| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/net/x509_certificate_model.h" | 5 #include "chrome/common/net/x509_certificate_model.h" |
| 6 | 6 |
| 7 #include "base/files/file_path.h" | 7 #include "base/files/file_path.h" |
| 8 #include "base/path_service.h" | 8 #include "base/path_service.h" |
| 9 #include "net/base/test_data_directory.h" | 9 #include "net/base/test_data_directory.h" |
| 10 #include "net/test/cert_test_util.h" | 10 #include "net/test/cert_test_util.h" |
| 11 #include "testing/gtest/include/gtest/gtest.h" | 11 #include "testing/gtest/include/gtest/gtest.h" |
| 12 | 12 |
| 13 #if defined(USE_NSS) | 13 #if defined(USE_NSS) |
| 14 #include "crypto/nss_util_internal.h" | 14 #include "crypto/scoped_test_nss_db.h" |
| 15 #include "net/cert/nss_cert_database.h" | 15 #include "net/cert/nss_cert_database.h" |
| 16 #endif | 16 #endif |
| 17 | 17 |
| 18 TEST(X509CertificateModelTest, GetCertNameOrNicknameAndGetTitle) { | 18 TEST(X509CertificateModelTest, GetCertNameOrNicknameAndGetTitle) { |
| 19 scoped_refptr<net::X509Certificate> cert( | 19 scoped_refptr<net::X509Certificate> cert( |
| 20 net::ImportCertFromFile(net::GetTestCertsDirectory(), | 20 net::ImportCertFromFile(net::GetTestCertsDirectory(), |
| 21 "root_ca_cert.pem")); | 21 "root_ca_cert.pem")); |
| 22 ASSERT_TRUE(cert.get()); | 22 ASSERT_TRUE(cert.get()); |
| 23 EXPECT_EQ( | 23 EXPECT_EQ( |
| 24 "Test Root CA", | 24 "Test Root CA", |
| (...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 217 ASSERT_TRUE(cert.get()); | 217 ASSERT_TRUE(cert.get()); |
| 218 | 218 |
| 219 #if defined(USE_OPENSSL) | 219 #if defined(USE_OPENSSL) |
| 220 // Remove this when OpenSSL build implements the necessary functions. | 220 // Remove this when OpenSSL build implements the necessary functions. |
| 221 EXPECT_EQ(net::OTHER_CERT, | 221 EXPECT_EQ(net::OTHER_CERT, |
| 222 x509_certificate_model::GetType(cert->os_cert_handle())); | 222 x509_certificate_model::GetType(cert->os_cert_handle())); |
| 223 #else | 223 #else |
| 224 EXPECT_EQ(net::CA_CERT, | 224 EXPECT_EQ(net::CA_CERT, |
| 225 x509_certificate_model::GetType(cert->os_cert_handle())); | 225 x509_certificate_model::GetType(cert->os_cert_handle())); |
| 226 | 226 |
| 227 // Additional parantheses required to disambiguate from function declaration. | 227 crypto::ScopedTestNSSDB test_nssdb; |
| 228 net::NSSCertDatabase db( | 228 net::NSSCertDatabase db(crypto::ScopedPK11Slot(PK11_ReferenceSlot( |
| 229 (crypto::ScopedPK11Slot( | 229 test_nssdb.slot())) /* public slot */, |
| 230 crypto::GetPersistentNSSKeySlot())) /* public slot */, | 230 crypto::ScopedPK11Slot(PK11_ReferenceSlot( |
| 231 crypto::ScopedPK11Slot( | 231 test_nssdb.slot())) /* private slot */); |
| 232 crypto::GetPersistentNSSKeySlot()) /* private lot */); | |
| 233 | 232 |
| 234 // Test that explicitly distrusted CA certs are still returned as CA_CERT | 233 // Test that explicitly distrusted CA certs are still returned as CA_CERT |
| 235 // type. See http://crbug.com/96654. | 234 // type. See http://crbug.com/96654. |
| 236 EXPECT_TRUE(db.SetCertTrust( | 235 EXPECT_TRUE(db.SetCertTrust( |
| 237 cert.get(), net::CA_CERT, net::NSSCertDatabase::DISTRUSTED_SSL)); | 236 cert.get(), net::CA_CERT, net::NSSCertDatabase::DISTRUSTED_SSL)); |
| 238 | 237 |
| 239 EXPECT_EQ(net::CA_CERT, | 238 EXPECT_EQ(net::CA_CERT, |
| 240 x509_certificate_model::GetType(cert->os_cert_handle())); | 239 x509_certificate_model::GetType(cert->os_cert_handle())); |
| 241 #endif | 240 #endif |
| 242 } | 241 } |
| 243 | 242 |
| 244 TEST(X509CertificateModelTest, GetTypeServer) { | 243 TEST(X509CertificateModelTest, GetTypeServer) { |
| 245 scoped_refptr<net::X509Certificate> cert( | 244 scoped_refptr<net::X509Certificate> cert( |
| 246 net::ImportCertFromFile(net::GetTestCertsDirectory(), | 245 net::ImportCertFromFile(net::GetTestCertsDirectory(), |
| 247 "google.single.der")); | 246 "google.single.der")); |
| 248 ASSERT_TRUE(cert.get()); | 247 ASSERT_TRUE(cert.get()); |
| 249 | 248 |
| 250 #if defined(USE_OPENSSL) | 249 #if defined(USE_OPENSSL) |
| 251 // Remove this when OpenSSL build implements the necessary functions. | 250 // Remove this when OpenSSL build implements the necessary functions. |
| 252 EXPECT_EQ(net::OTHER_CERT, | 251 EXPECT_EQ(net::OTHER_CERT, |
| 253 x509_certificate_model::GetType(cert->os_cert_handle())); | 252 x509_certificate_model::GetType(cert->os_cert_handle())); |
| 254 #else | 253 #else |
| 255 // Test mozilla_security_manager::GetCertType with server certs and default | 254 // Test mozilla_security_manager::GetCertType with server certs and default |
| 256 // trust. Currently this doesn't work. | 255 // trust. Currently this doesn't work. |
| 257 // TODO(mattm): make mozilla_security_manager::GetCertType smarter so we can | 256 // TODO(mattm): make mozilla_security_manager::GetCertType smarter so we can |
| 258 // tell server certs even if they have no trust bits set. | 257 // tell server certs even if they have no trust bits set. |
| 259 EXPECT_EQ(net::OTHER_CERT, | 258 EXPECT_EQ(net::OTHER_CERT, |
| 260 x509_certificate_model::GetType(cert->os_cert_handle())); | 259 x509_certificate_model::GetType(cert->os_cert_handle())); |
| 261 | 260 |
| 262 // Additional parantheses required to disambiguate from function declaration. | 261 crypto::ScopedTestNSSDB test_nssdb; |
| 263 net::NSSCertDatabase db( | 262 net::NSSCertDatabase db(crypto::ScopedPK11Slot(PK11_ReferenceSlot( |
| 264 (crypto::ScopedPK11Slot( | 263 test_nssdb.slot())) /* public slot */, |
| 265 crypto::GetPersistentNSSKeySlot())) /* public slot */, | 264 crypto::ScopedPK11Slot(PK11_ReferenceSlot( |
| 266 crypto::ScopedPK11Slot( | 265 test_nssdb.slot())) /* private slot */); |
| 267 crypto::GetPersistentNSSKeySlot()) /* private lot */); | |
| 268 | 266 |
| 269 // Test GetCertType with server certs and explicit trust. | 267 // Test GetCertType with server certs and explicit trust. |
| 270 EXPECT_TRUE(db.SetCertTrust( | 268 EXPECT_TRUE(db.SetCertTrust( |
| 271 cert.get(), net::SERVER_CERT, net::NSSCertDatabase::TRUSTED_SSL)); | 269 cert.get(), net::SERVER_CERT, net::NSSCertDatabase::TRUSTED_SSL)); |
| 272 | 270 |
| 273 EXPECT_EQ(net::SERVER_CERT, | 271 EXPECT_EQ(net::SERVER_CERT, |
| 274 x509_certificate_model::GetType(cert->os_cert_handle())); | 272 x509_certificate_model::GetType(cert->os_cert_handle())); |
| 275 | 273 |
| 276 // Test GetCertType with server certs and explicit distrust. | 274 // Test GetCertType with server certs and explicit distrust. |
| 277 EXPECT_TRUE(db.SetCertTrust( | 275 EXPECT_TRUE(db.SetCertTrust( |
| (...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 441 "09 6B 5A 6B F1 95 D3 9D 3F E0 42 63 FC B7 32 90\n" | 439 "09 6B 5A 6B F1 95 D3 9D 3F E0 42 63 FC B7 32 90\n" |
| 442 "55 56 F2 76 1B 71 38 BD BD FB 3B 23 50 46 4C 2C\n" | 440 "55 56 F2 76 1B 71 38 BD BD FB 3B 23 50 46 4C 2C\n" |
| 443 "4E 49 48 52 EA 05 5F 16 F2 98 51 AF 2F 79 36 2A\n" | 441 "4E 49 48 52 EA 05 5F 16 F2 98 51 AF 2F 79 36 2A\n" |
| 444 "A0 BA 36 68 1B 29 8B 7B E8 8C EA 73 31 E5 86 D7\n" | 442 "A0 BA 36 68 1B 29 8B 7B E8 8C EA 73 31 E5 86 D7\n" |
| 445 "2C D8 56 06 43 D7 72 D2 F0 27 4E 64 0A 2B 27 38\n" | 443 "2C D8 56 06 43 D7 72 D2 F0 27 4E 64 0A 2B 27 38\n" |
| 446 "36 CD BE C1 33 DB 74 4B 4E 74 BE 21 BD F6 81 66\n" | 444 "36 CD BE C1 33 DB 74 4B 4E 74 BE 21 BD F6 81 66\n" |
| 447 "D2 FD 2B 7F F4 55 36 C0 ED A7 44 CA B1 78 1D 0F", | 445 "D2 FD 2B 7F F4 55 36 C0 ED A7 44 CA B1 78 1D 0F", |
| 448 x509_certificate_model::ProcessRawBitsSignatureWrap( | 446 x509_certificate_model::ProcessRawBitsSignatureWrap( |
| 449 cert->os_cert_handle())); | 447 cert->os_cert_handle())); |
| 450 } | 448 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 401623006:
Extract ScopedTestNSSDB from nss_util. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src