| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | |
| 6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 #include <vector> | |
| 10 | |
| 11 #include "base/memory/scoped_ptr.h" | |
| 12 #include "net/base/net_export.h" | |
| 13 #include "net/quic/quic_protocol.h" | |
| 14 | |
| 15 namespace net { | |
| 16 | |
| 17 class CommonCertSets; | |
| 18 class KeyExchange; | |
| 19 class QuicDecrypter; | |
| 20 class QuicEncrypter; | |
| 21 | |
| 22 // HandshakeFailureReason enum values are uploaded to UMA, they cannot be | |
| 23 // changed. | |
| 24 enum HandshakeFailureReason { | |
| 25 HANDSHAKE_OK = 0, | |
| 26 | |
| 27 // Failure reasons for an invalid client nonce in CHLO. | |
| 28 // | |
| 29 // The default error value for nonce verification failures from strike | |
| 30 // register (covers old strike registers and unknown failures). | |
| 31 CLIENT_NONCE_UNKNOWN_FAILURE = 1, | |
| 32 // Client nonce had incorrect length. | |
| 33 CLIENT_NONCE_INVALID_FAILURE = 2, | |
| 34 // Client nonce is not unique. | |
| 35 CLIENT_NONCE_NOT_UNIQUE_FAILURE = 3, | |
| 36 // Client orbit is invalid or incorrect. | |
| 37 CLIENT_NONCE_INVALID_ORBIT_FAILURE = 4, | |
| 38 // Client nonce's timestamp is not in the strike register's valid time range. | |
| 39 CLIENT_NONCE_INVALID_TIME_FAILURE = 5, | |
| 40 // Strike register's RPC call timed out, client nonce couldn't be verified. | |
| 41 CLIENT_NONCE_STRIKE_REGISTER_TIMEOUT = 6, | |
| 42 // Strike register is down, client nonce couldn't be verified. | |
| 43 CLIENT_NONCE_STRIKE_REGISTER_FAILURE = 7, | |
| 44 | |
| 45 // Failure reasons for an invalid server nonce in CHLO. | |
| 46 // | |
| 47 // Unbox of server nonce failed. | |
| 48 SERVER_NONCE_DECRYPTION_FAILURE = 8, | |
| 49 // Decrypted server nonce had incorrect length. | |
| 50 SERVER_NONCE_INVALID_FAILURE = 9, | |
| 51 // Server nonce is not unique. | |
| 52 SERVER_NONCE_NOT_UNIQUE_FAILURE = 10, | |
| 53 // Server nonce's timestamp is not in the strike register's valid time range. | |
| 54 SERVER_NONCE_INVALID_TIME_FAILURE = 11, | |
| 55 | |
| 56 // Failure reasons for an invalid server config in CHLO. | |
| 57 // | |
| 58 // Missing Server config id (kSCID) tag. | |
| 59 SERVER_CONFIG_INCHOATE_HELLO_FAILURE = 12, | |
| 60 // Couldn't find the Server config id (kSCID). | |
| 61 SERVER_CONFIG_UNKNOWN_CONFIG_FAILURE = 13, | |
| 62 | |
| 63 // Failure reasons for an invalid source-address token. | |
| 64 // | |
| 65 // Missing Source-address token (kSourceAddressTokenTag) tag. | |
| 66 SOURCE_ADDRESS_TOKEN_INVALID_FAILURE = 14, | |
| 67 // Unbox of Source-address token failed. | |
| 68 SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE = 15, | |
| 69 // Couldn't parse the unbox'ed Source-address token. | |
| 70 SOURCE_ADDRESS_TOKEN_PARSE_FAILURE = 16, | |
| 71 // Source-address token is for a different IP address. | |
| 72 SOURCE_ADDRESS_TOKEN_DIFFERENT_IP_ADDRESS_FAILURE = 17, | |
| 73 // The source-address token has a timestamp in the future. | |
| 74 SOURCE_ADDRESS_TOKEN_CLOCK_SKEW_FAILURE = 18, | |
| 75 // The source-address token has expired. | |
| 76 SOURCE_ADDRESS_TOKEN_EXPIRED_FAILURE = 19, | |
| 77 | |
| 78 MAX_FAILURE_REASON, | |
| 79 }; | |
| 80 | |
| 81 // These errors will be packed into an uint32 and we don't want to set the most | |
| 82 // significant bit, which may be misinterpreted as the sign bit. | |
| 83 static_assert(MAX_FAILURE_REASON <= 32, "failure reason out of sync"); | |
| 84 | |
| 85 // A CrypterPair contains the encrypter and decrypter for an encryption level. | |
| 86 struct NET_EXPORT_PRIVATE CrypterPair { | |
| 87 CrypterPair(); | |
| 88 ~CrypterPair(); | |
| 89 scoped_ptr<QuicEncrypter> encrypter; | |
| 90 scoped_ptr<QuicDecrypter> decrypter; | |
| 91 }; | |
| 92 | |
| 93 // Parameters negotiated by the crypto handshake. | |
| 94 struct NET_EXPORT_PRIVATE QuicCryptoNegotiatedParameters { | |
| 95 // Initializes the members to 0 or empty values. | |
| 96 QuicCryptoNegotiatedParameters(); | |
| 97 ~QuicCryptoNegotiatedParameters(); | |
| 98 | |
| 99 QuicTag key_exchange; | |
| 100 QuicTag aead; | |
| 101 std::string initial_premaster_secret; | |
| 102 std::string forward_secure_premaster_secret; | |
| 103 // subkey_secret is used as the PRK input to the HKDF used for key extraction. | |
| 104 std::string subkey_secret; | |
| 105 CrypterPair initial_crypters; | |
| 106 CrypterPair forward_secure_crypters; | |
| 107 // Normalized SNI: converted to lower case and trailing '.' removed. | |
| 108 std::string sni; | |
| 109 std::string client_nonce; | |
| 110 std::string server_nonce; | |
| 111 // hkdf_input_suffix contains the HKDF input following the label: the | |
| 112 // ConnectionId, client hello and server config. This is only populated in the | |
| 113 // client because only the client needs to derive the forward secure keys at a | |
| 114 // later time from the initial keys. | |
| 115 std::string hkdf_input_suffix; | |
| 116 // cached_certs contains the cached certificates that a client used when | |
| 117 // sending a client hello. | |
| 118 std::vector<std::string> cached_certs; | |
| 119 // client_key_exchange is used by clients to store the ephemeral KeyExchange | |
| 120 // for the connection. | |
| 121 scoped_ptr<KeyExchange> client_key_exchange; | |
| 122 // channel_id is set by servers to a ChannelID key when the client correctly | |
| 123 // proves possession of the corresponding private key. It consists of 32 | |
| 124 // bytes of x coordinate, followed by 32 bytes of y coordinate. Both values | |
| 125 // are big-endian and the pair is a P-256 public key. | |
| 126 std::string channel_id; | |
| 127 | |
| 128 // Used when generating proof signature when sending server config updates. | |
| 129 bool x509_ecdsa_supported; | |
| 130 | |
| 131 // Used to generate cert chain when sending server config updates. | |
| 132 std::string client_common_set_hashes; | |
| 133 std::string client_cached_cert_hashes; | |
| 134 }; | |
| 135 | |
| 136 // QuicCryptoConfig contains common configuration between clients and servers. | |
| 137 class NET_EXPORT_PRIVATE QuicCryptoConfig { | |
| 138 public: | |
| 139 // kInitialLabel is a constant that is used when deriving the initial | |
| 140 // (non-forward secure) keys for the connection in order to tie the resulting | |
| 141 // key to this protocol. | |
| 142 static const char kInitialLabel[]; | |
| 143 | |
| 144 // kCETVLabel is a constant that is used when deriving the keys for the | |
| 145 // encrypted tag/value block in the client hello. | |
| 146 static const char kCETVLabel[]; | |
| 147 | |
| 148 // kForwardSecureLabel is a constant that is used when deriving the forward | |
| 149 // secure keys for the connection in order to tie the resulting key to this | |
| 150 // protocol. | |
| 151 static const char kForwardSecureLabel[]; | |
| 152 | |
| 153 QuicCryptoConfig(); | |
| 154 ~QuicCryptoConfig(); | |
| 155 | |
| 156 // Key exchange methods. The following two members' values correspond by | |
| 157 // index. | |
| 158 QuicTagVector kexs; | |
| 159 // Authenticated encryption with associated data (AEAD) algorithms. | |
| 160 QuicTagVector aead; | |
| 161 | |
| 162 const CommonCertSets* common_cert_sets; | |
| 163 | |
| 164 private: | |
| 165 DISALLOW_COPY_AND_ASSIGN(QuicCryptoConfig); | |
| 166 }; | |
| 167 | |
| 168 } // namespace net | |
| 169 | |
| 170 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 992733002:
Remove //net (except for Android test stuff) and sdch (Closed)
Base URL: git@github.com:domokit/mojo.git@master