net/test/cert_test_util.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_TEST_CERT_TEST_UTIL_H_
   6 #define NET_TEST_CERT_TEST_UTIL_H_
   7
   8 #include <string>
   9
  10 #include "base/memory/ref_counted.h"
  11 #include "net/cert/x509_cert_types.h"
  12 #include "net/cert/x509_certificate.h"
  13
  14 #if defined(USE_NSS)
  15 #include "base/memory/scoped_ptr.h"
  16
  17 // From <pk11pub.h>
  18 typedef struct PK11SlotInfoStr PK11SlotInfo;
  19 #endif
  20
  21 namespace base {
  22 class FilePath;
  23 }
  24
  25 namespace crypto {
  26 class RSAPrivateKey;
  27 }
  28
  29 namespace net {
  30
  31 class EVRootCAMetadata;
  32
  33 #if defined(USE_NSS)
  34 // Imports a private key from file |key_filename| in |dir|. The file must
  35 // contain a PKCS#8 PrivateKeyInfo in DER encoding. The key is imported to
  36 // |slot|.
  37 scoped_ptr<crypto::RSAPrivateKey> ImportSensitiveKeyFromFile(
  38     const base::FilePath& dir,
  39     const std::string& key_filename,
  40     PK11SlotInfo* slot);
  41 #endif
  42
  43 // Imports all of the certificates in |cert_file|, a file in |certs_dir|, into a
  44 // CertificateList.
  45 CertificateList CreateCertificateListFromFile(const base::FilePath& certs_dir,
  46                                               const std::string& cert_file,
  47                                               int format);
  48
  49 // Imports all of the certificates in |cert_file|, a file in |certs_dir|, into
  50 // a new X509Certificate. The first certificate in the chain will be used for
  51 // the returned cert, with any additional certificates configured as
  52 // intermediate certificates.
  53 scoped_refptr<X509Certificate> CreateCertificateChainFromFile(
  54     const base::FilePath& certs_dir,
  55     const std::string& cert_file,
  56     int format);
  57
  58 // Imports a single certificate from |cert_file|.
  59 // |certs_dir| represents the test certificates directory. |cert_file| is the
  60 // name of the certificate file. If cert_file contains multiple certificates,
  61 // the first certificate found will be returned.
  62 scoped_refptr<X509Certificate> ImportCertFromFile(const base::FilePath& certs_dir,
  63                                                   const std::string& cert_file);
  64
  65 // ScopedTestEVPolicy causes certificates marked with |policy|, issued from a
  66 // root with the given fingerprint, to be treated as EV. |policy| is expressed
  67 // as a string of dotted numbers: i.e. "1.2.3.4".
  68 // This should only be used in unittests as adding a CA twice causes a CHECK
  69 // failure.
  70 class ScopedTestEVPolicy {
  71  public:
  72   ScopedTestEVPolicy(EVRootCAMetadata* ev_root_ca_metadata,
  73                      const SHA1HashValue& fingerprint,
  74                      const char* policy);
  75   ~ScopedTestEVPolicy();
  76
  77  private:
  78   SHA1HashValue fingerprint_;
  79   EVRootCAMetadata* const ev_root_ca_metadata_;
  80 };
  81
  82 }  // namespace net
  83
  84 #endif  // NET_TEST_CERT_TEST_UTIL_H_