| Eric Roman | e28b6027 | 2019-10-09 19:22:17 | [diff] [blame^] | 1 | // Copyright 2019 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "net/base/net_errors.h" |
| 6 | |
| 7 | #include "testing/gtest/include/gtest/gtest.h" |
| 8 | |
| 9 | namespace net { |
| 10 | |
| 11 | namespace { |
| 12 | |
| 13 | TEST(NetErrorsTest, IsCertificateError) { |
| 14 | // Positive tests. |
| 15 | EXPECT_TRUE(IsCertificateError(ERR_CERT_AUTHORITY_INVALID)); |
| 16 | EXPECT_TRUE(IsCertificateError(ERR_CERT_COMMON_NAME_INVALID)); |
| 17 | EXPECT_TRUE(IsCertificateError(ERR_CERT_CONTAINS_ERRORS)); |
| 18 | EXPECT_TRUE(IsCertificateError(ERR_CERT_DATE_INVALID)); |
| 19 | EXPECT_TRUE(IsCertificateError(ERR_CERTIFICATE_TRANSPARENCY_REQUIRED)); |
| 20 | EXPECT_TRUE(IsCertificateError(ERR_CERT_INVALID)); |
| 21 | EXPECT_TRUE(IsCertificateError(ERR_CERT_NAME_CONSTRAINT_VIOLATION)); |
| 22 | EXPECT_TRUE(IsCertificateError(ERR_CERT_NON_UNIQUE_NAME)); |
| 23 | EXPECT_TRUE(IsCertificateError(ERR_CERT_NO_REVOCATION_MECHANISM)); |
| 24 | EXPECT_TRUE(IsCertificateError(ERR_CERT_REVOKED)); |
| 25 | EXPECT_TRUE(IsCertificateError(ERR_CERT_SYMANTEC_LEGACY)); |
| 26 | EXPECT_TRUE(IsCertificateError(ERR_CERT_UNABLE_TO_CHECK_REVOCATION)); |
| 27 | EXPECT_TRUE(IsCertificateError(ERR_CERT_VALIDITY_TOO_LONG)); |
| 28 | EXPECT_TRUE(IsCertificateError(ERR_CERT_WEAK_KEY)); |
| 29 | EXPECT_TRUE(IsCertificateError(ERR_CERT_WEAK_SIGNATURE_ALGORITHM)); |
| 30 | EXPECT_TRUE(IsCertificateError(ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN)); |
| 31 | |
| 32 | // Negative tests. |
| 33 | EXPECT_FALSE(IsCertificateError(ERR_SSL_PROTOCOL_ERROR)); |
| 34 | EXPECT_FALSE(IsCertificateError(ERR_SSL_KEY_USAGE_INCOMPATIBLE)); |
| 35 | EXPECT_FALSE( |
| 36 | IsCertificateError(ERR_SSL_CLIENT_AUTH_PRIVATE_KEY_ACCESS_DENIED)); |
| 37 | EXPECT_FALSE(IsCertificateError(ERR_QUIC_CERT_ROOT_NOT_KNOWN)); |
| 38 | EXPECT_FALSE(IsCertificateError(ERR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY)); |
| 39 | EXPECT_FALSE(IsCertificateError(ERR_FAILED)); |
| 40 | EXPECT_FALSE(IsCertificateError(OK)); |
| 41 | |
| 42 | // Trigger a failure whenever ERR_CERT_END is changed, forcing developers to |
| 43 | // update this test. |
| 44 | EXPECT_EQ(ERR_CERT_END, -217) |
| 45 | << "It looks like you added a new certificate error code (" |
| 46 | << ErrorToString(ERR_CERT_END + 1) |
| 47 | << ").\n" |
| 48 | "\n" |
| 49 | "Because this code is between ERR_CERT_BEGIN and ERR_CERT_END, it " |
| 50 | "will be matched by net::IsCertificateError().\n" |
| 51 | "\n" |
| 52 | " (1) Please add a new test case to " |
| 53 | "NetErrorsTest.IsCertificateError()." |
| 54 | "\n" |
| 55 | " (2) Review the existing consumers of IsCertificateError(). " |
| 56 | "//content for instance has specialized handling of " |
| 57 | "IsCertificateError() that may need to be updated."; |
| 58 | } |
| 59 | |
| 60 | TEST(NetErrorsTest, IsClientCertificateError) { |
| 61 | // Positive tests. |
| 62 | EXPECT_TRUE(IsClientCertificateError(ERR_BAD_SSL_CLIENT_AUTH_CERT)); |
| 63 | EXPECT_TRUE( |
| 64 | IsClientCertificateError(ERR_SSL_CLIENT_AUTH_PRIVATE_KEY_ACCESS_DENIED)); |
| 65 | EXPECT_TRUE( |
| 66 | IsClientCertificateError(ERR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY)); |
| 67 | EXPECT_TRUE(IsClientCertificateError(ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED)); |
| 68 | EXPECT_TRUE( |
| 69 | IsClientCertificateError(ERR_SSL_CLIENT_AUTH_NO_COMMON_ALGORITHMS)); |
| 70 | |
| 71 | // Negative tests. |
| 72 | EXPECT_FALSE(IsClientCertificateError(ERR_CERT_REVOKED)); |
| 73 | EXPECT_FALSE(IsClientCertificateError(ERR_SSL_PROTOCOL_ERROR)); |
| 74 | EXPECT_FALSE(IsClientCertificateError(ERR_CERT_WEAK_KEY)); |
| 75 | } |
| 76 | |
| 77 | } // namespace |
| 78 | |
| 79 | } // namespace net |
