io.grpc.alts.internal.TsiHandshakeHandler Maven / Gradle / Ivy
/*
* Copyright 2018 The gRPC Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.grpc.alts.internal;
import static com.google.common.base.Preconditions.checkNotNull;
import static com.google.common.base.Preconditions.checkState;
import static io.grpc.alts.internal.AltsProtocolNegotiator.AUTH_CONTEXT_KEY;
import static io.grpc.alts.internal.AltsProtocolNegotiator.TSI_PEER_KEY;
import io.grpc.Attributes;
import io.grpc.ChannelLogger;
import io.grpc.ChannelLogger.ChannelLogLevel;
import io.grpc.InternalChannelz.Security;
import io.grpc.SecurityLevel;
import io.grpc.alts.internal.TsiHandshakeHandler.HandshakeValidator.SecurityDetails;
import io.grpc.internal.GrpcAttributes;
import io.grpc.netty.InternalProtocolNegotiationEvent;
import io.grpc.netty.ProtocolNegotiationEvent;
import io.netty.buffer.ByteBuf;
import io.netty.channel.ChannelFuture;
import io.netty.channel.ChannelFutureListener;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.handler.codec.ByteToMessageDecoder;
import java.security.GeneralSecurityException;
import java.util.List;
import javax.annotation.Nullable;
/**
* Performs The TSI Handshake.
*/
public final class TsiHandshakeHandler extends ByteToMessageDecoder {
/**
* Validates a Tsi Peer object.
*/
public abstract static class HandshakeValidator {
public static final class SecurityDetails {
private final SecurityLevel securityLevel;
private final Security security;
/**
* Constructs SecurityDetails.
*/
public SecurityDetails(io.grpc.SecurityLevel securityLevel, @Nullable Security security) {
this.securityLevel = checkNotNull(securityLevel, "securityLevel");
this.security = security;
}
public Security getSecurity() {
return security;
}
public SecurityLevel getSecurityLevel() {
return securityLevel;
}
}
/**
* Validates a Tsi Peer object.
*/
public abstract SecurityDetails validatePeerObject(Object peerObject)
throws GeneralSecurityException;
}
private static final int HANDSHAKE_FRAME_SIZE = 1024;
private final NettyTsiHandshaker handshaker;
private final HandshakeValidator handshakeValidator;
private final ChannelHandler next;
private final AsyncSemaphore semaphore;
private ProtocolNegotiationEvent pne;
private boolean semaphoreAcquired;
private final ChannelLogger negotiationLogger;
/**
* Constructs a TsiHandshakeHandler.
*/
public TsiHandshakeHandler(
ChannelHandler next, NettyTsiHandshaker handshaker, HandshakeValidator handshakeValidator,
ChannelLogger negotiationLogger) {
this(next, handshaker, handshakeValidator, null, negotiationLogger);
}
/**
* Constructs a TsHandshakeHandler. If a semaphore is provided, a permit from the semaphore is
* required to start the handshake and is returned when the handshake ends.
*/
public TsiHandshakeHandler(
ChannelHandler next, NettyTsiHandshaker handshaker, HandshakeValidator handshakeValidator,
AsyncSemaphore semaphore, ChannelLogger negotiationLogger) {
this.handshaker = checkNotNull(handshaker, "handshaker");
this.handshakeValidator = checkNotNull(handshakeValidator, "handshakeValidator");
this.next = checkNotNull(next, "next");
this.semaphore = semaphore;
this.negotiationLogger = negotiationLogger;
}
@Override
protected void decodeLast(ChannelHandlerContext ctx, ByteBuf in, List© 2015 - 2025 Weber Informatics LLC | Privacy Policy