aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/core/tsi/transport_security_grpc.h
blob: 375a758888bbf1c23e7e2bf02cb04983f90b1e6e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
/*
 *
 * Copyright 2017 gRPC authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 */

#ifndef GRPC_CORE_TSI_TRANSPORT_SECURITY_GRPC_H
#define GRPC_CORE_TSI_TRANSPORT_SECURITY_GRPC_H

#include <grpc/slice_buffer.h>
#include "src/core/tsi/transport_security.h"

#ifdef __cplusplus
extern "C" {
#endif

/* This method creates a tsi_zero_copy_grpc_protector object. It return TSI_OK
   assuming there is no fatal error.
   The caller is responsible for destroying the protector.  */
tsi_result tsi_handshaker_result_create_zero_copy_grpc_protector(
    const tsi_handshaker_result *self, size_t *max_output_protected_frame_size,
    tsi_zero_copy_grpc_protector **protector);

/* -- tsi_zero_copy_grpc_protector object --  */

/* Outputs protected frames.
   - unprotected_slices is the unprotected data to be protected.
   - protected_slices is the protected output frames. One or more frames
     may be produced in this protect function.
   - This method returns TSI_OK in case of success or a specific error code in
     case of failure.  */
tsi_result tsi_zero_copy_grpc_protector_protect(
    grpc_exec_ctx *exec_ctx, tsi_zero_copy_grpc_protector *self,
    grpc_slice_buffer *unprotected_slices, grpc_slice_buffer *protected_slices);

/* Outputs unprotected bytes.
   - protected_slices is the bytes of protected frames.
   - unprotected_slices is the unprotected output data.
   - This method returns TSI_OK in case of success. Success includes cases where
     there is not enough data to output in which case unprotected_slices has 0
     bytes.  */
tsi_result tsi_zero_copy_grpc_protector_unprotect(
    grpc_exec_ctx *exec_ctx, tsi_zero_copy_grpc_protector *self,
    grpc_slice_buffer *protected_slices, grpc_slice_buffer *unprotected_slices);

/* Destroys the tsi_zero_copy_grpc_protector object.  */
void tsi_zero_copy_grpc_protector_destroy(grpc_exec_ctx *exec_ctx,
                                          tsi_zero_copy_grpc_protector *self);

/* Base for tsi_zero_copy_grpc_protector implementations.  */
typedef struct {
  tsi_result (*protect)(grpc_exec_ctx *exec_ctx,
                        tsi_zero_copy_grpc_protector *self,
                        grpc_slice_buffer *unprotected_slices,
                        grpc_slice_buffer *protected_slices);
  tsi_result (*unprotect)(grpc_exec_ctx *exec_ctx,
                          tsi_zero_copy_grpc_protector *self,
                          grpc_slice_buffer *protected_slices,
                          grpc_slice_buffer *unprotected_slices);
  void (*destroy)(grpc_exec_ctx *exec_ctx, tsi_zero_copy_grpc_protector *self);
} tsi_zero_copy_grpc_protector_vtable;

struct tsi_zero_copy_grpc_protector {
  const tsi_zero_copy_grpc_protector_vtable *vtable;
};

#ifdef __cplusplus
}
#endif

#endif /* GRPC_CORE_TSI_TRANSPORT_SECURITY_GRPC_H */