diff options
Diffstat (limited to 'src/core/security/security_context.h')
-rw-r--r-- | src/core/security/security_context.h | 176 |
1 files changed, 176 insertions, 0 deletions
diff --git a/src/core/security/security_context.h b/src/core/security/security_context.h new file mode 100644 index 0000000000..59c9bbdf34 --- /dev/null +++ b/src/core/security/security_context.h @@ -0,0 +1,176 @@ +/* + * + * Copyright 2014, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef __GRPC_INTERNAL_SECURITY_SECURITY_CONTEXT_H__ +#define __GRPC_INTERNAL_SECURITY_SECURITY_CONTEXT_H__ + +#include <grpc/grpc_security.h> +#include "src/core/endpoint/endpoint.h" +#include "src/core/security/credentials.h" +#include "src/core/tsi/transport_security_interface.h" + +/* --- status enum. --- */ + +typedef enum { + GRPC_SECURITY_OK = 0, + GRPC_SECURITY_PENDING, + GRPC_SECURITY_ERROR +} grpc_security_status; + +/* --- security_context object. --- + + A security context object represents away to configure the underlying + transport security mechanism and check the resulting trusted peer. */ + +typedef struct grpc_security_context grpc_security_context; + +#define GRPC_SECURITY_CONTEXT_ARG "grpc.security_context" + +typedef void (*grpc_security_check_peer_cb)(void *user_data, + grpc_security_status status); + +typedef struct { + void (*destroy)(grpc_security_context *ctx); + grpc_security_status (*create_handshaker)(grpc_security_context *ctx, + tsi_handshaker **handshaker); + grpc_security_status (*check_peer)(grpc_security_context *ctx, + const tsi_peer *peer, + grpc_security_check_peer_cb, + void *user_data); +} grpc_security_context_vtable; + +struct grpc_security_context { + const grpc_security_context_vtable *vtable; + gpr_refcount refcount; + int is_client_side; +}; + +/* Increments the refcount. */ +grpc_security_context *grpc_security_context_ref(grpc_security_context *ctx); + +/* Decrements the refcount and destroys the object if it reaches 0. */ +void grpc_security_context_unref(grpc_security_context *ctx); + +/* Handshake creation. */ +grpc_security_status grpc_security_context_create_handshaker( + grpc_security_context *ctx, tsi_handshaker **handshaker); + +/* Check the peer. + Implementations can choose to check the peer either synchronously or + asynchronously. In the first case, a successful will return + GRPC_SECURITY_OK. In the asynchronous case, the call will return + GRPC_SECURITY_PENDING unless an error is detected early on. + + Note: + Asynchronous implementations of this interface should make a copy of the + fields of the peer they want to check as there is no guarantee on the + lifetime of the peer object beyond this call. +*/ +grpc_security_status grpc_security_context_check_peer( + grpc_security_context *ctx, const tsi_peer *peer, + grpc_security_check_peer_cb cb, void *user_data); + +/* Util to encapsulate the context in a channel arg. */ +grpc_arg grpc_security_context_to_arg(grpc_security_context *ctx); + +/* Util to get the context from a channel arg. */ +grpc_security_context *grpc_security_context_from_arg(const grpc_arg *arg); + +/* Util to find the context from channel args. */ +grpc_security_context *grpc_find_security_context_in_args( + const grpc_channel_args *args); + +/* --- channel_security_context object. --- + + A channel security context object represents away to configure the + underlying transport security mechanism on the client side. */ + +typedef struct grpc_channel_security_context grpc_channel_security_context; + +struct grpc_channel_security_context { + grpc_security_context base; /* requires is_client_side to be non 0. */ + grpc_credentials *request_metadata_only_creds; +}; + +/* --- Creation security contexts. --- */ + +/* For TESTING ONLY! + Creates a fake context that emulates real channel security. */ +grpc_channel_security_context *grpc_fake_channel_security_context_create( + grpc_credentials *request_metadata_only_creds); + +/* For TESTING ONLY! + Creates a fake context that emulates real server security. */ +grpc_security_context *grpc_fake_server_security_context_create(void); + +/* Creates an SSL channel_security_context. + - request_metadata_only_creds is the credentials object which metadata + will be sent with each request. This parameter can be NULL. + - config is the SSL config to be used for the SSL channel establishment. + - is_client should be 0 for a server or a non-0 value for a client. + - secure_peer_name is the secure peer name that should be checked in + grpc_channel_security_context_check_peer. This parameter may be NULL in + which case the peer name will not be checked. Note that if this parameter + is not NULL, then, pem_root_certs should not be NULL either. + - ctx is a pointer on the context to be created. + This function returns GRPC_SECURITY_OK in case of success or a + specific error code otherwise. +*/ +grpc_security_status grpc_ssl_channel_security_context_create( + grpc_credentials *request_metadata_only_creds, + const grpc_ssl_config *config, const char *secure_peer_name, + grpc_channel_security_context **ctx); + +/* Creates an SSL server_security_context. + - config is the SSL config to be used for the SSL channel establishment. + - ctx is a pointer on the context to be created. + This function returns GRPC_SECURITY_OK in case of success or a + specific error code otherwise. +*/ +grpc_security_status grpc_ssl_server_security_context_create( + const grpc_ssl_config *config, grpc_security_context **ctx); + + +/* --- Creation of high level objects. --- */ + +/* Secure client channel creation. */ +grpc_channel *grpc_secure_channel_create_internal( + const char *target, const grpc_channel_args *args, + grpc_channel_security_context *ctx); + +/* Secure server creation. */ +grpc_server *grpc_secure_server_create_internal( + grpc_completion_queue *cq, const grpc_channel_args *args, + grpc_security_context *ctx); + +#endif /* __GRPC_INTERNAL_SECURITY_SECURITY_CONTEXT_H__ */ |