proxygen
TLSTicketKeySeeds.h
Go to the documentation of this file.
1 /*
2  * Copyright 2017-present Facebook, Inc.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 #pragma once
17 
18 #include <string>
19 #include <unordered_set>
20 #include <vector>
21 
22 namespace wangle {
23 
24 struct TLSTicketKeySeeds {
25  std::vector<std::string> oldSeeds;
26  std::vector<std::string> currentSeeds;
27  std::vector<std::string> newSeeds;
28 
29  bool operator==(const TLSTicketKeySeeds& rhs) const {
30  return (
31  oldSeeds == rhs.oldSeeds && currentSeeds == rhs.currentSeeds &&
32  newSeeds == rhs.newSeeds);
33  }
34 
35  bool isValidRotation(const TLSTicketKeySeeds& next) const {
36  // First branch corresponds to not having any ticket seeds, and then
37  // adding ticket seeds for the first time. The second branch corresponds to
38  // a compatible ticket seed update. The third branch is the case of setting
39  // a subset of the ticket seeds a second time
40  return (isEmpty() && next.isNotEmpty()) ||
41  (areSeedsSubset(newSeeds, next.currentSeeds) &&
42  areSeedsSubset(currentSeeds, next.oldSeeds)) ||
43  (areSeedsSubset(oldSeeds, next.oldSeeds) &&
44  areSeedsSubset(currentSeeds, next.currentSeeds) &&
45  areSeedsSubset(newSeeds, next.newSeeds));
46  }
47 
48  bool isEmpty() const {
49  return oldSeeds.empty() && currentSeeds.empty() && newSeeds.empty();
50  }
51 
52  bool isNotEmpty() const {
53  return !oldSeeds.empty() && !currentSeeds.empty() && !newSeeds.empty();
54  }
55 
56  // Verify the LHS is a subset of RHS
57  static bool areSeedsSubset(
58  const std::vector<std::string>& lhs,
59  const std::vector<std::string>& rhs) {
60  if (lhs.size() > rhs.size()) {
61  return false;
62  }
63  std::unordered_set<std::string> a{rhs.cbegin(), rhs.cend()};
64  for (const auto& v :
65  std::unordered_set<std::string>{lhs.cbegin(), lhs.cend()}) {
66  if (a.find(v) == a.end()) {
67  return false;
68  }
69  }
70  return true;
71  }
72 };
73 
74 } // namespace wangle
wangle::TLSTicketKeySeeds::newSeeds
std::vector< std::string > newSeeds
Definition: TLSTicketKeySeeds.h:27
wangle::TLSTicketKeySeeds::currentSeeds
std::vector< std::string > currentSeeds
Definition: TLSTicketKeySeeds.h:26
wangle::TLSTicketKeySeeds::operator==
bool operator==(const TLSTicketKeySeeds &rhs) const
Definition: TLSTicketKeySeeds.h:29
wangle::TLSTicketKeySeeds::isValidRotation
bool isValidRotation(const TLSTicketKeySeeds &next) const
Definition: TLSTicketKeySeeds.h:35
folly::detail::rhs
FOLLY_PUSH_WARNING RHS rhs
Definition: Traits.h:649
a
char a
Definition: OptionalTest.cpp:53
wangle::TLSTicketKeySeeds::oldSeeds
std::vector< std::string > oldSeeds
Definition: TLSTicketKeySeeds.h:25
wangle::TLSTicketKeySeeds::areSeedsSubset
static bool areSeedsSubset(const std::vector< std::string > &lhs, const std::vector< std::string > &rhs)
Definition: TLSTicketKeySeeds.h:57
cpp.ast.next
def next(obj)
Definition: ast.py:58