| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_store.h" | 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_store.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/callback.h" | 8 #include "base/callback.h" |
| 9 #include "base/values.h" | 9 #include "base/values.h" |
| 10 #include "chrome/browser/browser_process.h" |
| 11 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" |
| 10 #include "chromeos/dbus/power_policy_controller.h" | 12 #include "chromeos/dbus/power_policy_controller.h" |
| 11 #include "chromeos/dbus/session_manager_client.h" | 13 #include "chromeos/dbus/session_manager_client.h" |
| 12 #include "components/policy/core/common/cloud/device_management_service.h" | 14 #include "components/policy/core/common/cloud/device_management_service.h" |
| 13 #include "components/policy/core/common/external_data_fetcher.h" | 15 #include "components/policy/core/common/external_data_fetcher.h" |
| 14 #include "components/policy/core/common/policy_types.h" | 16 #include "components/policy/core/common/policy_types.h" |
| 15 #include "policy/policy_constants.h" | 17 #include "policy/policy_constants.h" |
| 16 #include "policy/proto/cloud_policy.pb.h" | 18 #include "policy/proto/cloud_policy.pb.h" |
| 17 #include "policy/proto/device_management_backend.pb.h" | 19 #include "policy/proto/device_management_backend.pb.h" |
| 18 | 20 |
| 19 namespace em = enterprise_management; | 21 namespace em = enterprise_management; |
| (...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 183 // The timestamp is verified when storing a new policy downloaded from the | 185 // The timestamp is verified when storing a new policy downloaded from the |
| 184 // server but not when loading a cached policy from disk. | 186 // server but not when loading a cached policy from disk. |
| 185 // See SessionManagerOperation::ValidateDeviceSettings for the rationale. | 187 // See SessionManagerOperation::ValidateDeviceSettings for the rationale. |
| 186 validator->ValidateAgainstCurrentPolicy( | 188 validator->ValidateAgainstCurrentPolicy( |
| 187 policy(), | 189 policy(), |
| 188 valid_timestamp_required | 190 valid_timestamp_required |
| 189 ? CloudPolicyValidatorBase::TIMESTAMP_REQUIRED | 191 ? CloudPolicyValidatorBase::TIMESTAMP_REQUIRED |
| 190 : CloudPolicyValidatorBase::TIMESTAMP_NOT_REQUIRED, | 192 : CloudPolicyValidatorBase::TIMESTAMP_NOT_REQUIRED, |
| 191 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED); | 193 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED); |
| 192 validator->ValidatePayload(); | 194 validator->ValidatePayload(); |
| 195 policy::BrowserPolicyConnectorChromeOS* connector = |
| 196 g_browser_process->platform_part()->browser_policy_connector_chromeos(); |
| 193 validator->ValidateSignature(key->public_key_as_string(), | 197 validator->ValidateSignature(key->public_key_as_string(), |
| 194 GetPolicyVerificationKey(), | 198 GetPolicyVerificationKey(), |
| 195 std::string(), | 199 connector->GetEnterpriseDomain(), |
| 196 false); | 200 false); |
| 197 validator.release()->StartValidation(callback); | 201 validator.release()->StartValidation(callback); |
| 198 } | 202 } |
| 199 | 203 |
| 200 } // namespace policy | 204 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 143183007:
Update policy signature verification to include policy domain. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src