fizz::server::DualTicketCipher Class Reference

#include <DualTicketCipher.h>

Inheritance diagram for fizz::server::DualTicketCipher:

Public Member Functions
	DualTicketCipher (std::unique_ptr< TicketCipher > cipher, std::unique_ptr< TicketCipher > fallbackCipher)
folly::Future< folly::Optional< std::pair< std::unique_ptr< folly::IOBuf >, std::chrono::seconds > > >	encrypt (ResumptionState resState) const override
folly::Future< std::pair< PskType, folly::Optional< ResumptionState > > >	decrypt (std::unique_ptr< folly::IOBuf > encryptedTicket) const override
Public Member Functions inherited from fizz::server::TicketCipher
virtual	~TicketCipher ()=default

Private Attributes
std::unique_ptr< TicketCipher >	cipher_
std::unique_ptr< TicketCipher >	fallbackCipher_

Detailed Description

Base class for using two ciphers for decryption. The idea behind this is that as we transition between psk contexts it might be useful to try multiple ciphers so that we don't break resumption on rollout.

Definition at line 21 of file DualTicketCipher.h.

Constructor & Destructor Documentation

fizz::server::DualTicketCipher::DualTicketCipher ( std::unique_ptr< TicketCipher >  cipher, std::unique_ptr< TicketCipher >  fallbackCipher  )

inline

Definition at line 23 of file DualTicketCipher.h.

      : cipher_(std::move(cipher)),
        fallbackCipher_(std::move(fallbackCipher)) {}

Member Function Documentation

folly::Future<std::pair<PskType, folly::Optional<ResumptionState> > > fizz::server::DualTicketCipher::decrypt ( std::unique_ptr< folly::IOBuf >  encryptedTicket ) const

inlineoverridevirtual

Returns the ResumptionState for an opaque PSK, and the type of PSK (resumption or external).

Returns Rejected if the PSK is not recognized.

Implements fizz::server::TicketCipher.

Definition at line 35 of file DualTicketCipher.h.

References cipher_, folly::IOBuf::clone(), fallbackCipher_, folly::makeFuture(), folly::gen::move, fizz::Rejected, and ticket.

                                                                {
    auto bufClone = encryptedTicket->clone();
    return cipher_->decrypt(std::move(encryptedTicket))
        .thenValue([this, ticket = std::move(bufClone)](
                       std::pair<PskType, folly::Optional<ResumptionState>>
                           res) mutable {
          if (std::get<0>(res) == PskType::Rejected) {
            return fallbackCipher_->decrypt(std::move(ticket));
          }
          return folly::makeFuture(std::move(res));
        });
  }

folly::Future<folly::Optional< std::pair<std::unique_ptr<folly::IOBuf>, std::chrono::seconds> > > fizz::server::DualTicketCipher::encrypt ( ResumptionState  resState ) const

inlineoverridevirtual

Returns an opaque PSK for ResumptionState, and its validity time.

Implements fizz::server::TicketCipher.

Definition at line 31 of file DualTicketCipher.h.

References cipher_, and folly::gen::move.

                                                   {
    return cipher_->encrypt(std::move(resState));
  }

Member Data Documentation

std::unique_ptr<TicketCipher> fizz::server::DualTicketCipher::cipher_

private

Definition at line 50 of file DualTicketCipher.h.

Referenced by decrypt(), and encrypt().

std::unique_ptr<TicketCipher> fizz::server::DualTicketCipher::fallbackCipher_

private

Definition at line 51 of file DualTicketCipher.h.

Referenced by decrypt().

---

The documentation for this class was generated from the following file:

• proxygen/fizz/fizz/server/DualTicketCipher.h