/* -*- Mode: IDL; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "nsISupports.idl"

interface nsIChannel;
interface nsIURI;

[scriptable, builtinclass, uuid(f2a4aaa4-046a-439e-beef-893b15a90cff)]
interface nsIObliviousHttpClientResponse : nsISupports {
    // Decrypt an encrypted response ("enc_response" in the RFC).
    // Can only be called once.
    Array<octet> decapsulate(in Array<octet> encResponse);
};

[scriptable, builtinclass, uuid(403af7f9-4a76-49fc-a622-38d6ba3ee496)]
interface nsIObliviousHttpClientRequest : nsISupports {
    // The encrypted request ("enc_request" in the RFC).
    readonly attribute Array<octet> encRequest;
    // The context for decrypting the eventual response.
    readonly attribute nsIObliviousHttpClientResponse response;
};

[scriptable, builtinclass, uuid(105deb62-45b4-407a-b330-550433279111)]
interface nsIObliviousHttpServerResponse : nsISupports {
    readonly attribute Array<octet> request;

    Array<octet> encapsulate(in Array<octet> response);
};

[scriptable, builtinclass, uuid(fb1abc56-b525-4e1a-a4c6-341a9b32084e)]
interface nsIObliviousHttpServer : nsISupports {
    readonly attribute Array<octet> encodedConfig;

    nsIObliviousHttpServerResponse decapsulate(in Array<octet> encRequest);
};


// IDL bindings for the rust implementation of oblivious http.
// Client code will generally call `encapsulateRequest` given an encoded
// oblivious gateway key configuration and an encoded binary http request.
// This function returns a nsIObliviousHttpClientRequest. The `encRequest`
// attribute of that object is the encapsulated request that can be sent to an
// oblivious relay to be forwarded on to the oblivious gateway and then to the
// actual target. The `response` attribute is used to decapsulate the response
// returned by the oblivious relay.
// For tests, this implementation provides a facility for decapsulating
// requests and encapsulating responses. Call `server` to get an
// `nsIObliviousHttpServer`, which has an attribute `encodedConfig` for use
// with `encapsulateRequest`. It also has a function `decapsulate`, which
// decapsulates an encapsulated client request and returns an
// `nsIObliviousHttpServerResponse`. This object can `encapsulate` a response,
// which the `nsIObliviousHttpClientResponse` from the original request should
// be able to `decapsulate`.
// Thread safety: nsIObliviousHttp may be used on any thread, but any objects
// created by it must only be used on the threads they are created on.
[scriptable, builtinclass, uuid(d581149e-3319-4563-b95e-46c64af5c4e8)]
interface nsIObliviousHttp : nsISupports
{
    nsIObliviousHttpClientRequest encapsulateRequest(
        in Array<octet> encodedConfig,
        in Array<octet> request);

    nsIObliviousHttpServer server();
};

[scriptable, builtinclass, uuid(b1f08d56-fca6-4290-9500-d5168dc9d8c3)]
interface nsIObliviousHttpService : nsISupports
{
  nsIChannel newChannel(in nsIURI relayURI, in nsIURI targetURI, in Array<octet> encodedConfig);

  void getTRRSettings(out nsIURI relayURI, out Array<octet> encodedConfig);

  // Clears the config
  void clearTRRConfig();
};