1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef QUICHE_QUIC_CORE_QUIC_CRYPTO_SERVER_STREAM_H_ 6 #define QUICHE_QUIC_CORE_QUIC_CRYPTO_SERVER_STREAM_H_ 7 8 #include <string> 9 10 #include "quiche/quic/core/proto/cached_network_parameters_proto.h" 11 #include "quiche/quic/core/proto/source_address_token_proto.h" 12 #include "quiche/quic/core/quic_crypto_handshaker.h" 13 #include "quiche/quic/core/quic_crypto_server_stream_base.h" 14 #include "quiche/quic/core/quic_session.h" 15 #include "quiche/quic/core/quic_types.h" 16 #include "quiche/quic/platform/api/quic_export.h" 17 18 namespace quic { 19 20 namespace test { 21 class QuicCryptoServerStreamPeer; 22 } // namespace test 23 24 class QUIC_EXPORT_PRIVATE QuicCryptoServerStream 25 : public QuicCryptoServerStreamBase, 26 public QuicCryptoHandshaker { 27 public: 28 QuicCryptoServerStream(const QuicCryptoServerStream&) = delete; 29 QuicCryptoServerStream& operator=(const QuicCryptoServerStream&) = delete; 30 31 ~QuicCryptoServerStream() override; 32 33 // From QuicCryptoServerStreamBase 34 void CancelOutstandingCallbacks() override; 35 bool GetBase64SHA256ClientChannelID(std::string* output) const override; 36 void SendServerConfigUpdate( 37 const CachedNetworkParameters* cached_network_params) override; 38 bool DisableResumption() override; 39 bool IsZeroRtt() const override; 40 bool IsResumption() const override; 41 bool ResumptionAttempted() const override; 42 bool EarlyDataAttempted() const override; 43 int NumServerConfigUpdateMessagesSent() const override; 44 const CachedNetworkParameters* PreviousCachedNetworkParams() const override; 45 void SetPreviousCachedNetworkParams( 46 CachedNetworkParameters cached_network_params) override; 47 void OnPacketDecrypted(EncryptionLevel level) override; OnOneRttPacketAcknowledged()48 void OnOneRttPacketAcknowledged() override {} OnHandshakePacketSent()49 void OnHandshakePacketSent() override {} OnConnectionClosed(QuicErrorCode,ConnectionCloseSource)50 void OnConnectionClosed(QuicErrorCode /*error*/, 51 ConnectionCloseSource /*source*/) override {} 52 void OnHandshakeDoneReceived() override; 53 void OnNewTokenReceived(absl::string_view token) override; 54 std::string GetAddressToken( 55 const CachedNetworkParameters* /*cached_network_params*/) const override; 56 bool ValidateAddressToken(absl::string_view token) const override; 57 bool ShouldSendExpectCTHeader() const override; 58 bool DidCertMatchSni() const override; 59 const ProofSource::Details* ProofSourceDetails() const override; 60 61 // From QuicCryptoStream 62 ssl_early_data_reason_t EarlyDataReason() const override; 63 bool encryption_established() const override; 64 bool one_rtt_keys_available() const override; 65 const QuicCryptoNegotiatedParameters& crypto_negotiated_params() 66 const override; 67 CryptoMessageParser* crypto_message_parser() override; 68 HandshakeState GetHandshakeState() const override; 69 void SetServerApplicationStateForResumption( 70 std::unique_ptr<ApplicationState> state) override; 71 size_t BufferSizeLimitForLevel(EncryptionLevel level) const override; 72 std::unique_ptr<QuicDecrypter> AdvanceKeysAndCreateCurrentOneRttDecrypter() 73 override; 74 std::unique_ptr<QuicEncrypter> CreateCurrentOneRttEncrypter() override; 75 SSL* GetSsl() const override; 76 bool IsCryptoFrameExpectedForEncryptionLevel( 77 EncryptionLevel level) const override; 78 EncryptionLevel GetEncryptionLevelToSendCryptoDataOfSpace( 79 PacketNumberSpace space) const override; 80 81 // From QuicCryptoHandshaker 82 void OnHandshakeMessage(const CryptoHandshakeMessage& message) override; 83 84 protected: 85 QUIC_EXPORT_PRIVATE friend std::unique_ptr<QuicCryptoServerStreamBase> 86 CreateCryptoServerStream(const QuicCryptoServerConfig* crypto_config, 87 QuicCompressedCertsCache* compressed_certs_cache, 88 QuicSession* session, 89 QuicCryptoServerStreamBase::Helper* helper); 90 91 // |crypto_config| must outlive the stream. 92 // |session| must outlive the stream. 93 // |helper| must outlive the stream. 94 QuicCryptoServerStream(const QuicCryptoServerConfig* crypto_config, 95 QuicCompressedCertsCache* compressed_certs_cache, 96 QuicSession* session, 97 QuicCryptoServerStreamBase::Helper* helper); 98 99 virtual void ProcessClientHello( 100 quiche::QuicheReferenceCountedPointer< 101 ValidateClientHelloResultCallback::Result> 102 result, 103 std::unique_ptr<ProofSource::Details> proof_source_details, 104 std::shared_ptr<ProcessClientHelloResultCallback> done_cb); 105 106 // Hook that allows the server to set QuicConfig defaults just 107 // before going through the parameter negotiation step. 108 virtual void OverrideQuicConfigDefaults(QuicConfig* config); 109 110 // Returns client address used to generate and validate source address token. 111 virtual const QuicSocketAddress GetClientAddress(); 112 113 // Returns the QuicSession that this stream belongs to. session()114 QuicSession* session() const { return session_; } 115 set_encryption_established(bool encryption_established)116 void set_encryption_established(bool encryption_established) { 117 encryption_established_ = encryption_established; 118 } 119 set_one_rtt_keys_available(bool one_rtt_keys_available)120 void set_one_rtt_keys_available(bool one_rtt_keys_available) { 121 one_rtt_keys_available_ = one_rtt_keys_available; 122 } 123 124 private: 125 friend class test::QuicCryptoServerStreamPeer; 126 127 class QUIC_EXPORT_PRIVATE ValidateCallback 128 : public ValidateClientHelloResultCallback { 129 public: 130 explicit ValidateCallback(QuicCryptoServerStream* parent); 131 ValidateCallback(const ValidateCallback&) = delete; 132 ValidateCallback& operator=(const ValidateCallback&) = delete; 133 // To allow the parent to detach itself from the callback before deletion. 134 void Cancel(); 135 136 // From ValidateClientHelloResultCallback 137 void Run(quiche::QuicheReferenceCountedPointer<Result> result, 138 std::unique_ptr<ProofSource::Details> details) override; 139 140 private: 141 QuicCryptoServerStream* parent_; 142 }; 143 144 class SendServerConfigUpdateCallback 145 : public BuildServerConfigUpdateMessageResultCallback { 146 public: 147 explicit SendServerConfigUpdateCallback(QuicCryptoServerStream* parent); 148 SendServerConfigUpdateCallback(const SendServerConfigUpdateCallback&) = 149 delete; 150 void operator=(const SendServerConfigUpdateCallback&) = delete; 151 152 // To allow the parent to detach itself from the callback before deletion. 153 void Cancel(); 154 155 // From BuildServerConfigUpdateMessageResultCallback 156 void Run(bool ok, const CryptoHandshakeMessage& message) override; 157 158 private: 159 QuicCryptoServerStream* parent_; 160 }; 161 162 // Invoked by ValidateCallback::RunImpl once initial validation of 163 // the client hello is complete. Finishes processing of the client 164 // hello message and handles handshake success/failure. 165 void FinishProcessingHandshakeMessage( 166 quiche::QuicheReferenceCountedPointer< 167 ValidateClientHelloResultCallback::Result> 168 result, 169 std::unique_ptr<ProofSource::Details> details); 170 171 class ProcessClientHelloCallback; 172 friend class ProcessClientHelloCallback; 173 174 // Portion of FinishProcessingHandshakeMessage which executes after 175 // ProcessClientHello has been called. 176 void FinishProcessingHandshakeMessageAfterProcessClientHello( 177 const ValidateClientHelloResultCallback::Result& result, 178 QuicErrorCode error, const std::string& error_details, 179 std::unique_ptr<CryptoHandshakeMessage> reply, 180 std::unique_ptr<DiversificationNonce> diversification_nonce, 181 std::unique_ptr<ProofSource::Details> proof_source_details); 182 183 // Invoked by SendServerConfigUpdateCallback::RunImpl once the proof has been 184 // received. |ok| indicates whether or not the proof was successfully 185 // acquired, and |message| holds the partially-constructed message from 186 // SendServerConfigUpdate. 187 void FinishSendServerConfigUpdate(bool ok, 188 const CryptoHandshakeMessage& message); 189 190 // Returns the QuicTransportVersion of the connection. transport_version()191 QuicTransportVersion transport_version() const { 192 return session_->transport_version(); 193 } 194 195 QuicSession* session_; 196 HandshakerDelegateInterface* delegate_; 197 198 // crypto_config_ contains crypto parameters for the handshake. 199 const QuicCryptoServerConfig* crypto_config_; 200 201 // compressed_certs_cache_ contains a set of most recently compressed certs. 202 // Owned by QuicDispatcher. 203 QuicCompressedCertsCache* compressed_certs_cache_; 204 205 // Server's certificate chain and signature of the server config, as provided 206 // by ProofSource::GetProof. 207 quiche::QuicheReferenceCountedPointer<QuicSignedServerConfig> signed_config_; 208 209 // Hash of the last received CHLO message which can be used for generating 210 // server config update messages. 211 std::string chlo_hash_; 212 213 // Pointer to the helper for this crypto stream. Must outlive this stream. 214 QuicCryptoServerStreamBase::Helper* helper_; 215 216 // Number of handshake messages received by this stream. 217 uint8_t num_handshake_messages_; 218 219 // Number of handshake messages received by this stream that contain 220 // server nonces (indicating that this is a non-zero-RTT handshake 221 // attempt). 222 uint8_t num_handshake_messages_with_server_nonces_; 223 224 // Pointer to the active callback that will receive the result of 225 // BuildServerConfigUpdateMessage and forward it to 226 // FinishSendServerConfigUpdate. nullptr if no update message is currently 227 // being built. 228 SendServerConfigUpdateCallback* send_server_config_update_cb_; 229 230 // Number of server config update (SCUP) messages sent by this stream. 231 int num_server_config_update_messages_sent_; 232 233 // If the client provides CachedNetworkParameters in the STK in the CHLO, then 234 // store here, and send back in future STKs if we have no better bandwidth 235 // estimate to send. 236 std::unique_ptr<CachedNetworkParameters> previous_cached_network_params_; 237 238 // Contains any source address tokens which were present in the CHLO. 239 SourceAddressTokens previous_source_address_tokens_; 240 241 // True if client attempts 0-rtt handshake (which can succeed or fail). 242 bool zero_rtt_attempted_; 243 244 // Size of the packet containing the most recently received CHLO. 245 QuicByteCount chlo_packet_size_; 246 247 // Pointer to the active callback that will receive the result of the client 248 // hello validation request and forward it to FinishProcessingHandshakeMessage 249 // for processing. nullptr if no handshake message is being validated. Note 250 // that this field is mutually exclusive with process_client_hello_cb_. 251 ValidateCallback* validate_client_hello_cb_; 252 253 // Pointer to the active callback which will receive the results of 254 // ProcessClientHello and forward it to 255 // FinishProcessingHandshakeMessageAfterProcessClientHello. Note that this 256 // field is mutually exclusive with validate_client_hello_cb_. 257 std::weak_ptr<ProcessClientHelloCallback> process_client_hello_cb_; 258 259 // The ProofSource::Details from this connection. 260 std::unique_ptr<ProofSource::Details> proof_source_details_; 261 262 bool encryption_established_; 263 bool one_rtt_keys_available_; 264 bool one_rtt_packet_decrypted_; 265 quiche::QuicheReferenceCountedPointer<QuicCryptoNegotiatedParameters> 266 crypto_negotiated_params_; 267 }; 268 269 } // namespace quic 270 271 #endif // QUICHE_QUIC_CORE_QUIC_CRYPTO_SERVER_STREAM_H_ 272