QUIC: support diversified keys with version 33.

net/quic/quic_protocol.h

Index: net/quic/quic_protocol.h
diff --git a/net/quic/quic_protocol.h b/net/quic/quic_protocol.h
index e2e6ee0109906b9d75ddbe429a28f7a721870a5c..9f2936481a2563a68291422faf324b8ed7c20aa7 100644
--- a/net/quic/quic_protocol.h
+++ b/net/quic/quic_protocol.h
@@ -122,6 +122,8 @@ const size_t kFecGroupSize = 1;
 const bool kIncludeVersion = true;
 // Signifies that the QuicPacket will contain path id.
 const bool kIncludePathId = true;
+// Signifies that the QuicPacket will include a diversification nonce.
+const bool kIncludeDiversificationNonce = true;
 
 // Stream ID is reserved to denote an invalid ID.
 const QuicStreamId kInvalidStreamId = 0;
@@ -209,6 +211,11 @@ const QuicPathId kDefaultPathId = 0;
 // Invalid path ID.
 const QuicPathId kInvalidPathId = 0xff;
 
+// kDiversificationNonceSize is the size, in bytes, of the nonce that a server
+// may set in the packet header to ensure that its INITIAL keys are not
+// duplicated.
+const size_t kDiversificationNonceSize = 32;
+
 enum TransmissionType : int8_t {
   NOT_RETRANSMISSION,
   FIRST_TRANSMISSION_TYPE = NOT_RETRANSMISSION,
@@ -265,8 +272,6 @@ enum QuicFrameType {
 
 enum QuicConnectionIdLength {
   PACKET_0BYTE_CONNECTION_ID = 0,
-  PACKET_1BYTE_CONNECTION_ID = 1,
-  PACKET_4BYTE_CONNECTION_ID = 4,
   PACKET_8BYTE_CONNECTION_ID = 8
 };
 
@@ -300,15 +305,16 @@ enum QuicPacketPublicFlags {
   // Bit 1: Is this packet a public reset packet?
   PACKET_PUBLIC_FLAGS_RST = 1 << 1,
 
-  // Bits 2 and 3 specify the length of the ConnectionId as follows:
-  // ----00--: 0 bytes
-  // ----01--: 1 byte
-  // ----10--: 4 bytes
-  // ----11--: 8 bytes
+  // Bit 2: indicates the that public header includes a nonce.
+  PACKET_PUBLIC_FLAGS_NONCE = 1 << 2,
+
+  // Bit 3: indicates whether a ConnectionID is included.
   PACKET_PUBLIC_FLAGS_0BYTE_CONNECTION_ID = 0,
-  PACKET_PUBLIC_FLAGS_1BYTE_CONNECTION_ID = 1 << 2,
-  PACKET_PUBLIC_FLAGS_4BYTE_CONNECTION_ID = 1 << 3,
-  PACKET_PUBLIC_FLAGS_8BYTE_CONNECTION_ID = 1 << 3 | 1 << 2,
+  PACKET_PUBLIC_FLAGS_8BYTE_CONNECTION_ID = 1 << 3,
+
+  // QUIC_VERSION_32 and earlier use two bits for an 8 byte
+  // connection id.
+  PACKET_PUBLIC_FLAGS_8BYTE_CONNECTION_ID_OLD = 1 << 3 | 1 << 2,
 
   // Bits 4 and 5 describe the packet number length as follows:
   // --00----: 1 byte
@@ -323,6 +329,11 @@ enum QuicPacketPublicFlags {
   // Bit 6: Does the packet header contain a path id?
   PACKET_PUBLIC_FLAGS_MULTIPATH = 1 << 6,
 
+  // Reserved, unimplemented flags:
+
+  // Bit 7: indicates the presence of a second flags byte.
+  PACKET_PUBLIC_FLAGS_TWO_OR_MORE_BYTES = 1 << 7,
+
   // All bits set (bit 7 is not currently used): 01111111
   PACKET_PUBLIC_FLAGS_MAX = (1 << 7) - 1,
 };
@@ -366,6 +377,7 @@ enum QuicVersion {
   QUIC_VERSION_30 = 30,  // Add server side support of cert transparency.
   QUIC_VERSION_31 = 31,  // Adds a hash of the client hello to crypto proof.
   QUIC_VERSION_32 = 32,  // FEC related fields are removed from wire format.
+  QUIC_VERSION_33 = 33,  // Adds diversification nonces.
 };
 
 // This vector contains QUIC versions which we currently support.
@@ -376,8 +388,9 @@ enum QuicVersion {
 // IMPORTANT: if you are adding to this list, follow the instructions at
 // http://sites/quic/adding-and-removing-versions
 static const QuicVersion kSupportedQuicVersions[] = {
-    QUIC_VERSION_32, QUIC_VERSION_31, QUIC_VERSION_30, QUIC_VERSION_29,
-    QUIC_VERSION_28, QUIC_VERSION_27, QUIC_VERSION_26, QUIC_VERSION_25};
+    QUIC_VERSION_33, QUIC_VERSION_32, QUIC_VERSION_31,
+    QUIC_VERSION_30, QUIC_VERSION_29, QUIC_VERSION_28,
+    QUIC_VERSION_27, QUIC_VERSION_26, QUIC_VERSION_25};
 
 typedef std::vector<QuicVersion> QuicVersionVector;
 
@@ -425,6 +438,7 @@ NET_EXPORT_PRIVATE size_t
 GetPacketHeaderSize(QuicConnectionIdLength connection_id_length,
                     bool include_version,
                     bool include_path_id,
+                    bool include_diversification_nonce,
                     QuicPacketNumberLength packet_number_length);
 
 // Index of the first byte in a QUIC packet of encrypted data.
@@ -435,6 +449,7 @@ NET_EXPORT_PRIVATE size_t
 GetStartOfEncryptedData(QuicConnectionIdLength connection_id_length,
                         bool include_version,
                         bool include_path_id,
+                        bool include_diversification_nonce,
                         QuicPacketNumberLength packet_number_length);
 
 enum QuicRstStreamErrorCode {
@@ -681,6 +696,8 @@ enum QuicErrorCode {
 const int kDeprecatedQuicErrorCount = 4;
 const int kActiveQuicErrorCount = QUIC_LAST_ERROR - kDeprecatedQuicErrorCount;
 
+typedef char DiversificationNonce[32];
+
 struct NET_EXPORT_PRIVATE QuicPacketPublicHeader {
   QuicPacketPublicHeader();
   explicit QuicPacketPublicHeader(const QuicPacketPublicHeader& other);
@@ -695,6 +712,9 @@ struct NET_EXPORT_PRIVATE QuicPacketPublicHeader {
   bool version_flag;
   QuicPacketNumberLength packet_number_length;
   QuicVersionVector versions;
+  // nonce contains an optional, 32-byte nonce value. If not included in the
+  // packet, |nonce| will be empty.
+  DiversificationNonce* nonce;
 };
 
 // An integer which cannot be a packet number.
@@ -1220,6 +1240,7 @@ class NET_EXPORT_PRIVATE QuicPacket : public QuicData {
              QuicConnectionIdLength connection_id_length,
              bool includes_version,
              bool includes_path_id,
+             bool includes_diversification_nonce,
              QuicPacketNumberLength packet_number_length);
 
   base::StringPiece AssociatedData() const;
@@ -1232,6 +1253,7 @@ class NET_EXPORT_PRIVATE QuicPacket : public QuicData {
   const QuicConnectionIdLength connection_id_length_;
   const bool includes_version_;
   const bool includes_path_id_;
+  const bool includes_diversification_nonce_;
   const QuicPacketNumberLength packet_number_length_;
 
   DISALLOW_COPY_AND_ASSIGN(QuicPacket);