userver: userver/crypto/ssl_ctx.hpp Source File
Loading...
Searching...
No Matches
ssl_ctx.hpp
Go to the documentation of this file.
1#pragma once
2
3/// @file userver/crypto/ssl_ctx.hpp
4/// @brief @copybrief crypto::SslCtx
5
6#include <memory>
7#include <span>
8#include <string_view>
9#include <vector>
10
11#include <userver/crypto/certificate.hpp>
12#include <userver/crypto/private_key.hpp>
13#include <userver/http/http_version.hpp>
14
15USERVER_NAMESPACE_BEGIN
16
17namespace crypto {
18
19/// @ingroup userver_universal userver_containers
20///
21/// SSL context
22class SslCtx {
23public:
24 static SslCtx CreateServerTlsContext(
25 const crypto::CertificatesChain& cert_chain,
26 const crypto::PrivateKey& key,
27 const std::vector<crypto::Certificate>& extra_cert_authorities = {}
28 );
29
30 static SslCtx CreateClientTlsContext(std::string_view server_name);
31
32 static SslCtx CreateClientTlsContext(
33 std::string_view server_name,
34 const crypto::Certificate& cert,
35 const crypto::PrivateKey& key,
36 const std::vector<crypto::Certificate>& extra_cert_authorities = {}
37 );
38
39 SslCtx(SslCtx&&) noexcept;
40 SslCtx& operator=(SslCtx&&) noexcept;
41 ~SslCtx();
42
43 SslCtx(const SslCtx&) = delete;
44 SslCtx& operator=(const SslCtx&) = delete;
45
46 void* GetRawSslCtx() const noexcept;
47
48 void SetHttpVersion(http::HttpVersion);
49 [[nodiscard]] std::span<const unsigned char> GetAlpn() const noexcept;
50
51private:
52 void AddCertAuthorities(const std::vector<Certificate>& cert_authorities);
53 void EnableVerifyClientCertificate();
54 void SetServerName(std::string_view server_name);
55 void SetCertificate(const crypto::Certificate& cert);
56 void SetCertificates(const crypto::CertificatesChain& cert_chain);
57 void SetPrivateKey(const crypto::PrivateKey& key);
58
59 class Impl;
60 std::unique_ptr<Impl> impl_{};
61
62 explicit SslCtx(std::unique_ptr<Impl>&& impl);
63 std::span<const unsigned char> alpn_;
64};
65
66} // namespace crypto
67
68USERVER_NAMESPACE_END