blob: 1446ab352d55687f48d23060312a4c06410fb6c6 [file] [log] [blame]
// Copyright (c) 2017 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "net/third_party/quiche/src/quic/quartc/quartc_crypto_helpers.h"
#include "net/third_party/quiche/src/quic/core/quic_utils.h"
namespace quic {
void DummyProofSource::GetProof(const QuicSocketAddress& server_address,
const std::string& hostname,
const std::string& /*server_config*/,
QuicTransportVersion /*transport_version*/,
QuicStringPiece /*chlo_hash*/,
std::unique_ptr<Callback> callback) {
QuicReferenceCountedPointer<ProofSource::Chain> chain =
GetCertChain(server_address, hostname);
QuicCryptoProof proof;
proof.signature = "Dummy signature";
proof.leaf_cert_scts = "Dummy timestamp";
callback->Run(true, chain, proof, nullptr /* details */);
DummyProofSource::GetCertChain(const QuicSocketAddress& /*server_address*/,
const std::string& /*hostname*/) {
std::vector<std::string> certs;
return QuicReferenceCountedPointer<ProofSource::Chain>(
new ProofSource::Chain(certs));
void DummyProofSource::ComputeTlsSignature(
const QuicSocketAddress& /*server_address*/,
const std::string& /*hostname*/,
uint16_t /*signature_algorithm*/,
QuicStringPiece /*in*/,
std::unique_ptr<SignatureCallback> callback) {
callback->Run(true, "Dummy signature");
QuicAsyncStatus InsecureProofVerifier::VerifyProof(
const std::string& /*hostname*/,
const uint16_t /*port*/,
const std::string& /*server_config*/,
QuicTransportVersion /*transport_version*/,
QuicStringPiece /*chlo_hash*/,
const std::vector<std::string>& /*certs*/,
const std::string& /*cert_sct*/,
const std::string& /*signature*/,
const ProofVerifyContext* /*context*/,
std::string* /*error_details*/,
std::unique_ptr<ProofVerifyDetails>* /*verify_details*/,
std::unique_ptr<ProofVerifierCallback> /*callback*/) {
QuicAsyncStatus InsecureProofVerifier::VerifyCertChain(
const std::string& /*hostname*/,
const std::vector<std::string>& /*certs*/,
const std::string& /*ocsp_response*/,
const std::string& /*cert_sct*/,
const ProofVerifyContext* /*context*/,
std::string* /*error_details*/,
std::unique_ptr<ProofVerifyDetails>* /*details*/,
std::unique_ptr<ProofVerifierCallback> /*callback*/) {
InsecureProofVerifier::CreateDefaultContext() {
return nullptr;
QuicConnectionId QuartcCryptoServerStreamHelper::GenerateConnectionIdForReject(
QuicTransportVersion /*version*/,
QuicConnectionId /*connection_id*/) const {
// TODO(b/124399417): Request a zero-length connection id here when the QUIC
// server perspective supports it.
return QuicUtils::CreateRandomConnectionId();
bool QuartcCryptoServerStreamHelper::CanAcceptClientHello(
const CryptoHandshakeMessage& /*message*/,
const QuicSocketAddress& /*client_address*/,
const QuicSocketAddress& /*peer_address*/,
const QuicSocketAddress& /*self_address*/,
std::string* /*error_details*/) const {
return true;
std::unique_ptr<QuicCryptoClientConfig> CreateCryptoClientConfig(
QuicStringPiece pre_shared_key) {
auto config = QuicMakeUnique<QuicCryptoClientConfig>(
if (!pre_shared_key.empty()) {
return config;
CryptoServerConfig CreateCryptoServerConfig(QuicRandom* random,
const QuicClock* clock,
QuicStringPiece pre_shared_key) {
CryptoServerConfig crypto_server_config;
// Generate a random source address token secret. For long-running servers
// it's better to not regenerate it for each connection to enable zero-RTT
// handshakes, but for transient clients it does not matter.
char source_address_token_secret[kInputKeyingMaterialLength];
random->RandBytes(source_address_token_secret, kInputKeyingMaterialLength);
auto config = QuicMakeUnique<QuicCryptoServerConfig>(
std::string(source_address_token_secret, kInputKeyingMaterialLength),
random, QuicMakeUnique<DummyProofSource>(), KeyExchangeSource::Default());
// We run QUIC over ICE, and ICE is verifying remote side with STUN pings.
// We disable source address token validation in order to allow for 0-rtt
// setup (plus source ip addresses are changing even during the connection
// when ICE is used).
// Effectively disables the anti-amplification measures (we don't need
// them because we use ICE, and we need to disable them because we disable
// padding of crypto packets).
// This multiplier must be large enough so that the crypto handshake packet
// (approx. 300 bytes) multiplied by this multiplier is larger than a fully
// sized packet (currently 1200 bytes).
// 1500 is a bit extreme: if you can imagine sending a 1 byte packet, and
// your largest MTU would be below 1500 bytes, 1500*1 >=
// any_packet_that_you_can_imagine_sending.
// (again, we hardcode packet size to 1200, so we are not dealing with jumbo
// frames).
// We are sending small client hello, we must not validate its size.
// Provide server with serialized config string to prove ownership.
QuicCryptoServerConfig::ConfigOptions options;
// The |message| is used to handle the return value of AddDefaultConfig
// which is raw pointer of the CryptoHandshakeMessage.
std::unique_ptr<CryptoHandshakeMessage> message(
config->AddDefaultConfig(random, clock, options));
if (!pre_shared_key.empty()) {
crypto_server_config.config = std::move(config);
const QuicData& data = message->GetSerialized();
crypto_server_config.serialized_crypto_config =
std::string(, data.length());
return crypto_server_config;
} // namespace quic