Mercurial > trustbridge
diff ui/tests/nsstest.cpp @ 307:2fd69803d219
Complete InstRemove NSS test
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Thu, 03 Apr 2014 16:35:21 +0200 |
| parents | 4a3febc6d806 |
| children | ad28f6b60e6b |
line wrap: on
line diff
--- a/ui/tests/nsstest.cpp Thu Apr 03 15:30:25 2014 +0200 +++ b/ui/tests/nsstest.cpp Thu Apr 03 16:35:21 2014 +0200 @@ -1,21 +1,58 @@ +#include <cert.h> +#include <certdb.h> +#include <certt.h> + +#include <nss.h> +#include <pk11pub.h> + #include "nsstest.h" #include "nssstore.h" #include "strhelp.h" #include <QTest> -void NSSTest::initTestCase() { - /* Copy the empty nss db in the temporary dir */ - QFile::copy(":/nss/cert8.db", nssDir.path() + "/" +"cert8.db"); - QFile::copy(":/nss/key3.db", nssDir.path() + "/" +"key3.db"); - QFile::copy(":/nss/secmod.db", nssDir.path() + "/" +"secmod.db"); +QList<QByteArray> NSSTest::get_nss_certs (QTemporaryDir *nssDir) +{ + CERTCertList *list; + CERTCertListNode *node; + QList<QByteArray> retval; - QVERIFY(QFile::setPermissions(nssDir.path() + "/" +"cert8.db", + if (NSS_Initialize(nssDir->path().toLocal8Bit().constData(), + "", "", "secmod.db", NSS_INIT_READONLY) + == SECSuccess) + { + list = PK11_ListCerts(PK11CertListAll, NULL); + for (node = CERT_LIST_HEAD(list); !CERT_LIST_END(node, list); + node = CERT_LIST_NEXT(node)) { + retval << QByteArray((const char*)node->cert->derCert.data, + (int)node->cert->derCert.len); + } + CERT_DestroyCertList(list); + NSS_Shutdown(); + } + else + { + qDebug("Could not open nss certificate store!\n"); + } + return retval; +} + +void NSSTest::setupTestDir(QTemporaryDir *nssDir) +{ + /* Copy the empty nss db in the temporary dir */ + QFile::copy(":/nss/cert8.db", nssDir->path() + "/" +"cert8.db"); + QFile::copy(":/nss/key3.db", nssDir->path() + "/" +"key3.db"); + QFile::copy(":/nss/secmod.db", nssDir->path() + "/" +"secmod.db"); + + QVERIFY(QFile::setPermissions(nssDir->path() + "/" +"cert8.db", QFileDevice::ReadOwner | QFileDevice::WriteOwner)); - QVERIFY(QFile::setPermissions(nssDir.path() + "/" +"key3.db", + QVERIFY(QFile::setPermissions(nssDir->path() + "/" +"key3.db", QFileDevice::ReadOwner | QFileDevice::WriteOwner)); - QVERIFY(QFile::setPermissions(nssDir.path() + "/" +"secmod.db", + QVERIFY(QFile::setPermissions(nssDir->path() + "/" +"secmod.db", QFileDevice::ReadOwner | QFileDevice::WriteOwner)); +} + +void NSSTest::initTestCase() { /* Set up a temporary list */ QFile res(":/list-valid-signed.txt"); @@ -24,7 +61,8 @@ validListFile.write(res.readAll()); validListFile.close(); - nssDir.setAutoRemove(false); + setupTestDir(&ffNSSDir); + setupTestDir(&tbNSSDir); validList = CertificateList(validListFile.fileName().toLocal8Bit().data()); @@ -52,7 +90,7 @@ "[Profile0]" << endl << "Name=default" << endl << "IsRelative=1" << endl << - "Path=" << fakeFirefoxDir.relativeFilePath(nssDir.path()) << endl; + "Path=" << fakeFirefoxDir.relativeFilePath(ffNSSDir.path()) << endl; ffStream.flush(); mozProfile.close(); @@ -63,7 +101,7 @@ "[Profile102]" << endl << "Name=default" << endl << "IsRelative=0" << endl << - "Path=" << nssDir.path() << endl; + "Path=" << tbNSSDir.path() << endl; tbStream.flush(); tbProfile.close(); } @@ -74,6 +112,7 @@ QList<Certificate> instList; + /* Install all certificates */ foreach (const Certificate &cert, validList.getCertificates()) { if (!cert.isInstallCert()) continue; @@ -85,6 +124,74 @@ QVERIFY(write_stores_nss(to_install, to_remove) == 0); + { + /* Verify that everything is installed */ + QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir); + QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir); + + QVERIFY(installedCertsFF.size() == instList.size()); + QVERIFY(installedCertsFF == installedCertsTB); + + for (int i = 0; to_install[i]; i++) { + QByteArray bai = QByteArray::fromBase64(to_install[i]); + QVERIFY(installedCertsFF.contains(bai)); + } + } + + { + /* Remove one certificate */ + QVERIFY(instList.size() > 2); + strv_append (&to_remove, to_install[1], qstrlen(to_install[1])); + + QVERIFY(write_stores_nss(NULL, to_remove) == 0); + + QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir); + QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir); + + QVERIFY(installedCertsFF == installedCertsTB); + + QByteArray bai = QByteArray::fromBase64(to_install[1]); + QVERIFY(!installedCertsTB.contains(bai)); + + QVERIFY((size_t)installedCertsTB.size() == strv_length(to_install) - 1); + + for (int i = 0; to_install[i]; i++) { + if (i == 1) { + continue; + } + QByteArray bai = QByteArray::fromBase64(to_install[i]); + QVERIFY(installedCertsTB.contains(bai)); + } + } + + { + /* Readd all certificates check for duplication*/ + QVERIFY(write_stores_nss(to_install, NULL) == 0); + + QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir); + QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir); + + QVERIFY(installedCertsFF == installedCertsTB); + + QVERIFY((size_t)installedCertsTB.size() == strv_length(to_install)); + + for (int i = 0; to_install[i]; i++) { + QByteArray bai = QByteArray::fromBase64(to_install[i]); + QVERIFY(installedCertsTB.contains(bai)); + } + } + + { + /* Remove all certificates */ + QVERIFY(write_stores_nss(NULL, to_install) == 0); + + QList<QByteArray> installedCertsFF = get_nss_certs(&ffNSSDir); + QList<QByteArray> installedCertsTB = get_nss_certs(&tbNSSDir); + + QVERIFY(installedCertsFF == installedCertsTB); + + QVERIFY(installedCertsTB.size() == 0); + } } QTEST_GUILESS_MAIN (NSSTest);