net/quic/crypto/crypto_handshake.h - platform/external/chromium_org - Git at Google

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_
 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_

 #include <string>
 #include <vector>

 #include "base/memory/scoped_ptr.h"
 #include "net/base/net_export.h"
 #include "net/quic/quic_protocol.h"

 namespace net {

 class CommonCertSets;
 class KeyExchange;
 class QuicDecrypter;
 class QuicEncrypter;

 // A CrypterPair contains the encrypter and decrypter for an encryption level.
 struct NET_EXPORT_PRIVATE CrypterPair {
   CrypterPair();
   ~CrypterPair();
   scoped_ptr<QuicEncrypter> encrypter;
   scoped_ptr<QuicDecrypter> decrypter;
 };

 // Parameters negotiated by the crypto handshake.
 struct NET_EXPORT_PRIVATE QuicCryptoNegotiatedParameters {
   // Initializes the members to 0 or empty values.
   QuicCryptoNegotiatedParameters();
   ~QuicCryptoNegotiatedParameters();

   QuicTag key_exchange;
   QuicTag aead;
   std::string initial_premaster_secret;
   std::string forward_secure_premaster_secret;
   CrypterPair initial_crypters;
   CrypterPair forward_secure_crypters;
   // Normalized SNI: converted to lower case and trailing '.' removed.
   std::string sni;
   std::string client_nonce;
   std::string server_nonce;
   // hkdf_input_suffix contains the HKDF input following the label: the
   // ConnectionId, client hello and server config. This is only populated in the
   // client because only the client needs to derive the forward secure keys at a
   // later time from the initial keys.
   std::string hkdf_input_suffix;
   // cached_certs contains the cached certificates that a client used when
   // sending a client hello.
   std::vector<std::string> cached_certs;
   // client_key_exchange is used by clients to store the ephemeral KeyExchange
   // for the connection.
   scoped_ptr<KeyExchange> client_key_exchange;
   // channel_id is set by servers to a ChannelID key when the client correctly
   // proves possession of the corresponding private key. It consists of 32
   // bytes of x coordinate, followed by 32 bytes of y coordinate. Both values
   // are big-endian and the pair is a P-256 public key.
   std::string channel_id;
 };

 // QuicCryptoConfig contains common configuration between clients and servers.
 class NET_EXPORT_PRIVATE QuicCryptoConfig {
  public:
   // kInitialLabel is a constant that is used when deriving the initial
   // (non-forward secure) keys for the connection in order to tie the resulting
   // key to this protocol.
   static const char kInitialLabel[];

   // kCETVLabel is a constant that is used when deriving the keys for the
   // encrypted tag/value block in the client hello.
   static const char kCETVLabel[];

   // kForwardSecureLabel is a constant that is used when deriving the forward
   // secure keys for the connection in order to tie the resulting key to this
   // protocol.
   static const char kForwardSecureLabel[];

   QuicCryptoConfig();
   ~QuicCryptoConfig();

   // Key exchange methods. The following two members' values correspond by
   // index.
   QuicTagVector kexs;
   // Authenticated encryption with associated data (AEAD) algorithms.
   QuicTagVector aead;

   const CommonCertSets* common_cert_sets;

  private:
   DISALLOW_COPY_AND_ASSIGN(QuicCryptoConfig);
 };

 }  // namespace net

 #endif  // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_
	// Copyright (c) 2013 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_
	#define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_

	#include <string>
	#include <vector>

	#include "base/memory/scoped_ptr.h"
	#include "net/base/net_export.h"
	#include "net/quic/quic_protocol.h"

	namespace net {

	class CommonCertSets;
	class KeyExchange;
	class QuicDecrypter;
	class QuicEncrypter;

	// A CrypterPair contains the encrypter and decrypter for an encryption level.
	struct NET_EXPORT_PRIVATE CrypterPair {
	CrypterPair();
	~CrypterPair();
	scoped_ptr<QuicEncrypter> encrypter;
	scoped_ptr<QuicDecrypter> decrypter;
	};

	// Parameters negotiated by the crypto handshake.
	struct NET_EXPORT_PRIVATE QuicCryptoNegotiatedParameters {
	// Initializes the members to 0 or empty values.
	QuicCryptoNegotiatedParameters();
	~QuicCryptoNegotiatedParameters();

	QuicTag key_exchange;
	QuicTag aead;
	std::string initial_premaster_secret;
	std::string forward_secure_premaster_secret;
	CrypterPair initial_crypters;
	CrypterPair forward_secure_crypters;
	// Normalized SNI: converted to lower case and trailing '.' removed.
	std::string sni;
	std::string client_nonce;
	std::string server_nonce;
	// hkdf_input_suffix contains the HKDF input following the label: the
	// ConnectionId, client hello and server config. This is only populated in the
	// client because only the client needs to derive the forward secure keys at a
	// later time from the initial keys.
	std::string hkdf_input_suffix;
	// cached_certs contains the cached certificates that a client used when
	// sending a client hello.
	std::vector<std::string> cached_certs;
	// client_key_exchange is used by clients to store the ephemeral KeyExchange
	// for the connection.
	scoped_ptr<KeyExchange> client_key_exchange;
	// channel_id is set by servers to a ChannelID key when the client correctly
	// proves possession of the corresponding private key. It consists of 32
	// bytes of x coordinate, followed by 32 bytes of y coordinate. Both values
	// are big-endian and the pair is a P-256 public key.
	std::string channel_id;
	};

	// QuicCryptoConfig contains common configuration between clients and servers.
	class NET_EXPORT_PRIVATE QuicCryptoConfig {
	public:
	// kInitialLabel is a constant that is used when deriving the initial
	// (non-forward secure) keys for the connection in order to tie the resulting
	// key to this protocol.
	static const char kInitialLabel[];

	// kCETVLabel is a constant that is used when deriving the keys for the
	// encrypted tag/value block in the client hello.
	static const char kCETVLabel[];

	// kForwardSecureLabel is a constant that is used when deriving the forward
	// secure keys for the connection in order to tie the resulting key to this
	// protocol.
	static const char kForwardSecureLabel[];

	QuicCryptoConfig();
	~QuicCryptoConfig();

	// Key exchange methods. The following two members' values correspond by
	// index.
	QuicTagVector kexs;
	// Authenticated encryption with associated data (AEAD) algorithms.
	QuicTagVector aead;

	const CommonCertSets* common_cert_sets;

	private:
	DISALLOW_COPY_AND_ASSIGN(QuicCryptoConfig);
	};

	} // namespace net

	#endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_