LCOV - code coverage report
Current view: top level - envoy/ssl/private_key - private_key.h (source / functions) Hit Total Coverage
Test: coverage.dat Lines: 1 2 50.0 %
Date: 2024-01-05 06:35:25 Functions: 1 2 50.0 % 

          Line data    Source code
       1             : #pragma once
       2             : 
       3             : #include <functional>
       4             : #include <string>
       5             : 
       6             : #include "envoy/common/pure.h"
       7             : #include "envoy/event/dispatcher.h"
       8             : #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h"
       9             : #include "envoy/ssl/private_key/private_key_callbacks.h"
      10             : 
      11             : #include "openssl/ssl.h"
      12             : 
      13             : namespace Envoy {
      14             : namespace Server {
      15             : namespace Configuration {
      16             : // Prevent a dependency loop with the forward declaration.
      17             : class TransportSocketFactoryContext;
      18             : } // namespace Configuration
      19             : } // namespace Server
      20             : 
      21             : namespace Ssl {
      22             : 
      23             : #ifdef OPENSSL_IS_BORINGSSL
      24             : using BoringSslPrivateKeyMethodSharedPtr = std::shared_ptr<SSL_PRIVATE_KEY_METHOD>;
      25             : #endif
      26             : 
      27             : class PrivateKeyMethodProvider {
      28             : public:
      29           0 :   virtual ~PrivateKeyMethodProvider() = default;
      30             : 
      31             :   /**
      32             :    * Register an SSL connection to private key operations by the provider.
      33             :    * @param ssl a SSL connection object.
      34             :    * @param cb a callbacks object, whose "complete" method will be invoked
      35             :    * when the asynchronous processing is complete.
      36             :    * @param dispatcher supplies the owning thread's dispatcher.
      37             :    */
      38             :   virtual void registerPrivateKeyMethod(SSL* ssl, PrivateKeyConnectionCallbacks& cb,
      39             :                                         Event::Dispatcher& dispatcher) PURE;
      40             : 
      41             :   /**
      42             :    * Unregister an SSL connection from private key operations by the provider.
      43             :    * @param ssl a SSL connection object.
      44             :    * @throw EnvoyException if registration fails.
      45             :    */
      46             :   virtual void unregisterPrivateKeyMethod(SSL* ssl) PURE;
      47             : 
      48             :   /**
      49             :    * Check whether the private key method satisfies FIPS requirements.
      50             :    * @return true if FIPS key requirements are satisfied, false if not.
      51             :    */
      52             :   virtual bool checkFips() PURE;
      53             : 
      54             :   /**
      55             :    * Check whether the private key method is available.
      56             :    * @return true if the private key method is available, false if not.
      57             :    */
      58             :   virtual bool isAvailable() PURE;
      59             : 
      60             : #ifdef OPENSSL_IS_BORINGSSL
      61             :   /**
      62             :    * Get the private key methods from the provider.
      63             :    * @return the private key methods associated with this provider and
      64             :    * configuration.
      65             :    */
      66             :   virtual BoringSslPrivateKeyMethodSharedPtr getBoringSslPrivateKeyMethod() PURE;
      67             : #endif
      68             : };
      69             : 
      70             : using PrivateKeyMethodProviderSharedPtr = std::shared_ptr<PrivateKeyMethodProvider>;
      71             : 
      72             : /**
      73             :  * A manager for finding correct user-provided functions for handling BoringSSL private key
      74             :  * operations.
      75             :  */
      76             : class PrivateKeyMethodManager {
      77             : public:
      78         229 :   virtual ~PrivateKeyMethodManager() = default;
      79             : 
      80             :   /**
      81             :    * Finds and returns a private key operations provider for BoringSSL.
      82             :    *
      83             :    * @param config a protobuf message object containing a PrivateKeyProvider message.
      84             :    * @param factory_context context that provides components for creating and
      85             :    * initializing connections using asynchronous private key operations.
      86             :    * @return PrivateKeyMethodProvider the private key operations provider, or nullptr if
      87             :    * no provider can be used with the context configuration.
      88             :    */
      89             :   virtual PrivateKeyMethodProviderSharedPtr createPrivateKeyMethodProvider(
      90             :       const envoy::extensions::transport_sockets::tls::v3::PrivateKeyProvider& config,
      91             :       Envoy::Server::Configuration::TransportSocketFactoryContext& factory_context) PURE;
      92             : };
      93             : 
      94             : } // namespace Ssl
      95             : } // namespace Envoy

Generated by: LCOV version 1.15