OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "net/websockets/websocket_frame.h" | |
6 | |
7 #include <algorithm> | |
8 | |
9 #include "base/basictypes.h" | |
10 #include "base/big_endian.h" | |
11 #include "base/logging.h" | |
12 #include "base/rand_util.h" | |
13 #include "net/base/io_buffer.h" | |
14 #include "net/base/net_errors.h" | |
15 | |
16 namespace { | |
17 | |
18 const uint8 kFinalBit = 0x80; | |
19 const uint8 kReserved1Bit = 0x40; | |
20 const uint8 kReserved2Bit = 0x20; | |
21 const uint8 kReserved3Bit = 0x10; | |
22 const uint8 kOpCodeMask = 0xF; | |
23 const uint8 kMaskBit = 0x80; | |
24 const uint64 kMaxPayloadLengthWithoutExtendedLengthField = 125; | |
25 const uint64 kPayloadLengthWithTwoByteExtendedLengthField = 126; | |
26 const uint64 kPayloadLengthWithEightByteExtendedLengthField = 127; | |
27 | |
28 inline void MaskWebSocketFramePayloadByBytes( | |
29 const net::WebSocketMaskingKey& masking_key, | |
30 size_t masking_key_offset, | |
31 char* const begin, | |
32 char* const end) { | |
33 for (char* masked = begin; masked != end; ++masked) { | |
34 *masked ^= masking_key.key[masking_key_offset++]; | |
35 if (masking_key_offset == net::WebSocketFrameHeader::kMaskingKeyLength) | |
36 masking_key_offset = 0; | |
37 } | |
38 } | |
39 | |
40 } // Unnamed namespace. | |
41 | |
42 namespace net { | |
43 | |
44 scoped_ptr<WebSocketFrameHeader> WebSocketFrameHeader::Clone() const { | |
45 scoped_ptr<WebSocketFrameHeader> ret(new WebSocketFrameHeader(opcode)); | |
46 ret->CopyFrom(*this); | |
47 return ret.Pass(); | |
48 } | |
49 | |
50 void WebSocketFrameHeader::CopyFrom(const WebSocketFrameHeader& source) { | |
51 final = source.final; | |
52 reserved1 = source.reserved1; | |
53 reserved2 = source.reserved2; | |
54 reserved3 = source.reserved3; | |
55 opcode = source.opcode; | |
56 masked = source.masked; | |
57 payload_length = source.payload_length; | |
58 } | |
59 | |
60 WebSocketFrame::WebSocketFrame(WebSocketFrameHeader::OpCode opcode) | |
61 : header(opcode) {} | |
62 | |
63 WebSocketFrame::~WebSocketFrame() {} | |
64 | |
65 WebSocketFrameChunk::WebSocketFrameChunk() : final_chunk(false) {} | |
66 | |
67 WebSocketFrameChunk::~WebSocketFrameChunk() {} | |
68 | |
69 int GetWebSocketFrameHeaderSize(const WebSocketFrameHeader& header) { | |
70 int extended_length_size = 0; | |
71 if (header.payload_length > kMaxPayloadLengthWithoutExtendedLengthField && | |
72 header.payload_length <= kuint16max) { | |
73 extended_length_size = 2; | |
74 } else if (header.payload_length > kuint16max) { | |
75 extended_length_size = 8; | |
76 } | |
77 | |
78 return (WebSocketFrameHeader::kBaseHeaderSize + extended_length_size + | |
79 (header.masked ? WebSocketFrameHeader::kMaskingKeyLength : 0)); | |
80 } | |
81 | |
82 int WriteWebSocketFrameHeader(const WebSocketFrameHeader& header, | |
83 const WebSocketMaskingKey* masking_key, | |
84 char* buffer, | |
85 int buffer_size) { | |
86 DCHECK((header.opcode & kOpCodeMask) == header.opcode) | |
87 << "header.opcode must fit to kOpCodeMask."; | |
88 DCHECK(header.payload_length <= static_cast<uint64>(kint64max)) | |
89 << "WebSocket specification doesn't allow a frame longer than " | |
90 << "kint64max (0x7FFFFFFFFFFFFFFF) bytes."; | |
91 DCHECK_GE(buffer_size, 0); | |
92 | |
93 // WebSocket frame format is as follows: | |
94 // - Common header (2 bytes) | |
95 // - Optional extended payload length | |
96 // (2 or 8 bytes, present if actual payload length is more than 125 bytes) | |
97 // - Optional masking key (4 bytes, present if MASK bit is on) | |
98 // - Actual payload (XOR masked with masking key if MASK bit is on) | |
99 // | |
100 // This function constructs frame header (the first three in the list | |
101 // above). | |
102 | |
103 int header_size = GetWebSocketFrameHeaderSize(header); | |
104 if (header_size > buffer_size) | |
105 return ERR_INVALID_ARGUMENT; | |
106 | |
107 int buffer_index = 0; | |
108 | |
109 uint8 first_byte = 0u; | |
110 first_byte |= header.final ? kFinalBit : 0u; | |
111 first_byte |= header.reserved1 ? kReserved1Bit : 0u; | |
112 first_byte |= header.reserved2 ? kReserved2Bit : 0u; | |
113 first_byte |= header.reserved3 ? kReserved3Bit : 0u; | |
114 first_byte |= header.opcode & kOpCodeMask; | |
115 buffer[buffer_index++] = first_byte; | |
116 | |
117 int extended_length_size = 0; | |
118 uint8 second_byte = 0u; | |
119 second_byte |= header.masked ? kMaskBit : 0u; | |
120 if (header.payload_length <= kMaxPayloadLengthWithoutExtendedLengthField) { | |
121 second_byte |= header.payload_length; | |
122 } else if (header.payload_length <= kuint16max) { | |
123 second_byte |= kPayloadLengthWithTwoByteExtendedLengthField; | |
124 extended_length_size = 2; | |
125 } else { | |
126 second_byte |= kPayloadLengthWithEightByteExtendedLengthField; | |
127 extended_length_size = 8; | |
128 } | |
129 buffer[buffer_index++] = second_byte; | |
130 | |
131 // Writes "extended payload length" field. | |
132 if (extended_length_size == 2) { | |
133 uint16 payload_length_16 = static_cast<uint16>(header.payload_length); | |
134 base::WriteBigEndian(buffer + buffer_index, payload_length_16); | |
135 buffer_index += sizeof(payload_length_16); | |
136 } else if (extended_length_size == 8) { | |
137 base::WriteBigEndian(buffer + buffer_index, header.payload_length); | |
138 buffer_index += sizeof(header.payload_length); | |
139 } | |
140 | |
141 // Writes "masking key" field, if needed. | |
142 if (header.masked) { | |
143 DCHECK(masking_key); | |
144 std::copy(masking_key->key, | |
145 masking_key->key + WebSocketFrameHeader::kMaskingKeyLength, | |
146 buffer + buffer_index); | |
147 buffer_index += WebSocketFrameHeader::kMaskingKeyLength; | |
148 } else { | |
149 DCHECK(!masking_key); | |
150 } | |
151 | |
152 DCHECK_EQ(header_size, buffer_index); | |
153 return header_size; | |
154 } | |
155 | |
156 WebSocketMaskingKey GenerateWebSocketMaskingKey() { | |
157 // Masking keys should be generated from a cryptographically secure random | |
158 // number generator, which means web application authors should not be able | |
159 // to guess the next value of masking key. | |
160 WebSocketMaskingKey masking_key; | |
161 base::RandBytes(masking_key.key, WebSocketFrameHeader::kMaskingKeyLength); | |
162 return masking_key; | |
163 } | |
164 | |
165 void MaskWebSocketFramePayload(const WebSocketMaskingKey& masking_key, | |
166 uint64 frame_offset, | |
167 char* const data, | |
168 int data_size) { | |
169 static const size_t kMaskingKeyLength = | |
170 WebSocketFrameHeader::kMaskingKeyLength; | |
171 | |
172 DCHECK_GE(data_size, 0); | |
173 | |
174 // Most of the masking is done one word at a time, except for the beginning | |
175 // and the end of the buffer which may be unaligned. We use size_t to get the | |
176 // word size for this architecture. We require it be a multiple of | |
177 // kMaskingKeyLength in size. | |
178 typedef size_t PackedMaskType; | |
179 PackedMaskType packed_mask_key = 0; | |
180 static const size_t kPackedMaskKeySize = sizeof(packed_mask_key); | |
181 static_assert((kPackedMaskKeySize >= kMaskingKeyLength && | |
182 kPackedMaskKeySize % kMaskingKeyLength == 0), | |
183 "word size is not a multiple of mask length"); | |
184 char* const end = data + data_size; | |
185 // If the buffer is too small for the vectorised version to be useful, revert | |
186 // to the byte-at-a-time implementation early. | |
187 if (data_size <= static_cast<int>(kPackedMaskKeySize * 2)) { | |
188 MaskWebSocketFramePayloadByBytes( | |
189 masking_key, frame_offset % kMaskingKeyLength, data, end); | |
190 return; | |
191 } | |
192 const size_t data_modulus = | |
193 reinterpret_cast<size_t>(data) % kPackedMaskKeySize; | |
194 char* const aligned_begin = | |
195 data_modulus == 0 ? data : (data + kPackedMaskKeySize - data_modulus); | |
196 // Guaranteed by the above check for small data_size. | |
197 DCHECK(aligned_begin < end); | |
198 MaskWebSocketFramePayloadByBytes( | |
199 masking_key, frame_offset % kMaskingKeyLength, data, aligned_begin); | |
200 const size_t end_modulus = reinterpret_cast<size_t>(end) % kPackedMaskKeySize; | |
201 char* const aligned_end = end - end_modulus; | |
202 // Guaranteed by the above check for small data_size. | |
203 DCHECK(aligned_end > aligned_begin); | |
204 // Create a version of the mask which is rotated by the appropriate offset | |
205 // for our alignment. The "trick" here is that 0 XORed with the mask will | |
206 // give the value of the mask for the appropriate byte. | |
207 char realigned_mask[kMaskingKeyLength] = {}; | |
208 MaskWebSocketFramePayloadByBytes( | |
209 masking_key, | |
210 (frame_offset + aligned_begin - data) % kMaskingKeyLength, | |
211 realigned_mask, | |
212 realigned_mask + kMaskingKeyLength); | |
213 | |
214 for (size_t i = 0; i < kPackedMaskKeySize; i += kMaskingKeyLength) { | |
215 // memcpy() is allegedly blessed by the C++ standard for type-punning. | |
216 memcpy(reinterpret_cast<char*>(&packed_mask_key) + i, | |
217 realigned_mask, | |
218 kMaskingKeyLength); | |
219 } | |
220 | |
221 // The main loop. | |
222 for (char* merged = aligned_begin; merged != aligned_end; | |
223 merged += kPackedMaskKeySize) { | |
224 // This is not quite standard-compliant C++. However, the standard-compliant | |
225 // equivalent (using memcpy()) compiles to slower code using g++. In | |
226 // practice, this will work for the compilers and architectures currently | |
227 // supported by Chromium, and the tests are extremely unlikely to pass if a | |
228 // future compiler/architecture breaks it. | |
229 *reinterpret_cast<PackedMaskType*>(merged) ^= packed_mask_key; | |
230 } | |
231 | |
232 MaskWebSocketFramePayloadByBytes( | |
233 masking_key, | |
234 (frame_offset + (aligned_end - data)) % kMaskingKeyLength, | |
235 aligned_end, | |
236 end); | |
237 } | |
238 | |
239 } // namespace net | |
OLD | NEW |