net/cert/internal/trust_store.h - Issue 2266333002: Allow TrustStore queries to be asynchronous.

Side by Side Diff: net/cert/internal/trust_store.h

Issue 2266333002: Allow TrustStore queries to be asynchronous. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2016 The Chromium Authors. All rights reserved.	1 // Copyright 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef NET_CERT_INTERNAL_TRUST_STORE_H_	5 #ifndef NET_CERT_INTERNAL_TRUST_STORE_H_

6 #define NET_CERT_INTERNAL_TRUST_STORE_H_	6 #define NET_CERT_INTERNAL_TRUST_STORE_H_

7	7

8 #include <vector>	8 #include <vector>

9	9

	10 #include "base/callback.h"

10 #include "base/memory/ref_counted.h"	11 #include "base/memory/ref_counted.h"

11 #include "net/base/net_export.h"	12 #include "net/base/net_export.h"

12 #include "net/cert/internal/parsed_certificate.h"	13 #include "net/cert/internal/parsed_certificate.h"

13	14

14 namespace net {	15 namespace net {

15	16

16 namespace der {	17 namespace der {

17 class Input;	18 class Input;

18 }	19 }

19	20

(...skipping 87 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
107	108

108 scoped_refptr<ParsedCertificate> cert_;	109 scoped_refptr<ParsedCertificate> cert_;

109 bool enforces_constraints_ = false;	110 bool enforces_constraints_ = false;

110 };	111 };

111	112

112 using TrustAnchors = std::vector<scoped_refptr<TrustAnchor>>;	113 using TrustAnchors = std::vector<scoped_refptr<TrustAnchor>>;

113	114

114 // Interface for finding trust anchors.	115 // Interface for finding trust anchors.

115 class NET_EXPORT TrustStore {	116 class NET_EXPORT TrustStore {

116 public:	117 public:

	118 class NET_EXPORT Request {

	119 public:

	120 Request() = default;

	121 // Destruction of the Request cancels it.

	122 virtual ~Request() = default;
	eroman 2016/08/23 18:30:10 can this be moved to the .cc file? can this be moved to the .cc file? mattm 2016/08/26 02:24:43 Done. Show quoted text On 2016/08/23 18:30:10, eroman wrote: > can this be moved to the .cc file? Done.
	123 };

	124

117 TrustStore();	125 TrustStore();

118 virtual ~TrustStore();	126 virtual ~TrustStore();

119	127

120 // Returns the trust anchors that match \|name\| in \|*matches\|, if any.	128 using TrustAnchorCallback =

121 virtual void FindTrustAnchorsByNormalizedName(	129 base::Callback<void(std::unique_ptr<TrustAnchors>)>;
	eroman 2016/08/23 18:30:10 Did you consider a pass-by-value of TrustAnchors? Did you consider a pass-by-value of TrustAnchors? Should cost about the same when using std::move() mattm 2016/08/26 02:24:42 Done. Show quoted text On 2016/08/23 18:30:10, eroman wrote: > Did you consider a pass-by-value of TrustAnchors? > Should cost about the same when using std::move() Done.
122 const der::Input& normalized_name,	130

123 TrustAnchors* matches) const = 0;	131 // Returns the trust anchors that match \|cert\|'s issuer name in \|*out_matches\|
	eroman 2016/08/23 18:30:10 Document that \|cert\| and \|out_matches\| must be non Document that \|cert\| and \|out_matches\| must be non-null. mattm 2016/08/26 02:24:42 Done. Show quoted text On 2016/08/23 18:30:10, eroman wrote: > Document that \|cert\| and \|out_matches\| must be non-null. Done.
	132 // and/or through \|callback\|.

	133 //

	134 // If results are available synchronously, they will be returned in

	135 // \|*out_matches\|.
	eroman 2016/08/23 18:30:10 Can you mention that \|out_matches\| is not used i Can you mention that \|out_matches\| is not used in the case of async completion. mattm 2016/08/26 02:24:43 Done. Show quoted text On 2016/08/23 18:30:10, eroman wrote: > Can you mention that \|out_matches\| is not used in the case of async > completion. Done.
	136 //

	137 // If \|callback\| is not null and results may be available asynchronously,
	eroman 2016/08/23 18:30:10 Note when reading this I assume completion was ei Note when reading this I assume completion was either* async or sync, but not possibly both. Can you clarify that in the documentation? mattm 2016/08/26 02:24:43 The first line does say results are returned in "\| Show quoted text On 2016/08/23 18:30:10, eroman wrote: > Note when reading this I assume completion was either async or sync, but not > possibly both. Can you clarify that in the documentation? The first line does say results are returned in "\|*synchronous_matches\| and/or through \|callback\|". Could that be clearer?
	138 // \|*out_req\| will be filled with a Request, and \|callback\| will be called
	eroman 2016/08/23 18:30:10 Please clarify what "filled" means. My assumption Please clarify what "filled" means. My assumption as a reader here is that this means assignment. However based on the implementations this is an append operation. mattm 2016/08/26 02:24:42 out_req is assigned (it's the unique_ptr<Request>) Show quoted text On 2016/08/23 18:30:10, eroman wrote: > Please clarify what "filled" means. > > My assumption as a reader here is that this means assignment. However based on > the implementations this is an append operation. out_req is assigned (it's the unique_ptr<Request>). You probably ment \|synchronous_matches\|, which is appended, and I will update the docs for that to mention it.
	139 // when results are available. The Request may be destroyed to cancel
	eroman 2016/08/23 18:30:10 Suggest clarifying that \|out_req\| can be null in t Suggest clarifying that \|out_req\| can be null in the synchronous-only mode. But must be non-null in async mode. mattm 2016/08/26 02:24:43 Currently it must always be non-null. But allowing Show quoted text On 2016/08/23 18:30:10, eroman wrote: > Suggest clarifying that \|out_req\| can be null in the synchronous-only mode. But > must be non-null in async mode. Currently it must always be non-null. But allowing it to be null in synchronous-only mode seems reasonable. done.
	140 // the callback if it has not occurred yet.

	141 virtual void FindTrustAnchorsForCert(

	142 const ParsedCertificate* cert,

	143 const TrustAnchorCallback& callback,

	144 TrustAnchors* out_matches,
	eroman 2016/08/23 18:30:10 Suggest renaming this to something more like "sync Suggest renaming this to something more like "synchronous_matches". mattm 2016/08/26 02:24:43 Done. Show quoted text On 2016/08/23 18:30:10, eroman wrote: > Suggest renaming this to something more like "synchronous_matches". Done.
	145 std::unique_ptr<Request>* out_req) const = 0;
	eroman 2016/08/23 18:30:10 side-comment: Should the API allow for a probing u side-comment: Should the API allow for a probing use-case? (i.e. calling in a way to get only synchronous results, however know whether there are also async results to be had) mattm 2016/08/26 02:24:43 The current pathbuilder impl doesn't need it, so I Show quoted text On 2016/08/23 18:30:10, eroman wrote: > side-comment: Should the API allow for a probing use-case? (i.e. calling in a > way to get only synchronous results, however know whether there are also async > results to be had) The current pathbuilder impl doesn't need it, so I didn't include that ability. I think we can just change it later if we come up with a use case that needs it.
124	146

125 private:	147 private:

126 DISALLOW_COPY_AND_ASSIGN(TrustStore);	148 DISALLOW_COPY_AND_ASSIGN(TrustStore);

127 };	149 };

128	150

129 } // namespace net	151 } // namespace net

130	152

131 #endif // NET_CERT_INTERNAL_TRUST_STORE_H_	153 #endif // NET_CERT_INTERNAL_TRUST_STORE_H_

OLD	NEW

« no previous file with comments | « net/cert/internal/path_builder_unittest.cc ('k') | net/cert/internal/trust_store_in_memory.h » ('j') | net/cert/internal/trust_store_test_helpers.h » ('J')