OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/common/net/x509_certificate_model.h" | 5 #include "chrome/common/net/x509_certificate_model.h" |
6 | 6 |
7 #include "base/files/file_path.h" | 7 #include "base/files/file_path.h" |
8 #include "base/path_service.h" | 8 #include "base/path_service.h" |
9 #include "net/base/test_data_directory.h" | 9 #include "net/base/test_data_directory.h" |
10 #include "net/test/cert_test_util.h" | 10 #include "net/test/cert_test_util.h" |
11 #include "testing/gtest/include/gtest/gtest.h" | 11 #include "testing/gtest/include/gtest/gtest.h" |
12 | 12 |
13 #if defined(USE_NSS) | 13 #if defined(USE_NSS) |
14 #include "crypto/nss_util_internal.h" | 14 #include "crypto/scoped_test_nss_db.h" |
15 #include "net/cert/nss_cert_database.h" | 15 #include "net/cert/nss_cert_database.h" |
16 #endif | 16 #endif |
17 | 17 |
18 TEST(X509CertificateModelTest, GetCertNameOrNicknameAndGetTitle) { | 18 TEST(X509CertificateModelTest, GetCertNameOrNicknameAndGetTitle) { |
19 scoped_refptr<net::X509Certificate> cert( | 19 scoped_refptr<net::X509Certificate> cert( |
20 net::ImportCertFromFile(net::GetTestCertsDirectory(), | 20 net::ImportCertFromFile(net::GetTestCertsDirectory(), |
21 "root_ca_cert.pem")); | 21 "root_ca_cert.pem")); |
22 ASSERT_TRUE(cert.get()); | 22 ASSERT_TRUE(cert.get()); |
23 EXPECT_EQ( | 23 EXPECT_EQ( |
24 "Test Root CA", | 24 "Test Root CA", |
(...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
217 ASSERT_TRUE(cert.get()); | 217 ASSERT_TRUE(cert.get()); |
218 | 218 |
219 #if defined(USE_OPENSSL) | 219 #if defined(USE_OPENSSL) |
220 // Remove this when OpenSSL build implements the necessary functions. | 220 // Remove this when OpenSSL build implements the necessary functions. |
221 EXPECT_EQ(net::OTHER_CERT, | 221 EXPECT_EQ(net::OTHER_CERT, |
222 x509_certificate_model::GetType(cert->os_cert_handle())); | 222 x509_certificate_model::GetType(cert->os_cert_handle())); |
223 #else | 223 #else |
224 EXPECT_EQ(net::CA_CERT, | 224 EXPECT_EQ(net::CA_CERT, |
225 x509_certificate_model::GetType(cert->os_cert_handle())); | 225 x509_certificate_model::GetType(cert->os_cert_handle())); |
226 | 226 |
227 // Additional parantheses required to disambiguate from function declaration. | 227 crypto::ScopedTestNSSDB test_nssdb; |
228 net::NSSCertDatabase db( | 228 net::NSSCertDatabase db(crypto::ScopedPK11Slot(PK11_ReferenceSlot( |
229 (crypto::ScopedPK11Slot( | 229 test_nssdb.slot())) /* public slot */, |
230 crypto::GetPersistentNSSKeySlot())) /* public slot */, | 230 crypto::ScopedPK11Slot(PK11_ReferenceSlot( |
231 crypto::ScopedPK11Slot( | 231 test_nssdb.slot())) /* private slot */); |
232 crypto::GetPersistentNSSKeySlot()) /* private lot */); | |
233 | 232 |
234 // Test that explicitly distrusted CA certs are still returned as CA_CERT | 233 // Test that explicitly distrusted CA certs are still returned as CA_CERT |
235 // type. See http://crbug.com/96654. | 234 // type. See http://crbug.com/96654. |
236 EXPECT_TRUE(db.SetCertTrust( | 235 EXPECT_TRUE(db.SetCertTrust( |
237 cert.get(), net::CA_CERT, net::NSSCertDatabase::DISTRUSTED_SSL)); | 236 cert.get(), net::CA_CERT, net::NSSCertDatabase::DISTRUSTED_SSL)); |
238 | 237 |
239 EXPECT_EQ(net::CA_CERT, | 238 EXPECT_EQ(net::CA_CERT, |
240 x509_certificate_model::GetType(cert->os_cert_handle())); | 239 x509_certificate_model::GetType(cert->os_cert_handle())); |
241 #endif | 240 #endif |
242 } | 241 } |
243 | 242 |
244 TEST(X509CertificateModelTest, GetTypeServer) { | 243 TEST(X509CertificateModelTest, GetTypeServer) { |
245 scoped_refptr<net::X509Certificate> cert( | 244 scoped_refptr<net::X509Certificate> cert( |
246 net::ImportCertFromFile(net::GetTestCertsDirectory(), | 245 net::ImportCertFromFile(net::GetTestCertsDirectory(), |
247 "google.single.der")); | 246 "google.single.der")); |
248 ASSERT_TRUE(cert.get()); | 247 ASSERT_TRUE(cert.get()); |
249 | 248 |
250 #if defined(USE_OPENSSL) | 249 #if defined(USE_OPENSSL) |
251 // Remove this when OpenSSL build implements the necessary functions. | 250 // Remove this when OpenSSL build implements the necessary functions. |
252 EXPECT_EQ(net::OTHER_CERT, | 251 EXPECT_EQ(net::OTHER_CERT, |
253 x509_certificate_model::GetType(cert->os_cert_handle())); | 252 x509_certificate_model::GetType(cert->os_cert_handle())); |
254 #else | 253 #else |
255 // Test mozilla_security_manager::GetCertType with server certs and default | 254 // Test mozilla_security_manager::GetCertType with server certs and default |
256 // trust. Currently this doesn't work. | 255 // trust. Currently this doesn't work. |
257 // TODO(mattm): make mozilla_security_manager::GetCertType smarter so we can | 256 // TODO(mattm): make mozilla_security_manager::GetCertType smarter so we can |
258 // tell server certs even if they have no trust bits set. | 257 // tell server certs even if they have no trust bits set. |
259 EXPECT_EQ(net::OTHER_CERT, | 258 EXPECT_EQ(net::OTHER_CERT, |
260 x509_certificate_model::GetType(cert->os_cert_handle())); | 259 x509_certificate_model::GetType(cert->os_cert_handle())); |
261 | 260 |
262 // Additional parantheses required to disambiguate from function declaration. | 261 crypto::ScopedTestNSSDB test_nssdb; |
263 net::NSSCertDatabase db( | 262 net::NSSCertDatabase db(crypto::ScopedPK11Slot(PK11_ReferenceSlot( |
264 (crypto::ScopedPK11Slot( | 263 test_nssdb.slot())) /* public slot */, |
265 crypto::GetPersistentNSSKeySlot())) /* public slot */, | 264 crypto::ScopedPK11Slot(PK11_ReferenceSlot( |
266 crypto::ScopedPK11Slot( | 265 test_nssdb.slot())) /* private slot */); |
267 crypto::GetPersistentNSSKeySlot()) /* private lot */); | |
268 | 266 |
269 // Test GetCertType with server certs and explicit trust. | 267 // Test GetCertType with server certs and explicit trust. |
270 EXPECT_TRUE(db.SetCertTrust( | 268 EXPECT_TRUE(db.SetCertTrust( |
271 cert.get(), net::SERVER_CERT, net::NSSCertDatabase::TRUSTED_SSL)); | 269 cert.get(), net::SERVER_CERT, net::NSSCertDatabase::TRUSTED_SSL)); |
272 | 270 |
273 EXPECT_EQ(net::SERVER_CERT, | 271 EXPECT_EQ(net::SERVER_CERT, |
274 x509_certificate_model::GetType(cert->os_cert_handle())); | 272 x509_certificate_model::GetType(cert->os_cert_handle())); |
275 | 273 |
276 // Test GetCertType with server certs and explicit distrust. | 274 // Test GetCertType with server certs and explicit distrust. |
277 EXPECT_TRUE(db.SetCertTrust( | 275 EXPECT_TRUE(db.SetCertTrust( |
(...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
441 "09 6B 5A 6B F1 95 D3 9D 3F E0 42 63 FC B7 32 90\n" | 439 "09 6B 5A 6B F1 95 D3 9D 3F E0 42 63 FC B7 32 90\n" |
442 "55 56 F2 76 1B 71 38 BD BD FB 3B 23 50 46 4C 2C\n" | 440 "55 56 F2 76 1B 71 38 BD BD FB 3B 23 50 46 4C 2C\n" |
443 "4E 49 48 52 EA 05 5F 16 F2 98 51 AF 2F 79 36 2A\n" | 441 "4E 49 48 52 EA 05 5F 16 F2 98 51 AF 2F 79 36 2A\n" |
444 "A0 BA 36 68 1B 29 8B 7B E8 8C EA 73 31 E5 86 D7\n" | 442 "A0 BA 36 68 1B 29 8B 7B E8 8C EA 73 31 E5 86 D7\n" |
445 "2C D8 56 06 43 D7 72 D2 F0 27 4E 64 0A 2B 27 38\n" | 443 "2C D8 56 06 43 D7 72 D2 F0 27 4E 64 0A 2B 27 38\n" |
446 "36 CD BE C1 33 DB 74 4B 4E 74 BE 21 BD F6 81 66\n" | 444 "36 CD BE C1 33 DB 74 4B 4E 74 BE 21 BD F6 81 66\n" |
447 "D2 FD 2B 7F F4 55 36 C0 ED A7 44 CA B1 78 1D 0F", | 445 "D2 FD 2B 7F F4 55 36 C0 ED A7 44 CA B1 78 1D 0F", |
448 x509_certificate_model::ProcessRawBitsSignatureWrap( | 446 x509_certificate_model::ProcessRawBitsSignatureWrap( |
449 cert->os_cert_handle())); | 447 cert->os_cert_handle())); |
450 } | 448 } |
OLD | NEW |