OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <cert.h> | 5 #include <cert.h> |
6 #include <pk11pub.h> | 6 #include <pk11pub.h> |
7 | 7 |
8 #include <algorithm> | 8 #include <algorithm> |
9 | 9 |
10 #include "base/file_path.h" | 10 #include "base/file_path.h" |
(...skipping 167 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
178 cert->subject().common_name); | 178 cert->subject().common_name); |
179 | 179 |
180 // TODO(mattm): move export test to seperate test case? | 180 // TODO(mattm): move export test to seperate test case? |
181 std::string exported_data; | 181 std::string exported_data; |
182 EXPECT_EQ(1, cert_db_.ExportToPKCS12(cert_list, ASCIIToUTF16("exportpw"), | 182 EXPECT_EQ(1, cert_db_.ExportToPKCS12(cert_list, ASCIIToUTF16("exportpw"), |
183 &exported_data)); | 183 &exported_data)); |
184 ASSERT_LT(0U, exported_data.size()); | 184 ASSERT_LT(0U, exported_data.size()); |
185 // TODO(mattm): further verification of exported data? | 185 // TODO(mattm): further verification of exported data? |
186 } | 186 } |
187 | 187 |
| 188 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12Twice) { |
| 189 std::string pkcs12_data = ReadTestFile("client.p12"); |
| 190 |
| 191 EXPECT_EQ(OK, cert_db_.ImportFromPKCS12(slot_, |
| 192 pkcs12_data, |
| 193 ASCIIToUTF16("12345"), |
| 194 true)); // is_extractable |
| 195 EXPECT_EQ(1U, ListCertsInSlot(slot_->os_module_handle()).size()); |
| 196 |
| 197 // NSS has a SEC_ERROR_PKCS12_DUPLICATE_DATA error, but it doesn't look like |
| 198 // it's ever used. This test verifies that. |
| 199 EXPECT_EQ(OK, cert_db_.ImportFromPKCS12(slot_, |
| 200 pkcs12_data, |
| 201 ASCIIToUTF16("12345"), |
| 202 true)); // is_extractable |
| 203 EXPECT_EQ(1U, ListCertsInSlot(slot_->os_module_handle()).size()); |
| 204 } |
| 205 |
188 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12AsUnextractableAndExportAgain) { | 206 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12AsUnextractableAndExportAgain) { |
189 std::string pkcs12_data = ReadTestFile("client.p12"); | 207 std::string pkcs12_data = ReadTestFile("client.p12"); |
190 | 208 |
191 EXPECT_EQ(OK, cert_db_.ImportFromPKCS12(slot_, | 209 EXPECT_EQ(OK, cert_db_.ImportFromPKCS12(slot_, |
192 pkcs12_data, | 210 pkcs12_data, |
193 ASCIIToUTF16("12345"), | 211 ASCIIToUTF16("12345"), |
194 false)); // is_extractable | 212 false)); // is_extractable |
195 | 213 |
196 CertificateList cert_list = ListCertsInSlot(slot_->os_module_handle()); | 214 CertificateList cert_list = ListCertsInSlot(slot_->os_module_handle()); |
197 ASSERT_EQ(1U, cert_list.size()); | 215 ASSERT_EQ(1U, cert_list.size()); |
198 scoped_refptr<X509Certificate> cert(cert_list[0]); | 216 scoped_refptr<X509Certificate> cert(cert_list[0]); |
199 | 217 |
200 EXPECT_EQ("testusercert", | 218 EXPECT_EQ("testusercert", |
201 cert->subject().common_name); | 219 cert->subject().common_name); |
202 | 220 |
203 std::string exported_data; | 221 std::string exported_data; |
204 EXPECT_EQ(0, cert_db_.ExportToPKCS12(cert_list, ASCIIToUTF16("exportpw"), | 222 EXPECT_EQ(0, cert_db_.ExportToPKCS12(cert_list, ASCIIToUTF16("exportpw"), |
205 &exported_data)); | 223 &exported_data)); |
206 } | 224 } |
207 | 225 |
| 226 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12InvalidFile) { |
| 227 std::string pkcs12_data = "Foobarbaz"; |
| 228 |
| 229 EXPECT_EQ(ERR_PKCS12_IMPORT_INVALID_FILE, |
| 230 cert_db_.ImportFromPKCS12(slot_, |
| 231 pkcs12_data, |
| 232 ASCIIToUTF16(""), |
| 233 true)); // is_extractable |
| 234 |
| 235 // Test db should still be empty. |
| 236 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); |
| 237 } |
| 238 |
208 TEST_F(CertDatabaseNSSTest, ImportCACert_SSLTrust) { | 239 TEST_F(CertDatabaseNSSTest, ImportCACert_SSLTrust) { |
209 std::string cert_data = ReadTestFile("root_ca_cert.crt"); | 240 std::string cert_data = ReadTestFile("root_ca_cert.crt"); |
210 | 241 |
211 CertificateList certs = | 242 CertificateList certs = |
212 X509Certificate::CreateCertificateListFromBytes( | 243 X509Certificate::CreateCertificateListFromBytes( |
213 cert_data.data(), cert_data.size(), X509Certificate::FORMAT_AUTO); | 244 cert_data.data(), cert_data.size(), X509Certificate::FORMAT_AUTO); |
214 ASSERT_EQ(1U, certs.size()); | 245 ASSERT_EQ(1U, certs.size()); |
215 EXPECT_FALSE(certs[0]->os_cert_handle()->isperm); | 246 EXPECT_FALSE(certs[0]->os_cert_handle()->isperm); |
216 | 247 |
217 // Import it. | 248 // Import it. |
(...skipping 300 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
518 puny_cert.get(), CA_CERT, | 549 puny_cert.get(), CA_CERT, |
519 CertDatabase::TRUSTED_SSL | CertDatabase::TRUSTED_EMAIL)); | 550 CertDatabase::TRUSTED_SSL | CertDatabase::TRUSTED_EMAIL)); |
520 | 551 |
521 verify_result.Reset(); | 552 verify_result.Reset(); |
522 error = puny_cert->Verify("xn--wgv71a119e.com", flags, &verify_result); | 553 error = puny_cert->Verify("xn--wgv71a119e.com", flags, &verify_result); |
523 EXPECT_EQ(OK, error); | 554 EXPECT_EQ(OK, error); |
524 EXPECT_EQ(0, verify_result.cert_status); | 555 EXPECT_EQ(0, verify_result.cert_status); |
525 } | 556 } |
526 | 557 |
527 } // namespace net | 558 } // namespace net |
OLD | NEW |