Add an SignedCertificateTimetampStore, making SignedCertificateTimestamp be refcounted to aid.

content/public/browser/sct_store.h

Index: content/public/browser/sct_store.h
diff --git a/content/public/browser/sct_store.h b/content/public/browser/sct_store.h
new file mode 100644
index 0000000000000000000000000000000000000000..af97793732f1b9836de70785d4c4b583b5cc568b
--- /dev/null
+++ b/content/public/browser/sct_store.h
@@ -0,0 +1,53 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CONTENT_PUBLIC_BROWSER_SCT_STORE_H_
+#define CONTENT_PUBLIC_BROWSER_SCT_STORE_H_
+
+#include "base/memory/ref_counted.h"
+#include "content/common/content_export.h"
+
+namespace net {
+namespace ct {
+class SignedCertificateTimestamp;
+}  // namespace ct
+}  // namespace net
+
+namespace content {
+
+// The purpose of the SignedCertificateTimestampStore is to provide an easy way
+// to store/retrieve SignedCertificateTimestamp objects.  When stored,
+// SignedCertificateTimestamp objects are associated with a RenderProcessHost.
+// If all the RenderProcessHosts associated with the SCT have exited, the SCT
+// is removed from the store.  This class is used by the SSLManager to keep
+// track of the SCTs associated to loaded resources.  It can be accessed from

[wtc, 2013/11/19 01:57:40]

Nit: associated to => associated with ?

Also fix line 34.

[alcutter, 2013/11/19 15:51:34]

Done.

+// the UI and IO threads (it is thread-safe).  Note that the SCT ids will
+// overflow if we register more than 2^32 - 1 SCTs in 1 browsing session (which
+// is highly unlikely to happen).
+class SignedCertificateTimestampStore {

[wtc, 2013/11/19 01:57:40]

Our Style Guide recommends that the file name matches the class name. So these
files should be named signed_certificate_timestamp_store.{h,cc}.

[alcutter, 2013/11/20 12:53:29]

(did this in a previous patch, forgot to reply to it.)

+ public:
+  // Returns the singleton instance of the SignedCertificateTimestampStore.
+  CONTENT_EXPORT static SignedCertificateTimestampStore* GetInstance();
+
+  // Stores the specified SCT and returns the id associated with it.  The SCT
+  // is associated to the specified RenderProcessHost.
+  // When all the RenderProcessHosts associated with a SCT have exited, the
+  // SCT is removed from the store.
+  // Note: ids start at 1.
+  virtual int StoreSignedCertificateTimestamp(
+      net::ct::SignedCertificateTimestamp* sct, int render_process_host_id) = 0;
+
+  // Tries to retrieve the previously stored SCT associated with the specified
+  // |sct_id|. Returns whether the SCT could be found, and, if |sct| is
+  // non-NULL, copies it in.
+  virtual bool RetrieveSignedCertificateTimestamp(int sct_id,

[wtc, 2013/11/19 01:57:40]

Nit: if you think these two method names are long, we can shorten them to
"Store" and "Retrieve".

[alcutter, 2013/11/19 15:51:34]

Done.

+      scoped_refptr<net::ct::SignedCertificateTimestamp>* sct) = 0;
+
+ protected:
+  virtual ~SignedCertificateTimestampStore() {}
+};
+
+}  // namespace content
+
+#endif  // CONTENT_PUBLIC_BROWSER_SCT_STORE_H_