Added support for signed policy blobs on desktop.

components/policy/core/common/cloud/policy_builder.h

Index: components/policy/core/common/cloud/policy_builder.h
diff --git a/components/policy/core/common/cloud/policy_builder.h b/components/policy/core/common/cloud/policy_builder.h
index 2298b3aebe2e794f8fbdfd2865a9572478c15909..39d1e988085e6411e8f79e0cb80039770c850903 100644
--- a/components/policy/core/common/cloud/policy_builder.h
+++ b/components/policy/core/common/cloud/policy_builder.h
@@ -60,6 +60,10 @@ class PolicyBuilder {
   void SetSigningKey(const crypto::RSAPrivateKey& key);
   void SetDefaultSigningKey();
   void UnsetSigningKey();

[Mattias Nissler (ping if slow), 2014/01/27 13:52:13]

nit: blank line before comment.

[Andrew T Wilson (Slow), 2014/01/30 17:10:31]

Done.

+  // Sets the default initial signing key - the resulting policy will be signed
+  // by the default signing key, and will have that key set as the
+  // new_public_key field, as if it were an initial key provision.
+  void SetDefaultInitialSigningKey();
 
   scoped_ptr<crypto::RSAPrivateKey> GetNewSigningKey();
   void SetDefaultNewSigningKey();
@@ -79,6 +83,11 @@ class PolicyBuilder {
   static scoped_ptr<crypto::RSAPrivateKey> CreateTestSigningKey();
   static scoped_ptr<crypto::RSAPrivateKey> CreateTestOtherSigningKey();
 
+  // Verification signatures for the two hard-coded testing keys above. These
+  // signatures are valid only for the kFakeDomain domain.
+  static std::string CreateTestSigningKeySignature();
+  static std::string CreateTestOtherSigningKeySignature();
+
  private:
   // Produces |key|'s signature over |data| and stores it in |signature|.
   void SignData(const std::string& data,