1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
/* -*- Mode: IDL; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
interface nsIChannel;
interface nsIURI;
[scriptable, builtinclass, uuid(f2a4aaa4-046a-439e-beef-893b15a90cff)]
interface nsIObliviousHttpClientResponse : nsISupports {
// Decrypt an encrypted response ("enc_response" in the RFC).
// Can only be called once.
Array<octet> decapsulate(in Array<octet> encResponse);
};
[scriptable, builtinclass, uuid(403af7f9-4a76-49fc-a622-38d6ba3ee496)]
interface nsIObliviousHttpClientRequest : nsISupports {
// The encrypted request ("enc_request" in the RFC).
readonly attribute Array<octet> encRequest;
// The context for decrypting the eventual response.
readonly attribute nsIObliviousHttpClientResponse response;
};
[scriptable, builtinclass, uuid(105deb62-45b4-407a-b330-550433279111)]
interface nsIObliviousHttpServerResponse : nsISupports {
readonly attribute Array<octet> request;
Array<octet> encapsulate(in Array<octet> response);
};
[scriptable, builtinclass, uuid(fb1abc56-b525-4e1a-a4c6-341a9b32084e)]
interface nsIObliviousHttpServer : nsISupports {
readonly attribute Array<octet> encodedConfig;
nsIObliviousHttpServerResponse decapsulate(in Array<octet> encRequest);
};
// IDL bindings for the rust implementation of oblivious http.
// Client code will generally call `encapsulateRequest` given an encoded
// oblivious gateway key configuration and an encoded binary http request.
// This function returns a nsIObliviousHttpClientRequest. The `encRequest`
// attribute of that object is the encapsulated request that can be sent to an
// oblivious relay to be forwarded on to the oblivious gateway and then to the
// actual target. The `response` attribute is used to decapsulate the response
// returned by the oblivious relay.
// For tests, this implementation provides a facility for decapsulating
// requests and encapsulating responses. Call `server` to get an
// `nsIObliviousHttpServer`, which has an attribute `encodedConfig` for use
// with `encapsulateRequest`. It also has a function `decapsulate`, which
// decapsulates an encapsulated client request and returns an
// `nsIObliviousHttpServerResponse`. This object can `encapsulate` a response,
// which the `nsIObliviousHttpClientResponse` from the original request should
// be able to `decapsulate`.
// Thread safety: nsIObliviousHttp may be used on any thread, but any objects
// created by it must only be used on the threads they are created on.
[scriptable, builtinclass, uuid(d581149e-3319-4563-b95e-46c64af5c4e8)]
interface nsIObliviousHttp : nsISupports
{
nsIObliviousHttpClientRequest encapsulateRequest(
in Array<octet> encodedConfig,
in Array<octet> request);
nsIObliviousHttpServer server();
};
[scriptable, builtinclass, uuid(b1f08d56-fca6-4290-9500-d5168dc9d8c3)]
interface nsIObliviousHttpService : nsISupports
{
nsIChannel newChannel(in nsIURI relayURI, in nsIURI targetURI, in Array<octet> encodedConfig);
void getTRRSettings(out nsIURI relayURI, out Array<octet> encodedConfig);
// Clears the config
void clearTRRConfig();
};
|