1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_QUIC_QUIC_CRYPTO_STREAM_H_
6#define NET_QUIC_QUIC_CRYPTO_STREAM_H_
7
8#include "base/basictypes.h"
9#include "net/quic/crypto/crypto_framer.h"
10#include "net/quic/crypto/crypto_utils.h"
11#include "net/quic/quic_config.h"
12#include "net/quic/quic_protocol.h"
13#include "net/quic/reliable_quic_stream.h"
14
15namespace net {
16
17class CryptoHandshakeMessage;
18class QuicSession;
19
20// Crypto handshake messages in QUIC take place over a reserved
21// reliable stream with the id 1.  Each endpoint (client and server)
22// will allocate an instance of a subclass of QuicCryptoStream
23// to send and receive handshake messages.  (In the normal 1-RTT
24// handshake, the client will send a client hello, CHLO, message.
25// The server will receive this message and respond with a server
26// hello message, SHLO.  At this point both sides will have established
27// a crypto context they can use to send encrypted messages.
28//
29// For more details: http://goto.google.com/quic-crypto
30class NET_EXPORT_PRIVATE QuicCryptoStream
31    : public ReliableQuicStream,
32      public CryptoFramerVisitorInterface {
33 public:
34  explicit QuicCryptoStream(QuicSession* session);
35
36  // CryptoFramerVisitorInterface implementation
37  virtual void OnError(CryptoFramer* framer) OVERRIDE;
38  virtual void OnHandshakeMessage(
39      const CryptoHandshakeMessage& message) OVERRIDE;
40
41  // ReliableQuicStream implementation
42  virtual uint32 ProcessRawData(const char* data, uint32 data_len) OVERRIDE;
43  virtual QuicPriority EffectivePriority() const OVERRIDE;
44
45  // Sends |message| to the peer.
46  // TODO(wtc): return a success/failure status.
47  void SendHandshakeMessage(const CryptoHandshakeMessage& message);
48  // As above, but registers |delegate| for notification when |message| has been
49  // ACKed by the peer.
50  void SendHandshakeMessage(const CryptoHandshakeMessage& message,
51                            QuicAckNotifier::DelegateInterface* delegate);
52
53  // Performs key extraction to derive a new secret of |result_len| bytes
54  // dependent on |label|, |context|, and the stream's negotiated subkey secret.
55  // Returns false if the handshake has not been confirmed or the parameters are
56  // invalid (e.g. |label| contains null bytes); returns true on success.
57  bool ExportKeyingMaterial(base::StringPiece label,
58                            base::StringPiece context,
59                            size_t result_len,
60                            std::string* result) const;
61
62  bool encryption_established() const { return encryption_established_; }
63  bool handshake_confirmed() const { return handshake_confirmed_; }
64
65  const QuicCryptoNegotiatedParameters& crypto_negotiated_params() const;
66
67 protected:
68  bool encryption_established_;
69  bool handshake_confirmed_;
70
71  QuicCryptoNegotiatedParameters crypto_negotiated_params_;
72
73 private:
74  CryptoFramer crypto_framer_;
75
76  DISALLOW_COPY_AND_ASSIGN(QuicCryptoStream);
77};
78
79}  // namespace net
80
81#endif  // NET_QUIC_QUIC_CRYPTO_STREAM_H_
82