cert_test_util.h revision 5f1c94371a64b3196d4be9466099bb892df9b88e
1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_TEST_CERT_TEST_UTIL_H_
6#define NET_TEST_CERT_TEST_UTIL_H_
7
8#include <string>
9
10#include "base/memory/ref_counted.h"
11#include "net/cert/x509_cert_types.h"
12#include "net/cert/x509_certificate.h"
13
14#if defined(USE_NSS)
15#include "base/memory/scoped_ptr.h"
16
17// From <pk11pub.h>
18typedef struct PK11SlotInfoStr PK11SlotInfo;
19#endif
20
21namespace base {
22class FilePath;
23}
24
25namespace crypto {
26class RSAPrivateKey;
27}
28
29namespace net {
30
31class EVRootCAMetadata;
32
33#if defined(USE_NSS)
34// Imports a private key from file |key_filename| in |dir|. The file must
35// contain a PKCS#8 PrivateKeyInfo in DER encoding. The key is imported to
36// |slot|.
37scoped_ptr<crypto::RSAPrivateKey> ImportSensitiveKeyFromFile(
38    const base::FilePath& dir,
39    const std::string& key_filename,
40    PK11SlotInfo* slot);
41
42bool ImportClientCertToSlot(const scoped_refptr<X509Certificate>& cert,
43                            PK11SlotInfo* slot);
44
45scoped_refptr<X509Certificate> ImportClientCertAndKeyFromFile(
46    const base::FilePath& dir,
47    const std::string& cert_filename,
48    const std::string& key_filename,
49    PK11SlotInfo* slot);
50#endif
51
52// Imports all of the certificates in |cert_file|, a file in |certs_dir|, into a
53// CertificateList.
54CertificateList CreateCertificateListFromFile(const base::FilePath& certs_dir,
55                                              const std::string& cert_file,
56                                              int format);
57
58// Imports all of the certificates in |cert_file|, a file in |certs_dir|, into
59// a new X509Certificate. The first certificate in the chain will be used for
60// the returned cert, with any additional certificates configured as
61// intermediate certificates.
62scoped_refptr<X509Certificate> CreateCertificateChainFromFile(
63    const base::FilePath& certs_dir,
64    const std::string& cert_file,
65    int format);
66
67// Imports a single certificate from |cert_file|.
68// |certs_dir| represents the test certificates directory. |cert_file| is the
69// name of the certificate file. If cert_file contains multiple certificates,
70// the first certificate found will be returned.
71scoped_refptr<X509Certificate> ImportCertFromFile(const base::FilePath& certs_dir,
72                                                  const std::string& cert_file);
73
74// ScopedTestEVPolicy causes certificates marked with |policy|, issued from a
75// root with the given fingerprint, to be treated as EV. |policy| is expressed
76// as a string of dotted numbers: i.e. "1.2.3.4".
77// This should only be used in unittests as adding a CA twice causes a CHECK
78// failure.
79class ScopedTestEVPolicy {
80 public:
81  ScopedTestEVPolicy(EVRootCAMetadata* ev_root_ca_metadata,
82                     const SHA1HashValue& fingerprint,
83                     const char* policy);
84  ~ScopedTestEVPolicy();
85
86 private:
87  SHA1HashValue fingerprint_;
88  EVRootCAMetadata* const ev_root_ca_metadata_;
89};
90
91}  // namespace net
92
93#endif  // NET_TEST_CERT_TEST_UTIL_H_
94