Stop using CertStore which is not compatible with PlzNavigate.

chrome/browser/ssl/ssl_browser_tests.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <utility>
 
 #include "base/base_switches.h"
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/callback.h"
@@ skipping 42 matching lines @@
 #include "components/network_time/network_time_tracker.h"
 #include "components/prefs/pref_service.h"
 #include "components/security_interstitials/core/controller_client.h"
 #include "components/security_interstitials/core/metrics_helper.h"
 #include "components/security_state/security_state_model.h"
 #include "components/security_state/switches.h"
 #include "components/ssl_errors/error_classification.h"
 #include "components/variations/variations_associated_data.h"
 #include "components/web_modal/web_contents_modal_dialog_manager.h"
 #include "content/public/browser/browser_context.h"
-#include "content/public/browser/cert_store.h"
 #include "content/public/browser/interstitial_page.h"
 #include "content/public/browser/navigation_controller.h"
 #include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/render_view_host.h"
 #include "content/public/browser/render_widget_host_view.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/browser/web_contents_observer.h"
 #include "content/public/common/content_switches.h"
@@ skipping 177 matching lines @@
   }
 
   const content::WebContents* web_contents_;
   SSLErrorHandler::TimerStartedCallback callback_;
 
   std::unique_ptr<base::RunLoop> message_loop_runner_;
 
   DISALLOW_COPY_AND_ASSIGN(SSLInterstitialTimerObserver);
 };
 
-// Checks that two SSLStatuses will result in the same security UI: that
-// is, the cert ids can differ as long as they refer to the same cert,
-// and otherwise SSLStatus::Equals() must be true.
-void CheckSSLStatusesEquals(const content::SSLStatus& one,
-                            const content::SSLStatus& two) {
-  content::CertStore* cert_store = content::CertStore::GetInstance();
-  scoped_refptr<net::X509Certificate> cert1;
-  scoped_refptr<net::X509Certificate> cert2;
-  cert_store->RetrieveCert(one.cert_id, &cert1);
-  cert_store->RetrieveCert(two.cert_id, &cert2);
-  EXPECT_TRUE(cert1 && cert2);
-  EXPECT_TRUE(cert1->Equals(cert2.get()));
-
-  SSLStatus one_without_cert_id = one;
-  one_without_cert_id.cert_id = 0;
-  SSLStatus two_without_cert_id = two;
-  two_without_cert_id.cert_id = 0;
-  EXPECT_TRUE(one_without_cert_id.Equals(two_without_cert_id));
-}
-
 class HungJob : public net::URLRequestJob {
  public:
   HungJob(net::URLRequest* request, net::NetworkDelegate* network_delegate)
       : net::URLRequestJob(request, network_delegate) {}
 
   void Start() override {
   }
 };
 
 class FaviconFilter : public net::URLRequestInterceptor {
@@ skipping 2404 matching lines @@
   content::NavigationEntry* entry = tab->GetController().GetActiveEntry();
   ASSERT_TRUE(entry);
   content::SSLStatus interstitial_ssl_status = entry->GetSSL();
 
   ProceedThroughInterstitial(tab);
   EXPECT_FALSE(tab->ShowingInterstitialPage());
   entry = tab->GetController().GetActiveEntry();
   ASSERT_TRUE(entry);
 
   content::SSLStatus after_interstitial_ssl_status = entry->GetSSL();
-  ASSERT_NO_FATAL_FAILURE(CheckSSLStatusesEquals(after_interstitial_ssl_status,
-                                                 interstitial_ssl_status));
+  ASSERT_NO_FATAL_FAILURE(
+      after_interstitial_ssl_status.Equals(interstitial_ssl_status));
 }
 
 // As above, but for a bad clock interstitial. Tests that a clock
 // interstitial's SSLStatus matches the SSLStatus of the HTTPS page
 // after proceeding through a normal SSL interstitial.
 IN_PROC_BROWSER_TEST_F(SSLUITest,
                        SSLStatusMatchesonClockInterstitialAndAfterProceed) {
   ASSERT_TRUE(https_server_expired_.Start());
   WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
   ASSERT_TRUE(tab);
@@ skipping 29 matching lines @@
   EXPECT_EQ(SSLBlockingPage::kTypeForTesting,
             ssl_interstitial->GetDelegateForTesting()->GetTypeForTesting());
   ProceedThroughInterstitial(tab);
   EXPECT_FALSE(tab->ShowingInterstitialPage());
 
   // Grab the SSLStatus from the page and check that it is the same as
   // on the clock interstitial.
   entry = tab->GetController().GetActiveEntry();
   ASSERT_TRUE(entry);
   content::SSLStatus after_interstitial_ssl_status = entry->GetSSL();
-  ASSERT_NO_FATAL_FAILURE(CheckSSLStatusesEquals(
-      after_interstitial_ssl_status, clock_interstitial_ssl_status));
+  ASSERT_NO_FATAL_FAILURE(
+      after_interstitial_ssl_status.Equals(clock_interstitial_ssl_status));
 }
 
 class CommonNameMismatchBrowserTest : public CertVerifierBrowserTest {
  public:
   CommonNameMismatchBrowserTest() : CertVerifierBrowserTest() {}
   ~CommonNameMismatchBrowserTest() override {}
 
   void SetUpCommandLine(base::CommandLine* command_line) override {
     // Enable finch experiment for SSL common name mismatch handling.
     command_line->AppendSwitchASCII(switches::kForceFieldTrials,
@@ skipping 503 matching lines @@
 
 // Visit a page over https that contains a frame with a redirect.
 
 // XMLHttpRequest insecure content in synchronous mode.
 
 // XMLHttpRequest insecure content in asynchronous mode.
 
 // XMLHttpRequest over bad ssl in synchronous mode.
 
 // XMLHttpRequest over OK ssl in synchronous mode.