| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/quic_crypto_server_config.h" | 5 #include "net/quic/crypto/quic_crypto_server_config.h" |
| 6 | 6 |
| 7 #include <stdlib.h> | 7 #include <stdlib.h> |
| 8 | 8 |
| 9 #include <algorithm> | 9 #include <algorithm> |
| 10 #include <memory> | 10 #include <memory> |
| 11 | 11 |
| 12 #include "base/macros.h" | 12 #include "base/macros.h" |
| 13 #include "base/memory/ref_counted.h" | 13 #include "base/memory/ref_counted.h" |
| 14 #include "base/stl_util.h" | 14 #include "base/stl_util.h" |
| 15 #include "base/strings/string_number_conversions.h" | 15 #include "base/strings/string_number_conversions.h" |
| 16 #include "crypto/hkdf.h" | 16 #include "crypto/hkdf.h" |
| 17 #include "crypto/secure_hash.h" | 17 #include "crypto/secure_hash.h" |
| 18 #include "net/base/ip_address.h" | 18 #include "net/base/ip_address.h" |
| 19 #include "net/quic/crypto/aes_128_gcm_12_decrypter.h" | 19 #include "net/quic/crypto/aes_128_gcm_12_decrypter.h" |
| 20 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h" | 20 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h" |
| 21 #include "net/quic/crypto/cert_compressor.h" | 21 #include "net/quic/crypto/cert_compressor.h" |
| 22 #include "net/quic/crypto/chacha20_poly1305_rfc7539_encrypter.h" | 22 #include "net/quic/crypto/chacha20_poly1305_encrypter.h" |
| 23 #include "net/quic/crypto/channel_id.h" | 23 #include "net/quic/crypto/channel_id.h" |
| 24 #include "net/quic/crypto/crypto_framer.h" | 24 #include "net/quic/crypto/crypto_framer.h" |
| 25 #include "net/quic/crypto/crypto_handshake_message.h" | 25 #include "net/quic/crypto/crypto_handshake_message.h" |
| 26 #include "net/quic/crypto/crypto_server_config_protobuf.h" | 26 #include "net/quic/crypto/crypto_server_config_protobuf.h" |
| 27 #include "net/quic/crypto/crypto_utils.h" | 27 #include "net/quic/crypto/crypto_utils.h" |
| 28 #include "net/quic/crypto/curve25519_key_exchange.h" | 28 #include "net/quic/crypto/curve25519_key_exchange.h" |
| 29 #include "net/quic/crypto/ephemeral_key_source.h" | 29 #include "net/quic/crypto/ephemeral_key_source.h" |
| 30 #include "net/quic/crypto/key_exchange.h" | 30 #include "net/quic/crypto/key_exchange.h" |
| 31 #include "net/quic/crypto/local_strike_register_client.h" | 31 #include "net/quic/crypto/local_strike_register_client.h" |
| 32 #include "net/quic/crypto/p256_key_exchange.h" | 32 #include "net/quic/crypto/p256_key_exchange.h" |
| (...skipping 256 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 289 encoded_public_values.append(p256_public_value.data(), | 289 encoded_public_values.append(p256_public_value.data(), |
| 290 p256_public_value.size()); | 290 p256_public_value.size()); |
| 291 } | 291 } |
| 292 | 292 |
| 293 msg.set_tag(kSCFG); | 293 msg.set_tag(kSCFG); |
| 294 if (options.p256) { | 294 if (options.p256) { |
| 295 msg.SetTaglist(kKEXS, kC255, kP256, 0); | 295 msg.SetTaglist(kKEXS, kC255, kP256, 0); |
| 296 } else { | 296 } else { |
| 297 msg.SetTaglist(kKEXS, kC255, 0); | 297 msg.SetTaglist(kKEXS, kC255, 0); |
| 298 } | 298 } |
| 299 if (FLAGS_quic_crypto_server_config_default_has_chacha20 && | 299 if (FLAGS_quic_crypto_server_config_default_has_chacha20) { |
| 300 ChaCha20Poly1305Rfc7539Encrypter::IsSupported()) { | |
| 301 msg.SetTaglist(kAEAD, kAESG, kCC20, 0); | 300 msg.SetTaglist(kAEAD, kAESG, kCC20, 0); |
| 302 } else { | 301 } else { |
| 303 msg.SetTaglist(kAEAD, kAESG, 0); | 302 msg.SetTaglist(kAEAD, kAESG, 0); |
| 304 } | 303 } |
| 305 msg.SetStringPiece(kPUBS, encoded_public_values); | 304 msg.SetStringPiece(kPUBS, encoded_public_values); |
| 306 | 305 |
| 307 if (options.expiry_time.IsZero()) { | 306 if (options.expiry_time.IsZero()) { |
| 308 const QuicWallTime now = clock->WallNow(); | 307 const QuicWallTime now = clock->WallNow(); |
| 309 const QuicWallTime expiry = now.Add(QuicTime::Delta::FromSeconds( | 308 const QuicWallTime expiry = now.Add(QuicTime::Delta::FromSeconds( |
| 310 60 * 60 * 24 * 180 /* 180 days, ~six months */)); | 309 60 * 60 * 24 * 180 /* 180 days, ~six months */)); |
| (...skipping 992 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1303 } | 1302 } |
| 1304 } | 1303 } |
| 1305 | 1304 |
| 1306 const string QuicCryptoServerConfig::CompressChain( | 1305 const string QuicCryptoServerConfig::CompressChain( |
| 1307 QuicCompressedCertsCache* compressed_certs_cache, | 1306 QuicCompressedCertsCache* compressed_certs_cache, |
| 1308 const scoped_refptr<ProofSource::Chain>& chain, | 1307 const scoped_refptr<ProofSource::Chain>& chain, |
| 1309 const string& client_common_set_hashes, | 1308 const string& client_common_set_hashes, |
| 1310 const string& client_cached_cert_hashes, | 1309 const string& client_cached_cert_hashes, |
| 1311 const CommonCertSets* common_sets) const { | 1310 const CommonCertSets* common_sets) const { |
| 1312 // Check whether the compressed certs is available in the cache. | 1311 // Check whether the compressed certs is available in the cache. |
| 1313 if (FLAGS_quic_use_cached_compressed_certs) { | 1312 DCHECK(compressed_certs_cache); |
| 1314 DCHECK(compressed_certs_cache); | 1313 const string* cached_value = compressed_certs_cache->GetCompressedCert( |
| 1315 const string* cached_value = compressed_certs_cache->GetCompressedCert( | 1314 chain, client_common_set_hashes, client_cached_cert_hashes); |
| 1316 chain, client_common_set_hashes, client_cached_cert_hashes); | 1315 if (cached_value) { |
| 1317 if (cached_value) { | 1316 return *cached_value; |
| 1318 return *cached_value; | |
| 1319 } | |
| 1320 } | 1317 } |
| 1321 | 1318 |
| 1322 const string compressed = | 1319 const string compressed = |
| 1323 CertCompressor::CompressChain(chain->certs, client_common_set_hashes, | 1320 CertCompressor::CompressChain(chain->certs, client_common_set_hashes, |
| 1324 client_common_set_hashes, common_sets); | 1321 client_common_set_hashes, common_sets); |
| 1325 | 1322 |
| 1326 // Insert the newly compressed cert to cache. | 1323 // Insert the newly compressed cert to cache. |
| 1327 if (FLAGS_quic_use_cached_compressed_certs) { | 1324 compressed_certs_cache->Insert(chain, client_common_set_hashes, |
| 1328 compressed_certs_cache->Insert(chain, client_common_set_hashes, | 1325 client_cached_cert_hashes, compressed); |
| 1329 client_cached_cert_hashes, compressed); | |
| 1330 } | |
| 1331 return compressed; | 1326 return compressed; |
| 1332 } | 1327 } |
| 1333 | 1328 |
| 1334 scoped_refptr<QuicCryptoServerConfig::Config> | 1329 scoped_refptr<QuicCryptoServerConfig::Config> |
| 1335 QuicCryptoServerConfig::ParseConfigProtobuf( | 1330 QuicCryptoServerConfig::ParseConfigProtobuf( |
| 1336 QuicServerConfigProtobuf* protobuf) { | 1331 QuicServerConfigProtobuf* protobuf) { |
| 1337 std::unique_ptr<CryptoHandshakeMessage> msg( | 1332 std::unique_ptr<CryptoHandshakeMessage> msg( |
| 1338 CryptoFramer::ParseMessage(protobuf->config())); | 1333 CryptoFramer::ParseMessage(protobuf->config())); |
| 1339 | 1334 |
| 1340 if (msg->tag() != kSCFG) { | 1335 if (msg->tag() != kSCFG) { |
| (...skipping 491 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1832 priority(0), | 1827 priority(0), |
| 1833 source_address_token_boxer(nullptr) {} | 1828 source_address_token_boxer(nullptr) {} |
| 1834 | 1829 |
| 1835 QuicCryptoServerConfig::Config::~Config() { | 1830 QuicCryptoServerConfig::Config::~Config() { |
| 1836 STLDeleteElements(&key_exchanges); | 1831 STLDeleteElements(&key_exchanges); |
| 1837 } | 1832 } |
| 1838 | 1833 |
| 1839 QuicCryptoProof::QuicCryptoProof() {} | 1834 QuicCryptoProof::QuicCryptoProof() {} |
| 1840 QuicCryptoProof::~QuicCryptoProof() {} | 1835 QuicCryptoProof::~QuicCryptoProof() {} |
| 1841 } // namespace net | 1836 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1918953003:
Landing Recent QUIC changes until 4/22/2016 14:55 UTC (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master