Split KeyExchange into synchronous and asynchronous variants
As part of the implementation of go/leto-II-design, an asynchronous interface was added to the KeyExchange class, to allow an implementation which would make an RPC to a service holding the private key. This fit awkwardly into the existing code, and we intended it as a short-term patch until we could come up with a better separation of concerns.
This CL improves matters by splitting the KeyExchange class into two. The AsyncKeyExchange interface has only an asynchronous interface. SyncKeyExchange has both synchronous and asynchronous interfaces, with the latter implemented in terms of the former. The existing "local" key-exchange classes inherit from SyncKeyExchange. Handshaking code which may or may not need to talk to Leto uses the AsyncKeyExchange uniformly, but depending on whether Leto is enabled or not, the concrete objects being used might be local or remote.
This CL also removes the "Factory" pattern previously used for creating KeyExchange objects. It required a bunch of boilerplate and provided little benefit.
gfe-relnote: no-op refactoring in the area of QUIC handshakes. No functional change intended, not flag-protected.
PiperOrigin-RevId: 238508479
Change-Id: Ib5ca6ae5afbdcb712c7d2f86a4d272ef168b90f3
diff --git a/quic/core/crypto/quic_crypto_server_config.h b/quic/core/crypto/quic_crypto_server_config.h
index 29a1488..daaa702 100644
--- a/quic/core/crypto/quic_crypto_server_config.h
+++ b/quic/core/crypto/quic_crypto_server_config.h
@@ -162,9 +162,10 @@
// Create a new KeyExchange of the specified type using the specified
// private key.
- virtual std::unique_ptr<KeyExchange> Create(std::string /*server_config_id*/,
- QuicTag type,
- QuicStringPiece private_key) = 0;
+ virtual std::unique_ptr<AsynchronousKeyExchange> Create(
+ std::string server_config_id,
+ QuicTag type,
+ QuicStringPiece private_key) = 0;
};
// QuicCryptoServerConfig contains the crypto configuration of a QUIC server.
@@ -461,10 +462,9 @@
// used to identify clusters of server frontends.
unsigned char orbit[kOrbitSize];
- // key_exchanges contains key exchange objects with the private keys
- // already loaded. The values correspond, one-to-one, with the tags in
- // |kexs| from the parent class.
- std::vector<std::unique_ptr<KeyExchange>> key_exchanges;
+ // key_exchanges contains key exchange objects. The values correspond,
+ // one-to-one, with the tags in |kexs| from the parent class.
+ std::vector<std::unique_ptr<AsynchronousKeyExchange>> key_exchanges;
// tag_value_map contains the raw key/value pairs for the config.
QuicTagValueMap tag_value_map;
@@ -596,7 +596,7 @@
void ProcessClientHelloAfterCalculateSharedKeys(
bool found_error,
std::unique_ptr<ProofSource::Details> proof_source_details,
- const KeyExchange::Factory& key_exchange_factory,
+ QuicTag key_exchange_type,
std::unique_ptr<CryptoHandshakeMessage> out,
QuicStringPiece public_value,
const ValidateClientHelloResultCallback::Result& validate_chlo_result,
