media: Disable platform verification in dev mode.

Platform verification is disabled in dev mode unless overridden by the flag --allow-ra-in-dev-mode. BUG=314782 TEST=Manually tested in dev mode. Review URL: https://codereview.chromium.org/1046963003 Cr-Commit-Position: refs/heads/master@{#322975}
author: xhwang <xhwang@chromium.org> 2015-03-30 21:17:21 -0700
committer: Commit bot <commit-bot@chromium.org> 2015-03-31 04:17:56 +0000
commit: f94f269e9cce7ea603f49c2a3e11e6a3e386d4fa (patch)
tree: 5b942f5e2ec4b660270573ee9434ed32ce0b03f6
parent: 9e2b282e1a448ad6b3f4f3717efa5d7b376d106b (diff)
download: chromium_src-f94f269e9cce7ea603f49c2a3e11e6a3e386d4fa.zip
chromium_src-f94f269e9cce7ea603f49c2a3e11e6a3e386d4fa.tar.gz
chromium_src-f94f269e9cce7ea603f49c2a3e11e6a3e386d4fa.tar.bz2
6 files changed, 42 insertions, 19 deletions
diff --git a/chrome/browser/chromeos/attestation/platform_verification_flow.cc b/chrome/browser/chromeos/attestation/platform_verification_flow.cc
index a1db8b0..cb15208 100644
--- a/chrome/browser/chromeos/attestation/platform_verification_flow.cc
+++ b/chrome/browser/chromeos/attestation/platform_verification_flow.cc
@@ -18,6 +18,7 @@
 #include "chrome/browser/media/protected_media_identifier_permission_context_factory.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chromeos/attestation/attestation_flow.h"
+#include "chromeos/chromeos_switches.h"
 #include "chromeos/cryptohome/async_method_caller.h"
 #include "chromeos/dbus/cryptohome_client.h"
 #include "chromeos/dbus/dbus_thread_manager.h"
@@ -107,10 +108,15 @@ class DefaultDelegate : public PlatformVerificationFlow::Delegate {
     return content_setting == CONTENT_SETTING_ALLOW;
   }
 
-  bool IsGuestOrIncognito(content::WebContents* web_contents) override {
+  bool IsInSupportedMode(content::WebContents* web_contents) override {
     Profile* profile =
         Profile::FromBrowserContext(web_contents->GetBrowserContext());
-    return (profile->IsOffTheRecord() || profile->IsGuestSession());
+    if (profile->IsOffTheRecord() || profile->IsGuestSession())
+      return false;
+
+    base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
+    return !command_line->HasSwitch(chromeos::switches::kSystemDevMode) ||
+           command_line->HasSwitch(chromeos::switches::kAllowRAInDevMode);
   }
 
  private:
@@ -188,13 +194,11 @@ void PlatformVerificationFlow::ChallengePlatformKey(
     return;
   }
 
-  // A platform key must be bound to a user. They are not allowed in incognito
-  // or guest mode.
   // TODO(xhwang): Change to DCHECK when prefixed EME support is removed.
   // See http://crbug.com/249976
-  if (delegate_->IsGuestOrIncognito(web_contents)) {
-    VLOG(1) << "Platform verification denied because the current session is "
-            << "guest or incognito.";
+  if (!delegate_->IsInSupportedMode(web_contents)) {
+    VLOG(1) << "Platform verification denied because it's not supported in the "
+            << "current mode.";
     ReportError(callback, PLATFORM_NOT_VERIFIED);
     return;
   }
diff --git a/chrome/browser/chromeos/attestation/platform_verification_flow.h b/chrome/browser/chromeos/attestation/platform_verification_flow.h
index d60f5ad..eaa6abb 100644
--- a/chrome/browser/chromeos/attestation/platform_verification_flow.h
+++ b/chrome/browser/chromeos/attestation/platform_verification_flow.h
@@ -85,8 +85,11 @@ class PlatformVerificationFlow
     // Checks whether attestation is permitted by user.
     virtual bool IsPermittedByUser(content::WebContents* web_contents) = 0;
 
-    // Returns true iff |web_contents| belongs to a guest or incognito session.
-    virtual bool IsGuestOrIncognito(content::WebContents* web_contents) = 0;
+    // Returns true iff the device is in a mode that supports platform
+    // verification. For example, platform verification is not supported in
+    // guest or incognito mode. It is also not supported in dev mode unless
+    // overridden by a flag.
+    virtual bool IsInSupportedMode(content::WebContents* web_contents) = 0;
   };
 
   // This callback will be called when a challenge operation completes.  If
diff --git a/chrome/browser/chromeos/attestation/platform_verification_flow_unittest.cc b/chrome/browser/chromeos/attestation/platform_verification_flow_unittest.cc
index fb5ac95..a3101e5 100644
--- a/chrome/browser/chromeos/attestation/platform_verification_flow_unittest.cc
+++ b/chrome/browser/chromeos/attestation/platform_verification_flow_unittest.cc
@@ -47,7 +47,9 @@ const char kTestURL[] = "http://mytestdomain/test";
 class FakeDelegate : public PlatformVerificationFlow::Delegate {
  public:
   FakeDelegate()
-      : url_(kTestURL), is_permitted_by_user_(true), is_incognito_(false) {
+      : url_(kTestURL),
+        is_permitted_by_user_(true),
+        is_in_supported_mode_(true) {
     // Configure a user for the mock user manager.
     mock_user_manager_.SetActiveUser(kTestEmail);
   }
@@ -65,8 +67,8 @@ class FakeDelegate : public PlatformVerificationFlow::Delegate {
     return is_permitted_by_user_;
   }
 
-  bool IsGuestOrIncognito(content::WebContents* web_contents) override {
-    return is_incognito_;
+  bool IsInSupportedMode(content::WebContents* web_contents) override {
+    return is_in_supported_mode_;
   }
 
   void set_url(const GURL& url) {
@@ -77,15 +79,15 @@ class FakeDelegate : public PlatformVerificationFlow::Delegate {
     is_permitted_by_user_ = is_permitted_by_user;
   }
 
-  void set_is_incognito(bool is_incognito) {
-    is_incognito_ = is_incognito;
+  void set_is_in_supported_mode(bool is_in_supported_mode) {
+    is_in_supported_mode_ = is_in_supported_mode;
   }
 
  private:
   MockUserManager mock_user_manager_;
   GURL url_;
   bool is_permitted_by_user_;
-  bool is_incognito_;
+  bool is_in_supported_mode_;
 
   DISALLOW_COPY_AND_ASSIGN(FakeDelegate);
 };
@@ -328,8 +330,8 @@ TEST_F(PlatformVerificationFlowTest, ExpiredCert) {
   EXPECT_EQ(certificate_, fake_certificate_list_[1]);
 }
 
-TEST_F(PlatformVerificationFlowTest, IncognitoMode) {
-  fake_delegate_.set_is_incognito(true);
+TEST_F(PlatformVerificationFlowTest, UnsupportedMode) {
+  fake_delegate_.set_is_in_supported_mode(false);
   verifier_->ChallengePlatformKey(NULL, kTestID, kTestChallenge, callback_);
   base::RunLoop().RunUntilIdle();
   EXPECT_EQ(PlatformVerificationFlow::PLATFORM_NOT_VERIFIED, result_);
diff --git a/chrome/browser/media/protected_media_identifier_permission_context.cc b/chrome/browser/media/protected_media_identifier_permission_context.cc
index abdd046..47b1b861 100644
--- a/chrome/browser/media/protected_media_identifier_permission_context.cc
+++ b/chrome/browser/media/protected_media_identifier_permission_context.cc
@@ -4,6 +4,7 @@
 
 #include "chrome/browser/media/protected_media_identifier_permission_context.h"
 
+#include "base/command_line.h"
 #include "base/prefs/pref_service.h"
 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
 #include "chrome/browser/profiles/profile.h"
@@ -12,18 +13,17 @@
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/user_metrics.h"
 #include "content/public/browser/web_contents.h"
-
 #if defined(OS_CHROMEOS)
 #include <utility>
 
 #include "chrome/browser/chromeos/attestation/platform_verification_dialog.h"
 #include "chrome/browser/chromeos/settings/cros_settings.h"
+#include "chromeos/chromeos_switches.h"
 #include "chromeos/settings/cros_settings_names.h"
 #include "components/pref_registry/pref_registry_syncable.h"
 #include "components/user_prefs/user_prefs.h"
 #include "ui/views/widget/widget.h"
 #elif defined(OS_ANDROID)
-#include "base/command_line.h"
 #include "media/base/media_switches.h"
 #else
 #error This file currently only supports Chrome OS and Android.
@@ -203,6 +203,13 @@ bool ProtectedMediaIdentifierPermissionContext::
     return false;
   }
 
+  base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
+  if (command_line->HasSwitch(chromeos::switches::kSystemDevMode) &&
+      !command_line->HasSwitch(chromeos::switches::kAllowRAInDevMode)) {
+    DVLOG(1) << "Protected media identifier disabled in dev mode.";
+    return false;
+  }
+
   // This could be disabled by the device policy or by user's master switch.
   bool enabled_for_device = false;
   if (!chromeos::CrosSettings::Get()->GetBoolean(
diff --git a/chromeos/chromeos_switches.cc b/chromeos/chromeos_switches.cc
index 4c7ea09..6d20a95 100644
--- a/chromeos/chromeos_switches.cc
+++ b/chromeos/chromeos_switches.cc
@@ -13,6 +13,12 @@
 namespace chromeos {
 namespace switches {
 
+// Allows remote attestation (RA) in dev mode for testing purpose. Usually RA
+// is disabled in dev mode because it will always fail. However, there are cases
+// in testing where we do want to go through the permission flow even in dev
+// mode. This can be enabled by this flag.
+const char kAllowRAInDevMode[] = "allow-ra-in-dev-mode";
+
 // Path for app's OEM manifest file.
 const char kAppOemManifestFile[] = "app-mode-oem-manifest";
 
diff --git a/chromeos/chromeos_switches.h b/chromeos/chromeos_switches.h
index 1c21f0c..fb3d47a 100644
--- a/chromeos/chromeos_switches.h
+++ b/chromeos/chromeos_switches.h
@@ -21,6 +21,7 @@ namespace switches {
 // see chromeos::LoginUtil::GetOffTheRecordCommandLine().)
 
 // Please keep alphabetized.
+CHROMEOS_EXPORT extern const char kAllowRAInDevMode[];
 CHROMEOS_EXPORT extern const char kAppOemManifestFile[];
 CHROMEOS_EXPORT extern const char kArtifactsDir[];
 CHROMEOS_EXPORT extern const char kAshWebUIInit[];
author	xhwang <xhwang@chromium.org>	2015-03-30 21:17:21 -0700
committer	Commit bot <commit-bot@chromium.org>	2015-03-31 04:17:56 +0000
commit	f94f269e9cce7ea603f49c2a3e11e6a3e386d4fa (patch)
tree	5b942f5e2ec4b660270573ee9434ed32ce0b03f6
parent	9e2b282e1a448ad6b3f4f3717efa5d7b376d106b (diff)
download	chromium_src-f94f269e9cce7ea603f49c2a3e11e6a3e386d4fa.zip chromium_src-f94f269e9cce7ea603f49c2a3e11e6a3e386d4fa.tar.gz chromium_src-f94f269e9cce7ea603f49c2a3e11e6a3e386d4fa.tar.bz2