GRPC C++  1.39.1
Data Structures | Functions
alts_iovec_record_protocol.cc File Reference
#include <grpc/support/port_platform.h>
#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h"
#include <stdlib.h>
#include <string.h>
#include <grpc/support/alloc.h>
#include <grpc/support/log.h>
#include "src/core/tsi/alts/frame_protector/alts_counter.h"

Data Structures

struct  alts_iovec_record_protocol
 

Functions

size_t alts_iovec_record_protocol_get_header_length ()
 This method gets the length of record protocol frame header. More...
 
size_t alts_iovec_record_protocol_get_tag_length (const alts_iovec_record_protocol *rp)
 This method gets the length of record protocol frame tag. More...
 
size_t alts_iovec_record_protocol_max_unprotected_data_size (const alts_iovec_record_protocol *rp, size_t max_protected_frame_size)
 This method returns maximum allowed unprotected data size, given maximum protected frame size. More...
 
grpc_status_code alts_iovec_record_protocol_integrity_only_protect (alts_iovec_record_protocol *rp, const iovec_t *unprotected_vec, size_t unprotected_vec_length, iovec_t header, iovec_t tag, char **error_details)
 This method performs integrity-only protect operation on a alts_iovec_record_protocol instance, i.e., compute frame header and tag. More...
 
grpc_status_code alts_iovec_record_protocol_integrity_only_unprotect (alts_iovec_record_protocol *rp, const iovec_t *protected_vec, size_t protected_vec_length, iovec_t header, iovec_t tag, char **error_details)
 This method performs integrity-only unprotect operation on a alts_iovec_record_protocol instance, i.e., verify frame header and tag. More...
 
grpc_status_code alts_iovec_record_protocol_privacy_integrity_protect (alts_iovec_record_protocol *rp, const iovec_t *unprotected_vec, size_t unprotected_vec_length, iovec_t protected_frame, char **error_details)
 This method performs privacy-integrity protect operation on a alts_iovec_record_protocol instance, i.e., compute a protected frame. More...
 
grpc_status_code alts_iovec_record_protocol_privacy_integrity_unprotect (alts_iovec_record_protocol *rp, iovec_t header, const iovec_t *protected_vec, size_t protected_vec_length, iovec_t unprotected_data, char **error_details)
 This method performs privacy-integrity unprotect operation on a alts_iovec_record_protocol instance given a full protected frame, i.e., compute the unprotected data. More...
 
grpc_status_code alts_iovec_record_protocol_create (gsec_aead_crypter *crypter, size_t overflow_size, bool is_client, bool is_integrity_only, bool is_protect, alts_iovec_record_protocol **rp, char **error_details)
 This method creates an alts_iovec_record_protocol instance, given a gsec_aead_crypter instance, a flag indicating if the created instance will be used at the client or server side, and a flag indicating if the created instance will be used for integrity-only mode or privacy-integrity mode. More...
 
void alts_iovec_record_protocol_destroy (alts_iovec_record_protocol *rp)
 This method destroys an alts_iovec_record_protocol instance by de-allocating all of its occupied memory. More...
 

Function Documentation

◆ alts_iovec_record_protocol_create()

grpc_status_code alts_iovec_record_protocol_create ( gsec_aead_crypter crypter,
size_t  overflow_size,
bool  is_client,
bool  is_integrity_only,
bool  is_protect,
alts_iovec_record_protocol **  rp,
char **  error_details 
)

This method creates an alts_iovec_record_protocol instance, given a gsec_aead_crypter instance, a flag indicating if the created instance will be used at the client or server side, and a flag indicating if the created instance will be used for integrity-only mode or privacy-integrity mode.

The ownership of gsec_aead_crypter instance is transferred to this new object.

  • crypter: a gsec_aead_crypter instance used to perform AEAD decryption.
  • overflow_size: overflow size of counter in bytes.
  • is_client: a flag indicating if the alts_iovec_record_protocol instance will be used at the client or server side.
  • is_integrity_only: a flag indicating if the alts_iovec_record_protocol instance will be used for integrity-only or privacy-integrity mode.
  • is_protect: a flag indicating if the alts_grpc_record_protocol instance will be used for protect or unprotect.
  • rp: an alts_iovec_record_protocol instance to be returned from the method.
  • error_details: a buffer containing an error message if the method does not function correctly. It is OK to pass nullptr into error_details.

On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an error status code along with its details specified in error_details (if error_details is not nullptr).

◆ alts_iovec_record_protocol_destroy()

void alts_iovec_record_protocol_destroy ( alts_iovec_record_protocol rp)

This method destroys an alts_iovec_record_protocol instance by de-allocating all of its occupied memory.

A gsec_aead_crypter instance passed in at gsec_alts_crypter instance creation time will be destroyed in this method.

◆ alts_iovec_record_protocol_get_header_length()

size_t alts_iovec_record_protocol_get_header_length ( )

This method gets the length of record protocol frame header.

◆ alts_iovec_record_protocol_get_tag_length()

size_t alts_iovec_record_protocol_get_tag_length ( const alts_iovec_record_protocol rp)

This method gets the length of record protocol frame tag.

On success, the method returns the length of record protocol frame tag. Otherwise, it returns zero.

◆ alts_iovec_record_protocol_integrity_only_protect()

grpc_status_code alts_iovec_record_protocol_integrity_only_protect ( alts_iovec_record_protocol rp,
const iovec_t unprotected_vec,
size_t  unprotected_vec_length,
iovec_t  header,
iovec_t  tag,
char **  error_details 
)

This method performs integrity-only protect operation on a alts_iovec_record_protocol instance, i.e., compute frame header and tag.

The caller needs to allocate the memory for header and tag prior to calling this method.

  • rp: an alts_iovec_record_protocol instance.
  • unprotected_vec: an iovec array containing unprotected data.
  • unprotected_vec_length: the array length of unprotected_vec.
  • header: an iovec containing the output frame header.
  • tag: an iovec containing the output frame tag.
  • error_details: a buffer containing an error message if the method does not function correctly. It is OK to pass nullptr into error_details.

On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an error status code along with its details specified in error_details (if error_details is not nullptr).

◆ alts_iovec_record_protocol_integrity_only_unprotect()

grpc_status_code alts_iovec_record_protocol_integrity_only_unprotect ( alts_iovec_record_protocol rp,
const iovec_t protected_vec,
size_t  protected_vec_length,
iovec_t  header,
iovec_t  tag,
char **  error_details 
)

This method performs integrity-only unprotect operation on a alts_iovec_record_protocol instance, i.e., verify frame header and tag.

  • rp: an alts_iovec_record_protocol instance.
  • protected_vec: an iovec array containing protected data.
  • protected_vec_length: the array length of protected_vec.
  • header: an iovec containing the frame header.
  • tag: an iovec containing the frame tag.
  • error_details: a buffer containing an error message if the method does not function correctly. It is OK to pass nullptr into error_details.

On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an error status code along with its details specified in error_details (if error_details is not nullptr).

◆ alts_iovec_record_protocol_max_unprotected_data_size()

size_t alts_iovec_record_protocol_max_unprotected_data_size ( const alts_iovec_record_protocol rp,
size_t  max_protected_frame_size 
)

This method returns maximum allowed unprotected data size, given maximum protected frame size.

On success, the method returns the maximum allowed unprotected data size. Otherwise, it returns zero.

◆ alts_iovec_record_protocol_privacy_integrity_protect()

grpc_status_code alts_iovec_record_protocol_privacy_integrity_protect ( alts_iovec_record_protocol rp,
const iovec_t unprotected_vec,
size_t  unprotected_vec_length,
iovec_t  protected_frame,
char **  error_details 
)

This method performs privacy-integrity protect operation on a alts_iovec_record_protocol instance, i.e., compute a protected frame.

The caller needs to allocate the memory for the protected frame prior to calling this method.

  • rp: an alts_iovec_record_protocol instance.
  • unprotected_vec: an iovec array containing unprotected data.
  • unprotected_vec_length: the array length of unprotected_vec.
  • protected_frame: an iovec containing the output protected frame.
  • error_details: a buffer containing an error message if the method does not function correctly. It is OK to pass nullptr into error_details.

On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an error status code along with its details specified in error_details (if error_details is not nullptr).

◆ alts_iovec_record_protocol_privacy_integrity_unprotect()

grpc_status_code alts_iovec_record_protocol_privacy_integrity_unprotect ( alts_iovec_record_protocol rp,
iovec_t  header,
const iovec_t protected_vec,
size_t  protected_vec_length,
iovec_t  unprotected_data,
char **  error_details 
)

This method performs privacy-integrity unprotect operation on a alts_iovec_record_protocol instance given a full protected frame, i.e., compute the unprotected data.

The caller needs to allocated the memory for the unprotected data prior to calling this method.

  • rp: an alts_iovec_record_protocol instance.
  • header: an iovec containing the frame header.
  • protected_vec: an iovec array containing protected data including the tag.
  • protected_vec_length: the array length of protected_vec.
  • unprotected_data: an iovec containing the output unprotected data.
  • error_details: a buffer containing an error message if the method does not function correctly. It is OK to pass nullptr into error_details.

On success, the method returns GRPC_STATUS_OK. Otherwise, it returns an error status code along with its details specified in error_details (if error_details is not nullptr).