Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 1 | /* |
| 2 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 3 | * Copyright 2015 gRPC authors. |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 4 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 5 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | * you may not use this file except in compliance with the License. |
| 7 | * You may obtain a copy of the License at |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 8 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 10 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 11 | * Unless required by applicable law or agreed to in writing, software |
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | * See the License for the specific language governing permissions and |
| 15 | * limitations under the License. |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 16 | * |
| 17 | */ |
| 18 | |
Craig Tiller | 730ddc2 | 2017-03-29 08:38:47 -0700 | [diff] [blame] | 19 | #ifndef GRPC_CORE_TSI_TRANSPORT_SECURITY_H |
| 20 | #define GRPC_CORE_TSI_TRANSPORT_SECURITY_H |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 21 | |
jiangtaoli2016 | e69881d | 2017-04-10 14:29:43 -0700 | [diff] [blame] | 22 | #include <stdbool.h> |
| 23 | |
Craig Tiller | 84f75d4 | 2017-05-03 13:06:35 -0700 | [diff] [blame] | 24 | #include "src/core/lib/debug/trace.h" |
Craig Tiller | b29f1fe | 2017-03-28 15:49:23 -0700 | [diff] [blame] | 25 | #include "src/core/tsi/transport_security_interface.h" |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 26 | |
| 27 | #ifdef __cplusplus |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 28 | extern "C" { |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 29 | #endif |
| 30 | |
Craig Tiller | 84f75d4 | 2017-05-03 13:06:35 -0700 | [diff] [blame] | 31 | extern grpc_tracer_flag tsi_tracing_enabled; |
Julien Boeuf | 980f600 | 2015-02-26 16:41:41 -0800 | [diff] [blame] | 32 | |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 33 | /* Base for tsi_frame_protector implementations. |
| 34 | See transport_security_interface.h for documentation. */ |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 35 | typedef struct { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 36 | tsi_result (*protect)(tsi_frame_protector* self, |
| 37 | const unsigned char* unprotected_bytes, |
| 38 | size_t* unprotected_bytes_size, |
| 39 | unsigned char* protected_output_frames, |
| 40 | size_t* protected_output_frames_size); |
| 41 | tsi_result (*protect_flush)(tsi_frame_protector* self, |
| 42 | unsigned char* protected_output_frames, |
| 43 | size_t* protected_output_frames_size, |
| 44 | size_t* still_pending_size); |
| 45 | tsi_result (*unprotect)(tsi_frame_protector* self, |
| 46 | const unsigned char* protected_frames_bytes, |
| 47 | size_t* protected_frames_bytes_size, |
| 48 | unsigned char* unprotected_bytes, |
| 49 | size_t* unprotected_bytes_size); |
| 50 | void (*destroy)(tsi_frame_protector* self); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 51 | } tsi_frame_protector_vtable; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 52 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 53 | struct tsi_frame_protector { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 54 | const tsi_frame_protector_vtable* vtable; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 55 | }; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 56 | |
| 57 | /* Base for tsi_handshaker implementations. |
| 58 | See transport_security_interface.h for documentation. */ |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 59 | typedef struct { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 60 | tsi_result (*get_bytes_to_send_to_peer)(tsi_handshaker* self, |
| 61 | unsigned char* bytes, |
| 62 | size_t* bytes_size); |
| 63 | tsi_result (*process_bytes_from_peer)(tsi_handshaker* self, |
| 64 | const unsigned char* bytes, |
| 65 | size_t* bytes_size); |
| 66 | tsi_result (*get_result)(tsi_handshaker* self); |
| 67 | tsi_result (*extract_peer)(tsi_handshaker* self, tsi_peer* peer); |
| 68 | tsi_result (*create_frame_protector)(tsi_handshaker* self, |
| 69 | size_t* max_protected_frame_size, |
| 70 | tsi_frame_protector** protector); |
| 71 | void (*destroy)(tsi_handshaker* self); |
| 72 | tsi_result (*next)(tsi_handshaker* self, const unsigned char* received_bytes, |
jiangtaoli2016 | 2f94a26 | 2017-08-07 22:07:17 -0700 | [diff] [blame] | 73 | size_t received_bytes_size, |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 74 | const unsigned char** bytes_to_send, |
| 75 | size_t* bytes_to_send_size, |
| 76 | tsi_handshaker_result** handshaker_result, |
| 77 | tsi_handshaker_on_next_done_cb cb, void* user_data); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 78 | } tsi_handshaker_vtable; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 79 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 80 | struct tsi_handshaker { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 81 | const tsi_handshaker_vtable* vtable; |
jiangtaoli2016 | e69881d | 2017-04-10 14:29:43 -0700 | [diff] [blame] | 82 | bool frame_protector_created; |
| 83 | bool handshaker_result_created; |
jiangtaoli2016 | 20b9f94 | 2017-04-07 12:50:33 -0700 | [diff] [blame] | 84 | }; |
| 85 | |
| 86 | /* Base for tsi_handshaker_result implementations. |
jiangtaoli2016 | f68978c | 2017-09-14 09:18:24 -0700 | [diff] [blame] | 87 | See transport_security_interface.h for documentation. |
| 88 | The exec_ctx parameter in create_zero_copy_grpc_protector is supposed to be |
| 89 | of type grpc_exec_ctx*, but we're using void* instead to avoid making the TSI |
| 90 | API depend on grpc. The create_zero_copy_grpc_protector() method is only used |
| 91 | in grpc, where we do need the exec_ctx passed through, but the API still |
| 92 | needs to compile in other applications, where grpc_exec_ctx is not defined. |
| 93 | */ |
jiangtaoli2016 | 20b9f94 | 2017-04-07 12:50:33 -0700 | [diff] [blame] | 94 | typedef struct { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 95 | tsi_result (*extract_peer)(const tsi_handshaker_result* self, tsi_peer* peer); |
Jiangtao Li | 0211cfb | 2017-08-07 11:24:07 -0700 | [diff] [blame] | 96 | tsi_result (*create_zero_copy_grpc_protector)( |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 97 | void* exec_ctx, const tsi_handshaker_result* self, |
| 98 | size_t* max_output_protected_frame_size, |
| 99 | tsi_zero_copy_grpc_protector** protector); |
| 100 | tsi_result (*create_frame_protector)(const tsi_handshaker_result* self, |
| 101 | size_t* max_output_protected_frame_size, |
| 102 | tsi_frame_protector** protector); |
| 103 | tsi_result (*get_unused_bytes)(const tsi_handshaker_result* self, |
| 104 | const unsigned char** bytes, |
| 105 | size_t* bytes_size); |
| 106 | void (*destroy)(tsi_handshaker_result* self); |
jiangtaoli2016 | 20b9f94 | 2017-04-07 12:50:33 -0700 | [diff] [blame] | 107 | } tsi_handshaker_result_vtable; |
| 108 | |
| 109 | struct tsi_handshaker_result { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 110 | const tsi_handshaker_result_vtable* vtable; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 111 | }; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 112 | |
| 113 | /* Peer and property construction/destruction functions. */ |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 114 | tsi_result tsi_construct_peer(size_t property_count, tsi_peer* peer); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 115 | tsi_peer_property tsi_init_peer_property(void); |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 116 | void tsi_peer_property_destruct(tsi_peer_property* property); |
| 117 | tsi_result tsi_construct_string_peer_property(const char* name, |
| 118 | const char* value, |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 119 | size_t value_length, |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 120 | tsi_peer_property* property); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 121 | tsi_result tsi_construct_allocated_string_peer_property( |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 122 | const char* name, size_t value_length, tsi_peer_property* property); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 123 | tsi_result tsi_construct_string_peer_property_from_cstring( |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 124 | const char* name, const char* value, tsi_peer_property* property); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 125 | |
| 126 | /* Utils. */ |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 127 | char* tsi_strdup(const char* src); /* Sadly, no strdup in C89. */ |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 128 | |
| 129 | #ifdef __cplusplus |
| 130 | } |
| 131 | #endif |
| 132 | |
Craig Tiller | 730ddc2 | 2017-03-29 08:38:47 -0700 | [diff] [blame] | 133 | #endif /* GRPC_CORE_TSI_TRANSPORT_SECURITY_H */ |