| Index: net/quic/crypto/crypto_handshake.h
|
| diff --git a/net/quic/crypto/crypto_handshake.h b/net/quic/crypto/crypto_handshake.h
|
| index aca4aa03c9dc3afcfad704a23f42350901c54a85..92f8f9b603af78113870a83c297e11a96c62550a 100644
|
| --- a/net/quic/crypto/crypto_handshake.h
|
| +++ b/net/quic/crypto/crypto_handshake.h
|
| @@ -7,7 +7,10 @@
|
|
|
| #include <map>
|
| #include <string>
|
| +#include <vector>
|
|
|
| +#include "base/memory/scoped_ptr.h"
|
| +#include "base/string_piece.h"
|
| #include "net/base/net_export.h"
|
| #include "net/quic/crypto/crypto_protocol.h"
|
| #include "net/quic/crypto/crypto_utils.h"
|
| @@ -15,9 +18,84 @@
|
| namespace net {
|
|
|
| class KeyExchange;
|
| +class QuicDecrypter;
|
| +class QuicEncrypter;
|
| class QuicRandom;
|
| class QuicClock;
|
|
|
| +// An intermediate format of a handshake message that's convenient for a
|
| +// CryptoFramer to serialize from or parse into.
|
| +struct NET_EXPORT_PRIVATE CryptoHandshakeMessage {
|
| + CryptoHandshakeMessage();
|
| + CryptoHandshakeMessage(const CryptoHandshakeMessage& other);
|
| + ~CryptoHandshakeMessage();
|
| +
|
| + CryptoHandshakeMessage& operator=(const CryptoHandshakeMessage& other);
|
| +
|
| + // GetSerialized returns the serialized form of this message and caches the
|
| + // result. Subsequently altering the message does not invalidate the cache.
|
| + const QuicData& GetSerialized() const;
|
| +
|
| + // SetValue sets an element with the given tag to the raw, memory contents of
|
| + // |v|.
|
| + template<class T> void SetValue(CryptoTag tag, const T& v) {
|
| + tag_value_map[tag] = std::string(reinterpret_cast<const char*>(&v),
|
| + sizeof(v));
|
| + }
|
| +
|
| + // SetVector sets an element with the given tag to the raw contents of an
|
| + // array of elements in |v|.
|
| + template<class T> void SetVector(CryptoTag tag, const std::vector<T>& v) {
|
| + if (v.empty()) {
|
| + tag_value_map[tag] = std::string();
|
| + } else {
|
| + tag_value_map[tag] = std::string(reinterpret_cast<const char*>(&v[0]),
|
| + v.size() * sizeof(T));
|
| + }
|
| + }
|
| +
|
| + // SetTaglist sets an element with the given tag to contain a list of tags,
|
| + // passed as varargs. The argument list must be terminated with a 0 element.
|
| + void SetTaglist(CryptoTag tag, ...);
|
| +
|
| + // GetTaglist finds an element with the given tag containing zero or more
|
| + // tags. If such a tag doesn't exist, it returns false. Otherwise it sets
|
| + // |out_tags| and |out_len| to point to the array of tags and returns true.
|
| + // The array points into the CryptoHandshakeMessage and is valid only for as
|
| + // long as the CryptoHandshakeMessage exists and is not modified.
|
| + QuicErrorCode GetTaglist(CryptoTag tag, const CryptoTag** out_tags,
|
| + size_t* out_len) const;
|
| +
|
| + bool GetStringPiece(CryptoTag tag, base::StringPiece* out) const;
|
| +
|
| + // GetNthValue16 interprets the value with the given tag to be a series of
|
| + // 16-bit length prefixed values and it returns the subvalue with the given
|
| + // index.
|
| + QuicErrorCode GetNthValue16(CryptoTag tag,
|
| + unsigned index,
|
| + base::StringPiece* out) const;
|
| + bool GetString(CryptoTag tag, std::string* out) const;
|
| + QuicErrorCode GetUint16(CryptoTag tag, uint16* out) const;
|
| + QuicErrorCode GetUint32(CryptoTag tag, uint32* out) const;
|
| +
|
| + CryptoTag tag;
|
| + CryptoTagValueMap tag_value_map;
|
| +
|
| + private:
|
| + // GetPOD is a utility function for extracting a plain-old-data value. If
|
| + // |tag| exists in the message, and has a value of exactly |len| bytes then
|
| + // it copies |len| bytes of data into |out|. Otherwise |len| bytes at |out|
|
| + // are zeroed out.
|
| + //
|
| + // If used to copy integers then this assumes that the machine is
|
| + // little-endian.
|
| + QuicErrorCode GetPOD(CryptoTag tag, void* out, size_t len) const;
|
| +
|
| + // The serialized form of the handshake message. This member is constructed
|
| + // lasily.
|
| + mutable scoped_ptr<QuicData> serialized_;
|
| +};
|
| +
|
| // TODO(rch): sync with server more rationally
|
| class NET_EXPORT_PRIVATE QuicServerConfigProtobuf {
|
| public:
|
| @@ -81,6 +159,8 @@ struct NET_EXPORT_PRIVATE QuicCryptoNegotiatedParams {
|
| CryptoTag key_exchange;
|
| CryptoTag aead;
|
| std::string premaster_secret;
|
| + scoped_ptr<QuicEncrypter> encrypter;
|
| + scoped_ptr<QuicDecrypter> decrypter;
|
| };
|
|
|
| // QuicCryptoConfig contains common configuration between clients and servers.
|
| @@ -102,7 +182,7 @@ class NET_EXPORT_PRIVATE QuicCryptoConfig {
|
| // index.
|
| CryptoTagVector kexs;
|
| std::vector<KeyExchange*> key_exchanges;
|
| - // Authenticated encryption with associated data (AEAD) algorithms
|
| + // Authenticated encryption with associated data (AEAD) algorithms.
|
| CryptoTagVector aead;
|
|
|
| private:
|
| @@ -113,6 +193,8 @@ class NET_EXPORT_PRIVATE QuicCryptoConfig {
|
| // client.
|
| class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig {
|
| public:
|
| + QuicCryptoClientConfig();
|
| +
|
| // Sets the members to reasonable, default values. |rand| is used in order to
|
| // generate ephemeral ECDH keys.
|
| void SetDefaults(QuicRandom* rand);
|
| @@ -123,13 +205,17 @@ class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig {
|
| const std::string& server_hostname,
|
| CryptoHandshakeMessage* out);
|
|
|
| - // ProcessServerHello processes the tags in |server_hello|, writes the
|
| + // ProcessServerHello processes the message in |server_hello|, writes the
|
| // negotiated parameters to |out_params| and returns QUIC_NO_ERROR. If
|
| // |server_hello| is unacceptable then it puts an error message in
|
| // |error_details| and returns an error code.
|
| QuicErrorCode ProcessServerHello(const CryptoHandshakeMessage& server_hello,
|
| + const std::string& nonce,
|
| QuicCryptoNegotiatedParams* out_params,
|
| std::string* error_details);
|
| +
|
| + // The |info| string for the HKDF function.
|
| + std::string hkdf_info;
|
| };
|
|
|
| // QuicCryptoServerConfig contains the crypto configuration of a QUIC server.
|
| @@ -171,6 +257,9 @@ class NET_EXPORT_PRIVATE QuicCryptoServerConfig {
|
| QuicCryptoNegotiatedParams* out_params,
|
| std::string* error_details);
|
|
|
| + // The |info| string for the HKDF function.
|
| + std::string hkdf_info;
|
| +
|
| private:
|
| // Config represents a server config: a collection of preferences and
|
| // Diffie-Hellman public values.
|
|
|
Chromium Code Reviews
