// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifdef UNSAFE_BUFFERS_BUILD // TODO(crbug.com/40285824): Remove this and convert code to safer constructs. #pragma allow_unsafe_buffers #endif #include "components/policy/core/common/cloud/test/policy_builder.h" #include "base/base64.h" #include "base/notreached.h" #include "build/build_config.h" #include "build/chromeos_buildflags.h" #include "components/policy/core/common/cloud/cloud_policy_constants.h" #include "crypto/signature_creator.h" em; namespace policy { const uint8_t kVerificationPrivateKey[] = …; namespace { // Signing key test data in DER-encoded PKCS8 format. const uint8_t kSigningKey[] = …; // SHA256 signature of kSigningKey for "example.com" domain. const uint8_t kSigningKeySignature[] = …; // SHA256 signature of kSigningKey for "gmail.com" domain when the testing // verification key is used. const uint8_t kSigningKeySignatureForChild[] = …; // New signing key test data in DER-encoded PKCS8 format. const uint8_t kNewSigningKey[] = …; // SHA256 signature of kNewSigningKey for "example.com" domain. const uint8_t kNewSigningKeySignature[] = …; // The public part of the key to be used by CloudPolicyValidator for // checking the new public key data signature. This is replacement // for baked in the code |verification_key_| used by the validator. // Since we have the private part of this key, in kVerificationPrivateKey // new signatures can be generated that will pass the checks from // CloudPolicyValidator. const uint8_t kVerificationPublicKey[] = …; // The signature for the new public key verification data corresponding // to public_key = policy_signing_key, domain = kFakeDomain and // new_public_key_version = kNewPublicKeyVersion blob that is signed with // kVerificationPublicKey. const uint8_t kPublicKeyVerificationDataSignature[] = …; // The version of new public key for verification data const int32_t kNewPublicKeyVersion = …; const char user_affiliation_id1[] = …; const char user_affiliation_id2[] = …; std::vector<uint8_t> ExportPublicKey(const crypto::RSAPrivateKey& key) { … } std::string ConvertPublicKeyToString(const std::vector<uint8_t>& public_key) { … } // Produces |key|'s signature over |data| and stores it in |signature|. void SignData(const std::string& data, crypto::RSAPrivateKey* const key, std::string* const signature, em::PolicyFetchRequest::SignatureType signature_type) { … } } // namespace // Constants used as dummy data for filling the PolicyData protobuf. // LINT.IfChange const char PolicyBuilder::kFakeGaiaId[] = …; const char PolicyBuilder::kFakeUsername[] = …; // LINT.ThenChange(/chrome/test/base/fake_gaia_mixin.cc) const char PolicyBuilder::kFakeDeviceId[] = …; const char PolicyBuilder::kFakeDomain[] = …; const char PolicyBuilder::kFakeMachineName[] = …; const char PolicyBuilder::kFakePolicyType[] = …; const int PolicyBuilder::kFakePublicKeyVersion = …; const int64_t PolicyBuilder::kFakeTimestamp = …; const char PolicyBuilder::kFakeToken[] = …; const char PolicyBuilder::kFakeServiceAccountIdentity[] = …; PolicyBuilder::PolicyBuilder() { … } PolicyBuilder::~PolicyBuilder() { … } std::unique_ptr<crypto::RSAPrivateKey> PolicyBuilder::GetSigningKey() const { … } void PolicyBuilder::SetSigningKey(const crypto::RSAPrivateKey& key) { … } void PolicyBuilder::SetDefaultSigningKey() { … } void PolicyBuilder::UnsetSigningKey() { … } std::unique_ptr<crypto::RSAPrivateKey> PolicyBuilder::GetNewSigningKey() const { … } void PolicyBuilder::SetDefaultNewSigningKey() { … } void PolicyBuilder::UnsetNewSigningKey() { … } void PolicyBuilder::SetDefaultInitialSigningKey() { … } void PolicyBuilder::Build() { … } std::string PolicyBuilder::GetBlob() const { … } std::unique_ptr<em::PolicyFetchResponse> PolicyBuilder::GetCopy() const { … } // static std::unique_ptr<crypto::RSAPrivateKey> PolicyBuilder::CreateTestSigningKey() { … } // static std::unique_ptr<crypto::RSAPrivateKey> PolicyBuilder::CreateTestOtherSigningKey() { … } // static std::string PolicyBuilder::GetEncodedPolicyVerificationKey() { … } // static std::string PolicyBuilder::GetPublicKeyVerificationDataSignature() { … } // static std::string PolicyBuilder::GetTestSigningKeySignature() { … } std::string PolicyBuilder::GetTestSigningKeySignatureForChild() { … } // static std::string PolicyBuilder::GetTestOtherSigningKeySignature() { … } std::vector<uint8_t> PolicyBuilder::GetPublicSigningKey() const { … } std::vector<uint8_t> PolicyBuilder::GetPublicNewSigningKey() const { … } // static std::vector<uint8_t> PolicyBuilder::GetPublicTestKey() { … } // static std::vector<uint8_t> PolicyBuilder::GetPublicTestOtherKey() { … } std::string PolicyBuilder::GetPublicSigningKeyAsString() const { … } std::string PolicyBuilder::GetPublicNewSigningKeyAsString() const { … } // static std::string PolicyBuilder::GetPublicTestKeyAsString() { … } // static std::string PolicyBuilder::GetPublicTestOtherKeyAsString() { … } // static std::vector<std::string> PolicyBuilder::GetUserAffiliationIds() { … } // static AccountId PolicyBuilder::GetFakeAccountIdForTesting() { … } void PolicyBuilder::SetSignatureType( em::PolicyFetchRequest::SignatureType signature_type) { … } template <> TypedPolicyBuilder<em::CloudPolicySettings>::TypedPolicyBuilder() : … { … } // Have the instantiation compiled into the module. template class TypedPolicyBuilder<em::CloudPolicySettings>; #if !BUILDFLAG(IS_ANDROID) && !BUILDFLAG(IS_IOS) template <> TypedPolicyBuilder<em::ExternalPolicyData>::TypedPolicyBuilder() { … } template class TypedPolicyBuilder<em::ExternalPolicyData>; #endif #if BUILDFLAG(IS_CHROMEOS_ASH) StringPolicyBuilder::StringPolicyBuilder() = default; void StringPolicyBuilder::Build() { policy_data().set_policy_value(payload_); PolicyBuilder::Build(); } #endif } // namespace policy
Codebase Browser
chromium