OLD | NEW |
| (Empty) |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "ios/web/net/crw_cert_verification_controller.h" | |
6 | |
7 #include "base/mac/bind_objc_block.h" | |
8 #include "base/message_loop/message_loop.h" | |
9 #include "base/test/ios/wait_util.h" | |
10 #include "ios/web/public/web_thread.h" | |
11 #include "ios/web/test/web_test.h" | |
12 #include "net/base/test_data_directory.h" | |
13 #include "net/cert/mock_cert_verifier.h" | |
14 #include "net/cert/x509_certificate.h" | |
15 #include "net/test/cert_test_util.h" | |
16 #include "net/url_request/url_request_context.h" | |
17 #include "net/url_request/url_request_context_getter.h" | |
18 | |
19 namespace web { | |
20 | |
21 namespace { | |
22 // Generated cert filename. | |
23 const char kCertFileName[] = "ok_cert.pem"; | |
24 // Test hostname for cert verification. | |
25 NSString* const kHostName = @"www.example.com"; | |
26 } // namespace | |
27 | |
28 // Test fixture to test CRWCertVerificationController class. | |
29 class CRWCertVerificationControllerTest : public web::WebTest { | |
30 protected: | |
31 void SetUp() override { | |
32 web::WebTest::SetUp(); | |
33 | |
34 web::BrowserState* browser_state = GetBrowserState(); | |
35 net::URLRequestContextGetter* getter = browser_state->GetRequestContext(); | |
36 web::WebThread::PostTask(web::WebThread::IO, FROM_HERE, base::BindBlock(^{ | |
37 getter->GetURLRequestContext()->set_cert_verifier(&cert_verifier_); | |
38 })); | |
39 | |
40 controller_.reset([[CRWCertVerificationController alloc] | |
41 initWithBrowserState:browser_state]); | |
42 cert_ = | |
43 net::ImportCertFromFile(net::GetTestCertsDirectory(), kCertFileName); | |
44 } | |
45 | |
46 void TearDown() override { | |
47 [controller_ shutDown]; | |
48 web::WebTest::TearDown(); | |
49 } | |
50 | |
51 // Synchronously returns result of decidePolicyForCert:host:completionHandler: | |
52 // call. | |
53 void DecidePolicy(const scoped_refptr<net::X509Certificate>& cert, | |
54 NSString* host, | |
55 web::CertAcceptPolicy* policy, | |
56 net::CertStatus* status) { | |
57 __block bool completion_handler_called = false; | |
58 [controller_ decidePolicyForCert:cert | |
59 host:host | |
60 completionHandler:^(web::CertAcceptPolicy callback_policy, | |
61 net::CertStatus callback_status) { | |
62 *policy = callback_policy; | |
63 *status = callback_status; | |
64 completion_handler_called = true; | |
65 }]; | |
66 base::test::ios::WaitUntilCondition(^{ | |
67 return completion_handler_called; | |
68 }, base::MessageLoop::current(), base::TimeDelta()); | |
69 } | |
70 | |
71 scoped_refptr<net::X509Certificate> cert_; | |
72 net::MockCertVerifier cert_verifier_; | |
73 base::scoped_nsobject<CRWCertVerificationController> controller_; | |
74 }; | |
75 | |
76 // Tests cert policy with a valid cert. | |
77 TEST_F(CRWCertVerificationControllerTest, ValidCert) { | |
78 net::CertVerifyResult verify_result; | |
79 verify_result.cert_status = net::CERT_STATUS_NO_REVOCATION_MECHANISM; | |
80 verify_result.verified_cert = cert_; | |
81 cert_verifier_.AddResultForCertAndHost(cert_.get(), [kHostName UTF8String], | |
82 verify_result, net::OK); | |
83 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; | |
84 net::CertStatus status; | |
85 DecidePolicy(cert_, kHostName, &policy, &status); | |
86 EXPECT_EQ(CERT_ACCEPT_POLICY_ALLOW, policy); | |
87 EXPECT_EQ(verify_result.cert_status, status); | |
88 } | |
89 | |
90 // Tests cert policy with an invalid cert. | |
91 TEST_F(CRWCertVerificationControllerTest, InvalidCert) { | |
92 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; | |
93 net::CertStatus status; | |
94 DecidePolicy(cert_, kHostName, &policy, &status); | |
95 EXPECT_EQ(CERT_ACCEPT_POLICY_RECOVERABLE_ERROR, policy); | |
96 } | |
97 | |
98 // Tests cert policy with null cert. | |
99 TEST_F(CRWCertVerificationControllerTest, NullCert) { | |
100 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; | |
101 net::CertStatus status; | |
102 DecidePolicy(nullptr, kHostName, &policy, &status); | |
103 EXPECT_EQ(CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR, policy); | |
104 } | |
105 | |
106 // Tests cert policy with null cert and null host. | |
107 TEST_F(CRWCertVerificationControllerTest, NullHost) { | |
108 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; | |
109 net::CertStatus status; | |
110 DecidePolicy(cert_, nil, &policy, &status); | |
111 EXPECT_EQ(CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR, policy); | |
112 } | |
113 | |
114 } // namespace web | |
OLD | NEW |