Update web-platform-tests to revision 077bb422b7bb21491a414e334bc594d83ca9e55b

tests/wpt/web-platform-tests/signed-exchange/README.md

@@ -0,0 +1,22 @@
+This directory contains tests for the
+[b2 implementation snapshot](https://tools.ietf.org/html/draft-yasskin-httpbis-origin-signed-exchanges-impl-02) of the
+[Signed HTTP Exchanges](https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html).
+
+`resources` directory contains pregenerated signed exchanges and
+certificate files. To run the tests in this directory,
+`resources/127.0.0.1.sxg.pem` must be added as a trusted certificate
+in your OS/browser, or your browser must be configured to ignore
+errors for that certificate.
+
+Also, these pregenerated signed exchanges and cert files are likely to
+be expired, since they have short lifetime (maximum 7 days). If your
+browser does not have an option to ignore certificate errors,
+regenerate these files by running `generate-test-sxgs.sh` in the
+`resource` directory before running the tests.
+
+`generate-test-sxgs.sh` requires command-line tools in the
+[webpackage repository][https://github.com/WICG/webpackage].
+To install them, run:
+```
+go get -u github.com/WICG/webpackage/go/signedexchange/cmd/...
+```

tests/wpt/web-platform-tests/signed-exchange/resources/127.0.0.1.sxg.ext

@@ -0,0 +1,7 @@
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = DNS:127.0.0.1
+
+# CanSignHttpExchanges extension
+# https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html#cross-origin-cert-req
+1.3.6.1.4.1.11129.2.1.22 = ASN1:NULL

tests/wpt/web-platform-tests/signed-exchange/resources/127.0.0.1.sxg.key

@@ -0,0 +1,8 @@
+-----BEGIN EC PARAMETERS-----
+BggqhkjOPQMBBw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIENXRP9iROaUuhisQ+3Rb9hS14J8ny36TRPBDfuWNLfWoAoGCCqGSM49
+AwEHoUQDQgAELBO41fB7hYZ9BqY4V0xMPUJZIH20ZW5fLHw26gHs20Hv+4GKgnHR
+3Simlna0fLxxDD/WRmADUZiA6e1blThkJA==
+-----END EC PRIVATE KEY-----

tests/wpt/web-platform-tests/signed-exchange/resources/127.0.0.1.sxg.pem

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBmDCCAT+gAwIBAgIJANaBpqCSy2GLMAoGCCqGSM49BAMCMDAxEjAQBgNVBAMM
+CTEyNy4wLjAuMTENMAsGA1UECgwEVGVzdDELMAkGA1UEBhMCVVMwHhcNMTgxMDE1
+MDczNDAzWhcNMjgxMDEyMDczNDAzWjAwMRIwEAYDVQQDDAkxMjcuMC4wLjExDTAL
+BgNVBAoMBFRlc3QxCzAJBgNVBAYTAlVTMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
+QgAELBO41fB7hYZ9BqY4V0xMPUJZIH20ZW5fLHw26gHs20Hv+4GKgnHR3Simlna0
+fLxxDD/WRmADUZiA6e1blThkJKNCMEAwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAw
+FAYDVR0RBA0wC4IJMTI3LjAuMC4xMBAGCisGAQQB1nkCARYEAgUAMAoGCCqGSM49
+BAMCA0cAMEQCIBz3vP5lPS2h8noHlnQ8VupcIJoIbmIfWUExW/tsSj1uAiBxve6H
+aoDl5q91E6FisA8UhCUt0KSy2bL37IJwo6LwOg==
+-----END CERTIFICATE-----

tests/wpt/web-platform-tests/signed-exchange/resources/127.0.0.1.sxg.pem.cbor.headers

@@ -0,0 +1 @@
+Content-Type: application/cert-chain+cbor

tests/wpt/web-platform-tests/signed-exchange/resources/generate-test-certs.sh

@@ -0,0 +1,19 @@
+#!/bin/sh
+
+# Creates a self-signed certificate to use for signing exchanges.
+# TODO: Integrate into tools/wptserve/wptserve/sslutils/openssl.py
+
+set -e
+
+openssl ecparam -out 127.0.0.1.sxg.key -name prime256v1 -genkey
+
+openssl req -new -sha256 \
+  -key 127.0.0.1.sxg.key \
+  -out 127.0.0.1.sxg.csr \
+  --subj '/CN=127.0.0.1/O=Test/C=US'
+
+openssl x509 -req -days 3650 \
+  -in 127.0.0.1.sxg.csr \
+  -extfile 127.0.0.1.sxg.ext \
+  -signkey 127.0.0.1.sxg.key \
+  -out 127.0.0.1.sxg.pem

tests/wpt/web-platform-tests/signed-exchange/resources/generate-test-sxgs.sh

@@ -0,0 +1,37 @@
+#!/bin/sh
+certfile=127.0.0.1.sxg.pem
+keyfile=127.0.0.1.sxg.key
+host=127.0.0.1
+
+set -e
+
+for cmd in gen-signedexchange gen-certurl; do
+    if ! command -v $cmd > /dev/null 2>&1; then
+        echo "$cmd is not installed. Please run:"
+        echo "  go get -u github.com/WICG/webpackage/go/signedexchange/cmd/..."
+        exit 1
+    fi
+done
+
+tmpdir=$(mktemp -d)
+
+echo -n OCSP >$tmpdir/ocsp
+gen-certurl -pem $certfile -ocsp $tmpdir/ocsp > $certfile.cbor
+
+# TODO: Stop hard-coding "web-platform.test" in certUrl when generating
+# Signed Exchanges on the fly.
+gen-signedexchange \
+  -version 1b2 \
+  -uri https://$host/signed-exchange/resources/inner-url.html \
+  -status 200 \
+  -content sxg-location.html \
+  -certificate $certfile \
+  -certUrl https://web-platform.test:8444/signed-exchange/resources/$certfile.cbor \
+  -validityUrl https://$host/signed-exchange/resources/resource.validity.msg \
+  -privateKey $keyfile \
+  -date 2018-04-01T00:00:00Z \
+  -expire 168h \
+  -o sxg-location.sxg \
+  -miRecordSize 100
+
+rm -fr $tmpdir

tests/wpt/web-platform-tests/signed-exchange/resources/sxg-location.html

@@ -0,0 +1,7 @@
+<!DOCTYPE html>
+<title>Content of SignedHTTPExchange</title>
+<script>
+window.addEventListener('message', (event) => {
+  event.data.port.postMessage({location: document.location.href, is_fallback: false});
+}, false);
+</script>

tests/wpt/web-platform-tests/signed-exchange/resources/sxg-location.sxg.headers

@@ -0,0 +1 @@
+Content-Type: application/signed-exchange;v=b2

tests/wpt/web-platform-tests/signed-exchange/resources/sxg-util.js

@@ -0,0 +1,36 @@
+// Opens |url| in an iframe, establish a message channel with it, and waits for
+// a message from the frame content. Returns a promise that resolves with the
+// data of the message, or rejects on 2000ms timeout.
+function openSXGInIframeAndWaitForMessage(test_object, url) {
+  return new Promise(async (resolve, reject) => {
+    // We can't catch the network error on iframe. So we use the timer.
+    test_object.step_timeout(() => reject('timeout'), 2000);
+
+    const frame = await withIframe(url, 'sxg_iframe');
+    const channel = new MessageChannel();
+    channel.port1.onmessage = (event) => resolve(event.data);
+    frame.contentWindow.postMessage(
+        {port: channel.port2}, '*', [channel.port2]);
+  });
+}
+
+function withIframe(url, name) {
+  return new Promise((resolve, reject) => {
+      const frame = document.createElement('iframe');
+      frame.src = url;
+      frame.name = name;
+      frame.onload = () => resolve(frame);
+      frame.onerror = () => reject('failed to load ' + url);
+      document.body.appendChild(frame);
+    });
+}
+
+function loadScript(url) {
+  return new Promise((resolve, reject) => {
+    const scriptTag = document.createElement('script');
+    scriptTag.src = url;
+    scriptTag.onload = () => resolve();
+    scriptTag.onerror = () => reject('failed to load ' + url);
+    document.head.appendChild(scriptTag);
+  });
+}

tests/wpt/web-platform-tests/signed-exchange/sxg-location.tentative.html

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<title>Location of SignedHTTPExchange</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="./resources/sxg-util.js"></script>
+<body>
+<script>
+promise_test(async (t) => {
+  const sxgUrl = get_host_info().HTTPS_ORIGIN + '/signed-exchange/resources/sxg-location.sxg';
+  const message = await openSXGInIframeAndWaitForMessage(t, sxgUrl);
+  assert_equals(message.location, 'https://127.0.0.1/signed-exchange/resources/inner-url.html');
+  assert_false(message.is_fallback);
+}, 'Location of SignedHTTPExchange');
+
+</script>
+</body>