1 // Copyright 2022 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #if !defined(BSSL_PKI_SIGNATURE_VERIFY_CACHE_H_) && defined(__cplusplus) 6 #define BSSL_PKI_SIGNATURE_VERIFY_CACHE_H_ 7 8 #include <openssl/base.h> 9 #include <string> 10 11 namespace bssl { 12 13 class OPENSSL_EXPORT SignatureVerifyCache { 14 public: 15 enum class Value { 16 kValid, // Cached as a valid signature result. 17 kInvalid, // Cached as an invalid signature result. 18 kUnknown, // Cache has no information. 19 }; 20 21 virtual ~SignatureVerifyCache() = default; 22 23 // This interface uses a const std::string reference instead of 24 // std::string_view because any implementation that may reasonably want to use 25 // std::unordered_map or similar can run into problems with std::hash before 26 // C++20. (https://en.cppreference.com/w/cpp/container/unordered_map/find) 27 28 // |Store| is called to store the result of a verification for |key| as kValid 29 // or kInvalid after a signature check. 30 virtual void Store(const std::string &key, Value value) = 0; 31 32 // |Check| is called to fetch a cached value for a verification for |key|. If 33 // the result is kValid, or kInvalid, signature checking is skipped and the 34 // corresponding cached result is used. If the result is kUnknown signature 35 // checking is performed and the corresponding result saved using |Store|. 36 virtual Value Check(const std::string &key) = 0; 37 }; 38 39 } // namespace bssl 40 41 #endif // BSSL_PKI_SIGNATURE_VERIFY_CACHE_H_ && __cplusplus 42