Index: components/security_state/content/content_utils_unittest.cc |
diff --git a/components/security_state/content/content_utils_unittest.cc b/components/security_state/content/content_utils_unittest.cc |
index 41395a8e3ba9cc5f04c77d572b2c0f50bd24eab9..9e53bae4a9aa1a7784ff0e5b3accff6e5c67464d 100644 |
--- a/components/security_state/content/content_utils_unittest.cc |
+++ b/components/security_state/content/content_utils_unittest.cc |
@@ -13,6 +13,8 @@ |
#include "net/cert/cert_status_flags.h" |
#include "net/ssl/ssl_cipher_suite_names.h" |
#include "net/ssl/ssl_connection_status_flags.h" |
+#include "net/test/cert_test_util.h" |
+#include "net/test/test_data_directory.h" |
#include "testing/gtest/include/gtest/gtest.h" |
namespace { |
@@ -232,4 +234,28 @@ TEST(SecurityStateContentUtilsTest, HTTPWarning) { |
EXPECT_EQ(1u, explanations.unauthenticated_explanations.size()); |
} |
+// Tests that an explanation is provided if a certificate is missing a |
+// subjectAltName extension containing a domain name or IP address. |
+TEST(SecurityStateContentUtilsTest, SubjectAltNameWarning) { |
+ security_state::SecurityInfo security_info; |
+ security_info.cert_status = 0; |
+ security_info.scheme_is_cryptographic = true; |
+ |
+ security_info.certificate = net::ImportCertFromFile( |
+ net::GetTestCertsDirectory(), "salesforce_com_test.pem"); |
+ ASSERT_TRUE(security_info.certificate); |
+ |
+ content::SecurityStyleExplanations explanations; |
+ security_info.cert_missing_subject_alt_name = true; |
+ GetSecurityStyle(security_info, &explanations); |
+ // Verify that an explanation was shown for a missing subjectAltName. |
+ EXPECT_EQ(1u, explanations.broken_explanations.size()); |
+ |
+ explanations.broken_explanations.clear(); |
+ security_info.cert_missing_subject_alt_name = false; |
+ GetSecurityStyle(security_info, &explanations); |
+ // Verify that no explanation is shown if the subjectAltName is present. |
+ EXPECT_EQ(0u, explanations.broken_explanations.size()); |
+} |
+ |
} // namespace |