Google Git
Sign in
quiche / quiche / c65d1d143ba830d14393a29a8234a678e8c68a17 / . / quic / core / quic_crypto_stream.cc
blob: 836fbac67ab7c0e4d6e0ea48f3971b6b51370f12 [file] [log] [blame]
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "net/third_party/quiche/src/quic/core/quic_crypto_stream.h"
6
vasilvv872e7a32019-03-12 16:42:44 -0700[diff] [blame]7#include <string>
8
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]9#include "net/third_party/quiche/src/quic/core/crypto/crypto_handshake.h"
10#include "net/third_party/quiche/src/quic/core/crypto/crypto_utils.h"
11#include "net/third_party/quiche/src/quic/core/quic_connection.h"
12#include "net/third_party/quiche/src/quic/core/quic_session.h"
13#include "net/third_party/quiche/src/quic/core/quic_utils.h"
14#include "net/third_party/quiche/src/quic/platform/api/quic_flag_utils.h"
15#include "net/third_party/quiche/src/quic/platform/api/quic_flags.h"
16#include "net/third_party/quiche/src/quic/platform/api/quic_logging.h"
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]17#include "net/third_party/quiche/src/quic/platform/api/quic_string_piece.h"
18
19namespace quic {
20
21#define ENDPOINT \
22 (session()->perspective() == Perspective::IS_SERVER ? "Server: " \
23 : "Client:" \
24 " ")
25
26QuicCryptoStream::QuicCryptoStream(QuicSession* session)
27 : QuicStream(QuicUtils::GetCryptoStreamId(
28 session->connection()->transport_version()),
29 session,
30 /*is_static=*/true,
31 BIDIRECTIONAL),
QUICHE team6987b4a2019-03-15 16:23:04 -0700[diff] [blame]32 substreams_{{this, ENCRYPTION_INITIAL},
QUICHE team88ea0082019-03-15 10:05:26 -0700[diff] [blame]33 {this, ENCRYPTION_HANDSHAKE},
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]34 {this, ENCRYPTION_ZERO_RTT},
35 {this, ENCRYPTION_FORWARD_SECURE}} {
36 // The crypto stream is exempt from connection level flow control.
37 DisableConnectionFlowControlForThisStream();
38}
39
40QuicCryptoStream::~QuicCryptoStream() {}
41
42// static
43QuicByteCount QuicCryptoStream::CryptoMessageFramingOverhead(
44 QuicTransportVersion version,
45 QuicConnectionId connection_id) {
46 DCHECK(QuicUtils::IsConnectionIdValidForVersion(connection_id, version));
47 return QuicPacketCreator::StreamFramePacketOverhead(
48 version, static_cast<QuicConnectionIdLength>(connection_id.length()),
49 PACKET_0BYTE_CONNECTION_ID,
50 /*include_version=*/true,
51 /*include_diversification_nonce=*/true,
52 version > QUIC_VERSION_43 ? PACKET_4BYTE_PACKET_NUMBER
53 : PACKET_1BYTE_PACKET_NUMBER,
54 VARIABLE_LENGTH_INTEGER_LENGTH_1, VARIABLE_LENGTH_INTEGER_LENGTH_2,
55 /*offset=*/0);
56}
57
58void QuicCryptoStream::OnCryptoFrame(const QuicCryptoFrame& frame) {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]59 QUIC_BUG_IF(!QuicVersionUsesCryptoFrames(
60 session()->connection()->transport_version()))
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]61 << "Versions less than 47 shouldn't receive CRYPTO frames";
62 EncryptionLevel level = session()->connection()->last_decrypted_level();
63 substreams_[level].sequencer.OnCryptoFrame(frame);
64}
65
66void QuicCryptoStream::OnStreamFrame(const QuicStreamFrame& frame) {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]67 if (QuicVersionUsesCryptoFrames(
68 session()->connection()->transport_version())) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]69 QUIC_PEER_BUG
70 << "Crypto data received in stream frame instead of crypto frame";
71 CloseConnectionWithDetails(QUIC_INVALID_STREAM_DATA,
72 "Unexpected stream frame");
73 }
74 QuicStream::OnStreamFrame(frame);
75}
76
77void QuicCryptoStream::OnDataAvailable() {
78 EncryptionLevel level = session()->connection()->last_decrypted_level();
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]79 if (!QuicVersionUsesCryptoFrames(
80 session()->connection()->transport_version())) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]81 // Versions less than 47 only support QUIC crypto, which ignores the
82 // EncryptionLevel passed into CryptoMessageParser::ProcessInput (and
83 // OnDataAvailableInSequencer).
84 OnDataAvailableInSequencer(sequencer(), level);
85 return;
86 }
87 OnDataAvailableInSequencer(&substreams_[level].sequencer, level);
88}
89
90void QuicCryptoStream::OnDataAvailableInSequencer(
91 QuicStreamSequencer* sequencer,
92 EncryptionLevel level) {
93 struct iovec iov;
94 while (sequencer->GetReadableRegion(&iov)) {
95 QuicStringPiece data(static_cast<char*>(iov.iov_base), iov.iov_len);
96 if (!crypto_message_parser()->ProcessInput(data, level)) {
97 CloseConnectionWithDetails(crypto_message_parser()->error(),
98 crypto_message_parser()->error_detail());
99 return;
100 }
101 sequencer->MarkConsumed(iov.iov_len);
102 if (handshake_confirmed() &&
103 crypto_message_parser()->InputBytesRemaining() == 0) {
104 // If the handshake is complete and the current message has been fully
105 // processed then no more handshake messages are likely to arrive soon
106 // so release the memory in the stream sequencer.
107 sequencer->ReleaseBufferIfEmpty();
108 }
109 }
110}
111
112bool QuicCryptoStream::ExportKeyingMaterial(QuicStringPiece label,
113 QuicStringPiece context,
114 size_t result_len,
vasilvvc48c8712019-03-11 13:38:16 -0700[diff] [blame]115 std::string* result) const {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]116 if (!handshake_confirmed()) {
117 QUIC_DLOG(ERROR) << "ExportKeyingMaterial was called before forward-secure"
118 << "encryption was established.";
119 return false;
120 }
121 return CryptoUtils::ExportKeyingMaterial(
122 crypto_negotiated_params().subkey_secret, label, context, result_len,
123 result);
124}
125
126void QuicCryptoStream::WriteCryptoData(EncryptionLevel level,
127 QuicStringPiece data) {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]128 if (!QuicVersionUsesCryptoFrames(
129 session()->connection()->transport_version())) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]130 // The QUIC crypto handshake takes care of setting the appropriate
131 // encryption level before writing data. Since that is the only handshake
132 // supported in versions less than 47, |level| can be ignored here.
133 WriteOrBufferData(data, /* fin */ false, /* ack_listener */ nullptr);
134 return;
135 }
136 if (data.empty()) {
137 QUIC_BUG << "Empty crypto data being written";
138 return;
139 }
140 // Append |data| to the send buffer for this encryption level.
141 struct iovec iov(QuicUtils::MakeIovec(data));
142 QuicStreamSendBuffer* send_buffer = &substreams_[level].send_buffer;
143 QuicStreamOffset offset = send_buffer->stream_offset();
144 send_buffer->SaveStreamData(&iov, /*iov_count=*/1, /*iov_offset=*/0,
145 data.length());
146 if (kMaxStreamLength - offset < data.length()) {
147 QUIC_BUG << "Writing too much crypto handshake data";
148 // TODO(nharper): Switch this to an IETF QUIC error code, possibly
149 // INTERNAL_ERROR?
150 CloseConnectionWithDetails(QUIC_STREAM_LENGTH_OVERFLOW,
151 "Writing too much crypto handshake data");
152 }
153
154 EncryptionLevel current_level = session()->connection()->encryption_level();
155 session()->connection()->SetDefaultEncryptionLevel(level);
156 size_t bytes_consumed =
157 session()->connection()->SendCryptoData(level, data.length(), offset);
158 session()->connection()->SetDefaultEncryptionLevel(current_level);
159
160 send_buffer->OnStreamDataConsumed(bytes_consumed);
161}
162
163void QuicCryptoStream::OnSuccessfulVersionNegotiation(
164 const ParsedQuicVersion& version) {}
165
166bool QuicCryptoStream::OnCryptoFrameAcked(const QuicCryptoFrame& frame,
167 QuicTime::Delta ack_delay_time) {
168 QuicByteCount newly_acked_length = 0;
169 if (!substreams_[frame.level].send_buffer.OnStreamDataAcked(
170 frame.offset, frame.data_length, &newly_acked_length)) {
171 CloseConnectionWithDetails(QUIC_INTERNAL_ERROR,
172 "Trying to ack unsent crypto data.");
173 return false;
174 }
175 return newly_acked_length > 0;
176}
177
178void QuicCryptoStream::NeuterUnencryptedStreamData() {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]179 if (!QuicVersionUsesCryptoFrames(
180 session()->connection()->transport_version())) {
QUICHE team6987b4a2019-03-15 16:23:04 -0700[diff] [blame]181 for (const auto& interval : bytes_consumed_[ENCRYPTION_INITIAL]) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]182 QuicByteCount newly_acked_length = 0;
183 send_buffer().OnStreamDataAcked(
184 interval.min(), interval.max() - interval.min(), &newly_acked_length);
185 }
186 return;
187 }
QUICHE team6987b4a2019-03-15 16:23:04 -0700[diff] [blame]188 QuicStreamSendBuffer* send_buffer =
189 &substreams_[ENCRYPTION_INITIAL].send_buffer;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]190 // TODO(nharper): Consider adding a Clear() method to QuicStreamSendBuffer to
191 // replace the following code.
192 QuicIntervalSet<QuicStreamOffset> to_ack = send_buffer->bytes_acked();
193 to_ack.Complement(0, send_buffer->stream_offset());
194 for (const auto& interval : to_ack) {
195 QuicByteCount newly_acked_length = 0;
196 send_buffer->OnStreamDataAcked(
197 interval.min(), interval.max() - interval.min(), &newly_acked_length);
198 }
199}
200
201void QuicCryptoStream::OnStreamDataConsumed(size_t bytes_consumed) {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]202 if (QuicVersionUsesCryptoFrames(
203 session()->connection()->transport_version())) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]204 QUIC_BUG << "Stream data consumed when CRYPTO frames should be in use";
205 }
206 if (bytes_consumed > 0) {
207 bytes_consumed_[session()->connection()->encryption_level()].Add(
208 stream_bytes_written(), stream_bytes_written() + bytes_consumed);
209 }
210 QuicStream::OnStreamDataConsumed(bytes_consumed);
211}
212
213bool QuicCryptoStream::HasPendingCryptoRetransmission() {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]214 if (!QuicVersionUsesCryptoFrames(
215 session()->connection()->transport_version())) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]216 return false;
217 }
218 for (EncryptionLevel level :
QUICHE team6987b4a2019-03-15 16:23:04 -0700[diff] [blame]219 {ENCRYPTION_INITIAL, ENCRYPTION_ZERO_RTT, ENCRYPTION_FORWARD_SECURE}) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]220 if (substreams_[level].send_buffer.HasPendingRetransmission()) {
221 return true;
222 }
223 }
224 return false;
225}
226
227void QuicCryptoStream::WritePendingCryptoRetransmission() {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]228 QUIC_BUG_IF(!QuicVersionUsesCryptoFrames(
229 session()->connection()->transport_version()))
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]230 << "Versions less than 47 don't write CRYPTO frames";
231 EncryptionLevel current_encryption_level =
232 session()->connection()->encryption_level();
233 for (EncryptionLevel level :
QUICHE team6987b4a2019-03-15 16:23:04 -0700[diff] [blame]234 {ENCRYPTION_INITIAL, ENCRYPTION_ZERO_RTT, ENCRYPTION_FORWARD_SECURE}) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]235 QuicStreamSendBuffer* send_buffer = &substreams_[level].send_buffer;
236 session()->connection()->SetDefaultEncryptionLevel(level);
237 while (send_buffer->HasPendingRetransmission()) {
238 auto pending = send_buffer->NextPendingRetransmission();
239 size_t bytes_consumed = session()->connection()->SendCryptoData(
240 level, pending.length, pending.offset);
241 send_buffer->OnStreamDataRetransmitted(pending.offset, bytes_consumed);
242 }
243 }
244 session()->connection()->SetDefaultEncryptionLevel(current_encryption_level);
245}
246
247void QuicCryptoStream::WritePendingRetransmission() {
248 while (HasPendingRetransmission()) {
249 StreamPendingRetransmission pending =
250 send_buffer().NextPendingRetransmission();
251 QuicIntervalSet<QuicStreamOffset> retransmission(
252 pending.offset, pending.offset + pending.length);
QUICHE team6987b4a2019-03-15 16:23:04 -0700[diff] [blame]253 EncryptionLevel retransmission_encryption_level = ENCRYPTION_INITIAL;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]254 // Determine the encryption level to write the retransmission
255 // at. The retransmission should be written at the same encryption level
256 // as the original transmission.
257 for (size_t i = 0; i < NUM_ENCRYPTION_LEVELS; ++i) {
258 if (retransmission.Intersects(bytes_consumed_[i])) {
259 retransmission_encryption_level = static_cast<EncryptionLevel>(i);
260 retransmission.Intersection(bytes_consumed_[i]);
261 break;
262 }
263 }
264 pending.offset = retransmission.begin()->min();
265 pending.length =
266 retransmission.begin()->max() - retransmission.begin()->min();
267 EncryptionLevel current_encryption_level =
268 session()->connection()->encryption_level();
269 // Set appropriate encryption level.
270 session()->connection()->SetDefaultEncryptionLevel(
271 retransmission_encryption_level);
272 QuicConsumedData consumed = session()->WritevData(
273 this, id(), pending.length, pending.offset, NO_FIN);
274 QUIC_DVLOG(1) << ENDPOINT << "stream " << id()
275 << " tries to retransmit stream data [" << pending.offset
276 << ", " << pending.offset + pending.length
277 << ") with encryption level: "
278 << retransmission_encryption_level
279 << ", consumed: " << consumed;
280 OnStreamFrameRetransmitted(pending.offset, consumed.bytes_consumed,
281 consumed.fin_consumed);
282 // Restore encryption level.
283 session()->connection()->SetDefaultEncryptionLevel(
284 current_encryption_level);
285 if (consumed.bytes_consumed < pending.length) {
286 // The connection is write blocked.
287 break;
288 }
289 }
290}
291
292bool QuicCryptoStream::RetransmitStreamData(QuicStreamOffset offset,
293 QuicByteCount data_length,
294 bool /*fin*/) {
295 QuicIntervalSet<QuicStreamOffset> retransmission(offset,
296 offset + data_length);
297 // Determine the encryption level to send data. This only needs to be once as
298 // [offset, offset + data_length) is guaranteed to be in the same packet.
QUICHE team6987b4a2019-03-15 16:23:04 -0700[diff] [blame]299 EncryptionLevel send_encryption_level = ENCRYPTION_INITIAL;
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]300 for (size_t i = 0; i < NUM_ENCRYPTION_LEVELS; ++i) {
301 if (retransmission.Intersects(bytes_consumed_[i])) {
302 send_encryption_level = static_cast<EncryptionLevel>(i);
303 break;
304 }
305 }
306 retransmission.Difference(bytes_acked());
307 EncryptionLevel current_encryption_level =
308 session()->connection()->encryption_level();
309 for (const auto& interval : retransmission) {
310 QuicStreamOffset retransmission_offset = interval.min();
311 QuicByteCount retransmission_length = interval.max() - interval.min();
312 // Set appropriate encryption level.
313 session()->connection()->SetDefaultEncryptionLevel(send_encryption_level);
314 QuicConsumedData consumed = session()->WritevData(
315 this, id(), retransmission_length, retransmission_offset, NO_FIN);
316 QUIC_DVLOG(1) << ENDPOINT << "stream " << id()
317 << " is forced to retransmit stream data ["
318 << retransmission_offset << ", "
319 << retransmission_offset + retransmission_length
320 << "), with encryption level: " << send_encryption_level
321 << ", consumed: " << consumed;
322 OnStreamFrameRetransmitted(retransmission_offset, consumed.bytes_consumed,
323 consumed.fin_consumed);
324 // Restore encryption level.
325 session()->connection()->SetDefaultEncryptionLevel(
326 current_encryption_level);
327 if (consumed.bytes_consumed < retransmission_length) {
328 // The connection is write blocked.
329 return false;
330 }
331 }
332
333 return true;
334}
335
336uint64_t QuicCryptoStream::crypto_bytes_read() const {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]337 if (!QuicVersionUsesCryptoFrames(
338 session()->connection()->transport_version())) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]339 return stream_bytes_read();
340 }
QUICHE team6987b4a2019-03-15 16:23:04 -0700[diff] [blame]341 return substreams_[ENCRYPTION_INITIAL].sequencer.NumBytesConsumed() +
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]342 substreams_[ENCRYPTION_ZERO_RTT].sequencer.NumBytesConsumed() +
343 substreams_[ENCRYPTION_FORWARD_SECURE].sequencer.NumBytesConsumed();
344}
345
346uint64_t QuicCryptoStream::BytesReadOnLevel(EncryptionLevel level) const {
347 return substreams_[level].sequencer.NumBytesConsumed();
348}
349
350bool QuicCryptoStream::WriteCryptoFrame(EncryptionLevel level,
351 QuicStreamOffset offset,
352 QuicByteCount data_length,
353 QuicDataWriter* writer) {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]354 QUIC_BUG_IF(!QuicVersionUsesCryptoFrames(
355 session()->connection()->transport_version()))
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]356 << "Versions less than 47 don't write CRYPTO frames (2)";
357 return substreams_[level].send_buffer.WriteStreamData(offset, data_length,
358 writer);
359}
360
361void QuicCryptoStream::OnCryptoFrameLost(QuicCryptoFrame* crypto_frame) {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]362 QUIC_BUG_IF(!QuicVersionUsesCryptoFrames(
363 session()->connection()->transport_version()))
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]364 << "Versions less than 47 don't lose CRYPTO frames";
365 substreams_[crypto_frame->level].send_buffer.OnStreamDataLost(
366 crypto_frame->offset, crypto_frame->data_length);
367}
368
369void QuicCryptoStream::RetransmitData(QuicCryptoFrame* crypto_frame) {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]370 QUIC_BUG_IF(!QuicVersionUsesCryptoFrames(
371 session()->connection()->transport_version()))
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]372 << "Versions less than 47 don't retransmit CRYPTO frames";
373 QuicIntervalSet<QuicStreamOffset> retransmission(
374 crypto_frame->offset, crypto_frame->offset + crypto_frame->data_length);
375 QuicStreamSendBuffer* send_buffer =
376 &substreams_[crypto_frame->level].send_buffer;
377 retransmission.Difference(send_buffer->bytes_acked());
378 if (retransmission.Empty()) {
379 return;
380 }
381 EncryptionLevel current_encryption_level =
382 session()->connection()->encryption_level();
383 for (const auto& interval : retransmission) {
384 size_t retransmission_offset = interval.min();
385 size_t retransmission_length = interval.max() - interval.min();
386 session()->connection()->SetDefaultEncryptionLevel(crypto_frame->level);
387 size_t bytes_consumed = session()->connection()->SendCryptoData(
388 crypto_frame->level, retransmission_length, retransmission_offset);
389 send_buffer->OnStreamDataRetransmitted(retransmission_offset,
390 bytes_consumed);
391 }
392 session()->connection()->SetDefaultEncryptionLevel(current_encryption_level);
393}
394
395bool QuicCryptoStream::IsFrameOutstanding(EncryptionLevel level,
396 size_t offset,
397 size_t length) const {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]398 if (!QuicVersionUsesCryptoFrames(
399 session()->connection()->transport_version())) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]400 // This only happens if a client was originally configured for a version
401 // greater than 45, but received a version negotiation packet and is
402 // attempting to retransmit for a version less than 47. Outside of tests,
403 // this is a misconfiguration of the client, and this connection will be
404 // doomed. Return false here to avoid trying to retransmit CRYPTO frames on
405 // the wrong transport version.
406 return false;
407 }
408 return substreams_[level].send_buffer.IsStreamDataOutstanding(offset, length);
409}
410
411bool QuicCryptoStream::IsWaitingForAcks() const {
QUICHE teamea740082019-03-11 17:58:43 -0700[diff] [blame]412 if (!QuicVersionUsesCryptoFrames(
413 session()->connection()->transport_version())) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]414 return QuicStream::IsWaitingForAcks();
415 }
416 for (EncryptionLevel level :
QUICHE team6987b4a2019-03-15 16:23:04 -0700[diff] [blame]417 {ENCRYPTION_INITIAL, ENCRYPTION_ZERO_RTT, ENCRYPTION_FORWARD_SECURE}) {
QUICHE teama6ef0a62019-03-07 20:34:33 -0500[diff] [blame]418 if (substreams_[level].send_buffer.stream_bytes_outstanding()) {
419 return true;
420 }
421 }
422 return false;
423}
424
425QuicCryptoStream::CryptoSubstream::CryptoSubstream(
426 QuicCryptoStream* crypto_stream,
427 EncryptionLevel)
428 : sequencer(crypto_stream),
429 send_buffer(crypto_stream->session()
430 ->connection()
431 ->helper()
432 ->GetStreamSendBufferAllocator()) {}
433
434#undef ENDPOINT // undef for jumbo builds
435} // namespace quic