Certificate Transparency: Add STH Fetching capability.

components/certificate_transparency/log_proof_fetcher.h

Index: components/certificate_transparency/log_proof_fetcher.h
diff --git a/components/certificate_transparency/log_proof_fetcher.h b/components/certificate_transparency/log_proof_fetcher.h
new file mode 100644
index 0000000000000000000000000000000000000000..34e107c9ddebb10a5050c3c77c450428668767e9
--- /dev/null
+++ b/components/certificate_transparency/log_proof_fetcher.h
@@ -0,0 +1,124 @@
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_PROOF_FETCHER_H_
+#define COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_PROOF_FETCHER_H_
+
+#include <map>
+#include <string>
+
+#include "base/callback.h"
+#include "base/macros.h"
+#include "base/memory/scoped_ptr.h"
+#include "base/memory/weak_ptr.h"
+#include "net/url_request/url_request.h"
+
+namespace base {
+class Value;
+}  // namespace base
+
+namespace net {
+
+class URLRequestContext;
+
+namespace ct {
+struct SignedTreeHead;
+}  // namespace ct
+
+}  // namespace net
+
+class GURL;
+
+namespace certificate_transparency {
+
+// Fetches Signed Tree Heads (STHs) and consistency proofs from Certificate
+// Transparency logs using the URLRequestContext provided during the instance
+// construction.

[mmenke, 2015/08/03 18:18:54]

Should mention here, or above the constructor, that it must outlive that
URLRequestContext.

[Eran Messeri, 2015/08/04 16:15:43]

Done.

+class LogProofFetcher : public net::URLRequest::Delegate {
+ public:
+  // Callback for successful retrieval of Signed Tree Heads. Called
+  // with the log_id of the log the STH belogs to (as supplied by the caller
+  // to FetchSignedTreeHead) and the STH itself.
+  using SignedTreeHeadFetchedCallback =
+      base::Callback<void(const std::string& log_id,
+                          const net::ct::SignedTreeHead& signed_tree_head)>;
+
+  // Callback for failure of Signed Tree Head retrieval. Called with the log_id
+  // that the log fetching was requested for and a net error code of the
+  // failure.
+  using FetchFailedCallback = base::Callback<
+      void(const std::string& log_id, int net_error, int http_response_code)>;
+
+  explicit LogProofFetcher(net::URLRequestContext* request_context);
+  ~LogProofFetcher() override;
+
+  // Fetch the latest Signed Tree Head from the log identified by |log_id|
+  // from |base_log_url|. The |log_id| will be passed into the callbacks to
+  // identify the log the retrieved Signed Tree Head belongs to.
+  // It is possible, but does not make a lot of sense, to have multiple
+  // Signed Tree Head fetching requests going out to the same log, since
+  // they are likely to return the same result.

[mmenke, 2015/08/03 18:18:54]

Maybe mention that callbacks won't be invoked if destroyed before the fetch
completed?

[Eran Messeri, 2015/08/04 16:15:43]

Done.

+  // TODO(eranm): Think further about whether multiple requests to the same
+  // log imply cancellation of previous requests, should be coalesced or handled
+  // independently.
+  void FetchSignedTreeHead(
+      const GURL& base_log_url,
+      const std::string& log_id,
+      const SignedTreeHeadFetchedCallback& fetched_callback,
+      const FetchFailedCallback& failed_callback);
+
+  // net::URLRequest::Delegate
+  void OnResponseStarted(net::URLRequest* request) override;
+  void OnReadCompleted(net::URLRequest* request, int bytes_read) override;
+
+ private:
+  struct FetchState {
+    FetchState(const std::string& id,

[mmenke, 2015/08/03 18:18:54]

suggest calling this log_id to match the corresponding field.

[Eran Messeri, 2015/08/04 16:15:42]

Done.

+               const SignedTreeHeadFetchedCallback& fetched_callback,
+               const FetchFailedCallback& failed_callback);
+    ~FetchState();
+
+    std::string log_id;
+    SignedTreeHeadFetchedCallback fetched_callback;
+    FetchFailedCallback failed_callback;
+    scoped_refptr<net::IOBufferWithSize> response_buffer;

[mmenke, 2015/08/03 18:18:54]

Need to include ref_counted.h in this file instead of the cc file, and forward
declare IOBufferWithSize.

Alternatively, since you're only passing pointers around to this class in this
file, you could move back to just forward declaring it here, and defining it in
the other file.

[Eran Messeri, 2015/08/04 16:15:43]

Good point, I've moved back to having a forward declaration here and definition
in the .cc  file.

+    std::string assembled_response;
+  };
+
+  // Handles the result of a URLRequest::Read call on |request|.

[mmenke, 2015/08/03 18:18:54]

the result -> the final result / the non-ERR_IO_PENDING result?

[Eran Messeri, 2015/08/04 16:15:43]

Changed to "the final result". I didn't go into much details on what this method
does in the header file since it's documented in the method body and I didn't
want to duplicate this info.

+  // Returns true if another read should be started, false if the read
+  // failed completely or we have to wait for OnResponseStarted to
+  // be called.
+  bool HandleReadResult(net::URLRequest* request,
+                        FetchState* params,
+                        int bytes_read);
+
+  // Calls URLRequest::Read on |request| repeatedly, until HandleReadResult
+  // indicates it should no longer be called. Usually this would be when there
+  // is pending IO that requires waiting for OnResponseStarted to be called.
+  void StartNextRead(net::URLRequest* request, FetchState* params);
+
+  // Performs post-report cleanup.
+  void RequestComplete(net::URLRequest* request);
+  // Deletes the request and associated FetchState from the internal map.
+  void CleanupRequest(net::URLRequest* request);
+
+  // Callbacks for parsing the STH's JSON by the SafeJsonParser
+  void OnSTHJsonParseSuccess(net::URLRequest* request,
+                             scoped_ptr<base::Value> parsed_json);
+  void OnSTHJsonParseError(net::URLRequest* request, const std::string& error);
+
+  net::URLRequestContext* const request_context_;
+
+  // Owns the contained requests, as well as FetchState.
+  std::map<net::URLRequest*, FetchState*> inflight_requests_;
+
+  base::WeakPtrFactory<LogProofFetcher> weak_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(LogProofFetcher);
+};
+
+}  // namespace certificate_transparency
+
+#endif  // COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_PROOF_FETCHER_H_