OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #import "ios/web/web_state/wk_web_view_security_util.h" | 5 #import "ios/web/web_state/wk_web_view_security_util.h" |
6 | 6 |
7 #import <Foundation/Foundation.h> | 7 #import <Foundation/Foundation.h> |
8 #include <Security/Security.h> | 8 #include <Security/Security.h> |
9 | 9 |
10 #include <memory> | 10 #include <memory> |
11 | 11 |
12 #include "base/mac/foundation_util.h" | |
12 #include "base/mac/scoped_cftyperef.h" | 13 #include "base/mac/scoped_cftyperef.h" |
13 #include "crypto/rsa_private_key.h" | 14 #include "crypto/rsa_private_key.h" |
14 #include "net/cert/x509_cert_types.h" | 15 #include "net/cert/x509_cert_types.h" |
15 #include "net/cert/x509_certificate.h" | 16 #include "net/cert/x509_certificate.h" |
16 #include "net/cert/x509_util.h" | 17 #include "net/cert/x509_util.h" |
17 #include "net/cert/x509_util_ios.h" | 18 #include "net/cert/x509_util_ios.h" |
18 #include "net/ssl/ssl_info.h" | 19 #include "net/ssl/ssl_info.h" |
19 #include "testing/gtest/include/gtest/gtest.h" | 20 #include "testing/gtest/include/gtest/gtest.h" |
20 #import "testing/gtest_mac.h" | 21 #import "testing/gtest_mac.h" |
21 #include "testing/platform_test.h" | 22 #include "testing/platform_test.h" |
22 | 23 |
24 #if !defined(__has_feature) || !__has_feature(objc_arc) | |
25 #error "This file requires ARC support." | |
26 #endif | |
27 | |
23 namespace web { | 28 namespace web { |
24 namespace { | 29 namespace { |
25 // Subject for testing self-signed certificate. | 30 // Subject for testing self-signed certificate. |
26 const char kTestSubject[] = "self-signed"; | 31 const char kTestSubject[] = "self-signed"; |
27 // Hostname for testing SecTrustRef objects. | 32 // Hostname for testing SecTrustRef objects. |
28 NSString* const kTestHost = @"www.example.com"; | 33 NSString* const kTestHost = @"www.example.com"; |
29 | 34 |
30 // Returns an autoreleased certificate chain for testing. Chain will contain a | 35 // Returns an autoreleased certificate chain for testing. Chain will contain a |
31 // single self-signed cert with |subject| as a subject. | 36 // single self-signed cert with |subject| as a subject. |
32 NSArray* MakeTestCertChain(const std::string& subject) { | 37 NSArray* MakeTestCertChain(const std::string& subject) { |
33 std::unique_ptr<crypto::RSAPrivateKey> private_key; | 38 std::unique_ptr<crypto::RSAPrivateKey> private_key; |
34 std::string der_cert; | 39 std::string der_cert; |
35 net::x509_util::CreateKeyAndSelfSignedCert( | 40 net::x509_util::CreateKeyAndSelfSignedCert( |
36 "CN=" + subject, 1, base::Time::Now(), | 41 "CN=" + subject, 1, base::Time::Now(), |
37 base::Time::Now() + base::TimeDelta::FromDays(1), &private_key, | 42 base::Time::Now() + base::TimeDelta::FromDays(1), &private_key, |
38 &der_cert); | 43 &der_cert); |
39 | 44 |
40 base::ScopedCFTypeRef<SecCertificateRef> cert( | 45 base::ScopedCFTypeRef<SecCertificateRef> cert( |
41 net::x509_util::CreateSecCertificateFromBytes( | 46 net::x509_util::CreateSecCertificateFromBytes( |
42 reinterpret_cast<const uint8_t*>(der_cert.data()), der_cert.size())); | 47 reinterpret_cast<const uint8_t*>(der_cert.data()), der_cert.size())); |
43 if (!cert) | 48 if (!cert) |
44 return nullptr; | 49 return nullptr; |
45 NSArray* result = @[ reinterpret_cast<id>(cert.get()) ]; | 50 NSArray* result = @[ (__bridge id)cert.get() ]; |
Eugene But (OOO till 7-30)
2017/06/14 13:34:02
Optional nit: Consider dropping |result| local.
marq (ping after 24h)
2017/06/14 14:18:23
Done.
| |
46 return result; | 51 return result; |
47 } | 52 } |
48 | 53 |
49 // Returns an autoreleased dictionary, which represents NSError's user info for | 54 // Returns an autoreleased dictionary, which represents NSError's user info for |
50 // testing. | 55 // testing. |
51 NSDictionary* MakeTestSSLCertErrorUserInfo() { | 56 NSDictionary* MakeTestSSLCertErrorUserInfo() { |
52 return @{ | 57 return @{ |
53 web::kNSErrorPeerCertificateChainKey : MakeTestCertChain(kTestSubject), | 58 web::kNSErrorPeerCertificateChainKey : MakeTestCertChain(kTestSubject), |
54 }; | 59 }; |
55 } | 60 } |
56 | 61 |
57 // Returns SecTrustRef object for testing. | 62 // Returns SecTrustRef object for testing. |
58 base::ScopedCFTypeRef<SecTrustRef> CreateTestTrust(NSArray* cert_chain) { | 63 base::ScopedCFTypeRef<SecTrustRef> CreateTestTrust(NSArray* cert_chain) { |
59 base::ScopedCFTypeRef<SecPolicyRef> policy(SecPolicyCreateBasicX509()); | 64 base::ScopedCFTypeRef<SecPolicyRef> policy(SecPolicyCreateBasicX509()); |
60 SecTrustRef trust = nullptr; | 65 SecTrustRef trust = nullptr; |
61 SecTrustCreateWithCertificates(cert_chain, policy, &trust); | 66 SecTrustCreateWithCertificates(base::mac::NSToCFCast(cert_chain), policy, |
67 &trust); | |
62 return base::ScopedCFTypeRef<SecTrustRef>(trust); | 68 return base::ScopedCFTypeRef<SecTrustRef>(trust); |
63 } | 69 } |
64 | 70 |
65 } // namespace | 71 } // namespace |
66 | 72 |
67 // Test class for wk_web_view_security_util functions. | 73 // Test class for wk_web_view_security_util functions. |
68 typedef PlatformTest WKWebViewSecurityUtilTest; | 74 typedef PlatformTest WKWebViewSecurityUtilTest; |
69 | 75 |
70 // Tests CreateCertFromChain with self-signed cert. | 76 // Tests CreateCertFromChain with self-signed cert. |
71 TEST_F(WKWebViewSecurityUtilTest, CreationCertFromChain) { | 77 TEST_F(WKWebViewSecurityUtilTest, CreationCertFromChain) { |
(...skipping 209 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
281 GetSecurityStyleFromTrustResult(kSecTrustResultUnspecified)); | 287 GetSecurityStyleFromTrustResult(kSecTrustResultUnspecified)); |
282 } | 288 } |
283 | 289 |
284 // Tests GetSecurityStyleFromTrustResult with invalid SecTrustResultType result. | 290 // Tests GetSecurityStyleFromTrustResult with invalid SecTrustResultType result. |
285 TEST_F(WKWebViewSecurityUtilTest, GetSecurityStyleFromInvalidResult) { | 291 TEST_F(WKWebViewSecurityUtilTest, GetSecurityStyleFromInvalidResult) { |
286 EXPECT_EQ(SECURITY_STYLE_UNKNOWN, | 292 EXPECT_EQ(SECURITY_STYLE_UNKNOWN, |
287 GetSecurityStyleFromTrustResult(kSecTrustResultInvalid)); | 293 GetSecurityStyleFromTrustResult(kSecTrustResultInvalid)); |
288 } | 294 } |
289 | 295 |
290 } // namespace web | 296 } // namespace web |
OLD | NEW |