 0; i < derArray.length; i++) {
derString += String.fromCharCode(derArray[i]);
}
return derString;
}
-function getPKCS7String(cert, chainMode)
-{
+function getPKCS7String(cert, chainMode) {
var length = {};
var pkcs7Array = cert.exportAsCMS(chainMode, length);
var pkcs7String = "";
for (var i = 0; i < pkcs7Array.length; i++) {
pkcs7String += String.fromCharCode(pkcs7Array[i]);
}
return pkcs7String;
}
-function getPEMString(cert)
-{
+function getPEMString(cert) {
var derb64 = btoa(getDERString(cert));
// Wrap the Base64 string into lines of 64 characters with CRLF line breaks
// (as specified in RFC 1421).
var wrapped = derb64.replace(/(\S{64}(?!$))/g, "$1\r\n");
return "-----BEGIN CERTIFICATE-----\r\n"
+ wrapped
+ "\r\n-----END CERTIFICATE-----\r\n";
}
-function alertPromptService(title, message)
-{
+function alertPromptService(title, message) {
var ps = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].
getService(Components.interfaces.nsIPromptService);
ps.alert(window, title, message);
}
const DEFAULT_CERT_EXTENSION = "crt";
/**
@@ -95,18 +91,17 @@ function certToFilename(cert) {
// nsIFilePicker.defaultExtension is more of a suggestion to some
// implementations, so we include the extension in the file name as well. This
// is what the documentation for nsIFilePicker.defaultString says we should do
// anyways.
return `${filename}.${DEFAULT_CERT_EXTENSION}`;
}
-function exportToFile(parent, cert)
-{
+function exportToFile(parent, cert) {
var bundle = document.getElementById("pippki_bundle");
if (!cert) {
return;
}
var nsIFilePicker = Components.interfaces.nsIFilePicker;
var fp = Components.classes["@mozilla.org/filepicker;1"].
createInstance(nsIFilePicker);
--- a/security/manager/pki/resources/content/protectedAuth.js
+++ b/security/manager/pki/resources/content/protectedAuth.js
@@ -1,16 +1,15 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* import-globals-from pippki.js */
"use strict";
-function onLoad()
-{
+function onLoad() {
let protectedAuthThread =
window.arguments[0].QueryInterface(Components.interfaces.nsIProtectedAuthThread);
if (!protectedAuthThread) {
window.close();
return;
}
@@ -31,12 +30,11 @@ function onLoad()
};
protectedAuthThread.login(obs);
} catch (exception) {
window.close();
}
}
-function onClose()
-{
+function onClose() {
window.setCursor("auto");
}
--- a/security/manager/pki/resources/content/resetpassword.js
+++ b/security/manager/pki/resources/content/resetpassword.js
@@ -1,16 +1,15 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* import-globals-from pippki.js */
"use strict";
-function resetPassword()
-{
+function resetPassword() {
var pk11db = Components.classes["@mozilla.org/security/pk11tokendb;1"]
.getService(Components.interfaces.nsIPK11TokenDB);
var token = pk11db.getInternalKeyToken();
token.reset();
try {
var loginManager = Components.classes["@mozilla.org/login-manager;1"].
getService(Components.interfaces.nsILoginManager);
--- a/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js
@@ -9,20 +9,20 @@ var FakeSSLStatus = function() {
FakeSSLStatus.prototype = {
serverCert: null,
cipherName: null,
keyLength: 2048,
isDomainMismatch: false,
isNotValidAtThisTime: false,
isUntrusted: false,
isExtendedValidation: false,
- getInterface: function(aIID) {
+ getInterface(aIID) {
return this.QueryInterface(aIID);
},
- QueryInterface: function(aIID) {
+ QueryInterface(aIID) {
if (aIID.equals(Ci.nsISSLStatus) ||
aIID.equals(Ci.nsISupports)) {
return this;
}
throw new Error(Cr.NS_ERROR_NO_INTERFACE);
},
};
@@ -81,20 +81,20 @@ function test() {
});
uri = Services.io.newURI("http://localhost");
gSSService.removeState(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0);
});
// test first when on private mode
testOnWindow({private: true}, function(aWin) {
doTest(true, aWin, function() {
- //test when not on private mode
+ // test when not on private mode
testOnWindow({}, function(aWin) {
doTest(false, aWin, function() {
- //test again when on private mode
+ // test again when on private mode
testOnWindow({private: true}, function(aWin) {
doTest(true, aWin, function () {
finish();
});
});
});
});
});
--- a/security/manager/ssl/tests/mochitest/browser/browser_clientAuth_ui.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_clientAuth_ui.js
@@ -103,17 +103,17 @@ function findCertByCommonName(commonName
add_task(function* setup() {
cert = findCertByCommonName("Mochitest client");
Assert.notEqual(cert, null, "Should be able to find the test client cert");
});
// Test that the contents of the dialog correspond to the details of the
// provided cert.
add_task(function* testContents() {
- let [win, retVals] = yield openClientAuthDialog(cert);
+ let [win] = yield openClientAuthDialog(cert);
checkDialogContents(win, cert.validity.notBeforeLocalTime,
cert.validity.notAfterLocalTime);
yield BrowserTestUtils.closeWindow(win);
});
// Test that the right values are returned when the dialog is accepted.
add_task(function* testAcceptDialogReturnValues() {
let [win, retVals] = yield openClientAuthDialog(cert);
--- a/security/manager/ssl/tests/mochitest/browser/browser_deleteCert_ui.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_deleteCert_ui.js
@@ -74,17 +74,17 @@ function openDeleteCertConfirmDialog(tab
add_task(function* setup() {
for (let testCase of TEST_CASES) {
let cert = null;
if (testCase.certFilename) {
cert = yield readCertificate(testCase.certFilename, ",,");
}
let certTreeItem = {
hostPort: FAKE_HOST_PORT,
- cert: cert,
+ cert,
QueryInterface(iid) {
if (iid.equals(Ci.nsICertTreeItem)) {
return this;
}
throw new Error(Cr.NS_ERROR_NO_INTERFACE);
}
};
@@ -100,17 +100,17 @@ add_task(function* setup() {
* @param {String} expectedTitle
* Title the dialog is expected to have.
* @param {String} expectedConfirmMsg
* Confirmation message the dialog is expected to show.
* @param {String} expectedImpact
* Impact the dialog is expected to show.
*/
function* testHelper(tabID, expectedTitle, expectedConfirmMsg, expectedImpact) {
- let [win, retVals] = yield openDeleteCertConfirmDialog(tabID);
+ let [win] = yield openDeleteCertConfirmDialog(tabID);
let certList = win.document.getElementById("certlist");
Assert.equal(win.document.title, expectedTitle,
`Actual and expected titles should match for ${tabID}`);
Assert.equal(win.document.getElementById("confirm").textContent,
expectedConfirmMsg,
`Actual and expected confirm message should match for ${tabID}`);
Assert.equal(win.document.getElementById("impact").textContent,
@@ -188,27 +188,27 @@ add_task(function* testDeleteOtherCerts(
"Are you sure you want to delete these certificates?";
const expectedImpact = "";
yield* testHelper("orphan_tab", expectedTitle, expectedConfirmMsg,
expectedImpact);
});
// Test that the right values are returned when the dialog is accepted.
add_task(function* testAcceptDialogReturnValues() {
- let [win, retVals] = yield openDeleteCertConfirmDialog("ca_tab" /*arbitrary*/);
+ let [win, retVals] = yield openDeleteCertConfirmDialog("ca_tab" /* arbitrary */);
info("Accepting dialog");
win.document.getElementById("deleteCertificate").acceptDialog();
yield BrowserTestUtils.windowClosed(win);
Assert.ok(retVals.deleteConfirmed,
"Return value should signal user accepted");
});
// Test that the right values are returned when the dialog is canceled.
add_task(function* testCancelDialogReturnValues() {
- let [win, retVals] = yield openDeleteCertConfirmDialog("ca_tab" /*arbitrary*/);
+ let [win, retVals] = yield openDeleteCertConfirmDialog("ca_tab" /* arbitrary */);
info("Canceling dialog");
win.document.getElementById("deleteCertificate").cancelDialog();
yield BrowserTestUtils.windowClosed(win);
Assert.ok(!retVals.deleteConfirmed,
"Return value should signal user did not accept");
});
--- a/security/manager/ssl/tests/mochitest/browser/browser_downloadCert_ui.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_downloadCert_ui.js
@@ -92,17 +92,17 @@ add_task(function* setup() {
MockRegistrar.unregister(certificateDialogsCID);
});
});
// Test that the trust header message corresponds to the provided cert, and that
// the View Cert button launches the cert viewer for the provided cert.
add_task(function* testTrustHeaderAndViewCertButton() {
for (let testCase of TEST_CASES) {
- let [win, retVals] = yield openCertDownloadDialog(testCase.cert);
+ let [win] = yield openCertDownloadDialog(testCase.cert);
let expectedTrustHeaderString =
`Do you want to trust \u201C${testCase.expectedDisplayString}\u201D ` +
"for the following purposes?";
Assert.equal(win.document.getElementById("trustHeader").textContent,
expectedTrustHeaderString,
"Actual and expected trust header text should match for " +
`${testCase.certFilename}`);
--- a/security/manager/ssl/tests/mochitest/browser/browser_exportP12_passwordUI.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_exportP12_passwordUI.js
@@ -73,27 +73,27 @@ function openSetP12PasswordDialog() {
resolve([win, returnVals]);
}, {once: true});
});
}
// Tests that the first password textbox is the element that is initially
// focused.
add_task(function* testFocus() {
- let [win, retVals] = yield openSetP12PasswordDialog();
+ let [win] = yield openSetP12PasswordDialog();
Assert.equal(win.document.activeElement,
win.document.getElementById("pw1").inputField,
"First password textbox should have focus");
yield BrowserTestUtils.closeWindow(win);
});
// Tests that the password strength algorithm used is reasonable, and that the
// Accept button is only enabled if the two passwords match.
add_task(function* testPasswordStrengthAndEquality() {
- let [win, retVals] = yield openSetP12PasswordDialog();
+ let [win] = yield openSetP12PasswordDialog();
let password1Textbox = win.document.getElementById("pw1");
let password2Textbox = win.document.getElementById("pw2");
let strengthProgressBar = win.document.getElementById("pwmeter");
for (let testCase of TEST_CASES) {
password1Textbox.value = testCase.password1;
password2Textbox.value = testCase.password2;
// Setting the value of the password textboxes via |.value| apparently
--- a/security/manager/ssl/tests/mochitest/mixedcontent/.eslintrc.js
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/.eslintrc.js
@@ -1,5 +1,9 @@
"use strict";
module.exports = { // eslint-disable-line no-undef
- "extends": "../../../../../../testing/mochitest/mochitest.eslintrc.js"
+ "extends": "../../../../../../testing/mochitest/mochitest.eslintrc.js",
+ "rules": {
+ // Boilerplate runTest and afterNavigationtest calls use opening braces on newline.
+ "brace-style": "off"
+ }
};
--- a/security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js
@@ -73,18 +73,17 @@ window.onload = function onLoad() {
window.open(secureTestLocation, "_new2", "");
} else {
_windowCount = 1;
window.open(secureTestLocation);
}
}
};
-function onMessageReceived(event)
-{
+function onMessageReceived(event) {
switch (event.data) {
// Indication of all test parts finish (from any of the frames)
case "done":
if (--_windowCount == 0) {
if (testCleanUp) {
testCleanUp();
}
if (hasMixedActiveContent) {
@@ -97,55 +96,50 @@ function onMessageReceived(event)
// Any other message is an error or success message of a test.
default:
SimpleTest.ok(!event.data.match(/^FAILURE/), event.data);
break;
}
}
-function postMsg(message)
-{
+function postMsg(message) {
opener.postMessage(message, "http://mochi.test:8888");
}
-function finish()
-{
+function finish() {
if (history.length == 1 && !bypassNavigationTest) {
window.setTimeout(() => {
window.location.assign(navigateToInsecure ?
"http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/backward.html" :
"https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/backward.html");
}, 0);
} else {
postMsg("done");
window.close();
}
}
-function ok(a, message)
-{
+function ok(a, message) {
if (!a) {
postMsg("FAILURE: " + message);
} else {
postMsg(message);
}
}
-function is(a, b, message)
-{
+function is(a, b, message) {
if (a != b) {
postMsg(`FAILURE: ${message}, expected ${b} got ${a}`);
} else {
postMsg(`${message}, expected ${b} got ${a}`);
}
}
-function isSecurityState(expectedState, message, test)
-{
+function isSecurityState(expectedState, message, test) {
if (!test) {
test = ok;
}
let ui = SpecialPowers.wrap(window)
.QueryInterface(SpecialPowers.Ci.nsIInterfaceRequestor)
.getInterface(SpecialPowers.Ci.nsIWebNavigation)
.QueryInterface(SpecialPowers.Ci.nsIDocShell)
@@ -182,18 +176,17 @@ function isSecurityState(expectedState,
case "EV":
test(ui && !isInsecure && !isBroken && isEV, "for 'EV' expected flags [0,0,1], " + (message || ""));
break;
default:
throw new Error("Invalid isSecurityState state");
}
}
-function waitForSecurityState(expectedState, callback)
-{
+function waitForSecurityState(expectedState, callback) {
let roundsLeft = 200; // Wait for 20 seconds (=200*100ms)
let interval = window.setInterval(() => {
isSecurityState(expectedState, "", isok => {
if (isok) {
roundsLeft = 0;
}
});
if (!roundsLeft--) {
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html
@@ -46,17 +46,17 @@
prefBranch.setIntPref("folderList", 2);
prefBranch.setBoolPref("manager.closeWhenDone", true);
prefBranch.setBoolPref("manager.showWhenStarting", false);
const { Downloads } =
Cu.import("resource://gre/modules/Downloads.jsm", {});
Downloads.getList(Downloads.PUBLIC).then(list => {
list.addView({
- onDownloadAdded: function (aDownload) {
+ onDownloadAdded(aDownload) {
list.removeView(this);
aDownload.whenSucceeded().then(() => {
list.removeFinished();
sendAsyncMessage("navigate", "bug383369step2.html");
});
},
});
sendAsyncMessage("navigate", "download.auto");
--- a/security/manager/ssl/tests/unit/head_psm.js
+++ b/security/manager/ssl/tests/unit/head_psm.js
@@ -168,32 +168,32 @@ function getXPCOMStatusFromNSS(statusNSS
let nssErrorsService = Cc["@mozilla.org/nss_errors_service;1"]
.getService(Ci.nsINSSErrorsService);
return nssErrorsService.getXPCOMFromNSSError(statusNSS);
}
// certdb implements nsIX509CertDB. See nsIX509CertDB.idl for documentation.
// In particular, hostname is optional.
function checkCertErrorGenericAtTime(certdb, cert, expectedError, usage, time,
- /*optional*/ hasEVPolicy,
- /*optional*/ hostname) {
+ /* optional */ hasEVPolicy,
+ /* optional */ hostname) {
do_print(`cert cn=${cert.commonName}`);
do_print(`cert issuer cn=${cert.issuerCommonName}`);
let verifiedChain = {};
let error = certdb.verifyCertAtTime(cert, usage, NO_FLAGS, hostname, time,
verifiedChain, hasEVPolicy || {});
Assert.equal(error, expectedError,
"Actual and expected error should match");
}
// certdb implements nsIX509CertDB. See nsIX509CertDB.idl for documentation.
// In particular, hostname is optional.
function checkCertErrorGeneric(certdb, cert, expectedError, usage,
- /*optional*/ hasEVPolicy,
- /*optional*/ hostname) {
+ /* optional */ hasEVPolicy,
+ /* optional */ hostname) {
do_print(`cert cn=${cert.commonName}`);
do_print(`cert issuer cn=${cert.issuerCommonName}`);
let verifiedChain = {};
let error = certdb.verifyCertNow(cert, usage, NO_FLAGS, hostname,
verifiedChain, hasEVPolicy || {});
Assert.equal(error, expectedError,
"Actual and expected error should match");
}
@@ -358,17 +358,17 @@ function add_tls_server_setup(serverBinN
* @param {OriginAttributes} aOriginAttributes (optional)
* The origin attributes that the socket transport will have. This parameter
* affects OCSP because OCSP cache is double-keyed by origin attributes' first
* party domain.
*/
function add_connection_test(aHost, aExpectedResult,
aBeforeConnect, aWithSecurityInfo,
aAfterStreamOpen,
- /*optional*/ aOriginAttributes) {
+ /* optional */ aOriginAttributes) {
const REMOTE_PORT = 8443;
function Connection(host) {
this.host = host;
let threadManager = Cc["@mozilla.org/thread-manager;1"]
.getService(Ci.nsIThreadManager);
this.thread = threadManager.currentThread;
this.defer = Promise.defer();
@@ -384,55 +384,55 @@ function add_connection_test(aHost, aExp
}
this.inputStream = null;
this.outputStream = null;
this.connected = false;
}
Connection.prototype = {
// nsITransportEventSink
- onTransportStatus: function(aTransport, aStatus, aProgress, aProgressMax) {
+ onTransportStatus(aTransport, aStatus, aProgress, aProgressMax) {
if (!this.connected && aStatus == Ci.nsISocketTransport.STATUS_CONNECTED_TO) {
this.connected = true;
this.outputStream.asyncWait(this, 0, 0, this.thread);
}
},
// nsIInputStreamCallback
- onInputStreamReady: function(aStream) {
+ onInputStreamReady(aStream) {
try {
// this will throw if the stream has been closed by an error
let str = NetUtil.readInputStreamToString(aStream, aStream.available());
Assert.equal(str, "0",
"Should have received ASCII '0' from server");
this.inputStream.close();
this.outputStream.close();
this.result = Cr.NS_OK;
} catch (e) {
this.result = e.result;
}
this.defer.resolve(this);
},
// nsIOutputStreamCallback
- onOutputStreamReady: function(aStream) {
+ onOutputStreamReady(aStream) {
if (aAfterStreamOpen) {
aAfterStreamOpen(this.transport);
}
let sslSocketControl = this.transport.securityInfo
.QueryInterface(Ci.nsISSLSocketControl);
sslSocketControl.proxyStartSSL();
this.outputStream.write("0", 1);
let inStream = this.transport.openInputStream(0, 0, 0)
.QueryInterface(Ci.nsIAsyncInputStream);
this.inputStream = inStream;
this.inputStream.asyncWait(this, 0, 0, this.thread);
},
- go: function() {
+ go() {
this.outputStream = this.transport.openOutputStream(0, 0, 0)
.QueryInterface(Ci.nsIAsyncOutputStream);
return this.defer.promise;
}
};
/* Returns a promise to connect to host that resolves to the result of that
* connection */
@@ -483,18 +483,17 @@ function _getBinaryUtil(binaryUtilName)
utilBin.initWithPath("/data/local/xpcb/");
utilBin.append(binaryUtilName);
}
Assert.ok(utilBin.exists(), `Binary util ${binaryUtilName} should exist`);
return utilBin;
}
// Do not call this directly; use add_tls_server_setup
-function _setupTLSServerTest(serverBinName, certsPath)
-{
+function _setupTLSServerTest(serverBinName, certsPath) {
let certdb = Cc["@mozilla.org/security/x509certdb;1"]
.getService(Ci.nsIX509CertDB);
// The trusted CA that is typically used for "good" certificates.
addCertFromFile(certdb, `${certsPath}/test-ca.pem`, "CTu,u,u");
const CALLBACK_PORT = 8444;
let directoryService = Cc["@mozilla.org/file/directory_service;1"]
@@ -535,18 +534,17 @@ function _setupTLSServerTest(serverBinNa
process.kill();
});
}
// Returns an Array of OCSP responses for a given ocspRespArray and a location
// for a nssDB where the certs and public keys are prepopulated.
// ocspRespArray is an array of arrays like:
// [ [typeOfResponse, certnick, extracertnick]...]
-function generateOCSPResponses(ocspRespArray, nssDBlocation)
-{
+function generateOCSPResponses(ocspRespArray, nssDBlocation) {
let utilBinName = "GenerateOCSPResponse";
let ocspGenBin = _getBinaryUtil(utilBinName);
let retArray = [];
for (let i = 0; i < ocspRespArray.length; i++) {
let argArray = [];
let ocspFilepre = do_get_file(i.toString() + ".ocsp", true);
let filename = ocspFilepre.path;
@@ -638,17 +636,17 @@ function startOCSPResponder(serverPort,
}
aResponse.setStatusLine(aRequest.httpVersion, 200, "OK");
aResponse.setHeader("Content-Type", "application/ocsp-response");
aResponse.write(ocspResponses.shift());
});
httpServer.identity.setPrimary("http", identity, serverPort);
httpServer.start(serverPort);
return {
- stop: function(callback) {
+ stop(callback) {
// make sure we consumed each expected response
Assert.equal(ocspResponses.length, 0,
"Should have 0 remaining expected OCSP responses");
if (expectedMethods) {
Assert.equal(expectedMethods.length, 0,
"Should have 0 remaining expected fetch methods");
}
if (expectedBasePaths) {
@@ -672,20 +670,20 @@ var FakeSSLStatus = function(certificate
FakeSSLStatus.prototype = {
serverCert: null,
cipherName: null,
keyLength: 2048,
isDomainMismatch: false,
isNotValidAtThisTime: false,
isUntrusted: false,
isExtendedValidation: false,
- getInterface: function(aIID) {
+ getInterface(aIID) {
return this.QueryInterface(aIID);
},
- QueryInterface: function(aIID) {
+ QueryInterface(aIID) {
if (aIID.equals(Ci.nsISSLStatus) ||
aIID.equals(Ci.nsISupports)) {
return this;
}
throw new Error(Cr.NS_ERROR_NO_INTERFACE);
},
};
@@ -766,17 +764,17 @@ function add_prevented_cert_override_tes
add_connection_test(aHost, aExpectedError);
}
function loginToDBWithDefaultPassword() {
let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"]
.getService(Ci.nsIPK11TokenDB);
let token = tokenDB.getInternalKeyToken();
token.initPassword("");
- token.login(/*force*/ false);
+ token.login(/* force */ false);
}
// Helper for asyncTestCertificateUsages.
class CertVerificationResult {
constructor(certName, usageString, successExpected, resolve) {
this.certName = certName;
this.usageString = usageString;
this.successExpected = successExpected;
--- a/security/manager/ssl/tests/unit/test_cert_blocklist.js
+++ b/security/manager/ssl/tests/unit/test_cert_blocklist.js
@@ -13,21 +13,21 @@
// unmodified
// First, we need to setup appInfo for the blocklist service to work
var id = "xpcshell@tests.mozilla.org";
var appName = "XPCShell";
var version = "1";
var platformVersion = "1.9.2";
Cu.import("resource://testing-common/AppInfo.jsm", this);
-/*global updateAppInfo:false*/ // Imported via AppInfo.jsm.
+/* global updateAppInfo:false */ // Imported via AppInfo.jsm.
updateAppInfo({
name: appName,
ID: id,
- version: version,
+ version,
platformVersion: platformVersion ? platformVersion : "1.0",
crashReporter: true,
});
// we need to ensure we setup revocation data before certDB, or we'll start with
// no revocation.txt in the profile
var gProfile = do_get_profile();
@@ -170,17 +170,17 @@ function test_is_revoked(certList, issue
subjectString ? subjectString.length : 0,
pubKey,
pubKeyString ? pubKeyString.length : 0);
}
function fetch_blocklist(blocklistPath) {
do_print("path is " + blocklistPath + "\n");
let certblockObserver = {
- observe: function(aSubject, aTopic, aData) {
+ observe(aSubject, aTopic, aData) {
Services.obs.removeObserver(this, "blocklist-updated");
run_next_test();
}
};
Services.obs.addObserver(certblockObserver, "blocklist-updated", false);
Services.prefs.setCharPref("extensions.blocklist.url",
`http://localhost:${port}/${blocklistPath}`);
--- a/security/manager/ssl/tests/unit/test_cert_trust.js
+++ b/security/manager/ssl/tests/unit/test_cert_trust.js
@@ -95,17 +95,17 @@ function test_ca_distrust(ee_cert, cert_
certificateUsageStatusResponder);
// Now tests on the SSL trust bit
setCertTrust(cert_to_modify_trust, "p,C,C");
checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_UNTRUSTED_ISSUER,
certificateUsageSSLServer);
- //XXX(Bug 982340)
+ // XXX(Bug 982340)
checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
certificateUsageSSLClient);
checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
certificateUsageSSLCA);
checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
certificateUsageEmailSigner);
checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
certificateUsageEmailRecipient);
@@ -152,17 +152,17 @@ function test_ca_distrust(ee_cert, cert_
checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
certificateUsageObjectSigner);
checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
certificateUsageVerifyCA);
checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_INADEQUATE_CERT_TYPE,
certificateUsageStatusResponder);
- //inherited EMAIL Trust
+ // inherited EMAIL Trust
setCertTrust(cert_to_modify_trust, "C,,C");
checkCertErrorGeneric(certdb, ee_cert, PRErrorCodeSuccess,
certificateUsageSSLServer);
checkCertErrorGeneric(certdb, ee_cert, isRootCA ? SEC_ERROR_UNKNOWN_ISSUER
: PRErrorCodeSuccess,
certificateUsageSSLClient);
checkCertErrorGeneric(certdb, ee_cert, SEC_ERROR_CA_CERT_INVALID,
certificateUsageSSLCA);
--- a/security/manager/ssl/tests/unit/test_content_signing.js
+++ b/security/manager/ssl/tests/unit/test_content_signing.js
@@ -48,19 +48,16 @@ function run_test() {
["remote_newtab_ee", "int", "root"]);
let oneCRLChain = loadChain(TEST_DATA_DIR + "content_signing",
["onecrl_ee", "int", "root"]);
let oneCRLBadKeyChain = loadChain(TEST_DATA_DIR + "content_signing",
["onecrl_wrong_key_ee", "int", "root"]);
- let oneCRLRSAKeyChain = loadChain(TEST_DATA_DIR + "content_signing",
- ["onecrl_RSA_ee", "int", "root"]);
-
let noSANChain = loadChain(TEST_DATA_DIR + "content_signing",
["onecrl_no_SAN_ee", "int", "root"]);
// Check signature verification works without error before the root is set
let chain1 = oneCRLChain.join("\n");
let verifier = getSignatureVerifier();
ok(!verifier.verifyContentSignature(DATA, GOOD_SIGNATURE, chain1, ONECRL_NAME),
"Before the root is set, signatures should fail to verify but not throw.");
--- a/security/manager/ssl/tests/unit/test_datasignatureverifier.js
+++ b/security/manager/ssl/tests/unit/test_datasignatureverifier.js
@@ -121,59 +121,59 @@ const signatures = [
// Invalid signature data ("foobar" base 64 encoded)
"Zm9vYmFy"
];
const tests = [
// Data Signature Key Expected Throws
// Pass cases
- [0, 0, 0, true, false], //0
- [0, 1, 0, true, false], //1
- [0, 2, 0, true, false], //2
- [0, 3, 0, true, false], //3
- [0, 4, 0, true, false], //4
- [0, 5, 0, true, false], //5
- [1, 6, 0, true, false], //6
- [1, 7, 0, true, false], //7
- [1, 8, 0, true, false], //8
- [1, 9, 0, true, false], //9
- [1, 10, 0, true, false], //10
- [1, 11, 0, true, false], //11
- [0, 12, 1, true, false], //12
- [0, 13, 1, true, false], //13
- [1, 14, 1, true, false], //14
- [1, 15, 1, true, false], //15
+ [0, 0, 0, true, false], // 0
+ [0, 1, 0, true, false], // 1
+ [0, 2, 0, true, false], // 2
+ [0, 3, 0, true, false], // 3
+ [0, 4, 0, true, false], // 4
+ [0, 5, 0, true, false], // 5
+ [1, 6, 0, true, false], // 6
+ [1, 7, 0, true, false], // 7
+ [1, 8, 0, true, false], // 8
+ [1, 9, 0, true, false], // 9
+ [1, 10, 0, true, false], // 10
+ [1, 11, 0, true, false], // 11
+ [0, 12, 1, true, false], // 12
+ [0, 13, 1, true, false], // 13
+ [1, 14, 1, true, false], // 14
+ [1, 15, 1, true, false], // 15
// Incorrect data cases
- [1, 0, 0, false, false], //16
- [1, 1, 0, false, false], //17
- [1, 2, 0, false, false], //18
- [1, 3, 0, false, false], //19
- [1, 4, 0, false, false], //20
- [1, 5, 0, false, false], //21
- [0, 6, 0, false, false], //22
- [0, 7, 0, false, false], //23
- [0, 8, 0, false, false], //24
- [0, 9, 0, false, false], //25
- [0, 10, 0, false, false], //26
- [0, 11, 0, false, false], //27
+ [1, 0, 0, false, false], // 16
+ [1, 1, 0, false, false], // 17
+ [1, 2, 0, false, false], // 18
+ [1, 3, 0, false, false], // 19
+ [1, 4, 0, false, false], // 20
+ [1, 5, 0, false, false], // 21
+ [0, 6, 0, false, false], // 22
+ [0, 7, 0, false, false], // 23
+ [0, 8, 0, false, false], // 24
+ [0, 9, 0, false, false], // 25
+ [0, 10, 0, false, false], // 26
+ [0, 11, 0, false, false], // 27
// Incorrect key cases
- [0, 1, 1, false, false], //28
- [0, 5, 1, false, false], //29
- [1, 7, 1, false, false], //30
- [1, 11, 1, false, false], //31
- [0, 12, 0, false, false], //32
- [0, 13, 0, false, false], //33
- [1, 14, 0, false, false], //34
- [1, 15, 0, false, false], //35
+ [0, 1, 1, false, false], // 28
+ [0, 5, 1, false, false], // 29
+ [1, 7, 1, false, false], // 30
+ [1, 11, 1, false, false], // 31
+ [0, 12, 0, false, false], // 32
+ [0, 13, 0, false, false], // 33
+ [1, 14, 0, false, false], // 34
+ [1, 15, 0, false, false], // 35
// Invalid data cases
- [0, 0, 2, false, true], //36
- [0, 1, 2, false, true], //37
- [0, 16, 0, false, true], //38
- [1, 16, 0, false, true], //39
+ [0, 0, 2, false, true], // 36
+ [0, 1, 2, false, true], // 37
+ [0, 16, 0, false, true], // 38
+ [1, 16, 0, false, true], // 39
];
function run_test() {
let verifier = Cc["@mozilla.org/security/datasignatureverifier;1"]
.createInstance(Ci.nsIDataSignatureVerifier);
for (let testCase of tests) {
let testShouldThrow = testCase[4];
--- a/security/manager/ssl/tests/unit/test_ev_certs.js
+++ b/security/manager/ssl/tests/unit/test_ev_certs.js
@@ -60,18 +60,17 @@ class EVCertVerificationResult {
`${this.testcase} should have expected error code`);
equal(hasEVPolicy, this.expectedEV,
`${this.testcase} should result in expected EV status`);
this.ocspResponder.stop(this.resolve);
}
}
function asyncTestEV(cert, expectedPRErrorCode, expectedEV,
- expectedOCSPRequestPaths, ocspResponseTypes = undefined)
-{
+ expectedOCSPRequestPaths, ocspResponseTypes = undefined) {
let now = Date.now() / 1000;
return new Promise((resolve, reject) => {
let ocspResponder = expectedOCSPRequestPaths.length > 0
? startOCSPResponder(SERVER_PORT, "www.example.com",
"test_ev_certs",
expectedOCSPRequestPaths,
expectedOCSPRequestPaths.slice(),
null, ocspResponseTypes)
--- a/security/manager/ssl/tests/unit/test_keysize_ev.js
+++ b/security/manager/ssl/tests/unit/test_keysize_ev.js
@@ -36,18 +36,17 @@ function loadCert(certName, trustString)
* An array of file names of any intermediate certificates.
* @param {String} endEntityCertFileName
* The file name of the end entity cert.
* @param {Boolean} expectedResult
* Whether the chain is expected to validate as EV.
*/
function addKeySizeTestForEV(expectedNamesForOCSP,
rootCertFileName, intCertFileNames,
- endEntityCertFileName, expectedResult)
-{
+ endEntityCertFileName, expectedResult) {
add_test(function() {
clearOCSPCache();
let ocspResponder = getOCSPResponder(expectedNamesForOCSP);
loadCert(rootCertFileName, "CTu,CTu,CTu");
for (let intCertFileName of intCertFileNames) {
loadCert(intCertFileName, ",,");
}
--- a/security/manager/ssl/tests/unit/test_local_cert.js
+++ b/security/manager/ssl/tests/unit/test_local_cert.js
@@ -14,31 +14,31 @@ function run_test() {
// Ensure PSM is initialized
Cc["@mozilla.org/psm;1"].getService(Ci.nsISupports);
run_next_test();
}
function getOrCreateCert(nickname) {
return new Promise((resolve, reject) => {
certService.getOrCreateCert(nickname, {
- handleCert: function(c, rv) {
+ handleCert(c, rv) {
if (rv) {
reject(rv);
return;
}
resolve(c);
}
});
});
}
function removeCert(nickname) {
return new Promise((resolve, reject) => {
certService.removeCert(nickname, {
- handleResult: function(rv) {
+ handleResult(rv) {
if (rv) {
reject(rv);
return;
}
resolve();
}
});
});
--- a/security/manager/ssl/tests/unit/test_logoutAndTeardown.js
+++ b/security/manager/ssl/tests/unit/test_logoutAndTeardown.js
@@ -10,26 +10,26 @@ do_get_profile();
function connect_and_teardown() {
let socketTransportService =
Cc["@mozilla.org/network/socket-transport-service;1"]
.getService(Ci.nsISocketTransportService);
let tearDown = false;
let reader = {
- onInputStreamReady: function(stream) {
+ onInputStreamReady(stream) {
throws(() => stream.available(), /NS_ERROR_FAILURE/,
"stream should be in an error state");
ok(tearDown, "A tear down attempt should have occurred");
run_next_test();
}
};
let sink = {
- onTransportStatus: function(transport, status, progress, progressmax) {
+ onTransportStatus(transport, status, progress, progressmax) {
if (status == Ci.nsISocketTransport.STATUS_CONNECTED_TO) {
// Try to logout and tear down the secure decoder ring.
// This should close and stream and notify the reader.
// The test will time out if this fails.
tearDown = true;
Cc["@mozilla.org/security/sdr;1"].getService(Ci.nsISecretDecoderRing)
.logoutAndTeardown();
}
--- a/security/manager/ssl/tests/unit/test_ocsp_caching.js
+++ b/security/manager/ssl/tests/unit/test_ocsp_caching.js
@@ -107,17 +107,17 @@ function add_tests() {
add_ocsp_test("ocsp-stapling-none.example.com", PRErrorCodeSuccess,
[respondWithError],
"expected one OCSP request for a long-lived certificate");
add_test(function() {
Services.prefs.clearUserPref("security.pki.cert_short_lifetime_in_days");
run_next_test();
});
- //---------------------------------------------------------------------------
+ // ---------------------------------------------------------------------------
// Reset state
add_test(function() { clearOCSPCache(); run_next_test(); });
// This test assumes that OCSPStaplingServer uses the same cert for
// ocsp-stapling-unknown.example.com and ocsp-stapling-none.example.com.
// Get an Unknown response for the *.example.com cert and put it in the
@@ -166,17 +166,17 @@ function add_tests() {
// the Unknown response in the cache, resulting in the catched Good response
// being returned and no fetch.
add_ocsp_test("ocsp-stapling-none.example.com", PRErrorCodeSuccess,
[],
"Cached Good response -> a fetch should not have been" +
" attempted");
- //---------------------------------------------------------------------------
+ // ---------------------------------------------------------------------------
// Reset state
add_test(function() { clearOCSPCache(); run_next_test(); });
// A failure to retrieve an OCSP response will result in an error entry being
// added to the cache.
add_ocsp_test("ocsp-stapling-none.example.com", PRErrorCodeSuccess,
[respondWithError],
@@ -189,17 +189,17 @@ function add_tests() {
// The error entry must not prevent a stapled OCSP response from being
// honored.
add_ocsp_test("ocsp-stapling-revoked.example.com",
SEC_ERROR_REVOKED_CERTIFICATE, [],
"Stapled Revoked response -> a fetch should not have been" +
" attempted");
- //---------------------------------------------------------------------------
+ // ---------------------------------------------------------------------------
// Ensure OCSP responses from signers with SHA1 certificates are OK. This
// is included in the OCSP caching tests since there were OCSP cache-related
// regressions when sha-1 telemetry probes were added.
add_test(function() {
clearOCSPCache();
// set security.OCSP.require so that checking the OCSP signature fails
Services.prefs.setBoolPref("security.OCSP.require", true);
@@ -210,34 +210,34 @@ function add_tests() {
[respondWithSHA1OCSP],
"signing cert is good (though sha1) - should succeed");
add_test(function() {
Services.prefs.setBoolPref("security.OCSP.require", false);
run_next_test();
});
- //---------------------------------------------------------------------------
+ // ---------------------------------------------------------------------------
// Reset state
add_test(function() { clearOCSPCache(); run_next_test(); });
// This test makes sure that OCSP cache are isolated by firstPartyDomain.
let gObservedCnt = 0;
let protocolProxyService = Cc["@mozilla.org/network/protocol-proxy-service;1"]
.getService(Ci.nsIProtocolProxyService);
// Observe all channels and make sure the firstPartyDomain in their loadInfo's
// origin attributes are aFirstPartyDomain.
function startObservingChannels(aFirstPartyDomain) {
// We use a dummy proxy filter to catch all channels, even those that do not
// generate an "http-on-modify-request" notification.
let proxyFilter = {
- applyFilter: function (aProxyService, aChannel, aProxy) {
+ applyFilter(aProxyService, aChannel, aProxy) {
// We have the channel; provide it to the callback.
if (aChannel.originalURI.spec == "http://localhost:8888/") {
gObservedCnt++;
equal(aChannel.loadInfo.originAttributes.firstPartyDomain,
aFirstPartyDomain, "firstPartyDomain should match");
}
// Pass on aProxy unmodified.
return aProxy;
@@ -286,17 +286,17 @@ function add_tests() {
add_test(function() {
stopObservingChannels();
equal(gObservedCnt, 1, "should have observed only 1 OCSP requests");
gObservedCnt = 0;
run_next_test();
});
- //---------------------------------------------------------------------------
+ // ---------------------------------------------------------------------------
// Reset state
add_test(function() { clearOCSPCache(); run_next_test(); });
// Test that the OCSP cache is not isolated by userContextId.
// A good OCSP response will be cached.
add_ocsp_test("ocsp-stapling-none.example.com", PRErrorCodeSuccess,
@@ -311,13 +311,13 @@ function add_tests() {
{ userContextId: 1 });
// Fetching is prevented even if in a different userContextId.
add_ocsp_test("ocsp-stapling-none.example.com", PRErrorCodeSuccess, [],
"Noted OCSP server failure (userContextId = 2) -> a " +
"fetch should not have been attempted",
{ userContextId: 2 });
- //---------------------------------------------------------------------------
+ // ---------------------------------------------------------------------------
// Reset state
add_test(function() { clearOCSPCache(); run_next_test(); });
}
--- a/security/manager/ssl/tests/unit/test_ocsp_required.js
+++ b/security/manager/ssl/tests/unit/test_ocsp_required.js
@@ -35,18 +35,17 @@ function run_test() {
add_tests();
add_test(function () { ocspResponder.stop(run_next_test); });
run_next_test();
}
-function add_tests()
-{
+function add_tests() {
add_connection_test("ocsp-stapling-none.example.com",
SEC_ERROR_OCSP_BAD_SIGNATURE);
add_connection_test("ocsp-stapling-none.example.com",
SEC_ERROR_OCSP_BAD_SIGNATURE);
add_test(function () {
equal(gOCSPRequestCount, 1,
"OCSP request count should be 1 due to OCSP response caching");
gOCSPRequestCount = 0;
--- a/security/manager/ssl/tests/unit/test_ocsp_timeout.js
+++ b/security/manager/ssl/tests/unit/test_ocsp_timeout.js
@@ -11,22 +11,22 @@
// these tests, the OCSP AIA (i.e. the url of the responder) in the certificate
// is http://localhost:8888. Since this test opens a TCP socket listening on
// port 8888 that just accepts connections and then ignores them (with
// connect/read/write timeouts of 30 seconds), the OCSP requests should cancel
// themselves. When OCSP hard-fail is enabled, connections will be terminated.
// Otherwise, they will succeed.
var gSocketListener = {
- onSocketAccepted: function(serverSocket, socketTransport) {
+ onSocketAccepted(serverSocket, socketTransport) {
socketTransport.setTimeout(Ci.nsISocketTransport.TIMEOUT_CONNECT, 30);
socketTransport.setTimeout(Ci.nsISocketTransport.TIMEOUT_READ_WRITE, 30);
},
- onStopListening: function(serverSocket, status) {}
+ onStopListening(serverSocket, status) {}
};
function run_test() {
do_get_profile();
Services.prefs.setIntPref("security.OCSP.enabled", 1);
add_tls_server_setup("OCSPStaplingServer", "ocsp_certs");
--- a/security/manager/ssl/tests/unit/test_password_prompt.js
+++ b/security/manager/ssl/tests/unit/test_password_prompt.js
@@ -11,17 +11,17 @@
var gMockPrompter = {
passwordToTry: null,
numPrompts: 0,
// This intentionally does not use arrow function syntax to avoid an issue
// where in the context of the arrow function, |this != gMockPrompter| due to
// how objects get wrapped when going across xpcom boundaries.
- promptPassword: function(dialogTitle, text, password, checkMsg, checkValue) {
+ promptPassword(dialogTitle, text, password, checkMsg, checkValue) {
this.numPrompts++;
if (this.numPrompts > 1) { // don't keep retrying a bad password
return false;
}
equal(text,
"Please enter the master password for the Software Security Device.",
"password prompt text should be as expected");
equal(checkMsg, null, "checkMsg should be null");
--- a/security/manager/ssl/tests/unit/test_pinning_header_parsing.js
+++ b/security/manager/ssl/tests/unit/test_pinning_header_parsing.js
@@ -118,17 +118,17 @@ function run_test() {
checkFailParseInvalidPin(GOOD_MAX_AGE + VALID_PIN1 + VALID_PIN1);
// next section ensure duplicate directives result in failure
checkFailParseInvalidPin(GOOD_MAX_AGE + GOOD_MAX_AGE + VALID_PIN1 + BACKUP_PIN1);
checkFailParseInvalidPin(GOOD_MAX_AGE + VALID_PIN1 + BACKUP_PIN1 + INCLUDE_SUBDOMAINS + INCLUDE_SUBDOMAINS);
checkFailParseInvalidPin(GOOD_MAX_AGE + VALID_PIN1 + BACKUP_PIN1 + REPORT_URI + REPORT_URI);
checkFailParseInvalidPin("thisisinvalidtest");
checkFailParseInvalidPin("invalid" + GOOD_MAX_AGE + VALID_PIN1 + BACKUP_PIN1);
- checkPassRemovingPin("max-age=0"); //test removal without terminating ';'
+ checkPassRemovingPin("max-age=0"); // test removal without terminating ';'
checkPassRemovingPin(MAX_AGE_ZERO);
checkPassRemovingPin(MAX_AGE_ZERO + VALID_PIN1);
checkPassSettingPin(GOOD_MAX_AGE + VALID_PIN1 + BACKUP_PIN1, GOOD_MAX_AGE_SECONDS);
checkPassSettingPin(LONG_MAX_AGE + VALID_PIN1 + BACKUP_PIN1, MAX_MAX_AGE_SECONDS);
checkPassRemovingPin(VALID_PIN1 + MAX_AGE_ZERO + VALID_PIN1);
checkPassSettingPin(GOOD_MAX_AGE + VALID_PIN1 + BACKUP_PIN1);
--- a/security/manager/ssl/tests/unit/test_pkcs11_insert_remove.js
+++ b/security/manager/ssl/tests/unit/test_pkcs11_insert_remove.js
@@ -17,17 +17,17 @@ Cc["@mozilla.org/psm;1"].getService(Ci.n
const gExpectedTokenLabel = "Test PKCS11 Tokeñ Label";
function SmartcardObserver(type) {
this.type = type;
do_test_pending();
}
SmartcardObserver.prototype = {
- observe: function(subject, topic, data) {
+ observe(subject, topic, data) {
equal(topic, this.type, "Observed and expected types should match");
equal(gExpectedTokenLabel, data,
"Expected and observed token labels should match");
Services.obs.removeObserver(this, this.type);
do_test_finished();
}
};
--- a/security/manager/ssl/tests/unit/test_pkcs11_safe_mode.js
+++ b/security/manager/ssl/tests/unit/test_pkcs11_safe_mode.js
@@ -18,17 +18,17 @@ function run_test() {
XPCOMABI: "noarch-spidermonkey",
invalidateCachesOnRestart: function invalidateCachesOnRestart() {
// Do nothing
},
QueryInterface: XPCOMUtils.generateQI([Ci.nsIXULRuntime])
};
let xulRuntimeFactory = {
- createInstance: function (outer, iid) {
+ createInstance(outer, iid) {
if (outer != null) {
throw new Error(Cr.NS_ERROR_NO_AGGREGATION);
}
return xulRuntime.QueryInterface(iid);
}
};
let registrar = Components.manager.QueryInterface(Ci.nsIComponentRegistrar);
--- a/security/manager/ssl/tests/unit/test_pkcs11_token.js
+++ b/security/manager/ssl/tests/unit/test_pkcs11_token.js
@@ -96,17 +96,17 @@ function run_test() {
// does not result in an error.
token.logoutSimple();
ok(!token.isLoggedIn(), "Token should still not be logged into");
ok(!token.hasPassword,
"Token should not have a password before it has been set");
let initialPW = "foo 1234567890`~!@#$%^&*()-_=+{[}]|\\:;'\",<.>/? 一二三";
token.initPassword(initialPW);
- token.login(/*force*/ false);
+ token.login(/* force */ false);
ok(token.isLoggedIn(), "Token should now be logged into");
checkPasswordFeaturesAndResetPassword(token, initialPW);
// We reset the password previously, so we need to initialize again.
token.initPassword("arbitrary");
ok(token.isLoggedIn(),
"Token should be logged into after initializing password again");
--- a/security/manager/ssl/tests/unit/test_sss_savestate.js
+++ b/security/manager/ssl/tests/unit/test_sss_savestate.js
@@ -30,18 +30,16 @@ function checkStateWritten(aSubject, aTo
let stateFileContents = readFile(stateFile);
// the last line is removed because it's just a trailing newline
let lines = stateFileContents.split("\n").slice(0, -1);
equal(lines.length, EXPECTED_ENTRIES);
let sites = {}; // a map of domain name -> [the entry in the state file]
for (let line of lines) {
let parts = line.split("\t");
let host = parts[0];
- let score = parts[1];
- let lastAccessed = parts[2];
let entry = parts[3].split(",");
let expectedColumns = EXPECTED_HSTS_COLUMNS;
if (host.indexOf("HPKP") != -1) {
expectedColumns = EXPECTED_HPKP_COLUMNS;
}
equal(entry.length, expectedColumns);
sites[host] = entry;
}
--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
@@ -5,17 +5,17 @@
// continue to use HSTS.
"use strict";
var gSSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
function Observer() {}
Observer.prototype = {
- observe: function(subject, topic, data) {
+ observe(subject, topic, data) {
if (topic == "last-pb-context-exited") {
run_next_test();
}
}
};
var gObserver = new Observer();
var sslStatus = new FakeSSLStatus();
--- a/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js
+++ b/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js
@@ -13,17 +13,17 @@
* aboutCertError.xhtml once these make use of this component.
*/
"use strict";
const CC = Components.Constructor;
const Cm = Components.manager;
Cu.import("resource://testing-common/AppInfo.jsm");
-/*global updateAppInfo:false*/ // Imported via AppInfo.jsm.
+/* global updateAppInfo:false */ // Imported via AppInfo.jsm.
updateAppInfo();
// We must get the profile before performing operations on the cert db.
do_get_profile();
const certdb = Cc["@mozilla.org/security/x509certdb;1"]
.getService(Ci.nsIX509CertDB);
const reporter = Cc["@mozilla.org/securityreporter;1"]
--- a/security/manager/ssl/tests/unit/test_validity.js
+++ b/security/manager/ssl/tests/unit/test_validity.js
@@ -37,18 +37,17 @@ function loadCert(certFilename, trustStr
* @param {Array} intCertFileNames
* An array of file names of any intermediate certificates.
* @param {String} endEntityCertFileName
* The file name of the end entity cert.
* @param {Boolean} expectedResult
* Whether the chain is expected to validate as EV.
*/
function addEVTest(expectedNamesForOCSP, rootCertFileName, intCertFileNames,
- endEntityCertFileName, expectedResult)
-{
+ endEntityCertFileName, expectedResult) {
add_test(function() {
clearOCSPCache();
let ocspResponder = getOCSPResponder(expectedNamesForOCSP);
loadCert(`${rootCertFileName}.pem`, "CTu,CTu,CTu");
for (let intCertFileName of intCertFileNames) {
loadCert(`${intCertFileName}.pem`, ",,");
}
--- a/security/manager/tools/dumpGoogleRoots.js
+++ b/security/manager/tools/dumpGoogleRoots.js
@@ -17,18 +17,17 @@ var Cc = Components.classes;
var Ci = Components.interfaces;
function downloadRoots() {
let req = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
.createInstance(Ci.nsIXMLHttpRequest);
req.open("GET", "https://pki.google.com/roots.pem", false);
try {
req.send();
- }
- catch (e) {
+ } catch (e) {
throw new Error("ERROR: problem downloading Google Root PEMs: " + e);
}
if (req.status != 200) {
throw new Error("ERROR: problem downloading Google Root PEMs. Status: " +
req.status);
}
--- a/security/manager/tools/genHPKPStaticPins.js
+++ b/security/manager/tools/genHPKPStaticPins.js
@@ -116,45 +116,42 @@ function isCertBuiltIn(cert) {
}
function download(filename) {
let req = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
.createInstance(Ci.nsIXMLHttpRequest);
req.open("GET", filename, false); // doing the request synchronously
try {
req.send();
- }
- catch (e) {
+ } catch (e) {
throw new Error(`ERROR: problem downloading '${filename}': ${e}`);
}
if (req.status != 200) {
throw new Error("ERROR: problem downloading '" + filename + "': status " +
req.status);
}
let resultDecoded;
try {
resultDecoded = atob(req.responseText);
- }
- catch (e) {
+ } catch (e) {
throw new Error("ERROR: could not decode data as base64 from '" + filename +
"': " + e);
}
return resultDecoded;
}
function downloadAsJson(filename) {
// we have to filter out '//' comments, while not mangling the json
let result = download(filename).replace(/^(\s*)?\/\/[^\n]*\n/mg, "");
let data = null;
try {
data = JSON.parse(result);
- }
- catch (e) {
+ } catch (e) {
throw new Error("ERROR: could not parse data from '" + filename + "': " + e);
}
return data;
}
// Returns a Subject Public Key Digest from the given pem, if it exists.
function getSKDFromPem(pem) {
let cert = gCertDB.constructX509FromBase64(pem, pem.length);
@@ -167,18 +164,17 @@ function getSKDFromPem(pem) {
*
* @argument {String} input Base64 string to decode and return the hash of.
* @returns {String} Base64 encoded SHA-256 hash.
*/
function sha256Base64(input) {
let decodedValue;
try {
decodedValue = atob(input);
- }
- catch (e) {
+ } catch (e) {
throw new Error(`ERROR: could not decode as base64: '${input}': ${e}`);
}
// Convert |decodedValue| to an array so that it can be hashed by the
// nsICryptoHash instance below.
// In most cases across the code base, convertToByteArray() of
// nsIScriptableUnicodeConverter is used to do this, but the method doesn't
// seem to work here.
@@ -224,17 +220,16 @@ function downloadAndParseChromeCerts(fil
// Parsing states.
const PRE_NAME = 0;
const POST_NAME = 1;
const IN_CERT = 2;
const IN_PUB_KEY = 3;
let state = PRE_NAME;
let lines = download(filename).split("\n");
- let name = "";
let pemCert = "";
let pemPubKey = "";
let hash = "";
let chromeNameToHash = {};
let chromeNameToMozName = {};
let chromeName;
for (let line of lines) {
// Skip comments and newlines.
@@ -451,17 +446,16 @@ function genExpirationTime() {
let nowMillis = now.getTime();
let expirationMillis = nowMillis + (PINNING_MINIMUM_REQUIRED_MAX_AGE * 1000);
let expirationMicros = expirationMillis * 1000;
return "static const PRTime kPreloadPKPinsExpirationTime = INT64_C(" +
expirationMicros + ");\n";
}
function writeFullPinset(certNameToSKD, certSKDToName, pinset) {
- let prefix = "kPinset_" + pinset.name;
if (!pinset.sha256_hashes || pinset.sha256_hashes.length == 0) {
throw new Error(`ERROR: Pinset ${pinset.name} does not contain any hashes`);
}
writeFingerprints(certNameToSKD, certSKDToName, pinset.name,
pinset.sha256_hashes);
}
function writeFingerprints(certNameToSKD, certSKDToName, name, hashes) {
--- a/security/manager/tools/getHSTSPreloadList.js
+++ b/security/manager/tools/getHSTSPreloadList.js
@@ -44,42 +44,39 @@ const HEADER = "/* This Source Code Form
"#include <stdint.h>\n";
function download() {
var req = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
.createInstance(Ci.nsIXMLHttpRequest);
req.open("GET", SOURCE, false); // doing the request synchronously
try {
req.send();
- }
- catch (e) {
+ } catch (e) {
throw new Error(`ERROR: problem downloading '${SOURCE}': ${e}`);
}
if (req.status != 200) {
throw new Error("ERROR: problem downloading '" + SOURCE + "': status " +
req.status);
}
var resultDecoded;
try {
resultDecoded = atob(req.responseText);
- }
- catch (e) {
+ } catch (e) {
throw new Error("ERROR: could not decode data as base64 from '" + SOURCE +
"': " + e);
}
// we have to filter out '//' comments, while not mangling the json
var result = resultDecoded.replace(/^(\s*)?\/\/[^\n]*\n/mg, "");
var data = null;
try {
data = JSON.parse(result);
- }
- catch (e) {
+ } catch (e) {
throw new Error(`ERROR: could not parse data from '${SOURCE}': ${e}`);
}
return data;
}
function getHosts(rawdata) {
var hosts = [];
@@ -116,18 +113,17 @@ function processStsHeader(host, header,
if (header != null && securityInfo != null) {
try {
var uri = Services.io.newURI("https://" + host.name);
var sslStatus = securityInfo.QueryInterface(Ci.nsISSLStatusProvider)
.SSLStatus;
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS,
uri, header, sslStatus, 0, {}, maxAge,
includeSubdomains);
- }
- catch (e) {
+ } catch (e) {
dump("ERROR: could not process header '" + header + "' from " +
host.name + ": " + e + "\n");
error = e;
}
} else if (status == 0) {
error = ERROR_CONNECTING_TO_HOST;
} else {
error = ERROR_NO_HSTS_HEADER;
@@ -137,41 +133,41 @@ function processStsHeader(host, header,
if (error == ERROR_NONE && maxAge.value < MINIMUM_REQUIRED_MAX_AGE) {
error = ERROR_MAX_AGE_TOO_LOW;
}
return { name: host.name,
maxAge: maxAge.value,
includeSubdomains: includeSubdomains.value,
- error: error,
+ error,
retries: host.retries - 1,
- forceInclude: forceInclude,
+ forceInclude,
originalIncludeSubdomains: host.originalIncludeSubdomains };
}
// RedirectAndAuthStopper prevents redirects and HTTP authentication
function RedirectAndAuthStopper() {}
RedirectAndAuthStopper.prototype = {
// nsIChannelEventSink
- asyncOnChannelRedirect: function(oldChannel, newChannel, flags, callback) {
+ asyncOnChannelRedirect(oldChannel, newChannel, flags, callback) {
throw new Error(Cr.NS_ERROR_ENTITY_CHANGED);
},
// nsIAuthPrompt2
- promptAuth: function(channel, level, authInfo) {
+ promptAuth(channel, level, authInfo) {
return false;
},
- asyncPromptAuth: function(channel, callback, context, level, authInfo) {
+ asyncPromptAuth(channel, callback, context, level, authInfo) {
throw new Error(Cr.NS_ERROR_NOT_IMPLEMENTED);
},
- getInterface: function(iid) {
+ getInterface(iid) {
return this.QueryInterface(iid);
},
QueryInterface: XPCOMUtils.generateQI([Ci.nsIChannelEventSink,
Ci.nsIAuthPrompt2])
};
function getHSTSStatus(host, resultList) {
@@ -201,18 +197,17 @@ function getHSTSStatus(host, resultList)
resultList.push(processStsHeader(host, header, req.status,
req.channel.securityInfo));
}
};
try {
req.channel.notificationCallbacks = new RedirectAndAuthStopper();
req.send();
- }
- catch (e) {
+ } catch (e) {
dump("ERROR: exception making request to " + host.name + ": " + e + "\n");
}
}
function compareHSTSStatus(a, b) {
if (a.name > b.name) {
return 1;
}
@@ -340,18 +335,17 @@ function output(sortedStatuses, currentL
writeTo(PREFIX, fos);
for (let status of includedStatuses) {
writeEntry(status, indices, fos);
}
writeTo(POSTFIX, fos);
FileUtils.closeSafeFileOutputStream(fos);
FileUtils.closeSafeFileOutputStream(eos);
- }
- catch (e) {
+ } catch (e) {
dump("ERROR: problem writing output to '" + OUTPUT + "': " + e + "\n");
}
}
function shouldRetry(response) {
return (response.error != ERROR_NO_HSTS_HEADER &&
response.error != ERROR_MAX_AGE_TOO_LOW &&
response.error != ERROR_NONE && response.retries > 0);
@@ -405,18 +399,18 @@ function readCurrentList(filename) {
var fis = Cc["@mozilla.org/network/file-input-stream;1"]
.createInstance(Ci.nsILineInputStream);
fis.init(file, -1, -1, Ci.nsIFileInputStream.CLOSE_ON_EOF);
var line = {};
// While we generate entries matching the version 2 format (see bug 1255425
// for details), we still need to be able to read entries in the version 1
// format for bootstrapping a version 2 preload list from a version 1
// preload list. Hence these two regexes.
- var v1EntryRegex = / { "([^"]*)", (true|false) },/;
- var v2EntryRegex = / \/\* "([^"]*)", (true|false) \*\//;
+ var v1EntryRegex = / {2}{ "([^"]*)", (true|false) },/;
+ var v2EntryRegex = / {2}\/\* "([^"]*)", (true|false) \*\//;
while (fis.readLine(line)) {
var match = v1EntryRegex.exec(line.value);
if (!match) {
match = v2EntryRegex.exec(line.value);
}
if (match) {
currentHosts[match[1]] = (match[2] == "true");
}
--- a/security/manager/tools/makeCNNICHashes.js
+++ b/security/manager/tools/makeCNNICHashes.js
@@ -165,19 +165,21 @@ function loadCertificates(certFile, curr
if (notAfterMilliseconds > latestNotAfter) {
latestNotAfter = notAfterMilliseconds;
}
}
if (durationMilliseconds >= sixYearsInMilliseconds) {
invalidCerts.push(cert);
}
}
- return { certs: certs,
- lastValidTime: latestNotAfter,
- invalidCerts: invalidCerts };
+ return {
+ certs,
+ lastValidTime: latestNotAfter,
+ invalidCerts
+ };
}
// Expects something like "00:11:22:...", returns a string of bytes.
function hexToBinaryString(hexString) {
let hexBytes = hexString.split(":");
let result = "";
for (let hexByte of hexBytes) {
result += String.fromCharCode(parseInt(hexByte, 16));
@@ -241,19 +243,17 @@ function readCurrentWhitelist(currentWhi
let currentWhitelist = {};
for (let i = 1; i < split.length && i < split.length - 1; i += 2) {
let hash = split[i].replace(/0x/g, "").replace(/,/g, ":");
currentWhitelist[hash] = true;
}
return currentWhitelist;
}
-///////////////////////////////////////////////////////////////////////////////
-///////////////////////////////////////////////////////////////////////////////
-///////////////////////////////////////////////////////////////////////////////
+// ----------------------------------------------------------------------------
if (arguments.length != 3) {
throw new Error("Usage: makeCNNICHashes.js <PEM intermediates file> " +
"<path to list of certificates> <path to current whitelist file>");
}
Services.prefs.setIntPref("security.OCSP.enabled", 0);
var intermediatesFile = pathToFile(arguments[0]);
--- a/testing/mochitest/mochitest.eslintrc.js
+++ b/testing/mochitest/mochitest.eslintrc.js
@@ -1,11 +1,11 @@
// Parent config file for all mochitest files.
module.exports = {
- rules: {
+ "rules": {
"mozilla/import-headjs-globals": "warn",
"mozilla/mark-test-function-used": "warn",
"no-shadow": "error",
},
"env": {
"browser": true,
"mozilla/simpletest": true,