Index: ios/web/net/cert_verifier_block_adapter_unittest.cc |
diff --git a/ios/web/net/cert_verifier_block_adapter_unittest.cc b/ios/web/net/cert_verifier_block_adapter_unittest.cc |
index f05acf68945f1b15ab00435c5b0a28ad1dec6555..1380045e16e79eee8386043d1cbf9474262a776e 100644 |
--- a/ios/web/net/cert_verifier_block_adapter_unittest.cc |
+++ b/ios/web/net/cert_verifier_block_adapter_unittest.cc |
@@ -4,27 +4,49 @@ |
#include "ios/web/net/cert_verifier_block_adapter.h" |
-#include "base/message_loop/message_loop.h" |
#include "base/test/ios/wait_util.h" |
-#include "ios/web/public/test/test_web_thread_bundle.h" |
#include "net/base/net_errors.h" |
-#include "net/base/test_data_directory.h" |
-#include "net/cert/cert_verifier.h" |
#include "net/cert/cert_verify_result.h" |
#include "net/cert/crl_set.h" |
-#include "net/cert/mock_cert_verifier.h" |
#include "net/cert/x509_certificate.h" |
-#include "net/log/net_log.h" |
-#include "net/test/cert_test_util.h" |
+#include "testing/gmock/include/gmock/gmock.h" |
#include "testing/platform_test.h" |
-namespace web { |
+namespace net { |
+ |
+using testing::_; |
namespace { |
-// Test cert filename. |
-const char kCertFileName[] = "ok_cert.pem"; |
+ |
// Test hostname for CertVerifier. |
-const char kHostName[] = "www.example.com"; |
+const char kHostName[] = "chromium.org"; |
+// Test OCSP response for CertVerifier. |
+const char kOcspResponse[] = "ocsp"; |
+ |
+// Mocks CertVerifier for CertVerifierBlockAdapter testing. |
+class CertVerifierMock : public CertVerifier { |
+ public: |
+ MOCK_METHOD9(Verify, |
+ int(X509Certificate* cert, |
+ const std::string& hostname, |
+ const std::string& ocsp_response, |
+ int flags, |
+ CRLSet* crl_set, |
+ CertVerifyResult* verify_result, |
+ const CompletionCallback& callback, |
+ scoped_ptr<Request>* out_req, |
+ const BoundNetLog& net_log)); |
+}; |
+ |
+// Sets CertVerifyResult to emulate CertVerifier behavior. |
+ACTION_P(SetVerifyResult, result) { |
+ *arg5 = result; |
+} |
+ |
+// Calls CompletionCallback to emulate CertVerifier behavior. |
+ACTION(RunCallback) { |
+ arg6.Run(0); |
+} |
} // namespace |
@@ -33,119 +55,152 @@ |
protected: |
void SetUp() override { |
PlatformTest::SetUp(); |
- cert_ = |
- net::ImportCertFromFile(net::GetTestCertsDirectory(), kCertFileName); |
- ASSERT_TRUE(cert_); |
+ |
+ cert_ = new X509Certificate("test", "test", base::Time(), base::Time()); |
+ scoped_ptr<CertVerifierMock> cert_verifier_mock(new CertVerifierMock()); |
+ cert_verifier_mock_ = cert_verifier_mock.get(); |
+ test_adapter_.reset( |
+ new CertVerifierBlockAdapter(cert_verifier_mock.Pass())); |
} |
// Performs synchronous verification. |
- void Verify(CertVerifierBlockAdapter* cert_verifier_adapter, |
- CertVerifierBlockAdapter::Params params, |
- net::CertVerifyResult* result, |
- int* error) { |
+ void Verify(CertVerifierBlockAdapter::Params params, |
+ scoped_ptr<net::CertVerifyResult>* result, |
+ int* status) { |
__block bool verification_completed = false; |
- cert_verifier_adapter->Verify( |
- params, ^(net::CertVerifyResult callback_result, int callback_error) { |
- *result = callback_result; |
- *error = callback_error; |
- verification_completed = true; |
- }); |
+ test_adapter_->Verify(params, |
+ ^(scoped_ptr<net::CertVerifyResult> callback_result, |
+ int callback_status) { |
+ *result = callback_result.Pass(); |
+ *status = callback_status; |
+ verification_completed = true; |
+ }); |
base::test::ios::WaitUntilCondition(^{ |
return verification_completed; |
- }, base::MessageLoop::current(), base::TimeDelta()); |
+ }); |
} |
- web::TestWebThreadBundle thread_bundle_; |
- scoped_refptr<net::X509Certificate> cert_; |
- net::NetLog net_log_; |
+ // Fake certificate created for testing. |
+ scoped_refptr<X509Certificate> cert_; |
+ // Testable |CertVerifierBlockAdapter| object. |
+ scoped_ptr<CertVerifierBlockAdapter> test_adapter_; |
+ // CertVerifier mock owned by |test_adapter_|. |
+ CertVerifierMock* cert_verifier_mock_; |
}; |
// Tests |Verify| with default params and synchronous verification. |
TEST_F(CertVerifierBlockAdapterTest, DefaultParamsAndSync) { |
- // Set up verifier mock. |
- net::MockCertVerifier verifier; |
- CertVerifierBlockAdapter test_adapter(&verifier, &net_log_); |
- const int kExpectedError = net::ERR_CERT_AUTHORITY_INVALID; |
- net::CertVerifyResult expected_result; |
- expected_result.cert_status = net::CERT_STATUS_AUTHORITY_INVALID; |
- expected_result.verified_cert = cert_; |
- verifier.AddResultForCertAndHost(cert_.get(), kHostName, expected_result, |
- kExpectedError); |
- |
- // Call |Verify|. |
- net::CertVerifyResult actual_result; |
- int actual_error = -1; |
- CertVerifierBlockAdapter::Params params(cert_.get(), kHostName); |
- Verify(&test_adapter, params, &actual_result, &actual_error); |
- |
- // Ensure that Verification results are correct. |
- EXPECT_EQ(kExpectedError, actual_error); |
- EXPECT_EQ(expected_result.cert_status, actual_result.cert_status); |
-} |
- |
-// Tests |Verify| with default params and asynchronous verification using real |
-// net::CertVerifier and ok_cert.pem cert. |
+ // Set up expectation. |
+ net::CertVerifyResult expectedResult; |
+ expectedResult.cert_status = net::CERT_STATUS_AUTHORITY_INVALID; |
+ const int kExpectedStatus = 0; |
+ EXPECT_CALL(*cert_verifier_mock_, |
+ Verify(cert_.get(), kHostName, "", 0, nullptr, _, _, _, _)) |
+ .Times(1) |
+ .WillOnce(testing::DoAll(SetVerifyResult(expectedResult), |
+ testing::Return(kExpectedStatus))); |
+ |
+ // Call |Verify|. |
+ scoped_ptr<CertVerifyResult> actualResult; |
+ int actualStatus = -1; |
+ CertVerifierBlockAdapter::Params params(cert_.get(), kHostName); |
+ Verify(params, &actualResult, &actualStatus); |
+ |
+ // Ensure that Verification results are correct. |
+ EXPECT_EQ(kExpectedStatus, actualStatus); |
+ EXPECT_EQ(expectedResult.cert_status, actualResult->cert_status); |
+} |
+ |
+// Tests |Verify| with default params and asynchronous verification. |
TEST_F(CertVerifierBlockAdapterTest, DefaultParamsAndAsync) { |
- // Call |Verify|. |
- scoped_ptr<net::CertVerifier> verifier(net::CertVerifier::CreateDefault()); |
- CertVerifierBlockAdapter test_adapter(verifier.get(), &net_log_); |
- CertVerifierBlockAdapter::Params params(cert_.get(), kHostName); |
- net::CertVerifyResult actual_result; |
- int actual_error = -1; |
- Verify(&test_adapter, params, &actual_result, &actual_error); |
- |
- // Ensure that Verification results are correct. |
- EXPECT_FALSE(actual_result.is_issued_by_known_root); |
- EXPECT_EQ(net::ERR_CERT_AUTHORITY_INVALID, actual_error); |
-} |
- |
-// Tests |Verify| with invalid cert argument. |
-TEST_F(CertVerifierBlockAdapterTest, InvalidCert) { |
- // Call |Verify|. |
- net::MockCertVerifier verifier; |
- CertVerifierBlockAdapter test_adapter(&verifier, &net_log_); |
- net::CertVerifyResult actual_result; |
- int actual_error = -1; |
- CertVerifierBlockAdapter::Params params(nullptr, kHostName); |
- Verify(&test_adapter, params, &actual_result, &actual_error); |
- |
- // Ensure that Verification results are correct. |
- EXPECT_EQ(net::ERR_INVALID_ARGUMENT, actual_error); |
-} |
- |
-// Tests |Verify| with invalid hostname argument. |
-TEST_F(CertVerifierBlockAdapterTest, InvalidHostname) { |
- // Call |Verify|. |
- net::MockCertVerifier verifier; |
- CertVerifierBlockAdapter test_adapter(&verifier, &net_log_); |
- net::CertVerifyResult actual_result; |
- int actual_error = -1; |
- CertVerifierBlockAdapter::Params params(cert_.get(), std::string()); |
- Verify(&test_adapter, params, &actual_result, &actual_error); |
- |
- // Ensure that Verification results are correct. |
- EXPECT_EQ(net::ERR_INVALID_ARGUMENT, actual_error); |
-} |
- |
-// Tests |Verify| with synchronous error. |
-TEST_F(CertVerifierBlockAdapterTest, DefaultParamsAndSyncError) { |
- // Set up expectation. |
- net::MockCertVerifier verifier; |
- CertVerifierBlockAdapter test_adapter(&verifier, &net_log_); |
- const int kExpectedError = net::ERR_INSUFFICIENT_RESOURCES; |
- net::CertVerifyResult expected_result; |
- expected_result.verified_cert = cert_; |
- verifier.AddResultForCertAndHost(cert_.get(), kHostName, expected_result, |
- kExpectedError); |
- |
- // Call |Verify|. |
- net::CertVerifyResult actual_result; |
- int actual_error = -1; |
- CertVerifierBlockAdapter::Params params(cert_.get(), kHostName); |
- Verify(&test_adapter, params, &actual_result, &actual_error); |
- |
- // Ensure that Verification results are correct. |
- EXPECT_EQ(kExpectedError, actual_error); |
-} |
- |
-} // namespace web |
+ // Set up expectation. |
+ net::CertVerifyResult expectedResult; |
+ expectedResult.is_issued_by_known_root = true; |
+ const int kExpectedStatus = 0; |
+ EXPECT_CALL(*cert_verifier_mock_, |
+ Verify(cert_.get(), kHostName, "", 0, nullptr, _, _, _, _)) |
+ .Times(1) |
+ .WillOnce(testing::DoAll(SetVerifyResult(expectedResult), RunCallback(), |
+ testing::Return(ERR_IO_PENDING))); |
+ |
+ // Call |Verify|. |
+ scoped_ptr<CertVerifyResult> actualResult; |
+ int actualStatus = -1; |
+ CertVerifierBlockAdapter::Params params(cert_.get(), kHostName); |
+ Verify(params, &actualResult, &actualStatus); |
+ |
+ // Ensure that Verification results are correct. |
+ EXPECT_EQ(kExpectedStatus, actualStatus); |
+ EXPECT_EQ(expectedResult.is_issued_by_known_root, |
+ actualResult->is_issued_by_known_root); |
+} |
+ |
+// Tests |Verify| with invalid arguments. |
+TEST_F(CertVerifierBlockAdapterTest, InvalidParamsAndError) { |
+ // Set up expectation. |
+ const int kExpectedStatus = ERR_INVALID_ARGUMENT; |
+ EXPECT_CALL(*cert_verifier_mock_, |
+ Verify(nullptr, "", "", 0, nullptr, _, _, _, _)) |
+ .Times(1) |
+ .WillOnce(testing::Return(kExpectedStatus)); |
+ |
+ // Call |Verify|. |
+ scoped_ptr<CertVerifyResult> actualResult; |
+ int actualStatus = -1; |
+ CertVerifierBlockAdapter::Params params(nullptr, ""); |
+ Verify(params, &actualResult, &actualStatus); |
+ |
+ // Ensure that Verification results are correct. |
+ EXPECT_EQ(kExpectedStatus, actualStatus); |
+ EXPECT_FALSE(actualResult); |
+} |
+ |
+// Tests |Verify| with error. |
+TEST_F(CertVerifierBlockAdapterTest, DefaultParamsAndError) { |
+ // Set up expectation. |
+ const int kExpectedStatus = ERR_INSUFFICIENT_RESOURCES; |
+ EXPECT_CALL(*cert_verifier_mock_, |
+ Verify(cert_.get(), kHostName, "", 0, nullptr, _, _, _, _)) |
+ .Times(1) |
+ .WillOnce(testing::Return(kExpectedStatus)); |
+ |
+ // Call |Verify|. |
+ scoped_ptr<CertVerifyResult> actualResult; |
+ int actualStatus = -1; |
+ CertVerifierBlockAdapter::Params params(cert_.get(), kHostName); |
+ Verify(params, &actualResult, &actualStatus); |
+ |
+ // Ensure that Verification results are correct. |
+ EXPECT_EQ(kExpectedStatus, actualStatus); |
+ EXPECT_FALSE(actualResult); |
+} |
+ |
+// Tests |Verify| with all params and synchronous verification. |
+TEST_F(CertVerifierBlockAdapterTest, AllParamsAndSync) { |
+ // Set up expectation. |
+ net::CertVerifyResult expectedResult; |
+ expectedResult.verified_cert = cert_; |
+ const int kExpectedStatus = 0; |
+ scoped_refptr<CRLSet> crl_set(CRLSet::EmptyCRLSetForTesting()); |
+ EXPECT_CALL(*cert_verifier_mock_, |
+ Verify(cert_.get(), kHostName, kOcspResponse, |
+ CertVerifier::VERIFY_EV_CERT, crl_set.get(), _, _, _, _)) |
+ .Times(1) |
+ .WillOnce(testing::DoAll(SetVerifyResult(expectedResult), |
+ testing::Return(kExpectedStatus))); |
+ |
+ // Call |Verify|. |
+ scoped_ptr<CertVerifyResult> actualResult; |
+ int actualStatus = -1; |
+ CertVerifierBlockAdapter::Params params(cert_.get(), kHostName); |
+ params.ocsp_response = kOcspResponse; |
+ params.flags = CertVerifier::VERIFY_EV_CERT; |
+ params.crl_set = crl_set; |
+ Verify(params, &actualResult, &actualStatus); |
+ |
+ // Ensure that Verification results are correct. |
+ EXPECT_EQ(kExpectedStatus, actualStatus); |
+ EXPECT_EQ(expectedResult.verified_cert, actualResult->verified_cert); |
+} |
+ |
+} // namespace |