diff options
| author |  Sree Kuchibhotla <sreecha@users.noreply.github.com> | 2018-03-07 14:35:36 -0800 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2018-03-07 14:35:36 -0800 |
| commit | ae277dd000254c2df9f6cc51dbb70dff1ea55aa2 (patch) | |
| tree | 6e678a182d5ec3b91bcb4d7bacbf503e60df85c4 /src/core/tsi/alts/crypt/gsec.h | |
| parent | b243732f3fe7392a1ae4ed36f18962415c56050d (diff) | |
Revert "Add ALTS C stack to gRPC core"
Diffstat (limited to 'src/core/tsi/alts/crypt/gsec.h')
| -rw-r--r-- | src/core/tsi/alts/crypt/gsec.h | 454 |
1 files changed, 0 insertions, 454 deletions
diff --git a/src/core/tsi/alts/crypt/gsec.h b/src/core/tsi/alts/crypt/gsec.h deleted file mode 100644 index 4d65caa944..0000000000 --- a/src/core/tsi/alts/crypt/gsec.h +++ /dev/null @@ -1,454 +0,0 @@ -/* - * - * Copyright 2018 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#ifndef GRPC_CORE_TSI_ALTS_CRYPT_GSEC_H -#define GRPC_CORE_TSI_ALTS_CRYPT_GSEC_H - -#include <grpc/support/port_platform.h> - -#include <assert.h> -#include <stdint.h> -#include <stdlib.h> - -#include <grpc/grpc.h> - -struct iovec { - void* iov_base; - size_t iov_len; -}; - -/** - * A gsec interface for AEAD encryption schemes. The API is thread-compatible. - * Each implementation of this interface should specify supported values for - * key, nonce, and tag lengths. - */ - -/* Key, nonce, and tag length in bytes */ -const size_t kAesGcmNonceLength = 12; -const size_t kAesGcmTagLength = 16; -const size_t kAes128GcmKeyLength = 16; -const size_t kAes256GcmKeyLength = 32; - -// The first 32 bytes are used as a KDF key and the remaining 12 bytes are used -// to mask the nonce. -const size_t kAes128GcmRekeyKeyLength = 44; - -typedef struct gsec_aead_crypter gsec_aead_crypter; - -/** - * The gsec_aead_crypter is an API for different AEAD implementations such as - * AES_GCM. It encapsulates all AEAD-related operations in the format of - * V-table that stores pointers to functions implementing those operations. - * It also provides helper functions to wrap each of those function pointers. - * - * A typical usage of this object would be: - * - *------------------------------------------------------------------------------ - * // Declare a gsec_aead_crypter object, and create and assign an instance - * // of specific AEAD implementation e.g., AES_GCM to it. We assume both - * // key and nonce contain cryptographically secure random bytes, and the key - * // can be derived from an upper-layer application. - * gsec_aead_crypter* crypter; - * char* error_in_creation; - * // User can populate the message with any 100 bytes data. - * uint8_t* message = gpr_malloc(100); - * grpc_status_code creation_status = gsec_aes_gcm_aead_crypter_create(key, - * kAes128GcmKeyLength, - * kAesGcmNonceLength, - * kAesGcmTagLength, - * &crypter, - * false, - * 0 - * &error_in_creation); - * - * if (creation_status == GRPC_STATUS_OK) { - * // Allocate a correct amount of memory to hold a ciphertext. - * size_t clength = 0; - * gsec_aead_crypter_max_ciphertext_and_tag_length(crypter, 100, &clength, - * nullptr); - * uint8_t* ciphertext = gpr_malloc(clength); - * - * // Perform encryption - * size_t num_encrypted_bytes = 0; - * char* error_in_encryption = nullptr; - * grpc_status_code status = gsec_aead_crypter_encrypt(crypter, nonce, - * kAesGcmNonceLength, - * nullptr, 0, message, - * 100, ciphertext, - * clength, - * &num_encrypted_bytes, - * &error_in_encryption); - * if (status == GRPC_STATUS_OK) { - * // Allocate a correct amount of memory to hold a plaintext. - * size_t plength = 0; - * gsec_aead_crypter_max_plaintext_length(crypter, num_encrypted_bytes, - * &plength, nullptr); - * uint8_t* plaintext = gpr_malloc(plength); - * - * // Perform decryption. - * size_t num_decrypted_bytes = 0; - * char* error_in_decryption = nullptr; - * status = gsec_aead_crypter_decrypt(crypter, nonce, - * kAesGcmNonceLength, nullptr, 0, - * ciphertext, num_encrypted_bytes, - * plaintext, plength, - * &num_decrypted_bytes, - * &error_in_decryption); - * if (status != GRPC_STATUS_OK) { - * fprintf(stderr, "AEAD decrypt operation failed with error code:" - * "%d, message: %s\n", status, error_in_decryption); - * } - * ... - * gpr_free(plaintext); - * gpr_free(error_in_decryption); - * } else { - * fprintf(stderr, "AEAD encrypt operation failed with error code:" - * "%d, message: %s\n", status, error_in_encryption); - * } - * ... - * gpr_free(ciphertext); - * gpr_free(error_in_encryption); - * } else { - * fprintf(stderr, "Creation of AEAD crypter instance failed with error code:" - * "%d, message: %s\n", creation_status, error_in_creation); - * } - * - * // Destruct AEAD crypter instance. - * if (creation_status == GRPC_STATUS_OK) { - * gsec_aead_crypter_destroy(crypter); - * } - * gpr_free(error_in_creation); - * gpr_free(message); - * ----------------------------------------------------------------------------- - */ - -/* V-table for gsec AEAD operations */ -typedef struct gsec_aead_crypter_vtable { - grpc_status_code (*encrypt_iovec)( - gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, - const struct iovec* aad_vec, size_t aad_vec_length, - const struct iovec* plaintext_vec, size_t plaintext_vec_length, - struct iovec ciphertext_vec, size_t* ciphertext_bytes_written, - char** error_details); - grpc_status_code (*decrypt_iovec)( - gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, - const struct iovec* aad_vec, size_t aad_vec_length, - const struct iovec* ciphertext_vec, size_t ciphertext_vec_length, - struct iovec plaintext_vec, size_t* plaintext_bytes_written, - char** error_details); - grpc_status_code (*max_ciphertext_and_tag_length)( - const gsec_aead_crypter* crypter, size_t plaintext_length, - size_t* max_ciphertext_and_tag_length_to_return, char** error_details); - grpc_status_code (*max_plaintext_length)( - const gsec_aead_crypter* crypter, size_t ciphertext_and_tag_length, - size_t* max_plaintext_length_to_return, char** error_details); - grpc_status_code (*nonce_length)(const gsec_aead_crypter* crypter, - size_t* nonce_length_to_return, - char** error_details); - grpc_status_code (*key_length)(const gsec_aead_crypter* crypter, - size_t* key_length_to_return, - char** error_details); - grpc_status_code (*tag_length)(const gsec_aead_crypter* crypter, - size_t* tag_length_to_return, - char** error_details); - void (*destruct)(gsec_aead_crypter* crypter); -} gsec_aead_crypter_vtable; - -/* Main struct for gsec interface */ -struct gsec_aead_crypter { - const struct gsec_aead_crypter_vtable* vtable; -}; - -/** - * This method performs an AEAD encrypt operation. - * - * - crypter: AEAD crypter instance. - * - nonce: buffer containing a nonce with its size equal to nonce_length. - * - nonce_length: size of nonce buffer, and must be equal to the value returned - * from method gsec_aead_crypter_nonce_length. - * - aad: buffer containing data that needs to be authenticated but not - * encrypted with its size equal to aad_length. - * - aad_length: size of aad buffer, which should be zero if the buffer is - * nullptr. - * - plaintext: buffer containing data that needs to be both encrypted and - * authenticated with its size equal to plaintext_length. - * - plaintext_length: size of plaintext buffer, which should be zero if - * plaintext is nullptr. - * - ciphertext_and_tag: buffer that will contain ciphertext and tags the method - * produced. The buffer should not overlap the plaintext buffer, and pointers - * to those buffers should not be equal. Also if the ciphertext+tag buffer is - * nullptr, the plaintext_length should be zero. - * - ciphertext_and_tag_length: size of ciphertext+tag buffer, which should be - * at least as long as the one returned from method - * gsec_aead_crypter_max_ciphertext_and_tag_length. - * - bytes_written: the actual number of bytes written to the ciphertext+tag - * buffer. If bytes_written is nullptr, the plaintext_length should be zero. - * - error_details: a buffer containing an error message if the method does not - * function correctly. It is legal to pass nullptr into error_details, and - * otherwise, the parameter should be freed with gpr_free. - * - * On the success of encryption, the method returns GRPC_STATUS_OK. Otherwise, - * it returns an error status code along with its details specified in - * error_details (if error_details is not nullptr). - * - */ -grpc_status_code gsec_aead_crypter_encrypt( - gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, - const uint8_t* aad, size_t aad_length, const uint8_t* plaintext, - size_t plaintext_length, uint8_t* ciphertext_and_tag, - size_t ciphertext_and_tag_length, size_t* bytes_written, - char** error_details); - -/** - * This method performs an AEAD encrypt operation. - * - * - crypter: AEAD crypter instance. - * - nonce: buffer containing a nonce with its size equal to nonce_length. - * - nonce_length: size of nonce buffer, and must be equal to the value returned - * from method gsec_aead_crypter_nonce_length. - * - aad_vec: an iovec array containing data that needs to be authenticated but - * not encrypted. - * - aad_vec_length: the array length of aad_vec. - * - plaintext_vec: an iovec array containing data that needs to be both - * encrypted and authenticated. - * - plaintext_vec_length: the array length of plaintext_vec. - * - ciphertext_vec: an iovec containing a ciphertext buffer. The buffer should - * not overlap the plaintext buffer. - * - ciphertext_bytes_written: the actual number of bytes written to - * ciphertext_vec. - * - error_details: a buffer containing an error message if the method does not - * function correctly. It is legal to pass nullptr into error_details, and - * otherwise, the parameter should be freed with gpr_free. - * - * On the success of encryption, the method returns GRPC_STATUS_OK. Otherwise, - * it returns an error status code along with its details specified in - * error_details (if error_details is not nullptr). - * - */ -grpc_status_code gsec_aead_crypter_encrypt_iovec( - gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, - const struct iovec* aad_vec, size_t aad_vec_length, - const struct iovec* plaintext_vec, size_t plaintext_vec_length, - struct iovec ciphertext_vec, size_t* ciphertext_bytes_written, - char** error_details); - -/** - * This method performs an AEAD decrypt operation. - * - * - crypter: AEAD crypter instance. - * - nonce: buffer containing a nonce with its size equal to nonce_length. - * - nonce_length: size of nonce buffer, and must be equal to the value returned - * from method gsec_aead_crypter_nonce_length. - * - aad: buffer containing data that needs to be authenticated only. - * - aad_length: size of aad buffer, which should be zero if the buffer is - * nullptr. - * - ciphertext_and_tag: buffer containing ciphertext and tag. - * - ciphertext_and_tag_length: length of ciphertext and tag. It should be zero - * if any of plaintext, ciphertext_and_tag, or bytes_written is nullptr. Also, - * ciphertext_and_tag_length should be at least as large as the tag length set - * at AEAD crypter instance construction time. - * - plaintext: buffer containing decrypted and authenticated data the method - * produced. The buffer should not overlap with the ciphertext+tag buffer, and - * pointers to those buffers should not be equal. - * - plaintext_length: size of plaintext buffer, which should be at least as - * long as the one returned from gsec_aead_crypter_max_plaintext_length - * method. - * - bytes_written: the actual number of bytes written to the plaintext - * buffer. - * - error_details: a buffer containing an error message if the method does not - * function correctly. It is legal to pass nullptr into error_details, and - * otherwise, the parameter should be freed with gpr_free. - * - * On the success of decryption, the method returns GRPC_STATUS_OK. Otherwise, - * it returns an error status code along with its details specified in - * error_details (if error_details is not nullptr). - */ -grpc_status_code gsec_aead_crypter_decrypt( - gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, - const uint8_t* aad, size_t aad_length, const uint8_t* ciphertext_and_tag, - size_t ciphertext_and_tag_length, uint8_t* plaintext, - size_t plaintext_length, size_t* bytes_written, char** error_details); - -/** - * This method performs an AEAD decrypt operation. - * - * - crypter: AEAD crypter instance. - * - nonce: buffer containing a nonce with its size equal to nonce_length. - * - nonce_length: size of nonce buffer, and must be equal to the value returned - * from method gsec_aead_crypter_nonce_length. - * - aad_vec: an iovec array containing data that needs to be authenticated but - * not encrypted. - * - aad_vec_length: the array length of aad_vec. - * - ciphertext_vec: an iovec array containing the ciphertext and tag. - * - ciphertext_vec_length: the array length of ciphertext_vec. - * - plaintext_vec: an iovec containing a plaintext buffer. The buffer should - * not overlap the ciphertext buffer. - * - plaintext_bytes_written: the actual number of bytes written to - * plaintext_vec. - * - error_details: a buffer containing an error message if the method does not - * function correctly. It is legal to pass nullptr into error_details, and - * otherwise, the parameter should be freed with gpr_free. - * - * On the success of decryption, the method returns GRPC_STATUS_OK. Otherwise, - * it returns an error status code along with its details specified in - * error_details (if error_details is not nullptr). - */ -grpc_status_code gsec_aead_crypter_decrypt_iovec( - gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, - const struct iovec* aad_vec, size_t aad_vec_length, - const struct iovec* ciphertext_vec, size_t ciphertext_vec_length, - struct iovec plaintext_vec, size_t* plaintext_bytes_written, - char** error_details); - -/** - * This method computes the size of ciphertext+tag buffer that must be passed to - * gsec_aead_crypter_encrypt function to ensure correct encryption of a - * plaintext. The actual size of ciphertext+tag written to the buffer could be - * smaller. - * - * - crypter: AEAD crypter instance. - * - plaintext_length: length of plaintext. - * - max_ciphertext_and_tag_length_to_return: the size of ciphertext+tag buffer - * the method returns. - * - error_details: a buffer containing an error message if the method does not - * function correctly. It is legal to pass nullptr into error_details, and - * otherwise, the parameter should be freed with gpr_free. - * - * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise, - * it returns an error status code along with its details specified in - * error_details (if error_details is not nullptr). - */ -grpc_status_code gsec_aead_crypter_max_ciphertext_and_tag_length( - const gsec_aead_crypter* crypter, size_t plaintext_length, - size_t* max_ciphertext_and_tag_length_to_return, char** error_details); - -/** - * This method computes the size of plaintext buffer that must be passed to - * gsec_aead_crypter_decrypt function to ensure correct decryption of a - * ciphertext. The actual size of plaintext written to the buffer could be - * smaller. - * - * - crypter: AEAD crypter instance. - * - ciphertext_and_tag_length: length of ciphertext and tag. - * - max_plaintext_length_to_return: the size of plaintext buffer the method - * returns. - * - error_details: a buffer containing an error message if the method does not - * function correctly. It is legal to pass nullptr into error_details, and - * otherwise, the parameter should be freed with gpr_free. - * - * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise, - * it returns an error status code along with its details specified in - * error_details (if error_details is not nullptr). - */ -grpc_status_code gsec_aead_crypter_max_plaintext_length( - const gsec_aead_crypter* crypter, size_t ciphertext_and_tag_length, - size_t* max_plaintext_length_to_return, char** error_details); - -/** - * This method returns a valid size of nonce array used at the construction of - * AEAD crypter instance. It is also the size that should be passed to encrypt - * and decrypt methods executed on the instance. - * - * - crypter: AEAD crypter instance. - * - nonce_length_to_return: the length of nonce array the method returns. - * - error_details: a buffer containing an error message if the method does not - * function correctly. It is legal to pass nullptr into error_details, and - * otherwise, the parameter should be freed with gpr_free. - * - * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise, - * it returns an error status code along with its details specified in - * error_details (if error_details is not nullptr). - */ -grpc_status_code gsec_aead_crypter_nonce_length( - const gsec_aead_crypter* crypter, size_t* nonce_length_to_return, - char** error_details); - -/** - * This method returns a valid size of key array used at the construction of - * AEAD crypter instance. It is also the size that should be passed to encrypt - * and decrypt methods executed on the instance. - * - * - crypter: AEAD crypter instance. - * - key_length_to_return: the length of key array the method returns. - * - error_details: a buffer containing an error message if the method does not - * function correctly. It is legal to pass nullptr into error_details, and - * otherwise, the parameter should be freed with gpr_free. - * - * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise, - * it returns an error status code along with its details specified in - * error_details (if error_details is not nullptr). - */ -grpc_status_code gsec_aead_crypter_key_length(const gsec_aead_crypter* crypter, - size_t* key_length_to_return, - char** error_details); -/** - * This method returns a valid size of tag array used at the construction of - * AEAD crypter instance. It is also the size that should be passed to encrypt - * and decrypt methods executed on the instance. - * - * - crypter: AEAD crypter instance. - * - tag_length_to_return: the length of tag array the method returns. - * - error_details: a buffer containing an error message if the method does not - * function correctly. It is legal to pass nullptr into error_details, and - * otherwise, the parameter should be freed with gpr_free. - * - * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise, - * it returns an error status code along with its details specified in - * error_details (if error_details is not nullptr). - */ -grpc_status_code gsec_aead_crypter_tag_length(const gsec_aead_crypter* crypter, - size_t* tag_length_to_return, - char** error_details); - -/** - * This method destroys an AEAD crypter instance by de-allocating all of its - * occupied memory. - * - * - crypter: AEAD crypter instance that needs to be destroyed. - */ -void gsec_aead_crypter_destroy(gsec_aead_crypter* crypter); - -/** - * This method creates an AEAD crypter instance of AES-GCM encryption scheme - * which supports 16 and 32 bytes long keys, 12 and 16 bytes long nonces, and - * 16 bytes long tags. It should be noted that once the lengths of key, nonce, - * and tag are determined at construction time, they cannot be modified later. - * - * - key: buffer containing a key which is binded with AEAD crypter instance. - * - key_length: length of a key in bytes, which should be 44 if rekeying is - * enabled and 16 or 32 otherwise. - * - nonce_length: length of a nonce in bytes, which should be either 12 or 16. - * - tag_length: length of a tag in bytes, which should be always 16. - * - rekey: enable nonce-based rekeying and nonce-masking. - * - crypter: address of AES_GCM crypter instance returned from the method. - * - error_details: a buffer containing an error message if the method does not - * function correctly. It is legal to pass nullptr into error_details, and - * otherwise, the parameter should be freed with gpr_free. - * - * On success of instance creation, it stores the address of instance at - * crypter. Otherwise, it returns an error status code together with its details - * specified in error_details. - */ -grpc_status_code gsec_aes_gcm_aead_crypter_create(const uint8_t* key, - size_t key_length, - size_t nonce_length, - size_t tag_length, bool rekey, - gsec_aead_crypter** crypter, - char** error_details); - -#endif /* GRPC_CORE_TSI_ALTS_CRYPT_GSEC_H */ |