summaryrefslogtreecommitdiffstats
path: root/components
diff options
context:
space:
mode:
authorbartfab@chromium.org <bartfab@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2014-01-23 16:42:33 +0000
committerbartfab@chromium.org <bartfab@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2014-01-23 16:42:33 +0000
commite9c42b37faeddeb37de40b0b96074f177cf50114 (patch)
tree7da95ec3f6327d66f1122597b262e6ed4bc7fb73 /components
parente64211bd21cfa560b1d1b49bb136e75b8d54715d (diff)
downloadchromium_src-e9c42b37faeddeb37de40b0b96074f177cf50114.zip
chromium_src-e9c42b37faeddeb37de40b0b96074f177cf50114.tar.gz
chromium_src-e9c42b37faeddeb37de40b0b96074f177cf50114.tar.bz2
Switch ExternalPolicyDataUpdater from SHA-1 to SHA-256
This CL switches the hash algorithm used by ExternalPolicyDataUpdater from SHA-1 to SHA-256. Since neither of the two features using this code (policy for extensions and the UserAvatar Image policy) has been released yet, there is no need for backwards compatibility. BUG=336874 TEST=Updated tests Review URL: https://codereview.chromium.org/135973006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@246615 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'components')
-rw-r--r--components/policy/core/common/cloud/component_cloud_policy_service_unittest.cc7
-rw-r--r--components/policy/core/common/cloud/component_cloud_policy_store.cc5
-rw-r--r--components/policy/core/common/cloud/component_cloud_policy_store_unittest.cc6
-rw-r--r--components/policy/core/common/cloud/component_cloud_policy_updater_unittest.cc6
-rw-r--r--components/policy/core/common/cloud/external_policy_data_updater.cc4
-rw-r--r--components/policy/core/common/cloud/external_policy_data_updater_unittest.cc4
-rw-r--r--components/policy/resources/policy_templates.json4
7 files changed, 19 insertions, 17 deletions
diff --git a/components/policy/core/common/cloud/component_cloud_policy_service_unittest.cc b/components/policy/core/common/cloud/component_cloud_policy_service_unittest.cc
index 5ff6e89..9c1dd11 100644
--- a/components/policy/core/common/cloud/component_cloud_policy_service_unittest.cc
+++ b/components/policy/core/common/cloud/component_cloud_policy_service_unittest.cc
@@ -11,7 +11,6 @@
#include "base/files/scoped_temp_dir.h"
#include "base/message_loop/message_loop.h"
#include "base/run_loop.h"
-#include "base/sha1.h"
#include "base/single_thread_task_runner.h"
#include "base/stl_util.h"
#include "base/values.h"
@@ -25,6 +24,7 @@
#include "components/policy/core/common/policy_types.h"
#include "components/policy/core/common/schema.h"
#include "components/policy/core/common/schema_map.h"
+#include "crypto/sha2.h"
#include "net/url_request/test_url_fetcher_factory.h"
#include "net/url_request/url_fetcher_delegate.h"
#include "net/url_request/url_request_context.h"
@@ -132,7 +132,7 @@ class ComponentCloudPolicyServiceTest : public testing::Test {
dm_protocol::kChromeExtensionPolicyType);
builder_.policy_data().set_settings_entity_id(kTestExtension);
builder_.payload().set_download_url(kTestDownload);
- builder_.payload().set_secure_hash(base::SHA1HashString(kTestPolicy));
+ builder_.payload().set_secure_hash(crypto::SHA256HashString(kTestPolicy));
expected_policy_.Set("Name", POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
base::Value::CreateStringValue("disabled"), NULL);
@@ -529,7 +529,8 @@ TEST_F(ComponentCloudPolicyServiceTest, SignOut) {
TEST_F(ComponentCloudPolicyServiceTest, LoadInvalidPolicyFromCache) {
// Put the invalid test policy in the cache. One of its policies will be
// loaded, the other should be filtered out by the schema.
- builder_.payload().set_secure_hash(base::SHA1HashString(kInvalidTestPolicy));
+ builder_.payload().set_secure_hash(
+ crypto::SHA256HashString(kInvalidTestPolicy));
EXPECT_TRUE(cache_->Store(
"extension-policy", kTestExtension, CreateSerializedResponse()));
EXPECT_TRUE(cache_->Store(
diff --git a/components/policy/core/common/cloud/component_cloud_policy_store.cc b/components/policy/core/common/cloud/component_cloud_policy_store.cc
index 7d2c6a1..e55688b 100644
--- a/components/policy/core/common/cloud/component_cloud_policy_store.cc
+++ b/components/policy/core/common/cloud/component_cloud_policy_store.cc
@@ -7,13 +7,13 @@
#include "base/callback.h"
#include "base/json/json_reader.h"
#include "base/logging.h"
-#include "base/sha1.h"
#include "base/strings/string_util.h"
#include "base/values.h"
#include "components/policy/core/common/cloud/cloud_policy_constants.h"
#include "components/policy/core/common/cloud/cloud_policy_validator.h"
#include "components/policy/core/common/external_data_fetcher.h"
#include "components/policy/core/common/policy_map.h"
+#include "crypto/sha2.h"
#include "policy/proto/chrome_extension_policy.pb.h"
#include "policy/proto/device_management_backend.pb.h"
#include "url/gurl.h"
@@ -317,7 +317,8 @@ bool ComponentCloudPolicyStore::ValidateData(
const std::string& data,
const std::string& secure_hash,
PolicyMap* policy) {
- return base::SHA1HashString(data) == secure_hash && ParsePolicy(data, policy);
+ return crypto::SHA256HashString(data) == secure_hash &&
+ ParsePolicy(data, policy);
}
bool ComponentCloudPolicyStore::ParsePolicy(const std::string& data,
diff --git a/components/policy/core/common/cloud/component_cloud_policy_store_unittest.cc b/components/policy/core/common/cloud/component_cloud_policy_store_unittest.cc
index 66dee41..2f8d1ea 100644
--- a/components/policy/core/common/cloud/component_cloud_policy_store_unittest.cc
+++ b/components/policy/core/common/cloud/component_cloud_policy_store_unittest.cc
@@ -12,12 +12,12 @@
#include "base/callback.h"
#include "base/files/scoped_temp_dir.h"
#include "base/memory/ref_counted.h"
-#include "base/sha1.h"
#include "base/test/test_simple_task_runner.h"
#include "components/policy/core/common/cloud/cloud_policy_constants.h"
#include "components/policy/core/common/cloud/policy_builder.h"
#include "components/policy/core/common/cloud/resource_cache.h"
#include "components/policy/core/common/external_data_fetcher.h"
+#include "crypto/sha2.h"
#include "policy/proto/chrome_extension_policy.pb.h"
#include "policy/proto/device_management_backend.pb.h"
#include "testing/gmock/include/gmock/gmock.h"
@@ -45,7 +45,7 @@ const char kTestPolicy[] =
"}";
std::string TestPolicyHash() {
- return base::SHA1HashString(kTestPolicy);
+ return crypto::SHA256HashString(kTestPolicy);
}
bool NotEqual(const std::string& expected, const std::string& key) {
@@ -231,7 +231,7 @@ TEST_F(ComponentCloudPolicyStoreTest, StoreAndLoad) {
// Store policy with invalid JSON data.
static const char kInvalidData[] = "{ not json }";
- const std::string invalid_data_hash = base::SHA1HashString(kInvalidData);
+ const std::string invalid_data_hash = crypto::SHA256HashString(kInvalidData);
builder_.payload().set_secure_hash(invalid_data_hash);
EXPECT_FALSE(store_->Store(
ns, CreateSerializedResponse(), invalid_data_hash, kInvalidData));
diff --git a/components/policy/core/common/cloud/component_cloud_policy_updater_unittest.cc b/components/policy/core/common/cloud/component_cloud_policy_updater_unittest.cc
index b6cee89..5463747 100644
--- a/components/policy/core/common/cloud/component_cloud_policy_updater_unittest.cc
+++ b/components/policy/core/common/cloud/component_cloud_policy_updater_unittest.cc
@@ -8,7 +8,6 @@
#include "base/compiler_specific.h"
#include "base/files/scoped_temp_dir.h"
#include "base/sequenced_task_runner.h"
-#include "base/sha1.h"
#include "base/test/test_simple_task_runner.h"
#include "base/values.h"
#include "components/policy/core/common/cloud/cloud_policy_constants.h"
@@ -20,6 +19,7 @@
#include "components/policy/core/common/policy_bundle.h"
#include "components/policy/core/common/policy_map.h"
#include "components/policy/core/common/policy_types.h"
+#include "crypto/sha2.h"
#include "net/url_request/test_url_fetcher_factory.h"
#include "net/url_request/url_fetcher_delegate.h"
#include "net/url_request/url_request_context_getter.h"
@@ -104,7 +104,7 @@ void ComponentCloudPolicyUpdaterTest::SetUp() {
dm_protocol::kChromeExtensionPolicyType);
builder_.policy_data().set_settings_entity_id(kTestExtension);
builder_.payload().set_download_url(kTestDownload);
- builder_.payload().set_secure_hash(base::SHA1HashString(kTestPolicy));
+ builder_.payload().set_secure_hash(crypto::SHA256HashString(kTestPolicy));
PolicyNamespace ns(POLICY_DOMAIN_EXTENSIONS, kTestExtension);
PolicyMap& policy = expected_bundle_.Get(ns);
@@ -205,7 +205,7 @@ TEST_F(ComponentCloudPolicyUpdaterTest, AlreadyCached) {
EXPECT_CALL(store_delegate_, OnComponentCloudPolicyStoreUpdated());
EXPECT_TRUE(store_->Store(ns,
builder_.GetBlob(),
- base::SHA1HashString(kTestPolicy),
+ crypto::SHA256HashString(kTestPolicy),
kTestPolicy));
Mock::VerifyAndClearExpectations(&store_delegate_);
diff --git a/components/policy/core/common/cloud/external_policy_data_updater.cc b/components/policy/core/common/cloud/external_policy_data_updater.cc
index e584470..e3039b0 100644
--- a/components/policy/core/common/cloud/external_policy_data_updater.cc
+++ b/components/policy/core/common/cloud/external_policy_data_updater.cc
@@ -10,9 +10,9 @@
#include "base/location.h"
#include "base/logging.h"
#include "base/sequenced_task_runner.h"
-#include "base/sha1.h"
#include "base/stl_util.h"
#include "components/policy/core/common/cloud/external_policy_data_fetcher.h"
+#include "crypto/sha2.h"
#include "net/base/backoff_entry.h"
#include "url/gurl.h"
@@ -254,7 +254,7 @@ void ExternalPolicyDataUpdater::FetchJob::OnFetchFinished(
break;
}
- if (base::SHA1HashString(*data) != request_.hash) {
+ if (crypto::SHA256HashString(*data) != request_.hash) {
// Received |data| does not match expected hash. This may be because the
// data being served is stale. Try again much later.
OnFailed(&retry_much_later_entry_);
diff --git a/components/policy/core/common/cloud/external_policy_data_updater_unittest.cc b/components/policy/core/common/cloud/external_policy_data_updater_unittest.cc
index 4a45be2..284eb2a 100644
--- a/components/policy/core/common/cloud/external_policy_data_updater_unittest.cc
+++ b/components/policy/core/common/cloud/external_policy_data_updater_unittest.cc
@@ -9,11 +9,11 @@
#include "base/callback.h"
#include "base/compiler_specific.h"
#include "base/memory/scoped_ptr.h"
-#include "base/sha1.h"
#include "base/test/test_pending_task.h"
#include "base/test/test_simple_task_runner.h"
#include "base/time/time.h"
#include "components/policy/core/common/cloud/external_policy_data_fetcher.h"
+#include "crypto/sha2.h"
#include "net/base/net_errors.h"
#include "net/url_request/test_url_fetcher_factory.h"
#include "net/url_request/url_fetcher_delegate.h"
@@ -109,7 +109,7 @@ ExternalPolicyDataUpdater::Request
ExternalPolicyDataUpdaterTest::CreateRequest(const std::string& url) const {
return ExternalPolicyDataUpdater::Request(
url,
- base::SHA1HashString(kExternalPolicyDataPayload),
+ crypto::SHA256HashString(kExternalPolicyDataPayload),
kExternalPolicyDataMaxSize);
}
diff --git a/components/policy/resources/policy_templates.json b/components/policy/resources/policy_templates.json
index eca3c68..b361a22 100644
--- a/components/policy/resources/policy_templates.json
+++ b/components/policy/resources/policy_templates.json
@@ -5899,7 +5899,7 @@
'hash': { "type": "string" }
},
},
- 'supported_on': ['chrome_os:33-'],
+ 'supported_on': ['chrome_os:34-'],
'features': {
'dynamic_refresh': True,
'per_profile': True,
@@ -5923,7 +5923,7 @@
"type": "string"
},
"hash": {
- "description": "The SHA-1 hash of the avatar image.",
+ "description": "The SHA-256 hash of the avatar image.",
"type": "string"
}
}
generated by cgit v1.1 at 2025-02-07 19:16:19 +0000