diff options
Diffstat (limited to 'net/quic/crypto/crypto_handshake.h')
| -rw-r--r-- | net/quic/crypto/crypto_handshake.h | 93 |
1 files changed, 91 insertions, 2 deletions
diff --git a/net/quic/crypto/crypto_handshake.h b/net/quic/crypto/crypto_handshake.h index aca4aa0..92f8f9b 100644 --- a/net/quic/crypto/crypto_handshake.h +++ b/net/quic/crypto/crypto_handshake.h @@ -7,7 +7,10 @@ #include <map> #include <string> +#include <vector> +#include "base/memory/scoped_ptr.h" +#include "base/string_piece.h" #include "net/base/net_export.h" #include "net/quic/crypto/crypto_protocol.h" #include "net/quic/crypto/crypto_utils.h" @@ -15,9 +18,84 @@ namespace net { class KeyExchange; +class QuicDecrypter; +class QuicEncrypter; class QuicRandom; class QuicClock; +// An intermediate format of a handshake message that's convenient for a +// CryptoFramer to serialize from or parse into. +struct NET_EXPORT_PRIVATE CryptoHandshakeMessage { + CryptoHandshakeMessage(); + CryptoHandshakeMessage(const CryptoHandshakeMessage& other); + ~CryptoHandshakeMessage(); + + CryptoHandshakeMessage& operator=(const CryptoHandshakeMessage& other); + + // GetSerialized returns the serialized form of this message and caches the + // result. Subsequently altering the message does not invalidate the cache. + const QuicData& GetSerialized() const; + + // SetValue sets an element with the given tag to the raw, memory contents of + // |v|. + template<class T> void SetValue(CryptoTag tag, const T& v) { + tag_value_map[tag] = std::string(reinterpret_cast<const char*>(&v), + sizeof(v)); + } + + // SetVector sets an element with the given tag to the raw contents of an + // array of elements in |v|. + template<class T> void SetVector(CryptoTag tag, const std::vector<T>& v) { + if (v.empty()) { + tag_value_map[tag] = std::string(); + } else { + tag_value_map[tag] = std::string(reinterpret_cast<const char*>(&v[0]), + v.size() * sizeof(T)); + } + } + + // SetTaglist sets an element with the given tag to contain a list of tags, + // passed as varargs. The argument list must be terminated with a 0 element. + void SetTaglist(CryptoTag tag, ...); + + // GetTaglist finds an element with the given tag containing zero or more + // tags. If such a tag doesn't exist, it returns false. Otherwise it sets + // |out_tags| and |out_len| to point to the array of tags and returns true. + // The array points into the CryptoHandshakeMessage and is valid only for as + // long as the CryptoHandshakeMessage exists and is not modified. + QuicErrorCode GetTaglist(CryptoTag tag, const CryptoTag** out_tags, + size_t* out_len) const; + + bool GetStringPiece(CryptoTag tag, base::StringPiece* out) const; + + // GetNthValue16 interprets the value with the given tag to be a series of + // 16-bit length prefixed values and it returns the subvalue with the given + // index. + QuicErrorCode GetNthValue16(CryptoTag tag, + unsigned index, + base::StringPiece* out) const; + bool GetString(CryptoTag tag, std::string* out) const; + QuicErrorCode GetUint16(CryptoTag tag, uint16* out) const; + QuicErrorCode GetUint32(CryptoTag tag, uint32* out) const; + + CryptoTag tag; + CryptoTagValueMap tag_value_map; + + private: + // GetPOD is a utility function for extracting a plain-old-data value. If + // |tag| exists in the message, and has a value of exactly |len| bytes then + // it copies |len| bytes of data into |out|. Otherwise |len| bytes at |out| + // are zeroed out. + // + // If used to copy integers then this assumes that the machine is + // little-endian. + QuicErrorCode GetPOD(CryptoTag tag, void* out, size_t len) const; + + // The serialized form of the handshake message. This member is constructed + // lasily. + mutable scoped_ptr<QuicData> serialized_; +}; + // TODO(rch): sync with server more rationally class NET_EXPORT_PRIVATE QuicServerConfigProtobuf { public: @@ -81,6 +159,8 @@ struct NET_EXPORT_PRIVATE QuicCryptoNegotiatedParams { CryptoTag key_exchange; CryptoTag aead; std::string premaster_secret; + scoped_ptr<QuicEncrypter> encrypter; + scoped_ptr<QuicDecrypter> decrypter; }; // QuicCryptoConfig contains common configuration between clients and servers. @@ -102,7 +182,7 @@ class NET_EXPORT_PRIVATE QuicCryptoConfig { // index. CryptoTagVector kexs; std::vector<KeyExchange*> key_exchanges; - // Authenticated encryption with associated data (AEAD) algorithms + // Authenticated encryption with associated data (AEAD) algorithms. CryptoTagVector aead; private: @@ -113,6 +193,8 @@ class NET_EXPORT_PRIVATE QuicCryptoConfig { // client. class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig { public: + QuicCryptoClientConfig(); + // Sets the members to reasonable, default values. |rand| is used in order to // generate ephemeral ECDH keys. void SetDefaults(QuicRandom* rand); @@ -123,13 +205,17 @@ class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig { const std::string& server_hostname, CryptoHandshakeMessage* out); - // ProcessServerHello processes the tags in |server_hello|, writes the + // ProcessServerHello processes the message in |server_hello|, writes the // negotiated parameters to |out_params| and returns QUIC_NO_ERROR. If // |server_hello| is unacceptable then it puts an error message in // |error_details| and returns an error code. QuicErrorCode ProcessServerHello(const CryptoHandshakeMessage& server_hello, + const std::string& nonce, QuicCryptoNegotiatedParams* out_params, std::string* error_details); + + // The |info| string for the HKDF function. + std::string hkdf_info; }; // QuicCryptoServerConfig contains the crypto configuration of a QUIC server. @@ -171,6 +257,9 @@ class NET_EXPORT_PRIVATE QuicCryptoServerConfig { QuicCryptoNegotiatedParams* out_params, std::string* error_details); + // The |info| string for the HKDF function. + std::string hkdf_info; + private: // Config represents a server config: a collection of preferences and // Diffie-Hellman public values. |