We started redesigning GpuMemoryBuffer interface to handle multiple buffers [0].
[chromium-blink-merge.git] / net / quic / crypto / quic_crypto_client_config.h
blob4bfed1bcd2b5f35622995a93da175afd1974d038
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_QUIC_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_
6 #define NET_QUIC_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_
8 #include <map>
9 #include <string>
10 #include <vector>
12 #include "base/memory/scoped_ptr.h"
13 #include "base/strings/string_piece.h"
14 #include "net/base/net_export.h"
15 #include "net/quic/crypto/crypto_handshake.h"
16 #include "net/quic/quic_protocol.h"
17 #include "net/quic/quic_server_id.h"
19 namespace net {
21 class ChannelIDKey;
22 class ChannelIDSource;
23 class CryptoHandshakeMessage;
24 class ProofVerifier;
25 class ProofVerifyDetails;
26 class QuicRandom;
28 // QuicCryptoClientConfig contains crypto-related configuration settings for a
29 // client. Note that this object isn't thread-safe. It's designed to be used on
30 // a single thread at a time.
31 class NET_EXPORT_PRIVATE QuicCryptoClientConfig : public QuicCryptoConfig {
32 public:
33 // A CachedState contains the information that the client needs in order to
34 // perform a 0-RTT handshake with a server. This information can be reused
35 // over several connections to the same server.
36 class NET_EXPORT_PRIVATE CachedState {
37 public:
38 // Enum to track if the server config is valid or not. If it is not valid,
39 // it specifies why it is invalid.
40 enum ServerConfigState {
41 // WARNING: Do not change the numerical values of any of server config
42 // state. Do not remove deprecated server config states - just comment
43 // them as deprecated.
44 SERVER_CONFIG_EMPTY = 0,
45 SERVER_CONFIG_INVALID = 1,
46 SERVER_CONFIG_CORRUPTED = 2,
47 SERVER_CONFIG_EXPIRED = 3,
48 SERVER_CONFIG_INVALID_EXPIRY = 4,
49 SERVER_CONFIG_VALID = 5,
50 // NOTE: Add new server config states only immediately above this line.
51 // Make sure to update the QuicServerConfigState enum in
52 // tools/metrics/histograms/histograms.xml accordingly.
53 SERVER_CONFIG_COUNT
56 CachedState();
57 ~CachedState();
59 // IsComplete returns true if this object contains enough information to
60 // perform a handshake with the server. |now| is used to judge whether any
61 // cached server config has expired.
62 bool IsComplete(QuicWallTime now) const;
64 // IsEmpty returns true if |server_config_| is empty.
65 bool IsEmpty() const;
67 // GetServerConfig returns the parsed contents of |server_config|, or
68 // nullptr if |server_config| is empty. The return value is owned by this
69 // object and is destroyed when this object is.
70 const CryptoHandshakeMessage* GetServerConfig() const;
72 // SetServerConfig checks that |server_config| parses correctly and stores
73 // it in |server_config_|. |now| is used to judge whether |server_config|
74 // has expired.
75 ServerConfigState SetServerConfig(base::StringPiece server_config,
76 QuicWallTime now,
77 std::string* error_details);
79 // InvalidateServerConfig clears the cached server config (if any).
80 void InvalidateServerConfig();
82 // SetProof stores a certificate chain and signature.
83 void SetProof(const std::vector<std::string>& certs,
84 base::StringPiece signature);
86 // Clears all the data.
87 void Clear();
89 // Clears the certificate chain and signature and invalidates the proof.
90 void ClearProof();
92 // SetProofValid records that the certificate chain and signature have been
93 // validated and that it's safe to assume that the server is legitimate.
94 // (Note: this does not check the chain or signature.)
95 void SetProofValid();
97 // If the server config or the proof has changed then it needs to be
98 // revalidated. Helper function to keep server_config_valid_ and
99 // generation_counter_ in sync.
100 void SetProofInvalid();
102 const std::string& server_config() const;
103 const std::string& source_address_token() const;
104 const std::vector<std::string>& certs() const;
105 const std::string& signature() const;
106 bool proof_valid() const;
107 uint64 generation_counter() const;
108 const ProofVerifyDetails* proof_verify_details() const;
110 void set_source_address_token(base::StringPiece token);
112 // SetProofVerifyDetails takes ownership of |details|.
113 void SetProofVerifyDetails(ProofVerifyDetails* details);
115 // Copy the |server_config_|, |source_address_token_|, |certs_| and
116 // |server_config_sig_| from the |other|. The remaining fields,
117 // |generation_counter_|, |proof_verify_details_|, and |scfg_| remain
118 // unchanged.
119 void InitializeFrom(const CachedState& other);
121 // Initializes this cached state based on the arguments provided.
122 // Returns false if there is a problem parsing the server config.
123 bool Initialize(base::StringPiece server_config,
124 base::StringPiece source_address_token,
125 const std::vector<std::string>& certs,
126 base::StringPiece signature,
127 QuicWallTime now);
129 private:
130 std::string server_config_; // A serialized handshake message.
131 std::string source_address_token_; // An opaque proof of IP ownership.
132 std::vector<std::string> certs_; // A list of certificates in leaf-first
133 // order.
134 std::string server_config_sig_; // A signature of |server_config_|.
135 bool server_config_valid_; // True if |server_config_| is correctly
136 // signed and |certs_| has been
137 // validated.
138 // Generation counter associated with the |server_config_|, |certs_| and
139 // |server_config_sig_| combination. It is incremented whenever we set
140 // server_config_valid_ to false.
141 uint64 generation_counter_;
143 scoped_ptr<ProofVerifyDetails> proof_verify_details_;
145 // scfg contains the cached, parsed value of |server_config|.
146 mutable scoped_ptr<CryptoHandshakeMessage> scfg_;
148 DISALLOW_COPY_AND_ASSIGN(CachedState);
151 QuicCryptoClientConfig();
152 ~QuicCryptoClientConfig();
154 // LookupOrCreate returns a CachedState for the given |server_id|. If no such
155 // CachedState currently exists, it will be created and cached.
156 CachedState* LookupOrCreate(const QuicServerId& server_id);
158 // Delete all CachedState objects from cached_states_.
159 void ClearCachedStates();
161 // FillInchoateClientHello sets |out| to be a CHLO message that elicits a
162 // source-address token or SCFG from a server. If |cached| is non-nullptr, the
163 // source-address token will be taken from it. |out_params| is used in order
164 // to store the cached certs that were sent as hints to the server in
165 // |out_params->cached_certs|. |preferred_version| is the version of the
166 // QUIC protocol that this client chose to use initially. This allows the
167 // server to detect downgrade attacks.
168 void FillInchoateClientHello(const QuicServerId& server_id,
169 const QuicVersion preferred_version,
170 const CachedState* cached,
171 QuicCryptoNegotiatedParameters* out_params,
172 CryptoHandshakeMessage* out) const;
174 // FillClientHello sets |out| to be a CHLO message based on the configuration
175 // of this object. This object must have cached enough information about
176 // the server's hostname in order to perform a handshake. This can be checked
177 // with the |IsComplete| member of |CachedState|.
179 // |now| and |rand| are used to generate the nonce and |out_params| is
180 // filled with the results of the handshake that the server is expected to
181 // accept. |preferred_version| is the version of the QUIC protocol that this
182 // client chose to use initially. This allows the server to detect downgrade
183 // attacks.
185 // If |channel_id_key| is not null, it is used to sign a secret value derived
186 // from the client and server's keys, and the Channel ID public key and the
187 // signature are placed in the CETV value of the CHLO.
188 QuicErrorCode FillClientHello(const QuicServerId& server_id,
189 QuicConnectionId connection_id,
190 const QuicVersion preferred_version,
191 const CachedState* cached,
192 QuicWallTime now,
193 QuicRandom* rand,
194 const ChannelIDKey* channel_id_key,
195 QuicCryptoNegotiatedParameters* out_params,
196 CryptoHandshakeMessage* out,
197 std::string* error_details) const;
199 // ProcessRejection processes a REJ message from a server and updates the
200 // cached information about that server. After this, |IsComplete| may return
201 // true for that server's CachedState. If the rejection message contains
202 // state about a future handshake (i.e. an nonce value from the server), then
203 // it will be saved in |out_params|. |now| is used to judge whether the
204 // server config in the rejection message has expired. |is_https| is used to
205 // track reject reason for secure vs insecure QUIC.
206 QuicErrorCode ProcessRejection(const CryptoHandshakeMessage& rej,
207 QuicWallTime now,
208 CachedState* cached,
209 bool is_https,
210 QuicCryptoNegotiatedParameters* out_params,
211 std::string* error_details);
213 // ProcessServerHello processes the message in |server_hello|, updates the
214 // cached information about that server, writes the negotiated parameters to
215 // |out_params| and returns QUIC_NO_ERROR. If |server_hello| is unacceptable
216 // then it puts an error message in |error_details| and returns an error
217 // code. |negotiated_versions| contains the list of version, if any, that were
218 // present in a version negotiation packet previously recevied from the
219 // server. The contents of this list will be compared against the list of
220 // versions provided in the VER tag of the server hello.
221 QuicErrorCode ProcessServerHello(const CryptoHandshakeMessage& server_hello,
222 QuicConnectionId connection_id,
223 const QuicVersionVector& negotiated_versions,
224 CachedState* cached,
225 QuicCryptoNegotiatedParameters* out_params,
226 std::string* error_details);
228 // Processes the message in |server_update|, updating the cached source
229 // address token, and server config.
230 // If |server_update| is invalid then |error_details| will contain an error
231 // message, and an error code will be returned. If all has gone well
232 // QUIC_NO_ERROR is returned.
233 QuicErrorCode ProcessServerConfigUpdate(
234 const CryptoHandshakeMessage& server_update,
235 QuicWallTime now,
236 CachedState* cached,
237 QuicCryptoNegotiatedParameters* out_params,
238 std::string* error_details);
240 ProofVerifier* proof_verifier() const;
242 // SetProofVerifier takes ownership of a |ProofVerifier| that clients are
243 // free to use in order to verify certificate chains from servers. If a
244 // ProofVerifier is set then the client will request a certificate chain from
245 // the server.
246 void SetProofVerifier(ProofVerifier* verifier);
248 ChannelIDSource* channel_id_source() const;
250 // SetChannelIDSource sets a ChannelIDSource that will be called, when the
251 // server supports channel IDs, to obtain a channel ID for signing a message
252 // proving possession of the channel ID. This object takes ownership of
253 // |source|.
254 void SetChannelIDSource(ChannelIDSource* source);
256 // Initialize the CachedState from |canonical_crypto_config| for the
257 // |canonical_server_id| as the initial CachedState for |server_id|. We will
258 // copy config data only if |canonical_crypto_config| has valid proof.
259 void InitializeFrom(const QuicServerId& server_id,
260 const QuicServerId& canonical_server_id,
261 QuicCryptoClientConfig* canonical_crypto_config);
263 // Adds |suffix| as a domain suffix for which the server's crypto config
264 // is expected to be shared among servers with the domain suffix. If a server
265 // matches this suffix, then the server config from another server with the
266 // suffix will be used to initialize the cached state for this server.
267 void AddCanonicalSuffix(const std::string& suffix);
269 // Prefers AES-GCM (kAESG) over other AEAD algorithms. Call this method if
270 // the CPU has hardware acceleration for AES-GCM. This method can only be
271 // called after SetDefaults().
272 void PreferAesGcm();
274 // Disables the use of ECDSA for proof verification.
275 // Call this method on platforms that do not support ECDSA.
276 // TODO(rch): remove this method when we drop support for Windows XP.
277 void DisableEcdsa();
279 // Saves the |user_agent_id| that will be passed in QUIC's CHLO message.
280 void set_user_agent_id(const std::string& user_agent_id) {
281 user_agent_id_ = user_agent_id;
284 private:
285 typedef std::map<QuicServerId, CachedState*> CachedStateMap;
287 // Sets the members to reasonable, default values.
288 void SetDefaults();
290 // CacheNewServerConfig checks for SCFG, STK, PROF, and CRT tags in |message|,
291 // verifies them, and stores them in the cached state if they validate.
292 // This is used on receipt of a REJ from a server, or when a server sends
293 // updated server config during a connection.
294 QuicErrorCode CacheNewServerConfig(
295 const CryptoHandshakeMessage& message,
296 QuicWallTime now,
297 const std::vector<std::string>& cached_certs,
298 CachedState* cached,
299 std::string* error_details);
301 // If the suffix of the hostname in |server_id| is in |canonical_suffixes_|,
302 // then populate |cached| with the canonical cached state from
303 // |canonical_server_map_| for that suffix. Returns true if |cached| is
304 // initialized with canonical cached state.
305 bool PopulateFromCanonicalConfig(const QuicServerId& server_id,
306 CachedState* cached);
308 // cached_states_ maps from the server_id to the cached information about
309 // that server.
310 CachedStateMap cached_states_;
312 // Contains a map of servers which could share the same server config. Map
313 // from a canonical host suffix/port/scheme to a representative server with
314 // the canonical suffix, which has a plausible set of initial certificates
315 // (or at least server public key).
316 std::map<QuicServerId, QuicServerId> canonical_server_map_;
318 // Contains list of suffixes (for exmaple ".c.youtube.com",
319 // ".googlevideo.com") of canonical hostnames.
320 std::vector<std::string> canonical_suffixes_;
322 scoped_ptr<ProofVerifier> proof_verifier_;
323 scoped_ptr<ChannelIDSource> channel_id_source_;
325 // True if ECDSA should be disabled.
326 bool disable_ecdsa_;
328 // The |user_agent_id_| passed in QUIC's CHLO message.
329 std::string user_agent_id_;
331 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig);
334 } // namespace net
336 #endif // NET_QUIC_CRYPTO_QUIC_CRYPTO_CLIENT_CONFIG_H_