Add a simple cache of certificates for SSL client authentication....

net/base/ssl_client_auth_cache.h

-// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef NET_FTP_FTP_AUTH_CACHE_H_
-#define NET_FTP_FTP_AUTH_CACHE_H_
+#ifndef NET_BASE_SSL_CLIENT_AUTH_CACHE_H_
+#define NET_BASE_SSL_CLIENT_AUTH_CACHE_H_
 
 #include <string>
 #include <map>
 
-#include "net/base/auth.h"
-
-class GURL;
+#include "base/ref_counted.h"
+#include "net/base/x509_certificate.h"
 
 namespace net {
 
-// The FtpAuthCache class is a simple cache structure to store authentication
-// information for ftp. Provides lookup, insertion, and deletion of entries.
-// The parameter for doing lookups, insertions, and deletions is a GURL of the
-// server's address (not a full URL with path, since FTP auth isn't per path).
-// For example:
-//   GURL("ftp://myserver") -- OK (implied port of 21)
-//   GURL("ftp://myserver:21") -- OK
-//   GURL("ftp://myserver/PATH") -- WRONG, paths not allowed
-class FtpAuthCache {
+// The SSLClientAuthCache class is a simple cache structure to store SSL
+// client certificates. Provides lookup, insertion, and deletion of entries.
+// The parameter for doing lookups, insertions, and deletions is the server's
+// host and port.
+//
+// TODO(wtc): This class is based on FtpAuthCache.  We can extract the common
+// code to a template class.
+class SSLClientAuthCache {
  public:
-  FtpAuthCache() {}
-  ~FtpAuthCache() {}
+  SSLClientAuthCache() {}
+  ~SSLClientAuthCache() {}
 
-  // Check if we have authentication data for ftp server at |origin|.
-  // Returns the address of corresponding AuthData object (if found) or NULL
-  // (if not found).
-  AuthData* Lookup(const GURL& origin);
+  // Check if we have a client certificate for SSL server at |server|.
+  // Returns the client certificate (if found) or NULL (if not found).
+  X509Certificate* Lookup(const std::string& server);
 
-  // Add an entry for |origin| to the cache. If there is already an
-  // entry for |origin|, it will be overwritten. Both parameters are IN only.
-  void Add(const GURL& origin, AuthData* value);
+  // Add a client certificate for |server| to the cache. If there is already
+  // a client certificate for |server|, it will be overwritten. Both parameters
+  // are IN only.
+  void Add(const std::string& server, X509Certificate* client_cert);
 
-  // Remove the entry for |origin| from the cache, if one exists.
-  void Remove(const GURL& origin);
+  // Remove the client certificate for |server| from the cache, if one exists.
+  void Remove(const std::string& server);
 
  private:
   typedef std::string AuthCacheKey;
-  typedef scoped_refptr<AuthData> AuthCacheValue;
-  typedef std::map<AuthCacheKey,AuthCacheValue> AuthCacheMap;
-
-  // Get the key in hash table |cache_| where entries for ftp server |origin|
-  // should be saved.
-  static AuthCacheKey MakeKey(const GURL& origin);
+  typedef scoped_refptr<X509Certificate> AuthCacheValue;
+  typedef std::map<AuthCacheKey, AuthCacheValue> AuthCacheMap;
 
   // internal representation of cache, an STL map.
   AuthCacheMap cache_;
 };
 
 }  // namespace net
 
-#endif  // NET_FTP_FTP_AUTH_CACHE_H_
+#endif  // NET_BASE_SSL_CLIENT_AUTH_CACHE_H_