OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ | 5 #ifndef COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ |
6 #define COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ | 6 #define COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ |
7 | 7 |
| 8 #include <stdint.h> |
| 9 |
8 #include <string> | 10 #include <string> |
9 | 11 |
10 #include "base/basictypes.h" | |
11 #include "base/compiler_specific.h" | 12 #include "base/compiler_specific.h" |
12 #include "base/logging.h" | 13 #include "base/logging.h" |
| 14 #include "base/macros.h" |
13 #include "base/memory/scoped_ptr.h" | 15 #include "base/memory/scoped_ptr.h" |
| 16 #include "build/build_config.h" |
14 #include "crypto/rsa_private_key.h" | 17 #include "crypto/rsa_private_key.h" |
15 #include "policy/proto/cloud_policy.pb.h" | 18 #include "policy/proto/cloud_policy.pb.h" |
16 #include "policy/proto/device_management_backend.pb.h" | 19 #include "policy/proto/device_management_backend.pb.h" |
17 | 20 |
18 #if !defined(OS_ANDROID) && !defined(OS_IOS) | 21 #if !defined(OS_ANDROID) && !defined(OS_IOS) |
19 #include "policy/proto/chrome_extension_policy.pb.h" | 22 #include "policy/proto/chrome_extension_policy.pb.h" |
20 #endif | 23 #endif |
21 | 24 |
22 namespace policy { | 25 namespace policy { |
23 | 26 |
24 // A helper class for testing that provides a straightforward interface for | 27 // A helper class for testing that provides a straightforward interface for |
25 // constructing policy blobs for use in testing. NB: This uses fake data and | 28 // constructing policy blobs for use in testing. NB: This uses fake data and |
26 // hard-coded signing keys by default, so should not be used in production code. | 29 // hard-coded signing keys by default, so should not be used in production code. |
27 class PolicyBuilder { | 30 class PolicyBuilder { |
28 public: | 31 public: |
29 // Constants used as dummy data for filling the PolicyData protobuf. | 32 // Constants used as dummy data for filling the PolicyData protobuf. |
30 static const char kFakeDeviceId[]; | 33 static const char kFakeDeviceId[]; |
31 static const char kFakeDomain[]; | 34 static const char kFakeDomain[]; |
32 static const char kFakeMachineName[]; | 35 static const char kFakeMachineName[]; |
33 static const char kFakePolicyType[]; | 36 static const char kFakePolicyType[]; |
34 static const int kFakePublicKeyVersion; | 37 static const int kFakePublicKeyVersion; |
35 static const int64 kFakeTimestamp; | 38 static const int64_t kFakeTimestamp; |
36 static const char kFakeToken[]; | 39 static const char kFakeToken[]; |
37 static const char kFakeUsername[]; | 40 static const char kFakeUsername[]; |
38 static const char kFakeServiceAccountIdentity[]; | 41 static const char kFakeServiceAccountIdentity[]; |
39 | 42 |
40 // Creates a policy builder. The builder will have all PolicyData fields | 43 // Creates a policy builder. The builder will have all PolicyData fields |
41 // initialized to dummy values and use the test signing keys. | 44 // initialized to dummy values and use the test signing keys. |
42 PolicyBuilder(); | 45 PolicyBuilder(); |
43 virtual ~PolicyBuilder(); | 46 virtual ~PolicyBuilder(); |
44 | 47 |
45 // Use this member to access the PolicyData protobuf. | 48 // Use this member to access the PolicyData protobuf. |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
82 | 85 |
83 // These return hard-coded testing keys. Don't use in production! | 86 // These return hard-coded testing keys. Don't use in production! |
84 static scoped_ptr<crypto::RSAPrivateKey> CreateTestSigningKey(); | 87 static scoped_ptr<crypto::RSAPrivateKey> CreateTestSigningKey(); |
85 static scoped_ptr<crypto::RSAPrivateKey> CreateTestOtherSigningKey(); | 88 static scoped_ptr<crypto::RSAPrivateKey> CreateTestOtherSigningKey(); |
86 | 89 |
87 // Verification signatures for the two hard-coded testing keys above. These | 90 // Verification signatures for the two hard-coded testing keys above. These |
88 // signatures are valid only for the kFakeDomain domain. | 91 // signatures are valid only for the kFakeDomain domain. |
89 static std::string GetTestSigningKeySignature(); | 92 static std::string GetTestSigningKeySignature(); |
90 static std::string GetTestOtherSigningKeySignature(); | 93 static std::string GetTestOtherSigningKeySignature(); |
91 | 94 |
92 std::vector<uint8> raw_signing_key() { return raw_signing_key_; } | 95 std::vector<uint8_t> raw_signing_key() { return raw_signing_key_; } |
93 std::vector<uint8> raw_new_signing_key() { return raw_new_signing_key_; } | 96 std::vector<uint8_t> raw_new_signing_key() { return raw_new_signing_key_; } |
94 | 97 |
95 private: | 98 private: |
96 // Produces |key|'s signature over |data| and stores it in |signature|. | 99 // Produces |key|'s signature over |data| and stores it in |signature|. |
97 void SignData(const std::string& data, | 100 void SignData(const std::string& data, |
98 crypto::RSAPrivateKey* key, | 101 crypto::RSAPrivateKey* key, |
99 std::string* signature); | 102 std::string* signature); |
100 | 103 |
101 enterprise_management::PolicyFetchResponse policy_; | 104 enterprise_management::PolicyFetchResponse policy_; |
102 scoped_ptr<enterprise_management::PolicyData> policy_data_; | 105 scoped_ptr<enterprise_management::PolicyData> policy_data_; |
103 std::string payload_data_; | 106 std::string payload_data_; |
104 | 107 |
105 // The keys cannot be stored in NSS. Temporary keys are not guaranteed to | 108 // The keys cannot be stored in NSS. Temporary keys are not guaranteed to |
106 // remain in the database. Persistent keys require a persistent database, | 109 // remain in the database. Persistent keys require a persistent database, |
107 // which would coincide with the user's database. However, these keys are used | 110 // which would coincide with the user's database. However, these keys are used |
108 // for signing the policy and don't have to coincide with the user's known | 111 // for signing the policy and don't have to coincide with the user's known |
109 // keys. Instead, we store the private keys as raw bytes. Where needed, a | 112 // keys. Instead, we store the private keys as raw bytes. Where needed, a |
110 // temporary RSAPrivateKey is created. | 113 // temporary RSAPrivateKey is created. |
111 std::vector<uint8> raw_signing_key_; | 114 std::vector<uint8_t> raw_signing_key_; |
112 std::vector<uint8> raw_new_signing_key_; | 115 std::vector<uint8_t> raw_new_signing_key_; |
113 std::string raw_new_signing_key_signature_; | 116 std::string raw_new_signing_key_signature_; |
114 | 117 |
115 DISALLOW_COPY_AND_ASSIGN(PolicyBuilder); | 118 DISALLOW_COPY_AND_ASSIGN(PolicyBuilder); |
116 }; | 119 }; |
117 | 120 |
118 // Type-parameterized PolicyBuilder extension that allows for building policy | 121 // Type-parameterized PolicyBuilder extension that allows for building policy |
119 // blobs carrying protobuf payloads. | 122 // blobs carrying protobuf payloads. |
120 template<typename PayloadProto> | 123 template<typename PayloadProto> |
121 class TypedPolicyBuilder : public PolicyBuilder { | 124 class TypedPolicyBuilder : public PolicyBuilder { |
122 public: | 125 public: |
(...skipping 28 matching lines...) Expand all Loading... |
151 UserPolicyBuilder; | 154 UserPolicyBuilder; |
152 | 155 |
153 #if !defined(OS_ANDROID) && !defined(OS_IOS) | 156 #if !defined(OS_ANDROID) && !defined(OS_IOS) |
154 typedef TypedPolicyBuilder<enterprise_management::ExternalPolicyData> | 157 typedef TypedPolicyBuilder<enterprise_management::ExternalPolicyData> |
155 ComponentPolicyBuilder; | 158 ComponentPolicyBuilder; |
156 #endif | 159 #endif |
157 | 160 |
158 } // namespace policy | 161 } // namespace policy |
159 | 162 |
160 #endif // COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ | 163 #endif // COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ |
OLD | NEW |