Landing Recent QUIC changes until Mon Nov 14 04:43:50 2016 +0000

net/quic/core/crypto/quic_crypto_client_config.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/core/crypto/quic_crypto_client_config.h"
 
 #include <memory>
 
 #include "base/memory/ptr_util.h"
 #include "base/metrics/histogram_macros.h"
@@ skipping 467 matching lines @@
          i != certs.end(); ++i) {
       hashes.push_back(QuicUtils::FNV1a_64_Hash(i->data(), i->size()));
     }
     out->SetVector(kCCRT, hashes);
   }
 }
 
 QuicErrorCode QuicCryptoClientConfig::FillClientHello(
     const QuicServerId& server_id,
     QuicConnectionId connection_id,
-    const QuicVersion actual_version,
     const QuicVersion preferred_version,
     const CachedState* cached,
     QuicWallTime now,
     QuicRandom* rand,
     const ChannelIDKey* channel_id_key,
     scoped_refptr<QuicCryptoNegotiatedParameters> out_params,
     CryptoHandshakeMessage* out,
     string* error_details) const {
   DCHECK(error_details != nullptr);
 
@@ skipping 27 matching lines @@
     *error_details = "Missing AEAD or KEXS";
     return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
   }
 
   // AEAD: the work loads on the client and server are symmetric. Since the
   // client is more likely to be CPU-constrained, break the tie by favoring
   // the client's preference.
   // Key exchange: the client does more work than the server, so favor the
   // client's preference.
   size_t key_exchange_index;
-  if (!QuicUtils::FindMutualTag(aead, their_aeads, num_their_aeads,
-                                QuicUtils::LOCAL_PRIORITY, &out_params->aead,
-                                nullptr) ||
-      !QuicUtils::FindMutualTag(
-          kexs, their_key_exchanges, num_their_key_exchanges,
-          QuicUtils::LOCAL_PRIORITY, &out_params->key_exchange,
-          &key_exchange_index)) {
+  if (!FindMutualQuicTag(aead, their_aeads, num_their_aeads, &out_params->aead,
+                         nullptr) ||
+      !FindMutualQuicTag(kexs, their_key_exchanges, num_their_key_exchanges,
+                         &out_params->key_exchange, &key_exchange_index)) {
     *error_details = "Unsupported AEAD or KEXS";
     return QUIC_CRYPTO_NO_SUPPORT;
   }
   out->SetVector(kAEAD, QuicTagVector{out_params->aead});
   out->SetVector(kKEXS, QuicTagVector{out_params->key_exchange});
 
   if (!tb_key_params.empty() &&
       server_id.privacy_mode() == PRIVACY_MODE_DISABLED) {
     const QuicTag* their_tbkps;
     size_t num_their_tbkps;
     switch (scfg->GetTaglist(kTBKP, &their_tbkps, &num_their_tbkps)) {
       case QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND:
         break;
       case QUIC_NO_ERROR:
-        if (QuicUtils::FindMutualTag(tb_key_params, their_tbkps,
-                                     num_their_tbkps, QuicUtils::LOCAL_PRIORITY,
-                                     &out_params->token_binding_key_param,
-                                     nullptr)) {
+        if (FindMutualQuicTag(tb_key_params, their_tbkps, num_their_tbkps,
+                              &out_params->token_binding_key_param, nullptr)) {
           out->SetVector(kTBKP,
                          QuicTagVector{out_params->token_binding_key_param});
         }
         break;
       default:
         *error_details = "Invalid TBKP";
         return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
     }
   }
 
@@ skipping 122 matching lines @@
   out_params->hkdf_input_suffix.append(certs[0]);
 
   string hkdf_input;
   const size_t label_len = strlen(QuicCryptoConfig::kInitialLabel) + 1;
   hkdf_input.reserve(label_len + out_params->hkdf_input_suffix.size());
   hkdf_input.append(QuicCryptoConfig::kInitialLabel, label_len);
   hkdf_input.append(out_params->hkdf_input_suffix);
 
   string* subkey_secret = &out_params->initial_subkey_secret;
 
-  // Only perform key diversification for QUIC versions 33 and later.
-  // TODO(rch): remove the |actual_version| argument to this method when
-  // QUIC_VERSION_32 is removed.
-  CryptoUtils::Diversification diversification =
-      actual_version > QUIC_VERSION_32 ? CryptoUtils::Diversification::Pending()
-                                       : CryptoUtils::Diversification::Never();
-  if (!CryptoUtils::DeriveKeys(out_params->initial_premaster_secret,
-                               out_params->aead, out_params->client_nonce,
-                               out_params->server_nonce, hkdf_input,
-                               Perspective::IS_CLIENT, diversification,
-                               &out_params->initial_crypters, subkey_secret)) {
+  if (!CryptoUtils::DeriveKeys(
+          out_params->initial_premaster_secret, out_params->aead,
+          out_params->client_nonce, out_params->server_nonce, hkdf_input,
+          Perspective::IS_CLIENT, CryptoUtils::Diversification::Pending(),
+          &out_params->initial_crypters, subkey_secret)) {
     *error_details = "Symmetric key setup failed";
     return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED;
   }
 
   return QUIC_NO_ERROR;
 }
 
 QuicErrorCode QuicCryptoClientConfig::CacheNewServerConfig(
     const CryptoHandshakeMessage& message,
     QuicWallTime now,
@@ skipping 261 matching lines @@
   }
 
   // Update canonical version to point at the "most recent" entry.
   canonical_server_map_[suffix_server_id] = server_id;
 
   server_state->InitializeFrom(*canonical_state);
   return true;
 }
 
 }  // namespace net