Bug 1243193 - Use Assert.throws() more in PSM tests.
--- a/security/manager/ssl/tests/unit/test_cert_dbKey.js
+++ b/security/manager/ssl/tests/unit/test_cert_dbKey.js
@@ -48,24 +48,18 @@ function encodeCommonNameAsBytes(commonN
bytes.unshift(bytes.length);
bytes.unshift(0x31); // SET
bytes.unshift(bytes.length);
bytes.unshift(0x30); // SEQUENCE
return bytes;
}
function testInvalidDBKey(certDB, dbKey) {
- let exceptionCaught = false;
- try {
- let cert = certDB.findCertByDBKey(dbKey);
- } catch(e) {
- do_print(e);
- exceptionCaught = true;
- }
- ok(exceptionCaught, "should have thrown and caught an exception");
+ throws(() => certDB.findCertByDBKey(dbKey), undefined,
+ `"${dbKey}" should result in an exception`);
}
function testDBKeyForNonexistentCert(certDB, dbKey) {
let cert = certDB.findCertByDBKey(dbKey);
ok(!cert, "shouldn't find cert for given dbKey");
}
function byteArrayToByteString(bytes) {
--- a/security/manager/ssl/tests/unit/test_constructX509FromBase64.js
+++ b/security/manager/ssl/tests/unit/test_constructX509FromBase64.js
@@ -30,36 +30,32 @@ function testGood(data) {
"Actual and expected commonName should match");
} catch (e) {
do_print(`Exception: ${excMessage(e)}`)
ok(false, `Should not have gotten an exception for "CN=${data.cn}"`);
}
}
function testBad(data) {
- try {
- let cert = certDB.constructX509FromBase64(data.input);
- ok(false, `Should have gotten an exception for "${data.input}"`);
- } catch (e) {
- equal(e.result, data.result,
- "Actual and expected exception result should match");
- }
+ throws(() => certDB.constructX509FromBase64(data.input), data.result,
+ `Should get "${data.result}" for "${data.input}"`);
}
function run_test() {
const badCases = [
// Wrong type or too short
- { input: null, result: Cr.NS_ERROR_ILLEGAL_VALUE },
- { input: "", result: Cr.NS_ERROR_ILLEGAL_VALUE },
- { input: "=", result: Cr.NS_ERROR_ILLEGAL_VALUE },
- { input: "==", result: Cr.NS_ERROR_ILLEGAL_VALUE },
+ { input: null, result: /NS_ERROR_ILLEGAL_VALUE/ },
+ { input: "", result: /NS_ERROR_ILLEGAL_VALUE/ },
+ { input: "=", result: /NS_ERROR_ILLEGAL_VALUE/ },
+ { input: "==", result: /NS_ERROR_ILLEGAL_VALUE/ },
// Not base64
- { input: "forty-four dead stone lions", result: Cr.NS_ERROR_ILLEGAL_VALUE },
+ { input: "forty-four dead stone lions", result: /NS_ERROR_ILLEGAL_VALUE/ },
// Not a cert
- { input: "Zm9ydHktZm91ciBkZWFkIHN0b25lIGxpb25z", result: Cr.NS_ERROR_FAILURE }
+ { input: "Zm9ydHktZm91ciBkZWFkIHN0b25lIGxpb25z",
+ result: /NS_ERROR_FAILURE/ },
];
// Real certs with all three padding levels
const goodCases = [
{ cn: "A", cert: "MIHhMIGcAgEAMA0GCSqGSIb3DQEBBQUAMAwxCjAIBgNVBAMTAUEwHhcNMTEwMzIzMjMyNTE3WhcNMTEwNDIyMjMyNTE3WjAMMQowCAYDVQQDEwFBMEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxANFm7ZCfYNJViaDWTFuMClX3+9u18VFGiyLfM6xJrxir4QVtQC7VUC/WUGoBUs9COQIDAQABMA0GCSqGSIb3DQEBBQUAAzEAx2+gIwmuYjJO5SyabqIm4lB1MandHH1HQc0y0tUFshBOMESTzQRPSVwPn77a6R9t" },
{ cn: "Bo", cert: "MIHjMIGeAgEAMA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNVBAMTAkJvMB4XDTExMDMyMzIzMjYwMloXDTExMDQyMjIzMjYwMlowDTELMAkGA1UEAxMCQm8wTDANBgkqhkiG9w0BAQEFAAM7ADA4AjEA1FoSl9w9HqMqVgk2K0J3OTiRsgHeNsQdPUl6S82ME33gH+E56PcWZA3nse+fpS3NAgMBAAEwDQYJKoZIhvcNAQEFBQADMQAo/e3BvQAmygiATljQ68tWPoWcbMwa1xxAvpWTEc1LOvMqeDBinBUqbAbSmPhGWb4=" },
{ cn: "Cid", cert: "MIHlMIGgAgEAMA0GCSqGSIb3DQEBBQUAMA4xDDAKBgNVBAMTA0NpZDAeFw0xMTAzMjMyMzI2MzJaFw0xMTA0MjIyMzI2MzJaMA4xDDAKBgNVBAMTA0NpZDBMMA0GCSqGSIb3DQEBAQUAAzsAMDgCMQDUUxlF5xKN+8KCSsR83sN+SRwJmZdliXsnBB7PU0OgbmOWN0u8yehRkmu39kN9tzcCAwEAATANBgkqhkiG9w0BAQUFAAMxAJ3UScNqRcjHFrNu4nuwRldZLJlVJvRYXp982V4/kYodQEGN4gJ+Qyj+HTsaXy5x/w==" }
];
--- a/security/manager/ssl/tests/unit/test_logoutAndTeardown.js
+++ b/security/manager/ssl/tests/unit/test_logoutAndTeardown.js
@@ -11,26 +11,20 @@ function connect_and_teardown() {
let socketTransportService =
Cc["@mozilla.org/network/socket-transport-service;1"]
.getService(Ci.nsISocketTransportService);
let tearDown = false;
let reader = {
onInputStreamReady: function(stream) {
- try {
- stream.available();
- Assert.ok(false, "stream.available() should have thrown");
- }
- catch (e) {
- Assert.equal(e.result, Components.results.NS_ERROR_FAILURE,
- "stream should be in an error state");
- Assert.ok(tearDown, "this should be as a result of logoutAndTeardown");
- run_next_test();
- }
+ throws(() => stream.available(), /NS_ERROR_FAILURE/,
+ "stream should be in an error state");
+ ok(tearDown, "A tear down attempt should have occurred");
+ run_next_test();
}
};
let sink = {
onTransportStatus: function(transport, status, progress, progressmax) {
if (status == Ci.nsISocketTransport.STATUS_CONNECTED_TO) {
// Try to logout and tear down the secure decoder ring.
// This should close and stream and notify the reader.
--- a/security/manager/ssl/tests/unit/test_pinning_dynamic.js
+++ b/security/manager/ssl/tests/unit/test_pinning_dynamic.js
@@ -144,43 +144,39 @@ function checkStateRead(aSubject, aTopic
checkFail(certFromFile('cn-b.pinning2.example.com-badca'), "b.pinning2.example.com");
checkOK(certFromFile('cn-b.pinning2.example.com-pinningroot'), "b.pinning2.example.com");
checkFail(certFromFile('cn-x.b.pinning2.example.com-badca'), "x.b.pinning2.example.com");
checkOK(certFromFile('cn-x.b.pinning2.example.com-pinningroot'), "x.b.pinning2.example.com");
checkDefaultSiteHPKPStatus();
// failure to insert new pin entry leaves previous pin behavior
- try {
+ throws(() => {
gSSService.setKeyPins("a.pinning2.example.com", true, 1000, 1,
["not a hash"]);
- ok(false, "Attempting to set an invalid pin should have failed");
- } catch(e) {
- }
+ }, undefined, "Attempting to set an invalid pin should fail");
checkFail(certFromFile('cn-a.pinning2.example.com-badca'), "a.pinning2.example.com");
checkOK(certFromFile('cn-a.pinning2.example.com-pinningroot'), "a.pinning2.example.com");
checkOK(certFromFile('cn-x.a.pinning2.example.com-badca'), "x.a.pinning2.example.com");
checkOK(certFromFile('cn-x.a.pinning2.example.com-pinningroot'), "x.a.pinning2.example.com");
checkFail(certFromFile('cn-www.example.com-alt-a.pinning2.example-badca'), "a.pinning2.example.com");
checkOK(certFromFile('cn-www.example.com-alt-a.pinning2.example-pinningroot'), "a.pinning2.example.com");
checkFail(certFromFile('cn-b.pinning2.example.com-badca'), "b.pinning2.example.com");
checkOK(certFromFile('cn-b.pinning2.example.com-pinningroot'), "b.pinning2.example.com");
checkFail(certFromFile('cn-x.b.pinning2.example.com-badca'), "x.b.pinning2.example.com");
checkOK(certFromFile('cn-x.b.pinning2.example.com-pinningroot'), "x.b.pinning2.example.com");
checkDefaultSiteHPKPStatus();
// Incorrect size results in failure
- try {
+ throws(() => {
gSSService.setKeyPins("a.pinning2.example.com", true, 1000, 2,
["not a hash"]);
- ok(false, "Attempting to set a pin with an incorrect size should have failed");
- } catch(e) {
- }
+ }, undefined, "Attempting to set a pin with an incorrect size should fail");
// Ensure built-in pins work as expected
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
"nonexistent.example.com", 0),
"Not built-in nonexistent.example.com should not have HPKP status");
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
"include-subdomains.pinning.example.com", 0),
"Built-in include-subdomains.pinning.example.com should have HPKP status");
--- a/security/manager/ssl/tests/unit/test_pinning_header_parsing.js
+++ b/security/manager/ssl/tests/unit/test_pinning_header_parsing.js
@@ -20,23 +20,20 @@ function loadCert(cert_name, trust_strin
addCertFromFile(certdb, cert_filename, trust_string);
return constructCertFromFile(cert_filename);
}
function checkFailParseInvalidPin(pinValue) {
let sslStatus = new FakeSSLStatus(
certFromFile('cn-a.pinning2.example.com-pinningroot'));
let uri = Services.io.newURI("https://a.pinning2.example.com", null, null);
- try {
+ throws(() => {
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HPKP, uri,
pinValue, sslStatus, 0);
- ok(false, "Invalid pin should have been rejected");
- } catch (e) {
- ok(true, "Invalid pin should be rejected");
- }
+ }, undefined, "Invalid pin should be rejected");
}
function checkPassValidPin(pinValue, settingPin) {
let sslStatus = new FakeSSLStatus(
certFromFile('cn-a.pinning2.example.com-pinningroot'));
let uri = Services.io.newURI("https://a.pinning2.example.com", null, null);
// setup preconditions for the test, if setting ensure there is no previous
--- a/security/manager/ssl/tests/unit/test_pkcs11_safe_mode.js
+++ b/security/manager/ssl/tests/unit/test_pkcs11_safe_mode.js
@@ -41,17 +41,11 @@ function run_test() {
// When starting in safe mode, the test module should fail to load.
let pkcs11 = Cc["@mozilla.org/security/pkcs11;1"].getService(Ci.nsIPKCS11);
let libraryName = ctypes.libraryName("pkcs11testmodule");
let libraryFile = Services.dirsvc.get("CurWorkD", Ci.nsILocalFile);
libraryFile.append("pkcs11testmodule");
libraryFile.append(libraryName);
ok(libraryFile.exists(), "The pkcs11testmodule file should exist");
- let exceptionCaught = false;
- try {
- pkcs11.addModule("PKCS11 Test Module", libraryFile.path, 0, 0);
- ok(false, "addModule should have thrown an exception");
- } catch (e) {
- exceptionCaught = true;
- }
- ok(exceptionCaught, "addModule should have thrown an exception");
+ throws(() => pkcs11.addModule("PKCS11 Test Module", libraryFile.path, 0, 0),
+ undefined, "addModule should throw an exception when in safe mode");
}
--- a/security/manager/ssl/tests/unit/test_sts_fqdn.js
+++ b/security/manager/ssl/tests/unit/test_sts_fqdn.js
@@ -39,15 +39,12 @@ function run_test() {
"example.com.", 0));
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"example.com..", 0));
// Somehow creating this malformed URI succeeds - we need to handle it
// gracefully.
uri = Services.io.newURI("https://../foo", null, null);
equal(uri.host, "..");
- try {
+ throws(() => {
SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0);
- ok(false); // this shouldn't run
- } catch (e) {
- equal(e.result, Cr.NS_ERROR_UNEXPECTED);
- }
+ }, /NS_ERROR_UNEXPECTED/, "Malformed URI should be rejected");
}