Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(315)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/nss_cert_database_chromeos_unittest.cc

Issue 111273002: NSSCertDatabaseChromeOS (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: gcc fix Created 7 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/cert/nss_cert_database_chromeos.cc ('K') | « net/cert/nss_cert_database_chromeos_test_utils.cc ('k') | net/net.gyp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/bind.h"
6 #include "base/callback.h"
7 #include "base/run_loop.h"
8 #include "net/base/test_data_directory.h"
9 #include "net/cert/cert_database.h"
10 #include "net/cert/nss_cert_database_chromeos.h"
11 #include "net/cert/nss_cert_database_chromeos_test_utils.h"
12 #include "net/test/cert_test_util.h"
13 #include "testing/gtest/include/gtest/gtest.h"
14
15 // XXX clang-format this file
16
17 namespace net {
18
19 namespace {
20
21 void SetDbCallback(
22 NSSCertDatabase** out_db, base::RunLoop* runloop, NSSCertDatabase* db) {
23 *out_db = db;
24 runloop->Quit();
25 }
26
27 void NotCalledDbCallback(NSSCertDatabase* db) {
28 ASSERT_TRUE(false);
29 }
30
31 bool IsCertInCertificateList(
32 const X509Certificate* cert, const CertificateList& cert_list) {
33 for (CertificateList::const_iterator it=cert_list.begin();
34 it!=cert_list.end();
35 ++it) {
36 if ((*it)->os_cert_handle() == cert->os_cert_handle())
37 return true;
38 }
39 return false;
40 }
41
42 } // namespace
43
44 TEST(NSSCertDatabaseChromeOSInitializationTest, Initialization) {
45 ScopedTestNSSCertDatabaseChromeOS user_1("user1");
46 ScopedTestNSSCertDatabaseChromeOS user_2("user2");
47 ASSERT_TRUE(user_1.constructed_successfully());
48 ASSERT_TRUE(user_2.constructed_successfully());
49
50 base::RunLoop runloop_1;
51 base::RunLoop runloop_2;
52 NSSCertDatabase* db_1 = NULL;
53 NSSCertDatabase* db_2 = NULL;
54
55 // Getting DB should be async since nss_util private slots haven't been set
56 // yet.
57 ASSERT_FALSE(NSSCertDatabaseChromeOS::GetForUser(user_1.username_hash(),
58 base::Bind(&SetDbCallback, &db_1, &runloop_1)));
59 ASSERT_FALSE(NSSCertDatabaseChromeOS::GetForUser(user_2.username_hash(),
60 base::Bind(&SetDbCallback, &db_2, &runloop_2)));
61
62 // Set private slots, check that callbacks got run, and that the slots are
63 // returned from the NSSCertDatabaseChromeOS.
64 user_1.FinishInit();
65 runloop_1.Run();
66 ASSERT_TRUE(db_1);
67 EXPECT_FALSE(db_2);
68 EXPECT_TRUE(db_1->GetPublicSlot().get());
69 // Public and private slot are the same in unittests.
70 EXPECT_EQ(db_1->GetPublicSlot().get(), db_1->GetPrivateSlot().get());
71
72 // Same as above, for user 2.
73 user_2.FinishInit();
74 runloop_2.Run();
75 ASSERT_TRUE(db_2);
76 EXPECT_TRUE(db_2->GetPublicSlot().get());
77 EXPECT_EQ(db_2->GetPublicSlot().get(), db_2->GetPrivateSlot().get());
78
79 EXPECT_NE(db_1->GetPublicSlot().get(), db_2->GetPublicSlot().get());
80
81 // Now getting the DB should be synchronous.
82 NSSCertDatabase* sync_returned_db_1 =
83 NSSCertDatabaseChromeOS::GetForUser(user_1.username_hash(),
84 base::Bind(&NotCalledDbCallback));
85 NSSCertDatabase* sync_returned_db_2 =
86 NSSCertDatabaseChromeOS::GetForUser(user_2.username_hash(),
87 base::Bind(&NotCalledDbCallback));
88 ASSERT_EQ(db_1, sync_returned_db_1);
89 ASSERT_EQ(db_2, sync_returned_db_2);
90 }
91
92 class NSSCertDatabaseChromeOSTest : public testing::Test,
93 public CertDatabase::Observer {
94 public:
95 NSSCertDatabaseChromeOSTest()
96 : user_1_("user1"), user_2_("user2"), db_1_(NULL), db_2_(NULL) {}
97
98 virtual void SetUp() OVERRIDE {
99 ASSERT_TRUE(user_1_.constructed_successfully());
100 ASSERT_TRUE(user_2_.constructed_successfully());
101 user_1_.FinishInit();
102 user_2_.FinishInit();
103 db_1_ = NSSCertDatabaseChromeOS::GetForUser(
104 user_1_.username_hash(), base::Bind(&NotCalledDbCallback));
105 db_2_ = NSSCertDatabaseChromeOS::GetForUser(
106 user_2_.username_hash(), base::Bind(&NotCalledDbCallback));
107 ASSERT_TRUE(db_1_);
108 ASSERT_TRUE(db_2_);
109 CertDatabase::GetInstance()->AddObserver(this);
110 }
111 virtual void TearDown() OVERRIDE {
112 CertDatabase::GetInstance()->RemoveObserver(this);
113 }
114
115 // CertDatabase::Observer:
116 virtual void OnCertAdded(const X509Certificate* cert) OVERRIDE {
117 added_.push_back(cert ? cert->os_cert_handle() : NULL);
118 }
119 virtual void OnCertRemoved(const X509Certificate* cert) OVERRIDE {}
120 virtual void OnCACertChanged(const X509Certificate* cert) OVERRIDE {
121 added_ca_.push_back(cert ? cert->os_cert_handle() : NULL);
122 }
123
124 protected:
125 std::vector<CERTCertificate*> added_ca_;
126 std::vector<CERTCertificate*> added_;
127 ScopedTestNSSCertDatabaseChromeOS user_1_;
128 ScopedTestNSSCertDatabaseChromeOS user_2_;
129 NSSCertDatabase* db_1_;
130 NSSCertDatabase* db_2_;
131 };
132
133 TEST_F(NSSCertDatabaseChromeOSTest, ListModules) {
134 CryptoModuleList modules_1;
135 CryptoModuleList modules_2;
136
137 db_1_->ListModules(&modules_1, false /* need_rw */);
138 db_2_->ListModules(&modules_2, false /* need_rw */);
139
140 bool found_1 = false;
141 for (CryptoModuleList::iterator it=modules_1.begin();
142 it!=modules_1.end();
143 ++it) {
144 EXPECT_NE(db_2_->GetPublicSlot().get(), (*it)->os_module_handle());
145 if ((*it)->os_module_handle() == db_1_->GetPublicSlot().get())
146 found_1 = true;
147 }
148 EXPECT_TRUE(found_1);
149
150 bool found_2 = false;
151 for (CryptoModuleList::iterator it=modules_2.begin();
152 it!=modules_2.end();
153 ++it) {
154 EXPECT_NE(db_1_->GetPublicSlot().get(), (*it)->os_module_handle());
155 if ((*it)->os_module_handle() == db_2_->GetPublicSlot().get())
156 found_2 = true;
157 }
158 EXPECT_TRUE(found_2);
159 }
160
161 TEST_F(NSSCertDatabaseChromeOSTest, ImportCACerts) {
162 CertificateList certs_1 = CreateCertificateListFromFile(
163 GetTestCertsDirectory(), "root_ca_cert.pem",
164 X509Certificate::FORMAT_AUTO);
165 ASSERT_EQ(1U, certs_1.size());
166 EXPECT_FALSE(certs_1[0]->os_cert_handle()->isperm);
167
168 CertificateList certs_2 = CreateCertificateListFromFile(
169 GetTestCertsDirectory(), "2048-rsa-root.pem",
170 X509Certificate::FORMAT_AUTO);
171 ASSERT_EQ(1U, certs_2.size());
172 EXPECT_FALSE(certs_2[0]->os_cert_handle()->isperm);
173
174
175 NSSCertDatabase::ImportCertFailureList failed;
176 EXPECT_TRUE(db_1_->ImportCACerts(certs_1, NSSCertDatabase::TRUSTED_SSL,
177 &failed));
178 EXPECT_EQ(0U, failed.size());
179 failed.clear();
180 EXPECT_TRUE(db_2_->ImportCACerts(certs_2, NSSCertDatabase::TRUSTED_SSL,
181 &failed));
182 EXPECT_EQ(0U, failed.size());
183
184 CertificateList user_1_certlist;
185 CertificateList user_2_certlist;
186 db_1_->ListCerts(&user_1_certlist);
187 db_2_->ListCerts(&user_2_certlist);
188
189 EXPECT_TRUE(IsCertInCertificateList(certs_1[0], user_1_certlist));
190 EXPECT_FALSE(IsCertInCertificateList(certs_1[0], user_2_certlist));
191
192 EXPECT_TRUE(IsCertInCertificateList(certs_2[0], user_2_certlist));
193 EXPECT_FALSE(IsCertInCertificateList(certs_2[0], user_1_certlist));
194
195 base::RunLoop().RunUntilIdle();
196 ASSERT_EQ(2U, added_ca_.size());
197 // TODO(mattm): make NSSCertDatabase actually pass the cert to the callback,
198 // and enable these checks:
199 //EXPECT_EQ(certs_1[0]->os_cert_handle(), added_ca_[0]);
200 //EXPECT_EQ(certs_2[0]->os_cert_handle(), added_ca_[1]);
201 EXPECT_EQ(0U, added_.size());
202 }
203
204 TEST_F(NSSCertDatabaseChromeOSTest, ImportServerCert) {
205 CertificateList certs_1 = CreateCertificateListFromFile(
206 GetTestCertsDirectory(), "ok_cert.pem",
207 X509Certificate::FORMAT_AUTO);
208 ASSERT_EQ(1U, certs_1.size());
209 EXPECT_FALSE(certs_1[0]->os_cert_handle()->isperm);
210
211 CertificateList certs_2 = CreateCertificateListFromFile(
212 GetTestCertsDirectory(), "2048-rsa-ee-by-2048-rsa-intermediate.pem",
213 X509Certificate::FORMAT_AUTO);
214 ASSERT_EQ(1U, certs_2.size());
215 EXPECT_FALSE(certs_2[0]->os_cert_handle()->isperm);
216
217 NSSCertDatabase::ImportCertFailureList failed;
218 EXPECT_TRUE(db_1_->ImportServerCert(certs_1, NSSCertDatabase::TRUSTED_SSL,
219 &failed));
220 EXPECT_EQ(0U, failed.size());
221 failed.clear();
222 EXPECT_TRUE(db_2_->ImportServerCert(certs_2, NSSCertDatabase::TRUSTED_SSL,
223 &failed));
224 EXPECT_EQ(0U, failed.size());
225
226 CertificateList user_1_certlist;
227 CertificateList user_2_certlist;
228 db_1_->ListCerts(&user_1_certlist);
229 db_2_->ListCerts(&user_2_certlist);
230
231 EXPECT_TRUE(IsCertInCertificateList(certs_1[0], user_1_certlist));
232 EXPECT_FALSE(IsCertInCertificateList(certs_1[0], user_2_certlist));
233
234 EXPECT_TRUE(IsCertInCertificateList(certs_2[0], user_2_certlist));
235 EXPECT_FALSE(IsCertInCertificateList(certs_2[0], user_1_certlist));
236
237 base::RunLoop().RunUntilIdle();
238 // TODO(mattm): ImportServerCert doesn't actually cause any observers to
239 // fire. Is that correct?
240 EXPECT_EQ(0U, added_ca_.size());
241 EXPECT_EQ(0U, added_.size());
242 }
243
244 } // namespace net
OLDNEW
« net/cert/nss_cert_database_chromeos.cc ('K') | « net/cert/nss_cert_database_chromeos_test_utils.cc ('k') | net/net.gyp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698