Elim cr-checkbox
[chromium-blink-merge.git] / chrome / browser / chromeos / attestation / attestation_policy_browsertest.cc
blobad16b6ed3f2c266c46ba9b324e7f64acf706f88f
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/bind.h"
6 #include "base/memory/ref_counted.h"
7 #include "base/run_loop.h"
8 #include "base/threading/platform_thread.h"
9 #include "base/time/time.h"
10 #include "chrome/browser/chromeos/attestation/platform_verification_flow.h"
11 #include "chrome/browser/chromeos/policy/device_policy_builder.h"
12 #include "chrome/browser/chromeos/policy/device_policy_cros_browser_test.h"
13 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
14 #include "chrome/browser/chromeos/settings/device_settings_service.h"
15 #include "chrome/browser/ui/browser.h"
16 #include "chrome/browser/ui/tabs/tab_strip_model.h"
17 #include "chromeos/dbus/fake_cryptohome_client.h"
18 #include "testing/gtest/include/gtest/gtest.h"
20 using chromeos::attestation::PlatformVerificationFlow;
22 namespace policy {
24 class CustomFakeCryptohomeClient : public chromeos::FakeCryptohomeClient {
25 public:
26 void TpmAttestationIsEnrolled(
27 const chromeos::BoolDBusMethodCallback& callback) override {
28 base::MessageLoop::current()->PostTask(
29 FROM_HERE,
30 base::Bind(callback, chromeos::DBUS_METHOD_CALL_FAILURE, false));
34 class AttestationDevicePolicyTest
35 : public DevicePolicyCrosBrowserTest,
36 public chromeos::DeviceSettingsService::Observer {
37 public:
38 // DeviceSettingsService::Observer
39 void OwnershipStatusChanged() override {}
40 void DeviceSettingsUpdated() override { operation_complete_ = true; }
41 void OnDeviceSettingsServiceShutdown() override {}
43 protected:
44 AttestationDevicePolicyTest() : operation_complete_(false) {}
46 void SetUpInProcessBrowserTestFixture() override {
47 DevicePolicyCrosBrowserTest::SetUpInProcessBrowserTestFixture();
48 InstallOwnerKey();
49 RefreshDevicePolicy();
52 // Refreshes device policy and waits for it to be applied.
53 virtual void SyncRefreshDevicePolicy() {
54 chromeos::DeviceSettingsService::Get()->AddObserver(this);
55 RefreshDevicePolicy();
56 WaitForAsyncOperation();
57 chromeos::DeviceSettingsService::Get()->RemoveObserver(this);
60 enterprise_management::AttestationSettingsProto* GetDevicePolicyProto() {
61 return device_policy()->payload().mutable_attestation_settings();
64 // A callback for PlatformVerificationFlow::ChallengePlatformKey.
65 void Callback(PlatformVerificationFlow::Result result,
66 const std::string& signed_data,
67 const std::string& signature,
68 const std::string& platform_key_certificate) {
69 result_ = result;
70 operation_complete_ = true;
73 // Synchronously do what the content protection code path does when it wants
74 // to verify a Chrome OS platform.
75 PlatformVerificationFlow::Result SyncContentProtectionAttestation() {
76 scoped_refptr<PlatformVerificationFlow> verifier(
77 new PlatformVerificationFlow(NULL, NULL, &fake_cryptohome_client_,
78 NULL));
79 verifier->ChallengePlatformKey(
80 browser()->tab_strip_model()->GetActiveWebContents(),
81 "fake_service_id",
82 "fake_challenge",
83 base::Bind(&AttestationDevicePolicyTest::Callback, this));
84 WaitForAsyncOperation();
85 return result_;
88 private:
89 bool operation_complete_;
90 PlatformVerificationFlow::Result result_;
91 CustomFakeCryptohomeClient fake_cryptohome_client_;
93 void WaitForAsyncOperation() {
94 while (!operation_complete_) {
95 base::PlatformThread::Sleep(base::TimeDelta::FromMilliseconds(10));
96 base::RunLoop pump;
97 pump.RunUntilIdle();
99 // Reset for the next call.
100 operation_complete_ = false;
103 DISALLOW_COPY_AND_ASSIGN(AttestationDevicePolicyTest);
106 IN_PROC_BROWSER_TEST_F(AttestationDevicePolicyTest, ContentProtectionTest) {
107 EXPECT_NE(PlatformVerificationFlow::POLICY_REJECTED,
108 SyncContentProtectionAttestation());
110 GetDevicePolicyProto()->set_content_protection_enabled(false);
111 SyncRefreshDevicePolicy();
113 EXPECT_EQ(PlatformVerificationFlow::POLICY_REJECTED,
114 SyncContentProtectionAttestation());
116 GetDevicePolicyProto()->set_content_protection_enabled(true);
117 SyncRefreshDevicePolicy();
119 EXPECT_NE(PlatformVerificationFlow::POLICY_REJECTED,
120 SyncContentProtectionAttestation());
123 } // namespace policy