Add information to SSLInfo about CT EV policy compliance

net/socket/ssl_client_socket_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/socket/ssl_client_socket.h"
 
 #include <utility>
 
 #include "base/callback_helpers.h"
 #include "base/location.h"
@@ skipping 667 matching lines @@
                            const std::string&,
                            ct::CTVerifyResult*,
                            const BoundNetLog&));
   MOCK_METHOD1(SetObserver, void(CTVerifier::Observer*));
 };
 
 // A mock CTPolicyEnforcer that returns a custom verification result.
 class MockCTPolicyEnforcer : public CTPolicyEnforcer {
  public:
   MOCK_METHOD4(DoesConformToCTEVPolicy,
-               bool(X509Certificate* cert,
-                    const ct::EVCertsWhitelist*,
-                    const ct::CTVerifyResult&,
-                    const BoundNetLog&));
+               ct::EVPolicyCompliance(X509Certificate* cert,
+                                      const ct::EVCertsWhitelist*,
+                                      const ct::SCTList&,
+                                      const BoundNetLog&));
 };
 
 class SSLClientSocketTest : public PlatformTest {
  public:
   SSLClientSocketTest()
       : socket_factory_(ClientSocketFactory::GetDefaultFactory()),
         cert_verifier_(new MockCertVerifier),
         transport_security_state_(new TransportSecurityState) {
     cert_verifier_->set_default_result(OK);
     context_.cert_verifier = cert_verifier_.get();
@@ skipping 1626 matching lines @@
   // To activate the CT/EV policy enforcement non-null CTVerifier and
   // CTPolicyEnforcer are needed.
   MockCTVerifier ct_verifier;
   SetCTVerifier(&ct_verifier);
   EXPECT_CALL(ct_verifier, Verify(_, "", "", _, _)).WillRepeatedly(Return(OK));
 
   // Emulate compliance of the certificate to the policy.
   MockCTPolicyEnforcer policy_enforcer;
   SetCTPolicyEnforcer(&policy_enforcer);
   EXPECT_CALL(policy_enforcer, DoesConformToCTEVPolicy(_, _, _, _))
-      .WillRepeatedly(Return(true));
+      .WillRepeatedly(Return(ct::EV_POLICY_COMPLIES_VIA_SCTS));
 
   int rv;
   ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
   EXPECT_EQ(OK, rv);
 
   SSLInfo result;
   ASSERT_TRUE(sock_->GetSSLInfo(&result));
 
   EXPECT_TRUE(result.cert_status & CERT_STATUS_IS_EV);
 }
@@ skipping 11 matching lines @@
   // To activate the CT/EV policy enforcement non-null CTVerifier and
   // CTPolicyEnforcer are needed.
   MockCTVerifier ct_verifier;
   SetCTVerifier(&ct_verifier);
   EXPECT_CALL(ct_verifier, Verify(_, "", "", _, _)).WillRepeatedly(Return(OK));
 
   // Emulate non-compliance of the certificate to the policy.
   MockCTPolicyEnforcer policy_enforcer;
   SetCTPolicyEnforcer(&policy_enforcer);
   EXPECT_CALL(policy_enforcer, DoesConformToCTEVPolicy(_, _, _, _))
-      .WillRepeatedly(Return(false));
+      .WillRepeatedly(Return(ct::EV_POLICY_NOT_ENOUGH_SCTS));
 
   int rv;
   ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
   EXPECT_EQ(OK, rv);
 
   SSLInfo result;
   ASSERT_TRUE(sock_->GetSSLInfo(&result));
 
   EXPECT_FALSE(result.cert_status & CERT_STATUS_IS_EV);
   EXPECT_TRUE(result.cert_status & CERT_STATUS_CT_COMPLIANCE_FAILED);
@@ skipping 853 matching lines @@
   int rv;
   ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv));
   EXPECT_EQ(OK, rv);
 
   std::string proto;
   EXPECT_EQ(SSLClientSocket::kNextProtoUnsupported,
             sock_->GetNextProto(&proto));
 }
 
 }  // namespace net