This change introduces a way to tie source address token keys to specific QUIC
server configs, so that server can replace both the server config and
source address token key when communication with keystore succeeds.
Add retry logic and more graceful fallback to code that loads QUIC
insecure secrets from keystore. Not flag protected.
Merge internal change:
63497296
+ Changed ComputeSourceAddressTokenKey to DeriveSourceAddressTokenKey
+ Fixed comments.
+ Changed Config* to a const reference in BuildRejection,
NewSourceAddressToken and ValidateSourceAddressToken methods.
Merge internal change:
65382861
Use QuicEncrypter and QuicDecrypter with "AES128 + GCM-12" as the AEAD
algorithm to implement CryptoSecretBoxes' Box and Unbox methods. These
methods are used in unit tests only.
R=wtc@chromium.org
Review URL: https://codereview.chromium.org/
213473003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@266491 0039d316-1c4b-4281-b951-d872f2087c98