Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(38)

Unified Diff: ios/web/web_state/wk_web_view_security_util.mm

Issue 1322193003: WKWebView(iOS9): correctly update SSL status for current navigation item (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@reland_cert_verification
Patch Set: Updated comment Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: ios/web/web_state/wk_web_view_security_util.mm
diff --git a/ios/web/web_state/wk_web_view_security_util.mm b/ios/web/web_state/wk_web_view_security_util.mm
index 87c3271699dd8d38f9556899487f01bfeb58c0f6..7e5a9ebf222cb16429add0a2d706f8872d10d7c2 100644
--- a/ios/web/web_state/wk_web_view_security_util.mm
+++ b/ios/web/web_state/wk_web_view_security_util.mm
@@ -73,6 +73,22 @@ scoped_refptr<net::X509Certificate> CreateCertFromTrust(SecTrustRef trust) {
SecTrustGetCertificateAtIndex(trust, 0), intermediates);
}
+base::ScopedCFTypeRef<SecTrustRef> CreateServerTrustFromChain(NSArray* certs,
+ NSString* host) {
+ base::ScopedCFTypeRef<SecTrustRef> scoped_result;
+ if (certs.count == 0)
+ return scoped_result;
+
+ base::ScopedCFTypeRef<SecPolicyRef> policy(
+ SecPolicyCreateSSL(TRUE, static_cast<CFStringRef>(host)));
+ SecTrustRef ref_result = nullptr;
+ if (SecTrustCreateWithCertificates(certs, policy, &ref_result) ==
+ errSecSuccess) {
+ scoped_result.reset(ref_result);
+ }
+ return scoped_result;
+}
+
void EnsureFutureTrustEvaluationSucceeds(SecTrustRef trust) {
base::ScopedCFTypeRef<CFDataRef> exceptions(SecTrustCopyExceptions(trust));
SecTrustSetExceptions(trust, exceptions);
@@ -108,4 +124,21 @@ void GetSSLInfoFromWKWebViewSSLCertError(NSError* error,
error.userInfo[web::kNSErrorPeerCertificateChainKey]);
}
+SecurityStyle GetSecurityStyleFromTrustResult(SecTrustResultType result) {
+ switch (result) {
+ case kSecTrustResultInvalid:
+ return SECURITY_STYLE_UNKNOWN;
+ case kSecTrustResultProceed:
+ case kSecTrustResultUnspecified:
+ return SECURITY_STYLE_AUTHENTICATED;
+ case kSecTrustResultDeny:
+ case kSecTrustResultRecoverableTrustFailure:
+ case kSecTrustResultFatalTrustFailure:
+ case kSecTrustResultOtherError:
+ return SECURITY_STYLE_AUTHENTICATION_BROKEN;
+ }
+ NOTREACHED();
+ return SECURITY_STYLE_UNKNOWN;
+}
+
} // namespace web
« no previous file with comments | « ios/web/web_state/wk_web_view_security_util.h ('k') | ios/web/web_state/wk_web_view_security_util_unittest.mm » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698