diff options
122 files changed, 22100 insertions, 267 deletions
@@ -1326,6 +1326,8 @@ grpc_cc_library( "src/core/lib/security/credentials/oauth2/oauth2_credentials.cc", "src/core/lib/security/credentials/plugin/plugin_credentials.cc", "src/core/lib/security/credentials/ssl/ssl_credentials.cc", + "src/core/lib/security/credentials/alts/alts_credentials.cc", + "src/core/lib/security/security_connector/alts_security_connector.cc", "src/core/lib/security/security_connector/security_connector.cc", "src/core/lib/security/transport/client_auth_filter.cc", "src/core/lib/security/transport/secure_endpoint.cc", @@ -1349,6 +1351,8 @@ grpc_cc_library( "src/core/lib/security/credentials/oauth2/oauth2_credentials.h", "src/core/lib/security/credentials/plugin/plugin_credentials.h", "src/core/lib/security/credentials/ssl/ssl_credentials.h", + "src/core/lib/security/credentials/alts/alts_credentials.h", + "src/core/lib/security/security_connector/alts_security_connector.h", "src/core/lib/security/security_connector/security_connector.h", "src/core/lib/security/transport/auth_filters.h", "src/core/lib/security/transport/secure_endpoint.h", @@ -1360,6 +1364,7 @@ grpc_cc_library( language = "c++", public_hdrs = GRPC_SECURE_PUBLIC_HDRS, deps = [ + "alts_util", "grpc_base", "grpc_transport_chttp2_alpn", "tsi", @@ -1583,15 +1588,118 @@ grpc_cc_library( ) grpc_cc_library( + name = "alts_frame_protector", + srcs = [ + "src/core/tsi/alts/crypt/aes_gcm.cc", + "src/core/tsi/alts/crypt/gsec.cc", + "src/core/tsi/alts/frame_protector/alts_counter.cc", + "src/core/tsi/alts/frame_protector/alts_crypter.cc", + "src/core/tsi/alts/frame_protector/alts_frame_protector.cc", + "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc", + "src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc", + "src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc", + "src/core/tsi/alts/frame_protector/frame_handler.cc", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc", + "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc", + "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc", + ], + hdrs = [ + "src/core/tsi/alts/crypt/gsec.h", + "src/core/tsi/alts/frame_protector/alts_counter.h", + "src/core/tsi/alts/frame_protector/alts_crypter.h", + "src/core/tsi/alts/frame_protector/alts_frame_protector.h", + "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h", + "src/core/tsi/alts/frame_protector/frame_handler.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h", + "src/core/tsi/transport_security_grpc.h", + ], + external_deps = [ + "libssl", + ], + language = "c++", + deps = [ + "gpr", + "grpc_base", + "tsi_interface", + ], +) + +grpc_cc_library( + name = "alts_proto", + srcs = [ + "src/core/tsi/alts/handshaker/altscontext.pb.c", + "src/core/tsi/alts/handshaker/handshaker.pb.c", + "src/core/tsi/alts/handshaker/transport_security_common.pb.c", + ], + hdrs = [ + "src/core/tsi/alts/handshaker/altscontext.pb.h", + "src/core/tsi/alts/handshaker/handshaker.pb.h", + "src/core/tsi/alts/handshaker/transport_security_common.pb.h", + ], + external_deps = [ + "nanopb", + ], + language = "c++", +) + +grpc_cc_library( + name = "alts_util", + srcs = [ + "src/core/lib/security/credentials/alts/check_gcp_environment.cc", + "src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc", + "src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc", + "src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc", + "src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc", + "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc", + "src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc", + "src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc", + "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc", + "src/core/tsi/alts/handshaker/transport_security_common_api.cc", + ], + hdrs = [ + "src/core/lib/security/credentials/alts/check_gcp_environment.h", + "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h", + "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h", + "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h", + "src/core/tsi/alts/handshaker/transport_security_common_api.h", + ], + external_deps = [ + "nanopb", + ], + language = "c++", + deps = [ + "alts_proto", + "gpr", + "grpc_base", + ], +) + +grpc_cc_library( name = "tsi", srcs = [ "src/core/tsi/alts_transport_security.cc", + "src/core/tsi/alts/handshaker/alts_handshaker_client.cc", + "src/core/tsi/alts/handshaker/alts_tsi_event.cc", + "src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc", + "src/core/tsi/alts/handshaker/alts_tsi_utils.cc", "src/core/tsi/fake_transport_security.cc", "src/core/tsi/ssl_transport_security.cc", "src/core/tsi/transport_security_grpc.cc", ], hdrs = [ "src/core/tsi/alts_transport_security.h", + "src/core/tsi/alts/handshaker/alts_handshaker_client.h", + "src/core/tsi/alts/handshaker/alts_tsi_event.h", + "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h", + "src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h", + "src/core/tsi/alts/handshaker/alts_tsi_utils.h", "src/core/tsi/fake_transport_security.h", "src/core/tsi/ssl_transport_security.h", "src/core/tsi/ssl_types.h", @@ -1602,7 +1710,11 @@ grpc_cc_library( ], language = "c++", deps = [ + "alts_frame_protector", + "alts_util", + "gpr", "grpc_base", + "grpc_transport_chttp2_client_insecure", "tsi_interface", ], ) diff --git a/CMakeLists.txt b/CMakeLists.txt index ab4fa8a253..5dfbdcb85a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -91,6 +91,8 @@ endif() set(CMAKE_POSITION_INDEPENDENT_CODE TRUE) +add_definitions(-DPB_FIELD_16BIT) + if (MSVC) include(cmake/msvc_static_runtime.cmake) add_definitions(-D_WIN32_WINNT=0x600 -D_SCL_SECURE_NO_WARNINGS -D_CRT_SECURE_NO_WARNINGS -D_WINSOCK_DEPRECATED_NO_WARNINGS) @@ -469,6 +471,19 @@ add_dependencies(buildtests_c uri_fuzzer_test_one_entry) add_custom_target(buildtests_cxx) add_dependencies(buildtests_cxx alarm_test) +add_dependencies(buildtests_cxx alts_counter_test) +add_dependencies(buildtests_cxx alts_crypt_test) +add_dependencies(buildtests_cxx alts_crypter_test) +add_dependencies(buildtests_cxx alts_frame_handler_test) +add_dependencies(buildtests_cxx alts_frame_protector_test) +add_dependencies(buildtests_cxx alts_grpc_record_protocol_test) +add_dependencies(buildtests_cxx alts_handshaker_client_test) +add_dependencies(buildtests_cxx alts_handshaker_service_api_test) +add_dependencies(buildtests_cxx alts_iovec_record_protocol_test) +add_dependencies(buildtests_cxx alts_security_connector_test) +add_dependencies(buildtests_cxx alts_tsi_handshaker_test) +add_dependencies(buildtests_cxx alts_tsi_utils_test) +add_dependencies(buildtests_cxx alts_zero_copy_grpc_protector_test) add_dependencies(buildtests_cxx async_end2end_test) add_dependencies(buildtests_cxx auth_property_iterator_test) add_dependencies(buildtests_cxx backoff_test) @@ -517,6 +532,8 @@ add_dependencies(buildtests_cxx bm_pollset) endif() add_dependencies(buildtests_cxx channel_arguments_test) add_dependencies(buildtests_cxx channel_filter_test) +add_dependencies(buildtests_cxx check_gcp_environment_linux_test) +add_dependencies(buildtests_cxx check_gcp_environment_windows_test) add_dependencies(buildtests_cxx chttp2_settings_timeout_test) add_dependencies(buildtests_cxx cli_call_test) add_dependencies(buildtests_cxx client_channel_stress_test) @@ -538,6 +555,7 @@ add_dependencies(buildtests_cxx exception_test) add_dependencies(buildtests_cxx filter_end2end_test) add_dependencies(buildtests_cxx generic_end2end_test) add_dependencies(buildtests_cxx golden_file_test) +add_dependencies(buildtests_cxx grpc_alts_credentials_options_test) add_dependencies(buildtests_cxx grpc_cli) add_dependencies(buildtests_cxx grpc_tool_test) add_dependencies(buildtests_cxx grpclb_api_test) @@ -611,6 +629,7 @@ add_dependencies(buildtests_cxx stress_test) add_dependencies(buildtests_cxx thread_manager_test) add_dependencies(buildtests_cxx thread_stress_test) add_dependencies(buildtests_cxx transport_pid_controller_test) +add_dependencies(buildtests_cxx transport_security_common_api_test) if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX) add_dependencies(buildtests_cxx writes_per_rpc_test) endif() @@ -631,6 +650,44 @@ add_custom_target(buildtests DEPENDS buildtests_c buildtests_cxx) endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_library(alts_test_util + test/core/tsi/alts/crypt/gsec_test_util.cc + test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc +) + +if(WIN32 AND MSVC) + set_target_properties(alts_test_util PROPERTIES COMPILE_PDB_NAME "alts_test_util" + COMPILE_PDB_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}" + ) + if (gRPC_INSTALL) + install(FILES ${CMAKE_CURRENT_BINARY_DIR}/alts_test_util.pdb + DESTINATION ${gRPC_INSTALL_LIBDIR} OPTIONAL + ) + endif() +endif() + + +target_include_directories(alts_test_util + PUBLIC $<INSTALL_INTERFACE:${gRPC_INSTALL_INCLUDEDIR}> $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include> + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} +) + +target_link_libraries(alts_test_util + ${_gRPC_SSL_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + grpc +) + + +endif (gRPC_BUILD_TESTS) add_library(gpr src/core/lib/gpr/alloc.cc @@ -959,6 +1016,7 @@ add_library(grpc src/core/ext/filters/http/server/http_server_filter.cc src/core/lib/http/httpcli_security_connector.cc src/core/lib/security/context/security_context.cc + src/core/lib/security/credentials/alts/alts_credentials.cc src/core/lib/security/credentials/composite/composite_credentials.cc src/core/lib/security/credentials/credentials.cc src/core/lib/security/credentials/credentials_metadata.cc @@ -972,6 +1030,7 @@ add_library(grpc src/core/lib/security/credentials/oauth2/oauth2_credentials.cc src/core/lib/security/credentials/plugin/plugin_credentials.cc src/core/lib/security/credentials/ssl/ssl_credentials.cc + src/core/lib/security/security_connector/alts_security_connector.cc src/core/lib/security/security_connector/security_connector.cc src/core/lib/security/transport/client_auth_filter.cc src/core/lib/security/transport/secure_endpoint.cc @@ -981,14 +1040,45 @@ add_library(grpc src/core/lib/security/transport/tsi_error.cc src/core/lib/security/util/json_util.cc src/core/lib/surface/init_secure.cc - src/core/tsi/alts_transport_security.cc - src/core/tsi/fake_transport_security.cc - src/core/tsi/ssl_transport_security.cc - src/core/tsi/transport_security_grpc.cc + src/core/tsi/alts/crypt/aes_gcm.cc + src/core/tsi/alts/crypt/gsec.cc + src/core/tsi/alts/frame_protector/alts_counter.cc + src/core/tsi/alts/frame_protector/alts_crypter.cc + src/core/tsi/alts/frame_protector/alts_frame_protector.cc + src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc + src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc + src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc + src/core/tsi/alts/frame_protector/frame_handler.cc + src/core/tsi/alts/handshaker/alts_handshaker_client.cc + src/core/tsi/alts/handshaker/alts_tsi_event.cc + src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc + src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc + src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc + src/core/lib/security/credentials/alts/check_gcp_environment.cc + src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc + src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc + src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc + src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc + src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc + src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc + src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc + src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc + src/core/tsi/alts/handshaker/alts_tsi_utils.cc + src/core/tsi/alts/handshaker/transport_security_common_api.cc + src/core/tsi/alts/handshaker/altscontext.pb.c + src/core/tsi/alts/handshaker/handshaker.pb.c + src/core/tsi/alts/handshaker/transport_security_common.pb.c + third_party/nanopb/pb_common.c + third_party/nanopb/pb_decode.c + third_party/nanopb/pb_encode.c src/core/tsi/transport_security.cc src/core/tsi/transport_security_adapter.cc - src/core/ext/transport/chttp2/server/chttp2_server.cc - src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc + src/core/ext/transport/chttp2/client/insecure/channel_create.cc + src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc + src/core/ext/transport/chttp2/client/chttp2_connector.cc src/core/ext/filters/client_channel/backup_poller.cc src/core/ext/filters/client_channel/channel_connectivity.cc src/core/ext/filters/client_channel/client_channel.cc @@ -1012,11 +1102,14 @@ add_library(grpc src/core/ext/filters/client_channel/subchannel_index.cc src/core/ext/filters/client_channel/uri_parser.cc src/core/ext/filters/deadline/deadline_filter.cc - src/core/ext/transport/chttp2/client/chttp2_connector.cc + src/core/tsi/alts_transport_security.cc + src/core/tsi/fake_transport_security.cc + src/core/tsi/ssl_transport_security.cc + src/core/tsi/transport_security_grpc.cc + src/core/ext/transport/chttp2/server/chttp2_server.cc + src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc - src/core/ext/transport/chttp2/client/insecure/channel_create.cc - src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc src/core/ext/transport/inproc/inproc_plugin.cc src/core/ext/transport/inproc/inproc_transport.cc src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc @@ -1025,9 +1118,6 @@ add_library(grpc src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c - third_party/nanopb/pb_common.c - third_party/nanopb/pb_decode.c - third_party/nanopb/pb_encode.c src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc @@ -1327,6 +1417,7 @@ add_library(grpc_cronet src/core/ext/filters/deadline/deadline_filter.cc src/core/lib/http/httpcli_security_connector.cc src/core/lib/security/context/security_context.cc + src/core/lib/security/credentials/alts/alts_credentials.cc src/core/lib/security/credentials/composite/composite_credentials.cc src/core/lib/security/credentials/credentials.cc src/core/lib/security/credentials/credentials_metadata.cc @@ -1340,6 +1431,7 @@ add_library(grpc_cronet src/core/lib/security/credentials/oauth2/oauth2_credentials.cc src/core/lib/security/credentials/plugin/plugin_credentials.cc src/core/lib/security/credentials/ssl/ssl_credentials.cc + src/core/lib/security/security_connector/alts_security_connector.cc src/core/lib/security/security_connector/security_connector.cc src/core/lib/security/transport/client_auth_filter.cc src/core/lib/security/transport/secure_endpoint.cc @@ -1349,13 +1441,49 @@ add_library(grpc_cronet src/core/lib/security/transport/tsi_error.cc src/core/lib/security/util/json_util.cc src/core/lib/surface/init_secure.cc + src/core/tsi/alts/crypt/aes_gcm.cc + src/core/tsi/alts/crypt/gsec.cc + src/core/tsi/alts/frame_protector/alts_counter.cc + src/core/tsi/alts/frame_protector/alts_crypter.cc + src/core/tsi/alts/frame_protector/alts_frame_protector.cc + src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc + src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc + src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc + src/core/tsi/alts/frame_protector/frame_handler.cc + src/core/tsi/alts/handshaker/alts_handshaker_client.cc + src/core/tsi/alts/handshaker/alts_tsi_event.cc + src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc + src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc + src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc + src/core/lib/security/credentials/alts/check_gcp_environment.cc + src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc + src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc + src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc + src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc + src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc + src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc + src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc + src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc + src/core/tsi/alts/handshaker/alts_tsi_utils.cc + src/core/tsi/alts/handshaker/transport_security_common_api.cc + src/core/tsi/alts/handshaker/altscontext.pb.c + src/core/tsi/alts/handshaker/handshaker.pb.c + src/core/tsi/alts/handshaker/transport_security_common.pb.c + third_party/nanopb/pb_common.c + third_party/nanopb/pb_decode.c + third_party/nanopb/pb_encode.c + src/core/tsi/transport_security.cc + src/core/tsi/transport_security_adapter.cc + src/core/ext/transport/chttp2/client/insecure/channel_create.cc + src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc + src/core/ext/transport/chttp2/client/chttp2_connector.cc src/core/tsi/alts_transport_security.cc src/core/tsi/fake_transport_security.cc src/core/tsi/ssl_transport_security.cc src/core/tsi/transport_security_grpc.cc - src/core/tsi/transport_security.cc - src/core/tsi/transport_security_adapter.cc - src/core/ext/transport/chttp2/client/chttp2_connector.cc src/core/ext/filters/load_reporting/server_load_reporting_filter.cc src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc src/core/plugin_registry/grpc_cronet_plugin_registry.cc @@ -8661,6 +8789,462 @@ target_link_libraries(alarm_test endif (gRPC_BUILD_TESTS) if (gRPC_BUILD_TESTS) +add_executable(alts_counter_test + test/core/tsi/alts/frame_protector/alts_counter_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_counter_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_counter_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_crypt_test + test/core/tsi/alts/crypt/aes_gcm_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_crypt_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_crypt_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_crypter_test + test/core/tsi/alts/frame_protector/alts_crypter_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_crypter_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_crypter_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_frame_handler_test + test/core/tsi/alts/frame_protector/frame_handler_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_frame_handler_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_frame_handler_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_frame_protector_test + test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc + test/core/tsi/transport_security_test_lib.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_frame_protector_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_frame_protector_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_grpc_record_protocol_test + test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_grpc_record_protocol_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_grpc_record_protocol_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_handshaker_client_test + test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_handshaker_client_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_handshaker_client_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_handshaker_service_api_test + test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_handshaker_service_api_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_handshaker_service_api_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_iovec_record_protocol_test + test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_iovec_record_protocol_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_iovec_record_protocol_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_security_connector_test + test/core/security/alts_security_connector_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_security_connector_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_security_connector_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_tsi_handshaker_test + test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_tsi_handshaker_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_tsi_handshaker_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_tsi_utils_test + test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_tsi_utils_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_tsi_utils_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(alts_zero_copy_grpc_protector_test + test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(alts_zero_copy_grpc_protector_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_zero_copy_grpc_protector_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + add_executable(async_end2end_test test/cpp/end2end/async_end2end_test.cc third_party/googletest/googletest/src/gtest-all.cc @@ -9470,6 +10054,74 @@ target_link_libraries(channel_filter_test endif (gRPC_BUILD_TESTS) if (gRPC_BUILD_TESTS) +add_executable(check_gcp_environment_linux_test + test/core/security/check_gcp_environment_linux_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(check_gcp_environment_linux_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(check_gcp_environment_linux_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + grpc + gpr + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + +add_executable(check_gcp_environment_windows_test + test/core/security/check_gcp_environment_windows_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(check_gcp_environment_windows_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(check_gcp_environment_windows_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + grpc + gpr + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + add_executable(chttp2_settings_timeout_test test/core/transport/chttp2/settings_timeout_test.cc third_party/googletest/googletest/src/gtest-all.cc @@ -10263,6 +10915,40 @@ target_link_libraries(golden_file_test endif (gRPC_BUILD_TESTS) if (gRPC_BUILD_TESTS) +add_executable(grpc_alts_credentials_options_test + test/core/security/grpc_alts_credentials_options_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(grpc_alts_credentials_options_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(grpc_alts_credentials_options_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + grpc + gpr + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) + add_executable(grpc_cli test/cpp/util/grpc_cli.cc third_party/googletest/googletest/src/gtest-all.cc @@ -12603,6 +13289,41 @@ target_link_libraries(transport_pid_controller_test endif (gRPC_BUILD_TESTS) if (gRPC_BUILD_TESTS) + +add_executable(transport_security_common_api_test + test/core/tsi/alts/handshaker/transport_security_common_api_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + + +target_include_directories(transport_security_common_api_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${_gRPC_SSL_INCLUDE_DIR} + PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR} + PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR} + PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR} + PRIVATE ${_gRPC_CARES_INCLUDE_DIR} + PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR} + PRIVATE third_party/googletest/googletest/include + PRIVATE third_party/googletest/googletest + PRIVATE third_party/googletest/googlemock/include + PRIVATE third_party/googletest/googlemock + PRIVATE ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(transport_security_common_api_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + alts_test_util + gpr + grpc + ${_gRPC_GFLAGS_LIBRARIES} +) + +endif (gRPC_BUILD_TESTS) +if (gRPC_BUILD_TESTS) if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX) add_executable(writes_per_rpc_test @@ -338,6 +338,8 @@ CPPFLAGS += -g -Wall -Wextra -Werror -Wno-long-long -Wno-unused-parameter -DOSAT COREFLAGS += -fno-rtti -fno-exceptions LDFLAGS += -g +DEFINES += PB_FIELD_16BIT + CPPFLAGS += $(CPPFLAGS_$(CONFIG)) CFLAGS += $(CFLAGS_$(CONFIG)) CXXFLAGS += $(CXXFLAGS_$(CONFIG)) @@ -1094,6 +1096,19 @@ uri_fuzzer_test: $(BINDIR)/$(CONFIG)/uri_fuzzer_test uri_parser_test: $(BINDIR)/$(CONFIG)/uri_parser_test wakeup_fd_cv_test: $(BINDIR)/$(CONFIG)/wakeup_fd_cv_test alarm_test: $(BINDIR)/$(CONFIG)/alarm_test +alts_counter_test: $(BINDIR)/$(CONFIG)/alts_counter_test +alts_crypt_test: $(BINDIR)/$(CONFIG)/alts_crypt_test +alts_crypter_test: $(BINDIR)/$(CONFIG)/alts_crypter_test +alts_frame_handler_test: $(BINDIR)/$(CONFIG)/alts_frame_handler_test +alts_frame_protector_test: $(BINDIR)/$(CONFIG)/alts_frame_protector_test +alts_grpc_record_protocol_test: $(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test +alts_handshaker_client_test: $(BINDIR)/$(CONFIG)/alts_handshaker_client_test +alts_handshaker_service_api_test: $(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test +alts_iovec_record_protocol_test: $(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test +alts_security_connector_test: $(BINDIR)/$(CONFIG)/alts_security_connector_test +alts_tsi_handshaker_test: $(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test +alts_tsi_utils_test: $(BINDIR)/$(CONFIG)/alts_tsi_utils_test +alts_zero_copy_grpc_protector_test: $(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test async_end2end_test: $(BINDIR)/$(CONFIG)/async_end2end_test auth_property_iterator_test: $(BINDIR)/$(CONFIG)/auth_property_iterator_test backoff_test: $(BINDIR)/$(CONFIG)/backoff_test @@ -1114,6 +1129,8 @@ bm_metadata: $(BINDIR)/$(CONFIG)/bm_metadata bm_pollset: $(BINDIR)/$(CONFIG)/bm_pollset channel_arguments_test: $(BINDIR)/$(CONFIG)/channel_arguments_test channel_filter_test: $(BINDIR)/$(CONFIG)/channel_filter_test +check_gcp_environment_linux_test: $(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test +check_gcp_environment_windows_test: $(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test chttp2_settings_timeout_test: $(BINDIR)/$(CONFIG)/chttp2_settings_timeout_test cli_call_test: $(BINDIR)/$(CONFIG)/cli_call_test client_channel_stress_test: $(BINDIR)/$(CONFIG)/client_channel_stress_test @@ -1133,6 +1150,7 @@ exception_test: $(BINDIR)/$(CONFIG)/exception_test filter_end2end_test: $(BINDIR)/$(CONFIG)/filter_end2end_test generic_end2end_test: $(BINDIR)/$(CONFIG)/generic_end2end_test golden_file_test: $(BINDIR)/$(CONFIG)/golden_file_test +grpc_alts_credentials_options_test: $(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test grpc_cli: $(BINDIR)/$(CONFIG)/grpc_cli grpc_cpp_plugin: $(BINDIR)/$(CONFIG)/grpc_cpp_plugin grpc_csharp_plugin: $(BINDIR)/$(CONFIG)/grpc_csharp_plugin @@ -1191,6 +1209,7 @@ stress_test: $(BINDIR)/$(CONFIG)/stress_test thread_manager_test: $(BINDIR)/$(CONFIG)/thread_manager_test thread_stress_test: $(BINDIR)/$(CONFIG)/thread_stress_test transport_pid_controller_test: $(BINDIR)/$(CONFIG)/transport_pid_controller_test +transport_security_common_api_test: $(BINDIR)/$(CONFIG)/transport_security_common_api_test writes_per_rpc_test: $(BINDIR)/$(CONFIG)/writes_per_rpc_test public_headers_must_be_c89: $(BINDIR)/$(CONFIG)/public_headers_must_be_c89 gen_hpack_tables: $(BINDIR)/$(CONFIG)/gen_hpack_tables @@ -1352,7 +1371,7 @@ plugins: $(PROTOC_PLUGINS) privatelibs: privatelibs_c privatelibs_cxx -privatelibs_c: $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util_unsecure.a $(LIBDIR)/$(CONFIG)/libreconnect_server.a $(LIBDIR)/$(CONFIG)/libtest_tcp_server.a $(LIBDIR)/$(CONFIG)/libz.a $(LIBDIR)/$(CONFIG)/libares.a $(LIBDIR)/$(CONFIG)/libbad_client_test.a $(LIBDIR)/$(CONFIG)/libbad_ssl_test_server.a $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libend2end_nosec_tests.a +privatelibs_c: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util_unsecure.a $(LIBDIR)/$(CONFIG)/libreconnect_server.a $(LIBDIR)/$(CONFIG)/libtest_tcp_server.a $(LIBDIR)/$(CONFIG)/libz.a $(LIBDIR)/$(CONFIG)/libares.a $(LIBDIR)/$(CONFIG)/libbad_client_test.a $(LIBDIR)/$(CONFIG)/libbad_ssl_test_server.a $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libend2end_nosec_tests.a pc_c: $(LIBDIR)/$(CONFIG)/pkgconfig/grpc.pc pc_c_unsecure: $(LIBDIR)/$(CONFIG)/pkgconfig/grpc_unsecure.pc @@ -1562,6 +1581,19 @@ buildtests_c: privatelibs_c \ ifeq ($(EMBED_OPENSSL),true) buildtests_cxx: privatelibs_cxx \ $(BINDIR)/$(CONFIG)/alarm_test \ + $(BINDIR)/$(CONFIG)/alts_counter_test \ + $(BINDIR)/$(CONFIG)/alts_crypt_test \ + $(BINDIR)/$(CONFIG)/alts_crypter_test \ + $(BINDIR)/$(CONFIG)/alts_frame_handler_test \ + $(BINDIR)/$(CONFIG)/alts_frame_protector_test \ + $(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test \ + $(BINDIR)/$(CONFIG)/alts_handshaker_client_test \ + $(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test \ + $(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test \ + $(BINDIR)/$(CONFIG)/alts_security_connector_test \ + $(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test \ + $(BINDIR)/$(CONFIG)/alts_tsi_utils_test \ + $(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test \ $(BINDIR)/$(CONFIG)/async_end2end_test \ $(BINDIR)/$(CONFIG)/auth_property_iterator_test \ $(BINDIR)/$(CONFIG)/backoff_test \ @@ -1582,6 +1614,8 @@ buildtests_cxx: privatelibs_cxx \ $(BINDIR)/$(CONFIG)/bm_pollset \ $(BINDIR)/$(CONFIG)/channel_arguments_test \ $(BINDIR)/$(CONFIG)/channel_filter_test \ + $(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test \ + $(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test \ $(BINDIR)/$(CONFIG)/chttp2_settings_timeout_test \ $(BINDIR)/$(CONFIG)/cli_call_test \ $(BINDIR)/$(CONFIG)/client_channel_stress_test \ @@ -1601,6 +1635,7 @@ buildtests_cxx: privatelibs_cxx \ $(BINDIR)/$(CONFIG)/filter_end2end_test \ $(BINDIR)/$(CONFIG)/generic_end2end_test \ $(BINDIR)/$(CONFIG)/golden_file_test \ + $(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test \ $(BINDIR)/$(CONFIG)/grpc_cli \ $(BINDIR)/$(CONFIG)/grpc_tool_test \ $(BINDIR)/$(CONFIG)/grpclb_api_test \ @@ -1652,6 +1687,7 @@ buildtests_cxx: privatelibs_cxx \ $(BINDIR)/$(CONFIG)/thread_manager_test \ $(BINDIR)/$(CONFIG)/thread_stress_test \ $(BINDIR)/$(CONFIG)/transport_pid_controller_test \ + $(BINDIR)/$(CONFIG)/transport_security_common_api_test \ $(BINDIR)/$(CONFIG)/writes_per_rpc_test \ $(BINDIR)/$(CONFIG)/boringssl_crypto_test_data \ $(BINDIR)/$(CONFIG)/boringssl_asn1_test \ @@ -1710,6 +1746,19 @@ buildtests_cxx: privatelibs_cxx \ else buildtests_cxx: privatelibs_cxx \ $(BINDIR)/$(CONFIG)/alarm_test \ + $(BINDIR)/$(CONFIG)/alts_counter_test \ + $(BINDIR)/$(CONFIG)/alts_crypt_test \ + $(BINDIR)/$(CONFIG)/alts_crypter_test \ + $(BINDIR)/$(CONFIG)/alts_frame_handler_test \ + $(BINDIR)/$(CONFIG)/alts_frame_protector_test \ + $(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test \ + $(BINDIR)/$(CONFIG)/alts_handshaker_client_test \ + $(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test \ + $(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test \ + $(BINDIR)/$(CONFIG)/alts_security_connector_test \ + $(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test \ + $(BINDIR)/$(CONFIG)/alts_tsi_utils_test \ + $(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test \ $(BINDIR)/$(CONFIG)/async_end2end_test \ $(BINDIR)/$(CONFIG)/auth_property_iterator_test \ $(BINDIR)/$(CONFIG)/backoff_test \ @@ -1730,6 +1779,8 @@ buildtests_cxx: privatelibs_cxx \ $(BINDIR)/$(CONFIG)/bm_pollset \ $(BINDIR)/$(CONFIG)/channel_arguments_test \ $(BINDIR)/$(CONFIG)/channel_filter_test \ + $(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test \ + $(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test \ $(BINDIR)/$(CONFIG)/chttp2_settings_timeout_test \ $(BINDIR)/$(CONFIG)/cli_call_test \ $(BINDIR)/$(CONFIG)/client_channel_stress_test \ @@ -1749,6 +1800,7 @@ buildtests_cxx: privatelibs_cxx \ $(BINDIR)/$(CONFIG)/filter_end2end_test \ $(BINDIR)/$(CONFIG)/generic_end2end_test \ $(BINDIR)/$(CONFIG)/golden_file_test \ + $(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test \ $(BINDIR)/$(CONFIG)/grpc_cli \ $(BINDIR)/$(CONFIG)/grpc_tool_test \ $(BINDIR)/$(CONFIG)/grpclb_api_test \ @@ -1800,6 +1852,7 @@ buildtests_cxx: privatelibs_cxx \ $(BINDIR)/$(CONFIG)/thread_manager_test \ $(BINDIR)/$(CONFIG)/thread_stress_test \ $(BINDIR)/$(CONFIG)/transport_pid_controller_test \ + $(BINDIR)/$(CONFIG)/transport_security_common_api_test \ $(BINDIR)/$(CONFIG)/writes_per_rpc_test \ $(BINDIR)/$(CONFIG)/resolver_component_test_unsecure \ $(BINDIR)/$(CONFIG)/resolver_component_test \ @@ -2086,6 +2139,32 @@ flaky_test_c: buildtests_c test_cxx: buildtests_cxx $(E) "[RUN] Testing alarm_test" $(Q) $(BINDIR)/$(CONFIG)/alarm_test || ( echo test alarm_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_counter_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_counter_test || ( echo test alts_counter_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_crypt_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_crypt_test || ( echo test alts_crypt_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_crypter_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_crypter_test || ( echo test alts_crypter_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_frame_handler_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_frame_handler_test || ( echo test alts_frame_handler_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_frame_protector_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_frame_protector_test || ( echo test alts_frame_protector_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_grpc_record_protocol_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test || ( echo test alts_grpc_record_protocol_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_handshaker_client_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_handshaker_client_test || ( echo test alts_handshaker_client_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_handshaker_service_api_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test || ( echo test alts_handshaker_service_api_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_iovec_record_protocol_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test || ( echo test alts_iovec_record_protocol_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_security_connector_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_security_connector_test || ( echo test alts_security_connector_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_tsi_handshaker_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test || ( echo test alts_tsi_handshaker_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_tsi_utils_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_tsi_utils_test || ( echo test alts_tsi_utils_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_zero_copy_grpc_protector_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test || ( echo test alts_zero_copy_grpc_protector_test failed ; exit 1 ) $(E) "[RUN] Testing async_end2end_test" $(Q) $(BINDIR)/$(CONFIG)/async_end2end_test || ( echo test async_end2end_test failed ; exit 1 ) $(E) "[RUN] Testing auth_property_iterator_test" @@ -2126,6 +2205,10 @@ test_cxx: buildtests_cxx $(Q) $(BINDIR)/$(CONFIG)/channel_arguments_test || ( echo test channel_arguments_test failed ; exit 1 ) $(E) "[RUN] Testing channel_filter_test" $(Q) $(BINDIR)/$(CONFIG)/channel_filter_test || ( echo test channel_filter_test failed ; exit 1 ) + $(E) "[RUN] Testing check_gcp_environment_linux_test" + $(Q) $(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test || ( echo test check_gcp_environment_linux_test failed ; exit 1 ) + $(E) "[RUN] Testing check_gcp_environment_windows_test" + $(Q) $(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test || ( echo test check_gcp_environment_windows_test failed ; exit 1 ) $(E) "[RUN] Testing chttp2_settings_timeout_test" $(Q) $(BINDIR)/$(CONFIG)/chttp2_settings_timeout_test || ( echo test chttp2_settings_timeout_test failed ; exit 1 ) $(E) "[RUN] Testing cli_call_test" @@ -2162,6 +2245,8 @@ test_cxx: buildtests_cxx $(Q) $(BINDIR)/$(CONFIG)/generic_end2end_test || ( echo test generic_end2end_test failed ; exit 1 ) $(E) "[RUN] Testing golden_file_test" $(Q) $(BINDIR)/$(CONFIG)/golden_file_test || ( echo test golden_file_test failed ; exit 1 ) + $(E) "[RUN] Testing grpc_alts_credentials_options_test" + $(Q) $(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test || ( echo test grpc_alts_credentials_options_test failed ; exit 1 ) $(E) "[RUN] Testing grpc_tool_test" $(Q) $(BINDIR)/$(CONFIG)/grpc_tool_test || ( echo test grpc_tool_test failed ; exit 1 ) $(E) "[RUN] Testing grpclb_api_test" @@ -2236,6 +2321,8 @@ test_cxx: buildtests_cxx $(Q) $(BINDIR)/$(CONFIG)/thread_stress_test || ( echo test thread_stress_test failed ; exit 1 ) $(E) "[RUN] Testing transport_pid_controller_test" $(Q) $(BINDIR)/$(CONFIG)/transport_pid_controller_test || ( echo test transport_pid_controller_test failed ; exit 1 ) + $(E) "[RUN] Testing transport_security_common_api_test" + $(Q) $(BINDIR)/$(CONFIG)/transport_security_common_api_test || ( echo test transport_security_common_api_test failed ; exit 1 ) $(E) "[RUN] Testing writes_per_rpc_test" $(Q) $(BINDIR)/$(CONFIG)/writes_per_rpc_test || ( echo test writes_per_rpc_test failed ; exit 1 ) $(E) "[RUN] Testing resolver_component_tests_runner_invoker_unsecure" @@ -2893,6 +2980,46 @@ clean: # The various libraries +LIBALTS_TEST_UTIL_SRC = \ + test/core/tsi/alts/crypt/gsec_test_util.cc \ + test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc \ + +PUBLIC_HEADERS_C += \ + +LIBALTS_TEST_UTIL_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(LIBALTS_TEST_UTIL_SRC)))) + + +ifeq ($(NO_SECURE),true) + +# You can't build secure libraries if you don't have OpenSSL. + +$(LIBDIR)/$(CONFIG)/libalts_test_util.a: openssl_dep_error + + +else + + +$(LIBDIR)/$(CONFIG)/libalts_test_util.a: $(ZLIB_DEP) $(OPENSSL_DEP) $(CARES_DEP) $(LIBALTS_TEST_UTIL_OBJS) + $(E) "[AR] Creating $@" + $(Q) mkdir -p `dirname $@` + $(Q) rm -f $(LIBDIR)/$(CONFIG)/libalts_test_util.a + $(Q) $(AR) $(AROPTS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBALTS_TEST_UTIL_OBJS) +ifeq ($(SYSTEM),Darwin) + $(Q) ranlib -no_warning_for_no_symbols $(LIBDIR)/$(CONFIG)/libalts_test_util.a +endif + + + + +endif + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(LIBALTS_TEST_UTIL_OBJS:.o=.dep) +endif +endif + + LIBGPR_SRC = \ src/core/lib/gpr/alloc.cc \ src/core/lib/gpr/arena.cc \ @@ -3195,6 +3322,7 @@ LIBGRPC_SRC = \ src/core/ext/filters/http/server/http_server_filter.cc \ src/core/lib/http/httpcli_security_connector.cc \ src/core/lib/security/context/security_context.cc \ + src/core/lib/security/credentials/alts/alts_credentials.cc \ src/core/lib/security/credentials/composite/composite_credentials.cc \ src/core/lib/security/credentials/credentials.cc \ src/core/lib/security/credentials/credentials_metadata.cc \ @@ -3208,6 +3336,7 @@ LIBGRPC_SRC = \ src/core/lib/security/credentials/oauth2/oauth2_credentials.cc \ src/core/lib/security/credentials/plugin/plugin_credentials.cc \ src/core/lib/security/credentials/ssl/ssl_credentials.cc \ + src/core/lib/security/security_connector/alts_security_connector.cc \ src/core/lib/security/security_connector/security_connector.cc \ src/core/lib/security/transport/client_auth_filter.cc \ src/core/lib/security/transport/secure_endpoint.cc \ @@ -3217,14 +3346,45 @@ LIBGRPC_SRC = \ src/core/lib/security/transport/tsi_error.cc \ src/core/lib/security/util/json_util.cc \ src/core/lib/surface/init_secure.cc \ - src/core/tsi/alts_transport_security.cc \ - src/core/tsi/fake_transport_security.cc \ - src/core/tsi/ssl_transport_security.cc \ - src/core/tsi/transport_security_grpc.cc \ + src/core/tsi/alts/crypt/aes_gcm.cc \ + src/core/tsi/alts/crypt/gsec.cc \ + src/core/tsi/alts/frame_protector/alts_counter.cc \ + src/core/tsi/alts/frame_protector/alts_crypter.cc \ + src/core/tsi/alts/frame_protector/alts_frame_protector.cc \ + src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc \ + src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc \ + src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc \ + src/core/tsi/alts/frame_protector/frame_handler.cc \ + src/core/tsi/alts/handshaker/alts_handshaker_client.cc \ + src/core/tsi/alts/handshaker/alts_tsi_event.cc \ + src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc \ + src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \ + src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \ + src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \ + src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc \ + src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc \ + src/core/tsi/alts/handshaker/alts_tsi_utils.cc \ + src/core/tsi/alts/handshaker/transport_security_common_api.cc \ + src/core/tsi/alts/handshaker/altscontext.pb.c \ + src/core/tsi/alts/handshaker/handshaker.pb.c \ + src/core/tsi/alts/handshaker/transport_security_common.pb.c \ + third_party/nanopb/pb_common.c \ + third_party/nanopb/pb_decode.c \ + third_party/nanopb/pb_encode.c \ src/core/tsi/transport_security.cc \ src/core/tsi/transport_security_adapter.cc \ - src/core/ext/transport/chttp2/server/chttp2_server.cc \ - src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \ + src/core/ext/transport/chttp2/client/insecure/channel_create.cc \ + src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \ + src/core/ext/transport/chttp2/client/chttp2_connector.cc \ src/core/ext/filters/client_channel/backup_poller.cc \ src/core/ext/filters/client_channel/channel_connectivity.cc \ src/core/ext/filters/client_channel/client_channel.cc \ @@ -3248,11 +3408,14 @@ LIBGRPC_SRC = \ src/core/ext/filters/client_channel/subchannel_index.cc \ src/core/ext/filters/client_channel/uri_parser.cc \ src/core/ext/filters/deadline/deadline_filter.cc \ - src/core/ext/transport/chttp2/client/chttp2_connector.cc \ + src/core/tsi/alts_transport_security.cc \ + src/core/tsi/fake_transport_security.cc \ + src/core/tsi/ssl_transport_security.cc \ + src/core/tsi/transport_security_grpc.cc \ + src/core/ext/transport/chttp2/server/chttp2_server.cc \ + src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \ src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc \ src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc \ - src/core/ext/transport/chttp2/client/insecure/channel_create.cc \ - src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \ src/core/ext/transport/inproc/inproc_plugin.cc \ src/core/ext/transport/inproc/inproc_transport.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc \ @@ -3261,9 +3424,6 @@ LIBGRPC_SRC = \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c \ - third_party/nanopb/pb_common.c \ - third_party/nanopb/pb_decode.c \ - third_party/nanopb/pb_encode.c \ src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc \ src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc \ src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc \ @@ -3565,6 +3725,7 @@ LIBGRPC_CRONET_SRC = \ src/core/ext/filters/deadline/deadline_filter.cc \ src/core/lib/http/httpcli_security_connector.cc \ src/core/lib/security/context/security_context.cc \ + src/core/lib/security/credentials/alts/alts_credentials.cc \ src/core/lib/security/credentials/composite/composite_credentials.cc \ src/core/lib/security/credentials/credentials.cc \ src/core/lib/security/credentials/credentials_metadata.cc \ @@ -3578,6 +3739,7 @@ LIBGRPC_CRONET_SRC = \ src/core/lib/security/credentials/oauth2/oauth2_credentials.cc \ src/core/lib/security/credentials/plugin/plugin_credentials.cc \ src/core/lib/security/credentials/ssl/ssl_credentials.cc \ + src/core/lib/security/security_connector/alts_security_connector.cc \ src/core/lib/security/security_connector/security_connector.cc \ src/core/lib/security/transport/client_auth_filter.cc \ src/core/lib/security/transport/secure_endpoint.cc \ @@ -3587,13 +3749,49 @@ LIBGRPC_CRONET_SRC = \ src/core/lib/security/transport/tsi_error.cc \ src/core/lib/security/util/json_util.cc \ src/core/lib/surface/init_secure.cc \ + src/core/tsi/alts/crypt/aes_gcm.cc \ + src/core/tsi/alts/crypt/gsec.cc \ + src/core/tsi/alts/frame_protector/alts_counter.cc \ + src/core/tsi/alts/frame_protector/alts_crypter.cc \ + src/core/tsi/alts/frame_protector/alts_frame_protector.cc \ + src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc \ + src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc \ + src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc \ + src/core/tsi/alts/frame_protector/frame_handler.cc \ + src/core/tsi/alts/handshaker/alts_handshaker_client.cc \ + src/core/tsi/alts/handshaker/alts_tsi_event.cc \ + src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc \ + src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \ + src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \ + src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \ + src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc \ + src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc \ + src/core/tsi/alts/handshaker/alts_tsi_utils.cc \ + src/core/tsi/alts/handshaker/transport_security_common_api.cc \ + src/core/tsi/alts/handshaker/altscontext.pb.c \ + src/core/tsi/alts/handshaker/handshaker.pb.c \ + src/core/tsi/alts/handshaker/transport_security_common.pb.c \ + third_party/nanopb/pb_common.c \ + third_party/nanopb/pb_decode.c \ + third_party/nanopb/pb_encode.c \ + src/core/tsi/transport_security.cc \ + src/core/tsi/transport_security_adapter.cc \ + src/core/ext/transport/chttp2/client/insecure/channel_create.cc \ + src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \ + src/core/ext/transport/chttp2/client/chttp2_connector.cc \ src/core/tsi/alts_transport_security.cc \ src/core/tsi/fake_transport_security.cc \ src/core/tsi/ssl_transport_security.cc \ src/core/tsi/transport_security_grpc.cc \ - src/core/tsi/transport_security.cc \ - src/core/tsi/transport_security_adapter.cc \ - src/core/ext/transport/chttp2/client/chttp2_connector.cc \ src/core/ext/filters/load_reporting/server_load_reporting_filter.cc \ src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc \ src/core/plugin_registry/grpc_cronet_plugin_registry.cc \ @@ -14241,6 +14439,568 @@ endif endif +ALTS_COUNTER_TEST_SRC = \ + test/core/tsi/alts/frame_protector/alts_counter_test.cc \ + +ALTS_COUNTER_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_COUNTER_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_counter_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_counter_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_counter_test: $(PROTOBUF_DEP) $(ALTS_COUNTER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_COUNTER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_counter_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/frame_protector/alts_counter_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_counter_test: $(ALTS_COUNTER_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_COUNTER_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_CRYPT_TEST_SRC = \ + test/core/tsi/alts/crypt/aes_gcm_test.cc \ + +ALTS_CRYPT_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_CRYPT_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_crypt_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_crypt_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_crypt_test: $(PROTOBUF_DEP) $(ALTS_CRYPT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_CRYPT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_crypt_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/crypt/aes_gcm_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_crypt_test: $(ALTS_CRYPT_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_CRYPT_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_CRYPTER_TEST_SRC = \ + test/core/tsi/alts/frame_protector/alts_crypter_test.cc \ + +ALTS_CRYPTER_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_CRYPTER_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_crypter_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_crypter_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_crypter_test: $(PROTOBUF_DEP) $(ALTS_CRYPTER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_CRYPTER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_crypter_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/frame_protector/alts_crypter_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_crypter_test: $(ALTS_CRYPTER_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_CRYPTER_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_FRAME_HANDLER_TEST_SRC = \ + test/core/tsi/alts/frame_protector/frame_handler_test.cc \ + +ALTS_FRAME_HANDLER_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_FRAME_HANDLER_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_frame_handler_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_frame_handler_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_frame_handler_test: $(PROTOBUF_DEP) $(ALTS_FRAME_HANDLER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_FRAME_HANDLER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_frame_handler_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/frame_protector/frame_handler_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_frame_handler_test: $(ALTS_FRAME_HANDLER_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_FRAME_HANDLER_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_FRAME_PROTECTOR_TEST_SRC = \ + test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc \ + test/core/tsi/transport_security_test_lib.cc \ + +ALTS_FRAME_PROTECTOR_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_FRAME_PROTECTOR_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_frame_protector_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_frame_protector_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_frame_protector_test: $(PROTOBUF_DEP) $(ALTS_FRAME_PROTECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_FRAME_PROTECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_frame_protector_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/frame_protector/alts_frame_protector_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +$(OBJDIR)/$(CONFIG)/test/core/tsi/transport_security_test_lib.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_frame_protector_test: $(ALTS_FRAME_PROTECTOR_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_FRAME_PROTECTOR_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_GRPC_RECORD_PROTOCOL_TEST_SRC = \ + test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc \ + +ALTS_GRPC_RECORD_PROTOCOL_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_GRPC_RECORD_PROTOCOL_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test: $(PROTOBUF_DEP) $(ALTS_GRPC_RECORD_PROTOCOL_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_GRPC_RECORD_PROTOCOL_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_grpc_record_protocol_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_grpc_record_protocol_test: $(ALTS_GRPC_RECORD_PROTOCOL_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_GRPC_RECORD_PROTOCOL_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_HANDSHAKER_CLIENT_TEST_SRC = \ + test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc \ + +ALTS_HANDSHAKER_CLIENT_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_HANDSHAKER_CLIENT_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_handshaker_client_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_handshaker_client_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_handshaker_client_test: $(PROTOBUF_DEP) $(ALTS_HANDSHAKER_CLIENT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_HANDSHAKER_CLIENT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_handshaker_client_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/handshaker/alts_handshaker_client_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_handshaker_client_test: $(ALTS_HANDSHAKER_CLIENT_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_HANDSHAKER_CLIENT_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_HANDSHAKER_SERVICE_API_TEST_SRC = \ + test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc \ + +ALTS_HANDSHAKER_SERVICE_API_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_HANDSHAKER_SERVICE_API_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test: $(PROTOBUF_DEP) $(ALTS_HANDSHAKER_SERVICE_API_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_HANDSHAKER_SERVICE_API_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_handshaker_service_api_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_handshaker_service_api_test: $(ALTS_HANDSHAKER_SERVICE_API_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_HANDSHAKER_SERVICE_API_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_IOVEC_RECORD_PROTOCOL_TEST_SRC = \ + test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc \ + +ALTS_IOVEC_RECORD_PROTOCOL_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_IOVEC_RECORD_PROTOCOL_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test: $(PROTOBUF_DEP) $(ALTS_IOVEC_RECORD_PROTOCOL_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_IOVEC_RECORD_PROTOCOL_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_iovec_record_protocol_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_iovec_record_protocol_test: $(ALTS_IOVEC_RECORD_PROTOCOL_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_IOVEC_RECORD_PROTOCOL_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_SECURITY_CONNECTOR_TEST_SRC = \ + test/core/security/alts_security_connector_test.cc \ + +ALTS_SECURITY_CONNECTOR_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_SECURITY_CONNECTOR_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_security_connector_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_security_connector_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_security_connector_test: $(PROTOBUF_DEP) $(ALTS_SECURITY_CONNECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_SECURITY_CONNECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_security_connector_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/security/alts_security_connector_test.o: $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_security_connector_test: $(ALTS_SECURITY_CONNECTOR_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_SECURITY_CONNECTOR_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_TSI_HANDSHAKER_TEST_SRC = \ + test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc \ + +ALTS_TSI_HANDSHAKER_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_TSI_HANDSHAKER_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test: $(PROTOBUF_DEP) $(ALTS_TSI_HANDSHAKER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_TSI_HANDSHAKER_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_tsi_handshaker_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_tsi_handshaker_test: $(ALTS_TSI_HANDSHAKER_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_TSI_HANDSHAKER_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_TSI_UTILS_TEST_SRC = \ + test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc \ + +ALTS_TSI_UTILS_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_TSI_UTILS_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_tsi_utils_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_tsi_utils_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_tsi_utils_test: $(PROTOBUF_DEP) $(ALTS_TSI_UTILS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_TSI_UTILS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_tsi_utils_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/handshaker/alts_tsi_utils_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_tsi_utils_test: $(ALTS_TSI_UTILS_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_TSI_UTILS_TEST_OBJS:.o=.dep) +endif +endif + + +ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_SRC = \ + test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc \ + +ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test: $(PROTOBUF_DEP) $(ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_zero_copy_grpc_protector_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_alts_zero_copy_grpc_protector_test: $(ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_ZERO_COPY_GRPC_PROTECTOR_TEST_OBJS:.o=.dep) +endif +endif + + ASYNC_END2END_TEST_SRC = \ test/cpp/end2end/async_end2end_test.cc \ @@ -15115,6 +15875,92 @@ endif endif +CHECK_GCP_ENVIRONMENT_LINUX_TEST_SRC = \ + test/core/security/check_gcp_environment_linux_test.cc \ + +CHECK_GCP_ENVIRONMENT_LINUX_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(CHECK_GCP_ENVIRONMENT_LINUX_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test: $(PROTOBUF_DEP) $(CHECK_GCP_ENVIRONMENT_LINUX_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(CHECK_GCP_ENVIRONMENT_LINUX_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/check_gcp_environment_linux_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/security/check_gcp_environment_linux_test.o: $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a + +deps_check_gcp_environment_linux_test: $(CHECK_GCP_ENVIRONMENT_LINUX_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(CHECK_GCP_ENVIRONMENT_LINUX_TEST_OBJS:.o=.dep) +endif +endif + + +CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_SRC = \ + test/core/security/check_gcp_environment_windows_test.cc \ + +CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test: $(PROTOBUF_DEP) $(CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/check_gcp_environment_windows_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/security/check_gcp_environment_windows_test.o: $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a + +deps_check_gcp_environment_windows_test: $(CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(CHECK_GCP_ENVIRONMENT_WINDOWS_TEST_OBJS:.o=.dep) +endif +endif + + CHTTP2_SETTINGS_TIMEOUT_TEST_SRC = \ test/core/transport/chttp2/settings_timeout_test.cc \ @@ -15980,6 +16826,49 @@ endif $(OBJDIR)/$(CONFIG)/test/cpp/codegen/golden_file_test.o: $(GENDIR)/src/proto/grpc/testing/compiler_test.pb.cc $(GENDIR)/src/proto/grpc/testing/compiler_test.grpc.pb.cc +GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_SRC = \ + test/core/security/grpc_alts_credentials_options_test.cc \ + +GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test: $(PROTOBUF_DEP) $(GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/security/grpc_alts_credentials_options_test.o: $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a + +deps_grpc_alts_credentials_options_test: $(GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(GRPC_ALTS_CREDENTIALS_OPTIONS_TEST_OBJS:.o=.dep) +endif +endif + + GRPC_CLI_SRC = \ test/cpp/util/grpc_cli.cc \ @@ -18433,6 +19322,49 @@ endif endif +TRANSPORT_SECURITY_COMMON_API_TEST_SRC = \ + test/core/tsi/alts/handshaker/transport_security_common_api_test.cc \ + +TRANSPORT_SECURITY_COMMON_API_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(TRANSPORT_SECURITY_COMMON_API_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/transport_security_common_api_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+. + +$(BINDIR)/$(CONFIG)/transport_security_common_api_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/transport_security_common_api_test: $(PROTOBUF_DEP) $(TRANSPORT_SECURITY_COMMON_API_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(TRANSPORT_SECURITY_COMMON_API_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/transport_security_common_api_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/core/tsi/alts/handshaker/transport_security_common_api_test.o: $(LIBDIR)/$(CONFIG)/libalts_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a + +deps_transport_security_common_api_test: $(TRANSPORT_SECURITY_COMMON_API_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(TRANSPORT_SECURITY_COMMON_API_TEST_OBJS:.o=.dep) +endif +endif + + WRITES_PER_RPC_TEST_SRC = \ test/cpp/performance/writes_per_rpc_test.cc \ @@ -22403,6 +23335,14 @@ src/core/ext/transport/cronet/transport/cronet_api_dummy.cc: $(OPENSSL_DEP) src/core/ext/transport/cronet/transport/cronet_transport.cc: $(OPENSSL_DEP) src/core/lib/http/httpcli_security_connector.cc: $(OPENSSL_DEP) src/core/lib/security/context/security_context.cc: $(OPENSSL_DEP) +src/core/lib/security/credentials/alts/alts_credentials.cc: $(OPENSSL_DEP) +src/core/lib/security/credentials/alts/check_gcp_environment.cc: $(OPENSSL_DEP) +src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc: $(OPENSSL_DEP) +src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc: $(OPENSSL_DEP) +src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc: $(OPENSSL_DEP) +src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc: $(OPENSSL_DEP) +src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc: $(OPENSSL_DEP) +src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/composite/composite_credentials.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/credentials.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/credentials_metadata.cc: $(OPENSSL_DEP) @@ -22416,6 +23356,7 @@ src/core/lib/security/credentials/jwt/jwt_verifier.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/oauth2/oauth2_credentials.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/plugin/plugin_credentials.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/ssl/ssl_credentials.cc: $(OPENSSL_DEP) +src/core/lib/security/security_connector/alts_security_connector.cc: $(OPENSSL_DEP) src/core/lib/security/security_connector/security_connector.cc: $(OPENSSL_DEP) src/core/lib/security/transport/client_auth_filter.cc: $(OPENSSL_DEP) src/core/lib/security/transport/secure_endpoint.cc: $(OPENSSL_DEP) @@ -22427,6 +23368,30 @@ src/core/lib/security/util/json_util.cc: $(OPENSSL_DEP) src/core/lib/surface/init_secure.cc: $(OPENSSL_DEP) src/core/plugin_registry/grpc_cronet_plugin_registry.cc: $(OPENSSL_DEP) src/core/plugin_registry/grpc_plugin_registry.cc: $(OPENSSL_DEP) +src/core/tsi/alts/crypt/aes_gcm.cc: $(OPENSSL_DEP) +src/core/tsi/alts/crypt/gsec.cc: $(OPENSSL_DEP) +src/core/tsi/alts/frame_protector/alts_counter.cc: $(OPENSSL_DEP) +src/core/tsi/alts/frame_protector/alts_crypter.cc: $(OPENSSL_DEP) +src/core/tsi/alts/frame_protector/alts_frame_protector.cc: $(OPENSSL_DEP) +src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc: $(OPENSSL_DEP) +src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc: $(OPENSSL_DEP) +src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc: $(OPENSSL_DEP) +src/core/tsi/alts/frame_protector/frame_handler.cc: $(OPENSSL_DEP) +src/core/tsi/alts/handshaker/alts_handshaker_client.cc: $(OPENSSL_DEP) +src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc: $(OPENSSL_DEP) +src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc: $(OPENSSL_DEP) +src/core/tsi/alts/handshaker/alts_tsi_event.cc: $(OPENSSL_DEP) +src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc: $(OPENSSL_DEP) +src/core/tsi/alts/handshaker/alts_tsi_utils.cc: $(OPENSSL_DEP) +src/core/tsi/alts/handshaker/altscontext.pb.c: $(OPENSSL_DEP) +src/core/tsi/alts/handshaker/handshaker.pb.c: $(OPENSSL_DEP) +src/core/tsi/alts/handshaker/transport_security_common.pb.c: $(OPENSSL_DEP) +src/core/tsi/alts/handshaker/transport_security_common_api.cc: $(OPENSSL_DEP) +src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc: $(OPENSSL_DEP) +src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc: $(OPENSSL_DEP) +src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc: $(OPENSSL_DEP) +src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc: $(OPENSSL_DEP) +src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc: $(OPENSSL_DEP) src/core/tsi/alts_transport_security.cc: $(OPENSSL_DEP) src/core/tsi/fake_transport_security.cc: $(OPENSSL_DEP) src/core/tsi/ssl_transport_security.cc: $(OPENSSL_DEP) @@ -22454,6 +23419,8 @@ test/core/end2end/data/test_root_cert.cc: $(OPENSSL_DEP) test/core/end2end/end2end_tests.cc: $(OPENSSL_DEP) test/core/end2end/tests/call_creds.cc: $(OPENSSL_DEP) test/core/security/oauth2_utils.cc: $(OPENSSL_DEP) +test/core/tsi/alts/crypt/gsec_test_util.cc: $(OPENSSL_DEP) +test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc: $(OPENSSL_DEP) test/core/util/reconnect_server.cc: $(OPENSSL_DEP) test/core/util/test_tcp_server.cc: $(OPENSSL_DEP) test/cpp/end2end/test_service_impl.cc: $(OPENSSL_DEP) diff --git a/bazel/grpc_build_system.bzl b/bazel/grpc_build_system.bzl index 7bc186265d..662068ad2a 100644 --- a/bazel/grpc_build_system.bzl +++ b/bazel/grpc_build_system.bzl @@ -57,6 +57,12 @@ def _maybe_update_cc_library_hdrs(hdrs): ret.append(h) return ret +def _maybe_update_cc_library_defines(name): + ret = [] + if name == "alts_proto": + ret += ["PB_FIELD_16BIT=1"] + return ret + def grpc_cc_library(name, srcs = [], public_hdrs = [], hdrs = [], external_deps = [], deps = [], standalone = False, language = "C++", testonly = False, visibility = None, @@ -64,10 +70,11 @@ def grpc_cc_library(name, srcs = [], public_hdrs = [], hdrs = [], copts = [] if language.upper() == "C": copts = if_not_windows(["-std=c99"]) + defines = _maybe_update_cc_library_defines(name) native.cc_library( name = name, srcs = srcs, - defines = select({"//:grpc_no_ares": ["GRPC_ARES=0"], + defines = defines + select({"//:grpc_no_ares": ["GRPC_ARES=0"], "//conditions:default": [],}) + select({"//:remote_execution": ["GRPC_PORT_ISOLATED_RUNTIME=1"], "//conditions:default": [],}) + diff --git a/build.yaml b/build.yaml index e2d194041a..e2bb8bfa9f 100644 --- a/build.yaml +++ b/build.yaml @@ -16,6 +16,84 @@ settings: g_stands_for: gorgeous version: 1.11.0-dev filegroups: +- name: alts_proto + headers: + - src/core/tsi/alts/handshaker/altscontext.pb.h + - src/core/tsi/alts/handshaker/handshaker.pb.h + - src/core/tsi/alts/handshaker/transport_security_common.pb.h + src: + - src/core/tsi/alts/handshaker/altscontext.pb.c + - src/core/tsi/alts/handshaker/handshaker.pb.c + - src/core/tsi/alts/handshaker/transport_security_common.pb.c + uses: + - nanopb +- name: alts_tsi + headers: + - src/core/tsi/alts/crypt/gsec.h + - src/core/tsi/alts/frame_protector/alts_counter.h + - src/core/tsi/alts/frame_protector/alts_crypter.h + - src/core/tsi/alts/frame_protector/alts_frame_protector.h + - src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h + - src/core/tsi/alts/frame_protector/frame_handler.h + - src/core/tsi/alts/handshaker/alts_handshaker_client.h + - src/core/tsi/alts/handshaker/alts_tsi_event.h + - src/core/tsi/alts/handshaker/alts_tsi_handshaker.h + - src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h + - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h + - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h + - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h + - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h + - src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h + - src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h + src: + - src/core/tsi/alts/crypt/aes_gcm.cc + - src/core/tsi/alts/crypt/gsec.cc + - src/core/tsi/alts/frame_protector/alts_counter.cc + - src/core/tsi/alts/frame_protector/alts_crypter.cc + - src/core/tsi/alts/frame_protector/alts_frame_protector.cc + - src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc + - src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc + - src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc + - src/core/tsi/alts/frame_protector/frame_handler.cc + - src/core/tsi/alts/handshaker/alts_handshaker_client.cc + - src/core/tsi/alts/handshaker/alts_tsi_event.cc + - src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc + - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc + - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc + - src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc + - src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc + - src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc + uses: + - alts_util + - grpc_base + - grpc_transport_chttp2_client_insecure + - tsi_interface + - tsi +- name: alts_util + headers: + - src/core/lib/security/credentials/alts/check_gcp_environment.h + - src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h + - src/core/tsi/alts/handshaker/alts_handshaker_service_api.h + - src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h + - src/core/tsi/alts/handshaker/alts_tsi_utils.h + - src/core/tsi/alts/handshaker/transport_security_common_api.h + src: + - src/core/lib/security/credentials/alts/check_gcp_environment.cc + - src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc + - src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc + - src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc + - src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc + - src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc + - src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc + - src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc + - src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc + - src/core/tsi/alts/handshaker/alts_tsi_utils.cc + - src/core/tsi/alts/handshaker/transport_security_common_api.cc + uses: + - alts_proto + - grpc_base + - tsi_interface + - nanopb - name: census public_headers: - include/grpc/census.h @@ -642,6 +720,7 @@ filegroups: - include/grpc/grpc_security.h headers: - src/core/lib/security/context/security_context.h + - src/core/lib/security/credentials/alts/alts_credentials.h - src/core/lib/security/credentials/composite/composite_credentials.h - src/core/lib/security/credentials/credentials.h - src/core/lib/security/credentials/fake/fake_credentials.h @@ -653,6 +732,7 @@ filegroups: - src/core/lib/security/credentials/oauth2/oauth2_credentials.h - src/core/lib/security/credentials/plugin/plugin_credentials.h - src/core/lib/security/credentials/ssl/ssl_credentials.h + - src/core/lib/security/security_connector/alts_security_connector.h - src/core/lib/security/security_connector/security_connector.h - src/core/lib/security/transport/auth_filters.h - src/core/lib/security/transport/secure_endpoint.h @@ -663,6 +743,7 @@ filegroups: src: - src/core/lib/http/httpcli_security_connector.cc - src/core/lib/security/context/security_context.cc + - src/core/lib/security/credentials/alts/alts_credentials.cc - src/core/lib/security/credentials/composite/composite_credentials.cc - src/core/lib/security/credentials/credentials.cc - src/core/lib/security/credentials/credentials_metadata.cc @@ -676,6 +757,7 @@ filegroups: - src/core/lib/security/credentials/oauth2/oauth2_credentials.cc - src/core/lib/security/credentials/plugin/plugin_credentials.cc - src/core/lib/security/credentials/ssl/ssl_credentials.cc + - src/core/lib/security/security_connector/alts_security_connector.cc - src/core/lib/security/security_connector/security_connector.cc - src/core/lib/security/transport/client_auth_filter.cc - src/core/lib/security/transport/secure_endpoint.cc @@ -687,6 +769,7 @@ filegroups: - src/core/lib/surface/init_secure.cc secure: true uses: + - alts_tsi - grpc_base - grpc_transport_chttp2_alpn - tsi @@ -1211,6 +1294,18 @@ filegroups: - grpc++ - grpc libs: +- name: alts_test_util + build: private + language: c + headers: + - test/core/tsi/alts/crypt/gsec_test_util.h + - test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h + src: + - test/core/tsi/alts/crypt/gsec_test_util.cc + - test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc + deps: + - grpc + secure: true - name: gpr build: all language: c @@ -3496,6 +3591,125 @@ targets: - grpc_unsecure - gpr_test_util - gpr +- name: alts_counter_test + build: test + language: c++ + src: + - test/core/tsi/alts/frame_protector/alts_counter_test.cc + deps: + - alts_test_util + - gpr + - grpc +- name: alts_crypt_test + build: test + language: c++ + src: + - test/core/tsi/alts/crypt/aes_gcm_test.cc + deps: + - alts_test_util + - gpr_test_util + - gpr + - grpc +- name: alts_crypter_test + build: test + language: c++ + src: + - test/core/tsi/alts/frame_protector/alts_crypter_test.cc + deps: + - alts_test_util + - gpr + - grpc +- name: alts_frame_handler_test + build: test + language: c++ + src: + - test/core/tsi/alts/frame_protector/frame_handler_test.cc + deps: + - alts_test_util + - gpr + - grpc +- name: alts_frame_protector_test + build: test + language: c++ + src: + - test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc + deps: + - alts_test_util + - gpr + - grpc + filegroups: + - transport_security_test_lib +- name: alts_grpc_record_protocol_test + build: test + language: c++ + src: + - test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc + deps: + - alts_test_util + - gpr + - grpc +- name: alts_handshaker_client_test + build: test + language: c++ + src: + - test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc + deps: + - alts_test_util + - gpr + - grpc +- name: alts_handshaker_service_api_test + build: test + language: c++ + src: + - test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc + deps: + - alts_test_util + - gpr + - grpc +- name: alts_iovec_record_protocol_test + build: test + language: c++ + src: + - test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc + deps: + - alts_test_util + - gpr + - grpc +- name: alts_security_connector_test + build: test + language: c++ + src: + - test/core/security/alts_security_connector_test.cc + deps: + - gpr + - grpc +- name: alts_tsi_handshaker_test + build: test + language: c++ + src: + - test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc + deps: + - alts_test_util + - gpr + - grpc +- name: alts_tsi_utils_test + build: test + language: c++ + src: + - test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc + deps: + - alts_test_util + - gpr + - grpc +- name: alts_zero_copy_grpc_protector_test + build: test + language: c++ + src: + - test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc + deps: + - alts_test_util + - gpr + - grpc - name: async_end2end_test gtest: true build: test @@ -3879,6 +4093,22 @@ targets: - grpc - gpr uses_polling: false +- name: check_gcp_environment_linux_test + build: test + language: c++ + src: + - test/core/security/check_gcp_environment_linux_test.cc + deps: + - grpc + - gpr +- name: check_gcp_environment_windows_test + build: test + language: c++ + src: + - test/core/security/check_gcp_environment_windows_test.cc + deps: + - grpc + - gpr - name: chttp2_settings_timeout_test gtest: true build: test @@ -4137,6 +4367,14 @@ targets: args: - --generated_file_path=gens/src/proto/grpc/testing/ uses_polling: false +- name: grpc_alts_credentials_options_test + build: test + language: c++ + src: + - test/core/security/grpc_alts_credentials_options_test.cc + deps: + - grpc + - gpr - name: grpc_cli build: test run: false @@ -4972,6 +5210,15 @@ targets: - grpc - gpr_test_util - gpr +- name: transport_security_common_api_test + build: test + language: c++ + src: + - test/core/tsi/alts/handshaker/transport_security_common_api_test.cc + deps: + - alts_test_util + - gpr + - grpc - name: writes_per_rpc_test gtest: true cpu_cost: 0.5 @@ -244,6 +244,7 @@ if test "$PHP_GRPC" != "no"; then src/core/ext/filters/http/server/http_server_filter.cc \ src/core/lib/http/httpcli_security_connector.cc \ src/core/lib/security/context/security_context.cc \ + src/core/lib/security/credentials/alts/alts_credentials.cc \ src/core/lib/security/credentials/composite/composite_credentials.cc \ src/core/lib/security/credentials/credentials.cc \ src/core/lib/security/credentials/credentials_metadata.cc \ @@ -257,6 +258,7 @@ if test "$PHP_GRPC" != "no"; then src/core/lib/security/credentials/oauth2/oauth2_credentials.cc \ src/core/lib/security/credentials/plugin/plugin_credentials.cc \ src/core/lib/security/credentials/ssl/ssl_credentials.cc \ + src/core/lib/security/security_connector/alts_security_connector.cc \ src/core/lib/security/security_connector/security_connector.cc \ src/core/lib/security/transport/client_auth_filter.cc \ src/core/lib/security/transport/secure_endpoint.cc \ @@ -266,14 +268,45 @@ if test "$PHP_GRPC" != "no"; then src/core/lib/security/transport/tsi_error.cc \ src/core/lib/security/util/json_util.cc \ src/core/lib/surface/init_secure.cc \ - src/core/tsi/alts_transport_security.cc \ - src/core/tsi/fake_transport_security.cc \ - src/core/tsi/ssl_transport_security.cc \ - src/core/tsi/transport_security_grpc.cc \ + src/core/tsi/alts/crypt/aes_gcm.cc \ + src/core/tsi/alts/crypt/gsec.cc \ + src/core/tsi/alts/frame_protector/alts_counter.cc \ + src/core/tsi/alts/frame_protector/alts_crypter.cc \ + src/core/tsi/alts/frame_protector/alts_frame_protector.cc \ + src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc \ + src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc \ + src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc \ + src/core/tsi/alts/frame_protector/frame_handler.cc \ + src/core/tsi/alts/handshaker/alts_handshaker_client.cc \ + src/core/tsi/alts/handshaker/alts_tsi_event.cc \ + src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc \ + src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc \ + src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc \ + src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \ + src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \ + src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \ + src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc \ + src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc \ + src/core/tsi/alts/handshaker/alts_tsi_utils.cc \ + src/core/tsi/alts/handshaker/transport_security_common_api.cc \ + src/core/tsi/alts/handshaker/altscontext.pb.c \ + src/core/tsi/alts/handshaker/handshaker.pb.c \ + src/core/tsi/alts/handshaker/transport_security_common.pb.c \ + third_party/nanopb/pb_common.c \ + third_party/nanopb/pb_decode.c \ + third_party/nanopb/pb_encode.c \ src/core/tsi/transport_security.cc \ src/core/tsi/transport_security_adapter.cc \ - src/core/ext/transport/chttp2/server/chttp2_server.cc \ - src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \ + src/core/ext/transport/chttp2/client/insecure/channel_create.cc \ + src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \ + src/core/ext/transport/chttp2/client/chttp2_connector.cc \ src/core/ext/filters/client_channel/backup_poller.cc \ src/core/ext/filters/client_channel/channel_connectivity.cc \ src/core/ext/filters/client_channel/client_channel.cc \ @@ -297,11 +330,14 @@ if test "$PHP_GRPC" != "no"; then src/core/ext/filters/client_channel/subchannel_index.cc \ src/core/ext/filters/client_channel/uri_parser.cc \ src/core/ext/filters/deadline/deadline_filter.cc \ - src/core/ext/transport/chttp2/client/chttp2_connector.cc \ + src/core/tsi/alts_transport_security.cc \ + src/core/tsi/fake_transport_security.cc \ + src/core/tsi/ssl_transport_security.cc \ + src/core/tsi/transport_security_grpc.cc \ + src/core/ext/transport/chttp2/server/chttp2_server.cc \ + src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \ src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc \ src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc \ - src/core/ext/transport/chttp2/client/insecure/channel_create.cc \ - src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \ src/core/ext/transport/inproc/inproc_plugin.cc \ src/core/ext/transport/inproc/inproc_transport.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc \ @@ -310,9 +346,6 @@ if test "$PHP_GRPC" != "no"; then src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c \ - third_party/nanopb/pb_common.c \ - third_party/nanopb/pb_decode.c \ - third_party/nanopb/pb_encode.c \ src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc \ src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc \ src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc \ @@ -635,6 +668,7 @@ if test "$PHP_GRPC" != "no"; then PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/profiling) PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/context) PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials) + PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials/alts) PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials/composite) PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials/fake) PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials/google_default) @@ -651,6 +685,10 @@ if test "$PHP_GRPC" != "no"; then PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/transport) PHP_ADD_BUILD_DIR($ext_builddir/src/core/plugin_registry) PHP_ADD_BUILD_DIR($ext_builddir/src/core/tsi) + PHP_ADD_BUILD_DIR($ext_builddir/src/core/tsi/alts/crypt) + PHP_ADD_BUILD_DIR($ext_builddir/src/core/tsi/alts/frame_protector) + PHP_ADD_BUILD_DIR($ext_builddir/src/core/tsi/alts/handshaker) + PHP_ADD_BUILD_DIR($ext_builddir/src/core/tsi/alts/zero_copy_frame_protector) PHP_ADD_BUILD_DIR($ext_builddir/third_party/boringssl/crypto) PHP_ADD_BUILD_DIR($ext_builddir/third_party/boringssl/crypto/asn1) PHP_ADD_BUILD_DIR($ext_builddir/third_party/boringssl/crypto/base64) diff --git a/config.w32 b/config.w32 index 5e41295cbf..580607dd3d 100644 --- a/config.w32 +++ b/config.w32 @@ -221,6 +221,7 @@ if (PHP_GRPC != "no") { "src\\core\\ext\\filters\\http\\server\\http_server_filter.cc " + "src\\core\\lib\\http\\httpcli_security_connector.cc " + "src\\core\\lib\\security\\context\\security_context.cc " + + "src\\core\\lib\\security\\credentials\\alts\\alts_credentials.cc " + "src\\core\\lib\\security\\credentials\\composite\\composite_credentials.cc " + "src\\core\\lib\\security\\credentials\\credentials.cc " + "src\\core\\lib\\security\\credentials\\credentials_metadata.cc " + @@ -234,6 +235,7 @@ if (PHP_GRPC != "no") { "src\\core\\lib\\security\\credentials\\oauth2\\oauth2_credentials.cc " + "src\\core\\lib\\security\\credentials\\plugin\\plugin_credentials.cc " + "src\\core\\lib\\security\\credentials\\ssl\\ssl_credentials.cc " + + "src\\core\\lib\\security\\security_connector\\alts_security_connector.cc " + "src\\core\\lib\\security\\security_connector\\security_connector.cc " + "src\\core\\lib\\security\\transport\\client_auth_filter.cc " + "src\\core\\lib\\security\\transport\\secure_endpoint.cc " + @@ -243,14 +245,45 @@ if (PHP_GRPC != "no") { "src\\core\\lib\\security\\transport\\tsi_error.cc " + "src\\core\\lib\\security\\util\\json_util.cc " + "src\\core\\lib\\surface\\init_secure.cc " + - "src\\core\\tsi\\alts_transport_security.cc " + - "src\\core\\tsi\\fake_transport_security.cc " + - "src\\core\\tsi\\ssl_transport_security.cc " + - "src\\core\\tsi\\transport_security_grpc.cc " + + "src\\core\\tsi\\alts\\crypt\\aes_gcm.cc " + + "src\\core\\tsi\\alts\\crypt\\gsec.cc " + + "src\\core\\tsi\\alts\\frame_protector\\alts_counter.cc " + + "src\\core\\tsi\\alts\\frame_protector\\alts_crypter.cc " + + "src\\core\\tsi\\alts\\frame_protector\\alts_frame_protector.cc " + + "src\\core\\tsi\\alts\\frame_protector\\alts_record_protocol_crypter_common.cc " + + "src\\core\\tsi\\alts\\frame_protector\\alts_seal_privacy_integrity_crypter.cc " + + "src\\core\\tsi\\alts\\frame_protector\\alts_unseal_privacy_integrity_crypter.cc " + + "src\\core\\tsi\\alts\\frame_protector\\frame_handler.cc " + + "src\\core\\tsi\\alts\\handshaker\\alts_handshaker_client.cc " + + "src\\core\\tsi\\alts\\handshaker\\alts_tsi_event.cc " + + "src\\core\\tsi\\alts\\handshaker\\alts_tsi_handshaker.cc " + + "src\\core\\tsi\\alts\\zero_copy_frame_protector\\alts_grpc_integrity_only_record_protocol.cc " + + "src\\core\\tsi\\alts\\zero_copy_frame_protector\\alts_grpc_privacy_integrity_record_protocol.cc " + + "src\\core\\tsi\\alts\\zero_copy_frame_protector\\alts_grpc_record_protocol_common.cc " + + "src\\core\\tsi\\alts\\zero_copy_frame_protector\\alts_iovec_record_protocol.cc " + + "src\\core\\tsi\\alts\\zero_copy_frame_protector\\alts_zero_copy_grpc_protector.cc " + + "src\\core\\lib\\security\\credentials\\alts\\check_gcp_environment.cc " + + "src\\core\\lib\\security\\credentials\\alts\\check_gcp_environment_linux.cc " + + "src\\core\\lib\\security\\credentials\\alts\\check_gcp_environment_no_op.cc " + + "src\\core\\lib\\security\\credentials\\alts\\check_gcp_environment_windows.cc " + + "src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_client_options.cc " + + "src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_options.cc " + + "src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_server_options.cc " + + "src\\core\\tsi\\alts\\handshaker\\alts_handshaker_service_api.cc " + + "src\\core\\tsi\\alts\\handshaker\\alts_handshaker_service_api_util.cc " + + "src\\core\\tsi\\alts\\handshaker\\alts_tsi_utils.cc " + + "src\\core\\tsi\\alts\\handshaker\\transport_security_common_api.cc " + + "src\\core\\tsi\\alts\\handshaker\\altscontext.pb.c " + + "src\\core\\tsi\\alts\\handshaker\\handshaker.pb.c " + + "src\\core\\tsi\\alts\\handshaker\\transport_security_common.pb.c " + + "third_party\\nanopb\\pb_common.c " + + "third_party\\nanopb\\pb_decode.c " + + "third_party\\nanopb\\pb_encode.c " + "src\\core\\tsi\\transport_security.cc " + "src\\core\\tsi\\transport_security_adapter.cc " + - "src\\core\\ext\\transport\\chttp2\\server\\chttp2_server.cc " + - "src\\core\\ext\\transport\\chttp2\\client\\secure\\secure_channel_create.cc " + + "src\\core\\ext\\transport\\chttp2\\client\\insecure\\channel_create.cc " + + "src\\core\\ext\\transport\\chttp2\\client\\insecure\\channel_create_posix.cc " + + "src\\core\\ext\\transport\\chttp2\\client\\chttp2_connector.cc " + "src\\core\\ext\\filters\\client_channel\\backup_poller.cc " + "src\\core\\ext\\filters\\client_channel\\channel_connectivity.cc " + "src\\core\\ext\\filters\\client_channel\\client_channel.cc " + @@ -274,11 +307,14 @@ if (PHP_GRPC != "no") { "src\\core\\ext\\filters\\client_channel\\subchannel_index.cc " + "src\\core\\ext\\filters\\client_channel\\uri_parser.cc " + "src\\core\\ext\\filters\\deadline\\deadline_filter.cc " + - "src\\core\\ext\\transport\\chttp2\\client\\chttp2_connector.cc " + + "src\\core\\tsi\\alts_transport_security.cc " + + "src\\core\\tsi\\fake_transport_security.cc " + + "src\\core\\tsi\\ssl_transport_security.cc " + + "src\\core\\tsi\\transport_security_grpc.cc " + + "src\\core\\ext\\transport\\chttp2\\server\\chttp2_server.cc " + + "src\\core\\ext\\transport\\chttp2\\client\\secure\\secure_channel_create.cc " + "src\\core\\ext\\transport\\chttp2\\server\\insecure\\server_chttp2.cc " + "src\\core\\ext\\transport\\chttp2\\server\\insecure\\server_chttp2_posix.cc " + - "src\\core\\ext\\transport\\chttp2\\client\\insecure\\channel_create.cc " + - "src\\core\\ext\\transport\\chttp2\\client\\insecure\\channel_create_posix.cc " + "src\\core\\ext\\transport\\inproc\\inproc_plugin.cc " + "src\\core\\ext\\transport\\inproc\\inproc_transport.cc " + "src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\client_load_reporting_filter.cc " + @@ -287,9 +323,6 @@ if (PHP_GRPC != "no") { "src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\grpclb_client_stats.cc " + "src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\load_balancer_api.cc " + "src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\proto\\grpc\\lb\\v1\\load_balancer.pb.c " + - "third_party\\nanopb\\pb_common.c " + - "third_party\\nanopb\\pb_decode.c " + - "third_party\\nanopb\\pb_encode.c " + "src\\core\\ext\\filters\\client_channel\\resolver\\fake\\fake_resolver.cc " + "src\\core\\ext\\filters\\client_channel\\lb_policy\\pick_first\\pick_first.cc " + "src\\core\\ext\\filters\\client_channel\\lb_policy\\subchannel_list.cc " + @@ -648,6 +681,7 @@ if (PHP_GRPC != "no") { FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\context"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials"); + FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials\\alts"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials\\composite"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials\\fake"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials\\google_default"); @@ -664,6 +698,11 @@ if (PHP_GRPC != "no") { FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\transport"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\plugin_registry"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi"); + FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi\\alts"); + FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi\\alts\\crypt"); + FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi\\alts\\frame_protector"); + FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi\\alts\\handshaker"); + FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\tsi\\alts\\zero_copy_frame_protector"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\php"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\php\\ext"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\php\\ext\\grpc"); diff --git a/gRPC-C++.podspec b/gRPC-C++.podspec index 821c16da45..65a5dc66b4 100644 --- a/gRPC-C++.podspec +++ b/gRPC-C++.podspec @@ -260,6 +260,7 @@ Pod::Spec.new do |s| 'src/core/ext/filters/http/message_compress/message_compress_filter.h', 'src/core/ext/filters/http/server/http_server_filter.h', 'src/core/lib/security/context/security_context.h', + 'src/core/lib/security/credentials/alts/alts_credentials.h', 'src/core/lib/security/credentials/composite/composite_credentials.h', 'src/core/lib/security/credentials/credentials.h', 'src/core/lib/security/credentials/fake/fake_credentials.h', @@ -271,6 +272,7 @@ Pod::Spec.new do |s| 'src/core/lib/security/credentials/oauth2/oauth2_credentials.h', 'src/core/lib/security/credentials/plugin/plugin_credentials.h', 'src/core/lib/security/credentials/ssl/ssl_credentials.h', + 'src/core/lib/security/security_connector/alts_security_connector.h', 'src/core/lib/security/security_connector/security_connector.h', 'src/core/lib/security/transport/auth_filters.h', 'src/core/lib/security/transport/secure_endpoint.h', @@ -278,15 +280,35 @@ Pod::Spec.new do |s| 'src/core/lib/security/transport/target_authority_table.h', 'src/core/lib/security/transport/tsi_error.h', 'src/core/lib/security/util/json_util.h', - 'src/core/tsi/alts_transport_security.h', - 'src/core/tsi/fake_transport_security.h', - 'src/core/tsi/ssl_transport_security.h', - 'src/core/tsi/ssl_types.h', - 'src/core/tsi/transport_security_grpc.h', + 'src/core/tsi/alts/crypt/gsec.h', + 'src/core/tsi/alts/frame_protector/alts_counter.h', + 'src/core/tsi/alts/frame_protector/alts_crypter.h', + 'src/core/tsi/alts/frame_protector/alts_frame_protector.h', + 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h', + 'src/core/tsi/alts/frame_protector/frame_handler.h', + 'src/core/tsi/alts/handshaker/alts_handshaker_client.h', + 'src/core/tsi/alts/handshaker/alts_tsi_event.h', + 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.h', + 'src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h', + 'src/core/lib/security/credentials/alts/check_gcp_environment.h', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.h', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h', + 'src/core/tsi/alts/handshaker/alts_tsi_utils.h', + 'src/core/tsi/alts/handshaker/transport_security_common_api.h', + 'src/core/tsi/alts/handshaker/altscontext.pb.h', + 'src/core/tsi/alts/handshaker/handshaker.pb.h', + 'src/core/tsi/alts/handshaker/transport_security_common.pb.h', 'src/core/tsi/transport_security.h', 'src/core/tsi/transport_security_adapter.h', 'src/core/tsi/transport_security_interface.h', - 'src/core/ext/transport/chttp2/server/chttp2_server.h', + 'src/core/ext/transport/chttp2/client/chttp2_connector.h', 'src/core/ext/filters/client_channel/backup_poller.h', 'src/core/ext/filters/client_channel/client_channel.h', 'src/core/ext/filters/client_channel/client_channel_factory.h', @@ -309,7 +331,12 @@ Pod::Spec.new do |s| 'src/core/ext/filters/client_channel/subchannel_index.h', 'src/core/ext/filters/client_channel/uri_parser.h', 'src/core/ext/filters/deadline/deadline_filter.h', - 'src/core/ext/transport/chttp2/client/chttp2_connector.h', + 'src/core/tsi/alts_transport_security.h', + 'src/core/tsi/fake_transport_security.h', + 'src/core/tsi/ssl_transport_security.h', + 'src/core/tsi/ssl_types.h', + 'src/core/tsi/transport_security_grpc.h', + 'src/core/ext/transport/chttp2/server/chttp2_server.h', 'src/core/ext/transport/inproc/inproc_transport.h', 'src/core/lib/avl/avl.h', 'src/core/lib/backoff/backoff.h', diff --git a/gRPC-Core.podspec b/gRPC-Core.podspec index 6c6c76991c..7f61719cb1 100644 --- a/gRPC-Core.podspec +++ b/gRPC-Core.podspec @@ -93,7 +93,7 @@ Pod::Spec.new do |s| } s.default_subspecs = 'Interface', 'Implementation' - s.compiler_flags = '-DGRPC_ARES=0' + s.compiler_flags = '-DGRPC_ARES=0', '-DPB_FIELD_16BIT' s.libraries = 'c++' # Like many other C libraries, gRPC-Core has its public headers under `include/<libname>/` and its @@ -271,6 +271,7 @@ Pod::Spec.new do |s| 'src/core/ext/filters/http/message_compress/message_compress_filter.h', 'src/core/ext/filters/http/server/http_server_filter.h', 'src/core/lib/security/context/security_context.h', + 'src/core/lib/security/credentials/alts/alts_credentials.h', 'src/core/lib/security/credentials/composite/composite_credentials.h', 'src/core/lib/security/credentials/credentials.h', 'src/core/lib/security/credentials/fake/fake_credentials.h', @@ -282,6 +283,7 @@ Pod::Spec.new do |s| 'src/core/lib/security/credentials/oauth2/oauth2_credentials.h', 'src/core/lib/security/credentials/plugin/plugin_credentials.h', 'src/core/lib/security/credentials/ssl/ssl_credentials.h', + 'src/core/lib/security/security_connector/alts_security_connector.h', 'src/core/lib/security/security_connector/security_connector.h', 'src/core/lib/security/transport/auth_filters.h', 'src/core/lib/security/transport/secure_endpoint.h', @@ -289,15 +291,35 @@ Pod::Spec.new do |s| 'src/core/lib/security/transport/target_authority_table.h', 'src/core/lib/security/transport/tsi_error.h', 'src/core/lib/security/util/json_util.h', - 'src/core/tsi/alts_transport_security.h', - 'src/core/tsi/fake_transport_security.h', - 'src/core/tsi/ssl_transport_security.h', - 'src/core/tsi/ssl_types.h', - 'src/core/tsi/transport_security_grpc.h', + 'src/core/tsi/alts/crypt/gsec.h', + 'src/core/tsi/alts/frame_protector/alts_counter.h', + 'src/core/tsi/alts/frame_protector/alts_crypter.h', + 'src/core/tsi/alts/frame_protector/alts_frame_protector.h', + 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h', + 'src/core/tsi/alts/frame_protector/frame_handler.h', + 'src/core/tsi/alts/handshaker/alts_handshaker_client.h', + 'src/core/tsi/alts/handshaker/alts_tsi_event.h', + 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.h', + 'src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h', + 'src/core/lib/security/credentials/alts/check_gcp_environment.h', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.h', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h', + 'src/core/tsi/alts/handshaker/alts_tsi_utils.h', + 'src/core/tsi/alts/handshaker/transport_security_common_api.h', + 'src/core/tsi/alts/handshaker/altscontext.pb.h', + 'src/core/tsi/alts/handshaker/handshaker.pb.h', + 'src/core/tsi/alts/handshaker/transport_security_common.pb.h', 'src/core/tsi/transport_security.h', 'src/core/tsi/transport_security_adapter.h', 'src/core/tsi/transport_security_interface.h', - 'src/core/ext/transport/chttp2/server/chttp2_server.h', + 'src/core/ext/transport/chttp2/client/chttp2_connector.h', 'src/core/ext/filters/client_channel/backup_poller.h', 'src/core/ext/filters/client_channel/client_channel.h', 'src/core/ext/filters/client_channel/client_channel_factory.h', @@ -320,7 +342,12 @@ Pod::Spec.new do |s| 'src/core/ext/filters/client_channel/subchannel_index.h', 'src/core/ext/filters/client_channel/uri_parser.h', 'src/core/ext/filters/deadline/deadline_filter.h', - 'src/core/ext/transport/chttp2/client/chttp2_connector.h', + 'src/core/tsi/alts_transport_security.h', + 'src/core/tsi/fake_transport_security.h', + 'src/core/tsi/ssl_transport_security.h', + 'src/core/tsi/ssl_types.h', + 'src/core/tsi/transport_security_grpc.h', + 'src/core/ext/transport/chttp2/server/chttp2_server.h', 'src/core/ext/transport/inproc/inproc_transport.h', 'src/core/lib/avl/avl.h', 'src/core/lib/backoff/backoff.h', @@ -631,6 +658,7 @@ Pod::Spec.new do |s| 'src/core/ext/filters/http/server/http_server_filter.cc', 'src/core/lib/http/httpcli_security_connector.cc', 'src/core/lib/security/context/security_context.cc', + 'src/core/lib/security/credentials/alts/alts_credentials.cc', 'src/core/lib/security/credentials/composite/composite_credentials.cc', 'src/core/lib/security/credentials/credentials.cc', 'src/core/lib/security/credentials/credentials_metadata.cc', @@ -644,6 +672,7 @@ Pod::Spec.new do |s| 'src/core/lib/security/credentials/oauth2/oauth2_credentials.cc', 'src/core/lib/security/credentials/plugin/plugin_credentials.cc', 'src/core/lib/security/credentials/ssl/ssl_credentials.cc', + 'src/core/lib/security/security_connector/alts_security_connector.cc', 'src/core/lib/security/security_connector/security_connector.cc', 'src/core/lib/security/transport/client_auth_filter.cc', 'src/core/lib/security/transport/secure_endpoint.cc', @@ -653,14 +682,42 @@ Pod::Spec.new do |s| 'src/core/lib/security/transport/tsi_error.cc', 'src/core/lib/security/util/json_util.cc', 'src/core/lib/surface/init_secure.cc', - 'src/core/tsi/alts_transport_security.cc', - 'src/core/tsi/fake_transport_security.cc', - 'src/core/tsi/ssl_transport_security.cc', - 'src/core/tsi/transport_security_grpc.cc', + 'src/core/tsi/alts/crypt/aes_gcm.cc', + 'src/core/tsi/alts/crypt/gsec.cc', + 'src/core/tsi/alts/frame_protector/alts_counter.cc', + 'src/core/tsi/alts/frame_protector/alts_crypter.cc', + 'src/core/tsi/alts/frame_protector/alts_frame_protector.cc', + 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc', + 'src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc', + 'src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc', + 'src/core/tsi/alts/frame_protector/frame_handler.cc', + 'src/core/tsi/alts/handshaker/alts_handshaker_client.cc', + 'src/core/tsi/alts/handshaker/alts_tsi_event.cc', + 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc', + 'src/core/tsi/alts/handshaker/alts_tsi_utils.cc', + 'src/core/tsi/alts/handshaker/transport_security_common_api.cc', + 'src/core/tsi/alts/handshaker/altscontext.pb.c', + 'src/core/tsi/alts/handshaker/handshaker.pb.c', + 'src/core/tsi/alts/handshaker/transport_security_common.pb.c', 'src/core/tsi/transport_security.cc', 'src/core/tsi/transport_security_adapter.cc', - 'src/core/ext/transport/chttp2/server/chttp2_server.cc', - 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc', + 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc', + 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc', + 'src/core/ext/transport/chttp2/client/chttp2_connector.cc', 'src/core/ext/filters/client_channel/backup_poller.cc', 'src/core/ext/filters/client_channel/channel_connectivity.cc', 'src/core/ext/filters/client_channel/client_channel.cc', @@ -684,11 +741,14 @@ Pod::Spec.new do |s| 'src/core/ext/filters/client_channel/subchannel_index.cc', 'src/core/ext/filters/client_channel/uri_parser.cc', 'src/core/ext/filters/deadline/deadline_filter.cc', - 'src/core/ext/transport/chttp2/client/chttp2_connector.cc', + 'src/core/tsi/alts_transport_security.cc', + 'src/core/tsi/fake_transport_security.cc', + 'src/core/tsi/ssl_transport_security.cc', + 'src/core/tsi/transport_security_grpc.cc', + 'src/core/ext/transport/chttp2/server/chttp2_server.cc', + 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc', 'src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc', 'src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc', 'src/core/ext/transport/inproc/inproc_plugin.cc', 'src/core/ext/transport/inproc/inproc_transport.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc', @@ -765,6 +825,7 @@ Pod::Spec.new do |s| 'src/core/ext/filters/http/message_compress/message_compress_filter.h', 'src/core/ext/filters/http/server/http_server_filter.h', 'src/core/lib/security/context/security_context.h', + 'src/core/lib/security/credentials/alts/alts_credentials.h', 'src/core/lib/security/credentials/composite/composite_credentials.h', 'src/core/lib/security/credentials/credentials.h', 'src/core/lib/security/credentials/fake/fake_credentials.h', @@ -776,6 +837,7 @@ Pod::Spec.new do |s| 'src/core/lib/security/credentials/oauth2/oauth2_credentials.h', 'src/core/lib/security/credentials/plugin/plugin_credentials.h', 'src/core/lib/security/credentials/ssl/ssl_credentials.h', + 'src/core/lib/security/security_connector/alts_security_connector.h', 'src/core/lib/security/security_connector/security_connector.h', 'src/core/lib/security/transport/auth_filters.h', 'src/core/lib/security/transport/secure_endpoint.h', @@ -783,15 +845,35 @@ Pod::Spec.new do |s| 'src/core/lib/security/transport/target_authority_table.h', 'src/core/lib/security/transport/tsi_error.h', 'src/core/lib/security/util/json_util.h', - 'src/core/tsi/alts_transport_security.h', - 'src/core/tsi/fake_transport_security.h', - 'src/core/tsi/ssl_transport_security.h', - 'src/core/tsi/ssl_types.h', - 'src/core/tsi/transport_security_grpc.h', + 'src/core/tsi/alts/crypt/gsec.h', + 'src/core/tsi/alts/frame_protector/alts_counter.h', + 'src/core/tsi/alts/frame_protector/alts_crypter.h', + 'src/core/tsi/alts/frame_protector/alts_frame_protector.h', + 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h', + 'src/core/tsi/alts/frame_protector/frame_handler.h', + 'src/core/tsi/alts/handshaker/alts_handshaker_client.h', + 'src/core/tsi/alts/handshaker/alts_tsi_event.h', + 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.h', + 'src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h', + 'src/core/lib/security/credentials/alts/check_gcp_environment.h', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.h', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h', + 'src/core/tsi/alts/handshaker/alts_tsi_utils.h', + 'src/core/tsi/alts/handshaker/transport_security_common_api.h', + 'src/core/tsi/alts/handshaker/altscontext.pb.h', + 'src/core/tsi/alts/handshaker/handshaker.pb.h', + 'src/core/tsi/alts/handshaker/transport_security_common.pb.h', 'src/core/tsi/transport_security.h', 'src/core/tsi/transport_security_adapter.h', 'src/core/tsi/transport_security_interface.h', - 'src/core/ext/transport/chttp2/server/chttp2_server.h', + 'src/core/ext/transport/chttp2/client/chttp2_connector.h', 'src/core/ext/filters/client_channel/backup_poller.h', 'src/core/ext/filters/client_channel/client_channel.h', 'src/core/ext/filters/client_channel/client_channel_factory.h', @@ -814,7 +896,12 @@ Pod::Spec.new do |s| 'src/core/ext/filters/client_channel/subchannel_index.h', 'src/core/ext/filters/client_channel/uri_parser.h', 'src/core/ext/filters/deadline/deadline_filter.h', - 'src/core/ext/transport/chttp2/client/chttp2_connector.h', + 'src/core/tsi/alts_transport_security.h', + 'src/core/tsi/fake_transport_security.h', + 'src/core/tsi/ssl_transport_security.h', + 'src/core/tsi/ssl_types.h', + 'src/core/tsi/transport_security_grpc.h', + 'src/core/ext/transport/chttp2/server/chttp2_server.h', 'src/core/ext/transport/inproc/inproc_transport.h', 'src/core/lib/avl/avl.h', 'src/core/lib/backoff/backoff.h', @@ -975,8 +1062,15 @@ Pod::Spec.new do |s| ss.source_files = 'src/core/ext/transport/cronet/client/secure/cronet_channel_create.cc', 'src/core/ext/transport/cronet/transport/cronet_transport.cc', + 'third_party/nanopb/pb_common.c', + 'third_party/nanopb/pb_decode.c', + 'third_party/nanopb/pb_encode.c', 'src/core/ext/transport/cronet/transport/cronet_transport.h', - 'third_party/objective_c/Cronet/bidirectional_stream_c.h' + 'third_party/objective_c/Cronet/bidirectional_stream_c.h', + 'third_party/nanopb/pb.h', + 'third_party/nanopb/pb_common.h', + 'third_party/nanopb/pb_decode.h', + 'third_party/nanopb/pb_encode.h' end s.subspec 'Tests' do |ss| diff --git a/grpc.gemspec b/grpc.gemspec index fbe70aa795..3df7cea33f 100644 --- a/grpc.gemspec +++ b/grpc.gemspec @@ -197,6 +197,7 @@ Gem::Specification.new do |s| s.files += %w( src/core/ext/filters/http/message_compress/message_compress_filter.h ) s.files += %w( src/core/ext/filters/http/server/http_server_filter.h ) s.files += %w( src/core/lib/security/context/security_context.h ) + s.files += %w( src/core/lib/security/credentials/alts/alts_credentials.h ) s.files += %w( src/core/lib/security/credentials/composite/composite_credentials.h ) s.files += %w( src/core/lib/security/credentials/credentials.h ) s.files += %w( src/core/lib/security/credentials/fake/fake_credentials.h ) @@ -208,6 +209,7 @@ Gem::Specification.new do |s| s.files += %w( src/core/lib/security/credentials/oauth2/oauth2_credentials.h ) s.files += %w( src/core/lib/security/credentials/plugin/plugin_credentials.h ) s.files += %w( src/core/lib/security/credentials/ssl/ssl_credentials.h ) + s.files += %w( src/core/lib/security/security_connector/alts_security_connector.h ) s.files += %w( src/core/lib/security/security_connector/security_connector.h ) s.files += %w( src/core/lib/security/transport/auth_filters.h ) s.files += %w( src/core/lib/security/transport/secure_endpoint.h ) @@ -215,15 +217,39 @@ Gem::Specification.new do |s| s.files += %w( src/core/lib/security/transport/target_authority_table.h ) s.files += %w( src/core/lib/security/transport/tsi_error.h ) s.files += %w( src/core/lib/security/util/json_util.h ) - s.files += %w( src/core/tsi/alts_transport_security.h ) - s.files += %w( src/core/tsi/fake_transport_security.h ) - s.files += %w( src/core/tsi/ssl_transport_security.h ) - s.files += %w( src/core/tsi/ssl_types.h ) - s.files += %w( src/core/tsi/transport_security_grpc.h ) + s.files += %w( src/core/tsi/alts/crypt/gsec.h ) + s.files += %w( src/core/tsi/alts/frame_protector/alts_counter.h ) + s.files += %w( src/core/tsi/alts/frame_protector/alts_crypter.h ) + s.files += %w( src/core/tsi/alts/frame_protector/alts_frame_protector.h ) + s.files += %w( src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h ) + s.files += %w( src/core/tsi/alts/frame_protector/frame_handler.h ) + s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_client.h ) + s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_event.h ) + s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_handshaker.h ) + s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h ) + s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h ) + s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h ) + s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h ) + s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h ) + s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h ) + s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h ) + s.files += %w( src/core/lib/security/credentials/alts/check_gcp_environment.h ) + s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h ) + s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_service_api.h ) + s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h ) + s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_utils.h ) + s.files += %w( src/core/tsi/alts/handshaker/transport_security_common_api.h ) + s.files += %w( src/core/tsi/alts/handshaker/altscontext.pb.h ) + s.files += %w( src/core/tsi/alts/handshaker/handshaker.pb.h ) + s.files += %w( src/core/tsi/alts/handshaker/transport_security_common.pb.h ) + s.files += %w( third_party/nanopb/pb.h ) + s.files += %w( third_party/nanopb/pb_common.h ) + s.files += %w( third_party/nanopb/pb_decode.h ) + s.files += %w( third_party/nanopb/pb_encode.h ) s.files += %w( src/core/tsi/transport_security.h ) s.files += %w( src/core/tsi/transport_security_adapter.h ) s.files += %w( src/core/tsi/transport_security_interface.h ) - s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.h ) + s.files += %w( src/core/ext/transport/chttp2/client/chttp2_connector.h ) s.files += %w( src/core/ext/filters/client_channel/backup_poller.h ) s.files += %w( src/core/ext/filters/client_channel/client_channel.h ) s.files += %w( src/core/ext/filters/client_channel/client_channel_factory.h ) @@ -246,7 +272,12 @@ Gem::Specification.new do |s| s.files += %w( src/core/ext/filters/client_channel/subchannel_index.h ) s.files += %w( src/core/ext/filters/client_channel/uri_parser.h ) s.files += %w( src/core/ext/filters/deadline/deadline_filter.h ) - s.files += %w( src/core/ext/transport/chttp2/client/chttp2_connector.h ) + s.files += %w( src/core/tsi/alts_transport_security.h ) + s.files += %w( src/core/tsi/fake_transport_security.h ) + s.files += %w( src/core/tsi/ssl_transport_security.h ) + s.files += %w( src/core/tsi/ssl_types.h ) + s.files += %w( src/core/tsi/transport_security_grpc.h ) + s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.h ) s.files += %w( src/core/ext/transport/inproc/inproc_transport.h ) s.files += %w( src/core/lib/avl/avl.h ) s.files += %w( src/core/lib/backoff/backoff.h ) @@ -381,10 +412,6 @@ Gem::Specification.new do |s| s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h ) - s.files += %w( third_party/nanopb/pb.h ) - s.files += %w( third_party/nanopb/pb_common.h ) - s.files += %w( third_party/nanopb/pb_decode.h ) - s.files += %w( third_party/nanopb/pb_encode.h ) s.files += %w( src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/subchannel_list.h ) s.files += %w( src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h ) @@ -561,6 +588,7 @@ Gem::Specification.new do |s| s.files += %w( src/core/ext/filters/http/server/http_server_filter.cc ) s.files += %w( src/core/lib/http/httpcli_security_connector.cc ) s.files += %w( src/core/lib/security/context/security_context.cc ) + s.files += %w( src/core/lib/security/credentials/alts/alts_credentials.cc ) s.files += %w( src/core/lib/security/credentials/composite/composite_credentials.cc ) s.files += %w( src/core/lib/security/credentials/credentials.cc ) s.files += %w( src/core/lib/security/credentials/credentials_metadata.cc ) @@ -574,6 +602,7 @@ Gem::Specification.new do |s| s.files += %w( src/core/lib/security/credentials/oauth2/oauth2_credentials.cc ) s.files += %w( src/core/lib/security/credentials/plugin/plugin_credentials.cc ) s.files += %w( src/core/lib/security/credentials/ssl/ssl_credentials.cc ) + s.files += %w( src/core/lib/security/security_connector/alts_security_connector.cc ) s.files += %w( src/core/lib/security/security_connector/security_connector.cc ) s.files += %w( src/core/lib/security/transport/client_auth_filter.cc ) s.files += %w( src/core/lib/security/transport/secure_endpoint.cc ) @@ -583,14 +612,45 @@ Gem::Specification.new do |s| s.files += %w( src/core/lib/security/transport/tsi_error.cc ) s.files += %w( src/core/lib/security/util/json_util.cc ) s.files += %w( src/core/lib/surface/init_secure.cc ) - s.files += %w( src/core/tsi/alts_transport_security.cc ) - s.files += %w( src/core/tsi/fake_transport_security.cc ) - s.files += %w( src/core/tsi/ssl_transport_security.cc ) - s.files += %w( src/core/tsi/transport_security_grpc.cc ) + s.files += %w( src/core/tsi/alts/crypt/aes_gcm.cc ) + s.files += %w( src/core/tsi/alts/crypt/gsec.cc ) + s.files += %w( src/core/tsi/alts/frame_protector/alts_counter.cc ) + s.files += %w( src/core/tsi/alts/frame_protector/alts_crypter.cc ) + s.files += %w( src/core/tsi/alts/frame_protector/alts_frame_protector.cc ) + s.files += %w( src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc ) + s.files += %w( src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc ) + s.files += %w( src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc ) + s.files += %w( src/core/tsi/alts/frame_protector/frame_handler.cc ) + s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_client.cc ) + s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_event.cc ) + s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc ) + s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc ) + s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc ) + s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc ) + s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc ) + s.files += %w( src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc ) + s.files += %w( src/core/lib/security/credentials/alts/check_gcp_environment.cc ) + s.files += %w( src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc ) + s.files += %w( src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc ) + s.files += %w( src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc ) + s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc ) + s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc ) + s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc ) + s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc ) + s.files += %w( src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc ) + s.files += %w( src/core/tsi/alts/handshaker/alts_tsi_utils.cc ) + s.files += %w( src/core/tsi/alts/handshaker/transport_security_common_api.cc ) + s.files += %w( src/core/tsi/alts/handshaker/altscontext.pb.c ) + s.files += %w( src/core/tsi/alts/handshaker/handshaker.pb.c ) + s.files += %w( src/core/tsi/alts/handshaker/transport_security_common.pb.c ) + s.files += %w( third_party/nanopb/pb_common.c ) + s.files += %w( third_party/nanopb/pb_decode.c ) + s.files += %w( third_party/nanopb/pb_encode.c ) s.files += %w( src/core/tsi/transport_security.cc ) s.files += %w( src/core/tsi/transport_security_adapter.cc ) - s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.cc ) - s.files += %w( src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc ) + s.files += %w( src/core/ext/transport/chttp2/client/insecure/channel_create.cc ) + s.files += %w( src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc ) + s.files += %w( src/core/ext/transport/chttp2/client/chttp2_connector.cc ) s.files += %w( src/core/ext/filters/client_channel/backup_poller.cc ) s.files += %w( src/core/ext/filters/client_channel/channel_connectivity.cc ) s.files += %w( src/core/ext/filters/client_channel/client_channel.cc ) @@ -614,11 +674,14 @@ Gem::Specification.new do |s| s.files += %w( src/core/ext/filters/client_channel/subchannel_index.cc ) s.files += %w( src/core/ext/filters/client_channel/uri_parser.cc ) s.files += %w( src/core/ext/filters/deadline/deadline_filter.cc ) - s.files += %w( src/core/ext/transport/chttp2/client/chttp2_connector.cc ) + s.files += %w( src/core/tsi/alts_transport_security.cc ) + s.files += %w( src/core/tsi/fake_transport_security.cc ) + s.files += %w( src/core/tsi/ssl_transport_security.cc ) + s.files += %w( src/core/tsi/transport_security_grpc.cc ) + s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.cc ) + s.files += %w( src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc ) s.files += %w( src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc ) s.files += %w( src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc ) - s.files += %w( src/core/ext/transport/chttp2/client/insecure/channel_create.cc ) - s.files += %w( src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc ) s.files += %w( src/core/ext/transport/inproc/inproc_plugin.cc ) s.files += %w( src/core/ext/transport/inproc/inproc_transport.cc ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc ) @@ -627,9 +690,6 @@ Gem::Specification.new do |s| s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c ) - s.files += %w( third_party/nanopb/pb_common.c ) - s.files += %w( third_party/nanopb/pb_decode.c ) - s.files += %w( third_party/nanopb/pb_encode.c ) s.files += %w( src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc ) @@ -64,11 +64,11 @@ ], 'cflags_c': [ '-Werror', - '-std=c99' + '-std=c99', ], 'cflags_cc': [ '-Werror', - '-std=c++11' + '-std=c++11', ], 'include_dirs': [ '.', @@ -148,7 +148,7 @@ '-Wno-deprecated-declarations', '-stdlib=libc++', '-std=c++11', - '-Wno-error=deprecated-declarations' + '-Wno-error=deprecated-declarations', ], }, }] @@ -156,6 +156,17 @@ }, 'targets': [ { + 'target_name': 'alts_test_util', + 'type': 'static_library', + 'dependencies': [ + 'grpc', + ], + 'sources': [ + 'test/core/tsi/alts/crypt/gsec_test_util.cc', + 'test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc', + ], + }, + { 'target_name': 'gpr', 'type': 'static_library', 'dependencies': [ @@ -385,6 +396,7 @@ 'src/core/ext/filters/http/server/http_server_filter.cc', 'src/core/lib/http/httpcli_security_connector.cc', 'src/core/lib/security/context/security_context.cc', + 'src/core/lib/security/credentials/alts/alts_credentials.cc', 'src/core/lib/security/credentials/composite/composite_credentials.cc', 'src/core/lib/security/credentials/credentials.cc', 'src/core/lib/security/credentials/credentials_metadata.cc', @@ -398,6 +410,7 @@ 'src/core/lib/security/credentials/oauth2/oauth2_credentials.cc', 'src/core/lib/security/credentials/plugin/plugin_credentials.cc', 'src/core/lib/security/credentials/ssl/ssl_credentials.cc', + 'src/core/lib/security/security_connector/alts_security_connector.cc', 'src/core/lib/security/security_connector/security_connector.cc', 'src/core/lib/security/transport/client_auth_filter.cc', 'src/core/lib/security/transport/secure_endpoint.cc', @@ -407,14 +420,45 @@ 'src/core/lib/security/transport/tsi_error.cc', 'src/core/lib/security/util/json_util.cc', 'src/core/lib/surface/init_secure.cc', - 'src/core/tsi/alts_transport_security.cc', - 'src/core/tsi/fake_transport_security.cc', - 'src/core/tsi/ssl_transport_security.cc', - 'src/core/tsi/transport_security_grpc.cc', + 'src/core/tsi/alts/crypt/aes_gcm.cc', + 'src/core/tsi/alts/crypt/gsec.cc', + 'src/core/tsi/alts/frame_protector/alts_counter.cc', + 'src/core/tsi/alts/frame_protector/alts_crypter.cc', + 'src/core/tsi/alts/frame_protector/alts_frame_protector.cc', + 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc', + 'src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc', + 'src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc', + 'src/core/tsi/alts/frame_protector/frame_handler.cc', + 'src/core/tsi/alts/handshaker/alts_handshaker_client.cc', + 'src/core/tsi/alts/handshaker/alts_tsi_event.cc', + 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc', + 'src/core/tsi/alts/handshaker/alts_tsi_utils.cc', + 'src/core/tsi/alts/handshaker/transport_security_common_api.cc', + 'src/core/tsi/alts/handshaker/altscontext.pb.c', + 'src/core/tsi/alts/handshaker/handshaker.pb.c', + 'src/core/tsi/alts/handshaker/transport_security_common.pb.c', + 'third_party/nanopb/pb_common.c', + 'third_party/nanopb/pb_decode.c', + 'third_party/nanopb/pb_encode.c', 'src/core/tsi/transport_security.cc', 'src/core/tsi/transport_security_adapter.cc', - 'src/core/ext/transport/chttp2/server/chttp2_server.cc', - 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc', + 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc', + 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc', + 'src/core/ext/transport/chttp2/client/chttp2_connector.cc', 'src/core/ext/filters/client_channel/backup_poller.cc', 'src/core/ext/filters/client_channel/channel_connectivity.cc', 'src/core/ext/filters/client_channel/client_channel.cc', @@ -438,11 +482,14 @@ 'src/core/ext/filters/client_channel/subchannel_index.cc', 'src/core/ext/filters/client_channel/uri_parser.cc', 'src/core/ext/filters/deadline/deadline_filter.cc', - 'src/core/ext/transport/chttp2/client/chttp2_connector.cc', + 'src/core/tsi/alts_transport_security.cc', + 'src/core/tsi/fake_transport_security.cc', + 'src/core/tsi/ssl_transport_security.cc', + 'src/core/tsi/transport_security_grpc.cc', + 'src/core/ext/transport/chttp2/server/chttp2_server.cc', + 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc', 'src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc', 'src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc', 'src/core/ext/transport/inproc/inproc_plugin.cc', 'src/core/ext/transport/inproc/inproc_transport.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc', @@ -451,9 +498,6 @@ 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c', - 'third_party/nanopb/pb_common.c', - 'third_party/nanopb/pb_decode.c', - 'third_party/nanopb/pb_encode.c', 'src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc', 'src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc', 'src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc', diff --git a/package.xml b/package.xml index db03230eba..c4a6f6fc92 100644 --- a/package.xml +++ b/package.xml @@ -204,6 +204,7 @@ <file baseinstalldir="/" name="src/core/ext/filters/http/message_compress/message_compress_filter.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/http/server/http_server_filter.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/context/security_context.h" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/alts_credentials.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/credentials/composite/composite_credentials.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/credentials/credentials.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/credentials/fake/fake_credentials.h" role="src" /> @@ -215,6 +216,7 @@ <file baseinstalldir="/" name="src/core/lib/security/credentials/oauth2/oauth2_credentials.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/credentials/plugin/plugin_credentials.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/credentials/ssl/ssl_credentials.h" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/security_connector/alts_security_connector.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/security_connector/security_connector.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/transport/auth_filters.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/transport/secure_endpoint.h" role="src" /> @@ -222,15 +224,39 @@ <file baseinstalldir="/" name="src/core/lib/security/transport/target_authority_table.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/transport/tsi_error.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/util/json_util.h" role="src" /> - <file baseinstalldir="/" name="src/core/tsi/alts_transport_security.h" role="src" /> - <file baseinstalldir="/" name="src/core/tsi/fake_transport_security.h" role="src" /> - <file baseinstalldir="/" name="src/core/tsi/ssl_transport_security.h" role="src" /> - <file baseinstalldir="/" name="src/core/tsi/ssl_types.h" role="src" /> - <file baseinstalldir="/" name="src/core/tsi/transport_security_grpc.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/crypt/gsec.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_counter.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_crypter.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_frame_protector.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/frame_handler.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_client.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_event.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/check_gcp_environment.h" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_service_api.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_utils.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/transport_security_common_api.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/altscontext.pb.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/handshaker.pb.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/transport_security_common.pb.h" role="src" /> + <file baseinstalldir="/" name="third_party/nanopb/pb.h" role="src" /> + <file baseinstalldir="/" name="third_party/nanopb/pb_common.h" role="src" /> + <file baseinstalldir="/" name="third_party/nanopb/pb_decode.h" role="src" /> + <file baseinstalldir="/" name="third_party/nanopb/pb_encode.h" role="src" /> <file baseinstalldir="/" name="src/core/tsi/transport_security.h" role="src" /> <file baseinstalldir="/" name="src/core/tsi/transport_security_adapter.h" role="src" /> <file baseinstalldir="/" name="src/core/tsi/transport_security_interface.h" role="src" /> - <file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/chttp2_server.h" role="src" /> + <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/chttp2_connector.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/backup_poller.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/client_channel.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/client_channel_factory.h" role="src" /> @@ -253,7 +279,12 @@ <file baseinstalldir="/" name="src/core/ext/filters/client_channel/subchannel_index.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/uri_parser.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/deadline/deadline_filter.h" role="src" /> - <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/chttp2_connector.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts_transport_security.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/fake_transport_security.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/ssl_transport_security.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/ssl_types.h" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/transport_security_grpc.h" role="src" /> + <file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/chttp2_server.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/transport/inproc/inproc_transport.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/avl/avl.h" role="src" /> <file baseinstalldir="/" name="src/core/lib/backoff/backoff.h" role="src" /> @@ -388,10 +419,6 @@ <file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h" role="src" /> - <file baseinstalldir="/" name="third_party/nanopb/pb.h" role="src" /> - <file baseinstalldir="/" name="third_party/nanopb/pb_common.h" role="src" /> - <file baseinstalldir="/" name="third_party/nanopb/pb_decode.h" role="src" /> - <file baseinstalldir="/" name="third_party/nanopb/pb_encode.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/subchannel_list.h" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h" role="src" /> @@ -568,6 +595,7 @@ <file baseinstalldir="/" name="src/core/ext/filters/http/server/http_server_filter.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/http/httpcli_security_connector.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/context/security_context.cc" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/alts_credentials.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/credentials/composite/composite_credentials.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/credentials/credentials.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/credentials/credentials_metadata.cc" role="src" /> @@ -581,6 +609,7 @@ <file baseinstalldir="/" name="src/core/lib/security/credentials/oauth2/oauth2_credentials.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/credentials/plugin/plugin_credentials.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/credentials/ssl/ssl_credentials.cc" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/security_connector/alts_security_connector.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/security_connector/security_connector.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/transport/client_auth_filter.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/transport/secure_endpoint.cc" role="src" /> @@ -590,14 +619,45 @@ <file baseinstalldir="/" name="src/core/lib/security/transport/tsi_error.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/security/util/json_util.cc" role="src" /> <file baseinstalldir="/" name="src/core/lib/surface/init_secure.cc" role="src" /> - <file baseinstalldir="/" name="src/core/tsi/alts_transport_security.cc" role="src" /> - <file baseinstalldir="/" name="src/core/tsi/fake_transport_security.cc" role="src" /> - <file baseinstalldir="/" name="src/core/tsi/ssl_transport_security.cc" role="src" /> - <file baseinstalldir="/" name="src/core/tsi/transport_security_grpc.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/crypt/aes_gcm.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/crypt/gsec.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_counter.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_crypter.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_frame_protector.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/frame_protector/frame_handler.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_client.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_event.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/check_gcp_environment.cc" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc" role="src" /> + <file baseinstalldir="/" name="src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/alts_tsi_utils.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/transport_security_common_api.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/altscontext.pb.c" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/handshaker.pb.c" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts/handshaker/transport_security_common.pb.c" role="src" /> + <file baseinstalldir="/" name="third_party/nanopb/pb_common.c" role="src" /> + <file baseinstalldir="/" name="third_party/nanopb/pb_decode.c" role="src" /> + <file baseinstalldir="/" name="third_party/nanopb/pb_encode.c" role="src" /> <file baseinstalldir="/" name="src/core/tsi/transport_security.cc" role="src" /> <file baseinstalldir="/" name="src/core/tsi/transport_security_adapter.cc" role="src" /> - <file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/chttp2_server.cc" role="src" /> - <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc" role="src" /> + <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/insecure/channel_create.cc" role="src" /> + <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc" role="src" /> + <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/chttp2_connector.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/backup_poller.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/channel_connectivity.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/client_channel.cc" role="src" /> @@ -621,11 +681,14 @@ <file baseinstalldir="/" name="src/core/ext/filters/client_channel/subchannel_index.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/uri_parser.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/deadline/deadline_filter.cc" role="src" /> - <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/chttp2_connector.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/alts_transport_security.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/fake_transport_security.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/ssl_transport_security.cc" role="src" /> + <file baseinstalldir="/" name="src/core/tsi/transport_security_grpc.cc" role="src" /> + <file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/chttp2_server.cc" role="src" /> + <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc" role="src" /> - <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/insecure/channel_create.cc" role="src" /> - <file baseinstalldir="/" name="src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/transport/inproc/inproc_plugin.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/transport/inproc/inproc_transport.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc" role="src" /> @@ -634,9 +697,6 @@ <file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c" role="src" /> - <file baseinstalldir="/" name="third_party/nanopb/pb_common.c" role="src" /> - <file baseinstalldir="/" name="third_party/nanopb/pb_decode.c" role="src" /> - <file baseinstalldir="/" name="third_party/nanopb/pb_encode.c" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc" role="src" /> <file baseinstalldir="/" name="src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc" role="src" /> @@ -118,6 +118,7 @@ if EXTRA_ENV_COMPILE_ARGS is None: EXTRA_ENV_COMPILE_ARGS += ' -std=c++11 -std=gnu99 -fvisibility=hidden -fno-wrapv -fno-exceptions' elif "darwin" in sys.platform: EXTRA_ENV_COMPILE_ARGS += ' -fvisibility=hidden -fno-wrapv -fno-exceptions' +EXTRA_ENV_COMPILE_ARGS += ' -DPB_FIELD_16BIT' if EXTRA_ENV_LINK_ARGS is None: EXTRA_ENV_LINK_ARGS = '' @@ -160,7 +161,7 @@ if "win32" in sys.platform: DEFINE_MACROS = ( ('OPENSSL_NO_ASM', 1), ('_WIN32_WINNT', 0x600), - ('GPR_BACKWARDS_COMPATIBILITY_MODE', 1),) + ('GPR_BACKWARDS_COMPATIBILITY_MODE', 1)) if "win32" in sys.platform: # TODO(zyc): Re-enble c-ares on x64 and x86 windows after fixing the # ares_library_init compilation issue diff --git a/src/core/lib/security/credentials/alts/alts_credentials.cc b/src/core/lib/security/credentials/alts/alts_credentials.cc new file mode 100644 index 0000000000..fa05d901bf --- /dev/null +++ b/src/core/lib/security/credentials/alts/alts_credentials.cc @@ -0,0 +1,119 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/lib/security/credentials/alts/alts_credentials.h" + +#include <cstring> + +#include <grpc/grpc.h> +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> +#include <grpc/support/string_util.h> + +#include "src/core/lib/security/credentials/alts/check_gcp_environment.h" +#include "src/core/lib/security/security_connector/alts_security_connector.h" + +#define GRPC_CREDENTIALS_TYPE_ALTS "Alts" +#define GRPC_ALTS_HANDSHAKER_SERVICE_URL "metadata.google.internal:8080" + +static void alts_credentials_destruct(grpc_channel_credentials* creds) { + grpc_alts_credentials* alts_creds = + reinterpret_cast<grpc_alts_credentials*>(creds); + grpc_alts_credentials_options_destroy(alts_creds->options); + gpr_free(alts_creds->handshaker_service_url); +} + +static void alts_server_credentials_destruct(grpc_server_credentials* creds) { + grpc_alts_server_credentials* alts_creds = + reinterpret_cast<grpc_alts_server_credentials*>(creds); + grpc_alts_credentials_options_destroy(alts_creds->options); + gpr_free(alts_creds->handshaker_service_url); +} + +static grpc_security_status alts_create_security_connector( + grpc_channel_credentials* creds, + grpc_call_credentials* request_metadata_creds, const char* target_name, + const grpc_channel_args* args, grpc_channel_security_connector** sc, + grpc_channel_args** new_args) { + return grpc_alts_channel_security_connector_create( + creds, request_metadata_creds, target_name, sc); +} + +static grpc_security_status alts_server_create_security_connector( + grpc_server_credentials* creds, grpc_server_security_connector** sc) { + return grpc_alts_server_security_connector_create(creds, sc); +} + +static const grpc_channel_credentials_vtable alts_credentials_vtable = { + alts_credentials_destruct, alts_create_security_connector, + /*duplicate_without_call_credentials=*/nullptr}; + +static const grpc_server_credentials_vtable alts_server_credentials_vtable = { + alts_server_credentials_destruct, alts_server_create_security_connector}; + +grpc_channel_credentials* grpc_alts_credentials_create_customized( + const grpc_alts_credentials_options* options, + const char* handshaker_service_url, bool enable_untrusted_alts) { + if (!enable_untrusted_alts && !grpc_alts_is_running_on_gcp()) { + return nullptr; + } + auto creds = static_cast<grpc_alts_credentials*>( + gpr_zalloc(sizeof(grpc_alts_credentials))); + creds->options = grpc_alts_credentials_options_copy(options); + creds->handshaker_service_url = + handshaker_service_url == nullptr + ? gpr_strdup(GRPC_ALTS_HANDSHAKER_SERVICE_URL) + : gpr_strdup(handshaker_service_url); + creds->base.type = GRPC_CREDENTIALS_TYPE_ALTS; + creds->base.vtable = &alts_credentials_vtable; + gpr_ref_init(&creds->base.refcount, 1); + return &creds->base; +} + +grpc_server_credentials* grpc_alts_server_credentials_create_customized( + const grpc_alts_credentials_options* options, + const char* handshaker_service_url, bool enable_untrusted_alts) { + if (!enable_untrusted_alts && !grpc_alts_is_running_on_gcp()) { + return nullptr; + } + auto creds = static_cast<grpc_alts_server_credentials*>( + gpr_zalloc(sizeof(grpc_alts_server_credentials))); + creds->options = grpc_alts_credentials_options_copy(options); + creds->handshaker_service_url = + handshaker_service_url == nullptr + ? gpr_strdup(GRPC_ALTS_HANDSHAKER_SERVICE_URL) + : gpr_strdup(handshaker_service_url); + creds->base.type = GRPC_CREDENTIALS_TYPE_ALTS; + creds->base.vtable = &alts_server_credentials_vtable; + gpr_ref_init(&creds->base.refcount, 1); + return &creds->base; +} + +grpc_channel_credentials* grpc_alts_credentials_create( + const grpc_alts_credentials_options* options) { + return grpc_alts_credentials_create_customized( + options, GRPC_ALTS_HANDSHAKER_SERVICE_URL, false); +} + +grpc_server_credentials* grpc_alts_server_credentials_create( + const grpc_alts_credentials_options* options) { + return grpc_alts_server_credentials_create_customized( + options, GRPC_ALTS_HANDSHAKER_SERVICE_URL, false); +} diff --git a/src/core/lib/security/credentials/alts/alts_credentials.h b/src/core/lib/security/credentials/alts/alts_credentials.h new file mode 100644 index 0000000000..621789cf65 --- /dev/null +++ b/src/core/lib/security/credentials/alts/alts_credentials.h @@ -0,0 +1,102 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H +#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H + +#include <grpc/support/port_platform.h> + +#include <grpc/grpc_security.h> + +#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h" +#include "src/core/lib/security/credentials/credentials.h" + +/* Main struct for grpc ALTS channel credential. */ +typedef struct grpc_alts_credentials { + grpc_channel_credentials base; + grpc_alts_credentials_options* options; + char* handshaker_service_url; +} grpc_alts_credentials; + +/* Main struct for grpc ALTS server credential. */ +typedef struct grpc_alts_server_credentials { + grpc_server_credentials base; + grpc_alts_credentials_options* options; + char* handshaker_service_url; +} grpc_alts_server_credentials; + +/** + * This method creates an ALTS channel credential object. + * + * - options: grpc ALTS credentials options instance for client. + * + * It returns the created ALTS channel credential object. + */ +grpc_channel_credentials* grpc_alts_credentials_create( + const grpc_alts_credentials_options* options); + +/** + * This method creates an ALTS server credential object. + * + * - options: grpc ALTS credentials options instance for server. + * + * It returns the created ALTS server credential object. + */ +grpc_server_credentials* grpc_alts_server_credentials_create( + const grpc_alts_credentials_options* options); + +/** + * This method creates an ALTS channel credential object with customized + * information provided by caller. + * + * - options: grpc ALTS credentials options instance for client. + * - handshaker_service_url: address of ALTS handshaker service in the format of + * "host:port". If it's nullptr, the address of default metadata server will + * be used. + * - enable_untrusted_alts: a boolean flag used to enable ALTS in untrusted + * mode. This mode can be enabled when we are sure ALTS is running on GCP or + * for testing purpose. + * + * It returns nullptr if the flag is disabled AND ALTS is not running on GCP. + * Otherwise, it returns the created credential object. + */ + +grpc_channel_credentials* grpc_alts_credentials_create_customized( + const grpc_alts_credentials_options* options, + const char* handshaker_service_url, bool enable_untrusted_alts); + +/** + * This method creates an ALTS server credential object with customized + * information provided by caller. + * + * - options: grpc ALTS credentials options instance for server. + * - handshaker_service_url: address of ALTS handshaker service in the format of + * "host:port". If it's nullptr, the address of default metadata server will + * be used. + * - enable_untrusted_alts: a boolean flag used to enable ALTS in untrusted + * mode. This mode can be enabled when we are sure ALTS is running on GCP or + * for testing purpose. + * + * It returns nullptr if the flag is disabled and ALTS is not running on GCP. + * Otherwise, it returns the created credential object. + */ +grpc_server_credentials* grpc_alts_server_credentials_create_customized( + const grpc_alts_credentials_options* options, + const char* handshaker_service_url, bool enable_untrusted_alts); + +#endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H */ diff --git a/src/core/lib/security/credentials/alts/check_gcp_environment.cc b/src/core/lib/security/credentials/alts/check_gcp_environment.cc new file mode 100644 index 0000000000..96807876cf --- /dev/null +++ b/src/core/lib/security/credentials/alts/check_gcp_environment.cc @@ -0,0 +1,72 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/lib/security/credentials/alts/check_gcp_environment.h" + +#include <ctype.h> +#include <stdio.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +const size_t kBiosDataBufferSize = 256; + +static char* trim(const char* src) { + if (src == nullptr) { + return nullptr; + } + char* des = nullptr; + size_t start = 0, end = strlen(src) - 1; + /* find the last character that is not a whitespace. */ + while (end != 0 && isspace(src[end])) { + end--; + } + /* find the first character that is not a whitespace. */ + while (start < strlen(src) && isspace(src[start])) { + start++; + } + if (start <= end) { + des = static_cast<char*>( + gpr_zalloc(sizeof(char) * (end - start + 2 /* '\0' */))); + memcpy(des, src + start, end - start + 1); + } + return des; +} + +namespace grpc_core { +namespace internal { + +char* read_bios_file(const char* bios_file) { + FILE* fp = fopen(bios_file, "r"); + if (!fp) { + gpr_log(GPR_ERROR, "BIOS data file cannot be opened."); + return nullptr; + } + char buf[kBiosDataBufferSize + 1]; + size_t ret = fread(buf, sizeof(char), kBiosDataBufferSize, fp); + buf[ret] = '\0'; + char* trimmed_buf = trim(buf); + fclose(fp); + return trimmed_buf; +} + +} // namespace internal +} // namespace grpc_core diff --git a/src/core/lib/security/credentials/alts/check_gcp_environment.h b/src/core/lib/security/credentials/alts/check_gcp_environment.h new file mode 100644 index 0000000000..aea4cea643 --- /dev/null +++ b/src/core/lib/security/credentials/alts/check_gcp_environment.h @@ -0,0 +1,57 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_CHECK_GCP_ENVIRONMENT_H +#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_CHECK_GCP_ENVIRONMENT_H + +namespace grpc_core { +namespace internal { + +/** + * This method is a helper function that reads a file containing system bios + * data. Exposed for testing only. + * + * - bios_file: a file containing BIOS data used to determine GCE tenancy + * information. + * + * It returns a buffer containing the data read from the file. + */ +char* read_bios_file(const char* bios_file); + +/** + * This method checks if system BIOS data contains Google-specific phrases. + * Exposed for testing only. + * + * - bios_data: a buffer containing system BIOS data. + * + * It returns true if the BIOS data contains Google-specific phrases, and false + * otherwise. + */ +bool check_bios_data(const char* bios_data); + +} // namespace internal +} // namespace grpc_core + +/** + * This method checks if a VM (Windows or Linux) is running within Google + * compute Engine (GCE) or not. It returns true if the VM is running in GCE and + * false otherwise. + */ +bool grpc_alts_is_running_on_gcp(); + +#endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_CHECK_GCP_ENVIRONMENT_H */ diff --git a/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc b/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc new file mode 100644 index 0000000000..7c4d7a71cd --- /dev/null +++ b/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc @@ -0,0 +1,67 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#ifdef GPR_LINUX + +#include "src/core/lib/security/credentials/alts/check_gcp_environment.h" + +#include <grpc/support/alloc.h> +#include <grpc/support/sync.h> + +#include <string.h> + +#define GRPC_ALTS_EXPECT_NAME_GOOGLE "Google" +#define GRPC_ALTS_EXPECT_NAME_GCE "Google Compute Engine" +#define GRPC_ALTS_PRODUCT_NAME_FILE "/sys/class/dmi/id/product_name" + +static bool g_compute_engine_detection_done = false; +static bool g_is_on_compute_engine = false; +static gpr_mu g_mu; +static gpr_once g_once = GPR_ONCE_INIT; + +namespace grpc_core { +namespace internal { + +bool check_bios_data(const char* bios_data_file) { + char* bios_data = read_bios_file(bios_data_file); + bool result = (!strcmp(bios_data, GRPC_ALTS_EXPECT_NAME_GOOGLE)) || + (!strcmp(bios_data, GRPC_ALTS_EXPECT_NAME_GCE)); + gpr_free(bios_data); + return result; +} + +} // namespace internal +} // namespace grpc_core + +static void init_mu(void) { gpr_mu_init(&g_mu); } + +bool grpc_alts_is_running_on_gcp() { + gpr_once_init(&g_once, init_mu); + gpr_mu_lock(&g_mu); + if (!g_compute_engine_detection_done) { + g_is_on_compute_engine = + grpc_core::internal::check_bios_data(GRPC_ALTS_PRODUCT_NAME_FILE); + g_compute_engine_detection_done = true; + } + gpr_mu_unlock(&g_mu); + return g_is_on_compute_engine; +} + +#endif // GPR_LINUX diff --git a/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc b/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc new file mode 100644 index 0000000000..d97681b86d --- /dev/null +++ b/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc @@ -0,0 +1,33 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#if !defined(GPR_LINUX) && !defined(GPR_WINDOWS) + +#include "src/core/lib/security/credentials/alts/check_gcp_environment.h" + +#include <grpc/support/log.h> + +bool grpc_alts_is_running_on_gcp() { + gpr_log(GPR_ERROR, + "Platforms other than Linux and Windows are not supported"); + return false; +} + +#endif // !defined(LINUX) && !defined(GPR_WINDOWS) diff --git a/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc b/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc new file mode 100644 index 0000000000..55efe0e9dd --- /dev/null +++ b/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc @@ -0,0 +1,114 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#ifdef GPR_WINDOWS + +#include "src/core/lib/security/credentials/alts/check_gcp_environment.h" + +#include <shellapi.h> +#include <stdio.h> +#include <tchar.h> +#include <windows.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> +#include <grpc/support/sync.h> + +#define GRPC_ALTS_EXPECT_NAME_GOOGLE "Google" +#define GRPC_ALTS_WINDOWS_CHECK_COMMAND "powershell.exe" +#define GRPC_ALTS_WINDOWS_CHECK_COMMAND_ARGS \ + "(Get-WmiObject -Class Win32_BIOS).Manufacturer" +#define GRPC_ALTS_WINDOWS_CHECK_BIOS_FILE "windows_bios.data" + +const size_t kBiosDataBufferSize = 256; + +static bool g_compute_engine_detection_done = false; +static bool g_is_on_compute_engine = false; +static gpr_mu g_mu; +static gpr_once g_once = GPR_ONCE_INIT; + +namespace grpc_core { +namespace internal { + +bool check_bios_data(const char* bios_data_file) { + char* bios_data = read_bios_file(bios_data_file); + bool result = !strcmp(bios_data, GRPC_ALTS_EXPECT_NAME_GOOGLE); + remove(GRPC_ALTS_WINDOWS_CHECK_BIOS_FILE); + gpr_free(bios_data); + return result; +} + +} // namespace internal +} // namespace grpc_core + +static void init_mu(void) { gpr_mu_init(&g_mu); } + +static bool run_powershell() { + SECURITY_ATTRIBUTES sa; + sa.nLength = sizeof(sa); + sa.lpSecurityDescriptor = NULL; + sa.bInheritHandle = TRUE; + HANDLE h = CreateFile(_T(GRPC_ALTS_WINDOWS_CHECK_BIOS_FILE), GENERIC_WRITE, + FILE_SHARE_WRITE | FILE_SHARE_READ, &sa, OPEN_ALWAYS, + FILE_ATTRIBUTE_NORMAL, NULL); + if (h == INVALID_HANDLE_VALUE) { + gpr_log(GPR_ERROR, "CreateFile failed (%d).", GetLastError()); + return false; + } + PROCESS_INFORMATION pi; + STARTUPINFO si; + DWORD flags = CREATE_NO_WINDOW; + ZeroMemory(&pi, sizeof(pi)); + ZeroMemory(&si, sizeof(si)); + si.cb = sizeof(si); + si.dwFlags |= STARTF_USESTDHANDLES; + si.hStdInput = NULL; + si.hStdError = h; + si.hStdOutput = h; + TCHAR cmd[kBiosDataBufferSize]; + _sntprintf(cmd, kBiosDataBufferSize, _T("%s %s"), + _T(GRPC_ALTS_WINDOWS_CHECK_COMMAND), + _T(GRPC_ALTS_WINDOWS_CHECK_COMMAND_ARGS)); + if (!CreateProcess(NULL, cmd, NULL, NULL, TRUE, flags, NULL, NULL, &si, + &pi)) { + gpr_log(GPR_ERROR, "CreateProcess failed (%d).\n", GetLastError()); + return false; + } + WaitForSingleObject(pi.hProcess, INFINITE); + CloseHandle(pi.hProcess); + CloseHandle(pi.hThread); + CloseHandle(h); + return true; +} + +bool grpc_alts_is_running_on_gcp() { + gpr_once_init(&g_once, init_mu); + gpr_mu_lock(&g_mu); + if (!g_compute_engine_detection_done) { + g_is_on_compute_engine = + run_powershell() && + grpc_core::internal::check_bios_data(GRPC_ALTS_WINDOWS_CHECK_BIOS_FILE); + g_compute_engine_detection_done = true; + } + gpr_mu_unlock(&g_mu); + return g_is_on_compute_engine; +} + +#endif // GPR_WINDOWS diff --git a/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc b/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc new file mode 100644 index 0000000000..7d54e8346f --- /dev/null +++ b/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc @@ -0,0 +1,126 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include <stdlib.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> +#include <grpc/support/string_util.h> + +#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h" +#include "src/core/tsi/alts/handshaker/transport_security_common_api.h" + +static grpc_alts_credentials_options* alts_client_options_copy( + const grpc_alts_credentials_options* options); + +static void alts_client_options_destroy(grpc_alts_credentials_options* options); + +static target_service_account* target_service_account_create( + const char* service_account) { + if (service_account == nullptr) { + return nullptr; + } + auto* sa = static_cast<target_service_account*>( + gpr_zalloc(sizeof(target_service_account))); + sa->data = gpr_strdup(service_account); + return sa; +} + +bool grpc_alts_credentials_client_options_add_target_service_account( + grpc_alts_credentials_client_options* options, + const char* service_account) { + if (options == nullptr || service_account == nullptr) { + gpr_log( + GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_alts_credentials_client_options_add_target_service_account()"); + return false; + } + target_service_account* node = target_service_account_create(service_account); + node->next = options->target_account_list_head; + options->target_account_list_head = node; + return true; +} + +static void target_service_account_destroy( + target_service_account* service_account) { + if (service_account == nullptr) { + return; + } + gpr_free(service_account->data); + gpr_free(service_account); +} + +static const grpc_alts_credentials_options_vtable vtable = { + alts_client_options_copy, alts_client_options_destroy}; + +grpc_alts_credentials_options* grpc_alts_credentials_client_options_create() { + auto client_options = static_cast<grpc_alts_credentials_client_options*>( + gpr_zalloc(sizeof(grpc_alts_credentials_client_options))); + client_options->base.vtable = &vtable; + return &client_options->base; +} + +static grpc_alts_credentials_options* alts_client_options_copy( + const grpc_alts_credentials_options* options) { + if (options == nullptr) { + return nullptr; + } + grpc_alts_credentials_options* new_options = + grpc_alts_credentials_client_options_create(); + auto new_client_options = + reinterpret_cast<grpc_alts_credentials_client_options*>(new_options); + /* Copy target service accounts. */ + target_service_account* prev = nullptr; + auto node = + (reinterpret_cast<const grpc_alts_credentials_client_options*>(options)) + ->target_account_list_head; + while (node != nullptr) { + target_service_account* new_node = + target_service_account_create(node->data); + if (prev == nullptr) { + new_client_options->target_account_list_head = new_node; + } else { + prev->next = new_node; + } + prev = new_node; + node = node->next; + } + /* Copy rpc protocol versions. */ + grpc_gcp_rpc_protocol_versions_copy(&options->rpc_versions, + &new_options->rpc_versions); + return new_options; +} + +static void alts_client_options_destroy( + grpc_alts_credentials_options* options) { + if (options == nullptr) { + return; + } + auto* client_options = + reinterpret_cast<grpc_alts_credentials_client_options*>(options); + target_service_account* node = client_options->target_account_list_head; + while (node != nullptr) { + target_service_account* next_node = node->next; + target_service_account_destroy(node); + node = next_node; + } +} diff --git a/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc b/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc new file mode 100644 index 0000000000..d428171540 --- /dev/null +++ b/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc @@ -0,0 +1,46 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h" + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +grpc_alts_credentials_options* grpc_alts_credentials_options_copy( + const grpc_alts_credentials_options* options) { + if (options != nullptr && options->vtable != nullptr && + options->vtable->copy != nullptr) { + return options->vtable->copy(options); + } + /* An error occurred. */ + gpr_log(GPR_ERROR, + "Invalid arguments to grpc_alts_credentials_options_copy()"); + return nullptr; +} + +void grpc_alts_credentials_options_destroy( + grpc_alts_credentials_options* options) { + if (options != nullptr) { + if (options->vtable != nullptr && options->vtable->destruct != nullptr) { + options->vtable->destruct(options); + } + gpr_free(options); + } +} diff --git a/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h b/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h new file mode 100644 index 0000000000..4e46d9f2de --- /dev/null +++ b/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h @@ -0,0 +1,112 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_GRPC_ALTS_CREDENTIALS_OPTIONS_H +#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_GRPC_ALTS_CREDENTIALS_OPTIONS_H + +#include <grpc/support/port_platform.h> + +#include <stdbool.h> + +#include "src/core/tsi/alts/handshaker/transport_security_common_api.h" + +/** + * Main interface for ALTS credentials options. The options will contain + * information that will be passed from grpc to TSI layer such as RPC protocol + * versions. ALTS client (channel) and server credentials will have their own + * implementation of this interface. The APIs listed in this header are + * thread-compatible. + */ +typedef struct grpc_alts_credentials_options grpc_alts_credentials_options; + +/* V-table for grpc_alts_credentials_options */ +typedef struct grpc_alts_credentials_options_vtable { + grpc_alts_credentials_options* (*copy)( + const grpc_alts_credentials_options* options); + void (*destruct)(grpc_alts_credentials_options* options); +} grpc_alts_credentials_options_vtable; + +struct grpc_alts_credentials_options { + const struct grpc_alts_credentials_options_vtable* vtable; + grpc_gcp_rpc_protocol_versions rpc_versions; +}; + +typedef struct target_service_account { + struct target_service_account* next; + char* data; +} target_service_account; + +/** + * Main struct for ALTS client credentials options. The options contain a + * a list of target service accounts (if specified) used for secure naming + * check. + */ +typedef struct grpc_alts_credentials_client_options { + grpc_alts_credentials_options base; + target_service_account* target_account_list_head; +} grpc_alts_credentials_client_options; + +/** + * Main struct for ALTS server credentials options. The options currently + * do not contain any server-specific fields. + */ +typedef struct grpc_alts_credentials_server_options { + grpc_alts_credentials_options base; +} grpc_alts_credentials_server_options; + +/** + * This method performs a deep copy on grpc_alts_credentials_options instance. + * + * - options: a grpc_alts_credentials_options instance that needs to be copied. + * + * It returns a new grpc_alts_credentials_options instance on success and NULL + * on failure. + */ +grpc_alts_credentials_options* grpc_alts_credentials_options_copy( + const grpc_alts_credentials_options* options); + +/** + * This method destroys a grpc_alts_credentials_options instance by + * de-allocating all of its occupied memory. + * + * - options: a grpc_alts_credentials_options instance that needs to be + * destroyed. + */ +void grpc_alts_credentials_options_destroy( + grpc_alts_credentials_options* options); + +/* This method creates a grpc ALTS credentials client options instance. */ +grpc_alts_credentials_options* grpc_alts_credentials_client_options_create(); + +/* This method creates a grpc ALTS credentials server options instance. */ +grpc_alts_credentials_options* grpc_alts_credentials_server_options_create(); + +/** + * This method adds a target service account to grpc ALTS credentials client + * options instance. + * + * - options: grpc ALTS credentials client options instance. + * - service_account: service account of target endpoint. + * + * It returns true on success and false on failure. + */ +bool grpc_alts_credentials_client_options_add_target_service_account( + grpc_alts_credentials_client_options* options, const char* service_account); + +#endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_GRPC_ALTS_CREDENTIALS_OPTIONS_H \ + */ diff --git a/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc b/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc new file mode 100644 index 0000000000..62aa7a620a --- /dev/null +++ b/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc @@ -0,0 +1,58 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include <stdlib.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h" +#include "src/core/tsi/alts/handshaker/transport_security_common_api.h" + +static grpc_alts_credentials_options* alts_server_options_copy( + const grpc_alts_credentials_options* options); + +static void alts_server_options_destroy( + grpc_alts_credentials_options* options) {} + +static const grpc_alts_credentials_options_vtable vtable = { + alts_server_options_copy, alts_server_options_destroy}; + +grpc_alts_credentials_options* grpc_alts_credentials_server_options_create() { + grpc_alts_credentials_server_options* server_options = + static_cast<grpc_alts_credentials_server_options*>( + gpr_zalloc(sizeof(*server_options))); + server_options->base.vtable = &vtable; + return &server_options->base; +} + +static grpc_alts_credentials_options* alts_server_options_copy( + const grpc_alts_credentials_options* options) { + if (options == nullptr) { + return nullptr; + } + grpc_alts_credentials_options* new_options = + grpc_alts_credentials_server_options_create(); + /* Copy rpc protocol versions. */ + grpc_gcp_rpc_protocol_versions_copy(&options->rpc_versions, + &new_options->rpc_versions); + return new_options; +} diff --git a/src/core/lib/security/security_connector/alts_security_connector.cc b/src/core/lib/security/security_connector/alts_security_connector.cc new file mode 100644 index 0000000000..5ff7d7938b --- /dev/null +++ b/src/core/lib/security/security_connector/alts_security_connector.cc @@ -0,0 +1,287 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/lib/security/security_connector/alts_security_connector.h" + +#include <stdbool.h> +#include <string.h> + +#include <grpc/grpc.h> +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> +#include <grpc/support/string_util.h> + +#include "src/core/lib/security/credentials/alts/alts_credentials.h" +#include "src/core/lib/security/transport/security_handshaker.h" +#include "src/core/lib/transport/transport.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" + +typedef struct { + grpc_channel_security_connector base; + char* target_name; +} grpc_alts_channel_security_connector; + +typedef struct { + grpc_server_security_connector base; +} grpc_alts_server_security_connector; + +static void alts_channel_destroy(grpc_security_connector* sc) { + if (sc == nullptr) { + return; + } + auto c = reinterpret_cast<grpc_alts_channel_security_connector*>(sc); + grpc_call_credentials_unref(c->base.request_metadata_creds); + grpc_channel_credentials_unref(c->base.channel_creds); + gpr_free(c->target_name); + gpr_free(sc); +} + +static void alts_server_destroy(grpc_security_connector* sc) { + if (sc == nullptr) { + return; + } + auto c = reinterpret_cast<grpc_alts_server_security_connector*>(sc); + grpc_server_credentials_unref(c->base.server_creds); + gpr_free(sc); +} + +static void alts_channel_add_handshakers( + grpc_channel_security_connector* sc, + grpc_handshake_manager* handshake_manager) { + tsi_handshaker* handshaker = nullptr; + auto c = reinterpret_cast<grpc_alts_channel_security_connector*>(sc); + grpc_alts_credentials* creds = + reinterpret_cast<grpc_alts_credentials*>(c->base.channel_creds); + GPR_ASSERT(alts_tsi_handshaker_create(creds->options, c->target_name, + creds->handshaker_service_url, true, + &handshaker) == TSI_OK); + grpc_handshake_manager_add(handshake_manager, grpc_security_handshaker_create( + handshaker, &sc->base)); +} + +static void alts_server_add_handshakers( + grpc_server_security_connector* sc, + grpc_handshake_manager* handshake_manager) { + tsi_handshaker* handshaker = nullptr; + auto c = reinterpret_cast<grpc_alts_server_security_connector*>(sc); + grpc_alts_server_credentials* creds = + reinterpret_cast<grpc_alts_server_credentials*>(c->base.server_creds); + GPR_ASSERT(alts_tsi_handshaker_create(creds->options, nullptr, + creds->handshaker_service_url, false, + &handshaker) == TSI_OK); + grpc_handshake_manager_add(handshake_manager, grpc_security_handshaker_create( + handshaker, &sc->base)); +} + +static void alts_set_rpc_protocol_versions( + grpc_gcp_rpc_protocol_versions* rpc_versions) { + grpc_gcp_rpc_protocol_versions_set_max(rpc_versions, + GRPC_PROTOCOL_VERSION_MAX_MAJOR, + GRPC_PROTOCOL_VERSION_MAX_MINOR); + grpc_gcp_rpc_protocol_versions_set_min(rpc_versions, + GRPC_PROTOCOL_VERSION_MIN_MAJOR, + GRPC_PROTOCOL_VERSION_MIN_MINOR); +} + +namespace grpc_core { +namespace internal { + +grpc_security_status grpc_alts_auth_context_from_tsi_peer( + const tsi_peer* peer, grpc_auth_context** ctx) { + if (peer == nullptr || ctx == nullptr) { + gpr_log(GPR_ERROR, + "Invalid arguments to grpc_alts_auth_context_from_tsi_peer()"); + return GRPC_SECURITY_ERROR; + } + *ctx = nullptr; + /* Validate certificate type. */ + const tsi_peer_property* cert_type_prop = + tsi_peer_get_property_by_name(peer, TSI_CERTIFICATE_TYPE_PEER_PROPERTY); + if (cert_type_prop == nullptr || + strncmp(cert_type_prop->value.data, TSI_ALTS_CERTIFICATE_TYPE, + cert_type_prop->value.length) != 0) { + gpr_log(GPR_ERROR, "Invalid or missing certificate type property."); + return GRPC_SECURITY_ERROR; + } + /* Validate RPC protocol versions. */ + const tsi_peer_property* rpc_versions_prop = + tsi_peer_get_property_by_name(peer, TSI_ALTS_RPC_VERSIONS); + if (rpc_versions_prop == nullptr) { + gpr_log(GPR_ERROR, "Missing rpc protocol versions property."); + return GRPC_SECURITY_ERROR; + } + grpc_gcp_rpc_protocol_versions local_versions, peer_versions; + alts_set_rpc_protocol_versions(&local_versions); + grpc_slice slice = grpc_slice_from_copied_buffer( + rpc_versions_prop->value.data, rpc_versions_prop->value.length); + bool decode_result = + grpc_gcp_rpc_protocol_versions_decode(slice, &peer_versions); + grpc_slice_unref(slice); + if (!decode_result) { + gpr_log(GPR_ERROR, "Invalid peer rpc protocol versions."); + return GRPC_SECURITY_ERROR; + } + /* TODO: Pass highest common rpc protocol version to grpc caller. */ + bool check_result = grpc_gcp_rpc_protocol_versions_check( + &local_versions, &peer_versions, nullptr); + if (!check_result) { + gpr_log(GPR_ERROR, "Mismatch of local and peer rpc protocol versions."); + return GRPC_SECURITY_ERROR; + } + /* Create auth context. */ + *ctx = grpc_auth_context_create(nullptr); + grpc_auth_context_add_cstring_property( + *ctx, GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME, + GRPC_ALTS_TRANSPORT_SECURITY_TYPE); + size_t i = 0; + for (i = 0; i < peer->property_count; i++) { + const tsi_peer_property* tsi_prop = &peer->properties[i]; + /* Add service account to auth context. */ + if (strcmp(tsi_prop->name, TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY) == 0) { + grpc_auth_context_add_property( + *ctx, TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, tsi_prop->value.data, + tsi_prop->value.length); + GPR_ASSERT(grpc_auth_context_set_peer_identity_property_name( + *ctx, TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY) == 1); + } + } + if (!grpc_auth_context_peer_is_authenticated(*ctx)) { + gpr_log(GPR_ERROR, "Invalid unauthenticated peer."); + GRPC_AUTH_CONTEXT_UNREF(*ctx, "test"); + *ctx = nullptr; + return GRPC_SECURITY_ERROR; + } + return GRPC_SECURITY_OK; +} + +} // namespace internal +} // namespace grpc_core + +static void alts_check_peer(grpc_security_connector* sc, tsi_peer peer, + grpc_auth_context** auth_context, + grpc_closure* on_peer_checked) { + grpc_security_status status; + status = grpc_core::internal::grpc_alts_auth_context_from_tsi_peer( + &peer, auth_context); + tsi_peer_destruct(&peer); + grpc_error* error = + status == GRPC_SECURITY_OK + ? GRPC_ERROR_NONE + : GRPC_ERROR_CREATE_FROM_STATIC_STRING( + "Could not get ALTS auth context from TSI peer"); + GRPC_CLOSURE_SCHED(on_peer_checked, error); +} + +static int alts_channel_cmp(grpc_security_connector* sc1, + grpc_security_connector* sc2) { + grpc_alts_channel_security_connector* c1 = + reinterpret_cast<grpc_alts_channel_security_connector*>(sc1); + grpc_alts_channel_security_connector* c2 = + reinterpret_cast<grpc_alts_channel_security_connector*>(sc2); + int c = grpc_channel_security_connector_cmp(&c1->base, &c2->base); + if (c != 0) return c; + return strcmp(c1->target_name, c2->target_name); +} + +static int alts_server_cmp(grpc_security_connector* sc1, + grpc_security_connector* sc2) { + grpc_alts_server_security_connector* c1 = + reinterpret_cast<grpc_alts_server_security_connector*>(sc1); + grpc_alts_server_security_connector* c2 = + reinterpret_cast<grpc_alts_server_security_connector*>(sc2); + return grpc_server_security_connector_cmp(&c1->base, &c2->base); +} + +static grpc_security_connector_vtable alts_channel_vtable = { + alts_channel_destroy, alts_check_peer, alts_channel_cmp}; + +static grpc_security_connector_vtable alts_server_vtable = { + alts_server_destroy, alts_check_peer, alts_server_cmp}; + +static bool alts_check_call_host(grpc_channel_security_connector* sc, + const char* host, + grpc_auth_context* auth_context, + grpc_closure* on_call_host_checked, + grpc_error** error) { + grpc_alts_channel_security_connector* alts_sc = + reinterpret_cast<grpc_alts_channel_security_connector*>(sc); + if (host == nullptr || alts_sc == nullptr || + strcmp(host, alts_sc->target_name) != 0) { + *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING( + "ALTS call host does not match target name"); + } + return true; +} + +static void alts_cancel_check_call_host(grpc_channel_security_connector* sc, + grpc_closure* on_call_host_checked, + grpc_error* error) { + GRPC_ERROR_UNREF(error); +} + +grpc_security_status grpc_alts_channel_security_connector_create( + grpc_channel_credentials* channel_creds, + grpc_call_credentials* request_metadata_creds, const char* target_name, + grpc_channel_security_connector** sc) { + if (channel_creds == nullptr || sc == nullptr || target_name == nullptr) { + gpr_log( + GPR_ERROR, + "Invalid arguments to grpc_alts_channel_security_connector_create()"); + return GRPC_SECURITY_ERROR; + } + auto c = static_cast<grpc_alts_channel_security_connector*>( + gpr_zalloc(sizeof(grpc_alts_channel_security_connector))); + gpr_ref_init(&c->base.base.refcount, 1); + c->base.base.vtable = &alts_channel_vtable; + c->base.add_handshakers = alts_channel_add_handshakers; + c->base.channel_creds = grpc_channel_credentials_ref(channel_creds); + c->base.request_metadata_creds = + grpc_call_credentials_ref(request_metadata_creds); + c->base.check_call_host = alts_check_call_host; + c->base.cancel_check_call_host = alts_cancel_check_call_host; + grpc_alts_credentials* creds = + reinterpret_cast<grpc_alts_credentials*>(c->base.channel_creds); + alts_set_rpc_protocol_versions(&creds->options->rpc_versions); + c->target_name = gpr_strdup(target_name); + *sc = &c->base; + return GRPC_SECURITY_OK; +} + +grpc_security_status grpc_alts_server_security_connector_create( + grpc_server_credentials* server_creds, + grpc_server_security_connector** sc) { + if (server_creds == nullptr || sc == nullptr) { + gpr_log( + GPR_ERROR, + "Invalid arguments to grpc_alts_server_security_connector_create()"); + return GRPC_SECURITY_ERROR; + } + auto c = static_cast<grpc_alts_server_security_connector*>( + gpr_zalloc(sizeof(grpc_alts_server_security_connector))); + gpr_ref_init(&c->base.base.refcount, 1); + c->base.base.vtable = &alts_server_vtable; + c->base.server_creds = grpc_server_credentials_ref(server_creds); + c->base.add_handshakers = alts_server_add_handshakers; + grpc_alts_server_credentials* creds = + reinterpret_cast<grpc_alts_server_credentials*>(c->base.server_creds); + alts_set_rpc_protocol_versions(&creds->options->rpc_versions); + *sc = &c->base; + return GRPC_SECURITY_OK; +} diff --git a/src/core/lib/security/security_connector/alts_security_connector.h b/src/core/lib/security/security_connector/alts_security_connector.h new file mode 100644 index 0000000000..e7e4cffe2a --- /dev/null +++ b/src/core/lib/security/security_connector/alts_security_connector.h @@ -0,0 +1,69 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_ALTS_SECURITY_CONNECTOR_H +#define GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_ALTS_SECURITY_CONNECTOR_H + +#include <grpc/support/port_platform.h> + +#include "src/core/lib/security/context/security_context.h" +#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h" + +#define GRPC_ALTS_TRANSPORT_SECURITY_TYPE "alts" + +/** + * This method creates an ALTS channel security connector. + * + * - channel_creds: channel credential instance. + * - request_metadata_creds: credential object which will be sent with each + * request. This parameter can be nullptr. + * - target_name: the name of the endpoint that the channel is connecting to. + * - sc: address of ALTS channel security connector instance to be returned from + * the method. + * + * It returns GRPC_SECURITY_OK on success, and an error stauts code on failure. + */ +grpc_security_status grpc_alts_channel_security_connector_create( + grpc_channel_credentials* channel_creds, + grpc_call_credentials* request_metadata_creds, const char* target_name, + grpc_channel_security_connector** sc); + +/** + * This method creates an ALTS server security connector. + * + * - server_creds: server credential instance. + * - sc: address of ALTS server security connector instance to be returned from + * the method. + * + * It returns GRPC_SECURITY_OK on success, and an error status code on failure. + */ +grpc_security_status grpc_alts_server_security_connector_create( + grpc_server_credentials* server_creds, grpc_server_security_connector** sc); + +namespace grpc_core { +namespace internal { + +/* Exposed only for testing. */ +grpc_security_status grpc_alts_auth_context_from_tsi_peer( + const tsi_peer* peer, grpc_auth_context** ctx); + +} // namespace internal +} // namespace grpc_core + +#endif /* GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_ALTS_SECURITY_CONNECTOR_H \ + */ diff --git a/src/core/plugin_registry/grpc_plugin_registry.cc b/src/core/plugin_registry/grpc_plugin_registry.cc index ccf5f79a8e..6f11e6bb5b 100644 --- a/src/core/plugin_registry/grpc_plugin_registry.cc +++ b/src/core/plugin_registry/grpc_plugin_registry.cc @@ -24,12 +24,12 @@ void grpc_http_filters_init(void); void grpc_http_filters_shutdown(void); void grpc_chttp2_plugin_init(void); void grpc_chttp2_plugin_shutdown(void); -void grpc_tsi_alts_init(void); -void grpc_tsi_alts_shutdown(void); void grpc_deadline_filter_init(void); void grpc_deadline_filter_shutdown(void); void grpc_client_channel_init(void); void grpc_client_channel_shutdown(void); +void grpc_tsi_alts_init(void); +void grpc_tsi_alts_shutdown(void); void grpc_inproc_plugin_init(void); void grpc_inproc_plugin_shutdown(void); void grpc_resolver_fake_init(void); @@ -60,12 +60,12 @@ void grpc_register_built_in_plugins(void) { grpc_http_filters_shutdown); grpc_register_plugin(grpc_chttp2_plugin_init, grpc_chttp2_plugin_shutdown); - grpc_register_plugin(grpc_tsi_alts_init, - grpc_tsi_alts_shutdown); grpc_register_plugin(grpc_deadline_filter_init, grpc_deadline_filter_shutdown); grpc_register_plugin(grpc_client_channel_init, grpc_client_channel_shutdown); + grpc_register_plugin(grpc_tsi_alts_init, + grpc_tsi_alts_shutdown); grpc_register_plugin(grpc_inproc_plugin_init, grpc_inproc_plugin_shutdown); grpc_register_plugin(grpc_resolver_fake_init, diff --git a/src/core/tsi/alts/crypt/aes_gcm.cc b/src/core/tsi/alts/crypt/aes_gcm.cc new file mode 100644 index 0000000000..02b1ac4492 --- /dev/null +++ b/src/core/tsi/alts/crypt/aes_gcm.cc @@ -0,0 +1,687 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/crypt/gsec.h" + +#include <openssl/bio.h> +#include <openssl/buffer.h> +#include <openssl/err.h> +#include <openssl/evp.h> +#include <openssl/hmac.h> +#include <string.h> + +#include <grpc/support/alloc.h> + +constexpr size_t kKdfKeyLen = 32; +constexpr size_t kKdfCounterLen = 6; +constexpr size_t kKdfCounterOffset = 2; +constexpr size_t kRekeyAeadKeyLen = kAes128GcmKeyLength; + +/* Struct for additional data required if rekeying is enabled. */ +struct gsec_aes_gcm_aead_rekey_data { + uint8_t kdf_counter[kKdfCounterLen]; + uint8_t nonce_mask[kAesGcmNonceLength]; +}; + +/* Main struct for AES_GCM crypter interface. */ +struct gsec_aes_gcm_aead_crypter { + gsec_aead_crypter crypter; + size_t key_length; + size_t nonce_length; + size_t tag_length; + uint8_t* key; + gsec_aes_gcm_aead_rekey_data* rekey_data; + EVP_CIPHER_CTX* ctx; +}; + +static char* aes_gcm_get_openssl_errors() { + BIO* bio = BIO_new(BIO_s_mem()); + ERR_print_errors(bio); + BUF_MEM* mem = nullptr; + char* error_msg = nullptr; + BIO_get_mem_ptr(bio, &mem); + if (mem != nullptr) { + error_msg = static_cast<char*>(gpr_malloc(mem->length + 1)); + memcpy(error_msg, mem->data, mem->length); + error_msg[mem->length] = '\0'; + } + BIO_free_all(bio); + return error_msg; +} + +static void aes_gcm_format_errors(const char* error_msg, char** error_details) { + if (error_details == nullptr) { + return; + } + unsigned long error = ERR_get_error(); + if (error == 0 && error_msg != nullptr) { + *error_details = static_cast<char*>(gpr_malloc(strlen(error_msg) + 1)); + memcpy(*error_details, error_msg, strlen(error_msg) + 1); + return; + } + char* openssl_errors = aes_gcm_get_openssl_errors(); + if (openssl_errors != nullptr && error_msg != nullptr) { + size_t len = strlen(error_msg) + strlen(openssl_errors) + 2; /* ", " */ + *error_details = static_cast<char*>(gpr_malloc(len + 1)); + snprintf(*error_details, len + 1, "%s, %s", error_msg, openssl_errors); + gpr_free(openssl_errors); + } +} + +static grpc_status_code gsec_aes_gcm_aead_crypter_max_ciphertext_and_tag_length( + const gsec_aead_crypter* crypter, size_t plaintext_length, + size_t* max_ciphertext_and_tag_length, char** error_details) { + if (max_ciphertext_and_tag_length == nullptr) { + aes_gcm_format_errors("max_ciphertext_and_tag_length is nullptr.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + gsec_aes_gcm_aead_crypter* aes_gcm_crypter = + reinterpret_cast<gsec_aes_gcm_aead_crypter*>( + const_cast<gsec_aead_crypter*>(crypter)); + *max_ciphertext_and_tag_length = + plaintext_length + aes_gcm_crypter->tag_length; + return GRPC_STATUS_OK; +} + +static grpc_status_code gsec_aes_gcm_aead_crypter_max_plaintext_length( + const gsec_aead_crypter* crypter, size_t ciphertext_and_tag_length, + size_t* max_plaintext_length, char** error_details) { + if (max_plaintext_length == nullptr) { + aes_gcm_format_errors("max_plaintext_length is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + gsec_aes_gcm_aead_crypter* aes_gcm_crypter = + reinterpret_cast<gsec_aes_gcm_aead_crypter*>( + const_cast<gsec_aead_crypter*>(crypter)); + if (ciphertext_and_tag_length < aes_gcm_crypter->tag_length) { + *max_plaintext_length = 0; + aes_gcm_format_errors( + "ciphertext_and_tag_length is smaller than tag_length.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + *max_plaintext_length = + ciphertext_and_tag_length - aes_gcm_crypter->tag_length; + return GRPC_STATUS_OK; +} + +static grpc_status_code gsec_aes_gcm_aead_crypter_nonce_length( + const gsec_aead_crypter* crypter, size_t* nonce_length, + char** error_details) { + if (nonce_length == nullptr) { + aes_gcm_format_errors("nonce_length is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + gsec_aes_gcm_aead_crypter* aes_gcm_crypter = + reinterpret_cast<gsec_aes_gcm_aead_crypter*>( + const_cast<gsec_aead_crypter*>(crypter)); + *nonce_length = aes_gcm_crypter->nonce_length; + return GRPC_STATUS_OK; +} + +static grpc_status_code gsec_aes_gcm_aead_crypter_key_length( + const gsec_aead_crypter* crypter, size_t* key_length, + char** error_details) { + if (key_length == nullptr) { + aes_gcm_format_errors("key_length is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + gsec_aes_gcm_aead_crypter* aes_gcm_crypter = + reinterpret_cast<gsec_aes_gcm_aead_crypter*>( + const_cast<gsec_aead_crypter*>(crypter)); + *key_length = aes_gcm_crypter->key_length; + return GRPC_STATUS_OK; +} + +static grpc_status_code gsec_aes_gcm_aead_crypter_tag_length( + const gsec_aead_crypter* crypter, size_t* tag_length, + char** error_details) { + if (tag_length == nullptr) { + aes_gcm_format_errors("tag_length is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + gsec_aes_gcm_aead_crypter* aes_gcm_crypter = + reinterpret_cast<gsec_aes_gcm_aead_crypter*>( + const_cast<gsec_aead_crypter*>(crypter)); + *tag_length = aes_gcm_crypter->tag_length; + return GRPC_STATUS_OK; +} + +static void aes_gcm_mask_nonce(uint8_t* dst, const uint8_t* nonce, + const uint8_t* mask) { + uint64_t mask1; + uint32_t mask2; + memcpy(&mask1, mask, sizeof(mask1)); + memcpy(&mask2, mask + sizeof(mask1), sizeof(mask2)); + uint64_t nonce1; + uint32_t nonce2; + memcpy(&nonce1, nonce, sizeof(nonce1)); + memcpy(&nonce2, nonce + sizeof(nonce1), sizeof(nonce2)); + nonce1 ^= mask1; + nonce2 ^= mask2; + memcpy(dst, &nonce1, sizeof(nonce1)); + memcpy(dst + sizeof(nonce1), &nonce2, sizeof(nonce2)); +} + +static grpc_status_code aes_gcm_derive_aead_key(uint8_t* dst, + const uint8_t* kdf_key, + const uint8_t* kdf_counter) { + unsigned char buf[EVP_MAX_MD_SIZE]; + unsigned char ctr = 1; +#if OPENSSL_VERSION_NUMBER < 0x10100000L + HMAC_CTX hmac; + HMAC_CTX_init(&hmac); + if (!HMAC_Init_ex(&hmac, kdf_key, kKdfKeyLen, EVP_sha256(), nullptr) || + !HMAC_Update(&hmac, kdf_counter, kKdfCounterLen) || + !HMAC_Update(&hmac, &ctr, 1) || !HMAC_Final(&hmac, buf, nullptr)) { + HMAC_CTX_cleanup(&hmac); + return GRPC_STATUS_INTERNAL; + } + HMAC_CTX_cleanup(&hmac); +#else + HMAC_CTX* hmac = HMAC_CTX_new(); + if (hmac == nullptr) { + return GRPC_STATUS_INTERNAL; + } + if (!HMAC_Init_ex(hmac, kdf_key, kKdfKeyLen, EVP_sha256(), nullptr) || + !HMAC_Update(hmac, kdf_counter, kKdfCounterLen) || + !HMAC_Update(hmac, &ctr, 1) || !HMAC_Final(hmac, buf, nullptr)) { + HMAC_CTX_free(hmac); + return GRPC_STATUS_INTERNAL; + } + HMAC_CTX_free(hmac); +#endif + memcpy(dst, buf, kRekeyAeadKeyLen); + return GRPC_STATUS_OK; +} + +static grpc_status_code aes_gcm_rekey_if_required( + gsec_aes_gcm_aead_crypter* aes_gcm_crypter, const uint8_t* nonce, + char** error_details) { + // If rekey_data is nullptr, then rekeying is not supported and not required. + // If bytes 2-7 of kdf_counter differ from the (per message) nonce, then the + // encryption key is recomputed from a new kdf_counter to ensure that we don't + // encrypt more than 2^16 messages per encryption key (in each direction). + if (aes_gcm_crypter->rekey_data == nullptr || + memcmp(aes_gcm_crypter->rekey_data->kdf_counter, + nonce + kKdfCounterOffset, kKdfCounterLen) == 0) { + return GRPC_STATUS_OK; + } + memcpy(aes_gcm_crypter->rekey_data->kdf_counter, nonce + kKdfCounterOffset, + kKdfCounterLen); + uint8_t aead_key[kRekeyAeadKeyLen]; + if (aes_gcm_derive_aead_key(aead_key, aes_gcm_crypter->key, + aes_gcm_crypter->rekey_data->kdf_counter) != + GRPC_STATUS_OK) { + aes_gcm_format_errors("Rekeying failed in key derivation.", error_details); + return GRPC_STATUS_INTERNAL; + } + if (!EVP_DecryptInit_ex(aes_gcm_crypter->ctx, nullptr, nullptr, aead_key, + nullptr)) { + aes_gcm_format_errors("Rekeying failed in context update.", error_details); + return GRPC_STATUS_INTERNAL; + } + return GRPC_STATUS_OK; +} + +static grpc_status_code gsec_aes_gcm_aead_crypter_encrypt_iovec( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const struct iovec* aad_vec, size_t aad_vec_length, + const struct iovec* plaintext_vec, size_t plaintext_vec_length, + struct iovec ciphertext_vec, size_t* ciphertext_bytes_written, + char** error_details) { + gsec_aes_gcm_aead_crypter* aes_gcm_crypter = + reinterpret_cast<gsec_aes_gcm_aead_crypter*>(crypter); + // Input checks + if (nonce == nullptr) { + aes_gcm_format_errors("Nonce buffer is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (kAesGcmNonceLength != nonce_length) { + aes_gcm_format_errors("Nonce buffer has the wrong length.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (aad_vec_length > 0 && aad_vec == nullptr) { + aes_gcm_format_errors("Non-zero aad_vec_length but aad_vec is nullptr.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (plaintext_vec_length > 0 && plaintext_vec == nullptr) { + aes_gcm_format_errors( + "Non-zero plaintext_vec_length but plaintext_vec is nullptr.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (ciphertext_bytes_written == nullptr) { + aes_gcm_format_errors("bytes_written is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + *ciphertext_bytes_written = 0; + // rekey if required + if (aes_gcm_rekey_if_required(aes_gcm_crypter, nonce, error_details) != + GRPC_STATUS_OK) { + return GRPC_STATUS_INTERNAL; + } + // mask nonce if required + const uint8_t* nonce_aead = nonce; + uint8_t nonce_masked[kAesGcmNonceLength]; + if (aes_gcm_crypter->rekey_data != nullptr) { + aes_gcm_mask_nonce(nonce_masked, aes_gcm_crypter->rekey_data->nonce_mask, + nonce); + nonce_aead = nonce_masked; + } + // init openssl context + if (!EVP_EncryptInit_ex(aes_gcm_crypter->ctx, nullptr, nullptr, nullptr, + nonce_aead)) { + aes_gcm_format_errors("Initializing nonce failed", error_details); + return GRPC_STATUS_INTERNAL; + } + // process aad + size_t i; + for (i = 0; i < aad_vec_length; i++) { + const uint8_t* aad = static_cast<uint8_t*>(aad_vec[i].iov_base); + size_t aad_length = aad_vec[i].iov_len; + if (aad_length == 0) { + continue; + } + size_t aad_bytes_read = 0; + if (aad == nullptr) { + aes_gcm_format_errors("aad is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (!EVP_EncryptUpdate(aes_gcm_crypter->ctx, nullptr, + reinterpret_cast<int*>(&aad_bytes_read), aad, + static_cast<int>(aad_length)) || + aad_bytes_read != aad_length) { + aes_gcm_format_errors("Setting authenticated associated data failed", + error_details); + return GRPC_STATUS_INTERNAL; + } + } + uint8_t* ciphertext = static_cast<uint8_t*>(ciphertext_vec.iov_base); + size_t ciphertext_length = ciphertext_vec.iov_len; + if (ciphertext == nullptr) { + aes_gcm_format_errors("ciphertext is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + // process plaintext + for (i = 0; i < plaintext_vec_length; i++) { + const uint8_t* plaintext = static_cast<uint8_t*>(plaintext_vec[i].iov_base); + size_t plaintext_length = plaintext_vec[i].iov_len; + if (plaintext == nullptr) { + if (plaintext_length == 0) { + continue; + } + aes_gcm_format_errors("plaintext is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (ciphertext_length < plaintext_length) { + aes_gcm_format_errors( + "ciphertext is not large enough to hold the result.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + int bytes_written = 0; + int bytes_to_write = static_cast<int>(plaintext_length); + if (!EVP_EncryptUpdate(aes_gcm_crypter->ctx, ciphertext, &bytes_written, + plaintext, bytes_to_write)) { + aes_gcm_format_errors("Encrypting plaintext failed.", error_details); + return GRPC_STATUS_INTERNAL; + } + if (bytes_written > bytes_to_write) { + aes_gcm_format_errors("More bytes written than expected.", error_details); + return GRPC_STATUS_INTERNAL; + } + ciphertext += bytes_written; + ciphertext_length -= bytes_written; + } + int bytes_written_temp = 0; + if (!EVP_EncryptFinal_ex(aes_gcm_crypter->ctx, nullptr, + &bytes_written_temp)) { + aes_gcm_format_errors("Finalizing encryption failed.", error_details); + return GRPC_STATUS_INTERNAL; + } + if (bytes_written_temp != 0) { + aes_gcm_format_errors("Openssl wrote some unexpected bytes.", + error_details); + return GRPC_STATUS_INTERNAL; + } + if (ciphertext_length < kAesGcmTagLength) { + aes_gcm_format_errors("ciphertext is too small to hold a tag.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + + if (!EVP_CIPHER_CTX_ctrl(aes_gcm_crypter->ctx, EVP_CTRL_GCM_GET_TAG, + kAesGcmTagLength, ciphertext)) { + aes_gcm_format_errors("Writing tag failed.", error_details); + return GRPC_STATUS_INTERNAL; + } + ciphertext += kAesGcmTagLength; + ciphertext_length -= kAesGcmTagLength; + *ciphertext_bytes_written = ciphertext_vec.iov_len - ciphertext_length; + return GRPC_STATUS_OK; +} + +static grpc_status_code gsec_aes_gcm_aead_crypter_decrypt_iovec( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const struct iovec* aad_vec, size_t aad_vec_length, + const struct iovec* ciphertext_vec, size_t ciphertext_vec_length, + struct iovec plaintext_vec, size_t* plaintext_bytes_written, + char** error_details) { + gsec_aes_gcm_aead_crypter* aes_gcm_crypter = + reinterpret_cast<gsec_aes_gcm_aead_crypter*>( + const_cast<gsec_aead_crypter*>(crypter)); + if (nonce == nullptr) { + aes_gcm_format_errors("Nonce buffer is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (kAesGcmNonceLength != nonce_length) { + aes_gcm_format_errors("Nonce buffer has the wrong length.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (aad_vec_length > 0 && aad_vec == nullptr) { + aes_gcm_format_errors("Non-zero aad_vec_length but aad_vec is nullptr.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (ciphertext_vec_length > 0 && ciphertext_vec == nullptr) { + aes_gcm_format_errors( + "Non-zero plaintext_vec_length but plaintext_vec is nullptr.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + // Compute the total length so we can ensure we don't pass the tag into + // EVP_decrypt. + size_t total_ciphertext_length = 0; + size_t i; + for (i = 0; i < ciphertext_vec_length; i++) { + total_ciphertext_length += ciphertext_vec[i].iov_len; + } + if (total_ciphertext_length < kAesGcmTagLength) { + aes_gcm_format_errors("ciphertext is too small to hold a tag.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (plaintext_bytes_written == nullptr) { + aes_gcm_format_errors("bytes_written is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + *plaintext_bytes_written = 0; + // rekey if required + if (aes_gcm_rekey_if_required(aes_gcm_crypter, nonce, error_details) != + GRPC_STATUS_OK) { + aes_gcm_format_errors("Rekeying failed.", error_details); + return GRPC_STATUS_INTERNAL; + } + // mask nonce if required + const uint8_t* nonce_aead = nonce; + uint8_t nonce_masked[kAesGcmNonceLength]; + if (aes_gcm_crypter->rekey_data != nullptr) { + aes_gcm_mask_nonce(nonce_masked, aes_gcm_crypter->rekey_data->nonce_mask, + nonce); + nonce_aead = nonce_masked; + } + // init openssl context + if (!EVP_DecryptInit_ex(aes_gcm_crypter->ctx, nullptr, nullptr, nullptr, + nonce_aead)) { + aes_gcm_format_errors("Initializing nonce failed.", error_details); + return GRPC_STATUS_INTERNAL; + } + // process aad + for (i = 0; i < aad_vec_length; i++) { + const uint8_t* aad = static_cast<uint8_t*>(aad_vec[i].iov_base); + size_t aad_length = aad_vec[i].iov_len; + if (aad_length == 0) { + continue; + } + size_t aad_bytes_read = 0; + if (aad == nullptr) { + aes_gcm_format_errors("aad is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (!EVP_DecryptUpdate(aes_gcm_crypter->ctx, nullptr, + reinterpret_cast<int*>(&aad_bytes_read), aad, + static_cast<int>(aad_length)) || + aad_bytes_read != aad_length) { + aes_gcm_format_errors("Setting authenticated associated data failed.", + error_details); + return GRPC_STATUS_INTERNAL; + } + } + // process ciphertext + uint8_t* plaintext = static_cast<uint8_t*>(plaintext_vec.iov_base); + size_t plaintext_length = plaintext_vec.iov_len; + if (plaintext_length > 0 && plaintext == nullptr) { + aes_gcm_format_errors( + "plaintext is nullptr, but plaintext_length is positive.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + const uint8_t* ciphertext = nullptr; + size_t ciphertext_length = 0; + for (i = 0; + i < ciphertext_vec_length && total_ciphertext_length > kAesGcmTagLength; + i++) { + ciphertext = static_cast<uint8_t*>(ciphertext_vec[i].iov_base); + ciphertext_length = ciphertext_vec[i].iov_len; + if (ciphertext == nullptr) { + if (ciphertext_length == 0) { + continue; + } + aes_gcm_format_errors("ciphertext is nullptr.", error_details); + memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len); + return GRPC_STATUS_INVALID_ARGUMENT; + } + size_t bytes_written = 0; + size_t bytes_to_write = ciphertext_length; + // Don't include the tag + if (bytes_to_write > total_ciphertext_length - kAesGcmTagLength) { + bytes_to_write = total_ciphertext_length - kAesGcmTagLength; + } + if (plaintext_length < bytes_to_write) { + aes_gcm_format_errors( + "Not enough plaintext buffer to hold encrypted ciphertext.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (!EVP_DecryptUpdate(aes_gcm_crypter->ctx, plaintext, + reinterpret_cast<int*>(&bytes_written), ciphertext, + static_cast<int>(bytes_to_write))) { + aes_gcm_format_errors("Decrypting ciphertext failed.", error_details); + memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len); + return GRPC_STATUS_INTERNAL; + } + if (bytes_written > ciphertext_length) { + aes_gcm_format_errors("More bytes written than expected.", error_details); + memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len); + return GRPC_STATUS_INTERNAL; + } + ciphertext += bytes_written; + ciphertext_length -= bytes_written; + total_ciphertext_length -= bytes_written; + plaintext += bytes_written; + plaintext_length -= bytes_written; + } + if (total_ciphertext_length > kAesGcmTagLength) { + aes_gcm_format_errors( + "Not enough plaintext buffer to hold encrypted ciphertext.", + error_details); + memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len); + return GRPC_STATUS_INVALID_ARGUMENT; + } + uint8_t tag[kAesGcmTagLength]; + uint8_t* tag_tmp = tag; + if (ciphertext_length > 0) { + memcpy(tag_tmp, ciphertext, ciphertext_length); + tag_tmp += ciphertext_length; + total_ciphertext_length -= ciphertext_length; + } + for (; i < ciphertext_vec_length; i++) { + ciphertext = static_cast<uint8_t*>(ciphertext_vec[i].iov_base); + ciphertext_length = ciphertext_vec[i].iov_len; + if (ciphertext == nullptr) { + if (ciphertext_length == 0) { + continue; + } + aes_gcm_format_errors("ciphertext is nullptr.", error_details); + memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len); + return GRPC_STATUS_INVALID_ARGUMENT; + } + memcpy(tag_tmp, ciphertext, ciphertext_length); + tag_tmp += ciphertext_length; + total_ciphertext_length -= ciphertext_length; + } + if (!EVP_CIPHER_CTX_ctrl(aes_gcm_crypter->ctx, EVP_CTRL_GCM_SET_TAG, + kAesGcmTagLength, reinterpret_cast<void*>(tag))) { + aes_gcm_format_errors("Setting tag failed.", error_details); + memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len); + return GRPC_STATUS_INTERNAL; + } + int bytes_written_temp = 0; + if (!EVP_DecryptFinal_ex(aes_gcm_crypter->ctx, nullptr, + &bytes_written_temp)) { + aes_gcm_format_errors("Checking tag failed.", error_details); + memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len); + return GRPC_STATUS_FAILED_PRECONDITION; + } + if (bytes_written_temp != 0) { + aes_gcm_format_errors("Openssl wrote some unexpected bytes.", + error_details); + memset(plaintext_vec.iov_base, 0x00, plaintext_vec.iov_len); + return GRPC_STATUS_INTERNAL; + } + *plaintext_bytes_written = plaintext_vec.iov_len - plaintext_length; + return GRPC_STATUS_OK; +} + +static void gsec_aes_gcm_aead_crypter_destroy(gsec_aead_crypter* crypter) { + gsec_aes_gcm_aead_crypter* aes_gcm_crypter = + reinterpret_cast<gsec_aes_gcm_aead_crypter*>( + const_cast<gsec_aead_crypter*>(crypter)); + gpr_free(aes_gcm_crypter->key); + gpr_free(aes_gcm_crypter->rekey_data); + EVP_CIPHER_CTX_free(aes_gcm_crypter->ctx); +} + +static const gsec_aead_crypter_vtable vtable = { + gsec_aes_gcm_aead_crypter_encrypt_iovec, + gsec_aes_gcm_aead_crypter_decrypt_iovec, + gsec_aes_gcm_aead_crypter_max_ciphertext_and_tag_length, + gsec_aes_gcm_aead_crypter_max_plaintext_length, + gsec_aes_gcm_aead_crypter_nonce_length, + gsec_aes_gcm_aead_crypter_key_length, + gsec_aes_gcm_aead_crypter_tag_length, + gsec_aes_gcm_aead_crypter_destroy}; + +static grpc_status_code aes_gcm_new_evp_cipher_ctx( + gsec_aes_gcm_aead_crypter* aes_gcm_crypter, char** error_details) { + const EVP_CIPHER* cipher = nullptr; + bool is_rekey = aes_gcm_crypter->rekey_data != nullptr; + switch (is_rekey ? kRekeyAeadKeyLen : aes_gcm_crypter->key_length) { + case kAes128GcmKeyLength: + cipher = EVP_aes_128_gcm(); + break; + case kAes256GcmKeyLength: + cipher = EVP_aes_256_gcm(); + break; + } + const uint8_t* aead_key = aes_gcm_crypter->key; + uint8_t aead_key_rekey[kRekeyAeadKeyLen]; + if (is_rekey) { + if (aes_gcm_derive_aead_key(aead_key_rekey, aes_gcm_crypter->key, + aes_gcm_crypter->rekey_data->kdf_counter) != + GRPC_STATUS_OK) { + aes_gcm_format_errors("Deriving key failed.", error_details); + return GRPC_STATUS_INTERNAL; + } + aead_key = aead_key_rekey; + } + if (!EVP_DecryptInit_ex(aes_gcm_crypter->ctx, cipher, nullptr, aead_key, + nullptr)) { + aes_gcm_format_errors("Setting key failed.", error_details); + return GRPC_STATUS_INTERNAL; + } + if (!EVP_CIPHER_CTX_ctrl(aes_gcm_crypter->ctx, EVP_CTRL_GCM_SET_IVLEN, + static_cast<int>(aes_gcm_crypter->nonce_length), + nullptr)) { + aes_gcm_format_errors("Setting nonce length failed.", error_details); + return GRPC_STATUS_INTERNAL; + } + return GRPC_STATUS_OK; +} + +grpc_status_code gsec_aes_gcm_aead_crypter_create(const uint8_t* key, + size_t key_length, + size_t nonce_length, + size_t tag_length, bool rekey, + gsec_aead_crypter** crypter, + char** error_details) { + if (key == nullptr) { + aes_gcm_format_errors("key is nullptr.", error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + if (crypter == nullptr) { + aes_gcm_format_errors("crypter is nullptr.", error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + *crypter = nullptr; + if ((rekey && key_length != kAes128GcmRekeyKeyLength) || + (!rekey && key_length != kAes128GcmKeyLength && + key_length != kAes256GcmKeyLength) || + (tag_length != kAesGcmTagLength) || + (nonce_length != kAesGcmNonceLength)) { + aes_gcm_format_errors( + "Invalid key and/or nonce and/or tag length are provided at AEAD " + "crypter instance construction time.", + error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + gsec_aes_gcm_aead_crypter* aes_gcm_crypter = + static_cast<gsec_aes_gcm_aead_crypter*>( + gpr_malloc(sizeof(gsec_aes_gcm_aead_crypter))); + aes_gcm_crypter->crypter.vtable = &vtable; + aes_gcm_crypter->nonce_length = nonce_length; + aes_gcm_crypter->tag_length = tag_length; + if (rekey) { + aes_gcm_crypter->key_length = kKdfKeyLen; + aes_gcm_crypter->rekey_data = static_cast<gsec_aes_gcm_aead_rekey_data*>( + gpr_malloc(sizeof(gsec_aes_gcm_aead_rekey_data))); + memcpy(aes_gcm_crypter->rekey_data->nonce_mask, key + kKdfKeyLen, + kAesGcmNonceLength); + // Set kdf_counter to all-zero for initial key derivation. + memset(aes_gcm_crypter->rekey_data->kdf_counter, 0, kKdfCounterLen); + } else { + aes_gcm_crypter->key_length = key_length; + aes_gcm_crypter->rekey_data = nullptr; + } + aes_gcm_crypter->key = + static_cast<uint8_t*>(gpr_malloc(aes_gcm_crypter->key_length)); + memcpy(aes_gcm_crypter->key, key, aes_gcm_crypter->key_length); + aes_gcm_crypter->ctx = EVP_CIPHER_CTX_new(); + grpc_status_code status = + aes_gcm_new_evp_cipher_ctx(aes_gcm_crypter, error_details); + if (status != GRPC_STATUS_OK) { + gsec_aes_gcm_aead_crypter_destroy(&aes_gcm_crypter->crypter); + gpr_free(aes_gcm_crypter); + return status; + } + *crypter = &aes_gcm_crypter->crypter; + return GRPC_STATUS_OK; +} diff --git a/src/core/tsi/alts/crypt/gsec.cc b/src/core/tsi/alts/crypt/gsec.cc new file mode 100644 index 0000000000..6236591a97 --- /dev/null +++ b/src/core/tsi/alts/crypt/gsec.cc @@ -0,0 +1,189 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/crypt/gsec.h" + +#include <stdio.h> +#include <string.h> + +#include <grpc/support/alloc.h> + +static const char vtable_error_msg[] = + "crypter or crypter->vtable has not been initialized properly"; + +static void maybe_copy_error_msg(const char* src, char** dst) { + if (dst != nullptr && src != nullptr) { + *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1)); + memcpy(*dst, src, strlen(src) + 1); + } +} + +grpc_status_code gsec_aead_crypter_encrypt( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const uint8_t* aad, size_t aad_length, const uint8_t* plaintext, + size_t plaintext_length, uint8_t* ciphertext_and_tag, + size_t ciphertext_and_tag_length, size_t* bytes_written, + char** error_details) { + if (crypter != nullptr && crypter->vtable != nullptr && + crypter->vtable->encrypt_iovec != nullptr) { + struct iovec aad_vec = {(void*)aad, aad_length}; + struct iovec plaintext_vec = {(void*)plaintext, plaintext_length}; + struct iovec ciphertext_vec = {ciphertext_and_tag, + ciphertext_and_tag_length}; + return crypter->vtable->encrypt_iovec( + crypter, nonce, nonce_length, &aad_vec, 1, &plaintext_vec, 1, + ciphertext_vec, bytes_written, error_details); + } + /* An error occurred. */ + maybe_copy_error_msg(vtable_error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; +} + +grpc_status_code gsec_aead_crypter_encrypt_iovec( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const struct iovec* aad_vec, size_t aad_vec_length, + const struct iovec* plaintext_vec, size_t plaintext_vec_length, + struct iovec ciphertext_vec, size_t* ciphertext_bytes_written, + char** error_details) { + if (crypter != nullptr && crypter->vtable != nullptr && + crypter->vtable->encrypt_iovec != nullptr) { + return crypter->vtable->encrypt_iovec( + crypter, nonce, nonce_length, aad_vec, aad_vec_length, plaintext_vec, + plaintext_vec_length, ciphertext_vec, ciphertext_bytes_written, + error_details); + } + /* An error occurred. */ + maybe_copy_error_msg(vtable_error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; +} + +grpc_status_code gsec_aead_crypter_decrypt( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const uint8_t* aad, size_t aad_length, const uint8_t* ciphertext_and_tag, + size_t ciphertext_and_tag_length, uint8_t* plaintext, + size_t plaintext_length, size_t* bytes_written, char** error_details) { + if (crypter != nullptr && crypter->vtable != nullptr && + crypter->vtable->decrypt_iovec != nullptr) { + struct iovec aad_vec = {(void*)aad, aad_length}; + struct iovec ciphertext_vec = {(void*)ciphertext_and_tag, + ciphertext_and_tag_length}; + struct iovec plaintext_vec = {plaintext, plaintext_length}; + return crypter->vtable->decrypt_iovec( + crypter, nonce, nonce_length, &aad_vec, 1, &ciphertext_vec, 1, + plaintext_vec, bytes_written, error_details); + } + /* An error occurred. */ + maybe_copy_error_msg(vtable_error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; +} + +grpc_status_code gsec_aead_crypter_decrypt_iovec( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const struct iovec* aad_vec, size_t aad_vec_length, + const struct iovec* ciphertext_vec, size_t ciphertext_vec_length, + struct iovec plaintext_vec, size_t* plaintext_bytes_written, + char** error_details) { + if (crypter != nullptr && crypter->vtable != nullptr && + crypter->vtable->encrypt_iovec != nullptr) { + return crypter->vtable->decrypt_iovec( + crypter, nonce, nonce_length, aad_vec, aad_vec_length, ciphertext_vec, + ciphertext_vec_length, plaintext_vec, plaintext_bytes_written, + error_details); + } + /* An error occurred. */ + maybe_copy_error_msg(vtable_error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; +} + +grpc_status_code gsec_aead_crypter_max_ciphertext_and_tag_length( + const gsec_aead_crypter* crypter, size_t plaintext_length, + size_t* max_ciphertext_and_tag_length_to_return, char** error_details) { + if (crypter != nullptr && crypter->vtable != nullptr && + crypter->vtable->max_ciphertext_and_tag_length != nullptr) { + return crypter->vtable->max_ciphertext_and_tag_length( + crypter, plaintext_length, max_ciphertext_and_tag_length_to_return, + error_details); + } + /* An error occurred. */ + maybe_copy_error_msg(vtable_error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; +} + +grpc_status_code gsec_aead_crypter_max_plaintext_length( + const gsec_aead_crypter* crypter, size_t ciphertext_and_tag_length, + size_t* max_plaintext_length_to_return, char** error_details) { + if (crypter != nullptr && crypter->vtable != nullptr && + crypter->vtable->max_plaintext_length != nullptr) { + return crypter->vtable->max_plaintext_length( + crypter, ciphertext_and_tag_length, max_plaintext_length_to_return, + error_details); + } + /* An error occurred. */ + maybe_copy_error_msg(vtable_error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; +} + +grpc_status_code gsec_aead_crypter_nonce_length( + const gsec_aead_crypter* crypter, size_t* nonce_length_to_return, + char** error_details) { + if (crypter != nullptr && crypter->vtable != nullptr && + crypter->vtable->nonce_length != nullptr) { + return crypter->vtable->nonce_length(crypter, nonce_length_to_return, + error_details); + } + /* An error occurred. */ + maybe_copy_error_msg(vtable_error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; +} + +grpc_status_code gsec_aead_crypter_key_length(const gsec_aead_crypter* crypter, + size_t* key_length_to_return, + char** error_details) { + if (crypter != nullptr && crypter->vtable != nullptr && + crypter->vtable->key_length != nullptr) { + return crypter->vtable->key_length(crypter, key_length_to_return, + error_details); + } + /* An error occurred */ + maybe_copy_error_msg(vtable_error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; +} + +grpc_status_code gsec_aead_crypter_tag_length(const gsec_aead_crypter* crypter, + size_t* tag_length_to_return, + char** error_details) { + if (crypter != nullptr && crypter->vtable != nullptr && + crypter->vtable->tag_length != nullptr) { + return crypter->vtable->tag_length(crypter, tag_length_to_return, + error_details); + } + /* An error occurred. */ + maybe_copy_error_msg(vtable_error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; +} + +void gsec_aead_crypter_destroy(gsec_aead_crypter* crypter) { + if (crypter != nullptr) { + if (crypter->vtable != nullptr && crypter->vtable->destruct != nullptr) { + crypter->vtable->destruct(crypter); + } + gpr_free(crypter); + } +} diff --git a/src/core/tsi/alts/crypt/gsec.h b/src/core/tsi/alts/crypt/gsec.h new file mode 100644 index 0000000000..4d65caa944 --- /dev/null +++ b/src/core/tsi/alts/crypt/gsec.h @@ -0,0 +1,454 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_CRYPT_GSEC_H +#define GRPC_CORE_TSI_ALTS_CRYPT_GSEC_H + +#include <grpc/support/port_platform.h> + +#include <assert.h> +#include <stdint.h> +#include <stdlib.h> + +#include <grpc/grpc.h> + +struct iovec { + void* iov_base; + size_t iov_len; +}; + +/** + * A gsec interface for AEAD encryption schemes. The API is thread-compatible. + * Each implementation of this interface should specify supported values for + * key, nonce, and tag lengths. + */ + +/* Key, nonce, and tag length in bytes */ +const size_t kAesGcmNonceLength = 12; +const size_t kAesGcmTagLength = 16; +const size_t kAes128GcmKeyLength = 16; +const size_t kAes256GcmKeyLength = 32; + +// The first 32 bytes are used as a KDF key and the remaining 12 bytes are used +// to mask the nonce. +const size_t kAes128GcmRekeyKeyLength = 44; + +typedef struct gsec_aead_crypter gsec_aead_crypter; + +/** + * The gsec_aead_crypter is an API for different AEAD implementations such as + * AES_GCM. It encapsulates all AEAD-related operations in the format of + * V-table that stores pointers to functions implementing those operations. + * It also provides helper functions to wrap each of those function pointers. + * + * A typical usage of this object would be: + * + *------------------------------------------------------------------------------ + * // Declare a gsec_aead_crypter object, and create and assign an instance + * // of specific AEAD implementation e.g., AES_GCM to it. We assume both + * // key and nonce contain cryptographically secure random bytes, and the key + * // can be derived from an upper-layer application. + * gsec_aead_crypter* crypter; + * char* error_in_creation; + * // User can populate the message with any 100 bytes data. + * uint8_t* message = gpr_malloc(100); + * grpc_status_code creation_status = gsec_aes_gcm_aead_crypter_create(key, + * kAes128GcmKeyLength, + * kAesGcmNonceLength, + * kAesGcmTagLength, + * &crypter, + * false, + * 0 + * &error_in_creation); + * + * if (creation_status == GRPC_STATUS_OK) { + * // Allocate a correct amount of memory to hold a ciphertext. + * size_t clength = 0; + * gsec_aead_crypter_max_ciphertext_and_tag_length(crypter, 100, &clength, + * nullptr); + * uint8_t* ciphertext = gpr_malloc(clength); + * + * // Perform encryption + * size_t num_encrypted_bytes = 0; + * char* error_in_encryption = nullptr; + * grpc_status_code status = gsec_aead_crypter_encrypt(crypter, nonce, + * kAesGcmNonceLength, + * nullptr, 0, message, + * 100, ciphertext, + * clength, + * &num_encrypted_bytes, + * &error_in_encryption); + * if (status == GRPC_STATUS_OK) { + * // Allocate a correct amount of memory to hold a plaintext. + * size_t plength = 0; + * gsec_aead_crypter_max_plaintext_length(crypter, num_encrypted_bytes, + * &plength, nullptr); + * uint8_t* plaintext = gpr_malloc(plength); + * + * // Perform decryption. + * size_t num_decrypted_bytes = 0; + * char* error_in_decryption = nullptr; + * status = gsec_aead_crypter_decrypt(crypter, nonce, + * kAesGcmNonceLength, nullptr, 0, + * ciphertext, num_encrypted_bytes, + * plaintext, plength, + * &num_decrypted_bytes, + * &error_in_decryption); + * if (status != GRPC_STATUS_OK) { + * fprintf(stderr, "AEAD decrypt operation failed with error code:" + * "%d, message: %s\n", status, error_in_decryption); + * } + * ... + * gpr_free(plaintext); + * gpr_free(error_in_decryption); + * } else { + * fprintf(stderr, "AEAD encrypt operation failed with error code:" + * "%d, message: %s\n", status, error_in_encryption); + * } + * ... + * gpr_free(ciphertext); + * gpr_free(error_in_encryption); + * } else { + * fprintf(stderr, "Creation of AEAD crypter instance failed with error code:" + * "%d, message: %s\n", creation_status, error_in_creation); + * } + * + * // Destruct AEAD crypter instance. + * if (creation_status == GRPC_STATUS_OK) { + * gsec_aead_crypter_destroy(crypter); + * } + * gpr_free(error_in_creation); + * gpr_free(message); + * ----------------------------------------------------------------------------- + */ + +/* V-table for gsec AEAD operations */ +typedef struct gsec_aead_crypter_vtable { + grpc_status_code (*encrypt_iovec)( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const struct iovec* aad_vec, size_t aad_vec_length, + const struct iovec* plaintext_vec, size_t plaintext_vec_length, + struct iovec ciphertext_vec, size_t* ciphertext_bytes_written, + char** error_details); + grpc_status_code (*decrypt_iovec)( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const struct iovec* aad_vec, size_t aad_vec_length, + const struct iovec* ciphertext_vec, size_t ciphertext_vec_length, + struct iovec plaintext_vec, size_t* plaintext_bytes_written, + char** error_details); + grpc_status_code (*max_ciphertext_and_tag_length)( + const gsec_aead_crypter* crypter, size_t plaintext_length, + size_t* max_ciphertext_and_tag_length_to_return, char** error_details); + grpc_status_code (*max_plaintext_length)( + const gsec_aead_crypter* crypter, size_t ciphertext_and_tag_length, + size_t* max_plaintext_length_to_return, char** error_details); + grpc_status_code (*nonce_length)(const gsec_aead_crypter* crypter, + size_t* nonce_length_to_return, + char** error_details); + grpc_status_code (*key_length)(const gsec_aead_crypter* crypter, + size_t* key_length_to_return, + char** error_details); + grpc_status_code (*tag_length)(const gsec_aead_crypter* crypter, + size_t* tag_length_to_return, + char** error_details); + void (*destruct)(gsec_aead_crypter* crypter); +} gsec_aead_crypter_vtable; + +/* Main struct for gsec interface */ +struct gsec_aead_crypter { + const struct gsec_aead_crypter_vtable* vtable; +}; + +/** + * This method performs an AEAD encrypt operation. + * + * - crypter: AEAD crypter instance. + * - nonce: buffer containing a nonce with its size equal to nonce_length. + * - nonce_length: size of nonce buffer, and must be equal to the value returned + * from method gsec_aead_crypter_nonce_length. + * - aad: buffer containing data that needs to be authenticated but not + * encrypted with its size equal to aad_length. + * - aad_length: size of aad buffer, which should be zero if the buffer is + * nullptr. + * - plaintext: buffer containing data that needs to be both encrypted and + * authenticated with its size equal to plaintext_length. + * - plaintext_length: size of plaintext buffer, which should be zero if + * plaintext is nullptr. + * - ciphertext_and_tag: buffer that will contain ciphertext and tags the method + * produced. The buffer should not overlap the plaintext buffer, and pointers + * to those buffers should not be equal. Also if the ciphertext+tag buffer is + * nullptr, the plaintext_length should be zero. + * - ciphertext_and_tag_length: size of ciphertext+tag buffer, which should be + * at least as long as the one returned from method + * gsec_aead_crypter_max_ciphertext_and_tag_length. + * - bytes_written: the actual number of bytes written to the ciphertext+tag + * buffer. If bytes_written is nullptr, the plaintext_length should be zero. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On the success of encryption, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + * + */ +grpc_status_code gsec_aead_crypter_encrypt( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const uint8_t* aad, size_t aad_length, const uint8_t* plaintext, + size_t plaintext_length, uint8_t* ciphertext_and_tag, + size_t ciphertext_and_tag_length, size_t* bytes_written, + char** error_details); + +/** + * This method performs an AEAD encrypt operation. + * + * - crypter: AEAD crypter instance. + * - nonce: buffer containing a nonce with its size equal to nonce_length. + * - nonce_length: size of nonce buffer, and must be equal to the value returned + * from method gsec_aead_crypter_nonce_length. + * - aad_vec: an iovec array containing data that needs to be authenticated but + * not encrypted. + * - aad_vec_length: the array length of aad_vec. + * - plaintext_vec: an iovec array containing data that needs to be both + * encrypted and authenticated. + * - plaintext_vec_length: the array length of plaintext_vec. + * - ciphertext_vec: an iovec containing a ciphertext buffer. The buffer should + * not overlap the plaintext buffer. + * - ciphertext_bytes_written: the actual number of bytes written to + * ciphertext_vec. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On the success of encryption, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + * + */ +grpc_status_code gsec_aead_crypter_encrypt_iovec( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const struct iovec* aad_vec, size_t aad_vec_length, + const struct iovec* plaintext_vec, size_t plaintext_vec_length, + struct iovec ciphertext_vec, size_t* ciphertext_bytes_written, + char** error_details); + +/** + * This method performs an AEAD decrypt operation. + * + * - crypter: AEAD crypter instance. + * - nonce: buffer containing a nonce with its size equal to nonce_length. + * - nonce_length: size of nonce buffer, and must be equal to the value returned + * from method gsec_aead_crypter_nonce_length. + * - aad: buffer containing data that needs to be authenticated only. + * - aad_length: size of aad buffer, which should be zero if the buffer is + * nullptr. + * - ciphertext_and_tag: buffer containing ciphertext and tag. + * - ciphertext_and_tag_length: length of ciphertext and tag. It should be zero + * if any of plaintext, ciphertext_and_tag, or bytes_written is nullptr. Also, + * ciphertext_and_tag_length should be at least as large as the tag length set + * at AEAD crypter instance construction time. + * - plaintext: buffer containing decrypted and authenticated data the method + * produced. The buffer should not overlap with the ciphertext+tag buffer, and + * pointers to those buffers should not be equal. + * - plaintext_length: size of plaintext buffer, which should be at least as + * long as the one returned from gsec_aead_crypter_max_plaintext_length + * method. + * - bytes_written: the actual number of bytes written to the plaintext + * buffer. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On the success of decryption, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code gsec_aead_crypter_decrypt( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const uint8_t* aad, size_t aad_length, const uint8_t* ciphertext_and_tag, + size_t ciphertext_and_tag_length, uint8_t* plaintext, + size_t plaintext_length, size_t* bytes_written, char** error_details); + +/** + * This method performs an AEAD decrypt operation. + * + * - crypter: AEAD crypter instance. + * - nonce: buffer containing a nonce with its size equal to nonce_length. + * - nonce_length: size of nonce buffer, and must be equal to the value returned + * from method gsec_aead_crypter_nonce_length. + * - aad_vec: an iovec array containing data that needs to be authenticated but + * not encrypted. + * - aad_vec_length: the array length of aad_vec. + * - ciphertext_vec: an iovec array containing the ciphertext and tag. + * - ciphertext_vec_length: the array length of ciphertext_vec. + * - plaintext_vec: an iovec containing a plaintext buffer. The buffer should + * not overlap the ciphertext buffer. + * - plaintext_bytes_written: the actual number of bytes written to + * plaintext_vec. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On the success of decryption, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code gsec_aead_crypter_decrypt_iovec( + gsec_aead_crypter* crypter, const uint8_t* nonce, size_t nonce_length, + const struct iovec* aad_vec, size_t aad_vec_length, + const struct iovec* ciphertext_vec, size_t ciphertext_vec_length, + struct iovec plaintext_vec, size_t* plaintext_bytes_written, + char** error_details); + +/** + * This method computes the size of ciphertext+tag buffer that must be passed to + * gsec_aead_crypter_encrypt function to ensure correct encryption of a + * plaintext. The actual size of ciphertext+tag written to the buffer could be + * smaller. + * + * - crypter: AEAD crypter instance. + * - plaintext_length: length of plaintext. + * - max_ciphertext_and_tag_length_to_return: the size of ciphertext+tag buffer + * the method returns. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code gsec_aead_crypter_max_ciphertext_and_tag_length( + const gsec_aead_crypter* crypter, size_t plaintext_length, + size_t* max_ciphertext_and_tag_length_to_return, char** error_details); + +/** + * This method computes the size of plaintext buffer that must be passed to + * gsec_aead_crypter_decrypt function to ensure correct decryption of a + * ciphertext. The actual size of plaintext written to the buffer could be + * smaller. + * + * - crypter: AEAD crypter instance. + * - ciphertext_and_tag_length: length of ciphertext and tag. + * - max_plaintext_length_to_return: the size of plaintext buffer the method + * returns. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code gsec_aead_crypter_max_plaintext_length( + const gsec_aead_crypter* crypter, size_t ciphertext_and_tag_length, + size_t* max_plaintext_length_to_return, char** error_details); + +/** + * This method returns a valid size of nonce array used at the construction of + * AEAD crypter instance. It is also the size that should be passed to encrypt + * and decrypt methods executed on the instance. + * + * - crypter: AEAD crypter instance. + * - nonce_length_to_return: the length of nonce array the method returns. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code gsec_aead_crypter_nonce_length( + const gsec_aead_crypter* crypter, size_t* nonce_length_to_return, + char** error_details); + +/** + * This method returns a valid size of key array used at the construction of + * AEAD crypter instance. It is also the size that should be passed to encrypt + * and decrypt methods executed on the instance. + * + * - crypter: AEAD crypter instance. + * - key_length_to_return: the length of key array the method returns. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code gsec_aead_crypter_key_length(const gsec_aead_crypter* crypter, + size_t* key_length_to_return, + char** error_details); +/** + * This method returns a valid size of tag array used at the construction of + * AEAD crypter instance. It is also the size that should be passed to encrypt + * and decrypt methods executed on the instance. + * + * - crypter: AEAD crypter instance. + * - tag_length_to_return: the length of tag array the method returns. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On the success of execution, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code gsec_aead_crypter_tag_length(const gsec_aead_crypter* crypter, + size_t* tag_length_to_return, + char** error_details); + +/** + * This method destroys an AEAD crypter instance by de-allocating all of its + * occupied memory. + * + * - crypter: AEAD crypter instance that needs to be destroyed. + */ +void gsec_aead_crypter_destroy(gsec_aead_crypter* crypter); + +/** + * This method creates an AEAD crypter instance of AES-GCM encryption scheme + * which supports 16 and 32 bytes long keys, 12 and 16 bytes long nonces, and + * 16 bytes long tags. It should be noted that once the lengths of key, nonce, + * and tag are determined at construction time, they cannot be modified later. + * + * - key: buffer containing a key which is binded with AEAD crypter instance. + * - key_length: length of a key in bytes, which should be 44 if rekeying is + * enabled and 16 or 32 otherwise. + * - nonce_length: length of a nonce in bytes, which should be either 12 or 16. + * - tag_length: length of a tag in bytes, which should be always 16. + * - rekey: enable nonce-based rekeying and nonce-masking. + * - crypter: address of AES_GCM crypter instance returned from the method. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On success of instance creation, it stores the address of instance at + * crypter. Otherwise, it returns an error status code together with its details + * specified in error_details. + */ +grpc_status_code gsec_aes_gcm_aead_crypter_create(const uint8_t* key, + size_t key_length, + size_t nonce_length, + size_t tag_length, bool rekey, + gsec_aead_crypter** crypter, + char** error_details); + +#endif /* GRPC_CORE_TSI_ALTS_CRYPT_GSEC_H */ diff --git a/src/core/tsi/alts/frame_protector/alts_counter.cc b/src/core/tsi/alts/frame_protector/alts_counter.cc new file mode 100644 index 0000000000..de163e3e08 --- /dev/null +++ b/src/core/tsi/alts/frame_protector/alts_counter.cc @@ -0,0 +1,118 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/frame_protector/alts_counter.h" + +#include <string.h> + +#include <grpc/support/alloc.h> + +static void maybe_copy_error_msg(const char* src, char** dst) { + if (dst != nullptr && src != nullptr) { + *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1)); + memcpy(*dst, src, strlen(src) + 1); + } +} + +grpc_status_code alts_counter_create(bool is_client, size_t counter_size, + size_t overflow_size, + alts_counter** crypter_counter, + char** error_details) { + /* Perform input sanity check. */ + if (counter_size == 0) { + const char error_msg[] = "counter_size is invalid."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (overflow_size == 0 || overflow_size >= counter_size) { + const char error_msg[] = "overflow_size is invalid."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (crypter_counter == nullptr) { + const char error_msg[] = "crypter_counter is nullptr."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + *crypter_counter = + static_cast<alts_counter*>(gpr_malloc(sizeof(**crypter_counter))); + (*crypter_counter)->size = counter_size; + (*crypter_counter)->overflow_size = overflow_size; + (*crypter_counter)->counter = + static_cast<unsigned char*>(gpr_zalloc(counter_size)); + if (is_client) { + ((*crypter_counter)->counter)[counter_size - 1] = 0x80; + } + return GRPC_STATUS_OK; +} + +grpc_status_code alts_counter_increment(alts_counter* crypter_counter, + bool* is_overflow, + char** error_details) { + /* Perform input sanity check. */ + if (crypter_counter == nullptr) { + const char error_msg[] = "crypter_counter is nullptr."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (is_overflow == nullptr) { + const char error_msg[] = "is_overflow is nullptr."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + /* Increment the internal counter. */ + size_t i = 0; + for (; i < crypter_counter->overflow_size; i++) { + (crypter_counter->counter)[i]++; + if ((crypter_counter->counter)[i] != 0x00) { + break; + } + } + /** + * If the lower overflow_size bytes are all zero, the counter has overflowed. + */ + if (i == crypter_counter->overflow_size) { + *is_overflow = true; + return GRPC_STATUS_FAILED_PRECONDITION; + } + *is_overflow = false; + return GRPC_STATUS_OK; +} + +size_t alts_counter_get_size(alts_counter* crypter_counter) { + if (crypter_counter == nullptr) { + return 0; + } + return crypter_counter->size; +} + +unsigned char* alts_counter_get_counter(alts_counter* crypter_counter) { + if (crypter_counter == nullptr) { + return nullptr; + } + return crypter_counter->counter; +} + +void alts_counter_destroy(alts_counter* crypter_counter) { + if (crypter_counter != nullptr) { + gpr_free(crypter_counter->counter); + gpr_free(crypter_counter); + } +} diff --git a/src/core/tsi/alts/frame_protector/alts_counter.h b/src/core/tsi/alts/frame_protector/alts_counter.h new file mode 100644 index 0000000000..d705638fa8 --- /dev/null +++ b/src/core/tsi/alts/frame_protector/alts_counter.h @@ -0,0 +1,98 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_COUNTER_H +#define GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_COUNTER_H + +#include <grpc/support/port_platform.h> + +#include <stdbool.h> +#include <stdlib.h> + +#include <grpc/grpc.h> + +/* Main struct for a crypter counter managed within seal/unseal operations. */ +typedef struct alts_counter { + size_t size; + size_t overflow_size; + unsigned char* counter; +} alts_counter; + +/** + * This method creates and initializes an alts_counter instance. + * + * - is_client: a flag indicating if the alts_counter instance will be used + * at client (is_client = true) or server (is_client = false) side. + * - counter_size: size of buffer holding the counter value. + * - overflow_size: overflow size in bytes. The counter instance can be used + * to produce at most 2^(overflow_size*8) frames. + * - crypter_counter: an alts_counter instance to be returned from the method. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details and + * otherwise, the parameter should be freed with gpr_free. + * + * On success, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code alts_counter_create(bool is_client, size_t counter_size, + size_t overflow_size, + alts_counter** crypter_counter, + char** error_details); + +/** + * This method increments the internal counter. + * + * - crypter_counter: an alts_counter instance. + * - is_overflow: after incrementing the internal counter, if an overflow + * occurs, is_overflow is set to true, and no further calls to + * alts_counter_increment() should be made. Otherwise, is_overflow is set to + * false. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details and + * otherwise, the parameter should be freed with gpr_free. + * + * On success, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code alts_counter_increment(alts_counter* crypter_counter, + bool* is_overflow, + char** error_details); + +/** + * This method returns the size of counter buffer. + * + * - crypter_counter: an alts_counter instance. + */ +size_t alts_counter_get_size(alts_counter* crypter_counter); + +/** + * This method returns the counter buffer. + * + * - crypter_counter: an alts_counter instance. + */ +unsigned char* alts_counter_get_counter(alts_counter* crypter_counter); + +/** + * This method de-allocates all memory allocated to an alts_coutner instance. + * - crypter_counter: an alts_counter instance. + */ +void alts_counter_destroy(alts_counter* crypter_counter); + +#endif /* GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_COUNTER_H */ diff --git a/src/core/tsi/alts/frame_protector/alts_crypter.cc b/src/core/tsi/alts/frame_protector/alts_crypter.cc new file mode 100644 index 0000000000..56f0512186 --- /dev/null +++ b/src/core/tsi/alts/frame_protector/alts_crypter.cc @@ -0,0 +1,66 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/frame_protector/alts_crypter.h" + +#include <string.h> + +#include <grpc/support/alloc.h> + +static void maybe_copy_error_msg(const char* src, char** dst) { + if (dst != nullptr && src != nullptr) { + *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1)); + memcpy(*dst, src, strlen(src) + 1); + } +} + +grpc_status_code alts_crypter_process_in_place( + alts_crypter* crypter, unsigned char* data, size_t data_allocated_size, + size_t data_size, size_t* output_size, char** error_details) { + if (crypter != nullptr && crypter->vtable != nullptr && + crypter->vtable->process_in_place != nullptr) { + return crypter->vtable->process_in_place(crypter, data, data_allocated_size, + data_size, output_size, + error_details); + } + /* An error occurred. */ + const char error_msg[] = + "crypter or crypter->vtable has not been initialized properly."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; +} + +size_t alts_crypter_num_overhead_bytes(const alts_crypter* crypter) { + if (crypter != nullptr && crypter->vtable != nullptr && + crypter->vtable->num_overhead_bytes != nullptr) { + return crypter->vtable->num_overhead_bytes(crypter); + } + /* An error occurred. */ + return 0; +} + +void alts_crypter_destroy(alts_crypter* crypter) { + if (crypter != nullptr) { + if (crypter->vtable != nullptr && crypter->vtable->destruct != nullptr) { + crypter->vtable->destruct(crypter); + } + gpr_free(crypter); + } +} diff --git a/src/core/tsi/alts/frame_protector/alts_crypter.h b/src/core/tsi/alts/frame_protector/alts_crypter.h new file mode 100644 index 0000000000..3140778f4f --- /dev/null +++ b/src/core/tsi/alts/frame_protector/alts_crypter.h @@ -0,0 +1,255 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_CRYPTER_H +#define GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_CRYPTER_H + +#include <grpc/support/port_platform.h> + +#include <stdbool.h> +#include <string.h> + +#include <grpc/grpc.h> + +#include "src/core/tsi/alts/crypt/gsec.h" + +/** + * An alts_crypter interface for an ALTS record protocol providing + * seal/unseal functionality. The interface is thread-compatible. + */ + +typedef struct alts_crypter alts_crypter; + +/** + * A typical usage of the interface would be + *------------------------------------------------------------------------------ + * // Perform a seal operation. We assume the gsec_aead_crypter instance - + * // client_aead_crypter is created beforehand with a 16-byte key and 12-byte + * // nonce length. + * + * alts_crypter* client = nullptr; + * char* client_error_in_creation = nullptr; + * unsigned char* data = nullptr; + * grpc_status_code client_status = + * alts_seal_crypter_create(client_aead_crypter, 1, 5, &client, + * &client_error_in_creation); + * if (client_status == GRPC_STATUS_OK) { + * size_t data_size = 100; + * size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(client); + * size_t data_allocated_size = data_size + num_overhead_bytes; + * data = gpr_malloc(data_allocated_size); + * char* client_error_in_seal = nullptr; + * // Client performs a seal operation. + * client_status = alts_crypter_process_in_place(client, data, + * data_allocated_size, + * &data_size, + * &client_error_in_seal); + * if (client_status != GRPC_STATUS_OK) { + * fprintf(stderr, "seal operation failed with error code:" + * "%d, message: %s\n", client_status, + * client_error_in_seal); + * } + * gpr_free(client_error_in_seal); + * } else { + * fprintf(stderr, "alts_crypter instance creation failed with error" + * "code: %d, message: %s\n", client_status, + * client_error_in_creation); + * } + * + * ... + * + * gpr_free(client_error_in_creation); + * alts_crypter_destroy(client); + * + * ... + * + * // Perform an unseal operation. We assume the gsec_aead_crypter instance - + * // server_aead_crypter is created beforehand with a 16-byte key and 12-byte + * // nonce length. The key used in the creation of gsec_aead_crypter instances + * // at server and client sides should be identical. + * + * alts_crypter* server = nullptr; + * char* server_error_in_creation = nullptr; + * grpc_status_code server_status = + * alts_unseal_crypter_create(server_aead_crypter, 0, 5, &server, + * &server_error_in_creation); + * if (server_status == GRPC_STATUS_OK) { + * size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server); + * size_t data_size = 100 + num_overhead_bytes; + * size_t data_allocated_size = data_size; + * char* server_error_in_unseal = nullptr; + * // Server performs an unseal operation. + * server_status = alts_crypter_process_in_place(server, data, + * data_allocated_size, + * &data_size, + * &server_error_in_unseal); + * if (server_status != GRPC_STATUS_OK) { + * fprintf(stderr, "unseal operation failed with error code:" + * "%d, message: %s\n", server_status, + * server_error_in_unseal); + * } + * gpr_free(server_error_in_unseal); + * } else { + * fprintf(stderr, "alts_crypter instance creation failed with error" + * "code: %d, message: %s\n", server_status, + * server_error_in_creation); + * } + * + * ... + * + * gpr_free(data); + * gpr_free(server_error_in_creation); + * alts_crypter_destroy(server); + * + * ... + *------------------------------------------------------------------------------ + */ + +/* V-table for alts_crypter operations */ +typedef struct alts_crypter_vtable { + size_t (*num_overhead_bytes)(const alts_crypter* crypter); + grpc_status_code (*process_in_place)(alts_crypter* crypter, + unsigned char* data, + size_t data_allocated_size, + size_t data_size, size_t* output_size, + char** error_details); + void (*destruct)(alts_crypter* crypter); +} alts_crypter_vtable; + +/* Main struct for alts_crypter interface */ +struct alts_crypter { + const alts_crypter_vtable* vtable; +}; + +/** + * This method gets the number of overhead bytes needed for sealing data that + * is the difference in size between the protected and raw data. The counter + * value used in a seal or unseal operation is locally maintained (not sent or + * received from the other peer) and therefore, will not be counted as part of + * overhead bytes. + * + * - crypter: an alts_crypter instance. + * + * On success, the method returns the number of overhead bytes. Otherwise, it + * returns zero. + * + */ +size_t alts_crypter_num_overhead_bytes(const alts_crypter* crypter); + +/** + * This method performs either a seal or an unseal operation depending on the + * alts_crypter instance - crypter passed to the method. If the crypter is + * an instance implementing a seal operation, the method will perform a seal + * operation. That is, it seals raw data and stores the result in-place, and the + * memory allocated for data must be at least data_length + + * alts_crypter_num_overhead_bytes(). If the crypter is an instance + * implementing an unseal operation, the method will perform an unseal + * operation. That is, it unseals protected data and stores the result in-place. + * The size of unsealed data will be data_length - + * alts_crypter_num_overhead_bytes(). Integrity tag will be verified during + * the unseal operation, and if verification fails, the data will be wiped. + * The counters used in both seal and unseal operations are managed internally. + * + * - crypter: an alts_crypter instance. + * - data: if the method performs a seal operation, the data represents raw data + * that needs to be sealed. It also plays the role of buffer to hold the + * protected data as a result of seal. If the method performs an unseal + * operation, the data represents protected data that needs to be unsealed. It + * also plays the role of buffer to hold raw data as a result of unseal. + * - data_allocated_size: the size of data buffer. The parameter is used to + * check whether the result of either seal or unseal can be safely written to + * the data buffer. + * - data_size: if the method performs a seal operation, data_size + * represents the size of raw data that needs to be sealed, and if the method + * performs an unseal operation, data_size represents the size of protected + * data that needs to be unsealed. + * - output_size: size of data written to the data buffer after a seal or an + * unseal operation. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is legal to pass nullptr into error_details and + * otherwise, the parameter should be freed with gpr_free. + * + * On success, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code alts_crypter_process_in_place( + alts_crypter* crypter, unsigned char* data, size_t data_allocated_size, + size_t data_size, size_t* output_size, char** error_details); + +/** + * This method creates an alts_crypter instance to be used to perform a seal + * operation, given a gsec_aead_crypter instance and a flag indicating if the + * created instance will be used at the client or server side. It takes + * ownership of gsec_aead_crypter instance. + * + * - gc: a gsec_aead_crypter instance used to perform AEAD encryption. + * - is_client: a flag indicating if the alts_crypter instance will be + * used at the client (is_client = true) or server (is_client = + * false) side. + * - overflow_size: overflow size of counter in bytes. + * - crypter: an alts_crypter instance to be returned from the method. + * - error_details: a buffer containing an error message if the method does + * not function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On success of creation, the method returns GRPC_STATUS_OK. + * Otherwise, it returns an error status code along with its details specified + * in error_details (if error_details is not nullptr). + */ +grpc_status_code alts_seal_crypter_create(gsec_aead_crypter* gc, bool is_client, + size_t overflow_size, + alts_crypter** crypter, + char** error_details); + +/** + * This method creates an alts_crypter instance used to perform an unseal + * operation, given a gsec_aead_crypter instance and a flag indicating if the + * created instance will be used at the client or server side. It takes + * ownership of gsec_aead_crypter instance. + * + * - gc: a gsec_aead_crypter instance used to perform AEAD decryption. + * - is_client: a flag indicating if the alts_crypter instance will be + * used at the client (is_client = true) or server (is_client = + * false) side. + * - overflow_size: overflow size of counter in bytes. + * - crypter: an alts_crypter instance to be returned from the method. + * - error_details: a buffer containing an error message if the method does + * not function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On success of creation, the method returns GRPC_STATUS_OK. + * Otherwise, it returns an error status code along with its details specified + * in error_details (if error_details is not nullptr). + */ +grpc_status_code alts_unseal_crypter_create(gsec_aead_crypter* gc, + bool is_client, + size_t overflow_size, + alts_crypter** crypter, + char** error_details); + +/** + * This method destroys an alts_crypter instance by de-allocating all of its + * occupied memory. A gsec_aead_crypter instance passed in at alts_crypter + * instance creation time will be destroyed in this method. + * + * - crypter: an alts_crypter instance. + */ +void alts_crypter_destroy(alts_crypter* crypter); + +#endif /* GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_CRYPTER_H */ diff --git a/src/core/tsi/alts/frame_protector/alts_frame_protector.cc b/src/core/tsi/alts/frame_protector/alts_frame_protector.cc new file mode 100644 index 0000000000..bfa0b7a720 --- /dev/null +++ b/src/core/tsi/alts/frame_protector/alts_frame_protector.cc @@ -0,0 +1,407 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/frame_protector/alts_frame_protector.h" + +#include <stdio.h> +#include <stdlib.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/gpr/useful.h" +#include "src/core/tsi/alts/crypt/gsec.h" +#include "src/core/tsi/alts/frame_protector/alts_crypter.h" +#include "src/core/tsi/alts/frame_protector/frame_handler.h" +#include "src/core/tsi/transport_security.h" + +constexpr size_t kMinFrameLength = 1024; +constexpr size_t kDefaultFrameLength = 16 * 1024; +constexpr size_t kMaxFrameLength = 1024 * 1024; + +// Limit k on number of frames such that at most 2^(8 * k) frames can be sent. +constexpr size_t kAltsRecordProtocolRekeyFrameLimit = 8; +constexpr size_t kAltsRecordProtocolFrameLimit = 5; + +/* Main struct for alts_frame_protector. */ +struct alts_frame_protector { + tsi_frame_protector base; + alts_crypter* seal_crypter; + alts_crypter* unseal_crypter; + alts_frame_writer* writer; + alts_frame_reader* reader; + unsigned char* in_place_protect_buffer; + unsigned char* in_place_unprotect_buffer; + size_t in_place_protect_bytes_buffered; + size_t in_place_unprotect_bytes_processed; + size_t max_protected_frame_size; + size_t max_unprotected_frame_size; + size_t overhead_length; + size_t counter_overflow; +}; + +static tsi_result seal(alts_frame_protector* impl) { + char* error_details = nullptr; + size_t output_size = 0; + grpc_status_code status = alts_crypter_process_in_place( + impl->seal_crypter, impl->in_place_protect_buffer, + impl->max_protected_frame_size, impl->in_place_protect_bytes_buffered, + &output_size, &error_details); + impl->in_place_protect_bytes_buffered = output_size; + if (status != GRPC_STATUS_OK) { + gpr_log(GPR_ERROR, "%s", error_details); + gpr_free(error_details); + return TSI_INTERNAL_ERROR; + } + return TSI_OK; +} + +static size_t max_encrypted_payload_bytes(alts_frame_protector* impl) { + return impl->max_protected_frame_size - kFrameHeaderSize; +} + +static tsi_result alts_protect_flush(tsi_frame_protector* self, + unsigned char* protected_output_frames, + size_t* protected_output_frames_size, + size_t* still_pending_size) { + if (self == nullptr || protected_output_frames == nullptr || + protected_output_frames_size == nullptr || + still_pending_size == nullptr) { + gpr_log(GPR_ERROR, "Invalid nullptr arguments to alts_protect_flush()."); + return TSI_INVALID_ARGUMENT; + } + alts_frame_protector* impl = reinterpret_cast<alts_frame_protector*>(self); + /** + * If there's nothing to flush (i.e., in_place_protect_buffer is empty), + * we're done. + */ + if (impl->in_place_protect_bytes_buffered == 0) { + *protected_output_frames_size = 0; + *still_pending_size = 0; + return TSI_OK; + } + /** + * If a new frame can start being processed, we encrypt the payload and reset + * the frame writer to point to in_place_protect_buffer that holds the newly + * sealed frame. + */ + if (alts_is_frame_writer_done(impl->writer)) { + tsi_result result = seal(impl); + if (result != TSI_OK) { + return result; + } + if (!alts_reset_frame_writer(impl->writer, impl->in_place_protect_buffer, + impl->in_place_protect_bytes_buffered)) { + gpr_log(GPR_ERROR, "Couldn't reset frame writer."); + return TSI_INTERNAL_ERROR; + } + } + /** + * Write the sealed frame as much as possible to protected_output_frames. It's + * possible a frame will not be written out completely by a single flush + * (i.e., still_pending_size != 0), in which case the flush should be called + * iteratively until a complete frame has been written out. + */ + size_t written_frame_bytes = *protected_output_frames_size; + if (!alts_write_frame_bytes(impl->writer, protected_output_frames, + &written_frame_bytes)) { + gpr_log(GPR_ERROR, "Couldn't write frame bytes."); + return TSI_INTERNAL_ERROR; + } + *protected_output_frames_size = written_frame_bytes; + *still_pending_size = alts_get_num_writer_bytes_remaining(impl->writer); + /** + * If the current frame has been finished processing (i.e., sealed and written + * out completely), we empty in_place_protect_buffer. + */ + if (alts_is_frame_writer_done(impl->writer)) { + impl->in_place_protect_bytes_buffered = 0; + } + return TSI_OK; +} + +static tsi_result alts_protect(tsi_frame_protector* self, + const unsigned char* unprotected_bytes, + size_t* unprotected_bytes_size, + unsigned char* protected_output_frames, + size_t* protected_output_frames_size) { + if (self == nullptr || unprotected_bytes == nullptr || + unprotected_bytes_size == nullptr || protected_output_frames == nullptr || + protected_output_frames_size == nullptr) { + gpr_log(GPR_ERROR, "Invalid nullptr arguments to alts_protect()."); + return TSI_INVALID_ARGUMENT; + } + alts_frame_protector* impl = reinterpret_cast<alts_frame_protector*>(self); + + /** + * If more payload can be buffered, we buffer it as much as possible to + * in_place_protect_buffer. + */ + if (impl->in_place_protect_bytes_buffered + impl->overhead_length < + max_encrypted_payload_bytes(impl)) { + size_t bytes_to_buffer = GPR_MIN(*unprotected_bytes_size, + max_encrypted_payload_bytes(impl) - + impl->in_place_protect_bytes_buffered - + impl->overhead_length); + *unprotected_bytes_size = bytes_to_buffer; + if (bytes_to_buffer > 0) { + memcpy( + impl->in_place_protect_buffer + impl->in_place_protect_bytes_buffered, + unprotected_bytes, bytes_to_buffer); + impl->in_place_protect_bytes_buffered += bytes_to_buffer; + } + } else { + *unprotected_bytes_size = 0; + } + /** + * If a full frame has been buffered, we output it. If the first condition + * holds, then there exists an unencrypted full frame. If the second + * condition holds, then there exists a full frame that has already been + * encrypted. + */ + if (max_encrypted_payload_bytes(impl) == + impl->in_place_protect_bytes_buffered + impl->overhead_length || + max_encrypted_payload_bytes(impl) == + impl->in_place_protect_bytes_buffered) { + size_t still_pending_size = 0; + return alts_protect_flush(self, protected_output_frames, + protected_output_frames_size, + &still_pending_size); + } else { + *protected_output_frames_size = 0; + return TSI_OK; + } +} + +static tsi_result unseal(alts_frame_protector* impl) { + char* error_details = nullptr; + size_t output_size = 0; + grpc_status_code status = alts_crypter_process_in_place( + impl->unseal_crypter, impl->in_place_unprotect_buffer, + impl->max_unprotected_frame_size, + alts_get_output_bytes_read(impl->reader), &output_size, &error_details); + if (status != GRPC_STATUS_OK) { + gpr_log(GPR_ERROR, "%s", error_details); + gpr_free(error_details); + return TSI_DATA_CORRUPTED; + } + return TSI_OK; +} + +static void ensure_buffer_size(alts_frame_protector* impl) { + if (!alts_has_read_frame_length(impl->reader)) { + return; + } + size_t buffer_space_remaining = impl->max_unprotected_frame_size - + alts_get_output_bytes_read(impl->reader); + /** + * Check if we need to resize in_place_unprotect_buffer in order to hold + * remaining bytes of a full frame. + */ + if (buffer_space_remaining < alts_get_reader_bytes_remaining(impl->reader)) { + size_t buffer_len = alts_get_output_bytes_read(impl->reader) + + alts_get_reader_bytes_remaining(impl->reader); + unsigned char* buffer = static_cast<unsigned char*>(gpr_malloc(buffer_len)); + memcpy(buffer, impl->in_place_unprotect_buffer, + alts_get_output_bytes_read(impl->reader)); + impl->max_unprotected_frame_size = buffer_len; + gpr_free(impl->in_place_unprotect_buffer); + impl->in_place_unprotect_buffer = buffer; + alts_reset_reader_output_buffer( + impl->reader, buffer + alts_get_output_bytes_read(impl->reader)); + } +} + +static tsi_result alts_unprotect(tsi_frame_protector* self, + const unsigned char* protected_frames_bytes, + size_t* protected_frames_bytes_size, + unsigned char* unprotected_bytes, + size_t* unprotected_bytes_size) { + if (self == nullptr || protected_frames_bytes == nullptr || + protected_frames_bytes_size == nullptr || unprotected_bytes == nullptr || + unprotected_bytes_size == nullptr) { + gpr_log(GPR_ERROR, "Invalid nullptr arguments to alts_unprotect()."); + return TSI_INVALID_ARGUMENT; + } + alts_frame_protector* impl = reinterpret_cast<alts_frame_protector*>(self); + /** + * If a new frame can start being processed, we reset the frame reader to + * point to in_place_unprotect_buffer that will be used to hold deframed + * result. + */ + if (alts_is_frame_reader_done(impl->reader) && + ((alts_get_output_buffer(impl->reader) == nullptr) || + (alts_get_output_bytes_read(impl->reader) == + impl->in_place_unprotect_bytes_processed + impl->overhead_length))) { + if (!alts_reset_frame_reader(impl->reader, + impl->in_place_unprotect_buffer)) { + gpr_log(GPR_ERROR, "Couldn't reset frame reader."); + return TSI_INTERNAL_ERROR; + } + impl->in_place_unprotect_bytes_processed = 0; + } + /** + * If a full frame has not yet been read, we read more bytes from + * protected_frames_bytes until a full frame has been read. We also need to + * make sure in_place_unprotect_buffer is large enough to hold a complete + * frame. + */ + if (!alts_is_frame_reader_done(impl->reader)) { + ensure_buffer_size(impl); + *protected_frames_bytes_size = + GPR_MIN(impl->max_unprotected_frame_size - + alts_get_output_bytes_read(impl->reader), + *protected_frames_bytes_size); + size_t read_frames_bytes_size = *protected_frames_bytes_size; + if (!alts_read_frame_bytes(impl->reader, protected_frames_bytes, + &read_frames_bytes_size)) { + gpr_log(GPR_ERROR, "Failed to process frame."); + return TSI_INTERNAL_ERROR; + } + *protected_frames_bytes_size = read_frames_bytes_size; + } else { + *protected_frames_bytes_size = 0; + } + /** + * If a full frame has been read, we unseal it, and write out the + * deframed result to unprotected_bytes. + */ + if (alts_is_frame_reader_done(impl->reader)) { + if (impl->in_place_unprotect_bytes_processed == 0) { + tsi_result result = unseal(impl); + if (result != TSI_OK) { + return result; + } + } + size_t bytes_to_write = GPR_MIN( + *unprotected_bytes_size, alts_get_output_bytes_read(impl->reader) - + impl->in_place_unprotect_bytes_processed - + impl->overhead_length); + if (bytes_to_write > 0) { + memcpy(unprotected_bytes, + impl->in_place_unprotect_buffer + + impl->in_place_unprotect_bytes_processed, + bytes_to_write); + } + *unprotected_bytes_size = bytes_to_write; + impl->in_place_unprotect_bytes_processed += bytes_to_write; + return TSI_OK; + } else { + *unprotected_bytes_size = 0; + return TSI_OK; + } +} + +static void alts_destroy(tsi_frame_protector* self) { + alts_frame_protector* impl = reinterpret_cast<alts_frame_protector*>(self); + if (impl != nullptr) { + alts_crypter_destroy(impl->seal_crypter); + alts_crypter_destroy(impl->unseal_crypter); + gpr_free(impl->in_place_protect_buffer); + gpr_free(impl->in_place_unprotect_buffer); + alts_destroy_frame_writer(impl->writer); + alts_destroy_frame_reader(impl->reader); + gpr_free(impl); + } +} + +static const tsi_frame_protector_vtable alts_frame_protector_vtable = { + alts_protect, alts_protect_flush, alts_unprotect, alts_destroy}; + +static grpc_status_code create_alts_crypters(const uint8_t* key, + size_t key_size, bool is_client, + bool is_rekey, + alts_frame_protector* impl, + char** error_details) { + grpc_status_code status; + gsec_aead_crypter* aead_crypter_seal = nullptr; + gsec_aead_crypter* aead_crypter_unseal = nullptr; + status = gsec_aes_gcm_aead_crypter_create(key, key_size, kAesGcmNonceLength, + kAesGcmTagLength, is_rekey, + &aead_crypter_seal, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + status = gsec_aes_gcm_aead_crypter_create( + key, key_size, kAesGcmNonceLength, kAesGcmTagLength, is_rekey, + &aead_crypter_unseal, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + size_t overflow_size = is_rekey ? kAltsRecordProtocolRekeyFrameLimit + : kAltsRecordProtocolFrameLimit; + status = alts_seal_crypter_create(aead_crypter_seal, is_client, overflow_size, + &impl->seal_crypter, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + status = + alts_unseal_crypter_create(aead_crypter_unseal, is_client, overflow_size, + &impl->unseal_crypter, error_details); + return status; +} + +tsi_result alts_create_frame_protector(const uint8_t* key, size_t key_size, + bool is_client, bool is_rekey, + size_t* max_protected_frame_size, + tsi_frame_protector** self) { + if (key == nullptr || self == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to alts_create_frame_protector()."); + return TSI_INTERNAL_ERROR; + } + char* error_details = nullptr; + alts_frame_protector* impl = + static_cast<alts_frame_protector*>(gpr_zalloc(sizeof(*impl))); + grpc_status_code status = create_alts_crypters( + key, key_size, is_client, is_rekey, impl, &error_details); + if (status != GRPC_STATUS_OK) { + gpr_log(GPR_ERROR, "Failed to create ALTS crypters, %s.", error_details); + gpr_free(error_details); + return TSI_INTERNAL_ERROR; + } + /** + * Set maximum frame size to be used by a frame protector. If it is nullptr, a + * default frame size will be used. Otherwise, the provided frame size will be + * adjusted (if not falling into a valid frame range) and used. + */ + size_t max_protected_frame_size_to_set = kDefaultFrameLength; + if (max_protected_frame_size != nullptr) { + *max_protected_frame_size = + GPR_MIN(*max_protected_frame_size, kMaxFrameLength); + *max_protected_frame_size = + GPR_MAX(*max_protected_frame_size, kMinFrameLength); + max_protected_frame_size_to_set = *max_protected_frame_size; + } + impl->max_protected_frame_size = max_protected_frame_size_to_set; + impl->max_unprotected_frame_size = max_protected_frame_size_to_set; + impl->in_place_protect_bytes_buffered = 0; + impl->in_place_unprotect_bytes_processed = 0; + impl->in_place_protect_buffer = static_cast<unsigned char*>( + gpr_malloc(sizeof(unsigned char) * max_protected_frame_size_to_set)); + impl->in_place_unprotect_buffer = static_cast<unsigned char*>( + gpr_malloc(sizeof(unsigned char) * max_protected_frame_size_to_set)); + impl->overhead_length = alts_crypter_num_overhead_bytes(impl->seal_crypter); + impl->writer = alts_create_frame_writer(); + impl->reader = alts_create_frame_reader(); + impl->base.vtable = &alts_frame_protector_vtable; + *self = &impl->base; + return TSI_OK; +} diff --git a/src/core/tsi/alts/frame_protector/alts_frame_protector.h b/src/core/tsi/alts/frame_protector/alts_frame_protector.h new file mode 100644 index 0000000000..321bffaed8 --- /dev/null +++ b/src/core/tsi/alts/frame_protector/alts_frame_protector.h @@ -0,0 +1,55 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_FRAME_PROTECTOR_H +#define GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_FRAME_PROTECTOR_H + +#include <grpc/support/port_platform.h> + +#include <stdbool.h> + +#include "src/core/tsi/transport_security_interface.h" + +typedef struct alts_frame_protector alts_frame_protector; + +/** + * TODO: Add a parameter to the interface to support the use of + * different record protocols within a frame protector. + * + * This method creates a frame protector. + * + * - key: a symmetric key used to seal/unseal frames. + * - key_size: the size of symmetric key. + * - is_client: a flag indicating if the frame protector will be used at client + * (is_client = true) or server (is_client = false) side. + * - is_rekey: a flag indicating if the frame protector will use an AEAD with + * rekeying. + * - max_protected_frame_size: an in/out parameter indicating max frame size + * to be used by the frame protector. If it is nullptr, the default frame + * size will be used. Otherwise, the provided frame size will be adjusted (if + * not falling into a valid frame range) and used. + * - self: a pointer to the frame protector returned from the method. + * + * This method returns TSI_OK on success and TSI_INTERNAL_ERROR otherwise. + */ +tsi_result alts_create_frame_protector(const uint8_t* key, size_t key_size, + bool is_client, bool is_rekey, + size_t* max_protected_frame_size, + tsi_frame_protector** self); + +#endif /* GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_FRAME_PROTECTOR_H */ diff --git a/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc b/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc new file mode 100644 index 0000000000..0574ed5012 --- /dev/null +++ b/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc @@ -0,0 +1,114 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h" + +#include <grpc/support/alloc.h> + +static void maybe_copy_error_msg(const char* src, char** dst) { + if (dst != nullptr && src != nullptr) { + *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1)); + memcpy(*dst, src, strlen(src) + 1); + } +} + +grpc_status_code input_sanity_check( + const alts_record_protocol_crypter* rp_crypter, const unsigned char* data, + size_t* output_size, char** error_details) { + if (rp_crypter == nullptr) { + maybe_copy_error_msg("alts_crypter instance is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } else if (data == nullptr) { + maybe_copy_error_msg("data is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } else if (output_size == nullptr) { + maybe_copy_error_msg("output_size is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + return GRPC_STATUS_OK; +} + +grpc_status_code increment_counter(alts_record_protocol_crypter* rp_crypter, + char** error_details) { + bool is_overflow = false; + grpc_status_code status = + alts_counter_increment(rp_crypter->ctr, &is_overflow, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + if (is_overflow) { + const char error_msg[] = + "crypter counter is wrapped. The connection" + "should be closed and the key should be deleted."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_INTERNAL; + } + return GRPC_STATUS_OK; +} + +size_t alts_record_protocol_crypter_num_overhead_bytes(const alts_crypter* c) { + if (c != nullptr) { + size_t num_overhead_bytes = 0; + char* error_details = nullptr; + const alts_record_protocol_crypter* rp_crypter = + reinterpret_cast<const alts_record_protocol_crypter*>(c); + grpc_status_code status = gsec_aead_crypter_tag_length( + rp_crypter->crypter, &num_overhead_bytes, &error_details); + if (status == GRPC_STATUS_OK) { + return num_overhead_bytes; + } + } + return 0; +} + +void alts_record_protocol_crypter_destruct(alts_crypter* c) { + if (c != nullptr) { + alts_record_protocol_crypter* rp_crypter = + reinterpret_cast<alts_record_protocol_crypter*>(c); + alts_counter_destroy(rp_crypter->ctr); + gsec_aead_crypter_destroy(rp_crypter->crypter); + } +} + +alts_record_protocol_crypter* alts_crypter_create_common( + gsec_aead_crypter* crypter, bool is_client, size_t overflow_size, + char** error_details) { + if (crypter != nullptr) { + auto* rp_crypter = static_cast<alts_record_protocol_crypter*>( + gpr_malloc(sizeof(alts_record_protocol_crypter))); + size_t counter_size = 0; + grpc_status_code status = + gsec_aead_crypter_nonce_length(crypter, &counter_size, error_details); + if (status != GRPC_STATUS_OK) { + return nullptr; + } + /* Create a counter. */ + status = alts_counter_create(is_client, counter_size, overflow_size, + &rp_crypter->ctr, error_details); + if (status != GRPC_STATUS_OK) { + return nullptr; + } + rp_crypter->crypter = crypter; + return rp_crypter; + } + const char error_msg[] = "crypter is nullptr."; + maybe_copy_error_msg(error_msg, error_details); + return nullptr; +} diff --git a/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h b/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h new file mode 100644 index 0000000000..682a8f7e7a --- /dev/null +++ b/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h @@ -0,0 +1,114 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_RECORD_PROTOCOL_CRYPTER_COMMON_H +#define GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_RECORD_PROTOCOL_CRYPTER_COMMON_H + +#include <grpc/support/port_platform.h> + +#include <grpc/grpc.h> + +#include "src/core/tsi/alts/frame_protector/alts_counter.h" +#include "src/core/tsi/alts/frame_protector/alts_crypter.h" + +/** + * This file contains common implementation that will be used in both seal and + * unseal operations. + */ + +/** + * Main struct for alts_record_protocol_crypter that will be used in both + * seal and unseal operations. + */ +typedef struct alts_record_protocol_crypter { + alts_crypter base; + gsec_aead_crypter* crypter; + alts_counter* ctr; +} alts_record_protocol_crypter; + +/** + * This method performs input sanity checks on a subset of inputs to + * alts_crypter_process_in_place() for both seal and unseal operations. + * + * - rp_crypter: an alts_record_protocol_crypter instance. + * - data: it represents raw data that needs to be sealed in a seal operation or + * protected data that needs to be unsealed in an unseal operation. + * - output_size: size of data written to the data buffer after a seal or + * unseal operation. + * - error_details: a buffer containing an error message if any of checked + * inputs is nullptr. It is legal to pass nullptr into error_details and + * otherwise, the parameter should be freed with gpr_free. + * + * On success, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code input_sanity_check( + const alts_record_protocol_crypter* rp_crypter, const unsigned char* data, + size_t* output_size, char** error_details); + +/** + * This method increments the counter within an alts_record_protocol_crypter + * instance. + * + * - rp_crypter: an alts_record_protocol_crypter instance. + * - error_details: a buffer containing an error message if the method does not + * function correctly or the counter is wrapped. It is legal to pass nullptr + * into error_details and otherwise, the parameter should be freed with + * gpr_free. + * + * On success, the method returns GRPC_STATUS_OK. Otherwise, + * it returns an error status code along with its details specified in + * error_details (if error_details is not nullptr). + */ +grpc_status_code increment_counter(alts_record_protocol_crypter* rp_crypter, + char** error_details); + +/** + * This method creates an alts_crypter instance, and populates the fields + * that are common to both seal and unseal operations. + * + * - crypter: a gsec_aead_crypter instance used to perform AEAD decryption. The + * function does not take ownership of crypter. + * - is_client: a flag indicating if the alts_crypter instance will be + * used at the client (is_client = true) or server (is_client = + * false) side. + * - overflow_size: overflow size of counter in bytes. + * - error_details: a buffer containing an error message if the method does + * not function correctly. It is legal to pass nullptr into error_details, and + * otherwise, the parameter should be freed with gpr_free. + * + * On success of creation, the method returns alts_record_protocol_crypter + * instance. Otherwise, it returns nullptr with its details specified in + * error_details (if error_details is not nullptr). + * + */ +alts_record_protocol_crypter* alts_crypter_create_common( + gsec_aead_crypter* crypter, bool is_client, size_t overflow_size, + char** error_details); + +/** + * For the following two methods, please refer to the corresponding API in + * alts_crypter.h for detailed specifications. + */ +size_t alts_record_protocol_crypter_num_overhead_bytes(const alts_crypter* c); + +void alts_record_protocol_crypter_destruct(alts_crypter* c); + +#endif /* GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_ALTS_RECORD_PROTOCOL_CRYPTER_COMMON_H \ + */ diff --git a/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc b/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc new file mode 100644 index 0000000000..f407831613 --- /dev/null +++ b/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc @@ -0,0 +1,105 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include <grpc/support/alloc.h> + +#include "src/core/tsi/alts/frame_protector/alts_counter.h" +#include "src/core/tsi/alts/frame_protector/alts_crypter.h" +#include "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h" + +static void maybe_copy_error_msg(const char* src, char** dst) { + if (dst != nullptr && src != nullptr) { + *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1)); + memcpy(*dst, src, strlen(src) + 1); + } +} + +/* Perform input santity check for a seal operation. */ +static grpc_status_code seal_check(alts_crypter* c, const unsigned char* data, + size_t data_allocated_size, size_t data_size, + size_t* output_size, char** error_details) { + /* Do common input sanity check. */ + grpc_status_code status = input_sanity_check( + reinterpret_cast<const alts_record_protocol_crypter*>(c), data, + output_size, error_details); + if (status != GRPC_STATUS_OK) return status; + /* Do seal-specific check. */ + size_t num_overhead_bytes = + alts_crypter_num_overhead_bytes(reinterpret_cast<const alts_crypter*>(c)); + if (data_size == 0) { + const char error_msg[] = "data_size is zero."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (data_size + num_overhead_bytes > data_allocated_size) { + const char error_msg[] = + "data_allocated_size is smaller than sum of data_size and " + "num_overhead_bytes."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + return GRPC_STATUS_OK; +} + +static grpc_status_code alts_seal_crypter_process_in_place( + alts_crypter* c, unsigned char* data, size_t data_allocated_size, + size_t data_size, size_t* output_size, char** error_details) { + grpc_status_code status = seal_check(c, data, data_allocated_size, data_size, + output_size, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + /* Do AEAD encryption. */ + alts_record_protocol_crypter* rp_crypter = + reinterpret_cast<alts_record_protocol_crypter*>(c); + status = gsec_aead_crypter_encrypt( + rp_crypter->crypter, alts_counter_get_counter(rp_crypter->ctr), + alts_counter_get_size(rp_crypter->ctr), nullptr /* aad */, + 0 /* aad_length */, data, data_size, data, data_allocated_size, + output_size, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + /* Increment the crypter counter. */ + return increment_counter(rp_crypter, error_details); +} + +static const alts_crypter_vtable vtable = { + alts_record_protocol_crypter_num_overhead_bytes, + alts_seal_crypter_process_in_place, alts_record_protocol_crypter_destruct}; + +grpc_status_code alts_seal_crypter_create(gsec_aead_crypter* gc, bool is_client, + size_t overflow_size, + alts_crypter** crypter, + char** error_details) { + if (crypter == nullptr) { + const char error_msg[] = "crypter is nullptr."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + alts_record_protocol_crypter* rp_crypter = + alts_crypter_create_common(gc, !is_client, overflow_size, error_details); + if (rp_crypter == nullptr) { + return GRPC_STATUS_FAILED_PRECONDITION; + } + rp_crypter->base.vtable = &vtable; + *crypter = &rp_crypter->base; + return GRPC_STATUS_OK; +} diff --git a/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc b/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc new file mode 100644 index 0000000000..51bea24f1f --- /dev/null +++ b/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc @@ -0,0 +1,103 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include <grpc/support/alloc.h> + +#include "src/core/tsi/alts/frame_protector/alts_counter.h" +#include "src/core/tsi/alts/frame_protector/alts_crypter.h" +#include "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h" + +static void maybe_copy_error_msg(const char* src, char** dst) { + if (dst != nullptr && src != nullptr) { + *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1)); + memcpy(*dst, src, strlen(src) + 1); + } +} + +/* Perform input santity check. */ +static grpc_status_code unseal_check(alts_crypter* c, const unsigned char* data, + size_t data_allocated_size, + size_t data_size, size_t* output_size, + char** error_details) { + /* Do common input sanity check. */ + grpc_status_code status = input_sanity_check( + reinterpret_cast<const alts_record_protocol_crypter*>(c), data, + output_size, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + /* Do unseal-specific input check. */ + size_t num_overhead_bytes = + alts_crypter_num_overhead_bytes(reinterpret_cast<const alts_crypter*>(c)); + if (num_overhead_bytes > data_size) { + const char error_msg[] = "data_size is smaller than num_overhead_bytes."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + return GRPC_STATUS_OK; +} + +static grpc_status_code alts_unseal_crypter_process_in_place( + alts_crypter* c, unsigned char* data, size_t data_allocated_size, + size_t data_size, size_t* output_size, char** error_details) { + grpc_status_code status = unseal_check(c, data, data_allocated_size, + data_size, output_size, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + /* Do AEAD decryption. */ + alts_record_protocol_crypter* rp_crypter = + reinterpret_cast<alts_record_protocol_crypter*>(c); + status = gsec_aead_crypter_decrypt( + rp_crypter->crypter, alts_counter_get_counter(rp_crypter->ctr), + alts_counter_get_size(rp_crypter->ctr), nullptr /* aad */, + 0 /* aad_length */, data, data_size, data, data_allocated_size, + output_size, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + /* Increment the crypter counter. */ + return increment_counter(rp_crypter, error_details); +} + +static const alts_crypter_vtable vtable = { + alts_record_protocol_crypter_num_overhead_bytes, + alts_unseal_crypter_process_in_place, + alts_record_protocol_crypter_destruct}; + +grpc_status_code alts_unseal_crypter_create(gsec_aead_crypter* gc, + bool is_client, + size_t overflow_size, + alts_crypter** crypter, + char** error_details) { + if (crypter == nullptr) { + const char error_msg[] = "crypter is nullptr."; + maybe_copy_error_msg(error_msg, error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + alts_record_protocol_crypter* rp_crypter = + alts_crypter_create_common(gc, is_client, overflow_size, error_details); + if (rp_crypter == nullptr) { + return GRPC_STATUS_FAILED_PRECONDITION; + } + rp_crypter->base.vtable = &vtable; + *crypter = &rp_crypter->base; + return GRPC_STATUS_OK; +} diff --git a/src/core/tsi/alts/frame_protector/frame_handler.cc b/src/core/tsi/alts/frame_protector/frame_handler.cc new file mode 100644 index 0000000000..d3fda63b3d --- /dev/null +++ b/src/core/tsi/alts/frame_protector/frame_handler.cc @@ -0,0 +1,218 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/frame_protector/frame_handler.h" + +#include <limits.h> +#include <stdint.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/gpr/useful.h" + +/* Use little endian to interpret a string of bytes as uint32_t. */ +static uint32_t load_32_le(const unsigned char* buffer) { + return (((uint32_t)buffer[3]) << 24) | (((uint32_t)buffer[2]) << 16) | + (((uint32_t)buffer[1]) << 8) | ((uint32_t)buffer[0]); +} + +/* Store uint32_t as a string of little endian bytes. */ +static void store_32_le(uint32_t value, unsigned char* buffer) { + buffer[3] = (unsigned char)(value >> 24) & 0xFF; + buffer[2] = (unsigned char)(value >> 16) & 0xFF; + buffer[1] = (unsigned char)(value >> 8) & 0xFF; + buffer[0] = (unsigned char)(value)&0xFF; +} + +/* Frame writer implementation. */ +alts_frame_writer* alts_create_frame_writer() { + alts_frame_writer* writer = + static_cast<alts_frame_writer*>(gpr_zalloc(sizeof(*writer))); + return writer; +} + +bool alts_reset_frame_writer(alts_frame_writer* writer, + const unsigned char* buffer, size_t length) { + if (buffer == nullptr) return false; + size_t max_input_size = SIZE_MAX - kFrameLengthFieldSize; + if (length > max_input_size) { + gpr_log(GPR_ERROR, "length must be at most %zu", max_input_size); + return false; + } + writer->input_buffer = buffer; + writer->input_size = length; + writer->input_bytes_written = 0; + writer->header_bytes_written = 0; + store_32_le( + static_cast<uint32_t>(writer->input_size + kFrameMessageTypeFieldSize), + writer->header_buffer); + store_32_le(kFrameMessageType, writer->header_buffer + kFrameLengthFieldSize); + return true; +} + +bool alts_write_frame_bytes(alts_frame_writer* writer, unsigned char* output, + size_t* bytes_size) { + if (bytes_size == nullptr || output == nullptr) return false; + if (alts_is_frame_writer_done(writer)) { + *bytes_size = 0; + return true; + } + size_t bytes_written = 0; + /* Write some header bytes, if needed. */ + if (writer->header_bytes_written != sizeof(writer->header_buffer)) { + size_t bytes_to_write = + GPR_MIN(*bytes_size, + sizeof(writer->header_buffer) - writer->header_bytes_written); + memcpy(output, writer->header_buffer + writer->header_bytes_written, + bytes_to_write); + bytes_written += bytes_to_write; + *bytes_size -= bytes_to_write; + writer->header_bytes_written += bytes_to_write; + output += bytes_to_write; + if (writer->header_bytes_written != sizeof(writer->header_buffer)) { + *bytes_size = bytes_written; + return true; + } + } + /* Write some non-header bytes. */ + size_t bytes_to_write = + GPR_MIN(writer->input_size - writer->input_bytes_written, *bytes_size); + memcpy(output, writer->input_buffer, bytes_to_write); + writer->input_buffer += bytes_to_write; + bytes_written += bytes_to_write; + writer->input_bytes_written += bytes_to_write; + *bytes_size = bytes_written; + return true; +} + +bool alts_is_frame_writer_done(alts_frame_writer* writer) { + return writer->input_buffer == nullptr || + writer->input_size == writer->input_bytes_written; +} + +size_t alts_get_num_writer_bytes_remaining(alts_frame_writer* writer) { + return (sizeof(writer->header_buffer) - writer->header_bytes_written) + + (writer->input_size - writer->input_bytes_written); +} + +void alts_destroy_frame_writer(alts_frame_writer* writer) { gpr_free(writer); } + +/* Frame reader implementation. */ +alts_frame_reader* alts_create_frame_reader() { + alts_frame_reader* reader = + static_cast<alts_frame_reader*>(gpr_zalloc(sizeof(*reader))); + return reader; +} + +bool alts_is_frame_reader_done(alts_frame_reader* reader) { + return reader->output_buffer == nullptr || + (reader->header_bytes_read == sizeof(reader->header_buffer) && + reader->bytes_remaining == 0); +} + +bool alts_has_read_frame_length(alts_frame_reader* reader) { + return sizeof(reader->header_buffer) == reader->header_bytes_read; +} + +size_t alts_get_reader_bytes_remaining(alts_frame_reader* reader) { + return alts_has_read_frame_length(reader) ? reader->bytes_remaining : 0; +} + +void alts_reset_reader_output_buffer(alts_frame_reader* reader, + unsigned char* buffer) { + reader->output_buffer = buffer; +} + +bool alts_reset_frame_reader(alts_frame_reader* reader, unsigned char* buffer) { + if (buffer == nullptr) return false; + reader->output_buffer = buffer; + reader->bytes_remaining = 0; + reader->header_bytes_read = 0; + reader->output_bytes_read = 0; + return true; +} + +bool alts_read_frame_bytes(alts_frame_reader* reader, + const unsigned char* bytes, size_t* bytes_size) { + if (bytes_size == nullptr) return false; + if (bytes == nullptr) { + *bytes_size = 0; + return false; + } + if (alts_is_frame_reader_done(reader)) { + *bytes_size = 0; + return true; + } + size_t bytes_processed = 0; + /* Process the header, if needed. */ + if (reader->header_bytes_read != sizeof(reader->header_buffer)) { + size_t bytes_to_write = GPR_MIN( + *bytes_size, sizeof(reader->header_buffer) - reader->header_bytes_read); + memcpy(reader->header_buffer + reader->header_bytes_read, bytes, + bytes_to_write); + reader->header_bytes_read += bytes_to_write; + bytes_processed += bytes_to_write; + bytes += bytes_to_write; + *bytes_size -= bytes_to_write; + if (reader->header_bytes_read != sizeof(reader->header_buffer)) { + *bytes_size = bytes_processed; + return true; + } + size_t frame_length = load_32_le(reader->header_buffer); + if (frame_length < kFrameMessageTypeFieldSize || + frame_length > kFrameMaxSize) { + gpr_log(GPR_ERROR, + "Bad frame length (should be at least %zu, and at most %zu)", + kFrameMessageTypeFieldSize, kFrameMaxSize); + *bytes_size = 0; + return false; + } + size_t message_type = + load_32_le(reader->header_buffer + kFrameLengthFieldSize); + if (message_type != kFrameMessageType) { + gpr_log(GPR_ERROR, "Unsupported message type %zu (should be %zu)", + message_type, kFrameMessageType); + *bytes_size = 0; + return false; + } + reader->bytes_remaining = frame_length - kFrameMessageTypeFieldSize; + } + /* Process the non-header bytes. */ + size_t bytes_to_write = GPR_MIN(*bytes_size, reader->bytes_remaining); + memcpy(reader->output_buffer, bytes, bytes_to_write); + reader->output_buffer += bytes_to_write; + bytes_processed += bytes_to_write; + reader->bytes_remaining -= bytes_to_write; + reader->output_bytes_read += bytes_to_write; + *bytes_size = bytes_processed; + return true; +} + +size_t alts_get_output_bytes_read(alts_frame_reader* reader) { + return reader->output_bytes_read; +} + +unsigned char* alts_get_output_buffer(alts_frame_reader* reader) { + return reader->output_buffer; +} + +void alts_destroy_frame_reader(alts_frame_reader* reader) { gpr_free(reader); } diff --git a/src/core/tsi/alts/frame_protector/frame_handler.h b/src/core/tsi/alts/frame_protector/frame_handler.h new file mode 100644 index 0000000000..a703ff40d3 --- /dev/null +++ b/src/core/tsi/alts/frame_protector/frame_handler.h @@ -0,0 +1,236 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_FRAME_HANDLER_H +#define GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_FRAME_HANDLER_H + +#include <grpc/support/port_platform.h> + +#include <stdbool.h> +#include <stdlib.h> + +const size_t kFrameMessageType = 0x06; +const size_t kFrameLengthFieldSize = 4; +const size_t kFrameMessageTypeFieldSize = 4; +const size_t kFrameMaxSize = 1024 * 1024; +const size_t kFrameHeaderSize = + kFrameLengthFieldSize + kFrameMessageTypeFieldSize; + +/** + * Implementation of frame reader and frame writer. All APIs in the + * header are thread-compatible. + */ + +/** + * Main struct for a frame writer. It reads frames from an input buffer, and + * writes the contents as raw bytes. It does not own the input buffer. + */ +typedef struct alts_frame_writer { + const unsigned char* input_buffer; + unsigned char header_buffer[kFrameHeaderSize]; + size_t input_bytes_written; + size_t header_bytes_written; + size_t input_size; +} alts_frame_writer; + +/** + * Main struct for a frame reader. It reads raw bytes and puts the framed + * result into an output buffer. It does not own the output buffer. + */ +typedef struct alts_frame_reader { + unsigned char* output_buffer; + unsigned char header_buffer[kFrameHeaderSize]; + size_t header_bytes_read; + size_t output_bytes_read; + size_t bytes_remaining; +} alts_frame_reader; + +/** + * This method creates a frame writer instance and initializes its internal + * states. + */ +alts_frame_writer* alts_create_frame_writer(); + +/** + * This method resets internal states of a frame writer and prepares to write + * a single frame. It does not take ownership of payload_buffer. + * The payload_buffer must outlive the writer. + * + * - writer: a frame writer instance. + * - buffer: a buffer storing full payload data to be framed. + * - length: size of payload data. + * + * The method returns true on success and false otherwise. + */ +bool alts_reset_frame_writer(alts_frame_writer* writer, + const unsigned char* buffer, size_t length); + +/** + * This method writes up to bytes_size bytes of a frame to output. + * + * - writer: a frame writer instance. + * - output: an output buffer used to store the frame. + * - bytes_size: an in/out parameter that stores the size of output buffer + * before the call, and gets written the number of frame bytes written to the + * buffer. + * + * The method returns true on success and false otherwise. + */ +bool alts_write_frame_bytes(alts_frame_writer* writer, unsigned char* output, + size_t* bytes_size); + +/** + * This method checks if a reset can be called to write a new frame. It returns + * true if it's the first time to frame a payload, or the current frame has + * been finished processing. It returns false if it's not ready yet to start a + * new frame (e.g., more payload data needs to be accumulated to process the + * current frame). + * + * if (alts_is_frame_writer_done(writer)) { + * // a new frame can be written, call reset. + * alts_reset_frame_writer(writer, payload_buffer, payload_size); + * } else { + * // accumulate more payload data until a full frame can be written. + * } + * + * - writer: a frame writer instance. + */ +bool alts_is_frame_writer_done(alts_frame_writer* writer); + +/** + * This method returns the number of bytes left to write before a complete frame + * is formed. + * + * - writer: a frame writer instance. + */ +size_t alts_get_num_writer_bytes_remaining(alts_frame_writer* writer); + +/** + * This method destroys a frame writer instance. + * + * - writer: a frame writer instance. + */ +void alts_destroy_frame_writer(alts_frame_writer* writer); + +/** + * This method creates a frame reader instance and initializes its internal + * states. + */ +alts_frame_reader* alts_create_frame_reader(); + +/** + * This method resets internal states of a frame reader (including setting its + * output_buffer with buffer), and prepares to write processed bytes to + * an output_buffer. It does not take ownership of buffer. The buffer must + * outlive reader. + * + * - reader: a frame reader instance. + * - buffer: an output buffer used to store deframed results. + * + * The method returns true on success and false otherwise. + */ +bool alts_reset_frame_reader(alts_frame_reader* reader, unsigned char* buffer); + +/** + * This method processes up to the number of bytes given in bytes_size. It may + * choose not to process all the bytes, if, for instance, more bytes are + * given to the method than required to complete the current frame. + * + * - reader: a frame reader instance. + * - bytes: a buffer that stores data to be processed. + * - bytes_size: an in/out parameter that stores the size of bytes before the + * call and gets written the number of bytes processed. + * + * The method returns true on success and false otherwise. + */ +bool alts_read_frame_bytes(alts_frame_reader* reader, + const unsigned char* bytes, size_t* bytes_size); + +/** + * This method checks if a frame length has been read. + * + * - reader: a frame reader instance. + * + * The method returns true if a frame length has been read and false otherwise. + */ +bool alts_has_read_frame_length(alts_frame_reader* reader); + +/** + * This method returns the number of bytes the frame reader intends to write. + * It may only be called if alts_has_read_frame_length() returns true. + * + * - reader: a frame reader instance. + */ +size_t alts_get_reader_bytes_remaining(alts_frame_reader* reader); + +/** + * This method resets output_buffer but does not otherwise modify other internal + * states of a frame reader instance. After being set, the new output_buffer + * will hold the deframed payload held by the original output_buffer. It does + * not take ownership of buffer. The buffer must outlive the reader. + * To distinguish between two reset methods on a frame reader, + * + * if (alts_fh_is_frame_reader_done(reader)) { + * // if buffer contains a full payload to be deframed, call reset. + * alts_reset_frame_reader(reader, buffer); + * } + * + * // if remaining buffer space is not enough to hold a full payload + * if (buffer_space_remaining < alts_get_reader_bytes_remaining(reader)) { + * // allocate enough space for a new buffer, copy back data processed so far, + * // and call reset. + * alts_reset_reader_output_buffer(reader, new_buffer). + * } + * + * - reader: a frame reader instance. + * - buffer: a buffer used to set reader's output_buffer. + */ +void alts_reset_reader_output_buffer(alts_frame_reader* reader, + unsigned char* buffer); + +/** + * This method checks if reset can be called to start processing a new frame. + * If true and reset was previously called, a full frame has been processed and + * the content of the frame is available in output_buffer. + + * - reader: a frame reader instance. + */ +bool alts_is_frame_reader_done(alts_frame_reader* reader); + +/** + * This method returns output_bytes_read of a frame reader instance. + * + * - reader: a frame reader instance. + */ +size_t alts_get_output_bytes_read(alts_frame_reader* reader); + +/** + * This method returns output_buffer of a frame reader instance. + * + * - reader: a frame reader instance. + */ +unsigned char* alts_get_output_buffer(alts_frame_reader* reader); + +/** + * This method destroys a frame reader instance. + * + * - reader: a frame reader instance. + */ +void alts_destroy_frame_reader(alts_frame_reader* reader); + +#endif /* GRPC_CORE_TSI_ALTS_FRAME_PROTECTOR_FRAME_HANDLER_H */ diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_client.cc b/src/core/tsi/alts/handshaker/alts_handshaker_client.cc new file mode 100644 index 0000000000..40f30e41ca --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_handshaker_client.cc @@ -0,0 +1,316 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h" + +#include <grpc/byte_buffer.h> +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h" + +const int kHandshakerClientOpNum = 4; + +typedef struct alts_grpc_handshaker_client { + alts_handshaker_client base; + grpc_call* call; + alts_grpc_caller grpc_caller; +} alts_grpc_handshaker_client; + +static grpc_call_error grpc_start_batch(grpc_call* call, const grpc_op* ops, + size_t nops, void* tag) { + return grpc_call_start_batch(call, ops, nops, tag, nullptr); +} + +/** + * Populate grpc operation data with the fields of ALTS TSI event and make a + * grpc call. + */ +static tsi_result make_grpc_call(alts_handshaker_client* client, + alts_tsi_event* event, bool is_start) { + GPR_ASSERT(client != nullptr && event != nullptr); + alts_grpc_handshaker_client* grpc_client = + reinterpret_cast<alts_grpc_handshaker_client*>(client); + grpc_op ops[kHandshakerClientOpNum]; + memset(ops, 0, sizeof(ops)); + grpc_op* op = ops; + if (is_start) { + op->op = GRPC_OP_SEND_INITIAL_METADATA; + op->data.send_initial_metadata.count = 0; + op++; + GPR_ASSERT(op - ops <= kHandshakerClientOpNum); + op->op = GRPC_OP_RECV_INITIAL_METADATA; + op->data.recv_initial_metadata.recv_initial_metadata = + &event->initial_metadata; + op++; + GPR_ASSERT(op - ops <= kHandshakerClientOpNum); + } + op->op = GRPC_OP_SEND_MESSAGE; + op->data.send_message.send_message = event->send_buffer; + op++; + GPR_ASSERT(op - ops <= kHandshakerClientOpNum); + op->op = GRPC_OP_RECV_MESSAGE; + op->data.recv_message.recv_message = &event->recv_buffer; + op++; + GPR_ASSERT(op - ops <= kHandshakerClientOpNum); + GPR_ASSERT(grpc_client->grpc_caller != nullptr); + if (grpc_client->grpc_caller(grpc_client->call, ops, + static_cast<size_t>(op - ops), + (void*)event) != GRPC_CALL_OK) { + gpr_log(GPR_ERROR, "Start batch operation failed"); + return TSI_INTERNAL_ERROR; + } + return TSI_OK; +} + +/* Create and populate a client_start handshaker request, then serialize it. */ +static grpc_byte_buffer* get_serialized_start_client(alts_tsi_event* event) { + bool ok = true; + grpc_gcp_handshaker_req* req = + grpc_gcp_handshaker_req_create(CLIENT_START_REQ); + ok &= grpc_gcp_handshaker_req_set_handshake_protocol( + req, grpc_gcp_HandshakeProtocol_ALTS); + ok &= grpc_gcp_handshaker_req_add_application_protocol( + req, ALTS_APPLICATION_PROTOCOL); + ok &= grpc_gcp_handshaker_req_add_record_protocol(req, ALTS_RECORD_PROTOCOL); + grpc_gcp_rpc_protocol_versions* versions = &event->options->rpc_versions; + ok &= grpc_gcp_handshaker_req_set_rpc_versions( + req, versions->max_rpc_version.major, versions->max_rpc_version.minor, + versions->min_rpc_version.major, versions->min_rpc_version.minor); + char* target_name = grpc_slice_to_c_string(event->target_name); + ok &= grpc_gcp_handshaker_req_set_target_name(req, target_name); + target_service_account* ptr = + (reinterpret_cast<grpc_alts_credentials_client_options*>(event->options)) + ->target_account_list_head; + while (ptr != nullptr) { + grpc_gcp_handshaker_req_add_target_identity_service_account(req, ptr->data); + ptr = ptr->next; + } + grpc_slice slice; + ok &= grpc_gcp_handshaker_req_encode(req, &slice); + grpc_byte_buffer* buffer = nullptr; + if (ok) { + buffer = grpc_raw_byte_buffer_create(&slice, 1 /* number of slices */); + } + grpc_slice_unref(slice); + gpr_free(target_name); + grpc_gcp_handshaker_req_destroy(req); + return buffer; +} + +static tsi_result handshaker_client_start_client(alts_handshaker_client* client, + alts_tsi_event* event) { + if (client == nullptr || event == nullptr) { + gpr_log(GPR_ERROR, + "Invalid arguments to alts_grpc_handshaker_client_start_client()"); + return TSI_INVALID_ARGUMENT; + } + grpc_byte_buffer* buffer = get_serialized_start_client(event); + if (buffer == nullptr) { + gpr_log(GPR_ERROR, "get_serialized_start_client() failed"); + return TSI_INTERNAL_ERROR; + } + event->send_buffer = buffer; + tsi_result result = make_grpc_call(client, event, true /* is_start */); + if (result != TSI_OK) { + gpr_log(GPR_ERROR, "make_grpc_call() failed"); + } + return result; +} + +/* Create and populate a start_server handshaker request, then serialize it. */ +static grpc_byte_buffer* get_serialized_start_server( + alts_tsi_event* event, grpc_slice* bytes_received) { + GPR_ASSERT(bytes_received != nullptr); + grpc_gcp_handshaker_req* req = + grpc_gcp_handshaker_req_create(SERVER_START_REQ); + bool ok = grpc_gcp_handshaker_req_add_application_protocol( + req, ALTS_APPLICATION_PROTOCOL); + ok &= grpc_gcp_handshaker_req_param_add_record_protocol( + req, grpc_gcp_HandshakeProtocol_ALTS, ALTS_RECORD_PROTOCOL); + ok &= grpc_gcp_handshaker_req_set_in_bytes( + req, reinterpret_cast<const char*> GRPC_SLICE_START_PTR(*bytes_received), + GRPC_SLICE_LENGTH(*bytes_received)); + grpc_gcp_rpc_protocol_versions* versions = &event->options->rpc_versions; + ok &= grpc_gcp_handshaker_req_set_rpc_versions( + req, versions->max_rpc_version.major, versions->max_rpc_version.minor, + versions->min_rpc_version.major, versions->min_rpc_version.minor); + grpc_slice req_slice; + ok &= grpc_gcp_handshaker_req_encode(req, &req_slice); + grpc_byte_buffer* buffer = nullptr; + if (ok) { + buffer = grpc_raw_byte_buffer_create(&req_slice, 1 /* number of slices */); + } + grpc_slice_unref(req_slice); + grpc_gcp_handshaker_req_destroy(req); + return buffer; +} + +static tsi_result handshaker_client_start_server(alts_handshaker_client* client, + alts_tsi_event* event, + grpc_slice* bytes_received) { + if (client == nullptr || event == nullptr || bytes_received == nullptr) { + gpr_log(GPR_ERROR, + "Invalid arguments to alts_grpc_handshaker_client_start_server()"); + return TSI_INVALID_ARGUMENT; + } + grpc_byte_buffer* buffer = get_serialized_start_server(event, bytes_received); + if (buffer == nullptr) { + gpr_log(GPR_ERROR, "get_serialized_start_server() failed"); + return TSI_INTERNAL_ERROR; + } + event->send_buffer = buffer; + tsi_result result = make_grpc_call(client, event, true /* is_start */); + if (result != TSI_OK) { + gpr_log(GPR_ERROR, "make_grpc_call() failed"); + } + return result; +} + +/* Create and populate a next handshaker request, then serialize it. */ +static grpc_byte_buffer* get_serialized_next(grpc_slice* bytes_received) { + GPR_ASSERT(bytes_received != nullptr); + grpc_gcp_handshaker_req* req = grpc_gcp_handshaker_req_create(NEXT_REQ); + bool ok = grpc_gcp_handshaker_req_set_in_bytes( + req, reinterpret_cast<const char*> GRPC_SLICE_START_PTR(*bytes_received), + GRPC_SLICE_LENGTH(*bytes_received)); + grpc_slice req_slice; + ok &= grpc_gcp_handshaker_req_encode(req, &req_slice); + grpc_byte_buffer* buffer = nullptr; + if (ok) { + buffer = grpc_raw_byte_buffer_create(&req_slice, 1 /* number of slices */); + } + grpc_slice_unref(req_slice); + grpc_gcp_handshaker_req_destroy(req); + return buffer; +} + +static tsi_result handshaker_client_next(alts_handshaker_client* client, + alts_tsi_event* event, + grpc_slice* bytes_received) { + if (client == nullptr || event == nullptr || bytes_received == nullptr) { + gpr_log(GPR_ERROR, + "Invalid arguments to alts_grpc_handshaker_client_next()"); + return TSI_INVALID_ARGUMENT; + } + grpc_byte_buffer* buffer = get_serialized_next(bytes_received); + if (buffer == nullptr) { + gpr_log(GPR_ERROR, "get_serialized_next() failed"); + return TSI_INTERNAL_ERROR; + } + event->send_buffer = buffer; + tsi_result result = make_grpc_call(client, event, false /* is_start */); + if (result != TSI_OK) { + gpr_log(GPR_ERROR, "make_grpc_call() failed"); + } + return result; +} + +static void handshaker_client_destruct(alts_handshaker_client* client) { + if (client == nullptr) { + return; + } + alts_grpc_handshaker_client* grpc_client = + reinterpret_cast<alts_grpc_handshaker_client*>(client); + grpc_call_unref(grpc_client->call); +} + +static const alts_handshaker_client_vtable vtable = { + handshaker_client_start_client, handshaker_client_start_server, + handshaker_client_next, handshaker_client_destruct}; + +alts_handshaker_client* alts_grpc_handshaker_client_create( + grpc_channel* channel, grpc_completion_queue* queue, + const char* handshaker_service_url) { + if (channel == nullptr || queue == nullptr || + handshaker_service_url == nullptr) { + gpr_log(GPR_ERROR, "Invalid arguments to alts_handshaker_client_create()"); + return nullptr; + } + alts_grpc_handshaker_client* client = + static_cast<alts_grpc_handshaker_client*>(gpr_zalloc(sizeof(*client))); + client->grpc_caller = grpc_start_batch; + grpc_slice slice = grpc_slice_from_copied_string(handshaker_service_url); + client->call = grpc_channel_create_call( + channel, nullptr, GRPC_PROPAGATE_DEFAULTS, queue, + grpc_slice_from_static_string(ALTS_SERVICE_METHOD), &slice, + gpr_inf_future(GPR_CLOCK_REALTIME), nullptr); + client->base.vtable = &vtable; + grpc_slice_unref(slice); + return &client->base; +} + +namespace grpc_core { +namespace internal { + +void alts_handshaker_client_set_grpc_caller_for_testing( + alts_handshaker_client* client, alts_grpc_caller caller) { + GPR_ASSERT(client != nullptr && caller != nullptr); + alts_grpc_handshaker_client* grpc_client = + reinterpret_cast<alts_grpc_handshaker_client*>(client); + grpc_client->grpc_caller = caller; +} + +} // namespace internal +} // namespace grpc_core + +tsi_result alts_handshaker_client_start_client(alts_handshaker_client* client, + alts_tsi_event* event) { + if (client != nullptr && client->vtable != nullptr && + client->vtable->client_start != nullptr) { + return client->vtable->client_start(client, event); + } + gpr_log(GPR_ERROR, + "client or client->vtable has not been initialized properly"); + return TSI_INVALID_ARGUMENT; +} + +tsi_result alts_handshaker_client_start_server(alts_handshaker_client* client, + alts_tsi_event* event, + grpc_slice* bytes_received) { + if (client != nullptr && client->vtable != nullptr && + client->vtable->server_start != nullptr) { + return client->vtable->server_start(client, event, bytes_received); + } + gpr_log(GPR_ERROR, + "client or client->vtable has not been initialized properly"); + return TSI_INVALID_ARGUMENT; +} + +tsi_result alts_handshaker_client_next(alts_handshaker_client* client, + alts_tsi_event* event, + grpc_slice* bytes_received) { + if (client != nullptr && client->vtable != nullptr && + client->vtable->next != nullptr) { + return client->vtable->next(client, event, bytes_received); + } + gpr_log(GPR_ERROR, + "client or client->vtable has not been initialized properly"); + return TSI_INVALID_ARGUMENT; +} + +void alts_handshaker_client_destroy(alts_handshaker_client* client) { + if (client != nullptr) { + if (client->vtable != nullptr && client->vtable->destruct != nullptr) { + client->vtable->destruct(client); + } + gpr_free(client); + } +} diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_client.h b/src/core/tsi/alts/handshaker/alts_handshaker_client.h new file mode 100644 index 0000000000..fb2d2cf68e --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_handshaker_client.h @@ -0,0 +1,137 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_CLIENT_H +#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_CLIENT_H + +#include <grpc/support/port_platform.h> + +#include <grpc/grpc.h> + +#include "src/core/tsi/alts/handshaker/alts_tsi_event.h" + +#define ALTS_SERVICE_METHOD "/grpc.gcp.HandshakerService/DoHandshake" +#define ALTS_APPLICATION_PROTOCOL "grpc" +#define ALTS_RECORD_PROTOCOL "ALTSRP_GCM_AES128_REKEY" + +const size_t kAltsAes128GcmRekeyKeyLength = 44; + +/** + * A ALTS handshaker client interface. It is used to communicate with + * ALTS handshaker service by scheduling a handshaker request that could be one + * of client_start, server_start, and next handshaker requests. All APIs in the + * header are thread-compatible. + */ +typedef struct alts_handshaker_client alts_handshaker_client; + +/* A function that makes the grpc call to the handshaker service. */ +typedef grpc_call_error (*alts_grpc_caller)(grpc_call* call, const grpc_op* ops, + size_t nops, void* tag); + +/* V-table for ALTS handshaker client operations. */ +typedef struct alts_handshaker_client_vtable { + tsi_result (*client_start)(alts_handshaker_client* client, + alts_tsi_event* event); + tsi_result (*server_start)(alts_handshaker_client* client, + alts_tsi_event* event, grpc_slice* bytes_received); + tsi_result (*next)(alts_handshaker_client* client, alts_tsi_event* event, + grpc_slice* bytes_received); + void (*destruct)(alts_handshaker_client* client); +} alts_handshaker_client_vtable; + +struct alts_handshaker_client { + const alts_handshaker_client_vtable* vtable; +}; + +/** + * This method schedules a client_start handshaker request to ALTS handshaker + * service. + * + * - client: ALTS handshaker client instance. + * - event: ALTS TSI event instance. + * + * It returns TSI_OK on success and an error status code on failure. + */ +tsi_result alts_handshaker_client_start_client(alts_handshaker_client* client, + alts_tsi_event* event); + +/** + * This method schedules a server_start handshaker request to ALTS handshaker + * service. + * + * - client: ALTS handshaker client instance. + * - event: ALTS TSI event instance. + * - bytes_received: bytes in out_frames returned from the peer's handshaker + * response. + * + * It returns TSI_OK on success and an error status code on failure. + */ +tsi_result alts_handshaker_client_start_server(alts_handshaker_client* client, + alts_tsi_event* event, + grpc_slice* bytes_received); + +/** + * This method schedules a next handshaker request to ALTS handshaker service. + * + * - client: ALTS handshaker client instance. + * - event: ALTS TSI event instance. + * - bytes_received: bytes in out_frames returned from the peer's handshaker + * response. + * + * It returns TSI_OK on success and an error status code on failure. + */ +tsi_result alts_handshaker_client_next(alts_handshaker_client* client, + alts_tsi_event* event, + grpc_slice* bytes_received); + +/** + * This method destroys a ALTS handshaker client. + * + * - client: a ALTS handshaker client instance. + */ +void alts_handshaker_client_destroy(alts_handshaker_client* client); + +/** + * This method creates a ALTS handshaker client. + * + * - channel: grpc channel to ALTS handshaker service. + * - queue: grpc completion queue. + * - handshaker_service_url: address of ALTS handshaker service in the format of + * "host:port". + * + * It returns the created ALTS handshaker client on success, and NULL on + * failure. + */ +alts_handshaker_client* alts_grpc_handshaker_client_create( + grpc_channel* channel, grpc_completion_queue* queue, + const char* handshaker_service_url); + +namespace grpc_core { +namespace internal { + +/** + * Unsafe, use for testing only. It allows the caller to change the way that + * GRPC calls are made to the handshaker service. + */ +void alts_handshaker_client_set_grpc_caller_for_testing( + alts_handshaker_client* client, alts_grpc_caller caller); + +} // namespace internal +} // namespace grpc_core + +#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_CLIENT_H */ diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc b/src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc new file mode 100644 index 0000000000..256e414ae4 --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc @@ -0,0 +1,520 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h" + +#include <stdio.h> +#include <stdlib.h> + +#include "src/core/tsi/alts/handshaker/transport_security_common_api.h" + +/* HandshakerReq */ +grpc_gcp_handshaker_req* grpc_gcp_handshaker_req_create( + grpc_gcp_handshaker_req_type type) { + grpc_gcp_handshaker_req* req = + static_cast<grpc_gcp_handshaker_req*>(gpr_zalloc(sizeof(*req))); + switch (type) { + case CLIENT_START_REQ: + req->has_client_start = true; + break; + case SERVER_START_REQ: + req->has_server_start = true; + break; + case NEXT_REQ: + req->has_next = true; + break; + } + return req; +} + +void grpc_gcp_handshaker_req_destroy(grpc_gcp_handshaker_req* req) { + if (req == nullptr) { + return; + } + if (req->has_client_start) { + /* Destroy client_start request. */ + destroy_repeated_field_list_identity( + static_cast<repeated_field*>(req->client_start.target_identities.arg)); + destroy_repeated_field_list_string(static_cast<repeated_field*>( + req->client_start.application_protocols.arg)); + destroy_repeated_field_list_string( + static_cast<repeated_field*>(req->client_start.record_protocols.arg)); + if (req->client_start.has_local_identity) { + destroy_slice(static_cast<grpc_slice*>( + req->client_start.local_identity.hostname.arg)); + destroy_slice(static_cast<grpc_slice*>( + req->client_start.local_identity.service_account.arg)); + } + if (req->client_start.has_local_endpoint) { + destroy_slice(static_cast<grpc_slice*>( + req->client_start.local_endpoint.ip_address.arg)); + } + if (req->client_start.has_remote_endpoint) { + destroy_slice(static_cast<grpc_slice*>( + req->client_start.remote_endpoint.ip_address.arg)); + } + destroy_slice(static_cast<grpc_slice*>(req->client_start.target_name.arg)); + } else if (req->has_server_start) { + /* Destroy server_start request. */ + size_t i = 0; + for (i = 0; i < req->server_start.handshake_parameters_count; i++) { + destroy_repeated_field_list_identity( + static_cast<repeated_field*>(req->server_start.handshake_parameters[i] + .value.local_identities.arg)); + destroy_repeated_field_list_string( + static_cast<repeated_field*>(req->server_start.handshake_parameters[i] + .value.record_protocols.arg)); + } + destroy_repeated_field_list_string(static_cast<repeated_field*>( + req->server_start.application_protocols.arg)); + if (req->server_start.has_local_endpoint) { + destroy_slice(static_cast<grpc_slice*>( + req->server_start.local_endpoint.ip_address.arg)); + } + if (req->server_start.has_remote_endpoint) { + destroy_slice(static_cast<grpc_slice*>( + req->server_start.remote_endpoint.ip_address.arg)); + } + destroy_slice(static_cast<grpc_slice*>(req->server_start.in_bytes.arg)); + } else { + /* Destroy next request. */ + destroy_slice(static_cast<grpc_slice*>(req->next.in_bytes.arg)); + } + gpr_free(req); +} + +bool grpc_gcp_handshaker_req_set_handshake_protocol( + grpc_gcp_handshaker_req* req, + grpc_gcp_handshake_protocol handshake_protocol) { + if (req == nullptr || !req->has_client_start) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_handshaker_req_set_handshake_protocol()."); + return false; + } + req->client_start.has_handshake_security_protocol = true; + req->client_start.handshake_security_protocol = handshake_protocol; + return true; +} + +bool grpc_gcp_handshaker_req_set_target_name(grpc_gcp_handshaker_req* req, + const char* target_name) { + if (req == nullptr || target_name == nullptr || !req->has_client_start) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_handshaker_req_set_target_name()."); + return false; + } + grpc_slice* slice = create_slice(target_name, strlen(target_name)); + req->client_start.target_name.arg = slice; + req->client_start.target_name.funcs.encode = encode_string_or_bytes_cb; + return true; +} + +bool grpc_gcp_handshaker_req_add_application_protocol( + grpc_gcp_handshaker_req* req, const char* application_protocol) { + if (req == nullptr || application_protocol == nullptr || req->has_next) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_handshaker_req_add_application_protocol()."); + return false; + } + grpc_slice* slice = + create_slice(application_protocol, strlen(application_protocol)); + if (req->has_client_start) { + add_repeated_field(reinterpret_cast<repeated_field**>( + &req->client_start.application_protocols.arg), + slice); + req->client_start.application_protocols.funcs.encode = + encode_repeated_string_cb; + } else { + add_repeated_field(reinterpret_cast<repeated_field**>( + &req->server_start.application_protocols.arg), + slice); + req->server_start.application_protocols.funcs.encode = + encode_repeated_string_cb; + } + return true; +} + +bool grpc_gcp_handshaker_req_add_record_protocol(grpc_gcp_handshaker_req* req, + const char* record_protocol) { + if (req == nullptr || record_protocol == nullptr || !req->has_client_start) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_handshaker_req_add_record_protocol()."); + return false; + } + grpc_slice* slice = create_slice(record_protocol, strlen(record_protocol)); + add_repeated_field(reinterpret_cast<repeated_field**>( + &req->client_start.record_protocols.arg), + slice); + req->client_start.record_protocols.funcs.encode = encode_repeated_string_cb; + return true; +} + +static void set_identity_hostname(grpc_gcp_identity* identity, + const char* hostname) { + grpc_slice* slice = create_slice(hostname, strlen(hostname)); + identity->hostname.arg = slice; + identity->hostname.funcs.encode = encode_string_or_bytes_cb; +} + +static void set_identity_service_account(grpc_gcp_identity* identity, + const char* service_account) { + grpc_slice* slice = create_slice(service_account, strlen(service_account)); + identity->service_account.arg = slice; + identity->service_account.funcs.encode = encode_string_or_bytes_cb; +} + +bool grpc_gcp_handshaker_req_add_target_identity_hostname( + grpc_gcp_handshaker_req* req, const char* hostname) { + if (req == nullptr || hostname == nullptr || !req->has_client_start) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_req_add_target_identity_hostname()."); + return false; + } + grpc_gcp_identity* target_identity = + static_cast<grpc_gcp_identity*>(gpr_zalloc(sizeof(*target_identity))); + set_identity_hostname(target_identity, hostname); + req->client_start.target_identities.funcs.encode = + encode_repeated_identity_cb; + add_repeated_field(reinterpret_cast<repeated_field**>( + &req->client_start.target_identities.arg), + target_identity); + return true; +} + +bool grpc_gcp_handshaker_req_add_target_identity_service_account( + grpc_gcp_handshaker_req* req, const char* service_account) { + if (req == nullptr || service_account == nullptr || !req->has_client_start) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_req_add_target_identity_service_account()."); + return false; + } + grpc_gcp_identity* target_identity = + static_cast<grpc_gcp_identity*>(gpr_zalloc(sizeof(*target_identity))); + set_identity_service_account(target_identity, service_account); + req->client_start.target_identities.funcs.encode = + encode_repeated_identity_cb; + add_repeated_field(reinterpret_cast<repeated_field**>( + &req->client_start.target_identities.arg), + target_identity); + return true; +} + +bool grpc_gcp_handshaker_req_set_local_identity_hostname( + grpc_gcp_handshaker_req* req, const char* hostname) { + if (req == nullptr || hostname == nullptr || !req->has_client_start) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_req_set_local_identity_hostname()."); + return false; + } + req->client_start.has_local_identity = true; + set_identity_hostname(&req->client_start.local_identity, hostname); + return true; +} + +bool grpc_gcp_handshaker_req_set_local_identity_service_account( + grpc_gcp_handshaker_req* req, const char* service_account) { + if (req == nullptr || service_account == nullptr || !req->has_client_start) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_req_set_local_identity_service_account()."); + return false; + } + req->client_start.has_local_identity = true; + set_identity_service_account(&req->client_start.local_identity, + service_account); + return true; +} + +static void set_endpoint(grpc_gcp_endpoint* endpoint, const char* ip_address, + size_t port, grpc_gcp_network_protocol protocol) { + grpc_slice* slice = create_slice(ip_address, strlen(ip_address)); + endpoint->ip_address.arg = slice; + endpoint->ip_address.funcs.encode = encode_string_or_bytes_cb; + endpoint->has_port = true; + endpoint->port = static_cast<int32_t>(port); + endpoint->has_protocol = true; + endpoint->protocol = protocol; +} + +bool grpc_gcp_handshaker_req_set_rpc_versions(grpc_gcp_handshaker_req* req, + uint32_t max_major, + uint32_t max_minor, + uint32_t min_major, + uint32_t min_minor) { + if (req == nullptr || req->has_next) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_handshaker_req_set_rpc_versions()."); + return false; + } + if (req->has_client_start) { + req->client_start.has_rpc_versions = true; + grpc_gcp_rpc_protocol_versions_set_max(&req->client_start.rpc_versions, + max_major, max_minor); + grpc_gcp_rpc_protocol_versions_set_min(&req->client_start.rpc_versions, + min_major, min_minor); + } else { + req->server_start.has_rpc_versions = true; + grpc_gcp_rpc_protocol_versions_set_max(&req->server_start.rpc_versions, + max_major, max_minor); + grpc_gcp_rpc_protocol_versions_set_min(&req->server_start.rpc_versions, + min_major, min_minor); + } + return true; +} + +bool grpc_gcp_handshaker_req_set_local_endpoint( + grpc_gcp_handshaker_req* req, const char* ip_address, size_t port, + grpc_gcp_network_protocol protocol) { + if (req == nullptr || ip_address == nullptr || port > 65535 || + req->has_next) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_handshaker_req_set_local_endpoint()."); + return false; + } + if (req->has_client_start) { + req->client_start.has_local_endpoint = true; + set_endpoint(&req->client_start.local_endpoint, ip_address, port, protocol); + } else { + req->server_start.has_local_endpoint = true; + set_endpoint(&req->server_start.local_endpoint, ip_address, port, protocol); + } + return true; +} + +bool grpc_gcp_handshaker_req_set_remote_endpoint( + grpc_gcp_handshaker_req* req, const char* ip_address, size_t port, + grpc_gcp_network_protocol protocol) { + if (req == nullptr || ip_address == nullptr || port > 65535 || + req->has_next) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_handshaker_req_set_remote_endpoint()."); + return false; + } + if (req->has_client_start) { + req->client_start.has_remote_endpoint = true; + set_endpoint(&req->client_start.remote_endpoint, ip_address, port, + protocol); + } else { + req->server_start.has_remote_endpoint = true; + set_endpoint(&req->server_start.remote_endpoint, ip_address, port, + protocol); + } + return true; +} + +bool grpc_gcp_handshaker_req_set_in_bytes(grpc_gcp_handshaker_req* req, + const char* in_bytes, size_t size) { + if (req == nullptr || in_bytes == nullptr || req->has_client_start) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_handshaker_req_set_in_bytes()."); + return false; + } + grpc_slice* slice = create_slice(in_bytes, size); + if (req->has_next) { + req->next.in_bytes.arg = slice; + req->next.in_bytes.funcs.encode = &encode_string_or_bytes_cb; + } else { + req->server_start.in_bytes.arg = slice; + req->server_start.in_bytes.funcs.encode = &encode_string_or_bytes_cb; + } + return true; +} + +static grpc_gcp_server_handshake_parameters* server_start_find_param( + grpc_gcp_handshaker_req* req, int32_t key) { + size_t i = 0; + for (i = 0; i < req->server_start.handshake_parameters_count; i++) { + if (req->server_start.handshake_parameters[i].key == key) { + return &req->server_start.handshake_parameters[i].value; + } + } + req->server_start + .handshake_parameters[req->server_start.handshake_parameters_count] + .has_key = true; + req->server_start + .handshake_parameters[req->server_start.handshake_parameters_count] + .has_value = true; + req->server_start + .handshake_parameters[req->server_start.handshake_parameters_count++] + .key = key; + return &req->server_start + .handshake_parameters + [req->server_start.handshake_parameters_count - 1] + .value; +} + +bool grpc_gcp_handshaker_req_param_add_record_protocol( + grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key, + const char* record_protocol) { + if (req == nullptr || record_protocol == nullptr || !req->has_server_start) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_handshaker_req_param_add_record_protocol()."); + return false; + } + grpc_gcp_server_handshake_parameters* param = + server_start_find_param(req, key); + grpc_slice* slice = create_slice(record_protocol, strlen(record_protocol)); + add_repeated_field( + reinterpret_cast<repeated_field**>(¶m->record_protocols.arg), slice); + param->record_protocols.funcs.encode = &encode_repeated_string_cb; + return true; +} + +bool grpc_gcp_handshaker_req_param_add_local_identity_hostname( + grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key, + const char* hostname) { + if (req == nullptr || hostname == nullptr || !req->has_server_start) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_handshaker_req_param_add_local_identity_hostname()."); + return false; + } + grpc_gcp_server_handshake_parameters* param = + server_start_find_param(req, key); + grpc_gcp_identity* local_identity = + static_cast<grpc_gcp_identity*>(gpr_zalloc(sizeof(*local_identity))); + set_identity_hostname(local_identity, hostname); + add_repeated_field( + reinterpret_cast<repeated_field**>(¶m->local_identities.arg), + local_identity); + param->local_identities.funcs.encode = &encode_repeated_identity_cb; + return true; +} + +bool grpc_gcp_handshaker_req_param_add_local_identity_service_account( + grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key, + const char* service_account) { + if (req == nullptr || service_account == nullptr || !req->has_server_start) { + gpr_log( + GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_handshaker_req_param_add_local_identity_service_account()."); + return false; + } + grpc_gcp_server_handshake_parameters* param = + server_start_find_param(req, key); + grpc_gcp_identity* local_identity = + static_cast<grpc_gcp_identity*>(gpr_zalloc(sizeof(*local_identity))); + set_identity_service_account(local_identity, service_account); + add_repeated_field( + reinterpret_cast<repeated_field**>(¶m->local_identities.arg), + local_identity); + param->local_identities.funcs.encode = &encode_repeated_identity_cb; + return true; +} + +bool grpc_gcp_handshaker_req_encode(grpc_gcp_handshaker_req* req, + grpc_slice* slice) { + if (req == nullptr || slice == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to grpc_gcp_handshaker_req_encode()."); + return false; + } + pb_ostream_t size_stream; + memset(&size_stream, 0, sizeof(pb_ostream_t)); + if (!pb_encode(&size_stream, grpc_gcp_HandshakerReq_fields, req)) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&size_stream)); + return false; + } + size_t encoded_length = size_stream.bytes_written; + *slice = grpc_slice_malloc(encoded_length); + pb_ostream_t output_stream = + pb_ostream_from_buffer(GRPC_SLICE_START_PTR(*slice), encoded_length); + if (!pb_encode(&output_stream, grpc_gcp_HandshakerReq_fields, req) != 0) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&output_stream)); + return false; + } + return true; +} + +/* HandshakerResp. */ +grpc_gcp_handshaker_resp* grpc_gcp_handshaker_resp_create(void) { + grpc_gcp_handshaker_resp* resp = + static_cast<grpc_gcp_handshaker_resp*>(gpr_zalloc(sizeof(*resp))); + return resp; +} + +void grpc_gcp_handshaker_resp_destroy(grpc_gcp_handshaker_resp* resp) { + if (resp != nullptr) { + destroy_slice(static_cast<grpc_slice*>(resp->out_frames.arg)); + if (resp->has_status) { + destroy_slice(static_cast<grpc_slice*>(resp->status.details.arg)); + } + if (resp->has_result) { + destroy_slice( + static_cast<grpc_slice*>(resp->result.application_protocol.arg)); + destroy_slice(static_cast<grpc_slice*>(resp->result.record_protocol.arg)); + destroy_slice(static_cast<grpc_slice*>(resp->result.key_data.arg)); + if (resp->result.has_local_identity) { + destroy_slice( + static_cast<grpc_slice*>(resp->result.local_identity.hostname.arg)); + destroy_slice(static_cast<grpc_slice*>( + resp->result.local_identity.service_account.arg)); + } + if (resp->result.has_peer_identity) { + destroy_slice( + static_cast<grpc_slice*>(resp->result.peer_identity.hostname.arg)); + destroy_slice(static_cast<grpc_slice*>( + resp->result.peer_identity.service_account.arg)); + } + } + gpr_free(resp); + } +} + +bool grpc_gcp_handshaker_resp_decode(grpc_slice encoded_handshaker_resp, + grpc_gcp_handshaker_resp* resp) { + if (resp == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr argument to grpc_gcp_handshaker_resp_decode()."); + return false; + } + pb_istream_t stream = + pb_istream_from_buffer(GRPC_SLICE_START_PTR(encoded_handshaker_resp), + GRPC_SLICE_LENGTH(encoded_handshaker_resp)); + resp->out_frames.funcs.decode = decode_string_or_bytes_cb; + resp->status.details.funcs.decode = decode_string_or_bytes_cb; + resp->result.application_protocol.funcs.decode = decode_string_or_bytes_cb; + resp->result.record_protocol.funcs.decode = decode_string_or_bytes_cb; + resp->result.key_data.funcs.decode = decode_string_or_bytes_cb; + resp->result.peer_identity.hostname.funcs.decode = decode_string_or_bytes_cb; + resp->result.peer_identity.service_account.funcs.decode = + decode_string_or_bytes_cb; + resp->result.local_identity.hostname.funcs.decode = decode_string_or_bytes_cb; + resp->result.local_identity.service_account.funcs.decode = + decode_string_or_bytes_cb; + if (!pb_decode(&stream, grpc_gcp_HandshakerResp_fields, resp)) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&stream)); + return false; + } + return true; +} diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_service_api.h b/src/core/tsi/alts/handshaker/alts_handshaker_service_api.h new file mode 100644 index 0000000000..5df56a86fa --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_handshaker_service_api.h @@ -0,0 +1,323 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_H +#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_H + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h" + +/** + * An implementation of nanopb thin wrapper used to set/get and + * serialize/de-serialize of ALTS handshake requests and responses. + * + * All APIs in the header are thread-compatible. A typical usage of this API at + * the client side is as follows: + * + * ----------------------------------------------------------------------------- + * // Create, populate, and serialize an ALTS client_start handshake request to + * // send to the server. + * grpc_gcp_handshaker_req* req = + * grpc_gcp_handshaker_req_create(CLIENT_START_REQ); + * grpc_gcp_handshaker_req_set_handshake_protocol( + req, grpc_gcp_HandshakeProtocol_ALTS); + * grpc_gcp_handshaker_req_add_application_protocol(req, "grpc"); + * grpc_gcp_handshaker_req_add_record_protocol(req, "ALTSRP_GCM_AES128"); + * grpc_slice client_slice; + * if (!grpc_gcp_handshaker_req_encode(req, &client_slice)) { + * fprintf(stderr, "ALTS handshake request encoding failed."; + * } + * + * // De-serialize a data stream received from the server, and store the result + * // at ALTS handshake response. + * grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create(); + * if (!grpc_gcp_handshaker_resp_decode(server_slice, resp)) { + * fprintf(stderr, "ALTS handshake response decoding failed."); + * } + * // To access a variable-length datatype field (i.e., pb_callback_t), + * // access its "arg" subfield (if it has been set). + * if (resp->out_frames.arg != nullptr) { + * grpc_slice* slice = resp->out_frames.arg; + * } + * // To access a fixed-length datatype field (i.e., not pb_calback_t), + * // access the field directly (if it has been set). + * if (resp->has_status && resp->status->has_code) { + * uint32_t code = resp->status->code; + * } + *------------------------------------------------------------------------------ + */ + +/** + * This method creates an ALTS handshake request. + * + * - type: an enum type value that can be either CLIENT_START_REQ, + * SERVER_START_REQ, or NEXT_REQ to indicate the created instance will be + * client_start, server_start, and next handshake request message + * respectively. + * + * The method returns a pointer to the created instance. + */ +grpc_gcp_handshaker_req* grpc_gcp_handshaker_req_create( + grpc_gcp_handshaker_req_type type); + +/** + * This method sets the value for handshake_security_protocol field of ALTS + * client_start handshake request. + * + * - req: an ALTS handshake request. + * - handshake_protocol: a enum type value representing the handshake security + * protocol. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_set_handshake_protocol( + grpc_gcp_handshaker_req* req, + grpc_gcp_handshake_protocol handshake_protocol); + +/** + * This method sets the value for target_name field of ALTS client_start + * handshake request. + * + * - req: an ALTS handshake request. + * - target_name: a target name to be set. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_set_target_name(grpc_gcp_handshaker_req* req, + const char* target_name); + +/** + * This method adds an application protocol supported by the server (or + * client) to ALTS server_start (or client_start) handshake request. + * + * - req: an ALTS handshake request. + * - application_protocol: an application protocol (e.g., grpc) to be added. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_add_application_protocol( + grpc_gcp_handshaker_req* req, const char* application_protocol); + +/** + * This method adds a record protocol supported by the client to ALTS + * client_start handshake request. + * + * - req: an ALTS handshake request. + * - record_protocol: a record protocol (e.g., ALTSRP_GCM_AES128) to be + * added. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_add_record_protocol(grpc_gcp_handshaker_req* req, + const char* record_protocol); + +/** + * This method adds a target server identity represented as hostname and + * acceptable by a client to ALTS client_start handshake request. + * + * - req: an ALTS handshake request. + * - hostname: a string representation of hostname at the connection + * endpoint to be added. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_add_target_identity_hostname( + grpc_gcp_handshaker_req* req, const char* hostname); + +/** + * This method adds a target server identity represented as service account and + * acceptable by a client to ALTS client_start handshake request. + * + * - req: an ALTS handshake request. + * - service_account: a string representation of service account at the + * connection endpoint to be added. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_add_target_identity_service_account( + grpc_gcp_handshaker_req* req, const char* service_account); + +/** + * This method sets the hostname for local_identity field of ALTS client_start + * handshake request. + * + * - req: an ALTS handshake request. + * - hostname: a string representation of hostname. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_set_local_identity_hostname( + grpc_gcp_handshaker_req* req, const char* hostname); + +/** + * This method sets the service account for local_identity field of ALTS + * client_start handshake request. + * + * - req: an ALTS handshake request. + * - service_account: a string representation of service account. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_set_local_identity_service_account( + grpc_gcp_handshaker_req* req, const char* service_account); + +/** + * This method sets the value for local_endpoint field of either ALTS + * client_start or server_start handshake request. + * + * - req: an ALTS handshake request. + * - ip_address: a string representation of ip address associated with the + * local endpoint, that could be either IPv4 or IPv6. + * - port: a port number associated with the local endpoint. + * - protocol: a network protocol (e.g., TCP or UDP) associated with the + * local endpoint. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_set_local_endpoint( + grpc_gcp_handshaker_req* req, const char* ip_address, size_t port, + grpc_gcp_network_protocol protocol); + +/** + * This method sets the value for remote_endpoint field of either ALTS + * client_start or server_start handshake request. + * + * - req: an ALTS handshake request. + * - ip_address: a string representation of ip address associated with the + * remote endpoint, that could be either IPv4 or IPv6. + * - port: a port number associated with the remote endpoint. + * - protocol: a network protocol (e.g., TCP or UDP) associated with the + * remote endpoint. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_set_remote_endpoint( + grpc_gcp_handshaker_req* req, const char* ip_address, size_t port, + grpc_gcp_network_protocol protocol); + +/** + * This method sets the value for in_bytes field of either ALTS server_start or + * next handshake request. + * + * - req: an ALTS handshake request. + * - in_bytes: a buffer containing bytes taken from out_frames of the peer's + * ALTS handshake response. It is possible that the peer's out_frames are + * split into multiple handshake request messages. + * - size: size of in_bytes buffer. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_set_in_bytes(grpc_gcp_handshaker_req* req, + const char* in_bytes, size_t size); + +/** + * This method adds a record protocol to handshake parameters mapped by the + * handshake protocol for ALTS server_start handshake request. + * + * - req: an ALTS handshake request. + * - key: an enum type value representing a handshake security protocol. + * - record_protocol: a record protocol to be added. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_param_add_record_protocol( + grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key, + const char* record_protocol); + +/** + * This method adds a local identity represented as hostname to handshake + * parameters mapped by the handshake protocol for ALTS server_start handshake + * request. + * + * - req: an ALTS handshake request. + * - key: an enum type value representing a handshake security protocol. + * - hostname: a string representation of hostname to be added. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_param_add_local_identity_hostname( + grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key, + const char* hostname); + +/** + * This method adds a local identity represented as service account to handshake + * parameters mapped by the handshake protocol for ALTS server_start handshake + * request. + * + * - req: an ALTS handshake request. + * - key: an enum type value representing a handshake security protocol. + * - service_account: a string representation of service account to be added. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_param_add_local_identity_service_account( + grpc_gcp_handshaker_req* req, grpc_gcp_handshake_protocol key, + const char* service_account); + +/** + * This method sets the value for rpc_versions field of either ALTS + * client_start or server_start handshake request. + * + * - req: an ALTS handshake request. + * - max_major: a major version of maximum supported RPC version. + * - max_minor: a minor version of maximum supported RPC version. + * - min_major: a major version of minimum supported RPC version. + * - min_minor: a minor version of minimum supported RPC version. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_set_rpc_versions(grpc_gcp_handshaker_req* req, + uint32_t max_major, + uint32_t max_minor, + uint32_t min_major, + uint32_t min_minor); + +/** + * This method serializes an ALTS handshake request and returns a data stream. + * + * - req: an ALTS handshake request. + * - slice: a data stream where the serialized result will be written. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_req_encode(grpc_gcp_handshaker_req* req, + grpc_slice* slice); + +/* This method destroys an ALTS handshake request. */ +void grpc_gcp_handshaker_req_destroy(grpc_gcp_handshaker_req* req); + +/* This method creates an ALTS handshake response. */ +grpc_gcp_handshaker_resp* grpc_gcp_handshaker_resp_create(void); + +/** + * This method de-serializes a data stream and stores the result + * in an ALTS handshake response. + * + * - slice: a data stream containing a serialized ALTS handshake response. + * - resp: an ALTS handshake response used to hold de-serialized result. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_handshaker_resp_decode(grpc_slice slice, + grpc_gcp_handshaker_resp* resp); + +/* This method destroys an ALTS handshake response. */ +void grpc_gcp_handshaker_resp_destroy(grpc_gcp_handshaker_resp* resp); + +#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_H */ diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc b/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc new file mode 100644 index 0000000000..e0e4184686 --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc @@ -0,0 +1,143 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h" + +void add_repeated_field(repeated_field** head, const void* data) { + repeated_field* field = + static_cast<repeated_field*>(gpr_zalloc(sizeof(*field))); + field->data = data; + if (*head == nullptr) { + *head = field; + (*head)->next = nullptr; + } else { + field->next = *head; + *head = field; + } +} + +void destroy_repeated_field_list_identity(repeated_field* head) { + repeated_field* field = head; + while (field != nullptr) { + repeated_field* next_field = field->next; + const grpc_gcp_identity* identity = + static_cast<const grpc_gcp_identity*>(field->data); + destroy_slice(static_cast<grpc_slice*>(identity->hostname.arg)); + destroy_slice(static_cast<grpc_slice*>(identity->service_account.arg)); + gpr_free((void*)identity); + gpr_free(field); + field = next_field; + } +} + +void destroy_repeated_field_list_string(repeated_field* head) { + repeated_field* field = head; + while (field != nullptr) { + repeated_field* next_field = field->next; + destroy_slice((grpc_slice*)field->data); + gpr_free(field); + field = next_field; + } +} + +grpc_slice* create_slice(const char* data, size_t size) { + grpc_slice slice = grpc_slice_from_copied_buffer(data, size); + grpc_slice* cb_slice = + static_cast<grpc_slice*>(gpr_zalloc(sizeof(*cb_slice))); + memcpy(cb_slice, &slice, sizeof(*cb_slice)); + return cb_slice; +} + +void destroy_slice(grpc_slice* slice) { + if (slice != nullptr) { + grpc_slice_unref(*slice); + gpr_free(slice); + } +} + +bool encode_string_or_bytes_cb(pb_ostream_t* stream, const pb_field_t* field, + void* const* arg) { + grpc_slice* slice = static_cast<grpc_slice*>(*arg); + if (!pb_encode_tag_for_field(stream, field)) return false; + return pb_encode_string(stream, GRPC_SLICE_START_PTR(*slice), + GRPC_SLICE_LENGTH(*slice)); +} + +bool encode_repeated_identity_cb(pb_ostream_t* stream, const pb_field_t* field, + void* const* arg) { + repeated_field* var = static_cast<repeated_field*>(*arg); + while (var != nullptr) { + if (!pb_encode_tag_for_field(stream, field)) return false; + if (!pb_encode_submessage(stream, grpc_gcp_Identity_fields, + (grpc_gcp_identity*)var->data)) + return false; + var = var->next; + } + return true; +} + +bool encode_repeated_string_cb(pb_ostream_t* stream, const pb_field_t* field, + void* const* arg) { + repeated_field* var = static_cast<repeated_field*>(*arg); + while (var != nullptr) { + if (!pb_encode_tag_for_field(stream, field)) return false; + const grpc_slice* slice = static_cast<const grpc_slice*>(var->data); + if (!pb_encode_string(stream, GRPC_SLICE_START_PTR(*slice), + GRPC_SLICE_LENGTH(*slice))) + return false; + var = var->next; + } + return true; +} + +bool decode_string_or_bytes_cb(pb_istream_t* stream, const pb_field_t* field, + void** arg) { + grpc_slice slice = grpc_slice_malloc(stream->bytes_left); + grpc_slice* cb_slice = + static_cast<grpc_slice*>(gpr_zalloc(sizeof(*cb_slice))); + memcpy(cb_slice, &slice, sizeof(*cb_slice)); + if (!pb_read(stream, GRPC_SLICE_START_PTR(*cb_slice), stream->bytes_left)) + return false; + *arg = cb_slice; + return true; +} + +bool decode_repeated_identity_cb(pb_istream_t* stream, const pb_field_t* field, + void** arg) { + grpc_gcp_identity* identity = + static_cast<grpc_gcp_identity*>(gpr_zalloc(sizeof(*identity))); + identity->hostname.funcs.decode = decode_string_or_bytes_cb; + identity->service_account.funcs.decode = decode_string_or_bytes_cb; + add_repeated_field(reinterpret_cast<repeated_field**>(arg), identity); + if (!pb_decode(stream, grpc_gcp_Identity_fields, identity)) return false; + return true; +} + +bool decode_repeated_string_cb(pb_istream_t* stream, const pb_field_t* field, + void** arg) { + grpc_slice slice = grpc_slice_malloc(stream->bytes_left); + grpc_slice* cb_slice = + static_cast<grpc_slice*>(gpr_zalloc(sizeof(*cb_slice))); + memcpy(cb_slice, &slice, sizeof(grpc_slice)); + if (!pb_read(stream, GRPC_SLICE_START_PTR(*cb_slice), stream->bytes_left)) + return false; + add_repeated_field(reinterpret_cast<repeated_field**>(arg), cb_slice); + return true; +} diff --git a/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h b/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h new file mode 100644 index 0000000000..8fe8f73f8b --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h @@ -0,0 +1,149 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_UTIL_H +#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_UTIL_H + +#include <grpc/support/port_platform.h> + +#include "third_party/nanopb/pb_decode.h" +#include "third_party/nanopb/pb_encode.h" + +#include <grpc/slice.h> +#include <grpc/slice_buffer.h> +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/tsi/alts/handshaker/handshaker.pb.h" + +/** + * An implementation of utility functions used to serialize/ + * de-serialize ALTS handshake requests/responses. All APIs in the header + * are thread-compatible. + */ + +/* Renaming of message/field structs generated by nanopb compiler. */ +typedef grpc_gcp_HandshakeProtocol grpc_gcp_handshake_protocol; +typedef grpc_gcp_NetworkProtocol grpc_gcp_network_protocol; +typedef grpc_gcp_Identity grpc_gcp_identity; +typedef grpc_gcp_NextHandshakeMessageReq grpc_gcp_next_handshake_message_req; +typedef grpc_gcp_ServerHandshakeParameters grpc_gcp_server_handshake_parameters; +typedef grpc_gcp_Endpoint grpc_gcp_endpoint; +typedef grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry + grpc_gcp_handshake_parameters_entry; +typedef grpc_gcp_StartClientHandshakeReq grpc_gcp_start_client_handshake_req; +typedef grpc_gcp_StartServerHandshakeReq grpc_gcp_start_server_handshake_req; +typedef grpc_gcp_HandshakerReq grpc_gcp_handshaker_req; +typedef grpc_gcp_HandshakerResult grpc_gcp_handshaker_result; +typedef grpc_gcp_HandshakerStatus grpc_gcp_handshaker_status; +typedef grpc_gcp_HandshakerResp grpc_gcp_handshaker_resp; + +typedef enum { + CLIENT_START_REQ = 0, /* StartClientHandshakeReq. */ + SERVER_START_REQ = 1, /* StartServerHandshakeReq. */ + NEXT_REQ = 2, /* NextHandshakeMessageReq. */ +} grpc_gcp_handshaker_req_type; + +/** + * A struct representing a repeated field. The struct is used to organize all + * instances of a specific repeated field into a linked list, which then will + * be used at encode/decode phase. For instance at the encode phase, the encode + * function will iterate through the list, encode each field, and then output + * the result to the stream. + */ +typedef struct repeated_field_ { + struct repeated_field_* next; + const void* data; +} repeated_field; + +/** + * This method adds a repeated field to the head of repeated field list. + * + * - head: a head of repeated field list. + * - field: a repeated field to be added to the list. + */ +void add_repeated_field(repeated_field** head, const void* field); + +/** + * This method destroys a repeated field list that consists of string type + * fields. + * + * - head: a head of repeated field list. + */ +void destroy_repeated_field_list_string(repeated_field* head); + +/** + * This method destroys a repeated field list that consists of + * grpc_gcp_identity type fields. + * + * - head: a head of repeated field list. + */ +void destroy_repeated_field_list_identity(repeated_field* head); + +/** + * This method creates a grpc_slice instance by copying a data buffer. It is + * similar to grpc_slice_from_copied_buffer() except that it returns an instance + * allocated from the heap. + * + * - data: a data buffer to be copied to grpc_slice instance. + * - size: size of data buffer. + */ +grpc_slice* create_slice(const char* data, size_t size); + +/* This method destroys a grpc_slice instance. */ +void destroy_slice(grpc_slice* slice); + +/** + * The following encode/decode functions will be assigned to encode/decode + * function pointers of pb_callback_t struct (defined in + * //third_party/nanopb/pb.h), that represent a repeated field with a dynamic + * length (e.g., a string type or repeated field). + */ + +/* This method is an encode callback function for a string or byte array. */ +bool encode_string_or_bytes_cb(pb_ostream_t* stream, const pb_field_t* field, + void* const* arg); + +/** + * This method is an encode callback function for a repeated grpc_gcp_identity + * field. + */ +bool encode_repeated_identity_cb(pb_ostream_t* stream, const pb_field_t* field, + void* const* arg); + +/* This method is an encode callback function for a repeated string field. */ +bool encode_repeated_string_cb(pb_ostream_t* stream, const pb_field_t* field, + void* const* arg); + +/** + * This method is a decode callback function for a string or byte array field. + */ +bool decode_string_or_bytes_cb(pb_istream_t* stream, const pb_field_t* field, + void** arg); +/** + * This method is a decode callback function for a repeated grpc_gcp_identity + * field. + */ +bool decode_repeated_identity_cb(pb_istream_t* stream, const pb_field_t* field, + void** arg); + +/* This method is a decode callback function for a repeated string field. */ +bool decode_repeated_string_cb(pb_istream_t* stream, const pb_field_t* field, + void** arg); + +#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_UTIL_H */ diff --git a/src/core/tsi/alts/handshaker/alts_tsi_event.cc b/src/core/tsi/alts/handshaker/alts_tsi_event.cc new file mode 100644 index 0000000000..ec0bf12b95 --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_tsi_event.cc @@ -0,0 +1,73 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/handshaker/alts_tsi_event.h" + +#include <grpc/grpc.h> +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +tsi_result alts_tsi_event_create(alts_tsi_handshaker* handshaker, + tsi_handshaker_on_next_done_cb cb, + void* user_data, + grpc_alts_credentials_options* options, + grpc_slice target_name, + alts_tsi_event** event) { + if (event == nullptr || handshaker == nullptr || cb == nullptr) { + gpr_log(GPR_ERROR, "Invalid arguments to alts_tsi_event_create()"); + return TSI_INVALID_ARGUMENT; + } + alts_tsi_event* e = static_cast<alts_tsi_event*>(gpr_zalloc(sizeof(*e))); + e->handshaker = handshaker; + e->cb = cb; + e->user_data = user_data; + e->options = grpc_alts_credentials_options_copy(options); + e->target_name = grpc_slice_copy(target_name); + grpc_metadata_array_init(&e->initial_metadata); + grpc_metadata_array_init(&e->trailing_metadata); + *event = e; + return TSI_OK; +} + +void alts_tsi_event_dispatch_to_handshaker(alts_tsi_event* event, bool is_ok) { + if (event == nullptr) { + gpr_log( + GPR_ERROR, + "ALTS TSI event is nullptr in alts_tsi_event_dispatch_to_handshaker()"); + return; + } + alts_tsi_handshaker_handle_response(event->handshaker, event->recv_buffer, + event->status, &event->details, event->cb, + event->user_data, is_ok); +} + +void alts_tsi_event_destroy(alts_tsi_event* event) { + if (event == nullptr) { + return; + } + grpc_byte_buffer_destroy(event->send_buffer); + grpc_byte_buffer_destroy(event->recv_buffer); + grpc_metadata_array_destroy(&event->initial_metadata); + grpc_metadata_array_destroy(&event->trailing_metadata); + grpc_slice_unref(event->details); + grpc_slice_unref(event->target_name); + grpc_alts_credentials_options_destroy(event->options); + gpr_free(event); +} diff --git a/src/core/tsi/alts/handshaker/alts_tsi_event.h b/src/core/tsi/alts/handshaker/alts_tsi_event.h new file mode 100644 index 0000000000..043e75d4a9 --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_tsi_event.h @@ -0,0 +1,93 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_EVENT_H +#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_EVENT_H + +#include <grpc/support/port_platform.h> + +#include <grpc/byte_buffer.h> +#include <grpc/byte_buffer_reader.h> + +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" +#include "src/core/tsi/transport_security_interface.h" + +/** + * A ALTS TSI event interface. In asynchronous implementation of + * tsi_handshaker_next(), the function will exit after scheduling a handshaker + * request to ALTS handshaker service without waiting for response to return. + * The event is used to link the scheduled handshaker request with the + * corresponding response so that enough context information can be inferred + * from it to handle the response. All APIs in the header are thread-compatible. + */ + +/** + * Main struct for ALTS TSI event. It retains ownership on send_buffer and + * recv_buffer, but not on handshaker. + */ +typedef struct alts_tsi_event { + alts_tsi_handshaker* handshaker; + grpc_byte_buffer* send_buffer; + grpc_byte_buffer* recv_buffer; + grpc_status_code status; + grpc_slice details; + grpc_metadata_array initial_metadata; + grpc_metadata_array trailing_metadata; + tsi_handshaker_on_next_done_cb cb; + void* user_data; + grpc_alts_credentials_options* options; + grpc_slice target_name; +} alts_tsi_event; + +/** + * This method creates a ALTS TSI event. + * + * - handshaker: ALTS TSI handshaker instance associated with the event to be + * created. The created event does not own the handshaker instance. + * - cb: callback function to be called when handling data received from ALTS + * handshaker service. + * - user_data: argument to callback function. + * - options: ALTS credentials options. + * - target_name: name of endpoint used for secure naming check. + * - event: address of ALTS TSI event instance to be returned from the method. + * + * It returns TSI_OK on success and an error status code on failure. + */ +tsi_result alts_tsi_event_create(alts_tsi_handshaker* handshaker, + tsi_handshaker_on_next_done_cb cb, + void* user_data, + grpc_alts_credentials_options* options, + grpc_slice target_name, + alts_tsi_event** event); + +/** + * This method dispatches a ALTS TSI event received from the handshaker service, + * and a boolean flag indicating if the event is valid to read to ALTS TSI + * handshaker to process. It is called by TSI thread. + * + * - event: ALTS TSI event instance. + * - is_ok: a boolean value indicating if the event is valid to read. + */ +void alts_tsi_event_dispatch_to_handshaker(alts_tsi_event* event, bool is_ok); + +/** + * This method destroys the ALTS TSI event. + */ +void alts_tsi_event_destroy(alts_tsi_event* event); + +#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_EVENT_H */ diff --git a/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc new file mode 100644 index 0000000000..529f2103c7 --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc @@ -0,0 +1,483 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> +#include <grpc/support/sync.h> +#include <grpc/support/thd_id.h> + +#include "src/core/lib/gpr/host_port.h" +#include "src/core/lib/gprpp/thd.h" +#include "src/core/tsi/alts/frame_protector/alts_frame_protector.h" +#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_utils.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h" +#include "src/core/tsi/alts_transport_security.h" + +#define TSI_ALTS_INITIAL_BUFFER_SIZE 256 + +static alts_shared_resource* kSharedResource = alts_get_shared_resource(); + +/* Main struct for ALTS TSI handshaker. */ +typedef struct alts_tsi_handshaker { + tsi_handshaker base; + alts_handshaker_client* client; + grpc_slice recv_bytes; + grpc_slice target_name; + unsigned char* buffer; + size_t buffer_size; + bool is_client; + bool has_sent_start_message; + grpc_alts_credentials_options* options; +} alts_tsi_handshaker; + +/* Main struct for ALTS TSI handshaker result. */ +typedef struct alts_tsi_handshaker_result { + tsi_handshaker_result base; + char* peer_identity; + char* key_data; + unsigned char* unused_bytes; + size_t unused_bytes_size; + grpc_slice rpc_versions; + bool is_client; +} alts_tsi_handshaker_result; + +static tsi_result handshaker_result_extract_peer( + const tsi_handshaker_result* self, tsi_peer* peer) { + if (self == nullptr || peer == nullptr) { + gpr_log(GPR_ERROR, "Invalid argument to handshaker_result_extract_peer()"); + return TSI_INVALID_ARGUMENT; + } + alts_tsi_handshaker_result* result = + reinterpret_cast<alts_tsi_handshaker_result*>( + const_cast<tsi_handshaker_result*>(self)); + GPR_ASSERT(kTsiAltsNumOfPeerProperties == 3); + tsi_result ok = tsi_construct_peer(kTsiAltsNumOfPeerProperties, peer); + int index = 0; + if (ok != TSI_OK) { + gpr_log(GPR_ERROR, "Failed to construct tsi peer"); + return ok; + } + GPR_ASSERT(&peer->properties[index] != nullptr); + ok = tsi_construct_string_peer_property_from_cstring( + TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE, + &peer->properties[index]); + if (ok != TSI_OK) { + tsi_peer_destruct(peer); + gpr_log(GPR_ERROR, "Failed to set tsi peer property"); + return ok; + } + index++; + GPR_ASSERT(&peer->properties[index] != nullptr); + ok = tsi_construct_string_peer_property_from_cstring( + TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, result->peer_identity, + &peer->properties[index]); + if (ok != TSI_OK) { + tsi_peer_destruct(peer); + gpr_log(GPR_ERROR, "Failed to set tsi peer property"); + } + index++; + GPR_ASSERT(&peer->properties[index] != nullptr); + ok = tsi_construct_string_peer_property( + TSI_ALTS_RPC_VERSIONS, + reinterpret_cast<char*>(GRPC_SLICE_START_PTR(result->rpc_versions)), + GRPC_SLICE_LENGTH(result->rpc_versions), &peer->properties[2]); + if (ok != TSI_OK) { + tsi_peer_destruct(peer); + gpr_log(GPR_ERROR, "Failed to set tsi peer property"); + } + GPR_ASSERT(++index == kTsiAltsNumOfPeerProperties); + return ok; +} + +static tsi_result handshaker_result_create_zero_copy_grpc_protector( + const tsi_handshaker_result* self, size_t* max_output_protected_frame_size, + tsi_zero_copy_grpc_protector** protector) { + if (self == nullptr || protector == nullptr) { + gpr_log(GPR_ERROR, + "Invalid arguments to create_zero_copy_grpc_protector()"); + return TSI_INVALID_ARGUMENT; + } + alts_tsi_handshaker_result* result = + reinterpret_cast<alts_tsi_handshaker_result*>( + const_cast<tsi_handshaker_result*>(self)); + tsi_result ok = alts_zero_copy_grpc_protector_create( + reinterpret_cast<const uint8_t*>(result->key_data), + kAltsAes128GcmRekeyKeyLength, /*is_rekey=*/true, result->is_client, + /*is_integrity_only=*/false, max_output_protected_frame_size, protector); + if (ok != TSI_OK) { + gpr_log(GPR_ERROR, "Failed to create zero-copy grpc protector"); + } + return ok; +} + +static tsi_result handshaker_result_create_frame_protector( + const tsi_handshaker_result* self, size_t* max_output_protected_frame_size, + tsi_frame_protector** protector) { + if (self == nullptr || protector == nullptr) { + gpr_log(GPR_ERROR, + "Invalid arguments to handshaker_result_create_frame_protector()"); + return TSI_INVALID_ARGUMENT; + } + alts_tsi_handshaker_result* result = + reinterpret_cast<alts_tsi_handshaker_result*>( + const_cast<tsi_handshaker_result*>(self)); + tsi_result ok = alts_create_frame_protector( + reinterpret_cast<const uint8_t*>(result->key_data), + kAltsAes128GcmRekeyKeyLength, result->is_client, /*is_rekey=*/true, + max_output_protected_frame_size, protector); + if (ok != TSI_OK) { + gpr_log(GPR_ERROR, "Failed to create frame protector"); + } + return ok; +} + +static tsi_result handshaker_result_get_unused_bytes( + const tsi_handshaker_result* self, const unsigned char** bytes, + size_t* bytes_size) { + if (self == nullptr || bytes == nullptr || bytes_size == nullptr) { + gpr_log(GPR_ERROR, + "Invalid arguments to handshaker_result_get_unused_bytes()"); + return TSI_INVALID_ARGUMENT; + } + alts_tsi_handshaker_result* result = + reinterpret_cast<alts_tsi_handshaker_result*>( + const_cast<tsi_handshaker_result*>(self)); + *bytes = result->unused_bytes; + *bytes_size = result->unused_bytes_size; + return TSI_OK; +} + +static void handshaker_result_destroy(tsi_handshaker_result* self) { + if (self == nullptr) { + return; + } + alts_tsi_handshaker_result* result = + reinterpret_cast<alts_tsi_handshaker_result*>( + const_cast<tsi_handshaker_result*>(self)); + gpr_free(result->peer_identity); + gpr_free(result->key_data); + gpr_free(result->unused_bytes); + grpc_slice_unref(result->rpc_versions); + gpr_free(result); +} + +static const tsi_handshaker_result_vtable result_vtable = { + handshaker_result_extract_peer, + handshaker_result_create_zero_copy_grpc_protector, + handshaker_result_create_frame_protector, + handshaker_result_get_unused_bytes, handshaker_result_destroy}; + +static tsi_result create_handshaker_result(grpc_gcp_handshaker_resp* resp, + bool is_client, + tsi_handshaker_result** self) { + if (self == nullptr || resp == nullptr) { + gpr_log(GPR_ERROR, "Invalid arguments to create_handshaker_result()"); + return TSI_INVALID_ARGUMENT; + } + grpc_slice* key = static_cast<grpc_slice*>(resp->result.key_data.arg); + GPR_ASSERT(key != nullptr); + grpc_slice* identity = + static_cast<grpc_slice*>(resp->result.peer_identity.service_account.arg); + if (identity == nullptr) { + gpr_log(GPR_ERROR, "Invalid service account"); + return TSI_FAILED_PRECONDITION; + } + if (GRPC_SLICE_LENGTH(*key) < kAltsAes128GcmRekeyKeyLength) { + gpr_log(GPR_ERROR, "Bad key length"); + return TSI_FAILED_PRECONDITION; + } + alts_tsi_handshaker_result* result = + static_cast<alts_tsi_handshaker_result*>(gpr_zalloc(sizeof(*result))); + result->key_data = + static_cast<char*>(gpr_zalloc(kAltsAes128GcmRekeyKeyLength)); + memcpy(result->key_data, GRPC_SLICE_START_PTR(*key), + kAltsAes128GcmRekeyKeyLength); + result->peer_identity = grpc_slice_to_c_string(*identity); + if (!resp->result.has_peer_rpc_versions) { + gpr_log(GPR_ERROR, "Peer does not set RPC protocol versions."); + return TSI_FAILED_PRECONDITION; + } + if (!grpc_gcp_rpc_protocol_versions_encode(&resp->result.peer_rpc_versions, + &result->rpc_versions)) { + gpr_log(GPR_ERROR, "Failed to serialize peer's RPC protocol versions."); + return TSI_FAILED_PRECONDITION; + } + result->is_client = is_client; + result->base.vtable = &result_vtable; + *self = &result->base; + return TSI_OK; +} + +static tsi_result handshaker_next( + tsi_handshaker* self, const unsigned char* received_bytes, + size_t received_bytes_size, const unsigned char** bytes_to_send, + size_t* bytes_to_send_size, tsi_handshaker_result** result, + tsi_handshaker_on_next_done_cb cb, void* user_data) { + if (self == nullptr || cb == nullptr) { + gpr_log(GPR_ERROR, "Invalid arguments to handshaker_next()"); + return TSI_INVALID_ARGUMENT; + } + alts_tsi_handshaker* handshaker = + reinterpret_cast<alts_tsi_handshaker*>(self); + tsi_result ok = TSI_OK; + alts_tsi_event* event = nullptr; + ok = alts_tsi_event_create(handshaker, cb, user_data, handshaker->options, + handshaker->target_name, &event); + if (ok != TSI_OK) { + gpr_log(GPR_ERROR, "Failed to create ALTS TSI event"); + return ok; + } + grpc_slice slice = (received_bytes == nullptr || received_bytes_size == 0) + ? grpc_empty_slice() + : grpc_slice_from_copied_buffer( + reinterpret_cast<const char*>(received_bytes), + received_bytes_size); + if (!handshaker->has_sent_start_message) { + ok = handshaker->is_client + ? alts_handshaker_client_start_client(handshaker->client, event) + : alts_handshaker_client_start_server(handshaker->client, event, + &slice); + handshaker->has_sent_start_message = true; + } else { + if (!GRPC_SLICE_IS_EMPTY(handshaker->recv_bytes)) { + grpc_slice_unref(handshaker->recv_bytes); + } + handshaker->recv_bytes = grpc_slice_ref(slice); + ok = alts_handshaker_client_next(handshaker->client, event, &slice); + } + grpc_slice_unref(slice); + if (ok != TSI_OK) { + gpr_log(GPR_ERROR, "Failed to schedule ALTS handshaker requests"); + return ok; + } + return TSI_ASYNC; +} + +static void handshaker_destroy(tsi_handshaker* self) { + if (self == nullptr) { + return; + } + alts_tsi_handshaker* handshaker = + reinterpret_cast<alts_tsi_handshaker*>(self); + alts_handshaker_client_destroy(handshaker->client); + grpc_slice_unref(handshaker->recv_bytes); + grpc_slice_unref(handshaker->target_name); + grpc_alts_credentials_options_destroy(handshaker->options); + gpr_free(handshaker->buffer); + gpr_free(handshaker); +} + +static const tsi_handshaker_vtable handshaker_vtable = { + nullptr, nullptr, nullptr, nullptr, nullptr, handshaker_destroy, + handshaker_next}; + +static void thread_worker(void* arg) { + while (true) { + grpc_event event = grpc_completion_queue_next( + kSharedResource->cq, gpr_inf_future(GPR_CLOCK_REALTIME), nullptr); + GPR_ASSERT(event.type != GRPC_QUEUE_TIMEOUT); + if (event.type == GRPC_QUEUE_SHUTDOWN) { + /* signal alts_tsi_shutdown() to destroy completion queue. */ + grpc_tsi_alts_signal_for_cq_destroy(); + break; + } + /* event.type == GRPC_OP_COMPLETE. */ + alts_tsi_event* alts_event = static_cast<alts_tsi_event*>(event.tag); + alts_tsi_event_dispatch_to_handshaker(alts_event, event.success); + alts_tsi_event_destroy(alts_event); + } +} + +static void init_shared_resources(const char* handshaker_service_url) { + GPR_ASSERT(handshaker_service_url != nullptr); + gpr_mu_lock(&kSharedResource->mu); + if (kSharedResource->channel == nullptr) { + gpr_cv_init(&kSharedResource->cv); + kSharedResource->channel = + grpc_insecure_channel_create(handshaker_service_url, nullptr, nullptr); + kSharedResource->cq = grpc_completion_queue_create_for_next(nullptr); + kSharedResource->thread = + grpc_core::Thread("alts_tsi_handshaker", &thread_worker, nullptr); + kSharedResource->thread.Start(); + } + gpr_mu_unlock(&kSharedResource->mu); +} + +tsi_result alts_tsi_handshaker_create( + const grpc_alts_credentials_options* options, const char* target_name, + const char* handshaker_service_url, bool is_client, tsi_handshaker** self) { + if (handshaker_service_url == nullptr || self == nullptr || + options == nullptr || (is_client && target_name == nullptr)) { + gpr_log(GPR_ERROR, "Invalid arguments to alts_tsi_handshaker_create()"); + return TSI_INVALID_ARGUMENT; + } + init_shared_resources(handshaker_service_url); + alts_handshaker_client* client = alts_grpc_handshaker_client_create( + kSharedResource->channel, kSharedResource->cq, handshaker_service_url); + if (client == nullptr) { + gpr_log(GPR_ERROR, "Failed to create ALTS handshaker client"); + return TSI_FAILED_PRECONDITION; + } + alts_tsi_handshaker* handshaker = + static_cast<alts_tsi_handshaker*>(gpr_zalloc(sizeof(*handshaker))); + handshaker->client = client; + handshaker->buffer_size = TSI_ALTS_INITIAL_BUFFER_SIZE; + handshaker->buffer = + static_cast<unsigned char*>(gpr_zalloc(handshaker->buffer_size)); + handshaker->is_client = is_client; + handshaker->has_sent_start_message = false; + handshaker->target_name = target_name == nullptr + ? grpc_empty_slice() + : grpc_slice_from_static_string(target_name); + handshaker->options = grpc_alts_credentials_options_copy(options); + handshaker->base.vtable = &handshaker_vtable; + *self = &handshaker->base; + return TSI_OK; +} + +static bool is_handshake_finished_properly(grpc_gcp_handshaker_resp* resp) { + GPR_ASSERT(resp != nullptr); + if (resp->has_result) { + return true; + } + return false; +} + +static void set_unused_bytes(tsi_handshaker_result* self, + grpc_slice* recv_bytes, size_t bytes_consumed) { + GPR_ASSERT(recv_bytes != nullptr && self != nullptr); + if (GRPC_SLICE_LENGTH(*recv_bytes) == bytes_consumed) { + return; + } + alts_tsi_handshaker_result* result = + reinterpret_cast<alts_tsi_handshaker_result*>(self); + result->unused_bytes_size = GRPC_SLICE_LENGTH(*recv_bytes) - bytes_consumed; + result->unused_bytes = + static_cast<unsigned char*>(gpr_zalloc(result->unused_bytes_size)); + memcpy(result->unused_bytes, + GRPC_SLICE_START_PTR(*recv_bytes) + bytes_consumed, + result->unused_bytes_size); +} + +void alts_tsi_handshaker_handle_response(alts_tsi_handshaker* handshaker, + grpc_byte_buffer* recv_buffer, + grpc_status_code status, + grpc_slice* details, + tsi_handshaker_on_next_done_cb cb, + void* user_data, bool is_ok) { + /* Invalid input check. */ + if (cb == nullptr) { + gpr_log(GPR_ERROR, + "cb is nullptr in alts_tsi_handshaker_handle_response()"); + return; + } + if (handshaker == nullptr || recv_buffer == nullptr) { + gpr_log(GPR_ERROR, + "Invalid arguments to alts_tsi_handshaker_handle_response()"); + cb(TSI_INTERNAL_ERROR, user_data, nullptr, 0, nullptr); + return; + } + /* Failed grpc call check. */ + if (!is_ok || status != GRPC_STATUS_OK) { + gpr_log(GPR_ERROR, "grpc call made to handshaker service failed"); + if (details != nullptr) { + char* error_details = grpc_slice_to_c_string(*details); + gpr_log(GPR_ERROR, "error details:%s", error_details); + gpr_free(error_details); + } + cb(TSI_INTERNAL_ERROR, user_data, nullptr, 0, nullptr); + return; + } + grpc_gcp_handshaker_resp* resp = + alts_tsi_utils_deserialize_response(recv_buffer); + /* Invalid handshaker response check. */ + if (resp == nullptr) { + gpr_log(GPR_ERROR, "alts_tsi_utils_deserialize_response() failed"); + cb(TSI_DATA_CORRUPTED, user_data, nullptr, 0, nullptr); + return; + } + grpc_slice* slice = static_cast<grpc_slice*>(resp->out_frames.arg); + unsigned char* bytes_to_send = nullptr; + size_t bytes_to_send_size = 0; + if (slice != nullptr) { + bytes_to_send_size = GRPC_SLICE_LENGTH(*slice); + while (bytes_to_send_size > handshaker->buffer_size) { + handshaker->buffer_size *= 2; + handshaker->buffer = static_cast<unsigned char*>( + gpr_realloc(handshaker->buffer, handshaker->buffer_size)); + } + memcpy(handshaker->buffer, GRPC_SLICE_START_PTR(*slice), + bytes_to_send_size); + bytes_to_send = handshaker->buffer; + } + tsi_handshaker_result* result = nullptr; + if (is_handshake_finished_properly(resp)) { + create_handshaker_result(resp, handshaker->is_client, &result); + set_unused_bytes(result, &handshaker->recv_bytes, resp->bytes_consumed); + } + grpc_status_code code = static_cast<grpc_status_code>(resp->status.code); + grpc_gcp_handshaker_resp_destroy(resp); + cb(alts_tsi_utils_convert_to_tsi_result(code), user_data, bytes_to_send, + bytes_to_send_size, result); +} + +namespace grpc_core { +namespace internal { + +bool alts_tsi_handshaker_get_has_sent_start_message_for_testing( + alts_tsi_handshaker* handshaker) { + GPR_ASSERT(handshaker != nullptr); + return handshaker->has_sent_start_message; +} + +bool alts_tsi_handshaker_get_is_client_for_testing( + alts_tsi_handshaker* handshaker) { + GPR_ASSERT(handshaker != nullptr); + return handshaker->is_client; +} + +void alts_tsi_handshaker_set_recv_bytes_for_testing( + alts_tsi_handshaker* handshaker, grpc_slice* slice) { + GPR_ASSERT(handshaker != nullptr && slice != nullptr); + handshaker->recv_bytes = grpc_slice_ref(*slice); +} + +grpc_slice alts_tsi_handshaker_get_recv_bytes_for_testing( + alts_tsi_handshaker* handshaker) { + GPR_ASSERT(handshaker != nullptr); + return handshaker->recv_bytes; +} + +void alts_tsi_handshaker_set_client_for_testing( + alts_tsi_handshaker* handshaker, alts_handshaker_client* client) { + GPR_ASSERT(handshaker != nullptr && client != nullptr); + alts_handshaker_client_destroy(handshaker->client); + handshaker->client = client; +} + +} // namespace internal +} // namespace grpc_core diff --git a/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h new file mode 100644 index 0000000000..227b30ce53 --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h @@ -0,0 +1,83 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_H +#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_H + +#include <grpc/support/port_platform.h> + +#include <grpc/grpc.h> + +#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h" +#include "src/core/tsi/alts_transport_security.h" +#include "src/core/tsi/transport_security.h" +#include "src/core/tsi/transport_security_interface.h" + +#define TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY "service_accont" +#define TSI_ALTS_CERTIFICATE_TYPE "ALTS" +#define TSI_ALTS_RPC_VERSIONS "rpc_versions" + +const size_t kTsiAltsNumOfPeerProperties = 3; + +/** + * Main struct for ALTS TSI handshaker. All APIs in the header are + * thread-comptabile. + */ +typedef struct alts_tsi_handshaker alts_tsi_handshaker; + +/** + * This method creates a ALTS TSI handshaker instance. + * + * - options: ALTS credentials options containing information passed from TSI + * caller (e.g., rpc protocol versions). + * - target_name: the name of the endpoint that the channel is connecting to, + * and will be used for secure naming check. + * - handshaker_service_url: address of ALTS handshaker service in the format of + * "host:port". + * - is_client: boolean value indicating if the handshaker is used at the client + * (is_client = true) or server (is_client = false) side. + * - self: address of ALTS TSI handshaker instance to be returned from the + * method. + * + * It returns TSI_OK on success and an error status code on failure. + */ +tsi_result alts_tsi_handshaker_create( + const grpc_alts_credentials_options* options, const char* target_name, + const char* handshaker_service_url, bool is_client, tsi_handshaker** self); + +/** + * This method handles handshaker response returned from ALTS handshaker + * service. + * + * - handshaker: ALTS TSI handshaker instance. + * - recv_buffer: buffer holding data received from the handshaker service. + * - status: status of the grpc call made to the handshaker service. + * - details: error details of the grpc call made to the handshaker service. + * - cb: callback function of ALTS TSI event. + * - user_data: argument of callback function. + * - is_ok: a boolean value indicating if the handshaker response is ok to read. + * + */ +void alts_tsi_handshaker_handle_response(alts_tsi_handshaker* handshaker, + grpc_byte_buffer* recv_buffer, + grpc_status_code status, + grpc_slice* details, + tsi_handshaker_on_next_done_cb cb, + void* user_data, bool is_ok); + +#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_H */ diff --git a/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h b/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h new file mode 100644 index 0000000000..9b7b9bb6b1 --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h @@ -0,0 +1,52 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_PRIVATE_H +#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_PRIVATE_H + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h" + +namespace grpc_core { +namespace internal { + +/** + * Unsafe, use for testing only. It allows the caller to change the way the + * ALTS TSI handshaker schedules handshaker requests. + */ +void alts_tsi_handshaker_set_client_for_testing(alts_tsi_handshaker* handshaker, + alts_handshaker_client* client); + +/* For testing only. */ +bool alts_tsi_handshaker_get_has_sent_start_message_for_testing( + alts_tsi_handshaker* handshaker); + +bool alts_tsi_handshaker_get_is_client_for_testing( + alts_tsi_handshaker* handshaker); + +void alts_tsi_handshaker_set_recv_bytes_for_testing( + alts_tsi_handshaker* handshaker, grpc_slice* slice); + +grpc_slice alts_tsi_handshaker_get_recv_bytes_for_testing( + alts_tsi_handshaker* handshaker); + +} // namespace internal +} // namespace grpc_core + +#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_HANDSHAKER_PRIVATE_H */ diff --git a/src/core/tsi/alts/handshaker/alts_tsi_utils.cc b/src/core/tsi/alts/handshaker/alts_tsi_utils.cc new file mode 100644 index 0000000000..d9b5e6c945 --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_tsi_utils.cc @@ -0,0 +1,58 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/handshaker/alts_tsi_utils.h" + +#include <grpc/byte_buffer_reader.h> + +tsi_result alts_tsi_utils_convert_to_tsi_result(grpc_status_code code) { + switch (code) { + case GRPC_STATUS_OK: + return TSI_OK; + case GRPC_STATUS_UNKNOWN: + return TSI_UNKNOWN_ERROR; + case GRPC_STATUS_INVALID_ARGUMENT: + return TSI_INVALID_ARGUMENT; + case GRPC_STATUS_NOT_FOUND: + return TSI_NOT_FOUND; + case GRPC_STATUS_INTERNAL: + return TSI_INTERNAL_ERROR; + default: + return TSI_UNKNOWN_ERROR; + } +} + +grpc_gcp_handshaker_resp* alts_tsi_utils_deserialize_response( + grpc_byte_buffer* resp_buffer) { + GPR_ASSERT(resp_buffer != nullptr); + grpc_byte_buffer_reader bbr; + grpc_byte_buffer_reader_init(&bbr, resp_buffer); + grpc_slice slice = grpc_byte_buffer_reader_readall(&bbr); + grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create(); + bool ok = grpc_gcp_handshaker_resp_decode(slice, resp); + grpc_slice_unref(slice); + grpc_byte_buffer_reader_destroy(&bbr); + if (!ok) { + grpc_gcp_handshaker_resp_destroy(resp); + gpr_log(GPR_ERROR, "grpc_gcp_handshaker_resp_decode() failed"); + return nullptr; + } + return resp; +} diff --git a/src/core/tsi/alts/handshaker/alts_tsi_utils.h b/src/core/tsi/alts/handshaker/alts_tsi_utils.h new file mode 100644 index 0000000000..9ef649de2b --- /dev/null +++ b/src/core/tsi/alts/handshaker/alts_tsi_utils.h @@ -0,0 +1,52 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_UTILS_H +#define GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_UTILS_H + +#include <grpc/support/port_platform.h> + +#include <grpc/byte_buffer.h> +#include <grpc/grpc.h> + +#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h" +#include "src/core/tsi/transport_security_interface.h" + +/** + * This method converts grpc_status_code code to the corresponding tsi_result + * code. + * + * - code: grpc_status_code code. + * + * It returns the converted tsi_result code. + */ +tsi_result alts_tsi_utils_convert_to_tsi_result(grpc_status_code code); + +/** + * This method deserializes a handshaker response returned from ALTS handshaker + * service. + * + * - bytes_received: data returned from ALTS handshaker service. + * + * It returns a deserialized handshaker response on success and nullptr on + * failure. + */ +grpc_gcp_handshaker_resp* alts_tsi_utils_deserialize_response( + grpc_byte_buffer* resp_buffer); + +#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_ALTS_TSI_UTILS_H */ diff --git a/src/core/tsi/alts/handshaker/altscontext.pb.c b/src/core/tsi/alts/handshaker/altscontext.pb.c new file mode 100644 index 0000000000..81a82f5992 --- /dev/null +++ b/src/core/tsi/alts/handshaker/altscontext.pb.c @@ -0,0 +1,48 @@ +/* Automatically generated nanopb constant definitions */ +/* Generated by nanopb-0.3.7-dev */ + +#include "src/core/tsi/alts/handshaker/altscontext.pb.h" + +/* @@protoc_insertion_point(includes) */ +#if PB_PROTO_HEADER_VERSION != 30 +#error Regenerate this file with the current version of nanopb generator. +#endif + + + +const pb_field_t grpc_gcp_AltsContext_fields[7] = { + PB_FIELD( 1, STRING , OPTIONAL, CALLBACK, FIRST, grpc_gcp_AltsContext, application_protocol, application_protocol, 0), + PB_FIELD( 2, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_AltsContext, record_protocol, application_protocol, 0), + PB_FIELD( 3, UENUM , OPTIONAL, STATIC , OTHER, grpc_gcp_AltsContext, security_level, record_protocol, 0), + PB_FIELD( 4, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_AltsContext, peer_service_account, security_level, 0), + PB_FIELD( 5, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_AltsContext, local_service_account, peer_service_account, 0), + PB_FIELD( 6, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_AltsContext, peer_rpc_versions, local_service_account, &grpc_gcp_RpcProtocolVersions_fields), + PB_LAST_FIELD +}; + + +/* Check that field information fits in pb_field_t */ +#if !defined(PB_FIELD_32BIT) +/* If you get an error here, it means that you need to define PB_FIELD_32BIT + * compile-time option. You can do that in pb.h or on compiler command line. + * + * The reason you need to do this is that some of your messages contain tag + * numbers or field sizes that are larger than what can fit in 8 or 16 bit + * field descriptors. + */ +PB_STATIC_ASSERT((pb_membersize(grpc_gcp_AltsContext, peer_rpc_versions) < 65536), YOU_MUST_DEFINE_PB_FIELD_32BIT_FOR_MESSAGES_grpc_gcp_AltsContext) +#endif + +#if !defined(PB_FIELD_16BIT) && !defined(PB_FIELD_32BIT) +/* If you get an error here, it means that you need to define PB_FIELD_16BIT + * compile-time option. You can do that in pb.h or on compiler command line. + * + * The reason you need to do this is that some of your messages contain tag + * numbers or field sizes that are larger than what can fit in the default + * 8 bit descriptors. + */ +PB_STATIC_ASSERT((pb_membersize(grpc_gcp_AltsContext, peer_rpc_versions) < 256), YOU_MUST_DEFINE_PB_FIELD_16BIT_FOR_MESSAGES_grpc_gcp_AltsContext) +#endif + + +/* @@protoc_insertion_point(eof) */ diff --git a/src/core/tsi/alts/handshaker/altscontext.pb.h b/src/core/tsi/alts/handshaker/altscontext.pb.h new file mode 100644 index 0000000000..3e72d7f678 --- /dev/null +++ b/src/core/tsi/alts/handshaker/altscontext.pb.h @@ -0,0 +1,64 @@ +/* Automatically generated nanopb header */ +/* Generated by nanopb-0.3.7-dev */ + +#ifndef PB_GRPC_GCP_ALTSCONTEXT_PB_H_INCLUDED +#define PB_GRPC_GCP_ALTSCONTEXT_PB_H_INCLUDED +#include "third_party/nanopb/pb.h" +#include "src/core/tsi/alts/handshaker/transport_security_common.pb.h" + +/* @@protoc_insertion_point(includes) */ +#if PB_PROTO_HEADER_VERSION != 30 +#error Regenerate this file with the current version of nanopb generator. +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/* Struct definitions */ +typedef struct _grpc_gcp_AltsContext { + pb_callback_t application_protocol; + pb_callback_t record_protocol; + bool has_security_level; + grpc_gcp_SecurityLevel security_level; + pb_callback_t peer_service_account; + pb_callback_t local_service_account; + bool has_peer_rpc_versions; + grpc_gcp_RpcProtocolVersions peer_rpc_versions; +/* @@protoc_insertion_point(struct:grpc_gcp_AltsContext) */ +} grpc_gcp_AltsContext; + +/* Default values for struct fields */ + +/* Initializer values for message structs */ +#define grpc_gcp_AltsContext_init_default {{{NULL}, NULL}, {{NULL}, NULL}, false, (grpc_gcp_SecurityLevel)0, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_RpcProtocolVersions_init_default} +#define grpc_gcp_AltsContext_init_zero {{{NULL}, NULL}, {{NULL}, NULL}, false, (grpc_gcp_SecurityLevel)0, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_RpcProtocolVersions_init_zero} + +/* Field tags (for use in manual encoding/decoding) */ +#define grpc_gcp_AltsContext_application_protocol_tag 1 +#define grpc_gcp_AltsContext_record_protocol_tag 2 +#define grpc_gcp_AltsContext_security_level_tag 3 +#define grpc_gcp_AltsContext_peer_service_account_tag 4 +#define grpc_gcp_AltsContext_local_service_account_tag 5 +#define grpc_gcp_AltsContext_peer_rpc_versions_tag 6 + +/* Struct field encoding specification for nanopb */ +extern const pb_field_t grpc_gcp_AltsContext_fields[7]; + +/* Maximum encoded size of messages (where known) */ +/* grpc_gcp_AltsContext_size depends on runtime parameters */ + +/* Message IDs (where set with "msgid" option) */ +#ifdef PB_MSGID + +#define ALTSCONTEXT_MESSAGES \ + + +#endif + +#ifdef __cplusplus +} /* extern "C" */ +#endif +/* @@protoc_insertion_point(eof) */ + +#endif diff --git a/src/core/tsi/alts/handshaker/handshaker.pb.c b/src/core/tsi/alts/handshaker/handshaker.pb.c new file mode 100644 index 0000000000..bd992dfa4a --- /dev/null +++ b/src/core/tsi/alts/handshaker/handshaker.pb.c @@ -0,0 +1,123 @@ +/* Automatically generated nanopb constant definitions */ +/* Generated by nanopb-0.3.7-dev */ + +#include "src/core/tsi/alts/handshaker/handshaker.pb.h" + +/* @@protoc_insertion_point(includes) */ +#if PB_PROTO_HEADER_VERSION != 30 +#error Regenerate this file with the current version of nanopb generator. +#endif + + + +const pb_field_t grpc_gcp_Endpoint_fields[4] = { + PB_FIELD( 1, STRING , OPTIONAL, CALLBACK, FIRST, grpc_gcp_Endpoint, ip_address, ip_address, 0), + PB_FIELD( 2, INT32 , OPTIONAL, STATIC , OTHER, grpc_gcp_Endpoint, port, ip_address, 0), + PB_FIELD( 3, UENUM , OPTIONAL, STATIC , OTHER, grpc_gcp_Endpoint, protocol, port, 0), + PB_LAST_FIELD +}; + +const pb_field_t grpc_gcp_Identity_fields[3] = { + PB_FIELD( 1, STRING , OPTIONAL, CALLBACK, FIRST, grpc_gcp_Identity, service_account, service_account, 0), + PB_FIELD( 2, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_Identity, hostname, service_account, 0), + PB_LAST_FIELD +}; + +const pb_field_t grpc_gcp_StartClientHandshakeReq_fields[10] = { + PB_FIELD( 1, UENUM , OPTIONAL, STATIC , FIRST, grpc_gcp_StartClientHandshakeReq, handshake_security_protocol, handshake_security_protocol, 0), + PB_FIELD( 2, STRING , REPEATED, CALLBACK, OTHER, grpc_gcp_StartClientHandshakeReq, application_protocols, handshake_security_protocol, 0), + PB_FIELD( 3, STRING , REPEATED, CALLBACK, OTHER, grpc_gcp_StartClientHandshakeReq, record_protocols, application_protocols, 0), + PB_FIELD( 4, MESSAGE , REPEATED, CALLBACK, OTHER, grpc_gcp_StartClientHandshakeReq, target_identities, record_protocols, &grpc_gcp_Identity_fields), + PB_FIELD( 5, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartClientHandshakeReq, local_identity, target_identities, &grpc_gcp_Identity_fields), + PB_FIELD( 6, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartClientHandshakeReq, local_endpoint, local_identity, &grpc_gcp_Endpoint_fields), + PB_FIELD( 7, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartClientHandshakeReq, remote_endpoint, local_endpoint, &grpc_gcp_Endpoint_fields), + PB_FIELD( 8, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_StartClientHandshakeReq, target_name, remote_endpoint, 0), + PB_FIELD( 9, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartClientHandshakeReq, rpc_versions, target_name, &grpc_gcp_RpcProtocolVersions_fields), + PB_LAST_FIELD +}; + +const pb_field_t grpc_gcp_ServerHandshakeParameters_fields[3] = { + PB_FIELD( 1, STRING , REPEATED, CALLBACK, FIRST, grpc_gcp_ServerHandshakeParameters, record_protocols, record_protocols, 0), + PB_FIELD( 2, MESSAGE , REPEATED, CALLBACK, OTHER, grpc_gcp_ServerHandshakeParameters, local_identities, record_protocols, &grpc_gcp_Identity_fields), + PB_LAST_FIELD +}; + +const pb_field_t grpc_gcp_StartServerHandshakeReq_fields[7] = { + PB_FIELD( 1, STRING , REPEATED, CALLBACK, FIRST, grpc_gcp_StartServerHandshakeReq, application_protocols, application_protocols, 0), + PB_FIELD( 2, MESSAGE , REPEATED, STATIC , OTHER, grpc_gcp_StartServerHandshakeReq, handshake_parameters, application_protocols, &grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_fields), + PB_FIELD( 3, BYTES , OPTIONAL, CALLBACK, OTHER, grpc_gcp_StartServerHandshakeReq, in_bytes, handshake_parameters, 0), + PB_FIELD( 4, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartServerHandshakeReq, local_endpoint, in_bytes, &grpc_gcp_Endpoint_fields), + PB_FIELD( 5, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartServerHandshakeReq, remote_endpoint, local_endpoint, &grpc_gcp_Endpoint_fields), + PB_FIELD( 6, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartServerHandshakeReq, rpc_versions, remote_endpoint, &grpc_gcp_RpcProtocolVersions_fields), + PB_LAST_FIELD +}; + +const pb_field_t grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_fields[3] = { + PB_FIELD( 1, INT32 , OPTIONAL, STATIC , FIRST, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry, key, key, 0), + PB_FIELD( 2, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry, value, key, &grpc_gcp_ServerHandshakeParameters_fields), + PB_LAST_FIELD +}; + +const pb_field_t grpc_gcp_NextHandshakeMessageReq_fields[2] = { + PB_FIELD( 1, BYTES , OPTIONAL, CALLBACK, FIRST, grpc_gcp_NextHandshakeMessageReq, in_bytes, in_bytes, 0), + PB_LAST_FIELD +}; + +const pb_field_t grpc_gcp_HandshakerReq_fields[4] = { + PB_FIELD( 1, MESSAGE , OPTIONAL, STATIC , FIRST, grpc_gcp_HandshakerReq, client_start, client_start, &grpc_gcp_StartClientHandshakeReq_fields), + PB_FIELD( 2, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerReq, server_start, client_start, &grpc_gcp_StartServerHandshakeReq_fields), + PB_FIELD( 3, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerReq, next, server_start, &grpc_gcp_NextHandshakeMessageReq_fields), + PB_LAST_FIELD +}; + +const pb_field_t grpc_gcp_HandshakerResult_fields[8] = { + PB_FIELD( 1, STRING , OPTIONAL, CALLBACK, FIRST, grpc_gcp_HandshakerResult, application_protocol, application_protocol, 0), + PB_FIELD( 2, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_HandshakerResult, record_protocol, application_protocol, 0), + PB_FIELD( 3, BYTES , OPTIONAL, CALLBACK, OTHER, grpc_gcp_HandshakerResult, key_data, record_protocol, 0), + PB_FIELD( 4, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResult, peer_identity, key_data, &grpc_gcp_Identity_fields), + PB_FIELD( 5, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResult, local_identity, peer_identity, &grpc_gcp_Identity_fields), + PB_FIELD( 6, BOOL , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResult, keep_channel_open, local_identity, 0), + PB_FIELD( 7, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResult, peer_rpc_versions, keep_channel_open, &grpc_gcp_RpcProtocolVersions_fields), + PB_LAST_FIELD +}; + +const pb_field_t grpc_gcp_HandshakerStatus_fields[3] = { + PB_FIELD( 1, UINT32 , OPTIONAL, STATIC , FIRST, grpc_gcp_HandshakerStatus, code, code, 0), + PB_FIELD( 2, STRING , OPTIONAL, CALLBACK, OTHER, grpc_gcp_HandshakerStatus, details, code, 0), + PB_LAST_FIELD +}; + +const pb_field_t grpc_gcp_HandshakerResp_fields[5] = { + PB_FIELD( 1, BYTES , OPTIONAL, CALLBACK, FIRST, grpc_gcp_HandshakerResp, out_frames, out_frames, 0), + PB_FIELD( 2, UINT32 , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResp, bytes_consumed, out_frames, 0), + PB_FIELD( 3, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResp, result, bytes_consumed, &grpc_gcp_HandshakerResult_fields), + PB_FIELD( 4, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_HandshakerResp, status, result, &grpc_gcp_HandshakerStatus_fields), + PB_LAST_FIELD +}; + + +/* Check that field information fits in pb_field_t */ +#if !defined(PB_FIELD_32BIT) +/* If you get an error here, it means that you need to define PB_FIELD_32BIT + * compile-time option. You can do that in pb.h or on compiler command line. + * + * The reason you need to do this is that some of your messages contain tag + * numbers or field sizes that are larger than what can fit in 8 or 16 bit + * field descriptors. + */ +PB_STATIC_ASSERT((pb_membersize(grpc_gcp_StartClientHandshakeReq, target_identities) < 65536 && pb_membersize(grpc_gcp_StartClientHandshakeReq, local_identity) < 65536 && pb_membersize(grpc_gcp_StartClientHandshakeReq, local_endpoint) < 65536 && pb_membersize(grpc_gcp_StartClientHandshakeReq, remote_endpoint) < 65536 && pb_membersize(grpc_gcp_StartClientHandshakeReq, rpc_versions) < 65536 && pb_membersize(grpc_gcp_ServerHandshakeParameters, local_identities) < 65536 && pb_membersize(grpc_gcp_StartServerHandshakeReq, handshake_parameters[0]) < 65536 && pb_membersize(grpc_gcp_StartServerHandshakeReq, local_endpoint) < 65536 && pb_membersize(grpc_gcp_StartServerHandshakeReq, remote_endpoint) < 65536 && pb_membersize(grpc_gcp_StartServerHandshakeReq, rpc_versions) < 65536 && pb_membersize(grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry, value) < 65536 && pb_membersize(grpc_gcp_HandshakerReq, client_start) < 65536 && pb_membersize(grpc_gcp_HandshakerReq, server_start) < 65536 && pb_membersize(grpc_gcp_HandshakerReq, next) < 65536 && pb_membersize(grpc_gcp_HandshakerResult, peer_identity) < 65536 && pb_membersize(grpc_gcp_HandshakerResult, local_identity) < 65536 && pb_membersize(grpc_gcp_HandshakerResult, peer_rpc_versions) < 65536 && pb_membersize(grpc_gcp_HandshakerResp, result) < 65536 && pb_membersize(grpc_gcp_HandshakerResp, status) < 65536), YOU_MUST_DEFINE_PB_FIELD_32BIT_FOR_MESSAGES_grpc_gcp_Endpoint_grpc_gcp_Identity_grpc_gcp_StartClientHandshakeReq_grpc_gcp_ServerHandshakeParameters_grpc_gcp_StartServerHandshakeReq_grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_grpc_gcp_NextHandshakeMessageReq_grpc_gcp_HandshakerReq_grpc_gcp_HandshakerResult_grpc_gcp_HandshakerStatus_grpc_gcp_HandshakerResp) +#endif + +#if !defined(PB_FIELD_16BIT) && !defined(PB_FIELD_32BIT) +/* If you get an error here, it means that you need to define PB_FIELD_16BIT + * compile-time option. You can do that in pb.h or on compiler command line. + * + * The reason you need to do this is that some of your messages contain tag + * numbers or field sizes that are larger than what can fit in the default + * 8 bit descriptors. + */ +PB_STATIC_ASSERT((pb_membersize(grpc_gcp_StartClientHandshakeReq, target_identities) < 256 && pb_membersize(grpc_gcp_StartClientHandshakeReq, local_identity) < 256 && pb_membersize(grpc_gcp_StartClientHandshakeReq, local_endpoint) < 256 && pb_membersize(grpc_gcp_StartClientHandshakeReq, remote_endpoint) < 256 && pb_membersize(grpc_gcp_StartClientHandshakeReq, rpc_versions) < 256 && pb_membersize(grpc_gcp_ServerHandshakeParameters, local_identities) < 256 && pb_membersize(grpc_gcp_StartServerHandshakeReq, handshake_parameters[0]) < 256 && pb_membersize(grpc_gcp_StartServerHandshakeReq, local_endpoint) < 256 && pb_membersize(grpc_gcp_StartServerHandshakeReq, remote_endpoint) < 256 && pb_membersize(grpc_gcp_StartServerHandshakeReq, rpc_versions) < 256 && pb_membersize(grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry, value) < 256 && pb_membersize(grpc_gcp_HandshakerReq, client_start) < 256 && pb_membersize(grpc_gcp_HandshakerReq, server_start) < 256 && pb_membersize(grpc_gcp_HandshakerReq, next) < 256 && pb_membersize(grpc_gcp_HandshakerResult, peer_identity) < 256 && pb_membersize(grpc_gcp_HandshakerResult, local_identity) < 256 && pb_membersize(grpc_gcp_HandshakerResult, peer_rpc_versions) < 256 && pb_membersize(grpc_gcp_HandshakerResp, result) < 256 && pb_membersize(grpc_gcp_HandshakerResp, status) < 256), YOU_MUST_DEFINE_PB_FIELD_16BIT_FOR_MESSAGES_grpc_gcp_Endpoint_grpc_gcp_Identity_grpc_gcp_StartClientHandshakeReq_grpc_gcp_ServerHandshakeParameters_grpc_gcp_StartServerHandshakeReq_grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_grpc_gcp_NextHandshakeMessageReq_grpc_gcp_HandshakerReq_grpc_gcp_HandshakerResult_grpc_gcp_HandshakerStatus_grpc_gcp_HandshakerResp) +#endif + + +/* @@protoc_insertion_point(eof) */ diff --git a/src/core/tsi/alts/handshaker/handshaker.pb.h b/src/core/tsi/alts/handshaker/handshaker.pb.h new file mode 100644 index 0000000000..0805a144de --- /dev/null +++ b/src/core/tsi/alts/handshaker/handshaker.pb.h @@ -0,0 +1,255 @@ +/* Automatically generated nanopb header */ +/* Generated by nanopb-0.3.7-dev */ + +#ifndef PB_GRPC_GCP_HANDSHAKER_PB_H_INCLUDED +#define PB_GRPC_GCP_HANDSHAKER_PB_H_INCLUDED +#include "third_party/nanopb/pb.h" +#include "src/core/tsi/alts/handshaker/transport_security_common.pb.h" + +/* @@protoc_insertion_point(includes) */ +#if PB_PROTO_HEADER_VERSION != 30 +#error Regenerate this file with the current version of nanopb generator. +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/* Enum definitions */ +typedef enum _grpc_gcp_HandshakeProtocol { + grpc_gcp_HandshakeProtocol_HANDSHAKE_PROTOCOL_UNSPECIFIED = 0, + grpc_gcp_HandshakeProtocol_TLS = 1, + grpc_gcp_HandshakeProtocol_ALTS = 2 +} grpc_gcp_HandshakeProtocol; +#define _grpc_gcp_HandshakeProtocol_MIN grpc_gcp_HandshakeProtocol_HANDSHAKE_PROTOCOL_UNSPECIFIED +#define _grpc_gcp_HandshakeProtocol_MAX grpc_gcp_HandshakeProtocol_ALTS +#define _grpc_gcp_HandshakeProtocol_ARRAYSIZE ((grpc_gcp_HandshakeProtocol)(grpc_gcp_HandshakeProtocol_ALTS+1)) + +typedef enum _grpc_gcp_NetworkProtocol { + grpc_gcp_NetworkProtocol_NETWORK_PROTOCOL_UNSPECIFIED = 0, + grpc_gcp_NetworkProtocol_TCP = 1, + grpc_gcp_NetworkProtocol_UDP = 2 +} grpc_gcp_NetworkProtocol; +#define _grpc_gcp_NetworkProtocol_MIN grpc_gcp_NetworkProtocol_NETWORK_PROTOCOL_UNSPECIFIED +#define _grpc_gcp_NetworkProtocol_MAX grpc_gcp_NetworkProtocol_UDP +#define _grpc_gcp_NetworkProtocol_ARRAYSIZE ((grpc_gcp_NetworkProtocol)(grpc_gcp_NetworkProtocol_UDP+1)) + +/* Struct definitions */ +typedef struct _grpc_gcp_Identity { + pb_callback_t service_account; + pb_callback_t hostname; +/* @@protoc_insertion_point(struct:grpc_gcp_Identity) */ +} grpc_gcp_Identity; + +typedef struct _grpc_gcp_NextHandshakeMessageReq { + pb_callback_t in_bytes; +/* @@protoc_insertion_point(struct:grpc_gcp_NextHandshakeMessageReq) */ +} grpc_gcp_NextHandshakeMessageReq; + +typedef struct _grpc_gcp_ServerHandshakeParameters { + pb_callback_t record_protocols; + pb_callback_t local_identities; +/* @@protoc_insertion_point(struct:grpc_gcp_ServerHandshakeParameters) */ +} grpc_gcp_ServerHandshakeParameters; + +typedef struct _grpc_gcp_Endpoint { + pb_callback_t ip_address; + bool has_port; + int32_t port; + bool has_protocol; + grpc_gcp_NetworkProtocol protocol; +/* @@protoc_insertion_point(struct:grpc_gcp_Endpoint) */ +} grpc_gcp_Endpoint; + +typedef struct _grpc_gcp_HandshakerResult { + pb_callback_t application_protocol; + pb_callback_t record_protocol; + pb_callback_t key_data; + bool has_peer_identity; + grpc_gcp_Identity peer_identity; + bool has_local_identity; + grpc_gcp_Identity local_identity; + bool has_keep_channel_open; + bool keep_channel_open; + bool has_peer_rpc_versions; + grpc_gcp_RpcProtocolVersions peer_rpc_versions; +/* @@protoc_insertion_point(struct:grpc_gcp_HandshakerResult) */ +} grpc_gcp_HandshakerResult; + +typedef struct _grpc_gcp_HandshakerStatus { + bool has_code; + uint32_t code; + pb_callback_t details; +/* @@protoc_insertion_point(struct:grpc_gcp_HandshakerStatus) */ +} grpc_gcp_HandshakerStatus; + +typedef struct _grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry { + bool has_key; + int32_t key; + bool has_value; + grpc_gcp_ServerHandshakeParameters value; +/* @@protoc_insertion_point(struct:grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry) */ +} grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry; + +typedef struct _grpc_gcp_HandshakerResp { + pb_callback_t out_frames; + bool has_bytes_consumed; + uint32_t bytes_consumed; + bool has_result; + grpc_gcp_HandshakerResult result; + bool has_status; + grpc_gcp_HandshakerStatus status; +/* @@protoc_insertion_point(struct:grpc_gcp_HandshakerResp) */ +} grpc_gcp_HandshakerResp; + +typedef struct _grpc_gcp_StartClientHandshakeReq { + bool has_handshake_security_protocol; + grpc_gcp_HandshakeProtocol handshake_security_protocol; + pb_callback_t application_protocols; + pb_callback_t record_protocols; + pb_callback_t target_identities; + bool has_local_identity; + grpc_gcp_Identity local_identity; + bool has_local_endpoint; + grpc_gcp_Endpoint local_endpoint; + bool has_remote_endpoint; + grpc_gcp_Endpoint remote_endpoint; + pb_callback_t target_name; + bool has_rpc_versions; + grpc_gcp_RpcProtocolVersions rpc_versions; +/* @@protoc_insertion_point(struct:grpc_gcp_StartClientHandshakeReq) */ +} grpc_gcp_StartClientHandshakeReq; + +typedef struct _grpc_gcp_StartServerHandshakeReq { + pb_callback_t application_protocols; + pb_size_t handshake_parameters_count; + grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry handshake_parameters[3]; + pb_callback_t in_bytes; + bool has_local_endpoint; + grpc_gcp_Endpoint local_endpoint; + bool has_remote_endpoint; + grpc_gcp_Endpoint remote_endpoint; + bool has_rpc_versions; + grpc_gcp_RpcProtocolVersions rpc_versions; +/* @@protoc_insertion_point(struct:grpc_gcp_StartServerHandshakeReq) */ +} grpc_gcp_StartServerHandshakeReq; + +typedef struct _grpc_gcp_HandshakerReq { + bool has_client_start; + grpc_gcp_StartClientHandshakeReq client_start; + bool has_server_start; + grpc_gcp_StartServerHandshakeReq server_start; + bool has_next; + grpc_gcp_NextHandshakeMessageReq next; +/* @@protoc_insertion_point(struct:grpc_gcp_HandshakerReq) */ +} grpc_gcp_HandshakerReq; + +/* Default values for struct fields */ + +/* Initializer values for message structs */ +#define grpc_gcp_Endpoint_init_default {{{NULL}, NULL}, false, 0, false, (grpc_gcp_NetworkProtocol)0} +#define grpc_gcp_Identity_init_default {{{NULL}, NULL}, {{NULL}, NULL}} +#define grpc_gcp_StartClientHandshakeReq_init_default {false, (grpc_gcp_HandshakeProtocol)0, {{NULL}, NULL}, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_Identity_init_default, false, grpc_gcp_Endpoint_init_default, false, grpc_gcp_Endpoint_init_default, {{NULL}, NULL}, false, grpc_gcp_RpcProtocolVersions_init_default} +#define grpc_gcp_ServerHandshakeParameters_init_default {{{NULL}, NULL}, {{NULL}, NULL}} +#define grpc_gcp_StartServerHandshakeReq_init_default {{{NULL}, NULL}, 0, {grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_default, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_default, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_default}, {{NULL}, NULL}, false, grpc_gcp_Endpoint_init_default, false, grpc_gcp_Endpoint_init_default, false, grpc_gcp_RpcProtocolVersions_init_default} +#define grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_default {false, 0, false, grpc_gcp_ServerHandshakeParameters_init_default} +#define grpc_gcp_NextHandshakeMessageReq_init_default {{{NULL}, NULL}} +#define grpc_gcp_HandshakerReq_init_default {false, grpc_gcp_StartClientHandshakeReq_init_default, false, grpc_gcp_StartServerHandshakeReq_init_default, false, grpc_gcp_NextHandshakeMessageReq_init_default} +#define grpc_gcp_HandshakerResult_init_default {{{NULL}, NULL}, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_Identity_init_default, false, grpc_gcp_Identity_init_default, false, 0, false, grpc_gcp_RpcProtocolVersions_init_default} +#define grpc_gcp_HandshakerStatus_init_default {false, 0, {{NULL}, NULL}} +#define grpc_gcp_HandshakerResp_init_default {{{NULL}, NULL}, false, 0, false, grpc_gcp_HandshakerResult_init_default, false, grpc_gcp_HandshakerStatus_init_default} +#define grpc_gcp_Endpoint_init_zero {{{NULL}, NULL}, false, 0, false, (grpc_gcp_NetworkProtocol)0} +#define grpc_gcp_Identity_init_zero {{{NULL}, NULL}, {{NULL}, NULL}} +#define grpc_gcp_StartClientHandshakeReq_init_zero {false, (grpc_gcp_HandshakeProtocol)0, {{NULL}, NULL}, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_Identity_init_zero, false, grpc_gcp_Endpoint_init_zero, false, grpc_gcp_Endpoint_init_zero, {{NULL}, NULL}, false, grpc_gcp_RpcProtocolVersions_init_zero} +#define grpc_gcp_ServerHandshakeParameters_init_zero {{{NULL}, NULL}, {{NULL}, NULL}} +#define grpc_gcp_StartServerHandshakeReq_init_zero {{{NULL}, NULL}, 0, {grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_zero, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_zero, grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_zero}, {{NULL}, NULL}, false, grpc_gcp_Endpoint_init_zero, false, grpc_gcp_Endpoint_init_zero, false, grpc_gcp_RpcProtocolVersions_init_zero} +#define grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_init_zero {false, 0, false, grpc_gcp_ServerHandshakeParameters_init_zero} +#define grpc_gcp_NextHandshakeMessageReq_init_zero {{{NULL}, NULL}} +#define grpc_gcp_HandshakerReq_init_zero {false, grpc_gcp_StartClientHandshakeReq_init_zero, false, grpc_gcp_StartServerHandshakeReq_init_zero, false, grpc_gcp_NextHandshakeMessageReq_init_zero} +#define grpc_gcp_HandshakerResult_init_zero {{{NULL}, NULL}, {{NULL}, NULL}, {{NULL}, NULL}, false, grpc_gcp_Identity_init_zero, false, grpc_gcp_Identity_init_zero, false, 0, false, grpc_gcp_RpcProtocolVersions_init_zero} +#define grpc_gcp_HandshakerStatus_init_zero {false, 0, {{NULL}, NULL}} +#define grpc_gcp_HandshakerResp_init_zero {{{NULL}, NULL}, false, 0, false, grpc_gcp_HandshakerResult_init_zero, false, grpc_gcp_HandshakerStatus_init_zero} + +/* Field tags (for use in manual encoding/decoding) */ +#define grpc_gcp_Identity_service_account_tag 1 +#define grpc_gcp_Identity_hostname_tag 2 +#define grpc_gcp_NextHandshakeMessageReq_in_bytes_tag 1 +#define grpc_gcp_ServerHandshakeParameters_record_protocols_tag 1 +#define grpc_gcp_ServerHandshakeParameters_local_identities_tag 2 +#define grpc_gcp_Endpoint_ip_address_tag 1 +#define grpc_gcp_Endpoint_port_tag 2 +#define grpc_gcp_Endpoint_protocol_tag 3 +#define grpc_gcp_HandshakerResult_application_protocol_tag 1 +#define grpc_gcp_HandshakerResult_record_protocol_tag 2 +#define grpc_gcp_HandshakerResult_key_data_tag 3 +#define grpc_gcp_HandshakerResult_peer_identity_tag 4 +#define grpc_gcp_HandshakerResult_local_identity_tag 5 +#define grpc_gcp_HandshakerResult_keep_channel_open_tag 6 +#define grpc_gcp_HandshakerResult_peer_rpc_versions_tag 7 +#define grpc_gcp_HandshakerStatus_code_tag 1 +#define grpc_gcp_HandshakerStatus_details_tag 2 +#define grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_key_tag 1 +#define grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_value_tag 2 +#define grpc_gcp_HandshakerResp_out_frames_tag 1 +#define grpc_gcp_HandshakerResp_bytes_consumed_tag 2 +#define grpc_gcp_HandshakerResp_result_tag 3 +#define grpc_gcp_HandshakerResp_status_tag 4 +#define grpc_gcp_StartClientHandshakeReq_handshake_security_protocol_tag 1 +#define grpc_gcp_StartClientHandshakeReq_application_protocols_tag 2 +#define grpc_gcp_StartClientHandshakeReq_record_protocols_tag 3 +#define grpc_gcp_StartClientHandshakeReq_target_identities_tag 4 +#define grpc_gcp_StartClientHandshakeReq_local_identity_tag 5 +#define grpc_gcp_StartClientHandshakeReq_local_endpoint_tag 6 +#define grpc_gcp_StartClientHandshakeReq_remote_endpoint_tag 7 +#define grpc_gcp_StartClientHandshakeReq_target_name_tag 8 +#define grpc_gcp_StartClientHandshakeReq_rpc_versions_tag 9 +#define grpc_gcp_StartServerHandshakeReq_application_protocols_tag 1 +#define grpc_gcp_StartServerHandshakeReq_handshake_parameters_tag 2 +#define grpc_gcp_StartServerHandshakeReq_in_bytes_tag 3 +#define grpc_gcp_StartServerHandshakeReq_local_endpoint_tag 4 +#define grpc_gcp_StartServerHandshakeReq_remote_endpoint_tag 5 +#define grpc_gcp_StartServerHandshakeReq_rpc_versions_tag 6 +#define grpc_gcp_HandshakerReq_client_start_tag 1 +#define grpc_gcp_HandshakerReq_server_start_tag 2 +#define grpc_gcp_HandshakerReq_next_tag 3 + +/* Struct field encoding specification for nanopb */ +extern const pb_field_t grpc_gcp_Endpoint_fields[4]; +extern const pb_field_t grpc_gcp_Identity_fields[3]; +extern const pb_field_t grpc_gcp_StartClientHandshakeReq_fields[10]; +extern const pb_field_t grpc_gcp_ServerHandshakeParameters_fields[3]; +extern const pb_field_t grpc_gcp_StartServerHandshakeReq_fields[7]; +extern const pb_field_t grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_fields[3]; +extern const pb_field_t grpc_gcp_NextHandshakeMessageReq_fields[2]; +extern const pb_field_t grpc_gcp_HandshakerReq_fields[4]; +extern const pb_field_t grpc_gcp_HandshakerResult_fields[8]; +extern const pb_field_t grpc_gcp_HandshakerStatus_fields[3]; +extern const pb_field_t grpc_gcp_HandshakerResp_fields[5]; + +/* Maximum encoded size of messages (where known) */ +/* grpc_gcp_Endpoint_size depends on runtime parameters */ +/* grpc_gcp_Identity_size depends on runtime parameters */ +/* grpc_gcp_StartClientHandshakeReq_size depends on runtime parameters */ +/* grpc_gcp_ServerHandshakeParameters_size depends on runtime parameters */ +/* grpc_gcp_StartServerHandshakeReq_size depends on runtime parameters */ +#define grpc_gcp_StartServerHandshakeReq_HandshakeParametersEntry_size (17 + grpc_gcp_ServerHandshakeParameters_size) +/* grpc_gcp_NextHandshakeMessageReq_size depends on runtime parameters */ +#define grpc_gcp_HandshakerReq_size (18 + grpc_gcp_StartClientHandshakeReq_size + grpc_gcp_StartServerHandshakeReq_size + grpc_gcp_NextHandshakeMessageReq_size) +/* grpc_gcp_HandshakerResult_size depends on runtime parameters */ +/* grpc_gcp_HandshakerStatus_size depends on runtime parameters */ +/* grpc_gcp_HandshakerResp_size depends on runtime parameters */ + +/* Message IDs (where set with "msgid" option) */ +#ifdef PB_MSGID + +#define HANDSHAKER_MESSAGES \ + + +#endif + +#ifdef __cplusplus +} /* extern "C" */ +#endif +/* @@protoc_insertion_point(eof) */ + +#endif diff --git a/src/core/tsi/alts/handshaker/proto/altscontext.proto b/src/core/tsi/alts/handshaker/proto/altscontext.proto new file mode 100644 index 0000000000..d195b37e08 --- /dev/null +++ b/src/core/tsi/alts/handshaker/proto/altscontext.proto @@ -0,0 +1,41 @@ +// Copyright 2018 gRPC authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +import "transport_security_common.proto"; + +package grpc.gcp; + +option java_package = "io.grpc.alts"; + +message AltsContext { + // The application protocol negotiated for this connection. + string application_protocol = 1; + + // The record protocol negotiated for this connection. + string record_protocol = 2; + + // The security level of the created secure channel. + SecurityLevel security_level = 3; + + // The peer service account. + string peer_service_account = 4; + + // The local service account. + string local_service_account = 5; + + // The RPC protocol versions supported by the peer. + RpcProtocolVersions peer_rpc_versions = 6; +} diff --git a/src/core/tsi/alts/handshaker/proto/handshaker.options b/src/core/tsi/alts/handshaker/proto/handshaker.options new file mode 100644 index 0000000000..702ba3802a --- /dev/null +++ b/src/core/tsi/alts/handshaker/proto/handshaker.options @@ -0,0 +1,2 @@ +handshaker.proto no_unions:true +grpc.gcp.StartServerHandshakeReq.handshake_parameters max_count:3 diff --git a/src/core/tsi/alts/handshaker/proto/handshaker.proto b/src/core/tsi/alts/handshaker/proto/handshaker.proto new file mode 100644 index 0000000000..46b8b09eb0 --- /dev/null +++ b/src/core/tsi/alts/handshaker/proto/handshaker.proto @@ -0,0 +1,220 @@ +// Copyright 2018 gRPC authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +import "transport_security_common.proto"; + +package grpc.gcp; + +option java_package = "io.grpc.alts"; + +enum HandshakeProtocol { + // Default value. + HANDSHAKE_PROTOCOL_UNSPECIFIED = 0; + + // TLS handshake protocol. + TLS = 1; + + // Application Layer Transport Security handshake protocol. + ALTS = 2; +} + +enum NetworkProtocol { + NETWORK_PROTOCOL_UNSPECIFIED = 0; + TCP = 1; + UDP = 2; +} + +message Endpoint { + // IP address. It should contain an IPv4 or IPv6 string literal, e.g. + // "192.168.0.1" or "2001:db8::1". + string ip_address = 1; + + // Port number. + int32 port = 2; + + // Network protocol (e.g., TCP, UDP) associated with this endpoint. + NetworkProtocol protocol = 3; +} + +message Identity { + oneof identity_oneof { + // Service account of a connection endpoint. + string service_account = 1; + + // Hostname of a connection endpoint. + string hostname = 2; + } +} + +message StartClientHandshakeReq { + // Handshake security protocol requested by the client. + HandshakeProtocol handshake_security_protocol = 1; + + // The application protocols supported by the client, e.g., "h2" (for http2), + // "grpc". + repeated string application_protocols = 2; + + // The record protocols supported by the client, e.g., + // "ALTSRP_GCM_AES128". + repeated string record_protocols = 3; + + // (Optional) Describes which server identities are acceptable by the client. + // If target identities are provided and none of them matches the peer + // identity of the server, handshake will fail. + repeated Identity target_identities = 4; + + // (Optional) Application may specify a local identity. Otherwise, the + // handshaker chooses a default local identity. + Identity local_identity = 5; + + // (Optional) Local endpoint information of the connection to the server, + // such as local IP address, port number, and network protocol. + Endpoint local_endpoint = 6; + + // (Optional) Endpoint information of the remote server, such as IP address, + // port number, and network protocool. + Endpoint remote_endpoint = 7; + + // (Optional) If target name is provided, a secure naming check is performed + // to verify that the peer authenticated identity is indeed authorized to run + // the target name. + string target_name = 8; + + // (Optional) RPC protocol versions supported by the client. + RpcProtocolVersions rpc_versions = 9; +} + +message ServerHandshakeParameters { + // The record protocols supported by the server, e.g., + // "ALTSRP_GCM_AES128". + repeated string record_protocols = 1; + + // (Optional) A list of local identities supported by the server, if + // specified. Otherwise, the handshaker chooses a default local identity. + repeated Identity local_identities = 2; +} + +message StartServerHandshakeReq { + // The application protocols supported by the server, e.g., "h2" (for http2), + // "grpc". + repeated string application_protocols = 1; + + // Handshake parameters (record protocols and local identities supported by + // the server) mapped by the handshake protocol. Each handshake security + // protocol (e.g., TLS or ALTS) has its own set of record protocols and local + // identities. Since protobuf does not support enum as key to the map, the key + // to handshake_parameters is the integer value of HandshakeProtocol enum. + map<int32, ServerHandshakeParameters> handshake_parameters = 2; + + // Bytes in out_frames returned from the peer's HandshakerResp. It is possible + // that the peer's out_frames are split into multiple HandshakReq messages. + bytes in_bytes = 3; + + // (Optional) Local endpoint information of the connection to the client, + // such as local IP address, port number, and network protocol. + Endpoint local_endpoint = 4; + + // (Optional) Endpoint information of the remote client, such as IP address, + // port number, and network protocool. + Endpoint remote_endpoint = 5; + + // (Optional) RPC protocol versions supported by the server. + RpcProtocolVersions rpc_versions = 6; +} + +message NextHandshakeMessageReq { + // Bytes in out_frames returned from the peer's HandshakerResp. It is possible + // that the peer's out_frames are split into multiple NextHandshakerMessageReq + // messages. + bytes in_bytes = 1; +} + +message HandshakerReq { + oneof req_oneof { + // The start client handshake request message. + StartClientHandshakeReq client_start = 1; + + // The start server handshake request message. + StartServerHandshakeReq server_start = 2; + + // The next handshake request message. + NextHandshakeMessageReq next = 3; + } +} + +message HandshakerResult { + // The application protocol negotiated for this connection. + string application_protocol = 1; + + // The record protocol negotiated for this connection. + string record_protocol = 2; + + // Cryptographic key data. The key data may be more than the key length + // required for the record protocol, thus the client of the handshaker + // service needs to truncate the key data into the right key length. + bytes key_data = 3; + + // The authenticated identity of the peer. + Identity peer_identity = 4; + + // The local identity used in the handshake. + Identity local_identity = 5; + + // Indicate whether the handshaker service client should keep the channel + // between the handshaker service open, e.g., in order to handle + // post-handshake messages in the future. + bool keep_channel_open = 6; + + // The RPC protocol versions supported by the peer. + RpcProtocolVersions peer_rpc_versions = 7; +} + +message HandshakerStatus { + // The status code. This could be the gRPC status code. + uint32 code = 1; + + // The status details. + string details = 2; +} + +message HandshakerResp { + // Frames to be given to the peer for the NextHandshakeMessageReq. May be + // empty if no out_frames have to be sent to the peer or if in_bytes in the + // HandshakerReq are incomplete. All the non-empty out frames must be sent to + // the peer even if the handshaker status is not OK as these frames may + // contain the alert frames. + bytes out_frames = 1; + + // Number of bytes in the in_bytes consumed by the handshaker. It is possible + // that part of in_bytes in HandshakerReq was unrelated to the handshake + // process. + uint32 bytes_consumed = 2; + + // This is set iff the handshake was successful. out_frames may still be set + // to frames that needs to be forwarded to the peer. + HandshakerResult result = 3; + + // Status of the handshaker. + HandshakerStatus status = 4; +} + +service HandshakerService { + // Accepts a stream of handshaker request, returning a stream of handshaker + // response. + rpc DoHandshake(stream HandshakerReq) + returns (stream HandshakerResp) { + } +} diff --git a/src/core/tsi/alts/handshaker/proto/transport_security_common.proto b/src/core/tsi/alts/handshaker/proto/transport_security_common.proto new file mode 100644 index 0000000000..41983ab9f9 --- /dev/null +++ b/src/core/tsi/alts/handshaker/proto/transport_security_common.proto @@ -0,0 +1,40 @@ +// Copyright 2018 gRPC authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grpc.gcp; + +option java_package = "io.grpc.alts"; + +// The security level of the created channel. The list is sorted in increasing +// level of security. This order must always be maintained. +enum SecurityLevel { + SECURITY_NONE = 0; + INTEGRITY_ONLY = 1; + INTEGRITY_AND_PRIVACY = 2; +} + +// Max and min supported RPC protocol versions. +message RpcProtocolVersions { + // RPC version contains a major version and a minor version. + message Version { + uint32 major = 1; + uint32 minor = 2; + } + // Maximum supported RPC version. + Version max_rpc_version = 1; + // Minimum supported RPC version. + Version min_rpc_version = 2; +} diff --git a/src/core/tsi/alts/handshaker/transport_security_common.pb.c b/src/core/tsi/alts/handshaker/transport_security_common.pb.c new file mode 100644 index 0000000000..6063c7625e --- /dev/null +++ b/src/core/tsi/alts/handshaker/transport_security_common.pb.c @@ -0,0 +1,50 @@ +/* Automatically generated nanopb constant definitions */ +/* Generated by nanopb-0.3.7-dev */ + +#include "src/core/tsi/alts/handshaker/transport_security_common.pb.h" + +/* @@protoc_insertion_point(includes) */ +#if PB_PROTO_HEADER_VERSION != 30 +#error Regenerate this file with the current version of nanopb generator. +#endif + + + +const pb_field_t grpc_gcp_RpcProtocolVersions_fields[3] = { + PB_FIELD( 1, MESSAGE , OPTIONAL, STATIC , FIRST, grpc_gcp_RpcProtocolVersions, max_rpc_version, max_rpc_version, &grpc_gcp_RpcProtocolVersions_Version_fields), + PB_FIELD( 2, MESSAGE , OPTIONAL, STATIC , OTHER, grpc_gcp_RpcProtocolVersions, min_rpc_version, max_rpc_version, &grpc_gcp_RpcProtocolVersions_Version_fields), + PB_LAST_FIELD +}; + +const pb_field_t grpc_gcp_RpcProtocolVersions_Version_fields[3] = { + PB_FIELD( 1, UINT32 , OPTIONAL, STATIC , FIRST, grpc_gcp_RpcProtocolVersions_Version, major, major, 0), + PB_FIELD( 2, UINT32 , OPTIONAL, STATIC , OTHER, grpc_gcp_RpcProtocolVersions_Version, minor, major, 0), + PB_LAST_FIELD +}; + + +/* Check that field information fits in pb_field_t */ +#if !defined(PB_FIELD_32BIT) +/* If you get an error here, it means that you need to define PB_FIELD_32BIT + * compile-time option. You can do that in pb.h or on compiler command line. + * + * The reason you need to do this is that some of your messages contain tag + * numbers or field sizes that are larger than what can fit in 8 or 16 bit + * field descriptors. + */ +PB_STATIC_ASSERT((pb_membersize(grpc_gcp_RpcProtocolVersions, max_rpc_version) < 65536 && pb_membersize(grpc_gcp_RpcProtocolVersions, min_rpc_version) < 65536), YOU_MUST_DEFINE_PB_FIELD_32BIT_FOR_MESSAGES_grpc_gcp_RpcProtocolVersions_grpc_gcp_RpcProtocolVersions_Version) +#endif + +#if !defined(PB_FIELD_16BIT) && !defined(PB_FIELD_32BIT) +/* If you get an error here, it means that you need to define PB_FIELD_16BIT + * compile-time option. You can do that in pb.h or on compiler command line. + * + * The reason you need to do this is that some of your messages contain tag + * numbers or field sizes that are larger than what can fit in the default + * 8 bit descriptors. + */ +PB_STATIC_ASSERT((pb_membersize(grpc_gcp_RpcProtocolVersions, max_rpc_version) < 256 && pb_membersize(grpc_gcp_RpcProtocolVersions, min_rpc_version) < 256), YOU_MUST_DEFINE_PB_FIELD_16BIT_FOR_MESSAGES_grpc_gcp_RpcProtocolVersions_grpc_gcp_RpcProtocolVersions_Version) +#endif + + +/* @@protoc_insertion_point(eof) */ diff --git a/src/core/tsi/alts/handshaker/transport_security_common.pb.h b/src/core/tsi/alts/handshaker/transport_security_common.pb.h new file mode 100644 index 0000000000..49096dffa3 --- /dev/null +++ b/src/core/tsi/alts/handshaker/transport_security_common.pb.h @@ -0,0 +1,78 @@ +/* Automatically generated nanopb header */ +/* Generated by nanopb-0.3.7-dev */ + +#ifndef PB_GRPC_GCP_TRANSPORT_SECURITY_COMMON_PB_H_INCLUDED +#define PB_GRPC_GCP_TRANSPORT_SECURITY_COMMON_PB_H_INCLUDED +#include "third_party/nanopb/pb.h" +/* @@protoc_insertion_point(includes) */ +#if PB_PROTO_HEADER_VERSION != 30 +#error Regenerate this file with the current version of nanopb generator. +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/* Enum definitions */ +typedef enum _grpc_gcp_SecurityLevel { + grpc_gcp_SecurityLevel_SECURITY_NONE = 0, + grpc_gcp_SecurityLevel_INTEGRITY_ONLY = 1, + grpc_gcp_SecurityLevel_INTEGRITY_AND_PRIVACY = 2 +} grpc_gcp_SecurityLevel; +#define _grpc_gcp_SecurityLevel_MIN grpc_gcp_SecurityLevel_SECURITY_NONE +#define _grpc_gcp_SecurityLevel_MAX grpc_gcp_SecurityLevel_INTEGRITY_AND_PRIVACY +#define _grpc_gcp_SecurityLevel_ARRAYSIZE ((grpc_gcp_SecurityLevel)(grpc_gcp_SecurityLevel_INTEGRITY_AND_PRIVACY+1)) + +/* Struct definitions */ +typedef struct _grpc_gcp_RpcProtocolVersions_Version { + bool has_major; + uint32_t major; + bool has_minor; + uint32_t minor; +/* @@protoc_insertion_point(struct:grpc_gcp_RpcProtocolVersions_Version) */ +} grpc_gcp_RpcProtocolVersions_Version; + +typedef struct _grpc_gcp_RpcProtocolVersions { + bool has_max_rpc_version; + grpc_gcp_RpcProtocolVersions_Version max_rpc_version; + bool has_min_rpc_version; + grpc_gcp_RpcProtocolVersions_Version min_rpc_version; +/* @@protoc_insertion_point(struct:grpc_gcp_RpcProtocolVersions) */ +} grpc_gcp_RpcProtocolVersions; + +/* Default values for struct fields */ + +/* Initializer values for message structs */ +#define grpc_gcp_RpcProtocolVersions_init_default {false, grpc_gcp_RpcProtocolVersions_Version_init_default, false, grpc_gcp_RpcProtocolVersions_Version_init_default} +#define grpc_gcp_RpcProtocolVersions_Version_init_default {false, 0, false, 0} +#define grpc_gcp_RpcProtocolVersions_init_zero {false, grpc_gcp_RpcProtocolVersions_Version_init_zero, false, grpc_gcp_RpcProtocolVersions_Version_init_zero} +#define grpc_gcp_RpcProtocolVersions_Version_init_zero {false, 0, false, 0} + +/* Field tags (for use in manual encoding/decoding) */ +#define grpc_gcp_RpcProtocolVersions_Version_major_tag 1 +#define grpc_gcp_RpcProtocolVersions_Version_minor_tag 2 +#define grpc_gcp_RpcProtocolVersions_max_rpc_version_tag 1 +#define grpc_gcp_RpcProtocolVersions_min_rpc_version_tag 2 + +/* Struct field encoding specification for nanopb */ +extern const pb_field_t grpc_gcp_RpcProtocolVersions_fields[3]; +extern const pb_field_t grpc_gcp_RpcProtocolVersions_Version_fields[3]; + +/* Maximum encoded size of messages (where known) */ +#define grpc_gcp_RpcProtocolVersions_size 28 +#define grpc_gcp_RpcProtocolVersions_Version_size 12 + +/* Message IDs (where set with "msgid" option) */ +#ifdef PB_MSGID + +#define TRANSPORT_SECURITY_COMMON_MESSAGES \ + + +#endif + +#ifdef __cplusplus +} /* extern "C" */ +#endif +/* @@protoc_insertion_point(eof) */ + +#endif diff --git a/src/core/tsi/alts/handshaker/transport_security_common_api.cc b/src/core/tsi/alts/handshaker/transport_security_common_api.cc new file mode 100644 index 0000000000..8a7edb53d4 --- /dev/null +++ b/src/core/tsi/alts/handshaker/transport_security_common_api.cc @@ -0,0 +1,196 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/handshaker/transport_security_common_api.h" + +bool grpc_gcp_rpc_protocol_versions_set_max( + grpc_gcp_rpc_protocol_versions* versions, uint32_t max_major, + uint32_t max_minor) { + if (versions == nullptr) { + gpr_log(GPR_ERROR, + "versions is nullptr in " + "grpc_gcp_rpc_protocol_versions_set_max()."); + return false; + } + versions->has_max_rpc_version = true; + versions->max_rpc_version.has_major = true; + versions->max_rpc_version.has_minor = true; + versions->max_rpc_version.major = max_major; + versions->max_rpc_version.minor = max_minor; + return true; +} + +bool grpc_gcp_rpc_protocol_versions_set_min( + grpc_gcp_rpc_protocol_versions* versions, uint32_t min_major, + uint32_t min_minor) { + if (versions == nullptr) { + gpr_log(GPR_ERROR, + "versions is nullptr in " + "grpc_gcp_rpc_protocol_versions_set_min()."); + return false; + } + versions->has_min_rpc_version = true; + versions->min_rpc_version.has_major = true; + versions->min_rpc_version.has_minor = true; + versions->min_rpc_version.major = min_major; + versions->min_rpc_version.minor = min_minor; + return true; +} + +size_t grpc_gcp_rpc_protocol_versions_encode_length( + const grpc_gcp_rpc_protocol_versions* versions) { + if (versions == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_rpc_protocol_versions_encode_length()."); + return 0; + } + pb_ostream_t size_stream; + memset(&size_stream, 0, sizeof(pb_ostream_t)); + if (!pb_encode(&size_stream, grpc_gcp_RpcProtocolVersions_fields, versions)) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&size_stream)); + return 0; + } + return size_stream.bytes_written; +} + +bool grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes( + const grpc_gcp_rpc_protocol_versions* versions, uint8_t* bytes, + size_t bytes_length) { + if (versions == nullptr || bytes == nullptr || bytes_length == 0) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes()."); + return false; + } + pb_ostream_t output_stream = pb_ostream_from_buffer(bytes, bytes_length); + if (!pb_encode(&output_stream, grpc_gcp_RpcProtocolVersions_fields, + versions)) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&output_stream)); + return false; + } + return true; +} + +bool grpc_gcp_rpc_protocol_versions_encode( + const grpc_gcp_rpc_protocol_versions* versions, grpc_slice* slice) { + if (versions == nullptr || slice == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_rpc_protocol_versions_encode()."); + return false; + } + size_t encoded_length = + grpc_gcp_rpc_protocol_versions_encode_length(versions); + if (encoded_length == 0) return false; + *slice = grpc_slice_malloc(encoded_length); + return grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes( + versions, GRPC_SLICE_START_PTR(*slice), encoded_length); +} + +bool grpc_gcp_rpc_protocol_versions_decode( + grpc_slice slice, grpc_gcp_rpc_protocol_versions* versions) { + if (versions == nullptr) { + gpr_log(GPR_ERROR, + "version is nullptr in " + "grpc_gcp_rpc_protocol_versions_decode()."); + return false; + } + pb_istream_t stream = pb_istream_from_buffer(GRPC_SLICE_START_PTR(slice), + GRPC_SLICE_LENGTH(slice)); + if (!pb_decode(&stream, grpc_gcp_RpcProtocolVersions_fields, versions)) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&stream)); + return false; + } + return true; +} + +bool grpc_gcp_rpc_protocol_versions_copy( + const grpc_gcp_rpc_protocol_versions* src, + grpc_gcp_rpc_protocol_versions* dst) { + if ((src == nullptr && dst != nullptr) || + (src != nullptr && dst == nullptr)) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_rpc_protocol_versions_copy()."); + return false; + } + if (src == nullptr) { + return true; + } + grpc_gcp_rpc_protocol_versions_set_max(dst, src->max_rpc_version.major, + src->max_rpc_version.minor); + grpc_gcp_rpc_protocol_versions_set_min(dst, src->min_rpc_version.major, + src->min_rpc_version.minor); + return true; +} + +namespace grpc_core { +namespace internal { + +int grpc_gcp_rpc_protocol_version_compare( + const grpc_gcp_rpc_protocol_versions_version* v1, + const grpc_gcp_rpc_protocol_versions_version* v2) { + if ((v1->major > v2->major) || + (v1->major == v2->major && v1->minor > v2->minor)) { + return 1; + } + if ((v1->major < v2->major) || + (v1->major == v2->major && v1->minor < v2->minor)) { + return -1; + } + return 0; +} + +} // namespace internal +} // namespace grpc_core + +bool grpc_gcp_rpc_protocol_versions_check( + const grpc_gcp_rpc_protocol_versions* local_versions, + const grpc_gcp_rpc_protocol_versions* peer_versions, + grpc_gcp_rpc_protocol_versions_version* highest_common_version) { + if (local_versions == nullptr || peer_versions == nullptr) { + gpr_log(GPR_ERROR, + "Invalid arguments to " + "grpc_gcp_rpc_protocol_versions_check()."); + return false; + } + /* max_common_version is MIN(local.max, peer.max) */ + const grpc_gcp_rpc_protocol_versions_version* max_common_version = + grpc_core::internal::grpc_gcp_rpc_protocol_version_compare( + &local_versions->max_rpc_version, &peer_versions->max_rpc_version) > 0 + ? &peer_versions->max_rpc_version + : &local_versions->max_rpc_version; + /* min_common_version is MAX(local.min, peer.min) */ + const grpc_gcp_rpc_protocol_versions_version* min_common_version = + grpc_core::internal::grpc_gcp_rpc_protocol_version_compare( + &local_versions->min_rpc_version, &peer_versions->min_rpc_version) > 0 + ? &local_versions->min_rpc_version + : &peer_versions->min_rpc_version; + bool result = grpc_core::internal::grpc_gcp_rpc_protocol_version_compare( + max_common_version, min_common_version) >= 0 + ? true + : false; + if (result && highest_common_version != nullptr) { + memcpy(highest_common_version, max_common_version, + sizeof(grpc_gcp_rpc_protocol_versions_version)); + } + return result; +} diff --git a/src/core/tsi/alts/handshaker/transport_security_common_api.h b/src/core/tsi/alts/handshaker/transport_security_common_api.h new file mode 100644 index 0000000000..68228cb3b5 --- /dev/null +++ b/src/core/tsi/alts/handshaker/transport_security_common_api.h @@ -0,0 +1,163 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_HANDSHAKER_TRANSPORT_SECURITY_COMMON_API_H +#define GRPC_CORE_TSI_ALTS_HANDSHAKER_TRANSPORT_SECURITY_COMMON_API_H + +#include <grpc/support/port_platform.h> + +#include "third_party/nanopb/pb_decode.h" +#include "third_party/nanopb/pb_encode.h" + +#include <grpc/slice.h> +#include <grpc/slice_buffer.h> +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/tsi/alts/handshaker/transport_security_common.pb.h" + +typedef grpc_gcp_RpcProtocolVersions grpc_gcp_rpc_protocol_versions; + +typedef grpc_gcp_RpcProtocolVersions_Version + grpc_gcp_rpc_protocol_versions_version; + +/** + * This method sets the value for max_rpc_versions field of rpc protocol + * versions. + * + * - versions: an rpc protocol version instance. + * - max_major: a major version of maximum supported RPC version. + * - max_minor: a minor version of maximum supported RPC version. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_rpc_protocol_versions_set_max( + grpc_gcp_rpc_protocol_versions* versions, uint32_t max_major, + uint32_t max_minor); + +/** + * This method sets the value for min_rpc_versions field of rpc protocol + * versions. + * + * - versions: an rpc protocol version instance. + * - min_major: a major version of minimum supported RPC version. + * - min_minor: a minor version of minimum supported RPC version. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_rpc_protocol_versions_set_min( + grpc_gcp_rpc_protocol_versions* versions, uint32_t min_major, + uint32_t min_minor); + +/** + * This method computes serialized byte length of rpc protocol versions. + * + * - versions: an rpc protocol versions instance. + * + * The method returns serialized byte length. It returns 0 on failure. + */ +size_t grpc_gcp_rpc_protocol_versions_encode_length( + const grpc_gcp_rpc_protocol_versions* versions); + +/** + * This method serializes rpc protocol versions and writes the result to + * the memory buffer provided by the caller. Caller is responsible for + * allocating sufficient memory to store the serialized data. + * + * - versions: an rpc protocol versions instance. + * - bytes: bytes buffer where the result will be written to. + * - bytes_length: length of the bytes buffer. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes( + const grpc_gcp_rpc_protocol_versions* versions, uint8_t* bytes, + size_t bytes_length); + +/** + * This method serializes an rpc protocol version and returns serialized rpc + * versions in grpc slice. + * + * - versions: an rpc protocol versions instance. + * - slice: grpc slice where the serialized result will be written. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_rpc_protocol_versions_encode( + const grpc_gcp_rpc_protocol_versions* versions, grpc_slice* slice); + +/** + * This method de-serializes input in grpc slice form and stores the result + * in rpc protocol versions. + * + * - slice: a data stream containing a serialized rpc protocol version. + * - versions: an rpc protocol version instance used to hold de-serialized + * result. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_rpc_protocol_versions_decode( + grpc_slice slice, grpc_gcp_rpc_protocol_versions* versions); + +/** + * This method performs a deep copy operation on rpc protocol versions + * instance. + * + * - src: rpc protocol versions instance that needs to be copied. + * - dst: rpc protocol versions instance that stores the copied result. + * + * The method returns true on success and false otherwise. + */ +bool grpc_gcp_rpc_protocol_versions_copy( + const grpc_gcp_rpc_protocol_versions* src, + grpc_gcp_rpc_protocol_versions* dst); + +/** + * This method performs a version check between local and peer rpc protocol + * versions. + * + * - local_versions: local rpc protocol versions instance. + * - peer_versions: peer rpc protocol versions instance. + * - highest_common_version: an output parameter that will store the highest + * common rpc protocol version both parties agreed on. + * + * The method returns true if the check passes which means both parties agreed + * on a common rpc protocol to use, and false otherwise. + */ +bool grpc_gcp_rpc_protocol_versions_check( + const grpc_gcp_rpc_protocol_versions* local_versions, + const grpc_gcp_rpc_protocol_versions* peer_versions, + grpc_gcp_rpc_protocol_versions_version* highest_common_version); + +namespace grpc_core { +namespace internal { + +/** + * Exposed for testing only. + * The method returns 0 if v1 = v2, + * returns 1 if v1 > v2, + * returns -1 if v1 < v2. + */ +int grpc_gcp_rpc_protocol_version_compare( + const grpc_gcp_rpc_protocol_versions_version* v1, + const grpc_gcp_rpc_protocol_versions_version* v2); + +} // namespace internal +} // namespace grpc_core + +#endif /* GRPC_CORE_TSI_ALTS_HANDSHAKER_TRANSPORT_SECURITY_COMMON_API_H */ diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc new file mode 100644 index 0000000000..7ba03eb7f0 --- /dev/null +++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc @@ -0,0 +1,180 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h" + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/slice/slice_internal.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" + +/* Main struct for alts_grpc_integrity_only_record_protocol. */ +typedef struct alts_grpc_integrity_only_record_protocol { + alts_grpc_record_protocol base; + grpc_slice_buffer data_sb; + unsigned char* tag_buf; +} alts_grpc_integrity_only_record_protocol; + +/* --- alts_grpc_record_protocol methods implementation. --- */ + +static tsi_result alts_grpc_integrity_only_protect( + alts_grpc_record_protocol* rp, grpc_slice_buffer* unprotected_slices, + grpc_slice_buffer* protected_slices) { + /* Input sanity check. */ + if (rp == nullptr || unprotected_slices == nullptr || + protected_slices == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to alts_grpc_record_protocol protect."); + return TSI_INVALID_ARGUMENT; + } + /* Allocates memory for header and tag slices. */ + grpc_slice header_slice = GRPC_SLICE_MALLOC(rp->header_length); + grpc_slice tag_slice = GRPC_SLICE_MALLOC(rp->tag_length); + /* Calls alts_iovec_record_protocol protect. */ + char* error_details = nullptr; + iovec_t header_iovec = {GRPC_SLICE_START_PTR(header_slice), + GRPC_SLICE_LENGTH(header_slice)}; + iovec_t tag_iovec = {GRPC_SLICE_START_PTR(tag_slice), + GRPC_SLICE_LENGTH(tag_slice)}; + alts_grpc_record_protocol_convert_slice_buffer_to_iovec(rp, + unprotected_slices); + grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect( + rp->iovec_rp, rp->iovec_buf, unprotected_slices->count, header_iovec, + tag_iovec, &error_details); + if (status != GRPC_STATUS_OK) { + gpr_log(GPR_ERROR, "Failed to protect, %s", error_details); + gpr_free(error_details); + return TSI_INTERNAL_ERROR; + } + /* Appends result to protected_slices. */ + grpc_slice_buffer_add(protected_slices, header_slice); + grpc_slice_buffer_move_into(unprotected_slices, protected_slices); + grpc_slice_buffer_add(protected_slices, tag_slice); + return TSI_OK; +} + +static tsi_result alts_grpc_integrity_only_unprotect( + alts_grpc_record_protocol* rp, grpc_slice_buffer* protected_slices, + grpc_slice_buffer* unprotected_slices) { + /* Input sanity check. */ + if (rp == nullptr || protected_slices == nullptr || + unprotected_slices == nullptr) { + gpr_log( + GPR_ERROR, + "Invalid nullptr arguments to alts_grpc_record_protocol unprotect."); + return TSI_INVALID_ARGUMENT; + } + if (protected_slices->length < rp->header_length + rp->tag_length) { + gpr_log(GPR_ERROR, "Protected slices do not have sufficient data."); + return TSI_INVALID_ARGUMENT; + } + /* In this method, rp points to alts_grpc_record_protocol struct + * and integrity_only_record_protocol points to + * alts_grpc_integrity_only_record_protocol struct. */ + alts_grpc_integrity_only_record_protocol* integrity_only_record_protocol = + reinterpret_cast<alts_grpc_integrity_only_record_protocol*>(rp); + /* Strips frame header from protected slices. */ + grpc_slice_buffer_reset_and_unref_internal(&rp->header_sb); + grpc_slice_buffer_move_first(protected_slices, rp->header_length, + &rp->header_sb); + GPR_ASSERT(rp->header_sb.length == rp->header_length); + iovec_t header_iovec = alts_grpc_record_protocol_get_header_iovec(rp); + /* Moves protected slices data to data_sb and leaves the remaining tag. */ + grpc_slice_buffer_reset_and_unref_internal( + &integrity_only_record_protocol->data_sb); + grpc_slice_buffer_move_first(protected_slices, + protected_slices->length - rp->tag_length, + &integrity_only_record_protocol->data_sb); + GPR_ASSERT(protected_slices->length == rp->tag_length); + iovec_t tag_iovec = {nullptr, rp->tag_length}; + if (protected_slices->count == 1) { + tag_iovec.iov_base = GRPC_SLICE_START_PTR(protected_slices->slices[0]); + } else { + /* Frame tag is in multiple slices, copies the tag bytes from slice + * buffer to a single flat buffer. */ + alts_grpc_record_protocol_copy_slice_buffer( + protected_slices, integrity_only_record_protocol->tag_buf); + tag_iovec.iov_base = integrity_only_record_protocol->tag_buf; + } + /* Calls alts_iovec_record_protocol unprotect. */ + char* error_details = nullptr; + alts_grpc_record_protocol_convert_slice_buffer_to_iovec( + rp, &integrity_only_record_protocol->data_sb); + grpc_status_code status = alts_iovec_record_protocol_integrity_only_unprotect( + rp->iovec_rp, rp->iovec_buf, + integrity_only_record_protocol->data_sb.count, header_iovec, tag_iovec, + &error_details); + if (status != GRPC_STATUS_OK) { + gpr_log(GPR_ERROR, "Failed to unprotect, %s", error_details); + gpr_free(error_details); + return TSI_INTERNAL_ERROR; + } + grpc_slice_buffer_reset_and_unref_internal(&rp->header_sb); + grpc_slice_buffer_reset_and_unref_internal(protected_slices); + grpc_slice_buffer_move_into(&integrity_only_record_protocol->data_sb, + unprotected_slices); + return TSI_OK; +} + +static void alts_grpc_integrity_only_destruct(alts_grpc_record_protocol* rp) { + if (rp == nullptr) { + return; + } + alts_grpc_integrity_only_record_protocol* integrity_only_rp = + reinterpret_cast<alts_grpc_integrity_only_record_protocol*>(rp); + grpc_slice_buffer_destroy_internal(&integrity_only_rp->data_sb); + gpr_free(integrity_only_rp->tag_buf); +} + +static const alts_grpc_record_protocol_vtable + alts_grpc_integrity_only_record_protocol_vtable = { + alts_grpc_integrity_only_protect, alts_grpc_integrity_only_unprotect, + alts_grpc_integrity_only_destruct}; + +tsi_result alts_grpc_integrity_only_record_protocol_create( + gsec_aead_crypter* crypter, size_t overflow_size, bool is_client, + bool is_protect, alts_grpc_record_protocol** rp) { + if (crypter == nullptr || rp == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to alts_grpc_record_protocol create."); + return TSI_INVALID_ARGUMENT; + } + alts_grpc_integrity_only_record_protocol* impl = + static_cast<alts_grpc_integrity_only_record_protocol*>( + gpr_zalloc(sizeof(alts_grpc_integrity_only_record_protocol))); + /* Calls alts_grpc_record_protocol init. */ + tsi_result result = alts_grpc_record_protocol_init( + &impl->base, crypter, overflow_size, is_client, + /*is_integrity_only=*/true, is_protect); + if (result != TSI_OK) { + gpr_free(impl); + return result; + } + /* Initializes slice buffer for data_sb. */ + grpc_slice_buffer_init(&impl->data_sb); + /* Allocates tag buffer. */ + impl->tag_buf = + static_cast<unsigned char*>(gpr_malloc(impl->base.tag_length)); + impl->base.vtable = &alts_grpc_integrity_only_record_protocol_vtable; + *rp = &impl->base; + return TSI_OK; +} diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h new file mode 100644 index 0000000000..8d68b27e07 --- /dev/null +++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h @@ -0,0 +1,52 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_INTEGRITY_ONLY_RECORD_PROTOCOL_H +#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_INTEGRITY_ONLY_RECORD_PROTOCOL_H + +#include <grpc/support/port_platform.h> + +#include <stdbool.h> + +#include "src/core/tsi/alts/crypt/gsec.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h" + +/** + * This method creates an integrity-only alts_grpc_record_protocol instance, + * given a gsec_aead_crypter instance and a flag indicating if the created + * instance will be used at the client or server side. The ownership of + * gsec_aead_crypter instance is transferred to this new object. + * + * - crypter: a gsec_aead_crypter instance used to perform AEAD decryption. + * - overflow_size: overflow size of counter in bytes. + * - is_client: a flag indicating if the alts_grpc_record_protocol instance will + * be used at the client or server side. + * - is_protect: a flag indicating if the alts_grpc_record_protocol instance + * will be used for protect or unprotect. + * - rp: an alts_grpc_record_protocol instance to be returned from + * the method. + * + * This method returns TSI_OK in case of success or a specific error code in + * case of failure. + */ +tsi_result alts_grpc_integrity_only_record_protocol_create( + gsec_aead_crypter* crypter, size_t overflow_size, bool is_client, + bool is_protect, alts_grpc_record_protocol** rp); + +#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_INTEGRITY_ONLY_RECORD_PROTOCOL_H \ + */ diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc new file mode 100644 index 0000000000..d4fd88d1e2 --- /dev/null +++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc @@ -0,0 +1,144 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h" + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/slice/slice_internal.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" + +/* Privacy-integrity alts_grpc_record_protocol object uses the same struct + * defined in alts_grpc_record_protocol_common.h. */ + +/* --- alts_grpc_record_protocol methods implementation. --- */ + +static tsi_result alts_grpc_privacy_integrity_protect( + alts_grpc_record_protocol* rp, grpc_slice_buffer* unprotected_slices, + grpc_slice_buffer* protected_slices) { + /* Input sanity check. */ + if (rp == nullptr || unprotected_slices == nullptr || + protected_slices == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to alts_grpc_record_protocol protect."); + return TSI_INVALID_ARGUMENT; + } + /* Allocates memory for output frame. In privacy-integrity protect, the + * protected frame is stored in a newly allocated buffer. */ + size_t protected_frame_size = + unprotected_slices->length + rp->header_length + + alts_iovec_record_protocol_get_tag_length(rp->iovec_rp); + grpc_slice protected_slice = GRPC_SLICE_MALLOC(protected_frame_size); + iovec_t protected_iovec = {GRPC_SLICE_START_PTR(protected_slice), + GRPC_SLICE_LENGTH(protected_slice)}; + /* Calls alts_iovec_record_protocol protect. */ + char* error_details = nullptr; + alts_grpc_record_protocol_convert_slice_buffer_to_iovec(rp, + unprotected_slices); + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_protect( + rp->iovec_rp, rp->iovec_buf, unprotected_slices->count, + protected_iovec, &error_details); + if (status != GRPC_STATUS_OK) { + gpr_log(GPR_ERROR, "Failed to protect, %s", error_details); + gpr_free(error_details); + grpc_slice_unref(protected_slice); + return TSI_INTERNAL_ERROR; + } + grpc_slice_buffer_add(protected_slices, protected_slice); + grpc_slice_buffer_reset_and_unref_internal(unprotected_slices); + return TSI_OK; +} + +static tsi_result alts_grpc_privacy_integrity_unprotect( + alts_grpc_record_protocol* rp, grpc_slice_buffer* protected_slices, + grpc_slice_buffer* unprotected_slices) { + /* Input sanity check. */ + if (rp == nullptr || protected_slices == nullptr || + unprotected_slices == nullptr) { + gpr_log( + GPR_ERROR, + "Invalid nullptr arguments to alts_grpc_record_protocol unprotect."); + return TSI_INVALID_ARGUMENT; + } + /* Allocates memory for output frame. In privacy-integrity unprotect, the + * unprotected data are stored in a newly allocated buffer. */ + if (protected_slices->length < rp->header_length + rp->tag_length) { + gpr_log(GPR_ERROR, "Protected slices do not have sufficient data."); + return TSI_INVALID_ARGUMENT; + } + size_t unprotected_frame_size = + protected_slices->length - rp->header_length - rp->tag_length; + grpc_slice unprotected_slice = GRPC_SLICE_MALLOC(unprotected_frame_size); + iovec_t unprotected_iovec = {GRPC_SLICE_START_PTR(unprotected_slice), + GRPC_SLICE_LENGTH(unprotected_slice)}; + /* Strips frame header from protected slices. */ + grpc_slice_buffer_reset_and_unref_internal(&rp->header_sb); + grpc_slice_buffer_move_first(protected_slices, rp->header_length, + &rp->header_sb); + iovec_t header_iovec = alts_grpc_record_protocol_get_header_iovec(rp); + /* Calls alts_iovec_record_protocol unprotect. */ + char* error_details = nullptr; + alts_grpc_record_protocol_convert_slice_buffer_to_iovec(rp, protected_slices); + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_unprotect( + rp->iovec_rp, header_iovec, rp->iovec_buf, protected_slices->count, + unprotected_iovec, &error_details); + if (status != GRPC_STATUS_OK) { + gpr_log(GPR_ERROR, "Failed to unprotect, %s", error_details); + gpr_free(error_details); + grpc_slice_unref(unprotected_slice); + return TSI_INTERNAL_ERROR; + } + grpc_slice_buffer_reset_and_unref_internal(&rp->header_sb); + grpc_slice_buffer_reset_and_unref_internal(protected_slices); + grpc_slice_buffer_add(unprotected_slices, unprotected_slice); + return TSI_OK; +} + +static const alts_grpc_record_protocol_vtable + alts_grpc_privacy_integrity_record_protocol_vtable = { + alts_grpc_privacy_integrity_protect, + alts_grpc_privacy_integrity_unprotect, nullptr}; + +tsi_result alts_grpc_privacy_integrity_record_protocol_create( + gsec_aead_crypter* crypter, size_t overflow_size, bool is_client, + bool is_protect, alts_grpc_record_protocol** rp) { + if (crypter == nullptr || rp == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to alts_grpc_record_protocol create."); + return TSI_INVALID_ARGUMENT; + } + auto* impl = static_cast<alts_grpc_record_protocol*>( + gpr_zalloc(sizeof(alts_grpc_record_protocol))); + /* Calls alts_grpc_record_protocol init. */ + tsi_result result = + alts_grpc_record_protocol_init(impl, crypter, overflow_size, is_client, + /*is_integrity_only=*/false, is_protect); + if (result != TSI_OK) { + gpr_free(impl); + return result; + } + impl->vtable = &alts_grpc_privacy_integrity_record_protocol_vtable; + *rp = impl; + return TSI_OK; +} diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h new file mode 100644 index 0000000000..1e34aef2d8 --- /dev/null +++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h @@ -0,0 +1,49 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_PRIVACY_INTEGRITY_RECORD_PROTOCOL_H +#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_PRIVACY_INTEGRITY_RECORD_PROTOCOL_H + +#include <grpc/support/port_platform.h> + +#include <stdbool.h> + +#include "src/core/tsi/alts/crypt/gsec.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h" + +/** + * This method creates a privacy-integrity alts_grpc_record_protocol instance, + * given a gsec_aead_crypter instance and a flag indicating if the created + * instance will be used at the client or server side. The ownership of + * gsec_aead_crypter instance is transferred to this new object. + * + * - crypter: a gsec_aead_crypter instance used to perform AEAD decryption. + * - is_client: a flag indicating if the alts_grpc_record_protocol instance will + * be used at the client or server side. + * - rp: an alts_grpc_record_protocol instance to be returned from + * the method. + * + * This method returns TSI_OK in case of success or a specific error code in + * case of failure. + */ +tsi_result alts_grpc_privacy_integrity_record_protocol_create( + gsec_aead_crypter* crypter, size_t overflow_size, bool is_client, + bool is_protect, alts_grpc_record_protocol** rp); + +#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_PRIVACY_INTEGRITY_RECORD_PROTOCOL_H \ + */ diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h new file mode 100644 index 0000000000..d1e433dac4 --- /dev/null +++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h @@ -0,0 +1,91 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_H +#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_H + +#include <grpc/support/port_platform.h> + +#include <grpc/slice_buffer.h> + +#include "src/core/tsi/transport_security_interface.h" + +/** + * This alts_grpc_record_protocol object protects and unprotects a single frame + * stored in grpc slice buffer with zero or minimized memory copy. + * Implementations of this object must be thread compatible. + */ +typedef struct alts_grpc_record_protocol alts_grpc_record_protocol; + +/** + * This methods performs protect operation on unprotected data and appends the + * protected frame to protected_slices. The caller needs to ensure the length + * of unprotected data plus the frame overhead is less than or equal to the + * maximum frame length. The input unprotected data slice buffer will be + * cleared, although the actual unprotected data bytes are not modified. + * + * - self: an alts_grpc_record_protocol instance. + * - unprotected_slices: the unprotected data to be protected. + * - protected_slices: slice buffer where the protected frame is appended. + * + * This method returns TSI_OK in case of success or a specific error code in + * case of failure. + */ +tsi_result alts_grpc_record_protocol_protect( + alts_grpc_record_protocol* self, grpc_slice_buffer* unprotected_slices, + grpc_slice_buffer* protected_slices); + +/** + * This methods performs unprotect operation on a full frame of protected data + * and appends unprotected data to unprotected_slices. It is the caller's + * responsibility to prepare a full frame of data before calling this method. + * The input protected frame slice buffer will be cleared, although the actual + * protected data bytes are not modified. + * + * - self: an alts_grpc_record_protocol instance. + * - protected_slices: a full frame of protected data in grpc slices. + * - unprotected_slices: slice buffer where unprotected data is appended. + * + * This method returns TSI_OK in case of success or a specific error code in + * case of failure. + */ +tsi_result alts_grpc_record_protocol_unprotect( + alts_grpc_record_protocol* self, grpc_slice_buffer* protected_slices, + grpc_slice_buffer* unprotected_slices); + +/** + * This method returns maximum allowed unprotected data size, given maximum + * protected frame size. + * + * - self: an alts_grpc_record_protocol instance. + * - max_protected_frame_size: maximum protected frame size. + * + * On success, the method returns the maximum allowed unprotected data size. + * Otherwise, it returns zero. + */ +size_t alts_grpc_record_protocol_max_unprotected_data_size( + const alts_grpc_record_protocol* self, size_t max_protected_frame_size); + +/** + * This method destroys an alts_grpc_record_protocol instance by de-allocating + * all of its occupied memory. + */ +void alts_grpc_record_protocol_destroy(alts_grpc_record_protocol* self); + +#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_H \ + */ diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc new file mode 100644 index 0000000000..ff91aea350 --- /dev/null +++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc @@ -0,0 +1,173 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h" + +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/gpr/useful.h" +#include "src/core/lib/slice/slice_internal.h" + +const size_t kInitialIovecBufferSize = 8; + +/* Makes sure iovec_buf in alts_grpc_record_protocol is large enough. */ +static void ensure_iovec_buf_size(alts_grpc_record_protocol* rp, + const grpc_slice_buffer* sb) { + GPR_ASSERT(rp != nullptr && sb != nullptr); + if (sb->count <= rp->iovec_buf_length) { + return; + } + /* At least double the iovec buffer size. */ + rp->iovec_buf_length = GPR_MAX(sb->count, 2 * rp->iovec_buf_length); + rp->iovec_buf = static_cast<iovec_t*>( + gpr_realloc(rp->iovec_buf, rp->iovec_buf_length * sizeof(iovec_t))); +} + +/* --- Implementation of methods defined in tsi_grpc_record_protocol_common.h. + * --- */ + +void alts_grpc_record_protocol_convert_slice_buffer_to_iovec( + alts_grpc_record_protocol* rp, const grpc_slice_buffer* sb) { + GPR_ASSERT(rp != nullptr && sb != nullptr); + ensure_iovec_buf_size(rp, sb); + for (size_t i = 0; i < sb->count; i++) { + rp->iovec_buf[i].iov_base = GRPC_SLICE_START_PTR(sb->slices[i]); + rp->iovec_buf[i].iov_len = GRPC_SLICE_LENGTH(sb->slices[i]); + } +} + +void alts_grpc_record_protocol_copy_slice_buffer(const grpc_slice_buffer* src, + unsigned char* dst) { + GPR_ASSERT(src != nullptr && dst != nullptr); + for (size_t i = 0; i < src->count; i++) { + size_t slice_length = GRPC_SLICE_LENGTH(src->slices[i]); + memcpy(dst, GRPC_SLICE_START_PTR(src->slices[i]), slice_length); + dst += slice_length; + } +} + +iovec_t alts_grpc_record_protocol_get_header_iovec( + alts_grpc_record_protocol* rp) { + iovec_t header_iovec = {nullptr, 0}; + if (rp == nullptr) { + return header_iovec; + } + header_iovec.iov_len = rp->header_length; + if (rp->header_sb.count == 1) { + header_iovec.iov_base = GRPC_SLICE_START_PTR(rp->header_sb.slices[0]); + } else { + /* Frame header is in multiple slices, copies the header bytes from slice + * buffer to a single flat buffer. */ + alts_grpc_record_protocol_copy_slice_buffer(&rp->header_sb, rp->header_buf); + header_iovec.iov_base = rp->header_buf; + } + return header_iovec; +} + +tsi_result alts_grpc_record_protocol_init(alts_grpc_record_protocol* rp, + gsec_aead_crypter* crypter, + size_t overflow_size, bool is_client, + bool is_integrity_only, + bool is_protect) { + if (rp == nullptr || crypter == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to alts_grpc_record_protocol init."); + return TSI_INVALID_ARGUMENT; + } + /* Creates alts_iovec_record_protocol. */ + char* error_details = nullptr; + grpc_status_code status = alts_iovec_record_protocol_create( + crypter, overflow_size, is_client, is_integrity_only, is_protect, + &rp->iovec_rp, &error_details); + if (status != GRPC_STATUS_OK) { + gpr_log(GPR_ERROR, "Failed to create alts_iovec_record_protocol, %s.", + error_details); + gpr_free(error_details); + return TSI_INTERNAL_ERROR; + } + /* Allocates header slice buffer. */ + grpc_slice_buffer_init(&rp->header_sb); + /* Allocates header buffer. */ + rp->header_length = alts_iovec_record_protocol_get_header_length(); + rp->header_buf = static_cast<unsigned char*>(gpr_malloc(rp->header_length)); + rp->tag_length = alts_iovec_record_protocol_get_tag_length(rp->iovec_rp); + /* Allocates iovec buffer. */ + rp->iovec_buf_length = kInitialIovecBufferSize; + rp->iovec_buf = + static_cast<iovec_t*>(gpr_malloc(rp->iovec_buf_length * sizeof(iovec_t))); + return TSI_OK; +} + +/* --- Implementation of methods defined in tsi_grpc_record_protocol.h. --- */ +tsi_result alts_grpc_record_protocol_protect( + alts_grpc_record_protocol* self, grpc_slice_buffer* unprotected_slices, + grpc_slice_buffer* protected_slices) { + if (grpc_core::ExecCtx::Get() == nullptr || self == nullptr || + self->vtable == nullptr || unprotected_slices == nullptr || + protected_slices == nullptr) { + return TSI_INVALID_ARGUMENT; + } + if (self->vtable->protect == nullptr) { + return TSI_UNIMPLEMENTED; + } + return self->vtable->protect(self, unprotected_slices, protected_slices); +} + +tsi_result alts_grpc_record_protocol_unprotect( + alts_grpc_record_protocol* self, grpc_slice_buffer* protected_slices, + grpc_slice_buffer* unprotected_slices) { + if (grpc_core::ExecCtx::Get() == nullptr || self == nullptr || + self->vtable == nullptr || protected_slices == nullptr || + unprotected_slices == nullptr) { + return TSI_INVALID_ARGUMENT; + } + if (self->vtable->unprotect == nullptr) { + return TSI_UNIMPLEMENTED; + } + return self->vtable->unprotect(self, protected_slices, unprotected_slices); +} + +void alts_grpc_record_protocol_destroy(alts_grpc_record_protocol* self) { + if (self == nullptr) { + return; + } + if (self->vtable->destruct != nullptr) { + self->vtable->destruct(self); + } + alts_iovec_record_protocol_destroy(self->iovec_rp); + grpc_slice_buffer_destroy_internal(&self->header_sb); + gpr_free(self->header_buf); + gpr_free(self->iovec_buf); + gpr_free(self); +} + +/* Integrity-only and privacy-integrity share the same implementation. No need + * to call vtable. */ +size_t alts_grpc_record_protocol_max_unprotected_data_size( + const alts_grpc_record_protocol* self, size_t max_protected_frame_size) { + if (self == nullptr) { + return 0; + } + return alts_iovec_record_protocol_max_unprotected_data_size( + self->iovec_rp, max_protected_frame_size); +} diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h new file mode 100644 index 0000000000..43b8a4a2b8 --- /dev/null +++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h @@ -0,0 +1,100 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_COMMON_H +#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_COMMON_H + +/** + * this file contains alts_grpc_record_protocol internals and internal-only + * helper functions. The public functions of alts_grpc_record_protocol are + * defined in the alts_grpc_record_protocol.h. + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" + +/* V-table for alts_grpc_record_protocol implementations. */ +typedef struct { + tsi_result (*protect)(alts_grpc_record_protocol* self, + grpc_slice_buffer* unprotected_slices, + grpc_slice_buffer* protected_slices); + tsi_result (*unprotect)(alts_grpc_record_protocol* self, + grpc_slice_buffer* protected_slices, + grpc_slice_buffer* unprotected_slices); + void (*destruct)(alts_grpc_record_protocol* self); +} alts_grpc_record_protocol_vtable; + +/* Main struct for alts_grpc_record_protocol implementation, shared by both + * integrity-only record protocol and privacy-integrity record protocol. + * Integrity-only record protocol has additional data elements. + * Privacy-integrity record protocol uses this struct directly. */ +struct alts_grpc_record_protocol { + const alts_grpc_record_protocol_vtable* vtable; + alts_iovec_record_protocol* iovec_rp; + grpc_slice_buffer header_sb; + unsigned char* header_buf; + size_t header_length; + size_t tag_length; + iovec_t* iovec_buf; + size_t iovec_buf_length; +}; + +/** + * Converts the slices of input sb into iovec_t's and puts the result into + * rp->iovec_buf. Note that the actual data are not copied, only + * pointers and lengths are copied. + */ +void alts_grpc_record_protocol_convert_slice_buffer_to_iovec( + alts_grpc_record_protocol* rp, const grpc_slice_buffer* sb); + +/** + * Copies bytes from slice buffer to destination buffer. Caller is responsible + * for allocating enough memory of destination buffer. This method is used for + * copying frame header and tag in case they are stored in multiple slices. + */ +void alts_grpc_record_protocol_copy_slice_buffer(const grpc_slice_buffer* src, + unsigned char* dst); + +/** + * This method returns an iovec object pointing to the frame header stored in + * rp->header_sb. If the frame header is stored in multiple slices, + * this method will copy the bytes in rp->header_sb to + * rp->header_buf, and return an iovec object pointing to + * rp->header_buf. + */ +iovec_t alts_grpc_record_protocol_get_header_iovec( + alts_grpc_record_protocol* rp); + +/** + * Initializes an alts_grpc_record_protocol object, given a gsec_aead_crypter + * instance, the overflow size of the counter in bytes, a flag indicating if the + * object is used for client or server side, a flag indicating if it is used for + * integrity-only or privacy-integrity mode, and a flag indicating if it is for + * protect or unprotect. The ownership of gsec_aead_crypter object is + * transferred to the alts_grpc_record_protocol object. + */ +tsi_result alts_grpc_record_protocol_init(alts_grpc_record_protocol* rp, + gsec_aead_crypter* crypter, + size_t overflow_size, bool is_client, + bool is_integrity_only, + bool is_protect); + +#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_COMMON_H \ + */ diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc b/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc new file mode 100644 index 0000000000..6a548e50dd --- /dev/null +++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc @@ -0,0 +1,476 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" + +#include <stdlib.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/tsi/alts/frame_protector/alts_counter.h" + +struct alts_iovec_record_protocol { + alts_counter* ctr; + gsec_aead_crypter* crypter; + size_t tag_length; + bool is_integrity_only; + bool is_protect; +}; + +/* Copies error message to destination. */ +static void maybe_copy_error_msg(const char* src, char** dst) { + if (dst != nullptr && src != nullptr) { + *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1)); + memcpy(*dst, src, strlen(src) + 1); + } +} + +/* Appends error message to destination. */ +static void maybe_append_error_msg(const char* appendix, char** dst) { + if (dst != nullptr && appendix != nullptr) { + int dst_len = static_cast<int>(strlen(*dst)); + *dst = static_cast<char*>(realloc(*dst, dst_len + strlen(appendix) + 1)); + assert(*dst != nullptr); + memcpy(*dst + dst_len, appendix, strlen(appendix) + 1); + } +} + +/* Use little endian to interpret a string of bytes as uint32_t. */ +static uint32_t load_32_le(const unsigned char* buffer) { + return (((uint32_t)buffer[3]) << 24) | (((uint32_t)buffer[2]) << 16) | + (((uint32_t)buffer[1]) << 8) | ((uint32_t)buffer[0]); +} + +/* Store uint32_t as a string of little endian bytes. */ +static void store_32_le(uint32_t value, unsigned char* buffer) { + buffer[3] = (unsigned char)(value >> 24) & 0xFF; + buffer[2] = (unsigned char)(value >> 16) & 0xFF; + buffer[1] = (unsigned char)(value >> 8) & 0xFF; + buffer[0] = (unsigned char)(value)&0xFF; +} + +/* Ensures header and tag iovec have sufficient length. */ +static grpc_status_code ensure_header_and_tag_length( + const alts_iovec_record_protocol* rp, iovec_t header, iovec_t tag, + char** error_details) { + if (rp == nullptr) { + return GRPC_STATUS_FAILED_PRECONDITION; + } + if (header.iov_base == nullptr) { + maybe_copy_error_msg("Header is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (header.iov_len != alts_iovec_record_protocol_get_header_length()) { + maybe_copy_error_msg("Header length is incorrect.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (tag.iov_base == nullptr) { + maybe_copy_error_msg("Tag is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (tag.iov_len != rp->tag_length) { + maybe_copy_error_msg("Tag length is incorrect.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + return GRPC_STATUS_OK; +} + +/* Increments crypter counter and checks overflow. */ +static grpc_status_code increment_counter(alts_counter* counter, + char** error_details) { + if (counter == nullptr) { + return GRPC_STATUS_FAILED_PRECONDITION; + } + bool is_overflow = false; + grpc_status_code status = + alts_counter_increment(counter, &is_overflow, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + if (is_overflow) { + maybe_copy_error_msg("Crypter counter is overflowed.", error_details); + return GRPC_STATUS_INTERNAL; + } + return GRPC_STATUS_OK; +} + +/* Given an array of iovec, computes the total length of buffer. */ +static size_t get_total_length(const iovec_t* vec, size_t vec_length) { + size_t total_length = 0; + for (size_t i = 0; i < vec_length; ++i) { + total_length += vec[i].iov_len; + } + return total_length; +} + +/* Writes frame header given data and tag length. */ +static grpc_status_code write_frame_header(size_t data_length, + unsigned char* header, + char** error_details) { + if (header == nullptr) { + maybe_copy_error_msg("Header is nullptr.", error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + size_t frame_length = kZeroCopyFrameMessageTypeFieldSize + data_length; + store_32_le(static_cast<uint32_t>(frame_length), header); + store_32_le(kZeroCopyFrameMessageType, + header + kZeroCopyFrameLengthFieldSize); + return GRPC_STATUS_OK; +} + +/* Verifies frame header given protected data length. */ +static grpc_status_code verify_frame_header(size_t data_length, + unsigned char* header, + char** error_details) { + if (header == nullptr) { + maybe_copy_error_msg("Header is nullptr.", error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + size_t frame_length = load_32_le(header); + if (frame_length != kZeroCopyFrameMessageTypeFieldSize + data_length) { + maybe_copy_error_msg("Bad frame length.", error_details); + return GRPC_STATUS_INTERNAL; + } + size_t message_type = load_32_le(header + kZeroCopyFrameLengthFieldSize); + if (message_type != kZeroCopyFrameMessageType) { + maybe_copy_error_msg("Unsupported message type.", error_details); + return GRPC_STATUS_INTERNAL; + } + return GRPC_STATUS_OK; +} + +/* --- alts_iovec_record_protocol methods implementation. --- */ + +size_t alts_iovec_record_protocol_get_header_length() { + return kZeroCopyFrameHeaderSize; +} + +size_t alts_iovec_record_protocol_get_tag_length( + const alts_iovec_record_protocol* rp) { + if (rp != nullptr) { + return rp->tag_length; + } + return 0; +} + +size_t alts_iovec_record_protocol_max_unprotected_data_size( + const alts_iovec_record_protocol* rp, size_t max_protected_frame_size) { + if (rp == nullptr) { + return 0; + } + size_t overhead_bytes_size = + kZeroCopyFrameMessageTypeFieldSize + rp->tag_length; + if (max_protected_frame_size <= overhead_bytes_size) return 0; + return max_protected_frame_size - overhead_bytes_size; +} + +grpc_status_code alts_iovec_record_protocol_integrity_only_protect( + alts_iovec_record_protocol* rp, const iovec_t* unprotected_vec, + size_t unprotected_vec_length, iovec_t header, iovec_t tag, + char** error_details) { + /* Input sanity checks. */ + if (rp == nullptr) { + maybe_copy_error_msg("Input iovec_record_protocol is nullptr.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (!rp->is_integrity_only) { + maybe_copy_error_msg( + "Integrity-only operations are not allowed for this object.", + error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + if (!rp->is_protect) { + maybe_copy_error_msg("Protect operations are not allowed for this object.", + error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + grpc_status_code status = + ensure_header_and_tag_length(rp, header, tag, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + /* Unprotected data should not be zero length. */ + size_t data_length = + get_total_length(unprotected_vec, unprotected_vec_length); + /* Sets frame header. */ + status = write_frame_header(data_length + rp->tag_length, + static_cast<unsigned char*>(header.iov_base), + error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + /* Computes frame tag by calling AEAD crypter. */ + size_t bytes_written = 0; + status = gsec_aead_crypter_encrypt_iovec( + rp->crypter, alts_counter_get_counter(rp->ctr), + alts_counter_get_size(rp->ctr), unprotected_vec, unprotected_vec_length, + /* plaintext_vec = */ nullptr, /* plaintext_vec_length = */ 0, tag, + &bytes_written, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + if (bytes_written != rp->tag_length) { + maybe_copy_error_msg("Bytes written expects to be the same as tag length.", + error_details); + return GRPC_STATUS_INTERNAL; + } + /* Increments the crypter counter. */ + return increment_counter(rp->ctr, error_details); +} + +grpc_status_code alts_iovec_record_protocol_integrity_only_unprotect( + alts_iovec_record_protocol* rp, const iovec_t* protected_vec, + size_t protected_vec_length, iovec_t header, iovec_t tag, + char** error_details) { + /* Input sanity checks. */ + if (rp == nullptr) { + maybe_copy_error_msg("Input iovec_record_protocol is nullptr.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (!rp->is_integrity_only) { + maybe_copy_error_msg( + "Integrity-only operations are not allowed for this object.", + error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + if (rp->is_protect) { + maybe_copy_error_msg( + "Unprotect operations are not allowed for this object.", error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + grpc_status_code status = + ensure_header_and_tag_length(rp, header, tag, error_details); + if (status != GRPC_STATUS_OK) return status; + /* Protected data should not be zero length. */ + size_t data_length = get_total_length(protected_vec, protected_vec_length); + /* Verifies frame header. */ + status = verify_frame_header(data_length + rp->tag_length, + static_cast<unsigned char*>(header.iov_base), + error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + /* Verifies frame tag by calling AEAD crypter. */ + iovec_t plaintext = {nullptr, 0}; + size_t bytes_written = 0; + status = gsec_aead_crypter_decrypt_iovec( + rp->crypter, alts_counter_get_counter(rp->ctr), + alts_counter_get_size(rp->ctr), protected_vec, protected_vec_length, &tag, + 1, plaintext, &bytes_written, error_details); + if (status != GRPC_STATUS_OK || bytes_written != 0) { + maybe_append_error_msg(" Frame tag verification failed.", error_details); + return GRPC_STATUS_INTERNAL; + } + /* Increments the crypter counter. */ + return increment_counter(rp->ctr, error_details); +} + +grpc_status_code alts_iovec_record_protocol_privacy_integrity_protect( + alts_iovec_record_protocol* rp, const iovec_t* unprotected_vec, + size_t unprotected_vec_length, iovec_t protected_frame, + char** error_details) { + /* Input sanity checks. */ + if (rp == nullptr) { + maybe_copy_error_msg("Input iovec_record_protocol is nullptr.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (rp->is_integrity_only) { + maybe_copy_error_msg( + "Privacy-integrity operations are not allowed for this object.", + error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + if (!rp->is_protect) { + maybe_copy_error_msg("Protect operations are not allowed for this object.", + error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + /* Unprotected data should not be zero length. */ + size_t data_length = + get_total_length(unprotected_vec, unprotected_vec_length); + /* Ensures protected frame iovec has sufficient size. */ + if (protected_frame.iov_base == nullptr) { + maybe_copy_error_msg("Protected frame is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (protected_frame.iov_len != + alts_iovec_record_protocol_get_header_length() + data_length + + rp->tag_length) { + maybe_copy_error_msg("Protected frame size is incorrect.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + /* Writer frame header. */ + grpc_status_code status = write_frame_header( + data_length + rp->tag_length, + static_cast<unsigned char*>(protected_frame.iov_base), error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + /* Encrypt unprotected data by calling AEAD crypter. */ + unsigned char* ciphertext_buffer = + static_cast<unsigned char*>(protected_frame.iov_base) + + alts_iovec_record_protocol_get_header_length(); + iovec_t ciphertext = {ciphertext_buffer, data_length + rp->tag_length}; + size_t bytes_written = 0; + status = gsec_aead_crypter_encrypt_iovec( + rp->crypter, alts_counter_get_counter(rp->ctr), + alts_counter_get_size(rp->ctr), /* aad_vec = */ nullptr, + /* aad_vec_length = */ 0, unprotected_vec, unprotected_vec_length, + ciphertext, &bytes_written, error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + if (bytes_written != data_length + rp->tag_length) { + maybe_copy_error_msg( + "Bytes written expects to be data length plus tag length.", + error_details); + return GRPC_STATUS_INTERNAL; + } + /* Increments the crypter counter. */ + return increment_counter(rp->ctr, error_details); +} + +grpc_status_code alts_iovec_record_protocol_privacy_integrity_unprotect( + alts_iovec_record_protocol* rp, iovec_t header, + const iovec_t* protected_vec, size_t protected_vec_length, + iovec_t unprotected_data, char** error_details) { + /* Input sanity checks. */ + if (rp == nullptr) { + maybe_copy_error_msg("Input iovec_record_protocol is nullptr.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (rp->is_integrity_only) { + maybe_copy_error_msg( + "Privacy-integrity operations are not allowed for this object.", + error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + if (rp->is_protect) { + maybe_copy_error_msg( + "Unprotect operations are not allowed for this object.", error_details); + return GRPC_STATUS_FAILED_PRECONDITION; + } + /* Protected data size should be no less than tag size. */ + size_t protected_data_length = + get_total_length(protected_vec, protected_vec_length); + if (protected_data_length < rp->tag_length) { + maybe_copy_error_msg( + "Protected data length should be more than the tag length.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + /* Ensures header has sufficient size. */ + if (header.iov_base == nullptr) { + maybe_copy_error_msg("Header is nullptr.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + if (header.iov_len != alts_iovec_record_protocol_get_header_length()) { + maybe_copy_error_msg("Header length is incorrect.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + /* Ensures unprotected data iovec has sufficient size. */ + if (unprotected_data.iov_len != protected_data_length - rp->tag_length) { + maybe_copy_error_msg("Unprotected data size is incorrect.", error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + /* Verify frame header. */ + grpc_status_code status = verify_frame_header( + protected_data_length, static_cast<unsigned char*>(header.iov_base), + error_details); + if (status != GRPC_STATUS_OK) { + return status; + } + /* Decrypt protected data by calling AEAD crypter. */ + size_t bytes_written = 0; + status = gsec_aead_crypter_decrypt_iovec( + rp->crypter, alts_counter_get_counter(rp->ctr), + alts_counter_get_size(rp->ctr), /* aad_vec = */ nullptr, + /* aad_vec_length = */ 0, protected_vec, protected_vec_length, + unprotected_data, &bytes_written, error_details); + if (status != GRPC_STATUS_OK) { + maybe_append_error_msg(" Frame decryption failed.", error_details); + return GRPC_STATUS_INTERNAL; + } + if (bytes_written != protected_data_length - rp->tag_length) { + maybe_copy_error_msg( + "Bytes written expects to be protected data length minus tag length.", + error_details); + return GRPC_STATUS_INTERNAL; + } + /* Increments the crypter counter. */ + return increment_counter(rp->ctr, error_details); +} + +grpc_status_code alts_iovec_record_protocol_create( + gsec_aead_crypter* crypter, size_t overflow_size, bool is_client, + bool is_integrity_only, bool is_protect, alts_iovec_record_protocol** rp, + char** error_details) { + if (crypter == nullptr || rp == nullptr) { + maybe_copy_error_msg( + "Invalid nullptr arguments to alts_iovec_record_protocol create.", + error_details); + return GRPC_STATUS_INVALID_ARGUMENT; + } + alts_iovec_record_protocol* impl = static_cast<alts_iovec_record_protocol*>( + gpr_zalloc(sizeof(alts_iovec_record_protocol))); + /* Gets counter length. */ + size_t counter_length = 0; + grpc_status_code status = + gsec_aead_crypter_nonce_length(crypter, &counter_length, error_details); + if (status != GRPC_STATUS_OK) { + goto cleanup; + } + /* Creates counters. */ + status = + alts_counter_create(is_protect ? !is_client : is_client, counter_length, + overflow_size, &impl->ctr, error_details); + if (status != GRPC_STATUS_OK) { + goto cleanup; + } + /* Gets tag length. */ + status = + gsec_aead_crypter_tag_length(crypter, &impl->tag_length, error_details); + if (status != GRPC_STATUS_OK) { + goto cleanup; + } + impl->crypter = crypter; + impl->is_integrity_only = is_integrity_only; + impl->is_protect = is_protect; + *rp = impl; + return GRPC_STATUS_OK; +cleanup: + alts_counter_destroy(impl->ctr); + gpr_free(impl); + return GRPC_STATUS_FAILED_PRECONDITION; +} + +void alts_iovec_record_protocol_destroy(alts_iovec_record_protocol* rp) { + if (rp != nullptr) { + alts_counter_destroy(rp->ctr); + gsec_aead_crypter_destroy(rp->crypter); + gpr_free(rp); + } +} diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h new file mode 100644 index 0000000000..0b7d1bf5bf --- /dev/null +++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h @@ -0,0 +1,199 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_IOVEC_RECORD_PROTOCOL_H +#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_IOVEC_RECORD_PROTOCOL_H + +#include <grpc/support/port_platform.h> + +#include <stdbool.h> + +#include "src/core/tsi/alts/crypt/gsec.h" + +constexpr size_t kZeroCopyFrameMessageType = 0x06; +constexpr size_t kZeroCopyFrameLengthFieldSize = 4; +constexpr size_t kZeroCopyFrameMessageTypeFieldSize = 4; +constexpr size_t kZeroCopyFrameHeaderSize = + kZeroCopyFrameLengthFieldSize + kZeroCopyFrameMessageTypeFieldSize; + +// Limit k on number of frames such that at most 2^(8 * k) frames can be sent. +constexpr size_t kAltsRecordProtocolRekeyFrameLimit = 8; +constexpr size_t kAltsRecordProtocolFrameLimit = 5; + +/* An implementation of alts record protocol. The API is thread-compatible. */ + +typedef struct iovec iovec_t; + +typedef struct alts_iovec_record_protocol alts_iovec_record_protocol; + +/** + * This method gets the length of record protocol frame header. + */ +size_t alts_iovec_record_protocol_get_header_length(); + +/** + * This method gets the length of record protocol frame tag. + * + * - rp: an alts_iovec_record_protocol instance. + * + * On success, the method returns the length of record protocol frame tag. + * Otherwise, it returns zero. + */ +size_t alts_iovec_record_protocol_get_tag_length( + const alts_iovec_record_protocol* rp); + +/** + * This method returns maximum allowed unprotected data size, given maximum + * protected frame size. + * + * - rp: an alts_iovec_record_protocol instance. + * - max_protected_frame_size: maximum protected frame size. + * + * On success, the method returns the maximum allowed unprotected data size. + * Otherwise, it returns zero. + */ +size_t alts_iovec_record_protocol_max_unprotected_data_size( + const alts_iovec_record_protocol* rp, size_t max_protected_frame_size); + +/** + * This method performs integrity-only protect operation on a + * alts_iovec_record_protocol instance, i.e., compute frame header and tag. The + * caller needs to allocate the memory for header and tag prior to calling this + * method. + * + * - rp: an alts_iovec_record_protocol instance. + * - unprotected_vec: an iovec array containing unprotected data. + * - unprotected_vec_length: the array length of unprotected_vec. + * - header: an iovec containing the output frame header. + * - tag: an iovec containing the output frame tag. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is OK to pass nullptr into error_details. + * + * On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an + * error status code along with its details specified in error_details (if + * error_details is not nullptr). + */ +grpc_status_code alts_iovec_record_protocol_integrity_only_protect( + alts_iovec_record_protocol* rp, const iovec_t* unprotected_vec, + size_t unprotected_vec_length, iovec_t header, iovec_t tag, + char** error_details); + +/** + * This method performs integrity-only unprotect operation on a + * alts_iovec_record_protocol instance, i.e., verify frame header and tag. + * + * - rp: an alts_iovec_record_protocol instance. + * - protected_vec: an iovec array containing protected data. + * - protected_vec_length: the array length of protected_vec. + * - header: an iovec containing the frame header. + * - tag: an iovec containing the frame tag. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is OK to pass nullptr into error_details. + * + * On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an + * error status code along with its details specified in error_details (if + * error_details is not nullptr). + */ +grpc_status_code alts_iovec_record_protocol_integrity_only_unprotect( + alts_iovec_record_protocol* rp, const iovec_t* protected_vec, + size_t protected_vec_length, iovec_t header, iovec_t tag, + char** error_details); + +/** + * This method performs privacy-integrity protect operation on a + * alts_iovec_record_protocol instance, i.e., compute a protected frame. The + * caller needs to allocate the memory for the protected frame prior to calling + * this method. + * + * - rp: an alts_iovec_record_protocol instance. + * - unprotected_vec: an iovec array containing unprotected data. + * - unprotected_vec_length: the array length of unprotected_vec. + * - protected_frame: an iovec containing the output protected frame. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is OK to pass nullptr into error_details. + * + * On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an + * error status code along with its details specified in error_details (if + * error_details is not nullptr). + */ +grpc_status_code alts_iovec_record_protocol_privacy_integrity_protect( + alts_iovec_record_protocol* rp, const iovec_t* unprotected_vec, + size_t unprotected_vec_length, iovec_t protected_frame, + char** error_details); + +/** + * This method performs privacy-integrity unprotect operation on a + * alts_iovec_record_protocol instance given a full protected frame, i.e., + * compute the unprotected data. The caller needs to allocated the memory for + * the unprotected data prior to calling this method. + * + * - rp: an alts_iovec_record_protocol instance. + * - header: an iovec containing the frame header. + * - protected_vec: an iovec array containing protected data including the tag. + * - protected_vec_length: the array length of protected_vec. + * - unprotected_data: an iovec containing the output unprotected data. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is OK to pass nullptr into error_details. + * + * On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an + * error status code along with its details specified in error_details (if + * error_details is not nullptr). + */ +grpc_status_code alts_iovec_record_protocol_privacy_integrity_unprotect( + alts_iovec_record_protocol* rp, iovec_t header, + const iovec_t* protected_vec, size_t protected_vec_length, + iovec_t unprotected_data, char** error_details); + +/** + * This method creates an alts_iovec_record_protocol instance, given a + * gsec_aead_crypter instance, a flag indicating if the created instance will be + * used at the client or server side, and a flag indicating if the created + * instance will be used for integrity-only mode or privacy-integrity mode. The + * ownership of gsec_aead_crypter instance is transferred to this new object. + * + * - crypter: a gsec_aead_crypter instance used to perform AEAD decryption. + * - overflow_size: overflow size of counter in bytes. + * - is_client: a flag indicating if the alts_iovec_record_protocol instance + * will be used at the client or server side. + * - is_integrity_only: a flag indicating if the alts_iovec_record_protocol + * instance will be used for integrity-only or privacy-integrity mode. + * - is_protect: a flag indicating if the alts_grpc_record_protocol instance + * will be used for protect or unprotect. + * - rp: an alts_iovec_record_protocol instance to be returned from + * the method. + * - error_details: a buffer containing an error message if the method does not + * function correctly. It is OK to pass nullptr into error_details. + * + * On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an + * error status code along with its details specified in error_details (if + * error_details is not nullptr). + */ +grpc_status_code alts_iovec_record_protocol_create( + gsec_aead_crypter* crypter, size_t overflow_size, bool is_client, + bool is_integrity_only, bool is_protect, alts_iovec_record_protocol** rp, + char** error_details); + +/** + * This method destroys an alts_iovec_record_protocol instance by de-allocating + * all of its occupied memory. A gsec_aead_crypter instance passed in at + * gsec_alts_crypter instance creation time will be destroyed in this method. + */ +void alts_iovec_record_protocol_destroy(alts_iovec_record_protocol* rp); + +#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_IOVEC_RECORD_PROTOCOL_H \ + */ diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc b/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc new file mode 100644 index 0000000000..8c764961b3 --- /dev/null +++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc @@ -0,0 +1,295 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/port_platform.h> + +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h" + +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/gpr/useful.h" +#include "src/core/lib/slice/slice_internal.h" +#include "src/core/tsi/alts/crypt/gsec.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" +#include "src/core/tsi/transport_security_grpc.h" + +constexpr size_t kMinFrameLength = 1024; +constexpr size_t kDefaultFrameLength = 16 * 1024; +constexpr size_t kMaxFrameLength = 1024 * 1024; + +/** + * Main struct for alts_zero_copy_grpc_protector. + * We choose to have two alts_grpc_record_protocol objects and two sets of slice + * buffers: one for protect and the other for unprotect, so that protect and + * unprotect can be executed in parallel. Implementations of this object must be + * thread compatible. + */ +typedef struct alts_zero_copy_grpc_protector { + tsi_zero_copy_grpc_protector base; + alts_grpc_record_protocol* record_protocol; + alts_grpc_record_protocol* unrecord_protocol; + size_t max_protected_frame_size; + size_t max_unprotected_data_size; + grpc_slice_buffer unprotected_staging_sb; + grpc_slice_buffer protected_sb; + grpc_slice_buffer protected_staging_sb; + uint32_t parsed_frame_size; +} alts_zero_copy_grpc_protector; + +/** + * Given a slice buffer, parses the first 4 bytes little-endian unsigned frame + * size and returns the total frame size including the frame field. Caller + * needs to make sure the input slice buffer has at least 4 bytes. Returns true + * on success and false on failure. + */ +static bool read_frame_size(const grpc_slice_buffer* sb, + uint32_t* total_frame_size) { + if (sb == nullptr || sb->length < kZeroCopyFrameLengthFieldSize) { + return false; + } + uint8_t frame_size_buffer[kZeroCopyFrameLengthFieldSize]; + uint8_t* buf = frame_size_buffer; + /* Copies the first 4 bytes to a temporary buffer. */ + size_t remaining = kZeroCopyFrameLengthFieldSize; + for (size_t i = 0; i < sb->count; i++) { + size_t slice_length = GRPC_SLICE_LENGTH(sb->slices[i]); + if (remaining <= slice_length) { + memcpy(buf, GRPC_SLICE_START_PTR(sb->slices[i]), remaining); + remaining = 0; + break; + } else { + memcpy(buf, GRPC_SLICE_START_PTR(sb->slices[i]), slice_length); + buf += slice_length; + remaining -= slice_length; + } + } + GPR_ASSERT(remaining == 0); + /* Gets little-endian frame size. */ + uint32_t frame_size = (((uint32_t)frame_size_buffer[3]) << 24) | + (((uint32_t)frame_size_buffer[2]) << 16) | + (((uint32_t)frame_size_buffer[1]) << 8) | + ((uint32_t)frame_size_buffer[0]); + if (frame_size > kMaxFrameLength) { + gpr_log(GPR_ERROR, "Frame size is larger than maximum frame size"); + return false; + } + /* Returns frame size including frame length field. */ + *total_frame_size = + static_cast<uint32_t>(frame_size + kZeroCopyFrameLengthFieldSize); + return true; +} + +/** + * Creates an alts_grpc_record_protocol object, given key, key size, and flags + * to indicate whether the record_protocol object uses the rekeying AEAD, + * whether the object is for client or server, whether the object is for + * integrity-only or privacy-integrity mode, and whether the object is is used + * for protect or unprotect. + */ +static tsi_result create_alts_grpc_record_protocol( + const uint8_t* key, size_t key_size, bool is_rekey, bool is_client, + bool is_integrity_only, bool is_protect, + alts_grpc_record_protocol** record_protocol) { + if (key == nullptr || record_protocol == nullptr) { + return TSI_INVALID_ARGUMENT; + } + grpc_status_code status; + gsec_aead_crypter* crypter = nullptr; + char* error_details = nullptr; + status = gsec_aes_gcm_aead_crypter_create(key, key_size, kAesGcmNonceLength, + kAesGcmTagLength, is_rekey, + &crypter, &error_details); + if (status != GRPC_STATUS_OK) { + gpr_log(GPR_ERROR, "Failed to create AEAD crypter, %s", error_details); + gpr_free(error_details); + return TSI_INTERNAL_ERROR; + } + size_t overflow_limit = is_rekey ? kAltsRecordProtocolRekeyFrameLimit + : kAltsRecordProtocolFrameLimit; + /* Creates alts_grpc_record_protocol with AEAD crypter ownership transferred. + */ + tsi_result result = + is_integrity_only + ? alts_grpc_integrity_only_record_protocol_create( + crypter, overflow_limit, is_client, is_protect, record_protocol) + : alts_grpc_privacy_integrity_record_protocol_create( + crypter, overflow_limit, is_client, is_protect, + record_protocol); + if (result != TSI_OK) { + gsec_aead_crypter_destroy(crypter); + return result; + } + return TSI_OK; +} + +/* --- tsi_zero_copy_grpc_protector methods implementation. --- */ + +static tsi_result alts_zero_copy_grpc_protector_protect( + tsi_zero_copy_grpc_protector* self, grpc_slice_buffer* unprotected_slices, + grpc_slice_buffer* protected_slices) { + if (self == nullptr || unprotected_slices == nullptr || + protected_slices == nullptr) { + gpr_log(GPR_ERROR, "Invalid nullptr arguments to zero-copy grpc protect."); + return TSI_INVALID_ARGUMENT; + } + alts_zero_copy_grpc_protector* protector = + reinterpret_cast<alts_zero_copy_grpc_protector*>(self); + /* Calls alts_grpc_record_protocol protect repeatly. */ + while (unprotected_slices->length > protector->max_unprotected_data_size) { + grpc_slice_buffer_move_first(unprotected_slices, + protector->max_unprotected_data_size, + &protector->unprotected_staging_sb); + tsi_result status = alts_grpc_record_protocol_protect( + protector->record_protocol, &protector->unprotected_staging_sb, + protected_slices); + if (status != TSI_OK) { + return status; + } + } + return alts_grpc_record_protocol_protect( + protector->record_protocol, unprotected_slices, protected_slices); +} + +static tsi_result alts_zero_copy_grpc_protector_unprotect( + tsi_zero_copy_grpc_protector* self, grpc_slice_buffer* protected_slices, + grpc_slice_buffer* unprotected_slices) { + if (self == nullptr || unprotected_slices == nullptr || + protected_slices == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to zero-copy grpc unprotect."); + return TSI_INVALID_ARGUMENT; + } + alts_zero_copy_grpc_protector* protector = + reinterpret_cast<alts_zero_copy_grpc_protector*>(self); + grpc_slice_buffer_move_into(protected_slices, &protector->protected_sb); + /* Keep unprotecting each frame if possible. */ + while (protector->protected_sb.length >= kZeroCopyFrameLengthFieldSize) { + if (protector->parsed_frame_size == 0) { + /* We have not parsed frame size yet. Parses frame size. */ + if (!read_frame_size(&protector->protected_sb, + &protector->parsed_frame_size)) { + grpc_slice_buffer_reset_and_unref_internal(&protector->protected_sb); + return TSI_DATA_CORRUPTED; + } + } + if (protector->protected_sb.length < protector->parsed_frame_size) break; + /* At this point, protected_sb contains at least one frame of data. */ + tsi_result status; + if (protector->protected_sb.length == protector->parsed_frame_size) { + status = alts_grpc_record_protocol_unprotect(protector->unrecord_protocol, + &protector->protected_sb, + unprotected_slices); + } else { + grpc_slice_buffer_move_first(&protector->protected_sb, + protector->parsed_frame_size, + &protector->protected_staging_sb); + status = alts_grpc_record_protocol_unprotect( + protector->unrecord_protocol, &protector->protected_staging_sb, + unprotected_slices); + } + protector->parsed_frame_size = 0; + if (status != TSI_OK) { + grpc_slice_buffer_reset_and_unref_internal(&protector->protected_sb); + return status; + } + } + return TSI_OK; +} + +static void alts_zero_copy_grpc_protector_destroy( + tsi_zero_copy_grpc_protector* self) { + if (self == nullptr) { + return; + } + alts_zero_copy_grpc_protector* protector = + reinterpret_cast<alts_zero_copy_grpc_protector*>(self); + alts_grpc_record_protocol_destroy(protector->record_protocol); + alts_grpc_record_protocol_destroy(protector->unrecord_protocol); + grpc_slice_buffer_destroy_internal(&protector->unprotected_staging_sb); + grpc_slice_buffer_destroy_internal(&protector->protected_sb); + grpc_slice_buffer_destroy_internal(&protector->protected_staging_sb); + gpr_free(protector); +} + +static const tsi_zero_copy_grpc_protector_vtable + alts_zero_copy_grpc_protector_vtable = { + alts_zero_copy_grpc_protector_protect, + alts_zero_copy_grpc_protector_unprotect, + alts_zero_copy_grpc_protector_destroy}; + +tsi_result alts_zero_copy_grpc_protector_create( + const uint8_t* key, size_t key_size, bool is_rekey, bool is_client, + bool is_integrity_only, size_t* max_protected_frame_size, + tsi_zero_copy_grpc_protector** protector) { + if (grpc_core::ExecCtx::Get() == nullptr || key == nullptr || + protector == nullptr) { + gpr_log( + GPR_ERROR, + "Invalid nullptr arguments to alts_zero_copy_grpc_protector create."); + return TSI_INVALID_ARGUMENT; + } + /* Creates alts_zero_copy_protector. */ + alts_zero_copy_grpc_protector* impl = + static_cast<alts_zero_copy_grpc_protector*>( + gpr_zalloc(sizeof(alts_zero_copy_grpc_protector))); + /* Creates alts_grpc_record_protocol objects. */ + tsi_result status = create_alts_grpc_record_protocol( + key, key_size, is_rekey, is_client, is_integrity_only, + /*is_protect=*/true, &impl->record_protocol); + if (status == TSI_OK) { + status = create_alts_grpc_record_protocol( + key, key_size, is_rekey, is_client, is_integrity_only, + /*is_protect=*/false, &impl->unrecord_protocol); + if (status == TSI_OK) { + /* Sets maximum frame size. */ + size_t max_protected_frame_size_to_set = kDefaultFrameLength; + if (max_protected_frame_size != nullptr) { + *max_protected_frame_size = + GPR_MIN(*max_protected_frame_size, kMaxFrameLength); + *max_protected_frame_size = + GPR_MAX(*max_protected_frame_size, kMinFrameLength); + max_protected_frame_size_to_set = *max_protected_frame_size; + } + impl->max_protected_frame_size = max_protected_frame_size_to_set; + impl->max_unprotected_data_size = + alts_grpc_record_protocol_max_unprotected_data_size( + impl->record_protocol, max_protected_frame_size_to_set); + GPR_ASSERT(impl->max_unprotected_data_size > 0); + /* Allocates internal slice buffers. */ + grpc_slice_buffer_init(&impl->unprotected_staging_sb); + grpc_slice_buffer_init(&impl->protected_sb); + grpc_slice_buffer_init(&impl->protected_staging_sb); + impl->parsed_frame_size = 0; + impl->base.vtable = &alts_zero_copy_grpc_protector_vtable; + *protector = &impl->base; + return TSI_OK; + } + } + + /* Cleanup if create failed. */ + alts_grpc_record_protocol_destroy(impl->record_protocol); + alts_grpc_record_protocol_destroy(impl->unrecord_protocol); + gpr_free(impl); + return TSI_INTERNAL_ERROR; +} diff --git a/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h b/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h new file mode 100644 index 0000000000..71e953cfc1 --- /dev/null +++ b/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h @@ -0,0 +1,52 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_ZERO_COPY_GRPC_PROTECTOR_H +#define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_ZERO_COPY_GRPC_PROTECTOR_H + +#include <grpc/support/port_platform.h> + +#include <stdbool.h> + +#include "src/core/tsi/transport_security_grpc.h" + +/** + * This method creates an ALTS zero-copy grpc protector. + * + * - key: a symmetric key used to seal/unseal frames. + * - key_size: the size of symmetric key. + * - is_rekey: use rekeying AEAD crypter. + * - is_client: a flag indicating if the protector will be used at client or + * server side. + * - is_integrity_only: a flag indicating if the protector instance will be + * used for integrity-only or privacy-integrity mode. + * - max_protected_frame_size: an in/out parameter indicating max frame size + * to be used by the protector. If it is nullptr, the default frame size will + * be used. Otherwise, the provided frame size will be adjusted (if not + * falling into a valid frame range) and used. + * - protector: a pointer to the zero-copy protector returned from the method. + * + * This method returns TSI_OK on success or a specific error code otherwise. + */ +tsi_result alts_zero_copy_grpc_protector_create( + const uint8_t* key, size_t key_size, bool is_rekey, bool is_client, + bool is_integrity_only, size_t* max_protected_frame_size, + tsi_zero_copy_grpc_protector** protector); + +#endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_ZERO_COPY_GRPC_PROTECTOR_H \ + */ diff --git a/src/python/grpcio/grpc_core_dependencies.py b/src/python/grpcio/grpc_core_dependencies.py index 75156793f1..dd3a8f963f 100644 --- a/src/python/grpcio/grpc_core_dependencies.py +++ b/src/python/grpcio/grpc_core_dependencies.py @@ -220,6 +220,7 @@ CORE_SOURCE_FILES = [ 'src/core/ext/filters/http/server/http_server_filter.cc', 'src/core/lib/http/httpcli_security_connector.cc', 'src/core/lib/security/context/security_context.cc', + 'src/core/lib/security/credentials/alts/alts_credentials.cc', 'src/core/lib/security/credentials/composite/composite_credentials.cc', 'src/core/lib/security/credentials/credentials.cc', 'src/core/lib/security/credentials/credentials_metadata.cc', @@ -233,6 +234,7 @@ CORE_SOURCE_FILES = [ 'src/core/lib/security/credentials/oauth2/oauth2_credentials.cc', 'src/core/lib/security/credentials/plugin/plugin_credentials.cc', 'src/core/lib/security/credentials/ssl/ssl_credentials.cc', + 'src/core/lib/security/security_connector/alts_security_connector.cc', 'src/core/lib/security/security_connector/security_connector.cc', 'src/core/lib/security/transport/client_auth_filter.cc', 'src/core/lib/security/transport/secure_endpoint.cc', @@ -242,14 +244,45 @@ CORE_SOURCE_FILES = [ 'src/core/lib/security/transport/tsi_error.cc', 'src/core/lib/security/util/json_util.cc', 'src/core/lib/surface/init_secure.cc', - 'src/core/tsi/alts_transport_security.cc', - 'src/core/tsi/fake_transport_security.cc', - 'src/core/tsi/ssl_transport_security.cc', - 'src/core/tsi/transport_security_grpc.cc', + 'src/core/tsi/alts/crypt/aes_gcm.cc', + 'src/core/tsi/alts/crypt/gsec.cc', + 'src/core/tsi/alts/frame_protector/alts_counter.cc', + 'src/core/tsi/alts/frame_protector/alts_crypter.cc', + 'src/core/tsi/alts/frame_protector/alts_frame_protector.cc', + 'src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc', + 'src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc', + 'src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc', + 'src/core/tsi/alts/frame_protector/frame_handler.cc', + 'src/core/tsi/alts/handshaker/alts_handshaker_client.cc', + 'src/core/tsi/alts/handshaker/alts_tsi_event.cc', + 'src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc', + 'src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc', + 'src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc', + 'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc', + 'src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc', + 'src/core/tsi/alts/handshaker/alts_tsi_utils.cc', + 'src/core/tsi/alts/handshaker/transport_security_common_api.cc', + 'src/core/tsi/alts/handshaker/altscontext.pb.c', + 'src/core/tsi/alts/handshaker/handshaker.pb.c', + 'src/core/tsi/alts/handshaker/transport_security_common.pb.c', + 'third_party/nanopb/pb_common.c', + 'third_party/nanopb/pb_decode.c', + 'third_party/nanopb/pb_encode.c', 'src/core/tsi/transport_security.cc', 'src/core/tsi/transport_security_adapter.cc', - 'src/core/ext/transport/chttp2/server/chttp2_server.cc', - 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc', + 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc', + 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc', + 'src/core/ext/transport/chttp2/client/chttp2_connector.cc', 'src/core/ext/filters/client_channel/backup_poller.cc', 'src/core/ext/filters/client_channel/channel_connectivity.cc', 'src/core/ext/filters/client_channel/client_channel.cc', @@ -273,11 +306,14 @@ CORE_SOURCE_FILES = [ 'src/core/ext/filters/client_channel/subchannel_index.cc', 'src/core/ext/filters/client_channel/uri_parser.cc', 'src/core/ext/filters/deadline/deadline_filter.cc', - 'src/core/ext/transport/chttp2/client/chttp2_connector.cc', + 'src/core/tsi/alts_transport_security.cc', + 'src/core/tsi/fake_transport_security.cc', + 'src/core/tsi/ssl_transport_security.cc', + 'src/core/tsi/transport_security_grpc.cc', + 'src/core/ext/transport/chttp2/server/chttp2_server.cc', + 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc', 'src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc', 'src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc', 'src/core/ext/transport/inproc/inproc_plugin.cc', 'src/core/ext/transport/inproc/inproc_transport.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc', @@ -286,9 +322,6 @@ CORE_SOURCE_FILES = [ 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c', - 'third_party/nanopb/pb_common.c', - 'third_party/nanopb/pb_decode.c', - 'third_party/nanopb/pb_encode.c', 'src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc', 'src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc', 'src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc', diff --git a/templates/CMakeLists.txt.template b/templates/CMakeLists.txt.template index 0f088436d1..ef4d7d710c 100644 --- a/templates/CMakeLists.txt.template +++ b/templates/CMakeLists.txt.template @@ -138,6 +138,8 @@ ## Some libraries are shared even with BUILD_SHARED_LIBRARIES=OFF set(CMAKE_POSITION_INDEPENDENT_CODE TRUE) + + add_definitions(-DPB_FIELD_16BIT) if (MSVC) include(cmake/msvc_static_runtime.cmake) diff --git a/templates/Makefile.template b/templates/Makefile.template index 390847b4f2..196d12f678 100644 --- a/templates/Makefile.template +++ b/templates/Makefile.template @@ -221,6 +221,8 @@ % endif % endfor + DEFINES += PB_FIELD_16BIT + CPPFLAGS += $(CPPFLAGS_$(CONFIG)) CFLAGS += $(CFLAGS_$(CONFIG)) CXXFLAGS += $(CXXFLAGS_$(CONFIG)) diff --git a/templates/gRPC-Core.podspec.template b/templates/gRPC-Core.podspec.template index c28b78dbdf..3e80d602e1 100644 --- a/templates/gRPC-Core.podspec.template +++ b/templates/gRPC-Core.podspec.template @@ -144,7 +144,7 @@ } s.default_subspecs = 'Interface', 'Implementation' - s.compiler_flags = '-DGRPC_ARES=0' + s.compiler_flags = '-DGRPC_ARES=0', '-DPB_FIELD_16BIT' s.libraries = 'c++' # Like many other C libraries, gRPC-Core has its public headers under `include/<libname>/` and its diff --git a/templates/grpc.gyp.template b/templates/grpc.gyp.template index 3363082a83..2ea0d06ebd 100644 --- a/templates/grpc.gyp.template +++ b/templates/grpc.gyp.template @@ -60,11 +60,11 @@ % endfor 'cflags_c': [ '-Werror', - '-std=c99' + '-std=c99', ], 'cflags_cc': [ '-Werror', - '-std=c++11' + '-std=c++11', ], 'include_dirs': [ '.', @@ -127,7 +127,7 @@ % endfor '-stdlib=libc++', '-std=c++11', - '-Wno-error=deprecated-declarations' + '-Wno-error=deprecated-declarations', ], % endif }, diff --git a/test/core/security/BUILD b/test/core/security/BUILD index 9776e6d5fd..68de2d169f 100644 --- a/test/core/security/BUILD +++ b/test/core/security/BUILD @@ -161,3 +161,39 @@ grpc_cc_binary( "//test/core/util:grpc_test_util", ], ) + +grpc_cc_test( + name = "check_gcp_environment_linux_test", + srcs = ["check_gcp_environment_linux_test.cc"], + language = "C++", + deps = [ + "//:grpc", + ], +) + +grpc_cc_test( + name = "check_gcp_environment_windows_test", + srcs = ["check_gcp_environment_windows_test.cc"], + language = "C++", + deps = [ + "//:grpc", + ], +) + +grpc_cc_test( + name = "grpc_alts_credentials_options_test", + srcs = ["grpc_alts_credentials_options_test.cc"], + language = "C++", + deps = [ + "//:grpc", + ], +) + +grpc_cc_test( + name = "alts_security_connector_test", + srcs = ["alts_security_connector_test.cc"], + language = "C++", + deps = [ + "//:grpc", + ], +) diff --git a/test/core/security/alts_security_connector_test.cc b/test/core/security/alts_security_connector_test.cc new file mode 100644 index 0000000000..103a493526 --- /dev/null +++ b/test/core/security/alts_security_connector_test.cc @@ -0,0 +1,166 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <grpc/grpc.h> +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/security/security_connector/alts_security_connector.h" +#include "src/core/lib/transport/transport.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" +#include "src/core/tsi/transport_security.h" + +using grpc_core::internal::grpc_alts_auth_context_from_tsi_peer; + +/* This file contains unit tests of grpc_alts_auth_context_from_tsi_peer(). */ +static void test_invalid_input_failure() { + tsi_peer peer; + grpc_auth_context* ctx; + GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(nullptr, &ctx) == + GRPC_SECURITY_ERROR); + GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, nullptr) == + GRPC_SECURITY_ERROR); +} + +static void test_empty_certificate_type_failure() { + tsi_peer peer; + grpc_auth_context* ctx = nullptr; + GPR_ASSERT(tsi_construct_peer(0, &peer) == TSI_OK); + GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) == + GRPC_SECURITY_ERROR); + GPR_ASSERT(ctx == nullptr); + tsi_peer_destruct(&peer); +} + +static void test_empty_peer_property_failure() { + tsi_peer peer; + grpc_auth_context* ctx; + GPR_ASSERT(tsi_construct_peer(1, &peer) == TSI_OK); + GPR_ASSERT(tsi_construct_string_peer_property_from_cstring( + TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE, + &peer.properties[0]) == TSI_OK); + GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) == + GRPC_SECURITY_ERROR); + GPR_ASSERT(ctx == nullptr); + tsi_peer_destruct(&peer); +} + +static void test_missing_rpc_protocol_versions_property_failure() { + tsi_peer peer; + grpc_auth_context* ctx; + GPR_ASSERT(tsi_construct_peer(kTsiAltsNumOfPeerProperties, &peer) == TSI_OK); + GPR_ASSERT(tsi_construct_string_peer_property_from_cstring( + TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE, + &peer.properties[0]) == TSI_OK); + GPR_ASSERT(tsi_construct_string_peer_property_from_cstring( + TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, "alice", + &peer.properties[1]) == TSI_OK); + GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) == + GRPC_SECURITY_ERROR); + GPR_ASSERT(ctx == nullptr); + tsi_peer_destruct(&peer); +} + +static void test_unknown_peer_property_failure() { + tsi_peer peer; + grpc_auth_context* ctx; + GPR_ASSERT(tsi_construct_peer(kTsiAltsNumOfPeerProperties, &peer) == TSI_OK); + GPR_ASSERT(tsi_construct_string_peer_property_from_cstring( + TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE, + &peer.properties[0]) == TSI_OK); + GPR_ASSERT(tsi_construct_string_peer_property_from_cstring( + "unknown", "alice", &peer.properties[1]) == TSI_OK); + GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) == + GRPC_SECURITY_ERROR); + GPR_ASSERT(ctx == nullptr); + tsi_peer_destruct(&peer); +} + +static bool test_identity(const grpc_auth_context* ctx, + const char* expected_property_name, + const char* expected_identity) { + grpc_auth_property_iterator it; + const grpc_auth_property* prop; + GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx)); + it = grpc_auth_context_peer_identity(ctx); + prop = grpc_auth_property_iterator_next(&it); + GPR_ASSERT(prop != nullptr); + if (strcmp(prop->name, expected_property_name) != 0) { + gpr_log(GPR_ERROR, "Expected peer identity property name %s and got %s.", + expected_property_name, prop->name); + return false; + } + if (strncmp(prop->value, expected_identity, prop->value_length) != 0) { + gpr_log(GPR_ERROR, "Expected peer identity %s and got got %s.", + expected_identity, prop->value); + return false; + } + return true; +} + +static void test_alts_peer_to_auth_context_success() { + tsi_peer peer; + grpc_auth_context* ctx; + GPR_ASSERT(tsi_construct_peer(kTsiAltsNumOfPeerProperties, &peer) == TSI_OK); + GPR_ASSERT(tsi_construct_string_peer_property_from_cstring( + TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE, + &peer.properties[0]) == TSI_OK); + GPR_ASSERT(tsi_construct_string_peer_property_from_cstring( + TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, "alice", + &peer.properties[1]) == TSI_OK); + grpc_gcp_rpc_protocol_versions peer_versions; + grpc_gcp_rpc_protocol_versions_set_max(&peer_versions, + GRPC_PROTOCOL_VERSION_MAX_MAJOR, + GRPC_PROTOCOL_VERSION_MAX_MINOR); + grpc_gcp_rpc_protocol_versions_set_min(&peer_versions, + GRPC_PROTOCOL_VERSION_MIN_MAJOR, + GRPC_PROTOCOL_VERSION_MIN_MINOR); + grpc_slice serialized_peer_versions; + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode(&peer_versions, + &serialized_peer_versions)); + + GPR_ASSERT(tsi_construct_string_peer_property( + TSI_ALTS_RPC_VERSIONS, + reinterpret_cast<char*>( + GRPC_SLICE_START_PTR(serialized_peer_versions)), + GRPC_SLICE_LENGTH(serialized_peer_versions), + &peer.properties[2]) == TSI_OK); + GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) == + GRPC_SECURITY_OK); + GPR_ASSERT( + test_identity(ctx, TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, "alice")); + GRPC_AUTH_CONTEXT_UNREF(ctx, "test"); + grpc_slice_unref(serialized_peer_versions); + tsi_peer_destruct(&peer); +} + +int main(int argc, char** argv) { + /* Test. */ + test_invalid_input_failure(); + test_empty_certificate_type_failure(); + test_empty_peer_property_failure(); + test_unknown_peer_property_failure(); + test_missing_rpc_protocol_versions_property_failure(); + test_alts_peer_to_auth_context_success(); + + return 0; +} diff --git a/test/core/security/check_gcp_environment_linux_test.cc b/test/core/security/check_gcp_environment_linux_test.cc new file mode 100644 index 0000000000..6c436a3945 --- /dev/null +++ b/test/core/security/check_gcp_environment_linux_test.cc @@ -0,0 +1,83 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "src/core/lib/security/credentials/alts/check_gcp_environment.h" + +#if GPR_LINUX + +#include <stdio.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/gpr/tmpfile.h" + +static bool check_bios_data_linux_test(const char* data) { + /* Create a file with contents data. */ + char* filename = nullptr; + FILE* fp = gpr_tmpfile("check_gcp_environment_test", &filename); + GPR_ASSERT(filename != nullptr); + GPR_ASSERT(fp != nullptr); + GPR_ASSERT(fwrite(data, 1, strlen(data), fp) == strlen(data)); + fclose(fp); + bool result = grpc_core::internal::check_bios_data( + reinterpret_cast<const char*>(filename)); + /* Cleanup. */ + remove(filename); + gpr_free(filename); + return result; +} + +static void test_gcp_environment_check_success() { + /* Exact match. */ + GPR_ASSERT(check_bios_data_linux_test("Google")); + GPR_ASSERT(check_bios_data_linux_test("Google Compute Engine")); + /* With leading and trailing whitespaces. */ + GPR_ASSERT(check_bios_data_linux_test(" Google ")); + GPR_ASSERT(check_bios_data_linux_test("Google ")); + GPR_ASSERT(check_bios_data_linux_test(" Google")); + GPR_ASSERT(check_bios_data_linux_test(" Google Compute Engine ")); + GPR_ASSERT(check_bios_data_linux_test("Google Compute Engine ")); + GPR_ASSERT(check_bios_data_linux_test(" Google Compute Engine")); + /* With leading and trailing \t and \n. */ + GPR_ASSERT(check_bios_data_linux_test("\t\tGoogle Compute Engine\t")); + GPR_ASSERT(check_bios_data_linux_test("Google Compute Engine\n")); + GPR_ASSERT(check_bios_data_linux_test("\n\n\tGoogle Compute Engine \n\t\t")); +} + +static void test_gcp_environment_check_failure() { + GPR_ASSERT(!check_bios_data_linux_test("non_existing-file")); + GPR_ASSERT(!check_bios_data_linux_test("Google-Chrome")); + GPR_ASSERT(!check_bios_data_linux_test("Amazon")); + GPR_ASSERT(!check_bios_data_linux_test("Google-Chrome\t\t")); + GPR_ASSERT(!check_bios_data_linux_test("Amazon")); +} + +int main(int argc, char** argv) { + /* Tests. */ + test_gcp_environment_check_success(); + test_gcp_environment_check_failure(); + return 0; +} + +#else // GPR_LINUX + +int main(int argc, char** argv) { return 0; } + +#endif // GPR_LINUX diff --git a/test/core/security/check_gcp_environment_windows_test.cc b/test/core/security/check_gcp_environment_windows_test.cc new file mode 100644 index 0000000000..46179b747d --- /dev/null +++ b/test/core/security/check_gcp_environment_windows_test.cc @@ -0,0 +1,71 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "src/core/lib/security/credentials/alts/check_gcp_environment.h" + +#ifdef GPR_WINDOWS + +#include <stdio.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> +#include "src/core/lib/gpr/tmpfile.h" + +static bool check_bios_data_windows_test(const char* data) { + /* Create a file with contents data. */ + char* filename = nullptr; + FILE* fp = gpr_tmpfile("check_gcp_environment_test", &filename); + GPR_ASSERT(filename != nullptr); + GPR_ASSERT(fp != nullptr); + GPR_ASSERT(fwrite(data, 1, strlen(data), fp) == strlen(data)); + fclose(fp); + bool result = grpc_core::internal::check_bios_data( + reinterpret_cast<const char*>(filename)); + /* Cleanup. */ + remove(filename); + gpr_free(filename); + return result; +} + +static void test_gcp_environment_check_success() { + GPR_ASSERT(check_bios_data_windows_test("Google")); + GPR_ASSERT(check_bios_data_windows_test("Google\n")); + GPR_ASSERT(check_bios_data_windows_test("Google\r")); + GPR_ASSERT(check_bios_data_windows_test("Google\r\n")); + GPR_ASSERT(check_bios_data_windows_test(" Google \r\n")); + GPR_ASSERT(check_bios_data_windows_test(" \t\t Google\r\n")); + GPR_ASSERT(check_bios_data_windows_test(" \t\t Google\t\t \r\n")); +} + +static void test_gcp_environment_check_failure() { + GPR_ASSERT(!check_bios_data_windows_test("\t\tAmazon\n")); + GPR_ASSERT(!check_bios_data_windows_test(" Amazon\r\n")); +} + +int main(int argc, char** argv) { + /* Tests. */ + test_gcp_environment_check_success(); + test_gcp_environment_check_failure(); + return 0; +} +#else // GPR_WINDOWS + +int main(int argc, char** argv) { return 0; } + +#endif // GPR_WINDOWS diff --git a/test/core/security/grpc_alts_credentials_options_test.cc b/test/core/security/grpc_alts_credentials_options_test.cc new file mode 100644 index 0000000000..1217065507 --- /dev/null +++ b/test/core/security/grpc_alts_credentials_options_test.cc @@ -0,0 +1,118 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <grpc/grpc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h" + +#define ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_1 "abc@google.com" +#define ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_2 "def@google.com" + +const size_t kTargetServiceAccountNum = 2; + +static void test_add_target_service_account_failure() { + /* Initialization. */ + grpc_alts_credentials_options* options = + grpc_alts_credentials_client_options_create(); + auto client_options = + reinterpret_cast<grpc_alts_credentials_client_options*>(options); + + /* Test. */ + GPR_ASSERT(!grpc_alts_credentials_client_options_add_target_service_account( + client_options, nullptr)); + GPR_ASSERT(!grpc_alts_credentials_client_options_add_target_service_account( + nullptr, ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_1)); + + /* Cleanup. */ + grpc_alts_credentials_options_destroy(options); +} + +static void test_copy_client_options_failure() { + /* Initialization. */ + grpc_alts_credentials_options* options = + grpc_alts_credentials_client_options_create(); + + /* Test. */ + GPR_ASSERT(grpc_alts_credentials_options_copy(nullptr) == nullptr); + + /* Cleanup. */ + grpc_alts_credentials_options_destroy(options); +} + +static size_t get_target_service_account_num( + grpc_alts_credentials_client_options* options) { + size_t num = 0; + target_service_account* node = options->target_account_list_head; + while (node != nullptr) { + num++; + node = node->next; + } + return num; +} + +static void test_client_options_api_success() { + /* Initialization. */ + grpc_alts_credentials_options* options = + grpc_alts_credentials_client_options_create(); + auto client_options = + reinterpret_cast<grpc_alts_credentials_client_options*>(options); + + /* Set client options fields. */ + grpc_alts_credentials_client_options_add_target_service_account( + client_options, ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_1); + grpc_alts_credentials_client_options_add_target_service_account( + client_options, ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_2); + + /* Validate client option fields. */ + GPR_ASSERT(get_target_service_account_num(client_options) == + kTargetServiceAccountNum); + GPR_ASSERT(strcmp(client_options->target_account_list_head->data, + ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_2) == 0); + GPR_ASSERT(strcmp(client_options->target_account_list_head->next->data, + ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_1) == 0); + + /* Perform a copy operation and validate its correctness. */ + grpc_alts_credentials_options* new_options = + grpc_alts_credentials_options_copy(options); + auto new_client_options = + reinterpret_cast<grpc_alts_credentials_client_options*>(new_options); + + GPR_ASSERT(get_target_service_account_num(new_client_options) == + kTargetServiceAccountNum); + GPR_ASSERT(strcmp(new_client_options->target_account_list_head->data, + ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_2) == 0); + GPR_ASSERT(strcmp(new_client_options->target_account_list_head->next->data, + ALTS_CLIENT_OPTIONS_TEST_TARGET_SERVICE_ACCOUNT_1) == 0); + + /* Cleanup.*/ + grpc_alts_credentials_options_destroy(options); + grpc_alts_credentials_options_destroy(new_options); +} + +int main(int argc, char** argv) { + /* Test. */ + test_add_target_service_account_failure(); + test_copy_client_options_failure(); + test_client_options_api_success(); + return 0; +} diff --git a/test/core/tsi/BUILD b/test/core/tsi/BUILD index e28c0b5f84..8ac3e7687c 100644 --- a/test/core/tsi/BUILD +++ b/test/core/tsi/BUILD @@ -16,7 +16,7 @@ load("//bazel:grpc_build_system.bzl", "grpc_cc_library", "grpc_cc_test", "grpc_c licenses(["notice"]) # Apache v2 -grpc_package(name = "test/core/tsi") +grpc_package(name = "test/core/tsi", visibility = "public") grpc_cc_library( name = "transport_security_test_lib", diff --git a/test/core/tsi/alts/crypt/BUILD b/test/core/tsi/alts/crypt/BUILD new file mode 100644 index 0000000000..0057d7f6e6 --- /dev/null +++ b/test/core/tsi/alts/crypt/BUILD @@ -0,0 +1,38 @@ +# Copyright 2018 gRPC authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +load("//bazel:grpc_build_system.bzl", "grpc_cc_library", "grpc_cc_test", "grpc_package") + +licenses(["notice"]) # Apache v2 + +grpc_package(name = "crypt", visibility = "public") + +grpc_cc_library( + name = "alts_crypt_test_util", + srcs = ["gsec_test_util.cc"], + hdrs = ["gsec_test_util.h"], + deps = [ + "//:grpc", + ], +) + +grpc_cc_test( + name = "alts_crypt_test", + srcs = ["aes_gcm_test.cc"], + language = "C++", + deps = [ + ":alts_crypt_test_util", + "//:grpc", + ], +) diff --git a/test/core/tsi/alts/crypt/aes_gcm_test.cc b/test/core/tsi/alts/crypt/aes_gcm_test.cc new file mode 100644 index 0000000000..576dd8f27b --- /dev/null +++ b/test/core/tsi/alts/crypt/aes_gcm_test.cc @@ -0,0 +1,2105 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "src/core/tsi/alts/crypt/gsec.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +const size_t kTestMinTagLengthForCorruption = 8; +const size_t kTestNumCrypters = 3; +const size_t kTestMaxSlices = 5; +const size_t kTestMaxLength = 1024; +const size_t kTestNumEncryptions = 100; + +/* Struct for pre-generated test vector */ +typedef struct gsec_aead_test_vector { + uint8_t* nonce; + uint8_t* aad; + uint8_t* key; + uint8_t* plaintext; + uint8_t* ciphertext_and_tag; + size_t nonce_length; + size_t aad_length; + size_t key_length; + size_t plaintext_length; + size_t ciphertext_and_tag_length; +} gsec_aead_test_vector; + +static void gsec_randomly_slice(uint8_t* input, size_t input_length, + struct iovec** output, size_t* output_length) { + if (input_length == 0) { + *output = nullptr; + *output_length = 0; + return; + } + *output_length = gsec_test_bias_random_uint32(kTestMaxSlices) + 1; + *output = + static_cast<struct iovec*>(malloc(*output_length * sizeof(**output))); + size_t i; + for (i = 0; i < *output_length - 1; i++) { + size_t slice_length = + gsec_test_bias_random_uint32(static_cast<uint32_t>(input_length)); + struct iovec slice = {input, slice_length}; + (*output)[i] = slice; + input += slice_length; + input_length -= slice_length; + } + struct iovec slice = {input, input_length}; + (*output)[*output_length - 1] = slice; +} + +static void gsec_assert_ok(grpc_status_code status, const char* error_detail) { + char empty_string[] = ""; + if (error_detail == nullptr) { + error_detail = empty_string; + } + if (status != GRPC_STATUS_OK) { + fprintf(stderr, "Status is not ok: %s\n", error_detail); + } + GPR_ASSERT(status == GRPC_STATUS_OK); +} + +static void gsec_test_random_encrypt_decrypt(gsec_aead_crypter* crypter, + size_t aad_length, + size_t message_length) { + GPR_ASSERT(crypter != nullptr); + size_t nonce_length, tag_length; + uint8_t *nonce, *aad, *message; + gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr); + gsec_aead_crypter_tag_length(crypter, &tag_length, nullptr); + + gsec_test_random_array(&nonce, nonce_length); + gsec_test_random_array(&aad, aad_length); + gsec_test_random_array(&message, message_length); + + /* Test encryption */ + size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0; + gsec_aead_crypter_max_ciphertext_and_tag_length( + crypter, message_length, &ciphertext_and_tag_length, nullptr); + + uint8_t* ciphertext_and_tag = + static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length)); + + char* error_buffer = nullptr; + gsec_assert_ok( + gsec_aead_crypter_encrypt(crypter, nonce, nonce_length, aad, aad_length, + message, message_length, ciphertext_and_tag, + ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_buffer), + error_buffer); + GPR_ASSERT(message_length + tag_length == ciphertext_and_tag_length); + GPR_ASSERT(ciphertext_bytes_written == ciphertext_and_tag_length); + + /* Test decryption */ + size_t plaintext_length, plaintext_bytes_written = 0; + gsec_aead_crypter_max_plaintext_length(crypter, ciphertext_bytes_written, + &plaintext_length, nullptr); + uint8_t* plaintext = static_cast<uint8_t*>(gpr_malloc(plaintext_length)); + grpc_status_code status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag, + ciphertext_bytes_written, plaintext, plaintext_length, + &plaintext_bytes_written, nullptr); + + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(message_length == plaintext_bytes_written); + GPR_ASSERT(memcmp(message, plaintext, message_length) == 0); + + /** + * The returned plaintext will be zeroed if there was an authentication error. + */ + uint8_t* zero_message = static_cast<uint8_t*>(gpr_zalloc(plaintext_length)); + if (tag_length >= kTestMinTagLengthForCorruption) { + char* error_message; + /* Corrupt nonce */ + if (nonce_length > 0) { + plaintext_bytes_written = 0; + uint8_t* corrupt_nonce; + gsec_test_copy_and_alter_random_byte(nonce, &corrupt_nonce, nonce_length); + status = gsec_aead_crypter_decrypt( + crypter, corrupt_nonce, nonce_length, aad, aad_length, + ciphertext_and_tag, ciphertext_bytes_written, plaintext, + plaintext_length, &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, "Checking tag failed.", + error_message)); + GPR_ASSERT(plaintext_bytes_written == 0); + GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0); + gpr_free(corrupt_nonce); + gpr_free(error_message); + } + + /* Corrupt ciphertext_and_tag */ + plaintext_bytes_written = 0; + uint8_t* corrupt_ciphertext_and_tag; + gsec_test_copy_and_alter_random_byte(ciphertext_and_tag, + &corrupt_ciphertext_and_tag, + ciphertext_and_tag_length); + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, + corrupt_ciphertext_and_tag, ciphertext_bytes_written, plaintext, + plaintext_length, &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(plaintext_bytes_written == 0); + GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0); + gpr_free(error_message); + gpr_free(corrupt_ciphertext_and_tag); + + /* Corrupt start of ciphertext_and_tag */ + plaintext_bytes_written = 0; + gsec_test_copy(ciphertext_and_tag, &corrupt_ciphertext_and_tag, + ciphertext_and_tag_length); + (*corrupt_ciphertext_and_tag)++; + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, + corrupt_ciphertext_and_tag, ciphertext_bytes_written, plaintext, + plaintext_length, &plaintext_bytes_written, &error_message); + GPR_ASSERT(plaintext_bytes_written == 0); + GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + gpr_free(error_message); + gpr_free(corrupt_ciphertext_and_tag); + + /* Corrupt end of ciphertext_and_tag */ + plaintext_bytes_written = 0; + gsec_test_copy(ciphertext_and_tag, &corrupt_ciphertext_and_tag, + ciphertext_and_tag_length); + (*(corrupt_ciphertext_and_tag + ciphertext_and_tag_length - 1))++; + + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, + corrupt_ciphertext_and_tag, ciphertext_bytes_written, plaintext, + plaintext_length, &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(plaintext_bytes_written == 0); + GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0); + gpr_free(error_message); + gpr_free(corrupt_ciphertext_and_tag); + } + + gpr_free(zero_message); + gpr_free(nonce); + gpr_free(aad); + gpr_free(message); + gpr_free(plaintext); + gpr_free(ciphertext_and_tag); +} + +static void gsec_test_encrypt_decrypt(gsec_aead_crypter* crypter) { + GPR_ASSERT(crypter != nullptr); + size_t aad_length, message_length; + aad_length = gsec_test_bias_random_uint32(kTestMaxLength); + message_length = gsec_test_bias_random_uint32(kTestMaxLength); + gsec_test_random_encrypt_decrypt(crypter, aad_length, message_length); + gsec_test_random_encrypt_decrypt(crypter, 0, message_length); + gsec_test_random_encrypt_decrypt(crypter, aad_length, 0); +} + +static void gsec_test_multiple_random_encrypt_decrypt( + gsec_aead_crypter* crypter, size_t* aad_lengths, size_t* message_lengths, + size_t count) { + GPR_ASSERT(crypter != nullptr); + size_t nonce_length, tag_length; + uint8_t **nonces, **aads, **messages; + nonces = static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count)); + aads = static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count)); + messages = static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count)); + + gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr); + gsec_aead_crypter_tag_length(crypter, &tag_length, nullptr); + + size_t ind; + for (ind = 0; ind < count; ind++) { + size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind]; + size_t message_length = + (message_lengths == nullptr) ? 0 : message_lengths[ind]; + gsec_test_random_array(&(nonces[ind]), nonce_length); + gsec_test_random_array(&(aads[ind]), aad_length); + gsec_test_random_array(&(messages[ind]), message_length); + } + + size_t* ciphertext_and_tag_lengths = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + size_t* ciphertext_bytes_writtens = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + size_t* plaintext_lengths = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + size_t* plaintext_bytes_writtens = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + uint8_t** ciphertext_and_tags = + static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count)); + uint8_t** plaintexts = + static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count)); + + /* Do encryption */ + for (ind = 0; ind < count; ind++) { + size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind]; + size_t message_length = + (message_lengths == nullptr) ? 0 : message_lengths[ind]; + gsec_aead_crypter_max_ciphertext_and_tag_length( + crypter, message_length, &(ciphertext_and_tag_lengths[ind]), nullptr); + ciphertext_and_tags[ind] = + static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_lengths[ind])); + grpc_status_code status = gsec_aead_crypter_encrypt( + crypter, nonces[ind], nonce_length, aads[ind], aad_length, + messages[ind], message_length, ciphertext_and_tags[ind], + ciphertext_and_tag_lengths[ind], &(ciphertext_bytes_writtens[ind]), + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(message_length + tag_length == ciphertext_and_tag_lengths[ind]); + GPR_ASSERT(ciphertext_bytes_writtens[ind] == + ciphertext_and_tag_lengths[ind]); + } + /* Do Decryption */ + for (ind = 0; ind < count; ind++) { + size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind]; + size_t message_length = + (message_lengths == nullptr) ? 0 : message_lengths[ind]; + gsec_aead_crypter_max_plaintext_length(crypter, + ciphertext_bytes_writtens[ind], + &(plaintext_lengths[ind]), nullptr); + plaintexts[ind] = static_cast<uint8_t*>(gpr_malloc(plaintext_lengths[ind])); + grpc_status_code status = gsec_aead_crypter_decrypt( + crypter, nonces[ind], nonce_length, aads[ind], aad_length, + ciphertext_and_tags[ind], ciphertext_bytes_writtens[ind], + plaintexts[ind], plaintext_lengths[ind], + &(plaintext_bytes_writtens[ind]), nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(message_length == plaintext_bytes_writtens[ind]); + GPR_ASSERT(memcmp(messages[ind], plaintexts[ind], message_length) == 0); + } + + /* Slice the plaintext and encrypt with iovecs */ + for (ind = 0; ind < count; ind++) { + size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind]; + struct iovec* aad_vecs = nullptr; + size_t aad_vecs_length = 0; + gsec_randomly_slice(aads[ind], aad_length, &aad_vecs, &aad_vecs_length); + size_t message_length = + (message_lengths == nullptr) ? 0 : message_lengths[ind]; + struct iovec* message_vecs = nullptr; + size_t message_vecs_length = 0; + gsec_randomly_slice(messages[ind], message_length, &message_vecs, + &message_vecs_length); + + size_t ciphertext_length = ciphertext_and_tag_lengths[ind]; + uint8_t* another_ciphertext = + static_cast<uint8_t*>(malloc(ciphertext_length)); + struct iovec another_ciphertext_vec = {another_ciphertext, + ciphertext_length}; + + char* error_details = nullptr; + size_t ciphertext_bytes_written = 0; + gsec_assert_ok( + gsec_aead_crypter_encrypt_iovec( + crypter, nonces[ind], nonce_length, aad_vecs, aad_vecs_length, + message_vecs, message_vecs_length, another_ciphertext_vec, + &ciphertext_bytes_written, &error_details), + error_details); + GPR_ASSERT(memcmp(ciphertext_and_tags[ind], another_ciphertext_vec.iov_base, + ciphertext_length) == 0); + free(another_ciphertext); + free(aad_vecs); + free(message_vecs); + } + + /* Slice the ciphertext and decrypt with iovecs */ + for (ind = 0; ind < count; ind++) { + size_t message_length = + (message_lengths == nullptr) ? 0 : message_lengths[ind]; + message_length = message_length + 0; + + size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind]; + + struct iovec* aad_vecs = nullptr; + size_t aad_vecs_length = 0; + gsec_randomly_slice(aads[ind], aad_length, &aad_vecs, &aad_vecs_length); + + struct iovec* ciphertext_vecs = nullptr; + size_t ciphertext_vecs_length = 0; + gsec_randomly_slice(ciphertext_and_tags[ind], + ciphertext_bytes_writtens[ind], &ciphertext_vecs, + &ciphertext_vecs_length); + + size_t decrypted_length = plaintext_lengths[ind]; + uint8_t* decrypted = static_cast<uint8_t*>(malloc(decrypted_length)); + struct iovec decrypted_vec = {decrypted, decrypted_length}; + + char* error_details = nullptr; + gsec_assert_ok(gsec_aead_crypter_decrypt_iovec( + crypter, nonces[ind], nonce_length, aad_vecs, + aad_vecs_length, ciphertext_vecs, ciphertext_vecs_length, + decrypted_vec, &decrypted_length, &error_details), + error_details); + GPR_ASSERT(decrypted_vec.iov_len == message_length); + GPR_ASSERT(memcmp(decrypted_vec.iov_base, messages[ind], message_length) == + 0); + free(decrypted); + free(aad_vecs); + free(ciphertext_vecs); + } + + for (ind = 0; ind < count; ind++) { + gpr_free(nonces[ind]); + gpr_free(aads[ind]); + gpr_free(messages[ind]); + gpr_free(ciphertext_and_tags[ind]); + gpr_free(plaintexts[ind]); + } + gpr_free(nonces); + gpr_free(aads); + gpr_free(messages); + gpr_free(ciphertext_and_tag_lengths); + gpr_free(ciphertext_bytes_writtens); + gpr_free(plaintext_lengths); + gpr_free(plaintext_bytes_writtens); + gpr_free(ciphertext_and_tags); + gpr_free(plaintexts); +} + +static void gsec_test_multiple_encrypt_decrypt(gsec_aead_crypter* crypter) { + GPR_ASSERT(crypter != nullptr); + size_t count = kTestNumEncryptions; + size_t* aad_lengths = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + size_t* message_lengths = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + size_t ind; + for (ind = 0; ind < count; ind++) { + aad_lengths[ind] = gsec_test_bias_random_uint32(kTestMaxLength); + message_lengths[ind] = gsec_test_bias_random_uint32(kTestMaxLength); + } + gsec_test_multiple_random_encrypt_decrypt(crypter, aad_lengths, + message_lengths, count); + gsec_test_multiple_random_encrypt_decrypt(crypter, aad_lengths, nullptr, + count); + gsec_test_multiple_random_encrypt_decrypt(crypter, nullptr, message_lengths, + count); + gpr_free(aad_lengths); + gpr_free(message_lengths); +} + +static void gsec_test_encryption_failure(gsec_aead_crypter* crypter) { + GPR_ASSERT(crypter != nullptr); + size_t aad_length = kTestMaxLength; + size_t message_length = kTestMaxLength; + size_t nonce_length; + + char* error_message; + uint8_t *nonce, *aad, *message; + + gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr); + gsec_test_random_array(&nonce, nonce_length); + gsec_test_random_array(&aad, aad_length); + gsec_test_random_array(&message, message_length); + + size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0; + gsec_aead_crypter_max_ciphertext_and_tag_length( + crypter, message_length, &ciphertext_and_tag_length, nullptr); + uint8_t* ciphertext_and_tag = + static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length)); + + /* nullptr nonce */ + grpc_status_code status = gsec_aead_crypter_encrypt( + crypter, nullptr, nonce_length, aad, aad_length, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer is nullptr.")); + gpr_free(error_message); + + /* Big nonce */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length + 1, aad, aad_length, message, + message_length, ciphertext_and_tag, ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer has the wrong length.")); + gpr_free(error_message); + + /* Small nonce */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length - 1, aad, aad_length, message, + message_length, ciphertext_and_tag, ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer has the wrong length.")); + gpr_free(error_message); + + /* nullptr aad */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, nullptr, aad_length, message, + message_length, ciphertext_and_tag, ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "aad is nullptr.")); + gpr_free(error_message); + + /* nullptr aad with zero length */ + gsec_assert_ok( + gsec_aead_crypter_encrypt(crypter, nonce, nonce_length, nullptr, 0, + message, message_length, ciphertext_and_tag, + ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message), + error_message); + + /* nullptr plaintext */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, nullptr, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "plaintext is nullptr.")); + gpr_free(error_message); + + /* nullptr ciphertext */ + status = gsec_aead_crypter_encrypt(crypter, nonce, nonce_length, aad, + aad_length, message, message_length, + nullptr, ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "ciphertext is nullptr.")); + gpr_free(error_message); + + /* Short ciphertext */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length - 1, + &ciphertext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "ciphertext is too small to hold a tag.")); + gpr_free(error_message); + + /* nullptr ciphertext_bytes_written */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, nullptr, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "bytes_written is nullptr.")); + gpr_free(error_message); + + /* nullptr plaintext/ciphertext encrypt with zero length */ + gsec_assert_ok(gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, nullptr, 0, + ciphertext_and_tag, ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message), + error_message); + + /* Success */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written, + &error_message); + GPR_ASSERT(status == GRPC_STATUS_OK); + + gpr_free(message); + gpr_free(aad); + gpr_free(nonce); + gpr_free(ciphertext_and_tag); +} + +static void gsec_test_decryption_failure(gsec_aead_crypter* crypter) { + GPR_ASSERT(crypter != nullptr); + size_t aad_length = kTestMaxLength; + size_t message_length = kTestMaxLength; + size_t nonce_length, tag_length; + uint8_t *nonce, *aad, *message; + + gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr); + gsec_aead_crypter_tag_length(crypter, &tag_length, nullptr); + gsec_test_random_array(&nonce, nonce_length); + gsec_test_random_array(&aad, aad_length); + gsec_test_random_array(&message, message_length); + + /* Test encryption */ + size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0; + gsec_aead_crypter_max_ciphertext_and_tag_length( + crypter, message_length, &ciphertext_and_tag_length, nullptr); + uint8_t* ciphertext_and_tag = + static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length)); + + grpc_status_code status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written, + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(ciphertext_bytes_written == ciphertext_and_tag_length); + + size_t plaintext_length, plaintext_bytes_written = 0; + gsec_aead_crypter_max_plaintext_length(crypter, ciphertext_bytes_written, + &plaintext_length, nullptr); + uint8_t* plaintext = static_cast<uint8_t*>(gpr_malloc(plaintext_length)); + + char* error_message; + /* nullptr nonce */ + status = gsec_aead_crypter_decrypt( + crypter, nullptr, nonce_length, aad, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer is nullptr.")); + gpr_free(error_message); + + /* Big nonce */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length + 1, aad, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer has the wrong length.")); + gpr_free(error_message); + + /* Small nonce */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length - 1, aad, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer has the wrong length.")); + gpr_free(error_message); + + /* nullptr aad */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, nullptr, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "aad is nullptr.")); + gpr_free(error_message); + + /* nullptr aad with zero length */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, nullptr, 0, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written, + &error_message); + GPR_ASSERT(status == GRPC_STATUS_OK); + + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, nullptr, 0, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + GPR_ASSERT(status == GRPC_STATUS_OK); + + /* Small ciphertext */ + if (tag_length > 0) { + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag, + tag_length - 1, plaintext, plaintext_length, &plaintext_bytes_written, + &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "ciphertext is too small to hold a tag.")); + gpr_free(error_message); + } + + /* nullptr ciphertext */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, nullptr, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "ciphertext is nullptr.")); + gpr_free(error_message); + + /* nullptr plaintext */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, nullptr, plaintext_length, + &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "plaintext is nullptr, but plaintext_length is positive.")); + gpr_free(error_message); + + /* Short plaintext */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length - 1, + &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Not enough plaintext buffer to hold encrypted ciphertext.")); + gpr_free(error_message); + + /* nullptr plaintext_bytes_written */ + status = gsec_aead_crypter_decrypt(crypter, nonce, nonce_length, aad, + aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, + plaintext_length, nullptr, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "bytes_written is nullptr.")); + gpr_free(error_message); + + gpr_free(message); + gpr_free(plaintext); + gpr_free(ciphertext_and_tag); + gpr_free(aad); + gpr_free(nonce); +} + +static void gsec_test_encrypt_decrypt_test_vector( + gsec_aead_crypter* crypter, gsec_aead_test_vector* test_vector) { + GPR_ASSERT(crypter != nullptr); + /* Test byte-based encryption interface. */ + size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0; + gsec_aead_crypter_max_ciphertext_and_tag_length( + crypter, test_vector->plaintext_length, &ciphertext_and_tag_length, + nullptr); + uint8_t* ciphertext_and_tag_bytes = + static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length)); + grpc_status_code status = gsec_aead_crypter_encrypt( + crypter, test_vector->nonce, test_vector->nonce_length, test_vector->aad, + test_vector->aad_length, test_vector->plaintext, + test_vector->plaintext_length, ciphertext_and_tag_bytes, + ciphertext_and_tag_length, &ciphertext_bytes_written, nullptr); + + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(ciphertext_bytes_written == ciphertext_and_tag_length); + GPR_ASSERT(memcmp(test_vector->ciphertext_and_tag, ciphertext_and_tag_bytes, + ciphertext_and_tag_length) == 0); + + /* Test byte-based decryption interface */ + size_t plaintext_length, plaintext_bytes_written = 0; + gsec_aead_crypter_max_plaintext_length(crypter, ciphertext_and_tag_length, + &plaintext_length, nullptr); + uint8_t* plaintext_bytes = + static_cast<uint8_t*>(gpr_malloc(plaintext_length)); + status = gsec_aead_crypter_decrypt( + crypter, test_vector->nonce, test_vector->nonce_length, test_vector->aad, + test_vector->aad_length, test_vector->ciphertext_and_tag, + test_vector->ciphertext_and_tag_length, plaintext_bytes, plaintext_length, + &plaintext_bytes_written, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(test_vector->plaintext, plaintext_bytes, + plaintext_bytes_written) == 0); + + gpr_free(ciphertext_and_tag_bytes); + gpr_free(plaintext_bytes); +} + +static void gsec_test_get_crypter_from_test_vector( + gsec_aead_crypter** crypter, gsec_aead_test_vector* test_vector, + bool rekey = false) { + size_t key_length = test_vector->key_length; + GPR_ASSERT(key_length == kAes128GcmKeyLength || + key_length == kAes256GcmKeyLength || + key_length == kAes128GcmRekeyKeyLength); + size_t nonce_length = test_vector->nonce_length; + GPR_ASSERT(nonce_length == kAesGcmNonceLength); + size_t plaintext_length = test_vector->plaintext_length; + size_t ciphertext_and_tag_length = test_vector->ciphertext_and_tag_length; + GPR_ASSERT(ciphertext_and_tag_length == plaintext_length + kAesGcmTagLength); + size_t tag_length = ciphertext_and_tag_length - plaintext_length; + gsec_aes_gcm_aead_crypter_create(test_vector->key, key_length, nonce_length, + tag_length, rekey, crypter, nullptr); +} + +static void gsec_test_verify_crypter_on_test_vector( + gsec_aead_test_vector* test_vector, bool rekey = false) { + gsec_aead_crypter* crypter; + gsec_test_get_crypter_from_test_vector(&crypter, test_vector, rekey); + gsec_test_encrypt_decrypt_test_vector(crypter, test_vector); + gsec_aead_crypter_destroy(crypter); +} + +static void gsec_aead_malloc_test_vector( + gsec_aead_test_vector** test_vector, const uint8_t* key, size_t key_length, + const uint8_t* nonce, size_t nonce_length, const uint8_t* aad, + size_t aad_length, const uint8_t* plaintext, size_t plaintext_length, + const uint8_t* ciphertext_and_tag, size_t ciphertext_and_tag_length) { + *test_vector = static_cast<gsec_aead_test_vector*>( + gpr_malloc(sizeof(gsec_aead_test_vector))); + (*test_vector)->key_length = key_length; + (*test_vector)->nonce_length = nonce_length; + (*test_vector)->aad_length = aad_length; + (*test_vector)->plaintext_length = plaintext_length; + (*test_vector)->ciphertext_and_tag_length = ciphertext_and_tag_length; + gsec_test_copy(key, &((*test_vector)->key), key_length); + gsec_test_copy(nonce, &((*test_vector)->nonce), nonce_length); + gsec_test_copy(aad, &((*test_vector)->aad), aad_length); + gsec_test_copy(plaintext, &((*test_vector)->plaintext), plaintext_length); + gsec_test_copy(ciphertext_and_tag, &((*test_vector)->ciphertext_and_tag), + ciphertext_and_tag_length); +} + +static void gsec_aead_free_test_vector(gsec_aead_test_vector* test_vector) { + gpr_free(test_vector->key); + gpr_free(test_vector->nonce); + gpr_free(test_vector->aad); + gpr_free(test_vector->plaintext); + gpr_free(test_vector->ciphertext_and_tag); + gpr_free(test_vector); +} + +static void gsec_test_create_random_aes_gcm_crypter(gsec_aead_crypter** crypter, + size_t key_length, + size_t nonce_length, + size_t tag_length, + bool rekey) { + uint8_t* key; + gsec_test_random_array(&key, key_length); + gsec_aes_gcm_aead_crypter_create(key, key_length, nonce_length, tag_length, + rekey, crypter, nullptr); + gpr_free(key); +} + +static void gsec_test_get_random_aes_gcm_crypters( + gsec_aead_crypter*** crypters) { + *crypters = static_cast<gsec_aead_crypter**>( + gpr_malloc(sizeof(gsec_aead_crypter*) * kTestNumCrypters)); + gsec_test_create_random_aes_gcm_crypter( + &((*crypters)[0]), kAes128GcmKeyLength, kAesGcmNonceLength, + kAesGcmTagLength, /*rekey=*/false); + gsec_test_create_random_aes_gcm_crypter( + &((*crypters)[1]), kAes256GcmKeyLength, kAesGcmNonceLength, + kAesGcmTagLength, /*rekey=*/false); + gsec_test_create_random_aes_gcm_crypter( + &((*crypters)[2]), kAes128GcmRekeyKeyLength, kAesGcmNonceLength, + kAesGcmTagLength, /*rekey=*/true); +} + +static void gsec_test_do_generic_crypter_tests() { + gsec_aead_crypter** crypters; + gsec_test_get_random_aes_gcm_crypters(&crypters); + size_t ind; + for (ind = 0; ind < kTestNumCrypters; ind++) { + gsec_test_encrypt_decrypt(crypters[ind]); + gsec_test_multiple_encrypt_decrypt(crypters[ind]); + gsec_test_encryption_failure(crypters[ind]); + gsec_test_decryption_failure(crypters[ind]); + } + for (ind = 0; ind < kTestNumCrypters; ind++) { + gsec_aead_crypter_destroy(crypters[ind]); + } + gpr_free(crypters); +} + +static void gsec_test_do_vector_tests_rekey_nist() { + // NIST vectors from: + // http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf + // + // IEEE vectors from: + // http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf + // + // Key expanded by setting expandedKey = (key||(key ^ {0x01, .., 0x01})||key ^ + // {0x02,..,0x02}))[0:44]. + + gsec_aead_test_vector vec; + + // Derived from NIST test vector 1 + uint8_t nonce_0[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}; + uint8_t aad_0[1] = {}; + uint8_t key_0[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, + 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x2, + 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2}; + uint8_t plaintext_0[1] = {}; + uint8_t ciphertext_0[] = {0x85, 0xE8, 0x73, 0xE0, 0x2, 0xF6, 0xEB, 0xDC, + 0x40, 0x60, 0x95, 0x4E, 0xB8, 0x67, 0x55, 0x8}; + vec = {nonce_0, aad_0, key_0, plaintext_0, ciphertext_0, 12, 0, 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from NIST test vector 2 + uint8_t nonce_1[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}; + uint8_t aad_1[1] = {}; + uint8_t key_1[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, + 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x2, + 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2}; + uint8_t plaintext_1[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}; + uint8_t ciphertext_1[] = {0x51, 0xE9, 0xA8, 0xCB, 0x23, 0xCA, 0x25, 0x12, + 0xC8, 0x25, 0x6A, 0xFF, 0xF8, 0xE7, 0x2D, 0x68, + 0x1A, 0xCA, 0x19, 0xA1, 0x14, 0x8A, 0xC1, 0x15, + 0xE8, 0x3D, 0xF4, 0x88, 0x8C, 0xC0, 0xD, 0x11}; + vec = {nonce_1, aad_1, key_1, plaintext_1, ciphertext_1, 12, 0, 44, 16, 32}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from NIST test vector 3 + uint8_t nonce_2[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE, + 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88}; + uint8_t aad_2[1] = {}; + uint8_t key_2[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_2[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, + 0xC5, 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, + 0xF7, 0xDA, 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, + 0x3C, 0xC, 0x95, 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, + 0x49, 0xA6, 0xB5, 0x25, 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, + 0x57, 0xBA, 0x63, 0x7B, 0x39, 0x1A, 0xAF, 0xD2, 0x55}; + uint8_t ciphertext_2[] = { + 0x10, 0x18, 0xED, 0x5A, 0x14, 0x2, 0xA8, 0x65, 0x16, 0xD6, 0x57, 0x6D, + 0x70, 0xB2, 0xFF, 0xCC, 0xCA, 0x26, 0x1B, 0x94, 0xDF, 0x88, 0xB5, 0x8F, + 0x53, 0xB6, 0x4D, 0xFB, 0xA4, 0x35, 0xD1, 0x8B, 0x2F, 0x6E, 0x3B, 0x78, + 0x69, 0xF9, 0x35, 0x3D, 0x4A, 0xC8, 0xCF, 0x9, 0xAF, 0xB1, 0x66, 0x3D, + 0xAA, 0x7B, 0x40, 0x17, 0xE6, 0xFC, 0x2C, 0x17, 0x7C, 0xC, 0x8, 0x7C, + 0xD, 0xF1, 0x16, 0x21, 0x29, 0x95, 0x22, 0x13, 0xCE, 0xE1, 0xBC, 0x6E, + 0x9C, 0x84, 0x95, 0xDD, 0x70, 0x5E, 0x1F, 0x3D}; + vec = {nonce_2, aad_2, key_2, plaintext_2, ciphertext_2, 12, 0, 44, 64, 80}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from NIST test vector 4 + uint8_t nonce_3[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE, + 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88}; + uint8_t aad_3[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, + 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, + 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2}; + uint8_t key_3[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_3[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5, + 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA, + 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95, + 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25, + 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39}; + uint8_t ciphertext_3[] = { + 0x10, 0x18, 0xED, 0x5A, 0x14, 0x2, 0xA8, 0x65, 0x16, 0xD6, 0x57, + 0x6D, 0x70, 0xB2, 0xFF, 0xCC, 0xCA, 0x26, 0x1B, 0x94, 0xDF, 0x88, + 0xB5, 0x8F, 0x53, 0xB6, 0x4D, 0xFB, 0xA4, 0x35, 0xD1, 0x8B, 0x2F, + 0x6E, 0x3B, 0x78, 0x69, 0xF9, 0x35, 0x3D, 0x4A, 0xC8, 0xCF, 0x9, + 0xAF, 0xB1, 0x66, 0x3D, 0xAA, 0x7B, 0x40, 0x17, 0xE6, 0xFC, 0x2C, + 0x17, 0x7C, 0xC, 0x8, 0x7C, 0x47, 0x64, 0x56, 0x5D, 0x7, 0x7E, + 0x91, 0x24, 0x0, 0x1D, 0xDB, 0x27, 0xFC, 0x8, 0x48, 0xC5}; + vec = {nonce_3, aad_3, key_3, plaintext_3, ciphertext_3, 12, 20, 44, 60, 76}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from adapted NIST test vector 4 for KDF counter boundary (flip + // nonce bit 15) + uint8_t nonce_4[] = {0xCA, 0x7E, 0xBA, 0xBE, 0xFA, 0xCE, + 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88}; + uint8_t aad_4[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, + 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, + 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2}; + uint8_t key_4[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_4[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5, + 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA, + 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95, + 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25, + 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39}; + uint8_t ciphertext_4[] = { + 0xE6, 0x50, 0xD3, 0xC0, 0xFB, 0x87, 0x93, 0x27, 0xF2, 0xD0, 0x32, + 0x87, 0xFA, 0x93, 0xCD, 0x7, 0x34, 0x2B, 0x13, 0x62, 0x15, 0xAD, + 0xBC, 0xA0, 0xC, 0x3B, 0xD5, 0x9, 0x9E, 0xC4, 0x18, 0x32, 0xB1, + 0xD1, 0x8E, 0x4, 0x23, 0xED, 0x26, 0xBB, 0x12, 0xC6, 0xCD, 0x9, + 0xDE, 0xBB, 0x29, 0x23, 0xA, 0x94, 0xC0, 0xCE, 0xE1, 0x59, 0x3, + 0x65, 0x6F, 0x85, 0xED, 0xB6, 0xFC, 0x50, 0x9B, 0x1B, 0x28, 0x21, + 0x63, 0x82, 0x17, 0x2E, 0xCB, 0xCC, 0x31, 0xE1, 0xE9, 0xB1}; + vec = {nonce_4, aad_4, key_4, plaintext_4, ciphertext_4, 12, 20, 44, 60, 76}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from adapted NIST test vector 4 for KDF counter boundary (flip + // nonce bit 16) + uint8_t nonce_5[] = {0xCA, 0xFE, 0xBB, 0xBE, 0xFA, 0xCE, + 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88}; + uint8_t aad_5[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, + 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, + 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2}; + uint8_t key_5[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_5[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5, + 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA, + 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95, + 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25, + 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39}; + uint8_t ciphertext_5[] = { + 0xC0, 0x12, 0x1E, 0x6C, 0x95, 0x4D, 0x7, 0x67, 0xF9, 0x66, 0x30, + 0xC3, 0x34, 0x50, 0x99, 0x97, 0x91, 0xB2, 0xDA, 0x2A, 0xD0, 0x5C, + 0x41, 0x90, 0x16, 0x9C, 0xCA, 0xD9, 0xAC, 0x86, 0xFF, 0x1C, 0x72, + 0x1E, 0x3D, 0x82, 0xF2, 0xAD, 0x22, 0xAB, 0x46, 0x3B, 0xAB, 0x4A, + 0x7, 0x54, 0xB7, 0xDD, 0x68, 0xCA, 0x4D, 0xE7, 0xEA, 0x25, 0x31, + 0xB6, 0x25, 0xED, 0xA0, 0x1F, 0x89, 0x31, 0x2B, 0x2A, 0xB9, 0x57, + 0xD5, 0xC7, 0xF8, 0x56, 0x8D, 0xD9, 0x5F, 0xCD, 0xCD, 0x1F}; + vec = {nonce_5, aad_5, key_5, plaintext_5, ciphertext_5, 12, 20, 44, 60, 76}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from adapted NIST test vector 4 for KDF counter boundary (flip + // nonce bit 63) + uint8_t nonce_6[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE, + 0xDB, 0x2D, 0xDE, 0xCA, 0xF8, 0x88}; + uint8_t aad_6[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, + 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, + 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2}; + uint8_t key_6[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_6[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5, + 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA, + 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95, + 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25, + 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39}; + uint8_t ciphertext_6[] = { + 0x8A, 0xF3, 0x7E, 0xA5, 0x68, 0x4A, 0x4D, 0x81, 0xD4, 0xFD, 0x81, + 0x72, 0x61, 0xFD, 0x97, 0x43, 0x9, 0x9E, 0x7E, 0x6A, 0x2, 0x5E, + 0xAA, 0xCF, 0x8E, 0x54, 0xB1, 0x24, 0xFB, 0x57, 0x43, 0x14, 0x9E, + 0x5, 0xCB, 0x89, 0xF4, 0xA4, 0x94, 0x67, 0xFE, 0x2E, 0x5E, 0x59, + 0x65, 0xF2, 0x9A, 0x19, 0xF9, 0x94, 0x16, 0xB0, 0x1, 0x6B, 0x54, + 0x58, 0x5D, 0x12, 0x55, 0x37, 0x83, 0xBA, 0x59, 0xE9, 0xF7, 0x82, + 0xE8, 0x2E, 0x9, 0x7C, 0x33, 0x6B, 0xF7, 0x98, 0x9F, 0x8}; + vec = {nonce_6, aad_6, key_6, plaintext_6, ciphertext_6, 12, 20, 44, 60, 76}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from adapted NIST test vector 4 for KDF counter boundary (flip + // nonce bit 64) + uint8_t nonce_7[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE, + 0xDB, 0xAD, 0xDF, 0xCA, 0xF8, 0x88}; + uint8_t aad_7[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, + 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, + 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2}; + uint8_t key_7[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_7[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5, + 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA, + 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95, + 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25, + 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39}; + uint8_t ciphertext_7[] = { + 0xFB, 0xD5, 0x28, 0x44, 0x8D, 0x3, 0x46, 0xBF, 0xA8, 0x78, 0x63, + 0x48, 0x64, 0xD4, 0x7, 0xA3, 0x5A, 0x3, 0x9D, 0xE9, 0xDB, 0x2F, + 0x1F, 0xEB, 0x8E, 0x96, 0x5B, 0x3A, 0xE9, 0x35, 0x6C, 0xE6, 0x28, + 0x94, 0x41, 0xD7, 0x7F, 0x8F, 0xD, 0xF2, 0x94, 0x89, 0x1F, 0x37, + 0xEA, 0x43, 0x8B, 0x22, 0x3E, 0x3B, 0xF2, 0xBD, 0xC5, 0x3D, 0x4C, + 0x5A, 0x74, 0xFB, 0x68, 0xB, 0xB3, 0x12, 0xA8, 0xDE, 0xC6, 0xF7, + 0x25, 0x2C, 0xBC, 0xD7, 0xF5, 0x79, 0x97, 0x50, 0xAD, 0x78}; + vec = {nonce_7, aad_7, key_7, plaintext_7, ciphertext_7, 12, 20, 44, 60, 76}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); +} + +static void gsec_test_do_vector_tests_rekey_ieee() { + // IEEE vectors from: + // http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf + // + // Key expanded by setting expandedKey = (key||(key ^ {0x01, .., 0x01})||key ^ + // {0x02,..,0x02}))[0:44]. + + gsec_aead_test_vector vec; + + // Derived from IEEE 2.1.1 54-byte auth + uint8_t nonce_8[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, + 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65}; + uint8_t aad_8[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A, 0xD, 0x46, 0xDF, + 0x99, 0x8D, 0x88, 0xE5, 0x22, 0x2A, 0xB2, 0xC2, 0x84, 0x65, + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, 0x8, 0x0, + 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x1}; + uint8_t key_8[] = {0xAD, 0x7A, 0x2B, 0xD0, 0x3E, 0xAC, 0x83, 0x5A, 0x6F, + 0x62, 0xF, 0xDC, 0xB5, 0x6, 0xB3, 0x45, 0xAC, 0x7B, + 0x2A, 0xD1, 0x3F, 0xAD, 0x82, 0x5B, 0x6E, 0x63, 0xE, + 0xDD, 0xB4, 0x7, 0xB2, 0x44, 0xAF, 0x78, 0x29, 0xD2, + 0x3C, 0xAE, 0x81, 0x58, 0x6D, 0x60, 0xD, 0xDE}; + uint8_t plaintext_8[1] = {}; + uint8_t ciphertext_8[] = {0x3E, 0xA0, 0xB5, 0x84, 0xF3, 0xC8, 0x5E, 0x93, + 0xF9, 0x32, 0xE, 0xA5, 0x91, 0x69, 0x9E, 0xFB}; + vec = {nonce_8, aad_8, key_8, plaintext_8, ciphertext_8, 12, 70, 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.1.2 54-byte auth + uint8_t nonce_9[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, + 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65}; + uint8_t aad_9[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A, 0xD, 0x46, 0xDF, + 0x99, 0x8D, 0x88, 0xE5, 0x22, 0x2A, 0xB2, 0xC2, 0x84, 0x65, + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, 0x8, 0x0, + 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x1}; + uint8_t key_9[] = {0xE3, 0xC0, 0x8A, 0x8F, 0x6, 0xC6, 0xE3, 0xAD, 0x95, + 0xA7, 0x5, 0x57, 0xB2, 0x3F, 0x75, 0x48, 0x3C, 0xE3, + 0x30, 0x21, 0xA9, 0xC7, 0x2B, 0x70, 0x25, 0x66, 0x62, + 0x4, 0xC6, 0x9C, 0xB, 0x72, 0xE1, 0xC2, 0x88, 0x8D, + 0x4, 0xC4, 0xE1, 0xAF, 0x97, 0xA5, 0x7, 0x55}; + uint8_t plaintext_9[1] = {}; + uint8_t ciphertext_9[] = {0x29, 0x4E, 0x2, 0x8B, 0xF1, 0xFE, 0x6F, 0x14, + 0xC4, 0xE8, 0xF7, 0x30, 0x5C, 0x93, 0x3E, 0xB5}; + vec = {nonce_9, aad_9, key_9, plaintext_9, ciphertext_9, 12, 70, 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.2.1 60-byte crypt + uint8_t nonce_10[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, + 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65}; + uint8_t aad_10[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A, + 0xD, 0x46, 0xDF, 0x99, 0x8D, 0x88, 0xE5, + 0x2E, 0x0, 0xB2, 0xC2, 0x84, 0x65, 0x12, + 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81}; + uint8_t key_10[] = {0xAD, 0x7A, 0x2B, 0xD0, 0x3E, 0xAC, 0x83, 0x5A, 0x6F, + 0x62, 0xF, 0xDC, 0xB5, 0x6, 0xB3, 0x45, 0xAC, 0x7B, + 0x2A, 0xD1, 0x3F, 0xAD, 0x82, 0x5B, 0x6E, 0x63, 0xE, + 0xDD, 0xB4, 0x7, 0xB2, 0x44, 0xAF, 0x78, 0x29, 0xD2, + 0x3C, 0xAE, 0x81, 0x58, 0x6D, 0x60, 0xD, 0xDE}; + uint8_t plaintext_10[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, + 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x2}; + uint8_t ciphertext_10[] = { + 0xDB, 0x3D, 0x25, 0x71, 0x9C, 0x6B, 0xA, 0x3C, 0xA6, 0x14, 0x5C, + 0x15, 0x9D, 0x5C, 0x6E, 0xD9, 0xAF, 0xF9, 0xC6, 0xE0, 0xB7, 0x9F, + 0x17, 0x1, 0x9E, 0xA9, 0x23, 0xB8, 0x66, 0x5D, 0xDF, 0x52, 0x13, + 0x7A, 0xD6, 0x11, 0xF0, 0xD1, 0xBF, 0x41, 0x7A, 0x7C, 0xA8, 0x5E, + 0x45, 0xAF, 0xE1, 0x6, 0xFF, 0x9C, 0x75, 0x69, 0xD3, 0x35, 0xD0, + 0x86, 0xAE, 0x6C, 0x3, 0xF0, 0x9, 0x87, 0xCC, 0xD6}; + vec = {nonce_10, aad_10, key_10, plaintext_10, ciphertext_10, + 12, 28, 44, 48, 64}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.2.2 60-byte crypt + uint8_t nonce_11[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, + 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65}; + uint8_t aad_11[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A, + 0xD, 0x46, 0xDF, 0x99, 0x8D, 0x88, 0xE5, + 0x2E, 0x0, 0xB2, 0xC2, 0x84, 0x65, 0x12, + 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81}; + uint8_t key_11[] = {0xE3, 0xC0, 0x8A, 0x8F, 0x6, 0xC6, 0xE3, 0xAD, 0x95, + 0xA7, 0x5, 0x57, 0xB2, 0x3F, 0x75, 0x48, 0x3C, 0xE3, + 0x30, 0x21, 0xA9, 0xC7, 0x2B, 0x70, 0x25, 0x66, 0x62, + 0x4, 0xC6, 0x9C, 0xB, 0x72, 0xE1, 0xC2, 0x88, 0x8D, + 0x4, 0xC4, 0xE1, 0xAF, 0x97, 0xA5, 0x7, 0x55}; + uint8_t plaintext_11[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, + 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x2}; + uint8_t ciphertext_11[] = { + 0x16, 0x41, 0xF2, 0x8E, 0xC1, 0x3A, 0xFC, 0xC8, 0xF7, 0x90, 0x33, + 0x89, 0x78, 0x72, 0x1, 0x5, 0x16, 0x44, 0x91, 0x49, 0x33, 0xE9, + 0x20, 0x2B, 0xB9, 0xD0, 0x6A, 0xA0, 0x20, 0xC2, 0xA6, 0x7E, 0xF5, + 0x1D, 0xFE, 0x7B, 0xC0, 0xA, 0x85, 0x6C, 0x55, 0xB8, 0xF8, 0x13, + 0x3E, 0x77, 0xF6, 0x59, 0x13, 0x25, 0x2, 0xBA, 0xD6, 0x3F, 0x57, + 0x13, 0xD5, 0x7D, 0xC, 0x11, 0xE0, 0xF8, 0x71, 0xED}; + vec = {nonce_11, aad_11, key_11, plaintext_11, ciphertext_11, + 12, 28, 44, 48, 64}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.3.1 60-byte auth + uint8_t nonce_12[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED}; + uint8_t aad_12[] = { + 0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x88, 0xE5, 0x40, 0x0, 0x76, 0xD4, 0x57, 0xED, 0x8, 0x0, 0xF, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x3}; + uint8_t key_12[] = {0x7, 0x1B, 0x11, 0x3B, 0xC, 0xA7, 0x43, 0xFE, 0xCC, + 0xCF, 0x3D, 0x5, 0x1F, 0x73, 0x73, 0x82, 0x6, 0x1A, + 0x10, 0x3A, 0xD, 0xA6, 0x42, 0xFF, 0xCD, 0xCE, 0x3C, + 0x4, 0x1E, 0x72, 0x72, 0x83, 0x5, 0x19, 0x13, 0x39, + 0xE, 0xA5, 0x41, 0xFC, 0xCE, 0xCD, 0x3F, 0x7}; + uint8_t plaintext_12[1] = {}; + uint8_t ciphertext_12[] = {0x58, 0x83, 0x7A, 0x10, 0x56, 0x2B, 0xF, 0x1F, + 0x8E, 0xDB, 0xE5, 0x8C, 0xA5, 0x58, 0x11, 0xD3}; + vec = {nonce_12, aad_12, key_12, plaintext_12, ciphertext_12, 12, 68, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.3.2 60-byte auth + uint8_t nonce_13[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED}; + uint8_t aad_13[] = { + 0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x88, 0xE5, 0x40, 0x0, 0x76, 0xD4, 0x57, 0xED, 0x8, 0x0, 0xF, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x3}; + uint8_t key_13[] = {0x69, 0x1D, 0x3E, 0xE9, 0x9, 0xD7, 0xF5, 0x41, 0x67, + 0xFD, 0x1C, 0xA0, 0xB5, 0xD7, 0x69, 0x8, 0x1F, 0x2B, + 0xDE, 0x1A, 0xEE, 0x65, 0x5F, 0xDB, 0xAB, 0x80, 0xBD, + 0x52, 0x95, 0xAE, 0x6B, 0xE7, 0x6B, 0x1F, 0x3C, 0xEB, + 0xB, 0xD5, 0xF7, 0x43, 0x65, 0xFF, 0x1E, 0xA2}; + uint8_t plaintext_13[1] = {}; + uint8_t ciphertext_13[] = {0xC2, 0x72, 0x2F, 0xF6, 0xCA, 0x29, 0xA2, 0x57, + 0x71, 0x8A, 0x52, 0x9D, 0x1F, 0xC, 0x6A, 0x3B}; + vec = {nonce_13, aad_13, key_13, plaintext_13, ciphertext_13, 12, 68, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.4.1 54-byte crypt + uint8_t nonce_14[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED}; + uint8_t aad_14[] = {0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0, + 0x76, 0x1E, 0x8D, 0xCD, 0x3D, 0x88, 0xE5, + 0x4C, 0x2A, 0x76, 0xD4, 0x57, 0xED}; + uint8_t key_14[] = {0x7, 0x1B, 0x11, 0x3B, 0xC, 0xA7, 0x43, 0xFE, 0xCC, + 0xCF, 0x3D, 0x5, 0x1F, 0x73, 0x73, 0x82, 0x6, 0x1A, + 0x10, 0x3A, 0xD, 0xA6, 0x42, 0xFF, 0xCD, 0xCE, 0x3C, + 0x4, 0x1E, 0x72, 0x72, 0x83, 0x5, 0x19, 0x13, 0x39, + 0xE, 0xA5, 0x41, 0xFC, 0xCE, 0xCD, 0x3F, 0x7}; + uint8_t plaintext_14[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x4}; + uint8_t ciphertext_14[] = { + 0xFD, 0x96, 0xB7, 0x15, 0xB9, 0x3A, 0x13, 0x34, 0x6A, 0xF5, 0x1E, 0x8A, + 0xCD, 0xF7, 0x92, 0xCD, 0xC7, 0xB2, 0x68, 0x6F, 0x85, 0x74, 0xC7, 0xE, + 0x6B, 0xC, 0xBF, 0x16, 0x29, 0x1D, 0xED, 0x42, 0x7A, 0xD7, 0x3F, 0xEC, + 0x48, 0xCD, 0x29, 0x8E, 0x5, 0x28, 0xA1, 0xF4, 0xC6, 0x44, 0xA9, 0x49, + 0xFC, 0x31, 0xDC, 0x92, 0x79, 0x70, 0x6D, 0xDB, 0xA3, 0x3F}; + vec = {nonce_14, aad_14, key_14, plaintext_14, ciphertext_14, + 12, 20, 44, 42, 58}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.4.2 54-byte crypt + uint8_t nonce_15[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED}; + uint8_t aad_15[] = {0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0, + 0x76, 0x1E, 0x8D, 0xCD, 0x3D, 0x88, 0xE5, + 0x4C, 0x2A, 0x76, 0xD4, 0x57, 0xED}; + uint8_t key_15[] = {0x69, 0x1D, 0x3E, 0xE9, 0x9, 0xD7, 0xF5, 0x41, 0x67, + 0xFD, 0x1C, 0xA0, 0xB5, 0xD7, 0x69, 0x8, 0x1F, 0x2B, + 0xDE, 0x1A, 0xEE, 0x65, 0x5F, 0xDB, 0xAB, 0x80, 0xBD, + 0x52, 0x95, 0xAE, 0x6B, 0xE7, 0x6B, 0x1F, 0x3C, 0xEB, + 0xB, 0xD5, 0xF7, 0x43, 0x65, 0xFF, 0x1E, 0xA2}; + uint8_t plaintext_15[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x4}; + uint8_t ciphertext_15[] = { + 0xB6, 0x8F, 0x63, 0x0, 0xC2, 0xE9, 0xAE, 0x83, 0x3B, 0xDC, 0x7, 0xE, + 0x24, 0x2, 0x1A, 0x34, 0x77, 0x11, 0x8E, 0x78, 0xCC, 0xF8, 0x4E, 0x11, + 0xA4, 0x85, 0xD8, 0x61, 0x47, 0x6C, 0x30, 0xF, 0x17, 0x53, 0x53, 0xD5, + 0xCD, 0xF9, 0x20, 0x8, 0xA4, 0xF8, 0x78, 0xE6, 0xCC, 0x35, 0x77, 0x76, + 0x80, 0x85, 0xC5, 0xA, 0xE, 0x98, 0xFD, 0xA6, 0xCB, 0xB8}; + vec = {nonce_15, aad_15, key_15, plaintext_15, ciphertext_15, + 12, 20, 44, 42, 58}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.5.1 65-byte auth + uint8_t nonce_16[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, + 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12}; + uint8_t aad_16[] = { + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + 0x88, 0xE5, 0x23, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C, 0xFD, 0xE9, 0xF9, + 0xE3, 0x37, 0x24, 0xC6, 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x0, 0x5}; + uint8_t key_16[] = {0x1, 0x3F, 0xE0, 0xB, 0x5F, 0x11, 0xBE, 0x7F, 0x86, + 0x6D, 0xC, 0xBB, 0xC5, 0x5A, 0x7A, 0x90, 0x0, 0x3E, + 0xE1, 0xA, 0x5E, 0x10, 0xBF, 0x7E, 0x87, 0x6C, 0xD, + 0xBA, 0xC4, 0x5B, 0x7B, 0x91, 0x3, 0x3D, 0xE2, 0x9, + 0x5D, 0x13, 0xBC, 0x7D, 0x84, 0x6F, 0xE, 0xB9}; + uint8_t plaintext_16[1] = {}; + uint8_t ciphertext_16[] = {0xCC, 0xA2, 0xE, 0xEC, 0xDA, 0x62, 0x83, 0xF0, + 0x9B, 0xB3, 0x54, 0x3D, 0xD9, 0x9E, 0xDB, 0x9B}; + vec = {nonce_16, aad_16, key_16, plaintext_16, ciphertext_16, 12, 81, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.5.2 65-byte auth + uint8_t nonce_17[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, + 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12}; + uint8_t aad_17[] = { + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + 0x88, 0xE5, 0x23, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C, 0xFD, 0xE9, 0xF9, + 0xE3, 0x37, 0x24, 0xC6, 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x0, 0x5}; + uint8_t key_17[] = {0x83, 0xC0, 0x93, 0xB5, 0x8D, 0xE7, 0xFF, 0xE1, 0xC0, + 0xDA, 0x92, 0x6A, 0xC4, 0x3F, 0xB3, 0x60, 0x9A, 0xC1, + 0xC8, 0xF, 0xEE, 0x1B, 0x62, 0x44, 0x97, 0xEF, 0x94, + 0x2E, 0x2F, 0x79, 0xA8, 0x23, 0x81, 0xC2, 0x91, 0xB7, + 0x8F, 0xE5, 0xFD, 0xE3, 0xC2, 0xD8, 0x90, 0x68}; + uint8_t plaintext_17[1] = {}; + uint8_t ciphertext_17[] = {0xB2, 0x32, 0xCC, 0x1D, 0xA5, 0x11, 0x7B, 0xF1, + 0x50, 0x3, 0x73, 0x4F, 0xA5, 0x99, 0xD2, 0x71}; + vec = {nonce_17, aad_17, key_17, plaintext_17, ciphertext_17, 12, 81, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.6.1 61-byte crypt + uint8_t nonce_18[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, + 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12}; + uint8_t aad_18[] = {0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6, + 0xE5, 0xBB, 0xD2, 0x72, 0x77, 0x88, 0xE5, + 0x2F, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C, + 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6}; + uint8_t key_18[] = {0x1, 0x3F, 0xE0, 0xB, 0x5F, 0x11, 0xBE, 0x7F, 0x86, + 0x6D, 0xC, 0xBB, 0xC5, 0x5A, 0x7A, 0x90, 0x0, 0x3E, + 0xE1, 0xA, 0x5E, 0x10, 0xBF, 0x7E, 0x87, 0x6C, 0xD, + 0xBA, 0xC4, 0x5B, 0x7B, 0x91, 0x3, 0x3D, 0xE2, 0x9, + 0x5D, 0x13, 0xBC, 0x7D, 0x84, 0x6F, 0xE, 0xB9}; + uint8_t plaintext_18[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, + 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x0, 0x6}; + uint8_t ciphertext_18[] = { + 0xFF, 0x19, 0x10, 0xD3, 0x5A, 0xD7, 0xE5, 0x65, 0x78, 0x90, 0xC7, + 0xC5, 0x60, 0x14, 0x6F, 0xD0, 0x38, 0x70, 0x7F, 0x20, 0x4B, 0x66, + 0xED, 0xBC, 0x3D, 0x16, 0x1F, 0x8A, 0xCE, 0x24, 0x4B, 0x98, 0x59, + 0x21, 0x2, 0x3C, 0x43, 0x6E, 0x3A, 0x1C, 0x35, 0x32, 0xEC, 0xD5, + 0xD0, 0x9A, 0x5, 0x6D, 0x70, 0xBE, 0x58, 0x3F, 0xD, 0x10, 0x82, + 0x9D, 0x93, 0x87, 0xD0, 0x7D, 0x33, 0xD8, 0x72, 0xE4, 0x90}; + vec = {nonce_18, aad_18, key_18, plaintext_18, ciphertext_18, + 12, 28, 44, 49, 65}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.6.2 61-byte crypt + uint8_t nonce_19[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, + 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12}; + uint8_t aad_19[] = {0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6, + 0xE5, 0xBB, 0xD2, 0x72, 0x77, 0x88, 0xE5, + 0x2F, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C, + 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6}; + uint8_t key_19[] = {0x83, 0xC0, 0x93, 0xB5, 0x8D, 0xE7, 0xFF, 0xE1, 0xC0, + 0xDA, 0x92, 0x6A, 0xC4, 0x3F, 0xB3, 0x60, 0x9A, 0xC1, + 0xC8, 0xF, 0xEE, 0x1B, 0x62, 0x44, 0x97, 0xEF, 0x94, + 0x2E, 0x2F, 0x79, 0xA8, 0x23, 0x81, 0xC2, 0x91, 0xB7, + 0x8F, 0xE5, 0xFD, 0xE3, 0xC2, 0xD8, 0x90, 0x68}; + uint8_t plaintext_19[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, + 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x0, 0x6}; + uint8_t ciphertext_19[] = { + 0xD, 0xB4, 0xCF, 0x95, 0x6B, 0x5F, 0x97, 0xEC, 0xA4, 0xEA, 0xB8, + 0x2A, 0x69, 0x55, 0x30, 0x7F, 0x9A, 0xE0, 0x2A, 0x32, 0xDD, 0x7D, + 0x93, 0xF8, 0x3D, 0x66, 0xAD, 0x4, 0xE1, 0xCF, 0xDC, 0x51, 0x82, + 0xAD, 0x12, 0xAB, 0xDE, 0xA5, 0xBB, 0xB6, 0x19, 0xA1, 0xBD, 0x5F, + 0xB9, 0xA5, 0x73, 0x59, 0xF, 0xBA, 0x90, 0x8E, 0x9C, 0x7A, 0x46, + 0xC1, 0xF7, 0xBA, 0x9, 0x5, 0xD1, 0xB5, 0x5F, 0xFD, 0xA4}; + vec = {nonce_19, aad_19, key_19, plaintext_19, ciphertext_19, + 12, 28, 44, 49, 65}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.7.1 79-byte crypt + uint8_t nonce_20[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t aad_20[] = { + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, + 0xC5, 0x88, 0xE5, 0x41, 0x0, 0x2E, 0x58, 0x49, 0x5C, 0x8, 0x0, + 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, + 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, + 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x0, 0x7}; + uint8_t key_20[] = {0x88, 0xEE, 0x8, 0x7F, 0xD9, 0x5D, 0xA9, 0xFB, 0xF6, + 0x72, 0x5A, 0xA9, 0xD7, 0x57, 0xB0, 0xCD, 0x89, 0xEF, + 0x9, 0x7E, 0xD8, 0x5C, 0xA8, 0xFA, 0xF7, 0x73, 0x5B, + 0xA8, 0xD6, 0x56, 0xB1, 0xCC, 0x8A, 0xEC, 0xA, 0x7D, + 0xDB, 0x5F, 0xAB, 0xF9, 0xF4, 0x70, 0x58, 0xAB}; + uint8_t plaintext_20[1] = {}; + uint8_t ciphertext_20[] = {0x81, 0x3F, 0xE, 0x63, 0xF, 0x96, 0xFB, 0x2D, + 0x3, 0xF, 0x58, 0xD8, 0x3F, 0x5C, 0xDF, 0xD0}; + vec = {nonce_20, aad_20, key_20, plaintext_20, ciphertext_20, 12, 87, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.7.2 79-byte crypt + uint8_t nonce_21[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t aad_21[] = { + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, + 0xC5, 0x88, 0xE5, 0x41, 0x0, 0x2E, 0x58, 0x49, 0x5C, 0x8, 0x0, + 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, + 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, + 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x0, 0x7}; + uint8_t key_21[] = {0x4C, 0x97, 0x3D, 0xBC, 0x73, 0x64, 0x62, 0x16, 0x74, + 0xF8, 0xB5, 0xB8, 0x9E, 0x5C, 0x15, 0x51, 0x1F, 0xCE, + 0xD9, 0x21, 0x64, 0x90, 0xFB, 0x1C, 0x1A, 0x2C, 0xAA, + 0xF, 0xFE, 0x4, 0x7, 0xE5, 0x4E, 0x95, 0x3F, 0xBE, + 0x71, 0x66, 0x60, 0x14, 0x76, 0xFA, 0xB7, 0xBA}; + uint8_t plaintext_21[1] = {}; + uint8_t ciphertext_21[] = {0x77, 0xE5, 0xA4, 0x4C, 0x21, 0xEB, 0x7, 0x18, + 0x8A, 0xAC, 0xBD, 0x74, 0xD1, 0x98, 0xE, 0x97}; + vec = {nonce_21, aad_21, key_21, plaintext_21, ciphertext_21, 12, 87, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.8.1 61-byte crypt + uint8_t nonce_22[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t aad_22[] = {0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A, + 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, 0x88, 0xE5, + 0x4D, 0x0, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t key_22[] = {0x88, 0xEE, 0x8, 0x7F, 0xD9, 0x5D, 0xA9, 0xFB, 0xF6, + 0x72, 0x5A, 0xA9, 0xD7, 0x57, 0xB0, 0xCD, 0x89, 0xEF, + 0x9, 0x7E, 0xD8, 0x5C, 0xA8, 0xFA, 0xF7, 0x73, 0x5B, + 0xA8, 0xD6, 0x56, 0xB1, 0xCC, 0x8A, 0xEC, 0xA, 0x7D, + 0xDB, 0x5F, 0xAB, 0xF9, 0xF4, 0x70, 0x58, 0xAB}; + uint8_t plaintext_22[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, + 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x0, 0x8}; + uint8_t ciphertext_22[] = { + 0x95, 0x8E, 0xC3, 0xF6, 0xD6, 0xA, 0xFE, 0xDA, 0x99, 0xEF, 0xD8, 0x88, + 0xF1, 0x75, 0xE5, 0xFC, 0xD4, 0xC8, 0x7B, 0x9B, 0xCC, 0x5C, 0x2F, 0x54, + 0x26, 0x25, 0x3A, 0x8B, 0x50, 0x62, 0x96, 0xC8, 0xC4, 0x33, 0x9, 0xAB, + 0x2A, 0xDB, 0x59, 0x39, 0x46, 0x25, 0x41, 0xD9, 0x5E, 0x80, 0x81, 0x1E, + 0x4, 0xE7, 0x6, 0xB1, 0x49, 0x8F, 0x2C, 0x40, 0x7C, 0x7F, 0xB2, 0x34, + 0xF8, 0xCC, 0x1, 0xA6, 0x47, 0x55, 0xE, 0xE6, 0xB5, 0x57, 0xB3, 0x5A, + 0x7E, 0x39, 0x45, 0x38, 0x18, 0x21, 0xF4}; + vec = {nonce_22, aad_22, key_22, plaintext_22, ciphertext_22, + 12, 20, 44, 63, 79}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.8.2 61-byte crypt + uint8_t nonce_23[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t aad_23[] = {0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A, + 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, 0x88, 0xE5, + 0x4D, 0x0, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t key_23[] = {0x4C, 0x97, 0x3D, 0xBC, 0x73, 0x64, 0x62, 0x16, 0x74, + 0xF8, 0xB5, 0xB8, 0x9E, 0x5C, 0x15, 0x51, 0x1F, 0xCE, + 0xD9, 0x21, 0x64, 0x90, 0xFB, 0x1C, 0x1A, 0x2C, 0xAA, + 0xF, 0xFE, 0x4, 0x7, 0xE5, 0x4E, 0x95, 0x3F, 0xBE, + 0x71, 0x66, 0x60, 0x14, 0x76, 0xFA, 0xB7, 0xBA}; + uint8_t plaintext_23[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, + 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x0, 0x8}; + uint8_t ciphertext_23[] = { + 0xB4, 0x4D, 0x7, 0x20, 0x11, 0xCD, 0x36, 0xD2, 0x72, 0xA9, 0xB7, 0xA9, + 0x8D, 0xB9, 0xAA, 0x90, 0xCB, 0xC5, 0xC6, 0x7B, 0x93, 0xDD, 0xCE, 0x67, + 0xC8, 0x54, 0x50, 0x32, 0x14, 0xE2, 0xE8, 0x96, 0xEC, 0x7E, 0x9D, 0xB6, + 0x49, 0xED, 0x4B, 0xCF, 0x6F, 0x85, 0xA, 0xAC, 0x2, 0x23, 0xD0, 0xCF, + 0x92, 0xC8, 0x3D, 0xB8, 0x7, 0x95, 0xC3, 0xA1, 0x7E, 0xCC, 0x12, 0x48, + 0xBB, 0x0, 0x59, 0x17, 0x12, 0xB1, 0xAE, 0x71, 0xE2, 0x68, 0x16, 0x41, + 0x96, 0x25, 0x21, 0x62, 0x81, 0xB, 0x0}; + vec = {nonce_23, aad_23, key_23, plaintext_23, ciphertext_23, + 12, 20, 44, 63, 79}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); +} + +static void gsec_test_do_vector_tests_nist() { + /** + * From: + * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/ + * gcm-revised-spec.pdf + */ + + /* Test vector 1 */ + gsec_aead_test_vector* test_vector_1; + const uint8_t test_vector_1_key[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00}; + const uint8_t test_vector_1_nonce[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; + const uint8_t test_vector_1_aad[1] = {}; + const uint8_t test_vector_1_plaintext[1] = {}; + const uint8_t test_vector_1_ciphertext_and_tag[] = { + 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61, + 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a}; + gsec_aead_malloc_test_vector( + &test_vector_1, test_vector_1_key, + sizeof(test_vector_1_key) / sizeof(uint8_t), test_vector_1_nonce, + sizeof(test_vector_1_nonce) / sizeof(uint8_t), test_vector_1_aad, 0, + test_vector_1_plaintext, 0, test_vector_1_ciphertext_and_tag, + sizeof(test_vector_1_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_1); + gsec_aead_free_test_vector(test_vector_1); + + /* Test vector 2 */ + gsec_aead_test_vector* test_vector_2; + const uint8_t test_vector_2_key[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00}; + const uint8_t test_vector_2_nonce[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; + const uint8_t test_vector_2_aad[1] = {}; + const uint8_t test_vector_2_plaintext[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00}; + const uint8_t test_vector_2_ciphertext_and_tag[] = { + 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, 0xf3, 0x28, 0xc2, + 0xb9, 0x71, 0xb2, 0xfe, 0x78, 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, + 0x13, 0xbd, 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf}; + gsec_aead_malloc_test_vector( + &test_vector_2, test_vector_2_key, + sizeof(test_vector_2_key) / sizeof(uint8_t), test_vector_2_nonce, + sizeof(test_vector_2_nonce) / sizeof(uint8_t), test_vector_2_aad, 0, + test_vector_2_plaintext, + sizeof(test_vector_2_plaintext) / sizeof(uint8_t), + test_vector_2_ciphertext_and_tag, + sizeof(test_vector_2_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_2); + gsec_aead_free_test_vector(test_vector_2); + + /* Test vector 3 */ + gsec_aead_test_vector* test_vector_3; + const uint8_t test_vector_3_key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, + 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, + 0x67, 0x30, 0x83, 0x08}; + const uint8_t test_vector_3_nonce[] = {0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, + 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88}; + const uint8_t test_vector_3_aad[1] = {}; + const uint8_t test_vector_3_plaintext[] = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, + 0xc5, 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, + 0xf7, 0xda, 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, + 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, + 0x49, 0xa6, 0xb5, 0x25, 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, + 0x57, 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55}; + const uint8_t test_vector_3_ciphertext_and_tag[] = { + 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, 0x4b, 0x72, 0x21, 0xb7, + 0x84, 0xd0, 0xd4, 0x9c, 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, + 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, 0x21, 0xd5, 0x14, 0xb2, + 0x54, 0x66, 0x93, 0x1c, 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, + 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, 0x3d, 0x58, 0xe0, 0x91, + 0x47, 0x3f, 0x59, 0x85, 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6, + 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4}; + gsec_aead_malloc_test_vector( + &test_vector_3, test_vector_3_key, + sizeof(test_vector_3_key) / sizeof(uint8_t), test_vector_3_nonce, + sizeof(test_vector_3_nonce) / sizeof(uint8_t), test_vector_3_aad, 0, + test_vector_3_plaintext, + sizeof(test_vector_3_plaintext) / sizeof(uint8_t), + test_vector_3_ciphertext_and_tag, + sizeof(test_vector_3_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_3); + gsec_aead_free_test_vector(test_vector_3); + + /* Test vector 4 */ + gsec_aead_test_vector* test_vector_4; + const uint8_t test_vector_4_key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, + 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, + 0x67, 0x30, 0x83, 0x08}; + const uint8_t test_vector_4_nonce[] = {0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, + 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88}; + const uint8_t test_vector_4_aad[] = {0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, + 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, + 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2}; + const uint8_t test_vector_4_plaintext[] = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5, + 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95, + 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39}; + const uint8_t test_vector_4_ciphertext_and_tag[] = { + 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, 0x4b, 0x72, 0x21, + 0xb7, 0x84, 0xd0, 0xd4, 0x9c, 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, + 0xa4, 0xe0, 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, 0x21, + 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, 0x7d, 0x8f, 0x6a, 0x5a, + 0xac, 0x84, 0xaa, 0x05, 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, + 0x97, 0x3d, 0x58, 0xe0, 0x91, 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, + 0xa5, 0xdb, 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47}; + gsec_aead_malloc_test_vector( + &test_vector_4, test_vector_4_key, + sizeof(test_vector_4_key) / sizeof(uint8_t), test_vector_4_nonce, + sizeof(test_vector_4_nonce) / sizeof(uint8_t), test_vector_4_aad, + sizeof(test_vector_4_aad) / sizeof(uint8_t), test_vector_4_plaintext, + sizeof(test_vector_4_plaintext) / sizeof(uint8_t), + test_vector_4_ciphertext_and_tag, + sizeof(test_vector_4_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_4); + gsec_aead_free_test_vector(test_vector_4); +} + +static void gsec_test_do_vector_tests_ieee() { + /** + * From: + * http://www.ieee802.org/1/files/public/docs2011/ + * bn-randall-test-vectors-0511-v1.pdf + */ + + /* 2.1.1 54-byte auth */ + gsec_aead_test_vector* test_vector_5; + const uint8_t test_vector_5_key[] = {0xad, 0x7a, 0x2b, 0xd0, 0x3e, 0xac, + 0x83, 0x5a, 0x6f, 0x62, 0x0f, 0xdc, + 0xb5, 0x06, 0xb3, 0x45}; + const uint8_t test_vector_5_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, + 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65}; + const uint8_t test_vector_5_aad[] = { + 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf, 0x99, 0x8d, + 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65, 0x12, 0x15, 0x35, 0x24, + 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, + 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x01}; + const uint8_t test_vector_5_plaintext[1] = {}; + const uint8_t test_vector_5_ciphertext_and_tag[] = { + 0xf0, 0x94, 0x78, 0xa9, 0xb0, 0x90, 0x07, 0xd0, + 0x6f, 0x46, 0xe9, 0xb6, 0xa1, 0xda, 0x25, 0xdd}; + gsec_aead_malloc_test_vector( + &test_vector_5, test_vector_5_key, + sizeof(test_vector_5_key) / sizeof(uint8_t), test_vector_5_nonce, + sizeof(test_vector_5_nonce) / sizeof(uint8_t), test_vector_5_aad, + sizeof(test_vector_5_aad) / sizeof(uint8_t), test_vector_5_plaintext, 0, + test_vector_5_ciphertext_and_tag, + sizeof(test_vector_5_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_5); + gsec_aead_free_test_vector(test_vector_5); + + /* 2.1.2 54-byte auth */ + gsec_aead_test_vector* test_vector_6; + const uint8_t test_vector_6_key[] = { + 0xe3, 0xc0, 0x8a, 0x8f, 0x06, 0xc6, 0xe3, 0xad, 0x95, 0xa7, 0x05, + 0x57, 0xb2, 0x3f, 0x75, 0x48, 0x3c, 0xe3, 0x30, 0x21, 0xa9, 0xc7, + 0x2b, 0x70, 0x25, 0x66, 0x62, 0x04, 0xc6, 0x9c, 0x0b, 0x72}; + + const uint8_t test_vector_6_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, + 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65}; + const uint8_t test_vector_6_aad[] = { + 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf, 0x99, 0x8d, + 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65, 0x12, 0x15, 0x35, 0x24, + 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, + 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x01}; + const uint8_t test_vector_6_plaintext[1] = {}; + const uint8_t test_vector_6_ciphertext_and_tag[] = { + 0x2f, 0x0b, 0xc5, 0xaf, 0x40, 0x9e, 0x06, 0xd6, + 0x09, 0xea, 0x8b, 0x7d, 0x0f, 0xa5, 0xea, 0x50}; + gsec_aead_malloc_test_vector( + &test_vector_6, test_vector_6_key, + sizeof(test_vector_6_key) / sizeof(uint8_t), test_vector_6_nonce, + sizeof(test_vector_6_nonce) / sizeof(uint8_t), test_vector_6_aad, + sizeof(test_vector_6_aad) / sizeof(uint8_t), test_vector_6_plaintext, 0, + test_vector_6_ciphertext_and_tag, + sizeof(test_vector_6_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_6); + gsec_aead_free_test_vector(test_vector_6); + + /* 2.2.1 60-byte crypt */ + gsec_aead_test_vector* test_vector_7; + const uint8_t test_vector_7_key[] = {0xad, 0x7a, 0x2b, 0xd0, 0x3e, 0xac, + 0x83, 0x5a, 0x6f, 0x62, 0x0f, 0xdc, + 0xb5, 0x06, 0xb3, 0x45}; + + const uint8_t test_vector_7_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, + 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65}; + const uint8_t test_vector_7_aad[] = { + 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf, + 0x99, 0x8d, 0x88, 0xe5, 0x2e, 0x00, 0xb2, 0xc2, 0x84, 0x65, + 0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81}; + const uint8_t test_vector_7_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, + 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x02}; + const uint8_t test_vector_7_ciphertext_and_tag[] = { + 0x70, 0x1a, 0xfa, 0x1c, 0xc0, 0x39, 0xc0, 0xd7, 0x65, 0x12, 0x8a, + 0x66, 0x5d, 0xab, 0x69, 0x24, 0x38, 0x99, 0xbf, 0x73, 0x18, 0xcc, + 0xdc, 0x81, 0xc9, 0x93, 0x1d, 0xa1, 0x7f, 0xbe, 0x8e, 0xdd, 0x7d, + 0x17, 0xcb, 0x8b, 0x4c, 0x26, 0xfc, 0x81, 0xe3, 0x28, 0x4f, 0x2b, + 0x7f, 0xba, 0x71, 0x3d, 0x4f, 0x8d, 0x55, 0xe7, 0xd3, 0xf0, 0x6f, + 0xd5, 0xa1, 0x3c, 0x0c, 0x29, 0xb9, 0xd5, 0xb8, 0x80}; + gsec_aead_malloc_test_vector( + &test_vector_7, test_vector_7_key, + sizeof(test_vector_7_key) / sizeof(uint8_t), test_vector_7_nonce, + sizeof(test_vector_7_nonce) / sizeof(uint8_t), test_vector_7_aad, + sizeof(test_vector_7_aad) / sizeof(uint8_t), test_vector_7_plaintext, + sizeof(test_vector_7_plaintext) / sizeof(uint8_t), + test_vector_7_ciphertext_and_tag, + sizeof(test_vector_7_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_7); + gsec_aead_free_test_vector(test_vector_7); + + /* 2.2.2 60-byte crypt */ + gsec_aead_test_vector* test_vector_8; + const uint8_t test_vector_8_key[] = { + 0xe3, 0xc0, 0x8a, 0x8f, 0x06, 0xc6, 0xe3, 0xad, 0x95, 0xa7, 0x05, + 0x57, 0xb2, 0x3f, 0x75, 0x48, 0x3c, 0xe3, 0x30, 0x21, 0xa9, 0xc7, + 0x2b, 0x70, 0x25, 0x66, 0x62, 0x04, 0xc6, 0x9c, 0x0b, 0x72}; + const uint8_t test_vector_8_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, + 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65}; + const uint8_t test_vector_8_aad[] = { + 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf, + 0x99, 0x8d, 0x88, 0xe5, 0x2e, 0x00, 0xb2, 0xc2, 0x84, 0x65, + 0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81}; + const uint8_t test_vector_8_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, + 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x02}; + const uint8_t test_vector_8_ciphertext_and_tag[] = { + 0xe2, 0x00, 0x6e, 0xb4, 0x2f, 0x52, 0x77, 0x02, 0x2d, 0x9b, 0x19, + 0x92, 0x5b, 0xc4, 0x19, 0xd7, 0xa5, 0x92, 0x66, 0x6c, 0x92, 0x5f, + 0xe2, 0xef, 0x71, 0x8e, 0xb4, 0xe3, 0x08, 0xef, 0xea, 0xa7, 0xc5, + 0x27, 0x3b, 0x39, 0x41, 0x18, 0x86, 0x0a, 0x5b, 0xe2, 0xa9, 0x7f, + 0x56, 0xab, 0x78, 0x36, 0x5c, 0xa5, 0x97, 0xcd, 0xbb, 0x3e, 0xdb, + 0x8d, 0x1a, 0x11, 0x51, 0xea, 0x0a, 0xf7, 0xb4, 0x36}; + gsec_aead_malloc_test_vector( + &test_vector_8, test_vector_8_key, + sizeof(test_vector_8_key) / sizeof(uint8_t), test_vector_8_nonce, + sizeof(test_vector_8_nonce) / sizeof(uint8_t), test_vector_8_aad, + sizeof(test_vector_8_aad) / sizeof(uint8_t), test_vector_8_plaintext, + sizeof(test_vector_8_plaintext) / sizeof(uint8_t), + test_vector_8_ciphertext_and_tag, + sizeof(test_vector_8_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_8); + gsec_aead_free_test_vector(test_vector_8); + + /* 2.3.1 60-byte auth */ + gsec_aead_test_vector* test_vector_9; + const uint8_t test_vector_9_key[] = {0x07, 0x1b, 0x11, 0x3b, 0x0c, 0xa7, + 0x43, 0xfe, 0xcc, 0xcf, 0x3d, 0x05, + 0x1f, 0x73, 0x73, 0x82}; + const uint8_t test_vector_9_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_9_aad[] = { + 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x88, 0xe5, 0x40, 0x00, 0x76, 0xd4, 0x57, 0xed, 0x08, 0x00, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, + 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x03}; + const uint8_t test_vector_9_plaintext[1] = {}; + const uint8_t test_vector_9_ciphertext_and_tag[] = { + 0x0c, 0x01, 0x7b, 0xc7, 0x3b, 0x22, 0x7d, 0xfc, + 0xc9, 0xba, 0xfa, 0x1c, 0x41, 0xac, 0xc3, 0x53}; + gsec_aead_malloc_test_vector( + &test_vector_9, test_vector_9_key, + sizeof(test_vector_9_key) / sizeof(uint8_t), test_vector_9_nonce, + sizeof(test_vector_9_nonce) / sizeof(uint8_t), test_vector_9_aad, + sizeof(test_vector_9_aad) / sizeof(uint8_t), test_vector_9_plaintext, 0, + test_vector_9_ciphertext_and_tag, + sizeof(test_vector_9_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_9); + gsec_aead_free_test_vector(test_vector_9); + + /* 2.3.2 60-byte auth */ + gsec_aead_test_vector* test_vector_10; + const uint8_t test_vector_10_key[] = { + 0x69, 0x1d, 0x3e, 0xe9, 0x09, 0xd7, 0xf5, 0x41, 0x67, 0xfd, 0x1c, + 0xa0, 0xb5, 0xd7, 0x69, 0x08, 0x1f, 0x2b, 0xde, 0x1a, 0xee, 0x65, + 0x5f, 0xdb, 0xab, 0x80, 0xbd, 0x52, 0x95, 0xae, 0x6b, 0xe7}; + const uint8_t test_vector_10_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_10_aad[] = { + 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x88, 0xe5, 0x40, 0x00, 0x76, 0xd4, 0x57, 0xed, 0x08, 0x00, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, + 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x03}; + const uint8_t test_vector_10_plaintext[1] = {}; + const uint8_t test_vector_10_ciphertext_and_tag[] = { + 0x35, 0x21, 0x7c, 0x77, 0x4b, 0xbc, 0x31, 0xb6, + 0x31, 0x66, 0xbc, 0xf9, 0xd4, 0xab, 0xed, 0x07}; + gsec_aead_malloc_test_vector( + &test_vector_10, test_vector_10_key, + sizeof(test_vector_10_key) / sizeof(uint8_t), test_vector_10_nonce, + sizeof(test_vector_10_nonce) / sizeof(uint8_t), test_vector_10_aad, + sizeof(test_vector_10_aad) / sizeof(uint8_t), test_vector_10_plaintext, 0, + test_vector_10_ciphertext_and_tag, + sizeof(test_vector_10_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_10); + gsec_aead_free_test_vector(test_vector_10); + + /* 2.4.1 54-byte crypt */ + gsec_aead_test_vector* test_vector_11; + const uint8_t test_vector_11_key[] = {0x07, 0x1b, 0x11, 0x3b, 0x0c, 0xa7, + 0x43, 0xfe, 0xcc, 0xcf, 0x3d, 0x05, + 0x1f, 0x73, 0x73, 0x82}; + const uint8_t test_vector_11_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_11_aad[] = { + 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d, + 0xcd, 0x3d, 0x88, 0xe5, 0x4c, 0x2a, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_11_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, + 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x04}; + const uint8_t test_vector_11_ciphertext_and_tag[] = { + 0x13, 0xb4, 0xc7, 0x2b, 0x38, 0x9d, 0xc5, 0x01, 0x8e, 0x72, 0xa1, 0x71, + 0xdd, 0x85, 0xa5, 0xd3, 0x75, 0x22, 0x74, 0xd3, 0xa0, 0x19, 0xfb, 0xca, + 0xed, 0x09, 0xa4, 0x25, 0xcd, 0x9b, 0x2e, 0x1c, 0x9b, 0x72, 0xee, 0xe7, + 0xc9, 0xde, 0x7d, 0x52, 0xb3, 0xf3, 0xd6, 0xa5, 0x28, 0x4f, 0x4a, 0x6d, + 0x3f, 0xe2, 0x2a, 0x5d, 0x6c, 0x2b, 0x96, 0x04, 0x94, 0xc3}; + gsec_aead_malloc_test_vector( + &test_vector_11, test_vector_11_key, + sizeof(test_vector_11_key) / sizeof(uint8_t), test_vector_11_nonce, + sizeof(test_vector_11_nonce) / sizeof(uint8_t), test_vector_11_aad, + sizeof(test_vector_11_aad) / sizeof(uint8_t), test_vector_11_plaintext, + sizeof(test_vector_11_plaintext) / sizeof(uint8_t), + test_vector_11_ciphertext_and_tag, + sizeof(test_vector_11_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_11); + gsec_aead_free_test_vector(test_vector_11); + + /* 2.4.2 54-byte crypt */ + gsec_aead_test_vector* test_vector_12; + const uint8_t test_vector_12_key[] = { + 0x69, 0x1d, 0x3e, 0xe9, 0x09, 0xd7, 0xf5, 0x41, 0x67, 0xfd, 0x1c, + 0xa0, 0xb5, 0xd7, 0x69, 0x08, 0x1f, 0x2b, 0xde, 0x1a, 0xee, 0x65, + 0x5f, 0xdb, 0xab, 0x80, 0xbd, 0x52, 0x95, 0xae, 0x6b, 0xe7}; + const uint8_t test_vector_12_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_12_aad[] = { + 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d, + 0xcd, 0x3d, 0x88, 0xe5, 0x4c, 0x2a, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_12_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, + 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x04}; + const uint8_t test_vector_12_ciphertext_and_tag[] = { + 0xc1, 0x62, 0x3f, 0x55, 0x73, 0x0c, 0x93, 0x53, 0x30, 0x97, 0xad, 0xda, + 0xd2, 0x56, 0x64, 0x96, 0x61, 0x25, 0x35, 0x2b, 0x43, 0xad, 0xac, 0xbd, + 0x61, 0xc5, 0xef, 0x3a, 0xc9, 0x0b, 0x5b, 0xee, 0x92, 0x9c, 0xe4, 0x63, + 0x0e, 0xa7, 0x9f, 0x6c, 0xe5, 0x19, 0x12, 0xaf, 0x39, 0xc2, 0xd1, 0xfd, + 0xc2, 0x05, 0x1f, 0x8b, 0x7b, 0x3c, 0x9d, 0x39, 0x7e, 0xf2}; + gsec_aead_malloc_test_vector( + &test_vector_12, test_vector_12_key, + sizeof(test_vector_12_key) / sizeof(uint8_t), test_vector_12_nonce, + sizeof(test_vector_12_nonce) / sizeof(uint8_t), test_vector_12_aad, + sizeof(test_vector_12_aad) / sizeof(uint8_t), test_vector_12_plaintext, + sizeof(test_vector_12_plaintext) / sizeof(uint8_t), + test_vector_12_ciphertext_and_tag, + sizeof(test_vector_12_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_12); + gsec_aead_free_test_vector(test_vector_12); + + /* 2.5.1 65-byte auth */ + gsec_aead_test_vector* test_vector_13; + const uint8_t test_vector_13_key[] = {0x01, 0x3f, 0xe0, 0x0b, 0x5f, 0x11, + 0xbe, 0x7f, 0x86, 0x6d, 0x0c, 0xbb, + 0xc5, 0x5a, 0x7a, 0x90}; + const uint8_t test_vector_13_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, + 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12}; + const uint8_t test_vector_13_aad[] = { + 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2, 0x72, 0x77, + 0x88, 0xe5, 0x23, 0x00, 0x89, 0x32, 0xd6, 0x12, 0x7c, 0xfd, 0xe9, 0xf9, + 0xe3, 0x37, 0x24, 0xc6, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, + 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x00, 0x05}; + const uint8_t test_vector_13_plaintext[1] = {}; + const uint8_t test_vector_13_ciphertext_and_tag[] = { + 0x21, 0x78, 0x67, 0xe5, 0x0c, 0x2d, 0xad, 0x74, + 0xc2, 0x8c, 0x3b, 0x50, 0xab, 0xdf, 0x69, 0x5a}; + gsec_aead_malloc_test_vector( + &test_vector_13, test_vector_13_key, + sizeof(test_vector_13_key) / sizeof(uint8_t), test_vector_13_nonce, + sizeof(test_vector_13_nonce) / sizeof(uint8_t), test_vector_13_aad, + sizeof(test_vector_13_aad) / sizeof(uint8_t), test_vector_13_plaintext, 0, + test_vector_13_ciphertext_and_tag, + sizeof(test_vector_13_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_13); + gsec_aead_free_test_vector(test_vector_13); + + /* 2.5.2 65-byte auth */ + gsec_aead_test_vector* test_vector_14; + const uint8_t test_vector_14_key[] = { + 0x83, 0xc0, 0x93, 0xb5, 0x8d, 0xe7, 0xff, 0xe1, 0xc0, 0xda, 0x92, + 0x6a, 0xc4, 0x3f, 0xb3, 0x60, 0x9a, 0xc1, 0xc8, 0x0f, 0xee, 0x1b, + 0x62, 0x44, 0x97, 0xef, 0x94, 0x2e, 0x2f, 0x79, 0xa8, 0x23}; + const uint8_t test_vector_14_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, + 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12}; + const uint8_t test_vector_14_aad[] = { + 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2, 0x72, 0x77, + 0x88, 0xe5, 0x23, 0x00, 0x89, 0x32, 0xd6, 0x12, 0x7c, 0xfd, 0xe9, 0xf9, + 0xe3, 0x37, 0x24, 0xc6, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, + 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x00, 0x05}; + const uint8_t test_vector_14_plaintext[1] = {}; + const uint8_t test_vector_14_ciphertext_and_tag[] = { + 0x6e, 0xe1, 0x60, 0xe8, 0xfa, 0xec, 0xa4, 0xb3, + 0x6c, 0x86, 0xb2, 0x34, 0x92, 0x0c, 0xa9, 0x75}; + gsec_aead_malloc_test_vector( + &test_vector_14, test_vector_14_key, + sizeof(test_vector_14_key) / sizeof(uint8_t), test_vector_14_nonce, + sizeof(test_vector_14_nonce) / sizeof(uint8_t), test_vector_14_aad, + sizeof(test_vector_14_aad) / sizeof(uint8_t), test_vector_14_plaintext, 0, + test_vector_14_ciphertext_and_tag, + sizeof(test_vector_14_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_14); + gsec_aead_free_test_vector(test_vector_14); + + /* 2.6.1 61-byte crypt */ + gsec_aead_test_vector* test_vector_15; + const uint8_t test_vector_15_key[] = {0x01, 0x3f, 0xe0, 0x0b, 0x5f, 0x11, + 0xbe, 0x7f, 0x86, 0x6d, 0x0c, 0xbb, + 0xc5, 0x5a, 0x7a, 0x90}; + const uint8_t test_vector_15_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, + 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12}; + const uint8_t test_vector_15_aad[] = { + 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2, + 0x72, 0x77, 0x88, 0xe5, 0x2f, 0x00, 0x89, 0x32, 0xd6, 0x12, + 0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, 0x24, 0xc6}; + const uint8_t test_vector_15_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, + 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x00, 0x06}; + const uint8_t test_vector_15_ciphertext_and_tag[] = { + 0x3a, 0x4d, 0xe6, 0xfa, 0x32, 0x19, 0x10, 0x14, 0xdb, 0xb3, 0x03, + 0xd9, 0x2e, 0xe3, 0xa9, 0xe8, 0xa1, 0xb5, 0x99, 0xc1, 0x4d, 0x22, + 0xfb, 0x08, 0x00, 0x96, 0xe1, 0x38, 0x11, 0x81, 0x6a, 0x3c, 0x9c, + 0x9b, 0xcf, 0x7c, 0x1b, 0x9b, 0x96, 0xda, 0x80, 0x92, 0x04, 0xe2, + 0x9d, 0x0e, 0x2a, 0x76, 0x42, 0xbf, 0xd3, 0x10, 0xa4, 0x83, 0x7c, + 0x81, 0x6c, 0xcf, 0xa5, 0xac, 0x23, 0xab, 0x00, 0x39, 0x88}; + gsec_aead_malloc_test_vector( + &test_vector_15, test_vector_15_key, + sizeof(test_vector_15_key) / sizeof(uint8_t), test_vector_15_nonce, + sizeof(test_vector_15_nonce) / sizeof(uint8_t), test_vector_15_aad, + sizeof(test_vector_15_aad) / sizeof(uint8_t), test_vector_15_plaintext, + sizeof(test_vector_15_plaintext) / sizeof(uint8_t), + test_vector_15_ciphertext_and_tag, + sizeof(test_vector_15_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_15); + gsec_aead_free_test_vector(test_vector_15); + + /* 2.6.2 61-byte crypt */ + gsec_aead_test_vector* test_vector_16; + const uint8_t test_vector_16_key[] = { + 0x83, 0xc0, 0x93, 0xb5, 0x8d, 0xe7, 0xff, 0xe1, 0xc0, 0xda, 0x92, + 0x6a, 0xc4, 0x3f, 0xb3, 0x60, 0x9a, 0xc1, 0xc8, 0x0f, 0xee, 0x1b, + 0x62, 0x44, 0x97, 0xef, 0x94, 0x2e, 0x2f, 0x79, 0xa8, 0x23}; + const uint8_t test_vector_16_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, + 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12}; + const uint8_t test_vector_16_aad[] = { + 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2, + 0x72, 0x77, 0x88, 0xe5, 0x2f, 0x00, 0x89, 0x32, 0xd6, 0x12, + 0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, 0x24, 0xc6}; + const uint8_t test_vector_16_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, + 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x00, 0x06}; + const uint8_t test_vector_16_ciphertext_and_tag[] = { + 0x11, 0x02, 0x22, 0xff, 0x80, 0x50, 0xcb, 0xec, 0xe6, 0x6a, 0x81, + 0x3a, 0xd0, 0x9a, 0x73, 0xed, 0x7a, 0x9a, 0x08, 0x9c, 0x10, 0x6b, + 0x95, 0x93, 0x89, 0x16, 0x8e, 0xd6, 0xe8, 0x69, 0x8e, 0xa9, 0x02, + 0xeb, 0x12, 0x77, 0xdb, 0xec, 0x2e, 0x68, 0xe4, 0x73, 0x15, 0x5a, + 0x15, 0xa7, 0xda, 0xee, 0xd4, 0xa1, 0x0f, 0x4e, 0x05, 0x13, 0x9c, + 0x23, 0xdf, 0x00, 0xb3, 0xaa, 0xdc, 0x71, 0xf0, 0x59, 0x6a}; + gsec_aead_malloc_test_vector( + &test_vector_16, test_vector_16_key, + sizeof(test_vector_16_key) / sizeof(uint8_t), test_vector_16_nonce, + sizeof(test_vector_16_nonce) / sizeof(uint8_t), test_vector_16_aad, + sizeof(test_vector_16_aad) / sizeof(uint8_t), test_vector_16_plaintext, + sizeof(test_vector_16_plaintext) / sizeof(uint8_t), + test_vector_16_ciphertext_and_tag, + sizeof(test_vector_16_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_16); + gsec_aead_free_test_vector(test_vector_16); + + /* 2.7.1 79-byte crypt */ + gsec_aead_test_vector* test_vector_17; + const uint8_t test_vector_17_key[] = {0x88, 0xee, 0x08, 0x7f, 0xd9, 0x5d, + 0xa9, 0xfb, 0xf6, 0x72, 0x5a, 0xa9, + 0xd7, 0x57, 0xb0, 0xcd}; + const uint8_t test_vector_17_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5, + 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_17_aad[] = { + 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca, 0x4e, + 0xc5, 0x88, 0xe5, 0x41, 0x00, 0x2e, 0x58, 0x49, 0x5c, 0x08, 0x00, + 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, + 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, + 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x00, 0x07}; + const uint8_t test_vector_17_plaintext[1] = {}; + const uint8_t test_vector_17_ciphertext_and_tag[] = { + 0x07, 0x92, 0x2b, 0x8e, 0xbc, 0xf1, 0x0b, 0xb2, + 0x29, 0x75, 0x88, 0xca, 0x4c, 0x61, 0x45, 0x23}; + gsec_aead_malloc_test_vector( + &test_vector_17, test_vector_17_key, + sizeof(test_vector_17_key) / sizeof(uint8_t), test_vector_17_nonce, + sizeof(test_vector_17_nonce) / sizeof(uint8_t), test_vector_17_aad, + sizeof(test_vector_17_aad) / sizeof(uint8_t), test_vector_17_plaintext, 0, + test_vector_17_ciphertext_and_tag, + sizeof(test_vector_17_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_17); + gsec_aead_free_test_vector(test_vector_17); + + /* 2.7.2 79-byte crypt */ + gsec_aead_test_vector* test_vector_18; + const uint8_t test_vector_18_key[] = { + 0x4c, 0x97, 0x3d, 0xbc, 0x73, 0x64, 0x62, 0x16, 0x74, 0xf8, 0xb5, + 0xb8, 0x9e, 0x5c, 0x15, 0x51, 0x1f, 0xce, 0xd9, 0x21, 0x64, 0x90, + 0xfb, 0x1c, 0x1a, 0x2c, 0xaa, 0x0f, 0xfe, 0x04, 0x07, 0xe5}; + const uint8_t test_vector_18_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5, + 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_18_aad[] = { + 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca, 0x4e, + 0xc5, 0x88, 0xe5, 0x41, 0x00, 0x2e, 0x58, 0x49, 0x5c, 0x08, 0x00, + 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, + 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, + 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x00, 0x07}; + const uint8_t test_vector_18_plaintext[1] = {}; + const uint8_t test_vector_18_ciphertext_and_tag[] = { + 0x00, 0xbd, 0xa1, 0xb7, 0xe8, 0x76, 0x08, 0xbc, + 0xbf, 0x47, 0x0f, 0x12, 0x15, 0x7f, 0x4c, 0x07}; + gsec_aead_malloc_test_vector( + &test_vector_18, test_vector_18_key, + sizeof(test_vector_18_key) / sizeof(uint8_t), test_vector_18_nonce, + sizeof(test_vector_18_nonce) / sizeof(uint8_t), test_vector_18_aad, + sizeof(test_vector_18_aad) / sizeof(uint8_t), test_vector_18_plaintext, 0, + test_vector_18_ciphertext_and_tag, + sizeof(test_vector_18_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_18); + gsec_aead_free_test_vector(test_vector_18); + + /* 2.8.1 61-byte crypt */ + gsec_aead_test_vector* test_vector_19; + const uint8_t test_vector_19_key[] = {0x88, 0xee, 0x08, 0x7f, 0xd9, 0x5d, + 0xa9, 0xfb, 0xf6, 0x72, 0x5a, 0xa9, + 0xd7, 0x57, 0xb0, 0xcd}; + const uint8_t test_vector_19_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5, + 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_19_aad[] = { + 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca, + 0x4e, 0xc5, 0x88, 0xe5, 0x4d, 0x00, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_19_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, + 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, + 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x00, 0x08}; + const uint8_t test_vector_19_ciphertext_and_tag[] = { + 0xc3, 0x1f, 0x53, 0xd9, 0x9e, 0x56, 0x87, 0xf7, 0x36, 0x51, 0x19, 0xb8, + 0x32, 0xd2, 0xaa, 0xe7, 0x07, 0x41, 0xd5, 0x93, 0xf1, 0xf9, 0xe2, 0xab, + 0x34, 0x55, 0x77, 0x9b, 0x07, 0x8e, 0xb8, 0xfe, 0xac, 0xdf, 0xec, 0x1f, + 0x8e, 0x3e, 0x52, 0x77, 0xf8, 0x18, 0x0b, 0x43, 0x36, 0x1f, 0x65, 0x12, + 0xad, 0xb1, 0x6d, 0x2e, 0x38, 0x54, 0x8a, 0x2c, 0x71, 0x9d, 0xba, 0x72, + 0x28, 0xd8, 0x40, 0x88, 0xf8, 0x75, 0x7a, 0xdb, 0x8a, 0xa7, 0x88, 0xd8, + 0xf6, 0x5a, 0xd6, 0x68, 0xbe, 0x70, 0xe7}; + gsec_aead_malloc_test_vector( + &test_vector_19, test_vector_19_key, + sizeof(test_vector_19_key) / sizeof(uint8_t), test_vector_19_nonce, + sizeof(test_vector_19_nonce) / sizeof(uint8_t), test_vector_19_aad, + sizeof(test_vector_19_aad) / sizeof(uint8_t), test_vector_19_plaintext, + sizeof(test_vector_19_plaintext) / sizeof(uint8_t), + test_vector_19_ciphertext_and_tag, + sizeof(test_vector_19_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_19); + gsec_aead_free_test_vector(test_vector_19); + + /* 2.8.2 61-byte crypt */ + gsec_aead_test_vector* test_vector_20; + const uint8_t test_vector_20_key[] = { + 0x4c, 0x97, 0x3d, 0xbc, 0x73, 0x64, 0x62, 0x16, 0x74, 0xf8, 0xb5, + 0xb8, 0x9e, 0x5c, 0x15, 0x51, 0x1f, 0xce, 0xd9, 0x21, 0x64, 0x90, + 0xfb, 0x1c, 0x1a, 0x2c, 0xaa, 0x0f, 0xfe, 0x04, 0x07, 0xe5}; + const uint8_t test_vector_20_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5, + 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_20_aad[] = { + 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca, + 0x4e, 0xc5, 0x88, 0xe5, 0x4d, 0x00, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_20_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, + 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, + 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x00, 0x08}; + const uint8_t test_vector_20_ciphertext_and_tag[] = { + 0xba, 0x8a, 0xe3, 0x1b, 0xc5, 0x06, 0x48, 0x6d, 0x68, 0x73, 0xe4, 0xfc, + 0xe4, 0x60, 0xe7, 0xdc, 0x57, 0x59, 0x1f, 0xf0, 0x06, 0x11, 0xf3, 0x1c, + 0x38, 0x34, 0xfe, 0x1c, 0x04, 0xad, 0x80, 0xb6, 0x68, 0x03, 0xaf, 0xcf, + 0x5b, 0x27, 0xe6, 0x33, 0x3f, 0xa6, 0x7c, 0x99, 0xda, 0x47, 0xc2, 0xf0, + 0xce, 0xd6, 0x8d, 0x53, 0x1b, 0xd7, 0x41, 0xa9, 0x43, 0xcf, 0xf7, 0xa6, + 0x71, 0x3b, 0xd0, 0x26, 0x11, 0xcd, 0x7d, 0xaa, 0x01, 0xd6, 0x1c, 0x5c, + 0x88, 0x6d, 0xc1, 0xa8, 0x17, 0x01, 0x07}; + gsec_aead_malloc_test_vector( + &test_vector_20, test_vector_20_key, + sizeof(test_vector_20_key) / sizeof(uint8_t), test_vector_20_nonce, + sizeof(test_vector_20_nonce) / sizeof(uint8_t), test_vector_20_aad, + sizeof(test_vector_20_aad) / sizeof(uint8_t), test_vector_20_plaintext, + sizeof(test_vector_20_plaintext) / sizeof(uint8_t), + test_vector_20_ciphertext_and_tag, + sizeof(test_vector_20_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_20); + gsec_aead_free_test_vector(test_vector_20); +} + +int main(int argc, char** argv) { + grpc_init(); + gsec_test_do_generic_crypter_tests(); + gsec_test_do_vector_tests_nist(); + gsec_test_do_vector_tests_ieee(); + gsec_test_do_vector_tests_rekey_nist(); + gsec_test_do_vector_tests_rekey_ieee(); + grpc_shutdown(); + return 0; +} diff --git a/test/core/tsi/alts/crypt/gsec_test_util.cc b/test/core/tsi/alts/crypt/gsec_test_util.cc new file mode 100644 index 0000000000..992c91e6bc --- /dev/null +++ b/test/core/tsi/alts/crypt/gsec_test_util.cc @@ -0,0 +1,87 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +#include <grpc/support/alloc.h> + +void gsec_test_random_bytes(uint8_t* bytes, size_t length) { + if (!RAND_bytes(bytes, static_cast<int>(length))) { + fprintf(stderr, + "Random bytes generation failed in gsec_test_random_bytes()."); + abort(); + } +} + +void gsec_test_random_array(uint8_t** bytes, size_t length) { + if (bytes != nullptr) { + *bytes = static_cast<uint8_t*>(gpr_malloc(length)); + gsec_test_random_bytes(*bytes, length); + } else { + fprintf(stderr, "bytes buffer is nullptr in gsec_test_random_array()."); + abort(); + } +} + +uint32_t gsec_test_bias_random_uint32(uint32_t max_length) { + uint32_t value; + gsec_test_random_bytes((uint8_t*)(&value), sizeof(value)); + return value % max_length; +} + +void gsec_test_copy(const uint8_t* src, uint8_t** des, size_t source_len) { + if (src != nullptr && des != nullptr) { + *des = static_cast<uint8_t*>(gpr_malloc(source_len)); + memcpy(*des, src, source_len); + } else { + fprintf(stderr, "Either src or des buffer is nullptr in gsec_test_copy()."); + abort(); + } +} + +void gsec_test_copy_and_alter_random_byte(const uint8_t* src, uint8_t** des, + size_t source_len) { + if (src != nullptr && des != nullptr) { + *des = static_cast<uint8_t*>(gpr_malloc(source_len)); + memcpy(*des, src, source_len); + uint32_t offset; + offset = gsec_test_bias_random_uint32(static_cast<uint32_t>(source_len)); + (*(*des + offset))++; + } else { + fprintf(stderr, + "Either src or des is nullptr in " + "gsec_test_copy_and_alter_random_byte()."); + abort(); + } +} + +int gsec_test_expect_compare_code_and_substr(grpc_status_code status1, + grpc_status_code status2, + const char* msg1, + const char* msg2) { + int failure = 1; + if (status1 != status2) { + fprintf(stderr, "Status %d does not equal %d.\n", status1, status2); + failure = 0; + } + if (strstr(msg1, msg2) == nullptr) { + fprintf(stderr, "Status message <%s> does not contain <%s>.\n", msg1, msg2); + failure = 0; + } + return failure; +} diff --git a/test/core/tsi/alts/crypt/gsec_test_util.h b/test/core/tsi/alts/crypt/gsec_test_util.h new file mode 100644 index 0000000000..206ae2fda8 --- /dev/null +++ b/test/core/tsi/alts/crypt/gsec_test_util.h @@ -0,0 +1,91 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_TEST_CORE_TSI_ALTS_CRYPT_GSEC_TEST_UTIL_H_ +#define GRPC_TEST_CORE_TSI_ALTS_CRYPT_GSEC_TEST_UTIL_H_ + +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <openssl/rand.h> + +#include <grpc/grpc.h> + +/** + * This method returns random bytes of certain length. + * + * - bytes: buffer to hold random bytes. + * - length: length of buffer to be populated. + */ +void gsec_test_random_bytes(uint8_t* bytes, size_t length); + +/** + * This method returns an array of random bytes. + * + * - bytes: array to hold random bytes. + * - length: length of array to be populated. + */ +void gsec_test_random_array(uint8_t** bytes, size_t length); + +/** + * This method returns a uint32 that's not quite uniformly random, but good + * enough for tests. + * + * - max_length: a max value the returned random number can choose. + */ +uint32_t gsec_test_bias_random_uint32(uint32_t max_length); + +/** + * This method copies data from a source to a destination buffer. + * + * - src: a source buffer. + * - des: a destination buffer. + * - length: the length of source buffer to be copied from its beginning. + */ +void gsec_test_copy(const uint8_t* src, uint8_t** des, size_t length); + +/** + * This method copies data from a source to a destination buffer, and flips one + * byte in the destination buffer randomly. + * + * - src: a source buffer. + * - des: a destination buffer. + * - length: the length of source buffer to be copied from its beginning. + */ +void gsec_test_copy_and_alter_random_byte(const uint8_t* src, uint8_t** des, + size_t source_len); + +/** + * This method compares two grpc_status_code values, and verifies if one string + * is a substring of the other. + * + * - status1: the first grpc_status_code to be compared. + * - status2: the second grpc_status_code to be compared. + * - msg1: a string to be scanned. + * - msg2: a small string to be searched within msg1. + * + * If both checks succeed, the method returns 1 and otherwise, it returns 0. + */ +int gsec_test_expect_compare_code_and_substr(grpc_status_code status1, + grpc_status_code status2, + const char* msg1, + const char* msg2); + +#endif // GRPC_TEST_CORE_TSI_ALTS_CRYPT_GSEC_TEST_UTIL_H_ */ diff --git a/test/core/tsi/alts/frame_protector/BUILD b/test/core/tsi/alts/frame_protector/BUILD new file mode 100644 index 0000000000..8bbc8c6e5e --- /dev/null +++ b/test/core/tsi/alts/frame_protector/BUILD @@ -0,0 +1,60 @@ +# Copyright 2018 gRPC authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +load("//bazel:grpc_build_system.bzl", "grpc_cc_library", "grpc_cc_test", "grpc_package") + +licenses(["notice"]) # Apache v2 + +grpc_package(name = "frame_protector") + +grpc_cc_test( + name = "alts_counter_test", + srcs = ["alts_counter_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) + +grpc_cc_test( + name = "alts_crypter_test", + srcs = ["alts_crypter_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) + +grpc_cc_test( + name = "alts_frame_protector_test", + srcs = ["alts_frame_protector_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + "//test/core/tsi:transport_security_test_lib", + ], +) + +grpc_cc_test( + name = "frame_handler_test", + srcs = ["frame_handler_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) diff --git a/test/core/tsi/alts/frame_protector/alts_counter_test.cc b/test/core/tsi/alts/frame_protector/alts_counter_test.cc new file mode 100644 index 0000000000..49ff82108b --- /dev/null +++ b/test/core/tsi/alts/frame_protector/alts_counter_test.cc @@ -0,0 +1,180 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/tsi/alts/frame_protector/alts_counter.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +const size_t kSmallCounterSize = 4; +const size_t kSmallOverflowSize = 1; +const size_t kGcmCounterSize = 12; +const size_t kGcmOverflowSize = 5; + +static bool do_bytes_represent_client(alts_counter* ctr, unsigned char* counter, + size_t size) { + return (ctr->counter[size - 1] & 0x80) == 0x80; +} + +static void alts_counter_test_input_sanity_check(size_t counter_size, + size_t overflow_size) { + alts_counter* ctr = nullptr; + char* error_details = nullptr; + + /* Input sanity check on alts_counter_create(). */ + /* Invalid counter size. */ + grpc_status_code status = + alts_counter_create(true, 0, overflow_size, &ctr, &error_details); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_details, + "counter_size is invalid.")); + gpr_free(error_details); + + /* Invalid overflow size. */ + status = alts_counter_create(true, counter_size, 0, &ctr, &error_details); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_details, + "overflow_size is invalid.")); + gpr_free(error_details); + + /* alts_counter is nullptr. */ + status = alts_counter_create(true, counter_size, overflow_size, nullptr, + &error_details); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_details, + "crypter_counter is nullptr.")); + gpr_free(error_details); + + status = alts_counter_create(true, counter_size, overflow_size, &ctr, + &error_details); + GPR_ASSERT(status == GRPC_STATUS_OK); + + /* Input sanity check on alts_counter_increment(). */ + /* crypter_counter is nullptr. */ + bool is_overflow = false; + status = alts_counter_increment(nullptr, &is_overflow, &error_details); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_details, + "crypter_counter is nullptr.")); + gpr_free(error_details); + /* is_overflow is nullptr. */ + status = alts_counter_increment(ctr, nullptr, &error_details); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_details, + "is_overflow is nullptr.")); + gpr_free(error_details); + alts_counter_destroy(ctr); +} + +static void alts_counter_test_overflow_full_range(bool is_client, + size_t counter_size, + size_t overflow_size) { + alts_counter* ctr = nullptr; + char* error_details = nullptr; + grpc_status_code status = alts_counter_create( + is_client, counter_size, overflow_size, &ctr, &error_details); + GPR_ASSERT(status == GRPC_STATUS_OK); + unsigned char* expected = + static_cast<unsigned char*>(gpr_zalloc(counter_size)); + if (is_client) { + expected[counter_size - 1] = 0x80; + } + /* Do a single iteration to ensure the counter is initialized as expected. */ + GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr), + counter_size) == is_client); + GPR_ASSERT(memcmp(alts_counter_get_counter(ctr), expected, counter_size) == + 0); + bool is_overflow = false; + GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) == + GRPC_STATUS_OK); + GPR_ASSERT(!is_overflow); + /** + * The counter can return 2^{overflow_size * 8} counters. The + * high-order bit is fixed to the client/server. The last call will yield a + * useable counter, but overflow the counter object. + */ + int iterations = 1 << (overflow_size * 8); + int ind = 1; + for (ind = 1; ind < iterations - 1; ind++) { + GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr), + counter_size) == is_client); + GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) == + GRPC_STATUS_OK); + GPR_ASSERT(!is_overflow); + } + GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr), + counter_size) == is_client); + GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) == + GRPC_STATUS_FAILED_PRECONDITION); + GPR_ASSERT(is_overflow); + gpr_free(expected); + alts_counter_destroy(ctr); +} + +/* Set the counter manually and make sure it overflows as expected. */ +static void alts_counter_test_overflow_single_increment(bool is_client, + size_t counter_size, + size_t overflow_size) { + alts_counter* ctr = nullptr; + char* error_details = nullptr; + grpc_status_code status = alts_counter_create( + is_client, counter_size, overflow_size, &ctr, &error_details); + GPR_ASSERT(status == GRPC_STATUS_OK); + unsigned char* expected = + static_cast<unsigned char*>(gpr_zalloc(counter_size)); + memset(expected, 0xFF, overflow_size); + expected[0] = 0xFE; + + if (is_client) { + expected[counter_size - 1] = 0x80; + } + memcpy(ctr->counter, expected, counter_size); + GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr), + counter_size) == is_client); + GPR_ASSERT(memcmp(expected, alts_counter_get_counter(ctr), counter_size) == + 0); + bool is_overflow = false; + GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) == + GRPC_STATUS_OK); + GPR_ASSERT(!is_overflow); + GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr), + counter_size) == is_client); + expected[0] = static_cast<unsigned char>(expected[0] + 1); + GPR_ASSERT(memcmp(expected, alts_counter_get_counter(ctr), counter_size) == + 0); + GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) == + GRPC_STATUS_FAILED_PRECONDITION); + GPR_ASSERT(is_overflow); + gpr_free(expected); + alts_counter_destroy(ctr); +} + +int main(int argc, char** argv) { + alts_counter_test_input_sanity_check(kGcmCounterSize, kGcmOverflowSize); + alts_counter_test_overflow_full_range(true, kSmallCounterSize, + kSmallOverflowSize); + alts_counter_test_overflow_full_range(false, kSmallCounterSize, + kSmallOverflowSize); + alts_counter_test_overflow_single_increment(true, kGcmCounterSize, + kGcmOverflowSize); + alts_counter_test_overflow_single_increment(false, kGcmCounterSize, + kGcmOverflowSize); + + return 0; +} diff --git a/test/core/tsi/alts/frame_protector/alts_crypter_test.cc b/test/core/tsi/alts/frame_protector/alts_crypter_test.cc new file mode 100644 index 0000000000..0ad616bcd6 --- /dev/null +++ b/test/core/tsi/alts/frame_protector/alts_crypter_test.cc @@ -0,0 +1,493 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/tsi/alts/frame_protector/alts_crypter.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +static void alts_crypter_test_random_seal_unseal(alts_crypter* server_seal, + alts_crypter* server_unseal, + alts_crypter* client_seal, + alts_crypter* client_unseal) { + size_t data_size = gsec_test_bias_random_uint32(1024) + 1; + size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal); + size_t protected_data_size = data_size + num_overhead_bytes; + uint8_t* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + gsec_test_random_bytes(data_buffer, data_size); + uint8_t* duplicate_buffer = nullptr; + gsec_test_copy(data_buffer, &duplicate_buffer, data_size); + + /* Client seal and server unseal */ + size_t size = data_size; + grpc_status_code status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + status = alts_crypter_process_in_place( + server_unseal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer, duplicate_buffer, data_size) == 0); + GPR_ASSERT(size == data_size); + /* Server seal and client unseal */ + status = alts_crypter_process_in_place( + server_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + status = alts_crypter_process_in_place( + client_unseal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer, duplicate_buffer, data_size) == 0); + GPR_ASSERT(size == data_size); + gpr_free(data_buffer); + gpr_free(duplicate_buffer); +} + +static void alts_crypter_test_multiple_random_seal_unseal( + alts_crypter* server_seal, alts_crypter* server_unseal, + alts_crypter* client_seal, alts_crypter* client_unseal) { + size_t data_size = gsec_test_bias_random_uint32(1024) + 1; + size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal); + size_t protected_data_size = data_size + num_overhead_bytes; + + uint8_t* data_buffer1 = + static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + uint8_t* data_buffer2 = + static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + uint8_t* duplicate_buffer1 = nullptr; + uint8_t* duplicate_buffer2 = nullptr; + gsec_test_random_bytes(data_buffer1, data_size); + gsec_test_random_bytes(data_buffer2, data_size); + gsec_test_copy(data_buffer1, &duplicate_buffer1, data_size); + gsec_test_copy(data_buffer2, &duplicate_buffer2, data_size); + + /* Client seal and server unseal */ + size_t size1 = data_size, size2 = data_size; + grpc_status_code status = alts_crypter_process_in_place( + client_seal, data_buffer1, protected_data_size, size1, &size1, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size1 == protected_data_size); + status = alts_crypter_process_in_place( + client_seal, data_buffer2, protected_data_size, size2, &size2, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size2 == protected_data_size); + status = alts_crypter_process_in_place( + server_unseal, data_buffer1, protected_data_size, size1, &size1, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer1, duplicate_buffer1, data_size) == 0); + GPR_ASSERT(size1 == data_size); + status = alts_crypter_process_in_place( + server_unseal, data_buffer2, protected_data_size, size2, &size2, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer2, duplicate_buffer2, data_size) == 0); + GPR_ASSERT(size2 == data_size); + + /* Server seal and client unseal */ + status = alts_crypter_process_in_place( + server_seal, data_buffer1, protected_data_size, size1, &size1, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size1 == protected_data_size); + status = alts_crypter_process_in_place( + server_seal, data_buffer2, protected_data_size, size2, &size2, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size2 == protected_data_size); + status = alts_crypter_process_in_place( + client_unseal, data_buffer1, protected_data_size, size1, &size1, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer1, duplicate_buffer1, data_size) == 0); + GPR_ASSERT(size1 == data_size); + status = alts_crypter_process_in_place( + client_unseal, data_buffer2, protected_data_size, size2, &size2, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer2, duplicate_buffer2, data_size) == 0); + GPR_ASSERT(size2 == data_size); + + gpr_free(data_buffer1); + gpr_free(data_buffer2); + gpr_free(duplicate_buffer1); + gpr_free(duplicate_buffer2); +} + +static void alts_crypter_test_corrupted_unseal(alts_crypter* server_seal, + alts_crypter* server_unseal, + alts_crypter* client_seal, + alts_crypter* client_unseal) { + size_t data_size = gsec_test_bias_random_uint32(1024) + 1; + size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal); + size_t protected_data_size = data_size + num_overhead_bytes; + auto* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + auto* zero_buffer = static_cast<uint8_t*>(gpr_zalloc(data_size)); + + /* Corrupt a random byte in protected data. */ + size_t size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + grpc_status_code status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + uint8_t* corrupted_data_buffer; + char* error_message = nullptr; + gsec_test_copy_and_alter_random_byte(data_buffer, &corrupted_data_buffer, + protected_data_size); + status = alts_crypter_process_in_place(server_unseal, corrupted_data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(memcmp(corrupted_data_buffer, zero_buffer, data_size) == 0); + gpr_free(corrupted_data_buffer); + gpr_free(error_message); + + /* Corrupt the beginning of protected data. */ + size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + gsec_test_copy(data_buffer, &corrupted_data_buffer, protected_data_size); + (*corrupted_data_buffer)++; + status = alts_crypter_process_in_place(server_unseal, corrupted_data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(memcmp(corrupted_data_buffer, zero_buffer, data_size) == 0); + gpr_free(corrupted_data_buffer); + gpr_free(error_message); + + /* Corrupt the end of protected data. */ + size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + gsec_test_copy(data_buffer, &corrupted_data_buffer, protected_data_size); + (*(corrupted_data_buffer + protected_data_size - 1))++; + status = alts_crypter_process_in_place(server_unseal, corrupted_data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(memcmp(corrupted_data_buffer, zero_buffer, data_size) == 0); + gpr_free(corrupted_data_buffer); + gpr_free(error_message); + + gpr_free(data_buffer); + gpr_free(zero_buffer); +} + +static void alts_crypter_test_unsync_seal_unseal(alts_crypter* server_seal, + alts_crypter* server_unseal, + alts_crypter* client_seal, + alts_crypter* client_unseal) { + size_t data_size = gsec_test_bias_random_uint32(1024) + 1; + size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal); + size_t protected_data_size = data_size + num_overhead_bytes; + auto* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + auto* zero_buffer = static_cast<uint8_t*>(gpr_zalloc(data_size)); + + /* Perform two seals at client, one unseal at server. */ + size_t size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + grpc_status_code status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + + size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + + char* error_message = nullptr; + status = alts_crypter_process_in_place(server_unseal, data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(memcmp(data_buffer, zero_buffer, data_size) == 0); + gpr_free(error_message); + + /* Perform two seals at server, one unseal at client. */ + size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + status = alts_crypter_process_in_place( + server_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + + size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + status = alts_crypter_process_in_place( + server_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + + status = alts_crypter_process_in_place(client_unseal, data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(memcmp(data_buffer, zero_buffer, data_size) == 0); + gpr_free(error_message); + gpr_free(data_buffer); + gpr_free(zero_buffer); +} + +static void alts_crypter_test_input_sanity_check(alts_crypter* crypter_seal, + alts_crypter* crypter_unseal) { + size_t data_size = gsec_test_bias_random_uint32(1024) + 1; + size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(crypter_seal); + size_t protected_data_size = data_size + num_overhead_bytes; + auto* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + gsec_test_random_bytes(data_buffer, data_size); + char* error_message = nullptr; + size_t size = data_size; + + /* Crypter is nullptr. */ + grpc_status_code status = alts_crypter_process_in_place( + nullptr, data_buffer, protected_data_size, size, &size, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "crypter or crypter->vtable has not been initialized properly.")); + gpr_free(error_message); + + /* Seal data is nullptr. */ + size = data_size; + status = alts_crypter_process_in_place( + crypter_seal, nullptr, protected_data_size, size, &size, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "data is nullptr.")); + gpr_free(error_message); + + /* Seal data size is 0. */ + size = 0; + status = alts_crypter_process_in_place(crypter_seal, data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "data_size is zero.")); + gpr_free(error_message); + + /* Seal data buffer has a size smaller than the required. */ + size = data_size; + status = alts_crypter_process_in_place(crypter_seal, data_buffer, + protected_data_size - 1, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "data_allocated_size is smaller than sum of data_size and " + "num_overhead_bytes.")); + gpr_free(error_message); + + /* Unseal data is nullptr. */ + size = data_size; + status = alts_crypter_process_in_place(crypter_unseal, nullptr, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "data is nullptr.")); + gpr_free(error_message); + + /* Unseal data size is 0. */ + size = 0; + status = alts_crypter_process_in_place(crypter_unseal, data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "data_size is smaller than num_overhead_bytes.")); + gpr_free(error_message); + + /* Unseal data size is smaller than number of overhead bytes. */ + size = num_overhead_bytes - 1; + status = alts_crypter_process_in_place(crypter_unseal, data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "data_size is smaller than num_overhead_bytes.")); + gpr_free(error_message); + gpr_free(data_buffer); +} + +static void create_random_alts_seal_crypter( + alts_crypter** server_seal, alts_crypter** server_unseal, + alts_crypter** client_seal, alts_crypter** client_unseal, + gsec_aead_crypter** server_crypter_seal, + gsec_aead_crypter** server_crypter_unseal, + gsec_aead_crypter** client_crypter_seal, + gsec_aead_crypter** client_crypter_unseal, bool rekey) { + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + uint8_t* key; + gsec_test_random_array(&key, key_length); + gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength, + kAesGcmTagLength, rekey, server_crypter_seal, + nullptr); + gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength, + kAesGcmTagLength, rekey, + server_crypter_unseal, nullptr); + gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength, + kAesGcmTagLength, rekey, client_crypter_seal, + nullptr); + gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength, + kAesGcmTagLength, rekey, + client_crypter_unseal, nullptr); + + size_t overflow_size = rekey ? 8 : 5; + alts_seal_crypter_create(*client_crypter_seal, /*is_client=*/true, + overflow_size, client_seal, nullptr); + alts_unseal_crypter_create(*client_crypter_unseal, /*is_client=*/true, + overflow_size, client_unseal, nullptr); + alts_seal_crypter_create(*server_crypter_seal, /*is_client=*/false, + overflow_size, server_seal, nullptr); + alts_unseal_crypter_create(*server_crypter_unseal, /*is_client=*/false, + overflow_size, server_unseal, nullptr); + gpr_free(key); +} + +static void destroy_random_alts_seal_crypter(alts_crypter* server_seal, + alts_crypter* server_unseal, + alts_crypter* client_seal, + alts_crypter* client_unseal) { + alts_crypter_destroy(server_seal); + alts_crypter_destroy(server_unseal); + alts_crypter_destroy(client_seal); + alts_crypter_destroy(client_unseal); +} + +static void alts_crypter_do_generic_tests() { + alts_crypter *server_seal = nullptr, *server_unseal = nullptr, + *client_seal = nullptr, *client_unseal = nullptr; + gsec_aead_crypter *server_crypter_seal = nullptr, + *server_crypter_unseal = nullptr, + *client_crypter_seal = nullptr, + *client_crypter_unseal = nullptr; + /* Random seal and unseal tests */ + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/false); + alts_crypter_test_random_seal_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/true); + alts_crypter_test_random_seal_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + /* Multiple random seal and unseal tests */ + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/false); + alts_crypter_test_multiple_random_seal_unseal(server_seal, server_unseal, + client_seal, client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/true); + alts_crypter_test_multiple_random_seal_unseal(server_seal, server_unseal, + client_seal, client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + /* Corrupted unseal tests */ + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/false); + alts_crypter_test_corrupted_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/true); + alts_crypter_test_corrupted_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + /* Unsync seal and unseal tests */ + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/false); + alts_crypter_test_unsync_seal_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/true); + alts_crypter_test_unsync_seal_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + /* Input sanity check tests */ + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/false); + alts_crypter_test_input_sanity_check(server_seal, server_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/true); + alts_crypter_test_input_sanity_check(server_seal, server_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); +} + +int main(int argc, char** argv) { + alts_crypter_do_generic_tests(); + return 0; +} diff --git a/test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc b/test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc new file mode 100644 index 0000000000..2bd4958763 --- /dev/null +++ b/test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc @@ -0,0 +1,394 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include <stdbool.h> + +#include "src/core/tsi/alts/crypt/gsec.h" +#include "src/core/tsi/alts/frame_protector/alts_frame_protector.h" +#include "src/core/tsi/transport_security_interface.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" +#include "test/core/tsi/transport_security_test_lib.h" + +const size_t kChannelSize = 32768; + +static void alts_test_do_round_trip_check_frames( + tsi_test_frame_protector_fixture* fixture, const uint8_t* key, + const size_t key_size, bool rekey, const uint8_t* client_message, + const size_t client_message_size, const uint8_t* client_expected_frames, + const size_t client_frame_size, const uint8_t* server_message, + const size_t server_message_size, const uint8_t* server_expected_frames, + const size_t server_frame_size) { + GPR_ASSERT(fixture != nullptr); + GPR_ASSERT(fixture->config != nullptr); + tsi_frame_protector* client_frame_protector = nullptr; + tsi_frame_protector* server_frame_protector = nullptr; + tsi_test_frame_protector_config* config = fixture->config; + tsi_test_channel* channel = fixture->channel; + /* Create a client frame protector. */ + size_t client_max_output_protected_frame_size = + config->client_max_output_protected_frame_size; + GPR_ASSERT( + alts_create_frame_protector(key, key_size, /*is_client=*/true, rekey, + client_max_output_protected_frame_size == 0 + ? nullptr + : &client_max_output_protected_frame_size, + &client_frame_protector) == TSI_OK); + /* Create a server frame protector. */ + size_t server_max_output_protected_frame_size = + config->server_max_output_protected_frame_size; + GPR_ASSERT( + alts_create_frame_protector(key, key_size, /*is_client=*/false, rekey, + server_max_output_protected_frame_size == 0 + ? nullptr + : &server_max_output_protected_frame_size, + &server_frame_protector) == TSI_OK); + tsi_test_frame_protector_fixture_init(fixture, client_frame_protector, + server_frame_protector); + /* Client sends a message to server. */ + uint8_t* saved_client_message = config->client_message; + config->client_message = const_cast<uint8_t*>(client_message); + config->client_message_size = client_message_size; + tsi_test_frame_protector_send_message_to_peer(config, channel, + client_frame_protector, + /*is_client=*/true); + /* Verify if the generated frame is the same as the expected. */ + GPR_ASSERT(channel->bytes_written_to_server_channel == client_frame_size); + GPR_ASSERT(memcmp(client_expected_frames, channel->server_channel, + client_frame_size) == 0); + unsigned char* server_received_message = + static_cast<unsigned char*>(gpr_malloc(kChannelSize)); + size_t server_received_message_size = 0; + tsi_test_frame_protector_receive_message_from_peer( + config, channel, server_frame_protector, server_received_message, + &server_received_message_size, /*is_client=*/false); + GPR_ASSERT(config->client_message_size == server_received_message_size); + GPR_ASSERT(memcmp(config->client_message, server_received_message, + server_received_message_size) == 0); + /* Server sends a message to client. */ + uint8_t* saved_server_message = config->server_message; + config->server_message = const_cast<uint8_t*>(server_message); + config->server_message_size = server_message_size; + tsi_test_frame_protector_send_message_to_peer(config, channel, + server_frame_protector, + /*is_client=*/false); + /* Verify if the generated frame is the same as the expected. */ + GPR_ASSERT(channel->bytes_written_to_client_channel == server_frame_size); + GPR_ASSERT(memcmp(server_expected_frames, channel->client_channel, + server_frame_size) == 0); + unsigned char* client_received_message = + static_cast<unsigned char*>(gpr_malloc(kChannelSize)); + size_t client_received_message_size = 0; + tsi_test_frame_protector_receive_message_from_peer( + config, channel, client_frame_protector, client_received_message, + &client_received_message_size, + /*is_client=*/true); + GPR_ASSERT(config->server_message_size == client_received_message_size); + GPR_ASSERT(memcmp(config->server_message, client_received_message, + client_received_message_size) == 0); + config->client_message = saved_client_message; + config->server_message = saved_server_message; + /* Destroy server and client frame protectors. */ + gpr_free(server_received_message); + gpr_free(client_received_message); +} + +static void alts_test_do_round_trip_vector_tests() { + const uint8_t key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08}; + const char small_message[] = {'C', 'h', 'a', 'p', 'i', ' ', + 'C', 'h', 'a', 'p', 'o'}; + const uint8_t large_message[] = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5, + 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95, + 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39, + 0x1a, 0xaf, 0xd2, 0x55, 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, + 0x46, 0xdf, 0x99, 0x8d, 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65, + 0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x06, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, + 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30}; + const size_t small_message_size = sizeof(small_message) / sizeof(uint8_t); + const size_t large_message_size = sizeof(large_message) / sizeof(uint8_t); + /* Test small client message and large server message. */ + const uint8_t client_expected_frame1[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92, + 0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94, + 0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a}; + const uint8_t server_expected_frame1[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8, + 0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e, + 0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06, + 0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84, + 0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5, + 0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde, + 0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a, + 0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd, + 0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b, + 0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f, + 0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84, + 0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4, + 0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64}; + const size_t client_frame_size1 = + sizeof(client_expected_frame1) / sizeof(uint8_t); + const size_t server_frame_size1 = + sizeof(server_expected_frame1) / sizeof(uint8_t); + tsi_test_frame_protector_fixture* fixture = + tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + client_expected_frame1, client_frame_size1, large_message, + large_message_size, server_expected_frame1, server_frame_size1); + tsi_test_frame_protector_fixture_destroy(fixture); + /** + * Test large client message, small server message, and small + * message_buffer_allocated_size. + */ + const uint8_t client_expected_frame2[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7, + 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37, + 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13, + 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31, + 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72, + 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f, + 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e, + 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54, + 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94, + 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56, + 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d, + 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb, + 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7}; + const uint8_t server_expected_frame2[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d, + 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1, + 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73}; + const size_t client_frame_size2 = + sizeof(client_expected_frame2) / sizeof(uint8_t); + const size_t server_frame_size2 = + sizeof(server_expected_frame2) / sizeof(uint8_t); + fixture = tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message, + large_message_size, client_expected_frame2, client_frame_size2, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + server_expected_frame2, server_frame_size2); + tsi_test_frame_protector_fixture_destroy(fixture); + /** + * Test large client message, small server message, and small + * protected_buffer_size. + */ + const uint8_t client_expected_frame3[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7, + 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37, + 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13, + 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31, + 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72, + 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f, + 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e, + 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54, + 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94, + 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56, + 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d, + 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb, + 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7}; + const uint8_t server_expected_frame3[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d, + 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1, + 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73}; + const size_t client_frame_size3 = + sizeof(client_expected_frame3) / sizeof(uint8_t); + const size_t server_frame_size3 = + sizeof(server_expected_frame3) / sizeof(uint8_t); + fixture = tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message, + large_message_size, client_expected_frame3, client_frame_size3, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + server_expected_frame3, server_frame_size3); + tsi_test_frame_protector_fixture_destroy(fixture); + /** + * Test large client message, small server message, and small + * read_buffer_allocated_size. + */ + const uint8_t client_expected_frame4[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7, + 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37, + 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13, + 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31, + 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72, + 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f, + 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e, + 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54, + 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94, + 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56, + 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d, + 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb, + 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7}; + const uint8_t server_expected_frame4[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d, + 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1, + 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73}; + const size_t client_frame_size4 = + sizeof(client_expected_frame4) / sizeof(uint8_t); + const size_t server_frame_size4 = + sizeof(server_expected_frame4) / sizeof(uint8_t); + fixture = tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message, + large_message_size, client_expected_frame4, client_frame_size4, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + server_expected_frame4, server_frame_size4); + tsi_test_frame_protector_fixture_destroy(fixture); + /** + * Test large client message, small server message, and small + * client_max_output_protected_frame_size. + */ + const uint8_t client_expected_frame5[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7, + 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37, + 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13, + 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31, + 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72, + 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f, + 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e, + 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54, + 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94, + 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56, + 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d, + 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb, + 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7}; + const uint8_t server_expected_frame5[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d, + 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1, + 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73}; + const size_t client_frame_size5 = + sizeof(client_expected_frame5) / sizeof(uint8_t); + const size_t server_frame_size5 = + sizeof(server_expected_frame5) / sizeof(uint8_t); + fixture = tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message, + large_message_size, client_expected_frame5, client_frame_size5, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + server_expected_frame5, server_frame_size5); + tsi_test_frame_protector_fixture_destroy(fixture); + /** + * Test small client message, large server message, and small + * server_max_output_protected_frame_size. + */ + const uint8_t client_expected_frame6[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92, + 0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94, + 0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a}; + const uint8_t server_expected_frame6[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8, + 0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e, + 0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06, + 0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84, + 0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5, + 0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde, + 0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a, + 0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd, + 0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b, + 0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f, + 0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84, + 0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4, + 0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64}; + const size_t client_frame_size6 = + sizeof(client_expected_frame6) / sizeof(uint8_t); + const size_t server_frame_size6 = + sizeof(server_expected_frame6) / sizeof(uint8_t); + fixture = tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + client_expected_frame6, client_frame_size6, large_message, + large_message_size, server_expected_frame6, server_frame_size6); + tsi_test_frame_protector_fixture_destroy(fixture); +} + +static void alts_test_do_round_trip(tsi_test_frame_protector_fixture* fixture, + bool rekey) { + GPR_ASSERT(fixture != nullptr); + GPR_ASSERT(fixture->config != nullptr); + tsi_frame_protector* client_frame_protector = nullptr; + tsi_frame_protector* server_frame_protector = nullptr; + tsi_test_frame_protector_config* config = fixture->config; + /* Create a key to be used by both client and server. */ + uint8_t* key = nullptr; + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + gsec_test_random_array(&key, key_length); + /* Create a client frame protector. */ + size_t client_max_output_protected_frame_size = + config->client_max_output_protected_frame_size; + GPR_ASSERT( + alts_create_frame_protector(key, key_length, /*is_client=*/true, rekey, + client_max_output_protected_frame_size == 0 + ? nullptr + : &client_max_output_protected_frame_size, + &client_frame_protector) == TSI_OK); + /* Create a server frame protector. */ + size_t server_max_output_protected_frame_size = + config->server_max_output_protected_frame_size; + GPR_ASSERT( + alts_create_frame_protector(key, key_length, /*is_client=*/false, rekey, + server_max_output_protected_frame_size == 0 + ? nullptr + : &server_max_output_protected_frame_size, + &server_frame_protector) == TSI_OK); + tsi_test_frame_protector_fixture_init(fixture, client_frame_protector, + server_frame_protector); + tsi_test_frame_protector_do_round_trip_no_handshake(fixture); + gpr_free(key); +} + +/* Run all combinations of different arguments of test config. */ +static void alts_test_do_round_trip_all(bool rekey) { + unsigned int* bit_array = static_cast<unsigned int*>( + gpr_malloc(sizeof(unsigned int) * TSI_TEST_NUM_OF_ARGUMENTS)); + unsigned int mask = 1U << (TSI_TEST_NUM_OF_ARGUMENTS - 1); + unsigned int val = 0, ind = 0; + for (val = 0; val < TSI_TEST_NUM_OF_COMBINATIONS; val++) { + unsigned int v = val; + for (ind = 0; ind < TSI_TEST_NUM_OF_ARGUMENTS; ind++) { + bit_array[ind] = (v & mask) ? 1 : 0; + v <<= 1; + } + tsi_test_frame_protector_fixture* fixture = + tsi_test_frame_protector_fixture_create(); + tsi_test_frame_protector_config_destroy(fixture->config); + fixture->config = tsi_test_frame_protector_config_create( + bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4], + bit_array[5], bit_array[6]); + alts_test_do_round_trip(fixture, rekey); + tsi_test_frame_protector_fixture_destroy(fixture); + } + gpr_free(bit_array); +} + +int main(int argc, char** argv) { + alts_test_do_round_trip_vector_tests(); + alts_test_do_round_trip_all(/*rekey=*/false); + alts_test_do_round_trip_all(/*rekey=*/true); + return 0; +} diff --git a/test/core/tsi/alts/frame_protector/frame_handler_test.cc b/test/core/tsi/alts/frame_protector/frame_handler_test.cc new file mode 100644 index 0000000000..6434ea1d31 --- /dev/null +++ b/test/core/tsi/alts/frame_protector/frame_handler_test.cc @@ -0,0 +1,244 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdint.h> +#include <stdio.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/gpr/useful.h" +#include "src/core/tsi/alts/frame_protector/frame_handler.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +const size_t kFrameHandlerTestBufferSize = 1024; + +typedef struct frame_handler { + alts_frame_writer* writer; + alts_frame_reader* reader; + unsigned char* buffer; + size_t buffer_size; +} frame_handler; + +static size_t frame_length(size_t payload_length) { + return payload_length + kFrameHeaderSize; +} + +static frame_handler* create_frame_handler() { + frame_handler* handler = + static_cast<frame_handler*>(gpr_malloc(sizeof(frame_handler))); + handler->writer = alts_create_frame_writer(); + handler->reader = alts_create_frame_reader(); + handler->buffer = nullptr; + handler->buffer_size = 0; + return handler; +} + +static void destroy_frame_handler(frame_handler* handler) { + if (handler != nullptr) { + alts_destroy_frame_reader(handler->reader); + alts_destroy_frame_writer(handler->writer); + if (handler->buffer != nullptr) gpr_free(handler->buffer); + gpr_free(handler); + } +} + +static void frame(frame_handler* handler, unsigned char* payload, + size_t payload_length, size_t write_length) { + handler->buffer_size = frame_length(payload_length); + handler->buffer = + static_cast<unsigned char*>(gpr_malloc(handler->buffer_size)); + GPR_ASSERT(alts_reset_frame_writer(handler->writer, payload, payload_length)); + size_t offset = 0; + while (offset < handler->buffer_size && + !alts_is_frame_writer_done(handler->writer)) { + size_t bytes_written = GPR_MIN(write_length, handler->buffer_size - offset); + GPR_ASSERT(alts_write_frame_bytes(handler->writer, handler->buffer + offset, + &bytes_written)); + offset += bytes_written; + } + GPR_ASSERT(alts_is_frame_writer_done(handler->writer)); + GPR_ASSERT(handler->buffer_size == offset); +} + +static size_t deframe(frame_handler* handler, unsigned char* bytes, + size_t read_length) { + GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes)); + size_t offset = 0; + while (offset < handler->buffer_size && + !alts_is_frame_reader_done(handler->reader)) { + size_t bytes_read = GPR_MIN(read_length, handler->buffer_size - offset); + GPR_ASSERT(alts_read_frame_bytes(handler->reader, handler->buffer + offset, + &bytes_read)); + offset += bytes_read; + } + GPR_ASSERT(alts_is_frame_reader_done(handler->reader)); + GPR_ASSERT(handler->buffer_size == offset); + return offset - handler->reader->header_bytes_read; +} + +static void frame_n_deframe(frame_handler* handler, unsigned char* payload, + size_t payload_length, size_t write_length, + size_t read_length) { + frame(handler, payload, payload_length, write_length); + unsigned char* bytes = + static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize)); + size_t deframed_payload_length = deframe(handler, bytes, read_length); + GPR_ASSERT(payload_length == deframed_payload_length); + GPR_ASSERT(memcmp(payload, bytes, payload_length) == 0); + gpr_free(bytes); +} + +static void frame_handler_test_frame_deframe() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen((char*)payload) + 1; + frame_handler* handler = create_frame_handler(); + frame_n_deframe(handler, payload, payload_length, + frame_length(payload_length), frame_length(payload_length)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_small_buffer() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame_n_deframe(handler, payload, payload_length, 1, 1); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_input_stream() { + frame_handler* handler = create_frame_handler(); + GPR_ASSERT(!alts_reset_frame_writer(handler->writer, nullptr, 0)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_bad_input_length() { + unsigned char payload[] = "hello world"; + frame_handler* handler = create_frame_handler(); + GPR_ASSERT(!alts_reset_frame_writer(handler->writer, payload, SIZE_MAX)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_writer_byte_length() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + GPR_ASSERT(alts_reset_frame_writer(handler->writer, payload, payload_length)); + GPR_ASSERT( + !alts_write_frame_bytes(handler->writer, handler->buffer, nullptr)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_writer_bytes() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + GPR_ASSERT(alts_reset_frame_writer(handler->writer, payload, payload_length)); + GPR_ASSERT( + !alts_write_frame_bytes(handler->writer, nullptr, &payload_length)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_bad_frame_length() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame(handler, payload, payload_length, payload_length); + memset(handler->buffer, 0x00, kFrameLengthFieldSize); + unsigned char* bytes = + static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize)); + GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes)); + size_t bytes_read = handler->buffer_size; + GPR_ASSERT( + !alts_read_frame_bytes(handler->reader, handler->buffer, &bytes_read)); + GPR_ASSERT(alts_is_frame_reader_done(handler->reader)); + GPR_ASSERT(bytes_read == 0); + gpr_free(bytes); + destroy_frame_handler(handler); +} + +static void frame_handler_test_unsupported_message_type() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame(handler, payload, payload_length, payload_length); + memset(handler->buffer + kFrameLengthFieldSize, 0x00, + kFrameMessageTypeFieldSize); + unsigned char* bytes = + static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize)); + GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes)); + size_t bytes_read = handler->buffer_size; + GPR_ASSERT( + !alts_read_frame_bytes(handler->reader, handler->buffer, &bytes_read)); + GPR_ASSERT(alts_is_frame_reader_done(handler->reader)); + GPR_ASSERT(bytes_read == 0); + gpr_free(bytes); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_output_stream() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame(handler, payload, payload_length, payload_length); + GPR_ASSERT(!alts_reset_frame_reader(handler->reader, nullptr)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_reader_byte_length() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame(handler, payload, payload_length, payload_length); + unsigned char* bytes = + static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize)); + GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes)); + GPR_ASSERT(!alts_read_frame_bytes(handler->reader, handler->buffer, nullptr)); + gpr_free(bytes); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_reader_bytes() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame(handler, payload, payload_length, payload_length); + unsigned char* bytes = + static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize)); + GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes)); + size_t bytes_read = handler->buffer_size; + GPR_ASSERT(!alts_read_frame_bytes(handler->reader, nullptr, &bytes_read)); + gpr_free(bytes); + destroy_frame_handler(handler); +} + +int main(int argc, char** argv) { + frame_handler_test_frame_deframe(); + frame_handler_test_small_buffer(); + frame_handler_test_null_input_stream(); + frame_handler_test_bad_input_length(); + frame_handler_test_null_writer_byte_length(); + frame_handler_test_null_writer_bytes(); + frame_handler_test_bad_frame_length(); + frame_handler_test_unsupported_message_type(); + frame_handler_test_null_output_stream(); + frame_handler_test_null_reader_byte_length(); + frame_handler_test_null_reader_bytes(); + return 0; +} diff --git a/test/core/tsi/alts/handshaker/BUILD b/test/core/tsi/alts/handshaker/BUILD new file mode 100644 index 0000000000..db39732c43 --- /dev/null +++ b/test/core/tsi/alts/handshaker/BUILD @@ -0,0 +1,78 @@ +# Copyright 2018 gRPC authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +load("//bazel:grpc_build_system.bzl", "grpc_cc_library", "grpc_cc_test", "grpc_package") + +licenses(["notice"]) # Apache v2 + +grpc_package(name = "handshaker") + +grpc_cc_library( + name = "alts_handshaker_service_api_test_lib", + srcs = ["alts_handshaker_service_api_test_lib.cc"], + hdrs = ["alts_handshaker_service_api_test_lib.h"], + deps = [ + "//:grpc", + ], +) + +grpc_cc_test( + name = "alts_handshaker_client_test", + srcs = ["alts_handshaker_client_test.cc"], + language = "C++", + deps = [ + ":alts_handshaker_service_api_test_lib", + "//:grpc", + ], +) + +grpc_cc_test( + name = "alts_handshaker_service_api_test", + srcs = ["alts_handshaker_service_api_test.cc"], + language = "C++", + deps = [ + ":alts_handshaker_service_api_test_lib", + "//:grpc", + ], +) + +grpc_cc_test( + name = "alts_tsi_handshaker_test", + srcs = ["alts_tsi_handshaker_test.cc"], + language = "C++", + deps = [ + ":alts_handshaker_service_api_test_lib", + "//:grpc", + ], +) + +grpc_cc_test( + name = "alts_tsi_utils_test", + srcs = ["alts_tsi_utils_test.cc"], + language = "C++", + deps = [ + ":alts_handshaker_service_api_test_lib", + "//:grpc", + ], +) + +grpc_cc_test( + name = "transport_security_common_api_test", + srcs = ["transport_security_common_api_test.cc"], + language = "C++", + deps = [ + "//:grpc", + ], +) + diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc b/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc new file mode 100644 index 0000000000..7072be6e3a --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc @@ -0,0 +1,412 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/grpc.h> + +#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_event.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" +#include "src/core/tsi/transport_security.h" +#include "src/core/tsi/transport_security_interface.h" +#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + +#define ALTS_HANDSHAKER_CLIENT_TEST_OUT_FRAME "Hello Google" +#define ALTS_HANDSHAKER_CLIENT_TEST_HANDSHAKER_SERVICE_URL "lame" +#define ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME "bigtable.google.api.com" +#define ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1 "A@google.com" +#define ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2 "B@google.com" + +const size_t kHandshakerClientOpNum = 4; +const size_t kMaxRpcVersionMajor = 3; +const size_t kMaxRpcVersionMinor = 2; +const size_t kMinRpcVersionMajor = 2; +const size_t kMinRpcVersionMinor = 1; + +using grpc_core::internal::alts_handshaker_client_set_grpc_caller_for_testing; + +typedef struct alts_handshaker_client_test_config { + grpc_channel* channel; + grpc_completion_queue* cq; + alts_handshaker_client* client; + grpc_slice out_frame; +} alts_handshaker_client_test_config; + +static alts_tsi_event* alts_tsi_event_create_for_testing(bool is_client) { + alts_tsi_event* e = static_cast<alts_tsi_event*>(gpr_zalloc(sizeof(*e))); + grpc_metadata_array_init(&e->initial_metadata); + grpc_metadata_array_init(&e->trailing_metadata); + e->options = is_client ? grpc_alts_credentials_client_options_create() + : grpc_alts_credentials_server_options_create(); + if (is_client) { + grpc_alts_credentials_client_options_add_target_service_account( + reinterpret_cast<grpc_alts_credentials_client_options*>(e->options), + ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1); + grpc_alts_credentials_client_options_add_target_service_account( + reinterpret_cast<grpc_alts_credentials_client_options*>(e->options), + ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2); + } + grpc_gcp_rpc_protocol_versions* versions = &e->options->rpc_versions; + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max( + versions, kMaxRpcVersionMajor, kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min( + versions, kMinRpcVersionMajor, kMinRpcVersionMinor)); + e->target_name = + grpc_slice_from_static_string(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME); + return e; +} + +static void validate_rpc_protocol_versions( + grpc_gcp_rpc_protocol_versions* versions) { + GPR_ASSERT(versions != nullptr); + GPR_ASSERT(versions->max_rpc_version.major == kMaxRpcVersionMajor); + GPR_ASSERT(versions->max_rpc_version.minor == kMaxRpcVersionMinor); + GPR_ASSERT(versions->min_rpc_version.major == kMinRpcVersionMajor); + GPR_ASSERT(versions->min_rpc_version.minor == kMinRpcVersionMinor); +} + +static void validate_target_identities( + const repeated_field* target_identity_head) { + grpc_gcp_identity* target_identity1 = static_cast<grpc_gcp_identity*>( + const_cast<void*>(target_identity_head->next->data)); + grpc_gcp_identity* target_identity2 = static_cast<grpc_gcp_identity*>( + const_cast<void*>(target_identity_head->data)); + grpc_slice* service_account1 = + static_cast<grpc_slice*>(target_identity1->service_account.arg); + grpc_slice* service_account2 = + static_cast<grpc_slice*>(target_identity2->service_account.arg); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*service_account1), + ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1, + GRPC_SLICE_LENGTH(*service_account1)) == 0); + GPR_ASSERT(strlen(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1) == + GRPC_SLICE_LENGTH(*service_account1)); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*service_account2), + ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2, + GRPC_SLICE_LENGTH(*service_account2)) == 0); + GPR_ASSERT(strlen(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2) == + GRPC_SLICE_LENGTH(*service_account2)); +} + +/** + * Validate if grpc operation data is correctly populated with the fields of + * ALTS TSI event. + */ +static bool validate_op(alts_tsi_event* event, const grpc_op* op, size_t nops, + bool is_start) { + GPR_ASSERT(event != nullptr && op != nullptr && nops != 0); + bool ok = true; + grpc_op* start_op = const_cast<grpc_op*>(op); + if (is_start) { + ok &= (op->op == GRPC_OP_SEND_INITIAL_METADATA); + ok &= (op->data.send_initial_metadata.count == 0); + op++; + GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum); + + ok &= (op->op == GRPC_OP_RECV_INITIAL_METADATA); + ok &= (op->data.recv_initial_metadata.recv_initial_metadata == + &event->initial_metadata); + op++; + GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum); + } + ok &= (op->op == GRPC_OP_SEND_MESSAGE); + ok &= (op->data.send_message.send_message == event->send_buffer); + op++; + GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum); + + ok &= (op->op == GRPC_OP_RECV_MESSAGE); + ok &= (op->data.recv_message.recv_message == &event->recv_buffer); + op++; + GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum); + + return ok; +} + +static grpc_gcp_handshaker_req* deserialize_handshaker_req( + grpc_gcp_handshaker_req_type type, grpc_byte_buffer* buffer) { + GPR_ASSERT(buffer != nullptr); + grpc_gcp_handshaker_req* req = grpc_gcp_handshaker_decoded_req_create(type); + grpc_byte_buffer_reader bbr; + GPR_ASSERT(grpc_byte_buffer_reader_init(&bbr, buffer)); + grpc_slice slice = grpc_byte_buffer_reader_readall(&bbr); + GPR_ASSERT(grpc_gcp_handshaker_req_decode(slice, req)); + grpc_slice_unref(slice); + grpc_byte_buffer_reader_destroy(&bbr); + return req; +} + +/** + * A mock grpc_caller used to check if client_start, server_start, and next + * operations correctly handle invalid arguments. It should not be called. + */ +static grpc_call_error check_must_not_be_called(grpc_call* call, + const grpc_op* ops, size_t nops, + void* tag) { + GPR_ASSERT(0); +} + +/** + * A mock grpc_caller used to check correct execution of client_start operation. + * It checks if the client_start handshaker request is populated with correct + * handshake_security_protocol, application_protocol, and record_protocol, and + * op is correctly populated. + */ +static grpc_call_error check_client_start_success(grpc_call* call, + const grpc_op* op, + size_t nops, void* tag) { + alts_tsi_event* event = static_cast<alts_tsi_event*>(tag); + grpc_gcp_handshaker_req* req = + deserialize_handshaker_req(CLIENT_START_REQ, event->send_buffer); + GPR_ASSERT(req->client_start.handshake_security_protocol == + grpc_gcp_HandshakeProtocol_ALTS); + const void* data = (static_cast<repeated_field*>( + req->client_start.application_protocols.arg)) + ->data; + GPR_ASSERT(data != nullptr); + grpc_slice* application_protocol = (grpc_slice*)data; + data = (static_cast<repeated_field*>(req->client_start.record_protocols.arg)) + ->data; + grpc_slice* record_protocol = (grpc_slice*)data; + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*application_protocol), + ALTS_APPLICATION_PROTOCOL, + GRPC_SLICE_LENGTH(*application_protocol)) == 0); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*record_protocol), + ALTS_RECORD_PROTOCOL, + GRPC_SLICE_LENGTH(*record_protocol)) == 0); + validate_rpc_protocol_versions(&req->client_start.rpc_versions); + validate_target_identities( + static_cast<repeated_field*>(req->client_start.target_identities.arg)); + grpc_slice* target_name = + static_cast<grpc_slice*>(req->client_start.target_name.arg); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*target_name), + ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME, + GRPC_SLICE_LENGTH(*target_name)) == 0); + GPR_ASSERT(GRPC_SLICE_LENGTH(*target_name) == + strlen(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME)); + GPR_ASSERT(validate_op(event, op, nops, true /* is_start */)); + grpc_gcp_handshaker_req_destroy(req); + return GRPC_CALL_OK; +} + +/** + * A mock grpc_caller used to check correct execution of server_start operation. + * It checks if the server_start handshaker request is populated with correct + * handshake_security_protocol, application_protocol, and record_protocol, and + * op is correctly populated. + */ +static grpc_call_error check_server_start_success(grpc_call* call, + const grpc_op* op, + size_t nops, void* tag) { + alts_tsi_event* event = static_cast<alts_tsi_event*>(tag); + grpc_gcp_handshaker_req* req = + deserialize_handshaker_req(SERVER_START_REQ, event->send_buffer); + const void* data = (static_cast<repeated_field*>( + req->server_start.application_protocols.arg)) + ->data; + GPR_ASSERT(data != nullptr); + grpc_slice* application_protocol = (grpc_slice*)data; + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*application_protocol), + ALTS_APPLICATION_PROTOCOL, + GRPC_SLICE_LENGTH(*application_protocol)) == 0); + GPR_ASSERT(req->server_start.handshake_parameters_count == 1); + GPR_ASSERT(req->server_start.handshake_parameters[0].key == + grpc_gcp_HandshakeProtocol_ALTS); + data = (static_cast<repeated_field*>(req->server_start.handshake_parameters[0] + .value.record_protocols.arg)) + ->data; + GPR_ASSERT(data != nullptr); + grpc_slice* record_protocol = (grpc_slice*)data; + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*record_protocol), + ALTS_RECORD_PROTOCOL, + GRPC_SLICE_LENGTH(*record_protocol)) == 0); + validate_rpc_protocol_versions(&req->server_start.rpc_versions); + GPR_ASSERT(validate_op(event, op, nops, true /* is_start */)); + grpc_gcp_handshaker_req_destroy(req); + return GRPC_CALL_OK; +} + +/** + * A mock grpc_caller used to check correct execution of next operation. It + * checks if the next handshaker request is populated with correct information, + * and op is correctly populated. + */ +static grpc_call_error check_next_success(grpc_call* call, const grpc_op* op, + size_t nops, void* tag) { + alts_tsi_event* event = static_cast<alts_tsi_event*>(tag); + grpc_gcp_handshaker_req* req = + deserialize_handshaker_req(NEXT_REQ, event->send_buffer); + grpc_slice* in_bytes = static_cast<grpc_slice*>(req->next.in_bytes.arg); + GPR_ASSERT(in_bytes != nullptr); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*in_bytes), + ALTS_HANDSHAKER_CLIENT_TEST_OUT_FRAME, + GRPC_SLICE_LENGTH(*in_bytes)) == 0); + GPR_ASSERT(validate_op(event, op, nops, false /* is_start */)); + grpc_gcp_handshaker_req_destroy(req); + return GRPC_CALL_OK; +} +/** + * A mock grpc_caller used to check if client_start, server_start, and next + * operations correctly handle the situation when the grpc call made to the + * handshaker service fails. + */ +static grpc_call_error check_grpc_call_failure(grpc_call* call, + const grpc_op* op, size_t nops, + void* tag) { + return GRPC_CALL_ERROR; +} + +static alts_handshaker_client_test_config* create_config() { + alts_handshaker_client_test_config* config = + static_cast<alts_handshaker_client_test_config*>( + gpr_zalloc(sizeof(*config))); + config->channel = grpc_insecure_channel_create( + ALTS_HANDSHAKER_CLIENT_TEST_HANDSHAKER_SERVICE_URL, nullptr, nullptr); + config->cq = grpc_completion_queue_create_for_next(nullptr); + config->client = alts_grpc_handshaker_client_create( + config->channel, config->cq, + ALTS_HANDSHAKER_CLIENT_TEST_HANDSHAKER_SERVICE_URL); + GPR_ASSERT(config->client != nullptr); + config->out_frame = + grpc_slice_from_static_string(ALTS_HANDSHAKER_CLIENT_TEST_OUT_FRAME); + return config; +} + +static void destroy_config(alts_handshaker_client_test_config* config) { + if (config == nullptr) { + return; + } + grpc_completion_queue_destroy(config->cq); + grpc_channel_destroy(config->channel); + alts_handshaker_client_destroy(config->client); + grpc_slice_unref(config->out_frame); + gpr_free(config); +} + +static void schedule_request_invalid_arg_test() { + /* Initialization. */ + alts_handshaker_client_test_config* config = create_config(); + alts_tsi_event* event = nullptr; + + /* Tests. */ + alts_handshaker_client_set_grpc_caller_for_testing(config->client, + check_must_not_be_called); + event = alts_tsi_event_create_for_testing(true /* is_client */); + /* Check client_start. */ + GPR_ASSERT(alts_handshaker_client_start_client(nullptr, event) == + TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_handshaker_client_start_client(config->client, nullptr) == + TSI_INVALID_ARGUMENT); + + /* Check server_start. */ + GPR_ASSERT(alts_handshaker_client_start_server( + config->client, event, nullptr) == TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_handshaker_client_start_server(config->client, nullptr, + &config->out_frame) == + TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_handshaker_client_start_server( + nullptr, event, &config->out_frame) == TSI_INVALID_ARGUMENT); + + /* Check next. */ + GPR_ASSERT(alts_handshaker_client_next(config->client, event, nullptr) == + TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_handshaker_client_next(config->client, nullptr, + &config->out_frame) == + TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_handshaker_client_next(nullptr, event, &config->out_frame) == + TSI_INVALID_ARGUMENT); + + /* Cleanup. */ + alts_tsi_event_destroy(event); + destroy_config(config); +} + +static void schedule_request_success_test() { + /* Initialization. */ + alts_handshaker_client_test_config* config = create_config(); + alts_tsi_event* event = nullptr; + + /* Check client_start success. */ + alts_handshaker_client_set_grpc_caller_for_testing( + config->client, check_client_start_success); + event = alts_tsi_event_create_for_testing(true /* is_client. */); + GPR_ASSERT(alts_handshaker_client_start_client(config->client, event) == + TSI_OK); + alts_tsi_event_destroy(event); + + /* Check server_start success. */ + alts_handshaker_client_set_grpc_caller_for_testing( + config->client, check_server_start_success); + event = alts_tsi_event_create_for_testing(false /* is_client. */); + GPR_ASSERT(alts_handshaker_client_start_server(config->client, event, + &config->out_frame) == TSI_OK); + alts_tsi_event_destroy(event); + + /* Check next success. */ + alts_handshaker_client_set_grpc_caller_for_testing(config->client, + check_next_success); + event = alts_tsi_event_create_for_testing(true /* is_client. */); + GPR_ASSERT(alts_handshaker_client_next(config->client, event, + &config->out_frame) == TSI_OK); + alts_tsi_event_destroy(event); + + /* Cleanup. */ + destroy_config(config); +} + +static void schedule_request_grpc_call_failure_test() { + /* Initialization. */ + alts_handshaker_client_test_config* config = create_config(); + alts_tsi_event* event = nullptr; + + /* Check client_start failure. */ + alts_handshaker_client_set_grpc_caller_for_testing(config->client, + check_grpc_call_failure); + event = alts_tsi_event_create_for_testing(true /* is_client. */); + GPR_ASSERT(alts_handshaker_client_start_client(config->client, event) == + TSI_INTERNAL_ERROR); + alts_tsi_event_destroy(event); + + /* Check server_start failure. */ + event = alts_tsi_event_create_for_testing(false /* is_client. */); + GPR_ASSERT(alts_handshaker_client_start_server(config->client, event, + &config->out_frame) == + TSI_INTERNAL_ERROR); + alts_tsi_event_destroy(event); + + /* Check next failure. */ + event = alts_tsi_event_create_for_testing(true /* is_cleint. */); + GPR_ASSERT( + alts_handshaker_client_next(config->client, event, &config->out_frame) == + TSI_INTERNAL_ERROR); + alts_tsi_event_destroy(event); + + /* Cleanup. */ + destroy_config(config); +} + +int main(int argc, char** argv) { + /* Initialization. */ + grpc_init(); + + /* Tests. */ + schedule_request_invalid_arg_test(); + schedule_request_success_test(); + schedule_request_grpc_call_failure_test(); + + /* Cleanup. */ + grpc_shutdown(); + return 0; +} diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc new file mode 100644 index 0000000000..3506264f52 --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc @@ -0,0 +1,149 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdbool.h> +#include <stdio.h> +#include <stdlib.h> + +#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + +int main(int argc, char** argv) { + const char in_bytes[] = "HELLO GOOGLE!"; + const char out_frames[] = "HELLO WORLD!"; + const char key_data[] = "THIS IS KEY DATA."; + const char details[] = "DETAILS NEED TO BE POPULATED"; + const uint32_t max_rpc_version_major = 3; + const uint32_t max_rpc_version_minor = 2; + const uint32_t min_rpc_version_major = 2; + const uint32_t min_rpc_version_minor = 1; + + /* handshaker_req_next. */ + grpc_gcp_handshaker_req* req = grpc_gcp_handshaker_req_create(NEXT_REQ); + grpc_gcp_handshaker_req* decoded_req = + grpc_gcp_handshaker_decoded_req_create(NEXT_REQ); + GPR_ASSERT( + grpc_gcp_handshaker_req_set_in_bytes(req, in_bytes, strlen(in_bytes))); + grpc_slice encoded_req; + GPR_ASSERT(grpc_gcp_handshaker_req_encode(req, &encoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_decode(encoded_req, decoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_equals(req, decoded_req)); + grpc_gcp_handshaker_req_destroy(req); + grpc_gcp_handshaker_req_destroy(decoded_req); + grpc_slice_unref(encoded_req); + + /* handshaker_req_client_start. */ + req = grpc_gcp_handshaker_req_create(CLIENT_START_REQ); + decoded_req = grpc_gcp_handshaker_decoded_req_create(CLIENT_START_REQ); + GPR_ASSERT(grpc_gcp_handshaker_req_set_handshake_protocol( + req, grpc_gcp_HandshakeProtocol_TLS)); + GPR_ASSERT(grpc_gcp_handshaker_req_set_local_identity_hostname( + req, "www.google.com")); + GPR_ASSERT(grpc_gcp_handshaker_req_set_local_endpoint( + req, "2001:db8::8:800:200C:417a", 9876, grpc_gcp_NetworkProtocol_TCP)); + GPR_ASSERT(grpc_gcp_handshaker_req_set_remote_endpoint( + req, "2001:db8::bac5::fed0:84a2", 1234, grpc_gcp_NetworkProtocol_TCP)); + GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "grpc")); + GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "http2")); + GPR_ASSERT( + grpc_gcp_handshaker_req_add_record_protocol(req, "ALTSRP_GCM_AES256")); + GPR_ASSERT( + grpc_gcp_handshaker_req_add_record_protocol(req, "ALTSRP_GCM_AES384")); + GPR_ASSERT(grpc_gcp_handshaker_req_add_target_identity_service_account( + req, "foo@google.com")); + GPR_ASSERT(grpc_gcp_handshaker_req_set_target_name( + req, "google.example.library.service")); + GPR_ASSERT(grpc_gcp_handshaker_req_set_rpc_versions( + req, max_rpc_version_major, max_rpc_version_minor, min_rpc_version_major, + min_rpc_version_minor)); + GPR_ASSERT(grpc_gcp_handshaker_req_encode(req, &encoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_decode(encoded_req, decoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_equals(req, decoded_req)); + grpc_gcp_handshaker_req_destroy(req); + grpc_gcp_handshaker_req_destroy(decoded_req); + grpc_slice_unref(encoded_req); + + /* handshaker_req_server_start. */ + req = grpc_gcp_handshaker_req_create(SERVER_START_REQ); + decoded_req = grpc_gcp_handshaker_decoded_req_create(SERVER_START_REQ); + GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "grpc")); + GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "http2")); + GPR_ASSERT(grpc_gcp_handshaker_req_set_local_endpoint( + req, "2001:db8::8:800:200C:417a", 9876, grpc_gcp_NetworkProtocol_TCP)); + GPR_ASSERT(grpc_gcp_handshaker_req_set_remote_endpoint( + req, "2001:db8::bac5::fed0:84a2", 1234, grpc_gcp_NetworkProtocol_UDP)); + GPR_ASSERT( + grpc_gcp_handshaker_req_set_in_bytes(req, in_bytes, strlen(in_bytes))); + GPR_ASSERT(grpc_gcp_handshaker_req_param_add_record_protocol( + req, grpc_gcp_HandshakeProtocol_TLS, "ALTSRP_GCM_AES128")); + GPR_ASSERT(grpc_gcp_handshaker_req_param_add_local_identity_service_account( + req, grpc_gcp_HandshakeProtocol_TLS, "foo@google.com")); + GPR_ASSERT(grpc_gcp_handshaker_req_param_add_local_identity_hostname( + req, grpc_gcp_HandshakeProtocol_TLS, "yihuaz0.mtv.corp.google.com")); + GPR_ASSERT(grpc_gcp_handshaker_req_param_add_record_protocol( + req, grpc_gcp_HandshakeProtocol_ALTS, "ALTSRP_GCM_AES128")); + GPR_ASSERT(grpc_gcp_handshaker_req_param_add_local_identity_hostname( + req, grpc_gcp_HandshakeProtocol_ALTS, "www.amazon.com")); + GPR_ASSERT(grpc_gcp_handshaker_req_set_rpc_versions( + req, max_rpc_version_major, max_rpc_version_minor, min_rpc_version_major, + min_rpc_version_minor)); + + GPR_ASSERT(grpc_gcp_handshaker_req_encode(req, &encoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_decode(encoded_req, decoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_equals(req, decoded_req)); + grpc_gcp_handshaker_req_destroy(req); + grpc_gcp_handshaker_req_destroy(decoded_req); + grpc_slice_unref(encoded_req); + + /* handshaker_resp. */ + grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create(); + grpc_gcp_handshaker_resp* decoded_resp = grpc_gcp_handshaker_resp_create(); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames(resp, out_frames, + strlen(out_frames))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_bytes_consumed(resp, 1024)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_application_protocol(resp, "http")); + GPR_ASSERT( + grpc_gcp_handshaker_resp_set_record_protocol(resp, "ALTSRP_GCM_AES128")); + GPR_ASSERT( + grpc_gcp_handshaker_resp_set_key_data(resp, key_data, strlen(key_data))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_local_identity_hostname( + resp, "www.faceboook.com")); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_identity_hostname( + resp, "www.amazon.com")); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_channel_open( + resp, false /* channel_open */)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_code(resp, 1023)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_details(resp, details)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_rpc_versions( + resp, max_rpc_version_major, max_rpc_version_minor, min_rpc_version_major, + min_rpc_version_minor)); + grpc_slice encoded_resp; + GPR_ASSERT(grpc_gcp_handshaker_resp_encode(resp, &encoded_resp)); + GPR_ASSERT(grpc_gcp_handshaker_resp_decode(encoded_resp, decoded_resp)); + GPR_ASSERT(grpc_gcp_handshaker_resp_equals(resp, decoded_resp)); + grpc_gcp_handshaker_resp_destroy(resp); + grpc_gcp_handshaker_resp_destroy(decoded_resp); + grpc_slice_unref(encoded_resp); + /* Test invalid arguments. */ + GPR_ASSERT(!grpc_gcp_handshaker_req_set_in_bytes(nullptr, in_bytes, + strlen(in_bytes))); + GPR_ASSERT(!grpc_gcp_handshaker_req_param_add_record_protocol( + req, grpc_gcp_HandshakeProtocol_TLS, nullptr)); + GPR_ASSERT(!grpc_gcp_handshaker_req_param_add_local_identity_service_account( + nullptr, grpc_gcp_HandshakeProtocol_TLS, nullptr)); + GPR_ASSERT(!grpc_gcp_handshaker_resp_set_record_protocol(nullptr, nullptr)); +} diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc new file mode 100644 index 0000000000..ecca04defa --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc @@ -0,0 +1,642 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + +const size_t kHandshakeProtocolNum = 3; + +grpc_gcp_handshaker_req* grpc_gcp_handshaker_decoded_req_create( + grpc_gcp_handshaker_req_type type) { + grpc_gcp_handshaker_req* req = + static_cast<grpc_gcp_handshaker_req*>(gpr_zalloc(sizeof(*req))); + switch (type) { + case CLIENT_START_REQ: + req->has_client_start = true; + req->client_start.target_identities.funcs.decode = + decode_repeated_identity_cb; + req->client_start.application_protocols.funcs.decode = + decode_repeated_string_cb; + req->client_start.record_protocols.funcs.decode = + decode_repeated_string_cb; + req->client_start.local_identity.hostname.funcs.decode = + decode_string_or_bytes_cb; + req->client_start.local_identity.service_account.funcs.decode = + decode_string_or_bytes_cb; + req->client_start.local_endpoint.ip_address.funcs.decode = + decode_string_or_bytes_cb; + req->client_start.remote_endpoint.ip_address.funcs.decode = + decode_string_or_bytes_cb; + req->client_start.target_name.funcs.decode = decode_string_or_bytes_cb; + break; + case SERVER_START_REQ: + req->has_server_start = true; + req->server_start.application_protocols.funcs.decode = + &decode_repeated_string_cb; + for (size_t i = 0; i < kHandshakeProtocolNum; i++) { + req->server_start.handshake_parameters[i] + .value.local_identities.funcs.decode = &decode_repeated_identity_cb; + req->server_start.handshake_parameters[i] + .value.record_protocols.funcs.decode = &decode_repeated_string_cb; + } + req->server_start.in_bytes.funcs.decode = decode_string_or_bytes_cb; + req->server_start.local_endpoint.ip_address.funcs.decode = + decode_string_or_bytes_cb; + req->server_start.remote_endpoint.ip_address.funcs.decode = + decode_string_or_bytes_cb; + break; + case NEXT_REQ: + req->has_next = true; + break; + } + return req; +} + +bool grpc_gcp_handshaker_resp_set_application_protocol( + grpc_gcp_handshaker_resp* resp, const char* application_protocol) { + if (resp == nullptr || application_protocol == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "handshaker_resp_set_application_protocol()."); + return false; + } + resp->has_result = true; + grpc_slice* slice = + create_slice(application_protocol, strlen(application_protocol)); + resp->result.application_protocol.arg = slice; + resp->result.application_protocol.funcs.encode = encode_string_or_bytes_cb; + return true; +} + +bool grpc_gcp_handshaker_resp_set_record_protocol( + grpc_gcp_handshaker_resp* resp, const char* record_protocol) { + if (resp == nullptr || record_protocol == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "handshaker_resp_set_record_protocol()."); + return false; + } + resp->has_result = true; + grpc_slice* slice = create_slice(record_protocol, strlen(record_protocol)); + resp->result.record_protocol.arg = slice; + resp->result.record_protocol.funcs.encode = encode_string_or_bytes_cb; + return true; +} + +bool grpc_gcp_handshaker_resp_set_key_data(grpc_gcp_handshaker_resp* resp, + const char* key_data, size_t size) { + if (resp == nullptr || key_data == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to handshaker_resp_set_key_data()."); + return false; + } + resp->has_result = true; + grpc_slice* slice = create_slice(key_data, size); + resp->result.key_data.arg = slice; + resp->result.key_data.funcs.encode = encode_string_or_bytes_cb; + return true; +} + +static void set_identity_hostname(grpc_gcp_identity* identity, + const char* hostname) { + grpc_slice* slice = create_slice(hostname, strlen(hostname)); + identity->hostname.arg = slice; + identity->hostname.funcs.encode = encode_string_or_bytes_cb; +} + +static void set_identity_service_account(grpc_gcp_identity* identity, + const char* service_account) { + grpc_slice* slice = create_slice(service_account, strlen(service_account)); + identity->service_account.arg = slice; + identity->service_account.funcs.encode = encode_string_or_bytes_cb; +} + +bool grpc_gcp_handshaker_resp_set_local_identity_hostname( + grpc_gcp_handshaker_resp* resp, const char* hostname) { + if (resp == nullptr || hostname == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_resp_set_local_identity_hostname()."); + return false; + } + resp->has_result = true; + resp->result.has_local_identity = true; + set_identity_hostname(&resp->result.local_identity, hostname); + return true; +} + +bool grpc_gcp_handshaker_resp_set_local_identity_service_account( + grpc_gcp_handshaker_resp* resp, const char* service_account) { + if (resp == nullptr || service_account == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_resp_set_local_identity_service_account()."); + return false; + } + resp->has_result = true; + resp->result.has_local_identity = true; + set_identity_service_account(&resp->result.local_identity, service_account); + return true; +} + +bool grpc_gcp_handshaker_resp_set_peer_identity_hostname( + grpc_gcp_handshaker_resp* resp, const char* hostname) { + if (resp == nullptr || hostname == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_resp_set_peer_identity_hostname()."); + return false; + } + resp->has_result = true; + resp->result.has_peer_identity = true; + set_identity_hostname(&resp->result.peer_identity, hostname); + return true; +} + +bool grpc_gcp_handshaker_resp_set_peer_identity_service_account( + grpc_gcp_handshaker_resp* resp, const char* service_account) { + if (resp == nullptr || service_account == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_resp_set_peer_identity_service_account()."); + return false; + } + resp->has_result = true; + resp->result.has_peer_identity = true; + set_identity_service_account(&resp->result.peer_identity, service_account); + return true; +} + +bool grpc_gcp_handshaker_resp_set_channel_open(grpc_gcp_handshaker_resp* resp, + bool keep_channel_open) { + if (resp == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr argument to " + "grpc_gcp_handshaker_resp_set_channel_open()."); + return false; + } + resp->has_result = true; + resp->result.has_keep_channel_open = true; + resp->result.keep_channel_open = keep_channel_open; + return true; +} + +bool grpc_gcp_handshaker_resp_set_code(grpc_gcp_handshaker_resp* resp, + uint32_t code) { + if (resp == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr argument to grpc_gcp_handshaker_resp_set_code()."); + return false; + } + resp->has_status = true; + resp->status.has_code = true; + resp->status.code = code; + return true; +} + +bool grpc_gcp_handshaker_resp_set_details(grpc_gcp_handshaker_resp* resp, + const char* details) { + if (resp == nullptr || details == nullptr) { + gpr_log( + GPR_ERROR, + "Invalid nullptr arguments to grpc_gcp_handshaker_resp_set_details()."); + return false; + } + resp->has_status = true; + grpc_slice* slice = create_slice(details, strlen(details)); + resp->status.details.arg = slice; + resp->status.details.funcs.encode = encode_string_or_bytes_cb; + return true; +} + +bool grpc_gcp_handshaker_resp_set_out_frames(grpc_gcp_handshaker_resp* resp, + const char* out_frames, + size_t size) { + if (resp == nullptr || out_frames == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_resp_set_out_frames()."); + return false; + } + grpc_slice* slice = create_slice(out_frames, size); + resp->out_frames.arg = slice; + resp->out_frames.funcs.encode = encode_string_or_bytes_cb; + return true; +} + +bool grpc_gcp_handshaker_resp_set_bytes_consumed(grpc_gcp_handshaker_resp* resp, + int32_t bytes_consumed) { + if (resp == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr argument to " + "grpc_gcp_handshaker_resp_set_bytes_consumed()."); + return false; + } + resp->has_bytes_consumed = true; + resp->bytes_consumed = bytes_consumed; + return true; +} + +bool grpc_gcp_handshaker_resp_set_peer_rpc_versions( + grpc_gcp_handshaker_resp* resp, uint32_t max_major, uint32_t max_minor, + uint32_t min_major, uint32_t min_minor) { + if (resp == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr argument to " + "grpc_gcp_handshaker_resp_set_peer_rpc_versions()."); + return false; + } + resp->has_result = true; + resp->result.has_peer_rpc_versions = true; + grpc_gcp_rpc_protocol_versions* versions = &resp->result.peer_rpc_versions; + versions->has_max_rpc_version = true; + versions->has_min_rpc_version = true; + versions->max_rpc_version.has_major = true; + versions->max_rpc_version.has_minor = true; + versions->min_rpc_version.has_major = true; + versions->min_rpc_version.has_minor = true; + versions->max_rpc_version.major = max_major; + versions->max_rpc_version.minor = max_minor; + versions->min_rpc_version.major = min_major; + versions->min_rpc_version.minor = min_minor; + return true; +} + +bool grpc_gcp_handshaker_resp_encode(grpc_gcp_handshaker_resp* resp, + grpc_slice* slice) { + if (resp == nullptr || slice == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to grpc_gcp_handshaker_resp_encode()."); + return false; + } + pb_ostream_t size_stream; + memset(&size_stream, 0, sizeof(pb_ostream_t)); + if (!pb_encode(&size_stream, grpc_gcp_HandshakerResp_fields, resp)) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&size_stream)); + return false; + } + size_t encoded_length = size_stream.bytes_written; + *slice = grpc_slice_malloc(encoded_length); + pb_ostream_t output_stream = + pb_ostream_from_buffer(GRPC_SLICE_START_PTR(*slice), encoded_length); + if (!pb_encode(&output_stream, grpc_gcp_HandshakerResp_fields, resp)) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&size_stream)); + return false; + } + return true; +} + +bool grpc_gcp_handshaker_req_decode(grpc_slice slice, + grpc_gcp_handshaker_req* req) { + if (req == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr argument to grpc_gcp_handshaker_req_decode()."); + return false; + } + pb_istream_t stream = pb_istream_from_buffer(GRPC_SLICE_START_PTR(slice), + GRPC_SLICE_LENGTH(slice)); + req->next.in_bytes.funcs.decode = decode_string_or_bytes_cb; + if (!pb_decode(&stream, grpc_gcp_HandshakerReq_fields, req)) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&stream)); + return false; + } + return true; +} + +/* Check equality of a pair of grpc_slice fields. */ +static bool slice_equals(grpc_slice* l_slice, grpc_slice* r_slice) { + if (l_slice == nullptr && r_slice == nullptr) { + return true; + } + if (l_slice != nullptr && r_slice != nullptr) { + return grpc_slice_eq(*l_slice, *r_slice); + } + return false; +} + +/* Check equality of a pair of grpc_gcp_identity fields. */ +static bool handshaker_identity_equals(const grpc_gcp_identity* l_id, + const grpc_gcp_identity* r_id) { + if (!((l_id->hostname.arg != nullptr) != (r_id->hostname.arg != nullptr))) { + if (l_id->hostname.arg != nullptr) { + return slice_equals(static_cast<grpc_slice*>(l_id->hostname.arg), + static_cast<grpc_slice*>(r_id->hostname.arg)); + } + } else { + return false; + } + if (!((l_id->service_account.arg != nullptr) != + (r_id->service_account.arg != nullptr))) { + if (l_id->service_account.arg != nullptr) { + return slice_equals(static_cast<grpc_slice*>(l_id->service_account.arg), + static_cast<grpc_slice*>(r_id->service_account.arg)); + } + } else { + return false; + } + return true; +} + +static bool handshaker_rpc_versions_equals( + const grpc_gcp_rpc_protocol_versions* l_version, + const grpc_gcp_rpc_protocol_versions* r_version) { + bool result = true; + result &= + (l_version->max_rpc_version.major == r_version->max_rpc_version.major); + result &= + (l_version->max_rpc_version.minor == r_version->max_rpc_version.minor); + result &= + (l_version->min_rpc_version.major == r_version->min_rpc_version.major); + result &= + (l_version->min_rpc_version.minor == r_version->min_rpc_version.minor); + return result; +} + +/* Check equality of a pair of grpc_gcp_endpoint fields. */ +static bool handshaker_endpoint_equals(const grpc_gcp_endpoint* l_end, + const grpc_gcp_endpoint* r_end) { + bool result = true; + result &= (l_end->port == r_end->port); + result &= (l_end->protocol == r_end->protocol); + if (!((l_end->ip_address.arg != nullptr) != + (r_end->ip_address.arg != nullptr))) { + if (l_end->ip_address.arg != nullptr) { + result &= slice_equals(static_cast<grpc_slice*>(l_end->ip_address.arg), + static_cast<grpc_slice*>(r_end->ip_address.arg)); + } + } else { + return false; + } + return result; +} +/** + * Check if a specific repeated field (i.e., target) is contained in a repeated + * field list (i.e., head). + */ +static bool repeated_field_list_contains_identity( + const repeated_field* head, const repeated_field* target) { + repeated_field* field = const_cast<repeated_field*>(head); + while (field != nullptr) { + if (handshaker_identity_equals( + static_cast<const grpc_gcp_identity*>(field->data), + static_cast<const grpc_gcp_identity*>(target->data))) { + return true; + } + field = field->next; + } + return false; +} + +static bool repeated_field_list_contains_string(const repeated_field* head, + const repeated_field* target) { + repeated_field* field = const_cast<repeated_field*>(head); + while (field != nullptr) { + if (slice_equals((grpc_slice*)field->data, (grpc_slice*)target->data)) { + return true; + } + field = field->next; + } + return false; +} + +/* Return a length of repeated field list. */ +static size_t repeated_field_list_get_length(const repeated_field* head) { + repeated_field* field = const_cast<repeated_field*>(head); + size_t len = 0; + while (field != nullptr) { + len++; + field = field->next; + } + return len; +} + +/** + * Check if a pair of repeated field lists contain the same set of repeated + * fields. + */ +static bool repeated_field_list_equals_identity(const repeated_field* l_head, + const repeated_field* r_head) { + if (repeated_field_list_get_length(l_head) != + repeated_field_list_get_length(r_head)) { + return false; + } + repeated_field* field = const_cast<repeated_field*>(l_head); + repeated_field* head = const_cast<repeated_field*>(r_head); + while (field != nullptr) { + if (!repeated_field_list_contains_identity(head, field)) { + return false; + } + field = field->next; + } + return true; +} + +static bool repeated_field_list_equals_string(const repeated_field* l_head, + const repeated_field* r_head) { + if (repeated_field_list_get_length(l_head) != + repeated_field_list_get_length(r_head)) { + return false; + } + repeated_field* field = const_cast<repeated_field*>(l_head); + repeated_field* head = const_cast<repeated_field*>(r_head); + while (field != nullptr) { + if (!repeated_field_list_contains_string(head, field)) { + return false; + } + field = field->next; + } + return true; +} + +/* Check equality of a pair of ALTS client_start handshake requests. */ +bool grpc_gcp_handshaker_client_start_req_equals( + grpc_gcp_start_client_handshake_req* l_req, + grpc_gcp_start_client_handshake_req* r_req) { + bool result = true; + /* Compare handshake_security_protocol. */ + result &= + l_req->handshake_security_protocol == r_req->handshake_security_protocol; + /* Compare application_protocols, record_protocols, and target_identities. */ + result &= repeated_field_list_equals_string( + static_cast<const repeated_field*>(l_req->application_protocols.arg), + static_cast<const repeated_field*>(r_req->application_protocols.arg)); + result &= repeated_field_list_equals_string( + static_cast<const repeated_field*>(l_req->record_protocols.arg), + static_cast<const repeated_field*>(r_req->record_protocols.arg)); + result &= repeated_field_list_equals_identity( + static_cast<const repeated_field*>(l_req->target_identities.arg), + static_cast<const repeated_field*>(r_req->target_identities.arg)); + if ((l_req->has_local_identity ^ r_req->has_local_identity) | + (l_req->has_local_endpoint ^ r_req->has_local_endpoint) | + ((l_req->has_remote_endpoint ^ r_req->has_remote_endpoint)) | + (l_req->has_rpc_versions ^ r_req->has_rpc_versions)) { + return false; + } + /* Compare local_identity, local_endpoint, and remote_endpoint. */ + if (l_req->has_local_identity) { + result &= handshaker_identity_equals(&l_req->local_identity, + &r_req->local_identity); + } + if (l_req->has_local_endpoint) { + result &= handshaker_endpoint_equals(&l_req->local_endpoint, + &r_req->local_endpoint); + } + if (l_req->has_remote_endpoint) { + result &= handshaker_endpoint_equals(&l_req->remote_endpoint, + &r_req->remote_endpoint); + } + if (l_req->has_rpc_versions) { + result &= handshaker_rpc_versions_equals(&l_req->rpc_versions, + &r_req->rpc_versions); + } + return result; +} + +/* Check equality of a pair of ALTS server_start handshake requests. */ +bool grpc_gcp_handshaker_server_start_req_equals( + grpc_gcp_start_server_handshake_req* l_req, + grpc_gcp_start_server_handshake_req* r_req) { + bool result = true; + /* Compare application_protocols. */ + result &= repeated_field_list_equals_string( + static_cast<const repeated_field*>(l_req->application_protocols.arg), + static_cast<const repeated_field*>(r_req->application_protocols.arg)); + /* Compare handshake_parameters. */ + size_t i = 0, j = 0; + result &= + (l_req->handshake_parameters_count == r_req->handshake_parameters_count); + for (i = 0; i < l_req->handshake_parameters_count; i++) { + bool found = false; + for (j = 0; j < r_req->handshake_parameters_count; j++) { + if (l_req->handshake_parameters[i].key == + r_req->handshake_parameters[j].key) { + found = true; + result &= repeated_field_list_equals_string( + static_cast<const repeated_field*>( + l_req->handshake_parameters[i].value.record_protocols.arg), + static_cast<const repeated_field*>( + r_req->handshake_parameters[j].value.record_protocols.arg)); + result &= repeated_field_list_equals_identity( + static_cast<const repeated_field*>( + l_req->handshake_parameters[i].value.local_identities.arg), + static_cast<const repeated_field*>( + r_req->handshake_parameters[j].value.local_identities.arg)); + } + } + if (!found) { + return false; + } + } + /* Compare in_bytes, local_endpoint, remote_endpoint. */ + result &= slice_equals(static_cast<grpc_slice*>(l_req->in_bytes.arg), + static_cast<grpc_slice*>(r_req->in_bytes.arg)); + if ((l_req->has_local_endpoint ^ r_req->has_local_endpoint) | + (l_req->has_remote_endpoint ^ r_req->has_remote_endpoint) | + (l_req->has_rpc_versions ^ r_req->has_rpc_versions)) + return false; + if (l_req->has_local_endpoint) { + result &= handshaker_endpoint_equals(&l_req->local_endpoint, + &r_req->local_endpoint); + } + if (l_req->has_remote_endpoint) { + result &= handshaker_endpoint_equals(&l_req->remote_endpoint, + &r_req->remote_endpoint); + } + if (l_req->has_rpc_versions) { + result &= handshaker_rpc_versions_equals(&l_req->rpc_versions, + &r_req->rpc_versions); + } + return result; +} + +/* Check equality of a pair of ALTS handshake requests. */ +bool grpc_gcp_handshaker_req_equals(grpc_gcp_handshaker_req* l_req, + grpc_gcp_handshaker_req* r_req) { + if (l_req->has_next && r_req->has_next) { + return slice_equals(static_cast<grpc_slice*>(l_req->next.in_bytes.arg), + static_cast<grpc_slice*>(r_req->next.in_bytes.arg)); + } else if (l_req->has_client_start && r_req->has_client_start) { + return grpc_gcp_handshaker_client_start_req_equals(&l_req->client_start, + &r_req->client_start); + } else if (l_req->has_server_start && r_req->has_server_start) { + return grpc_gcp_handshaker_server_start_req_equals(&l_req->server_start, + &r_req->server_start); + } + return false; +} + +/* Check equality of a pair of ALTS handshake results. */ +bool grpc_gcp_handshaker_resp_result_equals( + grpc_gcp_handshaker_result* l_result, + grpc_gcp_handshaker_result* r_result) { + bool result = true; + /* Compare application_protocol, record_protocol, and key_data. */ + result &= slice_equals( + static_cast<grpc_slice*>(l_result->application_protocol.arg), + static_cast<grpc_slice*>(r_result->application_protocol.arg)); + result &= + slice_equals(static_cast<grpc_slice*>(l_result->record_protocol.arg), + static_cast<grpc_slice*>(r_result->record_protocol.arg)); + result &= slice_equals(static_cast<grpc_slice*>(l_result->key_data.arg), + static_cast<grpc_slice*>(r_result->key_data.arg)); + /* Compare local_identity, peer_identity, and keep_channel_open. */ + if ((l_result->has_local_identity ^ r_result->has_local_identity) | + (l_result->has_peer_identity ^ r_result->has_peer_identity) | + (l_result->has_peer_rpc_versions ^ r_result->has_peer_rpc_versions)) { + return false; + } + if (l_result->has_local_identity) { + result &= handshaker_identity_equals(&l_result->local_identity, + &r_result->local_identity); + } + if (l_result->has_peer_identity) { + result &= handshaker_identity_equals(&l_result->peer_identity, + &r_result->peer_identity); + } + if (l_result->has_peer_rpc_versions) { + result &= handshaker_rpc_versions_equals(&l_result->peer_rpc_versions, + &r_result->peer_rpc_versions); + } + result &= (l_result->keep_channel_open == r_result->keep_channel_open); + return result; +} + +/* Check equality of a pair of ALTS handshake responses. */ +bool grpc_gcp_handshaker_resp_equals(grpc_gcp_handshaker_resp* l_resp, + grpc_gcp_handshaker_resp* r_resp) { + bool result = true; + /* Compare out_frames and bytes_consumed. */ + result &= slice_equals(static_cast<grpc_slice*>(l_resp->out_frames.arg), + static_cast<grpc_slice*>(r_resp->out_frames.arg)); + result &= (l_resp->bytes_consumed == r_resp->bytes_consumed); + /* Compare result and status. */ + if ((l_resp->has_result ^ r_resp->has_result) | + (l_resp->has_status ^ r_resp->has_status)) { + return false; + } + if (l_resp->has_result) { + result &= grpc_gcp_handshaker_resp_result_equals(&l_resp->result, + &r_resp->result); + } + if (l_resp->has_status) { + result &= (l_resp->status.code == r_resp->status.code); + result &= + slice_equals(static_cast<grpc_slice*>(l_resp->status.details.arg), + static_cast<grpc_slice*>(r_resp->status.details.arg)); + } + return result; +} diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h new file mode 100644 index 0000000000..2fcbb4ea99 --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h @@ -0,0 +1,143 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_TEST_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_TEST_LIB_H +#define GRPC_TEST_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_TEST_LIB_H + +#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h" +#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h" +#include "src/core/tsi/alts/handshaker/transport_security_common_api.h" + +/** + * The first part of this file contains function signatures for de-serializing + * ALTS handshake requests and setting/serializing ALTS handshake responses, + * which simulate the behaviour of grpc server that runs ALTS handshaker + * service. + */ + +/** + * This method creates a ALTS handshaker request that is used to hold + * de-serialized result. + */ +grpc_gcp_handshaker_req* grpc_gcp_handshaker_decoded_req_create( + grpc_gcp_handshaker_req_type type); + +/* This method de-serializes a ALTS handshaker request. */ +bool grpc_gcp_handshaker_req_decode(grpc_slice slice, + grpc_gcp_handshaker_req* req); + +/* This method serializes a ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_encode(grpc_gcp_handshaker_resp* resp, + grpc_slice* slice); + +/* This method sets application protocol of ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_application_protocol( + grpc_gcp_handshaker_resp* resp, const char* application_protocol); + +/* This method sets record protocol of ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_record_protocol( + grpc_gcp_handshaker_resp* resp, const char* record_protocol); + +/* This method sets key_data of ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_key_data(grpc_gcp_handshaker_resp* resp, + const char* key_data, size_t size); + +/* This method sets local identity's hostname for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_local_identity_hostname( + grpc_gcp_handshaker_resp* resp, const char* hostname); + +/** + * This method sets local identity's service account for ALTS handshaker + * response. + */ +bool grpc_gcp_handshaker_resp_set_local_identity_service_account( + grpc_gcp_handshaker_resp* resp, const char* service_account); + +/* This method sets peer identity's hostname for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_peer_identity_hostname( + grpc_gcp_handshaker_resp* resp, const char* hostname); + +/** + * This method sets peer identity's service account for ALTS handshaker + * response. + */ +bool grpc_gcp_handshaker_resp_set_peer_identity_service_account( + grpc_gcp_handshaker_resp* resp, const char* service_account); + +/* This method sets keep_channel_open for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_channel_open(grpc_gcp_handshaker_resp* resp, + bool keep_channel_open); + +/* This method sets code for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_code(grpc_gcp_handshaker_resp* resp, + uint32_t code); + +/* This method sets details for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_details(grpc_gcp_handshaker_resp* resp, + const char* details); + +/* This method sets out_frames for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_out_frames(grpc_gcp_handshaker_resp* resp, + const char* out_frames, + size_t size); + +/* This method sets peer_rpc_versions for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_peer_rpc_versions( + grpc_gcp_handshaker_resp* resp, uint32_t max_major, uint32_t max_minor, + uint32_t min_major, uint32_t min_minor); + +/* This method sets bytes_consumed for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_bytes_consumed(grpc_gcp_handshaker_resp* resp, + int32_t bytes_consumed); + +/* This method serializes ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_encode(grpc_gcp_handshaker_resp* resp, + grpc_slice* slice); + +/* This method de-serializes ALTS handshaker request. */ +bool grpc_gcp_handshaker_req_decode(grpc_slice slice, + grpc_gcp_handshaker_req* req); + +/** + * The second part contains function signatures for checking equality of a pair + * of ALTS handshake requests/responses. + */ + +/* This method checks equality of two client_start handshaker requests. */ +bool grpc_gcp_handshaker_client_start_req_equals( + grpc_gcp_start_client_handshake_req* l_req, + grpc_gcp_start_client_handshake_req* r_req); + +/* This method checks equality of two server_start handshaker requests. */ +bool grpc_gcp_handshaker_server_start_req_equals( + grpc_gcp_start_server_handshake_req* l_req, + grpc_gcp_start_server_handshake_req* r_req); + +/* This method checks equality of two ALTS handshaker requests. */ +bool grpc_gcp_handshaker_req_equals(grpc_gcp_handshaker_req* l_req, + grpc_gcp_handshaker_req* r_req); + +/* This method checks equality of two handshaker response results. */ +bool grpc_gcp_handshaker_resp_result_equals( + grpc_gcp_handshaker_result* l_result, grpc_gcp_handshaker_result* r_result); + +/* This method checks equality of two ALTS handshaker responses. */ +bool grpc_gcp_handshaker_resp_equals(grpc_gcp_handshaker_resp* l_resp, + grpc_gcp_handshaker_resp* r_resp); + +#endif // GRPC_TEST_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_TEST_LIB_H diff --git a/test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc b/test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc new file mode 100644 index 0000000000..95724f84f4 --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc @@ -0,0 +1,682 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdio.h> +#include <stdlib.h> + +#include <grpc/grpc.h> +#include <grpc/support/sync.h> + +#include "src/core/lib/gprpp/thd.h" +#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_event.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h" +#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + +#define ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES "Hello World" +#define ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME "Hello Google" +#define ALTS_TSI_HANDSHAKER_TEST_CONSUMED_BYTES "Hello " +#define ALTS_TSI_HANDSHAKER_TEST_REMAIN_BYTES "Google" +#define ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY "chapi@service.google.com" +#define ALTS_TSI_HANDSHAKER_TEST_KEY_DATA \ + "ABCDEFGHIJKLMNOPABCDEFGHIJKLMNOPABCDEFGHIJKL" +#define ALTS_TSI_HANDSHAKER_TEST_BUFFER_SIZE 100 +#define ALTS_TSI_HANDSHAKER_TEST_SLEEP_TIME_IN_SECONDS 2 +#define ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MAJOR 3 +#define ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MINOR 2 +#define ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MAJOR 2 +#define ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MINOR 1 + +using grpc_core::internal:: + alts_tsi_handshaker_get_has_sent_start_message_for_testing; +using grpc_core::internal::alts_tsi_handshaker_get_is_client_for_testing; +using grpc_core::internal::alts_tsi_handshaker_get_recv_bytes_for_testing; +using grpc_core::internal::alts_tsi_handshaker_set_client_for_testing; +using grpc_core::internal::alts_tsi_handshaker_set_recv_bytes_for_testing; + +/* ALTS mock notification. */ +typedef struct notification { + gpr_cv cv; + gpr_mu mu; + bool notified; +} notification; + +/* ALTS mock handshaker client. */ +typedef struct alts_mock_handshaker_client { + alts_handshaker_client base; + bool used_for_success_test; +} alts_mock_handshaker_client; + +/* Type of ALTS handshaker response. */ +typedef enum { + INVALID, + FAILED, + CLIENT_START, + SERVER_START, + CLIENT_NEXT, + SERVER_NEXT, +} alts_handshaker_response_type; + +static alts_tsi_event* client_start_event; +static alts_tsi_event* client_next_event; +static alts_tsi_event* server_start_event; +static alts_tsi_event* server_next_event; +static notification caller_to_tsi_notification; +static notification tsi_to_caller_notification; + +static void notification_init(notification* n) { + gpr_mu_init(&n->mu); + gpr_cv_init(&n->cv); + n->notified = false; +} + +static void notification_destroy(notification* n) { + gpr_mu_destroy(&n->mu); + gpr_cv_destroy(&n->cv); +} + +static void signal(notification* n) { + gpr_mu_lock(&n->mu); + n->notified = true; + gpr_cv_signal(&n->cv); + gpr_mu_unlock(&n->mu); +} + +static void wait(notification* n) { + gpr_mu_lock(&n->mu); + while (!n->notified) { + gpr_cv_wait(&n->cv, &n->mu, gpr_inf_future(GPR_CLOCK_REALTIME)); + } + n->notified = false; + gpr_mu_unlock(&n->mu); +} + +/** + * This method mocks ALTS handshaker service to generate handshaker response + * for a specific request. + */ +static grpc_byte_buffer* generate_handshaker_response( + alts_handshaker_response_type type) { + grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create(); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_code(resp, 0)); + switch (type) { + case INVALID: + break; + case CLIENT_START: + case SERVER_START: + GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames( + resp, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME, + strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME))); + break; + case CLIENT_NEXT: + GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames( + resp, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME, + strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_identity_service_account( + resp, ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_bytes_consumed( + resp, strlen(ALTS_TSI_HANDSHAKER_TEST_CONSUMED_BYTES))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_key_data( + resp, ALTS_TSI_HANDSHAKER_TEST_KEY_DATA, + strlen(ALTS_TSI_HANDSHAKER_TEST_KEY_DATA))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_rpc_versions( + resp, ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MAJOR, + ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MINOR, + ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MAJOR, + ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MINOR)); + break; + case SERVER_NEXT: + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_identity_service_account( + resp, ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_bytes_consumed( + resp, strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_key_data( + resp, ALTS_TSI_HANDSHAKER_TEST_KEY_DATA, + strlen(ALTS_TSI_HANDSHAKER_TEST_KEY_DATA))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_rpc_versions( + resp, ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MAJOR, + ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MINOR, + ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MAJOR, + ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MINOR)); + break; + case FAILED: + GPR_ASSERT( + grpc_gcp_handshaker_resp_set_code(resp, 3 /* INVALID ARGUMENT */)); + break; + } + grpc_slice slice; + GPR_ASSERT(grpc_gcp_handshaker_resp_encode(resp, &slice)); + if (type == INVALID) { + grpc_slice bad_slice = + grpc_slice_split_head(&slice, GRPC_SLICE_LENGTH(slice) - 1); + grpc_slice_unref(slice); + slice = grpc_slice_ref(bad_slice); + grpc_slice_unref(bad_slice); + } + grpc_byte_buffer* buffer = + grpc_raw_byte_buffer_create(&slice, 1 /* number of slices */); + grpc_slice_unref(slice); + grpc_gcp_handshaker_resp_destroy(resp); + return buffer; +} + +static void check_must_not_be_called(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(0); +} + +static void on_client_start_success_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send_size == strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME)); + GPR_ASSERT(memcmp(bytes_to_send, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME, + bytes_to_send_size) == 0); + GPR_ASSERT(result == nullptr); + /* Validate peer identity. */ + tsi_peer peer; + GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) == + TSI_INVALID_ARGUMENT); + /* Validate frame protector. */ + tsi_frame_protector* protector = nullptr; + GPR_ASSERT(tsi_handshaker_result_create_frame_protector( + result, nullptr, &protector) == TSI_INVALID_ARGUMENT); + /* Validate unused bytes. */ + const unsigned char* unused_bytes = nullptr; + size_t unused_bytes_size = 0; + GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &unused_bytes, + &unused_bytes_size) == + TSI_INVALID_ARGUMENT); + signal(&tsi_to_caller_notification); +} + +static void on_server_start_success_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send_size == strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME)); + GPR_ASSERT(memcmp(bytes_to_send, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME, + bytes_to_send_size) == 0); + GPR_ASSERT(result == nullptr); + /* Validate peer identity. */ + tsi_peer peer; + GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) == + TSI_INVALID_ARGUMENT); + /* Validate frame protector. */ + tsi_frame_protector* protector = nullptr; + GPR_ASSERT(tsi_handshaker_result_create_frame_protector( + result, nullptr, &protector) == TSI_INVALID_ARGUMENT); + /* Validate unused bytes. */ + const unsigned char* unused_bytes = nullptr; + size_t unused_bytes_size = 0; + GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &unused_bytes, + &unused_bytes_size) == + TSI_INVALID_ARGUMENT); + signal(&tsi_to_caller_notification); +} + +static void on_client_next_success_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send_size == strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME)); + GPR_ASSERT(memcmp(bytes_to_send, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME, + bytes_to_send_size) == 0); + GPR_ASSERT(result != nullptr); + /* Validate peer identity. */ + tsi_peer peer; + GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) == TSI_OK); + GPR_ASSERT(peer.property_count == kTsiAltsNumOfPeerProperties); + GPR_ASSERT(memcmp(TSI_ALTS_CERTIFICATE_TYPE, peer.properties[0].value.data, + peer.properties[0].value.length) == 0); + GPR_ASSERT(memcmp(ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY, + peer.properties[1].value.data, + peer.properties[1].value.length) == 0); + tsi_peer_destruct(&peer); + /* Validate unused bytes. */ + const unsigned char* bytes = nullptr; + size_t bytes_size = 0; + GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &bytes, + &bytes_size) == TSI_OK); + GPR_ASSERT(bytes_size == strlen(ALTS_TSI_HANDSHAKER_TEST_REMAIN_BYTES)); + GPR_ASSERT(memcmp(bytes, ALTS_TSI_HANDSHAKER_TEST_REMAIN_BYTES, bytes_size) == + 0); + /* Validate frame protector. */ + tsi_frame_protector* protector = nullptr; + GPR_ASSERT(tsi_handshaker_result_create_frame_protector( + result, nullptr, &protector) == TSI_OK); + GPR_ASSERT(protector != nullptr); + tsi_frame_protector_destroy(protector); + tsi_handshaker_result_destroy(result); + signal(&tsi_to_caller_notification); +} + +static void on_server_next_success_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send_size == 0); + GPR_ASSERT(bytes_to_send == nullptr); + GPR_ASSERT(result != nullptr); + /* Validate peer identity. */ + tsi_peer peer; + GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) == TSI_OK); + GPR_ASSERT(peer.property_count == kTsiAltsNumOfPeerProperties); + GPR_ASSERT(memcmp(TSI_ALTS_CERTIFICATE_TYPE, peer.properties[0].value.data, + peer.properties[0].value.length) == 0); + GPR_ASSERT(memcmp(ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY, + peer.properties[1].value.data, + peer.properties[1].value.length) == 0); + tsi_peer_destruct(&peer); + /* Validate unused bytes. */ + const unsigned char* bytes = nullptr; + size_t bytes_size = 0; + GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &bytes, + &bytes_size) == TSI_OK); + GPR_ASSERT(bytes_size == 0); + GPR_ASSERT(bytes == nullptr); + /* Validate frame protector. */ + tsi_frame_protector* protector = nullptr; + GPR_ASSERT(tsi_handshaker_result_create_frame_protector( + result, nullptr, &protector) == TSI_OK); + GPR_ASSERT(protector != nullptr); + tsi_frame_protector_destroy(protector); + tsi_handshaker_result_destroy(result); + signal(&tsi_to_caller_notification); +} + +static tsi_result mock_client_start(alts_handshaker_client* self, + alts_tsi_event* event) { + alts_mock_handshaker_client* client = + reinterpret_cast<alts_mock_handshaker_client*>(self); + if (!client->used_for_success_test) { + alts_tsi_event_destroy(event); + return TSI_INTERNAL_ERROR; + } + GPR_ASSERT(event->cb == on_client_start_success_cb); + GPR_ASSERT(event->user_data == nullptr); + GPR_ASSERT(!alts_tsi_handshaker_get_has_sent_start_message_for_testing( + event->handshaker)); + /* Populate handshaker response for client_start request. */ + event->recv_buffer = generate_handshaker_response(CLIENT_START); + client_start_event = event; + signal(&caller_to_tsi_notification); + return TSI_OK; +} + +static tsi_result mock_server_start(alts_handshaker_client* self, + alts_tsi_event* event, + grpc_slice* bytes_received) { + alts_mock_handshaker_client* client = + reinterpret_cast<alts_mock_handshaker_client*>(self); + if (!client->used_for_success_test) { + alts_tsi_event_destroy(event); + return TSI_INTERNAL_ERROR; + } + GPR_ASSERT(event->cb == on_server_start_success_cb); + GPR_ASSERT(event->user_data == nullptr); + grpc_slice slice = grpc_empty_slice(); + GPR_ASSERT(grpc_slice_cmp(*bytes_received, slice) == 0); + GPR_ASSERT(!alts_tsi_handshaker_get_has_sent_start_message_for_testing( + event->handshaker)); + /* Populate handshaker response for server_start request. */ + event->recv_buffer = generate_handshaker_response(SERVER_START); + server_start_event = event; + grpc_slice_unref(slice); + signal(&caller_to_tsi_notification); + return TSI_OK; +} + +static tsi_result mock_next(alts_handshaker_client* self, alts_tsi_event* event, + grpc_slice* bytes_received) { + alts_mock_handshaker_client* client = + reinterpret_cast<alts_mock_handshaker_client*>(self); + if (!client->used_for_success_test) { + alts_tsi_event_destroy(event); + return TSI_INTERNAL_ERROR; + } + bool is_client = + alts_tsi_handshaker_get_is_client_for_testing(event->handshaker); + if (is_client) { + GPR_ASSERT(event->cb == on_client_next_success_cb); + } else { + GPR_ASSERT(event->cb == on_server_next_success_cb); + } + GPR_ASSERT(event->user_data == nullptr); + GPR_ASSERT(bytes_received != nullptr); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*bytes_received), + ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES, + GRPC_SLICE_LENGTH(*bytes_received)) == 0); + GPR_ASSERT(grpc_slice_cmp(alts_tsi_handshaker_get_recv_bytes_for_testing( + event->handshaker), + *bytes_received) == 0); + GPR_ASSERT(alts_tsi_handshaker_get_has_sent_start_message_for_testing( + event->handshaker)); + /* Populate handshaker response for next request. */ + grpc_slice out_frame = + grpc_slice_from_static_string(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME); + if (is_client) { + event->recv_buffer = generate_handshaker_response(CLIENT_NEXT); + } else { + event->recv_buffer = generate_handshaker_response(SERVER_NEXT); + } + alts_tsi_handshaker_set_recv_bytes_for_testing(event->handshaker, &out_frame); + if (is_client) { + client_next_event = event; + } else { + server_next_event = event; + } + signal(&caller_to_tsi_notification); + grpc_slice_unref(out_frame); + return TSI_OK; +} + +static void mock_destruct(alts_handshaker_client* client) {} + +static const alts_handshaker_client_vtable vtable = { + mock_client_start, mock_server_start, mock_next, mock_destruct}; + +static alts_handshaker_client* alts_mock_handshaker_client_create( + bool used_for_success_test) { + alts_mock_handshaker_client* client = + static_cast<alts_mock_handshaker_client*>(gpr_zalloc(sizeof(*client))); + client->base.vtable = &vtable; + client->used_for_success_test = used_for_success_test; + return &client->base; +} + +static tsi_handshaker* create_test_handshaker(bool used_for_success_test, + bool is_client) { + tsi_handshaker* handshaker = nullptr; + alts_handshaker_client* client = + alts_mock_handshaker_client_create(used_for_success_test); + grpc_alts_credentials_options* options = + grpc_alts_credentials_client_options_create(); + alts_tsi_handshaker_create(options, "target_name", "lame", is_client, + &handshaker); + alts_tsi_handshaker* alts_handshaker = + reinterpret_cast<alts_tsi_handshaker*>(handshaker); + alts_tsi_handshaker_set_client_for_testing(alts_handshaker, client); + grpc_alts_credentials_options_destroy(options); + return handshaker; +} + +static void check_handshaker_next_invalid_input() { + /* Initialization. */ + tsi_handshaker* handshaker = create_test_handshaker(true, true); + /* Check nullptr handshaker. */ + GPR_ASSERT(tsi_handshaker_next(nullptr, nullptr, 0, nullptr, nullptr, nullptr, + check_must_not_be_called, + nullptr) == TSI_INVALID_ARGUMENT); + /* Check nullptr callback. */ + GPR_ASSERT(tsi_handshaker_next(handshaker, nullptr, 0, nullptr, nullptr, + nullptr, nullptr, + nullptr) == TSI_INVALID_ARGUMENT); + /* Cleanup. */ + tsi_handshaker_destroy(handshaker); +} + +static void check_handshaker_next_success() { + /** + * Create handshakers for which internal mock client is going to do + * correctness check. + */ + tsi_handshaker* client_handshaker = create_test_handshaker( + true /* used_for_success_test */, true /* is_client */); + tsi_handshaker* server_handshaker = create_test_handshaker( + true /* used_for_success_test */, false /* is_client */); + /* Client start. */ + GPR_ASSERT(tsi_handshaker_next(client_handshaker, nullptr, 0, nullptr, + nullptr, nullptr, on_client_start_success_cb, + nullptr) == TSI_ASYNC); + wait(&tsi_to_caller_notification); + /* Client next. */ + GPR_ASSERT(tsi_handshaker_next( + client_handshaker, + (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES, + strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr, + nullptr, on_client_next_success_cb, nullptr) == TSI_ASYNC); + wait(&tsi_to_caller_notification); + /* Server start. */ + GPR_ASSERT(tsi_handshaker_next(server_handshaker, nullptr, 0, nullptr, + nullptr, nullptr, on_server_start_success_cb, + nullptr) == TSI_ASYNC); + wait(&tsi_to_caller_notification); + /* Server next. */ + GPR_ASSERT(tsi_handshaker_next( + server_handshaker, + (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES, + strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr, + nullptr, on_server_next_success_cb, nullptr) == TSI_ASYNC); + wait(&tsi_to_caller_notification); + /* Cleanup. */ + tsi_handshaker_destroy(server_handshaker); + tsi_handshaker_destroy(client_handshaker); +} + +static void check_handshaker_next_failure() { + /** + * Create handshakers for which internal mock client is always going to fail. + */ + tsi_handshaker* client_handshaker = create_test_handshaker( + false /* used_for_success_test */, true /* is_client */); + tsi_handshaker* server_handshaker = create_test_handshaker( + false /* used_for_success_test */, false /* is_client */); + /* Client start. */ + GPR_ASSERT(tsi_handshaker_next(client_handshaker, nullptr, 0, nullptr, + nullptr, nullptr, check_must_not_be_called, + nullptr) == TSI_INTERNAL_ERROR); + /* Server start. */ + GPR_ASSERT(tsi_handshaker_next(server_handshaker, nullptr, 0, nullptr, + nullptr, nullptr, check_must_not_be_called, + nullptr) == TSI_INTERNAL_ERROR); + /* Server next. */ + GPR_ASSERT(tsi_handshaker_next( + server_handshaker, + (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES, + strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr, + nullptr, check_must_not_be_called, + nullptr) == TSI_INTERNAL_ERROR); + /* Client next. */ + GPR_ASSERT(tsi_handshaker_next( + client_handshaker, + (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES, + strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr, + nullptr, check_must_not_be_called, + nullptr) == TSI_INTERNAL_ERROR); + /* Cleanup. */ + tsi_handshaker_destroy(server_handshaker); + tsi_handshaker_destroy(client_handshaker); +} + +static void on_invalid_input_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_INTERNAL_ERROR); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send == nullptr); + GPR_ASSERT(bytes_to_send_size == 0); + GPR_ASSERT(result == nullptr); +} + +static void on_failed_grpc_call_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_INTERNAL_ERROR); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send == nullptr); + GPR_ASSERT(bytes_to_send_size == 0); + GPR_ASSERT(result == nullptr); +} + +static void check_handle_response_invalid_input() { + /** + * Create a handshaker at the client side, for which internal mock client is + * always going to fail. + */ + tsi_handshaker* handshaker = create_test_handshaker( + false /* used_for_success_test */, true /* is_client */); + alts_tsi_handshaker* alts_handshaker = + reinterpret_cast<alts_tsi_handshaker*>(handshaker); + grpc_byte_buffer recv_buffer; + /* Check nullptr handshaker. */ + alts_tsi_handshaker_handle_response(nullptr, &recv_buffer, GRPC_STATUS_OK, + nullptr, on_invalid_input_cb, nullptr, + true); + /* Check nullptr recv_bytes. */ + alts_tsi_handshaker_handle_response(alts_handshaker, nullptr, GRPC_STATUS_OK, + nullptr, on_invalid_input_cb, nullptr, + true); + /* Check failed grpc call made to handshaker service. */ + alts_tsi_handshaker_handle_response(alts_handshaker, &recv_buffer, + GRPC_STATUS_UNKNOWN, nullptr, + on_failed_grpc_call_cb, nullptr, true); + + alts_tsi_handshaker_handle_response(alts_handshaker, &recv_buffer, + GRPC_STATUS_OK, nullptr, + on_failed_grpc_call_cb, nullptr, false); + + /* Cleanup. */ + tsi_handshaker_destroy(handshaker); +} + +static void on_invalid_resp_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_DATA_CORRUPTED); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send == nullptr); + GPR_ASSERT(bytes_to_send_size == 0); + GPR_ASSERT(result == nullptr); +} + +static void check_handle_response_invalid_resp() { + /** + * Create a handshaker at the client side, for which internal mock client is + * always going to fail. + */ + tsi_handshaker* handshaker = create_test_handshaker( + false /* used_for_success_test */, true /* is_client */); + alts_tsi_handshaker* alts_handshaker = + reinterpret_cast<alts_tsi_handshaker*>(handshaker); + /* Tests. */ + grpc_byte_buffer* recv_buffer = generate_handshaker_response(INVALID); + alts_tsi_handshaker_handle_response(alts_handshaker, recv_buffer, + GRPC_STATUS_OK, nullptr, + on_invalid_resp_cb, nullptr, true); + /* Cleanup. */ + grpc_byte_buffer_destroy(recv_buffer); + tsi_handshaker_destroy(handshaker); +} + +static void check_handle_response_success(void* unused) { + /* Client start. */ + wait(&caller_to_tsi_notification); + alts_tsi_event_dispatch_to_handshaker(client_start_event, true /* is_ok */); + alts_tsi_event_destroy(client_start_event); + /* Client next. */ + wait(&caller_to_tsi_notification); + alts_tsi_event_dispatch_to_handshaker(client_next_event, true /* is_ok */); + alts_tsi_event_destroy(client_next_event); + /* Server start. */ + wait(&caller_to_tsi_notification); + alts_tsi_event_dispatch_to_handshaker(server_start_event, true /* is_ok */); + alts_tsi_event_destroy(server_start_event); + /* Server next. */ + wait(&caller_to_tsi_notification); + alts_tsi_event_dispatch_to_handshaker(server_next_event, true /* is_ok */); + alts_tsi_event_destroy(server_next_event); +} + +static void on_failed_resp_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send == nullptr); + GPR_ASSERT(bytes_to_send_size == 0); + GPR_ASSERT(result == nullptr); +} + +static void check_handle_response_failure() { + /** + * Create a handshaker at the client side, for which internal mock client is + * always going to fail. + */ + tsi_handshaker* handshaker = create_test_handshaker( + false /* used_for_success_test */, true /* is_client */); + alts_tsi_handshaker* alts_handshaker = + reinterpret_cast<alts_tsi_handshaker*>(handshaker); + /* Tests. */ + grpc_byte_buffer* recv_buffer = generate_handshaker_response(FAILED); + alts_tsi_handshaker_handle_response(alts_handshaker, recv_buffer, + GRPC_STATUS_OK, nullptr, + on_failed_resp_cb, nullptr, true); + grpc_byte_buffer_destroy(recv_buffer); + /* Cleanup. */ + tsi_handshaker_destroy(handshaker); +} + +void check_handshaker_success() { + /* Initialization. */ + notification_init(&caller_to_tsi_notification); + notification_init(&tsi_to_caller_notification); + client_start_event = nullptr; + client_next_event = nullptr; + server_start_event = nullptr; + server_next_event = nullptr; + /* Tests. */ + grpc_core::Thread thd("alts_tsi_handshaker_test", + &check_handle_response_success, nullptr); + thd.Start(); + check_handshaker_next_success(); + thd.Join(); + /* Cleanup. */ + notification_destroy(&caller_to_tsi_notification); + notification_destroy(&tsi_to_caller_notification); +} + +int main(int argc, char** argv) { + /* Initialization. */ + grpc_init(); + /* Tests. */ + check_handshaker_success(); + check_handshaker_next_invalid_input(); + check_handshaker_next_failure(); + check_handle_response_invalid_input(); + check_handle_response_invalid_resp(); + check_handle_response_failure(); + /* Cleanup. */ + grpc_shutdown(); + return 0; +} diff --git a/test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc b/test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc new file mode 100644 index 0000000000..98c5d23641 --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc @@ -0,0 +1,73 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "src/core/tsi/alts/handshaker/alts_tsi_utils.h" +#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + +#define ALTS_TSI_UTILS_TEST_OUT_FRAME "Hello Google" + +static void convert_to_tsi_result_test() { + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_OK) == TSI_OK); + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_UNKNOWN) == + TSI_UNKNOWN_ERROR); + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result( + GRPC_STATUS_INVALID_ARGUMENT) == TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_OUT_OF_RANGE) == + TSI_UNKNOWN_ERROR); + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_INTERNAL) == + TSI_INTERNAL_ERROR); + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_NOT_FOUND) == + TSI_NOT_FOUND); +} + +static void deserialize_response_test() { + grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create(); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames( + resp, ALTS_TSI_UTILS_TEST_OUT_FRAME, + strlen(ALTS_TSI_UTILS_TEST_OUT_FRAME))); + grpc_slice slice; + GPR_ASSERT(grpc_gcp_handshaker_resp_encode(resp, &slice)); + + /* Valid serialization. */ + grpc_byte_buffer* buffer = + grpc_raw_byte_buffer_create(&slice, 1 /* number of slices */); + grpc_gcp_handshaker_resp* decoded_resp = + alts_tsi_utils_deserialize_response(buffer); + GPR_ASSERT(grpc_gcp_handshaker_resp_equals(resp, decoded_resp)); + grpc_byte_buffer_destroy(buffer); + + /* Invalid serializaiton. */ + grpc_slice bad_slice = + grpc_slice_split_head(&slice, GRPC_SLICE_LENGTH(slice) - 1); + buffer = grpc_raw_byte_buffer_create(&bad_slice, 1 /* number of slices */); + GPR_ASSERT(alts_tsi_utils_deserialize_response(buffer) == nullptr); + + /* Clean up. */ + grpc_slice_unref(slice); + grpc_slice_unref(bad_slice); + grpc_byte_buffer_destroy(buffer); + grpc_gcp_handshaker_resp_destroy(resp); + grpc_gcp_handshaker_resp_destroy(decoded_resp); +} + +int main(int argc, char** argv) { + /* Tests. */ + deserialize_response_test(); + convert_to_tsi_result_test(); + return 0; +} diff --git a/test/core/tsi/alts/handshaker/transport_security_common_api_test.cc b/test/core/tsi/alts/handshaker/transport_security_common_api_test.cc new file mode 100644 index 0000000000..6ff1357c27 --- /dev/null +++ b/test/core/tsi/alts/handshaker/transport_security_common_api_test.cc @@ -0,0 +1,196 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdbool.h> +#include <stdio.h> +#include <stdlib.h> + +#include "src/core/tsi/alts/handshaker/transport_security_common_api.h" + +const size_t kMaxRpcVersionMajor = 3; +const size_t kMaxRpcVersionMinor = 2; +const size_t kMinRpcVersionMajor = 2; +const size_t kMinRpcVersionMinor = 1; + +static bool grpc_gcp_rpc_protocol_versions_equal( + grpc_gcp_rpc_protocol_versions* l_versions, + grpc_gcp_rpc_protocol_versions* r_versions) { + GPR_ASSERT(l_versions != nullptr && r_versions != nullptr); + if ((l_versions->has_max_rpc_version ^ r_versions->has_max_rpc_version) | + (l_versions->has_min_rpc_version ^ r_versions->has_min_rpc_version)) { + return false; + } + if (l_versions->has_max_rpc_version) { + if ((l_versions->max_rpc_version.major != + r_versions->max_rpc_version.major) || + (l_versions->max_rpc_version.minor != + r_versions->max_rpc_version.minor)) { + return false; + } + } + if (l_versions->has_min_rpc_version) { + if ((l_versions->min_rpc_version.major != + r_versions->min_rpc_version.major) || + (l_versions->min_rpc_version.minor != + r_versions->min_rpc_version.minor)) { + return false; + } + } + return true; +} + +static void test_success() { + grpc_gcp_rpc_protocol_versions version; + grpc_gcp_rpc_protocol_versions decoded_version; + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max( + &version, kMaxRpcVersionMajor, kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min( + &version, kMinRpcVersionMajor, kMinRpcVersionMinor)); + /* Serializes to raw bytes. */ + size_t encoded_length = + grpc_gcp_rpc_protocol_versions_encode_length(&version); + uint8_t* encoded_bytes = static_cast<uint8_t*>(gpr_malloc(encoded_length)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes( + &version, encoded_bytes, encoded_length)); + grpc_slice encoded_slice; + /* Serializes to grpc slice. */ + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode(&version, &encoded_slice)); + /* Checks serialized raw bytes and serialized grpc slice have same content. */ + GPR_ASSERT(encoded_length == GRPC_SLICE_LENGTH(encoded_slice)); + GPR_ASSERT(memcmp(encoded_bytes, GRPC_SLICE_START_PTR(encoded_slice), + encoded_length) == 0); + /* Deserializes and compares with the original version. */ + GPR_ASSERT( + grpc_gcp_rpc_protocol_versions_decode(encoded_slice, &decoded_version)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_equal(&version, &decoded_version)); + grpc_slice_unref(encoded_slice); + gpr_free(encoded_bytes); +} + +static void test_failure() { + grpc_gcp_rpc_protocol_versions version, decoded_version; + grpc_slice encoded_slice; + /* Test for invalid arguments. */ + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_set_max( + nullptr, kMaxRpcVersionMajor, kMaxRpcVersionMinor)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_set_min( + nullptr, kMinRpcVersionMajor, kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode_length(nullptr) == 0); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max( + &version, kMaxRpcVersionMajor, kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min( + &version, kMinRpcVersionMajor, kMinRpcVersionMinor)); + size_t encoded_length = + grpc_gcp_rpc_protocol_versions_encode_length(&version); + uint8_t* encoded_bytes = static_cast<uint8_t*>(gpr_malloc(encoded_length)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes( + nullptr, encoded_bytes, encoded_length)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes( + &version, nullptr, encoded_length)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes( + &version, encoded_bytes, 0)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode(nullptr, &encoded_slice)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode(&version, nullptr)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_decode(encoded_slice, nullptr)); + /* Test for nanopb decode. */ + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode(&version, &encoded_slice)); + grpc_slice bad_slice = grpc_slice_split_head( + &encoded_slice, GRPC_SLICE_LENGTH(encoded_slice) - 1); + grpc_slice_unref(encoded_slice); + GPR_ASSERT( + !grpc_gcp_rpc_protocol_versions_decode(bad_slice, &decoded_version)); + grpc_slice_unref(bad_slice); + gpr_free(encoded_bytes); +} + +static void test_copy() { + grpc_gcp_rpc_protocol_versions src; + grpc_gcp_rpc_protocol_versions des; + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&src, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&src, kMinRpcVersionMajor, + kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_copy(&src, &des)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_equal(&src, &des)); +} + +static void test_check_success() { + grpc_gcp_rpc_protocol_versions v1; + grpc_gcp_rpc_protocol_versions v2; + grpc_gcp_rpc_protocol_versions_version highest_common_version; + /* test equality. */ + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v1, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v1, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v2, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v2, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_check( + (const grpc_gcp_rpc_protocol_versions*)&v1, + (const grpc_gcp_rpc_protocol_versions*)&v2, + &highest_common_version) == 1); + GPR_ASSERT(grpc_core::internal::grpc_gcp_rpc_protocol_version_compare( + &highest_common_version, &v1.max_rpc_version) == 0); + + /* test inequality. */ + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v1, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v1, kMinRpcVersionMinor, + kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v2, kMaxRpcVersionMajor, + kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v2, kMinRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_check( + (const grpc_gcp_rpc_protocol_versions*)&v1, + (const grpc_gcp_rpc_protocol_versions*)&v2, + &highest_common_version) == 1); + GPR_ASSERT(grpc_core::internal::grpc_gcp_rpc_protocol_version_compare( + &highest_common_version, &v2.max_rpc_version) == 0); +} + +static void test_check_failure() { + grpc_gcp_rpc_protocol_versions v1; + grpc_gcp_rpc_protocol_versions v2; + grpc_gcp_rpc_protocol_versions_version highest_common_version; + + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v1, kMinRpcVersionMajor, + kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v1, kMinRpcVersionMajor, + kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v2, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v2, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_check( + (const grpc_gcp_rpc_protocol_versions*)&v1, + (const grpc_gcp_rpc_protocol_versions*)&v2, + &highest_common_version) == 0); +} + +int main(int argc, char** argv) { + /* Run tests. */ + test_success(); + test_failure(); + test_copy(); + test_check_success(); + test_check_failure(); + return 0; +} diff --git a/test/core/tsi/alts/zero_copy_frame_protector/BUILD b/test/core/tsi/alts/zero_copy_frame_protector/BUILD new file mode 100644 index 0000000000..80f4572d94 --- /dev/null +++ b/test/core/tsi/alts/zero_copy_frame_protector/BUILD @@ -0,0 +1,49 @@ +# Copyright 2018 gRPC authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +load("//bazel:grpc_build_system.bzl", "grpc_cc_test", "grpc_package") + +licenses(["notice"]) # Apache v2 + +grpc_package(name = "zero_copy_frame_protector") + +grpc_cc_test( + name = "alts_grpc_record_protocol_test", + srcs = ["alts_grpc_record_protocol_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) + +grpc_cc_test( + name = "alts_iovec_record_protocol_test", + srcs = ["alts_iovec_record_protocol_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) + +grpc_cc_test( + name = "alts_zero_copy_grpc_protector_test", + srcs = ["alts_zero_copy_grpc_protector_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) diff --git a/test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc b/test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc new file mode 100644 index 0000000000..fbbea71cb7 --- /dev/null +++ b/test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc @@ -0,0 +1,449 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/slice/slice_internal.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +constexpr size_t kMaxSliceLength = 256; +constexpr size_t kMaxSlices = 10; +constexpr size_t kSealRepeatTimes = 5; +constexpr size_t kTagLength = 16; + +/* Test fixtures for each test cases. */ +struct alts_grpc_record_protocol_test_fixture { + alts_grpc_record_protocol* client_protect; + alts_grpc_record_protocol* client_unprotect; + alts_grpc_record_protocol* server_protect; + alts_grpc_record_protocol* server_unprotect; +}; + +/* Test input variables for protect/unprotect operations. */ +struct alts_grpc_record_protocol_test_var { + size_t header_length; + size_t tag_length; + grpc_slice_buffer original_sb; + grpc_slice_buffer duplicate_sb; + grpc_slice_buffer protected_sb; + grpc_slice_buffer unprotected_sb; +}; + +/* --- Test utility functions. --- */ + +static void create_random_slice_buffer(grpc_slice_buffer* sb) { + GPR_ASSERT(sb != nullptr); + size_t slice_count = gsec_test_bias_random_uint32(kMaxSlices) + 1; + for (size_t i = 0; i < slice_count; i++) { + size_t slice_length = gsec_test_bias_random_uint32(kMaxSliceLength) + 1; + grpc_slice slice = GRPC_SLICE_MALLOC(slice_length); + gsec_test_random_bytes(GRPC_SLICE_START_PTR(slice), slice_length); + grpc_slice_buffer_add(sb, slice); + } +} + +static uint8_t* pointer_to_nth_byte(grpc_slice_buffer* sb, size_t index) { + GPR_ASSERT(sb != nullptr); + GPR_ASSERT(index < sb->length); + for (size_t i = 0; i < sb->count; i++) { + if (index < GRPC_SLICE_LENGTH(sb->slices[i])) { + return GRPC_SLICE_START_PTR(sb->slices[i]) + index; + } else { + index -= GRPC_SLICE_LENGTH(sb->slices[i]); + } + } + return nullptr; +} + +/* Checks if two slice buffer contents are the same. It is not super efficient, + * but OK for testing. */ +static bool are_slice_buffers_equal(grpc_slice_buffer* first, + grpc_slice_buffer* second) { + GPR_ASSERT(first != nullptr); + GPR_ASSERT(second != nullptr); + if (first->length != second->length) { + return false; + } + for (size_t i = 0; i < first->length; i++) { + uint8_t* first_ptr = pointer_to_nth_byte(first, i); + uint8_t* second_ptr = pointer_to_nth_byte(second, i); + GPR_ASSERT(first_ptr != nullptr); + GPR_ASSERT(second_ptr != nullptr); + if ((*first_ptr) != (*second_ptr)) { + return false; + } + } + return true; +} + +static void alter_random_byte(grpc_slice_buffer* sb) { + GPR_ASSERT(sb != nullptr); + if (sb->length == 0) { + return; + } + uint32_t offset = + gsec_test_bias_random_uint32(static_cast<uint32_t>(sb->length)); + uint8_t* ptr = pointer_to_nth_byte(sb, offset); + (*ptr)++; +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_integrity_only_create(bool rekey) { + alts_grpc_record_protocol_test_fixture* fixture = + static_cast<alts_grpc_record_protocol_test_fixture*>( + gpr_zalloc(sizeof(alts_grpc_record_protocol_test_fixture))); + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + uint8_t* key; + gsec_test_random_array(&key, key_length); + gsec_aead_crypter* crypter = nullptr; + + /* Create client record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create( + crypter, 8, /*is_client=*/true, /*is_protect=*/true, + &fixture->client_protect) == TSI_OK); + /* Create client record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create( + crypter, 8, /*is_client=*/true, /*is_protect=*/false, + &fixture->client_unprotect) == TSI_OK); + /* Create server record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create( + crypter, 8, /*is_client=*/false, /*is_protect=*/true, + &fixture->server_protect) == TSI_OK); + /* Create server record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create( + crypter, 8, /*is_client=*/false, /*is_protect=*/false, + &fixture->server_unprotect) == TSI_OK); + + gpr_free(key); + return fixture; +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_integrity_only_no_rekey_create() { + return test_fixture_integrity_only_create(false); +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_integrity_only_rekey_create() { + return test_fixture_integrity_only_create(true); +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_privacy_integrity_create(bool rekey) { + alts_grpc_record_protocol_test_fixture* fixture = + static_cast<alts_grpc_record_protocol_test_fixture*>( + gpr_zalloc(sizeof(alts_grpc_record_protocol_test_fixture))); + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + uint8_t* key; + gsec_test_random_array(&key, key_length); + gsec_aead_crypter* crypter = nullptr; + + /* Create client record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create( + crypter, 8, /*is_client=*/true, /*is_protect=*/true, + &fixture->client_protect) == TSI_OK); + /* Create client record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create( + crypter, 8, /*is_client=*/true, /*is_protect=*/false, + &fixture->client_unprotect) == TSI_OK); + /* Create server record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create( + crypter, 8, /*is_client=*/false, /*is_protect=*/true, + &fixture->server_protect) == TSI_OK); + /* Create server record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create( + crypter, 8, /*is_client=*/false, /*is_protect=*/false, + &fixture->server_unprotect) == TSI_OK); + + gpr_free(key); + return fixture; +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_privacy_integrity_no_rekey_create() { + return test_fixture_privacy_integrity_create(false); +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_privacy_integrity_rekey_create() { + return test_fixture_privacy_integrity_create(true); +} + +static void alts_grpc_record_protocol_test_fixture_destroy( + alts_grpc_record_protocol_test_fixture* fixture) { + if (fixture == nullptr) { + return; + } + grpc_core::ExecCtx exec_ctx; + alts_grpc_record_protocol_destroy(fixture->client_protect); + alts_grpc_record_protocol_destroy(fixture->client_unprotect); + alts_grpc_record_protocol_destroy(fixture->server_protect); + alts_grpc_record_protocol_destroy(fixture->server_unprotect); + grpc_core::ExecCtx::Get()->Flush(); + gpr_free(fixture); +} + +static alts_grpc_record_protocol_test_var* +alts_grpc_record_protocol_test_var_create() { + alts_grpc_record_protocol_test_var* var = + static_cast<alts_grpc_record_protocol_test_var*>( + gpr_zalloc(sizeof(alts_grpc_record_protocol_test_var))); + var->header_length = alts_iovec_record_protocol_get_header_length(); + var->tag_length = kTagLength; + /* Initialized slice buffers. */ + grpc_slice_buffer_init(&var->original_sb); + grpc_slice_buffer_init(&var->duplicate_sb); + grpc_slice_buffer_init(&var->protected_sb); + grpc_slice_buffer_init(&var->unprotected_sb); + /* Randomly sets content of original_sb, and copies into duplicate_sb. */ + create_random_slice_buffer(&var->original_sb); + for (size_t i = 0; i < var->original_sb.count; i++) { + grpc_slice_buffer_add(&var->duplicate_sb, + grpc_slice_ref(var->original_sb.slices[i])); + } + return var; +} + +static void alts_grpc_record_protocol_test_var_destroy( + alts_grpc_record_protocol_test_var* var) { + if (var == nullptr) { + return; + } + grpc_slice_buffer_destroy_internal(&var->original_sb); + grpc_slice_buffer_destroy_internal(&var->duplicate_sb); + grpc_slice_buffer_destroy_internal(&var->protected_sb); + grpc_slice_buffer_destroy_internal(&var->unprotected_sb); + gpr_free(var); +} + +/* --- alts grpc record protocol tests. --- */ + +static void random_seal_unseal(alts_grpc_record_protocol* sender, + alts_grpc_record_protocol* receiver) { + grpc_core::ExecCtx exec_ctx; + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_grpc_record_protocol_test_var* var = + alts_grpc_record_protocol_test_var_create(); + /* Seals and then unseals. */ + size_t data_length = var->original_sb.length; + tsi_result status = alts_grpc_record_protocol_protect( + sender, &var->original_sb, &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(var->protected_sb.length == + data_length + var->header_length + var->tag_length); + status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb, + &var->unprotected_sb); + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT( + are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb)); + alts_grpc_record_protocol_test_var_destroy(var); + } + grpc_core::ExecCtx::Get()->Flush(); +} + +static void empty_seal_unseal(alts_grpc_record_protocol* sender, + alts_grpc_record_protocol* receiver) { + grpc_core::ExecCtx exec_ctx; + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_grpc_record_protocol_test_var* var = + alts_grpc_record_protocol_test_var_create(); + /* Seals and then unseals empty payload. */ + grpc_slice_buffer_reset_and_unref_internal(&var->original_sb); + grpc_slice_buffer_reset_and_unref_internal(&var->duplicate_sb); + tsi_result status = alts_grpc_record_protocol_protect( + sender, &var->original_sb, &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(var->protected_sb.length == + var->header_length + var->tag_length); + status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb, + &var->unprotected_sb); + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT( + are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb)); + alts_grpc_record_protocol_test_var_destroy(var); + } + grpc_core::ExecCtx::Get()->Flush(); +} + +static void unsync_seal_unseal(alts_grpc_record_protocol* sender, + alts_grpc_record_protocol* receiver) { + grpc_core::ExecCtx exec_ctx; + tsi_result status; + alts_grpc_record_protocol_test_var* var = + alts_grpc_record_protocol_test_var_create(); + /* Seals once. */ + status = alts_grpc_record_protocol_protect(sender, &var->original_sb, + &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + grpc_slice_buffer_reset_and_unref_internal(&var->protected_sb); + /* Seals again. */ + status = alts_grpc_record_protocol_protect(sender, &var->duplicate_sb, + &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + /* Unseals the second frame. */ + status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb, + &var->unprotected_sb); + GPR_ASSERT(status == TSI_INTERNAL_ERROR); + alts_grpc_record_protocol_test_var_destroy(var); + grpc_core::ExecCtx::Get()->Flush(); +} + +static void corrupted_data(alts_grpc_record_protocol* sender, + alts_grpc_record_protocol* receiver) { + grpc_core::ExecCtx exec_ctx; + tsi_result status; + alts_grpc_record_protocol_test_var* var = + alts_grpc_record_protocol_test_var_create(); + /* Seals once. */ + status = alts_grpc_record_protocol_protect(sender, &var->original_sb, + &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + /* Corrupts one byte in protected_sb and tries to unprotect. */ + alter_random_byte(&var->protected_sb); + status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb, + &var->unprotected_sb); + GPR_ASSERT(status == TSI_INTERNAL_ERROR); + alts_grpc_record_protocol_test_var_destroy(var); + grpc_core::ExecCtx::Get()->Flush(); +} + +static void input_check(alts_grpc_record_protocol* rp) { + grpc_core::ExecCtx exec_ctx; + tsi_result status; + alts_grpc_record_protocol_test_var* var = + alts_grpc_record_protocol_test_var_create(); + /* Protects with nullptr input. */ + status = alts_grpc_record_protocol_protect(rp, nullptr, &var->protected_sb); + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + status = alts_grpc_record_protocol_protect(rp, &var->original_sb, nullptr); + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + /* Unprotects with nullptr input. */ + status = alts_grpc_record_protocol_protect(rp, &var->original_sb, + &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + status = + alts_grpc_record_protocol_unprotect(rp, nullptr, &var->unprotected_sb); + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + status = alts_grpc_record_protocol_unprotect(rp, &var->protected_sb, nullptr); + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + /* Unprotects on a temporary slice buffer which length is smaller than header + * length plus tag length. */ + grpc_slice_buffer temp_sb; + grpc_slice_buffer_init(&temp_sb); + grpc_slice_buffer_move_first( + &var->protected_sb, var->header_length + var->tag_length - 1, &temp_sb); + status = + alts_grpc_record_protocol_unprotect(rp, &temp_sb, &var->unprotected_sb); + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + grpc_slice_buffer_destroy_internal(&temp_sb); + alts_grpc_record_protocol_test_var_destroy(var); + grpc_core::ExecCtx::Get()->Flush(); +} + +/* --- Test cases. --- */ + +static void alts_grpc_record_protocol_random_seal_unseal_tests( + alts_grpc_record_protocol_test_fixture* fixture) { + random_seal_unseal(fixture->client_protect, fixture->server_unprotect); + random_seal_unseal(fixture->server_protect, fixture->client_unprotect); +} + +static void alts_grpc_record_protocol_empty_seal_unseal_tests( + alts_grpc_record_protocol_test_fixture* fixture) { + empty_seal_unseal(fixture->client_protect, fixture->server_unprotect); + empty_seal_unseal(fixture->server_protect, fixture->client_unprotect); +} + +static void alts_grpc_record_protocol_unsync_seal_unseal_tests( + alts_grpc_record_protocol_test_fixture* fixture) { + unsync_seal_unseal(fixture->client_protect, fixture->server_unprotect); + unsync_seal_unseal(fixture->server_protect, fixture->client_unprotect); +} + +static void alts_grpc_record_protocol_corrupted_data_tests( + alts_grpc_record_protocol_test_fixture* fixture) { + corrupted_data(fixture->client_protect, fixture->server_unprotect); + corrupted_data(fixture->server_protect, fixture->client_unprotect); +} + +static void alts_grpc_record_protocol_input_check_tests( + alts_grpc_record_protocol_test_fixture* fixture) { + input_check(fixture->client_protect); +} + +static void alts_grpc_record_protocol_tests( + alts_grpc_record_protocol_test_fixture* (*fixture_create)()) { + auto* fixture_1 = fixture_create(); + alts_grpc_record_protocol_random_seal_unseal_tests(fixture_1); + alts_grpc_record_protocol_test_fixture_destroy(fixture_1); + + auto* fixture_2 = fixture_create(); + alts_grpc_record_protocol_empty_seal_unseal_tests(fixture_2); + alts_grpc_record_protocol_test_fixture_destroy(fixture_2); + + auto* fixture_3 = fixture_create(); + alts_grpc_record_protocol_unsync_seal_unseal_tests(fixture_3); + alts_grpc_record_protocol_test_fixture_destroy(fixture_3); + + auto* fixture_4 = fixture_create(); + alts_grpc_record_protocol_corrupted_data_tests(fixture_4); + alts_grpc_record_protocol_test_fixture_destroy(fixture_4); + + auto* fixture_5 = fixture_create(); + alts_grpc_record_protocol_input_check_tests(fixture_5); + alts_grpc_record_protocol_test_fixture_destroy(fixture_5); +} + +int main(int argc, char** argv) { + alts_grpc_record_protocol_tests(&test_fixture_integrity_only_no_rekey_create); + alts_grpc_record_protocol_tests(&test_fixture_integrity_only_rekey_create); + alts_grpc_record_protocol_tests( + &test_fixture_privacy_integrity_no_rekey_create); + alts_grpc_record_protocol_tests(&test_fixture_privacy_integrity_rekey_create); + + return 0; +} diff --git a/test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc b/test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc new file mode 100644 index 0000000000..db1934bbae --- /dev/null +++ b/test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc @@ -0,0 +1,928 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +constexpr size_t kMaxDataSize = 1024; +constexpr size_t kMaxSlices = 10; +constexpr size_t kSealRepeatTimes = 5; +constexpr size_t kTagLength = 16; + +/* Test fixtures for each test cases. */ +struct alts_iovec_record_protocol_test_fixture { + alts_iovec_record_protocol* client_protect; + alts_iovec_record_protocol* client_unprotect; + alts_iovec_record_protocol* server_protect; + alts_iovec_record_protocol* server_unprotect; +}; + +/* Test variables for protect/unprotect operations. */ +struct alts_iovec_record_protocol_test_var { + uint8_t* header_buf; + size_t header_length; + iovec_t header_iovec; + uint8_t* tag_buf; + size_t tag_length; + iovec_t tag_iovec; + uint8_t* data_buf; + uint8_t* dup_buf; + size_t data_length; + iovec_t* data_iovec; + size_t data_iovec_length; + uint8_t* protected_buf; + iovec_t protected_iovec; + iovec_t unprotected_iovec; +}; + +/* --- Test utility functions. --- */ + +static void randomly_slice(uint8_t* input, size_t input_length, + iovec_t** output, size_t* output_length) { + if (input_length == 0) { + *output = nullptr; + *output_length = 0; + return; + } + *output_length = gsec_test_bias_random_uint32(kMaxSlices) + 1; + *output = static_cast<iovec_t*>(gpr_malloc(*output_length * sizeof(iovec_t))); + for (size_t i = 0; i < *output_length - 1; i++) { + size_t slice_length = + gsec_test_bias_random_uint32(static_cast<uint32_t>(input_length)); + iovec_t slice = {input, slice_length}; + (*output)[i] = slice; + input += slice_length; + input_length -= slice_length; + } + iovec_t slice = {input, input_length}; + (*output)[*output_length - 1] = slice; +} + +static size_t alter_random_byte(uint8_t* buf, size_t buf_length) { + GPR_ASSERT(buf != nullptr); + uint32_t offset = + gsec_test_bias_random_uint32(static_cast<uint32_t>(buf_length)); + (*(buf + offset))++; + return offset; +} + +static void revert_back_alter(uint8_t* buf, size_t offset) { + GPR_ASSERT(buf != nullptr); + (*(buf + offset))--; +} + +static alts_iovec_record_protocol_test_fixture* +alts_iovec_record_protocol_test_fixture_create(bool rekey, + bool integrity_only) { + alts_iovec_record_protocol_test_fixture* fixture = + static_cast<alts_iovec_record_protocol_test_fixture*>( + gpr_malloc(sizeof(alts_iovec_record_protocol_test_fixture))); + size_t overflow_size = 8; + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + uint8_t* key; + gsec_test_random_array(&key, key_length); + gsec_aead_crypter* crypter = nullptr; + /* Create client record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_iovec_record_protocol_create( + crypter, overflow_size, /*is_client=*/true, integrity_only, + /*is_protect=*/true, &fixture->client_protect, + nullptr) == GRPC_STATUS_OK); + /* Create client record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_iovec_record_protocol_create( + crypter, overflow_size, /*is_client=*/true, integrity_only, + /*is_protect=*/false, &fixture->client_unprotect, + nullptr) == GRPC_STATUS_OK); + /* Create server record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_iovec_record_protocol_create( + crypter, overflow_size, /*is_client=*/false, integrity_only, + /*is_protect=*/true, &fixture->server_protect, + nullptr) == GRPC_STATUS_OK); + /* Create server record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_iovec_record_protocol_create( + crypter, overflow_size, /*is_client=*/false, integrity_only, + /*is_protect=*/false, &fixture->server_unprotect, + nullptr) == GRPC_STATUS_OK); + + gpr_free(key); + return fixture; +} + +static void alts_iovec_record_protocol_test_fixture_destroy( + alts_iovec_record_protocol_test_fixture* fixture) { + if (fixture == nullptr) { + return; + } + alts_iovec_record_protocol_destroy(fixture->client_protect); + alts_iovec_record_protocol_destroy(fixture->client_unprotect); + alts_iovec_record_protocol_destroy(fixture->server_protect); + alts_iovec_record_protocol_destroy(fixture->server_unprotect); + gpr_free(fixture); +} + +static alts_iovec_record_protocol_test_var* +alts_iovec_record_protocol_test_var_create() { + auto* var = static_cast<alts_iovec_record_protocol_test_var*>( + gpr_zalloc(sizeof(alts_iovec_record_protocol_test_var))); + /* Sets header buffer. */ + var->header_length = alts_iovec_record_protocol_get_header_length(); + var->header_buf = static_cast<uint8_t*>(gpr_malloc(var->header_length)); + var->header_iovec.iov_base = var->header_buf; + var->header_iovec.iov_len = var->header_length; + /* Sets tag buffer. */ + var->tag_length = kTagLength; + var->tag_buf = static_cast<uint8_t*>(gpr_malloc(var->tag_length)); + var->tag_iovec.iov_base = var->tag_buf; + var->tag_iovec.iov_len = var->tag_length; + /* Randomly sets data buffer and duplicates to dup_buf. */ + var->data_length = gsec_test_bias_random_uint32(kMaxDataSize) + 1; + var->data_buf = static_cast<uint8_t*>(gpr_malloc(var->data_length)); + gsec_test_random_bytes(var->data_buf, var->data_length); + gsec_test_copy(var->data_buf, &var->dup_buf, var->data_length); + var->data_iovec = nullptr; + var->data_iovec_length = 0; + randomly_slice(var->data_buf, var->data_length, &var->data_iovec, + &var->data_iovec_length); + /* Sets protected iovec. */ + size_t protected_buf_length = + var->header_length + var->data_length + var->tag_length; + var->protected_buf = static_cast<uint8_t*>(gpr_malloc(protected_buf_length)); + var->protected_iovec.iov_base = var->protected_buf; + var->protected_iovec.iov_len = protected_buf_length; + /* Unprotected iovec points to data_buf. */ + var->unprotected_iovec.iov_base = var->data_buf; + var->unprotected_iovec.iov_len = var->data_length; + return var; +} + +static void alts_iovec_record_protocol_test_var_destroy( + alts_iovec_record_protocol_test_var* var) { + if (var == nullptr) { + return; + } + gpr_free(var->header_buf); + gpr_free(var->tag_buf); + gpr_free(var->data_buf); + gpr_free(var->dup_buf); + gpr_free(var->data_iovec); + gpr_free(var->protected_buf); + gpr_free(var); +} + +/* --- Integrity-only protect/unprotect tests. --- */ + +static void integrity_only_random_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + /* Seals and then unseals. */ + grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect( + sender, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + gpr_free(var->data_iovec); + /* Randomly slices data buffer again. */ + randomly_slice(var->data_buf, var->data_length, &var->data_iovec, + &var->data_iovec_length); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Makes sure data buffer has not been modified during + * seal/unseal. */ + GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0); + alts_iovec_record_protocol_test_var_destroy(var); + } +} + +static void integrity_only_empty_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + /* Seals and then unseals empty payload. */ + grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect( + sender, nullptr, 0, var->header_iovec, var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, nullptr, 0, var->header_iovec, var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + alts_iovec_record_protocol_test_var_destroy(var); + } +} + +static void integrity_only_unsync_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + /* Seals once. */ + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect( + sender, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + alts_iovec_record_protocol_test_var_destroy(var); + /* Seals again. */ + var = alts_iovec_record_protocol_test_var_create(); + status = alts_iovec_record_protocol_integrity_only_protect( + sender, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Unseals the second frame. */ + char* error_message = nullptr; + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Frame tag verification failed.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void integrity_only_corrupted_data( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + /* Seals the data first. */ + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect( + sender, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Alter frame length field. */ + char* error_message = nullptr; + size_t offset = + alter_random_byte(var->header_buf, kZeroCopyFrameLengthFieldSize); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, "Bad frame length.")); + gpr_free(error_message); + revert_back_alter(var->header_buf, offset); + /* Alter message type field. */ + offset = alter_random_byte(var->header_buf + kZeroCopyFrameLengthFieldSize, + kZeroCopyFrameMessageTypeFieldSize); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Unsupported message type.")); + gpr_free(error_message); + revert_back_alter(var->header_buf + kZeroCopyFrameLengthFieldSize, offset); + /* Alter data. */ + offset = alter_random_byte(var->data_buf, var->data_length); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Frame tag verification failed.")); + gpr_free(error_message); + revert_back_alter(var->data_buf, offset); + /* Alter tag. */ + offset = alter_random_byte(var->tag_buf, var->tag_length); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Frame tag verification failed.")); + gpr_free(error_message); + revert_back_alter(var->tag_buf, offset); + /* Reverted protected data should be verified correctly. */ + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void integrity_only_protect_input_check(alts_iovec_record_protocol* rp) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + char* error_message = nullptr; + /* Header buffer is nullptr. */ + iovec_t header_iovec = {nullptr, var->header_length}; + grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect( + rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header is nullptr.")); + gpr_free(error_message); + /* Header buffer length is 0. */ + header_iovec.iov_base = var->header_buf; + header_iovec.iov_len = 0; + status = alts_iovec_record_protocol_integrity_only_protect( + rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header length is incorrect.")); + gpr_free(error_message); + /* Tag buffer is nullptr. */ + iovec_t tag_iovec = {nullptr, var->tag_length}; + status = alts_iovec_record_protocol_integrity_only_protect( + rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "Tag is nullptr.")); + gpr_free(error_message); + /* Tag buffer length is 0. */ + tag_iovec.iov_base = var->tag_buf; + tag_iovec.iov_len = 0; + status = alts_iovec_record_protocol_integrity_only_protect( + rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Tag length is incorrect.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void integrity_only_unprotect_input_check( + alts_iovec_record_protocol* rp) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + char* error_message = nullptr; + /* Header buffer is nullptr. */ + iovec_t header_iovec = {nullptr, var->header_length}; + grpc_status_code status = alts_iovec_record_protocol_integrity_only_unprotect( + rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header is nullptr.")); + gpr_free(error_message); + /* Header buffer length is 0. */ + header_iovec.iov_base = var->header_buf; + header_iovec.iov_len = 0; + status = alts_iovec_record_protocol_integrity_only_unprotect( + rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header length is incorrect.")); + gpr_free(error_message); + /* Tag buffer is nullptr. */ + iovec_t tag_iovec = {nullptr, var->tag_length}; + status = alts_iovec_record_protocol_integrity_only_unprotect( + rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "Tag is nullptr.")); + gpr_free(error_message); + /* Tag buffer length is 0. */ + tag_iovec.iov_base = var->tag_buf; + tag_iovec.iov_len = 0; + status = alts_iovec_record_protocol_integrity_only_unprotect( + rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Tag length is incorrect.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +/* --- Privacy-integrity protect/unprotect tests. --- */ + +static void privacy_integrity_random_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + /* Seals and then unseals. */ + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_protect( + sender, var->data_iovec, var->data_iovec_length, + var->protected_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + iovec_t header_iovec = {var->protected_buf, var->header_length}; + gpr_free(var->data_iovec); + /* Randomly slices protected buffer, excluding the header. */ + randomly_slice(var->protected_buf + var->header_length, + var->data_length + var->tag_length, &var->data_iovec, + &var->data_iovec_length); + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, var->data_iovec, var->data_iovec_length, + var->unprotected_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Makes sure unprotected data are the same as the original. */ + GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0); + alts_iovec_record_protocol_test_var_destroy(var); + } +} + +static void privacy_integrity_empty_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + size_t empty_payload_frame_size = var->header_length + var->tag_length; + auto* protected_buf = + static_cast<uint8_t*>(gpr_malloc(empty_payload_frame_size)); + for (size_t i = 0; i < kSealRepeatTimes; i++) { + iovec_t protected_iovec = {protected_buf, empty_payload_frame_size}; + iovec_t unprotected_iovec = {nullptr, 0}; + iovec_t data_iovec = {protected_buf + var->header_length, var->tag_length}; + /* Seals and then unseals empty payload. */ + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_protect( + sender, nullptr, 0, protected_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + iovec_t header_iovec = {protected_buf, var->header_length}; + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &data_iovec, 1, unprotected_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + } + gpr_free(protected_buf); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void privacy_integrity_unsync_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + /* Seals once. */ + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_protect( + sender, var->data_iovec, var->data_iovec_length, var->protected_iovec, + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + alts_iovec_record_protocol_test_var_destroy(var); + /* Seals again. */ + var = alts_iovec_record_protocol_test_var_create(); + status = alts_iovec_record_protocol_privacy_integrity_protect( + sender, var->data_iovec, var->data_iovec_length, var->protected_iovec, + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Unseals the second frame. */ + char* error_message = nullptr; + iovec_t header_iovec = {var->protected_buf, var->header_length}; + iovec_t protected_iovec = {var->protected_buf + var->header_length, + var->data_length + var->tag_length}; + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, "Frame decryption failed.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void privacy_integrity_corrupted_data( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + /* Seals the data first. */ + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_protect( + sender, var->data_iovec, var->data_iovec_length, var->protected_iovec, + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + char* error_message = nullptr; + uint8_t* header_buf = var->protected_buf; + size_t header_length = var->header_length; + iovec_t header_iovec = {header_buf, header_length}; + /* The following protected_buf and protected_length excludes header. */ + uint8_t* protected_buf = var->protected_buf + var->header_length; + size_t protected_length = var->data_length + var->tag_length; + iovec_t protected_iovec = {protected_buf, protected_length}; + /* Alter frame length field. */ + size_t offset = alter_random_byte(header_buf, kZeroCopyFrameLengthFieldSize); + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, "Bad frame length.")); + gpr_free(error_message); + revert_back_alter(header_buf, offset); + /* Alter message type field. */ + offset = alter_random_byte(header_buf + kZeroCopyFrameLengthFieldSize, + kZeroCopyFrameMessageTypeFieldSize); + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Unsupported message type.")); + gpr_free(error_message); + revert_back_alter(header_buf + kZeroCopyFrameLengthFieldSize, offset); + /* Alter protected data. */ + offset = alter_random_byte(protected_buf, protected_length); + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, "Frame decryption failed.")); + gpr_free(error_message); + revert_back_alter(protected_buf, offset); + /* Reverted protected data should be verified correctly. */ + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void privacy_integrity_protect_input_check( + alts_iovec_record_protocol* rp) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + char* error_message = nullptr; + /* Protected output buffer is nullptr. */ + iovec_t protected_iovec = {nullptr, var->protected_iovec.iov_len}; + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_protect( + rp, var->data_iovec, var->data_iovec_length, protected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Protected frame is nullptr.")); + gpr_free(error_message); + /* Protected output buffer length incorrect. */ + protected_iovec.iov_base = var->protected_buf; + protected_iovec.iov_len = var->header_length + var->data_length; + status = alts_iovec_record_protocol_privacy_integrity_protect( + rp, var->data_iovec, var->data_iovec_length, protected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Protected frame size is incorrect.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void privacy_integrity_unprotect_input_check( + alts_iovec_record_protocol* rp) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + char* error_message = nullptr; + /* Header buffer is nullptr. */ + iovec_t header_iovec = {var->protected_buf, var->header_length}; + iovec_t protected_iovec = {var->protected_buf + var->header_length, + var->data_length + var->tag_length}; + header_iovec.iov_base = nullptr; + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_unprotect( + rp, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header is nullptr.")); + gpr_free(error_message); + header_iovec.iov_base = var->protected_buf; + /* Header buffer length is 0. */ + header_iovec.iov_len = 0; + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + rp, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header length is incorrect.")); + gpr_free(error_message); + header_iovec.iov_len = var->header_length; + /* Unprotected output buffer length is incorrect. */ + iovec_t unprotected_iovec = {var->data_buf, var->data_length - 1}; + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + rp, header_iovec, &protected_iovec, 1, unprotected_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Unprotected data size is incorrect.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +/* --- Integrity-only and privacy-integrity mixed. --- */ + +static void record_protocol_wrong_mode( + alts_iovec_record_protocol* integrity_only_protect_rp, + alts_iovec_record_protocol* integrity_only_unprotect_rp, + alts_iovec_record_protocol* privacy_integrity_protect_rp, + alts_iovec_record_protocol* privacy_integrity_unprotect_rp) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status; + char* error_message = nullptr; + /* Call integrity-only protect on privacy-integrity record protocol. */ + status = alts_iovec_record_protocol_integrity_only_protect( + privacy_integrity_protect_rp, var->data_iovec, var->data_iovec_length, + var->header_iovec, var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Integrity-only operations are not allowed for this object.")); + gpr_free(error_message); + /* Call integrity-only unprotect on privacy-integrity record protocol. */ + status = alts_iovec_record_protocol_integrity_only_unprotect( + privacy_integrity_unprotect_rp, var->data_iovec, var->data_iovec_length, + var->header_iovec, var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Integrity-only operations are not allowed for this object.")); + gpr_free(error_message); + /* Call privacy-integrity protect on integrity-only record protocol. */ + status = alts_iovec_record_protocol_privacy_integrity_protect( + integrity_only_protect_rp, var->data_iovec, var->data_iovec_length, + var->protected_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Privacy-integrity operations are not allowed for this object.")); + gpr_free(error_message); + /* Call privacy-integrity unprotect on integrity-only record protocol. */ + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + integrity_only_unprotect_rp, var->header_iovec, var->data_iovec, + var->data_iovec_length, var->unprotected_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Privacy-integrity operations are not allowed for this object.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void integrity_seal_privacy_unseal( + alts_iovec_record_protocol* integrity_only_sender, + alts_iovec_record_protocol* privacy_integrity_receiver) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status; + char* error_message = nullptr; + /* Seals with integrity-only protect. */ + status = alts_iovec_record_protocol_integrity_only_protect( + integrity_only_sender, var->data_iovec, var->data_iovec_length, + var->header_iovec, var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Unseal with privacy-integrity unprotect. */ + memcpy(var->protected_buf, var->data_buf, var->data_length); + memcpy(var->protected_buf + var->data_length, var->tag_buf, var->tag_length); + iovec_t protected_iovec = {var->protected_buf, + var->data_length + var->tag_length}; + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + privacy_integrity_receiver, var->header_iovec, &protected_iovec, 1, + var->unprotected_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, "Frame decryption failed.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void privacy_seal_integrity_unseal( + alts_iovec_record_protocol* privacy_integrity_sender, + alts_iovec_record_protocol* integrity_only_receiver) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status; + char* error_message = nullptr; + /* Seals with privacy-integrity protect. */ + status = alts_iovec_record_protocol_privacy_integrity_protect( + privacy_integrity_sender, var->data_iovec, var->data_iovec_length, + var->protected_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Unseal with integrity-only unprotect. */ + iovec_t header_iovec = {var->protected_buf, var->header_length}; + iovec_t data_iovec = {var->protected_buf + var->header_length, + var->data_length}; + iovec_t tag_iovec = { + var->protected_buf + var->header_length + var->data_length, + var->tag_length}; + status = alts_iovec_record_protocol_integrity_only_unprotect( + integrity_only_receiver, &data_iovec, 1, header_iovec, tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Frame tag verification failed.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +/* --- Test cases. --- */ + +static void alts_iovec_record_protocol_random_seal_unseal_tests() { + alts_iovec_record_protocol_test_fixture* fixture = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + integrity_only_random_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_random_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + integrity_only_random_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_random_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + privacy_integrity_random_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_random_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + privacy_integrity_random_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_random_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); +} + +static void alts_iovec_record_protocol_empty_seal_unseal_tests() { + alts_iovec_record_protocol_test_fixture* fixture = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + integrity_only_empty_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_empty_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + integrity_only_empty_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_empty_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + privacy_integrity_empty_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_empty_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + privacy_integrity_empty_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_empty_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); +} + +static void alts_iovec_record_protocol_unsync_seal_unseal_tests() { + alts_iovec_record_protocol_test_fixture* fixture = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + integrity_only_unsync_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_unsync_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + integrity_only_unsync_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_unsync_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + privacy_integrity_unsync_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_unsync_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + privacy_integrity_unsync_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_unsync_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); +} + +static void alts_iovec_record_protocol_corrupted_data_tests() { + alts_iovec_record_protocol_test_fixture* fixture = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + integrity_only_corrupted_data(fixture->client_protect, + fixture->server_unprotect); + integrity_only_corrupted_data(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + integrity_only_corrupted_data(fixture->client_protect, + fixture->server_unprotect); + integrity_only_corrupted_data(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + privacy_integrity_corrupted_data(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_corrupted_data(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + privacy_integrity_corrupted_data(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_corrupted_data(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); +} + +static void alts_iovec_record_protocol_input_check_tests() { + alts_iovec_record_protocol_test_fixture* fixture = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + integrity_only_protect_input_check(fixture->client_protect); + integrity_only_unprotect_input_check(fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + integrity_only_protect_input_check(fixture->client_protect); + integrity_only_unprotect_input_check(fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + privacy_integrity_protect_input_check(fixture->client_protect); + privacy_integrity_unprotect_input_check(fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + privacy_integrity_protect_input_check(fixture->client_protect); + privacy_integrity_unprotect_input_check(fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); +} + +static void alts_iovec_record_protocol_mix_operations_tests() { + alts_iovec_record_protocol_test_fixture* fixture_1 = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + alts_iovec_record_protocol_test_fixture* fixture_2 = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + + record_protocol_wrong_mode( + fixture_1->client_protect, fixture_1->client_unprotect, + fixture_2->client_protect, fixture_2->client_unprotect); + integrity_seal_privacy_unseal(fixture_1->client_protect, + fixture_2->server_unprotect); + privacy_seal_integrity_unseal(fixture_2->client_protect, + fixture_1->server_unprotect); + + alts_iovec_record_protocol_test_fixture_destroy(fixture_1); + alts_iovec_record_protocol_test_fixture_destroy(fixture_2); +} + +int main(int argc, char** argv) { + alts_iovec_record_protocol_random_seal_unseal_tests(); + alts_iovec_record_protocol_empty_seal_unseal_tests(); + alts_iovec_record_protocol_unsync_seal_unseal_tests(); + alts_iovec_record_protocol_corrupted_data_tests(); + alts_iovec_record_protocol_input_check_tests(); + alts_iovec_record_protocol_mix_operations_tests(); + return 0; +} diff --git a/test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc b/test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc new file mode 100644 index 0000000000..2388be95cd --- /dev/null +++ b/test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc @@ -0,0 +1,289 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/slice_buffer.h> +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/slice/slice_internal.h" +#include "src/core/tsi/alts/crypt/gsec.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h" +#include "src/core/tsi/transport_security_grpc.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +/* TODO: tests zero_copy_grpc_protector under TSI test library, which + * has more comprehensive tests. */ + +constexpr size_t kSealRepeatTimes = 50; +constexpr size_t kSmallBufferSize = 16; +constexpr size_t kLargeBufferSize = 16384; +constexpr size_t kChannelMaxSize = 2048; +constexpr size_t kChannelMinSize = 128; + +/* Test fixtures for each test cases. */ +struct alts_zero_copy_grpc_protector_test_fixture { + tsi_zero_copy_grpc_protector* client; + tsi_zero_copy_grpc_protector* server; +}; + +/* Test input variables for protect/unprotect operations. */ +struct alts_zero_copy_grpc_protector_test_var { + grpc_slice_buffer original_sb; + grpc_slice_buffer duplicate_sb; + grpc_slice_buffer staging_sb; + grpc_slice_buffer protected_sb; + grpc_slice_buffer unprotected_sb; +}; + +/* --- Test utility functions. --- */ + +static void create_random_slice_buffer(grpc_slice_buffer* sb, + grpc_slice_buffer* dup_sb, + size_t length) { + GPR_ASSERT(sb != nullptr); + GPR_ASSERT(dup_sb != nullptr); + GPR_ASSERT(length > 0); + grpc_slice slice = GRPC_SLICE_MALLOC(length); + gsec_test_random_bytes(GRPC_SLICE_START_PTR(slice), length); + grpc_slice_buffer_add(sb, grpc_slice_ref(slice)); + grpc_slice_buffer_add(dup_sb, slice); +} + +static uint8_t* pointer_to_nth_byte(grpc_slice_buffer* sb, size_t index) { + GPR_ASSERT(sb != nullptr); + GPR_ASSERT(index < sb->length); + for (size_t i = 0; i < sb->count; i++) { + if (index < GRPC_SLICE_LENGTH(sb->slices[i])) { + return GRPC_SLICE_START_PTR(sb->slices[i]) + index; + } else { + index -= GRPC_SLICE_LENGTH(sb->slices[i]); + } + } + return nullptr; +} + +/* Checks if two slice buffer contents are the same. It is not super efficient, + * but OK for testing. */ +static bool are_slice_buffers_equal(grpc_slice_buffer* first, + grpc_slice_buffer* second) { + GPR_ASSERT(first != nullptr); + GPR_ASSERT(second != nullptr); + if (first->length != second->length) { + return false; + } + for (size_t i = 0; i < first->length; i++) { + uint8_t* first_ptr = pointer_to_nth_byte(first, i); + uint8_t* second_ptr = pointer_to_nth_byte(second, i); + GPR_ASSERT(first_ptr != nullptr && second_ptr != nullptr); + if ((*first_ptr) != (*second_ptr)) { + return false; + } + } + return true; +} + +static alts_zero_copy_grpc_protector_test_fixture* +alts_zero_copy_grpc_protector_test_fixture_create(bool rekey, + bool integrity_only) { + alts_zero_copy_grpc_protector_test_fixture* fixture = + static_cast<alts_zero_copy_grpc_protector_test_fixture*>( + gpr_zalloc(sizeof(alts_zero_copy_grpc_protector_test_fixture))); + grpc_core::ExecCtx exec_ctx; + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + uint8_t* key; + size_t max_protected_frame_size = 1024; + gsec_test_random_array(&key, key_length); + GPR_ASSERT(alts_zero_copy_grpc_protector_create( + key, key_length, rekey, /*is_client=*/true, integrity_only, + &max_protected_frame_size, &fixture->client) == TSI_OK); + GPR_ASSERT(alts_zero_copy_grpc_protector_create( + key, key_length, rekey, /*is_client=*/false, integrity_only, + &max_protected_frame_size, &fixture->server) == TSI_OK); + gpr_free(key); + grpc_core::ExecCtx::Get()->Flush(); + return fixture; +} + +static void alts_zero_copy_grpc_protector_test_fixture_destroy( + alts_zero_copy_grpc_protector_test_fixture* fixture) { + if (fixture == nullptr) { + return; + } + grpc_core::ExecCtx exec_ctx; + tsi_zero_copy_grpc_protector_destroy(fixture->client); + tsi_zero_copy_grpc_protector_destroy(fixture->server); + grpc_core::ExecCtx::Get()->Flush(); + gpr_free(fixture); +} + +static alts_zero_copy_grpc_protector_test_var* +alts_zero_copy_grpc_protector_test_var_create() { + alts_zero_copy_grpc_protector_test_var* var = + static_cast<alts_zero_copy_grpc_protector_test_var*>( + gpr_zalloc(sizeof(alts_zero_copy_grpc_protector_test_var))); + grpc_slice_buffer_init(&var->original_sb); + grpc_slice_buffer_init(&var->duplicate_sb); + grpc_slice_buffer_init(&var->staging_sb); + grpc_slice_buffer_init(&var->protected_sb); + grpc_slice_buffer_init(&var->unprotected_sb); + return var; +} + +static void alts_zero_copy_grpc_protector_test_var_destroy( + alts_zero_copy_grpc_protector_test_var* var) { + if (var == nullptr) { + return; + } + grpc_slice_buffer_destroy_internal(&var->original_sb); + grpc_slice_buffer_destroy_internal(&var->duplicate_sb); + grpc_slice_buffer_destroy_internal(&var->staging_sb); + grpc_slice_buffer_destroy_internal(&var->protected_sb); + grpc_slice_buffer_destroy_internal(&var->unprotected_sb); + gpr_free(var); +} + +/* --- ALTS zero-copy protector tests. --- */ + +static void seal_unseal_small_buffer(tsi_zero_copy_grpc_protector* sender, + tsi_zero_copy_grpc_protector* receiver) { + grpc_core::ExecCtx exec_ctx; + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_zero_copy_grpc_protector_test_var* var = + alts_zero_copy_grpc_protector_test_var_create(); + /* Creates a random small slice buffer and calls protect(). */ + create_random_slice_buffer(&var->original_sb, &var->duplicate_sb, + kSmallBufferSize); + GPR_ASSERT(tsi_zero_copy_grpc_protector_protect( + sender, &var->original_sb, &var->protected_sb) == TSI_OK); + /* Splits protected slice buffer into two: first one is staging_sb, and + * second one is is protected_sb. */ + uint32_t staging_sb_size = + gsec_test_bias_random_uint32( + static_cast<uint32_t>(var->protected_sb.length - 1)) + + 1; + grpc_slice_buffer_move_first(&var->protected_sb, staging_sb_size, + &var->staging_sb); + /* Unprotects one by one. */ + GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect( + receiver, &var->staging_sb, &var->unprotected_sb) == TSI_OK); + GPR_ASSERT(var->unprotected_sb.length == 0); + GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect( + receiver, &var->protected_sb, &var->unprotected_sb) == + TSI_OK); + GPR_ASSERT( + are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb)); + alts_zero_copy_grpc_protector_test_var_destroy(var); + } + grpc_core::ExecCtx::Get()->Flush(); +} + +static void seal_unseal_large_buffer(tsi_zero_copy_grpc_protector* sender, + tsi_zero_copy_grpc_protector* receiver) { + grpc_core::ExecCtx exec_ctx; + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_zero_copy_grpc_protector_test_var* var = + alts_zero_copy_grpc_protector_test_var_create(); + /* Creates a random large slice buffer and calls protect(). */ + create_random_slice_buffer(&var->original_sb, &var->duplicate_sb, + kLargeBufferSize); + GPR_ASSERT(tsi_zero_copy_grpc_protector_protect( + sender, &var->original_sb, &var->protected_sb) == TSI_OK); + /* Splits protected slice buffer into multiple pieces. Receiver unprotects + * each slice buffer one by one. */ + uint32_t channel_size = gsec_test_bias_random_uint32(static_cast<uint32_t>( + kChannelMaxSize + 1 - kChannelMinSize)) + + static_cast<uint32_t>(kChannelMinSize); + while (var->protected_sb.length > channel_size) { + grpc_slice_buffer_reset_and_unref_internal(&var->staging_sb); + grpc_slice_buffer_move_first(&var->protected_sb, channel_size, + &var->staging_sb); + GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect( + receiver, &var->staging_sb, &var->unprotected_sb) == + TSI_OK); + } + GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect( + receiver, &var->protected_sb, &var->unprotected_sb) == + TSI_OK); + GPR_ASSERT( + are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb)); + alts_zero_copy_grpc_protector_test_var_destroy(var); + } + grpc_core::ExecCtx::Get()->Flush(); +} + +/* --- Test cases. --- */ + +static void alts_zero_copy_protector_seal_unseal_small_buffer_tests() { + alts_zero_copy_grpc_protector_test_fixture* fixture = + alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + seal_unseal_small_buffer(fixture->client, fixture->server); + seal_unseal_small_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + seal_unseal_small_buffer(fixture->client, fixture->server); + seal_unseal_small_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + seal_unseal_small_buffer(fixture->client, fixture->server); + seal_unseal_small_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + seal_unseal_small_buffer(fixture->client, fixture->server); + seal_unseal_small_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); +} + +static void alts_zero_copy_protector_seal_unseal_large_buffer_tests() { + alts_zero_copy_grpc_protector_test_fixture* fixture = + alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + seal_unseal_large_buffer(fixture->client, fixture->server); + seal_unseal_large_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + seal_unseal_large_buffer(fixture->client, fixture->server); + seal_unseal_large_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + seal_unseal_large_buffer(fixture->client, fixture->server); + seal_unseal_large_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + seal_unseal_large_buffer(fixture->client, fixture->server); + seal_unseal_large_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); +} + +int main(int argc, char** argv) { + alts_zero_copy_protector_seal_unseal_small_buffer_tests(); + alts_zero_copy_protector_seal_unseal_large_buffer_tests(); + return 0; +} diff --git a/test/core/tsi/fake_transport_security_test.cc b/test/core/tsi/fake_transport_security_test.cc index bec81ed42f..5e6671965d 100644 --- a/test/core/tsi/fake_transport_security_test.cc +++ b/test/core/tsi/fake_transport_security_test.cc @@ -107,7 +107,7 @@ void fake_tsi_test_do_round_trip_for_all_configs() { tsi_test_frame_protector_config_destroy(fake_fixture->base.config); fake_fixture->base.config = tsi_test_frame_protector_config_create( bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4], - bit_array[5], bit_array[6], bit_array[7]); + bit_array[5], bit_array[6]); tsi_test_do_round_trip(&fake_fixture->base); tsi_test_fixture_destroy(fixture); } diff --git a/test/core/tsi/ssl_transport_security_test.cc b/test/core/tsi/ssl_transport_security_test.cc index 8f255a3d35..d9eb7470d5 100644 --- a/test/core/tsi/ssl_transport_security_test.cc +++ b/test/core/tsi/ssl_transport_security_test.cc @@ -528,7 +528,7 @@ void ssl_tsi_test_do_round_trip_for_all_configs() { tsi_test_frame_protector_config_destroy(ssl_fixture->base.config); ssl_fixture->base.config = tsi_test_frame_protector_config_create( bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4], - bit_array[5], bit_array[6], bit_array[7]); + bit_array[5], bit_array[6]); tsi_test_do_round_trip(&ssl_fixture->base); tsi_test_fixture_destroy(fixture); } diff --git a/test/core/tsi/transport_security_test_lib.cc b/test/core/tsi/transport_security_test_lib.cc index 8ea83f7088..26349dbfca 100644 --- a/test/core/tsi/transport_security_test_lib.cc +++ b/test/core/tsi/transport_security_test_lib.cc @@ -110,27 +110,29 @@ static void check_handshake_results(tsi_test_fixture* fixture) { fixture->vtable->check_handshaker_peers(fixture); /* Check unused bytes. */ if (fixture->test_unused_bytes) { + tsi_test_channel* channel = fixture->channel; if (fixture->server_result != nullptr && fixture->client_result != nullptr) { check_unused_bytes(fixture); } - fixture->bytes_written_to_server_channel = 0; - fixture->bytes_written_to_client_channel = 0; - fixture->bytes_read_from_client_channel = 0; - fixture->bytes_read_from_server_channel = 0; + channel->bytes_written_to_server_channel = 0; + channel->bytes_written_to_client_channel = 0; + channel->bytes_read_from_client_channel = 0; + channel->bytes_read_from_server_channel = 0; } } -static void send_bytes_to_peer(tsi_test_fixture* fixture, +static void send_bytes_to_peer(tsi_test_channel* test_channel, const unsigned char* buf, size_t buf_size, bool is_client) { - GPR_ASSERT(fixture != nullptr); + GPR_ASSERT(test_channel != nullptr); GPR_ASSERT(buf != nullptr); uint8_t* channel = - is_client ? fixture->server_channel : fixture->client_channel; + is_client ? test_channel->server_channel : test_channel->client_channel; GPR_ASSERT(channel != nullptr); - size_t* bytes_written = is_client ? &fixture->bytes_written_to_server_channel - : &fixture->bytes_written_to_client_channel; + size_t* bytes_written = is_client + ? &test_channel->bytes_written_to_server_channel + : &test_channel->bytes_written_to_client_channel; GPR_ASSERT(bytes_written != nullptr); GPR_ASSERT(*bytes_written + buf_size <= TSI_TEST_DEFAULT_CHANNEL_SIZE); /* Write data to channel. */ @@ -145,7 +147,8 @@ static void maybe_append_unused_bytes(handshaker_args* args) { if (fixture->test_unused_bytes && !args->appended_unused_bytes) { args->appended_unused_bytes = true; send_bytes_to_peer( - fixture, reinterpret_cast<const unsigned char*>(TSI_TEST_UNUSED_BYTES), + fixture->channel, + reinterpret_cast<const unsigned char*>(TSI_TEST_UNUSED_BYTES), strlen(TSI_TEST_UNUSED_BYTES), args->is_client); if (fixture->client_result != nullptr && fixture->server_result == nullptr) { @@ -154,19 +157,21 @@ static void maybe_append_unused_bytes(handshaker_args* args) { } } -static void receive_bytes_from_peer(tsi_test_fixture* fixture, +static void receive_bytes_from_peer(tsi_test_channel* test_channel, unsigned char** buf, size_t* buf_size, bool is_client) { - GPR_ASSERT(fixture != nullptr); + GPR_ASSERT(test_channel != nullptr); GPR_ASSERT(*buf != nullptr); GPR_ASSERT(buf_size != nullptr); uint8_t* channel = - is_client ? fixture->client_channel : fixture->server_channel; + is_client ? test_channel->client_channel : test_channel->server_channel; GPR_ASSERT(channel != nullptr); - size_t* bytes_read = is_client ? &fixture->bytes_read_from_client_channel - : &fixture->bytes_read_from_server_channel; - size_t* bytes_written = is_client ? &fixture->bytes_written_to_client_channel - : &fixture->bytes_written_to_server_channel; + size_t* bytes_read = is_client + ? &test_channel->bytes_read_from_client_channel + : &test_channel->bytes_read_from_server_channel; + size_t* bytes_written = is_client + ? &test_channel->bytes_written_to_client_channel + : &test_channel->bytes_written_to_server_channel; GPR_ASSERT(bytes_read != nullptr); GPR_ASSERT(bytes_written != nullptr); size_t to_read = *buf_size < *bytes_written - *bytes_read @@ -178,14 +183,13 @@ static void receive_bytes_from_peer(tsi_test_fixture* fixture, *bytes_read += to_read; } -static void send_message_to_peer(tsi_test_fixture* fixture, - tsi_frame_protector* protector, - bool is_client) { +void tsi_test_frame_protector_send_message_to_peer( + tsi_test_frame_protector_config* config, tsi_test_channel* channel, + tsi_frame_protector* protector, bool is_client) { /* Initialization. */ - GPR_ASSERT(fixture != nullptr); - GPR_ASSERT(fixture->config != nullptr); + GPR_ASSERT(config != nullptr); + GPR_ASSERT(channel != nullptr); GPR_ASSERT(protector != nullptr); - tsi_test_frame_protector_config* config = fixture->config; unsigned char* protected_buffer = static_cast<unsigned char*>(gpr_zalloc(config->protected_buffer_size)); size_t message_size = @@ -205,7 +209,7 @@ static void send_message_to_peer(tsi_test_fixture* fixture, &protected_buffer_size_to_send); GPR_ASSERT(result == TSI_OK); /* Send protected data to peer. */ - send_bytes_to_peer(fixture, protected_buffer, protected_buffer_size_to_send, + send_bytes_to_peer(channel, protected_buffer, protected_buffer_size_to_send, is_client); message_bytes += processed_message_size; message_size -= processed_message_size; @@ -218,7 +222,7 @@ static void send_message_to_peer(tsi_test_fixture* fixture, protector, protected_buffer, &protected_buffer_size_to_send, &still_pending_size); GPR_ASSERT(result == TSI_OK); - send_bytes_to_peer(fixture, protected_buffer, + send_bytes_to_peer(channel, protected_buffer, protected_buffer_size_to_send, is_client); } while (still_pending_size > 0 && result == TSI_OK); GPR_ASSERT(result == TSI_OK); @@ -228,17 +232,16 @@ static void send_message_to_peer(tsi_test_fixture* fixture, gpr_free(protected_buffer); } -static void receive_message_from_peer(tsi_test_fixture* fixture, - tsi_frame_protector* protector, - unsigned char* message, - size_t* bytes_received, bool is_client) { +void tsi_test_frame_protector_receive_message_from_peer( + tsi_test_frame_protector_config* config, tsi_test_channel* channel, + tsi_frame_protector* protector, unsigned char* message, + size_t* bytes_received, bool is_client) { /* Initialization. */ - GPR_ASSERT(fixture != nullptr); + GPR_ASSERT(config != nullptr); + GPR_ASSERT(channel != nullptr); GPR_ASSERT(protector != nullptr); GPR_ASSERT(message != nullptr); GPR_ASSERT(bytes_received != nullptr); - GPR_ASSERT(fixture->config != nullptr); - tsi_test_frame_protector_config* config = fixture->config; size_t read_offset = 0; size_t message_offset = 0; size_t read_from_peer_size = 0; @@ -253,7 +256,7 @@ static void receive_message_from_peer(tsi_test_fixture* fixture, /* Receive data from peer. */ if (read_from_peer_size == 0) { read_from_peer_size = config->read_buffer_allocated_size; - receive_bytes_from_peer(fixture, &read_buffer, &read_from_peer_size, + receive_bytes_from_peer(channel, &read_buffer, &read_from_peer_size, is_client); read_offset = 0; } @@ -314,7 +317,7 @@ grpc_error* on_handshake_next_done(tsi_result result, void* user_data, } /* Send data to peer, if needed. */ if (bytes_to_send_size > 0) { - send_bytes_to_peer(args->fixture, bytes_to_send, bytes_to_send_size, + send_bytes_to_peer(fixture->channel, bytes_to_send, bytes_to_send_size, args->is_client); args->transferred_data = true; } @@ -361,8 +364,8 @@ static void do_handshaker_next(handshaker_args* args) { /* Receive data from peer, if available. */ do { size_t buf_size = args->handshake_buffer_size; - receive_bytes_from_peer(args->fixture, &args->handshake_buffer, &buf_size, - args->is_client); + receive_bytes_from_peer(fixture->channel, &args->handshake_buffer, + &buf_size, args->is_client); if (buf_size > 0) { args->transferred_data = true; } @@ -411,6 +414,50 @@ void tsi_test_do_handshake(tsi_test_fixture* fixture) { handshaker_args_destroy(server_args); } +static void tsi_test_do_ping_pong(tsi_test_frame_protector_config* config, + tsi_test_channel* channel, + tsi_frame_protector* client_frame_protector, + tsi_frame_protector* server_frame_protector) { + GPR_ASSERT(config != nullptr); + GPR_ASSERT(channel != nullptr); + GPR_ASSERT(client_frame_protector != nullptr); + GPR_ASSERT(server_frame_protector != nullptr); + /* Client sends a message to server. */ + tsi_test_frame_protector_send_message_to_peer( + config, channel, client_frame_protector, true /* is_client */); + unsigned char* server_received_message = + static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); + size_t server_received_message_size = 0; + tsi_test_frame_protector_receive_message_from_peer( + config, channel, server_frame_protector, server_received_message, + &server_received_message_size, false /* is_client */); + GPR_ASSERT(config->client_message_size == server_received_message_size); + GPR_ASSERT(memcmp(config->client_message, server_received_message, + server_received_message_size) == 0); + /* Server sends a message to client. */ + tsi_test_frame_protector_send_message_to_peer( + config, channel, server_frame_protector, false /* is_client */); + unsigned char* client_received_message = + static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); + size_t client_received_message_size = 0; + tsi_test_frame_protector_receive_message_from_peer( + config, channel, client_frame_protector, client_received_message, + &client_received_message_size, true /* is_client */); + GPR_ASSERT(config->server_message_size == client_received_message_size); + GPR_ASSERT(memcmp(config->server_message, client_received_message, + client_received_message_size) == 0); + gpr_free(server_received_message); + gpr_free(client_received_message); +} + +void tsi_test_frame_protector_do_round_trip_no_handshake( + tsi_test_frame_protector_fixture* fixture) { + GPR_ASSERT(fixture != nullptr); + tsi_test_do_ping_pong(fixture->config, fixture->channel, + fixture->client_frame_protector, + fixture->server_frame_protector); +} + void tsi_test_do_round_trip(tsi_test_fixture* fixture) { /* Initialization. */ GPR_ASSERT(fixture != nullptr); @@ -437,33 +484,11 @@ void tsi_test_do_round_trip(tsi_test_fixture* fixture) { ? nullptr : &server_max_output_protected_frame_size, &server_frame_protector) == TSI_OK); - /* Client sends a message to server. */ - send_message_to_peer(fixture, client_frame_protector, true /* is_client */); - unsigned char* server_received_message = - static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); - size_t server_received_message_size = 0; - receive_message_from_peer( - fixture, server_frame_protector, server_received_message, - &server_received_message_size, false /* is_client */); - GPR_ASSERT(config->client_message_size == server_received_message_size); - GPR_ASSERT(memcmp(config->client_message, server_received_message, - server_received_message_size) == 0); - /* Server sends a message to client. */ - send_message_to_peer(fixture, server_frame_protector, false /* is_client */); - unsigned char* client_received_message = - static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); - size_t client_received_message_size = 0; - receive_message_from_peer( - fixture, client_frame_protector, client_received_message, - &client_received_message_size, true /* is_client */); - GPR_ASSERT(config->server_message_size == client_received_message_size); - GPR_ASSERT(memcmp(config->server_message, client_received_message, - client_received_message_size) == 0); + tsi_test_do_ping_pong(config, fixture->channel, client_frame_protector, + server_frame_protector); /* Destroy server and client frame protectors. */ tsi_frame_protector_destroy(client_frame_protector); tsi_frame_protector_destroy(server_frame_protector); - gpr_free(server_received_message); - gpr_free(client_received_message); } static unsigned char* generate_random_message(size_t size) { @@ -483,8 +508,7 @@ tsi_test_frame_protector_config* tsi_test_frame_protector_config_create( bool use_default_protected_buffer_size, bool use_default_client_message, bool use_default_server_message, bool use_default_client_max_output_protected_frame_size, - bool use_default_server_max_output_protected_frame_size, - bool use_default_handshake_buffer_size) { + bool use_default_server_max_output_protected_frame_size) { tsi_test_frame_protector_config* config = static_cast<tsi_test_frame_protector_config*>( gpr_zalloc(sizeof(*config))); @@ -552,24 +576,42 @@ void tsi_test_frame_protector_config_set_buffer_size( void tsi_test_frame_protector_config_destroy( tsi_test_frame_protector_config* config) { - GPR_ASSERT(config != nullptr); + if (config == nullptr) { + return; + } gpr_free(config->client_message); gpr_free(config->server_message); gpr_free(config); } +static tsi_test_channel* tsi_test_channel_create() { + tsi_test_channel* channel = + static_cast<tsi_test_channel*>(gpr_zalloc(sizeof(*channel))); + channel->client_channel = + static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); + channel->server_channel = + static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); + channel->bytes_written_to_client_channel = 0; + channel->bytes_written_to_server_channel = 0; + channel->bytes_read_from_client_channel = 0; + channel->bytes_read_from_server_channel = 0; + return channel; +} + +static void tsi_test_channel_destroy(tsi_test_channel* channel) { + if (channel == nullptr) { + return; + } + gpr_free(channel->client_channel); + gpr_free(channel->server_channel); + gpr_free(channel); +} + void tsi_test_fixture_init(tsi_test_fixture* fixture) { fixture->config = tsi_test_frame_protector_config_create( - true, true, true, true, true, true, true, true); + true, true, true, true, true, true, true); fixture->handshake_buffer_size = TSI_TEST_DEFAULT_BUFFER_SIZE; - fixture->client_channel = - static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); - fixture->server_channel = - static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); - fixture->bytes_written_to_client_channel = 0; - fixture->bytes_written_to_server_channel = 0; - fixture->bytes_read_from_client_channel = 0; - fixture->bytes_read_from_server_channel = 0; + fixture->channel = tsi_test_channel_create(); fixture->test_unused_bytes = true; fixture->has_client_finished_first = false; gpr_mu_init(&fixture->mu); @@ -578,14 +620,15 @@ void tsi_test_fixture_init(tsi_test_fixture* fixture) { } void tsi_test_fixture_destroy(tsi_test_fixture* fixture) { - GPR_ASSERT(fixture != nullptr); + if (fixture == nullptr) { + return; + } tsi_test_frame_protector_config_destroy(fixture->config); tsi_handshaker_destroy(fixture->client_handshaker); tsi_handshaker_destroy(fixture->server_handshaker); tsi_handshaker_result_destroy(fixture->client_result); tsi_handshaker_result_destroy(fixture->server_result); - gpr_free(fixture->client_channel); - gpr_free(fixture->server_channel); + tsi_test_channel_destroy(fixture->channel); GPR_ASSERT(fixture->vtable != nullptr); GPR_ASSERT(fixture->vtable->destruct != nullptr); fixture->vtable->destruct(fixture); @@ -593,3 +636,34 @@ void tsi_test_fixture_destroy(tsi_test_fixture* fixture) { gpr_cv_destroy(&fixture->cv); gpr_free(fixture); } + +tsi_test_frame_protector_fixture* tsi_test_frame_protector_fixture_create() { + tsi_test_frame_protector_fixture* fixture = + static_cast<tsi_test_frame_protector_fixture*>( + gpr_zalloc(sizeof(*fixture))); + fixture->config = tsi_test_frame_protector_config_create( + true, true, true, true, true, true, true); + fixture->channel = tsi_test_channel_create(); + return fixture; +} + +void tsi_test_frame_protector_fixture_init( + tsi_test_frame_protector_fixture* fixture, + tsi_frame_protector* client_frame_protector, + tsi_frame_protector* server_frame_protector) { + GPR_ASSERT(fixture != nullptr); + fixture->client_frame_protector = client_frame_protector; + fixture->server_frame_protector = server_frame_protector; +} + +void tsi_test_frame_protector_fixture_destroy( + tsi_test_frame_protector_fixture* fixture) { + if (fixture == nullptr) { + return; + } + tsi_test_frame_protector_config_destroy(fixture->config); + tsi_test_channel_destroy(fixture->channel); + tsi_frame_protector_destroy(fixture->client_frame_protector); + tsi_frame_protector_destroy(fixture->server_frame_protector); + gpr_free(fixture); +} diff --git a/test/core/tsi/transport_security_test_lib.h b/test/core/tsi/transport_security_test_lib.h index 9b07448cc5..b6a431f5a0 100644 --- a/test/core/tsi/transport_security_test_lib.h +++ b/test/core/tsi/transport_security_test_lib.h @@ -35,8 +35,8 @@ #define TSI_TEST_DEFAULT_CHANNEL_SIZE 32768 #define TSI_TEST_BIG_MESSAGE_SIZE 17000 #define TSI_TEST_SMALL_MESSAGE_SIZE 10 -#define TSI_TEST_NUM_OF_ARGUMENTS 8 -#define TSI_TEST_NUM_OF_COMBINATIONS 256 +#define TSI_TEST_NUM_OF_ARGUMENTS 7 +#define TSI_TEST_NUM_OF_COMBINATIONS 128 #define TSI_TEST_UNUSED_BYTES "HELLO GOOGLE" /* --- tsi_test_fixture object --- @@ -46,12 +46,22 @@ protect/unprotect operations with respect to TSI implementations. */ typedef struct tsi_test_fixture tsi_test_fixture; -/* --- tsi_test_frame_protector_config object --- +/* --- tsi_test_frame_protector_fixture object --- + The object wraps all necessary information used to test correctness of TSI + frame protector implementations. */ +typedef struct tsi_test_frame_protector_fixture + tsi_test_frame_protector_fixture; +/* --- tsi_test_frame_protector_config object --- This object is used to configure different parameters of TSI frame protector APIs. */ typedef struct tsi_test_frame_protector_config tsi_test_frame_protector_config; +/* --- tsi_test_channel object --- + This object represents simulated channels between the client and server + from/to which they could read/write the exchanged information. */ +typedef struct tsi_test_channel tsi_test_channel; + /* V-table for tsi_test_fixture operations that are implemented differently in different TSI implementations. */ typedef struct tsi_test_fixture_vtable { @@ -73,17 +83,8 @@ struct tsi_test_fixture { tsi_handshaker_result* server_result; /* size of buffer used to store data received from the peer. */ size_t handshake_buffer_size; - /* simulated channels between client and server. If the server (client) - wants to send data to the client (server), he will write data to - client_channel (server_channel), which will be read by client (server). */ - uint8_t* client_channel; - uint8_t* server_channel; - /* size of data written to the client/server channel. */ - size_t bytes_written_to_client_channel; - size_t bytes_written_to_server_channel; - /* size of data read from the client/server channel */ - size_t bytes_read_from_client_channel; - size_t bytes_read_from_server_channel; + /* tsi_test_channel instance. */ + tsi_test_channel* channel; /* tsi_test_frame_protector_config instance */ tsi_test_frame_protector_config* config; /* a flag indicating if client has finished TSI handshake first (i.e., before @@ -106,6 +107,30 @@ struct tsi_test_fixture { bool notified; }; +struct tsi_test_frame_protector_fixture { + /* client/server TSI frame protectors whose ownership are transferred. */ + tsi_frame_protector* client_frame_protector; + tsi_frame_protector* server_frame_protector; + /* tsi_test_channel instance. */ + tsi_test_channel* channel; + /* tsi_test_frame_protector_config instance */ + tsi_test_frame_protector_config* config; +}; + +struct tsi_test_channel { + /* simulated channels between client and server. If the server (client) + wants to send data to the client (server), he will write data to + client_channel (server_channel), which will be read by client (server). */ + uint8_t* client_channel; + uint8_t* server_channel; + /* size of data written to the client/server channel. */ + size_t bytes_written_to_client_channel; + size_t bytes_written_to_server_channel; + /* size of data read from the client/server channel */ + size_t bytes_read_from_client_channel; + size_t bytes_read_from_server_channel; +}; + struct tsi_test_frame_protector_config { /* size of buffer used to store protected frames to be unprotected. */ size_t read_buffer_allocated_size; @@ -135,8 +160,7 @@ tsi_test_frame_protector_config* tsi_test_frame_protector_config_create( bool use_default_protected_buffer_size, bool use_default_client_message, bool use_default_server_message, bool use_default_client_max_output_protected_frame_size, - bool use_default_server_max_output_protected_frame_size, - bool use_default_handshake_buffer_size); + bool use_default_server_max_output_protected_frame_size); /* This method sets different buffer and frame sizes of a tsi_test_frame_protector_config instance with user provided values. */ @@ -160,6 +184,35 @@ void tsi_test_fixture_init(tsi_test_fixture* fixture); this function. */ void tsi_test_fixture_destroy(tsi_test_fixture* fixture); +/* This method creates a tsi_test_frame_protector_fixture instance. */ +tsi_test_frame_protector_fixture* tsi_test_frame_protector_fixture_create(); + +/* This method initializes members of tsi_test_frame_protector_fixture instance. + Note that the struct instance should be allocated before making + this call. */ +void tsi_test_frame_protector_fixture_init( + tsi_test_frame_protector_fixture* fixture, + tsi_frame_protector* client_frame_protector, + tsi_frame_protector* server_frame_protector); + +/* This method destroys a tsi_test_frame_protector_fixture instance. Note that + the fixture intance must be dynamically allocated and will be freed by this + function. */ +void tsi_test_frame_protector_fixture_destroy( + tsi_test_frame_protector_fixture* fixture); + +/* This method performs a protect opeation on raw data and sends the result to + peer. */ +void tsi_test_frame_protector_send_message_to_peer( + tsi_test_frame_protector_config* config, tsi_test_channel* channel, + tsi_frame_protector* protector, bool is_client); + +/* This method receives message from peer and unprotects it. */ +void tsi_test_frame_protector_receive_message_from_peer( + tsi_test_frame_protector_config* config, tsi_test_channel* channel, + tsi_frame_protector* protector, unsigned char* message, + size_t* bytes_received, bool is_client); + /* This method performs a full TSI handshake between a client and a server. Note that the test library will implement the new TSI handshaker API to perform handshakes. */ @@ -171,4 +224,8 @@ void tsi_test_do_handshake(tsi_test_fixture* fixture); the client and server switching its role. */ void tsi_test_do_round_trip(tsi_test_fixture* fixture); +/* This method performs the above round trip test without doing handshakes. */ +void tsi_test_frame_protector_do_round_trip_no_handshake( + tsi_test_frame_protector_fixture* fixture); + #endif // GRPC_TEST_CORE_TSI_TRANSPORT_SECURITY_TEST_LIB_H_ diff --git a/third_party/nanopb/pb.h b/third_party/nanopb/pb.h index 4576f79abc..62dca73f4f 100644 --- a/third_party/nanopb/pb.h +++ b/third_party/nanopb/pb.h @@ -25,7 +25,7 @@ /* #define PB_FIELD_16BIT 1 */ /* Add support for tag numbers > 65536 and fields larger than 65536 bytes. */ -/* #define PB_FIELD_32BIT 1 */ +/* #define PB_FIELD_32BIT 1 */ /* Disable support for error messages in order to save some code space. */ /* #define PB_NO_ERRMSG 1 */ diff --git a/tools/codegen/core/gen_nano_proto.sh b/tools/codegen/core/gen_nano_proto.sh index 4246840173..6ce15178bd 100755 --- a/tools/codegen/core/gen_nano_proto.sh +++ b/tools/codegen/core/gen_nano_proto.sh @@ -43,9 +43,9 @@ if [[ ! -f "$INPUT_PROTO" ]]; then echo "Input proto file '$INPUT_PROTO' doesn't exist." exit 2 fi + if [[ ! -f "${EXPECTED_OPTIONS_FILE_PATH}" ]]; then - echo "Expected nanopb options file '${EXPECTED_OPTIONS_FILE_PATH}' missing" - exit 3 + echo "Input proto file may need .options file to be correctly compiled." fi if [[ "${OUTPUT_DIR:0:1}" != '/' ]]; then @@ -81,6 +81,11 @@ readonly PROTO_BASENAME=$(basename $INPUT_PROTO .proto) sed -i "s:$PROTO_BASENAME.pb.h:${GRPC_OUTPUT_DIR}/$PROTO_BASENAME.pb.h:g" \ "$OUTPUT_DIR/$PROTO_BASENAME.pb.c" +if [ $PROTO_BASENAME == "handshaker" ] || [ $PROTO_BASENAME == "altscontext" ]; then + sed -i "s:transport_security_common.pb.h:${GRPC_OUTPUT_DIR}/transport_security_common.pb.h:g" \ + "$OUTPUT_DIR/$PROTO_BASENAME.pb.h" +fi + # Fix up the include guards such that they pass the check_include_guards.py # test. Assumes that the generated files are being placed in gRPC src dir. readonly INCLUDE_GUARD_BASE=`echo $GRPC_OUTPUT_DIR | tr [a-z/] [A-Z_] | sed s:^.*SRC_::` diff --git a/tools/distrib/check_copyright.py b/tools/distrib/check_copyright.py index 6e1a303fb0..e7893a1fd5 100755 --- a/tools/distrib/check_copyright.py +++ b/tools/distrib/check_copyright.py @@ -77,6 +77,12 @@ _EXEMPT = frozenset(( 'examples/python/route_guide/route_guide_pb2_grpc.py', 'src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c', + 'src/core/tsi/alts/handshaker/altscontext.pb.h', + 'src/core/tsi/alts/handshaker/altscontext.pb.c', + 'src/core/tsi/alts/handshaker/handshaker.pb.h', + 'src/core/tsi/alts/handshaker/handshaker.pb.c', + 'src/core/tsi/alts/handshaker/transport_security_common.pb.h', + 'src/core/tsi/alts/handshaker/transport_security_common.pb.c', 'src/cpp/server/health/health.pb.h', 'src/cpp/server/health/health.pb.c', diff --git a/tools/distrib/check_include_guards.py b/tools/distrib/check_include_guards.py index 05d34c2b28..b356a74d2d 100755 --- a/tools/distrib/check_include_guards.py +++ b/tools/distrib/check_include_guards.py @@ -157,6 +157,9 @@ args = argp.parse_args() KNOWN_BAD = set([ 'src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h', + 'src/core/tsi/alts/handshaker/altscontext.pb.h', + 'src/core/tsi/alts/handshaker/handshaker.pb.h', + 'src/core/tsi/alts/handshaker/transport_security_common.pb.h', 'include/grpc++/ext/reflection.grpc.pb.h', 'include/grpc++/ext/reflection.pb.h', ]) diff --git a/tools/distrib/check_nanopb_output.sh b/tools/distrib/check_nanopb_output.sh index a30b73f689..8b5823b938 100755 --- a/tools/distrib/check_nanopb_output.sh +++ b/tools/distrib/check_nanopb_output.sh @@ -15,6 +15,7 @@ set -ex +readonly NANOPB_ALTS_TMP_OUTPUT="$(mktemp -d)" readonly NANOPB_TMP_OUTPUT="$(mktemp -d)" readonly PROTOBUF_INSTALL_PREFIX="$(mktemp -d)" @@ -55,3 +56,29 @@ if ! diff -r "$NANOPB_TMP_OUTPUT" src/core/ext/filters/client_channel/lb_policy/ echo "Outputs differ: $NANOPB_TMP_OUTPUT vs $LOAD_BALANCER_GRPC_OUTPUT_PATH" exit 2 fi + +# +# Checks for handshaker.proto and transport_security_common.proto +# +readonly HANDSHAKER_GRPC_OUTPUT_PATH='src/core/tsi/alts/handshaker' +# nanopb-compile the proto to a temp location +./tools/codegen/core/gen_nano_proto.sh \ + src/core/tsi/alts/handshaker/proto/handshaker.proto \ + "$NANOPB_ALTS_TMP_OUTPUT" \ + "$HANDSHAKER_GRPC_OUTPUT_PATH" +./tools/codegen/core/gen_nano_proto.sh \ + src/core/tsi/alts/handshaker/proto/transport_security_common.proto \ + "$NANOPB_ALTS_TMP_OUTPUT" \ + "$HANDSHAKER_GRPC_OUTPUT_PATH" +./tools/codegen/core/gen_nano_proto.sh \ + src/core/tsi/alts/handshaker/proto/altscontext.proto \ + "$NANOPB_ALTS_TMP_OUTPUT" \ + "$HANDSHAKER_GRPC_OUTPUT_PATH" + +# compare outputs to checked compiled code +for NANOPB_OUTPUT_FILE in $NANOPB_ALTS_TMP_OUTPUT/*.pb.*; do + if ! diff "$NANOPB_OUTPUT_FILE" "src/core/tsi/alts/handshaker/$(basename $NANOPB_OUTPUT_FILE)"; then + echo "Outputs differ: $NANOPB_ALTS_TMP_OUTPUT vs $HANDSHAKER_GRPC_OUTPUT_PATH" + exit 2 + fi +done diff --git a/tools/doxygen/Doxyfile.core.internal b/tools/doxygen/Doxyfile.core.internal index 57f9147f44..e7e9e04979 100644 --- a/tools/doxygen/Doxyfile.core.internal +++ b/tools/doxygen/Doxyfile.core.internal @@ -1284,6 +1284,17 @@ src/core/lib/profiling/stap_timers.cc \ src/core/lib/profiling/timers.h \ src/core/lib/security/context/security_context.cc \ src/core/lib/security/context/security_context.h \ +src/core/lib/security/credentials/alts/alts_credentials.cc \ +src/core/lib/security/credentials/alts/alts_credentials.h \ +src/core/lib/security/credentials/alts/check_gcp_environment.cc \ +src/core/lib/security/credentials/alts/check_gcp_environment.h \ +src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc \ +src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc \ +src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc \ +src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \ +src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \ +src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h \ +src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \ src/core/lib/security/credentials/composite/composite_credentials.cc \ src/core/lib/security/credentials/composite/composite_credentials.h \ src/core/lib/security/credentials/credentials.cc \ @@ -1308,6 +1319,8 @@ src/core/lib/security/credentials/plugin/plugin_credentials.cc \ src/core/lib/security/credentials/plugin/plugin_credentials.h \ src/core/lib/security/credentials/ssl/ssl_credentials.cc \ src/core/lib/security/credentials/ssl/ssl_credentials.h \ +src/core/lib/security/security_connector/alts_security_connector.cc \ +src/core/lib/security/security_connector/alts_security_connector.h \ src/core/lib/security/security_connector/security_connector.cc \ src/core/lib/security/security_connector/security_connector.h \ src/core/lib/security/transport/auth_filters.h \ @@ -1401,6 +1414,53 @@ src/core/lib/transport/transport_impl.h \ src/core/lib/transport/transport_op_string.cc \ src/core/plugin_registry/grpc_plugin_registry.cc \ src/core/tsi/README.md \ +src/core/tsi/alts/crypt/aes_gcm.cc \ +src/core/tsi/alts/crypt/gsec.cc \ +src/core/tsi/alts/crypt/gsec.h \ +src/core/tsi/alts/frame_protector/alts_counter.cc \ +src/core/tsi/alts/frame_protector/alts_counter.h \ +src/core/tsi/alts/frame_protector/alts_crypter.cc \ +src/core/tsi/alts/frame_protector/alts_crypter.h \ +src/core/tsi/alts/frame_protector/alts_frame_protector.cc \ +src/core/tsi/alts/frame_protector/alts_frame_protector.h \ +src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc \ +src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h \ +src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc \ +src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc \ +src/core/tsi/alts/frame_protector/frame_handler.cc \ +src/core/tsi/alts/frame_protector/frame_handler.h \ +src/core/tsi/alts/handshaker/alts_handshaker_client.cc \ +src/core/tsi/alts/handshaker/alts_handshaker_client.h \ +src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc \ +src/core/tsi/alts/handshaker/alts_handshaker_service_api.h \ +src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc \ +src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h \ +src/core/tsi/alts/handshaker/alts_tsi_event.cc \ +src/core/tsi/alts/handshaker/alts_tsi_event.h \ +src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc \ +src/core/tsi/alts/handshaker/alts_tsi_handshaker.h \ +src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h \ +src/core/tsi/alts/handshaker/alts_tsi_utils.cc \ +src/core/tsi/alts/handshaker/alts_tsi_utils.h \ +src/core/tsi/alts/handshaker/altscontext.pb.c \ +src/core/tsi/alts/handshaker/altscontext.pb.h \ +src/core/tsi/alts/handshaker/handshaker.pb.c \ +src/core/tsi/alts/handshaker/handshaker.pb.h \ +src/core/tsi/alts/handshaker/transport_security_common.pb.c \ +src/core/tsi/alts/handshaker/transport_security_common.pb.h \ +src/core/tsi/alts/handshaker/transport_security_common_api.cc \ +src/core/tsi/alts/handshaker/transport_security_common_api.h \ +src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc \ +src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h \ +src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc \ +src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h \ +src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h \ +src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc \ +src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h \ +src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc \ +src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h \ +src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc \ +src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h \ src/core/tsi/alts_transport_security.cc \ src/core/tsi/alts_transport_security.h \ src/core/tsi/fake_transport_security.cc \ diff --git a/tools/run_tests/generated/sources_and_headers.json b/tools/run_tests/generated/sources_and_headers.json index 6b8b26f41b..724967145e 100644 --- a/tools/run_tests/generated/sources_and_headers.json +++ b/tools/run_tests/generated/sources_and_headers.json @@ -2417,6 +2417,215 @@ }, { "deps": [ + "alts_test_util", + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_counter_test", + "src": [ + "test/core/tsi/alts/frame_protector/alts_counter_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "alts_test_util", + "gpr", + "gpr_test_util", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_crypt_test", + "src": [ + "test/core/tsi/alts/crypt/aes_gcm_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "alts_test_util", + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_crypter_test", + "src": [ + "test/core/tsi/alts/frame_protector/alts_crypter_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "alts_test_util", + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_frame_handler_test", + "src": [ + "test/core/tsi/alts/frame_protector/frame_handler_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "alts_test_util", + "gpr", + "grpc", + "transport_security_test_lib" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_frame_protector_test", + "src": [ + "test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "alts_test_util", + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_grpc_record_protocol_test", + "src": [ + "test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "alts_test_util", + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_handshaker_client_test", + "src": [ + "test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "alts_test_util", + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_handshaker_service_api_test", + "src": [ + "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "alts_test_util", + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_iovec_record_protocol_test", + "src": [ + "test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_security_connector_test", + "src": [ + "test/core/security/alts_security_connector_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "alts_test_util", + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_tsi_handshaker_test", + "src": [ + "test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "alts_test_util", + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_tsi_utils_test", + "src": [ + "test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "alts_test_util", + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "alts_zero_copy_grpc_protector_test", + "src": [ + "test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ "gpr", "gpr_test_util", "grpc", @@ -2828,6 +3037,36 @@ { "deps": [ "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "check_gcp_environment_linux_test", + "src": [ + "test/core/security/check_gcp_environment_linux_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "check_gcp_environment_windows_test", + "src": [ + "test/core/security/check_gcp_environment_windows_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "gpr", "gpr_test_util", "grpc", "grpc_test_util" @@ -3213,6 +3452,21 @@ { "deps": [ "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "grpc_alts_credentials_options_test", + "src": [ + "test/core/security/grpc_alts_credentials_options_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ + "gpr", "grpc", "grpc++", "grpc++_proto_reflection_desc_db", @@ -4373,6 +4627,22 @@ }, { "deps": [ + "alts_test_util", + "gpr", + "grpc" + ], + "headers": [], + "is_filegroup": false, + "language": "c++", + "name": "transport_security_common_api_test", + "src": [ + "test/core/tsi/alts/handshaker/transport_security_common_api_test.cc" + ], + "third_party": false, + "type": "target" + }, + { + "deps": [ "gpr", "gpr_test_util", "grpc", @@ -6291,6 +6561,26 @@ }, { "deps": [ + "grpc" + ], + "headers": [ + "test/core/tsi/alts/crypt/gsec_test_util.h", + "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + ], + "is_filegroup": false, + "language": "c", + "name": "alts_test_util", + "src": [ + "test/core/tsi/alts/crypt/gsec_test_util.cc", + "test/core/tsi/alts/crypt/gsec_test_util.h", + "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc", + "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + ], + "third_party": false, + "type": "lib" + }, + { + "deps": [ "gpr_base" ], "headers": [], @@ -8289,6 +8579,138 @@ }, { "deps": [ + "nanopb" + ], + "headers": [ + "src/core/tsi/alts/handshaker/altscontext.pb.h", + "src/core/tsi/alts/handshaker/handshaker.pb.h", + "src/core/tsi/alts/handshaker/transport_security_common.pb.h" + ], + "is_filegroup": true, + "language": "c", + "name": "alts_proto", + "src": [ + "src/core/tsi/alts/handshaker/altscontext.pb.c", + "src/core/tsi/alts/handshaker/altscontext.pb.h", + "src/core/tsi/alts/handshaker/handshaker.pb.c", + "src/core/tsi/alts/handshaker/handshaker.pb.h", + "src/core/tsi/alts/handshaker/transport_security_common.pb.c", + "src/core/tsi/alts/handshaker/transport_security_common.pb.h" + ], + "third_party": false, + "type": "filegroup" + }, + { + "deps": [ + "alts_util", + "gpr", + "grpc_base", + "grpc_transport_chttp2_client_insecure", + "tsi", + "tsi_interface" + ], + "headers": [ + "src/core/tsi/alts/crypt/gsec.h", + "src/core/tsi/alts/frame_protector/alts_counter.h", + "src/core/tsi/alts/frame_protector/alts_crypter.h", + "src/core/tsi/alts/frame_protector/alts_frame_protector.h", + "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h", + "src/core/tsi/alts/frame_protector/frame_handler.h", + "src/core/tsi/alts/handshaker/alts_handshaker_client.h", + "src/core/tsi/alts/handshaker/alts_tsi_event.h", + "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h", + "src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h" + ], + "is_filegroup": true, + "language": "c", + "name": "alts_tsi", + "src": [ + "src/core/tsi/alts/crypt/aes_gcm.cc", + "src/core/tsi/alts/crypt/gsec.cc", + "src/core/tsi/alts/crypt/gsec.h", + "src/core/tsi/alts/frame_protector/alts_counter.cc", + "src/core/tsi/alts/frame_protector/alts_counter.h", + "src/core/tsi/alts/frame_protector/alts_crypter.cc", + "src/core/tsi/alts/frame_protector/alts_crypter.h", + "src/core/tsi/alts/frame_protector/alts_frame_protector.cc", + "src/core/tsi/alts/frame_protector/alts_frame_protector.h", + "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc", + "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h", + "src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc", + "src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc", + "src/core/tsi/alts/frame_protector/frame_handler.cc", + "src/core/tsi/alts/frame_protector/frame_handler.h", + "src/core/tsi/alts/handshaker/alts_handshaker_client.cc", + "src/core/tsi/alts/handshaker/alts_handshaker_client.h", + "src/core/tsi/alts/handshaker/alts_tsi_event.cc", + "src/core/tsi/alts/handshaker/alts_tsi_event.h", + "src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc", + "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h", + "src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc", + "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc", + "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h", + "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc", + "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h" + ], + "third_party": false, + "type": "filegroup" + }, + { + "deps": [ + "alts_proto", + "gpr", + "grpc_base", + "nanopb", + "tsi_interface" + ], + "headers": [ + "src/core/lib/security/credentials/alts/check_gcp_environment.h", + "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h", + "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h", + "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h", + "src/core/tsi/alts/handshaker/alts_tsi_utils.h", + "src/core/tsi/alts/handshaker/transport_security_common_api.h" + ], + "is_filegroup": true, + "language": "c", + "name": "alts_util", + "src": [ + "src/core/lib/security/credentials/alts/check_gcp_environment.cc", + "src/core/lib/security/credentials/alts/check_gcp_environment.h", + "src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc", + "src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc", + "src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc", + "src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc", + "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc", + "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h", + "src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc", + "src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc", + "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h", + "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc", + "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h", + "src/core/tsi/alts/handshaker/alts_tsi_utils.cc", + "src/core/tsi/alts/handshaker/alts_tsi_utils.h", + "src/core/tsi/alts/handshaker/transport_security_common_api.cc", + "src/core/tsi/alts/handshaker/transport_security_common_api.h" + ], + "third_party": false, + "type": "filegroup" + }, + { + "deps": [ "gpr", "grpc_base", "nanopb" @@ -9371,6 +9793,7 @@ }, { "deps": [ + "alts_tsi", "gpr", "grpc_base", "grpc_transport_chttp2_alpn", @@ -9379,6 +9802,7 @@ "headers": [ "include/grpc/grpc_security.h", "src/core/lib/security/context/security_context.h", + "src/core/lib/security/credentials/alts/alts_credentials.h", "src/core/lib/security/credentials/composite/composite_credentials.h", "src/core/lib/security/credentials/credentials.h", "src/core/lib/security/credentials/fake/fake_credentials.h", @@ -9390,6 +9814,7 @@ "src/core/lib/security/credentials/oauth2/oauth2_credentials.h", "src/core/lib/security/credentials/plugin/plugin_credentials.h", "src/core/lib/security/credentials/ssl/ssl_credentials.h", + "src/core/lib/security/security_connector/alts_security_connector.h", "src/core/lib/security/security_connector/security_connector.h", "src/core/lib/security/transport/auth_filters.h", "src/core/lib/security/transport/secure_endpoint.h", @@ -9406,6 +9831,8 @@ "src/core/lib/http/httpcli_security_connector.cc", "src/core/lib/security/context/security_context.cc", "src/core/lib/security/context/security_context.h", + "src/core/lib/security/credentials/alts/alts_credentials.cc", + "src/core/lib/security/credentials/alts/alts_credentials.h", "src/core/lib/security/credentials/composite/composite_credentials.cc", "src/core/lib/security/credentials/composite/composite_credentials.h", "src/core/lib/security/credentials/credentials.cc", @@ -9430,6 +9857,8 @@ "src/core/lib/security/credentials/plugin/plugin_credentials.h", "src/core/lib/security/credentials/ssl/ssl_credentials.cc", "src/core/lib/security/credentials/ssl/ssl_credentials.h", + "src/core/lib/security/security_connector/alts_security_connector.cc", + "src/core/lib/security/security_connector/alts_security_connector.h", "src/core/lib/security/security_connector/security_connector.cc", "src/core/lib/security/security_connector/security_connector.h", "src/core/lib/security/transport/auth_filters.h", diff --git a/tools/run_tests/generated/tests.json b/tools/run_tests/generated/tests.json index 6ce7ec28c4..b7fdb6f579 100644 --- a/tools/run_tests/generated/tests.json +++ b/tools/run_tests/generated/tests.json @@ -2876,6 +2876,318 @@ "exclude_configs": [], "exclude_iomgrs": [], "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_counter_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_crypt_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_crypter_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_frame_handler_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_frame_protector_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_grpc_record_protocol_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_handshaker_client_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_handshaker_service_api_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_iovec_record_protocol_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_security_connector_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_tsi_handshaker_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_tsi_utils_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_zero_copy_grpc_protector_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, "gtest": true, "language": "c++", "name": "async_end2end_test", @@ -3350,6 +3662,54 @@ "exclude_configs": [], "exclude_iomgrs": [], "flaky": false, + "gtest": false, + "language": "c++", + "name": "check_gcp_environment_linux_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "check_gcp_environment_windows_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, "gtest": true, "language": "c++", "name": "chttp2_settings_timeout_test", @@ -3782,6 +4142,30 @@ "exclude_configs": [], "exclude_iomgrs": [], "flaky": false, + "gtest": false, + "language": "c++", + "name": "grpc_alts_credentials_options_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, "gtest": true, "language": "c++", "name": "grpc_tool_test", @@ -4678,6 +5062,30 @@ "ci_platforms": [ "linux", "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "transport_security_common_api_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", "posix" ], "cpu_cost": 0.5, |