src/csharp/Grpc.Core/ServerCredentials.cs - platform/external/grpc-grpc - Gitiles

 #region Copyright notice and license

 // Copyright 2015, Google Inc.
 // All rights reserved.
 //
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 // notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 // copyright notice, this list of conditions and the following disclaimer
 // in the documentation and/or other materials provided with the
 // distribution.
 //     * Neither the name of Google Inc. nor the names of its
 // contributors may be used to endorse or promote products derived from
 // this software without specific prior written permission.
 //
 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 #endregion

 using System;
 using System.Collections.Generic;
 using System.Collections.Immutable;
 using Grpc.Core.Internal;
 using Grpc.Core.Utils;

 namespace Grpc.Core
 {
     /// <summary>
     /// Server side credentials.
     /// </summary>
     public abstract class ServerCredentials
     {
         static readonly ServerCredentials InsecureInstance = new InsecureServerCredentialsImpl();

         /// <summary>
         /// Returns instance of credential that provides no security and
         /// will result in creating an unsecure server port with no encryption whatsoever.
         /// </summary>
         public static ServerCredentials Insecure
         {
             get
             {
                 return InsecureInstance;
             }
         }

         /// <summary>
         /// Creates native object for the credentials.
         /// </summary>
         /// <returns>The native credentials.</returns>
         internal abstract ServerCredentialsSafeHandle ToNativeCredentials();

         private sealed class InsecureServerCredentialsImpl : ServerCredentials
         {
             internal override ServerCredentialsSafeHandle ToNativeCredentials()
             {
                 return null;
             }
         }
     }

     /// <summary>
     /// Server-side SSL credentials.
     /// </summary>
     public class SslServerCredentials : ServerCredentials
     {
         readonly IList<KeyCertificatePair> keyCertificatePairs;
         readonly string rootCertificates;

         /// <summary>
         /// Creates server-side SSL credentials.
         /// </summary>
         /// <param name="rootCertificates">PEM encoded client root certificates used to authenticate client.</param>
         /// <param name="keyCertificatePairs">Key-certificates to use.</param>
         public SslServerCredentials(IEnumerable<KeyCertificatePair> keyCertificatePairs, string rootCertificates)
         {
             this.keyCertificatePairs = new List<KeyCertificatePair>(keyCertificatePairs).AsReadOnly();
             Preconditions.CheckArgument(this.keyCertificatePairs.Count > 0,
                 "At least one KeyCertificatePair needs to be provided");
             this.rootCertificates = rootCertificates;
         }

         /// <summary>
         /// Creates server-side SSL credentials.
         /// This constructor should be use if you do not wish to autheticate client
         /// using client root certificates.
         /// </summary>
         /// <param name="keyCertificatePairs">Key-certificates to use.</param>
         public SslServerCredentials(IEnumerable<KeyCertificatePair> keyCertificatePairs) : this(keyCertificatePairs, null)
         {
         }

         /// <summary>
         /// Key-certificate pairs.
         /// </summary>
         public IList<KeyCertificatePair> KeyCertificatePairs
         {
             get
             {
                 return this.keyCertificatePairs;
             }
         }

         /// <summary>
         /// PEM encoded client root certificates.
         /// </summary>
         public string RootCertificates
         {
             get
             {
                 return this.rootCertificates;
             }
         }

         internal override ServerCredentialsSafeHandle ToNativeCredentials()
         {
             int count = keyCertificatePairs.Count;
             string[] certChains = new string[count];
             string[] keys = new string[count];
             for (int i = 0; i < count; i++)
             {
                 certChains[i] = keyCertificatePairs[i].CertificateChain;
                 keys[i] = keyCertificatePairs[i].PrivateKey;
             }
             return ServerCredentialsSafeHandle.CreateSslCredentials(rootCertificates, certChains, keys);
         }
     }
 }
	#region Copyright notice and license

	// Copyright 2015, Google Inc.
	// All rights reserved.
	//
	// Redistribution and use in source and binary forms, with or without
	// modification, are permitted provided that the following conditions are
	// met:
	//
	// * Redistributions of source code must retain the above copyright
	// notice, this list of conditions and the following disclaimer.
	// * Redistributions in binary form must reproduce the above
	// copyright notice, this list of conditions and the following disclaimer
	// in the documentation and/or other materials provided with the
	// distribution.
	// * Neither the name of Google Inc. nor the names of its
	// contributors may be used to endorse or promote products derived from
	// this software without specific prior written permission.
	//
	// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
	// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
	// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
	// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
	// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
	// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

	#endregion

	using System;
	using System.Collections.Generic;
	using System.Collections.Immutable;
	using Grpc.Core.Internal;
	using Grpc.Core.Utils;

	namespace Grpc.Core
	{
	/// <summary>
	/// Server side credentials.
	/// </summary>
	public abstract class ServerCredentials
	{
	static readonly ServerCredentials InsecureInstance = new InsecureServerCredentialsImpl();

	/// <summary>
	/// Returns instance of credential that provides no security and
	/// will result in creating an unsecure server port with no encryption whatsoever.
	/// </summary>
	public static ServerCredentials Insecure
	{
	get
	{
	return InsecureInstance;
	}
	}

	/// <summary>
	/// Creates native object for the credentials.
	/// </summary>
	/// <returns>The native credentials.</returns>
	internal abstract ServerCredentialsSafeHandle ToNativeCredentials();

	private sealed class InsecureServerCredentialsImpl : ServerCredentials
	{
	internal override ServerCredentialsSafeHandle ToNativeCredentials()
	{
	return null;
	}
	}
	}

	/// <summary>
	/// Server-side SSL credentials.
	/// </summary>
	public class SslServerCredentials : ServerCredentials
	{
	readonly IList<KeyCertificatePair> keyCertificatePairs;
	readonly string rootCertificates;

	/// <summary>
	/// Creates server-side SSL credentials.
	/// </summary>
	/// <param name="rootCertificates">PEM encoded client root certificates used to authenticate client.</param>
	/// <param name="keyCertificatePairs">Key-certificates to use.</param>
	public SslServerCredentials(IEnumerable<KeyCertificatePair> keyCertificatePairs, string rootCertificates)
	{
	this.keyCertificatePairs = new List<KeyCertificatePair>(keyCertificatePairs).AsReadOnly();
	Preconditions.CheckArgument(this.keyCertificatePairs.Count > 0,
	"At least one KeyCertificatePair needs to be provided");
	this.rootCertificates = rootCertificates;
	}

	/// <summary>
	/// Creates server-side SSL credentials.
	/// This constructor should be use if you do not wish to autheticate client
	/// using client root certificates.
	/// </summary>
	/// <param name="keyCertificatePairs">Key-certificates to use.</param>
	public SslServerCredentials(IEnumerable<KeyCertificatePair> keyCertificatePairs) : this(keyCertificatePairs, null)
	{
	}

	/// <summary>
	/// Key-certificate pairs.
	/// </summary>
	public IList<KeyCertificatePair> KeyCertificatePairs
	{
	get
	{
	return this.keyCertificatePairs;
	}
	}

	/// <summary>
	/// PEM encoded client root certificates.
	/// </summary>
	public string RootCertificates
	{
	get
	{
	return this.rootCertificates;
	}
	}

	internal override ServerCredentialsSafeHandle ToNativeCredentials()
	{
	int count = keyCertificatePairs.Count;
	string[] certChains = new string[count];
	string[] keys = new string[count];
	for (int i = 0; i < count; i++)
	{
	certChains[i] = keyCertificatePairs[i].CertificateChain;
	keys[i] = keyCertificatePairs[i].PrivateKey;
	}
	return ServerCredentialsSafeHandle.CreateSslCredentials(rootCertificates, certChains, keys);
	}
	}
	}