net/test/cert_test_util.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_TEST_CERT_TEST_UTIL_H_
   6 #define NET_TEST_CERT_TEST_UTIL_H_
   7
   8 #include <string>
   9
  10 #include "base/memory/ref_counted.h"
  11 #include "net/cert/x509_cert_types.h"
  12 #include "net/cert/x509_certificate.h"
  13
  14 #if defined(USE_NSS_CERTS)
  15 // From <pk11pub.h>
  16 typedef struct PK11SlotInfoStr PK11SlotInfo;
  17 #endif
  18
  19 namespace base {
  20 class FilePath;
  21 }
  22
  23 namespace crypto {
  24 class RSAPrivateKey;
  25 }
  26
  27 namespace net {
  28
  29 class EVRootCAMetadata;
  30
  31 #if defined(USE_NSS_CERTS)
  32 // Imports a private key from file |key_filename| in |dir| into |slot|. The file
  33 // must contain a PKCS#8 PrivateKeyInfo in DER encoding. Returns true on success
  34 // and false on failure.
  35 bool ImportSensitiveKeyFromFile(const base::FilePath& dir,
  36                                 const std::string& key_filename,
  37                                 PK11SlotInfo* slot);
  38
  39 bool ImportClientCertToSlot(const scoped_refptr<X509Certificate>& cert,
  40                             PK11SlotInfo* slot);
  41
  42 scoped_refptr<X509Certificate> ImportClientCertAndKeyFromFile(
  43     const base::FilePath& dir,
  44     const std::string& cert_filename,
  45     const std::string& key_filename,
  46     PK11SlotInfo* slot);
  47 #endif
  48
  49 // Imports all of the certificates in |cert_file|, a file in |certs_dir|, into a
  50 // CertificateList.
  51 CertificateList CreateCertificateListFromFile(const base::FilePath& certs_dir,
  52                                               const std::string& cert_file,
  53                                               int format);
  54
  55 // Imports all of the certificates in |cert_file|, a file in |certs_dir|, into
  56 // a new X509Certificate. The first certificate in the chain will be used for
  57 // the returned cert, with any additional certificates configured as
  58 // intermediate certificates.
  59 scoped_refptr<X509Certificate> CreateCertificateChainFromFile(
  60     const base::FilePath& certs_dir,
  61     const std::string& cert_file,
  62     int format);
  63
  64 // Imports a single certificate from |cert_file|.
  65 // |certs_dir| represents the test certificates directory. |cert_file| is the
  66 // name of the certificate file. If cert_file contains multiple certificates,
  67 // the first certificate found will be returned.
  68 scoped_refptr<X509Certificate> ImportCertFromFile(const base::FilePath& certs_dir,
  69                                                   const std::string& cert_file);
  70
  71 // ScopedTestEVPolicy causes certificates marked with |policy|, issued from a
  72 // root with the given fingerprint, to be treated as EV. |policy| is expressed
  73 // as a string of dotted numbers: i.e. "1.2.3.4".
  74 // This should only be used in unittests as adding a CA twice causes a CHECK
  75 // failure.
  76 class ScopedTestEVPolicy {
  77  public:
  78   ScopedTestEVPolicy(EVRootCAMetadata* ev_root_ca_metadata,
  79                      const SHA1HashValue& fingerprint,
  80                      const char* policy);
  81   ~ScopedTestEVPolicy();
  82
  83  private:
  84   SHA1HashValue fingerprint_;
  85   EVRootCAMetadata* const ev_root_ca_metadata_;
  86 };
  87
  88 }  // namespace net
  89
  90 #endif  // NET_TEST_CERT_TEST_UTIL_H_