Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(472)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/crypto_protocol.h

Issue 2193073003: Move shared files in net/quic/ into net/quic/core/ (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: io_thread_unittest.cc Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/crypto/crypto_handshake_message_test.cc ('k') | net/quic/crypto/crypto_secret_boxer.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_
6 #define NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_
7
8 #include <stddef.h>
9 #include <stdint.h>
10
11 #include <string>
12
13 #include "net/base/net_export.h"
14 #include "net/quic/quic_protocol.h"
15
16 // Version and Crypto tags are written to the wire with a big-endian
17 // representation of the name of the tag. For example
18 // the client hello tag (CHLO) will be written as the
19 // following 4 bytes: 'C' 'H' 'L' 'O'. Since it is
20 // stored in memory as a little endian uint32_t, we need
21 // to reverse the order of the bytes.
22 //
23 // We use a macro to ensure that no static initialisers are created. Use the
24 // MakeQuicTag function in normal code.
25 #define TAG(a, b, c, d) \
26 static_cast<QuicTag>((d << 24) + (c << 16) + (b << 8) + a)
27
28 namespace net {
29
30 typedef std::string ServerConfigID;
31
32 // clang-format off
33 const QuicTag kCHLO = TAG('C', 'H', 'L', 'O'); // Client hello
34 const QuicTag kSHLO = TAG('S', 'H', 'L', 'O'); // Server hello
35 const QuicTag kSCFG = TAG('S', 'C', 'F', 'G'); // Server config
36 const QuicTag kREJ = TAG('R', 'E', 'J', '\0'); // Reject
37 const QuicTag kSREJ = TAG('S', 'R', 'E', 'J'); // Stateless reject
38 const QuicTag kCETV = TAG('C', 'E', 'T', 'V'); // Client encrypted tag-value
39 // pairs
40 const QuicTag kPRST = TAG('P', 'R', 'S', 'T'); // Public reset
41 const QuicTag kSCUP = TAG('S', 'C', 'U', 'P'); // Server config update.
42
43 // Key exchange methods
44 const QuicTag kP256 = TAG('P', '2', '5', '6'); // ECDH, Curve P-256
45 const QuicTag kC255 = TAG('C', '2', '5', '5'); // ECDH, Curve25519
46
47 // AEAD algorithms
48 const QuicTag kNULL = TAG('N', 'U', 'L', 'N'); // null algorithm
49 const QuicTag kAESG = TAG('A', 'E', 'S', 'G'); // AES128 + GCM-12
50 const QuicTag kCC20 = TAG('C', 'C', '2', '0'); // ChaCha20 + Poly1305 RFC7539
51
52 // Socket receive buffer
53 const QuicTag kSRBF = TAG('S', 'R', 'B', 'F'); // Socket receive buffer
54
55 // Congestion control feedback types
56 const QuicTag kQBIC = TAG('Q', 'B', 'I', 'C'); // TCP cubic
57
58 // Connection options (COPT) values
59 const QuicTag kAFCW = TAG('A', 'F', 'C', 'W'); // Auto-tune flow control
60 // receive windows.
61 const QuicTag kIFW5 = TAG('I', 'F', 'W', '5'); // Set initial size
62 // of stream flow control
63 // receive window to
64 // 32KB. (2^5 KB).
65 const QuicTag kIFW6 = TAG('I', 'F', 'W', '6'); // Set initial size
66 // of stream flow control
67 // receive window to
68 // 64KB. (2^6 KB).
69 const QuicTag kIFW7 = TAG('I', 'F', 'W', '7'); // Set initial size
70 // of stream flow control
71 // receive window to
72 // 128KB. (2^7 KB).
73 const QuicTag kTBBR = TAG('T', 'B', 'B', 'R'); // Reduced Buffer Bloat TCP
74 const QuicTag kRENO = TAG('R', 'E', 'N', 'O'); // Reno Congestion Control
75 const QuicTag kBYTE = TAG('B', 'Y', 'T', 'E'); // TCP cubic or reno in bytes
76 const QuicTag kRATE = TAG('R', 'A', 'T', 'E'); // TCP cubic rate based sending
77 const QuicTag kIW03 = TAG('I', 'W', '0', '3'); // Force ICWND to 3
78 const QuicTag kIW10 = TAG('I', 'W', '1', '0'); // Force ICWND to 10
79 const QuicTag kIW20 = TAG('I', 'W', '2', '0'); // Force ICWND to 20
80 const QuicTag kIW50 = TAG('I', 'W', '5', '0'); // Force ICWND to 50
81 const QuicTag k1CON = TAG('1', 'C', 'O', 'N'); // Emulate a single connection
82 const QuicTag kNTLP = TAG('N', 'T', 'L', 'P'); // No tail loss probe
83 const QuicTag kNCON = TAG('N', 'C', 'O', 'N'); // N Connection Congestion Ctrl
84 const QuicTag kNRTO = TAG('N', 'R', 'T', 'O'); // CWND reduction on loss
85 const QuicTag kUNDO = TAG('U', 'N', 'D', 'O'); // Undo any pending retransmits
86 // if they're likely spurious.
87 const QuicTag kTIME = TAG('T', 'I', 'M', 'E'); // Time based loss detection
88 const QuicTag kATIM = TAG('A', 'T', 'I', 'M'); // Adaptive time loss detection
89 const QuicTag kMIN1 = TAG('M', 'I', 'N', '1'); // Min CWND of 1 packet
90 const QuicTag kMIN4 = TAG('M', 'I', 'N', '4'); // Min CWND of 4 packets,
91 // with a min rate of 1 BDP.
92 const QuicTag kTLPR = TAG('T', 'L', 'P', 'R'); // Tail loss probe delay of
93 // 0.5RTT.
94 const QuicTag kACKD = TAG('A', 'C', 'K', 'D'); // Ack decimation style acking.
95 const QuicTag kAKD2 = TAG('A', 'K', 'D', '2'); // Ack decimation tolerating
96 // out of order packets.
97 const QuicTag kAKD3 = TAG('A', 'K', 'D', '3'); // Ack decimation style acking
98 // with 1/8 RTT acks.
99 const QuicTag kAKD4 = TAG('A', 'K', 'D', '4'); // Ack decimation with 1/8 RTT
100 // tolerating out of order.
101 const QuicTag kSSLR = TAG('S', 'S', 'L', 'R'); // Slow Start Large Reduction.
102 const QuicTag kNPRR = TAG('N', 'P', 'R', 'R'); // Pace at unity instead of PRR
103 const QuicTag k5RTO = TAG('5', 'R', 'T', 'O'); // Close connection on 5 RTOs
104 const QuicTag kCTIM = TAG('C', 'T', 'I', 'M'); // Client timestamp in seconds
105 // since UNIX epoch.
106 const QuicTag kDHDT = TAG('D', 'H', 'D', 'T'); // Disable HPACK dynamic table.
107 const QuicTag kIPFS = TAG('I', 'P', 'F', 'S'); // No Immediate Forward Secrecy
108
109 // Optional support of truncated Connection IDs. If sent by a peer, the value
110 // is the minimum number of bytes allowed for the connection ID sent to the
111 // peer.
112 const QuicTag kTCID = TAG('T', 'C', 'I', 'D'); // Connection ID truncation.
113
114 // Multipath option.
115 const QuicTag kMPTH = TAG('M', 'P', 'T', 'H'); // Enable multipath.
116
117 const QuicTag kNCMR = TAG('N', 'C', 'M', 'R'); // Do not attempt connection
118 // migration.
119
120 // Enable bandwidth resumption experiment.
121 const QuicTag kBWRE = TAG('B', 'W', 'R', 'E'); // Bandwidth resumption.
122 const QuicTag kBWMX = TAG('B', 'W', 'M', 'X'); // Max bandwidth resumption.
123 const QuicTag kBWRS = TAG('B', 'W', 'R', 'S'); // Server bandwidth resumption.
124
125 // Enable path MTU discovery experiment.
126 const QuicTag kMTUH = TAG('M', 'T', 'U', 'H'); // High-target MTU discovery.
127 const QuicTag kMTUL = TAG('M', 'T', 'U', 'L'); // Low-target MTU discovery.
128
129 const QuicTag kFHOL = TAG('F', 'H', 'O', 'L'); // Force head of line blocking.
130
131 // Proof types (i.e. certificate types)
132 // NOTE: although it would be silly to do so, specifying both kX509 and kX59R
133 // is allowed and is equivalent to specifying only kX509.
134 const QuicTag kX509 = TAG('X', '5', '0', '9'); // X.509 certificate, all key
135 // types
136 const QuicTag kX59R = TAG('X', '5', '9', 'R'); // X.509 certificate, RSA keys
137 // only
138 const QuicTag kCHID = TAG('C', 'H', 'I', 'D'); // Channel ID.
139
140 // Client hello tags
141 const QuicTag kVER = TAG('V', 'E', 'R', '\0'); // Version
142 const QuicTag kNONC = TAG('N', 'O', 'N', 'C'); // The client's nonce
143 const QuicTag kNONP = TAG('N', 'O', 'N', 'P'); // The client's proof nonce
144 const QuicTag kKEXS = TAG('K', 'E', 'X', 'S'); // Key exchange methods
145 const QuicTag kAEAD = TAG('A', 'E', 'A', 'D'); // Authenticated
146 // encryption algorithms
147 const QuicTag kCOPT = TAG('C', 'O', 'P', 'T'); // Connection options
148 const QuicTag kICSL = TAG('I', 'C', 'S', 'L'); // Idle connection state
149 // lifetime
150 const QuicTag kSCLS = TAG('S', 'C', 'L', 'S'); // Silently close on timeout
151 const QuicTag kMSPC = TAG('M', 'S', 'P', 'C'); // Max streams per connection.
152 const QuicTag kMIDS = TAG('M', 'I', 'D', 'S'); // Max incoming dynamic streams
153 const QuicTag kIRTT = TAG('I', 'R', 'T', 'T'); // Estimated initial RTT in us.
154 const QuicTag kSWND = TAG('S', 'W', 'N', 'D'); // Server's Initial congestion
155 // window.
156 const QuicTag kSNI = TAG('S', 'N', 'I', '\0'); // Server name
157 // indication
158 const QuicTag kPUBS = TAG('P', 'U', 'B', 'S'); // Public key values
159 const QuicTag kSCID = TAG('S', 'C', 'I', 'D'); // Server config id
160 const QuicTag kORBT = TAG('O', 'B', 'I', 'T'); // Server orbit.
161 const QuicTag kPDMD = TAG('P', 'D', 'M', 'D'); // Proof demand.
162 const QuicTag kPROF = TAG('P', 'R', 'O', 'F'); // Proof (signature).
163 const QuicTag kCCS = TAG('C', 'C', 'S', 0); // Common certificate set
164 const QuicTag kCCRT = TAG('C', 'C', 'R', 'T'); // Cached certificate
165 const QuicTag kEXPY = TAG('E', 'X', 'P', 'Y'); // Expiry
166 const QuicTag kSFCW = TAG('S', 'F', 'C', 'W'); // Initial stream flow control
167 // receive window.
168 const QuicTag kCFCW = TAG('C', 'F', 'C', 'W'); // Initial session/connection
169 // flow control receive window.
170 const QuicTag kUAID = TAG('U', 'A', 'I', 'D'); // Client's User Agent ID.
171 const QuicTag kXLCT = TAG('X', 'L', 'C', 'T'); // Expected leaf certificate.
172 const QuicTag kTBKP = TAG('T', 'B', 'K', 'P'); // Token Binding key params.
173
174 // Rejection tags
175 const QuicTag kRREJ = TAG('R', 'R', 'E', 'J'); // Reasons for server sending
176 // Stateless Reject tags
177 const QuicTag kRCID = TAG('R', 'C', 'I', 'D'); // Server-designated
178 // connection ID
179 // Server hello tags
180 const QuicTag kCADR = TAG('C', 'A', 'D', 'R'); // Client IP address and port
181 const QuicTag kASAD = TAG('A', 'S', 'A', 'D'); // Alternate Server IP address
182 // and port.
183
184 // CETV tags
185 const QuicTag kCIDK = TAG('C', 'I', 'D', 'K'); // ChannelID key
186 const QuicTag kCIDS = TAG('C', 'I', 'D', 'S'); // ChannelID signature
187
188 // Public reset tags
189 const QuicTag kRNON = TAG('R', 'N', 'O', 'N'); // Public reset nonce proof
190 const QuicTag kRSEQ = TAG('R', 'S', 'E', 'Q'); // Rejected packet number
191
192 // Universal tags
193 const QuicTag kPAD = TAG('P', 'A', 'D', '\0'); // Padding
194
195 // Server push tags
196 const QuicTag kSPSH = TAG('S', 'P', 'S', 'H'); // Support server push.
197
198 // Sent by clients with the fix to crbug/566156
199 const QuicTag kFIXD = TAG('F', 'I', 'X', 'D'); // Client hello
200 // clang-format on
201
202 // These tags have a special form so that they appear either at the beginning
203 // or the end of a handshake message. Since handshake messages are sorted by
204 // tag value, the tags with 0 at the end will sort first and those with 255 at
205 // the end will sort last.
206 //
207 // The certificate chain should have a tag that will cause it to be sorted at
208 // the end of any handshake messages because it's likely to be large and the
209 // client might be able to get everything that it needs from the small values at
210 // the beginning.
211 //
212 // Likewise tags with random values should be towards the beginning of the
213 // message because the server mightn't hold state for a rejected client hello
214 // and therefore the client may have issues reassembling the rejection message
215 // in the event that it sent two client hellos.
216 const QuicTag kServerNonceTag = TAG('S', 'N', 'O', 0); // The server's nonce
217 const QuicTag kSourceAddressTokenTag =
218 TAG('S', 'T', 'K', 0); // Source-address token
219 const QuicTag kCertificateTag = TAG('C', 'R', 'T', 255); // Certificate chain
220 const QuicTag kCertificateSCTTag =
221 TAG('C', 'S', 'C', 'T'); // Signed cert timestamp (RFC6962) of leaf cert.
222
223 #undef TAG
224
225 const size_t kMaxEntries = 128; // Max number of entries in a message.
226
227 const size_t kNonceSize = 32; // Size in bytes of the connection nonce.
228
229 const size_t kOrbitSize = 8; // Number of bytes in an orbit value.
230
231 // kProofSignatureLabel is prepended to server configs before signing to avoid
232 // any cross-protocol attacks on the signature.
233 // TODO(rch): Remove this when QUIC_VERSION_30 is removed.
234 const char kProofSignatureLabelOld[] = "QUIC server config signature";
235
236 // kProofSignatureLabel is prepended to the CHLO hash and server configs before
237 // signing to avoid any cross-protocol attacks on the signature.
238 const char kProofSignatureLabel[] = "QUIC CHLO and server config signature";
239
240 // kClientHelloMinimumSize is the minimum size of a client hello. Client hellos
241 // will have PAD tags added in order to ensure this minimum is met and client
242 // hellos smaller than this will be an error. This minimum size reduces the
243 // amplification factor of any mirror DoS attack.
244 //
245 // A client may pad an inchoate client hello to a size larger than
246 // kClientHelloMinimumSize to make it more likely to receive a complete
247 // rejection message.
248 const size_t kClientHelloMinimumSize = 1024;
249
250 } // namespace net
251
252 #endif // NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_
OLDNEW
« no previous file with comments | « net/quic/crypto/crypto_handshake_message_test.cc ('k') | net/quic/crypto/crypto_secret_boxer.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698