Google Git
Sign in
quiche / quiche / ea9e1cb32d81207196e8c7f1e8ea2e9a6bc8c0e0 / . / quic / core / tls_client_handshaker.h
blob: eb39ccf9fabaa36f71e6b407a6a712385296a7b5 [file] [log] [blame]
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]1// Copyright (c) 2017 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef QUICHE_QUIC_CORE_TLS_CLIENT_HANDSHAKER_H_
6#define QUICHE_QUIC_CORE_TLS_CLIENT_HANDSHAKER_H_
7
renjietangf21e3852020-04-13 15:45:39 -0700[diff] [blame]8#include <cstdint>
renjietangcc12f432020-04-09 16:44:22 -0700[diff] [blame]9#include <memory>
vasilvv872e7a32019-03-12 16:42:44 -0700[diff] [blame]10#include <string>
11
vasilvvc872ee42020-10-07 19:50:22 -0700[diff] [blame]12#include "absl/strings/string_view.h"
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]13#include "third_party/boringssl/src/include/openssl/ssl.h"
QUICHE team5be974e2020-12-29 18:35:24 -0500[diff] [blame]14#include "quic/core/crypto/quic_crypto_client_config.h"
15#include "quic/core/crypto/tls_client_connection.h"
16#include "quic/core/crypto/transport_parameters.h"
17#include "quic/core/quic_crypto_client_stream.h"
18#include "quic/core/quic_crypto_stream.h"
19#include "quic/core/tls_handshaker.h"
20#include "quic/platform/api/quic_export.h"
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]21
22namespace quic {
23
rch85240a12019-12-23 11:51:59 -0800[diff] [blame]24// An implementation of QuicCryptoClientStream::HandshakerInterface which uses
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]25// TLS 1.3 for the crypto handshake protocol.
26class QUIC_EXPORT_PRIVATE TlsClientHandshaker
nharper6ebe83b2019-06-13 17:43:52 -0700[diff] [blame]27 : public TlsHandshaker,
rch85240a12019-12-23 11:51:59 -0800[diff] [blame]28 public QuicCryptoClientStream::HandshakerInterface,
nharper6ebe83b2019-06-13 17:43:52 -0700[diff] [blame]29 public TlsClientConnection::Delegate {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]30 public:
fayang133b8682020-12-08 05:50:33 -0800[diff] [blame]31 // |crypto_config| must outlive TlsClientHandshaker.
nharperdf7a77b2019-11-11 13:12:45 -0800[diff] [blame]32 TlsClientHandshaker(const QuicServerId& server_id,
33 QuicCryptoStream* stream,
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]34 QuicSession* session,
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]35 std::unique_ptr<ProofVerifyContext> verify_context,
nharperdf7a77b2019-11-11 13:12:45 -0800[diff] [blame]36 QuicCryptoClientConfig* crypto_config,
renjietangbcc066a2020-04-21 18:05:57 -0700[diff] [blame]37 QuicCryptoClientStream::ProofHandler* proof_handler,
38 bool has_application_state);
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]39 TlsClientHandshaker(const TlsClientHandshaker&) = delete;
40 TlsClientHandshaker& operator=(const TlsClientHandshaker&) = delete;
41
42 ~TlsClientHandshaker() override;
43
rch85240a12019-12-23 11:51:59 -0800[diff] [blame]44 // From QuicCryptoClientStream::HandshakerInterface
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]45 bool CryptoConnect() override;
46 int num_sent_client_hellos() const override;
nharper02703962019-11-07 12:23:13 -0800[diff] [blame]47 bool IsResumption() const override;
nharper4084fc92020-02-10 14:43:35 -0800[diff] [blame]48 bool EarlyDataAccepted() const override;
nharper26e3e882020-09-09 12:30:55 -0700[diff] [blame]49 ssl_early_data_reason_t EarlyDataReason() const override;
nharper4084fc92020-02-10 14:43:35 -0800[diff] [blame]50 bool ReceivedInchoateReject() const override;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]51 int num_scup_messages_received() const override;
vasilvvc48c8712019-03-11 13:38:16 -0700[diff] [blame]52 std::string chlo_hash() const override;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]53
rch85240a12019-12-23 11:51:59 -0800[diff] [blame]54 // From QuicCryptoClientStream::HandshakerInterface and TlsHandshaker
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]55 bool encryption_established() const override;
fayang685367a2020-01-14 10:40:15 -0800[diff] [blame]56 bool one_rtt_keys_available() const override;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]57 const QuicCryptoNegotiatedParameters& crypto_negotiated_params()
58 const override;
59 CryptoMessageParser* crypto_message_parser() override;
fayang9a863cf2020-01-16 14:12:11 -0800[diff] [blame]60 HandshakeState GetHandshakeState() const override;
nharper486a8a92019-08-28 16:25:10 -0700[diff] [blame]61 size_t BufferSizeLimitForLevel(EncryptionLevel level) const override;
mattm072a7e32020-10-09 16:16:56 -0700[diff] [blame]62 bool KeyUpdateSupportedLocally() const override;
63 std::unique_ptr<QuicDecrypter> AdvanceKeysAndCreateCurrentOneRttDecrypter()
64 override;
65 std::unique_ptr<QuicEncrypter> CreateCurrentOneRttEncrypter() override;
fayang2f2915d2020-01-24 06:47:15 -0800[diff] [blame]66 void OnOneRttPacketAcknowledged() override;
fayang44ae4e92020-04-28 13:09:42 -0700[diff] [blame]67 void OnHandshakePacketSent() override;
fayanga6a85a82020-05-04 08:58:53 -0700[diff] [blame]68 void OnConnectionClosed(QuicErrorCode error,
69 ConnectionCloseSource source) override;
fayang01062942020-01-22 07:23:23 -0800[diff] [blame]70 void OnHandshakeDoneReceived() override;
fayang133b8682020-12-08 05:50:33 -0800[diff] [blame]71 void OnNewTokenReceived(absl::string_view token) override;
fayanga45ee8a2020-03-20 08:56:11 -0700[diff] [blame]72 void SetWriteSecret(EncryptionLevel level,
73 const SSL_CIPHER* cipher,
74 const std::vector<uint8_t>& write_secret) override;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]75
fayangd58736d2019-11-27 13:35:31 -0800[diff] [blame]76 // Override to drop initial keys if trying to write ENCRYPTION_HANDSHAKE data.
vasilvvc872ee42020-10-07 19:50:22 -0700[diff] [blame]77 void WriteMessage(EncryptionLevel level, absl::string_view data) override;
fayangd58736d2019-11-27 13:35:31 -0800[diff] [blame]78
nharperac52a862020-06-08 12:41:06 -0700[diff] [blame]79 void SetServerApplicationStateForResumption(
renjietangf21e3852020-04-13 15:45:39 -0700[diff] [blame]80 std::unique_ptr<ApplicationState> application_state) override;
81
vasilvv4724c9c2019-08-29 11:52:11 -0700[diff] [blame]82 void AllowEmptyAlpnForTests() { allow_empty_alpn_for_tests_ = true; }
nharpere0f979c2020-05-05 17:31:55 -0700[diff] [blame]83 void AllowInvalidSNIForTests() { allow_invalid_sni_for_tests_ = true; }
wube9d9a9c2021-02-03 07:18:53 -0800[diff] [blame]84 SSL* GetSslForTests() { return tls_connection_.ssl(); }
85 const SSL* GetSslForTests() const { return tls_connection_.ssl(); }
vasilvv4724c9c2019-08-29 11:52:11 -0700[diff] [blame]86
nharper6ebe83b2019-06-13 17:43:52 -0700[diff] [blame]87 protected:
nharper486a8a92019-08-28 16:25:10 -0700[diff] [blame]88 const TlsConnection* tls_connection() const override {
89 return &tls_connection_;
90 }
nharper6ebe83b2019-06-13 17:43:52 -0700[diff] [blame]91
nharper0ab1c662020-11-02 17:05:32 -0800[diff] [blame]92 void FinishHandshake() override;
wub48b16812021-04-30 10:22:22 -0700[diff] [blame]93 void OnEnterEarlyData() override;
94 void FillNegotiatedParams();
nharper0ab1c662020-11-02 17:05:32 -0800[diff] [blame]95 void ProcessPostHandshakeMessage() override;
96 bool ShouldCloseConnectionOnUnexpectedError(int ssl_error) override;
nharpere62aab72020-11-04 16:32:09 -0800[diff] [blame]97 QuicAsyncStatus VerifyCertChain(
98 const std::vector<std::string>& certs,
99 std::string* error_details,
100 std::unique_ptr<ProofVerifyDetails>* details,
nharper54fc9ab2020-11-12 11:07:39 -0800[diff] [blame]101 uint8_t* out_alert,
nharpere62aab72020-11-04 16:32:09 -0800[diff] [blame]102 std::unique_ptr<ProofVerifierCallback> callback) override;
103 void OnProofVerifyDetailsAvailable(
104 const ProofVerifyDetails& verify_details) override;
nharper6ebe83b2019-06-13 17:43:52 -0700[diff] [blame]105
106 // TlsClientConnection::Delegate implementation:
nharper6ebe83b2019-06-13 17:43:52 -0700[diff] [blame]107 TlsConnection::Delegate* ConnectionDelegate() override { return this; }
108
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]109 private:
vasilvv4724c9c2019-08-29 11:52:11 -0700[diff] [blame]110 bool SetAlpn();
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]111 bool SetTransportParameters();
vasilvvc48c8712019-03-11 13:38:16 -0700[diff] [blame]112 bool ProcessTransportParameters(std::string* error_details);
nharperd25cd652020-05-20 13:10:26 -0700[diff] [blame]113 void HandleZeroRttReject();
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]114
fayang2f2915d2020-01-24 06:47:15 -0800[diff] [blame]115 // Called when server completes handshake (i.e., either handshake done is
116 // received or 1-RTT packet gets acknowledged).
117 void OnHandshakeConfirmed();
118
nharperdf7a77b2019-11-11 13:12:45 -0800[diff] [blame]119 void InsertSession(bssl::UniquePtr<SSL_SESSION> session) override;
120
renjietang1a391de2020-05-12 10:30:13 -0700[diff] [blame]121 bool PrepareZeroRttConfig(QuicResumptionState* cached_state);
122
nharperf579b5e2020-01-21 14:11:18 -0800[diff] [blame]123 QuicSession* session() { return session_; }
124 QuicSession* session_;
125
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]126 QuicServerId server_id_;
127
128 // Objects used for verifying the server's certificate chain.
nharpere62aab72020-11-04 16:32:09 -0800[diff] [blame]129 // |proof_verifier_| is owned by the caller of TlsHandshaker's constructor.
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]130 ProofVerifier* proof_verifier_;
131 std::unique_ptr<ProofVerifyContext> verify_context_;
nharpere62aab72020-11-04 16:32:09 -0800[diff] [blame]132
nharper40bdf532019-10-03 11:16:22 -0700[diff] [blame]133 // Unowned pointer to the proof handler which has the
134 // OnProofVerifyDetailsAvailable callback to use for notifying the result of
135 // certificate verification.
136 QuicCryptoClientStream::ProofHandler* proof_handler_;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]137
nharperdf7a77b2019-11-11 13:12:45 -0800[diff] [blame]138 // Used for session resumption. |session_cache_| is owned by the
139 // QuicCryptoClientConfig passed into TlsClientHandshaker's constructor.
140 SessionCache* session_cache_;
141
vasilvvc48c8712019-03-11 13:38:16 -0700[diff] [blame]142 std::string user_agent_id_;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]143
dschinaziaaaf1a42020-04-16 11:44:31 -0700[diff] [blame]144 // Pre-shared key used during the handshake.
145 std::string pre_shared_key_;
146
nharper0ab1c662020-11-02 17:05:32 -0800[diff] [blame]147 HandshakeState state_ = HANDSHAKE_START;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]148 bool encryption_established_ = false;
fayang44ae4e92020-04-28 13:09:42 -0700[diff] [blame]149 bool initial_keys_dropped_ = false;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]150 QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters>
151 crypto_negotiated_params_;
nharper6ebe83b2019-06-13 17:43:52 -0700[diff] [blame]152
vasilvv4724c9c2019-08-29 11:52:11 -0700[diff] [blame]153 bool allow_empty_alpn_for_tests_ = false;
nharpere0f979c2020-05-05 17:31:55 -0700[diff] [blame]154 bool allow_invalid_sni_for_tests_ = false;
vasilvv4724c9c2019-08-29 11:52:11 -0700[diff] [blame]155
renjietangbcc066a2020-04-21 18:05:57 -0700[diff] [blame]156 const bool has_application_state_;
nharper786a4ab2020-07-10 11:56:01 -0700[diff] [blame]157 // Contains the state for performing a resumption, if one is attempted. This
158 // will always be non-null if a 0-RTT resumption is attempted.
159 std::unique_ptr<QuicResumptionState> cached_state_;
renjietangbcc066a2020-04-21 18:05:57 -0700[diff] [blame]160
fayang133b8682020-12-08 05:50:33 -0800[diff] [blame]161 QuicCryptoClientConfig* crypto_config_; // Not owned.
162
nharper6ebe83b2019-06-13 17:43:52 -0700[diff] [blame]163 TlsClientConnection tls_connection_;
renjietangcc12f432020-04-09 16:44:22 -0700[diff] [blame]164
renjietangbcc066a2020-04-21 18:05:57 -0700[diff] [blame]165 // If |has_application_state_|, stores the tls session tickets before
166 // application state is received. The latest one is put in the front.
167 bssl::UniquePtr<SSL_SESSION> cached_tls_sessions_[2] = {};
168
renjietangcc12f432020-04-09 16:44:22 -0700[diff] [blame]169 std::unique_ptr<TransportParameters> received_transport_params_ = nullptr;
renjietangf21e3852020-04-13 15:45:39 -0700[diff] [blame]170 std::unique_ptr<ApplicationState> received_application_state_ = nullptr;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]171};
172
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]173} // namespace quic
174
175#endif // QUICHE_QUIC_CORE_TLS_CLIENT_HANDSHAKER_H_