blob: 7068883756d69e151f635262d4957c5a0da02ff9 [file] [log] [blame]
// Copyright 2022 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#if !defined(BSSL_PKI_SIGNATURE_VERIFY_CACHE_H_) && defined(__cplusplus)
#define BSSL_PKI_SIGNATURE_VERIFY_CACHE_H_
#include <openssl/base.h>
#include <string>
BSSL_NAMESPACE_BEGIN
class OPENSSL_EXPORT SignatureVerifyCache {
public:
enum class Value {
kValid, // Cached as a valid signature result.
kInvalid, // Cached as an invalid signature result.
kUnknown, // Cache has no information.
};
virtual ~SignatureVerifyCache() = default;
// This interface uses a const std::string reference instead of
// std::string_view because any implementation that may reasonably want to use
// std::unordered_map or similar can run into problems with std::hash before
// C++20. (https://en.cppreference.com/w/cpp/container/unordered_map/find)
// |Store| is called to store the result of a verification for |key| as kValid
// or kInvalid after a signature check.
virtual void Store(const std::string &key, Value value) = 0;
// |Check| is called to fetch a cached value for a verification for |key|. If
// the result is kValid, or kInvalid, signature checking is skipped and the
// corresponding cached result is used. If the result is kUnknown signature
// checking is performed and the corresponding result saved using |Store|.
virtual Value Check(const std::string &key) = 0;
};
BSSL_NAMESPACE_END
#endif // BSSL_PKI_SIGNATURE_VERIFY_CACHE_H_ && __cplusplus