LCOV - code coverage report
Current view: top level - envoy/secret - secret_manager.h (source / functions) Hit Total Coverage
Test: coverage.dat Lines: 1 1 100.0 %
Date: 2024-01-05 06:35:25 Functions: 1 1 100.0 % 

          Line data    Source code
       1             : #pragma once
       2             : 
       3             : #include <string>
       4             : 
       5             : #include "envoy/config/core/v3/config_source.pb.h"
       6             : #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h"
       7             : #include "envoy/secret/secret_provider.h"
       8             : 
       9             : namespace Envoy {
      10             : 
      11             : namespace Server {
      12             : namespace Configuration {
      13             : class TransportSocketFactoryContext;
      14             : } // namespace Configuration
      15             : } // namespace Server
      16             : 
      17             : namespace Secret {
      18             : 
      19             : /**
      20             :  * A manager for static and dynamic secrets.
      21             :  */
      22             : class SecretManager {
      23             : public:
      24         443 :   virtual ~SecretManager() = default;
      25             : 
      26             :   /**
      27             :    * @param add a static secret from envoy::extensions::transport_sockets::tls::v3::Secret.
      28             :    * @return a status indicating if the function completed successfully.
      29             :    */
      30             :   virtual absl::Status
      31             :   addStaticSecret(const envoy::extensions::transport_sockets::tls::v3::Secret& secret) PURE;
      32             : 
      33             :   /**
      34             :    * @param name a name of the static TlsCertificateConfigProvider.
      35             :    * @return the TlsCertificateConfigProviderSharedPtr. Returns nullptr if the static secret is not
      36             :    * found.
      37             :    */
      38             :   virtual TlsCertificateConfigProviderSharedPtr
      39             :   findStaticTlsCertificateProvider(const std::string& name) const PURE;
      40             : 
      41             :   /**
      42             :    * @param name a name of the static CertificateValidationContextConfigProviderSharedPtr.
      43             :    * @return the CertificateValidationContextConfigProviderSharedPtr. Returns nullptr
      44             :    * if the static certificate validation context is not found.
      45             :    */
      46             :   virtual CertificateValidationContextConfigProviderSharedPtr
      47             :   findStaticCertificateValidationContextProvider(const std::string& name) const PURE;
      48             : 
      49             :   /**
      50             :    * @param name a name of the static TlsSessionTicketKeysConfigProviderSharedPtr.
      51             :    * @return the TlsSessionTicketKeysConfigProviderSharedPtr. Returns nullptr
      52             :    * if the static tls session ticket keys are not found.
      53             :    */
      54             :   virtual TlsSessionTicketKeysConfigProviderSharedPtr
      55             :   findStaticTlsSessionTicketKeysContextProvider(const std::string& name) const PURE;
      56             : 
      57             :   /**
      58             :    * @param name a name of the static GenericSecretConfigProvider.
      59             :    * @return the GenericSecretConfigProviderSharedPtr. Returns nullptr if the static secret is not
      60             :    * found.
      61             :    */
      62             :   virtual GenericSecretConfigProviderSharedPtr
      63             :   findStaticGenericSecretProvider(const std::string& name) const PURE;
      64             : 
      65             :   /**
      66             :    * @param tls_certificate the protobuf config of the TLS certificate.
      67             :    * @return a TlsCertificateConfigProviderSharedPtr created from tls_certificate.
      68             :    */
      69             :   virtual TlsCertificateConfigProviderSharedPtr createInlineTlsCertificateProvider(
      70             :       const envoy::extensions::transport_sockets::tls::v3::TlsCertificate& tls_certificate) PURE;
      71             : 
      72             :   /**
      73             :    * @param certificate_validation_context the protobuf config of the certificate validation
      74             :    * context.
      75             :    * @return a CertificateValidationContextConfigProviderSharedPtr created from
      76             :    * certificate_validation_context.
      77             :    */
      78             :   virtual CertificateValidationContextConfigProviderSharedPtr
      79             :   createInlineCertificateValidationContextProvider(
      80             :       const envoy::extensions::transport_sockets::tls::v3::CertificateValidationContext&
      81             :           certificate_validation_context) PURE;
      82             : 
      83             :   /**
      84             :    * @param tls_certificate the protobuf config of the TLS session ticket keys.
      85             :    * @return a TlsSessionTicketKeysConfigProviderSharedPtr created from session_ticket_keys.
      86             :    */
      87             :   virtual TlsSessionTicketKeysConfigProviderSharedPtr createInlineTlsSessionTicketKeysProvider(
      88             :       const envoy::extensions::transport_sockets::tls::v3::TlsSessionTicketKeys& tls_certificate)
      89             :       PURE;
      90             : 
      91             :   /**
      92             :    * @param generic_secret the protobuf config of the generic secret.
      93             :    * @return a GenericSecretConfigProviderSharedPtr created from tls_certificate.
      94             :    */
      95             :   virtual GenericSecretConfigProviderSharedPtr createInlineGenericSecretProvider(
      96             :       const envoy::extensions::transport_sockets::tls::v3::GenericSecret& generic_secret) PURE;
      97             : 
      98             :   /**
      99             :    * Finds and returns a dynamic secret provider associated to SDS config. Create
     100             :    * a new one if such provider does not exist.
     101             :    *
     102             :    * @param config_source a protobuf message object containing a SDS config source.
     103             :    * @param config_name a name that uniquely refers to the SDS config source.
     104             :    * @param secret_provider_context context that provides components for creating and initializing
     105             :    * secret provider.
     106             :    * @return TlsCertificateConfigProviderSharedPtr the dynamic TLS secret provider.
     107             :    */
     108             :   virtual TlsCertificateConfigProviderSharedPtr findOrCreateTlsCertificateProvider(
     109             :       const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name,
     110             :       Server::Configuration::TransportSocketFactoryContext& secret_provider_context,
     111             :       Init::Manager& init_manager) PURE;
     112             : 
     113             :   /**
     114             :    * Finds and returns a dynamic secret provider associated to SDS config. Create
     115             :    * a new one if such provider does not exist.
     116             :    *
     117             :    * @param config_source a protobuf message object containing a SDS config source.
     118             :    * @param config_name a name that uniquely refers to the SDS config source.
     119             :    * @param secret_provider_context context that provides components for creating and initializing
     120             :    * secret provider.
     121             :    * @return CertificateValidationContextConfigProviderSharedPtr the dynamic certificate validation
     122             :    * context secret provider.
     123             :    */
     124             :   virtual CertificateValidationContextConfigProviderSharedPtr
     125             :   findOrCreateCertificateValidationContextProvider(
     126             :       const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name,
     127             :       Server::Configuration::TransportSocketFactoryContext& secret_provider_context,
     128             :       Init::Manager& init_manager) PURE;
     129             : 
     130             :   /**
     131             :    * Finds and returns a dynamic secret provider associated to SDS config. Create
     132             :    * a new one if such provider does not exist.
     133             :    *
     134             :    * @param config_source a protobuf message object containing a SDS config source.
     135             :    * @param config_name a name that uniquely refers to the SDS config source.
     136             :    * @param secret_provider_context context that provides components for creating and initializing
     137             :    * secret provider.
     138             :    * @return TlsSessionTicketKeysConfigProviderSharedPtr the dynamic tls session ticket keys secret
     139             :    * provider.
     140             :    */
     141             :   virtual TlsSessionTicketKeysConfigProviderSharedPtr
     142             :   findOrCreateTlsSessionTicketKeysContextProvider(
     143             :       const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name,
     144             :       Server::Configuration::TransportSocketFactoryContext& secret_provider_context,
     145             :       Init::Manager& init_manager) PURE;
     146             : 
     147             :   /**
     148             :    * Finds and returns a dynamic secret provider associated to SDS config. Create a new one if such
     149             :    * provider does not exist.
     150             :    *
     151             :    * @param config_source a protobuf message object containing a SDS config source.
     152             :    * @param config_name a name that uniquely refers to the SDS config source.
     153             :    * @param secret_provider_context context that provides components for creating and initializing
     154             :    * secret provider.
     155             :    * @return GenericSecretConfigProviderSharedPtr the dynamic generic secret provider.
     156             :    */
     157             :   virtual GenericSecretConfigProviderSharedPtr findOrCreateGenericSecretProvider(
     158             :       const envoy::config::core::v3::ConfigSource& config_source, const std::string& config_name,
     159             :       Server::Configuration::TransportSocketFactoryContext& secret_provider_context,
     160             :       Init::Manager& init_manager) PURE;
     161             : };
     162             : 
     163             : using SecretManagerPtr = std::unique_ptr<SecretManager>;
     164             : 
     165             : } // namespace Secret
     166             : } // namespace Envoy

Generated by: LCOV version 1.15