// Copyright (c) 2017 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef NET_THIRD_PARTY_QUIC_CORE_CRYPTO_QUIC_TLS_ADAPTER_H_
#define NET_THIRD_PARTY_QUIC_CORE_CRYPTO_QUIC_TLS_ADAPTER_H_

#include "net/third_party/quic/core/crypto/crypto_message_parser.h"
#include "net/third_party/quic/core/quic_error_codes.h"
#include "net/third_party/quic/core/quic_types.h"
#include "net/third_party/quic/platform/api/quic_export.h"
#include "net/third_party/quic/platform/api/quic_string.h"
#include "net/third_party/quic/platform/api/quic_string_piece.h"
#include "third_party/boringssl/src/include/openssl/bio.h"

namespace quic {

// QuicTlsAdapter provides an implementation of CryptoMessageParser that takes
// incoming messages and provides them to be read in a BIO (used by the TLS
// stack to read incoming messages). Messages written to the BIO by the TLS
// stack are provided to the QuicTlsAdapter's consumer through the
// OnDataReceived method of the consumer's implementation of
// QuicTlsAdapter::Visitor.
//
// QuicTlsAdapter also provides an implementation of the BIO interface,
// openssl's abstraction used by the TLS stack for I/O. The BIO interface
// provides BIO_read, BIO_write, and BIO_flush methods, with an API very similar
// to Berkeley sockets. This is a non-blocking interface - if data is not
// available for the BIO consumer to read with BIO_read, it returns 0 bytes of
// data, and the BIO consumer must handle waiting for more data and only calling
// BIO_read once data is available to read. With a QuicTlsAdapter, the signal
// that data is available to read is provided by
// QuicTlsAdapter::Visitor::OnDataAvailableForBIO.
//
// In effect, the QuicTlsAdapter moves messages between the QuicCryptoStream and
// the TLS stack. On one end, the QuicTlsAdapter implements CryptoMessageParser
// to take incoming messages and make them available to be read through the BIO,
// and on the other end, it takes messages written to the BIO and once the BIO
// flushes them, sends them out to the QuicStream via the
// QuicTlsAdapter::Visitor.
//
// Data flows from a QuicCryptoStream to the TLS stack like so:
//  1. QuicCryptoStream::OnDataAvailable is called (by QuicStream) when data is
//     available on the stream.
//  2. OnDataAvailable calls CryptoMessageParser::ProcessInput; in the case of a
//     TLS crypto stream, this is QuicTlsAdapter::ProcessInput.
//  3. ProcessInput saves the data to QuicTlsAdapter's read buffer, and signals
//     that data is available to read by calling
//     QuicTlsAdapter::Visitor::OnDataAvailableForBIO.
//  4. TlsHandshaker (which implements QuicTlsAdapter::Visitor) receives the
//     OnDataAvailableForBIO, and has the TLS stack continue its handshake.
//  5. The TLS stack calls BIO_read to read handshake messages, and this call is
//     made on a BIO backed by QuicTlsAdapter.
//  6. BIO_read calls QuicTlsAdapter::BIOReadWrapper, which calls
//     QuicTlsAdapter::Read (on the appropriate instance) which provides the
//     data from the read buffer written to by QuicTlsAdapter::ProcessInput.
//
// Data flows from the TLS stack to the QUIC crypto stream like so:
//  1. The TLS stack makes multiple calls to BIO_write as it generates handshake
//     messages. Via QuicTlsAdapter::BIOWriteWrapper and QuicTlsAdapter::Write,
//     this data gets appended to the QuicTlsAdapter's write buffer.
//  2. Once the TLS stack has written a flight of handshake messages, it calls
//     BIO_flush. This, via QuicTlsAdapter::BIOCtrlWrapper and
//     QuicTlsAdapter::Flush, signals to QuicTlsAdapter's Visitor that data has
//     been received.
//  3. QuicTlsAdapter::Flush calls
//     QuicTlsAdapter::Visitor::OnDataReceivedFromBIO with the contents of the
//     write buffer.
//  4. TlsHandshaker receives the data from OnDataReceivedFromBIO, and writes it
//     to the QUIC crypto stream.
class QUIC_EXPORT QuicTlsAdapter : public CryptoMessageParser {
 public:
  // QuicTlsAdapter::Visitor is notified whenever data is received (in either
  // direction). When data is read from the QUIC crypto stream,
  // Visitor::OnDataAvailableForBIO is called so that the Visitor can continue
  // reading from the BIO. (E.g. in the case of a TlsHandshaker as the Visitor,
  // it would continue the TLS handshake, which uses a BIO for I/O.) When data
  // is written to a QuicTlsAdapter's BIO interface and then flushed,
  // Visitor::OnDataReceivedFromBIO is called to provide the Visitor with the
  // data to write to the QUIC crypto stream.
  class QUIC_EXPORT Visitor {
   public:
    virtual ~Visitor() {}

    // OnDataAvailableForBIO is called when QuicTlsAdapter has received data
    // (via ProcessInput) that is now available to be read by the BIO.
    virtual void OnDataAvailableForBIO() = 0;

    // OnDataReceivedFromBIO is called when data is written to the BIO. For
    // example, when the TLS stack writes messages to the BIO and then flushes
    // them, the resulting data will be made available to the Visitor via this
    // method, so that the Visitor can write the messages to the QuicStream. The
    // stringpiece |data| is only valid during the execution of this function;
    // implementations must consume all of |data|.
    virtual void OnDataReceivedFromBIO(const QuicStringPiece& data) = 0;
  };

  // Constructs a QuicTlsAdapter that will notify |visitor| when data is
  // available in either direction. The provided Visitor must outlive the
  // QuicTlsAdapter.
  explicit QuicTlsAdapter(Visitor* visitor);

  ~QuicTlsAdapter() override;

  QuicErrorCode error() const override;
  const QuicString& error_detail() const override;
  bool ProcessInput(QuicStringPiece input, EncryptionLevel level) override;
  size_t InputBytesRemaining() const override;

  BIO* bio() { return bio_.get(); }

 private:
  // The following methods, Read, Write, and Flush, are used to implement the
  // BIO.

  // Read copies up to |len| bytes from |read_buffer_| into |out|. It returns
  // the number of bytes copied, zero on EOF, or a negative number on error.
  int Read(char* out, int len);

  // Write appends |len| bytes from |in| to |write_buffer_|. It returns |len|,
  // or a negative number on error.
  int Write(const char* in, int len);

  // Flush calls Visitor::OnDataReceivedFromBIO with the data in
  // |write_buffer_| and then empties the buffer.
  void Flush();

  // Used by the static BIO*Wrapper methods to get the QuicTlsAdapter instance
  // to call Read/Write/Flush on.
  static QuicTlsAdapter* GetAdapter(BIO* bio);

  // Functions used to build a BIO_METHOD vtable. BIOReadWrapper calls Read,
  // BIOWriteWrapper calls Write, and BIOCtrlWrapper calls Flush if |cmd| is
  // |BIO_CTRL_FLUSH|.

  static int BIOReadWrapper(BIO* bio, char* out, int len);
  static int BIOWriteWrapper(BIO* bio, const char* in, int len);
  // BIOCtrlWrapper has the type it does so it can be used as the |ctrl| field
  // in a BIO_METHOD struct, hence the use of long as an argument  and return
  // type.
  // NOLINTNEXTLINE
  static long BIOCtrlWrapper(BIO* bio, int cmd, long larg, void* parg);

  static const BIO_METHOD kBIOMethod;

  // Visitor to call when QuicTlsAdapter receives data (in either direction).
  Visitor* visitor_;
  bssl::UniquePtr<BIO> bio_;

  // Buffer of data received from ProcessInput waiting to be read by the BIO.
  QuicString read_buffer_;

  // Buffer of data received from the BIO waiting to be handed off to
  // Visitor::OnDataReceivedFromBIO.
  QuicString write_buffer_;

  QuicString error_detail_;
};

}  // namespace quic

#endif  // NET_THIRD_PARTY_QUIC_CORE_CRYPTO_QUIC_TLS_ADAPTER_H_