Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(557)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/policy/core/common/cloud/cloud_policy_validator.h

Issue 143183007: Update policy signature verification to include policy domain. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fixed style error. Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/chromeos/settings/session_manager_operation.cc ('K') | « chrome/browser/chromeos/settings/session_manager_operation_unittest.cc ('k') | components/policy/core/common/cloud/cloud_policy_validator.cc » ('j') | components/policy/core/common/cloud/cloud_policy_validator.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/policy/core/common/cloud/cloud_policy_validator.h
diff --git a/components/policy/core/common/cloud/cloud_policy_validator.h b/components/policy/core/common/cloud/cloud_policy_validator.h
index e5a8ced8ab6e5a74dd2ec7bde701897f4fc1a2c2..3ed22080622d315518578de59a0ef7ce3bfc448a 100644
--- a/components/policy/core/common/cloud/cloud_policy_validator.h
+++ b/components/policy/core/common/cloud/cloud_policy_validator.h
@@ -147,16 +147,23 @@ class POLICY_EXPORT CloudPolicyValidatorBase {
// Validates that the payload can be decoded successfully.
void ValidatePayload();
+ // Verifies that |cached_key| is valid, by verifying the
+ // |cached_key_signature| using the passed |owning_domain| and
+ // |verification_key|.
+ void ValidateCachedKey(const std::string& cached_key,
+ const std::string& cached_key_signature,
+ const std::string& verification_key,
+ const std::string& owning_domain);
+
// Verifies that the signature on the policy blob verifies against |key|. If
// |allow_key_rotation| is true and there is a key rotation present in the
// policy blob, this checks the signature on the new key against |key| and the
// policy blob against the new key. New key is also validated using the passed
- // |verification_key| and the |new_public_key_verification_signature| field.
- // If |key_signature| is non-empty, then |key| is also verified against that
- // signature (useful when dealing with cached keys from untrusted sources).
+ // |verification_key| and |owning_domain|, and the
+ // |new_public_key_verification_signature| field.
void ValidateSignature(const std::string& key,
const std::string& verification_key,
- const std::string& key_signature,
+ const std::string& owning_domain,
bool allow_key_rotation);
// Similar to ValidateSignature(), this checks the signature on the
@@ -165,7 +172,8 @@ class POLICY_EXPORT CloudPolicyValidatorBase {
// be called at setup time when there is no existing policy key present to
// check against. New key is validated using the passed |verification_key| and
// the new_public_key_verification_signature field.
- void ValidateInitialKey(const std::string& verification_key);
+ void ValidateInitialKey(const std::string& verification_key,
+ const std::string& owning_domain);
// Convenience helper that configures timestamp and token validation based on
// the current policy blob. |policy_data| may be NULL, in which case the
@@ -205,6 +213,7 @@ class POLICY_EXPORT CloudPolicyValidatorBase {
VALIDATE_PAYLOAD = 1 << 6,
VALIDATE_SIGNATURE = 1 << 7,
VALIDATE_INITIAL_KEY = 1 << 8,
+ VALIDATE_CACHED_KEY = 1 << 9,
};
enum SignatureType {
@@ -236,9 +245,14 @@ class POLICY_EXPORT CloudPolicyValidatorBase {
const std::string& server_key,
const std::string& signature);
- // Sets the key used to verify new public keys, and ensures that callers
- // don't try to set conflicting keys.
- void set_verification_key(const std::string& verification_key);
+ // Returns the domain name from the policy being validated. Returns an
+ // empty string if the policy does not contain a username field.
+ std::string ExtractDomainFromPolicy();
+
+ // Sets the key and domain used to verify new public keys, and ensures that
+ // callers don't try to set conflicting values.
+ void set_verification_key_and_domain(const std::string& verification_key,
+ const std::string& owning_domain);
// Helper functions implementing individual checks.
Status CheckTimestamp();
@@ -250,6 +264,7 @@ class POLICY_EXPORT CloudPolicyValidatorBase {
Status CheckPayload();
Status CheckSignature();
Status CheckInitialKey();
+ Status CheckCachedKey();
// Verifies the SHA1/ or SHA256/RSA |signature| on |data| against |key|.
// |signature_type| specifies the type of signature (SHA1 or SHA256).
@@ -274,8 +289,10 @@ class POLICY_EXPORT CloudPolicyValidatorBase {
std::string policy_type_;
std::string settings_entity_id_;
std::string key_;
- std::string key_signature_;
+ std::string cached_key_;
+ std::string cached_key_signature_;
std::string verification_key_;
+ std::string owning_domain_;
bool allow_key_rotation_;
scoped_refptr<base::SequencedTaskRunner> background_task_runner_;
« chrome/browser/chromeos/settings/session_manager_operation.cc ('K') | « chrome/browser/chromeos/settings/session_manager_operation_unittest.cc ('k') | components/policy/core/common/cloud/cloud_policy_validator.cc » ('j') | components/policy/core/common/cloud/cloud_policy_validator.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698