net/ssl/default_channel_id_store.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_SSL_DEFAULT_CHANNEL_ID_STORE_H_
   6 #define NET_SSL_DEFAULT_CHANNEL_ID_STORE_H_
   7
   8 #include <map>
   9 #include <string>
  10 #include <vector>
  11
  12 #include "base/callback_forward.h"
  13 #include "base/compiler_specific.h"
  14 #include "base/memory/ref_counted.h"
  15 #include "base/memory/scoped_ptr.h"
  16 #include "base/memory/scoped_vector.h"
  17 #include "base/memory/weak_ptr.h"
  18 #include "net/base/net_export.h"
  19 #include "net/ssl/channel_id_store.h"
  20
  21 namespace net {
  22
  23 // This class is the system for storing and retrieving server bound certs.
  24 // Modeled after the CookieMonster class, it has an in-memory cert store,
  25 // and synchronizes server bound certs to an optional permanent storage that
  26 // implements the PersistentStore interface. The use case is described in
  27 // http://balfanz.github.com/tls-obc-spec/draft-balfanz-tls-obc-00.html
  28 // TODO(wtc): Update this comment.
  29 class NET_EXPORT DefaultChannelIDStore : public ChannelIDStore {
  30  public:
  31   class PersistentStore;
  32
  33   // The key for each ChannelID* in ChannelIDMap is the
  34   // corresponding server.
  35   typedef std::map<std::string, ChannelID*> ChannelIDMap;
  36
  37   // The store passed in should not have had Init() called on it yet. This
  38   // class will take care of initializing it. The backing store is NOT owned by
  39   // this class, but it must remain valid for the duration of the
  40   // DefaultChannelIDStore's existence. If |store| is NULL, then no
  41   // backing store will be updated.
  42   explicit DefaultChannelIDStore(PersistentStore* store);
  43
  44   ~DefaultChannelIDStore() override;
  45
  46   // ChannelIDStore implementation.
  47   int GetChannelID(const std::string& server_identifier,
  48                    base::Time* expiration_time,
  49                    std::string* private_key_result,
  50                    std::string* cert_result,
  51                    const GetChannelIDCallback& callback) override;
  52   void SetChannelID(const std::string& server_identifier,
  53                     base::Time creation_time,
  54                     base::Time expiration_time,
  55                     const std::string& private_key,
  56                     const std::string& cert) override;
  57   void DeleteChannelID(const std::string& server_identifier,
  58                        const base::Closure& callback) override;
  59   void DeleteAllCreatedBetween(base::Time delete_begin,
  60                                base::Time delete_end,
  61                                const base::Closure& callback) override;
  62   void DeleteAll(const base::Closure& callback) override;
  63   void GetAllChannelIDs(const GetChannelIDListCallback& callback) override;
  64   int GetChannelIDCount() override;
  65   void SetForceKeepSessionState() override;
  66
  67  private:
  68   class Task;
  69   class GetChannelIDTask;
  70   class SetChannelIDTask;
  71   class DeleteChannelIDTask;
  72   class DeleteAllCreatedBetweenTask;
  73   class GetAllChannelIDsTask;
  74
  75   // Deletes all of the certs. Does not delete them from |store_|.
  76   void DeleteAllInMemory();
  77
  78   // Called by all non-static functions to ensure that the cert store has
  79   // been initialized.
  80   // TODO(mattm): since we load asynchronously now, maybe we should start
  81   // loading immediately on construction, or provide some method to initiate
  82   // loading?
  83   void InitIfNecessary() {
  84     if (!initialized_) {
  85       if (store_.get()) {
  86         InitStore();
  87       } else {
  88         loaded_ = true;
  89       }
  90       initialized_ = true;
  91     }
  92   }
  93
  94   // Initializes the backing store and reads existing certs from it.
  95   // Should only be called by InitIfNecessary().
  96   void InitStore();
  97
  98   // Callback for backing store loading completion.
  99   void OnLoaded(scoped_ptr<ScopedVector<ChannelID> > certs);
 100
 101   // Syncronous methods which do the actual work. Can only be called after
 102   // initialization is complete.
 103   void SyncSetChannelID(
 104       const std::string& server_identifier,
 105       base::Time creation_time,
 106       base::Time expiration_time,
 107       const std::string& private_key,
 108       const std::string& cert);
 109   void SyncDeleteChannelID(const std::string& server_identifier);
 110   void SyncDeleteAllCreatedBetween(base::Time delete_begin,
 111                                    base::Time delete_end);
 112   void SyncGetAllChannelIDs(ChannelIDList* channel_id_list);
 113
 114   // Add |task| to |waiting_tasks_|.
 115   void EnqueueTask(scoped_ptr<Task> task);
 116   // If already initialized, run |task| immediately. Otherwise add it to
 117   // |waiting_tasks_|.
 118   void RunOrEnqueueTask(scoped_ptr<Task> task);
 119
 120   // Deletes the channel id for the specified server, if such a channel id
 121   // exists, from the in-memory store. Deletes it from |store_| if |store_|
 122   // is not NULL.
 123   void InternalDeleteChannelID(const std::string& server);
 124
 125   // Takes ownership of *channel_id.
 126   // Adds the channel id for the specified server to the in-memory store.
 127   // Deletes it from |store_| if |store_| is not NULL.
 128   void InternalInsertChannelID(const std::string& server_identifier,
 129                                ChannelID* channel_id);
 130
 131   // Indicates whether the channel id store has been initialized. This happens
 132   // lazily in InitIfNecessary().
 133   bool initialized_;
 134
 135   // Indicates whether loading from the backend store is completed and
 136   // calls may be immediately processed.
 137   bool loaded_;
 138
 139   // Tasks that are waiting to be run once we finish loading.
 140   ScopedVector<Task> waiting_tasks_;
 141   base::TimeTicks waiting_tasks_start_time_;
 142
 143   scoped_refptr<PersistentStore> store_;
 144
 145   ChannelIDMap channel_ids_;
 146
 147   base::WeakPtrFactory<DefaultChannelIDStore> weak_ptr_factory_;
 148
 149   DISALLOW_COPY_AND_ASSIGN(DefaultChannelIDStore);
 150 };
 151
 152 typedef base::RefCountedThreadSafe<DefaultChannelIDStore::PersistentStore>
 153     RefcountedPersistentStore;
 154
 155 class NET_EXPORT DefaultChannelIDStore::PersistentStore
 156     : public RefcountedPersistentStore {
 157  public:
 158   typedef base::Callback<void(scoped_ptr<ScopedVector<ChannelID> >)>
 159       LoadedCallback;
 160
 161   // Initializes the store and retrieves the existing channel_ids. This will be
 162   // called only once at startup. Note that the channel_ids are individually
 163   // allocated and that ownership is transferred to the caller upon return.
 164   // The |loaded_callback| must not be called synchronously.
 165   virtual void Load(const LoadedCallback& loaded_callback) = 0;
 166
 167   virtual void AddChannelID(const ChannelID& channel_id) = 0;
 168
 169   virtual void DeleteChannelID(const ChannelID& channel_id) = 0;
 170
 171   // When invoked, instructs the store to keep session related data on
 172   // destruction.
 173   virtual void SetForceKeepSessionState() = 0;
 174
 175  protected:
 176   friend class base::RefCountedThreadSafe<PersistentStore>;
 177
 178   PersistentStore();
 179   virtual ~PersistentStore();
 180
 181  private:
 182   DISALLOW_COPY_AND_ASSIGN(PersistentStore);
 183 };
 184
 185 }  // namespace net
 186
 187 #endif  // NET_SSL_DEFAULT_CHANNEL_ID_STORE_H_