Go to the source code of this file.
|
| tsi_result | alts_zero_copy_grpc_protector_create (const uint8_t *key, size_t key_size, bool is_rekey, bool is_client, bool is_integrity_only, bool enable_extra_copy, size_t *max_protected_frame_size, tsi_zero_copy_grpc_protector **protector) |
| |
| static void | alts_zero_copy_grpc_protector_destroy (tsi_zero_copy_grpc_protector *self) |
| |
| static tsi_result | alts_zero_copy_grpc_protector_max_frame_size (tsi_zero_copy_grpc_protector *self, size_t *max_frame_size) |
| |
| static tsi_result | alts_zero_copy_grpc_protector_protect (tsi_zero_copy_grpc_protector *self, grpc_slice_buffer *unprotected_slices, grpc_slice_buffer *protected_slices) |
| |
| static tsi_result | alts_zero_copy_grpc_protector_unprotect (tsi_zero_copy_grpc_protector *self, grpc_slice_buffer *protected_slices, grpc_slice_buffer *unprotected_slices, int *min_progress_size) |
| |
| static tsi_result | create_alts_grpc_record_protocol (const uint8_t *key, size_t key_size, bool is_rekey, bool is_client, bool is_integrity_only, bool is_protect, bool enable_extra_copy, alts_grpc_record_protocol **record_protocol) |
| |
| static bool | read_frame_size (const grpc_slice_buffer *sb, uint32_t *total_frame_size) |
| |
◆ alts_zero_copy_grpc_protector
Main struct for alts_zero_copy_grpc_protector. We choose to have two alts_grpc_record_protocol objects and two sets of slice buffers: one for protect and the other for unprotect, so that protect and unprotect can be executed in parallel. Implementations of this object must be thread compatible.
◆ alts_zero_copy_grpc_protector_create()
This method creates an ALTS zero-copy grpc protector.
- key: a symmetric key used to seal/unseal frames.
- key_size: the size of symmetric key.
- is_rekey: use rekeying AEAD crypter.
- is_client: a flag indicating if the protector will be used at client or server side.
- is_integrity_only: a flag indicating if the protector instance will be used for integrity-only or privacy-integrity mode.
- enable_extra_copy: a flag indicating if the protector instance does one extra memory copy during the protect operation for integrity_only mode. For the unprotect operation, it is still zero-copy. If application intends to modify the data buffer after the protect operation, we can turn on this mode to avoid integrity check failure.
- max_protected_frame_size: an in/out parameter indicating max frame size to be used by the protector. If it is nullptr, the default frame size will be used. Otherwise, the provided frame size will be adjusted (if not falling into a valid frame range) and used.
- protector: a pointer to the zero-copy protector returned from the method.
This method returns TSI_OK on success or a specific error code otherwise.
Definition at line 260 of file alts_zero_copy_grpc_protector.cc.
◆ alts_zero_copy_grpc_protector_destroy()
◆ alts_zero_copy_grpc_protector_max_frame_size()
◆ alts_zero_copy_grpc_protector_protect()
◆ alts_zero_copy_grpc_protector_unprotect()
◆ create_alts_grpc_record_protocol()
Creates an alts_grpc_record_protocol object, given key, key size, and flags to indicate whether the record_protocol object uses the rekeying AEAD, whether the object is for client or server, whether the object is for integrity-only or privacy-integrity mode, and whether the object is used for protect or unprotect.
Definition at line 111 of file alts_zero_copy_grpc_protector.cc.
◆ read_frame_size()
Given a slice buffer, parses the first 4 bytes little-endian unsigned frame size and returns the total frame size including the frame field. Caller needs to make sure the input slice buffer has at least 4 bytes. Returns true on success and false on failure.
Definition at line 67 of file alts_zero_copy_grpc_protector.cc.
◆ alts_zero_copy_grpc_protector_vtable
◆ kDefaultFrameLength
| constexpr size_t kDefaultFrameLength = 16 * 1024 |
|
constexpr |
◆ kMaxFrameLength
| constexpr size_t kMaxFrameLength = 16 * 1024 * 1024 |
|
constexpr |
◆ kMinFrameLength
| constexpr size_t kMinFrameLength = 1024 |
|
constexpr |
