Split KeyExchange into synchronous and asynchronous variants
As part of the implementation of go/leto-II-design, an asynchronous interface was added to the KeyExchange class, to allow an implementation which would make an RPC to a service holding the private key. This fit awkwardly into the existing code, and we intended it as a short-term patch until we could come up with a better separation of concerns.
This CL improves matters by splitting the KeyExchange class into two. The AsyncKeyExchange interface has only an asynchronous interface. SyncKeyExchange has both synchronous and asynchronous interfaces, with the latter implemented in terms of the former. The existing "local" key-exchange classes inherit from SyncKeyExchange. Handshaking code which may or may not need to talk to Leto uses the AsyncKeyExchange uniformly, but depending on whether Leto is enabled or not, the concrete objects being used might be local or remote.
This CL also removes the "Factory" pattern previously used for creating KeyExchange objects. It required a bunch of boilerplate and provided little benefit.
gfe-relnote: no-op refactoring in the area of QUIC handshakes. No functional change intended, not flag-protected.
PiperOrigin-RevId: 238508479
Change-Id: Ib5ca6ae5afbdcb712c7d2f86a4d272ef168b90f3
diff --git a/quic/core/crypto/p256_key_exchange.cc b/quic/core/crypto/p256_key_exchange.cc
index f56a0aa..1cabc64 100644
--- a/quic/core/crypto/p256_key_exchange.cc
+++ b/quic/core/crypto/p256_key_exchange.cc
@@ -17,23 +17,6 @@
#include "net/third_party/quiche/src/quic/platform/api/quic_ptr_util.h"
namespace quic {
-namespace {
-
-class P256KeyExchangeFactory : public KeyExchange::Factory {
- public:
- P256KeyExchangeFactory() = default;
- ~P256KeyExchangeFactory() override = default;
-
- std::unique_ptr<KeyExchange> Create(QuicRandom* /* rand */) const override {
- // TODO(agl): avoid the serialisation/deserialisation in this function.
- const std::string private_value = P256KeyExchange::NewPrivateKey();
- return P256KeyExchange::New(private_value);
- }
-
- QuicTag tag() const override { return kP256; }
-};
-
-} // namespace
P256KeyExchange::P256KeyExchange(bssl::UniquePtr<EC_KEY> private_key,
const uint8_t* public_key)
@@ -44,6 +27,11 @@
P256KeyExchange::~P256KeyExchange() {}
// static
+std::unique_ptr<P256KeyExchange> P256KeyExchange::New() {
+ return New(P256KeyExchange::NewPrivateKey());
+}
+
+// static
std::unique_ptr<P256KeyExchange> P256KeyExchange::New(QuicStringPiece key) {
if (key.empty()) {
QUIC_DLOG(INFO) << "Private key is empty";
@@ -93,13 +81,8 @@
return std::string(reinterpret_cast<char*>(private_key.get()), key_len);
}
-const KeyExchange::Factory& P256KeyExchange::GetFactory() const {
- static const Factory* factory = new P256KeyExchangeFactory;
- return *factory;
-}
-
-bool P256KeyExchange::CalculateSharedKey(QuicStringPiece peer_public_value,
- std::string* out_result) const {
+bool P256KeyExchange::CalculateSharedKeySync(QuicStringPiece peer_public_value,
+ std::string* shared_key) const {
if (peer_public_value.size() != kUncompressedP256PointBytes) {
QUIC_DLOG(INFO) << "Peer public value is invalid";
return false;
@@ -124,17 +107,10 @@
return false;
}
- out_result->assign(reinterpret_cast<char*>(result), sizeof(result));
+ shared_key->assign(reinterpret_cast<char*>(result), sizeof(result));
return true;
}
-void P256KeyExchange::CalculateSharedKey(
- QuicStringPiece peer_public_value,
- std::string* shared_key,
- std::unique_ptr<Callback> callback) const {
- callback->Run(CalculateSharedKey(peer_public_value, shared_key));
-}
-
QuicStringPiece P256KeyExchange::public_value() const {
return QuicStringPiece(reinterpret_cast<const char*>(public_key_),
sizeof(public_key_));
