blob: ffae04b84f0d09a32a01d1626bb5e8eadd7c44f0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_QUIC_QUIC_CRYPTO_STREAM_H_
#define NET_QUIC_QUIC_CRYPTO_STREAM_H_
#include "base/basictypes.h"
#include "net/quic/crypto/crypto_framer.h"
#include "net/quic/crypto/crypto_utils.h"
#include "net/quic/quic_config.h"
#include "net/quic/quic_protocol.h"
#include "net/quic/reliable_quic_stream.h"
namespace net {
class CryptoHandshakeMessage;
class QuicSession;
// Crypto handshake messages in QUIC take place over a reserved
// reliable stream with the id 1. Each endpoint (client and server)
// will allocate an instance of a subclass of QuicCryptoStream
// to send and receive handshake messages. (In the normal 1-RTT
// handshake, the client will send a client hello, CHLO, message.
// The server will receive this message and respond with a server
// hello message, SHLO. At this point both sides will have established
// a crypto context they can use to send encrypted messages.
//
// For more details: http://goto.google.com/quic-crypto
class NET_EXPORT_PRIVATE QuicCryptoStream
: public ReliableQuicStream,
public CryptoFramerVisitorInterface {
public:
explicit QuicCryptoStream(QuicSession* session);
// CryptoFramerVisitorInterface implementation
void OnError(CryptoFramer* framer) override;
void OnHandshakeMessage(const CryptoHandshakeMessage& message) override;
// ReliableQuicStream implementation
void OnDataAvailable() override;
QuicPriority EffectivePriority() const override;
// Sends |message| to the peer.
// TODO(wtc): return a success/failure status.
void SendHandshakeMessage(const CryptoHandshakeMessage& message);
// As above, but registers |delegate| for notification when |message| has been
// ACKed by the peer.
void SendHandshakeMessage(const CryptoHandshakeMessage& message,
QuicAckNotifier::DelegateInterface* delegate);
// Performs key extraction to derive a new secret of |result_len| bytes
// dependent on |label|, |context|, and the stream's negotiated subkey secret.
// Returns false if the handshake has not been confirmed or the parameters are
// invalid (e.g. |label| contains null bytes); returns true on success.
bool ExportKeyingMaterial(base::StringPiece label,
base::StringPiece context,
size_t result_len,
std::string* result) const;
bool encryption_established() const { return encryption_established_; }
bool handshake_confirmed() const { return handshake_confirmed_; }
const QuicCryptoNegotiatedParameters& crypto_negotiated_params() const;
protected:
bool encryption_established_;
bool handshake_confirmed_;
QuicCryptoNegotiatedParameters crypto_negotiated_params_;
private:
CryptoFramer crypto_framer_;
DISALLOW_COPY_AND_ASSIGN(QuicCryptoStream);
};
} // namespace net
#endif // NET_QUIC_QUIC_CRYPTO_STREAM_H_
|