1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ 6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ 7 8 #include <string> 9 #include <vector> 10 11 #include "base/memory/scoped_ptr.h" 12 #include "net/base/net_export.h" 13 #include "net/quic/quic_protocol.h" 14 15 namespace net { 16 17 class CommonCertSets; 18 class KeyExchange; 19 class QuicDecrypter; 20 class QuicEncrypter; 21 22 // A CrypterPair contains the encrypter and decrypter for an encryption level. 23 struct NET_EXPORT_PRIVATE CrypterPair { 24 CrypterPair(); 25 ~CrypterPair(); 26 scoped_ptr<QuicEncrypter> encrypter; 27 scoped_ptr<QuicDecrypter> decrypter; 28 }; 29 30 // Parameters negotiated by the crypto handshake. 31 struct NET_EXPORT_PRIVATE QuicCryptoNegotiatedParameters { 32 // Initializes the members to 0 or empty values. 33 QuicCryptoNegotiatedParameters(); 34 ~QuicCryptoNegotiatedParameters(); 35 36 QuicTag key_exchange; 37 QuicTag aead; 38 std::string initial_premaster_secret; 39 std::string forward_secure_premaster_secret; 40 CrypterPair initial_crypters; 41 CrypterPair forward_secure_crypters; 42 // Normalized SNI: converted to lower case and trailing '.' removed. 43 std::string sni; 44 std::string client_nonce; 45 std::string server_nonce; 46 // hkdf_input_suffix contains the HKDF input following the label: the 47 // ConnectionId, client hello and server config. This is only populated in the 48 // client because only the client needs to derive the forward secure keys at a 49 // later time from the initial keys. 50 std::string hkdf_input_suffix; 51 // cached_certs contains the cached certificates that a client used when 52 // sending a client hello. 53 std::vector<std::string> cached_certs; 54 // client_key_exchange is used by clients to store the ephemeral KeyExchange 55 // for the connection. 56 scoped_ptr<KeyExchange> client_key_exchange; 57 // channel_id is set by servers to a ChannelID key when the client correctly 58 // proves possession of the corresponding private key. It consists of 32 59 // bytes of x coordinate, followed by 32 bytes of y coordinate. Both values 60 // are big-endian and the pair is a P-256 public key. 61 std::string channel_id; 62 }; 63 64 // QuicCryptoConfig contains common configuration between clients and servers. 65 class NET_EXPORT_PRIVATE QuicCryptoConfig { 66 public: 67 // kInitialLabel is a constant that is used when deriving the initial 68 // (non-forward secure) keys for the connection in order to tie the resulting 69 // key to this protocol. 70 static const char kInitialLabel[]; 71 72 // kCETVLabel is a constant that is used when deriving the keys for the 73 // encrypted tag/value block in the client hello. 74 static const char kCETVLabel[]; 75 76 // kForwardSecureLabel is a constant that is used when deriving the forward 77 // secure keys for the connection in order to tie the resulting key to this 78 // protocol. 79 static const char kForwardSecureLabel[]; 80 81 QuicCryptoConfig(); 82 ~QuicCryptoConfig(); 83 84 // Key exchange methods. The following two members' values correspond by 85 // index. 86 QuicTagVector kexs; 87 // Authenticated encryption with associated data (AEAD) algorithms. 88 QuicTagVector aead; 89 90 const CommonCertSets* common_cert_sets; 91 92 private: 93 DISALLOW_COPY_AND_ASSIGN(QuicCryptoConfig); 94 }; 95 96 } // namespace net 97 98 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ 99