Google Git
Sign in
quiche / quiche.git / 923b6d2da8ba8d55e0b6b1c9ff9fb13a115f72d6 / . / quic / core / quic_crypto_server_stream.cc
blob: c651351702eec39f9c66fd3889a3b9bb482655fc [file] [log] [blame]
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]5#include "net/third_party/quiche/src/quic/core/quic_crypto_server_stream.h"
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]6
7#include <memory>
vasilvv872e7a32019-03-12 16:42:44 -0700[diff] [blame]8#include <string>
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]9
10#include "third_party/boringssl/src/include/openssl/sha.h"
bnc4e9283d2019-12-17 07:08:57 -0800[diff] [blame]11#include "net/third_party/quiche/src/common/platform/api/quiche_arraysize.h"
dmcardlecf0bfcf2019-12-13 08:08:21 -0800[diff] [blame]12#include "net/third_party/quiche/src/common/platform/api/quiche_string_piece.h"
13#include "net/third_party/quiche/src/common/platform/api/quiche_text_utils.h"
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]14
15namespace quic {
16
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]17class QuicCryptoServerStream::ProcessClientHelloCallback
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]18 : public ProcessClientHelloResultCallback {
19 public:
20 ProcessClientHelloCallback(
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]21 QuicCryptoServerStream* parent,
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]22 const QuicReferenceCountedPointer<
23 ValidateClientHelloResultCallback::Result>& result)
24 : parent_(parent), result_(result) {}
25
26 void Run(
27 QuicErrorCode error,
vasilvvc48c8712019-03-11 13:38:16 -0700[diff] [blame]28 const std::string& error_details,
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]29 std::unique_ptr<CryptoHandshakeMessage> message,
30 std::unique_ptr<DiversificationNonce> diversification_nonce,
31 std::unique_ptr<ProofSource::Details> proof_source_details) override {
32 if (parent_ == nullptr) {
33 return;
34 }
35
36 parent_->FinishProcessingHandshakeMessageAfterProcessClientHello(
37 *result_, error, error_details, std::move(message),
38 std::move(diversification_nonce), std::move(proof_source_details));
39 }
40
41 void Cancel() { parent_ = nullptr; }
42
43 private:
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]44 QuicCryptoServerStream* parent_;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]45 QuicReferenceCountedPointer<ValidateClientHelloResultCallback::Result>
46 result_;
47};
48
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]49QuicCryptoServerStream::QuicCryptoServerStream(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]50 const QuicCryptoServerConfig* crypto_config,
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]51 QuicCompressedCertsCache* compressed_certs_cache,
52 QuicSession* session,
nharper5f23a2d2020-02-20 10:44:09 -0800[diff] [blame]53 QuicCryptoServerStreamBase::Helper* helper)
nharperbb7d1f32020-02-21 17:20:33 -0800[diff] [blame]54 : QuicCryptoServerStreamBase(session),
55 QuicCryptoHandshaker(this, session),
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]56 session_(session),
fayangd58736d2019-11-27 13:35:31 -0800[diff] [blame]57 delegate_(session),
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]58 crypto_config_(crypto_config),
59 compressed_certs_cache_(compressed_certs_cache),
60 signed_config_(new QuicSignedServerConfig),
61 helper_(helper),
62 num_handshake_messages_(0),
63 num_handshake_messages_with_server_nonces_(0),
64 send_server_config_update_cb_(nullptr),
65 num_server_config_update_messages_sent_(0),
66 zero_rtt_attempted_(false),
67 chlo_packet_size_(0),
68 validate_client_hello_cb_(nullptr),
69 process_client_hello_cb_(nullptr),
70 encryption_established_(false),
fayang685367a2020-01-14 10:40:15 -0800[diff] [blame]71 one_rtt_keys_available_(false),
fayang9a863cf2020-01-16 14:12:11 -0800[diff] [blame]72 one_rtt_packet_decrypted_(false),
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]73 crypto_negotiated_params_(new QuicCryptoNegotiatedParameters) {}
74
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]75QuicCryptoServerStream::~QuicCryptoServerStream() {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]76 CancelOutstandingCallbacks();
77}
78
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]79void QuicCryptoServerStream::CancelOutstandingCallbacks() {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]80 // Detach from the validation callback. Calling this multiple times is safe.
81 if (validate_client_hello_cb_ != nullptr) {
82 validate_client_hello_cb_->Cancel();
83 validate_client_hello_cb_ = nullptr;
84 }
85 if (send_server_config_update_cb_ != nullptr) {
86 send_server_config_update_cb_->Cancel();
87 send_server_config_update_cb_ = nullptr;
88 }
89 if (process_client_hello_cb_ != nullptr) {
90 process_client_hello_cb_->Cancel();
91 process_client_hello_cb_ = nullptr;
92 }
93}
94
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]95void QuicCryptoServerStream::OnHandshakeMessage(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]96 const CryptoHandshakeMessage& message) {
97 QuicCryptoHandshaker::OnHandshakeMessage(message);
98 ++num_handshake_messages_;
99 chlo_packet_size_ = session()->connection()->GetCurrentPacket().length();
100
101 // Do not process handshake messages after the handshake is confirmed.
fayang685367a2020-01-14 10:40:15 -0800[diff] [blame]102 if (one_rtt_keys_available_) {
nharperbb7d1f32020-02-21 17:20:33 -0800[diff] [blame]103 OnUnrecoverableError(QUIC_CRYPTO_MESSAGE_AFTER_HANDSHAKE_COMPLETE,
104 "Unexpected handshake message from client");
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]105 return;
106 }
107
108 if (message.tag() != kCHLO) {
nharperbb7d1f32020-02-21 17:20:33 -0800[diff] [blame]109 OnUnrecoverableError(QUIC_INVALID_CRYPTO_MESSAGE_TYPE,
110 "Handshake packet not CHLO");
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]111 return;
112 }
113
114 if (validate_client_hello_cb_ != nullptr ||
115 process_client_hello_cb_ != nullptr) {
116 // Already processing some other handshake message. The protocol
117 // does not allow for clients to send multiple handshake messages
118 // before the server has a chance to respond.
nharperbb7d1f32020-02-21 17:20:33 -0800[diff] [blame]119 OnUnrecoverableError(QUIC_CRYPTO_MESSAGE_WHILE_VALIDATING_CLIENT_HELLO,
120 "Unexpected handshake message while processing CHLO");
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]121 return;
122 }
123
QUICHE team84910bd2019-03-15 07:03:40 -0700[diff] [blame]124 chlo_hash_ =
125 CryptoUtils::HashHandshakeMessage(message, Perspective::IS_SERVER);
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]126
127 std::unique_ptr<ValidateCallback> cb(new ValidateCallback(this));
128 DCHECK(validate_client_hello_cb_ == nullptr);
129 DCHECK(process_client_hello_cb_ == nullptr);
130 validate_client_hello_cb_ = cb.get();
131 crypto_config_->ValidateClientHello(
132 message, GetClientAddress().host(),
133 session()->connection()->self_address(), transport_version(),
134 session()->connection()->clock(), signed_config_, std::move(cb));
135}
136
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]137void QuicCryptoServerStream::FinishProcessingHandshakeMessage(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]138 QuicReferenceCountedPointer<ValidateClientHelloResultCallback::Result>
139 result,
140 std::unique_ptr<ProofSource::Details> details) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]141 // Clear the callback that got us here.
142 DCHECK(validate_client_hello_cb_ != nullptr);
143 DCHECK(process_client_hello_cb_ == nullptr);
144 validate_client_hello_cb_ = nullptr;
145
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]146 std::unique_ptr<ProcessClientHelloCallback> cb(
147 new ProcessClientHelloCallback(this, result));
148 process_client_hello_cb_ = cb.get();
149 ProcessClientHello(result, std::move(details), std::move(cb));
150}
151
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]152void QuicCryptoServerStream::
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]153 FinishProcessingHandshakeMessageAfterProcessClientHello(
154 const ValidateClientHelloResultCallback::Result& result,
155 QuicErrorCode error,
vasilvvc48c8712019-03-11 13:38:16 -0700[diff] [blame]156 const std::string& error_details,
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]157 std::unique_ptr<CryptoHandshakeMessage> reply,
158 std::unique_ptr<DiversificationNonce> diversification_nonce,
dschinazi17d42422019-06-18 16:35:07 -0700[diff] [blame]159 std::unique_ptr<ProofSource::Details> /*proof_source_details*/) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]160 // Clear the callback that got us here.
161 DCHECK(process_client_hello_cb_ != nullptr);
162 DCHECK(validate_client_hello_cb_ == nullptr);
163 process_client_hello_cb_ = nullptr;
164
165 const CryptoHandshakeMessage& message = result.client_hello;
166 if (error != QUIC_NO_ERROR) {
nharperbb7d1f32020-02-21 17:20:33 -0800[diff] [blame]167 OnUnrecoverableError(error, error_details);
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]168 return;
169 }
170
171 if (reply->tag() != kSHLO) {
nharper3907ac22019-09-25 15:32:28 -0700[diff] [blame]172 session()->connection()->set_fully_pad_crypto_handshake_packets(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]173 crypto_config_->pad_rej());
174 SendHandshakeMessage(*reply);
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]175 return;
176 }
177
178 // If we are returning a SHLO then we accepted the handshake. Now
179 // process the negotiated configuration options as part of the
180 // session config.
181 QuicConfig* config = session()->config();
182 OverrideQuicConfigDefaults(config);
vasilvvc48c8712019-03-11 13:38:16 -0700[diff] [blame]183 std::string process_error_details;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]184 const QuicErrorCode process_error =
185 config->ProcessPeerHello(message, CLIENT, &process_error_details);
186 if (process_error != QUIC_NO_ERROR) {
nharperbb7d1f32020-02-21 17:20:33 -0800[diff] [blame]187 OnUnrecoverableError(process_error, process_error_details);
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]188 return;
189 }
190
191 session()->OnConfigNegotiated();
192
fkastenholzd3a1de92019-05-15 07:00:07 -0700[diff] [blame]193 config->ToHandshakeMessage(reply.get(), session()->transport_version());
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]194
195 // Receiving a full CHLO implies the client is prepared to decrypt with
196 // the new server write key. We can start to encrypt with the new server
197 // write key.
198 //
199 // NOTE: the SHLO will be encrypted with the new server write key.
fayang3f7bcbe2020-02-10 11:08:47 -0800[diff] [blame]200 delegate_->OnNewEncryptionKeyAvailable(
201 ENCRYPTION_ZERO_RTT,
202 std::move(crypto_negotiated_params_->initial_crypters.encrypter));
203 delegate_->OnNewDecryptionKeyAvailable(
fayangd96ecda2020-02-03 08:45:18 -0800[diff] [blame]204 ENCRYPTION_ZERO_RTT,
205 std::move(crypto_negotiated_params_->initial_crypters.decrypter),
206 /*set_alternative_decrypter=*/false,
fayang3f7bcbe2020-02-10 11:08:47 -0800[diff] [blame]207 /*latch_once_used=*/false);
fayangd96ecda2020-02-03 08:45:18 -0800[diff] [blame]208 delegate_->SetDefaultEncryptionLevel(ENCRYPTION_ZERO_RTT);
209 delegate_->DiscardOldDecryptionKey(ENCRYPTION_INITIAL);
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]210 session()->connection()->SetDiversificationNonce(*diversification_nonce);
211
nharper3907ac22019-09-25 15:32:28 -0700[diff] [blame]212 session()->connection()->set_fully_pad_crypto_handshake_packets(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]213 crypto_config_->pad_shlo());
214 SendHandshakeMessage(*reply);
fayang3f7bcbe2020-02-10 11:08:47 -0800[diff] [blame]215 delegate_->OnNewEncryptionKeyAvailable(
216 ENCRYPTION_FORWARD_SECURE,
217 std::move(crypto_negotiated_params_->forward_secure_crypters.encrypter));
218 delegate_->OnNewDecryptionKeyAvailable(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]219 ENCRYPTION_FORWARD_SECURE,
fayangd96ecda2020-02-03 08:45:18 -0800[diff] [blame]220 std::move(crypto_negotiated_params_->forward_secure_crypters.decrypter),
221 /*set_alternative_decrypter=*/true,
fayang3f7bcbe2020-02-10 11:08:47 -0800[diff] [blame]222 /*latch_once_used=*/false);
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]223 encryption_established_ = true;
fayang685367a2020-01-14 10:40:15 -0800[diff] [blame]224 one_rtt_keys_available_ = true;
fayangd96ecda2020-02-03 08:45:18 -0800[diff] [blame]225 delegate_->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
226 delegate_->DiscardOldEncryptionKey(ENCRYPTION_INITIAL);
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]227}
228
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]229void QuicCryptoServerStream::SendServerConfigUpdate(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]230 const CachedNetworkParameters* cached_network_params) {
fayang685367a2020-01-14 10:40:15 -0800[diff] [blame]231 if (!one_rtt_keys_available_) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]232 return;
233 }
234
235 if (send_server_config_update_cb_ != nullptr) {
236 QUIC_DVLOG(1)
237 << "Skipped server config update since one is already in progress";
238 return;
239 }
240
241 std::unique_ptr<SendServerConfigUpdateCallback> cb(
242 new SendServerConfigUpdateCallback(this));
243 send_server_config_update_cb_ = cb.get();
244
245 crypto_config_->BuildServerConfigUpdateMessage(
renjietangd1d00852019-09-06 10:43:12 -0700[diff] [blame]246 session()->transport_version(), chlo_hash_,
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]247 previous_source_address_tokens_, session()->connection()->self_address(),
248 GetClientAddress().host(), session()->connection()->clock(),
249 session()->connection()->random_generator(), compressed_certs_cache_,
250 *crypto_negotiated_params_, cached_network_params, std::move(cb));
251}
252
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]253QuicCryptoServerStream::SendServerConfigUpdateCallback::
254 SendServerConfigUpdateCallback(QuicCryptoServerStream* parent)
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]255 : parent_(parent) {}
256
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]257void QuicCryptoServerStream::SendServerConfigUpdateCallback::Cancel() {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]258 parent_ = nullptr;
259}
260
261// From BuildServerConfigUpdateMessageResultCallback
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]262void QuicCryptoServerStream::SendServerConfigUpdateCallback::Run(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]263 bool ok,
264 const CryptoHandshakeMessage& message) {
265 if (parent_ == nullptr) {
266 return;
267 }
268 parent_->FinishSendServerConfigUpdate(ok, message);
269}
270
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]271void QuicCryptoServerStream::FinishSendServerConfigUpdate(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]272 bool ok,
273 const CryptoHandshakeMessage& message) {
274 // Clear the callback that got us here.
275 DCHECK(send_server_config_update_cb_ != nullptr);
276 send_server_config_update_cb_ = nullptr;
277
278 if (!ok) {
279 QUIC_DVLOG(1) << "Server: Failed to build server config update (SCUP)!";
280 return;
281 }
282
283 QUIC_DVLOG(1) << "Server: Sending server config update: "
284 << message.DebugString();
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]285 if (!QuicVersionUsesCryptoFrames(transport_version())) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]286 const QuicData& data = message.GetSerialized();
nharperbb7d1f32020-02-21 17:20:33 -0800[diff] [blame]287 WriteOrBufferData(quiche::QuicheStringPiece(data.data(), data.length()),
288 false, nullptr);
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]289 } else {
290 SendHandshakeMessage(message);
291 }
292
293 ++num_server_config_update_messages_sent_;
294}
295
fayang6098a0a2020-03-13 15:32:10 -0700[diff] [blame]296bool QuicCryptoServerStream::IsZeroRtt() const {
297 return num_handshake_messages_ == 1 &&
298 num_handshake_messages_with_server_nonces_ == 0;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]299}
300
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]301int QuicCryptoServerStream::NumServerConfigUpdateMessagesSent() const {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]302 return num_server_config_update_messages_sent_;
303}
304
305const CachedNetworkParameters*
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]306QuicCryptoServerStream::PreviousCachedNetworkParams() const {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]307 return previous_cached_network_params_.get();
308}
309
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]310bool QuicCryptoServerStream::ZeroRttAttempted() const {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]311 return zero_rtt_attempted_;
312}
313
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]314void QuicCryptoServerStream::SetPreviousCachedNetworkParams(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]315 CachedNetworkParameters cached_network_params) {
316 previous_cached_network_params_.reset(
317 new CachedNetworkParameters(cached_network_params));
318}
319
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]320void QuicCryptoServerStream::OnPacketDecrypted(EncryptionLevel level) {
fayangd58736d2019-11-27 13:35:31 -0800[diff] [blame]321 if (level == ENCRYPTION_FORWARD_SECURE) {
fayang9a863cf2020-01-16 14:12:11 -0800[diff] [blame]322 one_rtt_packet_decrypted_ = true;
fayangd58736d2019-11-27 13:35:31 -0800[diff] [blame]323 delegate_->NeuterHandshakeData();
324 }
325}
326
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]327void QuicCryptoServerStream::OnHandshakeDoneReceived() {
nharperbb7d1f32020-02-21 17:20:33 -0800[diff] [blame]328 DCHECK(false);
329}
330
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]331bool QuicCryptoServerStream::ShouldSendExpectCTHeader() const {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]332 return signed_config_->proof.send_expect_ct_header;
333}
334
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]335bool QuicCryptoServerStream::GetBase64SHA256ClientChannelID(
vasilvvc48c8712019-03-11 13:38:16 -0700[diff] [blame]336 std::string* output) const {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]337 if (!encryption_established() ||
338 crypto_negotiated_params_->channel_id.empty()) {
339 return false;
340 }
341
vasilvvc48c8712019-03-11 13:38:16 -0700[diff] [blame]342 const std::string& channel_id(crypto_negotiated_params_->channel_id);
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]343 uint8_t digest[SHA256_DIGEST_LENGTH];
344 SHA256(reinterpret_cast<const uint8_t*>(channel_id.data()), channel_id.size(),
345 digest);
346
bnc4e9283d2019-12-17 07:08:57 -0800[diff] [blame]347 quiche::QuicheTextUtils::Base64Encode(digest, QUICHE_ARRAYSIZE(digest),
348 output);
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]349 return true;
350}
351
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]352bool QuicCryptoServerStream::encryption_established() const {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]353 return encryption_established_;
354}
355
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]356bool QuicCryptoServerStream::one_rtt_keys_available() const {
fayang685367a2020-01-14 10:40:15 -0800[diff] [blame]357 return one_rtt_keys_available_;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]358}
359
360const QuicCryptoNegotiatedParameters&
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]361QuicCryptoServerStream::crypto_negotiated_params() const {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]362 return *crypto_negotiated_params_;
363}
364
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]365CryptoMessageParser* QuicCryptoServerStream::crypto_message_parser() {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]366 return QuicCryptoHandshaker::crypto_message_parser();
367}
368
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]369HandshakeState QuicCryptoServerStream::GetHandshakeState() const {
fayang9a863cf2020-01-16 14:12:11 -0800[diff] [blame]370 return one_rtt_packet_decrypted_ ? HANDSHAKE_COMPLETE : HANDSHAKE_START;
371}
372
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]373size_t QuicCryptoServerStream::BufferSizeLimitForLevel(
nharper486a8a92019-08-28 16:25:10 -0700[diff] [blame]374 EncryptionLevel level) const {
375 return QuicCryptoHandshaker::BufferSizeLimitForLevel(level);
376}
377
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]378void QuicCryptoServerStream::ProcessClientHello(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]379 QuicReferenceCountedPointer<ValidateClientHelloResultCallback::Result>
380 result,
dschinazi17d42422019-06-18 16:35:07 -0700[diff] [blame]381 std::unique_ptr<ProofSource::Details> /*proof_source_details*/,
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]382 std::unique_ptr<ProcessClientHelloResultCallback> done_cb) {
383 const CryptoHandshakeMessage& message = result->client_hello;
vasilvvc48c8712019-03-11 13:38:16 -0700[diff] [blame]384 std::string error_details;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]385 if (!helper_->CanAcceptClientHello(
386 message, GetClientAddress(), session()->connection()->peer_address(),
387 session()->connection()->self_address(), &error_details)) {
388 done_cb->Run(QUIC_HANDSHAKE_FAILED, error_details, nullptr, nullptr,
389 nullptr);
390 return;
391 }
392 if (!result->info.server_nonce.empty()) {
393 ++num_handshake_messages_with_server_nonces_;
394 }
395
396 if (num_handshake_messages_ == 1) {
397 // Client attempts zero RTT handshake by sending a non-inchoate CHLO.
dmcardlecf0bfcf2019-12-13 08:08:21 -0800[diff] [blame]398 quiche::QuicheStringPiece public_value;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]399 zero_rtt_attempted_ = message.GetStringPiece(kPUBS, &public_value);
400 }
401
402 // Store the bandwidth estimate from the client.
403 if (result->cached_network_params.bandwidth_estimate_bytes_per_second() > 0) {
404 previous_cached_network_params_.reset(
405 new CachedNetworkParameters(result->cached_network_params));
406 }
407 previous_source_address_tokens_ = result->info.source_address_tokens;
408
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]409 QuicConnection* connection = session()->connection();
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]410 crypto_config_->ProcessClientHello(
411 result, /*reject_only=*/false, connection->connection_id(),
412 connection->self_address(), GetClientAddress(), connection->version(),
wubecf9bd82019-06-05 04:57:02 -0700[diff] [blame]413 session()->supported_versions(), connection->clock(),
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]414 connection->random_generator(), compressed_certs_cache_,
415 crypto_negotiated_params_, signed_config_,
416 QuicCryptoStream::CryptoMessageFramingOverhead(
417 transport_version(), connection->connection_id()),
418 chlo_packet_size_, std::move(done_cb));
419}
420
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]421void QuicCryptoServerStream::OverrideQuicConfigDefaults(
dschinazi17d42422019-06-18 16:35:07 -0700[diff] [blame]422 QuicConfig* /*config*/) {}
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]423
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]424QuicCryptoServerStream::ValidateCallback::ValidateCallback(
425 QuicCryptoServerStream* parent)
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]426 : parent_(parent) {}
427
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]428void QuicCryptoServerStream::ValidateCallback::Cancel() {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]429 parent_ = nullptr;
430}
431
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]432void QuicCryptoServerStream::ValidateCallback::Run(
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]433 QuicReferenceCountedPointer<Result> result,
434 std::unique_ptr<ProofSource::Details> details) {
435 if (parent_ != nullptr) {
436 parent_->FinishProcessingHandshakeMessage(std::move(result),
437 std::move(details));
438 }
439}
440
nharper21a32492020-02-28 12:53:17 -0800[diff] [blame]441const QuicSocketAddress QuicCryptoServerStream::GetClientAddress() {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]442 return session()->connection()->peer_address();
443}
444
445} // namespace quic