Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(913)

Side by Side Diff: net/cert/test_root_certs_unittest.cc

Issue 137553004: NSS Cros multiprofile: trust roots added by a profile shouldn't apply to other profiles. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: handle additional trust roots, add TestRootCertsTest.Contains, remove instantiated certtests from c… Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/files/file_path.h" 5 #include "base/files/file_path.h"
6 #include "build/build_config.h" 6 #include "build/build_config.h"
7 #include "net/base/net_errors.h" 7 #include "net/base/net_errors.h"
8 #include "net/base/test_data_directory.h" 8 #include "net/base/test_data_directory.h"
9 #include "net/cert/cert_status_flags.h" 9 #include "net/cert/cert_status_flags.h"
10 #include "net/cert/cert_verify_proc.h" 10 #include "net/cert/cert_verify_proc.h"
11 #include "net/cert/cert_verify_result.h" 11 #include "net/cert/cert_verify_result.h"
12 #include "net/cert/test_root_certs.h" 12 #include "net/cert/test_root_certs.h"
13 #include "net/cert/x509_certificate.h" 13 #include "net/cert/x509_certificate.h"
14 #include "net/test/cert_test_util.h" 14 #include "net/test/cert_test_util.h"
15 #include "testing/gtest/include/gtest/gtest.h" 15 #include "testing/gtest/include/gtest/gtest.h"
16 16
17 #if defined(USE_NSS) || defined(OS_IOS) 17 #if defined(USE_NSS) || defined(OS_IOS)
18 #include <nss.h> 18 #include <nss.h>
19 #endif 19 #endif
20 20
21 namespace net { 21 namespace net {
22 22
23 namespace { 23 namespace {
24 24
25 // The local test root certificate. 25 // The local test root certificate.
26 const char kRootCertificateFile[] = "root_ca_cert.pem"; 26 const char kRootCertificateFile[] = "root_ca_cert.pem";
27 // A certificate issued by the local test root for 127.0.0.1. 27 // A certificate issued by the local test root for 127.0.0.1.
28 const char kGoodCertificateFile[] = "ok_cert.pem"; 28 const char kGoodCertificateFile[] = "ok_cert.pem";
29 // Another test root certificate.
30 const char kRootCertificateFile2[] = "2048-rsa-root.pem";
29 31
30 } // namespace 32 } // namespace
31 33
32 // Test basic functionality when adding from an existing X509Certificate. 34 // Test basic functionality when adding from an existing X509Certificate.
33 TEST(TestRootCertsTest, AddFromPointer) { 35 TEST(TestRootCertsTest, AddFromPointer) {
34 scoped_refptr<X509Certificate> root_cert = 36 scoped_refptr<X509Certificate> root_cert =
35 ImportCertFromFile(GetTestCertsDirectory(), kRootCertificateFile); 37 ImportCertFromFile(GetTestCertsDirectory(), kRootCertificateFile);
36 ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert.get()); 38 ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert.get());
37 39
38 TestRootCerts* test_roots = TestRootCerts::GetInstance(); 40 TestRootCerts* test_roots = TestRootCerts::GetInstance();
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after
128 NULL, 130 NULL,
129 CertificateList(), 131 CertificateList(),
130 &restored_verify_result); 132 &restored_verify_result);
131 EXPECT_NE(OK, restored_status); 133 EXPECT_NE(OK, restored_status);
132 EXPECT_NE(0u, 134 EXPECT_NE(0u,
133 restored_verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID); 135 restored_verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID);
134 EXPECT_EQ(bad_status, restored_status); 136 EXPECT_EQ(bad_status, restored_status);
135 EXPECT_EQ(bad_verify_result.cert_status, restored_verify_result.cert_status); 137 EXPECT_EQ(bad_verify_result.cert_status, restored_verify_result.cert_status);
136 } 138 }
137 139
140 #if defined(USE_NSS) || defined(OS_IOS) || \
141 (defined(USE_OPENSSL) && !defined(OS_ANDROID))
142 TEST(TestRootCertsTest, Contains) {
143 TestRootCerts* test_roots = TestRootCerts::GetInstance();
144 ASSERT_NE(static_cast<TestRootCerts*>(NULL), test_roots);
145
146 scoped_refptr<X509Certificate> root_cert_1 =
147 ImportCertFromFile(GetTestCertsDirectory(), kRootCertificateFile);
148 ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert_1.get());
149
150 scoped_refptr<X509Certificate> root_cert_2 =
151 ImportCertFromFile(GetTestCertsDirectory(), kRootCertificateFile2);
152 ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert_2.get());
153
154 EXPECT_FALSE(test_roots->Contains(root_cert_1->os_cert_handle()));
155 EXPECT_FALSE(test_roots->Contains(root_cert_2->os_cert_handle()));
156
157 EXPECT_TRUE(test_roots->Add(root_cert_1.get()));
158 EXPECT_TRUE(test_roots->Contains(root_cert_1->os_cert_handle()));
159 EXPECT_FALSE(test_roots->Contains(root_cert_2->os_cert_handle()));
160
161 EXPECT_TRUE(test_roots->Add(root_cert_2.get()));
162 EXPECT_TRUE(test_roots->Contains(root_cert_1->os_cert_handle()));
163 EXPECT_TRUE(test_roots->Contains(root_cert_2->os_cert_handle()));
164
165 test_roots->Clear();
166 EXPECT_FALSE(test_roots->Contains(root_cert_1->os_cert_handle()));
167 EXPECT_FALSE(test_roots->Contains(root_cert_2->os_cert_handle()));
168 }
169 #endif
170
138 // TODO(rsleevi): Add tests for revocation checking via CRLs, ensuring that 171 // TODO(rsleevi): Add tests for revocation checking via CRLs, ensuring that
139 // TestRootCerts properly injects itself into the validation process. See 172 // TestRootCerts properly injects itself into the validation process. See
140 // http://crbug.com/63958 173 // http://crbug.com/63958
141 174
142 } // namespace net 175 } // namespace net
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698