Commit 6aa0aa41 authored by Franziskus Kiefer's avatar Franziskus Kiefer
Browse files

Bug 1304923 - adding key exchange group and signature scheme details to...

Bug 1304923 - adding key exchange group and signature scheme details to devtools view, r=keeler, Honza

This patch adds the group used for TLS key exchange and the siganture scheme of the certificate to SSLStatus and displays it in devtools.

MozReview-Commit-ID: 7aTj0U5GIvo

--HG--
extra : rebase_source : 7afe39dcf2a13d9ca9e35e45c333a1bcba424729
parent 5a51ebb7
Loading
Loading
Loading
Loading
+27 −0
Original line number Diff line number Diff line
@@ -762,6 +762,33 @@ netmonitor.security.protocolVersion=Protocol version:
# in the security tab describing the cipher suite used to secure this connection.
netmonitor.security.cipherSuite=Cipher suite:

# LOCALIZATION NOTE (netmonitor.security.keaGroup): This is the label displayed
# in the security tab describing the key exchange group suite used to secure
# this connection.
netmonitor.security.keaGroup=Key Exchange Group:

# LOCALIZATION NOTE (netmonitor.security.keaGroup.none): This is the label
# displayed in the security tab describing the case when no group was used.
netmonitor.security.keaGroup.none=none

# LOCALIZATION NOTE (netmonitor.security.keaGroup.unknown): This is the value
# displayed in the security tab describing an unknown group.
netmonitor.security.keaGroup.unknown=unknown group

# LOCALIZATION NOTE (netmonitor.security.signatureScheme): This is the label
# displayed in the security tab describing the signature scheme used by for
# the server certificate in this connection.
netmonitor.security.signatureScheme=Signature Scheme:

# LOCALIZATION NOTE (netmonitor.security.signatureScheme.none): This is the
# label displayed in the security tab describing the case when no signature
# was used.
netmonitor.security.signatureScheme.none=none

# LOCALIZATION NOTE (netmonitor.security.signatureScheme.unknown): This is the
# value displayed in the security tab describing an unknown signature scheme.
netmonitor.security.signatureScheme.unknown=unknown signature scheme

# LOCALIZATION NOTE (netmonitor.security.hsts): This is the label displayed
# in the security tab describing the usage of HTTP Strict Transport Security.
netmonitor.security.hsts=HTTP Strict Transport Security:
+4 −0
Original line number Diff line number Diff line
@@ -45,6 +45,10 @@ function SecurityPanel({ request }) {
          securityInfo.protocolVersion || notAvailable,
        [L10N.getStr("netmonitor.security.cipherSuite")]:
          securityInfo.cipherSuite || notAvailable,
        [L10N.getStr("netmonitor.security.keaGroup")]:
          securityInfo.keaGroupName || notAvailable,
        [L10N.getStr("netmonitor.security.signatureScheme")]:
          securityInfo.signatureSchemeName || notAvailable,
      },
      [L10N.getFormatStr("netmonitor.security.hostHeader", getUrlHost(url))]: {
        [L10N.getStr("netmonitor.security.hsts")]:
+15 −12
Original line number Diff line number Diff line
@@ -48,31 +48,34 @@ add_task(function* () {
  is(tabpanel.querySelectorAll(".treeLabel.objectLabel")[1].textContent,
     "Host example.com:",
     "Label has the expected value.");
  is(textboxes[2].value, "Disabled", "Label has the expected value.");
  is(textboxes[3].value, "Disabled", "Label has the expected value.");
  // These two values can change. So only check they're not empty.
  ok(textboxes[2].value !== "", "Label value is not empty.");
  ok(textboxes[3].value !== "", "Label value is not empty.");
  is(textboxes[4].value, "Disabled", "Label has the expected value.");
  is(textboxes[5].value, "Disabled", "Label has the expected value.");

  // Cert
  is(textboxes[4].value, "example.com", "Label has the expected value.");
  is(textboxes[5].value, "<Not Available>", "Label has the expected value.");
  is(textboxes[6].value, "<Not Available>", "Label has the expected value.");
  is(textboxes[6].value, "example.com", "Label has the expected value.");
  is(textboxes[7].value, "<Not Available>", "Label has the expected value.");
  is(textboxes[8].value, "<Not Available>", "Label has the expected value.");

  is(textboxes[7].value, "Temporary Certificate Authority",
  is(textboxes[9].value, "Temporary Certificate Authority",
     "Label has the expected value.");
  is(textboxes[8].value, "Mozilla Testing", "Label has the expected value.");
  is(textboxes[9].value, "Profile Guided Optimization", "Label has the expected value.");
  is(textboxes[10].value, "Mozilla Testing", "Label has the expected value.");
  is(textboxes[11].value, "Profile Guided Optimization", "Label has the expected value.");

  // Locale sensitive and varies between timezones. Cant't compare equality or
  // the test fails depending on which part of the world the test is executed.

  // cert validity begins
  isnot(textboxes[10].value, "", "Label was not empty.");
  isnot(textboxes[12].value, "", "Label was not empty.");
  // cert validity expires
  isnot(textboxes[11].value, "", "Label was not empty.");
  isnot(textboxes[13].value, "", "Label was not empty.");

  // cert sha1 fingerprint
  isnot(textboxes[12].value, "", "Label was not empty.");
  isnot(textboxes[14].value, "", "Label was not empty.");
  // cert sha256 fingerprint
  isnot(textboxes[13].value, "", "Label was not empty.");
  isnot(textboxes[15].value, "", "Label was not empty.");

  yield teardown(monitor);
});
+24 −0
Original line number Diff line number Diff line
@@ -63,6 +63,8 @@ const {components, Cc, Ci} = require("chrome");
loader.lazyImporter(this, "NetUtil", "resource://gre/modules/NetUtil.jsm");
const DevToolsUtils = require("devtools/shared/DevToolsUtils");
const Services = require("Services");
const { LocalizationHelper } = require("devtools/shared/l10n");
const L10N = new LocalizationHelper("devtools/client/locales/netmonitor.properties");

// The cache used in the `nsIURL` function.
const gNSURLStore = new Map();
@@ -620,6 +622,28 @@ var NetworkHelper = {
      // Cipher suite.
      info.cipherSuite = SSLStatus.cipherName;

      // Key exchange group name.
      info.keaGroupName = SSLStatus.keaGroupName;
      // Localise two special values.
      if (info.keaGroupName == "none") {
        info.keaGroupName = L10N.getStr("netmonitor.security.keaGroup.none");
      }
      if (info.keaGroupName == "unknown group") {
        info.keaGroupName = L10N.getStr("netmonitor.security.keaGroup.unknown");
      }

      // Certificate signature scheme.
      info.signatureSchemeName = SSLStatus.signatureSchemeName;
      // Localise two special values.
      if (info.signatureSchemeName == "none") {
        info.signatureSchemeName =
          L10N.getStr("netmonitor.security.signatureScheme.none");
      }
      if (info.signatureSchemeName == "unknown signature") {
        info.signatureSchemeName =
          L10N.getStr("netmonitor.security.signatureScheme.unknown");
      }

      // Protocol version.
      info.protocolVersion =
        this.formatSecurityProtocol(SSLStatus.protocolVersion);
+4 −0
Original line number Diff line number Diff line
@@ -18,6 +18,10 @@ interface nsISSLStatus : nsISupports {
  readonly attribute unsigned long keyLength;
  [must_use]
  readonly attribute unsigned long secretKeyLength;
  [must_use]
  readonly attribute ACString keaGroupName;
  [must_use]
  readonly attribute ACString signatureSchemeName;

  const short SSL_VERSION_3   = 0;
  const short TLS_VERSION_1   = 1;
Loading