Introduce CertificateSerialization abstraction for use in PSK seriali…

…zation Summary: `fizz::client::serializePsk` and `fizz::client::deserializePsk` now takes an instance of a `CertificateSerialization`, which implements the serialization / deserialization logic for a given cert. This allows PskSerializationUtils to not have a hard dependency on a concrete certificate implementation (previously, in tryWriteCert, it would use OpenSSL). The choice of the certificate implementation is put on the caller. Reviewed By: zalecodez Differential Revision: D60792486 fbshipit-source-id: e9ad97baf2206e548a43fac96a9ac3fdeabd8146
facebook · Aug 17, 2024 · bc3da98 · bc3da98
1 parent c002f66
commit bc3da98
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 25 deletions.
diff --git a/proxygen/lib/transport/PersistentFizzPskCache.h b/proxygen/lib/transport/PersistentFizzPskCache.h
@@ -8,10 +8,9 @@
 
 #pragma once
 
+#include <fizz/backend/openssl/certificate/CertUtils.h>
 #include <fizz/client/PskCache.h>
 #include <fizz/client/PskSerializationUtils.h>
-#include <fizz/protocol/DefaultFactory.h>
-#include <fizz/protocol/Factory.h>
 #include <wangle/client/persistence/FilePersistentCache.h>
 
 namespace proxygen {
@@ -26,10 +25,8 @@ class PersistentFizzPskCache : public fizz::client::PskCache {
   ~PersistentFizzPskCache() override = default;
 
   PersistentFizzPskCache(const std::string& filename,
-                         wangle::PersistentCacheConfig config,
-                         std::unique_ptr<fizz::Factory> factory =
-                             std::make_unique<::fizz::DefaultFactory>())
-      : cache_(filename, std::move(config)), factory_(std::move(factory)) {
+                         wangle::PersistentCacheConfig config)
+      : cache_(filename, std::move(config)) {
   }
 
   void setMaxPskUses(size_t maxUses) {
@@ -52,8 +49,8 @@ class PersistentFizzPskCache : public fizz::client::PskCache {
     auto serialized = cache_.get(identity);
     if (serialized) {
       try {
-        auto deserialized =
-            fizz::client::deserializePsk(serialized->serialized, *factory_);
+        auto deserialized = fizz::client::deserializePsk(
+            fizz::openssl::certificateSerializer(), serialized->serialized);
         serialized->uses++;
         if (maxPskUses_ != 0 && serialized->uses >= maxPskUses_) {
           cache_.remove(identity);
@@ -72,7 +69,8 @@ class PersistentFizzPskCache : public fizz::client::PskCache {
   void putPsk(const std::string& identity,
               fizz::client::CachedPsk psk) override {
     PersistentCachedPsk serialized;
-    serialized.serialized = fizz::client::serializePsk(psk);
+    serialized.serialized =
+        fizz::client::serializePsk(fizz::openssl::certificateSerializer(), psk);
     serialized.uses = 0;
     cache_.put(identity, serialized);
   }
@@ -85,8 +83,6 @@ class PersistentFizzPskCache : public fizz::client::PskCache {
   wangle::FilePersistentCache<std::string, PersistentCachedPsk> cache_;
 
   size_t maxPskUses_{5};
-
-  std::unique_ptr<fizz::Factory> factory_;
 };
 } // namespace proxygen
 

diff --git a/proxygen/lib/transport/PersistentQuicPskCache.cpp b/proxygen/lib/transport/PersistentQuicPskCache.cpp
@@ -8,6 +8,7 @@
 
 #include <proxygen/lib/transport/PersistentQuicPskCache.h>
 
+#include <fizz/backend/openssl/certificate/CertUtils.h>
 #include <folly/Conv.h>
 #include <folly/json/dynamic.h>
 
@@ -19,10 +20,8 @@ constexpr auto USES = "uses";
 
 namespace proxygen {
 PersistentQuicPskCache::PersistentQuicPskCache(
-    const std::string& filename,
-    wangle::PersistentCacheConfig config,
-    std::unique_ptr<fizz::Factory> factory)
-    : cache_(filename, std::move(config)), factory_(std::move(factory)) {
+    const std::string& filename, wangle::PersistentCacheConfig config)
+    : cache_(filename, std::move(config)) {
 }
 
 void PersistentQuicPskCache::setMaxPskUses(size_t maxUses) {
@@ -46,8 +45,8 @@ folly::Optional<quic::QuicCachedPsk> PersistentQuicPskCache::getPsk(
   }
   try {
     quic::QuicCachedPsk quicCachedPsk;
-    quicCachedPsk.cachedPsk =
-        fizz::client::deserializePsk(cachedPsk->fizzPsk, *factory_);
+    quicCachedPsk.cachedPsk = fizz::client::deserializePsk(
+        fizz::openssl::certificateSerializer(), cachedPsk->fizzPsk);
 
     auto buf = folly::IOBuf::wrapBuffer(cachedPsk->quicParams.data(),
                                         cachedPsk->quicParams.length());
@@ -98,7 +97,8 @@ folly::Optional<quic::QuicCachedPsk> PersistentQuicPskCache::getPsk(
 void PersistentQuicPskCache::putPsk(const std::string& identity,
                                     quic::QuicCachedPsk quicCachedPsk) {
   PersistentQuicCachedPsk cachedPsk;
-  cachedPsk.fizzPsk = fizz::client::serializePsk(quicCachedPsk.cachedPsk);
+  cachedPsk.fizzPsk = fizz::client::serializePsk(
+      fizz::openssl::certificateSerializer(), quicCachedPsk.cachedPsk);
 
   auto quicParams = folly::IOBuf::create(0);
   folly::io::Appender appender(quicParams.get(), 512);

diff --git a/proxygen/lib/transport/PersistentQuicPskCache.h b/proxygen/lib/transport/PersistentQuicPskCache.h
@@ -11,7 +11,6 @@
 #include <proxygen/lib/transport/PersistentFizzPskCache.h>
 
 #include <fizz/client/PskSerializationUtils.h>
-#include <fizz/protocol/DefaultFactory.h>
 #include <folly/Optional.h>
 #include <folly/json/dynamic.h>
 #include <quic/fizz/client/handshake/QuicPskCache.h>
@@ -34,9 +33,7 @@ struct PersistentQuicCachedPsk {
 class PersistentQuicPskCache : public quic::QuicPskCache {
  public:
   PersistentQuicPskCache(const std::string& filename,
-                         wangle::PersistentCacheConfig config,
-                         std::unique_ptr<fizz::Factory> factory =
-                             std::make_unique<::fizz::DefaultFactory>());
+                         wangle::PersistentCacheConfig config);
 
   void setMaxPskUses(size_t maxUses);
 
@@ -54,7 +51,6 @@ class PersistentQuicPskCache : public quic::QuicPskCache {
  private:
   wangle::FilePersistentCache<std::string, PersistentQuicCachedPsk> cache_;
   size_t maxPskUses_{5};
-  std::unique_ptr<fizz::Factory> factory_;
 };
 
 } // namespace proxygen

diff --git a/proxygen/lib/transport/test/PersistentFizzPskCacheTest.cpp b/proxygen/lib/transport/test/PersistentFizzPskCacheTest.cpp
@@ -196,7 +196,8 @@ TEST_F(PersistentFizzPskCacheTest, TestTruncatedEntry) {
   auto otherCache = std::make_unique<
       wangle::FilePersistentCache<std::string, PersistentCachedPsk>>(
       file_, std::move(config));
-  auto psk1Serialized = serializePsk(psk1_);
+  auto psk1Serialized =
+      serializePsk(fizz::openssl::certificateSerializer(), psk1_);
   // Store PSK with last 12 characters (64 bits + 32 bits) truncated
   otherCache->put("facebook.com",
                   PersistentCachedPsk{
@@ -216,7 +217,8 @@ TEST_F(PersistentFizzPskCacheTest, TestTruncatedHandshakeTime) {
   auto otherCache = std::make_unique<
       wangle::FilePersistentCache<std::string, PersistentCachedPsk>>(
       file_, std::move(config));
-  auto psk1Serialized = serializePsk(psk1_);
+  auto psk1Serialized =
+      serializePsk(fizz::openssl::certificateSerializer(), psk1_);
   // Store PSK with last 12 characters (64 bits) truncated
   otherCache->put("facebook.com",
                   PersistentCachedPsk{