| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" |
| 6 | 6 |
| 7 #include <stdint.h> |
| 7 #include <memory> | 8 #include <memory> |
| 8 #include <string> | 9 #include <string> |
| 9 #include <vector> | 10 #include <vector> |
| 10 | 11 |
| 11 #include "base/compiler_specific.h" | 12 #include "base/compiler_specific.h" |
| 12 #include "base/macros.h" | 13 #include "base/macros.h" |
| 13 #include "base/run_loop.h" | 14 #include "base/run_loop.h" |
| 14 #include "base/threading/thread_task_runner_handle.h" | 15 #include "base/threading/thread_task_runner_handle.h" |
| 15 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" | 16 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" |
| 16 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" | 17 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" |
| 17 #include "chrome/browser/chromeos/settings/install_attributes.h" | 18 #include "chrome/browser/chromeos/settings/install_attributes.h" |
| 18 #include "chrome/test/base/scoped_testing_local_state.h" | 19 #include "chrome/test/base/scoped_testing_local_state.h" |
| 19 #include "chrome/test/base/testing_browser_process.h" | 20 #include "chrome/test/base/testing_browser_process.h" |
| 20 #include "chromeos/cryptohome/cryptohome_util.h" | 21 #include "chromeos/cryptohome/cryptohome_util.h" |
| 21 #include "chromeos/dbus/dbus_thread_manager.h" | 22 #include "chromeos/dbus/dbus_thread_manager.h" |
| 22 #include "chromeos/dbus/fake_cryptohome_client.h" | 23 #include "chromeos/dbus/fake_cryptohome_client.h" |
| 23 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 24 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| 24 #include "components/policy/policy_constants.h" | 25 #include "components/policy/policy_constants.h" |
| 25 #include "components/policy/proto/device_management_backend.pb.h" | 26 #include "components/policy/proto/device_management_backend.pb.h" |
| 26 #include "content/public/test/test_utils.h" | 27 #include "content/public/test/test_utils.h" |
| 28 #include "crypto/rsa_private_key.h" |
| 27 #include "testing/gtest/include/gtest/gtest.h" | 29 #include "testing/gtest/include/gtest/gtest.h" |
| 28 | 30 |
| 29 namespace em = enterprise_management; | 31 namespace em = enterprise_management; |
| 30 | 32 |
| 31 namespace policy { | 33 namespace policy { |
| 32 | 34 |
| 33 namespace { | 35 namespace { |
| 34 | 36 |
| 35 void CopyLockResult(base::RunLoop* loop, | 37 void CopyLockResult(base::RunLoop* loop, |
| 36 chromeos::InstallAttributes::LockResult* out, | 38 chromeos::InstallAttributes::LockResult* out, |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 70 base::Bind(&CopyLockResult, &loop, &result)); | 72 base::Bind(&CopyLockResult, &loop, &result)); |
| 71 loop.Run(); | 73 loop.Run(); |
| 72 ASSERT_EQ(chromeos::InstallAttributes::LOCK_SUCCESS, result); | 74 ASSERT_EQ(chromeos::InstallAttributes::LOCK_SUCCESS, result); |
| 73 } | 75 } |
| 74 | 76 |
| 75 void ExpectFailure(CloudPolicyStore::Status expected_status) { | 77 void ExpectFailure(CloudPolicyStore::Status expected_status) { |
| 76 EXPECT_EQ(expected_status, store_->status()); | 78 EXPECT_EQ(expected_status, store_->status()); |
| 77 EXPECT_TRUE(store_->is_initialized()); | 79 EXPECT_TRUE(store_->is_initialized()); |
| 78 EXPECT_FALSE(store_->has_policy()); | 80 EXPECT_FALSE(store_->has_policy()); |
| 79 EXPECT_FALSE(store_->is_managed()); | 81 EXPECT_FALSE(store_->is_managed()); |
| 82 EXPECT_EQ(std::string(), store_->public_key()); |
| 80 } | 83 } |
| 81 | 84 |
| 82 void ExpectSuccess() { | 85 void ExpectSuccess() { |
| 83 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); | 86 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); |
| 84 EXPECT_TRUE(store_->is_initialized()); | 87 EXPECT_TRUE(store_->is_initialized()); |
| 85 EXPECT_TRUE(store_->has_policy()); | 88 EXPECT_TRUE(store_->has_policy()); |
| 86 EXPECT_TRUE(store_->is_managed()); | 89 EXPECT_TRUE(store_->is_managed()); |
| 87 EXPECT_TRUE(store_->policy()); | 90 EXPECT_TRUE(store_->policy()); |
| 88 base::FundamentalValue expected(false); | 91 base::FundamentalValue expected(false); |
| 89 EXPECT_TRUE( | 92 EXPECT_TRUE( |
| 90 base::Value::Equals(&expected, | 93 base::Value::Equals(&expected, |
| 91 store_->policy_map().GetValue( | 94 store_->policy_map().GetValue( |
| 92 key::kDeviceMetricsReportingEnabled))); | 95 key::kDeviceMetricsReportingEnabled))); |
| 96 EXPECT_NE(std::string(), store_->public_key()); |
| 93 } | 97 } |
| 94 | 98 |
| 95 void PrepareExistingPolicy() { | 99 void PrepareExistingPolicy() { |
| 96 store_->Load(); | 100 store_->Load(); |
| 97 FlushDeviceSettings(); | 101 FlushDeviceSettings(); |
| 98 ExpectSuccess(); | 102 ExpectSuccess(); |
| 99 | 103 |
| 100 device_policy_.UnsetNewSigningKey(); | 104 device_policy_.UnsetNewSigningKey(); |
| 101 device_policy_.Build(); | 105 device_policy_.Build(); |
| 102 } | 106 } |
| 103 | 107 |
| 104 void PrepareNewSigningKey() { | 108 void PrepareNewSigningKey() { |
| 105 device_policy_.SetDefaultNewSigningKey(); | 109 device_policy_.SetDefaultNewSigningKey(); |
| 106 device_policy_.Build(); | 110 device_policy_.Build(); |
| 107 owner_key_util_->SetPublicKeyFromPrivateKey( | 111 owner_key_util_->SetPublicKeyFromPrivateKey( |
| 108 *device_policy_.GetNewSigningKey()); | 112 *device_policy_.GetNewSigningKey()); |
| 109 } | 113 } |
| 110 | 114 |
| 111 void ResetToNonEnterprise() { | 115 void ResetToNonEnterprise() { |
| 112 store_.reset(); | 116 store_.reset(); |
| 113 chromeos::cryptohome_util::InstallAttributesSet("enterprise.owned", | 117 chromeos::cryptohome_util::InstallAttributesSet("enterprise.owned", |
| 114 std::string()); | 118 std::string()); |
| 115 install_attributes_.reset( | 119 install_attributes_.reset( |
| 116 new chromeos::InstallAttributes(fake_cryptohome_client_)); | 120 new chromeos::InstallAttributes(fake_cryptohome_client_)); |
| 117 store_.reset(new DeviceCloudPolicyStoreChromeOS( | 121 store_.reset(new DeviceCloudPolicyStoreChromeOS( |
| 118 &device_settings_service_, install_attributes_.get(), | 122 &device_settings_service_, install_attributes_.get(), |
| 119 base::ThreadTaskRunnerHandle::Get())); | 123 base::ThreadTaskRunnerHandle::Get())); |
| 120 } | 124 } |
| 121 | 125 |
| 126 static std::string ConvertPublicKeyToString( |
| 127 const std::vector<uint8_t>& public_key) { |
| 128 return std::string(reinterpret_cast<const char*>(public_key.data()), |
| 129 public_key.size()); |
| 130 } |
| 131 |
| 132 std::string GetPolicyPublicKeyAsString() { |
| 133 std::vector<uint8_t> public_key; |
| 134 EXPECT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&public_key)); |
| 135 return ConvertPublicKeyToString(public_key); |
| 136 } |
| 137 |
| 138 std::string GetPolicyNewPublicKeyAsString() { |
| 139 std::vector<uint8_t> new_public_key; |
| 140 EXPECT_TRUE( |
| 141 device_policy_.GetNewSigningKey()->ExportPublicKey(&new_public_key)); |
| 142 return ConvertPublicKeyToString(new_public_key); |
| 143 } |
| 144 |
| 122 ScopedTestingLocalState local_state_; | 145 ScopedTestingLocalState local_state_; |
| 123 chromeos::FakeCryptohomeClient* fake_cryptohome_client_; | 146 chromeos::FakeCryptohomeClient* fake_cryptohome_client_; |
| 124 std::unique_ptr<chromeos::InstallAttributes> install_attributes_; | 147 std::unique_ptr<chromeos::InstallAttributes> install_attributes_; |
| 125 | 148 |
| 126 std::unique_ptr<DeviceCloudPolicyStoreChromeOS> store_; | 149 std::unique_ptr<DeviceCloudPolicyStoreChromeOS> store_; |
| 127 | 150 |
| 128 private: | 151 private: |
| 129 DISALLOW_COPY_AND_ASSIGN(DeviceCloudPolicyStoreChromeOSTest); | 152 DISALLOW_COPY_AND_ASSIGN(DeviceCloudPolicyStoreChromeOSTest); |
| 130 }; | 153 }; |
| 131 | 154 |
| (...skipping 15 matching lines...) Expand all Loading... |
| 147 ResetToNonEnterprise(); | 170 ResetToNonEnterprise(); |
| 148 store_->Load(); | 171 store_->Load(); |
| 149 FlushDeviceSettings(); | 172 FlushDeviceSettings(); |
| 150 ExpectFailure(CloudPolicyStore::STATUS_BAD_STATE); | 173 ExpectFailure(CloudPolicyStore::STATUS_BAD_STATE); |
| 151 } | 174 } |
| 152 | 175 |
| 153 TEST_F(DeviceCloudPolicyStoreChromeOSTest, LoadSuccess) { | 176 TEST_F(DeviceCloudPolicyStoreChromeOSTest, LoadSuccess) { |
| 154 store_->Load(); | 177 store_->Load(); |
| 155 FlushDeviceSettings(); | 178 FlushDeviceSettings(); |
| 156 ExpectSuccess(); | 179 ExpectSuccess(); |
| 180 EXPECT_EQ(GetPolicyPublicKeyAsString(), store_->public_key()); |
| 157 } | 181 } |
| 158 | 182 |
| 159 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreSuccess) { | 183 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreSuccess) { |
| 160 PrepareExistingPolicy(); | 184 PrepareExistingPolicy(); |
| 161 store_->Store(device_policy_.policy()); | 185 store_->Store(device_policy_.policy()); |
| 162 FlushDeviceSettings(); | 186 FlushDeviceSettings(); |
| 163 ExpectSuccess(); | 187 ExpectSuccess(); |
| 188 EXPECT_EQ(GetPolicyPublicKeyAsString(), store_->public_key()); |
| 164 } | 189 } |
| 165 | 190 |
| 166 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreNoSignature) { | 191 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreNoSignature) { |
| 167 PrepareExistingPolicy(); | 192 PrepareExistingPolicy(); |
| 168 device_policy_.policy().clear_policy_data_signature(); | 193 device_policy_.policy().clear_policy_data_signature(); |
| 169 store_->Store(device_policy_.policy()); | 194 store_->Store(device_policy_.policy()); |
| 170 FlushDeviceSettings(); | 195 FlushDeviceSettings(); |
| 171 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); | 196 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); |
| 172 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE, | 197 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE, |
| 173 store_->validation_status()); | 198 store_->validation_status()); |
| 199 EXPECT_EQ(GetPolicyPublicKeyAsString(), store_->public_key()); |
| 174 } | 200 } |
| 175 | 201 |
| 176 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreBadSignature) { | 202 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreBadSignature) { |
| 177 PrepareExistingPolicy(); | 203 PrepareExistingPolicy(); |
| 178 device_policy_.policy().set_policy_data_signature("invalid"); | 204 device_policy_.policy().set_policy_data_signature("invalid"); |
| 179 store_->Store(device_policy_.policy()); | 205 store_->Store(device_policy_.policy()); |
| 180 FlushDeviceSettings(); | 206 FlushDeviceSettings(); |
| 181 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); | 207 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); |
| 182 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE, | 208 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE, |
| 183 store_->validation_status()); | 209 store_->validation_status()); |
| 210 EXPECT_EQ(GetPolicyPublicKeyAsString(), store_->public_key()); |
| 184 } | 211 } |
| 185 | 212 |
| 186 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreKeyRotation) { | 213 TEST_F(DeviceCloudPolicyStoreChromeOSTest, StoreKeyRotation) { |
| 187 PrepareExistingPolicy(); | 214 PrepareExistingPolicy(); |
| 188 device_policy_.SetDefaultNewSigningKey(); | 215 device_policy_.SetDefaultNewSigningKey(); |
| 189 device_policy_.Build(); | 216 device_policy_.Build(); |
| 190 store_->Store(device_policy_.policy()); | 217 store_->Store(device_policy_.policy()); |
| 191 content::RunAllBlockingPoolTasksUntilIdle(); | 218 content::RunAllBlockingPoolTasksUntilIdle(); |
| 192 device_settings_test_helper_.FlushStore(); | 219 device_settings_test_helper_.FlushStore(); |
| 193 owner_key_util_->SetPublicKeyFromPrivateKey( | 220 owner_key_util_->SetPublicKeyFromPrivateKey( |
| 194 *device_policy_.GetNewSigningKey()); | 221 *device_policy_.GetNewSigningKey()); |
| 195 ReloadDeviceSettings(); | 222 ReloadDeviceSettings(); |
| 196 ExpectSuccess(); | 223 ExpectSuccess(); |
| 224 EXPECT_EQ(GetPolicyNewPublicKeyAsString(), store_->public_key()); |
| 197 } | 225 } |
| 198 | 226 |
| 199 TEST_F(DeviceCloudPolicyStoreChromeOSTest, | 227 TEST_F(DeviceCloudPolicyStoreChromeOSTest, |
| 200 StoreKeyRotationVerificationFailure) { | 228 StoreKeyRotationVerificationFailure) { |
| 201 PrepareExistingPolicy(); | 229 PrepareExistingPolicy(); |
| 202 device_policy_.SetDefaultNewSigningKey(); | 230 device_policy_.SetDefaultNewSigningKey(); |
| 203 device_policy_.Build(); | 231 device_policy_.Build(); |
| 204 *device_policy_.policy() | 232 *device_policy_.policy() |
| 205 .mutable_new_public_key_verification_signature_deprecated() = "garbage"; | 233 .mutable_new_public_key_verification_signature_deprecated() = "garbage"; |
| 206 store_->Store(device_policy_.policy()); | 234 store_->Store(device_policy_.policy()); |
| 207 FlushDeviceSettings(); | 235 FlushDeviceSettings(); |
| 208 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); | 236 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); |
| 209 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_KEY_VERIFICATION_SIGNATURE, | 237 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_KEY_VERIFICATION_SIGNATURE, |
| 210 store_->validation_status()); | 238 store_->validation_status()); |
| 239 EXPECT_EQ(GetPolicyPublicKeyAsString(), store_->public_key()); |
| 211 } | 240 } |
| 212 | 241 |
| 213 TEST_F(DeviceCloudPolicyStoreChromeOSTest, | 242 TEST_F(DeviceCloudPolicyStoreChromeOSTest, |
| 214 StoreKeyRotationMissingSignatureFailure) { | 243 StoreKeyRotationMissingSignatureFailure) { |
| 215 PrepareExistingPolicy(); | 244 PrepareExistingPolicy(); |
| 216 device_policy_.SetDefaultNewSigningKey(); | 245 device_policy_.SetDefaultNewSigningKey(); |
| 217 device_policy_.Build(); | 246 device_policy_.Build(); |
| 218 device_policy_.policy() | 247 device_policy_.policy() |
| 219 .clear_new_public_key_verification_signature_deprecated(); | 248 .clear_new_public_key_verification_signature_deprecated(); |
| 220 store_->Store(device_policy_.policy()); | 249 store_->Store(device_policy_.policy()); |
| 221 FlushDeviceSettings(); | 250 FlushDeviceSettings(); |
| 222 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); | 251 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); |
| 223 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_KEY_VERIFICATION_SIGNATURE, | 252 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_KEY_VERIFICATION_SIGNATURE, |
| 224 store_->validation_status()); | 253 store_->validation_status()); |
| 254 EXPECT_EQ(GetPolicyPublicKeyAsString(), store_->public_key()); |
| 225 } | 255 } |
| 226 | 256 |
| 227 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicySuccess) { | 257 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicySuccess) { |
| 228 PrepareNewSigningKey(); | 258 PrepareNewSigningKey(); |
| 229 store_->InstallInitialPolicy(device_policy_.policy()); | 259 store_->InstallInitialPolicy(device_policy_.policy()); |
| 230 FlushDeviceSettings(); | 260 FlushDeviceSettings(); |
| 231 ExpectSuccess(); | 261 ExpectSuccess(); |
| 262 EXPECT_EQ(GetPolicyNewPublicKeyAsString(), store_->public_key()); |
| 232 } | 263 } |
| 233 | 264 |
| 234 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicyNoSignature) { | 265 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicyNoSignature) { |
| 235 PrepareNewSigningKey(); | 266 PrepareNewSigningKey(); |
| 236 device_policy_.policy().clear_policy_data_signature(); | 267 device_policy_.policy().clear_policy_data_signature(); |
| 237 store_->InstallInitialPolicy(device_policy_.policy()); | 268 store_->InstallInitialPolicy(device_policy_.policy()); |
| 238 FlushDeviceSettings(); | 269 FlushDeviceSettings(); |
| 239 ExpectFailure(CloudPolicyStore::STATUS_VALIDATION_ERROR); | 270 ExpectFailure(CloudPolicyStore::STATUS_VALIDATION_ERROR); |
| 240 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_INITIAL_SIGNATURE, | 271 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_INITIAL_SIGNATURE, |
| 241 store_->validation_status()); | 272 store_->validation_status()); |
| 273 EXPECT_EQ(std::string(), store_->public_key()); |
| 242 } | 274 } |
| 243 | 275 |
| 244 TEST_F(DeviceCloudPolicyStoreChromeOSTest, | 276 TEST_F(DeviceCloudPolicyStoreChromeOSTest, |
| 245 InstallInitialPolicyVerificationFailure) { | 277 InstallInitialPolicyVerificationFailure) { |
| 246 PrepareNewSigningKey(); | 278 PrepareNewSigningKey(); |
| 247 *device_policy_.policy() | 279 *device_policy_.policy() |
| 248 .mutable_new_public_key_verification_signature_deprecated() = "garbage"; | 280 .mutable_new_public_key_verification_signature_deprecated() = "garbage"; |
| 249 store_->InstallInitialPolicy(device_policy_.policy()); | 281 store_->InstallInitialPolicy(device_policy_.policy()); |
| 250 FlushDeviceSettings(); | 282 FlushDeviceSettings(); |
| 251 ExpectFailure(CloudPolicyStore::STATUS_VALIDATION_ERROR); | 283 ExpectFailure(CloudPolicyStore::STATUS_VALIDATION_ERROR); |
| 252 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_KEY_VERIFICATION_SIGNATURE, | 284 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_KEY_VERIFICATION_SIGNATURE, |
| 253 store_->validation_status()); | 285 store_->validation_status()); |
| 286 EXPECT_EQ(std::string(), store_->public_key()); |
| 254 } | 287 } |
| 255 | 288 |
| 256 TEST_F(DeviceCloudPolicyStoreChromeOSTest, | 289 TEST_F(DeviceCloudPolicyStoreChromeOSTest, |
| 257 InstallInitialPolicyMissingSignatureFailure) { | 290 InstallInitialPolicyMissingSignatureFailure) { |
| 258 PrepareNewSigningKey(); | 291 PrepareNewSigningKey(); |
| 259 device_policy_.policy() | 292 device_policy_.policy() |
| 260 .clear_new_public_key_verification_signature_deprecated(); | 293 .clear_new_public_key_verification_signature_deprecated(); |
| 261 store_->InstallInitialPolicy(device_policy_.policy()); | 294 store_->InstallInitialPolicy(device_policy_.policy()); |
| 262 FlushDeviceSettings(); | 295 FlushDeviceSettings(); |
| 263 ExpectFailure(CloudPolicyStore::STATUS_VALIDATION_ERROR); | 296 ExpectFailure(CloudPolicyStore::STATUS_VALIDATION_ERROR); |
| 264 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_KEY_VERIFICATION_SIGNATURE, | 297 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_KEY_VERIFICATION_SIGNATURE, |
| 265 store_->validation_status()); | 298 store_->validation_status()); |
| 299 EXPECT_EQ(std::string(), store_->public_key()); |
| 266 } | 300 } |
| 267 | 301 |
| 268 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicyNoKey) { | 302 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicyNoKey) { |
| 269 PrepareNewSigningKey(); | 303 PrepareNewSigningKey(); |
| 270 device_policy_.policy().clear_new_public_key(); | 304 device_policy_.policy().clear_new_public_key(); |
| 271 store_->InstallInitialPolicy(device_policy_.policy()); | 305 store_->InstallInitialPolicy(device_policy_.policy()); |
| 272 FlushDeviceSettings(); | 306 FlushDeviceSettings(); |
| 273 ExpectFailure(CloudPolicyStore::STATUS_VALIDATION_ERROR); | 307 ExpectFailure(CloudPolicyStore::STATUS_VALIDATION_ERROR); |
| 274 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_INITIAL_SIGNATURE, | 308 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_BAD_INITIAL_SIGNATURE, |
| 275 store_->validation_status()); | 309 store_->validation_status()); |
| 310 EXPECT_EQ(std::string(), store_->public_key()); |
| 276 } | 311 } |
| 277 | 312 |
| 278 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicyNotEnterprise) { | 313 TEST_F(DeviceCloudPolicyStoreChromeOSTest, InstallInitialPolicyNotEnterprise) { |
| 279 PrepareNewSigningKey(); | 314 PrepareNewSigningKey(); |
| 280 ResetToNonEnterprise(); | 315 ResetToNonEnterprise(); |
| 281 store_->InstallInitialPolicy(device_policy_.policy()); | 316 store_->InstallInitialPolicy(device_policy_.policy()); |
| 282 FlushDeviceSettings(); | 317 FlushDeviceSettings(); |
| 283 ExpectFailure(CloudPolicyStore::STATUS_BAD_STATE); | 318 ExpectFailure(CloudPolicyStore::STATUS_BAD_STATE); |
| 319 EXPECT_EQ(std::string(), store_->public_key()); |
| 284 } | 320 } |
| 285 | 321 |
| 286 } // namespace policy | 322 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2488573003:
Expose signing key from cloud policy stores (Closed)
