12a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 22a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 32a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// found in the LICENSE file. 42a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 52a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#ifndef NET_QUIC_QUIC_CRYPTO_SERVER_STREAM_H_ 62a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#define NET_QUIC_QUIC_CRYPTO_SERVER_STREAM_H_ 72a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 82a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include <string> 92a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "net/quic/crypto/crypto_handshake.h" 11f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "net/quic/crypto/quic_crypto_server_config.h" 12c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "net/quic/quic_config.h" 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "net/quic/quic_crypto_stream.h" 142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace net { 162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1703b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)class CachedNetworkParameters; 18c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)class CryptoHandshakeMessage; 19c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)class QuicCryptoServerConfig; 206e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)class QuicCryptoServerStream; 212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class QuicSession; 222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace test { 242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class CryptoTestUtils; 252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace test 262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 276e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)// Receives a notification when the server hello (SHLO) has been ACKed by the 286e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)// peer. At this point we disable HANDSHAKE_MODE in the sent packet manager. 296e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)class NET_EXPORT_PRIVATE ServerHelloNotifier : public 306e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) QuicAckNotifier::DelegateInterface { 316e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) public: 326e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) explicit ServerHelloNotifier(QuicCryptoServerStream* stream) 336e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) : server_stream_(stream) {} 346e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) 356e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) // QuicAckNotifier::DelegateInterface implementation 366e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) virtual void OnAckNotification( 376e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) int num_original_packets, 386e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) int num_original_bytes, 396e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) int num_retransmitted_packets, 406e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) int num_retransmitted_bytes, 416e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) QuicTime::Delta delta_largest_observed) OVERRIDE; 426e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) 436e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) private: 446e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) virtual ~ServerHelloNotifier() {} 456e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) 466e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) QuicCryptoServerStream* server_stream_; 476e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) 486e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(ServerHelloNotifier); 496e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)}; 506e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) 512a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class NET_EXPORT_PRIVATE QuicCryptoServerStream : public QuicCryptoStream { 522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public: 5390dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) QuicCryptoServerStream(const QuicCryptoServerConfig& crypto_config, 54c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) QuicSession* session); 552a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual ~QuicCryptoServerStream(); 56a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) 57a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) // Cancel any outstanding callbacks, such as asynchronous validation of client 58a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) // hello. 59a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) void CancelOutstandingCallbacks(); 602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // CryptoFramerVisitorInterface implementation 622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void OnHandshakeMessage( 632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const CryptoHandshakeMessage& message) OVERRIDE; 642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 659ab5563a3196760eb381d102cbb2bc0f7abc6a50Ben Murdoch // GetBase64SHA256ClientChannelID sets |*output| to the base64 encoded, 669ab5563a3196760eb381d102cbb2bc0f7abc6a50Ben Murdoch // SHA-256 hash of the client's ChannelID key and returns true, if the client 679ab5563a3196760eb381d102cbb2bc0f7abc6a50Ben Murdoch // presented a ChannelID. Otherwise it returns false. 68a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) bool GetBase64SHA256ClientChannelID(std::string* output) const; 699ab5563a3196760eb381d102cbb2bc0f7abc6a50Ben Murdoch 705c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu uint8 num_handshake_messages() const { return num_handshake_messages_; } 715c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu 726e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) int num_server_config_update_messages_sent() const { 736e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) return num_server_config_update_messages_sent_; 746e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) } 756e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) 766e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) // Sends the latest server config and source-address token to the client. 7703b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) virtual void SendServerConfigUpdate( 7803b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) const CachedNetworkParameters* cached_network_params); 796e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) 806e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) // Called by the ServerHello AckNotifier once the SHLO has been ACKed by the 816e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) // client. 826e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) void OnServerHelloAcked(); 836e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) 8490dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) protected: 8590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) virtual QuicErrorCode ProcessClientHello( 8690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) const CryptoHandshakeMessage& message, 87f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const ValidateClientHelloResultCallback::Result& result, 8890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) CryptoHandshakeMessage* reply, 89a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) std::string* error_details); 9090dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 91cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) // Hook that allows the server to set QuicConfig defaults just 92cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) // before going through the parameter negotiation step. 93cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) virtual void OverrideQuicConfigDefaults(QuicConfig* config); 94cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) private: 962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) friend class test::CryptoTestUtils; 972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 98f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) class ValidateCallback : public ValidateClientHelloResultCallback { 99f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) public: 100f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) explicit ValidateCallback(QuicCryptoServerStream* parent); 101f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // To allow the parent to detach itself from the callback before deletion. 102f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) void Cancel(); 103f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 104f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // From ValidateClientHelloResultCallback 105f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) virtual void RunImpl(const CryptoHandshakeMessage& client_hello, 106f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const Result& result) OVERRIDE; 107f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 108f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) private: 109f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) QuicCryptoServerStream* parent_; 110f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 111f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(ValidateCallback); 112f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) }; 113f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 114f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Invoked by ValidateCallback::RunImpl once initial validation of 115f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // the client hello is complete. Finishes processing of the client 116f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // hello message and handles handshake success/failure. 117f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) void FinishProcessingHandshakeMessage( 118f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const CryptoHandshakeMessage& message, 119f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const ValidateClientHelloResultCallback::Result& result); 120f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 1212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // crypto_config_ contains crypto parameters for the handshake. 122c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const QuicCryptoServerConfig& crypto_config_; 123f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 124f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Pointer to the active callback that will receive the result of 125f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // the client hello validation request and forward it to 126f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // FinishProcessingHandshakeMessage for processing. NULL if no 127f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // handshake message is being validated. 128f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ValidateCallback* validate_client_hello_cb_; 1290529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 1306e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) // Number of handshake messages received by this stream. 1315c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu uint8 num_handshake_messages_; 1325c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu 1336e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) // Number of server config update (SCUP) messages sent by this stream. 1346e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) int num_server_config_update_messages_sent_; 1356e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) 1360529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch DISALLOW_COPY_AND_ASSIGN(QuicCryptoServerStream); 1372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)}; 1382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace net 1402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#endif // NET_QUIC_QUIC_CRYPTO_SERVER_STREAM_H_ 142