Google Git
Sign in
quiche/quiche.git/e288f2679caa96318e532644d1c5d8082ceda201^!/.
commit
e288f2679caa96318e532644d1c5d8082ceda201
[log]
author
nharper <nharper@google.com>
Wed Jun 05 13:21:07 2019 -0700
committer
Copybara-Service <copybara-worker@google.com>
Wed Jun 05 21:19:25 2019 -0700
tree
639585e47693c76cc6e00fa14c48f8fa626069c9
parent
40ec3acf2d13d105b12e99ff8e03e5d3fade9261 [diff]
gfe-relnote: Remove more dead Token Binding code in QUIC. Not flag protected.

PiperOrigin-RevId: 251704711
Change-Id: I9307b9d4340fbe6f2261c6298ad916b96295ef7b

diff --git a/quic/core/crypto/crypto_handshake.h b/quic/core/crypto/crypto_handshake.h
index 4608889..424727f 100644
--- a/quic/core/crypto/crypto_handshake.h
+++ b/quic/core/crypto/crypto_handshake.h

@@ -177,10 +177,6 @@
   // Authenticated encryption with associated data (AEAD) algorithms.
   QuicTagVector aead;
 
-  // Supported Token Binding key parameters that can be negotiated in the client
-  // hello.
-  QuicTagVector tb_key_params;
-
   const CommonCertSets* common_cert_sets;
 };
 

diff --git a/quic/core/crypto/crypto_handshake_message.cc b/quic/core/crypto/crypto_handshake_message.cc
index 457d0fb..bf1df2b 100644
--- a/quic/core/crypto/crypto_handshake_message.cc
+++ b/quic/core/crypto/crypto_handshake_message.cc

@@ -286,7 +286,6 @@
           done = true;
         }
         break;
-      case kTBKP:
       case kKEXS:
       case kAEAD:
       case kCOPT:

diff --git a/quic/core/crypto/crypto_protocol.h b/quic/core/crypto/crypto_protocol.h
index e63224a..120e99f 100644
--- a/quic/core/crypto/crypto_protocol.h
+++ b/quic/core/crypto/crypto_protocol.h

@@ -27,7 +27,7 @@
 typedef std::string ServerConfigID;
 
 // The following tags have been deprecated and should not be reused:
-// "BBQ4", "RCID", "SREJ"
+// "BBQ4", "RCID", "SREJ", "TBKP", "TB10"
 
 // clang-format off
 const QuicTag kCHLO = TAG('C', 'H', 'L', 'O');   // Client hello
@@ -237,10 +237,6 @@
                                                  // flow control receive window.
 const QuicTag kUAID = TAG('U', 'A', 'I', 'D');   // Client's User Agent ID.
 const QuicTag kXLCT = TAG('X', 'L', 'C', 'T');   // Expected leaf certificate.
-const QuicTag kTBKP = TAG('T', 'B', 'K', 'P');   // Token Binding key params.
-
-// Token Binding tags
-const QuicTag kTB10 = TAG('T', 'B', '1', '0');   // TB draft 10 with P256.
 
 // Rejection tags
 const QuicTag kRREJ = TAG('R', 'R', 'E', 'J');   // Reasons for server sending

diff --git a/quic/core/crypto/quic_crypto_client_config.cc b/quic/core/crypto/quic_crypto_client_config.cc
index 4fca4bb..c967b17 100644
--- a/quic/core/crypto/quic_crypto_client_config.cc
+++ b/quic/core/crypto/quic_crypto_client_config.cc

@@ -575,24 +575,6 @@
   out->SetVector(kAEAD, QuicTagVector{out_params->aead});
   out->SetVector(kKEXS, QuicTagVector{out_params->key_exchange});
 
-  if (!tb_key_params.empty() && !server_id.privacy_mode_enabled()) {
-    QuicTagVector their_tbkps;
-    switch (scfg->GetTaglist(kTBKP, &their_tbkps)) {
-      case QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND:
-        break;
-      case QUIC_NO_ERROR:
-        if (FindMutualQuicTag(tb_key_params, their_tbkps,
-                              &out_params->token_binding_key_param, nullptr)) {
-          out->SetVector(kTBKP,
-                         QuicTagVector{out_params->token_binding_key_param});
-        }
-        break;
-      default:
-        *error_details = "Invalid TBKP";
-        return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
-    }
-  }
-
   QuicStringPiece public_value;
   if (scfg->GetNthValue24(kPUBS, key_exchange_index, &public_value) !=
       QUIC_NO_ERROR) {

diff --git a/quic/core/crypto/quic_crypto_server_config.cc b/quic/core/crypto/quic_crypto_server_config.cc
index ccf9714..9d70641 100644
--- a/quic/core/crypto/quic_crypto_server_config.cc
+++ b/quic/core/crypto/quic_crypto_server_config.cc

@@ -784,25 +784,6 @@
     return;
   }
 
-  if (!configs.requested->tb_key_params.empty()) {
-    QuicTagVector their_tbkps;
-    switch (context->client_hello().GetTaglist(kTBKP, &their_tbkps)) {
-      case QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND:
-        break;
-      case QUIC_NO_ERROR:
-        if (FindMutualQuicTag(configs.requested->tb_key_params, their_tbkps,
-                              &context->params()->token_binding_key_param,
-                              nullptr)) {
-          break;
-        }
-        QUIC_FALLTHROUGH_INTENDED;
-      default:
-        context->Fail(QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER,
-                      "Invalid Token Binding key parameter");
-        return;
-    }
-  }
-
   QuicStringPiece public_value;
   if (!context->client_hello().GetStringPiece(kPUBS, &public_value)) {
     context->Fail(QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER,
@@ -1604,14 +1585,6 @@
     return nullptr;
   }
 
-  QuicErrorCode err;
-  if ((err = msg->GetTaglist(kTBKP, &config->tb_key_params)) !=
-          QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND &&
-      err != QUIC_NO_ERROR) {
-    QUIC_LOG(WARNING) << "Server config message is missing or has invalid TBKP";
-    return nullptr;
-  }
-
   QuicStringPiece orbit;
   if (!msg->GetStringPiece(kORBT, &orbit)) {
     QUIC_LOG(WARNING) << "Server config message is missing ORBT";