| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/network/onc/onc_certificate_importer.h" | 5 #include "chromeos/network/onc/onc_certificate_importer.h" |
| 6 | 6 |
| 7 #include <cert.h> | 7 #include <cert.h> |
| 8 #include <certdb.h> | 8 #include <certdb.h> |
| 9 #include <keyhi.h> | 9 #include <keyhi.h> |
| 10 #include <pk11pub.h> | 10 #include <pk11pub.h> |
| (...skipping 137 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 148 | 148 |
| 149 crypto::ScopedTestNSSDB test_nssdb_; | 149 crypto::ScopedTestNSSDB test_nssdb_; |
| 150 }; | 150 }; |
| 151 | 151 |
| 152 TEST_F(ONCCertificateImporterTest, MultipleCertificates) { | 152 TEST_F(ONCCertificateImporterTest, MultipleCertificates) { |
| 153 AddCertificatesFromFile("managed_toplevel2.onc", | 153 AddCertificatesFromFile("managed_toplevel2.onc", |
| 154 CertificateImporter::IMPORT_OK); | 154 CertificateImporter::IMPORT_OK); |
| 155 EXPECT_EQ(onc_certificates_->GetSize(), result_list_.size()); | 155 EXPECT_EQ(onc_certificates_->GetSize(), result_list_.size()); |
| 156 } | 156 } |
| 157 | 157 |
| 158 TEST_F(ONCCertificateImporterTest, MultipleCertificatesWithFailures) { | 158 // Doesn't work with singleton isolation <http://crbug.com/238654>. |
| 159 TEST_F(ONCCertificateImporterTest, DISABLED_MultipleCertificatesWithFailures) { |
| 159 AddCertificatesFromFile("toplevel_partially_invalid.onc", | 160 AddCertificatesFromFile("toplevel_partially_invalid.onc", |
| 160 CertificateImporter::IMPORT_INCOMPLETE); | 161 CertificateImporter::IMPORT_INCOMPLETE); |
| 161 EXPECT_EQ(2ul, onc_certificates_->GetSize()); | 162 EXPECT_EQ(2ul, onc_certificates_->GetSize()); |
| 162 EXPECT_EQ(1ul, result_list_.size()); | 163 EXPECT_EQ(1ul, result_list_.size()); |
| 163 } | 164 } |
| 164 | 165 |
| 165 TEST_F(ONCCertificateImporterTest, AddClientCertificate) { | 166 // Doesn't work with singleton isolation <http://crbug.com/238654>. |
| 167 TEST_F(ONCCertificateImporterTest, DISABLED_AddClientCertificate) { |
| 166 std::string guid; | 168 std::string guid; |
| 167 AddCertificateFromFile("certificate-client.onc", net::USER_CERT, &guid); | 169 AddCertificateFromFile("certificate-client.onc", net::USER_CERT, &guid); |
| 168 EXPECT_TRUE(web_trust_certificates_.empty()); | 170 EXPECT_TRUE(web_trust_certificates_.empty()); |
| 169 | 171 |
| 170 SECKEYPrivateKeyList* privkey_list = | 172 SECKEYPrivateKeyList* privkey_list = |
| 171 PK11_ListPrivKeysInSlot(slot_->os_module_handle(), NULL, NULL); | 173 PK11_ListPrivKeysInSlot(slot_->os_module_handle(), NULL, NULL); |
| 172 EXPECT_TRUE(privkey_list); | 174 EXPECT_TRUE(privkey_list); |
| 173 if (privkey_list) { | 175 if (privkey_list) { |
| 174 SECKEYPrivateKeyListNode* node = PRIVKEY_LIST_HEAD(privkey_list); | 176 SECKEYPrivateKeyListNode* node = PRIVKEY_LIST_HEAD(privkey_list); |
| 175 int count = 0; | 177 int count = 0; |
| (...skipping 16 matching lines...) Expand all Loading... |
| 192 int count = 0; | 194 int count = 0; |
| 193 while (!PUBKEY_LIST_END(node, pubkey_list)) { | 195 while (!PUBKEY_LIST_END(node, pubkey_list)) { |
| 194 count++; | 196 count++; |
| 195 node = PUBKEY_LIST_NEXT(node); | 197 node = PUBKEY_LIST_NEXT(node); |
| 196 } | 198 } |
| 197 EXPECT_EQ(1, count); | 199 EXPECT_EQ(1, count); |
| 198 SECKEY_DestroyPublicKeyList(pubkey_list); | 200 SECKEY_DestroyPublicKeyList(pubkey_list); |
| 199 } | 201 } |
| 200 } | 202 } |
| 201 | 203 |
| 202 TEST_F(ONCCertificateImporterTest, AddServerCertificate) { | 204 // Doesn't work with singleton isolation <http://crbug.com/238654>. |
| 205 TEST_F(ONCCertificateImporterTest, DISABLED_AddServerCertificate) { |
| 203 std::string guid; | 206 std::string guid; |
| 204 AddCertificateFromFile("certificate-server.onc", net::SERVER_CERT, &guid); | 207 AddCertificateFromFile("certificate-server.onc", net::SERVER_CERT, &guid); |
| 205 | 208 |
| 206 SECKEYPrivateKeyList* privkey_list = | 209 SECKEYPrivateKeyList* privkey_list = |
| 207 PK11_ListPrivKeysInSlot(slot_->os_module_handle(), NULL, NULL); | 210 PK11_ListPrivKeysInSlot(slot_->os_module_handle(), NULL, NULL); |
| 208 EXPECT_FALSE(privkey_list); | 211 EXPECT_FALSE(privkey_list); |
| 209 | 212 |
| 210 SECKEYPublicKeyList* pubkey_list = | 213 SECKEYPublicKeyList* pubkey_list = |
| 211 PK11_ListPublicKeysInSlot(slot_->os_module_handle(), NULL); | 214 PK11_ListPublicKeysInSlot(slot_->os_module_handle(), NULL); |
| 212 EXPECT_FALSE(pubkey_list); | 215 EXPECT_FALSE(pubkey_list); |
| 213 | 216 |
| 214 ASSERT_EQ(1u, web_trust_certificates_.size()); | 217 ASSERT_EQ(1u, web_trust_certificates_.size()); |
| 215 ASSERT_EQ(1u, result_list_.size()); | 218 ASSERT_EQ(1u, result_list_.size()); |
| 216 EXPECT_TRUE(CERT_CompareCerts(result_list_[0]->os_cert_handle(), | 219 EXPECT_TRUE(CERT_CompareCerts(result_list_[0]->os_cert_handle(), |
| 217 web_trust_certificates_[0]->os_cert_handle())); | 220 web_trust_certificates_[0]->os_cert_handle())); |
| 218 } | 221 } |
| 219 | 222 |
| 220 TEST_F(ONCCertificateImporterTest, AddWebAuthorityCertificate) { | 223 // Doesn't work with singleton isolation <http://crbug.com/238654>. |
| 224 TEST_F(ONCCertificateImporterTest, DISABLED_AddWebAuthorityCertificate) { |
| 221 std::string guid; | 225 std::string guid; |
| 222 AddCertificateFromFile("certificate-web-authority.onc", net::CA_CERT, &guid); | 226 AddCertificateFromFile("certificate-web-authority.onc", net::CA_CERT, &guid); |
| 223 | 227 |
| 224 SECKEYPrivateKeyList* privkey_list = | 228 SECKEYPrivateKeyList* privkey_list = |
| 225 PK11_ListPrivKeysInSlot(slot_->os_module_handle(), NULL, NULL); | 229 PK11_ListPrivKeysInSlot(slot_->os_module_handle(), NULL, NULL); |
| 226 EXPECT_FALSE(privkey_list); | 230 EXPECT_FALSE(privkey_list); |
| 227 | 231 |
| 228 SECKEYPublicKeyList* pubkey_list = | 232 SECKEYPublicKeyList* pubkey_list = |
| 229 PK11_ListPublicKeysInSlot(slot_->os_module_handle(), NULL); | 233 PK11_ListPublicKeysInSlot(slot_->os_module_handle(), NULL); |
| 230 EXPECT_FALSE(pubkey_list); | 234 EXPECT_FALSE(pubkey_list); |
| 231 | 235 |
| 232 ASSERT_EQ(1u, web_trust_certificates_.size()); | 236 ASSERT_EQ(1u, web_trust_certificates_.size()); |
| 233 ASSERT_EQ(1u, result_list_.size()); | 237 ASSERT_EQ(1u, result_list_.size()); |
| 234 EXPECT_TRUE(CERT_CompareCerts(result_list_[0]->os_cert_handle(), | 238 EXPECT_TRUE(CERT_CompareCerts(result_list_[0]->os_cert_handle(), |
| 235 web_trust_certificates_[0]->os_cert_handle())); | 239 web_trust_certificates_[0]->os_cert_handle())); |
| 236 } | 240 } |
| 237 | 241 |
| 238 TEST_F(ONCCertificateImporterTest, AddAuthorityCertificateWithoutWebTrust) { | 242 // Doesn't work with singleton isolation <http://crbug.com/238654>. |
| 243 TEST_F(ONCCertificateImporterTest, |
| 244 DISABLED_AddAuthorityCertificateWithoutWebTrust) { |
| 239 std::string guid; | 245 std::string guid; |
| 240 AddCertificateFromFile("certificate-authority.onc", net::CA_CERT, &guid); | 246 AddCertificateFromFile("certificate-authority.onc", net::CA_CERT, &guid); |
| 241 EXPECT_TRUE(web_trust_certificates_.empty()); | 247 EXPECT_TRUE(web_trust_certificates_.empty()); |
| 242 | 248 |
| 243 SECKEYPrivateKeyList* privkey_list = | 249 SECKEYPrivateKeyList* privkey_list = |
| 244 PK11_ListPrivKeysInSlot(slot_->os_module_handle(), NULL, NULL); | 250 PK11_ListPrivKeysInSlot(slot_->os_module_handle(), NULL, NULL); |
| 245 EXPECT_FALSE(privkey_list); | 251 EXPECT_FALSE(privkey_list); |
| 246 | 252 |
| 247 SECKEYPublicKeyList* pubkey_list = | 253 SECKEYPublicKeyList* pubkey_list = |
| 248 PK11_ListPublicKeysInSlot(slot_->os_module_handle(), NULL); | 254 PK11_ListPublicKeysInSlot(slot_->os_module_handle(), NULL); |
| (...skipping 11 matching lines...) Expand all Loading... |
| 260 net::CertType cert_type; | 266 net::CertType cert_type; |
| 261 const char* original_file; | 267 const char* original_file; |
| 262 const char* update_file; | 268 const char* update_file; |
| 263 }; | 269 }; |
| 264 | 270 |
| 265 class ONCCertificateImporterTestWithParam : | 271 class ONCCertificateImporterTestWithParam : |
| 266 public ONCCertificateImporterTest, | 272 public ONCCertificateImporterTest, |
| 267 public testing::WithParamInterface<CertParam> { | 273 public testing::WithParamInterface<CertParam> { |
| 268 }; | 274 }; |
| 269 | 275 |
| 270 TEST_P(ONCCertificateImporterTestWithParam, UpdateCertificate) { | 276 // Doesn't work with singleton isolation <http://crbug.com/238654>. |
| 277 TEST_P(ONCCertificateImporterTestWithParam, DISABLED_UpdateCertificate) { |
| 271 // First we import a certificate. | 278 // First we import a certificate. |
| 272 { | 279 { |
| 273 SCOPED_TRACE("Import original certificate"); | 280 SCOPED_TRACE("Import original certificate"); |
| 274 std::string guid_original; | 281 std::string guid_original; |
| 275 AddCertificateFromFile(GetParam().original_file, GetParam().cert_type, | 282 AddCertificateFromFile(GetParam().original_file, GetParam().cert_type, |
| 276 &guid_original); | 283 &guid_original); |
| 277 } | 284 } |
| 278 | 285 |
| 279 // Now we import the same certificate with a different GUID. The cert should | 286 // Now we import the same certificate with a different GUID. The cert should |
| 280 // be retrievable via the new GUID. | 287 // be retrievable via the new GUID. |
| 281 { | 288 { |
| 282 SCOPED_TRACE("Import updated certificate"); | 289 SCOPED_TRACE("Import updated certificate"); |
| 283 std::string guid_updated; | 290 std::string guid_updated; |
| 284 AddCertificateFromFile(GetParam().update_file, GetParam().cert_type, | 291 AddCertificateFromFile(GetParam().update_file, GetParam().cert_type, |
| 285 &guid_updated); | 292 &guid_updated); |
| 286 } | 293 } |
| 287 } | 294 } |
| 288 | 295 |
| 289 TEST_P(ONCCertificateImporterTestWithParam, ReimportCertificate) { | 296 // Doesn't work with singleton isolation <http://crbug.com/238654>. |
| 297 TEST_P(ONCCertificateImporterTestWithParam, DISABLED_ReimportCertificate) { |
| 290 // Verify that reimporting a client certificate works. | 298 // Verify that reimporting a client certificate works. |
| 291 for (int i = 0; i < 2; ++i) { | 299 for (int i = 0; i < 2; ++i) { |
| 292 SCOPED_TRACE("Import certificate, iteration " + base::IntToString(i)); | 300 SCOPED_TRACE("Import certificate, iteration " + base::IntToString(i)); |
| 293 | 301 |
| 294 std::string guid_original; | 302 std::string guid_original; |
| 295 AddCertificateFromFile(GetParam().original_file, GetParam().cert_type, | 303 AddCertificateFromFile(GetParam().original_file, GetParam().cert_type, |
| 296 &guid_original); | 304 &guid_original); |
| 297 } | 305 } |
| 298 } | 306 } |
| 299 | 307 |
| 300 INSTANTIATE_TEST_CASE_P( | 308 INSTANTIATE_TEST_CASE_P( |
| 301 ONCCertificateImporterTestWithParam, | 309 ONCCertificateImporterTestWithParam, |
| 302 ONCCertificateImporterTestWithParam, | 310 ONCCertificateImporterTestWithParam, |
| 303 ::testing::Values( | 311 ::testing::Values( |
| 304 CertParam(net::USER_CERT, | 312 CertParam(net::USER_CERT, |
| 305 "certificate-client.onc", | 313 "certificate-client.onc", |
| 306 "certificate-client-update.onc"), | 314 "certificate-client-update.onc"), |
| 307 CertParam(net::SERVER_CERT, | 315 CertParam(net::SERVER_CERT, |
| 308 "certificate-server.onc", | 316 "certificate-server.onc", |
| 309 "certificate-server-update.onc"), | 317 "certificate-server-update.onc"), |
| 310 CertParam(net::CA_CERT, | 318 CertParam(net::CA_CERT, |
| 311 "certificate-web-authority.onc", | 319 "certificate-web-authority.onc", |
| 312 "certificate-web-authority-update.onc"))); | 320 "certificate-web-authority-update.onc"))); |
| 313 | 321 |
| 314 } // namespace onc | 322 } // namespace onc |
| 315 } // namespace chromeos | 323 } // namespace chromeos |
| OLD | NEW |