• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 //
2 //
3 // Copyright 2019 gRPC authors.
4 //
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 //
9 //     http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 //
17 //
18 
19 #include <memory>
20 #include <string>
21 #include <utility>
22 
23 #include <grpc/grpc_security.h>
24 #include <grpc/grpc_security_constants.h>
25 #include <grpc/support/log.h>
26 #include <grpcpp/security/tls_certificate_provider.h>
27 #include <grpcpp/security/tls_certificate_verifier.h>
28 #include <grpcpp/security/tls_credentials_options.h>
29 
30 namespace grpc {
31 namespace experimental {
32 
TlsCredentialsOptions()33 TlsCredentialsOptions::TlsCredentialsOptions() {
34   c_credentials_options_ = grpc_tls_credentials_options_create();
35 }
36 
set_certificate_provider(std::shared_ptr<CertificateProviderInterface> certificate_provider)37 void TlsCredentialsOptions::set_certificate_provider(
38     std::shared_ptr<CertificateProviderInterface> certificate_provider) {
39   certificate_provider_ = std::move(certificate_provider);
40   if (certificate_provider_ != nullptr) {
41     grpc_tls_credentials_options_set_certificate_provider(
42         c_credentials_options_, certificate_provider_->c_provider());
43   }
44 }
45 
watch_root_certs()46 void TlsCredentialsOptions::watch_root_certs() {
47   grpc_tls_credentials_options_watch_root_certs(c_credentials_options_);
48 }
49 
set_root_cert_name(const std::string & root_cert_name)50 void TlsCredentialsOptions::set_root_cert_name(
51     const std::string& root_cert_name) {
52   grpc_tls_credentials_options_set_root_cert_name(c_credentials_options_,
53                                                   root_cert_name.c_str());
54 }
55 
watch_identity_key_cert_pairs()56 void TlsCredentialsOptions::watch_identity_key_cert_pairs() {
57   grpc_tls_credentials_options_watch_identity_key_cert_pairs(
58       c_credentials_options_);
59 }
60 
set_identity_cert_name(const std::string & identity_cert_name)61 void TlsCredentialsOptions::set_identity_cert_name(
62     const std::string& identity_cert_name) {
63   grpc_tls_credentials_options_set_identity_cert_name(
64       c_credentials_options_, identity_cert_name.c_str());
65 }
66 
set_crl_directory(const std::string & path)67 void TlsCredentialsOptions::set_crl_directory(const std::string& path) {
68   grpc_tls_credentials_options_set_crl_directory(c_credentials_options_,
69                                                  path.c_str());
70 }
71 
set_tls_session_key_log_file_path(const std::string & tls_session_key_log_file_path)72 void TlsCredentialsOptions::set_tls_session_key_log_file_path(
73     const std::string& tls_session_key_log_file_path) {
74   grpc_tls_credentials_options_set_tls_session_key_log_file_path(
75       c_credentials_options_, tls_session_key_log_file_path.c_str());
76 }
77 
set_certificate_verifier(std::shared_ptr<CertificateVerifier> certificate_verifier)78 void TlsCredentialsOptions::set_certificate_verifier(
79     std::shared_ptr<CertificateVerifier> certificate_verifier) {
80   certificate_verifier_ = std::move(certificate_verifier);
81   if (certificate_verifier_ != nullptr) {
82     grpc_tls_credentials_options_set_certificate_verifier(
83         c_credentials_options_, certificate_verifier_->c_verifier());
84   }
85 }
86 
set_check_call_host(bool check_call_host)87 void TlsCredentialsOptions::set_check_call_host(bool check_call_host) {
88   grpc_tls_credentials_options* options = c_credentials_options();
89   GPR_ASSERT(options != nullptr);
90   grpc_tls_credentials_options_set_check_call_host(options, check_call_host);
91 }
92 
set_verify_server_certs(bool verify_server_certs)93 void TlsChannelCredentialsOptions::set_verify_server_certs(
94     bool verify_server_certs) {
95   grpc_tls_credentials_options* options = c_credentials_options();
96   GPR_ASSERT(options != nullptr);
97   grpc_tls_credentials_options_set_verify_server_cert(options,
98                                                       verify_server_certs);
99 }
100 
set_cert_request_type(grpc_ssl_client_certificate_request_type cert_request_type)101 void TlsServerCredentialsOptions::set_cert_request_type(
102     grpc_ssl_client_certificate_request_type cert_request_type) {
103   grpc_tls_credentials_options* options = c_credentials_options();
104   GPR_ASSERT(options != nullptr);
105   grpc_tls_credentials_options_set_cert_request_type(options,
106                                                      cert_request_type);
107 }
108 
set_send_client_ca_list(bool send_client_ca_list)109 void TlsServerCredentialsOptions::set_send_client_ca_list(
110     bool send_client_ca_list) {
111   grpc_tls_credentials_options* options = c_credentials_options();
112   GPR_ASSERT(options != nullptr);
113   grpc_tls_credentials_options_set_send_client_ca_list(options,
114                                                        send_client_ca_list);
115 }
116 
117 }  // namespace experimental
118 }  // namespace grpc
119