cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

tlscredsanon.h (3042B)

      1/*
      2 * QEMU crypto TLS anonymous credential support
      3 *
      4 * Copyright (c) 2015 Red Hat, Inc.
      5 *
      6 * This library is free software; you can redistribute it and/or
      7 * modify it under the terms of the GNU Lesser General Public
      8 * License as published by the Free Software Foundation; either
      9 * version 2.1 of the License, or (at your option) any later version.
     10 *
     11 * This library is distributed in the hope that it will be useful,
     12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
     13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     14 * Lesser General Public License for more details.
     15 *
     16 * You should have received a copy of the GNU Lesser General Public
     17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
     18 *
     19 */
     20
     21#ifndef QCRYPTO_TLSCREDSANON_H
     22#define QCRYPTO_TLSCREDSANON_H
     23
     24#include "crypto/tlscreds.h"
     25#include "qom/object.h"
     26
     27#define TYPE_QCRYPTO_TLS_CREDS_ANON "tls-creds-anon"
     28typedef struct QCryptoTLSCredsAnon QCryptoTLSCredsAnon;
     29DECLARE_INSTANCE_CHECKER(QCryptoTLSCredsAnon, QCRYPTO_TLS_CREDS_ANON,
     30                         TYPE_QCRYPTO_TLS_CREDS_ANON)
     31
     32
     33typedef struct QCryptoTLSCredsAnonClass QCryptoTLSCredsAnonClass;
     34
     35/**
     36 * QCryptoTLSCredsAnon:
     37 *
     38 * The QCryptoTLSCredsAnon object provides a representation
     39 * of anonymous credentials used perform a TLS handshake.
     40 * This is primarily provided for backwards compatibility and
     41 * its use is discouraged as it has poor security characteristics
     42 * due to lacking MITM attack protection amongst other problems.
     43 *
     44 * This is a user creatable object, which can be instantiated
     45 * via object_new_propv():
     46 *
     47 * <example>
     48 *   <title>Creating anonymous TLS credential objects in code</title>
     49 *   <programlisting>
     50 *   Object *obj;
     51 *   Error *err = NULL;
     52 *   obj = object_new_propv(TYPE_QCRYPTO_TLS_CREDS_ANON,
     53 *                          "tlscreds0",
     54 *                          &err,
     55 *                          "endpoint", "server",
     56 *                          "dir", "/path/x509/cert/dir",
     57 *                          "verify-peer", "yes",
     58 *                          NULL);
     59 *   </programlisting>
     60 * </example>
     61 *
     62 * Or via QMP:
     63 *
     64 * <example>
     65 *   <title>Creating anonymous TLS credential objects via QMP</title>
     66 *   <programlisting>
     67 *    {
     68 *       "execute": "object-add", "arguments": {
     69 *          "id": "tlscreds0",
     70 *          "qom-type": "tls-creds-anon",
     71 *          "props": {
     72 *             "endpoint": "server",
     73 *             "dir": "/path/to/x509/cert/dir",
     74 *             "verify-peer": false
     75 *          }
     76 *       }
     77 *    }
     78 *   </programlisting>
     79 * </example>
     80 *
     81 *
     82 * Or via the CLI:
     83 *
     84 * <example>
     85 *   <title>Creating anonymous TLS credential objects via CLI</title>
     86 *   <programlisting>
     87 *  qemu-system-x86_64 -object tls-creds-anon,id=tlscreds0,\
     88 *          endpoint=server,verify-peer=off,\
     89 *          dir=/path/to/x509/certdir/
     90 *   </programlisting>
     91 * </example>
     92 *
     93 */
     94
     95struct QCryptoTLSCredsAnonClass {
     96    QCryptoTLSCredsClass parent_class;
     97};
     98
     99
    100#endif /* QCRYPTO_TLSCREDSANON_H */