Switch global error menu icon to vectorized MD asset
[chromium-blink-merge.git] / net / quic / quic_crypto_client_stream.h
blobedfc1f58e3976ba13946406b0aa230fb3e9e6052
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_
6 #define NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_
8 #include <string>
10 #include "net/quic/crypto/channel_id.h"
11 #include "net/quic/crypto/proof_verifier.h"
12 #include "net/quic/crypto/quic_crypto_client_config.h"
13 #include "net/quic/quic_config.h"
14 #include "net/quic/quic_crypto_stream.h"
15 #include "net/quic/quic_server_id.h"
17 namespace net {
19 class QuicClientSessionBase;
21 namespace test {
22 class CryptoTestUtils;
23 class QuicChromiumClientSessionPeer;
24 } // namespace test
26 class NET_EXPORT_PRIVATE QuicCryptoClientStream : public QuicCryptoStream {
27 public:
28 // kMaxClientHellos is the maximum number of times that we'll send a client
29 // hello. The value 3 accounts for:
30 // * One failure due to an incorrect or missing source-address token.
31 // * One failure due the server's certificate chain being unavailible and
32 // the server being unwilling to send it without a valid source-address
33 // token.
34 static const int kMaxClientHellos = 3;
36 QuicCryptoClientStream(const QuicServerId& server_id,
37 QuicClientSessionBase* session,
38 ProofVerifyContext* verify_context,
39 QuicCryptoClientConfig* crypto_config);
40 ~QuicCryptoClientStream() override;
42 // CryptoFramerVisitorInterface implementation
43 void OnHandshakeMessage(const CryptoHandshakeMessage& message) override;
45 // Performs a crypto handshake with the server.
46 virtual void CryptoConnect();
48 // num_sent_client_hellos returns the number of client hello messages that
49 // have been sent. If the handshake has completed then this is one greater
50 // than the number of round-trips needed for the handshake.
51 int num_sent_client_hellos() const;
53 // Returns true if a channel ID was sent on this connection.
54 bool WasChannelIDSent() const;
56 // Returns true if our ChannelIDSourceCallback was run, which implies the
57 // ChannelIDSource operated asynchronously. Intended for testing.
58 bool WasChannelIDSourceCallbackRun() const;
60 private:
61 // ChannelIDSourceCallbackImpl is passed as the callback method to
62 // GetChannelIDKey. The ChannelIDSource calls this class with the result of
63 // channel ID lookup when lookup is performed asynchronously.
64 class ChannelIDSourceCallbackImpl : public ChannelIDSourceCallback {
65 public:
66 explicit ChannelIDSourceCallbackImpl(QuicCryptoClientStream* stream);
67 ~ChannelIDSourceCallbackImpl() override;
69 // ChannelIDSourceCallback interface.
70 void Run(scoped_ptr<ChannelIDKey>* channel_id_key) override;
72 // Cancel causes any future callbacks to be ignored. It must be called on
73 // the same thread as the callback will be made on.
74 void Cancel();
76 private:
77 QuicCryptoClientStream* stream_;
80 // ProofVerifierCallbackImpl is passed as the callback method to VerifyProof.
81 // The ProofVerifier calls this class with the result of proof verification
82 // when verification is performed asynchronously.
83 class ProofVerifierCallbackImpl : public ProofVerifierCallback {
84 public:
85 explicit ProofVerifierCallbackImpl(QuicCryptoClientStream* stream);
86 ~ProofVerifierCallbackImpl() override;
88 // ProofVerifierCallback interface.
89 void Run(bool ok,
90 const std::string& error_details,
91 scoped_ptr<ProofVerifyDetails>* details) override;
93 // Cancel causes any future callbacks to be ignored. It must be called on
94 // the same thread as the callback will be made on.
95 void Cancel();
97 private:
98 QuicCryptoClientStream* stream_;
101 friend class test::CryptoTestUtils;
102 friend class test::QuicChromiumClientSessionPeer;
104 enum State {
105 STATE_IDLE,
106 STATE_INITIALIZE,
107 STATE_SEND_CHLO,
108 STATE_RECV_REJ,
109 STATE_VERIFY_PROOF,
110 STATE_VERIFY_PROOF_COMPLETE,
111 STATE_GET_CHANNEL_ID,
112 STATE_GET_CHANNEL_ID_COMPLETE,
113 STATE_RECV_SHLO,
114 STATE_INITIALIZE_SCUP,
115 STATE_NONE,
118 // Handles new server config and optional source-address token provided by the
119 // server during a connection.
120 void HandleServerConfigUpdateMessage(
121 const CryptoHandshakeMessage& server_config_update);
123 // DoHandshakeLoop performs a step of the handshake state machine. Note that
124 // |in| may be nullptr if the call did not result from a received message.
125 void DoHandshakeLoop(const CryptoHandshakeMessage* in);
127 // Start the handshake process.
128 void DoInitialize(QuicCryptoClientConfig::CachedState* cached);
130 // Send either InchoateClientHello or ClientHello message to the server.
131 void DoSendCHLO(const CryptoHandshakeMessage* in,
132 QuicCryptoClientConfig::CachedState* cached);
134 // Process REJ message from the server.
135 void DoReceiveREJ(const CryptoHandshakeMessage* in,
136 QuicCryptoClientConfig::CachedState* cached);
138 // Start the proof verification process. Returns the QuicAsyncStatus returned
139 // by the ProofVerifier's VerifyProof.
140 QuicAsyncStatus DoVerifyProof(QuicCryptoClientConfig::CachedState* cached);
142 // If proof is valid then it sets the proof as valid (which persists the
143 // server config). If not, it closes the connection.
144 void DoVerifyProofComplete(QuicCryptoClientConfig::CachedState* cached);
146 // Start the look up of Channel ID process. Returns either QUIC_SUCCESS if
147 // RequiresChannelID returns false or QuicAsyncStatus returned by
148 // GetChannelIDKey.
149 QuicAsyncStatus DoGetChannelID(QuicCryptoClientConfig::CachedState* cached);
151 // If there is no channel ID, then close the connection otherwise transtion to
152 // STATE_SEND_CHLO state.
153 void DoGetChannelIDComplete();
155 // Process SHLO message from the server.
156 void DoReceiveSHLO(const CryptoHandshakeMessage* in,
157 QuicCryptoClientConfig::CachedState* cached);
159 // Start the proof verification if |server_id_| is https and |cached| has
160 // signature.
161 void DoInitializeServerConfigUpdate(
162 QuicCryptoClientConfig::CachedState* cached);
164 // Called to set the proof of |cached| valid. Also invokes the session's
165 // OnProofValid() method.
166 void SetCachedProofValid(QuicCryptoClientConfig::CachedState* cached);
168 // Returns true if the server crypto config in |cached| requires a ChannelID
169 // and the client config settings also allow sending a ChannelID.
170 bool RequiresChannelID(QuicCryptoClientConfig::CachedState* cached);
172 QuicClientSessionBase* client_session();
174 State next_state_;
175 // num_client_hellos_ contains the number of client hello messages that this
176 // connection has sent.
177 int num_client_hellos_;
179 QuicCryptoClientConfig* const crypto_config_;
181 // Client's connection nonce (4-byte timestamp + 28 random bytes)
182 std::string nonce_;
183 // Server's (hostname, port, is_https, privacy_mode) tuple.
184 const QuicServerId server_id_;
186 // Generation counter from QuicCryptoClientConfig's CachedState.
187 uint64 generation_counter_;
189 // True if a channel ID was sent.
190 bool channel_id_sent_;
192 // True if channel_id_source_callback_ was run.
193 bool channel_id_source_callback_run_;
195 // channel_id_source_callback_ contains the callback object that we passed
196 // to an asynchronous channel ID lookup. The ChannelIDSource owns this
197 // object.
198 ChannelIDSourceCallbackImpl* channel_id_source_callback_;
200 // These members are used to store the result of an asynchronous channel ID
201 // lookup. These members must not be used after
202 // STATE_GET_CHANNEL_ID_COMPLETE.
203 scoped_ptr<ChannelIDKey> channel_id_key_;
205 // verify_context_ contains the context object that we pass to asynchronous
206 // proof verifications.
207 scoped_ptr<ProofVerifyContext> verify_context_;
209 // proof_verify_callback_ contains the callback object that we passed to an
210 // asynchronous proof verification. The ProofVerifier owns this object.
211 ProofVerifierCallbackImpl* proof_verify_callback_;
213 // These members are used to store the result of an asynchronous proof
214 // verification. These members must not be used after
215 // STATE_VERIFY_PROOF_COMPLETE.
216 bool verify_ok_;
217 std::string verify_error_details_;
218 scoped_ptr<ProofVerifyDetails> verify_details_;
220 // True if the server responded to a previous CHLO with a stateless
221 // reject. Used for book-keeping between the STATE_RECV_REJ,
222 // STATE_VERIFY_PROOF*, and subsequent STATE_SEND_CHLO state.
223 bool stateless_reject_received_;
225 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientStream);
228 } // namespace net
230 #endif // NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_