1 /*
2  *
3  * Copyright 2017 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #ifndef GRPC_CORE_TSI_TRANSPORT_SECURITY_GRPC_H
20 #define GRPC_CORE_TSI_TRANSPORT_SECURITY_GRPC_H
21 
22 #include <grpc/support/port_platform.h>
23 
24 #include <grpc/slice_buffer.h>
25 #include "src/core/tsi/transport_security.h"
26 
27 /* This method creates a tsi_zero_copy_grpc_protector object. It return TSI_OK
28    assuming there is no fatal error.
29    The caller is responsible for destroying the protector.  */
30 tsi_result tsi_handshaker_result_create_zero_copy_grpc_protector(
31     const tsi_handshaker_result* self, size_t* max_output_protected_frame_size,
32     tsi_zero_copy_grpc_protector** protector);
33 
34 /* -- tsi_zero_copy_grpc_protector object --  */
35 
36 /* Outputs protected frames.
37    - unprotected_slices is the unprotected data to be protected.
38    - protected_slices is the protected output frames. One or more frames
39      may be produced in this protect function.
40    - This method returns TSI_OK in case of success or a specific error code in
41      case of failure.  */
42 tsi_result tsi_zero_copy_grpc_protector_protect(
43     tsi_zero_copy_grpc_protector* self, grpc_slice_buffer* unprotected_slices,
44     grpc_slice_buffer* protected_slices);
45 
46 /* Outputs unprotected bytes.
47    - protected_slices is the bytes of protected frames.
48    - unprotected_slices is the unprotected output data.
49    - This method returns TSI_OK in case of success. Success includes cases where
50      there is not enough data to output in which case unprotected_slices has 0
51      bytes.  */
52 tsi_result tsi_zero_copy_grpc_protector_unprotect(
53     tsi_zero_copy_grpc_protector* self, grpc_slice_buffer* protected_slices,
54     grpc_slice_buffer* unprotected_slices);
55 
56 /* Destroys the tsi_zero_copy_grpc_protector object.  */
57 void tsi_zero_copy_grpc_protector_destroy(tsi_zero_copy_grpc_protector* self);
58 
59 /* Base for tsi_zero_copy_grpc_protector implementations.  */
60 typedef struct {
61   tsi_result (*protect)(tsi_zero_copy_grpc_protector* self,
62                         grpc_slice_buffer* unprotected_slices,
63                         grpc_slice_buffer* protected_slices);
64   tsi_result (*unprotect)(tsi_zero_copy_grpc_protector* self,
65                           grpc_slice_buffer* protected_slices,
66                           grpc_slice_buffer* unprotected_slices);
67   void (*destroy)(tsi_zero_copy_grpc_protector* self);
68 } tsi_zero_copy_grpc_protector_vtable;
69 
70 struct tsi_zero_copy_grpc_protector {
71   const tsi_zero_copy_grpc_protector_vtable* vtable;
72 };
73 
74 #endif /* GRPC_CORE_TSI_TRANSPORT_SECURITY_GRPC_H */
75