3 * Copyright 2018 gRPC authors.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
19 #include <grpc/support/port_platform.h>
21 #include "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h"
26 #include <grpc/support/alloc.h>
27 #include <grpc/support/log.h>
28 #include <grpc/support/string_util.h>
30 /** -- gRPC TLS key materials config API implementation. -- **/
31 void grpc_tls_key_materials_config::set_key_materials(
32 grpc_core::UniquePtr<char> pem_root_certs,
33 PemKeyCertPairList pem_key_cert_pair_list) {
34 pem_key_cert_pair_list_ = std::move(pem_key_cert_pair_list);
35 pem_root_certs_ = std::move(pem_root_certs);
38 /** -- gRPC TLS credential reload config API implementation. -- **/
39 grpc_tls_credential_reload_config::grpc_tls_credential_reload_config(
40 const void* config_user_data,
41 int (*schedule)(void* config_user_data,
42 grpc_tls_credential_reload_arg* arg),
43 void (*cancel)(void* config_user_data, grpc_tls_credential_reload_arg* arg),
44 void (*destruct)(void* config_user_data))
45 : config_user_data_(const_cast<void*>(config_user_data)),
48 destruct_(destruct) {}
50 grpc_tls_credential_reload_config::~grpc_tls_credential_reload_config() {
51 if (destruct_ != nullptr) {
52 destruct_((void*)config_user_data_);
56 /** -- gRPC TLS server authorization check API implementation. -- **/
57 grpc_tls_server_authorization_check_config::
58 grpc_tls_server_authorization_check_config(
59 const void* config_user_data,
60 int (*schedule)(void* config_user_data,
61 grpc_tls_server_authorization_check_arg* arg),
62 void (*cancel)(void* config_user_data,
63 grpc_tls_server_authorization_check_arg* arg),
64 void (*destruct)(void* config_user_data))
65 : config_user_data_(const_cast<void*>(config_user_data)),
68 destruct_(destruct) {}
70 grpc_tls_server_authorization_check_config::
71 ~grpc_tls_server_authorization_check_config() {
72 if (destruct_ != nullptr) {
73 destruct_((void*)config_user_data_);
77 /** -- Wrapper APIs declared in grpc_security.h -- **/
78 grpc_tls_credentials_options* grpc_tls_credentials_options_create() {
79 return grpc_core::New<grpc_tls_credentials_options>();
82 int grpc_tls_credentials_options_set_cert_request_type(
83 grpc_tls_credentials_options* options,
84 grpc_ssl_client_certificate_request_type type) {
85 if (options == nullptr) {
87 "Invalid nullptr arguments to "
88 "grpc_tls_credentials_options_set_cert_request_type()");
91 options->set_cert_request_type(type);
95 int grpc_tls_credentials_options_set_key_materials_config(
96 grpc_tls_credentials_options* options,
97 grpc_tls_key_materials_config* config) {
98 if (options == nullptr || config == nullptr) {
100 "Invalid nullptr arguments to "
101 "grpc_tls_credentials_options_set_key_materials_config()");
104 options->set_key_materials_config(config->Ref());
108 int grpc_tls_credentials_options_set_credential_reload_config(
109 grpc_tls_credentials_options* options,
110 grpc_tls_credential_reload_config* config) {
111 if (options == nullptr || config == nullptr) {
113 "Invalid nullptr arguments to "
114 "grpc_tls_credentials_options_set_credential_reload_config()");
117 options->set_credential_reload_config(config->Ref());
121 int grpc_tls_credentials_options_set_server_authorization_check_config(
122 grpc_tls_credentials_options* options,
123 grpc_tls_server_authorization_check_config* config) {
124 if (options == nullptr || config == nullptr) {
127 "Invalid nullptr arguments to "
128 "grpc_tls_credentials_options_set_server_authorization_check_config()");
131 options->set_server_authorization_check_config(config->Ref());
135 grpc_tls_key_materials_config* grpc_tls_key_materials_config_create() {
136 return grpc_core::New<grpc_tls_key_materials_config>();
139 int grpc_tls_key_materials_config_set_key_materials(
140 grpc_tls_key_materials_config* config, const char* root_certs,
141 const grpc_ssl_pem_key_cert_pair** key_cert_pairs, size_t num) {
142 if (config == nullptr || key_cert_pairs == nullptr || num == 0) {
144 "Invalid arguments to "
145 "grpc_tls_key_materials_config_set_key_materials()");
148 grpc_core::UniquePtr<char> pem_root(const_cast<char*>(root_certs));
149 grpc_tls_key_materials_config::PemKeyCertPairList cert_pair_list;
150 for (size_t i = 0; i < num; i++) {
151 grpc_core::PemKeyCertPair key_cert_pair(
152 const_cast<grpc_ssl_pem_key_cert_pair*>(key_cert_pairs[i]));
153 cert_pair_list.emplace_back(std::move(key_cert_pair));
155 config->set_key_materials(std::move(pem_root), std::move(cert_pair_list));
156 gpr_free(key_cert_pairs);
160 int grpc_tls_key_materials_config_set_version(
161 grpc_tls_key_materials_config* config, int version) {
162 if (config == nullptr) {
164 "Invalid arguments to "
165 "grpc_tls_key_materials_config_set_version()");
168 config->set_version(version);
172 int grpc_tls_key_materials_config_get_version(
173 grpc_tls_key_materials_config* config) {
174 if (config == nullptr) {
176 "Invalid arguments to "
177 "grpc_tls_key_materials_config_get_version()");
180 return config->version();
183 grpc_tls_credential_reload_config* grpc_tls_credential_reload_config_create(
184 const void* config_user_data,
185 int (*schedule)(void* config_user_data,
186 grpc_tls_credential_reload_arg* arg),
187 void (*cancel)(void* config_user_data, grpc_tls_credential_reload_arg* arg),
188 void (*destruct)(void* config_user_data)) {
189 if (schedule == nullptr) {
192 "Schedule API is nullptr in creating TLS credential reload config.");
195 return grpc_core::New<grpc_tls_credential_reload_config>(
196 config_user_data, schedule, cancel, destruct);
199 grpc_tls_server_authorization_check_config*
200 grpc_tls_server_authorization_check_config_create(
201 const void* config_user_data,
202 int (*schedule)(void* config_user_data,
203 grpc_tls_server_authorization_check_arg* arg),
204 void (*cancel)(void* config_user_data,
205 grpc_tls_server_authorization_check_arg* arg),
206 void (*destruct)(void* config_user_data)) {
207 if (schedule == nullptr) {
209 "Schedule API is nullptr in creating TLS server authorization "
213 return grpc_core::New<grpc_tls_server_authorization_check_config>(
214 config_user_data, schedule, cancel, destruct);