From 79f89537c6fd3baeac03354a3381f42895fe2ca8 Mon Sep 17 00:00:00 2001
From: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Date: Fri, 13 Sep 2019 11:08:13 +0200
Subject: session: Add certificate store

Type: feature

This changes the behavior of both API calls
APPLICATION_TLS_CERT_ADD & APPLICATION_TLS_KEY_ADD
certificates and keys aren't bound to an app, they are
passed to it via connect / listen using the message
queue.

This should be followed by a per protocol (QUIC/TLS)
crypto_context store to save devrived structs

Change-Id: I36873bc8b63b5c72776c69e8cd9febc9cae31882
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
---
 src/vnet/session/session.api | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

(limited to 'src/vnet/session/session.api')

diff --git a/src/vnet/session/session.api b/src/vnet/session/session.api
index 6f208ff5b0e..33e53419a8d 100644
--- a/src/vnet/session/session.api
+++ b/src/vnet/session/session.api
@@ -108,7 +108,46 @@ define app_attach_reply {
     u64 segment_handle;
 };
 
+/** \brief Add certificate and key
+    @param client_index - opaque cookie to identify the sender
+    @param context - sender context, to match reply w/ request
+    @param engine - crypto engine
+    @param cert_len - cert length (comes first)
+    @param certkey_len - cert and key length
+    @param certkey - cert & key data (due to API limitation)
+*/
+define app_add_cert_key_pair {
+    u32 client_index;
+    u32 context;
+    u16 cert_len;
+    u16 certkey_len;
+    u8 certkey[certkey_len];
+};
+
+/** \brief Add certificate and key
+    @param context - sender context, to match reply w/ request
+    @param retval - return code for the request
+    @param index - index in certificate store
+*/
+define app_add_cert_key_pair_reply {
+    u32 context;
+    i32 retval;
+    u32 index;
+};
+
+/** \brief Delete certificate and key
+    @param client_index - opaque cookie to identify the sender
+    @param context - sender context, to match reply w/ request
+    @param index - index in certificate store
+*/
+autoreply define app_del_cert_key_pair {
+    u32 client_index;
+    u32 context;
+    u32 index;
+};
+
 /** \brief Application add TLS certificate
+ 	### WILL BE DEPRECATED POST 20.01 ###
     @param client_index - opaque cookie to identify the sender
     @param context - sender context, to match reply w/ request
     @param cert_len - certificate length
@@ -123,6 +162,7 @@ autoreply define application_tls_cert_add {
 };
 
 /** \brief Application add TLS key
+ 	### WILL BE DEPRECATED POST 20.01 ###
     @param client_index - opaque cookie to identify the sender
     @param context - sender context, to match reply w/ request
     @param key_len - certificate length
-- 
cgit 1.2.3-korg