Convert SignedCertificateClass to be ref_counted, and add an SCTStore in which to store them. Add S…

content/browser/cert_store_impl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/cert_store_impl.h"
 
 #include <algorithm>
 #include <functional>
 
 #include "base/bind.h"
 #include "base/stl_util.h"
 #include "content/browser/renderer_host/render_process_host_impl.h"
 #include "content/browser/renderer_host/render_view_host_impl.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/notification_types.h"
 
-template <typename T>
-struct MatchSecond {
-  explicit MatchSecond(const T& t) : value(t) {}
-
-  template<typename Pair>
-  bool operator()(const Pair& p) const {
-    return (value == p.second);
-  }
-  T value;
-};
-
 namespace content {
 
 // static
-CertStore* CertStore::GetInstance() {
-  return CertStoreImpl::GetInstance();
-}
+CertStore* CertStore::GetInstance() { return CertStoreImpl::GetInstance(); }
 
 //  static
 CertStoreImpl* CertStoreImpl::GetInstance() {
   return Singleton<CertStoreImpl>::get();
 }
 
-CertStoreImpl::CertStoreImpl() : next_cert_id_(1) {
-  if (BrowserThread::CurrentlyOn(BrowserThread::UI)) {
-    RegisterForNotification();
-  } else {
-    BrowserThread::PostTask(
-        BrowserThread::UI, FROM_HERE,
-        base::Bind(&CertStoreImpl::RegisterForNotification,
-                   base::Unretained(this)));
-  }
-}
+CertStoreImpl::CertStoreImpl() : store_() {}
 
-CertStoreImpl::~CertStoreImpl() {
-}
-
-void CertStoreImpl::RegisterForNotification() {
-  // We watch for RenderProcess termination, as this is how we clear
-  // certificates for now.
-  // TODO(jcampan): we should be listening to events such as resource cached/
-  //                removed from cache, and remove the cert when we know it
-  //                is not used anymore.
-
-  registrar_.Add(this, NOTIFICATION_RENDERER_PROCESS_TERMINATED,
-                 NotificationService::AllBrowserContextsAndSources());
-  registrar_.Add(this, NOTIFICATION_RENDERER_PROCESS_CLOSED,
-                 NotificationService::AllBrowserContextsAndSources());
-}
+CertStoreImpl::~CertStoreImpl() {}
 
 int CertStoreImpl::StoreCert(net::X509Certificate* cert, int process_id) {
-  DCHECK(cert);
-  base::AutoLock auto_lock(cert_lock_);
-
-  int cert_id;
-
-  // Do we already know this cert?
-  ReverseCertMap::iterator cert_iter = cert_to_id_.find(cert);
-  if (cert_iter == cert_to_id_.end()) {
-    cert_id = next_cert_id_++;
-    // We use 0 as an invalid cert_id value.  In the unlikely event that
-    // next_cert_id_ wraps around, we reset it to 1.
-    if (next_cert_id_ == 0)
-      next_cert_id_ = 1;
-    cert->AddRef();
-    id_to_cert_[cert_id] = cert;
-    cert_to_id_[cert] = cert_id;
-  } else {
-    cert_id = cert_iter->second;
-  }
-
-  // Let's update process_id_to_cert_id_.
-  std::pair<IDMap::iterator, IDMap::iterator> process_ids =
-      process_id_to_cert_id_.equal_range(process_id);
-  if (std::find_if(process_ids.first, process_ids.second,
-                   MatchSecond<int>(cert_id)) == process_ids.second) {
-    process_id_to_cert_id_.insert(std::make_pair(process_id, cert_id));
-  }
-
-  // And cert_id_to_process_id_.
-  std::pair<IDMap::iterator, IDMap::iterator> cert_ids =
-      cert_id_to_process_id_.equal_range(cert_id);
-  if (std::find_if(cert_ids.first, cert_ids.second,
-                   MatchSecond<int>(process_id)) == cert_ids.second) {
-    cert_id_to_process_id_.insert(std::make_pair(cert_id, process_id));
-  }
-
-  return cert_id;
+  return store_.Store(cert, process_id);
 }
 
 bool CertStoreImpl::RetrieveCert(int cert_id,
                                  scoped_refptr<net::X509Certificate>* cert) {
-  base::AutoLock auto_lock(cert_lock_);
-
-  CertMap::iterator iter = id_to_cert_.find(cert_id);
-  if (iter == id_to_cert_.end())
-    return false;
-  if (cert)
-    *cert = iter->second;
-  return true;
-}
-
-void CertStoreImpl::RemoveCertInternal(int cert_id) {
-  CertMap::iterator cert_iter = id_to_cert_.find(cert_id);
-  DCHECK(cert_iter != id_to_cert_.end());
-
-  ReverseCertMap::iterator id_iter = cert_to_id_.find(cert_iter->second.get());
-  DCHECK(id_iter != cert_to_id_.end());
-  cert_to_id_.erase(id_iter);
-
-  cert_iter->second->Release();
-  id_to_cert_.erase(cert_iter);
-}
-
-void CertStoreImpl::RemoveCertsForRenderProcesHost(int process_id) {
-  base::AutoLock auto_lock(cert_lock_);
-
-  // We iterate through all the cert ids for that process.
-  std::pair<IDMap::iterator, IDMap::iterator> process_ids =
-      process_id_to_cert_id_.equal_range(process_id);
-  for (IDMap::iterator ids_iter = process_ids.first;
-       ids_iter != process_ids.second; ++ids_iter) {
-    int cert_id = ids_iter->second;
-    // Find all the processes referring to this cert id in
-    // cert_id_to_process_id_, then locate the process being removed within
-    // that range.
-    std::pair<IDMap::iterator, IDMap::iterator> cert_ids =
-        cert_id_to_process_id_.equal_range(cert_id);
-    IDMap::iterator proc_iter =
-        std::find_if(cert_ids.first, cert_ids.second,
-                     MatchSecond<int>(process_id));
-    DCHECK(proc_iter != cert_ids.second);
-
-    // Before removing, determine if no other processes refer to the current
-    // cert id. If |proc_iter| (the current process) is the lower bound of
-    // processes containing the current cert id and if |next_proc_iter| is the
-    // upper bound (the first process that does not), then only one process,
-    // the one being removed, refers to the cert id.
-    IDMap::iterator next_proc_iter = proc_iter;
-    ++next_proc_iter;
-    bool last_process_for_cert_id =
-        (proc_iter == cert_ids.first && next_proc_iter == cert_ids.second);
-    cert_id_to_process_id_.erase(proc_iter);
-
-    if (last_process_for_cert_id) {
-      // The current cert id is not referenced by any other processes, so
-      // remove it from id_to_cert_ and cert_to_id_.
-      RemoveCertInternal(cert_id);
-    }
-  }
-  if (process_ids.first != process_ids.second)
-    process_id_to_cert_id_.erase(process_ids.first, process_ids.second);
-}
-
-void CertStoreImpl::Observe(int type,
-                            const NotificationSource& source,
-                            const NotificationDetails& details) {
-  DCHECK(type == NOTIFICATION_RENDERER_PROCESS_TERMINATED ||
-         type == NOTIFICATION_RENDERER_PROCESS_CLOSED);
-  RenderProcessHost* rph = Source<RenderProcessHost>(source).ptr();
-  DCHECK(rph);
-  RemoveCertsForRenderProcesHost(rph->GetID());
+  return store_.Retrieve(cert_id, cert);
 }
 
 }  // namespace content