| Index: ios/web/net/crw_ssl_status_updater_unittest.mm
|
| diff --git a/ios/web/net/crw_ssl_status_updater_unittest.mm b/ios/web/net/crw_ssl_status_updater_unittest.mm
|
| index c0b36423636a839dfb4ac35253602e17b3094322..b812bb6e3adfa512a6d822db5d56be3c4a0a9137 100644
|
| --- a/ios/web/net/crw_ssl_status_updater_unittest.mm
|
| +++ b/ios/web/net/crw_ssl_status_updater_unittest.mm
|
| @@ -50,9 +50,9 @@
|
| #pragma mark CRWSSLStatusUpdaterDataSource
|
|
|
| - (void)SSLStatusUpdater:(CRWSSLStatusUpdater*)SSLStatusUpdater
|
| - querySSLStatusForCertChain:(NSArray*)chain
|
| - host:(NSString*)host
|
| - completionHandler:(StatusQueryHandler)completionHandler {
|
| + querySSLStatusForTrust:(base::ScopedCFTypeRef<SecTrustRef>)trust
|
| + host:(NSString*)host
|
| + completionHandler:(StatusQueryHandler)completionHandler {
|
| _verificationCompletionHandler.reset([completionHandler copy]);
|
| }
|
|
|
| @@ -95,7 +95,8 @@ class CRWSSLStatusUpdaterTest : public web::WebTest {
|
| scoped_refptr<net::X509Certificate> cert =
|
| net::ImportCertFromFile(net::GetTestCertsDirectory(), kCertFileName);
|
| ASSERT_TRUE(cert);
|
| - cert_chain_.reset([@[ static_cast<id>(cert->os_cert_handle()) ] retain]);
|
| + NSArray* chain = @[ static_cast<id>(cert->os_cert_handle()) ];
|
| + trust_ = CreateServerTrustFromChain(chain, kHostName);
|
| }
|
|
|
| void TearDown() override {
|
| @@ -124,7 +125,7 @@ class CRWSSLStatusUpdaterTest : public web::WebTest {
|
| base::scoped_nsprotocol<id> delegate_;
|
| std::unique_ptr<web::NavigationManagerImpl> nav_manager_;
|
| base::scoped_nsobject<CRWSSLStatusUpdater> ssl_status_updater_;
|
| - base::scoped_nsobject<NSArray> cert_chain_;
|
| + base::ScopedCFTypeRef<SecTrustRef> trust_;
|
| };
|
|
|
| // Tests that CRWSSLStatusUpdater init returns non nil object.
|
| @@ -142,7 +143,7 @@ TEST_F(CRWSSLStatusUpdaterTest, HttpItem) {
|
|
|
| [ssl_status_updater_ updateSSLStatusForNavigationItem:item
|
| withCertHost:kHostName
|
| - certChain:cert_chain_
|
| + trust:trust_
|
| hasOnlySecureContent:NO];
|
|
|
| // No certificate for http.
|
| @@ -162,7 +163,7 @@ TEST_F(CRWSSLStatusUpdaterTest, NoChangesToHttpItem) {
|
|
|
| [ssl_status_updater_ updateSSLStatusForNavigationItem:item
|
| withCertHost:kHostName
|
| - certChain:cert_chain_
|
| + trust:trust_
|
| hasOnlySecureContent:YES];
|
| // No certificate for http.
|
| EXPECT_FALSE(item->GetSSL().cert_id);
|
| @@ -181,10 +182,11 @@ TEST_F(CRWSSLStatusUpdaterTest, HttpsItemNoCert) {
|
| [[delegate_ expect] SSLStatusUpdater:ssl_status_updater_
|
| didChangeSSLStatusForNavigationItem:item];
|
|
|
| - [ssl_status_updater_ updateSSLStatusForNavigationItem:item
|
| - withCertHost:kHostName
|
| - certChain:@[]
|
| - hasOnlySecureContent:YES];
|
| + [ssl_status_updater_
|
| + updateSSLStatusForNavigationItem:item
|
| + withCertHost:kHostName
|
| + trust:base::ScopedCFTypeRef<SecTrustRef>()
|
| + hasOnlySecureContent:YES];
|
| // No certificate.
|
| EXPECT_FALSE(item->GetSSL().cert_id);
|
| // Make sure that security style did change.
|
| @@ -200,7 +202,7 @@ TEST_F(CRWSSLStatusUpdaterTest, HttpsItemNoCertReverification) {
|
| // Set SSL status manually in the way so cert re-verification is not run.
|
| item->GetSSL().cert_status_host = base::SysNSStringToUTF8(kHostName);
|
| item->GetSSL().cert_id = web::CertStore::GetInstance()->StoreCert(
|
| - web::CreateCertFromChain(cert_chain_).get(), kCertGroupID);
|
| + web::CreateCertFromTrust(trust_).get(), kCertGroupID);
|
|
|
| // Make sure that item change callback was called.
|
| [[delegate_ expect] SSLStatusUpdater:ssl_status_updater_
|
| @@ -208,7 +210,7 @@ TEST_F(CRWSSLStatusUpdaterTest, HttpsItemNoCertReverification) {
|
|
|
| [ssl_status_updater_ updateSSLStatusForNavigationItem:item
|
| withCertHost:kHostName
|
| - certChain:cert_chain_
|
| + trust:trust_
|
| hasOnlySecureContent:NO];
|
| // Make sure that cert verification did not run.
|
| EXPECT_FALSE([data_source_ certVerificationRequested]);
|
| @@ -233,7 +235,7 @@ TEST_F(CRWSSLStatusUpdaterTest, HttpsItem) {
|
|
|
| [ssl_status_updater_ updateSSLStatusForNavigationItem:item
|
| withCertHost:kHostName
|
| - certChain:cert_chain_
|
| + trust:trust_
|
| hasOnlySecureContent:NO];
|
|
|
| // Make sure that cert verification was requested.
|
| @@ -270,7 +272,7 @@ TEST_F(CRWSSLStatusUpdaterTest, HttpsItemChangeUrlDuringUpdate) {
|
|
|
| [ssl_status_updater_ updateSSLStatusForNavigationItem:item
|
| withCertHost:kHostName
|
| - certChain:cert_chain_
|
| + trust:trust_
|
| hasOnlySecureContent:YES];
|
|
|
| // Make sure that cert verification was requested.
|
| @@ -306,7 +308,7 @@ TEST_F(CRWSSLStatusUpdaterTest, HttpsItemDowngrade) {
|
|
|
| [ssl_status_updater_ updateSSLStatusForNavigationItem:item
|
| withCertHost:kHostName
|
| - certChain:cert_chain_
|
| + trust:trust_
|
| hasOnlySecureContent:YES];
|
|
|
| // Make sure that cert verification was requested.
|
| @@ -341,7 +343,7 @@ TEST_F(CRWSSLStatusUpdaterTest, CertChanged) {
|
|
|
| [ssl_status_updater_ updateSSLStatusForNavigationItem:item
|
| withCertHost:kHostName
|
| - certChain:cert_chain_
|
| + trust:trust_
|
| hasOnlySecureContent:YES];
|
|
|
| // Make sure that cert verification was requested.
|
|
|
Chromium Code Reviews
Issue 2151693008:
[ios] Use -[WKWebView serverTrust] instead of certificateChain on iOS 10. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master