| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <cert.h> | 5 #include <cert.h> |
| 6 #include <certdb.h> | 6 #include <certdb.h> |
| 7 #include <pk11pub.h> | 7 #include <pk11pub.h> |
| 8 | 8 |
| 9 #include <algorithm> | 9 #include <algorithm> |
| 10 | 10 |
| 11 #include "base/bind.h" |
| 11 #include "base/file_util.h" | 12 #include "base/file_util.h" |
| 12 #include "base/files/file_path.h" | 13 #include "base/files/file_path.h" |
| 13 #include "base/lazy_instance.h" | 14 #include "base/lazy_instance.h" |
| 14 #include "base/message_loop/message_loop.h" | 15 #include "base/message_loop/message_loop.h" |
| 16 #include "base/message_loop/message_loop_proxy.h" |
| 15 #include "base/path_service.h" | 17 #include "base/path_service.h" |
| 18 #include "base/run_loop.h" |
| 16 #include "base/strings/string16.h" | 19 #include "base/strings/string16.h" |
| 17 #include "base/strings/string_util.h" | 20 #include "base/strings/string_util.h" |
| 18 #include "base/strings/utf_string_conversions.h" | 21 #include "base/strings/utf_string_conversions.h" |
| 19 #include "crypto/nss_util.h" | 22 #include "crypto/nss_util.h" |
| 20 #include "crypto/nss_util_internal.h" | 23 #include "crypto/nss_util_internal.h" |
| 21 #include "crypto/scoped_nss_types.h" | 24 #include "crypto/scoped_nss_types.h" |
| 22 #include "net/base/crypto_module.h" | 25 #include "net/base/crypto_module.h" |
| 23 #include "net/base/net_errors.h" | 26 #include "net/base/net_errors.h" |
| 24 #include "net/base/test_data_directory.h" | 27 #include "net/base/test_data_directory.h" |
| 25 #include "net/cert/cert_status_flags.h" | 28 #include "net/cert/cert_status_flags.h" |
| 26 #include "net/cert/cert_verify_proc_nss.h" | 29 #include "net/cert/cert_verify_proc_nss.h" |
| 27 #include "net/cert/cert_verify_result.h" | 30 #include "net/cert/cert_verify_result.h" |
| 28 #include "net/cert/nss_cert_database.h" | 31 #include "net/cert/nss_cert_database.h" |
| 29 #include "net/cert/x509_certificate.h" | 32 #include "net/cert/x509_certificate.h" |
| 30 #include "net/test/cert_test_util.h" | 33 #include "net/test/cert_test_util.h" |
| 31 #include "net/third_party/mozilla_security_manager/nsNSSCertificateDB.h" | 34 #include "net/third_party/mozilla_security_manager/nsNSSCertificateDB.h" |
| 32 #include "testing/gtest/include/gtest/gtest.h" | 35 #include "testing/gtest/include/gtest/gtest.h" |
| 33 | 36 |
| 34 // In NSS 3.13, CERTDB_VALID_PEER was renamed CERTDB_TERMINAL_RECORD. So we use | 37 // In NSS 3.13, CERTDB_VALID_PEER was renamed CERTDB_TERMINAL_RECORD. So we use |
| 35 // the new name of the macro. | 38 // the new name of the macro. |
| 36 #if !defined(CERTDB_TERMINAL_RECORD) | 39 #if !defined(CERTDB_TERMINAL_RECORD) |
| 37 #define CERTDB_TERMINAL_RECORD CERTDB_VALID_PEER | 40 #define CERTDB_TERMINAL_RECORD CERTDB_VALID_PEER |
| 38 #endif | 41 #endif |
| 39 | 42 |
| 40 using base::ASCIIToUTF16; | 43 using base::ASCIIToUTF16; |
| 41 | 44 |
| 42 namespace net { | 45 namespace net { |
| 43 | 46 |
| 47 namespace { |
| 48 |
| 49 void SwapCertList(CertificateList* destination, |
| 50 scoped_ptr<CertificateList> source) { |
| 51 ASSERT_TRUE(destination); |
| 52 destination->swap(*source); |
| 53 } |
| 54 |
| 55 } // namespace |
| 56 |
| 44 class CertDatabaseNSSTest : public testing::Test { | 57 class CertDatabaseNSSTest : public testing::Test { |
| 45 public: | 58 public: |
| 46 virtual void SetUp() { | 59 virtual void SetUp() { |
| 47 ASSERT_TRUE(test_nssdb_.is_open()); | 60 ASSERT_TRUE(test_nssdb_.is_open()); |
| 48 cert_db_ = NSSCertDatabase::GetInstance(); | 61 cert_db_ = NSSCertDatabase::GetInstance(); |
| 49 slot_ = cert_db_->GetPublicModule(); | 62 slot_ = cert_db_->GetPublicModule(); |
| 50 | 63 |
| 51 // Test db should be empty at start of test. | 64 // Test db should be empty at start of test. |
| 52 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); | 65 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); |
| 53 } | 66 } |
| (...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 120 | 133 |
| 121 if (!cert_db_->DeleteCertAndKey(certs[i].get())) | 134 if (!cert_db_->DeleteCertAndKey(certs[i].get())) |
| 122 ok = false; | 135 ok = false; |
| 123 } | 136 } |
| 124 return ok; | 137 return ok; |
| 125 } | 138 } |
| 126 | 139 |
| 127 crypto::ScopedTestNSSDB test_nssdb_; | 140 crypto::ScopedTestNSSDB test_nssdb_; |
| 128 }; | 141 }; |
| 129 | 142 |
| 143 TEST_F(CertDatabaseNSSTest, ListCertsSync) { |
| 144 // This test isn't terribly useful, though it will at least let valgrind test |
| 145 // for leaks. |
| 146 CertificateList certs; |
| 147 cert_db_->ListCertsSync(&certs); |
| 148 // The test DB is empty, but let's assume there will always be something in |
| 149 // the other slots. |
| 150 EXPECT_LT(0U, certs.size()); |
| 151 } |
| 152 |
| 130 TEST_F(CertDatabaseNSSTest, ListCerts) { | 153 TEST_F(CertDatabaseNSSTest, ListCerts) { |
| 131 // This test isn't terribly useful, though it will at least let valgrind test | 154 // This test isn't terribly useful, though it will at least let valgrind test |
| 132 // for leaks. | 155 // for leaks. |
| 133 CertificateList certs; | 156 CertificateList certs; |
| 134 cert_db_->ListCerts(&certs); | 157 cert_db_->SetSlowTaskRunnerForTest(base::MessageLoopProxy::current()); |
| 158 cert_db_->ListCerts(base::Bind(&SwapCertList, base::Unretained(&certs))); |
| 159 EXPECT_EQ(0U, certs.size()); |
| 160 |
| 161 base::RunLoop().RunUntilIdle(); |
| 162 |
| 135 // The test DB is empty, but let's assume there will always be something in | 163 // The test DB is empty, but let's assume there will always be something in |
| 136 // the other slots. | 164 // the other slots. |
| 137 EXPECT_LT(0U, certs.size()); | 165 EXPECT_LT(0U, certs.size()); |
| 138 } | 166 } |
| 139 | 167 |
| 140 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12WrongPassword) { | 168 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12WrongPassword) { |
| 141 std::string pkcs12_data = ReadTestFile("client.p12"); | 169 std::string pkcs12_data = ReadTestFile("client.p12"); |
| 142 | 170 |
| 143 EXPECT_EQ(ERR_PKCS12_IMPORT_BAD_PASSWORD, | 171 EXPECT_EQ(ERR_PKCS12_IMPORT_BAD_PASSWORD, |
| 144 cert_db_->ImportFromPKCS12(slot_.get(), | 172 cert_db_->ImportFromPKCS12(slot_.get(), |
| (...skipping 865 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1010 EXPECT_EQ(NSSCertDatabase::TRUST_DEFAULT, | 1038 EXPECT_EQ(NSSCertDatabase::TRUST_DEFAULT, |
| 1011 cert_db_->GetCertTrust(certs2[0].get(), SERVER_CERT)); | 1039 cert_db_->GetCertTrust(certs2[0].get(), SERVER_CERT)); |
| 1012 | 1040 |
| 1013 new_certs = ListCertsInSlot(slot_->os_module_handle()); | 1041 new_certs = ListCertsInSlot(slot_->os_module_handle()); |
| 1014 ASSERT_EQ(2U, new_certs.size()); | 1042 ASSERT_EQ(2U, new_certs.size()); |
| 1015 EXPECT_STRNE(new_certs[0]->os_cert_handle()->nickname, | 1043 EXPECT_STRNE(new_certs[0]->os_cert_handle()->nickname, |
| 1016 new_certs[1]->os_cert_handle()->nickname); | 1044 new_certs[1]->os_cert_handle()->nickname); |
| 1017 } | 1045 } |
| 1018 | 1046 |
| 1019 } // namespace net | 1047 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 144423007:
Make NSSCertDatabase::ListCerts work async on a worker thread. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src