[email protected] | e54d0af | 2012-03-03 01:07:15 | [diff] [blame] | 1 | // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
[email protected] | c81d9dcc | 2010-03-17 00:51:44 | [diff] [blame] | 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
[email protected] | 6e7845ae | 2013-03-29 21:48:11 | [diff] [blame] | 5 | #ifndef NET_TEST_CERT_TEST_UTIL_H_ |
| 6 | #define NET_TEST_CERT_TEST_UTIL_H_ |
[email protected] | c81d9dcc | 2010-03-17 00:51:44 | [diff] [blame] | 7 | |
[email protected] | 32765f8 | 2010-12-16 00:01:37 | [diff] [blame] | 8 | #include <string> |
| 9 | |
[email protected] | 3b63f8f4 | 2011-03-28 01:54:15 | [diff] [blame] | 10 | #include "base/memory/ref_counted.h" |
[email protected] | 6e7845ae | 2013-03-29 21:48:11 | [diff] [blame] | 11 | #include "net/cert/x509_cert_types.h" |
| 12 | #include "net/cert/x509_certificate.h" |
[email protected] | c81d9dcc | 2010-03-17 00:51:44 | [diff] [blame] | 13 | |
davidben | 71f35ff | 2015-04-17 20:54:48 | [diff] [blame] | 14 | #if defined(USE_NSS_CERTS) |
[email protected] | 83e1ae3 | 2014-07-18 10:57:07 | [diff] [blame] | 15 | // From <pk11pub.h> |
| 16 | typedef struct PK11SlotInfoStr PK11SlotInfo; |
| 17 | #endif |
| 18 | |
[email protected] | a3ef483 | 2013-02-02 05:12:33 | [diff] [blame] | 19 | namespace base { |
[email protected] | 864b136 | 2010-08-19 03:49:38 | [diff] [blame] | 20 | class FilePath; |
[email protected] | a3ef483 | 2013-02-02 05:12:33 | [diff] [blame] | 21 | } |
[email protected] | 864b136 | 2010-08-19 03:49:38 | [diff] [blame] | 22 | |
[email protected] | 83e1ae3 | 2014-07-18 10:57:07 | [diff] [blame] | 23 | namespace crypto { |
| 24 | class RSAPrivateKey; |
| 25 | } |
| 26 | |
[email protected] | c81d9dcc | 2010-03-17 00:51:44 | [diff] [blame] | 27 | namespace net { |
| 28 | |
[email protected] | 7d015e4 | 2012-03-14 16:15:12 | [diff] [blame] | 29 | class EVRootCAMetadata; |
| 30 | |
davidben | 71f35ff | 2015-04-17 20:54:48 | [diff] [blame] | 31 | #if defined(USE_NSS_CERTS) |
davidben | 85bad9e | 2015-05-11 20:20:10 | [diff] [blame^] | 32 | // Imports a private key from file |key_filename| in |dir| into |slot|. The file |
| 33 | // must contain a PKCS#8 PrivateKeyInfo in DER encoding. Returns true on success |
| 34 | // and false on failure. |
| 35 | bool ImportSensitiveKeyFromFile(const base::FilePath& dir, |
| 36 | const std::string& key_filename, |
| 37 | PK11SlotInfo* slot); |
[email protected] | cc9b29fb | 2014-08-02 11:52:26 | [diff] [blame] | 38 | |
| 39 | bool ImportClientCertToSlot(const scoped_refptr<X509Certificate>& cert, |
| 40 | PK11SlotInfo* slot); |
| 41 | |
| 42 | scoped_refptr<X509Certificate> ImportClientCertAndKeyFromFile( |
| 43 | const base::FilePath& dir, |
| 44 | const std::string& cert_filename, |
| 45 | const std::string& key_filename, |
| 46 | PK11SlotInfo* slot); |
[email protected] | 83e1ae3 | 2014-07-18 10:57:07 | [diff] [blame] | 47 | #endif |
| 48 | |
| 49 | // Imports all of the certificates in |cert_file|, a file in |certs_dir|, into a |
| 50 | // CertificateList. |
[email protected] | a3ef483 | 2013-02-02 05:12:33 | [diff] [blame] | 51 | CertificateList CreateCertificateListFromFile(const base::FilePath& certs_dir, |
[email protected] | e54d0af | 2012-03-03 01:07:15 | [diff] [blame] | 52 | const std::string& cert_file, |
| 53 | int format); |
| 54 | |
[email protected] | 1f11d6f | 2013-11-24 22:33:00 | [diff] [blame] | 55 | // Imports all of the certificates in |cert_file|, a file in |certs_dir|, into |
| 56 | // a new X509Certificate. The first certificate in the chain will be used for |
| 57 | // the returned cert, with any additional certificates configured as |
| 58 | // intermediate certificates. |
| 59 | scoped_refptr<X509Certificate> CreateCertificateChainFromFile( |
| 60 | const base::FilePath& certs_dir, |
| 61 | const std::string& cert_file, |
| 62 | int format); |
| 63 | |
| 64 | // Imports a single certificate from |cert_file|. |
[email protected] | 42fdb45 | 2012-11-01 12:44:40 | [diff] [blame] | 65 | // |certs_dir| represents the test certificates directory. |cert_file| is the |
[email protected] | 32765f8 | 2010-12-16 00:01:37 | [diff] [blame] | 66 | // name of the certificate file. If cert_file contains multiple certificates, |
| 67 | // the first certificate found will be returned. |
[email protected] | a3ef483 | 2013-02-02 05:12:33 | [diff] [blame] | 68 | scoped_refptr<X509Certificate> ImportCertFromFile(const base::FilePath& certs_dir, |
[email protected] | 32765f8 | 2010-12-16 00:01:37 | [diff] [blame] | 69 | const std::string& cert_file); |
[email protected] | c81d9dcc | 2010-03-17 00:51:44 | [diff] [blame] | 70 | |
[email protected] | 7d015e4 | 2012-03-14 16:15:12 | [diff] [blame] | 71 | // ScopedTestEVPolicy causes certificates marked with |policy|, issued from a |
| 72 | // root with the given fingerprint, to be treated as EV. |policy| is expressed |
| 73 | // as a string of dotted numbers: i.e. "1.2.3.4". |
| 74 | // This should only be used in unittests as adding a CA twice causes a CHECK |
| 75 | // failure. |
| 76 | class ScopedTestEVPolicy { |
| 77 | public: |
| 78 | ScopedTestEVPolicy(EVRootCAMetadata* ev_root_ca_metadata, |
[email protected] | ede0321 | 2012-09-07 12:52:26 | [diff] [blame] | 79 | const SHA1HashValue& fingerprint, |
[email protected] | 7d015e4 | 2012-03-14 16:15:12 | [diff] [blame] | 80 | const char* policy); |
| 81 | ~ScopedTestEVPolicy(); |
| 82 | |
| 83 | private: |
[email protected] | ede0321 | 2012-09-07 12:52:26 | [diff] [blame] | 84 | SHA1HashValue fingerprint_; |
[email protected] | 7d015e4 | 2012-03-14 16:15:12 | [diff] [blame] | 85 | EVRootCAMetadata* const ev_root_ca_metadata_; |
| 86 | }; |
| 87 | |
[email protected] | c81d9dcc | 2010-03-17 00:51:44 | [diff] [blame] | 88 | } // namespace net |
| 89 | |
[email protected] | 6e7845ae | 2013-03-29 21:48:11 | [diff] [blame] | 90 | #endif // NET_TEST_CERT_TEST_UTIL_H_ |