OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "ios/web/net/crw_cert_verification_controller.h" | |
6 | |
7 #include "base/mac/bind_objc_block.h" | |
8 #include "base/message_loop/message_loop.h" | |
9 #include "base/test/ios/wait_util.h" | |
10 #include "ios/web/public/web_thread.h" | |
11 #include "ios/web/test/web_test.h" | |
12 #include "net/base/test_data_directory.h" | |
13 #include "net/cert/mock_cert_verifier.h" | |
14 #include "net/cert/x509_certificate.h" | |
15 #include "net/test/cert_test_util.h" | |
16 #include "net/url_request/url_request_context.h" | |
17 #include "net/url_request/url_request_context_getter.h" | |
18 | |
19 namespace web { | |
20 | |
21 namespace { | |
davidben
2015/09/03 18:34:27
Nit: newline here (or remove the newline in line 2
Eugene But (OOO till 7-30)
2015/09/03 18:59:05
Removed the newline in line 26.
| |
22 // Generated cert filename. | |
23 const char kCertFileName[] = "ok_cert.pem"; | |
24 // Test hostname for cert verification. | |
25 NSString* const kHostName = @"www.example.com"; | |
26 | |
27 } // namespace | |
28 | |
29 // Test fixture to test CRWCertVerificationController class. | |
30 class CRWCertVerificationControllerTest : public web::WebTest { | |
31 protected: | |
32 void SetUp() override { | |
33 web::WebTest::SetUp(); | |
34 | |
35 web::BrowserState* browser_state = GetBrowserState(); | |
36 net::URLRequestContextGetter* getter = browser_state->GetRequestContext(); | |
37 web::WebThread::PostTask(web::WebThread::IO, FROM_HERE, base::BindBlock(^{ | |
38 getter->GetURLRequestContext()->set_cert_verifier(&cert_verifier_); | |
39 })); | |
40 | |
41 controller_.reset([[CRWCertVerificationController alloc] | |
42 initWithBrowserState:browser_state]); | |
43 cert_ = | |
44 net::ImportCertFromFile(net::GetTestCertsDirectory(), kCertFileName); | |
45 } | |
46 | |
47 void TearDown() override { | |
48 [controller_ shutDown]; | |
49 web::WebTest::TearDown(); | |
50 } | |
51 | |
52 // Synchronously returns result of decidePolicyForCert:host:completionHandler: | |
53 // call. | |
54 void DecidePolicy(const scoped_refptr<net::X509Certificate>& cert, | |
55 NSString* host, | |
56 web::CertAcceptPolicy* policy, | |
57 net::CertStatus* status) { | |
58 __block bool completion_handler_called = false; | |
59 [controller_ decidePolicyForCert:cert | |
60 host:host | |
61 completionHandler:^(web::CertAcceptPolicy callback_policy, | |
62 net::CertStatus callback_status) { | |
63 *policy = callback_policy; | |
64 *status = callback_status; | |
65 completion_handler_called = true; | |
66 }]; | |
67 base::test::ios::WaitUntilCondition(^{ | |
68 return completion_handler_called; | |
69 }, base::MessageLoop::current(), base::TimeDelta()); | |
70 } | |
71 | |
72 scoped_refptr<net::X509Certificate> cert_; | |
73 net::MockCertVerifier cert_verifier_; | |
74 base::scoped_nsobject<CRWCertVerificationController> controller_; | |
75 }; | |
76 | |
77 // Tests cert policy with a valid cert. | |
78 TEST_F(CRWCertVerificationControllerTest, ValidCert) { | |
79 net::CertVerifyResult verify_result; | |
80 verify_result.cert_status = CERT_STATUS_NO_REVOCATION_MECHANISM; | |
81 verify_result.verified_cert = cert_; | |
82 cert_verifier_.AddResultForCertAndHost(cert_.get(), [kHostName UTF8String], | |
83 verify_result, net::OK); | |
84 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_ERROR; | |
85 net::CertStatus status; | |
86 DecidePolicy(cert_, kHostName, &policy, &status); | |
87 EXPECT_EQ(CERT_ACCEPT_POLICY_ALLOW, policy); | |
88 EXPECT_EQ(verify_result.cert_status, status); | |
89 } | |
90 | |
91 // Tests cert policy with an invalid cert. | |
92 TEST_F(CRWCertVerificationControllerTest, InvalidCert) { | |
93 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_ERROR; | |
94 net::CertStatus status; | |
95 DecidePolicy(cert_, kHostName, &policy, &status); | |
96 EXPECT_EQ(CERT_ACCEPT_POLICY_DENY, policy); | |
97 } | |
98 | |
99 // Tests cert policy with null cert. | |
100 TEST_F(CRWCertVerificationControllerTest, NullCert) { | |
101 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_ERROR; | |
102 net::CertStatus status; | |
103 DecidePolicy(nullptr, kHostName, &policy, &status); | |
104 EXPECT_EQ(CERT_ACCEPT_POLICY_ERROR, policy); | |
105 } | |
106 | |
107 // Tests cert policy with null cert and null host. | |
108 TEST_F(CRWCertVerificationControllerTest, NullHost) { | |
109 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_ERROR; | |
110 net::CertStatus status; | |
111 DecidePolicy(cert_, nil, &policy, &status); | |
112 EXPECT_EQ(CERT_ACCEPT_POLICY_ERROR, policy); | |
113 } | |
114 | |
115 } // namespace web | |
OLD | NEW |