summaryrefslogtreecommitdiffstats
path: root/security/nss/gtests/certdb_gtest
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/gtests/certdb_gtest')
-rw-r--r--security/nss/gtests/certdb_gtest/cert_unittest.cc47
-rw-r--r--security/nss/gtests/certdb_gtest/certdb_gtest.gyp3
-rw-r--r--security/nss/gtests/certdb_gtest/decode_certs_unittest.cc28
-rw-r--r--security/nss/gtests/certdb_gtest/manifest.mn2
4 files changed, 80 insertions, 0 deletions
diff --git a/security/nss/gtests/certdb_gtest/cert_unittest.cc b/security/nss/gtests/certdb_gtest/cert_unittest.cc
new file mode 100644
index 000000000..93003fa59
--- /dev/null
+++ b/security/nss/gtests/certdb_gtest/cert_unittest.cc
@@ -0,0 +1,47 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "gtest/gtest.h"
+
+#include "nss.h"
+#include "secerr.h"
+#include "pk11pub.h"
+#include "nss_scoped_ptrs.h"
+
+namespace nss_test {
+
+class CertTest : public ::testing::Test {};
+
+// Tests CERT_GetCertificateDer for the certs we have.
+TEST_F(CertTest, GetCertDer) {
+ // Listing all the certs should get us the default trust anchors.
+ ScopedCERTCertList certs(PK11_ListCerts(PK11CertListAll, nullptr));
+ ASSERT_FALSE(PR_CLIST_IS_EMPTY(&certs->list));
+
+ for (PRCList* cursor = PR_NEXT_LINK(&certs->list); cursor != &certs->list;
+ cursor = PR_NEXT_LINK(cursor)) {
+ CERTCertListNode* node = (CERTCertListNode*)cursor;
+ SECItem der;
+ ASSERT_EQ(SECSuccess, CERT_GetCertificateDer(node->cert, &der));
+ ASSERT_EQ(0, SECITEM_CompareItem(&der, &node->cert->derCert));
+ }
+}
+
+TEST_F(CertTest, GetCertDerBad) {
+ EXPECT_EQ(SECFailure, CERT_GetCertificateDer(nullptr, nullptr));
+ EXPECT_EQ(SEC_ERROR_INVALID_ARGS, PORT_GetError());
+
+ ScopedCERTCertList certs(PK11_ListCerts(PK11CertListAll, nullptr));
+ ASSERT_FALSE(PR_CLIST_IS_EMPTY(&certs->list));
+ CERTCertListNode* node = (CERTCertListNode*)PR_NEXT_LINK(&certs->list);
+ EXPECT_EQ(SECFailure, CERT_GetCertificateDer(node->cert, nullptr));
+ EXPECT_EQ(SEC_ERROR_INVALID_ARGS, PORT_GetError());
+
+ SECItem der;
+ EXPECT_EQ(SECFailure, CERT_GetCertificateDer(nullptr, &der));
+ EXPECT_EQ(SEC_ERROR_INVALID_ARGS, PORT_GetError());
+}
+}
diff --git a/security/nss/gtests/certdb_gtest/certdb_gtest.gyp b/security/nss/gtests/certdb_gtest/certdb_gtest.gyp
index 898102def..7f5bb324b 100644
--- a/security/nss/gtests/certdb_gtest/certdb_gtest.gyp
+++ b/security/nss/gtests/certdb_gtest/certdb_gtest.gyp
@@ -12,6 +12,8 @@
'type': 'executable',
'sources': [
'alg1485_unittest.cc',
+ 'cert_unittest.cc',
+ 'decode_certs_unittest.cc',
'<(DEPTH)/gtests/common/gtests.cc'
],
'dependencies': [
@@ -20,6 +22,7 @@
'<(DEPTH)/lib/util/util.gyp:nssutil3',
'<(DEPTH)/lib/ssl/ssl.gyp:ssl3',
'<(DEPTH)/lib/nss/nss.gyp:nss3',
+ '<(DEPTH)/lib/smime/smime.gyp:smime3',
]
}
],
diff --git a/security/nss/gtests/certdb_gtest/decode_certs_unittest.cc b/security/nss/gtests/certdb_gtest/decode_certs_unittest.cc
new file mode 100644
index 000000000..405194edc
--- /dev/null
+++ b/security/nss/gtests/certdb_gtest/decode_certs_unittest.cc
@@ -0,0 +1,28 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "gtest/gtest.h"
+
+#include "cert.h"
+#include "prerror.h"
+#include "secerr.h"
+
+class DecodeCertsTest : public ::testing::Test {};
+
+TEST_F(DecodeCertsTest, EmptyCertPackage) {
+ // This represents a PKCS#7 ContentInfo with a contentType of
+ // '2.16.840.1.113730.2.5' (Netscape data-type cert-sequence) and a content
+ // consisting of an empty SEQUENCE. This is valid ASN.1, but it contains no
+ // certificates, so CERT_DecodeCertFromPackage should just return a null
+ // pointer.
+ unsigned char emptyCertPackage[] = {0x30, 0x0f, 0x06, 0x09, 0x60, 0x86,
+ 0x48, 0x01, 0x86, 0xf8, 0x42, 0x02,
+ 0x05, 0xa0, 0x02, 0x30, 0x00};
+ EXPECT_EQ(nullptr, CERT_DecodeCertFromPackage(
+ reinterpret_cast<char*>(emptyCertPackage),
+ sizeof(emptyCertPackage)));
+ EXPECT_EQ(SEC_ERROR_BAD_DER, PR_GetError());
+}
diff --git a/security/nss/gtests/certdb_gtest/manifest.mn b/security/nss/gtests/certdb_gtest/manifest.mn
index 4a3a1fda0..c95cf991f 100644
--- a/security/nss/gtests/certdb_gtest/manifest.mn
+++ b/security/nss/gtests/certdb_gtest/manifest.mn
@@ -8,6 +8,8 @@ MODULE = nss
CPPSRCS = \
alg1485_unittest.cc \
+ cert_unittest.cc \
+ decode_certs_unittest.cc \
$(NULL)
INCLUDES += -I$(CORE_DEPTH)/gtests/google_test/gtest/include \