src/csharp/Grpc.Core/ChannelCredentials.cs - third_party/grpc - Git at Google

 #region Copyright notice and license

 // Copyright 2015 gRPC authors.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 #endregion

 using System;
 using System.Collections.Generic;
 using System.Runtime.InteropServices;
 using System.Threading.Tasks;

 using Grpc.Core.Internal;
 using Grpc.Core.Logging;
 using Grpc.Core.Utils;

 namespace Grpc.Core
 {
     /// <summary>
     /// Client-side channel credentials. Used for creation of a secure channel.
     /// </summary>
     public abstract class ChannelCredentials
     {
         static readonly ChannelCredentials InsecureInstance = new InsecureCredentialsImpl();
         readonly Lazy<ChannelCredentialsSafeHandle> cachedNativeCredentials;

         /// <summary>
         /// Creates a new instance of channel credentials
         /// </summary>
         public ChannelCredentials()
         {
             // Native credentials object need to be kept alive once initialized for subchannel sharing to work correctly
             // with secure connections. See https://github.com/grpc/grpc/issues/15207.
             // We rely on finalizer to clean up the native portion of ChannelCredentialsSafeHandle after the ChannelCredentials
             // instance becomes unused.
             this.cachedNativeCredentials = new Lazy<ChannelCredentialsSafeHandle>(() => CreateNativeCredentials());
         }

         /// <summary>
         /// Returns instance of credentials that provides no security and
         /// will result in creating an unsecure channel with no encryption whatsoever.
         /// </summary>
         public static ChannelCredentials Insecure
         {
             get
             {
                 return InsecureInstance;
             }
         }

         /// <summary>
         /// Creates a new instance of <c>ChannelCredentials</c> class by composing
         /// given channel credentials with call credentials.
         /// </summary>
         /// <param name="channelCredentials">Channel credentials.</param>
         /// <param name="callCredentials">Call credentials.</param>
         /// <returns>The new composite <c>ChannelCredentials</c></returns>
         public static ChannelCredentials Create(ChannelCredentials channelCredentials, CallCredentials callCredentials)
         {
             return new CompositeChannelCredentials(channelCredentials, callCredentials);
         }

         /// <summary>
         /// Gets native object for the credentials, creating one if it already doesn't exist. May return null if insecure channel
         /// should be created. Caller must not call <c>Dispose()</c> on the returned native credentials as their lifetime
         /// is managed by this class (and instances of native credentials are cached).
         /// </summary>
         /// <returns>The native credentials.</returns>
         internal ChannelCredentialsSafeHandle GetNativeCredentials()
         {
             return cachedNativeCredentials.Value;
         }

         /// <summary>
         /// Creates a new native object for the credentials. May return null if insecure channel
         /// should be created. For internal use only, use <see cref="GetNativeCredentials"/> instead.
         /// </summary>
         /// <returns>The native credentials.</returns>
         internal abstract ChannelCredentialsSafeHandle CreateNativeCredentials();

         /// <summary>
         /// Returns <c>true</c> if this credential type allows being composed by <c>CompositeCredentials</c>.
         /// </summary>
         internal virtual bool IsComposable
         {
             get { return false; }
         }

         private sealed class InsecureCredentialsImpl : ChannelCredentials
         {
             internal override ChannelCredentialsSafeHandle CreateNativeCredentials()
             {
                 return null;
             }
         }
     }

     /// <summary>
     /// Callback invoked with the expected targetHost and the peer's certificate.
     /// If false is returned by this callback then it is treated as a
     /// verification failure and the attempted connection will fail.
     /// Invocation of the callback is blocking, so any
     /// implementation should be light-weight.
     /// Note that the callback can potentially be invoked multiple times,
     /// concurrently from different threads (e.g. when multiple connections
     /// are being created for the same credentials).
     /// </summary>
     /// <param name="context">The <see cref="T:Grpc.Core.VerifyPeerContext"/> associated with the callback</param>
     /// <returns>true if verification succeeded, false otherwise.</returns>
     /// Note: experimental API that can change or be removed without any prior notice.
     public delegate bool VerifyPeerCallback(VerifyPeerContext context);

     /// <summary>
     /// Client-side SSL credentials.
     /// </summary>
     public sealed class SslCredentials : ChannelCredentials
     {
         static readonly ILogger Logger = GrpcEnvironment.Logger.ForType<SslCredentials>();

         readonly string rootCertificates;
         readonly KeyCertificatePair keyCertificatePair;
         readonly VerifyPeerCallback verifyPeerCallback;

         /// <summary>
         /// Creates client-side SSL credentials loaded from
         /// disk file pointed to by the GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable.
         /// If that fails, gets the roots certificates from a well known place on disk.
         /// </summary>
         public SslCredentials() : this(null, null, null)
         {
         }

         /// <summary>
         /// Creates client-side SSL credentials from
         /// a string containing PEM encoded root certificates.
         /// </summary>
         public SslCredentials(string rootCertificates) : this(rootCertificates, null, null)
         {
         }

         /// <summary>
         /// Creates client-side SSL credentials.
         /// </summary>
         /// <param name="rootCertificates">string containing PEM encoded server root certificates.</param>
         /// <param name="keyCertificatePair">a key certificate pair.</param>
         public SslCredentials(string rootCertificates, KeyCertificatePair keyCertificatePair) :
             this(rootCertificates, keyCertificatePair, null)
         {
         }

         /// <summary>
         /// Creates client-side SSL credentials.
         /// </summary>
         /// <param name="rootCertificates">string containing PEM encoded server root certificates.</param>
         /// <param name="keyCertificatePair">a key certificate pair.</param>
         /// <param name="verifyPeerCallback">a callback to verify peer's target name and certificate.</param>
         /// Note: experimental API that can change or be removed without any prior notice.
         public SslCredentials(string rootCertificates, KeyCertificatePair keyCertificatePair, VerifyPeerCallback verifyPeerCallback)
         {
             this.rootCertificates = rootCertificates;
             this.keyCertificatePair = keyCertificatePair;
             this.verifyPeerCallback = verifyPeerCallback;
         }

         /// <summary>
         /// PEM encoding of the server root certificates.
         /// </summary>
         public string RootCertificates
         {
             get
             {
                 return this.rootCertificates;
             }
         }

         /// <summary>
         /// Client side key and certificate pair.
         /// If null, client will not use key and certificate pair.
         /// </summary>
         public KeyCertificatePair KeyCertificatePair
         {
             get
             {
                 return this.keyCertificatePair;
             }
         }

         // Composing composite makes no sense.
         internal override bool IsComposable
         {
             get { return true; }
         }

         internal override ChannelCredentialsSafeHandle CreateNativeCredentials()
         {
             IntPtr verifyPeerCallbackTag = IntPtr.Zero;
             if (verifyPeerCallback != null)
             {
                 verifyPeerCallbackTag = new VerifyPeerCallbackRegistration(verifyPeerCallback).CallbackRegistration.Tag;
             }
             return ChannelCredentialsSafeHandle.CreateSslCredentials(rootCertificates, keyCertificatePair, verifyPeerCallbackTag);
         }

         private class VerifyPeerCallbackRegistration
         {
             readonly VerifyPeerCallback verifyPeerCallback;
             readonly NativeCallbackRegistration callbackRegistration;

             public VerifyPeerCallbackRegistration(VerifyPeerCallback verifyPeerCallback)
             {
                 this.verifyPeerCallback = verifyPeerCallback;
                 this.callbackRegistration = NativeCallbackDispatcher.RegisterCallback(HandleUniversalCallback);
             }

             public NativeCallbackRegistration CallbackRegistration => callbackRegistration;

             private int HandleUniversalCallback(IntPtr arg0, IntPtr arg1, IntPtr arg2, IntPtr arg3, IntPtr arg4, IntPtr arg5)
             {
                 return VerifyPeerCallbackHandler(arg0, arg1, arg2 != IntPtr.Zero);
             }

             private int VerifyPeerCallbackHandler(IntPtr targetName, IntPtr peerPem, bool isDestroy)
             {
                 if (isDestroy)
                 {
                     this.callbackRegistration.Dispose();
                     return 0;
                 }

                 try
                 {
                     var context = new VerifyPeerContext(Marshal.PtrToStringAnsi(targetName), Marshal.PtrToStringAnsi(peerPem));

                     return this.verifyPeerCallback(context) ? 0 : 1;
                 }
                 catch (Exception e)
                 {
                     // eat the exception, we must not throw when inside callback from native code.
                     Logger.Error(e, "Exception occurred while invoking verify peer callback handler.");
                     // Return validation failure in case of exception.
                     return 1;
                 }
             }
         }
     }

     /// <summary>
     /// Credentials that allow composing one <see cref="ChannelCredentials"/> object and
     /// one or more <see cref="CallCredentials"/> objects into a single <see cref="ChannelCredentials"/>.
     /// </summary>
     internal sealed class CompositeChannelCredentials : ChannelCredentials
     {
         readonly ChannelCredentials channelCredentials;
         readonly CallCredentials callCredentials;

         /// <summary>
         /// Initializes a new instance of <c>CompositeChannelCredentials</c> class.
         /// The resulting credentials object will be composite of all the credentials specified as parameters.
         /// </summary>
         /// <param name="channelCredentials">channelCredentials to compose</param>
         /// <param name="callCredentials">channelCredentials to compose</param>
         public CompositeChannelCredentials(ChannelCredentials channelCredentials, CallCredentials callCredentials)
         {
             this.channelCredentials = GrpcPreconditions.CheckNotNull(channelCredentials);
             this.callCredentials = GrpcPreconditions.CheckNotNull(callCredentials);
             GrpcPreconditions.CheckArgument(channelCredentials.IsComposable, "Supplied channel credentials do not allow composition.");
         }

         internal override ChannelCredentialsSafeHandle CreateNativeCredentials()
         {
             using (var callCreds = callCredentials.ToNativeCredentials())
             {
                 var nativeComposite = ChannelCredentialsSafeHandle.CreateComposite(channelCredentials.GetNativeCredentials(), callCreds);
                 if (nativeComposite.IsInvalid)
                 {
                     throw new ArgumentException("Error creating native composite credentials. Likely, this is because you are trying to compose incompatible credentials.");
                 }
                 return nativeComposite;
             }
         }
     }
 }
	#region Copyright notice and license

	// Copyright 2015 gRPC authors.
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	#endregion

	using System;
	using System.Collections.Generic;
	using System.Runtime.InteropServices;
	using System.Threading.Tasks;

	using Grpc.Core.Internal;
	using Grpc.Core.Logging;
	using Grpc.Core.Utils;

	namespace Grpc.Core
	{
	/// <summary>
	/// Client-side channel credentials. Used for creation of a secure channel.
	/// </summary>
	public abstract class ChannelCredentials
	{
	static readonly ChannelCredentials InsecureInstance = new InsecureCredentialsImpl();
	readonly Lazy<ChannelCredentialsSafeHandle> cachedNativeCredentials;

	/// <summary>
	/// Creates a new instance of channel credentials
	/// </summary>
	public ChannelCredentials()
	{
	// Native credentials object need to be kept alive once initialized for subchannel sharing to work correctly
	// with secure connections. See https://github.com/grpc/grpc/issues/15207.
	// We rely on finalizer to clean up the native portion of ChannelCredentialsSafeHandle after the ChannelCredentials
	// instance becomes unused.
	this.cachedNativeCredentials = new Lazy<ChannelCredentialsSafeHandle>(() => CreateNativeCredentials());
	}

	/// <summary>
	/// Returns instance of credentials that provides no security and
	/// will result in creating an unsecure channel with no encryption whatsoever.
	/// </summary>
	public static ChannelCredentials Insecure
	{
	get
	{
	return InsecureInstance;
	}
	}

	/// <summary>
	/// Creates a new instance of <c>ChannelCredentials</c> class by composing
	/// given channel credentials with call credentials.
	/// </summary>
	/// <param name="channelCredentials">Channel credentials.</param>
	/// <param name="callCredentials">Call credentials.</param>
	/// <returns>The new composite <c>ChannelCredentials</c></returns>
	public static ChannelCredentials Create(ChannelCredentials channelCredentials, CallCredentials callCredentials)
	{
	return new CompositeChannelCredentials(channelCredentials, callCredentials);
	}

	/// <summary>
	/// Gets native object for the credentials, creating one if it already doesn't exist. May return null if insecure channel
	/// should be created. Caller must not call <c>Dispose()</c> on the returned native credentials as their lifetime
	/// is managed by this class (and instances of native credentials are cached).
	/// </summary>
	/// <returns>The native credentials.</returns>
	internal ChannelCredentialsSafeHandle GetNativeCredentials()
	{
	return cachedNativeCredentials.Value;
	}

	/// <summary>
	/// Creates a new native object for the credentials. May return null if insecure channel
	/// should be created. For internal use only, use <see cref="GetNativeCredentials"/> instead.
	/// </summary>
	/// <returns>The native credentials.</returns>
	internal abstract ChannelCredentialsSafeHandle CreateNativeCredentials();

	/// <summary>
	/// Returns <c>true</c> if this credential type allows being composed by <c>CompositeCredentials</c>.
	/// </summary>
	internal virtual bool IsComposable
	{
	get { return false; }
	}

	private sealed class InsecureCredentialsImpl : ChannelCredentials
	{
	internal override ChannelCredentialsSafeHandle CreateNativeCredentials()
	{
	return null;
	}
	}
	}

	/// <summary>
	/// Callback invoked with the expected targetHost and the peer's certificate.
	/// If false is returned by this callback then it is treated as a
	/// verification failure and the attempted connection will fail.
	/// Invocation of the callback is blocking, so any
	/// implementation should be light-weight.
	/// Note that the callback can potentially be invoked multiple times,
	/// concurrently from different threads (e.g. when multiple connections
	/// are being created for the same credentials).
	/// </summary>
	/// <param name="context">The <see cref="T:Grpc.Core.VerifyPeerContext"/> associated with the callback</param>
	/// <returns>true if verification succeeded, false otherwise.</returns>
	/// Note: experimental API that can change or be removed without any prior notice.
	public delegate bool VerifyPeerCallback(VerifyPeerContext context);

	/// <summary>
	/// Client-side SSL credentials.
	/// </summary>
	public sealed class SslCredentials : ChannelCredentials
	{
	static readonly ILogger Logger = GrpcEnvironment.Logger.ForType<SslCredentials>();

	readonly string rootCertificates;
	readonly KeyCertificatePair keyCertificatePair;
	readonly VerifyPeerCallback verifyPeerCallback;

	/// <summary>
	/// Creates client-side SSL credentials loaded from
	/// disk file pointed to by the GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable.
	/// If that fails, gets the roots certificates from a well known place on disk.
	/// </summary>
	public SslCredentials() : this(null, null, null)
	{
	}

	/// <summary>
	/// Creates client-side SSL credentials from
	/// a string containing PEM encoded root certificates.
	/// </summary>
	public SslCredentials(string rootCertificates) : this(rootCertificates, null, null)
	{
	}

	/// <summary>
	/// Creates client-side SSL credentials.
	/// </summary>
	/// <param name="rootCertificates">string containing PEM encoded server root certificates.</param>
	/// <param name="keyCertificatePair">a key certificate pair.</param>
	public SslCredentials(string rootCertificates, KeyCertificatePair keyCertificatePair) :
	this(rootCertificates, keyCertificatePair, null)
	{
	}

	/// <summary>
	/// Creates client-side SSL credentials.
	/// </summary>
	/// <param name="rootCertificates">string containing PEM encoded server root certificates.</param>
	/// <param name="keyCertificatePair">a key certificate pair.</param>
	/// <param name="verifyPeerCallback">a callback to verify peer's target name and certificate.</param>
	/// Note: experimental API that can change or be removed without any prior notice.
	public SslCredentials(string rootCertificates, KeyCertificatePair keyCertificatePair, VerifyPeerCallback verifyPeerCallback)
	{
	this.rootCertificates = rootCertificates;
	this.keyCertificatePair = keyCertificatePair;
	this.verifyPeerCallback = verifyPeerCallback;
	}

	/// <summary>
	/// PEM encoding of the server root certificates.
	/// </summary>
	public string RootCertificates
	{
	get
	{
	return this.rootCertificates;
	}
	}

	/// <summary>
	/// Client side key and certificate pair.
	/// If null, client will not use key and certificate pair.
	/// </summary>
	public KeyCertificatePair KeyCertificatePair
	{
	get
	{
	return this.keyCertificatePair;
	}
	}

	// Composing composite makes no sense.
	internal override bool IsComposable
	{
	get { return true; }
	}

	internal override ChannelCredentialsSafeHandle CreateNativeCredentials()
	{
	IntPtr verifyPeerCallbackTag = IntPtr.Zero;
	if (verifyPeerCallback != null)
	{
	verifyPeerCallbackTag = new VerifyPeerCallbackRegistration(verifyPeerCallback).CallbackRegistration.Tag;
	}
	return ChannelCredentialsSafeHandle.CreateSslCredentials(rootCertificates, keyCertificatePair, verifyPeerCallbackTag);
	}

	private class VerifyPeerCallbackRegistration
	{
	readonly VerifyPeerCallback verifyPeerCallback;
	readonly NativeCallbackRegistration callbackRegistration;

	public VerifyPeerCallbackRegistration(VerifyPeerCallback verifyPeerCallback)
	{
	this.verifyPeerCallback = verifyPeerCallback;
	this.callbackRegistration = NativeCallbackDispatcher.RegisterCallback(HandleUniversalCallback);
	}

	public NativeCallbackRegistration CallbackRegistration => callbackRegistration;

	private int HandleUniversalCallback(IntPtr arg0, IntPtr arg1, IntPtr arg2, IntPtr arg3, IntPtr arg4, IntPtr arg5)
	{
	return VerifyPeerCallbackHandler(arg0, arg1, arg2 != IntPtr.Zero);
	}

	private int VerifyPeerCallbackHandler(IntPtr targetName, IntPtr peerPem, bool isDestroy)
	{
	if (isDestroy)
	{
	this.callbackRegistration.Dispose();
	return 0;
	}

	try
	{
	var context = new VerifyPeerContext(Marshal.PtrToStringAnsi(targetName), Marshal.PtrToStringAnsi(peerPem));

	return this.verifyPeerCallback(context) ? 0 : 1;
	}
	catch (Exception e)
	{
	// eat the exception, we must not throw when inside callback from native code.
	Logger.Error(e, "Exception occurred while invoking verify peer callback handler.");
	// Return validation failure in case of exception.
	return 1;
	}
	}
	}
	}

	/// <summary>
	/// Credentials that allow composing one <see cref="ChannelCredentials"/> object and
	/// one or more <see cref="CallCredentials"/> objects into a single <see cref="ChannelCredentials"/>.
	/// </summary>
	internal sealed class CompositeChannelCredentials : ChannelCredentials
	{
	readonly ChannelCredentials channelCredentials;
	readonly CallCredentials callCredentials;

	/// <summary>
	/// Initializes a new instance of <c>CompositeChannelCredentials</c> class.
	/// The resulting credentials object will be composite of all the credentials specified as parameters.
	/// </summary>
	/// <param name="channelCredentials">channelCredentials to compose</param>
	/// <param name="callCredentials">channelCredentials to compose</param>
	public CompositeChannelCredentials(ChannelCredentials channelCredentials, CallCredentials callCredentials)
	{
	this.channelCredentials = GrpcPreconditions.CheckNotNull(channelCredentials);
	this.callCredentials = GrpcPreconditions.CheckNotNull(callCredentials);
	GrpcPreconditions.CheckArgument(channelCredentials.IsComposable, "Supplied channel credentials do not allow composition.");
	}

	internal override ChannelCredentialsSafeHandle CreateNativeCredentials()
	{
	using (var callCreds = callCredentials.ToNativeCredentials())
	{
	var nativeComposite = ChannelCredentialsSafeHandle.CreateComposite(channelCredentials.GetNativeCredentials(), callCreds);
	if (nativeComposite.IsInvalid)
	{
	throw new ArgumentException("Error creating native composite credentials. Likely, this is because you are trying to compose incompatible credentials.");
	}
	return nativeComposite;
	}
	}
	}
	}