cygprofile: increase timeouts to allow showing web contents
[chromium-blink-merge.git] / components / policy / core / common / cloud / policy_builder.h
blobcfc1076ae240d81c518357e7174ae626c926a4e0
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_
6 #define COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_
8 #include <string>
10 #include "base/basictypes.h"
11 #include "base/compiler_specific.h"
12 #include "base/logging.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "crypto/rsa_private_key.h"
15 #include "policy/proto/cloud_policy.pb.h"
16 #include "policy/proto/device_management_backend.pb.h"
18 #if !defined(OS_ANDROID) && !defined(OS_IOS)
19 #include "policy/proto/chrome_extension_policy.pb.h"
20 #endif
22 namespace policy {
24 // A helper class for testing that provides a straightforward interface for
25 // constructing policy blobs for use in testing. NB: This uses fake data and
26 // hard-coded signing keys by default, so should not be used in production code.
27 class PolicyBuilder {
28 public:
29 // Constants used as dummy data for filling the PolicyData protobuf.
30 static const char kFakeDeviceId[];
31 static const char kFakeDomain[];
32 static const char kFakeMachineName[];
33 static const char kFakePolicyType[];
34 static const int kFakePublicKeyVersion;
35 static const int64 kFakeTimestamp;
36 static const char kFakeToken[];
37 static const char kFakeUsername[];
38 static const char kFakeServiceAccountIdentity[];
40 // Creates a policy builder. The builder will have all PolicyData fields
41 // initialized to dummy values and use the test signing keys.
42 PolicyBuilder();
43 virtual ~PolicyBuilder();
45 // Use this member to access the PolicyData protobuf.
46 enterprise_management::PolicyData& policy_data() {
47 if (!policy_data_.get())
48 policy_data_.reset(new enterprise_management::PolicyData());
49 return *policy_data_;
51 void clear_policy_data() {
52 policy_data_.reset();
55 enterprise_management::PolicyFetchResponse& policy() {
56 return policy_;
59 scoped_ptr<crypto::RSAPrivateKey> GetSigningKey();
60 void SetSigningKey(const crypto::RSAPrivateKey& key);
61 void SetDefaultSigningKey();
62 void UnsetSigningKey();
64 // Sets the default initial signing key - the resulting policy will be signed
65 // by the default signing key, and will have that key set as the
66 // new_public_key field, as if it were an initial key provision.
67 void SetDefaultInitialSigningKey();
69 scoped_ptr<crypto::RSAPrivateKey> GetNewSigningKey();
70 void SetDefaultNewSigningKey();
71 void UnsetNewSigningKey();
73 // Assembles the policy components. The resulting policy protobuf is available
74 // through policy() after this call.
75 virtual void Build();
77 // Returns a copy of policy().
78 scoped_ptr<enterprise_management::PolicyFetchResponse> GetCopy();
80 // Returns a binary policy blob, i.e. an encoded PolicyFetchResponse.
81 std::string GetBlob();
83 // These return hard-coded testing keys. Don't use in production!
84 static scoped_ptr<crypto::RSAPrivateKey> CreateTestSigningKey();
85 static scoped_ptr<crypto::RSAPrivateKey> CreateTestOtherSigningKey();
87 // Verification signatures for the two hard-coded testing keys above. These
88 // signatures are valid only for the kFakeDomain domain.
89 static std::string GetTestSigningKeySignature();
90 static std::string GetTestOtherSigningKeySignature();
92 std::vector<uint8> raw_signing_key() { return raw_signing_key_; }
93 std::vector<uint8> raw_new_signing_key() { return raw_new_signing_key_; }
95 private:
96 // Produces |key|'s signature over |data| and stores it in |signature|.
97 void SignData(const std::string& data,
98 crypto::RSAPrivateKey* key,
99 std::string* signature);
101 enterprise_management::PolicyFetchResponse policy_;
102 scoped_ptr<enterprise_management::PolicyData> policy_data_;
103 std::string payload_data_;
105 // The keys cannot be stored in NSS. Temporary keys are not guaranteed to
106 // remain in the database. Persistent keys require a persistent database,
107 // which would coincide with the user's database. However, these keys are used
108 // for signing the policy and don't have to coincide with the user's known
109 // keys. Instead, we store the private keys as raw bytes. Where needed, a
110 // temporary RSAPrivateKey is created.
111 std::vector<uint8> raw_signing_key_;
112 std::vector<uint8> raw_new_signing_key_;
113 std::string raw_new_signing_key_signature_;
115 DISALLOW_COPY_AND_ASSIGN(PolicyBuilder);
118 // Type-parameterized PolicyBuilder extension that allows for building policy
119 // blobs carrying protobuf payloads.
120 template<typename PayloadProto>
121 class TypedPolicyBuilder : public PolicyBuilder {
122 public:
123 TypedPolicyBuilder();
124 ~TypedPolicyBuilder() override {}
126 // Returns a reference to the payload protobuf being built.
127 PayloadProto& payload() {
128 if (!payload_.get())
129 payload_.reset(new PayloadProto());
130 return *payload_;
132 void clear_payload() {
133 payload_.reset();
136 // PolicyBuilder:
137 void Build() override {
138 if (payload_.get())
139 CHECK(payload_->SerializeToString(policy_data().mutable_policy_value()));
141 PolicyBuilder::Build();
144 private:
145 scoped_ptr<PayloadProto> payload_;
147 DISALLOW_COPY_AND_ASSIGN(TypedPolicyBuilder);
150 typedef TypedPolicyBuilder<enterprise_management::CloudPolicySettings>
151 UserPolicyBuilder;
153 #if !defined(OS_ANDROID) && !defined(OS_IOS)
154 typedef TypedPolicyBuilder<enterprise_management::ExternalPolicyData>
155 ComponentPolicyBuilder;
156 #endif
158 } // namespace policy
160 #endif // COMPONENTS_POLICY_CORE_COMMON_CLOUD_POLICY_BUILDER_H_