diff options
| author |   Nathan Skrzypczak <nathan.skrzypczak@gmail.com> | 2019-09-13 11:08:13 +0200 |
|---|---|---|
| committer |   Florin Coras <florin.coras@gmail.com> | 2019-10-09 01:09:11 +0000 |
| commit | 79f89537c6fd3baeac03354a3381f42895fe2ca8 (patch) | |
| tree | 967f83e5a26a4fcfb7857c122d2217a1094f9942 /src/vnet/session/session.api | |
| parent | ff5a9b6ecd744ff5c42e6c2388dd31a338ea6a0c (diff) | |
session: Add certificate store
Type: feature
This changes the behavior of both API calls
APPLICATION_TLS_CERT_ADD & APPLICATION_TLS_KEY_ADD
certificates and keys aren't bound to an app, they are
passed to it via connect / listen using the message
queue.
This should be followed by a per protocol (QUIC/TLS)
crypto_context store to save devrived structs
Change-Id: I36873bc8b63b5c72776c69e8cd9febc9cae31882
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Diffstat (limited to 'src/vnet/session/session.api')
| -rw-r--r-- | src/vnet/session/session.api | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/src/vnet/session/session.api b/src/vnet/session/session.api index 6f208ff5b0e..33e53419a8d 100644 --- a/src/vnet/session/session.api +++ b/src/vnet/session/session.api @@ -108,7 +108,46 @@ define app_attach_reply { u64 segment_handle; }; +/** \brief Add certificate and key + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request + @param engine - crypto engine + @param cert_len - cert length (comes first) + @param certkey_len - cert and key length + @param certkey - cert & key data (due to API limitation) +*/ +define app_add_cert_key_pair { + u32 client_index; + u32 context; + u16 cert_len; + u16 certkey_len; + u8 certkey[certkey_len]; +}; + +/** \brief Add certificate and key + @param context - sender context, to match reply w/ request + @param retval - return code for the request + @param index - index in certificate store +*/ +define app_add_cert_key_pair_reply { + u32 context; + i32 retval; + u32 index; +}; + +/** \brief Delete certificate and key + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request + @param index - index in certificate store +*/ +autoreply define app_del_cert_key_pair { + u32 client_index; + u32 context; + u32 index; +}; + /** \brief Application add TLS certificate + ### WILL BE DEPRECATED POST 20.01 ### @param client_index - opaque cookie to identify the sender @param context - sender context, to match reply w/ request @param cert_len - certificate length @@ -123,6 +162,7 @@ autoreply define application_tls_cert_add { }; /** \brief Application add TLS key + ### WILL BE DEPRECATED POST 20.01 ### @param client_index - opaque cookie to identify the sender @param context - sender context, to match reply w/ request @param key_len - certificate length |