File: cloud_policy_constants.cc

package info (click to toggle)
chromium 139.0.7258.127-1
  • links: PTS, VCS
  • area: main
  • in suites:
  • size: 6,122,068 kB
  • sloc: cpp: 35,100,771; ansic: 7,163,530; javascript: 4,103,002; python: 1,436,920; asm: 946,517; xml: 746,709; pascal: 187,653; perl: 88,691; sh: 88,436; objc: 79,953; sql: 51,488; cs: 44,583; fortran: 24,137; makefile: 22,147; tcl: 15,277; php: 13,980; yacc: 8,984; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (178 lines) | stat: -rw-r--r-- 8,837 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
 
// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "components/policy/core/common/cloud/cloud_policy_constants.h"

#include <stdint.h>

#include "base/command_line.h"
#include "build/build_config.h"
#include "components/policy/core/common/policy_switches.h"

namespace policy {

// Constants related to the device management protocol.
namespace dm_protocol {

// Name constants for URL query parameters.
const char kParamAgent[] = "agent";
const char kParamAppType[] = "apptype";
const char kParamCritical[] = "critical";
const char kParamDeviceID[] = "deviceid";
const char kParamDeviceType[] = "devicetype";
const char kParamLastError[] = "lasterror";
const char kParamOAuthToken[] = "oauth_token";
const char kParamPlatform[] = "platform";
const char kParamRequest[] = "request";
const char kParamRetry[] = "retry";
const char kParamProfileID[] = "profileid";

// Policy constants used in authorization header.
const char kAuthHeader[] = "Authorization";
const char kServiceTokenAuthHeaderPrefix[] = "GoogleLogin auth=";
const char kDMTokenAuthHeaderPrefix[] = "GoogleDMToken token=";
const char kEnrollmentTokenAuthHeaderPrefix[] = "GoogleEnrollmentToken token=";
const char kOAuthTokenHeaderPrefix[] = "OAuth";
const char kOidcAuthHeaderPrefix[] = "GoogleDM3PAuth";
const char kOidcAuthTokenHeaderPrefix[] = " oauth_token=";
const char kOidcIdTokenHeaderPrefix[] = " id_token=";
const char kOidcEncryptedUserInfoPrefix[] = " encrypted_user_information=";

// String constants for the device and app type we report to the server.
const char kValueAppType[] = "Chrome";
const char kValueBrowserUploadPublicKey[] = "browser_public_key_upload";
const char kValueDeviceType[] = "2";
const char kValueRequestAutoEnrollment[] = "enterprise_check";
const char kValueRequestPsmHasDeviceState[] = "enterprise_psm_check";
const char kValueCheckUserAccount[] = "check_user_account";
const char kValueRequestPolicy[] = "policy";
const char kValueRequestRegister[] = "register";
const char kValueRequestRegisterProfile[] = "register_profile";
const char kValueRequestApiAuthorization[] = "api_authorization";
const char kValueRequestUnregister[] = "unregister";
const char kValueRequestUploadCertificate[] = "cert_upload";
const char kValueRequestUploadEuiccInfo[] = "upload_euicc_info";
const char kValueRequestDeviceStateRetrieval[] = "device_state_retrieval";
const char kValueRequestUploadStatus[] = "status_upload";
const char kValueRequestRemoteCommands[] = "remote_commands";
const char kValueRequestDeviceAttributeUpdatePermission[] =
    "device_attribute_update_permission";
const char kValueRequestDeviceAttributeUpdate[] = "device_attribute_update";
const char kValueRequestGcmIdUpdate[] = "gcm_id_update";
const char kValueRequestCheckAndroidManagement[] = "check_android_management";
const char kValueRequestCertBasedRegister[] = "certificate_based_register";
const char kValueRequestTokenBasedRegister[] = "token_based_register";
const char kValueRequestActiveDirectoryEnrollPlayUser[] =
    "active_directory_enroll_play_user";
const char kValueRequestActiveDirectoryPlayActivity[] =
    "active_directory_play_activity";
const char kValueRequestAppInstallReport[] = "app_install_report";
const char kValueRequestRegisterBrowser[] = "register_browser";
const char kValueRequestRegisterPolicyAgent[] = "register_policy_agent";
const char kValueRequestChromeDesktopReport[] = "chrome_desktop_report";
const char kValueRequestChromeOsUserReport[] = "chrome_os_user_report";
const char kValueRequestInitialEnrollmentStateRetrieval[] =
    "device_initial_enrollment_state";
const char kValueRequestUploadPolicyValidationReport[] =
    "policy_validation_report";
const char kValueRequestPublicSamlUser[] = "public_saml_user_request";
const char kValueRequestCertProvisioningRequest[] = "client_cert_provisioning";
const char kValueRequestChromeProfileReport[] = "chrome_profile_report";
const char kValueRequestFmRegistrationTokenUpload[] =
    "fm_registration_token_upload";
const char kValueRequestDeterminePromotionEligibility[] =
    "promotion_eligibility";

const char kChromeDevicePolicyType[] = "google/chromeos/device";
#if BUILDFLAG(IS_CHROMEOS)
const char kChromeUserPolicyType[] = "google/chromeos/user";
#elif BUILDFLAG(IS_ANDROID)
const char kChromeUserPolicyType[] = "google/android/user";
#elif BUILDFLAG(IS_IOS)
const char kChromeUserPolicyType[] = "google/ios/user";
#else
const char kChromeUserPolicyType[] = "google/chrome/user";
#endif
const char kChromePublicAccountPolicyType[] = "google/chromeos/publicaccount";
const char kChromeExtensionPolicyType[] = "google/chrome/extension";
const char kChromeSigninExtensionPolicyType[] =
    "google/chromeos/signinextension";

const char kChromeMachineLevelUserCloudPolicyType[] =
#if BUILDFLAG(IS_ANDROID)
    "google/chrome/machine-level-user-android";
#elif BUILDFLAG(IS_IOS)
    "google/chrome/machine-level-user-ios";
#else
    "google/chrome/machine-level-user";
#endif
const char kChromeMachineLevelExtensionCloudPolicyType[] =
    "google/chrome/machine-level-extension";
const char kChromeRemoteCommandPolicyType[] = "google/chromeos/remotecommand";

// A policy type which is expanded to google/machine-level-omaha,
// google/chrome/machine-level-user, and google/chrome/machine-level-extension
// on the server side. This type is used by policy agents (i.e. GoogleUpdater
// and Chrome Enterprise Companion App) on Linux, Mac, and Windows.
// TODO(b/361632880): Consider removing this if google/machine-level-omaha can
// be requested directly.
const char kGoogleUpdateMachineLevelAppsPolicyType[] =
    "google/machine-level-apps";

const char kGoogleUpdateMachineLevelOmahaPolicyType[] =
    "google/machine-level-omaha";

const char kChromeAshUserRemoteCommandType[] = "google/ash/user/remotecommand";
const char kChromeDeviceRemoteCommandType[] = "google/ash/device/remotecommand";
const char kChromeBrowserRemoteCommandType[] =
    "google/chrome/browser/remotecommand";
const char kChromeUserRemoteCommandType[] = "google/chrome/user/remotecommand";

const char kChromeMachineLevelUserCloudPolicyTypeBase64[] =
    "Z29vZ2xlL2Nocm9tZS9tYWNoaW5lLWxldmVsLXVzZXI=";

}  // namespace dm_protocol

const uint8_t kPolicyVerificationKey[] = {
    0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
    0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00,
    0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xA7, 0xB3, 0xF9,
    0x0D, 0xC7, 0xC7, 0x8D, 0x84, 0x3D, 0x4B, 0x80, 0xDD, 0x9A, 0x2F, 0xF8,
    0x69, 0xD4, 0xD1, 0x14, 0x5A, 0xCA, 0x04, 0x4B, 0x1C, 0xBC, 0x28, 0xEB,
    0x5E, 0x10, 0x01, 0x36, 0xFD, 0x81, 0xEB, 0xE4, 0x3C, 0x16, 0x40, 0xA5,
    0x8A, 0xE6, 0x08, 0xEE, 0xEF, 0x39, 0x1F, 0x6B, 0x10, 0x29, 0x50, 0x84,
    0xCE, 0xEE, 0x33, 0x5C, 0x48, 0x4A, 0x33, 0xB0, 0xC8, 0x8A, 0x66, 0x0D,
    0x10, 0x11, 0x9D, 0x6B, 0x55, 0x4C, 0x9A, 0x62, 0x40, 0x9A, 0xE2, 0xCA,
    0x21, 0x01, 0x1F, 0x10, 0x1E, 0x7B, 0xC6, 0x89, 0x94, 0xDA, 0x39, 0x69,
    0xBE, 0x27, 0x28, 0x50, 0x5E, 0xA2, 0x55, 0xB9, 0x12, 0x3C, 0x79, 0x6E,
    0xDF, 0x24, 0xBF, 0x34, 0x88, 0xF2, 0x5E, 0xD0, 0xC4, 0x06, 0xEE, 0x95,
    0x6D, 0xC2, 0x14, 0xBF, 0x51, 0x7E, 0x3F, 0x55, 0x10, 0x85, 0xCE, 0x33,
    0x8F, 0x02, 0x87, 0xFC, 0xD2, 0xDD, 0x42, 0xAF, 0x59, 0xBB, 0x69, 0x3D,
    0xBC, 0x77, 0x4B, 0x3F, 0xC7, 0x22, 0x0D, 0x5F, 0x72, 0xC7, 0x36, 0xB6,
    0x98, 0x3D, 0x03, 0xCD, 0x2F, 0x68, 0x61, 0xEE, 0xF4, 0x5A, 0xF5, 0x07,
    0xAE, 0xAE, 0x79, 0xD1, 0x1A, 0xB2, 0x38, 0xE0, 0xAB, 0x60, 0x5C, 0x0C,
    0x14, 0xFE, 0x44, 0x67, 0x2C, 0x8A, 0x08, 0x51, 0x9C, 0xCD, 0x3D, 0xDB,
    0x13, 0x04, 0x57, 0xC5, 0x85, 0xB6, 0x2A, 0x0F, 0x02, 0x46, 0x0D, 0x2D,
    0xCA, 0xE3, 0x3F, 0x84, 0x9E, 0x8B, 0x8A, 0x5F, 0xFC, 0x4D, 0xAA, 0xBE,
    0xBD, 0xE6, 0x64, 0x9F, 0x26, 0x9A, 0x2B, 0x97, 0x69, 0xA9, 0xBA, 0x0B,
    0xBD, 0x48, 0xE4, 0x81, 0x6B, 0xD4, 0x4B, 0x78, 0xE6, 0xAF, 0x95, 0x66,
    0xC1, 0x23, 0xDA, 0x23, 0x45, 0x36, 0x6E, 0x25, 0xF3, 0xC7, 0xC0, 0x61,
    0xFC, 0xEC, 0x66, 0x9D, 0x31, 0xD4, 0xD6, 0xB6, 0x36, 0xE3, 0x7F, 0x81,
    0x87, 0x02, 0x03, 0x01, 0x00, 0x01};

const char kPolicyVerificationKeyHash[] = "1:356l7w";

const char kDemoModeDomain[] = "cros-demo-mode.com";

std::string GetPolicyVerificationKey() {
  return std::string(reinterpret_cast<const char*>(kPolicyVerificationKey),
                     sizeof(kPolicyVerificationKey));
}
// Notes from the past: When the key is rotated in the future, the old one may
// still worth being kept to verified any existing policy cache so that browser
// can load it one last time. However, it really depends on the reason of the
// rotation. From a different angle, if a key is no longer trusted, so should
// anything bound to it.

}  // namespace policy