xref: /openbmc/qemu/include/crypto/tlscredspsk.h (revision d36f7de8) 
1 /*
2  * QEMU crypto TLS Pre-Shared Key (PSK) support
3  *
4  * Copyright (c) 2018 Red Hat, Inc.
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  *
19  */
20 
21 #ifndef QCRYPTO_TLSCREDSPSK_H
22 #define QCRYPTO_TLSCREDSPSK_H
23 
24 #include "crypto/tlscreds.h"
25 
26 #define TYPE_QCRYPTO_TLS_CREDS_PSK "tls-creds-psk"
27 #define QCRYPTO_TLS_CREDS_PSK(obj)                  \
28     OBJECT_CHECK(QCryptoTLSCredsPSK, (obj), TYPE_QCRYPTO_TLS_CREDS_PSK)
29 
30 typedef struct QCryptoTLSCredsPSK QCryptoTLSCredsPSK;
31 typedef struct QCryptoTLSCredsPSKClass QCryptoTLSCredsPSKClass;
32 
33 #define QCRYPTO_TLS_CREDS_PSKFILE "keys.psk"
34 
35 /**
36  * QCryptoTLSCredsPSK:
37  *
38  * The QCryptoTLSCredsPSK object provides a representation
39  * of the Pre-Shared Key credential used to perform a TLS handshake.
40  *
41  * This is a user creatable object, which can be instantiated
42  * via object_new_propv():
43  *
44  * <example>
45  *   <title>Creating TLS-PSK credential objects in code</title>
46  *   <programlisting>
47  *   Object *obj;
48  *   Error *err = NULL;
49  *   obj = object_new_propv(TYPE_QCRYPTO_TLS_CREDS_PSK,
50  *                          "tlscreds0",
51  *                          &err,
52  *                          "dir", "/path/to/dir",
53  *                          "endpoint", "client",
54  *                          NULL);
55  *   </programlisting>
56  * </example>
57  *
58  * Or via QMP:
59  *
60  * <example>
61  *   <title>Creating TLS-PSK credential objects via QMP</title>
62  *   <programlisting>
63  *    {
64  *       "execute": "object-add", "arguments": {
65  *          "id": "tlscreds0",
66  *          "qom-type": "tls-creds-psk",
67  *          "props": {
68  *             "dir": "/path/to/dir",
69  *             "endpoint": "client"
70  *          }
71  *       }
72  *    }
73  *   </programlisting>
74  * </example>
75  *
76  * Or via the CLI:
77  *
78  * <example>
79  *   <title>Creating TLS-PSK credential objects via CLI</title>
80  *   <programlisting>
81  *  qemu-system-x86_64 --object tls-creds-psk,id=tlscreds0,\
82  *          endpoint=client,dir=/path/to/dir[,username=qemu]
83  *   </programlisting>
84  * </example>
85  *
86  * The PSK file can be created and managed using psktool.
87  */
88 
89 struct QCryptoTLSCredsPSK {
90     QCryptoTLSCreds parent_obj;
91     char *username;
92 #ifdef CONFIG_GNUTLS
93     union {
94         gnutls_psk_server_credentials_t server;
95         gnutls_psk_client_credentials_t client;
96     } data;
97 #endif
98 };
99 
100 
101 struct QCryptoTLSCredsPSKClass {
102     QCryptoTLSCredsClass parent_class;
103 };
104 
105 
106 #endif /* QCRYPTO_TLSCREDSPSK_H */
107