OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #import "ios/web/net/crw_cert_verification_controller.h" | 5 #import "ios/web/net/crw_cert_verification_controller.h" |
6 | 6 |
7 #import "base/mac/bind_objc_block.h" | 7 #import "base/mac/bind_objc_block.h" |
8 #import "base/mac/scoped_nsobject.h" | 8 #import "base/mac/foundation_util.h" |
Eugene But (OOO till 7-30)
2017/06/14 13:25:48
nit: s/import/include
marq (ping after 24h)
2017/06/14 13:36:12
Done.
| |
9 #include "base/message_loop/message_loop.h" | 9 #include "base/message_loop/message_loop.h" |
10 #import "base/test/ios/wait_util.h" | 10 #import "base/test/ios/wait_util.h" |
11 #include "ios/web/public/test/web_test.h" | 11 #include "ios/web/public/test/web_test.h" |
12 #include "ios/web/public/web_thread.h" | 12 #include "ios/web/public/web_thread.h" |
13 #import "ios/web/web_state/wk_web_view_security_util.h" | 13 #import "ios/web/web_state/wk_web_view_security_util.h" |
14 #include "net/cert/x509_certificate.h" | 14 #include "net/cert/x509_certificate.h" |
15 #include "net/cert/x509_util_ios_and_mac.h" | 15 #include "net/cert/x509_util_ios_and_mac.h" |
16 #include "net/test/cert_test_util.h" | 16 #include "net/test/cert_test_util.h" |
17 #include "net/test/test_data_directory.h" | 17 #include "net/test/test_data_directory.h" |
18 | 18 |
19 #if !defined(__has_feature) || !__has_feature(objc_arc) | |
20 #error "This file requires ARC support." | |
21 #endif | |
22 | |
19 namespace web { | 23 namespace web { |
20 | 24 |
21 namespace { | 25 namespace { |
22 // Generated cert filename. | 26 // Generated cert filename. |
23 const char kCertFileName[] = "ok_cert.pem"; | 27 const char kCertFileName[] = "ok_cert.pem"; |
24 // Test hostname for cert verification. | 28 // Test hostname for cert verification. |
25 NSString* const kHostName = @"www.example.com"; | 29 NSString* const kHostName = @"www.example.com"; |
26 } // namespace | 30 } // namespace |
27 | 31 |
28 // Test fixture to test CRWCertVerificationController class. | 32 // Test fixture to test CRWCertVerificationController class. |
29 class CRWCertVerificationControllerTest : public web::WebTest { | 33 class CRWCertVerificationControllerTest : public web::WebTest { |
30 protected: | 34 protected: |
31 void SetUp() override { | 35 void SetUp() override { |
32 web::WebTest::SetUp(); | 36 web::WebTest::SetUp(); |
33 | 37 |
34 controller_.reset([[CRWCertVerificationController alloc] | 38 controller_ = [[CRWCertVerificationController alloc] |
35 initWithBrowserState:GetBrowserState()]); | 39 initWithBrowserState:GetBrowserState()]; |
36 cert_ = | 40 cert_ = |
37 net::ImportCertFromFile(net::GetTestCertsDirectory(), kCertFileName); | 41 net::ImportCertFromFile(net::GetTestCertsDirectory(), kCertFileName); |
38 ASSERT_TRUE(cert_); | 42 ASSERT_TRUE(cert_); |
39 | 43 |
40 base::ScopedCFTypeRef<CFMutableArrayRef> chain( | 44 base::ScopedCFTypeRef<CFMutableArrayRef> chain( |
41 net::x509_util::CreateSecCertificateArrayForX509Certificate( | 45 net::x509_util::CreateSecCertificateArrayForX509Certificate( |
42 cert_.get())); | 46 cert_.get())); |
43 ASSERT_TRUE(chain); | 47 ASSERT_TRUE(chain); |
44 valid_trust_ = web::CreateServerTrustFromChain( | 48 valid_trust_ = web::CreateServerTrustFromChain( |
45 static_cast<NSArray*>(chain.get()), kHostName); | 49 base::mac::CFToNSCast(chain.get()), kHostName); |
46 web::EnsureFutureTrustEvaluationSucceeds(valid_trust_.get()); | 50 web::EnsureFutureTrustEvaluationSucceeds(valid_trust_.get()); |
47 invalid_trust_ = web::CreateServerTrustFromChain( | 51 invalid_trust_ = web::CreateServerTrustFromChain( |
48 static_cast<NSArray*>(chain.get()), kHostName); | 52 base::mac::CFToNSCast(chain.get()), kHostName); |
49 } | 53 } |
50 | 54 |
51 // Synchronously returns result of | 55 // Synchronously returns result of |
52 // decideLoadPolicyForTrust:host:completionHandler: call. | 56 // decideLoadPolicyForTrust:host:completionHandler: call. |
53 void DecidePolicy(const base::ScopedCFTypeRef<SecTrustRef>& trust, | 57 void DecidePolicy(const base::ScopedCFTypeRef<SecTrustRef>& trust, |
54 NSString* host, | 58 NSString* host, |
55 web::CertAcceptPolicy* policy, | 59 web::CertAcceptPolicy* policy, |
56 net::CertStatus* status) { | 60 net::CertStatus* status) { |
57 __block bool completion_handler_called = false; | 61 __block bool completion_handler_called = false; |
58 [controller_ | 62 [controller_ |
(...skipping 30 matching lines...) Expand all Loading... | |
89 base::test::ios::WaitUntilCondition( | 93 base::test::ios::WaitUntilCondition( |
90 ^{ | 94 ^{ |
91 return completion_handler_called; | 95 return completion_handler_called; |
92 }, | 96 }, |
93 true, base::TimeDelta()); | 97 true, base::TimeDelta()); |
94 } | 98 } |
95 | 99 |
96 scoped_refptr<net::X509Certificate> cert_; | 100 scoped_refptr<net::X509Certificate> cert_; |
97 base::ScopedCFTypeRef<SecTrustRef> valid_trust_; | 101 base::ScopedCFTypeRef<SecTrustRef> valid_trust_; |
98 base::ScopedCFTypeRef<SecTrustRef> invalid_trust_; | 102 base::ScopedCFTypeRef<SecTrustRef> invalid_trust_; |
99 base::scoped_nsobject<CRWCertVerificationController> controller_; | 103 CRWCertVerificationController* controller_; |
100 }; | 104 }; |
101 | 105 |
102 // Tests cert policy with a valid trust. | 106 // Tests cert policy with a valid trust. |
103 TEST_F(CRWCertVerificationControllerTest, PolicyForValidTrust) { | 107 TEST_F(CRWCertVerificationControllerTest, PolicyForValidTrust) { |
104 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; | 108 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
105 net::CertStatus status; | 109 net::CertStatus status; |
106 DecidePolicy(valid_trust_, kHostName, &policy, &status); | 110 DecidePolicy(valid_trust_, kHostName, &policy, &status); |
107 EXPECT_EQ(CERT_ACCEPT_POLICY_ALLOW, policy); | 111 EXPECT_EQ(CERT_ACCEPT_POLICY_ALLOW, policy); |
108 EXPECT_FALSE(status); | 112 EXPECT_FALSE(status); |
109 } | 113 } |
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
183 SecurityStyle style = SECURITY_STYLE_UNKNOWN; | 187 SecurityStyle style = SECURITY_STYLE_UNKNOWN; |
184 net::CertStatus status = net::CERT_STATUS_ALL_ERRORS; | 188 net::CertStatus status = net::CERT_STATUS_ALL_ERRORS; |
185 | 189 |
186 QueryStatus(invalid_trust_, kHostName, &style, &status); | 190 QueryStatus(invalid_trust_, kHostName, &style, &status); |
187 EXPECT_EQ(SECURITY_STYLE_AUTHENTICATION_BROKEN, style); | 191 EXPECT_EQ(SECURITY_STYLE_AUTHENTICATION_BROKEN, style); |
188 EXPECT_TRUE(net::CERT_STATUS_AUTHORITY_INVALID & status); | 192 EXPECT_TRUE(net::CERT_STATUS_AUTHORITY_INVALID & status); |
189 EXPECT_TRUE(net::CERT_STATUS_COMMON_NAME_INVALID & status); | 193 EXPECT_TRUE(net::CERT_STATUS_COMMON_NAME_INVALID & status); |
190 } | 194 } |
191 | 195 |
192 } // namespace web | 196 } // namespace web |
OLD | NEW |