1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
6 #include "base/memory/ref_counted.h"
7 #include "base/run_loop.h"
8 #include "base/threading/platform_thread.h"
9 #include "base/time/time.h"
10 #include "chrome/browser/chromeos/attestation/platform_verification_flow.h"
11 #include "chrome/browser/chromeos/policy/device_policy_builder.h"
12 #include "chrome/browser/chromeos/policy/device_policy_cros_browser_test.h"
13 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
14 #include "chrome/browser/chromeos/settings/device_settings_service.h"
15 #include "chrome/browser/ui/browser.h"
16 #include "chrome/browser/ui/tabs/tab_strip_model.h"
17 #include "chromeos/dbus/fake_cryptohome_client.h"
18 #include "testing/gtest/include/gtest/gtest.h"
20 using chromeos::attestation::PlatformVerificationFlow
;
24 class CustomFakeCryptohomeClient
: public chromeos::FakeCryptohomeClient
{
26 void TpmAttestationIsEnrolled(
27 const chromeos::BoolDBusMethodCallback
& callback
) override
{
28 base::MessageLoop::current()->PostTask(
30 base::Bind(callback
, chromeos::DBUS_METHOD_CALL_FAILURE
, false));
34 class AttestationDevicePolicyTest
35 : public DevicePolicyCrosBrowserTest
,
36 public chromeos::DeviceSettingsService::Observer
{
38 // DeviceSettingsService::Observer
39 void OwnershipStatusChanged() override
{}
40 void DeviceSettingsUpdated() override
{ operation_complete_
= true; }
41 void OnDeviceSettingsServiceShutdown() override
{}
44 AttestationDevicePolicyTest() : operation_complete_(false) {}
46 void SetUpInProcessBrowserTestFixture() override
{
47 DevicePolicyCrosBrowserTest::SetUpInProcessBrowserTestFixture();
49 RefreshDevicePolicy();
52 // Refreshes device policy and waits for it to be applied.
53 virtual void SyncRefreshDevicePolicy() {
54 chromeos::DeviceSettingsService::Get()->AddObserver(this);
55 RefreshDevicePolicy();
56 WaitForAsyncOperation();
57 chromeos::DeviceSettingsService::Get()->RemoveObserver(this);
60 enterprise_management::AttestationSettingsProto
* GetDevicePolicyProto() {
61 return device_policy()->payload().mutable_attestation_settings();
64 // A callback for PlatformVerificationFlow::ChallengePlatformKey.
65 void Callback(PlatformVerificationFlow::Result result
,
66 const std::string
& signed_data
,
67 const std::string
& signature
,
68 const std::string
& platform_key_certificate
) {
70 operation_complete_
= true;
73 // Synchronously do what the content protection code path does when it wants
74 // to verify a Chrome OS platform.
75 PlatformVerificationFlow::Result
SyncContentProtectionAttestation() {
76 scoped_refptr
<PlatformVerificationFlow
> verifier(
77 new PlatformVerificationFlow(NULL
, NULL
, &fake_cryptohome_client_
,
79 verifier
->ChallengePlatformKey(
80 browser()->tab_strip_model()->GetActiveWebContents(),
83 base::Bind(&AttestationDevicePolicyTest::Callback
, this));
84 WaitForAsyncOperation();
89 bool operation_complete_
;
90 PlatformVerificationFlow::Result result_
;
91 CustomFakeCryptohomeClient fake_cryptohome_client_
;
93 void WaitForAsyncOperation() {
94 while (!operation_complete_
) {
95 base::PlatformThread::Sleep(base::TimeDelta::FromMilliseconds(10));
99 // Reset for the next call.
100 operation_complete_
= false;
103 DISALLOW_COPY_AND_ASSIGN(AttestationDevicePolicyTest
);
106 IN_PROC_BROWSER_TEST_F(AttestationDevicePolicyTest
, ContentProtectionTest
) {
107 EXPECT_NE(PlatformVerificationFlow::POLICY_REJECTED
,
108 SyncContentProtectionAttestation());
110 GetDevicePolicyProto()->set_content_protection_enabled(false);
111 SyncRefreshDevicePolicy();
113 EXPECT_EQ(PlatformVerificationFlow::POLICY_REJECTED
,
114 SyncContentProtectionAttestation());
116 GetDevicePolicyProto()->set_content_protection_enabled(true);
117 SyncRefreshDevicePolicy();
119 EXPECT_NE(PlatformVerificationFlow::POLICY_REJECTED
,
120 SyncContentProtectionAttestation());
123 } // namespace policy
