| // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef NET_QUIC_CRYPTO_EPHEMERAL_KEY_SOURCE_H_ |
| #define NET_QUIC_CRYPTO_EPHEMERAL_KEY_SOURCE_H_ |
| |
| #include <string> |
| |
| #include "base/strings/string_piece.h" |
| #include "net/base/net_export.h" |
| #include "net/quic/quic_time.h" |
| |
| namespace net { |
| |
| class KeyExchange; |
| class QuicRandom; |
| |
| // EphemeralKeySource manages and rotates ephemeral keys as they can be reused |
| // for several connections in a short space of time. Since the implementation |
| // of this may involve locking or thread-local data, this interface abstracts |
| // that away. |
| class NET_EXPORT_PRIVATE EphemeralKeySource { |
| public: |
| virtual ~EphemeralKeySource() {} |
| |
| // CalculateForwardSecureKey generates an ephemeral public/private key pair |
| // using the algorithm |key_exchange|, sets |*public_value| to the public key |
| // and returns the shared key between |peer_public_value| and the private |
| // key. |*public_value| will be sent to the peer to be used with the peer's |
| // private key. |
| virtual std::string CalculateForwardSecureKey( |
| const KeyExchange* key_exchange, |
| QuicRandom* rand, |
| QuicTime now, |
| base::StringPiece peer_public_value, |
| std::string* public_value) = 0; |
| }; |
| |
| } // namespace net |
| |
| #endif // NET_QUIC_CRYPTO_EPHEMERAL_KEY_SOURCE_H_ |
