GRPC C++  1.39.1
Functions
alts_crypter.cc File Reference
#include <grpc/support/port_platform.h>
#include "src/core/tsi/alts/frame_protector/alts_crypter.h"
#include <string.h>
#include <grpc/support/alloc.h>

Functions

grpc_status_code alts_crypter_process_in_place (alts_crypter *crypter, unsigned char *data, size_t data_allocated_size, size_t data_size, size_t *output_size, char **error_details)
 This method performs either a seal or an unseal operation depending on the alts_crypter instance - crypter passed to the method. More...
 
size_t alts_crypter_num_overhead_bytes (const alts_crypter *crypter)
 This method gets the number of overhead bytes needed for sealing data that is the difference in size between the protected and raw data. More...
 
void alts_crypter_destroy (alts_crypter *crypter)
 This method destroys an alts_crypter instance by de-allocating all of its occupied memory. More...
 

Function Documentation

◆ alts_crypter_destroy()

void alts_crypter_destroy ( alts_crypter crypter)

This method destroys an alts_crypter instance by de-allocating all of its occupied memory.

A gsec_aead_crypter instance passed in at alts_crypter instance creation time will be destroyed in this method.

◆ alts_crypter_num_overhead_bytes()

size_t alts_crypter_num_overhead_bytes ( const alts_crypter crypter)

This method gets the number of overhead bytes needed for sealing data that is the difference in size between the protected and raw data.

The counter value used in a seal or unseal operation is locally maintained (not sent or received from the other peer) and therefore, will not be counted as part of overhead bytes.

On success, the method returns the number of overhead bytes. Otherwise, it returns zero.

◆ alts_crypter_process_in_place()

grpc_status_code alts_crypter_process_in_place ( alts_crypter crypter,
unsigned char *  data,
size_t  data_allocated_size,
size_t  data_size,
size_t *  output_size,
char **  error_details 
)

This method performs either a seal or an unseal operation depending on the alts_crypter instance - crypter passed to the method.

If the crypter is an instance implementing a seal operation, the method will perform a seal operation. That is, it seals raw data and stores the result in-place, and the memory allocated for data must be at least data_length + alts_crypter_num_overhead_bytes(). If the crypter is an instance implementing an unseal operation, the method will perform an unseal operation. That is, it unseals protected data and stores the result in-place. The size of unsealed data will be data_length - alts_crypter_num_overhead_bytes(). Integrity tag will be verified during the unseal operation, and if verification fails, the data will be wiped. The counters used in both seal and unseal operations are managed internally.

  • crypter: an alts_crypter instance.
  • data: if the method performs a seal operation, the data represents raw data that needs to be sealed. It also plays the role of buffer to hold the protected data as a result of seal. If the method performs an unseal operation, the data represents protected data that needs to be unsealed. It also plays the role of buffer to hold raw data as a result of unseal.
  • data_allocated_size: the size of data buffer. The parameter is used to check whether the result of either seal or unseal can be safely written to the data buffer.
  • data_size: if the method performs a seal operation, data_size represents the size of raw data that needs to be sealed, and if the method performs an unseal operation, data_size represents the size of protected data that needs to be unsealed.
  • output_size: size of data written to the data buffer after a seal or an unseal operation.
  • error_details: a buffer containing an error message if the method does not function correctly. It is legal to pass nullptr into error_details and otherwise, the parameter should be freed with gpr_free.

On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an error status code along with its details specified in error_details (if error_details is not nullptr).