Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(640)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/quic/crypto/crypto_server_config_protobuf.h

Issue 213473003: This change introduces a way to tie source address token keys to specific QUIC server configs (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Use QuicEncrypter and QuicDecrypter to encrypt and decrypt SecretBoxer's Box/Unbox methods Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/quic/crypto/crypto_secret_boxer.cc ('K') | « net/quic/crypto/crypto_secret_boxer.cc ('k') | net/quic/crypto/quic_crypto_server_config.h » ('j') | net/quic/crypto/quic_crypto_server_config.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/quic/crypto/crypto_server_config_protobuf.h
diff --git a/net/quic/crypto/crypto_server_config_protobuf.h b/net/quic/crypto/crypto_server_config_protobuf.h
index e76ff1452b445c7d7b899dc59979caa744896891..18f419e088f652d99a918bf9e9bcb4de46a759d0 100644
--- a/net/quic/crypto/crypto_server_config_protobuf.h
+++ b/net/quic/crypto/crypto_server_config_protobuf.h
@@ -89,7 +89,7 @@ class NET_EXPORT_PRIVATE QuicServerConfigProtobuf {
return priority_ > 0;
}
- int64 priority() const {
+ uint64 priority() const {
return priority_;
}
@@ -97,6 +97,21 @@ class NET_EXPORT_PRIVATE QuicServerConfigProtobuf {
priority_ = priority;
}
+ bool has_source_address_token_secret_override() const {
+ return !source_address_token_secret_override_.empty();
+ }
+
+ std::string source_address_token_secret_override() const {
+ return source_address_token_secret_override_;
+ }
+
+ void set_source_address_token_secret_override(
+ base::StringPiece source_address_token_secret_override) {
+ source_address_token_secret_override_ =
+ source_address_token_secret_override.as_string();
wtc 2014/04/07 18:38:24 Nit: source_address_token_secret_override.CopyToSt
ramant (doing other things) 2014/04/21 22:39:29 Done.
+ LOG(ERROR) << "override: " << source_address_token_secret_override_;
wtc 2014/04/07 18:38:24 IMPORTANT: remove this error message?
ramant (doing other things) 2014/04/21 22:39:29 Done.
+ }
+
private:
std::vector<PrivateKey*> keys_;
@@ -111,6 +126,11 @@ class NET_EXPORT_PRIVATE QuicServerConfigProtobuf {
// primary time. For use as a secondary sort key when selecting the
// primary config.
uint64 priority_;
+
+ // Optional override to the secret used to box/unbox source address
+ // tokens when talking to clients that select this server config.
+ // It can be of any length as it is fed into a KDF before use.
+ std::string source_address_token_secret_override_;
};
} // namespace net
« net/quic/crypto/crypto_secret_boxer.cc ('K') | « net/quic/crypto/crypto_secret_boxer.cc ('k') | net/quic/crypto/quic_crypto_server_config.h » ('j') | net/quic/crypto/quic_crypto_server_config.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698