Verify the signature on user cloud policy downloads.

chrome/browser/policy/policy_builder.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/policy/policy_builder.h"
 
-#include <vector>
-
 #include "base/logging.h"
 #include "base/stl_util.h"
 #include "chrome/browser/policy/cloud_policy_constants.h"
 #include "chrome/browser/policy/proto/chrome_device_policy.pb.h"
 #include "crypto/signature_creator.h"
 
 namespace em = enterprise_management;
 
 namespace policy {
 
@@ skipping 96 matching lines @@
   if (policy_data_.get())
     CHECK(policy_data_->SerializeToString(policy_.mutable_policy_data()));
 
   // Generate signatures if applicable.
   crypto::RSAPrivateKey* policy_signing_key = signing_key_.get();
   if (new_signing_key_.get()) {
     policy_signing_key = new_signing_key_.get();
 
     // Add the new public key.
     std::vector<uint8> raw_new_public_signing_key;
-    CHECK(new_signing_key_->ExportPublicKey(&raw_new_public_signing_key));
+    GetNewPublicKey(&raw_new_public_signing_key);
     policy_.set_new_public_key(vector_as_array(&raw_new_public_signing_key),
                                raw_new_public_signing_key.size());
 
     // New public key signature.
     if (signing_key_.get()) {
       SignData(policy_.new_public_key(), signing_key_.get(),
                policy_.mutable_new_public_key_signature());
     }
   }
 
   // PolicyData signature.
   if (policy_signing_key) {
     SignData(policy_.policy_data(), policy_signing_key,
              policy_.mutable_policy_data_signature());
   }
 }
 
 std::string PolicyBuilder::GetBlob() {
   return policy_.SerializeAsString();
 }
 
+void PolicyBuilder::GetPublicKey(std::vector<uint8>* public_key) {
+  CHECK(public_key);
+  CHECK(signing_key_);
+  CHECK(signing_key_->ExportPublicKey(public_key));

[Mattias Nissler (ping if slow), 2013/02/06 17:58:25]

What's the value in adding these helpers?

[Joao da Silva, 2013/02/07 16:32:00]

They're used in the unit test.

[Mattias Nissler (ping if slow), 2013/02/08 13:36:42]

Well, but the unit test could just call ExportPublicKey directly? The CHECKs in
146 and 147 are redundant anyways. If you feel strong about keeping the helpers,
you should probably also fix all code that makes these calls directly (I believe
there are a few).

[Joao da Silva, 2013/02/08 16:47:04]

That's right, reverted these helpers.

+}
+
+void PolicyBuilder::GetNewPublicKey(std::vector<uint8>* public_key) {
+  CHECK(public_key);
+  CHECK(new_signing_key_);
+  CHECK(new_signing_key_->ExportPublicKey(public_key));
+}
+
 scoped_ptr<em::PolicyFetchResponse> PolicyBuilder::GetCopy() {
   scoped_ptr<em::PolicyFetchResponse> result(new em::PolicyFetchResponse());
   result->CopyFrom(policy_);
   return result.Pass();
 }
 
 // static
 scoped_ptr<crypto::RSAPrivateKey> PolicyBuilder::CreateTestSigningKey() {
   std::vector<uint8> raw_signing_key(
       kSigningKey, kSigningKey + arraysize(kSigningKey));
@@ skipping 48 matching lines @@
     CHECK(payload_->SerializeToString(policy_data().mutable_policy_value()));
 
   PolicyBuilder::Build();
 }
 
 // Have the instantiations compiled into the module.
 template class TypedPolicyBuilder<em::CloudPolicySettings>;
 template class TypedPolicyBuilder<em::ChromeDeviceSettingsProto>;
 
 }  // namespace policy