// Copyright 2018 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "content/browser/web_package/signed_exchange_handler.h" #include <string_view> #include <utility> #include "base/files/file_path.h" #include "base/files/file_util.h" #include "base/functional/bind.h" #include "base/functional/callback.h" #include "base/memory/raw_ptr.h" #include "base/path_service.h" #include "base/task/sequenced_task_runner.h" #include "base/test/metrics/histogram_tester.h" #include "base/test/scoped_feature_list.h" #include "base/time/time.h" #include "content/browser/renderer_host/frame_tree_node.h" #include "content/browser/web_package/signed_exchange_cert_fetcher_factory.h" #include "content/browser/web_package/signed_exchange_devtools_proxy.h" #include "content/browser/web_package/signed_exchange_signature_verifier.h" #include "content/browser/web_package/signed_exchange_test_utils.h" #include "content/browser/web_package/signed_exchange_utils.h" #include "content/public/browser/content_browser_client.h" #include "content/public/common/content_client.h" #include "content/public/common/content_paths.h" #include "content/public/test/browser_task_environment.h" #include "mojo/public/cpp/bindings/remote.h" #include "net/base/features.h" #include "net/base/io_buffer.h" #include "net/base/load_flags.h" #include "net/base/network_anonymization_key.h" #include "net/base/test_completion_callback.h" #include "net/cert/ct_policy_enforcer.h" #include "net/cert/mock_cert_verifier.h" #include "net/cert/sct_auditing_delegate.h" #include "net/cert/signed_certificate_timestamp_and_status.h" #include "net/filter/mock_source_stream.h" #include "net/http/transport_security_state.h" #include "net/test/cert_test_util.h" #include "net/test/test_data_directory.h" #include "net/url_request/url_request_context.h" #include "net/url_request/url_request_context_builder.h" #include "net/url_request/url_request_test_util.h" #include "services/network/network_context.h" #include "services/network/public/cpp/network_service_buildflags.h" #include "services/network/public/cpp/network_switches.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" #include "third_party/blink/public/common/web_package/web_package_request_matcher.h" _; DoAll; ElementsAre; Property; Return; SetArgPointee; Truly; namespace content { namespace { const uint64_t kSignatureHeaderDate = …; // 2019-07-28T00:00:00Z const uint64_t kCertValidityPeriodEnforcementDate = …; // 2019-08-01T00:00:00Z const int kOutputBufferSize = …; constexpr char kTestSxgInnerURL[] = …; bool IsCTSupported() { … } // "wildcard_example.org.public.pem.cbor" has dummy data in its "ocsp" field. constexpr std::string_view kDummyOCSPDer = …; class TestBrowserClient : public ContentBrowserClient { … }; std::string GetTestFileContents(std::string_view name) { … } scoped_refptr<net::X509Certificate> LoadCertificate( const std::string& cert_file) { … } class MockSignedExchangeCertFetcherFactory : public SignedExchangeCertFetcherFactory { … }; class GMockCertVerifier : public net::CertVerifier { … }; class MockSCTAuditingDelegate : public net::SCTAuditingDelegate { … }; // Matcher to compare two net::X509Certificates MATCHER_P(CertEqualsIncludingChain, cert, "") { … } } // namespace class SignedExchangeHandlerTest : public ::testing::TestWithParam<net::MockSourceStream::Mode> { … }; TEST_P(SignedExchangeHandlerTest, Empty) { … } TEST_P(SignedExchangeHandlerTest, Simple) { … } TEST_P(SignedExchangeHandlerTest, MimeType) { … } TEST_P(SignedExchangeHandlerTest, AdditionalContentEncodingShouldBeRejected) { … } TEST_P(SignedExchangeHandlerTest, HeaderParseError) { … } TEST_P(SignedExchangeHandlerTest, TruncatedAfterFallbackUrl) { … } TEST_P(SignedExchangeHandlerTest, CertWithoutExtensionShouldBeRejected) { … } TEST_P(SignedExchangeHandlerTest, CertValidMoreThan90DaysShouldBeRejected) { … } TEST_P(SignedExchangeHandlerTest, CertValidMoreThan90DaysShouldBeAllowedByIgnoreErrorsSPKIListFlag) { … } TEST_P(SignedExchangeHandlerTest, CertWithoutExtensionAllowedByIgnoreErrorsSPKIListFlag) { … } TEST_P(SignedExchangeHandlerTest, CertSha256Mismatch) { … } TEST_P(SignedExchangeHandlerTest, VerifyCertFailure) { … } TEST_P(SignedExchangeHandlerTest, OCSPNotChecked) { … } TEST_P(SignedExchangeHandlerTest, OCSPNotProvided) { … } TEST_P(SignedExchangeHandlerTest, OCSPInvalid) { … } TEST_P(SignedExchangeHandlerTest, OCSPRevoked) { … } // Test that fetching a signed exchange properly extracts and // attempts to verify both the certificate and the OCSP response. TEST_P(SignedExchangeHandlerTest, CertVerifierParams) { … } TEST_P(SignedExchangeHandlerTest, NotEnoughSCTsFromPubliclyTrustedCert) { … } TEST_P(SignedExchangeHandlerTest, CTRequirementsMetForPubliclyTrustedCert) { … } TEST_P(SignedExchangeHandlerTest, CTNotRequiredForLocalAnchors) { … } // Test that SignedExchangeHandler calls CTPolicyEnforcer with appropriate // arguments. TEST_P(SignedExchangeHandlerTest, CTVerifierParams) { … } // Test that SignedExchangeHandler calls SCTAuditingDelegate to enqueue reports. TEST_P(SignedExchangeHandlerTest, SCTAuditingReportEnqueued) { … } INSTANTIATE_TEST_SUITE_P(…); } // namespace content
Codebase Browser
chromium