gfe-relnote: In QUIC, split HandshakerDelegateInterface::OnNewKeysAvailable to OnNewDecryptionKeyAvailable and OnNewEncryptionKeyAvailable. Refactoring only, no behavior change, not protected. PiperOrigin-RevId: 294260261 Change-Id: Iaa1e251970b555434833432098af11fbb0d28ebc
diff --git a/quic/core/handshaker_delegate_interface.h b/quic/core/handshaker_delegate_interface.h index 23f2cbd..7e4b125 100644 --- a/quic/core/handshaker_delegate_interface.h +++ b/quic/core/handshaker_delegate_interface.h
@@ -17,12 +17,17 @@ public: virtual ~HandshakerDelegateInterface() {} - // Called when new keys are available. - virtual void OnNewKeysAvailable(EncryptionLevel level, - std::unique_ptr<QuicDecrypter> decrypter, - bool set_alternative_decrypter, - bool latch_once_used, - std::unique_ptr<QuicEncrypter> encrypter) = 0; + // Called when new decryption key of |level| is available. + virtual void OnNewDecryptionKeyAvailable( + EncryptionLevel level, + std::unique_ptr<QuicDecrypter> decrypter, + bool set_alternative_decrypter, + bool latch_once_used) = 0; + + // Called when new encryption key of |level| is available. + virtual void OnNewEncryptionKeyAvailable( + EncryptionLevel level, + std::unique_ptr<QuicEncrypter> encrypter) = 0; // Called to set default encryption level to |level|. virtual void SetDefaultEncryptionLevel(EncryptionLevel level) = 0;
diff --git a/quic/core/quic_crypto_client_handshaker.cc b/quic/core/quic_crypto_client_handshaker.cc index b815dfe..c306323 100644 --- a/quic/core/quic_crypto_client_handshaker.cc +++ b/quic/core/quic_crypto_client_handshaker.cc
@@ -327,12 +327,14 @@ crypto_config_->pad_full_hello()); SendHandshakeMessage(out); // Be prepared to decrypt with the new server write key. - delegate_->OnNewKeysAvailable( + delegate_->OnNewEncryptionKeyAvailable( + ENCRYPTION_ZERO_RTT, + std::move(crypto_negotiated_params_->initial_crypters.encrypter)); + delegate_->OnNewDecryptionKeyAvailable( ENCRYPTION_ZERO_RTT, std::move(crypto_negotiated_params_->initial_crypters.decrypter), /*set_alternative_decrypter=*/true, - /*latch_once_used=*/true, - std::move(crypto_negotiated_params_->initial_crypters.encrypter)); + /*latch_once_used=*/true); encryption_established_ = true; delegate_->SetDefaultEncryptionLevel(ENCRYPTION_ZERO_RTT); } @@ -537,10 +539,12 @@ // has been floated that the server shouldn't send packets encrypted // with the FORWARD_SECURE key until it receives a FORWARD_SECURE // packet from the client. - delegate_->OnNewKeysAvailable( - ENCRYPTION_FORWARD_SECURE, std::move(crypters->decrypter), - /*set_alternative_decrypter=*/true, - /*latch_once_used=*/false, std::move(crypters->encrypter)); + delegate_->OnNewEncryptionKeyAvailable(ENCRYPTION_FORWARD_SECURE, + std::move(crypters->encrypter)); + delegate_->OnNewDecryptionKeyAvailable(ENCRYPTION_FORWARD_SECURE, + std::move(crypters->decrypter), + /*set_alternative_decrypter=*/true, + /*latch_once_used=*/false); one_rtt_keys_available_ = true; delegate_->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE); delegate_->DiscardOldEncryptionKey(ENCRYPTION_INITIAL);
diff --git a/quic/core/quic_crypto_server_handshaker.cc b/quic/core/quic_crypto_server_handshaker.cc index 4b2a7fa..2f1f061 100644 --- a/quic/core/quic_crypto_server_handshaker.cc +++ b/quic/core/quic_crypto_server_handshaker.cc
@@ -200,12 +200,14 @@ // write key. // // NOTE: the SHLO will be encrypted with the new server write key. - delegate_->OnNewKeysAvailable( + delegate_->OnNewEncryptionKeyAvailable( + ENCRYPTION_ZERO_RTT, + std::move(crypto_negotiated_params_->initial_crypters.encrypter)); + delegate_->OnNewDecryptionKeyAvailable( ENCRYPTION_ZERO_RTT, std::move(crypto_negotiated_params_->initial_crypters.decrypter), /*set_alternative_decrypter=*/false, - /*latch_once_used=*/false, - std::move(crypto_negotiated_params_->initial_crypters.encrypter)); + /*latch_once_used=*/false); delegate_->SetDefaultEncryptionLevel(ENCRYPTION_ZERO_RTT); delegate_->DiscardOldDecryptionKey(ENCRYPTION_INITIAL); session()->connection()->SetDiversificationNonce(*diversification_nonce); @@ -213,12 +215,14 @@ session()->connection()->set_fully_pad_crypto_handshake_packets( crypto_config_->pad_shlo()); SendHandshakeMessage(*reply); - delegate_->OnNewKeysAvailable( + delegate_->OnNewEncryptionKeyAvailable( + ENCRYPTION_FORWARD_SECURE, + std::move(crypto_negotiated_params_->forward_secure_crypters.encrypter)); + delegate_->OnNewDecryptionKeyAvailable( ENCRYPTION_FORWARD_SECURE, std::move(crypto_negotiated_params_->forward_secure_crypters.decrypter), /*set_alternative_decrypter=*/true, - /*latch_once_used=*/false, - std::move(crypto_negotiated_params_->forward_secure_crypters.encrypter)); + /*latch_once_used=*/false); encryption_established_ = true; one_rtt_keys_available_ = true; delegate_->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
diff --git a/quic/core/quic_session.cc b/quic/core/quic_session.cc index b63f729..f956e5e 100644 --- a/quic/core/quic_session.cc +++ b/quic/core/quic_session.cc
@@ -1295,13 +1295,14 @@ flow_controller_.UpdateSendWindowOffset(new_window); } -void QuicSession::OnNewKeysAvailable(EncryptionLevel level, - std::unique_ptr<QuicDecrypter> decrypter, - bool set_alternative_decrypter, - bool latch_once_used, - std::unique_ptr<QuicEncrypter> encrypter) { - // Install new keys. - connection()->SetEncrypter(level, std::move(encrypter)); +void QuicSession::OnNewDecryptionKeyAvailable( + EncryptionLevel level, + std::unique_ptr<QuicDecrypter> decrypter, + bool set_alternative_decrypter, + bool latch_once_used) { + // TODO(fayang): Close connection if corresponding encryption key is not + // available. + DCHECK(connection()->framer().HasEncrypterOfEncryptionLevel(level)); if (connection()->version().KnowsWhichDecrypterToUse()) { connection()->InstallDecrypter(level, std::move(decrypter)); return; @@ -1314,6 +1315,12 @@ connection()->SetDecrypter(level, std::move(decrypter)); } +void QuicSession::OnNewEncryptionKeyAvailable( + EncryptionLevel level, + std::unique_ptr<QuicEncrypter> encrypter) { + connection()->SetEncrypter(level, std::move(encrypter)); +} + void QuicSession::SetDefaultEncryptionLevel(EncryptionLevel level) { QUIC_DVLOG(1) << ENDPOINT << "Set default encryption level to " << EncryptionLevelToString(level);
diff --git a/quic/core/quic_session.h b/quic/core/quic_session.h index c6fae2f..57d7605 100644 --- a/quic/core/quic_session.h +++ b/quic/core/quic_session.h
@@ -243,11 +243,13 @@ virtual void OnConfigNegotiated(); // From HandshakerDelegateInterface - void OnNewKeysAvailable(EncryptionLevel level, - std::unique_ptr<QuicDecrypter> decrypter, - bool set_alternative_decrypter, - bool latch_once_used, - std::unique_ptr<QuicEncrypter> encrypter) override; + void OnNewDecryptionKeyAvailable(EncryptionLevel level, + std::unique_ptr<QuicDecrypter> decrypter, + bool set_alternative_decrypter, + bool latch_once_used) override; + void OnNewEncryptionKeyAvailable( + EncryptionLevel level, + std::unique_ptr<QuicEncrypter> encrypter) override; void SetDefaultEncryptionLevel(EncryptionLevel level) override; void DiscardOldDecryptionKey(EncryptionLevel level) override; void DiscardOldEncryptionKey(EncryptionLevel level) override;
diff --git a/quic/core/tls_handshaker.cc b/quic/core/tls_handshaker.cc index c5effc3..aee7133 100644 --- a/quic/core/tls_handshaker.cc +++ b/quic/core/tls_handshaker.cc
@@ -73,10 +73,10 @@ QuicDecrypter::CreateFromCipherSuite( SSL_CIPHER_get_id(SSL_get_pending_cipher(ssl()))); CryptoUtils::SetKeyAndIV(Prf(), read_secret, decrypter.get()); - delegate_->OnNewKeysAvailable(level, std::move(decrypter), - /*set_alternative_decrypter=*/false, - /*latch_once_used=*/false, - std::move(encrypter)); + delegate_->OnNewEncryptionKeyAvailable(level, std::move(encrypter)); + delegate_->OnNewDecryptionKeyAvailable(level, std::move(decrypter), + /*set_alternative_decrypter=*/false, + /*latch_once_used=*/false); } void TlsHandshaker::WriteMessage(EncryptionLevel level,