| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ | 5 #ifndef NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ |
| 6 #define NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ | 6 #define NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ |
| 7 | 7 |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <map> | 10 #include <map> |
| 11 #include <memory> | 11 #include <memory> |
| 12 #include <queue> | 12 #include <queue> |
| 13 #include <string> | 13 #include <string> |
| 14 #include <vector> | 14 #include <vector> |
| 15 | 15 |
| 16 #include "base/macros.h" | 16 #include "base/macros.h" |
| 17 #include "base/strings/string_piece.h" | 17 #include "base/strings/string_piece.h" |
| 18 #include "net/quic/core/crypto/crypto_handshake.h" | 18 #include "net/quic/core/crypto/crypto_handshake.h" |
| 19 #include "net/quic/core/quic_packets.h" | 19 #include "net/quic/core/quic_packets.h" |
| 20 #include "net/quic/core/quic_server_id.h" | 20 #include "net/quic/core/quic_server_id.h" |
| 21 #include "net/quic/platform/api/quic_export.h" | 21 #include "net/quic/platform/api/quic_export.h" |
| 22 #include "net/quic/platform/api/quic_reference_counted.h" |
| 22 | 23 |
| 23 namespace net { | 24 namespace net { |
| 24 | 25 |
| 25 class ChannelIDKey; | 26 class ChannelIDKey; |
| 26 class ChannelIDSource; | 27 class ChannelIDSource; |
| 27 class CryptoHandshakeMessage; | 28 class CryptoHandshakeMessage; |
| 28 class ProofVerifier; | 29 class ProofVerifier; |
| 29 class ProofVerifyDetails; | 30 class ProofVerifyDetails; |
| 30 class QuicRandom; | 31 class QuicRandom; |
| 31 | 32 |
| (...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 225 // QUIC protocol that this client chose to use initially. This allows the | 226 // QUIC protocol that this client chose to use initially. This allows the |
| 226 // server to detect downgrade attacks. If |demand_x509_proof| is true, | 227 // server to detect downgrade attacks. If |demand_x509_proof| is true, |
| 227 // then |out| will include an X509 proof demand, and the associated | 228 // then |out| will include an X509 proof demand, and the associated |
| 228 // certificate related fields. | 229 // certificate related fields. |
| 229 void FillInchoateClientHello( | 230 void FillInchoateClientHello( |
| 230 const QuicServerId& server_id, | 231 const QuicServerId& server_id, |
| 231 const QuicVersion preferred_version, | 232 const QuicVersion preferred_version, |
| 232 const CachedState* cached, | 233 const CachedState* cached, |
| 233 QuicRandom* rand, | 234 QuicRandom* rand, |
| 234 bool demand_x509_proof, | 235 bool demand_x509_proof, |
| 235 scoped_refptr<QuicCryptoNegotiatedParameters> out_params, | 236 QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters> out_params, |
| 236 CryptoHandshakeMessage* out) const; | 237 CryptoHandshakeMessage* out) const; |
| 237 | 238 |
| 238 // FillClientHello sets |out| to be a CHLO message based on the configuration | 239 // FillClientHello sets |out| to be a CHLO message based on the configuration |
| 239 // of this object. This object must have cached enough information about | 240 // of this object. This object must have cached enough information about |
| 240 // the server's hostname in order to perform a handshake. This can be checked | 241 // the server's hostname in order to perform a handshake. This can be checked |
| 241 // with the |IsComplete| member of |CachedState|. | 242 // with the |IsComplete| member of |CachedState|. |
| 242 // | 243 // |
| 243 // |now| and |rand| are used to generate the nonce and |out_params| is | 244 // |now| and |rand| are used to generate the nonce and |out_params| is |
| 244 // filled with the results of the handshake that the server is expected to | 245 // filled with the results of the handshake that the server is expected to |
| 245 // accept. |preferred_version| is the version of the QUIC protocol that this | 246 // accept. |preferred_version| is the version of the QUIC protocol that this |
| 246 // client chose to use initially. This allows the server to detect downgrade | 247 // client chose to use initially. This allows the server to detect downgrade |
| 247 // attacks. | 248 // attacks. |
| 248 // | 249 // |
| 249 // If |channel_id_key| is not null, it is used to sign a secret value derived | 250 // If |channel_id_key| is not null, it is used to sign a secret value derived |
| 250 // from the client and server's keys, and the Channel ID public key and the | 251 // from the client and server's keys, and the Channel ID public key and the |
| 251 // signature are placed in the CETV value of the CHLO. | 252 // signature are placed in the CETV value of the CHLO. |
| 252 QuicErrorCode FillClientHello( | 253 QuicErrorCode FillClientHello( |
| 253 const QuicServerId& server_id, | 254 const QuicServerId& server_id, |
| 254 QuicConnectionId connection_id, | 255 QuicConnectionId connection_id, |
| 255 const QuicVersion preferred_version, | 256 const QuicVersion preferred_version, |
| 256 const CachedState* cached, | 257 const CachedState* cached, |
| 257 QuicWallTime now, | 258 QuicWallTime now, |
| 258 QuicRandom* rand, | 259 QuicRandom* rand, |
| 259 const ChannelIDKey* channel_id_key, | 260 const ChannelIDKey* channel_id_key, |
| 260 scoped_refptr<QuicCryptoNegotiatedParameters> out_params, | 261 QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters> out_params, |
| 261 CryptoHandshakeMessage* out, | 262 CryptoHandshakeMessage* out, |
| 262 std::string* error_details) const; | 263 std::string* error_details) const; |
| 263 | 264 |
| 264 // ProcessRejection processes a REJ message from a server and updates the | 265 // ProcessRejection processes a REJ message from a server and updates the |
| 265 // cached information about that server. After this, |IsComplete| may return | 266 // cached information about that server. After this, |IsComplete| may return |
| 266 // true for that server's CachedState. If the rejection message contains state | 267 // true for that server's CachedState. If the rejection message contains state |
| 267 // about a future handshake (i.e. an nonce value from the server), then it | 268 // about a future handshake (i.e. an nonce value from the server), then it |
| 268 // will be saved in |out_params|. |now| is used to judge whether the server | 269 // will be saved in |out_params|. |now| is used to judge whether the server |
| 269 // config in the rejection message has expired. | 270 // config in the rejection message has expired. |
| 270 QuicErrorCode ProcessRejection( | 271 QuicErrorCode ProcessRejection( |
| 271 const CryptoHandshakeMessage& rej, | 272 const CryptoHandshakeMessage& rej, |
| 272 QuicWallTime now, | 273 QuicWallTime now, |
| 273 QuicVersion version, | 274 QuicVersion version, |
| 274 base::StringPiece chlo_hash, | 275 base::StringPiece chlo_hash, |
| 275 CachedState* cached, | 276 CachedState* cached, |
| 276 scoped_refptr<QuicCryptoNegotiatedParameters> out_params, | 277 QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters> out_params, |
| 277 std::string* error_details); | 278 std::string* error_details); |
| 278 | 279 |
| 279 // ProcessServerHello processes the message in |server_hello|, updates the | 280 // ProcessServerHello processes the message in |server_hello|, updates the |
| 280 // cached information about that server, writes the negotiated parameters to | 281 // cached information about that server, writes the negotiated parameters to |
| 281 // |out_params| and returns QUIC_NO_ERROR. If |server_hello| is unacceptable | 282 // |out_params| and returns QUIC_NO_ERROR. If |server_hello| is unacceptable |
| 282 // then it puts an error message in |error_details| and returns an error | 283 // then it puts an error message in |error_details| and returns an error |
| 283 // code. |version| is the QUIC version for the current connection. | 284 // code. |version| is the QUIC version for the current connection. |
| 284 // |negotiated_versions| contains the list of version, if any, that were | 285 // |negotiated_versions| contains the list of version, if any, that were |
| 285 // present in a version negotiation packet previously recevied from the | 286 // present in a version negotiation packet previously recevied from the |
| 286 // server. The contents of this list will be compared against the list of | 287 // server. The contents of this list will be compared against the list of |
| 287 // versions provided in the VER tag of the server hello. | 288 // versions provided in the VER tag of the server hello. |
| 288 QuicErrorCode ProcessServerHello( | 289 QuicErrorCode ProcessServerHello( |
| 289 const CryptoHandshakeMessage& server_hello, | 290 const CryptoHandshakeMessage& server_hello, |
| 290 QuicConnectionId connection_id, | 291 QuicConnectionId connection_id, |
| 291 QuicVersion version, | 292 QuicVersion version, |
| 292 const QuicVersionVector& negotiated_versions, | 293 const QuicVersionVector& negotiated_versions, |
| 293 CachedState* cached, | 294 CachedState* cached, |
| 294 scoped_refptr<QuicCryptoNegotiatedParameters> out_params, | 295 QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters> out_params, |
| 295 std::string* error_details); | 296 std::string* error_details); |
| 296 | 297 |
| 297 // Processes the message in |server_update|, updating the cached source | 298 // Processes the message in |server_update|, updating the cached source |
| 298 // address token, and server config. | 299 // address token, and server config. |
| 299 // If |server_update| is invalid then |error_details| will contain an error | 300 // If |server_update| is invalid then |error_details| will contain an error |
| 300 // message, and an error code will be returned. If all has gone well | 301 // message, and an error code will be returned. If all has gone well |
| 301 // QUIC_NO_ERROR is returned. | 302 // QUIC_NO_ERROR is returned. |
| 302 QuicErrorCode ProcessServerConfigUpdate( | 303 QuicErrorCode ProcessServerConfigUpdate( |
| 303 const CryptoHandshakeMessage& server_update, | 304 const CryptoHandshakeMessage& server_update, |
| 304 QuicWallTime now, | 305 QuicWallTime now, |
| 305 const QuicVersion version, | 306 const QuicVersion version, |
| 306 base::StringPiece chlo_hash, | 307 base::StringPiece chlo_hash, |
| 307 CachedState* cached, | 308 CachedState* cached, |
| 308 scoped_refptr<QuicCryptoNegotiatedParameters> out_params, | 309 QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters> out_params, |
| 309 std::string* error_details); | 310 std::string* error_details); |
| 310 | 311 |
| 311 ProofVerifier* proof_verifier() const; | 312 ProofVerifier* proof_verifier() const; |
| 312 | 313 |
| 313 ChannelIDSource* channel_id_source() const; | 314 ChannelIDSource* channel_id_source() const; |
| 314 | 315 |
| 315 // SetChannelIDSource sets a ChannelIDSource that will be called, when the | 316 // SetChannelIDSource sets a ChannelIDSource that will be called, when the |
| 316 // server supports channel IDs, to obtain a channel ID for signing a message | 317 // server supports channel IDs, to obtain a channel ID for signing a message |
| 317 // proving possession of the channel ID. This object takes ownership of | 318 // proving possession of the channel ID. This object takes ownership of |
| 318 // |source|. | 319 // |source|. |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 384 | 385 |
| 385 // The |user_agent_id_| passed in QUIC's CHLO message. | 386 // The |user_agent_id_| passed in QUIC's CHLO message. |
| 386 std::string user_agent_id_; | 387 std::string user_agent_id_; |
| 387 | 388 |
| 388 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); | 389 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); |
| 389 }; | 390 }; |
| 390 | 391 |
| 391 } // namespace net | 392 } // namespace net |
| 392 | 393 |
| 393 #endif // NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ | 394 #endif // NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2589983002:
Create a QUIC wrapper around scoped_refptr. (Closed)
