Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1340)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/crypto_protocol.h

Issue 1416583005: Add support of serving SCT on the server side in QUIC, gated by QUIC_VERSION_30. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@106687764
Patch Set: Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/crypto/crypto_handshake.cc ('k') | net/quic/crypto/crypto_server_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_
6 #define NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ 6 #define NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_
7 7
8 #include <string> 8 #include <string>
9 9
10 #include "net/base/net_export.h" 10 #include "net/base/net_export.h"
(...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after
181 // Likewise tags with random values should be towards the beginning of the 181 // Likewise tags with random values should be towards the beginning of the
182 // message because the server mightn't hold state for a rejected client hello 182 // message because the server mightn't hold state for a rejected client hello
183 // and therefore the client may have issues reassembling the rejection message 183 // and therefore the client may have issues reassembling the rejection message
184 // in the event that it sent two client hellos. 184 // in the event that it sent two client hellos.
185 const QuicTag kServerNonceTag = 185 const QuicTag kServerNonceTag =
186 TAG('S', 'N', 'O', 0); // The server's nonce 186 TAG('S', 'N', 'O', 0); // The server's nonce
187 const QuicTag kSourceAddressTokenTag = 187 const QuicTag kSourceAddressTokenTag =
188 TAG('S', 'T', 'K', 0); // Source-address token 188 TAG('S', 'T', 'K', 0); // Source-address token
189 const QuicTag kCertificateTag = 189 const QuicTag kCertificateTag =
190 TAG('C', 'R', 'T', 255); // Certificate chain 190 TAG('C', 'R', 'T', 255); // Certificate chain
191 const QuicTag kCertificateSCTTag =
192 TAG('C', 'S', 'C', 'T'); // Signed cert timestamp (RFC6962) of leaf cert.
191 193
192 #undef TAG 194 #undef TAG
193 195
194 const size_t kMaxEntries = 128; // Max number of entries in a message. 196 const size_t kMaxEntries = 128; // Max number of entries in a message.
195 197
196 const size_t kNonceSize = 32; // Size in bytes of the connection nonce. 198 const size_t kNonceSize = 32; // Size in bytes of the connection nonce.
197 199
198 const size_t kOrbitSize = 8; // Number of bytes in an orbit value. 200 const size_t kOrbitSize = 8; // Number of bytes in an orbit value.
199 201
200 // kProofSignatureLabel is prepended to server configs before signing to avoid 202 // kProofSignatureLabel is prepended to server configs before signing to avoid
201 // any cross-protocol attacks on the signature. 203 // any cross-protocol attacks on the signature.
202 const char kProofSignatureLabel[] = "QUIC server config signature"; 204 const char kProofSignatureLabel[] = "QUIC server config signature";
203 205
204 // kClientHelloMinimumSize is the minimum size of a client hello. Client hellos 206 // kClientHelloMinimumSize is the minimum size of a client hello. Client hellos
205 // will have PAD tags added in order to ensure this minimum is met and client 207 // will have PAD tags added in order to ensure this minimum is met and client
206 // hellos smaller than this will be an error. This minimum size reduces the 208 // hellos smaller than this will be an error. This minimum size reduces the
207 // amplification factor of any mirror DoS attack. 209 // amplification factor of any mirror DoS attack.
208 // 210 //
209 // A client may pad an inchoate client hello to a size larger than 211 // A client may pad an inchoate client hello to a size larger than
210 // kClientHelloMinimumSize to make it more likely to receive a complete 212 // kClientHelloMinimumSize to make it more likely to receive a complete
211 // rejection message. 213 // rejection message.
212 const size_t kClientHelloMinimumSize = 1024; 214 const size_t kClientHelloMinimumSize = 1024;
213 215
214 } // namespace net 216 } // namespace net
215 217
216 #endif // NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ 218 #endif // NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_
OLDNEW
« no previous file with comments | « net/quic/crypto/crypto_handshake.cc ('k') | net/quic/crypto/crypto_server_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698