1// Copyright (c) 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_QUIC_CRYPTO_CRYPTO_SERVER_CONFIG_PROTOBUF_H_
6#define NET_QUIC_CRYPTO_CRYPTO_SERVER_CONFIG_PROTOBUF_H_
7
8#include <string>
9#include <vector>
10
11#include "base/logging.h"
12#include "base/stl_util.h"
13#include "base/strings/string_piece.h"
14#include "net/base/net_export.h"
15#include "net/quic/crypto/crypto_protocol.h"
16
17namespace net {
18
19// QuicServerConfigProtobuf contains QUIC server config block and the private
20// keys needed to prove ownership.
21// TODO(rch): sync with server more rationally.
22class NET_EXPORT_PRIVATE QuicServerConfigProtobuf {
23 public:
24  // PrivateKey contains a QUIC tag of a key exchange algorithm and a
25  // serialised private key for that algorithm. The format of the serialised
26  // private key is specific to the algorithm in question.
27  class NET_EXPORT_PRIVATE PrivateKey {
28   public:
29    QuicTag tag() const {
30      return tag_;
31    }
32    void set_tag(QuicTag tag) {
33      tag_ = tag;
34    }
35    std::string private_key() const {
36      return private_key_;
37    }
38    void set_private_key(std::string key) {
39      private_key_ = key;
40    }
41
42   private:
43    QuicTag tag_;
44    std::string private_key_;
45  };
46
47  QuicServerConfigProtobuf();
48  ~QuicServerConfigProtobuf();
49
50  size_t key_size() const {
51    return keys_.size();
52  }
53
54  const PrivateKey& key(size_t i) const {
55    DCHECK_GT(keys_.size(), i);
56    return *keys_[i];
57  }
58
59  std::string config() const {
60    return config_;
61  }
62
63  void set_config(base::StringPiece config) {
64    config.CopyToString(&config_);
65  }
66
67  QuicServerConfigProtobuf::PrivateKey* add_key() {
68    keys_.push_back(new PrivateKey);
69    return keys_.back();
70  }
71
72  void clear_key() {
73    STLDeleteElements(&keys_);
74  }
75
76  bool has_primary_time() const {
77    return primary_time_ > 0;
78  }
79
80  int64 primary_time() const {
81    return primary_time_;
82  }
83
84  void set_primary_time(int64 primary_time) {
85    primary_time_ = primary_time;
86  }
87
88  bool has_priority() const {
89    return priority_ > 0;
90  }
91
92  uint64 priority() const {
93    return priority_;
94  }
95
96  void set_priority(int64 priority) {
97    priority_ = priority;
98  }
99
100  bool has_source_address_token_secret_override() const {
101    return !source_address_token_secret_override_.empty();
102  }
103
104  std::string source_address_token_secret_override() const {
105    return source_address_token_secret_override_;
106  }
107
108  void set_source_address_token_secret_override(
109      base::StringPiece source_address_token_secret_override) {
110    source_address_token_secret_override.CopyToString(
111        &source_address_token_secret_override_);
112  }
113
114 private:
115  std::vector<PrivateKey*> keys_;
116
117  // config_ is a serialised config in QUIC wire format.
118  std::string config_;
119
120  // primary_time_ contains a UNIX epoch seconds value that indicates when this
121  // config should become primary.
122  int64 primary_time_;
123
124  // Relative priority of this config vs other configs with the same
125  // primary time.  For use as a secondary sort key when selecting the
126  // primary config.
127  uint64 priority_;
128
129  // Optional override to the secret used to box/unbox source address
130  // tokens when talking to clients that select this server config.
131  // It can be of any length as it is fed into a KDF before use.
132  std::string source_address_token_secret_override_;
133
134  DISALLOW_COPY_AND_ASSIGN(QuicServerConfigProtobuf);
135};
136
137}  // namespace net
138
139#endif  // NET_QUIC_CRYPTO_CRYPTO_SERVER_CONFIG_PROTOBUF_H_
140