暗号化された結果を値として "local" に追加します。<script type="application/json" cryptokeys=""> タグで囲まれた JSON オブジェクト内に鍵と値のペアを配置します。このタグをドキュメントの head に配置します。
<head>
...
<scripttype="application/json"cryptokeys="">
{
"local": ['y0^r$t^ff'], // This is for your environment
"google.com": ['g00g|e$t^ff'], // This is for Google's environment
}
</script>
…
</head>
ローカル環境と Google の公開鍵でドキュメント鍵を暗号化する必要があります。 Google の公開鍵を含めると、Google AMP キャッシュでドキュメントを提供できます。Tink 鍵セットをインスタンス化して、その URL から Google 公開鍵を受け入れる必要があります。
stringdecryptDocumentKey(stringencryptedKey,List<string>usersEntitlements,HybridDecrypthybridDecrypter){// 1. Base64 decode the input encrypted key.bytesencryptedKeyBytes=base64.decode(encryptedKey);// 2. Try to decrypt the encrypted key.bytesdecryptedKeyBytes;try{decryptedKeyBytes=hybridDecrypter.decrypt(encryptedKeyBytes,null/* contextInfo */);}catch(errore){// Decryption error occurred. Handle it how you want.LOG("Error occurred decrypting: ",e);return"";}// 3. Parse the decrypted text into a JSON object.stringdecryptedKey=newstring(decryptedKeyBytes,UTF_8);json::objectdecryptedParsedJson=JsonParser.parse(decryptedKey);// 4. Check to see if the requesting user has the entitlements specified in// the AccessRequirements section of the JSON object.for(entitlementinusersEntitlements){if(decryptedParsedJson["AccessRequirements"].contains(entitlement)){// 5. Return the document key if the user has entitlements.returndecryptedParsedJson["Key"];}}// User doesn't have correct requirements, return empty string.return"";}JsonResponsegetEntitlements(stringrequestUri){// Do normal handling of entitlements here…List<string>usersEntitlements=getUsersEntitlementInfo();// Check if request URI has "crypt" parameter.StringdocumentCrypt=requestUri.getQueryParameters().getFirst("crypt");// If URI has "crypt" param, try to decrypt it.stringdocumentKey;if(documentCrypt!=null){documentKey=decryptDocumentKey(documentCrypt,usersEntitlements,this.hybridDecrypter_);}// Construct JSON response.JsonResponseresponse=JsonResponse{signedEntitlements:getSignedEntitlements(),isReadyToPay:getIsReadyToPay(),};if(!documentKey.empty()){response.decryptedDocumentKey=documentKey;}returnresponse;}
We use cookies to understand how you use our site and to improve your experience. By continuing to use our site, you accept our use of cookies and privacy policy.