net/cert/multi_threaded_cert_verifier.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_
   6 #define NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_
   7
   8 #include <map>
   9 #include <string>
  10 #include <vector>
  11
  12 #include "base/basictypes.h"
  13 #include "base/gtest_prod_util.h"
  14 #include "base/memory/ref_counted.h"
  15 #include "base/threading/non_thread_safe.h"
  16 #include "net/base/completion_callback.h"
  17 #include "net/base/expiring_cache.h"
  18 #include "net/base/hash_value.h"
  19 #include "net/base/net_export.h"
  20 #include "net/cert/cert_database.h"
  21 #include "net/cert/cert_verifier.h"
  22 #include "net/cert/cert_verify_result.h"
  23 #include "net/cert/x509_cert_types.h"
  24
  25 namespace net {
  26
  27 class CertTrustAnchorProvider;
  28 class CertVerifierJob;
  29 class CertVerifierRequest;
  30 class CertVerifierWorker;
  31 class CertVerifyProc;
  32
  33 // MultiThreadedCertVerifier is a CertVerifier implementation that runs
  34 // synchronous CertVerifier implementations on worker threads.
  35 class NET_EXPORT_PRIVATE MultiThreadedCertVerifier
  36     : public CertVerifier,
  37       NON_EXPORTED_BASE(public base::NonThreadSafe),
  38       public CertDatabase::Observer {
  39  public:
  40   explicit MultiThreadedCertVerifier(CertVerifyProc* verify_proc);
  41
  42   // When the verifier is destroyed, all certificate verifications requests are
  43   // canceled, and their completion callbacks will not be called.
  44   ~MultiThreadedCertVerifier() override;
  45
  46   // Configures a source of additional certificates that should be treated as
  47   // trust anchors during verification, provided that the underlying
  48   // CertVerifyProc supports additional trust beyond the default implementation.
  49   // The CertTrustAnchorProvider will only be accessed on the same
  50   // thread that Verify() is called on; that is, it will not be
  51   // accessed from worker threads.
  52   // It must outlive the MultiThreadedCertVerifier.
  53   void SetCertTrustAnchorProvider(
  54       CertTrustAnchorProvider* trust_anchor_provider);
  55
  56   // CertVerifier implementation
  57   int Verify(X509Certificate* cert,
  58              const std::string& hostname,
  59              const std::string& ocsp_response,
  60              int flags,
  61              CRLSet* crl_set,
  62              CertVerifyResult* verify_result,
  63              const CompletionCallback& callback,
  64              CertVerifier::RequestHandle* out_req,
  65              const BoundNetLog& net_log) override;
  66
  67   void CancelRequest(CertVerifier::RequestHandle req) override;
  68
  69   bool SupportsOCSPStapling() override;
  70
  71  private:
  72   friend class CertVerifierWorker;  // Calls HandleResult.
  73   friend class CertVerifierRequest;
  74   friend class CertVerifierJob;
  75   friend class MultiThreadedCertVerifierTest;
  76   FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, CacheHit);
  77   FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, DifferentCACerts);
  78   FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, InflightJoin);
  79   FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, CancelRequest);
  80   FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest,
  81                            RequestParamsComparators);
  82   FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest,
  83                            CertTrustAnchorProvider);
  84
  85   // Input parameters of a certificate verification request.
  86   struct NET_EXPORT_PRIVATE RequestParams {
  87     RequestParams(const SHA1HashValue& cert_fingerprint_arg,
  88                   const SHA1HashValue& ca_fingerprint_arg,
  89                   const std::string& hostname_arg,
  90                   const std::string& ocsp_response_arg,
  91                   int flags_arg,
  92                   const CertificateList& additional_trust_anchors);
  93     ~RequestParams();
  94
  95     bool operator<(const RequestParams& other) const;
  96
  97     std::string hostname;
  98     int flags;
  99     std::vector<SHA1HashValue> hash_values;
 100   };
 101
 102   // CachedResult contains the result of a certificate verification.
 103   struct NET_EXPORT_PRIVATE CachedResult {
 104     CachedResult();
 105     ~CachedResult();
 106
 107     int error;  // The return value of CertVerifier::Verify.
 108     CertVerifyResult result;  // The output of CertVerifier::Verify.
 109   };
 110
 111   // Rather than having a single validity point along a monotonically increasing
 112   // timeline, certificate verification is based on falling within a range of
 113   // the certificate's NotBefore and NotAfter and based on what the current
 114   // system clock says (which may advance forwards or backwards as users correct
 115   // clock skew). CacheValidityPeriod and CacheExpirationFunctor are helpers to
 116   // ensure that expiration is measured both by the 'general' case (now + cache
 117   // TTL) and by whether or not significant enough clock skew was introduced
 118   // since the last verification.
 119   struct CacheValidityPeriod {
 120     explicit CacheValidityPeriod(const base::Time& now);
 121     CacheValidityPeriod(const base::Time& now, const base::Time& expiration);
 122
 123     base::Time verification_time;
 124     base::Time expiration_time;
 125   };
 126
 127   struct CacheExpirationFunctor {
 128     // Returns true iff |now| is within the validity period of |expiration|.
 129     bool operator()(const CacheValidityPeriod& now,
 130                     const CacheValidityPeriod& expiration) const;
 131   };
 132
 133   typedef ExpiringCache<RequestParams, CachedResult, CacheValidityPeriod,
 134                         CacheExpirationFunctor> CertVerifierCache;
 135
 136   void HandleResult(X509Certificate* cert,
 137                     const std::string& hostname,
 138                     const std::string& ocsp_response,
 139                     int flags,
 140                     const CertificateList& additional_trust_anchors,
 141                     int error,
 142                     const CertVerifyResult& verify_result);
 143
 144   // CertDatabase::Observer methods:
 145   void OnCACertChanged(const X509Certificate* cert) override;
 146
 147   // For unit testing.
 148   void ClearCache() { cache_.Clear(); }
 149   size_t GetCacheSize() const { return cache_.size(); }
 150   uint64 cache_hits() const { return cache_hits_; }
 151   uint64 requests() const { return requests_; }
 152   uint64 inflight_joins() const { return inflight_joins_; }
 153
 154   // cache_ maps from a request to a cached result.
 155   CertVerifierCache cache_;
 156
 157   // inflight_ maps from a request to an active verification which is taking
 158   // place.
 159   std::map<RequestParams, CertVerifierJob*> inflight_;
 160
 161   // A non-owning pointer to the first job for histogramming.
 162   CertVerifierJob* first_job_;
 163
 164   uint64 requests_;
 165   uint64 cache_hits_;
 166   uint64 inflight_joins_;
 167
 168   scoped_refptr<CertVerifyProc> verify_proc_;
 169
 170   CertTrustAnchorProvider* trust_anchor_provider_;
 171
 172   DISALLOW_COPY_AND_ASSIGN(MultiThreadedCertVerifier);
 173 };
 174
 175 }  // namespace net
 176
 177 #endif  // NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_