Chromium Code Reviews Chromium Code Reviews
Issue 154933003:
Persist server's crypto config data to disk cache for 0-RTT (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_QUIC_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ | 5 #ifndef NET_QUIC_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ |
| 6 #define NET_QUIC_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ | 6 #define NET_QUIC_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 60 void InvalidateServerConfig(); | 60 void InvalidateServerConfig(); |
| 61 | 61 |
| 62 // SetProof stores a certificate chain and signature. | 62 // SetProof stores a certificate chain and signature. |
| 63 void SetProof(const std::vector<std::string>& certs, | 63 void SetProof(const std::vector<std::string>& certs, |
| 64 base::StringPiece signature); | 64 base::StringPiece signature); |
| 65 | 65 |
| 66 // Clears the certificate chain and signature and invalidates the proof. | 66 // Clears the certificate chain and signature and invalidates the proof. |
| 67 void ClearProof(); | 67 void ClearProof(); |
| 68 | 68 |
| 69 // SetProofValid records that the certificate chain and signature have been | 69 // SetProofValid records that the certificate chain and signature have been |
| 70 // validated and that it's safe to assume that the server is legitimate. | 70 // validated and that it's safe to assume that the server is legitimate. It |
| 71 // calls SaveQuicServerInfo() to persist the server config information to | |
|
wtc
2014/02/13 23:48:43
Nit: it is not necessary to mention it calls SaveQ
ramant (doing other things)
2014/02/15 00:36:12
Done.
| |
| 72 // disk cache. | |
| 71 // (Note: this does not check the chain or signature.) | 73 // (Note: this does not check the chain or signature.) |
| 72 void SetProofValid(); | 74 void SetProofValid(); |
| 73 | 75 |
| 74 // If the server config or the proof has changed then it needs to be | 76 // If the server config or the proof has changed then it needs to be |
| 75 // revalidated. Helper function to keep server_config_valid_ and | 77 // revalidated. Helper function to keep server_config_valid_ and |
| 76 // generation_counter_ in sync. | 78 // generation_counter_ in sync. |
| 77 void SetProofInvalid(); | 79 void SetProofInvalid(); |
| 78 | 80 |
| 79 const std::string& server_config() const; | 81 const std::string& server_config() const; |
| 80 const std::string& source_address_token() const; | 82 const std::string& source_address_token() const; |
| 81 const std::vector<std::string>& certs() const; | 83 const std::vector<std::string>& certs() const; |
| 82 const std::string& signature() const; | 84 const std::string& signature() const; |
| 83 bool proof_valid() const; | 85 bool proof_valid() const; |
| 84 uint64 generation_counter() const; | 86 uint64 generation_counter() const; |
| 85 const ProofVerifyDetails* proof_verify_details() const; | 87 const ProofVerifyDetails* proof_verify_details() const; |
| 88 QuicServerInfo* quic_server_info() const; | |
| 86 | 89 |
| 87 void set_source_address_token(base::StringPiece token); | 90 void set_source_address_token(base::StringPiece token); |
| 88 | 91 |
| 89 // SetProofVerifyDetails takes ownership of |details|. | 92 // SetProofVerifyDetails takes ownership of |details|. |
| 90 void SetProofVerifyDetails(ProofVerifyDetails* details); | 93 void SetProofVerifyDetails(ProofVerifyDetails* details); |
| 91 | 94 |
| 92 // Copy the |server_config_|, |source_address_token_|, |certs_| and | 95 // Copy the |server_config_|, |source_address_token_|, |certs_| and |
| 93 // |server_config_sig_| from the |other|. The remaining fields, | 96 // |server_config_sig_| from the |other|. The remaining fields, |
| 94 // |generation_counter_|, |proof_verify_details_|, and |scfg_| remain | 97 // |generation_counter_|, |proof_verify_details_|, and |scfg_| remain |
| 95 // unchanged. | 98 // unchanged. |
| 96 void InitializeFrom(const CachedState& other); | 99 void InitializeFrom(const CachedState& other); |
| 97 | 100 |
| 101 // Fill out the |server_config_|, |source_address_token_|, |certs_| and | |
| 102 // |server_config_sig_| fields from |quic_server_info_|. |quic_server_info_| | |
| 103 // reads this information from the disk cache. | |
| 104 void LoadQuicServerInfo(); | |
| 105 | |
| 106 // Save the server config information so that we can perform 0-RTT handshake | |
| 107 // with a server. | |
| 108 void SaveQuicServerInfo(); | |
| 109 | |
| 98 private: | 110 private: |
| 111 // TODO(rtenneti): |server_config_id_| is not being used, delete it. | |
|
wtc
2014/02/13 23:48:43
You can delete this TODO comment now because I jus
ramant (doing other things)
2014/02/15 00:36:12
Done.
| |
| 99 std::string server_config_id_; // An opaque id from the server. | 112 std::string server_config_id_; // An opaque id from the server. |
| 100 std::string server_config_; // A serialized handshake message. | 113 std::string server_config_; // A serialized handshake message. |
| 101 std::string source_address_token_; // An opaque proof of IP ownership. | 114 std::string source_address_token_; // An opaque proof of IP ownership. |
| 102 std::vector<std::string> certs_; // A list of certificates in leaf-first | 115 std::vector<std::string> certs_; // A list of certificates in leaf-first |
| 103 // order. | 116 // order. |
| 104 std::string server_config_sig_; // A signature of |server_config_|. | 117 std::string server_config_sig_; // A signature of |server_config_|. |
| 105 bool server_config_valid_; // True if |server_config_| is correctly | 118 bool server_config_valid_; // True if |server_config_| is correctly |
| 106 // signed and |certs_| has been | 119 // signed and |certs_| has been |
| 107 // validated. | 120 // validated. |
| 121 bool need_to_persist_; // Persist to disk if True. | |
| 108 // Generation counter associated with the |server_config_|, |certs_| and | 122 // Generation counter associated with the |server_config_|, |certs_| and |
| 109 // |server_config_sig_| combination. It is incremented whenever we set | 123 // |server_config_sig_| combination. It is incremented whenever we set |
| 110 // server_config_valid_ to false. | 124 // server_config_valid_ to false. |
| 111 uint64 generation_counter_; | 125 uint64 generation_counter_; |
| 112 | 126 |
| 113 scoped_ptr<ProofVerifyDetails> proof_verify_details_; | 127 scoped_ptr<ProofVerifyDetails> proof_verify_details_; |
| 114 | 128 |
| 115 // scfg contains the cached, parsed value of |server_config|. | 129 // scfg contains the cached, parsed value of |server_config|. |
| 116 mutable scoped_ptr<CryptoHandshakeMessage> scfg_; | 130 mutable scoped_ptr<CryptoHandshakeMessage> scfg_; |
| 117 | 131 |
| (...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 230 | 244 |
| 231 scoped_ptr<ProofVerifier> proof_verifier_; | 245 scoped_ptr<ProofVerifier> proof_verifier_; |
| 232 scoped_ptr<ChannelIDSigner> channel_id_signer_; | 246 scoped_ptr<ChannelIDSigner> channel_id_signer_; |
| 233 | 247 |
| 234 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); | 248 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); |
| 235 }; | 249 }; |
| 236 | 250 |
| 237 } // namespace net | 251 } // namespace net |
| 238 | 252 |
| 239 #endif // NET_QUIC_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ | 253 #endif // NET_QUIC_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ |
| OLD | NEW |
