Disk Based Certificate Cache Implementation

net/http/disk_based_cert_cache.h

Index: net/http/disk_based_cert_cache.h
diff --git a/net/http/disk_based_cert_cache.h b/net/http/disk_based_cert_cache.h
new file mode 100644
index 0000000000000000000000000000000000000000..e29c396b4c16ddbb60c90b23fab0d34d868a5251
--- /dev/null
+++ b/net/http/disk_based_cert_cache.h
@@ -0,0 +1,75 @@
+// Copyright (c) 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_HTTP_DISK_BASED_CERT_CACHE_H
+#define NET_HTTP_DISK_BASED_CERT_CACHE_H
+
+#include <string>
+
+#include "base/callback.h"
+#include "base/containers/hash_tables.h"
+#include "base/memory/weak_ptr.h"
+#include "net/base/net_export.h"
+#include "net/cert/x509_certificate.h"
+
+namespace disk_cache {
+class Backend;
+}  // namespace disk_cache
+
+namespace net {

[wtc, 2014/06/24 00:21:04]

Nit: add a blank line after this line.

+// DiskBasedCertCache is used to store and retrieve X509Certificates from the

[Ryan Sleevi, 2014/06/23 22:43:58]

comment nit: You don't actually take X509Certificates, you take cert handles.

Perhaps you meant X.509 certificates?

[Ryan Sleevi, 2014/06/23 22:43:58]

style: newline between 20 & 21

+// cache. Each individual certificate is stored separately from its Certificate

[Ryan Sleevi, 2014/06/23 22:43:58]

s/Certificate/certificate

+// chain. Each certificate is associated with a unique cache key that is
+// created with a SHA1 hash.

[Ryan Sleevi, 2014/06/23 22:43:58]

comment nit: this last comment feels like it's explaining an implementation
detail. It probably fine to omit.

+class NET_EXPORT_PRIVATE DiskBasedCertCache {
+ public:
+  typedef base::Callback<void(const X509Certificate::OSCertHandle cert_handle)>
+      GetCallback;
+  typedef base::Callback<void(const std::string&)> SetCallback;
+
+  // Constructor takes in a previously initialized backend, which is then
+  // used to store the certificates in the cache.

[Ryan Sleevi, 2014/06/23 22:43:58]

Usual comment style is to avoid using the word "constructor"

// Initializes a new DiskBasedCertCache that will use |backend|, which
// has been previously initialized, to store certificates.

+  explicit DiskBasedCertCache(disk_cache::Backend* backend);
+  ~DiskBasedCertCache();
+
+  // Fetches the certificate associated with |key|. If the certificate is
+  // found within the cache, |cb| will be called with the certificate.
+  // Otherwise, |cb| will be called with NULL. Callers that wish to store
+  // a reference to the certificate need to use X509Certificate::DupOSCertHandle
+  // inside |cb|.
+  void Get(const std::string& key, const GetCallback& cb);
+
+  // Stores |cert_handle| in the cache. If |cert_handle| is successfully stored,
+  // |cb| will be called with the key. If |cb| is called with an empty
+  // string, then |cert_handle| was not stored.
+  void Set(const X509Certificate::OSCertHandle cert_handle,
+           const SetCallback& cb);
+
+ private:
+  class ReadWorker;
+  class WriteWorker;
+
+  // ReadWorkerMap and WriteWorkerMap map cache keys to their
+  // corresponding Workers.
+  typedef base::hash_map<std::string, ReadWorker*> ReadWorkerMap;
+  typedef base::hash_map<std::string, WriteWorker*> WriteWorkerMap;
+
+  // FinishedReadOperation and FinishedWriteOperation are used by callbacks
+  // given to the workers to signal the DiskBasedCertCache they have completed
+  // their work. The workers are then deleted and removed from their respective
+  // hash maps.

[Ryan Sleevi, 2014/06/23 22:43:58]

This last sentence is an implementation detail; we try to omit those from
headers.

+  void FinishedReadOperation(const std::string& key);
+  void FinishedWriteOperation(const std::string& key);
+
+  ReadWorkerMap read_worker_map_;
+  WriteWorkerMap write_worker_map_;
+
+  disk_cache::Backend* backend_;
+  base::WeakPtrFactory<DiskBasedCertCache> weak_factory_;
+  DISALLOW_COPY_AND_ASSIGN(DiskBasedCertCache);
+};
+
+}  // namespace net
+
+#endif  // NET_HTTP_DISK_BASED_CERT_CACHE_H