GRPC Core  9.0.0
ssl_credentials.h
Go to the documentation of this file.
1 /*
2  *
3  * Copyright 2016 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 #ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_SSL_SSL_CREDENTIALS_H
19 #define GRPC_CORE_LIB_SECURITY_CREDENTIALS_SSL_SSL_CREDENTIALS_H
20 
22 
24 
26 
28  public:
29  grpc_ssl_credentials(const char* pem_root_certs,
30  grpc_ssl_pem_key_cert_pair* pem_key_cert_pair,
31  const grpc_ssl_verify_peer_options* verify_options);
32 
33  ~grpc_ssl_credentials() override;
34 
38  const char* target, const grpc_channel_args* args,
39  grpc_channel_args** new_args) override;
40 
41  private:
42  void build_config(const char* pem_root_certs,
43  grpc_ssl_pem_key_cert_pair* pem_key_cert_pair,
44  const grpc_ssl_verify_peer_options* verify_options);
45 
46  grpc_ssl_config config_;
47 };
48 
51  size_t num_key_cert_pairs = 0;
52  char* pem_root_certs = nullptr;
53 };
54 
57  void* user_data;
58 };
59 
61  public:
65 
67  create_security_connector() override;
68 
69  bool has_cert_config_fetcher() const {
70  return certificate_config_fetcher_.cb != nullptr;
71  }
72 
76  return certificate_config_fetcher_.cb(certificate_config_fetcher_.user_data,
77  config);
78  }
79 
80  const grpc_ssl_server_config& config() const { return config_; }
81 
82  private:
83  void build_config(
84  const char* pem_root_certs,
85  grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, size_t num_key_cert_pairs,
86  grpc_ssl_client_certificate_request_type client_certificate_request);
87 
88  grpc_ssl_server_config config_;
89  grpc_ssl_server_certificate_config_fetcher certificate_config_fetcher_;
90 };
91 
93  const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
94  size_t num_key_cert_pairs);
95 
97  size_t num_key_cert_pairs);
98 
99 #endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_SSL_SSL_CREDENTIALS_H */
grpc_ssl_certificate_config_reload_status
Callback results for dynamically loading a SSL certificate config.
Definition: grpc_security_constants.h:53
grpc_ssl_pem_key_cert_pair * pem_key_cert_pairs
Definition: ssl_credentials.h:50
grpc_core::RefCountedPtr< grpc_server_security_connector > create_security_connector() override
Definition: ssl_credentials.cc:183
char * pem_root_certs
Definition: ssl_credentials.h:52
Definition: ssl_credentials.cc:157
const grpc_ssl_server_config & config() const
Definition: ssl_credentials.h:80
void * user_data
Definition: ssl_credentials.h:57
An array of arguments that can be passed around.
Definition: grpc_types.h:132
Definition: credentials.h:99
bool has_cert_config_fetcher() const
Definition: ssl_credentials.h:69
size_t num_key_cert_pairs
Definition: ssl_credentials.h:51
grpc_core::RefCountedPtr< grpc_channel_security_connector > create_security_connector(grpc_core::RefCountedPtr< grpc_call_credentials > call_creds, const char *target, const grpc_channel_args *args, grpc_channel_args **new_args) override
Definition: ssl_credentials.cc:64
Definition: credentials.h:263
Definition: ssl_credentials.h:60
Object that holds additional peer-verification options on a secure channel.
Definition: grpc_security.h:190
Definition: ssl_credentials.h:49
Definition: ssl_credentials.h:55
Object that holds a private key / certificate chain pair in PEM format.
Definition: grpc_security.h:156
Definition: ref_counted_ptr.h:35
grpc_ssl_certificate_config_reload_status FetchCertConfig(grpc_ssl_server_certificate_config **config)
Definition: ssl_credentials.h:73
Definition: ssl_security_connector.h:60
grpc_ssl_client_certificate_request_type
Definition: grpc_security_constants.h:59
~grpc_ssl_server_credentials() override
Definition: ssl_credentials.cc:177
Definition: ssl_transport_security.h:78
Definition: ssl_credentials.h:27
grpc_ssl_server_certificate_config_callback cb
Definition: ssl_credentials.h:56
grpc_ssl_credentials(const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair, const grpc_ssl_verify_peer_options *verify_options)
Definition: ssl_credentials.cc:47
tsi_ssl_pem_key_cert_pair * grpc_convert_grpc_to_tsi_cert_pairs(const grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs)
Definition: ssl_credentials.cc:187
Definition: ssl_security_connector.h:32
#define GPR_DEBUG_ASSERT(x)
Definition: log.h:103
grpc_ssl_certificate_config_reload_status(* grpc_ssl_server_certificate_config_callback)(void *user_data, grpc_ssl_server_certificate_config **config)
Callback to retrieve updated SSL server certificates, private keys, and trusted CAs (for client authe...
Definition: grpc_security.h:496
void grpc_tsi_ssl_pem_key_cert_pairs_destroy(tsi_ssl_pem_key_cert_pair *kp, size_t num_key_cert_pairs)
Definition: ssl_credentials.cc:37
~grpc_ssl_credentials() override
Definition: ssl_credentials.cc:54
grpc_ssl_server_credentials(const grpc_ssl_server_credentials_options &options)
Definition: ssl_credentials.cc:163