diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/base/cert_database.h | 4 | ||||
| -rw-r--r-- | net/base/cert_database_nss.cc | 16 | ||||
| -rw-r--r-- | net/base/cert_database_nss_unittest.cc | 10 |
3 files changed, 30 insertions, 0 deletions
diff --git a/net/base/cert_database.h b/net/base/cert_database.h index 9570d15..dab72eb 100644 --- a/net/base/cert_database.h +++ b/net/base/cert_database.h @@ -69,6 +69,10 @@ class CertDatabase { int AddUserCert(X509Certificate* cert); #if defined(USE_NSS) + // Get a list of unique certificates in the certificate database. (One + // instance of all certificates.) + void ListCerts(CertificateList* certs); + // Import certificates and private keys from PKCS #12 blob. // Returns OK or a network error code such as ERR_PKCS12_IMPORT_BAD_PASSWORD // or ERR_PKCS12_IMPORT_ERROR. diff --git a/net/base/cert_database_nss.cc b/net/base/cert_database_nss.cc index b8be38c..5ce1389 100644 --- a/net/base/cert_database_nss.cc +++ b/net/base/cert_database_nss.cc @@ -89,6 +89,22 @@ int CertDatabase::AddUserCert(X509Certificate* cert_obj) { return OK; } +void CertDatabase::ListCerts(CertificateList* certs) { + certs->clear(); + + CERTCertList* cert_list = PK11_ListCerts(PK11CertListUnique, NULL); + CERTCertListNode* node; + for (node = CERT_LIST_HEAD(cert_list); + !CERT_LIST_END(node, cert_list); + node = CERT_LIST_NEXT(node)) { + certs->push_back(X509Certificate::CreateFromHandle( + node->cert, + X509Certificate::SOURCE_LONE_CERT_IMPORT, + X509Certificate::OSCertHandles())); + } + CERT_DestroyCertList(cert_list); +} + int CertDatabase::ImportFromPKCS12( const std::string& data, const string16& password) { return psm::nsPKCS12Blob_Import(data.data(), data.size(), password); diff --git a/net/base/cert_database_nss_unittest.cc b/net/base/cert_database_nss_unittest.cc index 45ac72c0..6aa7095 100644 --- a/net/base/cert_database_nss_unittest.cc +++ b/net/base/cert_database_nss_unittest.cc @@ -136,6 +136,16 @@ class CertDatabaseNSSTest : public testing::Test { // static bool CertDatabaseNSSTest::temp_db_initialized_ = false; +TEST_F(CertDatabaseNSSTest, ListCerts) { + // This test isn't terribly useful, though it will at least let valgrind test + // for leaks. + CertificateList certs; + cert_db_.ListCerts(&certs); + // The test DB is empty, but let's assume there will always be something in + // the other slots. + EXPECT_LT(0U, certs.size()); +} + TEST_F(CertDatabaseNSSTest, ImportFromPKCS12WrongPassword) { std::string pkcs12_data = ReadTestFile("client.p12"); |