Use cached compressed certs if available to reduce load of compressing certs. Flag protected by qui…

net/quic/crypto/quic_crypto_server_config.cc

Index: net/quic/crypto/quic_crypto_server_config.cc
diff --git a/net/quic/crypto/quic_crypto_server_config.cc b/net/quic/crypto/quic_crypto_server_config.cc
index 07cc6833982c35c77641f65da450d16ce0d62c6e..ca27cad8570e42082068c9ef415aa401f7bb91ee 100644
--- a/net/quic/crypto/quic_crypto_server_config.cc
+++ b/net/quic/crypto/quic_crypto_server_config.cc
@@ -554,6 +554,7 @@ QuicErrorCode QuicCryptoServerConfig::ProcessClientHello(
     QuicConnectionId server_designated_connection_id,
     const QuicClock* clock,
     QuicRandom* rand,
+    QuicCompressedCertsCache* compressed_certs_cache,
     QuicCryptoNegotiatedParameters* params,
     QuicCryptoProof* crypto_proof,
     CryptoHandshakeMessage* out,
@@ -629,7 +630,7 @@ QuicErrorCode QuicCryptoServerConfig::ProcessClientHello(
     BuildRejection(version, *primary_config, client_hello, info,
                    validate_chlo_result.cached_network_params,
                    use_stateless_rejects, server_designated_connection_id, rand,
-                   params, *crypto_proof, out);
+                   compressed_certs_cache, params, *crypto_proof, out);
     return QUIC_NO_ERROR;
   }
 
@@ -1150,6 +1151,7 @@ bool QuicCryptoServerConfig::BuildServerConfigUpdateMessage(
     const IPAddress& client_ip,
     const QuicClock* clock,
     QuicRandom* rand,
+    QuicCompressedCertsCache* compressed_certs_cache,
     const QuicCryptoNegotiatedParameters& params,
     const CachedNetworkParameters* cached_network_params,
     CryptoHandshakeMessage* out) const {
@@ -1173,8 +1175,8 @@ bool QuicCryptoServerConfig::BuildServerConfigUpdateMessage(
     return false;
   }
 
-  const string compressed = CertCompressor::CompressChain(
-      chain->certs, params.client_common_set_hashes,
+  const string compressed = CompressChain(
+      compressed_certs_cache, chain, params.client_common_set_hashes,
       params.client_cached_cert_hashes, primary_config_->common_cert_sets);
 
   out->SetStringPiece(kCertificateTag, compressed);
@@ -1199,6 +1201,7 @@ void QuicCryptoServerConfig::BuildRejection(
     bool use_stateless_rejects,
     QuicConnectionId server_designated_connection_id,
     QuicRandom* rand,
+    QuicCompressedCertsCache* compressed_certs_cache,
     QuicCryptoNegotiatedParameters* params,
     const QuicCryptoProof& crypto_proof,
     CryptoHandshakeMessage* out) const {
@@ -1242,9 +1245,10 @@ void QuicCryptoServerConfig::BuildRejection(
     params->client_cached_cert_hashes = client_cached_cert_hashes.as_string();
   }
 
-  const string compressed = CertCompressor::CompressChain(
-      crypto_proof.chain->certs, params->client_common_set_hashes,
-      params->client_cached_cert_hashes, config.common_cert_sets);
+  const string compressed =
+      CompressChain(compressed_certs_cache, crypto_proof.chain,
+                    params->client_common_set_hashes,
+                    params->client_cached_cert_hashes, config.common_cert_sets);
 
   // kREJOverheadBytes is a very rough estimate of how much of a REJ
   // message is taken up by things other than the certificates.
@@ -1279,6 +1283,34 @@ void QuicCryptoServerConfig::BuildRejection(
   }
 }
 
+const string QuicCryptoServerConfig::CompressChain(
+    QuicCompressedCertsCache* compressed_certs_cache,
+    const scoped_refptr<ProofSource::Chain>& chain,
+    const string& client_common_set_hashes,
+    const string& client_cached_cert_hashes,
+    const CommonCertSets* common_sets) const {
+  // Check whether the compressed certs is available in the cache.
+  if (FLAGS_quic_use_cached_compressed_certs) {
+    DCHECK(compressed_certs_cache);
+    const string* cached_value = compressed_certs_cache->GetCompressedCert(
+        chain, client_common_set_hashes, client_cached_cert_hashes);
+    if (cached_value) {
+      return *cached_value;
+    }
+  }
+
+  const string compressed =
+      CertCompressor::CompressChain(chain->certs, client_common_set_hashes,
+                                    client_common_set_hashes, common_sets);
+
+  // Insert the newly compressed cert to cache.
+  if (FLAGS_quic_use_cached_compressed_certs) {
+    compressed_certs_cache->Insert(chain, client_common_set_hashes,
+                                   client_cached_cert_hashes, compressed);
+  }
+  return compressed;
+}
+
 scoped_refptr<QuicCryptoServerConfig::Config>
 QuicCryptoServerConfig::ParseConfigProtobuf(
     QuicServerConfigProtobuf* protobuf) {