Chromium Code Reviews Chromium Code Reviews
Issue 1222953002:
Certificate Transparency: Add STH Fetching capability. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_PROOF_FETCHER_H_ | |
| 6 #define COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_PROOF_FETCHER_H_ | |
| 7 | |
| 8 #include <map> | |
| 9 #include <string> | |
| 10 | |
| 11 #include "base/callback.h" | |
| 12 #include "base/macros.h" | |
| 13 #include "base/memory/scoped_ptr.h" | |
| 14 #include "base/memory/weak_ptr.h" | |
| 15 #include "net/url_request/url_request.h" | |
| 16 | |
| 17 namespace base { | |
| 18 class Value; | |
| 19 } // namespace base | |
| 20 | |
| 21 namespace net { | |
| 22 | |
| 23 class URLRequestContext; | |
| 24 | |
| 25 namespace ct { | |
| 26 struct SignedTreeHead; | |
| 27 } // namespace ct | |
| 28 | |
| 29 } // namespace net | |
| 30 | |
| 31 class GURL; | |
| 32 | |
| 33 namespace certificate_transparency { | |
| 34 | |
| 35 static const size_t kMaxLogResponseSizeInBytes = 600; | |
|
mmenke
2015/08/04 19:54:29
optional: Suggest moving this into LogProofFetche
Eran Messeri
2015/08/05 13:10:52
Done.
| |
| 36 | |
| 37 // Fetches Signed Tree Heads (STHs) and consistency proofs from Certificate | |
| 38 // Transparency logs using the URLRequestContext provided during the instance | |
| 39 // construction. | |
| 40 // Must outlive the provided URLRequestContext. | |
| 41 class LogProofFetcher : public net::URLRequest::Delegate { | |
| 42 public: | |
| 43 // Callback for successful retrieval of Signed Tree Heads. Called | |
| 44 // with the log_id of the log the STH belogs to (as supplied by the caller | |
| 45 // to FetchSignedTreeHead) and the STH itself. | |
| 46 using SignedTreeHeadFetchedCallback = | |
| 47 base::Callback<void(const std::string& log_id, | |
| 48 const net::ct::SignedTreeHead& signed_tree_head)>; | |
| 49 | |
| 50 // Callback for failure of Signed Tree Head retrieval. Called with the log_id | |
| 51 // that the log fetching was requested for and a net error code of the | |
| 52 // failure. | |
| 53 using FetchFailedCallback = base::Callback< | |
| 54 void(const std::string& log_id, int net_error, int http_response_code)>; | |
| 55 | |
| 56 explicit LogProofFetcher(net::URLRequestContext* request_context); | |
| 57 ~LogProofFetcher() override; | |
| 58 | |
| 59 // Fetch the latest Signed Tree Head from the log identified by |log_id| | |
| 60 // from |base_log_url|. The |log_id| will be passed into the callbacks to | |
| 61 // identify the log the retrieved Signed Tree Head belongs to. | |
| 62 // The callbacks won't be invoked if the request is destroyed before | |
| 63 // fetching is completed. | |
| 64 // It is possible, but does not make a lot of sense, to have multiple | |
| 65 // Signed Tree Head fetching requests going out to the same log, since | |
| 66 // they are likely to return the same result. | |
| 67 // TODO(eranm): Think further about whether multiple requests to the same | |
| 68 // log imply cancellation of previous requests, should be coalesced or handled | |
| 69 // independently. | |
| 70 void FetchSignedTreeHead( | |
| 71 const GURL& base_log_url, | |
| 72 const std::string& log_id, | |
| 73 const SignedTreeHeadFetchedCallback& fetched_callback, | |
| 74 const FetchFailedCallback& failed_callback); | |
| 75 | |
| 76 // net::URLRequest::Delegate | |
| 77 void OnResponseStarted(net::URLRequest* request) override; | |
| 78 void OnReadCompleted(net::URLRequest* request, int bytes_read) override; | |
| 79 | |
| 80 private: | |
| 81 struct FetchState; | |
| 82 // Handles the final result of a URLRequest::Read call on |request|. | |
| 83 // Returns true if another read should be started, false if the read | |
| 84 // failed completely or we have to wait for OnResponseStarted to | |
| 85 // be called. | |
| 86 bool HandleReadResult(net::URLRequest* request, | |
| 87 FetchState* params, | |
| 88 int bytes_read); | |
| 89 | |
| 90 // Calls URLRequest::Read on |request| repeatedly, until HandleReadResult | |
| 91 // indicates it should no longer be called. Usually this would be when there | |
| 92 // is pending IO that requires waiting for OnResponseStarted to be called. | |
| 93 void StartNextRead(net::URLRequest* request, FetchState* params); | |
| 94 | |
| 95 // Performs post-report cleanup. | |
| 96 void RequestComplete(net::URLRequest* request); | |
| 97 // Deletes the request and associated FetchState from the internal map. | |
| 98 void CleanupRequest(net::URLRequest* request); | |
| 99 // Invokes the failure callback with the supplied arguments, then cleans up | |
| 100 // the request. | |
| 101 void InvokeFailureCallback(net::URLRequest* request, | |
| 102 int net_error, | |
| 103 int http_response_code); | |
| 104 | |
| 105 // Callbacks for parsing the STH's JSON by the SafeJsonParser | |
| 106 void OnSTHJsonParseSuccess(net::URLRequest* request, | |
| 107 scoped_ptr<base::Value> parsed_json); | |
| 108 void OnSTHJsonParseError(net::URLRequest* request, const std::string& error); | |
| 109 | |
| 110 net::URLRequestContext* const request_context_; | |
| 111 | |
| 112 // Owns the contained requests, as well as FetchState. | |
| 113 std::map<net::URLRequest*, FetchState*> inflight_requests_; | |
| 114 | |
| 115 base::WeakPtrFactory<LogProofFetcher> weak_factory_; | |
| 116 | |
| 117 DISALLOW_COPY_AND_ASSIGN(LogProofFetcher); | |
| 118 }; | |
| 119 | |
| 120 } // namespace certificate_transparency | |
| 121 | |
| 122 #endif // COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_PROOF_FETCHER_H_ | |
| OLD | NEW |
