Index: net/base/cert_database_nss_unittest.cc |
diff --git a/net/base/cert_database_nss_unittest.cc b/net/base/cert_database_nss_unittest.cc |
index 70d4224a89aac91a84b7cf10d8b9afda991ccb16..e6cf147419a27819d26399cdd2ee33bd1fe930d7 100644 |
--- a/net/base/cert_database_nss_unittest.cc |
+++ b/net/base/cert_database_nss_unittest.cc |
@@ -185,6 +185,24 @@ TEST_F(CertDatabaseNSSTest, ImportFromPKCS12AsExtractableAndExportAgain) { |
// TODO(mattm): further verification of exported data? |
} |
+TEST_F(CertDatabaseNSSTest, ImportFromPKCS12Twice) { |
+ std::string pkcs12_data = ReadTestFile("client.p12"); |
+ |
+ EXPECT_EQ(OK, cert_db_.ImportFromPKCS12(slot_, |
+ pkcs12_data, |
+ ASCIIToUTF16("12345"), |
+ true)); // is_extractable |
+ EXPECT_EQ(1U, ListCertsInSlot(slot_->os_module_handle()).size()); |
+ |
+ // NSS has a SEC_ERROR_PKCS12_DUPLICATE_DATA error, but it doesn't look like |
+ // it's ever used. This test verifies that. |
+ EXPECT_EQ(OK, cert_db_.ImportFromPKCS12(slot_, |
+ pkcs12_data, |
+ ASCIIToUTF16("12345"), |
+ true)); // is_extractable |
+ EXPECT_EQ(1U, ListCertsInSlot(slot_->os_module_handle()).size()); |
+} |
+ |
TEST_F(CertDatabaseNSSTest, ImportFromPKCS12AsUnextractableAndExportAgain) { |
std::string pkcs12_data = ReadTestFile("client.p12"); |
@@ -205,6 +223,19 @@ TEST_F(CertDatabaseNSSTest, ImportFromPKCS12AsUnextractableAndExportAgain) { |
&exported_data)); |
} |
+TEST_F(CertDatabaseNSSTest, ImportFromPKCS12InvalidFile) { |
+ std::string pkcs12_data = "Foobarbaz"; |
+ |
+ EXPECT_EQ(ERR_PKCS12_IMPORT_INVALID_FILE, |
+ cert_db_.ImportFromPKCS12(slot_, |
+ pkcs12_data, |
+ ASCIIToUTF16(""), |
+ true)); // is_extractable |
+ |
+ // Test db should still be empty. |
+ EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); |
+} |
+ |
TEST_F(CertDatabaseNSSTest, ImportCACert_SSLTrust) { |
std::string cert_data = ReadTestFile("root_ca_cert.crt"); |