1 /* 2 * 3 * Copyright 2015 gRPC authors. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 */ 18 19 #ifndef GRPC_CORE_TSI_TRANSPORT_SECURITY_H 20 #define GRPC_CORE_TSI_TRANSPORT_SECURITY_H 21 22 #include <grpc/support/port_platform.h> 23 24 #include <stdbool.h> 25 26 #include "src/core/lib/debug/trace.h" 27 #include "src/core/tsi/transport_security_interface.h" 28 29 extern grpc_core::TraceFlag tsi_tracing_enabled; 30 31 /* Base for tsi_frame_protector implementations. 32 See transport_security_interface.h for documentation. */ 33 typedef struct { 34 tsi_result (*protect)(tsi_frame_protector* self, 35 const unsigned char* unprotected_bytes, 36 size_t* unprotected_bytes_size, 37 unsigned char* protected_output_frames, 38 size_t* protected_output_frames_size); 39 tsi_result (*protect_flush)(tsi_frame_protector* self, 40 unsigned char* protected_output_frames, 41 size_t* protected_output_frames_size, 42 size_t* still_pending_size); 43 tsi_result (*unprotect)(tsi_frame_protector* self, 44 const unsigned char* protected_frames_bytes, 45 size_t* protected_frames_bytes_size, 46 unsigned char* unprotected_bytes, 47 size_t* unprotected_bytes_size); 48 void (*destroy)(tsi_frame_protector* self); 49 } tsi_frame_protector_vtable; 50 51 struct tsi_frame_protector { 52 const tsi_frame_protector_vtable* vtable; 53 }; 54 55 /* Base for tsi_handshaker implementations. 56 See transport_security_interface.h for documentation. */ 57 typedef struct { 58 tsi_result (*get_bytes_to_send_to_peer)(tsi_handshaker* self, 59 unsigned char* bytes, 60 size_t* bytes_size); 61 tsi_result (*process_bytes_from_peer)(tsi_handshaker* self, 62 const unsigned char* bytes, 63 size_t* bytes_size); 64 tsi_result (*get_result)(tsi_handshaker* self); 65 tsi_result (*extract_peer)(tsi_handshaker* self, tsi_peer* peer); 66 tsi_result (*create_frame_protector)(tsi_handshaker* self, 67 size_t* max_protected_frame_size, 68 tsi_frame_protector** protector); 69 void (*destroy)(tsi_handshaker* self); 70 tsi_result (*next)(tsi_handshaker* self, const unsigned char* received_bytes, 71 size_t received_bytes_size, 72 const unsigned char** bytes_to_send, 73 size_t* bytes_to_send_size, 74 tsi_handshaker_result** handshaker_result, 75 tsi_handshaker_on_next_done_cb cb, void* user_data); 76 void (*shutdown)(tsi_handshaker* self); 77 } tsi_handshaker_vtable; 78 79 struct tsi_handshaker { 80 const tsi_handshaker_vtable* vtable; 81 bool frame_protector_created; 82 bool handshaker_result_created; 83 bool handshake_shutdown; 84 }; 85 86 /* Base for tsi_handshaker_result implementations. 87 See transport_security_interface.h for documentation. 88 The exec_ctx parameter in create_zero_copy_grpc_protector is supposed to be 89 of type grpc_exec_ctx*, but we're using void* instead to avoid making the TSI 90 API depend on grpc. The create_zero_copy_grpc_protector() method is only used 91 in grpc, where we do need the exec_ctx passed through, but the API still 92 needs to compile in other applications, where grpc_exec_ctx is not defined. 93 */ 94 typedef struct { 95 tsi_result (*extract_peer)(const tsi_handshaker_result* self, tsi_peer* peer); 96 tsi_result (*create_zero_copy_grpc_protector)( 97 const tsi_handshaker_result* self, 98 size_t* max_output_protected_frame_size, 99 tsi_zero_copy_grpc_protector** protector); 100 tsi_result (*create_frame_protector)(const tsi_handshaker_result* self, 101 size_t* max_output_protected_frame_size, 102 tsi_frame_protector** protector); 103 tsi_result (*get_unused_bytes)(const tsi_handshaker_result* self, 104 const unsigned char** bytes, 105 size_t* bytes_size); 106 void (*destroy)(tsi_handshaker_result* self); 107 } tsi_handshaker_result_vtable; 108 109 struct tsi_handshaker_result { 110 const tsi_handshaker_result_vtable* vtable; 111 }; 112 113 /* Peer and property construction/destruction functions. */ 114 tsi_result tsi_construct_peer(size_t property_count, tsi_peer* peer); 115 tsi_peer_property tsi_init_peer_property(void); 116 void tsi_peer_property_destruct(tsi_peer_property* property); 117 tsi_result tsi_construct_string_peer_property(const char* name, 118 const char* value, 119 size_t value_length, 120 tsi_peer_property* property); 121 tsi_result tsi_construct_allocated_string_peer_property( 122 const char* name, size_t value_length, tsi_peer_property* property); 123 tsi_result tsi_construct_string_peer_property_from_cstring( 124 const char* name, const char* value, tsi_peer_property* property); 125 126 /* Utils. */ 127 char* tsi_strdup(const char* src); /* Sadly, no strdup in C89. */ 128 129 #endif /* GRPC_CORE_TSI_TRANSPORT_SECURITY_H */ 130