Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(256)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/experiments/api_key.cc

Issue 1563903002: Add public key and signature verification to browser-side API keys Base URL: https://chromium.googlesource.com/chromium/src.git@keys
Patch Set: Created 4 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/common/experiments/api_key.h ('k') | content/common/experiments/api_key_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/common/experiments/api_key.h" 5 #include "content/common/experiments/api_key.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/base64.h" 9 #include "base/base64.h"
10 #include "base/strings/string_number_conversions.h" 10 #include "base/strings/string_number_conversions.h"
11 #include "base/strings/string_split.h" 11 #include "base/strings/string_split.h"
12 #include "base/strings/string_util.h" 12 #include "base/strings/string_util.h"
13 #include "base/strings/utf_string_conversions.h" 13 #include "base/strings/utf_string_conversions.h"
14 #include "base/time/time.h" 14 #include "base/time/time.h"
15 #include "url/origin.h" 15 #include "url/origin.h"
16 16
17 namespace content { 17 namespace content {
18 18
19 namespace { 19 namespace {
20 20
21 const char* kApiKeyFieldSeparator = "|"; 21 const char* kApiKeyFieldSeparator = "|";
22 } 22
23 } // namespace
23 24
24 ApiKey::~ApiKey() {} 25 ApiKey::~ApiKey() {}
25 26
26 scoped_ptr<ApiKey> ApiKey::Parse(const std::string& key_text) { 27 scoped_ptr<ApiKey> ApiKey::Parse(const std::string& key_text) {
27 if (key_text.empty()) { 28 if (key_text.empty()) {
28 return nullptr; 29 return nullptr;
29 } 30 }
30 31
31 // API Key should resemble: 32 // API Key should resemble:
32 // signature|origin|api_name|expiry_timestamp 33 // signature|origin|api_name|expiry_timestamp
34 // TODO(iclelland): Add version code to API key format to identify key algo
35 // https://crbug.com/570684
33 std::vector<std::string> parts = 36 std::vector<std::string> parts =
34 SplitString(key_text, kApiKeyFieldSeparator, base::KEEP_WHITESPACE, 37 SplitString(key_text, kApiKeyFieldSeparator, base::KEEP_WHITESPACE,
35 base::SPLIT_WANT_ALL); 38 base::SPLIT_WANT_ALL);
36 if (parts.size() != 4) { 39 if (parts.size() != 4) {
37 return nullptr; 40 return nullptr;
38 } 41 }
39 42
40 const std::string& signature = parts[0]; 43 const std::string& signature = parts[0];
41 const std::string& origin_string = parts[1]; 44 const std::string& origin_string = parts[1];
42 const std::string& api_name = parts[2]; 45 const std::string& api_name = parts[2];
(...skipping 26 matching lines...) Expand all
69 data_(data), 72 data_(data),
70 origin_(origin), 73 origin_(origin),
71 api_name_(api_name), 74 api_name_(api_name),
72 expiry_timestamp_(expiry_timestamp) {} 75 expiry_timestamp_(expiry_timestamp) {}
73 76
74 bool ApiKey::IsAppropriate(const std::string& origin, 77 bool ApiKey::IsAppropriate(const std::string& origin,
75 const std::string& api_name) const { 78 const std::string& api_name) const {
76 return ValidateOrigin(origin) && ValidateApiName(api_name); 79 return ValidateOrigin(origin) && ValidateApiName(api_name);
77 } 80 }
78 81
79 bool ApiKey::IsValid(const base::Time& now) const {
80 // TODO(iclelland): Validate signature on key data here as well.
81 // https://crbug.com/543215
82 return ValidateDate(now);
83 }
84
85 bool ApiKey::ValidateOrigin(const std::string& origin) const { 82 bool ApiKey::ValidateOrigin(const std::string& origin) const {
86 return GURL(origin) == origin_; 83 return GURL(origin) == origin_;
87 } 84 }
88 85
89 bool ApiKey::ValidateApiName(const std::string& api_name) const { 86 bool ApiKey::ValidateApiName(const std::string& api_name) const {
90 return base::EqualsCaseInsensitiveASCII(api_name, api_name_); 87 return base::EqualsCaseInsensitiveASCII(api_name, api_name_);
91 } 88 }
92 89
93 bool ApiKey::ValidateDate(const base::Time& now) const { 90 bool ApiKey::ValidateDate(const base::Time& now) const {
94 base::Time expiry_time = base::Time::FromDoubleT((double)expiry_timestamp_); 91 base::Time expiry_time = base::Time::FromDoubleT((double)expiry_timestamp_);
95 return expiry_time > now; 92 return expiry_time > now;
96 } 93 }
97 94
98 } // namespace content 95 } // namespace content
OLDNEW
« no previous file with comments | « content/common/experiments/api_key.h ('k') | content/common/experiments/api_key_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698