Chromium Code Reviews Chromium Code Reviews
Issue 1522813002:
Add public key and signature verification to browser-side API keys (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@keys| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_BROWSER_EXPERIMENTS_API_KEY_H_ | 5 #ifndef CONTENT_BROWSER_EXPERIMENTS_API_KEY_H_ |
| 6 #define CONTENT_BROWSER_EXPERIMENTS_API_KEY_H_ | 6 #define CONTENT_BROWSER_EXPERIMENTS_API_KEY_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/time/time.h" | 10 #include "base/time/time.h" |
| (...skipping 21 matching lines...) Expand all Loading... | |
| 32 | 32 |
| 33 // Returns true if this API key has a valid signature, and has not expired. | 33 // Returns true if this API key has a valid signature, and has not expired. |
| 34 bool IsValidNow(const base::Time& now) const; | 34 bool IsValidNow(const base::Time& now) const; |
| 35 | 35 |
| 36 std::string signature() { return signature_; } | 36 std::string signature() { return signature_; } |
| 37 std::string data() { return data_; } | 37 std::string data() { return data_; } |
| 38 GURL origin() { return origin_; } | 38 GURL origin() { return origin_; } |
| 39 std::string api_name() { return api_name_; } | 39 std::string api_name() { return api_name_; } |
| 40 uint64_t expiry_timestamp() { return expiry_timestamp_; } | 40 uint64_t expiry_timestamp() { return expiry_timestamp_; } |
| 41 | 41 |
| 42 protected: | |
| 43 friend class ApiKeyTest; | |
| 44 | |
| 45 bool ValidateDate(const base::Time& now) const; | |
| 46 bool ValidateSignature(const char* publicKeyPEM) const; | |
|
davidben
2015/12/18 22:23:17
public_key_pem
iclelland
2015/12/22 05:45:28
Done. Actually changed to uint8_t* public_key (dro
| |
| 47 | |
| 48 static bool ValidateSignature(const std::string& signatureText, | |
|
davidben
2015/12/18 22:23:17
signature_text
iclelland
2015/12/22 05:45:28
Done.
| |
| 49 const std::string& data, | |
| 50 const char* publicKeyPEM); | |
|
davidben
2015/12/18 22:23:17
public_key_pem
iclelland
2015/12/22 05:45:28
Done.
| |
| 51 | |
| 42 private: | 52 private: |
| 43 ApiKey(); | 53 ApiKey(); |
| 44 ApiKey(const std::string& signature, | 54 ApiKey(const std::string& signature, |
| 45 const std::string& data, | 55 const std::string& data, |
| 46 const GURL& origin, | 56 const GURL& origin, |
| 47 const std::string& api_name, | 57 const std::string& api_name, |
| 48 uint64_t expiry_timestamp); | 58 uint64_t expiry_timestamp); |
| 49 | 59 |
| 50 // The base64-encoded-signature portion of the key. For the key to be valid, | 60 // The base64-encoded-signature portion of the key. For the key to be valid, |
| 51 // this must be a valid signature for the data portion of the key, as verified | 61 // this must be a valid signature for the data portion of the key, as verified |
| (...skipping 10 matching lines...) Expand all Loading... | |
| 62 // The name of the API experiment which this key enables | 72 // The name of the API experiment which this key enables |
| 63 std::string api_name_; | 73 std::string api_name_; |
| 64 | 74 |
| 65 // The time until which this key should be considered valid, in UTC, as | 75 // The time until which this key should be considered valid, in UTC, as |
| 66 // seconds since the Unix epoch. | 76 // seconds since the Unix epoch. |
| 67 uint64_t expiry_timestamp_; | 77 uint64_t expiry_timestamp_; |
| 68 }; | 78 }; |
| 69 | 79 |
| 70 } // namespace | 80 } // namespace |
| 71 #endif // CONTENT_BROWSER_EXPERIMENTS_API_KEY_H_ | 81 #endif // CONTENT_BROWSER_EXPERIMENTS_API_KEY_H_ |
| OLD | NEW |
