Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2132)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/nss_cert_database_unittest.cc

Issue 15315003: Generate unique certificate nicknames on Linux/CrOS. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: _NE -> _STRNE Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/cert/cert_database_nss.cc ('k') | net/cert/x509_certificate_nss.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/nss_cert_database_unittest.cc
diff --git a/net/cert/nss_cert_database_unittest.cc b/net/cert/nss_cert_database_unittest.cc
index 4f65005fd15f2e81b2c7fe9be303bb06f0a4b826..2f6fbeb0822b09f978fa7b1b9594ae300b89350a 100644
--- a/net/cert/nss_cert_database_unittest.cc
+++ b/net/cert/nss_cert_database_unittest.cc
@@ -938,4 +938,47 @@ TEST_F(CertDatabaseNSSTest, TrustIntermediateCa4) {
EXPECT_EQ(0U, verify_result2.cert_status);
}
+// Importing two certificates with the same issuer and subject common name,
+// but overall distinct subject names, should succeed and generate a unique
+// nickname for the second certificate.
+TEST_F(CertDatabaseNSSTest, ImportDuplicateCommonName) {
+ CertificateList certs =
+ CreateCertificateListFromFile(GetTestCertsDirectory(),
+ "duplicate_cn_1.pem",
+ X509Certificate::FORMAT_AUTO);
+ ASSERT_EQ(1U, certs.size());
+
+ EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size());
+
+ // Import server cert with default trust.
+ NSSCertDatabase::ImportCertFailureList failed;
+ EXPECT_TRUE(cert_db_->ImportServerCert(
+ certs, NSSCertDatabase::TRUST_DEFAULT, &failed));
+ EXPECT_EQ(0U, failed.size());
+ EXPECT_EQ(NSSCertDatabase::TRUST_DEFAULT,
+ cert_db_->GetCertTrust(certs[0], SERVER_CERT));
+
+ CertificateList new_certs = ListCertsInSlot(slot_->os_module_handle());
+ ASSERT_EQ(1U, new_certs.size());
+
+ // Now attempt to import a different certificate with the same common name.
+ CertificateList certs2 =
+ CreateCertificateListFromFile(GetTestCertsDirectory(),
+ "duplicate_cn_2.pem",
+ X509Certificate::FORMAT_AUTO);
+ ASSERT_EQ(1U, certs2.size());
+
+ // Import server cert with default trust.
+ EXPECT_TRUE(cert_db_->ImportServerCert(
+ certs2, NSSCertDatabase::TRUST_DEFAULT, &failed));
+ EXPECT_EQ(0U, failed.size());
+ EXPECT_EQ(NSSCertDatabase::TRUST_DEFAULT,
+ cert_db_->GetCertTrust(certs2[0], SERVER_CERT));
+
+ new_certs = ListCertsInSlot(slot_->os_module_handle());
+ ASSERT_EQ(2U, new_certs.size());
+ EXPECT_STRNE(new_certs[0]->os_cert_handle()->nickname,
+ new_certs[1]->os_cert_handle()->nickname);
+}
+
} // namespace net
« no previous file with comments | « net/cert/cert_database_nss.cc ('k') | net/cert/x509_certificate_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698