1 /* 2 * QEMU crypto TLS Pre-Shared Key (PSK) support 3 * 4 * Copyright (c) 2018 Red Hat, Inc. 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 * 19 */ 20 21 #ifndef QCRYPTO_TLSCREDSPSK_H 22 #define QCRYPTO_TLSCREDSPSK_H 23 24 #include "crypto/tlscreds.h" 25 #include "qom/object.h" 26 27 #define TYPE_QCRYPTO_TLS_CREDS_PSK "tls-creds-psk" 28 typedef struct QCryptoTLSCredsPSK QCryptoTLSCredsPSK; 29 DECLARE_INSTANCE_CHECKER(QCryptoTLSCredsPSK, QCRYPTO_TLS_CREDS_PSK, 30 TYPE_QCRYPTO_TLS_CREDS_PSK) 31 32 typedef struct QCryptoTLSCredsPSKClass QCryptoTLSCredsPSKClass; 33 34 #define QCRYPTO_TLS_CREDS_PSKFILE "keys.psk" 35 36 /** 37 * QCryptoTLSCredsPSK: 38 * 39 * The QCryptoTLSCredsPSK object provides a representation 40 * of the Pre-Shared Key credential used to perform a TLS handshake. 41 * 42 * This is a user creatable object, which can be instantiated 43 * via object_new_propv(): 44 * 45 * <example> 46 * <title>Creating TLS-PSK credential objects in code</title> 47 * <programlisting> 48 * Object *obj; 49 * Error *err = NULL; 50 * obj = object_new_propv(TYPE_QCRYPTO_TLS_CREDS_PSK, 51 * "tlscreds0", 52 * &err, 53 * "dir", "/path/to/dir", 54 * "endpoint", "client", 55 * NULL); 56 * </programlisting> 57 * </example> 58 * 59 * Or via QMP: 60 * 61 * <example> 62 * <title>Creating TLS-PSK credential objects via QMP</title> 63 * <programlisting> 64 * { 65 * "execute": "object-add", "arguments": { 66 * "id": "tlscreds0", 67 * "qom-type": "tls-creds-psk", 68 * "props": { 69 * "dir": "/path/to/dir", 70 * "endpoint": "client" 71 * } 72 * } 73 * } 74 * </programlisting> 75 * </example> 76 * 77 * Or via the CLI: 78 * 79 * <example> 80 * <title>Creating TLS-PSK credential objects via CLI</title> 81 * <programlisting> 82 * qemu-system-x86_64 --object tls-creds-psk,id=tlscreds0,\ 83 * endpoint=client,dir=/path/to/dir[,username=qemu] 84 * </programlisting> 85 * </example> 86 * 87 * The PSK file can be created and managed using psktool. 88 */ 89 90 struct QCryptoTLSCredsPSK { 91 QCryptoTLSCreds parent_obj; 92 char *username; 93 #ifdef CONFIG_GNUTLS 94 union { 95 gnutls_psk_server_credentials_t server; 96 gnutls_psk_client_credentials_t client; 97 } data; 98 #endif 99 }; 100 101 102 struct QCryptoTLSCredsPSKClass { 103 QCryptoTLSCredsClass parent_class; 104 }; 105 106 107 #endif /* QCRYPTO_TLSCREDSPSK_H */ 108