| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ | 5 #ifndef CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ |
| 6 #define CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ | 6 #define CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> |
| 9 | 10 |
| 10 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
| 11 #include "base/callback.h" | 12 #include "base/callback.h" |
| 12 #include "base/memory/ref_counted.h" | 13 #include "base/memory/ref_counted.h" |
| 13 #include "base/memory/scoped_ptr.h" | 14 #include "base/memory/scoped_ptr.h" |
| 14 #include "base/time.h" | 15 #include "base/time.h" |
| 15 | 16 |
| 16 namespace base { | 17 namespace base { |
| 17 class MessageLoopProxy; | 18 class MessageLoopProxy; |
| 18 } | 19 } |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 70 // references, so ownership can be passed on once validation is complete. | 71 // references, so ownership can be passed on once validation is complete. |
| 71 scoped_ptr<enterprise_management::PolicyFetchResponse>& policy() { | 72 scoped_ptr<enterprise_management::PolicyFetchResponse>& policy() { |
| 72 return policy_; | 73 return policy_; |
| 73 } | 74 } |
| 74 scoped_ptr<enterprise_management::PolicyData>& policy_data() { | 75 scoped_ptr<enterprise_management::PolicyData>& policy_data() { |
| 75 return policy_data_; | 76 return policy_data_; |
| 76 } | 77 } |
| 77 | 78 |
| 78 // Instructs the validator to check that the policy timestamp is not before | 79 // Instructs the validator to check that the policy timestamp is not before |
| 79 // |not_before| and not after |now| + grace interval. | 80 // |not_before| and not after |now| + grace interval. |
| 80 void ValidateTimestamp(base::Time not_before, base::Time now); | 81 void ValidateTimestamp(base::Time not_before, |
| 82 base::Time now, |
| 83 bool allow_missing_timestamp); |
| 81 | 84 |
| 82 // Validates the username in the policy blob matches |expected_user|. | 85 // Validates the username in the policy blob matches |expected_user|. |
| 83 void ValidateUsername(const std::string& expected_user); | 86 void ValidateUsername(const std::string& expected_user); |
| 84 | 87 |
| 85 // Validates the policy blob is addressed to |expected_domain|. This uses the | 88 // Validates the policy blob is addressed to |expected_domain|. This uses the |
| 86 // domain part of the username field in the policy for the check. | 89 // domain part of the username field in the policy for the check. |
| 87 void ValidateDomain(const std::string& expected_domain); | 90 void ValidateDomain(const std::string& expected_domain); |
| 88 | 91 |
| 89 // Makes sure the DM token on the policy matches |expected_token|. | 92 // Makes sure the DM token on the policy matches |expected_token|. |
| 90 void ValidateDMToken(const std::string& dm_token); | 93 void ValidateDMToken(const std::string& dm_token); |
| 91 | 94 |
| 92 // Validates the policy type. | 95 // Validates the policy type. |
| 93 void ValidatePolicyType(const std::string& policy_type); | 96 void ValidatePolicyType(const std::string& policy_type); |
| 94 | 97 |
| 95 // Validates that the payload can be decoded successfully. | 98 // Validates that the payload can be decoded successfully. |
| 96 void ValidatePayload(); | 99 void ValidatePayload(); |
| 97 | 100 |
| 98 // Verifies that the signature on the policy blob verifies against |key|. If | 101 // Verifies that the signature on the policy blob verifies against |key|. If | |
| 99 // there is a key rotation present in the policy blob, this checks the | 102 // |allow_key_rotation| is true and there is a key rotation present in the |
| 100 // signature on the new key against |key| and the policy blob against the new | 103 // policy blob, this checks the signature on the new key against |key| and the |
| 101 // key. | 104 // policy blob against the new key. |
| 102 void ValidateSignature(const std::string& key); | 105 void ValidateSignature(const std::vector<uint8>& key, |
| 106 bool allow_key_rotation); |
| 103 | 107 |
| 104 // Similar to StartSignatureVerification(), this checks the signature on the | 108 // Similar to StartSignatureVerification(), this checks the signature on the |
| 105 // policy blob. However, this variant expects a new policy key set in the | 109 // policy blob. However, this variant expects a new policy key set in the |
| 106 // policy blob and makes sure the policy is signed using that key. This should | 110 // policy blob and makes sure the policy is signed using that key. This should |
| 107 // be called at setup time when there is no existing policy key present to | 111 // be called at setup time when there is no existing policy key present to |
| 108 // check against. | 112 // check against. |
| 109 void ValidateInitialKey(); | 113 void ValidateInitialKey(); |
| 110 | 114 |
| 111 // Convenience helper that configures timestamp and token validation based on | 115 // Convenience helper that configures timestamp and token validation based on |
| 112 // the current policy blob. |policy_data| may be NULL, in which case the | 116 // the current policy blob. |policy_data| may be NULL, in which case the |
| 113 // timestamp validation will drop the lower bound and no token validation will | 117 // timestamp validation will drop the lower bound and no token validation will |
| 114 // be configured. | 118 // be configured. |
| 115 void ValidateAgainstCurrentPolicy( | 119 void ValidateAgainstCurrentPolicy( |
| 116 const enterprise_management::PolicyData* policy_data); | 120 const enterprise_management::PolicyData* policy_data, |
| 121 bool allow_missing_timestamp); |
| 117 | 122 |
| 118 // Kicks off validation. From this point on, the validator manages its own | 123 // Kicks off validation. From this point on, the validator manages its own |
| 119 // lifetime. |completion_callback| is invoked when done. | 124 // lifetime. |completion_callback| is invoked when done. |
| 120 void StartValidation(); | 125 void StartValidation(); |
| 121 | 126 |
| 122 protected: | 127 protected: |
| 123 // Create a new validator that checks |policy_response|. |payload| is the | 128 // Create a new validator that checks |policy_response|. |payload| is the |
| 124 // message that the policy payload will be parsed to, and it needs to stay | 129 // message that the policy payload will be parsed to, and it needs to stay |
| 125 // valid for the lifetime of the validator. | 130 // valid for the lifetime of the validator. |
| 126 CloudPolicyValidatorBase( | 131 CloudPolicyValidatorBase( |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 167 const std::string& key, | 172 const std::string& key, |
| 168 const std::string& signature); | 173 const std::string& signature); |
| 169 | 174 |
| 170 Status status_; | 175 Status status_; |
| 171 scoped_ptr<enterprise_management::PolicyFetchResponse> policy_; | 176 scoped_ptr<enterprise_management::PolicyFetchResponse> policy_; |
| 172 scoped_ptr<enterprise_management::PolicyData> policy_data_; | 177 scoped_ptr<enterprise_management::PolicyData> policy_data_; |
| 173 google::protobuf::MessageLite* payload_; | 178 google::protobuf::MessageLite* payload_; |
| 174 base::Closure completion_callback_; | 179 base::Closure completion_callback_; |
| 175 | 180 |
| 176 int validation_flags_; | 181 int validation_flags_; |
| 177 base::Time timestamp_not_before_; | 182 int64 timestamp_not_before_; |
| 178 base::Time timestamp_not_after_; | 183 int64 timestamp_not_after_; |
| 184 bool allow_missing_timestamp_; |
| 179 std::string user_; | 185 std::string user_; |
| 180 std::string domain_; | 186 std::string domain_; |
| 181 std::string token_; | 187 std::string token_; |
| 182 std::string policy_type_; | 188 std::string policy_type_; |
| 183 std::string key_; | 189 std::string key_; |
| 190 bool allow_key_rotation_; |
| 184 | 191 |
| 185 DISALLOW_COPY_AND_ASSIGN(CloudPolicyValidatorBase); | 192 DISALLOW_COPY_AND_ASSIGN(CloudPolicyValidatorBase); |
| 186 }; | 193 }; |
| 187 | 194 |
| 188 // A simple type-parameterized extension of CloudPolicyValidator that | 195 // A simple type-parameterized extension of CloudPolicyValidator that |
| 189 // facilitates working with the actual protobuf payload type. | 196 // facilitates working with the actual protobuf payload type. |
| 190 template<typename PayloadProto> | 197 template<typename PayloadProto> |
| 191 class CloudPolicyValidator : public CloudPolicyValidatorBase { | 198 class CloudPolicyValidator : public CloudPolicyValidatorBase { |
| 192 public: | 199 public: |
| 193 typedef base::Callback<void(CloudPolicyValidator<PayloadProto>*)> | 200 typedef base::Callback<void(CloudPolicyValidator<PayloadProto>*)> |
| (...skipping 22 matching lines...) Expand all Loading... |
| 216 }; | 223 }; |
| 217 | 224 |
| 218 typedef CloudPolicyValidator<enterprise_management::ChromeDeviceSettingsProto> | 225 typedef CloudPolicyValidator<enterprise_management::ChromeDeviceSettingsProto> |
| 219 DeviceCloudPolicyValidator; | 226 DeviceCloudPolicyValidator; |
| 220 typedef CloudPolicyValidator<enterprise_management::CloudPolicySettings> | 227 typedef CloudPolicyValidator<enterprise_management::CloudPolicySettings> |
| 221 UserCloudPolicyValidator; | 228 UserCloudPolicyValidator; |
| 222 | 229 |
| 223 } // namespace policy | 230 } // namespace policy |
| 224 | 231 |
| 225 #endif // CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ | 232 #endif // CHROME_BROWSER_POLICY_CLOUD_POLICY_VALIDATOR_H_ |
| OLD | NEW |