1e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// Copyright 2013 The Chromium Authors. All rights reserved.
2e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// Use of this source code is governed by a BSD-style license that can be
3e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// found in the LICENSE file.
4e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch
5e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch#ifndef CONTENT_PUBLIC_BROWSER_SIGNED_CERTIFICATE_TIMESTAMP_STORE_H_
6e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch#define CONTENT_PUBLIC_BROWSER_SIGNED_CERTIFICATE_TIMESTAMP_STORE_H_
7e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch
8e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch#include "base/memory/ref_counted.h"
9e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch#include "content/common/content_export.h"
10e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch
11e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdochnamespace net {
12e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdochnamespace ct {
13e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdochstruct SignedCertificateTimestamp;
14e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch}  // namespace ct
15e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch}  // namespace net
16e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch
17e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdochnamespace content {
18e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch
19e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// The purpose of the SignedCertificateTimestampStore is to provide an easy way
20e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// to store/retrieve SignedCertificateTimestamp objects.  When stored,
21e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// SignedCertificateTimestamp objects are associated with a RenderProcessHost.
22e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// If all the RenderProcessHosts associated with the SCT have exited, the SCT
23e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// is removed from the store.  This class is used by the SSLManager to keep
24e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// track of the SCTs associated with loaded resources.  It can be accessed from
25e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// the UI and IO threads (it is thread-safe).  Note that the SCT ids will
26e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// overflow if we register more than 2^32 - 1 SCTs in 1 browsing session (which
27e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch// is highly unlikely to happen).
28e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdochclass SignedCertificateTimestampStore {
29e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch public:
30e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch  // Returns the singleton instance of the SignedCertificateTimestampStore.
31e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch  CONTENT_EXPORT static SignedCertificateTimestampStore* GetInstance();
32e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch
33e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch  // Stores the specified SCT and returns the id associated with it.  The SCT
34e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch  // is associated with the specified RenderProcessHost.
35e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch  // When all the RenderProcessHosts associated with a SCT have exited, the
361320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // SCT is removed from the store.
371320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // Note: ids start at 1.
381320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  virtual int Store(net::ct::SignedCertificateTimestamp* sct,
391320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci                    int render_process_host_id) = 0;
40e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch
41e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch  // Tries to retrieve the previously stored SCT associated with the specified
42e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch  // |sct_id|. Returns whether the SCT could be found, and, if |sct| is
43e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch  // non-NULL, copies it in.
44e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch  virtual bool Retrieve(
45e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch      int sct_id, scoped_refptr<net::ct::SignedCertificateTimestamp>* sct) = 0;
46e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch
47e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch protected:
48e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch  virtual ~SignedCertificateTimestampStore() {}
49e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch};
50e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch
51e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch}  // namespace content
52e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch
53#endif  // CONTENT_PUBLIC_BROWSER_SIGNED_CERTIFICATE_TIMESTAMP_STORE_H_
54