QUIC: support diversified keys with version 33.

net/quic/quic_crypto_server_stream.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/quic_crypto_server_stream.h"
 
 #include <memory>
 
 #include "base/base64.h"
 #include "crypto/secure_hash.h"
@@ skipping 97 matching lines @@
     // Already processing some other handshake message.  The protocol
     // does not allow for clients to send multiple handshake messages
     // before the server has a chance to respond.
     CloseConnectionWithDetails(
         QUIC_CRYPTO_MESSAGE_WHILE_VALIDATING_CLIENT_HELLO,
         "Unexpected handshake message while processing CHLO");
     return;
   }
 
   validate_client_hello_cb_ = new ValidateCallback(this);
-  return crypto_config_->ValidateClientHello(
+  crypto_config_->ValidateClientHello(
       message, session()->connection()->peer_address().address(),
       session()->connection()->self_address().address(), version(),
       session()->connection()->clock(), &crypto_proof_,
       validate_client_hello_cb_);
 }
 
 void QuicCryptoServerStream::FinishProcessingHandshakeMessage(
     const CryptoHandshakeMessage& message,
     const ValidateClientHelloResultCallback::Result& result) {
   // Clear the callback that got us here.
   DCHECK(validate_client_hello_cb_ != nullptr);
   validate_client_hello_cb_ = nullptr;
 
   if (use_stateless_rejects_if_peer_supported_) {
     peer_supports_stateless_rejects_ = DoesPeerSupportStatelessRejects(message);
   }
 
   CryptoHandshakeMessage reply;
+  DiversificationNonce diversification_nonce;
   string error_details;
-  QuicErrorCode error =
-      ProcessClientHello(message, result, &reply, &error_details);
+  QuicErrorCode error = ProcessClientHello(
+      message, result, &reply, &diversification_nonce, &error_details);
 
   if (error != QUIC_NO_ERROR) {
     CloseConnectionWithDetails(error, error_details);
     return;
   }
 
   if (reply.tag() != kSHLO) {
     if (reply.tag() == kSREJ) {
       DCHECK(use_stateless_rejects_if_peer_supported_);
       DCHECK(peer_supports_stateless_rejects_);
@@ skipping 40 matching lines @@
   // NOTE: the SHLO will be encrypted with the new server write key.
   session()->connection()->SetEncrypter(
       ENCRYPTION_INITIAL,
       crypto_negotiated_params_.initial_crypters.encrypter.release());
   session()->connection()->SetDefaultEncryptionLevel(ENCRYPTION_INITIAL);
   // Set the decrypter immediately so that we no longer accept unencrypted
   // packets.
   session()->connection()->SetDecrypter(
       ENCRYPTION_INITIAL,
       crypto_negotiated_params_.initial_crypters.decrypter.release());
+  if (version() > QUIC_VERSION_32) {
+    session()->connection()->SetDiversificationNonce(diversification_nonce);
+  }
 
   // We want to be notified when the SHLO is ACKed so that we can disable
   // HANDSHAKE_MODE in the sent packet manager.
   scoped_refptr<ServerHelloNotifier> server_hello_notifier(
       new ServerHelloNotifier(this));
   SendHandshakeMessage(reply, server_hello_notifier.get());
 
   session()->connection()->SetEncrypter(
       ENCRYPTION_FORWARD_SECURE,
       crypto_negotiated_params_.forward_secure_crypters.encrypter.release());
@@ skipping 101 matching lines @@
       output->resize(len);
     }
   }
   return true;
 }
 
 QuicErrorCode QuicCryptoServerStream::ProcessClientHello(
     const CryptoHandshakeMessage& message,
     const ValidateClientHelloResultCallback::Result& result,
     CryptoHandshakeMessage* reply,
+    DiversificationNonce* out_diversification_nonce,
     string* error_details) {
   if (!result.info.server_nonce.empty()) {
     ++num_handshake_messages_with_server_nonces_;
   }
   // Store the bandwidth estimate from the client.
   if (result.cached_network_params.bandwidth_estimate_bytes_per_second() > 0) {
     previous_cached_network_params_.reset(
         new CachedNetworkParameters(result.cached_network_params));
   }
   previous_source_address_tokens_ = result.info.source_address_tokens;
 
   const bool use_stateless_rejects_in_crypto_config =
       use_stateless_rejects_if_peer_supported_ &&
       peer_supports_stateless_rejects_;
   QuicConnection* connection = session()->connection();
   const QuicConnectionId server_designated_connection_id =
       use_stateless_rejects_in_crypto_config
           ? GenerateConnectionIdForReject(connection->connection_id())
           : 0;
   return crypto_config_->ProcessClientHello(
       result, connection->connection_id(), connection->self_address().address(),
       connection->peer_address(), version(), connection->supported_versions(),
       use_stateless_rejects_in_crypto_config, server_designated_connection_id,
       connection->clock(), connection->random_generator(),
       compressed_certs_cache_, &crypto_negotiated_params_, &crypto_proof_,
-      reply, error_details);
+      reply, out_diversification_nonce, error_details);
 }
 
 void QuicCryptoServerStream::OverrideQuicConfigDefaults(QuicConfig* config) {}
 
 QuicCryptoServerStream::ValidateCallback::ValidateCallback(
     QuicCryptoServerStream* parent)
     : parent_(parent) {}
 
 void QuicCryptoServerStream::ValidateCallback::Cancel() {
   parent_ = nullptr;
@@ skipping 26 matching lines @@
   }
   for (size_t i = 0; i < received_tags_length; ++i) {
     if (received_tags[i] == kSREJ) {
       return true;
     }
   }
   return false;
 }
 
 }  // namespace net