Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(79)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc

Issue 2507423002: Remove unnecessary plumbing for policy verification key (Closed)
Patch Set: git cl format and rebase. Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc ('k') | chrome/browser/policy/cloud/user_cloud_policy_manager_factory.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h"
6 6
7 #include <stddef.h> 7 #include <stddef.h>
8 #include <utility> 8 #include <utility>
9 9
10 #include "base/bind.h" 10 #include "base/bind.h"
(...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after
143 OnRetrievedPolicyValidated(validator.get()); 143 OnRetrievedPolicyValidated(validator.get());
144 } 144 }
145 145
146 void UserCloudPolicyStoreChromeOS::ValidatePolicyForStore( 146 void UserCloudPolicyStoreChromeOS::ValidatePolicyForStore(
147 std::unique_ptr<em::PolicyFetchResponse> policy) { 147 std::unique_ptr<em::PolicyFetchResponse> policy) {
148 // Create and configure a validator. 148 // Create and configure a validator.
149 std::unique_ptr<UserCloudPolicyValidator> validator = CreateValidator( 149 std::unique_ptr<UserCloudPolicyValidator> validator = CreateValidator(
150 std::move(policy), CloudPolicyValidatorBase::TIMESTAMP_FULLY_VALIDATED); 150 std::move(policy), CloudPolicyValidatorBase::TIMESTAMP_FULLY_VALIDATED);
151 validator->ValidateUsername(account_id_.GetUserEmail(), true); 151 validator->ValidateUsername(account_id_.GetUserEmail(), true);
152 if (cached_policy_key_.empty()) { 152 if (cached_policy_key_.empty()) {
153 validator->ValidateInitialKey(GetPolicyVerificationKey(), 153 validator->ValidateInitialKey(ExtractDomain(account_id_.GetUserEmail()));
154 ExtractDomain(account_id_.GetUserEmail()));
155 } else { 154 } else {
156 validator->ValidateSignatureAllowingRotation( 155 validator->ValidateSignatureAllowingRotation(
157 cached_policy_key_, GetPolicyVerificationKey(), 156 cached_policy_key_, ExtractDomain(account_id_.GetUserEmail()));
158 ExtractDomain(account_id_.GetUserEmail()));
159 } 157 }
160 158
161 // Start validation. The Validator will delete itself once validation is 159 // Start validation. The Validator will delete itself once validation is
162 // complete. 160 // complete.
163 validator.release()->StartValidation( 161 validator.release()->StartValidation(
164 base::Bind(&UserCloudPolicyStoreChromeOS::OnPolicyToStoreValidated, 162 base::Bind(&UserCloudPolicyStoreChromeOS::OnPolicyToStoreValidated,
165 weak_factory_.GetWeakPtr())); 163 weak_factory_.GetWeakPtr()));
166 } 164 }
167 165
168 void UserCloudPolicyStoreChromeOS::OnPolicyToStoreValidated( 166 void UserCloudPolicyStoreChromeOS::OnPolicyToStoreValidated(
(...skipping 180 matching lines...) Expand 10 before | Expand all | Expand 10 after
349 std::move(policy), CloudPolicyValidatorBase::TIMESTAMP_NOT_BEFORE); 347 std::move(policy), CloudPolicyValidatorBase::TIMESTAMP_NOT_BEFORE);
350 validator->ValidateUsername(account_id_.GetUserEmail(), true); 348 validator->ValidateUsername(account_id_.GetUserEmail(), true);
351 // The policy loaded from session manager need not be validated using the 349 // The policy loaded from session manager need not be validated using the
352 // verification key since it is secure, and since there may be legacy policy 350 // verification key since it is secure, and since there may be legacy policy
353 // data that was stored without a verification key. 351 // data that was stored without a verification key.
354 validator->ValidateSignature(cached_policy_key_); 352 validator->ValidateSignature(cached_policy_key_);
355 return validator; 353 return validator;
356 } 354 }
357 355
358 } // namespace policy 356 } // namespace policy
OLDNEW
« no previous file with comments | « chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc ('k') | chrome/browser/policy/cloud/user_cloud_policy_manager_factory.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698