| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/policy_builder.h" | 5 #include "chrome/browser/policy/policy_builder.h" |
| 6 | 6 |
| 7 #include <vector> | |
| 8 | |
| 9 #include "base/logging.h" | 7 #include "base/logging.h" |
| 10 #include "base/stl_util.h" | 8 #include "base/stl_util.h" |
| 11 #include "chrome/browser/policy/cloud_policy_constants.h" | 9 #include "chrome/browser/policy/cloud_policy_constants.h" |
| 12 #include "chrome/browser/policy/proto/chrome_device_policy.pb.h" | 10 #include "chrome/browser/policy/proto/chrome_device_policy.pb.h" |
| 13 #include "crypto/signature_creator.h" | 11 #include "crypto/signature_creator.h" |
| 14 | 12 |
| 15 namespace em = enterprise_management; | 13 namespace em = enterprise_management; |
| 16 | 14 |
| 17 namespace policy { | 15 namespace policy { |
| 18 | 16 |
| (...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 115 if (policy_data_.get()) | 113 if (policy_data_.get()) |
| 116 CHECK(policy_data_->SerializeToString(policy_.mutable_policy_data())); | 114 CHECK(policy_data_->SerializeToString(policy_.mutable_policy_data())); |
| 117 | 115 |
| 118 // Generate signatures if applicable. | 116 // Generate signatures if applicable. |
| 119 crypto::RSAPrivateKey* policy_signing_key = signing_key_.get(); | 117 crypto::RSAPrivateKey* policy_signing_key = signing_key_.get(); |
| 120 if (new_signing_key_.get()) { | 118 if (new_signing_key_.get()) { |
| 121 policy_signing_key = new_signing_key_.get(); | 119 policy_signing_key = new_signing_key_.get(); |
| 122 | 120 |
| 123 // Add the new public key. | 121 // Add the new public key. |
| 124 std::vector<uint8> raw_new_public_signing_key; | 122 std::vector<uint8> raw_new_public_signing_key; |
| 125 CHECK(new_signing_key_->ExportPublicKey(&raw_new_public_signing_key)); | 123 GetNewPublicKey(&raw_new_public_signing_key); |
| 126 policy_.set_new_public_key(vector_as_array(&raw_new_public_signing_key), | 124 policy_.set_new_public_key(vector_as_array(&raw_new_public_signing_key), |
| 127 raw_new_public_signing_key.size()); | 125 raw_new_public_signing_key.size()); |
| 128 | 126 |
| 129 // New public key signature. | 127 // New public key signature. |
| 130 if (signing_key_.get()) { | 128 if (signing_key_.get()) { |
| 131 SignData(policy_.new_public_key(), signing_key_.get(), | 129 SignData(policy_.new_public_key(), signing_key_.get(), |
| 132 policy_.mutable_new_public_key_signature()); | 130 policy_.mutable_new_public_key_signature()); |
| 133 } | 131 } |
| 134 } | 132 } |
| 135 | 133 |
| 136 // PolicyData signature. | 134 // PolicyData signature. |
| 137 if (policy_signing_key) { | 135 if (policy_signing_key) { |
| 138 SignData(policy_.policy_data(), policy_signing_key, | 136 SignData(policy_.policy_data(), policy_signing_key, |
| 139 policy_.mutable_policy_data_signature()); | 137 policy_.mutable_policy_data_signature()); |
| 140 } | 138 } |
| 141 } | 139 } |
| 142 | 140 |
| 143 std::string PolicyBuilder::GetBlob() { | 141 std::string PolicyBuilder::GetBlob() { |
| 144 return policy_.SerializeAsString(); | 142 return policy_.SerializeAsString(); |
| 145 } | 143 } |
| 146 | 144 |
| 145 void PolicyBuilder::GetPublicKey(std::vector<uint8>* public_key) { |
| 146 CHECK(public_key); |
| 147 CHECK(signing_key_); |
| 148 CHECK(signing_key_->ExportPublicKey(public_key)); |
| 149 } |
| 150 |
| 151 void PolicyBuilder::GetNewPublicKey(std::vector<uint8>* public_key) { |
| 152 CHECK(public_key); |
| 153 CHECK(new_signing_key_); |
| 154 CHECK(new_signing_key_->ExportPublicKey(public_key)); |
| 155 } |
| 156 |
| 147 scoped_ptr<em::PolicyFetchResponse> PolicyBuilder::GetCopy() { | 157 scoped_ptr<em::PolicyFetchResponse> PolicyBuilder::GetCopy() { |
| 148 scoped_ptr<em::PolicyFetchResponse> result(new em::PolicyFetchResponse()); | 158 scoped_ptr<em::PolicyFetchResponse> result(new em::PolicyFetchResponse()); |
| 149 result->CopyFrom(policy_); | 159 result->CopyFrom(policy_); |
| 150 return result.Pass(); | 160 return result.Pass(); |
| 151 } | 161 } |
| 152 | 162 |
| 153 // static | 163 // static |
| 154 scoped_ptr<crypto::RSAPrivateKey> PolicyBuilder::CreateTestSigningKey() { | 164 scoped_ptr<crypto::RSAPrivateKey> PolicyBuilder::CreateTestSigningKey() { |
| 155 std::vector<uint8> raw_signing_key( | 165 std::vector<uint8> raw_signing_key( |
| 156 kSigningKey, kSigningKey + arraysize(kSigningKey)); | 166 kSigningKey, kSigningKey + arraysize(kSigningKey)); |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 205 CHECK(payload_->SerializeToString(policy_data().mutable_policy_value())); | 215 CHECK(payload_->SerializeToString(policy_data().mutable_policy_value())); |
| 206 | 216 |
| 207 PolicyBuilder::Build(); | 217 PolicyBuilder::Build(); |
| 208 } | 218 } |
| 209 | 219 |
| 210 // Have the instantiations compiled into the module. | 220 // Have the instantiations compiled into the module. |
| 211 template class TypedPolicyBuilder<em::CloudPolicySettings>; | 221 template class TypedPolicyBuilder<em::CloudPolicySettings>; |
| 212 template class TypedPolicyBuilder<em::ChromeDeviceSettingsProto>; | 222 template class TypedPolicyBuilder<em::ChromeDeviceSettingsProto>; |
| 213 | 223 |
| 214 } // namespace policy | 224 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12183017:
Verify the signature on user cloud policy downloads. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src