Index: components/certificate_transparency/tree_state_tracker.h |
diff --git a/components/certificate_transparency/tree_state_tracker.h b/components/certificate_transparency/tree_state_tracker.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..bd6198d393e77de90d96f95de988375b0164f930 |
--- /dev/null |
+++ b/components/certificate_transparency/tree_state_tracker.h |
@@ -0,0 +1,66 @@ |
+// Copyright 2015 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef COMPONENTS_CERTIFICATE_TRANSPARENCY_TREE_STATE_TRACKER_H_ |
+#define COMPONENTS_CERTIFICATE_TRANSPARENCY_TREE_STATE_TRACKER_H_ |
+ |
+#include <map> |
+#include <string> |
+#include <vector> |
+ |
+#include "base/memory/ref_counted.h" |
+#include "base/memory/scoped_ptr.h" |
+#include "net/cert/ct_verifier.h" |
+ |
+namespace net { |
+class CTLogVerifier; |
+class X509Certificate; |
+ |
+namespace ct { |
+struct SignedCertificateTimestamp; |
+struct SignedTreeHead; |
+} // namespace ct |
+ |
+} // namespace net |
+ |
+namespace certificate_transparency { |
+ |
+class LogProofFetcher; |
+ |
+// Tracks the state of the Merkle Trees of CT logs Chromium |
+// knows about. For now, only stores Signed Tree Heads. |
+class TreeStateTracker : public net::CTVerifier::Observer { |
+ public: |
+ TreeStateTracker( |
+ scoped_ptr<LogProofFetcher> fetcher, |
+ const std::vector<scoped_refptr<net::CTLogVerifier>>& ct_logs); |
+ ~TreeStateTracker() override; |
+ |
+ void OnSCTVerified(net::X509Certificate* cert, |
+ const net::ct::SignedCertificateTimestamp* sct) override; |
+ |
+ private: |
+ void RefreshSTHs(); |
+ void OnSTHFetched(const std::string& log_id, |
+ const net::ct::SignedTreeHead& unverified_sth); |
+ void OnSTHFetchingFailed(const std::string& log_id, |
+ int net_error, |
+ int http_response_code); |
+ |
+ // Holds the latest STH fetched and verified for each log. |
+ std::map<std::string, net::ct::SignedTreeHead> verified_sths_; |
+ // Holds STHs that were received but not checked for consistency. |
+ std::map<std::string, net::ct::SignedTreeHead> |
+ sths_pending_consistency_check_; |
+ // Fetcher for getting STHs and proofs from CT logs. |
+ scoped_ptr<LogProofFetcher> fetcher_; |
+ // List of CT logs to track. |
+ std::map<std::string, scoped_refptr<net::CTLogVerifier>> ct_logs_; |
+ |
+ DISALLOW_COPY_AND_ASSIGN(TreeStateTracker); |
+}; |
+ |
+} // namespace certificate_transparency |
+ |
+#endif // COMPONENTS_CERTIFICATE_TRANSPARENCY_TREE_STATE_TRACKER_H_ |