chrome/browser/chromeos/certificate_provider/thread_safe_certificate_map.cc

   1 // Copyright 2015 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/chromeos/certificate_provider/thread_safe_certificate_map.h"
   6
   7 #include "net/base/hash_value.h"
   8 #include "net/cert/x509_certificate.h"
   9
  10 namespace chromeos {
  11 namespace certificate_provider {
  12 namespace {
  13
  14 void BuildFingerprintsMap(
  15     const std::map<std::string, certificate_provider::CertificateInfoList>&
  16         extension_to_certificates,
  17     ThreadSafeCertificateMap::FingerprintToCertAndExtensionMap*
  18         fingerprint_to_cert) {
  19   for (const auto& entry : extension_to_certificates) {
  20     const std::string& extension_id = entry.first;
  21     for (const CertificateInfo& cert_info : entry.second) {
  22       const net::SHA256HashValue fingerprint =
  23           net::X509Certificate::CalculateFingerprint256(
  24               cert_info.certificate->os_cert_handle());
  25       fingerprint_to_cert->insert(
  26           fingerprint, make_scoped_ptr(new ThreadSafeCertificateMap::MapValue(
  27                            cert_info, extension_id)));
  28     }
  29   }
  30 }
  31
  32 }  // namespace
  33
  34 ThreadSafeCertificateMap::MapValue::MapValue(const CertificateInfo& cert_info,
  35                                              const std::string& extension_id)
  36     : cert_info(cert_info), extension_id(extension_id) {}
  37
  38 ThreadSafeCertificateMap::MapValue::~MapValue() {}
  39
  40 ThreadSafeCertificateMap::ThreadSafeCertificateMap() {}
  41
  42 ThreadSafeCertificateMap::~ThreadSafeCertificateMap() {}
  43
  44 void ThreadSafeCertificateMap::Update(
  45     const std::map<std::string, certificate_provider::CertificateInfoList>&
  46         extension_to_certificates) {
  47   FingerprintToCertAndExtensionMap new_fingerprint_map;
  48   BuildFingerprintsMap(extension_to_certificates, &new_fingerprint_map);
  49
  50   base::AutoLock auto_lock(lock_);
  51   // Keep all old fingerprints from |fingerprint_to_cert_and_extension_| but
  52   // remove the association to any extension.
  53   for (const auto& entry : fingerprint_to_cert_and_extension_) {
  54     const net::SHA256HashValue& fingerprint = entry.first;
  55     // This doesn't modify the map if it already contains the key |fingerprint|.
  56     new_fingerprint_map.insert(fingerprint, nullptr);
  57   }
  58   fingerprint_to_cert_and_extension_.swap(new_fingerprint_map);
  59 }
  60
  61 bool ThreadSafeCertificateMap::LookUpCertificate(
  62     const net::X509Certificate& cert,
  63     bool* is_currently_provided,
  64     CertificateInfo* info,
  65     std::string* extension_id) {
  66   *is_currently_provided = false;
  67   const net::SHA256HashValue fingerprint =
  68       net::X509Certificate::CalculateFingerprint256(cert.os_cert_handle());
  69
  70   base::AutoLock auto_lock(lock_);
  71   const auto it = fingerprint_to_cert_and_extension_.find(fingerprint);
  72   if (it == fingerprint_to_cert_and_extension_.end())
  73     return false;
  74
  75   MapValue* const value = it->second;
  76   if (value) {
  77     *is_currently_provided = true;
  78     *info = value->cert_info;
  79     *extension_id = value->extension_id;
  80   }
  81   return true;
  82 }
  83
  84 void ThreadSafeCertificateMap::RemoveExtension(
  85     const std::string& extension_id) {
  86   base::AutoLock auto_lock(lock_);
  87   for (auto& entry : fingerprint_to_cert_and_extension_) {
  88     MapValue* const value = entry.second;
  89     // Only remove the association of the fingerprint to the extension, but keep
  90     // the fingerprint.
  91     if (value && value->extension_id == extension_id)
  92       fingerprint_to_cert_and_extension_.set(entry.first, nullptr);
  93   }
  94 }
  95
  96 }  // namespace certificate_provider
  97 }  // namespace chromeos