Create QuicTransportChannel

webrtc/p2p/quic/quictransportchannel.h

+/*
+ *  Copyright 2016 The WebRTC Project Authors. All rights reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+#ifndef WEBRTC_P2P_QUIC_QUICTRANSPORTCHANNEL_H_
+#define WEBRTC_P2P_QUIC_QUICTRANSPORTCHANNEL_H_
+
+#include <string>
+#include <vector>
+
+#include "net/quic/quic_packet_writer.h"
+#include "webrtc/base/optional.h"
+#include "webrtc/base/scoped_ptr.h"
+#include "webrtc/p2p/base/transportchannelimpl.h"
+#include "webrtc/p2p/quic/quicconnectionhelper.h"
+#include "webrtc/p2p/quic/quicsession.h"
+
+namespace cricket {
+
+enum QuicTransportState {
+  // Haven't started QUIC handshake.
+  QUIC_TRANSPORT_NEW = 0,
+  // Started QUIC handshake.
+  QUIC_TRANSPORT_CONNECTING,
+  // Negotiated, and has an encrypted connection.
+  QUIC_TRANSPORT_CONNECTED,
+  // Failed due to some error in the handshake process.
+  QUIC_TRANSPORT_CLOSED,
+};
+
+// QuicTransportChannel uses the QUIC protocol to establish encryption with
+// another peer, wrapping an existing TransportChannel instance
+// (e.g a P2PTransportChannel) responsible for connecting peers.
+// Once the wrapped transport channel is connected, QuicTransportChannel
+// negotiates the crypto handshake and establishes SRTP keying material.
+//
+// How it works:
+//
+//   QuicTransportChannel {
+//       QuicSession* quic_;
+//       TransportChannelImpl* channel_;
+//   }
+//
+//   - Data written to SendPacket() is passed directly to |channel_| if  it is
+//     an SRTP packet with the PF_SRTP_BYPASS flag.
+//
+//   - |quic_| passes outgoing packets to WritePacket(), which are transferred
+//     to |channel_| to be sent across the network.
+//
+//   - Data which comes into QuicTransportChannel::OnReadPacket is checked to
+//     see if it is QUIC, and if it is, passed to |quic_|. SRTP packets are
+//     signaled upwards as bypass packets.
+//
+//   - When the QUIC handshake is completed, quic_state() returns
+//     QUIC_TRANSPORT_CONNECTED and SRTP keying material can be exported.
+//
+// TODO(mikescarlett): Implement secure QUIC handshake, 0-RTT handshakes, and
+// QUIC data streams.
+class QuicTransportChannel : public TransportChannelImpl,
+                             public net::QuicPacketWriter,
+                             public net::QuicCryptoClientStream::ProofHandler {
+ public:
+  // |channel| - the TransportChannel we are wrapping.
+  explicit QuicTransportChannel(TransportChannelImpl* channel);
+  ~QuicTransportChannel() override;
+
+  // TransportChannel overrides.
+  // TODO(mikescarlett): Implement certificate authentication.
+  bool SetLocalCertificate(
+      const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) override;
+  rtc::scoped_refptr<rtc::RTCCertificate> GetLocalCertificate() const override;
+  // TODO(mikescarlett): Implement fingerprint authentication.
+  bool SetRemoteFingerprint(const std::string& digest_alg,
+                            const uint8_t* digest,
+                            size_t digest_len) override;
+  // Returns true if local certificate is set and this peer supports QUIC.
+  // TODO(mikescarlett): Rename method so it is not DTLS-specific.
+  bool IsDtlsActive() const override { return true; }
+  // Sends a RTP packet if sent with the PF_SRTP_BYPASS flag.
+  int SendPacket(const char* data,
+                 size_t size,
+                 const rtc::PacketOptions& options,
+                 int flags) override;
+
+  // TransportChannelImpl calls that we forward to the wrapped transport.
+  void SetIceRole(IceRole role) override { channel_->SetIceRole(role); }
+  IceRole GetIceRole() const override { return channel_->GetIceRole(); }
+  int SetOption(rtc::Socket::Option opt, int value) override {
+    return channel_->SetOption(opt, value);
+  }
+  bool GetOption(rtc::Socket::Option opt, int* value) override {
+    return channel_->GetOption(opt, value);
+  }
+  int GetError() override { return channel_->GetError(); }
+  bool GetStats(ConnectionInfos* infos) override {
+    return channel_->GetStats(infos);
+  }
+  const std::string SessionId() const override { return channel_->SessionId(); }
+  TransportChannelState GetState() const override {
+    return channel_->GetState();
+  }
+  void SetIceTiebreaker(uint64_t tiebreaker) override {
+    channel_->SetIceTiebreaker(tiebreaker);
+  }
+  void SetIceCredentials(const std::string& ice_ufrag,
+                         const std::string& ice_pwd) override {
+    channel_->SetIceCredentials(ice_ufrag, ice_pwd);
+  }
+  void SetRemoteIceCredentials(const std::string& ice_ufrag,
+                               const std::string& ice_pwd) override {
+    channel_->SetRemoteIceCredentials(ice_ufrag, ice_pwd);
+  }
+  void SetRemoteIceMode(IceMode mode) override {
+    channel_->SetRemoteIceMode(mode);
+  }
+  void MaybeStartGathering() override { channel_->MaybeStartGathering(); }
+  IceGatheringState gathering_state() const override {
+    return channel_->gathering_state();
+  }
+  void AddRemoteCandidate(const Candidate& candidate) override {
+    channel_->AddRemoteCandidate(candidate);
+  }
+  void SetIceConfig(const IceConfig& config) override {
+    channel_->SetIceConfig(config);
+  }
+
+  // Sets up the ciphers to use for SRTP.
+  // TODO(mikescarlett): Use SRTP ciphers for negotiation.
+  bool SetSrtpCryptoSuites(const std::vector<int>& ciphers) override {
+    return true;
+  }
+  // Determines which SRTP cipher was negotiated.
+  // TODO(mikescarlett): Implement QUIC cipher negotiation. This currently
+  // returns SRTP_AES128_CM_SHA1_80.
+  bool GetSrtpCryptoSuite(int* cipher) override;
+  bool SetSslRole(rtc::SSLRole role) override;
+  bool GetSslRole(rtc::SSLRole* role) const override;
+  // Determines which SSL cipher was negotiated.
+  // TODO(mikescarlett): Implement QUIC cipher negotiation.
+  bool GetSslCipherSuite(int* cipher) override { return false; }
+  // Once QUIC is established (i.e., |quic_state_| is QUIC_TRANSPORT_CONNECTED),
+  // this extracts the keys negotiated during the QUIC handshake, for use
+  // in external encryption such as for extracting SRTP keys.
+  bool ExportKeyingMaterial(const std::string& label,
+                            const uint8_t* context,
+                            size_t context_len,
+                            bool use_context,
+                            uint8_t* result,
+                            size_t result_len) override;
+  void Connect() override;
+  bool GetRemoteSSLCertificate(rtc::SSLCertificate** cert) const override {
+    return false;
+  }
+
+  // QuicPacketWriter overrides.
+  // Called from net::QuicConnection when |quic_| has packets to write.
+  net::WriteResult WritePacket(const char* buffer,
+                               size_t buf_len,
+                               const net::IPAddressNumber& self_address,
+                               const net::IPEndPoint& peer_address) override;
+  // Whether QuicTransportChannel buffers data when unable to write. If this is
+  // set to false, then net::QuicConnection buffers unsent packets.
+  bool IsWriteBlockedDataBuffered() const override { return false; }
+  // Whether QuicTransportChannel is write blocked. If this returns true,
+  // outgoing QUIC packets are queued until OnCanWrite() is called.
+  bool IsWriteBlocked() const override;
+  // Maximum size of the QUIC packet which can be written.
+  net::QuicByteCount GetMaxPacketSize(
+      const net::IPEndPoint& peer_address) const override {
+    return net::kMaxPacketSize;
+  }
+  // This method is not used -- call set_writable(bool writable) instead.
+  void SetWritable() override {}
+
+  // QuicCryptoClientStream::ProofHandler overrides.
+  // Called by client crypto handshake when cached proof is marked valid.
+  void OnProofValid(
+      const net::QuicCryptoClientConfig::CachedState& cached) override;
+  // Called by client crypto handshake when proof verification details become
+  // available, either because proof verification is complete, or when cached
+  // details are used.
+  void OnProofVerifyDetailsAvailable(
+      const net::ProofVerifyDetails& verify_details) override;
+
+  // Returns true if |quic_| has queued data which wasn't written due
+  // to |channel_| being write blocked.
+  bool HasDataToWrite() const;
+  // Writes queued data for |quic_| when |channel_| is no longer write blocked.
+  void OnCanWrite();
+  // Connectivity state of QuicTransportChannel.
+  QuicTransportState quic_state() const { return quic_state_; }
+
+ private:
+  // Fingerprint of remote peer.
+  struct RemoteFingerprint {
+    std::string value;
+    std::string algorithm;
+  };
+
+  // Callbacks for |channel_|.
+  void OnReadableState(TransportChannel* channel);
+  void OnWritableState(TransportChannel* channel);
+  void OnReadPacket(TransportChannel* channel,
+                    const char* data,
+                    size_t size,
+                    const rtc::PacketTime& packet_time,
+                    int flags);
+  void OnSentPacket(TransportChannel* channel,
+                    const rtc::SentPacket& sent_packet);
+  void OnReadyToSend(TransportChannel* channel);
+  void OnReceivingState(TransportChannel* channel);
+  void OnGatheringState(TransportChannelImpl* channel);
+  void OnCandidateGathered(TransportChannelImpl* channel, const Candidate& c);
+  void OnRoleConflict(TransportChannelImpl* channel);
+  void OnRouteChange(TransportChannel* channel, const Candidate& candidate);
+  void OnConnectionRemoved(TransportChannelImpl* channel);
+
+  // Callbacks for |quic_|.
+  // Called when |quic_| has established crypto handshake.
+  void OnHandshakeComplete();
+  // Called when |quic_| has connection closed.
+  void OnConnectionClosed(net::QuicErrorCode error, bool from_peer);
+
+  // Called by OnReadPacket() when QUIC packet is received.
+  bool HandleQuicPacket(const char* data, size_t size);
+  // Sets up the QUIC handshake.
+  bool MaybeStartQuic();
+  // Creates the QUIC connection and |quic_|.
+  bool CreateQuicSession();
+  // Creates the crypto stream and initializes handshake.
+  bool StartQuicHandshake();
+  // Sets QuicTransportChannel connectivity state.
+  void set_quic_state(QuicTransportState state);
+
+  // Everything should occur on this thread.
+  rtc::Thread* worker_thread_;
+  // Underlying channel which is responsible for connecting with the remote peer
+  // and sending/receiving packets across the network.
+  TransportChannelImpl* const channel_;
+  // Connectivity state of QuicTransportChannel.
+  QuicTransportState quic_state_ = QUIC_TRANSPORT_NEW;
+  // QUIC session which establishes the crypto handshake and converts data
+  // to/from QUIC packets.
+  rtc::scoped_ptr<QuicSession> quic_;
+  // Config for |quic_|.
+  net::QuicConfig config_;
+  // Helper for net::QuicConnection that provides timing and
+  // random number generation.
+  QuicConnectionHelper helper_;
+  // This peer's role in the QUIC crypto handshake. SSL_CLIENT implies this peer
+  // initiates the handshake, while SSL_SERVER implies the remote peer initiates
+  // the handshake. This must be set before we start QUIC.
+  rtc::Optional<rtc::SSLRole> ssl_role_;
+  // Config for QUIC crypto client stream, used when |ssl_role_| is SSL_CLIENT.
+  rtc::scoped_ptr<net::QuicCryptoClientConfig> quic_crypto_client_config_;
+  // Config for QUIC crypto server stream, used when |ssl_role_| is SSL_SERVER.
+  rtc::scoped_ptr<net::QuicCryptoServerConfig> quic_crypto_server_config_;
+  // This peer's certificate.
+  rtc::scoped_refptr<rtc::RTCCertificate> local_certificate_;
+  // Fingerprint of the remote peer. This must be set before we start QUIC.
+  rtc::Optional<RemoteFingerprint> remote_fingerprint_;
+
+  RTC_DISALLOW_COPY_AND_ASSIGN(QuicTransportChannel);
+};
+
+}  // namespace cricket
+
+#endif  // WEBRTC_P2P_QUIC_QUICTRANSPORTCHANNEL_H_