1 /*
2  *
3  * Copyright 2015 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #ifndef GRPC_GRPC_SECURITY_H
20 #define GRPC_GRPC_SECURITY_H
21 
22 #include <grpc/support/port_platform.h>
23 
24 #include <grpc/grpc.h>
25 #include <grpc/grpc_security_constants.h>
26 #include <grpc/status.h>
27 
28 #ifdef __cplusplus
29 extern "C" {
30 #endif
31 
32 /** --- Authentication Context. --- */
33 
34 typedef struct grpc_auth_context grpc_auth_context;
35 
36 typedef struct grpc_auth_property_iterator {
37   const grpc_auth_context* ctx;
38   size_t index;
39   const char* name;
40 } grpc_auth_property_iterator;
41 
42 /** value, if not NULL, is guaranteed to be NULL terminated. */
43 typedef struct grpc_auth_property {
44   char* name;
45   char* value;
46   size_t value_length;
47 } grpc_auth_property;
48 
49 /** Returns NULL when the iterator is at the end. */
50 GRPCAPI const grpc_auth_property* grpc_auth_property_iterator_next(
51     grpc_auth_property_iterator* it);
52 
53 /** Iterates over the auth context. */
54 GRPCAPI grpc_auth_property_iterator
55 grpc_auth_context_property_iterator(const grpc_auth_context* ctx);
56 
57 /** Gets the peer identity. Returns an empty iterator (first _next will return
58    NULL) if the peer is not authenticated. */
59 GRPCAPI grpc_auth_property_iterator
60 grpc_auth_context_peer_identity(const grpc_auth_context* ctx);
61 
62 /** Finds a property in the context. May return an empty iterator (first _next
63    will return NULL) if no property with this name was found in the context. */
64 GRPCAPI grpc_auth_property_iterator grpc_auth_context_find_properties_by_name(
65     const grpc_auth_context* ctx, const char* name);
66 
67 /** Gets the name of the property that indicates the peer identity. Will return
68    NULL if the peer is not authenticated. */
69 GRPCAPI const char* grpc_auth_context_peer_identity_property_name(
70     const grpc_auth_context* ctx);
71 
72 /** Returns 1 if the peer is authenticated, 0 otherwise. */
73 GRPCAPI int grpc_auth_context_peer_is_authenticated(
74     const grpc_auth_context* ctx);
75 
76 /** Gets the auth context from the call. Caller needs to call
77    grpc_auth_context_release on the returned context. */
78 GRPCAPI grpc_auth_context* grpc_call_auth_context(grpc_call* call);
79 
80 /** Releases the auth context returned from grpc_call_auth_context. */
81 GRPCAPI void grpc_auth_context_release(grpc_auth_context* context);
82 
83 /** --
84    The following auth context methods should only be called by a server metadata
85    processor to set properties extracted from auth metadata.
86    -- */
87 
88 /** Add a property. */
89 GRPCAPI void grpc_auth_context_add_property(grpc_auth_context* ctx,
90                                             const char* name, const char* value,
91                                             size_t value_length);
92 
93 /** Add a C string property. */
94 GRPCAPI void grpc_auth_context_add_cstring_property(grpc_auth_context* ctx,
95                                                     const char* name,
96                                                     const char* value);
97 
98 /** Sets the property name. Returns 1 if successful or 0 in case of failure
99    (which means that no property with this name exists). */
100 GRPCAPI int grpc_auth_context_set_peer_identity_property_name(
101     grpc_auth_context* ctx, const char* name);
102 
103 /** --- SSL Session Cache. ---
104 
105     A SSL session cache object represents a way to cache client sessions
106     between connections. Only ticket-based resumption is supported. */
107 
108 typedef struct grpc_ssl_session_cache grpc_ssl_session_cache;
109 
110 /** Create LRU cache for client-side SSL sessions with the given capacity.
111     If capacity is < 1, a default capacity is used instead. */
112 GRPCAPI grpc_ssl_session_cache* grpc_ssl_session_cache_create_lru(
113     size_t capacity);
114 
115 /** Destroy SSL session cache. */
116 GRPCAPI void grpc_ssl_session_cache_destroy(grpc_ssl_session_cache* cache);
117 
118 /** Create a channel arg with the given cache object. */
119 GRPCAPI grpc_arg
120 grpc_ssl_session_cache_create_channel_arg(grpc_ssl_session_cache* cache);
121 
122 /** --- grpc_channel_credentials object. ---
123 
124    A channel credentials object represents a way to authenticate a client on a
125    channel.  */
126 
127 typedef struct grpc_channel_credentials grpc_channel_credentials;
128 
129 /** Releases a channel credentials object.
130    The creator of the credentials object is responsible for its release. */
131 GRPCAPI void grpc_channel_credentials_release(grpc_channel_credentials* creds);
132 
133 /** Creates default credentials to connect to a google gRPC service.
134    WARNING: Do NOT use this credentials to connect to a non-google service as
135    this could result in an oauth2 token leak. */
136 GRPCAPI grpc_channel_credentials* grpc_google_default_credentials_create(void);
137 
138 /** Callback for getting the SSL roots override from the application.
139    In case of success, *pem_roots_certs must be set to a NULL terminated string
140    containing the list of PEM encoded root certificates. The ownership is passed
141    to the core and freed (laster by the core) with gpr_free.
142    If this function fails and GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is
143    set to a valid path, it will override the roots specified this func */
144 typedef grpc_ssl_roots_override_result (*grpc_ssl_roots_override_callback)(
145     char** pem_root_certs);
146 
147 /** Setup a callback to override the default TLS/SSL roots.
148    This function is not thread-safe and must be called at initialization time
149    before any ssl credentials are created to have the desired side effect.
150    If GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is set to a valid path, the
151    callback will not be called. */
152 GRPCAPI void grpc_set_ssl_roots_override_callback(
153     grpc_ssl_roots_override_callback cb);
154 
155 /** Object that holds a private key / certificate chain pair in PEM format. */
156 typedef struct {
157   /** private_key is the NULL-terminated string containing the PEM encoding of
158      the client's private key. */
159   const char* private_key;
160 
161   /** cert_chain is the NULL-terminated string containing the PEM encoding of
162      the client's certificate chain. */
163   const char* cert_chain;
164 } grpc_ssl_pem_key_cert_pair;
165 
166 /** Object that holds additional peer-verification options on a secure
167    channel. */
168 typedef struct {
169   /** If non-NULL this callback will be invoked with the expected
170      target_name, the peer's certificate (in PEM format), and whatever
171      userdata pointer is set below. If a non-zero value is returned by this
172      callback then it is treated as a verification failure. Invocation of
173      the callback is blocking, so any implementation should be light-weight.
174      */
175   int (*verify_peer_callback)(const char* target_name, const char* peer_pem,
176                               void* userdata);
177   /** Arbitrary userdata that will be passed as the last argument to
178      verify_peer_callback. */
179   void* verify_peer_callback_userdata;
180   /** A destruct callback that will be invoked when the channel is being
181      cleaned up. The userdata argument will be passed to it. The intent is
182      to perform any cleanup associated with that userdata. */
183   void (*verify_peer_destruct)(void* userdata);
184 } verify_peer_options;
185 
186 /** Creates an SSL credentials object.
187    - pem_root_certs is the NULL-terminated string containing the PEM encoding
188      of the server root certificates. If this parameter is NULL, the
189      implementation will first try to dereference the file pointed by the
190      GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable, and if that fails,
191      try to get the roots set by grpc_override_ssl_default_roots. Eventually,
192      if all these fail, it will try to get the roots from a well-known place on
193      disk (in the grpc install directory).
194    - pem_key_cert_pair is a pointer on the object containing client's private
195      key and certificate chain. This parameter can be NULL if the client does
196      not have such a key/cert pair.
197    - verify_options is an optional verify_peer_options object which holds
198      additional options controlling how peer certificates are verified. For
199      example, you can supply a callback which receives the peer's certificate
200      with which you can do additional verification. Can be NULL, in which
201      case verification will retain default behavior. Any settings in
202      verify_options are copied during this call, so the verify_options
203      object can be released afterwards. */
204 GRPCAPI grpc_channel_credentials* grpc_ssl_credentials_create(
205     const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair,
206     const verify_peer_options* verify_options, void* reserved);
207 
208 /** --- grpc_call_credentials object.
209 
210    A call credentials object represents a way to authenticate on a particular
211    call. These credentials can be composed with a channel credentials object
212    so that they are sent with every call on this channel.  */
213 
214 typedef struct grpc_call_credentials grpc_call_credentials;
215 
216 /** Releases a call credentials object.
217    The creator of the credentials object is responsible for its release. */
218 GRPCAPI void grpc_call_credentials_release(grpc_call_credentials* creds);
219 
220 /** Creates a composite channel credentials object. */
221 GRPCAPI grpc_channel_credentials* grpc_composite_channel_credentials_create(
222     grpc_channel_credentials* channel_creds, grpc_call_credentials* call_creds,
223     void* reserved);
224 
225 /** Creates a composite call credentials object. */
226 GRPCAPI grpc_call_credentials* grpc_composite_call_credentials_create(
227     grpc_call_credentials* creds1, grpc_call_credentials* creds2,
228     void* reserved);
229 
230 /** Creates a compute engine credentials object for connecting to Google.
231    WARNING: Do NOT use this credentials to connect to a non-google service as
232    this could result in an oauth2 token leak. */
233 GRPCAPI grpc_call_credentials* grpc_google_compute_engine_credentials_create(
234     void* reserved);
235 
236 GRPCAPI gpr_timespec grpc_max_auth_token_lifetime(void);
237 
238 /** Creates a JWT credentials object. May return NULL if the input is invalid.
239    - json_key is the JSON key string containing the client's private key.
240    - token_lifetime is the lifetime of each Json Web Token (JWT) created with
241      this credentials.  It should not exceed grpc_max_auth_token_lifetime or
242      will be cropped to this value.  */
243 GRPCAPI grpc_call_credentials*
244 grpc_service_account_jwt_access_credentials_create(const char* json_key,
245                                                    gpr_timespec token_lifetime,
246                                                    void* reserved);
247 
248 /** Creates an Oauth2 Refresh Token credentials object for connecting to Google.
249    May return NULL if the input is invalid.
250    WARNING: Do NOT use this credentials to connect to a non-google service as
251    this could result in an oauth2 token leak.
252    - json_refresh_token is the JSON string containing the refresh token itself
253      along with a client_id and client_secret. */
254 GRPCAPI grpc_call_credentials* grpc_google_refresh_token_credentials_create(
255     const char* json_refresh_token, void* reserved);
256 
257 /** Creates an Oauth2 Access Token credentials with an access token that was
258    aquired by an out of band mechanism. */
259 GRPCAPI grpc_call_credentials* grpc_access_token_credentials_create(
260     const char* access_token, void* reserved);
261 
262 /** Creates an IAM credentials object for connecting to Google. */
263 GRPCAPI grpc_call_credentials* grpc_google_iam_credentials_create(
264     const char* authorization_token, const char* authority_selector,
265     void* reserved);
266 
267 /** Callback function to be called by the metadata credentials plugin
268    implementation when the metadata is ready.
269    - user_data is the opaque pointer that was passed in the get_metadata method
270      of the grpc_metadata_credentials_plugin (see below).
271    - creds_md is an array of credentials metadata produced by the plugin. It
272      may be set to NULL in case of an error.
273    - num_creds_md is the number of items in the creds_md array.
274    - status must be GRPC_STATUS_OK in case of success or another specific error
275      code otherwise.
276    - error_details contains details about the error if any. In case of success
277      it should be NULL and will be otherwise ignored. */
278 typedef void (*grpc_credentials_plugin_metadata_cb)(
279     void* user_data, const grpc_metadata* creds_md, size_t num_creds_md,
280     grpc_status_code status, const char* error_details);
281 
282 /** Context that can be used by metadata credentials plugin in order to create
283    auth related metadata. */
284 typedef struct {
285   /** The fully qualifed service url. */
286   const char* service_url;
287 
288   /** The method name of the RPC being called (not fully qualified).
289      The fully qualified method name can be built from the service_url:
290      full_qualified_method_name = ctx->service_url + '/' + ctx->method_name. */
291   const char* method_name;
292 
293   /** The auth_context of the channel which gives the server's identity. */
294   const grpc_auth_context* channel_auth_context;
295 
296   /** Reserved for future use. */
297   void* reserved;
298 } grpc_auth_metadata_context;
299 
300 /** Maximum number of metadata entries returnable by a credentials plugin via
301     a synchronous return. */
302 #define GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX 4
303 
304 /** grpc_metadata_credentials plugin is an API user provided structure used to
305    create grpc_credentials objects that can be set on a channel (composed) or
306    a call. See grpc_credentials_metadata_create_from_plugin below.
307    The grpc client stack will call the get_metadata method of the plugin for
308    every call in scope for the credentials created from it. */
309 typedef struct {
310   /** The implementation of this method has to be non-blocking, but can
311      be performed synchronously or asynchronously.
312 
313      If processing occurs synchronously, returns non-zero and populates
314      creds_md, num_creds_md, status, and error_details.  In this case,
315      the caller takes ownership of the entries in creds_md and of
316      error_details.  Note that if the plugin needs to return more than
317      GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX entries in creds_md, it must
318      return asynchronously.
319 
320      If processing occurs asynchronously, returns zero and invokes \a cb
321      when processing is completed.  \a user_data will be passed as the
322      first parameter of the callback.  NOTE: \a cb MUST be invoked in a
323      different thread, not from the thread in which \a get_metadata() is
324      invoked.
325 
326      \a context is the information that can be used by the plugin to create
327      auth metadata. */
328   int (*get_metadata)(
329       void* state, grpc_auth_metadata_context context,
330       grpc_credentials_plugin_metadata_cb cb, void* user_data,
331       grpc_metadata creds_md[GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX],
332       size_t* num_creds_md, grpc_status_code* status,
333       const char** error_details);
334 
335   /** Destroys the plugin state. */
336   void (*destroy)(void* state);
337 
338   /** State that will be set as the first parameter of the methods above. */
339   void* state;
340 
341   /** Type of credentials that this plugin is implementing. */
342   const char* type;
343 } grpc_metadata_credentials_plugin;
344 
345 /** Creates a credentials object from a plugin. */
346 GRPCAPI grpc_call_credentials* grpc_metadata_credentials_create_from_plugin(
347     grpc_metadata_credentials_plugin plugin, void* reserved);
348 
349 /** --- Secure channel creation. --- */
350 
351 /** Creates a secure channel using the passed-in credentials. Additional
352     channel level configuration MAY be provided by grpc_channel_args, though
353     the expectation is that most clients will want to simply pass NULL. The
354     user data in 'args' need only live through the invocation of this function.
355     However, if any args of the 'pointer' type are passed, then the referenced
356     vtable must be maintained by the caller until grpc_channel_destroy
357     terminates. See grpc_channel_args definition for more on this. */
358 GRPCAPI grpc_channel* grpc_secure_channel_create(
359     grpc_channel_credentials* creds, const char* target,
360     const grpc_channel_args* args, void* reserved);
361 
362 /** --- grpc_server_credentials object. ---
363 
364    A server credentials object represents a way to authenticate a server.  */
365 
366 typedef struct grpc_server_credentials grpc_server_credentials;
367 
368 /** Releases a server_credentials object.
369    The creator of the server_credentials object is responsible for its release.
370    */
371 GRPCAPI void grpc_server_credentials_release(grpc_server_credentials* creds);
372 
373 /** Server certificate config object holds the server's public certificates and
374    associated private keys, as well as any CA certificates needed for client
375    certificate validation (if applicable). Create using
376    grpc_ssl_server_certificate_config_create(). */
377 typedef struct grpc_ssl_server_certificate_config
378     grpc_ssl_server_certificate_config;
379 
380 /** Creates a grpc_ssl_server_certificate_config object.
381    - pem_roots_cert is the NULL-terminated string containing the PEM encoding of
382      the client root certificates. This parameter may be NULL if the server does
383      not want the client to be authenticated with SSL.
384    - pem_key_cert_pairs is an array private key / certificate chains of the
385      server. This parameter cannot be NULL.
386    - num_key_cert_pairs indicates the number of items in the private_key_files
387      and cert_chain_files parameters. It must be at least 1.
388    - It is the caller's responsibility to free this object via
389      grpc_ssl_server_certificate_config_destroy(). */
390 GRPCAPI grpc_ssl_server_certificate_config*
391 grpc_ssl_server_certificate_config_create(
392     const char* pem_root_certs,
393     const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
394     size_t num_key_cert_pairs);
395 
396 /** Destroys a grpc_ssl_server_certificate_config object. */
397 GRPCAPI void grpc_ssl_server_certificate_config_destroy(
398     grpc_ssl_server_certificate_config* config);
399 
400 /** Callback to retrieve updated SSL server certificates, private keys, and
401    trusted CAs (for client authentication).
402     - user_data parameter, if not NULL, contains opaque data to be used by the
403       callback.
404     - Use grpc_ssl_server_certificate_config_create to create the config.
405     - The caller assumes ownership of the config. */
406 typedef grpc_ssl_certificate_config_reload_status (
407     *grpc_ssl_server_certificate_config_callback)(
408     void* user_data, grpc_ssl_server_certificate_config** config);
409 
410 /** Deprecated in favor of grpc_ssl_server_credentials_create_ex.
411    Creates an SSL server_credentials object.
412    - pem_roots_cert is the NULL-terminated string containing the PEM encoding of
413      the client root certificates. This parameter may be NULL if the server does
414      not want the client to be authenticated with SSL.
415    - pem_key_cert_pairs is an array private key / certificate chains of the
416      server. This parameter cannot be NULL.
417    - num_key_cert_pairs indicates the number of items in the private_key_files
418      and cert_chain_files parameters. It should be at least 1.
419    - force_client_auth, if set to non-zero will force the client to authenticate
420      with an SSL cert. Note that this option is ignored if pem_root_certs is
421      NULL. */
422 GRPCAPI grpc_server_credentials* grpc_ssl_server_credentials_create(
423     const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
424     size_t num_key_cert_pairs, int force_client_auth, void* reserved);
425 
426 /** Deprecated in favor of grpc_ssl_server_credentials_create_with_options.
427    Same as grpc_ssl_server_credentials_create method except uses
428    grpc_ssl_client_certificate_request_type enum to support more ways to
429    authenticate client cerificates.*/
430 GRPCAPI grpc_server_credentials* grpc_ssl_server_credentials_create_ex(
431     const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
432     size_t num_key_cert_pairs,
433     grpc_ssl_client_certificate_request_type client_certificate_request,
434     void* reserved);
435 
436 typedef struct grpc_ssl_server_credentials_options
437     grpc_ssl_server_credentials_options;
438 
439 /** Creates an options object using a certificate config. Use this method when
440    the certificates and keys of the SSL server will not change during the
441    server's lifetime.
442    - Takes ownership of the certificate_config parameter. */
443 GRPCAPI grpc_ssl_server_credentials_options*
444 grpc_ssl_server_credentials_create_options_using_config(
445     grpc_ssl_client_certificate_request_type client_certificate_request,
446     grpc_ssl_server_certificate_config* certificate_config);
447 
448 /** Creates an options object using a certificate config fetcher. Use this
449    method to reload the certificates and keys of the SSL server without
450    interrupting the operation of the server. Initial certificate config will be
451    fetched during server initialization.
452    - user_data parameter, if not NULL, contains opaque data which will be passed
453      to the fetcher (see definition of
454      grpc_ssl_server_certificate_config_callback). */
455 GRPCAPI grpc_ssl_server_credentials_options*
456 grpc_ssl_server_credentials_create_options_using_config_fetcher(
457     grpc_ssl_client_certificate_request_type client_certificate_request,
458     grpc_ssl_server_certificate_config_callback cb, void* user_data);
459 
460 /** Destroys a grpc_ssl_server_credentials_options object. */
461 GRPCAPI void grpc_ssl_server_credentials_options_destroy(
462     grpc_ssl_server_credentials_options* options);
463 
464 /** Creates an SSL server_credentials object using the provided options struct.
465     - Takes ownership of the options parameter. */
466 GRPCAPI grpc_server_credentials*
467 grpc_ssl_server_credentials_create_with_options(
468     grpc_ssl_server_credentials_options* options);
469 
470 /** --- Server-side secure ports. --- */
471 
472 /** Add a HTTP2 over an encrypted link over tcp listener.
473    Returns bound port number on success, 0 on failure.
474    REQUIRES: server not started */
475 GRPCAPI int grpc_server_add_secure_http2_port(grpc_server* server,
476                                               const char* addr,
477                                               grpc_server_credentials* creds);
478 
479 /** --- Call specific credentials. --- */
480 
481 /** Sets a credentials to a call. Can only be called on the client side before
482    grpc_call_start_batch. */
483 GRPCAPI grpc_call_error grpc_call_set_credentials(grpc_call* call,
484                                                   grpc_call_credentials* creds);
485 
486 /** --- Auth Metadata Processing --- */
487 
488 /** Callback function that is called when the metadata processing is done.
489    - Consumed metadata will be removed from the set of metadata available on the
490      call. consumed_md may be NULL if no metadata has been consumed.
491    - Response metadata will be set on the response. response_md may be NULL.
492    - status is GRPC_STATUS_OK for success or a specific status for an error.
493      Common error status for auth metadata processing is either
494      GRPC_STATUS_UNAUTHENTICATED in case of an authentication failure or
495      GRPC_STATUS PERMISSION_DENIED in case of an authorization failure.
496    - error_details gives details about the error. May be NULL. */
497 typedef void (*grpc_process_auth_metadata_done_cb)(
498     void* user_data, const grpc_metadata* consumed_md, size_t num_consumed_md,
499     const grpc_metadata* response_md, size_t num_response_md,
500     grpc_status_code status, const char* error_details);
501 
502 /** Pluggable server-side metadata processor object. */
503 typedef struct {
504   /** The context object is read/write: it contains the properties of the
505      channel peer and it is the job of the process function to augment it with
506      properties derived from the passed-in metadata.
507      The lifetime of these objects is guaranteed until cb is invoked. */
508   void (*process)(void* state, grpc_auth_context* context,
509                   const grpc_metadata* md, size_t num_md,
510                   grpc_process_auth_metadata_done_cb cb, void* user_data);
511   void (*destroy)(void* state);
512   void* state;
513 } grpc_auth_metadata_processor;
514 
515 GRPCAPI void grpc_server_credentials_set_auth_metadata_processor(
516     grpc_server_credentials* creds, grpc_auth_metadata_processor processor);
517 
518 /** --- ALTS channel/server credentials --- **/
519 
520 /**
521  * Main interface for ALTS credentials options. The options will contain
522  * information that will be passed from grpc to TSI layer such as RPC protocol
523  * versions. ALTS client (channel) and server credentials will have their own
524  * implementation of this interface. The APIs listed in this header are
525  * thread-compatible. It is used for experimental purpose for now and subject
526  * to change.
527  */
528 typedef struct grpc_alts_credentials_options grpc_alts_credentials_options;
529 
530 /**
531  * This method creates a grpc ALTS credentials client options instance.
532  * It is used for experimental purpose for now and subject to change.
533  */
534 GRPCAPI grpc_alts_credentials_options*
535 grpc_alts_credentials_client_options_create(void);
536 
537 /**
538  * This method creates a grpc ALTS credentials server options instance.
539  * It is used for experimental purpose for now and subject to change.
540  */
541 GRPCAPI grpc_alts_credentials_options*
542 grpc_alts_credentials_server_options_create(void);
543 
544 /**
545  * This method adds a target service account to grpc client's ALTS credentials
546  * options instance. It is used for experimental purpose for now and subject
547  * to change.
548  *
549  * - options: grpc ALTS credentials options instance.
550  * - service_account: service account of target endpoint.
551  */
552 GRPCAPI void grpc_alts_credentials_client_options_add_target_service_account(
553     grpc_alts_credentials_options* options, const char* service_account);
554 
555 /**
556  * This method destroys a grpc_alts_credentials_options instance by
557  * de-allocating all of its occupied memory. It is used for experimental purpose
558  * for now and subject to change.
559  *
560  * - options: a grpc_alts_credentials_options instance that needs to be
561  *   destroyed.
562  */
563 GRPCAPI void grpc_alts_credentials_options_destroy(
564     grpc_alts_credentials_options* options);
565 
566 /**
567  * This method creates an ALTS channel credential object. It is used for
568  * experimental purpose for now and subject to change.
569  *
570  * - options: grpc ALTS credentials options instance for client.
571  *
572  * It returns the created ALTS channel credential object.
573  */
574 GRPCAPI grpc_channel_credentials* grpc_alts_credentials_create(
575     const grpc_alts_credentials_options* options);
576 
577 /**
578  * This method creates an ALTS server credential object. It is used for
579  * experimental purpose for now and subject to change.
580  *
581  * - options: grpc ALTS credentials options instance for server.
582  *
583  * It returns the created ALTS server credential object.
584  */
585 GRPCAPI grpc_server_credentials* grpc_alts_server_credentials_create(
586     const grpc_alts_credentials_options* options);
587 
588 /** --- Local channel/server credentials --- **/
589 
590 /**
591  * This method creates a local channel credential object. It is used for
592  * experimental purpose for now and subject to change.
593  *
594  * - type: local connection type
595  *
596  * It returns the created local channel credential object.
597  */
598 GRPCAPI grpc_channel_credentials* grpc_local_credentials_create(
599     grpc_local_connect_type type);
600 
601 /**
602  * This method creates a local server credential object. It is used for
603  * experimental purpose for now and subject to change.
604  *
605  * - type: local connection type
606  *
607  * It returns the created local server credential object.
608  */
609 GRPCAPI grpc_server_credentials* grpc_local_server_credentials_create(
610     grpc_local_connect_type type);
611 
612 #ifdef __cplusplus
613 }
614 #endif
615 
616 #endif /* GRPC_GRPC_SECURITY_H */
617