Add quic::ProofSource::TicketCrypter interface
The ProofSource::TicketCrypter interface will be used by
TlsServerHandshaker to encrypt and decrypt session tickets. This is needed
to support TLS session resumption and 0-RTT in QUIC.
gfe-relnote: add unused method to quic::ProofSource interface
PiperOrigin-RevId: 308132437
Change-Id: I1176369e1b3d286d299303aec07d46292fddf982
diff --git a/quic/core/crypto/proof_source.h b/quic/core/crypto/proof_source.h
index e208b94..60829a9 100644
--- a/quic/core/crypto/proof_source.h
+++ b/quic/core/crypto/proof_source.h
@@ -144,6 +144,54 @@
uint16_t signature_algorithm,
quiche::QuicheStringPiece in,
std::unique_ptr<SignatureCallback> callback) = 0;
+
+ class QUIC_EXPORT_PRIVATE DecryptCallback {
+ public:
+ DecryptCallback() = default;
+ virtual ~DecryptCallback() = default;
+
+ virtual void Run(std::vector<uint8_t> plaintext) = 0;
+
+ private:
+ DecryptCallback(const Callback&) = delete;
+ DecryptCallback& operator=(const Callback&) = delete;
+ };
+
+ // TicketCrypter is an interface for managing encryption and decryption of TLS
+ // session tickets. A TicketCrypter gets used as an
+ // SSL_CTX_set_ticket_aead_method in BoringSSL, which has a synchronous
+ // Encrypt/Seal operation and a potentially asynchronous Decrypt/Open
+ // operation. This interface allows for ticket decryptions to be performed on
+ // a remote service.
+ class QUIC_EXPORT_PRIVATE TicketCrypter {
+ public:
+ TicketCrypter() = default;
+ virtual ~TicketCrypter() = default;
+
+ // MaxOverhead returns the maximum number of bytes of overhead that may get
+ // added when encrypting the ticket.
+ virtual size_t MaxOverhead() = 0;
+
+ // Encrypt takes a serialized TLS session ticket in |in|, encrypts it, and
+ // returns the encrypted ticket. The resulting value must not be larger than
+ // MaxOverhead bytes larger than |in|. If encryption fails, this method
+ // returns an empty vector.
+ virtual std::vector<uint8_t> Encrypt(quiche::QuicheStringPiece in) = 0;
+
+ // Decrypt takes an encrypted ticket |in|, decrypts it, and calls
+ // |callback->Run| with the decrypted ticket, which must not be larger than
+ // |in|. If decryption fails, the callback is invoked with an empty
+ // vector.
+ virtual void Decrypt(quiche::QuicheStringPiece in,
+ std::unique_ptr<DecryptCallback> callback) = 0;
+ };
+
+ // Returns the TicketCrypter used for encrypting and decrypting TLS
+ // session tickets, or nullptr if that functionality is not supported. The
+ // TicketCrypter returned (if not nullptr) must be valid for the lifetime of
+ // the ProofSource, and the caller does not take ownership of said
+ // TicketCrypter.
+ virtual TicketCrypter* SessionTicketCrypter() = 0;
};
} // namespace quic
diff --git a/quic/core/quic_crypto_client_handshaker_test.cc b/quic/core/quic_crypto_client_handshaker_test.cc
index 7e941c2..1e49f5f 100644
--- a/quic/core/quic_crypto_client_handshaker_test.cc
+++ b/quic/core/quic_crypto_client_handshaker_test.cc
@@ -99,6 +99,8 @@
std::unique_ptr<SignatureCallback> callback) override {
callback->Run(true, "Dummy signature", /*details=*/nullptr);
}
+
+ TicketCrypter* SessionTicketCrypter() override { return nullptr; }
};
class Handshaker : public QuicCryptoClientHandshaker {
diff --git a/quic/qbone/qbone_session_test.cc b/quic/qbone/qbone_session_test.cc
index 1c8949c..595a0ff 100644
--- a/quic/qbone/qbone_session_test.cc
+++ b/quic/qbone/qbone_session_test.cc
@@ -112,6 +112,8 @@
server_address, hostname, signature_algorithm, in, std::move(callback));
}
+ TicketCrypter* SessionTicketCrypter() override { return nullptr; }
+
private:
std::unique_ptr<ProofSource> proof_source_;
};
diff --git a/quic/quartc/quartc_crypto_helpers.h b/quic/quartc/quartc_crypto_helpers.h
index b1e2e18..31b39a7 100644
--- a/quic/quartc/quartc_crypto_helpers.h
+++ b/quic/quartc/quartc_crypto_helpers.h
@@ -60,6 +60,8 @@
uint16_t signature_algorithm,
quiche::QuicheStringPiece in,
std::unique_ptr<SignatureCallback> callback) override;
+
+ TicketCrypter* SessionTicketCrypter() override { return nullptr; }
};
// Used by QuicCryptoClientConfig to ignore the peer's credentials
diff --git a/quic/test_tools/failing_proof_source.h b/quic/test_tools/failing_proof_source.h
index 36e2398..69a3e7a 100644
--- a/quic/test_tools/failing_proof_source.h
+++ b/quic/test_tools/failing_proof_source.h
@@ -30,6 +30,8 @@
uint16_t signature_algorithm,
quiche::QuicheStringPiece in,
std::unique_ptr<SignatureCallback> callback) override;
+
+ TicketCrypter* SessionTicketCrypter() override { return nullptr; }
};
} // namespace test
diff --git a/quic/test_tools/fake_proof_source.cc b/quic/test_tools/fake_proof_source.cc
index 0d85b5d..032560e 100644
--- a/quic/test_tools/fake_proof_source.cc
+++ b/quic/test_tools/fake_proof_source.cc
@@ -113,6 +113,10 @@
delegate_.get()));
}
+ProofSource::TicketCrypter* FakeProofSource::SessionTicketCrypter() {
+ return delegate_->SessionTicketCrypter();
+}
+
int FakeProofSource::NumPendingCallbacks() const {
return pending_ops_.size();
}
diff --git a/quic/test_tools/fake_proof_source.h b/quic/test_tools/fake_proof_source.h
index 41b761a..ef7669d 100644
--- a/quic/test_tools/fake_proof_source.h
+++ b/quic/test_tools/fake_proof_source.h
@@ -47,6 +47,8 @@
quiche::QuicheStringPiece in,
std::unique_ptr<ProofSource::SignatureCallback> callback) override;
+ TicketCrypter* SessionTicketCrypter() override;
+
// Get the number of callbacks which are pending
int NumPendingCallbacks() const;
