| OLD | NEW |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <cert.h> | 5 #include <cert.h> |
| 6 #include <pk11pub.h> | 6 #include <pk11pub.h> |
| 7 | 7 |
| 8 #include <algorithm> | 8 #include <algorithm> |
| 9 | 9 |
| 10 #include "base/file_path.h" | 10 #include "base/file_path.h" |
| 11 #include "base/file_util.h" | 11 #include "base/file_util.h" |
| 12 #include "base/lazy_instance.h" | 12 #include "base/lazy_instance.h" |
| 13 #include "base/path_service.h" | 13 #include "base/path_service.h" |
| 14 #include "base/scoped_temp_dir.h" | 14 #include "base/scoped_temp_dir.h" |
| 15 #include "base/string16.h" |
| 15 #include "base/string_util.h" | 16 #include "base/string_util.h" |
| 16 #include "base/utf_string_conversions.h" | 17 #include "base/utf_string_conversions.h" |
| 17 #include "crypto/nss_util.h" | 18 #include "crypto/nss_util.h" |
| 18 #include "crypto/nss_util_internal.h" | 19 #include "crypto/nss_util_internal.h" |
| 19 #include "crypto/scoped_nss_types.h" | 20 #include "crypto/scoped_nss_types.h" |
| 20 #include "net/base/cert_database.h" | 21 #include "net/base/cert_database.h" |
| 21 #include "net/base/cert_status_flags.h" | 22 #include "net/base/cert_status_flags.h" |
| 22 #include "net/base/cert_verify_result.h" | 23 #include "net/base/cert_verify_result.h" |
| 23 #include "net/base/crypto_module.h" | 24 #include "net/base/crypto_module.h" |
| 24 #include "net/base/net_errors.h" | 25 #include "net/base/net_errors.h" |
| (...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 145 // the other slots. | 146 // the other slots. |
| 146 EXPECT_LT(0U, certs.size()); | 147 EXPECT_LT(0U, certs.size()); |
| 147 } | 148 } |
| 148 | 149 |
| 149 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12WrongPassword) { | 150 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12WrongPassword) { |
| 150 std::string pkcs12_data = ReadTestFile("client.p12"); | 151 std::string pkcs12_data = ReadTestFile("client.p12"); |
| 151 | 152 |
| 152 EXPECT_EQ(ERR_PKCS12_IMPORT_BAD_PASSWORD, | 153 EXPECT_EQ(ERR_PKCS12_IMPORT_BAD_PASSWORD, |
| 153 cert_db_.ImportFromPKCS12(slot_, | 154 cert_db_.ImportFromPKCS12(slot_, |
| 154 pkcs12_data, | 155 pkcs12_data, |
| 155 ASCIIToUTF16(""), | 156 string16(), |
| 156 true)); // is_extractable | 157 true)); // is_extractable |
| 157 | 158 |
| 158 // Test db should still be empty. | 159 // Test db should still be empty. |
| 159 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); | 160 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); |
| 160 } | 161 } |
| 161 | 162 |
| 162 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12AsExtractableAndExportAgain) { | 163 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12AsExtractableAndExportAgain) { |
| 163 std::string pkcs12_data = ReadTestFile("client.p12"); | 164 std::string pkcs12_data = ReadTestFile("client.p12"); |
| 164 | 165 |
| 165 EXPECT_EQ(OK, cert_db_.ImportFromPKCS12(slot_, | 166 EXPECT_EQ(OK, cert_db_.ImportFromPKCS12(slot_, |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 248 &exported_data)); | 249 &exported_data)); |
| 249 ASSERT_LT(0U, exported_data.size()); | 250 ASSERT_LT(0U, exported_data.size()); |
| 250 } | 251 } |
| 251 | 252 |
| 252 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12InvalidFile) { | 253 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12InvalidFile) { |
| 253 std::string pkcs12_data = "Foobarbaz"; | 254 std::string pkcs12_data = "Foobarbaz"; |
| 254 | 255 |
| 255 EXPECT_EQ(ERR_PKCS12_IMPORT_INVALID_FILE, | 256 EXPECT_EQ(ERR_PKCS12_IMPORT_INVALID_FILE, |
| 256 cert_db_.ImportFromPKCS12(slot_, | 257 cert_db_.ImportFromPKCS12(slot_, |
| 257 pkcs12_data, | 258 pkcs12_data, |
| 258 ASCIIToUTF16(""), | 259 string16(), |
| 259 true)); // is_extractable | 260 true)); // is_extractable |
| 260 | 261 |
| 261 // Test db should still be empty. | 262 // Test db should still be empty. |
| 262 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); | 263 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); |
| 263 } | 264 } |
| 264 | 265 |
| 265 TEST_F(CertDatabaseNSSTest, ImportCACert_SSLTrust) { | 266 TEST_F(CertDatabaseNSSTest, ImportCACert_SSLTrust) { |
| 266 std::string cert_data = ReadTestFile("root_ca_cert.crt"); | 267 std::string cert_data = ReadTestFile("root_ca_cert.crt"); |
| 267 | 268 |
| 268 CertificateList certs = | 269 CertificateList certs = |
| (...skipping 307 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 576 puny_cert.get(), CA_CERT, | 577 puny_cert.get(), CA_CERT, |
| 577 CertDatabase::TRUSTED_SSL | CertDatabase::TRUSTED_EMAIL)); | 578 CertDatabase::TRUSTED_SSL | CertDatabase::TRUSTED_EMAIL)); |
| 578 | 579 |
| 579 verify_result.Reset(); | 580 verify_result.Reset(); |
| 580 error = puny_cert->Verify("xn--wgv71a119e.com", flags, NULL, &verify_result); | 581 error = puny_cert->Verify("xn--wgv71a119e.com", flags, NULL, &verify_result); |
| 581 EXPECT_EQ(OK, error); | 582 EXPECT_EQ(OK, error); |
| 582 EXPECT_EQ(0U, verify_result.cert_status); | 583 EXPECT_EQ(0U, verify_result.cert_status); |
| 583 } | 584 } |
| 584 | 585 |
| 585 } // namespace net | 586 } // namespace net |
| OLD | NEW |