1 //
2 //
3 // Copyright 2018 gRPC authors.
4 //
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 //
9 // http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 //
17 //
18
19 #include "src/core/tsi/alts/crypt/gsec.h"
20
21 #include <grpc/support/alloc.h>
22 #include <grpc/support/port_platform.h>
23 #include <stdio.h>
24 #include <string.h>
25
26 static const char vtable_error_msg[] =
27 "crypter or crypter->vtable has not been initialized properly";
28
maybe_copy_error_msg(const char * src,char ** dst)29 static void maybe_copy_error_msg(const char* src, char** dst) {
30 if (dst != nullptr && src != nullptr) {
31 *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1));
32 memcpy(*dst, src, strlen(src) + 1);
33 }
34 }
35
gsec_aead_crypter_encrypt(gsec_aead_crypter * crypter,const uint8_t * nonce,size_t nonce_length,const uint8_t * aad,size_t aad_length,const uint8_t * plaintext,size_t plaintext_length,uint8_t * ciphertext_and_tag,size_t ciphertext_and_tag_length,size_t * bytes_written,char ** error_details)36 grpc_status_code gsec_aead_crypter_encrypt(
37 gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
38 const uint8_t* aad, size_t aad_length, const uint8_t* plaintext,
39 size_t plaintext_length, uint8_t* ciphertext_and_tag,
40 size_t ciphertext_and_tag_length, size_t* bytes_written,
41 char** error_details) {
42 if (crypter != nullptr && crypter->vtable != nullptr &&
43 crypter->vtable->encrypt_iovec != nullptr) {
44 struct iovec aad_vec = {const_cast<uint8_t*>(aad), aad_length};
45 struct iovec plaintext_vec = {const_cast<uint8_t*>(plaintext),
46 plaintext_length};
47 struct iovec ciphertext_vec = {ciphertext_and_tag,
48 ciphertext_and_tag_length};
49 return crypter->vtable->encrypt_iovec(
50 crypter, nonce, nonce_length, &aad_vec, 1, &plaintext_vec, 1,
51 ciphertext_vec, bytes_written, error_details);
52 }
53 // An error occurred.
54 maybe_copy_error_msg(vtable_error_msg, error_details);
55 return GRPC_STATUS_INVALID_ARGUMENT;
56 }
57
gsec_aead_crypter_encrypt_iovec(gsec_aead_crypter * crypter,const uint8_t * nonce,size_t nonce_length,const struct iovec * aad_vec,size_t aad_vec_length,const struct iovec * plaintext_vec,size_t plaintext_vec_length,struct iovec ciphertext_vec,size_t * ciphertext_bytes_written,char ** error_details)58 grpc_status_code gsec_aead_crypter_encrypt_iovec(
59 gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
60 const struct iovec* aad_vec, size_t aad_vec_length,
61 const struct iovec* plaintext_vec, size_t plaintext_vec_length,
62 struct iovec ciphertext_vec, size_t* ciphertext_bytes_written,
63 char** error_details) {
64 if (crypter != nullptr && crypter->vtable != nullptr &&
65 crypter->vtable->encrypt_iovec != nullptr) {
66 return crypter->vtable->encrypt_iovec(
67 crypter, nonce, nonce_length, aad_vec, aad_vec_length, plaintext_vec,
68 plaintext_vec_length, ciphertext_vec, ciphertext_bytes_written,
69 error_details);
70 }
71 // An error occurred.
72 maybe_copy_error_msg(vtable_error_msg, error_details);
73 return GRPC_STATUS_INVALID_ARGUMENT;
74 }
75
gsec_aead_crypter_decrypt(gsec_aead_crypter * crypter,const uint8_t * nonce,size_t nonce_length,const uint8_t * aad,size_t aad_length,const uint8_t * ciphertext_and_tag,size_t ciphertext_and_tag_length,uint8_t * plaintext,size_t plaintext_length,size_t * bytes_written,char ** error_details)76 grpc_status_code gsec_aead_crypter_decrypt(
77 gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
78 const uint8_t* aad, size_t aad_length, const uint8_t* ciphertext_and_tag,
79 size_t ciphertext_and_tag_length, uint8_t* plaintext,
80 size_t plaintext_length, size_t* bytes_written, char** error_details) {
81 if (crypter != nullptr && crypter->vtable != nullptr &&
82 crypter->vtable->decrypt_iovec != nullptr) {
83 struct iovec aad_vec = {const_cast<uint8_t*>(aad), aad_length};
84 struct iovec ciphertext_vec = {const_cast<uint8_t*>(ciphertext_and_tag),
85 ciphertext_and_tag_length};
86 struct iovec plaintext_vec = {plaintext, plaintext_length};
87 return crypter->vtable->decrypt_iovec(
88 crypter, nonce, nonce_length, &aad_vec, 1, &ciphertext_vec, 1,
89 plaintext_vec, bytes_written, error_details);
90 }
91 // An error occurred.
92 maybe_copy_error_msg(vtable_error_msg, error_details);
93 return GRPC_STATUS_INVALID_ARGUMENT;
94 }
95
gsec_aead_crypter_decrypt_iovec(gsec_aead_crypter * crypter,const uint8_t * nonce,size_t nonce_length,const struct iovec * aad_vec,size_t aad_vec_length,const struct iovec * ciphertext_vec,size_t ciphertext_vec_length,struct iovec plaintext_vec,size_t * plaintext_bytes_written,char ** error_details)96 grpc_status_code gsec_aead_crypter_decrypt_iovec(
97 gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
98 const struct iovec* aad_vec, size_t aad_vec_length,
99 const struct iovec* ciphertext_vec, size_t ciphertext_vec_length,
100 struct iovec plaintext_vec, size_t* plaintext_bytes_written,
101 char** error_details) {
102 if (crypter != nullptr && crypter->vtable != nullptr &&
103 crypter->vtable->encrypt_iovec != nullptr) {
104 return crypter->vtable->decrypt_iovec(
105 crypter, nonce, nonce_length, aad_vec, aad_vec_length, ciphertext_vec,
106 ciphertext_vec_length, plaintext_vec, plaintext_bytes_written,
107 error_details);
108 }
109 // An error occurred.
110 maybe_copy_error_msg(vtable_error_msg, error_details);
111 return GRPC_STATUS_INVALID_ARGUMENT;
112 }
113
gsec_aead_crypter_max_ciphertext_and_tag_length(const gsec_aead_crypter * crypter,size_t plaintext_length,size_t * max_ciphertext_and_tag_length_to_return,char ** error_details)114 grpc_status_code gsec_aead_crypter_max_ciphertext_and_tag_length(
115 const gsec_aead_crypter* crypter, size_t plaintext_length,
116 size_t* max_ciphertext_and_tag_length_to_return, char** error_details) {
117 if (crypter != nullptr && crypter->vtable != nullptr &&
118 crypter->vtable->max_ciphertext_and_tag_length != nullptr) {
119 return crypter->vtable->max_ciphertext_and_tag_length(
120 crypter, plaintext_length, max_ciphertext_and_tag_length_to_return,
121 error_details);
122 }
123 // An error occurred.
124 maybe_copy_error_msg(vtable_error_msg, error_details);
125 return GRPC_STATUS_INVALID_ARGUMENT;
126 }
127
gsec_aead_crypter_max_plaintext_length(const gsec_aead_crypter * crypter,size_t ciphertext_and_tag_length,size_t * max_plaintext_length_to_return,char ** error_details)128 grpc_status_code gsec_aead_crypter_max_plaintext_length(
129 const gsec_aead_crypter* crypter, size_t ciphertext_and_tag_length,
130 size_t* max_plaintext_length_to_return, char** error_details) {
131 if (crypter != nullptr && crypter->vtable != nullptr &&
132 crypter->vtable->max_plaintext_length != nullptr) {
133 return crypter->vtable->max_plaintext_length(
134 crypter, ciphertext_and_tag_length, max_plaintext_length_to_return,
135 error_details);
136 }
137 // An error occurred.
138 maybe_copy_error_msg(vtable_error_msg, error_details);
139 return GRPC_STATUS_INVALID_ARGUMENT;
140 }
141
gsec_aead_crypter_nonce_length(const gsec_aead_crypter * crypter,size_t * nonce_length_to_return,char ** error_details)142 grpc_status_code gsec_aead_crypter_nonce_length(
143 const gsec_aead_crypter* crypter, size_t* nonce_length_to_return,
144 char** error_details) {
145 if (crypter != nullptr && crypter->vtable != nullptr &&
146 crypter->vtable->nonce_length != nullptr) {
147 return crypter->vtable->nonce_length(crypter, nonce_length_to_return,
148 error_details);
149 }
150 // An error occurred.
151 maybe_copy_error_msg(vtable_error_msg, error_details);
152 return GRPC_STATUS_INVALID_ARGUMENT;
153 }
154
gsec_aead_crypter_key_length(const gsec_aead_crypter * crypter,size_t * key_length_to_return,char ** error_details)155 grpc_status_code gsec_aead_crypter_key_length(const gsec_aead_crypter* crypter,
156 size_t* key_length_to_return,
157 char** error_details) {
158 if (crypter != nullptr && crypter->vtable != nullptr &&
159 crypter->vtable->key_length != nullptr) {
160 return crypter->vtable->key_length(crypter, key_length_to_return,
161 error_details);
162 }
163 // An error occurred
164 maybe_copy_error_msg(vtable_error_msg, error_details);
165 return GRPC_STATUS_INVALID_ARGUMENT;
166 }
167
gsec_aead_crypter_tag_length(const gsec_aead_crypter * crypter,size_t * tag_length_to_return,char ** error_details)168 grpc_status_code gsec_aead_crypter_tag_length(const gsec_aead_crypter* crypter,
169 size_t* tag_length_to_return,
170 char** error_details) {
171 if (crypter != nullptr && crypter->vtable != nullptr &&
172 crypter->vtable->tag_length != nullptr) {
173 return crypter->vtable->tag_length(crypter, tag_length_to_return,
174 error_details);
175 }
176 // An error occurred.
177 maybe_copy_error_msg(vtable_error_msg, error_details);
178 return GRPC_STATUS_INVALID_ARGUMENT;
179 }
180
gsec_aead_crypter_destroy(gsec_aead_crypter * crypter)181 void gsec_aead_crypter_destroy(gsec_aead_crypter* crypter) {
182 if (crypter != nullptr) {
183 if (crypter->vtable != nullptr && crypter->vtable->destruct != nullptr) {
184 crypter->vtable->destruct(crypter);
185 }
186 gpr_free(crypter);
187 }
188 }
189