Created AttestationPolicyObserver.

AttestationPolicyObserver performs Chrome OS attestation work in response to policy changes. This CL integrates AttestationPolicyObserver with the Chrome OS device policy infrastructure. It also defines a AttestationCAClient skeleton which is necessary to instantiate AttestationFlow and changes AttestationFlow to take ownership of its ServerProxy instance. BUG=chromium:219959 TEST=unit_tests; chromeos_unittests Review URL: https://chromiumcodereview.appspot.com/12556004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@195266 0039d316-1c4b-4281-b951-d872f2087c98
author: dkrahn@google.com <dkrahn@google.com@0039d316-1c4b-4281-b951-d872f2087c98> 2013-04-19 20:34:35 +0000
committer: dkrahn@google.com <dkrahn@google.com@0039d316-1c4b-4281-b951-d872f2087c98> 2013-04-19 20:34:35 +0000
commit: eda0a0b16697dab1fc2d45d6cfe38652044b88d5 (patch)
tree: f8448fcc9809fd7a001947a3b146c1b32a2eeb32 /chromeos/attestation
parent: 450944caa9b0aaf7639a74ffc18b1afe057a873c (diff)
download: chromium_src-eda0a0b16697dab1fc2d45d6cfe38652044b88d5.zip
chromium_src-eda0a0b16697dab1fc2d45d6cfe38652044b88d5.tar.gz
chromium_src-eda0a0b16697dab1fc2d45d6cfe38652044b88d5.tar.bz2
6 files changed, 63 insertions, 31 deletions
diff --git a/chromeos/attestation/OWNERS b/chromeos/attestation/OWNERS
new file mode 100644
index 0000000..cd1c574
--- /dev/null
+++ b/chromeos/attestation/OWNERS
@@ -0,0 +1,2 @@
+mnissler@chromium.org
+pastarmovj@chromium.org
diff --git a/chromeos/attestation/attestation_flow.cc b/chromeos/attestation/attestation_flow.cc
index 1f0db41..f36403a 100644
--- a/chromeos/attestation/attestation_flow.cc
+++ b/chromeos/attestation/attestation_flow.cc
@@ -44,11 +44,11 @@ const char AttestationFlow::kEnterpriseMachineKey[] = "attest-ent-machine";
 
 AttestationFlow::AttestationFlow(cryptohome::AsyncMethodCaller* async_caller,
                                  CryptohomeClient* cryptohome_client,
-                                 ServerProxy* server_proxy)
+                                 scoped_ptr<ServerProxy> server_proxy)
     : ALLOW_THIS_IN_INITIALIZER_LIST(weak_factory_(this)),
       async_caller_(async_caller),
       cryptohome_client_(cryptohome_client),
-      server_proxy_(server_proxy) {
+      server_proxy_(server_proxy.Pass()) {
 }
 
 AttestationFlow::~AttestationFlow() {
diff --git a/chromeos/attestation/attestation_flow.h b/chromeos/attestation/attestation_flow.h
index 572be93..76049d7 100644
--- a/chromeos/attestation/attestation_flow.h
+++ b/chromeos/attestation/attestation_flow.h
@@ -9,6 +9,7 @@
 
 #include "base/basictypes.h"
 #include "base/callback_forward.h"
+#include "base/memory/scoped_ptr.h"
 #include "base/memory/weak_ptr.h"
 #include "chromeos/chromeos_export.h"
 #include "chromeos/dbus/dbus_method_call_status.h"
@@ -54,7 +55,7 @@ class CHROMEOS_EXPORT AttestationFlow {
 
   AttestationFlow(cryptohome::AsyncMethodCaller* async_caller,
                   CryptohomeClient* cryptohome_client,
-                  ServerProxy* server_proxy);
+                  scoped_ptr<ServerProxy> server_proxy);
   virtual ~AttestationFlow();
 
   // Asynchronously gets an attestation certificate bound to the given name.
@@ -165,7 +166,7 @@ class CHROMEOS_EXPORT AttestationFlow {
   base::WeakPtrFactory<AttestationFlow> weak_factory_;
   cryptohome::AsyncMethodCaller* async_caller_;
   CryptohomeClient* cryptohome_client_;
-  ServerProxy* server_proxy_;
+  scoped_ptr<ServerProxy> server_proxy_;
 
   DISALLOW_COPY_AND_ASSIGN(AttestationFlow);
 };
diff --git a/chromeos/attestation/attestation_flow_unittest.cc b/chromeos/attestation/attestation_flow_unittest.cc
index 3adc2410..30ea3cc 100644
--- a/chromeos/attestation/attestation_flow_unittest.cc
+++ b/chromeos/attestation/attestation_flow_unittest.cc
@@ -3,6 +3,7 @@
 // found in the LICENSE file.
 
 #include "base/bind.h"
+#include "base/memory/scoped_ptr.h"
 #include "base/run_loop.h"
 #include "chromeos/attestation/mock_attestation_flow.h"
 #include "chromeos/cryptohome/mock_async_method_caller.h"
@@ -68,9 +69,9 @@ TEST_F(AttestationFlowTest, GetCertificate) {
       .Times(1)
       .InSequence(flow_order);
 
-  StrictMock<MockServerProxy> proxy;
-  proxy.DeferToFake(true);
-  EXPECT_CALL(proxy, SendEnrollRequest(
+  scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
+  proxy->DeferToFake(true);
+  EXPECT_CALL(*proxy, SendEnrollRequest(
       cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest,
       _)).Times(1)
          .InSequence(flow_order);
@@ -88,7 +89,7 @@ TEST_F(AttestationFlowTest, GetCertificate) {
       .Times(1)
       .InSequence(flow_order);
 
-  EXPECT_CALL(proxy, SendCertificateRequest(
+  EXPECT_CALL(*proxy, SendCertificateRequest(
       cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest,
       _)).Times(1)
          .InSequence(flow_order);
@@ -114,7 +115,8 @@ TEST_F(AttestationFlowTest, GetCertificate) {
       &MockObserver::MockCertificateCallback,
       base::Unretained(&observer));
 
-  AttestationFlow flow(&async_caller, &client, &proxy);
+  scoped_ptr<ServerProxy> proxy_interface(proxy.release());
+  AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
   flow.GetCertificate("test", mock_callback);
   Run();
 }
@@ -130,7 +132,7 @@ TEST_F(AttestationFlowTest, GetCertificate_NoEK) {
       .WillRepeatedly(Invoke(DBusCallbackFalse));
 
   // We're not expecting any server calls in this case; StrictMock will verify.
-  StrictMock<MockServerProxy> proxy;
+  scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
 
   StrictMock<MockObserver> observer;
   EXPECT_CALL(observer, MockCertificateCallback(false, ""))
@@ -139,7 +141,8 @@ TEST_F(AttestationFlowTest, GetCertificate_NoEK) {
       &MockObserver::MockCertificateCallback,
       base::Unretained(&observer));
 
-  AttestationFlow flow(&async_caller, &client, &proxy);
+  scoped_ptr<ServerProxy> proxy_interface(proxy.release());
+  AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
   flow.GetCertificate("test", mock_callback);
   Run();
 }
@@ -154,9 +157,9 @@ TEST_F(AttestationFlowTest, GetCertificate_EKRejected) {
   EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
       .WillRepeatedly(Invoke(DBusCallbackFalse));
 
-  StrictMock<MockServerProxy> proxy;
-  proxy.DeferToFake(false);
-  EXPECT_CALL(proxy, SendEnrollRequest(
+  scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
+  proxy->DeferToFake(false);
+  EXPECT_CALL(*proxy, SendEnrollRequest(
       cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest,
       _)).Times(1);
 
@@ -167,7 +170,8 @@ TEST_F(AttestationFlowTest, GetCertificate_EKRejected) {
       &MockObserver::MockCertificateCallback,
       base::Unretained(&observer));
 
-  AttestationFlow flow(&async_caller, &client, &proxy);
+  scoped_ptr<ServerProxy> proxy_interface(proxy.release());
+  AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
   flow.GetCertificate("test", mock_callback);
   Run();
 }
@@ -187,9 +191,9 @@ TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) {
   EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
       .WillRepeatedly(Invoke(DBusCallbackFalse));
 
-  StrictMock<MockServerProxy> proxy;
-  proxy.DeferToFake(true);
-  EXPECT_CALL(proxy, SendEnrollRequest(
+  scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
+  proxy->DeferToFake(true);
+  EXPECT_CALL(*proxy, SendEnrollRequest(
       cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest,
       _)).Times(1);
 
@@ -199,7 +203,8 @@ TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) {
       &MockObserver::MockCertificateCallback,
       base::Unretained(&observer));
 
-  AttestationFlow flow(&async_caller, &client, &proxy);
+  scoped_ptr<ServerProxy> proxy_interface(proxy.release());
+  AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
   flow.GetCertificate("test", mock_callback);
   Run();
 }
@@ -225,9 +230,9 @@ TEST_F(AttestationFlowTest, GetOwnerCertificateAlreadyEnrolled) {
   EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
       .WillRepeatedly(Invoke(DBusCallbackTrue));
 
-  StrictMock<MockServerProxy> proxy;
-  proxy.DeferToFake(true);
-  EXPECT_CALL(proxy, SendCertificateRequest(
+  scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
+  proxy->DeferToFake(true);
+  EXPECT_CALL(*proxy, SendCertificateRequest(
       cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest,
       _)).Times(1);
 
@@ -239,7 +244,8 @@ TEST_F(AttestationFlowTest, GetOwnerCertificateAlreadyEnrolled) {
       &MockObserver::MockCertificateCallback,
       base::Unretained(&observer));
 
-  AttestationFlow flow(&async_caller, &client, &proxy);
+  scoped_ptr<ServerProxy> proxy_interface(proxy.release());
+  AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
   flow.GetCertificate("attest-ent-machine", mock_callback);
   Run();
 }
@@ -257,7 +263,7 @@ TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) {
       .WillRepeatedly(Invoke(DBusCallbackTrue));
 
   // We're not expecting any server calls in this case; StrictMock will verify.
-  StrictMock<MockServerProxy> proxy;
+  scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
 
   StrictMock<MockObserver> observer;
   EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1);
@@ -265,7 +271,8 @@ TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) {
       &MockObserver::MockCertificateCallback,
       base::Unretained(&observer));
 
-  AttestationFlow flow(&async_caller, &client, &proxy);
+  scoped_ptr<ServerProxy> proxy_interface(proxy.release());
+  AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
   flow.GetCertificate("test", mock_callback);
   Run();
 }
@@ -282,9 +289,9 @@ TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) {
   EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
       .WillRepeatedly(Invoke(DBusCallbackTrue));
 
-  StrictMock<MockServerProxy> proxy;
-  proxy.DeferToFake(false);
-  EXPECT_CALL(proxy, SendCertificateRequest(
+  scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
+  proxy->DeferToFake(false);
+  EXPECT_CALL(*proxy, SendCertificateRequest(
       cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest,
       _)).Times(1);
 
@@ -294,7 +301,8 @@ TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) {
       &MockObserver::MockCertificateCallback,
       base::Unretained(&observer));
 
-  AttestationFlow flow(&async_caller, &client, &proxy);
+  scoped_ptr<ServerProxy> proxy_interface(proxy.release());
+  AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
   flow.GetCertificate("test", mock_callback);
   Run();
 }
@@ -308,7 +316,7 @@ TEST_F(AttestationFlowTest, GetCertificate_FailIsEnrolled) {
       .WillRepeatedly(Invoke(DBusCallbackFail));
 
   // We're not expecting any server calls in this case; StrictMock will verify.
-  StrictMock<MockServerProxy> proxy;
+  scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
 
   StrictMock<MockObserver> observer;
   EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1);
@@ -316,7 +324,8 @@ TEST_F(AttestationFlowTest, GetCertificate_FailIsEnrolled) {
       &MockObserver::MockCertificateCallback,
       base::Unretained(&observer));
 
-  AttestationFlow flow(&async_caller, &client, &proxy);
+  scoped_ptr<ServerProxy> proxy_interface(proxy.release());
+  AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
   flow.GetCertificate("test", mock_callback);
   Run();
 }
diff --git a/chromeos/attestation/mock_attestation_flow.cc b/chromeos/attestation/mock_attestation_flow.cc
index 71de13e..b776899 100644
--- a/chromeos/attestation/mock_attestation_flow.cc
+++ b/chromeos/attestation/mock_attestation_flow.cc
@@ -4,6 +4,7 @@
 
 #include "chromeos/attestation/mock_attestation_flow.h"
 
+#include "base/memory/scoped_ptr.h"
 #include "testing/gmock/include/gmock/gmock.h"
 
 using testing::_;
@@ -42,5 +43,10 @@ MockObserver::MockObserver() {}
 
 MockObserver::~MockObserver() {}
 
+MockAttestationFlow::MockAttestationFlow()
+    : AttestationFlow(NULL, NULL, scoped_ptr<ServerProxy>()) {}
+
+MockAttestationFlow::~MockAttestationFlow() {}
+
 }  // namespace attestation
 }  // namespace chromeos
diff --git a/chromeos/attestation/mock_attestation_flow.h b/chromeos/attestation/mock_attestation_flow.h
index c9dc9d5..59462c54 100644
--- a/chromeos/attestation/mock_attestation_flow.h
+++ b/chromeos/attestation/mock_attestation_flow.h
@@ -2,6 +2,9 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
+#ifndef CHROMEOS_ATTESTATION_MOCK_ATTESTATION_FLOW_H_
+#define CHROMEOS_ATTESTATION_MOCK_ATTESTATION_FLOW_H_
+
 #include "chromeos/attestation/attestation_flow.h"
 
 #include "base/basictypes.h"
@@ -57,5 +60,16 @@ class MockObserver {
   MOCK_METHOD2(MockCertificateCallback, void(bool, const std::string&));
 };
 
+class MockAttestationFlow : public AttestationFlow {
+ public:
+  MockAttestationFlow();
+  virtual ~MockAttestationFlow();
+
+  MOCK_METHOD2(GetCertificate, void(const std::string&,
+                                    const CertificateCallback&));
+};
+
 }  // namespace attestation
 }  // namespace chromeos
+
+#endif  // CHROMEOS_ATTESTATION_MOCK_ATTESTATION_FLOW_H_
author	dkrahn@google.com <dkrahn@google.com@0039d316-1c4b-4281-b951-d872f2087c98>	2013-04-19 20:34:35 +0000
committer	dkrahn@google.com <dkrahn@google.com@0039d316-1c4b-4281-b951-d872f2087c98>	2013-04-19 20:34:35 +0000
commit	eda0a0b16697dab1fc2d45d6cfe38652044b88d5 (patch)
tree	f8448fcc9809fd7a001947a3b146c1b32a2eeb32 /chromeos/attestation
parent	450944caa9b0aaf7639a74ffc18b1afe057a873c (diff)
download	chromium_src-eda0a0b16697dab1fc2d45d6cfe38652044b88d5.zip chromium_src-eda0a0b16697dab1fc2d45d6cfe38652044b88d5.tar.gz chromium_src-eda0a0b16697dab1fc2d45d6cfe38652044b88d5.tar.bz2