Move the NSS functions out of CertDatabase into a new NSSCertDatabase class.

chrome/common/net/x509_certificate_model_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/common/net/x509_certificate_model.h"
 
 #include "base/file_path.h"
 #include "base/file_util.h"
 #include "base/path_service.h"
-#include "net/base/cert_database.h"
 #include "net/base/cert_test_util.h"
+#include "net/base/nss_cert_database.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 TEST(X509CertificateModelTest, GetTypeCA) {
   scoped_refptr<net::X509Certificate> cert(
       net::ImportCertFromFile(net::GetTestCertsDirectory(),
                               "root_ca_cert.crt"));
   ASSERT_TRUE(cert.get());
 
 #if defined(USE_OPENSSL)
   // Remove this when OpenSSL build implements the necessary functions.
   EXPECT_EQ(net::UNKNOWN_CERT,
             x509_certificate_model::GetType(cert->os_cert_handle()));
 #else
   EXPECT_EQ(net::CA_CERT,
             x509_certificate_model::GetType(cert->os_cert_handle()));
 
   // Test that explicitly distrusted CA certs are still returned as CA_CERT
   // type. See http://crbug.com/96654.
-  net::CertDatabase cert_db;
+  net::NSSCertDatabase cert_db;
   EXPECT_TRUE(cert_db.SetCertTrust(cert, net::CA_CERT,
-                                   net::CertDatabase::DISTRUSTED_SSL));
+                                   net::NSSCertDatabase::DISTRUSTED_SSL));
 
   EXPECT_EQ(net::CA_CERT,
             x509_certificate_model::GetType(cert->os_cert_handle()));
 #endif
 }
 
 TEST(X509CertificateModelTest, GetTypeServer) {
   scoped_refptr<net::X509Certificate> cert(
       net::ImportCertFromFile(net::GetTestCertsDirectory(),
                               "google.single.der"));
   ASSERT_TRUE(cert.get());
 
 #if defined(USE_OPENSSL)
   // Remove this when OpenSSL build implements the necessary functions.
   EXPECT_EQ(net::UNKNOWN_CERT,
             x509_certificate_model::GetType(cert->os_cert_handle()));
 #else
   // Test mozilla_security_manager::GetCertType with server certs and default
   // trust.  Currently this doesn't work.
   // TODO(mattm): make mozilla_security_manager::GetCertType smarter so we can
   // tell server certs even if they have no trust bits set.
   EXPECT_EQ(net::UNKNOWN_CERT,
             x509_certificate_model::GetType(cert->os_cert_handle()));
 
-  net::CertDatabase cert_db;
+  net::NSSCertDatabase cert_db;
   // Test GetCertType with server certs and explicit trust.
   EXPECT_TRUE(cert_db.SetCertTrust(cert, net::SERVER_CERT,
-                                   net::CertDatabase::TRUSTED_SSL));
+                                   net::NSSCertDatabase::TRUSTED_SSL));
 
   EXPECT_EQ(net::SERVER_CERT,
             x509_certificate_model::GetType(cert->os_cert_handle()));
 
   // Test GetCertType with server certs and explicit distrust.
   EXPECT_TRUE(cert_db.SetCertTrust(cert, net::SERVER_CERT,
-                                   net::CertDatabase::DISTRUSTED_SSL));
+                                   net::NSSCertDatabase::DISTRUSTED_SSL));
 
   EXPECT_EQ(net::SERVER_CERT,
             x509_certificate_model::GetType(cert->os_cert_handle()));
 #endif
 }
 
 // An X.509 v1 certificate with the version field omitted should get
 // the default value v1.
 TEST(X509CertificateModelTest, GetVersionOmitted) {
   scoped_refptr<net::X509Certificate> cert(
       net::ImportCertFromFile(net::GetTestCertsDirectory(),
                               "ndn.ca.crt"));
   ASSERT_TRUE(cert.get());
 
   EXPECT_EQ("1", x509_certificate_model::GetVersion(cert->os_cert_handle()));
 }