content/common/experiments/api_key.cc - Issue 1522813002: Add public key and signature verification to browser-side API keys

Side by Side Diff: content/common/experiments/api_key.cc

Issue 1522813002: Add public key and signature verification to browser-side API keys (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@keys

Patch Set: Addressing feedback from PS#12 Created 4 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/common/experiments/api_key.h"	5 #include "content/common/experiments/api_key.h"

6	6

	7 #include <openssl/curve25519.h>

	8

7 #include <vector>	9 #include <vector>

8	10

9 #include "base/base64.h"	11 #include "base/base64.h"

	12 #include "base/macros.h"

10 #include "base/strings/string_number_conversions.h"	13 #include "base/strings/string_number_conversions.h"

11 #include "base/strings/string_split.h"	14 #include "base/strings/string_split.h"

12 #include "base/strings/string_util.h"	15 #include "base/strings/string_util.h"

13 #include "base/strings/utf_string_conversions.h"	16 #include "base/strings/utf_string_conversions.h"

14 #include "base/time/time.h"	17 #include "base/time/time.h"

15 #include "url/origin.h"	18 #include "url/origin.h"

16	19

17 namespace content {	20 namespace content {

18	21

19 namespace {	22 namespace {

20	23

	24 // This is the default public key used for validating signatures.

	25 // TODO(iclelland): Move this to the embedder, and provide a mechanism to allow

	26 // for multiple signing keys. https://crbug.com/543220

	27 static const uint8_t kPublicKey[] = {

	28 0x7c, 0xc4, 0xb8, 0x9a, 0x93, 0xba, 0x6e, 0xe2, 0xd0, 0xfd, 0x03,

	29 0x1d, 0xfb, 0x32, 0x66, 0xc7, 0x3b, 0x72, 0xfd, 0x54, 0x3a, 0x07,

	30 0x51, 0x14, 0x66, 0xaa, 0x02, 0x53, 0x4e, 0x33, 0xa1, 0x15,

	31 };

	32

21 const char* kApiKeyFieldSeparator = "\|";	33 const char* kApiKeyFieldSeparator = "\|";

22 }	34

	35 } // namespace

23	36

24 ApiKey::~ApiKey() {}	37 ApiKey::~ApiKey() {}

25	38

26 scoped_ptr<ApiKey> ApiKey::Parse(const std::string& key_text) {	39 scoped_ptr<ApiKey> ApiKey::Parse(const std::string& key_text) {

27 if (key_text.empty()) {	40 if (key_text.empty()) {

28 return nullptr;	41 return nullptr;

29 }	42 }

30	43

31 // API Key should resemble:	44 // API Key should resemble:

32 // signature\|origin\|api_name\|expiry_timestamp	45 // signature\|origin\|api_name\|expiry_timestamp

	46 // TODO(iclelland): Add version code to API key format to identify key algo

	47 // https://crbug.com/570684

33 std::vector<std::string> parts =	48 std::vector<std::string> parts =

34 SplitString(key_text, kApiKeyFieldSeparator, base::KEEP_WHITESPACE,	49 SplitString(key_text, kApiKeyFieldSeparator, base::KEEP_WHITESPACE,

35 base::SPLIT_WANT_ALL);	50 base::SPLIT_WANT_ALL);

36 if (parts.size() != 4) {	51 if (parts.size() != 4) {

37 return nullptr;	52 return nullptr;

38 }	53 }

39	54

40 const std::string& signature = parts[0];	55 const std::string& signature = parts[0];

41 const std::string& origin_string = parts[1];	56 const std::string& origin_string = parts[1];

42 const std::string& api_name = parts[2];	57 const std::string& api_name = parts[2];

(...skipping 27 matching lines...) Expand all Loading...
70 origin_(origin),	85 origin_(origin),

71 api_name_(api_name),	86 api_name_(api_name),

72 expiry_timestamp_(expiry_timestamp) {}	87 expiry_timestamp_(expiry_timestamp) {}

73	88

74 bool ApiKey::IsAppropriate(const std::string& origin,	89 bool ApiKey::IsAppropriate(const std::string& origin,

75 const std::string& api_name) const {	90 const std::string& api_name) const {

76 return ValidateOrigin(origin) && ValidateApiName(api_name);	91 return ValidateOrigin(origin) && ValidateApiName(api_name);

77 }	92 }

78	93

79 bool ApiKey::IsValid(const base::Time& now) const {	94 bool ApiKey::IsValid(const base::Time& now) const {

80 // TODO(iclelland): Validate signature on key data here as well.	95 // TODO(iclelland): Allow for multiple signing keys, and iterate over all

81 // https://crbug.com/543215	96 // active keys here. https://crbug.com/543220

82 return ValidateDate(now);	97 return ValidateDate(now) &&

	98 ValidateSignature(base::StringPiece(

	99 reinterpret_cast<const char*>(kPublicKey), arraysize(kPublicKey)));

83 }	100 }

84	101

85 bool ApiKey::ValidateOrigin(const std::string& origin) const {	102 bool ApiKey::ValidateOrigin(const std::string& origin) const {

86 return GURL(origin) == origin_;	103 return GURL(origin) == origin_;

87 }	104 }

88	105

89 bool ApiKey::ValidateApiName(const std::string& api_name) const {	106 bool ApiKey::ValidateApiName(const std::string& api_name) const {

90 return base::EqualsCaseInsensitiveASCII(api_name, api_name_);	107 return base::EqualsCaseInsensitiveASCII(api_name, api_name_);

91 }	108 }

92	109

93 bool ApiKey::ValidateDate(const base::Time& now) const {	110 bool ApiKey::ValidateDate(const base::Time& now) const {

94 base::Time expiry_time = base::Time::FromDoubleT((double)expiry_timestamp_);	111 base::Time expiry_time = base::Time::FromDoubleT((double)expiry_timestamp_);

95 return expiry_time > now;	112 return expiry_time > now;

96 }	113 }

97	114

	115 bool ApiKey::ValidateSignature(const base::StringPiece& public_key) const {

	116 return ValidateSignature(signature_, data_, public_key);

	117 }

	118

	119 // static

	120 bool ApiKey::ValidateSignature(const std::string& signature_text,

	121 const std::string& data,

	122 const base::StringPiece& public_key) {

	123 // Public key must be 32 bytes long for Ed25519
	davidben 2016/01/13 20:50:39 Nit: Period at end. Nit: Period at end. iclelland 2016/01/13 21:30:11 Done. Show quoted text On 2016/01/13 20:50:39, davidben wrote: > Nit: Period at end. Done.
	124 DCHECK(public_key.length() == 32);
	davidben 2016/01/13 20:50:39 Nit: DCHECK_EQ. Or perhaps something that works at Nit: DCHECK_EQ. Or perhaps something that works at runtime (CHECK or return false) if you're planning that this be callable by other files. iclelland 2016/01/13 21:30:11 Done, thanks. Show quoted text On 2016/01/13 20:50:39, davidben wrote: > Nit: DCHECK_EQ. Or perhaps something that works at runtime (CHECK or return > false) if you're planning that this be callable by other files. Done, thanks.
	125

	126 std::string signature;

	127 // signature_text is base64-encoded; decode first.

	128 if (!base::Base64Decode(signature_text, &signature)) {

	129 return false;

	130 }

	131

	132 // Signature must be 64 bytes long

	133 if (signature.length() != 64) {

	134 return false;

	135 }

	136

	137 int result = ED25519_verify(

	138 reinterpret_cast<const uint8_t*>(data.data()), data.length(),

	139 reinterpret_cast<const uint8_t*>(signature.data()),

	140 reinterpret_cast<const uint8_t*>(public_key.data()));

	141 return (result != 0);

	142 }

	143

98 } // namespace content	144 } // namespace content

OLD	NEW

« no previous file with comments | « content/common/experiments/api_key.h ('k') | content/common/experiments/api_key_unittest.cc » ('j') | no next file with comments »