| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ | 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ |
| 6 #define NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ | 6 #define NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| 11 | 11 |
| 12 #include "base/basictypes.h" | 12 #include "base/basictypes.h" |
| 13 #include "base/logging.h" | |
| 14 #include "net/base/net_export.h" | 13 #include "net/base/net_export.h" |
| 15 #include "net/quic/quic_protocol.h" | 14 |
| 16 #include "net/quic/quic_time.h" | 15 // Version and Crypto tags are written to the wire with a big-endian |
| 16 // representation of the name of the tag. For example |
| 17 // the client hello tag (CHLO) will be written as the |
| 18 // following 4 bytes: 'C' 'H' 'L' 'O'. Since it is |
| 19 // stored in memory as a little endian uint32, we need |
| 20 // to reverse the order of the bytes. |
| 21 // |
| 22 // We use a macro to ensure that no static initialisers are created. Use the |
| 23 // QuicTag function in normal code. |
| 24 #define TAG(a, b, c, d) ((d << 24) + (c << 16) + (b << 8) + a) |
| 17 | 25 |
| 18 namespace net { | 26 namespace net { |
| 19 | 27 |
| 20 // CryptoTag is the type of a tag in the wire protocol. | 28 // CryptoTag is the type of a tag in the wire protocol. |
| 21 typedef uint32 CryptoTag; | 29 typedef uint32 CryptoTag; |
| 22 typedef std::string ServerConfigID; | 30 typedef std::string ServerConfigID; |
| 23 typedef std::map<CryptoTag, std::string> CryptoTagValueMap; | 31 typedef std::map<CryptoTag, std::string> CryptoTagValueMap; |
| 24 typedef std::vector<CryptoTag> CryptoTagVector; | 32 typedef std::vector<CryptoTag> CryptoTagVector; |
| 25 | 33 |
| 26 const CryptoTag kCHLO = MAKE_TAG('C', 'H', 'L', 'O'); // Client hello | 34 const CryptoTag kCHLO = TAG('C', 'H', 'L', 'O'); // Client hello |
| 27 const CryptoTag kSHLO = MAKE_TAG('S', 'H', 'L', 'O'); // Server hello | 35 const CryptoTag kSHLO = TAG('S', 'H', 'L', 'O'); // Server hello |
| 28 const CryptoTag kSCFG = MAKE_TAG('S', 'C', 'F', 'G'); // Server config | 36 const CryptoTag kSCFG = TAG('S', 'C', 'F', 'G'); // Server config |
| 29 const CryptoTag kREJ = MAKE_TAG('R', 'E', 'J', '\0'); // Reject | 37 const CryptoTag kREJ = TAG('R', 'E', 'J', '\0'); // Reject |
| 30 | 38 |
| 31 // Key exchange methods | 39 // Key exchange methods |
| 32 const CryptoTag kP256 = MAKE_TAG('P', '2', '5', '6'); // ECDH, Curve P-256 | 40 const CryptoTag kP256 = TAG('P', '2', '5', '6'); // ECDH, Curve P-256 |
| 33 const CryptoTag kC255 = MAKE_TAG('C', '2', '5', '5'); // ECDH, Curve25519 | 41 const CryptoTag kC255 = TAG('C', '2', '5', '5'); // ECDH, Curve25519 |
| 34 | 42 |
| 35 // AEAD algorithms | 43 // AEAD algorithms |
| 36 const CryptoTag kNULL = MAKE_TAG('N', 'U', 'L', 'L'); // null algorithm | 44 const CryptoTag kNULL = TAG('N', 'U', 'L', 'L'); // null algorithm |
| 37 const CryptoTag kAESG = MAKE_TAG('A', 'E', 'S', 'G'); // AES128 + GCM | 45 const CryptoTag kAESG = TAG('A', 'E', 'S', 'G'); // AES128 + GCM |
| 38 | 46 |
| 39 // Congestion control feedback types | 47 // Congestion control feedback types |
| 40 const CryptoTag kQBIC = MAKE_TAG('Q', 'B', 'I', 'C'); // TCP cubic | 48 const CryptoTag kQBIC = TAG('Q', 'B', 'I', 'C'); // TCP cubic |
| 41 const CryptoTag kINAR = MAKE_TAG('I', 'N', 'A', 'R'); // Inter arrival | 49 const CryptoTag kINAR = TAG('I', 'N', 'A', 'R'); // Inter arrival |
| 42 | 50 |
| 43 // Proof types (i.e. certificate types) | 51 // Proof types (i.e. certificate types) |
| 44 const CryptoTag kX509 = MAKE_TAG('X', '5', '0', '9'); // X.509 certificate | 52 const CryptoTag kX509 = TAG('X', '5', '0', '9'); // X.509 certificate |
| 45 | 53 |
| 46 // Client hello tags | 54 // Client hello tags |
| 47 const CryptoTag kVERS = MAKE_TAG('V', 'E', 'R', 'S'); // Version | 55 const CryptoTag kVERS = TAG('V', 'E', 'R', 'S'); // Version |
| 48 const CryptoTag kNONC = MAKE_TAG('N', 'O', 'N', 'C'); // The connection nonce | 56 const CryptoTag kNONC = TAG('N', 'O', 'N', 'C'); // The connection nonce |
| 49 const CryptoTag kSSID = MAKE_TAG('S', 'S', 'I', 'D'); // Session ID | 57 const CryptoTag kSSID = TAG('S', 'S', 'I', 'D'); // Session ID |
| 50 const CryptoTag kKEXS = MAKE_TAG('K', 'E', 'X', 'S'); // Key exchange methods | 58 const CryptoTag kKEXS = TAG('K', 'E', 'X', 'S'); // Key exchange methods |
| 51 const CryptoTag kAEAD = MAKE_TAG('A', 'E', 'A', 'D'); // Authenticated | 59 const CryptoTag kAEAD = TAG('A', 'E', 'A', 'D'); // Authenticated |
| 52 // encryption algorithms | 60 // encryption algorithms |
| 53 const CryptoTag kCGST = MAKE_TAG('C', 'G', 'S', 'T'); // Congestion control | 61 const CryptoTag kCGST = TAG('C', 'G', 'S', 'T'); // Congestion control |
| 54 // feedback types | 62 // feedback types |
| 55 const CryptoTag kICSL = MAKE_TAG('I', 'C', 'S', 'L'); // Idle connection state | 63 const CryptoTag kICSL = TAG('I', 'C', 'S', 'L'); // Idle connection state |
| 56 // lifetime | 64 // lifetime |
| 57 const CryptoTag kKATO = MAKE_TAG('K', 'A', 'T', 'O'); // Keepalive timeout | 65 const CryptoTag kKATO = TAG('K', 'A', 'T', 'O'); // Keepalive timeout |
| 58 const CryptoTag kSNI = MAKE_TAG('S', 'N', 'I', '\0'); // Server name | 66 const CryptoTag kSNI = TAG('S', 'N', 'I', '\0'); // Server name |
| 59 // indication | 67 // indication |
| 60 const CryptoTag kPUBS = MAKE_TAG('P', 'U', 'B', 'S'); // Public key values | 68 const CryptoTag kPUBS = TAG('P', 'U', 'B', 'S'); // Public key values |
| 61 const CryptoTag kSCID = MAKE_TAG('S', 'C', 'I', 'D'); // Server config id | 69 const CryptoTag kSCID = TAG('S', 'C', 'I', 'D'); // Server config id |
| 62 const CryptoTag kSRCT = MAKE_TAG('S', 'R', 'C', 'T'); // Source-address token | 70 const CryptoTag kSRCT = TAG('S', 'R', 'C', 'T'); // Source-address token |
| 63 const CryptoTag kORBT = MAKE_TAG('O', 'B', 'I', 'T'); // Server orbit. | 71 const CryptoTag kORBT = TAG('O', 'B', 'I', 'T'); // Server orbit. |
| 64 const CryptoTag kPDMD = MAKE_TAG('P', 'D', 'M', 'D'); // Proof demand. | 72 const CryptoTag kPDMD = TAG('P', 'D', 'M', 'D'); // Proof demand. |
| 65 const CryptoTag kCERT = MAKE_TAG('C', 'E', 'R', 'T'); // Certificate chain | 73 const CryptoTag kCERT = TAG('C', 'E', 'R', 'T'); // Certificate chain |
| 66 const CryptoTag kPROF = MAKE_TAG('P', 'R', 'O', 'F'); // Proof (signature). | 74 const CryptoTag kPROF = TAG('P', 'R', 'O', 'F'); // Proof (signature). |
| 75 |
| 76 #undef TAG |
| 67 | 77 |
| 68 const size_t kMaxEntries = 16; // Max number of entries in a message. | 78 const size_t kMaxEntries = 16; // Max number of entries in a message. |
| 69 | 79 |
| 70 const size_t kNonceSize = 32; // Size in bytes of the connection nonce. | 80 const size_t kNonceSize = 32; // Size in bytes of the connection nonce. |
| 71 | 81 |
| 72 const size_t kOrbitSize = 8; // Number of bytes in an orbit value. | 82 const size_t kOrbitSize = 8; // Number of bytes in an orbit value. |
| 73 | 83 |
| 84 // kProofSignatureLabel is prepended to server configs before signing to avoid |
| 85 // any cross-protocol attacks on the signature. |
| 86 const char kProofSignatureLabel[] = "QUIC server config signature"; |
| 87 |
| 74 } // namespace net | 88 } // namespace net |
| 75 | 89 |
| 76 #endif // NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ | 90 #endif // NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
