diff --git a/BUILD b/BUILD
index ca913d4c38a..8dc66e9a746 100644
--- a/BUILD
+++ b/BUILD
@@ -4350,10 +4350,38 @@ grpc_cc_library(
],
)
+grpc_cc_library(
+ name = "certificate_provider_factory",
+ hdrs = [
+ "src/core/lib/security/certificate_provider/certificate_provider_factory.h",
+ ],
+ deps = [
+ "gpr",
+ "grpc_base",
+ "json",
+ "ref_counted",
+ "ref_counted_ptr",
+ ],
+)
+
+grpc_cc_library(
+ name = "certificate_provider_registry",
+ srcs = [
+ "src/core/lib/security/certificate_provider/certificate_provider_registry.cc",
+ ],
+ hdrs = [
+ "src/core/lib/security/certificate_provider/certificate_provider_registry.h",
+ ],
+ external_deps = ["absl/strings"],
+ deps = [
+ "certificate_provider_factory",
+ "gpr_public_hdrs",
+ ],
+)
+
grpc_cc_library(
name = "grpc_xds_client",
srcs = [
- "src/core/ext/xds/certificate_provider_registry.cc",
"src/core/ext/xds/certificate_provider_store.cc",
"src/core/ext/xds/file_watcher_certificate_provider_factory.cc",
"src/core/ext/xds/xds_bootstrap_grpc.cc",
@@ -4374,8 +4402,6 @@ grpc_cc_library(
"src/core/lib/security/credentials/xds/xds_credentials.cc",
],
hdrs = [
- "src/core/ext/xds/certificate_provider_factory.h",
- "src/core/ext/xds/certificate_provider_registry.h",
"src/core/ext/xds/certificate_provider_store.h",
"src/core/ext/xds/file_watcher_certificate_provider_factory.h",
"src/core/ext/xds/xds_bootstrap_grpc.h",
@@ -4414,6 +4440,8 @@ grpc_cc_library(
language = "c++",
tags = ["nofixdeps"],
deps = [
+ "certificate_provider_factory",
+ "certificate_provider_registry",
"channel_creds_registry",
"channel_fwd",
"config",
@@ -4610,11 +4638,11 @@ grpc_cc_library(
],
language = "c++",
deps = [
+ "certificate_provider_factory",
"error",
"gpr_platform",
"grpc_tls_credentials",
"grpc_trace",
- "grpc_xds_client",
"json",
"json_util",
"ref_counted_ptr",
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 1ca797096ef..5810ee9ca4d 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -2061,7 +2061,6 @@ add_library(grpc
src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.c
src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c
src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c
- src/core/ext/xds/certificate_provider_registry.cc
src/core/ext/xds/certificate_provider_store.cc
src/core/ext/xds/file_watcher_certificate_provider_factory.cc
src/core/ext/xds/xds_api.cc
@@ -2234,6 +2233,7 @@ add_library(grpc
src/core/lib/security/authorization/grpc_server_authz_filter.cc
src/core/lib/security/authorization/matchers.cc
src/core/lib/security/authorization/rbac_policy.cc
+ src/core/lib/security/certificate_provider/certificate_provider_registry.cc
src/core/lib/security/context/security_context.cc
src/core/lib/security/credentials/alts/alts_credentials.cc
src/core/lib/security/credentials/alts/check_gcp_environment.cc
@@ -6924,7 +6924,7 @@ endif()
if(gRPC_BUILD_TESTS)
add_executable(certificate_provider_registry_test
- test/core/client_channel/certificate_provider_registry_test.cc
+ test/core/security/certificate_provider_registry_test.cc
third_party/googletest/googletest/src/gtest-all.cc
third_party/googletest/googlemock/src/gmock-all.cc
)
diff --git a/Makefile b/Makefile
index ccba2d9cc3d..6b30334fa4e 100644
--- a/Makefile
+++ b/Makefile
@@ -1376,7 +1376,6 @@ LIBGRPC_SRC = \
src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.c \
src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c \
src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c \
- src/core/ext/xds/certificate_provider_registry.cc \
src/core/ext/xds/certificate_provider_store.cc \
src/core/ext/xds/file_watcher_certificate_provider_factory.cc \
src/core/ext/xds/xds_api.cc \
@@ -1549,6 +1548,7 @@ LIBGRPC_SRC = \
src/core/lib/security/authorization/grpc_server_authz_filter.cc \
src/core/lib/security/authorization/matchers.cc \
src/core/lib/security/authorization/rbac_policy.cc \
+ src/core/lib/security/certificate_provider/certificate_provider_registry.cc \
src/core/lib/security/context/security_context.cc \
src/core/lib/security/credentials/alts/alts_credentials.cc \
src/core/lib/security/credentials/alts/check_gcp_environment.cc \
@@ -3164,7 +3164,6 @@ src/core/ext/upbdefs-generated/xds/type/matcher/v3/matcher.upbdefs.c: $(OPENSSL_
src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.c: $(OPENSSL_DEP)
src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c: $(OPENSSL_DEP)
src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c: $(OPENSSL_DEP)
-src/core/ext/xds/certificate_provider_registry.cc: $(OPENSSL_DEP)
src/core/ext/xds/certificate_provider_store.cc: $(OPENSSL_DEP)
src/core/ext/xds/file_watcher_certificate_provider_factory.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_api.cc: $(OPENSSL_DEP)
@@ -3194,6 +3193,7 @@ src/core/lib/matchers/matchers.cc: $(OPENSSL_DEP)
src/core/lib/security/authorization/grpc_authorization_engine.cc: $(OPENSSL_DEP)
src/core/lib/security/authorization/matchers.cc: $(OPENSSL_DEP)
src/core/lib/security/authorization/rbac_policy.cc: $(OPENSSL_DEP)
+src/core/lib/security/certificate_provider/certificate_provider_registry.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/alts/alts_credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/alts/check_gcp_environment.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc: $(OPENSSL_DEP)
diff --git a/build_autogenerated.yaml b/build_autogenerated.yaml
index d7893b684ef..d61462885af 100644
--- a/build_autogenerated.yaml
+++ b/build_autogenerated.yaml
@@ -722,8 +722,6 @@ libs:
- src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.h
- src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.h
- src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h
- - src/core/ext/xds/certificate_provider_factory.h
- - src/core/ext/xds/certificate_provider_registry.h
- src/core/ext/xds/certificate_provider_store.h
- src/core/ext/xds/file_watcher_certificate_provider_factory.h
- src/core/ext/xds/upb_utils.h
@@ -931,6 +929,8 @@ libs:
- src/core/lib/security/authorization/grpc_server_authz_filter.h
- src/core/lib/security/authorization/matchers.h
- src/core/lib/security/authorization/rbac_policy.h
+ - src/core/lib/security/certificate_provider/certificate_provider_factory.h
+ - src/core/lib/security/certificate_provider/certificate_provider_registry.h
- src/core/lib/security/context/security_context.h
- src/core/lib/security/credentials/alts/alts_credentials.h
- src/core/lib/security/credentials/alts/check_gcp_environment.h
@@ -1435,7 +1435,6 @@ libs:
- src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.c
- src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c
- src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c
- - src/core/ext/xds/certificate_provider_registry.cc
- src/core/ext/xds/certificate_provider_store.cc
- src/core/ext/xds/file_watcher_certificate_provider_factory.cc
- src/core/ext/xds/xds_api.cc
@@ -1608,6 +1607,7 @@ libs:
- src/core/lib/security/authorization/grpc_server_authz_filter.cc
- src/core/lib/security/authorization/matchers.cc
- src/core/lib/security/authorization/rbac_policy.cc
+ - src/core/lib/security/certificate_provider/certificate_provider_registry.cc
- src/core/lib/security/context/security_context.cc
- src/core/lib/security/credentials/alts/alts_credentials.cc
- src/core/lib/security/credentials/alts/check_gcp_environment.cc
@@ -4589,7 +4589,7 @@ targets:
language: c++
headers: []
src:
- - test/core/client_channel/certificate_provider_registry_test.cc
+ - test/core/security/certificate_provider_registry_test.cc
deps:
- grpc_test_util
- name: certificate_provider_store_test
diff --git a/config.m4 b/config.m4
index 12322f8b120..2bad397a941 100644
--- a/config.m4
+++ b/config.m4
@@ -423,7 +423,6 @@ if test "$PHP_GRPC" != "no"; then
src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.c \
src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c \
src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c \
- src/core/ext/xds/certificate_provider_registry.cc \
src/core/ext/xds/certificate_provider_store.cc \
src/core/ext/xds/file_watcher_certificate_provider_factory.cc \
src/core/ext/xds/xds_api.cc \
@@ -638,6 +637,7 @@ if test "$PHP_GRPC" != "no"; then
src/core/lib/security/authorization/grpc_server_authz_filter.cc \
src/core/lib/security/authorization/matchers.cc \
src/core/lib/security/authorization/rbac_policy.cc \
+ src/core/lib/security/certificate_provider/certificate_provider_registry.cc \
src/core/lib/security/context/security_context.cc \
src/core/lib/security/credentials/alts/alts_credentials.cc \
src/core/lib/security/credentials/alts/check_gcp_environment.cc \
@@ -1347,6 +1347,7 @@ if test "$PHP_GRPC" != "no"; then
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/resolver)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/resource_quota)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/authorization)
+ PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/certificate_provider)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/context)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials/alts)
diff --git a/config.w32 b/config.w32
index 024a90bd338..af4090fbdc0 100644
--- a/config.w32
+++ b/config.w32
@@ -389,7 +389,6 @@ if (PHP_GRPC != "no") {
"src\\core\\ext\\upbdefs-generated\\xds\\type\\matcher\\v3\\regex.upbdefs.c " +
"src\\core\\ext\\upbdefs-generated\\xds\\type\\matcher\\v3\\string.upbdefs.c " +
"src\\core\\ext\\upbdefs-generated\\xds\\type\\v3\\typed_struct.upbdefs.c " +
- "src\\core\\ext\\xds\\certificate_provider_registry.cc " +
"src\\core\\ext\\xds\\certificate_provider_store.cc " +
"src\\core\\ext\\xds\\file_watcher_certificate_provider_factory.cc " +
"src\\core\\ext\\xds\\xds_api.cc " +
@@ -604,6 +603,7 @@ if (PHP_GRPC != "no") {
"src\\core\\lib\\security\\authorization\\grpc_server_authz_filter.cc " +
"src\\core\\lib\\security\\authorization\\matchers.cc " +
"src\\core\\lib\\security\\authorization\\rbac_policy.cc " +
+ "src\\core\\lib\\security\\certificate_provider\\certificate_provider_registry.cc " +
"src\\core\\lib\\security\\context\\security_context.cc " +
"src\\core\\lib\\security\\credentials\\alts\\alts_credentials.cc " +
"src\\core\\lib\\security\\credentials\\alts\\check_gcp_environment.cc " +
@@ -1470,6 +1470,7 @@ if (PHP_GRPC != "no") {
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\resource_quota");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\authorization");
+ FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\certificate_provider");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\context");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials\\alts");
diff --git a/gRPC-C++.podspec b/gRPC-C++.podspec
index d110126ca1c..4ec80c6e5fa 100644
--- a/gRPC-C++.podspec
+++ b/gRPC-C++.podspec
@@ -626,8 +626,6 @@ Pod::Spec.new do |s|
'src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.h',
'src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.h',
'src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h',
- 'src/core/ext/xds/certificate_provider_factory.h',
- 'src/core/ext/xds/certificate_provider_registry.h',
'src/core/ext/xds/certificate_provider_store.h',
'src/core/ext/xds/file_watcher_certificate_provider_factory.h',
'src/core/ext/xds/upb_utils.h',
@@ -860,6 +858,8 @@ Pod::Spec.new do |s|
'src/core/lib/security/authorization/grpc_server_authz_filter.h',
'src/core/lib/security/authorization/matchers.h',
'src/core/lib/security/authorization/rbac_policy.h',
+ 'src/core/lib/security/certificate_provider/certificate_provider_factory.h',
+ 'src/core/lib/security/certificate_provider/certificate_provider_registry.h',
'src/core/lib/security/context/security_context.h',
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',
@@ -1486,8 +1486,6 @@ Pod::Spec.new do |s|
'src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.h',
'src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.h',
'src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h',
- 'src/core/ext/xds/certificate_provider_factory.h',
- 'src/core/ext/xds/certificate_provider_registry.h',
'src/core/ext/xds/certificate_provider_store.h',
'src/core/ext/xds/file_watcher_certificate_provider_factory.h',
'src/core/ext/xds/upb_utils.h',
@@ -1720,6 +1718,8 @@ Pod::Spec.new do |s|
'src/core/lib/security/authorization/grpc_server_authz_filter.h',
'src/core/lib/security/authorization/matchers.h',
'src/core/lib/security/authorization/rbac_policy.h',
+ 'src/core/lib/security/certificate_provider/certificate_provider_factory.h',
+ 'src/core/lib/security/certificate_provider/certificate_provider_registry.h',
'src/core/lib/security/context/security_context.h',
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',
diff --git a/gRPC-Core.podspec b/gRPC-Core.podspec
index d255794e758..1f2daf2d10e 100644
--- a/gRPC-Core.podspec
+++ b/gRPC-Core.podspec
@@ -947,9 +947,6 @@ Pod::Spec.new do |s|
'src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.h',
'src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c',
'src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h',
- 'src/core/ext/xds/certificate_provider_factory.h',
- 'src/core/ext/xds/certificate_provider_registry.cc',
- 'src/core/ext/xds/certificate_provider_registry.h',
'src/core/ext/xds/certificate_provider_store.cc',
'src/core/ext/xds/certificate_provider_store.h',
'src/core/ext/xds/file_watcher_certificate_provider_factory.cc',
@@ -1396,6 +1393,9 @@ Pod::Spec.new do |s|
'src/core/lib/security/authorization/matchers.h',
'src/core/lib/security/authorization/rbac_policy.cc',
'src/core/lib/security/authorization/rbac_policy.h',
+ 'src/core/lib/security/certificate_provider/certificate_provider_factory.h',
+ 'src/core/lib/security/certificate_provider/certificate_provider_registry.cc',
+ 'src/core/lib/security/certificate_provider/certificate_provider_registry.h',
'src/core/lib/security/context/security_context.cc',
'src/core/lib/security/context/security_context.h',
'src/core/lib/security/credentials/alts/alts_credentials.cc',
@@ -2112,8 +2112,6 @@ Pod::Spec.new do |s|
'src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.h',
'src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.h',
'src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h',
- 'src/core/ext/xds/certificate_provider_factory.h',
- 'src/core/ext/xds/certificate_provider_registry.h',
'src/core/ext/xds/certificate_provider_store.h',
'src/core/ext/xds/file_watcher_certificate_provider_factory.h',
'src/core/ext/xds/upb_utils.h',
@@ -2346,6 +2344,8 @@ Pod::Spec.new do |s|
'src/core/lib/security/authorization/grpc_server_authz_filter.h',
'src/core/lib/security/authorization/matchers.h',
'src/core/lib/security/authorization/rbac_policy.h',
+ 'src/core/lib/security/certificate_provider/certificate_provider_factory.h',
+ 'src/core/lib/security/certificate_provider/certificate_provider_registry.h',
'src/core/lib/security/context/security_context.h',
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',
diff --git a/grpc.gemspec b/grpc.gemspec
index 9834df41a50..c9371a59a97 100644
--- a/grpc.gemspec
+++ b/grpc.gemspec
@@ -860,9 +860,6 @@ Gem::Specification.new do |s|
s.files += %w( src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.h )
s.files += %w( src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c )
s.files += %w( src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h )
- s.files += %w( src/core/ext/xds/certificate_provider_factory.h )
- s.files += %w( src/core/ext/xds/certificate_provider_registry.cc )
- s.files += %w( src/core/ext/xds/certificate_provider_registry.h )
s.files += %w( src/core/ext/xds/certificate_provider_store.cc )
s.files += %w( src/core/ext/xds/certificate_provider_store.h )
s.files += %w( src/core/ext/xds/file_watcher_certificate_provider_factory.cc )
@@ -1309,6 +1306,9 @@ Gem::Specification.new do |s|
s.files += %w( src/core/lib/security/authorization/matchers.h )
s.files += %w( src/core/lib/security/authorization/rbac_policy.cc )
s.files += %w( src/core/lib/security/authorization/rbac_policy.h )
+ s.files += %w( src/core/lib/security/certificate_provider/certificate_provider_factory.h )
+ s.files += %w( src/core/lib/security/certificate_provider/certificate_provider_registry.cc )
+ s.files += %w( src/core/lib/security/certificate_provider/certificate_provider_registry.h )
s.files += %w( src/core/lib/security/context/security_context.cc )
s.files += %w( src/core/lib/security/context/security_context.h )
s.files += %w( src/core/lib/security/credentials/alts/alts_credentials.cc )
diff --git a/grpc.gyp b/grpc.gyp
index 58dbf8eac95..cda7bb4b581 100644
--- a/grpc.gyp
+++ b/grpc.gyp
@@ -755,7 +755,6 @@
'src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.c',
'src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c',
'src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c',
- 'src/core/ext/xds/certificate_provider_registry.cc',
'src/core/ext/xds/certificate_provider_store.cc',
'src/core/ext/xds/file_watcher_certificate_provider_factory.cc',
'src/core/ext/xds/xds_api.cc',
@@ -928,6 +927,7 @@
'src/core/lib/security/authorization/grpc_server_authz_filter.cc',
'src/core/lib/security/authorization/matchers.cc',
'src/core/lib/security/authorization/rbac_policy.cc',
+ 'src/core/lib/security/certificate_provider/certificate_provider_registry.cc',
'src/core/lib/security/context/security_context.cc',
'src/core/lib/security/credentials/alts/alts_credentials.cc',
'src/core/lib/security/credentials/alts/check_gcp_environment.cc',
diff --git a/package.xml b/package.xml
index e480e155a7c..0c32b9ec5f5 100644
--- a/package.xml
+++ b/package.xml
@@ -842,9 +842,6 @@
-
-
-
@@ -1291,6 +1288,9 @@
+
+
+
diff --git a/src/core/ext/xds/certificate_provider_store.cc b/src/core/ext/xds/certificate_provider_store.cc
index e83414baeb0..932b7962e13 100644
--- a/src/core/ext/xds/certificate_provider_store.cc
+++ b/src/core/ext/xds/certificate_provider_store.cc
@@ -22,7 +22,7 @@
#include
-#include "src/core/ext/xds/certificate_provider_registry.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_registry.h"
namespace grpc_core {
diff --git a/src/core/ext/xds/certificate_provider_store.h b/src/core/ext/xds/certificate_provider_store.h
index b9f33042080..bb50af4d73a 100644
--- a/src/core/ext/xds/certificate_provider_store.h
+++ b/src/core/ext/xds/certificate_provider_store.h
@@ -30,13 +30,13 @@
#include
-#include "src/core/ext/xds/certificate_provider_factory.h"
#include "src/core/lib/gpr/useful.h"
#include "src/core/lib/gprpp/orphanable.h"
#include "src/core/lib/gprpp/ref_counted_ptr.h"
#include "src/core/lib/gprpp/sync.h"
#include "src/core/lib/gprpp/unique_type_name.h"
#include "src/core/lib/iomgr/iomgr_fwd.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_factory.h"
#include "src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h"
#include "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h"
diff --git a/src/core/ext/xds/file_watcher_certificate_provider_factory.cc b/src/core/ext/xds/file_watcher_certificate_provider_factory.cc
index 0ab7f74459e..fed84d08b99 100644
--- a/src/core/ext/xds/file_watcher_certificate_provider_factory.cc
+++ b/src/core/ext/xds/file_watcher_certificate_provider_factory.cc
@@ -31,8 +31,8 @@
#include
#include
-#include "src/core/ext/xds/certificate_provider_registry.h"
#include "src/core/lib/json/json_util.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_registry.h"
#include "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h"
namespace grpc_core {
diff --git a/src/core/ext/xds/file_watcher_certificate_provider_factory.h b/src/core/ext/xds/file_watcher_certificate_provider_factory.h
index a1c3900ff10..03635e36aa1 100644
--- a/src/core/ext/xds/file_watcher_certificate_provider_factory.h
+++ b/src/core/ext/xds/file_watcher_certificate_provider_factory.h
@@ -25,11 +25,11 @@
#include
-#include "src/core/ext/xds/certificate_provider_factory.h"
#include "src/core/lib/gprpp/ref_counted_ptr.h"
#include "src/core/lib/gprpp/time.h"
#include "src/core/lib/iomgr/error.h"
#include "src/core/lib/json/json.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_factory.h"
namespace grpc_core {
diff --git a/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.h b/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.h
index 5597471a5e1..37fc30489fb 100644
--- a/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.h
+++ b/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.h
@@ -28,11 +28,11 @@
#include
-#include "src/core/ext/xds/certificate_provider_factory.h"
#include "src/core/lib/gprpp/ref_counted_ptr.h"
#include "src/core/lib/gprpp/time.h"
#include "src/core/lib/iomgr/error.h"
#include "src/core/lib/json/json.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_factory.h"
#include "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h"
namespace grpc_core {
diff --git a/src/core/ext/xds/xds_bootstrap_grpc.cc b/src/core/ext/xds/xds_bootstrap_grpc.cc
index 3fe4726d85e..732363c6b82 100644
--- a/src/core/ext/xds/xds_bootstrap_grpc.cc
+++ b/src/core/ext/xds/xds_bootstrap_grpc.cc
@@ -35,11 +35,12 @@
#include "absl/strings/string_view.h"
#include "absl/types/optional.h"
-#include "src/core/ext/xds/certificate_provider_factory.h"
-#include "src/core/ext/xds/certificate_provider_registry.h"
#include "src/core/lib/config/core_configuration.h"
#include "src/core/lib/gprpp/ref_counted_ptr.h"
+#include "src/core/lib/json/json.h"
#include "src/core/lib/json/json_util.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_factory.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_registry.h"
#include "src/core/lib/security/credentials/channel_creds_registry.h"
namespace grpc_core {
diff --git a/src/core/ext/xds/certificate_provider_factory.h b/src/core/lib/security/certificate_provider/certificate_provider_factory.h
similarity index 88%
rename from src/core/ext/xds/certificate_provider_factory.h
rename to src/core/lib/security/certificate_provider/certificate_provider_factory.h
index ec59054818e..c8d34bc6080 100644
--- a/src/core/ext/xds/certificate_provider_factory.h
+++ b/src/core/lib/security/certificate_provider/certificate_provider_factory.h
@@ -16,8 +16,8 @@
//
//
-#ifndef GRPC_CORE_EXT_XDS_CERTIFICATE_PROVIDER_FACTORY_H
-#define GRPC_CORE_EXT_XDS_CERTIFICATE_PROVIDER_FACTORY_H
+#ifndef GRPC_CORE_LIB_SECURITY_CERTIFICATE_PROVIDER_CERTIFICATE_PROVIDER_FACTORY_H
+#define GRPC_CORE_LIB_SECURITY_CERTIFICATE_PROVIDER_CERTIFICATE_PROVIDER_FACTORY_H
#include
@@ -63,4 +63,4 @@ class CertificateProviderFactory {
} // namespace grpc_core
-#endif // GRPC_CORE_EXT_XDS_CERTIFICATE_PROVIDER_FACTORY_H
+#endif // GRPC_CORE_LIB_SECURITY_CERTIFICATE_PROVIDER_CERTIFICATE_PROVIDER_FACTORY_H
diff --git a/src/core/ext/xds/certificate_provider_registry.cc b/src/core/lib/security/certificate_provider/certificate_provider_registry.cc
similarity index 96%
rename from src/core/ext/xds/certificate_provider_registry.cc
rename to src/core/lib/security/certificate_provider/certificate_provider_registry.cc
index fe89568338e..210374ff1dd 100644
--- a/src/core/ext/xds/certificate_provider_registry.cc
+++ b/src/core/lib/security/certificate_provider/certificate_provider_registry.cc
@@ -18,7 +18,7 @@
#include
-#include "src/core/ext/xds/certificate_provider_registry.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_registry.h"
#include
diff --git a/src/core/ext/xds/certificate_provider_registry.h b/src/core/lib/security/certificate_provider/certificate_provider_registry.h
similarity index 83%
rename from src/core/ext/xds/certificate_provider_registry.h
rename to src/core/lib/security/certificate_provider/certificate_provider_registry.h
index d25ecf5e494..25a0801e57e 100644
--- a/src/core/ext/xds/certificate_provider_registry.h
+++ b/src/core/lib/security/certificate_provider/certificate_provider_registry.h
@@ -16,8 +16,8 @@
//
//
-#ifndef GRPC_CORE_EXT_XDS_CERTIFICATE_PROVIDER_REGISTRY_H
-#define GRPC_CORE_EXT_XDS_CERTIFICATE_PROVIDER_REGISTRY_H
+#ifndef GRPC_CORE_LIB_SECURITY_CERTIFICATE_PROVIDER_CERTIFICATE_PROVIDER_REGISTRY_H
+#define GRPC_CORE_LIB_SECURITY_CERTIFICATE_PROVIDER_CERTIFICATE_PROVIDER_REGISTRY_H
#include
@@ -25,7 +25,7 @@
#include "absl/strings/string_view.h"
-#include "src/core/ext/xds/certificate_provider_factory.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_factory.h"
namespace grpc_core {
@@ -56,4 +56,4 @@ class CertificateProviderRegistry {
} // namespace grpc_core
-#endif // GRPC_CORE_EXT_XDS_CERTIFICATE_PROVIDER_REGISTRY_H
+#endif // GRPC_CORE_LIB_SECURITY_CERTIFICATE_PROVIDER_CERTIFICATE_PROVIDER_REGISTRY_H
diff --git a/src/python/grpcio/grpc_core_dependencies.py b/src/python/grpcio/grpc_core_dependencies.py
index 2279f47ce6d..ed18a6132da 100644
--- a/src/python/grpcio/grpc_core_dependencies.py
+++ b/src/python/grpcio/grpc_core_dependencies.py
@@ -398,7 +398,6 @@ CORE_SOURCE_FILES = [
'src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.c',
'src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c',
'src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c',
- 'src/core/ext/xds/certificate_provider_registry.cc',
'src/core/ext/xds/certificate_provider_store.cc',
'src/core/ext/xds/file_watcher_certificate_provider_factory.cc',
'src/core/ext/xds/xds_api.cc',
@@ -613,6 +612,7 @@ CORE_SOURCE_FILES = [
'src/core/lib/security/authorization/grpc_server_authz_filter.cc',
'src/core/lib/security/authorization/matchers.cc',
'src/core/lib/security/authorization/rbac_policy.cc',
+ 'src/core/lib/security/certificate_provider/certificate_provider_registry.cc',
'src/core/lib/security/context/security_context.cc',
'src/core/lib/security/credentials/alts/alts_credentials.cc',
'src/core/lib/security/credentials/alts/check_gcp_environment.cc',
diff --git a/test/core/client_channel/BUILD b/test/core/client_channel/BUILD
index e2649f7799e..0d2d52d2815 100644
--- a/test/core/client_channel/BUILD
+++ b/test/core/client_channel/BUILD
@@ -30,18 +30,6 @@ grpc_cc_test(
],
)
-grpc_cc_test(
- name = "certificate_provider_registry_test",
- srcs = ["certificate_provider_registry_test.cc"],
- external_deps = ["gtest"],
- language = "C++",
- deps = [
- "//:gpr",
- "//:grpc",
- "//test/core/util:grpc_test_util",
- ],
-)
-
grpc_cc_test(
name = "http_proxy_mapper_test",
srcs = ["http_proxy_mapper_test.cc"],
diff --git a/test/core/security/BUILD b/test/core/security/BUILD
index 2a614b15d32..d9781a9e214 100644
--- a/test/core/security/BUILD
+++ b/test/core/security/BUILD
@@ -536,3 +536,15 @@ grpc_cc_test(
"//test/core/util:grpc_test_util_base",
],
)
+
+grpc_cc_test(
+ name = "certificate_provider_registry_test",
+ srcs = ["certificate_provider_registry_test.cc"],
+ external_deps = ["gtest"],
+ language = "C++",
+ deps = [
+ "//:gpr",
+ "//:grpc",
+ "//test/core/util:grpc_test_util",
+ ],
+)
diff --git a/test/core/client_channel/certificate_provider_registry_test.cc b/test/core/security/certificate_provider_registry_test.cc
similarity index 97%
rename from test/core/client_channel/certificate_provider_registry_test.cc
rename to test/core/security/certificate_provider_registry_test.cc
index ee744250441..fa13b7bd051 100644
--- a/test/core/client_channel/certificate_provider_registry_test.cc
+++ b/test/core/security/certificate_provider_registry_test.cc
@@ -18,7 +18,7 @@
#include
-#include "src/core/ext/xds/certificate_provider_registry.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_registry.h"
#include
diff --git a/test/core/xds/certificate_provider_store_test.cc b/test/core/xds/certificate_provider_store_test.cc
index b89173c0e93..6925c517bc4 100644
--- a/test/core/xds/certificate_provider_store_test.cc
+++ b/test/core/xds/certificate_provider_store_test.cc
@@ -22,8 +22,8 @@
#include
-#include "src/core/ext/xds/certificate_provider_registry.h"
#include "src/core/lib/gprpp/unique_type_name.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_registry.h"
#include "test/core/util/test_config.h"
namespace grpc_core {
diff --git a/test/core/xds/xds_bootstrap_test.cc b/test/core/xds/xds_bootstrap_test.cc
index a06c34219b0..d795ebb1b47 100644
--- a/test/core/xds/xds_bootstrap_test.cc
+++ b/test/core/xds/xds_bootstrap_test.cc
@@ -20,11 +20,11 @@
#include "absl/strings/numbers.h"
#include "absl/strings/str_format.h"
-#include "src/core/ext/xds/certificate_provider_registry.h"
#include "src/core/ext/xds/xds_bootstrap_grpc.h"
#include "src/core/ext/xds/xds_client_grpc.h"
#include "src/core/lib/gpr/env.h"
#include "src/core/lib/gpr/tmpfile.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_registry.h"
#include "test/core/util/test_config.h"
namespace grpc_core {
diff --git a/test/cpp/end2end/xds/xds_end2end_test.cc b/test/cpp/end2end/xds/xds_end2end_test.cc
index 59e339d196d..4fa92081a7d 100644
--- a/test/cpp/end2end/xds/xds_end2end_test.cc
+++ b/test/cpp/end2end/xds/xds_end2end_test.cc
@@ -61,7 +61,6 @@
#include "src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h"
#include "src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h"
#include "src/core/ext/filters/http/client/http_client_filter.h"
-#include "src/core/ext/xds/certificate_provider_registry.h"
#include "src/core/ext/xds/xds_api.h"
#include "src/core/ext/xds/xds_channel_args.h"
#include "src/core/ext/xds/xds_client.h"
@@ -80,6 +79,7 @@
#include "src/core/lib/iomgr/load_file.h"
#include "src/core/lib/iomgr/sockaddr.h"
#include "src/core/lib/resolver/server_address.h"
+#include "src/core/lib/security/certificate_provider/certificate_provider_registry.h"
#include "src/core/lib/security/credentials/fake/fake_credentials.h"
#include "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h"
#include "src/cpp/client/secure_credentials.h"
diff --git a/tools/doxygen/Doxyfile.c++.internal b/tools/doxygen/Doxyfile.c++.internal
index 4dad80eb919..a912eb9083c 100644
--- a/tools/doxygen/Doxyfile.c++.internal
+++ b/tools/doxygen/Doxyfile.c++.internal
@@ -1843,9 +1843,6 @@ src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c \
src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.h \
src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c \
src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h \
-src/core/ext/xds/certificate_provider_factory.h \
-src/core/ext/xds/certificate_provider_registry.cc \
-src/core/ext/xds/certificate_provider_registry.h \
src/core/ext/xds/certificate_provider_store.cc \
src/core/ext/xds/certificate_provider_store.h \
src/core/ext/xds/file_watcher_certificate_provider_factory.cc \
@@ -2292,6 +2289,9 @@ src/core/lib/security/authorization/matchers.cc \
src/core/lib/security/authorization/matchers.h \
src/core/lib/security/authorization/rbac_policy.cc \
src/core/lib/security/authorization/rbac_policy.h \
+src/core/lib/security/certificate_provider/certificate_provider_factory.h \
+src/core/lib/security/certificate_provider/certificate_provider_registry.cc \
+src/core/lib/security/certificate_provider/certificate_provider_registry.h \
src/core/lib/security/context/security_context.cc \
src/core/lib/security/context/security_context.h \
src/core/lib/security/credentials/alts/alts_credentials.cc \
diff --git a/tools/doxygen/Doxyfile.core.internal b/tools/doxygen/Doxyfile.core.internal
index ec23bae1a74..7ebec6aa696 100644
--- a/tools/doxygen/Doxyfile.core.internal
+++ b/tools/doxygen/Doxyfile.core.internal
@@ -1631,9 +1631,6 @@ src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c \
src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.h \
src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c \
src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h \
-src/core/ext/xds/certificate_provider_factory.h \
-src/core/ext/xds/certificate_provider_registry.cc \
-src/core/ext/xds/certificate_provider_registry.h \
src/core/ext/xds/certificate_provider_store.cc \
src/core/ext/xds/certificate_provider_store.h \
src/core/ext/xds/file_watcher_certificate_provider_factory.cc \
@@ -2085,6 +2082,9 @@ src/core/lib/security/authorization/matchers.cc \
src/core/lib/security/authorization/matchers.h \
src/core/lib/security/authorization/rbac_policy.cc \
src/core/lib/security/authorization/rbac_policy.h \
+src/core/lib/security/certificate_provider/certificate_provider_factory.h \
+src/core/lib/security/certificate_provider/certificate_provider_registry.cc \
+src/core/lib/security/certificate_provider/certificate_provider_registry.h \
src/core/lib/security/context/security_context.cc \
src/core/lib/security/context/security_context.h \
src/core/lib/security/credentials/alts/alts_credentials.cc \