15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/chromeos/settings/session_manager_operation.h" 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/basictypes.h" 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/bind.h" 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/bind_helpers.h" 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/memory/ref_counted.h" 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/memory/scoped_ptr.h" 129ab5563a3196760eb381d102cbb2bc0f7abc6a50Ben Murdoch#include "base/message_loop/message_loop.h" 13a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/chromeos/settings/device_settings_test_helper.h" 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/chromeos/settings/mock_owner_key_util.h" 16a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/core/common/cloud/cloud_policy_constants.h" 17a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/core/common/cloud/cloud_policy_validator.h" 18a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/core/common/cloud/policy_builder.h" 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/test/test_browser_thread.h" 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "crypto/rsa_private_key.h" 21a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "policy/proto/device_management_backend.pb.h" 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "testing/gmock/include/gmock/gmock.h" 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "testing/gtest/include/gtest/gtest.h" 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace em = enterprise_management; 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using testing::Mock; 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using testing::_; 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace chromeos { 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class SessionManagerOperationTest : public testing::Test { 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SessionManagerOperationTest() 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : ui_thread_(content::BrowserThread::UI, &message_loop_), 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) file_thread_(content::BrowserThread::FILE, &message_loop_), 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) owner_key_util_(new MockOwnerKeyUtil()), 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) validated_(false) {} 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void SetUp() OVERRIDE { 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy_.payload().mutable_pinned_apps()->add_app_id("fake-app"); 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy_.Build(); 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) MOCK_METHOD2(OnOperationCompleted, 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void(SessionManagerOperation*, DeviceSettingsService::Status)); 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void CheckSuccessfulValidation( 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy::DeviceCloudPolicyValidator* validator) { 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(validator->success()); 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(validator->payload().get()); 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(validator->payload()->SerializeAsString(), 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy_.payload().SerializeAsString()); 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) validated_ = true; 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void CheckPublicKeyLoaded(SessionManagerOperation* op) { 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op->owner_key().get()); 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op->owner_key()->public_key()); 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::vector<uint8> public_key; 612385ea399aae016c0806a4f9ef3c9cfe3d2a39dfBen Murdoch ASSERT_TRUE(policy_.GetSigningKey()->ExportPublicKey(&public_key)); 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(public_key, *op->owner_key()->public_key()); 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void CheckPrivateKeyLoaded(SessionManagerOperation* op) { 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op->owner_key().get()); 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op->owner_key()->private_key()); 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::vector<uint8> expected_key; 692385ea399aae016c0806a4f9ef3c9cfe3d2a39dfBen Murdoch ASSERT_TRUE(policy_.GetSigningKey()->ExportPrivateKey(&expected_key)); 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::vector<uint8> actual_key; 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op->owner_key()->private_key()->ExportPrivateKey(&actual_key)); 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(expected_key, actual_key); 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) protected: 7690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) base::MessageLoop message_loop_; 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::TestBrowserThread ui_thread_; 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::TestBrowserThread file_thread_; 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy::DevicePolicyBuilder policy_; 815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DeviceSettingsTestHelper device_settings_test_helper_; 825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<MockOwnerKeyUtil> owner_key_util_; 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool validated_; 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private: 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(SessionManagerOperationTest); 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SessionManagerOperationTest, LoadNoPolicyNoKey) { 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) LoadSettingsOperation op( 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Bind(&SessionManagerOperationTest::OnOperationCompleted, 935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Unretained(this))); 945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_CALL(*this, 965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) OnOperationCompleted( 975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &op, DeviceSettingsService::STORE_KEY_UNAVAILABLE)); 985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.Start(&device_settings_test_helper_, owner_key_util_, NULL); 995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.Flush(); 1005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Mock::VerifyAndClearExpectations(this); 1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(op.policy_data().get()); 1035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(op.device_settings().get()); 1045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op.owner_key().get()); 1055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(op.owner_key()->public_key()); 1065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(op.owner_key()->private_key()); 1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SessionManagerOperationTest, LoadOwnerKey) { 1102385ea399aae016c0806a4f9ef3c9cfe3d2a39dfBen Murdoch owner_key_util_->SetPublicKeyFromPrivateKey(*policy_.GetSigningKey()); 1115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) LoadSettingsOperation op( 1125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Bind(&SessionManagerOperationTest::OnOperationCompleted, 1135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Unretained(this))); 1145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_CALL(*this, 1165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) OnOperationCompleted( 1175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &op, DeviceSettingsService::STORE_NO_POLICY)); 1185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.Start(&device_settings_test_helper_, owner_key_util_, NULL); 1195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.Flush(); 1205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Mock::VerifyAndClearExpectations(this); 1215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CheckPublicKeyLoaded(&op); 1235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SessionManagerOperationTest, LoadPolicy) { 1262385ea399aae016c0806a4f9ef3c9cfe3d2a39dfBen Murdoch owner_key_util_->SetPublicKeyFromPrivateKey(*policy_.GetSigningKey()); 1275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.set_policy_blob(policy_.GetBlob()); 1285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) LoadSettingsOperation op( 1295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Bind(&SessionManagerOperationTest::OnOperationCompleted, 1305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Unretained(this))); 1315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_CALL(*this, 1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) OnOperationCompleted( 1345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &op, DeviceSettingsService::STORE_SUCCESS)); 1355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.Start(&device_settings_test_helper_, owner_key_util_, NULL); 1365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.Flush(); 1375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Mock::VerifyAndClearExpectations(this); 1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op.policy_data().get()); 1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(policy_.policy_data().SerializeAsString(), 1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.policy_data()->SerializeAsString()); 1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op.device_settings().get()); 1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(policy_.payload().SerializeAsString(), 1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.device_settings()->SerializeAsString()); 1455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SessionManagerOperationTest, LoadPrivateOwnerKey) { 1482385ea399aae016c0806a4f9ef3c9cfe3d2a39dfBen Murdoch owner_key_util_->SetPrivateKey(policy_.GetSigningKey()); 1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) LoadSettingsOperation op( 1505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Bind(&SessionManagerOperationTest::OnOperationCompleted, 1515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Unretained(this))); 1525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_CALL(*this, 1545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) OnOperationCompleted( 1555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &op, DeviceSettingsService::STORE_NO_POLICY)); 1565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.Start(&device_settings_test_helper_, owner_key_util_, NULL); 1575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.Flush(); 1585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Mock::VerifyAndClearExpectations(this); 1595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CheckPublicKeyLoaded(&op); 1615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CheckPrivateKeyLoaded(&op); 1625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SessionManagerOperationTest, RestartLoad) { 1652385ea399aae016c0806a4f9ef3c9cfe3d2a39dfBen Murdoch owner_key_util_->SetPrivateKey(policy_.GetSigningKey()); 1665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.set_policy_blob(policy_.GetBlob()); 1675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) LoadSettingsOperation op( 1685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Bind(&SessionManagerOperationTest::OnOperationCompleted, 1695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Unretained(this))); 1705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_CALL(*this, OnOperationCompleted(&op, _)).Times(0); 1725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.Start(&device_settings_test_helper_, owner_key_util_, NULL); 1735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.FlushLoops(); 1745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.FlushRetrieve(); 1757dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch EXPECT_TRUE(op.owner_key().get()); 1765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(op.owner_key()->public_key()); 1775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Mock::VerifyAndClearExpectations(this); 1785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now install a different key and policy and restart the operation. 1802385ea399aae016c0806a4f9ef3c9cfe3d2a39dfBen Murdoch policy_.SetSigningKey(*policy::PolicyBuilder::CreateTestOtherSigningKey()); 1815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy_.payload().mutable_metrics_enabled()->set_metrics_enabled(true); 1825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy_.Build(); 1835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.set_policy_blob(policy_.GetBlob()); 1842385ea399aae016c0806a4f9ef3c9cfe3d2a39dfBen Murdoch owner_key_util_->SetPrivateKey(policy_.GetSigningKey()); 1855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_CALL(*this, 1875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) OnOperationCompleted( 1885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &op, DeviceSettingsService::STORE_SUCCESS)); 1895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.RestartLoad(true); 1905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.Flush(); 1915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Mock::VerifyAndClearExpectations(this); 1925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Check that the new keys have been loaded. 1945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CheckPublicKeyLoaded(&op); 1955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CheckPrivateKeyLoaded(&op); 1965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Verify the new policy. 1985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op.policy_data().get()); 1995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(policy_.policy_data().SerializeAsString(), 2005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.policy_data()->SerializeAsString()); 2015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op.device_settings().get()); 2025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(policy_.payload().SerializeAsString(), 2035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.device_settings()->SerializeAsString()); 2045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SessionManagerOperationTest, StoreSettings) { 2072385ea399aae016c0806a4f9ef3c9cfe3d2a39dfBen Murdoch owner_key_util_->SetPublicKeyFromPrivateKey(*policy_.GetSigningKey()); 2085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) StoreSettingsOperation op( 2095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Bind(&SessionManagerOperationTest::OnOperationCompleted, 2105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Unretained(this)), 2115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy_.GetCopy()); 2125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_CALL(*this, 2145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) OnOperationCompleted( 2155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &op, DeviceSettingsService::STORE_SUCCESS)); 2165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.Start(&device_settings_test_helper_, owner_key_util_, NULL); 2175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.Flush(); 2185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Mock::VerifyAndClearExpectations(this); 2195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(device_settings_test_helper_.policy_blob(), 2215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy_.GetBlob()); 2225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op.policy_data().get()); 2235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(policy_.policy_data().SerializeAsString(), 2245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.policy_data()->SerializeAsString()); 2255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op.device_settings().get()); 2265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(policy_.payload().SerializeAsString(), 2275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.device_settings()->SerializeAsString()); 2285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SessionManagerOperationTest, SignAndStoreSettings) { 2315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Time before(base::Time::NowFromSystemTime()); 2322385ea399aae016c0806a4f9ef3c9cfe3d2a39dfBen Murdoch owner_key_util_->SetPrivateKey(policy_.GetSigningKey()); 2335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SignAndStoreSettingsOperation op( 2345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Bind(&SessionManagerOperationTest::OnOperationCompleted, 2355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Unretained(this)), 2365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_ptr<em::ChromeDeviceSettingsProto>( 2375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) new em::ChromeDeviceSettingsProto(policy_.payload())), 2385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy_.policy_data().username()); 2395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_CALL(*this, 2415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) OnOperationCompleted( 2425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &op, DeviceSettingsService::STORE_SUCCESS)); 2435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.Start(&device_settings_test_helper_, owner_key_util_, NULL); 2445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.Flush(); 2455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Mock::VerifyAndClearExpectations(this); 2465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Time after(base::Time::NowFromSystemTime()); 2475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The blob should validate. 2495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_ptr<em::PolicyFetchResponse> policy_response( 2505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) new em::PolicyFetchResponse()); 2515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE( 2525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy_response->ParseFromString( 2535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) device_settings_test_helper_.policy_blob())); 2545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy::DeviceCloudPolicyValidator* validator = 2558bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) policy::DeviceCloudPolicyValidator::Create( 2568bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) policy_response.Pass(), message_loop_.message_loop_proxy()); 2575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) validator->ValidateUsername(policy_.policy_data().username()); 2582a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) validator->ValidateTimestamp( 2592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) before, 2602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) after, 2612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) policy::CloudPolicyValidatorBase::TIMESTAMP_REQUIRED); 2625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) validator->ValidatePolicyType(policy::dm_protocol::kChromeDevicePolicyType); 2635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) validator->ValidatePayload(); 2645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::vector<uint8> public_key; 2652385ea399aae016c0806a4f9ef3c9cfe3d2a39dfBen Murdoch policy_.GetSigningKey()->ExportPublicKey(&public_key); 2665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) validator->ValidateSignature(public_key, false); 2672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) validator->StartValidation( 2682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::Bind(&SessionManagerOperationTest::CheckSuccessfulValidation, 2692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::Unretained(this))); 2702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) message_loop_.RunUntilIdle(); 2725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(validated_); 2735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Check that the loaded policy_data contains the expected values. 2755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(policy::dm_protocol::kChromeDevicePolicyType, 2765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.policy_data()->policy_type()); 2775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_LE((before - base::Time::UnixEpoch()).InMilliseconds(), 2785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.policy_data()->timestamp()); 2795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_GE((after - base::Time::UnixEpoch()).InMilliseconds(), 2805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.policy_data()->timestamp()); 2815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(op.policy_data()->has_request_token()); 2825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(policy_.policy_data().username(), op.policy_data()->username()); 2835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Loaded device settings should match what the operation received. 2855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(op.device_settings().get()); 2865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(policy_.payload().SerializeAsString(), 2875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) op.device_settings()->SerializeAsString()); 2885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace chromeos 291