quiche/oblivious_http/oblivious_http_gateway.h - quiche.git - Git at Google

 #ifndef QUICHE_OBLIVIOUS_HTTP_OBLIVIOUS_HTTP_GATEWAY_H_
 #define QUICHE_OBLIVIOUS_HTTP_OBLIVIOUS_HTTP_GATEWAY_H_

 #include <memory>
 #include <string>

 #include "absl/status/statusor.h"
 #include "absl/strings/string_view.h"
 #include "openssl/base.h"
 #include "openssl/hpke.h"
 #include "quiche/common/platform/api/quiche_export.h"
 #include "quiche/common/quiche_random.h"
 #include "quiche/oblivious_http/buffers/oblivious_http_request.h"
 #include "quiche/oblivious_http/buffers/oblivious_http_response.h"
 #include "quiche/oblivious_http/common/oblivious_http_header_key_config.h"

 namespace quiche {
 // 1. Handles server side decryption of the payload received in HTTP POST body
 // from Relay.
 // 2. Handles server side encryption of response (that's in the form of Binary
 // HTTP) that will be sent back to Relay in HTTP POST body.
 // 3. Handles BSSL initialization and HPKE context bookkeeping.

 // This class is immutable (except moves) and thus trivially thread-safe,
 // assuming the `QuicheRandom* quiche_random` passed in with `Create` is
 // thread-safe. Note that default `QuicheRandom::GetInstance()` is thread-safe.
 class QUICHE_EXPORT ObliviousHttpGateway {
  public:
   // @params: If callers would like to pass in their own `QuicheRandom`
   // instance, they can make use of the param `quiche_random`. Otherwise, the
   // default `QuicheRandom::GetInstance()` will be used.
   static absl::StatusOr<ObliviousHttpGateway> Create(
       absl::string_view hpke_private_key,
       const ObliviousHttpHeaderKeyConfig& ohttp_key_config,
       QuicheRandom* quiche_random = nullptr);

   // only Movable (due to `UniquePtr server_hpke_key_`).
   ObliviousHttpGateway(ObliviousHttpGateway&& other) = default;
   ObliviousHttpGateway& operator=(ObliviousHttpGateway&& other) = default;

   ~ObliviousHttpGateway() = default;

   // After successful `Create`, callers will use the returned object to
   // repeatedly call into this method in order to create Oblivious HTTP request
   // with the initialized HPKE private key. Call sequence: Create ->
   // DecryptObliviousHttpRequest -> CreateObliviousHttpResponse.
   // Eg.,
   //   auto ohttp_server_object = ObliviousHttpGateway::Create( <HPKE
   //    private key>, <OHTTP key configuration described in
   //    `oblivious_http_header_key_config.h`>);
   //   auto decrypted_request1 =
   //    ohttp_server_object.DecryptObliviousHttpRequest(<encrypted binary http
   //    1>);
   //   auto decrypted_request2 =
   //    ohttp_server_object.DecryptObliviousHttpRequest(<encrypted binary http
   //    2>);
   absl::StatusOr<ObliviousHttpRequest> DecryptObliviousHttpRequest(
       absl::string_view encrypted_data,
       absl::string_view request_label =
           ObliviousHttpHeaderKeyConfig::kOhttpRequestLabel) const;

   // After `DecryptObliviousHttpRequest` operation, callers on server-side will
   // extract `oblivious_http_request_context` from the returned object
   // `ObliviousHttpRequest` and pass in to this method in order to handle the
   // response flow back to the client.
   absl::StatusOr<ObliviousHttpResponse> CreateObliviousHttpResponse(
       std::string plaintext_data,
       ObliviousHttpRequest::Context& oblivious_http_request_context,
       absl::string_view response_label =
           ObliviousHttpHeaderKeyConfig::kOhttpResponseLabel) const;

  private:
   explicit ObliviousHttpGateway(
       bssl::UniquePtr<EVP_HPKE_KEY> recipient_key,
       const ObliviousHttpHeaderKeyConfig& ohttp_key_config,
       QuicheRandom* quiche_random);
   bssl::UniquePtr<EVP_HPKE_KEY> server_hpke_key_;
   // Holds server's keyID and HPKE related IDs that's published under HPKE
   // public Key configuration.
   // https://www.rfc-editor.org/rfc/rfc9458.html#section-3
   ObliviousHttpHeaderKeyConfig ohttp_key_config_;
   QuicheRandom* quiche_random_;
 };

 }  // namespace quiche

 #endif  // QUICHE_OBLIVIOUS_HTTP_OBLIVIOUS_HTTP_GATEWAY_H_
	#ifndef QUICHE_OBLIVIOUS_HTTP_OBLIVIOUS_HTTP_GATEWAY_H_
	#define QUICHE_OBLIVIOUS_HTTP_OBLIVIOUS_HTTP_GATEWAY_H_

	#include <memory>
	#include <string>

	#include "absl/status/statusor.h"
	#include "absl/strings/string_view.h"
	#include "openssl/base.h"
	#include "openssl/hpke.h"
	#include "quiche/common/platform/api/quiche_export.h"
	#include "quiche/common/quiche_random.h"
	#include "quiche/oblivious_http/buffers/oblivious_http_request.h"
	#include "quiche/oblivious_http/buffers/oblivious_http_response.h"
	#include "quiche/oblivious_http/common/oblivious_http_header_key_config.h"

	namespace quiche {
	// 1. Handles server side decryption of the payload received in HTTP POST body
	// from Relay.
	// 2. Handles server side encryption of response (that's in the form of Binary
	// HTTP) that will be sent back to Relay in HTTP POST body.
	// 3. Handles BSSL initialization and HPKE context bookkeeping.

	// This class is immutable (except moves) and thus trivially thread-safe,
	// assuming the `QuicheRandom* quiche_random` passed in with `Create` is
	// thread-safe. Note that default `QuicheRandom::GetInstance()` is thread-safe.
	class QUICHE_EXPORT ObliviousHttpGateway {
	public:
	// @params: If callers would like to pass in their own `QuicheRandom`
	// instance, they can make use of the param `quiche_random`. Otherwise, the
	// default `QuicheRandom::GetInstance()` will be used.
	static absl::StatusOr<ObliviousHttpGateway> Create(
	absl::string_view hpke_private_key,
	const ObliviousHttpHeaderKeyConfig& ohttp_key_config,
	QuicheRandom* quiche_random = nullptr);

	// only Movable (due to `UniquePtr server_hpke_key_`).
	ObliviousHttpGateway(ObliviousHttpGateway&& other) = default;
	ObliviousHttpGateway& operator=(ObliviousHttpGateway&& other) = default;

	~ObliviousHttpGateway() = default;

	// After successful `Create`, callers will use the returned object to
	// repeatedly call into this method in order to create Oblivious HTTP request
	// with the initialized HPKE private key. Call sequence: Create ->
	// DecryptObliviousHttpRequest -> CreateObliviousHttpResponse.
	// Eg.,
	// auto ohttp_server_object = ObliviousHttpGateway::Create( <HPKE
	// private key>, <OHTTP key configuration described in
	// `oblivious_http_header_key_config.h`>);
	// auto decrypted_request1 =
	// ohttp_server_object.DecryptObliviousHttpRequest(<encrypted binary http
	// 1>);
	// auto decrypted_request2 =
	// ohttp_server_object.DecryptObliviousHttpRequest(<encrypted binary http
	// 2>);
	absl::StatusOr<ObliviousHttpRequest> DecryptObliviousHttpRequest(
	absl::string_view encrypted_data,
	absl::string_view request_label =
	ObliviousHttpHeaderKeyConfig::kOhttpRequestLabel) const;

	// After `DecryptObliviousHttpRequest` operation, callers on server-side will
	// extract `oblivious_http_request_context` from the returned object
	// `ObliviousHttpRequest` and pass in to this method in order to handle the
	// response flow back to the client.
	absl::StatusOr<ObliviousHttpResponse> CreateObliviousHttpResponse(
	std::string plaintext_data,
	ObliviousHttpRequest::Context& oblivious_http_request_context,
	absl::string_view response_label =
	ObliviousHttpHeaderKeyConfig::kOhttpResponseLabel) const;

	private:
	explicit ObliviousHttpGateway(
	bssl::UniquePtr<EVP_HPKE_KEY> recipient_key,
	const ObliviousHttpHeaderKeyConfig& ohttp_key_config,
	QuicheRandom* quiche_random);
	bssl::UniquePtr<EVP_HPKE_KEY> server_hpke_key_;
	// Holds server's keyID and HPKE related IDs that's published under HPKE
	// public Key configuration.
	// https://www.rfc-editor.org/rfc/rfc9458.html#section-3
	ObliviousHttpHeaderKeyConfig ohttp_key_config_;
	QuicheRandom* quiche_random_;
	};

	} // namespace quiche

	#endif // QUICHE_OBLIVIOUS_HTTP_OBLIVIOUS_HTTP_GATEWAY_H_