1188100 - fold PSM's test_client_cert.js into necko's test_tls_server.js

Status: RESOLVED FIXED

(Core :: Security: PSM, defect)

Description

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

See bug 1174288 and blockers. test_client_cert.js should generate its input certificate and key at build time. The tricky part here is that it wants a PKCS #12 file as input. That's not what we're testing, though, so we should be able to get away with generating a relatively simple PKCS #12 file that includes the certificate and key unencrypted.

Comment 1

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

Eh, better idea: fold PSM's test_client_cert.js into necko's test_tls_server.js since it already has a mechanism for coming up with a client certificate and doesn't involve an external binary (like ClientAuthServer, which we can now get rid of).

Comment 2

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

Attachment: MozReview Request: bug 1188100 - fold PSM's test_client_cert.js into necko's test_tls_server.js r?mcmanus

bug 1188100 - fold PSM's test_client_cert.js into necko's test_tls_server.js r?mcmanus

Comment 3

[Patrick McManus [:mcmanus]]

https://reviewboard.mozilla.org/r/14433/#review13283

lgtm

Comment 4

[Patrick McManus [:mcmanus]]

Comment on attachment 8641154 [details]
MozReview Request: bug 1188100 - fold PSM's test_client_cert.js into necko's test_tls_server.js r?mcmanus

https://reviewboard.mozilla.org/r/14435/#review13279

Ship It!

Comment 5

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

Thanks!
https://treeherder.mozilla.org/#/jobs?repo=try&revision=27ba7853340f

Comment 6

[Pulsebot]

https://hg.mozilla.org/integration/mozilla-inbound/rev/947359cbc153

Comment 7

[Carsten Book [:Tomcat]]

https://hg.mozilla.org/mozilla-central/rev/947359cbc153