Verify intent signatures.

chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java

Index: chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java
diff --git a/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java b/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java
index 99c2a0418e6c33bcb9d4d677230334e3549929bd..a8dec2e6983d9c71131fbbbc66c21903b0bdc038 100644
--- a/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java
+++ b/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java
@@ -28,8 +28,10 @@ import org.chromium.chrome.browser.util.UrlUtilities;
 import org.chromium.ui.base.PageTransition;
 
 import java.net.URI;
+import java.util.Collections;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 import java.util.concurrent.TimeUnit;
 
 /**
@@ -112,6 +114,10 @@ public class ExternalNavigationHandler {
             browserFallbackUrl = null;
         }
 
+        if (!intentPackageSignatureMatches(intent)) {
+            return OverrideUrlLoadingResult.NO_OVERRIDE;
+        }
+
         long time = SystemClock.elapsedRealtime();
         OverrideUrlLoadingResult result = shouldOverrideUrlLoadingInternal(
                 params, intent, hasBrowserFallbackUrl, browserFallbackUrl);
@@ -127,6 +133,63 @@ public class ExternalNavigationHandler {
         return result;
     }
 
+    /**
+     * When a custom scheme intent is trying to launch another application, verify the signature
+     * fingerprints of intent, if the fingerprint match fingerprints of target application, the
+     * intent should override, or it shouldn't.
+     *
+     * @param intent intent from url.
+     * @return boolean, true if the feature is not supported or url should override,
+     * false if the the intent should not override.
+     */

[please use gerrit instead, 2016/08/01 21:05:24]

/**
 * Check if the signature specified in the intent matches the signatures of
 * the package to launch.
 *
 * @param intent The intent to launch.
 * @return True if OK to launch the intent based on the signature.
 */

+    private boolean intentPackageSignatureMatches(Intent intent) {
+        //This feature is based on a custom scheme. Variable scheme is used to check whether
+        //the intent url has an extra custom scheme, if not, the feature won't work.

[please use gerrit instead, 2016/08/01 21:05:24]

Add a space after "//".

+        String scheme = intent.getData().getScheme();
+        String fragment = intent.getData().getFragment();
+        if (!TextUtils.isEmpty(scheme) && fragment != null && fragment.contains(";")) {
+            String[] parts = fragment.split(";");
+            Set<Set<String>> allFingerPrint256 = new HashSet<>();
+            //Consider that apks may have same package name but different keystores.
+            //1. An apk's signature may update and differ from old, so you may need config and
+            //support new and old signatures, but this is optional. (e.g. (1)only config new
+            //fingerprint. (2)only config old fingerprint.(3)config new and old fingerprint)
+            //2. An apk itself may contain more than one keystore to sign.
+            //e.g.suppose apk's new signatures are sha256_1 and sha256_2, old signature
+            //is sha256_3. You can config the intent like "...;sha256=sha256_1,sha256_2;..."
+            //or "...;sha256=sha256_1,sha256_2|sha256_3;..."

[please use gerrit instead, 2016/08/01 21:05:24]

Add a space after "//".

+            String pkgName = "";
+            String fingerPrint256 = "";
+            String[] fingerPrint256DifGroups;
+            for (int i = 0; i < parts.length; ++i) {
+                String[] part = parts[i].split("=");
+                if (part.length < 2) {
+                    return false;
+                }
+                if (part[0].equals("sha256")) {
+                    fingerPrint256 = part[1];
+                }
+                if (part[0].equals("package")) {
+                    pkgName = part[1];
+                }
+            }
+            if (!TextUtils.isEmpty(pkgName) && !TextUtils.isEmpty(fingerPrint256)) {
+                fingerPrint256DifGroups = fingerPrint256.split("\\|");
+                for (int i = 0; i < fingerPrint256DifGroups.length; ++i) {
+                    Set<String> fingerPrint256GroupSignKeySet = new HashSet<>();
+                    Collections.addAll(fingerPrint256GroupSignKeySet, fingerPrint256DifGroups[i]
+                            .split(","));
+                    allFingerPrint256.add(fingerPrint256GroupSignKeySet);
+                }
+                Set<String> fingerPrint256Set = mDelegate.getPackageSHA256Fingerprints(pkgName);
+                if (fingerPrint256Set == null || !allFingerPrint256.contains(fingerPrint256Set)) {
+                    return false;
+                }
+            }
+        }
+        return true;
+    }
+
     private boolean resolversSubsetOf(List<ResolveInfo> infos, List<ResolveInfo> container) {
         HashSet<ComponentName> containerSet = new HashSet<>();
         for (ResolveInfo info : container) {