ios/web/net/crw_cert_verification_controller_unittest.mm - Issue 1230033005: WKWebView: Added cert verification API to web controller.

Unified Diff: ios/web/net/crw_cert_verification_controller_unittest.mm

Issue 1230033005: WKWebView: Added cert verification API to web controller. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Resolved review comments Created 5 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« ios/web/net/crw_cert_verification_controller.mm ('K') | « ios/web/net/crw_cert_verification_controller.mm ('k') | ios/web/public/test/test_browser_state.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: ios/web/net/crw_cert_verification_controller_unittest.mm

diff --git a/ios/web/net/crw_cert_verification_controller_unittest.mm b/ios/web/net/crw_cert_verification_controller_unittest.mm

new file mode 100644

index 0000000000000000000000000000000000000000..3962441db4686876217eca0d0074f99df26104e6

--- /dev/null

+++ b/ios/web/net/crw_cert_verification_controller_unittest.mm

@@ -0,0 +1,115 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#include "ios/web/net/crw_cert_verification_controller.h"

+#include "base/mac/bind_objc_block.h"

+#include "base/message_loop/message_loop.h"

+#include "base/test/ios/wait_util.h"

+#include "ios/web/public/web_thread.h"

+#include "ios/web/test/web_test.h"

+#include "net/base/test_data_directory.h"

+#include "net/cert/mock_cert_verifier.h"

+#include "net/cert/x509_certificate.h"

+#include "net/test/cert_test_util.h"

+#include "net/url_request/url_request_context.h"

+#include "net/url_request/url_request_context_getter.h"

+namespace web {

+namespace {

davidben 2015/09/03 18:34:27 Nit: newline here (or remove the newline in line 2

Eugene But (OOO till 7-30) 2015/09/03 18:59:05 Removed the newline in line 26.

+// Generated cert filename.

+const char kCertFileName[] = "ok_cert.pem";

+// Test hostname for cert verification.

+NSString* const kHostName = @"www.example.com";

+} // namespace

+// Test fixture to test CRWCertVerificationController class.

+class CRWCertVerificationControllerTest : public web::WebTest {

+ protected:

+ void SetUp() override {

+ web::WebTest::SetUp();

+ web::BrowserState* browser_state = GetBrowserState();

+ net::URLRequestContextGetter* getter = browser_state->GetRequestContext();

+ web::WebThread::PostTask(web::WebThread::IO, FROM_HERE, base::BindBlock(^{

+ getter->GetURLRequestContext()->set_cert_verifier(&cert_verifier_);

+ }));

+ controller_.reset([[CRWCertVerificationController alloc]

+ initWithBrowserState:browser_state]);

+ cert_ =

+ net::ImportCertFromFile(net::GetTestCertsDirectory(), kCertFileName);

+ }

+ void TearDown() override {

+ [controller_ shutDown];

+ web::WebTest::TearDown();

+ }

+ // Synchronously returns result of decidePolicyForCert:host:completionHandler:

+ // call.

+ void DecidePolicy(const scoped_refptr<net::X509Certificate>& cert,

+ NSString* host,

+ web::CertAcceptPolicy* policy,

+ net::CertStatus* status) {

+ __block bool completion_handler_called = false;

+ [controller_ decidePolicyForCert:cert

+ host:host

+ completionHandler:^(web::CertAcceptPolicy callback_policy,

+ net::CertStatus callback_status) {

+ *policy = callback_policy;

+ *status = callback_status;

+ completion_handler_called = true;

+ }];

+ base::test::ios::WaitUntilCondition(^{

+ return completion_handler_called;

+ }, base::MessageLoop::current(), base::TimeDelta());

+ }

+ scoped_refptr<net::X509Certificate> cert_;

+ net::MockCertVerifier cert_verifier_;

+ base::scoped_nsobject<CRWCertVerificationController> controller_;

+};

+// Tests cert policy with a valid cert.

+TEST_F(CRWCertVerificationControllerTest, ValidCert) {

+ net::CertVerifyResult verify_result;

+ verify_result.cert_status = CERT_STATUS_NO_REVOCATION_MECHANISM;

+ verify_result.verified_cert = cert_;

+ cert_verifier_.AddResultForCertAndHost(cert_.get(), [kHostName UTF8String],

+ verify_result, net::OK);

+ web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_ERROR;

+ net::CertStatus status;

+ DecidePolicy(cert_, kHostName, &policy, &status);

+ EXPECT_EQ(CERT_ACCEPT_POLICY_ALLOW, policy);

+ EXPECT_EQ(verify_result.cert_status, status);

+// Tests cert policy with an invalid cert.

+TEST_F(CRWCertVerificationControllerTest, InvalidCert) {

+ web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_ERROR;

+ net::CertStatus status;

+ DecidePolicy(cert_, kHostName, &policy, &status);

+ EXPECT_EQ(CERT_ACCEPT_POLICY_DENY, policy);

+// Tests cert policy with null cert.

+TEST_F(CRWCertVerificationControllerTest, NullCert) {

+ web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_ERROR;

+ net::CertStatus status;

+ DecidePolicy(nullptr, kHostName, &policy, &status);

+ EXPECT_EQ(CERT_ACCEPT_POLICY_ERROR, policy);

+// Tests cert policy with null cert and null host.

+TEST_F(CRWCertVerificationControllerTest, NullHost) {

+ web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_ERROR;

+ net::CertStatus status;

+ DecidePolicy(cert_, nil, &policy, &status);

+ EXPECT_EQ(CERT_ACCEPT_POLICY_ERROR, policy);

+} // namespace web