// Copyright 2022 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "chrome/browser/component_updater/pki_metadata_component_installer.h" #include <cstdint> #include <memory> #include <string> #include <utility> #include <vector> #include "base/base64.h" #include "base/functional/callback_forward.h" #include "base/memory/raw_ptr.h" #include "base/memory/scoped_refptr.h" #include "base/run_loop.h" #include "base/test/scoped_feature_list.h" #include "base/threading/thread_restrictions.h" #include "chrome/browser/browser_features.h" #include "chrome/browser/net/system_network_context_manager.h" #include "chrome/common/chrome_switches.h" #include "chrome/test/base/chrome_test_utils.h" #include "chrome/test/base/in_process_browser_test.h" #include "chrome/test/base/ui_test_utils.h" #include "components/certificate_transparency/certificate_transparency_config.pb.h" #include "content/public/browser/network_service_util.h" #include "content/public/test/browser_test.h" #include "content/public/test/browser_test_utils.h" #include "crypto/ec_private_key.h" #include "crypto/sha2.h" #include "net/cert/test_root_certs.h" #include "net/cert/x509_certificate.h" #include "net/dns/mock_host_resolver.h" #include "net/net_buildflags.h" #include "net/test/cert_test_util.h" #include "net/test/embedded_test_server/embedded_test_server.h" #include "testing/gtest/include/gtest/gtest.h" #if BUILDFLAG(CHROME_ROOT_STORE_SUPPORTED) #include "chrome/browser/ssl/ssl_browsertest_util.h" #include "net/base/features.h" #include "net/cert/internal/trust_store_chrome.h" #include "net/cert/x509_util.h" #include "net/test/cert_builder.h" #endif namespace { enum class CTEnforcement { … }; int64_t SecondsSinceEpoch(base::Time t) { … } } // namespace namespace component_updater { // TODO(crbug.com/341136041): add tests for pinning enforcement. class PKIMetadataComponentUpdaterTest : public InProcessBrowserTest, public testing::WithParamInterface<CTEnforcement>, public PKIMetadataComponentInstallerService::Observer { … }; // Tests that the PKI Metadata configuration is recovered after a network // service restart. IN_PROC_BROWSER_TEST_P(PKIMetadataComponentUpdaterTest, ReloadsPKIMetadataConfigAfterCrash) { … } IN_PROC_BROWSER_TEST_P(PKIMetadataComponentUpdaterTest, TestCTUpdate) { … } INSTANTIATE_TEST_SUITE_P(…); #if BUILDFLAG(CHROME_ROOT_STORE_SUPPORTED) class PKIMetadataComponentChromeRootStoreUpdateTest : public InProcessBrowserTest, public PKIMetadataComponentInstallerService::Observer { … }; IN_PROC_BROWSER_TEST_F(PKIMetadataComponentChromeRootStoreUpdateTest, CheckCRSUpdate) { … } // Similar to CheckCRSUpdate, except using the same hostname for all requests. // This tests whether the CRS update causes cached verification results to be // disregarded. IN_PROC_BROWSER_TEST_F(PKIMetadataComponentChromeRootStoreUpdateTest, CheckCRSUpdateAffectsCachedVerifications) { … } // Test suite for tests that depend on both Certificate Transparency and Chrome // Root Store updates. class PKIMetadataComponentCtAndCrsUpdaterTest : public InProcessBrowserTest, public testing::WithParamInterface<CTEnforcement>, public PKIMetadataComponentInstallerService::Observer { … }; IN_PROC_BROWSER_TEST_P(PKIMetadataComponentCtAndCrsUpdaterTest, TestChromeRootStoreConstraintsSct) { … } INSTANTIATE_TEST_SUITE_P(…); // TODO(crbug.com/40816087) additional Chrome Root Store browser tests to // add: // // * Test that AIA fetching still works after updating CRS. #endif // BUILDFLAG(CHROME_ROOT_STORE_SUPPORTED) } // namespace component_updater
Codebase Browser
chromium