1 /*
2  *
3  * Copyright 2018 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_H
20 #define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_H
21 
22 #include <grpc/support/port_platform.h>
23 
24 #include <grpc/slice_buffer.h>
25 
26 #include "src/core/tsi/transport_security_interface.h"
27 
28 /**
29  * This alts_grpc_record_protocol object protects and unprotects a single frame
30  * stored in grpc slice buffer with zero or minimized memory copy.
31  * Implementations of this object must be thread compatible.
32  */
33 typedef struct alts_grpc_record_protocol alts_grpc_record_protocol;
34 
35 /**
36  * This methods performs protect operation on unprotected data and appends the
37  * protected frame to protected_slices. The caller needs to ensure the length
38  * of unprotected data plus the frame overhead is less than or equal to the
39  * maximum frame length. The input unprotected data slice buffer will be
40  * cleared, although the actual unprotected data bytes are not modified.
41  *
42  * - self: an alts_grpc_record_protocol instance.
43  * - unprotected_slices: the unprotected data to be protected.
44  * - protected_slices: slice buffer where the protected frame is appended.
45  *
46  * This method returns TSI_OK in case of success or a specific error code in
47  * case of failure.
48  */
49 tsi_result alts_grpc_record_protocol_protect(
50     alts_grpc_record_protocol* self, grpc_slice_buffer* unprotected_slices,
51     grpc_slice_buffer* protected_slices);
52 
53 /**
54  * This methods performs unprotect operation on a full frame of protected data
55  * and appends unprotected data to unprotected_slices. It is the caller's
56  * responsibility to prepare a full frame of data before calling this method.
57  * The input protected frame slice buffer will be cleared, although the actual
58  * protected data bytes are not modified.
59  *
60  * - self: an alts_grpc_record_protocol instance.
61  * - protected_slices: a full frame of protected data in grpc slices.
62  * - unprotected_slices: slice buffer where unprotected data is appended.
63  *
64  * This method returns TSI_OK in case of success or a specific error code in
65  * case of failure.
66  */
67 tsi_result alts_grpc_record_protocol_unprotect(
68     alts_grpc_record_protocol* self, grpc_slice_buffer* protected_slices,
69     grpc_slice_buffer* unprotected_slices);
70 
71 /**
72  * This method returns maximum allowed unprotected data size, given maximum
73  * protected frame size.
74  *
75  * - self: an alts_grpc_record_protocol instance.
76  * - max_protected_frame_size: maximum protected frame size.
77  *
78  * On success, the method returns the maximum allowed unprotected data size.
79  * Otherwise, it returns zero.
80  */
81 size_t alts_grpc_record_protocol_max_unprotected_data_size(
82     const alts_grpc_record_protocol* self, size_t max_protected_frame_size);
83 
84 /**
85  * This method destroys an alts_grpc_record_protocol instance by de-allocating
86  * all of its occupied memory.
87  */
88 void alts_grpc_record_protocol_destroy(alts_grpc_record_protocol* self);
89 
90 #endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_GRPC_RECORD_PROTOCOL_H \
91         */
92