| 1 | /* |
|---|
| 2 | * |
|---|
| 3 | * Copyright 2016 gRPC authors. |
|---|
| 4 | * |
|---|
| 5 | * Licensed under the Apache License, Version 2.0 (the "License"); |
|---|
| 6 | * you may not use this file except in compliance with the License. |
|---|
| 7 | * You may obtain a copy of the License at |
|---|
| 8 | * |
|---|
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
|---|
| 10 | * |
|---|
| 11 | * Unless required by applicable law or agreed to in writing, software |
|---|
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
|---|
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|---|
| 14 | * See the License for the specific language governing permissions and |
|---|
| 15 | * limitations under the License. |
|---|
| 16 | * |
|---|
| 17 | */ |
|---|
| 18 | |
|---|
| 19 | #ifndef GRPC_GRPC_SECURITY_CONSTANTS_H |
|---|
| 20 | #define GRPC_GRPC_SECURITY_CONSTANTS_H |
|---|
| 21 | |
|---|
| 22 | #ifdef __cplusplus |
|---|
| 23 | extern "C" { |
|---|
| 24 | #endif |
|---|
| 25 | |
|---|
| 26 | #define GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME "transport_security_type" |
|---|
| 27 | #define GRPC_SSL_TRANSPORT_SECURITY_TYPE "ssl" |
|---|
| 28 | |
|---|
| 29 | #define GRPC_X509_CN_PROPERTY_NAME "x509_common_name" |
|---|
| 30 | #define GRPC_X509_SAN_PROPERTY_NAME "x509_subject_alternative_name" |
|---|
| 31 | #define GRPC_X509_PEM_CERT_PROPERTY_NAME "x509_pem_cert" |
|---|
| 32 | #define GRPC_X509_PEM_CERT_CHAIN_PROPERTY_NAME "x509_pem_cert_chain" |
|---|
| 33 | #define GRPC_SSL_SESSION_REUSED_PROPERTY "ssl_session_reused" |
|---|
| 34 | #define GRPC_TRANSPORT_SECURITY_LEVEL_PROPERTY_NAME "security_level" |
|---|
| 35 | #define GRPC_PEER_SPIFFE_ID_PROPERTY_NAME "peer_spiffe_id" |
|---|
| 36 | |
|---|
| 37 | /** Environment variable that points to the default SSL roots file. This file |
|---|
| 38 | must be a PEM encoded file with all the roots such as the one that can be |
|---|
| 39 | downloaded from https://pki.google.com/roots.pem. */ |
|---|
| 40 | #define GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR \ |
|---|
| 41 | "GRPC_DEFAULT_SSL_ROOTS_FILE_PATH" |
|---|
| 42 | |
|---|
| 43 | /** Environment variable that points to the google default application |
|---|
| 44 | credentials json key or refresh token. Used in the |
|---|
| 45 | grpc_google_default_credentials_create function. */ |
|---|
| 46 | #define GRPC_GOOGLE_CREDENTIALS_ENV_VAR "GOOGLE_APPLICATION_CREDENTIALS" |
|---|
| 47 | |
|---|
| 48 | /** Results for the SSL roots override callback. */ |
|---|
| 49 | typedef enum { |
|---|
| 50 | GRPC_SSL_ROOTS_OVERRIDE_OK, |
|---|
| 51 | GRPC_SSL_ROOTS_OVERRIDE_FAIL_PERMANENTLY, /** Do not try fallback options. */ |
|---|
| 52 | GRPC_SSL_ROOTS_OVERRIDE_FAIL |
|---|
| 53 | } grpc_ssl_roots_override_result; |
|---|
| 54 | |
|---|
| 55 | /** Callback results for dynamically loading a SSL certificate config. */ |
|---|
| 56 | typedef enum { |
|---|
| 57 | GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED, |
|---|
| 58 | GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW, |
|---|
| 59 | GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL |
|---|
| 60 | } grpc_ssl_certificate_config_reload_status; |
|---|
| 61 | |
|---|
| 62 | typedef enum { |
|---|
| 63 | /** Server does not request client certificate. |
|---|
| 64 | The certificate presented by the client is not checked by the server at |
|---|
| 65 | all. (A client may present a self signed or signed certificate or not |
|---|
| 66 | present a certificate at all and any of those option would be accepted) */ |
|---|
| 67 | GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE, |
|---|
| 68 | /** Server requests client certificate but does not enforce that the client |
|---|
| 69 | presents a certificate. |
|---|
| 70 | |
|---|
| 71 | If the client presents a certificate, the client authentication is left to |
|---|
| 72 | the application (the necessary metadata will be available to the |
|---|
| 73 | application via authentication context properties, see grpc_auth_context). |
|---|
| 74 | |
|---|
| 75 | The client's key certificate pair must be valid for the SSL connection to |
|---|
| 76 | be established. */ |
|---|
| 77 | GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY, |
|---|
| 78 | /** Server requests client certificate but does not enforce that the client |
|---|
| 79 | presents a certificate. |
|---|
| 80 | |
|---|
| 81 | If the client presents a certificate, the client authentication is done by |
|---|
| 82 | the gRPC framework. (For a successful connection the client needs to either |
|---|
| 83 | present a certificate that can be verified against the root certificate |
|---|
| 84 | configured by the server or not present a certificate at all) |
|---|
| 85 | |
|---|
| 86 | The client's key certificate pair must be valid for the SSL connection to |
|---|
| 87 | be established. */ |
|---|
| 88 | GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY, |
|---|
| 89 | /** Server requests client certificate and enforces that the client presents a |
|---|
| 90 | certificate. |
|---|
| 91 | |
|---|
| 92 | If the client presents a certificate, the client authentication is left to |
|---|
| 93 | the application (the necessary metadata will be available to the |
|---|
| 94 | application via authentication context properties, see grpc_auth_context). |
|---|
| 95 | |
|---|
| 96 | The client's key certificate pair must be valid for the SSL connection to |
|---|
| 97 | be established. */ |
|---|
| 98 | GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY, |
|---|
| 99 | /** Server requests client certificate and enforces that the client presents a |
|---|
| 100 | certificate. |
|---|
| 101 | |
|---|
| 102 | The certificate presented by the client is verified by the gRPC framework. |
|---|
| 103 | (For a successful connection the client needs to present a certificate that |
|---|
| 104 | can be verified against the root certificate configured by the server) |
|---|
| 105 | |
|---|
| 106 | The client's key certificate pair must be valid for the SSL connection to |
|---|
| 107 | be established. */ |
|---|
| 108 | GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY |
|---|
| 109 | } grpc_ssl_client_certificate_request_type; |
|---|
| 110 | |
|---|
| 111 | /* Security levels of grpc transport security. It represents an inherent |
|---|
| 112 | * property of a backend connection and is determined by a channel credential |
|---|
| 113 | * used to create the connection. */ |
|---|
| 114 | typedef enum { |
|---|
| 115 | GRPC_SECURITY_MIN, |
|---|
| 116 | GRPC_SECURITY_NONE = GRPC_SECURITY_MIN, |
|---|
| 117 | GRPC_INTEGRITY_ONLY, |
|---|
| 118 | GRPC_PRIVACY_AND_INTEGRITY, |
|---|
| 119 | GRPC_SECURITY_MAX = GRPC_PRIVACY_AND_INTEGRITY, |
|---|
| 120 | } grpc_security_level; |
|---|
| 121 | |
|---|
| 122 | typedef enum { |
|---|
| 123 | /** Default option: performs server certificate verification and hostname |
|---|
| 124 | verification. */ |
|---|
| 125 | GRPC_TLS_SERVER_VERIFICATION, |
|---|
| 126 | /** Performs server certificate verification, but skips hostname verification |
|---|
| 127 | Client is responsible for verifying server's identity via |
|---|
| 128 | server authorization check callback. */ |
|---|
| 129 | GRPC_TLS_SKIP_HOSTNAME_VERIFICATION, |
|---|
| 130 | /** Skips both server certificate and hostname verification. |
|---|
| 131 | Client is responsible for verifying server's identity and |
|---|
| 132 | server's certificate via server authorization check callback. */ |
|---|
| 133 | GRPC_TLS_SKIP_ALL_SERVER_VERIFICATION |
|---|
| 134 | } grpc_tls_server_verification_option; |
|---|
| 135 | |
|---|
| 136 | /** |
|---|
| 137 | * Type of local connections for which local channel/server credentials will be |
|---|
| 138 | * applied. It supports UDS and local TCP connections. |
|---|
| 139 | */ |
|---|
| 140 | typedef enum { UDS = 0, LOCAL_TCP } grpc_local_connect_type; |
|---|
| 141 | |
|---|
| 142 | #ifdef __cplusplus |
|---|
| 143 | } |
|---|
| 144 | #endif |
|---|
| 145 | |
|---|
| 146 | #endif /* GRPC_GRPC_SECURITY_CONSTANTS_H */ |
|---|
| 147 | |
|---|
