| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
| 6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/memory/scoped_ptr.h" | 11 #include "base/memory/scoped_ptr.h" |
| 12 #include "net/base/net_export.h" | 12 #include "net/base/net_export.h" |
| 13 #include "net/quic/quic_protocol.h" | 13 #include "net/quic/quic_protocol.h" |
| 14 | 14 |
| 15 namespace net { | 15 namespace net { |
| 16 | 16 |
| 17 class CommonCertSets; | 17 class CommonCertSets; |
| 18 class KeyExchange; | 18 class KeyExchange; |
| 19 class QuicDecrypter; | 19 class QuicDecrypter; |
| 20 class QuicEncrypter; | 20 class QuicEncrypter; |
| 21 | 21 |
| 22 // HandshakeFailureReason enum values are uploaded to UMA, they cannot be | 22 // HandshakeFailureReason enum values are uploaded to UMA, they cannot be |
| 23 // changed. | 23 // changed. |
| 24 enum HandshakeFailureReason { | 24 enum HandshakeFailureReason { |
| 25 HANDSHAKE_OK = 0, | 25 HANDSHAKE_OK = 0, |
| 26 | 26 |
| 27 // Failure reasons for an invalid client nonce in CHLO. | 27 // Failure reasons for an invalid client nonce in CHLO. |
| 28 // | 28 // |
| 29 // TODO(rtenneti): Implement capturing of error from strike register. | 29 // Client nonce had incorrect length. |
| 30 CLIENT_NONCE_UNKNOWN_FAILURE = 1, | 30 CLIENT_NONCE_INVALID_FAILURE = 1, |
| 31 // Invalid client nonce. A possible reason, client nonce had incorrect length. | 31 // Client nonce is not unique. |
| 32 CLIENT_NONCE_INVALID_FAILURE = 2, | 32 CLIENT_NONCE_NOT_UNIQUE_FAILURE = 2, |
| 33 // Client orbit is not valid. | 33 // Client orbit is invalid or incorrect. |
| 34 CLIENT_NONCE_INVALID_ORBIT_FAILURE = 3, | 34 CLIENT_NONCE_INVALID_ORBIT_FAILURE = 3, |
| 35 // Client nonce's timestamp is not in the strike register's valid time range. | 35 // Client nonce's timestamp is not in the strike register's valid time range. |
| 36 CLIENT_NONCE_INVALID_TIME_FAILURE = 4, | 36 CLIENT_NONCE_INVALID_TIME_FAILURE = 4, |
| 37 // Client nonce verification has failed because strike register is down. | 37 // Client nonce verification has failed because strike register is down. |
| 38 CLIENT_NONCE_NO_STRIKE_REGISTER_FAILURE = 5, | 38 CLIENT_NONCE_NO_STRIKE_REGISTER_FAILURE = 5, |
| 39 | 39 |
| 40 // Failure reasons for an invalid server nonce in CHLO. | 40 // Failure reasons for an invalid server nonce in CHLO. |
| 41 // | 41 // |
| 42 SERVER_NONCE_INVALID_FAILURE = 6, // Nonce had incorrect length. | 42 // Unbox of server nonce failed. |
| 43 SERVER_NONCE_DECRYPTION_FAILURE = 7, // Unbox of nonce failed. | 43 SERVER_NONCE_DECRYPTION_FAILURE = 6, |
| 44 SERVER_NONCE_NOT_UNIQUE_FAILURE = 8, // Nonce is not unique. | 44 // Decrypted server nonce had incorrect length. |
| 45 // Server orbit is not valid. | 45 SERVER_NONCE_INVALID_FAILURE = 7, |
| 46 SERVER_NONCE_INVALID_ORBIT_FAILURE = 9, | 46 // Server nonce is not unique. |
| 47 SERVER_NONCE_NOT_UNIQUE_FAILURE = 8, |
| 47 // Server nonce's timestamp is not in the strike register's valid time range. | 48 // Server nonce's timestamp is not in the strike register's valid time range. |
| 48 SERVER_NONCE_INVALID_TIME_FAILURE = 10, | 49 SERVER_NONCE_INVALID_TIME_FAILURE = 9, |
| 49 // Server nonce verification has failed because strike register is down. | |
| 50 SERVER_NONCE_NO_STRIKE_REGISTER_FAILURE = 11, | |
| 51 | 50 |
| 52 // Failure reasons for an invalid server config in CHLO. | 51 // Failure reasons for an invalid server config in CHLO. |
| 53 // | 52 // |
| 54 // Missing Server config id (kSCID) tag. | 53 // Missing Server config id (kSCID) tag. |
| 55 SERVER_CONFIG_INCHOATE_HELLO_FAILURE = 12, | 54 SERVER_CONFIG_INCHOATE_HELLO_FAILURE = 10, |
| 56 // GetConfigWithScid couldn't find the Server config id (kSCID). | 55 // Couldn't find the Server config id (kSCID). |
| 57 SERVER_CONFIG_UNKNOWN_CONFIG_FAILURE = 13, | 56 SERVER_CONFIG_UNKNOWN_CONFIG_FAILURE = 11, |
| 58 | 57 |
| 59 // Failure reasons for an invalid source-address token. | 58 // Failure reasons for an invalid source-address token. |
| 60 // | 59 // |
| 61 // Missing Source-address token (kSourceAddressTokenTag) tag. | 60 // Missing Source-address token (kSourceAddressTokenTag) tag. |
| 62 SOURCE_ADDRESS_TOKEN_INVALID_FAILURE = 14, | 61 SOURCE_ADDRESS_TOKEN_INVALID_FAILURE = 12, |
| 63 // Unbox of Source-address token failed. | 62 // Unbox of Source-address token failed. |
| 64 SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE = 15, | 63 SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE = 13, |
| 65 // Couldn't parse the unbox'ed Source-address token. | 64 // Couldn't parse the unbox'ed Source-address token. |
| 66 SOURCE_ADDRESS_TOKEN_PARSE_FAILURE = 16, | 65 SOURCE_ADDRESS_TOKEN_PARSE_FAILURE = 14, |
| 67 // Source-address token is for a different IP address. | 66 // Source-address token is for a different IP address. |
| 68 SOURCE_ADDRESS_TOKEN_DIFFERENT_IP_ADDRESS_FAILURE = 17, | 67 SOURCE_ADDRESS_TOKEN_DIFFERENT_IP_ADDRESS_FAILURE = 15, |
| 69 // The difference between the time in source-address token and |now| is more | 68 // The source-address token has a timestamp in the future. |
| 70 // than |source_address_token_future_secs_|. | 69 SOURCE_ADDRESS_TOKEN_CLOCK_SKEW_FAILURE = 16, |
| 71 SOURCE_ADDRESS_TOKEN_CLOCK_SKEW_FAILURE = 18, | 70 // The source-address token has expired. |
| 72 // The difference between the time in source-address token and |now| is more | 71 SOURCE_ADDRESS_TOKEN_EXPIRED_FAILURE = 17, |
| 73 // than |source_address_token_lifetime_secs_|. | |
| 74 SOURCE_ADDRESS_TOKEN_EXPIRED_FAILURE = 19, | |
| 75 | 72 |
| 76 MAX_FAILURE_REASONS, | 73 MAX_FAILURE_REASON, |
| 77 }; | 74 }; |
| 78 | 75 |
| 79 // These errors will be packed into an uint32 and HANDSHAKE_OK is not used in | 76 // These errors will be packed into an uint32 and we don't want to set the most |
| 80 // UMA histograms. | 77 // significant bit, which may be misinterpreted as the sign bit. |
| 81 COMPILE_ASSERT(MAX_FAILURE_REASONS <= 32, failure_reason_out_of_sync); | 78 COMPILE_ASSERT(MAX_FAILURE_REASON <= 32, failure_reason_out_of_sync); |
| 82 | 79 |
| 83 // A CrypterPair contains the encrypter and decrypter for an encryption level. | 80 // A CrypterPair contains the encrypter and decrypter for an encryption level. |
| 84 struct NET_EXPORT_PRIVATE CrypterPair { | 81 struct NET_EXPORT_PRIVATE CrypterPair { |
| 85 CrypterPair(); | 82 CrypterPair(); |
| 86 ~CrypterPair(); | 83 ~CrypterPair(); |
| 87 scoped_ptr<QuicEncrypter> encrypter; | 84 scoped_ptr<QuicEncrypter> encrypter; |
| 88 scoped_ptr<QuicDecrypter> decrypter; | 85 scoped_ptr<QuicDecrypter> decrypter; |
| 89 }; | 86 }; |
| 90 | 87 |
| 91 // Parameters negotiated by the crypto handshake. | 88 // Parameters negotiated by the crypto handshake. |
| (...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 150 | 147 |
| 151 const CommonCertSets* common_cert_sets; | 148 const CommonCertSets* common_cert_sets; |
| 152 | 149 |
| 153 private: | 150 private: |
| 154 DISALLOW_COPY_AND_ASSIGN(QuicCryptoConfig); | 151 DISALLOW_COPY_AND_ASSIGN(QuicCryptoConfig); |
| 155 }; | 152 }; |
| 156 | 153 |
| 157 } // namespace net | 154 } // namespace net |
| 158 | 155 |
| 159 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 156 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 359823002:
Deleted unneeded enums from HandshakeFailureReason. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src