The Tor Browser / file revision

security/certverifier/OCSPCache.h@97036ab72558

security/certverifier/OCSPCache.h

Tue, 06 Jan 2015 21:39:09 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Tue, 06 Jan 2015 21:39:09 +0100
branch
TOR_BUG_9701
changeset 8
97036ab72558
permissions
-rw-r--r--

Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.

     1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */

     2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */

     3 /* Copyright 2013 Mozilla Foundation

     4  *

     5  * Licensed under the Apache License, Version 2.0 (the "License");

     6  * you may not use this file except in compliance with the License.

     7  * You may obtain a copy of the License at

     8  *

     9  *     http://www.apache.org/licenses/LICENSE-2.0

    10  *

    11  * Unless required by applicable law or agreed to in writing, software

    12  * distributed under the License is distributed on an "AS IS" BASIS,

    13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

    14  * See the License for the specific language governing permissions and

    15  * limitations under the License.

    16  */

    17 

    18 #ifndef mozilla_psm_OCSPCache_h

    19 #define mozilla_psm_OCSPCache_h

    20 

    21 #include "certt.h"

    22 #include "hasht.h"

    23 #include "pkix/pkixtypes.h"

    24 #include "mozilla/Mutex.h"

    25 #include "mozilla/Vector.h"

    26 #include "prerror.h"

    27 

    28 namespace mozilla { namespace psm {

    29 

    30 // make SHA384Buffer be of type "array of uint8_t of length SHA384_LENGTH"

    31 typedef uint8_t SHA384Buffer[SHA384_LENGTH];

    32 

    33 // OCSPCache can store and retrieve OCSP response verification results. Each

    34 // result is keyed on the certificate that purportedly corresponds to it (where

    35 // certificates are distinguished based on serial number, issuer, and

    36 // issuer public key, much like in an encoded OCSP response itself). A maximum

    37 // of 1024 distinct entries can be stored.

    38 // OCSPCache is thread-safe.

    39 class OCSPCache

    40 {

    41 public:

    42   OCSPCache();

    43   ~OCSPCache();

    44 

    45   // Returns true if the status of the given certificate (issued by the given

    46   // issuer) is in the cache, and false otherwise.

    47   // If it is in the cache, returns by reference the error code of the cached

    48   // status and the time through which the status is considered trustworthy.

    49   bool Get(const CERTCertificate* aCert, const CERTCertificate* aIssuerCert,

    50            /* out */ PRErrorCode& aErrorCode, /* out */ PRTime& aValidThrough);

    51 

    52   // Caches the status of the given certificate (issued by the given issuer).

    53   // The status is considered trustworthy through the given time.

    54   // A status with an error code of SEC_ERROR_REVOKED_CERTIFICATE will not

    55   // be replaced or evicted.

    56   // A status with an error code of SEC_ERROR_OCSP_UNKNOWN_CERT will not

    57   // be evicted when the cache is full.

    58   // A status with a more recent thisUpdate will not be replaced with a

    59   // status with a less recent thisUpdate unless the less recent status

    60   // indicates the certificate is revoked.

    61   SECStatus Put(const CERTCertificate* aCert,

    62                 const CERTCertificate* aIssuerCert,

    63                 PRErrorCode aErrorCode,

    64                 PRTime aThisUpdate,

    65                 PRTime aValidThrough);

    66 

    67   // Removes everything from the cache.

    68   void Clear();

    69 

    70 private:

    71   class Entry

    72   {

    73   public:

    74     SECStatus Init(const CERTCertificate* aCert,

    75                    const CERTCertificate* aIssuerCert,

    76                    PRErrorCode aErrorCode, PRTime aThisUpdate,

    77                    PRTime aValidThrough);

    78 

    79     PRErrorCode mErrorCode;

    80     PRTime mThisUpdate;

    81     PRTime mValidThrough;

    82     // The SHA-384 hash of the concatenation of the DER encodings of the

    83     // issuer name and issuer key, followed by the serial number.

    84     // See the documentation for CertIDHash in OCSPCache.cpp.

    85     SHA384Buffer mIDHash;

    86   };

    87 

    88   int32_t FindInternal(const CERTCertificate* aCert,

    89                        const CERTCertificate* aIssuerCert,

    90                        const MutexAutoLock& aProofOfLock);

    91   void MakeMostRecentlyUsed(size_t aIndex, const MutexAutoLock& aProofOfLock);

    92   void LogWithCerts(const char* aMessage, const CERTCertificate* aCert,

    93                     const CERTCertificate* aIssuerCert);

    94 

    95   Mutex mMutex;

    96   static const size_t MaxEntries = 1024;

    97   // Sorted with the most-recently-used entry at the end.

    98   // Using 256 here reserves as much possible inline storage as the vector

    99   // implementation will give us. 1024 bytes is the maximum it allows,

   100   // which results in 256 Entry pointers or 128 Entry pointers, depending

   101   // on the size of a pointer.

   102   Vector<Entry*, 256> mEntries;

   103 };

   104 

   105 } } // namespace mozilla::psm

   106 

   107 #endif // mozilla_psm_OCSPCache_h

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial