1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
|
/*
*
* Copyright 2017 gRPC authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#ifndef GRPC_TEST_CORE_TSI_TRANSPORT_SECURITY_TEST_LIB_H_
#define GRPC_TEST_CORE_TSI_TRANSPORT_SECURITY_TEST_LIB_H_
#include "src/core/tsi/transport_security_interface.h"
#include <grpc/support/sync.h>
#ifdef __cplusplus
extern "C" {
#endif
#define TSI_TEST_TINY_HANDSHAKE_BUFFER_SIZE 32
#define TSI_TEST_SMALL_HANDSHAKE_BUFFER_SIZE 128
#define TSI_TEST_SMALL_READ_BUFFER_ALLOCATED_SIZE 41
#define TSI_TEST_SMALL_PROTECTED_BUFFER_SIZE 37
#define TSI_TEST_SMALL_MESSAGE_BUFFER_ALLOCATED_SIZE 42
#define TSI_TEST_SMALL_CLIENT_MAX_OUTPUT_PROTECTED_FRAME_SIZE 39
#define TSI_TEST_SMALL_SERVER_MAX_OUTPUT_PROTECTED_FRAME_SIZE 43
#define TSI_TEST_DEFAULT_BUFFER_SIZE 4096
#define TSI_TEST_DEFAULT_PROTECTED_BUFFER_SIZE 16384
#define TSI_TEST_DEFAULT_CHANNEL_SIZE 32768
#define TSI_TEST_BIG_MESSAGE_SIZE 17000
#define TSI_TEST_SMALL_MESSAGE_SIZE 10
#define TSI_TEST_NUM_OF_ARGUMENTS 8
#define TSI_TEST_NUM_OF_COMBINATIONS 256
#define TSI_TEST_UNUSED_BYTES "HELLO GOOGLE"
/* --- tsi_test_fixture object ---
The tests for specific TSI implementations should create their own
custom "subclass" of this fixture, which wraps all information
that will be used to test correctness of TSI handshakes and frame
protect/unprotect operations with respect to TSI implementations. */
typedef struct tsi_test_fixture tsi_test_fixture;
/* --- tsi_test_frame_protector_config object ---
This object is used to configure different parameters of TSI frame protector
APIs. */
typedef struct tsi_test_frame_protector_config tsi_test_frame_protector_config;
/* V-table for tsi_test_fixture operations that are implemented differently in
different TSI implementations. */
typedef struct tsi_test_fixture_vtable {
void (*setup_handshakers)(tsi_test_fixture *fixture);
void (*check_handshaker_peers)(tsi_test_fixture *fixture);
void (*destruct)(tsi_test_fixture *fixture);
} tsi_test_fixture_vtable;
struct tsi_test_fixture {
const tsi_test_fixture_vtable *vtable;
/* client/server TSI handshaker used to perform TSI handshakes, and will get
instantiated during the call to setup_handshakers. */
tsi_handshaker *client_handshaker;
tsi_handshaker *server_handshaker;
/* client/server TSI handshaker results used to store the result of TSI
handshake. If the handshake fails, the result will store NULL upon
finishing the handshake. */
tsi_handshaker_result *client_result;
tsi_handshaker_result *server_result;
/* size of buffer used to store data received from the peer. */
size_t handshake_buffer_size;
/* simulated channels between client and server. If the server (client)
wants to send data to the client (server), he will write data to
client_channel (server_channel), which will be read by client (server). */
uint8_t *client_channel;
uint8_t *server_channel;
/* size of data written to the client/server channel. */
size_t bytes_written_to_client_channel;
size_t bytes_written_to_server_channel;
/* size of data read from the client/server channel */
size_t bytes_read_from_client_channel;
size_t bytes_read_from_server_channel;
/* tsi_test_frame_protector_config instance */
tsi_test_frame_protector_config *config;
/* a flag indicating if client has finished TSI handshake first (i.e., before
server).
The flag should be referred if and only if TSI handshake finishes
successfully. */
bool has_client_finished_first;
/* a flag indicating whether to test tsi_handshaker_result_get_unused_bytes()
for TSI implementation. This field is true by default, and false
for SSL TSI implementation due to grpc issue #12164
(https://github.com/grpc/grpc/issues/12164).
*/
bool test_unused_bytes;
/* These objects will be used coordinate client/server handshakers with TSI
thread to perform TSI handshakes in an asynchronous manner (for GTS TSI
implementations).
*/
gpr_cv cv;
gpr_mu mu;
bool notified;
};
struct tsi_test_frame_protector_config {
/* size of buffer used to store protected frames to be unprotected. */
size_t read_buffer_allocated_size;
/* size of buffer used to store bytes resulted from unprotect operations. */
size_t message_buffer_allocated_size;
/* size of buffer used to store frames resulted from protect operations. */
size_t protected_buffer_size;
/* size of client/server maximum frame size. */
size_t client_max_output_protected_frame_size;
size_t server_max_output_protected_frame_size;
/* pointer that points to client/server message to be protected. */
uint8_t *client_message;
uint8_t *server_message;
/* size of client/server message. */
size_t client_message_size;
size_t server_message_size;
};
/* This method creates a tsi_test_frame_protector_config instance. Each
parameter of this function is a boolean value indicating whether to set the
corresponding parameter with a default value or not. If it's false, it will
be set with a specific value which is usually much smaller than the default.
Both values are defined with #define directive. */
tsi_test_frame_protector_config *tsi_test_frame_protector_config_create(
bool use_default_read_buffer_allocated_size,
bool use_default_message_buffer_allocated_size,
bool use_default_protected_buffer_size, bool use_default_client_message,
bool use_default_server_message,
bool use_default_client_max_output_protected_frame_size,
bool use_default_server_max_output_protected_frame_size,
bool use_default_handshake_buffer_size);
/* This method sets different buffer and frame sizes of a
tsi_test_frame_protector_config instance with user provided values. */
void tsi_test_frame_protector_config_set_buffer_size(
tsi_test_frame_protector_config *config, size_t read_buffer_allocated_size,
size_t message_buffer_allocated_size, size_t protected_buffer_size,
size_t client_max_output_protected_frame_size,
size_t server_max_output_protected_frame_size);
/* This method destroys a tsi_test_frame_protector_config instance. */
void tsi_test_frame_protector_config_destroy(
tsi_test_frame_protector_config *config);
/* This method initializes members of tsi_test_fixture instance.
Note that the struct instance should be allocated before making
this call. */
void tsi_test_fixture_init(tsi_test_fixture *fixture);
/* This method destroys a tsi_test_fixture instance. Note that the
fixture intance must be dynamically allocated and will be freed by
this function. */
void tsi_test_fixture_destroy(tsi_test_fixture *fixture);
/* This method performs a full TSI handshake between a client and a server.
Note that the test library will implement the new TSI handshaker API to
perform handshakes. */
void tsi_test_do_handshake(tsi_test_fixture *fixture);
/* This method performs a round trip test between the client and the server.
That is, the client sends a protected message to a server who receives the
message, and unprotects it. The same operation is triggered again with
the client and server switching its role. */
void tsi_test_do_round_trip(tsi_test_fixture *fixture);
#ifdef __cplusplus
}
#endif
#endif // GRPC_TEST_CORE_TSI_TRANSPORT_SECURITY_TEST_LIB_H_
|
