net/quic/quic_crypto_stream.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_QUIC_QUIC_CRYPTO_STREAM_H_
   6 #define NET_QUIC_QUIC_CRYPTO_STREAM_H_
   7
   8 #include "base/basictypes.h"
   9 #include "net/quic/crypto/crypto_framer.h"
  10 #include "net/quic/crypto/crypto_utils.h"
  11 #include "net/quic/quic_config.h"
  12 #include "net/quic/quic_protocol.h"
  13 #include "net/quic/reliable_quic_stream.h"
  14
  15 namespace net {
  16
  17 class CryptoHandshakeMessage;
  18 class QuicSession;
  19
  20 // Crypto handshake messages in QUIC take place over a reserved
  21 // reliable stream with the id 1.  Each endpoint (client and server)
  22 // will allocate an instance of a subclass of QuicCryptoStream
  23 // to send and receive handshake messages.  (In the normal 1-RTT
  24 // handshake, the client will send a client hello, CHLO, message.
  25 // The server will receive this message and respond with a server
  26 // hello message, SHLO.  At this point both sides will have established
  27 // a crypto context they can use to send encrypted messages.
  28 //
  29 // For more details: http://goto.google.com/quic-crypto
  30 class NET_EXPORT_PRIVATE QuicCryptoStream
  31     : public ReliableQuicStream,
  32       public CryptoFramerVisitorInterface {
  33  public:
  34   explicit QuicCryptoStream(QuicSession* session);
  35
  36   // CryptoFramerVisitorInterface implementation
  37   virtual void OnError(CryptoFramer* framer) OVERRIDE;
  38   virtual void OnHandshakeMessage(
  39       const CryptoHandshakeMessage& message) OVERRIDE;
  40
  41   // ReliableQuicStream implementation
  42   virtual uint32 ProcessRawData(const char* data, uint32 data_len) OVERRIDE;
  43   virtual QuicPriority EffectivePriority() const OVERRIDE;
  44
  45   // Sends |message| to the peer.
  46   // TODO(wtc): return a success/failure status.
  47   void SendHandshakeMessage(const CryptoHandshakeMessage& message);
  48
  49   // Performs key extraction to derive a new secret of |result_len| bytes
  50   // dependent on |label|, |context|, and the stream's negotiated subkey secret.
  51   // Returns false if the handshake has not been confirmed or the parameters are
  52   // invalid (e.g. |label| contains null bytes); returns true on success.
  53   bool ExportKeyingMaterial(base::StringPiece label,
  54                             base::StringPiece context,
  55                             size_t result_len,
  56                             std::string* result) const;
  57
  58   bool encryption_established() const { return encryption_established_; }
  59   bool handshake_confirmed() const { return handshake_confirmed_; }
  60
  61   const QuicCryptoNegotiatedParameters& crypto_negotiated_params() const;
  62
  63  protected:
  64   bool encryption_established_;
  65   bool handshake_confirmed_;
  66
  67   QuicCryptoNegotiatedParameters crypto_negotiated_params_;
  68
  69  private:
  70   CryptoFramer crypto_framer_;
  71
  72   bool is_server_;
  73
  74   DISALLOW_COPY_AND_ASSIGN(QuicCryptoStream);
  75 };
  76
  77 }  // namespace net
  78
  79 #endif  // NET_QUIC_QUIC_CRYPTO_STREAM_H_