// Copyright 2020 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include <memory> #include <string_view> #include "base/task/current_thread.h" #include "build/build_config.h" #include "chrome/browser/browser_process.h" #include "chrome/browser/net/system_network_context_manager.h" #include "chrome/browser/policy/chrome_browser_policy_connector.h" #include "chrome/browser/ssl/ssl_browsertest_util.h" #include "chrome/browser/ui/browser.h" #include "chrome/common/pref_names.h" #include "chrome/test/base/chrome_test_utils.h" #include "chrome/test/base/in_process_browser_test.h" #include "chrome/test/base/ui_test_utils.h" #include "components/policy/core/common/mock_configuration_policy_provider.h" #include "components/policy/policy_constants.h" #include "components/prefs/pref_service.h" #include "components/security_interstitials/content/ssl_error_handler.h" #include "content/public/browser/navigation_entry.h" #include "content/public/browser/network_service_instance.h" #include "content/public/browser/network_service_util.h" #include "content/public/browser/ssl_status.h" #include "content/public/test/browser_test.h" #include "net/cert/ev_root_ca_metadata.h" #include "net/dns/mock_host_resolver.h" #include "net/net_buildflags.h" #include "net/test/cert_test_util.h" #include "net/test/embedded_test_server/embedded_test_server.h" #include "net/test/test_data_directory.h" #include "services/network/public/cpp/features.h" #include "services/network/public/mojom/ssl_config.mojom.h" #include "third_party/blink/public/common/features.h" AuthState; namespace { // The test EV policy OID used for generated certs. static const char kOCSPTestCertPolicy[] = …; } // namespace class OCSPBrowserTest : public InProcessBrowserTest, public network::mojom::SSLConfigClient { … }; // Visits a page with revocation checking set to the default value (disabled) // and a revoked OCSP response. IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPRevokedButNotChecked) { … } // Visits a page with revocation checking enabled and a valid OCSP response. IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPOk) { … } // Visits a page with revocation checking enabled and a revoked OCSP response. IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPRevoked) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPInvalid) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPIntermediateValid) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPIntermediateResponseOldButStillValid) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPIntermediateResponseTooOldKnownRoot) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPIntermediateResponseTooOld) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPIntermediateRevoked) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPValidStapled) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPRevokedStapled) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPOldStapledAndInvalidAIA) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, TestHTTPSOCSPOldStapledButValidAIA) { … } #if BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_LINUX) || \ BUILDFLAG(CHROME_ROOT_STORE_SUPPORTED) IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, HardFailOnOCSPInvalid) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, HardFailOCSPInvalidUseStapled) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, HardFailTestHTTPSOCSPOldStapledAndInvalidAIA) { … } IN_PROC_BROWSER_TEST_F(OCSPBrowserTest, HardFailTestHTTPSOCSPOldStapledButValidAIA) { … } #endif // BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_LINUX) || \ // BUILDFLAG(CHROME_ROOT_STORE_SUPPORTED) class EVBrowserTest : public OCSPBrowserTest { … }; IN_PROC_BROWSER_TEST_F(EVBrowserTest, TestHTTPSEVNoPolicySet) { … } IN_PROC_BROWSER_TEST_F(EVBrowserTest, TestHTTPSEVNoOCSPCheck) { … } // Test EV checking when revocation checking is explicitly enabled and we have a // revoked OCSP response. IN_PROC_BROWSER_TEST_F(EVBrowserTest, TestHTTPSOCSPRevoked) { … }
Codebase Browser
chromium