Clang format slam.

net/cert/x509_util_nss_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cert/x509_util.h"
 #include "net/cert/x509_util_nss.h"
 
 #include <cert.h>
 #include <secoid.h>
 
 #include "base/memory/ref_counted.h"
 #include "base/memory/scoped_ptr.h"
 #include "crypto/ec_private_key.h"
 #include "crypto/scoped_nss_types.h"
 #include "crypto/signature_verifier.h"
 #include "net/cert/x509_certificate.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 namespace net {
 
 namespace {
 
 CERTCertificate* CreateNSSCertHandleFromBytes(const char* data, size_t length) {
   SECItem der_cert;
   der_cert.data = reinterpret_cast<unsigned char*>(const_cast<char*>(data));
-  der_cert.len  = length;
+  der_cert.len = length;
   der_cert.type = siDERCertBuffer;
 
   // Parse into a certificate structure.
-  return CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &der_cert, NULL,
-                                 PR_FALSE, PR_TRUE);
+  return CERT_NewTempCertificate(
+      CERT_GetDefaultCertDB(), &der_cert, NULL, PR_FALSE, PR_TRUE);
 }
 
 #if !defined(OS_WIN) && !defined(OS_MACOSX)
 void VerifyCertificateSignature(const std::string& der_cert,
                                 const std::vector<uint8>& der_spki) {
   crypto::ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
 
   CERTSignedData sd;
   memset(&sd, 0, sizeof(sd));
 
   SECItem der_cert_item = {
-    siDERCertBuffer,
-    reinterpret_cast<unsigned char*>(const_cast<char*>(der_cert.data())),
-    static_cast<unsigned int>(der_cert.size())
-  };
-  SECStatus rv = SEC_ASN1DecodeItem(arena.get(), &sd,
-                                    SEC_ASN1_GET(CERT_SignedDataTemplate),
-                                    &der_cert_item);
+      siDERCertBuffer,
+      reinterpret_cast<unsigned char*>(const_cast<char*>(der_cert.data())),
+      static_cast<unsigned int>(der_cert.size())};
+  SECStatus rv = SEC_ASN1DecodeItem(
+      arena.get(), &sd, SEC_ASN1_GET(CERT_SignedDataTemplate), &der_cert_item);
   ASSERT_EQ(SECSuccess, rv);
 
   // The CERTSignedData.signatureAlgorithm is decoded, but SignatureVerifier
   // wants the DER encoded form, so re-encode it again.
-  SECItem* signature_algorithm = SEC_ASN1EncodeItem(
-      arena.get(),
-      NULL,
-      &sd.signatureAlgorithm,
-      SEC_ASN1_GET(SECOID_AlgorithmIDTemplate));
+  SECItem* signature_algorithm =
+      SEC_ASN1EncodeItem(arena.get(),
+                         NULL,
+                         &sd.signatureAlgorithm,
+                         SEC_ASN1_GET(SECOID_AlgorithmIDTemplate));
   ASSERT_TRUE(signature_algorithm);
 
   crypto::SignatureVerifier verifier;
   bool ok = verifier.VerifyInit(
       signature_algorithm->data,
       signature_algorithm->len,
       sd.signature.data,
       sd.signature.len / 8,  // Signature is a BIT STRING, convert to bytes.
       &der_spki[0],
       der_spki.size());
 
   ASSERT_TRUE(ok);
-  verifier.VerifyUpdate(sd.data.data,
-                        sd.data.len);
+  verifier.VerifyUpdate(sd.data.data, sd.data.len);
 
   ok = verifier.VerifyFinal();
   EXPECT_TRUE(ok);
 }
 #endif  // !defined(OS_WIN) && !defined(OS_MACOSX)
 
 void VerifyDomainBoundCert(const std::string& domain,
                            const std::string& der_cert) {
   // Origin Bound Cert OID.
   static const char oid_string[] = "1.3.6.1.4.1.11129.2.1.6";
 
   // Create object neccessary for extension lookup call.
-  SECItem extension_object = {
-    siAsciiString,
-    (unsigned char*)domain.data(),
-    static_cast<unsigned int>(domain.size())
-  };
+  SECItem extension_object = {siAsciiString, (unsigned char*)domain.data(),
+                              static_cast<unsigned int>(domain.size())};
 
   // IA5Encode and arena allocate SECItem.
   PLArenaPool* arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-  SECItem* expected = SEC_ASN1EncodeItem(arena,
-                                         NULL,
-                                         &extension_object,
-                                         SEC_ASN1_GET(SEC_IA5StringTemplate));
+  SECItem* expected = SEC_ASN1EncodeItem(
+      arena, NULL, &extension_object, SEC_ASN1_GET(SEC_IA5StringTemplate));
 
   ASSERT_NE(static_cast<SECItem*>(NULL), expected);
 
   // Create OID SECItem.
-  SECItem ob_cert_oid = { siDEROID, NULL, 0 };
-  SECStatus ok = SEC_StringToOID(arena, &ob_cert_oid,
-                                 oid_string, 0);
+  SECItem ob_cert_oid = {siDEROID, NULL, 0};
+  SECStatus ok = SEC_StringToOID(arena, &ob_cert_oid, oid_string, 0);
 
   ASSERT_EQ(SECSuccess, ok);
 
   SECOidTag ob_cert_oid_tag = SECOID_FindOIDTag(&ob_cert_oid);
 
   ASSERT_NE(SEC_OID_UNKNOWN, ob_cert_oid_tag);
 
   // This test is run on Mac and Win where X509Certificate::os_cert_handle isn't
   // an NSS type, so we have to manually create a NSS certificate object so we
   // can use CERT_FindCertExtension.  We also check the subject and validity
   // times using NSS since X509Certificate will fail with EC certs on OSX 10.5
   // (http://crbug.com/101231).
-  CERTCertificate* nss_cert = CreateNSSCertHandleFromBytes(
-      der_cert.data(), der_cert.size());
+  CERTCertificate* nss_cert =
+      CreateNSSCertHandleFromBytes(der_cert.data(), der_cert.size());
 
   char* common_name = CERT_GetCommonName(&nss_cert->subject);
   ASSERT_TRUE(common_name);
   EXPECT_STREQ("anonymous.invalid", common_name);
   PORT_Free(common_name);
   EXPECT_EQ(SECSuccess, CERT_CertTimesValid(nss_cert));
 
   // Lookup Origin Bound Cert extension in generated cert.
-  SECItem actual = { siBuffer, NULL, 0 };
-  ok = CERT_FindCertExtension(nss_cert,
-                              ob_cert_oid_tag,
-                              &actual);
+  SECItem actual = {siBuffer, NULL, 0};
+  ok = CERT_FindCertExtension(nss_cert, ob_cert_oid_tag, &actual);
   CERT_DestroyCertificate(nss_cert);
   ASSERT_EQ(SECSuccess, ok);
 
   // Compare expected and actual extension values.
   PRBool result = SECITEM_ItemsAreEqual(expected, &actual);
   ASSERT_TRUE(result);
 
   // Do Cleanup.
   SECITEM_FreeItem(&actual, PR_FALSE);
   PORT_FreeArena(arena, PR_FALSE);
 }
 
 }  // namespace
 
 // This test creates a domain-bound cert and an EC private key and
 // then verifies the content of the certificate.
 TEST(X509UtilNSSTest, CreateKeyAndDomainBoundCertEC) {
   // Create a sample ASCII weborigin.
   std::string domain = "weborigin.com";
   base::Time now = base::Time::Now();
 
   scoped_ptr<crypto::ECPrivateKey> private_key;
   std::string der_cert;
   ASSERT_TRUE(x509_util::CreateKeyAndDomainBoundCertEC(
-      domain, 1,
+      domain,
+      1,
       now,
       now + base::TimeDelta::FromDays(1),
       &private_key,
       &der_cert));
 
   VerifyDomainBoundCert(domain, der_cert);
 
 #if !defined(OS_WIN) && !defined(OS_MACOSX)
   // signature_verifier_win and signature_verifier_mac can't handle EC certs.
   std::vector<uint8> spki;
   ASSERT_TRUE(private_key->ExportPublicKey(&spki));
   VerifyCertificateSignature(der_cert, spki);
 #endif
 }
 
 }  // namespace net