Mirror of BoringSSL (grpc依赖) https://boringssl.googlesource.com/boringssl
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

239 lines
7.2 KiB

/* Copyright (c) 2019, Google Inc.
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
#include "mock_quic_transport.h"
#include <openssl/span.h>
#include <cstring>
#include <limits>
namespace {
const uint8_t kTagHandshake = 'H';
const uint8_t kTagApplication = 'A';
const uint8_t kTagAlert = 'L';
} // namespace
MockQuicTransport::MockQuicTransport(bssl::UniquePtr<BIO> bio, SSL *ssl)
: bio_(std::move(bio)),
read_levels_(ssl_encryption_application + 1),
write_levels_(ssl_encryption_application + 1),
ssl_(ssl) {}
bool MockQuicTransport::SetReadSecret(enum ssl_encryption_level_t level,
const SSL_CIPHER *cipher,
const uint8_t *secret,
size_t secret_len) {
// TODO(davidben): Assert the various encryption secret invariants.
read_levels_[level].cipher = SSL_CIPHER_get_protocol_id(cipher);
read_levels_[level].secret.assign(secret, secret + secret_len);
return true;
}
bool MockQuicTransport::SetWriteSecret(enum ssl_encryption_level_t level,
const SSL_CIPHER *cipher,
const uint8_t *secret,
size_t secret_len) {
// TODO(davidben): Assert the various encryption secret invariants.
write_levels_[level].cipher = SSL_CIPHER_get_protocol_id(cipher);
write_levels_[level].secret.assign(secret, secret + secret_len);
return true;
}
namespace {
bool ReadAll(BIO *bio, bssl::Span<uint8_t> out) {
size_t len = out.size();
uint8_t *buf = out.data();
while (len > 0) {
int chunk_len = std::numeric_limits<int>::max();
if (len <= static_cast<unsigned int>(std::numeric_limits<int>::max())) {
chunk_len = len;
}
int ret = BIO_read(bio, buf, chunk_len);
if (ret <= 0) {
return false;
}
buf += ret;
len -= ret;
}
return true;
}
} // namespace
bool MockQuicTransport::ReadHeader(uint8_t *out_tag, size_t *out_len) {
uint8_t header[7];
if (!ReadAll(bio_.get(), header)) {
return false;
}
*out_tag = header[0];
uint16_t cipher_suite = header[1] << 8 | header[2];
size_t remaining_bytes =
header[3] << 24 | header[4] << 16 | header[5] << 8 | header[6];
enum ssl_encryption_level_t level = SSL_quic_read_level(ssl_);
if (*out_tag == kTagApplication) {
if (SSL_in_early_data(ssl_)) {
level = ssl_encryption_early_data;
} else {
level = ssl_encryption_application;
}
}
if (cipher_suite != read_levels_[level].cipher) {
return false;
}
const std::vector<uint8_t> &secret = read_levels_[level].secret;
std::vector<uint8_t> read_secret(secret.size());
if (remaining_bytes < secret.size()) {
return false;
}
remaining_bytes -= secret.size();
if (!ReadAll(bio_.get(), bssl::MakeSpan(read_secret)) ||
read_secret != secret) {
return false;
}
*out_len = remaining_bytes;
return true;
}
bool MockQuicTransport::ReadHandshake() {
uint8_t tag;
size_t len;
if (!ReadHeader(&tag, &len)) {
return false;
}
if (tag != kTagHandshake) {
return false;
}
std::vector<uint8_t> buf(len);
if (!ReadAll(bio_.get(), bssl::MakeSpan(buf))) {
return false;
}
return SSL_provide_quic_data(ssl_, SSL_quic_read_level(ssl_), buf.data(),
buf.size());
}
int MockQuicTransport::ReadApplicationData(uint8_t *out, size_t max_out) {
if (pending_app_data_.size() > 0) {
size_t len = pending_app_data_.size() - app_data_offset_;
if (len > max_out) {
len = max_out;
}
memcpy(out, pending_app_data_.data() + app_data_offset_, len);
app_data_offset_ += len;
if (app_data_offset_ == pending_app_data_.size()) {
pending_app_data_.clear();
app_data_offset_ = 0;
}
return len;
}
uint8_t tag = 0;
size_t len;
while (true) {
if (!ReadHeader(&tag, &len)) {
// Assume that a failure to read the header means there's no more to read,
// not an error reading.
return 0;
}
if (tag == kTagApplication) {
break;
}
if (tag != kTagHandshake) {
return -1;
}
std::vector<uint8_t> buf(len);
if (!ReadAll(bio_.get(), bssl::MakeSpan(buf))) {
return -1;
}
if (SSL_provide_quic_data(ssl_, SSL_quic_read_level(ssl_), buf.data(),
buf.size()) != 1) {
return -1;
}
if (SSL_in_init(ssl_)) {
int ret = SSL_do_handshake(ssl_);
if (ret < 0) {
int ssl_err = SSL_get_error(ssl_, ret);
if (ssl_err == SSL_ERROR_WANT_READ) {
continue;
}
return -1;
}
} else if (SSL_process_quic_post_handshake(ssl_) != 1) {
return -1;
}
}
uint8_t *buf = out;
if (len > max_out) {
pending_app_data_.resize(len);
buf = pending_app_data_.data();
}
app_data_offset_ = 0;
if (!ReadAll(bio_.get(), bssl::MakeSpan(buf, len))) {
return -1;
}
if (len > max_out) {
memcpy(out, buf, max_out);
app_data_offset_ = max_out;
return max_out;
}
return len;
}
bool MockQuicTransport::WriteRecord(enum ssl_encryption_level_t level,
uint8_t tag, const uint8_t *data,
size_t len) {
uint16_t cipher_suite = write_levels_[level].cipher;
const std::vector<uint8_t> &secret = write_levels_[level].secret;
size_t tlv_len = secret.size() + len;
uint8_t header[7];
header[0] = tag;
header[1] = (cipher_suite >> 8) & 0xff;
header[2] = cipher_suite & 0xff;
header[3] = (tlv_len >> 24) & 0xff;
header[4] = (tlv_len >> 16) & 0xff;
header[5] = (tlv_len >> 8) & 0xff;
header[6] = tlv_len & 0xff;
return BIO_write_all(bio_.get(), header, sizeof(header)) &&
BIO_write_all(bio_.get(), secret.data(), secret.size()) &&
BIO_write_all(bio_.get(), data, len);
}
bool MockQuicTransport::WriteHandshakeData(enum ssl_encryption_level_t level,
const uint8_t *data, size_t len) {
return WriteRecord(level, kTagHandshake, data, len);
}
bool MockQuicTransport::WriteApplicationData(const uint8_t *in, size_t len) {
enum ssl_encryption_level_t level = ssl_encryption_application;
if (SSL_in_early_data(ssl_) && !SSL_is_server(ssl_)) {
level = ssl_encryption_early_data;
}
return WriteRecord(level, kTagApplication, in, len);
}
bool MockQuicTransport::Flush() { return BIO_flush(bio_.get()); }
bool MockQuicTransport::SendAlert(enum ssl_encryption_level_t level,
uint8_t alert) {
uint8_t alert_msg[] = {2, alert};
return WriteRecord(level, kTagAlert, alert_msg, sizeof(alert_msg));
}