1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef QUICHE_QUIC_CORE_QUIC_CRYPTO_SERVER_STREAM_H_ 6 #define QUICHE_QUIC_CORE_QUIC_CRYPTO_SERVER_STREAM_H_ 7 8 #include <string> 9 10 #include "quiche/quic/core/proto/cached_network_parameters_proto.h" 11 #include "quiche/quic/core/proto/source_address_token_proto.h" 12 #include "quiche/quic/core/quic_crypto_handshaker.h" 13 #include "quiche/quic/core/quic_crypto_server_stream_base.h" 14 #include "quiche/quic/core/quic_session.h" 15 #include "quiche/quic/core/quic_types.h" 16 #include "quiche/quic/platform/api/quic_export.h" 17 18 namespace quic { 19 20 namespace test { 21 class QuicCryptoServerStreamPeer; 22 } // namespace test 23 24 class QUICHE_EXPORT QuicCryptoServerStream : public QuicCryptoServerStreamBase, 25 public QuicCryptoHandshaker { 26 public: 27 QuicCryptoServerStream(const QuicCryptoServerStream&) = delete; 28 QuicCryptoServerStream& operator=(const QuicCryptoServerStream&) = delete; 29 30 ~QuicCryptoServerStream() override; 31 32 // From QuicCryptoServerStreamBase 33 void CancelOutstandingCallbacks() override; 34 bool GetBase64SHA256ClientChannelID(std::string* output) const override; 35 void SendServerConfigUpdate( 36 const CachedNetworkParameters* cached_network_params) override; 37 bool DisableResumption() override; 38 bool IsZeroRtt() const override; 39 bool IsResumption() const override; 40 bool ResumptionAttempted() const override; 41 bool EarlyDataAttempted() const override; 42 int NumServerConfigUpdateMessagesSent() const override; 43 const CachedNetworkParameters* PreviousCachedNetworkParams() const override; 44 void SetPreviousCachedNetworkParams( 45 CachedNetworkParameters cached_network_params) override; 46 void OnPacketDecrypted(EncryptionLevel level) override; OnOneRttPacketAcknowledged()47 void OnOneRttPacketAcknowledged() override {} OnHandshakePacketSent()48 void OnHandshakePacketSent() override {} OnConnectionClosed(QuicErrorCode,ConnectionCloseSource)49 void OnConnectionClosed(QuicErrorCode /*error*/, 50 ConnectionCloseSource /*source*/) override {} 51 void OnHandshakeDoneReceived() override; 52 void OnNewTokenReceived(absl::string_view token) override; 53 std::string GetAddressToken( 54 const CachedNetworkParameters* /*cached_network_params*/) const override; 55 bool ValidateAddressToken(absl::string_view token) const override; 56 bool ShouldSendExpectCTHeader() const override; 57 bool DidCertMatchSni() const override; 58 const ProofSource::Details* ProofSourceDetails() const override; 59 60 // From QuicCryptoStream 61 ssl_early_data_reason_t EarlyDataReason() const override; 62 bool encryption_established() const override; 63 bool one_rtt_keys_available() const override; 64 const QuicCryptoNegotiatedParameters& crypto_negotiated_params() 65 const override; 66 CryptoMessageParser* crypto_message_parser() override; 67 HandshakeState GetHandshakeState() const override; 68 void SetServerApplicationStateForResumption( 69 std::unique_ptr<ApplicationState> state) override; 70 size_t BufferSizeLimitForLevel(EncryptionLevel level) const override; 71 std::unique_ptr<QuicDecrypter> AdvanceKeysAndCreateCurrentOneRttDecrypter() 72 override; 73 std::unique_ptr<QuicEncrypter> CreateCurrentOneRttEncrypter() override; 74 SSL* GetSsl() const override; 75 bool IsCryptoFrameExpectedForEncryptionLevel( 76 EncryptionLevel level) const override; 77 EncryptionLevel GetEncryptionLevelToSendCryptoDataOfSpace( 78 PacketNumberSpace space) const override; 79 80 // From QuicCryptoHandshaker 81 void OnHandshakeMessage(const CryptoHandshakeMessage& message) override; 82 83 protected: 84 QUICHE_EXPORT friend std::unique_ptr<QuicCryptoServerStreamBase> 85 CreateCryptoServerStream(const QuicCryptoServerConfig* crypto_config, 86 QuicCompressedCertsCache* compressed_certs_cache, 87 QuicSession* session, 88 QuicCryptoServerStreamBase::Helper* helper); 89 90 // |crypto_config| must outlive the stream. 91 // |session| must outlive the stream. 92 // |helper| must outlive the stream. 93 QuicCryptoServerStream(const QuicCryptoServerConfig* crypto_config, 94 QuicCompressedCertsCache* compressed_certs_cache, 95 QuicSession* session, 96 QuicCryptoServerStreamBase::Helper* helper); 97 98 virtual void ProcessClientHello( 99 quiche::QuicheReferenceCountedPointer< 100 ValidateClientHelloResultCallback::Result> 101 result, 102 std::unique_ptr<ProofSource::Details> proof_source_details, 103 std::shared_ptr<ProcessClientHelloResultCallback> done_cb); 104 105 // Hook that allows the server to set QuicConfig defaults just 106 // before going through the parameter negotiation step. 107 virtual void OverrideQuicConfigDefaults(QuicConfig* config); 108 109 // Returns client address used to generate and validate source address token. 110 virtual const QuicSocketAddress GetClientAddress(); 111 112 // Returns the QuicSession that this stream belongs to. session()113 QuicSession* session() const { return session_; } 114 set_encryption_established(bool encryption_established)115 void set_encryption_established(bool encryption_established) { 116 encryption_established_ = encryption_established; 117 } 118 set_one_rtt_keys_available(bool one_rtt_keys_available)119 void set_one_rtt_keys_available(bool one_rtt_keys_available) { 120 one_rtt_keys_available_ = one_rtt_keys_available; 121 } 122 123 private: 124 friend class test::QuicCryptoServerStreamPeer; 125 126 class QUICHE_EXPORT ValidateCallback 127 : public ValidateClientHelloResultCallback { 128 public: 129 explicit ValidateCallback(QuicCryptoServerStream* parent); 130 ValidateCallback(const ValidateCallback&) = delete; 131 ValidateCallback& operator=(const ValidateCallback&) = delete; 132 // To allow the parent to detach itself from the callback before deletion. 133 void Cancel(); 134 135 // From ValidateClientHelloResultCallback 136 void Run(quiche::QuicheReferenceCountedPointer<Result> result, 137 std::unique_ptr<ProofSource::Details> details) override; 138 139 private: 140 QuicCryptoServerStream* parent_; 141 }; 142 143 class SendServerConfigUpdateCallback 144 : public BuildServerConfigUpdateMessageResultCallback { 145 public: 146 explicit SendServerConfigUpdateCallback(QuicCryptoServerStream* parent); 147 SendServerConfigUpdateCallback(const SendServerConfigUpdateCallback&) = 148 delete; 149 void operator=(const SendServerConfigUpdateCallback&) = delete; 150 151 // To allow the parent to detach itself from the callback before deletion. 152 void Cancel(); 153 154 // From BuildServerConfigUpdateMessageResultCallback 155 void Run(bool ok, const CryptoHandshakeMessage& message) override; 156 157 private: 158 QuicCryptoServerStream* parent_; 159 }; 160 161 // Invoked by ValidateCallback::RunImpl once initial validation of 162 // the client hello is complete. Finishes processing of the client 163 // hello message and handles handshake success/failure. 164 void FinishProcessingHandshakeMessage( 165 quiche::QuicheReferenceCountedPointer< 166 ValidateClientHelloResultCallback::Result> 167 result, 168 std::unique_ptr<ProofSource::Details> details); 169 170 class ProcessClientHelloCallback; 171 friend class ProcessClientHelloCallback; 172 173 // Portion of FinishProcessingHandshakeMessage which executes after 174 // ProcessClientHello has been called. 175 void FinishProcessingHandshakeMessageAfterProcessClientHello( 176 const ValidateClientHelloResultCallback::Result& result, 177 QuicErrorCode error, const std::string& error_details, 178 std::unique_ptr<CryptoHandshakeMessage> reply, 179 std::unique_ptr<DiversificationNonce> diversification_nonce, 180 std::unique_ptr<ProofSource::Details> proof_source_details); 181 182 // Invoked by SendServerConfigUpdateCallback::RunImpl once the proof has been 183 // received. |ok| indicates whether or not the proof was successfully 184 // acquired, and |message| holds the partially-constructed message from 185 // SendServerConfigUpdate. 186 void FinishSendServerConfigUpdate(bool ok, 187 const CryptoHandshakeMessage& message); 188 189 // Returns the QuicTransportVersion of the connection. transport_version()190 QuicTransportVersion transport_version() const { 191 return session_->transport_version(); 192 } 193 194 QuicSession* session_; 195 HandshakerDelegateInterface* delegate_; 196 197 // crypto_config_ contains crypto parameters for the handshake. 198 const QuicCryptoServerConfig* crypto_config_; 199 200 // compressed_certs_cache_ contains a set of most recently compressed certs. 201 // Owned by QuicDispatcher. 202 QuicCompressedCertsCache* compressed_certs_cache_; 203 204 // Server's certificate chain and signature of the server config, as provided 205 // by ProofSource::GetProof. 206 quiche::QuicheReferenceCountedPointer<QuicSignedServerConfig> signed_config_; 207 208 // Hash of the last received CHLO message which can be used for generating 209 // server config update messages. 210 std::string chlo_hash_; 211 212 // Pointer to the helper for this crypto stream. Must outlive this stream. 213 QuicCryptoServerStreamBase::Helper* helper_; 214 215 // Number of handshake messages received by this stream. 216 uint8_t num_handshake_messages_; 217 218 // Number of handshake messages received by this stream that contain 219 // server nonces (indicating that this is a non-zero-RTT handshake 220 // attempt). 221 uint8_t num_handshake_messages_with_server_nonces_; 222 223 // Pointer to the active callback that will receive the result of 224 // BuildServerConfigUpdateMessage and forward it to 225 // FinishSendServerConfigUpdate. nullptr if no update message is currently 226 // being built. 227 SendServerConfigUpdateCallback* send_server_config_update_cb_; 228 229 // Number of server config update (SCUP) messages sent by this stream. 230 int num_server_config_update_messages_sent_; 231 232 // If the client provides CachedNetworkParameters in the STK in the CHLO, then 233 // store here, and send back in future STKs if we have no better bandwidth 234 // estimate to send. 235 std::unique_ptr<CachedNetworkParameters> previous_cached_network_params_; 236 237 // Contains any source address tokens which were present in the CHLO. 238 SourceAddressTokens previous_source_address_tokens_; 239 240 // True if client attempts 0-rtt handshake (which can succeed or fail). 241 bool zero_rtt_attempted_; 242 243 // Size of the packet containing the most recently received CHLO. 244 QuicByteCount chlo_packet_size_; 245 246 // Pointer to the active callback that will receive the result of the client 247 // hello validation request and forward it to FinishProcessingHandshakeMessage 248 // for processing. nullptr if no handshake message is being validated. Note 249 // that this field is mutually exclusive with process_client_hello_cb_. 250 ValidateCallback* validate_client_hello_cb_; 251 252 // Pointer to the active callback which will receive the results of 253 // ProcessClientHello and forward it to 254 // FinishProcessingHandshakeMessageAfterProcessClientHello. Note that this 255 // field is mutually exclusive with validate_client_hello_cb_. 256 std::weak_ptr<ProcessClientHelloCallback> process_client_hello_cb_; 257 258 // The ProofSource::Details from this connection. 259 std::unique_ptr<ProofSource::Details> proof_source_details_; 260 261 bool encryption_established_; 262 bool one_rtt_keys_available_; 263 bool one_rtt_packet_decrypted_; 264 quiche::QuicheReferenceCountedPointer<QuicCryptoNegotiatedParameters> 265 crypto_negotiated_params_; 266 }; 267 268 } // namespace quic 269 270 #endif // QUICHE_QUIC_CORE_QUIC_CRYPTO_SERVER_STREAM_H_ 271