Issue #1338 - Part 2: Update NSS to 3.48-RTM

author: wolfbeast <mcwerewolf@wolfbeast.com> 2020-01-02 21:06:40 +0100
committer: wolfbeast <mcwerewolf@wolfbeast.com> 2020-01-02 21:06:40 +0100
commit: f4a12fc67689a830e9da1c87fd11afe5bc09deb3 (patch)
tree: 211ae0cd022a6c11b0026ecc7761a550c584583c /security/nss/gtests/certdb_gtest
parent: f7d30133221896638f7bf4f66c504255c4b14f48 (diff)
download: UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar
UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.gz
UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.lz
UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.xz
UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.zip
4 files changed, 80 insertions, 0 deletions
diff --git a/security/nss/gtests/certdb_gtest/cert_unittest.cc b/security/nss/gtests/certdb_gtest/cert_unittest.cc
new file mode 100644
index 000000000..93003fa59
--- /dev/null
+++ b/security/nss/gtests/certdb_gtest/cert_unittest.cc
@@ -0,0 +1,47 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "gtest/gtest.h"
+
+#include "nss.h"
+#include "secerr.h"
+#include "pk11pub.h"
+#include "nss_scoped_ptrs.h"
+
+namespace nss_test {
+
+class CertTest : public ::testing::Test {};
+
+// Tests CERT_GetCertificateDer for the certs we have.
+TEST_F(CertTest, GetCertDer) {
+  // Listing all the certs should get us the default trust anchors.
+  ScopedCERTCertList certs(PK11_ListCerts(PK11CertListAll, nullptr));
+  ASSERT_FALSE(PR_CLIST_IS_EMPTY(&certs->list));
+
+  for (PRCList* cursor = PR_NEXT_LINK(&certs->list); cursor != &certs->list;
+       cursor = PR_NEXT_LINK(cursor)) {
+    CERTCertListNode* node = (CERTCertListNode*)cursor;
+    SECItem der;
+    ASSERT_EQ(SECSuccess, CERT_GetCertificateDer(node->cert, &der));
+    ASSERT_EQ(0, SECITEM_CompareItem(&der, &node->cert->derCert));
+  }
+}
+
+TEST_F(CertTest, GetCertDerBad) {
+  EXPECT_EQ(SECFailure, CERT_GetCertificateDer(nullptr, nullptr));
+  EXPECT_EQ(SEC_ERROR_INVALID_ARGS, PORT_GetError());
+
+  ScopedCERTCertList certs(PK11_ListCerts(PK11CertListAll, nullptr));
+  ASSERT_FALSE(PR_CLIST_IS_EMPTY(&certs->list));
+  CERTCertListNode* node = (CERTCertListNode*)PR_NEXT_LINK(&certs->list);
+  EXPECT_EQ(SECFailure, CERT_GetCertificateDer(node->cert, nullptr));
+  EXPECT_EQ(SEC_ERROR_INVALID_ARGS, PORT_GetError());
+
+  SECItem der;
+  EXPECT_EQ(SECFailure, CERT_GetCertificateDer(nullptr, &der));
+  EXPECT_EQ(SEC_ERROR_INVALID_ARGS, PORT_GetError());
+}
+}
diff --git a/security/nss/gtests/certdb_gtest/certdb_gtest.gyp b/security/nss/gtests/certdb_gtest/certdb_gtest.gyp
index 898102def..7f5bb324b 100644
--- a/security/nss/gtests/certdb_gtest/certdb_gtest.gyp
+++ b/security/nss/gtests/certdb_gtest/certdb_gtest.gyp
@@ -12,6 +12,8 @@
       'type': 'executable',
       'sources': [
         'alg1485_unittest.cc',
+        'cert_unittest.cc',
+        'decode_certs_unittest.cc',
         '<(DEPTH)/gtests/common/gtests.cc'
       ],
       'dependencies': [
@@ -20,6 +22,7 @@
         '<(DEPTH)/lib/util/util.gyp:nssutil3',
         '<(DEPTH)/lib/ssl/ssl.gyp:ssl3',
         '<(DEPTH)/lib/nss/nss.gyp:nss3',
+        '<(DEPTH)/lib/smime/smime.gyp:smime3',
       ]
     }
   ],
diff --git a/security/nss/gtests/certdb_gtest/decode_certs_unittest.cc b/security/nss/gtests/certdb_gtest/decode_certs_unittest.cc
new file mode 100644
index 000000000..405194edc
--- /dev/null
+++ b/security/nss/gtests/certdb_gtest/decode_certs_unittest.cc
@@ -0,0 +1,28 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "gtest/gtest.h"
+
+#include "cert.h"
+#include "prerror.h"
+#include "secerr.h"
+
+class DecodeCertsTest : public ::testing::Test {};
+
+TEST_F(DecodeCertsTest, EmptyCertPackage) {
+  // This represents a PKCS#7 ContentInfo with a contentType of
+  // '2.16.840.1.113730.2.5' (Netscape data-type cert-sequence) and a content
+  // consisting of an empty SEQUENCE. This is valid ASN.1, but it contains no
+  // certificates, so CERT_DecodeCertFromPackage should just return a null
+  // pointer.
+  unsigned char emptyCertPackage[] = {0x30, 0x0f, 0x06, 0x09, 0x60, 0x86,
+                                      0x48, 0x01, 0x86, 0xf8, 0x42, 0x02,
+                                      0x05, 0xa0, 0x02, 0x30, 0x00};
+  EXPECT_EQ(nullptr, CERT_DecodeCertFromPackage(
+                         reinterpret_cast<char*>(emptyCertPackage),
+                         sizeof(emptyCertPackage)));
+  EXPECT_EQ(SEC_ERROR_BAD_DER, PR_GetError());
+}
diff --git a/security/nss/gtests/certdb_gtest/manifest.mn b/security/nss/gtests/certdb_gtest/manifest.mn
index 4a3a1fda0..c95cf991f 100644
--- a/security/nss/gtests/certdb_gtest/manifest.mn
+++ b/security/nss/gtests/certdb_gtest/manifest.mn
@@ -8,6 +8,8 @@ MODULE = nss
 
 CPPSRCS = \
       alg1485_unittest.cc \
+      cert_unittest.cc \
+      decode_certs_unittest.cc \
       $(NULL)
 
 INCLUDES += -I$(CORE_DEPTH)/gtests/google_test/gtest/include \
author	wolfbeast <mcwerewolf@wolfbeast.com>	2020-01-02 21:06:40 +0100
committer	wolfbeast <mcwerewolf@wolfbeast.com>	2020-01-02 21:06:40 +0100
commit	f4a12fc67689a830e9da1c87fd11afe5bc09deb3 (patch)
tree	211ae0cd022a6c11b0026ecc7761a550c584583c /security/nss/gtests/certdb_gtest
parent	f7d30133221896638f7bf4f66c504255c4b14f48 (diff)
download	UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.gz UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.lz UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.xz UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.zip