| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "ios/web/net/crw_cert_verification_controller.h" | 5 #include "ios/web/net/crw_cert_verification_controller.h" |
| 6 | 6 |
| 7 #include "base/mac/bind_objc_block.h" | 7 #include "base/mac/bind_objc_block.h" |
| 8 #include "base/message_loop/message_loop.h" | 8 #include "base/message_loop/message_loop.h" |
| 9 #include "base/test/ios/wait_util.h" | 9 #include "base/test/ios/wait_util.h" |
| 10 #include "ios/web/public/web_thread.h" | 10 #include "ios/web/public/web_thread.h" |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 67 return completion_handler_called; | 67 return completion_handler_called; |
| 68 }, base::MessageLoop::current(), base::TimeDelta()); | 68 }, base::MessageLoop::current(), base::TimeDelta()); |
| 69 } | 69 } |
| 70 | 70 |
| 71 scoped_refptr<net::X509Certificate> cert_; | 71 scoped_refptr<net::X509Certificate> cert_; |
| 72 net::MockCertVerifier cert_verifier_; | 72 net::MockCertVerifier cert_verifier_; |
| 73 base::scoped_nsobject<CRWCertVerificationController> controller_; | 73 base::scoped_nsobject<CRWCertVerificationController> controller_; |
| 74 }; | 74 }; |
| 75 | 75 |
| 76 // Tests cert policy with a valid cert. | 76 // Tests cert policy with a valid cert. |
| 77 TEST_F(CRWCertVerificationControllerTest, ValidCert) { | 77 TEST_F(CRWCertVerificationControllerTest, PolicyForValidCert) { |
| 78 net::CertVerifyResult verify_result; | 78 net::CertVerifyResult verify_result; |
| 79 verify_result.cert_status = net::CERT_STATUS_NO_REVOCATION_MECHANISM; | 79 verify_result.cert_status = net::CERT_STATUS_NO_REVOCATION_MECHANISM; |
| 80 verify_result.verified_cert = cert_; | 80 verify_result.verified_cert = cert_; |
| 81 cert_verifier_.AddResultForCertAndHost(cert_.get(), [kHostName UTF8String], | 81 cert_verifier_.AddResultForCertAndHost(cert_.get(), [kHostName UTF8String], |
| 82 verify_result, net::OK); | 82 verify_result, net::OK); |
| 83 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; | 83 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
| 84 net::CertStatus status; | 84 net::CertStatus status; |
| 85 DecidePolicy(cert_, kHostName, &policy, &status); | 85 DecidePolicy(cert_, kHostName, &policy, &status); |
| 86 EXPECT_EQ(CERT_ACCEPT_POLICY_ALLOW, policy); | 86 EXPECT_EQ(CERT_ACCEPT_POLICY_ALLOW, policy); |
| 87 EXPECT_EQ(verify_result.cert_status, status); | 87 EXPECT_EQ(verify_result.cert_status, status); |
| 88 } | 88 } |
| 89 | 89 |
| 90 // Tests cert policy with an invalid cert. | 90 // Tests cert policy with an invalid cert. |
| 91 TEST_F(CRWCertVerificationControllerTest, InvalidCert) { | 91 TEST_F(CRWCertVerificationControllerTest, PolicyForInvalidCert) { |
| 92 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; | 92 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
| 93 net::CertStatus status; | 93 net::CertStatus status; |
| 94 DecidePolicy(cert_, kHostName, &policy, &status); | 94 DecidePolicy(cert_, kHostName, &policy, &status); |
| 95 EXPECT_EQ(CERT_ACCEPT_POLICY_RECOVERABLE_ERROR, policy); | 95 EXPECT_EQ(CERT_ACCEPT_POLICY_RECOVERABLE_ERROR, policy); |
| 96 } | 96 } |
| 97 | 97 |
| 98 // Tests cert policy with null cert. | 98 // Tests cert policy with null cert. |
| 99 TEST_F(CRWCertVerificationControllerTest, NullCert) { | 99 TEST_F(CRWCertVerificationControllerTest, PolicyForNullCert) { |
| 100 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; | 100 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
| 101 net::CertStatus status; | 101 net::CertStatus status; |
| 102 DecidePolicy(nullptr, kHostName, &policy, &status); | 102 DecidePolicy(nullptr, kHostName, &policy, &status); |
| 103 EXPECT_EQ(CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR, policy); | 103 EXPECT_EQ(CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR, policy); |
| 104 } | 104 } |
| 105 | 105 |
| 106 // Tests cert policy with null cert and null host. | 106 // Tests cert policy with null cert and null host. |
| 107 TEST_F(CRWCertVerificationControllerTest, NullHost) { | 107 TEST_F(CRWCertVerificationControllerTest, PolicyForNullHost) { |
| 108 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; | 108 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
| 109 net::CertStatus status; | 109 net::CertStatus status; |
| 110 DecidePolicy(cert_, nil, &policy, &status); | 110 DecidePolicy(cert_, nil, &policy, &status); |
| 111 EXPECT_EQ(CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR, policy); | 111 EXPECT_EQ(CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR, policy); |
| 112 } | 112 } |
| 113 | 113 |
| 114 // Tests SSL status with invalid cert. |
| 115 TEST_F(CRWCertVerificationControllerTest, SSLStatusForInvalidCert) { |
| 116 __block bool completion_handler_called = false; |
| 117 [controller_ |
| 118 querySSLStatusForCertChain:@[ static_cast<id>(cert_->os_cert_handle()) ] |
| 119 host:kHostName |
| 120 completionHandler:^(SecurityStyle style, |
| 121 net::CertStatus status) { |
| 122 EXPECT_EQ(SECURITY_STYLE_AUTHENTICATION_BROKEN, style); |
| 123 EXPECT_TRUE(status && net::CERT_STATUS_INVALID); |
| 124 completion_handler_called = true; |
| 125 }]; |
| 126 base::test::ios::WaitUntilCondition(^{ |
| 127 return completion_handler_called; |
| 128 }, base::MessageLoop::current(), base::TimeDelta()); |
| 129 } |
| 130 |
| 114 } // namespace web | 131 } // namespace web |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1322193003:
WKWebView(iOS9): correctly update SSL status for current navigation item (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@reland_cert_verification