// // // Copyright 2018 gRPC authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // // #include <grpc/support/port_platform.h> #include "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h" #include <string.h> #include <grpc/support/alloc.h> #include <grpc/support/log.h> #include "src/core/lib/gpr/useful.h" #include "src/core/lib/gprpp/crash.h" #include "src/core/lib/iomgr/exec_ctx.h" #include "src/core/lib/slice/slice_internal.h" #include "src/core/tsi/alts/crypt/gsec.h" #include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h" #include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h" #include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h" #include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" #include "src/core/tsi/transport_security_grpc.h" constexpr size_t kMinFrameLength = …; constexpr size_t kDefaultFrameLength = …; constexpr size_t kMaxFrameLength = …; /// /// Main struct for alts_zero_copy_grpc_protector. /// We choose to have two alts_grpc_record_protocol objects and two sets of /// slice buffers: one for protect and the other for unprotect, so that protect /// and unprotect can be executed in parallel. Implementations of this object /// must be thread compatible. /// alts_zero_copy_grpc_protector; /// /// Given a slice buffer, parses the first 4 bytes little-endian unsigned frame /// size and returns the total frame size including the frame field. Caller /// needs to make sure the input slice buffer has at least 4 bytes. Returns true /// on success and false on failure. /// static bool read_frame_size(const grpc_slice_buffer* sb, uint32_t* total_frame_size) { … } /// /// Creates an alts_grpc_record_protocol object, given key, key size, and flags /// to indicate whether the record_protocol object uses the rekeying AEAD, /// whether the object is for client or server, whether the object is for /// integrity-only or privacy-integrity mode, and whether the object is used /// for protect or unprotect. /// static tsi_result create_alts_grpc_record_protocol( const uint8_t* key, size_t key_size, bool is_rekey, bool is_client, bool is_integrity_only, bool is_protect, bool enable_extra_copy, alts_grpc_record_protocol** record_protocol) { … } // --- tsi_zero_copy_grpc_protector methods implementation. --- static tsi_result alts_zero_copy_grpc_protector_protect( tsi_zero_copy_grpc_protector* self, grpc_slice_buffer* unprotected_slices, grpc_slice_buffer* protected_slices) { … } static tsi_result alts_zero_copy_grpc_protector_unprotect( tsi_zero_copy_grpc_protector* self, grpc_slice_buffer* protected_slices, grpc_slice_buffer* unprotected_slices, int* min_progress_size) { … } static void alts_zero_copy_grpc_protector_destroy( tsi_zero_copy_grpc_protector* self) { … } static tsi_result alts_zero_copy_grpc_protector_max_frame_size( tsi_zero_copy_grpc_protector* self, size_t* max_frame_size) { … } static const tsi_zero_copy_grpc_protector_vtable alts_zero_copy_grpc_protector_vtable = …; tsi_result alts_zero_copy_grpc_protector_create( const uint8_t* key, size_t key_size, bool is_rekey, bool is_client, bool is_integrity_only, bool enable_extra_copy, size_t* max_protected_frame_size, tsi_zero_copy_grpc_protector** protector) { … }
Codebase Browser
chromium