components/policy/core/common/cloud/component_cloud_policy_updater.cc - Issue 2493603002: Implement component cloud policy signature validation

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/policy/core/common/cloud/component_cloud_policy_updater.cc

Issue 2493603002: Implement component cloud policy signature validation (Closed)

Patch Set: Add comment Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « components/policy/core/common/cloud/component_cloud_policy_updater.h ('k') | components/policy/core/common/cloud/component_cloud_policy_updater_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: components/policy/core/common/cloud/component_cloud_policy_updater.cc

diff --git a/components/policy/core/common/cloud/component_cloud_policy_updater.cc b/components/policy/core/common/cloud/component_cloud_policy_updater.cc

index 4576a168447141d39bbaa4c9187ea88ac3cca8e5..9901476da3ac1b538dcb61eb232d529461d23e14 100644

--- a/components/policy/core/common/cloud/component_cloud_policy_updater.cc

+++ b/components/policy/core/common/cloud/component_cloud_policy_updater.cc

@@ -6,6 +6,7 @@

#include <stddef.h>

#include <stdint.h>

+#include <memory>

#include <utility>

#include "base/bind.h"

@@ -48,6 +49,7 @@ ComponentCloudPolicyUpdater::~ComponentCloudPolicyUpdater() {

}

void ComponentCloudPolicyUpdater::UpdateExternalPolicy(

+ const PolicyNamespace& ns,

std::unique_ptr<em::PolicyFetchResponse> response) {

// Keep a serialized copy of |response|, to cache it later.

// The policy is also rejected if it exceeds the maximum size.

@@ -58,10 +60,10 @@ void ComponentCloudPolicyUpdater::UpdateExternalPolicy(

}

// Validate the policy before doing anything else.

- PolicyNamespace ns;

+ std::unique_ptr<em::PolicyData> policy_data(new em::PolicyData);

em::ExternalPolicyData data;

- if (!store_->ValidatePolicy(std::move(response), &ns, &data)) {

- LOG(ERROR) << "Failed to validate component policy fetched from DMServer";

+ if (!store_->ValidatePolicy(ns, std::move(response), policy_data.get(),

+ &data)) {

return;

}

@@ -87,13 +89,10 @@ void ComponentCloudPolicyUpdater::UpdateExternalPolicy(

// Make a request to fetch policy for this component. If another fetch

// request is already pending for the component, it will be canceled.

external_policy_data_updater_.FetchExternalData(

- key,

- ExternalPolicyDataUpdater::Request(data.download_url(),

- data.secure_hash(),

- kPolicyDataMaxSize),

+ key, ExternalPolicyDataUpdater::Request(

+ data.download_url(), data.secure_hash(), kPolicyDataMaxSize),

base::Bind(&ComponentCloudPolicyStore::Store, base::Unretained(store_),

- ns,

- serialized_response,

+ ns, serialized_response, base::Passed(&policy_data),

data.secure_hash()));

}