forked from grpc/grpc-java
/
AltsFraming.java
366 lines (327 loc) · 11.8 KB
/
AltsFraming.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
/*
* Copyright 2018 The gRPC Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.grpc.alts.internal;
import com.google.common.base.Preconditions;
import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.GeneralSecurityException;
/** Framing and deframing methods and classes used by handshaker. */
public final class AltsFraming {
// The size of the frame field. Must correspond to the size of int, 4 bytes.
// Left package-private for testing.
private static final int FRAME_LENGTH_HEADER_SIZE = 4;
private static final int FRAME_MESSAGE_TYPE_HEADER_SIZE = 4;
private static final int MAX_DATA_LENGTH = 1024 * 1024;
private static final int INITIAL_BUFFER_CAPACITY = 1024 * 64;
// TODO: Make this the responsibility of the caller.
private static final int MESSAGE_TYPE = 6;
private AltsFraming() {}
static int getFrameLengthHeaderSize() {
return FRAME_LENGTH_HEADER_SIZE;
}
static int getFrameMessageTypeHeaderSize() {
return FRAME_MESSAGE_TYPE_HEADER_SIZE;
}
static int getMaxDataLength() {
return MAX_DATA_LENGTH;
}
static int getFramingOverhead() {
return FRAME_LENGTH_HEADER_SIZE + FRAME_MESSAGE_TYPE_HEADER_SIZE;
}
/**
* Creates a frame of length dataSize + FRAME_HEADER_SIZE using the input bytes, if dataSize <=
* input.remaining(). Otherwise, a frame of length input.remaining() + FRAME_HEADER_SIZE is
* created.
*/
static ByteBuffer toFrame(ByteBuffer input, int dataSize) throws GeneralSecurityException {
Preconditions.checkNotNull(input);
if (dataSize > input.remaining()) {
dataSize = input.remaining();
}
Producer producer = new Producer();
ByteBuffer inputAlias = input.duplicate();
((Buffer) inputAlias).limit(input.position() + dataSize);
producer.readBytes(inputAlias);
producer.flush();
((Buffer) input).position(inputAlias.position());
ByteBuffer output = producer.getRawFrame();
return output;
}
/**
* A helper class to write a frame.
*
* <p>This class guarantees that one of the following is true:
*
* <ul>
* <li>readBytes will read from the input
* <li>writeBytes will write to the output
* </ul>
*
* <p>Sample usage:
*
* <pre>{@code
* Producer producer = new Producer();
* ByteBuffer inputBuffer = readBytesFromMyStream();
* ByteBuffer outputBuffer = writeBytesToMyStream();
* while (inputBuffer.hasRemaining() || outputBuffer.hasRemaining()) {
* producer.readBytes(inputBuffer);
* producer.writeBytes(outputBuffer);
* }
* }</pre>
*
* <p>Alternatively, this class guarantees that one of the following is true:
*
* <ul>
* <li>readBytes will read from the input
* <li>{@code isComplete()} returns true and {@code getByteBuffer()} returns the contents of a
* processed frame.
* </ul>
*
* <p>Sample usage:
*
* <pre>{@code
* Producer producer = new Producer();
* while (!producer.isComplete()) {
* ByteBuffer inputBuffer = readBytesFromMyStream();
* producer.readBytes(inputBuffer);
* }
* producer.flush();
* ByteBuffer outputBuffer = producer.getRawFrame();
* }</pre>
*/
static final class Producer {
private ByteBuffer buffer;
private boolean isComplete;
Producer(int maxFrameSize) {
buffer = ByteBuffer.allocate(maxFrameSize);
reset();
Preconditions.checkArgument(maxFrameSize > getFramePrefixLength() + getFrameSuffixLength());
}
Producer() {
this(INITIAL_BUFFER_CAPACITY);
}
/** The length of the frame prefix data, including the message length/type fields. */
int getFramePrefixLength() {
int result = FRAME_LENGTH_HEADER_SIZE + FRAME_MESSAGE_TYPE_HEADER_SIZE;
return result;
}
int getFrameSuffixLength() {
return 0;
}
/**
* Reads bytes from input, parsing them into a frame. Returns false if and only if more data is
* needed. To obtain a full frame this method must be called repeatedly until it returns true.
*/
boolean readBytes(ByteBuffer input) throws GeneralSecurityException {
Preconditions.checkNotNull(input);
if (isComplete) {
return true;
}
copy(buffer, input);
if (!buffer.hasRemaining()) {
flush();
}
return isComplete;
}
/**
* Completes the current frame, signaling that no further data is available to be passed to
* readBytes and that the client requires writeBytes to start returning data. isComplete() is
* guaranteed to return true after this call.
*/
void flush() throws GeneralSecurityException {
if (isComplete) {
return;
}
// Get the length of the complete frame.
int frameLength = buffer.position() + getFrameSuffixLength();
// Set the limit and move to the start.
((Buffer) buffer).flip();
// Advance the limit to allow a crypto suffix.
((Buffer) buffer).limit(buffer.limit() + getFrameSuffixLength());
// Write the data length and the message type.
int dataLength = frameLength - FRAME_LENGTH_HEADER_SIZE;
buffer.order(ByteOrder.LITTLE_ENDIAN);
buffer.putInt(dataLength);
buffer.putInt(MESSAGE_TYPE);
// Move the position back to 0, the frame is ready.
((Buffer) buffer).position(0);
isComplete = true;
}
/** Resets the state, preparing to construct a new frame. Must be called between frames. */
private void reset() {
((Buffer) buffer).clear();
// Save some space for framing, we'll fill that in later.
((Buffer) buffer).position(getFramePrefixLength());
((Buffer) buffer).limit(buffer.limit() - getFrameSuffixLength());
isComplete = false;
}
/**
* Returns a ByteBuffer containing a complete raw frame, if it's available. Should only be
* called when isComplete() returns true, otherwise null is returned. The returned object
* aliases the internal buffer, that is, it shares memory with the internal buffer. No further
* operations are permitted on this object until the caller has processed the data it needs from
* the returned byte buffer.
*/
ByteBuffer getRawFrame() {
if (!isComplete) {
return null;
}
ByteBuffer result = buffer.duplicate();
reset();
return result;
}
}
/**
* A helper class to read a frame.
*
* <p>This class guarantees that one of the following is true:
*
* <ul>
* <li>readBytes will read from the input
* <li>writeBytes will write to the output
* </ul>
*
* <p>Sample usage:
*
* <pre>{@code
* Parser parser = new Parser();
* ByteBuffer inputBuffer = readBytesFromMyStream();
* ByteBuffer outputBuffer = writeBytesToMyStream();
* while (inputBuffer.hasRemaining() || outputBuffer.hasRemaining()) {
* parser.readBytes(inputBuffer);
* parser.writeBytes(outputBuffer); }
* }</pre>
*
* <p>Alternatively, this class guarantees that one of the following is true:
*
* <ul>
* <li>readBytes will read from the input
* <li>{@code isComplete()} returns true and {@code getByteBuffer()} returns the contents of a
* processed frame.
* </ul>
*
* <p>Sample usage:
*
* <pre>{@code
* Parser parser = new Parser();
* while (!parser.isComplete()) {
* ByteBuffer inputBuffer = readBytesFromMyStream();
* parser.readBytes(inputBuffer);
* }
* ByteBuffer outputBuffer = parser.getRawFrame();
* }</pre>
*/
public static final class Parser {
private ByteBuffer buffer = ByteBuffer.allocate(INITIAL_BUFFER_CAPACITY);
private boolean isComplete = false;
public Parser() {
Preconditions.checkArgument(
INITIAL_BUFFER_CAPACITY > getFramePrefixLength() + getFrameSuffixLength());
}
/**
* Reads bytes from input, parsing them into a frame. Returns false if and only if more data is
* needed. To obtain a full frame this method must be called repeatedly until it returns true.
*/
public boolean readBytes(ByteBuffer input) throws GeneralSecurityException {
Preconditions.checkNotNull(input);
if (isComplete) {
return true;
}
// Read enough bytes to determine the length
while (buffer.position() < FRAME_LENGTH_HEADER_SIZE && input.hasRemaining()) {
buffer.put(input.get());
}
// If we have enough bytes to determine the length, read the length and ensure that our
// internal buffer is large enough.
if (buffer.position() == FRAME_LENGTH_HEADER_SIZE && input.hasRemaining()) {
ByteBuffer bufferAlias = buffer.duplicate();
((Buffer) bufferAlias).flip();
bufferAlias.order(ByteOrder.LITTLE_ENDIAN);
int dataLength = bufferAlias.getInt();
if (dataLength < FRAME_MESSAGE_TYPE_HEADER_SIZE || dataLength > MAX_DATA_LENGTH) {
throw new IllegalArgumentException("Invalid frame length " + dataLength);
}
// Maybe resize the buffer
int frameLength = dataLength + FRAME_LENGTH_HEADER_SIZE;
if (buffer.capacity() < frameLength) {
buffer = ByteBuffer.allocate(frameLength);
buffer.order(ByteOrder.LITTLE_ENDIAN);
buffer.putInt(dataLength);
}
((Buffer) buffer).limit(frameLength);
}
// TODO: Similarly extract and check message type.
// Read the remaining data into the internal buffer.
copy(buffer, input);
if (!buffer.hasRemaining()) {
((Buffer) buffer).flip();
isComplete = true;
}
return isComplete;
}
/** The length of the frame prefix data, including the message length/type fields. */
int getFramePrefixLength() {
int result = FRAME_LENGTH_HEADER_SIZE + FRAME_MESSAGE_TYPE_HEADER_SIZE;
return result;
}
int getFrameSuffixLength() {
return 0;
}
/** Returns true if we've parsed a complete frame. */
public boolean isComplete() {
return isComplete;
}
/** Resets the state, preparing to parse a new frame. Must be called between frames. */
private void reset() {
((Buffer) buffer).clear();
isComplete = false;
}
/**
* Returns a ByteBuffer containing a complete raw frame, if it's available. Should only be
* called when isComplete() returns true, otherwise null is returned. The returned object
* aliases the internal buffer, that is, it shares memory with the internal buffer. No further
* operations are permitted on this object until the caller has processed the data it needs from
* the returned byte buffer.
*/
public ByteBuffer getRawFrame() {
if (!isComplete) {
return null;
}
ByteBuffer result = buffer.duplicate();
reset();
return result;
}
}
/**
* Copy as much as possible to dst from src. Unlike {@link ByteBuffer#put(ByteBuffer)}, this stops
* early if there is no room left in dst.
*/
private static void copy(ByteBuffer dst, ByteBuffer src) {
if (dst.hasRemaining() && src.hasRemaining()) {
// Avoid an allocation if possible.
if (dst.remaining() >= src.remaining()) {
dst.put(src);
} else {
int count = Math.min(dst.remaining(), src.remaining());
ByteBuffer slice = src.slice();
((Buffer) slice).limit(count);
dst.put(slice);
((Buffer) src).position(src.position() + count);
}
}
}
}