Codebase Browser
chromium
Go to App

chromium/components/policy/core/common/cloud/cloud_policy_validator.cc 

// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifdef UNSAFE_BUFFERS_BUILD
// TODO(crbug.com/40285824): Remove this and convert code to safer constructs.
#pragma allow_unsafe_buffers
#endif

#include "components/policy/core/common/cloud/cloud_policy_validator.h"

#include <stddef.h>

#include <memory>
#include <utility>

#include "base/base64.h"
#include "base/check_is_test.h"
#include "base/command_line.h"
#include "base/functional/callback_helpers.h"
#include "base/location.h"
#include "base/logging.h"
#include "base/metrics/histogram_macros.h"
#include "base/task/sequenced_task_runner.h"
#include "base/task/single_thread_task_runner.h"
#include "build/build_config.h"
#include "build/chromeos_buildflags.h"
#include "cloud_policy_validator.h"
#include "components/policy/core/common/cloud/cloud_policy_constants.h"
#include "components/policy/core/common/policy_logger.h"
#include "components/policy/core/common/policy_switches.h"
#include "components/policy/proto/device_management_backend.pb.h"
#include "crypto/signature_verifier.h"
#include "google_apis/gaia/gaia_auth_util.h"

#if BUILDFLAG(IS_CHROMEOS_ASH)
#include "base/system/sys_info.h"
#endif  // BUILDFLAG(IS_CHROMEOS_ASH)

em;

namespace policy {

namespace {

const char kMetricPolicyUserVerification[] =;
const char kMetricKeySignatureVerification[] =;

enum class MetricPolicyUserVerification {};

enum class MetricKeySignatureVerification {};

}  // namespace

// static
const char* CloudPolicyValidatorBase::StatusToString(Status status) {}

CloudPolicyValidatorBase::ValidationResult::ValidationResult() = default;
CloudPolicyValidatorBase::ValidationResult::~ValidationResult() = default;

CloudPolicyValidatorBase::~CloudPolicyValidatorBase() {}

std::unique_ptr<CloudPolicyValidatorBase::ValidationResult>
CloudPolicyValidatorBase::GetValidationResult() const {}

void CloudPolicyValidatorBase::ValidateTimestamp(
    base::Time not_before,
    ValidateTimestampOption timestamp_option) {}

void CloudPolicyValidatorBase::ValidateUser(const AccountId& account_id) {}

void CloudPolicyValidatorBase::ValidateUsernameAndGaiaId(
    const std::string& expected_user,
    const std::string& gaia_id) {}

void CloudPolicyValidatorBase::ValidateUsername(
    const std::string& expected_user) {}

void CloudPolicyValidatorBase::ValidateDomain(
    const std::string& expected_domain) {}

void CloudPolicyValidatorBase::ValidateDMToken(
    const std::string& expected_dm_token,
    ValidateDMTokenOption dm_token_option) {}

void CloudPolicyValidatorBase::ValidateDeviceId(
    const std::string& expected_device_id,
    ValidateDeviceIdOption device_id_option) {}

void CloudPolicyValidatorBase::ValidatePolicyType(
    const std::string& policy_type) {}

void CloudPolicyValidatorBase::ValidateSettingsEntityId(
    const std::string& settings_entity_id) {}

void CloudPolicyValidatorBase::ValidatePayload() {}

void CloudPolicyValidatorBase::ValidateCachedKey(
    const std::string& cached_key,
    const std::string& cached_key_signature,
    const std::string& owning_domain,
    const std::string& new_public_key_verification_data,
    const std::string& new_public_key_verification_data_signature) {}

void CloudPolicyValidatorBase::ValidateSignature(const std::string& key) {}

void CloudPolicyValidatorBase::ValidateSignatureAllowingRotation(
    const std::string& key,
    const std::string& owning_domain) {}

void CloudPolicyValidatorBase::ValidateInitialKey(
    const std::string& owning_domain) {}

void CloudPolicyValidatorBase::ValidateAgainstCurrentPolicy(
    const em::PolicyData* policy_data,
    ValidateTimestampOption timestamp_option,
    ValidateDMTokenOption dm_token_option,
    ValidateDeviceIdOption device_id_option) {}

// static
bool CloudPolicyValidatorBase::VerifySignature(const std::string& data,
                                               const std::string& key,
                                               const std::string& signature,
                                               SignatureType signature_type) {}

CloudPolicyValidatorBase::CloudPolicyValidatorBase(
    std::unique_ptr<em::PolicyFetchResponse> policy_response,
    scoped_refptr<base::SequencedTaskRunner> background_task_runner)
    :{}

// static
std::optional<std::string>
CloudPolicyValidatorBase::GetCurrentPolicyVerificationKey() {}

// static
void CloudPolicyValidatorBase::PostValidationTask(
    std::unique_ptr<CloudPolicyValidatorBase> validator,
    base::OnceClosure completion_callback) {}

// static
void CloudPolicyValidatorBase::PerformValidation(
    std::unique_ptr<CloudPolicyValidatorBase> self,
    scoped_refptr<base::SingleThreadTaskRunner> task_runner,
    base::OnceClosure completion_callback) {}

// static
void CloudPolicyValidatorBase::ReportCompletion(
    std::unique_ptr<CloudPolicyValidatorBase> self,
    base::OnceClosure completion_callback) {}

void CloudPolicyValidatorBase::RunValidation() {}

CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckProtoPayload(
    google::protobuf::MessageLite* payload) {}

void CloudPolicyValidatorBase::RunChecks() {}

// Verifies the |new_public_key_verification_signature_deprecated| for the
// |new_public_key| in the policy blob.
bool CloudPolicyValidatorBase::CheckNewPublicKeyVerificationSignature() {}

bool CloudPolicyValidatorBase::CheckVerificationKeySignatureDeprecated(
    const std::string& key,
    const std::string& verification_key,
    const std::string& signature) {}

std::string CloudPolicyValidatorBase::ExtractDomainFromPolicy() {}

bool CloudPolicyValidatorBase::CheckDomainInPublicKeyVerificationData(
    const std::string& new_public_key_verification_data) {}

void CloudPolicyValidatorBase::set_owning_domain(
    const std::string& owning_domain) {}

CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckSignature() {}

CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckInitialKey() {}

CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckCachedKey() {}

CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckPolicyType() {}

CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckEntityId() {}

CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckTimestamp() {}

CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckDMToken() {}

CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckDeviceId() {}

CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckUser() {}

CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckDomain() {}

CloudPolicyValidatorBase::SignatureType
CloudPolicyValidatorBase::GetSignatureType() {}

template class CloudPolicyValidator<em::CloudPolicySettings>;

#if !BUILDFLAG(IS_ANDROID) && !BUILDFLAG(IS_IOS)
template class CloudPolicyValidator<em::ExternalPolicyData>;
#endif

}  // namespace policy