Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1669)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/policy/user_cloud_policy_store_chromeos.h

Issue 12183017: Verify the signature on user cloud policy downloads. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Comment Created 7 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/policy/policy_builder.cc ('K') | « chrome/browser/policy/policy_builder.cc ('k') | chrome/browser/policy/user_cloud_policy_store_chromeos.cc » ('j') | chrome/browser/policy/user_cloud_policy_store_chromeos.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/policy/user_cloud_policy_store_chromeos.h
diff --git a/chrome/browser/policy/user_cloud_policy_store_chromeos.h b/chrome/browser/policy/user_cloud_policy_store_chromeos.h
index 0473a423b484c26bafb60c6cd3f80d4dd688e9e3..7bfb70f25c297ba77b5cbf6d54b2b11a1b576564 100644
--- a/chrome/browser/policy/user_cloud_policy_store_chromeos.h
+++ b/chrome/browser/policy/user_cloud_policy_store_chromeos.h
@@ -14,14 +14,17 @@
#include "base/memory/weak_ptr.h"
#include "chrome/browser/policy/cloud_policy_validator.h"
#include "chrome/browser/policy/user_cloud_policy_store_base.h"
+#include "chromeos/dbus/dbus_method_call_status.h"
namespace chromeos {
+class CryptohomeClient;
class SessionManagerClient;
}
namespace policy {
class LegacyPolicyCacheLoader;
+class UserPolicyKey;
// Implements a cloud policy store backed by the Chrome OS' session_manager,
// which takes care of persisting policy to disk and is accessed via DBus calls
@@ -33,8 +36,10 @@ class LegacyPolicyCacheLoader;
class UserCloudPolicyStoreChromeOS : public UserCloudPolicyStoreBase {
public:
UserCloudPolicyStoreChromeOS(
+ chromeos::CryptohomeClient* cryptohome_client,
chromeos::SessionManagerClient* session_manager_client,
const std::string& username,
+ const FilePath& user_policy_key_dir,
const FilePath& legacy_token_cache_file,
const FilePath& legacy_policy_cache_file);
virtual ~UserCloudPolicyStoreChromeOS();
@@ -45,24 +50,27 @@ class UserCloudPolicyStoreChromeOS : public UserCloudPolicyStoreBase {
virtual void Load() OVERRIDE;
private:
- // Called back from SessionManagerClient for policy load operations.
- void OnPolicyRetrieved(const std::string& policy_blob);
-
- // Completion handler for policy validation on the Load() path. Installs the
- // policy and publishes it if validation succeeded.
- void OnRetrievedPolicyValidated(UserCloudPolicyValidator* validator);
+ // Starts validation of |policy| before storing it.
+ void ValidatePolicyForStore(
+ scoped_ptr<enterprise_management::PolicyFetchResponse> policy);
- // Completion handler for policy validation on the Load() path. Starts a store
- // operation if the validation succeeded.
+ // Completion handler for policy validation on the Store() path.
+ // Starts a store operation if the validation succeeded.
void OnPolicyToStoreValidated(UserCloudPolicyValidator* validator);
// Called back from SessionManagerClient for policy store operations.
void OnPolicyStored(bool);
- // Starts policy blob validation.
- void Validate(
- scoped_ptr<enterprise_management::PolicyFetchResponse> policy,
- const UserCloudPolicyValidator::CompletionCallback& callback);
+ // Called back from SessionManagerClient for policy load operations.
+ void OnPolicyRetrieved(const std::string& policy_blob);
+
+ // Starts validation of the loaded |policy| before installing it.
+ void ValidateRetrievedPolicy(
+ scoped_ptr<enterprise_management::PolicyFetchResponse> policy);
+
+ // Completion handler for policy validation on the Load() path. Installs the
+ // policy and publishes it if validation succeeded.
+ void OnRetrievedPolicyValidated(UserCloudPolicyValidator* validator);
// Callback for loading legacy caches.
void OnLegacyLoadFinished(
@@ -83,8 +91,17 @@ class UserCloudPolicyStoreChromeOS : public UserCloudPolicyStoreBase {
// Removes the passed-in legacy cache directory.
static void RemoveLegacyCacheDir(const FilePath& dir);
+ void EnsurePolicyKeyLoaded(const base::Closure& callback);
Mattias Nissler (ping if slow) 2013/02/07 14:12:07 document.
Joao da Silva 2013/02/07 16:32:00 Done.
+
+ // Callback for getting the sanitized username from |cryptohome_client_|.
+ void OnGetSanitizedUsername(const base::Closure& callback,
+ chromeos::DBusMethodCallStatus call_status,
+ const std::string& sanitized_username);
+
+ chromeos::CryptohomeClient* cryptohome_client_;
chromeos::SessionManagerClient* session_manager_client_;
const std::string username_;
+ FilePath user_policy_key_dir_;
base::WeakPtrFactory<UserCloudPolicyStoreChromeOS> weak_factory_;
@@ -94,6 +111,8 @@ class UserCloudPolicyStoreChromeOS : public UserCloudPolicyStoreBase {
scoped_ptr<LegacyPolicyCacheLoader> legacy_loader_;
bool legacy_caches_loaded_;
+ scoped_ptr<UserPolicyKey> policy_key_;
+
DISALLOW_COPY_AND_ASSIGN(UserCloudPolicyStoreChromeOS);
};
« chrome/browser/policy/policy_builder.cc ('K') | « chrome/browser/policy/policy_builder.cc ('k') | chrome/browser/policy/user_cloud_policy_store_chromeos.cc » ('j') | chrome/browser/policy/user_cloud_policy_store_chromeos.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698