blob: d0e4ee1e3b178afce5d318da4c83819590efd688 [file] [log] [blame]
QUICHE teama6ef0a62019-03-07 20:34:33 -05001// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef QUICHE_QUIC_CORE_QUIC_CRYPTO_CLIENT_STREAM_H_
6#define QUICHE_QUIC_CORE_QUIC_CRYPTO_CLIENT_STREAM_H_
7
8#include <cstdint>
9#include <memory>
vasilvv872e7a32019-03-12 16:42:44 -070010#include <string>
QUICHE teama6ef0a62019-03-07 20:34:33 -050011
QUICHE teama6ef0a62019-03-07 20:34:33 -050012#include "net/third_party/quiche/src/quic/core/crypto/channel_id.h"
13#include "net/third_party/quiche/src/quic/core/crypto/proof_verifier.h"
14#include "net/third_party/quiche/src/quic/core/crypto/quic_crypto_client_config.h"
15#include "net/third_party/quiche/src/quic/core/quic_config.h"
16#include "net/third_party/quiche/src/quic/core/quic_crypto_handshaker.h"
17#include "net/third_party/quiche/src/quic/core/quic_crypto_stream.h"
18#include "net/third_party/quiche/src/quic/core/quic_server_id.h"
19#include "net/third_party/quiche/src/quic/core/quic_session.h"
20#include "net/third_party/quiche/src/quic/platform/api/quic_export.h"
QUICHE teama6ef0a62019-03-07 20:34:33 -050021
22namespace quic {
23
24class QUIC_EXPORT_PRIVATE QuicCryptoClientStreamBase : public QuicCryptoStream {
25 public:
26 explicit QuicCryptoClientStreamBase(QuicSession* session);
27
28 ~QuicCryptoClientStreamBase() override {}
29
30 // Performs a crypto handshake with the server. Returns true if the connection
31 // is still connected.
32 virtual bool CryptoConnect() = 0;
33
34 // num_sent_client_hellos returns the number of client hello messages that
35 // have been sent. If the handshake has completed then this is one greater
36 // than the number of round-trips needed for the handshake.
37 virtual int num_sent_client_hellos() const = 0;
38
39 // The number of server config update messages received by the
40 // client. Does not count update messages that were received prior
41 // to handshake confirmation.
42 virtual int num_scup_messages_received() const = 0;
43};
44
45class QUIC_EXPORT_PRIVATE QuicCryptoClientStream
46 : public QuicCryptoClientStreamBase {
47 public:
48 // kMaxClientHellos is the maximum number of times that we'll send a client
QUICHE team8b353f32019-04-09 13:49:10 -070049 // hello. The value 4 accounts for:
QUICHE teama6ef0a62019-03-07 20:34:33 -050050 // * One failure due to an incorrect or missing source-address token.
51 // * One failure due the server's certificate chain being unavailible and
52 // the server being unwilling to send it without a valid source-address
53 // token.
QUICHE team8b353f32019-04-09 13:49:10 -070054 // * One failure due to the ServerConfig private key being located on a
55 // remote oracle which has become unavailable, forcing the server to send
56 // the client a fallback ServerConfig.
57 static const int kMaxClientHellos = 4;
QUICHE teama6ef0a62019-03-07 20:34:33 -050058
59 // QuicCryptoClientStream creates a HandshakerDelegate at construction time
60 // based on the QuicTransportVersion of the connection. Different
61 // HandshakerDelegates provide implementations of different crypto handshake
62 // protocols. Currently QUIC crypto is the only protocol implemented; a future
63 // HandshakerDelegate will use TLS as the handshake protocol.
64 // QuicCryptoClientStream delegates all of its public methods to its
65 // HandshakerDelegate.
66 //
67 // This setup of the crypto stream delegating its implementation to the
68 // handshaker results in the handshaker reading and writing bytes on the
69 // crypto stream, instead of the handshaker passing the stream bytes to send.
70 class QUIC_EXPORT_PRIVATE HandshakerDelegate {
71 public:
72 virtual ~HandshakerDelegate() {}
73
74 // Performs a crypto handshake with the server. Returns true if the
75 // connection is still connected.
76 virtual bool CryptoConnect() = 0;
77
78 // num_sent_client_hellos returns the number of client hello messages that
79 // have been sent. If the handshake has completed then this is one greater
80 // than the number of round-trips needed for the handshake.
81 virtual int num_sent_client_hellos() const = 0;
82
83 // The number of server config update messages received by the
84 // client. Does not count update messages that were received prior
85 // to handshake confirmation.
86 virtual int num_scup_messages_received() const = 0;
87
88 // Returns true if a channel ID was sent on this connection.
89 virtual bool WasChannelIDSent() const = 0;
90
91 // Returns true if our ChannelIDSourceCallback was run, which implies the
92 // ChannelIDSource operated asynchronously. Intended for testing.
93 virtual bool WasChannelIDSourceCallbackRun() const = 0;
94
vasilvvc48c8712019-03-11 13:38:16 -070095 virtual std::string chlo_hash() const = 0;
QUICHE teama6ef0a62019-03-07 20:34:33 -050096
97 // Returns true once any encrypter (initial/0RTT or final/1RTT) has been set
98 // for the connection.
99 virtual bool encryption_established() const = 0;
100
101 // Returns true once the crypto handshake has completed.
102 virtual bool handshake_confirmed() const = 0;
103
104 // Returns the parameters negotiated in the crypto handshake.
105 virtual const QuicCryptoNegotiatedParameters& crypto_negotiated_params()
106 const = 0;
107
108 // Used by QuicCryptoStream to parse data received on this stream.
109 virtual CryptoMessageParser* crypto_message_parser() = 0;
110 };
111
112 // ProofHandler is an interface that handles callbacks from the crypto
113 // stream when the client has proof verification details of the server.
114 class QUIC_EXPORT_PRIVATE ProofHandler {
115 public:
116 virtual ~ProofHandler() {}
117
118 // Called when the proof in |cached| is marked valid. If this is a secure
119 // QUIC session, then this will happen only after the proof verifier
120 // completes.
121 virtual void OnProofValid(
122 const QuicCryptoClientConfig::CachedState& cached) = 0;
123
124 // Called when proof verification details become available, either because
125 // proof verification is complete, or when cached details are used. This
126 // will only be called for secure QUIC connections.
127 virtual void OnProofVerifyDetailsAvailable(
128 const ProofVerifyDetails& verify_details) = 0;
129 };
130
131 QuicCryptoClientStream(const QuicServerId& server_id,
132 QuicSession* session,
133 std::unique_ptr<ProofVerifyContext> verify_context,
134 QuicCryptoClientConfig* crypto_config,
135 ProofHandler* proof_handler);
136 QuicCryptoClientStream(const QuicCryptoClientStream&) = delete;
137 QuicCryptoClientStream& operator=(const QuicCryptoClientStream&) = delete;
138
139 ~QuicCryptoClientStream() override;
140
141 // From QuicCryptoClientStreamBase
142 bool CryptoConnect() override;
143 int num_sent_client_hellos() const override;
144
145 int num_scup_messages_received() const override;
146
147 // From QuicCryptoStream
148 bool encryption_established() const override;
149 bool handshake_confirmed() const override;
150 const QuicCryptoNegotiatedParameters& crypto_negotiated_params()
151 const override;
152 CryptoMessageParser* crypto_message_parser() override;
153
154 // Returns true if a channel ID was sent on this connection.
155 bool WasChannelIDSent() const;
156
157 // Returns true if our ChannelIDSourceCallback was run, which implies the
158 // ChannelIDSource operated asynchronously. Intended for testing.
159 bool WasChannelIDSourceCallbackRun() const;
160
vasilvvc48c8712019-03-11 13:38:16 -0700161 std::string chlo_hash() const;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500162
163 protected:
164 void set_handshaker(std::unique_ptr<HandshakerDelegate> handshaker) {
165 handshaker_ = std::move(handshaker);
166 }
167
168 private:
169 std::unique_ptr<HandshakerDelegate> handshaker_;
170};
171
172} // namespace quic
173
174#endif // QUICHE_QUIC_CORE_QUIC_CRYPTO_CLIENT_STREAM_H_