1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_CERT_MOCK_CERT_VERIFIER_H_
6#define NET_CERT_MOCK_CERT_VERIFIER_H_
7
8#include <list>
9
10#include "net/cert/cert_verifier.h"
11#include "net/cert/cert_verify_result.h"
12
13namespace net {
14
15class MockCertVerifier : public CertVerifier {
16 public:
17  // Creates a new MockCertVerifier. By default, any call to Verify() will
18  // result in the cert status being flagged as CERT_STATUS_INVALID and return
19  // an ERR_CERT_INVALID network error code. This behaviour can be overridden
20  // by calling set_default_result() to change the default return value for
21  // Verify() or by calling one of the AddResult*() methods to specifically
22  // handle a certificate or certificate and host.
23  MockCertVerifier();
24
25  virtual ~MockCertVerifier();
26
27  // CertVerifier implementation
28  virtual int Verify(X509Certificate* cert,
29                     const std::string& hostname,
30                     int flags,
31                     CRLSet* crl_set,
32                     CertVerifyResult* verify_result,
33                     const CompletionCallback& callback,
34                     RequestHandle* out_req,
35                     const BoundNetLog& net_log) OVERRIDE;
36  virtual void CancelRequest(RequestHandle req) OVERRIDE;
37
38  // Sets the default return value for Verify() for certificates/hosts that do
39  // not have explicit results added via the AddResult*() methods.
40  void set_default_result(int default_result) {
41    default_result_ = default_result;
42  }
43
44  // Adds a rule that will cause any call to Verify() for |cert| to return rv,
45  // copying |verify_result| into the verified result.
46  // Note: Only the primary certificate of |cert| is checked. Any intermediate
47  // certificates will be ignored.
48  void AddResultForCert(X509Certificate* cert,
49                        const CertVerifyResult& verify_result,
50                        int rv);
51
52  // Same as AddResultForCert(), but further restricts it to only return for
53  // hostnames that match |host_pattern|.
54  void AddResultForCertAndHost(X509Certificate* cert,
55                               const std::string& host_pattern,
56                               const CertVerifyResult& verify_result,
57                               int rv);
58
59 private:
60  struct Rule;
61  typedef std::list<Rule> RuleList;
62
63  int default_result_;
64  RuleList rules_;
65};
66
67}  // namespace net
68
69#endif  // NET_CERT_MOCK_CERT_VERIFIER_H_
70