QUIC - cleanup changes to sync chromium tree with internal source.
[chromium-blink-merge.git] / ios / web / net / cert_policy_unittest.cc
blob47d2f25b2ac6d1e2f5e7e07d8d2389ac01296745
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "ios/web/public/cert_policy.h"
7 #include "base/memory/ref_counted.h"
8 #include "net/cert/x509_certificate.h"
9 #include "net/test/test_certificate_data.h"
10 #include "testing/gtest/include/gtest/gtest.h"
12 namespace web {
14 TEST(CertPolicyTest, Policy) {
15 scoped_refptr<net::X509Certificate> google_cert(
16 net::X509Certificate::CreateFromBytes(
17 reinterpret_cast<const char*>(google_der), sizeof(google_der)));
19 scoped_refptr<net::X509Certificate> webkit_cert(
20 net::X509Certificate::CreateFromBytes(
21 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der)));
23 CertPolicy policy;
25 // To begin with, everything should be unknown.
26 EXPECT_EQ(CertPolicy::UNKNOWN,
27 policy.Check(google_cert.get(), net::CERT_STATUS_DATE_INVALID));
28 EXPECT_EQ(
29 CertPolicy::UNKNOWN,
30 policy.Check(webkit_cert.get(), net::CERT_STATUS_COMMON_NAME_INVALID));
32 // Test adding one certificate with one error.
33 policy.Allow(google_cert.get(), net::CERT_STATUS_DATE_INVALID);
34 EXPECT_EQ(CertPolicy::ALLOWED,
35 policy.Check(google_cert.get(), net::CERT_STATUS_DATE_INVALID));
36 EXPECT_EQ(
37 CertPolicy::UNKNOWN,
38 policy.Check(google_cert.get(), net::CERT_STATUS_COMMON_NAME_INVALID));
39 EXPECT_EQ(CertPolicy::UNKNOWN,
40 policy.Check(google_cert.get(),
41 net::CERT_STATUS_DATE_INVALID |
42 net::CERT_STATUS_COMMON_NAME_INVALID));
43 EXPECT_EQ(
44 CertPolicy::UNKNOWN,
45 policy.Check(webkit_cert.get(), net::CERT_STATUS_COMMON_NAME_INVALID));
47 // Test saving the same certificate with a new error.
48 policy.Allow(google_cert.get(), net::CERT_STATUS_AUTHORITY_INVALID);
49 EXPECT_EQ(CertPolicy::UNKNOWN,
50 policy.Check(google_cert.get(), net::CERT_STATUS_DATE_INVALID));
51 EXPECT_EQ(
52 CertPolicy::ALLOWED,
53 policy.Check(google_cert.get(), net::CERT_STATUS_AUTHORITY_INVALID));
54 EXPECT_EQ(
55 CertPolicy::UNKNOWN,
56 policy.Check(webkit_cert.get(), net::CERT_STATUS_COMMON_NAME_INVALID));
58 // Test adding one certificate with two errors.
59 policy.Allow(
60 google_cert.get(),
61 net::CERT_STATUS_DATE_INVALID | net::CERT_STATUS_AUTHORITY_INVALID);
62 EXPECT_EQ(CertPolicy::ALLOWED,
63 policy.Check(google_cert.get(), net::CERT_STATUS_DATE_INVALID));
64 EXPECT_EQ(
65 CertPolicy::ALLOWED,
66 policy.Check(google_cert.get(), net::CERT_STATUS_AUTHORITY_INVALID));
67 EXPECT_EQ(
68 CertPolicy::UNKNOWN,
69 policy.Check(google_cert.get(), net::CERT_STATUS_COMMON_NAME_INVALID));
70 EXPECT_EQ(
71 CertPolicy::UNKNOWN,
72 policy.Check(webkit_cert.get(), net::CERT_STATUS_COMMON_NAME_INVALID));
75 } // namespace web