f5d12102a0
Add (internal) support for sectag iterating. Also officially marks negative sectag values as reserved for internal use. This will allow a prospective TLS credentials shell to iterate over all available credentials. Signed-off-by: Georges Oates_Larsen <georges.larsen@nordicsemi.no>
81 lines
2.3 KiB
C
81 lines
2.3 KiB
C
/*
|
|
* Copyright (c) 2018 Nordic Semiconductor ASA
|
|
*
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*/
|
|
|
|
/** @file
|
|
* @brief Internal API for fetching TLS credentials
|
|
*/
|
|
|
|
#ifndef __TLS_INTERNAL_H
|
|
#define __TLS_INTERNAL_H
|
|
|
|
#include <zephyr/net/tls_credentials.h>
|
|
|
|
/* Internal structure representing TLS credential. */
|
|
struct tls_credential {
|
|
/* TLS credential type. */
|
|
enum tls_credential_type type;
|
|
|
|
/* Secure tag that credential can be referenced with. */
|
|
sec_tag_t tag;
|
|
|
|
/* A pointer to the credential buffer. */
|
|
const void *buf;
|
|
|
|
/* Credential length. */
|
|
size_t len;
|
|
};
|
|
|
|
/*
|
|
* Special sec_tag value indicating none or invalid sec_tag. For internal use only for now.
|
|
*/
|
|
#define TLS_SEC_TAG_NONE -1
|
|
|
|
/* Lock TLS credential access. */
|
|
void credentials_lock(void);
|
|
|
|
/* Unlock TLS credential access. */
|
|
void credentials_unlock(void);
|
|
|
|
/* Function for getting credential by tag and type.
|
|
*
|
|
* Note, that to assure thread safety, credential access should be locked with
|
|
* credentials_lock before calling this function.
|
|
*/
|
|
struct tls_credential *credential_get(sec_tag_t tag,
|
|
enum tls_credential_type type);
|
|
|
|
/* Function for iterating over credentials by tag.
|
|
*
|
|
* Note, that to assure thread safety, credential access should be locked with
|
|
* credentials_lock before calling this function.
|
|
*/
|
|
struct tls_credential *credential_next_get(sec_tag_t tag,
|
|
struct tls_credential *iter);
|
|
|
|
/* Function for iterating over occupied sec tags.
|
|
*
|
|
* Returns the next occupied sec tag after the one provided, or TLS_SEC_TAG_NONE if there are no
|
|
* more.
|
|
*
|
|
* Provide TLS_SEC_TAG_NONE to start from the first available sec tag.
|
|
*/
|
|
sec_tag_t credential_next_tag_get(sec_tag_t iter);
|
|
|
|
/* Writes a (NULL-terminated, printable) string digest of the contents of the provided credential
|
|
* to the provided destination buffer.
|
|
*
|
|
* Digest format/type is up to the tls_credentials backend in use.
|
|
*
|
|
* len pointer should be set to the amount of space available in the destination buffer prior to
|
|
* calling, and will be set to the amount written to the destination buffer after calling
|
|
* (excluding the NULL terminator).
|
|
*
|
|
* Note, that to assure thread safety, credential access should be locked with
|
|
* credentials_lock before calling this function.
|
|
*/
|
|
int credential_digest(struct tls_credential *credential, void *dest, size_t *len);
|
|
|
|
#endif /* __TLS_INTERNAL_H */
|