GRPC Core  9.0.0
Data Structures | Macros | Functions
ssl_transport_security.cc File Reference
#include <grpc/support/port_platform.h>
#include "src/core/tsi/grpc_shadow_boringssl.h"
#include "src/core/tsi/ssl_transport_security.h"
#include <limits.h>
#include <string.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <grpc/support/alloc.h>
#include <grpc/support/log.h>
#include <grpc/support/string_util.h>
#include <grpc/support/sync.h>
#include <grpc/support/thd_id.h>
#include <openssl/bio.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include "src/core/lib/gpr/useful.h"
#include "src/core/tsi/ssl/session_cache/ssl_session_cache.h"
#include "src/core/tsi/ssl_types.h"
#include "src/core/tsi/transport_security.h"

Data Structures

struct  tsi_ssl_root_certs_store
 
struct  tsi_ssl_handshaker_factory
 
struct  tsi_ssl_client_handshaker_factory
 
struct  tsi_ssl_server_handshaker_factory
 
struct  tsi_ssl_handshaker
 
struct  tsi_ssl_handshaker_result
 
struct  tsi_ssl_frame_protector
 

Macros

#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND   16384
 
#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_LOWER_BOUND   1024
 
#define TSI_SSL_HANDSHAKER_OUTGOING_BUFFER_INITIAL_SIZE   1024
 
#define TSI_OPENSSL_ALPN_SUPPORT   1
 
#define TSI_SSL_MAX_PROTECTION_OVERHEAD   100
 

Functions

tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert (const char *pem_cert, tsi_peer *peer)
 
tsi_ssl_root_certs_storetsi_ssl_root_certs_store_create (const char *pem_roots)
 
void tsi_ssl_root_certs_store_destroy (tsi_ssl_root_certs_store *self)
 
tsi_ssl_session_cachetsi_ssl_session_cache_create_lru (size_t capacity)
 
void tsi_ssl_session_cache_ref (tsi_ssl_session_cache *cache)
 
void tsi_ssl_session_cache_unref (tsi_ssl_session_cache *cache)
 
tsi_result tsi_ssl_client_handshaker_factory_create_handshaker (tsi_ssl_client_handshaker_factory *self, const char *server_name_indication, tsi_handshaker **handshaker)
 
void tsi_ssl_client_handshaker_factory_unref (tsi_ssl_client_handshaker_factory *self)
 
tsi_result tsi_ssl_server_handshaker_factory_create_handshaker (tsi_ssl_server_handshaker_factory *self, tsi_handshaker **handshaker)
 
void tsi_ssl_server_handshaker_factory_unref (tsi_ssl_server_handshaker_factory *self)
 
tsi_result tsi_create_ssl_client_handshaker_factory (const tsi_ssl_pem_key_cert_pair *pem_key_cert_pair, const char *pem_root_certs, const char *cipher_suites, const char **alpn_protocols, uint16_t num_alpn_protocols, tsi_ssl_client_handshaker_factory **factory)
 
tsi_result tsi_create_ssl_client_handshaker_factory_with_options (const tsi_ssl_client_handshaker_options *options, tsi_ssl_client_handshaker_factory **factory)
 
tsi_result tsi_create_ssl_server_handshaker_factory (const tsi_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs, const char *pem_client_root_certs, int force_client_auth, const char *cipher_suites, const char **alpn_protocols, uint16_t num_alpn_protocols, tsi_ssl_server_handshaker_factory **factory)
 
tsi_result tsi_create_ssl_server_handshaker_factory_ex (const tsi_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs, const char *pem_client_root_certs, tsi_client_certificate_request_type client_certificate_request, const char *cipher_suites, const char **alpn_protocols, uint16_t num_alpn_protocols, tsi_ssl_server_handshaker_factory **factory)
 
tsi_result tsi_create_ssl_server_handshaker_factory_with_options (const tsi_ssl_server_handshaker_options *options, tsi_ssl_server_handshaker_factory **factory)
 
int tsi_ssl_peer_matches_name (const tsi_peer *peer, grpc_core::StringView name)
 
const tsi_ssl_handshaker_factory_vtabletsi_ssl_handshaker_factory_swap_vtable (tsi_ssl_handshaker_factory *factory, tsi_ssl_handshaker_factory_vtable *new_vtable)
 

Macro Definition Documentation

◆ TSI_OPENSSL_ALPN_SUPPORT

#define TSI_OPENSSL_ALPN_SUPPORT   1

◆ TSI_SSL_HANDSHAKER_OUTGOING_BUFFER_INITIAL_SIZE

#define TSI_SSL_HANDSHAKER_OUTGOING_BUFFER_INITIAL_SIZE   1024

◆ TSI_SSL_MAX_PROTECTED_FRAME_SIZE_LOWER_BOUND

#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_LOWER_BOUND   1024

◆ TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND

#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND   16384

◆ TSI_SSL_MAX_PROTECTION_OVERHEAD

#define TSI_SSL_MAX_PROTECTION_OVERHEAD   100

Function Documentation

◆ tsi_create_ssl_client_handshaker_factory()

tsi_result tsi_create_ssl_client_handshaker_factory ( const tsi_ssl_pem_key_cert_pair pem_key_cert_pair,
const char *  pem_root_certs,
const char *  cipher_suites,
const char **  alpn_protocols,
uint16_t  num_alpn_protocols,
tsi_ssl_client_handshaker_factory **  factory 
)

◆ tsi_create_ssl_client_handshaker_factory_with_options()

tsi_result tsi_create_ssl_client_handshaker_factory_with_options ( const tsi_ssl_client_handshaker_options options,
tsi_ssl_client_handshaker_factory **  factory 
)

◆ tsi_create_ssl_server_handshaker_factory()

tsi_result tsi_create_ssl_server_handshaker_factory ( const tsi_ssl_pem_key_cert_pair pem_key_cert_pairs,
size_t  num_key_cert_pairs,
const char *  pem_client_root_certs,
int  force_client_auth,
const char *  cipher_suites,
const char **  alpn_protocols,
uint16_t  num_alpn_protocols,
tsi_ssl_server_handshaker_factory **  factory 
)

◆ tsi_create_ssl_server_handshaker_factory_ex()

tsi_result tsi_create_ssl_server_handshaker_factory_ex ( const tsi_ssl_pem_key_cert_pair pem_key_cert_pairs,
size_t  num_key_cert_pairs,
const char *  pem_client_root_certs,
tsi_client_certificate_request_type  client_certificate_request,
const char *  cipher_suites,
const char **  alpn_protocols,
uint16_t  num_alpn_protocols,
tsi_ssl_server_handshaker_factory **  factory 
)

◆ tsi_create_ssl_server_handshaker_factory_with_options()

tsi_result tsi_create_ssl_server_handshaker_factory_with_options ( const tsi_ssl_server_handshaker_options options,
tsi_ssl_server_handshaker_factory **  factory 
)

◆ tsi_ssl_client_handshaker_factory_create_handshaker()

tsi_result tsi_ssl_client_handshaker_factory_create_handshaker ( tsi_ssl_client_handshaker_factory self,
const char *  server_name_indication,
tsi_handshaker **  handshaker 
)

◆ tsi_ssl_client_handshaker_factory_unref()

void tsi_ssl_client_handshaker_factory_unref ( tsi_ssl_client_handshaker_factory self)

◆ tsi_ssl_extract_x509_subject_names_from_pem_cert()

tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert ( const char *  pem_cert,
tsi_peer peer 
)

◆ tsi_ssl_handshaker_factory_swap_vtable()

const tsi_ssl_handshaker_factory_vtable* tsi_ssl_handshaker_factory_swap_vtable ( tsi_ssl_handshaker_factory factory,
tsi_ssl_handshaker_factory_vtable new_vtable 
)

◆ tsi_ssl_peer_matches_name()

int tsi_ssl_peer_matches_name ( const tsi_peer peer,
grpc_core::StringView  name 
)

◆ tsi_ssl_root_certs_store_create()

tsi_ssl_root_certs_store* tsi_ssl_root_certs_store_create ( const char *  pem_roots)

◆ tsi_ssl_root_certs_store_destroy()

void tsi_ssl_root_certs_store_destroy ( tsi_ssl_root_certs_store self)

◆ tsi_ssl_server_handshaker_factory_create_handshaker()

tsi_result tsi_ssl_server_handshaker_factory_create_handshaker ( tsi_ssl_server_handshaker_factory self,
tsi_handshaker **  handshaker 
)

◆ tsi_ssl_server_handshaker_factory_unref()

void tsi_ssl_server_handshaker_factory_unref ( tsi_ssl_server_handshaker_factory self)

◆ tsi_ssl_session_cache_create_lru()

tsi_ssl_session_cache* tsi_ssl_session_cache_create_lru ( size_t  capacity)

◆ tsi_ssl_session_cache_ref()

void tsi_ssl_session_cache_ref ( tsi_ssl_session_cache cache)

◆ tsi_ssl_session_cache_unref()

void tsi_ssl_session_cache_unref ( tsi_ssl_session_cache cache)