cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

tlscredsx509.h (3172B)

      1/*
      2 * QEMU crypto TLS x509 credential support
      3 *
      4 * Copyright (c) 2015 Red Hat, Inc.
      5 *
      6 * This library is free software; you can redistribute it and/or
      7 * modify it under the terms of the GNU Lesser General Public
      8 * License as published by the Free Software Foundation; either
      9 * version 2.1 of the License, or (at your option) any later version.
     10 *
     11 * This library is distributed in the hope that it will be useful,
     12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
     13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     14 * Lesser General Public License for more details.
     15 *
     16 * You should have received a copy of the GNU Lesser General Public
     17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
     18 *
     19 */
     20
     21#ifndef QCRYPTO_TLSCREDSX509_H
     22#define QCRYPTO_TLSCREDSX509_H
     23
     24#include "crypto/tlscreds.h"
     25#include "qom/object.h"
     26
     27#define TYPE_QCRYPTO_TLS_CREDS_X509 "tls-creds-x509"
     28typedef struct QCryptoTLSCredsX509 QCryptoTLSCredsX509;
     29DECLARE_INSTANCE_CHECKER(QCryptoTLSCredsX509, QCRYPTO_TLS_CREDS_X509,
     30                         TYPE_QCRYPTO_TLS_CREDS_X509)
     31
     32typedef struct QCryptoTLSCredsX509Class QCryptoTLSCredsX509Class;
     33
     34#define QCRYPTO_TLS_CREDS_X509_CA_CERT "ca-cert.pem"
     35#define QCRYPTO_TLS_CREDS_X509_CA_CRL "ca-crl.pem"
     36#define QCRYPTO_TLS_CREDS_X509_SERVER_KEY "server-key.pem"
     37#define QCRYPTO_TLS_CREDS_X509_SERVER_CERT "server-cert.pem"
     38#define QCRYPTO_TLS_CREDS_X509_CLIENT_KEY "client-key.pem"
     39#define QCRYPTO_TLS_CREDS_X509_CLIENT_CERT "client-cert.pem"
     40
     41
     42/**
     43 * QCryptoTLSCredsX509:
     44 *
     45 * The QCryptoTLSCredsX509 object provides a representation
     46 * of x509 credentials used to perform a TLS handshake.
     47 *
     48 * This is a user creatable object, which can be instantiated
     49 * via object_new_propv():
     50 *
     51 * <example>
     52 *   <title>Creating x509 TLS credential objects in code</title>
     53 *   <programlisting>
     54 *   Object *obj;
     55 *   Error *err = NULL;
     56 *   obj = object_new_propv(TYPE_QCRYPTO_TLS_CREDS_X509,
     57 *                          "tlscreds0",
     58 *                          &err,
     59 *                          "endpoint", "server",
     60 *                          "dir", "/path/x509/cert/dir",
     61 *                          "verify-peer", "yes",
     62 *                          NULL);
     63 *   </programlisting>
     64 * </example>
     65 *
     66 * Or via QMP:
     67 *
     68 * <example>
     69 *   <title>Creating x509 TLS credential objects via QMP</title>
     70 *   <programlisting>
     71 *    {
     72 *       "execute": "object-add", "arguments": {
     73 *          "id": "tlscreds0",
     74 *          "qom-type": "tls-creds-x509",
     75 *          "props": {
     76 *             "endpoint": "server",
     77 *             "dir": "/path/to/x509/cert/dir",
     78 *             "verify-peer": false
     79 *          }
     80 *       }
     81 *    }
     82 *   </programlisting>
     83 * </example>
     84 *
     85 *
     86 * Or via the CLI:
     87 *
     88 * <example>
     89 *   <title>Creating x509 TLS credential objects via CLI</title>
     90 *   <programlisting>
     91 *  qemu-system-x86_64 -object tls-creds-x509,id=tlscreds0,\
     92 *          endpoint=server,verify-peer=off,\
     93 *          dir=/path/to/x509/certdir/
     94 *   </programlisting>
     95 * </example>
     96 *
     97 */
     98
     99struct QCryptoTLSCredsX509Class {
    100    QCryptoTLSCredsClass parent_class;
    101};
    102
    103
    104#endif /* QCRYPTO_TLSCREDSX509_H */