| // Copyright 2019 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "net/base/net_errors.h" |
| |
| #include "testing/gtest/include/gtest/gtest.h" |
| |
| namespace net { |
| |
| namespace { |
| |
| TEST(NetErrorsTest, IsCertificateError) { |
| // Positive tests. |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_AUTHORITY_INVALID)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_COMMON_NAME_INVALID)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_CONTAINS_ERRORS)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_DATE_INVALID)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERTIFICATE_TRANSPARENCY_REQUIRED)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_INVALID)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_NAME_CONSTRAINT_VIOLATION)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_NON_UNIQUE_NAME)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_NO_REVOCATION_MECHANISM)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_REVOKED)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_SYMANTEC_LEGACY)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_UNABLE_TO_CHECK_REVOCATION)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_VALIDITY_TOO_LONG)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_WEAK_KEY)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_WEAK_SIGNATURE_ALGORITHM)); |
| EXPECT_TRUE(IsCertificateError(ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN)); |
| EXPECT_TRUE(IsCertificateError(ERR_CERT_KNOWN_INTERCEPTION_BLOCKED)); |
| |
| // Negative tests. |
| EXPECT_FALSE(IsCertificateError(ERR_SSL_PROTOCOL_ERROR)); |
| EXPECT_FALSE(IsCertificateError(ERR_SSL_KEY_USAGE_INCOMPATIBLE)); |
| EXPECT_FALSE( |
| IsCertificateError(ERR_SSL_CLIENT_AUTH_PRIVATE_KEY_ACCESS_DENIED)); |
| EXPECT_FALSE(IsCertificateError(ERR_QUIC_CERT_ROOT_NOT_KNOWN)); |
| EXPECT_FALSE(IsCertificateError(ERR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY)); |
| EXPECT_FALSE(IsCertificateError(ERR_FAILED)); |
| EXPECT_FALSE(IsCertificateError(OK)); |
| |
| // Trigger a failure whenever ERR_CERT_END is changed, forcing developers to |
| // update this test. |
| EXPECT_EQ(ERR_CERT_END, -219) |
| << "It looks like you added a new certificate error code (" |
| << ErrorToString(ERR_CERT_END + 1) |
| << ").\n" |
| "\n" |
| "Because this code is between ERR_CERT_BEGIN and ERR_CERT_END, it " |
| "will be matched by net::IsCertificateError().\n" |
| "\n" |
| " (1) Please add a new test case to " |
| "NetErrorsTest.IsCertificateError()." |
| "\n" |
| " (2) Review the existing consumers of IsCertificateError(). " |
| "//content for instance has specialized handling of " |
| "IsCertificateError() that may need to be updated."; |
| } |
| |
| TEST(NetErrorsTest, IsClientCertificateError) { |
| // Positive tests. |
| EXPECT_TRUE(IsClientCertificateError(ERR_BAD_SSL_CLIENT_AUTH_CERT)); |
| EXPECT_TRUE( |
| IsClientCertificateError(ERR_SSL_CLIENT_AUTH_PRIVATE_KEY_ACCESS_DENIED)); |
| EXPECT_TRUE( |
| IsClientCertificateError(ERR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY)); |
| EXPECT_TRUE(IsClientCertificateError(ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED)); |
| EXPECT_TRUE( |
| IsClientCertificateError(ERR_SSL_CLIENT_AUTH_NO_COMMON_ALGORITHMS)); |
| |
| // Negative tests. |
| EXPECT_FALSE(IsClientCertificateError(ERR_CERT_REVOKED)); |
| EXPECT_FALSE(IsClientCertificateError(ERR_SSL_PROTOCOL_ERROR)); |
| EXPECT_FALSE(IsClientCertificateError(ERR_CERT_WEAK_KEY)); |
| } |
| |
| } // namespace |
| |
| } // namespace net |
