Add public key and signature verification to browser-side API keys

content/common/experiments/api_key.h

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CONTENT_COMMON_EXPERIMENTS_API_KEY_H_
 #define CONTENT_COMMON_EXPERIMENTS_API_KEY_H_
 
 #include <string>
 
 #include "base/memory/scoped_ptr.h"
@@ skipping 38 matching lines @@
   GURL origin() { return origin_; }
   std::string api_name() { return api_name_; }
   uint64_t expiry_timestamp() { return expiry_timestamp_; }
 
  protected:
   friend class ApiKeyTest;
 
   bool ValidateOrigin(const std::string& origin) const;
   bool ValidateApiName(const std::string& api_name) const;
   bool ValidateDate(const base::Time& now) const;
+  bool ValidateSignature(const uint8_t* public_key,
+                         size_t public_key_length) const;
+
+  static bool ValidateSignature(const std::string& signature_text,
+                                const std::string& data,
+                                const uint8_t* public_key,
+                                size_t public_key_length);
 
  private:
   ApiKey(const std::string& signature,
          const std::string& data,
          const GURL& origin,
          const std::string& api_name,
          uint64_t expiry_timestamp);
 
   // The base64-encoded-signature portion of the key. For the key to be valid,
   // this must be a valid signature for the data portion of the key, as verified
@@ skipping 11 matching lines @@
   std::string api_name_;
 
   // The time until which this key should be considered valid, in UTC, as
   // seconds since the Unix epoch.
   uint64_t expiry_timestamp_;
 };
 
 }  // namespace content
 
 #endif  // CONTENT_COMMON_EXPERIMENTS_API_KEY_H_