userver: userver/crypto/ssl_ctx.hpp Source File
Loading...
Searching...
No Matches
ssl_ctx.hpp
Go to the documentation of this file.
1#pragma once
2
3/// @file userver/crypto/ssl_ctx.hpp
4/// @brief @copybrief crypto::SslCtx
5
6#include <memory>
7#include <string_view>
8#include <vector>
9
10#include <userver/crypto/certificate.hpp>
11#include <userver/crypto/private_key.hpp>
12
13USERVER_NAMESPACE_BEGIN
14
15namespace crypto {
16
17/// @ingroup userver_universal userver_containers
18///
19/// SSL context
20class SslCtx {
21public:
22 static SslCtx CreateServerTlsContext(
23 const crypto::CertificatesChain& cert_chain,
24 const crypto::PrivateKey& key,
25 const std::vector<crypto::Certificate>& extra_cert_authorities = {}
26 );
27
28 static SslCtx CreateClientTlsContext(std::string_view server_name);
29
30 static SslCtx CreateClientTlsContext(
31 std::string_view server_name,
32 const crypto::Certificate& cert,
33 const crypto::PrivateKey& key,
34 const std::vector<crypto::Certificate>& extra_cert_authorities = {}
35 );
36
37 SslCtx(SslCtx&&) noexcept;
38 SslCtx& operator=(SslCtx&&) noexcept;
39 ~SslCtx();
40
41 SslCtx(const SslCtx&) = delete;
42 SslCtx& operator=(const SslCtx&) = delete;
43
44 void* GetRawSslCtx() const noexcept;
45
46private:
47 void AddCertAuthorities(const std::vector<Certificate>& cert_authorities);
48 void EnableVerifyClientCertificate();
49 void SetServerName(std::string_view server_name);
50 void SetCertificate(const crypto::Certificate& cert);
51 void SetCertificates(const crypto::CertificatesChain& cert_chain);
52 void SetPrivateKey(const crypto::PrivateKey& key);
53
54 class Impl;
55 std::unique_ptr<Impl> impl_{};
56
57 explicit SslCtx(std::unique_ptr<Impl>&& impl);
58};
59
60} // namespace crypto
61
62USERVER_NAMESPACE_END