gecko/security/manager/ssl/tests/mochitest/bugs/test_bug483440.html

<html>
<head>
  <title>Test bug 483437 and bug 480509</title>
  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        
  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>

<script class="testbody" type="text/javascript">

netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");

var certdb = Components.classes["@mozilla.org/security/x509certdb;1"]
  .getService(Components.interfaces.nsIX509CertDB);

function test(certNick, expected)
{
  var cert1 = certdb.findCertByNickname(null, certNick);
  var certDumpTree1 = Components.classes["@mozilla.org/security/nsASN1Tree;1"]
                     .createInstance(Components.interfaces.nsIASN1Tree);
  certDumpTree1.loadASN1Structure(cert1.ASN1Structure);
  var value1 = certDumpTree1.getDisplayData(9);
  
  is(value1, expected, "Incorrect OID recognized");
}

test("bug483440-attack2b", 
     "Object Identifier (2 5 4 Unknown) = www.bank.com\n"+
     "OU = Hacking Division\n"+
     "CN = www.badguy.com\nO = Badguy Inc\n");

test("bug483440-pk10oflo",
     "Object Identifier (2 5 4 Unknown) = www.bank.com\n"+
     "OU = Hacking Division\n"+
     "CN = www.badguy.com\nO = Badguy Inc\n");

test("bug483440-attack7",

     // Check 88 80 80 80 01, not leading, have to pass
     "Object Identifier (2 5 4 2147483649) = attack1\n"+
     
     // Check 90 80 80 80 01, not leading, have to fail
     "Object Identifier (2 5 4 Unknown) = attack2\n"+
     
     // Check 80 80 80 80 80, not leading, have to fail
     "Object Identifier (2 5 4 Unknown) = attack3\n"+
     
     // Check 81 81, trailing, have to fail
     "Object Identifier (2 5 4 3 Unknown) = attack4\n"+
     
     // Check FF FF FF 7F, not leading, have to pass
     "Object Identifier (2 5 4 268435455) = attack5\n"+
     
     // Check 80 leading, have to fail
     "Object Identifier (Unknown 3) = attack6\n"+
     
     // Check 14757 = 2*40 + 14677 leading single byle encoded as F325, 
     // have to pass
     "Object Identifier (2 14677 4 3) = attack7\n");

</script>

</body>
</html>