| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ | 5 #ifndef CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ |
| 6 #define CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ | 6 #define CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| (...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 70 // references, so ownership can be passed on once validation is complete. | 70 // references, so ownership can be passed on once validation is complete. |
| 71 scoped_ptr<enterprise_management::PolicyFetchResponse>& policy() { | 71 scoped_ptr<enterprise_management::PolicyFetchResponse>& policy() { |
| 72 return policy_; | 72 return policy_; |
| 73 } | 73 } |
| 74 scoped_ptr<enterprise_management::PolicyData>& policy_data() { | 74 scoped_ptr<enterprise_management::PolicyData>& policy_data() { |
| 75 return policy_data_; | 75 return policy_data_; |
| 76 } | 76 } |
| 77 | 77 |
| 78 // Instructs the validator to check that the policy timestamp is not before | 78 // Instructs the validator to check that the policy timestamp is not before |
| 79 // |not_before| and not after |now| + grace interval. | 79 // |not_before| and not after |now| + grace interval. |
| 80 void ValidateTimestamp(base::Time not_before, base::Time now); | 80 void ValidateTimestamp(base::Time not_before, |
| 81 base::Time now, |
| 82 bool allow_missing_timestamp); |
| 81 | 83 |
| 82 // Validates the username in the policy blob matches |expected_user|. | 84 // Validates the username in the policy blob matches |expected_user|. |
| 83 void ValidateUsername(const std::string& expected_user); | 85 void ValidateUsername(const std::string& expected_user); |
| 84 | 86 |
| 85 // Validates the policy blob is addressed to |expected_domain|. This uses the | 87 // Validates the policy blob is addressed to |expected_domain|. This uses the |
| 86 // domain part of the username field in the policy for the check. | 88 // domain part of the username field in the policy for the check. |
| 87 void ValidateDomain(const std::string& expected_domain); | 89 void ValidateDomain(const std::string& expected_domain); |
| 88 | 90 |
| 89 // Makes sure the DM token on the policy matches |expected_token|. | 91 // Makes sure the DM token on the policy matches |expected_token|. |
| 90 void ValidateDMToken(const std::string& dm_token); | 92 void ValidateDMToken(const std::string& dm_token); |
| 91 | 93 |
| 92 // Validates the policy type. | 94 // Validates the policy type. |
| 93 void ValidatePolicyType(const std::string& policy_type); | 95 void ValidatePolicyType(const std::string& policy_type); |
| 94 | 96 |
| 95 // Validates that the payload can be decoded successfully. | 97 // Validates that the payload can be decoded successfully. |
| 96 void ValidatePayload(); | 98 void ValidatePayload(); |
| 97 | 99 |
| 98 // Verifies that the signature on the policy blob verifies against |key|. If | 100 // Verifies that the signature on the policy blob verifies against |key|. If | |
| 99 // there is a key rotation present in the policy blob, this checks the | 101 // |allow_key_rotation| is true and there is a key rotation present in the |
| 100 // signature on the new key against |key| and the policy blob against the new | 102 // policy blob, this checks the signature on the new key against |key| and the |
| 101 // key. | 103 // policy blob against the new key. |
| 102 void ValidateSignature(const std::string& key); | 104 void ValidateSignature(const std::string& key, bool allow_key_rotation); |
| 103 | 105 |
| 104 // Similar to StartSignatureVerification(), this checks the signature on the | 106 // Similar to StartSignatureVerification(), this checks the signature on the |
| 105 // policy blob. However, this variant expects a new policy key set in the | 107 // policy blob. However, this variant expects a new policy key set in the |
| 106 // policy blob and makes sure the policy is signed using that key. This should | 108 // policy blob and makes sure the policy is signed using that key. This should |
| 107 // be called at setup time when there is no existing policy key present to | 109 // be called at setup time when there is no existing policy key present to |
| 108 // check against. | 110 // check against. |
| 109 void ValidateInitialKey(); | 111 void ValidateInitialKey(); |
| 110 | 112 |
| 111 // Convenience helper that configures timestamp and token validation based on | 113 // Convenience helper that configures timestamp and token validation based on |
| 112 // the current policy blob. |policy_data| may be NULL, in which case the | 114 // the current policy blob. |policy_data| may be NULL, in which case the |
| 113 // timestamp validation will drop the lower bound and no token validation will | 115 // timestamp validation will drop the lower bound and no token validation will |
| 114 // be configured. | 116 // be configured. |
| 115 void ValidateAgainstCurrentPolicy( | 117 void ValidateAgainstCurrentPolicy( |
| 116 const enterprise_management::PolicyData* policy_data); | 118 const enterprise_management::PolicyData* policy_data, |
| 119 bool allow_missing_timestamp); |
| 117 | 120 |
| 118 // Kicks off validation. From this point on, the validator manages its own | 121 // Kicks off validation. From this point on, the validator manages its own |
| 119 // lifetime. |completion_callback| is invoked when done. | 122 // lifetime. |completion_callback| is invoked when done. |
| 120 void StartValidation(); | 123 void StartValidation(); |
| 121 | 124 |
| 122 protected: | 125 protected: |
| 123 // Create a new validator that checks |policy_response|. |payload| is the | 126 // Create a new validator that checks |policy_response|. |payload| is the |
| 124 // message that the policy payload will be parsed to, and it needs to stay | 127 // message that the policy payload will be parsed to, and it needs to stay |
| 125 // valid for the lifetime of the validator. | 128 // valid for the lifetime of the validator. |
| 126 CloudPolicyValidatorBase( | 129 CloudPolicyValidatorBase( |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 169 | 172 |
| 170 Status status_; | 173 Status status_; |
| 171 scoped_ptr<enterprise_management::PolicyFetchResponse> policy_; | 174 scoped_ptr<enterprise_management::PolicyFetchResponse> policy_; |
| 172 scoped_ptr<enterprise_management::PolicyData> policy_data_; | 175 scoped_ptr<enterprise_management::PolicyData> policy_data_; |
| 173 google::protobuf::MessageLite* payload_; | 176 google::protobuf::MessageLite* payload_; |
| 174 base::Closure completion_callback_; | 177 base::Closure completion_callback_; |
| 175 | 178 |
| 176 int validation_flags_; | 179 int validation_flags_; |
| 177 base::Time timestamp_not_before_; | 180 base::Time timestamp_not_before_; |
| 178 base::Time timestamp_not_after_; | 181 base::Time timestamp_not_after_; |
| 182 bool allow_missing_timestamp_; |
| 179 std::string user_; | 183 std::string user_; |
| 180 std::string domain_; | 184 std::string domain_; |
| 181 std::string token_; | 185 std::string token_; |
| 182 std::string policy_type_; | 186 std::string policy_type_; |
| 183 std::string key_; | 187 std::string key_; |
| 188 bool allow_key_rotation_; |
| 184 | 189 |
| 185 DISALLOW_COPY_AND_ASSIGN(CloudPolicyValidatorBase); | 190 DISALLOW_COPY_AND_ASSIGN(CloudPolicyValidatorBase); |
| 186 }; | 191 }; |
| 187 | 192 |
| 188 // A simple type-parameterized extension of CloudPolicyValidator that | 193 // A simple type-parameterized extension of CloudPolicyValidator that |
| 189 // facilitates working with the actual protobuf payload type. | 194 // facilitates working with the actual protobuf payload type. |
| 190 template<typename PayloadProto> | 195 template<typename PayloadProto> |
| 191 class CloudPolicyValidator : public CloudPolicyValidatorBase { | 196 class CloudPolicyValidator : public CloudPolicyValidatorBase { |
| 192 public: | 197 public: |
| 193 typedef base::Callback<void(CloudPolicyValidator<PayloadProto>*)> | 198 typedef base::Callback<void(CloudPolicyValidator<PayloadProto>*)> |
| (...skipping 22 matching lines...) Expand all Loading... |
| 216 }; | 221 }; |
| 217 | 222 |
| 218 typedef CloudPolicyValidator<enterprise_management::ChromeDeviceSettingsProto> | 223 typedef CloudPolicyValidator<enterprise_management::ChromeDeviceSettingsProto> |
| 219 DeviceCloudPolicyValidator; | 224 DeviceCloudPolicyValidator; |
| 220 typedef CloudPolicyValidator<enterprise_management::CloudPolicySettings> | 225 typedef CloudPolicyValidator<enterprise_management::CloudPolicySettings> |
| 221 UserCloudPolicyValidator; | 226 UserCloudPolicyValidator; |
| 222 | 227 |
| 223 } // namespace policy | 228 } // namespace policy |
| 224 | 229 |
| 225 #endif // CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ | 230 #endif // CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ |
| OLD | NEW |