net/test/cert_test_util.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_TEST_CERT_TEST_UTIL_H_
   6 #define NET_TEST_CERT_TEST_UTIL_H_
   7
   8 #include <string>
   9
  10 #include "base/memory/ref_counted.h"
  11 #include "net/cert/x509_cert_types.h"
  12 #include "net/cert/x509_certificate.h"
  13
  14 #if defined(USE_NSS)
  15 #include "base/memory/scoped_ptr.h"
  16
  17 // From <pk11pub.h>
  18 typedef struct PK11SlotInfoStr PK11SlotInfo;
  19 #endif
  20
  21 namespace base {
  22 class FilePath;
  23 }
  24
  25 namespace crypto {
  26 class RSAPrivateKey;
  27 }
  28
  29 namespace net {
  30
  31 class EVRootCAMetadata;
  32
  33 #if defined(USE_NSS)
  34 // Imports a private key from file |key_filename| in |dir|. The file must
  35 // contain a PKCS#8 PrivateKeyInfo in DER encoding. The key is imported to
  36 // |slot|.
  37 scoped_ptr<crypto::RSAPrivateKey> ImportSensitiveKeyFromFile(
  38     const base::FilePath& dir,
  39     const std::string& key_filename,
  40     PK11SlotInfo* slot);
  41
  42 bool ImportClientCertToSlot(const scoped_refptr<X509Certificate>& cert,
  43                             PK11SlotInfo* slot);
  44
  45 scoped_refptr<X509Certificate> ImportClientCertAndKeyFromFile(
  46     const base::FilePath& dir,
  47     const std::string& cert_filename,
  48     const std::string& key_filename,
  49     PK11SlotInfo* slot);
  50 #endif
  51
  52 // Imports all of the certificates in |cert_file|, a file in |certs_dir|, into a
  53 // CertificateList.
  54 CertificateList CreateCertificateListFromFile(const base::FilePath& certs_dir,
  55                                               const std::string& cert_file,
  56                                               int format);
  57
  58 // Imports all of the certificates in |cert_file|, a file in |certs_dir|, into
  59 // a new X509Certificate. The first certificate in the chain will be used for
  60 // the returned cert, with any additional certificates configured as
  61 // intermediate certificates.
  62 scoped_refptr<X509Certificate> CreateCertificateChainFromFile(
  63     const base::FilePath& certs_dir,
  64     const std::string& cert_file,
  65     int format);
  66
  67 // Imports a single certificate from |cert_file|.
  68 // |certs_dir| represents the test certificates directory. |cert_file| is the
  69 // name of the certificate file. If cert_file contains multiple certificates,
  70 // the first certificate found will be returned.
  71 scoped_refptr<X509Certificate> ImportCertFromFile(const base::FilePath& certs_dir,
  72                                                   const std::string& cert_file);
  73
  74 // ScopedTestEVPolicy causes certificates marked with |policy|, issued from a
  75 // root with the given fingerprint, to be treated as EV. |policy| is expressed
  76 // as a string of dotted numbers: i.e. "1.2.3.4".
  77 // This should only be used in unittests as adding a CA twice causes a CHECK
  78 // failure.
  79 class ScopedTestEVPolicy {
  80  public:
  81   ScopedTestEVPolicy(EVRootCAMetadata* ev_root_ca_metadata,
  82                      const SHA1HashValue& fingerprint,
  83                      const char* policy);
  84   ~ScopedTestEVPolicy();
  85
  86  private:
  87   SHA1HashValue fingerprint_;
  88   EVRootCAMetadata* const ev_root_ca_metadata_;
  89 };
  90
  91 }  // namespace net
  92
  93 #endif  // NET_TEST_CERT_TEST_UTIL_H_