| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ | 5 #ifndef COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ |
| 6 #define COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ | 6 #define COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ |
| 7 | 7 |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <memory> |
| 10 #include <string> | 11 #include <string> |
| 11 | 12 |
| 12 #include "base/compiler_specific.h" | 13 #include "base/compiler_specific.h" |
| 13 #include "base/logging.h" | 14 #include "base/logging.h" |
| 14 #include "base/macros.h" | 15 #include "base/macros.h" |
| 15 #include "base/memory/scoped_ptr.h" | |
| 16 #include "build/build_config.h" | 16 #include "build/build_config.h" |
| 17 #include "crypto/rsa_private_key.h" | 17 #include "crypto/rsa_private_key.h" |
| 18 #include "policy/proto/cloud_policy.pb.h" | 18 #include "policy/proto/cloud_policy.pb.h" |
| 19 #include "policy/proto/device_management_backend.pb.h" | 19 #include "policy/proto/device_management_backend.pb.h" |
| 20 | 20 |
| 21 #if !defined(OS_ANDROID) && !defined(OS_IOS) | 21 #if !defined(OS_ANDROID) && !defined(OS_IOS) |
| 22 #include "policy/proto/chrome_extension_policy.pb.h" | 22 #include "policy/proto/chrome_extension_policy.pb.h" |
| 23 #endif | 23 #endif |
| 24 | 24 |
| 25 namespace policy { | 25 namespace policy { |
| (...skipping 26 matching lines...) Expand all Loading... |
| 52 return *policy_data_; | 52 return *policy_data_; |
| 53 } | 53 } |
| 54 void clear_policy_data() { | 54 void clear_policy_data() { |
| 55 policy_data_.reset(); | 55 policy_data_.reset(); |
| 56 } | 56 } |
| 57 | 57 |
| 58 enterprise_management::PolicyFetchResponse& policy() { | 58 enterprise_management::PolicyFetchResponse& policy() { |
| 59 return policy_; | 59 return policy_; |
| 60 } | 60 } |
| 61 | 61 |
| 62 scoped_ptr<crypto::RSAPrivateKey> GetSigningKey(); | 62 std::unique_ptr<crypto::RSAPrivateKey> GetSigningKey(); |
| 63 void SetSigningKey(const crypto::RSAPrivateKey& key); | 63 void SetSigningKey(const crypto::RSAPrivateKey& key); |
| 64 void SetDefaultSigningKey(); | 64 void SetDefaultSigningKey(); |
| 65 void UnsetSigningKey(); | 65 void UnsetSigningKey(); |
| 66 | 66 |
| 67 // Sets the default initial signing key - the resulting policy will be signed | 67 // Sets the default initial signing key - the resulting policy will be signed |
| 68 // by the default signing key, and will have that key set as the | 68 // by the default signing key, and will have that key set as the |
| 69 // new_public_key field, as if it were an initial key provision. | 69 // new_public_key field, as if it were an initial key provision. |
| 70 void SetDefaultInitialSigningKey(); | 70 void SetDefaultInitialSigningKey(); |
| 71 | 71 |
| 72 scoped_ptr<crypto::RSAPrivateKey> GetNewSigningKey(); | 72 std::unique_ptr<crypto::RSAPrivateKey> GetNewSigningKey(); |
| 73 void SetDefaultNewSigningKey(); | 73 void SetDefaultNewSigningKey(); |
| 74 void UnsetNewSigningKey(); | 74 void UnsetNewSigningKey(); |
| 75 | 75 |
| 76 // Assembles the policy components. The resulting policy protobuf is available | 76 // Assembles the policy components. The resulting policy protobuf is available |
| 77 // through policy() after this call. | 77 // through policy() after this call. |
| 78 virtual void Build(); | 78 virtual void Build(); |
| 79 | 79 |
| 80 // Returns a copy of policy(). | 80 // Returns a copy of policy(). |
| 81 scoped_ptr<enterprise_management::PolicyFetchResponse> GetCopy(); | 81 std::unique_ptr<enterprise_management::PolicyFetchResponse> GetCopy(); |
| 82 | 82 |
| 83 // Returns a binary policy blob, i.e. an encoded PolicyFetchResponse. | 83 // Returns a binary policy blob, i.e. an encoded PolicyFetchResponse. |
| 84 std::string GetBlob(); | 84 std::string GetBlob(); |
| 85 | 85 |
| 86 // These return hard-coded testing keys. Don't use in production! | 86 // These return hard-coded testing keys. Don't use in production! |
| 87 static scoped_ptr<crypto::RSAPrivateKey> CreateTestSigningKey(); | 87 static std::unique_ptr<crypto::RSAPrivateKey> CreateTestSigningKey(); |
| 88 static scoped_ptr<crypto::RSAPrivateKey> CreateTestOtherSigningKey(); | 88 static std::unique_ptr<crypto::RSAPrivateKey> CreateTestOtherSigningKey(); |
| 89 | 89 |
| 90 // Verification signatures for the two hard-coded testing keys above. These | 90 // Verification signatures for the two hard-coded testing keys above. These |
| 91 // signatures are valid only for the kFakeDomain domain. | 91 // signatures are valid only for the kFakeDomain domain. |
| 92 static std::string GetTestSigningKeySignature(); | 92 static std::string GetTestSigningKeySignature(); |
| 93 static std::string GetTestOtherSigningKeySignature(); | 93 static std::string GetTestOtherSigningKeySignature(); |
| 94 | 94 |
| 95 std::vector<uint8_t> raw_signing_key() { return raw_signing_key_; } | 95 std::vector<uint8_t> raw_signing_key() { return raw_signing_key_; } |
| 96 std::vector<uint8_t> raw_new_signing_key() { return raw_new_signing_key_; } | 96 std::vector<uint8_t> raw_new_signing_key() { return raw_new_signing_key_; } |
| 97 | 97 |
| 98 private: | 98 private: |
| 99 // Produces |key|'s signature over |data| and stores it in |signature|. | 99 // Produces |key|'s signature over |data| and stores it in |signature|. |
| 100 void SignData(const std::string& data, | 100 void SignData(const std::string& data, |
| 101 crypto::RSAPrivateKey* key, | 101 crypto::RSAPrivateKey* key, |
| 102 std::string* signature); | 102 std::string* signature); |
| 103 | 103 |
| 104 enterprise_management::PolicyFetchResponse policy_; | 104 enterprise_management::PolicyFetchResponse policy_; |
| 105 scoped_ptr<enterprise_management::PolicyData> policy_data_; | 105 std::unique_ptr<enterprise_management::PolicyData> policy_data_; |
| 106 std::string payload_data_; | 106 std::string payload_data_; |
| 107 | 107 |
| 108 // The keys cannot be stored in NSS. Temporary keys are not guaranteed to | 108 // The keys cannot be stored in NSS. Temporary keys are not guaranteed to |
| 109 // remain in the database. Persistent keys require a persistent database, | 109 // remain in the database. Persistent keys require a persistent database, |
| 110 // which would coincide with the user's database. However, these keys are used | 110 // which would coincide with the user's database. However, these keys are used |
| 111 // for signing the policy and don't have to coincide with the user's known | 111 // for signing the policy and don't have to coincide with the user's known |
| 112 // keys. Instead, we store the private keys as raw bytes. Where needed, a | 112 // keys. Instead, we store the private keys as raw bytes. Where needed, a |
| 113 // temporary RSAPrivateKey is created. | 113 // temporary RSAPrivateKey is created. |
| 114 std::vector<uint8_t> raw_signing_key_; | 114 std::vector<uint8_t> raw_signing_key_; |
| 115 std::vector<uint8_t> raw_new_signing_key_; | 115 std::vector<uint8_t> raw_new_signing_key_; |
| (...skipping 22 matching lines...) Expand all Loading... |
| 138 | 138 |
| 139 // PolicyBuilder: | 139 // PolicyBuilder: |
| 140 void Build() override { | 140 void Build() override { |
| 141 if (payload_.get()) | 141 if (payload_.get()) |
| 142 CHECK(payload_->SerializeToString(policy_data().mutable_policy_value())); | 142 CHECK(payload_->SerializeToString(policy_data().mutable_policy_value())); |
| 143 | 143 |
| 144 PolicyBuilder::Build(); | 144 PolicyBuilder::Build(); |
| 145 } | 145 } |
| 146 | 146 |
| 147 private: | 147 private: |
| 148 scoped_ptr<PayloadProto> payload_; | 148 std::unique_ptr<PayloadProto> payload_; |
| 149 | 149 |
| 150 DISALLOW_COPY_AND_ASSIGN(TypedPolicyBuilder); | 150 DISALLOW_COPY_AND_ASSIGN(TypedPolicyBuilder); |
| 151 }; | 151 }; |
| 152 | 152 |
| 153 typedef TypedPolicyBuilder<enterprise_management::CloudPolicySettings> | 153 typedef TypedPolicyBuilder<enterprise_management::CloudPolicySettings> |
| 154 UserPolicyBuilder; | 154 UserPolicyBuilder; |
| 155 | 155 |
| 156 #if !defined(OS_ANDROID) && !defined(OS_IOS) | 156 #if !defined(OS_ANDROID) && !defined(OS_IOS) |
| 157 typedef TypedPolicyBuilder<enterprise_management::ExternalPolicyData> | 157 typedef TypedPolicyBuilder<enterprise_management::ExternalPolicyData> |
| 158 ComponentPolicyBuilder; | 158 ComponentPolicyBuilder; |
| 159 #endif | 159 #endif |
| 160 | 160 |
| 161 } // namespace policy | 161 } // namespace policy |
| 162 | 162 |
| 163 #endif // COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ | 163 #endif // COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1902633006:
Convert //components/policy from scoped_ptr to std::unique_ptr (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master