Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(290)

Unified Diff: net/quic/quic_crypto_server_stream.cc

Issue 1904213002: QUIC: support diversified keys with version 33. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@hkdf
Patch Set: Rebase Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/quic/quic_crypto_server_stream.h ('k') | net/quic/quic_crypto_server_stream_test.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/quic/quic_crypto_server_stream.cc
diff --git a/net/quic/quic_crypto_server_stream.cc b/net/quic/quic_crypto_server_stream.cc
index 967ada033d88aa29f238edffa94e317eb1df8859..ef3b13a4ac645c090e02b1e938c8d5bf3f4bf787 100644
--- a/net/quic/quic_crypto_server_stream.cc
+++ b/net/quic/quic_crypto_server_stream.cc
@@ -115,7 +115,7 @@ void QuicCryptoServerStream::OnHandshakeMessage(
}
validate_client_hello_cb_ = new ValidateCallback(this);
- return crypto_config_->ValidateClientHello(
+ crypto_config_->ValidateClientHello(
message, session()->connection()->peer_address().address(),
session()->connection()->self_address().address(), version(),
session()->connection()->clock(), &crypto_proof_,
@@ -134,9 +134,10 @@ void QuicCryptoServerStream::FinishProcessingHandshakeMessage(
}
CryptoHandshakeMessage reply;
+ DiversificationNonce diversification_nonce;
string error_details;
- QuicErrorCode error =
- ProcessClientHello(message, result, &reply, &error_details);
+ QuicErrorCode error = ProcessClientHello(
+ message, result, &reply, &diversification_nonce, &error_details);
if (error != QUIC_NO_ERROR) {
CloseConnectionWithDetails(error, error_details);
@@ -197,6 +198,9 @@ void QuicCryptoServerStream::FinishProcessingHandshakeMessage(
session()->connection()->SetDecrypter(
ENCRYPTION_INITIAL,
crypto_negotiated_params_.initial_crypters.decrypter.release());
+ if (version() > QUIC_VERSION_32) {
+ session()->connection()->SetDiversificationNonce(diversification_nonce);
+ }
// We want to be notified when the SHLO is ACKed so that we can disable
// HANDSHAKE_MODE in the sent packet manager.
@@ -318,6 +322,7 @@ QuicErrorCode QuicCryptoServerStream::ProcessClientHello(
const CryptoHandshakeMessage& message,
const ValidateClientHelloResultCallback::Result& result,
CryptoHandshakeMessage* reply,
+ DiversificationNonce* out_diversification_nonce,
string* error_details) {
if (!result.info.server_nonce.empty()) {
++num_handshake_messages_with_server_nonces_;
@@ -343,7 +348,7 @@ QuicErrorCode QuicCryptoServerStream::ProcessClientHello(
use_stateless_rejects_in_crypto_config, server_designated_connection_id,
connection->clock(), connection->random_generator(),
compressed_certs_cache_, &crypto_negotiated_params_, &crypto_proof_,
- reply, error_details);
+ reply, out_diversification_nonce, error_details);
}
void QuicCryptoServerStream::OverrideQuicConfigDefaults(QuicConfig* config) {}
« no previous file with comments | « net/quic/quic_crypto_server_stream.h ('k') | net/quic/quic_crypto_server_stream_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698