xref: /qemu/include/crypto/tlscredspsk.h (revision b3137100)
1 /*
2  * QEMU crypto TLS Pre-Shared Key (PSK) support
3  *
4  * Copyright (c) 2018 Red Hat, Inc.
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  *
19  */
20 
21 #ifndef QCRYPTO_TLSCREDSPSK_H
22 #define QCRYPTO_TLSCREDSPSK_H
23 
24 #include "crypto/tlscreds.h"
25 #include "qom/object.h"
26 
27 #define TYPE_QCRYPTO_TLS_CREDS_PSK "tls-creds-psk"
28 typedef struct QCryptoTLSCredsPSK QCryptoTLSCredsPSK;
29 DECLARE_INSTANCE_CHECKER(QCryptoTLSCredsPSK, QCRYPTO_TLS_CREDS_PSK,
30                          TYPE_QCRYPTO_TLS_CREDS_PSK)
31 
32 typedef struct QCryptoTLSCredsPSKClass QCryptoTLSCredsPSKClass;
33 
34 #define QCRYPTO_TLS_CREDS_PSKFILE "keys.psk"
35 
36 /**
37  * QCryptoTLSCredsPSK:
38  *
39  * The QCryptoTLSCredsPSK object provides a representation
40  * of the Pre-Shared Key credential used to perform a TLS handshake.
41  *
42  * This is a user creatable object, which can be instantiated
43  * via object_new_propv():
44  *
45  * <example>
46  *   <title>Creating TLS-PSK credential objects in code</title>
47  *   <programlisting>
48  *   Object *obj;
49  *   Error *err = NULL;
50  *   obj = object_new_propv(TYPE_QCRYPTO_TLS_CREDS_PSK,
51  *                          "tlscreds0",
52  *                          &err,
53  *                          "dir", "/path/to/dir",
54  *                          "endpoint", "client",
55  *                          NULL);
56  *   </programlisting>
57  * </example>
58  *
59  * Or via QMP:
60  *
61  * <example>
62  *   <title>Creating TLS-PSK credential objects via QMP</title>
63  *   <programlisting>
64  *    {
65  *       "execute": "object-add", "arguments": {
66  *          "id": "tlscreds0",
67  *          "qom-type": "tls-creds-psk",
68  *          "props": {
69  *             "dir": "/path/to/dir",
70  *             "endpoint": "client"
71  *          }
72  *       }
73  *    }
74  *   </programlisting>
75  * </example>
76  *
77  * Or via the CLI:
78  *
79  * <example>
80  *   <title>Creating TLS-PSK credential objects via CLI</title>
81  *   <programlisting>
82  *  qemu-system-x86_64 --object tls-creds-psk,id=tlscreds0,\
83  *          endpoint=client,dir=/path/to/dir[,username=qemu]
84  *   </programlisting>
85  * </example>
86  *
87  * The PSK file can be created and managed using psktool.
88  */
89 
90 struct QCryptoTLSCredsPSK {
91     QCryptoTLSCreds parent_obj;
92     char *username;
93 #ifdef CONFIG_GNUTLS
94     union {
95         gnutls_psk_server_credentials_t server;
96         gnutls_psk_client_credentials_t client;
97     } data;
98 #endif
99 };
100 
101 
102 struct QCryptoTLSCredsPSKClass {
103     QCryptoTLSCredsClass parent_class;
104 };
105 
106 
107 #endif /* QCRYPTO_TLSCREDSPSK_H */
108