Make CryptoUtils::HashHandshakeMessage return by value
Also, during the handshake, don't hash the CHLO unless the hash is going to be used.
gfe-relnote: No-op refactoring, no functional change, not flag-protected.
PiperOrigin-RevId: 238635063
Change-Id: I76f033c33f436a1e95db5aae9494dbfdf7139ed5
diff --git a/quic/core/crypto/crypto_server_test.cc b/quic/core/crypto/crypto_server_test.cc
index 3b5a8f6..f784bdb 100644
--- a/quic/core/crypto/crypto_server_test.cc
+++ b/quic/core/crypto/crypto_server_test.cc
@@ -863,8 +863,8 @@
std::string error_details;
std::unique_ptr<ProofVerifierCallback> callback(
new DummyProofVerifierCallback());
- std::string chlo_hash;
- CryptoUtils::HashHandshakeMessage(msg, &chlo_hash, Perspective::IS_SERVER);
+ const std::string chlo_hash =
+ CryptoUtils::HashHandshakeMessage(msg, Perspective::IS_SERVER);
EXPECT_EQ(QUIC_SUCCESS,
proof_verifier->VerifyProof(
"test.example.com", 443, (std::string(scfg_str)),
diff --git a/quic/core/crypto/crypto_utils.cc b/quic/core/crypto/crypto_utils.cc
index ffb5f1c..e3e438b 100644
--- a/quic/core/crypto/crypto_utils.cc
+++ b/quic/core/crypto/crypto_utils.cc
@@ -455,14 +455,16 @@
}
// static
-void CryptoUtils::HashHandshakeMessage(const CryptoHandshakeMessage& message,
- std::string* output,
- Perspective perspective) {
+std::string CryptoUtils::HashHandshakeMessage(
+ const CryptoHandshakeMessage& message,
+ Perspective perspective) {
+ string output;
const QuicData& serialized = message.GetSerialized();
uint8_t digest[SHA256_DIGEST_LENGTH];
SHA256(reinterpret_cast<const uint8_t*>(serialized.data()),
serialized.length(), digest);
- output->assign(reinterpret_cast<const char*>(digest), sizeof(digest));
+ output.assign(reinterpret_cast<const char*>(digest), sizeof(digest));
+ return output;
}
#undef RETURN_STRING_LITERAL // undef for jumbo builds
diff --git a/quic/core/crypto/crypto_utils.h b/quic/core/crypto/crypto_utils.h
index 37f9a2f..a958311 100644
--- a/quic/core/crypto/crypto_utils.h
+++ b/quic/core/crypto/crypto_utils.h
@@ -197,10 +197,9 @@
static const char* HandshakeFailureReasonToString(
HandshakeFailureReason reason);
- // Writes a hash of the serialized |message| into |output|.
- static void HashHandshakeMessage(const CryptoHandshakeMessage& message,
- std::string* output,
- Perspective perspective);
+ // Returns a hash of the serialized |message|.
+ static string HashHandshakeMessage(const CryptoHandshakeMessage& message,
+ Perspective perspective);
private:
// Implements the HKDF-Expand-Label function as defined in section 7.1 of RFC
diff --git a/quic/core/crypto/quic_crypto_server_config.cc b/quic/core/crypto/quic_crypto_server_config.cc
index ccb7691..aa45e33 100644
--- a/quic/core/crypto/quic_crypto_server_config.cc
+++ b/quic/core/crypto/quic_crypto_server_config.cc
@@ -790,10 +790,6 @@
helper.Fail(QUIC_UNSUPPORTED_PROOF_DEMAND, "Missing or invalid PDMD");
return;
}
- DCHECK(proof_source_.get());
- std::string chlo_hash;
- CryptoUtils::HashHandshakeMessage(client_hello, &chlo_hash,
- Perspective::IS_SERVER);
// No need to get a new proof if one was already generated.
if (!signed_config->chain) {
@@ -803,6 +799,10 @@
server_designated_connection_id, clock, rand, compressed_certs_cache,
params, signed_config, total_framing_overhead, chlo_packet_size,
requested_config, primary_config, std::move(done_cb));
+ const std::string chlo_hash =
+ CryptoUtils::HashHandshakeMessage(client_hello, Perspective::IS_SERVER);
+
+ DCHECK(proof_source_.get());
proof_source_->GetProof(
server_address, std::string(info.sni), primary_config->serialized,
version.transport_version, chlo_hash, std::move(cb));
diff --git a/quic/core/quic_crypto_client_handshaker.cc b/quic/core/quic_crypto_client_handshaker.cc
index e758cb6..5d8a647 100644
--- a/quic/core/quic_crypto_client_handshaker.cc
+++ b/quic/core/quic_crypto_client_handshaker.cc
@@ -334,7 +334,7 @@
return;
}
next_state_ = STATE_RECV_REJ;
- CryptoUtils::HashHandshakeMessage(out, &chlo_hash_, Perspective::IS_CLIENT);
+ chlo_hash_ = CryptoUtils::HashHandshakeMessage(out, Perspective::IS_CLIENT);
session()->connection()->set_fully_pad_crypto_hadshake_packets(
crypto_config_->pad_inchoate_hello());
SendHandshakeMessage(out);
@@ -364,7 +364,7 @@
stream_->CloseConnectionWithDetails(error, error_details);
return;
}
- CryptoUtils::HashHandshakeMessage(out, &chlo_hash_, Perspective::IS_CLIENT);
+ chlo_hash_ = CryptoUtils::HashHandshakeMessage(out, Perspective::IS_CLIENT);
channel_id_sent_ = (channel_id_key_ != nullptr);
if (cached->proof_verify_details()) {
proof_handler_->OnProofVerifyDetailsAvailable(
diff --git a/quic/core/quic_crypto_server_handshaker.cc b/quic/core/quic_crypto_server_handshaker.cc
index c5b1597..cd3cce9 100644
--- a/quic/core/quic_crypto_server_handshaker.cc
+++ b/quic/core/quic_crypto_server_handshaker.cc
@@ -121,8 +121,8 @@
return;
}
- CryptoUtils::HashHandshakeMessage(message, &chlo_hash_,
- Perspective::IS_SERVER);
+ chlo_hash_ =
+ CryptoUtils::HashHandshakeMessage(message, Perspective::IS_SERVER);
std::unique_ptr<ValidateCallback> cb(new ValidateCallback(this));
DCHECK(validate_client_hello_cb_ == nullptr);
