1 /* 2 * 3 * Copyright 2018 gRPC authors. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 */ 18 19 #ifndef GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_ZERO_COPY_GRPC_PROTECTOR_H 20 #define GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_ZERO_COPY_GRPC_PROTECTOR_H 21 22 #include <grpc/support/port_platform.h> 23 24 #include <stdbool.h> 25 26 #include "src/core/tsi/transport_security_grpc.h" 27 28 /** 29 * This method creates an ALTS zero-copy grpc protector. 30 * 31 * - key: a symmetric key used to seal/unseal frames. 32 * - key_size: the size of symmetric key. 33 * - is_rekey: use rekeying AEAD crypter. 34 * - is_client: a flag indicating if the protector will be used at client or 35 * server side. 36 * - is_integrity_only: a flag indicating if the protector instance will be 37 * used for integrity-only or privacy-integrity mode. 38 * - enable_extra_copy: a flag indicating if the protector instance does one 39 * extra memory copy during the protect operation for integrity_only mode. 40 * For the unprotect operation, it is still zero-copy. If application intends 41 * to modify the data buffer after the protect operation, we can turn on this 42 * mode to avoid integrity check failure. 43 * - max_protected_frame_size: an in/out parameter indicating max frame size 44 * to be used by the protector. If it is nullptr, the default frame size will 45 * be used. Otherwise, the provided frame size will be adjusted (if not 46 * falling into a valid frame range) and used. 47 * - protector: a pointer to the zero-copy protector returned from the method. 48 * 49 * This method returns TSI_OK on success or a specific error code otherwise. 50 */ 51 tsi_result alts_zero_copy_grpc_protector_create( 52 const uint8_t* key, size_t key_size, bool is_rekey, bool is_client, 53 bool is_integrity_only, bool enable_extra_copy, 54 size_t* max_protected_frame_size, tsi_zero_copy_grpc_protector** protector); 55 56 #endif /* GRPC_CORE_TSI_ALTS_ZERO_COPY_FRAME_PROTECTOR_ALTS_ZERO_COPY_GRPC_PROTECTOR_H \ 57 */ 58