1 /* 2 * 3 * Copyright 2018 gRPC authors. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 */ 18 19 #ifndef GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_RECORD_PROTOCOL_CRYPTER_COMMON_H 20 #define GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_RECORD_PROTOCOL_CRYPTER_COMMON_H 21 22 #include <grpc/support/port_platform.h> 23 24 #include <grpc/grpc.h> 25 26 #include "src/core/tsi/alts/frame_protector/alts_counter.h" 27 #include "src/core/tsi/alts/frame_protector/alts_crypter.h" 28 29 /** 30 * This file contains common implementation that will be used in both seal and 31 * unseal operations. 32 */ 33 34 /** 35 * Main struct for alts_record_protocol_crypter that will be used in both 36 * seal and unseal operations. 37 */ 38 typedef struct alts_record_protocol_crypter { 39 alts_crypter base; 40 gsec_aead_crypter* crypter; 41 alts_counter* ctr; 42 } alts_record_protocol_crypter; 43 44 /** 45 * This method performs input sanity checks on a subset of inputs to 46 * alts_crypter_process_in_place() for both seal and unseal operations. 47 * 48 * - rp_crypter: an alts_record_protocol_crypter instance. 49 * - data: it represents raw data that needs to be sealed in a seal operation or 50 * protected data that needs to be unsealed in an unseal operation. 51 * - output_size: size of data written to the data buffer after a seal or 52 * unseal operation. 53 * - error_details: a buffer containing an error message if any of checked 54 * inputs is nullptr. It is legal to pass nullptr into error_details and 55 * otherwise, the parameter should be freed with gpr_free. 56 * 57 * On success, the method returns GRPC_STATUS_OK. Otherwise, 58 * it returns an error status code along with its details specified in 59 * error_details (if error_details is not nullptr). 60 */ 61 grpc_status_code input_sanity_check( 62 const alts_record_protocol_crypter* rp_crypter, const unsigned char* data, 63 size_t* output_size, char** error_details); 64 65 /** 66 * This method increments the counter within an alts_record_protocol_crypter 67 * instance. 68 * 69 * - rp_crypter: an alts_record_protocol_crypter instance. 70 * - error_details: a buffer containing an error message if the method does not 71 * function correctly or the counter is wrapped. It is legal to pass nullptr 72 * into error_details and otherwise, the parameter should be freed with 73 * gpr_free. 74 * 75 * On success, the method returns GRPC_STATUS_OK. Otherwise, 76 * it returns an error status code along with its details specified in 77 * error_details (if error_details is not nullptr). 78 */ 79 grpc_status_code increment_counter(alts_record_protocol_crypter* rp_crypter, 80 char** error_details); 81 82 /** 83 * This method creates an alts_crypter instance, and populates the fields 84 * that are common to both seal and unseal operations. 85 * 86 * - crypter: a gsec_aead_crypter instance used to perform AEAD decryption. The 87 * function does not take ownership of crypter. 88 * - is_client: a flag indicating if the alts_crypter instance will be 89 * used at the client (is_client = true) or server (is_client = 90 * false) side. 91 * - overflow_size: overflow size of counter in bytes. 92 * - error_details: a buffer containing an error message if the method does 93 * not function correctly. It is legal to pass nullptr into error_details, and 94 * otherwise, the parameter should be freed with gpr_free. 95 * 96 * On success of creation, the method returns alts_record_protocol_crypter 97 * instance. Otherwise, it returns nullptr with its details specified in 98 * error_details (if error_details is not nullptr). 99 * 100 */ 101 alts_record_protocol_crypter* alts_crypter_create_common( 102 gsec_aead_crypter* crypter, bool is_client, size_t overflow_size, 103 char** error_details); 104 105 /** 106 * For the following two methods, please refer to the corresponding API in 107 * alts_crypter.h for detailed specifications. 108 */ 109 size_t alts_record_protocol_crypter_num_overhead_bytes(const alts_crypter* c); 110 111 void alts_record_protocol_crypter_destruct(alts_crypter* c); 112 113 #endif /* GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_RECORD_PROTOCOL_CRYPTER_COMMON_H \ 114 */ 115