Linux Cert manager: improve PKCS #12 import error messages.

net/base/cert_database_nss_unittest.cc

Index: net/base/cert_database_nss_unittest.cc
diff --git a/net/base/cert_database_nss_unittest.cc b/net/base/cert_database_nss_unittest.cc
index 70d4224a89aac91a84b7cf10d8b9afda991ccb16..e6cf147419a27819d26399cdd2ee33bd1fe930d7 100644
--- a/net/base/cert_database_nss_unittest.cc
+++ b/net/base/cert_database_nss_unittest.cc
@@ -185,6 +185,24 @@ TEST_F(CertDatabaseNSSTest, ImportFromPKCS12AsExtractableAndExportAgain) {
   // TODO(mattm): further verification of exported data?
 }
 
+TEST_F(CertDatabaseNSSTest, ImportFromPKCS12Twice) {
+  std::string pkcs12_data = ReadTestFile("client.p12");
+
+  EXPECT_EQ(OK, cert_db_.ImportFromPKCS12(slot_,
+                                          pkcs12_data,
+                                          ASCIIToUTF16("12345"),
+                                          true));  // is_extractable
+  EXPECT_EQ(1U, ListCertsInSlot(slot_->os_module_handle()).size());
+
+  // NSS has a SEC_ERROR_PKCS12_DUPLICATE_DATA error, but it doesn't look like
+  // it's ever used.  This test verifies that.
+  EXPECT_EQ(OK, cert_db_.ImportFromPKCS12(slot_,
+                                          pkcs12_data,
+                                          ASCIIToUTF16("12345"),
+                                          true));  // is_extractable
+  EXPECT_EQ(1U, ListCertsInSlot(slot_->os_module_handle()).size());
+}
+
 TEST_F(CertDatabaseNSSTest, ImportFromPKCS12AsUnextractableAndExportAgain) {
   std::string pkcs12_data = ReadTestFile("client.p12");
 
@@ -205,6 +223,19 @@ TEST_F(CertDatabaseNSSTest, ImportFromPKCS12AsUnextractableAndExportAgain) {
                                        &exported_data));
 }
 
+TEST_F(CertDatabaseNSSTest, ImportFromPKCS12InvalidFile) {
+  std::string pkcs12_data = "Foobarbaz";
+
+  EXPECT_EQ(ERR_PKCS12_IMPORT_INVALID_FILE,
+            cert_db_.ImportFromPKCS12(slot_,
+                                      pkcs12_data,
+                                      ASCIIToUTF16(""),
+                                      true));  // is_extractable
+
+  // Test db should still be empty.
+  EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size());
+}
+
 TEST_F(CertDatabaseNSSTest, ImportCACert_SSLTrust) {
   std::string cert_data = ReadTestFile("root_ca_cert.crt");