Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 1 | /* |
| 2 | * |
Craig Tiller | 6169d5f | 2016-03-31 07:46:18 -0700 | [diff] [blame] | 3 | * Copyright 2015, Google Inc. |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 4 | * All rights reserved. |
| 5 | * |
| 6 | * Redistribution and use in source and binary forms, with or without |
| 7 | * modification, are permitted provided that the following conditions are |
| 8 | * met: |
| 9 | * |
| 10 | * * Redistributions of source code must retain the above copyright |
| 11 | * notice, this list of conditions and the following disclaimer. |
| 12 | * * Redistributions in binary form must reproduce the above |
| 13 | * copyright notice, this list of conditions and the following disclaimer |
| 14 | * in the documentation and/or other materials provided with the |
| 15 | * distribution. |
| 16 | * * Neither the name of Google Inc. nor the names of its |
| 17 | * contributors may be used to endorse or promote products derived from |
| 18 | * this software without specific prior written permission. |
| 19 | * |
| 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 31 | * |
| 32 | */ |
| 33 | |
Craig Tiller | 730ddc2 | 2017-03-29 08:38:47 -0700 | [diff] [blame] | 34 | #ifndef GRPC_CORE_TSI_TRANSPORT_SECURITY_H |
| 35 | #define GRPC_CORE_TSI_TRANSPORT_SECURITY_H |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 36 | |
jiangtaoli2016 | e69881d | 2017-04-10 14:29:43 -0700 | [diff] [blame] | 37 | #include <stdbool.h> |
| 38 | |
Craig Tiller | 84f75d4 | 2017-05-03 13:06:35 -0700 | [diff] [blame] | 39 | #include "src/core/lib/debug/trace.h" |
Craig Tiller | b29f1fe | 2017-03-28 15:49:23 -0700 | [diff] [blame] | 40 | #include "src/core/tsi/transport_security_interface.h" |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 41 | |
| 42 | #ifdef __cplusplus |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 43 | extern "C" { |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 44 | #endif |
| 45 | |
Craig Tiller | 84f75d4 | 2017-05-03 13:06:35 -0700 | [diff] [blame] | 46 | extern grpc_tracer_flag tsi_tracing_enabled; |
Julien Boeuf | 980f600 | 2015-02-26 16:41:41 -0800 | [diff] [blame] | 47 | |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 48 | /* Base for tsi_frame_protector implementations. |
| 49 | See transport_security_interface.h for documentation. */ |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 50 | typedef struct { |
| 51 | tsi_result (*protect)(tsi_frame_protector *self, |
| 52 | const unsigned char *unprotected_bytes, |
| 53 | size_t *unprotected_bytes_size, |
| 54 | unsigned char *protected_output_frames, |
| 55 | size_t *protected_output_frames_size); |
| 56 | tsi_result (*protect_flush)(tsi_frame_protector *self, |
| 57 | unsigned char *protected_output_frames, |
| 58 | size_t *protected_output_frames_size, |
| 59 | size_t *still_pending_size); |
| 60 | tsi_result (*unprotect)(tsi_frame_protector *self, |
| 61 | const unsigned char *protected_frames_bytes, |
| 62 | size_t *protected_frames_bytes_size, |
| 63 | unsigned char *unprotected_bytes, |
| 64 | size_t *unprotected_bytes_size); |
| 65 | void (*destroy)(tsi_frame_protector *self); |
| 66 | } tsi_frame_protector_vtable; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 67 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 68 | struct tsi_frame_protector { |
| 69 | const tsi_frame_protector_vtable *vtable; |
| 70 | }; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 71 | |
| 72 | /* Base for tsi_handshaker implementations. |
| 73 | See transport_security_interface.h for documentation. */ |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 74 | typedef struct { |
| 75 | tsi_result (*get_bytes_to_send_to_peer)(tsi_handshaker *self, |
| 76 | unsigned char *bytes, |
| 77 | size_t *bytes_size); |
| 78 | tsi_result (*process_bytes_from_peer)(tsi_handshaker *self, |
| 79 | const unsigned char *bytes, |
| 80 | size_t *bytes_size); |
| 81 | tsi_result (*get_result)(tsi_handshaker *self); |
| 82 | tsi_result (*extract_peer)(tsi_handshaker *self, tsi_peer *peer); |
| 83 | tsi_result (*create_frame_protector)(tsi_handshaker *self, |
| 84 | size_t *max_protected_frame_size, |
| 85 | tsi_frame_protector **protector); |
| 86 | void (*destroy)(tsi_handshaker *self); |
jiangtaoli2016 | 20b9f94 | 2017-04-07 12:50:33 -0700 | [diff] [blame] | 87 | tsi_result (*next)(tsi_handshaker *self, const unsigned char *received_bytes, |
| 88 | size_t received_bytes_size, unsigned char **bytes_to_send, |
| 89 | size_t *bytes_to_send_size, |
| 90 | tsi_handshaker_result **handshaker_result, |
| 91 | tsi_handshaker_on_next_done_cb cb, void *user_data); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 92 | } tsi_handshaker_vtable; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 93 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 94 | struct tsi_handshaker { |
| 95 | const tsi_handshaker_vtable *vtable; |
jiangtaoli2016 | e69881d | 2017-04-10 14:29:43 -0700 | [diff] [blame] | 96 | bool frame_protector_created; |
| 97 | bool handshaker_result_created; |
jiangtaoli2016 | 20b9f94 | 2017-04-07 12:50:33 -0700 | [diff] [blame] | 98 | }; |
| 99 | |
| 100 | /* Base for tsi_handshaker_result implementations. |
| 101 | See transport_security_interface.h for documentation. */ |
| 102 | typedef struct { |
jiangtaoli2016 | e69881d | 2017-04-10 14:29:43 -0700 | [diff] [blame] | 103 | tsi_result (*extract_peer)(const tsi_handshaker_result *self, tsi_peer *peer); |
| 104 | tsi_result (*create_frame_protector)(const tsi_handshaker_result *self, |
jiangtaoli2016 | 20b9f94 | 2017-04-07 12:50:33 -0700 | [diff] [blame] | 105 | size_t *max_output_protected_frame_size, |
| 106 | tsi_frame_protector **protector); |
jiangtaoli2016 | e69881d | 2017-04-10 14:29:43 -0700 | [diff] [blame] | 107 | tsi_result (*get_unused_bytes)(const tsi_handshaker_result *self, |
jiangtaoli2016 | 20b9f94 | 2017-04-07 12:50:33 -0700 | [diff] [blame] | 108 | unsigned char **bytes, size_t *bytes_size); |
| 109 | void (*destroy)(tsi_handshaker_result *self); |
| 110 | } tsi_handshaker_result_vtable; |
| 111 | |
| 112 | struct tsi_handshaker_result { |
| 113 | const tsi_handshaker_result_vtable *vtable; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 114 | }; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 115 | |
| 116 | /* Peer and property construction/destruction functions. */ |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 117 | tsi_result tsi_construct_peer(size_t property_count, tsi_peer *peer); |
| 118 | tsi_peer_property tsi_init_peer_property(void); |
| 119 | void tsi_peer_property_destruct(tsi_peer_property *property); |
| 120 | tsi_result tsi_construct_string_peer_property(const char *name, |
| 121 | const char *value, |
| 122 | size_t value_length, |
| 123 | tsi_peer_property *property); |
| 124 | tsi_result tsi_construct_allocated_string_peer_property( |
| 125 | const char *name, size_t value_length, tsi_peer_property *property); |
| 126 | tsi_result tsi_construct_string_peer_property_from_cstring( |
| 127 | const char *name, const char *value, tsi_peer_property *property); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 128 | |
| 129 | /* Utils. */ |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 130 | char *tsi_strdup(const char *src); /* Sadly, no strdup in C89. */ |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 131 | |
| 132 | #ifdef __cplusplus |
| 133 | } |
| 134 | #endif |
| 135 | |
Craig Tiller | 730ddc2 | 2017-03-29 08:38:47 -0700 | [diff] [blame] | 136 | #endif /* GRPC_CORE_TSI_TRANSPORT_SECURITY_H */ |