Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(386)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/policy/policy_cert_verifier_browsertest.cc

Issue 137553004: NSS Cros multiprofile: trust roots added by a profile shouldn't apply to other profiles. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: expanded test, found one problem Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/chromeos/policy/policy_cert_verifier.cc ('k') | chrome/browser/profiles/profile_io_data.cc » ('j') | net/cert/cert_verify_proc_chromeos.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" 5 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/bind_helpers.h" 8 #include "base/bind_helpers.h"
9 #include "base/callback.h" 9 #include "base/callback.h"
10 #include "base/memory/ref_counted.h" 10 #include "base/memory/ref_counted.h"
11 #include "base/memory/scoped_ptr.h" 11 #include "base/memory/scoped_ptr.h"
12 #include "base/run_loop.h" 12 #include "base/run_loop.h"
13 #include "content/public/browser/browser_thread.h" 13 #include "content/public/browser/browser_thread.h"
14 #include "content/public/test/test_browser_thread_bundle.h" 14 #include "content/public/test/test_browser_thread_bundle.h"
15 #include "crypto/nss_util.h" 15 #include "crypto/nss_util.h"
16 #include "crypto/nss_util_internal.h"
16 #include "net/base/net_log.h" 17 #include "net/base/net_log.h"
17 #include "net/base/test_completion_callback.h" 18 #include "net/base/test_completion_callback.h"
18 #include "net/base/test_data_directory.h" 19 #include "net/base/test_data_directory.h"
19 #include "net/cert/cert_trust_anchor_provider.h" 20 #include "net/cert/cert_trust_anchor_provider.h"
20 #include "net/cert/cert_verify_proc.h" 21 #include "net/cert/cert_verify_proc_chromeos.h"
21 #include "net/cert/cert_verify_result.h" 22 #include "net/cert/cert_verify_result.h"
22 #include "net/cert/nss_cert_database.h" 23 #include "net/cert/nss_cert_database.h"
23 #include "net/cert/x509_certificate.h" 24 #include "net/cert/x509_certificate.h"
24 #include "net/test/cert_test_util.h" 25 #include "net/test/cert_test_util.h"
25 #include "testing/gtest/include/gtest/gtest.h" 26 #include "testing/gtest/include/gtest/gtest.h"
26 27
27 namespace policy { 28 namespace policy {
28 29
29 // This is actually a unit test, but is linked with browser_tests because 30 // This is actually a unit test, but is linked with browser_tests because
30 // importing a certificate into the NSS test database persists for the duration 31 // importing a certificate into the NSS test database persists for the duration
31 // of a process; since each browser_test runs in a separate process then this 32 // of a process; since each browser_test runs in a separate process then this
32 // won't affect subsequent tests. 33 // won't affect subsequent tests.
33 // This can be moved to the unittests target once the TODO in ~ScopedTestNSSDB 34 // This can be moved to the unittests target once the TODO in ~ScopedTestNSSDB
34 // is fixed. 35 // is fixed.
35 class PolicyCertVerifierTest : public testing::Test { 36 class PolicyCertVerifierTest : public testing::Test {
36 public: 37 public:
37 PolicyCertVerifierTest() : cert_db_(NULL), trust_anchor_used_(false) {} 38 PolicyCertVerifierTest() : cert_db_(NULL), trust_anchor_used_(false) {}
38 39
39 virtual ~PolicyCertVerifierTest() {} 40 virtual ~PolicyCertVerifierTest() {}
40 41
41 virtual void SetUp() OVERRIDE { 42 virtual void SetUp() OVERRIDE {
42 ASSERT_TRUE(test_nssdb_.is_open()); 43 ASSERT_TRUE(test_nssdb_.is_open());
43 cert_db_ = net::NSSCertDatabase::GetInstance(); 44 cert_db_ = net::NSSCertDatabase::GetInstance();
44 45
45 cert_verifier_.reset(new PolicyCertVerifier(base::Bind( 46 cert_verifier_.reset(new PolicyCertVerifier(base::Bind(
46 &PolicyCertVerifierTest::OnTrustAnchorUsed, base::Unretained(this)))); 47 &PolicyCertVerifierTest::OnTrustAnchorUsed, base::Unretained(this))));
47 cert_verifier_->InitializeOnIOThread(); 48 cert_verifier_->InitializeOnIOThread(new net::CertVerifyProcChromeOS(
49 crypto::ScopedPK11Slot(crypto::GetPublicNSSKeySlot()),
50 crypto::ScopedPK11Slot()));
48 51
49 test_ca_cert_ = LoadCertificate("root_ca_cert.pem", net::CA_CERT); 52 test_ca_cert_ = LoadCertificate("root_ca_cert.pem", net::CA_CERT);
50 ASSERT_TRUE(test_ca_cert_); 53 ASSERT_TRUE(test_ca_cert_);
51 test_server_cert_ = LoadCertificate("ok_cert.pem", net::SERVER_CERT); 54 test_server_cert_ = LoadCertificate("ok_cert.pem", net::SERVER_CERT);
52 ASSERT_TRUE(test_server_cert_); 55 ASSERT_TRUE(test_server_cert_);
53 test_ca_cert_list_.push_back(test_ca_cert_); 56 test_ca_cert_list_.push_back(test_ca_cert_);
54 } 57 }
55 58
56 virtual void TearDown() OVERRIDE { 59 virtual void TearDown() OVERRIDE {
57 // Destroy |cert_verifier_| before destroying the ThreadBundle, otherwise 60 // Destroy |cert_verifier_| before destroying the ThreadBundle, otherwise
(...skipping 164 matching lines...) Expand 10 before | Expand all | Expand 10 after
222 int error = VerifyTestServerCert(callback, &verify_result, &request_handle); 225 int error = VerifyTestServerCert(callback, &verify_result, &request_handle);
223 // Note: this hits the cached result from the first Verify() in this test. 226 // Note: this hits the cached result from the first Verify() in this test.
224 EXPECT_EQ(net::ERR_CERT_AUTHORITY_INVALID, error); 227 EXPECT_EQ(net::ERR_CERT_AUTHORITY_INVALID, error);
225 } 228 }
226 // The additional trust anchors were reset, thus |cert_verifier_| should not 229 // The additional trust anchors were reset, thus |cert_verifier_| should not
227 // signal it's usage anymore. 230 // signal it's usage anymore.
228 EXPECT_FALSE(WasTrustAnchorUsedAndReset()); 231 EXPECT_FALSE(WasTrustAnchorUsedAndReset());
229 } 232 }
230 233
231 } // namespace policy 234 } // namespace policy
OLDNEW
« no previous file with comments | « chrome/browser/chromeos/policy/policy_cert_verifier.cc ('k') | chrome/browser/profiles/profile_io_data.cc » ('j') | net/cert/cert_verify_proc_chromeos.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698