OLD | NEW |
(Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "ios/web/net/crw_cert_verification_controller.h" |
| 6 |
| 7 #include "base/mac/bind_objc_block.h" |
| 8 #include "base/message_loop/message_loop.h" |
| 9 #include "base/test/ios/wait_util.h" |
| 10 #include "ios/web/public/web_thread.h" |
| 11 #include "ios/web/test/web_test.h" |
| 12 #include "net/base/test_data_directory.h" |
| 13 #include "net/cert/mock_cert_verifier.h" |
| 14 #include "net/cert/x509_certificate.h" |
| 15 #include "net/test/cert_test_util.h" |
| 16 #include "net/url_request/url_request_context.h" |
| 17 #include "net/url_request/url_request_context_getter.h" |
| 18 |
| 19 namespace web { |
| 20 |
| 21 namespace { |
| 22 // Generated cert filename. |
| 23 const char kCertFileName[] = "ok_cert.pem"; |
| 24 // Test hostname for cert verification. |
| 25 NSString* const kHostName = @"www.example.com"; |
| 26 } // namespace |
| 27 |
| 28 // Test fixture to test CRWCertVerificationController class. |
| 29 class CRWCertVerificationControllerTest : public web::WebTest { |
| 30 protected: |
| 31 void SetUp() override { |
| 32 web::WebTest::SetUp(); |
| 33 |
| 34 web::BrowserState* browser_state = GetBrowserState(); |
| 35 net::URLRequestContextGetter* getter = browser_state->GetRequestContext(); |
| 36 web::WebThread::PostTask(web::WebThread::IO, FROM_HERE, base::BindBlock(^{ |
| 37 getter->GetURLRequestContext()->set_cert_verifier(&cert_verifier_); |
| 38 })); |
| 39 |
| 40 controller_.reset([[CRWCertVerificationController alloc] |
| 41 initWithBrowserState:browser_state]); |
| 42 cert_ = |
| 43 net::ImportCertFromFile(net::GetTestCertsDirectory(), kCertFileName); |
| 44 } |
| 45 |
| 46 void TearDown() override { |
| 47 [controller_ shutDown]; |
| 48 web::WebTest::TearDown(); |
| 49 } |
| 50 |
| 51 // Synchronously returns result of decidePolicyForCert:host:completionHandler: |
| 52 // call. |
| 53 void DecidePolicy(const scoped_refptr<net::X509Certificate>& cert, |
| 54 NSString* host, |
| 55 web::CertAcceptPolicy* policy, |
| 56 net::CertStatus* status) { |
| 57 __block bool completion_handler_called = false; |
| 58 [controller_ decidePolicyForCert:cert |
| 59 host:host |
| 60 completionHandler:^(web::CertAcceptPolicy callback_policy, |
| 61 net::CertStatus callback_status) { |
| 62 *policy = callback_policy; |
| 63 *status = callback_status; |
| 64 completion_handler_called = true; |
| 65 }]; |
| 66 base::test::ios::WaitUntilCondition(^{ |
| 67 return completion_handler_called; |
| 68 }, base::MessageLoop::current(), base::TimeDelta()); |
| 69 } |
| 70 |
| 71 scoped_refptr<net::X509Certificate> cert_; |
| 72 net::MockCertVerifier cert_verifier_; |
| 73 base::scoped_nsobject<CRWCertVerificationController> controller_; |
| 74 }; |
| 75 |
| 76 // Tests cert policy with a valid cert. |
| 77 TEST_F(CRWCertVerificationControllerTest, ValidCert) { |
| 78 net::CertVerifyResult verify_result; |
| 79 verify_result.cert_status = net::CERT_STATUS_NO_REVOCATION_MECHANISM; |
| 80 verify_result.verified_cert = cert_; |
| 81 cert_verifier_.AddResultForCertAndHost(cert_.get(), [kHostName UTF8String], |
| 82 verify_result, net::OK); |
| 83 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
| 84 net::CertStatus status; |
| 85 DecidePolicy(cert_, kHostName, &policy, &status); |
| 86 EXPECT_EQ(CERT_ACCEPT_POLICY_ALLOW, policy); |
| 87 EXPECT_EQ(verify_result.cert_status, status); |
| 88 } |
| 89 |
| 90 // Tests cert policy with an invalid cert. |
| 91 TEST_F(CRWCertVerificationControllerTest, InvalidCert) { |
| 92 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
| 93 net::CertStatus status; |
| 94 DecidePolicy(cert_, kHostName, &policy, &status); |
| 95 EXPECT_EQ(CERT_ACCEPT_POLICY_RECOVERABLE_ERROR, policy); |
| 96 } |
| 97 |
| 98 // Tests cert policy with null cert. |
| 99 TEST_F(CRWCertVerificationControllerTest, NullCert) { |
| 100 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
| 101 net::CertStatus status; |
| 102 DecidePolicy(nullptr, kHostName, &policy, &status); |
| 103 EXPECT_EQ(CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR, policy); |
| 104 } |
| 105 |
| 106 // Tests cert policy with null cert and null host. |
| 107 TEST_F(CRWCertVerificationControllerTest, NullHost) { |
| 108 web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
| 109 net::CertStatus status; |
| 110 DecidePolicy(cert_, nil, &policy, &status); |
| 111 EXPECT_EQ(CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR, policy); |
| 112 } |
| 113 |
| 114 } // namespace web |
OLD | NEW |