xref: /aosp_15_r20/external/grpc-grpc/src/cpp/common/tls_credentials_options.cc (revision cc02d7e222339f7a4f6ba5f422e6413f4bd931f2) 
1 //
2 //
3 // Copyright 2019 gRPC authors.
4 //
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 //
9 //     http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 //
17 //
18 
19 #include <memory>
20 #include <string>
21 
22 #include <grpc/grpc_crl_provider.h>
23 #include <grpc/grpc_security.h>
24 #include <grpc/grpc_security_constants.h>
25 #include <grpc/support/log.h>
26 #include <grpcpp/security/tls_certificate_provider.h>
27 #include <grpcpp/security/tls_certificate_verifier.h>
28 #include <grpcpp/security/tls_credentials_options.h>
29 #include <grpcpp/security/tls_crl_provider.h>
30 
31 namespace grpc {
32 namespace experimental {
33 
TlsCredentialsOptions()34 TlsCredentialsOptions::TlsCredentialsOptions() {
35   c_credentials_options_ = grpc_tls_credentials_options_create();
36 }
37 
~TlsCredentialsOptions()38 TlsCredentialsOptions::~TlsCredentialsOptions() {
39   grpc_tls_credentials_options_destroy(c_credentials_options_);
40 }
41 
TlsCredentialsOptions(const TlsCredentialsOptions & other)42 TlsCredentialsOptions::TlsCredentialsOptions(
43     const TlsCredentialsOptions& other) {
44   c_credentials_options_ =
45       grpc_tls_credentials_options_copy(other.c_credentials_options_);
46 }
47 
set_certificate_provider(std::shared_ptr<CertificateProviderInterface> certificate_provider)48 void TlsCredentialsOptions::set_certificate_provider(
49     std::shared_ptr<CertificateProviderInterface> certificate_provider) {
50   certificate_provider_ = certificate_provider;
51   if (certificate_provider_ != nullptr) {
52     grpc_tls_credentials_options_set_certificate_provider(
53         c_credentials_options_, certificate_provider_->c_provider());
54   }
55 }
56 
set_crl_provider(std::shared_ptr<CrlProvider> crl_provider)57 void TlsCredentialsOptions::set_crl_provider(
58     std::shared_ptr<CrlProvider> crl_provider) {
59   grpc_tls_credentials_options_set_crl_provider(c_credentials_options_,
60                                                 crl_provider);
61 }
62 
watch_root_certs()63 void TlsCredentialsOptions::watch_root_certs() {
64   grpc_tls_credentials_options_watch_root_certs(c_credentials_options_);
65 }
66 
set_root_cert_name(const std::string & root_cert_name)67 void TlsCredentialsOptions::set_root_cert_name(
68     const std::string& root_cert_name) {
69   grpc_tls_credentials_options_set_root_cert_name(c_credentials_options_,
70                                                   root_cert_name.c_str());
71 }
72 
watch_identity_key_cert_pairs()73 void TlsCredentialsOptions::watch_identity_key_cert_pairs() {
74   grpc_tls_credentials_options_watch_identity_key_cert_pairs(
75       c_credentials_options_);
76 }
77 
set_identity_cert_name(const std::string & identity_cert_name)78 void TlsCredentialsOptions::set_identity_cert_name(
79     const std::string& identity_cert_name) {
80   grpc_tls_credentials_options_set_identity_cert_name(
81       c_credentials_options_, identity_cert_name.c_str());
82 }
83 
set_crl_directory(const std::string & path)84 void TlsCredentialsOptions::set_crl_directory(const std::string& path) {
85   grpc_tls_credentials_options_set_crl_directory(c_credentials_options_,
86                                                  path.c_str());
87 }
88 
set_tls_session_key_log_file_path(const std::string & tls_session_key_log_file_path)89 void TlsCredentialsOptions::set_tls_session_key_log_file_path(
90     const std::string& tls_session_key_log_file_path) {
91   grpc_tls_credentials_options_set_tls_session_key_log_file_path(
92       c_credentials_options_, tls_session_key_log_file_path.c_str());
93 }
94 
set_certificate_verifier(std::shared_ptr<CertificateVerifier> certificate_verifier)95 void TlsCredentialsOptions::set_certificate_verifier(
96     std::shared_ptr<CertificateVerifier> certificate_verifier) {
97   certificate_verifier_ = certificate_verifier;
98   if (certificate_verifier_ != nullptr) {
99     grpc_tls_credentials_options_set_certificate_verifier(
100         c_credentials_options_, certificate_verifier_->c_verifier());
101   }
102 }
103 
set_min_tls_version(grpc_tls_version tls_version)104 void TlsCredentialsOptions::set_min_tls_version(grpc_tls_version tls_version) {
105   grpc_tls_credentials_options* options = mutable_c_credentials_options();
106   GPR_ASSERT(options != nullptr);
107   grpc_tls_credentials_options_set_min_tls_version(options, tls_version);
108 }
109 
set_max_tls_version(grpc_tls_version tls_version)110 void TlsCredentialsOptions::set_max_tls_version(grpc_tls_version tls_version) {
111   grpc_tls_credentials_options* options = mutable_c_credentials_options();
112   GPR_ASSERT(options != nullptr);
113   grpc_tls_credentials_options_set_max_tls_version(options, tls_version);
114 }
115 
c_credentials_options() const116 grpc_tls_credentials_options* TlsCredentialsOptions::c_credentials_options()
117     const {
118   return grpc_tls_credentials_options_copy(c_credentials_options_);
119 }
120 
set_check_call_host(bool check_call_host)121 void TlsCredentialsOptions::set_check_call_host(bool check_call_host) {
122   grpc_tls_credentials_options* options = mutable_c_credentials_options();
123   GPR_ASSERT(options != nullptr);
124   grpc_tls_credentials_options_set_check_call_host(options, check_call_host);
125 }
126 
set_verify_server_certs(bool verify_server_certs)127 void TlsChannelCredentialsOptions::set_verify_server_certs(
128     bool verify_server_certs) {
129   grpc_tls_credentials_options* options = mutable_c_credentials_options();
130   GPR_ASSERT(options != nullptr);
131   grpc_tls_credentials_options_set_verify_server_cert(options,
132                                                       verify_server_certs);
133 }
134 
set_cert_request_type(grpc_ssl_client_certificate_request_type cert_request_type)135 void TlsServerCredentialsOptions::set_cert_request_type(
136     grpc_ssl_client_certificate_request_type cert_request_type) {
137   grpc_tls_credentials_options* options = mutable_c_credentials_options();
138   GPR_ASSERT(options != nullptr);
139   grpc_tls_credentials_options_set_cert_request_type(options,
140                                                      cert_request_type);
141 }
142 
set_send_client_ca_list(bool send_client_ca_list)143 void TlsServerCredentialsOptions::set_send_client_ca_list(
144     bool send_client_ca_list) {
145   grpc_tls_credentials_options* options = mutable_c_credentials_options();
146   GPR_ASSERT(options != nullptr);
147   grpc_tls_credentials_options_set_send_client_ca_list(options,
148                                                        send_client_ca_list);
149 }
150 
151 }  // namespace experimental
152 }  // namespace grpc
153