gfe-relnote: In QUIC, split HandshakerDelegateInterface::OnNewKeysAvailable to OnNewDecryptionKeyAvailable and OnNewEncryptionKeyAvailable. Refactoring only, no behavior change, not protected.
PiperOrigin-RevId: 294260261
Change-Id: Iaa1e251970b555434833432098af11fbb0d28ebc
diff --git a/quic/core/handshaker_delegate_interface.h b/quic/core/handshaker_delegate_interface.h
index 23f2cbd..7e4b125 100644
--- a/quic/core/handshaker_delegate_interface.h
+++ b/quic/core/handshaker_delegate_interface.h
@@ -17,12 +17,17 @@
public:
virtual ~HandshakerDelegateInterface() {}
- // Called when new keys are available.
- virtual void OnNewKeysAvailable(EncryptionLevel level,
- std::unique_ptr<QuicDecrypter> decrypter,
- bool set_alternative_decrypter,
- bool latch_once_used,
- std::unique_ptr<QuicEncrypter> encrypter) = 0;
+ // Called when new decryption key of |level| is available.
+ virtual void OnNewDecryptionKeyAvailable(
+ EncryptionLevel level,
+ std::unique_ptr<QuicDecrypter> decrypter,
+ bool set_alternative_decrypter,
+ bool latch_once_used) = 0;
+
+ // Called when new encryption key of |level| is available.
+ virtual void OnNewEncryptionKeyAvailable(
+ EncryptionLevel level,
+ std::unique_ptr<QuicEncrypter> encrypter) = 0;
// Called to set default encryption level to |level|.
virtual void SetDefaultEncryptionLevel(EncryptionLevel level) = 0;
diff --git a/quic/core/quic_crypto_client_handshaker.cc b/quic/core/quic_crypto_client_handshaker.cc
index b815dfe..c306323 100644
--- a/quic/core/quic_crypto_client_handshaker.cc
+++ b/quic/core/quic_crypto_client_handshaker.cc
@@ -327,12 +327,14 @@
crypto_config_->pad_full_hello());
SendHandshakeMessage(out);
// Be prepared to decrypt with the new server write key.
- delegate_->OnNewKeysAvailable(
+ delegate_->OnNewEncryptionKeyAvailable(
+ ENCRYPTION_ZERO_RTT,
+ std::move(crypto_negotiated_params_->initial_crypters.encrypter));
+ delegate_->OnNewDecryptionKeyAvailable(
ENCRYPTION_ZERO_RTT,
std::move(crypto_negotiated_params_->initial_crypters.decrypter),
/*set_alternative_decrypter=*/true,
- /*latch_once_used=*/true,
- std::move(crypto_negotiated_params_->initial_crypters.encrypter));
+ /*latch_once_used=*/true);
encryption_established_ = true;
delegate_->SetDefaultEncryptionLevel(ENCRYPTION_ZERO_RTT);
}
@@ -537,10 +539,12 @@
// has been floated that the server shouldn't send packets encrypted
// with the FORWARD_SECURE key until it receives a FORWARD_SECURE
// packet from the client.
- delegate_->OnNewKeysAvailable(
- ENCRYPTION_FORWARD_SECURE, std::move(crypters->decrypter),
- /*set_alternative_decrypter=*/true,
- /*latch_once_used=*/false, std::move(crypters->encrypter));
+ delegate_->OnNewEncryptionKeyAvailable(ENCRYPTION_FORWARD_SECURE,
+ std::move(crypters->encrypter));
+ delegate_->OnNewDecryptionKeyAvailable(ENCRYPTION_FORWARD_SECURE,
+ std::move(crypters->decrypter),
+ /*set_alternative_decrypter=*/true,
+ /*latch_once_used=*/false);
one_rtt_keys_available_ = true;
delegate_->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
delegate_->DiscardOldEncryptionKey(ENCRYPTION_INITIAL);
diff --git a/quic/core/quic_crypto_server_handshaker.cc b/quic/core/quic_crypto_server_handshaker.cc
index 4b2a7fa..2f1f061 100644
--- a/quic/core/quic_crypto_server_handshaker.cc
+++ b/quic/core/quic_crypto_server_handshaker.cc
@@ -200,12 +200,14 @@
// write key.
//
// NOTE: the SHLO will be encrypted with the new server write key.
- delegate_->OnNewKeysAvailable(
+ delegate_->OnNewEncryptionKeyAvailable(
+ ENCRYPTION_ZERO_RTT,
+ std::move(crypto_negotiated_params_->initial_crypters.encrypter));
+ delegate_->OnNewDecryptionKeyAvailable(
ENCRYPTION_ZERO_RTT,
std::move(crypto_negotiated_params_->initial_crypters.decrypter),
/*set_alternative_decrypter=*/false,
- /*latch_once_used=*/false,
- std::move(crypto_negotiated_params_->initial_crypters.encrypter));
+ /*latch_once_used=*/false);
delegate_->SetDefaultEncryptionLevel(ENCRYPTION_ZERO_RTT);
delegate_->DiscardOldDecryptionKey(ENCRYPTION_INITIAL);
session()->connection()->SetDiversificationNonce(*diversification_nonce);
@@ -213,12 +215,14 @@
session()->connection()->set_fully_pad_crypto_handshake_packets(
crypto_config_->pad_shlo());
SendHandshakeMessage(*reply);
- delegate_->OnNewKeysAvailable(
+ delegate_->OnNewEncryptionKeyAvailable(
+ ENCRYPTION_FORWARD_SECURE,
+ std::move(crypto_negotiated_params_->forward_secure_crypters.encrypter));
+ delegate_->OnNewDecryptionKeyAvailable(
ENCRYPTION_FORWARD_SECURE,
std::move(crypto_negotiated_params_->forward_secure_crypters.decrypter),
/*set_alternative_decrypter=*/true,
- /*latch_once_used=*/false,
- std::move(crypto_negotiated_params_->forward_secure_crypters.encrypter));
+ /*latch_once_used=*/false);
encryption_established_ = true;
one_rtt_keys_available_ = true;
delegate_->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
diff --git a/quic/core/quic_session.cc b/quic/core/quic_session.cc
index b63f729..f956e5e 100644
--- a/quic/core/quic_session.cc
+++ b/quic/core/quic_session.cc
@@ -1295,13 +1295,14 @@
flow_controller_.UpdateSendWindowOffset(new_window);
}
-void QuicSession::OnNewKeysAvailable(EncryptionLevel level,
- std::unique_ptr<QuicDecrypter> decrypter,
- bool set_alternative_decrypter,
- bool latch_once_used,
- std::unique_ptr<QuicEncrypter> encrypter) {
- // Install new keys.
- connection()->SetEncrypter(level, std::move(encrypter));
+void QuicSession::OnNewDecryptionKeyAvailable(
+ EncryptionLevel level,
+ std::unique_ptr<QuicDecrypter> decrypter,
+ bool set_alternative_decrypter,
+ bool latch_once_used) {
+ // TODO(fayang): Close connection if corresponding encryption key is not
+ // available.
+ DCHECK(connection()->framer().HasEncrypterOfEncryptionLevel(level));
if (connection()->version().KnowsWhichDecrypterToUse()) {
connection()->InstallDecrypter(level, std::move(decrypter));
return;
@@ -1314,6 +1315,12 @@
connection()->SetDecrypter(level, std::move(decrypter));
}
+void QuicSession::OnNewEncryptionKeyAvailable(
+ EncryptionLevel level,
+ std::unique_ptr<QuicEncrypter> encrypter) {
+ connection()->SetEncrypter(level, std::move(encrypter));
+}
+
void QuicSession::SetDefaultEncryptionLevel(EncryptionLevel level) {
QUIC_DVLOG(1) << ENDPOINT << "Set default encryption level to "
<< EncryptionLevelToString(level);
diff --git a/quic/core/quic_session.h b/quic/core/quic_session.h
index c6fae2f..57d7605 100644
--- a/quic/core/quic_session.h
+++ b/quic/core/quic_session.h
@@ -243,11 +243,13 @@
virtual void OnConfigNegotiated();
// From HandshakerDelegateInterface
- void OnNewKeysAvailable(EncryptionLevel level,
- std::unique_ptr<QuicDecrypter> decrypter,
- bool set_alternative_decrypter,
- bool latch_once_used,
- std::unique_ptr<QuicEncrypter> encrypter) override;
+ void OnNewDecryptionKeyAvailable(EncryptionLevel level,
+ std::unique_ptr<QuicDecrypter> decrypter,
+ bool set_alternative_decrypter,
+ bool latch_once_used) override;
+ void OnNewEncryptionKeyAvailable(
+ EncryptionLevel level,
+ std::unique_ptr<QuicEncrypter> encrypter) override;
void SetDefaultEncryptionLevel(EncryptionLevel level) override;
void DiscardOldDecryptionKey(EncryptionLevel level) override;
void DiscardOldEncryptionKey(EncryptionLevel level) override;
diff --git a/quic/core/tls_handshaker.cc b/quic/core/tls_handshaker.cc
index c5effc3..aee7133 100644
--- a/quic/core/tls_handshaker.cc
+++ b/quic/core/tls_handshaker.cc
@@ -73,10 +73,10 @@
QuicDecrypter::CreateFromCipherSuite(
SSL_CIPHER_get_id(SSL_get_pending_cipher(ssl())));
CryptoUtils::SetKeyAndIV(Prf(), read_secret, decrypter.get());
- delegate_->OnNewKeysAvailable(level, std::move(decrypter),
- /*set_alternative_decrypter=*/false,
- /*latch_once_used=*/false,
- std::move(encrypter));
+ delegate_->OnNewEncryptionKeyAvailable(level, std::move(encrypter));
+ delegate_->OnNewDecryptionKeyAvailable(level, std::move(decrypter),
+ /*set_alternative_decrypter=*/false,
+ /*latch_once_used=*/false);
}
void TlsHandshaker::WriteMessage(EncryptionLevel level,
