3 * Copyright 2018 gRPC authors.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
19 #include <grpc/support/port_platform.h>
21 #include <grpc/support/alloc.h>
23 #include "src/core/tsi/alts/frame_protector/alts_counter.h"
24 #include "src/core/tsi/alts/frame_protector/alts_crypter.h"
25 #include "src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h"
27 static void maybe_copy_error_msg(const char* src, char** dst) {
28 if (dst != nullptr && src != nullptr) {
29 *dst = static_cast<char*>(gpr_malloc(strlen(src) + 1));
30 memcpy(*dst, src, strlen(src) + 1);
34 /* Perform input santity check for a seal operation. */
35 static grpc_status_code seal_check(alts_crypter* c, const unsigned char* data,
36 size_t data_allocated_size, size_t data_size,
37 size_t* output_size, char** error_details) {
38 /* Do common input sanity check. */
39 grpc_status_code status = input_sanity_check(
40 reinterpret_cast<const alts_record_protocol_crypter*>(c), data,
41 output_size, error_details);
42 if (status != GRPC_STATUS_OK) return status;
43 /* Do seal-specific check. */
44 size_t num_overhead_bytes =
45 alts_crypter_num_overhead_bytes(reinterpret_cast<const alts_crypter*>(c));
47 const char error_msg[] = "data_size is zero.";
48 maybe_copy_error_msg(error_msg, error_details);
49 return GRPC_STATUS_INVALID_ARGUMENT;
51 if (data_size + num_overhead_bytes > data_allocated_size) {
52 const char error_msg[] =
53 "data_allocated_size is smaller than sum of data_size and "
54 "num_overhead_bytes.";
55 maybe_copy_error_msg(error_msg, error_details);
56 return GRPC_STATUS_INVALID_ARGUMENT;
58 return GRPC_STATUS_OK;
61 static grpc_status_code alts_seal_crypter_process_in_place(
62 alts_crypter* c, unsigned char* data, size_t data_allocated_size,
63 size_t data_size, size_t* output_size, char** error_details) {
64 grpc_status_code status = seal_check(c, data, data_allocated_size, data_size,
65 output_size, error_details);
66 if (status != GRPC_STATUS_OK) {
69 /* Do AEAD encryption. */
70 alts_record_protocol_crypter* rp_crypter =
71 reinterpret_cast<alts_record_protocol_crypter*>(c);
72 status = gsec_aead_crypter_encrypt(
73 rp_crypter->crypter, alts_counter_get_counter(rp_crypter->ctr),
74 alts_counter_get_size(rp_crypter->ctr), nullptr /* aad */,
75 0 /* aad_length */, data, data_size, data, data_allocated_size,
76 output_size, error_details);
77 if (status != GRPC_STATUS_OK) {
80 /* Increment the crypter counter. */
81 return increment_counter(rp_crypter, error_details);
84 static const alts_crypter_vtable vtable = {
85 alts_record_protocol_crypter_num_overhead_bytes,
86 alts_seal_crypter_process_in_place, alts_record_protocol_crypter_destruct};
88 grpc_status_code alts_seal_crypter_create(gsec_aead_crypter* gc, bool is_client,
90 alts_crypter** crypter,
91 char** error_details) {
92 if (crypter == nullptr) {
93 const char error_msg[] = "crypter is nullptr.";
94 maybe_copy_error_msg(error_msg, error_details);
95 return GRPC_STATUS_FAILED_PRECONDITION;
97 alts_record_protocol_crypter* rp_crypter =
98 alts_crypter_create_common(gc, !is_client, overflow_size, error_details);
99 if (rp_crypter == nullptr) {
100 return GRPC_STATUS_FAILED_PRECONDITION;
102 rp_crypter->base.vtable = &vtable;
103 *crypter = &rp_crypter->base;
104 return GRPC_STATUS_OK;
git://repos.xcallymotion.com / motion2.git / blob