search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Probably broke Win7 Tests (dbg)(6). http://build.chromium.org/p/chromium.win/builders...
[chromium-blink-merge.git] / net / http / disk_based_cert_cache_unittest.cc
blob435b8750d680d685b9e2a08ab6ff4de8061f73bc
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/disk_based_cert_cache.h"
6
7 #include "base/bind.h"
8 #include "base/callback_helpers.h"
9 #include "net/base/completion_callback.h"
10 #include "net/base/io_buffer.h"
11 #include "net/base/net_errors.h"
12 #include "net/base/test_completion_callback.h"
13 #include "net/base/test_data_directory.h"
14 #include "net/disk_cache/memory/mem_backend_impl.h"
15 #include "net/http/mock_http_cache.h"
16 #include "net/test/cert_test_util.h"
17 #include "testing/gtest/include/gtest/gtest.h"
18
19 namespace net {
20
21 namespace {
22
23 // Testing the DiskBasedCertCache requires constant use of the
24 // certificates in GetTestCertsDirectory(). The TestCertMetaData
25 // struct stores metadata relevant to the DiskBasedCertCache for
26 // each used test certificate.
27 struct TestCertMetaData {
28 const char* file_name;
29 const char* cache_key;
30 };
31
32 const TestCertMetaData kCert1 = {
33 "root_ca_cert.pem", "cert:4C005EF1CF45F80D4A5A2BCFB00D4F198121E8D4"};
34
35 const TestCertMetaData kCert2 = {
36 "ok_cert.pem", "cert:9174C7CB9E4919604E7B1BFC430E4929DA45F65F"};
37
38 // MockTransactions are required to use the MockDiskCache backend.
39 // |key| is a cache key, and is equivalent to the key that will be
40 // used to store or retrieve certificates in the cache. |test_mode|
41 // is an integer that is used to indicate properties of the test
42 // transaction, mostly whether or not it is synchronous.
43 // For testing the DiskBasedCertCache, other data members of the struct
44 // are irrelevant. Only one MockTransaction per certificate can be used
45 // at a time.
46 MockTransaction CreateMockTransaction(const char* key, int test_mode) {
47 MockTransaction transaction = {key, "", base::Time(), "", LOAD_NORMAL,
48 "", "", base::Time(), "", test_mode,
49 NULL, 0, OK};
50
51 return transaction;
52 }
53
54 // Helper class, for use with DiskBasedCertCache::Get, that will ensure that
55 // the returned certificate handle is kept alive after the callback has been
56 // executed and allow a user to WaitForResult of DiskBasedCertCache::Get.
57 class TestGetCallback {
58 public:
59 TestGetCallback() : cert_handle_(NULL) {}
60 ~TestGetCallback() {
61 if (cert_handle_)
62 X509Certificate::FreeOSCertHandle(cert_handle_);
63 }
64
65 // Blocks until the underlying Get() operation has succeeded.
66 void WaitForResult() { cb_.WaitForResult(); }
67
68 // Returns a Callback suitable for use with DiskBasedCertCache::Get(). The
69 // returned callback is only valid while the TestGetCallback object is still
70 // valid.
71 DiskBasedCertCache::GetCallback callback() {
72 return base::Bind(&TestGetCallback::OnGetComplete, base::Unretained(this));
73 }
74
75 // Returns the associated certificate handle.
76 const X509Certificate::OSCertHandle& cert_handle() const {
77 return cert_handle_;
78 }
79
80 private:
81 void OnGetComplete(const X509Certificate::OSCertHandle handle) {
82 if (handle)
83 cert_handle_ = X509Certificate::DupOSCertHandle(handle);
84 cb_.callback().Run(OK);
85 }
86
87 TestCompletionCallback cb_;
88 X509Certificate::OSCertHandle cert_handle_;
89 };
90
91 // Helper class, for use with DiskBasedCertCache::Set, that will store the
92 // returned key and allow a user to WaitForResult of DiskBasedCertCache::Set.
93 class TestSetCallback {
94 public:
95 TestSetCallback() {}
96 ~TestSetCallback() {}
97
98 // Blocks until the underlying Set() operation has succeeded.
99 void WaitForResult() { cb_.WaitForResult(); }
100
101 // Returns a Callback suitable for use with DiskBasedCertCache::Set(). The
102 // returned callback is only valid while the TestSetCallback object is still
103 // valid.
104 DiskBasedCertCache::SetCallback callback() {
105 return base::Bind(&TestSetCallback::OnSetComplete, base::Unretained(this));
106 }
107
108 // Returns the associated certificate handle.
109 const std::string& key() const { return key_; }
110
111 private:
112 void OnSetComplete(const std::string& key) {
113 key_ = key;
114 cb_.callback().Run(OK);
115 }
116
117 TestCompletionCallback cb_;
118 std::string key_;
119 };
120
121 // Stores the certificate corresponding to |cert_data| in |backend|. If
122 // |corrupt_data| is true, the certificate will be imported with errors
123 // so as to mimic a corrupted file on disk.
124 void ImportCert(disk_cache::Backend* backend,
125 const TestCertMetaData& cert_data,
126 bool corrupt_data) {
127 disk_cache::Entry* entry;
128 TestCompletionCallback callback;
129 int rv =
130 backend->CreateEntry(cert_data.cache_key, &entry, callback.callback());
131 EXPECT_EQ(OK, callback.GetResult(rv));
132 scoped_refptr<X509Certificate> cert(
133 ImportCertFromFile(GetTestCertsDirectory(), cert_data.file_name));
134 std::string write_data;
135 bool encoded =
136 X509Certificate::GetDEREncoded(cert->os_cert_handle(), &write_data);
137 ASSERT_TRUE(encoded);
138 if (corrupt_data) {
139 for (size_t i = 0; i < write_data.size(); i += 20)
140 ++write_data[i];
141 }
142 scoped_refptr<IOBuffer> buffer(new IOBuffer(write_data.size()));
143 memcpy(buffer->data(), write_data.data(), write_data.size());
144 rv = entry->WriteData(0 /* index */,
145 0 /* offset */,
146 buffer,
147 write_data.size(),
148 callback.callback(),
149 true /* truncate */);
150 ASSERT_EQ(static_cast<int>(write_data.size()), callback.GetResult(rv));
151 entry->Close();
152 }
153
154 // Checks that the the certificate corresponding to |cert_data| is an existing,
155 // correctly cached entry in |backend|.
156 void CheckCertCached(disk_cache::Backend* backend,
157 const TestCertMetaData& cert_data) {
158 disk_cache::Entry* entry;
159 TestCompletionCallback callback;
160 int rv = backend->OpenEntry(cert_data.cache_key, &entry, callback.callback());
161 EXPECT_EQ(OK, callback.GetResult(rv));
162 scoped_refptr<X509Certificate> cert(
163 ImportCertFromFile(GetTestCertsDirectory(), cert_data.file_name));
164 std::string write_data;
165 bool encoded =
166 X509Certificate::GetDEREncoded(cert->os_cert_handle(), &write_data);
167 ASSERT_TRUE(encoded);
168 int entry_size = entry->GetDataSize(0 /* index */);
169 scoped_refptr<IOBuffer> buffer(new IOBuffer(entry_size));
170 rv = entry->ReadData(
171 0 /* index */, 0 /* offset */, buffer, entry_size, callback.callback());
172 EXPECT_EQ(entry_size, callback.GetResult(rv));
173 entry->Close();
174 X509Certificate::OSCertHandle cached_cert_handle =
175 X509Certificate::CreateOSCertHandleFromBytes(buffer->data(), entry_size);
176 EXPECT_TRUE(X509Certificate::IsSameOSCert(cached_cert_handle,
177 cert->os_cert_handle()));
178 X509Certificate::FreeOSCertHandle(cached_cert_handle);
179 }
180
181 } // namespace
182
183 // ----------------------------------------------------------------------------
184
185 // Tests that a certificate can be stored in the cache.
186 TEST(DiskBasedCertCache, SetCert) {
187 ScopedMockTransaction trans1(
188 CreateMockTransaction(kCert1.cache_key, TEST_MODE_NORMAL));
189 MockDiskCache backend;
190 DiskBasedCertCache cache(&backend);
191 scoped_refptr<X509Certificate> cert(
192 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
193 ASSERT_TRUE(cert.get());
194 TestSetCallback set_callback;
195
196 cache.Set(cert->os_cert_handle(), set_callback.callback());
197 set_callback.WaitForResult();
198 EXPECT_EQ(kCert1.cache_key, set_callback.key());
199 ASSERT_NO_FATAL_FAILURE(CheckCertCached(&backend, kCert1));
200 }
201
202 // Tests that a certificate can be retrieved from the cache.
203 TEST(DiskBasedCertCache, GetCert) {
204 ScopedMockTransaction trans1(
205 CreateMockTransaction(kCert1.cache_key, TEST_MODE_NORMAL));
206 MockDiskCache backend;
207 ASSERT_NO_FATAL_FAILURE(
208 ImportCert(&backend, kCert1, false /* not corrupted */));
209 DiskBasedCertCache cache(&backend);
210 TestGetCallback get_callback;
211
212 cache.Get(kCert1.cache_key, get_callback.callback());
213 get_callback.WaitForResult();
214
215 scoped_refptr<X509Certificate> cert(
216 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
217 EXPECT_TRUE(X509Certificate::IsSameOSCert(get_callback.cert_handle(),
218 cert->os_cert_handle()));
219 }
220
221 // Tests that the DiskBasedCertCache successfully writes to the cache
222 // if the cache acts synchronously
223 TEST(DiskBasedCertCache, SyncSet) {
224 ScopedMockTransaction trans1(
225 CreateMockTransaction(kCert1.cache_key, TEST_MODE_SYNC_ALL));
226 MockDiskCache backend;
227 DiskBasedCertCache cache(&backend);
228 scoped_refptr<X509Certificate> cert(
229 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
230 ASSERT_TRUE(cert.get());
231
232 TestSetCallback set_callback;
233 cache.Set(cert->os_cert_handle(), set_callback.callback());
234 set_callback.WaitForResult();
235 EXPECT_EQ(kCert1.cache_key, set_callback.key());
236 ASSERT_NO_FATAL_FAILURE(CheckCertCached(&backend, kCert1));
237 }
238
239 // Tests that the DiskBasedCertCache successfully reads from the cache
240 // if the cache acts synchronously
241 TEST(DiskBasedCertCache, SyncGet) {
242 ScopedMockTransaction trans1(
243 CreateMockTransaction(kCert1.cache_key, TEST_MODE_SYNC_ALL));
244 MockDiskCache backend;
245 ASSERT_NO_FATAL_FAILURE(
246 (ImportCert(&backend, kCert1, false /* not corrupted */)));
247 DiskBasedCertCache cache(&backend);
248 scoped_refptr<X509Certificate> cert(
249 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
250 ASSERT_TRUE(cert.get());
251
252 TestGetCallback get_callback;
253 cache.Get(kCert1.cache_key, get_callback.callback());
254 get_callback.WaitForResult();
255 EXPECT_TRUE(X509Certificate::IsSameOSCert(get_callback.cert_handle(),
256 cert->os_cert_handle()));
257 }
258
259 // Tests that Get will fail on a corrupted certificate.
260 TEST(DiskBasedCertCache, GetBrokenCert) {
261 ScopedMockTransaction trans1(
262 CreateMockTransaction(kCert1.cache_key, TEST_MODE_NORMAL));
263 MockDiskCache backend;
264 ASSERT_NO_FATAL_FAILURE(ImportCert(&backend, kCert1, true /* corrupted */));
265 DiskBasedCertCache cache(&backend);
266 TestGetCallback get_callback;
267
268 cache.Get(kCert1.cache_key, get_callback.callback());
269 get_callback.WaitForResult();
270
271 EXPECT_FALSE(get_callback.cert_handle());
272 }
273
274 // Tests that attempting to retrieve a cert that is not in the cache will
275 // return NULL.
276 TEST(DiskBasedCertCache, GetUncachedCert) {
277 ScopedMockTransaction trans1(
278 CreateMockTransaction(kCert1.cache_key, TEST_MODE_NORMAL));
279 MockDiskCache backend;
280 DiskBasedCertCache cache(&backend);
281 TestGetCallback get_callback;
282
283 cache.Get(kCert1.cache_key, get_callback.callback());
284 get_callback.WaitForResult();
285 EXPECT_EQ(NULL, get_callback.cert_handle());
286 }
287
288 // Issues two requests to store a certificate in the cache
289 // (simultaneously), and checks that the DiskBasedCertCache stores the
290 // certificate to the cache (in one write rather than two).
291 TEST(DiskBasedCertCache, SetMultiple) {
292 ScopedMockTransaction trans1(
293 CreateMockTransaction(kCert1.cache_key, TEST_MODE_NORMAL));
294 MockDiskCache backend;
295 DiskBasedCertCache cache(&backend);
296 scoped_refptr<X509Certificate> cert(
297 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
298 ASSERT_TRUE(cert.get());
299 TestSetCallback set_callback1, set_callback2;
300
301 // Behind the scenes, these two operations will be combined
302 // into one operation. IgnoreCallbacks guarantees that the
303 // first Set operation is not yet complete when the second Set is
304 // called, and then IgnoreCallbacks(false) continues the
305 // (combined) operation in the |cache|.
306 MockDiskEntry::IgnoreCallbacks(true);
307 cache.Set(cert->os_cert_handle(), set_callback1.callback());
308 cache.Set(cert->os_cert_handle(), set_callback2.callback());
309 MockDiskEntry::IgnoreCallbacks(false);
310
311 set_callback1.WaitForResult();
312 set_callback2.WaitForResult();
313 EXPECT_EQ(set_callback1.key(), set_callback2.key());
314 ASSERT_NO_FATAL_FAILURE(CheckCertCached(&backend, kCert1));
315 }
316
317 // Issues two requests to store a certificate in the cache
318 // because the first transaction finishes before the second
319 // one is issued, the first cache write is overwritten.
320 TEST(DiskBasedCertCache, SetOverwrite) {
321 ScopedMockTransaction trans1(
322 CreateMockTransaction(kCert1.cache_key, TEST_MODE_NORMAL));
323 MockDiskCache backend;
324 backend.set_double_create_check(false);
325 DiskBasedCertCache cache(&backend);
326 scoped_refptr<X509Certificate> cert(
327 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
328 ASSERT_TRUE(cert.get());
329 TestSetCallback set_callback1, set_callback2;
330
331 cache.Set(cert->os_cert_handle(), set_callback1.callback());
332 set_callback1.WaitForResult();
333 cache.Set(cert->os_cert_handle(), set_callback2.callback());
334 set_callback2.WaitForResult();
335
336 EXPECT_EQ(set_callback1.key(), set_callback2.key());
337 ASSERT_NO_FATAL_FAILURE(CheckCertCached(&backend, kCert1));
338 }
339
340 // Stores a certificate in the DiskBasedCertCache, then retrieves it
341 // and makes sure it was retrieved successfully.
342 TEST(DiskBasedCertCache, SimpleSetAndGet) {
343 ScopedMockTransaction trans1(
344 CreateMockTransaction(kCert1.cache_key, TEST_MODE_NORMAL));
345 MockDiskCache backend;
346 DiskBasedCertCache cache(&backend);
347 scoped_refptr<X509Certificate> cert(
348 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
349 ASSERT_TRUE(cert.get());
350 TestSetCallback set_callback;
351 TestGetCallback get_callback;
352
353 cache.Set(cert->os_cert_handle(), set_callback.callback());
354 set_callback.WaitForResult();
355 cache.Get(set_callback.key(), get_callback.callback());
356 get_callback.WaitForResult();
357 EXPECT_TRUE(X509Certificate::IsSameOSCert(get_callback.cert_handle(),
358 cert->os_cert_handle()));
359 }
360
361 // Tests some basic functionality of the DiskBasedCertCache, with multiple
362 // set and get operations.
363 TEST(DiskBasedCertCache, BasicUsage) {
364 ScopedMockTransaction trans1(
365 CreateMockTransaction(kCert1.cache_key, TEST_MODE_SYNC_CACHE_START));
366 ScopedMockTransaction trans2(
367 CreateMockTransaction(kCert2.cache_key, TEST_MODE_NORMAL));
368 MockDiskCache backend;
369 DiskBasedCertCache cache(&backend);
370 scoped_refptr<X509Certificate> cert1(
371 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
372 scoped_refptr<X509Certificate> cert2(
373 ImportCertFromFile(GetTestCertsDirectory(), kCert2.file_name));
374 ASSERT_TRUE(cert1.get());
375 ASSERT_TRUE(cert2.get());
376 ASSERT_FALSE(X509Certificate::IsSameOSCert(cert1->os_cert_handle(),
377 cert2->os_cert_handle()));
378 TestSetCallback set_callback1, set_callback2;
379
380 // Callbacks are temporarily ignored here to guarantee the asynchronous
381 // operations of the DiskBasedCertCache are always executed in the same
382 // order.
383 MockDiskEntry::IgnoreCallbacks(true);
384 cache.Set(cert1->os_cert_handle(), set_callback1.callback());
385 cache.Set(cert2->os_cert_handle(), set_callback2.callback());
386 MockDiskEntry::IgnoreCallbacks(false);
387 set_callback1.WaitForResult();
388 set_callback2.WaitForResult();
389
390 TestGetCallback get_callback1, get_callback2;
391
392 MockDiskEntry::IgnoreCallbacks(true);
393 cache.Get(set_callback1.key(), get_callback1.callback());
394 cache.Get(set_callback2.key(), get_callback2.callback());
395 MockDiskEntry::IgnoreCallbacks(false);
396 get_callback1.WaitForResult();
397 get_callback2.WaitForResult();
398
399 EXPECT_TRUE(X509Certificate::IsSameOSCert(cert1->os_cert_handle(),
400 get_callback1.cert_handle()));
401 EXPECT_TRUE(X509Certificate::IsSameOSCert(cert2->os_cert_handle(),
402 get_callback2.cert_handle()));
403 }
404
405 // Test the result of simultaneous requests to store and retrieve a
406 // certificate from the cache, with the get operation attempting to
407 // open the cache first and therefore failing to open the entry.
408 TEST(DiskBasedCertCache, SimultaneousGetSet) {
409 ScopedMockTransaction trans1(
410 CreateMockTransaction(kCert1.cache_key, TEST_MODE_SYNC_CACHE_START));
411 MockDiskCache backend;
412 DiskBasedCertCache cache(&backend);
413 scoped_refptr<X509Certificate> cert(
414 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
415 ASSERT_TRUE(cert.get());
416
417 TestGetCallback get_callback;
418 TestSetCallback set_callback;
419
420 MockDiskEntry::IgnoreCallbacks(true);
421 cache.Get(kCert1.cache_key, get_callback.callback());
422 cache.Set(cert->os_cert_handle(), set_callback.callback());
423 MockDiskEntry::IgnoreCallbacks(false);
424 get_callback.WaitForResult();
425 set_callback.WaitForResult();
426
427 EXPECT_EQ(NULL, get_callback.cert_handle());
428 EXPECT_EQ(kCert1.cache_key, set_callback.key());
429 }
430
431 // Test the result of simultaneous requests to store and retrieve a
432 // certificate from the cache, with the get operation opening the cache
433 // after the set operation, leading to a successful read.
434 TEST(DiskBasedCertCache, SimultaneousSetGet) {
435 ScopedMockTransaction trans1(
436 CreateMockTransaction(kCert1.cache_key, TEST_MODE_SYNC_CACHE_START));
437 MockDiskCache backend;
438 DiskBasedCertCache cache(&backend);
439 scoped_refptr<X509Certificate> cert(
440 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
441 ASSERT_TRUE(cert.get());
442
443 TestSetCallback set_callback;
444 TestGetCallback get_callback;
445
446 MockDiskEntry::IgnoreCallbacks(true);
447 cache.Set(cert->os_cert_handle(), set_callback.callback());
448 cache.Get(kCert1.cache_key, get_callback.callback());
449 MockDiskEntry::IgnoreCallbacks(false);
450 set_callback.WaitForResult();
451 get_callback.WaitForResult();
452
453 EXPECT_EQ(kCert1.cache_key, set_callback.key());
454 EXPECT_TRUE(X509Certificate::IsSameOSCert(cert->os_cert_handle(),
455 get_callback.cert_handle()));
456 }
457
458 // Tests that the DiskBasedCertCache can be deleted without issues when
459 // there are pending operations in the disk cache.
460 TEST(DiskBasedCertCache, DeletedCertCache) {
461 ScopedMockTransaction trans1(
462 CreateMockTransaction(kCert1.cache_key, TEST_MODE_NORMAL));
463 MockDiskCache backend;
464 scoped_ptr<DiskBasedCertCache> cache(new DiskBasedCertCache(&backend));
465 scoped_refptr<X509Certificate> cert(
466 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
467 ASSERT_TRUE(cert.get());
468 TestSetCallback set_callback;
469
470 cache->Set(cert->os_cert_handle(), set_callback.callback());
471 cache.reset();
472 set_callback.WaitForResult();
473 EXPECT_EQ(std::string(), set_callback.key());
474 }
475
476 // Issues two successive read requests for a certificate, and then
477 // checks that the DiskBasedCertCache correctly read and recorded
478 // reading through the in-memory MRU cache.
479 TEST(DiskBasedCertCache, MemCacheGet) {
480 ScopedMockTransaction trans1(
481 CreateMockTransaction(kCert1.cache_key, TEST_MODE_NORMAL));
482 MockDiskCache backend;
483 ASSERT_NO_FATAL_FAILURE(
484 ImportCert(&backend, kCert1, false /* not corrupted */));
485 DiskBasedCertCache cache(&backend);
486
487 TestGetCallback get_callback1, get_callback2;
488 cache.Get(kCert1.cache_key, get_callback1.callback());
489 get_callback1.WaitForResult();
490 EXPECT_EQ(0U, cache.mem_cache_hits_for_testing());
491 cache.Get(kCert1.cache_key, get_callback2.callback());
492 get_callback2.WaitForResult();
493 EXPECT_EQ(1U, cache.mem_cache_hits_for_testing());
494 EXPECT_TRUE(X509Certificate::IsSameOSCert(get_callback1.cert_handle(),
495 get_callback2.cert_handle()));
496 }
497
498 // Reads a corrupted certificate from the disk cache, and then overwrites
499 // it and checks that the uncorrupted version was stored in the in-memory
500 // cache.
501 TEST(DiskBasedCertCache, CorruptOverwrite) {
502 ScopedMockTransaction trans1(
503 CreateMockTransaction(kCert1.cache_key, TEST_MODE_NORMAL));
504 MockDiskCache backend;
505 backend.set_double_create_check(false);
506 ASSERT_NO_FATAL_FAILURE(ImportCert(&backend, kCert1, true /* corrupted */));
507 DiskBasedCertCache cache(&backend);
508 TestGetCallback get_callback1, get_callback2;
509
510 cache.Get(kCert1.cache_key, get_callback1.callback());
511 get_callback1.WaitForResult();
512 EXPECT_FALSE(get_callback2.cert_handle());
513
514 scoped_refptr<X509Certificate> cert(
515 ImportCertFromFile(GetTestCertsDirectory(), kCert1.file_name));
516 TestSetCallback set_callback;
517
518 cache.Set(cert->os_cert_handle(), set_callback.callback());
519 set_callback.WaitForResult();
520 EXPECT_EQ(kCert1.cache_key, set_callback.key());
521 EXPECT_EQ(0U, cache.mem_cache_hits_for_testing());
522
523 cache.Get(kCert1.cache_key, get_callback2.callback());
524 get_callback2.WaitForResult();
525 EXPECT_TRUE(X509Certificate::IsSameOSCert(get_callback2.cert_handle(),
526 cert->os_cert_handle()));
527 EXPECT_EQ(1U, cache.mem_cache_hits_for_testing());
528 ASSERT_NO_FATAL_FAILURE(CheckCertCached(&backend, kCert1));
529 }
530
531 } // namespace net