1 /* 2 * Copyright 2018 The gRPC Authors 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package io.grpc.alts.internal; 18 19 import io.netty.buffer.ByteBuf; 20 import io.netty.buffer.ByteBufAllocator; 21 import java.security.GeneralSecurityException; 22 import java.util.List; 23 24 /** 25 * This object protects and unprotects netty buffers once the handshake is done. 26 * 27 * <p>Implementations of this object must be thread compatible. 28 */ 29 public interface TsiFrameProtector { 30 31 /** 32 * Protects the buffers by performing framing and encrypting/appending MACs. 33 * 34 * @param unprotectedBufs contain the payload that will be protected 35 * @param ctxWrite is called with buffers containing protected frames and must release the given 36 * buffers 37 * @param alloc is used to allocate new buffers for the protected frames 38 */ protectFlush( List<ByteBuf> unprotectedBufs, Consumer<ByteBuf> ctxWrite, ByteBufAllocator alloc)39 void protectFlush( 40 List<ByteBuf> unprotectedBufs, Consumer<ByteBuf> ctxWrite, ByteBufAllocator alloc) 41 throws GeneralSecurityException; 42 43 /** 44 * Unprotects the buffers by removing the framing and decrypting/checking MACs. 45 * 46 * @param in contains (partial) protected frames 47 * @param out is only used to append unprotected payload buffers 48 * @param alloc is used to allocate new buffers for the unprotected frames 49 */ unprotect(ByteBuf in, List<Object> out, ByteBufAllocator alloc)50 void unprotect(ByteBuf in, List<Object> out, ByteBufAllocator alloc) 51 throws GeneralSecurityException; 52 53 /** Must be called to release all associated resources (instance cannot be used afterwards). */ destroy()54 void destroy(); 55 56 /** A mirror of java.util.function.Consumer without the Java 8 dependency. */ 57 interface Consumer<T> { accept(T t)58 void accept(T t); 59 } 60 } 61