1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_
6 #define NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_
12 #include "base/basictypes.h"
13 #include "base/gtest_prod_util.h"
14 #include "base/memory/ref_counted.h"
15 #include "base/threading/non_thread_safe.h"
16 #include "net/base/completion_callback.h"
17 #include "net/base/expiring_cache.h"
18 #include "net/base/hash_value.h"
19 #include "net/base/net_export.h"
20 #include "net/cert/cert_database.h"
21 #include "net/cert/cert_verifier.h"
22 #include "net/cert/cert_verify_result.h"
23 #include "net/cert/x509_cert_types.h"
27 class CertTrustAnchorProvider
;
28 class CertVerifierJob
;
29 class CertVerifierRequest
;
30 class CertVerifierWorker
;
33 // MultiThreadedCertVerifier is a CertVerifier implementation that runs
34 // synchronous CertVerifier implementations on worker threads.
35 class NET_EXPORT_PRIVATE MultiThreadedCertVerifier
36 : public CertVerifier
,
37 NON_EXPORTED_BASE(public base::NonThreadSafe
),
38 public CertDatabase::Observer
{
40 explicit MultiThreadedCertVerifier(CertVerifyProc
* verify_proc
);
42 // When the verifier is destroyed, all certificate verifications requests are
43 // canceled, and their completion callbacks will not be called.
44 ~MultiThreadedCertVerifier() override
;
46 // Configures a source of additional certificates that should be treated as
47 // trust anchors during verification, provided that the underlying
48 // CertVerifyProc supports additional trust beyond the default implementation.
49 // The CertTrustAnchorProvider will only be accessed on the same
50 // thread that Verify() is called on; that is, it will not be
51 // accessed from worker threads.
52 // It must outlive the MultiThreadedCertVerifier.
53 void SetCertTrustAnchorProvider(
54 CertTrustAnchorProvider
* trust_anchor_provider
);
56 // CertVerifier implementation
57 int Verify(X509Certificate
* cert
,
58 const std::string
& hostname
,
61 CertVerifyResult
* verify_result
,
62 const CompletionCallback
& callback
,
63 CertVerifier::RequestHandle
* out_req
,
64 const BoundNetLog
& net_log
) override
;
66 void CancelRequest(CertVerifier::RequestHandle req
) override
;
69 friend class CertVerifierWorker
; // Calls HandleResult.
70 friend class CertVerifierRequest
;
71 friend class CertVerifierJob
;
72 friend class MultiThreadedCertVerifierTest
;
73 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest
, CacheHit
);
74 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest
, DifferentCACerts
);
75 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest
, InflightJoin
);
76 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest
, CancelRequest
);
77 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest
,
78 RequestParamsComparators
);
79 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest
,
80 CertTrustAnchorProvider
);
82 // Input parameters of a certificate verification request.
83 struct NET_EXPORT_PRIVATE RequestParams
{
84 RequestParams(const SHA1HashValue
& cert_fingerprint_arg
,
85 const SHA1HashValue
& ca_fingerprint_arg
,
86 const std::string
& hostname_arg
,
88 const CertificateList
& additional_trust_anchors
);
91 bool operator<(const RequestParams
& other
) const;
95 std::vector
<SHA1HashValue
> hash_values
;
98 // CachedResult contains the result of a certificate verification.
99 struct NET_EXPORT_PRIVATE CachedResult
{
103 int error
; // The return value of CertVerifier::Verify.
104 CertVerifyResult result
; // The output of CertVerifier::Verify.
107 // Rather than having a single validity point along a monotonically increasing
108 // timeline, certificate verification is based on falling within a range of
109 // the certificate's NotBefore and NotAfter and based on what the current
110 // system clock says (which may advance forwards or backwards as users correct
111 // clock skew). CacheValidityPeriod and CacheExpirationFunctor are helpers to
112 // ensure that expiration is measured both by the 'general' case (now + cache
113 // TTL) and by whether or not significant enough clock skew was introduced
114 // since the last verification.
115 struct CacheValidityPeriod
{
116 explicit CacheValidityPeriod(const base::Time
& now
);
117 CacheValidityPeriod(const base::Time
& now
, const base::Time
& expiration
);
119 base::Time verification_time
;
120 base::Time expiration_time
;
123 struct CacheExpirationFunctor
{
124 // Returns true iff |now| is within the validity period of |expiration|.
125 bool operator()(const CacheValidityPeriod
& now
,
126 const CacheValidityPeriod
& expiration
) const;
129 typedef ExpiringCache
<RequestParams
, CachedResult
, CacheValidityPeriod
,
130 CacheExpirationFunctor
> CertVerifierCache
;
132 void HandleResult(X509Certificate
* cert
,
133 const std::string
& hostname
,
135 const CertificateList
& additional_trust_anchors
,
137 const CertVerifyResult
& verify_result
);
139 // CertDatabase::Observer methods:
140 void OnCACertChanged(const X509Certificate
* cert
) override
;
143 void ClearCache() { cache_
.Clear(); }
144 size_t GetCacheSize() const { return cache_
.size(); }
145 uint64
cache_hits() const { return cache_hits_
; }
146 uint64
requests() const { return requests_
; }
147 uint64
inflight_joins() const { return inflight_joins_
; }
149 // cache_ maps from a request to a cached result.
150 CertVerifierCache cache_
;
152 // inflight_ maps from a request to an active verification which is taking
154 std::map
<RequestParams
, CertVerifierJob
*> inflight_
;
156 // A non-owning pointer to the first job for histogramming.
157 CertVerifierJob
* first_job_
;
161 uint64 inflight_joins_
;
163 scoped_refptr
<CertVerifyProc
> verify_proc_
;
165 CertTrustAnchorProvider
* trust_anchor_provider_
;
167 DISALLOW_COPY_AND_ASSIGN(MultiThreadedCertVerifier
);
172 #endif // NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_
