| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/sequenced_task_runner.h" | 8 #include "base/sequenced_task_runner.h" |
| 9 #include "chrome/browser/chromeos/policy/device_policy_decoder_chromeos.h" | 9 #include "chrome/browser/chromeos/policy/device_policy_decoder_chromeos.h" |
| 10 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" | 10 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" |
| (...skipping 28 matching lines...) Expand all Loading... |
| 39 device_settings_service_->GetOwnerKey()); | 39 device_settings_service_->GetOwnerKey()); |
| 40 if (!install_attributes_->IsEnterpriseDevice() || | 40 if (!install_attributes_->IsEnterpriseDevice() || |
| 41 !device_settings_service_->policy_data() || !owner_key.get() || | 41 !device_settings_service_->policy_data() || !owner_key.get() || |
| 42 !owner_key->public_key()) { | 42 !owner_key->public_key()) { |
| 43 status_ = STATUS_BAD_STATE; | 43 status_ = STATUS_BAD_STATE; |
| 44 NotifyStoreError(); | 44 NotifyStoreError(); |
| 45 return; | 45 return; |
| 46 } | 46 } |
| 47 | 47 |
| 48 scoped_ptr<DeviceCloudPolicyValidator> validator(CreateValidator(policy)); | 48 scoped_ptr<DeviceCloudPolicyValidator> validator(CreateValidator(policy)); |
| 49 validator->ValidateSignature(*owner_key->public_key(), true); | 49 validator->ValidateSignature(owner_key->public_key_as_string(), |
| 50 GetPolicyVerificationKey(), |
| 51 std::string(), |
| 52 true); |
| 50 validator->ValidateAgainstCurrentPolicy( | 53 validator->ValidateAgainstCurrentPolicy( |
| 51 device_settings_service_->policy_data(), | 54 device_settings_service_->policy_data(), |
| 52 CloudPolicyValidatorBase::TIMESTAMP_REQUIRED, | 55 CloudPolicyValidatorBase::TIMESTAMP_REQUIRED, |
| 53 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED); | 56 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED); |
| 54 validator.release()->StartValidation( | 57 validator.release()->StartValidation( |
| 55 base::Bind(&DeviceCloudPolicyStoreChromeOS::OnPolicyToStoreValidated, | 58 base::Bind(&DeviceCloudPolicyStoreChromeOS::OnPolicyToStoreValidated, |
| 56 weak_factory_.GetWeakPtr())); | 59 weak_factory_.GetWeakPtr())); |
| 57 } | 60 } |
| 58 | 61 |
| 59 void DeviceCloudPolicyStoreChromeOS::Load() { | 62 void DeviceCloudPolicyStoreChromeOS::Load() { |
| 60 device_settings_service_->Load(); | 63 device_settings_service_->Load(); |
| 61 } | 64 } |
| 62 | 65 |
| 63 void DeviceCloudPolicyStoreChromeOS::InstallInitialPolicy( | 66 void DeviceCloudPolicyStoreChromeOS::InstallInitialPolicy( |
| 64 const em::PolicyFetchResponse& policy) { | 67 const em::PolicyFetchResponse& policy) { |
| 65 // Cancel all pending requests. | 68 // Cancel all pending requests. |
| 66 weak_factory_.InvalidateWeakPtrs(); | 69 weak_factory_.InvalidateWeakPtrs(); |
| 67 | 70 |
| 68 if (!install_attributes_->IsEnterpriseDevice() && | 71 if (!install_attributes_->IsEnterpriseDevice() && |
| 69 device_settings_service_->status() != | 72 device_settings_service_->status() != |
| 70 chromeos::DeviceSettingsService::STORE_NO_POLICY) { | 73 chromeos::DeviceSettingsService::STORE_NO_POLICY) { |
| 71 status_ = STATUS_BAD_STATE; | 74 status_ = STATUS_BAD_STATE; |
| 72 NotifyStoreError(); | 75 NotifyStoreError(); |
| 73 return; | 76 return; |
| 74 } | 77 } |
| 75 | 78 |
| 76 scoped_ptr<DeviceCloudPolicyValidator> validator(CreateValidator(policy)); | 79 scoped_ptr<DeviceCloudPolicyValidator> validator(CreateValidator(policy)); |
| 77 validator->ValidateInitialKey(); | 80 validator->ValidateInitialKey(GetPolicyVerificationKey()); |
| 78 validator.release()->StartValidation( | 81 validator.release()->StartValidation( |
| 79 base::Bind(&DeviceCloudPolicyStoreChromeOS::OnPolicyToStoreValidated, | 82 base::Bind(&DeviceCloudPolicyStoreChromeOS::OnPolicyToStoreValidated, |
| 80 weak_factory_.GetWeakPtr())); | 83 weak_factory_.GetWeakPtr())); |
| 81 } | 84 } |
| 82 | 85 |
| 83 void DeviceCloudPolicyStoreChromeOS::OwnershipStatusChanged() { | 86 void DeviceCloudPolicyStoreChromeOS::OwnershipStatusChanged() { |
| 84 // Nothing to do. | 87 // Nothing to do. |
| 85 } | 88 } |
| 86 | 89 |
| 87 void DeviceCloudPolicyStoreChromeOS::DeviceSettingsUpdated() { | 90 void DeviceCloudPolicyStoreChromeOS::DeviceSettingsUpdated() { |
| (...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 158 case chromeos::DeviceSettingsService::STORE_VALIDATION_ERROR: | 161 case chromeos::DeviceSettingsService::STORE_VALIDATION_ERROR: |
| 159 case chromeos::DeviceSettingsService::STORE_TEMP_VALIDATION_ERROR: | 162 case chromeos::DeviceSettingsService::STORE_TEMP_VALIDATION_ERROR: |
| 160 status_ = STATUS_LOAD_ERROR; | 163 status_ = STATUS_LOAD_ERROR; |
| 161 break; | 164 break; |
| 162 } | 165 } |
| 163 | 166 |
| 164 NotifyStoreError(); | 167 NotifyStoreError(); |
| 165 } | 168 } |
| 166 | 169 |
| 167 } // namespace policy | 170 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 116273002:
Added support for signed policy blobs on desktop. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src