1 /* 2 * 3 * Copyright 2015 gRPC authors. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 */ 18 19 #ifndef GRPC_CORE_TSI_TRANSPORT_SECURITY_H 20 #define GRPC_CORE_TSI_TRANSPORT_SECURITY_H 21 22 #include <grpc/support/port_platform.h> 23 24 #include <stdbool.h> 25 26 #include "src/core/lib/debug/trace.h" 27 #include "src/core/tsi/transport_security_interface.h" 28 29 extern grpc_core::TraceFlag tsi_tracing_enabled; 30 31 /* Base for tsi_frame_protector implementations. 32 See transport_security_interface.h for documentation. */ 33 struct tsi_frame_protector_vtable { 34 tsi_result (*protect)(tsi_frame_protector* self, 35 const unsigned char* unprotected_bytes, 36 size_t* unprotected_bytes_size, 37 unsigned char* protected_output_frames, 38 size_t* protected_output_frames_size); 39 tsi_result (*protect_flush)(tsi_frame_protector* self, 40 unsigned char* protected_output_frames, 41 size_t* protected_output_frames_size, 42 size_t* still_pending_size); 43 tsi_result (*unprotect)(tsi_frame_protector* self, 44 const unsigned char* protected_frames_bytes, 45 size_t* protected_frames_bytes_size, 46 unsigned char* unprotected_bytes, 47 size_t* unprotected_bytes_size); 48 void (*destroy)(tsi_frame_protector* self); 49 }; 50 struct tsi_frame_protector { 51 const tsi_frame_protector_vtable* vtable; 52 }; 53 54 /* Base for tsi_handshaker implementations. 55 See transport_security_interface.h for documentation. */ 56 struct tsi_handshaker_vtable { 57 tsi_result (*get_bytes_to_send_to_peer)(tsi_handshaker* self, 58 unsigned char* bytes, 59 size_t* bytes_size); 60 tsi_result (*process_bytes_from_peer)(tsi_handshaker* self, 61 const unsigned char* bytes, 62 size_t* bytes_size); 63 tsi_result (*get_result)(tsi_handshaker* self); 64 tsi_result (*extract_peer)(tsi_handshaker* self, tsi_peer* peer); 65 tsi_result (*create_frame_protector)(tsi_handshaker* self, 66 size_t* max_protected_frame_size, 67 tsi_frame_protector** protector); 68 void (*destroy)(tsi_handshaker* self); 69 tsi_result (*next)(tsi_handshaker* self, const unsigned char* received_bytes, 70 size_t received_bytes_size, 71 const unsigned char** bytes_to_send, 72 size_t* bytes_to_send_size, 73 tsi_handshaker_result** handshaker_result, 74 tsi_handshaker_on_next_done_cb cb, void* user_data); 75 void (*shutdown)(tsi_handshaker* self); 76 }; 77 struct tsi_handshaker { 78 const tsi_handshaker_vtable* vtable; 79 bool frame_protector_created; 80 bool handshaker_result_created; 81 bool handshake_shutdown; 82 }; 83 84 /* Base for tsi_handshaker_result implementations. 85 See transport_security_interface.h for documentation. 86 The exec_ctx parameter in create_zero_copy_grpc_protector is supposed to be 87 of type grpc_exec_ctx*, but we're using void* instead to avoid making the TSI 88 API depend on grpc. The create_zero_copy_grpc_protector() method is only used 89 in grpc, where we do need the exec_ctx passed through, but the API still 90 needs to compile in other applications, where grpc_exec_ctx is not defined. 91 */ 92 struct tsi_handshaker_result_vtable { 93 tsi_result (*extract_peer)(const tsi_handshaker_result* self, tsi_peer* peer); 94 tsi_result (*create_zero_copy_grpc_protector)( 95 const tsi_handshaker_result* self, 96 size_t* max_output_protected_frame_size, 97 tsi_zero_copy_grpc_protector** protector); 98 tsi_result (*create_frame_protector)(const tsi_handshaker_result* self, 99 size_t* max_output_protected_frame_size, 100 tsi_frame_protector** protector); 101 tsi_result (*get_unused_bytes)(const tsi_handshaker_result* self, 102 const unsigned char** bytes, 103 size_t* bytes_size); 104 void (*destroy)(tsi_handshaker_result* self); 105 }; 106 struct tsi_handshaker_result { 107 const tsi_handshaker_result_vtable* vtable; 108 }; 109 110 /* Peer and property construction/destruction functions. */ 111 tsi_result tsi_construct_peer(size_t property_count, tsi_peer* peer); 112 tsi_peer_property tsi_init_peer_property(void); 113 void tsi_peer_property_destruct(tsi_peer_property* property); 114 tsi_result tsi_construct_string_peer_property(const char* name, 115 const char* value, 116 size_t value_length, 117 tsi_peer_property* property); 118 tsi_result tsi_construct_allocated_string_peer_property( 119 const char* name, size_t value_length, tsi_peer_property* property); 120 tsi_result tsi_construct_string_peer_property_from_cstring( 121 const char* name, const char* value, tsi_peer_property* property); 122 const tsi_peer_property* tsi_peer_get_property_by_name(const tsi_peer* peer, 123 const char* name); 124 /* Utils. */ 125 char* tsi_strdup(const char* src); /* Sadly, no strdup in C89. */ 126 127 #endif /* GRPC_CORE_TSI_TRANSPORT_SECURITY_H */ 128