OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ | 5 #ifndef NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ |
6 #define NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ | 6 #define NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ |
7 | 7 |
8 #include <stddef.h> | 8 #include <stddef.h> |
9 #include <stdint.h> | 9 #include <stdint.h> |
10 | 10 |
(...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
187 // SetConfigs takes a vector of config protobufs and the current time. | 187 // SetConfigs takes a vector of config protobufs and the current time. |
188 // Configs are assumed to be uniquely identified by their server config ID. | 188 // Configs are assumed to be uniquely identified by their server config ID. |
189 // Previously unknown configs are added and possibly made the primary config | 189 // Previously unknown configs are added and possibly made the primary config |
190 // depending on their |primary_time| and the value of |now|. Configs that are | 190 // depending on their |primary_time| and the value of |now|. Configs that are |
191 // known, but are missing from the protobufs are deleted, unless they are | 191 // known, but are missing from the protobufs are deleted, unless they are |
192 // currently the primary config. SetConfigs returns false if any errors were | 192 // currently the primary config. SetConfigs returns false if any errors were |
193 // encountered and no changes to the QuicCryptoServerConfig will occur. | 193 // encountered and no changes to the QuicCryptoServerConfig will occur. |
194 bool SetConfigs(const std::vector<QuicServerConfigProtobuf*>& protobufs, | 194 bool SetConfigs(const std::vector<QuicServerConfigProtobuf*>& protobufs, |
195 QuicWallTime now); | 195 QuicWallTime now); |
196 | 196 |
| 197 // SetDefaultSourceAddressTokenKeys sets the keys to be tried, in order, |
| 198 // when decrypting a source address token. This modifies only the default |
| 199 // boxer, which is to say, it is a no-op if a key was specified in the Config. |
| 200 // Note that these keys are used *without* passing them through a KDF, in |
| 201 // contradistinction to the |source_address_token_secret| argument to the |
| 202 // constructor. |
| 203 void SetDefaultSourceAddressTokenKeys(const std::vector<std::string>& keys); |
| 204 |
197 // Get the server config ids for all known configs. | 205 // Get the server config ids for all known configs. |
198 void GetConfigIds(std::vector<std::string>* scids) const; | 206 void GetConfigIds(std::vector<std::string>* scids) const; |
199 | 207 |
200 // Checks |client_hello| for gross errors and determines whether it | 208 // Checks |client_hello| for gross errors and determines whether it |
201 // can be shown to be fresh (i.e. not a replay). The result of the | 209 // can be shown to be fresh (i.e. not a replay). The result of the |
202 // validation step must be interpreted by calling | 210 // validation step must be interpreted by calling |
203 // QuicCryptoServerConfig::ProcessClientHello from the done_cb. | 211 // QuicCryptoServerConfig::ProcessClientHello from the done_cb. |
204 // | 212 // |
205 // ValidateClientHello may invoke the done_cb before unrolling the | 213 // ValidateClientHello may invoke the done_cb before unrolling the |
206 // stack if it is able to assess the validity of the client_nonce | 214 // stack if it is able to assess the validity of the client_nonce |
(...skipping 426 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
633 std::string cert_sct; | 641 std::string cert_sct; |
634 // The server config that is used for this proof (and the rest of the | 642 // The server config that is used for this proof (and the rest of the |
635 // request). | 643 // request). |
636 scoped_refptr<QuicCryptoServerConfig::Config> config; | 644 scoped_refptr<QuicCryptoServerConfig::Config> config; |
637 std::string primary_scid; | 645 std::string primary_scid; |
638 }; | 646 }; |
639 | 647 |
640 } // namespace net | 648 } // namespace net |
641 | 649 |
642 #endif // NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ | 650 #endif // NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ |
OLD | NEW |