Blame - quic/quartc/quartc_crypto_helpers.h - quiche

blob: 92c68b65d3f10a98bec9ade2510a4fd2c9ad8317 [file] [log] [blame]

QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	1	// Copyright (c) 2017 The Chromium Authors. All rights reserved.
				2	// Use of this source code is governed by a BSD-style license that can be
				3	// found in the LICENSE file.
				4
				5	#ifndef QUICHE_QUIC_QUARTC_QUARTC_CRYPTO_HELPERS_H_
				6	#define QUICHE_QUIC_QUARTC_QUARTC_CRYPTO_HELPERS_H_
				7
vasilvv	872e7a3	2019-03-12 16:42:44 -0700	[diff] [blame]	8	#include <string>
				9
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	10	#include "net/third_party/quiche/src/quic/core/crypto/crypto_handshake_message.h"
				11	#include "net/third_party/quiche/src/quic/core/crypto/proof_source.h"
				12	#include "net/third_party/quiche/src/quic/core/crypto/proof_verifier.h"
				13	#include "net/third_party/quiche/src/quic/core/crypto/quic_crypto_client_config.h"
				14	#include "net/third_party/quiche/src/quic/core/crypto/quic_crypto_server_config.h"
				15	#include "net/third_party/quiche/src/quic/core/quic_connection_id.h"
				16	#include "net/third_party/quiche/src/quic/core/quic_crypto_server_stream.h"
				17	#include "net/third_party/quiche/src/quic/core/quic_versions.h"
				18	#include "net/third_party/quiche/src/quic/platform/api/quic_reference_counted.h"
				19	#include "net/third_party/quiche/src/quic/platform/api/quic_socket_address.h"
dmcardle	c60e87a	2019-12-12 09:43:19 -0800	[diff] [blame]	20	#include "net/third_party/quiche/src/common/platform/api/quiche_string_piece.h"
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	21
				22	namespace quic {
				23
				24	// Never, ever, change this certificate name. You will break 0-rtt handshake if
				25	// you do.
				26	static constexpr char kDummyCertName[] = "Dummy cert";
				27
				28	struct CryptoServerConfig {
				29	std::unique_ptr<QuicCryptoServerConfig> config;
vasilvv	c48c871	2019-03-11 13:38:16 -0700	[diff] [blame]	30	std::string serialized_crypto_config;
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	31	};
				32
				33	// Length of HKDF input keying material, equal to its number of bytes.
				34	// https://tools.ietf.org/html/rfc5869#section-2.2.
				35	// TODO(zhihuang): Verify that input keying material length is correct.
				36	constexpr size_t kInputKeyingMaterialLength = 32;
				37
				38	// Used by QuicCryptoServerConfig to provide dummy proof credentials.
				39	// TODO(zhihuang): Remove when secure P2P QUIC handshake is possible.
				40	class DummyProofSource : public ProofSource {
				41	public:
				42	DummyProofSource() {}
				43	~DummyProofSource() override {}
				44
				45	// ProofSource overrides.
				46	void GetProof(const QuicSocketAddress& server_address,
vasilvv	c48c871	2019-03-11 13:38:16 -0700	[diff] [blame]	47	const std::string& hostname,
				48	const std::string& server_config,
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	49	QuicTransportVersion transport_version,
dmcardle	c60e87a	2019-12-12 09:43:19 -0800	[diff] [blame]	50	quiche::QuicheStringPiece chlo_hash,
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	51	std::unique_ptr<Callback> callback) override;
				52
				53	QuicReferenceCountedPointer<Chain> GetCertChain(
				54	const QuicSocketAddress& server_address,
vasilvv	c48c871	2019-03-11 13:38:16 -0700	[diff] [blame]	55	const std::string& hostname) override;
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	56
				57	void ComputeTlsSignature(
				58	const QuicSocketAddress& server_address,
vasilvv	c48c871	2019-03-11 13:38:16 -0700	[diff] [blame]	59	const std::string& hostname,
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	60	uint16_t signature_algorithm,
dmcardle	c60e87a	2019-12-12 09:43:19 -0800	[diff] [blame]	61	quiche::QuicheStringPiece in,
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	62	std::unique_ptr<SignatureCallback> callback) override;
				63	};
				64
				65	// Used by QuicCryptoClientConfig to ignore the peer's credentials
				66	// and establish an insecure QUIC connection.
				67	// TODO(zhihuang): Remove when secure P2P QUIC handshake is possible.
				68	class InsecureProofVerifier : public ProofVerifier {
				69	public:
				70	InsecureProofVerifier() {}
				71	~InsecureProofVerifier() override {}
				72
				73	// ProofVerifier overrides.
				74	QuicAsyncStatus VerifyProof(
vasilvv	c48c871	2019-03-11 13:38:16 -0700	[diff] [blame]	75	const std::string& hostname,
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	76	const uint16_t port,
vasilvv	c48c871	2019-03-11 13:38:16 -0700	[diff] [blame]	77	const std::string& server_config,
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	78	QuicTransportVersion transport_version,
dmcardle	c60e87a	2019-12-12 09:43:19 -0800	[diff] [blame]	79	quiche::QuicheStringPiece chlo_hash,
vasilvv	c48c871	2019-03-11 13:38:16 -0700	[diff] [blame]	80	const std::vector<std::string>& certs,
				81	const std::string& cert_sct,
				82	const std::string& signature,
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	83	const ProofVerifyContext* context,
vasilvv	c48c871	2019-03-11 13:38:16 -0700	[diff] [blame]	84	std::string* error_details,
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	85	std::unique_ptr<ProofVerifyDetails>* verify_details,
				86	std::unique_ptr<ProofVerifierCallback> callback) override;
				87
				88	QuicAsyncStatus VerifyCertChain(
vasilvv	c48c871	2019-03-11 13:38:16 -0700	[diff] [blame]	89	const std::string& hostname,
				90	const std::vector<std::string>& certs,
QUICHE team	38c190b	2019-05-08 09:12:01 -0700	[diff] [blame]	91	const std::string& ocsp_response,
				92	const std::string& cert_sct,
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	93	const ProofVerifyContext* context,
vasilvv	c48c871	2019-03-11 13:38:16 -0700	[diff] [blame]	94	std::string* error_details,
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	95	std::unique_ptr<ProofVerifyDetails>* details,
				96	std::unique_ptr<ProofVerifierCallback> callback) override;
				97
				98	std::unique_ptr<ProofVerifyContext> CreateDefaultContext() override;
				99	};
				100
				101	// Implementation of the server-side crypto stream helper.
nharper	5f23a2d	2020-02-20 10:44:09 -0800	[diff] [blame]	102	class QuartcCryptoServerStreamHelper
				103	: public QuicCryptoServerStreamBase::Helper {
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	104	public:
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	105	bool CanAcceptClientHello(const CryptoHandshakeMessage& message,
				106	const QuicSocketAddress& client_address,
				107	const QuicSocketAddress& peer_address,
				108	const QuicSocketAddress& self_address,
vasilvv	c48c871	2019-03-11 13:38:16 -0700	[diff] [blame]	109	std::string* error_details) const override;
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	110	};
				111
				112	std::unique_ptr<QuicCryptoClientConfig> CreateCryptoClientConfig(
dmcardle	c60e87a	2019-12-12 09:43:19 -0800	[diff] [blame]	113	quiche::QuicheStringPiece pre_shared_key);
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	114
dmcardle	c60e87a	2019-12-12 09:43:19 -0800	[diff] [blame]	115	CryptoServerConfig CreateCryptoServerConfig(
				116	QuicRandom* random,
				117	const QuicClock* clock,
				118	quiche::QuicheStringPiece pre_shared_key);
QUICHE team	a6ef0a6	2019-03-07 20:34:33 -0500	[diff] [blame]	119
				120	} // namespace quic
				121
				122	#endif // QUICHE_QUIC_QUARTC_QUARTC_CRYPTO_HELPERS_H_