Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(672)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: ios/web/web_state/wk_web_view_security_util.mm

Issue 1322193003: WKWebView(iOS9): correctly update SSL status for current navigation item (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@reland_cert_verification
Patch Set: Do not use CertVerifier for good certs Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« ios/web/web_state/ui/crw_wk_web_view_web_controller.mm ('K') | « ios/web/web_state/wk_web_view_security_util.h ('k') | ios/web/web_state/wk_web_view_security_util_unittest.mm » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: ios/web/web_state/wk_web_view_security_util.mm
diff --git a/ios/web/web_state/wk_web_view_security_util.mm b/ios/web/web_state/wk_web_view_security_util.mm
index 0cc3ba913b30403492a42e8b196d854bccb05cbb..664c9a7499923c199b3409d5024939700da1d4d0 100644
--- a/ios/web/web_state/wk_web_view_security_util.mm
+++ b/ios/web/web_state/wk_web_view_security_util.mm
@@ -94,6 +94,22 @@ scoped_refptr<net::X509Certificate> CreateCertFromTrust(SecTrustRef trust) {
SecTrustGetCertificateAtIndex(trust, 0), intermediates);
}
+base::ScopedCFTypeRef<SecTrustRef> CreateServerTrustFromChain(NSArray* certs,
+ NSString* host) {
+ base::ScopedCFTypeRef<SecTrustRef> scoped_result;
+ if (certs.count == 0)
+ return scoped_result;
+
+ base::ScopedCFTypeRef<SecPolicyRef> policy(
+ SecPolicyCreateSSL(TRUE, static_cast<CFStringRef>(host)));
davidben 2015/10/05 22:19:11 (Shouldn't this be YES, or is that a different boo
Eugene But (OOO till 7-30) 2015/10/06 03:10:09 YES is for Objective-C BOOL type. TRUE is for C Bo
+ SecTrustRef ref_result = nullptr;
+ if (SecTrustCreateWithCertificates(certs, policy, &ref_result) ==
+ errSecSuccess) {
+ scoped_result.reset(ref_result);
+ }
+ return scoped_result;
+}
+
void EnsureFutureTrustEvaluationSucceeds(SecTrustRef trust) {
base::ScopedCFTypeRef<CFDataRef> exceptions(SecTrustCopyExceptions(trust));
SecTrustSetExceptions(trust, exceptions);
@@ -116,4 +132,21 @@ void GetSSLInfoFromWKWebViewSSLError(NSError* error, net::SSLInfo* ssl_info) {
ssl_info->cert = CreateCertFromSSLError(error);
}
+SecurityStyle GetSecurityStyleFromTrustResult(SecTrustResultType result) {
+ switch (result) {
+ case kSecTrustResultInvalid:
+ return SECURITY_STYLE_UNKNOWN;
+ case kSecTrustResultProceed:
+ case kSecTrustResultUnspecified:
+ return SECURITY_STYLE_AUTHENTICATED;
+ case kSecTrustResultDeny:
+ case kSecTrustResultRecoverableTrustFailure:
+ case kSecTrustResultFatalTrustFailure:
+ case kSecTrustResultOtherError:
+ return SECURITY_STYLE_AUTHENTICATION_BROKEN;
+ }
+ NOTREACHED();
+ return SECURITY_STYLE_UNKNOWN;
+}
+
} // namespace web
« ios/web/web_state/ui/crw_wk_web_view_web_controller.mm ('K') | « ios/web/web_state/wk_web_view_security_util.h ('k') | ios/web/web_state/wk_web_view_security_util_unittest.mm » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698