net/quic/quic_crypto_client_stream.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_
   6 #define NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_
   7
   8 #include <string>
   9
  10 #include "net/quic/crypto/channel_id.h"
  11 #include "net/quic/crypto/proof_verifier.h"
  12 #include "net/quic/crypto/quic_crypto_client_config.h"
  13 #include "net/quic/quic_config.h"
  14 #include "net/quic/quic_crypto_stream.h"
  15 #include "net/quic/quic_server_id.h"
  16
  17 namespace net {
  18
  19 class QuicClientSessionBase;
  20
  21 namespace test {
  22 class CryptoTestUtils;
  23 class QuicClientSessionPeer;
  24 }  // namespace test
  25
  26 class NET_EXPORT_PRIVATE QuicCryptoClientStream : public QuicCryptoStream {
  27  public:
  28   QuicCryptoClientStream(const QuicServerId& server_id,
  29                          QuicClientSessionBase* session,
  30                          ProofVerifyContext* verify_context,
  31                          QuicCryptoClientConfig* crypto_config);
  32   ~QuicCryptoClientStream() override;
  33
  34   // CryptoFramerVisitorInterface implementation
  35   void OnHandshakeMessage(const CryptoHandshakeMessage& message) override;
  36
  37   // Performs a crypto handshake with the server. Returns true if the crypto
  38   // handshake is started successfully.
  39   // TODO(agl): this should probably return void.
  40   virtual bool CryptoConnect();
  41
  42   // num_sent_client_hellos returns the number of client hello messages that
  43   // have been sent. If the handshake has completed then this is one greater
  44   // than the number of round-trips needed for the handshake.
  45   int num_sent_client_hellos() const;
  46
  47   // Returns true if a channel ID was sent on this connection.
  48   bool WasChannelIDSent() const;
  49
  50   // Returns true if our ChannelIDSourceCallback was run, which implies the
  51   // ChannelIDSource operated asynchronously. Intended for testing.
  52   bool WasChannelIDSourceCallbackRun() const;
  53
  54  private:
  55   // ChannelIDSourceCallbackImpl is passed as the callback method to
  56   // GetChannelIDKey. The ChannelIDSource calls this class with the result of
  57   // channel ID lookup when lookup is performed asynchronously.
  58   class ChannelIDSourceCallbackImpl : public ChannelIDSourceCallback {
  59    public:
  60     explicit ChannelIDSourceCallbackImpl(QuicCryptoClientStream* stream);
  61     ~ChannelIDSourceCallbackImpl() override;
  62
  63     // ChannelIDSourceCallback interface.
  64     void Run(scoped_ptr<ChannelIDKey>* channel_id_key) override;
  65
  66     // Cancel causes any future callbacks to be ignored. It must be called on
  67     // the same thread as the callback will be made on.
  68     void Cancel();
  69
  70    private:
  71     QuicCryptoClientStream* stream_;
  72   };
  73
  74   // ProofVerifierCallbackImpl is passed as the callback method to VerifyProof.
  75   // The ProofVerifier calls this class with the result of proof verification
  76   // when verification is performed asynchronously.
  77   class ProofVerifierCallbackImpl : public ProofVerifierCallback {
  78    public:
  79     explicit ProofVerifierCallbackImpl(QuicCryptoClientStream* stream);
  80     ~ProofVerifierCallbackImpl() override;
  81
  82     // ProofVerifierCallback interface.
  83     void Run(bool ok,
  84              const string& error_details,
  85              scoped_ptr<ProofVerifyDetails>* details) override;
  86
  87     // Cancel causes any future callbacks to be ignored. It must be called on
  88     // the same thread as the callback will be made on.
  89     void Cancel();
  90
  91    private:
  92     QuicCryptoClientStream* stream_;
  93   };
  94
  95   friend class test::CryptoTestUtils;
  96   friend class test::QuicClientSessionPeer;
  97
  98   enum State {
  99     STATE_IDLE,
 100     STATE_INITIALIZE,
 101     STATE_SEND_CHLO,
 102     STATE_RECV_REJ,
 103     STATE_VERIFY_PROOF,
 104     STATE_VERIFY_PROOF_COMPLETE,
 105     STATE_GET_CHANNEL_ID,
 106     STATE_GET_CHANNEL_ID_COMPLETE,
 107     STATE_RECV_SHLO,
 108     STATE_INITIALIZE_SCUP,
 109     STATE_NONE,
 110   };
 111
 112   // Handles new server config and optional source-address token provided by the
 113   // server during a connection.
 114   void HandleServerConfigUpdateMessage(
 115       const CryptoHandshakeMessage& server_config_update);
 116
 117   // DoHandshakeLoop performs a step of the handshake state machine. Note that
 118   // |in| may be nullptr if the call did not result from a received message.
 119   void DoHandshakeLoop(const CryptoHandshakeMessage* in);
 120
 121   // Start the handshake process.
 122   void DoInitialize(QuicCryptoClientConfig::CachedState* cached);
 123
 124   // Send either InchoateClientHello or ClientHello message to the server.
 125   void DoSendCHLO(const CryptoHandshakeMessage* in,
 126                   QuicCryptoClientConfig::CachedState* cached);
 127
 128   // Process REJ message from the server.
 129   void DoReceiveREJ(const CryptoHandshakeMessage* in,
 130                     QuicCryptoClientConfig::CachedState* cached);
 131
 132   // Start the proof verification process. Returns the QuicAsyncStatus returned
 133   // by the ProofVerifier's VerifyProof.
 134   QuicAsyncStatus DoVerifyProof(QuicCryptoClientConfig::CachedState* cached);
 135
 136   // If proof is valid then it sets the proof as valid (which persists the
 137   // server config). If not, it closes the connection.
 138   void DoVerifyProofComplete(QuicCryptoClientConfig::CachedState* cached);
 139
 140   // Start the look up of Channel ID process. Returns either QUIC_SUCCESS if
 141   // RequiresChannelID returns false or QuicAsyncStatus returned by
 142   // GetChannelIDKey.
 143   QuicAsyncStatus DoGetChannelID(QuicCryptoClientConfig::CachedState* cached);
 144
 145   // If there is no channel ID, then close the connection otherwise transtion to
 146   // STATE_SEND_CHLO state.
 147   void DoGetChannelIDComplete();
 148
 149   // Process SHLO message from the server.
 150   void DoReceiveSHLO(const CryptoHandshakeMessage* in,
 151                      QuicCryptoClientConfig::CachedState* cached);
 152
 153   // Start the proof verification if |server_id_| is https and |cached| has
 154   // signature.
 155   void DoInitializeServerConfigUpdate(
 156       QuicCryptoClientConfig::CachedState* cached);
 157
 158   // Called to set the proof of |cached| valid.  Also invokes the session's
 159   // OnProofValid() method.
 160   void SetCachedProofValid(QuicCryptoClientConfig::CachedState* cached);
 161
 162   // Returns true if the server crypto config in |cached| requires a ChannelID
 163   // and the client config settings also allow sending a ChannelID.
 164   bool RequiresChannelID(QuicCryptoClientConfig::CachedState* cached);
 165
 166   QuicClientSessionBase* client_session();
 167
 168   State next_state_;
 169   // num_client_hellos_ contains the number of client hello messages that this
 170   // connection has sent.
 171   int num_client_hellos_;
 172
 173   QuicCryptoClientConfig* const crypto_config_;
 174
 175   // Client's connection nonce (4-byte timestamp + 28 random bytes)
 176   std::string nonce_;
 177   // Server's (hostname, port, is_https, privacy_mode) tuple.
 178   const QuicServerId server_id_;
 179
 180   // Generation counter from QuicCryptoClientConfig's CachedState.
 181   uint64 generation_counter_;
 182
 183   // True if a channel ID was sent.
 184   bool channel_id_sent_;
 185
 186   // True if channel_id_source_callback_ was run.
 187   bool channel_id_source_callback_run_;
 188
 189   // channel_id_source_callback_ contains the callback object that we passed
 190   // to an asynchronous channel ID lookup. The ChannelIDSource owns this
 191   // object.
 192   ChannelIDSourceCallbackImpl* channel_id_source_callback_;
 193
 194   // These members are used to store the result of an asynchronous channel ID
 195   // lookup. These members must not be used after
 196   // STATE_GET_CHANNEL_ID_COMPLETE.
 197   scoped_ptr<ChannelIDKey> channel_id_key_;
 198
 199   // verify_context_ contains the context object that we pass to asynchronous
 200   // proof verifications.
 201   scoped_ptr<ProofVerifyContext> verify_context_;
 202
 203   // proof_verify_callback_ contains the callback object that we passed to an
 204   // asynchronous proof verification. The ProofVerifier owns this object.
 205   ProofVerifierCallbackImpl* proof_verify_callback_;
 206
 207   // These members are used to store the result of an asynchronous proof
 208   // verification. These members must not be used after
 209   // STATE_VERIFY_PROOF_COMPLETE.
 210   bool verify_ok_;
 211   string verify_error_details_;
 212   scoped_ptr<ProofVerifyDetails> verify_details_;
 213
 214   DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientStream);
 215 };
 216
 217 }  // namespace net
 218
 219 #endif  // NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_