1 /*
2  * Copyright 2018 The gRPC Authors
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package io.grpc.alts.internal;
18 
19 import io.netty.buffer.ByteBuf;
20 import io.netty.buffer.ByteBufAllocator;
21 import java.security.GeneralSecurityException;
22 import java.util.List;
23 
24 /**
25  * This object protects and unprotects netty buffers once the handshake is done.
26  *
27  * <p>Implementations of this object must be thread compatible.
28  */
29 public interface TsiFrameProtector {
30 
31   /**
32    * Protects the buffers by performing framing and encrypting/appending MACs.
33    *
34    * @param unprotectedBufs contain the payload that will be protected
35    * @param ctxWrite is called with buffers containing protected frames and must release the given
36    *     buffers
37    * @param alloc is used to allocate new buffers for the protected frames
38    */
protectFlush( List<ByteBuf> unprotectedBufs, Consumer<ByteBuf> ctxWrite, ByteBufAllocator alloc)39   void protectFlush(
40       List<ByteBuf> unprotectedBufs, Consumer<ByteBuf> ctxWrite, ByteBufAllocator alloc)
41       throws GeneralSecurityException;
42 
43   /**
44    * Unprotects the buffers by removing the framing and decrypting/checking MACs.
45    *
46    * @param in contains (partial) protected frames
47    * @param out is only used to append unprotected payload buffers
48    * @param alloc is used to allocate new buffers for the unprotected frames
49    */
unprotect(ByteBuf in, List<Object> out, ByteBufAllocator alloc)50   void unprotect(ByteBuf in, List<Object> out, ByteBufAllocator alloc)
51       throws GeneralSecurityException;
52 
53   /** Must be called to release all associated resources (instance cannot be used afterwards). */
destroy()54   void destroy();
55 
56   /** A mirror of java.util.function.Consumer without the Java 8 dependency. */
57   interface Consumer<T> {
accept(T t)58     void accept(T t);
59   }
60 }
61