murgatroid99 | 749666e | 2015-01-12 18:25:58 -0800 | [diff] [blame] | 1 | /* |
| 2 | * |
Craig Tiller | 0605995 | 2015-02-18 08:34:56 -0800 | [diff] [blame] | 3 | * Copyright 2015, Google Inc. |
murgatroid99 | 749666e | 2015-01-12 18:25:58 -0800 | [diff] [blame] | 4 | * All rights reserved. |
| 5 | * |
| 6 | * Redistribution and use in source and binary forms, with or without |
| 7 | * modification, are permitted provided that the following conditions are |
| 8 | * met: |
| 9 | * |
| 10 | * * Redistributions of source code must retain the above copyright |
| 11 | * notice, this list of conditions and the following disclaimer. |
| 12 | * * Redistributions in binary form must reproduce the above |
| 13 | * copyright notice, this list of conditions and the following disclaimer |
| 14 | * in the documentation and/or other materials provided with the |
| 15 | * distribution. |
| 16 | * * Neither the name of Google Inc. nor the names of its |
| 17 | * contributors may be used to endorse or promote products derived from |
| 18 | * this software without specific prior written permission. |
| 19 | * |
| 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 31 | * |
| 32 | */ |
| 33 | |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 34 | #include <node.h> |
| 35 | |
| 36 | #include "grpc/grpc.h" |
| 37 | #include "grpc/grpc_security.h" |
| 38 | #include "grpc/support/log.h" |
| 39 | #include "server_credentials.h" |
| 40 | |
| 41 | namespace grpc { |
| 42 | namespace node { |
| 43 | |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 44 | using Nan::Callback; |
| 45 | using Nan::EscapableHandleScope; |
| 46 | using Nan::HandleScope; |
| 47 | using Nan::Maybe; |
| 48 | using Nan::MaybeLocal; |
| 49 | using Nan::ObjectWrap; |
| 50 | using Nan::Persistent; |
| 51 | using Nan::Utf8String; |
| 52 | |
murgatroid99 | c2fdfcf | 2015-08-19 14:57:19 -0700 | [diff] [blame] | 53 | using v8::Array; |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 54 | using v8::Exception; |
| 55 | using v8::External; |
| 56 | using v8::Function; |
| 57 | using v8::FunctionTemplate; |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 58 | using v8::Integer; |
| 59 | using v8::Local; |
| 60 | using v8::Object; |
| 61 | using v8::ObjectTemplate; |
murgatroid99 | c2fdfcf | 2015-08-19 14:57:19 -0700 | [diff] [blame] | 62 | using v8::String; |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 63 | using v8::Value; |
| 64 | |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 65 | Nan::Callback *ServerCredentials::constructor; |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 66 | Persistent<FunctionTemplate> ServerCredentials::fun_tpl; |
| 67 | |
| 68 | ServerCredentials::ServerCredentials(grpc_server_credentials *credentials) |
Craig Tiller | e8e304e | 2015-01-13 14:41:29 -0800 | [diff] [blame] | 69 | : wrapped_credentials(credentials) {} |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 70 | |
| 71 | ServerCredentials::~ServerCredentials() { |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 72 | grpc_server_credentials_release(wrapped_credentials); |
| 73 | } |
| 74 | |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 75 | void ServerCredentials::Init(Local<Object> exports) { |
| 76 | Nan::HandleScope scope; |
| 77 | Local<FunctionTemplate> tpl = Nan::New<FunctionTemplate>(New); |
| 78 | tpl->SetClassName(Nan::New("ServerCredentials").ToLocalChecked()); |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 79 | tpl->InstanceTemplate()->SetInternalFieldCount(1); |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 80 | Local<Function> ctr = tpl->GetFunction(); |
| 81 | Nan::Set(ctr, Nan::New("createSsl").ToLocalChecked(), |
| 82 | Nan::GetFunction( |
| 83 | Nan::New<FunctionTemplate>(CreateSsl)).ToLocalChecked()); |
| 84 | Nan::Set(ctr, Nan::New("createInsecure").ToLocalChecked(), |
| 85 | Nan::GetFunction( |
| 86 | Nan::New<FunctionTemplate>(CreateInsecure)).ToLocalChecked()); |
| 87 | fun_tpl.Reset(tpl); |
| 88 | constructor = new Nan::Callback(ctr); |
| 89 | Nan::Set(exports, Nan::New("ServerCredentials").ToLocalChecked(), ctr); |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 90 | } |
| 91 | |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 92 | bool ServerCredentials::HasInstance(Local<Value> val) { |
| 93 | Nan::HandleScope scope; |
| 94 | return Nan::New(fun_tpl)->HasInstance(val); |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 95 | } |
| 96 | |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 97 | Local<Value> ServerCredentials::WrapStruct( |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 98 | grpc_server_credentials *credentials) { |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 99 | Nan::EscapableHandleScope scope; |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 100 | const int argc = 1; |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 101 | Local<Value> argv[argc] = { |
| 102 | Nan::New<External>(reinterpret_cast<void *>(credentials))}; |
| 103 | MaybeLocal<Object> maybe_instance = Nan::NewInstance( |
| 104 | constructor->GetFunction(), argc, argv); |
| 105 | if (maybe_instance.IsEmpty()) { |
| 106 | return scope.Escape(Nan::Null()); |
| 107 | } else { |
| 108 | return scope.Escape(maybe_instance.ToLocalChecked()); |
| 109 | } |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 110 | } |
| 111 | |
| 112 | grpc_server_credentials *ServerCredentials::GetWrappedServerCredentials() { |
| 113 | return wrapped_credentials; |
| 114 | } |
| 115 | |
| 116 | NAN_METHOD(ServerCredentials::New) { |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 117 | if (info.IsConstructCall()) { |
| 118 | if (!info[0]->IsExternal()) { |
| 119 | return Nan::ThrowTypeError( |
murgatroid99 | 75a2bba | 2015-10-12 16:12:04 -0700 | [diff] [blame] | 120 | "ServerCredentials can only be created with the provided functions"); |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 121 | } |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 122 | Local<External> ext = info[0].As<External>(); |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 123 | grpc_server_credentials *creds_value = |
murgatroid99 | f28066b | 2015-03-04 14:42:31 -0800 | [diff] [blame] | 124 | reinterpret_cast<grpc_server_credentials *>(ext->Value()); |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 125 | ServerCredentials *credentials = new ServerCredentials(creds_value); |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 126 | credentials->Wrap(info.This()); |
| 127 | info.GetReturnValue().Set(info.This()); |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 128 | } else { |
murgatroid99 | 75a2bba | 2015-10-12 16:12:04 -0700 | [diff] [blame] | 129 | // This should never be called directly |
| 130 | return Nan::ThrowTypeError( |
| 131 | "ServerCredentials can only be created with the provided functions"); |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 132 | } |
| 133 | } |
| 134 | |
| 135 | NAN_METHOD(ServerCredentials::CreateSsl) { |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 136 | Nan::HandleScope scope; |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 137 | char *root_certs = NULL; |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 138 | if (::node::Buffer::HasInstance(info[0])) { |
| 139 | root_certs = ::node::Buffer::Data(info[0]); |
| 140 | } else if (!(info[0]->IsNull() || info[0]->IsUndefined())) { |
| 141 | return Nan::ThrowTypeError( |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 142 | "createSSl's first argument must be a Buffer if provided"); |
| 143 | } |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 144 | if (!info[1]->IsArray()) { |
| 145 | return Nan::ThrowTypeError( |
murgatroid99 | c2fdfcf | 2015-08-19 14:57:19 -0700 | [diff] [blame] | 146 | "createSsl's second argument must be a list of objects"); |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 147 | } |
Deepak Lukose | dba4c5f | 2016-03-25 12:54:25 -0700 | [diff] [blame] | 148 | |
murgatroid99 | 8658b17 | 2016-04-27 14:54:40 -0700 | [diff] [blame] | 149 | // Default to not requesting the client certificate |
| 150 | grpc_ssl_client_certificate_request_type client_certificate_request = |
| 151 | GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE; |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 152 | if (info[2]->IsBoolean()) { |
Deepak Lukose | dba4c5f | 2016-03-25 12:54:25 -0700 | [diff] [blame] | 153 | client_certificate_request = |
| 154 | Nan::To<bool>(info[2]).FromJust() |
| 155 | ? GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY |
| 156 | : GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE; |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 157 | } else if (!(info[2]->IsUndefined() || info[2]->IsNull())) { |
| 158 | return Nan::ThrowTypeError( |
murgatroid99 | c2fdfcf | 2015-08-19 14:57:19 -0700 | [diff] [blame] | 159 | "createSsl's third argument must be a boolean if provided"); |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 160 | } |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 161 | Local<Array> pair_list = Local<Array>::Cast(info[1]); |
murgatroid99 | c2fdfcf | 2015-08-19 14:57:19 -0700 | [diff] [blame] | 162 | uint32_t key_cert_pair_count = pair_list->Length(); |
| 163 | grpc_ssl_pem_key_cert_pair *key_cert_pairs = new grpc_ssl_pem_key_cert_pair[ |
| 164 | key_cert_pair_count]; |
| 165 | |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 166 | Local<String> key_key = Nan::New("private_key").ToLocalChecked(); |
| 167 | Local<String> cert_key = Nan::New("cert_chain").ToLocalChecked(); |
murgatroid99 | c2fdfcf | 2015-08-19 14:57:19 -0700 | [diff] [blame] | 168 | |
| 169 | for(uint32_t i = 0; i < key_cert_pair_count; i++) { |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 170 | Local<Value> pair_val = Nan::Get(pair_list, i).ToLocalChecked(); |
| 171 | if (!pair_val->IsObject()) { |
murgatroid99 | 8fecf28 | 2016-09-20 09:55:33 -0700 | [diff] [blame] | 172 | delete[] key_cert_pairs; |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 173 | return Nan::ThrowTypeError("Key/cert pairs must be objects"); |
murgatroid99 | c2fdfcf | 2015-08-19 14:57:19 -0700 | [diff] [blame] | 174 | } |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 175 | Local<Object> pair_obj = Nan::To<Object>(pair_val).ToLocalChecked(); |
murgatroid99 | a9172d2 | 2015-12-09 16:12:37 -0800 | [diff] [blame] | 176 | Local<Value> maybe_key = Nan::Get(pair_obj, key_key).ToLocalChecked(); |
| 177 | Local<Value> maybe_cert = Nan::Get(pair_obj, cert_key).ToLocalChecked(); |
| 178 | if (!::node::Buffer::HasInstance(maybe_key)) { |
murgatroid99 | 8fecf28 | 2016-09-20 09:55:33 -0700 | [diff] [blame] | 179 | delete[] key_cert_pairs; |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 180 | return Nan::ThrowTypeError("private_key must be a Buffer"); |
murgatroid99 | c2fdfcf | 2015-08-19 14:57:19 -0700 | [diff] [blame] | 181 | } |
murgatroid99 | a9172d2 | 2015-12-09 16:12:37 -0800 | [diff] [blame] | 182 | if (!::node::Buffer::HasInstance(maybe_cert)) { |
murgatroid99 | 8fecf28 | 2016-09-20 09:55:33 -0700 | [diff] [blame] | 183 | delete[] key_cert_pairs; |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 184 | return Nan::ThrowTypeError("cert_chain must be a Buffer"); |
murgatroid99 | c2fdfcf | 2015-08-19 14:57:19 -0700 | [diff] [blame] | 185 | } |
murgatroid99 | a9172d2 | 2015-12-09 16:12:37 -0800 | [diff] [blame] | 186 | key_cert_pairs[i].private_key = ::node::Buffer::Data(maybe_key); |
| 187 | key_cert_pairs[i].cert_chain = ::node::Buffer::Data(maybe_cert); |
murgatroid99 | c2fdfcf | 2015-08-19 14:57:19 -0700 | [diff] [blame] | 188 | } |
Deepak Lukose | dba4c5f | 2016-03-25 12:54:25 -0700 | [diff] [blame] | 189 | grpc_server_credentials *creds = grpc_ssl_server_credentials_create_ex( |
| 190 | root_certs, key_cert_pairs, key_cert_pair_count, |
| 191 | client_certificate_request, NULL); |
murgatroid99 | 8fecf28 | 2016-09-20 09:55:33 -0700 | [diff] [blame] | 192 | delete[] key_cert_pairs; |
murgatroid99 | 1a7dcac | 2015-07-27 16:13:28 -0700 | [diff] [blame] | 193 | if (creds == NULL) { |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 194 | info.GetReturnValue().SetNull(); |
| 195 | } else { |
| 196 | info.GetReturnValue().Set(WrapStruct(creds)); |
murgatroid99 | 1a7dcac | 2015-07-27 16:13:28 -0700 | [diff] [blame] | 197 | } |
murgatroid99 | 1a7dcac | 2015-07-27 16:13:28 -0700 | [diff] [blame] | 198 | } |
| 199 | |
| 200 | NAN_METHOD(ServerCredentials::CreateInsecure) { |
murgatroid99 | 2b09783 | 2015-09-17 13:56:25 -0700 | [diff] [blame] | 201 | info.GetReturnValue().Set(WrapStruct(NULL)); |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 202 | } |
| 203 | |
murgatroid99 | e506151 | 2015-01-12 18:14:35 -0800 | [diff] [blame] | 204 | } // namespace node |
Craig Tiller | 190d360 | 2015-02-18 09:23:38 -0800 | [diff] [blame] | 205 | } // namespace grpc |