Bug 1048642, Part 2: Change GenerateKeyPair return type from SECStatus to Result, r=cviecco

--HG--
extra : rebase_source : 652277e952d224175ea57d4509124ff8180440cb

security/pkix/test/gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp

@@ -114,39 +114,29 @@ protected:
   }
 
   // The resultant issuerDER and issuerSPKI are owned by the arena.
-  SECStatus MakeIssuerCertIDComponents(const char* issuerASCII,
-                                       /*out*/ Input& issuerDER,
-                                       /*out*/ Input& issuerSPKI)
+  void MakeIssuerCertIDComponents(const char* issuerASCII,
+                                  /*out*/ Input& issuerDER,
+                                  /*out*/ Input& issuerSPKI)
   {
     const SECItem* issuerDERSECItem = ASCIIToDERName(arena.get(), issuerASCII);
-    if (!issuerDERSECItem) {
-      return SECFailure;
-    }
-    if (issuerDER.Init(issuerDERSECItem->data, issuerDERSECItem->len)
-          != Success) {
-      return SECFailure;
-    }
+    ASSERT_TRUE(issuerDERSECItem);
+    ASSERT_EQ(Success,
+              issuerDER.Init(issuerDERSECItem->data, issuerDERSECItem->len));
 
     ScopedSECKEYPublicKey issuerPublicKey;
     ScopedSECKEYPrivateKey issuerPrivateKey;
-    if (GenerateKeyPair(issuerPublicKey, issuerPrivateKey) != SECSuccess) {
-      return SECFailure;
-    }
+    ASSERT_EQ(Success, GenerateKeyPair(issuerPublicKey, issuerPrivateKey));
+
     ScopedSECItem issuerSPKIOriginal(
       SECKEY_EncodeDERSubjectPublicKeyInfo(issuerPublicKey.get()));
-    if (!issuerSPKIOriginal) {
-      return SECFailure;
-    }
-    SECItem issuerSPKICopy;
-    if (SECITEM_CopyItem(arena.get(), &issuerSPKICopy,
-                         issuerSPKIOriginal.get()) != SECSuccess) {
-      return SECFailure;
-    }
-    if (issuerSPKI.Init(issuerSPKICopy.data, issuerSPKICopy.len) != Success) {
-      return SECFailure;
-    }
+    ASSERT_TRUE(issuerSPKIOriginal);
 
-    return SECSuccess;
+    SECItem issuerSPKICopy;
+    ASSERT_EQ(SECSuccess,
+              SECITEM_CopyItem(arena.get(), &issuerSPKICopy,
+                               issuerSPKIOriginal.get()));
+    ASSERT_EQ(Success,
+              issuerSPKI.Init(issuerSPKICopy.data, issuerSPKICopy.len));
   }
 
   CreateEncodedOCSPRequestTrustDomain trustDomain;
@@ -158,8 +148,7 @@ TEST_F(pkixocsp_CreateEncodedOCSPRequest, ChildCertLongSerialNumberTest)
 {
   Input issuerDER;
   Input issuerSPKI;
-  ASSERT_EQ(SECSuccess,
-            MakeIssuerCertIDComponents("CN=CA", issuerDER, issuerSPKI));
+  MakeIssuerCertIDComponents("CN=CA", issuerDER, issuerSPKI);
   Input serialNumber;
   ASSERT_EQ(Success, serialNumber.Init(unsupportedLongSerialNumber->data,
                                        unsupportedLongSerialNumber->len));
@@ -178,8 +167,7 @@ TEST_F(pkixocsp_CreateEncodedOCSPRequest, LongestSupportedSerialNumberTest)
 {
   Input issuerDER;
   Input issuerSPKI;
-  ASSERT_EQ(SECSuccess,
-            MakeIssuerCertIDComponents("CN=CA", issuerDER, issuerSPKI));
+  MakeIssuerCertIDComponents("CN=CA", issuerDER, issuerSPKI);
   Input serialNumber;
   ASSERT_EQ(Success, serialNumber.Init(longestRequiredSerialNumber->data,
                                        longestRequiredSerialNumber->len));

security/pkix/test/gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp

@@ -108,7 +108,7 @@ public:
   static bool SetUpTestCaseInner()
   {
     ScopedSECKEYPublicKey rootPublicKey;
-    if (GenerateKeyPair(rootPublicKey, rootPrivateKey) != SECSuccess) {
+    if (GenerateKeyPair(rootPublicKey, rootPrivateKey) != Success) {
       return false;
     }
     rootSPKI = SECKEY_EncodeDERSubjectPublicKeyInfo(rootPublicKey.get());
@@ -490,8 +490,8 @@ TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder,
 {
   ScopedSECKEYPublicKey missingSignerPublicKey;
   ScopedSECKEYPrivateKey missingSignerPrivateKey;
-  ASSERT_SECSuccess(GenerateKeyPair(missingSignerPublicKey,
-                                    missingSignerPrivateKey));
+  ASSERT_EQ(Success, GenerateKeyPair(missingSignerPublicKey,
+                                     missingSignerPrivateKey));
   Input response(CreateEncodedOCSPSuccessfulResponse(
                          OCSPResponseContext::good, *endEntityCertID, byKey,
                          missingSignerPrivateKey, pr_oneDayBeforeNow,
@@ -509,8 +509,8 @@ TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder,
 {
   ScopedSECKEYPublicKey missingSignerPublicKey;
   ScopedSECKEYPrivateKey missingSignerPrivateKey;
-  ASSERT_SECSuccess(GenerateKeyPair(missingSignerPublicKey,
-                                    missingSignerPrivateKey));
+  ASSERT_EQ(Success, GenerateKeyPair(missingSignerPublicKey,
+                                     missingSignerPrivateKey));
   Input response(CreateEncodedOCSPSuccessfulResponse(
                          OCSPResponseContext::good, *endEntityCertID,
                          "CN=missing", missingSignerPrivateKey,
@@ -653,7 +653,7 @@ TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, good_unknown_issuer)
   // unknown issuer
   ScopedSECKEYPublicKey unknownPublicKey;
   ScopedSECKEYPrivateKey unknownPrivateKey;
-  ASSERT_SECSuccess(GenerateKeyPair(unknownPublicKey, unknownPrivateKey));
+  ASSERT_EQ(Success, GenerateKeyPair(unknownPublicKey, unknownPrivateKey));
 
   // Delegated responder cert signed by unknown issuer
   static const SECOidTag signerEKU = SEC_OID_OCSP_RESPONDER;

security/pkix/test/lib/pkixtestutil.cpp

@@ -664,13 +664,13 @@ MaybeLogOutput(SECItem* result, const char* suffix)
 ///////////////////////////////////////////////////////////////////////////////
 // Key Pairs
 
-SECStatus
+Result
 GenerateKeyPair(/*out*/ ScopedSECKEYPublicKey& publicKey,
                 /*out*/ ScopedSECKEYPrivateKey& privateKey)
 {
   ScopedPtr<PK11SlotInfo, PK11_FreeSlot> slot(PK11_GetInternalSlot());
   if (!slot) {
-    return SECFailure;
+    return MapPRErrorCodeToResult(PR_GetError());
   }
 
   // Bug 1012786: PK11_GenerateKeyPair can fail if there is insufficient
@@ -687,21 +687,22 @@ GenerateKeyPair(/*out*/ ScopedSECKEYPublicKey& publicKey,
     if (privateKey) {
       publicKey = publicKeyTemp;
       assert(publicKey);
-      return SECSuccess;
+      return Success;
     }
 
     assert(!publicKeyTemp);
 
     if (PR_GetError() != SEC_ERROR_PKCS11_FUNCTION_FAILED) {
-      return SECFailure;
+      break;
     }
 
     PRTime now = PR_Now();
     if (PK11_RandomUpdate(&now, sizeof(PRTime)) != SECSuccess) {
-      return SECFailure;
+      break;
     }
   }
-  return SECFailure;
+
+  return MapPRErrorCodeToResult(PR_GetError());
 }
 
 
@@ -742,7 +743,7 @@ CreateEncodedCertificate(PLArenaPool* arena, long version,
   // privateKeyResult until after we're done with issuerPrivateKey.
   ScopedSECKEYPublicKey publicKey;
   ScopedSECKEYPrivateKey privateKeyTemp;
-  if (GenerateKeyPair(publicKey, privateKeyTemp) != SECSuccess) {
+  if (GenerateKeyPair(publicKey, privateKeyTemp) != Success) {
     return nullptr;
   }
 

security/pkix/test/lib/pkixtestutil.h

@@ -79,8 +79,8 @@ extern const PRTime ONE_DAY;
 mozilla::pkix::Time YMDHMS(int16_t year, int16_t month, int16_t day,
                            int16_t hour, int16_t minutes, int16_t seconds);
 
-SECStatus GenerateKeyPair(/*out*/ ScopedSECKEYPublicKey& publicKey,
-                          /*out*/ ScopedSECKEYPrivateKey& privateKey);
+Result GenerateKeyPair(/*out*/ ScopedSECKEYPublicKey& publicKey,
+                       /*out*/ ScopedSECKEYPrivateKey& privateKey);
 
 // The result will be owned by the arena
 const SECItem* ASCIIToDERName(PLArenaPool* arena, const char* cn);