This moves the ONC parsing code into chromeos/network/onc

chromeos/network/onc/onc_certificate_importer_unittest.cc

Index: chromeos/network/onc/onc_certificate_importer_unittest.cc
diff --git a/chrome/browser/chromeos/network_settings/onc_certificate_importer_unittest.cc b/chromeos/network/onc/onc_certificate_importer_unittest.cc
similarity index 87%
rename from chrome/browser/chromeos/network_settings/onc_certificate_importer_unittest.cc
rename to chromeos/network/onc/onc_certificate_importer_unittest.cc
index ba326f565224a7256a3ae34c0c47690cc00f1a3a..6350bde68372954e9ee9af10dc50f1c811b8b7b6 100644
--- a/chrome/browser/chromeos/network_settings/onc_certificate_importer_unittest.cc
+++ b/chromeos/network/onc/onc_certificate_importer_unittest.cc
@@ -2,9 +2,10 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "chrome/browser/chromeos/network_settings/onc_certificate_importer.h"
+#include "chromeos/network/onc/onc_certificate_importer.h"
 
 #include <cert.h>
+#include <certdb.h>
 #include <keyhi.h>
 #include <pk11pub.h>
 #include <string>
@@ -12,9 +13,8 @@
 #include "base/logging.h"
 #include "base/string_number_conversions.h"
 #include "base/values.h"
-#include "chrome/browser/chromeos/cros/onc_constants.h"
-#include "chrome/browser/chromeos/network_settings/onc_test_utils.h"
-#include "chrome/common/net/x509_certificate_model.h"
+#include "chromeos/network/onc/onc_constants.h"
+#include "chromeos/network/onc/onc_test_utils.h"
 #include "crypto/nss_util.h"
 #include "net/base/cert_type.h"
 #include "net/base/crypto_module.h"
@@ -22,18 +22,33 @@
 #include "net/base/x509_certificate.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
-namespace {
-
-net::CertType GetCertType(const net::X509Certificate* cert) {
-  DCHECK(cert);
-  return x509_certificate_model::GetType(cert->os_cert_handle());
-}
-
-}  // namespace
-
 namespace chromeos {
 namespace onc {
 
+#if defined(USE_NSS)
+net::CertType GetCertType(CERTCertificate *cert) {
+  CERTCertTrust trust = {0};
+  CERT_GetCertTrust(cert, &trust);
+
+  unsigned all_flags = trust.sslFlags | trust.emailFlags |
+      trust.objectSigningFlags;
+
+  if (cert->nickname && (all_flags & CERTDB_USER))
+    return net::USER_CERT;
+  if ((all_flags & CERTDB_VALID_CA) || CERT_IsCACert(cert, NULL))
+    return net::CA_CERT;
+  // TODO(mattm): http://crbug.com/128633.
+  if (trust.sslFlags & CERTDB_TERMINAL_RECORD)
+    return net::SERVER_CERT;
+  return net::UNKNOWN_CERT;
+}
+#else
+net::CertType GetCertType(CERTCertificate *cert) {
+  NOTIMPLEMENTED();
+  return net::UNKNOWN_CERT;
+}
+#endif  // USE_NSS
+
 class ONCCertificateImporterTest : public testing::Test {
  public:
   virtual void SetUp() {
@@ -68,16 +83,15 @@ class ONCCertificateImporterTest : public testing::Test {
     certificates->GetDictionary(0, &certificate);
     certificate->GetStringWithoutPathExpansion(kGUID, guid);
 
-    CertificateImporter importer(NetworkUIData::ONC_SOURCE_USER_IMPORT,
+    CertificateImporter importer(ONC_SOURCE_USER_IMPORT,
                                  false /* don't allow webtrust */);
-    std::string error;
-    EXPECT_TRUE(importer.ParseAndStoreCertificates(*certificates, &error));
-    EXPECT_TRUE(error.empty());
+    std::string result;
+    EXPECT_TRUE(importer.ParseAndStoreCertificates(*certificates, &result));
 
     net::CertificateList result_list;
     CertificateImporter::ListCertsWithNickname(*guid, &result_list);
     ASSERT_EQ(1ul, result_list.size());
-    EXPECT_EQ(expected_type, GetCertType(result_list[0].get()));
+    EXPECT_EQ(expected_type, GetCertType(result_list[0]->os_cert_handle()));
   }
 
   scoped_refptr<net::CryptoModule> slot_;