1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_
6 #define NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_
12 #include "net/base/net_export.h"
13 #include "net/quic/quic_protocol.h"
15 // Version and Crypto tags are written to the wire with a big-endian
16 // representation of the name of the tag. For example
17 // the client hello tag (CHLO) will be written as the
18 // following 4 bytes: 'C' 'H' 'L' 'O'. Since it is
19 // stored in memory as a little endian uint32, we need
20 // to reverse the order of the bytes.
22 // We use a macro to ensure that no static initialisers are created. Use the
23 // MakeQuicTag function in normal code.
24 #define TAG(a, b, c, d) ((d << 24) + (c << 16) + (b << 8) + a)
28 typedef std::string ServerConfigID;
29 typedef std::map<QuicTag, std::string> QuicTagValueMap;
31 const QuicTag kCHLO = TAG('C', 'H', 'L', 'O'); // Client hello
32 const QuicTag kSHLO = TAG('S', 'H', 'L', 'O'); // Server hello
33 const QuicTag kSCFG = TAG('S', 'C', 'F', 'G'); // Server config
34 const QuicTag kREJ = TAG('R', 'E', 'J', '\0'); // Reject
35 const QuicTag kCETV = TAG('C', 'E', 'T', 'V'); // Client encrypted tag-value
38 // Key exchange methods
39 const QuicTag kP256 = TAG('P', '2', '5', '6'); // ECDH, Curve P-256
40 const QuicTag kC255 = TAG('C', '2', '5', '5'); // ECDH, Curve25519
43 const QuicTag kNULL = TAG('N', 'U', 'L', 'L'); // null algorithm
44 const QuicTag kNULN = TAG('N', 'U', 'L', 'N'); // new null algorithm
45 const QuicTag kAESG = TAG('A', 'E', 'S', 'G'); // AES128 + GCM-12
47 // Congestion control feedback types
48 const QuicTag kQBIC = TAG('Q', 'B', 'I', 'C'); // TCP cubic
49 const QuicTag kINAR = TAG('I', 'N', 'A', 'R'); // Inter arrival
51 // Proof types (i.e. certificate types)
52 // NOTE: although it would be silly to do so, specifying both kX509 and kX59R
53 // is allowed and is equivalent to specifying only kX509.
54 const QuicTag kX509 = TAG('X', '5', '0', '9'); // X.509 certificate, all key
56 const QuicTag kX59R = TAG('X', '5', '9', 'R'); // X.509 certificate, RSA keys
58 const QuicTag kCHID = TAG('C', 'H', 'I', 'D'); // Channel ID.
61 const QuicTag kVERS = TAG('V', 'E', 'R', 'S'); // Version
62 const QuicTag kNONC = TAG('N', 'O', 'N', 'C'); // The client's nonce
63 const QuicTag kKEXS = TAG('K', 'E', 'X', 'S'); // Key exchange methods
64 const QuicTag kAEAD = TAG('A', 'E', 'A', 'D'); // Authenticated
65 // encryption algorithms
66 const QuicTag kCGST = TAG('C', 'G', 'S', 'T'); // Congestion control
68 const QuicTag kICSL = TAG('I', 'C', 'S', 'L'); // Idle connection state
70 const QuicTag kKATO = TAG('K', 'A', 'T', 'O'); // Keepalive timeout
71 const QuicTag kMSPC = TAG('M', 'S', 'P', 'C'); // Max streams per connection.
72 const QuicTag kIRTT = TAG('I', 'R', 'T', 'T'); // Estimated initial RTT in us.
73 const QuicTag kSWND = TAG('S', 'W', 'N', 'D'); // Server's Initial congestion
75 const QuicTag kSMSS = TAG('S', 'M', 'S', 'S'); // Server's maximum packet size.
76 const QuicTag kSNI = TAG('S', 'N', 'I', '\0'); // Server name
78 const QuicTag kPUBS = TAG('P', 'U', 'B', 'S'); // Public key values
79 const QuicTag kSCID = TAG('S', 'C', 'I', 'D'); // Server config id
80 const QuicTag kORBT = TAG('O', 'B', 'I', 'T'); // Server orbit.
81 const QuicTag kPDMD = TAG('P', 'D', 'M', 'D'); // Proof demand.
82 const QuicTag kPROF = TAG('P', 'R', 'O', 'F'); // Proof (signature).
83 const QuicTag kCCS = TAG('C', 'C', 'S', 0); // Common certificate set
84 const QuicTag kCCRT = TAG('C', 'C', 'R', 'T'); // Cached certificate
85 const QuicTag kEXPY = TAG('E', 'X', 'P', 'Y'); // Expiry
88 const QuicTag kCIDK = TAG('C', 'I', 'D', 'K'); // ChannelID key
89 const QuicTag kCIDS = TAG('C', 'I', 'D', 'S'); // ChannelID signature
92 const QuicTag kPAD = TAG('P', 'A', 'D', '\0'); // Padding
94 // These tags have a special form so that they appear either at the beginning
95 // or the end of a handshake message. Since handshake messages are sorted by
96 // tag value, the tags with 0 at the end will sort first and those with 255 at
97 // the end will sort last.
99 // The certificate chain should have a tag that will cause it to be sorted at
100 // the end of any handshake messages because it's likely to be large and the
101 // client might be able to get everything that it needs from the small values at
104 // Likewise tags with random values should be towards the beginning of the
105 // message because the server mightn't hold state for a rejected client hello
106 // and therefore the client may have issues reassembling the rejection message
107 // in the event that it sent two client hellos.
108 const QuicTag kServerNonceTag =
109 TAG('S', 'N', 'O', 0); // The server's nonce
110 const QuicTag kSourceAddressTokenTag =
111 TAG('S', 'T', 'K', 0); // Source-address token
112 const QuicTag kCertificateTag =
113 TAG('C', 'R', 'T', 255); // Certificate chain
117 const size_t kMaxEntries = 128; // Max number of entries in a message.
119 const size_t kNonceSize = 32; // Size in bytes of the connection nonce.
121 const size_t kOrbitSize = 8; // Number of bytes in an orbit value.
123 // kProofSignatureLabel is prepended to server configs before signing to avoid
124 // any cross-protocol attacks on the signature.
125 const char kProofSignatureLabel[] = "QUIC server config signature";
127 // kClientHelloMinimumSize is the minimum size of a client hello. Client hellos
128 // will have PAD tags added in order to ensure this minimum is met and client
129 // hellos smaller than this will be an error. This minimum size reduces the
130 // amplification factor of any mirror DoS attack.
131 const size_t kClientHelloMinimumSize = 512;
135 #endif // NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_
projects / platform / framework / web / crosswalk.git / blob