commit 2d483ad845f1085195cf71a4f18ffa1861bdd4fd
author QUICHE team <quiche-dev@google.com> Fri Jan 24 15:14:17 2020 -0800
committer Copybara-Service <copybara-worker@google.com> Fri Jan 24 15:14:54 2020 -0800
tree aadb77a431418271c971793621d0928a38f7f3dd
parent 3a72e2fbe28154a596b9a795b599970ab2abcd08

Add a ProofSource to QuicCryptoClientConfig.

When set, this proof source will be used to respond to client certificate
requests.

This change adds the setting to the client config but does not implement it.

See go/quic-tls-client-certificates for more details.

gfe-relnote: no behavior change (client-only, new settings are unused)
PiperOrigin-RevId: 291452950
Change-Id: I38d989f5d973b761a5b773a6b0f88407810a6ad9

quic/core/crypto/quic_crypto_client_config.cc

diff --git a/quic/core/crypto/quic_crypto_client_config.cc b/quic/core/crypto/quic_crypto_client_config.cc
index 06dd8b6..7f8edc2 100644
--- a/quic/core/crypto/quic_crypto_client_config.cc
+++ b/quic/core/crypto/quic_crypto_client_config.cc
@@ -859,6 +859,15 @@
   return session_cache_.get();
 }
 
+ProofSource* QuicCryptoClientConfig::proof_source() const {
+  return proof_source_.get();
+}
+
+void QuicCryptoClientConfig::set_proof_source(
+    std::unique_ptr<ProofSource> proof_source) {
+  proof_source_ = std::move(proof_source);
+}
+
 SSL_CTX* QuicCryptoClientConfig::ssl_ctx() const {
   return ssl_ctx_.get();
 }

quic/core/crypto/quic_crypto_client_config.h

diff --git a/quic/core/crypto/quic_crypto_client_config.h b/quic/core/crypto/quic_crypto_client_config.h
index fa96902..e4f7061 100644
--- a/quic/core/crypto/quic_crypto_client_config.h
+++ b/quic/core/crypto/quic_crypto_client_config.h
@@ -15,6 +15,7 @@
 #include "third_party/boringssl/src/include/openssl/ssl.h"
 #include "net/third_party/quiche/src/quic/core/crypto/crypto_handshake.h"
 #include "net/third_party/quiche/src/quic/core/crypto/crypto_protocol.h"
+#include "net/third_party/quiche/src/quic/core/crypto/proof_source.h"
 #include "net/third_party/quiche/src/quic/core/crypto/transport_parameters.h"
 #include "net/third_party/quiche/src/quic/core/quic_packets.h"
 #include "net/third_party/quiche/src/quic/core/quic_server_id.h"
@@ -362,6 +363,8 @@
 
   ProofVerifier* proof_verifier() const;
   SessionCache* session_cache() const;
+  ProofSource* proof_source() const;
+  void set_proof_source(std::unique_ptr<ProofSource> proof_source);
   SSL_CTX* ssl_ctx() const;
 
   // Initialize the CachedState from |canonical_crypto_config| for the
@@ -441,6 +444,7 @@
 
   std::unique_ptr<ProofVerifier> proof_verifier_;
   std::unique_ptr<SessionCache> session_cache_;
+  std::unique_ptr<ProofSource> proof_source_;
   bssl::UniquePtr<SSL_CTX> ssl_ctx_;
 
   // The |user_agent_id_| passed in QUIC's CHLO message.