Add ALTS code to grpc/core
diff --git a/BUILD b/BUILD
index 4fe3dc6..9c99f95 100644
--- a/BUILD
+++ b/BUILD
@@ -1326,6 +1326,8 @@
"src/core/lib/security/credentials/oauth2/oauth2_credentials.cc",
"src/core/lib/security/credentials/plugin/plugin_credentials.cc",
"src/core/lib/security/credentials/ssl/ssl_credentials.cc",
+ "src/core/lib/security/credentials/alts/alts_credentials.cc",
+ "src/core/lib/security/security_connector/alts_security_connector.cc",
"src/core/lib/security/security_connector/security_connector.cc",
"src/core/lib/security/transport/client_auth_filter.cc",
"src/core/lib/security/transport/secure_endpoint.cc",
@@ -1349,6 +1351,8 @@
"src/core/lib/security/credentials/oauth2/oauth2_credentials.h",
"src/core/lib/security/credentials/plugin/plugin_credentials.h",
"src/core/lib/security/credentials/ssl/ssl_credentials.h",
+ "src/core/lib/security/credentials/alts/alts_credentials.h",
+ "src/core/lib/security/security_connector/alts_security_connector.h",
"src/core/lib/security/security_connector/security_connector.h",
"src/core/lib/security/transport/auth_filters.h",
"src/core/lib/security/transport/secure_endpoint.h",
@@ -1360,6 +1364,7 @@
language = "c++",
public_hdrs = GRPC_SECURE_PUBLIC_HDRS,
deps = [
+ "alts_util",
"grpc_base",
"grpc_transport_chttp2_alpn",
"tsi",
@@ -1583,15 +1588,118 @@
)
grpc_cc_library(
+ name = "alts_frame_protector",
+ srcs = [
+ "src/core/tsi/alts/crypt/aes_gcm.cc",
+ "src/core/tsi/alts/crypt/gsec.cc",
+ "src/core/tsi/alts/frame_protector/alts_counter.cc",
+ "src/core/tsi/alts/frame_protector/alts_crypter.cc",
+ "src/core/tsi/alts/frame_protector/alts_frame_protector.cc",
+ "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc",
+ "src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc",
+ "src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc",
+ "src/core/tsi/alts/frame_protector/frame_handler.cc",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc",
+ ],
+ hdrs = [
+ "src/core/tsi/alts/crypt/gsec.h",
+ "src/core/tsi/alts/frame_protector/alts_counter.h",
+ "src/core/tsi/alts/frame_protector/alts_crypter.h",
+ "src/core/tsi/alts/frame_protector/alts_frame_protector.h",
+ "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h",
+ "src/core/tsi/alts/frame_protector/frame_handler.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h",
+ "src/core/tsi/transport_security_grpc.h",
+ ],
+ external_deps = [
+ "libssl",
+ ],
+ language = "c++",
+ deps = [
+ "gpr",
+ "grpc_base",
+ "tsi_interface",
+ ],
+)
+
+grpc_cc_library(
+ name = "alts_proto",
+ srcs = [
+ "src/core/tsi/alts/handshaker/altscontext.pb.c",
+ "src/core/tsi/alts/handshaker/handshaker.pb.c",
+ "src/core/tsi/alts/handshaker/transport_security_common.pb.c",
+ ],
+ hdrs = [
+ "src/core/tsi/alts/handshaker/altscontext.pb.h",
+ "src/core/tsi/alts/handshaker/handshaker.pb.h",
+ "src/core/tsi/alts/handshaker/transport_security_common.pb.h",
+ ],
+ external_deps = [
+ "nanopb",
+ ],
+ language = "c++",
+)
+
+grpc_cc_library(
+ name = "alts_util",
+ srcs = [
+ "src/core/lib/security/credentials/alts/check_gcp_environment.cc",
+ "src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc",
+ "src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc",
+ "src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc",
+ "src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc",
+ "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc",
+ "src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc",
+ "src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc",
+ "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc",
+ "src/core/tsi/alts/handshaker/transport_security_common_api.cc",
+ ],
+ hdrs = [
+ "src/core/lib/security/credentials/alts/check_gcp_environment.h",
+ "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h",
+ "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h",
+ "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h",
+ "src/core/tsi/alts/handshaker/transport_security_common_api.h",
+ ],
+ external_deps = [
+ "nanopb",
+ ],
+ language = "c++",
+ deps = [
+ "alts_proto",
+ "gpr",
+ "grpc_base",
+ ],
+)
+
+grpc_cc_library(
name = "tsi",
srcs = [
"src/core/tsi/alts_transport_security.cc",
+ "src/core/tsi/alts/handshaker/alts_handshaker_client.cc",
+ "src/core/tsi/alts/handshaker/alts_tsi_event.cc",
+ "src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc",
+ "src/core/tsi/alts/handshaker/alts_tsi_utils.cc",
"src/core/tsi/fake_transport_security.cc",
"src/core/tsi/ssl_transport_security.cc",
"src/core/tsi/transport_security_grpc.cc",
],
hdrs = [
"src/core/tsi/alts_transport_security.h",
+ "src/core/tsi/alts/handshaker/alts_handshaker_client.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_event.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_utils.h",
"src/core/tsi/fake_transport_security.h",
"src/core/tsi/ssl_transport_security.h",
"src/core/tsi/ssl_types.h",
@@ -1602,7 +1710,11 @@
],
language = "c++",
deps = [
+ "alts_frame_protector",
+ "alts_util",
+ "gpr",
"grpc_base",
+ "grpc_transport_chttp2_client_insecure",
"tsi_interface",
],
)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index ab4fa8a..5dfbdcb 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -91,6 +91,8 @@
set(CMAKE_POSITION_INDEPENDENT_CODE TRUE)
+add_definitions(-DPB_FIELD_16BIT)
+
if (MSVC)
include(cmake/msvc_static_runtime.cmake)
add_definitions(-D_WIN32_WINNT=0x600 -D_SCL_SECURE_NO_WARNINGS -D_CRT_SECURE_NO_WARNINGS -D_WINSOCK_DEPRECATED_NO_WARNINGS)
@@ -469,6 +471,19 @@
add_custom_target(buildtests_cxx)
add_dependencies(buildtests_cxx alarm_test)
+add_dependencies(buildtests_cxx alts_counter_test)
+add_dependencies(buildtests_cxx alts_crypt_test)
+add_dependencies(buildtests_cxx alts_crypter_test)
+add_dependencies(buildtests_cxx alts_frame_handler_test)
+add_dependencies(buildtests_cxx alts_frame_protector_test)
+add_dependencies(buildtests_cxx alts_grpc_record_protocol_test)
+add_dependencies(buildtests_cxx alts_handshaker_client_test)
+add_dependencies(buildtests_cxx alts_handshaker_service_api_test)
+add_dependencies(buildtests_cxx alts_iovec_record_protocol_test)
+add_dependencies(buildtests_cxx alts_security_connector_test)
+add_dependencies(buildtests_cxx alts_tsi_handshaker_test)
+add_dependencies(buildtests_cxx alts_tsi_utils_test)
+add_dependencies(buildtests_cxx alts_zero_copy_grpc_protector_test)
add_dependencies(buildtests_cxx async_end2end_test)
add_dependencies(buildtests_cxx auth_property_iterator_test)
add_dependencies(buildtests_cxx backoff_test)
@@ -517,6 +532,8 @@
endif()
add_dependencies(buildtests_cxx channel_arguments_test)
add_dependencies(buildtests_cxx channel_filter_test)
+add_dependencies(buildtests_cxx check_gcp_environment_linux_test)
+add_dependencies(buildtests_cxx check_gcp_environment_windows_test)
add_dependencies(buildtests_cxx chttp2_settings_timeout_test)
add_dependencies(buildtests_cxx cli_call_test)
add_dependencies(buildtests_cxx client_channel_stress_test)
@@ -538,6 +555,7 @@
add_dependencies(buildtests_cxx filter_end2end_test)
add_dependencies(buildtests_cxx generic_end2end_test)
add_dependencies(buildtests_cxx golden_file_test)
+add_dependencies(buildtests_cxx grpc_alts_credentials_options_test)
add_dependencies(buildtests_cxx grpc_cli)
add_dependencies(buildtests_cxx grpc_tool_test)
add_dependencies(buildtests_cxx grpclb_api_test)
@@ -611,6 +629,7 @@
add_dependencies(buildtests_cxx thread_manager_test)
add_dependencies(buildtests_cxx thread_stress_test)
add_dependencies(buildtests_cxx transport_pid_controller_test)
+add_dependencies(buildtests_cxx transport_security_common_api_test)
if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX)
add_dependencies(buildtests_cxx writes_per_rpc_test)
endif()
@@ -631,6 +650,44 @@
DEPENDS buildtests_c buildtests_cxx)
endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_library(alts_test_util
+ test/core/tsi/alts/crypt/gsec_test_util.cc
+ test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc
+)
+
+if(WIN32 AND MSVC)
+ set_target_properties(alts_test_util PROPERTIES COMPILE_PDB_NAME "alts_test_util"
+ COMPILE_PDB_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}"
+ )
+ if (gRPC_INSTALL)
+ install(FILES ${CMAKE_CURRENT_BINARY_DIR}/alts_test_util.pdb
+ DESTINATION ${gRPC_INSTALL_LIBDIR} OPTIONAL
+ )
+ endif()
+endif()
+
+
+target_include_directories(alts_test_util
+ PUBLIC $<INSTALL_INTERFACE:${gRPC_INSTALL_INCLUDEDIR}> $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+)
+
+target_link_libraries(alts_test_util
+ ${_gRPC_SSL_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ grpc
+)
+
+
+endif (gRPC_BUILD_TESTS)
add_library(gpr
src/core/lib/gpr/alloc.cc
@@ -959,6 +1016,7 @@
src/core/ext/filters/http/server/http_server_filter.cc
src/core/lib/http/httpcli_security_connector.cc
src/core/lib/security/context/security_context.cc
+ src/core/lib/security/credentials/alts/alts_credentials.cc
src/core/lib/security/credentials/composite/composite_credentials.cc
src/core/lib/security/credentials/credentials.cc
src/core/lib/security/credentials/credentials_metadata.cc
@@ -972,6 +1030,7 @@
src/core/lib/security/credentials/oauth2/oauth2_credentials.cc
src/core/lib/security/credentials/plugin/plugin_credentials.cc
src/core/lib/security/credentials/ssl/ssl_credentials.cc
+ src/core/lib/security/security_connector/alts_security_connector.cc
src/core/lib/security/security_connector/security_connector.cc
src/core/lib/security/transport/client_auth_filter.cc
src/core/lib/security/transport/secure_endpoint.cc
@@ -981,14 +1040,45 @@
src/core/lib/security/transport/tsi_error.cc
src/core/lib/security/util/json_util.cc
src/core/lib/surface/init_secure.cc
- src/core/tsi/alts_transport_security.cc
- src/core/tsi/fake_transport_security.cc
- src/core/tsi/ssl_transport_security.cc
- src/core/tsi/transport_security_grpc.cc
+ src/core/tsi/alts/crypt/aes_gcm.cc
+ src/core/tsi/alts/crypt/gsec.cc
+ src/core/tsi/alts/frame_protector/alts_counter.cc
+ src/core/tsi/alts/frame_protector/alts_crypter.cc
+ src/core/tsi/alts/frame_protector/alts_frame_protector.cc
+ src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc
+ src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc
+ src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc
+ src/core/tsi/alts/frame_protector/frame_handler.cc
+ src/core/tsi/alts/handshaker/alts_handshaker_client.cc
+ src/core/tsi/alts/handshaker/alts_tsi_event.cc
+ src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc
+ src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc
+ src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc
+ src/core/lib/security/credentials/alts/check_gcp_environment.cc
+ src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc
+ src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc
+ src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc
+ src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc
+ src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc
+ src/core/tsi/alts/handshaker/alts_tsi_utils.cc
+ src/core/tsi/alts/handshaker/transport_security_common_api.cc
+ src/core/tsi/alts/handshaker/altscontext.pb.c
+ src/core/tsi/alts/handshaker/handshaker.pb.c
+ src/core/tsi/alts/handshaker/transport_security_common.pb.c
+ third_party/nanopb/pb_common.c
+ third_party/nanopb/pb_decode.c
+ third_party/nanopb/pb_encode.c
src/core/tsi/transport_security.cc
src/core/tsi/transport_security_adapter.cc
- src/core/ext/transport/chttp2/server/chttp2_server.cc
- src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc
+ src/core/ext/transport/chttp2/client/insecure/channel_create.cc
+ src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc
+ src/core/ext/transport/chttp2/client/chttp2_connector.cc
src/core/ext/filters/client_channel/backup_poller.cc
src/core/ext/filters/client_channel/channel_connectivity.cc
src/core/ext/filters/client_channel/client_channel.cc
@@ -1012,11 +1102,14 @@
src/core/ext/filters/client_channel/subchannel_index.cc
src/core/ext/filters/client_channel/uri_parser.cc
src/core/ext/filters/deadline/deadline_filter.cc
- src/core/ext/transport/chttp2/client/chttp2_connector.cc
+ src/core/tsi/alts_transport_security.cc
+ src/core/tsi/fake_transport_security.cc
+ src/core/tsi/ssl_transport_security.cc
+ src/core/tsi/transport_security_grpc.cc
+ src/core/ext/transport/chttp2/server/chttp2_server.cc
+ src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc
src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc
src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc
- src/core/ext/transport/chttp2/client/insecure/channel_create.cc
- src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc
src/core/ext/transport/inproc/inproc_plugin.cc
src/core/ext/transport/inproc/inproc_transport.cc
src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc
@@ -1025,9 +1118,6 @@
src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc
src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc
src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c
- third_party/nanopb/pb_common.c
- third_party/nanopb/pb_decode.c
- third_party/nanopb/pb_encode.c
src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc
src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc
src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc
@@ -1327,6 +1417,7 @@
src/core/ext/filters/deadline/deadline_filter.cc
src/core/lib/http/httpcli_security_connector.cc
src/core/lib/security/context/security_context.cc
+ src/core/lib/security/credentials/alts/alts_credentials.cc
src/core/lib/security/credentials/composite/composite_credentials.cc
src/core/lib/security/credentials/credentials.cc
src/core/lib/security/credentials/credentials_metadata.cc
@@ -1340,6 +1431,7 @@
src/core/lib/security/credentials/oauth2/oauth2_credentials.cc
src/core/lib/security/credentials/plugin/plugin_credentials.cc
src/core/lib/security/credentials/ssl/ssl_credentials.cc
+ src/core/lib/security/security_connector/alts_security_connector.cc
src/core/lib/security/security_connector/security_connector.cc
src/core/lib/security/transport/client_auth_filter.cc
src/core/lib/security/transport/secure_endpoint.cc
@@ -1349,13 +1441,49 @@
src/core/lib/security/transport/tsi_error.cc
src/core/lib/security/util/json_util.cc
src/core/lib/surface/init_secure.cc
+ src/core/tsi/alts/crypt/aes_gcm.cc
+ src/core/tsi/alts/crypt/gsec.cc
+ src/core/tsi/alts/frame_protector/alts_counter.cc
+ src/core/tsi/alts/frame_protector/alts_crypter.cc
+ src/core/tsi/alts/frame_protector/alts_frame_protector.cc
+ src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc
+ src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc
+ src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc
+ src/core/tsi/alts/frame_protector/frame_handler.cc
+ src/core/tsi/alts/handshaker/alts_handshaker_client.cc
+ src/core/tsi/alts/handshaker/alts_tsi_event.cc
+ src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc
+ src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc
+ src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc
+ src/core/lib/security/credentials/alts/check_gcp_environment.cc
+ src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc
+ src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc
+ src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc
+ src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc
+ src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc
+ src/core/tsi/alts/handshaker/alts_tsi_utils.cc
+ src/core/tsi/alts/handshaker/transport_security_common_api.cc
+ src/core/tsi/alts/handshaker/altscontext.pb.c
+ src/core/tsi/alts/handshaker/handshaker.pb.c
+ src/core/tsi/alts/handshaker/transport_security_common.pb.c
+ third_party/nanopb/pb_common.c
+ third_party/nanopb/pb_decode.c
+ third_party/nanopb/pb_encode.c
+ src/core/tsi/transport_security.cc
+ src/core/tsi/transport_security_adapter.cc
+ src/core/ext/transport/chttp2/client/insecure/channel_create.cc
+ src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc
+ src/core/ext/transport/chttp2/client/chttp2_connector.cc
src/core/tsi/alts_transport_security.cc
src/core/tsi/fake_transport_security.cc
src/core/tsi/ssl_transport_security.cc
src/core/tsi/transport_security_grpc.cc
- src/core/tsi/transport_security.cc
- src/core/tsi/transport_security_adapter.cc
- src/core/ext/transport/chttp2/client/chttp2_connector.cc
src/core/ext/filters/load_reporting/server_load_reporting_filter.cc
src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc
src/core/plugin_registry/grpc_cronet_plugin_registry.cc
@@ -8661,6 +8789,462 @@
endif (gRPC_BUILD_TESTS)
if (gRPC_BUILD_TESTS)
+add_executable(alts_counter_test
+ test/core/tsi/alts/frame_protector/alts_counter_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_counter_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_counter_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_crypt_test
+ test/core/tsi/alts/crypt/aes_gcm_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_crypt_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_crypt_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_crypter_test
+ test/core/tsi/alts/frame_protector/alts_crypter_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_crypter_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_crypter_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_frame_handler_test
+ test/core/tsi/alts/frame_protector/frame_handler_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_frame_handler_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_frame_handler_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_frame_protector_test
+ test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc
+ test/core/tsi/transport_security_test_lib.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_frame_protector_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_frame_protector_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_grpc_record_protocol_test
+ test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_grpc_record_protocol_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_grpc_record_protocol_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_handshaker_client_test
+ test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_handshaker_client_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_handshaker_client_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_handshaker_service_api_test
+ test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_handshaker_service_api_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_handshaker_service_api_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_iovec_record_protocol_test
+ test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_iovec_record_protocol_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_iovec_record_protocol_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_security_connector_test
+ test/core/security/alts_security_connector_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_security_connector_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_security_connector_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_tsi_handshaker_test
+ test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_tsi_handshaker_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_tsi_handshaker_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_tsi_utils_test
+ test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_tsi_utils_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_tsi_utils_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(alts_zero_copy_grpc_protector_test
+ test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(alts_zero_copy_grpc_protector_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(alts_zero_copy_grpc_protector_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
add_executable(async_end2end_test
test/cpp/end2end/async_end2end_test.cc
third_party/googletest/googletest/src/gtest-all.cc
@@ -9470,6 +10054,74 @@
endif (gRPC_BUILD_TESTS)
if (gRPC_BUILD_TESTS)
+add_executable(check_gcp_environment_linux_test
+ test/core/security/check_gcp_environment_linux_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(check_gcp_environment_linux_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(check_gcp_environment_linux_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ grpc
+ gpr
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
+add_executable(check_gcp_environment_windows_test
+ test/core/security/check_gcp_environment_windows_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(check_gcp_environment_windows_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(check_gcp_environment_windows_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ grpc
+ gpr
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
add_executable(chttp2_settings_timeout_test
test/core/transport/chttp2/settings_timeout_test.cc
third_party/googletest/googletest/src/gtest-all.cc
@@ -10263,6 +10915,40 @@
endif (gRPC_BUILD_TESTS)
if (gRPC_BUILD_TESTS)
+add_executable(grpc_alts_credentials_options_test
+ test/core/security/grpc_alts_credentials_options_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(grpc_alts_credentials_options_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(grpc_alts_credentials_options_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ grpc
+ gpr
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+
add_executable(grpc_cli
test/cpp/util/grpc_cli.cc
third_party/googletest/googletest/src/gtest-all.cc
@@ -12603,6 +13289,41 @@
endif (gRPC_BUILD_TESTS)
if (gRPC_BUILD_TESTS)
+
+add_executable(transport_security_common_api_test
+ test/core/tsi/alts/handshaker/transport_security_common_api_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+
+target_include_directories(transport_security_common_api_test
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+ PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+ PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+ PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+ PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+ PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+ PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+ PRIVATE third_party/googletest/googletest/include
+ PRIVATE third_party/googletest/googletest
+ PRIVATE third_party/googletest/googlemock/include
+ PRIVATE third_party/googletest/googlemock
+ PRIVATE ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(transport_security_common_api_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ alts_test_util
+ gpr
+ grpc
+ ${_gRPC_GFLAGS_LIBRARIES}
+)
+
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX)
add_executable(writes_per_rpc_test
diff --git a/Makefile b/Makefile
index b090b9f..7bc2c82 100644
--- a/Makefile
+++ b/Makefile
@@ -338,6 +338,8 @@
COREFLAGS += -fno-rtti -fno-exceptions
LDFLAGS += -g
+DEFINES += PB_FIELD_16BIT
+
CPPFLAGS += $(CPPFLAGS_$(CONFIG))
CFLAGS += $(CFLAGS_$(CONFIG))
CXXFLAGS += $(CXXFLAGS_$(CONFIG))
@@ -1094,6 +1096,19 @@
uri_parser_test: $(BINDIR)/$(CONFIG)/uri_parser_test
wakeup_fd_cv_test: $(BINDIR)/$(CONFIG)/wakeup_fd_cv_test
alarm_test: $(BINDIR)/$(CONFIG)/alarm_test
+alts_counter_test: $(BINDIR)/$(CONFIG)/alts_counter_test
+alts_crypt_test: $(BINDIR)/$(CONFIG)/alts_crypt_test
+alts_crypter_test: $(BINDIR)/$(CONFIG)/alts_crypter_test
+alts_frame_handler_test: $(BINDIR)/$(CONFIG)/alts_frame_handler_test
+alts_frame_protector_test: $(BINDIR)/$(CONFIG)/alts_frame_protector_test
+alts_grpc_record_protocol_test: $(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test
+alts_handshaker_client_test: $(BINDIR)/$(CONFIG)/alts_handshaker_client_test
+alts_handshaker_service_api_test: $(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test
+alts_iovec_record_protocol_test: $(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test
+alts_security_connector_test: $(BINDIR)/$(CONFIG)/alts_security_connector_test
+alts_tsi_handshaker_test: $(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test
+alts_tsi_utils_test: $(BINDIR)/$(CONFIG)/alts_tsi_utils_test
+alts_zero_copy_grpc_protector_test: $(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test
async_end2end_test: $(BINDIR)/$(CONFIG)/async_end2end_test
auth_property_iterator_test: $(BINDIR)/$(CONFIG)/auth_property_iterator_test
backoff_test: $(BINDIR)/$(CONFIG)/backoff_test
@@ -1114,6 +1129,8 @@
bm_pollset: $(BINDIR)/$(CONFIG)/bm_pollset
channel_arguments_test: $(BINDIR)/$(CONFIG)/channel_arguments_test
channel_filter_test: $(BINDIR)/$(CONFIG)/channel_filter_test
+check_gcp_environment_linux_test: $(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test
+check_gcp_environment_windows_test: $(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test
chttp2_settings_timeout_test: $(BINDIR)/$(CONFIG)/chttp2_settings_timeout_test
cli_call_test: $(BINDIR)/$(CONFIG)/cli_call_test
client_channel_stress_test: $(BINDIR)/$(CONFIG)/client_channel_stress_test
@@ -1133,6 +1150,7 @@
filter_end2end_test: $(BINDIR)/$(CONFIG)/filter_end2end_test
generic_end2end_test: $(BINDIR)/$(CONFIG)/generic_end2end_test
golden_file_test: $(BINDIR)/$(CONFIG)/golden_file_test
+grpc_alts_credentials_options_test: $(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test
grpc_cli: $(BINDIR)/$(CONFIG)/grpc_cli
grpc_cpp_plugin: $(BINDIR)/$(CONFIG)/grpc_cpp_plugin
grpc_csharp_plugin: $(BINDIR)/$(CONFIG)/grpc_csharp_plugin
@@ -1191,6 +1209,7 @@
thread_manager_test: $(BINDIR)/$(CONFIG)/thread_manager_test
thread_stress_test: $(BINDIR)/$(CONFIG)/thread_stress_test
transport_pid_controller_test: $(BINDIR)/$(CONFIG)/transport_pid_controller_test
+transport_security_common_api_test: $(BINDIR)/$(CONFIG)/transport_security_common_api_test
writes_per_rpc_test: $(BINDIR)/$(CONFIG)/writes_per_rpc_test
public_headers_must_be_c89: $(BINDIR)/$(CONFIG)/public_headers_must_be_c89
gen_hpack_tables: $(BINDIR)/$(CONFIG)/gen_hpack_tables
@@ -1352,7 +1371,7 @@
privatelibs: privatelibs_c privatelibs_cxx
-privatelibs_c: $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util_unsecure.a $(LIBDIR)/$(CONFIG)/libreconnect_server.a $(LIBDIR)/$(CONFIG)/libtest_tcp_server.a $(LIBDIR)/$(CONFIG)/libz.a $(LIBDIR)/$(CONFIG)/libares.a $(LIBDIR)/$(CONFIG)/libbad_client_test.a $(LIBDIR)/$(CONFIG)/libbad_ssl_test_server.a $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libend2end_nosec_tests.a
+privatelibs_c: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util_unsecure.a $(LIBDIR)/$(CONFIG)/libreconnect_server.a $(LIBDIR)/$(CONFIG)/libtest_tcp_server.a $(LIBDIR)/$(CONFIG)/libz.a $(LIBDIR)/$(CONFIG)/libares.a $(LIBDIR)/$(CONFIG)/libbad_client_test.a $(LIBDIR)/$(CONFIG)/libbad_ssl_test_server.a $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libend2end_nosec_tests.a
pc_c: $(LIBDIR)/$(CONFIG)/pkgconfig/grpc.pc
pc_c_unsecure: $(LIBDIR)/$(CONFIG)/pkgconfig/grpc_unsecure.pc
@@ -1562,6 +1581,19 @@
ifeq ($(EMBED_OPENSSL),true)
buildtests_cxx: privatelibs_cxx \
$(BINDIR)/$(CONFIG)/alarm_test \
+ $(BINDIR)/$(CONFIG)/alts_counter_test \
+ $(BINDIR)/$(CONFIG)/alts_crypt_test \
+ $(BINDIR)/$(CONFIG)/alts_crypter_test \
+ $(BINDIR)/$(CONFIG)/alts_frame_handler_test \
+ $(BINDIR)/$(CONFIG)/alts_frame_protector_test \
+ $(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test \
+ $(BINDIR)/$(CONFIG)/alts_handshaker_client_test \
+ $(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test \
+ $(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test \
+ $(BINDIR)/$(CONFIG)/alts_security_connector_test \
+ $(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test \
+ $(BINDIR)/$(CONFIG)/alts_tsi_utils_test \
+ $(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test \
$(BINDIR)/$(CONFIG)/async_end2end_test \
$(BINDIR)/$(CONFIG)/auth_property_iterator_test \
$(BINDIR)/$(CONFIG)/backoff_test \
@@ -1582,6 +1614,8 @@
$(BINDIR)/$(CONFIG)/bm_pollset \
$(BINDIR)/$(CONFIG)/channel_arguments_test \
$(BINDIR)/$(CONFIG)/channel_filter_test \
+ $(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test \
+ $(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test \
$(BINDIR)/$(CONFIG)/chttp2_settings_timeout_test \
$(BINDIR)/$(CONFIG)/cli_call_test \
$(BINDIR)/$(CONFIG)/client_channel_stress_test \
@@ -1601,6 +1635,7 @@
$(BINDIR)/$(CONFIG)/filter_end2end_test \
$(BINDIR)/$(CONFIG)/generic_end2end_test \
$(BINDIR)/$(CONFIG)/golden_file_test \
+ $(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test \
$(BINDIR)/$(CONFIG)/grpc_cli \
$(BINDIR)/$(CONFIG)/grpc_tool_test \
$(BINDIR)/$(CONFIG)/grpclb_api_test \
@@ -1652,6 +1687,7 @@
$(BINDIR)/$(CONFIG)/thread_manager_test \
$(BINDIR)/$(CONFIG)/thread_stress_test \
$(BINDIR)/$(CONFIG)/transport_pid_controller_test \
+ $(BINDIR)/$(CONFIG)/transport_security_common_api_test \
$(BINDIR)/$(CONFIG)/writes_per_rpc_test \
$(BINDIR)/$(CONFIG)/boringssl_crypto_test_data \
$(BINDIR)/$(CONFIG)/boringssl_asn1_test \
@@ -1710,6 +1746,19 @@
else
buildtests_cxx: privatelibs_cxx \
$(BINDIR)/$(CONFIG)/alarm_test \
+ $(BINDIR)/$(CONFIG)/alts_counter_test \
+ $(BINDIR)/$(CONFIG)/alts_crypt_test \
+ $(BINDIR)/$(CONFIG)/alts_crypter_test \
+ $(BINDIR)/$(CONFIG)/alts_frame_handler_test \
+ $(BINDIR)/$(CONFIG)/alts_frame_protector_test \
+ $(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test \
+ $(BINDIR)/$(CONFIG)/alts_handshaker_client_test \
+ $(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test \
+ $(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test \
+ $(BINDIR)/$(CONFIG)/alts_security_connector_test \
+ $(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test \
+ $(BINDIR)/$(CONFIG)/alts_tsi_utils_test \
+ $(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test \
$(BINDIR)/$(CONFIG)/async_end2end_test \
$(BINDIR)/$(CONFIG)/auth_property_iterator_test \
$(BINDIR)/$(CONFIG)/backoff_test \
@@ -1730,6 +1779,8 @@
$(BINDIR)/$(CONFIG)/bm_pollset \
$(BINDIR)/$(CONFIG)/channel_arguments_test \
$(BINDIR)/$(CONFIG)/channel_filter_test \
+ $(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test \
+ $(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test \
$(BINDIR)/$(CONFIG)/chttp2_settings_timeout_test \
$(BINDIR)/$(CONFIG)/cli_call_test \
$(BINDIR)/$(CONFIG)/client_channel_stress_test \
@@ -1749,6 +1800,7 @@
$(BINDIR)/$(CONFIG)/filter_end2end_test \
$(BINDIR)/$(CONFIG)/generic_end2end_test \
$(BINDIR)/$(CONFIG)/golden_file_test \
+ $(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test \
$(BINDIR)/$(CONFIG)/grpc_cli \
$(BINDIR)/$(CONFIG)/grpc_tool_test \
$(BINDIR)/$(CONFIG)/grpclb_api_test \
@@ -1800,6 +1852,7 @@
$(BINDIR)/$(CONFIG)/thread_manager_test \
$(BINDIR)/$(CONFIG)/thread_stress_test \
$(BINDIR)/$(CONFIG)/transport_pid_controller_test \
+ $(BINDIR)/$(CONFIG)/transport_security_common_api_test \
$(BINDIR)/$(CONFIG)/writes_per_rpc_test \
$(BINDIR)/$(CONFIG)/resolver_component_test_unsecure \
$(BINDIR)/$(CONFIG)/resolver_component_test \
@@ -2086,6 +2139,32 @@
test_cxx: buildtests_cxx
$(E) "[RUN] Testing alarm_test"
$(Q) $(BINDIR)/$(CONFIG)/alarm_test || ( echo test alarm_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_counter_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_counter_test || ( echo test alts_counter_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_crypt_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_crypt_test || ( echo test alts_crypt_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_crypter_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_crypter_test || ( echo test alts_crypter_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_frame_handler_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_frame_handler_test || ( echo test alts_frame_handler_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_frame_protector_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_frame_protector_test || ( echo test alts_frame_protector_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_grpc_record_protocol_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test || ( echo test alts_grpc_record_protocol_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_handshaker_client_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_handshaker_client_test || ( echo test alts_handshaker_client_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_handshaker_service_api_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test || ( echo test alts_handshaker_service_api_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_iovec_record_protocol_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test || ( echo test alts_iovec_record_protocol_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_security_connector_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_security_connector_test || ( echo test alts_security_connector_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_tsi_handshaker_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test || ( echo test alts_tsi_handshaker_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_tsi_utils_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_tsi_utils_test || ( echo test alts_tsi_utils_test failed ; exit 1 )
+ $(E) "[RUN] Testing alts_zero_copy_grpc_protector_test"
+ $(Q) $(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test || ( echo test alts_zero_copy_grpc_protector_test failed ; exit 1 )
$(E) "[RUN] Testing async_end2end_test"
$(Q) $(BINDIR)/$(CONFIG)/async_end2end_test || ( echo test async_end2end_test failed ; exit 1 )
$(E) "[RUN] Testing auth_property_iterator_test"
@@ -2126,6 +2205,10 @@
$(Q) $(BINDIR)/$(CONFIG)/channel_arguments_test || ( echo test channel_arguments_test failed ; exit 1 )
$(E) "[RUN] Testing channel_filter_test"
$(Q) $(BINDIR)/$(CONFIG)/channel_filter_test || ( echo test channel_filter_test failed ; exit 1 )
+ $(E) "[RUN] Testing check_gcp_environment_linux_test"
+ $(Q) $(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test || ( echo test check_gcp_environment_linux_test failed ; exit 1 )
+ $(E) "[RUN] Testing check_gcp_environment_windows_test"
+ $(Q) $(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test || ( echo test check_gcp_environment_windows_test failed ; exit 1 )
$(E) "[RUN] Testing chttp2_settings_timeout_test"
$(Q) $(BINDIR)/$(CONFIG)/chttp2_settings_timeout_test || ( echo test chttp2_settings_timeout_test failed ; exit 1 )
$(E) "[RUN] Testing cli_call_test"
@@ -2162,6 +2245,8 @@
$(Q) $(BINDIR)/$(CONFIG)/generic_end2end_test || ( echo test generic_end2end_test failed ; exit 1 )
$(E) "[RUN] Testing golden_file_test"
$(Q) $(BINDIR)/$(CONFIG)/golden_file_test || ( echo test golden_file_test failed ; exit 1 )
+ $(E) "[RUN] Testing grpc_alts_credentials_options_test"
+ $(Q) $(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test || ( echo test grpc_alts_credentials_options_test failed ; exit 1 )
$(E) "[RUN] Testing grpc_tool_test"
$(Q) $(BINDIR)/$(CONFIG)/grpc_tool_test || ( echo test grpc_tool_test failed ; exit 1 )
$(E) "[RUN] Testing grpclb_api_test"
@@ -2236,6 +2321,8 @@
$(Q) $(BINDIR)/$(CONFIG)/thread_stress_test || ( echo test thread_stress_test failed ; exit 1 )
$(E) "[RUN] Testing transport_pid_controller_test"
$(Q) $(BINDIR)/$(CONFIG)/transport_pid_controller_test || ( echo test transport_pid_controller_test failed ; exit 1 )
+ $(E) "[RUN] Testing transport_security_common_api_test"
+ $(Q) $(BINDIR)/$(CONFIG)/transport_security_common_api_test || ( echo test transport_security_common_api_test failed ; exit 1 )
$(E) "[RUN] Testing writes_per_rpc_test"
$(Q) $(BINDIR)/$(CONFIG)/writes_per_rpc_test || ( echo test writes_per_rpc_test failed ; exit 1 )
$(E) "[RUN] Testing resolver_component_tests_runner_invoker_unsecure"
@@ -2893,6 +2980,46 @@
# The various libraries
+LIBALTS_TEST_UTIL_SRC = \
+ test/core/tsi/alts/crypt/gsec_test_util.cc \
+ test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc \
+
+PUBLIC_HEADERS_C += \
+
+LIBALTS_TEST_UTIL_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(LIBALTS_TEST_UTIL_SRC))))
+
+
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure libraries if you don't have OpenSSL.
+
+$(LIBDIR)/$(CONFIG)/libalts_test_util.a: openssl_dep_error
+
+
+else
+
+
+$(LIBDIR)/$(CONFIG)/libalts_test_util.a: $(ZLIB_DEP) $(OPENSSL_DEP) $(CARES_DEP) $(LIBALTS_TEST_UTIL_OBJS)
+ $(E) "[AR] Creating $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) rm -f $(LIBDIR)/$(CONFIG)/libalts_test_util.a
+ $(Q) $(AR) $(AROPTS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBALTS_TEST_UTIL_OBJS)
+ifeq ($(SYSTEM),Darwin)
+ $(Q) ranlib -no_warning_for_no_symbols $(LIBDIR)/$(CONFIG)/libalts_test_util.a
+endif
+
+
+
+
+endif
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(LIBALTS_TEST_UTIL_OBJS:.o=.dep)
+endif
+endif
+
+
LIBGPR_SRC = \
src/core/lib/gpr/alloc.cc \
src/core/lib/gpr/arena.cc \
@@ -3195,6 +3322,7 @@
src/core/ext/filters/http/server/http_server_filter.cc \
src/core/lib/http/httpcli_security_connector.cc \
src/core/lib/security/context/security_context.cc \
+ src/core/lib/security/credentials/alts/alts_credentials.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/credentials.cc \
src/core/lib/security/credentials/credentials_metadata.cc \
@@ -3208,6 +3336,7 @@
src/core/lib/security/credentials/oauth2/oauth2_credentials.cc \
src/core/lib/security/credentials/plugin/plugin_credentials.cc \
src/core/lib/security/credentials/ssl/ssl_credentials.cc \
+ src/core/lib/security/security_connector/alts_security_connector.cc \
src/core/lib/security/security_connector/security_connector.cc \
src/core/lib/security/transport/client_auth_filter.cc \
src/core/lib/security/transport/secure_endpoint.cc \
@@ -3217,14 +3346,45 @@
src/core/lib/security/transport/tsi_error.cc \
src/core/lib/security/util/json_util.cc \
src/core/lib/surface/init_secure.cc \
- src/core/tsi/alts_transport_security.cc \
- src/core/tsi/fake_transport_security.cc \
- src/core/tsi/ssl_transport_security.cc \
- src/core/tsi/transport_security_grpc.cc \
+ src/core/tsi/alts/crypt/aes_gcm.cc \
+ src/core/tsi/alts/crypt/gsec.cc \
+ src/core/tsi/alts/frame_protector/alts_counter.cc \
+ src/core/tsi/alts/frame_protector/alts_crypter.cc \
+ src/core/tsi/alts/frame_protector/alts_frame_protector.cc \
+ src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc \
+ src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc \
+ src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc \
+ src/core/tsi/alts/frame_protector/frame_handler.cc \
+ src/core/tsi/alts/handshaker/alts_handshaker_client.cc \
+ src/core/tsi/alts/handshaker/alts_tsi_event.cc \
+ src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc \
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
+ src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc \
+ src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc \
+ src/core/tsi/alts/handshaker/alts_tsi_utils.cc \
+ src/core/tsi/alts/handshaker/transport_security_common_api.cc \
+ src/core/tsi/alts/handshaker/altscontext.pb.c \
+ src/core/tsi/alts/handshaker/handshaker.pb.c \
+ src/core/tsi/alts/handshaker/transport_security_common.pb.c \
+ third_party/nanopb/pb_common.c \
+ third_party/nanopb/pb_decode.c \
+ third_party/nanopb/pb_encode.c \
src/core/tsi/transport_security.cc \
src/core/tsi/transport_security_adapter.cc \
- src/core/ext/transport/chttp2/server/chttp2_server.cc \
- src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \
+ src/core/ext/transport/chttp2/client/insecure/channel_create.cc \
+ src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \
+ src/core/ext/transport/chttp2/client/chttp2_connector.cc \
src/core/ext/filters/client_channel/backup_poller.cc \
src/core/ext/filters/client_channel/channel_connectivity.cc \
src/core/ext/filters/client_channel/client_channel.cc \
@@ -3248,11 +3408,14 @@
src/core/ext/filters/client_channel/subchannel_index.cc \
src/core/ext/filters/client_channel/uri_parser.cc \
src/core/ext/filters/deadline/deadline_filter.cc \
- src/core/ext/transport/chttp2/client/chttp2_connector.cc \
+ src/core/tsi/alts_transport_security.cc \
+ src/core/tsi/fake_transport_security.cc \
+ src/core/tsi/ssl_transport_security.cc \
+ src/core/tsi/transport_security_grpc.cc \
+ src/core/ext/transport/chttp2/server/chttp2_server.cc \
+ src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \
src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc \
src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc \
- src/core/ext/transport/chttp2/client/insecure/channel_create.cc \
- src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \
src/core/ext/transport/inproc/inproc_plugin.cc \
src/core/ext/transport/inproc/inproc_transport.cc \
src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc \
@@ -3261,9 +3424,6 @@
src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc \
src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc \
src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c \
- third_party/nanopb/pb_common.c \
- third_party/nanopb/pb_decode.c \
- third_party/nanopb/pb_encode.c \
src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc \
src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc \
src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc \
@@ -3565,6 +3725,7 @@
src/core/ext/filters/deadline/deadline_filter.cc \
src/core/lib/http/httpcli_security_connector.cc \
src/core/lib/security/context/security_context.cc \
+ src/core/lib/security/credentials/alts/alts_credentials.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/credentials.cc \
src/core/lib/security/credentials/credentials_metadata.cc \
@@ -3578,6 +3739,7 @@
src/core/lib/security/credentials/oauth2/oauth2_credentials.cc \
src/core/lib/security/credentials/plugin/plugin_credentials.cc \
src/core/lib/security/credentials/ssl/ssl_credentials.cc \
+ src/core/lib/security/security_connector/alts_security_connector.cc \
src/core/lib/security/security_connector/security_connector.cc \
src/core/lib/security/transport/client_auth_filter.cc \
src/core/lib/security/transport/secure_endpoint.cc \
@@ -3587,13 +3749,49 @@
src/core/lib/security/transport/tsi_error.cc \
src/core/lib/security/util/json_util.cc \
src/core/lib/surface/init_secure.cc \
+ src/core/tsi/alts/crypt/aes_gcm.cc \
+ src/core/tsi/alts/crypt/gsec.cc \
+ src/core/tsi/alts/frame_protector/alts_counter.cc \
+ src/core/tsi/alts/frame_protector/alts_crypter.cc \
+ src/core/tsi/alts/frame_protector/alts_frame_protector.cc \
+ src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc \
+ src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc \
+ src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc \
+ src/core/tsi/alts/frame_protector/frame_handler.cc \
+ src/core/tsi/alts/handshaker/alts_handshaker_client.cc \
+ src/core/tsi/alts/handshaker/alts_tsi_event.cc \
+ src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc \
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
+ src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc \
+ src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc \
+ src/core/tsi/alts/handshaker/alts_tsi_utils.cc \
+ src/core/tsi/alts/handshaker/transport_security_common_api.cc \
+ src/core/tsi/alts/handshaker/altscontext.pb.c \
+ src/core/tsi/alts/handshaker/handshaker.pb.c \
+ src/core/tsi/alts/handshaker/transport_security_common.pb.c \
+ third_party/nanopb/pb_common.c \
+ third_party/nanopb/pb_decode.c \
+ third_party/nanopb/pb_encode.c \
+ src/core/tsi/transport_security.cc \
+ src/core/tsi/transport_security_adapter.cc \
+ src/core/ext/transport/chttp2/client/insecure/channel_create.cc \
+ src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \
+ src/core/ext/transport/chttp2/client/chttp2_connector.cc \
src/core/tsi/alts_transport_security.cc \
src/core/tsi/fake_transport_security.cc \
src/core/tsi/ssl_transport_security.cc \
src/core/tsi/transport_security_grpc.cc \
- src/core/tsi/transport_security.cc \
- src/core/tsi/transport_security_adapter.cc \
- src/core/ext/transport/chttp2/client/chttp2_connector.cc \
src/core/ext/filters/load_reporting/server_load_reporting_filter.cc \
src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc \
src/core/plugin_registry/grpc_cronet_plugin_registry.cc \
@@ -14241,6 +14439,568 @@
endif
+ALTS_COUNTER_TEST_SRC = \
+ test/core/tsi/alts/frame_protector/alts_counter_test.cc \
+
+ALTS_COUNTER_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_COUNTER_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_counter_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_counter_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_counter_test: $(PROTOBUF_DEP) $(ALTS_COUNTER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_COUNTER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_counter_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/frame_protector/alts_counter_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_counter_test: $(ALTS_COUNTER_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_COUNTER_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_CRYPT_TEST_SRC = \
+ test/core/tsi/alts/crypt/aes_gcm_test.cc \
+
+ALTS_CRYPT_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_CRYPT_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_crypt_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_crypt_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_crypt_test: $(PROTOBUF_DEP) $(ALTS_CRYPT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_CRYPT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_crypt_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/crypt/aes_gcm_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_crypt_test: $(ALTS_CRYPT_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_CRYPT_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_CRYPTER_TEST_SRC = \
+ test/core/tsi/alts/frame_protector/alts_crypter_test.cc \
+
+ALTS_CRYPTER_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_CRYPTER_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_crypter_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_crypter_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_crypter_test: $(PROTOBUF_DEP) $(ALTS_CRYPTER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_CRYPTER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_crypter_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/frame_protector/alts_crypter_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_crypter_test: $(ALTS_CRYPTER_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_CRYPTER_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_FRAME_HANDLER_TEST_SRC = \
+ test/core/tsi/alts/frame_protector/frame_handler_test.cc \
+
+ALTS_FRAME_HANDLER_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_FRAME_HANDLER_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_frame_handler_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_frame_handler_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_frame_handler_test: $(PROTOBUF_DEP) $(ALTS_FRAME_HANDLER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_FRAME_HANDLER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_frame_handler_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/frame_protector/frame_handler_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_frame_handler_test: $(ALTS_FRAME_HANDLER_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_FRAME_HANDLER_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_FRAME_PROTECTOR_TEST_SRC = \
+ test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc \
+ test/core/tsi/transport_security_test_lib.cc \
+
+ALTS_FRAME_PROTECTOR_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_FRAME_PROTECTOR_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_frame_protector_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_frame_protector_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_frame_protector_test: $(PROTOBUF_DEP) $(ALTS_FRAME_PROTECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_FRAME_PROTECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_frame_protector_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/frame_protector/alts_frame_protector_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/transport_security_test_lib.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_frame_protector_test: $(ALTS_FRAME_PROTECTOR_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_FRAME_PROTECTOR_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_GRPC_RECORD_PROTOCOL_TEST_SRC = \
+ test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc \
+
+ALTS_GRPC_RECORD_PROTOCOL_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_GRPC_RECORD_PROTOCOL_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test: $(PROTOBUF_DEP) $(ALTS_GRPC_RECORD_PROTOCOL_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_GRPC_RECORD_PROTOCOL_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_grpc_record_protocol_test: $(ALTS_GRPC_RECORD_PROTOCOL_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_GRPC_RECORD_PROTOCOL_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_HANDSHAKER_CLIENT_TEST_SRC = \
+ test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc \
+
+ALTS_HANDSHAKER_CLIENT_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_HANDSHAKER_CLIENT_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_handshaker_client_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_handshaker_client_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_handshaker_client_test: $(PROTOBUF_DEP) $(ALTS_HANDSHAKER_CLIENT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_HANDSHAKER_CLIENT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_handshaker_client_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/handshaker/alts_handshaker_client_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_handshaker_client_test: $(ALTS_HANDSHAKER_CLIENT_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_HANDSHAKER_CLIENT_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_HANDSHAKER_SERVICE_API_TEST_SRC = \
+ test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc \
+
+ALTS_HANDSHAKER_SERVICE_API_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_HANDSHAKER_SERVICE_API_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test: $(PROTOBUF_DEP) $(ALTS_HANDSHAKER_SERVICE_API_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_HANDSHAKER_SERVICE_API_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_handshaker_service_api_test: $(ALTS_HANDSHAKER_SERVICE_API_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_HANDSHAKER_SERVICE_API_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_IOVEC_RECORD_PROTOCOL_TEST_SRC = \
+ test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc \
+
+ALTS_IOVEC_RECORD_PROTOCOL_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_IOVEC_RECORD_PROTOCOL_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test: $(PROTOBUF_DEP) $(ALTS_IOVEC_RECORD_PROTOCOL_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_IOVEC_RECORD_PROTOCOL_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_iovec_record_protocol_test: $(ALTS_IOVEC_RECORD_PROTOCOL_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_IOVEC_RECORD_PROTOCOL_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_SECURITY_CONNECTOR_TEST_SRC = \
+ test/core/security/alts_security_connector_test.cc \
+
+ALTS_SECURITY_CONNECTOR_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_SECURITY_CONNECTOR_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_security_connector_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_security_connector_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_security_connector_test: $(PROTOBUF_DEP) $(ALTS_SECURITY_CONNECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_SECURITY_CONNECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_security_connector_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/security/alts_security_connector_test.o: $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_security_connector_test: $(ALTS_SECURITY_CONNECTOR_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_SECURITY_CONNECTOR_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_TSI_HANDSHAKER_TEST_SRC = \
+ test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc \
+
+ALTS_TSI_HANDSHAKER_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_TSI_HANDSHAKER_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test: $(PROTOBUF_DEP) $(ALTS_TSI_HANDSHAKER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_TSI_HANDSHAKER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_tsi_handshaker_test: $(ALTS_TSI_HANDSHAKER_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_TSI_HANDSHAKER_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_TSI_UTILS_TEST_SRC = \
+ test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc \
+
+ALTS_TSI_UTILS_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_TSI_UTILS_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_tsi_utils_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_tsi_utils_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_tsi_utils_test: $(PROTOBUF_DEP) $(ALTS_TSI_UTILS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_TSI_UTILS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_tsi_utils_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/handshaker/alts_tsi_utils_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_tsi_utils_test: $(ALTS_TSI_UTILS_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_TSI_UTILS_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_SRC = \
+ test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc \
+
+ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test: $(PROTOBUF_DEP) $(ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_alts_zero_copy_grpc_protector_test: $(ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
ASYNC_END2END_TEST_SRC = \
test/cpp/end2end/async_end2end_test.cc \
@@ -15115,6 +15875,92 @@
endif
+CHECK_GCP_ENVIRONMENT_LINUX_TEST_SRC = \
+ test/core/security/check_gcp_environment_linux_test.cc \
+
+CHECK_GCP_ENVIRONMENT_LINUX_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(CHECK_GCP_ENVIRONMENT_LINUX_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test: $(PROTOBUF_DEP) $(CHECK_GCP_ENVIRONMENT_LINUX_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(CHECK_GCP_ENVIRONMENT_LINUX_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/security/check_gcp_environment_linux_test.o: $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a
+
+deps_check_gcp_environment_linux_test: $(CHECK_GCP_ENVIRONMENT_LINUX_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(CHECK_GCP_ENVIRONMENT_LINUX_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_SRC = \
+ test/core/security/check_gcp_environment_windows_test.cc \
+
+CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test: $(PROTOBUF_DEP) $(CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/security/check_gcp_environment_windows_test.o: $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a
+
+deps_check_gcp_environment_windows_test: $(CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
CHTTP2_SETTINGS_TIMEOUT_TEST_SRC = \
test/core/transport/chttp2/settings_timeout_test.cc \
@@ -15980,6 +16826,49 @@
$(OBJDIR)/$(CONFIG)/test/cpp/codegen/golden_file_test.o: $(GENDIR)/src/proto/grpc/testing/compiler_test.pb.cc $(GENDIR)/src/proto/grpc/testing/compiler_test.grpc.pb.cc
+GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_SRC = \
+ test/core/security/grpc_alts_credentials_options_test.cc \
+
+GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test: $(PROTOBUF_DEP) $(GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/security/grpc_alts_credentials_options_test.o: $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a
+
+deps_grpc_alts_credentials_options_test: $(GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
GRPC_CLI_SRC = \
test/cpp/util/grpc_cli.cc \
@@ -18433,6 +19322,49 @@
endif
+TRANSPORT_SECURITY_COMMON_API_TEST_SRC = \
+ test/core/tsi/alts/handshaker/transport_security_common_api_test.cc \
+
+TRANSPORT_SECURITY_COMMON_API_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(TRANSPORT_SECURITY_COMMON_API_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/transport_security_common_api_test: openssl_dep_error
+
+else
+
+
+
+
+ifeq ($(NO_PROTOBUF),true)
+
+# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
+
+$(BINDIR)/$(CONFIG)/transport_security_common_api_test: protobuf_dep_error
+
+else
+
+$(BINDIR)/$(CONFIG)/transport_security_common_api_test: $(PROTOBUF_DEP) $(TRANSPORT_SECURITY_COMMON_API_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+ $(E) "[LD] Linking $@"
+ $(Q) mkdir -p `dirname $@`
+ $(Q) $(LDXX) $(LDFLAGS) $(TRANSPORT_SECURITY_COMMON_API_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/transport_security_common_api_test
+
+endif
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/handshaker/transport_security_common_api_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a
+
+deps_transport_security_common_api_test: $(TRANSPORT_SECURITY_COMMON_API_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(TRANSPORT_SECURITY_COMMON_API_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
WRITES_PER_RPC_TEST_SRC = \
test/cpp/performance/writes_per_rpc_test.cc \
@@ -22403,6 +23335,14 @@
src/core/ext/transport/cronet/transport/cronet_transport.cc: $(OPENSSL_DEP)
src/core/lib/http/httpcli_security_connector.cc: $(OPENSSL_DEP)
src/core/lib/security/context/security_context.cc: $(OPENSSL_DEP)
+src/core/lib/security/credentials/alts/alts_credentials.cc: $(OPENSSL_DEP)
+src/core/lib/security/credentials/alts/check_gcp_environment.cc: $(OPENSSL_DEP)
+src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc: $(OPENSSL_DEP)
+src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc: $(OPENSSL_DEP)
+src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc: $(OPENSSL_DEP)
+src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc: $(OPENSSL_DEP)
+src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc: $(OPENSSL_DEP)
+src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/composite/composite_credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/credentials_metadata.cc: $(OPENSSL_DEP)
@@ -22416,6 +23356,7 @@
src/core/lib/security/credentials/oauth2/oauth2_credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/plugin/plugin_credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/ssl/ssl_credentials.cc: $(OPENSSL_DEP)
+src/core/lib/security/security_connector/alts_security_connector.cc: $(OPENSSL_DEP)
src/core/lib/security/security_connector/security_connector.cc: $(OPENSSL_DEP)
src/core/lib/security/transport/client_auth_filter.cc: $(OPENSSL_DEP)
src/core/lib/security/transport/secure_endpoint.cc: $(OPENSSL_DEP)
@@ -22427,6 +23368,30 @@
src/core/lib/surface/init_secure.cc: $(OPENSSL_DEP)
src/core/plugin_registry/grpc_cronet_plugin_registry.cc: $(OPENSSL_DEP)
src/core/plugin_registry/grpc_plugin_registry.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/crypt/aes_gcm.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/crypt/gsec.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/frame_protector/alts_counter.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/frame_protector/alts_crypter.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/frame_protector/alts_frame_protector.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/frame_protector/frame_handler.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/handshaker/alts_handshaker_client.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/handshaker/alts_tsi_event.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/handshaker/alts_tsi_utils.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/handshaker/altscontext.pb.c: $(OPENSSL_DEP)
+src/core/tsi/alts/handshaker/handshaker.pb.c: $(OPENSSL_DEP)
+src/core/tsi/alts/handshaker/transport_security_common.pb.c: $(OPENSSL_DEP)
+src/core/tsi/alts/handshaker/transport_security_common_api.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc: $(OPENSSL_DEP)
+src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc: $(OPENSSL_DEP)
src/core/tsi/alts_transport_security.cc: $(OPENSSL_DEP)
src/core/tsi/fake_transport_security.cc: $(OPENSSL_DEP)
src/core/tsi/ssl_transport_security.cc: $(OPENSSL_DEP)
@@ -22454,6 +23419,8 @@
test/core/end2end/end2end_tests.cc: $(OPENSSL_DEP)
test/core/end2end/tests/call_creds.cc: $(OPENSSL_DEP)
test/core/security/oauth2_utils.cc: $(OPENSSL_DEP)
+test/core/tsi/alts/crypt/gsec_test_util.cc: $(OPENSSL_DEP)
+test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc: $(OPENSSL_DEP)
test/core/util/reconnect_server.cc: $(OPENSSL_DEP)
test/core/util/test_tcp_server.cc: $(OPENSSL_DEP)
test/cpp/end2end/test_service_impl.cc: $(OPENSSL_DEP)
diff --git a/bazel/grpc_build_system.bzl b/bazel/grpc_build_system.bzl
index 7bc1862..662068a 100644
--- a/bazel/grpc_build_system.bzl
+++ b/bazel/grpc_build_system.bzl
@@ -57,6 +57,12 @@
ret.append(h)
return ret
+def _maybe_update_cc_library_defines(name):
+ ret = []
+ if name == "alts_proto":
+ ret += ["PB_FIELD_16BIT=1"]
+ return ret
+
def grpc_cc_library(name, srcs = [], public_hdrs = [], hdrs = [],
external_deps = [], deps = [], standalone = False,
language = "C++", testonly = False, visibility = None,
@@ -64,10 +70,11 @@
copts = []
if language.upper() == "C":
copts = if_not_windows(["-std=c99"])
+ defines = _maybe_update_cc_library_defines(name)
native.cc_library(
name = name,
srcs = srcs,
- defines = select({"//:grpc_no_ares": ["GRPC_ARES=0"],
+ defines = defines + select({"//:grpc_no_ares": ["GRPC_ARES=0"],
"//conditions:default": [],}) +
select({"//:remote_execution": ["GRPC_PORT_ISOLATED_RUNTIME=1"],
"//conditions:default": [],}) +
diff --git a/build.yaml b/build.yaml
index e2d1940..e2bb8bf 100644
--- a/build.yaml
+++ b/build.yaml
@@ -16,6 +16,84 @@
g_stands_for: gorgeous
version: 1.11.0-dev
filegroups:
+- name: alts_proto
+ headers:
+ - src/core/tsi/alts/handshaker/altscontext.pb.h
+ - src/core/tsi/alts/handshaker/handshaker.pb.h
+ - src/core/tsi/alts/handshaker/transport_security_common.pb.h
+ src:
+ - src/core/tsi/alts/handshaker/altscontext.pb.c
+ - src/core/tsi/alts/handshaker/handshaker.pb.c
+ - src/core/tsi/alts/handshaker/transport_security_common.pb.c
+ uses:
+ - nanopb
+- name: alts_tsi
+ headers:
+ - src/core/tsi/alts/crypt/gsec.h
+ - src/core/tsi/alts/frame_protector/alts_counter.h
+ - src/core/tsi/alts/frame_protector/alts_crypter.h
+ - src/core/tsi/alts/frame_protector/alts_frame_protector.h
+ - src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h
+ - src/core/tsi/alts/frame_protector/frame_handler.h
+ - src/core/tsi/alts/handshaker/alts_handshaker_client.h
+ - src/core/tsi/alts/handshaker/alts_tsi_event.h
+ - src/core/tsi/alts/handshaker/alts_tsi_handshaker.h
+ - src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h
+ - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h
+ - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h
+ - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h
+ - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h
+ - src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h
+ - src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h
+ src:
+ - src/core/tsi/alts/crypt/aes_gcm.cc
+ - src/core/tsi/alts/crypt/gsec.cc
+ - src/core/tsi/alts/frame_protector/alts_counter.cc
+ - src/core/tsi/alts/frame_protector/alts_crypter.cc
+ - src/core/tsi/alts/frame_protector/alts_frame_protector.cc
+ - src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc
+ - src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc
+ - src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc
+ - src/core/tsi/alts/frame_protector/frame_handler.cc
+ - src/core/tsi/alts/handshaker/alts_handshaker_client.cc
+ - src/core/tsi/alts/handshaker/alts_tsi_event.cc
+ - src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc
+ - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc
+ - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc
+ - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc
+ - src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc
+ - src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc
+ uses:
+ - alts_util
+ - grpc_base
+ - grpc_transport_chttp2_client_insecure
+ - tsi_interface
+ - tsi
+- name: alts_util
+ headers:
+ - src/core/lib/security/credentials/alts/check_gcp_environment.h
+ - src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h
+ - src/core/tsi/alts/handshaker/alts_handshaker_service_api.h
+ - src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h
+ - src/core/tsi/alts/handshaker/alts_tsi_utils.h
+ - src/core/tsi/alts/handshaker/transport_security_common_api.h
+ src:
+ - src/core/lib/security/credentials/alts/check_gcp_environment.cc
+ - src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc
+ - src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc
+ - src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc
+ - src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc
+ - src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc
+ - src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc
+ - src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc
+ - src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc
+ - src/core/tsi/alts/handshaker/alts_tsi_utils.cc
+ - src/core/tsi/alts/handshaker/transport_security_common_api.cc
+ uses:
+ - alts_proto
+ - grpc_base
+ - tsi_interface
+ - nanopb
- name: census
public_headers:
- include/grpc/census.h
@@ -642,6 +720,7 @@
- include/grpc/grpc_security.h
headers:
- src/core/lib/security/context/security_context.h
+ - src/core/lib/security/credentials/alts/alts_credentials.h
- src/core/lib/security/credentials/composite/composite_credentials.h
- src/core/lib/security/credentials/credentials.h
- src/core/lib/security/credentials/fake/fake_credentials.h
@@ -653,6 +732,7 @@
- src/core/lib/security/credentials/oauth2/oauth2_credentials.h
- src/core/lib/security/credentials/plugin/plugin_credentials.h
- src/core/lib/security/credentials/ssl/ssl_credentials.h
+ - src/core/lib/security/security_connector/alts_security_connector.h
- src/core/lib/security/security_connector/security_connector.h
- src/core/lib/security/transport/auth_filters.h
- src/core/lib/security/transport/secure_endpoint.h
@@ -663,6 +743,7 @@
src:
- src/core/lib/http/httpcli_security_connector.cc
- src/core/lib/security/context/security_context.cc
+ - src/core/lib/security/credentials/alts/alts_credentials.cc
- src/core/lib/security/credentials/composite/composite_credentials.cc
- src/core/lib/security/credentials/credentials.cc
- src/core/lib/security/credentials/credentials_metadata.cc
@@ -676,6 +757,7 @@
- src/core/lib/security/credentials/oauth2/oauth2_credentials.cc
- src/core/lib/security/credentials/plugin/plugin_credentials.cc
- src/core/lib/security/credentials/ssl/ssl_credentials.cc
+ - src/core/lib/security/security_connector/alts_security_connector.cc
- src/core/lib/security/security_connector/security_connector.cc
- src/core/lib/security/transport/client_auth_filter.cc
- src/core/lib/security/transport/secure_endpoint.cc
@@ -687,6 +769,7 @@
- src/core/lib/surface/init_secure.cc
secure: true
uses:
+ - alts_tsi
- grpc_base
- grpc_transport_chttp2_alpn
- tsi
@@ -1211,6 +1294,18 @@
- grpc++
- grpc
libs:
+- name: alts_test_util
+ build: private
+ language: c
+ headers:
+ - test/core/tsi/alts/crypt/gsec_test_util.h
+ - test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h
+ src:
+ - test/core/tsi/alts/crypt/gsec_test_util.cc
+ - test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc
+ deps:
+ - grpc
+ secure: true
- name: gpr
build: all
language: c
@@ -3496,6 +3591,125 @@
- grpc_unsecure
- gpr_test_util
- gpr
+- name: alts_counter_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/frame_protector/alts_counter_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
+- name: alts_crypt_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/crypt/aes_gcm_test.cc
+ deps:
+ - alts_test_util
+ - gpr_test_util
+ - gpr
+ - grpc
+- name: alts_crypter_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/frame_protector/alts_crypter_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
+- name: alts_frame_handler_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/frame_protector/frame_handler_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
+- name: alts_frame_protector_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
+ filegroups:
+ - transport_security_test_lib
+- name: alts_grpc_record_protocol_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
+- name: alts_handshaker_client_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
+- name: alts_handshaker_service_api_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
+- name: alts_iovec_record_protocol_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
+- name: alts_security_connector_test
+ build: test
+ language: c++
+ src:
+ - test/core/security/alts_security_connector_test.cc
+ deps:
+ - gpr
+ - grpc
+- name: alts_tsi_handshaker_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
+- name: alts_tsi_utils_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
+- name: alts_zero_copy_grpc_protector_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
- name: async_end2end_test
gtest: true
build: test
@@ -3879,6 +4093,22 @@
- grpc
- gpr
uses_polling: false
+- name: check_gcp_environment_linux_test
+ build: test
+ language: c++
+ src:
+ - test/core/security/check_gcp_environment_linux_test.cc
+ deps:
+ - grpc
+ - gpr
+- name: check_gcp_environment_windows_test
+ build: test
+ language: c++
+ src:
+ - test/core/security/check_gcp_environment_windows_test.cc
+ deps:
+ - grpc
+ - gpr
- name: chttp2_settings_timeout_test
gtest: true
build: test
@@ -4137,6 +4367,14 @@
args:
- --generated_file_path=gens/src/proto/grpc/testing/
uses_polling: false
+- name: grpc_alts_credentials_options_test
+ build: test
+ language: c++
+ src:
+ - test/core/security/grpc_alts_credentials_options_test.cc
+ deps:
+ - grpc
+ - gpr
- name: grpc_cli
build: test
run: false
@@ -4972,6 +5210,15 @@
- grpc
- gpr_test_util
- gpr
+- name: transport_security_common_api_test
+ build: test
+ language: c++
+ src:
+ - test/core/tsi/alts/handshaker/transport_security_common_api_test.cc
+ deps:
+ - alts_test_util
+ - gpr
+ - grpc
- name: writes_per_rpc_test
gtest: true
cpu_cost: 0.5
diff --git a/config.m4 b/config.m4
index 1a05584..57fc2db 100644
--- a/config.m4
+++ b/config.m4
@@ -244,6 +244,7 @@
src/core/ext/filters/http/server/http_server_filter.cc \
src/core/lib/http/httpcli_security_connector.cc \
src/core/lib/security/context/security_context.cc \
+ src/core/lib/security/credentials/alts/alts_credentials.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/credentials.cc \
src/core/lib/security/credentials/credentials_metadata.cc \
@@ -257,6 +258,7 @@
src/core/lib/security/credentials/oauth2/oauth2_credentials.cc \
src/core/lib/security/credentials/plugin/plugin_credentials.cc \
src/core/lib/security/credentials/ssl/ssl_credentials.cc \
+ src/core/lib/security/security_connector/alts_security_connector.cc \
src/core/lib/security/security_connector/security_connector.cc \
src/core/lib/security/transport/client_auth_filter.cc \
src/core/lib/security/transport/secure_endpoint.cc \
@@ -266,14 +268,45 @@
src/core/lib/security/transport/tsi_error.cc \
src/core/lib/security/util/json_util.cc \
src/core/lib/surface/init_secure.cc \
- src/core/tsi/alts_transport_security.cc \
- src/core/tsi/fake_transport_security.cc \
- src/core/tsi/ssl_transport_security.cc \
- src/core/tsi/transport_security_grpc.cc \
+ src/core/tsi/alts/crypt/aes_gcm.cc \
+ src/core/tsi/alts/crypt/gsec.cc \
+ src/core/tsi/alts/frame_protector/alts_counter.cc \
+ src/core/tsi/alts/frame_protector/alts_crypter.cc \
+ src/core/tsi/alts/frame_protector/alts_frame_protector.cc \
+ src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc \
+ src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc \
+ src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc \
+ src/core/tsi/alts/frame_protector/frame_handler.cc \
+ src/core/tsi/alts/handshaker/alts_handshaker_client.cc \
+ src/core/tsi/alts/handshaker/alts_tsi_event.cc \
+ src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc \
+ src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc \
+ src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc \
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
+ src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
+ src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc \
+ src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc \
+ src/core/tsi/alts/handshaker/alts_tsi_utils.cc \
+ src/core/tsi/alts/handshaker/transport_security_common_api.cc \
+ src/core/tsi/alts/handshaker/altscontext.pb.c \
+ src/core/tsi/alts/handshaker/handshaker.pb.c \
+ src/core/tsi/alts/handshaker/transport_security_common.pb.c \
+ third_party/nanopb/pb_common.c \
+ third_party/nanopb/pb_decode.c \
+ third_party/nanopb/pb_encode.c \
src/core/tsi/transport_security.cc \
src/core/tsi/transport_security_adapter.cc \
- src/core/ext/transport/chttp2/server/chttp2_server.cc \
- src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \
+ src/core/ext/transport/chttp2/client/insecure/channel_create.cc \
+ src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \
+ src/core/ext/transport/chttp2/client/chttp2_connector.cc \
src/core/ext/filters/client_channel/backup_poller.cc \
src/core/ext/filters/client_channel/channel_connectivity.cc \
src/core/ext/filters/client_channel/client_channel.cc \
@@ -297,11 +330,14 @@
src/core/ext/filters/client_channel/subchannel_index.cc \
src/core/ext/filters/client_channel/uri_parser.cc \
src/core/ext/filters/deadline/deadline_filter.cc \
- src/core/ext/transport/chttp2/client/chttp2_connector.cc \
+ src/core/tsi/alts_transport_security.cc \
+ src/core/tsi/fake_transport_security.cc \
+ src/core/tsi/ssl_transport_security.cc \
+ src/core/tsi/transport_security_grpc.cc \
+ src/core/ext/transport/chttp2/server/chttp2_server.cc \
+ src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \
src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc \
src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc \
- src/core/ext/transport/chttp2/client/insecure/channel_create.cc \
- src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \
src/core/ext/transport/inproc/inproc_plugin.cc \
src/core/ext/transport/inproc/inproc_transport.cc \
src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc \
@@ -310,9 +346,6 @@
src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc \
src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc \
src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c \
- third_party/nanopb/pb_common.c \
- third_party/nanopb/pb_decode.c \
- third_party/nanopb/pb_encode.c \
src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc \
src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc \
src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc \
@@ -635,6 +668,7 @@
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/profiling)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/context)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials)
+ PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials/alts)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials/composite)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials/fake)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials/google_default)
@@ -651,6 +685,10 @@
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/transport)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/plugin_registry)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/tsi)
+ PHP_ADD_BUILD_DIR($ext_builddir/src/core/tsi/alts/crypt)
+ PHP_ADD_BUILD_DIR($ext_builddir/src/core/tsi/alts/frame_protector)
+ PHP_ADD_BUILD_DIR($ext_builddir/src/core/tsi/alts/handshaker)
+ PHP_ADD_BUILD_DIR($ext_builddir/src/core/tsi/alts/zero_copy_frame_protector)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/boringssl/crypto)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/boringssl/crypto/asn1)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/boringssl/crypto/base64)
diff --git a/config.w32 b/config.w32
index 5e41295..580607d 100644
--- a/config.w32
+++ b/config.w32
@@ -221,6 +221,7 @@
"src\\core\\ext\\filters\\http\\server\\http_server_filter.cc " +
"src\\core\\lib\\http\\httpcli_security_connector.cc " +
"src\\core\\lib\\security\\context\\security_context.cc " +
+ "src\\core\\lib\\security\\credentials\\alts\\alts_credentials.cc " +
"src\\core\\lib\\security\\credentials\\composite\\composite_credentials.cc " +
"src\\core\\lib\\security\\credentials\\credentials.cc " +
"src\\core\\lib\\security\\credentials\\credentials_metadata.cc " +
@@ -234,6 +235,7 @@
"src\\core\\lib\\security\\credentials\\oauth2\\oauth2_credentials.cc " +
"src\\core\\lib\\security\\credentials\\plugin\\plugin_credentials.cc " +
"src\\core\\lib\\security\\credentials\\ssl\\ssl_credentials.cc " +
+ "src\\core\\lib\\security\\security_connector\\alts_security_connector.cc " +
"src\\core\\lib\\security\\security_connector\\security_connector.cc " +
"src\\core\\lib\\security\\transport\\client_auth_filter.cc " +
"src\\core\\lib\\security\\transport\\secure_endpoint.cc " +
@@ -243,14 +245,45 @@
"src\\core\\lib\\security\\transport\\tsi_error.cc " +
"src\\core\\lib\\security\\util\\json_util.cc " +
"src\\core\\lib\\surface\\init_secure.cc " +
- "src\\core\\tsi\\alts_transport_security.cc " +
- "src\\core\\tsi\\fake_transport_security.cc " +
- "src\\core\\tsi\\ssl_transport_security.cc " +
- "src\\core\\tsi\\transport_security_grpc.cc " +
+ "src\\core\\tsi\\alts\\crypt\\aes_gcm.cc " +
+ "src\\core\\tsi\\alts\\crypt\\gsec.cc " +
+ "src\\core\\tsi\\alts\\frame_protector\\alts_counter.cc " +
+ "src\\core\\tsi\\alts\\frame_protector\\alts_crypter.cc " +
+ "src\\core\\tsi\\alts\\frame_protector\\alts_frame_protector.cc " +
+ "src\\core\\tsi\\alts\\frame_protector\\alts_record_protocol_crypter_common.cc " +
+ "src\\core\\tsi\\alts\\frame_protector\\alts_seal_privacy_integrity_crypter.cc " +
+ "src\\core\\tsi\\alts\\frame_protector\\alts_unseal_privacy_integrity_crypter.cc " +
+ "src\\core\\tsi\\alts\\frame_protector\\frame_handler.cc " +
+ "src\\core\\tsi\\alts\\handshaker\\alts_handshaker_client.cc " +
+ "src\\core\\tsi\\alts\\handshaker\\alts_tsi_event.cc " +
+ "src\\core\\tsi\\alts\\handshaker\\alts_tsi_handshaker.cc " +
+ "src\\core\\tsi\\alts\\zero_copy_frame_protector\\alts_grpc_integrity_only_record_protocol.cc " +
+ "src\\core\\tsi\\alts\\zero_copy_frame_protector\\alts_grpc_privacy_integrity_record_protocol.cc " +
+ "src\\core\\tsi\\alts\\zero_copy_frame_protector\\alts_grpc_record_protocol_common.cc " +
+ "src\\core\\tsi\\alts\\zero_copy_frame_protector\\alts_iovec_record_protocol.cc " +
+ "src\\core\\tsi\\alts\\zero_copy_frame_protector\\alts_zero_copy_grpc_protector.cc " +
+ "src\\core\\lib\\security\\credentials\\alts\\check_gcp_environment.cc " +
+ "src\\core\\lib\\security\\credentials\\alts\\check_gcp_environment_linux.cc " +
+ "src\\core\\lib\\security\\credentials\\alts\\check_gcp_environment_no_op.cc " +
+ "src\\core\\lib\\security\\credentials\\alts\\check_gcp_environment_windows.cc " +
+ "src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_client_options.cc " +
+ "src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_options.cc " +
+ "src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_server_options.cc " +
+ "src\\core\\tsi\\alts\\handshaker\\alts_handshaker_service_api.cc " +
+ "src\\core\\tsi\\alts\\handshaker\\alts_handshaker_service_api_util.cc " +
+ "src\\core\\tsi\\alts\\handshaker\\alts_tsi_utils.cc " +
+ "src\\core\\tsi\\alts\\handshaker\\transport_security_common_api.cc " +
+ "src\\core\\tsi\\alts\\handshaker\\altscontext.pb.c " +
+ "src\\core\\tsi\\alts\\handshaker\\handshaker.pb.c " +
+ "src\\core\\tsi\\alts\\handshaker\\transport_security_common.pb.c " +
+ "third_party\\nanopb\\pb_common.c " +
+ "third_party\\nanopb\\pb_decode.c " +
+ "third_party\\nanopb\\pb_encode.c " +
"src\\core\\tsi\\transport_security.cc " +
"src\\core\\tsi\\transport_security_adapter.cc " +
- "src\\core\\ext\\transport\\chttp2\\server\\chttp2_server.cc " +
- "src\\core\\ext\\transport\\chttp2\\client\\secure\\secure_channel_create.cc " +
+ "src\\core\\ext\\transport\\chttp2\\client\\insecure\\channel_create.cc " +
+ "src\\core\\ext\\transport\\chttp2\\client\\insecure\\channel_create_posix.cc " +
+ "src\\core\\ext\\transport\\chttp2\\client\\chttp2_connector.cc " +
"src\\core\\ext\\filters\\client_channel\\backup_poller.cc " +
"src\\core\\ext\\filters\\client_channel\\channel_connectivity.cc " +
"src\\core\\ext\\filters\\client_channel\\client_channel.cc " +
@@ -274,11 +307,14 @@
"src\\core\\ext\\filters\\client_channel\\subchannel_index.cc " +
"src\\core\\ext\\filters\\client_channel\\uri_parser.cc " +
"src\\core\\ext\\filters\\deadline\\deadline_filter.cc " +
- "src\\core\\ext\\transport\\chttp2\\client\\chttp2_connector.cc " +
+ "src\\core\\tsi\\alts_transport_security.cc " +
+ "src\\core\\tsi\\fake_transport_security.cc " +
+ "src\\core\\tsi\\ssl_transport_security.cc " +
+ "src\\core\\tsi\\transport_security_grpc.cc " +
+ "src\\core\\ext\\transport\\chttp2\\server\\chttp2_server.cc " +
+ "src\\core\\ext\\transport\\chttp2\\client\\secure\\secure_channel_create.cc " +
"src\\core\\ext\\transport\\chttp2\\server\\insecure\\server_chttp2.cc " +
"src\\core\\ext\\transport\\chttp2\\server\\insecure\\server_chttp2_posix.cc " +
- "src\\core\\ext\\transport\\chttp2\\client\\insecure\\channel_create.cc " +
- "src\\core\\ext\\transport\\chttp2\\client\\insecure\\channel_create_posix.cc " +
"src\\core\\ext\\transport\\inproc\\inproc_plugin.cc " +
"src\\core\\ext\\transport\\inproc\\inproc_transport.cc " +
"src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\client_load_reporting_filter.cc " +
@@ -287,9 +323,6 @@
"src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\grpclb_client_stats.cc " +
"src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\load_balancer_api.cc " +
"src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\proto\\grpc\\lb\\v1\\load_balancer.pb.c " +
- "third_party\\nanopb\\pb_common.c " +
- "third_party\\nanopb\\pb_decode.c " +
- "third_party\\nanopb\\pb_encode.c " +
"src\\core\\ext\\filters\\client_channel\\resolver\\fake\\fake_resolver.cc " +
"src\\core\\ext\\filters\\client_channel\\lb_policy\\pick_first\\pick_first.cc " +
"src\\core\\ext\\filters\\client_channel\\lb_policy\\subchannel_list.cc " +
@@ -648,6 +681,7 @@
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\context");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials");
+ FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials\\alts");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials\\composite");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials\\fake");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials\\google_default");
@@ -664,6 +698,11 @@
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\transport");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\plugin_registry");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi");
+ FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi\\alts");
+ FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi\\alts\\crypt");
+ FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi\\alts\\frame_protector");
+ FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi\\alts\\handshaker");
+ FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi\\alts\\zero_copy_frame_protector");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\php");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\php\\ext");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\php\\ext\\grpc");
diff --git a/gRPC-C++.podspec b/gRPC-C++.podspec
index 821c16d..65a5dc6 100644
--- a/gRPC-C++.podspec
+++ b/gRPC-C++.podspec
@@ -260,6 +260,7 @@
'src/core/ext/filters/http/message_compress/message_compress_filter.h',
'src/core/ext/filters/http/server/http_server_filter.h',
'src/core/lib/security/context/security_context.h',
+ 'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/composite/composite_credentials.h',
'src/core/lib/security/credentials/credentials.h',
'src/core/lib/security/credentials/fake/fake_credentials.h',
@@ -271,6 +272,7 @@
'src/core/lib/security/credentials/oauth2/oauth2_credentials.h',
'src/core/lib/security/credentials/plugin/plugin_credentials.h',
'src/core/lib/security/credentials/ssl/ssl_credentials.h',
+ 'src/core/lib/security/security_connector/alts_security_connector.h',
'src/core/lib/security/security_connector/security_connector.h',
'src/core/lib/security/transport/auth_filters.h',
'src/core/lib/security/transport/secure_endpoint.h',
@@ -278,15 +280,35 @@
'src/core/lib/security/transport/target_authority_table.h',
'src/core/lib/security/transport/tsi_error.h',
'src/core/lib/security/util/json_util.h',
- 'src/core/tsi/alts_transport_security.h',
- 'src/core/tsi/fake_transport_security.h',
- 'src/core/tsi/ssl_transport_security.h',
- 'src/core/tsi/ssl_types.h',
- 'src/core/tsi/transport_security_grpc.h',
+ 'src/core/tsi/alts/crypt/gsec.h',
+ 'src/core/tsi/alts/frame_protector/alts_counter.h',
+ 'src/core/tsi/alts/frame_protector/alts_crypter.h',
+ 'src/core/tsi/alts/frame_protector/alts_frame_protector.h',
+ 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h',
+ 'src/core/tsi/alts/frame_protector/frame_handler.h',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_client.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_event.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment.h',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.h',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_utils.h',
+ 'src/core/tsi/alts/handshaker/transport_security_common_api.h',
+ 'src/core/tsi/alts/handshaker/altscontext.pb.h',
+ 'src/core/tsi/alts/handshaker/handshaker.pb.h',
+ 'src/core/tsi/alts/handshaker/transport_security_common.pb.h',
'src/core/tsi/transport_security.h',
'src/core/tsi/transport_security_adapter.h',
'src/core/tsi/transport_security_interface.h',
- 'src/core/ext/transport/chttp2/server/chttp2_server.h',
+ 'src/core/ext/transport/chttp2/client/chttp2_connector.h',
'src/core/ext/filters/client_channel/backup_poller.h',
'src/core/ext/filters/client_channel/client_channel.h',
'src/core/ext/filters/client_channel/client_channel_factory.h',
@@ -309,7 +331,12 @@
'src/core/ext/filters/client_channel/subchannel_index.h',
'src/core/ext/filters/client_channel/uri_parser.h',
'src/core/ext/filters/deadline/deadline_filter.h',
- 'src/core/ext/transport/chttp2/client/chttp2_connector.h',
+ 'src/core/tsi/alts_transport_security.h',
+ 'src/core/tsi/fake_transport_security.h',
+ 'src/core/tsi/ssl_transport_security.h',
+ 'src/core/tsi/ssl_types.h',
+ 'src/core/tsi/transport_security_grpc.h',
+ 'src/core/ext/transport/chttp2/server/chttp2_server.h',
'src/core/ext/transport/inproc/inproc_transport.h',
'src/core/lib/avl/avl.h',
'src/core/lib/backoff/backoff.h',
diff --git a/gRPC-Core.podspec b/gRPC-Core.podspec
index 6c6c769..7f61719 100644
--- a/gRPC-Core.podspec
+++ b/gRPC-Core.podspec
@@ -93,7 +93,7 @@
}
s.default_subspecs = 'Interface', 'Implementation'
- s.compiler_flags = '-DGRPC_ARES=0'
+ s.compiler_flags = '-DGRPC_ARES=0', '-DPB_FIELD_16BIT'
s.libraries = 'c++'
# Like many other C libraries, gRPC-Core has its public headers under `include/<libname>/` and its
@@ -271,6 +271,7 @@
'src/core/ext/filters/http/message_compress/message_compress_filter.h',
'src/core/ext/filters/http/server/http_server_filter.h',
'src/core/lib/security/context/security_context.h',
+ 'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/composite/composite_credentials.h',
'src/core/lib/security/credentials/credentials.h',
'src/core/lib/security/credentials/fake/fake_credentials.h',
@@ -282,6 +283,7 @@
'src/core/lib/security/credentials/oauth2/oauth2_credentials.h',
'src/core/lib/security/credentials/plugin/plugin_credentials.h',
'src/core/lib/security/credentials/ssl/ssl_credentials.h',
+ 'src/core/lib/security/security_connector/alts_security_connector.h',
'src/core/lib/security/security_connector/security_connector.h',
'src/core/lib/security/transport/auth_filters.h',
'src/core/lib/security/transport/secure_endpoint.h',
@@ -289,15 +291,35 @@
'src/core/lib/security/transport/target_authority_table.h',
'src/core/lib/security/transport/tsi_error.h',
'src/core/lib/security/util/json_util.h',
- 'src/core/tsi/alts_transport_security.h',
- 'src/core/tsi/fake_transport_security.h',
- 'src/core/tsi/ssl_transport_security.h',
- 'src/core/tsi/ssl_types.h',
- 'src/core/tsi/transport_security_grpc.h',
+ 'src/core/tsi/alts/crypt/gsec.h',
+ 'src/core/tsi/alts/frame_protector/alts_counter.h',
+ 'src/core/tsi/alts/frame_protector/alts_crypter.h',
+ 'src/core/tsi/alts/frame_protector/alts_frame_protector.h',
+ 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h',
+ 'src/core/tsi/alts/frame_protector/frame_handler.h',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_client.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_event.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment.h',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.h',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_utils.h',
+ 'src/core/tsi/alts/handshaker/transport_security_common_api.h',
+ 'src/core/tsi/alts/handshaker/altscontext.pb.h',
+ 'src/core/tsi/alts/handshaker/handshaker.pb.h',
+ 'src/core/tsi/alts/handshaker/transport_security_common.pb.h',
'src/core/tsi/transport_security.h',
'src/core/tsi/transport_security_adapter.h',
'src/core/tsi/transport_security_interface.h',
- 'src/core/ext/transport/chttp2/server/chttp2_server.h',
+ 'src/core/ext/transport/chttp2/client/chttp2_connector.h',
'src/core/ext/filters/client_channel/backup_poller.h',
'src/core/ext/filters/client_channel/client_channel.h',
'src/core/ext/filters/client_channel/client_channel_factory.h',
@@ -320,7 +342,12 @@
'src/core/ext/filters/client_channel/subchannel_index.h',
'src/core/ext/filters/client_channel/uri_parser.h',
'src/core/ext/filters/deadline/deadline_filter.h',
- 'src/core/ext/transport/chttp2/client/chttp2_connector.h',
+ 'src/core/tsi/alts_transport_security.h',
+ 'src/core/tsi/fake_transport_security.h',
+ 'src/core/tsi/ssl_transport_security.h',
+ 'src/core/tsi/ssl_types.h',
+ 'src/core/tsi/transport_security_grpc.h',
+ 'src/core/ext/transport/chttp2/server/chttp2_server.h',
'src/core/ext/transport/inproc/inproc_transport.h',
'src/core/lib/avl/avl.h',
'src/core/lib/backoff/backoff.h',
@@ -631,6 +658,7 @@
'src/core/ext/filters/http/server/http_server_filter.cc',
'src/core/lib/http/httpcli_security_connector.cc',
'src/core/lib/security/context/security_context.cc',
+ 'src/core/lib/security/credentials/alts/alts_credentials.cc',
'src/core/lib/security/credentials/composite/composite_credentials.cc',
'src/core/lib/security/credentials/credentials.cc',
'src/core/lib/security/credentials/credentials_metadata.cc',
@@ -644,6 +672,7 @@
'src/core/lib/security/credentials/oauth2/oauth2_credentials.cc',
'src/core/lib/security/credentials/plugin/plugin_credentials.cc',
'src/core/lib/security/credentials/ssl/ssl_credentials.cc',
+ 'src/core/lib/security/security_connector/alts_security_connector.cc',
'src/core/lib/security/security_connector/security_connector.cc',
'src/core/lib/security/transport/client_auth_filter.cc',
'src/core/lib/security/transport/secure_endpoint.cc',
@@ -653,14 +682,42 @@
'src/core/lib/security/transport/tsi_error.cc',
'src/core/lib/security/util/json_util.cc',
'src/core/lib/surface/init_secure.cc',
- 'src/core/tsi/alts_transport_security.cc',
- 'src/core/tsi/fake_transport_security.cc',
- 'src/core/tsi/ssl_transport_security.cc',
- 'src/core/tsi/transport_security_grpc.cc',
+ 'src/core/tsi/alts/crypt/aes_gcm.cc',
+ 'src/core/tsi/alts/crypt/gsec.cc',
+ 'src/core/tsi/alts/frame_protector/alts_counter.cc',
+ 'src/core/tsi/alts/frame_protector/alts_crypter.cc',
+ 'src/core/tsi/alts/frame_protector/alts_frame_protector.cc',
+ 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc',
+ 'src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc',
+ 'src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc',
+ 'src/core/tsi/alts/frame_protector/frame_handler.cc',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_client.cc',
+ 'src/core/tsi/alts/handshaker/alts_tsi_event.cc',
+ 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc',
+ 'src/core/tsi/alts/handshaker/alts_tsi_utils.cc',
+ 'src/core/tsi/alts/handshaker/transport_security_common_api.cc',
+ 'src/core/tsi/alts/handshaker/altscontext.pb.c',
+ 'src/core/tsi/alts/handshaker/handshaker.pb.c',
+ 'src/core/tsi/alts/handshaker/transport_security_common.pb.c',
'src/core/tsi/transport_security.cc',
'src/core/tsi/transport_security_adapter.cc',
- 'src/core/ext/transport/chttp2/server/chttp2_server.cc',
- 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc',
+ 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc',
+ 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc',
+ 'src/core/ext/transport/chttp2/client/chttp2_connector.cc',
'src/core/ext/filters/client_channel/backup_poller.cc',
'src/core/ext/filters/client_channel/channel_connectivity.cc',
'src/core/ext/filters/client_channel/client_channel.cc',
@@ -684,11 +741,14 @@
'src/core/ext/filters/client_channel/subchannel_index.cc',
'src/core/ext/filters/client_channel/uri_parser.cc',
'src/core/ext/filters/deadline/deadline_filter.cc',
- 'src/core/ext/transport/chttp2/client/chttp2_connector.cc',
+ 'src/core/tsi/alts_transport_security.cc',
+ 'src/core/tsi/fake_transport_security.cc',
+ 'src/core/tsi/ssl_transport_security.cc',
+ 'src/core/tsi/transport_security_grpc.cc',
+ 'src/core/ext/transport/chttp2/server/chttp2_server.cc',
+ 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc',
'src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc',
'src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc',
- 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc',
- 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc',
'src/core/ext/transport/inproc/inproc_plugin.cc',
'src/core/ext/transport/inproc/inproc_transport.cc',
'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc',
@@ -765,6 +825,7 @@
'src/core/ext/filters/http/message_compress/message_compress_filter.h',
'src/core/ext/filters/http/server/http_server_filter.h',
'src/core/lib/security/context/security_context.h',
+ 'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/composite/composite_credentials.h',
'src/core/lib/security/credentials/credentials.h',
'src/core/lib/security/credentials/fake/fake_credentials.h',
@@ -776,6 +837,7 @@
'src/core/lib/security/credentials/oauth2/oauth2_credentials.h',
'src/core/lib/security/credentials/plugin/plugin_credentials.h',
'src/core/lib/security/credentials/ssl/ssl_credentials.h',
+ 'src/core/lib/security/security_connector/alts_security_connector.h',
'src/core/lib/security/security_connector/security_connector.h',
'src/core/lib/security/transport/auth_filters.h',
'src/core/lib/security/transport/secure_endpoint.h',
@@ -783,15 +845,35 @@
'src/core/lib/security/transport/target_authority_table.h',
'src/core/lib/security/transport/tsi_error.h',
'src/core/lib/security/util/json_util.h',
- 'src/core/tsi/alts_transport_security.h',
- 'src/core/tsi/fake_transport_security.h',
- 'src/core/tsi/ssl_transport_security.h',
- 'src/core/tsi/ssl_types.h',
- 'src/core/tsi/transport_security_grpc.h',
+ 'src/core/tsi/alts/crypt/gsec.h',
+ 'src/core/tsi/alts/frame_protector/alts_counter.h',
+ 'src/core/tsi/alts/frame_protector/alts_crypter.h',
+ 'src/core/tsi/alts/frame_protector/alts_frame_protector.h',
+ 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h',
+ 'src/core/tsi/alts/frame_protector/frame_handler.h',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_client.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_event.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment.h',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.h',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h',
+ 'src/core/tsi/alts/handshaker/alts_tsi_utils.h',
+ 'src/core/tsi/alts/handshaker/transport_security_common_api.h',
+ 'src/core/tsi/alts/handshaker/altscontext.pb.h',
+ 'src/core/tsi/alts/handshaker/handshaker.pb.h',
+ 'src/core/tsi/alts/handshaker/transport_security_common.pb.h',
'src/core/tsi/transport_security.h',
'src/core/tsi/transport_security_adapter.h',
'src/core/tsi/transport_security_interface.h',
- 'src/core/ext/transport/chttp2/server/chttp2_server.h',
+ 'src/core/ext/transport/chttp2/client/chttp2_connector.h',
'src/core/ext/filters/client_channel/backup_poller.h',
'src/core/ext/filters/client_channel/client_channel.h',
'src/core/ext/filters/client_channel/client_channel_factory.h',
@@ -814,7 +896,12 @@
'src/core/ext/filters/client_channel/subchannel_index.h',
'src/core/ext/filters/client_channel/uri_parser.h',
'src/core/ext/filters/deadline/deadline_filter.h',
- 'src/core/ext/transport/chttp2/client/chttp2_connector.h',
+ 'src/core/tsi/alts_transport_security.h',
+ 'src/core/tsi/fake_transport_security.h',
+ 'src/core/tsi/ssl_transport_security.h',
+ 'src/core/tsi/ssl_types.h',
+ 'src/core/tsi/transport_security_grpc.h',
+ 'src/core/ext/transport/chttp2/server/chttp2_server.h',
'src/core/ext/transport/inproc/inproc_transport.h',
'src/core/lib/avl/avl.h',
'src/core/lib/backoff/backoff.h',
@@ -975,8 +1062,15 @@
ss.source_files = 'src/core/ext/transport/cronet/client/secure/cronet_channel_create.cc',
'src/core/ext/transport/cronet/transport/cronet_transport.cc',
+ 'third_party/nanopb/pb_common.c',
+ 'third_party/nanopb/pb_decode.c',
+ 'third_party/nanopb/pb_encode.c',
'src/core/ext/transport/cronet/transport/cronet_transport.h',
- 'third_party/objective_c/Cronet/bidirectional_stream_c.h'
+ 'third_party/objective_c/Cronet/bidirectional_stream_c.h',
+ 'third_party/nanopb/pb.h',
+ 'third_party/nanopb/pb_common.h',
+ 'third_party/nanopb/pb_decode.h',
+ 'third_party/nanopb/pb_encode.h'
end
s.subspec 'Tests' do |ss|
diff --git a/grpc.gemspec b/grpc.gemspec
index fbe70aa..3df7cea 100644
--- a/grpc.gemspec
+++ b/grpc.gemspec
@@ -197,6 +197,7 @@
s.files += %w( src/core/ext/filters/http/message_compress/message_compress_filter.h )
s.files += %w( src/core/ext/filters/http/server/http_server_filter.h )
s.files += %w( src/core/lib/security/context/security_context.h )
+ s.files += %w( src/core/lib/security/credentials/alts/alts_credentials.h )
s.files += %w( src/core/lib/security/credentials/composite/composite_credentials.h )
s.files += %w( src/core/lib/security/credentials/credentials.h )
s.files += %w( src/core/lib/security/credentials/fake/fake_credentials.h )
@@ -208,6 +209,7 @@
s.files += %w( src/core/lib/security/credentials/oauth2/oauth2_credentials.h )
s.files += %w( src/core/lib/security/credentials/plugin/plugin_credentials.h )
s.files += %w( src/core/lib/security/credentials/ssl/ssl_credentials.h )
+ s.files += %w( src/core/lib/security/security_connector/alts_security_connector.h )
s.files += %w( src/core/lib/security/security_connector/security_connector.h )
s.files += %w( src/core/lib/security/transport/auth_filters.h )
s.files += %w( src/core/lib/security/transport/secure_endpoint.h )
@@ -215,15 +217,39 @@
s.files += %w( src/core/lib/security/transport/target_authority_table.h )
s.files += %w( src/core/lib/security/transport/tsi_error.h )
s.files += %w( src/core/lib/security/util/json_util.h )
- s.files += %w( src/core/tsi/alts_transport_security.h )
- s.files += %w( src/core/tsi/fake_transport_security.h )
- s.files += %w( src/core/tsi/ssl_transport_security.h )
- s.files += %w( src/core/tsi/ssl_types.h )
- s.files += %w( src/core/tsi/transport_security_grpc.h )
+ s.files += %w( src/core/tsi/alts/crypt/gsec.h )
+ s.files += %w( src/core/tsi/alts/frame_protector/alts_counter.h )
+ s.files += %w( src/core/tsi/alts/frame_protector/alts_crypter.h )
+ s.files += %w( src/core/tsi/alts/frame_protector/alts_frame_protector.h )
+ s.files += %w( src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h )
+ s.files += %w( src/core/tsi/alts/frame_protector/frame_handler.h )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_client.h )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_event.h )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_handshaker.h )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h )
+ s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h )
+ s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h )
+ s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h )
+ s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h )
+ s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h )
+ s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h )
+ s.files += %w( src/core/lib/security/credentials/alts/check_gcp_environment.h )
+ s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_service_api.h )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_utils.h )
+ s.files += %w( src/core/tsi/alts/handshaker/transport_security_common_api.h )
+ s.files += %w( src/core/tsi/alts/handshaker/altscontext.pb.h )
+ s.files += %w( src/core/tsi/alts/handshaker/handshaker.pb.h )
+ s.files += %w( src/core/tsi/alts/handshaker/transport_security_common.pb.h )
+ s.files += %w( third_party/nanopb/pb.h )
+ s.files += %w( third_party/nanopb/pb_common.h )
+ s.files += %w( third_party/nanopb/pb_decode.h )
+ s.files += %w( third_party/nanopb/pb_encode.h )
s.files += %w( src/core/tsi/transport_security.h )
s.files += %w( src/core/tsi/transport_security_adapter.h )
s.files += %w( src/core/tsi/transport_security_interface.h )
- s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.h )
+ s.files += %w( src/core/ext/transport/chttp2/client/chttp2_connector.h )
s.files += %w( src/core/ext/filters/client_channel/backup_poller.h )
s.files += %w( src/core/ext/filters/client_channel/client_channel.h )
s.files += %w( src/core/ext/filters/client_channel/client_channel_factory.h )
@@ -246,7 +272,12 @@
s.files += %w( src/core/ext/filters/client_channel/subchannel_index.h )
s.files += %w( src/core/ext/filters/client_channel/uri_parser.h )
s.files += %w( src/core/ext/filters/deadline/deadline_filter.h )
- s.files += %w( src/core/ext/transport/chttp2/client/chttp2_connector.h )
+ s.files += %w( src/core/tsi/alts_transport_security.h )
+ s.files += %w( src/core/tsi/fake_transport_security.h )
+ s.files += %w( src/core/tsi/ssl_transport_security.h )
+ s.files += %w( src/core/tsi/ssl_types.h )
+ s.files += %w( src/core/tsi/transport_security_grpc.h )
+ s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.h )
s.files += %w( src/core/ext/transport/inproc/inproc_transport.h )
s.files += %w( src/core/lib/avl/avl.h )
s.files += %w( src/core/lib/backoff/backoff.h )
@@ -381,10 +412,6 @@
s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h )
s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h )
s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h )
- s.files += %w( third_party/nanopb/pb.h )
- s.files += %w( third_party/nanopb/pb_common.h )
- s.files += %w( third_party/nanopb/pb_decode.h )
- s.files += %w( third_party/nanopb/pb_encode.h )
s.files += %w( src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h )
s.files += %w( src/core/ext/filters/client_channel/lb_policy/subchannel_list.h )
s.files += %w( src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h )
@@ -561,6 +588,7 @@
s.files += %w( src/core/ext/filters/http/server/http_server_filter.cc )
s.files += %w( src/core/lib/http/httpcli_security_connector.cc )
s.files += %w( src/core/lib/security/context/security_context.cc )
+ s.files += %w( src/core/lib/security/credentials/alts/alts_credentials.cc )
s.files += %w( src/core/lib/security/credentials/composite/composite_credentials.cc )
s.files += %w( src/core/lib/security/credentials/credentials.cc )
s.files += %w( src/core/lib/security/credentials/credentials_metadata.cc )
@@ -574,6 +602,7 @@
s.files += %w( src/core/lib/security/credentials/oauth2/oauth2_credentials.cc )
s.files += %w( src/core/lib/security/credentials/plugin/plugin_credentials.cc )
s.files += %w( src/core/lib/security/credentials/ssl/ssl_credentials.cc )
+ s.files += %w( src/core/lib/security/security_connector/alts_security_connector.cc )
s.files += %w( src/core/lib/security/security_connector/security_connector.cc )
s.files += %w( src/core/lib/security/transport/client_auth_filter.cc )
s.files += %w( src/core/lib/security/transport/secure_endpoint.cc )
@@ -583,14 +612,45 @@
s.files += %w( src/core/lib/security/transport/tsi_error.cc )
s.files += %w( src/core/lib/security/util/json_util.cc )
s.files += %w( src/core/lib/surface/init_secure.cc )
- s.files += %w( src/core/tsi/alts_transport_security.cc )
- s.files += %w( src/core/tsi/fake_transport_security.cc )
- s.files += %w( src/core/tsi/ssl_transport_security.cc )
- s.files += %w( src/core/tsi/transport_security_grpc.cc )
+ s.files += %w( src/core/tsi/alts/crypt/aes_gcm.cc )
+ s.files += %w( src/core/tsi/alts/crypt/gsec.cc )
+ s.files += %w( src/core/tsi/alts/frame_protector/alts_counter.cc )
+ s.files += %w( src/core/tsi/alts/frame_protector/alts_crypter.cc )
+ s.files += %w( src/core/tsi/alts/frame_protector/alts_frame_protector.cc )
+ s.files += %w( src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc )
+ s.files += %w( src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc )
+ s.files += %w( src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc )
+ s.files += %w( src/core/tsi/alts/frame_protector/frame_handler.cc )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_client.cc )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_event.cc )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc )
+ s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc )
+ s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc )
+ s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc )
+ s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc )
+ s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc )
+ s.files += %w( src/core/lib/security/credentials/alts/check_gcp_environment.cc )
+ s.files += %w( src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc )
+ s.files += %w( src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc )
+ s.files += %w( src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc )
+ s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc )
+ s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc )
+ s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc )
+ s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_utils.cc )
+ s.files += %w( src/core/tsi/alts/handshaker/transport_security_common_api.cc )
+ s.files += %w( src/core/tsi/alts/handshaker/altscontext.pb.c )
+ s.files += %w( src/core/tsi/alts/handshaker/handshaker.pb.c )
+ s.files += %w( src/core/tsi/alts/handshaker/transport_security_common.pb.c )
+ s.files += %w( third_party/nanopb/pb_common.c )
+ s.files += %w( third_party/nanopb/pb_decode.c )
+ s.files += %w( third_party/nanopb/pb_encode.c )
s.files += %w( src/core/tsi/transport_security.cc )
s.files += %w( src/core/tsi/transport_security_adapter.cc )
- s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.cc )
- s.files += %w( src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc )
+ s.files += %w( src/core/ext/transport/chttp2/client/insecure/channel_create.cc )
+ s.files += %w( src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc )
+ s.files += %w( src/core/ext/transport/chttp2/client/chttp2_connector.cc )
s.files += %w( src/core/ext/filters/client_channel/backup_poller.cc )
s.files += %w( src/core/ext/filters/client_channel/channel_connectivity.cc )
s.files += %w( src/core/ext/filters/client_channel/client_channel.cc )
@@ -614,11 +674,14 @@
s.files += %w( src/core/ext/filters/client_channel/subchannel_index.cc )
s.files += %w( src/core/ext/filters/client_channel/uri_parser.cc )
s.files += %w( src/core/ext/filters/deadline/deadline_filter.cc )
- s.files += %w( src/core/ext/transport/chttp2/client/chttp2_connector.cc )
+ s.files += %w( src/core/tsi/alts_transport_security.cc )
+ s.files += %w( src/core/tsi/fake_transport_security.cc )
+ s.files += %w( src/core/tsi/ssl_transport_security.cc )
+ s.files += %w( src/core/tsi/transport_security_grpc.cc )
+ s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.cc )
+ s.files += %w( src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc )
s.files += %w( src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc )
s.files += %w( src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc )
- s.files += %w( src/core/ext/transport/chttp2/client/insecure/channel_create.cc )
- s.files += %w( src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc )
s.files += %w( src/core/ext/transport/inproc/inproc_plugin.cc )
s.files += %w( src/core/ext/transport/inproc/inproc_transport.cc )
s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc )
@@ -627,9 +690,6 @@
s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc )
s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc )
s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c )
- s.files += %w( third_party/nanopb/pb_common.c )
- s.files += %w( third_party/nanopb/pb_decode.c )
- s.files += %w( third_party/nanopb/pb_encode.c )
s.files += %w( src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc )
s.files += %w( src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc )
s.files += %w( src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc )
diff --git a/grpc.gyp b/grpc.gyp
index cd3dedd..38597a5 100644
--- a/grpc.gyp
+++ b/grpc.gyp
@@ -64,11 +64,11 @@
],
'cflags_c': [
'-Werror',
- '-std=c99'
+ '-std=c99',
],
'cflags_cc': [
'-Werror',
- '-std=c++11'
+ '-std=c++11',
],
'include_dirs': [
'.',
@@ -148,7 +148,7 @@
'-Wno-deprecated-declarations',
'-stdlib=libc++',
'-std=c++11',
- '-Wno-error=deprecated-declarations'
+ '-Wno-error=deprecated-declarations',
],
},
}]
@@ -156,6 +156,17 @@
},
'targets': [
{
+ 'target_name': 'alts_test_util',
+ 'type': 'static_library',
+ 'dependencies': [
+ 'grpc',
+ ],
+ 'sources': [
+ 'test/core/tsi/alts/crypt/gsec_test_util.cc',
+ 'test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc',
+ ],
+ },
+ {
'target_name': 'gpr',
'type': 'static_library',
'dependencies': [
@@ -385,6 +396,7 @@
'src/core/ext/filters/http/server/http_server_filter.cc',
'src/core/lib/http/httpcli_security_connector.cc',
'src/core/lib/security/context/security_context.cc',
+ 'src/core/lib/security/credentials/alts/alts_credentials.cc',
'src/core/lib/security/credentials/composite/composite_credentials.cc',
'src/core/lib/security/credentials/credentials.cc',
'src/core/lib/security/credentials/credentials_metadata.cc',
@@ -398,6 +410,7 @@
'src/core/lib/security/credentials/oauth2/oauth2_credentials.cc',
'src/core/lib/security/credentials/plugin/plugin_credentials.cc',
'src/core/lib/security/credentials/ssl/ssl_credentials.cc',
+ 'src/core/lib/security/security_connector/alts_security_connector.cc',
'src/core/lib/security/security_connector/security_connector.cc',
'src/core/lib/security/transport/client_auth_filter.cc',
'src/core/lib/security/transport/secure_endpoint.cc',
@@ -407,14 +420,45 @@
'src/core/lib/security/transport/tsi_error.cc',
'src/core/lib/security/util/json_util.cc',
'src/core/lib/surface/init_secure.cc',
- 'src/core/tsi/alts_transport_security.cc',
- 'src/core/tsi/fake_transport_security.cc',
- 'src/core/tsi/ssl_transport_security.cc',
- 'src/core/tsi/transport_security_grpc.cc',
+ 'src/core/tsi/alts/crypt/aes_gcm.cc',
+ 'src/core/tsi/alts/crypt/gsec.cc',
+ 'src/core/tsi/alts/frame_protector/alts_counter.cc',
+ 'src/core/tsi/alts/frame_protector/alts_crypter.cc',
+ 'src/core/tsi/alts/frame_protector/alts_frame_protector.cc',
+ 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc',
+ 'src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc',
+ 'src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc',
+ 'src/core/tsi/alts/frame_protector/frame_handler.cc',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_client.cc',
+ 'src/core/tsi/alts/handshaker/alts_tsi_event.cc',
+ 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc',
+ 'src/core/tsi/alts/handshaker/alts_tsi_utils.cc',
+ 'src/core/tsi/alts/handshaker/transport_security_common_api.cc',
+ 'src/core/tsi/alts/handshaker/altscontext.pb.c',
+ 'src/core/tsi/alts/handshaker/handshaker.pb.c',
+ 'src/core/tsi/alts/handshaker/transport_security_common.pb.c',
+ 'third_party/nanopb/pb_common.c',
+ 'third_party/nanopb/pb_decode.c',
+ 'third_party/nanopb/pb_encode.c',
'src/core/tsi/transport_security.cc',
'src/core/tsi/transport_security_adapter.cc',
- 'src/core/ext/transport/chttp2/server/chttp2_server.cc',
- 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc',
+ 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc',
+ 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc',
+ 'src/core/ext/transport/chttp2/client/chttp2_connector.cc',
'src/core/ext/filters/client_channel/backup_poller.cc',
'src/core/ext/filters/client_channel/channel_connectivity.cc',
'src/core/ext/filters/client_channel/client_channel.cc',
@@ -438,11 +482,14 @@
'src/core/ext/filters/client_channel/subchannel_index.cc',
'src/core/ext/filters/client_channel/uri_parser.cc',
'src/core/ext/filters/deadline/deadline_filter.cc',
- 'src/core/ext/transport/chttp2/client/chttp2_connector.cc',
+ 'src/core/tsi/alts_transport_security.cc',
+ 'src/core/tsi/fake_transport_security.cc',
+ 'src/core/tsi/ssl_transport_security.cc',
+ 'src/core/tsi/transport_security_grpc.cc',
+ 'src/core/ext/transport/chttp2/server/chttp2_server.cc',
+ 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc',
'src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc',
'src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc',
- 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc',
- 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc',
'src/core/ext/transport/inproc/inproc_plugin.cc',
'src/core/ext/transport/inproc/inproc_transport.cc',
'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc',
@@ -451,9 +498,6 @@
'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc',
'src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc',
'src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c',
- 'third_party/nanopb/pb_common.c',
- 'third_party/nanopb/pb_decode.c',
- 'third_party/nanopb/pb_encode.c',
'src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc',
'src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc',
'src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc',
diff --git a/package.xml b/package.xml
index db03230..c4a6f6f 100644
--- a/package.xml
+++ b/package.xml
@@ -204,6 +204,7 @@
<file baseinstalldir="/" name="src/core/ext/filters/http/message_compress/message_compress_filter.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/http/server/http_server_filter.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/context/security_context.h" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/alts_credentials.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/composite/composite_credentials.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/credentials.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/fake/fake_credentials.h" role="src" />
@@ -215,6 +216,7 @@
<file baseinstalldir="/" name="src/core/lib/security/credentials/oauth2/oauth2_credentials.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/plugin/plugin_credentials.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/ssl/ssl_credentials.h" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/security_connector/alts_security_connector.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/security_connector/security_connector.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/transport/auth_filters.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/transport/secure_endpoint.h" role="src" />
@@ -222,15 +224,39 @@
<file baseinstalldir="/" name="src/core/lib/security/transport/target_authority_table.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/transport/tsi_error.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/util/json_util.h" role="src" />
- <file baseinstalldir="/" name="src/core/tsi/alts_transport_security.h" role="src" />
- <file baseinstalldir="/" name="src/core/tsi/fake_transport_security.h" role="src" />
- <file baseinstalldir="/" name="src/core/tsi/ssl_transport_security.h" role="src" />
- <file baseinstalldir="/" name="src/core/tsi/ssl_types.h" role="src" />
- <file baseinstalldir="/" name="src/core/tsi/transport_security_grpc.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/crypt/gsec.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_counter.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_crypter.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_frame_protector.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/frame_handler.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_client.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_event.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/check_gcp_environment.h" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_service_api.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_utils.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/transport_security_common_api.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/altscontext.pb.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/handshaker.pb.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/transport_security_common.pb.h" role="src" />
+ <file baseinstalldir="/" name="third_party/nanopb/pb.h" role="src" />
+ <file baseinstalldir="/" name="third_party/nanopb/pb_common.h" role="src" />
+ <file baseinstalldir="/" name="third_party/nanopb/pb_decode.h" role="src" />
+ <file baseinstalldir="/" name="third_party/nanopb/pb_encode.h" role="src" />
<file baseinstalldir="/" name="src/core/tsi/transport_security.h" role="src" />
<file baseinstalldir="/" name="src/core/tsi/transport_security_adapter.h" role="src" />
<file baseinstalldir="/" name="src/core/tsi/transport_security_interface.h" role="src" />
- <file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/chttp2_server.h" role="src" />
+ <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/chttp2_connector.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/backup_poller.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/client_channel.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/client_channel_factory.h" role="src" />
@@ -253,7 +279,12 @@
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/subchannel_index.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/uri_parser.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/deadline/deadline_filter.h" role="src" />
- <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/chttp2_connector.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts_transport_security.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/fake_transport_security.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/ssl_transport_security.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/ssl_types.h" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/transport_security_grpc.h" role="src" />
+ <file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/chttp2_server.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/transport/inproc/inproc_transport.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/avl/avl.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/backoff/backoff.h" role="src" />
@@ -388,10 +419,6 @@
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h" role="src" />
- <file baseinstalldir="/" name="third_party/nanopb/pb.h" role="src" />
- <file baseinstalldir="/" name="third_party/nanopb/pb_common.h" role="src" />
- <file baseinstalldir="/" name="third_party/nanopb/pb_decode.h" role="src" />
- <file baseinstalldir="/" name="third_party/nanopb/pb_encode.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/subchannel_list.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h" role="src" />
@@ -568,6 +595,7 @@
<file baseinstalldir="/" name="src/core/ext/filters/http/server/http_server_filter.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/http/httpcli_security_connector.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/context/security_context.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/alts_credentials.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/composite/composite_credentials.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/credentials.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/credentials_metadata.cc" role="src" />
@@ -581,6 +609,7 @@
<file baseinstalldir="/" name="src/core/lib/security/credentials/oauth2/oauth2_credentials.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/plugin/plugin_credentials.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/ssl/ssl_credentials.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/security_connector/alts_security_connector.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/security_connector/security_connector.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/transport/client_auth_filter.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/transport/secure_endpoint.cc" role="src" />
@@ -590,14 +619,45 @@
<file baseinstalldir="/" name="src/core/lib/security/transport/tsi_error.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/util/json_util.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/surface/init_secure.cc" role="src" />
- <file baseinstalldir="/" name="src/core/tsi/alts_transport_security.cc" role="src" />
- <file baseinstalldir="/" name="src/core/tsi/fake_transport_security.cc" role="src" />
- <file baseinstalldir="/" name="src/core/tsi/ssl_transport_security.cc" role="src" />
- <file baseinstalldir="/" name="src/core/tsi/transport_security_grpc.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/crypt/aes_gcm.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/crypt/gsec.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_counter.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_crypter.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_frame_protector.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/frame_handler.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_client.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_event.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/check_gcp_environment.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_utils.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/transport_security_common_api.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/altscontext.pb.c" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/handshaker.pb.c" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/transport_security_common.pb.c" role="src" />
+ <file baseinstalldir="/" name="third_party/nanopb/pb_common.c" role="src" />
+ <file baseinstalldir="/" name="third_party/nanopb/pb_decode.c" role="src" />
+ <file baseinstalldir="/" name="third_party/nanopb/pb_encode.c" role="src" />
<file baseinstalldir="/" name="src/core/tsi/transport_security.cc" role="src" />
<file baseinstalldir="/" name="src/core/tsi/transport_security_adapter.cc" role="src" />
- <file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/chttp2_server.cc" role="src" />
- <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/insecure/channel_create.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/chttp2_connector.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/backup_poller.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/channel_connectivity.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/client_channel.cc" role="src" />
@@ -621,11 +681,14 @@
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/subchannel_index.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/uri_parser.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/deadline/deadline_filter.cc" role="src" />
- <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/chttp2_connector.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/alts_transport_security.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/fake_transport_security.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/ssl_transport_security.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/tsi/transport_security_grpc.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/chttp2_server.cc" role="src" />
+ <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc" role="src" />
- <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/insecure/channel_create.cc" role="src" />
- <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/transport/inproc/inproc_plugin.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/transport/inproc/inproc_transport.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc" role="src" />
@@ -634,9 +697,6 @@
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c" role="src" />
- <file baseinstalldir="/" name="third_party/nanopb/pb_common.c" role="src" />
- <file baseinstalldir="/" name="third_party/nanopb/pb_decode.c" role="src" />
- <file baseinstalldir="/" name="third_party/nanopb/pb_encode.c" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc" role="src" />
diff --git a/setup.py b/setup.py
index 4f67f82..7c07c56 100644
--- a/setup.py
+++ b/setup.py
@@ -118,6 +118,7 @@
EXTRA_ENV_COMPILE_ARGS += ' -std=c++11 -std=gnu99 -fvisibility=hidden -fno-wrapv -fno-exceptions'
elif "darwin" in sys.platform:
EXTRA_ENV_COMPILE_ARGS += ' -fvisibility=hidden -fno-wrapv -fno-exceptions'
+EXTRA_ENV_COMPILE_ARGS += ' -DPB_FIELD_16BIT'
if EXTRA_ENV_LINK_ARGS is None:
EXTRA_ENV_LINK_ARGS = ''
@@ -160,7 +161,7 @@
DEFINE_MACROS = (
('OPENSSL_NO_ASM', 1), ('_WIN32_WINNT', 0x600),
- ('GPR_BACKWARDS_COMPATIBILITY_MODE', 1),)
+ ('GPR_BACKWARDS_COMPATIBILITY_MODE', 1))
if "win32" in sys.platform:
# TODO(zyc): Re-enble c-ares on x64 and x86 windows after fixing the
# ares_library_init compilation issue
diff --git a/src/core/lib/security/credentials/alts/alts_credentials.cc b/src/core/lib/security/credentials/alts/alts_credentials.cc
new file mode 100644
index 0000000..fa05d90
--- /dev/null
+++ b/src/core/lib/security/credentials/alts/alts_credentials.cc
@@ -0,0 +1,119 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/lib/security/credentials/alts/alts_credentials.h"
+
+#include <cstring>
+
+#include <grpc/grpc.h>
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+#include <grpc/support/string_util.h>
+
+#include "src/core/lib/security/credentials/alts/check_gcp_environment.h"
+#include "src/core/lib/security/security_connector/alts_security_connector.h"
+
+#define GRPC_CREDENTIALS_TYPE_ALTS "Alts"
+#define GRPC_ALTS_HANDSHAKER_SERVICE_URL "metadata.google.internal:8080"
+
+static void alts_credentials_destruct(grpc_channel_credentials* creds) {
+ grpc_alts_credentials* alts_creds =
+ reinterpret_cast<grpc_alts_credentials*>(creds);
+ grpc_alts_credentials_options_destroy(alts_creds->options);
+ gpr_free(alts_creds->handshaker_service_url);
+}
+
+static void alts_server_credentials_destruct(grpc_server_credentials* creds) {
+ grpc_alts_server_credentials* alts_creds =
+ reinterpret_cast<grpc_alts_server_credentials*>(creds);
+ grpc_alts_credentials_options_destroy(alts_creds->options);
+ gpr_free(alts_creds->handshaker_service_url);
+}
+
+static grpc_security_status alts_create_security_connector(
+ grpc_channel_credentials* creds,
+ grpc_call_credentials* request_metadata_creds, const char* target_name,
+ const grpc_channel_args* args, grpc_channel_security_connector** sc,
+ grpc_channel_args** new_args) {
+ return grpc_alts_channel_security_connector_create(
+ creds, request_metadata_creds, target_name, sc);
+}
+
+static grpc_security_status alts_server_create_security_connector(
+ grpc_server_credentials* creds, grpc_server_security_connector** sc) {
+ return grpc_alts_server_security_connector_create(creds, sc);
+}
+
+static const grpc_channel_credentials_vtable alts_credentials_vtable = {
+ alts_credentials_destruct, alts_create_security_connector,
+ /*duplicate_without_call_credentials=*/nullptr};
+
+static const grpc_server_credentials_vtable alts_server_credentials_vtable = {
+ alts_server_credentials_destruct, alts_server_create_security_connector};
+
+grpc_channel_credentials* grpc_alts_credentials_create_customized(
+ const grpc_alts_credentials_options* options,
+ const char* handshaker_service_url, bool enable_untrusted_alts) {
+ if (!enable_untrusted_alts && !grpc_alts_is_running_on_gcp()) {
+ return nullptr;
+ }
+ auto creds = static_cast<grpc_alts_credentials*>(
+ gpr_zalloc(sizeof(grpc_alts_credentials)));
+ creds->options = grpc_alts_credentials_options_copy(options);
+ creds->handshaker_service_url =
+ handshaker_service_url == nullptr
+ ? gpr_strdup(GRPC_ALTS_HANDSHAKER_SERVICE_URL)
+ : gpr_strdup(handshaker_service_url);
+ creds->base.type = GRPC_CREDENTIALS_TYPE_ALTS;
+ creds->base.vtable = &alts_credentials_vtable;
+ gpr_ref_init(&creds->base.refcount, 1);
+ return &creds->base;
+}
+
+grpc_server_credentials* grpc_alts_server_credentials_create_customized(
+ const grpc_alts_credentials_options* options,
+ const char* handshaker_service_url, bool enable_untrusted_alts) {
+ if (!enable_untrusted_alts && !grpc_alts_is_running_on_gcp()) {
+ return nullptr;
+ }
+ auto creds = static_cast<grpc_alts_server_credentials*>(
+ gpr_zalloc(sizeof(grpc_alts_server_credentials)));
+ creds->options = grpc_alts_credentials_options_copy(options);
+ creds->handshaker_service_url =
+ handshaker_service_url == nullptr
+ ? gpr_strdup(GRPC_ALTS_HANDSHAKER_SERVICE_URL)
+ : gpr_strdup(handshaker_service_url);
+ creds->base.type = GRPC_CREDENTIALS_TYPE_ALTS;
+ creds->base.vtable = &alts_server_credentials_vtable;
+ gpr_ref_init(&creds->base.refcount, 1);
+ return &creds->base;
+}
+
+grpc_channel_credentials* grpc_alts_credentials_create(
+ const grpc_alts_credentials_options* options) {
+ return grpc_alts_credentials_create_customized(
+ options, GRPC_ALTS_HANDSHAKER_SERVICE_URL, false);
+}
+
+grpc_server_credentials* grpc_alts_server_credentials_create(
+ const grpc_alts_credentials_options* options) {
+ return grpc_alts_server_credentials_create_customized(
+ options, GRPC_ALTS_HANDSHAKER_SERVICE_URL, false);
+}
diff --git a/src/core/lib/security/credentials/alts/alts_credentials.h b/src/core/lib/security/credentials/alts/alts_credentials.h
new file mode 100644
index 0000000..621789c
--- /dev/null
+++ b/src/core/lib/security/credentials/alts/alts_credentials.h
@@ -0,0 +1,102 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H
+#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H
+
+#include <grpc/support/port_platform.h>
+
+#include <grpc/grpc_security.h>
+
+#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h"
+#include "src/core/lib/security/credentials/credentials.h"
+
+/* Main struct for grpc ALTS channel credential. */
+typedef struct grpc_alts_credentials {
+ grpc_channel_credentials base;
+ grpc_alts_credentials_options* options;
+ char* handshaker_service_url;
+} grpc_alts_credentials;
+
+/* Main struct for grpc ALTS server credential. */
+typedef struct grpc_alts_server_credentials {
+ grpc_server_credentials base;
+ grpc_alts_credentials_options* options;
+ char* handshaker_service_url;
+} grpc_alts_server_credentials;
+
+/**
+ * This method creates an ALTS channel credential object.
+ *
+ * - options: grpc ALTS credentials options instance for client.
+ *
+ * It returns the created ALTS channel credential object.
+ */
+grpc_channel_credentials* grpc_alts_credentials_create(
+ const grpc_alts_credentials_options* options);
+
+/**
+ * This method creates an ALTS server credential object.
+ *
+ * - options: grpc ALTS credentials options instance for server.
+ *
+ * It returns the created ALTS server credential object.
+ */
+grpc_server_credentials* grpc_alts_server_credentials_create(
+ const grpc_alts_credentials_options* options);
+
+/**
+ * This method creates an ALTS channel credential object with customized
+ * information provided by caller.
+ *
+ * - options: grpc ALTS credentials options instance for client.
+ * - handshaker_service_url: address of ALTS handshaker service in the format of
+ * "host:port". If it's nullptr, the address of default metadata server will
+ * be used.
+ * - enable_untrusted_alts: a boolean flag used to enable ALTS in untrusted
+ * mode. This mode can be enabled when we are sure ALTS is running on GCP or
+ * for testing purpose.
+ *
+ * It returns nullptr if the flag is disabled AND ALTS is not running on GCP.
+ * Otherwise, it returns the created credential object.
+ */
+
+grpc_channel_credentials* grpc_alts_credentials_create_customized(
+ const grpc_alts_credentials_options* options,
+ const char* handshaker_service_url, bool enable_untrusted_alts);
+
+/**
+ * This method creates an ALTS server credential object with customized
+ * information provided by caller.
+ *
+ * - options: grpc ALTS credentials options instance for server.
+ * - handshaker_service_url: address of ALTS handshaker service in the format of
+ * "host:port". If it's nullptr, the address of default metadata server will
+ * be used.
+ * - enable_untrusted_alts: a boolean flag used to enable ALTS in untrusted
+ * mode. This mode can be enabled when we are sure ALTS is running on GCP or
+ * for testing purpose.
+ *
+ * It returns nullptr if the flag is disabled and ALTS is not running on GCP.
+ * Otherwise, it returns the created credential object.
+ */
+grpc_server_credentials* grpc_alts_server_credentials_create_customized(
+ const grpc_alts_credentials_options* options,
+ const char* handshaker_service_url, bool enable_untrusted_alts);
+
+#endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H */
diff --git a/src/core/lib/security/credentials/alts/check_gcp_environment.cc b/src/core/lib/security/credentials/alts/check_gcp_environment.cc
new file mode 100644
index 0000000..9680787
--- /dev/null
+++ b/src/core/lib/security/credentials/alts/check_gcp_environment.cc
@@ -0,0 +1,72 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/lib/security/credentials/alts/check_gcp_environment.h"
+
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+const size_t kBiosDataBufferSize = 256;
+
+static char* trim(const char* src) {
+ if (src == nullptr) {
+ return nullptr;
+ }
+ char* des = nullptr;
+ size_t start = 0, end = strlen(src) - 1;
+ /* find the last character that is not a whitespace. */
+ while (end != 0 && isspace(src[end])) {
+ end--;
+ }
+ /* find the first character that is not a whitespace. */
+ while (start < strlen(src) && isspace(src[start])) {
+ start++;
+ }
+ if (start <= end) {
+ des = static_cast<char*>(
+ gpr_zalloc(sizeof(char) * (end - start + 2 /* '\0' */)));
+ memcpy(des, src + start, end - start + 1);
+ }
+ return des;
+}
+
+namespace grpc_core {
+namespace internal {
+
+char* read_bios_file(const char* bios_file) {
+ FILE* fp = fopen(bios_file, "r");
+ if (!fp) {
+ gpr_log(GPR_ERROR, "BIOS data file cannot be opened.");
+ return nullptr;
+ }
+ char buf[kBiosDataBufferSize + 1];
+ size_t ret = fread(buf, sizeof(char), kBiosDataBufferSize, fp);
+ buf[ret] = '\0';
+ char* trimmed_buf = trim(buf);
+ fclose(fp);
+ return trimmed_buf;
+}
+
+} // namespace internal
+} // namespace grpc_core
diff --git a/src/core/lib/security/credentials/alts/check_gcp_environment.h b/src/core/lib/security/credentials/alts/check_gcp_environment.h
new file mode 100644
index 0000000..aea4cea
--- /dev/null
+++ b/src/core/lib/security/credentials/alts/check_gcp_environment.h
@@ -0,0 +1,57 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_CHECK_GCP_ENVIRONMENT_H
+#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_CHECK_GCP_ENVIRONMENT_H
+
+namespace grpc_core {
+namespace internal {
+
+/**
+ * This method is a helper function that reads a file containing system bios
+ * data. Exposed for testing only.
+ *
+ * - bios_file: a file containing BIOS data used to determine GCE tenancy
+ * information.
+ *
+ * It returns a buffer containing the data read from the file.
+ */
+char* read_bios_file(const char* bios_file);
+
+/**
+ * This method checks if system BIOS data contains Google-specific phrases.
+ * Exposed for testing only.
+ *
+ * - bios_data: a buffer containing system BIOS data.
+ *
+ * It returns true if the BIOS data contains Google-specific phrases, and false
+ * otherwise.
+ */
+bool check_bios_data(const char* bios_data);
+
+} // namespace internal
+} // namespace grpc_core
+
+/**
+ * This method checks if a VM (Windows or Linux) is running within Google
+ * compute Engine (GCE) or not. It returns true if the VM is running in GCE and
+ * false otherwise.
+ */
+bool grpc_alts_is_running_on_gcp();
+
+#endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_CHECK_GCP_ENVIRONMENT_H */
diff --git a/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc b/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc
new file mode 100644
index 0000000..7c4d7a7
--- /dev/null
+++ b/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc
@@ -0,0 +1,67 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#ifdef GPR_LINUX
+
+#include "src/core/lib/security/credentials/alts/check_gcp_environment.h"
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/sync.h>
+
+#include <string.h>
+
+#define GRPC_ALTS_EXPECT_NAME_GOOGLE "Google"
+#define GRPC_ALTS_EXPECT_NAME_GCE "Google Compute Engine"
+#define GRPC_ALTS_PRODUCT_NAME_FILE "/sys/class/dmi/id/product_name"
+
+static bool g_compute_engine_detection_done = false;
+static bool g_is_on_compute_engine = false;
+static gpr_mu g_mu;
+static gpr_once g_once = GPR_ONCE_INIT;
+
+namespace grpc_core {
+namespace internal {
+
+bool check_bios_data(const char* bios_data_file) {
+ char* bios_data = read_bios_file(bios_data_file);
+ bool result = (!strcmp(bios_data, GRPC_ALTS_EXPECT_NAME_GOOGLE)) ||
+ (!strcmp(bios_data, GRPC_ALTS_EXPECT_NAME_GCE));
+ gpr_free(bios_data);
+ return result;
+}
+
+} // namespace internal
+} // namespace grpc_core
+
+static void init_mu(void) { gpr_mu_init(&g_mu); }
+
+bool grpc_alts_is_running_on_gcp() {
+ gpr_once_init(&g_once, init_mu);
+ gpr_mu_lock(&g_mu);
+ if (!g_compute_engine_detection_done) {
+ g_is_on_compute_engine =
+ grpc_core::internal::check_bios_data(GRPC_ALTS_PRODUCT_NAME_FILE);
+ g_compute_engine_detection_done = true;
+ }
+ gpr_mu_unlock(&g_mu);
+ return g_is_on_compute_engine;
+}
+
+#endif // GPR_LINUX
diff --git a/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc b/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc
new file mode 100644
index 0000000..d97681b
--- /dev/null
+++ b/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc
@@ -0,0 +1,33 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#if !defined(GPR_LINUX) && !defined(GPR_WINDOWS)
+
+#include "src/core/lib/security/credentials/alts/check_gcp_environment.h"
+
+#include <grpc/support/log.h>
+
+bool grpc_alts_is_running_on_gcp() {
+ gpr_log(GPR_ERROR,
+ "Platforms other than Linux and Windows are not supported");
+ return false;
+}
+
+#endif // !defined(LINUX) && !defined(GPR_WINDOWS)
diff --git a/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc b/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc
new file mode 100644
index 0000000..55efe0e
--- /dev/null
+++ b/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc
@@ -0,0 +1,114 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#ifdef GPR_WINDOWS
+
+#include "src/core/lib/security/credentials/alts/check_gcp_environment.h"
+
+#include <shellapi.h>
+#include <stdio.h>
+#include <tchar.h>
+#include <windows.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+#include <grpc/support/sync.h>
+
+#define GRPC_ALTS_EXPECT_NAME_GOOGLE "Google"
+#define GRPC_ALTS_WINDOWS_CHECK_COMMAND "powershell.exe"
+#define GRPC_ALTS_WINDOWS_CHECK_COMMAND_ARGS \
+ "(Get-WmiObject -Class Win32_BIOS).Manufacturer"
+#define GRPC_ALTS_WINDOWS_CHECK_BIOS_FILE "windows_bios.data"
+
+const size_t kBiosDataBufferSize = 256;
+
+static bool g_compute_engine_detection_done = false;
+static bool g_is_on_compute_engine = false;
+static gpr_mu g_mu;
+static gpr_once g_once = GPR_ONCE_INIT;
+
+namespace grpc_core {
+namespace internal {
+
+bool check_bios_data(const char* bios_data_file) {
+ char* bios_data = read_bios_file(bios_data_file);
+ bool result = !strcmp(bios_data, GRPC_ALTS_EXPECT_NAME_GOOGLE);
+ remove(GRPC_ALTS_WINDOWS_CHECK_BIOS_FILE);
+ gpr_free(bios_data);
+ return result;
+}
+
+} // namespace internal
+} // namespace grpc_core
+
+static void init_mu(void) { gpr_mu_init(&g_mu); }
+
+static bool run_powershell() {
+ SECURITY_ATTRIBUTES sa;
+ sa.nLength = sizeof(sa);
+ sa.lpSecurityDescriptor = NULL;
+ sa.bInheritHandle = TRUE;
+ HANDLE h = CreateFile(_T(GRPC_ALTS_WINDOWS_CHECK_BIOS_FILE), GENERIC_WRITE,
+ FILE_SHARE_WRITE | FILE_SHARE_READ, &sa, OPEN_ALWAYS,
+ FILE_ATTRIBUTE_NORMAL, NULL);
+ if (h == INVALID_HANDLE_VALUE) {
+ gpr_log(GPR_ERROR, "CreateFile failed (%d).", GetLastError());
+ return false;
+ }
+ PROCESS_INFORMATION pi;
+ STARTUPINFO si;
+ DWORD flags = CREATE_NO_WINDOW;
+ ZeroMemory(&pi, sizeof(pi));
+ ZeroMemory(&si, sizeof(si));
+ si.cb = sizeof(si);
+ si.dwFlags |= STARTF_USESTDHANDLES;
+ si.hStdInput = NULL;
+ si.hStdError = h;
+ si.hStdOutput = h;
+ TCHAR cmd[kBiosDataBufferSize];
+ _sntprintf(cmd, kBiosDataBufferSize, _T("%s %s"),
+ _T(GRPC_ALTS_WINDOWS_CHECK_COMMAND),
+ _T(GRPC_ALTS_WINDOWS_CHECK_COMMAND_ARGS));
+ if (!CreateProcess(NULL, cmd, NULL, NULL, TRUE, flags, NULL, NULL, &si,
+ &pi)) {
+ gpr_log(GPR_ERROR, "CreateProcess failed (%d).\n", GetLastError());
+ return false;
+ }
+ WaitForSingleObject(pi.hProcess, INFINITE);
+ CloseHandle(pi.hProcess);
+ CloseHandle(pi.hThread);
+ CloseHandle(h);
+ return true;
+}
+
+bool grpc_alts_is_running_on_gcp() {
+ gpr_once_init(&g_once, init_mu);
+ gpr_mu_lock(&g_mu);
+ if (!g_compute_engine_detection_done) {
+ g_is_on_compute_engine =
+ run_powershell() &&
+ grpc_core::internal::check_bios_data(GRPC_ALTS_WINDOWS_CHECK_BIOS_FILE);
+ g_compute_engine_detection_done = true;
+ }
+ gpr_mu_unlock(&g_mu);
+ return g_is_on_compute_engine;
+}
+
+#endif // GPR_WINDOWS
diff --git a/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc b/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc
new file mode 100644
index 0000000..7d54e83
--- /dev/null
+++ b/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc
@@ -0,0 +1,126 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+#include <grpc/support/string_util.h>
+
+#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h"
+#include "src/core/tsi/alts/handshaker/transport_security_common_api.h"
+
+static grpc_alts_credentials_options* alts_client_options_copy(
+ const grpc_alts_credentials_options* options);
+
+static void alts_client_options_destroy(grpc_alts_credentials_options* options);
+
+static target_service_account* target_service_account_create(
+ const char* service_account) {
+ if (service_account == nullptr) {
+ return nullptr;
+ }
+ auto* sa = static_cast<target_service_account*>(
+ gpr_zalloc(sizeof(target_service_account)));
+ sa->data = gpr_strdup(service_account);
+ return sa;
+}
+
+bool grpc_alts_credentials_client_options_add_target_service_account(
+ grpc_alts_credentials_client_options* options,
+ const char* service_account) {
+ if (options == nullptr || service_account == nullptr) {
+ gpr_log(
+ GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_alts_credentials_client_options_add_target_service_account()");
+ return false;
+ }
+ target_service_account* node = target_service_account_create(service_account);
+ node->next = options->target_account_list_head;
+ options->target_account_list_head = node;
+ return true;
+}
+
+static void target_service_account_destroy(
+ target_service_account* service_account) {
+ if (service_account == nullptr) {
+ return;
+ }
+ gpr_free(service_account->data);
+ gpr_free(service_account);
+}
+
+static const grpc_alts_credentials_options_vtable vtable = {
+ alts_client_options_copy, alts_client_options_destroy};
+
+grpc_alts_credentials_options* grpc_alts_credentials_client_options_create() {
+ auto client_options = static_cast<grpc_alts_credentials_client_options*>(
+ gpr_zalloc(sizeof(grpc_alts_credentials_client_options)));
+ client_options->base.vtable = &vtable;
+ return &client_options->base;
+}
+
+static grpc_alts_credentials_options* alts_client_options_copy(
+ const grpc_alts_credentials_options* options) {
+ if (options == nullptr) {
+ return nullptr;
+ }
+ grpc_alts_credentials_options* new_options =
+ grpc_alts_credentials_client_options_create();
+ auto new_client_options =
+ reinterpret_cast<grpc_alts_credentials_client_options*>(new_options);
+ /* Copy target service accounts. */
+ target_service_account* prev = nullptr;
+ auto node =
+ (reinterpret_cast<const grpc_alts_credentials_client_options*>(options))
+ ->target_account_list_head;
+ while (node != nullptr) {
+ target_service_account* new_node =
+ target_service_account_create(node->data);
+ if (prev == nullptr) {
+ new_client_options->target_account_list_head = new_node;
+ } else {
+ prev->next = new_node;
+ }
+ prev = new_node;
+ node = node->next;
+ }
+ /* Copy rpc protocol versions. */
+ grpc_gcp_rpc_protocol_versions_copy(&options->rpc_versions,
+ &new_options->rpc_versions);
+ return new_options;
+}
+
+static void alts_client_options_destroy(
+ grpc_alts_credentials_options* options) {
+ if (options == nullptr) {
+ return;
+ }
+ auto* client_options =
+ reinterpret_cast<grpc_alts_credentials_client_options*>(options);
+ target_service_account* node = client_options->target_account_list_head;
+ while (node != nullptr) {
+ target_service_account* next_node = node->next;
+ target_service_account_destroy(node);
+ node = next_node;
+ }
+}
diff --git a/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc b/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc
new file mode 100644
index 0000000..d428171
--- /dev/null
+++ b/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc
@@ -0,0 +1,46 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h"
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+grpc_alts_credentials_options* grpc_alts_credentials_options_copy(
+ const grpc_alts_credentials_options* options) {
+ if (options != nullptr && options->vtable != nullptr &&
+ options->vtable->copy != nullptr) {
+ return options->vtable->copy(options);
+ }
+ /* An error occurred. */
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to grpc_alts_credentials_options_copy()");
+ return nullptr;
+}
+
+void grpc_alts_credentials_options_destroy(
+ grpc_alts_credentials_options* options) {
+ if (options != nullptr) {
+ if (options->vtable != nullptr && options->vtable->destruct != nullptr) {
+ options->vtable->destruct(options);
+ }
+ gpr_free(options);
+ }
+}
diff --git a/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h b/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h
new file mode 100644
index 0000000..4e46d9f
--- /dev/null
+++ b/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h
@@ -0,0 +1,112 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_GRPC_ALTS_CREDENTIALS_OPTIONS_H
+#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_GRPC_ALTS_CREDENTIALS_OPTIONS_H
+
+#include <grpc/support/port_platform.h>
+
+#include <stdbool.h>
+
+#include "src/core/tsi/alts/handshaker/transport_security_common_api.h"
+
+/**
+ * Main interface for ALTS credentials options. The options will contain
+ * information that will be passed from grpc to TSI layer such as RPC protocol
+ * versions. ALTS client (channel) and server credentials will have their own
+ * implementation of this interface. The APIs listed in this header are
+ * thread-compatible.
+ */
+typedef struct grpc_alts_credentials_options grpc_alts_credentials_options;
+
+/* V-table for grpc_alts_credentials_options */
+typedef struct grpc_alts_credentials_options_vtable {
+ grpc_alts_credentials_options* (*copy)(
+ const grpc_alts_credentials_options* options);
+ void (*destruct)(grpc_alts_credentials_options* options);
+} grpc_alts_credentials_options_vtable;
+
+struct grpc_alts_credentials_options {
+ const struct grpc_alts_credentials_options_vtable* vtable;
+ grpc_gcp_rpc_protocol_versions rpc_versions;
+};
+
+typedef struct target_service_account {
+ struct target_service_account* next;
+ char* data;
+} target_service_account;
+
+/**
+ * Main struct for ALTS client credentials options. The options contain a
+ * a list of target service accounts (if specified) used for secure naming
+ * check.
+ */
+typedef struct grpc_alts_credentials_client_options {
+ grpc_alts_credentials_options base;
+ target_service_account* target_account_list_head;
+} grpc_alts_credentials_client_options;
+
+/**
+ * Main struct for ALTS server credentials options. The options currently
+ * do not contain any server-specific fields.
+ */
+typedef struct grpc_alts_credentials_server_options {
+ grpc_alts_credentials_options base;
+} grpc_alts_credentials_server_options;
+
+/**
+ * This method performs a deep copy on grpc_alts_credentials_options instance.
+ *
+ * - options: a grpc_alts_credentials_options instance that needs to be copied.
+ *
+ * It returns a new grpc_alts_credentials_options instance on success and NULL
+ * on failure.
+ */
+grpc_alts_credentials_options* grpc_alts_credentials_options_copy(
+ const grpc_alts_credentials_options* options);
+
+/**
+ * This method destroys a grpc_alts_credentials_options instance by
+ * de-allocating all of its occupied memory.
+ *
+ * - options: a grpc_alts_credentials_options instance that needs to be
+ * destroyed.
+ */
+void grpc_alts_credentials_options_destroy(
+ grpc_alts_credentials_options* options);
+
+/* This method creates a grpc ALTS credentials client options instance. */
+grpc_alts_credentials_options* grpc_alts_credentials_client_options_create();
+
+/* This method creates a grpc ALTS credentials server options instance. */
+grpc_alts_credentials_options* grpc_alts_credentials_server_options_create();
+
+/**
+ * This method adds a target service account to grpc ALTS credentials client
+ * options instance.
+ *
+ * - options: grpc ALTS credentials client options instance.
+ * - service_account: service account of target endpoint.
+ *
+ * It returns true on success and false on failure.
+ */
+bool grpc_alts_credentials_client_options_add_target_service_account(
+ grpc_alts_credentials_client_options* options, const char* service_account);
+
+#endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_GRPC_ALTS_CREDENTIALS_OPTIONS_H \
+ */
diff --git a/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc b/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc
new file mode 100644
index 0000000..62aa7a6
--- /dev/null
+++ b/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc
@@ -0,0 +1,58 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h"
+#include "src/core/tsi/alts/handshaker/transport_security_common_api.h"
+
+static grpc_alts_credentials_options* alts_server_options_copy(
+ const grpc_alts_credentials_options* options);
+
+static void alts_server_options_destroy(
+ grpc_alts_credentials_options* options) {}
+
+static const grpc_alts_credentials_options_vtable vtable = {
+ alts_server_options_copy, alts_server_options_destroy};
+
+grpc_alts_credentials_options* grpc_alts_credentials_server_options_create() {
+ grpc_alts_credentials_server_options* server_options =
+ static_cast<grpc_alts_credentials_server_options*>(
+ gpr_zalloc(sizeof(*server_options)));
+ server_options->base.vtable = &vtable;
+ return &server_options->base;
+}
+
+static grpc_alts_credentials_options* alts_server_options_copy(
+ const grpc_alts_credentials_options* options) {
+ if (options == nullptr) {
+ return nullptr;
+ }
+ grpc_alts_credentials_options* new_options =
+ grpc_alts_credentials_server_options_create();
+ /* Copy rpc protocol versions. */
+ grpc_gcp_rpc_protocol_versions_copy(&options->rpc_versions,
+ &new_options->rpc_versions);
+ return new_options;
+}
diff --git a/src/core/lib/security/security_connector/alts_security_connector.cc b/src/core/lib/security/security_connector/alts_security_connector.cc
new file mode 100644
index 0000000..5ff7d79
--- /dev/null
+++ b/src/core/lib/security/security_connector/alts_security_connector.cc
@@ -0,0 +1,287 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/lib/security/security_connector/alts_security_connector.h"
+
+#include <stdbool.h>
+#include <string.h>
+
+#include <grpc/grpc.h>
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+#include <grpc/support/string_util.h>
+
+#include "src/core/lib/security/credentials/alts/alts_credentials.h"
+#include "src/core/lib/security/transport/security_handshaker.h"
+#include "src/core/lib/transport/transport.h"
+#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h"
+
+typedef struct {
+ grpc_channel_security_connector base;
+ char* target_name;
+} grpc_alts_channel_security_connector;
+
+typedef struct {
+ grpc_server_security_connector base;
+} grpc_alts_server_security_connector;
+
+static void alts_channel_destroy(grpc_security_connector* sc) {
+ if (sc == nullptr) {
+ return;
+ }
+ auto c = reinterpret_cast<grpc_alts_channel_security_connector*>(sc);
+ grpc_call_credentials_unref(c->base.request_metadata_creds);
+ grpc_channel_credentials_unref(c->base.channel_creds);
+ gpr_free(c->target_name);
+ gpr_free(sc);
+}
+
+static void alts_server_destroy(grpc_security_connector* sc) {
+ if (sc == nullptr) {
+ return;
+ }
+ auto c = reinterpret_cast<grpc_alts_server_security_connector*>(sc);
+ grpc_server_credentials_unref(c->base.server_creds);
+ gpr_free(sc);
+}
+
+static void alts_channel_add_handshakers(
+ grpc_channel_security_connector* sc,
+ grpc_handshake_manager* handshake_manager) {
+ tsi_handshaker* handshaker = nullptr;
+ auto c = reinterpret_cast<grpc_alts_channel_security_connector*>(sc);
+ grpc_alts_credentials* creds =
+ reinterpret_cast<grpc_alts_credentials*>(c->base.channel_creds);
+ GPR_ASSERT(alts_tsi_handshaker_create(creds->options, c->target_name,
+ creds->handshaker_service_url, true,
+ &handshaker) == TSI_OK);
+ grpc_handshake_manager_add(handshake_manager, grpc_security_handshaker_create(
+ handshaker, &sc->base));
+}
+
+static void alts_server_add_handshakers(
+ grpc_server_security_connector* sc,
+ grpc_handshake_manager* handshake_manager) {
+ tsi_handshaker* handshaker = nullptr;
+ auto c = reinterpret_cast<grpc_alts_server_security_connector*>(sc);
+ grpc_alts_server_credentials* creds =
+ reinterpret_cast<grpc_alts_server_credentials*>(c->base.server_creds);
+ GPR_ASSERT(alts_tsi_handshaker_create(creds->options, nullptr,
+ creds->handshaker_service_url, false,
+ &handshaker) == TSI_OK);
+ grpc_handshake_manager_add(handshake_manager, grpc_security_handshaker_create(
+ handshaker, &sc->base));
+}
+
+static void alts_set_rpc_protocol_versions(
+ grpc_gcp_rpc_protocol_versions* rpc_versions) {
+ grpc_gcp_rpc_protocol_versions_set_max(rpc_versions,
+ GRPC_PROTOCOL_VERSION_MAX_MAJOR,
+ GRPC_PROTOCOL_VERSION_MAX_MINOR);
+ grpc_gcp_rpc_protocol_versions_set_min(rpc_versions,
+ GRPC_PROTOCOL_VERSION_MIN_MAJOR,
+ GRPC_PROTOCOL_VERSION_MIN_MINOR);
+}
+
+namespace grpc_core {
+namespace internal {
+
+grpc_security_status grpc_alts_auth_context_from_tsi_peer(
+ const tsi_peer* peer, grpc_auth_context** ctx) {
+ if (peer == nullptr || ctx == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to grpc_alts_auth_context_from_tsi_peer()");
+ return GRPC_SECURITY_ERROR;
+ }
+ *ctx = nullptr;
+ /* Validate certificate type. */
+ const tsi_peer_property* cert_type_prop =
+ tsi_peer_get_property_by_name(peer, TSI_CERTIFICATE_TYPE_PEER_PROPERTY);
+ if (cert_type_prop == nullptr ||
+ strncmp(cert_type_prop->value.data, TSI_ALTS_CERTIFICATE_TYPE,
+ cert_type_prop->value.length) != 0) {
+ gpr_log(GPR_ERROR, "Invalid or missing certificate type property.");
+ return GRPC_SECURITY_ERROR;
+ }
+ /* Validate RPC protocol versions. */
+ const tsi_peer_property* rpc_versions_prop =
+ tsi_peer_get_property_by_name(peer, TSI_ALTS_RPC_VERSIONS);
+ if (rpc_versions_prop == nullptr) {
+ gpr_log(GPR_ERROR, "Missing rpc protocol versions property.");
+ return GRPC_SECURITY_ERROR;
+ }
+ grpc_gcp_rpc_protocol_versions local_versions, peer_versions;
+ alts_set_rpc_protocol_versions(&local_versions);
+ grpc_slice slice = grpc_slice_from_copied_buffer(
+ rpc_versions_prop->value.data, rpc_versions_prop->value.length);
+ bool decode_result =
+ grpc_gcp_rpc_protocol_versions_decode(slice, &peer_versions);
+ grpc_slice_unref(slice);
+ if (!decode_result) {
+ gpr_log(GPR_ERROR, "Invalid peer rpc protocol versions.");
+ return GRPC_SECURITY_ERROR;
+ }
+ /* TODO: Pass highest common rpc protocol version to grpc caller. */
+ bool check_result = grpc_gcp_rpc_protocol_versions_check(
+ &local_versions, &peer_versions, nullptr);
+ if (!check_result) {
+ gpr_log(GPR_ERROR, "Mismatch of local and peer rpc protocol versions.");
+ return GRPC_SECURITY_ERROR;
+ }
+ /* Create auth context. */
+ *ctx = grpc_auth_context_create(nullptr);
+ grpc_auth_context_add_cstring_property(
+ *ctx, GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME,
+ GRPC_ALTS_TRANSPORT_SECURITY_TYPE);
+ size_t i = 0;
+ for (i = 0; i < peer->property_count; i++) {
+ const tsi_peer_property* tsi_prop = &peer->properties[i];
+ /* Add service account to auth context. */
+ if (strcmp(tsi_prop->name, TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY) == 0) {
+ grpc_auth_context_add_property(
+ *ctx, TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, tsi_prop->value.data,
+ tsi_prop->value.length);
+ GPR_ASSERT(grpc_auth_context_set_peer_identity_property_name(
+ *ctx, TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY) == 1);
+ }
+ }
+ if (!grpc_auth_context_peer_is_authenticated(*ctx)) {
+ gpr_log(GPR_ERROR, "Invalid unauthenticated peer.");
+ GRPC_AUTH_CONTEXT_UNREF(*ctx, "test");
+ *ctx = nullptr;
+ return GRPC_SECURITY_ERROR;
+ }
+ return GRPC_SECURITY_OK;
+}
+
+} // namespace internal
+} // namespace grpc_core
+
+static void alts_check_peer(grpc_security_connector* sc, tsi_peer peer,
+ grpc_auth_context** auth_context,
+ grpc_closure* on_peer_checked) {
+ grpc_security_status status;
+ status = grpc_core::internal::grpc_alts_auth_context_from_tsi_peer(
+ &peer, auth_context);
+ tsi_peer_destruct(&peer);
+ grpc_error* error =
+ status == GRPC_SECURITY_OK
+ ? GRPC_ERROR_NONE
+ : GRPC_ERROR_CREATE_FROM_STATIC_STRING(
+ "Could not get ALTS auth context from TSI peer");
+ GRPC_CLOSURE_SCHED(on_peer_checked, error);
+}
+
+static int alts_channel_cmp(grpc_security_connector* sc1,
+ grpc_security_connector* sc2) {
+ grpc_alts_channel_security_connector* c1 =
+ reinterpret_cast<grpc_alts_channel_security_connector*>(sc1);
+ grpc_alts_channel_security_connector* c2 =
+ reinterpret_cast<grpc_alts_channel_security_connector*>(sc2);
+ int c = grpc_channel_security_connector_cmp(&c1->base, &c2->base);
+ if (c != 0) return c;
+ return strcmp(c1->target_name, c2->target_name);
+}
+
+static int alts_server_cmp(grpc_security_connector* sc1,
+ grpc_security_connector* sc2) {
+ grpc_alts_server_security_connector* c1 =
+ reinterpret_cast<grpc_alts_server_security_connector*>(sc1);
+ grpc_alts_server_security_connector* c2 =
+ reinterpret_cast<grpc_alts_server_security_connector*>(sc2);
+ return grpc_server_security_connector_cmp(&c1->base, &c2->base);
+}
+
+static grpc_security_connector_vtable alts_channel_vtable = {
+ alts_channel_destroy, alts_check_peer, alts_channel_cmp};
+
+static grpc_security_connector_vtable alts_server_vtable = {
+ alts_server_destroy, alts_check_peer, alts_server_cmp};
+
+static bool alts_check_call_host(grpc_channel_security_connector* sc,
+ const char* host,
+ grpc_auth_context* auth_context,
+ grpc_closure* on_call_host_checked,
+ grpc_error** error) {
+ grpc_alts_channel_security_connector* alts_sc =
+ reinterpret_cast<grpc_alts_channel_security_connector*>(sc);
+ if (host == nullptr || alts_sc == nullptr ||
+ strcmp(host, alts_sc->target_name) != 0) {
+ *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
+ "ALTS call host does not match target name");
+ }
+ return true;
+}
+
+static void alts_cancel_check_call_host(grpc_channel_security_connector* sc,
+ grpc_closure* on_call_host_checked,
+ grpc_error* error) {
+ GRPC_ERROR_UNREF(error);
+}
+
+grpc_security_status grpc_alts_channel_security_connector_create(
+ grpc_channel_credentials* channel_creds,
+ grpc_call_credentials* request_metadata_creds, const char* target_name,
+ grpc_channel_security_connector** sc) {
+ if (channel_creds == nullptr || sc == nullptr || target_name == nullptr) {
+ gpr_log(
+ GPR_ERROR,
+ "Invalid arguments to grpc_alts_channel_security_connector_create()");
+ return GRPC_SECURITY_ERROR;
+ }
+ auto c = static_cast<grpc_alts_channel_security_connector*>(
+ gpr_zalloc(sizeof(grpc_alts_channel_security_connector)));
+ gpr_ref_init(&c->base.base.refcount, 1);
+ c->base.base.vtable = &alts_channel_vtable;
+ c->base.add_handshakers = alts_channel_add_handshakers;
+ c->base.channel_creds = grpc_channel_credentials_ref(channel_creds);
+ c->base.request_metadata_creds =
+ grpc_call_credentials_ref(request_metadata_creds);
+ c->base.check_call_host = alts_check_call_host;
+ c->base.cancel_check_call_host = alts_cancel_check_call_host;
+ grpc_alts_credentials* creds =
+ reinterpret_cast<grpc_alts_credentials*>(c->base.channel_creds);
+ alts_set_rpc_protocol_versions(&creds->options->rpc_versions);
+ c->target_name = gpr_strdup(target_name);
+ *sc = &c->base;
+ return GRPC_SECURITY_OK;
+}
+
+grpc_security_status grpc_alts_server_security_connector_create(
+ grpc_server_credentials* server_creds,
+ grpc_server_security_connector** sc) {
+ if (server_creds == nullptr || sc == nullptr) {
+ gpr_log(
+ GPR_ERROR,
+ "Invalid arguments to grpc_alts_server_security_connector_create()");
+ return GRPC_SECURITY_ERROR;
+ }
+ auto c = static_cast<grpc_alts_server_security_connector*>(
+ gpr_zalloc(sizeof(grpc_alts_server_security_connector)));
+ gpr_ref_init(&c->base.base.refcount, 1);
+ c->base.base.vtable = &alts_server_vtable;
+ c->base.server_creds = grpc_server_credentials_ref(server_creds);
+ c->base.add_handshakers = alts_server_add_handshakers;
+ grpc_alts_server_credentials* creds =
+ reinterpret_cast<grpc_alts_server_credentials*>(c->base.server_creds);
+ alts_set_rpc_protocol_versions(&creds->options->rpc_versions);
+ *sc = &c->base;
+ return GRPC_SECURITY_OK;
+}
diff --git a/src/core/lib/security/security_connector/alts_security_connector.h b/src/core/lib/security/security_connector/alts_security_connector.h
new file mode 100644
index 0000000..e7e4cff
--- /dev/null
+++ b/src/core/lib/security/security_connector/alts_security_connector.h
@@ -0,0 +1,69 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_ALTS_SECURITY_CONNECTOR_H
+#define GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_ALTS_SECURITY_CONNECTOR_H
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/lib/security/context/security_context.h"
+#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h"
+
+#define GRPC_ALTS_TRANSPORT_SECURITY_TYPE "alts"
+
+/**
+ * This method creates an ALTS channel security connector.
+ *
+ * - channel_creds: channel credential instance.
+ * - request_metadata_creds: credential object which will be sent with each
+ * request. This parameter can be nullptr.
+ * - target_name: the name of the endpoint that the channel is connecting to.
+ * - sc: address of ALTS channel security connector instance to be returned from
+ * the method.
+ *
+ * It returns GRPC_SECURITY_OK on success, and an error stauts code on failure.
+ */
+grpc_security_status grpc_alts_channel_security_connector_create(
+ grpc_channel_credentials* channel_creds,
+ grpc_call_credentials* request_metadata_creds, const char* target_name,
+ grpc_channel_security_connector** sc);
+
+/**
+ * This method creates an ALTS server security connector.
+ *
+ * - server_creds: server credential instance.
+ * - sc: address of ALTS server security connector instance to be returned from
+ * the method.
+ *
+ * It returns GRPC_SECURITY_OK on success, and an error status code on failure.
+ */
+grpc_security_status grpc_alts_server_security_connector_create(
+ grpc_server_credentials* server_creds, grpc_server_security_connector** sc);
+
+namespace grpc_core {
+namespace internal {
+
+/* Exposed only for testing. */
+grpc_security_status grpc_alts_auth_context_from_tsi_peer(
+ const tsi_peer* peer, grpc_auth_context** ctx);
+
+} // namespace internal
+} // namespace grpc_core
+
+#endif /* GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_ALTS_SECURITY_CONNECTOR_H \
+ */
diff --git a/src/core/plugin_registry/grpc_plugin_registry.cc b/src/core/plugin_registry/grpc_plugin_registry.cc
index ccf5f79..6f11e6b 100644
--- a/src/core/plugin_registry/grpc_plugin_registry.cc
+++ b/src/core/plugin_registry/grpc_plugin_registry.cc
@@ -24,12 +24,12 @@
void grpc_http_filters_shutdown(void);
void grpc_chttp2_plugin_init(void);
void grpc_chttp2_plugin_shutdown(void);
-void grpc_tsi_alts_init(void);
-void grpc_tsi_alts_shutdown(void);
void grpc_deadline_filter_init(void);
void grpc_deadline_filter_shutdown(void);
void grpc_client_channel_init(void);
void grpc_client_channel_shutdown(void);
+void grpc_tsi_alts_init(void);
+void grpc_tsi_alts_shutdown(void);
void grpc_inproc_plugin_init(void);
void grpc_inproc_plugin_shutdown(void);
void grpc_resolver_fake_init(void);
@@ -60,12 +60,12 @@
grpc_http_filters_shutdown);
grpc_register_plugin(grpc_chttp2_plugin_init,
grpc_chttp2_plugin_shutdown);
- grpc_register_plugin(grpc_tsi_alts_init,
- grpc_tsi_alts_shutdown);
grpc_register_plugin(grpc_deadline_filter_init,
grpc_deadline_filter_shutdown);
grpc_register_plugin(grpc_client_channel_init,
grpc_client_channel_shutdown);
+ grpc_register_plugin(grpc_tsi_alts_init,
+ grpc_tsi_alts_shutdown);
grpc_register_plugin(grpc_inproc_plugin_init,
grpc_inproc_plugin_shutdown);
grpc_register_plugin(grpc_resolver_fake_init,
diff --git a/src/core/tsi/alts/crypt/aes_gcm.cc b/src/core/tsi/alts/crypt/aes_gcm.cc
new file mode 100644
index 0000000..02b1ac4
--- /dev/null
+++ b/src/core/tsi/alts/crypt/aes_gcm.cc
@@ -0,0 +1,687 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/crypt/gsec.h"
+
+#include <openssl/bio.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+
+constexpr size_t kKdfKeyLen = 32;
+constexpr size_t kKdfCounterLen = 6;
+constexpr size_t kKdfCounterOffset = 2;
+constexpr size_t kRekeyAeadKeyLen = kAes128GcmKeyLength;
+
+/* Struct for additional data required if rekeying is enabled. */
+struct gsec_aes_gcm_aead_rekey_data {
+ uint8_t kdf_counter[kKdfCounterLen];
+ uint8_t nonce_mask[kAesGcmNonceLength];
+};
+
+/* Main struct for AES_GCM crypter interface. */
+struct gsec_aes_gcm_aead_crypter {
+ gsec_aead_crypter crypter;
+ size_t key_length;
+ size_t nonce_length;
+ size_t tag_length;
+ uint8_t* key;
+ gsec_aes_gcm_aead_rekey_data* rekey_data;
+ EVP_CIPHER_CTX* ctx;
+};
+
+static char* aes_gcm_get_openssl_errors() {
+ BIO* bio = BIO_new(BIO_s_mem());
+ ERR_print_errors(bio);
+ BUF_MEM* mem = nullptr;
+ char* error_msg = nullptr;
+ BIO_get_mem_ptr(bio, &mem);
+ if (mem != nullptr) {
+ error_msg = static_cast<char*>(gpr_malloc(mem->length + 1));
+ memcpy(error_msg, mem->data, mem->length);
+ error_msg[mem->length] = '\0';
+ }
+ BIO_free_all(bio);
+ return error_msg;
+}
+
+static void aes_gcm_format_errors(const char* error_msg, char** error_details) {
+ if (error_details == nullptr) {
+ return;
+ }
+ unsigned long error = ERR_get_error();
+ if (error == 0 && error_msg != nullptr) {
+ *error_details = static_cast<char*>(gpr_malloc(strlen(error_msg) + 1));
+ memcpy(*error_details, error_msg, strlen(error_msg) + 1);
+ return;
+ }
+ char* openssl_errors = aes_gcm_get_openssl_errors();
+ if (openssl_errors != nullptr && error_msg != nullptr) {
+ size_t len = strlen(error_msg) + strlen(openssl_errors) + 2; /* ", " */
+ *error_details = static_cast<char*>(gpr_malloc(len + 1));
+ snprintf(*error_details, len + 1, "%s, %s", error_msg, openssl_errors);
+ gpr_free(openssl_errors);
+ }
+}
+
+static grpc_status_code gsec_aes_gcm_aead_crypter_max_ciphertext_and_tag_length(
+ const gsec_aead_crypter* crypter, size_t plaintext_length,
+ size_t* max_ciphertext_and_tag_length, char** error_details) {
+ if (max_ciphertext_and_tag_length == nullptr) {
+ aes_gcm_format_errors("max_ciphertext_and_tag_length is nullptr.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ gsec_aes_gcm_aead_crypter* aes_gcm_crypter =
+ reinterpret_cast<gsec_aes_gcm_aead_crypter*>(
+ const_cast<gsec_aead_crypter*>(crypter));
+ *max_ciphertext_and_tag_length =
+ plaintext_length + aes_gcm_crypter->tag_length;
+ return GRPC_STATUS_OK;
+}
+
+static grpc_status_code gsec_aes_gcm_aead_crypter_max_plaintext_length(
+ const gsec_aead_crypter* crypter, size_t ciphertext_and_tag_length,
+ size_t* max_plaintext_length, char** error_details) {
+ if (max_plaintext_length == nullptr) {
+ aes_gcm_format_errors("max_plaintext_length is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ gsec_aes_gcm_aead_crypter* aes_gcm_crypter =
+ reinterpret_cast<gsec_aes_gcm_aead_crypter*>(
+ const_cast<gsec_aead_crypter*>(crypter));
+ if (ciphertext_and_tag_length < aes_gcm_crypter->tag_length) {
+ *max_plaintext_length = 0;
+ aes_gcm_format_errors(
+ "ciphertext_and_tag_length is smaller than tag_length.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ *max_plaintext_length =
+ ciphertext_and_tag_length - aes_gcm_crypter->tag_length;
+ return GRPC_STATUS_OK;
+}
+
+static grpc_status_code gsec_aes_gcm_aead_crypter_nonce_length(
+ const gsec_aead_crypter* crypter, size_t* nonce_length,
+ char** error_details) {
+ if (nonce_length == nullptr) {
+ aes_gcm_format_errors("nonce_length is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ gsec_aes_gcm_aead_crypter* aes_gcm_crypter =
+ reinterpret_cast<gsec_aes_gcm_aead_crypter*>(
+ const_cast<gsec_aead_crypter*>(crypter));
+ *nonce_length = aes_gcm_crypter->nonce_length;
+ return GRPC_STATUS_OK;
+}
+
+static grpc_status_code gsec_aes_gcm_aead_crypter_key_length(
+ const gsec_aead_crypter* crypter, size_t* key_length,
+ char** error_details) {
+ if (key_length == nullptr) {
+ aes_gcm_format_errors("key_length is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ gsec_aes_gcm_aead_crypter* aes_gcm_crypter =
+ reinterpret_cast<gsec_aes_gcm_aead_crypter*>(
+ const_cast<gsec_aead_crypter*>(crypter));
+ *key_length = aes_gcm_crypter->key_length;
+ return GRPC_STATUS_OK;
+}
+
+static grpc_status_code gsec_aes_gcm_aead_crypter_tag_length(
+ const gsec_aead_crypter* crypter, size_t* tag_length,
+ char** error_details) {
+ if (tag_length == nullptr) {
+ aes_gcm_format_errors("tag_length is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ gsec_aes_gcm_aead_crypter* aes_gcm_crypter =
+ reinterpret_cast<gsec_aes_gcm_aead_crypter*>(
+ const_cast<gsec_aead_crypter*>(crypter));
+ *tag_length = aes_gcm_crypter->tag_length;
+ return GRPC_STATUS_OK;
+}
+
+static void aes_gcm_mask_nonce(uint8_t* dst, const uint8_t* nonce,
+ const uint8_t* mask) {
+ uint64_t mask1;
+ uint32_t mask2;
+ memcpy(&mask1, mask, sizeof(mask1));
+ memcpy(&mask2, mask + sizeof(mask1), sizeof(mask2));
+ uint64_t nonce1;
+ uint32_t nonce2;
+ memcpy(&nonce1, nonce, sizeof(nonce1));
+ memcpy(&nonce2, nonce + sizeof(nonce1), sizeof(nonce2));
+ nonce1 ^= mask1;
+ nonce2 ^= mask2;
+ memcpy(dst, &nonce1, sizeof(nonce1));
+ memcpy(dst + sizeof(nonce1), &nonce2, sizeof(nonce2));
+}
+
+static grpc_status_code aes_gcm_derive_aead_key(uint8_t* dst,
+ const uint8_t* kdf_key,
+ const uint8_t* kdf_counter) {
+ unsigned char buf[EVP_MAX_MD_SIZE];
+ unsigned char ctr = 1;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ HMAC_CTX hmac;
+ HMAC_CTX_init(&hmac);
+ if (!HMAC_Init_ex(&hmac, kdf_key, kKdfKeyLen, EVP_sha256(), nullptr) ||
+ !HMAC_Update(&hmac, kdf_counter, kKdfCounterLen) ||
+ !HMAC_Update(&hmac, &ctr, 1) || !HMAC_Final(&hmac, buf, nullptr)) {
+ HMAC_CTX_cleanup(&hmac);
+ return GRPC_STATUS_INTERNAL;
+ }
+ HMAC_CTX_cleanup(&hmac);
+#else
+ HMAC_CTX* hmac = HMAC_CTX_new();
+ if (hmac == nullptr) {
+ return GRPC_STATUS_INTERNAL;
+ }
+ if (!HMAC_Init_ex(hmac, kdf_key, kKdfKeyLen, EVP_sha256(), nullptr) ||
+ !HMAC_Update(hmac, kdf_counter, kKdfCounterLen) ||
+ !HMAC_Update(hmac, &ctr, 1) || !HMAC_Final(hmac, buf, nullptr)) {
+ HMAC_CTX_free(hmac);
+ return GRPC_STATUS_INTERNAL;
+ }
+ HMAC_CTX_free(hmac);
+#endif
+ memcpy(dst, buf, kRekeyAeadKeyLen);
+ return GRPC_STATUS_OK;
+}
+
+static grpc_status_code aes_gcm_rekey_if_required(
+ gsec_aes_gcm_aead_crypter* aes_gcm_crypter, const uint8_t* nonce,
+ char** error_details) {
+ // If rekey_data is nullptr, then rekeying is not supported and not required.
+ // If bytes 2-7 of kdf_counter differ from the (per message) nonce, then the
+ // encryption key is recomputed from a new kdf_counter to ensure that we don't
+ // encrypt more than 2^16 messages per encryption key (in each direction).
+ if (aes_gcm_crypter->rekey_data == nullptr ||
+ memcmp(aes_gcm_crypter->rekey_data->kdf_counter,
+ nonce + kKdfCounterOffset, kKdfCounterLen) == 0) {
+ return GRPC_STATUS_OK;
+ }
+ memcpy(aes_gcm_crypter->rekey_data->kdf_counter, nonce + kKdfCounterOffset,
+ kKdfCounterLen);
+ uint8_t aead_key[kRekeyAeadKeyLen];
+ if (aes_gcm_derive_aead_key(aead_key, aes_gcm_crypter->key,
+ aes_gcm_crypter->rekey_data->kdf_counter) !=
+ GRPC_STATUS_OK) {
+ aes_gcm_format_errors("Rekeying failed in key derivation.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ if (!EVP_DecryptInit_ex(aes_gcm_crypter->ctx, nullptr, nullptr, aead_key,
+ nullptr)) {
+ aes_gcm_format_errors("Rekeying failed in context update.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ return GRPC_STATUS_OK;
+}
+
+static grpc_status_code gsec_aes_gcm_aead_crypter_encrypt_iovec(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const struct iovec* aad_vec, size_t aad_vec_length,
+ const struct iovec* plaintext_vec, size_t plaintext_vec_length,
+ struct iovec ciphertext_vec, size_t* ciphertext_bytes_written,
+ char** error_details) {
+ gsec_aes_gcm_aead_crypter* aes_gcm_crypter =
+ reinterpret_cast<gsec_aes_gcm_aead_crypter*>(crypter);
+ // Input checks
+ if (nonce == nullptr) {
+ aes_gcm_format_errors("Nonce buffer is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (kAesGcmNonceLength != nonce_length) {
+ aes_gcm_format_errors("Nonce buffer has the wrong length.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (aad_vec_length > 0 && aad_vec == nullptr) {
+ aes_gcm_format_errors("Non-zero aad_vec_length but aad_vec is nullptr.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (plaintext_vec_length > 0 && plaintext_vec == nullptr) {
+ aes_gcm_format_errors(
+ "Non-zero plaintext_vec_length but plaintext_vec is nullptr.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (ciphertext_bytes_written == nullptr) {
+ aes_gcm_format_errors("bytes_written is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ *ciphertext_bytes_written = 0;
+ // rekey if required
+ if (aes_gcm_rekey_if_required(aes_gcm_crypter, nonce, error_details) !=
+ GRPC_STATUS_OK) {
+ return GRPC_STATUS_INTERNAL;
+ }
+ // mask nonce if required
+ const uint8_t* nonce_aead = nonce;
+ uint8_t nonce_masked[kAesGcmNonceLength];
+ if (aes_gcm_crypter->rekey_data != nullptr) {
+ aes_gcm_mask_nonce(nonce_masked, aes_gcm_crypter->rekey_data->nonce_mask,
+ nonce);
+ nonce_aead = nonce_masked;
+ }
+ // init openssl context
+ if (!EVP_EncryptInit_ex(aes_gcm_crypter->ctx, nullptr, nullptr, nullptr,
+ nonce_aead)) {
+ aes_gcm_format_errors("Initializing nonce failed", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ // process aad
+ size_t i;
+ for (i = 0; i < aad_vec_length; i++) {
+ const uint8_t* aad = static_cast<uint8_t*>(aad_vec[i].iov_base);
+ size_t aad_length = aad_vec[i].iov_len;
+ if (aad_length == 0) {
+ continue;
+ }
+ size_t aad_bytes_read = 0;
+ if (aad == nullptr) {
+ aes_gcm_format_errors("aad is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (!EVP_EncryptUpdate(aes_gcm_crypter->ctx, nullptr,
+ reinterpret_cast<int*>(&aad_bytes_read), aad,
+ static_cast<int>(aad_length)) ||
+ aad_bytes_read != aad_length) {
+ aes_gcm_format_errors("Setting authenticated associated data failed",
+ error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ }
+ uint8_t* ciphertext = static_cast<uint8_t*>(ciphertext_vec.iov_base);
+ size_t ciphertext_length = ciphertext_vec.iov_len;
+ if (ciphertext == nullptr) {
+ aes_gcm_format_errors("ciphertext is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ // process plaintext
+ for (i = 0; i < plaintext_vec_length; i++) {
+ const uint8_t* plaintext = static_cast<uint8_t*>(plaintext_vec[i].iov_base);
+ size_t plaintext_length = plaintext_vec[i].iov_len;
+ if (plaintext == nullptr) {
+ if (plaintext_length == 0) {
+ continue;
+ }
+ aes_gcm_format_errors("plaintext is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (ciphertext_length < plaintext_length) {
+ aes_gcm_format_errors(
+ "ciphertext is not large enough to hold the result.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ int bytes_written = 0;
+ int bytes_to_write = static_cast<int>(plaintext_length);
+ if (!EVP_EncryptUpdate(aes_gcm_crypter->ctx, ciphertext, &bytes_written,
+ plaintext, bytes_to_write)) {
+ aes_gcm_format_errors("Encrypting plaintext failed.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ if (bytes_written > bytes_to_write) {
+ aes_gcm_format_errors("More bytes written than expected.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ ciphertext += bytes_written;
+ ciphertext_length -= bytes_written;
+ }
+ int bytes_written_temp = 0;
+ if (!EVP_EncryptFinal_ex(aes_gcm_crypter->ctx, nullptr,
+ &bytes_written_temp)) {
+ aes_gcm_format_errors("Finalizing encryption failed.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ if (bytes_written_temp != 0) {
+ aes_gcm_format_errors("Openssl wrote some unexpected bytes.",
+ error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ if (ciphertext_length < kAesGcmTagLength) {
+ aes_gcm_format_errors("ciphertext is too small to hold a tag.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+
+ if (!EVP_CIPHER_CTX_ctrl(aes_gcm_crypter->ctx, EVP_CTRL_GCM_GET_TAG,
+ kAesGcmTagLength, ciphertext)) {
+ aes_gcm_format_errors("Writing tag failed.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ ciphertext += kAesGcmTagLength;
+ ciphertext_length -= kAesGcmTagLength;
+ *ciphertext_bytes_written = ciphertext_vec.iov_len - ciphertext_length;
+ return GRPC_STATUS_OK;
+}
+
+static grpc_status_code gsec_aes_gcm_aead_crypter_decrypt_iovec(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const struct iovec* aad_vec, size_t aad_vec_length,
+ const struct iovec* ciphertext_vec, size_t ciphertext_vec_length,
+ struct iovec plaintext_vec, size_t* plaintext_bytes_written,
+ char** error_details) {
+ gsec_aes_gcm_aead_crypter* aes_gcm_crypter =
+ reinterpret_cast<gsec_aes_gcm_aead_crypter*>(
+ const_cast<gsec_aead_crypter*>(crypter));
+ if (nonce == nullptr) {
+ aes_gcm_format_errors("Nonce buffer is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (kAesGcmNonceLength != nonce_length) {
+ aes_gcm_format_errors("Nonce buffer has the wrong length.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (aad_vec_length > 0 && aad_vec == nullptr) {
+ aes_gcm_format_errors("Non-zero aad_vec_length but aad_vec is nullptr.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (ciphertext_vec_length > 0 && ciphertext_vec == nullptr) {
+ aes_gcm_format_errors(
+ "Non-zero plaintext_vec_length but plaintext_vec is nullptr.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ // Compute the total length so we can ensure we don't pass the tag into
+ // EVP_decrypt.
+ size_t total_ciphertext_length = 0;
+ size_t i;
+ for (i = 0; i < ciphertext_vec_length; i++) {
+ total_ciphertext_length += ciphertext_vec[i].iov_len;
+ }
+ if (total_ciphertext_length < kAesGcmTagLength) {
+ aes_gcm_format_errors("ciphertext is too small to hold a tag.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (plaintext_bytes_written == nullptr) {
+ aes_gcm_format_errors("bytes_written is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ *plaintext_bytes_written = 0;
+ // rekey if required
+ if (aes_gcm_rekey_if_required(aes_gcm_crypter, nonce, error_details) !=
+ GRPC_STATUS_OK) {
+ aes_gcm_format_errors("Rekeying failed.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ // mask nonce if required
+ const uint8_t* nonce_aead = nonce;
+ uint8_t nonce_masked[kAesGcmNonceLength];
+ if (aes_gcm_crypter->rekey_data != nullptr) {
+ aes_gcm_mask_nonce(nonce_masked, aes_gcm_crypter->rekey_data->nonce_mask,
+ nonce);
+ nonce_aead = nonce_masked;
+ }
+ // init openssl context
+ if (!EVP_DecryptInit_ex(aes_gcm_crypter->ctx, nullptr, nullptr, nullptr,
+ nonce_aead)) {
+ aes_gcm_format_errors("Initializing nonce failed.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ // process aad
+ for (i = 0; i < aad_vec_length; i++) {
+ const uint8_t* aad = static_cast<uint8_t*>(aad_vec[i].iov_base);
+ size_t aad_length = aad_vec[i].iov_len;
+ if (aad_length == 0) {
+ continue;
+ }
+ size_t aad_bytes_read = 0;
+ if (aad == nullptr) {
+ aes_gcm_format_errors("aad is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (!EVP_DecryptUpdate(aes_gcm_crypter->ctx, nullptr,
+ reinterpret_cast<int*>(&aad_bytes_read), aad,
+ static_cast<int>(aad_length)) ||
+ aad_bytes_read != aad_length) {
+ aes_gcm_format_errors("Setting authenticated associated data failed.",
+ error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ }
+ // process ciphertext
+ uint8_t* plaintext = static_cast<uint8_t*>(plaintext_vec.iov_base);
+ size_t plaintext_length = plaintext_vec.iov_len;
+ if (plaintext_length > 0 && plaintext == nullptr) {
+ aes_gcm_format_errors(
+ "plaintext is nullptr, but plaintext_length is positive.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ const uint8_t* ciphertext = nullptr;
+ size_t ciphertext_length = 0;
+ for (i = 0;
+ i < ciphertext_vec_length && total_ciphertext_length > kAesGcmTagLength;
+ i++) {
+ ciphertext = static_cast<uint8_t*>(ciphertext_vec[i].iov_base);
+ ciphertext_length = ciphertext_vec[i].iov_len;
+ if (ciphertext == nullptr) {
+ if (ciphertext_length == 0) {
+ continue;
+ }
+ aes_gcm_format_errors("ciphertext is nullptr.", error_details);
+ memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ size_t bytes_written = 0;
+ size_t bytes_to_write = ciphertext_length;
+ // Don't include the tag
+ if (bytes_to_write > total_ciphertext_length - kAesGcmTagLength) {
+ bytes_to_write = total_ciphertext_length - kAesGcmTagLength;
+ }
+ if (plaintext_length < bytes_to_write) {
+ aes_gcm_format_errors(
+ "Not enough plaintext buffer to hold encrypted ciphertext.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (!EVP_DecryptUpdate(aes_gcm_crypter->ctx, plaintext,
+ reinterpret_cast<int*>(&bytes_written), ciphertext,
+ static_cast<int>(bytes_to_write))) {
+ aes_gcm_format_errors("Decrypting ciphertext failed.", error_details);
+ memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len);
+ return GRPC_STATUS_INTERNAL;
+ }
+ if (bytes_written > ciphertext_length) {
+ aes_gcm_format_errors("More bytes written than expected.", error_details);
+ memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len);
+ return GRPC_STATUS_INTERNAL;
+ }
+ ciphertext += bytes_written;
+ ciphertext_length -= bytes_written;
+ total_ciphertext_length -= bytes_written;
+ plaintext += bytes_written;
+ plaintext_length -= bytes_written;
+ }
+ if (total_ciphertext_length > kAesGcmTagLength) {
+ aes_gcm_format_errors(
+ "Not enough plaintext buffer to hold encrypted ciphertext.",
+ error_details);
+ memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ uint8_t tag[kAesGcmTagLength];
+ uint8_t* tag_tmp = tag;
+ if (ciphertext_length > 0) {
+ memcpy(tag_tmp, ciphertext, ciphertext_length);
+ tag_tmp += ciphertext_length;
+ total_ciphertext_length -= ciphertext_length;
+ }
+ for (; i < ciphertext_vec_length; i++) {
+ ciphertext = static_cast<uint8_t*>(ciphertext_vec[i].iov_base);
+ ciphertext_length = ciphertext_vec[i].iov_len;
+ if (ciphertext == nullptr) {
+ if (ciphertext_length == 0) {
+ continue;
+ }
+ aes_gcm_format_errors("ciphertext is nullptr.", error_details);
+ memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ memcpy(tag_tmp, ciphertext, ciphertext_length);
+ tag_tmp += ciphertext_length;
+ total_ciphertext_length -= ciphertext_length;
+ }
+ if (!EVP_CIPHER_CTX_ctrl(aes_gcm_crypter->ctx, EVP_CTRL_GCM_SET_TAG,
+ kAesGcmTagLength, reinterpret_cast<void*>(tag))) {
+ aes_gcm_format_errors("Setting tag failed.", error_details);
+ memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len);
+ return GRPC_STATUS_INTERNAL;
+ }
+ int bytes_written_temp = 0;
+ if (!EVP_DecryptFinal_ex(aes_gcm_crypter->ctx, nullptr,
+ &bytes_written_temp)) {
+ aes_gcm_format_errors("Checking tag failed.", error_details);
+ memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ if (bytes_written_temp != 0) {
+ aes_gcm_format_errors("Openssl wrote some unexpected bytes.",
+ error_details);
+ memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len);
+ return GRPC_STATUS_INTERNAL;
+ }
+ *plaintext_bytes_written = plaintext_vec.iov_len - plaintext_length;
+ return GRPC_STATUS_OK;
+}
+
+static void gsec_aes_gcm_aead_crypter_destroy(gsec_aead_crypter* crypter) {
+ gsec_aes_gcm_aead_crypter* aes_gcm_crypter =
+ reinterpret_cast<gsec_aes_gcm_aead_crypter*>(
+ const_cast<gsec_aead_crypter*>(crypter));
+ gpr_free(aes_gcm_crypter->key);
+ gpr_free(aes_gcm_crypter->rekey_data);
+ EVP_CIPHER_CTX_free(aes_gcm_crypter->ctx);
+}
+
+static const gsec_aead_crypter_vtable vtable = {
+ gsec_aes_gcm_aead_crypter_encrypt_iovec,
+ gsec_aes_gcm_aead_crypter_decrypt_iovec,
+ gsec_aes_gcm_aead_crypter_max_ciphertext_and_tag_length,
+ gsec_aes_gcm_aead_crypter_max_plaintext_length,
+ gsec_aes_gcm_aead_crypter_nonce_length,
+ gsec_aes_gcm_aead_crypter_key_length,
+ gsec_aes_gcm_aead_crypter_tag_length,
+ gsec_aes_gcm_aead_crypter_destroy};
+
+static grpc_status_code aes_gcm_new_evp_cipher_ctx(
+ gsec_aes_gcm_aead_crypter* aes_gcm_crypter, char** error_details) {
+ const EVP_CIPHER* cipher = nullptr;
+ bool is_rekey = aes_gcm_crypter->rekey_data != nullptr;
+ switch (is_rekey ? kRekeyAeadKeyLen : aes_gcm_crypter->key_length) {
+ case kAes128GcmKeyLength:
+ cipher = EVP_aes_128_gcm();
+ break;
+ case kAes256GcmKeyLength:
+ cipher = EVP_aes_256_gcm();
+ break;
+ }
+ const uint8_t* aead_key = aes_gcm_crypter->key;
+ uint8_t aead_key_rekey[kRekeyAeadKeyLen];
+ if (is_rekey) {
+ if (aes_gcm_derive_aead_key(aead_key_rekey, aes_gcm_crypter->key,
+ aes_gcm_crypter->rekey_data->kdf_counter) !=
+ GRPC_STATUS_OK) {
+ aes_gcm_format_errors("Deriving key failed.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ aead_key = aead_key_rekey;
+ }
+ if (!EVP_DecryptInit_ex(aes_gcm_crypter->ctx, cipher, nullptr, aead_key,
+ nullptr)) {
+ aes_gcm_format_errors("Setting key failed.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ if (!EVP_CIPHER_CTX_ctrl(aes_gcm_crypter->ctx, EVP_CTRL_GCM_SET_IVLEN,
+ static_cast<int>(aes_gcm_crypter->nonce_length),
+ nullptr)) {
+ aes_gcm_format_errors("Setting nonce length failed.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ return GRPC_STATUS_OK;
+}
+
+grpc_status_code gsec_aes_gcm_aead_crypter_create(const uint8_t* key,
+ size_t key_length,
+ size_t nonce_length,
+ size_t tag_length, bool rekey,
+ gsec_aead_crypter** crypter,
+ char** error_details) {
+ if (key == nullptr) {
+ aes_gcm_format_errors("key is nullptr.", error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ if (crypter == nullptr) {
+ aes_gcm_format_errors("crypter is nullptr.", error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ *crypter = nullptr;
+ if ((rekey && key_length != kAes128GcmRekeyKeyLength) ||
+ (!rekey && key_length != kAes128GcmKeyLength &&
+ key_length != kAes256GcmKeyLength) ||
+ (tag_length != kAesGcmTagLength) ||
+ (nonce_length != kAesGcmNonceLength)) {
+ aes_gcm_format_errors(
+ "Invalid key and/or nonce and/or tag length are provided at AEAD "
+ "crypter instance construction time.",
+ error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ gsec_aes_gcm_aead_crypter* aes_gcm_crypter =
+ static_cast<gsec_aes_gcm_aead_crypter*>(
+ gpr_malloc(sizeof(gsec_aes_gcm_aead_crypter)));
+ aes_gcm_crypter->crypter.vtable = &vtable;
+ aes_gcm_crypter->nonce_length = nonce_length;
+ aes_gcm_crypter->tag_length = tag_length;
+ if (rekey) {
+ aes_gcm_crypter->key_length = kKdfKeyLen;
+ aes_gcm_crypter->rekey_data = static_cast<gsec_aes_gcm_aead_rekey_data*>(
+ gpr_malloc(sizeof(gsec_aes_gcm_aead_rekey_data)));
+ memcpy(aes_gcm_crypter->rekey_data->nonce_mask, key + kKdfKeyLen,
+ kAesGcmNonceLength);
+ // Set kdf_counter to all-zero for initial key derivation.
+ memset(aes_gcm_crypter->rekey_data->kdf_counter, 0, kKdfCounterLen);
+ } else {
+ aes_gcm_crypter->key_length = key_length;
+ aes_gcm_crypter->rekey_data = nullptr;
+ }
+ aes_gcm_crypter->key =
+ static_cast<uint8_t*>(gpr_malloc(aes_gcm_crypter->key_length));
+ memcpy(aes_gcm_crypter->key, key, aes_gcm_crypter->key_length);
+ aes_gcm_crypter->ctx = EVP_CIPHER_CTX_new();
+ grpc_status_code status =
+ aes_gcm_new_evp_cipher_ctx(aes_gcm_crypter, error_details);
+ if (status != GRPC_STATUS_OK) {
+ gsec_aes_gcm_aead_crypter_destroy(&aes_gcm_crypter->crypter);
+ gpr_free(aes_gcm_crypter);
+ return status;
+ }
+ *crypter = &aes_gcm_crypter->crypter;
+ return GRPC_STATUS_OK;
+}
diff --git a/src/core/tsi/alts/crypt/gsec.cc b/src/core/tsi/alts/crypt/gsec.cc
new file mode 100644
index 0000000..6236591
--- /dev/null
+++ b/src/core/tsi/alts/crypt/gsec.cc
@@ -0,0 +1,189 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/crypt/gsec.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+
+static const char vtable_error_msg[] =
+ "crypter or crypter->vtable has not been initialized properly";
+
+static void maybe_copy_error_msg(const char* src, char** dst) {
+ if (dst != nullptr && src != nullptr) {
+ *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1));
+ memcpy(*dst, src, strlen(src) + 1);
+ }
+}
+
+grpc_status_code gsec_aead_crypter_encrypt(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const uint8_t* aad, size_t aad_length, const uint8_t* plaintext,
+ size_t plaintext_length, uint8_t* ciphertext_and_tag,
+ size_t ciphertext_and_tag_length, size_t* bytes_written,
+ char** error_details) {
+ if (crypter != nullptr && crypter->vtable != nullptr &&
+ crypter->vtable->encrypt_iovec != nullptr) {
+ struct iovec aad_vec = {(void*)aad, aad_length};
+ struct iovec plaintext_vec = {(void*)plaintext, plaintext_length};
+ struct iovec ciphertext_vec = {ciphertext_and_tag,
+ ciphertext_and_tag_length};
+ return crypter->vtable->encrypt_iovec(
+ crypter, nonce, nonce_length, &aad_vec, 1, &plaintext_vec, 1,
+ ciphertext_vec, bytes_written, error_details);
+ }
+ /* An error occurred. */
+ maybe_copy_error_msg(vtable_error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+}
+
+grpc_status_code gsec_aead_crypter_encrypt_iovec(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const struct iovec* aad_vec, size_t aad_vec_length,
+ const struct iovec* plaintext_vec, size_t plaintext_vec_length,
+ struct iovec ciphertext_vec, size_t* ciphertext_bytes_written,
+ char** error_details) {
+ if (crypter != nullptr && crypter->vtable != nullptr &&
+ crypter->vtable->encrypt_iovec != nullptr) {
+ return crypter->vtable->encrypt_iovec(
+ crypter, nonce, nonce_length, aad_vec, aad_vec_length, plaintext_vec,
+ plaintext_vec_length, ciphertext_vec, ciphertext_bytes_written,
+ error_details);
+ }
+ /* An error occurred. */
+ maybe_copy_error_msg(vtable_error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+}
+
+grpc_status_code gsec_aead_crypter_decrypt(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const uint8_t* aad, size_t aad_length, const uint8_t* ciphertext_and_tag,
+ size_t ciphertext_and_tag_length, uint8_t* plaintext,
+ size_t plaintext_length, size_t* bytes_written, char** error_details) {
+ if (crypter != nullptr && crypter->vtable != nullptr &&
+ crypter->vtable->decrypt_iovec != nullptr) {
+ struct iovec aad_vec = {(void*)aad, aad_length};
+ struct iovec ciphertext_vec = {(void*)ciphertext_and_tag,
+ ciphertext_and_tag_length};
+ struct iovec plaintext_vec = {plaintext, plaintext_length};
+ return crypter->vtable->decrypt_iovec(
+ crypter, nonce, nonce_length, &aad_vec, 1, &ciphertext_vec, 1,
+ plaintext_vec, bytes_written, error_details);
+ }
+ /* An error occurred. */
+ maybe_copy_error_msg(vtable_error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+}
+
+grpc_status_code gsec_aead_crypter_decrypt_iovec(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const struct iovec* aad_vec, size_t aad_vec_length,
+ const struct iovec* ciphertext_vec, size_t ciphertext_vec_length,
+ struct iovec plaintext_vec, size_t* plaintext_bytes_written,
+ char** error_details) {
+ if (crypter != nullptr && crypter->vtable != nullptr &&
+ crypter->vtable->encrypt_iovec != nullptr) {
+ return crypter->vtable->decrypt_iovec(
+ crypter, nonce, nonce_length, aad_vec, aad_vec_length, ciphertext_vec,
+ ciphertext_vec_length, plaintext_vec, plaintext_bytes_written,
+ error_details);
+ }
+ /* An error occurred. */
+ maybe_copy_error_msg(vtable_error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+}
+
+grpc_status_code gsec_aead_crypter_max_ciphertext_and_tag_length(
+ const gsec_aead_crypter* crypter, size_t plaintext_length,
+ size_t* max_ciphertext_and_tag_length_to_return, char** error_details) {
+ if (crypter != nullptr && crypter->vtable != nullptr &&
+ crypter->vtable->max_ciphertext_and_tag_length != nullptr) {
+ return crypter->vtable->max_ciphertext_and_tag_length(
+ crypter, plaintext_length, max_ciphertext_and_tag_length_to_return,
+ error_details);
+ }
+ /* An error occurred. */
+ maybe_copy_error_msg(vtable_error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+}
+
+grpc_status_code gsec_aead_crypter_max_plaintext_length(
+ const gsec_aead_crypter* crypter, size_t ciphertext_and_tag_length,
+ size_t* max_plaintext_length_to_return, char** error_details) {
+ if (crypter != nullptr && crypter->vtable != nullptr &&
+ crypter->vtable->max_plaintext_length != nullptr) {
+ return crypter->vtable->max_plaintext_length(
+ crypter, ciphertext_and_tag_length, max_plaintext_length_to_return,
+ error_details);
+ }
+ /* An error occurred. */
+ maybe_copy_error_msg(vtable_error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+}
+
+grpc_status_code gsec_aead_crypter_nonce_length(
+ const gsec_aead_crypter* crypter, size_t* nonce_length_to_return,
+ char** error_details) {
+ if (crypter != nullptr && crypter->vtable != nullptr &&
+ crypter->vtable->nonce_length != nullptr) {
+ return crypter->vtable->nonce_length(crypter, nonce_length_to_return,
+ error_details);
+ }
+ /* An error occurred. */
+ maybe_copy_error_msg(vtable_error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+}
+
+grpc_status_code gsec_aead_crypter_key_length(const gsec_aead_crypter* crypter,
+ size_t* key_length_to_return,
+ char** error_details) {
+ if (crypter != nullptr && crypter->vtable != nullptr &&
+ crypter->vtable->key_length != nullptr) {
+ return crypter->vtable->key_length(crypter, key_length_to_return,
+ error_details);
+ }
+ /* An error occurred */
+ maybe_copy_error_msg(vtable_error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+}
+
+grpc_status_code gsec_aead_crypter_tag_length(const gsec_aead_crypter* crypter,
+ size_t* tag_length_to_return,
+ char** error_details) {
+ if (crypter != nullptr && crypter->vtable != nullptr &&
+ crypter->vtable->tag_length != nullptr) {
+ return crypter->vtable->tag_length(crypter, tag_length_to_return,
+ error_details);
+ }
+ /* An error occurred. */
+ maybe_copy_error_msg(vtable_error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+}
+
+void gsec_aead_crypter_destroy(gsec_aead_crypter* crypter) {
+ if (crypter != nullptr) {
+ if (crypter->vtable != nullptr && crypter->vtable->destruct != nullptr) {
+ crypter->vtable->destruct(crypter);
+ }
+ gpr_free(crypter);
+ }
+}
diff --git a/src/core/tsi/alts/crypt/gsec.h b/src/core/tsi/alts/crypt/gsec.h
new file mode 100644
index 0000000..4d65caa
--- /dev/null
+++ b/src/core/tsi/alts/crypt/gsec.h
@@ -0,0 +1,454 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_CRYPT_GSEC_H
+#define GRPC_CORE_TSI_ALTS_CRYPT_GSEC_H
+
+#include <grpc/support/port_platform.h>
+
+#include <assert.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+#include <grpc/grpc.h>
+
+struct iovec {
+ void* iov_base;
+ size_t iov_len;
+};
+
+/**
+ * A gsec interface for AEAD encryption schemes. The API is thread-compatible.
+ * Each implementation of this interface should specify supported values for
+ * key, nonce, and tag lengths.
+ */
+
+/* Key, nonce, and tag length in bytes */
+const size_t kAesGcmNonceLength = 12;
+const size_t kAesGcmTagLength = 16;
+const size_t kAes128GcmKeyLength = 16;
+const size_t kAes256GcmKeyLength = 32;
+
+// The first 32 bytes are used as a KDF key and the remaining 12 bytes are used
+// to mask the nonce.
+const size_t kAes128GcmRekeyKeyLength = 44;
+
+typedef struct gsec_aead_crypter gsec_aead_crypter;
+
+/**
+ * The gsec_aead_crypter is an API for different AEAD implementations such as
+ * AES_GCM. It encapsulates all AEAD-related operations in the format of
+ * V-table that stores pointers to functions implementing those operations.
+ * It also provides helper functions to wrap each of those function pointers.
+ *
+ * A typical usage of this object would be:
+ *
+ *------------------------------------------------------------------------------
+ * // Declare a gsec_aead_crypter object, and create and assign an instance
+ * // of specific AEAD implementation e.g., AES_GCM to it. We assume both
+ * // key and nonce contain cryptographically secure random bytes, and the key
+ * // can be derived from an upper-layer application.
+ * gsec_aead_crypter* crypter;
+ * char* error_in_creation;
+ * // User can populate the message with any 100 bytes data.
+ * uint8_t* message = gpr_malloc(100);
+ * grpc_status_code creation_status = gsec_aes_gcm_aead_crypter_create(key,
+ * kAes128GcmKeyLength,
+ * kAesGcmNonceLength,
+ * kAesGcmTagLength,
+ * &crypter,
+ * false,
+ * 0
+ * &error_in_creation);
+ *
+ * if (creation_status == GRPC_STATUS_OK) {
+ * // Allocate a correct amount of memory to hold a ciphertext.
+ * size_t clength = 0;
+ * gsec_aead_crypter_max_ciphertext_and_tag_length(crypter, 100, &clength,
+ * nullptr);
+ * uint8_t* ciphertext = gpr_malloc(clength);
+ *
+ * // Perform encryption
+ * size_t num_encrypted_bytes = 0;
+ * char* error_in_encryption = nullptr;
+ * grpc_status_code status = gsec_aead_crypter_encrypt(crypter, nonce,
+ * kAesGcmNonceLength,
+ * nullptr, 0, message,
+ * 100, ciphertext,
+ * clength,
+ * &num_encrypted_bytes,
+ * &error_in_encryption);
+ * if (status == GRPC_STATUS_OK) {
+ * // Allocate a correct amount of memory to hold a plaintext.
+ * size_t plength = 0;
+ * gsec_aead_crypter_max_plaintext_length(crypter, num_encrypted_bytes,
+ * &plength, nullptr);
+ * uint8_t* plaintext = gpr_malloc(plength);
+ *
+ * // Perform decryption.
+ * size_t num_decrypted_bytes = 0;
+ * char* error_in_decryption = nullptr;
+ * status = gsec_aead_crypter_decrypt(crypter, nonce,
+ * kAesGcmNonceLength, nullptr, 0,
+ * ciphertext, num_encrypted_bytes,
+ * plaintext, plength,
+ * &num_decrypted_bytes,
+ * &error_in_decryption);
+ * if (status != GRPC_STATUS_OK) {
+ * fprintf(stderr, "AEAD decrypt operation failed with error code:"
+ * "%d, message: %s\n", status, error_in_decryption);
+ * }
+ * ...
+ * gpr_free(plaintext);
+ * gpr_free(error_in_decryption);
+ * } else {
+ * fprintf(stderr, "AEAD encrypt operation failed with error code:"
+ * "%d, message: %s\n", status, error_in_encryption);
+ * }
+ * ...
+ * gpr_free(ciphertext);
+ * gpr_free(error_in_encryption);
+ * } else {
+ * fprintf(stderr, "Creation of AEAD crypter instance failed with error code:"
+ * "%d, message: %s\n", creation_status, error_in_creation);
+ * }
+ *
+ * // Destruct AEAD crypter instance.
+ * if (creation_status == GRPC_STATUS_OK) {
+ * gsec_aead_crypter_destroy(crypter);
+ * }
+ * gpr_free(error_in_creation);
+ * gpr_free(message);
+ * -----------------------------------------------------------------------------
+ */
+
+/* V-table for gsec AEAD operations */
+typedef struct gsec_aead_crypter_vtable {
+ grpc_status_code (*encrypt_iovec)(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const struct iovec* aad_vec, size_t aad_vec_length,
+ const struct iovec* plaintext_vec, size_t plaintext_vec_length,
+ struct iovec ciphertext_vec, size_t* ciphertext_bytes_written,
+ char** error_details);
+ grpc_status_code (*decrypt_iovec)(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const struct iovec* aad_vec, size_t aad_vec_length,
+ const struct iovec* ciphertext_vec, size_t ciphertext_vec_length,
+ struct iovec plaintext_vec, size_t* plaintext_bytes_written,
+ char** error_details);
+ grpc_status_code (*max_ciphertext_and_tag_length)(
+ const gsec_aead_crypter* crypter, size_t plaintext_length,
+ size_t* max_ciphertext_and_tag_length_to_return, char** error_details);
+ grpc_status_code (*max_plaintext_length)(
+ const gsec_aead_crypter* crypter, size_t ciphertext_and_tag_length,
+ size_t* max_plaintext_length_to_return, char** error_details);
+ grpc_status_code (*nonce_length)(const gsec_aead_crypter* crypter,
+ size_t* nonce_length_to_return,
+ char** error_details);
+ grpc_status_code (*key_length)(const gsec_aead_crypter* crypter,
+ size_t* key_length_to_return,
+ char** error_details);
+ grpc_status_code (*tag_length)(const gsec_aead_crypter* crypter,
+ size_t* tag_length_to_return,
+ char** error_details);
+ void (*destruct)(gsec_aead_crypter* crypter);
+} gsec_aead_crypter_vtable;
+
+/* Main struct for gsec interface */
+struct gsec_aead_crypter {
+ const struct gsec_aead_crypter_vtable* vtable;
+};
+
+/**
+ * This method performs an AEAD encrypt operation.
+ *
+ * - crypter: AEAD crypter instance.
+ * - nonce: buffer containing a nonce with its size equal to nonce_length.
+ * - nonce_length: size of nonce buffer, and must be equal to the value returned
+ * from method gsec_aead_crypter_nonce_length.
+ * - aad: buffer containing data that needs to be authenticated but not
+ * encrypted with its size equal to aad_length.
+ * - aad_length: size of aad buffer, which should be zero if the buffer is
+ * nullptr.
+ * - plaintext: buffer containing data that needs to be both encrypted and
+ * authenticated with its size equal to plaintext_length.
+ * - plaintext_length: size of plaintext buffer, which should be zero if
+ * plaintext is nullptr.
+ * - ciphertext_and_tag: buffer that will contain ciphertext and tags the method
+ * produced. The buffer should not overlap the plaintext buffer, and pointers
+ * to those buffers should not be equal. Also if the ciphertext+tag buffer is
+ * nullptr, the plaintext_length should be zero.
+ * - ciphertext_and_tag_length: size of ciphertext+tag buffer, which should be
+ * at least as long as the one returned from method
+ * gsec_aead_crypter_max_ciphertext_and_tag_length.
+ * - bytes_written: the actual number of bytes written to the ciphertext+tag
+ * buffer. If bytes_written is nullptr, the plaintext_length should be zero.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On the success of encryption, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ *
+ */
+grpc_status_code gsec_aead_crypter_encrypt(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const uint8_t* aad, size_t aad_length, const uint8_t* plaintext,
+ size_t plaintext_length, uint8_t* ciphertext_and_tag,
+ size_t ciphertext_and_tag_length, size_t* bytes_written,
+ char** error_details);
+
+/**
+ * This method performs an AEAD encrypt operation.
+ *
+ * - crypter: AEAD crypter instance.
+ * - nonce: buffer containing a nonce with its size equal to nonce_length.
+ * - nonce_length: size of nonce buffer, and must be equal to the value returned
+ * from method gsec_aead_crypter_nonce_length.
+ * - aad_vec: an iovec array containing data that needs to be authenticated but
+ * not encrypted.
+ * - aad_vec_length: the array length of aad_vec.
+ * - plaintext_vec: an iovec array containing data that needs to be both
+ * encrypted and authenticated.
+ * - plaintext_vec_length: the array length of plaintext_vec.
+ * - ciphertext_vec: an iovec containing a ciphertext buffer. The buffer should
+ * not overlap the plaintext buffer.
+ * - ciphertext_bytes_written: the actual number of bytes written to
+ * ciphertext_vec.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On the success of encryption, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ *
+ */
+grpc_status_code gsec_aead_crypter_encrypt_iovec(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const struct iovec* aad_vec, size_t aad_vec_length,
+ const struct iovec* plaintext_vec, size_t plaintext_vec_length,
+ struct iovec ciphertext_vec, size_t* ciphertext_bytes_written,
+ char** error_details);
+
+/**
+ * This method performs an AEAD decrypt operation.
+ *
+ * - crypter: AEAD crypter instance.
+ * - nonce: buffer containing a nonce with its size equal to nonce_length.
+ * - nonce_length: size of nonce buffer, and must be equal to the value returned
+ * from method gsec_aead_crypter_nonce_length.
+ * - aad: buffer containing data that needs to be authenticated only.
+ * - aad_length: size of aad buffer, which should be zero if the buffer is
+ * nullptr.
+ * - ciphertext_and_tag: buffer containing ciphertext and tag.
+ * - ciphertext_and_tag_length: length of ciphertext and tag. It should be zero
+ * if any of plaintext, ciphertext_and_tag, or bytes_written is nullptr. Also,
+ * ciphertext_and_tag_length should be at least as large as the tag length set
+ * at AEAD crypter instance construction time.
+ * - plaintext: buffer containing decrypted and authenticated data the method
+ * produced. The buffer should not overlap with the ciphertext+tag buffer, and
+ * pointers to those buffers should not be equal.
+ * - plaintext_length: size of plaintext buffer, which should be at least as
+ * long as the one returned from gsec_aead_crypter_max_plaintext_length
+ * method.
+ * - bytes_written: the actual number of bytes written to the plaintext
+ * buffer.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On the success of decryption, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code gsec_aead_crypter_decrypt(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const uint8_t* aad, size_t aad_length, const uint8_t* ciphertext_and_tag,
+ size_t ciphertext_and_tag_length, uint8_t* plaintext,
+ size_t plaintext_length, size_t* bytes_written, char** error_details);
+
+/**
+ * This method performs an AEAD decrypt operation.
+ *
+ * - crypter: AEAD crypter instance.
+ * - nonce: buffer containing a nonce with its size equal to nonce_length.
+ * - nonce_length: size of nonce buffer, and must be equal to the value returned
+ * from method gsec_aead_crypter_nonce_length.
+ * - aad_vec: an iovec array containing data that needs to be authenticated but
+ * not encrypted.
+ * - aad_vec_length: the array length of aad_vec.
+ * - ciphertext_vec: an iovec array containing the ciphertext and tag.
+ * - ciphertext_vec_length: the array length of ciphertext_vec.
+ * - plaintext_vec: an iovec containing a plaintext buffer. The buffer should
+ * not overlap the ciphertext buffer.
+ * - plaintext_bytes_written: the actual number of bytes written to
+ * plaintext_vec.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On the success of decryption, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code gsec_aead_crypter_decrypt_iovec(
+ gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length,
+ const struct iovec* aad_vec, size_t aad_vec_length,
+ const struct iovec* ciphertext_vec, size_t ciphertext_vec_length,
+ struct iovec plaintext_vec, size_t* plaintext_bytes_written,
+ char** error_details);
+
+/**
+ * This method computes the size of ciphertext+tag buffer that must be passed to
+ * gsec_aead_crypter_encrypt function to ensure correct encryption of a
+ * plaintext. The actual size of ciphertext+tag written to the buffer could be
+ * smaller.
+ *
+ * - crypter: AEAD crypter instance.
+ * - plaintext_length: length of plaintext.
+ * - max_ciphertext_and_tag_length_to_return: the size of ciphertext+tag buffer
+ * the method returns.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code gsec_aead_crypter_max_ciphertext_and_tag_length(
+ const gsec_aead_crypter* crypter, size_t plaintext_length,
+ size_t* max_ciphertext_and_tag_length_to_return, char** error_details);
+
+/**
+ * This method computes the size of plaintext buffer that must be passed to
+ * gsec_aead_crypter_decrypt function to ensure correct decryption of a
+ * ciphertext. The actual size of plaintext written to the buffer could be
+ * smaller.
+ *
+ * - crypter: AEAD crypter instance.
+ * - ciphertext_and_tag_length: length of ciphertext and tag.
+ * - max_plaintext_length_to_return: the size of plaintext buffer the method
+ * returns.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code gsec_aead_crypter_max_plaintext_length(
+ const gsec_aead_crypter* crypter, size_t ciphertext_and_tag_length,
+ size_t* max_plaintext_length_to_return, char** error_details);
+
+/**
+ * This method returns a valid size of nonce array used at the construction of
+ * AEAD crypter instance. It is also the size that should be passed to encrypt
+ * and decrypt methods executed on the instance.
+ *
+ * - crypter: AEAD crypter instance.
+ * - nonce_length_to_return: the length of nonce array the method returns.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code gsec_aead_crypter_nonce_length(
+ const gsec_aead_crypter* crypter, size_t* nonce_length_to_return,
+ char** error_details);
+
+/**
+ * This method returns a valid size of key array used at the construction of
+ * AEAD crypter instance. It is also the size that should be passed to encrypt
+ * and decrypt methods executed on the instance.
+ *
+ * - crypter: AEAD crypter instance.
+ * - key_length_to_return: the length of key array the method returns.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code gsec_aead_crypter_key_length(const gsec_aead_crypter* crypter,
+ size_t* key_length_to_return,
+ char** error_details);
+/**
+ * This method returns a valid size of tag array used at the construction of
+ * AEAD crypter instance. It is also the size that should be passed to encrypt
+ * and decrypt methods executed on the instance.
+ *
+ * - crypter: AEAD crypter instance.
+ * - tag_length_to_return: the length of tag array the method returns.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code gsec_aead_crypter_tag_length(const gsec_aead_crypter* crypter,
+ size_t* tag_length_to_return,
+ char** error_details);
+
+/**
+ * This method destroys an AEAD crypter instance by de-allocating all of its
+ * occupied memory.
+ *
+ * - crypter: AEAD crypter instance that needs to be destroyed.
+ */
+void gsec_aead_crypter_destroy(gsec_aead_crypter* crypter);
+
+/**
+ * This method creates an AEAD crypter instance of AES-GCM encryption scheme
+ * which supports 16 and 32 bytes long keys, 12 and 16 bytes long nonces, and
+ * 16 bytes long tags. It should be noted that once the lengths of key, nonce,
+ * and tag are determined at construction time, they cannot be modified later.
+ *
+ * - key: buffer containing a key which is binded with AEAD crypter instance.
+ * - key_length: length of a key in bytes, which should be 44 if rekeying is
+ * enabled and 16 or 32 otherwise.
+ * - nonce_length: length of a nonce in bytes, which should be either 12 or 16.
+ * - tag_length: length of a tag in bytes, which should be always 16.
+ * - rekey: enable nonce-based rekeying and nonce-masking.
+ * - crypter: address of AES_GCM crypter instance returned from the method.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On success of instance creation, it stores the address of instance at
+ * crypter. Otherwise, it returns an error status code together with its details
+ * specified in error_details.
+ */
+grpc_status_code gsec_aes_gcm_aead_crypter_create(const uint8_t* key,
+ size_t key_length,
+ size_t nonce_length,
+ size_t tag_length, bool rekey,
+ gsec_aead_crypter** crypter,
+ char** error_details);
+
+#endif /* GRPC_CORE_TSI_ALTS_CRYPT_GSEC_H */
diff --git a/src/core/tsi/alts/frame_protector/alts_counter.cc b/src/core/tsi/alts/frame_protector/alts_counter.cc
new file mode 100644
index 0000000..de163e3
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/alts_counter.cc
@@ -0,0 +1,118 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/frame_protector/alts_counter.h"
+
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+
+static void maybe_copy_error_msg(const char* src, char** dst) {
+ if (dst != nullptr && src != nullptr) {
+ *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1));
+ memcpy(*dst, src, strlen(src) + 1);
+ }
+}
+
+grpc_status_code alts_counter_create(bool is_client, size_t counter_size,
+ size_t overflow_size,
+ alts_counter** crypter_counter,
+ char** error_details) {
+ /* Perform input sanity check. */
+ if (counter_size == 0) {
+ const char error_msg[] = "counter_size is invalid.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (overflow_size == 0 || overflow_size >= counter_size) {
+ const char error_msg[] = "overflow_size is invalid.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (crypter_counter == nullptr) {
+ const char error_msg[] = "crypter_counter is nullptr.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ *crypter_counter =
+ static_cast<alts_counter*>(gpr_malloc(sizeof(**crypter_counter)));
+ (*crypter_counter)->size = counter_size;
+ (*crypter_counter)->overflow_size = overflow_size;
+ (*crypter_counter)->counter =
+ static_cast<unsigned char*>(gpr_zalloc(counter_size));
+ if (is_client) {
+ ((*crypter_counter)->counter)[counter_size - 1] = 0x80;
+ }
+ return GRPC_STATUS_OK;
+}
+
+grpc_status_code alts_counter_increment(alts_counter* crypter_counter,
+ bool* is_overflow,
+ char** error_details) {
+ /* Perform input sanity check. */
+ if (crypter_counter == nullptr) {
+ const char error_msg[] = "crypter_counter is nullptr.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (is_overflow == nullptr) {
+ const char error_msg[] = "is_overflow is nullptr.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ /* Increment the internal counter. */
+ size_t i = 0;
+ for (; i < crypter_counter->overflow_size; i++) {
+ (crypter_counter->counter)[i]++;
+ if ((crypter_counter->counter)[i] != 0x00) {
+ break;
+ }
+ }
+ /**
+ * If the lower overflow_size bytes are all zero, the counter has overflowed.
+ */
+ if (i == crypter_counter->overflow_size) {
+ *is_overflow = true;
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ *is_overflow = false;
+ return GRPC_STATUS_OK;
+}
+
+size_t alts_counter_get_size(alts_counter* crypter_counter) {
+ if (crypter_counter == nullptr) {
+ return 0;
+ }
+ return crypter_counter->size;
+}
+
+unsigned char* alts_counter_get_counter(alts_counter* crypter_counter) {
+ if (crypter_counter == nullptr) {
+ return nullptr;
+ }
+ return crypter_counter->counter;
+}
+
+void alts_counter_destroy(alts_counter* crypter_counter) {
+ if (crypter_counter != nullptr) {
+ gpr_free(crypter_counter->counter);
+ gpr_free(crypter_counter);
+ }
+}
diff --git a/src/core/tsi/alts/frame_protector/alts_counter.h b/src/core/tsi/alts/frame_protector/alts_counter.h
new file mode 100644
index 0000000..d705638
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/alts_counter.h
@@ -0,0 +1,98 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_COUNTER_H
+#define GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_COUNTER_H
+
+#include <grpc/support/port_platform.h>
+
+#include <stdbool.h>
+#include <stdlib.h>
+
+#include <grpc/grpc.h>
+
+/* Main struct for a crypter counter managed within seal/unseal operations. */
+typedef struct alts_counter {
+ size_t size;
+ size_t overflow_size;
+ unsigned char* counter;
+} alts_counter;
+
+/**
+ * This method creates and initializes an alts_counter instance.
+ *
+ * - is_client: a flag indicating if the alts_counter instance will be used
+ * at client (is_client = true) or server (is_client = false) side.
+ * - counter_size: size of buffer holding the counter value.
+ * - overflow_size: overflow size in bytes. The counter instance can be used
+ * to produce at most 2^(overflow_size*8) frames.
+ * - crypter_counter: an alts_counter instance to be returned from the method.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On success, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code alts_counter_create(bool is_client, size_t counter_size,
+ size_t overflow_size,
+ alts_counter** crypter_counter,
+ char** error_details);
+
+/**
+ * This method increments the internal counter.
+ *
+ * - crypter_counter: an alts_counter instance.
+ * - is_overflow: after incrementing the internal counter, if an overflow
+ * occurs, is_overflow is set to true, and no further calls to
+ * alts_counter_increment() should be made. Otherwise, is_overflow is set to
+ * false.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On success, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code alts_counter_increment(alts_counter* crypter_counter,
+ bool* is_overflow,
+ char** error_details);
+
+/**
+ * This method returns the size of counter buffer.
+ *
+ * - crypter_counter: an alts_counter instance.
+ */
+size_t alts_counter_get_size(alts_counter* crypter_counter);
+
+/**
+ * This method returns the counter buffer.
+ *
+ * - crypter_counter: an alts_counter instance.
+ */
+unsigned char* alts_counter_get_counter(alts_counter* crypter_counter);
+
+/**
+ * This method de-allocates all memory allocated to an alts_coutner instance.
+ * - crypter_counter: an alts_counter instance.
+ */
+void alts_counter_destroy(alts_counter* crypter_counter);
+
+#endif /* GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_COUNTER_H */
diff --git a/src/core/tsi/alts/frame_protector/alts_crypter.cc b/src/core/tsi/alts/frame_protector/alts_crypter.cc
new file mode 100644
index 0000000..56f0512
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/alts_crypter.cc
@@ -0,0 +1,66 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/frame_protector/alts_crypter.h"
+
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+
+static void maybe_copy_error_msg(const char* src, char** dst) {
+ if (dst != nullptr && src != nullptr) {
+ *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1));
+ memcpy(*dst, src, strlen(src) + 1);
+ }
+}
+
+grpc_status_code alts_crypter_process_in_place(
+ alts_crypter* crypter, unsigned char* data, size_t data_allocated_size,
+ size_t data_size, size_t* output_size, char** error_details) {
+ if (crypter != nullptr && crypter->vtable != nullptr &&
+ crypter->vtable->process_in_place != nullptr) {
+ return crypter->vtable->process_in_place(crypter, data, data_allocated_size,
+ data_size, output_size,
+ error_details);
+ }
+ /* An error occurred. */
+ const char error_msg[] =
+ "crypter or crypter->vtable has not been initialized properly.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+}
+
+size_t alts_crypter_num_overhead_bytes(const alts_crypter* crypter) {
+ if (crypter != nullptr && crypter->vtable != nullptr &&
+ crypter->vtable->num_overhead_bytes != nullptr) {
+ return crypter->vtable->num_overhead_bytes(crypter);
+ }
+ /* An error occurred. */
+ return 0;
+}
+
+void alts_crypter_destroy(alts_crypter* crypter) {
+ if (crypter != nullptr) {
+ if (crypter->vtable != nullptr && crypter->vtable->destruct != nullptr) {
+ crypter->vtable->destruct(crypter);
+ }
+ gpr_free(crypter);
+ }
+}
diff --git a/src/core/tsi/alts/frame_protector/alts_crypter.h b/src/core/tsi/alts/frame_protector/alts_crypter.h
new file mode 100644
index 0000000..3140778
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/alts_crypter.h
@@ -0,0 +1,255 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_CRYPTER_H
+#define GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_CRYPTER_H
+
+#include <grpc/support/port_platform.h>
+
+#include <stdbool.h>
+#include <string.h>
+
+#include <grpc/grpc.h>
+
+#include "src/core/tsi/alts/crypt/gsec.h"
+
+/**
+ * An alts_crypter interface for an ALTS record protocol providing
+ * seal/unseal functionality. The interface is thread-compatible.
+ */
+
+typedef struct alts_crypter alts_crypter;
+
+/**
+ * A typical usage of the interface would be
+ *------------------------------------------------------------------------------
+ * // Perform a seal operation. We assume the gsec_aead_crypter instance -
+ * // client_aead_crypter is created beforehand with a 16-byte key and 12-byte
+ * // nonce length.
+ *
+ * alts_crypter* client = nullptr;
+ * char* client_error_in_creation = nullptr;
+ * unsigned char* data = nullptr;
+ * grpc_status_code client_status =
+ * alts_seal_crypter_create(client_aead_crypter, 1, 5, &client,
+ * &client_error_in_creation);
+ * if (client_status == GRPC_STATUS_OK) {
+ * size_t data_size = 100;
+ * size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(client);
+ * size_t data_allocated_size = data_size + num_overhead_bytes;
+ * data = gpr_malloc(data_allocated_size);
+ * char* client_error_in_seal = nullptr;
+ * // Client performs a seal operation.
+ * client_status = alts_crypter_process_in_place(client, data,
+ * data_allocated_size,
+ * &data_size,
+ * &client_error_in_seal);
+ * if (client_status != GRPC_STATUS_OK) {
+ * fprintf(stderr, "seal operation failed with error code:"
+ * "%d, message: %s\n", client_status,
+ * client_error_in_seal);
+ * }
+ * gpr_free(client_error_in_seal);
+ * } else {
+ * fprintf(stderr, "alts_crypter instance creation failed with error"
+ * "code: %d, message: %s\n", client_status,
+ * client_error_in_creation);
+ * }
+ *
+ * ...
+ *
+ * gpr_free(client_error_in_creation);
+ * alts_crypter_destroy(client);
+ *
+ * ...
+ *
+ * // Perform an unseal operation. We assume the gsec_aead_crypter instance -
+ * // server_aead_crypter is created beforehand with a 16-byte key and 12-byte
+ * // nonce length. The key used in the creation of gsec_aead_crypter instances
+ * // at server and client sides should be identical.
+ *
+ * alts_crypter* server = nullptr;
+ * char* server_error_in_creation = nullptr;
+ * grpc_status_code server_status =
+ * alts_unseal_crypter_create(server_aead_crypter, 0, 5, &server,
+ * &server_error_in_creation);
+ * if (server_status == GRPC_STATUS_OK) {
+ * size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server);
+ * size_t data_size = 100 + num_overhead_bytes;
+ * size_t data_allocated_size = data_size;
+ * char* server_error_in_unseal = nullptr;
+ * // Server performs an unseal operation.
+ * server_status = alts_crypter_process_in_place(server, data,
+ * data_allocated_size,
+ * &data_size,
+ * &server_error_in_unseal);
+ * if (server_status != GRPC_STATUS_OK) {
+ * fprintf(stderr, "unseal operation failed with error code:"
+ * "%d, message: %s\n", server_status,
+ * server_error_in_unseal);
+ * }
+ * gpr_free(server_error_in_unseal);
+ * } else {
+ * fprintf(stderr, "alts_crypter instance creation failed with error"
+ * "code: %d, message: %s\n", server_status,
+ * server_error_in_creation);
+ * }
+ *
+ * ...
+ *
+ * gpr_free(data);
+ * gpr_free(server_error_in_creation);
+ * alts_crypter_destroy(server);
+ *
+ * ...
+ *------------------------------------------------------------------------------
+ */
+
+/* V-table for alts_crypter operations */
+typedef struct alts_crypter_vtable {
+ size_t (*num_overhead_bytes)(const alts_crypter* crypter);
+ grpc_status_code (*process_in_place)(alts_crypter* crypter,
+ unsigned char* data,
+ size_t data_allocated_size,
+ size_t data_size, size_t* output_size,
+ char** error_details);
+ void (*destruct)(alts_crypter* crypter);
+} alts_crypter_vtable;
+
+/* Main struct for alts_crypter interface */
+struct alts_crypter {
+ const alts_crypter_vtable* vtable;
+};
+
+/**
+ * This method gets the number of overhead bytes needed for sealing data that
+ * is the difference in size between the protected and raw data. The counter
+ * value used in a seal or unseal operation is locally maintained (not sent or
+ * received from the other peer) and therefore, will not be counted as part of
+ * overhead bytes.
+ *
+ * - crypter: an alts_crypter instance.
+ *
+ * On success, the method returns the number of overhead bytes. Otherwise, it
+ * returns zero.
+ *
+ */
+size_t alts_crypter_num_overhead_bytes(const alts_crypter* crypter);
+
+/**
+ * This method performs either a seal or an unseal operation depending on the
+ * alts_crypter instance - crypter passed to the method. If the crypter is
+ * an instance implementing a seal operation, the method will perform a seal
+ * operation. That is, it seals raw data and stores the result in-place, and the
+ * memory allocated for data must be at least data_length +
+ * alts_crypter_num_overhead_bytes(). If the crypter is an instance
+ * implementing an unseal operation, the method will perform an unseal
+ * operation. That is, it unseals protected data and stores the result in-place.
+ * The size of unsealed data will be data_length -
+ * alts_crypter_num_overhead_bytes(). Integrity tag will be verified during
+ * the unseal operation, and if verification fails, the data will be wiped.
+ * The counters used in both seal and unseal operations are managed internally.
+ *
+ * - crypter: an alts_crypter instance.
+ * - data: if the method performs a seal operation, the data represents raw data
+ * that needs to be sealed. It also plays the role of buffer to hold the
+ * protected data as a result of seal. If the method performs an unseal
+ * operation, the data represents protected data that needs to be unsealed. It
+ * also plays the role of buffer to hold raw data as a result of unseal.
+ * - data_allocated_size: the size of data buffer. The parameter is used to
+ * check whether the result of either seal or unseal can be safely written to
+ * the data buffer.
+ * - data_size: if the method performs a seal operation, data_size
+ * represents the size of raw data that needs to be sealed, and if the method
+ * performs an unseal operation, data_size represents the size of protected
+ * data that needs to be unsealed.
+ * - output_size: size of data written to the data buffer after a seal or an
+ * unseal operation.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is legal to pass nullptr into error_details and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On success, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code alts_crypter_process_in_place(
+ alts_crypter* crypter, unsigned char* data, size_t data_allocated_size,
+ size_t data_size, size_t* output_size, char** error_details);
+
+/**
+ * This method creates an alts_crypter instance to be used to perform a seal
+ * operation, given a gsec_aead_crypter instance and a flag indicating if the
+ * created instance will be used at the client or server side. It takes
+ * ownership of gsec_aead_crypter instance.
+ *
+ * - gc: a gsec_aead_crypter instance used to perform AEAD encryption.
+ * - is_client: a flag indicating if the alts_crypter instance will be
+ * used at the client (is_client = true) or server (is_client =
+ * false) side.
+ * - overflow_size: overflow size of counter in bytes.
+ * - crypter: an alts_crypter instance to be returned from the method.
+ * - error_details: a buffer containing an error message if the method does
+ * not function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On success of creation, the method returns GRPC_STATUS_OK.
+ * Otherwise, it returns an error status code along with its details specified
+ * in error_details (if error_details is not nullptr).
+ */
+grpc_status_code alts_seal_crypter_create(gsec_aead_crypter* gc, bool is_client,
+ size_t overflow_size,
+ alts_crypter** crypter,
+ char** error_details);
+
+/**
+ * This method creates an alts_crypter instance used to perform an unseal
+ * operation, given a gsec_aead_crypter instance and a flag indicating if the
+ * created instance will be used at the client or server side. It takes
+ * ownership of gsec_aead_crypter instance.
+ *
+ * - gc: a gsec_aead_crypter instance used to perform AEAD decryption.
+ * - is_client: a flag indicating if the alts_crypter instance will be
+ * used at the client (is_client = true) or server (is_client =
+ * false) side.
+ * - overflow_size: overflow size of counter in bytes.
+ * - crypter: an alts_crypter instance to be returned from the method.
+ * - error_details: a buffer containing an error message if the method does
+ * not function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On success of creation, the method returns GRPC_STATUS_OK.
+ * Otherwise, it returns an error status code along with its details specified
+ * in error_details (if error_details is not nullptr).
+ */
+grpc_status_code alts_unseal_crypter_create(gsec_aead_crypter* gc,
+ bool is_client,
+ size_t overflow_size,
+ alts_crypter** crypter,
+ char** error_details);
+
+/**
+ * This method destroys an alts_crypter instance by de-allocating all of its
+ * occupied memory. A gsec_aead_crypter instance passed in at alts_crypter
+ * instance creation time will be destroyed in this method.
+ *
+ * - crypter: an alts_crypter instance.
+ */
+void alts_crypter_destroy(alts_crypter* crypter);
+
+#endif /* GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_CRYPTER_H */
diff --git a/src/core/tsi/alts/frame_protector/alts_frame_protector.cc b/src/core/tsi/alts/frame_protector/alts_frame_protector.cc
new file mode 100644
index 0000000..bfa0b7a
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/alts_frame_protector.cc
@@ -0,0 +1,407 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/frame_protector/alts_frame_protector.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/gpr/useful.h"
+#include "src/core/tsi/alts/crypt/gsec.h"
+#include "src/core/tsi/alts/frame_protector/alts_crypter.h"
+#include "src/core/tsi/alts/frame_protector/frame_handler.h"
+#include "src/core/tsi/transport_security.h"
+
+constexpr size_t kMinFrameLength = 1024;
+constexpr size_t kDefaultFrameLength = 16 * 1024;
+constexpr size_t kMaxFrameLength = 1024 * 1024;
+
+// Limit k on number of frames such that at most 2^(8 * k) frames can be sent.
+constexpr size_t kAltsRecordProtocolRekeyFrameLimit = 8;
+constexpr size_t kAltsRecordProtocolFrameLimit = 5;
+
+/* Main struct for alts_frame_protector. */
+struct alts_frame_protector {
+ tsi_frame_protector base;
+ alts_crypter* seal_crypter;
+ alts_crypter* unseal_crypter;
+ alts_frame_writer* writer;
+ alts_frame_reader* reader;
+ unsigned char* in_place_protect_buffer;
+ unsigned char* in_place_unprotect_buffer;
+ size_t in_place_protect_bytes_buffered;
+ size_t in_place_unprotect_bytes_processed;
+ size_t max_protected_frame_size;
+ size_t max_unprotected_frame_size;
+ size_t overhead_length;
+ size_t counter_overflow;
+};
+
+static tsi_result seal(alts_frame_protector* impl) {
+ char* error_details = nullptr;
+ size_t output_size = 0;
+ grpc_status_code status = alts_crypter_process_in_place(
+ impl->seal_crypter, impl->in_place_protect_buffer,
+ impl->max_protected_frame_size, impl->in_place_protect_bytes_buffered,
+ &output_size, &error_details);
+ impl->in_place_protect_bytes_buffered = output_size;
+ if (status != GRPC_STATUS_OK) {
+ gpr_log(GPR_ERROR, "%s", error_details);
+ gpr_free(error_details);
+ return TSI_INTERNAL_ERROR;
+ }
+ return TSI_OK;
+}
+
+static size_t max_encrypted_payload_bytes(alts_frame_protector* impl) {
+ return impl->max_protected_frame_size - kFrameHeaderSize;
+}
+
+static tsi_result alts_protect_flush(tsi_frame_protector* self,
+ unsigned char* protected_output_frames,
+ size_t* protected_output_frames_size,
+ size_t* still_pending_size) {
+ if (self == nullptr || protected_output_frames == nullptr ||
+ protected_output_frames_size == nullptr ||
+ still_pending_size == nullptr) {
+ gpr_log(GPR_ERROR, "Invalid nullptr arguments to alts_protect_flush().");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_frame_protector* impl = reinterpret_cast<alts_frame_protector*>(self);
+ /**
+ * If there's nothing to flush (i.e., in_place_protect_buffer is empty),
+ * we're done.
+ */
+ if (impl->in_place_protect_bytes_buffered == 0) {
+ *protected_output_frames_size = 0;
+ *still_pending_size = 0;
+ return TSI_OK;
+ }
+ /**
+ * If a new frame can start being processed, we encrypt the payload and reset
+ * the frame writer to point to in_place_protect_buffer that holds the newly
+ * sealed frame.
+ */
+ if (alts_is_frame_writer_done(impl->writer)) {
+ tsi_result result = seal(impl);
+ if (result != TSI_OK) {
+ return result;
+ }
+ if (!alts_reset_frame_writer(impl->writer, impl->in_place_protect_buffer,
+ impl->in_place_protect_bytes_buffered)) {
+ gpr_log(GPR_ERROR, "Couldn't reset frame writer.");
+ return TSI_INTERNAL_ERROR;
+ }
+ }
+ /**
+ * Write the sealed frame as much as possible to protected_output_frames. It's
+ * possible a frame will not be written out completely by a single flush
+ * (i.e., still_pending_size != 0), in which case the flush should be called
+ * iteratively until a complete frame has been written out.
+ */
+ size_t written_frame_bytes = *protected_output_frames_size;
+ if (!alts_write_frame_bytes(impl->writer, protected_output_frames,
+ &written_frame_bytes)) {
+ gpr_log(GPR_ERROR, "Couldn't write frame bytes.");
+ return TSI_INTERNAL_ERROR;
+ }
+ *protected_output_frames_size = written_frame_bytes;
+ *still_pending_size = alts_get_num_writer_bytes_remaining(impl->writer);
+ /**
+ * If the current frame has been finished processing (i.e., sealed and written
+ * out completely), we empty in_place_protect_buffer.
+ */
+ if (alts_is_frame_writer_done(impl->writer)) {
+ impl->in_place_protect_bytes_buffered = 0;
+ }
+ return TSI_OK;
+}
+
+static tsi_result alts_protect(tsi_frame_protector* self,
+ const unsigned char* unprotected_bytes,
+ size_t* unprotected_bytes_size,
+ unsigned char* protected_output_frames,
+ size_t* protected_output_frames_size) {
+ if (self == nullptr || unprotected_bytes == nullptr ||
+ unprotected_bytes_size == nullptr || protected_output_frames == nullptr ||
+ protected_output_frames_size == nullptr) {
+ gpr_log(GPR_ERROR, "Invalid nullptr arguments to alts_protect().");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_frame_protector* impl = reinterpret_cast<alts_frame_protector*>(self);
+
+ /**
+ * If more payload can be buffered, we buffer it as much as possible to
+ * in_place_protect_buffer.
+ */
+ if (impl->in_place_protect_bytes_buffered + impl->overhead_length <
+ max_encrypted_payload_bytes(impl)) {
+ size_t bytes_to_buffer = GPR_MIN(*unprotected_bytes_size,
+ max_encrypted_payload_bytes(impl) -
+ impl->in_place_protect_bytes_buffered -
+ impl->overhead_length);
+ *unprotected_bytes_size = bytes_to_buffer;
+ if (bytes_to_buffer > 0) {
+ memcpy(
+ impl->in_place_protect_buffer + impl->in_place_protect_bytes_buffered,
+ unprotected_bytes, bytes_to_buffer);
+ impl->in_place_protect_bytes_buffered += bytes_to_buffer;
+ }
+ } else {
+ *unprotected_bytes_size = 0;
+ }
+ /**
+ * If a full frame has been buffered, we output it. If the first condition
+ * holds, then there exists an unencrypted full frame. If the second
+ * condition holds, then there exists a full frame that has already been
+ * encrypted.
+ */
+ if (max_encrypted_payload_bytes(impl) ==
+ impl->in_place_protect_bytes_buffered + impl->overhead_length ||
+ max_encrypted_payload_bytes(impl) ==
+ impl->in_place_protect_bytes_buffered) {
+ size_t still_pending_size = 0;
+ return alts_protect_flush(self, protected_output_frames,
+ protected_output_frames_size,
+ &still_pending_size);
+ } else {
+ *protected_output_frames_size = 0;
+ return TSI_OK;
+ }
+}
+
+static tsi_result unseal(alts_frame_protector* impl) {
+ char* error_details = nullptr;
+ size_t output_size = 0;
+ grpc_status_code status = alts_crypter_process_in_place(
+ impl->unseal_crypter, impl->in_place_unprotect_buffer,
+ impl->max_unprotected_frame_size,
+ alts_get_output_bytes_read(impl->reader), &output_size, &error_details);
+ if (status != GRPC_STATUS_OK) {
+ gpr_log(GPR_ERROR, "%s", error_details);
+ gpr_free(error_details);
+ return TSI_DATA_CORRUPTED;
+ }
+ return TSI_OK;
+}
+
+static void ensure_buffer_size(alts_frame_protector* impl) {
+ if (!alts_has_read_frame_length(impl->reader)) {
+ return;
+ }
+ size_t buffer_space_remaining = impl->max_unprotected_frame_size -
+ alts_get_output_bytes_read(impl->reader);
+ /**
+ * Check if we need to resize in_place_unprotect_buffer in order to hold
+ * remaining bytes of a full frame.
+ */
+ if (buffer_space_remaining < alts_get_reader_bytes_remaining(impl->reader)) {
+ size_t buffer_len = alts_get_output_bytes_read(impl->reader) +
+ alts_get_reader_bytes_remaining(impl->reader);
+ unsigned char* buffer = static_cast<unsigned char*>(gpr_malloc(buffer_len));
+ memcpy(buffer, impl->in_place_unprotect_buffer,
+ alts_get_output_bytes_read(impl->reader));
+ impl->max_unprotected_frame_size = buffer_len;
+ gpr_free(impl->in_place_unprotect_buffer);
+ impl->in_place_unprotect_buffer = buffer;
+ alts_reset_reader_output_buffer(
+ impl->reader, buffer + alts_get_output_bytes_read(impl->reader));
+ }
+}
+
+static tsi_result alts_unprotect(tsi_frame_protector* self,
+ const unsigned char* protected_frames_bytes,
+ size_t* protected_frames_bytes_size,
+ unsigned char* unprotected_bytes,
+ size_t* unprotected_bytes_size) {
+ if (self == nullptr || protected_frames_bytes == nullptr ||
+ protected_frames_bytes_size == nullptr || unprotected_bytes == nullptr ||
+ unprotected_bytes_size == nullptr) {
+ gpr_log(GPR_ERROR, "Invalid nullptr arguments to alts_unprotect().");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_frame_protector* impl = reinterpret_cast<alts_frame_protector*>(self);
+ /**
+ * If a new frame can start being processed, we reset the frame reader to
+ * point to in_place_unprotect_buffer that will be used to hold deframed
+ * result.
+ */
+ if (alts_is_frame_reader_done(impl->reader) &&
+ ((alts_get_output_buffer(impl->reader) == nullptr) ||
+ (alts_get_output_bytes_read(impl->reader) ==
+ impl->in_place_unprotect_bytes_processed + impl->overhead_length))) {
+ if (!alts_reset_frame_reader(impl->reader,
+ impl->in_place_unprotect_buffer)) {
+ gpr_log(GPR_ERROR, "Couldn't reset frame reader.");
+ return TSI_INTERNAL_ERROR;
+ }
+ impl->in_place_unprotect_bytes_processed = 0;
+ }
+ /**
+ * If a full frame has not yet been read, we read more bytes from
+ * protected_frames_bytes until a full frame has been read. We also need to
+ * make sure in_place_unprotect_buffer is large enough to hold a complete
+ * frame.
+ */
+ if (!alts_is_frame_reader_done(impl->reader)) {
+ ensure_buffer_size(impl);
+ *protected_frames_bytes_size =
+ GPR_MIN(impl->max_unprotected_frame_size -
+ alts_get_output_bytes_read(impl->reader),
+ *protected_frames_bytes_size);
+ size_t read_frames_bytes_size = *protected_frames_bytes_size;
+ if (!alts_read_frame_bytes(impl->reader, protected_frames_bytes,
+ &read_frames_bytes_size)) {
+ gpr_log(GPR_ERROR, "Failed to process frame.");
+ return TSI_INTERNAL_ERROR;
+ }
+ *protected_frames_bytes_size = read_frames_bytes_size;
+ } else {
+ *protected_frames_bytes_size = 0;
+ }
+ /**
+ * If a full frame has been read, we unseal it, and write out the
+ * deframed result to unprotected_bytes.
+ */
+ if (alts_is_frame_reader_done(impl->reader)) {
+ if (impl->in_place_unprotect_bytes_processed == 0) {
+ tsi_result result = unseal(impl);
+ if (result != TSI_OK) {
+ return result;
+ }
+ }
+ size_t bytes_to_write = GPR_MIN(
+ *unprotected_bytes_size, alts_get_output_bytes_read(impl->reader) -
+ impl->in_place_unprotect_bytes_processed -
+ impl->overhead_length);
+ if (bytes_to_write > 0) {
+ memcpy(unprotected_bytes,
+ impl->in_place_unprotect_buffer +
+ impl->in_place_unprotect_bytes_processed,
+ bytes_to_write);
+ }
+ *unprotected_bytes_size = bytes_to_write;
+ impl->in_place_unprotect_bytes_processed += bytes_to_write;
+ return TSI_OK;
+ } else {
+ *unprotected_bytes_size = 0;
+ return TSI_OK;
+ }
+}
+
+static void alts_destroy(tsi_frame_protector* self) {
+ alts_frame_protector* impl = reinterpret_cast<alts_frame_protector*>(self);
+ if (impl != nullptr) {
+ alts_crypter_destroy(impl->seal_crypter);
+ alts_crypter_destroy(impl->unseal_crypter);
+ gpr_free(impl->in_place_protect_buffer);
+ gpr_free(impl->in_place_unprotect_buffer);
+ alts_destroy_frame_writer(impl->writer);
+ alts_destroy_frame_reader(impl->reader);
+ gpr_free(impl);
+ }
+}
+
+static const tsi_frame_protector_vtable alts_frame_protector_vtable = {
+ alts_protect, alts_protect_flush, alts_unprotect, alts_destroy};
+
+static grpc_status_code create_alts_crypters(const uint8_t* key,
+ size_t key_size, bool is_client,
+ bool is_rekey,
+ alts_frame_protector* impl,
+ char** error_details) {
+ grpc_status_code status;
+ gsec_aead_crypter* aead_crypter_seal = nullptr;
+ gsec_aead_crypter* aead_crypter_unseal = nullptr;
+ status = gsec_aes_gcm_aead_crypter_create(key, key_size, kAesGcmNonceLength,
+ kAesGcmTagLength, is_rekey,
+ &aead_crypter_seal, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ status = gsec_aes_gcm_aead_crypter_create(
+ key, key_size, kAesGcmNonceLength, kAesGcmTagLength, is_rekey,
+ &aead_crypter_unseal, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ size_t overflow_size = is_rekey ? kAltsRecordProtocolRekeyFrameLimit
+ : kAltsRecordProtocolFrameLimit;
+ status = alts_seal_crypter_create(aead_crypter_seal, is_client, overflow_size,
+ &impl->seal_crypter, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ status =
+ alts_unseal_crypter_create(aead_crypter_unseal, is_client, overflow_size,
+ &impl->unseal_crypter, error_details);
+ return status;
+}
+
+tsi_result alts_create_frame_protector(const uint8_t* key, size_t key_size,
+ bool is_client, bool is_rekey,
+ size_t* max_protected_frame_size,
+ tsi_frame_protector** self) {
+ if (key == nullptr || self == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to alts_create_frame_protector().");
+ return TSI_INTERNAL_ERROR;
+ }
+ char* error_details = nullptr;
+ alts_frame_protector* impl =
+ static_cast<alts_frame_protector*>(gpr_zalloc(sizeof(*impl)));
+ grpc_status_code status = create_alts_crypters(
+ key, key_size, is_client, is_rekey, impl, &error_details);
+ if (status != GRPC_STATUS_OK) {
+ gpr_log(GPR_ERROR, "Failed to create ALTS crypters, %s.", error_details);
+ gpr_free(error_details);
+ return TSI_INTERNAL_ERROR;
+ }
+ /**
+ * Set maximum frame size to be used by a frame protector. If it is nullptr, a
+ * default frame size will be used. Otherwise, the provided frame size will be
+ * adjusted (if not falling into a valid frame range) and used.
+ */
+ size_t max_protected_frame_size_to_set = kDefaultFrameLength;
+ if (max_protected_frame_size != nullptr) {
+ *max_protected_frame_size =
+ GPR_MIN(*max_protected_frame_size, kMaxFrameLength);
+ *max_protected_frame_size =
+ GPR_MAX(*max_protected_frame_size, kMinFrameLength);
+ max_protected_frame_size_to_set = *max_protected_frame_size;
+ }
+ impl->max_protected_frame_size = max_protected_frame_size_to_set;
+ impl->max_unprotected_frame_size = max_protected_frame_size_to_set;
+ impl->in_place_protect_bytes_buffered = 0;
+ impl->in_place_unprotect_bytes_processed = 0;
+ impl->in_place_protect_buffer = static_cast<unsigned char*>(
+ gpr_malloc(sizeof(unsigned char) * max_protected_frame_size_to_set));
+ impl->in_place_unprotect_buffer = static_cast<unsigned char*>(
+ gpr_malloc(sizeof(unsigned char) * max_protected_frame_size_to_set));
+ impl->overhead_length = alts_crypter_num_overhead_bytes(impl->seal_crypter);
+ impl->writer = alts_create_frame_writer();
+ impl->reader = alts_create_frame_reader();
+ impl->base.vtable = &alts_frame_protector_vtable;
+ *self = &impl->base;
+ return TSI_OK;
+}
diff --git a/src/core/tsi/alts/frame_protector/alts_frame_protector.h b/src/core/tsi/alts/frame_protector/alts_frame_protector.h
new file mode 100644
index 0000000..321bffa
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/alts_frame_protector.h
@@ -0,0 +1,55 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_FRAME_PROTECTOR_H
+#define GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_FRAME_PROTECTOR_H
+
+#include <grpc/support/port_platform.h>
+
+#include <stdbool.h>
+
+#include "src/core/tsi/transport_security_interface.h"
+
+typedef struct alts_frame_protector alts_frame_protector;
+
+/**
+ * TODO: Add a parameter to the interface to support the use of
+ * different record protocols within a frame protector.
+ *
+ * This method creates a frame protector.
+ *
+ * - key: a symmetric key used to seal/unseal frames.
+ * - key_size: the size of symmetric key.
+ * - is_client: a flag indicating if the frame protector will be used at client
+ * (is_client = true) or server (is_client = false) side.
+ * - is_rekey: a flag indicating if the frame protector will use an AEAD with
+ * rekeying.
+ * - max_protected_frame_size: an in/out parameter indicating max frame size
+ * to be used by the frame protector. If it is nullptr, the default frame
+ * size will be used. Otherwise, the provided frame size will be adjusted (if
+ * not falling into a valid frame range) and used.
+ * - self: a pointer to the frame protector returned from the method.
+ *
+ * This method returns TSI_OK on success and TSI_INTERNAL_ERROR otherwise.
+ */
+tsi_result alts_create_frame_protector(const uint8_t* key, size_t key_size,
+ bool is_client, bool is_rekey,
+ size_t* max_protected_frame_size,
+ tsi_frame_protector** self);
+
+#endif /* GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_FRAME_PROTECTOR_H */
diff --git a/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc b/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc
new file mode 100644
index 0000000..0574ed5
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc
@@ -0,0 +1,114 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h"
+
+#include <grpc/support/alloc.h>
+
+static void maybe_copy_error_msg(const char* src, char** dst) {
+ if (dst != nullptr && src != nullptr) {
+ *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1));
+ memcpy(*dst, src, strlen(src) + 1);
+ }
+}
+
+grpc_status_code input_sanity_check(
+ const alts_record_protocol_crypter* rp_crypter, const unsigned char* data,
+ size_t* output_size, char** error_details) {
+ if (rp_crypter == nullptr) {
+ maybe_copy_error_msg("alts_crypter instance is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ } else if (data == nullptr) {
+ maybe_copy_error_msg("data is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ } else if (output_size == nullptr) {
+ maybe_copy_error_msg("output_size is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ return GRPC_STATUS_OK;
+}
+
+grpc_status_code increment_counter(alts_record_protocol_crypter* rp_crypter,
+ char** error_details) {
+ bool is_overflow = false;
+ grpc_status_code status =
+ alts_counter_increment(rp_crypter->ctr, &is_overflow, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ if (is_overflow) {
+ const char error_msg[] =
+ "crypter counter is wrapped. The connection"
+ "should be closed and the key should be deleted.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ return GRPC_STATUS_OK;
+}
+
+size_t alts_record_protocol_crypter_num_overhead_bytes(const alts_crypter* c) {
+ if (c != nullptr) {
+ size_t num_overhead_bytes = 0;
+ char* error_details = nullptr;
+ const alts_record_protocol_crypter* rp_crypter =
+ reinterpret_cast<const alts_record_protocol_crypter*>(c);
+ grpc_status_code status = gsec_aead_crypter_tag_length(
+ rp_crypter->crypter, &num_overhead_bytes, &error_details);
+ if (status == GRPC_STATUS_OK) {
+ return num_overhead_bytes;
+ }
+ }
+ return 0;
+}
+
+void alts_record_protocol_crypter_destruct(alts_crypter* c) {
+ if (c != nullptr) {
+ alts_record_protocol_crypter* rp_crypter =
+ reinterpret_cast<alts_record_protocol_crypter*>(c);
+ alts_counter_destroy(rp_crypter->ctr);
+ gsec_aead_crypter_destroy(rp_crypter->crypter);
+ }
+}
+
+alts_record_protocol_crypter* alts_crypter_create_common(
+ gsec_aead_crypter* crypter, bool is_client, size_t overflow_size,
+ char** error_details) {
+ if (crypter != nullptr) {
+ auto* rp_crypter = static_cast<alts_record_protocol_crypter*>(
+ gpr_malloc(sizeof(alts_record_protocol_crypter)));
+ size_t counter_size = 0;
+ grpc_status_code status =
+ gsec_aead_crypter_nonce_length(crypter, &counter_size, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return nullptr;
+ }
+ /* Create a counter. */
+ status = alts_counter_create(is_client, counter_size, overflow_size,
+ &rp_crypter->ctr, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return nullptr;
+ }
+ rp_crypter->crypter = crypter;
+ return rp_crypter;
+ }
+ const char error_msg[] = "crypter is nullptr.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return nullptr;
+}
diff --git a/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h b/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h
new file mode 100644
index 0000000..682a8f7
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h
@@ -0,0 +1,114 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_RECORD_PROTOCOL_CRYPTER_COMMON_H
+#define GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_RECORD_PROTOCOL_CRYPTER_COMMON_H
+
+#include <grpc/support/port_platform.h>
+
+#include <grpc/grpc.h>
+
+#include "src/core/tsi/alts/frame_protector/alts_counter.h"
+#include "src/core/tsi/alts/frame_protector/alts_crypter.h"
+
+/**
+ * This file contains common implementation that will be used in both seal and
+ * unseal operations.
+ */
+
+/**
+ * Main struct for alts_record_protocol_crypter that will be used in both
+ * seal and unseal operations.
+ */
+typedef struct alts_record_protocol_crypter {
+ alts_crypter base;
+ gsec_aead_crypter* crypter;
+ alts_counter* ctr;
+} alts_record_protocol_crypter;
+
+/**
+ * This method performs input sanity checks on a subset of inputs to
+ * alts_crypter_process_in_place() for both seal and unseal operations.
+ *
+ * - rp_crypter: an alts_record_protocol_crypter instance.
+ * - data: it represents raw data that needs to be sealed in a seal operation or
+ * protected data that needs to be unsealed in an unseal operation.
+ * - output_size: size of data written to the data buffer after a seal or
+ * unseal operation.
+ * - error_details: a buffer containing an error message if any of checked
+ * inputs is nullptr. It is legal to pass nullptr into error_details and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On success, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code input_sanity_check(
+ const alts_record_protocol_crypter* rp_crypter, const unsigned char* data,
+ size_t* output_size, char** error_details);
+
+/**
+ * This method increments the counter within an alts_record_protocol_crypter
+ * instance.
+ *
+ * - rp_crypter: an alts_record_protocol_crypter instance.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly or the counter is wrapped. It is legal to pass nullptr
+ * into error_details and otherwise, the parameter should be freed with
+ * gpr_free.
+ *
+ * On success, the method returns GRPC_STATUS_OK. Otherwise,
+ * it returns an error status code along with its details specified in
+ * error_details (if error_details is not nullptr).
+ */
+grpc_status_code increment_counter(alts_record_protocol_crypter* rp_crypter,
+ char** error_details);
+
+/**
+ * This method creates an alts_crypter instance, and populates the fields
+ * that are common to both seal and unseal operations.
+ *
+ * - crypter: a gsec_aead_crypter instance used to perform AEAD decryption. The
+ * function does not take ownership of crypter.
+ * - is_client: a flag indicating if the alts_crypter instance will be
+ * used at the client (is_client = true) or server (is_client =
+ * false) side.
+ * - overflow_size: overflow size of counter in bytes.
+ * - error_details: a buffer containing an error message if the method does
+ * not function correctly. It is legal to pass nullptr into error_details, and
+ * otherwise, the parameter should be freed with gpr_free.
+ *
+ * On success of creation, the method returns alts_record_protocol_crypter
+ * instance. Otherwise, it returns nullptr with its details specified in
+ * error_details (if error_details is not nullptr).
+ *
+ */
+alts_record_protocol_crypter* alts_crypter_create_common(
+ gsec_aead_crypter* crypter, bool is_client, size_t overflow_size,
+ char** error_details);
+
+/**
+ * For the following two methods, please refer to the corresponding API in
+ * alts_crypter.h for detailed specifications.
+ */
+size_t alts_record_protocol_crypter_num_overhead_bytes(const alts_crypter* c);
+
+void alts_record_protocol_crypter_destruct(alts_crypter* c);
+
+#endif /* GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_RECORD_PROTOCOL_CRYPTER_COMMON_H \
+ */
diff --git a/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc b/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc
new file mode 100644
index 0000000..f407831
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc
@@ -0,0 +1,105 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include <grpc/support/alloc.h>
+
+#include "src/core/tsi/alts/frame_protector/alts_counter.h"
+#include "src/core/tsi/alts/frame_protector/alts_crypter.h"
+#include "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h"
+
+static void maybe_copy_error_msg(const char* src, char** dst) {
+ if (dst != nullptr && src != nullptr) {
+ *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1));
+ memcpy(*dst, src, strlen(src) + 1);
+ }
+}
+
+/* Perform input santity check for a seal operation. */
+static grpc_status_code seal_check(alts_crypter* c, const unsigned char* data,
+ size_t data_allocated_size, size_t data_size,
+ size_t* output_size, char** error_details) {
+ /* Do common input sanity check. */
+ grpc_status_code status = input_sanity_check(
+ reinterpret_cast<const alts_record_protocol_crypter*>(c), data,
+ output_size, error_details);
+ if (status != GRPC_STATUS_OK) return status;
+ /* Do seal-specific check. */
+ size_t num_overhead_bytes =
+ alts_crypter_num_overhead_bytes(reinterpret_cast<const alts_crypter*>(c));
+ if (data_size == 0) {
+ const char error_msg[] = "data_size is zero.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (data_size + num_overhead_bytes > data_allocated_size) {
+ const char error_msg[] =
+ "data_allocated_size is smaller than sum of data_size and "
+ "num_overhead_bytes.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ return GRPC_STATUS_OK;
+}
+
+static grpc_status_code alts_seal_crypter_process_in_place(
+ alts_crypter* c, unsigned char* data, size_t data_allocated_size,
+ size_t data_size, size_t* output_size, char** error_details) {
+ grpc_status_code status = seal_check(c, data, data_allocated_size, data_size,
+ output_size, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ /* Do AEAD encryption. */
+ alts_record_protocol_crypter* rp_crypter =
+ reinterpret_cast<alts_record_protocol_crypter*>(c);
+ status = gsec_aead_crypter_encrypt(
+ rp_crypter->crypter, alts_counter_get_counter(rp_crypter->ctr),
+ alts_counter_get_size(rp_crypter->ctr), nullptr /* aad */,
+ 0 /* aad_length */, data, data_size, data, data_allocated_size,
+ output_size, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ /* Increment the crypter counter. */
+ return increment_counter(rp_crypter, error_details);
+}
+
+static const alts_crypter_vtable vtable = {
+ alts_record_protocol_crypter_num_overhead_bytes,
+ alts_seal_crypter_process_in_place, alts_record_protocol_crypter_destruct};
+
+grpc_status_code alts_seal_crypter_create(gsec_aead_crypter* gc, bool is_client,
+ size_t overflow_size,
+ alts_crypter** crypter,
+ char** error_details) {
+ if (crypter == nullptr) {
+ const char error_msg[] = "crypter is nullptr.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ alts_record_protocol_crypter* rp_crypter =
+ alts_crypter_create_common(gc, !is_client, overflow_size, error_details);
+ if (rp_crypter == nullptr) {
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ rp_crypter->base.vtable = &vtable;
+ *crypter = &rp_crypter->base;
+ return GRPC_STATUS_OK;
+}
diff --git a/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc b/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc
new file mode 100644
index 0000000..51bea24
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc
@@ -0,0 +1,103 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include <grpc/support/alloc.h>
+
+#include "src/core/tsi/alts/frame_protector/alts_counter.h"
+#include "src/core/tsi/alts/frame_protector/alts_crypter.h"
+#include "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h"
+
+static void maybe_copy_error_msg(const char* src, char** dst) {
+ if (dst != nullptr && src != nullptr) {
+ *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1));
+ memcpy(*dst, src, strlen(src) + 1);
+ }
+}
+
+/* Perform input santity check. */
+static grpc_status_code unseal_check(alts_crypter* c, const unsigned char* data,
+ size_t data_allocated_size,
+ size_t data_size, size_t* output_size,
+ char** error_details) {
+ /* Do common input sanity check. */
+ grpc_status_code status = input_sanity_check(
+ reinterpret_cast<const alts_record_protocol_crypter*>(c), data,
+ output_size, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ /* Do unseal-specific input check. */
+ size_t num_overhead_bytes =
+ alts_crypter_num_overhead_bytes(reinterpret_cast<const alts_crypter*>(c));
+ if (num_overhead_bytes > data_size) {
+ const char error_msg[] = "data_size is smaller than num_overhead_bytes.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ return GRPC_STATUS_OK;
+}
+
+static grpc_status_code alts_unseal_crypter_process_in_place(
+ alts_crypter* c, unsigned char* data, size_t data_allocated_size,
+ size_t data_size, size_t* output_size, char** error_details) {
+ grpc_status_code status = unseal_check(c, data, data_allocated_size,
+ data_size, output_size, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ /* Do AEAD decryption. */
+ alts_record_protocol_crypter* rp_crypter =
+ reinterpret_cast<alts_record_protocol_crypter*>(c);
+ status = gsec_aead_crypter_decrypt(
+ rp_crypter->crypter, alts_counter_get_counter(rp_crypter->ctr),
+ alts_counter_get_size(rp_crypter->ctr), nullptr /* aad */,
+ 0 /* aad_length */, data, data_size, data, data_allocated_size,
+ output_size, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ /* Increment the crypter counter. */
+ return increment_counter(rp_crypter, error_details);
+}
+
+static const alts_crypter_vtable vtable = {
+ alts_record_protocol_crypter_num_overhead_bytes,
+ alts_unseal_crypter_process_in_place,
+ alts_record_protocol_crypter_destruct};
+
+grpc_status_code alts_unseal_crypter_create(gsec_aead_crypter* gc,
+ bool is_client,
+ size_t overflow_size,
+ alts_crypter** crypter,
+ char** error_details) {
+ if (crypter == nullptr) {
+ const char error_msg[] = "crypter is nullptr.";
+ maybe_copy_error_msg(error_msg, error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ alts_record_protocol_crypter* rp_crypter =
+ alts_crypter_create_common(gc, is_client, overflow_size, error_details);
+ if (rp_crypter == nullptr) {
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ rp_crypter->base.vtable = &vtable;
+ *crypter = &rp_crypter->base;
+ return GRPC_STATUS_OK;
+}
diff --git a/src/core/tsi/alts/frame_protector/frame_handler.cc b/src/core/tsi/alts/frame_protector/frame_handler.cc
new file mode 100644
index 0000000..d3fda63
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/frame_handler.cc
@@ -0,0 +1,218 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/frame_protector/frame_handler.h"
+
+#include <limits.h>
+#include <stdint.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/gpr/useful.h"
+
+/* Use little endian to interpret a string of bytes as uint32_t. */
+static uint32_t load_32_le(const unsigned char* buffer) {
+ return (((uint32_t)buffer[3]) << 24) | (((uint32_t)buffer[2]) << 16) |
+ (((uint32_t)buffer[1]) << 8) | ((uint32_t)buffer[0]);
+}
+
+/* Store uint32_t as a string of little endian bytes. */
+static void store_32_le(uint32_t value, unsigned char* buffer) {
+ buffer[3] = (unsigned char)(value >> 24) & 0xFF;
+ buffer[2] = (unsigned char)(value >> 16) & 0xFF;
+ buffer[1] = (unsigned char)(value >> 8) & 0xFF;
+ buffer[0] = (unsigned char)(value)&0xFF;
+}
+
+/* Frame writer implementation. */
+alts_frame_writer* alts_create_frame_writer() {
+ alts_frame_writer* writer =
+ static_cast<alts_frame_writer*>(gpr_zalloc(sizeof(*writer)));
+ return writer;
+}
+
+bool alts_reset_frame_writer(alts_frame_writer* writer,
+ const unsigned char* buffer, size_t length) {
+ if (buffer == nullptr) return false;
+ size_t max_input_size = SIZE_MAX - kFrameLengthFieldSize;
+ if (length > max_input_size) {
+ gpr_log(GPR_ERROR, "length must be at most %zu", max_input_size);
+ return false;
+ }
+ writer->input_buffer = buffer;
+ writer->input_size = length;
+ writer->input_bytes_written = 0;
+ writer->header_bytes_written = 0;
+ store_32_le(
+ static_cast<uint32_t>(writer->input_size + kFrameMessageTypeFieldSize),
+ writer->header_buffer);
+ store_32_le(kFrameMessageType, writer->header_buffer + kFrameLengthFieldSize);
+ return true;
+}
+
+bool alts_write_frame_bytes(alts_frame_writer* writer, unsigned char* output,
+ size_t* bytes_size) {
+ if (bytes_size == nullptr || output == nullptr) return false;
+ if (alts_is_frame_writer_done(writer)) {
+ *bytes_size = 0;
+ return true;
+ }
+ size_t bytes_written = 0;
+ /* Write some header bytes, if needed. */
+ if (writer->header_bytes_written != sizeof(writer->header_buffer)) {
+ size_t bytes_to_write =
+ GPR_MIN(*bytes_size,
+ sizeof(writer->header_buffer) - writer->header_bytes_written);
+ memcpy(output, writer->header_buffer + writer->header_bytes_written,
+ bytes_to_write);
+ bytes_written += bytes_to_write;
+ *bytes_size -= bytes_to_write;
+ writer->header_bytes_written += bytes_to_write;
+ output += bytes_to_write;
+ if (writer->header_bytes_written != sizeof(writer->header_buffer)) {
+ *bytes_size = bytes_written;
+ return true;
+ }
+ }
+ /* Write some non-header bytes. */
+ size_t bytes_to_write =
+ GPR_MIN(writer->input_size - writer->input_bytes_written, *bytes_size);
+ memcpy(output, writer->input_buffer, bytes_to_write);
+ writer->input_buffer += bytes_to_write;
+ bytes_written += bytes_to_write;
+ writer->input_bytes_written += bytes_to_write;
+ *bytes_size = bytes_written;
+ return true;
+}
+
+bool alts_is_frame_writer_done(alts_frame_writer* writer) {
+ return writer->input_buffer == nullptr ||
+ writer->input_size == writer->input_bytes_written;
+}
+
+size_t alts_get_num_writer_bytes_remaining(alts_frame_writer* writer) {
+ return (sizeof(writer->header_buffer) - writer->header_bytes_written) +
+ (writer->input_size - writer->input_bytes_written);
+}
+
+void alts_destroy_frame_writer(alts_frame_writer* writer) { gpr_free(writer); }
+
+/* Frame reader implementation. */
+alts_frame_reader* alts_create_frame_reader() {
+ alts_frame_reader* reader =
+ static_cast<alts_frame_reader*>(gpr_zalloc(sizeof(*reader)));
+ return reader;
+}
+
+bool alts_is_frame_reader_done(alts_frame_reader* reader) {
+ return reader->output_buffer == nullptr ||
+ (reader->header_bytes_read == sizeof(reader->header_buffer) &&
+ reader->bytes_remaining == 0);
+}
+
+bool alts_has_read_frame_length(alts_frame_reader* reader) {
+ return sizeof(reader->header_buffer) == reader->header_bytes_read;
+}
+
+size_t alts_get_reader_bytes_remaining(alts_frame_reader* reader) {
+ return alts_has_read_frame_length(reader) ? reader->bytes_remaining : 0;
+}
+
+void alts_reset_reader_output_buffer(alts_frame_reader* reader,
+ unsigned char* buffer) {
+ reader->output_buffer = buffer;
+}
+
+bool alts_reset_frame_reader(alts_frame_reader* reader, unsigned char* buffer) {
+ if (buffer == nullptr) return false;
+ reader->output_buffer = buffer;
+ reader->bytes_remaining = 0;
+ reader->header_bytes_read = 0;
+ reader->output_bytes_read = 0;
+ return true;
+}
+
+bool alts_read_frame_bytes(alts_frame_reader* reader,
+ const unsigned char* bytes, size_t* bytes_size) {
+ if (bytes_size == nullptr) return false;
+ if (bytes == nullptr) {
+ *bytes_size = 0;
+ return false;
+ }
+ if (alts_is_frame_reader_done(reader)) {
+ *bytes_size = 0;
+ return true;
+ }
+ size_t bytes_processed = 0;
+ /* Process the header, if needed. */
+ if (reader->header_bytes_read != sizeof(reader->header_buffer)) {
+ size_t bytes_to_write = GPR_MIN(
+ *bytes_size, sizeof(reader->header_buffer) - reader->header_bytes_read);
+ memcpy(reader->header_buffer + reader->header_bytes_read, bytes,
+ bytes_to_write);
+ reader->header_bytes_read += bytes_to_write;
+ bytes_processed += bytes_to_write;
+ bytes += bytes_to_write;
+ *bytes_size -= bytes_to_write;
+ if (reader->header_bytes_read != sizeof(reader->header_buffer)) {
+ *bytes_size = bytes_processed;
+ return true;
+ }
+ size_t frame_length = load_32_le(reader->header_buffer);
+ if (frame_length < kFrameMessageTypeFieldSize ||
+ frame_length > kFrameMaxSize) {
+ gpr_log(GPR_ERROR,
+ "Bad frame length (should be at least %zu, and at most %zu)",
+ kFrameMessageTypeFieldSize, kFrameMaxSize);
+ *bytes_size = 0;
+ return false;
+ }
+ size_t message_type =
+ load_32_le(reader->header_buffer + kFrameLengthFieldSize);
+ if (message_type != kFrameMessageType) {
+ gpr_log(GPR_ERROR, "Unsupported message type %zu (should be %zu)",
+ message_type, kFrameMessageType);
+ *bytes_size = 0;
+ return false;
+ }
+ reader->bytes_remaining = frame_length - kFrameMessageTypeFieldSize;
+ }
+ /* Process the non-header bytes. */
+ size_t bytes_to_write = GPR_MIN(*bytes_size, reader->bytes_remaining);
+ memcpy(reader->output_buffer, bytes, bytes_to_write);
+ reader->output_buffer += bytes_to_write;
+ bytes_processed += bytes_to_write;
+ reader->bytes_remaining -= bytes_to_write;
+ reader->output_bytes_read += bytes_to_write;
+ *bytes_size = bytes_processed;
+ return true;
+}
+
+size_t alts_get_output_bytes_read(alts_frame_reader* reader) {
+ return reader->output_bytes_read;
+}
+
+unsigned char* alts_get_output_buffer(alts_frame_reader* reader) {
+ return reader->output_buffer;
+}
+
+void alts_destroy_frame_reader(alts_frame_reader* reader) { gpr_free(reader); }
diff --git a/src/core/tsi/alts/frame_protector/frame_handler.h b/src/core/tsi/alts/frame_protector/frame_handler.h
new file mode 100644
index 0000000..a703ff4
--- /dev/null
+++ b/src/core/tsi/alts/frame_protector/frame_handler.h
@@ -0,0 +1,236 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_FRAME_HANDLER_H
+#define GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_FRAME_HANDLER_H
+
+#include <grpc/support/port_platform.h>
+
+#include <stdbool.h>
+#include <stdlib.h>
+
+const size_t kFrameMessageType = 0x06;
+const size_t kFrameLengthFieldSize = 4;
+const size_t kFrameMessageTypeFieldSize = 4;
+const size_t kFrameMaxSize = 1024 * 1024;
+const size_t kFrameHeaderSize =
+ kFrameLengthFieldSize + kFrameMessageTypeFieldSize;
+
+/**
+ * Implementation of frame reader and frame writer. All APIs in the
+ * header are thread-compatible.
+ */
+
+/**
+ * Main struct for a frame writer. It reads frames from an input buffer, and
+ * writes the contents as raw bytes. It does not own the input buffer.
+ */
+typedef struct alts_frame_writer {
+ const unsigned char* input_buffer;
+ unsigned char header_buffer[kFrameHeaderSize];
+ size_t input_bytes_written;
+ size_t header_bytes_written;
+ size_t input_size;
+} alts_frame_writer;
+
+/**
+ * Main struct for a frame reader. It reads raw bytes and puts the framed
+ * result into an output buffer. It does not own the output buffer.
+ */
+typedef struct alts_frame_reader {
+ unsigned char* output_buffer;
+ unsigned char header_buffer[kFrameHeaderSize];
+ size_t header_bytes_read;
+ size_t output_bytes_read;
+ size_t bytes_remaining;
+} alts_frame_reader;
+
+/**
+ * This method creates a frame writer instance and initializes its internal
+ * states.
+ */
+alts_frame_writer* alts_create_frame_writer();
+
+/**
+ * This method resets internal states of a frame writer and prepares to write
+ * a single frame. It does not take ownership of payload_buffer.
+ * The payload_buffer must outlive the writer.
+ *
+ * - writer: a frame writer instance.
+ * - buffer: a buffer storing full payload data to be framed.
+ * - length: size of payload data.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool alts_reset_frame_writer(alts_frame_writer* writer,
+ const unsigned char* buffer, size_t length);
+
+/**
+ * This method writes up to bytes_size bytes of a frame to output.
+ *
+ * - writer: a frame writer instance.
+ * - output: an output buffer used to store the frame.
+ * - bytes_size: an in/out parameter that stores the size of output buffer
+ * before the call, and gets written the number of frame bytes written to the
+ * buffer.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool alts_write_frame_bytes(alts_frame_writer* writer, unsigned char* output,
+ size_t* bytes_size);
+
+/**
+ * This method checks if a reset can be called to write a new frame. It returns
+ * true if it's the first time to frame a payload, or the current frame has
+ * been finished processing. It returns false if it's not ready yet to start a
+ * new frame (e.g., more payload data needs to be accumulated to process the
+ * current frame).
+ *
+ * if (alts_is_frame_writer_done(writer)) {
+ * // a new frame can be written, call reset.
+ * alts_reset_frame_writer(writer, payload_buffer, payload_size);
+ * } else {
+ * // accumulate more payload data until a full frame can be written.
+ * }
+ *
+ * - writer: a frame writer instance.
+ */
+bool alts_is_frame_writer_done(alts_frame_writer* writer);
+
+/**
+ * This method returns the number of bytes left to write before a complete frame
+ * is formed.
+ *
+ * - writer: a frame writer instance.
+ */
+size_t alts_get_num_writer_bytes_remaining(alts_frame_writer* writer);
+
+/**
+ * This method destroys a frame writer instance.
+ *
+ * - writer: a frame writer instance.
+ */
+void alts_destroy_frame_writer(alts_frame_writer* writer);
+
+/**
+ * This method creates a frame reader instance and initializes its internal
+ * states.
+ */
+alts_frame_reader* alts_create_frame_reader();
+
+/**
+ * This method resets internal states of a frame reader (including setting its
+ * output_buffer with buffer), and prepares to write processed bytes to
+ * an output_buffer. It does not take ownership of buffer. The buffer must
+ * outlive reader.
+ *
+ * - reader: a frame reader instance.
+ * - buffer: an output buffer used to store deframed results.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool alts_reset_frame_reader(alts_frame_reader* reader, unsigned char* buffer);
+
+/**
+ * This method processes up to the number of bytes given in bytes_size. It may
+ * choose not to process all the bytes, if, for instance, more bytes are
+ * given to the method than required to complete the current frame.
+ *
+ * - reader: a frame reader instance.
+ * - bytes: a buffer that stores data to be processed.
+ * - bytes_size: an in/out parameter that stores the size of bytes before the
+ * call and gets written the number of bytes processed.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool alts_read_frame_bytes(alts_frame_reader* reader,
+ const unsigned char* bytes, size_t* bytes_size);
+
+/**
+ * This method checks if a frame length has been read.
+ *
+ * - reader: a frame reader instance.
+ *
+ * The method returns true if a frame length has been read and false otherwise.
+ */
+bool alts_has_read_frame_length(alts_frame_reader* reader);
+
+/**
+ * This method returns the number of bytes the frame reader intends to write.
+ * It may only be called if alts_has_read_frame_length() returns true.
+ *
+ * - reader: a frame reader instance.
+ */
+size_t alts_get_reader_bytes_remaining(alts_frame_reader* reader);
+
+/**
+ * This method resets output_buffer but does not otherwise modify other internal
+ * states of a frame reader instance. After being set, the new output_buffer
+ * will hold the deframed payload held by the original output_buffer. It does
+ * not take ownership of buffer. The buffer must outlive the reader.
+ * To distinguish between two reset methods on a frame reader,
+ *
+ * if (alts_fh_is_frame_reader_done(reader)) {
+ * // if buffer contains a full payload to be deframed, call reset.
+ * alts_reset_frame_reader(reader, buffer);
+ * }
+ *
+ * // if remaining buffer space is not enough to hold a full payload
+ * if (buffer_space_remaining < alts_get_reader_bytes_remaining(reader)) {
+ * // allocate enough space for a new buffer, copy back data processed so far,
+ * // and call reset.
+ * alts_reset_reader_output_buffer(reader, new_buffer).
+ * }
+ *
+ * - reader: a frame reader instance.
+ * - buffer: a buffer used to set reader's output_buffer.
+ */
+void alts_reset_reader_output_buffer(alts_frame_reader* reader,
+ unsigned char* buffer);
+
+/**
+ * This method checks if reset can be called to start processing a new frame.
+ * If true and reset was previously called, a full frame has been processed and
+ * the content of the frame is available in output_buffer.
+
+ * - reader: a frame reader instance.
+ */
+bool alts_is_frame_reader_done(alts_frame_reader* reader);
+
+/**
+ * This method returns output_bytes_read of a frame reader instance.
+ *
+ * - reader: a frame reader instance.
+ */
+size_t alts_get_output_bytes_read(alts_frame_reader* reader);
+
+/**
+ * This method returns output_buffer of a frame reader instance.
+ *
+ * - reader: a frame reader instance.
+ */
+unsigned char* alts_get_output_buffer(alts_frame_reader* reader);
+
+/**
+ * This method destroys a frame reader instance.
+ *
+ * - reader: a frame reader instance.
+ */
+void alts_destroy_frame_reader(alts_frame_reader* reader);
+
+#endif /* GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_FRAME_HANDLER_H */
diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_client.cc b/src/core/tsi/alts/handshaker/alts_handshaker_client.cc
new file mode 100644
index 0000000..40f30e4
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_handshaker_client.cc
@@ -0,0 +1,316 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h"
+
+#include <grpc/byte_buffer.h>
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h"
+
+const int kHandshakerClientOpNum = 4;
+
+typedef struct alts_grpc_handshaker_client {
+ alts_handshaker_client base;
+ grpc_call* call;
+ alts_grpc_caller grpc_caller;
+} alts_grpc_handshaker_client;
+
+static grpc_call_error grpc_start_batch(grpc_call* call, const grpc_op* ops,
+ size_t nops, void* tag) {
+ return grpc_call_start_batch(call, ops, nops, tag, nullptr);
+}
+
+/**
+ * Populate grpc operation data with the fields of ALTS TSI event and make a
+ * grpc call.
+ */
+static tsi_result make_grpc_call(alts_handshaker_client* client,
+ alts_tsi_event* event, bool is_start) {
+ GPR_ASSERT(client != nullptr && event != nullptr);
+ alts_grpc_handshaker_client* grpc_client =
+ reinterpret_cast<alts_grpc_handshaker_client*>(client);
+ grpc_op ops[kHandshakerClientOpNum];
+ memset(ops, 0, sizeof(ops));
+ grpc_op* op = ops;
+ if (is_start) {
+ op->op = GRPC_OP_SEND_INITIAL_METADATA;
+ op->data.send_initial_metadata.count = 0;
+ op++;
+ GPR_ASSERT(op - ops <= kHandshakerClientOpNum);
+ op->op = GRPC_OP_RECV_INITIAL_METADATA;
+ op->data.recv_initial_metadata.recv_initial_metadata =
+ &event->initial_metadata;
+ op++;
+ GPR_ASSERT(op - ops <= kHandshakerClientOpNum);
+ }
+ op->op = GRPC_OP_SEND_MESSAGE;
+ op->data.send_message.send_message = event->send_buffer;
+ op++;
+ GPR_ASSERT(op - ops <= kHandshakerClientOpNum);
+ op->op = GRPC_OP_RECV_MESSAGE;
+ op->data.recv_message.recv_message = &event->recv_buffer;
+ op++;
+ GPR_ASSERT(op - ops <= kHandshakerClientOpNum);
+ GPR_ASSERT(grpc_client->grpc_caller != nullptr);
+ if (grpc_client->grpc_caller(grpc_client->call, ops,
+ static_cast<size_t>(op - ops),
+ (void*)event) != GRPC_CALL_OK) {
+ gpr_log(GPR_ERROR, "Start batch operation failed");
+ return TSI_INTERNAL_ERROR;
+ }
+ return TSI_OK;
+}
+
+/* Create and populate a client_start handshaker request, then serialize it. */
+static grpc_byte_buffer* get_serialized_start_client(alts_tsi_event* event) {
+ bool ok = true;
+ grpc_gcp_handshaker_req* req =
+ grpc_gcp_handshaker_req_create(CLIENT_START_REQ);
+ ok &= grpc_gcp_handshaker_req_set_handshake_protocol(
+ req, grpc_gcp_HandshakeProtocol_ALTS);
+ ok &= grpc_gcp_handshaker_req_add_application_protocol(
+ req, ALTS_APPLICATION_PROTOCOL);
+ ok &= grpc_gcp_handshaker_req_add_record_protocol(req, ALTS_RECORD_PROTOCOL);
+ grpc_gcp_rpc_protocol_versions* versions = &event->options->rpc_versions;
+ ok &= grpc_gcp_handshaker_req_set_rpc_versions(
+ req, versions->max_rpc_version.major, versions->max_rpc_version.minor,
+ versions->min_rpc_version.major, versions->min_rpc_version.minor);
+ char* target_name = grpc_slice_to_c_string(event->target_name);
+ ok &= grpc_gcp_handshaker_req_set_target_name(req, target_name);
+ target_service_account* ptr =
+ (reinterpret_cast<grpc_alts_credentials_client_options*>(event->options))
+ ->target_account_list_head;
+ while (ptr != nullptr) {
+ grpc_gcp_handshaker_req_add_target_identity_service_account(req, ptr->data);
+ ptr = ptr->next;
+ }
+ grpc_slice slice;
+ ok &= grpc_gcp_handshaker_req_encode(req, &slice);
+ grpc_byte_buffer* buffer = nullptr;
+ if (ok) {
+ buffer = grpc_raw_byte_buffer_create(&slice, 1 /* number of slices */);
+ }
+ grpc_slice_unref(slice);
+ gpr_free(target_name);
+ grpc_gcp_handshaker_req_destroy(req);
+ return buffer;
+}
+
+static tsi_result handshaker_client_start_client(alts_handshaker_client* client,
+ alts_tsi_event* event) {
+ if (client == nullptr || event == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to alts_grpc_handshaker_client_start_client()");
+ return TSI_INVALID_ARGUMENT;
+ }
+ grpc_byte_buffer* buffer = get_serialized_start_client(event);
+ if (buffer == nullptr) {
+ gpr_log(GPR_ERROR, "get_serialized_start_client() failed");
+ return TSI_INTERNAL_ERROR;
+ }
+ event->send_buffer = buffer;
+ tsi_result result = make_grpc_call(client, event, true /* is_start */);
+ if (result != TSI_OK) {
+ gpr_log(GPR_ERROR, "make_grpc_call() failed");
+ }
+ return result;
+}
+
+/* Create and populate a start_server handshaker request, then serialize it. */
+static grpc_byte_buffer* get_serialized_start_server(
+ alts_tsi_event* event, grpc_slice* bytes_received) {
+ GPR_ASSERT(bytes_received != nullptr);
+ grpc_gcp_handshaker_req* req =
+ grpc_gcp_handshaker_req_create(SERVER_START_REQ);
+ bool ok = grpc_gcp_handshaker_req_add_application_protocol(
+ req, ALTS_APPLICATION_PROTOCOL);
+ ok &= grpc_gcp_handshaker_req_param_add_record_protocol(
+ req, grpc_gcp_HandshakeProtocol_ALTS, ALTS_RECORD_PROTOCOL);
+ ok &= grpc_gcp_handshaker_req_set_in_bytes(
+ req, reinterpret_cast<const char*> GRPC_SLICE_START_PTR(*bytes_received),
+ GRPC_SLICE_LENGTH(*bytes_received));
+ grpc_gcp_rpc_protocol_versions* versions = &event->options->rpc_versions;
+ ok &= grpc_gcp_handshaker_req_set_rpc_versions(
+ req, versions->max_rpc_version.major, versions->max_rpc_version.minor,
+ versions->min_rpc_version.major, versions->min_rpc_version.minor);
+ grpc_slice req_slice;
+ ok &= grpc_gcp_handshaker_req_encode(req, &req_slice);
+ grpc_byte_buffer* buffer = nullptr;
+ if (ok) {
+ buffer = grpc_raw_byte_buffer_create(&req_slice, 1 /* number of slices */);
+ }
+ grpc_slice_unref(req_slice);
+ grpc_gcp_handshaker_req_destroy(req);
+ return buffer;
+}
+
+static tsi_result handshaker_client_start_server(alts_handshaker_client* client,
+ alts_tsi_event* event,
+ grpc_slice* bytes_received) {
+ if (client == nullptr || event == nullptr || bytes_received == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to alts_grpc_handshaker_client_start_server()");
+ return TSI_INVALID_ARGUMENT;
+ }
+ grpc_byte_buffer* buffer = get_serialized_start_server(event, bytes_received);
+ if (buffer == nullptr) {
+ gpr_log(GPR_ERROR, "get_serialized_start_server() failed");
+ return TSI_INTERNAL_ERROR;
+ }
+ event->send_buffer = buffer;
+ tsi_result result = make_grpc_call(client, event, true /* is_start */);
+ if (result != TSI_OK) {
+ gpr_log(GPR_ERROR, "make_grpc_call() failed");
+ }
+ return result;
+}
+
+/* Create and populate a next handshaker request, then serialize it. */
+static grpc_byte_buffer* get_serialized_next(grpc_slice* bytes_received) {
+ GPR_ASSERT(bytes_received != nullptr);
+ grpc_gcp_handshaker_req* req = grpc_gcp_handshaker_req_create(NEXT_REQ);
+ bool ok = grpc_gcp_handshaker_req_set_in_bytes(
+ req, reinterpret_cast<const char*> GRPC_SLICE_START_PTR(*bytes_received),
+ GRPC_SLICE_LENGTH(*bytes_received));
+ grpc_slice req_slice;
+ ok &= grpc_gcp_handshaker_req_encode(req, &req_slice);
+ grpc_byte_buffer* buffer = nullptr;
+ if (ok) {
+ buffer = grpc_raw_byte_buffer_create(&req_slice, 1 /* number of slices */);
+ }
+ grpc_slice_unref(req_slice);
+ grpc_gcp_handshaker_req_destroy(req);
+ return buffer;
+}
+
+static tsi_result handshaker_client_next(alts_handshaker_client* client,
+ alts_tsi_event* event,
+ grpc_slice* bytes_received) {
+ if (client == nullptr || event == nullptr || bytes_received == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to alts_grpc_handshaker_client_next()");
+ return TSI_INVALID_ARGUMENT;
+ }
+ grpc_byte_buffer* buffer = get_serialized_next(bytes_received);
+ if (buffer == nullptr) {
+ gpr_log(GPR_ERROR, "get_serialized_next() failed");
+ return TSI_INTERNAL_ERROR;
+ }
+ event->send_buffer = buffer;
+ tsi_result result = make_grpc_call(client, event, false /* is_start */);
+ if (result != TSI_OK) {
+ gpr_log(GPR_ERROR, "make_grpc_call() failed");
+ }
+ return result;
+}
+
+static void handshaker_client_destruct(alts_handshaker_client* client) {
+ if (client == nullptr) {
+ return;
+ }
+ alts_grpc_handshaker_client* grpc_client =
+ reinterpret_cast<alts_grpc_handshaker_client*>(client);
+ grpc_call_unref(grpc_client->call);
+}
+
+static const alts_handshaker_client_vtable vtable = {
+ handshaker_client_start_client, handshaker_client_start_server,
+ handshaker_client_next, handshaker_client_destruct};
+
+alts_handshaker_client* alts_grpc_handshaker_client_create(
+ grpc_channel* channel, grpc_completion_queue* queue,
+ const char* handshaker_service_url) {
+ if (channel == nullptr || queue == nullptr ||
+ handshaker_service_url == nullptr) {
+ gpr_log(GPR_ERROR, "Invalid arguments to alts_handshaker_client_create()");
+ return nullptr;
+ }
+ alts_grpc_handshaker_client* client =
+ static_cast<alts_grpc_handshaker_client*>(gpr_zalloc(sizeof(*client)));
+ client->grpc_caller = grpc_start_batch;
+ grpc_slice slice = grpc_slice_from_copied_string(handshaker_service_url);
+ client->call = grpc_channel_create_call(
+ channel, nullptr, GRPC_PROPAGATE_DEFAULTS, queue,
+ grpc_slice_from_static_string(ALTS_SERVICE_METHOD), &slice,
+ gpr_inf_future(GPR_CLOCK_REALTIME), nullptr);
+ client->base.vtable = &vtable;
+ grpc_slice_unref(slice);
+ return &client->base;
+}
+
+namespace grpc_core {
+namespace internal {
+
+void alts_handshaker_client_set_grpc_caller_for_testing(
+ alts_handshaker_client* client, alts_grpc_caller caller) {
+ GPR_ASSERT(client != nullptr && caller != nullptr);
+ alts_grpc_handshaker_client* grpc_client =
+ reinterpret_cast<alts_grpc_handshaker_client*>(client);
+ grpc_client->grpc_caller = caller;
+}
+
+} // namespace internal
+} // namespace grpc_core
+
+tsi_result alts_handshaker_client_start_client(alts_handshaker_client* client,
+ alts_tsi_event* event) {
+ if (client != nullptr && client->vtable != nullptr &&
+ client->vtable->client_start != nullptr) {
+ return client->vtable->client_start(client, event);
+ }
+ gpr_log(GPR_ERROR,
+ "client or client->vtable has not been initialized properly");
+ return TSI_INVALID_ARGUMENT;
+}
+
+tsi_result alts_handshaker_client_start_server(alts_handshaker_client* client,
+ alts_tsi_event* event,
+ grpc_slice* bytes_received) {
+ if (client != nullptr && client->vtable != nullptr &&
+ client->vtable->server_start != nullptr) {
+ return client->vtable->server_start(client, event, bytes_received);
+ }
+ gpr_log(GPR_ERROR,
+ "client or client->vtable has not been initialized properly");
+ return TSI_INVALID_ARGUMENT;
+}
+
+tsi_result alts_handshaker_client_next(alts_handshaker_client* client,
+ alts_tsi_event* event,
+ grpc_slice* bytes_received) {
+ if (client != nullptr && client->vtable != nullptr &&
+ client->vtable->next != nullptr) {
+ return client->vtable->next(client, event, bytes_received);
+ }
+ gpr_log(GPR_ERROR,
+ "client or client->vtable has not been initialized properly");
+ return TSI_INVALID_ARGUMENT;
+}
+
+void alts_handshaker_client_destroy(alts_handshaker_client* client) {
+ if (client != nullptr) {
+ if (client->vtable != nullptr && client->vtable->destruct != nullptr) {
+ client->vtable->destruct(client);
+ }
+ gpr_free(client);
+ }
+}
diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_client.h b/src/core/tsi/alts/handshaker/alts_handshaker_client.h
new file mode 100644
index 0000000..fb2d2cf
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_handshaker_client.h
@@ -0,0 +1,137 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_CLIENT_H
+#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_CLIENT_H
+
+#include <grpc/support/port_platform.h>
+
+#include <grpc/grpc.h>
+
+#include "src/core/tsi/alts/handshaker/alts_tsi_event.h"
+
+#define ALTS_SERVICE_METHOD "/grpc.gcp.HandshakerService/DoHandshake"
+#define ALTS_APPLICATION_PROTOCOL "grpc"
+#define ALTS_RECORD_PROTOCOL "ALTSRP_GCM_AES128_REKEY"
+
+const size_t kAltsAes128GcmRekeyKeyLength = 44;
+
+/**
+ * A ALTS handshaker client interface. It is used to communicate with
+ * ALTS handshaker service by scheduling a handshaker request that could be one
+ * of client_start, server_start, and next handshaker requests. All APIs in the
+ * header are thread-compatible.
+ */
+typedef struct alts_handshaker_client alts_handshaker_client;
+
+/* A function that makes the grpc call to the handshaker service. */
+typedef grpc_call_error (*alts_grpc_caller)(grpc_call* call, const grpc_op* ops,
+ size_t nops, void* tag);
+
+/* V-table for ALTS handshaker client operations. */
+typedef struct alts_handshaker_client_vtable {
+ tsi_result (*client_start)(alts_handshaker_client* client,
+ alts_tsi_event* event);
+ tsi_result (*server_start)(alts_handshaker_client* client,
+ alts_tsi_event* event, grpc_slice* bytes_received);
+ tsi_result (*next)(alts_handshaker_client* client, alts_tsi_event* event,
+ grpc_slice* bytes_received);
+ void (*destruct)(alts_handshaker_client* client);
+} alts_handshaker_client_vtable;
+
+struct alts_handshaker_client {
+ const alts_handshaker_client_vtable* vtable;
+};
+
+/**
+ * This method schedules a client_start handshaker request to ALTS handshaker
+ * service.
+ *
+ * - client: ALTS handshaker client instance.
+ * - event: ALTS TSI event instance.
+ *
+ * It returns TSI_OK on success and an error status code on failure.
+ */
+tsi_result alts_handshaker_client_start_client(alts_handshaker_client* client,
+ alts_tsi_event* event);
+
+/**
+ * This method schedules a server_start handshaker request to ALTS handshaker
+ * service.
+ *
+ * - client: ALTS handshaker client instance.
+ * - event: ALTS TSI event instance.
+ * - bytes_received: bytes in out_frames returned from the peer's handshaker
+ * response.
+ *
+ * It returns TSI_OK on success and an error status code on failure.
+ */
+tsi_result alts_handshaker_client_start_server(alts_handshaker_client* client,
+ alts_tsi_event* event,
+ grpc_slice* bytes_received);
+
+/**
+ * This method schedules a next handshaker request to ALTS handshaker service.
+ *
+ * - client: ALTS handshaker client instance.
+ * - event: ALTS TSI event instance.
+ * - bytes_received: bytes in out_frames returned from the peer's handshaker
+ * response.
+ *
+ * It returns TSI_OK on success and an error status code on failure.
+ */
+tsi_result alts_handshaker_client_next(alts_handshaker_client* client,
+ alts_tsi_event* event,
+ grpc_slice* bytes_received);
+
+/**
+ * This method destroys a ALTS handshaker client.
+ *
+ * - client: a ALTS handshaker client instance.
+ */
+void alts_handshaker_client_destroy(alts_handshaker_client* client);
+
+/**
+ * This method creates a ALTS handshaker client.
+ *
+ * - channel: grpc channel to ALTS handshaker service.
+ * - queue: grpc completion queue.
+ * - handshaker_service_url: address of ALTS handshaker service in the format of
+ * "host:port".
+ *
+ * It returns the created ALTS handshaker client on success, and NULL on
+ * failure.
+ */
+alts_handshaker_client* alts_grpc_handshaker_client_create(
+ grpc_channel* channel, grpc_completion_queue* queue,
+ const char* handshaker_service_url);
+
+namespace grpc_core {
+namespace internal {
+
+/**
+ * Unsafe, use for testing only. It allows the caller to change the way that
+ * GRPC calls are made to the handshaker service.
+ */
+void alts_handshaker_client_set_grpc_caller_for_testing(
+ alts_handshaker_client* client, alts_grpc_caller caller);
+
+} // namespace internal
+} // namespace grpc_core
+
+#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_CLIENT_H */
diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc b/src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc
new file mode 100644
index 0000000..256e414
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc
@@ -0,0 +1,520 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "src/core/tsi/alts/handshaker/transport_security_common_api.h"
+
+/* HandshakerReq */
+grpc_gcp_handshaker_req* grpc_gcp_handshaker_req_create(
+ grpc_gcp_handshaker_req_type type) {
+ grpc_gcp_handshaker_req* req =
+ static_cast<grpc_gcp_handshaker_req*>(gpr_zalloc(sizeof(*req)));
+ switch (type) {
+ case CLIENT_START_REQ:
+ req->has_client_start = true;
+ break;
+ case SERVER_START_REQ:
+ req->has_server_start = true;
+ break;
+ case NEXT_REQ:
+ req->has_next = true;
+ break;
+ }
+ return req;
+}
+
+void grpc_gcp_handshaker_req_destroy(grpc_gcp_handshaker_req* req) {
+ if (req == nullptr) {
+ return;
+ }
+ if (req->has_client_start) {
+ /* Destroy client_start request. */
+ destroy_repeated_field_list_identity(
+ static_cast<repeated_field*>(req->client_start.target_identities.arg));
+ destroy_repeated_field_list_string(static_cast<repeated_field*>(
+ req->client_start.application_protocols.arg));
+ destroy_repeated_field_list_string(
+ static_cast<repeated_field*>(req->client_start.record_protocols.arg));
+ if (req->client_start.has_local_identity) {
+ destroy_slice(static_cast<grpc_slice*>(
+ req->client_start.local_identity.hostname.arg));
+ destroy_slice(static_cast<grpc_slice*>(
+ req->client_start.local_identity.service_account.arg));
+ }
+ if (req->client_start.has_local_endpoint) {
+ destroy_slice(static_cast<grpc_slice*>(
+ req->client_start.local_endpoint.ip_address.arg));
+ }
+ if (req->client_start.has_remote_endpoint) {
+ destroy_slice(static_cast<grpc_slice*>(
+ req->client_start.remote_endpoint.ip_address.arg));
+ }
+ destroy_slice(static_cast<grpc_slice*>(req->client_start.target_name.arg));
+ } else if (req->has_server_start) {
+ /* Destroy server_start request. */
+ size_t i = 0;
+ for (i = 0; i < req->server_start.handshake_parameters_count; i++) {
+ destroy_repeated_field_list_identity(
+ static_cast<repeated_field*>(req->server_start.handshake_parameters[i]
+ .value.local_identities.arg));
+ destroy_repeated_field_list_string(
+ static_cast<repeated_field*>(req->server_start.handshake_parameters[i]
+ .value.record_protocols.arg));
+ }
+ destroy_repeated_field_list_string(static_cast<repeated_field*>(
+ req->server_start.application_protocols.arg));
+ if (req->server_start.has_local_endpoint) {
+ destroy_slice(static_cast<grpc_slice*>(
+ req->server_start.local_endpoint.ip_address.arg));
+ }
+ if (req->server_start.has_remote_endpoint) {
+ destroy_slice(static_cast<grpc_slice*>(
+ req->server_start.remote_endpoint.ip_address.arg));
+ }
+ destroy_slice(static_cast<grpc_slice*>(req->server_start.in_bytes.arg));
+ } else {
+ /* Destroy next request. */
+ destroy_slice(static_cast<grpc_slice*>(req->next.in_bytes.arg));
+ }
+ gpr_free(req);
+}
+
+bool grpc_gcp_handshaker_req_set_handshake_protocol(
+ grpc_gcp_handshaker_req* req,
+ grpc_gcp_handshake_protocol handshake_protocol) {
+ if (req == nullptr || !req->has_client_start) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_handshaker_req_set_handshake_protocol().");
+ return false;
+ }
+ req->client_start.has_handshake_security_protocol = true;
+ req->client_start.handshake_security_protocol = handshake_protocol;
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_set_target_name(grpc_gcp_handshaker_req* req,
+ const char* target_name) {
+ if (req == nullptr || target_name == nullptr || !req->has_client_start) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_handshaker_req_set_target_name().");
+ return false;
+ }
+ grpc_slice* slice = create_slice(target_name, strlen(target_name));
+ req->client_start.target_name.arg = slice;
+ req->client_start.target_name.funcs.encode = encode_string_or_bytes_cb;
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_add_application_protocol(
+ grpc_gcp_handshaker_req* req, const char* application_protocol) {
+ if (req == nullptr || application_protocol == nullptr || req->has_next) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_handshaker_req_add_application_protocol().");
+ return false;
+ }
+ grpc_slice* slice =
+ create_slice(application_protocol, strlen(application_protocol));
+ if (req->has_client_start) {
+ add_repeated_field(reinterpret_cast<repeated_field**>(
+ &req->client_start.application_protocols.arg),
+ slice);
+ req->client_start.application_protocols.funcs.encode =
+ encode_repeated_string_cb;
+ } else {
+ add_repeated_field(reinterpret_cast<repeated_field**>(
+ &req->server_start.application_protocols.arg),
+ slice);
+ req->server_start.application_protocols.funcs.encode =
+ encode_repeated_string_cb;
+ }
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_add_record_protocol(grpc_gcp_handshaker_req* req,
+ const char* record_protocol) {
+ if (req == nullptr || record_protocol == nullptr || !req->has_client_start) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_handshaker_req_add_record_protocol().");
+ return false;
+ }
+ grpc_slice* slice = create_slice(record_protocol, strlen(record_protocol));
+ add_repeated_field(reinterpret_cast<repeated_field**>(
+ &req->client_start.record_protocols.arg),
+ slice);
+ req->client_start.record_protocols.funcs.encode = encode_repeated_string_cb;
+ return true;
+}
+
+static void set_identity_hostname(grpc_gcp_identity* identity,
+ const char* hostname) {
+ grpc_slice* slice = create_slice(hostname, strlen(hostname));
+ identity->hostname.arg = slice;
+ identity->hostname.funcs.encode = encode_string_or_bytes_cb;
+}
+
+static void set_identity_service_account(grpc_gcp_identity* identity,
+ const char* service_account) {
+ grpc_slice* slice = create_slice(service_account, strlen(service_account));
+ identity->service_account.arg = slice;
+ identity->service_account.funcs.encode = encode_string_or_bytes_cb;
+}
+
+bool grpc_gcp_handshaker_req_add_target_identity_hostname(
+ grpc_gcp_handshaker_req* req, const char* hostname) {
+ if (req == nullptr || hostname == nullptr || !req->has_client_start) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_handshaker_req_add_target_identity_hostname().");
+ return false;
+ }
+ grpc_gcp_identity* target_identity =
+ static_cast<grpc_gcp_identity*>(gpr_zalloc(sizeof(*target_identity)));
+ set_identity_hostname(target_identity, hostname);
+ req->client_start.target_identities.funcs.encode =
+ encode_repeated_identity_cb;
+ add_repeated_field(reinterpret_cast<repeated_field**>(
+ &req->client_start.target_identities.arg),
+ target_identity);
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_add_target_identity_service_account(
+ grpc_gcp_handshaker_req* req, const char* service_account) {
+ if (req == nullptr || service_account == nullptr || !req->has_client_start) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_handshaker_req_add_target_identity_service_account().");
+ return false;
+ }
+ grpc_gcp_identity* target_identity =
+ static_cast<grpc_gcp_identity*>(gpr_zalloc(sizeof(*target_identity)));
+ set_identity_service_account(target_identity, service_account);
+ req->client_start.target_identities.funcs.encode =
+ encode_repeated_identity_cb;
+ add_repeated_field(reinterpret_cast<repeated_field**>(
+ &req->client_start.target_identities.arg),
+ target_identity);
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_set_local_identity_hostname(
+ grpc_gcp_handshaker_req* req, const char* hostname) {
+ if (req == nullptr || hostname == nullptr || !req->has_client_start) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_handshaker_req_set_local_identity_hostname().");
+ return false;
+ }
+ req->client_start.has_local_identity = true;
+ set_identity_hostname(&req->client_start.local_identity, hostname);
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_set_local_identity_service_account(
+ grpc_gcp_handshaker_req* req, const char* service_account) {
+ if (req == nullptr || service_account == nullptr || !req->has_client_start) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_handshaker_req_set_local_identity_service_account().");
+ return false;
+ }
+ req->client_start.has_local_identity = true;
+ set_identity_service_account(&req->client_start.local_identity,
+ service_account);
+ return true;
+}
+
+static void set_endpoint(grpc_gcp_endpoint* endpoint, const char* ip_address,
+ size_t port, grpc_gcp_network_protocol protocol) {
+ grpc_slice* slice = create_slice(ip_address, strlen(ip_address));
+ endpoint->ip_address.arg = slice;
+ endpoint->ip_address.funcs.encode = encode_string_or_bytes_cb;
+ endpoint->has_port = true;
+ endpoint->port = static_cast<int32_t>(port);
+ endpoint->has_protocol = true;
+ endpoint->protocol = protocol;
+}
+
+bool grpc_gcp_handshaker_req_set_rpc_versions(grpc_gcp_handshaker_req* req,
+ uint32_t max_major,
+ uint32_t max_minor,
+ uint32_t min_major,
+ uint32_t min_minor) {
+ if (req == nullptr || req->has_next) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_handshaker_req_set_rpc_versions().");
+ return false;
+ }
+ if (req->has_client_start) {
+ req->client_start.has_rpc_versions = true;
+ grpc_gcp_rpc_protocol_versions_set_max(&req->client_start.rpc_versions,
+ max_major, max_minor);
+ grpc_gcp_rpc_protocol_versions_set_min(&req->client_start.rpc_versions,
+ min_major, min_minor);
+ } else {
+ req->server_start.has_rpc_versions = true;
+ grpc_gcp_rpc_protocol_versions_set_max(&req->server_start.rpc_versions,
+ max_major, max_minor);
+ grpc_gcp_rpc_protocol_versions_set_min(&req->server_start.rpc_versions,
+ min_major, min_minor);
+ }
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_set_local_endpoint(
+ grpc_gcp_handshaker_req* req, const char* ip_address, size_t port,
+ grpc_gcp_network_protocol protocol) {
+ if (req == nullptr || ip_address == nullptr || port > 65535 ||
+ req->has_next) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_handshaker_req_set_local_endpoint().");
+ return false;
+ }
+ if (req->has_client_start) {
+ req->client_start.has_local_endpoint = true;
+ set_endpoint(&req->client_start.local_endpoint, ip_address, port, protocol);
+ } else {
+ req->server_start.has_local_endpoint = true;
+ set_endpoint(&req->server_start.local_endpoint, ip_address, port, protocol);
+ }
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_set_remote_endpoint(
+ grpc_gcp_handshaker_req* req, const char* ip_address, size_t port,
+ grpc_gcp_network_protocol protocol) {
+ if (req == nullptr || ip_address == nullptr || port > 65535 ||
+ req->has_next) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_handshaker_req_set_remote_endpoint().");
+ return false;
+ }
+ if (req->has_client_start) {
+ req->client_start.has_remote_endpoint = true;
+ set_endpoint(&req->client_start.remote_endpoint, ip_address, port,
+ protocol);
+ } else {
+ req->server_start.has_remote_endpoint = true;
+ set_endpoint(&req->server_start.remote_endpoint, ip_address, port,
+ protocol);
+ }
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_set_in_bytes(grpc_gcp_handshaker_req* req,
+ const char* in_bytes, size_t size) {
+ if (req == nullptr || in_bytes == nullptr || req->has_client_start) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_handshaker_req_set_in_bytes().");
+ return false;
+ }
+ grpc_slice* slice = create_slice(in_bytes, size);
+ if (req->has_next) {
+ req->next.in_bytes.arg = slice;
+ req->next.in_bytes.funcs.encode = &encode_string_or_bytes_cb;
+ } else {
+ req->server_start.in_bytes.arg = slice;
+ req->server_start.in_bytes.funcs.encode = &encode_string_or_bytes_cb;
+ }
+ return true;
+}
+
+static grpc_gcp_server_handshake_parameters* server_start_find_param(
+ grpc_gcp_handshaker_req* req, int32_t key) {
+ size_t i = 0;
+ for (i = 0; i < req->server_start.handshake_parameters_count; i++) {
+ if (req->server_start.handshake_parameters[i].key == key) {
+ return &req->server_start.handshake_parameters[i].value;
+ }
+ }
+ req->server_start
+ .handshake_parameters[req->server_start.handshake_parameters_count]
+ .has_key = true;
+ req->server_start
+ .handshake_parameters[req->server_start.handshake_parameters_count]
+ .has_value = true;
+ req->server_start
+ .handshake_parameters[req->server_start.handshake_parameters_count++]
+ .key = key;
+ return &req->server_start
+ .handshake_parameters
+ [req->server_start.handshake_parameters_count - 1]
+ .value;
+}
+
+bool grpc_gcp_handshaker_req_param_add_record_protocol(
+ grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key,
+ const char* record_protocol) {
+ if (req == nullptr || record_protocol == nullptr || !req->has_server_start) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_handshaker_req_param_add_record_protocol().");
+ return false;
+ }
+ grpc_gcp_server_handshake_parameters* param =
+ server_start_find_param(req, key);
+ grpc_slice* slice = create_slice(record_protocol, strlen(record_protocol));
+ add_repeated_field(
+ reinterpret_cast<repeated_field**>(¶m->record_protocols.arg), slice);
+ param->record_protocols.funcs.encode = &encode_repeated_string_cb;
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_param_add_local_identity_hostname(
+ grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key,
+ const char* hostname) {
+ if (req == nullptr || hostname == nullptr || !req->has_server_start) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_handshaker_req_param_add_local_identity_hostname().");
+ return false;
+ }
+ grpc_gcp_server_handshake_parameters* param =
+ server_start_find_param(req, key);
+ grpc_gcp_identity* local_identity =
+ static_cast<grpc_gcp_identity*>(gpr_zalloc(sizeof(*local_identity)));
+ set_identity_hostname(local_identity, hostname);
+ add_repeated_field(
+ reinterpret_cast<repeated_field**>(¶m->local_identities.arg),
+ local_identity);
+ param->local_identities.funcs.encode = &encode_repeated_identity_cb;
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_param_add_local_identity_service_account(
+ grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key,
+ const char* service_account) {
+ if (req == nullptr || service_account == nullptr || !req->has_server_start) {
+ gpr_log(
+ GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_handshaker_req_param_add_local_identity_service_account().");
+ return false;
+ }
+ grpc_gcp_server_handshake_parameters* param =
+ server_start_find_param(req, key);
+ grpc_gcp_identity* local_identity =
+ static_cast<grpc_gcp_identity*>(gpr_zalloc(sizeof(*local_identity)));
+ set_identity_service_account(local_identity, service_account);
+ add_repeated_field(
+ reinterpret_cast<repeated_field**>(¶m->local_identities.arg),
+ local_identity);
+ param->local_identities.funcs.encode = &encode_repeated_identity_cb;
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_encode(grpc_gcp_handshaker_req* req,
+ grpc_slice* slice) {
+ if (req == nullptr || slice == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to grpc_gcp_handshaker_req_encode().");
+ return false;
+ }
+ pb_ostream_t size_stream;
+ memset(&size_stream, 0, sizeof(pb_ostream_t));
+ if (!pb_encode(&size_stream, grpc_gcp_HandshakerReq_fields, req)) {
+ gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&size_stream));
+ return false;
+ }
+ size_t encoded_length = size_stream.bytes_written;
+ *slice = grpc_slice_malloc(encoded_length);
+ pb_ostream_t output_stream =
+ pb_ostream_from_buffer(GRPC_SLICE_START_PTR(*slice), encoded_length);
+ if (!pb_encode(&output_stream, grpc_gcp_HandshakerReq_fields, req) != 0) {
+ gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&output_stream));
+ return false;
+ }
+ return true;
+}
+
+/* HandshakerResp. */
+grpc_gcp_handshaker_resp* grpc_gcp_handshaker_resp_create(void) {
+ grpc_gcp_handshaker_resp* resp =
+ static_cast<grpc_gcp_handshaker_resp*>(gpr_zalloc(sizeof(*resp)));
+ return resp;
+}
+
+void grpc_gcp_handshaker_resp_destroy(grpc_gcp_handshaker_resp* resp) {
+ if (resp != nullptr) {
+ destroy_slice(static_cast<grpc_slice*>(resp->out_frames.arg));
+ if (resp->has_status) {
+ destroy_slice(static_cast<grpc_slice*>(resp->status.details.arg));
+ }
+ if (resp->has_result) {
+ destroy_slice(
+ static_cast<grpc_slice*>(resp->result.application_protocol.arg));
+ destroy_slice(static_cast<grpc_slice*>(resp->result.record_protocol.arg));
+ destroy_slice(static_cast<grpc_slice*>(resp->result.key_data.arg));
+ if (resp->result.has_local_identity) {
+ destroy_slice(
+ static_cast<grpc_slice*>(resp->result.local_identity.hostname.arg));
+ destroy_slice(static_cast<grpc_slice*>(
+ resp->result.local_identity.service_account.arg));
+ }
+ if (resp->result.has_peer_identity) {
+ destroy_slice(
+ static_cast<grpc_slice*>(resp->result.peer_identity.hostname.arg));
+ destroy_slice(static_cast<grpc_slice*>(
+ resp->result.peer_identity.service_account.arg));
+ }
+ }
+ gpr_free(resp);
+ }
+}
+
+bool grpc_gcp_handshaker_resp_decode(grpc_slice encoded_handshaker_resp,
+ grpc_gcp_handshaker_resp* resp) {
+ if (resp == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr argument to grpc_gcp_handshaker_resp_decode().");
+ return false;
+ }
+ pb_istream_t stream =
+ pb_istream_from_buffer(GRPC_SLICE_START_PTR(encoded_handshaker_resp),
+ GRPC_SLICE_LENGTH(encoded_handshaker_resp));
+ resp->out_frames.funcs.decode = decode_string_or_bytes_cb;
+ resp->status.details.funcs.decode = decode_string_or_bytes_cb;
+ resp->result.application_protocol.funcs.decode = decode_string_or_bytes_cb;
+ resp->result.record_protocol.funcs.decode = decode_string_or_bytes_cb;
+ resp->result.key_data.funcs.decode = decode_string_or_bytes_cb;
+ resp->result.peer_identity.hostname.funcs.decode = decode_string_or_bytes_cb;
+ resp->result.peer_identity.service_account.funcs.decode =
+ decode_string_or_bytes_cb;
+ resp->result.local_identity.hostname.funcs.decode = decode_string_or_bytes_cb;
+ resp->result.local_identity.service_account.funcs.decode =
+ decode_string_or_bytes_cb;
+ if (!pb_decode(&stream, grpc_gcp_HandshakerResp_fields, resp)) {
+ gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&stream));
+ return false;
+ }
+ return true;
+}
diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_service_api.h b/src/core/tsi/alts/handshaker/alts_handshaker_service_api.h
new file mode 100644
index 0000000..5df56a8
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_handshaker_service_api.h
@@ -0,0 +1,323 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_H
+#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_H
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h"
+
+/**
+ * An implementation of nanopb thin wrapper used to set/get and
+ * serialize/de-serialize of ALTS handshake requests and responses.
+ *
+ * All APIs in the header are thread-compatible. A typical usage of this API at
+ * the client side is as follows:
+ *
+ * -----------------------------------------------------------------------------
+ * // Create, populate, and serialize an ALTS client_start handshake request to
+ * // send to the server.
+ * grpc_gcp_handshaker_req* req =
+ * grpc_gcp_handshaker_req_create(CLIENT_START_REQ);
+ * grpc_gcp_handshaker_req_set_handshake_protocol(
+ req, grpc_gcp_HandshakeProtocol_ALTS);
+ * grpc_gcp_handshaker_req_add_application_protocol(req, "grpc");
+ * grpc_gcp_handshaker_req_add_record_protocol(req, "ALTSRP_GCM_AES128");
+ * grpc_slice client_slice;
+ * if (!grpc_gcp_handshaker_req_encode(req, &client_slice)) {
+ * fprintf(stderr, "ALTS handshake request encoding failed.";
+ * }
+ *
+ * // De-serialize a data stream received from the server, and store the result
+ * // at ALTS handshake response.
+ * grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create();
+ * if (!grpc_gcp_handshaker_resp_decode(server_slice, resp)) {
+ * fprintf(stderr, "ALTS handshake response decoding failed.");
+ * }
+ * // To access a variable-length datatype field (i.e., pb_callback_t),
+ * // access its "arg" subfield (if it has been set).
+ * if (resp->out_frames.arg != nullptr) {
+ * grpc_slice* slice = resp->out_frames.arg;
+ * }
+ * // To access a fixed-length datatype field (i.e., not pb_calback_t),
+ * // access the field directly (if it has been set).
+ * if (resp->has_status && resp->status->has_code) {
+ * uint32_t code = resp->status->code;
+ * }
+ *------------------------------------------------------------------------------
+ */
+
+/**
+ * This method creates an ALTS handshake request.
+ *
+ * - type: an enum type value that can be either CLIENT_START_REQ,
+ * SERVER_START_REQ, or NEXT_REQ to indicate the created instance will be
+ * client_start, server_start, and next handshake request message
+ * respectively.
+ *
+ * The method returns a pointer to the created instance.
+ */
+grpc_gcp_handshaker_req* grpc_gcp_handshaker_req_create(
+ grpc_gcp_handshaker_req_type type);
+
+/**
+ * This method sets the value for handshake_security_protocol field of ALTS
+ * client_start handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - handshake_protocol: a enum type value representing the handshake security
+ * protocol.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_set_handshake_protocol(
+ grpc_gcp_handshaker_req* req,
+ grpc_gcp_handshake_protocol handshake_protocol);
+
+/**
+ * This method sets the value for target_name field of ALTS client_start
+ * handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - target_name: a target name to be set.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_set_target_name(grpc_gcp_handshaker_req* req,
+ const char* target_name);
+
+/**
+ * This method adds an application protocol supported by the server (or
+ * client) to ALTS server_start (or client_start) handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - application_protocol: an application protocol (e.g., grpc) to be added.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_add_application_protocol(
+ grpc_gcp_handshaker_req* req, const char* application_protocol);
+
+/**
+ * This method adds a record protocol supported by the client to ALTS
+ * client_start handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - record_protocol: a record protocol (e.g., ALTSRP_GCM_AES128) to be
+ * added.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_add_record_protocol(grpc_gcp_handshaker_req* req,
+ const char* record_protocol);
+
+/**
+ * This method adds a target server identity represented as hostname and
+ * acceptable by a client to ALTS client_start handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - hostname: a string representation of hostname at the connection
+ * endpoint to be added.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_add_target_identity_hostname(
+ grpc_gcp_handshaker_req* req, const char* hostname);
+
+/**
+ * This method adds a target server identity represented as service account and
+ * acceptable by a client to ALTS client_start handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - service_account: a string representation of service account at the
+ * connection endpoint to be added.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_add_target_identity_service_account(
+ grpc_gcp_handshaker_req* req, const char* service_account);
+
+/**
+ * This method sets the hostname for local_identity field of ALTS client_start
+ * handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - hostname: a string representation of hostname.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_set_local_identity_hostname(
+ grpc_gcp_handshaker_req* req, const char* hostname);
+
+/**
+ * This method sets the service account for local_identity field of ALTS
+ * client_start handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - service_account: a string representation of service account.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_set_local_identity_service_account(
+ grpc_gcp_handshaker_req* req, const char* service_account);
+
+/**
+ * This method sets the value for local_endpoint field of either ALTS
+ * client_start or server_start handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - ip_address: a string representation of ip address associated with the
+ * local endpoint, that could be either IPv4 or IPv6.
+ * - port: a port number associated with the local endpoint.
+ * - protocol: a network protocol (e.g., TCP or UDP) associated with the
+ * local endpoint.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_set_local_endpoint(
+ grpc_gcp_handshaker_req* req, const char* ip_address, size_t port,
+ grpc_gcp_network_protocol protocol);
+
+/**
+ * This method sets the value for remote_endpoint field of either ALTS
+ * client_start or server_start handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - ip_address: a string representation of ip address associated with the
+ * remote endpoint, that could be either IPv4 or IPv6.
+ * - port: a port number associated with the remote endpoint.
+ * - protocol: a network protocol (e.g., TCP or UDP) associated with the
+ * remote endpoint.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_set_remote_endpoint(
+ grpc_gcp_handshaker_req* req, const char* ip_address, size_t port,
+ grpc_gcp_network_protocol protocol);
+
+/**
+ * This method sets the value for in_bytes field of either ALTS server_start or
+ * next handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - in_bytes: a buffer containing bytes taken from out_frames of the peer's
+ * ALTS handshake response. It is possible that the peer's out_frames are
+ * split into multiple handshake request messages.
+ * - size: size of in_bytes buffer.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_set_in_bytes(grpc_gcp_handshaker_req* req,
+ const char* in_bytes, size_t size);
+
+/**
+ * This method adds a record protocol to handshake parameters mapped by the
+ * handshake protocol for ALTS server_start handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - key: an enum type value representing a handshake security protocol.
+ * - record_protocol: a record protocol to be added.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_param_add_record_protocol(
+ grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key,
+ const char* record_protocol);
+
+/**
+ * This method adds a local identity represented as hostname to handshake
+ * parameters mapped by the handshake protocol for ALTS server_start handshake
+ * request.
+ *
+ * - req: an ALTS handshake request.
+ * - key: an enum type value representing a handshake security protocol.
+ * - hostname: a string representation of hostname to be added.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_param_add_local_identity_hostname(
+ grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key,
+ const char* hostname);
+
+/**
+ * This method adds a local identity represented as service account to handshake
+ * parameters mapped by the handshake protocol for ALTS server_start handshake
+ * request.
+ *
+ * - req: an ALTS handshake request.
+ * - key: an enum type value representing a handshake security protocol.
+ * - service_account: a string representation of service account to be added.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_param_add_local_identity_service_account(
+ grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key,
+ const char* service_account);
+
+/**
+ * This method sets the value for rpc_versions field of either ALTS
+ * client_start or server_start handshake request.
+ *
+ * - req: an ALTS handshake request.
+ * - max_major: a major version of maximum supported RPC version.
+ * - max_minor: a minor version of maximum supported RPC version.
+ * - min_major: a major version of minimum supported RPC version.
+ * - min_minor: a minor version of minimum supported RPC version.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_set_rpc_versions(grpc_gcp_handshaker_req* req,
+ uint32_t max_major,
+ uint32_t max_minor,
+ uint32_t min_major,
+ uint32_t min_minor);
+
+/**
+ * This method serializes an ALTS handshake request and returns a data stream.
+ *
+ * - req: an ALTS handshake request.
+ * - slice: a data stream where the serialized result will be written.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_req_encode(grpc_gcp_handshaker_req* req,
+ grpc_slice* slice);
+
+/* This method destroys an ALTS handshake request. */
+void grpc_gcp_handshaker_req_destroy(grpc_gcp_handshaker_req* req);
+
+/* This method creates an ALTS handshake response. */
+grpc_gcp_handshaker_resp* grpc_gcp_handshaker_resp_create(void);
+
+/**
+ * This method de-serializes a data stream and stores the result
+ * in an ALTS handshake response.
+ *
+ * - slice: a data stream containing a serialized ALTS handshake response.
+ * - resp: an ALTS handshake response used to hold de-serialized result.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_handshaker_resp_decode(grpc_slice slice,
+ grpc_gcp_handshaker_resp* resp);
+
+/* This method destroys an ALTS handshake response. */
+void grpc_gcp_handshaker_resp_destroy(grpc_gcp_handshaker_resp* resp);
+
+#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_H */
diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc b/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc
new file mode 100644
index 0000000..e0e4184
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc
@@ -0,0 +1,143 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h"
+
+void add_repeated_field(repeated_field** head, const void* data) {
+ repeated_field* field =
+ static_cast<repeated_field*>(gpr_zalloc(sizeof(*field)));
+ field->data = data;
+ if (*head == nullptr) {
+ *head = field;
+ (*head)->next = nullptr;
+ } else {
+ field->next = *head;
+ *head = field;
+ }
+}
+
+void destroy_repeated_field_list_identity(repeated_field* head) {
+ repeated_field* field = head;
+ while (field != nullptr) {
+ repeated_field* next_field = field->next;
+ const grpc_gcp_identity* identity =
+ static_cast<const grpc_gcp_identity*>(field->data);
+ destroy_slice(static_cast<grpc_slice*>(identity->hostname.arg));
+ destroy_slice(static_cast<grpc_slice*>(identity->service_account.arg));
+ gpr_free((void*)identity);
+ gpr_free(field);
+ field = next_field;
+ }
+}
+
+void destroy_repeated_field_list_string(repeated_field* head) {
+ repeated_field* field = head;
+ while (field != nullptr) {
+ repeated_field* next_field = field->next;
+ destroy_slice((grpc_slice*)field->data);
+ gpr_free(field);
+ field = next_field;
+ }
+}
+
+grpc_slice* create_slice(const char* data, size_t size) {
+ grpc_slice slice = grpc_slice_from_copied_buffer(data, size);
+ grpc_slice* cb_slice =
+ static_cast<grpc_slice*>(gpr_zalloc(sizeof(*cb_slice)));
+ memcpy(cb_slice, &slice, sizeof(*cb_slice));
+ return cb_slice;
+}
+
+void destroy_slice(grpc_slice* slice) {
+ if (slice != nullptr) {
+ grpc_slice_unref(*slice);
+ gpr_free(slice);
+ }
+}
+
+bool encode_string_or_bytes_cb(pb_ostream_t* stream, const pb_field_t* field,
+ void* const* arg) {
+ grpc_slice* slice = static_cast<grpc_slice*>(*arg);
+ if (!pb_encode_tag_for_field(stream, field)) return false;
+ return pb_encode_string(stream, GRPC_SLICE_START_PTR(*slice),
+ GRPC_SLICE_LENGTH(*slice));
+}
+
+bool encode_repeated_identity_cb(pb_ostream_t* stream, const pb_field_t* field,
+ void* const* arg) {
+ repeated_field* var = static_cast<repeated_field*>(*arg);
+ while (var != nullptr) {
+ if (!pb_encode_tag_for_field(stream, field)) return false;
+ if (!pb_encode_submessage(stream, grpc_gcp_Identity_fields,
+ (grpc_gcp_identity*)var->data))
+ return false;
+ var = var->next;
+ }
+ return true;
+}
+
+bool encode_repeated_string_cb(pb_ostream_t* stream, const pb_field_t* field,
+ void* const* arg) {
+ repeated_field* var = static_cast<repeated_field*>(*arg);
+ while (var != nullptr) {
+ if (!pb_encode_tag_for_field(stream, field)) return false;
+ const grpc_slice* slice = static_cast<const grpc_slice*>(var->data);
+ if (!pb_encode_string(stream, GRPC_SLICE_START_PTR(*slice),
+ GRPC_SLICE_LENGTH(*slice)))
+ return false;
+ var = var->next;
+ }
+ return true;
+}
+
+bool decode_string_or_bytes_cb(pb_istream_t* stream, const pb_field_t* field,
+ void** arg) {
+ grpc_slice slice = grpc_slice_malloc(stream->bytes_left);
+ grpc_slice* cb_slice =
+ static_cast<grpc_slice*>(gpr_zalloc(sizeof(*cb_slice)));
+ memcpy(cb_slice, &slice, sizeof(*cb_slice));
+ if (!pb_read(stream, GRPC_SLICE_START_PTR(*cb_slice), stream->bytes_left))
+ return false;
+ *arg = cb_slice;
+ return true;
+}
+
+bool decode_repeated_identity_cb(pb_istream_t* stream, const pb_field_t* field,
+ void** arg) {
+ grpc_gcp_identity* identity =
+ static_cast<grpc_gcp_identity*>(gpr_zalloc(sizeof(*identity)));
+ identity->hostname.funcs.decode = decode_string_or_bytes_cb;
+ identity->service_account.funcs.decode = decode_string_or_bytes_cb;
+ add_repeated_field(reinterpret_cast<repeated_field**>(arg), identity);
+ if (!pb_decode(stream, grpc_gcp_Identity_fields, identity)) return false;
+ return true;
+}
+
+bool decode_repeated_string_cb(pb_istream_t* stream, const pb_field_t* field,
+ void** arg) {
+ grpc_slice slice = grpc_slice_malloc(stream->bytes_left);
+ grpc_slice* cb_slice =
+ static_cast<grpc_slice*>(gpr_zalloc(sizeof(*cb_slice)));
+ memcpy(cb_slice, &slice, sizeof(grpc_slice));
+ if (!pb_read(stream, GRPC_SLICE_START_PTR(*cb_slice), stream->bytes_left))
+ return false;
+ add_repeated_field(reinterpret_cast<repeated_field**>(arg), cb_slice);
+ return true;
+}
diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h b/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h
new file mode 100644
index 0000000..8fe8f73
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h
@@ -0,0 +1,149 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_UTIL_H
+#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_UTIL_H
+
+#include <grpc/support/port_platform.h>
+
+#include "third_party/nanopb/pb_decode.h"
+#include "third_party/nanopb/pb_encode.h"
+
+#include <grpc/slice.h>
+#include <grpc/slice_buffer.h>
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/tsi/alts/handshaker/handshaker.pb.h"
+
+/**
+ * An implementation of utility functions used to serialize/
+ * de-serialize ALTS handshake requests/responses. All APIs in the header
+ * are thread-compatible.
+ */
+
+/* Renaming of message/field structs generated by nanopb compiler. */
+typedef grpc_gcp_HandshakeProtocol grpc_gcp_handshake_protocol;
+typedef grpc_gcp_NetworkProtocol grpc_gcp_network_protocol;
+typedef grpc_gcp_Identity grpc_gcp_identity;
+typedef grpc_gcp_NextHandshakeMessageReq grpc_gcp_next_handshake_message_req;
+typedef grpc_gcp_ServerHandshakeParameters grpc_gcp_server_handshake_parameters;
+typedef grpc_gcp_Endpoint grpc_gcp_endpoint;
+typedef grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry
+ grpc_gcp_handshake_parameters_entry;
+typedef grpc_gcp_StartClientHandshakeReq grpc_gcp_start_client_handshake_req;
+typedef grpc_gcp_StartServerHandshakeReq grpc_gcp_start_server_handshake_req;
+typedef grpc_gcp_HandshakerReq grpc_gcp_handshaker_req;
+typedef grpc_gcp_HandshakerResult grpc_gcp_handshaker_result;
+typedef grpc_gcp_HandshakerStatus grpc_gcp_handshaker_status;
+typedef grpc_gcp_HandshakerResp grpc_gcp_handshaker_resp;
+
+typedef enum {
+ CLIENT_START_REQ = 0, /* StartClientHandshakeReq. */
+ SERVER_START_REQ = 1, /* StartServerHandshakeReq. */
+ NEXT_REQ = 2, /* NextHandshakeMessageReq. */
+} grpc_gcp_handshaker_req_type;
+
+/**
+ * A struct representing a repeated field. The struct is used to organize all
+ * instances of a specific repeated field into a linked list, which then will
+ * be used at encode/decode phase. For instance at the encode phase, the encode
+ * function will iterate through the list, encode each field, and then output
+ * the result to the stream.
+ */
+typedef struct repeated_field_ {
+ struct repeated_field_* next;
+ const void* data;
+} repeated_field;
+
+/**
+ * This method adds a repeated field to the head of repeated field list.
+ *
+ * - head: a head of repeated field list.
+ * - field: a repeated field to be added to the list.
+ */
+void add_repeated_field(repeated_field** head, const void* field);
+
+/**
+ * This method destroys a repeated field list that consists of string type
+ * fields.
+ *
+ * - head: a head of repeated field list.
+ */
+void destroy_repeated_field_list_string(repeated_field* head);
+
+/**
+ * This method destroys a repeated field list that consists of
+ * grpc_gcp_identity type fields.
+ *
+ * - head: a head of repeated field list.
+ */
+void destroy_repeated_field_list_identity(repeated_field* head);
+
+/**
+ * This method creates a grpc_slice instance by copying a data buffer. It is
+ * similar to grpc_slice_from_copied_buffer() except that it returns an instance
+ * allocated from the heap.
+ *
+ * - data: a data buffer to be copied to grpc_slice instance.
+ * - size: size of data buffer.
+ */
+grpc_slice* create_slice(const char* data, size_t size);
+
+/* This method destroys a grpc_slice instance. */
+void destroy_slice(grpc_slice* slice);
+
+/**
+ * The following encode/decode functions will be assigned to encode/decode
+ * function pointers of pb_callback_t struct (defined in
+ * //third_party/nanopb/pb.h), that represent a repeated field with a dynamic
+ * length (e.g., a string type or repeated field).
+ */
+
+/* This method is an encode callback function for a string or byte array. */
+bool encode_string_or_bytes_cb(pb_ostream_t* stream, const pb_field_t* field,
+ void* const* arg);
+
+/**
+ * This method is an encode callback function for a repeated grpc_gcp_identity
+ * field.
+ */
+bool encode_repeated_identity_cb(pb_ostream_t* stream, const pb_field_t* field,
+ void* const* arg);
+
+/* This method is an encode callback function for a repeated string field. */
+bool encode_repeated_string_cb(pb_ostream_t* stream, const pb_field_t* field,
+ void* const* arg);
+
+/**
+ * This method is a decode callback function for a string or byte array field.
+ */
+bool decode_string_or_bytes_cb(pb_istream_t* stream, const pb_field_t* field,
+ void** arg);
+/**
+ * This method is a decode callback function for a repeated grpc_gcp_identity
+ * field.
+ */
+bool decode_repeated_identity_cb(pb_istream_t* stream, const pb_field_t* field,
+ void** arg);
+
+/* This method is a decode callback function for a repeated string field. */
+bool decode_repeated_string_cb(pb_istream_t* stream, const pb_field_t* field,
+ void** arg);
+
+#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_UTIL_H */
diff --git a/src/core/tsi/alts/handshaker/alts_tsi_event.cc b/src/core/tsi/alts/handshaker/alts_tsi_event.cc
new file mode 100644
index 0000000..ec0bf12
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_tsi_event.cc
@@ -0,0 +1,73 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/handshaker/alts_tsi_event.h"
+
+#include <grpc/grpc.h>
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+tsi_result alts_tsi_event_create(alts_tsi_handshaker* handshaker,
+ tsi_handshaker_on_next_done_cb cb,
+ void* user_data,
+ grpc_alts_credentials_options* options,
+ grpc_slice target_name,
+ alts_tsi_event** event) {
+ if (event == nullptr || handshaker == nullptr || cb == nullptr) {
+ gpr_log(GPR_ERROR, "Invalid arguments to alts_tsi_event_create()");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_tsi_event* e = static_cast<alts_tsi_event*>(gpr_zalloc(sizeof(*e)));
+ e->handshaker = handshaker;
+ e->cb = cb;
+ e->user_data = user_data;
+ e->options = grpc_alts_credentials_options_copy(options);
+ e->target_name = grpc_slice_copy(target_name);
+ grpc_metadata_array_init(&e->initial_metadata);
+ grpc_metadata_array_init(&e->trailing_metadata);
+ *event = e;
+ return TSI_OK;
+}
+
+void alts_tsi_event_dispatch_to_handshaker(alts_tsi_event* event, bool is_ok) {
+ if (event == nullptr) {
+ gpr_log(
+ GPR_ERROR,
+ "ALTS TSI event is nullptr in alts_tsi_event_dispatch_to_handshaker()");
+ return;
+ }
+ alts_tsi_handshaker_handle_response(event->handshaker, event->recv_buffer,
+ event->status, &event->details, event->cb,
+ event->user_data, is_ok);
+}
+
+void alts_tsi_event_destroy(alts_tsi_event* event) {
+ if (event == nullptr) {
+ return;
+ }
+ grpc_byte_buffer_destroy(event->send_buffer);
+ grpc_byte_buffer_destroy(event->recv_buffer);
+ grpc_metadata_array_destroy(&event->initial_metadata);
+ grpc_metadata_array_destroy(&event->trailing_metadata);
+ grpc_slice_unref(event->details);
+ grpc_slice_unref(event->target_name);
+ grpc_alts_credentials_options_destroy(event->options);
+ gpr_free(event);
+}
diff --git a/src/core/tsi/alts/handshaker/alts_tsi_event.h b/src/core/tsi/alts/handshaker/alts_tsi_event.h
new file mode 100644
index 0000000..043e75d
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_tsi_event.h
@@ -0,0 +1,93 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_EVENT_H
+#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_EVENT_H
+
+#include <grpc/support/port_platform.h>
+
+#include <grpc/byte_buffer.h>
+#include <grpc/byte_buffer_reader.h>
+
+#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h"
+#include "src/core/tsi/transport_security_interface.h"
+
+/**
+ * A ALTS TSI event interface. In asynchronous implementation of
+ * tsi_handshaker_next(), the function will exit after scheduling a handshaker
+ * request to ALTS handshaker service without waiting for response to return.
+ * The event is used to link the scheduled handshaker request with the
+ * corresponding response so that enough context information can be inferred
+ * from it to handle the response. All APIs in the header are thread-compatible.
+ */
+
+/**
+ * Main struct for ALTS TSI event. It retains ownership on send_buffer and
+ * recv_buffer, but not on handshaker.
+ */
+typedef struct alts_tsi_event {
+ alts_tsi_handshaker* handshaker;
+ grpc_byte_buffer* send_buffer;
+ grpc_byte_buffer* recv_buffer;
+ grpc_status_code status;
+ grpc_slice details;
+ grpc_metadata_array initial_metadata;
+ grpc_metadata_array trailing_metadata;
+ tsi_handshaker_on_next_done_cb cb;
+ void* user_data;
+ grpc_alts_credentials_options* options;
+ grpc_slice target_name;
+} alts_tsi_event;
+
+/**
+ * This method creates a ALTS TSI event.
+ *
+ * - handshaker: ALTS TSI handshaker instance associated with the event to be
+ * created. The created event does not own the handshaker instance.
+ * - cb: callback function to be called when handling data received from ALTS
+ * handshaker service.
+ * - user_data: argument to callback function.
+ * - options: ALTS credentials options.
+ * - target_name: name of endpoint used for secure naming check.
+ * - event: address of ALTS TSI event instance to be returned from the method.
+ *
+ * It returns TSI_OK on success and an error status code on failure.
+ */
+tsi_result alts_tsi_event_create(alts_tsi_handshaker* handshaker,
+ tsi_handshaker_on_next_done_cb cb,
+ void* user_data,
+ grpc_alts_credentials_options* options,
+ grpc_slice target_name,
+ alts_tsi_event** event);
+
+/**
+ * This method dispatches a ALTS TSI event received from the handshaker service,
+ * and a boolean flag indicating if the event is valid to read to ALTS TSI
+ * handshaker to process. It is called by TSI thread.
+ *
+ * - event: ALTS TSI event instance.
+ * - is_ok: a boolean value indicating if the event is valid to read.
+ */
+void alts_tsi_event_dispatch_to_handshaker(alts_tsi_event* event, bool is_ok);
+
+/**
+ * This method destroys the ALTS TSI event.
+ */
+void alts_tsi_event_destroy(alts_tsi_event* event);
+
+#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_EVENT_H */
diff --git a/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc
new file mode 100644
index 0000000..529f210
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc
@@ -0,0 +1,483 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+#include <grpc/support/sync.h>
+#include <grpc/support/thd_id.h>
+
+#include "src/core/lib/gpr/host_port.h"
+#include "src/core/lib/gprpp/thd.h"
+#include "src/core/tsi/alts/frame_protector/alts_frame_protector.h"
+#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h"
+#include "src/core/tsi/alts/handshaker/alts_tsi_utils.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h"
+#include "src/core/tsi/alts_transport_security.h"
+
+#define TSI_ALTS_INITIAL_BUFFER_SIZE 256
+
+static alts_shared_resource* kSharedResource = alts_get_shared_resource();
+
+/* Main struct for ALTS TSI handshaker. */
+typedef struct alts_tsi_handshaker {
+ tsi_handshaker base;
+ alts_handshaker_client* client;
+ grpc_slice recv_bytes;
+ grpc_slice target_name;
+ unsigned char* buffer;
+ size_t buffer_size;
+ bool is_client;
+ bool has_sent_start_message;
+ grpc_alts_credentials_options* options;
+} alts_tsi_handshaker;
+
+/* Main struct for ALTS TSI handshaker result. */
+typedef struct alts_tsi_handshaker_result {
+ tsi_handshaker_result base;
+ char* peer_identity;
+ char* key_data;
+ unsigned char* unused_bytes;
+ size_t unused_bytes_size;
+ grpc_slice rpc_versions;
+ bool is_client;
+} alts_tsi_handshaker_result;
+
+static tsi_result handshaker_result_extract_peer(
+ const tsi_handshaker_result* self, tsi_peer* peer) {
+ if (self == nullptr || peer == nullptr) {
+ gpr_log(GPR_ERROR, "Invalid argument to handshaker_result_extract_peer()");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_tsi_handshaker_result* result =
+ reinterpret_cast<alts_tsi_handshaker_result*>(
+ const_cast<tsi_handshaker_result*>(self));
+ GPR_ASSERT(kTsiAltsNumOfPeerProperties == 3);
+ tsi_result ok = tsi_construct_peer(kTsiAltsNumOfPeerProperties, peer);
+ int index = 0;
+ if (ok != TSI_OK) {
+ gpr_log(GPR_ERROR, "Failed to construct tsi peer");
+ return ok;
+ }
+ GPR_ASSERT(&peer->properties[index] != nullptr);
+ ok = tsi_construct_string_peer_property_from_cstring(
+ TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE,
+ &peer->properties[index]);
+ if (ok != TSI_OK) {
+ tsi_peer_destruct(peer);
+ gpr_log(GPR_ERROR, "Failed to set tsi peer property");
+ return ok;
+ }
+ index++;
+ GPR_ASSERT(&peer->properties[index] != nullptr);
+ ok = tsi_construct_string_peer_property_from_cstring(
+ TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, result->peer_identity,
+ &peer->properties[index]);
+ if (ok != TSI_OK) {
+ tsi_peer_destruct(peer);
+ gpr_log(GPR_ERROR, "Failed to set tsi peer property");
+ }
+ index++;
+ GPR_ASSERT(&peer->properties[index] != nullptr);
+ ok = tsi_construct_string_peer_property(
+ TSI_ALTS_RPC_VERSIONS,
+ reinterpret_cast<char*>(GRPC_SLICE_START_PTR(result->rpc_versions)),
+ GRPC_SLICE_LENGTH(result->rpc_versions), &peer->properties[2]);
+ if (ok != TSI_OK) {
+ tsi_peer_destruct(peer);
+ gpr_log(GPR_ERROR, "Failed to set tsi peer property");
+ }
+ GPR_ASSERT(++index == kTsiAltsNumOfPeerProperties);
+ return ok;
+}
+
+static tsi_result handshaker_result_create_zero_copy_grpc_protector(
+ const tsi_handshaker_result* self, size_t* max_output_protected_frame_size,
+ tsi_zero_copy_grpc_protector** protector) {
+ if (self == nullptr || protector == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to create_zero_copy_grpc_protector()");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_tsi_handshaker_result* result =
+ reinterpret_cast<alts_tsi_handshaker_result*>(
+ const_cast<tsi_handshaker_result*>(self));
+ tsi_result ok = alts_zero_copy_grpc_protector_create(
+ reinterpret_cast<const uint8_t*>(result->key_data),
+ kAltsAes128GcmRekeyKeyLength, /*is_rekey=*/true, result->is_client,
+ /*is_integrity_only=*/false, max_output_protected_frame_size, protector);
+ if (ok != TSI_OK) {
+ gpr_log(GPR_ERROR, "Failed to create zero-copy grpc protector");
+ }
+ return ok;
+}
+
+static tsi_result handshaker_result_create_frame_protector(
+ const tsi_handshaker_result* self, size_t* max_output_protected_frame_size,
+ tsi_frame_protector** protector) {
+ if (self == nullptr || protector == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to handshaker_result_create_frame_protector()");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_tsi_handshaker_result* result =
+ reinterpret_cast<alts_tsi_handshaker_result*>(
+ const_cast<tsi_handshaker_result*>(self));
+ tsi_result ok = alts_create_frame_protector(
+ reinterpret_cast<const uint8_t*>(result->key_data),
+ kAltsAes128GcmRekeyKeyLength, result->is_client, /*is_rekey=*/true,
+ max_output_protected_frame_size, protector);
+ if (ok != TSI_OK) {
+ gpr_log(GPR_ERROR, "Failed to create frame protector");
+ }
+ return ok;
+}
+
+static tsi_result handshaker_result_get_unused_bytes(
+ const tsi_handshaker_result* self, const unsigned char** bytes,
+ size_t* bytes_size) {
+ if (self == nullptr || bytes == nullptr || bytes_size == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to handshaker_result_get_unused_bytes()");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_tsi_handshaker_result* result =
+ reinterpret_cast<alts_tsi_handshaker_result*>(
+ const_cast<tsi_handshaker_result*>(self));
+ *bytes = result->unused_bytes;
+ *bytes_size = result->unused_bytes_size;
+ return TSI_OK;
+}
+
+static void handshaker_result_destroy(tsi_handshaker_result* self) {
+ if (self == nullptr) {
+ return;
+ }
+ alts_tsi_handshaker_result* result =
+ reinterpret_cast<alts_tsi_handshaker_result*>(
+ const_cast<tsi_handshaker_result*>(self));
+ gpr_free(result->peer_identity);
+ gpr_free(result->key_data);
+ gpr_free(result->unused_bytes);
+ grpc_slice_unref(result->rpc_versions);
+ gpr_free(result);
+}
+
+static const tsi_handshaker_result_vtable result_vtable = {
+ handshaker_result_extract_peer,
+ handshaker_result_create_zero_copy_grpc_protector,
+ handshaker_result_create_frame_protector,
+ handshaker_result_get_unused_bytes, handshaker_result_destroy};
+
+static tsi_result create_handshaker_result(grpc_gcp_handshaker_resp* resp,
+ bool is_client,
+ tsi_handshaker_result** self) {
+ if (self == nullptr || resp == nullptr) {
+ gpr_log(GPR_ERROR, "Invalid arguments to create_handshaker_result()");
+ return TSI_INVALID_ARGUMENT;
+ }
+ grpc_slice* key = static_cast<grpc_slice*>(resp->result.key_data.arg);
+ GPR_ASSERT(key != nullptr);
+ grpc_slice* identity =
+ static_cast<grpc_slice*>(resp->result.peer_identity.service_account.arg);
+ if (identity == nullptr) {
+ gpr_log(GPR_ERROR, "Invalid service account");
+ return TSI_FAILED_PRECONDITION;
+ }
+ if (GRPC_SLICE_LENGTH(*key) < kAltsAes128GcmRekeyKeyLength) {
+ gpr_log(GPR_ERROR, "Bad key length");
+ return TSI_FAILED_PRECONDITION;
+ }
+ alts_tsi_handshaker_result* result =
+ static_cast<alts_tsi_handshaker_result*>(gpr_zalloc(sizeof(*result)));
+ result->key_data =
+ static_cast<char*>(gpr_zalloc(kAltsAes128GcmRekeyKeyLength));
+ memcpy(result->key_data, GRPC_SLICE_START_PTR(*key),
+ kAltsAes128GcmRekeyKeyLength);
+ result->peer_identity = grpc_slice_to_c_string(*identity);
+ if (!resp->result.has_peer_rpc_versions) {
+ gpr_log(GPR_ERROR, "Peer does not set RPC protocol versions.");
+ return TSI_FAILED_PRECONDITION;
+ }
+ if (!grpc_gcp_rpc_protocol_versions_encode(&resp->result.peer_rpc_versions,
+ &result->rpc_versions)) {
+ gpr_log(GPR_ERROR, "Failed to serialize peer's RPC protocol versions.");
+ return TSI_FAILED_PRECONDITION;
+ }
+ result->is_client = is_client;
+ result->base.vtable = &result_vtable;
+ *self = &result->base;
+ return TSI_OK;
+}
+
+static tsi_result handshaker_next(
+ tsi_handshaker* self, const unsigned char* received_bytes,
+ size_t received_bytes_size, const unsigned char** bytes_to_send,
+ size_t* bytes_to_send_size, tsi_handshaker_result** result,
+ tsi_handshaker_on_next_done_cb cb, void* user_data) {
+ if (self == nullptr || cb == nullptr) {
+ gpr_log(GPR_ERROR, "Invalid arguments to handshaker_next()");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_tsi_handshaker* handshaker =
+ reinterpret_cast<alts_tsi_handshaker*>(self);
+ tsi_result ok = TSI_OK;
+ alts_tsi_event* event = nullptr;
+ ok = alts_tsi_event_create(handshaker, cb, user_data, handshaker->options,
+ handshaker->target_name, &event);
+ if (ok != TSI_OK) {
+ gpr_log(GPR_ERROR, "Failed to create ALTS TSI event");
+ return ok;
+ }
+ grpc_slice slice = (received_bytes == nullptr || received_bytes_size == 0)
+ ? grpc_empty_slice()
+ : grpc_slice_from_copied_buffer(
+ reinterpret_cast<const char*>(received_bytes),
+ received_bytes_size);
+ if (!handshaker->has_sent_start_message) {
+ ok = handshaker->is_client
+ ? alts_handshaker_client_start_client(handshaker->client, event)
+ : alts_handshaker_client_start_server(handshaker->client, event,
+ &slice);
+ handshaker->has_sent_start_message = true;
+ } else {
+ if (!GRPC_SLICE_IS_EMPTY(handshaker->recv_bytes)) {
+ grpc_slice_unref(handshaker->recv_bytes);
+ }
+ handshaker->recv_bytes = grpc_slice_ref(slice);
+ ok = alts_handshaker_client_next(handshaker->client, event, &slice);
+ }
+ grpc_slice_unref(slice);
+ if (ok != TSI_OK) {
+ gpr_log(GPR_ERROR, "Failed to schedule ALTS handshaker requests");
+ return ok;
+ }
+ return TSI_ASYNC;
+}
+
+static void handshaker_destroy(tsi_handshaker* self) {
+ if (self == nullptr) {
+ return;
+ }
+ alts_tsi_handshaker* handshaker =
+ reinterpret_cast<alts_tsi_handshaker*>(self);
+ alts_handshaker_client_destroy(handshaker->client);
+ grpc_slice_unref(handshaker->recv_bytes);
+ grpc_slice_unref(handshaker->target_name);
+ grpc_alts_credentials_options_destroy(handshaker->options);
+ gpr_free(handshaker->buffer);
+ gpr_free(handshaker);
+}
+
+static const tsi_handshaker_vtable handshaker_vtable = {
+ nullptr, nullptr, nullptr, nullptr, nullptr, handshaker_destroy,
+ handshaker_next};
+
+static void thread_worker(void* arg) {
+ while (true) {
+ grpc_event event = grpc_completion_queue_next(
+ kSharedResource->cq, gpr_inf_future(GPR_CLOCK_REALTIME), nullptr);
+ GPR_ASSERT(event.type != GRPC_QUEUE_TIMEOUT);
+ if (event.type == GRPC_QUEUE_SHUTDOWN) {
+ /* signal alts_tsi_shutdown() to destroy completion queue. */
+ grpc_tsi_alts_signal_for_cq_destroy();
+ break;
+ }
+ /* event.type == GRPC_OP_COMPLETE. */
+ alts_tsi_event* alts_event = static_cast<alts_tsi_event*>(event.tag);
+ alts_tsi_event_dispatch_to_handshaker(alts_event, event.success);
+ alts_tsi_event_destroy(alts_event);
+ }
+}
+
+static void init_shared_resources(const char* handshaker_service_url) {
+ GPR_ASSERT(handshaker_service_url != nullptr);
+ gpr_mu_lock(&kSharedResource->mu);
+ if (kSharedResource->channel == nullptr) {
+ gpr_cv_init(&kSharedResource->cv);
+ kSharedResource->channel =
+ grpc_insecure_channel_create(handshaker_service_url, nullptr, nullptr);
+ kSharedResource->cq = grpc_completion_queue_create_for_next(nullptr);
+ kSharedResource->thread =
+ grpc_core::Thread("alts_tsi_handshaker", &thread_worker, nullptr);
+ kSharedResource->thread.Start();
+ }
+ gpr_mu_unlock(&kSharedResource->mu);
+}
+
+tsi_result alts_tsi_handshaker_create(
+ const grpc_alts_credentials_options* options, const char* target_name,
+ const char* handshaker_service_url, bool is_client, tsi_handshaker** self) {
+ if (handshaker_service_url == nullptr || self == nullptr ||
+ options == nullptr || (is_client && target_name == nullptr)) {
+ gpr_log(GPR_ERROR, "Invalid arguments to alts_tsi_handshaker_create()");
+ return TSI_INVALID_ARGUMENT;
+ }
+ init_shared_resources(handshaker_service_url);
+ alts_handshaker_client* client = alts_grpc_handshaker_client_create(
+ kSharedResource->channel, kSharedResource->cq, handshaker_service_url);
+ if (client == nullptr) {
+ gpr_log(GPR_ERROR, "Failed to create ALTS handshaker client");
+ return TSI_FAILED_PRECONDITION;
+ }
+ alts_tsi_handshaker* handshaker =
+ static_cast<alts_tsi_handshaker*>(gpr_zalloc(sizeof(*handshaker)));
+ handshaker->client = client;
+ handshaker->buffer_size = TSI_ALTS_INITIAL_BUFFER_SIZE;
+ handshaker->buffer =
+ static_cast<unsigned char*>(gpr_zalloc(handshaker->buffer_size));
+ handshaker->is_client = is_client;
+ handshaker->has_sent_start_message = false;
+ handshaker->target_name = target_name == nullptr
+ ? grpc_empty_slice()
+ : grpc_slice_from_static_string(target_name);
+ handshaker->options = grpc_alts_credentials_options_copy(options);
+ handshaker->base.vtable = &handshaker_vtable;
+ *self = &handshaker->base;
+ return TSI_OK;
+}
+
+static bool is_handshake_finished_properly(grpc_gcp_handshaker_resp* resp) {
+ GPR_ASSERT(resp != nullptr);
+ if (resp->has_result) {
+ return true;
+ }
+ return false;
+}
+
+static void set_unused_bytes(tsi_handshaker_result* self,
+ grpc_slice* recv_bytes, size_t bytes_consumed) {
+ GPR_ASSERT(recv_bytes != nullptr && self != nullptr);
+ if (GRPC_SLICE_LENGTH(*recv_bytes) == bytes_consumed) {
+ return;
+ }
+ alts_tsi_handshaker_result* result =
+ reinterpret_cast<alts_tsi_handshaker_result*>(self);
+ result->unused_bytes_size = GRPC_SLICE_LENGTH(*recv_bytes) - bytes_consumed;
+ result->unused_bytes =
+ static_cast<unsigned char*>(gpr_zalloc(result->unused_bytes_size));
+ memcpy(result->unused_bytes,
+ GRPC_SLICE_START_PTR(*recv_bytes) + bytes_consumed,
+ result->unused_bytes_size);
+}
+
+void alts_tsi_handshaker_handle_response(alts_tsi_handshaker* handshaker,
+ grpc_byte_buffer* recv_buffer,
+ grpc_status_code status,
+ grpc_slice* details,
+ tsi_handshaker_on_next_done_cb cb,
+ void* user_data, bool is_ok) {
+ /* Invalid input check. */
+ if (cb == nullptr) {
+ gpr_log(GPR_ERROR,
+ "cb is nullptr in alts_tsi_handshaker_handle_response()");
+ return;
+ }
+ if (handshaker == nullptr || recv_buffer == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to alts_tsi_handshaker_handle_response()");
+ cb(TSI_INTERNAL_ERROR, user_data, nullptr, 0, nullptr);
+ return;
+ }
+ /* Failed grpc call check. */
+ if (!is_ok || status != GRPC_STATUS_OK) {
+ gpr_log(GPR_ERROR, "grpc call made to handshaker service failed");
+ if (details != nullptr) {
+ char* error_details = grpc_slice_to_c_string(*details);
+ gpr_log(GPR_ERROR, "error details:%s", error_details);
+ gpr_free(error_details);
+ }
+ cb(TSI_INTERNAL_ERROR, user_data, nullptr, 0, nullptr);
+ return;
+ }
+ grpc_gcp_handshaker_resp* resp =
+ alts_tsi_utils_deserialize_response(recv_buffer);
+ /* Invalid handshaker response check. */
+ if (resp == nullptr) {
+ gpr_log(GPR_ERROR, "alts_tsi_utils_deserialize_response() failed");
+ cb(TSI_DATA_CORRUPTED, user_data, nullptr, 0, nullptr);
+ return;
+ }
+ grpc_slice* slice = static_cast<grpc_slice*>(resp->out_frames.arg);
+ unsigned char* bytes_to_send = nullptr;
+ size_t bytes_to_send_size = 0;
+ if (slice != nullptr) {
+ bytes_to_send_size = GRPC_SLICE_LENGTH(*slice);
+ while (bytes_to_send_size > handshaker->buffer_size) {
+ handshaker->buffer_size *= 2;
+ handshaker->buffer = static_cast<unsigned char*>(
+ gpr_realloc(handshaker->buffer, handshaker->buffer_size));
+ }
+ memcpy(handshaker->buffer, GRPC_SLICE_START_PTR(*slice),
+ bytes_to_send_size);
+ bytes_to_send = handshaker->buffer;
+ }
+ tsi_handshaker_result* result = nullptr;
+ if (is_handshake_finished_properly(resp)) {
+ create_handshaker_result(resp, handshaker->is_client, &result);
+ set_unused_bytes(result, &handshaker->recv_bytes, resp->bytes_consumed);
+ }
+ grpc_status_code code = static_cast<grpc_status_code>(resp->status.code);
+ grpc_gcp_handshaker_resp_destroy(resp);
+ cb(alts_tsi_utils_convert_to_tsi_result(code), user_data, bytes_to_send,
+ bytes_to_send_size, result);
+}
+
+namespace grpc_core {
+namespace internal {
+
+bool alts_tsi_handshaker_get_has_sent_start_message_for_testing(
+ alts_tsi_handshaker* handshaker) {
+ GPR_ASSERT(handshaker != nullptr);
+ return handshaker->has_sent_start_message;
+}
+
+bool alts_tsi_handshaker_get_is_client_for_testing(
+ alts_tsi_handshaker* handshaker) {
+ GPR_ASSERT(handshaker != nullptr);
+ return handshaker->is_client;
+}
+
+void alts_tsi_handshaker_set_recv_bytes_for_testing(
+ alts_tsi_handshaker* handshaker, grpc_slice* slice) {
+ GPR_ASSERT(handshaker != nullptr && slice != nullptr);
+ handshaker->recv_bytes = grpc_slice_ref(*slice);
+}
+
+grpc_slice alts_tsi_handshaker_get_recv_bytes_for_testing(
+ alts_tsi_handshaker* handshaker) {
+ GPR_ASSERT(handshaker != nullptr);
+ return handshaker->recv_bytes;
+}
+
+void alts_tsi_handshaker_set_client_for_testing(
+ alts_tsi_handshaker* handshaker, alts_handshaker_client* client) {
+ GPR_ASSERT(handshaker != nullptr && client != nullptr);
+ alts_handshaker_client_destroy(handshaker->client);
+ handshaker->client = client;
+}
+
+} // namespace internal
+} // namespace grpc_core
diff --git a/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h
new file mode 100644
index 0000000..227b30c
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h
@@ -0,0 +1,83 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_H
+#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_H
+
+#include <grpc/support/port_platform.h>
+
+#include <grpc/grpc.h>
+
+#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h"
+#include "src/core/tsi/alts_transport_security.h"
+#include "src/core/tsi/transport_security.h"
+#include "src/core/tsi/transport_security_interface.h"
+
+#define TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY "service_accont"
+#define TSI_ALTS_CERTIFICATE_TYPE "ALTS"
+#define TSI_ALTS_RPC_VERSIONS "rpc_versions"
+
+const size_t kTsiAltsNumOfPeerProperties = 3;
+
+/**
+ * Main struct for ALTS TSI handshaker. All APIs in the header are
+ * thread-comptabile.
+ */
+typedef struct alts_tsi_handshaker alts_tsi_handshaker;
+
+/**
+ * This method creates a ALTS TSI handshaker instance.
+ *
+ * - options: ALTS credentials options containing information passed from TSI
+ * caller (e.g., rpc protocol versions).
+ * - target_name: the name of the endpoint that the channel is connecting to,
+ * and will be used for secure naming check.
+ * - handshaker_service_url: address of ALTS handshaker service in the format of
+ * "host:port".
+ * - is_client: boolean value indicating if the handshaker is used at the client
+ * (is_client = true) or server (is_client = false) side.
+ * - self: address of ALTS TSI handshaker instance to be returned from the
+ * method.
+ *
+ * It returns TSI_OK on success and an error status code on failure.
+ */
+tsi_result alts_tsi_handshaker_create(
+ const grpc_alts_credentials_options* options, const char* target_name,
+ const char* handshaker_service_url, bool is_client, tsi_handshaker** self);
+
+/**
+ * This method handles handshaker response returned from ALTS handshaker
+ * service.
+ *
+ * - handshaker: ALTS TSI handshaker instance.
+ * - recv_buffer: buffer holding data received from the handshaker service.
+ * - status: status of the grpc call made to the handshaker service.
+ * - details: error details of the grpc call made to the handshaker service.
+ * - cb: callback function of ALTS TSI event.
+ * - user_data: argument of callback function.
+ * - is_ok: a boolean value indicating if the handshaker response is ok to read.
+ *
+ */
+void alts_tsi_handshaker_handle_response(alts_tsi_handshaker* handshaker,
+ grpc_byte_buffer* recv_buffer,
+ grpc_status_code status,
+ grpc_slice* details,
+ tsi_handshaker_on_next_done_cb cb,
+ void* user_data, bool is_ok);
+
+#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_H */
diff --git a/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h b/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h
new file mode 100644
index 0000000..9b7b9bb
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h
@@ -0,0 +1,52 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_PRIVATE_H
+#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_PRIVATE_H
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h"
+
+namespace grpc_core {
+namespace internal {
+
+/**
+ * Unsafe, use for testing only. It allows the caller to change the way the
+ * ALTS TSI handshaker schedules handshaker requests.
+ */
+void alts_tsi_handshaker_set_client_for_testing(alts_tsi_handshaker* handshaker,
+ alts_handshaker_client* client);
+
+/* For testing only. */
+bool alts_tsi_handshaker_get_has_sent_start_message_for_testing(
+ alts_tsi_handshaker* handshaker);
+
+bool alts_tsi_handshaker_get_is_client_for_testing(
+ alts_tsi_handshaker* handshaker);
+
+void alts_tsi_handshaker_set_recv_bytes_for_testing(
+ alts_tsi_handshaker* handshaker, grpc_slice* slice);
+
+grpc_slice alts_tsi_handshaker_get_recv_bytes_for_testing(
+ alts_tsi_handshaker* handshaker);
+
+} // namespace internal
+} // namespace grpc_core
+
+#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_PRIVATE_H */
diff --git a/src/core/tsi/alts/handshaker/alts_tsi_utils.cc b/src/core/tsi/alts/handshaker/alts_tsi_utils.cc
new file mode 100644
index 0000000..d9b5e6c
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_tsi_utils.cc
@@ -0,0 +1,58 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/handshaker/alts_tsi_utils.h"
+
+#include <grpc/byte_buffer_reader.h>
+
+tsi_result alts_tsi_utils_convert_to_tsi_result(grpc_status_code code) {
+ switch (code) {
+ case GRPC_STATUS_OK:
+ return TSI_OK;
+ case GRPC_STATUS_UNKNOWN:
+ return TSI_UNKNOWN_ERROR;
+ case GRPC_STATUS_INVALID_ARGUMENT:
+ return TSI_INVALID_ARGUMENT;
+ case GRPC_STATUS_NOT_FOUND:
+ return TSI_NOT_FOUND;
+ case GRPC_STATUS_INTERNAL:
+ return TSI_INTERNAL_ERROR;
+ default:
+ return TSI_UNKNOWN_ERROR;
+ }
+}
+
+grpc_gcp_handshaker_resp* alts_tsi_utils_deserialize_response(
+ grpc_byte_buffer* resp_buffer) {
+ GPR_ASSERT(resp_buffer != nullptr);
+ grpc_byte_buffer_reader bbr;
+ grpc_byte_buffer_reader_init(&bbr, resp_buffer);
+ grpc_slice slice = grpc_byte_buffer_reader_readall(&bbr);
+ grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create();
+ bool ok = grpc_gcp_handshaker_resp_decode(slice, resp);
+ grpc_slice_unref(slice);
+ grpc_byte_buffer_reader_destroy(&bbr);
+ if (!ok) {
+ grpc_gcp_handshaker_resp_destroy(resp);
+ gpr_log(GPR_ERROR, "grpc_gcp_handshaker_resp_decode() failed");
+ return nullptr;
+ }
+ return resp;
+}
diff --git a/src/core/tsi/alts/handshaker/alts_tsi_utils.h b/src/core/tsi/alts/handshaker/alts_tsi_utils.h
new file mode 100644
index 0000000..9ef649d
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/alts_tsi_utils.h
@@ -0,0 +1,52 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_UTILS_H
+#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_UTILS_H
+
+#include <grpc/support/port_platform.h>
+
+#include <grpc/byte_buffer.h>
+#include <grpc/grpc.h>
+
+#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h"
+#include "src/core/tsi/transport_security_interface.h"
+
+/**
+ * This method converts grpc_status_code code to the corresponding tsi_result
+ * code.
+ *
+ * - code: grpc_status_code code.
+ *
+ * It returns the converted tsi_result code.
+ */
+tsi_result alts_tsi_utils_convert_to_tsi_result(grpc_status_code code);
+
+/**
+ * This method deserializes a handshaker response returned from ALTS handshaker
+ * service.
+ *
+ * - bytes_received: data returned from ALTS handshaker service.
+ *
+ * It returns a deserialized handshaker response on success and nullptr on
+ * failure.
+ */
+grpc_gcp_handshaker_resp* alts_tsi_utils_deserialize_response(
+ grpc_byte_buffer* resp_buffer);
+
+#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_UTILS_H */
diff --git a/src/core/tsi/alts/handshaker/altscontext.pb.c b/src/core/tsi/alts/handshaker/altscontext.pb.c
new file mode 100644
index 0000000..81a82f5
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/altscontext.pb.c
@@ -0,0 +1,48 @@
+/* Automatically generated nanopb constant definitions */
+/* Generated by nanopb-0.3.7-dev */
+
+#include "src/core/tsi/alts/handshaker/altscontext.pb.h"
+
+/* @@protoc_insertion_point(includes) */
+#if PB_PROTO_HEADER_VERSION != 30
+#error Regenerate this file with the current version of nanopb generator.
+#endif
+
+
+
+const pb_field_t grpc_gcp_AltsContext_fields[7] = {
+ PB_FIELD( 1, STRING , OPTIONAL, CALLBACK, FIRST, grpc_gcp_AltsContext, application_protocol, application_protocol, 0),
+ PB_FIELD( 2, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_AltsContext, record_protocol, application_protocol, 0),
+ PB_FIELD( 3, UENUM , OPTIONAL, STATIC , OTHER, grpc_gcp_AltsContext, security_level, record_protocol, 0),
+ PB_FIELD( 4, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_AltsContext, peer_service_account, security_level, 0),
+ PB_FIELD( 5, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_AltsContext, local_service_account, peer_service_account, 0),
+ PB_FIELD( 6, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_AltsContext, peer_rpc_versions, local_service_account, &grpc_gcp_RpcProtocolVersions_fields),
+ PB_LAST_FIELD
+};
+
+
+/* Check that field information fits in pb_field_t */
+#if !defined(PB_FIELD_32BIT)
+/* If you get an error here, it means that you need to define PB_FIELD_32BIT
+ * compile-time option. You can do that in pb.h or on compiler command line.
+ *
+ * The reason you need to do this is that some of your messages contain tag
+ * numbers or field sizes that are larger than what can fit in 8 or 16 bit
+ * field descriptors.
+ */
+PB_STATIC_ASSERT((pb_membersize(grpc_gcp_AltsContext, peer_rpc_versions) < 65536), YOU_MUST_DEFINE_PB_FIELD_32BIT_FOR_MESSAGES_grpc_gcp_AltsContext)
+#endif
+
+#if !defined(PB_FIELD_16BIT) && !defined(PB_FIELD_32BIT)
+/* If you get an error here, it means that you need to define PB_FIELD_16BIT
+ * compile-time option. You can do that in pb.h or on compiler command line.
+ *
+ * The reason you need to do this is that some of your messages contain tag
+ * numbers or field sizes that are larger than what can fit in the default
+ * 8 bit descriptors.
+ */
+PB_STATIC_ASSERT((pb_membersize(grpc_gcp_AltsContext, peer_rpc_versions) < 256), YOU_MUST_DEFINE_PB_FIELD_16BIT_FOR_MESSAGES_grpc_gcp_AltsContext)
+#endif
+
+
+/* @@protoc_insertion_point(eof) */
diff --git a/src/core/tsi/alts/handshaker/altscontext.pb.h b/src/core/tsi/alts/handshaker/altscontext.pb.h
new file mode 100644
index 0000000..3e72d7f
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/altscontext.pb.h
@@ -0,0 +1,64 @@
+/* Automatically generated nanopb header */
+/* Generated by nanopb-0.3.7-dev */
+
+#ifndef PB_GRPC_GCP_ALTSCONTEXT_PB_H_INCLUDED
+#define PB_GRPC_GCP_ALTSCONTEXT_PB_H_INCLUDED
+#include "third_party/nanopb/pb.h"
+#include "src/core/tsi/alts/handshaker/transport_security_common.pb.h"
+
+/* @@protoc_insertion_point(includes) */
+#if PB_PROTO_HEADER_VERSION != 30
+#error Regenerate this file with the current version of nanopb generator.
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Struct definitions */
+typedef struct _grpc_gcp_AltsContext {
+ pb_callback_t application_protocol;
+ pb_callback_t record_protocol;
+ bool has_security_level;
+ grpc_gcp_SecurityLevel security_level;
+ pb_callback_t peer_service_account;
+ pb_callback_t local_service_account;
+ bool has_peer_rpc_versions;
+ grpc_gcp_RpcProtocolVersions peer_rpc_versions;
+/* @@protoc_insertion_point(struct:grpc_gcp_AltsContext) */
+} grpc_gcp_AltsContext;
+
+/* Default values for struct fields */
+
+/* Initializer values for message structs */
+#define grpc_gcp_AltsContext_init_default {{{NULL}, NULL}, {{NULL}, NULL}, false, (grpc_gcp_SecurityLevel)0, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_RpcProtocolVersions_init_default}
+#define grpc_gcp_AltsContext_init_zero {{{NULL}, NULL}, {{NULL}, NULL}, false, (grpc_gcp_SecurityLevel)0, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_RpcProtocolVersions_init_zero}
+
+/* Field tags (for use in manual encoding/decoding) */
+#define grpc_gcp_AltsContext_application_protocol_tag 1
+#define grpc_gcp_AltsContext_record_protocol_tag 2
+#define grpc_gcp_AltsContext_security_level_tag 3
+#define grpc_gcp_AltsContext_peer_service_account_tag 4
+#define grpc_gcp_AltsContext_local_service_account_tag 5
+#define grpc_gcp_AltsContext_peer_rpc_versions_tag 6
+
+/* Struct field encoding specification for nanopb */
+extern const pb_field_t grpc_gcp_AltsContext_fields[7];
+
+/* Maximum encoded size of messages (where known) */
+/* grpc_gcp_AltsContext_size depends on runtime parameters */
+
+/* Message IDs (where set with "msgid" option) */
+#ifdef PB_MSGID
+
+#define ALTSCONTEXT_MESSAGES \
+
+
+#endif
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+/* @@protoc_insertion_point(eof) */
+
+#endif
diff --git a/src/core/tsi/alts/handshaker/handshaker.pb.c b/src/core/tsi/alts/handshaker/handshaker.pb.c
new file mode 100644
index 0000000..bd992df
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/handshaker.pb.c
@@ -0,0 +1,123 @@
+/* Automatically generated nanopb constant definitions */
+/* Generated by nanopb-0.3.7-dev */
+
+#include "src/core/tsi/alts/handshaker/handshaker.pb.h"
+
+/* @@protoc_insertion_point(includes) */
+#if PB_PROTO_HEADER_VERSION != 30
+#error Regenerate this file with the current version of nanopb generator.
+#endif
+
+
+
+const pb_field_t grpc_gcp_Endpoint_fields[4] = {
+ PB_FIELD( 1, STRING , OPTIONAL, CALLBACK, FIRST, grpc_gcp_Endpoint, ip_address, ip_address, 0),
+ PB_FIELD( 2, INT32 , OPTIONAL, STATIC , OTHER, grpc_gcp_Endpoint, port, ip_address, 0),
+ PB_FIELD( 3, UENUM , OPTIONAL, STATIC , OTHER, grpc_gcp_Endpoint, protocol, port, 0),
+ PB_LAST_FIELD
+};
+
+const pb_field_t grpc_gcp_Identity_fields[3] = {
+ PB_FIELD( 1, STRING , OPTIONAL, CALLBACK, FIRST, grpc_gcp_Identity, service_account, service_account, 0),
+ PB_FIELD( 2, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_Identity, hostname, service_account, 0),
+ PB_LAST_FIELD
+};
+
+const pb_field_t grpc_gcp_StartClientHandshakeReq_fields[10] = {
+ PB_FIELD( 1, UENUM , OPTIONAL, STATIC , FIRST, grpc_gcp_StartClientHandshakeReq, handshake_security_protocol, handshake_security_protocol, 0),
+ PB_FIELD( 2, STRING , REPEATED, CALLBACK, OTHER, grpc_gcp_StartClientHandshakeReq, application_protocols, handshake_security_protocol, 0),
+ PB_FIELD( 3, STRING , REPEATED, CALLBACK, OTHER, grpc_gcp_StartClientHandshakeReq, record_protocols, application_protocols, 0),
+ PB_FIELD( 4, MESSAGE , REPEATED, CALLBACK, OTHER, grpc_gcp_StartClientHandshakeReq, target_identities, record_protocols, &grpc_gcp_Identity_fields),
+ PB_FIELD( 5, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartClientHandshakeReq, local_identity, target_identities, &grpc_gcp_Identity_fields),
+ PB_FIELD( 6, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartClientHandshakeReq, local_endpoint, local_identity, &grpc_gcp_Endpoint_fields),
+ PB_FIELD( 7, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartClientHandshakeReq, remote_endpoint, local_endpoint, &grpc_gcp_Endpoint_fields),
+ PB_FIELD( 8, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_StartClientHandshakeReq, target_name, remote_endpoint, 0),
+ PB_FIELD( 9, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartClientHandshakeReq, rpc_versions, target_name, &grpc_gcp_RpcProtocolVersions_fields),
+ PB_LAST_FIELD
+};
+
+const pb_field_t grpc_gcp_ServerHandshakeParameters_fields[3] = {
+ PB_FIELD( 1, STRING , REPEATED, CALLBACK, FIRST, grpc_gcp_ServerHandshakeParameters, record_protocols, record_protocols, 0),
+ PB_FIELD( 2, MESSAGE , REPEATED, CALLBACK, OTHER, grpc_gcp_ServerHandshakeParameters, local_identities, record_protocols, &grpc_gcp_Identity_fields),
+ PB_LAST_FIELD
+};
+
+const pb_field_t grpc_gcp_StartServerHandshakeReq_fields[7] = {
+ PB_FIELD( 1, STRING , REPEATED, CALLBACK, FIRST, grpc_gcp_StartServerHandshakeReq, application_protocols, application_protocols, 0),
+ PB_FIELD( 2, MESSAGE , REPEATED, STATIC , OTHER, grpc_gcp_StartServerHandshakeReq, handshake_parameters, application_protocols, &grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_fields),
+ PB_FIELD( 3, BYTES , OPTIONAL, CALLBACK, OTHER, grpc_gcp_StartServerHandshakeReq, in_bytes, handshake_parameters, 0),
+ PB_FIELD( 4, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartServerHandshakeReq, local_endpoint, in_bytes, &grpc_gcp_Endpoint_fields),
+ PB_FIELD( 5, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartServerHandshakeReq, remote_endpoint, local_endpoint, &grpc_gcp_Endpoint_fields),
+ PB_FIELD( 6, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartServerHandshakeReq, rpc_versions, remote_endpoint, &grpc_gcp_RpcProtocolVersions_fields),
+ PB_LAST_FIELD
+};
+
+const pb_field_t grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_fields[3] = {
+ PB_FIELD( 1, INT32 , OPTIONAL, STATIC , FIRST, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry, key, key, 0),
+ PB_FIELD( 2, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry, value, key, &grpc_gcp_ServerHandshakeParameters_fields),
+ PB_LAST_FIELD
+};
+
+const pb_field_t grpc_gcp_NextHandshakeMessageReq_fields[2] = {
+ PB_FIELD( 1, BYTES , OPTIONAL, CALLBACK, FIRST, grpc_gcp_NextHandshakeMessageReq, in_bytes, in_bytes, 0),
+ PB_LAST_FIELD
+};
+
+const pb_field_t grpc_gcp_HandshakerReq_fields[4] = {
+ PB_FIELD( 1, MESSAGE , OPTIONAL, STATIC , FIRST, grpc_gcp_HandshakerReq, client_start, client_start, &grpc_gcp_StartClientHandshakeReq_fields),
+ PB_FIELD( 2, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerReq, server_start, client_start, &grpc_gcp_StartServerHandshakeReq_fields),
+ PB_FIELD( 3, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerReq, next, server_start, &grpc_gcp_NextHandshakeMessageReq_fields),
+ PB_LAST_FIELD
+};
+
+const pb_field_t grpc_gcp_HandshakerResult_fields[8] = {
+ PB_FIELD( 1, STRING , OPTIONAL, CALLBACK, FIRST, grpc_gcp_HandshakerResult, application_protocol, application_protocol, 0),
+ PB_FIELD( 2, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_HandshakerResult, record_protocol, application_protocol, 0),
+ PB_FIELD( 3, BYTES , OPTIONAL, CALLBACK, OTHER, grpc_gcp_HandshakerResult, key_data, record_protocol, 0),
+ PB_FIELD( 4, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResult, peer_identity, key_data, &grpc_gcp_Identity_fields),
+ PB_FIELD( 5, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResult, local_identity, peer_identity, &grpc_gcp_Identity_fields),
+ PB_FIELD( 6, BOOL , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResult, keep_channel_open, local_identity, 0),
+ PB_FIELD( 7, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResult, peer_rpc_versions, keep_channel_open, &grpc_gcp_RpcProtocolVersions_fields),
+ PB_LAST_FIELD
+};
+
+const pb_field_t grpc_gcp_HandshakerStatus_fields[3] = {
+ PB_FIELD( 1, UINT32 , OPTIONAL, STATIC , FIRST, grpc_gcp_HandshakerStatus, code, code, 0),
+ PB_FIELD( 2, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_HandshakerStatus, details, code, 0),
+ PB_LAST_FIELD
+};
+
+const pb_field_t grpc_gcp_HandshakerResp_fields[5] = {
+ PB_FIELD( 1, BYTES , OPTIONAL, CALLBACK, FIRST, grpc_gcp_HandshakerResp, out_frames, out_frames, 0),
+ PB_FIELD( 2, UINT32 , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResp, bytes_consumed, out_frames, 0),
+ PB_FIELD( 3, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResp, result, bytes_consumed, &grpc_gcp_HandshakerResult_fields),
+ PB_FIELD( 4, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResp, status, result, &grpc_gcp_HandshakerStatus_fields),
+ PB_LAST_FIELD
+};
+
+
+/* Check that field information fits in pb_field_t */
+#if !defined(PB_FIELD_32BIT)
+/* If you get an error here, it means that you need to define PB_FIELD_32BIT
+ * compile-time option. You can do that in pb.h or on compiler command line.
+ *
+ * The reason you need to do this is that some of your messages contain tag
+ * numbers or field sizes that are larger than what can fit in 8 or 16 bit
+ * field descriptors.
+ */
+PB_STATIC_ASSERT((pb_membersize(grpc_gcp_StartClientHandshakeReq, target_identities) < 65536 && pb_membersize(grpc_gcp_StartClientHandshakeReq, local_identity) < 65536 && pb_membersize(grpc_gcp_StartClientHandshakeReq, local_endpoint) < 65536 && pb_membersize(grpc_gcp_StartClientHandshakeReq, remote_endpoint) < 65536 && pb_membersize(grpc_gcp_StartClientHandshakeReq, rpc_versions) < 65536 && pb_membersize(grpc_gcp_ServerHandshakeParameters, local_identities) < 65536 && pb_membersize(grpc_gcp_StartServerHandshakeReq, handshake_parameters[0]) < 65536 && pb_membersize(grpc_gcp_StartServerHandshakeReq, local_endpoint) < 65536 && pb_membersize(grpc_gcp_StartServerHandshakeReq, remote_endpoint) < 65536 && pb_membersize(grpc_gcp_StartServerHandshakeReq, rpc_versions) < 65536 && pb_membersize(grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry, value) < 65536 && pb_membersize(grpc_gcp_HandshakerReq, client_start) < 65536 && pb_membersize(grpc_gcp_HandshakerReq, server_start) < 65536 && pb_membersize(grpc_gcp_HandshakerReq, next) < 65536 && pb_membersize(grpc_gcp_HandshakerResult, peer_identity) < 65536 && pb_membersize(grpc_gcp_HandshakerResult, local_identity) < 65536 && pb_membersize(grpc_gcp_HandshakerResult, peer_rpc_versions) < 65536 && pb_membersize(grpc_gcp_HandshakerResp, result) < 65536 && pb_membersize(grpc_gcp_HandshakerResp, status) < 65536), YOU_MUST_DEFINE_PB_FIELD_32BIT_FOR_MESSAGES_grpc_gcp_Endpoint_grpc_gcp_Identity_grpc_gcp_StartClientHandshakeReq_grpc_gcp_ServerHandshakeParameters_grpc_gcp_StartServerHandshakeReq_grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_grpc_gcp_NextHandshakeMessageReq_grpc_gcp_HandshakerReq_grpc_gcp_HandshakerResult_grpc_gcp_HandshakerStatus_grpc_gcp_HandshakerResp)
+#endif
+
+#if !defined(PB_FIELD_16BIT) && !defined(PB_FIELD_32BIT)
+/* If you get an error here, it means that you need to define PB_FIELD_16BIT
+ * compile-time option. You can do that in pb.h or on compiler command line.
+ *
+ * The reason you need to do this is that some of your messages contain tag
+ * numbers or field sizes that are larger than what can fit in the default
+ * 8 bit descriptors.
+ */
+PB_STATIC_ASSERT((pb_membersize(grpc_gcp_StartClientHandshakeReq, target_identities) < 256 && pb_membersize(grpc_gcp_StartClientHandshakeReq, local_identity) < 256 && pb_membersize(grpc_gcp_StartClientHandshakeReq, local_endpoint) < 256 && pb_membersize(grpc_gcp_StartClientHandshakeReq, remote_endpoint) < 256 && pb_membersize(grpc_gcp_StartClientHandshakeReq, rpc_versions) < 256 && pb_membersize(grpc_gcp_ServerHandshakeParameters, local_identities) < 256 && pb_membersize(grpc_gcp_StartServerHandshakeReq, handshake_parameters[0]) < 256 && pb_membersize(grpc_gcp_StartServerHandshakeReq, local_endpoint) < 256 && pb_membersize(grpc_gcp_StartServerHandshakeReq, remote_endpoint) < 256 && pb_membersize(grpc_gcp_StartServerHandshakeReq, rpc_versions) < 256 && pb_membersize(grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry, value) < 256 && pb_membersize(grpc_gcp_HandshakerReq, client_start) < 256 && pb_membersize(grpc_gcp_HandshakerReq, server_start) < 256 && pb_membersize(grpc_gcp_HandshakerReq, next) < 256 && pb_membersize(grpc_gcp_HandshakerResult, peer_identity) < 256 && pb_membersize(grpc_gcp_HandshakerResult, local_identity) < 256 && pb_membersize(grpc_gcp_HandshakerResult, peer_rpc_versions) < 256 && pb_membersize(grpc_gcp_HandshakerResp, result) < 256 && pb_membersize(grpc_gcp_HandshakerResp, status) < 256), YOU_MUST_DEFINE_PB_FIELD_16BIT_FOR_MESSAGES_grpc_gcp_Endpoint_grpc_gcp_Identity_grpc_gcp_StartClientHandshakeReq_grpc_gcp_ServerHandshakeParameters_grpc_gcp_StartServerHandshakeReq_grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_grpc_gcp_NextHandshakeMessageReq_grpc_gcp_HandshakerReq_grpc_gcp_HandshakerResult_grpc_gcp_HandshakerStatus_grpc_gcp_HandshakerResp)
+#endif
+
+
+/* @@protoc_insertion_point(eof) */
diff --git a/src/core/tsi/alts/handshaker/handshaker.pb.h b/src/core/tsi/alts/handshaker/handshaker.pb.h
new file mode 100644
index 0000000..0805a14
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/handshaker.pb.h
@@ -0,0 +1,255 @@
+/* Automatically generated nanopb header */
+/* Generated by nanopb-0.3.7-dev */
+
+#ifndef PB_GRPC_GCP_HANDSHAKER_PB_H_INCLUDED
+#define PB_GRPC_GCP_HANDSHAKER_PB_H_INCLUDED
+#include "third_party/nanopb/pb.h"
+#include "src/core/tsi/alts/handshaker/transport_security_common.pb.h"
+
+/* @@protoc_insertion_point(includes) */
+#if PB_PROTO_HEADER_VERSION != 30
+#error Regenerate this file with the current version of nanopb generator.
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Enum definitions */
+typedef enum _grpc_gcp_HandshakeProtocol {
+ grpc_gcp_HandshakeProtocol_HANDSHAKE_PROTOCOL_UNSPECIFIED = 0,
+ grpc_gcp_HandshakeProtocol_TLS = 1,
+ grpc_gcp_HandshakeProtocol_ALTS = 2
+} grpc_gcp_HandshakeProtocol;
+#define _grpc_gcp_HandshakeProtocol_MIN grpc_gcp_HandshakeProtocol_HANDSHAKE_PROTOCOL_UNSPECIFIED
+#define _grpc_gcp_HandshakeProtocol_MAX grpc_gcp_HandshakeProtocol_ALTS
+#define _grpc_gcp_HandshakeProtocol_ARRAYSIZE ((grpc_gcp_HandshakeProtocol)(grpc_gcp_HandshakeProtocol_ALTS+1))
+
+typedef enum _grpc_gcp_NetworkProtocol {
+ grpc_gcp_NetworkProtocol_NETWORK_PROTOCOL_UNSPECIFIED = 0,
+ grpc_gcp_NetworkProtocol_TCP = 1,
+ grpc_gcp_NetworkProtocol_UDP = 2
+} grpc_gcp_NetworkProtocol;
+#define _grpc_gcp_NetworkProtocol_MIN grpc_gcp_NetworkProtocol_NETWORK_PROTOCOL_UNSPECIFIED
+#define _grpc_gcp_NetworkProtocol_MAX grpc_gcp_NetworkProtocol_UDP
+#define _grpc_gcp_NetworkProtocol_ARRAYSIZE ((grpc_gcp_NetworkProtocol)(grpc_gcp_NetworkProtocol_UDP+1))
+
+/* Struct definitions */
+typedef struct _grpc_gcp_Identity {
+ pb_callback_t service_account;
+ pb_callback_t hostname;
+/* @@protoc_insertion_point(struct:grpc_gcp_Identity) */
+} grpc_gcp_Identity;
+
+typedef struct _grpc_gcp_NextHandshakeMessageReq {
+ pb_callback_t in_bytes;
+/* @@protoc_insertion_point(struct:grpc_gcp_NextHandshakeMessageReq) */
+} grpc_gcp_NextHandshakeMessageReq;
+
+typedef struct _grpc_gcp_ServerHandshakeParameters {
+ pb_callback_t record_protocols;
+ pb_callback_t local_identities;
+/* @@protoc_insertion_point(struct:grpc_gcp_ServerHandshakeParameters) */
+} grpc_gcp_ServerHandshakeParameters;
+
+typedef struct _grpc_gcp_Endpoint {
+ pb_callback_t ip_address;
+ bool has_port;
+ int32_t port;
+ bool has_protocol;
+ grpc_gcp_NetworkProtocol protocol;
+/* @@protoc_insertion_point(struct:grpc_gcp_Endpoint) */
+} grpc_gcp_Endpoint;
+
+typedef struct _grpc_gcp_HandshakerResult {
+ pb_callback_t application_protocol;
+ pb_callback_t record_protocol;
+ pb_callback_t key_data;
+ bool has_peer_identity;
+ grpc_gcp_Identity peer_identity;
+ bool has_local_identity;
+ grpc_gcp_Identity local_identity;
+ bool has_keep_channel_open;
+ bool keep_channel_open;
+ bool has_peer_rpc_versions;
+ grpc_gcp_RpcProtocolVersions peer_rpc_versions;
+/* @@protoc_insertion_point(struct:grpc_gcp_HandshakerResult) */
+} grpc_gcp_HandshakerResult;
+
+typedef struct _grpc_gcp_HandshakerStatus {
+ bool has_code;
+ uint32_t code;
+ pb_callback_t details;
+/* @@protoc_insertion_point(struct:grpc_gcp_HandshakerStatus) */
+} grpc_gcp_HandshakerStatus;
+
+typedef struct _grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry {
+ bool has_key;
+ int32_t key;
+ bool has_value;
+ grpc_gcp_ServerHandshakeParameters value;
+/* @@protoc_insertion_point(struct:grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry) */
+} grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry;
+
+typedef struct _grpc_gcp_HandshakerResp {
+ pb_callback_t out_frames;
+ bool has_bytes_consumed;
+ uint32_t bytes_consumed;
+ bool has_result;
+ grpc_gcp_HandshakerResult result;
+ bool has_status;
+ grpc_gcp_HandshakerStatus status;
+/* @@protoc_insertion_point(struct:grpc_gcp_HandshakerResp) */
+} grpc_gcp_HandshakerResp;
+
+typedef struct _grpc_gcp_StartClientHandshakeReq {
+ bool has_handshake_security_protocol;
+ grpc_gcp_HandshakeProtocol handshake_security_protocol;
+ pb_callback_t application_protocols;
+ pb_callback_t record_protocols;
+ pb_callback_t target_identities;
+ bool has_local_identity;
+ grpc_gcp_Identity local_identity;
+ bool has_local_endpoint;
+ grpc_gcp_Endpoint local_endpoint;
+ bool has_remote_endpoint;
+ grpc_gcp_Endpoint remote_endpoint;
+ pb_callback_t target_name;
+ bool has_rpc_versions;
+ grpc_gcp_RpcProtocolVersions rpc_versions;
+/* @@protoc_insertion_point(struct:grpc_gcp_StartClientHandshakeReq) */
+} grpc_gcp_StartClientHandshakeReq;
+
+typedef struct _grpc_gcp_StartServerHandshakeReq {
+ pb_callback_t application_protocols;
+ pb_size_t handshake_parameters_count;
+ grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry handshake_parameters[3];
+ pb_callback_t in_bytes;
+ bool has_local_endpoint;
+ grpc_gcp_Endpoint local_endpoint;
+ bool has_remote_endpoint;
+ grpc_gcp_Endpoint remote_endpoint;
+ bool has_rpc_versions;
+ grpc_gcp_RpcProtocolVersions rpc_versions;
+/* @@protoc_insertion_point(struct:grpc_gcp_StartServerHandshakeReq) */
+} grpc_gcp_StartServerHandshakeReq;
+
+typedef struct _grpc_gcp_HandshakerReq {
+ bool has_client_start;
+ grpc_gcp_StartClientHandshakeReq client_start;
+ bool has_server_start;
+ grpc_gcp_StartServerHandshakeReq server_start;
+ bool has_next;
+ grpc_gcp_NextHandshakeMessageReq next;
+/* @@protoc_insertion_point(struct:grpc_gcp_HandshakerReq) */
+} grpc_gcp_HandshakerReq;
+
+/* Default values for struct fields */
+
+/* Initializer values for message structs */
+#define grpc_gcp_Endpoint_init_default {{{NULL}, NULL}, false, 0, false, (grpc_gcp_NetworkProtocol)0}
+#define grpc_gcp_Identity_init_default {{{NULL}, NULL}, {{NULL}, NULL}}
+#define grpc_gcp_StartClientHandshakeReq_init_default {false, (grpc_gcp_HandshakeProtocol)0, {{NULL}, NULL}, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_Identity_init_default, false, grpc_gcp_Endpoint_init_default, false, grpc_gcp_Endpoint_init_default, {{NULL}, NULL}, false, grpc_gcp_RpcProtocolVersions_init_default}
+#define grpc_gcp_ServerHandshakeParameters_init_default {{{NULL}, NULL}, {{NULL}, NULL}}
+#define grpc_gcp_StartServerHandshakeReq_init_default {{{NULL}, NULL}, 0, {grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_default, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_default, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_default}, {{NULL}, NULL}, false, grpc_gcp_Endpoint_init_default, false, grpc_gcp_Endpoint_init_default, false, grpc_gcp_RpcProtocolVersions_init_default}
+#define grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_default {false, 0, false, grpc_gcp_ServerHandshakeParameters_init_default}
+#define grpc_gcp_NextHandshakeMessageReq_init_default {{{NULL}, NULL}}
+#define grpc_gcp_HandshakerReq_init_default {false, grpc_gcp_StartClientHandshakeReq_init_default, false, grpc_gcp_StartServerHandshakeReq_init_default, false, grpc_gcp_NextHandshakeMessageReq_init_default}
+#define grpc_gcp_HandshakerResult_init_default {{{NULL}, NULL}, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_Identity_init_default, false, grpc_gcp_Identity_init_default, false, 0, false, grpc_gcp_RpcProtocolVersions_init_default}
+#define grpc_gcp_HandshakerStatus_init_default {false, 0, {{NULL}, NULL}}
+#define grpc_gcp_HandshakerResp_init_default {{{NULL}, NULL}, false, 0, false, grpc_gcp_HandshakerResult_init_default, false, grpc_gcp_HandshakerStatus_init_default}
+#define grpc_gcp_Endpoint_init_zero {{{NULL}, NULL}, false, 0, false, (grpc_gcp_NetworkProtocol)0}
+#define grpc_gcp_Identity_init_zero {{{NULL}, NULL}, {{NULL}, NULL}}
+#define grpc_gcp_StartClientHandshakeReq_init_zero {false, (grpc_gcp_HandshakeProtocol)0, {{NULL}, NULL}, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_Identity_init_zero, false, grpc_gcp_Endpoint_init_zero, false, grpc_gcp_Endpoint_init_zero, {{NULL}, NULL}, false, grpc_gcp_RpcProtocolVersions_init_zero}
+#define grpc_gcp_ServerHandshakeParameters_init_zero {{{NULL}, NULL}, {{NULL}, NULL}}
+#define grpc_gcp_StartServerHandshakeReq_init_zero {{{NULL}, NULL}, 0, {grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_zero, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_zero, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_zero}, {{NULL}, NULL}, false, grpc_gcp_Endpoint_init_zero, false, grpc_gcp_Endpoint_init_zero, false, grpc_gcp_RpcProtocolVersions_init_zero}
+#define grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_zero {false, 0, false, grpc_gcp_ServerHandshakeParameters_init_zero}
+#define grpc_gcp_NextHandshakeMessageReq_init_zero {{{NULL}, NULL}}
+#define grpc_gcp_HandshakerReq_init_zero {false, grpc_gcp_StartClientHandshakeReq_init_zero, false, grpc_gcp_StartServerHandshakeReq_init_zero, false, grpc_gcp_NextHandshakeMessageReq_init_zero}
+#define grpc_gcp_HandshakerResult_init_zero {{{NULL}, NULL}, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_Identity_init_zero, false, grpc_gcp_Identity_init_zero, false, 0, false, grpc_gcp_RpcProtocolVersions_init_zero}
+#define grpc_gcp_HandshakerStatus_init_zero {false, 0, {{NULL}, NULL}}
+#define grpc_gcp_HandshakerResp_init_zero {{{NULL}, NULL}, false, 0, false, grpc_gcp_HandshakerResult_init_zero, false, grpc_gcp_HandshakerStatus_init_zero}
+
+/* Field tags (for use in manual encoding/decoding) */
+#define grpc_gcp_Identity_service_account_tag 1
+#define grpc_gcp_Identity_hostname_tag 2
+#define grpc_gcp_NextHandshakeMessageReq_in_bytes_tag 1
+#define grpc_gcp_ServerHandshakeParameters_record_protocols_tag 1
+#define grpc_gcp_ServerHandshakeParameters_local_identities_tag 2
+#define grpc_gcp_Endpoint_ip_address_tag 1
+#define grpc_gcp_Endpoint_port_tag 2
+#define grpc_gcp_Endpoint_protocol_tag 3
+#define grpc_gcp_HandshakerResult_application_protocol_tag 1
+#define grpc_gcp_HandshakerResult_record_protocol_tag 2
+#define grpc_gcp_HandshakerResult_key_data_tag 3
+#define grpc_gcp_HandshakerResult_peer_identity_tag 4
+#define grpc_gcp_HandshakerResult_local_identity_tag 5
+#define grpc_gcp_HandshakerResult_keep_channel_open_tag 6
+#define grpc_gcp_HandshakerResult_peer_rpc_versions_tag 7
+#define grpc_gcp_HandshakerStatus_code_tag 1
+#define grpc_gcp_HandshakerStatus_details_tag 2
+#define grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_key_tag 1
+#define grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_value_tag 2
+#define grpc_gcp_HandshakerResp_out_frames_tag 1
+#define grpc_gcp_HandshakerResp_bytes_consumed_tag 2
+#define grpc_gcp_HandshakerResp_result_tag 3
+#define grpc_gcp_HandshakerResp_status_tag 4
+#define grpc_gcp_StartClientHandshakeReq_handshake_security_protocol_tag 1
+#define grpc_gcp_StartClientHandshakeReq_application_protocols_tag 2
+#define grpc_gcp_StartClientHandshakeReq_record_protocols_tag 3
+#define grpc_gcp_StartClientHandshakeReq_target_identities_tag 4
+#define grpc_gcp_StartClientHandshakeReq_local_identity_tag 5
+#define grpc_gcp_StartClientHandshakeReq_local_endpoint_tag 6
+#define grpc_gcp_StartClientHandshakeReq_remote_endpoint_tag 7
+#define grpc_gcp_StartClientHandshakeReq_target_name_tag 8
+#define grpc_gcp_StartClientHandshakeReq_rpc_versions_tag 9
+#define grpc_gcp_StartServerHandshakeReq_application_protocols_tag 1
+#define grpc_gcp_StartServerHandshakeReq_handshake_parameters_tag 2
+#define grpc_gcp_StartServerHandshakeReq_in_bytes_tag 3
+#define grpc_gcp_StartServerHandshakeReq_local_endpoint_tag 4
+#define grpc_gcp_StartServerHandshakeReq_remote_endpoint_tag 5
+#define grpc_gcp_StartServerHandshakeReq_rpc_versions_tag 6
+#define grpc_gcp_HandshakerReq_client_start_tag 1
+#define grpc_gcp_HandshakerReq_server_start_tag 2
+#define grpc_gcp_HandshakerReq_next_tag 3
+
+/* Struct field encoding specification for nanopb */
+extern const pb_field_t grpc_gcp_Endpoint_fields[4];
+extern const pb_field_t grpc_gcp_Identity_fields[3];
+extern const pb_field_t grpc_gcp_StartClientHandshakeReq_fields[10];
+extern const pb_field_t grpc_gcp_ServerHandshakeParameters_fields[3];
+extern const pb_field_t grpc_gcp_StartServerHandshakeReq_fields[7];
+extern const pb_field_t grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_fields[3];
+extern const pb_field_t grpc_gcp_NextHandshakeMessageReq_fields[2];
+extern const pb_field_t grpc_gcp_HandshakerReq_fields[4];
+extern const pb_field_t grpc_gcp_HandshakerResult_fields[8];
+extern const pb_field_t grpc_gcp_HandshakerStatus_fields[3];
+extern const pb_field_t grpc_gcp_HandshakerResp_fields[5];
+
+/* Maximum encoded size of messages (where known) */
+/* grpc_gcp_Endpoint_size depends on runtime parameters */
+/* grpc_gcp_Identity_size depends on runtime parameters */
+/* grpc_gcp_StartClientHandshakeReq_size depends on runtime parameters */
+/* grpc_gcp_ServerHandshakeParameters_size depends on runtime parameters */
+/* grpc_gcp_StartServerHandshakeReq_size depends on runtime parameters */
+#define grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_size (17 + grpc_gcp_ServerHandshakeParameters_size)
+/* grpc_gcp_NextHandshakeMessageReq_size depends on runtime parameters */
+#define grpc_gcp_HandshakerReq_size (18 + grpc_gcp_StartClientHandshakeReq_size + grpc_gcp_StartServerHandshakeReq_size + grpc_gcp_NextHandshakeMessageReq_size)
+/* grpc_gcp_HandshakerResult_size depends on runtime parameters */
+/* grpc_gcp_HandshakerStatus_size depends on runtime parameters */
+/* grpc_gcp_HandshakerResp_size depends on runtime parameters */
+
+/* Message IDs (where set with "msgid" option) */
+#ifdef PB_MSGID
+
+#define HANDSHAKER_MESSAGES \
+
+
+#endif
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+/* @@protoc_insertion_point(eof) */
+
+#endif
diff --git a/src/core/tsi/alts/handshaker/proto/altscontext.proto b/src/core/tsi/alts/handshaker/proto/altscontext.proto
new file mode 100644
index 0000000..d195b37
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/proto/altscontext.proto
@@ -0,0 +1,41 @@
+// Copyright 2018 gRPC authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+import "transport_security_common.proto";
+
+package grpc.gcp;
+
+option java_package = "io.grpc.alts";
+
+message AltsContext {
+ // The application protocol negotiated for this connection.
+ string application_protocol = 1;
+
+ // The record protocol negotiated for this connection.
+ string record_protocol = 2;
+
+ // The security level of the created secure channel.
+ SecurityLevel security_level = 3;
+
+ // The peer service account.
+ string peer_service_account = 4;
+
+ // The local service account.
+ string local_service_account = 5;
+
+ // The RPC protocol versions supported by the peer.
+ RpcProtocolVersions peer_rpc_versions = 6;
+}
diff --git a/src/core/tsi/alts/handshaker/proto/handshaker.options b/src/core/tsi/alts/handshaker/proto/handshaker.options
new file mode 100644
index 0000000..702ba38
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/proto/handshaker.options
@@ -0,0 +1,2 @@
+handshaker.proto no_unions:true
+grpc.gcp.StartServerHandshakeReq.handshake_parameters max_count:3
diff --git a/src/core/tsi/alts/handshaker/proto/handshaker.proto b/src/core/tsi/alts/handshaker/proto/handshaker.proto
new file mode 100644
index 0000000..46b8b09
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/proto/handshaker.proto
@@ -0,0 +1,220 @@
+// Copyright 2018 gRPC authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+import "transport_security_common.proto";
+
+package grpc.gcp;
+
+option java_package = "io.grpc.alts";
+
+enum HandshakeProtocol {
+ // Default value.
+ HANDSHAKE_PROTOCOL_UNSPECIFIED = 0;
+
+ // TLS handshake protocol.
+ TLS = 1;
+
+ // Application Layer Transport Security handshake protocol.
+ ALTS = 2;
+}
+
+enum NetworkProtocol {
+ NETWORK_PROTOCOL_UNSPECIFIED = 0;
+ TCP = 1;
+ UDP = 2;
+}
+
+message Endpoint {
+ // IP address. It should contain an IPv4 or IPv6 string literal, e.g.
+ // "192.168.0.1" or "2001:db8::1".
+ string ip_address = 1;
+
+ // Port number.
+ int32 port = 2;
+
+ // Network protocol (e.g., TCP, UDP) associated with this endpoint.
+ NetworkProtocol protocol = 3;
+}
+
+message Identity {
+ oneof identity_oneof {
+ // Service account of a connection endpoint.
+ string service_account = 1;
+
+ // Hostname of a connection endpoint.
+ string hostname = 2;
+ }
+}
+
+message StartClientHandshakeReq {
+ // Handshake security protocol requested by the client.
+ HandshakeProtocol handshake_security_protocol = 1;
+
+ // The application protocols supported by the client, e.g., "h2" (for http2),
+ // "grpc".
+ repeated string application_protocols = 2;
+
+ // The record protocols supported by the client, e.g.,
+ // "ALTSRP_GCM_AES128".
+ repeated string record_protocols = 3;
+
+ // (Optional) Describes which server identities are acceptable by the client.
+ // If target identities are provided and none of them matches the peer
+ // identity of the server, handshake will fail.
+ repeated Identity target_identities = 4;
+
+ // (Optional) Application may specify a local identity. Otherwise, the
+ // handshaker chooses a default local identity.
+ Identity local_identity = 5;
+
+ // (Optional) Local endpoint information of the connection to the server,
+ // such as local IP address, port number, and network protocol.
+ Endpoint local_endpoint = 6;
+
+ // (Optional) Endpoint information of the remote server, such as IP address,
+ // port number, and network protocool.
+ Endpoint remote_endpoint = 7;
+
+ // (Optional) If target name is provided, a secure naming check is performed
+ // to verify that the peer authenticated identity is indeed authorized to run
+ // the target name.
+ string target_name = 8;
+
+ // (Optional) RPC protocol versions supported by the client.
+ RpcProtocolVersions rpc_versions = 9;
+}
+
+message ServerHandshakeParameters {
+ // The record protocols supported by the server, e.g.,
+ // "ALTSRP_GCM_AES128".
+ repeated string record_protocols = 1;
+
+ // (Optional) A list of local identities supported by the server, if
+ // specified. Otherwise, the handshaker chooses a default local identity.
+ repeated Identity local_identities = 2;
+}
+
+message StartServerHandshakeReq {
+ // The application protocols supported by the server, e.g., "h2" (for http2),
+ // "grpc".
+ repeated string application_protocols = 1;
+
+ // Handshake parameters (record protocols and local identities supported by
+ // the server) mapped by the handshake protocol. Each handshake security
+ // protocol (e.g., TLS or ALTS) has its own set of record protocols and local
+ // identities. Since protobuf does not support enum as key to the map, the key
+ // to handshake_parameters is the integer value of HandshakeProtocol enum.
+ map<int32, ServerHandshakeParameters> handshake_parameters = 2;
+
+ // Bytes in out_frames returned from the peer's HandshakerResp. It is possible
+ // that the peer's out_frames are split into multiple HandshakReq messages.
+ bytes in_bytes = 3;
+
+ // (Optional) Local endpoint information of the connection to the client,
+ // such as local IP address, port number, and network protocol.
+ Endpoint local_endpoint = 4;
+
+ // (Optional) Endpoint information of the remote client, such as IP address,
+ // port number, and network protocool.
+ Endpoint remote_endpoint = 5;
+
+ // (Optional) RPC protocol versions supported by the server.
+ RpcProtocolVersions rpc_versions = 6;
+}
+
+message NextHandshakeMessageReq {
+ // Bytes in out_frames returned from the peer's HandshakerResp. It is possible
+ // that the peer's out_frames are split into multiple NextHandshakerMessageReq
+ // messages.
+ bytes in_bytes = 1;
+}
+
+message HandshakerReq {
+ oneof req_oneof {
+ // The start client handshake request message.
+ StartClientHandshakeReq client_start = 1;
+
+ // The start server handshake request message.
+ StartServerHandshakeReq server_start = 2;
+
+ // The next handshake request message.
+ NextHandshakeMessageReq next = 3;
+ }
+}
+
+message HandshakerResult {
+ // The application protocol negotiated for this connection.
+ string application_protocol = 1;
+
+ // The record protocol negotiated for this connection.
+ string record_protocol = 2;
+
+ // Cryptographic key data. The key data may be more than the key length
+ // required for the record protocol, thus the client of the handshaker
+ // service needs to truncate the key data into the right key length.
+ bytes key_data = 3;
+
+ // The authenticated identity of the peer.
+ Identity peer_identity = 4;
+
+ // The local identity used in the handshake.
+ Identity local_identity = 5;
+
+ // Indicate whether the handshaker service client should keep the channel
+ // between the handshaker service open, e.g., in order to handle
+ // post-handshake messages in the future.
+ bool keep_channel_open = 6;
+
+ // The RPC protocol versions supported by the peer.
+ RpcProtocolVersions peer_rpc_versions = 7;
+}
+
+message HandshakerStatus {
+ // The status code. This could be the gRPC status code.
+ uint32 code = 1;
+
+ // The status details.
+ string details = 2;
+}
+
+message HandshakerResp {
+ // Frames to be given to the peer for the NextHandshakeMessageReq. May be
+ // empty if no out_frames have to be sent to the peer or if in_bytes in the
+ // HandshakerReq are incomplete. All the non-empty out frames must be sent to
+ // the peer even if the handshaker status is not OK as these frames may
+ // contain the alert frames.
+ bytes out_frames = 1;
+
+ // Number of bytes in the in_bytes consumed by the handshaker. It is possible
+ // that part of in_bytes in HandshakerReq was unrelated to the handshake
+ // process.
+ uint32 bytes_consumed = 2;
+
+ // This is set iff the handshake was successful. out_frames may still be set
+ // to frames that needs to be forwarded to the peer.
+ HandshakerResult result = 3;
+
+ // Status of the handshaker.
+ HandshakerStatus status = 4;
+}
+
+service HandshakerService {
+ // Accepts a stream of handshaker request, returning a stream of handshaker
+ // response.
+ rpc DoHandshake(stream HandshakerReq)
+ returns (stream HandshakerResp) {
+ }
+}
diff --git a/src/core/tsi/alts/handshaker/proto/transport_security_common.proto b/src/core/tsi/alts/handshaker/proto/transport_security_common.proto
new file mode 100644
index 0000000..41983ab
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/proto/transport_security_common.proto
@@ -0,0 +1,40 @@
+// Copyright 2018 gRPC authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package grpc.gcp;
+
+option java_package = "io.grpc.alts";
+
+// The security level of the created channel. The list is sorted in increasing
+// level of security. This order must always be maintained.
+enum SecurityLevel {
+ SECURITY_NONE = 0;
+ INTEGRITY_ONLY = 1;
+ INTEGRITY_AND_PRIVACY = 2;
+}
+
+// Max and min supported RPC protocol versions.
+message RpcProtocolVersions {
+ // RPC version contains a major version and a minor version.
+ message Version {
+ uint32 major = 1;
+ uint32 minor = 2;
+ }
+ // Maximum supported RPC version.
+ Version max_rpc_version = 1;
+ // Minimum supported RPC version.
+ Version min_rpc_version = 2;
+}
diff --git a/src/core/tsi/alts/handshaker/transport_security_common.pb.c b/src/core/tsi/alts/handshaker/transport_security_common.pb.c
new file mode 100644
index 0000000..6063c76
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/transport_security_common.pb.c
@@ -0,0 +1,50 @@
+/* Automatically generated nanopb constant definitions */
+/* Generated by nanopb-0.3.7-dev */
+
+#include "src/core/tsi/alts/handshaker/transport_security_common.pb.h"
+
+/* @@protoc_insertion_point(includes) */
+#if PB_PROTO_HEADER_VERSION != 30
+#error Regenerate this file with the current version of nanopb generator.
+#endif
+
+
+
+const pb_field_t grpc_gcp_RpcProtocolVersions_fields[3] = {
+ PB_FIELD( 1, MESSAGE , OPTIONAL, STATIC , FIRST, grpc_gcp_RpcProtocolVersions, max_rpc_version, max_rpc_version, &grpc_gcp_RpcProtocolVersions_Version_fields),
+ PB_FIELD( 2, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_RpcProtocolVersions, min_rpc_version, max_rpc_version, &grpc_gcp_RpcProtocolVersions_Version_fields),
+ PB_LAST_FIELD
+};
+
+const pb_field_t grpc_gcp_RpcProtocolVersions_Version_fields[3] = {
+ PB_FIELD( 1, UINT32 , OPTIONAL, STATIC , FIRST, grpc_gcp_RpcProtocolVersions_Version, major, major, 0),
+ PB_FIELD( 2, UINT32 , OPTIONAL, STATIC , OTHER, grpc_gcp_RpcProtocolVersions_Version, minor, major, 0),
+ PB_LAST_FIELD
+};
+
+
+/* Check that field information fits in pb_field_t */
+#if !defined(PB_FIELD_32BIT)
+/* If you get an error here, it means that you need to define PB_FIELD_32BIT
+ * compile-time option. You can do that in pb.h or on compiler command line.
+ *
+ * The reason you need to do this is that some of your messages contain tag
+ * numbers or field sizes that are larger than what can fit in 8 or 16 bit
+ * field descriptors.
+ */
+PB_STATIC_ASSERT((pb_membersize(grpc_gcp_RpcProtocolVersions, max_rpc_version) < 65536 && pb_membersize(grpc_gcp_RpcProtocolVersions, min_rpc_version) < 65536), YOU_MUST_DEFINE_PB_FIELD_32BIT_FOR_MESSAGES_grpc_gcp_RpcProtocolVersions_grpc_gcp_RpcProtocolVersions_Version)
+#endif
+
+#if !defined(PB_FIELD_16BIT) && !defined(PB_FIELD_32BIT)
+/* If you get an error here, it means that you need to define PB_FIELD_16BIT
+ * compile-time option. You can do that in pb.h or on compiler command line.
+ *
+ * The reason you need to do this is that some of your messages contain tag
+ * numbers or field sizes that are larger than what can fit in the default
+ * 8 bit descriptors.
+ */
+PB_STATIC_ASSERT((pb_membersize(grpc_gcp_RpcProtocolVersions, max_rpc_version) < 256 && pb_membersize(grpc_gcp_RpcProtocolVersions, min_rpc_version) < 256), YOU_MUST_DEFINE_PB_FIELD_16BIT_FOR_MESSAGES_grpc_gcp_RpcProtocolVersions_grpc_gcp_RpcProtocolVersions_Version)
+#endif
+
+
+/* @@protoc_insertion_point(eof) */
diff --git a/src/core/tsi/alts/handshaker/transport_security_common.pb.h b/src/core/tsi/alts/handshaker/transport_security_common.pb.h
new file mode 100644
index 0000000..49096df
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/transport_security_common.pb.h
@@ -0,0 +1,78 @@
+/* Automatically generated nanopb header */
+/* Generated by nanopb-0.3.7-dev */
+
+#ifndef PB_GRPC_GCP_TRANSPORT_SECURITY_COMMON_PB_H_INCLUDED
+#define PB_GRPC_GCP_TRANSPORT_SECURITY_COMMON_PB_H_INCLUDED
+#include "third_party/nanopb/pb.h"
+/* @@protoc_insertion_point(includes) */
+#if PB_PROTO_HEADER_VERSION != 30
+#error Regenerate this file with the current version of nanopb generator.
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Enum definitions */
+typedef enum _grpc_gcp_SecurityLevel {
+ grpc_gcp_SecurityLevel_SECURITY_NONE = 0,
+ grpc_gcp_SecurityLevel_INTEGRITY_ONLY = 1,
+ grpc_gcp_SecurityLevel_INTEGRITY_AND_PRIVACY = 2
+} grpc_gcp_SecurityLevel;
+#define _grpc_gcp_SecurityLevel_MIN grpc_gcp_SecurityLevel_SECURITY_NONE
+#define _grpc_gcp_SecurityLevel_MAX grpc_gcp_SecurityLevel_INTEGRITY_AND_PRIVACY
+#define _grpc_gcp_SecurityLevel_ARRAYSIZE ((grpc_gcp_SecurityLevel)(grpc_gcp_SecurityLevel_INTEGRITY_AND_PRIVACY+1))
+
+/* Struct definitions */
+typedef struct _grpc_gcp_RpcProtocolVersions_Version {
+ bool has_major;
+ uint32_t major;
+ bool has_minor;
+ uint32_t minor;
+/* @@protoc_insertion_point(struct:grpc_gcp_RpcProtocolVersions_Version) */
+} grpc_gcp_RpcProtocolVersions_Version;
+
+typedef struct _grpc_gcp_RpcProtocolVersions {
+ bool has_max_rpc_version;
+ grpc_gcp_RpcProtocolVersions_Version max_rpc_version;
+ bool has_min_rpc_version;
+ grpc_gcp_RpcProtocolVersions_Version min_rpc_version;
+/* @@protoc_insertion_point(struct:grpc_gcp_RpcProtocolVersions) */
+} grpc_gcp_RpcProtocolVersions;
+
+/* Default values for struct fields */
+
+/* Initializer values for message structs */
+#define grpc_gcp_RpcProtocolVersions_init_default {false, grpc_gcp_RpcProtocolVersions_Version_init_default, false, grpc_gcp_RpcProtocolVersions_Version_init_default}
+#define grpc_gcp_RpcProtocolVersions_Version_init_default {false, 0, false, 0}
+#define grpc_gcp_RpcProtocolVersions_init_zero {false, grpc_gcp_RpcProtocolVersions_Version_init_zero, false, grpc_gcp_RpcProtocolVersions_Version_init_zero}
+#define grpc_gcp_RpcProtocolVersions_Version_init_zero {false, 0, false, 0}
+
+/* Field tags (for use in manual encoding/decoding) */
+#define grpc_gcp_RpcProtocolVersions_Version_major_tag 1
+#define grpc_gcp_RpcProtocolVersions_Version_minor_tag 2
+#define grpc_gcp_RpcProtocolVersions_max_rpc_version_tag 1
+#define grpc_gcp_RpcProtocolVersions_min_rpc_version_tag 2
+
+/* Struct field encoding specification for nanopb */
+extern const pb_field_t grpc_gcp_RpcProtocolVersions_fields[3];
+extern const pb_field_t grpc_gcp_RpcProtocolVersions_Version_fields[3];
+
+/* Maximum encoded size of messages (where known) */
+#define grpc_gcp_RpcProtocolVersions_size 28
+#define grpc_gcp_RpcProtocolVersions_Version_size 12
+
+/* Message IDs (where set with "msgid" option) */
+#ifdef PB_MSGID
+
+#define TRANSPORT_SECURITY_COMMON_MESSAGES \
+
+
+#endif
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+/* @@protoc_insertion_point(eof) */
+
+#endif
diff --git a/src/core/tsi/alts/handshaker/transport_security_common_api.cc b/src/core/tsi/alts/handshaker/transport_security_common_api.cc
new file mode 100644
index 0000000..8a7edb5
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/transport_security_common_api.cc
@@ -0,0 +1,196 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/handshaker/transport_security_common_api.h"
+
+bool grpc_gcp_rpc_protocol_versions_set_max(
+ grpc_gcp_rpc_protocol_versions* versions, uint32_t max_major,
+ uint32_t max_minor) {
+ if (versions == nullptr) {
+ gpr_log(GPR_ERROR,
+ "versions is nullptr in "
+ "grpc_gcp_rpc_protocol_versions_set_max().");
+ return false;
+ }
+ versions->has_max_rpc_version = true;
+ versions->max_rpc_version.has_major = true;
+ versions->max_rpc_version.has_minor = true;
+ versions->max_rpc_version.major = max_major;
+ versions->max_rpc_version.minor = max_minor;
+ return true;
+}
+
+bool grpc_gcp_rpc_protocol_versions_set_min(
+ grpc_gcp_rpc_protocol_versions* versions, uint32_t min_major,
+ uint32_t min_minor) {
+ if (versions == nullptr) {
+ gpr_log(GPR_ERROR,
+ "versions is nullptr in "
+ "grpc_gcp_rpc_protocol_versions_set_min().");
+ return false;
+ }
+ versions->has_min_rpc_version = true;
+ versions->min_rpc_version.has_major = true;
+ versions->min_rpc_version.has_minor = true;
+ versions->min_rpc_version.major = min_major;
+ versions->min_rpc_version.minor = min_minor;
+ return true;
+}
+
+size_t grpc_gcp_rpc_protocol_versions_encode_length(
+ const grpc_gcp_rpc_protocol_versions* versions) {
+ if (versions == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_rpc_protocol_versions_encode_length().");
+ return 0;
+ }
+ pb_ostream_t size_stream;
+ memset(&size_stream, 0, sizeof(pb_ostream_t));
+ if (!pb_encode(&size_stream, grpc_gcp_RpcProtocolVersions_fields, versions)) {
+ gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&size_stream));
+ return 0;
+ }
+ return size_stream.bytes_written;
+}
+
+bool grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes(
+ const grpc_gcp_rpc_protocol_versions* versions, uint8_t* bytes,
+ size_t bytes_length) {
+ if (versions == nullptr || bytes == nullptr || bytes_length == 0) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes().");
+ return false;
+ }
+ pb_ostream_t output_stream = pb_ostream_from_buffer(bytes, bytes_length);
+ if (!pb_encode(&output_stream, grpc_gcp_RpcProtocolVersions_fields,
+ versions)) {
+ gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&output_stream));
+ return false;
+ }
+ return true;
+}
+
+bool grpc_gcp_rpc_protocol_versions_encode(
+ const grpc_gcp_rpc_protocol_versions* versions, grpc_slice* slice) {
+ if (versions == nullptr || slice == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_rpc_protocol_versions_encode().");
+ return false;
+ }
+ size_t encoded_length =
+ grpc_gcp_rpc_protocol_versions_encode_length(versions);
+ if (encoded_length == 0) return false;
+ *slice = grpc_slice_malloc(encoded_length);
+ return grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes(
+ versions, GRPC_SLICE_START_PTR(*slice), encoded_length);
+}
+
+bool grpc_gcp_rpc_protocol_versions_decode(
+ grpc_slice slice, grpc_gcp_rpc_protocol_versions* versions) {
+ if (versions == nullptr) {
+ gpr_log(GPR_ERROR,
+ "version is nullptr in "
+ "grpc_gcp_rpc_protocol_versions_decode().");
+ return false;
+ }
+ pb_istream_t stream = pb_istream_from_buffer(GRPC_SLICE_START_PTR(slice),
+ GRPC_SLICE_LENGTH(slice));
+ if (!pb_decode(&stream, grpc_gcp_RpcProtocolVersions_fields, versions)) {
+ gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&stream));
+ return false;
+ }
+ return true;
+}
+
+bool grpc_gcp_rpc_protocol_versions_copy(
+ const grpc_gcp_rpc_protocol_versions* src,
+ grpc_gcp_rpc_protocol_versions* dst) {
+ if ((src == nullptr && dst != nullptr) ||
+ (src != nullptr && dst == nullptr)) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_rpc_protocol_versions_copy().");
+ return false;
+ }
+ if (src == nullptr) {
+ return true;
+ }
+ grpc_gcp_rpc_protocol_versions_set_max(dst, src->max_rpc_version.major,
+ src->max_rpc_version.minor);
+ grpc_gcp_rpc_protocol_versions_set_min(dst, src->min_rpc_version.major,
+ src->min_rpc_version.minor);
+ return true;
+}
+
+namespace grpc_core {
+namespace internal {
+
+int grpc_gcp_rpc_protocol_version_compare(
+ const grpc_gcp_rpc_protocol_versions_version* v1,
+ const grpc_gcp_rpc_protocol_versions_version* v2) {
+ if ((v1->major > v2->major) ||
+ (v1->major == v2->major && v1->minor > v2->minor)) {
+ return 1;
+ }
+ if ((v1->major < v2->major) ||
+ (v1->major == v2->major && v1->minor < v2->minor)) {
+ return -1;
+ }
+ return 0;
+}
+
+} // namespace internal
+} // namespace grpc_core
+
+bool grpc_gcp_rpc_protocol_versions_check(
+ const grpc_gcp_rpc_protocol_versions* local_versions,
+ const grpc_gcp_rpc_protocol_versions* peer_versions,
+ grpc_gcp_rpc_protocol_versions_version* highest_common_version) {
+ if (local_versions == nullptr || peer_versions == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid arguments to "
+ "grpc_gcp_rpc_protocol_versions_check().");
+ return false;
+ }
+ /* max_common_version is MIN(local.max, peer.max) */
+ const grpc_gcp_rpc_protocol_versions_version* max_common_version =
+ grpc_core::internal::grpc_gcp_rpc_protocol_version_compare(
+ &local_versions->max_rpc_version, &peer_versions->max_rpc_version) > 0
+ ? &peer_versions->max_rpc_version
+ : &local_versions->max_rpc_version;
+ /* min_common_version is MAX(local.min, peer.min) */
+ const grpc_gcp_rpc_protocol_versions_version* min_common_version =
+ grpc_core::internal::grpc_gcp_rpc_protocol_version_compare(
+ &local_versions->min_rpc_version, &peer_versions->min_rpc_version) > 0
+ ? &local_versions->min_rpc_version
+ : &peer_versions->min_rpc_version;
+ bool result = grpc_core::internal::grpc_gcp_rpc_protocol_version_compare(
+ max_common_version, min_common_version) >= 0
+ ? true
+ : false;
+ if (result && highest_common_version != nullptr) {
+ memcpy(highest_common_version, max_common_version,
+ sizeof(grpc_gcp_rpc_protocol_versions_version));
+ }
+ return result;
+}
diff --git a/src/core/tsi/alts/handshaker/transport_security_common_api.h b/src/core/tsi/alts/handshaker/transport_security_common_api.h
new file mode 100644
index 0000000..68228cb
--- /dev/null
+++ b/src/core/tsi/alts/handshaker/transport_security_common_api.h
@@ -0,0 +1,163 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_TRANSPORT_SECURITY_COMMON_API_H
+#define GRPC_CORE_TSI_ALTS_HANDSHAKER_TRANSPORT_SECURITY_COMMON_API_H
+
+#include <grpc/support/port_platform.h>
+
+#include "third_party/nanopb/pb_decode.h"
+#include "third_party/nanopb/pb_encode.h"
+
+#include <grpc/slice.h>
+#include <grpc/slice_buffer.h>
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/tsi/alts/handshaker/transport_security_common.pb.h"
+
+typedef grpc_gcp_RpcProtocolVersions grpc_gcp_rpc_protocol_versions;
+
+typedef grpc_gcp_RpcProtocolVersions_Version
+ grpc_gcp_rpc_protocol_versions_version;
+
+/**
+ * This method sets the value for max_rpc_versions field of rpc protocol
+ * versions.
+ *
+ * - versions: an rpc protocol version instance.
+ * - max_major: a major version of maximum supported RPC version.
+ * - max_minor: a minor version of maximum supported RPC version.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_rpc_protocol_versions_set_max(
+ grpc_gcp_rpc_protocol_versions* versions, uint32_t max_major,
+ uint32_t max_minor);
+
+/**
+ * This method sets the value for min_rpc_versions field of rpc protocol
+ * versions.
+ *
+ * - versions: an rpc protocol version instance.
+ * - min_major: a major version of minimum supported RPC version.
+ * - min_minor: a minor version of minimum supported RPC version.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_rpc_protocol_versions_set_min(
+ grpc_gcp_rpc_protocol_versions* versions, uint32_t min_major,
+ uint32_t min_minor);
+
+/**
+ * This method computes serialized byte length of rpc protocol versions.
+ *
+ * - versions: an rpc protocol versions instance.
+ *
+ * The method returns serialized byte length. It returns 0 on failure.
+ */
+size_t grpc_gcp_rpc_protocol_versions_encode_length(
+ const grpc_gcp_rpc_protocol_versions* versions);
+
+/**
+ * This method serializes rpc protocol versions and writes the result to
+ * the memory buffer provided by the caller. Caller is responsible for
+ * allocating sufficient memory to store the serialized data.
+ *
+ * - versions: an rpc protocol versions instance.
+ * - bytes: bytes buffer where the result will be written to.
+ * - bytes_length: length of the bytes buffer.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes(
+ const grpc_gcp_rpc_protocol_versions* versions, uint8_t* bytes,
+ size_t bytes_length);
+
+/**
+ * This method serializes an rpc protocol version and returns serialized rpc
+ * versions in grpc slice.
+ *
+ * - versions: an rpc protocol versions instance.
+ * - slice: grpc slice where the serialized result will be written.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_rpc_protocol_versions_encode(
+ const grpc_gcp_rpc_protocol_versions* versions, grpc_slice* slice);
+
+/**
+ * This method de-serializes input in grpc slice form and stores the result
+ * in rpc protocol versions.
+ *
+ * - slice: a data stream containing a serialized rpc protocol version.
+ * - versions: an rpc protocol version instance used to hold de-serialized
+ * result.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_rpc_protocol_versions_decode(
+ grpc_slice slice, grpc_gcp_rpc_protocol_versions* versions);
+
+/**
+ * This method performs a deep copy operation on rpc protocol versions
+ * instance.
+ *
+ * - src: rpc protocol versions instance that needs to be copied.
+ * - dst: rpc protocol versions instance that stores the copied result.
+ *
+ * The method returns true on success and false otherwise.
+ */
+bool grpc_gcp_rpc_protocol_versions_copy(
+ const grpc_gcp_rpc_protocol_versions* src,
+ grpc_gcp_rpc_protocol_versions* dst);
+
+/**
+ * This method performs a version check between local and peer rpc protocol
+ * versions.
+ *
+ * - local_versions: local rpc protocol versions instance.
+ * - peer_versions: peer rpc protocol versions instance.
+ * - highest_common_version: an output parameter that will store the highest
+ * common rpc protocol version both parties agreed on.
+ *
+ * The method returns true if the check passes which means both parties agreed
+ * on a common rpc protocol to use, and false otherwise.
+ */
+bool grpc_gcp_rpc_protocol_versions_check(
+ const grpc_gcp_rpc_protocol_versions* local_versions,
+ const grpc_gcp_rpc_protocol_versions* peer_versions,
+ grpc_gcp_rpc_protocol_versions_version* highest_common_version);
+
+namespace grpc_core {
+namespace internal {
+
+/**
+ * Exposed for testing only.
+ * The method returns 0 if v1 = v2,
+ * returns 1 if v1 > v2,
+ * returns -1 if v1 < v2.
+ */
+int grpc_gcp_rpc_protocol_version_compare(
+ const grpc_gcp_rpc_protocol_versions_version* v1,
+ const grpc_gcp_rpc_protocol_versions_version* v2);
+
+} // namespace internal
+} // namespace grpc_core
+
+#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_TRANSPORT_SECURITY_COMMON_API_H */
diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc
new file mode 100644
index 0000000..7ba03eb
--- /dev/null
+++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc
@@ -0,0 +1,180 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h"
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/slice/slice_internal.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h"
+
+/* Main struct for alts_grpc_integrity_only_record_protocol. */
+typedef struct alts_grpc_integrity_only_record_protocol {
+ alts_grpc_record_protocol base;
+ grpc_slice_buffer data_sb;
+ unsigned char* tag_buf;
+} alts_grpc_integrity_only_record_protocol;
+
+/* --- alts_grpc_record_protocol methods implementation. --- */
+
+static tsi_result alts_grpc_integrity_only_protect(
+ alts_grpc_record_protocol* rp, grpc_slice_buffer* unprotected_slices,
+ grpc_slice_buffer* protected_slices) {
+ /* Input sanity check. */
+ if (rp == nullptr || unprotected_slices == nullptr ||
+ protected_slices == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to alts_grpc_record_protocol protect.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ /* Allocates memory for header and tag slices. */
+ grpc_slice header_slice = GRPC_SLICE_MALLOC(rp->header_length);
+ grpc_slice tag_slice = GRPC_SLICE_MALLOC(rp->tag_length);
+ /* Calls alts_iovec_record_protocol protect. */
+ char* error_details = nullptr;
+ iovec_t header_iovec = {GRPC_SLICE_START_PTR(header_slice),
+ GRPC_SLICE_LENGTH(header_slice)};
+ iovec_t tag_iovec = {GRPC_SLICE_START_PTR(tag_slice),
+ GRPC_SLICE_LENGTH(tag_slice)};
+ alts_grpc_record_protocol_convert_slice_buffer_to_iovec(rp,
+ unprotected_slices);
+ grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect(
+ rp->iovec_rp, rp->iovec_buf, unprotected_slices->count, header_iovec,
+ tag_iovec, &error_details);
+ if (status != GRPC_STATUS_OK) {
+ gpr_log(GPR_ERROR, "Failed to protect, %s", error_details);
+ gpr_free(error_details);
+ return TSI_INTERNAL_ERROR;
+ }
+ /* Appends result to protected_slices. */
+ grpc_slice_buffer_add(protected_slices, header_slice);
+ grpc_slice_buffer_move_into(unprotected_slices, protected_slices);
+ grpc_slice_buffer_add(protected_slices, tag_slice);
+ return TSI_OK;
+}
+
+static tsi_result alts_grpc_integrity_only_unprotect(
+ alts_grpc_record_protocol* rp, grpc_slice_buffer* protected_slices,
+ grpc_slice_buffer* unprotected_slices) {
+ /* Input sanity check. */
+ if (rp == nullptr || protected_slices == nullptr ||
+ unprotected_slices == nullptr) {
+ gpr_log(
+ GPR_ERROR,
+ "Invalid nullptr arguments to alts_grpc_record_protocol unprotect.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ if (protected_slices->length < rp->header_length + rp->tag_length) {
+ gpr_log(GPR_ERROR, "Protected slices do not have sufficient data.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ /* In this method, rp points to alts_grpc_record_protocol struct
+ * and integrity_only_record_protocol points to
+ * alts_grpc_integrity_only_record_protocol struct. */
+ alts_grpc_integrity_only_record_protocol* integrity_only_record_protocol =
+ reinterpret_cast<alts_grpc_integrity_only_record_protocol*>(rp);
+ /* Strips frame header from protected slices. */
+ grpc_slice_buffer_reset_and_unref_internal(&rp->header_sb);
+ grpc_slice_buffer_move_first(protected_slices, rp->header_length,
+ &rp->header_sb);
+ GPR_ASSERT(rp->header_sb.length == rp->header_length);
+ iovec_t header_iovec = alts_grpc_record_protocol_get_header_iovec(rp);
+ /* Moves protected slices data to data_sb and leaves the remaining tag. */
+ grpc_slice_buffer_reset_and_unref_internal(
+ &integrity_only_record_protocol->data_sb);
+ grpc_slice_buffer_move_first(protected_slices,
+ protected_slices->length - rp->tag_length,
+ &integrity_only_record_protocol->data_sb);
+ GPR_ASSERT(protected_slices->length == rp->tag_length);
+ iovec_t tag_iovec = {nullptr, rp->tag_length};
+ if (protected_slices->count == 1) {
+ tag_iovec.iov_base = GRPC_SLICE_START_PTR(protected_slices->slices[0]);
+ } else {
+ /* Frame tag is in multiple slices, copies the tag bytes from slice
+ * buffer to a single flat buffer. */
+ alts_grpc_record_protocol_copy_slice_buffer(
+ protected_slices, integrity_only_record_protocol->tag_buf);
+ tag_iovec.iov_base = integrity_only_record_protocol->tag_buf;
+ }
+ /* Calls alts_iovec_record_protocol unprotect. */
+ char* error_details = nullptr;
+ alts_grpc_record_protocol_convert_slice_buffer_to_iovec(
+ rp, &integrity_only_record_protocol->data_sb);
+ grpc_status_code status = alts_iovec_record_protocol_integrity_only_unprotect(
+ rp->iovec_rp, rp->iovec_buf,
+ integrity_only_record_protocol->data_sb.count, header_iovec, tag_iovec,
+ &error_details);
+ if (status != GRPC_STATUS_OK) {
+ gpr_log(GPR_ERROR, "Failed to unprotect, %s", error_details);
+ gpr_free(error_details);
+ return TSI_INTERNAL_ERROR;
+ }
+ grpc_slice_buffer_reset_and_unref_internal(&rp->header_sb);
+ grpc_slice_buffer_reset_and_unref_internal(protected_slices);
+ grpc_slice_buffer_move_into(&integrity_only_record_protocol->data_sb,
+ unprotected_slices);
+ return TSI_OK;
+}
+
+static void alts_grpc_integrity_only_destruct(alts_grpc_record_protocol* rp) {
+ if (rp == nullptr) {
+ return;
+ }
+ alts_grpc_integrity_only_record_protocol* integrity_only_rp =
+ reinterpret_cast<alts_grpc_integrity_only_record_protocol*>(rp);
+ grpc_slice_buffer_destroy_internal(&integrity_only_rp->data_sb);
+ gpr_free(integrity_only_rp->tag_buf);
+}
+
+static const alts_grpc_record_protocol_vtable
+ alts_grpc_integrity_only_record_protocol_vtable = {
+ alts_grpc_integrity_only_protect, alts_grpc_integrity_only_unprotect,
+ alts_grpc_integrity_only_destruct};
+
+tsi_result alts_grpc_integrity_only_record_protocol_create(
+ gsec_aead_crypter* crypter, size_t overflow_size, bool is_client,
+ bool is_protect, alts_grpc_record_protocol** rp) {
+ if (crypter == nullptr || rp == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to alts_grpc_record_protocol create.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_grpc_integrity_only_record_protocol* impl =
+ static_cast<alts_grpc_integrity_only_record_protocol*>(
+ gpr_zalloc(sizeof(alts_grpc_integrity_only_record_protocol)));
+ /* Calls alts_grpc_record_protocol init. */
+ tsi_result result = alts_grpc_record_protocol_init(
+ &impl->base, crypter, overflow_size, is_client,
+ /*is_integrity_only=*/true, is_protect);
+ if (result != TSI_OK) {
+ gpr_free(impl);
+ return result;
+ }
+ /* Initializes slice buffer for data_sb. */
+ grpc_slice_buffer_init(&impl->data_sb);
+ /* Allocates tag buffer. */
+ impl->tag_buf =
+ static_cast<unsigned char*>(gpr_malloc(impl->base.tag_length));
+ impl->base.vtable = &alts_grpc_integrity_only_record_protocol_vtable;
+ *rp = &impl->base;
+ return TSI_OK;
+}
diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h
new file mode 100644
index 0000000..8d68b27
--- /dev/null
+++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h
@@ -0,0 +1,52 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_INTEGRITY_ONLY_RECORD_PROTOCOL_H
+#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_INTEGRITY_ONLY_RECORD_PROTOCOL_H
+
+#include <grpc/support/port_platform.h>
+
+#include <stdbool.h>
+
+#include "src/core/tsi/alts/crypt/gsec.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h"
+
+/**
+ * This method creates an integrity-only alts_grpc_record_protocol instance,
+ * given a gsec_aead_crypter instance and a flag indicating if the created
+ * instance will be used at the client or server side. The ownership of
+ * gsec_aead_crypter instance is transferred to this new object.
+ *
+ * - crypter: a gsec_aead_crypter instance used to perform AEAD decryption.
+ * - overflow_size: overflow size of counter in bytes.
+ * - is_client: a flag indicating if the alts_grpc_record_protocol instance will
+ * be used at the client or server side.
+ * - is_protect: a flag indicating if the alts_grpc_record_protocol instance
+ * will be used for protect or unprotect.
+ * - rp: an alts_grpc_record_protocol instance to be returned from
+ * the method.
+ *
+ * This method returns TSI_OK in case of success or a specific error code in
+ * case of failure.
+ */
+tsi_result alts_grpc_integrity_only_record_protocol_create(
+ gsec_aead_crypter* crypter, size_t overflow_size, bool is_client,
+ bool is_protect, alts_grpc_record_protocol** rp);
+
+#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_INTEGRITY_ONLY_RECORD_PROTOCOL_H \
+ */
diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc
new file mode 100644
index 0000000..d4fd88d
--- /dev/null
+++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc
@@ -0,0 +1,144 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h"
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/slice/slice_internal.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h"
+
+/* Privacy-integrity alts_grpc_record_protocol object uses the same struct
+ * defined in alts_grpc_record_protocol_common.h. */
+
+/* --- alts_grpc_record_protocol methods implementation. --- */
+
+static tsi_result alts_grpc_privacy_integrity_protect(
+ alts_grpc_record_protocol* rp, grpc_slice_buffer* unprotected_slices,
+ grpc_slice_buffer* protected_slices) {
+ /* Input sanity check. */
+ if (rp == nullptr || unprotected_slices == nullptr ||
+ protected_slices == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to alts_grpc_record_protocol protect.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ /* Allocates memory for output frame. In privacy-integrity protect, the
+ * protected frame is stored in a newly allocated buffer. */
+ size_t protected_frame_size =
+ unprotected_slices->length + rp->header_length +
+ alts_iovec_record_protocol_get_tag_length(rp->iovec_rp);
+ grpc_slice protected_slice = GRPC_SLICE_MALLOC(protected_frame_size);
+ iovec_t protected_iovec = {GRPC_SLICE_START_PTR(protected_slice),
+ GRPC_SLICE_LENGTH(protected_slice)};
+ /* Calls alts_iovec_record_protocol protect. */
+ char* error_details = nullptr;
+ alts_grpc_record_protocol_convert_slice_buffer_to_iovec(rp,
+ unprotected_slices);
+ grpc_status_code status =
+ alts_iovec_record_protocol_privacy_integrity_protect(
+ rp->iovec_rp, rp->iovec_buf, unprotected_slices->count,
+ protected_iovec, &error_details);
+ if (status != GRPC_STATUS_OK) {
+ gpr_log(GPR_ERROR, "Failed to protect, %s", error_details);
+ gpr_free(error_details);
+ grpc_slice_unref(protected_slice);
+ return TSI_INTERNAL_ERROR;
+ }
+ grpc_slice_buffer_add(protected_slices, protected_slice);
+ grpc_slice_buffer_reset_and_unref_internal(unprotected_slices);
+ return TSI_OK;
+}
+
+static tsi_result alts_grpc_privacy_integrity_unprotect(
+ alts_grpc_record_protocol* rp, grpc_slice_buffer* protected_slices,
+ grpc_slice_buffer* unprotected_slices) {
+ /* Input sanity check. */
+ if (rp == nullptr || protected_slices == nullptr ||
+ unprotected_slices == nullptr) {
+ gpr_log(
+ GPR_ERROR,
+ "Invalid nullptr arguments to alts_grpc_record_protocol unprotect.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ /* Allocates memory for output frame. In privacy-integrity unprotect, the
+ * unprotected data are stored in a newly allocated buffer. */
+ if (protected_slices->length < rp->header_length + rp->tag_length) {
+ gpr_log(GPR_ERROR, "Protected slices do not have sufficient data.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ size_t unprotected_frame_size =
+ protected_slices->length - rp->header_length - rp->tag_length;
+ grpc_slice unprotected_slice = GRPC_SLICE_MALLOC(unprotected_frame_size);
+ iovec_t unprotected_iovec = {GRPC_SLICE_START_PTR(unprotected_slice),
+ GRPC_SLICE_LENGTH(unprotected_slice)};
+ /* Strips frame header from protected slices. */
+ grpc_slice_buffer_reset_and_unref_internal(&rp->header_sb);
+ grpc_slice_buffer_move_first(protected_slices, rp->header_length,
+ &rp->header_sb);
+ iovec_t header_iovec = alts_grpc_record_protocol_get_header_iovec(rp);
+ /* Calls alts_iovec_record_protocol unprotect. */
+ char* error_details = nullptr;
+ alts_grpc_record_protocol_convert_slice_buffer_to_iovec(rp, protected_slices);
+ grpc_status_code status =
+ alts_iovec_record_protocol_privacy_integrity_unprotect(
+ rp->iovec_rp, header_iovec, rp->iovec_buf, protected_slices->count,
+ unprotected_iovec, &error_details);
+ if (status != GRPC_STATUS_OK) {
+ gpr_log(GPR_ERROR, "Failed to unprotect, %s", error_details);
+ gpr_free(error_details);
+ grpc_slice_unref(unprotected_slice);
+ return TSI_INTERNAL_ERROR;
+ }
+ grpc_slice_buffer_reset_and_unref_internal(&rp->header_sb);
+ grpc_slice_buffer_reset_and_unref_internal(protected_slices);
+ grpc_slice_buffer_add(unprotected_slices, unprotected_slice);
+ return TSI_OK;
+}
+
+static const alts_grpc_record_protocol_vtable
+ alts_grpc_privacy_integrity_record_protocol_vtable = {
+ alts_grpc_privacy_integrity_protect,
+ alts_grpc_privacy_integrity_unprotect, nullptr};
+
+tsi_result alts_grpc_privacy_integrity_record_protocol_create(
+ gsec_aead_crypter* crypter, size_t overflow_size, bool is_client,
+ bool is_protect, alts_grpc_record_protocol** rp) {
+ if (crypter == nullptr || rp == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to alts_grpc_record_protocol create.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ auto* impl = static_cast<alts_grpc_record_protocol*>(
+ gpr_zalloc(sizeof(alts_grpc_record_protocol)));
+ /* Calls alts_grpc_record_protocol init. */
+ tsi_result result =
+ alts_grpc_record_protocol_init(impl, crypter, overflow_size, is_client,
+ /*is_integrity_only=*/false, is_protect);
+ if (result != TSI_OK) {
+ gpr_free(impl);
+ return result;
+ }
+ impl->vtable = &alts_grpc_privacy_integrity_record_protocol_vtable;
+ *rp = impl;
+ return TSI_OK;
+}
diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h
new file mode 100644
index 0000000..1e34aef
--- /dev/null
+++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h
@@ -0,0 +1,49 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_PRIVACY_INTEGRITY_RECORD_PROTOCOL_H
+#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_PRIVACY_INTEGRITY_RECORD_PROTOCOL_H
+
+#include <grpc/support/port_platform.h>
+
+#include <stdbool.h>
+
+#include "src/core/tsi/alts/crypt/gsec.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h"
+
+/**
+ * This method creates a privacy-integrity alts_grpc_record_protocol instance,
+ * given a gsec_aead_crypter instance and a flag indicating if the created
+ * instance will be used at the client or server side. The ownership of
+ * gsec_aead_crypter instance is transferred to this new object.
+ *
+ * - crypter: a gsec_aead_crypter instance used to perform AEAD decryption.
+ * - is_client: a flag indicating if the alts_grpc_record_protocol instance will
+ * be used at the client or server side.
+ * - rp: an alts_grpc_record_protocol instance to be returned from
+ * the method.
+ *
+ * This method returns TSI_OK in case of success or a specific error code in
+ * case of failure.
+ */
+tsi_result alts_grpc_privacy_integrity_record_protocol_create(
+ gsec_aead_crypter* crypter, size_t overflow_size, bool is_client,
+ bool is_protect, alts_grpc_record_protocol** rp);
+
+#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_PRIVACY_INTEGRITY_RECORD_PROTOCOL_H \
+ */
diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h
new file mode 100644
index 0000000..d1e433d
--- /dev/null
+++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h
@@ -0,0 +1,91 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_H
+#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_H
+
+#include <grpc/support/port_platform.h>
+
+#include <grpc/slice_buffer.h>
+
+#include "src/core/tsi/transport_security_interface.h"
+
+/**
+ * This alts_grpc_record_protocol object protects and unprotects a single frame
+ * stored in grpc slice buffer with zero or minimized memory copy.
+ * Implementations of this object must be thread compatible.
+ */
+typedef struct alts_grpc_record_protocol alts_grpc_record_protocol;
+
+/**
+ * This methods performs protect operation on unprotected data and appends the
+ * protected frame to protected_slices. The caller needs to ensure the length
+ * of unprotected data plus the frame overhead is less than or equal to the
+ * maximum frame length. The input unprotected data slice buffer will be
+ * cleared, although the actual unprotected data bytes are not modified.
+ *
+ * - self: an alts_grpc_record_protocol instance.
+ * - unprotected_slices: the unprotected data to be protected.
+ * - protected_slices: slice buffer where the protected frame is appended.
+ *
+ * This method returns TSI_OK in case of success or a specific error code in
+ * case of failure.
+ */
+tsi_result alts_grpc_record_protocol_protect(
+ alts_grpc_record_protocol* self, grpc_slice_buffer* unprotected_slices,
+ grpc_slice_buffer* protected_slices);
+
+/**
+ * This methods performs unprotect operation on a full frame of protected data
+ * and appends unprotected data to unprotected_slices. It is the caller's
+ * responsibility to prepare a full frame of data before calling this method.
+ * The input protected frame slice buffer will be cleared, although the actual
+ * protected data bytes are not modified.
+ *
+ * - self: an alts_grpc_record_protocol instance.
+ * - protected_slices: a full frame of protected data in grpc slices.
+ * - unprotected_slices: slice buffer where unprotected data is appended.
+ *
+ * This method returns TSI_OK in case of success or a specific error code in
+ * case of failure.
+ */
+tsi_result alts_grpc_record_protocol_unprotect(
+ alts_grpc_record_protocol* self, grpc_slice_buffer* protected_slices,
+ grpc_slice_buffer* unprotected_slices);
+
+/**
+ * This method returns maximum allowed unprotected data size, given maximum
+ * protected frame size.
+ *
+ * - self: an alts_grpc_record_protocol instance.
+ * - max_protected_frame_size: maximum protected frame size.
+ *
+ * On success, the method returns the maximum allowed unprotected data size.
+ * Otherwise, it returns zero.
+ */
+size_t alts_grpc_record_protocol_max_unprotected_data_size(
+ const alts_grpc_record_protocol* self, size_t max_protected_frame_size);
+
+/**
+ * This method destroys an alts_grpc_record_protocol instance by de-allocating
+ * all of its occupied memory.
+ */
+void alts_grpc_record_protocol_destroy(alts_grpc_record_protocol* self);
+
+#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_H \
+ */
diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc
new file mode 100644
index 0000000..ff91aea
--- /dev/null
+++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc
@@ -0,0 +1,173 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h"
+
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/gpr/useful.h"
+#include "src/core/lib/slice/slice_internal.h"
+
+const size_t kInitialIovecBufferSize = 8;
+
+/* Makes sure iovec_buf in alts_grpc_record_protocol is large enough. */
+static void ensure_iovec_buf_size(alts_grpc_record_protocol* rp,
+ const grpc_slice_buffer* sb) {
+ GPR_ASSERT(rp != nullptr && sb != nullptr);
+ if (sb->count <= rp->iovec_buf_length) {
+ return;
+ }
+ /* At least double the iovec buffer size. */
+ rp->iovec_buf_length = GPR_MAX(sb->count, 2 * rp->iovec_buf_length);
+ rp->iovec_buf = static_cast<iovec_t*>(
+ gpr_realloc(rp->iovec_buf, rp->iovec_buf_length * sizeof(iovec_t)));
+}
+
+/* --- Implementation of methods defined in tsi_grpc_record_protocol_common.h.
+ * --- */
+
+void alts_grpc_record_protocol_convert_slice_buffer_to_iovec(
+ alts_grpc_record_protocol* rp, const grpc_slice_buffer* sb) {
+ GPR_ASSERT(rp != nullptr && sb != nullptr);
+ ensure_iovec_buf_size(rp, sb);
+ for (size_t i = 0; i < sb->count; i++) {
+ rp->iovec_buf[i].iov_base = GRPC_SLICE_START_PTR(sb->slices[i]);
+ rp->iovec_buf[i].iov_len = GRPC_SLICE_LENGTH(sb->slices[i]);
+ }
+}
+
+void alts_grpc_record_protocol_copy_slice_buffer(const grpc_slice_buffer* src,
+ unsigned char* dst) {
+ GPR_ASSERT(src != nullptr && dst != nullptr);
+ for (size_t i = 0; i < src->count; i++) {
+ size_t slice_length = GRPC_SLICE_LENGTH(src->slices[i]);
+ memcpy(dst, GRPC_SLICE_START_PTR(src->slices[i]), slice_length);
+ dst += slice_length;
+ }
+}
+
+iovec_t alts_grpc_record_protocol_get_header_iovec(
+ alts_grpc_record_protocol* rp) {
+ iovec_t header_iovec = {nullptr, 0};
+ if (rp == nullptr) {
+ return header_iovec;
+ }
+ header_iovec.iov_len = rp->header_length;
+ if (rp->header_sb.count == 1) {
+ header_iovec.iov_base = GRPC_SLICE_START_PTR(rp->header_sb.slices[0]);
+ } else {
+ /* Frame header is in multiple slices, copies the header bytes from slice
+ * buffer to a single flat buffer. */
+ alts_grpc_record_protocol_copy_slice_buffer(&rp->header_sb, rp->header_buf);
+ header_iovec.iov_base = rp->header_buf;
+ }
+ return header_iovec;
+}
+
+tsi_result alts_grpc_record_protocol_init(alts_grpc_record_protocol* rp,
+ gsec_aead_crypter* crypter,
+ size_t overflow_size, bool is_client,
+ bool is_integrity_only,
+ bool is_protect) {
+ if (rp == nullptr || crypter == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to alts_grpc_record_protocol init.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ /* Creates alts_iovec_record_protocol. */
+ char* error_details = nullptr;
+ grpc_status_code status = alts_iovec_record_protocol_create(
+ crypter, overflow_size, is_client, is_integrity_only, is_protect,
+ &rp->iovec_rp, &error_details);
+ if (status != GRPC_STATUS_OK) {
+ gpr_log(GPR_ERROR, "Failed to create alts_iovec_record_protocol, %s.",
+ error_details);
+ gpr_free(error_details);
+ return TSI_INTERNAL_ERROR;
+ }
+ /* Allocates header slice buffer. */
+ grpc_slice_buffer_init(&rp->header_sb);
+ /* Allocates header buffer. */
+ rp->header_length = alts_iovec_record_protocol_get_header_length();
+ rp->header_buf = static_cast<unsigned char*>(gpr_malloc(rp->header_length));
+ rp->tag_length = alts_iovec_record_protocol_get_tag_length(rp->iovec_rp);
+ /* Allocates iovec buffer. */
+ rp->iovec_buf_length = kInitialIovecBufferSize;
+ rp->iovec_buf =
+ static_cast<iovec_t*>(gpr_malloc(rp->iovec_buf_length * sizeof(iovec_t)));
+ return TSI_OK;
+}
+
+/* --- Implementation of methods defined in tsi_grpc_record_protocol.h. --- */
+tsi_result alts_grpc_record_protocol_protect(
+ alts_grpc_record_protocol* self, grpc_slice_buffer* unprotected_slices,
+ grpc_slice_buffer* protected_slices) {
+ if (grpc_core::ExecCtx::Get() == nullptr || self == nullptr ||
+ self->vtable == nullptr || unprotected_slices == nullptr ||
+ protected_slices == nullptr) {
+ return TSI_INVALID_ARGUMENT;
+ }
+ if (self->vtable->protect == nullptr) {
+ return TSI_UNIMPLEMENTED;
+ }
+ return self->vtable->protect(self, unprotected_slices, protected_slices);
+}
+
+tsi_result alts_grpc_record_protocol_unprotect(
+ alts_grpc_record_protocol* self, grpc_slice_buffer* protected_slices,
+ grpc_slice_buffer* unprotected_slices) {
+ if (grpc_core::ExecCtx::Get() == nullptr || self == nullptr ||
+ self->vtable == nullptr || protected_slices == nullptr ||
+ unprotected_slices == nullptr) {
+ return TSI_INVALID_ARGUMENT;
+ }
+ if (self->vtable->unprotect == nullptr) {
+ return TSI_UNIMPLEMENTED;
+ }
+ return self->vtable->unprotect(self, protected_slices, unprotected_slices);
+}
+
+void alts_grpc_record_protocol_destroy(alts_grpc_record_protocol* self) {
+ if (self == nullptr) {
+ return;
+ }
+ if (self->vtable->destruct != nullptr) {
+ self->vtable->destruct(self);
+ }
+ alts_iovec_record_protocol_destroy(self->iovec_rp);
+ grpc_slice_buffer_destroy_internal(&self->header_sb);
+ gpr_free(self->header_buf);
+ gpr_free(self->iovec_buf);
+ gpr_free(self);
+}
+
+/* Integrity-only and privacy-integrity share the same implementation. No need
+ * to call vtable. */
+size_t alts_grpc_record_protocol_max_unprotected_data_size(
+ const alts_grpc_record_protocol* self, size_t max_protected_frame_size) {
+ if (self == nullptr) {
+ return 0;
+ }
+ return alts_iovec_record_protocol_max_unprotected_data_size(
+ self->iovec_rp, max_protected_frame_size);
+}
diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h
new file mode 100644
index 0000000..43b8a4a
--- /dev/null
+++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h
@@ -0,0 +1,100 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_COMMON_H
+#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_COMMON_H
+
+/**
+ * this file contains alts_grpc_record_protocol internals and internal-only
+ * helper functions. The public functions of alts_grpc_record_protocol are
+ * defined in the alts_grpc_record_protocol.h.
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h"
+
+/* V-table for alts_grpc_record_protocol implementations. */
+typedef struct {
+ tsi_result (*protect)(alts_grpc_record_protocol* self,
+ grpc_slice_buffer* unprotected_slices,
+ grpc_slice_buffer* protected_slices);
+ tsi_result (*unprotect)(alts_grpc_record_protocol* self,
+ grpc_slice_buffer* protected_slices,
+ grpc_slice_buffer* unprotected_slices);
+ void (*destruct)(alts_grpc_record_protocol* self);
+} alts_grpc_record_protocol_vtable;
+
+/* Main struct for alts_grpc_record_protocol implementation, shared by both
+ * integrity-only record protocol and privacy-integrity record protocol.
+ * Integrity-only record protocol has additional data elements.
+ * Privacy-integrity record protocol uses this struct directly. */
+struct alts_grpc_record_protocol {
+ const alts_grpc_record_protocol_vtable* vtable;
+ alts_iovec_record_protocol* iovec_rp;
+ grpc_slice_buffer header_sb;
+ unsigned char* header_buf;
+ size_t header_length;
+ size_t tag_length;
+ iovec_t* iovec_buf;
+ size_t iovec_buf_length;
+};
+
+/**
+ * Converts the slices of input sb into iovec_t's and puts the result into
+ * rp->iovec_buf. Note that the actual data are not copied, only
+ * pointers and lengths are copied.
+ */
+void alts_grpc_record_protocol_convert_slice_buffer_to_iovec(
+ alts_grpc_record_protocol* rp, const grpc_slice_buffer* sb);
+
+/**
+ * Copies bytes from slice buffer to destination buffer. Caller is responsible
+ * for allocating enough memory of destination buffer. This method is used for
+ * copying frame header and tag in case they are stored in multiple slices.
+ */
+void alts_grpc_record_protocol_copy_slice_buffer(const grpc_slice_buffer* src,
+ unsigned char* dst);
+
+/**
+ * This method returns an iovec object pointing to the frame header stored in
+ * rp->header_sb. If the frame header is stored in multiple slices,
+ * this method will copy the bytes in rp->header_sb to
+ * rp->header_buf, and return an iovec object pointing to
+ * rp->header_buf.
+ */
+iovec_t alts_grpc_record_protocol_get_header_iovec(
+ alts_grpc_record_protocol* rp);
+
+/**
+ * Initializes an alts_grpc_record_protocol object, given a gsec_aead_crypter
+ * instance, the overflow size of the counter in bytes, a flag indicating if the
+ * object is used for client or server side, a flag indicating if it is used for
+ * integrity-only or privacy-integrity mode, and a flag indicating if it is for
+ * protect or unprotect. The ownership of gsec_aead_crypter object is
+ * transferred to the alts_grpc_record_protocol object.
+ */
+tsi_result alts_grpc_record_protocol_init(alts_grpc_record_protocol* rp,
+ gsec_aead_crypter* crypter,
+ size_t overflow_size, bool is_client,
+ bool is_integrity_only,
+ bool is_protect);
+
+#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_COMMON_H \
+ */
diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc b/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc
new file mode 100644
index 0000000..6a548e5
--- /dev/null
+++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc
@@ -0,0 +1,476 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h"
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/tsi/alts/frame_protector/alts_counter.h"
+
+struct alts_iovec_record_protocol {
+ alts_counter* ctr;
+ gsec_aead_crypter* crypter;
+ size_t tag_length;
+ bool is_integrity_only;
+ bool is_protect;
+};
+
+/* Copies error message to destination. */
+static void maybe_copy_error_msg(const char* src, char** dst) {
+ if (dst != nullptr && src != nullptr) {
+ *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1));
+ memcpy(*dst, src, strlen(src) + 1);
+ }
+}
+
+/* Appends error message to destination. */
+static void maybe_append_error_msg(const char* appendix, char** dst) {
+ if (dst != nullptr && appendix != nullptr) {
+ int dst_len = static_cast<int>(strlen(*dst));
+ *dst = static_cast<char*>(realloc(*dst, dst_len + strlen(appendix) + 1));
+ assert(*dst != nullptr);
+ memcpy(*dst + dst_len, appendix, strlen(appendix) + 1);
+ }
+}
+
+/* Use little endian to interpret a string of bytes as uint32_t. */
+static uint32_t load_32_le(const unsigned char* buffer) {
+ return (((uint32_t)buffer[3]) << 24) | (((uint32_t)buffer[2]) << 16) |
+ (((uint32_t)buffer[1]) << 8) | ((uint32_t)buffer[0]);
+}
+
+/* Store uint32_t as a string of little endian bytes. */
+static void store_32_le(uint32_t value, unsigned char* buffer) {
+ buffer[3] = (unsigned char)(value >> 24) & 0xFF;
+ buffer[2] = (unsigned char)(value >> 16) & 0xFF;
+ buffer[1] = (unsigned char)(value >> 8) & 0xFF;
+ buffer[0] = (unsigned char)(value)&0xFF;
+}
+
+/* Ensures header and tag iovec have sufficient length. */
+static grpc_status_code ensure_header_and_tag_length(
+ const alts_iovec_record_protocol* rp, iovec_t header, iovec_t tag,
+ char** error_details) {
+ if (rp == nullptr) {
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ if (header.iov_base == nullptr) {
+ maybe_copy_error_msg("Header is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (header.iov_len != alts_iovec_record_protocol_get_header_length()) {
+ maybe_copy_error_msg("Header length is incorrect.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (tag.iov_base == nullptr) {
+ maybe_copy_error_msg("Tag is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (tag.iov_len != rp->tag_length) {
+ maybe_copy_error_msg("Tag length is incorrect.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ return GRPC_STATUS_OK;
+}
+
+/* Increments crypter counter and checks overflow. */
+static grpc_status_code increment_counter(alts_counter* counter,
+ char** error_details) {
+ if (counter == nullptr) {
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ bool is_overflow = false;
+ grpc_status_code status =
+ alts_counter_increment(counter, &is_overflow, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ if (is_overflow) {
+ maybe_copy_error_msg("Crypter counter is overflowed.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ return GRPC_STATUS_OK;
+}
+
+/* Given an array of iovec, computes the total length of buffer. */
+static size_t get_total_length(const iovec_t* vec, size_t vec_length) {
+ size_t total_length = 0;
+ for (size_t i = 0; i < vec_length; ++i) {
+ total_length += vec[i].iov_len;
+ }
+ return total_length;
+}
+
+/* Writes frame header given data and tag length. */
+static grpc_status_code write_frame_header(size_t data_length,
+ unsigned char* header,
+ char** error_details) {
+ if (header == nullptr) {
+ maybe_copy_error_msg("Header is nullptr.", error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ size_t frame_length = kZeroCopyFrameMessageTypeFieldSize + data_length;
+ store_32_le(static_cast<uint32_t>(frame_length), header);
+ store_32_le(kZeroCopyFrameMessageType,
+ header + kZeroCopyFrameLengthFieldSize);
+ return GRPC_STATUS_OK;
+}
+
+/* Verifies frame header given protected data length. */
+static grpc_status_code verify_frame_header(size_t data_length,
+ unsigned char* header,
+ char** error_details) {
+ if (header == nullptr) {
+ maybe_copy_error_msg("Header is nullptr.", error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ size_t frame_length = load_32_le(header);
+ if (frame_length != kZeroCopyFrameMessageTypeFieldSize + data_length) {
+ maybe_copy_error_msg("Bad frame length.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ size_t message_type = load_32_le(header + kZeroCopyFrameLengthFieldSize);
+ if (message_type != kZeroCopyFrameMessageType) {
+ maybe_copy_error_msg("Unsupported message type.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ return GRPC_STATUS_OK;
+}
+
+/* --- alts_iovec_record_protocol methods implementation. --- */
+
+size_t alts_iovec_record_protocol_get_header_length() {
+ return kZeroCopyFrameHeaderSize;
+}
+
+size_t alts_iovec_record_protocol_get_tag_length(
+ const alts_iovec_record_protocol* rp) {
+ if (rp != nullptr) {
+ return rp->tag_length;
+ }
+ return 0;
+}
+
+size_t alts_iovec_record_protocol_max_unprotected_data_size(
+ const alts_iovec_record_protocol* rp, size_t max_protected_frame_size) {
+ if (rp == nullptr) {
+ return 0;
+ }
+ size_t overhead_bytes_size =
+ kZeroCopyFrameMessageTypeFieldSize + rp->tag_length;
+ if (max_protected_frame_size <= overhead_bytes_size) return 0;
+ return max_protected_frame_size - overhead_bytes_size;
+}
+
+grpc_status_code alts_iovec_record_protocol_integrity_only_protect(
+ alts_iovec_record_protocol* rp, const iovec_t* unprotected_vec,
+ size_t unprotected_vec_length, iovec_t header, iovec_t tag,
+ char** error_details) {
+ /* Input sanity checks. */
+ if (rp == nullptr) {
+ maybe_copy_error_msg("Input iovec_record_protocol is nullptr.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (!rp->is_integrity_only) {
+ maybe_copy_error_msg(
+ "Integrity-only operations are not allowed for this object.",
+ error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ if (!rp->is_protect) {
+ maybe_copy_error_msg("Protect operations are not allowed for this object.",
+ error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ grpc_status_code status =
+ ensure_header_and_tag_length(rp, header, tag, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ /* Unprotected data should not be zero length. */
+ size_t data_length =
+ get_total_length(unprotected_vec, unprotected_vec_length);
+ /* Sets frame header. */
+ status = write_frame_header(data_length + rp->tag_length,
+ static_cast<unsigned char*>(header.iov_base),
+ error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ /* Computes frame tag by calling AEAD crypter. */
+ size_t bytes_written = 0;
+ status = gsec_aead_crypter_encrypt_iovec(
+ rp->crypter, alts_counter_get_counter(rp->ctr),
+ alts_counter_get_size(rp->ctr), unprotected_vec, unprotected_vec_length,
+ /* plaintext_vec = */ nullptr, /* plaintext_vec_length = */ 0, tag,
+ &bytes_written, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ if (bytes_written != rp->tag_length) {
+ maybe_copy_error_msg("Bytes written expects to be the same as tag length.",
+ error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ /* Increments the crypter counter. */
+ return increment_counter(rp->ctr, error_details);
+}
+
+grpc_status_code alts_iovec_record_protocol_integrity_only_unprotect(
+ alts_iovec_record_protocol* rp, const iovec_t* protected_vec,
+ size_t protected_vec_length, iovec_t header, iovec_t tag,
+ char** error_details) {
+ /* Input sanity checks. */
+ if (rp == nullptr) {
+ maybe_copy_error_msg("Input iovec_record_protocol is nullptr.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (!rp->is_integrity_only) {
+ maybe_copy_error_msg(
+ "Integrity-only operations are not allowed for this object.",
+ error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ if (rp->is_protect) {
+ maybe_copy_error_msg(
+ "Unprotect operations are not allowed for this object.", error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ grpc_status_code status =
+ ensure_header_and_tag_length(rp, header, tag, error_details);
+ if (status != GRPC_STATUS_OK) return status;
+ /* Protected data should not be zero length. */
+ size_t data_length = get_total_length(protected_vec, protected_vec_length);
+ /* Verifies frame header. */
+ status = verify_frame_header(data_length + rp->tag_length,
+ static_cast<unsigned char*>(header.iov_base),
+ error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ /* Verifies frame tag by calling AEAD crypter. */
+ iovec_t plaintext = {nullptr, 0};
+ size_t bytes_written = 0;
+ status = gsec_aead_crypter_decrypt_iovec(
+ rp->crypter, alts_counter_get_counter(rp->ctr),
+ alts_counter_get_size(rp->ctr), protected_vec, protected_vec_length, &tag,
+ 1, plaintext, &bytes_written, error_details);
+ if (status != GRPC_STATUS_OK || bytes_written != 0) {
+ maybe_append_error_msg(" Frame tag verification failed.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ /* Increments the crypter counter. */
+ return increment_counter(rp->ctr, error_details);
+}
+
+grpc_status_code alts_iovec_record_protocol_privacy_integrity_protect(
+ alts_iovec_record_protocol* rp, const iovec_t* unprotected_vec,
+ size_t unprotected_vec_length, iovec_t protected_frame,
+ char** error_details) {
+ /* Input sanity checks. */
+ if (rp == nullptr) {
+ maybe_copy_error_msg("Input iovec_record_protocol is nullptr.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (rp->is_integrity_only) {
+ maybe_copy_error_msg(
+ "Privacy-integrity operations are not allowed for this object.",
+ error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ if (!rp->is_protect) {
+ maybe_copy_error_msg("Protect operations are not allowed for this object.",
+ error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ /* Unprotected data should not be zero length. */
+ size_t data_length =
+ get_total_length(unprotected_vec, unprotected_vec_length);
+ /* Ensures protected frame iovec has sufficient size. */
+ if (protected_frame.iov_base == nullptr) {
+ maybe_copy_error_msg("Protected frame is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (protected_frame.iov_len !=
+ alts_iovec_record_protocol_get_header_length() + data_length +
+ rp->tag_length) {
+ maybe_copy_error_msg("Protected frame size is incorrect.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ /* Writer frame header. */
+ grpc_status_code status = write_frame_header(
+ data_length + rp->tag_length,
+ static_cast<unsigned char*>(protected_frame.iov_base), error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ /* Encrypt unprotected data by calling AEAD crypter. */
+ unsigned char* ciphertext_buffer =
+ static_cast<unsigned char*>(protected_frame.iov_base) +
+ alts_iovec_record_protocol_get_header_length();
+ iovec_t ciphertext = {ciphertext_buffer, data_length + rp->tag_length};
+ size_t bytes_written = 0;
+ status = gsec_aead_crypter_encrypt_iovec(
+ rp->crypter, alts_counter_get_counter(rp->ctr),
+ alts_counter_get_size(rp->ctr), /* aad_vec = */ nullptr,
+ /* aad_vec_length = */ 0, unprotected_vec, unprotected_vec_length,
+ ciphertext, &bytes_written, error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ if (bytes_written != data_length + rp->tag_length) {
+ maybe_copy_error_msg(
+ "Bytes written expects to be data length plus tag length.",
+ error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ /* Increments the crypter counter. */
+ return increment_counter(rp->ctr, error_details);
+}
+
+grpc_status_code alts_iovec_record_protocol_privacy_integrity_unprotect(
+ alts_iovec_record_protocol* rp, iovec_t header,
+ const iovec_t* protected_vec, size_t protected_vec_length,
+ iovec_t unprotected_data, char** error_details) {
+ /* Input sanity checks. */
+ if (rp == nullptr) {
+ maybe_copy_error_msg("Input iovec_record_protocol is nullptr.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (rp->is_integrity_only) {
+ maybe_copy_error_msg(
+ "Privacy-integrity operations are not allowed for this object.",
+ error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ if (rp->is_protect) {
+ maybe_copy_error_msg(
+ "Unprotect operations are not allowed for this object.", error_details);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+ }
+ /* Protected data size should be no less than tag size. */
+ size_t protected_data_length =
+ get_total_length(protected_vec, protected_vec_length);
+ if (protected_data_length < rp->tag_length) {
+ maybe_copy_error_msg(
+ "Protected data length should be more than the tag length.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ /* Ensures header has sufficient size. */
+ if (header.iov_base == nullptr) {
+ maybe_copy_error_msg("Header is nullptr.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ if (header.iov_len != alts_iovec_record_protocol_get_header_length()) {
+ maybe_copy_error_msg("Header length is incorrect.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ /* Ensures unprotected data iovec has sufficient size. */
+ if (unprotected_data.iov_len != protected_data_length - rp->tag_length) {
+ maybe_copy_error_msg("Unprotected data size is incorrect.", error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ /* Verify frame header. */
+ grpc_status_code status = verify_frame_header(
+ protected_data_length, static_cast<unsigned char*>(header.iov_base),
+ error_details);
+ if (status != GRPC_STATUS_OK) {
+ return status;
+ }
+ /* Decrypt protected data by calling AEAD crypter. */
+ size_t bytes_written = 0;
+ status = gsec_aead_crypter_decrypt_iovec(
+ rp->crypter, alts_counter_get_counter(rp->ctr),
+ alts_counter_get_size(rp->ctr), /* aad_vec = */ nullptr,
+ /* aad_vec_length = */ 0, protected_vec, protected_vec_length,
+ unprotected_data, &bytes_written, error_details);
+ if (status != GRPC_STATUS_OK) {
+ maybe_append_error_msg(" Frame decryption failed.", error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ if (bytes_written != protected_data_length - rp->tag_length) {
+ maybe_copy_error_msg(
+ "Bytes written expects to be protected data length minus tag length.",
+ error_details);
+ return GRPC_STATUS_INTERNAL;
+ }
+ /* Increments the crypter counter. */
+ return increment_counter(rp->ctr, error_details);
+}
+
+grpc_status_code alts_iovec_record_protocol_create(
+ gsec_aead_crypter* crypter, size_t overflow_size, bool is_client,
+ bool is_integrity_only, bool is_protect, alts_iovec_record_protocol** rp,
+ char** error_details) {
+ if (crypter == nullptr || rp == nullptr) {
+ maybe_copy_error_msg(
+ "Invalid nullptr arguments to alts_iovec_record_protocol create.",
+ error_details);
+ return GRPC_STATUS_INVALID_ARGUMENT;
+ }
+ alts_iovec_record_protocol* impl = static_cast<alts_iovec_record_protocol*>(
+ gpr_zalloc(sizeof(alts_iovec_record_protocol)));
+ /* Gets counter length. */
+ size_t counter_length = 0;
+ grpc_status_code status =
+ gsec_aead_crypter_nonce_length(crypter, &counter_length, error_details);
+ if (status != GRPC_STATUS_OK) {
+ goto cleanup;
+ }
+ /* Creates counters. */
+ status =
+ alts_counter_create(is_protect ? !is_client : is_client, counter_length,
+ overflow_size, &impl->ctr, error_details);
+ if (status != GRPC_STATUS_OK) {
+ goto cleanup;
+ }
+ /* Gets tag length. */
+ status =
+ gsec_aead_crypter_tag_length(crypter, &impl->tag_length, error_details);
+ if (status != GRPC_STATUS_OK) {
+ goto cleanup;
+ }
+ impl->crypter = crypter;
+ impl->is_integrity_only = is_integrity_only;
+ impl->is_protect = is_protect;
+ *rp = impl;
+ return GRPC_STATUS_OK;
+cleanup:
+ alts_counter_destroy(impl->ctr);
+ gpr_free(impl);
+ return GRPC_STATUS_FAILED_PRECONDITION;
+}
+
+void alts_iovec_record_protocol_destroy(alts_iovec_record_protocol* rp) {
+ if (rp != nullptr) {
+ alts_counter_destroy(rp->ctr);
+ gsec_aead_crypter_destroy(rp->crypter);
+ gpr_free(rp);
+ }
+}
diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h
new file mode 100644
index 0000000..0b7d1bf
--- /dev/null
+++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h
@@ -0,0 +1,199 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_IOVEC_RECORD_PROTOCOL_H
+#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_IOVEC_RECORD_PROTOCOL_H
+
+#include <grpc/support/port_platform.h>
+
+#include <stdbool.h>
+
+#include "src/core/tsi/alts/crypt/gsec.h"
+
+constexpr size_t kZeroCopyFrameMessageType = 0x06;
+constexpr size_t kZeroCopyFrameLengthFieldSize = 4;
+constexpr size_t kZeroCopyFrameMessageTypeFieldSize = 4;
+constexpr size_t kZeroCopyFrameHeaderSize =
+ kZeroCopyFrameLengthFieldSize + kZeroCopyFrameMessageTypeFieldSize;
+
+// Limit k on number of frames such that at most 2^(8 * k) frames can be sent.
+constexpr size_t kAltsRecordProtocolRekeyFrameLimit = 8;
+constexpr size_t kAltsRecordProtocolFrameLimit = 5;
+
+/* An implementation of alts record protocol. The API is thread-compatible. */
+
+typedef struct iovec iovec_t;
+
+typedef struct alts_iovec_record_protocol alts_iovec_record_protocol;
+
+/**
+ * This method gets the length of record protocol frame header.
+ */
+size_t alts_iovec_record_protocol_get_header_length();
+
+/**
+ * This method gets the length of record protocol frame tag.
+ *
+ * - rp: an alts_iovec_record_protocol instance.
+ *
+ * On success, the method returns the length of record protocol frame tag.
+ * Otherwise, it returns zero.
+ */
+size_t alts_iovec_record_protocol_get_tag_length(
+ const alts_iovec_record_protocol* rp);
+
+/**
+ * This method returns maximum allowed unprotected data size, given maximum
+ * protected frame size.
+ *
+ * - rp: an alts_iovec_record_protocol instance.
+ * - max_protected_frame_size: maximum protected frame size.
+ *
+ * On success, the method returns the maximum allowed unprotected data size.
+ * Otherwise, it returns zero.
+ */
+size_t alts_iovec_record_protocol_max_unprotected_data_size(
+ const alts_iovec_record_protocol* rp, size_t max_protected_frame_size);
+
+/**
+ * This method performs integrity-only protect operation on a
+ * alts_iovec_record_protocol instance, i.e., compute frame header and tag. The
+ * caller needs to allocate the memory for header and tag prior to calling this
+ * method.
+ *
+ * - rp: an alts_iovec_record_protocol instance.
+ * - unprotected_vec: an iovec array containing unprotected data.
+ * - unprotected_vec_length: the array length of unprotected_vec.
+ * - header: an iovec containing the output frame header.
+ * - tag: an iovec containing the output frame tag.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is OK to pass nullptr into error_details.
+ *
+ * On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an
+ * error status code along with its details specified in error_details (if
+ * error_details is not nullptr).
+ */
+grpc_status_code alts_iovec_record_protocol_integrity_only_protect(
+ alts_iovec_record_protocol* rp, const iovec_t* unprotected_vec,
+ size_t unprotected_vec_length, iovec_t header, iovec_t tag,
+ char** error_details);
+
+/**
+ * This method performs integrity-only unprotect operation on a
+ * alts_iovec_record_protocol instance, i.e., verify frame header and tag.
+ *
+ * - rp: an alts_iovec_record_protocol instance.
+ * - protected_vec: an iovec array containing protected data.
+ * - protected_vec_length: the array length of protected_vec.
+ * - header: an iovec containing the frame header.
+ * - tag: an iovec containing the frame tag.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is OK to pass nullptr into error_details.
+ *
+ * On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an
+ * error status code along with its details specified in error_details (if
+ * error_details is not nullptr).
+ */
+grpc_status_code alts_iovec_record_protocol_integrity_only_unprotect(
+ alts_iovec_record_protocol* rp, const iovec_t* protected_vec,
+ size_t protected_vec_length, iovec_t header, iovec_t tag,
+ char** error_details);
+
+/**
+ * This method performs privacy-integrity protect operation on a
+ * alts_iovec_record_protocol instance, i.e., compute a protected frame. The
+ * caller needs to allocate the memory for the protected frame prior to calling
+ * this method.
+ *
+ * - rp: an alts_iovec_record_protocol instance.
+ * - unprotected_vec: an iovec array containing unprotected data.
+ * - unprotected_vec_length: the array length of unprotected_vec.
+ * - protected_frame: an iovec containing the output protected frame.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is OK to pass nullptr into error_details.
+ *
+ * On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an
+ * error status code along with its details specified in error_details (if
+ * error_details is not nullptr).
+ */
+grpc_status_code alts_iovec_record_protocol_privacy_integrity_protect(
+ alts_iovec_record_protocol* rp, const iovec_t* unprotected_vec,
+ size_t unprotected_vec_length, iovec_t protected_frame,
+ char** error_details);
+
+/**
+ * This method performs privacy-integrity unprotect operation on a
+ * alts_iovec_record_protocol instance given a full protected frame, i.e.,
+ * compute the unprotected data. The caller needs to allocated the memory for
+ * the unprotected data prior to calling this method.
+ *
+ * - rp: an alts_iovec_record_protocol instance.
+ * - header: an iovec containing the frame header.
+ * - protected_vec: an iovec array containing protected data including the tag.
+ * - protected_vec_length: the array length of protected_vec.
+ * - unprotected_data: an iovec containing the output unprotected data.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is OK to pass nullptr into error_details.
+ *
+ * On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an
+ * error status code along with its details specified in error_details (if
+ * error_details is not nullptr).
+ */
+grpc_status_code alts_iovec_record_protocol_privacy_integrity_unprotect(
+ alts_iovec_record_protocol* rp, iovec_t header,
+ const iovec_t* protected_vec, size_t protected_vec_length,
+ iovec_t unprotected_data, char** error_details);
+
+/**
+ * This method creates an alts_iovec_record_protocol instance, given a
+ * gsec_aead_crypter instance, a flag indicating if the created instance will be
+ * used at the client or server side, and a flag indicating if the created
+ * instance will be used for integrity-only mode or privacy-integrity mode. The
+ * ownership of gsec_aead_crypter instance is transferred to this new object.
+ *
+ * - crypter: a gsec_aead_crypter instance used to perform AEAD decryption.
+ * - overflow_size: overflow size of counter in bytes.
+ * - is_client: a flag indicating if the alts_iovec_record_protocol instance
+ * will be used at the client or server side.
+ * - is_integrity_only: a flag indicating if the alts_iovec_record_protocol
+ * instance will be used for integrity-only or privacy-integrity mode.
+ * - is_protect: a flag indicating if the alts_grpc_record_protocol instance
+ * will be used for protect or unprotect.
+ * - rp: an alts_iovec_record_protocol instance to be returned from
+ * the method.
+ * - error_details: a buffer containing an error message if the method does not
+ * function correctly. It is OK to pass nullptr into error_details.
+ *
+ * On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an
+ * error status code along with its details specified in error_details (if
+ * error_details is not nullptr).
+ */
+grpc_status_code alts_iovec_record_protocol_create(
+ gsec_aead_crypter* crypter, size_t overflow_size, bool is_client,
+ bool is_integrity_only, bool is_protect, alts_iovec_record_protocol** rp,
+ char** error_details);
+
+/**
+ * This method destroys an alts_iovec_record_protocol instance by de-allocating
+ * all of its occupied memory. A gsec_aead_crypter instance passed in at
+ * gsec_alts_crypter instance creation time will be destroyed in this method.
+ */
+void alts_iovec_record_protocol_destroy(alts_iovec_record_protocol* rp);
+
+#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_IOVEC_RECORD_PROTOCOL_H \
+ */
diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc b/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc
new file mode 100644
index 0000000..8c76496
--- /dev/null
+++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc
@@ -0,0 +1,295 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/port_platform.h>
+
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h"
+
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/gpr/useful.h"
+#include "src/core/lib/slice/slice_internal.h"
+#include "src/core/tsi/alts/crypt/gsec.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h"
+#include "src/core/tsi/transport_security_grpc.h"
+
+constexpr size_t kMinFrameLength = 1024;
+constexpr size_t kDefaultFrameLength = 16 * 1024;
+constexpr size_t kMaxFrameLength = 1024 * 1024;
+
+/**
+ * Main struct for alts_zero_copy_grpc_protector.
+ * We choose to have two alts_grpc_record_protocol objects and two sets of slice
+ * buffers: one for protect and the other for unprotect, so that protect and
+ * unprotect can be executed in parallel. Implementations of this object must be
+ * thread compatible.
+ */
+typedef struct alts_zero_copy_grpc_protector {
+ tsi_zero_copy_grpc_protector base;
+ alts_grpc_record_protocol* record_protocol;
+ alts_grpc_record_protocol* unrecord_protocol;
+ size_t max_protected_frame_size;
+ size_t max_unprotected_data_size;
+ grpc_slice_buffer unprotected_staging_sb;
+ grpc_slice_buffer protected_sb;
+ grpc_slice_buffer protected_staging_sb;
+ uint32_t parsed_frame_size;
+} alts_zero_copy_grpc_protector;
+
+/**
+ * Given a slice buffer, parses the first 4 bytes little-endian unsigned frame
+ * size and returns the total frame size including the frame field. Caller
+ * needs to make sure the input slice buffer has at least 4 bytes. Returns true
+ * on success and false on failure.
+ */
+static bool read_frame_size(const grpc_slice_buffer* sb,
+ uint32_t* total_frame_size) {
+ if (sb == nullptr || sb->length < kZeroCopyFrameLengthFieldSize) {
+ return false;
+ }
+ uint8_t frame_size_buffer[kZeroCopyFrameLengthFieldSize];
+ uint8_t* buf = frame_size_buffer;
+ /* Copies the first 4 bytes to a temporary buffer. */
+ size_t remaining = kZeroCopyFrameLengthFieldSize;
+ for (size_t i = 0; i < sb->count; i++) {
+ size_t slice_length = GRPC_SLICE_LENGTH(sb->slices[i]);
+ if (remaining <= slice_length) {
+ memcpy(buf, GRPC_SLICE_START_PTR(sb->slices[i]), remaining);
+ remaining = 0;
+ break;
+ } else {
+ memcpy(buf, GRPC_SLICE_START_PTR(sb->slices[i]), slice_length);
+ buf += slice_length;
+ remaining -= slice_length;
+ }
+ }
+ GPR_ASSERT(remaining == 0);
+ /* Gets little-endian frame size. */
+ uint32_t frame_size = (((uint32_t)frame_size_buffer[3]) << 24) |
+ (((uint32_t)frame_size_buffer[2]) << 16) |
+ (((uint32_t)frame_size_buffer[1]) << 8) |
+ ((uint32_t)frame_size_buffer[0]);
+ if (frame_size > kMaxFrameLength) {
+ gpr_log(GPR_ERROR, "Frame size is larger than maximum frame size");
+ return false;
+ }
+ /* Returns frame size including frame length field. */
+ *total_frame_size =
+ static_cast<uint32_t>(frame_size + kZeroCopyFrameLengthFieldSize);
+ return true;
+}
+
+/**
+ * Creates an alts_grpc_record_protocol object, given key, key size, and flags
+ * to indicate whether the record_protocol object uses the rekeying AEAD,
+ * whether the object is for client or server, whether the object is for
+ * integrity-only or privacy-integrity mode, and whether the object is is used
+ * for protect or unprotect.
+ */
+static tsi_result create_alts_grpc_record_protocol(
+ const uint8_t* key, size_t key_size, bool is_rekey, bool is_client,
+ bool is_integrity_only, bool is_protect,
+ alts_grpc_record_protocol** record_protocol) {
+ if (key == nullptr || record_protocol == nullptr) {
+ return TSI_INVALID_ARGUMENT;
+ }
+ grpc_status_code status;
+ gsec_aead_crypter* crypter = nullptr;
+ char* error_details = nullptr;
+ status = gsec_aes_gcm_aead_crypter_create(key, key_size, kAesGcmNonceLength,
+ kAesGcmTagLength, is_rekey,
+ &crypter, &error_details);
+ if (status != GRPC_STATUS_OK) {
+ gpr_log(GPR_ERROR, "Failed to create AEAD crypter, %s", error_details);
+ gpr_free(error_details);
+ return TSI_INTERNAL_ERROR;
+ }
+ size_t overflow_limit = is_rekey ? kAltsRecordProtocolRekeyFrameLimit
+ : kAltsRecordProtocolFrameLimit;
+ /* Creates alts_grpc_record_protocol with AEAD crypter ownership transferred.
+ */
+ tsi_result result =
+ is_integrity_only
+ ? alts_grpc_integrity_only_record_protocol_create(
+ crypter, overflow_limit, is_client, is_protect, record_protocol)
+ : alts_grpc_privacy_integrity_record_protocol_create(
+ crypter, overflow_limit, is_client, is_protect,
+ record_protocol);
+ if (result != TSI_OK) {
+ gsec_aead_crypter_destroy(crypter);
+ return result;
+ }
+ return TSI_OK;
+}
+
+/* --- tsi_zero_copy_grpc_protector methods implementation. --- */
+
+static tsi_result alts_zero_copy_grpc_protector_protect(
+ tsi_zero_copy_grpc_protector* self, grpc_slice_buffer* unprotected_slices,
+ grpc_slice_buffer* protected_slices) {
+ if (self == nullptr || unprotected_slices == nullptr ||
+ protected_slices == nullptr) {
+ gpr_log(GPR_ERROR, "Invalid nullptr arguments to zero-copy grpc protect.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_zero_copy_grpc_protector* protector =
+ reinterpret_cast<alts_zero_copy_grpc_protector*>(self);
+ /* Calls alts_grpc_record_protocol protect repeatly. */
+ while (unprotected_slices->length > protector->max_unprotected_data_size) {
+ grpc_slice_buffer_move_first(unprotected_slices,
+ protector->max_unprotected_data_size,
+ &protector->unprotected_staging_sb);
+ tsi_result status = alts_grpc_record_protocol_protect(
+ protector->record_protocol, &protector->unprotected_staging_sb,
+ protected_slices);
+ if (status != TSI_OK) {
+ return status;
+ }
+ }
+ return alts_grpc_record_protocol_protect(
+ protector->record_protocol, unprotected_slices, protected_slices);
+}
+
+static tsi_result alts_zero_copy_grpc_protector_unprotect(
+ tsi_zero_copy_grpc_protector* self, grpc_slice_buffer* protected_slices,
+ grpc_slice_buffer* unprotected_slices) {
+ if (self == nullptr || unprotected_slices == nullptr ||
+ protected_slices == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to zero-copy grpc unprotect.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ alts_zero_copy_grpc_protector* protector =
+ reinterpret_cast<alts_zero_copy_grpc_protector*>(self);
+ grpc_slice_buffer_move_into(protected_slices, &protector->protected_sb);
+ /* Keep unprotecting each frame if possible. */
+ while (protector->protected_sb.length >= kZeroCopyFrameLengthFieldSize) {
+ if (protector->parsed_frame_size == 0) {
+ /* We have not parsed frame size yet. Parses frame size. */
+ if (!read_frame_size(&protector->protected_sb,
+ &protector->parsed_frame_size)) {
+ grpc_slice_buffer_reset_and_unref_internal(&protector->protected_sb);
+ return TSI_DATA_CORRUPTED;
+ }
+ }
+ if (protector->protected_sb.length < protector->parsed_frame_size) break;
+ /* At this point, protected_sb contains at least one frame of data. */
+ tsi_result status;
+ if (protector->protected_sb.length == protector->parsed_frame_size) {
+ status = alts_grpc_record_protocol_unprotect(protector->unrecord_protocol,
+ &protector->protected_sb,
+ unprotected_slices);
+ } else {
+ grpc_slice_buffer_move_first(&protector->protected_sb,
+ protector->parsed_frame_size,
+ &protector->protected_staging_sb);
+ status = alts_grpc_record_protocol_unprotect(
+ protector->unrecord_protocol, &protector->protected_staging_sb,
+ unprotected_slices);
+ }
+ protector->parsed_frame_size = 0;
+ if (status != TSI_OK) {
+ grpc_slice_buffer_reset_and_unref_internal(&protector->protected_sb);
+ return status;
+ }
+ }
+ return TSI_OK;
+}
+
+static void alts_zero_copy_grpc_protector_destroy(
+ tsi_zero_copy_grpc_protector* self) {
+ if (self == nullptr) {
+ return;
+ }
+ alts_zero_copy_grpc_protector* protector =
+ reinterpret_cast<alts_zero_copy_grpc_protector*>(self);
+ alts_grpc_record_protocol_destroy(protector->record_protocol);
+ alts_grpc_record_protocol_destroy(protector->unrecord_protocol);
+ grpc_slice_buffer_destroy_internal(&protector->unprotected_staging_sb);
+ grpc_slice_buffer_destroy_internal(&protector->protected_sb);
+ grpc_slice_buffer_destroy_internal(&protector->protected_staging_sb);
+ gpr_free(protector);
+}
+
+static const tsi_zero_copy_grpc_protector_vtable
+ alts_zero_copy_grpc_protector_vtable = {
+ alts_zero_copy_grpc_protector_protect,
+ alts_zero_copy_grpc_protector_unprotect,
+ alts_zero_copy_grpc_protector_destroy};
+
+tsi_result alts_zero_copy_grpc_protector_create(
+ const uint8_t* key, size_t key_size, bool is_rekey, bool is_client,
+ bool is_integrity_only, size_t* max_protected_frame_size,
+ tsi_zero_copy_grpc_protector** protector) {
+ if (grpc_core::ExecCtx::Get() == nullptr || key == nullptr ||
+ protector == nullptr) {
+ gpr_log(
+ GPR_ERROR,
+ "Invalid nullptr arguments to alts_zero_copy_grpc_protector create.");
+ return TSI_INVALID_ARGUMENT;
+ }
+ /* Creates alts_zero_copy_protector. */
+ alts_zero_copy_grpc_protector* impl =
+ static_cast<alts_zero_copy_grpc_protector*>(
+ gpr_zalloc(sizeof(alts_zero_copy_grpc_protector)));
+ /* Creates alts_grpc_record_protocol objects. */
+ tsi_result status = create_alts_grpc_record_protocol(
+ key, key_size, is_rekey, is_client, is_integrity_only,
+ /*is_protect=*/true, &impl->record_protocol);
+ if (status == TSI_OK) {
+ status = create_alts_grpc_record_protocol(
+ key, key_size, is_rekey, is_client, is_integrity_only,
+ /*is_protect=*/false, &impl->unrecord_protocol);
+ if (status == TSI_OK) {
+ /* Sets maximum frame size. */
+ size_t max_protected_frame_size_to_set = kDefaultFrameLength;
+ if (max_protected_frame_size != nullptr) {
+ *max_protected_frame_size =
+ GPR_MIN(*max_protected_frame_size, kMaxFrameLength);
+ *max_protected_frame_size =
+ GPR_MAX(*max_protected_frame_size, kMinFrameLength);
+ max_protected_frame_size_to_set = *max_protected_frame_size;
+ }
+ impl->max_protected_frame_size = max_protected_frame_size_to_set;
+ impl->max_unprotected_data_size =
+ alts_grpc_record_protocol_max_unprotected_data_size(
+ impl->record_protocol, max_protected_frame_size_to_set);
+ GPR_ASSERT(impl->max_unprotected_data_size > 0);
+ /* Allocates internal slice buffers. */
+ grpc_slice_buffer_init(&impl->unprotected_staging_sb);
+ grpc_slice_buffer_init(&impl->protected_sb);
+ grpc_slice_buffer_init(&impl->protected_staging_sb);
+ impl->parsed_frame_size = 0;
+ impl->base.vtable = &alts_zero_copy_grpc_protector_vtable;
+ *protector = &impl->base;
+ return TSI_OK;
+ }
+ }
+
+ /* Cleanup if create failed. */
+ alts_grpc_record_protocol_destroy(impl->record_protocol);
+ alts_grpc_record_protocol_destroy(impl->unrecord_protocol);
+ gpr_free(impl);
+ return TSI_INTERNAL_ERROR;
+}
diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h
new file mode 100644
index 0000000..71e953c
--- /dev/null
+++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h
@@ -0,0 +1,52 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_ZERO_COPY_GRPC_PROTECTOR_H
+#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_ZERO_COPY_GRPC_PROTECTOR_H
+
+#include <grpc/support/port_platform.h>
+
+#include <stdbool.h>
+
+#include "src/core/tsi/transport_security_grpc.h"
+
+/**
+ * This method creates an ALTS zero-copy grpc protector.
+ *
+ * - key: a symmetric key used to seal/unseal frames.
+ * - key_size: the size of symmetric key.
+ * - is_rekey: use rekeying AEAD crypter.
+ * - is_client: a flag indicating if the protector will be used at client or
+ * server side.
+ * - is_integrity_only: a flag indicating if the protector instance will be
+ * used for integrity-only or privacy-integrity mode.
+ * - max_protected_frame_size: an in/out parameter indicating max frame size
+ * to be used by the protector. If it is nullptr, the default frame size will
+ * be used. Otherwise, the provided frame size will be adjusted (if not
+ * falling into a valid frame range) and used.
+ * - protector: a pointer to the zero-copy protector returned from the method.
+ *
+ * This method returns TSI_OK on success or a specific error code otherwise.
+ */
+tsi_result alts_zero_copy_grpc_protector_create(
+ const uint8_t* key, size_t key_size, bool is_rekey, bool is_client,
+ bool is_integrity_only, size_t* max_protected_frame_size,
+ tsi_zero_copy_grpc_protector** protector);
+
+#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_ZERO_COPY_GRPC_PROTECTOR_H \
+ */
diff --git a/src/python/grpcio/grpc_core_dependencies.py b/src/python/grpcio/grpc_core_dependencies.py
index 7515679..dd3a8f9 100644
--- a/src/python/grpcio/grpc_core_dependencies.py
+++ b/src/python/grpcio/grpc_core_dependencies.py
@@ -220,6 +220,7 @@
'src/core/ext/filters/http/server/http_server_filter.cc',
'src/core/lib/http/httpcli_security_connector.cc',
'src/core/lib/security/context/security_context.cc',
+ 'src/core/lib/security/credentials/alts/alts_credentials.cc',
'src/core/lib/security/credentials/composite/composite_credentials.cc',
'src/core/lib/security/credentials/credentials.cc',
'src/core/lib/security/credentials/credentials_metadata.cc',
@@ -233,6 +234,7 @@
'src/core/lib/security/credentials/oauth2/oauth2_credentials.cc',
'src/core/lib/security/credentials/plugin/plugin_credentials.cc',
'src/core/lib/security/credentials/ssl/ssl_credentials.cc',
+ 'src/core/lib/security/security_connector/alts_security_connector.cc',
'src/core/lib/security/security_connector/security_connector.cc',
'src/core/lib/security/transport/client_auth_filter.cc',
'src/core/lib/security/transport/secure_endpoint.cc',
@@ -242,14 +244,45 @@
'src/core/lib/security/transport/tsi_error.cc',
'src/core/lib/security/util/json_util.cc',
'src/core/lib/surface/init_secure.cc',
- 'src/core/tsi/alts_transport_security.cc',
- 'src/core/tsi/fake_transport_security.cc',
- 'src/core/tsi/ssl_transport_security.cc',
- 'src/core/tsi/transport_security_grpc.cc',
+ 'src/core/tsi/alts/crypt/aes_gcm.cc',
+ 'src/core/tsi/alts/crypt/gsec.cc',
+ 'src/core/tsi/alts/frame_protector/alts_counter.cc',
+ 'src/core/tsi/alts/frame_protector/alts_crypter.cc',
+ 'src/core/tsi/alts/frame_protector/alts_frame_protector.cc',
+ 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc',
+ 'src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc',
+ 'src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc',
+ 'src/core/tsi/alts/frame_protector/frame_handler.cc',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_client.cc',
+ 'src/core/tsi/alts/handshaker/alts_tsi_event.cc',
+ 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc',
+ 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc',
+ 'src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc',
+ 'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc',
+ 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc',
+ 'src/core/tsi/alts/handshaker/alts_tsi_utils.cc',
+ 'src/core/tsi/alts/handshaker/transport_security_common_api.cc',
+ 'src/core/tsi/alts/handshaker/altscontext.pb.c',
+ 'src/core/tsi/alts/handshaker/handshaker.pb.c',
+ 'src/core/tsi/alts/handshaker/transport_security_common.pb.c',
+ 'third_party/nanopb/pb_common.c',
+ 'third_party/nanopb/pb_decode.c',
+ 'third_party/nanopb/pb_encode.c',
'src/core/tsi/transport_security.cc',
'src/core/tsi/transport_security_adapter.cc',
- 'src/core/ext/transport/chttp2/server/chttp2_server.cc',
- 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc',
+ 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc',
+ 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc',
+ 'src/core/ext/transport/chttp2/client/chttp2_connector.cc',
'src/core/ext/filters/client_channel/backup_poller.cc',
'src/core/ext/filters/client_channel/channel_connectivity.cc',
'src/core/ext/filters/client_channel/client_channel.cc',
@@ -273,11 +306,14 @@
'src/core/ext/filters/client_channel/subchannel_index.cc',
'src/core/ext/filters/client_channel/uri_parser.cc',
'src/core/ext/filters/deadline/deadline_filter.cc',
- 'src/core/ext/transport/chttp2/client/chttp2_connector.cc',
+ 'src/core/tsi/alts_transport_security.cc',
+ 'src/core/tsi/fake_transport_security.cc',
+ 'src/core/tsi/ssl_transport_security.cc',
+ 'src/core/tsi/transport_security_grpc.cc',
+ 'src/core/ext/transport/chttp2/server/chttp2_server.cc',
+ 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc',
'src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc',
'src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc',
- 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc',
- 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc',
'src/core/ext/transport/inproc/inproc_plugin.cc',
'src/core/ext/transport/inproc/inproc_transport.cc',
'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc',
@@ -286,9 +322,6 @@
'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc',
'src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc',
'src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c',
- 'third_party/nanopb/pb_common.c',
- 'third_party/nanopb/pb_decode.c',
- 'third_party/nanopb/pb_encode.c',
'src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc',
'src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc',
'src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc',
diff --git a/templates/CMakeLists.txt.template b/templates/CMakeLists.txt.template
index 0f08843..ef4d7d7 100644
--- a/templates/CMakeLists.txt.template
+++ b/templates/CMakeLists.txt.template
@@ -138,6 +138,8 @@
## Some libraries are shared even with BUILD_SHARED_LIBRARIES=OFF
set(CMAKE_POSITION_INDEPENDENT_CODE TRUE)
+
+ add_definitions(-DPB_FIELD_16BIT)
if (MSVC)
include(cmake/msvc_static_runtime.cmake)
diff --git a/templates/Makefile.template b/templates/Makefile.template
index 390847b..196d12f 100644
--- a/templates/Makefile.template
+++ b/templates/Makefile.template
@@ -221,6 +221,8 @@
% endif
% endfor
+ DEFINES += PB_FIELD_16BIT
+
CPPFLAGS += $(CPPFLAGS_$(CONFIG))
CFLAGS += $(CFLAGS_$(CONFIG))
CXXFLAGS += $(CXXFLAGS_$(CONFIG))
diff --git a/templates/gRPC-Core.podspec.template b/templates/gRPC-Core.podspec.template
index c28b78d..3e80d60 100644
--- a/templates/gRPC-Core.podspec.template
+++ b/templates/gRPC-Core.podspec.template
@@ -144,7 +144,7 @@
}
s.default_subspecs = 'Interface', 'Implementation'
- s.compiler_flags = '-DGRPC_ARES=0'
+ s.compiler_flags = '-DGRPC_ARES=0', '-DPB_FIELD_16BIT'
s.libraries = 'c++'
# Like many other C libraries, gRPC-Core has its public headers under `include/<libname>/` and its
diff --git a/templates/grpc.gyp.template b/templates/grpc.gyp.template
index 3363082..2ea0d06 100644
--- a/templates/grpc.gyp.template
+++ b/templates/grpc.gyp.template
@@ -60,11 +60,11 @@
% endfor
'cflags_c': [
'-Werror',
- '-std=c99'
+ '-std=c99',
],
'cflags_cc': [
'-Werror',
- '-std=c++11'
+ '-std=c++11',
],
'include_dirs': [
'.',
@@ -127,7 +127,7 @@
% endfor
'-stdlib=libc++',
'-std=c++11',
- '-Wno-error=deprecated-declarations'
+ '-Wno-error=deprecated-declarations',
],
% endif
},
diff --git a/test/core/security/BUILD b/test/core/security/BUILD
index 9776e6d..68de2d1 100644
--- a/test/core/security/BUILD
+++ b/test/core/security/BUILD
@@ -161,3 +161,39 @@
"//test/core/util:grpc_test_util",
],
)
+
+grpc_cc_test(
+ name = "check_gcp_environment_linux_test",
+ srcs = ["check_gcp_environment_linux_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ ],
+)
+
+grpc_cc_test(
+ name = "check_gcp_environment_windows_test",
+ srcs = ["check_gcp_environment_windows_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ ],
+)
+
+grpc_cc_test(
+ name = "grpc_alts_credentials_options_test",
+ srcs = ["grpc_alts_credentials_options_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ ],
+)
+
+grpc_cc_test(
+ name = "alts_security_connector_test",
+ srcs = ["alts_security_connector_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ ],
+)
diff --git a/test/core/security/alts_security_connector_test.cc b/test/core/security/alts_security_connector_test.cc
new file mode 100644
index 0000000..103a493
--- /dev/null
+++ b/test/core/security/alts_security_connector_test.cc
@@ -0,0 +1,166 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <grpc/grpc.h>
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/security/security_connector/alts_security_connector.h"
+#include "src/core/lib/transport/transport.h"
+#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h"
+#include "src/core/tsi/transport_security.h"
+
+using grpc_core::internal::grpc_alts_auth_context_from_tsi_peer;
+
+/* This file contains unit tests of grpc_alts_auth_context_from_tsi_peer(). */
+static void test_invalid_input_failure() {
+ tsi_peer peer;
+ grpc_auth_context* ctx;
+ GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(nullptr, &ctx) ==
+ GRPC_SECURITY_ERROR);
+ GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, nullptr) ==
+ GRPC_SECURITY_ERROR);
+}
+
+static void test_empty_certificate_type_failure() {
+ tsi_peer peer;
+ grpc_auth_context* ctx = nullptr;
+ GPR_ASSERT(tsi_construct_peer(0, &peer) == TSI_OK);
+ GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) ==
+ GRPC_SECURITY_ERROR);
+ GPR_ASSERT(ctx == nullptr);
+ tsi_peer_destruct(&peer);
+}
+
+static void test_empty_peer_property_failure() {
+ tsi_peer peer;
+ grpc_auth_context* ctx;
+ GPR_ASSERT(tsi_construct_peer(1, &peer) == TSI_OK);
+ GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
+ TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE,
+ &peer.properties[0]) == TSI_OK);
+ GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) ==
+ GRPC_SECURITY_ERROR);
+ GPR_ASSERT(ctx == nullptr);
+ tsi_peer_destruct(&peer);
+}
+
+static void test_missing_rpc_protocol_versions_property_failure() {
+ tsi_peer peer;
+ grpc_auth_context* ctx;
+ GPR_ASSERT(tsi_construct_peer(kTsiAltsNumOfPeerProperties, &peer) == TSI_OK);
+ GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
+ TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE,
+ &peer.properties[0]) == TSI_OK);
+ GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
+ TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, "alice",
+ &peer.properties[1]) == TSI_OK);
+ GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) ==
+ GRPC_SECURITY_ERROR);
+ GPR_ASSERT(ctx == nullptr);
+ tsi_peer_destruct(&peer);
+}
+
+static void test_unknown_peer_property_failure() {
+ tsi_peer peer;
+ grpc_auth_context* ctx;
+ GPR_ASSERT(tsi_construct_peer(kTsiAltsNumOfPeerProperties, &peer) == TSI_OK);
+ GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
+ TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE,
+ &peer.properties[0]) == TSI_OK);
+ GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
+ "unknown", "alice", &peer.properties[1]) == TSI_OK);
+ GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) ==
+ GRPC_SECURITY_ERROR);
+ GPR_ASSERT(ctx == nullptr);
+ tsi_peer_destruct(&peer);
+}
+
+static bool test_identity(const grpc_auth_context* ctx,
+ const char* expected_property_name,
+ const char* expected_identity) {
+ grpc_auth_property_iterator it;
+ const grpc_auth_property* prop;
+ GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
+ it = grpc_auth_context_peer_identity(ctx);
+ prop = grpc_auth_property_iterator_next(&it);
+ GPR_ASSERT(prop != nullptr);
+ if (strcmp(prop->name, expected_property_name) != 0) {
+ gpr_log(GPR_ERROR, "Expected peer identity property name %s and got %s.",
+ expected_property_name, prop->name);
+ return false;
+ }
+ if (strncmp(prop->value, expected_identity, prop->value_length) != 0) {
+ gpr_log(GPR_ERROR, "Expected peer identity %s and got got %s.",
+ expected_identity, prop->value);
+ return false;
+ }
+ return true;
+}
+
+static void test_alts_peer_to_auth_context_success() {
+ tsi_peer peer;
+ grpc_auth_context* ctx;
+ GPR_ASSERT(tsi_construct_peer(kTsiAltsNumOfPeerProperties, &peer) == TSI_OK);
+ GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
+ TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE,
+ &peer.properties[0]) == TSI_OK);
+ GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
+ TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, "alice",
+ &peer.properties[1]) == TSI_OK);
+ grpc_gcp_rpc_protocol_versions peer_versions;
+ grpc_gcp_rpc_protocol_versions_set_max(&peer_versions,
+ GRPC_PROTOCOL_VERSION_MAX_MAJOR,
+ GRPC_PROTOCOL_VERSION_MAX_MINOR);
+ grpc_gcp_rpc_protocol_versions_set_min(&peer_versions,
+ GRPC_PROTOCOL_VERSION_MIN_MAJOR,
+ GRPC_PROTOCOL_VERSION_MIN_MINOR);
+ grpc_slice serialized_peer_versions;
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode(&peer_versions,
+ &serialized_peer_versions));
+
+ GPR_ASSERT(tsi_construct_string_peer_property(
+ TSI_ALTS_RPC_VERSIONS,
+ reinterpret_cast<char*>(
+ GRPC_SLICE_START_PTR(serialized_peer_versions)),
+ GRPC_SLICE_LENGTH(serialized_peer_versions),
+ &peer.properties[2]) == TSI_OK);
+ GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) ==
+ GRPC_SECURITY_OK);
+ GPR_ASSERT(
+ test_identity(ctx, TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, "alice"));
+ GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ grpc_slice_unref(serialized_peer_versions);
+ tsi_peer_destruct(&peer);
+}
+
+int main(int argc, char** argv) {
+ /* Test. */
+ test_invalid_input_failure();
+ test_empty_certificate_type_failure();
+ test_empty_peer_property_failure();
+ test_unknown_peer_property_failure();
+ test_missing_rpc_protocol_versions_property_failure();
+ test_alts_peer_to_auth_context_success();
+
+ return 0;
+}
diff --git a/test/core/security/check_gcp_environment_linux_test.cc b/test/core/security/check_gcp_environment_linux_test.cc
new file mode 100644
index 0000000..6c436a3
--- /dev/null
+++ b/test/core/security/check_gcp_environment_linux_test.cc
@@ -0,0 +1,83 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include "src/core/lib/security/credentials/alts/check_gcp_environment.h"
+
+#if GPR_LINUX
+
+#include <stdio.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/gpr/tmpfile.h"
+
+static bool check_bios_data_linux_test(const char* data) {
+ /* Create a file with contents data. */
+ char* filename = nullptr;
+ FILE* fp = gpr_tmpfile("check_gcp_environment_test", &filename);
+ GPR_ASSERT(filename != nullptr);
+ GPR_ASSERT(fp != nullptr);
+ GPR_ASSERT(fwrite(data, 1, strlen(data), fp) == strlen(data));
+ fclose(fp);
+ bool result = grpc_core::internal::check_bios_data(
+ reinterpret_cast<const char*>(filename));
+ /* Cleanup. */
+ remove(filename);
+ gpr_free(filename);
+ return result;
+}
+
+static void test_gcp_environment_check_success() {
+ /* Exact match. */
+ GPR_ASSERT(check_bios_data_linux_test("Google"));
+ GPR_ASSERT(check_bios_data_linux_test("Google Compute Engine"));
+ /* With leading and trailing whitespaces. */
+ GPR_ASSERT(check_bios_data_linux_test(" Google "));
+ GPR_ASSERT(check_bios_data_linux_test("Google "));
+ GPR_ASSERT(check_bios_data_linux_test(" Google"));
+ GPR_ASSERT(check_bios_data_linux_test(" Google Compute Engine "));
+ GPR_ASSERT(check_bios_data_linux_test("Google Compute Engine "));
+ GPR_ASSERT(check_bios_data_linux_test(" Google Compute Engine"));
+ /* With leading and trailing \t and \n. */
+ GPR_ASSERT(check_bios_data_linux_test("\t\tGoogle Compute Engine\t"));
+ GPR_ASSERT(check_bios_data_linux_test("Google Compute Engine\n"));
+ GPR_ASSERT(check_bios_data_linux_test("\n\n\tGoogle Compute Engine \n\t\t"));
+}
+
+static void test_gcp_environment_check_failure() {
+ GPR_ASSERT(!check_bios_data_linux_test("non_existing-file"));
+ GPR_ASSERT(!check_bios_data_linux_test("Google-Chrome"));
+ GPR_ASSERT(!check_bios_data_linux_test("Amazon"));
+ GPR_ASSERT(!check_bios_data_linux_test("Google-Chrome\t\t"));
+ GPR_ASSERT(!check_bios_data_linux_test("Amazon"));
+}
+
+int main(int argc, char** argv) {
+ /* Tests. */
+ test_gcp_environment_check_success();
+ test_gcp_environment_check_failure();
+ return 0;
+}
+
+#else // GPR_LINUX
+
+int main(int argc, char** argv) { return 0; }
+
+#endif // GPR_LINUX
diff --git a/test/core/security/check_gcp_environment_windows_test.cc b/test/core/security/check_gcp_environment_windows_test.cc
new file mode 100644
index 0000000..46179b7
--- /dev/null
+++ b/test/core/security/check_gcp_environment_windows_test.cc
@@ -0,0 +1,71 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include "src/core/lib/security/credentials/alts/check_gcp_environment.h"
+
+#ifdef GPR_WINDOWS
+
+#include <stdio.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+#include "src/core/lib/gpr/tmpfile.h"
+
+static bool check_bios_data_windows_test(const char* data) {
+ /* Create a file with contents data. */
+ char* filename = nullptr;
+ FILE* fp = gpr_tmpfile("check_gcp_environment_test", &filename);
+ GPR_ASSERT(filename != nullptr);
+ GPR_ASSERT(fp != nullptr);
+ GPR_ASSERT(fwrite(data, 1, strlen(data), fp) == strlen(data));
+ fclose(fp);
+ bool result = grpc_core::internal::check_bios_data(
+ reinterpret_cast<const char*>(filename));
+ /* Cleanup. */
+ remove(filename);
+ gpr_free(filename);
+ return result;
+}
+
+static void test_gcp_environment_check_success() {
+ GPR_ASSERT(check_bios_data_windows_test("Google"));
+ GPR_ASSERT(check_bios_data_windows_test("Google\n"));
+ GPR_ASSERT(check_bios_data_windows_test("Google\r"));
+ GPR_ASSERT(check_bios_data_windows_test("Google\r\n"));
+ GPR_ASSERT(check_bios_data_windows_test(" Google \r\n"));
+ GPR_ASSERT(check_bios_data_windows_test(" \t\t Google\r\n"));
+ GPR_ASSERT(check_bios_data_windows_test(" \t\t Google\t\t \r\n"));
+}
+
+static void test_gcp_environment_check_failure() {
+ GPR_ASSERT(!check_bios_data_windows_test("\t\tAmazon\n"));
+ GPR_ASSERT(!check_bios_data_windows_test(" Amazon\r\n"));
+}
+
+int main(int argc, char** argv) {
+ /* Tests. */
+ test_gcp_environment_check_success();
+ test_gcp_environment_check_failure();
+ return 0;
+}
+#else // GPR_WINDOWS
+
+int main(int argc, char** argv) { return 0; }
+
+#endif // GPR_WINDOWS
diff --git a/test/core/security/grpc_alts_credentials_options_test.cc b/test/core/security/grpc_alts_credentials_options_test.cc
new file mode 100644
index 0000000..1217065
--- /dev/null
+++ b/test/core/security/grpc_alts_credentials_options_test.cc
@@ -0,0 +1,118 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <grpc/grpc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h"
+
+#define ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_1 "abc@google.com"
+#define ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_2 "def@google.com"
+
+const size_t kTargetServiceAccountNum = 2;
+
+static void test_add_target_service_account_failure() {
+ /* Initialization. */
+ grpc_alts_credentials_options* options =
+ grpc_alts_credentials_client_options_create();
+ auto client_options =
+ reinterpret_cast<grpc_alts_credentials_client_options*>(options);
+
+ /* Test. */
+ GPR_ASSERT(!grpc_alts_credentials_client_options_add_target_service_account(
+ client_options, nullptr));
+ GPR_ASSERT(!grpc_alts_credentials_client_options_add_target_service_account(
+ nullptr, ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_1));
+
+ /* Cleanup. */
+ grpc_alts_credentials_options_destroy(options);
+}
+
+static void test_copy_client_options_failure() {
+ /* Initialization. */
+ grpc_alts_credentials_options* options =
+ grpc_alts_credentials_client_options_create();
+
+ /* Test. */
+ GPR_ASSERT(grpc_alts_credentials_options_copy(nullptr) == nullptr);
+
+ /* Cleanup. */
+ grpc_alts_credentials_options_destroy(options);
+}
+
+static size_t get_target_service_account_num(
+ grpc_alts_credentials_client_options* options) {
+ size_t num = 0;
+ target_service_account* node = options->target_account_list_head;
+ while (node != nullptr) {
+ num++;
+ node = node->next;
+ }
+ return num;
+}
+
+static void test_client_options_api_success() {
+ /* Initialization. */
+ grpc_alts_credentials_options* options =
+ grpc_alts_credentials_client_options_create();
+ auto client_options =
+ reinterpret_cast<grpc_alts_credentials_client_options*>(options);
+
+ /* Set client options fields. */
+ grpc_alts_credentials_client_options_add_target_service_account(
+ client_options, ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_1);
+ grpc_alts_credentials_client_options_add_target_service_account(
+ client_options, ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_2);
+
+ /* Validate client option fields. */
+ GPR_ASSERT(get_target_service_account_num(client_options) ==
+ kTargetServiceAccountNum);
+ GPR_ASSERT(strcmp(client_options->target_account_list_head->data,
+ ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_2) == 0);
+ GPR_ASSERT(strcmp(client_options->target_account_list_head->next->data,
+ ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_1) == 0);
+
+ /* Perform a copy operation and validate its correctness. */
+ grpc_alts_credentials_options* new_options =
+ grpc_alts_credentials_options_copy(options);
+ auto new_client_options =
+ reinterpret_cast<grpc_alts_credentials_client_options*>(new_options);
+
+ GPR_ASSERT(get_target_service_account_num(new_client_options) ==
+ kTargetServiceAccountNum);
+ GPR_ASSERT(strcmp(new_client_options->target_account_list_head->data,
+ ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_2) == 0);
+ GPR_ASSERT(strcmp(new_client_options->target_account_list_head->next->data,
+ ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_1) == 0);
+
+ /* Cleanup.*/
+ grpc_alts_credentials_options_destroy(options);
+ grpc_alts_credentials_options_destroy(new_options);
+}
+
+int main(int argc, char** argv) {
+ /* Test. */
+ test_add_target_service_account_failure();
+ test_copy_client_options_failure();
+ test_client_options_api_success();
+ return 0;
+}
diff --git a/test/core/tsi/BUILD b/test/core/tsi/BUILD
index e28c0b5..8ac3e76 100644
--- a/test/core/tsi/BUILD
+++ b/test/core/tsi/BUILD
@@ -16,7 +16,7 @@
licenses(["notice"]) # Apache v2
-grpc_package(name = "test/core/tsi")
+grpc_package(name = "test/core/tsi", visibility = "public")
grpc_cc_library(
name = "transport_security_test_lib",
diff --git a/test/core/tsi/alts/crypt/BUILD b/test/core/tsi/alts/crypt/BUILD
new file mode 100644
index 0000000..0057d7f
--- /dev/null
+++ b/test/core/tsi/alts/crypt/BUILD
@@ -0,0 +1,38 @@
+# Copyright 2018 gRPC authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+load("//bazel:grpc_build_system.bzl", "grpc_cc_library", "grpc_cc_test", "grpc_package")
+
+licenses(["notice"]) # Apache v2
+
+grpc_package(name = "crypt", visibility = "public")
+
+grpc_cc_library(
+ name = "alts_crypt_test_util",
+ srcs = ["gsec_test_util.cc"],
+ hdrs = ["gsec_test_util.h"],
+ deps = [
+ "//:grpc",
+ ],
+)
+
+grpc_cc_test(
+ name = "alts_crypt_test",
+ srcs = ["aes_gcm_test.cc"],
+ language = "C++",
+ deps = [
+ ":alts_crypt_test_util",
+ "//:grpc",
+ ],
+)
diff --git a/test/core/tsi/alts/crypt/aes_gcm_test.cc b/test/core/tsi/alts/crypt/aes_gcm_test.cc
new file mode 100644
index 0000000..576dd8f
--- /dev/null
+++ b/test/core/tsi/alts/crypt/aes_gcm_test.cc
@@ -0,0 +1,2105 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include "src/core/tsi/alts/crypt/gsec.h"
+#include "test/core/tsi/alts/crypt/gsec_test_util.h"
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+const size_t kTestMinTagLengthForCorruption = 8;
+const size_t kTestNumCrypters = 3;
+const size_t kTestMaxSlices = 5;
+const size_t kTestMaxLength = 1024;
+const size_t kTestNumEncryptions = 100;
+
+/* Struct for pre-generated test vector */
+typedef struct gsec_aead_test_vector {
+ uint8_t* nonce;
+ uint8_t* aad;
+ uint8_t* key;
+ uint8_t* plaintext;
+ uint8_t* ciphertext_and_tag;
+ size_t nonce_length;
+ size_t aad_length;
+ size_t key_length;
+ size_t plaintext_length;
+ size_t ciphertext_and_tag_length;
+} gsec_aead_test_vector;
+
+static void gsec_randomly_slice(uint8_t* input, size_t input_length,
+ struct iovec** output, size_t* output_length) {
+ if (input_length == 0) {
+ *output = nullptr;
+ *output_length = 0;
+ return;
+ }
+ *output_length = gsec_test_bias_random_uint32(kTestMaxSlices) + 1;
+ *output =
+ static_cast<struct iovec*>(malloc(*output_length * sizeof(**output)));
+ size_t i;
+ for (i = 0; i < *output_length - 1; i++) {
+ size_t slice_length =
+ gsec_test_bias_random_uint32(static_cast<uint32_t>(input_length));
+ struct iovec slice = {input, slice_length};
+ (*output)[i] = slice;
+ input += slice_length;
+ input_length -= slice_length;
+ }
+ struct iovec slice = {input, input_length};
+ (*output)[*output_length - 1] = slice;
+}
+
+static void gsec_assert_ok(grpc_status_code status, const char* error_detail) {
+ char empty_string[] = "";
+ if (error_detail == nullptr) {
+ error_detail = empty_string;
+ }
+ if (status != GRPC_STATUS_OK) {
+ fprintf(stderr, "Status is not ok: %s\n", error_detail);
+ }
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+}
+
+static void gsec_test_random_encrypt_decrypt(gsec_aead_crypter* crypter,
+ size_t aad_length,
+ size_t message_length) {
+ GPR_ASSERT(crypter != nullptr);
+ size_t nonce_length, tag_length;
+ uint8_t *nonce, *aad, *message;
+ gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr);
+ gsec_aead_crypter_tag_length(crypter, &tag_length, nullptr);
+
+ gsec_test_random_array(&nonce, nonce_length);
+ gsec_test_random_array(&aad, aad_length);
+ gsec_test_random_array(&message, message_length);
+
+ /* Test encryption */
+ size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0;
+ gsec_aead_crypter_max_ciphertext_and_tag_length(
+ crypter, message_length, &ciphertext_and_tag_length, nullptr);
+
+ uint8_t* ciphertext_and_tag =
+ static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length));
+
+ char* error_buffer = nullptr;
+ gsec_assert_ok(
+ gsec_aead_crypter_encrypt(crypter, nonce, nonce_length, aad, aad_length,
+ message, message_length, ciphertext_and_tag,
+ ciphertext_and_tag_length,
+ &ciphertext_bytes_written, &error_buffer),
+ error_buffer);
+ GPR_ASSERT(message_length + tag_length == ciphertext_and_tag_length);
+ GPR_ASSERT(ciphertext_bytes_written == ciphertext_and_tag_length);
+
+ /* Test decryption */
+ size_t plaintext_length, plaintext_bytes_written = 0;
+ gsec_aead_crypter_max_plaintext_length(crypter, ciphertext_bytes_written,
+ &plaintext_length, nullptr);
+ uint8_t* plaintext = static_cast<uint8_t*>(gpr_malloc(plaintext_length));
+ grpc_status_code status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag,
+ ciphertext_bytes_written, plaintext, plaintext_length,
+ &plaintext_bytes_written, nullptr);
+
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(message_length == plaintext_bytes_written);
+ GPR_ASSERT(memcmp(message, plaintext, message_length) == 0);
+
+ /**
+ * The returned plaintext will be zeroed if there was an authentication error.
+ */
+ uint8_t* zero_message = static_cast<uint8_t*>(gpr_zalloc(plaintext_length));
+ if (tag_length >= kTestMinTagLengthForCorruption) {
+ char* error_message;
+ /* Corrupt nonce */
+ if (nonce_length > 0) {
+ plaintext_bytes_written = 0;
+ uint8_t* corrupt_nonce;
+ gsec_test_copy_and_alter_random_byte(nonce, &corrupt_nonce, nonce_length);
+ status = gsec_aead_crypter_decrypt(
+ crypter, corrupt_nonce, nonce_length, aad, aad_length,
+ ciphertext_and_tag, ciphertext_bytes_written, plaintext,
+ plaintext_length, &plaintext_bytes_written, &error_message);
+
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, "Checking tag failed.",
+ error_message));
+ GPR_ASSERT(plaintext_bytes_written == 0);
+ GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0);
+ gpr_free(corrupt_nonce);
+ gpr_free(error_message);
+ }
+
+ /* Corrupt ciphertext_and_tag */
+ plaintext_bytes_written = 0;
+ uint8_t* corrupt_ciphertext_and_tag;
+ gsec_test_copy_and_alter_random_byte(ciphertext_and_tag,
+ &corrupt_ciphertext_and_tag,
+ ciphertext_and_tag_length);
+ status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length, aad, aad_length,
+ corrupt_ciphertext_and_tag, ciphertext_bytes_written, plaintext,
+ plaintext_length, &plaintext_bytes_written, &error_message);
+
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Checking tag failed"));
+ GPR_ASSERT(plaintext_bytes_written == 0);
+ GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0);
+ gpr_free(error_message);
+ gpr_free(corrupt_ciphertext_and_tag);
+
+ /* Corrupt start of ciphertext_and_tag */
+ plaintext_bytes_written = 0;
+ gsec_test_copy(ciphertext_and_tag, &corrupt_ciphertext_and_tag,
+ ciphertext_and_tag_length);
+ (*corrupt_ciphertext_and_tag)++;
+ status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length, aad, aad_length,
+ corrupt_ciphertext_and_tag, ciphertext_bytes_written, plaintext,
+ plaintext_length, &plaintext_bytes_written, &error_message);
+ GPR_ASSERT(plaintext_bytes_written == 0);
+ GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Checking tag failed"));
+ gpr_free(error_message);
+ gpr_free(corrupt_ciphertext_and_tag);
+
+ /* Corrupt end of ciphertext_and_tag */
+ plaintext_bytes_written = 0;
+ gsec_test_copy(ciphertext_and_tag, &corrupt_ciphertext_and_tag,
+ ciphertext_and_tag_length);
+ (*(corrupt_ciphertext_and_tag + ciphertext_and_tag_length - 1))++;
+
+ status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length, aad, aad_length,
+ corrupt_ciphertext_and_tag, ciphertext_bytes_written, plaintext,
+ plaintext_length, &plaintext_bytes_written, &error_message);
+
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Checking tag failed"));
+ GPR_ASSERT(plaintext_bytes_written == 0);
+ GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0);
+ gpr_free(error_message);
+ gpr_free(corrupt_ciphertext_and_tag);
+ }
+
+ gpr_free(zero_message);
+ gpr_free(nonce);
+ gpr_free(aad);
+ gpr_free(message);
+ gpr_free(plaintext);
+ gpr_free(ciphertext_and_tag);
+}
+
+static void gsec_test_encrypt_decrypt(gsec_aead_crypter* crypter) {
+ GPR_ASSERT(crypter != nullptr);
+ size_t aad_length, message_length;
+ aad_length = gsec_test_bias_random_uint32(kTestMaxLength);
+ message_length = gsec_test_bias_random_uint32(kTestMaxLength);
+ gsec_test_random_encrypt_decrypt(crypter, aad_length, message_length);
+ gsec_test_random_encrypt_decrypt(crypter, 0, message_length);
+ gsec_test_random_encrypt_decrypt(crypter, aad_length, 0);
+}
+
+static void gsec_test_multiple_random_encrypt_decrypt(
+ gsec_aead_crypter* crypter, size_t* aad_lengths, size_t* message_lengths,
+ size_t count) {
+ GPR_ASSERT(crypter != nullptr);
+ size_t nonce_length, tag_length;
+ uint8_t **nonces, **aads, **messages;
+ nonces = static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count));
+ aads = static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count));
+ messages = static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count));
+
+ gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr);
+ gsec_aead_crypter_tag_length(crypter, &tag_length, nullptr);
+
+ size_t ind;
+ for (ind = 0; ind < count; ind++) {
+ size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind];
+ size_t message_length =
+ (message_lengths == nullptr) ? 0 : message_lengths[ind];
+ gsec_test_random_array(&(nonces[ind]), nonce_length);
+ gsec_test_random_array(&(aads[ind]), aad_length);
+ gsec_test_random_array(&(messages[ind]), message_length);
+ }
+
+ size_t* ciphertext_and_tag_lengths =
+ static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count));
+ size_t* ciphertext_bytes_writtens =
+ static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count));
+ size_t* plaintext_lengths =
+ static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count));
+ size_t* plaintext_bytes_writtens =
+ static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count));
+ uint8_t** ciphertext_and_tags =
+ static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count));
+ uint8_t** plaintexts =
+ static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count));
+
+ /* Do encryption */
+ for (ind = 0; ind < count; ind++) {
+ size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind];
+ size_t message_length =
+ (message_lengths == nullptr) ? 0 : message_lengths[ind];
+ gsec_aead_crypter_max_ciphertext_and_tag_length(
+ crypter, message_length, &(ciphertext_and_tag_lengths[ind]), nullptr);
+ ciphertext_and_tags[ind] =
+ static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_lengths[ind]));
+ grpc_status_code status = gsec_aead_crypter_encrypt(
+ crypter, nonces[ind], nonce_length, aads[ind], aad_length,
+ messages[ind], message_length, ciphertext_and_tags[ind],
+ ciphertext_and_tag_lengths[ind], &(ciphertext_bytes_writtens[ind]),
+ nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(message_length + tag_length == ciphertext_and_tag_lengths[ind]);
+ GPR_ASSERT(ciphertext_bytes_writtens[ind] ==
+ ciphertext_and_tag_lengths[ind]);
+ }
+ /* Do Decryption */
+ for (ind = 0; ind < count; ind++) {
+ size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind];
+ size_t message_length =
+ (message_lengths == nullptr) ? 0 : message_lengths[ind];
+ gsec_aead_crypter_max_plaintext_length(crypter,
+ ciphertext_bytes_writtens[ind],
+ &(plaintext_lengths[ind]), nullptr);
+ plaintexts[ind] = static_cast<uint8_t*>(gpr_malloc(plaintext_lengths[ind]));
+ grpc_status_code status = gsec_aead_crypter_decrypt(
+ crypter, nonces[ind], nonce_length, aads[ind], aad_length,
+ ciphertext_and_tags[ind], ciphertext_bytes_writtens[ind],
+ plaintexts[ind], plaintext_lengths[ind],
+ &(plaintext_bytes_writtens[ind]), nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(message_length == plaintext_bytes_writtens[ind]);
+ GPR_ASSERT(memcmp(messages[ind], plaintexts[ind], message_length) == 0);
+ }
+
+ /* Slice the plaintext and encrypt with iovecs */
+ for (ind = 0; ind < count; ind++) {
+ size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind];
+ struct iovec* aad_vecs = nullptr;
+ size_t aad_vecs_length = 0;
+ gsec_randomly_slice(aads[ind], aad_length, &aad_vecs, &aad_vecs_length);
+ size_t message_length =
+ (message_lengths == nullptr) ? 0 : message_lengths[ind];
+ struct iovec* message_vecs = nullptr;
+ size_t message_vecs_length = 0;
+ gsec_randomly_slice(messages[ind], message_length, &message_vecs,
+ &message_vecs_length);
+
+ size_t ciphertext_length = ciphertext_and_tag_lengths[ind];
+ uint8_t* another_ciphertext =
+ static_cast<uint8_t*>(malloc(ciphertext_length));
+ struct iovec another_ciphertext_vec = {another_ciphertext,
+ ciphertext_length};
+
+ char* error_details = nullptr;
+ size_t ciphertext_bytes_written = 0;
+ gsec_assert_ok(
+ gsec_aead_crypter_encrypt_iovec(
+ crypter, nonces[ind], nonce_length, aad_vecs, aad_vecs_length,
+ message_vecs, message_vecs_length, another_ciphertext_vec,
+ &ciphertext_bytes_written, &error_details),
+ error_details);
+ GPR_ASSERT(memcmp(ciphertext_and_tags[ind], another_ciphertext_vec.iov_base,
+ ciphertext_length) == 0);
+ free(another_ciphertext);
+ free(aad_vecs);
+ free(message_vecs);
+ }
+
+ /* Slice the ciphertext and decrypt with iovecs */
+ for (ind = 0; ind < count; ind++) {
+ size_t message_length =
+ (message_lengths == nullptr) ? 0 : message_lengths[ind];
+ message_length = message_length + 0;
+
+ size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind];
+
+ struct iovec* aad_vecs = nullptr;
+ size_t aad_vecs_length = 0;
+ gsec_randomly_slice(aads[ind], aad_length, &aad_vecs, &aad_vecs_length);
+
+ struct iovec* ciphertext_vecs = nullptr;
+ size_t ciphertext_vecs_length = 0;
+ gsec_randomly_slice(ciphertext_and_tags[ind],
+ ciphertext_bytes_writtens[ind], &ciphertext_vecs,
+ &ciphertext_vecs_length);
+
+ size_t decrypted_length = plaintext_lengths[ind];
+ uint8_t* decrypted = static_cast<uint8_t*>(malloc(decrypted_length));
+ struct iovec decrypted_vec = {decrypted, decrypted_length};
+
+ char* error_details = nullptr;
+ gsec_assert_ok(gsec_aead_crypter_decrypt_iovec(
+ crypter, nonces[ind], nonce_length, aad_vecs,
+ aad_vecs_length, ciphertext_vecs, ciphertext_vecs_length,
+ decrypted_vec, &decrypted_length, &error_details),
+ error_details);
+ GPR_ASSERT(decrypted_vec.iov_len == message_length);
+ GPR_ASSERT(memcmp(decrypted_vec.iov_base, messages[ind], message_length) ==
+ 0);
+ free(decrypted);
+ free(aad_vecs);
+ free(ciphertext_vecs);
+ }
+
+ for (ind = 0; ind < count; ind++) {
+ gpr_free(nonces[ind]);
+ gpr_free(aads[ind]);
+ gpr_free(messages[ind]);
+ gpr_free(ciphertext_and_tags[ind]);
+ gpr_free(plaintexts[ind]);
+ }
+ gpr_free(nonces);
+ gpr_free(aads);
+ gpr_free(messages);
+ gpr_free(ciphertext_and_tag_lengths);
+ gpr_free(ciphertext_bytes_writtens);
+ gpr_free(plaintext_lengths);
+ gpr_free(plaintext_bytes_writtens);
+ gpr_free(ciphertext_and_tags);
+ gpr_free(plaintexts);
+}
+
+static void gsec_test_multiple_encrypt_decrypt(gsec_aead_crypter* crypter) {
+ GPR_ASSERT(crypter != nullptr);
+ size_t count = kTestNumEncryptions;
+ size_t* aad_lengths =
+ static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count));
+ size_t* message_lengths =
+ static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count));
+ size_t ind;
+ for (ind = 0; ind < count; ind++) {
+ aad_lengths[ind] = gsec_test_bias_random_uint32(kTestMaxLength);
+ message_lengths[ind] = gsec_test_bias_random_uint32(kTestMaxLength);
+ }
+ gsec_test_multiple_random_encrypt_decrypt(crypter, aad_lengths,
+ message_lengths, count);
+ gsec_test_multiple_random_encrypt_decrypt(crypter, aad_lengths, nullptr,
+ count);
+ gsec_test_multiple_random_encrypt_decrypt(crypter, nullptr, message_lengths,
+ count);
+ gpr_free(aad_lengths);
+ gpr_free(message_lengths);
+}
+
+static void gsec_test_encryption_failure(gsec_aead_crypter* crypter) {
+ GPR_ASSERT(crypter != nullptr);
+ size_t aad_length = kTestMaxLength;
+ size_t message_length = kTestMaxLength;
+ size_t nonce_length;
+
+ char* error_message;
+ uint8_t *nonce, *aad, *message;
+
+ gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr);
+ gsec_test_random_array(&nonce, nonce_length);
+ gsec_test_random_array(&aad, aad_length);
+ gsec_test_random_array(&message, message_length);
+
+ size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0;
+ gsec_aead_crypter_max_ciphertext_and_tag_length(
+ crypter, message_length, &ciphertext_and_tag_length, nullptr);
+ uint8_t* ciphertext_and_tag =
+ static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length));
+
+ /* nullptr nonce */
+ grpc_status_code status = gsec_aead_crypter_encrypt(
+ crypter, nullptr, nonce_length, aad, aad_length, message, message_length,
+ ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Nonce buffer is nullptr."));
+ gpr_free(error_message);
+
+ /* Big nonce */
+ status = gsec_aead_crypter_encrypt(
+ crypter, nonce, nonce_length + 1, aad, aad_length, message,
+ message_length, ciphertext_and_tag, ciphertext_and_tag_length,
+ &ciphertext_bytes_written, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Nonce buffer has the wrong length."));
+ gpr_free(error_message);
+
+ /* Small nonce */
+ status = gsec_aead_crypter_encrypt(
+ crypter, nonce, nonce_length - 1, aad, aad_length, message,
+ message_length, ciphertext_and_tag, ciphertext_and_tag_length,
+ &ciphertext_bytes_written, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Nonce buffer has the wrong length."));
+ gpr_free(error_message);
+
+ /* nullptr aad */
+ status = gsec_aead_crypter_encrypt(
+ crypter, nonce, nonce_length, nullptr, aad_length, message,
+ message_length, ciphertext_and_tag, ciphertext_and_tag_length,
+ &ciphertext_bytes_written, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "aad is nullptr."));
+ gpr_free(error_message);
+
+ /* nullptr aad with zero length */
+ gsec_assert_ok(
+ gsec_aead_crypter_encrypt(crypter, nonce, nonce_length, nullptr, 0,
+ message, message_length, ciphertext_and_tag,
+ ciphertext_and_tag_length,
+ &ciphertext_bytes_written, &error_message),
+ error_message);
+
+ /* nullptr plaintext */
+ status = gsec_aead_crypter_encrypt(
+ crypter, nonce, nonce_length, aad, aad_length, nullptr, message_length,
+ ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "plaintext is nullptr."));
+ gpr_free(error_message);
+
+ /* nullptr ciphertext */
+ status = gsec_aead_crypter_encrypt(crypter, nonce, nonce_length, aad,
+ aad_length, message, message_length,
+ nullptr, ciphertext_and_tag_length,
+ &ciphertext_bytes_written, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "ciphertext is nullptr."));
+ gpr_free(error_message);
+
+ /* Short ciphertext */
+ status = gsec_aead_crypter_encrypt(
+ crypter, nonce, nonce_length, aad, aad_length, message, message_length,
+ ciphertext_and_tag, ciphertext_and_tag_length - 1,
+ &ciphertext_bytes_written, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "ciphertext is too small to hold a tag."));
+ gpr_free(error_message);
+
+ /* nullptr ciphertext_bytes_written */
+ status = gsec_aead_crypter_encrypt(
+ crypter, nonce, nonce_length, aad, aad_length, message, message_length,
+ ciphertext_and_tag, ciphertext_and_tag_length, nullptr, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "bytes_written is nullptr."));
+ gpr_free(error_message);
+
+ /* nullptr plaintext/ciphertext encrypt with zero length */
+ gsec_assert_ok(gsec_aead_crypter_encrypt(
+ crypter, nonce, nonce_length, aad, aad_length, nullptr, 0,
+ ciphertext_and_tag, ciphertext_and_tag_length,
+ &ciphertext_bytes_written, &error_message),
+ error_message);
+
+ /* Success */
+ status = gsec_aead_crypter_encrypt(
+ crypter, nonce, nonce_length, aad, aad_length, message, message_length,
+ ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written,
+ &error_message);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+
+ gpr_free(message);
+ gpr_free(aad);
+ gpr_free(nonce);
+ gpr_free(ciphertext_and_tag);
+}
+
+static void gsec_test_decryption_failure(gsec_aead_crypter* crypter) {
+ GPR_ASSERT(crypter != nullptr);
+ size_t aad_length = kTestMaxLength;
+ size_t message_length = kTestMaxLength;
+ size_t nonce_length, tag_length;
+ uint8_t *nonce, *aad, *message;
+
+ gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr);
+ gsec_aead_crypter_tag_length(crypter, &tag_length, nullptr);
+ gsec_test_random_array(&nonce, nonce_length);
+ gsec_test_random_array(&aad, aad_length);
+ gsec_test_random_array(&message, message_length);
+
+ /* Test encryption */
+ size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0;
+ gsec_aead_crypter_max_ciphertext_and_tag_length(
+ crypter, message_length, &ciphertext_and_tag_length, nullptr);
+ uint8_t* ciphertext_and_tag =
+ static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length));
+
+ grpc_status_code status = gsec_aead_crypter_encrypt(
+ crypter, nonce, nonce_length, aad, aad_length, message, message_length,
+ ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written,
+ nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(ciphertext_bytes_written == ciphertext_and_tag_length);
+
+ size_t plaintext_length, plaintext_bytes_written = 0;
+ gsec_aead_crypter_max_plaintext_length(crypter, ciphertext_bytes_written,
+ &plaintext_length, nullptr);
+ uint8_t* plaintext = static_cast<uint8_t*>(gpr_malloc(plaintext_length));
+
+ char* error_message;
+ /* nullptr nonce */
+ status = gsec_aead_crypter_decrypt(
+ crypter, nullptr, nonce_length, aad, aad_length, ciphertext_and_tag,
+ ciphertext_and_tag_length, plaintext, plaintext_length,
+ &plaintext_bytes_written, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Nonce buffer is nullptr."));
+ gpr_free(error_message);
+
+ /* Big nonce */
+ status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length + 1, aad, aad_length, ciphertext_and_tag,
+ ciphertext_and_tag_length, plaintext, plaintext_length,
+ &plaintext_bytes_written, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Nonce buffer has the wrong length."));
+ gpr_free(error_message);
+
+ /* Small nonce */
+ status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length - 1, aad, aad_length, ciphertext_and_tag,
+ ciphertext_and_tag_length, plaintext, plaintext_length,
+ &plaintext_bytes_written, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Nonce buffer has the wrong length."));
+ gpr_free(error_message);
+
+ /* nullptr aad */
+ status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length, nullptr, aad_length, ciphertext_and_tag,
+ ciphertext_and_tag_length, plaintext, plaintext_length,
+ &plaintext_bytes_written, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "aad is nullptr."));
+ gpr_free(error_message);
+
+ /* nullptr aad with zero length */
+ status = gsec_aead_crypter_encrypt(
+ crypter, nonce, nonce_length, nullptr, 0, message, message_length,
+ ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written,
+ &error_message);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+
+ status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length, nullptr, 0, ciphertext_and_tag,
+ ciphertext_and_tag_length, plaintext, plaintext_length,
+ &plaintext_bytes_written, &error_message);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+
+ /* Small ciphertext */
+ if (tag_length > 0) {
+ status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag,
+ tag_length - 1, plaintext, plaintext_length, &plaintext_bytes_written,
+ &error_message);
+
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "ciphertext is too small to hold a tag."));
+ gpr_free(error_message);
+ }
+
+ /* nullptr ciphertext */
+ status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length, aad, aad_length, nullptr,
+ ciphertext_and_tag_length, plaintext, plaintext_length,
+ &plaintext_bytes_written, &error_message);
+
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "ciphertext is nullptr."));
+ gpr_free(error_message);
+
+ /* nullptr plaintext */
+ status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag,
+ ciphertext_and_tag_length, nullptr, plaintext_length,
+ &plaintext_bytes_written, &error_message);
+
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "plaintext is nullptr, but plaintext_length is positive."));
+ gpr_free(error_message);
+
+ /* Short plaintext */
+ status = gsec_aead_crypter_decrypt(
+ crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag,
+ ciphertext_and_tag_length, plaintext, plaintext_length - 1,
+ &plaintext_bytes_written, &error_message);
+
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Not enough plaintext buffer to hold encrypted ciphertext."));
+ gpr_free(error_message);
+
+ /* nullptr plaintext_bytes_written */
+ status = gsec_aead_crypter_decrypt(crypter, nonce, nonce_length, aad,
+ aad_length, ciphertext_and_tag,
+ ciphertext_and_tag_length, plaintext,
+ plaintext_length, nullptr, &error_message);
+
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "bytes_written is nullptr."));
+ gpr_free(error_message);
+
+ gpr_free(message);
+ gpr_free(plaintext);
+ gpr_free(ciphertext_and_tag);
+ gpr_free(aad);
+ gpr_free(nonce);
+}
+
+static void gsec_test_encrypt_decrypt_test_vector(
+ gsec_aead_crypter* crypter, gsec_aead_test_vector* test_vector) {
+ GPR_ASSERT(crypter != nullptr);
+ /* Test byte-based encryption interface. */
+ size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0;
+ gsec_aead_crypter_max_ciphertext_and_tag_length(
+ crypter, test_vector->plaintext_length, &ciphertext_and_tag_length,
+ nullptr);
+ uint8_t* ciphertext_and_tag_bytes =
+ static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length));
+ grpc_status_code status = gsec_aead_crypter_encrypt(
+ crypter, test_vector->nonce, test_vector->nonce_length, test_vector->aad,
+ test_vector->aad_length, test_vector->plaintext,
+ test_vector->plaintext_length, ciphertext_and_tag_bytes,
+ ciphertext_and_tag_length, &ciphertext_bytes_written, nullptr);
+
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(ciphertext_bytes_written == ciphertext_and_tag_length);
+ GPR_ASSERT(memcmp(test_vector->ciphertext_and_tag, ciphertext_and_tag_bytes,
+ ciphertext_and_tag_length) == 0);
+
+ /* Test byte-based decryption interface */
+ size_t plaintext_length, plaintext_bytes_written = 0;
+ gsec_aead_crypter_max_plaintext_length(crypter, ciphertext_and_tag_length,
+ &plaintext_length, nullptr);
+ uint8_t* plaintext_bytes =
+ static_cast<uint8_t*>(gpr_malloc(plaintext_length));
+ status = gsec_aead_crypter_decrypt(
+ crypter, test_vector->nonce, test_vector->nonce_length, test_vector->aad,
+ test_vector->aad_length, test_vector->ciphertext_and_tag,
+ test_vector->ciphertext_and_tag_length, plaintext_bytes, plaintext_length,
+ &plaintext_bytes_written, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(memcmp(test_vector->plaintext, plaintext_bytes,
+ plaintext_bytes_written) == 0);
+
+ gpr_free(ciphertext_and_tag_bytes);
+ gpr_free(plaintext_bytes);
+}
+
+static void gsec_test_get_crypter_from_test_vector(
+ gsec_aead_crypter** crypter, gsec_aead_test_vector* test_vector,
+ bool rekey = false) {
+ size_t key_length = test_vector->key_length;
+ GPR_ASSERT(key_length == kAes128GcmKeyLength ||
+ key_length == kAes256GcmKeyLength ||
+ key_length == kAes128GcmRekeyKeyLength);
+ size_t nonce_length = test_vector->nonce_length;
+ GPR_ASSERT(nonce_length == kAesGcmNonceLength);
+ size_t plaintext_length = test_vector->plaintext_length;
+ size_t ciphertext_and_tag_length = test_vector->ciphertext_and_tag_length;
+ GPR_ASSERT(ciphertext_and_tag_length == plaintext_length + kAesGcmTagLength);
+ size_t tag_length = ciphertext_and_tag_length - plaintext_length;
+ gsec_aes_gcm_aead_crypter_create(test_vector->key, key_length, nonce_length,
+ tag_length, rekey, crypter, nullptr);
+}
+
+static void gsec_test_verify_crypter_on_test_vector(
+ gsec_aead_test_vector* test_vector, bool rekey = false) {
+ gsec_aead_crypter* crypter;
+ gsec_test_get_crypter_from_test_vector(&crypter, test_vector, rekey);
+ gsec_test_encrypt_decrypt_test_vector(crypter, test_vector);
+ gsec_aead_crypter_destroy(crypter);
+}
+
+static void gsec_aead_malloc_test_vector(
+ gsec_aead_test_vector** test_vector, const uint8_t* key, size_t key_length,
+ const uint8_t* nonce, size_t nonce_length, const uint8_t* aad,
+ size_t aad_length, const uint8_t* plaintext, size_t plaintext_length,
+ const uint8_t* ciphertext_and_tag, size_t ciphertext_and_tag_length) {
+ *test_vector = static_cast<gsec_aead_test_vector*>(
+ gpr_malloc(sizeof(gsec_aead_test_vector)));
+ (*test_vector)->key_length = key_length;
+ (*test_vector)->nonce_length = nonce_length;
+ (*test_vector)->aad_length = aad_length;
+ (*test_vector)->plaintext_length = plaintext_length;
+ (*test_vector)->ciphertext_and_tag_length = ciphertext_and_tag_length;
+ gsec_test_copy(key, &((*test_vector)->key), key_length);
+ gsec_test_copy(nonce, &((*test_vector)->nonce), nonce_length);
+ gsec_test_copy(aad, &((*test_vector)->aad), aad_length);
+ gsec_test_copy(plaintext, &((*test_vector)->plaintext), plaintext_length);
+ gsec_test_copy(ciphertext_and_tag, &((*test_vector)->ciphertext_and_tag),
+ ciphertext_and_tag_length);
+}
+
+static void gsec_aead_free_test_vector(gsec_aead_test_vector* test_vector) {
+ gpr_free(test_vector->key);
+ gpr_free(test_vector->nonce);
+ gpr_free(test_vector->aad);
+ gpr_free(test_vector->plaintext);
+ gpr_free(test_vector->ciphertext_and_tag);
+ gpr_free(test_vector);
+}
+
+static void gsec_test_create_random_aes_gcm_crypter(gsec_aead_crypter** crypter,
+ size_t key_length,
+ size_t nonce_length,
+ size_t tag_length,
+ bool rekey) {
+ uint8_t* key;
+ gsec_test_random_array(&key, key_length);
+ gsec_aes_gcm_aead_crypter_create(key, key_length, nonce_length, tag_length,
+ rekey, crypter, nullptr);
+ gpr_free(key);
+}
+
+static void gsec_test_get_random_aes_gcm_crypters(
+ gsec_aead_crypter*** crypters) {
+ *crypters = static_cast<gsec_aead_crypter**>(
+ gpr_malloc(sizeof(gsec_aead_crypter*) * kTestNumCrypters));
+ gsec_test_create_random_aes_gcm_crypter(
+ &((*crypters)[0]), kAes128GcmKeyLength, kAesGcmNonceLength,
+ kAesGcmTagLength, /*rekey=*/false);
+ gsec_test_create_random_aes_gcm_crypter(
+ &((*crypters)[1]), kAes256GcmKeyLength, kAesGcmNonceLength,
+ kAesGcmTagLength, /*rekey=*/false);
+ gsec_test_create_random_aes_gcm_crypter(
+ &((*crypters)[2]), kAes128GcmRekeyKeyLength, kAesGcmNonceLength,
+ kAesGcmTagLength, /*rekey=*/true);
+}
+
+static void gsec_test_do_generic_crypter_tests() {
+ gsec_aead_crypter** crypters;
+ gsec_test_get_random_aes_gcm_crypters(&crypters);
+ size_t ind;
+ for (ind = 0; ind < kTestNumCrypters; ind++) {
+ gsec_test_encrypt_decrypt(crypters[ind]);
+ gsec_test_multiple_encrypt_decrypt(crypters[ind]);
+ gsec_test_encryption_failure(crypters[ind]);
+ gsec_test_decryption_failure(crypters[ind]);
+ }
+ for (ind = 0; ind < kTestNumCrypters; ind++) {
+ gsec_aead_crypter_destroy(crypters[ind]);
+ }
+ gpr_free(crypters);
+}
+
+static void gsec_test_do_vector_tests_rekey_nist() {
+ // NIST vectors from:
+ // http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
+ //
+ // IEEE vectors from:
+ // http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf
+ //
+ // Key expanded by setting expandedKey = (key||(key ^ {0x01, .., 0x01})||key ^
+ // {0x02,..,0x02}))[0:44].
+
+ gsec_aead_test_vector vec;
+
+ // Derived from NIST test vector 1
+ uint8_t nonce_0[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
+ 0x0, 0x0, 0x0, 0x0, 0x0, 0x0};
+ uint8_t aad_0[1] = {};
+ uint8_t key_0[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
+ 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1,
+ 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x2,
+ 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2};
+ uint8_t plaintext_0[1] = {};
+ uint8_t ciphertext_0[] = {0x85, 0xE8, 0x73, 0xE0, 0x2, 0xF6, 0xEB, 0xDC,
+ 0x40, 0x60, 0x95, 0x4E, 0xB8, 0x67, 0x55, 0x8};
+ vec = {nonce_0, aad_0, key_0, plaintext_0, ciphertext_0, 12, 0, 44, 0, 16};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from NIST test vector 2
+ uint8_t nonce_1[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
+ 0x0, 0x0, 0x0, 0x0, 0x0, 0x0};
+ uint8_t aad_1[1] = {};
+ uint8_t key_1[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
+ 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1,
+ 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x2,
+ 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2};
+ uint8_t plaintext_1[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
+ 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0};
+ uint8_t ciphertext_1[] = {0x51, 0xE9, 0xA8, 0xCB, 0x23, 0xCA, 0x25, 0x12,
+ 0xC8, 0x25, 0x6A, 0xFF, 0xF8, 0xE7, 0x2D, 0x68,
+ 0x1A, 0xCA, 0x19, 0xA1, 0x14, 0x8A, 0xC1, 0x15,
+ 0xE8, 0x3D, 0xF4, 0x88, 0x8C, 0xC0, 0xD, 0x11};
+ vec = {nonce_1, aad_1, key_1, plaintext_1, ciphertext_1, 12, 0, 44, 16, 32};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from NIST test vector 3
+ uint8_t nonce_2[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE,
+ 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88};
+ uint8_t aad_2[1] = {};
+ uint8_t key_2[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D,
+ 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE,
+ 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E,
+ 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90,
+ 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96};
+ uint8_t plaintext_2[] = {
+ 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9,
+ 0xC5, 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34,
+ 0xF7, 0xDA, 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C,
+ 0x3C, 0xC, 0x95, 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24,
+ 0x49, 0xA6, 0xB5, 0x25, 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6,
+ 0x57, 0xBA, 0x63, 0x7B, 0x39, 0x1A, 0xAF, 0xD2, 0x55};
+ uint8_t ciphertext_2[] = {
+ 0x10, 0x18, 0xED, 0x5A, 0x14, 0x2, 0xA8, 0x65, 0x16, 0xD6, 0x57, 0x6D,
+ 0x70, 0xB2, 0xFF, 0xCC, 0xCA, 0x26, 0x1B, 0x94, 0xDF, 0x88, 0xB5, 0x8F,
+ 0x53, 0xB6, 0x4D, 0xFB, 0xA4, 0x35, 0xD1, 0x8B, 0x2F, 0x6E, 0x3B, 0x78,
+ 0x69, 0xF9, 0x35, 0x3D, 0x4A, 0xC8, 0xCF, 0x9, 0xAF, 0xB1, 0x66, 0x3D,
+ 0xAA, 0x7B, 0x40, 0x17, 0xE6, 0xFC, 0x2C, 0x17, 0x7C, 0xC, 0x8, 0x7C,
+ 0xD, 0xF1, 0x16, 0x21, 0x29, 0x95, 0x22, 0x13, 0xCE, 0xE1, 0xBC, 0x6E,
+ 0x9C, 0x84, 0x95, 0xDD, 0x70, 0x5E, 0x1F, 0x3D};
+ vec = {nonce_2, aad_2, key_2, plaintext_2, ciphertext_2, 12, 0, 44, 64, 80};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from NIST test vector 4
+ uint8_t nonce_3[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE,
+ 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88};
+ uint8_t aad_3[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE,
+ 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD,
+ 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2};
+ uint8_t key_3[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D,
+ 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE,
+ 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E,
+ 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90,
+ 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96};
+ uint8_t plaintext_3[] = {
+ 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5,
+ 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA,
+ 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95,
+ 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25,
+ 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39};
+ uint8_t ciphertext_3[] = {
+ 0x10, 0x18, 0xED, 0x5A, 0x14, 0x2, 0xA8, 0x65, 0x16, 0xD6, 0x57,
+ 0x6D, 0x70, 0xB2, 0xFF, 0xCC, 0xCA, 0x26, 0x1B, 0x94, 0xDF, 0x88,
+ 0xB5, 0x8F, 0x53, 0xB6, 0x4D, 0xFB, 0xA4, 0x35, 0xD1, 0x8B, 0x2F,
+ 0x6E, 0x3B, 0x78, 0x69, 0xF9, 0x35, 0x3D, 0x4A, 0xC8, 0xCF, 0x9,
+ 0xAF, 0xB1, 0x66, 0x3D, 0xAA, 0x7B, 0x40, 0x17, 0xE6, 0xFC, 0x2C,
+ 0x17, 0x7C, 0xC, 0x8, 0x7C, 0x47, 0x64, 0x56, 0x5D, 0x7, 0x7E,
+ 0x91, 0x24, 0x0, 0x1D, 0xDB, 0x27, 0xFC, 0x8, 0x48, 0xC5};
+ vec = {nonce_3, aad_3, key_3, plaintext_3, ciphertext_3, 12, 20, 44, 60, 76};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from adapted NIST test vector 4 for KDF counter boundary (flip
+ // nonce bit 15)
+ uint8_t nonce_4[] = {0xCA, 0x7E, 0xBA, 0xBE, 0xFA, 0xCE,
+ 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88};
+ uint8_t aad_4[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE,
+ 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD,
+ 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2};
+ uint8_t key_4[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D,
+ 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE,
+ 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E,
+ 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90,
+ 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96};
+ uint8_t plaintext_4[] = {
+ 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5,
+ 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA,
+ 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95,
+ 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25,
+ 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39};
+ uint8_t ciphertext_4[] = {
+ 0xE6, 0x50, 0xD3, 0xC0, 0xFB, 0x87, 0x93, 0x27, 0xF2, 0xD0, 0x32,
+ 0x87, 0xFA, 0x93, 0xCD, 0x7, 0x34, 0x2B, 0x13, 0x62, 0x15, 0xAD,
+ 0xBC, 0xA0, 0xC, 0x3B, 0xD5, 0x9, 0x9E, 0xC4, 0x18, 0x32, 0xB1,
+ 0xD1, 0x8E, 0x4, 0x23, 0xED, 0x26, 0xBB, 0x12, 0xC6, 0xCD, 0x9,
+ 0xDE, 0xBB, 0x29, 0x23, 0xA, 0x94, 0xC0, 0xCE, 0xE1, 0x59, 0x3,
+ 0x65, 0x6F, 0x85, 0xED, 0xB6, 0xFC, 0x50, 0x9B, 0x1B, 0x28, 0x21,
+ 0x63, 0x82, 0x17, 0x2E, 0xCB, 0xCC, 0x31, 0xE1, 0xE9, 0xB1};
+ vec = {nonce_4, aad_4, key_4, plaintext_4, ciphertext_4, 12, 20, 44, 60, 76};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from adapted NIST test vector 4 for KDF counter boundary (flip
+ // nonce bit 16)
+ uint8_t nonce_5[] = {0xCA, 0xFE, 0xBB, 0xBE, 0xFA, 0xCE,
+ 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88};
+ uint8_t aad_5[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE,
+ 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD,
+ 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2};
+ uint8_t key_5[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D,
+ 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE,
+ 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E,
+ 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90,
+ 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96};
+ uint8_t plaintext_5[] = {
+ 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5,
+ 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA,
+ 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95,
+ 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25,
+ 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39};
+ uint8_t ciphertext_5[] = {
+ 0xC0, 0x12, 0x1E, 0x6C, 0x95, 0x4D, 0x7, 0x67, 0xF9, 0x66, 0x30,
+ 0xC3, 0x34, 0x50, 0x99, 0x97, 0x91, 0xB2, 0xDA, 0x2A, 0xD0, 0x5C,
+ 0x41, 0x90, 0x16, 0x9C, 0xCA, 0xD9, 0xAC, 0x86, 0xFF, 0x1C, 0x72,
+ 0x1E, 0x3D, 0x82, 0xF2, 0xAD, 0x22, 0xAB, 0x46, 0x3B, 0xAB, 0x4A,
+ 0x7, 0x54, 0xB7, 0xDD, 0x68, 0xCA, 0x4D, 0xE7, 0xEA, 0x25, 0x31,
+ 0xB6, 0x25, 0xED, 0xA0, 0x1F, 0x89, 0x31, 0x2B, 0x2A, 0xB9, 0x57,
+ 0xD5, 0xC7, 0xF8, 0x56, 0x8D, 0xD9, 0x5F, 0xCD, 0xCD, 0x1F};
+ vec = {nonce_5, aad_5, key_5, plaintext_5, ciphertext_5, 12, 20, 44, 60, 76};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from adapted NIST test vector 4 for KDF counter boundary (flip
+ // nonce bit 63)
+ uint8_t nonce_6[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE,
+ 0xDB, 0x2D, 0xDE, 0xCA, 0xF8, 0x88};
+ uint8_t aad_6[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE,
+ 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD,
+ 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2};
+ uint8_t key_6[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D,
+ 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE,
+ 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E,
+ 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90,
+ 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96};
+ uint8_t plaintext_6[] = {
+ 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5,
+ 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA,
+ 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95,
+ 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25,
+ 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39};
+ uint8_t ciphertext_6[] = {
+ 0x8A, 0xF3, 0x7E, 0xA5, 0x68, 0x4A, 0x4D, 0x81, 0xD4, 0xFD, 0x81,
+ 0x72, 0x61, 0xFD, 0x97, 0x43, 0x9, 0x9E, 0x7E, 0x6A, 0x2, 0x5E,
+ 0xAA, 0xCF, 0x8E, 0x54, 0xB1, 0x24, 0xFB, 0x57, 0x43, 0x14, 0x9E,
+ 0x5, 0xCB, 0x89, 0xF4, 0xA4, 0x94, 0x67, 0xFE, 0x2E, 0x5E, 0x59,
+ 0x65, 0xF2, 0x9A, 0x19, 0xF9, 0x94, 0x16, 0xB0, 0x1, 0x6B, 0x54,
+ 0x58, 0x5D, 0x12, 0x55, 0x37, 0x83, 0xBA, 0x59, 0xE9, 0xF7, 0x82,
+ 0xE8, 0x2E, 0x9, 0x7C, 0x33, 0x6B, 0xF7, 0x98, 0x9F, 0x8};
+ vec = {nonce_6, aad_6, key_6, plaintext_6, ciphertext_6, 12, 20, 44, 60, 76};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from adapted NIST test vector 4 for KDF counter boundary (flip
+ // nonce bit 64)
+ uint8_t nonce_7[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE,
+ 0xDB, 0xAD, 0xDF, 0xCA, 0xF8, 0x88};
+ uint8_t aad_7[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE,
+ 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD,
+ 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2};
+ uint8_t key_7[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D,
+ 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE,
+ 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E,
+ 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90,
+ 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96};
+ uint8_t plaintext_7[] = {
+ 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5,
+ 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA,
+ 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95,
+ 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25,
+ 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39};
+ uint8_t ciphertext_7[] = {
+ 0xFB, 0xD5, 0x28, 0x44, 0x8D, 0x3, 0x46, 0xBF, 0xA8, 0x78, 0x63,
+ 0x48, 0x64, 0xD4, 0x7, 0xA3, 0x5A, 0x3, 0x9D, 0xE9, 0xDB, 0x2F,
+ 0x1F, 0xEB, 0x8E, 0x96, 0x5B, 0x3A, 0xE9, 0x35, 0x6C, 0xE6, 0x28,
+ 0x94, 0x41, 0xD7, 0x7F, 0x8F, 0xD, 0xF2, 0x94, 0x89, 0x1F, 0x37,
+ 0xEA, 0x43, 0x8B, 0x22, 0x3E, 0x3B, 0xF2, 0xBD, 0xC5, 0x3D, 0x4C,
+ 0x5A, 0x74, 0xFB, 0x68, 0xB, 0xB3, 0x12, 0xA8, 0xDE, 0xC6, 0xF7,
+ 0x25, 0x2C, 0xBC, 0xD7, 0xF5, 0x79, 0x97, 0x50, 0xAD, 0x78};
+ vec = {nonce_7, aad_7, key_7, plaintext_7, ciphertext_7, 12, 20, 44, 60, 76};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+}
+
+static void gsec_test_do_vector_tests_rekey_ieee() {
+ // IEEE vectors from:
+ // http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf
+ //
+ // Key expanded by setting expandedKey = (key||(key ^ {0x01, .., 0x01})||key ^
+ // {0x02,..,0x02}))[0:44].
+
+ gsec_aead_test_vector vec;
+
+ // Derived from IEEE 2.1.1 54-byte auth
+ uint8_t nonce_8[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89,
+ 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65};
+ uint8_t aad_8[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A, 0xD, 0x46, 0xDF,
+ 0x99, 0x8D, 0x88, 0xE5, 0x22, 0x2A, 0xB2, 0xC2, 0x84, 0x65,
+ 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, 0x8, 0x0,
+ 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
+ 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C,
+ 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x1};
+ uint8_t key_8[] = {0xAD, 0x7A, 0x2B, 0xD0, 0x3E, 0xAC, 0x83, 0x5A, 0x6F,
+ 0x62, 0xF, 0xDC, 0xB5, 0x6, 0xB3, 0x45, 0xAC, 0x7B,
+ 0x2A, 0xD1, 0x3F, 0xAD, 0x82, 0x5B, 0x6E, 0x63, 0xE,
+ 0xDD, 0xB4, 0x7, 0xB2, 0x44, 0xAF, 0x78, 0x29, 0xD2,
+ 0x3C, 0xAE, 0x81, 0x58, 0x6D, 0x60, 0xD, 0xDE};
+ uint8_t plaintext_8[1] = {};
+ uint8_t ciphertext_8[] = {0x3E, 0xA0, 0xB5, 0x84, 0xF3, 0xC8, 0x5E, 0x93,
+ 0xF9, 0x32, 0xE, 0xA5, 0x91, 0x69, 0x9E, 0xFB};
+ vec = {nonce_8, aad_8, key_8, plaintext_8, ciphertext_8, 12, 70, 44, 0, 16};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.1.2 54-byte auth
+ uint8_t nonce_9[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89,
+ 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65};
+ uint8_t aad_9[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A, 0xD, 0x46, 0xDF,
+ 0x99, 0x8D, 0x88, 0xE5, 0x22, 0x2A, 0xB2, 0xC2, 0x84, 0x65,
+ 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, 0x8, 0x0,
+ 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
+ 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C,
+ 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x1};
+ uint8_t key_9[] = {0xE3, 0xC0, 0x8A, 0x8F, 0x6, 0xC6, 0xE3, 0xAD, 0x95,
+ 0xA7, 0x5, 0x57, 0xB2, 0x3F, 0x75, 0x48, 0x3C, 0xE3,
+ 0x30, 0x21, 0xA9, 0xC7, 0x2B, 0x70, 0x25, 0x66, 0x62,
+ 0x4, 0xC6, 0x9C, 0xB, 0x72, 0xE1, 0xC2, 0x88, 0x8D,
+ 0x4, 0xC4, 0xE1, 0xAF, 0x97, 0xA5, 0x7, 0x55};
+ uint8_t plaintext_9[1] = {};
+ uint8_t ciphertext_9[] = {0x29, 0x4E, 0x2, 0x8B, 0xF1, 0xFE, 0x6F, 0x14,
+ 0xC4, 0xE8, 0xF7, 0x30, 0x5C, 0x93, 0x3E, 0xB5};
+ vec = {nonce_9, aad_9, key_9, plaintext_9, ciphertext_9, 12, 70, 44, 0, 16};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.2.1 60-byte crypt
+ uint8_t nonce_10[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89,
+ 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65};
+ uint8_t aad_10[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A,
+ 0xD, 0x46, 0xDF, 0x99, 0x8D, 0x88, 0xE5,
+ 0x2E, 0x0, 0xB2, 0xC2, 0x84, 0x65, 0x12,
+ 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81};
+ uint8_t key_10[] = {0xAD, 0x7A, 0x2B, 0xD0, 0x3E, 0xAC, 0x83, 0x5A, 0x6F,
+ 0x62, 0xF, 0xDC, 0xB5, 0x6, 0xB3, 0x45, 0xAC, 0x7B,
+ 0x2A, 0xD1, 0x3F, 0xAD, 0x82, 0x5B, 0x6E, 0x63, 0xE,
+ 0xDD, 0xB4, 0x7, 0xB2, 0x44, 0xAF, 0x78, 0x29, 0xD2,
+ 0x3C, 0xAE, 0x81, 0x58, 0x6D, 0x60, 0xD, 0xDE};
+ uint8_t plaintext_10[] = {
+ 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24,
+ 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
+ 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x2};
+ uint8_t ciphertext_10[] = {
+ 0xDB, 0x3D, 0x25, 0x71, 0x9C, 0x6B, 0xA, 0x3C, 0xA6, 0x14, 0x5C,
+ 0x15, 0x9D, 0x5C, 0x6E, 0xD9, 0xAF, 0xF9, 0xC6, 0xE0, 0xB7, 0x9F,
+ 0x17, 0x1, 0x9E, 0xA9, 0x23, 0xB8, 0x66, 0x5D, 0xDF, 0x52, 0x13,
+ 0x7A, 0xD6, 0x11, 0xF0, 0xD1, 0xBF, 0x41, 0x7A, 0x7C, 0xA8, 0x5E,
+ 0x45, 0xAF, 0xE1, 0x6, 0xFF, 0x9C, 0x75, 0x69, 0xD3, 0x35, 0xD0,
+ 0x86, 0xAE, 0x6C, 0x3, 0xF0, 0x9, 0x87, 0xCC, 0xD6};
+ vec = {nonce_10, aad_10, key_10, plaintext_10, ciphertext_10,
+ 12, 28, 44, 48, 64};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.2.2 60-byte crypt
+ uint8_t nonce_11[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89,
+ 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65};
+ uint8_t aad_11[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A,
+ 0xD, 0x46, 0xDF, 0x99, 0x8D, 0x88, 0xE5,
+ 0x2E, 0x0, 0xB2, 0xC2, 0x84, 0x65, 0x12,
+ 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81};
+ uint8_t key_11[] = {0xE3, 0xC0, 0x8A, 0x8F, 0x6, 0xC6, 0xE3, 0xAD, 0x95,
+ 0xA7, 0x5, 0x57, 0xB2, 0x3F, 0x75, 0x48, 0x3C, 0xE3,
+ 0x30, 0x21, 0xA9, 0xC7, 0x2B, 0x70, 0x25, 0x66, 0x62,
+ 0x4, 0xC6, 0x9C, 0xB, 0x72, 0xE1, 0xC2, 0x88, 0x8D,
+ 0x4, 0xC4, 0xE1, 0xAF, 0x97, 0xA5, 0x7, 0x55};
+ uint8_t plaintext_11[] = {
+ 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24,
+ 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
+ 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x2};
+ uint8_t ciphertext_11[] = {
+ 0x16, 0x41, 0xF2, 0x8E, 0xC1, 0x3A, 0xFC, 0xC8, 0xF7, 0x90, 0x33,
+ 0x89, 0x78, 0x72, 0x1, 0x5, 0x16, 0x44, 0x91, 0x49, 0x33, 0xE9,
+ 0x20, 0x2B, 0xB9, 0xD0, 0x6A, 0xA0, 0x20, 0xC2, 0xA6, 0x7E, 0xF5,
+ 0x1D, 0xFE, 0x7B, 0xC0, 0xA, 0x85, 0x6C, 0x55, 0xB8, 0xF8, 0x13,
+ 0x3E, 0x77, 0xF6, 0x59, 0x13, 0x25, 0x2, 0xBA, 0xD6, 0x3F, 0x57,
+ 0x13, 0xD5, 0x7D, 0xC, 0x11, 0xE0, 0xF8, 0x71, 0xED};
+ vec = {nonce_11, aad_11, key_11, plaintext_11, ciphertext_11,
+ 12, 28, 44, 48, 64};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.3.1 60-byte auth
+ uint8_t nonce_12[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,
+ 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED};
+ uint8_t aad_12[] = {
+ 0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,
+ 0x88, 0xE5, 0x40, 0x0, 0x76, 0xD4, 0x57, 0xED, 0x8, 0x0, 0xF, 0x10,
+ 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C,
+ 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
+ 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34,
+ 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x3};
+ uint8_t key_12[] = {0x7, 0x1B, 0x11, 0x3B, 0xC, 0xA7, 0x43, 0xFE, 0xCC,
+ 0xCF, 0x3D, 0x5, 0x1F, 0x73, 0x73, 0x82, 0x6, 0x1A,
+ 0x10, 0x3A, 0xD, 0xA6, 0x42, 0xFF, 0xCD, 0xCE, 0x3C,
+ 0x4, 0x1E, 0x72, 0x72, 0x83, 0x5, 0x19, 0x13, 0x39,
+ 0xE, 0xA5, 0x41, 0xFC, 0xCE, 0xCD, 0x3F, 0x7};
+ uint8_t plaintext_12[1] = {};
+ uint8_t ciphertext_12[] = {0x58, 0x83, 0x7A, 0x10, 0x56, 0x2B, 0xF, 0x1F,
+ 0x8E, 0xDB, 0xE5, 0x8C, 0xA5, 0x58, 0x11, 0xD3};
+ vec = {nonce_12, aad_12, key_12, plaintext_12, ciphertext_12, 12, 68,
+ 44, 0, 16};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.3.2 60-byte auth
+ uint8_t nonce_13[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,
+ 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED};
+ uint8_t aad_13[] = {
+ 0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,
+ 0x88, 0xE5, 0x40, 0x0, 0x76, 0xD4, 0x57, 0xED, 0x8, 0x0, 0xF, 0x10,
+ 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C,
+ 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
+ 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34,
+ 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x3};
+ uint8_t key_13[] = {0x69, 0x1D, 0x3E, 0xE9, 0x9, 0xD7, 0xF5, 0x41, 0x67,
+ 0xFD, 0x1C, 0xA0, 0xB5, 0xD7, 0x69, 0x8, 0x1F, 0x2B,
+ 0xDE, 0x1A, 0xEE, 0x65, 0x5F, 0xDB, 0xAB, 0x80, 0xBD,
+ 0x52, 0x95, 0xAE, 0x6B, 0xE7, 0x6B, 0x1F, 0x3C, 0xEB,
+ 0xB, 0xD5, 0xF7, 0x43, 0x65, 0xFF, 0x1E, 0xA2};
+ uint8_t plaintext_13[1] = {};
+ uint8_t ciphertext_13[] = {0xC2, 0x72, 0x2F, 0xF6, 0xCA, 0x29, 0xA2, 0x57,
+ 0x71, 0x8A, 0x52, 0x9D, 0x1F, 0xC, 0x6A, 0x3B};
+ vec = {nonce_13, aad_13, key_13, plaintext_13, ciphertext_13, 12, 68,
+ 44, 0, 16};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.4.1 54-byte crypt
+ uint8_t nonce_14[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,
+ 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED};
+ uint8_t aad_14[] = {0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0,
+ 0x76, 0x1E, 0x8D, 0xCD, 0x3D, 0x88, 0xE5,
+ 0x4C, 0x2A, 0x76, 0xD4, 0x57, 0xED};
+ uint8_t key_14[] = {0x7, 0x1B, 0x11, 0x3B, 0xC, 0xA7, 0x43, 0xFE, 0xCC,
+ 0xCF, 0x3D, 0x5, 0x1F, 0x73, 0x73, 0x82, 0x6, 0x1A,
+ 0x10, 0x3A, 0xD, 0xA6, 0x42, 0xFF, 0xCD, 0xCE, 0x3C,
+ 0x4, 0x1E, 0x72, 0x72, 0x83, 0x5, 0x19, 0x13, 0x39,
+ 0xE, 0xA5, 0x41, 0xFC, 0xCE, 0xCD, 0x3F, 0x7};
+ uint8_t plaintext_14[] = {
+ 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
+ 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D,
+ 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x4};
+ uint8_t ciphertext_14[] = {
+ 0xFD, 0x96, 0xB7, 0x15, 0xB9, 0x3A, 0x13, 0x34, 0x6A, 0xF5, 0x1E, 0x8A,
+ 0xCD, 0xF7, 0x92, 0xCD, 0xC7, 0xB2, 0x68, 0x6F, 0x85, 0x74, 0xC7, 0xE,
+ 0x6B, 0xC, 0xBF, 0x16, 0x29, 0x1D, 0xED, 0x42, 0x7A, 0xD7, 0x3F, 0xEC,
+ 0x48, 0xCD, 0x29, 0x8E, 0x5, 0x28, 0xA1, 0xF4, 0xC6, 0x44, 0xA9, 0x49,
+ 0xFC, 0x31, 0xDC, 0x92, 0x79, 0x70, 0x6D, 0xDB, 0xA3, 0x3F};
+ vec = {nonce_14, aad_14, key_14, plaintext_14, ciphertext_14,
+ 12, 20, 44, 42, 58};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.4.2 54-byte crypt
+ uint8_t nonce_15[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,
+ 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED};
+ uint8_t aad_15[] = {0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0,
+ 0x76, 0x1E, 0x8D, 0xCD, 0x3D, 0x88, 0xE5,
+ 0x4C, 0x2A, 0x76, 0xD4, 0x57, 0xED};
+ uint8_t key_15[] = {0x69, 0x1D, 0x3E, 0xE9, 0x9, 0xD7, 0xF5, 0x41, 0x67,
+ 0xFD, 0x1C, 0xA0, 0xB5, 0xD7, 0x69, 0x8, 0x1F, 0x2B,
+ 0xDE, 0x1A, 0xEE, 0x65, 0x5F, 0xDB, 0xAB, 0x80, 0xBD,
+ 0x52, 0x95, 0xAE, 0x6B, 0xE7, 0x6B, 0x1F, 0x3C, 0xEB,
+ 0xB, 0xD5, 0xF7, 0x43, 0x65, 0xFF, 0x1E, 0xA2};
+ uint8_t plaintext_15[] = {
+ 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
+ 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D,
+ 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x4};
+ uint8_t ciphertext_15[] = {
+ 0xB6, 0x8F, 0x63, 0x0, 0xC2, 0xE9, 0xAE, 0x83, 0x3B, 0xDC, 0x7, 0xE,
+ 0x24, 0x2, 0x1A, 0x34, 0x77, 0x11, 0x8E, 0x78, 0xCC, 0xF8, 0x4E, 0x11,
+ 0xA4, 0x85, 0xD8, 0x61, 0x47, 0x6C, 0x30, 0xF, 0x17, 0x53, 0x53, 0xD5,
+ 0xCD, 0xF9, 0x20, 0x8, 0xA4, 0xF8, 0x78, 0xE6, 0xCC, 0x35, 0x77, 0x76,
+ 0x80, 0x85, 0xC5, 0xA, 0xE, 0x98, 0xFD, 0xA6, 0xCB, 0xB8};
+ vec = {nonce_15, aad_15, key_15, plaintext_15, ciphertext_15,
+ 12, 20, 44, 42, 58};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.5.1 65-byte auth
+ uint8_t nonce_16[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37,
+ 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12};
+ uint8_t aad_16[] = {
+ 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77,
+ 0x88, 0xE5, 0x23, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C, 0xFD, 0xE9, 0xF9,
+ 0xE3, 0x37, 0x24, 0xC6, 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14,
+ 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C,
+ 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
+ 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x0, 0x5};
+ uint8_t key_16[] = {0x1, 0x3F, 0xE0, 0xB, 0x5F, 0x11, 0xBE, 0x7F, 0x86,
+ 0x6D, 0xC, 0xBB, 0xC5, 0x5A, 0x7A, 0x90, 0x0, 0x3E,
+ 0xE1, 0xA, 0x5E, 0x10, 0xBF, 0x7E, 0x87, 0x6C, 0xD,
+ 0xBA, 0xC4, 0x5B, 0x7B, 0x91, 0x3, 0x3D, 0xE2, 0x9,
+ 0x5D, 0x13, 0xBC, 0x7D, 0x84, 0x6F, 0xE, 0xB9};
+ uint8_t plaintext_16[1] = {};
+ uint8_t ciphertext_16[] = {0xCC, 0xA2, 0xE, 0xEC, 0xDA, 0x62, 0x83, 0xF0,
+ 0x9B, 0xB3, 0x54, 0x3D, 0xD9, 0x9E, 0xDB, 0x9B};
+ vec = {nonce_16, aad_16, key_16, plaintext_16, ciphertext_16, 12, 81,
+ 44, 0, 16};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.5.2 65-byte auth
+ uint8_t nonce_17[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37,
+ 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12};
+ uint8_t aad_17[] = {
+ 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77,
+ 0x88, 0xE5, 0x23, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C, 0xFD, 0xE9, 0xF9,
+ 0xE3, 0x37, 0x24, 0xC6, 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14,
+ 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C,
+ 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
+ 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x0, 0x5};
+ uint8_t key_17[] = {0x83, 0xC0, 0x93, 0xB5, 0x8D, 0xE7, 0xFF, 0xE1, 0xC0,
+ 0xDA, 0x92, 0x6A, 0xC4, 0x3F, 0xB3, 0x60, 0x9A, 0xC1,
+ 0xC8, 0xF, 0xEE, 0x1B, 0x62, 0x44, 0x97, 0xEF, 0x94,
+ 0x2E, 0x2F, 0x79, 0xA8, 0x23, 0x81, 0xC2, 0x91, 0xB7,
+ 0x8F, 0xE5, 0xFD, 0xE3, 0xC2, 0xD8, 0x90, 0x68};
+ uint8_t plaintext_17[1] = {};
+ uint8_t ciphertext_17[] = {0xB2, 0x32, 0xCC, 0x1D, 0xA5, 0x11, 0x7B, 0xF1,
+ 0x50, 0x3, 0x73, 0x4F, 0xA5, 0x99, 0xD2, 0x71};
+ vec = {nonce_17, aad_17, key_17, plaintext_17, ciphertext_17, 12, 81,
+ 44, 0, 16};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.6.1 61-byte crypt
+ uint8_t nonce_18[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37,
+ 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12};
+ uint8_t aad_18[] = {0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6,
+ 0xE5, 0xBB, 0xD2, 0x72, 0x77, 0x88, 0xE5,
+ 0x2F, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C,
+ 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6};
+ uint8_t key_18[] = {0x1, 0x3F, 0xE0, 0xB, 0x5F, 0x11, 0xBE, 0x7F, 0x86,
+ 0x6D, 0xC, 0xBB, 0xC5, 0x5A, 0x7A, 0x90, 0x0, 0x3E,
+ 0xE1, 0xA, 0x5E, 0x10, 0xBF, 0x7E, 0x87, 0x6C, 0xD,
+ 0xBA, 0xC4, 0x5B, 0x7B, 0x91, 0x3, 0x3D, 0xE2, 0x9,
+ 0x5D, 0x13, 0xBC, 0x7D, 0x84, 0x6F, 0xE, 0xB9};
+ uint8_t plaintext_18[] = {
+ 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
+ 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A,
+ 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34,
+ 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x0, 0x6};
+ uint8_t ciphertext_18[] = {
+ 0xFF, 0x19, 0x10, 0xD3, 0x5A, 0xD7, 0xE5, 0x65, 0x78, 0x90, 0xC7,
+ 0xC5, 0x60, 0x14, 0x6F, 0xD0, 0x38, 0x70, 0x7F, 0x20, 0x4B, 0x66,
+ 0xED, 0xBC, 0x3D, 0x16, 0x1F, 0x8A, 0xCE, 0x24, 0x4B, 0x98, 0x59,
+ 0x21, 0x2, 0x3C, 0x43, 0x6E, 0x3A, 0x1C, 0x35, 0x32, 0xEC, 0xD5,
+ 0xD0, 0x9A, 0x5, 0x6D, 0x70, 0xBE, 0x58, 0x3F, 0xD, 0x10, 0x82,
+ 0x9D, 0x93, 0x87, 0xD0, 0x7D, 0x33, 0xD8, 0x72, 0xE4, 0x90};
+ vec = {nonce_18, aad_18, key_18, plaintext_18, ciphertext_18,
+ 12, 28, 44, 49, 65};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.6.2 61-byte crypt
+ uint8_t nonce_19[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37,
+ 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12};
+ uint8_t aad_19[] = {0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6,
+ 0xE5, 0xBB, 0xD2, 0x72, 0x77, 0x88, 0xE5,
+ 0x2F, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C,
+ 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6};
+ uint8_t key_19[] = {0x83, 0xC0, 0x93, 0xB5, 0x8D, 0xE7, 0xFF, 0xE1, 0xC0,
+ 0xDA, 0x92, 0x6A, 0xC4, 0x3F, 0xB3, 0x60, 0x9A, 0xC1,
+ 0xC8, 0xF, 0xEE, 0x1B, 0x62, 0x44, 0x97, 0xEF, 0x94,
+ 0x2E, 0x2F, 0x79, 0xA8, 0x23, 0x81, 0xC2, 0x91, 0xB7,
+ 0x8F, 0xE5, 0xFD, 0xE3, 0xC2, 0xD8, 0x90, 0x68};
+ uint8_t plaintext_19[] = {
+ 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
+ 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A,
+ 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34,
+ 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x0, 0x6};
+ uint8_t ciphertext_19[] = {
+ 0xD, 0xB4, 0xCF, 0x95, 0x6B, 0x5F, 0x97, 0xEC, 0xA4, 0xEA, 0xB8,
+ 0x2A, 0x69, 0x55, 0x30, 0x7F, 0x9A, 0xE0, 0x2A, 0x32, 0xDD, 0x7D,
+ 0x93, 0xF8, 0x3D, 0x66, 0xAD, 0x4, 0xE1, 0xCF, 0xDC, 0x51, 0x82,
+ 0xAD, 0x12, 0xAB, 0xDE, 0xA5, 0xBB, 0xB6, 0x19, 0xA1, 0xBD, 0x5F,
+ 0xB9, 0xA5, 0x73, 0x59, 0xF, 0xBA, 0x90, 0x8E, 0x9C, 0x7A, 0x46,
+ 0xC1, 0xF7, 0xBA, 0x9, 0x5, 0xD1, 0xB5, 0x5F, 0xFD, 0xA4};
+ vec = {nonce_19, aad_19, key_19, plaintext_19, ciphertext_19,
+ 12, 28, 44, 49, 65};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.7.1 79-byte crypt
+ uint8_t nonce_20[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5,
+ 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C};
+ uint8_t aad_20[] = {
+ 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A, 0xE8, 0xE2, 0xCA, 0x4E,
+ 0xC5, 0x88, 0xE5, 0x41, 0x0, 0x2E, 0x58, 0x49, 0x5C, 0x8, 0x0,
+ 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24,
+ 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F,
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A,
+ 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45,
+ 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x0, 0x7};
+ uint8_t key_20[] = {0x88, 0xEE, 0x8, 0x7F, 0xD9, 0x5D, 0xA9, 0xFB, 0xF6,
+ 0x72, 0x5A, 0xA9, 0xD7, 0x57, 0xB0, 0xCD, 0x89, 0xEF,
+ 0x9, 0x7E, 0xD8, 0x5C, 0xA8, 0xFA, 0xF7, 0x73, 0x5B,
+ 0xA8, 0xD6, 0x56, 0xB1, 0xCC, 0x8A, 0xEC, 0xA, 0x7D,
+ 0xDB, 0x5F, 0xAB, 0xF9, 0xF4, 0x70, 0x58, 0xAB};
+ uint8_t plaintext_20[1] = {};
+ uint8_t ciphertext_20[] = {0x81, 0x3F, 0xE, 0x63, 0xF, 0x96, 0xFB, 0x2D,
+ 0x3, 0xF, 0x58, 0xD8, 0x3F, 0x5C, 0xDF, 0xD0};
+ vec = {nonce_20, aad_20, key_20, plaintext_20, ciphertext_20, 12, 87,
+ 44, 0, 16};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.7.2 79-byte crypt
+ uint8_t nonce_21[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5,
+ 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C};
+ uint8_t aad_21[] = {
+ 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A, 0xE8, 0xE2, 0xCA, 0x4E,
+ 0xC5, 0x88, 0xE5, 0x41, 0x0, 0x2E, 0x58, 0x49, 0x5C, 0x8, 0x0,
+ 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24,
+ 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F,
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A,
+ 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45,
+ 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x0, 0x7};
+ uint8_t key_21[] = {0x4C, 0x97, 0x3D, 0xBC, 0x73, 0x64, 0x62, 0x16, 0x74,
+ 0xF8, 0xB5, 0xB8, 0x9E, 0x5C, 0x15, 0x51, 0x1F, 0xCE,
+ 0xD9, 0x21, 0x64, 0x90, 0xFB, 0x1C, 0x1A, 0x2C, 0xAA,
+ 0xF, 0xFE, 0x4, 0x7, 0xE5, 0x4E, 0x95, 0x3F, 0xBE,
+ 0x71, 0x66, 0x60, 0x14, 0x76, 0xFA, 0xB7, 0xBA};
+ uint8_t plaintext_21[1] = {};
+ uint8_t ciphertext_21[] = {0x77, 0xE5, 0xA4, 0x4C, 0x21, 0xEB, 0x7, 0x18,
+ 0x8A, 0xAC, 0xBD, 0x74, 0xD1, 0x98, 0xE, 0x97};
+ vec = {nonce_21, aad_21, key_21, plaintext_21, ciphertext_21, 12, 87,
+ 44, 0, 16};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.8.1 61-byte crypt
+ uint8_t nonce_22[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5,
+ 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C};
+ uint8_t aad_22[] = {0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A,
+ 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, 0x88, 0xE5,
+ 0x4D, 0x0, 0x2E, 0x58, 0x49, 0x5C};
+ uint8_t key_22[] = {0x88, 0xEE, 0x8, 0x7F, 0xD9, 0x5D, 0xA9, 0xFB, 0xF6,
+ 0x72, 0x5A, 0xA9, 0xD7, 0x57, 0xB0, 0xCD, 0x89, 0xEF,
+ 0x9, 0x7E, 0xD8, 0x5C, 0xA8, 0xFA, 0xF7, 0x73, 0x5B,
+ 0xA8, 0xD6, 0x56, 0xB1, 0xCC, 0x8A, 0xEC, 0xA, 0x7D,
+ 0xDB, 0x5F, 0xAB, 0xF9, 0xF4, 0x70, 0x58, 0xAB};
+ uint8_t plaintext_22[] = {
+ 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
+ 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D,
+ 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
+ 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43,
+ 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x0, 0x8};
+ uint8_t ciphertext_22[] = {
+ 0x95, 0x8E, 0xC3, 0xF6, 0xD6, 0xA, 0xFE, 0xDA, 0x99, 0xEF, 0xD8, 0x88,
+ 0xF1, 0x75, 0xE5, 0xFC, 0xD4, 0xC8, 0x7B, 0x9B, 0xCC, 0x5C, 0x2F, 0x54,
+ 0x26, 0x25, 0x3A, 0x8B, 0x50, 0x62, 0x96, 0xC8, 0xC4, 0x33, 0x9, 0xAB,
+ 0x2A, 0xDB, 0x59, 0x39, 0x46, 0x25, 0x41, 0xD9, 0x5E, 0x80, 0x81, 0x1E,
+ 0x4, 0xE7, 0x6, 0xB1, 0x49, 0x8F, 0x2C, 0x40, 0x7C, 0x7F, 0xB2, 0x34,
+ 0xF8, 0xCC, 0x1, 0xA6, 0x47, 0x55, 0xE, 0xE6, 0xB5, 0x57, 0xB3, 0x5A,
+ 0x7E, 0x39, 0x45, 0x38, 0x18, 0x21, 0xF4};
+ vec = {nonce_22, aad_22, key_22, plaintext_22, ciphertext_22,
+ 12, 20, 44, 63, 79};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+
+ // Derived from IEEE 2.8.2 61-byte crypt
+ uint8_t nonce_23[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5,
+ 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C};
+ uint8_t aad_23[] = {0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A,
+ 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, 0x88, 0xE5,
+ 0x4D, 0x0, 0x2E, 0x58, 0x49, 0x5C};
+ uint8_t key_23[] = {0x4C, 0x97, 0x3D, 0xBC, 0x73, 0x64, 0x62, 0x16, 0x74,
+ 0xF8, 0xB5, 0xB8, 0x9E, 0x5C, 0x15, 0x51, 0x1F, 0xCE,
+ 0xD9, 0x21, 0x64, 0x90, 0xFB, 0x1C, 0x1A, 0x2C, 0xAA,
+ 0xF, 0xFE, 0x4, 0x7, 0xE5, 0x4E, 0x95, 0x3F, 0xBE,
+ 0x71, 0x66, 0x60, 0x14, 0x76, 0xFA, 0xB7, 0xBA};
+ uint8_t plaintext_23[] = {
+ 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
+ 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D,
+ 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
+ 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43,
+ 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x0, 0x8};
+ uint8_t ciphertext_23[] = {
+ 0xB4, 0x4D, 0x7, 0x20, 0x11, 0xCD, 0x36, 0xD2, 0x72, 0xA9, 0xB7, 0xA9,
+ 0x8D, 0xB9, 0xAA, 0x90, 0xCB, 0xC5, 0xC6, 0x7B, 0x93, 0xDD, 0xCE, 0x67,
+ 0xC8, 0x54, 0x50, 0x32, 0x14, 0xE2, 0xE8, 0x96, 0xEC, 0x7E, 0x9D, 0xB6,
+ 0x49, 0xED, 0x4B, 0xCF, 0x6F, 0x85, 0xA, 0xAC, 0x2, 0x23, 0xD0, 0xCF,
+ 0x92, 0xC8, 0x3D, 0xB8, 0x7, 0x95, 0xC3, 0xA1, 0x7E, 0xCC, 0x12, 0x48,
+ 0xBB, 0x0, 0x59, 0x17, 0x12, 0xB1, 0xAE, 0x71, 0xE2, 0x68, 0x16, 0x41,
+ 0x96, 0x25, 0x21, 0x62, 0x81, 0xB, 0x0};
+ vec = {nonce_23, aad_23, key_23, plaintext_23, ciphertext_23,
+ 12, 20, 44, 63, 79};
+ gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true);
+}
+
+static void gsec_test_do_vector_tests_nist() {
+ /**
+ * From:
+ * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/
+ * gcm-revised-spec.pdf
+ */
+
+ /* Test vector 1 */
+ gsec_aead_test_vector* test_vector_1;
+ const uint8_t test_vector_1_key[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00};
+ const uint8_t test_vector_1_nonce[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
+ const uint8_t test_vector_1_aad[1] = {};
+ const uint8_t test_vector_1_plaintext[1] = {};
+ const uint8_t test_vector_1_ciphertext_and_tag[] = {
+ 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
+ 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a};
+ gsec_aead_malloc_test_vector(
+ &test_vector_1, test_vector_1_key,
+ sizeof(test_vector_1_key) / sizeof(uint8_t), test_vector_1_nonce,
+ sizeof(test_vector_1_nonce) / sizeof(uint8_t), test_vector_1_aad, 0,
+ test_vector_1_plaintext, 0, test_vector_1_ciphertext_and_tag,
+ sizeof(test_vector_1_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_1);
+ gsec_aead_free_test_vector(test_vector_1);
+
+ /* Test vector 2 */
+ gsec_aead_test_vector* test_vector_2;
+ const uint8_t test_vector_2_key[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00};
+ const uint8_t test_vector_2_nonce[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
+ const uint8_t test_vector_2_aad[1] = {};
+ const uint8_t test_vector_2_plaintext[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00};
+ const uint8_t test_vector_2_ciphertext_and_tag[] = {
+ 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, 0xf3, 0x28, 0xc2,
+ 0xb9, 0x71, 0xb2, 0xfe, 0x78, 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec,
+ 0x13, 0xbd, 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf};
+ gsec_aead_malloc_test_vector(
+ &test_vector_2, test_vector_2_key,
+ sizeof(test_vector_2_key) / sizeof(uint8_t), test_vector_2_nonce,
+ sizeof(test_vector_2_nonce) / sizeof(uint8_t), test_vector_2_aad, 0,
+ test_vector_2_plaintext,
+ sizeof(test_vector_2_plaintext) / sizeof(uint8_t),
+ test_vector_2_ciphertext_and_tag,
+ sizeof(test_vector_2_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_2);
+ gsec_aead_free_test_vector(test_vector_2);
+
+ /* Test vector 3 */
+ gsec_aead_test_vector* test_vector_3;
+ const uint8_t test_vector_3_key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65,
+ 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94,
+ 0x67, 0x30, 0x83, 0x08};
+ const uint8_t test_vector_3_nonce[] = {0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce,
+ 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88};
+ const uint8_t test_vector_3_aad[1] = {};
+ const uint8_t test_vector_3_plaintext[] = {
+ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09,
+ 0xc5, 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34,
+ 0xf7, 0xda, 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c,
+ 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24,
+ 0x49, 0xa6, 0xb5, 0x25, 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6,
+ 0x57, 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55};
+ const uint8_t test_vector_3_ciphertext_and_tag[] = {
+ 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, 0x4b, 0x72, 0x21, 0xb7,
+ 0x84, 0xd0, 0xd4, 0x9c, 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
+ 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, 0x21, 0xd5, 0x14, 0xb2,
+ 0x54, 0x66, 0x93, 0x1c, 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
+ 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, 0x3d, 0x58, 0xe0, 0x91,
+ 0x47, 0x3f, 0x59, 0x85, 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
+ 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4};
+ gsec_aead_malloc_test_vector(
+ &test_vector_3, test_vector_3_key,
+ sizeof(test_vector_3_key) / sizeof(uint8_t), test_vector_3_nonce,
+ sizeof(test_vector_3_nonce) / sizeof(uint8_t), test_vector_3_aad, 0,
+ test_vector_3_plaintext,
+ sizeof(test_vector_3_plaintext) / sizeof(uint8_t),
+ test_vector_3_ciphertext_and_tag,
+ sizeof(test_vector_3_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_3);
+ gsec_aead_free_test_vector(test_vector_3);
+
+ /* Test vector 4 */
+ gsec_aead_test_vector* test_vector_4;
+ const uint8_t test_vector_4_key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65,
+ 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94,
+ 0x67, 0x30, 0x83, 0x08};
+ const uint8_t test_vector_4_nonce[] = {0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce,
+ 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88};
+ const uint8_t test_vector_4_aad[] = {0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe,
+ 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad,
+ 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2};
+ const uint8_t test_vector_4_plaintext[] = {
+ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5,
+ 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+ 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95,
+ 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+ 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39};
+ const uint8_t test_vector_4_ciphertext_and_tag[] = {
+ 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, 0x4b, 0x72, 0x21,
+ 0xb7, 0x84, 0xd0, 0xd4, 0x9c, 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02,
+ 0xa4, 0xe0, 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, 0x21,
+ 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, 0x7d, 0x8f, 0x6a, 0x5a,
+ 0xac, 0x84, 0xaa, 0x05, 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac,
+ 0x97, 0x3d, 0x58, 0xe0, 0x91, 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21,
+ 0xa5, 0xdb, 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47};
+ gsec_aead_malloc_test_vector(
+ &test_vector_4, test_vector_4_key,
+ sizeof(test_vector_4_key) / sizeof(uint8_t), test_vector_4_nonce,
+ sizeof(test_vector_4_nonce) / sizeof(uint8_t), test_vector_4_aad,
+ sizeof(test_vector_4_aad) / sizeof(uint8_t), test_vector_4_plaintext,
+ sizeof(test_vector_4_plaintext) / sizeof(uint8_t),
+ test_vector_4_ciphertext_and_tag,
+ sizeof(test_vector_4_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_4);
+ gsec_aead_free_test_vector(test_vector_4);
+}
+
+static void gsec_test_do_vector_tests_ieee() {
+ /**
+ * From:
+ * http://www.ieee802.org/1/files/public/docs2011/
+ * bn-randall-test-vectors-0511-v1.pdf
+ */
+
+ /* 2.1.1 54-byte auth */
+ gsec_aead_test_vector* test_vector_5;
+ const uint8_t test_vector_5_key[] = {0xad, 0x7a, 0x2b, 0xd0, 0x3e, 0xac,
+ 0x83, 0x5a, 0x6f, 0x62, 0x0f, 0xdc,
+ 0xb5, 0x06, 0xb3, 0x45};
+ const uint8_t test_vector_5_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89,
+ 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65};
+ const uint8_t test_vector_5_aad[] = {
+ 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf, 0x99, 0x8d,
+ 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65, 0x12, 0x15, 0x35, 0x24,
+ 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14,
+ 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c,
+ 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x01};
+ const uint8_t test_vector_5_plaintext[1] = {};
+ const uint8_t test_vector_5_ciphertext_and_tag[] = {
+ 0xf0, 0x94, 0x78, 0xa9, 0xb0, 0x90, 0x07, 0xd0,
+ 0x6f, 0x46, 0xe9, 0xb6, 0xa1, 0xda, 0x25, 0xdd};
+ gsec_aead_malloc_test_vector(
+ &test_vector_5, test_vector_5_key,
+ sizeof(test_vector_5_key) / sizeof(uint8_t), test_vector_5_nonce,
+ sizeof(test_vector_5_nonce) / sizeof(uint8_t), test_vector_5_aad,
+ sizeof(test_vector_5_aad) / sizeof(uint8_t), test_vector_5_plaintext, 0,
+ test_vector_5_ciphertext_and_tag,
+ sizeof(test_vector_5_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_5);
+ gsec_aead_free_test_vector(test_vector_5);
+
+ /* 2.1.2 54-byte auth */
+ gsec_aead_test_vector* test_vector_6;
+ const uint8_t test_vector_6_key[] = {
+ 0xe3, 0xc0, 0x8a, 0x8f, 0x06, 0xc6, 0xe3, 0xad, 0x95, 0xa7, 0x05,
+ 0x57, 0xb2, 0x3f, 0x75, 0x48, 0x3c, 0xe3, 0x30, 0x21, 0xa9, 0xc7,
+ 0x2b, 0x70, 0x25, 0x66, 0x62, 0x04, 0xc6, 0x9c, 0x0b, 0x72};
+
+ const uint8_t test_vector_6_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89,
+ 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65};
+ const uint8_t test_vector_6_aad[] = {
+ 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf, 0x99, 0x8d,
+ 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65, 0x12, 0x15, 0x35, 0x24,
+ 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14,
+ 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c,
+ 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x01};
+ const uint8_t test_vector_6_plaintext[1] = {};
+ const uint8_t test_vector_6_ciphertext_and_tag[] = {
+ 0x2f, 0x0b, 0xc5, 0xaf, 0x40, 0x9e, 0x06, 0xd6,
+ 0x09, 0xea, 0x8b, 0x7d, 0x0f, 0xa5, 0xea, 0x50};
+ gsec_aead_malloc_test_vector(
+ &test_vector_6, test_vector_6_key,
+ sizeof(test_vector_6_key) / sizeof(uint8_t), test_vector_6_nonce,
+ sizeof(test_vector_6_nonce) / sizeof(uint8_t), test_vector_6_aad,
+ sizeof(test_vector_6_aad) / sizeof(uint8_t), test_vector_6_plaintext, 0,
+ test_vector_6_ciphertext_and_tag,
+ sizeof(test_vector_6_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_6);
+ gsec_aead_free_test_vector(test_vector_6);
+
+ /* 2.2.1 60-byte crypt */
+ gsec_aead_test_vector* test_vector_7;
+ const uint8_t test_vector_7_key[] = {0xad, 0x7a, 0x2b, 0xd0, 0x3e, 0xac,
+ 0x83, 0x5a, 0x6f, 0x62, 0x0f, 0xdc,
+ 0xb5, 0x06, 0xb3, 0x45};
+
+ const uint8_t test_vector_7_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89,
+ 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65};
+ const uint8_t test_vector_7_aad[] = {
+ 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf,
+ 0x99, 0x8d, 0x88, 0xe5, 0x2e, 0x00, 0xb2, 0xc2, 0x84, 0x65,
+ 0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81};
+ const uint8_t test_vector_7_plaintext[] = {
+ 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24,
+ 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30,
+ 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x02};
+ const uint8_t test_vector_7_ciphertext_and_tag[] = {
+ 0x70, 0x1a, 0xfa, 0x1c, 0xc0, 0x39, 0xc0, 0xd7, 0x65, 0x12, 0x8a,
+ 0x66, 0x5d, 0xab, 0x69, 0x24, 0x38, 0x99, 0xbf, 0x73, 0x18, 0xcc,
+ 0xdc, 0x81, 0xc9, 0x93, 0x1d, 0xa1, 0x7f, 0xbe, 0x8e, 0xdd, 0x7d,
+ 0x17, 0xcb, 0x8b, 0x4c, 0x26, 0xfc, 0x81, 0xe3, 0x28, 0x4f, 0x2b,
+ 0x7f, 0xba, 0x71, 0x3d, 0x4f, 0x8d, 0x55, 0xe7, 0xd3, 0xf0, 0x6f,
+ 0xd5, 0xa1, 0x3c, 0x0c, 0x29, 0xb9, 0xd5, 0xb8, 0x80};
+ gsec_aead_malloc_test_vector(
+ &test_vector_7, test_vector_7_key,
+ sizeof(test_vector_7_key) / sizeof(uint8_t), test_vector_7_nonce,
+ sizeof(test_vector_7_nonce) / sizeof(uint8_t), test_vector_7_aad,
+ sizeof(test_vector_7_aad) / sizeof(uint8_t), test_vector_7_plaintext,
+ sizeof(test_vector_7_plaintext) / sizeof(uint8_t),
+ test_vector_7_ciphertext_and_tag,
+ sizeof(test_vector_7_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_7);
+ gsec_aead_free_test_vector(test_vector_7);
+
+ /* 2.2.2 60-byte crypt */
+ gsec_aead_test_vector* test_vector_8;
+ const uint8_t test_vector_8_key[] = {
+ 0xe3, 0xc0, 0x8a, 0x8f, 0x06, 0xc6, 0xe3, 0xad, 0x95, 0xa7, 0x05,
+ 0x57, 0xb2, 0x3f, 0x75, 0x48, 0x3c, 0xe3, 0x30, 0x21, 0xa9, 0xc7,
+ 0x2b, 0x70, 0x25, 0x66, 0x62, 0x04, 0xc6, 0x9c, 0x0b, 0x72};
+ const uint8_t test_vector_8_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89,
+ 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65};
+ const uint8_t test_vector_8_aad[] = {
+ 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf,
+ 0x99, 0x8d, 0x88, 0xe5, 0x2e, 0x00, 0xb2, 0xc2, 0x84, 0x65,
+ 0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81};
+ const uint8_t test_vector_8_plaintext[] = {
+ 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24,
+ 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30,
+ 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x02};
+ const uint8_t test_vector_8_ciphertext_and_tag[] = {
+ 0xe2, 0x00, 0x6e, 0xb4, 0x2f, 0x52, 0x77, 0x02, 0x2d, 0x9b, 0x19,
+ 0x92, 0x5b, 0xc4, 0x19, 0xd7, 0xa5, 0x92, 0x66, 0x6c, 0x92, 0x5f,
+ 0xe2, 0xef, 0x71, 0x8e, 0xb4, 0xe3, 0x08, 0xef, 0xea, 0xa7, 0xc5,
+ 0x27, 0x3b, 0x39, 0x41, 0x18, 0x86, 0x0a, 0x5b, 0xe2, 0xa9, 0x7f,
+ 0x56, 0xab, 0x78, 0x36, 0x5c, 0xa5, 0x97, 0xcd, 0xbb, 0x3e, 0xdb,
+ 0x8d, 0x1a, 0x11, 0x51, 0xea, 0x0a, 0xf7, 0xb4, 0x36};
+ gsec_aead_malloc_test_vector(
+ &test_vector_8, test_vector_8_key,
+ sizeof(test_vector_8_key) / sizeof(uint8_t), test_vector_8_nonce,
+ sizeof(test_vector_8_nonce) / sizeof(uint8_t), test_vector_8_aad,
+ sizeof(test_vector_8_aad) / sizeof(uint8_t), test_vector_8_plaintext,
+ sizeof(test_vector_8_plaintext) / sizeof(uint8_t),
+ test_vector_8_ciphertext_and_tag,
+ sizeof(test_vector_8_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_8);
+ gsec_aead_free_test_vector(test_vector_8);
+
+ /* 2.3.1 60-byte auth */
+ gsec_aead_test_vector* test_vector_9;
+ const uint8_t test_vector_9_key[] = {0x07, 0x1b, 0x11, 0x3b, 0x0c, 0xa7,
+ 0x43, 0xfe, 0xcc, 0xcf, 0x3d, 0x05,
+ 0x1f, 0x73, 0x73, 0x82};
+ const uint8_t test_vector_9_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d,
+ 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed};
+ const uint8_t test_vector_9_aad[] = {
+ 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d,
+ 0x88, 0xe5, 0x40, 0x00, 0x76, 0xd4, 0x57, 0xed, 0x08, 0x00, 0x0f, 0x10,
+ 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c,
+ 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
+ 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34,
+ 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x03};
+ const uint8_t test_vector_9_plaintext[1] = {};
+ const uint8_t test_vector_9_ciphertext_and_tag[] = {
+ 0x0c, 0x01, 0x7b, 0xc7, 0x3b, 0x22, 0x7d, 0xfc,
+ 0xc9, 0xba, 0xfa, 0x1c, 0x41, 0xac, 0xc3, 0x53};
+ gsec_aead_malloc_test_vector(
+ &test_vector_9, test_vector_9_key,
+ sizeof(test_vector_9_key) / sizeof(uint8_t), test_vector_9_nonce,
+ sizeof(test_vector_9_nonce) / sizeof(uint8_t), test_vector_9_aad,
+ sizeof(test_vector_9_aad) / sizeof(uint8_t), test_vector_9_plaintext, 0,
+ test_vector_9_ciphertext_and_tag,
+ sizeof(test_vector_9_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_9);
+ gsec_aead_free_test_vector(test_vector_9);
+
+ /* 2.3.2 60-byte auth */
+ gsec_aead_test_vector* test_vector_10;
+ const uint8_t test_vector_10_key[] = {
+ 0x69, 0x1d, 0x3e, 0xe9, 0x09, 0xd7, 0xf5, 0x41, 0x67, 0xfd, 0x1c,
+ 0xa0, 0xb5, 0xd7, 0x69, 0x08, 0x1f, 0x2b, 0xde, 0x1a, 0xee, 0x65,
+ 0x5f, 0xdb, 0xab, 0x80, 0xbd, 0x52, 0x95, 0xae, 0x6b, 0xe7};
+ const uint8_t test_vector_10_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d,
+ 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed};
+ const uint8_t test_vector_10_aad[] = {
+ 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d,
+ 0x88, 0xe5, 0x40, 0x00, 0x76, 0xd4, 0x57, 0xed, 0x08, 0x00, 0x0f, 0x10,
+ 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c,
+ 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
+ 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34,
+ 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x03};
+ const uint8_t test_vector_10_plaintext[1] = {};
+ const uint8_t test_vector_10_ciphertext_and_tag[] = {
+ 0x35, 0x21, 0x7c, 0x77, 0x4b, 0xbc, 0x31, 0xb6,
+ 0x31, 0x66, 0xbc, 0xf9, 0xd4, 0xab, 0xed, 0x07};
+ gsec_aead_malloc_test_vector(
+ &test_vector_10, test_vector_10_key,
+ sizeof(test_vector_10_key) / sizeof(uint8_t), test_vector_10_nonce,
+ sizeof(test_vector_10_nonce) / sizeof(uint8_t), test_vector_10_aad,
+ sizeof(test_vector_10_aad) / sizeof(uint8_t), test_vector_10_plaintext, 0,
+ test_vector_10_ciphertext_and_tag,
+ sizeof(test_vector_10_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_10);
+ gsec_aead_free_test_vector(test_vector_10);
+
+ /* 2.4.1 54-byte crypt */
+ gsec_aead_test_vector* test_vector_11;
+ const uint8_t test_vector_11_key[] = {0x07, 0x1b, 0x11, 0x3b, 0x0c, 0xa7,
+ 0x43, 0xfe, 0xcc, 0xcf, 0x3d, 0x05,
+ 0x1f, 0x73, 0x73, 0x82};
+ const uint8_t test_vector_11_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d,
+ 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed};
+ const uint8_t test_vector_11_aad[] = {
+ 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d,
+ 0xcd, 0x3d, 0x88, 0xe5, 0x4c, 0x2a, 0x76, 0xd4, 0x57, 0xed};
+ const uint8_t test_vector_11_plaintext[] = {
+ 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22,
+ 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d,
+ 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x04};
+ const uint8_t test_vector_11_ciphertext_and_tag[] = {
+ 0x13, 0xb4, 0xc7, 0x2b, 0x38, 0x9d, 0xc5, 0x01, 0x8e, 0x72, 0xa1, 0x71,
+ 0xdd, 0x85, 0xa5, 0xd3, 0x75, 0x22, 0x74, 0xd3, 0xa0, 0x19, 0xfb, 0xca,
+ 0xed, 0x09, 0xa4, 0x25, 0xcd, 0x9b, 0x2e, 0x1c, 0x9b, 0x72, 0xee, 0xe7,
+ 0xc9, 0xde, 0x7d, 0x52, 0xb3, 0xf3, 0xd6, 0xa5, 0x28, 0x4f, 0x4a, 0x6d,
+ 0x3f, 0xe2, 0x2a, 0x5d, 0x6c, 0x2b, 0x96, 0x04, 0x94, 0xc3};
+ gsec_aead_malloc_test_vector(
+ &test_vector_11, test_vector_11_key,
+ sizeof(test_vector_11_key) / sizeof(uint8_t), test_vector_11_nonce,
+ sizeof(test_vector_11_nonce) / sizeof(uint8_t), test_vector_11_aad,
+ sizeof(test_vector_11_aad) / sizeof(uint8_t), test_vector_11_plaintext,
+ sizeof(test_vector_11_plaintext) / sizeof(uint8_t),
+ test_vector_11_ciphertext_and_tag,
+ sizeof(test_vector_11_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_11);
+ gsec_aead_free_test_vector(test_vector_11);
+
+ /* 2.4.2 54-byte crypt */
+ gsec_aead_test_vector* test_vector_12;
+ const uint8_t test_vector_12_key[] = {
+ 0x69, 0x1d, 0x3e, 0xe9, 0x09, 0xd7, 0xf5, 0x41, 0x67, 0xfd, 0x1c,
+ 0xa0, 0xb5, 0xd7, 0x69, 0x08, 0x1f, 0x2b, 0xde, 0x1a, 0xee, 0x65,
+ 0x5f, 0xdb, 0xab, 0x80, 0xbd, 0x52, 0x95, 0xae, 0x6b, 0xe7};
+ const uint8_t test_vector_12_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d,
+ 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed};
+ const uint8_t test_vector_12_aad[] = {
+ 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d,
+ 0xcd, 0x3d, 0x88, 0xe5, 0x4c, 0x2a, 0x76, 0xd4, 0x57, 0xed};
+ const uint8_t test_vector_12_plaintext[] = {
+ 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22,
+ 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d,
+ 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x04};
+ const uint8_t test_vector_12_ciphertext_and_tag[] = {
+ 0xc1, 0x62, 0x3f, 0x55, 0x73, 0x0c, 0x93, 0x53, 0x30, 0x97, 0xad, 0xda,
+ 0xd2, 0x56, 0x64, 0x96, 0x61, 0x25, 0x35, 0x2b, 0x43, 0xad, 0xac, 0xbd,
+ 0x61, 0xc5, 0xef, 0x3a, 0xc9, 0x0b, 0x5b, 0xee, 0x92, 0x9c, 0xe4, 0x63,
+ 0x0e, 0xa7, 0x9f, 0x6c, 0xe5, 0x19, 0x12, 0xaf, 0x39, 0xc2, 0xd1, 0xfd,
+ 0xc2, 0x05, 0x1f, 0x8b, 0x7b, 0x3c, 0x9d, 0x39, 0x7e, 0xf2};
+ gsec_aead_malloc_test_vector(
+ &test_vector_12, test_vector_12_key,
+ sizeof(test_vector_12_key) / sizeof(uint8_t), test_vector_12_nonce,
+ sizeof(test_vector_12_nonce) / sizeof(uint8_t), test_vector_12_aad,
+ sizeof(test_vector_12_aad) / sizeof(uint8_t), test_vector_12_plaintext,
+ sizeof(test_vector_12_plaintext) / sizeof(uint8_t),
+ test_vector_12_ciphertext_and_tag,
+ sizeof(test_vector_12_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_12);
+ gsec_aead_free_test_vector(test_vector_12);
+
+ /* 2.5.1 65-byte auth */
+ gsec_aead_test_vector* test_vector_13;
+ const uint8_t test_vector_13_key[] = {0x01, 0x3f, 0xe0, 0x0b, 0x5f, 0x11,
+ 0xbe, 0x7f, 0x86, 0x6d, 0x0c, 0xbb,
+ 0xc5, 0x5a, 0x7a, 0x90};
+ const uint8_t test_vector_13_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37,
+ 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12};
+ const uint8_t test_vector_13_aad[] = {
+ 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2, 0x72, 0x77,
+ 0x88, 0xe5, 0x23, 0x00, 0x89, 0x32, 0xd6, 0x12, 0x7c, 0xfd, 0xe9, 0xf9,
+ 0xe3, 0x37, 0x24, 0xc6, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14,
+ 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c,
+ 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
+ 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x00, 0x05};
+ const uint8_t test_vector_13_plaintext[1] = {};
+ const uint8_t test_vector_13_ciphertext_and_tag[] = {
+ 0x21, 0x78, 0x67, 0xe5, 0x0c, 0x2d, 0xad, 0x74,
+ 0xc2, 0x8c, 0x3b, 0x50, 0xab, 0xdf, 0x69, 0x5a};
+ gsec_aead_malloc_test_vector(
+ &test_vector_13, test_vector_13_key,
+ sizeof(test_vector_13_key) / sizeof(uint8_t), test_vector_13_nonce,
+ sizeof(test_vector_13_nonce) / sizeof(uint8_t), test_vector_13_aad,
+ sizeof(test_vector_13_aad) / sizeof(uint8_t), test_vector_13_plaintext, 0,
+ test_vector_13_ciphertext_and_tag,
+ sizeof(test_vector_13_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_13);
+ gsec_aead_free_test_vector(test_vector_13);
+
+ /* 2.5.2 65-byte auth */
+ gsec_aead_test_vector* test_vector_14;
+ const uint8_t test_vector_14_key[] = {
+ 0x83, 0xc0, 0x93, 0xb5, 0x8d, 0xe7, 0xff, 0xe1, 0xc0, 0xda, 0x92,
+ 0x6a, 0xc4, 0x3f, 0xb3, 0x60, 0x9a, 0xc1, 0xc8, 0x0f, 0xee, 0x1b,
+ 0x62, 0x44, 0x97, 0xef, 0x94, 0x2e, 0x2f, 0x79, 0xa8, 0x23};
+ const uint8_t test_vector_14_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37,
+ 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12};
+ const uint8_t test_vector_14_aad[] = {
+ 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2, 0x72, 0x77,
+ 0x88, 0xe5, 0x23, 0x00, 0x89, 0x32, 0xd6, 0x12, 0x7c, 0xfd, 0xe9, 0xf9,
+ 0xe3, 0x37, 0x24, 0xc6, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14,
+ 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c,
+ 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
+ 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x00, 0x05};
+ const uint8_t test_vector_14_plaintext[1] = {};
+ const uint8_t test_vector_14_ciphertext_and_tag[] = {
+ 0x6e, 0xe1, 0x60, 0xe8, 0xfa, 0xec, 0xa4, 0xb3,
+ 0x6c, 0x86, 0xb2, 0x34, 0x92, 0x0c, 0xa9, 0x75};
+ gsec_aead_malloc_test_vector(
+ &test_vector_14, test_vector_14_key,
+ sizeof(test_vector_14_key) / sizeof(uint8_t), test_vector_14_nonce,
+ sizeof(test_vector_14_nonce) / sizeof(uint8_t), test_vector_14_aad,
+ sizeof(test_vector_14_aad) / sizeof(uint8_t), test_vector_14_plaintext, 0,
+ test_vector_14_ciphertext_and_tag,
+ sizeof(test_vector_14_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_14);
+ gsec_aead_free_test_vector(test_vector_14);
+
+ /* 2.6.1 61-byte crypt */
+ gsec_aead_test_vector* test_vector_15;
+ const uint8_t test_vector_15_key[] = {0x01, 0x3f, 0xe0, 0x0b, 0x5f, 0x11,
+ 0xbe, 0x7f, 0x86, 0x6d, 0x0c, 0xbb,
+ 0xc5, 0x5a, 0x7a, 0x90};
+ const uint8_t test_vector_15_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37,
+ 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12};
+ const uint8_t test_vector_15_aad[] = {
+ 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2,
+ 0x72, 0x77, 0x88, 0xe5, 0x2f, 0x00, 0x89, 0x32, 0xd6, 0x12,
+ 0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, 0x24, 0xc6};
+ const uint8_t test_vector_15_plaintext[] = {
+ 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
+ 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a,
+ 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34,
+ 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x00, 0x06};
+ const uint8_t test_vector_15_ciphertext_and_tag[] = {
+ 0x3a, 0x4d, 0xe6, 0xfa, 0x32, 0x19, 0x10, 0x14, 0xdb, 0xb3, 0x03,
+ 0xd9, 0x2e, 0xe3, 0xa9, 0xe8, 0xa1, 0xb5, 0x99, 0xc1, 0x4d, 0x22,
+ 0xfb, 0x08, 0x00, 0x96, 0xe1, 0x38, 0x11, 0x81, 0x6a, 0x3c, 0x9c,
+ 0x9b, 0xcf, 0x7c, 0x1b, 0x9b, 0x96, 0xda, 0x80, 0x92, 0x04, 0xe2,
+ 0x9d, 0x0e, 0x2a, 0x76, 0x42, 0xbf, 0xd3, 0x10, 0xa4, 0x83, 0x7c,
+ 0x81, 0x6c, 0xcf, 0xa5, 0xac, 0x23, 0xab, 0x00, 0x39, 0x88};
+ gsec_aead_malloc_test_vector(
+ &test_vector_15, test_vector_15_key,
+ sizeof(test_vector_15_key) / sizeof(uint8_t), test_vector_15_nonce,
+ sizeof(test_vector_15_nonce) / sizeof(uint8_t), test_vector_15_aad,
+ sizeof(test_vector_15_aad) / sizeof(uint8_t), test_vector_15_plaintext,
+ sizeof(test_vector_15_plaintext) / sizeof(uint8_t),
+ test_vector_15_ciphertext_and_tag,
+ sizeof(test_vector_15_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_15);
+ gsec_aead_free_test_vector(test_vector_15);
+
+ /* 2.6.2 61-byte crypt */
+ gsec_aead_test_vector* test_vector_16;
+ const uint8_t test_vector_16_key[] = {
+ 0x83, 0xc0, 0x93, 0xb5, 0x8d, 0xe7, 0xff, 0xe1, 0xc0, 0xda, 0x92,
+ 0x6a, 0xc4, 0x3f, 0xb3, 0x60, 0x9a, 0xc1, 0xc8, 0x0f, 0xee, 0x1b,
+ 0x62, 0x44, 0x97, 0xef, 0x94, 0x2e, 0x2f, 0x79, 0xa8, 0x23};
+ const uint8_t test_vector_16_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37,
+ 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12};
+ const uint8_t test_vector_16_aad[] = {
+ 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2,
+ 0x72, 0x77, 0x88, 0xe5, 0x2f, 0x00, 0x89, 0x32, 0xd6, 0x12,
+ 0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, 0x24, 0xc6};
+ const uint8_t test_vector_16_plaintext[] = {
+ 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
+ 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a,
+ 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34,
+ 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x00, 0x06};
+ const uint8_t test_vector_16_ciphertext_and_tag[] = {
+ 0x11, 0x02, 0x22, 0xff, 0x80, 0x50, 0xcb, 0xec, 0xe6, 0x6a, 0x81,
+ 0x3a, 0xd0, 0x9a, 0x73, 0xed, 0x7a, 0x9a, 0x08, 0x9c, 0x10, 0x6b,
+ 0x95, 0x93, 0x89, 0x16, 0x8e, 0xd6, 0xe8, 0x69, 0x8e, 0xa9, 0x02,
+ 0xeb, 0x12, 0x77, 0xdb, 0xec, 0x2e, 0x68, 0xe4, 0x73, 0x15, 0x5a,
+ 0x15, 0xa7, 0xda, 0xee, 0xd4, 0xa1, 0x0f, 0x4e, 0x05, 0x13, 0x9c,
+ 0x23, 0xdf, 0x00, 0xb3, 0xaa, 0xdc, 0x71, 0xf0, 0x59, 0x6a};
+ gsec_aead_malloc_test_vector(
+ &test_vector_16, test_vector_16_key,
+ sizeof(test_vector_16_key) / sizeof(uint8_t), test_vector_16_nonce,
+ sizeof(test_vector_16_nonce) / sizeof(uint8_t), test_vector_16_aad,
+ sizeof(test_vector_16_aad) / sizeof(uint8_t), test_vector_16_plaintext,
+ sizeof(test_vector_16_plaintext) / sizeof(uint8_t),
+ test_vector_16_ciphertext_and_tag,
+ sizeof(test_vector_16_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_16);
+ gsec_aead_free_test_vector(test_vector_16);
+
+ /* 2.7.1 79-byte crypt */
+ gsec_aead_test_vector* test_vector_17;
+ const uint8_t test_vector_17_key[] = {0x88, 0xee, 0x08, 0x7f, 0xd9, 0x5d,
+ 0xa9, 0xfb, 0xf6, 0x72, 0x5a, 0xa9,
+ 0xd7, 0x57, 0xb0, 0xcd};
+ const uint8_t test_vector_17_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5,
+ 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c};
+ const uint8_t test_vector_17_aad[] = {
+ 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca, 0x4e,
+ 0xc5, 0x88, 0xe5, 0x41, 0x00, 0x2e, 0x58, 0x49, 0x5c, 0x08, 0x00,
+ 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24,
+ 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a,
+ 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45,
+ 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x00, 0x07};
+ const uint8_t test_vector_17_plaintext[1] = {};
+ const uint8_t test_vector_17_ciphertext_and_tag[] = {
+ 0x07, 0x92, 0x2b, 0x8e, 0xbc, 0xf1, 0x0b, 0xb2,
+ 0x29, 0x75, 0x88, 0xca, 0x4c, 0x61, 0x45, 0x23};
+ gsec_aead_malloc_test_vector(
+ &test_vector_17, test_vector_17_key,
+ sizeof(test_vector_17_key) / sizeof(uint8_t), test_vector_17_nonce,
+ sizeof(test_vector_17_nonce) / sizeof(uint8_t), test_vector_17_aad,
+ sizeof(test_vector_17_aad) / sizeof(uint8_t), test_vector_17_plaintext, 0,
+ test_vector_17_ciphertext_and_tag,
+ sizeof(test_vector_17_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_17);
+ gsec_aead_free_test_vector(test_vector_17);
+
+ /* 2.7.2 79-byte crypt */
+ gsec_aead_test_vector* test_vector_18;
+ const uint8_t test_vector_18_key[] = {
+ 0x4c, 0x97, 0x3d, 0xbc, 0x73, 0x64, 0x62, 0x16, 0x74, 0xf8, 0xb5,
+ 0xb8, 0x9e, 0x5c, 0x15, 0x51, 0x1f, 0xce, 0xd9, 0x21, 0x64, 0x90,
+ 0xfb, 0x1c, 0x1a, 0x2c, 0xaa, 0x0f, 0xfe, 0x04, 0x07, 0xe5};
+ const uint8_t test_vector_18_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5,
+ 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c};
+ const uint8_t test_vector_18_aad[] = {
+ 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca, 0x4e,
+ 0xc5, 0x88, 0xe5, 0x41, 0x00, 0x2e, 0x58, 0x49, 0x5c, 0x08, 0x00,
+ 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24,
+ 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a,
+ 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45,
+ 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x00, 0x07};
+ const uint8_t test_vector_18_plaintext[1] = {};
+ const uint8_t test_vector_18_ciphertext_and_tag[] = {
+ 0x00, 0xbd, 0xa1, 0xb7, 0xe8, 0x76, 0x08, 0xbc,
+ 0xbf, 0x47, 0x0f, 0x12, 0x15, 0x7f, 0x4c, 0x07};
+ gsec_aead_malloc_test_vector(
+ &test_vector_18, test_vector_18_key,
+ sizeof(test_vector_18_key) / sizeof(uint8_t), test_vector_18_nonce,
+ sizeof(test_vector_18_nonce) / sizeof(uint8_t), test_vector_18_aad,
+ sizeof(test_vector_18_aad) / sizeof(uint8_t), test_vector_18_plaintext, 0,
+ test_vector_18_ciphertext_and_tag,
+ sizeof(test_vector_18_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_18);
+ gsec_aead_free_test_vector(test_vector_18);
+
+ /* 2.8.1 61-byte crypt */
+ gsec_aead_test_vector* test_vector_19;
+ const uint8_t test_vector_19_key[] = {0x88, 0xee, 0x08, 0x7f, 0xd9, 0x5d,
+ 0xa9, 0xfb, 0xf6, 0x72, 0x5a, 0xa9,
+ 0xd7, 0x57, 0xb0, 0xcd};
+ const uint8_t test_vector_19_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5,
+ 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c};
+ const uint8_t test_vector_19_aad[] = {
+ 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca,
+ 0x4e, 0xc5, 0x88, 0xe5, 0x4d, 0x00, 0x2e, 0x58, 0x49, 0x5c};
+ const uint8_t test_vector_19_plaintext[] = {
+ 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22,
+ 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d,
+ 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
+ 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43,
+ 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x00, 0x08};
+ const uint8_t test_vector_19_ciphertext_and_tag[] = {
+ 0xc3, 0x1f, 0x53, 0xd9, 0x9e, 0x56, 0x87, 0xf7, 0x36, 0x51, 0x19, 0xb8,
+ 0x32, 0xd2, 0xaa, 0xe7, 0x07, 0x41, 0xd5, 0x93, 0xf1, 0xf9, 0xe2, 0xab,
+ 0x34, 0x55, 0x77, 0x9b, 0x07, 0x8e, 0xb8, 0xfe, 0xac, 0xdf, 0xec, 0x1f,
+ 0x8e, 0x3e, 0x52, 0x77, 0xf8, 0x18, 0x0b, 0x43, 0x36, 0x1f, 0x65, 0x12,
+ 0xad, 0xb1, 0x6d, 0x2e, 0x38, 0x54, 0x8a, 0x2c, 0x71, 0x9d, 0xba, 0x72,
+ 0x28, 0xd8, 0x40, 0x88, 0xf8, 0x75, 0x7a, 0xdb, 0x8a, 0xa7, 0x88, 0xd8,
+ 0xf6, 0x5a, 0xd6, 0x68, 0xbe, 0x70, 0xe7};
+ gsec_aead_malloc_test_vector(
+ &test_vector_19, test_vector_19_key,
+ sizeof(test_vector_19_key) / sizeof(uint8_t), test_vector_19_nonce,
+ sizeof(test_vector_19_nonce) / sizeof(uint8_t), test_vector_19_aad,
+ sizeof(test_vector_19_aad) / sizeof(uint8_t), test_vector_19_plaintext,
+ sizeof(test_vector_19_plaintext) / sizeof(uint8_t),
+ test_vector_19_ciphertext_and_tag,
+ sizeof(test_vector_19_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_19);
+ gsec_aead_free_test_vector(test_vector_19);
+
+ /* 2.8.2 61-byte crypt */
+ gsec_aead_test_vector* test_vector_20;
+ const uint8_t test_vector_20_key[] = {
+ 0x4c, 0x97, 0x3d, 0xbc, 0x73, 0x64, 0x62, 0x16, 0x74, 0xf8, 0xb5,
+ 0xb8, 0x9e, 0x5c, 0x15, 0x51, 0x1f, 0xce, 0xd9, 0x21, 0x64, 0x90,
+ 0xfb, 0x1c, 0x1a, 0x2c, 0xaa, 0x0f, 0xfe, 0x04, 0x07, 0xe5};
+ const uint8_t test_vector_20_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5,
+ 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c};
+ const uint8_t test_vector_20_aad[] = {
+ 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca,
+ 0x4e, 0xc5, 0x88, 0xe5, 0x4d, 0x00, 0x2e, 0x58, 0x49, 0x5c};
+ const uint8_t test_vector_20_plaintext[] = {
+ 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22,
+ 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d,
+ 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
+ 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43,
+ 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x00, 0x08};
+ const uint8_t test_vector_20_ciphertext_and_tag[] = {
+ 0xba, 0x8a, 0xe3, 0x1b, 0xc5, 0x06, 0x48, 0x6d, 0x68, 0x73, 0xe4, 0xfc,
+ 0xe4, 0x60, 0xe7, 0xdc, 0x57, 0x59, 0x1f, 0xf0, 0x06, 0x11, 0xf3, 0x1c,
+ 0x38, 0x34, 0xfe, 0x1c, 0x04, 0xad, 0x80, 0xb6, 0x68, 0x03, 0xaf, 0xcf,
+ 0x5b, 0x27, 0xe6, 0x33, 0x3f, 0xa6, 0x7c, 0x99, 0xda, 0x47, 0xc2, 0xf0,
+ 0xce, 0xd6, 0x8d, 0x53, 0x1b, 0xd7, 0x41, 0xa9, 0x43, 0xcf, 0xf7, 0xa6,
+ 0x71, 0x3b, 0xd0, 0x26, 0x11, 0xcd, 0x7d, 0xaa, 0x01, 0xd6, 0x1c, 0x5c,
+ 0x88, 0x6d, 0xc1, 0xa8, 0x17, 0x01, 0x07};
+ gsec_aead_malloc_test_vector(
+ &test_vector_20, test_vector_20_key,
+ sizeof(test_vector_20_key) / sizeof(uint8_t), test_vector_20_nonce,
+ sizeof(test_vector_20_nonce) / sizeof(uint8_t), test_vector_20_aad,
+ sizeof(test_vector_20_aad) / sizeof(uint8_t), test_vector_20_plaintext,
+ sizeof(test_vector_20_plaintext) / sizeof(uint8_t),
+ test_vector_20_ciphertext_and_tag,
+ sizeof(test_vector_20_ciphertext_and_tag) / sizeof(uint8_t));
+ gsec_test_verify_crypter_on_test_vector(test_vector_20);
+ gsec_aead_free_test_vector(test_vector_20);
+}
+
+int main(int argc, char** argv) {
+ grpc_init();
+ gsec_test_do_generic_crypter_tests();
+ gsec_test_do_vector_tests_nist();
+ gsec_test_do_vector_tests_ieee();
+ gsec_test_do_vector_tests_rekey_nist();
+ gsec_test_do_vector_tests_rekey_ieee();
+ grpc_shutdown();
+ return 0;
+}
diff --git a/test/core/tsi/alts/crypt/gsec_test_util.cc b/test/core/tsi/alts/crypt/gsec_test_util.cc
new file mode 100644
index 0000000..992c91e
--- /dev/null
+++ b/test/core/tsi/alts/crypt/gsec_test_util.cc
@@ -0,0 +1,87 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include "test/core/tsi/alts/crypt/gsec_test_util.h"
+
+#include <grpc/support/alloc.h>
+
+void gsec_test_random_bytes(uint8_t* bytes, size_t length) {
+ if (!RAND_bytes(bytes, static_cast<int>(length))) {
+ fprintf(stderr,
+ "Random bytes generation failed in gsec_test_random_bytes().");
+ abort();
+ }
+}
+
+void gsec_test_random_array(uint8_t** bytes, size_t length) {
+ if (bytes != nullptr) {
+ *bytes = static_cast<uint8_t*>(gpr_malloc(length));
+ gsec_test_random_bytes(*bytes, length);
+ } else {
+ fprintf(stderr, "bytes buffer is nullptr in gsec_test_random_array().");
+ abort();
+ }
+}
+
+uint32_t gsec_test_bias_random_uint32(uint32_t max_length) {
+ uint32_t value;
+ gsec_test_random_bytes((uint8_t*)(&value), sizeof(value));
+ return value % max_length;
+}
+
+void gsec_test_copy(const uint8_t* src, uint8_t** des, size_t source_len) {
+ if (src != nullptr && des != nullptr) {
+ *des = static_cast<uint8_t*>(gpr_malloc(source_len));
+ memcpy(*des, src, source_len);
+ } else {
+ fprintf(stderr, "Either src or des buffer is nullptr in gsec_test_copy().");
+ abort();
+ }
+}
+
+void gsec_test_copy_and_alter_random_byte(const uint8_t* src, uint8_t** des,
+ size_t source_len) {
+ if (src != nullptr && des != nullptr) {
+ *des = static_cast<uint8_t*>(gpr_malloc(source_len));
+ memcpy(*des, src, source_len);
+ uint32_t offset;
+ offset = gsec_test_bias_random_uint32(static_cast<uint32_t>(source_len));
+ (*(*des + offset))++;
+ } else {
+ fprintf(stderr,
+ "Either src or des is nullptr in "
+ "gsec_test_copy_and_alter_random_byte().");
+ abort();
+ }
+}
+
+int gsec_test_expect_compare_code_and_substr(grpc_status_code status1,
+ grpc_status_code status2,
+ const char* msg1,
+ const char* msg2) {
+ int failure = 1;
+ if (status1 != status2) {
+ fprintf(stderr, "Status %d does not equal %d.\n", status1, status2);
+ failure = 0;
+ }
+ if (strstr(msg1, msg2) == nullptr) {
+ fprintf(stderr, "Status message <%s> does not contain <%s>.\n", msg1, msg2);
+ failure = 0;
+ }
+ return failure;
+}
diff --git a/test/core/tsi/alts/crypt/gsec_test_util.h b/test/core/tsi/alts/crypt/gsec_test_util.h
new file mode 100644
index 0000000..206ae2f
--- /dev/null
+++ b/test/core/tsi/alts/crypt/gsec_test_util.h
@@ -0,0 +1,91 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_TEST_CORE_TSI_ALTS_CRYPT_GSEC_TEST_UTIL_H_
+#define GRPC_TEST_CORE_TSI_ALTS_CRYPT_GSEC_TEST_UTIL_H_
+
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/rand.h>
+
+#include <grpc/grpc.h>
+
+/**
+ * This method returns random bytes of certain length.
+ *
+ * - bytes: buffer to hold random bytes.
+ * - length: length of buffer to be populated.
+ */
+void gsec_test_random_bytes(uint8_t* bytes, size_t length);
+
+/**
+ * This method returns an array of random bytes.
+ *
+ * - bytes: array to hold random bytes.
+ * - length: length of array to be populated.
+ */
+void gsec_test_random_array(uint8_t** bytes, size_t length);
+
+/**
+ * This method returns a uint32 that's not quite uniformly random, but good
+ * enough for tests.
+ *
+ * - max_length: a max value the returned random number can choose.
+ */
+uint32_t gsec_test_bias_random_uint32(uint32_t max_length);
+
+/**
+ * This method copies data from a source to a destination buffer.
+ *
+ * - src: a source buffer.
+ * - des: a destination buffer.
+ * - length: the length of source buffer to be copied from its beginning.
+ */
+void gsec_test_copy(const uint8_t* src, uint8_t** des, size_t length);
+
+/**
+ * This method copies data from a source to a destination buffer, and flips one
+ * byte in the destination buffer randomly.
+ *
+ * - src: a source buffer.
+ * - des: a destination buffer.
+ * - length: the length of source buffer to be copied from its beginning.
+ */
+void gsec_test_copy_and_alter_random_byte(const uint8_t* src, uint8_t** des,
+ size_t source_len);
+
+/**
+ * This method compares two grpc_status_code values, and verifies if one string
+ * is a substring of the other.
+ *
+ * - status1: the first grpc_status_code to be compared.
+ * - status2: the second grpc_status_code to be compared.
+ * - msg1: a string to be scanned.
+ * - msg2: a small string to be searched within msg1.
+ *
+ * If both checks succeed, the method returns 1 and otherwise, it returns 0.
+ */
+int gsec_test_expect_compare_code_and_substr(grpc_status_code status1,
+ grpc_status_code status2,
+ const char* msg1,
+ const char* msg2);
+
+#endif // GRPC_TEST_CORE_TSI_ALTS_CRYPT_GSEC_TEST_UTIL_H_ */
diff --git a/test/core/tsi/alts/frame_protector/BUILD b/test/core/tsi/alts/frame_protector/BUILD
new file mode 100644
index 0000000..8bbc8c6
--- /dev/null
+++ b/test/core/tsi/alts/frame_protector/BUILD
@@ -0,0 +1,60 @@
+# Copyright 2018 gRPC authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+load("//bazel:grpc_build_system.bzl", "grpc_cc_library", "grpc_cc_test", "grpc_package")
+
+licenses(["notice"]) # Apache v2
+
+grpc_package(name = "frame_protector")
+
+grpc_cc_test(
+ name = "alts_counter_test",
+ srcs = ["alts_counter_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ "//test/core/tsi/alts/crypt:alts_crypt_test_util",
+ ],
+)
+
+grpc_cc_test(
+ name = "alts_crypter_test",
+ srcs = ["alts_crypter_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ "//test/core/tsi/alts/crypt:alts_crypt_test_util",
+ ],
+)
+
+grpc_cc_test(
+ name = "alts_frame_protector_test",
+ srcs = ["alts_frame_protector_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ "//test/core/tsi/alts/crypt:alts_crypt_test_util",
+ "//test/core/tsi:transport_security_test_lib",
+ ],
+)
+
+grpc_cc_test(
+ name = "frame_handler_test",
+ srcs = ["frame_handler_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ "//test/core/tsi/alts/crypt:alts_crypt_test_util",
+ ],
+)
diff --git a/test/core/tsi/alts/frame_protector/alts_counter_test.cc b/test/core/tsi/alts/frame_protector/alts_counter_test.cc
new file mode 100644
index 0000000..49ff821
--- /dev/null
+++ b/test/core/tsi/alts/frame_protector/alts_counter_test.cc
@@ -0,0 +1,180 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/tsi/alts/frame_protector/alts_counter.h"
+#include "test/core/tsi/alts/crypt/gsec_test_util.h"
+
+const size_t kSmallCounterSize = 4;
+const size_t kSmallOverflowSize = 1;
+const size_t kGcmCounterSize = 12;
+const size_t kGcmOverflowSize = 5;
+
+static bool do_bytes_represent_client(alts_counter* ctr, unsigned char* counter,
+ size_t size) {
+ return (ctr->counter[size - 1] & 0x80) == 0x80;
+}
+
+static void alts_counter_test_input_sanity_check(size_t counter_size,
+ size_t overflow_size) {
+ alts_counter* ctr = nullptr;
+ char* error_details = nullptr;
+
+ /* Input sanity check on alts_counter_create(). */
+ /* Invalid counter size. */
+ grpc_status_code status =
+ alts_counter_create(true, 0, overflow_size, &ctr, &error_details);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
+ "counter_size is invalid."));
+ gpr_free(error_details);
+
+ /* Invalid overflow size. */
+ status = alts_counter_create(true, counter_size, 0, &ctr, &error_details);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
+ "overflow_size is invalid."));
+ gpr_free(error_details);
+
+ /* alts_counter is nullptr. */
+ status = alts_counter_create(true, counter_size, overflow_size, nullptr,
+ &error_details);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
+ "crypter_counter is nullptr."));
+ gpr_free(error_details);
+
+ status = alts_counter_create(true, counter_size, overflow_size, &ctr,
+ &error_details);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+
+ /* Input sanity check on alts_counter_increment(). */
+ /* crypter_counter is nullptr. */
+ bool is_overflow = false;
+ status = alts_counter_increment(nullptr, &is_overflow, &error_details);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
+ "crypter_counter is nullptr."));
+ gpr_free(error_details);
+ /* is_overflow is nullptr. */
+ status = alts_counter_increment(ctr, nullptr, &error_details);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
+ "is_overflow is nullptr."));
+ gpr_free(error_details);
+ alts_counter_destroy(ctr);
+}
+
+static void alts_counter_test_overflow_full_range(bool is_client,
+ size_t counter_size,
+ size_t overflow_size) {
+ alts_counter* ctr = nullptr;
+ char* error_details = nullptr;
+ grpc_status_code status = alts_counter_create(
+ is_client, counter_size, overflow_size, &ctr, &error_details);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ unsigned char* expected =
+ static_cast<unsigned char*>(gpr_zalloc(counter_size));
+ if (is_client) {
+ expected[counter_size - 1] = 0x80;
+ }
+ /* Do a single iteration to ensure the counter is initialized as expected. */
+ GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
+ counter_size) == is_client);
+ GPR_ASSERT(memcmp(alts_counter_get_counter(ctr), expected, counter_size) ==
+ 0);
+ bool is_overflow = false;
+ GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
+ GRPC_STATUS_OK);
+ GPR_ASSERT(!is_overflow);
+ /**
+ * The counter can return 2^{overflow_size * 8} counters. The
+ * high-order bit is fixed to the client/server. The last call will yield a
+ * useable counter, but overflow the counter object.
+ */
+ int iterations = 1 << (overflow_size * 8);
+ int ind = 1;
+ for (ind = 1; ind < iterations - 1; ind++) {
+ GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
+ counter_size) == is_client);
+ GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
+ GRPC_STATUS_OK);
+ GPR_ASSERT(!is_overflow);
+ }
+ GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
+ counter_size) == is_client);
+ GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
+ GRPC_STATUS_FAILED_PRECONDITION);
+ GPR_ASSERT(is_overflow);
+ gpr_free(expected);
+ alts_counter_destroy(ctr);
+}
+
+/* Set the counter manually and make sure it overflows as expected. */
+static void alts_counter_test_overflow_single_increment(bool is_client,
+ size_t counter_size,
+ size_t overflow_size) {
+ alts_counter* ctr = nullptr;
+ char* error_details = nullptr;
+ grpc_status_code status = alts_counter_create(
+ is_client, counter_size, overflow_size, &ctr, &error_details);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ unsigned char* expected =
+ static_cast<unsigned char*>(gpr_zalloc(counter_size));
+ memset(expected, 0xFF, overflow_size);
+ expected[0] = 0xFE;
+
+ if (is_client) {
+ expected[counter_size - 1] = 0x80;
+ }
+ memcpy(ctr->counter, expected, counter_size);
+ GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
+ counter_size) == is_client);
+ GPR_ASSERT(memcmp(expected, alts_counter_get_counter(ctr), counter_size) ==
+ 0);
+ bool is_overflow = false;
+ GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
+ GRPC_STATUS_OK);
+ GPR_ASSERT(!is_overflow);
+ GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
+ counter_size) == is_client);
+ expected[0] = static_cast<unsigned char>(expected[0] + 1);
+ GPR_ASSERT(memcmp(expected, alts_counter_get_counter(ctr), counter_size) ==
+ 0);
+ GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
+ GRPC_STATUS_FAILED_PRECONDITION);
+ GPR_ASSERT(is_overflow);
+ gpr_free(expected);
+ alts_counter_destroy(ctr);
+}
+
+int main(int argc, char** argv) {
+ alts_counter_test_input_sanity_check(kGcmCounterSize, kGcmOverflowSize);
+ alts_counter_test_overflow_full_range(true, kSmallCounterSize,
+ kSmallOverflowSize);
+ alts_counter_test_overflow_full_range(false, kSmallCounterSize,
+ kSmallOverflowSize);
+ alts_counter_test_overflow_single_increment(true, kGcmCounterSize,
+ kGcmOverflowSize);
+ alts_counter_test_overflow_single_increment(false, kGcmCounterSize,
+ kGcmOverflowSize);
+
+ return 0;
+}
diff --git a/test/core/tsi/alts/frame_protector/alts_crypter_test.cc b/test/core/tsi/alts/frame_protector/alts_crypter_test.cc
new file mode 100644
index 0000000..0ad616b
--- /dev/null
+++ b/test/core/tsi/alts/frame_protector/alts_crypter_test.cc
@@ -0,0 +1,493 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/tsi/alts/frame_protector/alts_crypter.h"
+#include "test/core/tsi/alts/crypt/gsec_test_util.h"
+
+static void alts_crypter_test_random_seal_unseal(alts_crypter* server_seal,
+ alts_crypter* server_unseal,
+ alts_crypter* client_seal,
+ alts_crypter* client_unseal) {
+ size_t data_size = gsec_test_bias_random_uint32(1024) + 1;
+ size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal);
+ size_t protected_data_size = data_size + num_overhead_bytes;
+ uint8_t* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size));
+ gsec_test_random_bytes(data_buffer, data_size);
+ uint8_t* duplicate_buffer = nullptr;
+ gsec_test_copy(data_buffer, &duplicate_buffer, data_size);
+
+ /* Client seal and server unseal */
+ size_t size = data_size;
+ grpc_status_code status = alts_crypter_process_in_place(
+ client_seal, data_buffer, protected_data_size, size, &size, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size == protected_data_size);
+ status = alts_crypter_process_in_place(
+ server_unseal, data_buffer, protected_data_size, size, &size, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(memcmp(data_buffer, duplicate_buffer, data_size) == 0);
+ GPR_ASSERT(size == data_size);
+ /* Server seal and client unseal */
+ status = alts_crypter_process_in_place(
+ server_seal, data_buffer, protected_data_size, size, &size, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size == protected_data_size);
+ status = alts_crypter_process_in_place(
+ client_unseal, data_buffer, protected_data_size, size, &size, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(memcmp(data_buffer, duplicate_buffer, data_size) == 0);
+ GPR_ASSERT(size == data_size);
+ gpr_free(data_buffer);
+ gpr_free(duplicate_buffer);
+}
+
+static void alts_crypter_test_multiple_random_seal_unseal(
+ alts_crypter* server_seal, alts_crypter* server_unseal,
+ alts_crypter* client_seal, alts_crypter* client_unseal) {
+ size_t data_size = gsec_test_bias_random_uint32(1024) + 1;
+ size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal);
+ size_t protected_data_size = data_size + num_overhead_bytes;
+
+ uint8_t* data_buffer1 =
+ static_cast<uint8_t*>(gpr_malloc(protected_data_size));
+ uint8_t* data_buffer2 =
+ static_cast<uint8_t*>(gpr_malloc(protected_data_size));
+ uint8_t* duplicate_buffer1 = nullptr;
+ uint8_t* duplicate_buffer2 = nullptr;
+ gsec_test_random_bytes(data_buffer1, data_size);
+ gsec_test_random_bytes(data_buffer2, data_size);
+ gsec_test_copy(data_buffer1, &duplicate_buffer1, data_size);
+ gsec_test_copy(data_buffer2, &duplicate_buffer2, data_size);
+
+ /* Client seal and server unseal */
+ size_t size1 = data_size, size2 = data_size;
+ grpc_status_code status = alts_crypter_process_in_place(
+ client_seal, data_buffer1, protected_data_size, size1, &size1, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size1 == protected_data_size);
+ status = alts_crypter_process_in_place(
+ client_seal, data_buffer2, protected_data_size, size2, &size2, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size2 == protected_data_size);
+ status = alts_crypter_process_in_place(
+ server_unseal, data_buffer1, protected_data_size, size1, &size1, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(memcmp(data_buffer1, duplicate_buffer1, data_size) == 0);
+ GPR_ASSERT(size1 == data_size);
+ status = alts_crypter_process_in_place(
+ server_unseal, data_buffer2, protected_data_size, size2, &size2, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(memcmp(data_buffer2, duplicate_buffer2, data_size) == 0);
+ GPR_ASSERT(size2 == data_size);
+
+ /* Server seal and client unseal */
+ status = alts_crypter_process_in_place(
+ server_seal, data_buffer1, protected_data_size, size1, &size1, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size1 == protected_data_size);
+ status = alts_crypter_process_in_place(
+ server_seal, data_buffer2, protected_data_size, size2, &size2, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size2 == protected_data_size);
+ status = alts_crypter_process_in_place(
+ client_unseal, data_buffer1, protected_data_size, size1, &size1, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(memcmp(data_buffer1, duplicate_buffer1, data_size) == 0);
+ GPR_ASSERT(size1 == data_size);
+ status = alts_crypter_process_in_place(
+ client_unseal, data_buffer2, protected_data_size, size2, &size2, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(memcmp(data_buffer2, duplicate_buffer2, data_size) == 0);
+ GPR_ASSERT(size2 == data_size);
+
+ gpr_free(data_buffer1);
+ gpr_free(data_buffer2);
+ gpr_free(duplicate_buffer1);
+ gpr_free(duplicate_buffer2);
+}
+
+static void alts_crypter_test_corrupted_unseal(alts_crypter* server_seal,
+ alts_crypter* server_unseal,
+ alts_crypter* client_seal,
+ alts_crypter* client_unseal) {
+ size_t data_size = gsec_test_bias_random_uint32(1024) + 1;
+ size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal);
+ size_t protected_data_size = data_size + num_overhead_bytes;
+ auto* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size));
+ auto* zero_buffer = static_cast<uint8_t*>(gpr_zalloc(data_size));
+
+ /* Corrupt a random byte in protected data. */
+ size_t size = data_size;
+ gsec_test_random_bytes(data_buffer, data_size);
+ grpc_status_code status = alts_crypter_process_in_place(
+ client_seal, data_buffer, protected_data_size, size, &size, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size == protected_data_size);
+ uint8_t* corrupted_data_buffer;
+ char* error_message = nullptr;
+ gsec_test_copy_and_alter_random_byte(data_buffer, &corrupted_data_buffer,
+ protected_data_size);
+ status = alts_crypter_process_in_place(server_unseal, corrupted_data_buffer,
+ protected_data_size, size, &size,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Checking tag failed"));
+ GPR_ASSERT(memcmp(corrupted_data_buffer, zero_buffer, data_size) == 0);
+ gpr_free(corrupted_data_buffer);
+ gpr_free(error_message);
+
+ /* Corrupt the beginning of protected data. */
+ size = data_size;
+ gsec_test_random_bytes(data_buffer, data_size);
+ status = alts_crypter_process_in_place(
+ client_seal, data_buffer, protected_data_size, size, &size, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size == protected_data_size);
+ gsec_test_copy(data_buffer, &corrupted_data_buffer, protected_data_size);
+ (*corrupted_data_buffer)++;
+ status = alts_crypter_process_in_place(server_unseal, corrupted_data_buffer,
+ protected_data_size, size, &size,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Checking tag failed"));
+ GPR_ASSERT(memcmp(corrupted_data_buffer, zero_buffer, data_size) == 0);
+ gpr_free(corrupted_data_buffer);
+ gpr_free(error_message);
+
+ /* Corrupt the end of protected data. */
+ size = data_size;
+ gsec_test_random_bytes(data_buffer, data_size);
+ status = alts_crypter_process_in_place(
+ client_seal, data_buffer, protected_data_size, size, &size, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size == protected_data_size);
+ gsec_test_copy(data_buffer, &corrupted_data_buffer, protected_data_size);
+ (*(corrupted_data_buffer + protected_data_size - 1))++;
+ status = alts_crypter_process_in_place(server_unseal, corrupted_data_buffer,
+ protected_data_size, size, &size,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Checking tag failed"));
+ GPR_ASSERT(memcmp(corrupted_data_buffer, zero_buffer, data_size) == 0);
+ gpr_free(corrupted_data_buffer);
+ gpr_free(error_message);
+
+ gpr_free(data_buffer);
+ gpr_free(zero_buffer);
+}
+
+static void alts_crypter_test_unsync_seal_unseal(alts_crypter* server_seal,
+ alts_crypter* server_unseal,
+ alts_crypter* client_seal,
+ alts_crypter* client_unseal) {
+ size_t data_size = gsec_test_bias_random_uint32(1024) + 1;
+ size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal);
+ size_t protected_data_size = data_size + num_overhead_bytes;
+ auto* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size));
+ auto* zero_buffer = static_cast<uint8_t*>(gpr_zalloc(data_size));
+
+ /* Perform two seals at client, one unseal at server. */
+ size_t size = data_size;
+ gsec_test_random_bytes(data_buffer, data_size);
+ grpc_status_code status = alts_crypter_process_in_place(
+ client_seal, data_buffer, protected_data_size, size, &size, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size == protected_data_size);
+
+ size = data_size;
+ gsec_test_random_bytes(data_buffer, data_size);
+ status = alts_crypter_process_in_place(
+ client_seal, data_buffer, protected_data_size, size, &size, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size == protected_data_size);
+
+ char* error_message = nullptr;
+ status = alts_crypter_process_in_place(server_unseal, data_buffer,
+ protected_data_size, size, &size,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Checking tag failed"));
+ GPR_ASSERT(memcmp(data_buffer, zero_buffer, data_size) == 0);
+ gpr_free(error_message);
+
+ /* Perform two seals at server, one unseal at client. */
+ size = data_size;
+ gsec_test_random_bytes(data_buffer, data_size);
+ status = alts_crypter_process_in_place(
+ server_seal, data_buffer, protected_data_size, size, &size, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size == protected_data_size);
+
+ size = data_size;
+ gsec_test_random_bytes(data_buffer, data_size);
+ status = alts_crypter_process_in_place(
+ server_seal, data_buffer, protected_data_size, size, &size, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(size == protected_data_size);
+
+ status = alts_crypter_process_in_place(client_unseal, data_buffer,
+ protected_data_size, size, &size,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Checking tag failed"));
+ GPR_ASSERT(memcmp(data_buffer, zero_buffer, data_size) == 0);
+ gpr_free(error_message);
+ gpr_free(data_buffer);
+ gpr_free(zero_buffer);
+}
+
+static void alts_crypter_test_input_sanity_check(alts_crypter* crypter_seal,
+ alts_crypter* crypter_unseal) {
+ size_t data_size = gsec_test_bias_random_uint32(1024) + 1;
+ size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(crypter_seal);
+ size_t protected_data_size = data_size + num_overhead_bytes;
+ auto* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size));
+ gsec_test_random_bytes(data_buffer, data_size);
+ char* error_message = nullptr;
+ size_t size = data_size;
+
+ /* Crypter is nullptr. */
+ grpc_status_code status = alts_crypter_process_in_place(
+ nullptr, data_buffer, protected_data_size, size, &size, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "crypter or crypter->vtable has not been initialized properly."));
+ gpr_free(error_message);
+
+ /* Seal data is nullptr. */
+ size = data_size;
+ status = alts_crypter_process_in_place(
+ crypter_seal, nullptr, protected_data_size, size, &size, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "data is nullptr."));
+ gpr_free(error_message);
+
+ /* Seal data size is 0. */
+ size = 0;
+ status = alts_crypter_process_in_place(crypter_seal, data_buffer,
+ protected_data_size, size, &size,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "data_size is zero."));
+ gpr_free(error_message);
+
+ /* Seal data buffer has a size smaller than the required. */
+ size = data_size;
+ status = alts_crypter_process_in_place(crypter_seal, data_buffer,
+ protected_data_size - 1, size, &size,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "data_allocated_size is smaller than sum of data_size and "
+ "num_overhead_bytes."));
+ gpr_free(error_message);
+
+ /* Unseal data is nullptr. */
+ size = data_size;
+ status = alts_crypter_process_in_place(crypter_unseal, nullptr,
+ protected_data_size, size, &size,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "data is nullptr."));
+ gpr_free(error_message);
+
+ /* Unseal data size is 0. */
+ size = 0;
+ status = alts_crypter_process_in_place(crypter_unseal, data_buffer,
+ protected_data_size, size, &size,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "data_size is smaller than num_overhead_bytes."));
+ gpr_free(error_message);
+
+ /* Unseal data size is smaller than number of overhead bytes. */
+ size = num_overhead_bytes - 1;
+ status = alts_crypter_process_in_place(crypter_unseal, data_buffer,
+ protected_data_size, size, &size,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "data_size is smaller than num_overhead_bytes."));
+ gpr_free(error_message);
+ gpr_free(data_buffer);
+}
+
+static void create_random_alts_seal_crypter(
+ alts_crypter** server_seal, alts_crypter** server_unseal,
+ alts_crypter** client_seal, alts_crypter** client_unseal,
+ gsec_aead_crypter** server_crypter_seal,
+ gsec_aead_crypter** server_crypter_unseal,
+ gsec_aead_crypter** client_crypter_seal,
+ gsec_aead_crypter** client_crypter_unseal, bool rekey) {
+ size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength;
+ uint8_t* key;
+ gsec_test_random_array(&key, key_length);
+ gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength,
+ kAesGcmTagLength, rekey, server_crypter_seal,
+ nullptr);
+ gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength,
+ kAesGcmTagLength, rekey,
+ server_crypter_unseal, nullptr);
+ gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength,
+ kAesGcmTagLength, rekey, client_crypter_seal,
+ nullptr);
+ gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength,
+ kAesGcmTagLength, rekey,
+ client_crypter_unseal, nullptr);
+
+ size_t overflow_size = rekey ? 8 : 5;
+ alts_seal_crypter_create(*client_crypter_seal, /*is_client=*/true,
+ overflow_size, client_seal, nullptr);
+ alts_unseal_crypter_create(*client_crypter_unseal, /*is_client=*/true,
+ overflow_size, client_unseal, nullptr);
+ alts_seal_crypter_create(*server_crypter_seal, /*is_client=*/false,
+ overflow_size, server_seal, nullptr);
+ alts_unseal_crypter_create(*server_crypter_unseal, /*is_client=*/false,
+ overflow_size, server_unseal, nullptr);
+ gpr_free(key);
+}
+
+static void destroy_random_alts_seal_crypter(alts_crypter* server_seal,
+ alts_crypter* server_unseal,
+ alts_crypter* client_seal,
+ alts_crypter* client_unseal) {
+ alts_crypter_destroy(server_seal);
+ alts_crypter_destroy(server_unseal);
+ alts_crypter_destroy(client_seal);
+ alts_crypter_destroy(client_unseal);
+}
+
+static void alts_crypter_do_generic_tests() {
+ alts_crypter *server_seal = nullptr, *server_unseal = nullptr,
+ *client_seal = nullptr, *client_unseal = nullptr;
+ gsec_aead_crypter *server_crypter_seal = nullptr,
+ *server_crypter_unseal = nullptr,
+ *client_crypter_seal = nullptr,
+ *client_crypter_unseal = nullptr;
+ /* Random seal and unseal tests */
+ create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal,
+ &client_unseal, &server_crypter_seal,
+ &server_crypter_unseal, &client_crypter_seal,
+ &client_crypter_unseal, /*rekey=*/false);
+ alts_crypter_test_random_seal_unseal(server_seal, server_unseal, client_seal,
+ client_unseal);
+ destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal,
+ client_unseal);
+
+ create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal,
+ &client_unseal, &server_crypter_seal,
+ &server_crypter_unseal, &client_crypter_seal,
+ &client_crypter_unseal, /*rekey=*/true);
+ alts_crypter_test_random_seal_unseal(server_seal, server_unseal, client_seal,
+ client_unseal);
+ destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal,
+ client_unseal);
+
+ /* Multiple random seal and unseal tests */
+ create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal,
+ &client_unseal, &server_crypter_seal,
+ &server_crypter_unseal, &client_crypter_seal,
+ &client_crypter_unseal, /*rekey=*/false);
+ alts_crypter_test_multiple_random_seal_unseal(server_seal, server_unseal,
+ client_seal, client_unseal);
+ destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal,
+ client_unseal);
+
+ create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal,
+ &client_unseal, &server_crypter_seal,
+ &server_crypter_unseal, &client_crypter_seal,
+ &client_crypter_unseal, /*rekey=*/true);
+ alts_crypter_test_multiple_random_seal_unseal(server_seal, server_unseal,
+ client_seal, client_unseal);
+ destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal,
+ client_unseal);
+
+ /* Corrupted unseal tests */
+ create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal,
+ &client_unseal, &server_crypter_seal,
+ &server_crypter_unseal, &client_crypter_seal,
+ &client_crypter_unseal, /*rekey=*/false);
+ alts_crypter_test_corrupted_unseal(server_seal, server_unseal, client_seal,
+ client_unseal);
+ destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal,
+ client_unseal);
+
+ create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal,
+ &client_unseal, &server_crypter_seal,
+ &server_crypter_unseal, &client_crypter_seal,
+ &client_crypter_unseal, /*rekey=*/true);
+ alts_crypter_test_corrupted_unseal(server_seal, server_unseal, client_seal,
+ client_unseal);
+ destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal,
+ client_unseal);
+
+ /* Unsync seal and unseal tests */
+ create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal,
+ &client_unseal, &server_crypter_seal,
+ &server_crypter_unseal, &client_crypter_seal,
+ &client_crypter_unseal, /*rekey=*/false);
+ alts_crypter_test_unsync_seal_unseal(server_seal, server_unseal, client_seal,
+ client_unseal);
+ destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal,
+ client_unseal);
+
+ create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal,
+ &client_unseal, &server_crypter_seal,
+ &server_crypter_unseal, &client_crypter_seal,
+ &client_crypter_unseal, /*rekey=*/true);
+ alts_crypter_test_unsync_seal_unseal(server_seal, server_unseal, client_seal,
+ client_unseal);
+ destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal,
+ client_unseal);
+
+ /* Input sanity check tests */
+ create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal,
+ &client_unseal, &server_crypter_seal,
+ &server_crypter_unseal, &client_crypter_seal,
+ &client_crypter_unseal, /*rekey=*/false);
+ alts_crypter_test_input_sanity_check(server_seal, server_unseal);
+ destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal,
+ client_unseal);
+
+ create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal,
+ &client_unseal, &server_crypter_seal,
+ &server_crypter_unseal, &client_crypter_seal,
+ &client_crypter_unseal, /*rekey=*/true);
+ alts_crypter_test_input_sanity_check(server_seal, server_unseal);
+ destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal,
+ client_unseal);
+}
+
+int main(int argc, char** argv) {
+ alts_crypter_do_generic_tests();
+ return 0;
+}
diff --git a/test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc b/test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc
new file mode 100644
index 0000000..2bd4958
--- /dev/null
+++ b/test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc
@@ -0,0 +1,394 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include <stdbool.h>
+
+#include "src/core/tsi/alts/crypt/gsec.h"
+#include "src/core/tsi/alts/frame_protector/alts_frame_protector.h"
+#include "src/core/tsi/transport_security_interface.h"
+#include "test/core/tsi/alts/crypt/gsec_test_util.h"
+#include "test/core/tsi/transport_security_test_lib.h"
+
+const size_t kChannelSize = 32768;
+
+static void alts_test_do_round_trip_check_frames(
+ tsi_test_frame_protector_fixture* fixture, const uint8_t* key,
+ const size_t key_size, bool rekey, const uint8_t* client_message,
+ const size_t client_message_size, const uint8_t* client_expected_frames,
+ const size_t client_frame_size, const uint8_t* server_message,
+ const size_t server_message_size, const uint8_t* server_expected_frames,
+ const size_t server_frame_size) {
+ GPR_ASSERT(fixture != nullptr);
+ GPR_ASSERT(fixture->config != nullptr);
+ tsi_frame_protector* client_frame_protector = nullptr;
+ tsi_frame_protector* server_frame_protector = nullptr;
+ tsi_test_frame_protector_config* config = fixture->config;
+ tsi_test_channel* channel = fixture->channel;
+ /* Create a client frame protector. */
+ size_t client_max_output_protected_frame_size =
+ config->client_max_output_protected_frame_size;
+ GPR_ASSERT(
+ alts_create_frame_protector(key, key_size, /*is_client=*/true, rekey,
+ client_max_output_protected_frame_size == 0
+ ? nullptr
+ : &client_max_output_protected_frame_size,
+ &client_frame_protector) == TSI_OK);
+ /* Create a server frame protector. */
+ size_t server_max_output_protected_frame_size =
+ config->server_max_output_protected_frame_size;
+ GPR_ASSERT(
+ alts_create_frame_protector(key, key_size, /*is_client=*/false, rekey,
+ server_max_output_protected_frame_size == 0
+ ? nullptr
+ : &server_max_output_protected_frame_size,
+ &server_frame_protector) == TSI_OK);
+ tsi_test_frame_protector_fixture_init(fixture, client_frame_protector,
+ server_frame_protector);
+ /* Client sends a message to server. */
+ uint8_t* saved_client_message = config->client_message;
+ config->client_message = const_cast<uint8_t*>(client_message);
+ config->client_message_size = client_message_size;
+ tsi_test_frame_protector_send_message_to_peer(config, channel,
+ client_frame_protector,
+ /*is_client=*/true);
+ /* Verify if the generated frame is the same as the expected. */
+ GPR_ASSERT(channel->bytes_written_to_server_channel == client_frame_size);
+ GPR_ASSERT(memcmp(client_expected_frames, channel->server_channel,
+ client_frame_size) == 0);
+ unsigned char* server_received_message =
+ static_cast<unsigned char*>(gpr_malloc(kChannelSize));
+ size_t server_received_message_size = 0;
+ tsi_test_frame_protector_receive_message_from_peer(
+ config, channel, server_frame_protector, server_received_message,
+ &server_received_message_size, /*is_client=*/false);
+ GPR_ASSERT(config->client_message_size == server_received_message_size);
+ GPR_ASSERT(memcmp(config->client_message, server_received_message,
+ server_received_message_size) == 0);
+ /* Server sends a message to client. */
+ uint8_t* saved_server_message = config->server_message;
+ config->server_message = const_cast<uint8_t*>(server_message);
+ config->server_message_size = server_message_size;
+ tsi_test_frame_protector_send_message_to_peer(config, channel,
+ server_frame_protector,
+ /*is_client=*/false);
+ /* Verify if the generated frame is the same as the expected. */
+ GPR_ASSERT(channel->bytes_written_to_client_channel == server_frame_size);
+ GPR_ASSERT(memcmp(server_expected_frames, channel->client_channel,
+ server_frame_size) == 0);
+ unsigned char* client_received_message =
+ static_cast<unsigned char*>(gpr_malloc(kChannelSize));
+ size_t client_received_message_size = 0;
+ tsi_test_frame_protector_receive_message_from_peer(
+ config, channel, client_frame_protector, client_received_message,
+ &client_received_message_size,
+ /*is_client=*/true);
+ GPR_ASSERT(config->server_message_size == client_received_message_size);
+ GPR_ASSERT(memcmp(config->server_message, client_received_message,
+ client_received_message_size) == 0);
+ config->client_message = saved_client_message;
+ config->server_message = saved_server_message;
+ /* Destroy server and client frame protectors. */
+ gpr_free(server_received_message);
+ gpr_free(client_received_message);
+}
+
+static void alts_test_do_round_trip_vector_tests() {
+ const uint8_t key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+ 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08};
+ const char small_message[] = {'C', 'h', 'a', 'p', 'i', ' ',
+ 'C', 'h', 'a', 'p', 'o'};
+ const uint8_t large_message[] = {
+ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5,
+ 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+ 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95,
+ 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+ 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39,
+ 0x1a, 0xaf, 0xd2, 0x55, 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d,
+ 0x46, 0xdf, 0x99, 0x8d, 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65,
+ 0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x06, 0x0f, 0x10,
+ 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c,
+ 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
+ 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30};
+ const size_t small_message_size = sizeof(small_message) / sizeof(uint8_t);
+ const size_t large_message_size = sizeof(large_message) / sizeof(uint8_t);
+ /* Test small client message and large server message. */
+ const uint8_t client_expected_frame1[] = {
+ 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92,
+ 0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94,
+ 0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a};
+ const uint8_t server_expected_frame1[] = {
+ 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8,
+ 0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e,
+ 0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06,
+ 0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84,
+ 0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5,
+ 0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde,
+ 0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a,
+ 0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd,
+ 0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b,
+ 0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f,
+ 0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84,
+ 0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4,
+ 0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64};
+ const size_t client_frame_size1 =
+ sizeof(client_expected_frame1) / sizeof(uint8_t);
+ const size_t server_frame_size1 =
+ sizeof(server_expected_frame1) / sizeof(uint8_t);
+ tsi_test_frame_protector_fixture* fixture =
+ tsi_test_frame_protector_fixture_create();
+ alts_test_do_round_trip_check_frames(
+ fixture, key, kAes128GcmKeyLength, /*rekey=*/false,
+ reinterpret_cast<const uint8_t*>(small_message), small_message_size,
+ client_expected_frame1, client_frame_size1, large_message,
+ large_message_size, server_expected_frame1, server_frame_size1);
+ tsi_test_frame_protector_fixture_destroy(fixture);
+ /**
+ * Test large client message, small server message, and small
+ * message_buffer_allocated_size.
+ */
+ const uint8_t client_expected_frame2[] = {
+ 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
+ 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
+ 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
+ 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
+ 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
+ 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
+ 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
+ 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
+ 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
+ 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
+ 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
+ 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
+ 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
+ const uint8_t server_expected_frame2[] = {
+ 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
+ 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
+ 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
+ const size_t client_frame_size2 =
+ sizeof(client_expected_frame2) / sizeof(uint8_t);
+ const size_t server_frame_size2 =
+ sizeof(server_expected_frame2) / sizeof(uint8_t);
+ fixture = tsi_test_frame_protector_fixture_create();
+ alts_test_do_round_trip_check_frames(
+ fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
+ large_message_size, client_expected_frame2, client_frame_size2,
+ reinterpret_cast<const uint8_t*>(small_message), small_message_size,
+ server_expected_frame2, server_frame_size2);
+ tsi_test_frame_protector_fixture_destroy(fixture);
+ /**
+ * Test large client message, small server message, and small
+ * protected_buffer_size.
+ */
+ const uint8_t client_expected_frame3[] = {
+ 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
+ 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
+ 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
+ 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
+ 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
+ 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
+ 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
+ 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
+ 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
+ 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
+ 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
+ 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
+ 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
+ const uint8_t server_expected_frame3[] = {
+ 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
+ 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
+ 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
+ const size_t client_frame_size3 =
+ sizeof(client_expected_frame3) / sizeof(uint8_t);
+ const size_t server_frame_size3 =
+ sizeof(server_expected_frame3) / sizeof(uint8_t);
+ fixture = tsi_test_frame_protector_fixture_create();
+ alts_test_do_round_trip_check_frames(
+ fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
+ large_message_size, client_expected_frame3, client_frame_size3,
+ reinterpret_cast<const uint8_t*>(small_message), small_message_size,
+ server_expected_frame3, server_frame_size3);
+ tsi_test_frame_protector_fixture_destroy(fixture);
+ /**
+ * Test large client message, small server message, and small
+ * read_buffer_allocated_size.
+ */
+ const uint8_t client_expected_frame4[] = {
+ 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
+ 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
+ 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
+ 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
+ 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
+ 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
+ 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
+ 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
+ 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
+ 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
+ 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
+ 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
+ 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
+ const uint8_t server_expected_frame4[] = {
+ 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
+ 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
+ 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
+ const size_t client_frame_size4 =
+ sizeof(client_expected_frame4) / sizeof(uint8_t);
+ const size_t server_frame_size4 =
+ sizeof(server_expected_frame4) / sizeof(uint8_t);
+ fixture = tsi_test_frame_protector_fixture_create();
+ alts_test_do_round_trip_check_frames(
+ fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
+ large_message_size, client_expected_frame4, client_frame_size4,
+ reinterpret_cast<const uint8_t*>(small_message), small_message_size,
+ server_expected_frame4, server_frame_size4);
+ tsi_test_frame_protector_fixture_destroy(fixture);
+ /**
+ * Test large client message, small server message, and small
+ * client_max_output_protected_frame_size.
+ */
+ const uint8_t client_expected_frame5[] = {
+ 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
+ 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
+ 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
+ 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
+ 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
+ 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
+ 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
+ 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
+ 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
+ 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
+ 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
+ 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
+ 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
+ const uint8_t server_expected_frame5[] = {
+ 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
+ 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
+ 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
+ const size_t client_frame_size5 =
+ sizeof(client_expected_frame5) / sizeof(uint8_t);
+ const size_t server_frame_size5 =
+ sizeof(server_expected_frame5) / sizeof(uint8_t);
+ fixture = tsi_test_frame_protector_fixture_create();
+ alts_test_do_round_trip_check_frames(
+ fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
+ large_message_size, client_expected_frame5, client_frame_size5,
+ reinterpret_cast<const uint8_t*>(small_message), small_message_size,
+ server_expected_frame5, server_frame_size5);
+ tsi_test_frame_protector_fixture_destroy(fixture);
+ /**
+ * Test small client message, large server message, and small
+ * server_max_output_protected_frame_size.
+ */
+ const uint8_t client_expected_frame6[] = {
+ 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92,
+ 0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94,
+ 0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a};
+ const uint8_t server_expected_frame6[] = {
+ 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8,
+ 0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e,
+ 0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06,
+ 0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84,
+ 0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5,
+ 0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde,
+ 0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a,
+ 0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd,
+ 0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b,
+ 0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f,
+ 0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84,
+ 0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4,
+ 0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64};
+ const size_t client_frame_size6 =
+ sizeof(client_expected_frame6) / sizeof(uint8_t);
+ const size_t server_frame_size6 =
+ sizeof(server_expected_frame6) / sizeof(uint8_t);
+ fixture = tsi_test_frame_protector_fixture_create();
+ alts_test_do_round_trip_check_frames(
+ fixture, key, kAes128GcmKeyLength, /*rekey=*/false,
+ reinterpret_cast<const uint8_t*>(small_message), small_message_size,
+ client_expected_frame6, client_frame_size6, large_message,
+ large_message_size, server_expected_frame6, server_frame_size6);
+ tsi_test_frame_protector_fixture_destroy(fixture);
+}
+
+static void alts_test_do_round_trip(tsi_test_frame_protector_fixture* fixture,
+ bool rekey) {
+ GPR_ASSERT(fixture != nullptr);
+ GPR_ASSERT(fixture->config != nullptr);
+ tsi_frame_protector* client_frame_protector = nullptr;
+ tsi_frame_protector* server_frame_protector = nullptr;
+ tsi_test_frame_protector_config* config = fixture->config;
+ /* Create a key to be used by both client and server. */
+ uint8_t* key = nullptr;
+ size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength;
+ gsec_test_random_array(&key, key_length);
+ /* Create a client frame protector. */
+ size_t client_max_output_protected_frame_size =
+ config->client_max_output_protected_frame_size;
+ GPR_ASSERT(
+ alts_create_frame_protector(key, key_length, /*is_client=*/true, rekey,
+ client_max_output_protected_frame_size == 0
+ ? nullptr
+ : &client_max_output_protected_frame_size,
+ &client_frame_protector) == TSI_OK);
+ /* Create a server frame protector. */
+ size_t server_max_output_protected_frame_size =
+ config->server_max_output_protected_frame_size;
+ GPR_ASSERT(
+ alts_create_frame_protector(key, key_length, /*is_client=*/false, rekey,
+ server_max_output_protected_frame_size == 0
+ ? nullptr
+ : &server_max_output_protected_frame_size,
+ &server_frame_protector) == TSI_OK);
+ tsi_test_frame_protector_fixture_init(fixture, client_frame_protector,
+ server_frame_protector);
+ tsi_test_frame_protector_do_round_trip_no_handshake(fixture);
+ gpr_free(key);
+}
+
+/* Run all combinations of different arguments of test config. */
+static void alts_test_do_round_trip_all(bool rekey) {
+ unsigned int* bit_array = static_cast<unsigned int*>(
+ gpr_malloc(sizeof(unsigned int) * TSI_TEST_NUM_OF_ARGUMENTS));
+ unsigned int mask = 1U << (TSI_TEST_NUM_OF_ARGUMENTS - 1);
+ unsigned int val = 0, ind = 0;
+ for (val = 0; val < TSI_TEST_NUM_OF_COMBINATIONS; val++) {
+ unsigned int v = val;
+ for (ind = 0; ind < TSI_TEST_NUM_OF_ARGUMENTS; ind++) {
+ bit_array[ind] = (v & mask) ? 1 : 0;
+ v <<= 1;
+ }
+ tsi_test_frame_protector_fixture* fixture =
+ tsi_test_frame_protector_fixture_create();
+ tsi_test_frame_protector_config_destroy(fixture->config);
+ fixture->config = tsi_test_frame_protector_config_create(
+ bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4],
+ bit_array[5], bit_array[6]);
+ alts_test_do_round_trip(fixture, rekey);
+ tsi_test_frame_protector_fixture_destroy(fixture);
+ }
+ gpr_free(bit_array);
+}
+
+int main(int argc, char** argv) {
+ alts_test_do_round_trip_vector_tests();
+ alts_test_do_round_trip_all(/*rekey=*/false);
+ alts_test_do_round_trip_all(/*rekey=*/true);
+ return 0;
+}
diff --git a/test/core/tsi/alts/frame_protector/frame_handler_test.cc b/test/core/tsi/alts/frame_protector/frame_handler_test.cc
new file mode 100644
index 0000000..6434ea1
--- /dev/null
+++ b/test/core/tsi/alts/frame_protector/frame_handler_test.cc
@@ -0,0 +1,244 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/gpr/useful.h"
+#include "src/core/tsi/alts/frame_protector/frame_handler.h"
+#include "test/core/tsi/alts/crypt/gsec_test_util.h"
+
+const size_t kFrameHandlerTestBufferSize = 1024;
+
+typedef struct frame_handler {
+ alts_frame_writer* writer;
+ alts_frame_reader* reader;
+ unsigned char* buffer;
+ size_t buffer_size;
+} frame_handler;
+
+static size_t frame_length(size_t payload_length) {
+ return payload_length + kFrameHeaderSize;
+}
+
+static frame_handler* create_frame_handler() {
+ frame_handler* handler =
+ static_cast<frame_handler*>(gpr_malloc(sizeof(frame_handler)));
+ handler->writer = alts_create_frame_writer();
+ handler->reader = alts_create_frame_reader();
+ handler->buffer = nullptr;
+ handler->buffer_size = 0;
+ return handler;
+}
+
+static void destroy_frame_handler(frame_handler* handler) {
+ if (handler != nullptr) {
+ alts_destroy_frame_reader(handler->reader);
+ alts_destroy_frame_writer(handler->writer);
+ if (handler->buffer != nullptr) gpr_free(handler->buffer);
+ gpr_free(handler);
+ }
+}
+
+static void frame(frame_handler* handler, unsigned char* payload,
+ size_t payload_length, size_t write_length) {
+ handler->buffer_size = frame_length(payload_length);
+ handler->buffer =
+ static_cast<unsigned char*>(gpr_malloc(handler->buffer_size));
+ GPR_ASSERT(alts_reset_frame_writer(handler->writer, payload, payload_length));
+ size_t offset = 0;
+ while (offset < handler->buffer_size &&
+ !alts_is_frame_writer_done(handler->writer)) {
+ size_t bytes_written = GPR_MIN(write_length, handler->buffer_size - offset);
+ GPR_ASSERT(alts_write_frame_bytes(handler->writer, handler->buffer + offset,
+ &bytes_written));
+ offset += bytes_written;
+ }
+ GPR_ASSERT(alts_is_frame_writer_done(handler->writer));
+ GPR_ASSERT(handler->buffer_size == offset);
+}
+
+static size_t deframe(frame_handler* handler, unsigned char* bytes,
+ size_t read_length) {
+ GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes));
+ size_t offset = 0;
+ while (offset < handler->buffer_size &&
+ !alts_is_frame_reader_done(handler->reader)) {
+ size_t bytes_read = GPR_MIN(read_length, handler->buffer_size - offset);
+ GPR_ASSERT(alts_read_frame_bytes(handler->reader, handler->buffer + offset,
+ &bytes_read));
+ offset += bytes_read;
+ }
+ GPR_ASSERT(alts_is_frame_reader_done(handler->reader));
+ GPR_ASSERT(handler->buffer_size == offset);
+ return offset - handler->reader->header_bytes_read;
+}
+
+static void frame_n_deframe(frame_handler* handler, unsigned char* payload,
+ size_t payload_length, size_t write_length,
+ size_t read_length) {
+ frame(handler, payload, payload_length, write_length);
+ unsigned char* bytes =
+ static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize));
+ size_t deframed_payload_length = deframe(handler, bytes, read_length);
+ GPR_ASSERT(payload_length == deframed_payload_length);
+ GPR_ASSERT(memcmp(payload, bytes, payload_length) == 0);
+ gpr_free(bytes);
+}
+
+static void frame_handler_test_frame_deframe() {
+ unsigned char payload[] = "hello world";
+ size_t payload_length = strlen((char*)payload) + 1;
+ frame_handler* handler = create_frame_handler();
+ frame_n_deframe(handler, payload, payload_length,
+ frame_length(payload_length), frame_length(payload_length));
+ destroy_frame_handler(handler);
+}
+
+static void frame_handler_test_small_buffer() {
+ unsigned char payload[] = "hello world";
+ size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1;
+ frame_handler* handler = create_frame_handler();
+ frame_n_deframe(handler, payload, payload_length, 1, 1);
+ destroy_frame_handler(handler);
+}
+
+static void frame_handler_test_null_input_stream() {
+ frame_handler* handler = create_frame_handler();
+ GPR_ASSERT(!alts_reset_frame_writer(handler->writer, nullptr, 0));
+ destroy_frame_handler(handler);
+}
+
+static void frame_handler_test_bad_input_length() {
+ unsigned char payload[] = "hello world";
+ frame_handler* handler = create_frame_handler();
+ GPR_ASSERT(!alts_reset_frame_writer(handler->writer, payload, SIZE_MAX));
+ destroy_frame_handler(handler);
+}
+
+static void frame_handler_test_null_writer_byte_length() {
+ unsigned char payload[] = "hello world";
+ size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1;
+ frame_handler* handler = create_frame_handler();
+ GPR_ASSERT(alts_reset_frame_writer(handler->writer, payload, payload_length));
+ GPR_ASSERT(
+ !alts_write_frame_bytes(handler->writer, handler->buffer, nullptr));
+ destroy_frame_handler(handler);
+}
+
+static void frame_handler_test_null_writer_bytes() {
+ unsigned char payload[] = "hello world";
+ size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1;
+ frame_handler* handler = create_frame_handler();
+ GPR_ASSERT(alts_reset_frame_writer(handler->writer, payload, payload_length));
+ GPR_ASSERT(
+ !alts_write_frame_bytes(handler->writer, nullptr, &payload_length));
+ destroy_frame_handler(handler);
+}
+
+static void frame_handler_test_bad_frame_length() {
+ unsigned char payload[] = "hello world";
+ size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1;
+ frame_handler* handler = create_frame_handler();
+ frame(handler, payload, payload_length, payload_length);
+ memset(handler->buffer, 0x00, kFrameLengthFieldSize);
+ unsigned char* bytes =
+ static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize));
+ GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes));
+ size_t bytes_read = handler->buffer_size;
+ GPR_ASSERT(
+ !alts_read_frame_bytes(handler->reader, handler->buffer, &bytes_read));
+ GPR_ASSERT(alts_is_frame_reader_done(handler->reader));
+ GPR_ASSERT(bytes_read == 0);
+ gpr_free(bytes);
+ destroy_frame_handler(handler);
+}
+
+static void frame_handler_test_unsupported_message_type() {
+ unsigned char payload[] = "hello world";
+ size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1;
+ frame_handler* handler = create_frame_handler();
+ frame(handler, payload, payload_length, payload_length);
+ memset(handler->buffer + kFrameLengthFieldSize, 0x00,
+ kFrameMessageTypeFieldSize);
+ unsigned char* bytes =
+ static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize));
+ GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes));
+ size_t bytes_read = handler->buffer_size;
+ GPR_ASSERT(
+ !alts_read_frame_bytes(handler->reader, handler->buffer, &bytes_read));
+ GPR_ASSERT(alts_is_frame_reader_done(handler->reader));
+ GPR_ASSERT(bytes_read == 0);
+ gpr_free(bytes);
+ destroy_frame_handler(handler);
+}
+
+static void frame_handler_test_null_output_stream() {
+ unsigned char payload[] = "hello world";
+ size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1;
+ frame_handler* handler = create_frame_handler();
+ frame(handler, payload, payload_length, payload_length);
+ GPR_ASSERT(!alts_reset_frame_reader(handler->reader, nullptr));
+ destroy_frame_handler(handler);
+}
+
+static void frame_handler_test_null_reader_byte_length() {
+ unsigned char payload[] = "hello world";
+ size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1;
+ frame_handler* handler = create_frame_handler();
+ frame(handler, payload, payload_length, payload_length);
+ unsigned char* bytes =
+ static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize));
+ GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes));
+ GPR_ASSERT(!alts_read_frame_bytes(handler->reader, handler->buffer, nullptr));
+ gpr_free(bytes);
+ destroy_frame_handler(handler);
+}
+
+static void frame_handler_test_null_reader_bytes() {
+ unsigned char payload[] = "hello world";
+ size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1;
+ frame_handler* handler = create_frame_handler();
+ frame(handler, payload, payload_length, payload_length);
+ unsigned char* bytes =
+ static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize));
+ GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes));
+ size_t bytes_read = handler->buffer_size;
+ GPR_ASSERT(!alts_read_frame_bytes(handler->reader, nullptr, &bytes_read));
+ gpr_free(bytes);
+ destroy_frame_handler(handler);
+}
+
+int main(int argc, char** argv) {
+ frame_handler_test_frame_deframe();
+ frame_handler_test_small_buffer();
+ frame_handler_test_null_input_stream();
+ frame_handler_test_bad_input_length();
+ frame_handler_test_null_writer_byte_length();
+ frame_handler_test_null_writer_bytes();
+ frame_handler_test_bad_frame_length();
+ frame_handler_test_unsupported_message_type();
+ frame_handler_test_null_output_stream();
+ frame_handler_test_null_reader_byte_length();
+ frame_handler_test_null_reader_bytes();
+ return 0;
+}
diff --git a/test/core/tsi/alts/handshaker/BUILD b/test/core/tsi/alts/handshaker/BUILD
new file mode 100644
index 0000000..db39732
--- /dev/null
+++ b/test/core/tsi/alts/handshaker/BUILD
@@ -0,0 +1,78 @@
+# Copyright 2018 gRPC authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+load("//bazel:grpc_build_system.bzl", "grpc_cc_library", "grpc_cc_test", "grpc_package")
+
+licenses(["notice"]) # Apache v2
+
+grpc_package(name = "handshaker")
+
+grpc_cc_library(
+ name = "alts_handshaker_service_api_test_lib",
+ srcs = ["alts_handshaker_service_api_test_lib.cc"],
+ hdrs = ["alts_handshaker_service_api_test_lib.h"],
+ deps = [
+ "//:grpc",
+ ],
+)
+
+grpc_cc_test(
+ name = "alts_handshaker_client_test",
+ srcs = ["alts_handshaker_client_test.cc"],
+ language = "C++",
+ deps = [
+ ":alts_handshaker_service_api_test_lib",
+ "//:grpc",
+ ],
+)
+
+grpc_cc_test(
+ name = "alts_handshaker_service_api_test",
+ srcs = ["alts_handshaker_service_api_test.cc"],
+ language = "C++",
+ deps = [
+ ":alts_handshaker_service_api_test_lib",
+ "//:grpc",
+ ],
+)
+
+grpc_cc_test(
+ name = "alts_tsi_handshaker_test",
+ srcs = ["alts_tsi_handshaker_test.cc"],
+ language = "C++",
+ deps = [
+ ":alts_handshaker_service_api_test_lib",
+ "//:grpc",
+ ],
+)
+
+grpc_cc_test(
+ name = "alts_tsi_utils_test",
+ srcs = ["alts_tsi_utils_test.cc"],
+ language = "C++",
+ deps = [
+ ":alts_handshaker_service_api_test_lib",
+ "//:grpc",
+ ],
+)
+
+grpc_cc_test(
+ name = "transport_security_common_api_test",
+ srcs = ["transport_security_common_api_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ ],
+)
+
diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc b/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc
new file mode 100644
index 0000000..7072be6
--- /dev/null
+++ b/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc
@@ -0,0 +1,412 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/grpc.h>
+
+#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h"
+#include "src/core/tsi/alts/handshaker/alts_tsi_event.h"
+#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h"
+#include "src/core/tsi/transport_security.h"
+#include "src/core/tsi/transport_security_interface.h"
+#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h"
+
+#define ALTS_HANDSHAKER_CLIENT_TEST_OUT_FRAME "Hello Google"
+#define ALTS_HANDSHAKER_CLIENT_TEST_HANDSHAKER_SERVICE_URL "lame"
+#define ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME "bigtable.google.api.com"
+#define ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1 "A@google.com"
+#define ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2 "B@google.com"
+
+const size_t kHandshakerClientOpNum = 4;
+const size_t kMaxRpcVersionMajor = 3;
+const size_t kMaxRpcVersionMinor = 2;
+const size_t kMinRpcVersionMajor = 2;
+const size_t kMinRpcVersionMinor = 1;
+
+using grpc_core::internal::alts_handshaker_client_set_grpc_caller_for_testing;
+
+typedef struct alts_handshaker_client_test_config {
+ grpc_channel* channel;
+ grpc_completion_queue* cq;
+ alts_handshaker_client* client;
+ grpc_slice out_frame;
+} alts_handshaker_client_test_config;
+
+static alts_tsi_event* alts_tsi_event_create_for_testing(bool is_client) {
+ alts_tsi_event* e = static_cast<alts_tsi_event*>(gpr_zalloc(sizeof(*e)));
+ grpc_metadata_array_init(&e->initial_metadata);
+ grpc_metadata_array_init(&e->trailing_metadata);
+ e->options = is_client ? grpc_alts_credentials_client_options_create()
+ : grpc_alts_credentials_server_options_create();
+ if (is_client) {
+ grpc_alts_credentials_client_options_add_target_service_account(
+ reinterpret_cast<grpc_alts_credentials_client_options*>(e->options),
+ ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1);
+ grpc_alts_credentials_client_options_add_target_service_account(
+ reinterpret_cast<grpc_alts_credentials_client_options*>(e->options),
+ ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2);
+ }
+ grpc_gcp_rpc_protocol_versions* versions = &e->options->rpc_versions;
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(
+ versions, kMaxRpcVersionMajor, kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(
+ versions, kMinRpcVersionMajor, kMinRpcVersionMinor));
+ e->target_name =
+ grpc_slice_from_static_string(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME);
+ return e;
+}
+
+static void validate_rpc_protocol_versions(
+ grpc_gcp_rpc_protocol_versions* versions) {
+ GPR_ASSERT(versions != nullptr);
+ GPR_ASSERT(versions->max_rpc_version.major == kMaxRpcVersionMajor);
+ GPR_ASSERT(versions->max_rpc_version.minor == kMaxRpcVersionMinor);
+ GPR_ASSERT(versions->min_rpc_version.major == kMinRpcVersionMajor);
+ GPR_ASSERT(versions->min_rpc_version.minor == kMinRpcVersionMinor);
+}
+
+static void validate_target_identities(
+ const repeated_field* target_identity_head) {
+ grpc_gcp_identity* target_identity1 = static_cast<grpc_gcp_identity*>(
+ const_cast<void*>(target_identity_head->next->data));
+ grpc_gcp_identity* target_identity2 = static_cast<grpc_gcp_identity*>(
+ const_cast<void*>(target_identity_head->data));
+ grpc_slice* service_account1 =
+ static_cast<grpc_slice*>(target_identity1->service_account.arg);
+ grpc_slice* service_account2 =
+ static_cast<grpc_slice*>(target_identity2->service_account.arg);
+ GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*service_account1),
+ ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1,
+ GRPC_SLICE_LENGTH(*service_account1)) == 0);
+ GPR_ASSERT(strlen(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1) ==
+ GRPC_SLICE_LENGTH(*service_account1));
+ GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*service_account2),
+ ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2,
+ GRPC_SLICE_LENGTH(*service_account2)) == 0);
+ GPR_ASSERT(strlen(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2) ==
+ GRPC_SLICE_LENGTH(*service_account2));
+}
+
+/**
+ * Validate if grpc operation data is correctly populated with the fields of
+ * ALTS TSI event.
+ */
+static bool validate_op(alts_tsi_event* event, const grpc_op* op, size_t nops,
+ bool is_start) {
+ GPR_ASSERT(event != nullptr && op != nullptr && nops != 0);
+ bool ok = true;
+ grpc_op* start_op = const_cast<grpc_op*>(op);
+ if (is_start) {
+ ok &= (op->op == GRPC_OP_SEND_INITIAL_METADATA);
+ ok &= (op->data.send_initial_metadata.count == 0);
+ op++;
+ GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum);
+
+ ok &= (op->op == GRPC_OP_RECV_INITIAL_METADATA);
+ ok &= (op->data.recv_initial_metadata.recv_initial_metadata ==
+ &event->initial_metadata);
+ op++;
+ GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum);
+ }
+ ok &= (op->op == GRPC_OP_SEND_MESSAGE);
+ ok &= (op->data.send_message.send_message == event->send_buffer);
+ op++;
+ GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum);
+
+ ok &= (op->op == GRPC_OP_RECV_MESSAGE);
+ ok &= (op->data.recv_message.recv_message == &event->recv_buffer);
+ op++;
+ GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum);
+
+ return ok;
+}
+
+static grpc_gcp_handshaker_req* deserialize_handshaker_req(
+ grpc_gcp_handshaker_req_type type, grpc_byte_buffer* buffer) {
+ GPR_ASSERT(buffer != nullptr);
+ grpc_gcp_handshaker_req* req = grpc_gcp_handshaker_decoded_req_create(type);
+ grpc_byte_buffer_reader bbr;
+ GPR_ASSERT(grpc_byte_buffer_reader_init(&bbr, buffer));
+ grpc_slice slice = grpc_byte_buffer_reader_readall(&bbr);
+ GPR_ASSERT(grpc_gcp_handshaker_req_decode(slice, req));
+ grpc_slice_unref(slice);
+ grpc_byte_buffer_reader_destroy(&bbr);
+ return req;
+}
+
+/**
+ * A mock grpc_caller used to check if client_start, server_start, and next
+ * operations correctly handle invalid arguments. It should not be called.
+ */
+static grpc_call_error check_must_not_be_called(grpc_call* call,
+ const grpc_op* ops, size_t nops,
+ void* tag) {
+ GPR_ASSERT(0);
+}
+
+/**
+ * A mock grpc_caller used to check correct execution of client_start operation.
+ * It checks if the client_start handshaker request is populated with correct
+ * handshake_security_protocol, application_protocol, and record_protocol, and
+ * op is correctly populated.
+ */
+static grpc_call_error check_client_start_success(grpc_call* call,
+ const grpc_op* op,
+ size_t nops, void* tag) {
+ alts_tsi_event* event = static_cast<alts_tsi_event*>(tag);
+ grpc_gcp_handshaker_req* req =
+ deserialize_handshaker_req(CLIENT_START_REQ, event->send_buffer);
+ GPR_ASSERT(req->client_start.handshake_security_protocol ==
+ grpc_gcp_HandshakeProtocol_ALTS);
+ const void* data = (static_cast<repeated_field*>(
+ req->client_start.application_protocols.arg))
+ ->data;
+ GPR_ASSERT(data != nullptr);
+ grpc_slice* application_protocol = (grpc_slice*)data;
+ data = (static_cast<repeated_field*>(req->client_start.record_protocols.arg))
+ ->data;
+ grpc_slice* record_protocol = (grpc_slice*)data;
+ GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*application_protocol),
+ ALTS_APPLICATION_PROTOCOL,
+ GRPC_SLICE_LENGTH(*application_protocol)) == 0);
+ GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*record_protocol),
+ ALTS_RECORD_PROTOCOL,
+ GRPC_SLICE_LENGTH(*record_protocol)) == 0);
+ validate_rpc_protocol_versions(&req->client_start.rpc_versions);
+ validate_target_identities(
+ static_cast<repeated_field*>(req->client_start.target_identities.arg));
+ grpc_slice* target_name =
+ static_cast<grpc_slice*>(req->client_start.target_name.arg);
+ GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*target_name),
+ ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME,
+ GRPC_SLICE_LENGTH(*target_name)) == 0);
+ GPR_ASSERT(GRPC_SLICE_LENGTH(*target_name) ==
+ strlen(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME));
+ GPR_ASSERT(validate_op(event, op, nops, true /* is_start */));
+ grpc_gcp_handshaker_req_destroy(req);
+ return GRPC_CALL_OK;
+}
+
+/**
+ * A mock grpc_caller used to check correct execution of server_start operation.
+ * It checks if the server_start handshaker request is populated with correct
+ * handshake_security_protocol, application_protocol, and record_protocol, and
+ * op is correctly populated.
+ */
+static grpc_call_error check_server_start_success(grpc_call* call,
+ const grpc_op* op,
+ size_t nops, void* tag) {
+ alts_tsi_event* event = static_cast<alts_tsi_event*>(tag);
+ grpc_gcp_handshaker_req* req =
+ deserialize_handshaker_req(SERVER_START_REQ, event->send_buffer);
+ const void* data = (static_cast<repeated_field*>(
+ req->server_start.application_protocols.arg))
+ ->data;
+ GPR_ASSERT(data != nullptr);
+ grpc_slice* application_protocol = (grpc_slice*)data;
+ GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*application_protocol),
+ ALTS_APPLICATION_PROTOCOL,
+ GRPC_SLICE_LENGTH(*application_protocol)) == 0);
+ GPR_ASSERT(req->server_start.handshake_parameters_count == 1);
+ GPR_ASSERT(req->server_start.handshake_parameters[0].key ==
+ grpc_gcp_HandshakeProtocol_ALTS);
+ data = (static_cast<repeated_field*>(req->server_start.handshake_parameters[0]
+ .value.record_protocols.arg))
+ ->data;
+ GPR_ASSERT(data != nullptr);
+ grpc_slice* record_protocol = (grpc_slice*)data;
+ GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*record_protocol),
+ ALTS_RECORD_PROTOCOL,
+ GRPC_SLICE_LENGTH(*record_protocol)) == 0);
+ validate_rpc_protocol_versions(&req->server_start.rpc_versions);
+ GPR_ASSERT(validate_op(event, op, nops, true /* is_start */));
+ grpc_gcp_handshaker_req_destroy(req);
+ return GRPC_CALL_OK;
+}
+
+/**
+ * A mock grpc_caller used to check correct execution of next operation. It
+ * checks if the next handshaker request is populated with correct information,
+ * and op is correctly populated.
+ */
+static grpc_call_error check_next_success(grpc_call* call, const grpc_op* op,
+ size_t nops, void* tag) {
+ alts_tsi_event* event = static_cast<alts_tsi_event*>(tag);
+ grpc_gcp_handshaker_req* req =
+ deserialize_handshaker_req(NEXT_REQ, event->send_buffer);
+ grpc_slice* in_bytes = static_cast<grpc_slice*>(req->next.in_bytes.arg);
+ GPR_ASSERT(in_bytes != nullptr);
+ GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*in_bytes),
+ ALTS_HANDSHAKER_CLIENT_TEST_OUT_FRAME,
+ GRPC_SLICE_LENGTH(*in_bytes)) == 0);
+ GPR_ASSERT(validate_op(event, op, nops, false /* is_start */));
+ grpc_gcp_handshaker_req_destroy(req);
+ return GRPC_CALL_OK;
+}
+/**
+ * A mock grpc_caller used to check if client_start, server_start, and next
+ * operations correctly handle the situation when the grpc call made to the
+ * handshaker service fails.
+ */
+static grpc_call_error check_grpc_call_failure(grpc_call* call,
+ const grpc_op* op, size_t nops,
+ void* tag) {
+ return GRPC_CALL_ERROR;
+}
+
+static alts_handshaker_client_test_config* create_config() {
+ alts_handshaker_client_test_config* config =
+ static_cast<alts_handshaker_client_test_config*>(
+ gpr_zalloc(sizeof(*config)));
+ config->channel = grpc_insecure_channel_create(
+ ALTS_HANDSHAKER_CLIENT_TEST_HANDSHAKER_SERVICE_URL, nullptr, nullptr);
+ config->cq = grpc_completion_queue_create_for_next(nullptr);
+ config->client = alts_grpc_handshaker_client_create(
+ config->channel, config->cq,
+ ALTS_HANDSHAKER_CLIENT_TEST_HANDSHAKER_SERVICE_URL);
+ GPR_ASSERT(config->client != nullptr);
+ config->out_frame =
+ grpc_slice_from_static_string(ALTS_HANDSHAKER_CLIENT_TEST_OUT_FRAME);
+ return config;
+}
+
+static void destroy_config(alts_handshaker_client_test_config* config) {
+ if (config == nullptr) {
+ return;
+ }
+ grpc_completion_queue_destroy(config->cq);
+ grpc_channel_destroy(config->channel);
+ alts_handshaker_client_destroy(config->client);
+ grpc_slice_unref(config->out_frame);
+ gpr_free(config);
+}
+
+static void schedule_request_invalid_arg_test() {
+ /* Initialization. */
+ alts_handshaker_client_test_config* config = create_config();
+ alts_tsi_event* event = nullptr;
+
+ /* Tests. */
+ alts_handshaker_client_set_grpc_caller_for_testing(config->client,
+ check_must_not_be_called);
+ event = alts_tsi_event_create_for_testing(true /* is_client */);
+ /* Check client_start. */
+ GPR_ASSERT(alts_handshaker_client_start_client(nullptr, event) ==
+ TSI_INVALID_ARGUMENT);
+ GPR_ASSERT(alts_handshaker_client_start_client(config->client, nullptr) ==
+ TSI_INVALID_ARGUMENT);
+
+ /* Check server_start. */
+ GPR_ASSERT(alts_handshaker_client_start_server(
+ config->client, event, nullptr) == TSI_INVALID_ARGUMENT);
+ GPR_ASSERT(alts_handshaker_client_start_server(config->client, nullptr,
+ &config->out_frame) ==
+ TSI_INVALID_ARGUMENT);
+ GPR_ASSERT(alts_handshaker_client_start_server(
+ nullptr, event, &config->out_frame) == TSI_INVALID_ARGUMENT);
+
+ /* Check next. */
+ GPR_ASSERT(alts_handshaker_client_next(config->client, event, nullptr) ==
+ TSI_INVALID_ARGUMENT);
+ GPR_ASSERT(alts_handshaker_client_next(config->client, nullptr,
+ &config->out_frame) ==
+ TSI_INVALID_ARGUMENT);
+ GPR_ASSERT(alts_handshaker_client_next(nullptr, event, &config->out_frame) ==
+ TSI_INVALID_ARGUMENT);
+
+ /* Cleanup. */
+ alts_tsi_event_destroy(event);
+ destroy_config(config);
+}
+
+static void schedule_request_success_test() {
+ /* Initialization. */
+ alts_handshaker_client_test_config* config = create_config();
+ alts_tsi_event* event = nullptr;
+
+ /* Check client_start success. */
+ alts_handshaker_client_set_grpc_caller_for_testing(
+ config->client, check_client_start_success);
+ event = alts_tsi_event_create_for_testing(true /* is_client. */);
+ GPR_ASSERT(alts_handshaker_client_start_client(config->client, event) ==
+ TSI_OK);
+ alts_tsi_event_destroy(event);
+
+ /* Check server_start success. */
+ alts_handshaker_client_set_grpc_caller_for_testing(
+ config->client, check_server_start_success);
+ event = alts_tsi_event_create_for_testing(false /* is_client. */);
+ GPR_ASSERT(alts_handshaker_client_start_server(config->client, event,
+ &config->out_frame) == TSI_OK);
+ alts_tsi_event_destroy(event);
+
+ /* Check next success. */
+ alts_handshaker_client_set_grpc_caller_for_testing(config->client,
+ check_next_success);
+ event = alts_tsi_event_create_for_testing(true /* is_client. */);
+ GPR_ASSERT(alts_handshaker_client_next(config->client, event,
+ &config->out_frame) == TSI_OK);
+ alts_tsi_event_destroy(event);
+
+ /* Cleanup. */
+ destroy_config(config);
+}
+
+static void schedule_request_grpc_call_failure_test() {
+ /* Initialization. */
+ alts_handshaker_client_test_config* config = create_config();
+ alts_tsi_event* event = nullptr;
+
+ /* Check client_start failure. */
+ alts_handshaker_client_set_grpc_caller_for_testing(config->client,
+ check_grpc_call_failure);
+ event = alts_tsi_event_create_for_testing(true /* is_client. */);
+ GPR_ASSERT(alts_handshaker_client_start_client(config->client, event) ==
+ TSI_INTERNAL_ERROR);
+ alts_tsi_event_destroy(event);
+
+ /* Check server_start failure. */
+ event = alts_tsi_event_create_for_testing(false /* is_client. */);
+ GPR_ASSERT(alts_handshaker_client_start_server(config->client, event,
+ &config->out_frame) ==
+ TSI_INTERNAL_ERROR);
+ alts_tsi_event_destroy(event);
+
+ /* Check next failure. */
+ event = alts_tsi_event_create_for_testing(true /* is_cleint. */);
+ GPR_ASSERT(
+ alts_handshaker_client_next(config->client, event, &config->out_frame) ==
+ TSI_INTERNAL_ERROR);
+ alts_tsi_event_destroy(event);
+
+ /* Cleanup. */
+ destroy_config(config);
+}
+
+int main(int argc, char** argv) {
+ /* Initialization. */
+ grpc_init();
+
+ /* Tests. */
+ schedule_request_invalid_arg_test();
+ schedule_request_success_test();
+ schedule_request_grpc_call_failure_test();
+
+ /* Cleanup. */
+ grpc_shutdown();
+ return 0;
+}
diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc
new file mode 100644
index 0000000..3506264
--- /dev/null
+++ b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc
@@ -0,0 +1,149 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h"
+
+int main(int argc, char** argv) {
+ const char in_bytes[] = "HELLO GOOGLE!";
+ const char out_frames[] = "HELLO WORLD!";
+ const char key_data[] = "THIS IS KEY DATA.";
+ const char details[] = "DETAILS NEED TO BE POPULATED";
+ const uint32_t max_rpc_version_major = 3;
+ const uint32_t max_rpc_version_minor = 2;
+ const uint32_t min_rpc_version_major = 2;
+ const uint32_t min_rpc_version_minor = 1;
+
+ /* handshaker_req_next. */
+ grpc_gcp_handshaker_req* req = grpc_gcp_handshaker_req_create(NEXT_REQ);
+ grpc_gcp_handshaker_req* decoded_req =
+ grpc_gcp_handshaker_decoded_req_create(NEXT_REQ);
+ GPR_ASSERT(
+ grpc_gcp_handshaker_req_set_in_bytes(req, in_bytes, strlen(in_bytes)));
+ grpc_slice encoded_req;
+ GPR_ASSERT(grpc_gcp_handshaker_req_encode(req, &encoded_req));
+ GPR_ASSERT(grpc_gcp_handshaker_req_decode(encoded_req, decoded_req));
+ GPR_ASSERT(grpc_gcp_handshaker_req_equals(req, decoded_req));
+ grpc_gcp_handshaker_req_destroy(req);
+ grpc_gcp_handshaker_req_destroy(decoded_req);
+ grpc_slice_unref(encoded_req);
+
+ /* handshaker_req_client_start. */
+ req = grpc_gcp_handshaker_req_create(CLIENT_START_REQ);
+ decoded_req = grpc_gcp_handshaker_decoded_req_create(CLIENT_START_REQ);
+ GPR_ASSERT(grpc_gcp_handshaker_req_set_handshake_protocol(
+ req, grpc_gcp_HandshakeProtocol_TLS));
+ GPR_ASSERT(grpc_gcp_handshaker_req_set_local_identity_hostname(
+ req, "www.google.com"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_set_local_endpoint(
+ req, "2001:db8::8:800:200C:417a", 9876, grpc_gcp_NetworkProtocol_TCP));
+ GPR_ASSERT(grpc_gcp_handshaker_req_set_remote_endpoint(
+ req, "2001:db8::bac5::fed0:84a2", 1234, grpc_gcp_NetworkProtocol_TCP));
+ GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "grpc"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "http2"));
+ GPR_ASSERT(
+ grpc_gcp_handshaker_req_add_record_protocol(req, "ALTSRP_GCM_AES256"));
+ GPR_ASSERT(
+ grpc_gcp_handshaker_req_add_record_protocol(req, "ALTSRP_GCM_AES384"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_add_target_identity_service_account(
+ req, "foo@google.com"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_set_target_name(
+ req, "google.example.library.service"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_set_rpc_versions(
+ req, max_rpc_version_major, max_rpc_version_minor, min_rpc_version_major,
+ min_rpc_version_minor));
+ GPR_ASSERT(grpc_gcp_handshaker_req_encode(req, &encoded_req));
+ GPR_ASSERT(grpc_gcp_handshaker_req_decode(encoded_req, decoded_req));
+ GPR_ASSERT(grpc_gcp_handshaker_req_equals(req, decoded_req));
+ grpc_gcp_handshaker_req_destroy(req);
+ grpc_gcp_handshaker_req_destroy(decoded_req);
+ grpc_slice_unref(encoded_req);
+
+ /* handshaker_req_server_start. */
+ req = grpc_gcp_handshaker_req_create(SERVER_START_REQ);
+ decoded_req = grpc_gcp_handshaker_decoded_req_create(SERVER_START_REQ);
+ GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "grpc"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "http2"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_set_local_endpoint(
+ req, "2001:db8::8:800:200C:417a", 9876, grpc_gcp_NetworkProtocol_TCP));
+ GPR_ASSERT(grpc_gcp_handshaker_req_set_remote_endpoint(
+ req, "2001:db8::bac5::fed0:84a2", 1234, grpc_gcp_NetworkProtocol_UDP));
+ GPR_ASSERT(
+ grpc_gcp_handshaker_req_set_in_bytes(req, in_bytes, strlen(in_bytes)));
+ GPR_ASSERT(grpc_gcp_handshaker_req_param_add_record_protocol(
+ req, grpc_gcp_HandshakeProtocol_TLS, "ALTSRP_GCM_AES128"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_param_add_local_identity_service_account(
+ req, grpc_gcp_HandshakeProtocol_TLS, "foo@google.com"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_param_add_local_identity_hostname(
+ req, grpc_gcp_HandshakeProtocol_TLS, "yihuaz0.mtv.corp.google.com"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_param_add_record_protocol(
+ req, grpc_gcp_HandshakeProtocol_ALTS, "ALTSRP_GCM_AES128"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_param_add_local_identity_hostname(
+ req, grpc_gcp_HandshakeProtocol_ALTS, "www.amazon.com"));
+ GPR_ASSERT(grpc_gcp_handshaker_req_set_rpc_versions(
+ req, max_rpc_version_major, max_rpc_version_minor, min_rpc_version_major,
+ min_rpc_version_minor));
+
+ GPR_ASSERT(grpc_gcp_handshaker_req_encode(req, &encoded_req));
+ GPR_ASSERT(grpc_gcp_handshaker_req_decode(encoded_req, decoded_req));
+ GPR_ASSERT(grpc_gcp_handshaker_req_equals(req, decoded_req));
+ grpc_gcp_handshaker_req_destroy(req);
+ grpc_gcp_handshaker_req_destroy(decoded_req);
+ grpc_slice_unref(encoded_req);
+
+ /* handshaker_resp. */
+ grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create();
+ grpc_gcp_handshaker_resp* decoded_resp = grpc_gcp_handshaker_resp_create();
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames(resp, out_frames,
+ strlen(out_frames)));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_bytes_consumed(resp, 1024));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_application_protocol(resp, "http"));
+ GPR_ASSERT(
+ grpc_gcp_handshaker_resp_set_record_protocol(resp, "ALTSRP_GCM_AES128"));
+ GPR_ASSERT(
+ grpc_gcp_handshaker_resp_set_key_data(resp, key_data, strlen(key_data)));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_local_identity_hostname(
+ resp, "www.faceboook.com"));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_identity_hostname(
+ resp, "www.amazon.com"));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_channel_open(
+ resp, false /* channel_open */));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_code(resp, 1023));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_details(resp, details));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_rpc_versions(
+ resp, max_rpc_version_major, max_rpc_version_minor, min_rpc_version_major,
+ min_rpc_version_minor));
+ grpc_slice encoded_resp;
+ GPR_ASSERT(grpc_gcp_handshaker_resp_encode(resp, &encoded_resp));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_decode(encoded_resp, decoded_resp));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_equals(resp, decoded_resp));
+ grpc_gcp_handshaker_resp_destroy(resp);
+ grpc_gcp_handshaker_resp_destroy(decoded_resp);
+ grpc_slice_unref(encoded_resp);
+ /* Test invalid arguments. */
+ GPR_ASSERT(!grpc_gcp_handshaker_req_set_in_bytes(nullptr, in_bytes,
+ strlen(in_bytes)));
+ GPR_ASSERT(!grpc_gcp_handshaker_req_param_add_record_protocol(
+ req, grpc_gcp_HandshakeProtocol_TLS, nullptr));
+ GPR_ASSERT(!grpc_gcp_handshaker_req_param_add_local_identity_service_account(
+ nullptr, grpc_gcp_HandshakeProtocol_TLS, nullptr));
+ GPR_ASSERT(!grpc_gcp_handshaker_resp_set_record_protocol(nullptr, nullptr));
+}
diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc
new file mode 100644
index 0000000..ecca04d
--- /dev/null
+++ b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc
@@ -0,0 +1,642 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h"
+
+const size_t kHandshakeProtocolNum = 3;
+
+grpc_gcp_handshaker_req* grpc_gcp_handshaker_decoded_req_create(
+ grpc_gcp_handshaker_req_type type) {
+ grpc_gcp_handshaker_req* req =
+ static_cast<grpc_gcp_handshaker_req*>(gpr_zalloc(sizeof(*req)));
+ switch (type) {
+ case CLIENT_START_REQ:
+ req->has_client_start = true;
+ req->client_start.target_identities.funcs.decode =
+ decode_repeated_identity_cb;
+ req->client_start.application_protocols.funcs.decode =
+ decode_repeated_string_cb;
+ req->client_start.record_protocols.funcs.decode =
+ decode_repeated_string_cb;
+ req->client_start.local_identity.hostname.funcs.decode =
+ decode_string_or_bytes_cb;
+ req->client_start.local_identity.service_account.funcs.decode =
+ decode_string_or_bytes_cb;
+ req->client_start.local_endpoint.ip_address.funcs.decode =
+ decode_string_or_bytes_cb;
+ req->client_start.remote_endpoint.ip_address.funcs.decode =
+ decode_string_or_bytes_cb;
+ req->client_start.target_name.funcs.decode = decode_string_or_bytes_cb;
+ break;
+ case SERVER_START_REQ:
+ req->has_server_start = true;
+ req->server_start.application_protocols.funcs.decode =
+ &decode_repeated_string_cb;
+ for (size_t i = 0; i < kHandshakeProtocolNum; i++) {
+ req->server_start.handshake_parameters[i]
+ .value.local_identities.funcs.decode = &decode_repeated_identity_cb;
+ req->server_start.handshake_parameters[i]
+ .value.record_protocols.funcs.decode = &decode_repeated_string_cb;
+ }
+ req->server_start.in_bytes.funcs.decode = decode_string_or_bytes_cb;
+ req->server_start.local_endpoint.ip_address.funcs.decode =
+ decode_string_or_bytes_cb;
+ req->server_start.remote_endpoint.ip_address.funcs.decode =
+ decode_string_or_bytes_cb;
+ break;
+ case NEXT_REQ:
+ req->has_next = true;
+ break;
+ }
+ return req;
+}
+
+bool grpc_gcp_handshaker_resp_set_application_protocol(
+ grpc_gcp_handshaker_resp* resp, const char* application_protocol) {
+ if (resp == nullptr || application_protocol == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "handshaker_resp_set_application_protocol().");
+ return false;
+ }
+ resp->has_result = true;
+ grpc_slice* slice =
+ create_slice(application_protocol, strlen(application_protocol));
+ resp->result.application_protocol.arg = slice;
+ resp->result.application_protocol.funcs.encode = encode_string_or_bytes_cb;
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_set_record_protocol(
+ grpc_gcp_handshaker_resp* resp, const char* record_protocol) {
+ if (resp == nullptr || record_protocol == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "handshaker_resp_set_record_protocol().");
+ return false;
+ }
+ resp->has_result = true;
+ grpc_slice* slice = create_slice(record_protocol, strlen(record_protocol));
+ resp->result.record_protocol.arg = slice;
+ resp->result.record_protocol.funcs.encode = encode_string_or_bytes_cb;
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_set_key_data(grpc_gcp_handshaker_resp* resp,
+ const char* key_data, size_t size) {
+ if (resp == nullptr || key_data == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to handshaker_resp_set_key_data().");
+ return false;
+ }
+ resp->has_result = true;
+ grpc_slice* slice = create_slice(key_data, size);
+ resp->result.key_data.arg = slice;
+ resp->result.key_data.funcs.encode = encode_string_or_bytes_cb;
+ return true;
+}
+
+static void set_identity_hostname(grpc_gcp_identity* identity,
+ const char* hostname) {
+ grpc_slice* slice = create_slice(hostname, strlen(hostname));
+ identity->hostname.arg = slice;
+ identity->hostname.funcs.encode = encode_string_or_bytes_cb;
+}
+
+static void set_identity_service_account(grpc_gcp_identity* identity,
+ const char* service_account) {
+ grpc_slice* slice = create_slice(service_account, strlen(service_account));
+ identity->service_account.arg = slice;
+ identity->service_account.funcs.encode = encode_string_or_bytes_cb;
+}
+
+bool grpc_gcp_handshaker_resp_set_local_identity_hostname(
+ grpc_gcp_handshaker_resp* resp, const char* hostname) {
+ if (resp == nullptr || hostname == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_handshaker_resp_set_local_identity_hostname().");
+ return false;
+ }
+ resp->has_result = true;
+ resp->result.has_local_identity = true;
+ set_identity_hostname(&resp->result.local_identity, hostname);
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_set_local_identity_service_account(
+ grpc_gcp_handshaker_resp* resp, const char* service_account) {
+ if (resp == nullptr || service_account == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_handshaker_resp_set_local_identity_service_account().");
+ return false;
+ }
+ resp->has_result = true;
+ resp->result.has_local_identity = true;
+ set_identity_service_account(&resp->result.local_identity, service_account);
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_set_peer_identity_hostname(
+ grpc_gcp_handshaker_resp* resp, const char* hostname) {
+ if (resp == nullptr || hostname == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_handshaker_resp_set_peer_identity_hostname().");
+ return false;
+ }
+ resp->has_result = true;
+ resp->result.has_peer_identity = true;
+ set_identity_hostname(&resp->result.peer_identity, hostname);
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_set_peer_identity_service_account(
+ grpc_gcp_handshaker_resp* resp, const char* service_account) {
+ if (resp == nullptr || service_account == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_handshaker_resp_set_peer_identity_service_account().");
+ return false;
+ }
+ resp->has_result = true;
+ resp->result.has_peer_identity = true;
+ set_identity_service_account(&resp->result.peer_identity, service_account);
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_set_channel_open(grpc_gcp_handshaker_resp* resp,
+ bool keep_channel_open) {
+ if (resp == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr argument to "
+ "grpc_gcp_handshaker_resp_set_channel_open().");
+ return false;
+ }
+ resp->has_result = true;
+ resp->result.has_keep_channel_open = true;
+ resp->result.keep_channel_open = keep_channel_open;
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_set_code(grpc_gcp_handshaker_resp* resp,
+ uint32_t code) {
+ if (resp == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr argument to grpc_gcp_handshaker_resp_set_code().");
+ return false;
+ }
+ resp->has_status = true;
+ resp->status.has_code = true;
+ resp->status.code = code;
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_set_details(grpc_gcp_handshaker_resp* resp,
+ const char* details) {
+ if (resp == nullptr || details == nullptr) {
+ gpr_log(
+ GPR_ERROR,
+ "Invalid nullptr arguments to grpc_gcp_handshaker_resp_set_details().");
+ return false;
+ }
+ resp->has_status = true;
+ grpc_slice* slice = create_slice(details, strlen(details));
+ resp->status.details.arg = slice;
+ resp->status.details.funcs.encode = encode_string_or_bytes_cb;
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_set_out_frames(grpc_gcp_handshaker_resp* resp,
+ const char* out_frames,
+ size_t size) {
+ if (resp == nullptr || out_frames == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to "
+ "grpc_gcp_handshaker_resp_set_out_frames().");
+ return false;
+ }
+ grpc_slice* slice = create_slice(out_frames, size);
+ resp->out_frames.arg = slice;
+ resp->out_frames.funcs.encode = encode_string_or_bytes_cb;
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_set_bytes_consumed(grpc_gcp_handshaker_resp* resp,
+ int32_t bytes_consumed) {
+ if (resp == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr argument to "
+ "grpc_gcp_handshaker_resp_set_bytes_consumed().");
+ return false;
+ }
+ resp->has_bytes_consumed = true;
+ resp->bytes_consumed = bytes_consumed;
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_set_peer_rpc_versions(
+ grpc_gcp_handshaker_resp* resp, uint32_t max_major, uint32_t max_minor,
+ uint32_t min_major, uint32_t min_minor) {
+ if (resp == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr argument to "
+ "grpc_gcp_handshaker_resp_set_peer_rpc_versions().");
+ return false;
+ }
+ resp->has_result = true;
+ resp->result.has_peer_rpc_versions = true;
+ grpc_gcp_rpc_protocol_versions* versions = &resp->result.peer_rpc_versions;
+ versions->has_max_rpc_version = true;
+ versions->has_min_rpc_version = true;
+ versions->max_rpc_version.has_major = true;
+ versions->max_rpc_version.has_minor = true;
+ versions->min_rpc_version.has_major = true;
+ versions->min_rpc_version.has_minor = true;
+ versions->max_rpc_version.major = max_major;
+ versions->max_rpc_version.minor = max_minor;
+ versions->min_rpc_version.major = min_major;
+ versions->min_rpc_version.minor = min_minor;
+ return true;
+}
+
+bool grpc_gcp_handshaker_resp_encode(grpc_gcp_handshaker_resp* resp,
+ grpc_slice* slice) {
+ if (resp == nullptr || slice == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr arguments to grpc_gcp_handshaker_resp_encode().");
+ return false;
+ }
+ pb_ostream_t size_stream;
+ memset(&size_stream, 0, sizeof(pb_ostream_t));
+ if (!pb_encode(&size_stream, grpc_gcp_HandshakerResp_fields, resp)) {
+ gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&size_stream));
+ return false;
+ }
+ size_t encoded_length = size_stream.bytes_written;
+ *slice = grpc_slice_malloc(encoded_length);
+ pb_ostream_t output_stream =
+ pb_ostream_from_buffer(GRPC_SLICE_START_PTR(*slice), encoded_length);
+ if (!pb_encode(&output_stream, grpc_gcp_HandshakerResp_fields, resp)) {
+ gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&size_stream));
+ return false;
+ }
+ return true;
+}
+
+bool grpc_gcp_handshaker_req_decode(grpc_slice slice,
+ grpc_gcp_handshaker_req* req) {
+ if (req == nullptr) {
+ gpr_log(GPR_ERROR,
+ "Invalid nullptr argument to grpc_gcp_handshaker_req_decode().");
+ return false;
+ }
+ pb_istream_t stream = pb_istream_from_buffer(GRPC_SLICE_START_PTR(slice),
+ GRPC_SLICE_LENGTH(slice));
+ req->next.in_bytes.funcs.decode = decode_string_or_bytes_cb;
+ if (!pb_decode(&stream, grpc_gcp_HandshakerReq_fields, req)) {
+ gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&stream));
+ return false;
+ }
+ return true;
+}
+
+/* Check equality of a pair of grpc_slice fields. */
+static bool slice_equals(grpc_slice* l_slice, grpc_slice* r_slice) {
+ if (l_slice == nullptr && r_slice == nullptr) {
+ return true;
+ }
+ if (l_slice != nullptr && r_slice != nullptr) {
+ return grpc_slice_eq(*l_slice, *r_slice);
+ }
+ return false;
+}
+
+/* Check equality of a pair of grpc_gcp_identity fields. */
+static bool handshaker_identity_equals(const grpc_gcp_identity* l_id,
+ const grpc_gcp_identity* r_id) {
+ if (!((l_id->hostname.arg != nullptr) != (r_id->hostname.arg != nullptr))) {
+ if (l_id->hostname.arg != nullptr) {
+ return slice_equals(static_cast<grpc_slice*>(l_id->hostname.arg),
+ static_cast<grpc_slice*>(r_id->hostname.arg));
+ }
+ } else {
+ return false;
+ }
+ if (!((l_id->service_account.arg != nullptr) !=
+ (r_id->service_account.arg != nullptr))) {
+ if (l_id->service_account.arg != nullptr) {
+ return slice_equals(static_cast<grpc_slice*>(l_id->service_account.arg),
+ static_cast<grpc_slice*>(r_id->service_account.arg));
+ }
+ } else {
+ return false;
+ }
+ return true;
+}
+
+static bool handshaker_rpc_versions_equals(
+ const grpc_gcp_rpc_protocol_versions* l_version,
+ const grpc_gcp_rpc_protocol_versions* r_version) {
+ bool result = true;
+ result &=
+ (l_version->max_rpc_version.major == r_version->max_rpc_version.major);
+ result &=
+ (l_version->max_rpc_version.minor == r_version->max_rpc_version.minor);
+ result &=
+ (l_version->min_rpc_version.major == r_version->min_rpc_version.major);
+ result &=
+ (l_version->min_rpc_version.minor == r_version->min_rpc_version.minor);
+ return result;
+}
+
+/* Check equality of a pair of grpc_gcp_endpoint fields. */
+static bool handshaker_endpoint_equals(const grpc_gcp_endpoint* l_end,
+ const grpc_gcp_endpoint* r_end) {
+ bool result = true;
+ result &= (l_end->port == r_end->port);
+ result &= (l_end->protocol == r_end->protocol);
+ if (!((l_end->ip_address.arg != nullptr) !=
+ (r_end->ip_address.arg != nullptr))) {
+ if (l_end->ip_address.arg != nullptr) {
+ result &= slice_equals(static_cast<grpc_slice*>(l_end->ip_address.arg),
+ static_cast<grpc_slice*>(r_end->ip_address.arg));
+ }
+ } else {
+ return false;
+ }
+ return result;
+}
+/**
+ * Check if a specific repeated field (i.e., target) is contained in a repeated
+ * field list (i.e., head).
+ */
+static bool repeated_field_list_contains_identity(
+ const repeated_field* head, const repeated_field* target) {
+ repeated_field* field = const_cast<repeated_field*>(head);
+ while (field != nullptr) {
+ if (handshaker_identity_equals(
+ static_cast<const grpc_gcp_identity*>(field->data),
+ static_cast<const grpc_gcp_identity*>(target->data))) {
+ return true;
+ }
+ field = field->next;
+ }
+ return false;
+}
+
+static bool repeated_field_list_contains_string(const repeated_field* head,
+ const repeated_field* target) {
+ repeated_field* field = const_cast<repeated_field*>(head);
+ while (field != nullptr) {
+ if (slice_equals((grpc_slice*)field->data, (grpc_slice*)target->data)) {
+ return true;
+ }
+ field = field->next;
+ }
+ return false;
+}
+
+/* Return a length of repeated field list. */
+static size_t repeated_field_list_get_length(const repeated_field* head) {
+ repeated_field* field = const_cast<repeated_field*>(head);
+ size_t len = 0;
+ while (field != nullptr) {
+ len++;
+ field = field->next;
+ }
+ return len;
+}
+
+/**
+ * Check if a pair of repeated field lists contain the same set of repeated
+ * fields.
+ */
+static bool repeated_field_list_equals_identity(const repeated_field* l_head,
+ const repeated_field* r_head) {
+ if (repeated_field_list_get_length(l_head) !=
+ repeated_field_list_get_length(r_head)) {
+ return false;
+ }
+ repeated_field* field = const_cast<repeated_field*>(l_head);
+ repeated_field* head = const_cast<repeated_field*>(r_head);
+ while (field != nullptr) {
+ if (!repeated_field_list_contains_identity(head, field)) {
+ return false;
+ }
+ field = field->next;
+ }
+ return true;
+}
+
+static bool repeated_field_list_equals_string(const repeated_field* l_head,
+ const repeated_field* r_head) {
+ if (repeated_field_list_get_length(l_head) !=
+ repeated_field_list_get_length(r_head)) {
+ return false;
+ }
+ repeated_field* field = const_cast<repeated_field*>(l_head);
+ repeated_field* head = const_cast<repeated_field*>(r_head);
+ while (field != nullptr) {
+ if (!repeated_field_list_contains_string(head, field)) {
+ return false;
+ }
+ field = field->next;
+ }
+ return true;
+}
+
+/* Check equality of a pair of ALTS client_start handshake requests. */
+bool grpc_gcp_handshaker_client_start_req_equals(
+ grpc_gcp_start_client_handshake_req* l_req,
+ grpc_gcp_start_client_handshake_req* r_req) {
+ bool result = true;
+ /* Compare handshake_security_protocol. */
+ result &=
+ l_req->handshake_security_protocol == r_req->handshake_security_protocol;
+ /* Compare application_protocols, record_protocols, and target_identities. */
+ result &= repeated_field_list_equals_string(
+ static_cast<const repeated_field*>(l_req->application_protocols.arg),
+ static_cast<const repeated_field*>(r_req->application_protocols.arg));
+ result &= repeated_field_list_equals_string(
+ static_cast<const repeated_field*>(l_req->record_protocols.arg),
+ static_cast<const repeated_field*>(r_req->record_protocols.arg));
+ result &= repeated_field_list_equals_identity(
+ static_cast<const repeated_field*>(l_req->target_identities.arg),
+ static_cast<const repeated_field*>(r_req->target_identities.arg));
+ if ((l_req->has_local_identity ^ r_req->has_local_identity) |
+ (l_req->has_local_endpoint ^ r_req->has_local_endpoint) |
+ ((l_req->has_remote_endpoint ^ r_req->has_remote_endpoint)) |
+ (l_req->has_rpc_versions ^ r_req->has_rpc_versions)) {
+ return false;
+ }
+ /* Compare local_identity, local_endpoint, and remote_endpoint. */
+ if (l_req->has_local_identity) {
+ result &= handshaker_identity_equals(&l_req->local_identity,
+ &r_req->local_identity);
+ }
+ if (l_req->has_local_endpoint) {
+ result &= handshaker_endpoint_equals(&l_req->local_endpoint,
+ &r_req->local_endpoint);
+ }
+ if (l_req->has_remote_endpoint) {
+ result &= handshaker_endpoint_equals(&l_req->remote_endpoint,
+ &r_req->remote_endpoint);
+ }
+ if (l_req->has_rpc_versions) {
+ result &= handshaker_rpc_versions_equals(&l_req->rpc_versions,
+ &r_req->rpc_versions);
+ }
+ return result;
+}
+
+/* Check equality of a pair of ALTS server_start handshake requests. */
+bool grpc_gcp_handshaker_server_start_req_equals(
+ grpc_gcp_start_server_handshake_req* l_req,
+ grpc_gcp_start_server_handshake_req* r_req) {
+ bool result = true;
+ /* Compare application_protocols. */
+ result &= repeated_field_list_equals_string(
+ static_cast<const repeated_field*>(l_req->application_protocols.arg),
+ static_cast<const repeated_field*>(r_req->application_protocols.arg));
+ /* Compare handshake_parameters. */
+ size_t i = 0, j = 0;
+ result &=
+ (l_req->handshake_parameters_count == r_req->handshake_parameters_count);
+ for (i = 0; i < l_req->handshake_parameters_count; i++) {
+ bool found = false;
+ for (j = 0; j < r_req->handshake_parameters_count; j++) {
+ if (l_req->handshake_parameters[i].key ==
+ r_req->handshake_parameters[j].key) {
+ found = true;
+ result &= repeated_field_list_equals_string(
+ static_cast<const repeated_field*>(
+ l_req->handshake_parameters[i].value.record_protocols.arg),
+ static_cast<const repeated_field*>(
+ r_req->handshake_parameters[j].value.record_protocols.arg));
+ result &= repeated_field_list_equals_identity(
+ static_cast<const repeated_field*>(
+ l_req->handshake_parameters[i].value.local_identities.arg),
+ static_cast<const repeated_field*>(
+ r_req->handshake_parameters[j].value.local_identities.arg));
+ }
+ }
+ if (!found) {
+ return false;
+ }
+ }
+ /* Compare in_bytes, local_endpoint, remote_endpoint. */
+ result &= slice_equals(static_cast<grpc_slice*>(l_req->in_bytes.arg),
+ static_cast<grpc_slice*>(r_req->in_bytes.arg));
+ if ((l_req->has_local_endpoint ^ r_req->has_local_endpoint) |
+ (l_req->has_remote_endpoint ^ r_req->has_remote_endpoint) |
+ (l_req->has_rpc_versions ^ r_req->has_rpc_versions))
+ return false;
+ if (l_req->has_local_endpoint) {
+ result &= handshaker_endpoint_equals(&l_req->local_endpoint,
+ &r_req->local_endpoint);
+ }
+ if (l_req->has_remote_endpoint) {
+ result &= handshaker_endpoint_equals(&l_req->remote_endpoint,
+ &r_req->remote_endpoint);
+ }
+ if (l_req->has_rpc_versions) {
+ result &= handshaker_rpc_versions_equals(&l_req->rpc_versions,
+ &r_req->rpc_versions);
+ }
+ return result;
+}
+
+/* Check equality of a pair of ALTS handshake requests. */
+bool grpc_gcp_handshaker_req_equals(grpc_gcp_handshaker_req* l_req,
+ grpc_gcp_handshaker_req* r_req) {
+ if (l_req->has_next && r_req->has_next) {
+ return slice_equals(static_cast<grpc_slice*>(l_req->next.in_bytes.arg),
+ static_cast<grpc_slice*>(r_req->next.in_bytes.arg));
+ } else if (l_req->has_client_start && r_req->has_client_start) {
+ return grpc_gcp_handshaker_client_start_req_equals(&l_req->client_start,
+ &r_req->client_start);
+ } else if (l_req->has_server_start && r_req->has_server_start) {
+ return grpc_gcp_handshaker_server_start_req_equals(&l_req->server_start,
+ &r_req->server_start);
+ }
+ return false;
+}
+
+/* Check equality of a pair of ALTS handshake results. */
+bool grpc_gcp_handshaker_resp_result_equals(
+ grpc_gcp_handshaker_result* l_result,
+ grpc_gcp_handshaker_result* r_result) {
+ bool result = true;
+ /* Compare application_protocol, record_protocol, and key_data. */
+ result &= slice_equals(
+ static_cast<grpc_slice*>(l_result->application_protocol.arg),
+ static_cast<grpc_slice*>(r_result->application_protocol.arg));
+ result &=
+ slice_equals(static_cast<grpc_slice*>(l_result->record_protocol.arg),
+ static_cast<grpc_slice*>(r_result->record_protocol.arg));
+ result &= slice_equals(static_cast<grpc_slice*>(l_result->key_data.arg),
+ static_cast<grpc_slice*>(r_result->key_data.arg));
+ /* Compare local_identity, peer_identity, and keep_channel_open. */
+ if ((l_result->has_local_identity ^ r_result->has_local_identity) |
+ (l_result->has_peer_identity ^ r_result->has_peer_identity) |
+ (l_result->has_peer_rpc_versions ^ r_result->has_peer_rpc_versions)) {
+ return false;
+ }
+ if (l_result->has_local_identity) {
+ result &= handshaker_identity_equals(&l_result->local_identity,
+ &r_result->local_identity);
+ }
+ if (l_result->has_peer_identity) {
+ result &= handshaker_identity_equals(&l_result->peer_identity,
+ &r_result->peer_identity);
+ }
+ if (l_result->has_peer_rpc_versions) {
+ result &= handshaker_rpc_versions_equals(&l_result->peer_rpc_versions,
+ &r_result->peer_rpc_versions);
+ }
+ result &= (l_result->keep_channel_open == r_result->keep_channel_open);
+ return result;
+}
+
+/* Check equality of a pair of ALTS handshake responses. */
+bool grpc_gcp_handshaker_resp_equals(grpc_gcp_handshaker_resp* l_resp,
+ grpc_gcp_handshaker_resp* r_resp) {
+ bool result = true;
+ /* Compare out_frames and bytes_consumed. */
+ result &= slice_equals(static_cast<grpc_slice*>(l_resp->out_frames.arg),
+ static_cast<grpc_slice*>(r_resp->out_frames.arg));
+ result &= (l_resp->bytes_consumed == r_resp->bytes_consumed);
+ /* Compare result and status. */
+ if ((l_resp->has_result ^ r_resp->has_result) |
+ (l_resp->has_status ^ r_resp->has_status)) {
+ return false;
+ }
+ if (l_resp->has_result) {
+ result &= grpc_gcp_handshaker_resp_result_equals(&l_resp->result,
+ &r_resp->result);
+ }
+ if (l_resp->has_status) {
+ result &= (l_resp->status.code == r_resp->status.code);
+ result &=
+ slice_equals(static_cast<grpc_slice*>(l_resp->status.details.arg),
+ static_cast<grpc_slice*>(r_resp->status.details.arg));
+ }
+ return result;
+}
diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h
new file mode 100644
index 0000000..2fcbb4e
--- /dev/null
+++ b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h
@@ -0,0 +1,143 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_TEST_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_TEST_LIB_H
+#define GRPC_TEST_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_TEST_LIB_H
+
+#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h"
+#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h"
+#include "src/core/tsi/alts/handshaker/transport_security_common_api.h"
+
+/**
+ * The first part of this file contains function signatures for de-serializing
+ * ALTS handshake requests and setting/serializing ALTS handshake responses,
+ * which simulate the behaviour of grpc server that runs ALTS handshaker
+ * service.
+ */
+
+/**
+ * This method creates a ALTS handshaker request that is used to hold
+ * de-serialized result.
+ */
+grpc_gcp_handshaker_req* grpc_gcp_handshaker_decoded_req_create(
+ grpc_gcp_handshaker_req_type type);
+
+/* This method de-serializes a ALTS handshaker request. */
+bool grpc_gcp_handshaker_req_decode(grpc_slice slice,
+ grpc_gcp_handshaker_req* req);
+
+/* This method serializes a ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_encode(grpc_gcp_handshaker_resp* resp,
+ grpc_slice* slice);
+
+/* This method sets application protocol of ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_set_application_protocol(
+ grpc_gcp_handshaker_resp* resp, const char* application_protocol);
+
+/* This method sets record protocol of ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_set_record_protocol(
+ grpc_gcp_handshaker_resp* resp, const char* record_protocol);
+
+/* This method sets key_data of ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_set_key_data(grpc_gcp_handshaker_resp* resp,
+ const char* key_data, size_t size);
+
+/* This method sets local identity's hostname for ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_set_local_identity_hostname(
+ grpc_gcp_handshaker_resp* resp, const char* hostname);
+
+/**
+ * This method sets local identity's service account for ALTS handshaker
+ * response.
+ */
+bool grpc_gcp_handshaker_resp_set_local_identity_service_account(
+ grpc_gcp_handshaker_resp* resp, const char* service_account);
+
+/* This method sets peer identity's hostname for ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_set_peer_identity_hostname(
+ grpc_gcp_handshaker_resp* resp, const char* hostname);
+
+/**
+ * This method sets peer identity's service account for ALTS handshaker
+ * response.
+ */
+bool grpc_gcp_handshaker_resp_set_peer_identity_service_account(
+ grpc_gcp_handshaker_resp* resp, const char* service_account);
+
+/* This method sets keep_channel_open for ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_set_channel_open(grpc_gcp_handshaker_resp* resp,
+ bool keep_channel_open);
+
+/* This method sets code for ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_set_code(grpc_gcp_handshaker_resp* resp,
+ uint32_t code);
+
+/* This method sets details for ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_set_details(grpc_gcp_handshaker_resp* resp,
+ const char* details);
+
+/* This method sets out_frames for ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_set_out_frames(grpc_gcp_handshaker_resp* resp,
+ const char* out_frames,
+ size_t size);
+
+/* This method sets peer_rpc_versions for ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_set_peer_rpc_versions(
+ grpc_gcp_handshaker_resp* resp, uint32_t max_major, uint32_t max_minor,
+ uint32_t min_major, uint32_t min_minor);
+
+/* This method sets bytes_consumed for ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_set_bytes_consumed(grpc_gcp_handshaker_resp* resp,
+ int32_t bytes_consumed);
+
+/* This method serializes ALTS handshaker response. */
+bool grpc_gcp_handshaker_resp_encode(grpc_gcp_handshaker_resp* resp,
+ grpc_slice* slice);
+
+/* This method de-serializes ALTS handshaker request. */
+bool grpc_gcp_handshaker_req_decode(grpc_slice slice,
+ grpc_gcp_handshaker_req* req);
+
+/**
+ * The second part contains function signatures for checking equality of a pair
+ * of ALTS handshake requests/responses.
+ */
+
+/* This method checks equality of two client_start handshaker requests. */
+bool grpc_gcp_handshaker_client_start_req_equals(
+ grpc_gcp_start_client_handshake_req* l_req,
+ grpc_gcp_start_client_handshake_req* r_req);
+
+/* This method checks equality of two server_start handshaker requests. */
+bool grpc_gcp_handshaker_server_start_req_equals(
+ grpc_gcp_start_server_handshake_req* l_req,
+ grpc_gcp_start_server_handshake_req* r_req);
+
+/* This method checks equality of two ALTS handshaker requests. */
+bool grpc_gcp_handshaker_req_equals(grpc_gcp_handshaker_req* l_req,
+ grpc_gcp_handshaker_req* r_req);
+
+/* This method checks equality of two handshaker response results. */
+bool grpc_gcp_handshaker_resp_result_equals(
+ grpc_gcp_handshaker_result* l_result, grpc_gcp_handshaker_result* r_result);
+
+/* This method checks equality of two ALTS handshaker responses. */
+bool grpc_gcp_handshaker_resp_equals(grpc_gcp_handshaker_resp* l_resp,
+ grpc_gcp_handshaker_resp* r_resp);
+
+#endif // GRPC_TEST_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_TEST_LIB_H
diff --git a/test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc b/test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc
new file mode 100644
index 0000000..95724f8
--- /dev/null
+++ b/test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc
@@ -0,0 +1,682 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <grpc/grpc.h>
+#include <grpc/support/sync.h>
+
+#include "src/core/lib/gprpp/thd.h"
+#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h"
+#include "src/core/tsi/alts/handshaker/alts_tsi_event.h"
+#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h"
+#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h"
+#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h"
+
+#define ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES "Hello World"
+#define ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME "Hello Google"
+#define ALTS_TSI_HANDSHAKER_TEST_CONSUMED_BYTES "Hello "
+#define ALTS_TSI_HANDSHAKER_TEST_REMAIN_BYTES "Google"
+#define ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY "chapi@service.google.com"
+#define ALTS_TSI_HANDSHAKER_TEST_KEY_DATA \
+ "ABCDEFGHIJKLMNOPABCDEFGHIJKLMNOPABCDEFGHIJKL"
+#define ALTS_TSI_HANDSHAKER_TEST_BUFFER_SIZE 100
+#define ALTS_TSI_HANDSHAKER_TEST_SLEEP_TIME_IN_SECONDS 2
+#define ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MAJOR 3
+#define ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MINOR 2
+#define ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MAJOR 2
+#define ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MINOR 1
+
+using grpc_core::internal::
+ alts_tsi_handshaker_get_has_sent_start_message_for_testing;
+using grpc_core::internal::alts_tsi_handshaker_get_is_client_for_testing;
+using grpc_core::internal::alts_tsi_handshaker_get_recv_bytes_for_testing;
+using grpc_core::internal::alts_tsi_handshaker_set_client_for_testing;
+using grpc_core::internal::alts_tsi_handshaker_set_recv_bytes_for_testing;
+
+/* ALTS mock notification. */
+typedef struct notification {
+ gpr_cv cv;
+ gpr_mu mu;
+ bool notified;
+} notification;
+
+/* ALTS mock handshaker client. */
+typedef struct alts_mock_handshaker_client {
+ alts_handshaker_client base;
+ bool used_for_success_test;
+} alts_mock_handshaker_client;
+
+/* Type of ALTS handshaker response. */
+typedef enum {
+ INVALID,
+ FAILED,
+ CLIENT_START,
+ SERVER_START,
+ CLIENT_NEXT,
+ SERVER_NEXT,
+} alts_handshaker_response_type;
+
+static alts_tsi_event* client_start_event;
+static alts_tsi_event* client_next_event;
+static alts_tsi_event* server_start_event;
+static alts_tsi_event* server_next_event;
+static notification caller_to_tsi_notification;
+static notification tsi_to_caller_notification;
+
+static void notification_init(notification* n) {
+ gpr_mu_init(&n->mu);
+ gpr_cv_init(&n->cv);
+ n->notified = false;
+}
+
+static void notification_destroy(notification* n) {
+ gpr_mu_destroy(&n->mu);
+ gpr_cv_destroy(&n->cv);
+}
+
+static void signal(notification* n) {
+ gpr_mu_lock(&n->mu);
+ n->notified = true;
+ gpr_cv_signal(&n->cv);
+ gpr_mu_unlock(&n->mu);
+}
+
+static void wait(notification* n) {
+ gpr_mu_lock(&n->mu);
+ while (!n->notified) {
+ gpr_cv_wait(&n->cv, &n->mu, gpr_inf_future(GPR_CLOCK_REALTIME));
+ }
+ n->notified = false;
+ gpr_mu_unlock(&n->mu);
+}
+
+/**
+ * This method mocks ALTS handshaker service to generate handshaker response
+ * for a specific request.
+ */
+static grpc_byte_buffer* generate_handshaker_response(
+ alts_handshaker_response_type type) {
+ grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create();
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_code(resp, 0));
+ switch (type) {
+ case INVALID:
+ break;
+ case CLIENT_START:
+ case SERVER_START:
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames(
+ resp, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME,
+ strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME)));
+ break;
+ case CLIENT_NEXT:
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames(
+ resp, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME,
+ strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME)));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_identity_service_account(
+ resp, ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_bytes_consumed(
+ resp, strlen(ALTS_TSI_HANDSHAKER_TEST_CONSUMED_BYTES)));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_key_data(
+ resp, ALTS_TSI_HANDSHAKER_TEST_KEY_DATA,
+ strlen(ALTS_TSI_HANDSHAKER_TEST_KEY_DATA)));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_rpc_versions(
+ resp, ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MAJOR,
+ ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MINOR,
+ ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MAJOR,
+ ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MINOR));
+ break;
+ case SERVER_NEXT:
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_identity_service_account(
+ resp, ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_bytes_consumed(
+ resp, strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME)));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_key_data(
+ resp, ALTS_TSI_HANDSHAKER_TEST_KEY_DATA,
+ strlen(ALTS_TSI_HANDSHAKER_TEST_KEY_DATA)));
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_rpc_versions(
+ resp, ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MAJOR,
+ ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MINOR,
+ ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MAJOR,
+ ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MINOR));
+ break;
+ case FAILED:
+ GPR_ASSERT(
+ grpc_gcp_handshaker_resp_set_code(resp, 3 /* INVALID ARGUMENT */));
+ break;
+ }
+ grpc_slice slice;
+ GPR_ASSERT(grpc_gcp_handshaker_resp_encode(resp, &slice));
+ if (type == INVALID) {
+ grpc_slice bad_slice =
+ grpc_slice_split_head(&slice, GRPC_SLICE_LENGTH(slice) - 1);
+ grpc_slice_unref(slice);
+ slice = grpc_slice_ref(bad_slice);
+ grpc_slice_unref(bad_slice);
+ }
+ grpc_byte_buffer* buffer =
+ grpc_raw_byte_buffer_create(&slice, 1 /* number of slices */);
+ grpc_slice_unref(slice);
+ grpc_gcp_handshaker_resp_destroy(resp);
+ return buffer;
+}
+
+static void check_must_not_be_called(tsi_result status, void* user_data,
+ const unsigned char* bytes_to_send,
+ size_t bytes_to_send_size,
+ tsi_handshaker_result* result) {
+ GPR_ASSERT(0);
+}
+
+static void on_client_start_success_cb(tsi_result status, void* user_data,
+ const unsigned char* bytes_to_send,
+ size_t bytes_to_send_size,
+ tsi_handshaker_result* result) {
+ GPR_ASSERT(status == TSI_OK);
+ GPR_ASSERT(user_data == nullptr);
+ GPR_ASSERT(bytes_to_send_size == strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME));
+ GPR_ASSERT(memcmp(bytes_to_send, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME,
+ bytes_to_send_size) == 0);
+ GPR_ASSERT(result == nullptr);
+ /* Validate peer identity. */
+ tsi_peer peer;
+ GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) ==
+ TSI_INVALID_ARGUMENT);
+ /* Validate frame protector. */
+ tsi_frame_protector* protector = nullptr;
+ GPR_ASSERT(tsi_handshaker_result_create_frame_protector(
+ result, nullptr, &protector) == TSI_INVALID_ARGUMENT);
+ /* Validate unused bytes. */
+ const unsigned char* unused_bytes = nullptr;
+ size_t unused_bytes_size = 0;
+ GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &unused_bytes,
+ &unused_bytes_size) ==
+ TSI_INVALID_ARGUMENT);
+ signal(&tsi_to_caller_notification);
+}
+
+static void on_server_start_success_cb(tsi_result status, void* user_data,
+ const unsigned char* bytes_to_send,
+ size_t bytes_to_send_size,
+ tsi_handshaker_result* result) {
+ GPR_ASSERT(status == TSI_OK);
+ GPR_ASSERT(user_data == nullptr);
+ GPR_ASSERT(bytes_to_send_size == strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME));
+ GPR_ASSERT(memcmp(bytes_to_send, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME,
+ bytes_to_send_size) == 0);
+ GPR_ASSERT(result == nullptr);
+ /* Validate peer identity. */
+ tsi_peer peer;
+ GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) ==
+ TSI_INVALID_ARGUMENT);
+ /* Validate frame protector. */
+ tsi_frame_protector* protector = nullptr;
+ GPR_ASSERT(tsi_handshaker_result_create_frame_protector(
+ result, nullptr, &protector) == TSI_INVALID_ARGUMENT);
+ /* Validate unused bytes. */
+ const unsigned char* unused_bytes = nullptr;
+ size_t unused_bytes_size = 0;
+ GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &unused_bytes,
+ &unused_bytes_size) ==
+ TSI_INVALID_ARGUMENT);
+ signal(&tsi_to_caller_notification);
+}
+
+static void on_client_next_success_cb(tsi_result status, void* user_data,
+ const unsigned char* bytes_to_send,
+ size_t bytes_to_send_size,
+ tsi_handshaker_result* result) {
+ GPR_ASSERT(status == TSI_OK);
+ GPR_ASSERT(user_data == nullptr);
+ GPR_ASSERT(bytes_to_send_size == strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME));
+ GPR_ASSERT(memcmp(bytes_to_send, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME,
+ bytes_to_send_size) == 0);
+ GPR_ASSERT(result != nullptr);
+ /* Validate peer identity. */
+ tsi_peer peer;
+ GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) == TSI_OK);
+ GPR_ASSERT(peer.property_count == kTsiAltsNumOfPeerProperties);
+ GPR_ASSERT(memcmp(TSI_ALTS_CERTIFICATE_TYPE, peer.properties[0].value.data,
+ peer.properties[0].value.length) == 0);
+ GPR_ASSERT(memcmp(ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY,
+ peer.properties[1].value.data,
+ peer.properties[1].value.length) == 0);
+ tsi_peer_destruct(&peer);
+ /* Validate unused bytes. */
+ const unsigned char* bytes = nullptr;
+ size_t bytes_size = 0;
+ GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &bytes,
+ &bytes_size) == TSI_OK);
+ GPR_ASSERT(bytes_size == strlen(ALTS_TSI_HANDSHAKER_TEST_REMAIN_BYTES));
+ GPR_ASSERT(memcmp(bytes, ALTS_TSI_HANDSHAKER_TEST_REMAIN_BYTES, bytes_size) ==
+ 0);
+ /* Validate frame protector. */
+ tsi_frame_protector* protector = nullptr;
+ GPR_ASSERT(tsi_handshaker_result_create_frame_protector(
+ result, nullptr, &protector) == TSI_OK);
+ GPR_ASSERT(protector != nullptr);
+ tsi_frame_protector_destroy(protector);
+ tsi_handshaker_result_destroy(result);
+ signal(&tsi_to_caller_notification);
+}
+
+static void on_server_next_success_cb(tsi_result status, void* user_data,
+ const unsigned char* bytes_to_send,
+ size_t bytes_to_send_size,
+ tsi_handshaker_result* result) {
+ GPR_ASSERT(status == TSI_OK);
+ GPR_ASSERT(user_data == nullptr);
+ GPR_ASSERT(bytes_to_send_size == 0);
+ GPR_ASSERT(bytes_to_send == nullptr);
+ GPR_ASSERT(result != nullptr);
+ /* Validate peer identity. */
+ tsi_peer peer;
+ GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) == TSI_OK);
+ GPR_ASSERT(peer.property_count == kTsiAltsNumOfPeerProperties);
+ GPR_ASSERT(memcmp(TSI_ALTS_CERTIFICATE_TYPE, peer.properties[0].value.data,
+ peer.properties[0].value.length) == 0);
+ GPR_ASSERT(memcmp(ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY,
+ peer.properties[1].value.data,
+ peer.properties[1].value.length) == 0);
+ tsi_peer_destruct(&peer);
+ /* Validate unused bytes. */
+ const unsigned char* bytes = nullptr;
+ size_t bytes_size = 0;
+ GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &bytes,
+ &bytes_size) == TSI_OK);
+ GPR_ASSERT(bytes_size == 0);
+ GPR_ASSERT(bytes == nullptr);
+ /* Validate frame protector. */
+ tsi_frame_protector* protector = nullptr;
+ GPR_ASSERT(tsi_handshaker_result_create_frame_protector(
+ result, nullptr, &protector) == TSI_OK);
+ GPR_ASSERT(protector != nullptr);
+ tsi_frame_protector_destroy(protector);
+ tsi_handshaker_result_destroy(result);
+ signal(&tsi_to_caller_notification);
+}
+
+static tsi_result mock_client_start(alts_handshaker_client* self,
+ alts_tsi_event* event) {
+ alts_mock_handshaker_client* client =
+ reinterpret_cast<alts_mock_handshaker_client*>(self);
+ if (!client->used_for_success_test) {
+ alts_tsi_event_destroy(event);
+ return TSI_INTERNAL_ERROR;
+ }
+ GPR_ASSERT(event->cb == on_client_start_success_cb);
+ GPR_ASSERT(event->user_data == nullptr);
+ GPR_ASSERT(!alts_tsi_handshaker_get_has_sent_start_message_for_testing(
+ event->handshaker));
+ /* Populate handshaker response for client_start request. */
+ event->recv_buffer = generate_handshaker_response(CLIENT_START);
+ client_start_event = event;
+ signal(&caller_to_tsi_notification);
+ return TSI_OK;
+}
+
+static tsi_result mock_server_start(alts_handshaker_client* self,
+ alts_tsi_event* event,
+ grpc_slice* bytes_received) {
+ alts_mock_handshaker_client* client =
+ reinterpret_cast<alts_mock_handshaker_client*>(self);
+ if (!client->used_for_success_test) {
+ alts_tsi_event_destroy(event);
+ return TSI_INTERNAL_ERROR;
+ }
+ GPR_ASSERT(event->cb == on_server_start_success_cb);
+ GPR_ASSERT(event->user_data == nullptr);
+ grpc_slice slice = grpc_empty_slice();
+ GPR_ASSERT(grpc_slice_cmp(*bytes_received, slice) == 0);
+ GPR_ASSERT(!alts_tsi_handshaker_get_has_sent_start_message_for_testing(
+ event->handshaker));
+ /* Populate handshaker response for server_start request. */
+ event->recv_buffer = generate_handshaker_response(SERVER_START);
+ server_start_event = event;
+ grpc_slice_unref(slice);
+ signal(&caller_to_tsi_notification);
+ return TSI_OK;
+}
+
+static tsi_result mock_next(alts_handshaker_client* self, alts_tsi_event* event,
+ grpc_slice* bytes_received) {
+ alts_mock_handshaker_client* client =
+ reinterpret_cast<alts_mock_handshaker_client*>(self);
+ if (!client->used_for_success_test) {
+ alts_tsi_event_destroy(event);
+ return TSI_INTERNAL_ERROR;
+ }
+ bool is_client =
+ alts_tsi_handshaker_get_is_client_for_testing(event->handshaker);
+ if (is_client) {
+ GPR_ASSERT(event->cb == on_client_next_success_cb);
+ } else {
+ GPR_ASSERT(event->cb == on_server_next_success_cb);
+ }
+ GPR_ASSERT(event->user_data == nullptr);
+ GPR_ASSERT(bytes_received != nullptr);
+ GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*bytes_received),
+ ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES,
+ GRPC_SLICE_LENGTH(*bytes_received)) == 0);
+ GPR_ASSERT(grpc_slice_cmp(alts_tsi_handshaker_get_recv_bytes_for_testing(
+ event->handshaker),
+ *bytes_received) == 0);
+ GPR_ASSERT(alts_tsi_handshaker_get_has_sent_start_message_for_testing(
+ event->handshaker));
+ /* Populate handshaker response for next request. */
+ grpc_slice out_frame =
+ grpc_slice_from_static_string(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME);
+ if (is_client) {
+ event->recv_buffer = generate_handshaker_response(CLIENT_NEXT);
+ } else {
+ event->recv_buffer = generate_handshaker_response(SERVER_NEXT);
+ }
+ alts_tsi_handshaker_set_recv_bytes_for_testing(event->handshaker, &out_frame);
+ if (is_client) {
+ client_next_event = event;
+ } else {
+ server_next_event = event;
+ }
+ signal(&caller_to_tsi_notification);
+ grpc_slice_unref(out_frame);
+ return TSI_OK;
+}
+
+static void mock_destruct(alts_handshaker_client* client) {}
+
+static const alts_handshaker_client_vtable vtable = {
+ mock_client_start, mock_server_start, mock_next, mock_destruct};
+
+static alts_handshaker_client* alts_mock_handshaker_client_create(
+ bool used_for_success_test) {
+ alts_mock_handshaker_client* client =
+ static_cast<alts_mock_handshaker_client*>(gpr_zalloc(sizeof(*client)));
+ client->base.vtable = &vtable;
+ client->used_for_success_test = used_for_success_test;
+ return &client->base;
+}
+
+static tsi_handshaker* create_test_handshaker(bool used_for_success_test,
+ bool is_client) {
+ tsi_handshaker* handshaker = nullptr;
+ alts_handshaker_client* client =
+ alts_mock_handshaker_client_create(used_for_success_test);
+ grpc_alts_credentials_options* options =
+ grpc_alts_credentials_client_options_create();
+ alts_tsi_handshaker_create(options, "target_name", "lame", is_client,
+ &handshaker);
+ alts_tsi_handshaker* alts_handshaker =
+ reinterpret_cast<alts_tsi_handshaker*>(handshaker);
+ alts_tsi_handshaker_set_client_for_testing(alts_handshaker, client);
+ grpc_alts_credentials_options_destroy(options);
+ return handshaker;
+}
+
+static void check_handshaker_next_invalid_input() {
+ /* Initialization. */
+ tsi_handshaker* handshaker = create_test_handshaker(true, true);
+ /* Check nullptr handshaker. */
+ GPR_ASSERT(tsi_handshaker_next(nullptr, nullptr, 0, nullptr, nullptr, nullptr,
+ check_must_not_be_called,
+ nullptr) == TSI_INVALID_ARGUMENT);
+ /* Check nullptr callback. */
+ GPR_ASSERT(tsi_handshaker_next(handshaker, nullptr, 0, nullptr, nullptr,
+ nullptr, nullptr,
+ nullptr) == TSI_INVALID_ARGUMENT);
+ /* Cleanup. */
+ tsi_handshaker_destroy(handshaker);
+}
+
+static void check_handshaker_next_success() {
+ /**
+ * Create handshakers for which internal mock client is going to do
+ * correctness check.
+ */
+ tsi_handshaker* client_handshaker = create_test_handshaker(
+ true /* used_for_success_test */, true /* is_client */);
+ tsi_handshaker* server_handshaker = create_test_handshaker(
+ true /* used_for_success_test */, false /* is_client */);
+ /* Client start. */
+ GPR_ASSERT(tsi_handshaker_next(client_handshaker, nullptr, 0, nullptr,
+ nullptr, nullptr, on_client_start_success_cb,
+ nullptr) == TSI_ASYNC);
+ wait(&tsi_to_caller_notification);
+ /* Client next. */
+ GPR_ASSERT(tsi_handshaker_next(
+ client_handshaker,
+ (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES,
+ strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr,
+ nullptr, on_client_next_success_cb, nullptr) == TSI_ASYNC);
+ wait(&tsi_to_caller_notification);
+ /* Server start. */
+ GPR_ASSERT(tsi_handshaker_next(server_handshaker, nullptr, 0, nullptr,
+ nullptr, nullptr, on_server_start_success_cb,
+ nullptr) == TSI_ASYNC);
+ wait(&tsi_to_caller_notification);
+ /* Server next. */
+ GPR_ASSERT(tsi_handshaker_next(
+ server_handshaker,
+ (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES,
+ strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr,
+ nullptr, on_server_next_success_cb, nullptr) == TSI_ASYNC);
+ wait(&tsi_to_caller_notification);
+ /* Cleanup. */
+ tsi_handshaker_destroy(server_handshaker);
+ tsi_handshaker_destroy(client_handshaker);
+}
+
+static void check_handshaker_next_failure() {
+ /**
+ * Create handshakers for which internal mock client is always going to fail.
+ */
+ tsi_handshaker* client_handshaker = create_test_handshaker(
+ false /* used_for_success_test */, true /* is_client */);
+ tsi_handshaker* server_handshaker = create_test_handshaker(
+ false /* used_for_success_test */, false /* is_client */);
+ /* Client start. */
+ GPR_ASSERT(tsi_handshaker_next(client_handshaker, nullptr, 0, nullptr,
+ nullptr, nullptr, check_must_not_be_called,
+ nullptr) == TSI_INTERNAL_ERROR);
+ /* Server start. */
+ GPR_ASSERT(tsi_handshaker_next(server_handshaker, nullptr, 0, nullptr,
+ nullptr, nullptr, check_must_not_be_called,
+ nullptr) == TSI_INTERNAL_ERROR);
+ /* Server next. */
+ GPR_ASSERT(tsi_handshaker_next(
+ server_handshaker,
+ (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES,
+ strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr,
+ nullptr, check_must_not_be_called,
+ nullptr) == TSI_INTERNAL_ERROR);
+ /* Client next. */
+ GPR_ASSERT(tsi_handshaker_next(
+ client_handshaker,
+ (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES,
+ strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr,
+ nullptr, check_must_not_be_called,
+ nullptr) == TSI_INTERNAL_ERROR);
+ /* Cleanup. */
+ tsi_handshaker_destroy(server_handshaker);
+ tsi_handshaker_destroy(client_handshaker);
+}
+
+static void on_invalid_input_cb(tsi_result status, void* user_data,
+ const unsigned char* bytes_to_send,
+ size_t bytes_to_send_size,
+ tsi_handshaker_result* result) {
+ GPR_ASSERT(status == TSI_INTERNAL_ERROR);
+ GPR_ASSERT(user_data == nullptr);
+ GPR_ASSERT(bytes_to_send == nullptr);
+ GPR_ASSERT(bytes_to_send_size == 0);
+ GPR_ASSERT(result == nullptr);
+}
+
+static void on_failed_grpc_call_cb(tsi_result status, void* user_data,
+ const unsigned char* bytes_to_send,
+ size_t bytes_to_send_size,
+ tsi_handshaker_result* result) {
+ GPR_ASSERT(status == TSI_INTERNAL_ERROR);
+ GPR_ASSERT(user_data == nullptr);
+ GPR_ASSERT(bytes_to_send == nullptr);
+ GPR_ASSERT(bytes_to_send_size == 0);
+ GPR_ASSERT(result == nullptr);
+}
+
+static void check_handle_response_invalid_input() {
+ /**
+ * Create a handshaker at the client side, for which internal mock client is
+ * always going to fail.
+ */
+ tsi_handshaker* handshaker = create_test_handshaker(
+ false /* used_for_success_test */, true /* is_client */);
+ alts_tsi_handshaker* alts_handshaker =
+ reinterpret_cast<alts_tsi_handshaker*>(handshaker);
+ grpc_byte_buffer recv_buffer;
+ /* Check nullptr handshaker. */
+ alts_tsi_handshaker_handle_response(nullptr, &recv_buffer, GRPC_STATUS_OK,
+ nullptr, on_invalid_input_cb, nullptr,
+ true);
+ /* Check nullptr recv_bytes. */
+ alts_tsi_handshaker_handle_response(alts_handshaker, nullptr, GRPC_STATUS_OK,
+ nullptr, on_invalid_input_cb, nullptr,
+ true);
+ /* Check failed grpc call made to handshaker service. */
+ alts_tsi_handshaker_handle_response(alts_handshaker, &recv_buffer,
+ GRPC_STATUS_UNKNOWN, nullptr,
+ on_failed_grpc_call_cb, nullptr, true);
+
+ alts_tsi_handshaker_handle_response(alts_handshaker, &recv_buffer,
+ GRPC_STATUS_OK, nullptr,
+ on_failed_grpc_call_cb, nullptr, false);
+
+ /* Cleanup. */
+ tsi_handshaker_destroy(handshaker);
+}
+
+static void on_invalid_resp_cb(tsi_result status, void* user_data,
+ const unsigned char* bytes_to_send,
+ size_t bytes_to_send_size,
+ tsi_handshaker_result* result) {
+ GPR_ASSERT(status == TSI_DATA_CORRUPTED);
+ GPR_ASSERT(user_data == nullptr);
+ GPR_ASSERT(bytes_to_send == nullptr);
+ GPR_ASSERT(bytes_to_send_size == 0);
+ GPR_ASSERT(result == nullptr);
+}
+
+static void check_handle_response_invalid_resp() {
+ /**
+ * Create a handshaker at the client side, for which internal mock client is
+ * always going to fail.
+ */
+ tsi_handshaker* handshaker = create_test_handshaker(
+ false /* used_for_success_test */, true /* is_client */);
+ alts_tsi_handshaker* alts_handshaker =
+ reinterpret_cast<alts_tsi_handshaker*>(handshaker);
+ /* Tests. */
+ grpc_byte_buffer* recv_buffer = generate_handshaker_response(INVALID);
+ alts_tsi_handshaker_handle_response(alts_handshaker, recv_buffer,
+ GRPC_STATUS_OK, nullptr,
+ on_invalid_resp_cb, nullptr, true);
+ /* Cleanup. */
+ grpc_byte_buffer_destroy(recv_buffer);
+ tsi_handshaker_destroy(handshaker);
+}
+
+static void check_handle_response_success(void* unused) {
+ /* Client start. */
+ wait(&caller_to_tsi_notification);
+ alts_tsi_event_dispatch_to_handshaker(client_start_event, true /* is_ok */);
+ alts_tsi_event_destroy(client_start_event);
+ /* Client next. */
+ wait(&caller_to_tsi_notification);
+ alts_tsi_event_dispatch_to_handshaker(client_next_event, true /* is_ok */);
+ alts_tsi_event_destroy(client_next_event);
+ /* Server start. */
+ wait(&caller_to_tsi_notification);
+ alts_tsi_event_dispatch_to_handshaker(server_start_event, true /* is_ok */);
+ alts_tsi_event_destroy(server_start_event);
+ /* Server next. */
+ wait(&caller_to_tsi_notification);
+ alts_tsi_event_dispatch_to_handshaker(server_next_event, true /* is_ok */);
+ alts_tsi_event_destroy(server_next_event);
+}
+
+static void on_failed_resp_cb(tsi_result status, void* user_data,
+ const unsigned char* bytes_to_send,
+ size_t bytes_to_send_size,
+ tsi_handshaker_result* result) {
+ GPR_ASSERT(status == TSI_INVALID_ARGUMENT);
+ GPR_ASSERT(user_data == nullptr);
+ GPR_ASSERT(bytes_to_send == nullptr);
+ GPR_ASSERT(bytes_to_send_size == 0);
+ GPR_ASSERT(result == nullptr);
+}
+
+static void check_handle_response_failure() {
+ /**
+ * Create a handshaker at the client side, for which internal mock client is
+ * always going to fail.
+ */
+ tsi_handshaker* handshaker = create_test_handshaker(
+ false /* used_for_success_test */, true /* is_client */);
+ alts_tsi_handshaker* alts_handshaker =
+ reinterpret_cast<alts_tsi_handshaker*>(handshaker);
+ /* Tests. */
+ grpc_byte_buffer* recv_buffer = generate_handshaker_response(FAILED);
+ alts_tsi_handshaker_handle_response(alts_handshaker, recv_buffer,
+ GRPC_STATUS_OK, nullptr,
+ on_failed_resp_cb, nullptr, true);
+ grpc_byte_buffer_destroy(recv_buffer);
+ /* Cleanup. */
+ tsi_handshaker_destroy(handshaker);
+}
+
+void check_handshaker_success() {
+ /* Initialization. */
+ notification_init(&caller_to_tsi_notification);
+ notification_init(&tsi_to_caller_notification);
+ client_start_event = nullptr;
+ client_next_event = nullptr;
+ server_start_event = nullptr;
+ server_next_event = nullptr;
+ /* Tests. */
+ grpc_core::Thread thd("alts_tsi_handshaker_test",
+ &check_handle_response_success, nullptr);
+ thd.Start();
+ check_handshaker_next_success();
+ thd.Join();
+ /* Cleanup. */
+ notification_destroy(&caller_to_tsi_notification);
+ notification_destroy(&tsi_to_caller_notification);
+}
+
+int main(int argc, char** argv) {
+ /* Initialization. */
+ grpc_init();
+ /* Tests. */
+ check_handshaker_success();
+ check_handshaker_next_invalid_input();
+ check_handshaker_next_failure();
+ check_handle_response_invalid_input();
+ check_handle_response_invalid_resp();
+ check_handle_response_failure();
+ /* Cleanup. */
+ grpc_shutdown();
+ return 0;
+}
diff --git a/test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc b/test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc
new file mode 100644
index 0000000..98c5d23
--- /dev/null
+++ b/test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc
@@ -0,0 +1,73 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include "src/core/tsi/alts/handshaker/alts_tsi_utils.h"
+#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h"
+
+#define ALTS_TSI_UTILS_TEST_OUT_FRAME "Hello Google"
+
+static void convert_to_tsi_result_test() {
+ GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_OK) == TSI_OK);
+ GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_UNKNOWN) ==
+ TSI_UNKNOWN_ERROR);
+ GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(
+ GRPC_STATUS_INVALID_ARGUMENT) == TSI_INVALID_ARGUMENT);
+ GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_OUT_OF_RANGE) ==
+ TSI_UNKNOWN_ERROR);
+ GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_INTERNAL) ==
+ TSI_INTERNAL_ERROR);
+ GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_NOT_FOUND) ==
+ TSI_NOT_FOUND);
+}
+
+static void deserialize_response_test() {
+ grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create();
+ GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames(
+ resp, ALTS_TSI_UTILS_TEST_OUT_FRAME,
+ strlen(ALTS_TSI_UTILS_TEST_OUT_FRAME)));
+ grpc_slice slice;
+ GPR_ASSERT(grpc_gcp_handshaker_resp_encode(resp, &slice));
+
+ /* Valid serialization. */
+ grpc_byte_buffer* buffer =
+ grpc_raw_byte_buffer_create(&slice, 1 /* number of slices */);
+ grpc_gcp_handshaker_resp* decoded_resp =
+ alts_tsi_utils_deserialize_response(buffer);
+ GPR_ASSERT(grpc_gcp_handshaker_resp_equals(resp, decoded_resp));
+ grpc_byte_buffer_destroy(buffer);
+
+ /* Invalid serializaiton. */
+ grpc_slice bad_slice =
+ grpc_slice_split_head(&slice, GRPC_SLICE_LENGTH(slice) - 1);
+ buffer = grpc_raw_byte_buffer_create(&bad_slice, 1 /* number of slices */);
+ GPR_ASSERT(alts_tsi_utils_deserialize_response(buffer) == nullptr);
+
+ /* Clean up. */
+ grpc_slice_unref(slice);
+ grpc_slice_unref(bad_slice);
+ grpc_byte_buffer_destroy(buffer);
+ grpc_gcp_handshaker_resp_destroy(resp);
+ grpc_gcp_handshaker_resp_destroy(decoded_resp);
+}
+
+int main(int argc, char** argv) {
+ /* Tests. */
+ deserialize_response_test();
+ convert_to_tsi_result_test();
+ return 0;
+}
diff --git a/test/core/tsi/alts/handshaker/transport_security_common_api_test.cc b/test/core/tsi/alts/handshaker/transport_security_common_api_test.cc
new file mode 100644
index 0000000..6ff1357
--- /dev/null
+++ b/test/core/tsi/alts/handshaker/transport_security_common_api_test.cc
@@ -0,0 +1,196 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "src/core/tsi/alts/handshaker/transport_security_common_api.h"
+
+const size_t kMaxRpcVersionMajor = 3;
+const size_t kMaxRpcVersionMinor = 2;
+const size_t kMinRpcVersionMajor = 2;
+const size_t kMinRpcVersionMinor = 1;
+
+static bool grpc_gcp_rpc_protocol_versions_equal(
+ grpc_gcp_rpc_protocol_versions* l_versions,
+ grpc_gcp_rpc_protocol_versions* r_versions) {
+ GPR_ASSERT(l_versions != nullptr && r_versions != nullptr);
+ if ((l_versions->has_max_rpc_version ^ r_versions->has_max_rpc_version) |
+ (l_versions->has_min_rpc_version ^ r_versions->has_min_rpc_version)) {
+ return false;
+ }
+ if (l_versions->has_max_rpc_version) {
+ if ((l_versions->max_rpc_version.major !=
+ r_versions->max_rpc_version.major) ||
+ (l_versions->max_rpc_version.minor !=
+ r_versions->max_rpc_version.minor)) {
+ return false;
+ }
+ }
+ if (l_versions->has_min_rpc_version) {
+ if ((l_versions->min_rpc_version.major !=
+ r_versions->min_rpc_version.major) ||
+ (l_versions->min_rpc_version.minor !=
+ r_versions->min_rpc_version.minor)) {
+ return false;
+ }
+ }
+ return true;
+}
+
+static void test_success() {
+ grpc_gcp_rpc_protocol_versions version;
+ grpc_gcp_rpc_protocol_versions decoded_version;
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(
+ &version, kMaxRpcVersionMajor, kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(
+ &version, kMinRpcVersionMajor, kMinRpcVersionMinor));
+ /* Serializes to raw bytes. */
+ size_t encoded_length =
+ grpc_gcp_rpc_protocol_versions_encode_length(&version);
+ uint8_t* encoded_bytes = static_cast<uint8_t*>(gpr_malloc(encoded_length));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes(
+ &version, encoded_bytes, encoded_length));
+ grpc_slice encoded_slice;
+ /* Serializes to grpc slice. */
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode(&version, &encoded_slice));
+ /* Checks serialized raw bytes and serialized grpc slice have same content. */
+ GPR_ASSERT(encoded_length == GRPC_SLICE_LENGTH(encoded_slice));
+ GPR_ASSERT(memcmp(encoded_bytes, GRPC_SLICE_START_PTR(encoded_slice),
+ encoded_length) == 0);
+ /* Deserializes and compares with the original version. */
+ GPR_ASSERT(
+ grpc_gcp_rpc_protocol_versions_decode(encoded_slice, &decoded_version));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_equal(&version, &decoded_version));
+ grpc_slice_unref(encoded_slice);
+ gpr_free(encoded_bytes);
+}
+
+static void test_failure() {
+ grpc_gcp_rpc_protocol_versions version, decoded_version;
+ grpc_slice encoded_slice;
+ /* Test for invalid arguments. */
+ GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_set_max(
+ nullptr, kMaxRpcVersionMajor, kMaxRpcVersionMinor));
+ GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_set_min(
+ nullptr, kMinRpcVersionMajor, kMinRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode_length(nullptr) == 0);
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(
+ &version, kMaxRpcVersionMajor, kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(
+ &version, kMinRpcVersionMajor, kMinRpcVersionMinor));
+ size_t encoded_length =
+ grpc_gcp_rpc_protocol_versions_encode_length(&version);
+ uint8_t* encoded_bytes = static_cast<uint8_t*>(gpr_malloc(encoded_length));
+ GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes(
+ nullptr, encoded_bytes, encoded_length));
+ GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes(
+ &version, nullptr, encoded_length));
+ GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes(
+ &version, encoded_bytes, 0));
+ GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode(nullptr, &encoded_slice));
+ GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode(&version, nullptr));
+ GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_decode(encoded_slice, nullptr));
+ /* Test for nanopb decode. */
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode(&version, &encoded_slice));
+ grpc_slice bad_slice = grpc_slice_split_head(
+ &encoded_slice, GRPC_SLICE_LENGTH(encoded_slice) - 1);
+ grpc_slice_unref(encoded_slice);
+ GPR_ASSERT(
+ !grpc_gcp_rpc_protocol_versions_decode(bad_slice, &decoded_version));
+ grpc_slice_unref(bad_slice);
+ gpr_free(encoded_bytes);
+}
+
+static void test_copy() {
+ grpc_gcp_rpc_protocol_versions src;
+ grpc_gcp_rpc_protocol_versions des;
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&src, kMaxRpcVersionMajor,
+ kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&src, kMinRpcVersionMajor,
+ kMinRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_copy(&src, &des));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_equal(&src, &des));
+}
+
+static void test_check_success() {
+ grpc_gcp_rpc_protocol_versions v1;
+ grpc_gcp_rpc_protocol_versions v2;
+ grpc_gcp_rpc_protocol_versions_version highest_common_version;
+ /* test equality. */
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v1, kMaxRpcVersionMajor,
+ kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v1, kMaxRpcVersionMajor,
+ kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v2, kMaxRpcVersionMajor,
+ kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v2, kMaxRpcVersionMajor,
+ kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_check(
+ (const grpc_gcp_rpc_protocol_versions*)&v1,
+ (const grpc_gcp_rpc_protocol_versions*)&v2,
+ &highest_common_version) == 1);
+ GPR_ASSERT(grpc_core::internal::grpc_gcp_rpc_protocol_version_compare(
+ &highest_common_version, &v1.max_rpc_version) == 0);
+
+ /* test inequality. */
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v1, kMaxRpcVersionMajor,
+ kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v1, kMinRpcVersionMinor,
+ kMinRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v2, kMaxRpcVersionMajor,
+ kMinRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v2, kMinRpcVersionMajor,
+ kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_check(
+ (const grpc_gcp_rpc_protocol_versions*)&v1,
+ (const grpc_gcp_rpc_protocol_versions*)&v2,
+ &highest_common_version) == 1);
+ GPR_ASSERT(grpc_core::internal::grpc_gcp_rpc_protocol_version_compare(
+ &highest_common_version, &v2.max_rpc_version) == 0);
+}
+
+static void test_check_failure() {
+ grpc_gcp_rpc_protocol_versions v1;
+ grpc_gcp_rpc_protocol_versions v2;
+ grpc_gcp_rpc_protocol_versions_version highest_common_version;
+
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v1, kMinRpcVersionMajor,
+ kMinRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v1, kMinRpcVersionMajor,
+ kMinRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v2, kMaxRpcVersionMajor,
+ kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v2, kMaxRpcVersionMajor,
+ kMaxRpcVersionMinor));
+ GPR_ASSERT(grpc_gcp_rpc_protocol_versions_check(
+ (const grpc_gcp_rpc_protocol_versions*)&v1,
+ (const grpc_gcp_rpc_protocol_versions*)&v2,
+ &highest_common_version) == 0);
+}
+
+int main(int argc, char** argv) {
+ /* Run tests. */
+ test_success();
+ test_failure();
+ test_copy();
+ test_check_success();
+ test_check_failure();
+ return 0;
+}
diff --git a/test/core/tsi/alts/zero_copy_frame_protector/BUILD b/test/core/tsi/alts/zero_copy_frame_protector/BUILD
new file mode 100644
index 0000000..80f4572
--- /dev/null
+++ b/test/core/tsi/alts/zero_copy_frame_protector/BUILD
@@ -0,0 +1,49 @@
+# Copyright 2018 gRPC authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+load("//bazel:grpc_build_system.bzl", "grpc_cc_test", "grpc_package")
+
+licenses(["notice"]) # Apache v2
+
+grpc_package(name = "zero_copy_frame_protector")
+
+grpc_cc_test(
+ name = "alts_grpc_record_protocol_test",
+ srcs = ["alts_grpc_record_protocol_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ "//test/core/tsi/alts/crypt:alts_crypt_test_util",
+ ],
+)
+
+grpc_cc_test(
+ name = "alts_iovec_record_protocol_test",
+ srcs = ["alts_iovec_record_protocol_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ "//test/core/tsi/alts/crypt:alts_crypt_test_util",
+ ],
+)
+
+grpc_cc_test(
+ name = "alts_zero_copy_grpc_protector_test",
+ srcs = ["alts_zero_copy_grpc_protector_test.cc"],
+ language = "C++",
+ deps = [
+ "//:grpc",
+ "//test/core/tsi/alts/crypt:alts_crypt_test_util",
+ ],
+)
diff --git a/test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc b/test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc
new file mode 100644
index 0000000..fbbea71
--- /dev/null
+++ b/test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc
@@ -0,0 +1,449 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/slice/slice_internal.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h"
+#include "test/core/tsi/alts/crypt/gsec_test_util.h"
+
+constexpr size_t kMaxSliceLength = 256;
+constexpr size_t kMaxSlices = 10;
+constexpr size_t kSealRepeatTimes = 5;
+constexpr size_t kTagLength = 16;
+
+/* Test fixtures for each test cases. */
+struct alts_grpc_record_protocol_test_fixture {
+ alts_grpc_record_protocol* client_protect;
+ alts_grpc_record_protocol* client_unprotect;
+ alts_grpc_record_protocol* server_protect;
+ alts_grpc_record_protocol* server_unprotect;
+};
+
+/* Test input variables for protect/unprotect operations. */
+struct alts_grpc_record_protocol_test_var {
+ size_t header_length;
+ size_t tag_length;
+ grpc_slice_buffer original_sb;
+ grpc_slice_buffer duplicate_sb;
+ grpc_slice_buffer protected_sb;
+ grpc_slice_buffer unprotected_sb;
+};
+
+/* --- Test utility functions. --- */
+
+static void create_random_slice_buffer(grpc_slice_buffer* sb) {
+ GPR_ASSERT(sb != nullptr);
+ size_t slice_count = gsec_test_bias_random_uint32(kMaxSlices) + 1;
+ for (size_t i = 0; i < slice_count; i++) {
+ size_t slice_length = gsec_test_bias_random_uint32(kMaxSliceLength) + 1;
+ grpc_slice slice = GRPC_SLICE_MALLOC(slice_length);
+ gsec_test_random_bytes(GRPC_SLICE_START_PTR(slice), slice_length);
+ grpc_slice_buffer_add(sb, slice);
+ }
+}
+
+static uint8_t* pointer_to_nth_byte(grpc_slice_buffer* sb, size_t index) {
+ GPR_ASSERT(sb != nullptr);
+ GPR_ASSERT(index < sb->length);
+ for (size_t i = 0; i < sb->count; i++) {
+ if (index < GRPC_SLICE_LENGTH(sb->slices[i])) {
+ return GRPC_SLICE_START_PTR(sb->slices[i]) + index;
+ } else {
+ index -= GRPC_SLICE_LENGTH(sb->slices[i]);
+ }
+ }
+ return nullptr;
+}
+
+/* Checks if two slice buffer contents are the same. It is not super efficient,
+ * but OK for testing. */
+static bool are_slice_buffers_equal(grpc_slice_buffer* first,
+ grpc_slice_buffer* second) {
+ GPR_ASSERT(first != nullptr);
+ GPR_ASSERT(second != nullptr);
+ if (first->length != second->length) {
+ return false;
+ }
+ for (size_t i = 0; i < first->length; i++) {
+ uint8_t* first_ptr = pointer_to_nth_byte(first, i);
+ uint8_t* second_ptr = pointer_to_nth_byte(second, i);
+ GPR_ASSERT(first_ptr != nullptr);
+ GPR_ASSERT(second_ptr != nullptr);
+ if ((*first_ptr) != (*second_ptr)) {
+ return false;
+ }
+ }
+ return true;
+}
+
+static void alter_random_byte(grpc_slice_buffer* sb) {
+ GPR_ASSERT(sb != nullptr);
+ if (sb->length == 0) {
+ return;
+ }
+ uint32_t offset =
+ gsec_test_bias_random_uint32(static_cast<uint32_t>(sb->length));
+ uint8_t* ptr = pointer_to_nth_byte(sb, offset);
+ (*ptr)++;
+}
+
+static alts_grpc_record_protocol_test_fixture*
+test_fixture_integrity_only_create(bool rekey) {
+ alts_grpc_record_protocol_test_fixture* fixture =
+ static_cast<alts_grpc_record_protocol_test_fixture*>(
+ gpr_zalloc(sizeof(alts_grpc_record_protocol_test_fixture)));
+ size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength;
+ uint8_t* key;
+ gsec_test_random_array(&key, key_length);
+ gsec_aead_crypter* crypter = nullptr;
+
+ /* Create client record protocol for protect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create(
+ crypter, 8, /*is_client=*/true, /*is_protect=*/true,
+ &fixture->client_protect) == TSI_OK);
+ /* Create client record protocol for unprotect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create(
+ crypter, 8, /*is_client=*/true, /*is_protect=*/false,
+ &fixture->client_unprotect) == TSI_OK);
+ /* Create server record protocol for protect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create(
+ crypter, 8, /*is_client=*/false, /*is_protect=*/true,
+ &fixture->server_protect) == TSI_OK);
+ /* Create server record protocol for unprotect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create(
+ crypter, 8, /*is_client=*/false, /*is_protect=*/false,
+ &fixture->server_unprotect) == TSI_OK);
+
+ gpr_free(key);
+ return fixture;
+}
+
+static alts_grpc_record_protocol_test_fixture*
+test_fixture_integrity_only_no_rekey_create() {
+ return test_fixture_integrity_only_create(false);
+}
+
+static alts_grpc_record_protocol_test_fixture*
+test_fixture_integrity_only_rekey_create() {
+ return test_fixture_integrity_only_create(true);
+}
+
+static alts_grpc_record_protocol_test_fixture*
+test_fixture_privacy_integrity_create(bool rekey) {
+ alts_grpc_record_protocol_test_fixture* fixture =
+ static_cast<alts_grpc_record_protocol_test_fixture*>(
+ gpr_zalloc(sizeof(alts_grpc_record_protocol_test_fixture)));
+ size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength;
+ uint8_t* key;
+ gsec_test_random_array(&key, key_length);
+ gsec_aead_crypter* crypter = nullptr;
+
+ /* Create client record protocol for protect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create(
+ crypter, 8, /*is_client=*/true, /*is_protect=*/true,
+ &fixture->client_protect) == TSI_OK);
+ /* Create client record protocol for unprotect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create(
+ crypter, 8, /*is_client=*/true, /*is_protect=*/false,
+ &fixture->client_unprotect) == TSI_OK);
+ /* Create server record protocol for protect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create(
+ crypter, 8, /*is_client=*/false, /*is_protect=*/true,
+ &fixture->server_protect) == TSI_OK);
+ /* Create server record protocol for unprotect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create(
+ crypter, 8, /*is_client=*/false, /*is_protect=*/false,
+ &fixture->server_unprotect) == TSI_OK);
+
+ gpr_free(key);
+ return fixture;
+}
+
+static alts_grpc_record_protocol_test_fixture*
+test_fixture_privacy_integrity_no_rekey_create() {
+ return test_fixture_privacy_integrity_create(false);
+}
+
+static alts_grpc_record_protocol_test_fixture*
+test_fixture_privacy_integrity_rekey_create() {
+ return test_fixture_privacy_integrity_create(true);
+}
+
+static void alts_grpc_record_protocol_test_fixture_destroy(
+ alts_grpc_record_protocol_test_fixture* fixture) {
+ if (fixture == nullptr) {
+ return;
+ }
+ grpc_core::ExecCtx exec_ctx;
+ alts_grpc_record_protocol_destroy(fixture->client_protect);
+ alts_grpc_record_protocol_destroy(fixture->client_unprotect);
+ alts_grpc_record_protocol_destroy(fixture->server_protect);
+ alts_grpc_record_protocol_destroy(fixture->server_unprotect);
+ grpc_core::ExecCtx::Get()->Flush();
+ gpr_free(fixture);
+}
+
+static alts_grpc_record_protocol_test_var*
+alts_grpc_record_protocol_test_var_create() {
+ alts_grpc_record_protocol_test_var* var =
+ static_cast<alts_grpc_record_protocol_test_var*>(
+ gpr_zalloc(sizeof(alts_grpc_record_protocol_test_var)));
+ var->header_length = alts_iovec_record_protocol_get_header_length();
+ var->tag_length = kTagLength;
+ /* Initialized slice buffers. */
+ grpc_slice_buffer_init(&var->original_sb);
+ grpc_slice_buffer_init(&var->duplicate_sb);
+ grpc_slice_buffer_init(&var->protected_sb);
+ grpc_slice_buffer_init(&var->unprotected_sb);
+ /* Randomly sets content of original_sb, and copies into duplicate_sb. */
+ create_random_slice_buffer(&var->original_sb);
+ for (size_t i = 0; i < var->original_sb.count; i++) {
+ grpc_slice_buffer_add(&var->duplicate_sb,
+ grpc_slice_ref(var->original_sb.slices[i]));
+ }
+ return var;
+}
+
+static void alts_grpc_record_protocol_test_var_destroy(
+ alts_grpc_record_protocol_test_var* var) {
+ if (var == nullptr) {
+ return;
+ }
+ grpc_slice_buffer_destroy_internal(&var->original_sb);
+ grpc_slice_buffer_destroy_internal(&var->duplicate_sb);
+ grpc_slice_buffer_destroy_internal(&var->protected_sb);
+ grpc_slice_buffer_destroy_internal(&var->unprotected_sb);
+ gpr_free(var);
+}
+
+/* --- alts grpc record protocol tests. --- */
+
+static void random_seal_unseal(alts_grpc_record_protocol* sender,
+ alts_grpc_record_protocol* receiver) {
+ grpc_core::ExecCtx exec_ctx;
+ for (size_t i = 0; i < kSealRepeatTimes; i++) {
+ alts_grpc_record_protocol_test_var* var =
+ alts_grpc_record_protocol_test_var_create();
+ /* Seals and then unseals. */
+ size_t data_length = var->original_sb.length;
+ tsi_result status = alts_grpc_record_protocol_protect(
+ sender, &var->original_sb, &var->protected_sb);
+ GPR_ASSERT(status == TSI_OK);
+ GPR_ASSERT(var->protected_sb.length ==
+ data_length + var->header_length + var->tag_length);
+ status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb,
+ &var->unprotected_sb);
+ GPR_ASSERT(status == TSI_OK);
+ GPR_ASSERT(
+ are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb));
+ alts_grpc_record_protocol_test_var_destroy(var);
+ }
+ grpc_core::ExecCtx::Get()->Flush();
+}
+
+static void empty_seal_unseal(alts_grpc_record_protocol* sender,
+ alts_grpc_record_protocol* receiver) {
+ grpc_core::ExecCtx exec_ctx;
+ for (size_t i = 0; i < kSealRepeatTimes; i++) {
+ alts_grpc_record_protocol_test_var* var =
+ alts_grpc_record_protocol_test_var_create();
+ /* Seals and then unseals empty payload. */
+ grpc_slice_buffer_reset_and_unref_internal(&var->original_sb);
+ grpc_slice_buffer_reset_and_unref_internal(&var->duplicate_sb);
+ tsi_result status = alts_grpc_record_protocol_protect(
+ sender, &var->original_sb, &var->protected_sb);
+ GPR_ASSERT(status == TSI_OK);
+ GPR_ASSERT(var->protected_sb.length ==
+ var->header_length + var->tag_length);
+ status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb,
+ &var->unprotected_sb);
+ GPR_ASSERT(status == TSI_OK);
+ GPR_ASSERT(
+ are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb));
+ alts_grpc_record_protocol_test_var_destroy(var);
+ }
+ grpc_core::ExecCtx::Get()->Flush();
+}
+
+static void unsync_seal_unseal(alts_grpc_record_protocol* sender,
+ alts_grpc_record_protocol* receiver) {
+ grpc_core::ExecCtx exec_ctx;
+ tsi_result status;
+ alts_grpc_record_protocol_test_var* var =
+ alts_grpc_record_protocol_test_var_create();
+ /* Seals once. */
+ status = alts_grpc_record_protocol_protect(sender, &var->original_sb,
+ &var->protected_sb);
+ GPR_ASSERT(status == TSI_OK);
+ grpc_slice_buffer_reset_and_unref_internal(&var->protected_sb);
+ /* Seals again. */
+ status = alts_grpc_record_protocol_protect(sender, &var->duplicate_sb,
+ &var->protected_sb);
+ GPR_ASSERT(status == TSI_OK);
+ /* Unseals the second frame. */
+ status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb,
+ &var->unprotected_sb);
+ GPR_ASSERT(status == TSI_INTERNAL_ERROR);
+ alts_grpc_record_protocol_test_var_destroy(var);
+ grpc_core::ExecCtx::Get()->Flush();
+}
+
+static void corrupted_data(alts_grpc_record_protocol* sender,
+ alts_grpc_record_protocol* receiver) {
+ grpc_core::ExecCtx exec_ctx;
+ tsi_result status;
+ alts_grpc_record_protocol_test_var* var =
+ alts_grpc_record_protocol_test_var_create();
+ /* Seals once. */
+ status = alts_grpc_record_protocol_protect(sender, &var->original_sb,
+ &var->protected_sb);
+ GPR_ASSERT(status == TSI_OK);
+ /* Corrupts one byte in protected_sb and tries to unprotect. */
+ alter_random_byte(&var->protected_sb);
+ status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb,
+ &var->unprotected_sb);
+ GPR_ASSERT(status == TSI_INTERNAL_ERROR);
+ alts_grpc_record_protocol_test_var_destroy(var);
+ grpc_core::ExecCtx::Get()->Flush();
+}
+
+static void input_check(alts_grpc_record_protocol* rp) {
+ grpc_core::ExecCtx exec_ctx;
+ tsi_result status;
+ alts_grpc_record_protocol_test_var* var =
+ alts_grpc_record_protocol_test_var_create();
+ /* Protects with nullptr input. */
+ status = alts_grpc_record_protocol_protect(rp, nullptr, &var->protected_sb);
+ GPR_ASSERT(status == TSI_INVALID_ARGUMENT);
+ status = alts_grpc_record_protocol_protect(rp, &var->original_sb, nullptr);
+ GPR_ASSERT(status == TSI_INVALID_ARGUMENT);
+ /* Unprotects with nullptr input. */
+ status = alts_grpc_record_protocol_protect(rp, &var->original_sb,
+ &var->protected_sb);
+ GPR_ASSERT(status == TSI_OK);
+ status =
+ alts_grpc_record_protocol_unprotect(rp, nullptr, &var->unprotected_sb);
+ GPR_ASSERT(status == TSI_INVALID_ARGUMENT);
+ status = alts_grpc_record_protocol_unprotect(rp, &var->protected_sb, nullptr);
+ GPR_ASSERT(status == TSI_INVALID_ARGUMENT);
+ /* Unprotects on a temporary slice buffer which length is smaller than header
+ * length plus tag length. */
+ grpc_slice_buffer temp_sb;
+ grpc_slice_buffer_init(&temp_sb);
+ grpc_slice_buffer_move_first(
+ &var->protected_sb, var->header_length + var->tag_length - 1, &temp_sb);
+ status =
+ alts_grpc_record_protocol_unprotect(rp, &temp_sb, &var->unprotected_sb);
+ GPR_ASSERT(status == TSI_INVALID_ARGUMENT);
+ grpc_slice_buffer_destroy_internal(&temp_sb);
+ alts_grpc_record_protocol_test_var_destroy(var);
+ grpc_core::ExecCtx::Get()->Flush();
+}
+
+/* --- Test cases. --- */
+
+static void alts_grpc_record_protocol_random_seal_unseal_tests(
+ alts_grpc_record_protocol_test_fixture* fixture) {
+ random_seal_unseal(fixture->client_protect, fixture->server_unprotect);
+ random_seal_unseal(fixture->server_protect, fixture->client_unprotect);
+}
+
+static void alts_grpc_record_protocol_empty_seal_unseal_tests(
+ alts_grpc_record_protocol_test_fixture* fixture) {
+ empty_seal_unseal(fixture->client_protect, fixture->server_unprotect);
+ empty_seal_unseal(fixture->server_protect, fixture->client_unprotect);
+}
+
+static void alts_grpc_record_protocol_unsync_seal_unseal_tests(
+ alts_grpc_record_protocol_test_fixture* fixture) {
+ unsync_seal_unseal(fixture->client_protect, fixture->server_unprotect);
+ unsync_seal_unseal(fixture->server_protect, fixture->client_unprotect);
+}
+
+static void alts_grpc_record_protocol_corrupted_data_tests(
+ alts_grpc_record_protocol_test_fixture* fixture) {
+ corrupted_data(fixture->client_protect, fixture->server_unprotect);
+ corrupted_data(fixture->server_protect, fixture->client_unprotect);
+}
+
+static void alts_grpc_record_protocol_input_check_tests(
+ alts_grpc_record_protocol_test_fixture* fixture) {
+ input_check(fixture->client_protect);
+}
+
+static void alts_grpc_record_protocol_tests(
+ alts_grpc_record_protocol_test_fixture* (*fixture_create)()) {
+ auto* fixture_1 = fixture_create();
+ alts_grpc_record_protocol_random_seal_unseal_tests(fixture_1);
+ alts_grpc_record_protocol_test_fixture_destroy(fixture_1);
+
+ auto* fixture_2 = fixture_create();
+ alts_grpc_record_protocol_empty_seal_unseal_tests(fixture_2);
+ alts_grpc_record_protocol_test_fixture_destroy(fixture_2);
+
+ auto* fixture_3 = fixture_create();
+ alts_grpc_record_protocol_unsync_seal_unseal_tests(fixture_3);
+ alts_grpc_record_protocol_test_fixture_destroy(fixture_3);
+
+ auto* fixture_4 = fixture_create();
+ alts_grpc_record_protocol_corrupted_data_tests(fixture_4);
+ alts_grpc_record_protocol_test_fixture_destroy(fixture_4);
+
+ auto* fixture_5 = fixture_create();
+ alts_grpc_record_protocol_input_check_tests(fixture_5);
+ alts_grpc_record_protocol_test_fixture_destroy(fixture_5);
+}
+
+int main(int argc, char** argv) {
+ alts_grpc_record_protocol_tests(&test_fixture_integrity_only_no_rekey_create);
+ alts_grpc_record_protocol_tests(&test_fixture_integrity_only_rekey_create);
+ alts_grpc_record_protocol_tests(
+ &test_fixture_privacy_integrity_no_rekey_create);
+ alts_grpc_record_protocol_tests(&test_fixture_privacy_integrity_rekey_create);
+
+ return 0;
+}
diff --git a/test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc b/test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc
new file mode 100644
index 0000000..db1934b
--- /dev/null
+++ b/test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc
@@ -0,0 +1,928 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h"
+#include "test/core/tsi/alts/crypt/gsec_test_util.h"
+
+constexpr size_t kMaxDataSize = 1024;
+constexpr size_t kMaxSlices = 10;
+constexpr size_t kSealRepeatTimes = 5;
+constexpr size_t kTagLength = 16;
+
+/* Test fixtures for each test cases. */
+struct alts_iovec_record_protocol_test_fixture {
+ alts_iovec_record_protocol* client_protect;
+ alts_iovec_record_protocol* client_unprotect;
+ alts_iovec_record_protocol* server_protect;
+ alts_iovec_record_protocol* server_unprotect;
+};
+
+/* Test variables for protect/unprotect operations. */
+struct alts_iovec_record_protocol_test_var {
+ uint8_t* header_buf;
+ size_t header_length;
+ iovec_t header_iovec;
+ uint8_t* tag_buf;
+ size_t tag_length;
+ iovec_t tag_iovec;
+ uint8_t* data_buf;
+ uint8_t* dup_buf;
+ size_t data_length;
+ iovec_t* data_iovec;
+ size_t data_iovec_length;
+ uint8_t* protected_buf;
+ iovec_t protected_iovec;
+ iovec_t unprotected_iovec;
+};
+
+/* --- Test utility functions. --- */
+
+static void randomly_slice(uint8_t* input, size_t input_length,
+ iovec_t** output, size_t* output_length) {
+ if (input_length == 0) {
+ *output = nullptr;
+ *output_length = 0;
+ return;
+ }
+ *output_length = gsec_test_bias_random_uint32(kMaxSlices) + 1;
+ *output = static_cast<iovec_t*>(gpr_malloc(*output_length * sizeof(iovec_t)));
+ for (size_t i = 0; i < *output_length - 1; i++) {
+ size_t slice_length =
+ gsec_test_bias_random_uint32(static_cast<uint32_t>(input_length));
+ iovec_t slice = {input, slice_length};
+ (*output)[i] = slice;
+ input += slice_length;
+ input_length -= slice_length;
+ }
+ iovec_t slice = {input, input_length};
+ (*output)[*output_length - 1] = slice;
+}
+
+static size_t alter_random_byte(uint8_t* buf, size_t buf_length) {
+ GPR_ASSERT(buf != nullptr);
+ uint32_t offset =
+ gsec_test_bias_random_uint32(static_cast<uint32_t>(buf_length));
+ (*(buf + offset))++;
+ return offset;
+}
+
+static void revert_back_alter(uint8_t* buf, size_t offset) {
+ GPR_ASSERT(buf != nullptr);
+ (*(buf + offset))--;
+}
+
+static alts_iovec_record_protocol_test_fixture*
+alts_iovec_record_protocol_test_fixture_create(bool rekey,
+ bool integrity_only) {
+ alts_iovec_record_protocol_test_fixture* fixture =
+ static_cast<alts_iovec_record_protocol_test_fixture*>(
+ gpr_malloc(sizeof(alts_iovec_record_protocol_test_fixture)));
+ size_t overflow_size = 8;
+ size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength;
+ uint8_t* key;
+ gsec_test_random_array(&key, key_length);
+ gsec_aead_crypter* crypter = nullptr;
+ /* Create client record protocol for protect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_iovec_record_protocol_create(
+ crypter, overflow_size, /*is_client=*/true, integrity_only,
+ /*is_protect=*/true, &fixture->client_protect,
+ nullptr) == GRPC_STATUS_OK);
+ /* Create client record protocol for unprotect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_iovec_record_protocol_create(
+ crypter, overflow_size, /*is_client=*/true, integrity_only,
+ /*is_protect=*/false, &fixture->client_unprotect,
+ nullptr) == GRPC_STATUS_OK);
+ /* Create server record protocol for protect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_iovec_record_protocol_create(
+ crypter, overflow_size, /*is_client=*/false, integrity_only,
+ /*is_protect=*/true, &fixture->server_protect,
+ nullptr) == GRPC_STATUS_OK);
+ /* Create server record protocol for unprotect. */
+ GPR_ASSERT(gsec_aes_gcm_aead_crypter_create(
+ key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey,
+ &crypter, nullptr) == GRPC_STATUS_OK);
+ GPR_ASSERT(alts_iovec_record_protocol_create(
+ crypter, overflow_size, /*is_client=*/false, integrity_only,
+ /*is_protect=*/false, &fixture->server_unprotect,
+ nullptr) == GRPC_STATUS_OK);
+
+ gpr_free(key);
+ return fixture;
+}
+
+static void alts_iovec_record_protocol_test_fixture_destroy(
+ alts_iovec_record_protocol_test_fixture* fixture) {
+ if (fixture == nullptr) {
+ return;
+ }
+ alts_iovec_record_protocol_destroy(fixture->client_protect);
+ alts_iovec_record_protocol_destroy(fixture->client_unprotect);
+ alts_iovec_record_protocol_destroy(fixture->server_protect);
+ alts_iovec_record_protocol_destroy(fixture->server_unprotect);
+ gpr_free(fixture);
+}
+
+static alts_iovec_record_protocol_test_var*
+alts_iovec_record_protocol_test_var_create() {
+ auto* var = static_cast<alts_iovec_record_protocol_test_var*>(
+ gpr_zalloc(sizeof(alts_iovec_record_protocol_test_var)));
+ /* Sets header buffer. */
+ var->header_length = alts_iovec_record_protocol_get_header_length();
+ var->header_buf = static_cast<uint8_t*>(gpr_malloc(var->header_length));
+ var->header_iovec.iov_base = var->header_buf;
+ var->header_iovec.iov_len = var->header_length;
+ /* Sets tag buffer. */
+ var->tag_length = kTagLength;
+ var->tag_buf = static_cast<uint8_t*>(gpr_malloc(var->tag_length));
+ var->tag_iovec.iov_base = var->tag_buf;
+ var->tag_iovec.iov_len = var->tag_length;
+ /* Randomly sets data buffer and duplicates to dup_buf. */
+ var->data_length = gsec_test_bias_random_uint32(kMaxDataSize) + 1;
+ var->data_buf = static_cast<uint8_t*>(gpr_malloc(var->data_length));
+ gsec_test_random_bytes(var->data_buf, var->data_length);
+ gsec_test_copy(var->data_buf, &var->dup_buf, var->data_length);
+ var->data_iovec = nullptr;
+ var->data_iovec_length = 0;
+ randomly_slice(var->data_buf, var->data_length, &var->data_iovec,
+ &var->data_iovec_length);
+ /* Sets protected iovec. */
+ size_t protected_buf_length =
+ var->header_length + var->data_length + var->tag_length;
+ var->protected_buf = static_cast<uint8_t*>(gpr_malloc(protected_buf_length));
+ var->protected_iovec.iov_base = var->protected_buf;
+ var->protected_iovec.iov_len = protected_buf_length;
+ /* Unprotected iovec points to data_buf. */
+ var->unprotected_iovec.iov_base = var->data_buf;
+ var->unprotected_iovec.iov_len = var->data_length;
+ return var;
+}
+
+static void alts_iovec_record_protocol_test_var_destroy(
+ alts_iovec_record_protocol_test_var* var) {
+ if (var == nullptr) {
+ return;
+ }
+ gpr_free(var->header_buf);
+ gpr_free(var->tag_buf);
+ gpr_free(var->data_buf);
+ gpr_free(var->dup_buf);
+ gpr_free(var->data_iovec);
+ gpr_free(var->protected_buf);
+ gpr_free(var);
+}
+
+/* --- Integrity-only protect/unprotect tests. --- */
+
+static void integrity_only_random_seal_unseal(
+ alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) {
+ for (size_t i = 0; i < kSealRepeatTimes; i++) {
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ /* Seals and then unseals. */
+ grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect(
+ sender, var->data_iovec, var->data_iovec_length, var->header_iovec,
+ var->tag_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ gpr_free(var->data_iovec);
+ /* Randomly slices data buffer again. */
+ randomly_slice(var->data_buf, var->data_length, &var->data_iovec,
+ &var->data_iovec_length);
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ receiver, var->data_iovec, var->data_iovec_length, var->header_iovec,
+ var->tag_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ /* Makes sure data buffer has not been modified during
+ * seal/unseal. */
+ GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0);
+ alts_iovec_record_protocol_test_var_destroy(var);
+ }
+}
+
+static void integrity_only_empty_seal_unseal(
+ alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) {
+ for (size_t i = 0; i < kSealRepeatTimes; i++) {
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ /* Seals and then unseals empty payload. */
+ grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect(
+ sender, nullptr, 0, var->header_iovec, var->tag_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ receiver, nullptr, 0, var->header_iovec, var->tag_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ alts_iovec_record_protocol_test_var_destroy(var);
+ }
+}
+
+static void integrity_only_unsync_seal_unseal(
+ alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) {
+ /* Seals once. */
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect(
+ sender, var->data_iovec, var->data_iovec_length, var->header_iovec,
+ var->tag_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ alts_iovec_record_protocol_test_var_destroy(var);
+ /* Seals again. */
+ var = alts_iovec_record_protocol_test_var_create();
+ status = alts_iovec_record_protocol_integrity_only_protect(
+ sender, var->data_iovec, var->data_iovec_length, var->header_iovec,
+ var->tag_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ /* Unseals the second frame. */
+ char* error_message = nullptr;
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ receiver, var->data_iovec, var->data_iovec_length, var->header_iovec,
+ var->tag_iovec, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INTERNAL, error_message,
+ "Frame tag verification failed."));
+ gpr_free(error_message);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+static void integrity_only_corrupted_data(
+ alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) {
+ /* Seals the data first. */
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect(
+ sender, var->data_iovec, var->data_iovec_length, var->header_iovec,
+ var->tag_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ /* Alter frame length field. */
+ char* error_message = nullptr;
+ size_t offset =
+ alter_random_byte(var->header_buf, kZeroCopyFrameLengthFieldSize);
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ receiver, var->data_iovec, var->data_iovec_length, var->header_iovec,
+ var->tag_iovec, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INTERNAL, error_message, "Bad frame length."));
+ gpr_free(error_message);
+ revert_back_alter(var->header_buf, offset);
+ /* Alter message type field. */
+ offset = alter_random_byte(var->header_buf + kZeroCopyFrameLengthFieldSize,
+ kZeroCopyFrameMessageTypeFieldSize);
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ receiver, var->data_iovec, var->data_iovec_length, var->header_iovec,
+ var->tag_iovec, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INTERNAL, error_message,
+ "Unsupported message type."));
+ gpr_free(error_message);
+ revert_back_alter(var->header_buf + kZeroCopyFrameLengthFieldSize, offset);
+ /* Alter data. */
+ offset = alter_random_byte(var->data_buf, var->data_length);
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ receiver, var->data_iovec, var->data_iovec_length, var->header_iovec,
+ var->tag_iovec, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INTERNAL, error_message,
+ "Frame tag verification failed."));
+ gpr_free(error_message);
+ revert_back_alter(var->data_buf, offset);
+ /* Alter tag. */
+ offset = alter_random_byte(var->tag_buf, var->tag_length);
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ receiver, var->data_iovec, var->data_iovec_length, var->header_iovec,
+ var->tag_iovec, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INTERNAL, error_message,
+ "Frame tag verification failed."));
+ gpr_free(error_message);
+ revert_back_alter(var->tag_buf, offset);
+ /* Reverted protected data should be verified correctly. */
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ receiver, var->data_iovec, var->data_iovec_length, var->header_iovec,
+ var->tag_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+static void integrity_only_protect_input_check(alts_iovec_record_protocol* rp) {
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ char* error_message = nullptr;
+ /* Header buffer is nullptr. */
+ iovec_t header_iovec = {nullptr, var->header_length};
+ grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect(
+ rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Header is nullptr."));
+ gpr_free(error_message);
+ /* Header buffer length is 0. */
+ header_iovec.iov_base = var->header_buf;
+ header_iovec.iov_len = 0;
+ status = alts_iovec_record_protocol_integrity_only_protect(
+ rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Header length is incorrect."));
+ gpr_free(error_message);
+ /* Tag buffer is nullptr. */
+ iovec_t tag_iovec = {nullptr, var->tag_length};
+ status = alts_iovec_record_protocol_integrity_only_protect(
+ rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "Tag is nullptr."));
+ gpr_free(error_message);
+ /* Tag buffer length is 0. */
+ tag_iovec.iov_base = var->tag_buf;
+ tag_iovec.iov_len = 0;
+ status = alts_iovec_record_protocol_integrity_only_protect(
+ rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Tag length is incorrect."));
+ gpr_free(error_message);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+static void integrity_only_unprotect_input_check(
+ alts_iovec_record_protocol* rp) {
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ char* error_message = nullptr;
+ /* Header buffer is nullptr. */
+ iovec_t header_iovec = {nullptr, var->header_length};
+ grpc_status_code status = alts_iovec_record_protocol_integrity_only_unprotect(
+ rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Header is nullptr."));
+ gpr_free(error_message);
+ /* Header buffer length is 0. */
+ header_iovec.iov_base = var->header_buf;
+ header_iovec.iov_len = 0;
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Header length is incorrect."));
+ gpr_free(error_message);
+ /* Tag buffer is nullptr. */
+ iovec_t tag_iovec = {nullptr, var->tag_length};
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "Tag is nullptr."));
+ gpr_free(error_message);
+ /* Tag buffer length is 0. */
+ tag_iovec.iov_base = var->tag_buf;
+ tag_iovec.iov_len = 0;
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Tag length is incorrect."));
+ gpr_free(error_message);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+/* --- Privacy-integrity protect/unprotect tests. --- */
+
+static void privacy_integrity_random_seal_unseal(
+ alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) {
+ for (size_t i = 0; i < kSealRepeatTimes; i++) {
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ /* Seals and then unseals. */
+ grpc_status_code status =
+ alts_iovec_record_protocol_privacy_integrity_protect(
+ sender, var->data_iovec, var->data_iovec_length,
+ var->protected_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ iovec_t header_iovec = {var->protected_buf, var->header_length};
+ gpr_free(var->data_iovec);
+ /* Randomly slices protected buffer, excluding the header. */
+ randomly_slice(var->protected_buf + var->header_length,
+ var->data_length + var->tag_length, &var->data_iovec,
+ &var->data_iovec_length);
+ status = alts_iovec_record_protocol_privacy_integrity_unprotect(
+ receiver, header_iovec, var->data_iovec, var->data_iovec_length,
+ var->unprotected_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ /* Makes sure unprotected data are the same as the original. */
+ GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0);
+ alts_iovec_record_protocol_test_var_destroy(var);
+ }
+}
+
+static void privacy_integrity_empty_seal_unseal(
+ alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) {
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ size_t empty_payload_frame_size = var->header_length + var->tag_length;
+ auto* protected_buf =
+ static_cast<uint8_t*>(gpr_malloc(empty_payload_frame_size));
+ for (size_t i = 0; i < kSealRepeatTimes; i++) {
+ iovec_t protected_iovec = {protected_buf, empty_payload_frame_size};
+ iovec_t unprotected_iovec = {nullptr, 0};
+ iovec_t data_iovec = {protected_buf + var->header_length, var->tag_length};
+ /* Seals and then unseals empty payload. */
+ grpc_status_code status =
+ alts_iovec_record_protocol_privacy_integrity_protect(
+ sender, nullptr, 0, protected_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ iovec_t header_iovec = {protected_buf, var->header_length};
+ status = alts_iovec_record_protocol_privacy_integrity_unprotect(
+ receiver, header_iovec, &data_iovec, 1, unprotected_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ }
+ gpr_free(protected_buf);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+static void privacy_integrity_unsync_seal_unseal(
+ alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) {
+ /* Seals once. */
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ grpc_status_code status =
+ alts_iovec_record_protocol_privacy_integrity_protect(
+ sender, var->data_iovec, var->data_iovec_length, var->protected_iovec,
+ nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ alts_iovec_record_protocol_test_var_destroy(var);
+ /* Seals again. */
+ var = alts_iovec_record_protocol_test_var_create();
+ status = alts_iovec_record_protocol_privacy_integrity_protect(
+ sender, var->data_iovec, var->data_iovec_length, var->protected_iovec,
+ nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ /* Unseals the second frame. */
+ char* error_message = nullptr;
+ iovec_t header_iovec = {var->protected_buf, var->header_length};
+ iovec_t protected_iovec = {var->protected_buf + var->header_length,
+ var->data_length + var->tag_length};
+ status = alts_iovec_record_protocol_privacy_integrity_unprotect(
+ receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INTERNAL, error_message, "Frame decryption failed."));
+ gpr_free(error_message);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+static void privacy_integrity_corrupted_data(
+ alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) {
+ /* Seals the data first. */
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ grpc_status_code status =
+ alts_iovec_record_protocol_privacy_integrity_protect(
+ sender, var->data_iovec, var->data_iovec_length, var->protected_iovec,
+ nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ char* error_message = nullptr;
+ uint8_t* header_buf = var->protected_buf;
+ size_t header_length = var->header_length;
+ iovec_t header_iovec = {header_buf, header_length};
+ /* The following protected_buf and protected_length excludes header. */
+ uint8_t* protected_buf = var->protected_buf + var->header_length;
+ size_t protected_length = var->data_length + var->tag_length;
+ iovec_t protected_iovec = {protected_buf, protected_length};
+ /* Alter frame length field. */
+ size_t offset = alter_random_byte(header_buf, kZeroCopyFrameLengthFieldSize);
+ status = alts_iovec_record_protocol_privacy_integrity_unprotect(
+ receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INTERNAL, error_message, "Bad frame length."));
+ gpr_free(error_message);
+ revert_back_alter(header_buf, offset);
+ /* Alter message type field. */
+ offset = alter_random_byte(header_buf + kZeroCopyFrameLengthFieldSize,
+ kZeroCopyFrameMessageTypeFieldSize);
+ status = alts_iovec_record_protocol_privacy_integrity_unprotect(
+ receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INTERNAL, error_message,
+ "Unsupported message type."));
+ gpr_free(error_message);
+ revert_back_alter(header_buf + kZeroCopyFrameLengthFieldSize, offset);
+ /* Alter protected data. */
+ offset = alter_random_byte(protected_buf, protected_length);
+ status = alts_iovec_record_protocol_privacy_integrity_unprotect(
+ receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INTERNAL, error_message, "Frame decryption failed."));
+ gpr_free(error_message);
+ revert_back_alter(protected_buf, offset);
+ /* Reverted protected data should be verified correctly. */
+ status = alts_iovec_record_protocol_privacy_integrity_unprotect(
+ receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec,
+ nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+static void privacy_integrity_protect_input_check(
+ alts_iovec_record_protocol* rp) {
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ char* error_message = nullptr;
+ /* Protected output buffer is nullptr. */
+ iovec_t protected_iovec = {nullptr, var->protected_iovec.iov_len};
+ grpc_status_code status =
+ alts_iovec_record_protocol_privacy_integrity_protect(
+ rp, var->data_iovec, var->data_iovec_length, protected_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Protected frame is nullptr."));
+ gpr_free(error_message);
+ /* Protected output buffer length incorrect. */
+ protected_iovec.iov_base = var->protected_buf;
+ protected_iovec.iov_len = var->header_length + var->data_length;
+ status = alts_iovec_record_protocol_privacy_integrity_protect(
+ rp, var->data_iovec, var->data_iovec_length, protected_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Protected frame size is incorrect."));
+ gpr_free(error_message);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+static void privacy_integrity_unprotect_input_check(
+ alts_iovec_record_protocol* rp) {
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ char* error_message = nullptr;
+ /* Header buffer is nullptr. */
+ iovec_t header_iovec = {var->protected_buf, var->header_length};
+ iovec_t protected_iovec = {var->protected_buf + var->header_length,
+ var->data_length + var->tag_length};
+ header_iovec.iov_base = nullptr;
+ grpc_status_code status =
+ alts_iovec_record_protocol_privacy_integrity_unprotect(
+ rp, header_iovec, &protected_iovec, 1, var->unprotected_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Header is nullptr."));
+ gpr_free(error_message);
+ header_iovec.iov_base = var->protected_buf;
+ /* Header buffer length is 0. */
+ header_iovec.iov_len = 0;
+ status = alts_iovec_record_protocol_privacy_integrity_unprotect(
+ rp, header_iovec, &protected_iovec, 1, var->unprotected_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Header length is incorrect."));
+ gpr_free(error_message);
+ header_iovec.iov_len = var->header_length;
+ /* Unprotected output buffer length is incorrect. */
+ iovec_t unprotected_iovec = {var->data_buf, var->data_length - 1};
+ status = alts_iovec_record_protocol_privacy_integrity_unprotect(
+ rp, header_iovec, &protected_iovec, 1, unprotected_iovec, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INVALID_ARGUMENT, error_message,
+ "Unprotected data size is incorrect."));
+ gpr_free(error_message);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+/* --- Integrity-only and privacy-integrity mixed. --- */
+
+static void record_protocol_wrong_mode(
+ alts_iovec_record_protocol* integrity_only_protect_rp,
+ alts_iovec_record_protocol* integrity_only_unprotect_rp,
+ alts_iovec_record_protocol* privacy_integrity_protect_rp,
+ alts_iovec_record_protocol* privacy_integrity_unprotect_rp) {
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ grpc_status_code status;
+ char* error_message = nullptr;
+ /* Call integrity-only protect on privacy-integrity record protocol. */
+ status = alts_iovec_record_protocol_integrity_only_protect(
+ privacy_integrity_protect_rp, var->data_iovec, var->data_iovec_length,
+ var->header_iovec, var->tag_iovec, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Integrity-only operations are not allowed for this object."));
+ gpr_free(error_message);
+ /* Call integrity-only unprotect on privacy-integrity record protocol. */
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ privacy_integrity_unprotect_rp, var->data_iovec, var->data_iovec_length,
+ var->header_iovec, var->tag_iovec, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Integrity-only operations are not allowed for this object."));
+ gpr_free(error_message);
+ /* Call privacy-integrity protect on integrity-only record protocol. */
+ status = alts_iovec_record_protocol_privacy_integrity_protect(
+ integrity_only_protect_rp, var->data_iovec, var->data_iovec_length,
+ var->protected_iovec, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Privacy-integrity operations are not allowed for this object."));
+ gpr_free(error_message);
+ /* Call privacy-integrity unprotect on integrity-only record protocol. */
+ status = alts_iovec_record_protocol_privacy_integrity_unprotect(
+ integrity_only_unprotect_rp, var->header_iovec, var->data_iovec,
+ var->data_iovec_length, var->unprotected_iovec, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_FAILED_PRECONDITION, error_message,
+ "Privacy-integrity operations are not allowed for this object."));
+ gpr_free(error_message);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+static void integrity_seal_privacy_unseal(
+ alts_iovec_record_protocol* integrity_only_sender,
+ alts_iovec_record_protocol* privacy_integrity_receiver) {
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ grpc_status_code status;
+ char* error_message = nullptr;
+ /* Seals with integrity-only protect. */
+ status = alts_iovec_record_protocol_integrity_only_protect(
+ integrity_only_sender, var->data_iovec, var->data_iovec_length,
+ var->header_iovec, var->tag_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ /* Unseal with privacy-integrity unprotect. */
+ memcpy(var->protected_buf, var->data_buf, var->data_length);
+ memcpy(var->protected_buf + var->data_length, var->tag_buf, var->tag_length);
+ iovec_t protected_iovec = {var->protected_buf,
+ var->data_length + var->tag_length};
+ status = alts_iovec_record_protocol_privacy_integrity_unprotect(
+ privacy_integrity_receiver, var->header_iovec, &protected_iovec, 1,
+ var->unprotected_iovec, &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INTERNAL, error_message, "Frame decryption failed."));
+ gpr_free(error_message);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+static void privacy_seal_integrity_unseal(
+ alts_iovec_record_protocol* privacy_integrity_sender,
+ alts_iovec_record_protocol* integrity_only_receiver) {
+ alts_iovec_record_protocol_test_var* var =
+ alts_iovec_record_protocol_test_var_create();
+ grpc_status_code status;
+ char* error_message = nullptr;
+ /* Seals with privacy-integrity protect. */
+ status = alts_iovec_record_protocol_privacy_integrity_protect(
+ privacy_integrity_sender, var->data_iovec, var->data_iovec_length,
+ var->protected_iovec, nullptr);
+ GPR_ASSERT(status == GRPC_STATUS_OK);
+ /* Unseal with integrity-only unprotect. */
+ iovec_t header_iovec = {var->protected_buf, var->header_length};
+ iovec_t data_iovec = {var->protected_buf + var->header_length,
+ var->data_length};
+ iovec_t tag_iovec = {
+ var->protected_buf + var->header_length + var->data_length,
+ var->tag_length};
+ status = alts_iovec_record_protocol_integrity_only_unprotect(
+ integrity_only_receiver, &data_iovec, 1, header_iovec, tag_iovec,
+ &error_message);
+ GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
+ status, GRPC_STATUS_INTERNAL, error_message,
+ "Frame tag verification failed."));
+ gpr_free(error_message);
+ alts_iovec_record_protocol_test_var_destroy(var);
+}
+
+/* --- Test cases. --- */
+
+static void alts_iovec_record_protocol_random_seal_unseal_tests() {
+ alts_iovec_record_protocol_test_fixture* fixture =
+ alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/true);
+ integrity_only_random_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ integrity_only_random_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/true);
+ integrity_only_random_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ integrity_only_random_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/false);
+ privacy_integrity_random_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ privacy_integrity_random_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/false);
+ privacy_integrity_random_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ privacy_integrity_random_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+}
+
+static void alts_iovec_record_protocol_empty_seal_unseal_tests() {
+ alts_iovec_record_protocol_test_fixture* fixture =
+ alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/true);
+ integrity_only_empty_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ integrity_only_empty_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/true);
+ integrity_only_empty_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ integrity_only_empty_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/false);
+ privacy_integrity_empty_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ privacy_integrity_empty_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/false);
+ privacy_integrity_empty_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ privacy_integrity_empty_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+}
+
+static void alts_iovec_record_protocol_unsync_seal_unseal_tests() {
+ alts_iovec_record_protocol_test_fixture* fixture =
+ alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/true);
+ integrity_only_unsync_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ integrity_only_unsync_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/true);
+ integrity_only_unsync_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ integrity_only_unsync_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/false);
+ privacy_integrity_unsync_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ privacy_integrity_unsync_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/false);
+ privacy_integrity_unsync_seal_unseal(fixture->client_protect,
+ fixture->server_unprotect);
+ privacy_integrity_unsync_seal_unseal(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+}
+
+static void alts_iovec_record_protocol_corrupted_data_tests() {
+ alts_iovec_record_protocol_test_fixture* fixture =
+ alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/true);
+ integrity_only_corrupted_data(fixture->client_protect,
+ fixture->server_unprotect);
+ integrity_only_corrupted_data(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/true);
+ integrity_only_corrupted_data(fixture->client_protect,
+ fixture->server_unprotect);
+ integrity_only_corrupted_data(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/false);
+ privacy_integrity_corrupted_data(fixture->client_protect,
+ fixture->server_unprotect);
+ privacy_integrity_corrupted_data(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/false);
+ privacy_integrity_corrupted_data(fixture->client_protect,
+ fixture->server_unprotect);
+ privacy_integrity_corrupted_data(fixture->server_protect,
+ fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+}
+
+static void alts_iovec_record_protocol_input_check_tests() {
+ alts_iovec_record_protocol_test_fixture* fixture =
+ alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/true);
+ integrity_only_protect_input_check(fixture->client_protect);
+ integrity_only_unprotect_input_check(fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/true);
+ integrity_only_protect_input_check(fixture->client_protect);
+ integrity_only_unprotect_input_check(fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/false);
+ privacy_integrity_protect_input_check(fixture->client_protect);
+ privacy_integrity_unprotect_input_check(fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+
+ fixture = alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/false);
+ privacy_integrity_protect_input_check(fixture->client_protect);
+ privacy_integrity_unprotect_input_check(fixture->client_unprotect);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture);
+}
+
+static void alts_iovec_record_protocol_mix_operations_tests() {
+ alts_iovec_record_protocol_test_fixture* fixture_1 =
+ alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/true);
+ alts_iovec_record_protocol_test_fixture* fixture_2 =
+ alts_iovec_record_protocol_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/false);
+
+ record_protocol_wrong_mode(
+ fixture_1->client_protect, fixture_1->client_unprotect,
+ fixture_2->client_protect, fixture_2->client_unprotect);
+ integrity_seal_privacy_unseal(fixture_1->client_protect,
+ fixture_2->server_unprotect);
+ privacy_seal_integrity_unseal(fixture_2->client_protect,
+ fixture_1->server_unprotect);
+
+ alts_iovec_record_protocol_test_fixture_destroy(fixture_1);
+ alts_iovec_record_protocol_test_fixture_destroy(fixture_2);
+}
+
+int main(int argc, char** argv) {
+ alts_iovec_record_protocol_random_seal_unseal_tests();
+ alts_iovec_record_protocol_empty_seal_unseal_tests();
+ alts_iovec_record_protocol_unsync_seal_unseal_tests();
+ alts_iovec_record_protocol_corrupted_data_tests();
+ alts_iovec_record_protocol_input_check_tests();
+ alts_iovec_record_protocol_mix_operations_tests();
+ return 0;
+}
diff --git a/test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc b/test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc
new file mode 100644
index 0000000..2388be9
--- /dev/null
+++ b/test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc
@@ -0,0 +1,289 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <grpc/slice_buffer.h>
+#include <grpc/support/alloc.h>
+#include <grpc/support/log.h>
+
+#include "src/core/lib/slice/slice_internal.h"
+#include "src/core/tsi/alts/crypt/gsec.h"
+#include "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h"
+#include "src/core/tsi/transport_security_grpc.h"
+#include "test/core/tsi/alts/crypt/gsec_test_util.h"
+
+/* TODO: tests zero_copy_grpc_protector under TSI test library, which
+ * has more comprehensive tests. */
+
+constexpr size_t kSealRepeatTimes = 50;
+constexpr size_t kSmallBufferSize = 16;
+constexpr size_t kLargeBufferSize = 16384;
+constexpr size_t kChannelMaxSize = 2048;
+constexpr size_t kChannelMinSize = 128;
+
+/* Test fixtures for each test cases. */
+struct alts_zero_copy_grpc_protector_test_fixture {
+ tsi_zero_copy_grpc_protector* client;
+ tsi_zero_copy_grpc_protector* server;
+};
+
+/* Test input variables for protect/unprotect operations. */
+struct alts_zero_copy_grpc_protector_test_var {
+ grpc_slice_buffer original_sb;
+ grpc_slice_buffer duplicate_sb;
+ grpc_slice_buffer staging_sb;
+ grpc_slice_buffer protected_sb;
+ grpc_slice_buffer unprotected_sb;
+};
+
+/* --- Test utility functions. --- */
+
+static void create_random_slice_buffer(grpc_slice_buffer* sb,
+ grpc_slice_buffer* dup_sb,
+ size_t length) {
+ GPR_ASSERT(sb != nullptr);
+ GPR_ASSERT(dup_sb != nullptr);
+ GPR_ASSERT(length > 0);
+ grpc_slice slice = GRPC_SLICE_MALLOC(length);
+ gsec_test_random_bytes(GRPC_SLICE_START_PTR(slice), length);
+ grpc_slice_buffer_add(sb, grpc_slice_ref(slice));
+ grpc_slice_buffer_add(dup_sb, slice);
+}
+
+static uint8_t* pointer_to_nth_byte(grpc_slice_buffer* sb, size_t index) {
+ GPR_ASSERT(sb != nullptr);
+ GPR_ASSERT(index < sb->length);
+ for (size_t i = 0; i < sb->count; i++) {
+ if (index < GRPC_SLICE_LENGTH(sb->slices[i])) {
+ return GRPC_SLICE_START_PTR(sb->slices[i]) + index;
+ } else {
+ index -= GRPC_SLICE_LENGTH(sb->slices[i]);
+ }
+ }
+ return nullptr;
+}
+
+/* Checks if two slice buffer contents are the same. It is not super efficient,
+ * but OK for testing. */
+static bool are_slice_buffers_equal(grpc_slice_buffer* first,
+ grpc_slice_buffer* second) {
+ GPR_ASSERT(first != nullptr);
+ GPR_ASSERT(second != nullptr);
+ if (first->length != second->length) {
+ return false;
+ }
+ for (size_t i = 0; i < first->length; i++) {
+ uint8_t* first_ptr = pointer_to_nth_byte(first, i);
+ uint8_t* second_ptr = pointer_to_nth_byte(second, i);
+ GPR_ASSERT(first_ptr != nullptr && second_ptr != nullptr);
+ if ((*first_ptr) != (*second_ptr)) {
+ return false;
+ }
+ }
+ return true;
+}
+
+static alts_zero_copy_grpc_protector_test_fixture*
+alts_zero_copy_grpc_protector_test_fixture_create(bool rekey,
+ bool integrity_only) {
+ alts_zero_copy_grpc_protector_test_fixture* fixture =
+ static_cast<alts_zero_copy_grpc_protector_test_fixture*>(
+ gpr_zalloc(sizeof(alts_zero_copy_grpc_protector_test_fixture)));
+ grpc_core::ExecCtx exec_ctx;
+ size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength;
+ uint8_t* key;
+ size_t max_protected_frame_size = 1024;
+ gsec_test_random_array(&key, key_length);
+ GPR_ASSERT(alts_zero_copy_grpc_protector_create(
+ key, key_length, rekey, /*is_client=*/true, integrity_only,
+ &max_protected_frame_size, &fixture->client) == TSI_OK);
+ GPR_ASSERT(alts_zero_copy_grpc_protector_create(
+ key, key_length, rekey, /*is_client=*/false, integrity_only,
+ &max_protected_frame_size, &fixture->server) == TSI_OK);
+ gpr_free(key);
+ grpc_core::ExecCtx::Get()->Flush();
+ return fixture;
+}
+
+static void alts_zero_copy_grpc_protector_test_fixture_destroy(
+ alts_zero_copy_grpc_protector_test_fixture* fixture) {
+ if (fixture == nullptr) {
+ return;
+ }
+ grpc_core::ExecCtx exec_ctx;
+ tsi_zero_copy_grpc_protector_destroy(fixture->client);
+ tsi_zero_copy_grpc_protector_destroy(fixture->server);
+ grpc_core::ExecCtx::Get()->Flush();
+ gpr_free(fixture);
+}
+
+static alts_zero_copy_grpc_protector_test_var*
+alts_zero_copy_grpc_protector_test_var_create() {
+ alts_zero_copy_grpc_protector_test_var* var =
+ static_cast<alts_zero_copy_grpc_protector_test_var*>(
+ gpr_zalloc(sizeof(alts_zero_copy_grpc_protector_test_var)));
+ grpc_slice_buffer_init(&var->original_sb);
+ grpc_slice_buffer_init(&var->duplicate_sb);
+ grpc_slice_buffer_init(&var->staging_sb);
+ grpc_slice_buffer_init(&var->protected_sb);
+ grpc_slice_buffer_init(&var->unprotected_sb);
+ return var;
+}
+
+static void alts_zero_copy_grpc_protector_test_var_destroy(
+ alts_zero_copy_grpc_protector_test_var* var) {
+ if (var == nullptr) {
+ return;
+ }
+ grpc_slice_buffer_destroy_internal(&var->original_sb);
+ grpc_slice_buffer_destroy_internal(&var->duplicate_sb);
+ grpc_slice_buffer_destroy_internal(&var->staging_sb);
+ grpc_slice_buffer_destroy_internal(&var->protected_sb);
+ grpc_slice_buffer_destroy_internal(&var->unprotected_sb);
+ gpr_free(var);
+}
+
+/* --- ALTS zero-copy protector tests. --- */
+
+static void seal_unseal_small_buffer(tsi_zero_copy_grpc_protector* sender,
+ tsi_zero_copy_grpc_protector* receiver) {
+ grpc_core::ExecCtx exec_ctx;
+ for (size_t i = 0; i < kSealRepeatTimes; i++) {
+ alts_zero_copy_grpc_protector_test_var* var =
+ alts_zero_copy_grpc_protector_test_var_create();
+ /* Creates a random small slice buffer and calls protect(). */
+ create_random_slice_buffer(&var->original_sb, &var->duplicate_sb,
+ kSmallBufferSize);
+ GPR_ASSERT(tsi_zero_copy_grpc_protector_protect(
+ sender, &var->original_sb, &var->protected_sb) == TSI_OK);
+ /* Splits protected slice buffer into two: first one is staging_sb, and
+ * second one is is protected_sb. */
+ uint32_t staging_sb_size =
+ gsec_test_bias_random_uint32(
+ static_cast<uint32_t>(var->protected_sb.length - 1)) +
+ 1;
+ grpc_slice_buffer_move_first(&var->protected_sb, staging_sb_size,
+ &var->staging_sb);
+ /* Unprotects one by one. */
+ GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect(
+ receiver, &var->staging_sb, &var->unprotected_sb) == TSI_OK);
+ GPR_ASSERT(var->unprotected_sb.length == 0);
+ GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect(
+ receiver, &var->protected_sb, &var->unprotected_sb) ==
+ TSI_OK);
+ GPR_ASSERT(
+ are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb));
+ alts_zero_copy_grpc_protector_test_var_destroy(var);
+ }
+ grpc_core::ExecCtx::Get()->Flush();
+}
+
+static void seal_unseal_large_buffer(tsi_zero_copy_grpc_protector* sender,
+ tsi_zero_copy_grpc_protector* receiver) {
+ grpc_core::ExecCtx exec_ctx;
+ for (size_t i = 0; i < kSealRepeatTimes; i++) {
+ alts_zero_copy_grpc_protector_test_var* var =
+ alts_zero_copy_grpc_protector_test_var_create();
+ /* Creates a random large slice buffer and calls protect(). */
+ create_random_slice_buffer(&var->original_sb, &var->duplicate_sb,
+ kLargeBufferSize);
+ GPR_ASSERT(tsi_zero_copy_grpc_protector_protect(
+ sender, &var->original_sb, &var->protected_sb) == TSI_OK);
+ /* Splits protected slice buffer into multiple pieces. Receiver unprotects
+ * each slice buffer one by one. */
+ uint32_t channel_size = gsec_test_bias_random_uint32(static_cast<uint32_t>(
+ kChannelMaxSize + 1 - kChannelMinSize)) +
+ static_cast<uint32_t>(kChannelMinSize);
+ while (var->protected_sb.length > channel_size) {
+ grpc_slice_buffer_reset_and_unref_internal(&var->staging_sb);
+ grpc_slice_buffer_move_first(&var->protected_sb, channel_size,
+ &var->staging_sb);
+ GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect(
+ receiver, &var->staging_sb, &var->unprotected_sb) ==
+ TSI_OK);
+ }
+ GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect(
+ receiver, &var->protected_sb, &var->unprotected_sb) ==
+ TSI_OK);
+ GPR_ASSERT(
+ are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb));
+ alts_zero_copy_grpc_protector_test_var_destroy(var);
+ }
+ grpc_core::ExecCtx::Get()->Flush();
+}
+
+/* --- Test cases. --- */
+
+static void alts_zero_copy_protector_seal_unseal_small_buffer_tests() {
+ alts_zero_copy_grpc_protector_test_fixture* fixture =
+ alts_zero_copy_grpc_protector_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/true);
+ seal_unseal_small_buffer(fixture->client, fixture->server);
+ seal_unseal_small_buffer(fixture->server, fixture->client);
+ alts_zero_copy_grpc_protector_test_fixture_destroy(fixture);
+
+ fixture = alts_zero_copy_grpc_protector_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/false);
+ seal_unseal_small_buffer(fixture->client, fixture->server);
+ seal_unseal_small_buffer(fixture->server, fixture->client);
+ alts_zero_copy_grpc_protector_test_fixture_destroy(fixture);
+
+ fixture = alts_zero_copy_grpc_protector_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/true);
+ seal_unseal_small_buffer(fixture->client, fixture->server);
+ seal_unseal_small_buffer(fixture->server, fixture->client);
+ alts_zero_copy_grpc_protector_test_fixture_destroy(fixture);
+
+ fixture = alts_zero_copy_grpc_protector_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/false);
+ seal_unseal_small_buffer(fixture->client, fixture->server);
+ seal_unseal_small_buffer(fixture->server, fixture->client);
+ alts_zero_copy_grpc_protector_test_fixture_destroy(fixture);
+}
+
+static void alts_zero_copy_protector_seal_unseal_large_buffer_tests() {
+ alts_zero_copy_grpc_protector_test_fixture* fixture =
+ alts_zero_copy_grpc_protector_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/true);
+ seal_unseal_large_buffer(fixture->client, fixture->server);
+ seal_unseal_large_buffer(fixture->server, fixture->client);
+ alts_zero_copy_grpc_protector_test_fixture_destroy(fixture);
+
+ fixture = alts_zero_copy_grpc_protector_test_fixture_create(
+ /*rekey=*/false, /*integrity_only=*/false);
+ seal_unseal_large_buffer(fixture->client, fixture->server);
+ seal_unseal_large_buffer(fixture->server, fixture->client);
+ alts_zero_copy_grpc_protector_test_fixture_destroy(fixture);
+
+ fixture = alts_zero_copy_grpc_protector_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/true);
+ seal_unseal_large_buffer(fixture->client, fixture->server);
+ seal_unseal_large_buffer(fixture->server, fixture->client);
+ alts_zero_copy_grpc_protector_test_fixture_destroy(fixture);
+
+ fixture = alts_zero_copy_grpc_protector_test_fixture_create(
+ /*rekey=*/true, /*integrity_only=*/false);
+ seal_unseal_large_buffer(fixture->client, fixture->server);
+ seal_unseal_large_buffer(fixture->server, fixture->client);
+ alts_zero_copy_grpc_protector_test_fixture_destroy(fixture);
+}
+
+int main(int argc, char** argv) {
+ alts_zero_copy_protector_seal_unseal_small_buffer_tests();
+ alts_zero_copy_protector_seal_unseal_large_buffer_tests();
+ return 0;
+}
diff --git a/test/core/tsi/fake_transport_security_test.cc b/test/core/tsi/fake_transport_security_test.cc
index bec81ed..5e66719 100644
--- a/test/core/tsi/fake_transport_security_test.cc
+++ b/test/core/tsi/fake_transport_security_test.cc
@@ -107,7 +107,7 @@
tsi_test_frame_protector_config_destroy(fake_fixture->base.config);
fake_fixture->base.config = tsi_test_frame_protector_config_create(
bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4],
- bit_array[5], bit_array[6], bit_array[7]);
+ bit_array[5], bit_array[6]);
tsi_test_do_round_trip(&fake_fixture->base);
tsi_test_fixture_destroy(fixture);
}
diff --git a/test/core/tsi/ssl_transport_security_test.cc b/test/core/tsi/ssl_transport_security_test.cc
index 8f255a3..d9eb747 100644
--- a/test/core/tsi/ssl_transport_security_test.cc
+++ b/test/core/tsi/ssl_transport_security_test.cc
@@ -528,7 +528,7 @@
tsi_test_frame_protector_config_destroy(ssl_fixture->base.config);
ssl_fixture->base.config = tsi_test_frame_protector_config_create(
bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4],
- bit_array[5], bit_array[6], bit_array[7]);
+ bit_array[5], bit_array[6]);
tsi_test_do_round_trip(&ssl_fixture->base);
tsi_test_fixture_destroy(fixture);
}
diff --git a/test/core/tsi/transport_security_test_lib.cc b/test/core/tsi/transport_security_test_lib.cc
index 8ea83f7..26349db 100644
--- a/test/core/tsi/transport_security_test_lib.cc
+++ b/test/core/tsi/transport_security_test_lib.cc
@@ -110,27 +110,29 @@
fixture->vtable->check_handshaker_peers(fixture);
/* Check unused bytes. */
if (fixture->test_unused_bytes) {
+ tsi_test_channel* channel = fixture->channel;
if (fixture->server_result != nullptr &&
fixture->client_result != nullptr) {
check_unused_bytes(fixture);
}
- fixture->bytes_written_to_server_channel = 0;
- fixture->bytes_written_to_client_channel = 0;
- fixture->bytes_read_from_client_channel = 0;
- fixture->bytes_read_from_server_channel = 0;
+ channel->bytes_written_to_server_channel = 0;
+ channel->bytes_written_to_client_channel = 0;
+ channel->bytes_read_from_client_channel = 0;
+ channel->bytes_read_from_server_channel = 0;
}
}
-static void send_bytes_to_peer(tsi_test_fixture* fixture,
+static void send_bytes_to_peer(tsi_test_channel* test_channel,
const unsigned char* buf, size_t buf_size,
bool is_client) {
- GPR_ASSERT(fixture != nullptr);
+ GPR_ASSERT(test_channel != nullptr);
GPR_ASSERT(buf != nullptr);
uint8_t* channel =
- is_client ? fixture->server_channel : fixture->client_channel;
+ is_client ? test_channel->server_channel : test_channel->client_channel;
GPR_ASSERT(channel != nullptr);
- size_t* bytes_written = is_client ? &fixture->bytes_written_to_server_channel
- : &fixture->bytes_written_to_client_channel;
+ size_t* bytes_written = is_client
+ ? &test_channel->bytes_written_to_server_channel
+ : &test_channel->bytes_written_to_client_channel;
GPR_ASSERT(bytes_written != nullptr);
GPR_ASSERT(*bytes_written + buf_size <= TSI_TEST_DEFAULT_CHANNEL_SIZE);
/* Write data to channel. */
@@ -145,7 +147,8 @@
if (fixture->test_unused_bytes && !args->appended_unused_bytes) {
args->appended_unused_bytes = true;
send_bytes_to_peer(
- fixture, reinterpret_cast<const unsigned char*>(TSI_TEST_UNUSED_BYTES),
+ fixture->channel,
+ reinterpret_cast<const unsigned char*>(TSI_TEST_UNUSED_BYTES),
strlen(TSI_TEST_UNUSED_BYTES), args->is_client);
if (fixture->client_result != nullptr &&
fixture->server_result == nullptr) {
@@ -154,19 +157,21 @@
}
}
-static void receive_bytes_from_peer(tsi_test_fixture* fixture,
+static void receive_bytes_from_peer(tsi_test_channel* test_channel,
unsigned char** buf, size_t* buf_size,
bool is_client) {
- GPR_ASSERT(fixture != nullptr);
+ GPR_ASSERT(test_channel != nullptr);
GPR_ASSERT(*buf != nullptr);
GPR_ASSERT(buf_size != nullptr);
uint8_t* channel =
- is_client ? fixture->client_channel : fixture->server_channel;
+ is_client ? test_channel->client_channel : test_channel->server_channel;
GPR_ASSERT(channel != nullptr);
- size_t* bytes_read = is_client ? &fixture->bytes_read_from_client_channel
- : &fixture->bytes_read_from_server_channel;
- size_t* bytes_written = is_client ? &fixture->bytes_written_to_client_channel
- : &fixture->bytes_written_to_server_channel;
+ size_t* bytes_read = is_client
+ ? &test_channel->bytes_read_from_client_channel
+ : &test_channel->bytes_read_from_server_channel;
+ size_t* bytes_written = is_client
+ ? &test_channel->bytes_written_to_client_channel
+ : &test_channel->bytes_written_to_server_channel;
GPR_ASSERT(bytes_read != nullptr);
GPR_ASSERT(bytes_written != nullptr);
size_t to_read = *buf_size < *bytes_written - *bytes_read
@@ -178,14 +183,13 @@
*bytes_read += to_read;
}
-static void send_message_to_peer(tsi_test_fixture* fixture,
- tsi_frame_protector* protector,
- bool is_client) {
+void tsi_test_frame_protector_send_message_to_peer(
+ tsi_test_frame_protector_config* config, tsi_test_channel* channel,
+ tsi_frame_protector* protector, bool is_client) {
/* Initialization. */
- GPR_ASSERT(fixture != nullptr);
- GPR_ASSERT(fixture->config != nullptr);
+ GPR_ASSERT(config != nullptr);
+ GPR_ASSERT(channel != nullptr);
GPR_ASSERT(protector != nullptr);
- tsi_test_frame_protector_config* config = fixture->config;
unsigned char* protected_buffer =
static_cast<unsigned char*>(gpr_zalloc(config->protected_buffer_size));
size_t message_size =
@@ -205,7 +209,7 @@
&protected_buffer_size_to_send);
GPR_ASSERT(result == TSI_OK);
/* Send protected data to peer. */
- send_bytes_to_peer(fixture, protected_buffer, protected_buffer_size_to_send,
+ send_bytes_to_peer(channel, protected_buffer, protected_buffer_size_to_send,
is_client);
message_bytes += processed_message_size;
message_size -= processed_message_size;
@@ -218,7 +222,7 @@
protector, protected_buffer, &protected_buffer_size_to_send,
&still_pending_size);
GPR_ASSERT(result == TSI_OK);
- send_bytes_to_peer(fixture, protected_buffer,
+ send_bytes_to_peer(channel, protected_buffer,
protected_buffer_size_to_send, is_client);
} while (still_pending_size > 0 && result == TSI_OK);
GPR_ASSERT(result == TSI_OK);
@@ -228,17 +232,16 @@
gpr_free(protected_buffer);
}
-static void receive_message_from_peer(tsi_test_fixture* fixture,
- tsi_frame_protector* protector,
- unsigned char* message,
- size_t* bytes_received, bool is_client) {
+void tsi_test_frame_protector_receive_message_from_peer(
+ tsi_test_frame_protector_config* config, tsi_test_channel* channel,
+ tsi_frame_protector* protector, unsigned char* message,
+ size_t* bytes_received, bool is_client) {
/* Initialization. */
- GPR_ASSERT(fixture != nullptr);
+ GPR_ASSERT(config != nullptr);
+ GPR_ASSERT(channel != nullptr);
GPR_ASSERT(protector != nullptr);
GPR_ASSERT(message != nullptr);
GPR_ASSERT(bytes_received != nullptr);
- GPR_ASSERT(fixture->config != nullptr);
- tsi_test_frame_protector_config* config = fixture->config;
size_t read_offset = 0;
size_t message_offset = 0;
size_t read_from_peer_size = 0;
@@ -253,7 +256,7 @@
/* Receive data from peer. */
if (read_from_peer_size == 0) {
read_from_peer_size = config->read_buffer_allocated_size;
- receive_bytes_from_peer(fixture, &read_buffer, &read_from_peer_size,
+ receive_bytes_from_peer(channel, &read_buffer, &read_from_peer_size,
is_client);
read_offset = 0;
}
@@ -314,7 +317,7 @@
}
/* Send data to peer, if needed. */
if (bytes_to_send_size > 0) {
- send_bytes_to_peer(args->fixture, bytes_to_send, bytes_to_send_size,
+ send_bytes_to_peer(fixture->channel, bytes_to_send, bytes_to_send_size,
args->is_client);
args->transferred_data = true;
}
@@ -361,8 +364,8 @@
/* Receive data from peer, if available. */
do {
size_t buf_size = args->handshake_buffer_size;
- receive_bytes_from_peer(args->fixture, &args->handshake_buffer, &buf_size,
- args->is_client);
+ receive_bytes_from_peer(fixture->channel, &args->handshake_buffer,
+ &buf_size, args->is_client);
if (buf_size > 0) {
args->transferred_data = true;
}
@@ -411,6 +414,50 @@
handshaker_args_destroy(server_args);
}
+static void tsi_test_do_ping_pong(tsi_test_frame_protector_config* config,
+ tsi_test_channel* channel,
+ tsi_frame_protector* client_frame_protector,
+ tsi_frame_protector* server_frame_protector) {
+ GPR_ASSERT(config != nullptr);
+ GPR_ASSERT(channel != nullptr);
+ GPR_ASSERT(client_frame_protector != nullptr);
+ GPR_ASSERT(server_frame_protector != nullptr);
+ /* Client sends a message to server. */
+ tsi_test_frame_protector_send_message_to_peer(
+ config, channel, client_frame_protector, true /* is_client */);
+ unsigned char* server_received_message =
+ static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE));
+ size_t server_received_message_size = 0;
+ tsi_test_frame_protector_receive_message_from_peer(
+ config, channel, server_frame_protector, server_received_message,
+ &server_received_message_size, false /* is_client */);
+ GPR_ASSERT(config->client_message_size == server_received_message_size);
+ GPR_ASSERT(memcmp(config->client_message, server_received_message,
+ server_received_message_size) == 0);
+ /* Server sends a message to client. */
+ tsi_test_frame_protector_send_message_to_peer(
+ config, channel, server_frame_protector, false /* is_client */);
+ unsigned char* client_received_message =
+ static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE));
+ size_t client_received_message_size = 0;
+ tsi_test_frame_protector_receive_message_from_peer(
+ config, channel, client_frame_protector, client_received_message,
+ &client_received_message_size, true /* is_client */);
+ GPR_ASSERT(config->server_message_size == client_received_message_size);
+ GPR_ASSERT(memcmp(config->server_message, client_received_message,
+ client_received_message_size) == 0);
+ gpr_free(server_received_message);
+ gpr_free(client_received_message);
+}
+
+void tsi_test_frame_protector_do_round_trip_no_handshake(
+ tsi_test_frame_protector_fixture* fixture) {
+ GPR_ASSERT(fixture != nullptr);
+ tsi_test_do_ping_pong(fixture->config, fixture->channel,
+ fixture->client_frame_protector,
+ fixture->server_frame_protector);
+}
+
void tsi_test_do_round_trip(tsi_test_fixture* fixture) {
/* Initialization. */
GPR_ASSERT(fixture != nullptr);
@@ -437,33 +484,11 @@
? nullptr
: &server_max_output_protected_frame_size,
&server_frame_protector) == TSI_OK);
- /* Client sends a message to server. */
- send_message_to_peer(fixture, client_frame_protector, true /* is_client */);
- unsigned char* server_received_message =
- static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE));
- size_t server_received_message_size = 0;
- receive_message_from_peer(
- fixture, server_frame_protector, server_received_message,
- &server_received_message_size, false /* is_client */);
- GPR_ASSERT(config->client_message_size == server_received_message_size);
- GPR_ASSERT(memcmp(config->client_message, server_received_message,
- server_received_message_size) == 0);
- /* Server sends a message to client. */
- send_message_to_peer(fixture, server_frame_protector, false /* is_client */);
- unsigned char* client_received_message =
- static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE));
- size_t client_received_message_size = 0;
- receive_message_from_peer(
- fixture, client_frame_protector, client_received_message,
- &client_received_message_size, true /* is_client */);
- GPR_ASSERT(config->server_message_size == client_received_message_size);
- GPR_ASSERT(memcmp(config->server_message, client_received_message,
- client_received_message_size) == 0);
+ tsi_test_do_ping_pong(config, fixture->channel, client_frame_protector,
+ server_frame_protector);
/* Destroy server and client frame protectors. */
tsi_frame_protector_destroy(client_frame_protector);
tsi_frame_protector_destroy(server_frame_protector);
- gpr_free(server_received_message);
- gpr_free(client_received_message);
}
static unsigned char* generate_random_message(size_t size) {
@@ -483,8 +508,7 @@
bool use_default_protected_buffer_size, bool use_default_client_message,
bool use_default_server_message,
bool use_default_client_max_output_protected_frame_size,
- bool use_default_server_max_output_protected_frame_size,
- bool use_default_handshake_buffer_size) {
+ bool use_default_server_max_output_protected_frame_size) {
tsi_test_frame_protector_config* config =
static_cast<tsi_test_frame_protector_config*>(
gpr_zalloc(sizeof(*config)));
@@ -552,24 +576,42 @@
void tsi_test_frame_protector_config_destroy(
tsi_test_frame_protector_config* config) {
- GPR_ASSERT(config != nullptr);
+ if (config == nullptr) {
+ return;
+ }
gpr_free(config->client_message);
gpr_free(config->server_message);
gpr_free(config);
}
+static tsi_test_channel* tsi_test_channel_create() {
+ tsi_test_channel* channel =
+ static_cast<tsi_test_channel*>(gpr_zalloc(sizeof(*channel)));
+ channel->client_channel =
+ static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE));
+ channel->server_channel =
+ static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE));
+ channel->bytes_written_to_client_channel = 0;
+ channel->bytes_written_to_server_channel = 0;
+ channel->bytes_read_from_client_channel = 0;
+ channel->bytes_read_from_server_channel = 0;
+ return channel;
+}
+
+static void tsi_test_channel_destroy(tsi_test_channel* channel) {
+ if (channel == nullptr) {
+ return;
+ }
+ gpr_free(channel->client_channel);
+ gpr_free(channel->server_channel);
+ gpr_free(channel);
+}
+
void tsi_test_fixture_init(tsi_test_fixture* fixture) {
fixture->config = tsi_test_frame_protector_config_create(
- true, true, true, true, true, true, true, true);
+ true, true, true, true, true, true, true);
fixture->handshake_buffer_size = TSI_TEST_DEFAULT_BUFFER_SIZE;
- fixture->client_channel =
- static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE));
- fixture->server_channel =
- static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE));
- fixture->bytes_written_to_client_channel = 0;
- fixture->bytes_written_to_server_channel = 0;
- fixture->bytes_read_from_client_channel = 0;
- fixture->bytes_read_from_server_channel = 0;
+ fixture->channel = tsi_test_channel_create();
fixture->test_unused_bytes = true;
fixture->has_client_finished_first = false;
gpr_mu_init(&fixture->mu);
@@ -578,14 +620,15 @@
}
void tsi_test_fixture_destroy(tsi_test_fixture* fixture) {
- GPR_ASSERT(fixture != nullptr);
+ if (fixture == nullptr) {
+ return;
+ }
tsi_test_frame_protector_config_destroy(fixture->config);
tsi_handshaker_destroy(fixture->client_handshaker);
tsi_handshaker_destroy(fixture->server_handshaker);
tsi_handshaker_result_destroy(fixture->client_result);
tsi_handshaker_result_destroy(fixture->server_result);
- gpr_free(fixture->client_channel);
- gpr_free(fixture->server_channel);
+ tsi_test_channel_destroy(fixture->channel);
GPR_ASSERT(fixture->vtable != nullptr);
GPR_ASSERT(fixture->vtable->destruct != nullptr);
fixture->vtable->destruct(fixture);
@@ -593,3 +636,34 @@
gpr_cv_destroy(&fixture->cv);
gpr_free(fixture);
}
+
+tsi_test_frame_protector_fixture* tsi_test_frame_protector_fixture_create() {
+ tsi_test_frame_protector_fixture* fixture =
+ static_cast<tsi_test_frame_protector_fixture*>(
+ gpr_zalloc(sizeof(*fixture)));
+ fixture->config = tsi_test_frame_protector_config_create(
+ true, true, true, true, true, true, true);
+ fixture->channel = tsi_test_channel_create();
+ return fixture;
+}
+
+void tsi_test_frame_protector_fixture_init(
+ tsi_test_frame_protector_fixture* fixture,
+ tsi_frame_protector* client_frame_protector,
+ tsi_frame_protector* server_frame_protector) {
+ GPR_ASSERT(fixture != nullptr);
+ fixture->client_frame_protector = client_frame_protector;
+ fixture->server_frame_protector = server_frame_protector;
+}
+
+void tsi_test_frame_protector_fixture_destroy(
+ tsi_test_frame_protector_fixture* fixture) {
+ if (fixture == nullptr) {
+ return;
+ }
+ tsi_test_frame_protector_config_destroy(fixture->config);
+ tsi_test_channel_destroy(fixture->channel);
+ tsi_frame_protector_destroy(fixture->client_frame_protector);
+ tsi_frame_protector_destroy(fixture->server_frame_protector);
+ gpr_free(fixture);
+}
diff --git a/test/core/tsi/transport_security_test_lib.h b/test/core/tsi/transport_security_test_lib.h
index 9b07448..b6a431f 100644
--- a/test/core/tsi/transport_security_test_lib.h
+++ b/test/core/tsi/transport_security_test_lib.h
@@ -35,8 +35,8 @@
#define TSI_TEST_DEFAULT_CHANNEL_SIZE 32768
#define TSI_TEST_BIG_MESSAGE_SIZE 17000
#define TSI_TEST_SMALL_MESSAGE_SIZE 10
-#define TSI_TEST_NUM_OF_ARGUMENTS 8
-#define TSI_TEST_NUM_OF_COMBINATIONS 256
+#define TSI_TEST_NUM_OF_ARGUMENTS 7
+#define TSI_TEST_NUM_OF_COMBINATIONS 128
#define TSI_TEST_UNUSED_BYTES "HELLO GOOGLE"
/* --- tsi_test_fixture object ---
@@ -46,12 +46,22 @@
protect/unprotect operations with respect to TSI implementations. */
typedef struct tsi_test_fixture tsi_test_fixture;
-/* --- tsi_test_frame_protector_config object ---
+/* --- tsi_test_frame_protector_fixture object ---
+ The object wraps all necessary information used to test correctness of TSI
+ frame protector implementations. */
+typedef struct tsi_test_frame_protector_fixture
+ tsi_test_frame_protector_fixture;
+/* --- tsi_test_frame_protector_config object ---
This object is used to configure different parameters of TSI frame protector
APIs. */
typedef struct tsi_test_frame_protector_config tsi_test_frame_protector_config;
+/* --- tsi_test_channel object ---
+ This object represents simulated channels between the client and server
+ from/to which they could read/write the exchanged information. */
+typedef struct tsi_test_channel tsi_test_channel;
+
/* V-table for tsi_test_fixture operations that are implemented differently in
different TSI implementations. */
typedef struct tsi_test_fixture_vtable {
@@ -73,17 +83,8 @@
tsi_handshaker_result* server_result;
/* size of buffer used to store data received from the peer. */
size_t handshake_buffer_size;
- /* simulated channels between client and server. If the server (client)
- wants to send data to the client (server), he will write data to
- client_channel (server_channel), which will be read by client (server). */
- uint8_t* client_channel;
- uint8_t* server_channel;
- /* size of data written to the client/server channel. */
- size_t bytes_written_to_client_channel;
- size_t bytes_written_to_server_channel;
- /* size of data read from the client/server channel */
- size_t bytes_read_from_client_channel;
- size_t bytes_read_from_server_channel;
+ /* tsi_test_channel instance. */
+ tsi_test_channel* channel;
/* tsi_test_frame_protector_config instance */
tsi_test_frame_protector_config* config;
/* a flag indicating if client has finished TSI handshake first (i.e., before
@@ -106,6 +107,30 @@
bool notified;
};
+struct tsi_test_frame_protector_fixture {
+ /* client/server TSI frame protectors whose ownership are transferred. */
+ tsi_frame_protector* client_frame_protector;
+ tsi_frame_protector* server_frame_protector;
+ /* tsi_test_channel instance. */
+ tsi_test_channel* channel;
+ /* tsi_test_frame_protector_config instance */
+ tsi_test_frame_protector_config* config;
+};
+
+struct tsi_test_channel {
+ /* simulated channels between client and server. If the server (client)
+ wants to send data to the client (server), he will write data to
+ client_channel (server_channel), which will be read by client (server). */
+ uint8_t* client_channel;
+ uint8_t* server_channel;
+ /* size of data written to the client/server channel. */
+ size_t bytes_written_to_client_channel;
+ size_t bytes_written_to_server_channel;
+ /* size of data read from the client/server channel */
+ size_t bytes_read_from_client_channel;
+ size_t bytes_read_from_server_channel;
+};
+
struct tsi_test_frame_protector_config {
/* size of buffer used to store protected frames to be unprotected. */
size_t read_buffer_allocated_size;
@@ -135,8 +160,7 @@
bool use_default_protected_buffer_size, bool use_default_client_message,
bool use_default_server_message,
bool use_default_client_max_output_protected_frame_size,
- bool use_default_server_max_output_protected_frame_size,
- bool use_default_handshake_buffer_size);
+ bool use_default_server_max_output_protected_frame_size);
/* This method sets different buffer and frame sizes of a
tsi_test_frame_protector_config instance with user provided values. */
@@ -160,6 +184,35 @@
this function. */
void tsi_test_fixture_destroy(tsi_test_fixture* fixture);
+/* This method creates a tsi_test_frame_protector_fixture instance. */
+tsi_test_frame_protector_fixture* tsi_test_frame_protector_fixture_create();
+
+/* This method initializes members of tsi_test_frame_protector_fixture instance.
+ Note that the struct instance should be allocated before making
+ this call. */
+void tsi_test_frame_protector_fixture_init(
+ tsi_test_frame_protector_fixture* fixture,
+ tsi_frame_protector* client_frame_protector,
+ tsi_frame_protector* server_frame_protector);
+
+/* This method destroys a tsi_test_frame_protector_fixture instance. Note that
+ the fixture intance must be dynamically allocated and will be freed by this
+ function. */
+void tsi_test_frame_protector_fixture_destroy(
+ tsi_test_frame_protector_fixture* fixture);
+
+/* This method performs a protect opeation on raw data and sends the result to
+ peer. */
+void tsi_test_frame_protector_send_message_to_peer(
+ tsi_test_frame_protector_config* config, tsi_test_channel* channel,
+ tsi_frame_protector* protector, bool is_client);
+
+/* This method receives message from peer and unprotects it. */
+void tsi_test_frame_protector_receive_message_from_peer(
+ tsi_test_frame_protector_config* config, tsi_test_channel* channel,
+ tsi_frame_protector* protector, unsigned char* message,
+ size_t* bytes_received, bool is_client);
+
/* This method performs a full TSI handshake between a client and a server.
Note that the test library will implement the new TSI handshaker API to
perform handshakes. */
@@ -171,4 +224,8 @@
the client and server switching its role. */
void tsi_test_do_round_trip(tsi_test_fixture* fixture);
+/* This method performs the above round trip test without doing handshakes. */
+void tsi_test_frame_protector_do_round_trip_no_handshake(
+ tsi_test_frame_protector_fixture* fixture);
+
#endif // GRPC_TEST_CORE_TSI_TRANSPORT_SECURITY_TEST_LIB_H_
diff --git a/third_party/nanopb/pb.h b/third_party/nanopb/pb.h
index 4576f79..62dca73 100644
--- a/third_party/nanopb/pb.h
+++ b/third_party/nanopb/pb.h
@@ -25,7 +25,7 @@
/* #define PB_FIELD_16BIT 1 */
/* Add support for tag numbers > 65536 and fields larger than 65536 bytes. */
-/* #define PB_FIELD_32BIT 1 */
+/* #define PB_FIELD_32BIT 1 */
/* Disable support for error messages in order to save some code space. */
/* #define PB_NO_ERRMSG 1 */
diff --git a/tools/codegen/core/gen_nano_proto.sh b/tools/codegen/core/gen_nano_proto.sh
index 4246840..6ce1517 100755
--- a/tools/codegen/core/gen_nano_proto.sh
+++ b/tools/codegen/core/gen_nano_proto.sh
@@ -43,9 +43,9 @@
echo "Input proto file '$INPUT_PROTO' doesn't exist."
exit 2
fi
+
if [[ ! -f "${EXPECTED_OPTIONS_FILE_PATH}" ]]; then
- echo "Expected nanopb options file '${EXPECTED_OPTIONS_FILE_PATH}' missing"
- exit 3
+ echo "Input proto file may need .options file to be correctly compiled."
fi
if [[ "${OUTPUT_DIR:0:1}" != '/' ]]; then
@@ -81,6 +81,11 @@
sed -i "s:$PROTO_BASENAME.pb.h:${GRPC_OUTPUT_DIR}/$PROTO_BASENAME.pb.h:g" \
"$OUTPUT_DIR/$PROTO_BASENAME.pb.c"
+if [ $PROTO_BASENAME == "handshaker" ] || [ $PROTO_BASENAME == "altscontext" ]; then
+ sed -i "s:transport_security_common.pb.h:${GRPC_OUTPUT_DIR}/transport_security_common.pb.h:g" \
+ "$OUTPUT_DIR/$PROTO_BASENAME.pb.h"
+fi
+
# Fix up the include guards such that they pass the check_include_guards.py
# test. Assumes that the generated files are being placed in gRPC src dir.
readonly INCLUDE_GUARD_BASE=`echo $GRPC_OUTPUT_DIR | tr [a-z/] [A-Z_] | sed s:^.*SRC_::`
diff --git a/tools/distrib/check_copyright.py b/tools/distrib/check_copyright.py
index 6e1a303..e7893a1 100755
--- a/tools/distrib/check_copyright.py
+++ b/tools/distrib/check_copyright.py
@@ -77,6 +77,12 @@
'examples/python/route_guide/route_guide_pb2_grpc.py',
'src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h',
'src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c',
+ 'src/core/tsi/alts/handshaker/altscontext.pb.h',
+ 'src/core/tsi/alts/handshaker/altscontext.pb.c',
+ 'src/core/tsi/alts/handshaker/handshaker.pb.h',
+ 'src/core/tsi/alts/handshaker/handshaker.pb.c',
+ 'src/core/tsi/alts/handshaker/transport_security_common.pb.h',
+ 'src/core/tsi/alts/handshaker/transport_security_common.pb.c',
'src/cpp/server/health/health.pb.h',
'src/cpp/server/health/health.pb.c',
diff --git a/tools/distrib/check_include_guards.py b/tools/distrib/check_include_guards.py
index 05d34c2..b356a74 100755
--- a/tools/distrib/check_include_guards.py
+++ b/tools/distrib/check_include_guards.py
@@ -157,6 +157,9 @@
KNOWN_BAD = set([
'src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h',
+ 'src/core/tsi/alts/handshaker/altscontext.pb.h',
+ 'src/core/tsi/alts/handshaker/handshaker.pb.h',
+ 'src/core/tsi/alts/handshaker/transport_security_common.pb.h',
'include/grpc++/ext/reflection.grpc.pb.h',
'include/grpc++/ext/reflection.pb.h',
])
diff --git a/tools/distrib/check_nanopb_output.sh b/tools/distrib/check_nanopb_output.sh
index a30b73f..8b5823b 100755
--- a/tools/distrib/check_nanopb_output.sh
+++ b/tools/distrib/check_nanopb_output.sh
@@ -15,6 +15,7 @@
set -ex
+readonly NANOPB_ALTS_TMP_OUTPUT="$(mktemp -d)"
readonly NANOPB_TMP_OUTPUT="$(mktemp -d)"
readonly PROTOBUF_INSTALL_PREFIX="$(mktemp -d)"
@@ -55,3 +56,29 @@
echo "Outputs differ: $NANOPB_TMP_OUTPUT vs $LOAD_BALANCER_GRPC_OUTPUT_PATH"
exit 2
fi
+
+#
+# Checks for handshaker.proto and transport_security_common.proto
+#
+readonly HANDSHAKER_GRPC_OUTPUT_PATH='src/core/tsi/alts/handshaker'
+# nanopb-compile the proto to a temp location
+./tools/codegen/core/gen_nano_proto.sh \
+ src/core/tsi/alts/handshaker/proto/handshaker.proto \
+ "$NANOPB_ALTS_TMP_OUTPUT" \
+ "$HANDSHAKER_GRPC_OUTPUT_PATH"
+./tools/codegen/core/gen_nano_proto.sh \
+ src/core/tsi/alts/handshaker/proto/transport_security_common.proto \
+ "$NANOPB_ALTS_TMP_OUTPUT" \
+ "$HANDSHAKER_GRPC_OUTPUT_PATH"
+./tools/codegen/core/gen_nano_proto.sh \
+ src/core/tsi/alts/handshaker/proto/altscontext.proto \
+ "$NANOPB_ALTS_TMP_OUTPUT" \
+ "$HANDSHAKER_GRPC_OUTPUT_PATH"
+
+# compare outputs to checked compiled code
+for NANOPB_OUTPUT_FILE in $NANOPB_ALTS_TMP_OUTPUT/*.pb.*; do
+ if ! diff "$NANOPB_OUTPUT_FILE" "src/core/tsi/alts/handshaker/$(basename $NANOPB_OUTPUT_FILE)"; then
+ echo "Outputs differ: $NANOPB_ALTS_TMP_OUTPUT vs $HANDSHAKER_GRPC_OUTPUT_PATH"
+ exit 2
+ fi
+done
diff --git a/tools/doxygen/Doxyfile.core.internal b/tools/doxygen/Doxyfile.core.internal
index 57f9147..e7e9e04 100644
--- a/tools/doxygen/Doxyfile.core.internal
+++ b/tools/doxygen/Doxyfile.core.internal
@@ -1284,6 +1284,17 @@
src/core/lib/profiling/timers.h \
src/core/lib/security/context/security_context.cc \
src/core/lib/security/context/security_context.h \
+src/core/lib/security/credentials/alts/alts_credentials.cc \
+src/core/lib/security/credentials/alts/alts_credentials.h \
+src/core/lib/security/credentials/alts/check_gcp_environment.cc \
+src/core/lib/security/credentials/alts/check_gcp_environment.h \
+src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc \
+src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc \
+src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc \
+src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
+src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
+src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h \
+src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/composite/composite_credentials.h \
src/core/lib/security/credentials/credentials.cc \
@@ -1308,6 +1319,8 @@
src/core/lib/security/credentials/plugin/plugin_credentials.h \
src/core/lib/security/credentials/ssl/ssl_credentials.cc \
src/core/lib/security/credentials/ssl/ssl_credentials.h \
+src/core/lib/security/security_connector/alts_security_connector.cc \
+src/core/lib/security/security_connector/alts_security_connector.h \
src/core/lib/security/security_connector/security_connector.cc \
src/core/lib/security/security_connector/security_connector.h \
src/core/lib/security/transport/auth_filters.h \
@@ -1401,6 +1414,53 @@
src/core/lib/transport/transport_op_string.cc \
src/core/plugin_registry/grpc_plugin_registry.cc \
src/core/tsi/README.md \
+src/core/tsi/alts/crypt/aes_gcm.cc \
+src/core/tsi/alts/crypt/gsec.cc \
+src/core/tsi/alts/crypt/gsec.h \
+src/core/tsi/alts/frame_protector/alts_counter.cc \
+src/core/tsi/alts/frame_protector/alts_counter.h \
+src/core/tsi/alts/frame_protector/alts_crypter.cc \
+src/core/tsi/alts/frame_protector/alts_crypter.h \
+src/core/tsi/alts/frame_protector/alts_frame_protector.cc \
+src/core/tsi/alts/frame_protector/alts_frame_protector.h \
+src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc \
+src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h \
+src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc \
+src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc \
+src/core/tsi/alts/frame_protector/frame_handler.cc \
+src/core/tsi/alts/frame_protector/frame_handler.h \
+src/core/tsi/alts/handshaker/alts_handshaker_client.cc \
+src/core/tsi/alts/handshaker/alts_handshaker_client.h \
+src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc \
+src/core/tsi/alts/handshaker/alts_handshaker_service_api.h \
+src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc \
+src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h \
+src/core/tsi/alts/handshaker/alts_tsi_event.cc \
+src/core/tsi/alts/handshaker/alts_tsi_event.h \
+src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc \
+src/core/tsi/alts/handshaker/alts_tsi_handshaker.h \
+src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h \
+src/core/tsi/alts/handshaker/alts_tsi_utils.cc \
+src/core/tsi/alts/handshaker/alts_tsi_utils.h \
+src/core/tsi/alts/handshaker/altscontext.pb.c \
+src/core/tsi/alts/handshaker/altscontext.pb.h \
+src/core/tsi/alts/handshaker/handshaker.pb.c \
+src/core/tsi/alts/handshaker/handshaker.pb.h \
+src/core/tsi/alts/handshaker/transport_security_common.pb.c \
+src/core/tsi/alts/handshaker/transport_security_common.pb.h \
+src/core/tsi/alts/handshaker/transport_security_common_api.cc \
+src/core/tsi/alts/handshaker/transport_security_common_api.h \
+src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc \
+src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h \
+src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc \
+src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h \
+src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h \
+src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc \
+src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h \
+src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc \
+src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h \
+src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc \
+src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h \
src/core/tsi/alts_transport_security.cc \
src/core/tsi/alts_transport_security.h \
src/core/tsi/fake_transport_security.cc \
diff --git a/tools/run_tests/generated/sources_and_headers.json b/tools/run_tests/generated/sources_and_headers.json
index 6b8b26f..7249671 100644
--- a/tools/run_tests/generated/sources_and_headers.json
+++ b/tools/run_tests/generated/sources_and_headers.json
@@ -2417,6 +2417,215 @@
},
{
"deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_counter_test",
+ "src": [
+ "test/core/tsi/alts/frame_protector/alts_counter_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "alts_test_util",
+ "gpr",
+ "gpr_test_util",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_crypt_test",
+ "src": [
+ "test/core/tsi/alts/crypt/aes_gcm_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_crypter_test",
+ "src": [
+ "test/core/tsi/alts/frame_protector/alts_crypter_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_frame_handler_test",
+ "src": [
+ "test/core/tsi/alts/frame_protector/frame_handler_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc",
+ "transport_security_test_lib"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_frame_protector_test",
+ "src": [
+ "test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_grpc_record_protocol_test",
+ "src": [
+ "test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_handshaker_client_test",
+ "src": [
+ "test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_handshaker_service_api_test",
+ "src": [
+ "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_iovec_record_protocol_test",
+ "src": [
+ "test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_security_connector_test",
+ "src": [
+ "test/core/security/alts_security_connector_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_tsi_handshaker_test",
+ "src": [
+ "test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_tsi_utils_test",
+ "src": [
+ "test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "alts_zero_copy_grpc_protector_test",
+ "src": [
+ "test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
"gpr",
"gpr_test_util",
"grpc",
@@ -2828,6 +3037,36 @@
{
"deps": [
"gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "check_gcp_environment_linux_test",
+ "src": [
+ "test/core/security/check_gcp_environment_linux_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "check_gcp_environment_windows_test",
+ "src": [
+ "test/core/security/check_gcp_environment_windows_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "gpr",
"gpr_test_util",
"grpc",
"grpc_test_util"
@@ -3213,6 +3452,21 @@
{
"deps": [
"gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "grpc_alts_credentials_options_test",
+ "src": [
+ "test/core/security/grpc_alts_credentials_options_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
+ "gpr",
"grpc",
"grpc++",
"grpc++_proto_reflection_desc_db",
@@ -4373,6 +4627,22 @@
},
{
"deps": [
+ "alts_test_util",
+ "gpr",
+ "grpc"
+ ],
+ "headers": [],
+ "is_filegroup": false,
+ "language": "c++",
+ "name": "transport_security_common_api_test",
+ "src": [
+ "test/core/tsi/alts/handshaker/transport_security_common_api_test.cc"
+ ],
+ "third_party": false,
+ "type": "target"
+ },
+ {
+ "deps": [
"gpr",
"gpr_test_util",
"grpc",
@@ -6291,6 +6561,26 @@
},
{
"deps": [
+ "grpc"
+ ],
+ "headers": [
+ "test/core/tsi/alts/crypt/gsec_test_util.h",
+ "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h"
+ ],
+ "is_filegroup": false,
+ "language": "c",
+ "name": "alts_test_util",
+ "src": [
+ "test/core/tsi/alts/crypt/gsec_test_util.cc",
+ "test/core/tsi/alts/crypt/gsec_test_util.h",
+ "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc",
+ "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h"
+ ],
+ "third_party": false,
+ "type": "lib"
+ },
+ {
+ "deps": [
"gpr_base"
],
"headers": [],
@@ -8289,6 +8579,138 @@
},
{
"deps": [
+ "nanopb"
+ ],
+ "headers": [
+ "src/core/tsi/alts/handshaker/altscontext.pb.h",
+ "src/core/tsi/alts/handshaker/handshaker.pb.h",
+ "src/core/tsi/alts/handshaker/transport_security_common.pb.h"
+ ],
+ "is_filegroup": true,
+ "language": "c",
+ "name": "alts_proto",
+ "src": [
+ "src/core/tsi/alts/handshaker/altscontext.pb.c",
+ "src/core/tsi/alts/handshaker/altscontext.pb.h",
+ "src/core/tsi/alts/handshaker/handshaker.pb.c",
+ "src/core/tsi/alts/handshaker/handshaker.pb.h",
+ "src/core/tsi/alts/handshaker/transport_security_common.pb.c",
+ "src/core/tsi/alts/handshaker/transport_security_common.pb.h"
+ ],
+ "third_party": false,
+ "type": "filegroup"
+ },
+ {
+ "deps": [
+ "alts_util",
+ "gpr",
+ "grpc_base",
+ "grpc_transport_chttp2_client_insecure",
+ "tsi",
+ "tsi_interface"
+ ],
+ "headers": [
+ "src/core/tsi/alts/crypt/gsec.h",
+ "src/core/tsi/alts/frame_protector/alts_counter.h",
+ "src/core/tsi/alts/frame_protector/alts_crypter.h",
+ "src/core/tsi/alts/frame_protector/alts_frame_protector.h",
+ "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h",
+ "src/core/tsi/alts/frame_protector/frame_handler.h",
+ "src/core/tsi/alts/handshaker/alts_handshaker_client.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_event.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h"
+ ],
+ "is_filegroup": true,
+ "language": "c",
+ "name": "alts_tsi",
+ "src": [
+ "src/core/tsi/alts/crypt/aes_gcm.cc",
+ "src/core/tsi/alts/crypt/gsec.cc",
+ "src/core/tsi/alts/crypt/gsec.h",
+ "src/core/tsi/alts/frame_protector/alts_counter.cc",
+ "src/core/tsi/alts/frame_protector/alts_counter.h",
+ "src/core/tsi/alts/frame_protector/alts_crypter.cc",
+ "src/core/tsi/alts/frame_protector/alts_crypter.h",
+ "src/core/tsi/alts/frame_protector/alts_frame_protector.cc",
+ "src/core/tsi/alts/frame_protector/alts_frame_protector.h",
+ "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc",
+ "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h",
+ "src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc",
+ "src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc",
+ "src/core/tsi/alts/frame_protector/frame_handler.cc",
+ "src/core/tsi/alts/frame_protector/frame_handler.h",
+ "src/core/tsi/alts/handshaker/alts_handshaker_client.cc",
+ "src/core/tsi/alts/handshaker/alts_handshaker_client.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_event.cc",
+ "src/core/tsi/alts/handshaker/alts_tsi_event.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc",
+ "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc",
+ "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h"
+ ],
+ "third_party": false,
+ "type": "filegroup"
+ },
+ {
+ "deps": [
+ "alts_proto",
+ "gpr",
+ "grpc_base",
+ "nanopb",
+ "tsi_interface"
+ ],
+ "headers": [
+ "src/core/lib/security/credentials/alts/check_gcp_environment.h",
+ "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h",
+ "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h",
+ "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_utils.h",
+ "src/core/tsi/alts/handshaker/transport_security_common_api.h"
+ ],
+ "is_filegroup": true,
+ "language": "c",
+ "name": "alts_util",
+ "src": [
+ "src/core/lib/security/credentials/alts/check_gcp_environment.cc",
+ "src/core/lib/security/credentials/alts/check_gcp_environment.h",
+ "src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc",
+ "src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc",
+ "src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc",
+ "src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc",
+ "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc",
+ "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h",
+ "src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc",
+ "src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc",
+ "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h",
+ "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc",
+ "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h",
+ "src/core/tsi/alts/handshaker/alts_tsi_utils.cc",
+ "src/core/tsi/alts/handshaker/alts_tsi_utils.h",
+ "src/core/tsi/alts/handshaker/transport_security_common_api.cc",
+ "src/core/tsi/alts/handshaker/transport_security_common_api.h"
+ ],
+ "third_party": false,
+ "type": "filegroup"
+ },
+ {
+ "deps": [
"gpr",
"grpc_base",
"nanopb"
@@ -9371,6 +9793,7 @@
},
{
"deps": [
+ "alts_tsi",
"gpr",
"grpc_base",
"grpc_transport_chttp2_alpn",
@@ -9379,6 +9802,7 @@
"headers": [
"include/grpc/grpc_security.h",
"src/core/lib/security/context/security_context.h",
+ "src/core/lib/security/credentials/alts/alts_credentials.h",
"src/core/lib/security/credentials/composite/composite_credentials.h",
"src/core/lib/security/credentials/credentials.h",
"src/core/lib/security/credentials/fake/fake_credentials.h",
@@ -9390,6 +9814,7 @@
"src/core/lib/security/credentials/oauth2/oauth2_credentials.h",
"src/core/lib/security/credentials/plugin/plugin_credentials.h",
"src/core/lib/security/credentials/ssl/ssl_credentials.h",
+ "src/core/lib/security/security_connector/alts_security_connector.h",
"src/core/lib/security/security_connector/security_connector.h",
"src/core/lib/security/transport/auth_filters.h",
"src/core/lib/security/transport/secure_endpoint.h",
@@ -9406,6 +9831,8 @@
"src/core/lib/http/httpcli_security_connector.cc",
"src/core/lib/security/context/security_context.cc",
"src/core/lib/security/context/security_context.h",
+ "src/core/lib/security/credentials/alts/alts_credentials.cc",
+ "src/core/lib/security/credentials/alts/alts_credentials.h",
"src/core/lib/security/credentials/composite/composite_credentials.cc",
"src/core/lib/security/credentials/composite/composite_credentials.h",
"src/core/lib/security/credentials/credentials.cc",
@@ -9430,6 +9857,8 @@
"src/core/lib/security/credentials/plugin/plugin_credentials.h",
"src/core/lib/security/credentials/ssl/ssl_credentials.cc",
"src/core/lib/security/credentials/ssl/ssl_credentials.h",
+ "src/core/lib/security/security_connector/alts_security_connector.cc",
+ "src/core/lib/security/security_connector/alts_security_connector.h",
"src/core/lib/security/security_connector/security_connector.cc",
"src/core/lib/security/security_connector/security_connector.h",
"src/core/lib/security/transport/auth_filters.h",
diff --git a/tools/run_tests/generated/tests.json b/tools/run_tests/generated/tests.json
index 6ce7ec2..b7fdb6f 100644
--- a/tools/run_tests/generated/tests.json
+++ b/tools/run_tests/generated/tests.json
@@ -2876,6 +2876,318 @@
"exclude_configs": [],
"exclude_iomgrs": [],
"flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_counter_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_crypt_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_crypter_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_frame_handler_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_frame_protector_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_grpc_record_protocol_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_handshaker_client_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_handshaker_service_api_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_iovec_record_protocol_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_security_connector_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_tsi_handshaker_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_tsi_utils_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "alts_zero_copy_grpc_protector_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
"gtest": true,
"language": "c++",
"name": "async_end2end_test",
@@ -3350,6 +3662,54 @@
"exclude_configs": [],
"exclude_iomgrs": [],
"flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "check_gcp_environment_linux_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "check_gcp_environment_windows_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
"gtest": true,
"language": "c++",
"name": "chttp2_settings_timeout_test",
@@ -3782,6 +4142,30 @@
"exclude_configs": [],
"exclude_iomgrs": [],
"flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "grpc_alts_credentials_options_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
"gtest": true,
"language": "c++",
"name": "grpc_tool_test",
@@ -4678,6 +5062,30 @@
"ci_platforms": [
"linux",
"mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": false,
+ "language": "c++",
+ "name": "transport_security_common_api_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
"posix"
],
"cpu_cost": 0.5,