OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/quic/core/crypto/quic_crypto_client_config.h" | 5 #include "net/quic/core/crypto/quic_crypto_client_config.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <memory> | 8 #include <memory> |
9 | 9 |
10 #include "base/metrics/histogram_macros.h" | 10 #include "base/metrics/histogram_macros.h" |
11 #include "net/quic/core/crypto/cert_compressor.h" | 11 #include "net/quic/core/crypto/cert_compressor.h" |
12 #include "net/quic/core/crypto/chacha20_poly1305_encrypter.h" | 12 #include "net/quic/core/crypto/chacha20_poly1305_encrypter.h" |
13 #include "net/quic/core/crypto/channel_id.h" | 13 #include "net/quic/core/crypto/channel_id.h" |
14 #include "net/quic/core/crypto/common_cert_set.h" | 14 #include "net/quic/core/crypto/common_cert_set.h" |
15 #include "net/quic/core/crypto/crypto_framer.h" | 15 #include "net/quic/core/crypto/crypto_framer.h" |
16 #include "net/quic/core/crypto/crypto_utils.h" | 16 #include "net/quic/core/crypto/crypto_utils.h" |
17 #include "net/quic/core/crypto/curve25519_key_exchange.h" | 17 #include "net/quic/core/crypto/curve25519_key_exchange.h" |
18 #include "net/quic/core/crypto/key_exchange.h" | 18 #include "net/quic/core/crypto/key_exchange.h" |
19 #include "net/quic/core/crypto/p256_key_exchange.h" | 19 #include "net/quic/core/crypto/p256_key_exchange.h" |
20 #include "net/quic/core/crypto/proof_verifier.h" | 20 #include "net/quic/core/crypto/proof_verifier.h" |
21 #include "net/quic/core/crypto/quic_encrypter.h" | 21 #include "net/quic/core/crypto/quic_encrypter.h" |
22 #include "net/quic/core/crypto/quic_random.h" | 22 #include "net/quic/core/crypto/quic_random.h" |
23 #include "net/quic/core/quic_utils.h" | 23 #include "net/quic/core/quic_utils.h" |
24 #include "net/quic/platform/api/quic_bug_tracker.h" | 24 #include "net/quic/platform/api/quic_bug_tracker.h" |
| 25 #include "net/quic/platform/api/quic_endian.h" |
25 #include "net/quic/platform/api/quic_hostname_utils.h" | 26 #include "net/quic/platform/api/quic_hostname_utils.h" |
26 #include "net/quic/platform/api/quic_logging.h" | 27 #include "net/quic/platform/api/quic_logging.h" |
27 #include "net/quic/platform/api/quic_map_util.h" | 28 #include "net/quic/platform/api/quic_map_util.h" |
28 #include "net/quic/platform/api/quic_ptr_util.h" | 29 #include "net/quic/platform/api/quic_ptr_util.h" |
29 #include "net/quic/platform/api/quic_text_utils.h" | 30 #include "net/quic/platform/api/quic_text_utils.h" |
30 | 31 |
31 using std::string; | 32 using std::string; |
32 | 33 |
33 namespace net { | 34 namespace net { |
34 | 35 |
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
185 scfg_ = std::move(new_scfg_storage); | 186 scfg_ = std::move(new_scfg_storage); |
186 } | 187 } |
187 return SERVER_CONFIG_VALID; | 188 return SERVER_CONFIG_VALID; |
188 } | 189 } |
189 | 190 |
190 void QuicCryptoClientConfig::CachedState::InvalidateServerConfig() { | 191 void QuicCryptoClientConfig::CachedState::InvalidateServerConfig() { |
191 server_config_.clear(); | 192 server_config_.clear(); |
192 scfg_.reset(); | 193 scfg_.reset(); |
193 SetProofInvalid(); | 194 SetProofInvalid(); |
194 std::queue<QuicConnectionId> empty_queue; | 195 std::queue<QuicConnectionId> empty_queue; |
| 196 using std::swap; |
195 swap(server_designated_connection_ids_, empty_queue); | 197 swap(server_designated_connection_ids_, empty_queue); |
196 } | 198 } |
197 | 199 |
198 void QuicCryptoClientConfig::CachedState::SetProof( | 200 void QuicCryptoClientConfig::CachedState::SetProof( |
199 const std::vector<string>& certs, | 201 const std::vector<string>& certs, |
200 QuicStringPiece cert_sct, | 202 QuicStringPiece cert_sct, |
201 QuicStringPiece chlo_hash, | 203 QuicStringPiece chlo_hash, |
202 QuicStringPiece signature) { | 204 QuicStringPiece signature) { |
203 bool has_changed = signature != server_config_sig_ || | 205 bool has_changed = signature != server_config_sig_ || |
204 chlo_hash != chlo_hash_ || certs_.size() != certs.size(); | 206 chlo_hash != chlo_hash_ || certs_.size() != certs.size(); |
(...skipping 24 matching lines...) Expand all Loading... |
229 source_address_token_.clear(); | 231 source_address_token_.clear(); |
230 certs_.clear(); | 232 certs_.clear(); |
231 cert_sct_.clear(); | 233 cert_sct_.clear(); |
232 chlo_hash_.clear(); | 234 chlo_hash_.clear(); |
233 server_config_sig_.clear(); | 235 server_config_sig_.clear(); |
234 server_config_valid_ = false; | 236 server_config_valid_ = false; |
235 proof_verify_details_.reset(); | 237 proof_verify_details_.reset(); |
236 scfg_.reset(); | 238 scfg_.reset(); |
237 ++generation_counter_; | 239 ++generation_counter_; |
238 std::queue<QuicConnectionId> empty_queue; | 240 std::queue<QuicConnectionId> empty_queue; |
| 241 using std::swap; |
239 swap(server_designated_connection_ids_, empty_queue); | 242 swap(server_designated_connection_ids_, empty_queue); |
240 } | 243 } |
241 | 244 |
242 void QuicCryptoClientConfig::CachedState::ClearProof() { | 245 void QuicCryptoClientConfig::CachedState::ClearProof() { |
243 SetProofInvalid(); | 246 SetProofInvalid(); |
244 certs_.clear(); | 247 certs_.clear(); |
245 cert_sct_.clear(); | 248 cert_sct_.clear(); |
246 chlo_hash_.clear(); | 249 chlo_hash_.clear(); |
247 server_config_sig_.clear(); | 250 server_config_sig_.clear(); |
248 } | 251 } |
(...skipping 243 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
492 QuicConnectionId connection_id, | 495 QuicConnectionId connection_id, |
493 const QuicVersion preferred_version, | 496 const QuicVersion preferred_version, |
494 const CachedState* cached, | 497 const CachedState* cached, |
495 QuicWallTime now, | 498 QuicWallTime now, |
496 QuicRandom* rand, | 499 QuicRandom* rand, |
497 const ChannelIDKey* channel_id_key, | 500 const ChannelIDKey* channel_id_key, |
498 QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters> out_params, | 501 QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters> out_params, |
499 CryptoHandshakeMessage* out, | 502 CryptoHandshakeMessage* out, |
500 string* error_details) const { | 503 string* error_details) const { |
501 DCHECK(error_details != nullptr); | 504 DCHECK(error_details != nullptr); |
| 505 if (QuicUtils::IsConnectionIdWireFormatBigEndian(Perspective::IS_CLIENT)) { |
| 506 connection_id = QuicEndian::HostToNet64(connection_id); |
| 507 } |
502 | 508 |
503 FillInchoateClientHello(server_id, preferred_version, cached, rand, | 509 FillInchoateClientHello(server_id, preferred_version, cached, rand, |
504 /* demand_x509_proof= */ true, out_params, out); | 510 /* demand_x509_proof= */ true, out_params, out); |
505 | 511 |
506 const CryptoHandshakeMessage* scfg = cached->GetServerConfig(); | 512 const CryptoHandshakeMessage* scfg = cached->GetServerConfig(); |
507 if (!scfg) { | 513 if (!scfg) { |
508 // This should never happen as our caller should have checked | 514 // This should never happen as our caller should have checked |
509 // cached->IsComplete() before calling this function. | 515 // cached->IsComplete() before calling this function. |
510 *error_details = "Handshake not ready"; | 516 *error_details = "Handshake not ready"; |
511 return QUIC_CRYPTO_INTERNAL_ERROR; | 517 return QUIC_CRYPTO_INTERNAL_ERROR; |
(...skipping 300 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
812 if (rej.GetStringPiece(kServerNonceTag, &nonce)) { | 818 if (rej.GetStringPiece(kServerNonceTag, &nonce)) { |
813 out_params->server_nonce = nonce.as_string(); | 819 out_params->server_nonce = nonce.as_string(); |
814 } | 820 } |
815 | 821 |
816 if (rej.tag() == kSREJ) { | 822 if (rej.tag() == kSREJ) { |
817 QuicConnectionId connection_id; | 823 QuicConnectionId connection_id; |
818 if (rej.GetUint64(kRCID, &connection_id) != QUIC_NO_ERROR) { | 824 if (rej.GetUint64(kRCID, &connection_id) != QUIC_NO_ERROR) { |
819 *error_details = "Missing kRCID"; | 825 *error_details = "Missing kRCID"; |
820 return QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND; | 826 return QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND; |
821 } | 827 } |
| 828 if (QuicUtils::IsConnectionIdWireFormatBigEndian(Perspective::IS_CLIENT)) { |
| 829 connection_id = QuicEndian::NetToHost64(connection_id); |
| 830 } |
822 cached->add_server_designated_connection_id(connection_id); | 831 cached->add_server_designated_connection_id(connection_id); |
823 if (!nonce.empty()) { | 832 if (!nonce.empty()) { |
824 cached->add_server_nonce(nonce.as_string()); | 833 cached->add_server_nonce(nonce.as_string()); |
825 } | 834 } |
826 return QUIC_NO_ERROR; | 835 return QUIC_NO_ERROR; |
827 } | 836 } |
828 | 837 |
829 return QUIC_NO_ERROR; | 838 return QUIC_NO_ERROR; |
830 } | 839 } |
831 | 840 |
(...skipping 151 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
983 } | 992 } |
984 | 993 |
985 // Update canonical version to point at the "most recent" entry. | 994 // Update canonical version to point at the "most recent" entry. |
986 canonical_server_map_[suffix_server_id] = server_id; | 995 canonical_server_map_[suffix_server_id] = server_id; |
987 | 996 |
988 server_state->InitializeFrom(*canonical_state); | 997 server_state->InitializeFrom(*canonical_state); |
989 return true; | 998 return true; |
990 } | 999 } |
991 | 1000 |
992 } // namespace net | 1001 } // namespace net |
OLD | NEW |