Google Git
Sign in
quiche/quiche/037c21b6c0f29b853afb36b777fc5db88729685f^!/.
commit
037c21b6c0f29b853afb36b777fc5db88729685f
[log]
author
nharper <nharper@google.com>
Thu Apr 23 14:41:35 2020 -0700
committer
Copybara-Service <copybara-worker@google.com>
Thu Apr 23 14:42:07 2020 -0700
tree
30e7401220819da1d82fa6bfbc03348cbfe78840
parent
817d41bfc4dc5548a35b5a9d3fb505c3963df4af [diff]
Add quic::ProofSource::TicketCrypter interface

The ProofSource::TicketCrypter interface will be used by
TlsServerHandshaker to encrypt and decrypt session tickets. This is needed
to support TLS session resumption and 0-RTT in QUIC.

gfe-relnote: add unused method to quic::ProofSource interface
PiperOrigin-RevId: 308132437
Change-Id: I1176369e1b3d286d299303aec07d46292fddf982

diff --git a/quic/core/crypto/proof_source.h b/quic/core/crypto/proof_source.h
index e208b94..60829a9 100644
--- a/quic/core/crypto/proof_source.h
+++ b/quic/core/crypto/proof_source.h

@@ -144,6 +144,54 @@
       uint16_t signature_algorithm,
       quiche::QuicheStringPiece in,
       std::unique_ptr<SignatureCallback> callback) = 0;
+
+  class QUIC_EXPORT_PRIVATE DecryptCallback {
+   public:
+    DecryptCallback() = default;
+    virtual ~DecryptCallback() = default;
+
+    virtual void Run(std::vector<uint8_t> plaintext) = 0;
+
+   private:
+    DecryptCallback(const Callback&) = delete;
+    DecryptCallback& operator=(const Callback&) = delete;
+  };
+
+  // TicketCrypter is an interface for managing encryption and decryption of TLS
+  // session tickets. A TicketCrypter gets used as an
+  // SSL_CTX_set_ticket_aead_method in BoringSSL, which has a synchronous
+  // Encrypt/Seal operation and a potentially asynchronous Decrypt/Open
+  // operation. This interface allows for ticket decryptions to be performed on
+  // a remote service.
+  class QUIC_EXPORT_PRIVATE TicketCrypter {
+   public:
+    TicketCrypter() = default;
+    virtual ~TicketCrypter() = default;
+
+    // MaxOverhead returns the maximum number of bytes of overhead that may get
+    // added when encrypting the ticket.
+    virtual size_t MaxOverhead() = 0;
+
+    // Encrypt takes a serialized TLS session ticket in |in|, encrypts it, and
+    // returns the encrypted ticket. The resulting value must not be larger than
+    // MaxOverhead bytes larger than |in|. If encryption fails, this method
+    // returns an empty vector.
+    virtual std::vector<uint8_t> Encrypt(quiche::QuicheStringPiece in) = 0;
+
+    // Decrypt takes an encrypted ticket |in|, decrypts it, and calls
+    // |callback->Run| with the decrypted ticket, which must not be larger than
+    // |in|. If decryption fails, the callback is invoked with an empty
+    // vector.
+    virtual void Decrypt(quiche::QuicheStringPiece in,
+                         std::unique_ptr<DecryptCallback> callback) = 0;
+  };
+
+  // Returns the TicketCrypter used for encrypting and decrypting TLS
+  // session tickets, or nullptr if that functionality is not supported. The
+  // TicketCrypter returned (if not nullptr) must be valid for the lifetime of
+  // the ProofSource, and the caller does not take ownership of said
+  // TicketCrypter.
+  virtual TicketCrypter* SessionTicketCrypter() = 0;
 };
 
 }  // namespace quic

diff --git a/quic/core/quic_crypto_client_handshaker_test.cc b/quic/core/quic_crypto_client_handshaker_test.cc
index 7e941c2..1e49f5f 100644
--- a/quic/core/quic_crypto_client_handshaker_test.cc
+++ b/quic/core/quic_crypto_client_handshaker_test.cc

@@ -99,6 +99,8 @@
       std::unique_ptr<SignatureCallback> callback) override {
     callback->Run(true, "Dummy signature", /*details=*/nullptr);
   }
+
+  TicketCrypter* SessionTicketCrypter() override { return nullptr; }
 };
 
 class Handshaker : public QuicCryptoClientHandshaker {

diff --git a/quic/qbone/qbone_session_test.cc b/quic/qbone/qbone_session_test.cc
index 1c8949c..595a0ff 100644
--- a/quic/qbone/qbone_session_test.cc
+++ b/quic/qbone/qbone_session_test.cc

@@ -112,6 +112,8 @@
         server_address, hostname, signature_algorithm, in, std::move(callback));
   }
 
+  TicketCrypter* SessionTicketCrypter() override { return nullptr; }
+
  private:
   std::unique_ptr<ProofSource> proof_source_;
 };

diff --git a/quic/quartc/quartc_crypto_helpers.h b/quic/quartc/quartc_crypto_helpers.h
index b1e2e18..31b39a7 100644
--- a/quic/quartc/quartc_crypto_helpers.h
+++ b/quic/quartc/quartc_crypto_helpers.h

@@ -60,6 +60,8 @@
       uint16_t signature_algorithm,
       quiche::QuicheStringPiece in,
       std::unique_ptr<SignatureCallback> callback) override;
+
+  TicketCrypter* SessionTicketCrypter() override { return nullptr; }
 };
 
 // Used by QuicCryptoClientConfig to ignore the peer's credentials

diff --git a/quic/test_tools/failing_proof_source.h b/quic/test_tools/failing_proof_source.h
index 36e2398..69a3e7a 100644
--- a/quic/test_tools/failing_proof_source.h
+++ b/quic/test_tools/failing_proof_source.h

@@ -30,6 +30,8 @@
       uint16_t signature_algorithm,
       quiche::QuicheStringPiece in,
       std::unique_ptr<SignatureCallback> callback) override;
+
+  TicketCrypter* SessionTicketCrypter() override { return nullptr; }
 };
 
 }  // namespace test

diff --git a/quic/test_tools/fake_proof_source.cc b/quic/test_tools/fake_proof_source.cc
index 0d85b5d..032560e 100644
--- a/quic/test_tools/fake_proof_source.cc
+++ b/quic/test_tools/fake_proof_source.cc

@@ -113,6 +113,10 @@
       delegate_.get()));
 }
 
+ProofSource::TicketCrypter* FakeProofSource::SessionTicketCrypter() {
+  return delegate_->SessionTicketCrypter();
+}
+
 int FakeProofSource::NumPendingCallbacks() const {
   return pending_ops_.size();
 }

diff --git a/quic/test_tools/fake_proof_source.h b/quic/test_tools/fake_proof_source.h
index 41b761a..ef7669d 100644
--- a/quic/test_tools/fake_proof_source.h
+++ b/quic/test_tools/fake_proof_source.h

@@ -47,6 +47,8 @@
       quiche::QuicheStringPiece in,
       std::unique_ptr<ProofSource::SignatureCallback> callback) override;
 
+  TicketCrypter* SessionTicketCrypter() override;
+
   // Get the number of callbacks which are pending
   int NumPendingCallbacks() const;