ssl/test/mock_quic_transport.cc - boringssl - Git at Google

 /* Copyright (c) 2019, Google Inc.
  *
  * Permission to use, copy, modify, and/or distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

 #include "mock_quic_transport.h"

 #include <openssl/span.h>

 #include <cstring>
 #include <limits>

 namespace {

 const uint8_t kTagHandshake = 'H';
 const uint8_t kTagApplication = 'A';
 const uint8_t kTagAlert = 'L';

 }  // namespace

 MockQuicTransport::MockQuicTransport(bssl::UniquePtr<BIO> bio, SSL *ssl)
     : bio_(std::move(bio)),
       read_levels_(ssl_encryption_application + 1),
       write_levels_(ssl_encryption_application + 1),
       ssl_(ssl) {}

 bool MockQuicTransport::SetReadSecret(enum ssl_encryption_level_t level,
                                       const SSL_CIPHER *cipher,
                                       const uint8_t *secret,
                                       size_t secret_len) {
   // TODO(davidben): Assert the various encryption secret invariants.
   read_levels_[level].cipher = SSL_CIPHER_get_value(cipher);
   read_levels_[level].secret.assign(secret, secret + secret_len);
   return true;
 }

 bool MockQuicTransport::SetWriteSecret(enum ssl_encryption_level_t level,
                                        const SSL_CIPHER *cipher,
                                        const uint8_t *secret,
                                        size_t secret_len) {
   // TODO(davidben): Assert the various encryption secret invariants.
   write_levels_[level].cipher = SSL_CIPHER_get_value(cipher);
   write_levels_[level].secret.assign(secret, secret + secret_len);
   return true;
 }

 namespace {

 bool ReadAll(BIO *bio, bssl::Span<uint8_t> out) {
   size_t len = out.size();
   uint8_t *buf = out.data();
   while (len > 0) {
     int chunk_len = std::numeric_limits<int>::max();
     if (len <= static_cast<unsigned int>(std::numeric_limits<int>::max())) {
       chunk_len = len;
     }
     int ret = BIO_read(bio, buf, chunk_len);
     if (ret <= 0) {
       return false;
     }
     buf += ret;
     len -= ret;
   }
   return true;
 }

 }  // namespace

 bool MockQuicTransport::ReadHeader(uint8_t *out_tag, size_t *out_len) {
   uint8_t header[7];
   if (!ReadAll(bio_.get(), header)) {
     return false;
   }
   *out_tag = header[0];
   uint16_t cipher_suite = header[1] << 8 | header[2];
   size_t remaining_bytes =
       header[3] << 24 | header[4] << 16 | header[5] << 8 | header[6];

   enum ssl_encryption_level_t level = SSL_quic_read_level(ssl_);
   if (*out_tag == kTagApplication) {
     if (SSL_in_early_data(ssl_)) {
       level = ssl_encryption_early_data;
     } else {
       level = ssl_encryption_application;
     }
   }
   if (cipher_suite != read_levels_[level].cipher) {
     return false;
   }
   const std::vector<uint8_t> &secret = read_levels_[level].secret;
   std::vector<uint8_t> read_secret(secret.size());
   if (remaining_bytes < secret.size()) {
     return false;
   }
   remaining_bytes -= secret.size();
   if (!ReadAll(bio_.get(), bssl::MakeSpan(read_secret)) ||
       read_secret != secret) {
     return false;
   }
   *out_len = remaining_bytes;
   return true;
 }

 bool MockQuicTransport::ReadHandshake() {
   uint8_t tag;
   size_t len;
   if (!ReadHeader(&tag, &len)) {
     return false;
   }
   if (tag != kTagHandshake) {
     return false;
   }

   std::vector<uint8_t> buf(len);
   if (!ReadAll(bio_.get(), bssl::MakeSpan(buf))) {
     return false;
   }
   return SSL_provide_quic_data(ssl_, SSL_quic_read_level(ssl_), buf.data(),
                                buf.size());
 }

 int MockQuicTransport::ReadApplicationData(uint8_t *out, size_t max_out) {
   if (pending_app_data_.size() > 0) {
     size_t len = pending_app_data_.size() - app_data_offset_;
     if (len > max_out) {
       len = max_out;
     }
     memcpy(out, pending_app_data_.data() + app_data_offset_, len);
     app_data_offset_ += len;
     if (app_data_offset_ == pending_app_data_.size()) {
       pending_app_data_.clear();
       app_data_offset_ = 0;
     }
     return len;
   }

   uint8_t tag = 0;
   size_t len;
   while (true) {
     if (!ReadHeader(&tag, &len)) {
       // Assume that a failure to read the header means there's no more to read,
       // not an error reading.
       return 0;
     }
     if (tag == kTagApplication) {
       break;
     }
     if (tag != kTagHandshake) {
       return -1;
     }

     std::vector<uint8_t> buf(len);
     if (!ReadAll(bio_.get(), bssl::MakeSpan(buf))) {
       return -1;
     }
     if (SSL_provide_quic_data(ssl_, SSL_quic_read_level(ssl_), buf.data(),
                               buf.size()) != 1) {
       return -1;
     }
     if (SSL_in_init(ssl_)) {
       int ret = SSL_do_handshake(ssl_);
       if (ret < 0) {
         int ssl_err = SSL_get_error(ssl_, ret);
         if (ssl_err == SSL_ERROR_WANT_READ) {
           continue;
         }
         return -1;
       }
     } else if (SSL_process_quic_post_handshake(ssl_) != 1) {
       return -1;
     }
   }

   uint8_t *buf = out;
   if (len > max_out) {
     pending_app_data_.resize(len);
     buf = pending_app_data_.data();
   }
   app_data_offset_ = 0;
   if (!ReadAll(bio_.get(), bssl::MakeSpan(buf, len))) {
     return -1;
   }
   if (len > max_out) {
     memcpy(out, buf, max_out);
     app_data_offset_ = max_out;
     return max_out;
   }
   return len;
 }

 bool MockQuicTransport::WriteRecord(enum ssl_encryption_level_t level,
                                     uint8_t tag, const uint8_t *data,
                                     size_t len) {
   uint16_t cipher_suite = write_levels_[level].cipher;
   const std::vector<uint8_t> &secret = write_levels_[level].secret;
   size_t tlv_len = secret.size() + len;
   uint8_t header[7];
   header[0] = tag;
   header[1] = (cipher_suite >> 8) & 0xff;
   header[2] = cipher_suite & 0xff;
   header[3] = (tlv_len >> 24) & 0xff;
   header[4] = (tlv_len >> 16) & 0xff;
   header[5] = (tlv_len >> 8) & 0xff;
   header[6] = tlv_len & 0xff;
   return BIO_write_all(bio_.get(), header, sizeof(header)) &&
          BIO_write_all(bio_.get(), secret.data(), secret.size()) &&
          BIO_write_all(bio_.get(), data, len);
 }

 bool MockQuicTransport::WriteHandshakeData(enum ssl_encryption_level_t level,
                                            const uint8_t *data, size_t len) {
   return WriteRecord(level, kTagHandshake, data, len);
 }

 bool MockQuicTransport::WriteApplicationData(const uint8_t *in, size_t len) {
   enum ssl_encryption_level_t level = ssl_encryption_application;
   if (SSL_in_early_data(ssl_) && !SSL_is_server(ssl_)) {
     level = ssl_encryption_early_data;
   }
   return WriteRecord(level, kTagApplication, in, len);
 }

 bool MockQuicTransport::Flush() { return BIO_flush(bio_.get()); }

 bool MockQuicTransport::SendAlert(enum ssl_encryption_level_t level,
                                   uint8_t alert) {
   uint8_t alert_msg[] = {2, alert};
   return WriteRecord(level, kTagAlert, alert_msg, sizeof(alert_msg));
 }
	/* Copyright (c) 2019, Google Inc.
	*
	* Permission to use, copy, modify, and/or distribute this software for any
	* purpose with or without fee is hereby granted, provided that the above
	* copyright notice and this permission notice appear in all copies.
	*
	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
	* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
	* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
	* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

	#include "mock_quic_transport.h"

	#include <openssl/span.h>

	#include <cstring>
	#include <limits>

	namespace {

	const uint8_t kTagHandshake = 'H';
	const uint8_t kTagApplication = 'A';
	const uint8_t kTagAlert = 'L';

	} // namespace

	MockQuicTransport::MockQuicTransport(bssl::UniquePtr<BIO> bio, SSL *ssl)
	: bio_(std::move(bio)),
	read_levels_(ssl_encryption_application + 1),
	write_levels_(ssl_encryption_application + 1),
	ssl_(ssl) {}

	bool MockQuicTransport::SetReadSecret(enum ssl_encryption_level_t level,
	const SSL_CIPHER *cipher,
	const uint8_t *secret,
	size_t secret_len) {
	// TODO(davidben): Assert the various encryption secret invariants.
	read_levels_[level].cipher = SSL_CIPHER_get_value(cipher);
	read_levels_[level].secret.assign(secret, secret + secret_len);
	return true;
	}

	bool MockQuicTransport::SetWriteSecret(enum ssl_encryption_level_t level,
	const SSL_CIPHER *cipher,
	const uint8_t *secret,
	size_t secret_len) {
	// TODO(davidben): Assert the various encryption secret invariants.
	write_levels_[level].cipher = SSL_CIPHER_get_value(cipher);
	write_levels_[level].secret.assign(secret, secret + secret_len);
	return true;
	}

	namespace {

	bool ReadAll(BIO *bio, bssl::Span<uint8_t> out) {
	size_t len = out.size();
	uint8_t *buf = out.data();
	while (len > 0) {
	int chunk_len = std::numeric_limits<int>::max();
	if (len <= static_cast<unsigned int>(std::numeric_limits<int>::max())) {
	chunk_len = len;
	}
	int ret = BIO_read(bio, buf, chunk_len);
	if (ret <= 0) {
	return false;
	}
	buf += ret;
	len -= ret;
	}
	return true;
	}

	} // namespace

	bool MockQuicTransport::ReadHeader(uint8_t out_tag, size_t out_len) {
	uint8_t header[7];
	if (!ReadAll(bio_.get(), header)) {
	return false;
	}
	*out_tag = header[0];
	uint16_t cipher_suite = header[1] << 8 \| header[2];
	size_t remaining_bytes =
	header[3] << 24 \| header[4] << 16 \| header[5] << 8 \| header[6];

	enum ssl_encryption_level_t level = SSL_quic_read_level(ssl_);
	if (*out_tag == kTagApplication) {
	if (SSL_in_early_data(ssl_)) {
	level = ssl_encryption_early_data;
	} else {
	level = ssl_encryption_application;
	}
	}
	if (cipher_suite != read_levels_[level].cipher) {
	return false;
	}
	const std::vector<uint8_t> &secret = read_levels_[level].secret;
	std::vector<uint8_t> read_secret(secret.size());
	if (remaining_bytes < secret.size()) {
	return false;
	}
	remaining_bytes -= secret.size();
	if (!ReadAll(bio_.get(), bssl::MakeSpan(read_secret)) \|\|
	read_secret != secret) {
	return false;
	}
	*out_len = remaining_bytes;
	return true;
	}

	bool MockQuicTransport::ReadHandshake() {
	uint8_t tag;
	size_t len;
	if (!ReadHeader(&tag, &len)) {
	return false;
	}
	if (tag != kTagHandshake) {
	return false;
	}

	std::vector<uint8_t> buf(len);
	if (!ReadAll(bio_.get(), bssl::MakeSpan(buf))) {
	return false;
	}
	return SSL_provide_quic_data(ssl_, SSL_quic_read_level(ssl_), buf.data(),
	buf.size());
	}

	int MockQuicTransport::ReadApplicationData(uint8_t *out, size_t max_out) {
	if (pending_app_data_.size() > 0) {
	size_t len = pending_app_data_.size() - app_data_offset_;
	if (len > max_out) {
	len = max_out;
	}
	memcpy(out, pending_app_data_.data() + app_data_offset_, len);
	app_data_offset_ += len;
	if (app_data_offset_ == pending_app_data_.size()) {
	pending_app_data_.clear();
	app_data_offset_ = 0;
	}
	return len;
	}

	uint8_t tag = 0;
	size_t len;
	while (true) {
	if (!ReadHeader(&tag, &len)) {
	// Assume that a failure to read the header means there's no more to read,
	// not an error reading.
	return 0;
	}
	if (tag == kTagApplication) {
	break;
	}
	if (tag != kTagHandshake) {
	return -1;
	}

	std::vector<uint8_t> buf(len);
	if (!ReadAll(bio_.get(), bssl::MakeSpan(buf))) {
	return -1;
	}
	if (SSL_provide_quic_data(ssl_, SSL_quic_read_level(ssl_), buf.data(),
	buf.size()) != 1) {
	return -1;
	}
	if (SSL_in_init(ssl_)) {
	int ret = SSL_do_handshake(ssl_);
	if (ret < 0) {
	int ssl_err = SSL_get_error(ssl_, ret);
	if (ssl_err == SSL_ERROR_WANT_READ) {
	continue;
	}
	return -1;
	}
	} else if (SSL_process_quic_post_handshake(ssl_) != 1) {
	return -1;
	}
	}

	uint8_t *buf = out;
	if (len > max_out) {
	pending_app_data_.resize(len);
	buf = pending_app_data_.data();
	}
	app_data_offset_ = 0;
	if (!ReadAll(bio_.get(), bssl::MakeSpan(buf, len))) {
	return -1;
	}
	if (len > max_out) {
	memcpy(out, buf, max_out);
	app_data_offset_ = max_out;
	return max_out;
	}
	return len;
	}

	bool MockQuicTransport::WriteRecord(enum ssl_encryption_level_t level,
	uint8_t tag, const uint8_t *data,
	size_t len) {
	uint16_t cipher_suite = write_levels_[level].cipher;
	const std::vector<uint8_t> &secret = write_levels_[level].secret;
	size_t tlv_len = secret.size() + len;
	uint8_t header[7];
	header[0] = tag;
	header[1] = (cipher_suite >> 8) & 0xff;
	header[2] = cipher_suite & 0xff;
	header[3] = (tlv_len >> 24) & 0xff;
	header[4] = (tlv_len >> 16) & 0xff;
	header[5] = (tlv_len >> 8) & 0xff;
	header[6] = tlv_len & 0xff;
	return BIO_write_all(bio_.get(), header, sizeof(header)) &&
	BIO_write_all(bio_.get(), secret.data(), secret.size()) &&
	BIO_write_all(bio_.get(), data, len);
	}

	bool MockQuicTransport::WriteHandshakeData(enum ssl_encryption_level_t level,
	const uint8_t *data, size_t len) {
	return WriteRecord(level, kTagHandshake, data, len);
	}

	bool MockQuicTransport::WriteApplicationData(const uint8_t *in, size_t len) {
	enum ssl_encryption_level_t level = ssl_encryption_application;
	if (SSL_in_early_data(ssl_) && !SSL_is_server(ssl_)) {
	level = ssl_encryption_early_data;
	}
	return WriteRecord(level, kTagApplication, in, len);
	}

	bool MockQuicTransport::Flush() { return BIO_flush(bio_.get()); }

	bool MockQuicTransport::SendAlert(enum ssl_encryption_level_t level,
	uint8_t alert) {
	uint8_t alert_msg[] = {2, alert};
	return WriteRecord(level, kTagAlert, alert_msg, sizeof(alert_msg));
	}