Пример #1
0
def ssl_server_credentials(
    private_key_certificate_chain_pairs, root_certificates=None,
    require_client_auth=False):
  """Creates a ServerCredentials for use with an SSL-enabled Server.

  Args:
    private_key_certificate_chain_pairs: A nonempty sequence each element of
      which is a pair the first element of which is a PEM-encoded private key
      and the second element of which is the corresponding PEM-encoded
      certificate chain.
    root_certificates: PEM-encoded client root certificates to be used for
      verifying authenticated clients. If omitted, require_client_auth must also
      be omitted or be False.
    require_client_auth: A boolean indicating whether or not to require clients
      to be authenticated. May only be True if root_certificates is not None.

  Returns:
    A ServerCredentials for use with an SSL-enabled Server.
  """
  if len(private_key_certificate_chain_pairs) == 0:
    raise ValueError(
        'At least one private key-certificate chain pair is required!')
  elif require_client_auth and root_certificates is None:
    raise ValueError(
        'Illegal to require client auth without providing root certificates!')
  else:
    return ServerCredentials(
        _cygrpc.server_credentials_ssl(
        root_certificates,
        [_cygrpc.SslPemKeyCertPair(key, pem)
         for key, pem in private_key_certificate_chain_pairs],
        require_client_auth))
Пример #2
0
def ssl_server_credentials(private_key_certificate_chain_pairs,
                           root_certificates=None,
                           require_client_auth=False):
    """Creates a ServerCredentials for use with an SSL-enabled Server.

  Args:
    private_key_certificate_chain_pairs: A nonempty sequence each element of
      which is a pair the first element of which is a PEM-encoded private key
      and the second element of which is the corresponding PEM-encoded
      certificate chain.
    root_certificates: PEM-encoded client root certificates to be used for
      verifying authenticated clients. If omitted, require_client_auth must also
      be omitted or be False.
    require_client_auth: A boolean indicating whether or not to require clients
      to be authenticated. May only be True if root_certificates is not None.

  Returns:
    A ServerCredentials for use with an SSL-enabled Server.
  """
    if len(private_key_certificate_chain_pairs) == 0:
        raise ValueError(
            'At least one private key-certificate chain pair is required!')
    elif require_client_auth and root_certificates is None:
        raise ValueError(
            'Illegal to require client auth without providing root certificates!'
        )
    else:
        return ServerCredentials(
            _cygrpc.server_credentials_ssl(root_certificates, [
                _cygrpc.SslPemKeyCertPair(key, pem)
                for key, pem in private_key_certificate_chain_pairs
            ], require_client_auth))
Пример #3
0
 def setUp(self):
   server_credentials = cygrpc.server_credentials_ssl(
       None, [cygrpc.SslPemKeyCertPair(resources.private_key(),
                                       resources.certificate_chain())], False)
   client_credentials = cygrpc.channel_credentials_ssl(
       resources.test_root_certificates(), None)
   self.setUpMixin(server_credentials, client_credentials, _SSL_HOST_OVERRIDE)
Пример #4
0
def ssl_server_credentials(private_key_certificate_chain_pairs,
                           root_certificates=None,
                           require_client_auth=False):
    """Creates a ServerCredentials for use with an SSL-enabled Server.

  Args:
    private_key_certificate_chain_pairs: A list of pairs of the form
      [PEM-encoded private key, PEM-encoded certificate chain].
    root_certificates: An optional byte string of PEM-encoded client root
      certificates that the server will use to verify client authentication.
      If omitted, require_client_auth must also be False.
    require_client_auth: A boolean indicating whether or not to require
      clients to be authenticated. May only be True if root_certificates
      is not None.

  Returns:
    A ServerCredentials for use with an SSL-enabled Server. Typically, this
    object is an argument to add_secure_port() method during server setup.
  """
    if len(private_key_certificate_chain_pairs) == 0:
        raise ValueError(
            'At least one private key-certificate chain pair is required!')
    elif require_client_auth and root_certificates is None:
        raise ValueError(
            'Illegal to require client auth without providing root certificates!'
        )
    else:
        return ServerCredentials(
            _cygrpc.server_credentials_ssl(root_certificates, [
                _cygrpc.SslPemKeyCertPair(key, pem)
                for key, pem in private_key_certificate_chain_pairs
            ], require_client_auth))
Пример #5
0
def ssl_server_credentials(private_key_certificate_chain_pairs,
                           root_certificates=None,
                           require_client_auth=False):
    """Creates a ServerCredentials for use with an SSL-enabled Server.

  Args:
    private_key_certificate_chain_pairs: A list of pairs of the form
      [PEM-encoded private key, PEM-encoded certificate chain].
    root_certificates: An optional byte string of PEM-encoded client root
      certificates that the server will use to verify client authentication.
      If omitted, require_client_auth must also be False.
    require_client_auth: A boolean indicating whether or not to require
      clients to be authenticated. May only be True if root_certificates
      is not None.

  Returns:
    A ServerCredentials for use with an SSL-enabled Server. Typically, this
    object is an argument to add_secure_port() method during server setup.
  """
    if len(private_key_certificate_chain_pairs) == 0:
        raise ValueError(
            'At least one private key-certificate chain pair is required!')
    elif require_client_auth and root_certificates is None:
        raise ValueError(
            'Illegal to require client auth without providing root certificates!'
        )
    else:
        return ServerCredentials(
            _cygrpc.server_credentials_ssl(root_certificates, [
                _cygrpc.SslPemKeyCertPair(key, pem)
                for key, pem in private_key_certificate_chain_pairs
            ], require_client_auth))
Пример #6
0
 def setUp(self):
   server_credentials = cygrpc.server_credentials_ssl(
       None, [cygrpc.SslPemKeyCertPair(resources.private_key(),
                                       resources.certificate_chain())], False)
   channel_credentials = cygrpc.channel_credentials_ssl(
       resources.test_root_certificates(), None)
   self.server_completion_queue = cygrpc.CompletionQueue()
   self.server = cygrpc.Server()
   self.server.register_completion_queue(self.server_completion_queue)
   self.port = self.server.add_http2_port('[::]:0', server_credentials)
   self.server.start()
   self.client_completion_queue = cygrpc.CompletionQueue()
   client_channel_arguments = cygrpc.ChannelArgs([
       cygrpc.ChannelArg(cygrpc.ChannelArgKey.ssl_target_name_override,
                         _SSL_HOST_OVERRIDE)])
   self.client_channel = cygrpc.Channel(
       'localhost:{}'.format(self.port), client_channel_arguments,
       channel_credentials)
Пример #7
0
 def setUp(self):
     server_credentials = cygrpc.server_credentials_ssl(
         None, [
             cygrpc.SslPemKeyCertPair(resources.private_key(),
                                      resources.certificate_chain())
         ], False)
     channel_credentials = cygrpc.channel_credentials_ssl(
         resources.test_root_certificates(), None)
     self.server_completion_queue = cygrpc.CompletionQueue()
     self.server = cygrpc.Server()
     self.server.register_completion_queue(self.server_completion_queue)
     self.port = self.server.add_http2_port('[::]:0', server_credentials)
     self.server.start()
     self.client_completion_queue = cygrpc.CompletionQueue()
     client_channel_arguments = cygrpc.ChannelArgs([
         cygrpc.ChannelArg(cygrpc.ChannelArgKey.ssl_target_name_override,
                           _SSL_HOST_OVERRIDE)
     ])
     self.client_channel = cygrpc.Channel('localhost:{}'.format(self.port),
                                          client_channel_arguments,
                                          channel_credentials)
Пример #8
0
def server_credentials_ssl(root_credentials, pair_sequence, force_client_auth):
    return cygrpc.server_credentials_ssl(
        root_credentials,
        [cygrpc.SslPemKeyCertPair(key, pem)
         for key, pem in pair_sequence], force_client_auth)
Пример #9
0
def server_credentials_ssl(root_credentials, pair_sequence, force_client_auth):
  return cygrpc.server_credentials_ssl(
      root_credentials,
      [cygrpc.SslPemKeyCertPair(key, pem) for key, pem in pair_sequence],
      force_client_auth)