Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(20)

Side by Side Diff: chrome/browser/policy/cloud_policy_validator_unittest.cc

Issue 10828032: Add DeviceSettingsService. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase. Created 8 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <vector> 5 #include <vector>
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/memory/scoped_ptr.h" 8 #include "base/memory/scoped_ptr.h"
9 #include "base/message_loop.h" 9 #include "base/message_loop.h"
10 #include "base/string_util.h" 10 #include "base/string_util.h"
(...skipping 18 matching lines...) Expand all
29 EXPECT_EQ(expected_status, arg0->status()); 29 EXPECT_EQ(expected_status, arg0->status());
30 }; 30 };
31 31
32 class CloudPolicyValidatorTest : public testing::Test { 32 class CloudPolicyValidatorTest : public testing::Test {
33 public: 33 public:
34 CloudPolicyValidatorTest() 34 CloudPolicyValidatorTest()
35 : loop_(MessageLoop::TYPE_UI), 35 : loop_(MessageLoop::TYPE_UI),
36 timestamp_(base::Time::UnixEpoch() + 36 timestamp_(base::Time::UnixEpoch() +
37 base::TimeDelta::FromMilliseconds( 37 base::TimeDelta::FromMilliseconds(
38 PolicyBuilder::kFakeTimestamp)), 38 PolicyBuilder::kFakeTimestamp)),
39 file_thread_(content::BrowserThread::FILE, &loop_) {} 39 ignore_missing_timestamp_(false),
40 allow_key_rotation_(true),
41 file_thread_(content::BrowserThread::FILE, &loop_) {
42 policy_.set_new_signing_key(PolicyBuilder::CreateTestNewSigningKey());
43 }
40 44
41 void Validate(testing::Action<void(UserCloudPolicyValidator*)> check_action) { 45 void Validate(testing::Action<void(UserCloudPolicyValidator*)> check_action) {
42 std::vector<uint8> public_key; 46 std::vector<uint8> public_key;
43 ASSERT_TRUE( 47 ASSERT_TRUE(
44 PolicyBuilder::CreateTestSigningKey()->ExportPublicKey(&public_key)); 48 PolicyBuilder::CreateTestSigningKey()->ExportPublicKey(&public_key));
45 49
46 // Create a validator. 50 // Create a validator.
47 policy_.Build(); 51 policy_.Build();
48 UserCloudPolicyValidator* validator = 52 UserCloudPolicyValidator* validator =
49 UserCloudPolicyValidator::Create( 53 UserCloudPolicyValidator::Create(
50 policy_.GetCopy(), 54 policy_.GetCopy(),
51 base::Bind(&CloudPolicyValidatorTest::ValidationCompletion, 55 base::Bind(&CloudPolicyValidatorTest::ValidationCompletion,
52 base::Unretained(this))); 56 base::Unretained(this)));
53 validator->ValidateTimestamp(timestamp_, timestamp_); 57 validator->ValidateTimestamp(timestamp_, timestamp_,
58 ignore_missing_timestamp_);
54 validator->ValidateUsername(PolicyBuilder::kFakeUsername); 59 validator->ValidateUsername(PolicyBuilder::kFakeUsername);
55 validator->ValidateDomain(PolicyBuilder::kFakeDomain); 60 validator->ValidateDomain(PolicyBuilder::kFakeDomain);
56 validator->ValidateDMToken(PolicyBuilder::kFakeToken); 61 validator->ValidateDMToken(PolicyBuilder::kFakeToken);
57 validator->ValidatePolicyType(dm_protocol::kChromeUserPolicyType); 62 validator->ValidatePolicyType(dm_protocol::kChromeUserPolicyType);
58 validator->ValidatePayload(); 63 validator->ValidatePayload();
59 validator->ValidateSignature(std::string(public_key.begin(), 64 validator->ValidateSignature(public_key, allow_key_rotation_);
60 public_key.end())); 65 if (allow_key_rotation_)
61 validator->ValidateInitialKey(); 66 validator->ValidateInitialKey();
62 67
63 // Run validation and check the result. 68 // Run validation and check the result.
64 EXPECT_CALL(*this, ValidationCompletion(validator)).WillOnce(check_action); 69 EXPECT_CALL(*this, ValidationCompletion(validator)).WillOnce(check_action);
65 validator->StartValidation(); 70 validator->StartValidation();
66 loop_.RunAllPending(); 71 loop_.RunAllPending();
67 Mock::VerifyAndClearExpectations(this); 72 Mock::VerifyAndClearExpectations(this);
68 } 73 }
69 74
70 void CheckSuccessfulValidation(UserCloudPolicyValidator* validator) { 75 void CheckSuccessfulValidation(UserCloudPolicyValidator* validator) {
71 EXPECT_TRUE(validator->success()); 76 EXPECT_TRUE(validator->success());
72 EXPECT_EQ(policy_.policy().SerializeAsString(), 77 EXPECT_EQ(policy_.policy().SerializeAsString(),
73 validator->policy()->SerializeAsString()); 78 validator->policy()->SerializeAsString());
74 EXPECT_EQ(policy_.policy_data().SerializeAsString(), 79 EXPECT_EQ(policy_.policy_data().SerializeAsString(),
75 validator->policy_data()->SerializeAsString()); 80 validator->policy_data()->SerializeAsString());
76 EXPECT_EQ(policy_.payload().SerializeAsString(), 81 EXPECT_EQ(policy_.payload().SerializeAsString(),
77 validator->payload()->SerializeAsString()); 82 validator->payload()->SerializeAsString());
78 } 83 }
79 84
80 MessageLoop loop_; 85 MessageLoop loop_;
81 base::Time timestamp_; 86 base::Time timestamp_;
87 bool ignore_missing_timestamp_;
82 std::string signing_key_; 88 std::string signing_key_;
89 bool allow_key_rotation_;
83 90
84 UserPolicyBuilder policy_; 91 UserPolicyBuilder policy_;
85 92
86 private: 93 private:
87 MOCK_METHOD1(ValidationCompletion, void(UserCloudPolicyValidator* validator)); 94 MOCK_METHOD1(ValidationCompletion, void(UserCloudPolicyValidator* validator));
88 95
89 content::TestBrowserThread file_thread_; 96 content::TestBrowserThread file_thread_;
90 97
91 DISALLOW_COPY_AND_ASSIGN(CloudPolicyValidatorTest); 98 DISALLOW_COPY_AND_ASSIGN(CloudPolicyValidatorTest);
92 }; 99 };
(...skipping 16 matching lines...) Expand all
109 TEST_F(CloudPolicyValidatorTest, ErrorWrongPolicyType) { 116 TEST_F(CloudPolicyValidatorTest, ErrorWrongPolicyType) {
110 policy_.policy_data().set_policy_type("invalid"); 117 policy_.policy_data().set_policy_type("invalid");
111 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_WRONG_POLICY_TYPE)); 118 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_WRONG_POLICY_TYPE));
112 } 119 }
113 120
114 TEST_F(CloudPolicyValidatorTest, ErrorNoTimestamp) { 121 TEST_F(CloudPolicyValidatorTest, ErrorNoTimestamp) {
115 policy_.policy_data().clear_timestamp(); 122 policy_.policy_data().clear_timestamp();
116 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_BAD_TIMESTAMP)); 123 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_BAD_TIMESTAMP));
117 } 124 }
118 125
126 TEST_F(CloudPolicyValidatorTest, IgnoreMissingTimestamp) {
127 ignore_missing_timestamp_ = true;
128 policy_.policy_data().clear_timestamp();
129 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_OK));
130 }
131
119 TEST_F(CloudPolicyValidatorTest, ErrorOldTimestamp) { 132 TEST_F(CloudPolicyValidatorTest, ErrorOldTimestamp) {
120 base::Time timestamp(timestamp_ - base::TimeDelta::FromMinutes(5)); 133 base::Time timestamp(timestamp_ - base::TimeDelta::FromMinutes(5));
121 policy_.policy_data().set_timestamp( 134 policy_.policy_data().set_timestamp(
122 (timestamp - base::Time::UnixEpoch()).InMilliseconds()); 135 (timestamp - base::Time::UnixEpoch()).InMilliseconds());
123 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_BAD_TIMESTAMP)); 136 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_BAD_TIMESTAMP));
124 } 137 }
125 138
126 TEST_F(CloudPolicyValidatorTest, ErrorTimestampFromTheFuture) { 139 TEST_F(CloudPolicyValidatorTest, ErrorTimestampFromTheFuture) {
127 base::Time timestamp(timestamp_ + base::TimeDelta::FromMinutes(5)); 140 base::Time timestamp(timestamp_ + base::TimeDelta::FromMinutes(5));
128 policy_.policy_data().set_timestamp( 141 policy_.policy_data().set_timestamp(
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after
210 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE)); 223 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE));
211 } 224 }
212 225
213 TEST_F(CloudPolicyValidatorTest, ErrorInvalidPublicKeySignature) { 226 TEST_F(CloudPolicyValidatorTest, ErrorInvalidPublicKeySignature) {
214 policy_.set_signing_key(scoped_ptr<crypto::RSAPrivateKey>()); 227 policy_.set_signing_key(scoped_ptr<crypto::RSAPrivateKey>());
215 policy_.set_new_signing_key(scoped_ptr<crypto::RSAPrivateKey>()); 228 policy_.set_new_signing_key(scoped_ptr<crypto::RSAPrivateKey>());
216 policy_.policy().set_new_public_key_signature("invalid"); 229 policy_.policy().set_new_public_key_signature("invalid");
217 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE)); 230 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE));
218 } 231 }
219 232
233 TEST_F(CloudPolicyValidatorTest, ErrorNoRotationAllowed) {
234 allow_key_rotation_ = false;
235 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_BAD_SIGNATURE));
236 }
237
238 TEST_F(CloudPolicyValidatorTest, NoRotation) {
239 allow_key_rotation_ = false;
240 policy_.set_new_signing_key(scoped_ptr<crypto::RSAPrivateKey>());
241 Validate(CheckStatus(CloudPolicyValidatorBase::VALIDATION_OK));
242 }
243
220 } // namespace 244 } // namespace
221 245
222 } // namespace policy 246 } // namespace policy
OLDNEW
« no previous file with comments | « chrome/browser/policy/cloud_policy_validator.cc ('k') | chrome/browser/policy/policy_builder.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698