quic_framer.cc revision 7d4cd473f85ac64c3747c96c277f9e506a0d2246
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "net/quic/quic_framer.h" 6 7#include "base/containers/hash_tables.h" 8#include "net/quic/crypto/quic_decrypter.h" 9#include "net/quic/crypto/quic_encrypter.h" 10#include "net/quic/quic_data_reader.h" 11#include "net/quic/quic_data_writer.h" 12 13using base::StringPiece; 14using std::make_pair; 15using std::map; 16using std::numeric_limits; 17using std::string; 18 19namespace net { 20 21namespace { 22 23// Mask to select the lowest 48 bits of a sequence number. 24const QuicPacketSequenceNumber k6ByteSequenceNumberMask = 25 GG_UINT64_C(0x0000FFFFFFFFFFFF); 26const QuicPacketSequenceNumber k4ByteSequenceNumberMask = 27 GG_UINT64_C(0x00000000FFFFFFFF); 28const QuicPacketSequenceNumber k2ByteSequenceNumberMask = 29 GG_UINT64_C(0x000000000000FFFF); 30const QuicPacketSequenceNumber k1ByteSequenceNumberMask = 31 GG_UINT64_C(0x00000000000000FF); 32 33const QuicGuid k1ByteGuidMask = GG_UINT64_C(0x00000000000000FF); 34const QuicGuid k4ByteGuidMask = GG_UINT64_C(0x00000000FFFFFFFF); 35 36const uint32 kInvalidDeltaTime = 0xffffffff; 37 38// Returns the absolute value of the difference between |a| and |b|. 39QuicPacketSequenceNumber Delta(QuicPacketSequenceNumber a, 40 QuicPacketSequenceNumber b) { 41 // Since these are unsigned numbers, we can't just return abs(a - b) 42 if (a < b) { 43 return b - a; 44 } 45 return a - b; 46} 47 48QuicPacketSequenceNumber ClosestTo(QuicPacketSequenceNumber target, 49 QuicPacketSequenceNumber a, 50 QuicPacketSequenceNumber b) { 51 return (Delta(target, a) < Delta(target, b)) ? a : b; 52} 53 54} // namespace 55 56QuicFramer::QuicFramer(QuicTag version, 57 QuicTime creation_time, 58 bool is_server) 59 : visitor_(NULL), 60 fec_builder_(NULL), 61 error_(QUIC_NO_ERROR), 62 last_sequence_number_(0), 63 last_serialized_guid_(0), 64 quic_version_(version), 65 decrypter_(QuicDecrypter::Create(kNULL)), 66 alternative_decrypter_latch_(false), 67 is_server_(is_server), 68 creation_time_(creation_time) { 69 DCHECK(IsSupportedVersion(version)); 70 encrypter_[ENCRYPTION_NONE].reset(QuicEncrypter::Create(kNULL)); 71} 72 73QuicFramer::~QuicFramer() {} 74 75bool CanTruncate(const QuicFrame& frame) { 76 if (frame.type == ACK_FRAME || 77 frame.type == CONNECTION_CLOSE_FRAME) { 78 return true; 79 } 80 return false; 81} 82 83// static 84size_t QuicFramer::GetMinStreamFrameSize() { 85 return kQuicFrameTypeSize + kQuicStreamIdSize + 86 kQuicStreamFinSize + kQuicStreamOffsetSize + kQuicStreamPayloadLengthSize; 87} 88 89// static 90size_t QuicFramer::GetMinAckFrameSize() { 91 return kQuicFrameTypeSize + kQuicEntropyHashSize + 92 PACKET_6BYTE_SEQUENCE_NUMBER + kQuicEntropyHashSize + 93 PACKET_6BYTE_SEQUENCE_NUMBER + kQuicDeltaTimeLargestObservedSize + 94 kNumberOfMissingPacketsSize; 95} 96 97// static 98size_t QuicFramer::GetMinRstStreamFrameSize() { 99 return kQuicFrameTypeSize + kQuicStreamIdSize + kQuicErrorCodeSize + 100 kQuicErrorDetailsLengthSize; 101} 102 103// static 104size_t QuicFramer::GetMinConnectionCloseFrameSize() { 105 return kQuicFrameTypeSize + kQuicErrorCodeSize + kQuicErrorDetailsLengthSize + 106 GetMinAckFrameSize(); 107} 108 109// static 110size_t QuicFramer::GetMinGoAwayFrameSize() { 111 return kQuicFrameTypeSize + kQuicErrorCodeSize + kQuicErrorDetailsLengthSize + 112 kQuicStreamIdSize; 113} 114 115// static 116// TODO(satyamshekhar): 16 - Crypto hash for integrity. Not a static value. Use 117// QuicEncrypter::GetMaxPlaintextSize. 118// 16 is a conservative estimate in the case of AEAD_AES_128_GCM_12, which uses 119// 12-byte tags. 120size_t QuicFramer::GetMaxUnackedPackets(QuicPacketHeader header) { 121 return (kMaxPacketSize - GetPacketHeaderSize(header) - 122 GetMinAckFrameSize() - 16) / PACKET_6BYTE_SEQUENCE_NUMBER; 123} 124 125bool QuicFramer::IsSupportedVersion(QuicTag version) { 126 return version == kQuicVersion1; 127} 128 129size_t QuicFramer::GetVersionNegotiationPacketSize(size_t number_versions) { 130 return kPublicFlagsSize + PACKET_8BYTE_GUID + 131 number_versions * kQuicVersionSize; 132} 133 134size_t QuicFramer::GetSerializedFrameLength( 135 const QuicFrame& frame, size_t free_bytes, bool first_frame) { 136 if (frame.type == PADDING_FRAME) { 137 // PADDING implies end of packet. 138 return free_bytes; 139 } 140 size_t frame_len = ComputeFrameLength(frame); 141 if (frame_len > free_bytes) { 142 // Only truncate the first frame in a packet, so if subsequent ones go 143 // over, stop including more frames. 144 if (!first_frame) { 145 return 0; 146 } 147 if (CanTruncate(frame)) { 148 // Truncate the frame so the packet will not exceed kMaxPacketSize. 149 // Note that we may not use every byte of the writer in this case. 150 if (free_bytes >= GetMinAckFrameSize()) { 151 DLOG(INFO) << "Truncating large frame"; 152 return free_bytes; 153 } 154 return 0; 155 } 156 } 157 return frame_len; 158} 159 160QuicPacketEntropyHash QuicFramer::GetPacketEntropyHash( 161 const QuicPacketHeader& header) const { 162 if (!header.entropy_flag) { 163 // TODO(satyamshekhar): Return some more better value here (something that 164 // is not a constant). 165 return 0; 166 } 167 return 1 << (header.packet_sequence_number % 8); 168} 169 170SerializedPacket QuicFramer::ConstructFrameDataPacket( 171 const QuicPacketHeader& header, 172 const QuicFrames& frames) { 173 const size_t max_plaintext_size = GetMaxPlaintextSize(kMaxPacketSize); 174 size_t packet_size = GetPacketHeaderSize(header); 175 for (size_t i = 0; i < frames.size(); ++i) { 176 DCHECK_LE(packet_size, max_plaintext_size); 177 const size_t frame_size = GetSerializedFrameLength( 178 frames[i], max_plaintext_size - packet_size, i == 0); 179 DCHECK(frame_size); 180 packet_size += frame_size; 181 } 182 return ConstructFrameDataPacket(header, frames, packet_size); 183} 184 185SerializedPacket QuicFramer::ConstructFrameDataPacket( 186 const QuicPacketHeader& header, 187 const QuicFrames& frames, 188 size_t packet_size) { 189 QuicDataWriter writer(packet_size); 190 SerializedPacket kNoPacket = SerializedPacket(0, NULL, 0, NULL); 191 if (!WritePacketHeader(header, &writer)) { 192 return kNoPacket; 193 } 194 195 for (size_t i = 0; i < frames.size(); ++i) { 196 const QuicFrame& frame = frames[i]; 197 if (!writer.WriteUInt8(frame.type)) { 198 return kNoPacket; 199 } 200 201 switch (frame.type) { 202 case PADDING_FRAME: 203 writer.WritePadding(); 204 break; 205 case STREAM_FRAME: 206 if (!AppendStreamFramePayload(*frame.stream_frame, &writer)) { 207 return kNoPacket; 208 } 209 break; 210 case ACK_FRAME: 211 if (!AppendAckFramePayload(*frame.ack_frame, &writer)) { 212 return kNoPacket; 213 } 214 break; 215 case CONGESTION_FEEDBACK_FRAME: 216 if (!AppendQuicCongestionFeedbackFramePayload( 217 *frame.congestion_feedback_frame, &writer)) { 218 return kNoPacket; 219 } 220 break; 221 case RST_STREAM_FRAME: 222 if (!AppendRstStreamFramePayload(*frame.rst_stream_frame, &writer)) { 223 return kNoPacket; 224 } 225 break; 226 case CONNECTION_CLOSE_FRAME: 227 if (!AppendConnectionCloseFramePayload( 228 *frame.connection_close_frame, &writer)) { 229 return kNoPacket; 230 } 231 break; 232 case GOAWAY_FRAME: 233 if (!AppendGoAwayFramePayload(*frame.goaway_frame, &writer)) { 234 return kNoPacket; 235 } 236 break; 237 default: 238 RaiseError(QUIC_INVALID_FRAME_DATA); 239 return kNoPacket; 240 } 241 } 242 243 // Save the length before writing, because take clears it. 244 const size_t len = writer.length(); 245 // Less than or equal because truncated acks end up with max_plaintex_size 246 // length, even though they're typically slightly shorter. 247 DCHECK_LE(len, packet_size); 248 QuicPacket* packet = QuicPacket::NewDataPacket( 249 writer.take(), len, true, header.public_header.guid_length, 250 header.public_header.version_flag, 251 header.public_header.sequence_number_length); 252 253 if (fec_builder_) { 254 fec_builder_->OnBuiltFecProtectedPayload(header, 255 packet->FecProtectedData()); 256 } 257 258 return SerializedPacket(header.packet_sequence_number, packet, 259 GetPacketEntropyHash(header), NULL); 260} 261 262SerializedPacket QuicFramer::ConstructFecPacket( 263 const QuicPacketHeader& header, 264 const QuicFecData& fec) { 265 DCHECK_EQ(IN_FEC_GROUP, header.is_in_fec_group); 266 DCHECK_NE(0u, header.fec_group); 267 size_t len = GetPacketHeaderSize(header); 268 len += fec.redundancy.length(); 269 270 QuicDataWriter writer(len); 271 SerializedPacket kNoPacket = SerializedPacket(0, NULL, 0, NULL); 272 if (!WritePacketHeader(header, &writer)) { 273 return kNoPacket; 274 } 275 276 if (!writer.WriteBytes(fec.redundancy.data(), fec.redundancy.length())) { 277 return kNoPacket; 278 } 279 280 return SerializedPacket( 281 header.packet_sequence_number, 282 QuicPacket::NewFecPacket(writer.take(), len, true, 283 header.public_header.guid_length, 284 header.public_header.version_flag, 285 header.public_header.sequence_number_length), 286 GetPacketEntropyHash(header), NULL); 287} 288 289// static 290QuicEncryptedPacket* QuicFramer::ConstructPublicResetPacket( 291 const QuicPublicResetPacket& packet) { 292 DCHECK(packet.public_header.reset_flag); 293 size_t len = GetPublicResetPacketSize(); 294 QuicDataWriter writer(len); 295 296 uint8 flags = static_cast<uint8>(PACKET_PUBLIC_FLAGS_RST | 297 PACKET_PUBLIC_FLAGS_8BYTE_GUID | 298 PACKET_PUBLIC_FLAGS_6BYTE_SEQUENCE); 299 if (!writer.WriteUInt8(flags)) { 300 return NULL; 301 } 302 303 if (!writer.WriteUInt64(packet.public_header.guid)) { 304 return NULL; 305 } 306 307 if (!writer.WriteUInt64(packet.nonce_proof)) { 308 return NULL; 309 } 310 311 if (!AppendPacketSequenceNumber(PACKET_6BYTE_SEQUENCE_NUMBER, 312 packet.rejected_sequence_number, 313 &writer)) { 314 return NULL; 315 } 316 317 return new QuicEncryptedPacket(writer.take(), len, true); 318} 319 320QuicEncryptedPacket* QuicFramer::ConstructVersionNegotiationPacket( 321 const QuicPacketPublicHeader& header, 322 const QuicTagVector& supported_versions) { 323 DCHECK(header.version_flag); 324 size_t len = GetVersionNegotiationPacketSize(supported_versions.size()); 325 QuicDataWriter writer(len); 326 327 uint8 flags = static_cast<uint8>(PACKET_PUBLIC_FLAGS_VERSION | 328 PACKET_PUBLIC_FLAGS_8BYTE_GUID | 329 PACKET_PUBLIC_FLAGS_6BYTE_SEQUENCE); 330 if (!writer.WriteUInt8(flags)) { 331 return NULL; 332 } 333 334 if (!writer.WriteUInt64(header.guid)) { 335 return NULL; 336 } 337 338 for (size_t i = 0; i < supported_versions.size(); ++i) { 339 if (!writer.WriteUInt32(supported_versions[i])) { 340 return NULL; 341 } 342 } 343 344 return new QuicEncryptedPacket(writer.take(), len, true); 345} 346 347bool QuicFramer::ProcessPacket(const QuicEncryptedPacket& packet) { 348 // TODO(satyamshekhar): Don't RaiseError (and close the connection) for 349 // invalid (unauthenticated) packets. 350 DCHECK(!reader_.get()); 351 reader_.reset(new QuicDataReader(packet.data(), packet.length())); 352 353 visitor_->OnPacket(); 354 355 // First parse the public header. 356 QuicPacketPublicHeader public_header; 357 if (!ProcessPublicHeader(&public_header)) { 358 DLOG(WARNING) << "Unable to process public header."; 359 return RaiseError(QUIC_INVALID_PACKET_HEADER); 360 } 361 362 if (is_server_ && public_header.version_flag && 363 public_header.versions[0] != quic_version_) { 364 if (!visitor_->OnProtocolVersionMismatch(public_header.versions[0])) { 365 reader_.reset(NULL); 366 return true; 367 } 368 } 369 370 bool rv; 371 if (!is_server_ && public_header.version_flag) { 372 rv = ProcessVersionNegotiationPacket(&public_header); 373 } else if (public_header.reset_flag) { 374 rv = ProcessPublicResetPacket(public_header); 375 } else { 376 rv = ProcessDataPacket(public_header, packet); 377 } 378 379 reader_.reset(NULL); 380 return rv; 381} 382 383bool QuicFramer::ProcessVersionNegotiationPacket( 384 QuicPacketPublicHeader* public_header) { 385 DCHECK(!is_server_); 386 // Try reading at least once to raise error if the packet is invalid. 387 do { 388 QuicTag version; 389 if (!reader_->ReadBytes(&version, kQuicVersionSize)) { 390 set_detailed_error("Unable to read supported version in negotiation."); 391 return RaiseError(QUIC_INVALID_VERSION_NEGOTIATION_PACKET); 392 } 393 public_header->versions.push_back(version); 394 } while (!reader_->IsDoneReading()); 395 396 visitor_->OnVersionNegotiationPacket(*public_header); 397 return true; 398} 399 400bool QuicFramer::ProcessDataPacket( 401 const QuicPacketPublicHeader& public_header, 402 const QuicEncryptedPacket& packet) { 403 QuicPacketHeader header(public_header); 404 if (!ProcessPacketHeader(&header, packet)) { 405 DCHECK_NE(QUIC_NO_ERROR, error_); // ProcessPacketHeader sets the error. 406 DLOG(WARNING) << "Unable to process data packet header."; 407 return false; 408 } 409 410 if (!visitor_->OnPacketHeader(header)) { 411 // The visitor suppresses further processing of the packet. 412 return true; 413 } 414 415 if (packet.length() > kMaxPacketSize) { 416 DLOG(WARNING) << "Packet too large: " << packet.length(); 417 return RaiseError(QUIC_PACKET_TOO_LARGE); 418 } 419 420 // Handle the payload. 421 if (!header.fec_flag) { 422 if (header.is_in_fec_group == IN_FEC_GROUP) { 423 StringPiece payload = reader_->PeekRemainingPayload(); 424 visitor_->OnFecProtectedPayload(payload); 425 } 426 if (!ProcessFrameData()) { 427 DCHECK_NE(QUIC_NO_ERROR, error_); // ProcessFrameData sets the error. 428 DLOG(WARNING) << "Unable to process frame data."; 429 return false; 430 } 431 } else { 432 QuicFecData fec_data; 433 fec_data.fec_group = header.fec_group; 434 fec_data.redundancy = reader_->ReadRemainingPayload(); 435 visitor_->OnFecData(fec_data); 436 } 437 438 visitor_->OnPacketComplete(); 439 return true; 440} 441 442bool QuicFramer::ProcessPublicResetPacket( 443 const QuicPacketPublicHeader& public_header) { 444 QuicPublicResetPacket packet(public_header); 445 if (!reader_->ReadUInt64(&packet.nonce_proof)) { 446 set_detailed_error("Unable to read nonce proof."); 447 return RaiseError(QUIC_INVALID_PUBLIC_RST_PACKET); 448 } 449 // TODO(satyamshekhar): validate nonce to protect against DoS. 450 451 if (!reader_->ReadUInt48(&packet.rejected_sequence_number)) { 452 set_detailed_error("Unable to read rejected sequence number."); 453 return RaiseError(QUIC_INVALID_PUBLIC_RST_PACKET); 454 } 455 visitor_->OnPublicResetPacket(packet); 456 return true; 457} 458 459bool QuicFramer::ProcessRevivedPacket(QuicPacketHeader* header, 460 StringPiece payload) { 461 DCHECK(!reader_.get()); 462 463 visitor_->OnRevivedPacket(); 464 465 header->entropy_hash = GetPacketEntropyHash(*header); 466 467 if (!visitor_->OnPacketHeader(*header)) { 468 return true; 469 } 470 471 if (payload.length() > kMaxPacketSize) { 472 set_detailed_error("Revived packet too large."); 473 return RaiseError(QUIC_PACKET_TOO_LARGE); 474 } 475 476 reader_.reset(new QuicDataReader(payload.data(), payload.length())); 477 if (!ProcessFrameData()) { 478 DCHECK_NE(QUIC_NO_ERROR, error_); // ProcessFrameData sets the error. 479 DLOG(WARNING) << "Unable to process frame data."; 480 return false; 481 } 482 483 visitor_->OnPacketComplete(); 484 reader_.reset(NULL); 485 return true; 486} 487 488bool QuicFramer::WritePacketHeader(const QuicPacketHeader& header, 489 QuicDataWriter* writer) { 490 DCHECK(header.fec_group > 0 || header.is_in_fec_group == NOT_IN_FEC_GROUP); 491 uint8 public_flags = 0; 492 if (header.public_header.reset_flag) { 493 public_flags |= PACKET_PUBLIC_FLAGS_RST; 494 } 495 if (header.public_header.version_flag) { 496 public_flags |= PACKET_PUBLIC_FLAGS_VERSION; 497 } 498 switch (header.public_header.sequence_number_length) { 499 case PACKET_1BYTE_SEQUENCE_NUMBER: 500 public_flags |= PACKET_PUBLIC_FLAGS_1BYTE_SEQUENCE; 501 break; 502 case PACKET_2BYTE_SEQUENCE_NUMBER: 503 public_flags |= PACKET_PUBLIC_FLAGS_2BYTE_SEQUENCE; 504 break; 505 case PACKET_4BYTE_SEQUENCE_NUMBER: 506 public_flags |= PACKET_PUBLIC_FLAGS_4BYTE_SEQUENCE; 507 break; 508 case PACKET_6BYTE_SEQUENCE_NUMBER: 509 public_flags |= PACKET_PUBLIC_FLAGS_6BYTE_SEQUENCE; 510 break; 511 } 512 513 switch (header.public_header.guid_length) { 514 case PACKET_0BYTE_GUID: 515 if (!writer->WriteUInt8(public_flags | PACKET_PUBLIC_FLAGS_0BYTE_GUID)) { 516 return false; 517 } 518 break; 519 case PACKET_1BYTE_GUID: 520 if (!writer->WriteUInt8(public_flags | PACKET_PUBLIC_FLAGS_1BYTE_GUID)) { 521 return false; 522 } 523 if (!writer->WriteUInt8(header.public_header.guid & k1ByteGuidMask)) { 524 return false; 525 } 526 break; 527 case PACKET_4BYTE_GUID: 528 if (!writer->WriteUInt8(public_flags | PACKET_PUBLIC_FLAGS_4BYTE_GUID)) { 529 return false; 530 } 531 if (!writer->WriteUInt32(header.public_header.guid & k4ByteGuidMask)) { 532 return false; 533 } 534 break; 535 case PACKET_8BYTE_GUID: 536 if (!writer->WriteUInt8(public_flags | PACKET_PUBLIC_FLAGS_8BYTE_GUID)) { 537 return false; 538 } 539 if (!writer->WriteUInt64(header.public_header.guid)) { 540 return false; 541 } 542 break; 543 } 544 last_serialized_guid_ = header.public_header.guid; 545 546 if (header.public_header.version_flag) { 547 DCHECK(!is_server_); 548 writer->WriteUInt32(quic_version_); 549 } 550 551 if (!AppendPacketSequenceNumber(header.public_header.sequence_number_length, 552 header.packet_sequence_number, writer)) { 553 return false; 554 } 555 556 uint8 private_flags = 0; 557 if (header.entropy_flag) { 558 private_flags |= PACKET_PRIVATE_FLAGS_ENTROPY; 559 } 560 if (header.is_in_fec_group == IN_FEC_GROUP) { 561 private_flags |= PACKET_PRIVATE_FLAGS_FEC_GROUP; 562 } 563 if (header.fec_flag) { 564 private_flags |= PACKET_PRIVATE_FLAGS_FEC; 565 } 566 if (!writer->WriteUInt8(private_flags)) { 567 return false; 568 } 569 570 // The FEC group number is the sequence number of the first fec 571 // protected packet, or 0 if this packet is not protected. 572 if (header.is_in_fec_group == IN_FEC_GROUP) { 573 DCHECK_GE(header.packet_sequence_number, header.fec_group); 574 DCHECK_GT(255u, header.packet_sequence_number - header.fec_group); 575 // Offset from the current packet sequence number to the first fec 576 // protected packet. 577 uint8 first_fec_protected_packet_offset = 578 header.packet_sequence_number - header.fec_group; 579 if (!writer->WriteBytes(&first_fec_protected_packet_offset, 1)) { 580 return false; 581 } 582 } 583 584 return true; 585} 586 587QuicPacketSequenceNumber QuicFramer::CalculatePacketSequenceNumberFromWire( 588 QuicSequenceNumberLength sequence_number_length, 589 QuicPacketSequenceNumber packet_sequence_number) const { 590 // The new sequence number might have wrapped to the next epoch, or 591 // it might have reverse wrapped to the previous epoch, or it might 592 // remain in the same epoch. Select the sequence number closest to the 593 // next expected sequence number, the previous sequence number plus 1. 594 595 // epoch_delta is the delta between epochs the sequence number was serialized 596 // with, so the correct value is likely the same epoch as the last sequence 597 // number or an adjacent epoch. 598 const QuicPacketSequenceNumber epoch_delta = 599 GG_UINT64_C(1) << (8 * sequence_number_length); 600 QuicPacketSequenceNumber next_sequence_number = last_sequence_number_ + 1; 601 QuicPacketSequenceNumber epoch = last_sequence_number_ & ~(epoch_delta - 1); 602 QuicPacketSequenceNumber prev_epoch = epoch - epoch_delta; 603 QuicPacketSequenceNumber next_epoch = epoch + epoch_delta; 604 605 return ClosestTo(next_sequence_number, 606 epoch + packet_sequence_number, 607 ClosestTo(next_sequence_number, 608 prev_epoch + packet_sequence_number, 609 next_epoch + packet_sequence_number)); 610} 611 612bool QuicFramer::ProcessPublicHeader( 613 QuicPacketPublicHeader* public_header) { 614 uint8 public_flags; 615 if (!reader_->ReadBytes(&public_flags, 1)) { 616 set_detailed_error("Unable to read public flags."); 617 return false; 618 } 619 620 public_header->reset_flag = (public_flags & PACKET_PUBLIC_FLAGS_RST) != 0; 621 public_header->version_flag = 622 (public_flags & PACKET_PUBLIC_FLAGS_VERSION) != 0; 623 624 if (!public_header->version_flag && public_flags > PACKET_PUBLIC_FLAGS_MAX) { 625 set_detailed_error("Illegal public flags value."); 626 return false; 627 } 628 629 if (public_header->reset_flag && public_header->version_flag) { 630 set_detailed_error("Got version flag in reset packet"); 631 return false; 632 } 633 634 switch (public_flags & PACKET_PUBLIC_FLAGS_8BYTE_GUID) { 635 case PACKET_PUBLIC_FLAGS_8BYTE_GUID: 636 if (!reader_->ReadUInt64(&public_header->guid)) { 637 set_detailed_error("Unable to read GUID."); 638 return false; 639 } 640 public_header->guid_length = PACKET_8BYTE_GUID; 641 break; 642 case PACKET_PUBLIC_FLAGS_4BYTE_GUID: 643 // If the guid is truncated, expect to read the last serialized guid. 644 if (!reader_->ReadBytes(&public_header->guid, PACKET_4BYTE_GUID)) { 645 set_detailed_error("Unable to read GUID."); 646 return false; 647 } 648 if ((public_header->guid & k4ByteGuidMask) != 649 (last_serialized_guid_ & k4ByteGuidMask)) { 650 set_detailed_error( 651 "Truncated 4 byte GUID does not match previous guid."); 652 return false; 653 } 654 public_header->guid_length = PACKET_4BYTE_GUID; 655 public_header->guid = last_serialized_guid_; 656 break; 657 case PACKET_PUBLIC_FLAGS_1BYTE_GUID: 658 if (!reader_->ReadBytes(&public_header->guid, PACKET_1BYTE_GUID)) { 659 set_detailed_error("Unable to read GUID."); 660 return false; 661 } 662 if ((public_header->guid & k1ByteGuidMask) != 663 (last_serialized_guid_ & k1ByteGuidMask)) { 664 set_detailed_error( 665 "Truncated 1 byte GUID does not match previous guid."); 666 return false; 667 } 668 public_header->guid_length = PACKET_1BYTE_GUID; 669 public_header->guid = last_serialized_guid_; 670 break; 671 case PACKET_PUBLIC_FLAGS_0BYTE_GUID: 672 public_header->guid_length = PACKET_0BYTE_GUID; 673 public_header->guid = last_serialized_guid_; 674 break; 675 } 676 677 switch (public_flags & PACKET_PUBLIC_FLAGS_6BYTE_SEQUENCE) { 678 case PACKET_PUBLIC_FLAGS_6BYTE_SEQUENCE: 679 public_header->sequence_number_length = PACKET_6BYTE_SEQUENCE_NUMBER; 680 break; 681 case PACKET_PUBLIC_FLAGS_4BYTE_SEQUENCE: 682 public_header->sequence_number_length = PACKET_4BYTE_SEQUENCE_NUMBER; 683 break; 684 case PACKET_PUBLIC_FLAGS_2BYTE_SEQUENCE: 685 public_header->sequence_number_length = PACKET_2BYTE_SEQUENCE_NUMBER; 686 break; 687 case PACKET_PUBLIC_FLAGS_1BYTE_SEQUENCE: 688 public_header->sequence_number_length = PACKET_1BYTE_SEQUENCE_NUMBER; 689 break; 690 } 691 692 if (public_header->version_flag && is_server_) { 693 QuicTag version; 694 if (!reader_->ReadUInt32(&version)) { 695 // Read the version only if the packet is from the client. 696 // version flag from the server means version negotiation packet. 697 set_detailed_error("Unable to read protocol version."); 698 return false; 699 } 700 if (version == quic_version_ && public_flags > PACKET_PUBLIC_FLAGS_MAX) { 701 set_detailed_error("Illegal public flags value."); 702 return false; 703 } 704 public_header->versions.push_back(version); 705 } 706 return true; 707} 708 709// static 710bool QuicFramer::ReadGuidFromPacket(const QuicEncryptedPacket& packet, 711 QuicGuid* guid) { 712 QuicDataReader reader(packet.data(), packet.length()); 713 uint8 public_flags; 714 if (!reader.ReadBytes(&public_flags, 1)) { 715 return false; 716 } 717 // Ensure it's an 8 byte guid. 718 if ((public_flags & PACKET_PUBLIC_FLAGS_8BYTE_GUID) != 719 PACKET_PUBLIC_FLAGS_8BYTE_GUID) { 720 return false; 721 } 722 723 return reader.ReadUInt64(guid); 724} 725 726bool QuicFramer::ProcessPacketHeader( 727 QuicPacketHeader* header, 728 const QuicEncryptedPacket& packet) { 729 if (!ProcessPacketSequenceNumber(header->public_header.sequence_number_length, 730 &header->packet_sequence_number)) { 731 set_detailed_error("Unable to read sequence number."); 732 return RaiseError(QUIC_INVALID_PACKET_HEADER); 733 } 734 735 if (header->packet_sequence_number == 0u) { 736 set_detailed_error("Packet sequence numbers cannot be 0."); 737 return RaiseError(QUIC_INVALID_PACKET_HEADER); 738 } 739 740 if (!DecryptPayload(*header, packet)) { 741 set_detailed_error("Unable to decrypt payload."); 742 return RaiseError(QUIC_DECRYPTION_FAILURE); 743 } 744 745 uint8 private_flags; 746 if (!reader_->ReadBytes(&private_flags, 1)) { 747 set_detailed_error("Unable to read private flags."); 748 return RaiseError(QUIC_INVALID_PACKET_HEADER); 749 } 750 751 if (private_flags > PACKET_PRIVATE_FLAGS_MAX) { 752 set_detailed_error("Illegal private flags value."); 753 return RaiseError(QUIC_INVALID_PACKET_HEADER); 754 } 755 756 header->entropy_flag = (private_flags & PACKET_PRIVATE_FLAGS_ENTROPY) != 0; 757 header->fec_flag = (private_flags & PACKET_PRIVATE_FLAGS_FEC) != 0; 758 759 if ((private_flags & PACKET_PRIVATE_FLAGS_FEC_GROUP) != 0) { 760 header->is_in_fec_group = IN_FEC_GROUP; 761 uint8 first_fec_protected_packet_offset; 762 if (!reader_->ReadBytes(&first_fec_protected_packet_offset, 1)) { 763 set_detailed_error("Unable to read first fec protected packet offset."); 764 return RaiseError(QUIC_INVALID_PACKET_HEADER); 765 } 766 header->fec_group = 767 header->packet_sequence_number - first_fec_protected_packet_offset; 768 } 769 770 header->entropy_hash = GetPacketEntropyHash(*header); 771 // Set the last sequence number after we have decrypted the packet 772 // so we are confident is not attacker controlled. 773 last_sequence_number_ = header->packet_sequence_number; 774 return true; 775} 776 777bool QuicFramer::ProcessPacketSequenceNumber( 778 QuicSequenceNumberLength sequence_number_length, 779 QuicPacketSequenceNumber* sequence_number) { 780 QuicPacketSequenceNumber wire_sequence_number = 0u; 781 if (!reader_->ReadBytes(&wire_sequence_number, sequence_number_length)) { 782 return false; 783 } 784 785 // TODO(ianswett): Explore the usefulness of trying multiple sequence numbers 786 // in case the first guess is incorrect. 787 *sequence_number = 788 CalculatePacketSequenceNumberFromWire(sequence_number_length, 789 wire_sequence_number); 790 return true; 791} 792 793bool QuicFramer::ProcessFrameData() { 794 if (reader_->IsDoneReading()) { 795 set_detailed_error("Unable to read frame type."); 796 return RaiseError(QUIC_INVALID_FRAME_DATA); 797 } 798 while (!reader_->IsDoneReading()) { 799 uint8 frame_type; 800 if (!reader_->ReadBytes(&frame_type, 1)) { 801 set_detailed_error("Unable to read frame type."); 802 return RaiseError(QUIC_INVALID_FRAME_DATA); 803 } 804 switch (frame_type) { 805 case PADDING_FRAME: 806 // We're done with the packet 807 return true; 808 case STREAM_FRAME: { 809 QuicStreamFrame frame; 810 if (!ProcessStreamFrame(&frame)) { 811 return RaiseError(QUIC_INVALID_FRAME_DATA); 812 } 813 if (!visitor_->OnStreamFrame(frame)) { 814 DLOG(INFO) << "Visitor asked to stopped further processing."; 815 // Returning true since there was no parsing error. 816 return true; 817 } 818 break; 819 } 820 case ACK_FRAME: { 821 QuicAckFrame frame; 822 if (!ProcessAckFrame(&frame)) { 823 return RaiseError(QUIC_INVALID_FRAME_DATA); 824 } 825 if (!visitor_->OnAckFrame(frame)) { 826 DLOG(INFO) << "Visitor asked to stopped further processing."; 827 // Returning true since there was no parsing error. 828 return true; 829 } 830 break; 831 } 832 case CONGESTION_FEEDBACK_FRAME: { 833 QuicCongestionFeedbackFrame frame; 834 if (!ProcessQuicCongestionFeedbackFrame(&frame)) { 835 return RaiseError(QUIC_INVALID_FRAME_DATA); 836 } 837 if (!visitor_->OnCongestionFeedbackFrame(frame)) { 838 DLOG(INFO) << "Visitor asked to stopped further processing."; 839 // Returning true since there was no parsing error. 840 return true; 841 } 842 break; 843 } 844 case RST_STREAM_FRAME: { 845 QuicRstStreamFrame frame; 846 if (!ProcessRstStreamFrame(&frame)) { 847 return RaiseError(QUIC_INVALID_RST_STREAM_DATA); 848 } 849 if (!visitor_->OnRstStreamFrame(frame)) { 850 DLOG(INFO) << "Visitor asked to stopped further processing."; 851 // Returning true since there was no parsing error. 852 return true; 853 } 854 break; 855 } 856 case CONNECTION_CLOSE_FRAME: { 857 QuicConnectionCloseFrame frame; 858 if (!ProcessConnectionCloseFrame(&frame)) { 859 return RaiseError(QUIC_INVALID_CONNECTION_CLOSE_DATA); 860 } 861 862 if (!visitor_->OnAckFrame(frame.ack_frame)) { 863 DLOG(INFO) << "Visitor asked to stopped further processing."; 864 // Returning true since there was no parsing error. 865 return true; 866 } 867 868 if (!visitor_->OnConnectionCloseFrame(frame)) { 869 DLOG(INFO) << "Visitor asked to stopped further processing."; 870 // Returning true since there was no parsing error. 871 return true; 872 } 873 break; 874 } 875 case GOAWAY_FRAME: { 876 QuicGoAwayFrame goaway_frame; 877 if (!ProcessGoAwayFrame(&goaway_frame)) { 878 return RaiseError(QUIC_INVALID_GOAWAY_DATA); 879 } 880 if (!visitor_->OnGoAwayFrame(goaway_frame)) { 881 DLOG(INFO) << "Visitor asked to stopped further processing."; 882 // Returning true since there was no parsing error. 883 return true; 884 } 885 break; 886 } 887 default: 888 set_detailed_error("Illegal frame type."); 889 DLOG(WARNING) << "Illegal frame type: " 890 << static_cast<int>(frame_type); 891 return RaiseError(QUIC_INVALID_FRAME_DATA); 892 } 893 } 894 895 return true; 896} 897 898bool QuicFramer::ProcessStreamFrame(QuicStreamFrame* frame) { 899 if (!reader_->ReadUInt32(&frame->stream_id)) { 900 set_detailed_error("Unable to read stream_id."); 901 return false; 902 } 903 904 uint8 fin; 905 if (!reader_->ReadBytes(&fin, 1)) { 906 set_detailed_error("Unable to read fin."); 907 return false; 908 } 909 if (fin > 1) { 910 set_detailed_error("Invalid fin value."); 911 return false; 912 } 913 frame->fin = (fin == 1); 914 915 if (!reader_->ReadUInt64(&frame->offset)) { 916 set_detailed_error("Unable to read offset."); 917 return false; 918 } 919 920 if (!reader_->ReadStringPiece16(&frame->data)) { 921 set_detailed_error("Unable to read frame data."); 922 return false; 923 } 924 925 return true; 926} 927 928bool QuicFramer::ProcessAckFrame(QuicAckFrame* frame) { 929 if (!ProcessSentInfo(&frame->sent_info)) { 930 return false; 931 } 932 if (!ProcessReceivedInfo(&frame->received_info)) { 933 return false; 934 } 935 return true; 936} 937 938bool QuicFramer::ProcessReceivedInfo(ReceivedPacketInfo* received_info) { 939 if (!reader_->ReadBytes(&received_info->entropy_hash, 1)) { 940 set_detailed_error("Unable to read entropy hash for received packets."); 941 return false; 942 } 943 944 if (!ProcessPacketSequenceNumber(PACKET_6BYTE_SEQUENCE_NUMBER, 945 &received_info->largest_observed)) { 946 set_detailed_error("Unable to read largest observed."); 947 return false; 948 } 949 950 uint32 delta_time_largest_observed_us; 951 if (!reader_->ReadUInt32(&delta_time_largest_observed_us)) { 952 set_detailed_error("Unable to read delta time largest observed."); 953 return false; 954 } 955 956 if (delta_time_largest_observed_us == kInvalidDeltaTime) { 957 received_info->delta_time_largest_observed = QuicTime::Delta::Infinite(); 958 } else { 959 received_info->delta_time_largest_observed = 960 QuicTime::Delta::FromMicroseconds(delta_time_largest_observed_us); 961 } 962 963 uint8 num_missing_packets; 964 if (!reader_->ReadBytes(&num_missing_packets, 1)) { 965 set_detailed_error("Unable to read num missing packets."); 966 return false; 967 } 968 969 for (int i = 0; i < num_missing_packets; ++i) { 970 QuicPacketSequenceNumber sequence_number; 971 if (!ProcessPacketSequenceNumber(PACKET_6BYTE_SEQUENCE_NUMBER, 972 &sequence_number)) { 973 set_detailed_error("Unable to read sequence number in missing packets."); 974 return false; 975 } 976 received_info->missing_packets.insert(sequence_number); 977 } 978 979 return true; 980} 981 982bool QuicFramer::ProcessSentInfo(SentPacketInfo* sent_info) { 983 if (!reader_->ReadBytes(&sent_info->entropy_hash, 1)) { 984 set_detailed_error("Unable to read entropy hash for sent packets."); 985 return false; 986 } 987 988 if (!ProcessPacketSequenceNumber(PACKET_6BYTE_SEQUENCE_NUMBER, 989 &sent_info->least_unacked)) { 990 set_detailed_error("Unable to read least unacked."); 991 return false; 992 } 993 994 return true; 995} 996 997bool QuicFramer::ProcessQuicCongestionFeedbackFrame( 998 QuicCongestionFeedbackFrame* frame) { 999 uint8 feedback_type; 1000 if (!reader_->ReadBytes(&feedback_type, 1)) { 1001 set_detailed_error("Unable to read congestion feedback type."); 1002 return false; 1003 } 1004 frame->type = 1005 static_cast<CongestionFeedbackType>(feedback_type); 1006 1007 switch (frame->type) { 1008 case kInterArrival: { 1009 CongestionFeedbackMessageInterArrival* inter_arrival = 1010 &frame->inter_arrival; 1011 if (!reader_->ReadUInt16( 1012 &inter_arrival->accumulated_number_of_lost_packets)) { 1013 set_detailed_error( 1014 "Unable to read accumulated number of lost packets."); 1015 return false; 1016 } 1017 uint8 num_received_packets; 1018 if (!reader_->ReadBytes(&num_received_packets, 1)) { 1019 set_detailed_error("Unable to read num received packets."); 1020 return false; 1021 } 1022 1023 if (num_received_packets > 0u) { 1024 uint64 smallest_received; 1025 if (!ProcessPacketSequenceNumber(PACKET_6BYTE_SEQUENCE_NUMBER, 1026 &smallest_received)) { 1027 set_detailed_error("Unable to read smallest received."); 1028 return false; 1029 } 1030 1031 uint64 time_received_us; 1032 if (!reader_->ReadUInt64(&time_received_us)) { 1033 set_detailed_error("Unable to read time received."); 1034 return false; 1035 } 1036 QuicTime time_received = creation_time_.Add( 1037 QuicTime::Delta::FromMicroseconds(time_received_us)); 1038 1039 inter_arrival->received_packet_times.insert( 1040 make_pair(smallest_received, time_received)); 1041 1042 for (int i = 0; i < num_received_packets - 1; ++i) { 1043 uint16 sequence_delta; 1044 if (!reader_->ReadUInt16(&sequence_delta)) { 1045 set_detailed_error( 1046 "Unable to read sequence delta in received packets."); 1047 return false; 1048 } 1049 1050 int32 time_delta_us; 1051 if (!reader_->ReadBytes(&time_delta_us, sizeof(time_delta_us))) { 1052 set_detailed_error( 1053 "Unable to read time delta in received packets."); 1054 return false; 1055 } 1056 QuicPacketSequenceNumber packet = smallest_received + sequence_delta; 1057 inter_arrival->received_packet_times.insert( 1058 make_pair(packet, time_received.Add( 1059 QuicTime::Delta::FromMicroseconds(time_delta_us)))); 1060 } 1061 } 1062 break; 1063 } 1064 case kFixRate: { 1065 uint32 bitrate = 0; 1066 if (!reader_->ReadUInt32(&bitrate)) { 1067 set_detailed_error("Unable to read bitrate."); 1068 return false; 1069 } 1070 frame->fix_rate.bitrate = QuicBandwidth::FromBytesPerSecond(bitrate); 1071 break; 1072 } 1073 case kTCP: { 1074 CongestionFeedbackMessageTCP* tcp = &frame->tcp; 1075 if (!reader_->ReadUInt16(&tcp->accumulated_number_of_lost_packets)) { 1076 set_detailed_error( 1077 "Unable to read accumulated number of lost packets."); 1078 return false; 1079 } 1080 uint16 receive_window = 0; 1081 if (!reader_->ReadUInt16(&receive_window)) { 1082 set_detailed_error("Unable to read receive window."); 1083 return false; 1084 } 1085 // Simple bit packing, don't send the 4 least significant bits. 1086 tcp->receive_window = static_cast<QuicByteCount>(receive_window) << 4; 1087 break; 1088 } 1089 default: 1090 set_detailed_error("Illegal congestion feedback type."); 1091 DLOG(WARNING) << "Illegal congestion feedback type: " 1092 << frame->type; 1093 return RaiseError(QUIC_INVALID_FRAME_DATA); 1094 } 1095 1096 return true; 1097} 1098 1099bool QuicFramer::ProcessRstStreamFrame(QuicRstStreamFrame* frame) { 1100 if (!reader_->ReadUInt32(&frame->stream_id)) { 1101 set_detailed_error("Unable to read stream_id."); 1102 return false; 1103 } 1104 1105 uint32 error_code; 1106 if (!reader_->ReadUInt32(&error_code)) { 1107 set_detailed_error("Unable to read rst stream error code."); 1108 return false; 1109 } 1110 1111 if (error_code >= QUIC_STREAM_LAST_ERROR || 1112 error_code < QUIC_STREAM_NO_ERROR) { 1113 set_detailed_error("Invalid rst stream error code."); 1114 return false; 1115 } 1116 1117 frame->error_code = static_cast<QuicRstStreamErrorCode>(error_code); 1118 1119 StringPiece error_details; 1120 if (!reader_->ReadStringPiece16(&error_details)) { 1121 set_detailed_error("Unable to read rst stream error details."); 1122 return false; 1123 } 1124 frame->error_details = error_details.as_string(); 1125 1126 return true; 1127} 1128 1129bool QuicFramer::ProcessConnectionCloseFrame(QuicConnectionCloseFrame* frame) { 1130 uint32 error_code; 1131 if (!reader_->ReadUInt32(&error_code)) { 1132 set_detailed_error("Unable to read connection close error code."); 1133 return false; 1134 } 1135 1136 if (error_code >= QUIC_LAST_ERROR || 1137 error_code < QUIC_NO_ERROR) { 1138 set_detailed_error("Invalid error code."); 1139 return false; 1140 } 1141 1142 frame->error_code = static_cast<QuicErrorCode>(error_code); 1143 1144 StringPiece error_details; 1145 if (!reader_->ReadStringPiece16(&error_details)) { 1146 set_detailed_error("Unable to read connection close error details."); 1147 return false; 1148 } 1149 frame->error_details = error_details.as_string(); 1150 1151 if (!ProcessAckFrame(&frame->ack_frame)) { 1152 DLOG(WARNING) << "Unable to process ack frame."; 1153 return false; 1154 } 1155 1156 return true; 1157} 1158 1159bool QuicFramer::ProcessGoAwayFrame(QuicGoAwayFrame* frame) { 1160 uint32 error_code; 1161 if (!reader_->ReadUInt32(&error_code)) { 1162 set_detailed_error("Unable to read go away error code."); 1163 return false; 1164 } 1165 frame->error_code = static_cast<QuicErrorCode>(error_code); 1166 1167 if (error_code >= QUIC_LAST_ERROR || 1168 error_code < QUIC_NO_ERROR) { 1169 set_detailed_error("Invalid error code."); 1170 return false; 1171 } 1172 1173 uint32 stream_id; 1174 if (!reader_->ReadUInt32(&stream_id)) { 1175 set_detailed_error("Unable to read last good stream id."); 1176 return false; 1177 } 1178 frame->last_good_stream_id = static_cast<QuicStreamId>(stream_id); 1179 1180 StringPiece reason_phrase; 1181 if (!reader_->ReadStringPiece16(&reason_phrase)) { 1182 set_detailed_error("Unable to read goaway reason."); 1183 return false; 1184 } 1185 frame->reason_phrase = reason_phrase.as_string(); 1186 1187 return true; 1188} 1189 1190// static 1191StringPiece QuicFramer::GetAssociatedDataFromEncryptedPacket( 1192 const QuicEncryptedPacket& encrypted, 1193 QuicGuidLength guid_length, 1194 bool includes_version, 1195 QuicSequenceNumberLength sequence_number_length) { 1196 return StringPiece(encrypted.data() + kStartOfHashData, 1197 GetStartOfEncryptedData( 1198 guid_length, includes_version, sequence_number_length) 1199 - kStartOfHashData); 1200} 1201 1202void QuicFramer::SetDecrypter(QuicDecrypter* decrypter) { 1203 DCHECK(alternative_decrypter_.get() == NULL); 1204 decrypter_.reset(decrypter); 1205} 1206 1207void QuicFramer::SetAlternativeDecrypter(QuicDecrypter* decrypter, 1208 bool latch_once_used) { 1209 alternative_decrypter_.reset(decrypter); 1210 alternative_decrypter_latch_ = latch_once_used; 1211} 1212 1213const QuicDecrypter* QuicFramer::decrypter() const { 1214 return decrypter_.get(); 1215} 1216 1217const QuicDecrypter* QuicFramer::alternative_decrypter() const { 1218 return alternative_decrypter_.get(); 1219} 1220 1221void QuicFramer::SetEncrypter(EncryptionLevel level, 1222 QuicEncrypter* encrypter) { 1223 DCHECK_GE(level, 0); 1224 DCHECK_LT(level, NUM_ENCRYPTION_LEVELS); 1225 encrypter_[level].reset(encrypter); 1226} 1227 1228const QuicEncrypter* QuicFramer::encrypter(EncryptionLevel level) const { 1229 DCHECK_GE(level, 0); 1230 DCHECK_LT(level, NUM_ENCRYPTION_LEVELS); 1231 DCHECK(encrypter_[level].get() != NULL); 1232 return encrypter_[level].get(); 1233} 1234 1235void QuicFramer::SwapCryptersForTest(QuicFramer* other) { 1236 for (int i = ENCRYPTION_NONE; i < NUM_ENCRYPTION_LEVELS; i++) { 1237 encrypter_[i].swap(other->encrypter_[i]); 1238 } 1239 decrypter_.swap(other->decrypter_); 1240 alternative_decrypter_.swap(other->alternative_decrypter_); 1241 1242 const bool other_latch = other->alternative_decrypter_latch_; 1243 other->alternative_decrypter_latch_ = alternative_decrypter_latch_; 1244 alternative_decrypter_latch_ = other_latch; 1245} 1246 1247QuicEncryptedPacket* QuicFramer::EncryptPacket( 1248 EncryptionLevel level, 1249 QuicPacketSequenceNumber packet_sequence_number, 1250 const QuicPacket& packet) { 1251 DCHECK(encrypter_[level].get() != NULL); 1252 1253 scoped_ptr<QuicData> out(encrypter_[level]->EncryptPacket( 1254 packet_sequence_number, packet.AssociatedData(), packet.Plaintext())); 1255 if (out.get() == NULL) { 1256 RaiseError(QUIC_ENCRYPTION_FAILURE); 1257 return NULL; 1258 } 1259 StringPiece header_data = packet.BeforePlaintext(); 1260 size_t len = header_data.length() + out->length(); 1261 char* buffer = new char[len]; 1262 // TODO(rch): eliminate this buffer copy by passing in a buffer to Encrypt(). 1263 memcpy(buffer, header_data.data(), header_data.length()); 1264 memcpy(buffer + header_data.length(), out->data(), out->length()); 1265 return new QuicEncryptedPacket(buffer, len, true); 1266} 1267 1268size_t QuicFramer::GetMaxPlaintextSize(size_t ciphertext_size) { 1269 // In order to keep the code simple, we don't have the current encryption 1270 // level to hand. At the moment, the NullEncrypter has a tag length of 16 1271 // bytes and AES-GCM has a tag length of 12. We take the minimum plaintext 1272 // length just to be safe. 1273 size_t min_plaintext_size = ciphertext_size; 1274 1275 for (int i = ENCRYPTION_NONE; i < NUM_ENCRYPTION_LEVELS; i++) { 1276 if (encrypter_[i].get() != NULL) { 1277 size_t size = encrypter_[i]->GetMaxPlaintextSize(ciphertext_size); 1278 if (size < min_plaintext_size) { 1279 min_plaintext_size = size; 1280 } 1281 } 1282 } 1283 1284 return min_plaintext_size; 1285} 1286 1287bool QuicFramer::DecryptPayload(const QuicPacketHeader& header, 1288 const QuicEncryptedPacket& packet) { 1289 StringPiece encrypted; 1290 if (!reader_->ReadStringPiece(&encrypted, reader_->BytesRemaining())) { 1291 return false; 1292 } 1293 DCHECK(decrypter_.get() != NULL); 1294 decrypted_.reset(decrypter_->DecryptPacket( 1295 header.packet_sequence_number, 1296 GetAssociatedDataFromEncryptedPacket( 1297 packet, 1298 header.public_header.guid_length, 1299 header.public_header.version_flag, 1300 header.public_header.sequence_number_length), 1301 encrypted)); 1302 if (decrypted_.get() == NULL && alternative_decrypter_.get() != NULL) { 1303 decrypted_.reset(alternative_decrypter_->DecryptPacket( 1304 header.packet_sequence_number, 1305 GetAssociatedDataFromEncryptedPacket( 1306 packet, 1307 header.public_header.guid_length, 1308 header.public_header.version_flag, 1309 header.public_header.sequence_number_length), 1310 encrypted)); 1311 if (decrypted_.get() != NULL) { 1312 if (alternative_decrypter_latch_) { 1313 // Switch to the alternative decrypter and latch so that we cannot 1314 // switch back. 1315 decrypter_.reset(alternative_decrypter_.release()); 1316 } else { 1317 // Switch the alternative decrypter so that we use it first next time. 1318 decrypter_.swap(alternative_decrypter_); 1319 } 1320 } 1321 } 1322 1323 if (decrypted_.get() == NULL) { 1324 return false; 1325 } 1326 1327 reader_.reset(new QuicDataReader(decrypted_->data(), decrypted_->length())); 1328 return true; 1329} 1330 1331size_t QuicFramer::ComputeFrameLength(const QuicFrame& frame) { 1332 switch (frame.type) { 1333 case STREAM_FRAME: 1334 return GetMinStreamFrameSize() + frame.stream_frame->data.size(); 1335 case ACK_FRAME: { 1336 const QuicAckFrame& ack = *frame.ack_frame; 1337 return GetMinAckFrameSize() + PACKET_6BYTE_SEQUENCE_NUMBER * 1338 ack.received_info.missing_packets.size(); 1339 } 1340 case CONGESTION_FEEDBACK_FRAME: { 1341 size_t len = kQuicFrameTypeSize; 1342 const QuicCongestionFeedbackFrame& congestion_feedback = 1343 *frame.congestion_feedback_frame; 1344 len += 1; // Congestion feedback type. 1345 1346 switch (congestion_feedback.type) { 1347 case kInterArrival: { 1348 const CongestionFeedbackMessageInterArrival& inter_arrival = 1349 congestion_feedback.inter_arrival; 1350 len += 2; 1351 len += 1; // Number received packets. 1352 if (inter_arrival.received_packet_times.size() > 0) { 1353 len += PACKET_6BYTE_SEQUENCE_NUMBER; // Smallest received. 1354 len += 8; // Time. 1355 // 2 bytes per sequence number delta plus 4 bytes per delta time. 1356 len += PACKET_6BYTE_SEQUENCE_NUMBER * 1357 (inter_arrival.received_packet_times.size() - 1); 1358 } 1359 break; 1360 } 1361 case kFixRate: 1362 len += 4; 1363 break; 1364 case kTCP: 1365 len += 4; 1366 break; 1367 default: 1368 set_detailed_error("Illegal feedback type."); 1369 DLOG(INFO) << "Illegal feedback type: " << congestion_feedback.type; 1370 break; 1371 } 1372 return len; 1373 } 1374 case RST_STREAM_FRAME: 1375 return GetMinRstStreamFrameSize() + 1376 frame.rst_stream_frame->error_details.size(); 1377 case CONNECTION_CLOSE_FRAME: { 1378 const QuicAckFrame& ack = frame.connection_close_frame->ack_frame; 1379 return GetMinConnectionCloseFrameSize() + 1380 frame.connection_close_frame->error_details.size() + 1381 PACKET_6BYTE_SEQUENCE_NUMBER * 1382 ack.received_info.missing_packets.size(); 1383 } 1384 case GOAWAY_FRAME: 1385 return GetMinGoAwayFrameSize() + frame.goaway_frame->reason_phrase.size(); 1386 case PADDING_FRAME: 1387 DCHECK(false); 1388 return 0; 1389 case NUM_FRAME_TYPES: 1390 DCHECK(false); 1391 return 0; 1392 } 1393 1394 // Not reachable, but some Chrome compilers can't figure that out. *sigh* 1395 DCHECK(false); 1396 return 0; 1397} 1398 1399// static 1400bool QuicFramer::AppendPacketSequenceNumber( 1401 QuicSequenceNumberLength sequence_number_length, 1402 QuicPacketSequenceNumber packet_sequence_number, 1403 QuicDataWriter* writer) { 1404 // Ensure the entire sequence number can be written. 1405 if (writer->capacity() - writer->length() < 1406 static_cast<size_t>(sequence_number_length)) { 1407 return false; 1408 } 1409 switch (sequence_number_length) { 1410 case PACKET_1BYTE_SEQUENCE_NUMBER: 1411 return writer->WriteUInt8( 1412 packet_sequence_number & k1ByteSequenceNumberMask); 1413 break; 1414 case PACKET_2BYTE_SEQUENCE_NUMBER: 1415 return writer->WriteUInt16( 1416 packet_sequence_number & k2ByteSequenceNumberMask); 1417 break; 1418 case PACKET_4BYTE_SEQUENCE_NUMBER: 1419 return writer->WriteUInt32( 1420 packet_sequence_number & k4ByteSequenceNumberMask); 1421 break; 1422 case PACKET_6BYTE_SEQUENCE_NUMBER: 1423 return writer->WriteUInt48( 1424 packet_sequence_number & k6ByteSequenceNumberMask); 1425 break; 1426 default: 1427 NOTREACHED() << "sequence_number_length: " << sequence_number_length; 1428 return false; 1429 } 1430} 1431 1432bool QuicFramer::AppendStreamFramePayload( 1433 const QuicStreamFrame& frame, 1434 QuicDataWriter* writer) { 1435 if (!writer->WriteUInt32(frame.stream_id)) { 1436 return false; 1437 } 1438 if (!writer->WriteUInt8(frame.fin)) { 1439 return false; 1440 } 1441 if (!writer->WriteUInt64(frame.offset)) { 1442 return false; 1443 } 1444 if (!writer->WriteUInt16(frame.data.size())) { 1445 return false; 1446 } 1447 if (!writer->WriteBytes(frame.data.data(), frame.data.size())) { 1448 return false; 1449 } 1450 return true; 1451} 1452 1453QuicPacketSequenceNumber QuicFramer::CalculateLargestObserved( 1454 const SequenceNumberSet& missing_packets, 1455 SequenceNumberSet::const_iterator largest_written) { 1456 SequenceNumberSet::const_iterator it = largest_written; 1457 QuicPacketSequenceNumber previous_missing = *it; 1458 ++it; 1459 1460 // See if the next thing is a gap in the missing packets: if it's a 1461 // non-missing packet we can return it. 1462 if (it != missing_packets.end() && previous_missing + 1 != *it) { 1463 return *it - 1; 1464 } 1465 1466 // Otherwise return the largest missing packet, as indirectly observed. 1467 return *largest_written; 1468} 1469 1470// TODO(ianswett): Use varints or another more compact approach for all deltas. 1471bool QuicFramer::AppendAckFramePayload( 1472 const QuicAckFrame& frame, 1473 QuicDataWriter* writer) { 1474 // TODO(satyamshekhar): Decide how often we really should send this 1475 // entropy_hash update. 1476 if (!writer->WriteUInt8(frame.sent_info.entropy_hash)) { 1477 return false; 1478 } 1479 1480 if (!AppendPacketSequenceNumber(PACKET_6BYTE_SEQUENCE_NUMBER, 1481 frame.sent_info.least_unacked, writer)) { 1482 return false; 1483 } 1484 1485 size_t received_entropy_offset = writer->length(); 1486 if (!writer->WriteUInt8(frame.received_info.entropy_hash)) { 1487 return false; 1488 } 1489 1490 size_t largest_observed_offset = writer->length(); 1491 if (!AppendPacketSequenceNumber(PACKET_6BYTE_SEQUENCE_NUMBER, 1492 frame.received_info.largest_observed, 1493 writer)) { 1494 return false; 1495 } 1496 uint32 delta_time_largest_observed_us = kInvalidDeltaTime; 1497 if (!frame.received_info.delta_time_largest_observed.IsInfinite()) { 1498 delta_time_largest_observed_us = 1499 frame.received_info.delta_time_largest_observed.ToMicroseconds(); 1500 } 1501 1502 size_t delta_time_largest_observed_offset = writer->length(); 1503 if (!writer->WriteUInt32(delta_time_largest_observed_us)) { 1504 return false; 1505 } 1506 1507 // We don't check for overflowing uint8 here, because we only can fit 192 acks 1508 // per packet, so if we overflow we will be truncated. 1509 uint8 num_missing_packets = frame.received_info.missing_packets.size(); 1510 size_t num_missing_packets_offset = writer->length(); 1511 if (!writer->WriteBytes(&num_missing_packets, 1)) { 1512 return false; 1513 } 1514 1515 SequenceNumberSet::const_iterator it = 1516 frame.received_info.missing_packets.begin(); 1517 int num_missing_packets_written = 0; 1518 for (; it != frame.received_info.missing_packets.end(); ++it) { 1519 if (!AppendPacketSequenceNumber(PACKET_6BYTE_SEQUENCE_NUMBER, 1520 *it, writer)) { 1521 // We are truncating. 1522 QuicPacketSequenceNumber largest_observed = 1523 CalculateLargestObserved(frame.received_info.missing_packets, --it); 1524 // Overwrite entropy hash for received packets. 1525 writer->WriteUInt8ToOffset( 1526 entropy_calculator_->ReceivedEntropyHash(largest_observed), 1527 received_entropy_offset); 1528 // Overwrite largest_observed. 1529 writer->WriteUInt48ToOffset(largest_observed & k6ByteSequenceNumberMask, 1530 largest_observed_offset); 1531 writer->WriteUInt32ToOffset(kInvalidDeltaTime, 1532 delta_time_largest_observed_offset); 1533 writer->WriteUInt8ToOffset(num_missing_packets_written, 1534 num_missing_packets_offset); 1535 return true; 1536 } 1537 ++num_missing_packets_written; 1538 DCHECK_GE(numeric_limits<uint8>::max(), num_missing_packets_written); 1539 } 1540 1541 return true; 1542} 1543 1544bool QuicFramer::AppendQuicCongestionFeedbackFramePayload( 1545 const QuicCongestionFeedbackFrame& frame, 1546 QuicDataWriter* writer) { 1547 if (!writer->WriteBytes(&frame.type, 1)) { 1548 return false; 1549 } 1550 1551 switch (frame.type) { 1552 case kInterArrival: { 1553 const CongestionFeedbackMessageInterArrival& inter_arrival = 1554 frame.inter_arrival; 1555 if (!writer->WriteUInt16( 1556 inter_arrival.accumulated_number_of_lost_packets)) { 1557 return false; 1558 } 1559 DCHECK_GE(numeric_limits<uint8>::max(), 1560 inter_arrival.received_packet_times.size()); 1561 if (inter_arrival.received_packet_times.size() > 1562 numeric_limits<uint8>::max()) { 1563 return false; 1564 } 1565 // TODO(ianswett): Make num_received_packets a varint. 1566 uint8 num_received_packets = 1567 inter_arrival.received_packet_times.size(); 1568 if (!writer->WriteBytes(&num_received_packets, 1)) { 1569 return false; 1570 } 1571 if (num_received_packets > 0) { 1572 TimeMap::const_iterator it = 1573 inter_arrival.received_packet_times.begin(); 1574 1575 QuicPacketSequenceNumber lowest_sequence = it->first; 1576 if (!AppendPacketSequenceNumber(PACKET_6BYTE_SEQUENCE_NUMBER, 1577 lowest_sequence, writer)) { 1578 return false; 1579 } 1580 1581 QuicTime lowest_time = it->second; 1582 if (!writer->WriteUInt64( 1583 lowest_time.Subtract(creation_time_).ToMicroseconds())) { 1584 return false; 1585 } 1586 1587 for (++it; it != inter_arrival.received_packet_times.end(); ++it) { 1588 QuicPacketSequenceNumber sequence_delta = it->first - lowest_sequence; 1589 DCHECK_GE(numeric_limits<uint16>::max(), sequence_delta); 1590 if (sequence_delta > numeric_limits<uint16>::max()) { 1591 return false; 1592 } 1593 if (!writer->WriteUInt16(static_cast<uint16>(sequence_delta))) { 1594 return false; 1595 } 1596 1597 int32 time_delta_us = 1598 it->second.Subtract(lowest_time).ToMicroseconds(); 1599 if (!writer->WriteBytes(&time_delta_us, sizeof(time_delta_us))) { 1600 return false; 1601 } 1602 } 1603 } 1604 break; 1605 } 1606 case kFixRate: { 1607 const CongestionFeedbackMessageFixRate& fix_rate = 1608 frame.fix_rate; 1609 if (!writer->WriteUInt32(fix_rate.bitrate.ToBytesPerSecond())) { 1610 return false; 1611 } 1612 break; 1613 } 1614 case kTCP: { 1615 const CongestionFeedbackMessageTCP& tcp = frame.tcp; 1616 DCHECK_LE(tcp.receive_window, 1u << 20); 1617 // Simple bit packing, don't send the 4 least significant bits. 1618 uint16 receive_window = static_cast<uint16>(tcp.receive_window >> 4); 1619 if (!writer->WriteUInt16(tcp.accumulated_number_of_lost_packets)) { 1620 return false; 1621 } 1622 if (!writer->WriteUInt16(receive_window)) { 1623 return false; 1624 } 1625 break; 1626 } 1627 default: 1628 return false; 1629 } 1630 1631 return true; 1632} 1633 1634bool QuicFramer::AppendRstStreamFramePayload( 1635 const QuicRstStreamFrame& frame, 1636 QuicDataWriter* writer) { 1637 if (!writer->WriteUInt32(frame.stream_id)) { 1638 return false; 1639 } 1640 1641 uint32 error_code = static_cast<uint32>(frame.error_code); 1642 if (!writer->WriteUInt32(error_code)) { 1643 return false; 1644 } 1645 1646 if (!writer->WriteStringPiece16(frame.error_details)) { 1647 return false; 1648 } 1649 return true; 1650} 1651 1652bool QuicFramer::AppendConnectionCloseFramePayload( 1653 const QuicConnectionCloseFrame& frame, 1654 QuicDataWriter* writer) { 1655 uint32 error_code = static_cast<uint32>(frame.error_code); 1656 if (!writer->WriteUInt32(error_code)) { 1657 return false; 1658 } 1659 if (!writer->WriteStringPiece16(frame.error_details)) { 1660 return false; 1661 } 1662 AppendAckFramePayload(frame.ack_frame, writer); 1663 return true; 1664} 1665 1666bool QuicFramer::AppendGoAwayFramePayload(const QuicGoAwayFrame& frame, 1667 QuicDataWriter* writer) { 1668 uint32 error_code = static_cast<uint32>(frame.error_code); 1669 if (!writer->WriteUInt32(error_code)) { 1670 return false; 1671 } 1672 uint32 stream_id = static_cast<uint32>(frame.last_good_stream_id); 1673 if (!writer->WriteUInt32(stream_id)) { 1674 return false; 1675 } 1676 if (!writer->WriteStringPiece16(frame.reason_phrase)) { 1677 return false; 1678 } 1679 return true; 1680} 1681 1682bool QuicFramer::RaiseError(QuicErrorCode error) { 1683 DLOG(INFO) << detailed_error_; 1684 set_error(error); 1685 visitor_->OnError(this); 1686 reader_.reset(NULL); 1687 return false; 1688} 1689 1690} // namespace net 1691