1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "net/quic/quic_crypto_server_stream.h"
#include "base/base64.h"
#include "crypto/secure_hash.h"
#include "net/quic/crypto/crypto_protocol.h"
#include "net/quic/crypto/crypto_server_config.h"
#include "net/quic/crypto/crypto_utils.h"
#include "net/quic/quic_config.h"
#include "net/quic/quic_protocol.h"
#include "net/quic/quic_session.h"
namespace net {
QuicCryptoServerStream::QuicCryptoServerStream(
const QuicCryptoServerConfig& crypto_config,
QuicSession* session)
: QuicCryptoStream(session),
crypto_config_(crypto_config) {
}
QuicCryptoServerStream::~QuicCryptoServerStream() {
}
void QuicCryptoServerStream::OnHandshakeMessage(
const CryptoHandshakeMessage& message) {
QuicCryptoStream::OnHandshakeMessage(message);
// Do not process handshake messages after the handshake is confirmed.
if (handshake_confirmed_) {
CloseConnection(QUIC_CRYPTO_MESSAGE_AFTER_HANDSHAKE_COMPLETE);
return;
}
if (message.tag() != kCHLO) {
CloseConnection(QUIC_INVALID_CRYPTO_MESSAGE_TYPE);
return;
}
string error_details;
CryptoHandshakeMessage reply;
QuicErrorCode error = ProcessClientHello(message, &reply, &error_details);
if (error != QUIC_NO_ERROR) {
CloseConnectionWithDetails(error, error_details);
return;
}
if (reply.tag() != kSHLO) {
SendHandshakeMessage(reply);
return;
}
// If we are returning a SHLO then we accepted the handshake.
QuicConfig* config = session()->config();
error = config->ProcessClientHello(message, &error_details);
if (error != QUIC_NO_ERROR) {
CloseConnectionWithDetails(error, error_details);
return;
}
config->ToHandshakeMessage(&reply);
// Receiving a full CHLO implies the client is prepared to decrypt with
// the new server write key. We can start to encrypt with the new server
// write key.
//
// NOTE: the SHLO will be encrypted with the new server write key.
session()->connection()->SetEncrypter(
ENCRYPTION_INITIAL,
crypto_negotiated_params_.initial_crypters.encrypter.release());
session()->connection()->SetDefaultEncryptionLevel(
ENCRYPTION_INITIAL);
// Set the decrypter immediately so that we no longer accept unencrypted
// packets.
session()->connection()->SetDecrypter(
crypto_negotiated_params_.initial_crypters.decrypter.release());
SendHandshakeMessage(reply);
session()->connection()->SetEncrypter(
ENCRYPTION_FORWARD_SECURE,
crypto_negotiated_params_.forward_secure_crypters.encrypter.release());
session()->connection()->SetDefaultEncryptionLevel(
ENCRYPTION_FORWARD_SECURE);
session()->connection()->SetAlternativeDecrypter(
crypto_negotiated_params_.forward_secure_crypters.decrypter.release(),
false /* don't latch */);
encryption_established_ = true;
handshake_confirmed_ = true;
session()->OnCryptoHandshakeEvent(QuicSession::HANDSHAKE_CONFIRMED);
}
bool QuicCryptoServerStream::GetBase64SHA256ClientChannelID(
string* output) const {
if (!encryption_established_ ||
crypto_negotiated_params_.channel_id.empty()) {
return false;
}
const string& channel_id(crypto_negotiated_params_.channel_id);
scoped_ptr<crypto::SecureHash> hash(
crypto::SecureHash::Create(crypto::SecureHash::SHA256));
hash->Update(channel_id.data(), channel_id.size());
uint8 digest[32];
hash->Finish(digest, sizeof(digest));
base::Base64Encode(string(
reinterpret_cast<const char*>(digest), sizeof(digest)), output);
// Remove padding.
size_t len = output->size();
if (len >= 2) {
if ((*output)[len - 1] == '=') {
len--;
if ((*output)[len - 1] == '=') {
len--;
}
output->resize(len);
}
}
return true;
}
QuicErrorCode QuicCryptoServerStream::ProcessClientHello(
const CryptoHandshakeMessage& message,
CryptoHandshakeMessage* reply,
string* error_details) {
return crypto_config_.ProcessClientHello(
message,
session()->connection()->guid(),
session()->connection()->peer_address(),
session()->connection()->clock(),
session()->connection()->random_generator(),
&crypto_negotiated_params_, reply, error_details);
}
} // namespace net
|
