1a090187dSDaniel P. Berrange /* 2a090187dSDaniel P. Berrange * QEMU crypto TLS credential support private helpers 3a090187dSDaniel P. Berrange * 4a090187dSDaniel P. Berrange * Copyright (c) 2015 Red Hat, Inc. 5a090187dSDaniel P. Berrange * 6a090187dSDaniel P. Berrange * This library is free software; you can redistribute it and/or 7a090187dSDaniel P. Berrange * modify it under the terms of the GNU Lesser General Public 8a090187dSDaniel P. Berrange * License as published by the Free Software Foundation; either 9b7cbb874SThomas Huth * version 2.1 of the License, or (at your option) any later version. 10a090187dSDaniel P. Berrange * 11a090187dSDaniel P. Berrange * This library is distributed in the hope that it will be useful, 12a090187dSDaniel P. Berrange * but WITHOUT ANY WARRANTY; without even the implied warranty of 13a090187dSDaniel P. Berrange * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14a090187dSDaniel P. Berrange * Lesser General Public License for more details. 15a090187dSDaniel P. Berrange * 16a090187dSDaniel P. Berrange * You should have received a copy of the GNU Lesser General Public 17a090187dSDaniel P. Berrange * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18a090187dSDaniel P. Berrange * 19a090187dSDaniel P. Berrange */ 20a090187dSDaniel P. Berrange 21121d0712SMarkus Armbruster #ifndef QCRYPTO_TLSCREDSPRIV_H 22121d0712SMarkus Armbruster #define QCRYPTO_TLSCREDSPRIV_H 23a090187dSDaniel P. Berrange 24a090187dSDaniel P. Berrange #include "crypto/tlscreds.h" 25a090187dSDaniel P. Berrange 26a090187dSDaniel P. Berrange #ifdef CONFIG_GNUTLS 27*678bcc3cSPhilippe Mathieu-Daudé #include <gnutls/gnutls.h> 28*678bcc3cSPhilippe Mathieu-Daudé #endif 29*678bcc3cSPhilippe Mathieu-Daudé 30*678bcc3cSPhilippe Mathieu-Daudé struct QCryptoTLSCreds { 31*678bcc3cSPhilippe Mathieu-Daudé Object parent_obj; 32*678bcc3cSPhilippe Mathieu-Daudé char *dir; 33*678bcc3cSPhilippe Mathieu-Daudé QCryptoTLSCredsEndpoint endpoint; 34*678bcc3cSPhilippe Mathieu-Daudé #ifdef CONFIG_GNUTLS 35*678bcc3cSPhilippe Mathieu-Daudé gnutls_dh_params_t dh_params; 36*678bcc3cSPhilippe Mathieu-Daudé #endif 37*678bcc3cSPhilippe Mathieu-Daudé bool verifyPeer; 38*678bcc3cSPhilippe Mathieu-Daudé char *priority; 39*678bcc3cSPhilippe Mathieu-Daudé }; 40*678bcc3cSPhilippe Mathieu-Daudé 41*678bcc3cSPhilippe Mathieu-Daudé struct QCryptoTLSCredsAnon { 42*678bcc3cSPhilippe Mathieu-Daudé QCryptoTLSCreds parent_obj; 43*678bcc3cSPhilippe Mathieu-Daudé #ifdef CONFIG_GNUTLS 44*678bcc3cSPhilippe Mathieu-Daudé union { 45*678bcc3cSPhilippe Mathieu-Daudé gnutls_anon_server_credentials_t server; 46*678bcc3cSPhilippe Mathieu-Daudé gnutls_anon_client_credentials_t client; 47*678bcc3cSPhilippe Mathieu-Daudé } data; 48*678bcc3cSPhilippe Mathieu-Daudé #endif 49*678bcc3cSPhilippe Mathieu-Daudé }; 50*678bcc3cSPhilippe Mathieu-Daudé 51*678bcc3cSPhilippe Mathieu-Daudé struct QCryptoTLSCredsPSK { 52*678bcc3cSPhilippe Mathieu-Daudé QCryptoTLSCreds parent_obj; 53*678bcc3cSPhilippe Mathieu-Daudé char *username; 54*678bcc3cSPhilippe Mathieu-Daudé #ifdef CONFIG_GNUTLS 55*678bcc3cSPhilippe Mathieu-Daudé union { 56*678bcc3cSPhilippe Mathieu-Daudé gnutls_psk_server_credentials_t server; 57*678bcc3cSPhilippe Mathieu-Daudé gnutls_psk_client_credentials_t client; 58*678bcc3cSPhilippe Mathieu-Daudé } data; 59*678bcc3cSPhilippe Mathieu-Daudé #endif 60*678bcc3cSPhilippe Mathieu-Daudé }; 61*678bcc3cSPhilippe Mathieu-Daudé 62*678bcc3cSPhilippe Mathieu-Daudé struct QCryptoTLSCredsX509 { 63*678bcc3cSPhilippe Mathieu-Daudé QCryptoTLSCreds parent_obj; 64*678bcc3cSPhilippe Mathieu-Daudé #ifdef CONFIG_GNUTLS 65*678bcc3cSPhilippe Mathieu-Daudé gnutls_certificate_credentials_t data; 66*678bcc3cSPhilippe Mathieu-Daudé #endif 67*678bcc3cSPhilippe Mathieu-Daudé bool sanityCheck; 68*678bcc3cSPhilippe Mathieu-Daudé char *passwordid; 69*678bcc3cSPhilippe Mathieu-Daudé }; 70*678bcc3cSPhilippe Mathieu-Daudé 71*678bcc3cSPhilippe Mathieu-Daudé #ifdef CONFIG_GNUTLS 72a090187dSDaniel P. Berrange 73a090187dSDaniel P. Berrange int qcrypto_tls_creds_get_path(QCryptoTLSCreds *creds, 74a090187dSDaniel P. Berrange const char *filename, 75a090187dSDaniel P. Berrange bool required, 76a090187dSDaniel P. Berrange char **cred, 77a090187dSDaniel P. Berrange Error **errp); 78a090187dSDaniel P. Berrange 79a090187dSDaniel P. Berrange int qcrypto_tls_creds_get_dh_params_file(QCryptoTLSCreds *creds, 80a090187dSDaniel P. Berrange const char *filename, 81a090187dSDaniel P. Berrange gnutls_dh_params_t *dh_params, 82a090187dSDaniel P. Berrange Error **errp); 83a090187dSDaniel P. Berrange 84a090187dSDaniel P. Berrange #endif 85a090187dSDaniel P. Berrange 86121d0712SMarkus Armbruster #endif /* QCRYPTO_TLSCREDSPRIV_H */ 87