Certificate Transparency: Fetching consistency proofs.

components/certificate_transparency/log_proof_fetcher.cc

Index: components/certificate_transparency/log_proof_fetcher.cc
diff --git a/components/certificate_transparency/log_proof_fetcher.cc b/components/certificate_transparency/log_proof_fetcher.cc
index 7e51858708b0acb5d60dbd550cba646ff6ac5ab6..1209cbb52b69f129d1c933e00f5951ec99d849aa 100644
--- a/components/certificate_transparency/log_proof_fetcher.cc
+++ b/components/certificate_transparency/log_proof_fetcher.cc
@@ -9,6 +9,7 @@
 #include "base/logging.h"
 #include "base/memory/ref_counted.h"
 #include "base/stl_util.h"
+#include "base/strings/stringprintf.h"
 #include "base/values.h"
 #include "components/safe_json/safe_json_parser.h"
 #include "net/base/io_buffer.h"
@@ -40,16 +41,37 @@ int GetNetErrorFromURLRequestStatus(const net::URLRequestStatus& status) {
   }
 }
 
+enum LogRequestType { SIGNED_TREE_HEAD, CONSISTENCY_PROOF };
+
+template <typename T>
+size_t InsertCallbackToMap(std::map<size_t, T>* callbacks_map, T callback) {
+  size_t callback_id = callbacks_map->size();
+  while (callbacks_map->find(callback_id) != callbacks_map->end())
+    ++callback_id;
+
+  callbacks_map->insert(std::make_pair(callback_id, callback));
+  return callback_id;
+}
+
+template <typename T>
+T FindCallback(const std::map<size_t, T>& callbacks_map, size_t callback_id) {
+  auto callback_position = callbacks_map.find(callback_id);
+  CHECK(callback_position != callbacks_map.end());
+  return callback_position->second;
+}
+
 }  // namespace
 
 struct LogProofFetcher::FetchState {
   FetchState(const std::string& log_id,
-             const SignedTreeHeadFetchedCallback& fetched_callback,
+             LogRequestType request_type,
+             size_t callback_id,
              const FetchFailedCallback& failed_callback);
   ~FetchState();
 
   std::string log_id;
-  SignedTreeHeadFetchedCallback fetched_callback;
+  LogRequestType request_type;
+  size_t callback_id;
   FetchFailedCallback failed_callback;

[svaldez, 2015/11/12 20:11:03]

Can't you just add:

SignedTreeHeadFetchedCallback sth_fetch_callback;
ConsistencyProofFetchedCallback proof_fetch_callback;

And then remove the fetch_callbacks_ maps and related methods?

The FetchState lifetime seems to be identical to the elements of the callbacks
map

[Eran Messeri, 2015/11/16 13:39:46]

Done - it does simplify the design.

   scoped_refptr<net::IOBufferWithSize> response_buffer;
   std::string assembled_response;
@@ -57,10 +79,12 @@ struct LogProofFetcher::FetchState {
 
 LogProofFetcher::FetchState::FetchState(
     const std::string& log_id,
-    const SignedTreeHeadFetchedCallback& fetched_callback,
+    LogRequestType request_type,
+    size_t callback_id,
     const FetchFailedCallback& failed_callback)
     : log_id(log_id),
-      fetched_callback(fetched_callback),
+      request_type(request_type),
+      callback_id(callback_id),
       failed_callback(failed_callback),
       response_buffer(new net::IOBufferWithSize(kMaxLogResponseSizeInBytes)) {}
 
@@ -83,16 +107,39 @@ void LogProofFetcher::FetchSignedTreeHead(
     const FetchFailedCallback& failed_callback) {
   DCHECK(base_log_url.SchemeIsHTTPOrHTTPS());
   GURL fetch_url(base_log_url.Resolve("ct/v1/get-sth"));
-  scoped_ptr<net::URLRequest> request =
-      request_context_->CreateRequest(fetch_url, net::DEFAULT_PRIORITY, this);
-  request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
-                        net::LOAD_DO_NOT_SAVE_COOKIES |
-                        net::LOAD_DO_NOT_SEND_AUTH_DATA);
+  net::URLRequest* request = CreateRequest(fetch_url);
 
-  FetchState* fetch_state =
-      new FetchState(log_id, fetched_callback, failed_callback);
+  size_t callback_id =
+      InsertCallbackToMap(&sth_fetch_callbacks_, fetched_callback);
+  FetchState* fetch_state = new FetchState(
+      log_id, LogRequestType::SIGNED_TREE_HEAD, callback_id, failed_callback);
   request->Start();
-  inflight_requests_.insert(std::make_pair(request.release(), fetch_state));
+  inflight_requests_.insert(std::make_pair(request, fetch_state));
+}
+
+void LogProofFetcher::FetchConsistencyProof(
+    const GURL& base_log_url,
+    const std::string& log_id,
+    size_t old_tree_size,
+    size_t new_tree_size,
+    const ConsistencyProofFetchedCallback& fetched_callback,
+    const FetchFailedCallback& failed_callback) {
+  DCHECK(base_log_url.SchemeIsHTTPOrHTTPS());
+  std::string query =
+      base::StringPrintf("first=%lu&second=%lu", old_tree_size, new_tree_size);
+  GURL::Replacements replacements;
+  replacements.SetQueryStr(query);
+  GURL fetch_url = base_log_url.Resolve("ct/v1/get-sth-consistency")
+                       .ReplaceComponents(replacements);

[svaldez, 2015/11/12 20:11:03]

Can't you just do:

std::string relative =
StringPrintf("ct/v1/get-sth-consistency?first=%lu&second=%lu", ...)
GURL fetch_url = base_log_url.Resolve(relative);

[Eran Messeri, 2015/11/16 13:39:46]

Done.

+
+  net::URLRequest* request = CreateRequest(fetch_url);
+
+  size_t callback_id =
+      InsertCallbackToMap(&consistency_fetch_callbacks_, fetched_callback);
+  FetchState* fetch_state = new FetchState(
+      log_id, LogRequestType::CONSISTENCY_PROOF, callback_id, failed_callback);
+  request->Start();
+  inflight_requests_.insert(std::make_pair(request, fetch_state));
 }
 
 void LogProofFetcher::OnResponseStarted(net::URLRequest* request) {
@@ -185,18 +232,37 @@ void LogProofFetcher::RequestComplete(net::URLRequest* request) {
 
   // Get rid of the buffer as it really isn't necessary.
   fetch_state->response_buffer = nullptr;
-  safe_json::SafeJsonParser::Parse(
-      fetch_state->assembled_response,
-      base::Bind(&LogProofFetcher::OnSTHJsonParseSuccess,
-                 weak_factory_.GetWeakPtr(), request),
-      base::Bind(&LogProofFetcher::OnSTHJsonParseError,
-                 weak_factory_.GetWeakPtr(), request));
+  if (fetch_state->request_type == LogRequestType::SIGNED_TREE_HEAD) {
+    safe_json::SafeJsonParser::Parse(
+        fetch_state->assembled_response,
+        base::Bind(&LogProofFetcher::OnSTHJsonParseSuccess,
+                   weak_factory_.GetWeakPtr(), request),
+        base::Bind(&LogProofFetcher::OnSTHJsonParseError,
+                   weak_factory_.GetWeakPtr(), request));
+  } else if (fetch_state->request_type == LogRequestType::CONSISTENCY_PROOF) {
+    safe_json::SafeJsonParser::Parse(
+        fetch_state->assembled_response,
+        base::Bind(&LogProofFetcher::OnConsistencyProofJsonParseSuccess,
+                   weak_factory_.GetWeakPtr(), request),
+        base::Bind(&LogProofFetcher::OnConsistencyProofJsonParseError,
+                   weak_factory_.GetWeakPtr(), request));
+  } else {
+    NOTREACHED();
+  }
 }
 
 void LogProofFetcher::CleanupRequest(net::URLRequest* request) {
   DVLOG(1) << "Cleaning up request to " << request->original_url();
   auto it = inflight_requests_.find(request);
   DCHECK(it != inflight_requests_.end());
+
+  LogRequestType request_type = it->second->request_type;
+  size_t callback_id = it->second->callback_id;
+  if (request_type == SIGNED_TREE_HEAD) {
+    sth_fetch_callbacks_.erase(callback_id);
+  } else if (request_type == CONSISTENCY_PROOF) {
+    consistency_fetch_callbacks_.erase(callback_id);
+  }
   auto next_it = it;
   std::advance(next_it, 1);
 
@@ -225,7 +291,9 @@ void LogProofFetcher::OnSTHJsonParseSuccess(
   FetchState* fetch_state = inflight_requests_.find(request)->second;
   net::ct::SignedTreeHead signed_tree_head;
   if (net::ct::FillSignedTreeHead(*parsed_json.get(), &signed_tree_head)) {
-    fetch_state->fetched_callback.Run(fetch_state->log_id, signed_tree_head);
+    SignedTreeHeadFetchedCallback fetched_callback =
+        FindCallback(sth_fetch_callbacks_, fetch_state->callback_id);
+    fetched_callback.Run(fetch_state->log_id, signed_tree_head);
   } else {
     fetch_state->failed_callback.Run(fetch_state->log_id,
                                      net::ERR_CT_STH_INCOMPLETE, net::HTTP_OK);
@@ -239,4 +307,39 @@ void LogProofFetcher::OnSTHJsonParseError(net::URLRequest* request,
   InvokeFailureCallback(request, net::ERR_CT_STH_PARSING_FAILED, net::HTTP_OK);
 }
 
+void LogProofFetcher::OnConsistencyProofJsonParseSuccess(
+    net::URLRequest* request,
+    scoped_ptr<base::Value> parsed_json) {
+  DCHECK(inflight_requests_.count(request));
+  FetchState* fetch_state = inflight_requests_.find(request)->second;
+  std::vector<std::string> consistency_proof;
+  if (net::ct::FillConsistencyProof(*parsed_json.get(), &consistency_proof)) {
+    ConsistencyProofFetchedCallback fetched_callback =
+        FindCallback(consistency_fetch_callbacks_, fetch_state->callback_id);
+    fetched_callback.Run(fetch_state->log_id, consistency_proof);
+  } else {
+    fetch_state->failed_callback.Run(
+        fetch_state->log_id, net::ERR_CT_CONSISTENCY_PROOF_PARSING_FAILED,
+        net::HTTP_OK);
+  }
+
+  CleanupRequest(request);
+}
+
+void LogProofFetcher::OnConsistencyProofJsonParseError(
+    net::URLRequest* request,
+    const std::string& error) {
+  InvokeFailureCallback(request, net::ERR_CT_CONSISTENCY_PROOF_PARSING_FAILED,
+                        net::HTTP_OK);
+}
+
+net::URLRequest* LogProofFetcher::CreateRequest(const GURL& url) {
+  scoped_ptr<net::URLRequest> request =
+      request_context_->CreateRequest(url, net::DEFAULT_PRIORITY, this);
+  request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
+                        net::LOAD_DO_NOT_SAVE_COOKIES |
+                        net::LOAD_DO_NOT_SEND_AUTH_DATA);
+  return request.release();
+}
+
 }  // namespace certificate_transparency