commit d58736db7b79ab31e6dc652c0fa2d6b2f0564881
author fayang <fayang@google.com> Wed Nov 27 13:35:31 2019 -0800
committer Copybara-Service <copybara-worker@google.com> Wed Nov 27 13:36:12 2019 -0800
tree 3d266d883b20b4dfc479c93ad2a1aeefc5d4db10
parent 446887ea229c40427cfbd7b2e00ad259099a4c6a

gfe-relnote: Use HandshakerDelegateInterface in QUIC handshakers. Abstract keys installation, keys discarding, default encryption level change and mark handshake complete to HandshakerDelegateInterface. Protected by gfe2_reloadable_flag_quic_use_handshaker_delegate.

The final goal is remove session pointer from handshakers.

PiperOrigin-RevId: 282826263
Change-Id: I9b379ccfcebd174df1850f7df45069d388460173

quic/core/tls_handshaker.cc

diff --git a/quic/core/tls_handshaker.cc b/quic/core/tls_handshaker.cc
index f2089cd..08b4eb9 100644
--- a/quic/core/tls_handshaker.cc
+++ b/quic/core/tls_handshaker.cc
@@ -16,7 +16,7 @@
 TlsHandshaker::TlsHandshaker(QuicCryptoStream* stream,
                              QuicSession* session,
                              SSL_CTX* /*ssl_ctx*/)
-    : stream_(stream), session_(session) {
+    : stream_(stream), session_(session), delegate_(session) {
   QUIC_BUG_IF(!GetQuicReloadableFlag(quic_supports_tls_handshake))
       << "Attempted to create TLS handshaker when TLS is disabled";
 }
@@ -64,32 +64,22 @@
       SSL_CIPHER_get_prf_nid(SSL_get_pending_cipher(ssl())));
 }
 
-std::unique_ptr<QuicEncrypter> TlsHandshaker::CreateEncrypter(
-    const std::vector<uint8_t>& pp_secret) {
-  std::unique_ptr<QuicEncrypter> encrypter =
-      QuicEncrypter::CreateFromCipherSuite(
-          SSL_CIPHER_get_id(SSL_get_pending_cipher(ssl())));
-  CryptoUtils::SetKeyAndIV(Prf(), pp_secret, encrypter.get());
-  return encrypter;
-}
-
-std::unique_ptr<QuicDecrypter> TlsHandshaker::CreateDecrypter(
-    const std::vector<uint8_t>& pp_secret) {
-  std::unique_ptr<QuicDecrypter> decrypter =
-      QuicDecrypter::CreateFromCipherSuite(
-          SSL_CIPHER_get_id(SSL_get_pending_cipher(ssl())));
-  CryptoUtils::SetKeyAndIV(Prf(), pp_secret, decrypter.get());
-  return decrypter;
-}
-
 void TlsHandshaker::SetEncryptionSecret(
     EncryptionLevel level,
     const std::vector<uint8_t>& read_secret,
     const std::vector<uint8_t>& write_secret) {
-  std::unique_ptr<QuicEncrypter> encrypter = CreateEncrypter(write_secret);
-  session()->connection()->SetEncrypter(level, std::move(encrypter));
-  std::unique_ptr<QuicDecrypter> decrypter = CreateDecrypter(read_secret);
-  session()->connection()->InstallDecrypter(level, std::move(decrypter));
+  std::unique_ptr<QuicEncrypter> encrypter =
+      QuicEncrypter::CreateFromCipherSuite(
+          SSL_CIPHER_get_id(SSL_get_pending_cipher(ssl())));
+  CryptoUtils::SetKeyAndIV(Prf(), write_secret, encrypter.get());
+  std::unique_ptr<QuicDecrypter> decrypter =
+      QuicDecrypter::CreateFromCipherSuite(
+          SSL_CIPHER_get_id(SSL_get_pending_cipher(ssl())));
+  CryptoUtils::SetKeyAndIV(Prf(), read_secret, decrypter.get());
+  delegate_->OnNewKeysAvailable(level, std::move(decrypter),
+                                /*set_alternative_decrypter=*/false,
+                                /*latch_once_used=*/false,
+                                std::move(encrypter));
 }
 
 void TlsHandshaker::WriteMessage(EncryptionLevel level, QuicStringPiece data) {