OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ | 5 #ifndef NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ |
6 #define NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ | 6 #define NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ |
7 | 7 |
| 8 #include <stddef.h> |
| 9 #include <stdint.h> |
| 10 |
8 #include <map> | 11 #include <map> |
9 #include <string> | 12 #include <string> |
10 #include <vector> | 13 #include <vector> |
11 | 14 |
| 15 #include "base/macros.h" |
12 #include "base/memory/ref_counted.h" | 16 #include "base/memory/ref_counted.h" |
13 #include "base/memory/scoped_ptr.h" | 17 #include "base/memory/scoped_ptr.h" |
14 #include "base/strings/string_piece.h" | 18 #include "base/strings/string_piece.h" |
15 #include "base/synchronization/lock.h" | 19 #include "base/synchronization/lock.h" |
16 #include "net/base/ip_address_number.h" | 20 #include "net/base/ip_address_number.h" |
17 #include "net/base/ip_endpoint.h" | 21 #include "net/base/ip_endpoint.h" |
18 #include "net/base/net_export.h" | 22 #include "net/base/net_export.h" |
19 #include "net/quic/crypto/crypto_handshake.h" | 23 #include "net/quic/crypto/crypto_handshake.h" |
20 #include "net/quic/crypto/crypto_handshake_message.h" | 24 #include "net/quic/crypto/crypto_handshake_message.h" |
21 #include "net/quic/crypto/crypto_protocol.h" | 25 #include "net/quic/crypto/crypto_protocol.h" |
(...skipping 28 matching lines...) Expand all Loading... |
50 | 54 |
51 // Outputs from EvaluateClientHello. | 55 // Outputs from EvaluateClientHello. |
52 bool valid_source_address_token; | 56 bool valid_source_address_token; |
53 base::StringPiece sni; | 57 base::StringPiece sni; |
54 base::StringPiece client_nonce; | 58 base::StringPiece client_nonce; |
55 base::StringPiece server_nonce; | 59 base::StringPiece server_nonce; |
56 base::StringPiece user_agent_id; | 60 base::StringPiece user_agent_id; |
57 SourceAddressTokens source_address_tokens; | 61 SourceAddressTokens source_address_tokens; |
58 | 62 |
59 // Errors from EvaluateClientHello. | 63 // Errors from EvaluateClientHello. |
60 std::vector<uint32> reject_reasons; | 64 std::vector<uint32_t> reject_reasons; |
61 static_assert(sizeof(QuicTag) == sizeof(uint32), "header out of sync"); | 65 static_assert(sizeof(QuicTag) == sizeof(uint32_t), "header out of sync"); |
62 }; | 66 }; |
63 | 67 |
64 namespace test { | 68 namespace test { |
65 class QuicCryptoServerConfigPeer; | 69 class QuicCryptoServerConfigPeer; |
66 } // namespace test | 70 } // namespace test |
67 | 71 |
68 // Hook that allows application code to subscribe to primary config changes. | 72 // Hook that allows application code to subscribe to primary config changes. |
69 class PrimaryConfigChangedCallback { | 73 class PrimaryConfigChangedCallback { |
70 public: | 74 public: |
71 PrimaryConfigChangedCallback(); | 75 PrimaryConfigChangedCallback(); |
(...skipping 233 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
305 // valid source-address token. | 309 // valid source-address token. |
306 void set_chlo_multiplier(size_t multiplier); | 310 void set_chlo_multiplier(size_t multiplier); |
307 | 311 |
308 // set_strike_register_no_startup_period configures the strike register to | 312 // set_strike_register_no_startup_period configures the strike register to |
309 // not have a startup period. | 313 // not have a startup period. |
310 void set_strike_register_no_startup_period(); | 314 void set_strike_register_no_startup_period(); |
311 | 315 |
312 // set_strike_register_max_entries sets the maximum number of entries that | 316 // set_strike_register_max_entries sets the maximum number of entries that |
313 // the internal strike register will hold. If the strike register fills up | 317 // the internal strike register will hold. If the strike register fills up |
314 // then the oldest entries (by the client's clock) will be dropped. | 318 // then the oldest entries (by the client's clock) will be dropped. |
315 void set_strike_register_max_entries(uint32 max_entries); | 319 void set_strike_register_max_entries(uint32_t max_entries); |
316 | 320 |
317 // set_strike_register_window_secs sets the number of seconds around the | 321 // set_strike_register_window_secs sets the number of seconds around the |
318 // current time that the strike register will attempt to be authoritative | 322 // current time that the strike register will attempt to be authoritative |
319 // for. Setting a larger value allows for greater client clock-skew, but | 323 // for. Setting a larger value allows for greater client clock-skew, but |
320 // means that the quiescent startup period must be longer. | 324 // means that the quiescent startup period must be longer. |
321 void set_strike_register_window_secs(uint32 window_secs); | 325 void set_strike_register_window_secs(uint32_t window_secs); |
322 | 326 |
323 // set_source_address_token_future_secs sets the number of seconds into the | 327 // set_source_address_token_future_secs sets the number of seconds into the |
324 // future that source-address tokens will be accepted from. Since | 328 // future that source-address tokens will be accepted from. Since |
325 // source-address tokens are authenticated, this should only happen if | 329 // source-address tokens are authenticated, this should only happen if |
326 // another, valid server has clock-skew. | 330 // another, valid server has clock-skew. |
327 void set_source_address_token_future_secs(uint32 future_secs); | 331 void set_source_address_token_future_secs(uint32_t future_secs); |
328 | 332 |
329 // set_source_address_token_lifetime_secs sets the number of seconds that a | 333 // set_source_address_token_lifetime_secs sets the number of seconds that a |
330 // source-address token will be valid for. | 334 // source-address token will be valid for. |
331 void set_source_address_token_lifetime_secs(uint32 lifetime_secs); | 335 void set_source_address_token_lifetime_secs(uint32_t lifetime_secs); |
332 | 336 |
333 // set_server_nonce_strike_register_max_entries sets the number of entries in | 337 // set_server_nonce_strike_register_max_entries sets the number of entries in |
334 // the server-nonce strike-register. This is used to record that server nonce | 338 // the server-nonce strike-register. This is used to record that server nonce |
335 // values have been used. If the number of entries is too small then clients | 339 // values have been used. If the number of entries is too small then clients |
336 // which are depending on server nonces may fail to handshake because their | 340 // which are depending on server nonces may fail to handshake because their |
337 // nonce has expired in the amount of time it took to go from the server to | 341 // nonce has expired in the amount of time it took to go from the server to |
338 // the client and back. | 342 // the client and back. |
339 void set_server_nonce_strike_register_max_entries(uint32 max_entries); | 343 void set_server_nonce_strike_register_max_entries(uint32_t max_entries); |
340 | 344 |
341 // set_server_nonce_strike_register_window_secs sets the number of seconds | 345 // set_server_nonce_strike_register_window_secs sets the number of seconds |
342 // around the current time that the server-nonce strike-register will accept | 346 // around the current time that the server-nonce strike-register will accept |
343 // nonces from. Setting a larger value allows for clients to delay follow-up | 347 // nonces from. Setting a larger value allows for clients to delay follow-up |
344 // client hellos for longer and still use server nonces as proofs of | 348 // client hellos for longer and still use server nonces as proofs of |
345 // uniqueness. | 349 // uniqueness. |
346 void set_server_nonce_strike_register_window_secs(uint32 window_secs); | 350 void set_server_nonce_strike_register_window_secs(uint32_t window_secs); |
347 | 351 |
348 // set_enable_serving_sct enables or disables serving signed cert timestamp | 352 // set_enable_serving_sct enables or disables serving signed cert timestamp |
349 // (RFC6962) in server hello. | 353 // (RFC6962) in server hello. |
350 void set_enable_serving_sct(bool enable_serving_sct); | 354 void set_enable_serving_sct(bool enable_serving_sct); |
351 | 355 |
352 // Set and take ownership of the callback to invoke on primary config changes. | 356 // Set and take ownership of the callback to invoke on primary config changes. |
353 void AcquirePrimaryConfigChangedCb(PrimaryConfigChangedCallback* cb); | 357 void AcquirePrimaryConfigChangedCb(PrimaryConfigChangedCallback* cb); |
354 | 358 |
355 // Returns the number of configs this object owns. | 359 // Returns the number of configs this object owns. |
356 int NumberOfConfigs() const; | 360 int NumberOfConfigs() const; |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
393 bool is_primary; | 397 bool is_primary; |
394 | 398 |
395 // primary_time contains the timestamp when this config should become the | 399 // primary_time contains the timestamp when this config should become the |
396 // primary config. A value of QuicWallTime::Zero() means that this config | 400 // primary config. A value of QuicWallTime::Zero() means that this config |
397 // will not be promoted at a specific time. | 401 // will not be promoted at a specific time. |
398 QuicWallTime primary_time; | 402 QuicWallTime primary_time; |
399 | 403 |
400 // Secondary sort key for use when selecting primary configs and | 404 // Secondary sort key for use when selecting primary configs and |
401 // there are multiple configs with the same primary time. | 405 // there are multiple configs with the same primary time. |
402 // Smaller numbers mean higher priority. | 406 // Smaller numbers mean higher priority. |
403 uint64 priority; | 407 uint64_t priority; |
404 | 408 |
405 // source_address_token_boxer_ is used to protect the | 409 // source_address_token_boxer_ is used to protect the |
406 // source-address tokens that are given to clients. | 410 // source-address tokens that are given to clients. |
407 // Points to either source_address_token_boxer_storage or the | 411 // Points to either source_address_token_boxer_storage or the |
408 // default boxer provided by QuicCryptoServerConfig. | 412 // default boxer provided by QuicCryptoServerConfig. |
409 const CryptoSecretBoxer* source_address_token_boxer; | 413 const CryptoSecretBoxer* source_address_token_boxer; |
410 | 414 |
411 // Holds the override source_address_token_boxer instance if the | 415 // Holds the override source_address_token_boxer instance if the |
412 // Config is not using the default source address token boxer | 416 // Config is not using the default source address token boxer |
413 // instance provided by QuicCryptoServerConfig. | 417 // instance provided by QuicCryptoServerConfig. |
(...skipping 21 matching lines...) Expand all Loading... |
435 // SelectNewPrimaryConfig reevaluates the primary config based on the | 439 // SelectNewPrimaryConfig reevaluates the primary config based on the |
436 // "primary_time" deadlines contained in each. | 440 // "primary_time" deadlines contained in each. |
437 void SelectNewPrimaryConfig(QuicWallTime now) const; | 441 void SelectNewPrimaryConfig(QuicWallTime now) const; |
438 | 442 |
439 // EvaluateClientHello checks |client_hello| for gross errors and determines | 443 // EvaluateClientHello checks |client_hello| for gross errors and determines |
440 // whether it can be shown to be fresh (i.e. not a replay). The results are | 444 // whether it can be shown to be fresh (i.e. not a replay). The results are |
441 // written to |info|. | 445 // written to |info|. |
442 void EvaluateClientHello( | 446 void EvaluateClientHello( |
443 const IPAddressNumber& server_ip, | 447 const IPAddressNumber& server_ip, |
444 QuicVersion version, | 448 QuicVersion version, |
445 const uint8* primary_orbit, | 449 const uint8_t* primary_orbit, |
446 scoped_refptr<Config> requested_config, | 450 scoped_refptr<Config> requested_config, |
447 scoped_refptr<Config> primary_config, | 451 scoped_refptr<Config> primary_config, |
448 QuicCryptoProof* crypto_proof, | 452 QuicCryptoProof* crypto_proof, |
449 ValidateClientHelloResultCallback::Result* client_hello_state, | 453 ValidateClientHelloResultCallback::Result* client_hello_state, |
450 ValidateClientHelloResultCallback* done_cb) const; | 454 ValidateClientHelloResultCallback* done_cb) const; |
451 | 455 |
452 // BuildRejection sets |out| to be a REJ message in reply to |client_hello|. | 456 // BuildRejection sets |out| to be a REJ message in reply to |client_hello|. |
453 void BuildRejection(QuicVersion version, | 457 void BuildRejection(QuicVersion version, |
454 const Config& config, | 458 const Config& config, |
455 const CryptoHandshakeMessage& client_hello, | 459 const CryptoHandshakeMessage& client_hello, |
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
578 // configs may use boxers with alternate secrets. | 582 // configs may use boxers with alternate secrets. |
579 CryptoSecretBoxer default_source_address_token_boxer_; | 583 CryptoSecretBoxer default_source_address_token_boxer_; |
580 | 584 |
581 // server_nonce_boxer_ is used to encrypt and validate suggested server | 585 // server_nonce_boxer_ is used to encrypt and validate suggested server |
582 // nonces. | 586 // nonces. |
583 CryptoSecretBoxer server_nonce_boxer_; | 587 CryptoSecretBoxer server_nonce_boxer_; |
584 | 588 |
585 // server_nonce_orbit_ contains the random, per-server orbit values that this | 589 // server_nonce_orbit_ contains the random, per-server orbit values that this |
586 // server will use to generate server nonces (the moral equivalent of a SYN | 590 // server will use to generate server nonces (the moral equivalent of a SYN |
587 // cookies). | 591 // cookies). |
588 uint8 server_nonce_orbit_[8]; | 592 uint8_t server_nonce_orbit_[8]; |
589 | 593 |
590 mutable base::Lock server_nonce_strike_register_lock_; | 594 mutable base::Lock server_nonce_strike_register_lock_; |
591 // server_nonce_strike_register_ contains a data structure that keeps track of | 595 // server_nonce_strike_register_ contains a data structure that keeps track of |
592 // previously observed server nonces from this server, in order to prevent | 596 // previously observed server nonces from this server, in order to prevent |
593 // replay attacks. | 597 // replay attacks. |
594 mutable scoped_ptr<StrikeRegister> server_nonce_strike_register_; | 598 mutable scoped_ptr<StrikeRegister> server_nonce_strike_register_; |
595 | 599 |
596 // proof_source_ contains an object that can provide certificate chains and | 600 // proof_source_ contains an object that can provide certificate chains and |
597 // signatures. | 601 // signatures. |
598 scoped_ptr<ProofSource> proof_source_; | 602 scoped_ptr<ProofSource> proof_source_; |
599 | 603 |
600 // ephemeral_key_source_ contains an object that caches ephemeral keys for a | 604 // ephemeral_key_source_ contains an object that caches ephemeral keys for a |
601 // short period of time. | 605 // short period of time. |
602 scoped_ptr<EphemeralKeySource> ephemeral_key_source_; | 606 scoped_ptr<EphemeralKeySource> ephemeral_key_source_; |
603 | 607 |
604 // These fields store configuration values. See the comments for their | 608 // These fields store configuration values. See the comments for their |
605 // respective setter functions. | 609 // respective setter functions. |
606 bool strike_register_no_startup_period_; | 610 bool strike_register_no_startup_period_; |
607 uint32 strike_register_max_entries_; | 611 uint32_t strike_register_max_entries_; |
608 uint32 strike_register_window_secs_; | 612 uint32_t strike_register_window_secs_; |
609 uint32 source_address_token_future_secs_; | 613 uint32_t source_address_token_future_secs_; |
610 uint32 source_address_token_lifetime_secs_; | 614 uint32_t source_address_token_lifetime_secs_; |
611 uint32 server_nonce_strike_register_max_entries_; | 615 uint32_t server_nonce_strike_register_max_entries_; |
612 uint32 server_nonce_strike_register_window_secs_; | 616 uint32_t server_nonce_strike_register_window_secs_; |
613 | 617 |
614 // Enable serving SCT or not. | 618 // Enable serving SCT or not. |
615 bool enable_serving_sct_; | 619 bool enable_serving_sct_; |
616 | 620 |
617 DISALLOW_COPY_AND_ASSIGN(QuicCryptoServerConfig); | 621 DISALLOW_COPY_AND_ASSIGN(QuicCryptoServerConfig); |
618 }; | 622 }; |
619 | 623 |
620 } // namespace net | 624 } // namespace net |
621 | 625 |
622 #endif // NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ | 626 #endif // NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ |
OLD | NEW |