Chromium Code Reviews Chromium Code Reviews
Issue 2327433002:
Stop using CertStore which is not compatible with PlzNavigate. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #import "ios/web/net/crw_ssl_status_updater.h" | 5 #import "ios/web/net/crw_ssl_status_updater.h" |
| 6 | 6 |
| 7 #include "base/mac/scoped_block.h" | 7 #include "base/mac/scoped_block.h" |
| 8 #include "base/strings/sys_string_conversions.h" | 8 #include "base/strings/sys_string_conversions.h" |
| 9 #import "ios/web/navigation/crw_session_controller+private_constructors.h" | 9 #import "ios/web/navigation/crw_session_controller+private_constructors.h" |
| 10 #import "ios/web/navigation/crw_session_controller.h" | 10 #import "ios/web/navigation/crw_session_controller.h" |
| 11 #import "ios/web/navigation/navigation_manager_impl.h" | 11 #import "ios/web/navigation/navigation_manager_impl.h" |
| 12 #include "ios/web/public/cert_store.h" | 12 #include "ios/web/public/cert_store.h" |
|
Eugene But (OOO till 7-30)
2016/09/08 16:57:46
ditto
| |
| 13 #include "ios/web/public/navigation_item.h" | 13 #include "ios/web/public/navigation_item.h" |
| 14 #include "ios/web/public/ssl_status.h" | 14 #include "ios/web/public/ssl_status.h" |
| 15 #include "ios/web/public/test/web_test.h" | 15 #include "ios/web/public/test/web_test.h" |
| 16 #import "ios/web/web_state/wk_web_view_security_util.h" | 16 #import "ios/web/web_state/wk_web_view_security_util.h" |
| 17 #include "net/test/cert_test_util.h" | 17 #include "net/test/cert_test_util.h" |
| 18 #include "net/test/test_data_directory.h" | 18 #include "net/test/test_data_directory.h" |
| 19 #include "third_party/ocmock/OCMock/OCMock.h" | 19 #include "third_party/ocmock/OCMock/OCMock.h" |
| 20 #include "third_party/ocmock/gtest_support.h" | 20 #include "third_party/ocmock/gtest_support.h" |
| 21 | 21 |
| 22 // Mocks CRWSSLStatusUpdaterTestDataSource. | 22 // Mocks CRWSSLStatusUpdaterTestDataSource. |
| (...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 140 // Make sure that item change callback was called. | 140 // Make sure that item change callback was called. |
| 141 [[delegate_ expect] SSLStatusUpdater:ssl_status_updater_ | 141 [[delegate_ expect] SSLStatusUpdater:ssl_status_updater_ |
| 142 didChangeSSLStatusForNavigationItem:item]; | 142 didChangeSSLStatusForNavigationItem:item]; |
| 143 | 143 |
| 144 [ssl_status_updater_ updateSSLStatusForNavigationItem:item | 144 [ssl_status_updater_ updateSSLStatusForNavigationItem:item |
| 145 withCertHost:kHostName | 145 withCertHost:kHostName |
| 146 trust:trust_ | 146 trust:trust_ |
| 147 hasOnlySecureContent:NO]; | 147 hasOnlySecureContent:NO]; |
| 148 | 148 |
| 149 // No certificate for http. | 149 // No certificate for http. |
| 150 EXPECT_FALSE(item->GetSSL().cert_id); | 150 EXPECT_FALSE(!!item->GetSSL().certificate.get()); |
| 151 // Make sure that security style and content status did change. | 151 // Make sure that security style and content status did change. |
| 152 EXPECT_EQ(web::SECURITY_STYLE_UNAUTHENTICATED, item->GetSSL().security_style); | 152 EXPECT_EQ(web::SECURITY_STYLE_UNAUTHENTICATED, item->GetSSL().security_style); |
| 153 EXPECT_EQ(web::SSLStatus::DISPLAYED_INSECURE_CONTENT, | 153 EXPECT_EQ(web::SSLStatus::DISPLAYED_INSECURE_CONTENT, |
| 154 item->GetSSL().content_status); | 154 item->GetSSL().content_status); |
| 155 } | 155 } |
| 156 | 156 |
| 157 // Tests that delegate callback is not called if no changes were made to http | 157 // Tests that delegate callback is not called if no changes were made to http |
| 158 // navigation item. | 158 // navigation item. |
| 159 TEST_F(CRWSSLStatusUpdaterTest, NoChangesToHttpItem) { | 159 TEST_F(CRWSSLStatusUpdaterTest, NoChangesToHttpItem) { |
| 160 nav_manager_->SetSessionController(SessionControllerWithEntry(kHttpUrl)); | 160 nav_manager_->SetSessionController(SessionControllerWithEntry(kHttpUrl)); |
| 161 web::NavigationItem* item = nav_manager_->GetLastCommittedItem(); | 161 web::NavigationItem* item = nav_manager_->GetLastCommittedItem(); |
| 162 item->GetSSL().security_style = SECURITY_STYLE_UNAUTHENTICATED; | 162 item->GetSSL().security_style = SECURITY_STYLE_UNAUTHENTICATED; |
| 163 | 163 |
| 164 [ssl_status_updater_ updateSSLStatusForNavigationItem:item | 164 [ssl_status_updater_ updateSSLStatusForNavigationItem:item |
| 165 withCertHost:kHostName | 165 withCertHost:kHostName |
| 166 trust:trust_ | 166 trust:trust_ |
| 167 hasOnlySecureContent:YES]; | 167 hasOnlySecureContent:YES]; |
| 168 // No certificate for http. | 168 // No certificate for http. |
| 169 EXPECT_FALSE(item->GetSSL().cert_id); | 169 EXPECT_FALSE(!!item->GetSSL().certificate.get()); |
| 170 // Make sure that security style did not change. | 170 // Make sure that security style did not change. |
| 171 EXPECT_EQ(web::SECURITY_STYLE_UNAUTHENTICATED, item->GetSSL().security_style); | 171 EXPECT_EQ(web::SECURITY_STYLE_UNAUTHENTICATED, item->GetSSL().security_style); |
| 172 } | 172 } |
| 173 | 173 |
| 174 // Tests updating https navigation item without cert. | 174 // Tests updating https navigation item without cert. |
| 175 TEST_F(CRWSSLStatusUpdaterTest, HttpsItemNoCert) { | 175 TEST_F(CRWSSLStatusUpdaterTest, HttpsItemNoCert) { |
| 176 nav_manager_->SetSessionController(SessionControllerWithEntry(kHttpsUrl)); | 176 nav_manager_->SetSessionController(SessionControllerWithEntry(kHttpsUrl)); |
| 177 web::NavigationItem* item = nav_manager_->GetLastCommittedItem(); | 177 web::NavigationItem* item = nav_manager_->GetLastCommittedItem(); |
| 178 // Change default value to test that |item| is actually changed. | 178 // Change default value to test that |item| is actually changed. |
| 179 item->GetSSL().security_style = SECURITY_STYLE_UNAUTHENTICATED; | 179 item->GetSSL().security_style = SECURITY_STYLE_UNAUTHENTICATED; |
| 180 | 180 |
| 181 // Make sure that item change callback was called. | 181 // Make sure that item change callback was called. |
| 182 [[delegate_ expect] SSLStatusUpdater:ssl_status_updater_ | 182 [[delegate_ expect] SSLStatusUpdater:ssl_status_updater_ |
| 183 didChangeSSLStatusForNavigationItem:item]; | 183 didChangeSSLStatusForNavigationItem:item]; |
| 184 | 184 |
| 185 [ssl_status_updater_ | 185 [ssl_status_updater_ |
| 186 updateSSLStatusForNavigationItem:item | 186 updateSSLStatusForNavigationItem:item |
| 187 withCertHost:kHostName | 187 withCertHost:kHostName |
| 188 trust:base::ScopedCFTypeRef<SecTrustRef>() | 188 trust:base::ScopedCFTypeRef<SecTrustRef>() |
| 189 hasOnlySecureContent:YES]; | 189 hasOnlySecureContent:YES]; |
| 190 // No certificate. | 190 // No certificate. |
| 191 EXPECT_FALSE(item->GetSSL().cert_id); | 191 EXPECT_FALSE(!!item->GetSSL().certificate.get()); |
| 192 // Make sure that security style did change. | 192 // Make sure that security style did change. |
| 193 EXPECT_EQ(web::SECURITY_STYLE_UNKNOWN, item->GetSSL().security_style); | 193 EXPECT_EQ(web::SECURITY_STYLE_UNKNOWN, item->GetSSL().security_style); |
| 194 EXPECT_EQ(web::SSLStatus::NORMAL_CONTENT, item->GetSSL().content_status); | 194 EXPECT_EQ(web::SSLStatus::NORMAL_CONTENT, item->GetSSL().content_status); |
| 195 } | 195 } |
| 196 | 196 |
| 197 // Tests that unnecessary cert verification does not happen if SSL status has | 197 // Tests that unnecessary cert verification does not happen if SSL status has |
| 198 // already been calculated and the only change was appearing of mixed content. | 198 // already been calculated and the only change was appearing of mixed content. |
| 199 TEST_F(CRWSSLStatusUpdaterTest, HttpsItemNoCertReverification) { | 199 TEST_F(CRWSSLStatusUpdaterTest, HttpsItemNoCertReverification) { |
| 200 nav_manager_->SetSessionController(SessionControllerWithEntry(kHttpsUrl)); | 200 nav_manager_->SetSessionController(SessionControllerWithEntry(kHttpsUrl)); |
| 201 web::NavigationItem* item = nav_manager_->GetLastCommittedItem(); | 201 web::NavigationItem* item = nav_manager_->GetLastCommittedItem(); |
| 202 // Set SSL status manually in the way so cert re-verification is not run. | 202 // Set SSL status manually in the way so cert re-verification is not run. |
| 203 item->GetSSL().cert_status_host = base::SysNSStringToUTF8(kHostName); | 203 item->GetSSL().cert_status_host = base::SysNSStringToUTF8(kHostName); |
| 204 item->GetSSL().cert_id = web::CertStore::GetInstance()->StoreCert( | 204 item->GetSSL().certificate = web::CreateCertFromTrust(trust_); |
| 205 web::CreateCertFromTrust(trust_).get(), kCertGroupID); | |
| 206 | 205 |
| 207 // Make sure that item change callback was called. | 206 // Make sure that item change callback was called. |
| 208 [[delegate_ expect] SSLStatusUpdater:ssl_status_updater_ | 207 [[delegate_ expect] SSLStatusUpdater:ssl_status_updater_ |
| 209 didChangeSSLStatusForNavigationItem:item]; | 208 didChangeSSLStatusForNavigationItem:item]; |
| 210 | 209 |
| 211 [ssl_status_updater_ updateSSLStatusForNavigationItem:item | 210 [ssl_status_updater_ updateSSLStatusForNavigationItem:item |
| 212 withCertHost:kHostName | 211 withCertHost:kHostName |
| 213 trust:trust_ | 212 trust:trust_ |
| 214 hasOnlySecureContent:NO]; | 213 hasOnlySecureContent:NO]; |
| 215 // Make sure that cert verification did not run. | 214 // Make sure that cert verification did not run. |
| (...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 348 | 347 |
| 349 // Make sure that cert verification was requested. | 348 // Make sure that cert verification was requested. |
| 350 EXPECT_TRUE([data_source_ certVerificationRequested]); | 349 EXPECT_TRUE([data_source_ certVerificationRequested]); |
| 351 | 350 |
| 352 // Make sure that security style and cert status are reset during | 351 // Make sure that security style and cert status are reset during |
| 353 // verification. | 352 // verification. |
| 354 EXPECT_EQ(web::SECURITY_STYLE_UNKNOWN, item->GetSSL().security_style); | 353 EXPECT_EQ(web::SECURITY_STYLE_UNKNOWN, item->GetSSL().security_style); |
| 355 EXPECT_FALSE(item->GetSSL().cert_status); | 354 EXPECT_FALSE(item->GetSSL().cert_status); |
| 356 | 355 |
| 357 // Change the cert. | 356 // Change the cert. |
| 358 item->GetSSL().cert_id = -1; | 357 item->GetSSL().certificate = nullptr; |
| 359 | 358 |
| 360 // Reply with calculated cert verification status. | 359 // Reply with calculated cert verification status. |
| 361 [data_source_ | 360 [data_source_ |
| 362 finishVerificationWithCertStatus:0 | 361 finishVerificationWithCertStatus:0 |
| 363 securityStyle:web::SECURITY_STYLE_AUTHENTICATED]; | 362 securityStyle:web::SECURITY_STYLE_AUTHENTICATED]; |
| 364 | 363 |
| 365 // Make sure that security style and content status did change. | 364 // Make sure that security style and content status did change. |
| 366 EXPECT_EQ(web::SECURITY_STYLE_UNKNOWN, item->GetSSL().security_style); | 365 EXPECT_EQ(web::SECURITY_STYLE_UNKNOWN, item->GetSSL().security_style); |
| 367 EXPECT_EQ(web::SSLStatus::NORMAL_CONTENT, item->GetSSL().content_status); | 366 EXPECT_EQ(web::SSLStatus::NORMAL_CONTENT, item->GetSSL().content_status); |
| 368 } | 367 } |
| 369 | 368 |
| 370 } // namespace web | 369 } // namespace web |
| OLD | NEW |
