summaryrefslogtreecommitdiffstats
path: root/netwerk/protocol/http/nsIObliviousHttp.idl
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--netwerk/protocol/http/nsIObliviousHttp.idl78
1 files changed, 78 insertions, 0 deletions
diff --git a/netwerk/protocol/http/nsIObliviousHttp.idl b/netwerk/protocol/http/nsIObliviousHttp.idl
new file mode 100644
index 0000000000..84bc30d640
--- /dev/null
+++ b/netwerk/protocol/http/nsIObliviousHttp.idl
@@ -0,0 +1,78 @@
+/* -*- Mode: IDL; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsISupports.idl"
+
+interface nsIChannel;
+interface nsIURI;
+
+[scriptable, builtinclass, uuid(f2a4aaa4-046a-439e-beef-893b15a90cff)]
+interface nsIObliviousHttpClientResponse : nsISupports {
+ // Decrypt an encrypted response ("enc_response" in the RFC).
+ // Can only be called once.
+ Array<octet> decapsulate(in Array<octet> encResponse);
+};
+
+[scriptable, builtinclass, uuid(403af7f9-4a76-49fc-a622-38d6ba3ee496)]
+interface nsIObliviousHttpClientRequest : nsISupports {
+ // The encrypted request ("enc_request" in the RFC).
+ readonly attribute Array<octet> encRequest;
+ // The context for decrypting the eventual response.
+ readonly attribute nsIObliviousHttpClientResponse response;
+};
+
+[scriptable, builtinclass, uuid(105deb62-45b4-407a-b330-550433279111)]
+interface nsIObliviousHttpServerResponse : nsISupports {
+ readonly attribute Array<octet> request;
+
+ Array<octet> encapsulate(in Array<octet> response);
+};
+
+[scriptable, builtinclass, uuid(fb1abc56-b525-4e1a-a4c6-341a9b32084e)]
+interface nsIObliviousHttpServer : nsISupports {
+ readonly attribute Array<octet> encodedConfig;
+
+ nsIObliviousHttpServerResponse decapsulate(in Array<octet> encRequest);
+};
+
+
+// IDL bindings for the rust implementation of oblivious http.
+// Client code will generally call `encapsulateRequest` given an encoded
+// oblivious gateway key configuration and an encoded binary http request.
+// This function returns a nsIObliviousHttpClientRequest. The `encRequest`
+// attribute of that object is the encapsulated request that can be sent to an
+// oblivious relay to be forwarded on to the oblivious gateway and then to the
+// actual target. The `response` attribute is used to decapsulate the response
+// returned by the oblivious relay.
+// For tests, this implementation provides a facility for decapsulating
+// requests and encapsulating responses. Call `server` to get an
+// `nsIObliviousHttpServer`, which has an attribute `encodedConfig` for use
+// with `encapsulateRequest`. It also has a function `decapsulate`, which
+// decapsulates an encapsulated client request and returns an
+// `nsIObliviousHttpServerResponse`. This object can `encapsulate` a response,
+// which the `nsIObliviousHttpClientResponse` from the original request should
+// be able to `decapsulate`.
+// Thread safety: nsIObliviousHttp may be used on any thread, but any objects
+// created by it must only be used on the threads they are created on.
+[scriptable, builtinclass, uuid(d581149e-3319-4563-b95e-46c64af5c4e8)]
+interface nsIObliviousHttp : nsISupports
+{
+ nsIObliviousHttpClientRequest encapsulateRequest(
+ in Array<octet> encodedConfig,
+ in Array<octet> request);
+
+ nsIObliviousHttpServer server();
+};
+
+[scriptable, builtinclass, uuid(b1f08d56-fca6-4290-9500-d5168dc9d8c3)]
+interface nsIObliviousHttpService : nsISupports
+{
+ nsIChannel newChannel(in nsIURI relayURI, in nsIURI targetURI, in Array<octet> encodedConfig);
+
+ void getTRRSettings(out nsIURI relayURI, out Array<octet> encodedConfig);
+
+ // Clears the config
+ void clearTRRConfig();
+};