Index: net/quic/crypto/crypto_protocol.h |
diff --git a/net/quic/crypto/crypto_protocol.h b/net/quic/crypto/crypto_protocol.h |
deleted file mode 100644 |
index 0b8ddccb8d2203b810c1cf293602118e5a7dc3aa..0000000000000000000000000000000000000000 |
--- a/net/quic/crypto/crypto_protocol.h |
+++ /dev/null |
@@ -1,252 +0,0 @@ |
-// Copyright (c) 2012 The Chromium Authors. All rights reserved. |
-// Use of this source code is governed by a BSD-style license that can be |
-// found in the LICENSE file. |
- |
-#ifndef NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ |
-#define NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ |
- |
-#include <stddef.h> |
-#include <stdint.h> |
- |
-#include <string> |
- |
-#include "net/base/net_export.h" |
-#include "net/quic/quic_protocol.h" |
- |
-// Version and Crypto tags are written to the wire with a big-endian |
-// representation of the name of the tag. For example |
-// the client hello tag (CHLO) will be written as the |
-// following 4 bytes: 'C' 'H' 'L' 'O'. Since it is |
-// stored in memory as a little endian uint32_t, we need |
-// to reverse the order of the bytes. |
-// |
-// We use a macro to ensure that no static initialisers are created. Use the |
-// MakeQuicTag function in normal code. |
-#define TAG(a, b, c, d) \ |
- static_cast<QuicTag>((d << 24) + (c << 16) + (b << 8) + a) |
- |
-namespace net { |
- |
-typedef std::string ServerConfigID; |
- |
-// clang-format off |
-const QuicTag kCHLO = TAG('C', 'H', 'L', 'O'); // Client hello |
-const QuicTag kSHLO = TAG('S', 'H', 'L', 'O'); // Server hello |
-const QuicTag kSCFG = TAG('S', 'C', 'F', 'G'); // Server config |
-const QuicTag kREJ = TAG('R', 'E', 'J', '\0'); // Reject |
-const QuicTag kSREJ = TAG('S', 'R', 'E', 'J'); // Stateless reject |
-const QuicTag kCETV = TAG('C', 'E', 'T', 'V'); // Client encrypted tag-value |
- // pairs |
-const QuicTag kPRST = TAG('P', 'R', 'S', 'T'); // Public reset |
-const QuicTag kSCUP = TAG('S', 'C', 'U', 'P'); // Server config update. |
- |
-// Key exchange methods |
-const QuicTag kP256 = TAG('P', '2', '5', '6'); // ECDH, Curve P-256 |
-const QuicTag kC255 = TAG('C', '2', '5', '5'); // ECDH, Curve25519 |
- |
-// AEAD algorithms |
-const QuicTag kNULL = TAG('N', 'U', 'L', 'N'); // null algorithm |
-const QuicTag kAESG = TAG('A', 'E', 'S', 'G'); // AES128 + GCM-12 |
-const QuicTag kCC20 = TAG('C', 'C', '2', '0'); // ChaCha20 + Poly1305 RFC7539 |
- |
-// Socket receive buffer |
-const QuicTag kSRBF = TAG('S', 'R', 'B', 'F'); // Socket receive buffer |
- |
-// Congestion control feedback types |
-const QuicTag kQBIC = TAG('Q', 'B', 'I', 'C'); // TCP cubic |
- |
-// Connection options (COPT) values |
-const QuicTag kAFCW = TAG('A', 'F', 'C', 'W'); // Auto-tune flow control |
- // receive windows. |
-const QuicTag kIFW5 = TAG('I', 'F', 'W', '5'); // Set initial size |
- // of stream flow control |
- // receive window to |
- // 32KB. (2^5 KB). |
-const QuicTag kIFW6 = TAG('I', 'F', 'W', '6'); // Set initial size |
- // of stream flow control |
- // receive window to |
- // 64KB. (2^6 KB). |
-const QuicTag kIFW7 = TAG('I', 'F', 'W', '7'); // Set initial size |
- // of stream flow control |
- // receive window to |
- // 128KB. (2^7 KB). |
-const QuicTag kTBBR = TAG('T', 'B', 'B', 'R'); // Reduced Buffer Bloat TCP |
-const QuicTag kRENO = TAG('R', 'E', 'N', 'O'); // Reno Congestion Control |
-const QuicTag kBYTE = TAG('B', 'Y', 'T', 'E'); // TCP cubic or reno in bytes |
-const QuicTag kRATE = TAG('R', 'A', 'T', 'E'); // TCP cubic rate based sending |
-const QuicTag kIW03 = TAG('I', 'W', '0', '3'); // Force ICWND to 3 |
-const QuicTag kIW10 = TAG('I', 'W', '1', '0'); // Force ICWND to 10 |
-const QuicTag kIW20 = TAG('I', 'W', '2', '0'); // Force ICWND to 20 |
-const QuicTag kIW50 = TAG('I', 'W', '5', '0'); // Force ICWND to 50 |
-const QuicTag k1CON = TAG('1', 'C', 'O', 'N'); // Emulate a single connection |
-const QuicTag kNTLP = TAG('N', 'T', 'L', 'P'); // No tail loss probe |
-const QuicTag kNCON = TAG('N', 'C', 'O', 'N'); // N Connection Congestion Ctrl |
-const QuicTag kNRTO = TAG('N', 'R', 'T', 'O'); // CWND reduction on loss |
-const QuicTag kUNDO = TAG('U', 'N', 'D', 'O'); // Undo any pending retransmits |
- // if they're likely spurious. |
-const QuicTag kTIME = TAG('T', 'I', 'M', 'E'); // Time based loss detection |
-const QuicTag kATIM = TAG('A', 'T', 'I', 'M'); // Adaptive time loss detection |
-const QuicTag kMIN1 = TAG('M', 'I', 'N', '1'); // Min CWND of 1 packet |
-const QuicTag kMIN4 = TAG('M', 'I', 'N', '4'); // Min CWND of 4 packets, |
- // with a min rate of 1 BDP. |
-const QuicTag kTLPR = TAG('T', 'L', 'P', 'R'); // Tail loss probe delay of |
- // 0.5RTT. |
-const QuicTag kACKD = TAG('A', 'C', 'K', 'D'); // Ack decimation style acking. |
-const QuicTag kAKD2 = TAG('A', 'K', 'D', '2'); // Ack decimation tolerating |
- // out of order packets. |
-const QuicTag kAKD3 = TAG('A', 'K', 'D', '3'); // Ack decimation style acking |
- // with 1/8 RTT acks. |
-const QuicTag kAKD4 = TAG('A', 'K', 'D', '4'); // Ack decimation with 1/8 RTT |
- // tolerating out of order. |
-const QuicTag kSSLR = TAG('S', 'S', 'L', 'R'); // Slow Start Large Reduction. |
-const QuicTag kNPRR = TAG('N', 'P', 'R', 'R'); // Pace at unity instead of PRR |
-const QuicTag k5RTO = TAG('5', 'R', 'T', 'O'); // Close connection on 5 RTOs |
-const QuicTag kCTIM = TAG('C', 'T', 'I', 'M'); // Client timestamp in seconds |
- // since UNIX epoch. |
-const QuicTag kDHDT = TAG('D', 'H', 'D', 'T'); // Disable HPACK dynamic table. |
-const QuicTag kIPFS = TAG('I', 'P', 'F', 'S'); // No Immediate Forward Secrecy |
- |
-// Optional support of truncated Connection IDs. If sent by a peer, the value |
-// is the minimum number of bytes allowed for the connection ID sent to the |
-// peer. |
-const QuicTag kTCID = TAG('T', 'C', 'I', 'D'); // Connection ID truncation. |
- |
-// Multipath option. |
-const QuicTag kMPTH = TAG('M', 'P', 'T', 'H'); // Enable multipath. |
- |
-const QuicTag kNCMR = TAG('N', 'C', 'M', 'R'); // Do not attempt connection |
- // migration. |
- |
-// Enable bandwidth resumption experiment. |
-const QuicTag kBWRE = TAG('B', 'W', 'R', 'E'); // Bandwidth resumption. |
-const QuicTag kBWMX = TAG('B', 'W', 'M', 'X'); // Max bandwidth resumption. |
-const QuicTag kBWRS = TAG('B', 'W', 'R', 'S'); // Server bandwidth resumption. |
- |
-// Enable path MTU discovery experiment. |
-const QuicTag kMTUH = TAG('M', 'T', 'U', 'H'); // High-target MTU discovery. |
-const QuicTag kMTUL = TAG('M', 'T', 'U', 'L'); // Low-target MTU discovery. |
- |
-const QuicTag kFHOL = TAG('F', 'H', 'O', 'L'); // Force head of line blocking. |
- |
-// Proof types (i.e. certificate types) |
-// NOTE: although it would be silly to do so, specifying both kX509 and kX59R |
-// is allowed and is equivalent to specifying only kX509. |
-const QuicTag kX509 = TAG('X', '5', '0', '9'); // X.509 certificate, all key |
- // types |
-const QuicTag kX59R = TAG('X', '5', '9', 'R'); // X.509 certificate, RSA keys |
- // only |
-const QuicTag kCHID = TAG('C', 'H', 'I', 'D'); // Channel ID. |
- |
-// Client hello tags |
-const QuicTag kVER = TAG('V', 'E', 'R', '\0'); // Version |
-const QuicTag kNONC = TAG('N', 'O', 'N', 'C'); // The client's nonce |
-const QuicTag kNONP = TAG('N', 'O', 'N', 'P'); // The client's proof nonce |
-const QuicTag kKEXS = TAG('K', 'E', 'X', 'S'); // Key exchange methods |
-const QuicTag kAEAD = TAG('A', 'E', 'A', 'D'); // Authenticated |
- // encryption algorithms |
-const QuicTag kCOPT = TAG('C', 'O', 'P', 'T'); // Connection options |
-const QuicTag kICSL = TAG('I', 'C', 'S', 'L'); // Idle connection state |
- // lifetime |
-const QuicTag kSCLS = TAG('S', 'C', 'L', 'S'); // Silently close on timeout |
-const QuicTag kMSPC = TAG('M', 'S', 'P', 'C'); // Max streams per connection. |
-const QuicTag kMIDS = TAG('M', 'I', 'D', 'S'); // Max incoming dynamic streams |
-const QuicTag kIRTT = TAG('I', 'R', 'T', 'T'); // Estimated initial RTT in us. |
-const QuicTag kSWND = TAG('S', 'W', 'N', 'D'); // Server's Initial congestion |
- // window. |
-const QuicTag kSNI = TAG('S', 'N', 'I', '\0'); // Server name |
- // indication |
-const QuicTag kPUBS = TAG('P', 'U', 'B', 'S'); // Public key values |
-const QuicTag kSCID = TAG('S', 'C', 'I', 'D'); // Server config id |
-const QuicTag kORBT = TAG('O', 'B', 'I', 'T'); // Server orbit. |
-const QuicTag kPDMD = TAG('P', 'D', 'M', 'D'); // Proof demand. |
-const QuicTag kPROF = TAG('P', 'R', 'O', 'F'); // Proof (signature). |
-const QuicTag kCCS = TAG('C', 'C', 'S', 0); // Common certificate set |
-const QuicTag kCCRT = TAG('C', 'C', 'R', 'T'); // Cached certificate |
-const QuicTag kEXPY = TAG('E', 'X', 'P', 'Y'); // Expiry |
-const QuicTag kSFCW = TAG('S', 'F', 'C', 'W'); // Initial stream flow control |
- // receive window. |
-const QuicTag kCFCW = TAG('C', 'F', 'C', 'W'); // Initial session/connection |
- // flow control receive window. |
-const QuicTag kUAID = TAG('U', 'A', 'I', 'D'); // Client's User Agent ID. |
-const QuicTag kXLCT = TAG('X', 'L', 'C', 'T'); // Expected leaf certificate. |
-const QuicTag kTBKP = TAG('T', 'B', 'K', 'P'); // Token Binding key params. |
- |
-// Rejection tags |
-const QuicTag kRREJ = TAG('R', 'R', 'E', 'J'); // Reasons for server sending |
-// Stateless Reject tags |
-const QuicTag kRCID = TAG('R', 'C', 'I', 'D'); // Server-designated |
- // connection ID |
-// Server hello tags |
-const QuicTag kCADR = TAG('C', 'A', 'D', 'R'); // Client IP address and port |
-const QuicTag kASAD = TAG('A', 'S', 'A', 'D'); // Alternate Server IP address |
- // and port. |
- |
-// CETV tags |
-const QuicTag kCIDK = TAG('C', 'I', 'D', 'K'); // ChannelID key |
-const QuicTag kCIDS = TAG('C', 'I', 'D', 'S'); // ChannelID signature |
- |
-// Public reset tags |
-const QuicTag kRNON = TAG('R', 'N', 'O', 'N'); // Public reset nonce proof |
-const QuicTag kRSEQ = TAG('R', 'S', 'E', 'Q'); // Rejected packet number |
- |
-// Universal tags |
-const QuicTag kPAD = TAG('P', 'A', 'D', '\0'); // Padding |
- |
-// Server push tags |
-const QuicTag kSPSH = TAG('S', 'P', 'S', 'H'); // Support server push. |
- |
-// Sent by clients with the fix to crbug/566156 |
-const QuicTag kFIXD = TAG('F', 'I', 'X', 'D'); // Client hello |
-// clang-format on |
- |
-// These tags have a special form so that they appear either at the beginning |
-// or the end of a handshake message. Since handshake messages are sorted by |
-// tag value, the tags with 0 at the end will sort first and those with 255 at |
-// the end will sort last. |
-// |
-// The certificate chain should have a tag that will cause it to be sorted at |
-// the end of any handshake messages because it's likely to be large and the |
-// client might be able to get everything that it needs from the small values at |
-// the beginning. |
-// |
-// Likewise tags with random values should be towards the beginning of the |
-// message because the server mightn't hold state for a rejected client hello |
-// and therefore the client may have issues reassembling the rejection message |
-// in the event that it sent two client hellos. |
-const QuicTag kServerNonceTag = TAG('S', 'N', 'O', 0); // The server's nonce |
-const QuicTag kSourceAddressTokenTag = |
- TAG('S', 'T', 'K', 0); // Source-address token |
-const QuicTag kCertificateTag = TAG('C', 'R', 'T', 255); // Certificate chain |
-const QuicTag kCertificateSCTTag = |
- TAG('C', 'S', 'C', 'T'); // Signed cert timestamp (RFC6962) of leaf cert. |
- |
-#undef TAG |
- |
-const size_t kMaxEntries = 128; // Max number of entries in a message. |
- |
-const size_t kNonceSize = 32; // Size in bytes of the connection nonce. |
- |
-const size_t kOrbitSize = 8; // Number of bytes in an orbit value. |
- |
-// kProofSignatureLabel is prepended to server configs before signing to avoid |
-// any cross-protocol attacks on the signature. |
-// TODO(rch): Remove this when QUIC_VERSION_30 is removed. |
-const char kProofSignatureLabelOld[] = "QUIC server config signature"; |
- |
-// kProofSignatureLabel is prepended to the CHLO hash and server configs before |
-// signing to avoid any cross-protocol attacks on the signature. |
-const char kProofSignatureLabel[] = "QUIC CHLO and server config signature"; |
- |
-// kClientHelloMinimumSize is the minimum size of a client hello. Client hellos |
-// will have PAD tags added in order to ensure this minimum is met and client |
-// hellos smaller than this will be an error. This minimum size reduces the |
-// amplification factor of any mirror DoS attack. |
-// |
-// A client may pad an inchoate client hello to a size larger than |
-// kClientHelloMinimumSize to make it more likely to receive a complete |
-// rejection message. |
-const size_t kClientHelloMinimumSize = 1024; |
- |
-} // namespace net |
- |
-#endif // NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ |