net/cert/test_root_certs_unittest.cc - Issue 137553004: NSS Cros multiprofile: trust roots added by a profile shouldn't apply to other profiles.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/test_root_certs_unittest.cc

Issue 137553004: NSS Cros multiprofile: trust roots added by a profile shouldn't apply to other profiles. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: handle additional trust roots, add TestRootCertsTest.Contains, remove instantiated certtests from c… Created 6 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« net/cert/test_root_certs_openssl.cc ('K') | « net/cert/test_root_certs_openssl.cc ('k') | net/data/ssl/scripts/generate-foo-test-chains.sh » ('j') | net/data/ssl/scripts/generate-foo-test-chains.sh » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: net/cert/test_root_certs_unittest.cc

diff --git a/net/cert/test_root_certs_unittest.cc b/net/cert/test_root_certs_unittest.cc

index 74c3551862bc6f787f40c250f978c24854e27cf8..a75de5229c138401a48796166fc6e88ebda848dd 100644

--- a/net/cert/test_root_certs_unittest.cc

+++ b/net/cert/test_root_certs_unittest.cc

@@ -26,6 +26,8 @@ namespace {

const char kRootCertificateFile[] = "root_ca_cert.pem";

// A certificate issued by the local test root for 127.0.0.1.

const char kGoodCertificateFile[] = "ok_cert.pem";

+// Another test root certificate.

+const char kRootCertificateFile2[] = "2048-rsa-root.pem";

} // namespace

@@ -135,6 +137,37 @@ TEST(TestRootCertsTest, OverrideTrust) {

EXPECT_EQ(bad_verify_result.cert_status, restored_verify_result.cert_status);

}

+#if defined(USE_NSS) || defined(OS_IOS) || \

+ (defined(USE_OPENSSL) && !defined(OS_ANDROID))

+TEST(TestRootCertsTest, Contains) {

+ TestRootCerts* test_roots = TestRootCerts::GetInstance();

+ ASSERT_NE(static_cast<TestRootCerts*>(NULL), test_roots);

+ scoped_refptr<X509Certificate> root_cert_1 =

+ ImportCertFromFile(GetTestCertsDirectory(), kRootCertificateFile);

+ ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert_1.get());

+ scoped_refptr<X509Certificate> root_cert_2 =

+ ImportCertFromFile(GetTestCertsDirectory(), kRootCertificateFile2);

+ ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert_2.get());

+ EXPECT_FALSE(test_roots->Contains(root_cert_1->os_cert_handle()));

+ EXPECT_FALSE(test_roots->Contains(root_cert_2->os_cert_handle()));

+ EXPECT_TRUE(test_roots->Add(root_cert_1.get()));

+ EXPECT_TRUE(test_roots->Contains(root_cert_1->os_cert_handle()));

+ EXPECT_FALSE(test_roots->Contains(root_cert_2->os_cert_handle()));

+ EXPECT_TRUE(test_roots->Add(root_cert_2.get()));

+ EXPECT_TRUE(test_roots->Contains(root_cert_1->os_cert_handle()));

+ EXPECT_TRUE(test_roots->Contains(root_cert_2->os_cert_handle()));

+ test_roots->Clear();

+ EXPECT_FALSE(test_roots->Contains(root_cert_1->os_cert_handle()));

+ EXPECT_FALSE(test_roots->Contains(root_cert_2->os_cert_handle()));

+#endif

// TODO(rsleevi): Add tests for revocation checking via CRLs, ensuring that

// TestRootCerts properly injects itself into the validation process. See

// http://crbug.com/63958