blob: 75913d1edd1363d5b5dc69337a7aee61ebe20091 [file] [log] [blame]
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include <cstdint>
#include <memory>
#include <string>
#include "base/macros.h"
#include "net/quic/crypto/channel_id.h"
#include "net/quic/crypto/proof_verifier.h"
#include "net/quic/crypto/quic_crypto_client_config.h"
#include "net/quic/quic_config.h"
#include "net/quic/quic_crypto_stream.h"
#include "net/quic/quic_server_id.h"
namespace net {
namespace test {
class CryptoTestUtils;
class QuicChromiumClientSessionPeer;
} // namespace test
class NET_EXPORT_PRIVATE QuicCryptoClientStreamBase : public QuicCryptoStream {
explicit QuicCryptoClientStreamBase(QuicSession* session);
~QuicCryptoClientStreamBase() override{};
// Performs a crypto handshake with the server.
virtual void CryptoConnect() = 0;
// num_sent_client_hellos returns the number of client hello messages that
// have been sent. If the handshake has completed then this is one greater
// than the number of round-trips needed for the handshake.
virtual int num_sent_client_hellos() const = 0;
// The number of server config update messages received by the
// client. Does not count update messages that were received prior
// to handshake confirmation.
virtual int num_scup_messages_received() const = 0;
class NET_EXPORT_PRIVATE QuicCryptoClientStream
: public QuicCryptoClientStreamBase {
// kMaxClientHellos is the maximum number of times that we'll send a client
// hello. The value 3 accounts for:
// * One failure due to an incorrect or missing source-address token.
// * One failure due the server's certificate chain being unavailible and
// the server being unwilling to send it without a valid source-address
// token.
static const int kMaxClientHellos = 3;
// ProofHandler is an interface that handles callbacks from the crypto
// stream when the client has proof verification details of the server.
class NET_EXPORT_PRIVATE ProofHandler {
virtual ~ProofHandler() {}
// Called when the proof in |cached| is marked valid. If this is a secure
// QUIC session, then this will happen only after the proof verifier
// completes.
virtual void OnProofValid(
const QuicCryptoClientConfig::CachedState& cached) = 0;
// Called when proof verification details become available, either because
// proof verification is complete, or when cached details are used. This
// will only be called for secure QUIC connections.
virtual void OnProofVerifyDetailsAvailable(
const ProofVerifyDetails& verify_details) = 0;
QuicCryptoClientStream(const QuicServerId& server_id,
QuicSession* session,
ProofVerifyContext* verify_context,
QuicCryptoClientConfig* crypto_config,
ProofHandler* proof_handler);
~QuicCryptoClientStream() override;
// From QuicCryptoClientStreamBase
void CryptoConnect() override;
int num_sent_client_hellos() const override;
int num_scup_messages_received() const override;
// CryptoFramerVisitorInterface implementation
void OnHandshakeMessage(const CryptoHandshakeMessage& message) override;
// Returns true if a channel ID was sent on this connection.
bool WasChannelIDSent() const;
// Returns true if our ChannelIDSourceCallback was run, which implies the
// ChannelIDSource operated asynchronously. Intended for testing.
bool WasChannelIDSourceCallbackRun() const;
// ChannelIDSourceCallbackImpl is passed as the callback method to
// GetChannelIDKey. The ChannelIDSource calls this class with the result of
// channel ID lookup when lookup is performed asynchronously.
class ChannelIDSourceCallbackImpl : public ChannelIDSourceCallback {
explicit ChannelIDSourceCallbackImpl(QuicCryptoClientStream* stream);
~ChannelIDSourceCallbackImpl() override;
// ChannelIDSourceCallback interface.
void Run(std::unique_ptr<ChannelIDKey>* channel_id_key) override;
// Cancel causes any future callbacks to be ignored. It must be called on
// the same thread as the callback will be made on.
void Cancel();
QuicCryptoClientStream* stream_;
// ProofVerifierCallbackImpl is passed as the callback method to VerifyProof.
// The ProofVerifier calls this class with the result of proof verification
// when verification is performed asynchronously.
class ProofVerifierCallbackImpl : public ProofVerifierCallback {
explicit ProofVerifierCallbackImpl(QuicCryptoClientStream* stream);
~ProofVerifierCallbackImpl() override;
// ProofVerifierCallback interface.
void Run(bool ok,
const std::string& error_details,
std::unique_ptr<ProofVerifyDetails>* details) override;
// Cancel causes any future callbacks to be ignored. It must be called on
// the same thread as the callback will be made on.
void Cancel();
QuicCryptoClientStream* stream_;
friend class test::CryptoTestUtils;
friend class test::QuicChromiumClientSessionPeer;
enum State {
// Handles new server config and optional source-address token provided by the
// server during a connection.
void HandleServerConfigUpdateMessage(
const CryptoHandshakeMessage& server_config_update);
// DoHandshakeLoop performs a step of the handshake state machine. Note that
// |in| may be nullptr if the call did not result from a received message.
void DoHandshakeLoop(const CryptoHandshakeMessage* in);
// Start the handshake process.
void DoInitialize(QuicCryptoClientConfig::CachedState* cached);
// Send either InchoateClientHello or ClientHello message to the server.
void DoSendCHLO(QuicCryptoClientConfig::CachedState* cached);
// Process REJ message from the server.
void DoReceiveREJ(const CryptoHandshakeMessage* in,
QuicCryptoClientConfig::CachedState* cached);
// Start the proof verification process. Returns the QuicAsyncStatus returned
// by the ProofVerifier's VerifyProof.
QuicAsyncStatus DoVerifyProof(QuicCryptoClientConfig::CachedState* cached);
// If proof is valid then it sets the proof as valid (which persists the
// server config). If not, it closes the connection.
void DoVerifyProofComplete(QuicCryptoClientConfig::CachedState* cached);
// Start the look up of Channel ID process. Returns either QUIC_SUCCESS if
// RequiresChannelID returns false or QuicAsyncStatus returned by
// GetChannelIDKey.
QuicAsyncStatus DoGetChannelID(QuicCryptoClientConfig::CachedState* cached);
// If there is no channel ID, then close the connection otherwise transtion to
void DoGetChannelIDComplete();
// Process SHLO message from the server.
void DoReceiveSHLO(const CryptoHandshakeMessage* in,
QuicCryptoClientConfig::CachedState* cached);
// Start the proof verification if |server_id_| is https and |cached| has
// signature.
void DoInitializeServerConfigUpdate(
QuicCryptoClientConfig::CachedState* cached);
// Called to set the proof of |cached| valid. Also invokes the session's
// OnProofValid() method.
void SetCachedProofValid(QuicCryptoClientConfig::CachedState* cached);
// Returns true if the server crypto config in |cached| requires a ChannelID
// and the client config settings also allow sending a ChannelID.
bool RequiresChannelID(QuicCryptoClientConfig::CachedState* cached);
State next_state_;
// num_client_hellos_ contains the number of client hello messages that this
// connection has sent.
int num_client_hellos_;
QuicCryptoClientConfig* const crypto_config_;
// SHA-256 hash of the most recently sent CHLO.
std::string chlo_hash_;
// Server's (hostname, port, is_https, privacy_mode) tuple.
const QuicServerId server_id_;
// Generation counter from QuicCryptoClientConfig's CachedState.
uint64_t generation_counter_;
// True if a channel ID was sent.
bool channel_id_sent_;
// True if channel_id_source_callback_ was run.
bool channel_id_source_callback_run_;
// channel_id_source_callback_ contains the callback object that we passed
// to an asynchronous channel ID lookup. The ChannelIDSource owns this
// object.
ChannelIDSourceCallbackImpl* channel_id_source_callback_;
// These members are used to store the result of an asynchronous channel ID
// lookup. These members must not be used after
std::unique_ptr<ChannelIDKey> channel_id_key_;
// verify_context_ contains the context object that we pass to asynchronous
// proof verifications.
std::unique_ptr<ProofVerifyContext> verify_context_;
// proof_verify_callback_ contains the callback object that we passed to an
// asynchronous proof verification. The ProofVerifier owns this object.
ProofVerifierCallbackImpl* proof_verify_callback_;
// proof_handler_ contains the callback object used by a quic client
// for proof verification. It is not owned by this class.
ProofHandler* proof_handler_;
// These members are used to store the result of an asynchronous proof
// verification. These members must not be used after
bool verify_ok_;
std::string verify_error_details_;
std::unique_ptr<ProofVerifyDetails> verify_details_;
// True if the server responded to a previous CHLO with a stateless
// reject. Used for book-keeping between the STATE_RECV_REJ,
// STATE_VERIFY_PROOF*, and subsequent STATE_SEND_CHLO state.
bool stateless_reject_received_;
base::TimeTicks proof_verify_start_time_;
int num_scup_messages_received_;
} // namespace net