// Copyright 2020 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include <memory> #include <optional> #include <string> #include <string_view> #include <vector> #include "services/network/public/mojom/trust_tokens.mojom-shared.h" #include "services/network/trust_tokens/boringssl_trust_token_issuance_cryptographer.h" #include "services/network/trust_tokens/boringssl_trust_token_redemption_cryptographer.h" #include "services/network/trust_tokens/boringssl_trust_token_test_utils.h" #include "testing/gtest/include/gtest/gtest.h" #include "third_party/boringssl/src/include/openssl/base.h" #include "third_party/boringssl/src/include/openssl/trust_token.h" #include "url/gurl.h" #include "url/origin.h" // These integration tests confirm that BoringsslTrustToken{Issuance, // Redemption}Cryptographer are capable of completing an end-to-end // issuance-and-redemption flow against the server-side BoringSSL issuer logic. namespace network { namespace { const mojom::TrustTokenProtocolVersion kProtocolVersion = …; // Choose this number to be > 1 but fairly small: setting it to 10 // led to the test running for 2.5 sec on a debug build. constexpr size_t kNumTokensToRequest = …; std::string_view as_string(base::span<const uint8_t> bytes) { … } std::string_view as_string(const std::vector<uint8_t>& bytes) { … } // If RequestManyTokensAndRetainOneArbitrarily doesn't throw a fatal failure, // then issuance succeeded and |out_token|'s now contains a token // suitable for performing a redemption (with the same issuer keys). // // The issuer-side logic will use |key_with_which_to_issue| to issue the token; // this must be a reference to a member of |keys.token_keys|. // // Note: This method returns void so that it's possible to ASSERT inside it. void RequestManyTokensAndRetainOneArbitrarily( const TestTrustTokenIssuer& issuer, const TestTrustTokenIssuer::VerificationKey& key_with_which_to_issue, TrustToken* out_token) { … } // Uses a RedemptionCryptographer to construct a redemption request wrapping // |token_to_redeem|; verifies that the server-side BoringSSL redemption code // accepts the redemption request, and that the RedemptionCryptographer // correctly handles the corresponding redemption response. void RedeemSingleToken(const TestTrustTokenIssuer& issuer, const TrustToken& token_to_redeem) { … } } // namespace TEST(TrustTokenCryptographersTest, IssuanceAndRedemption) { … } TEST(TrustTokenCryptographersTest, IssuanceAndRedemptionWithMultipleKeys) { … } } // namespace network
Codebase Browser
chromium