1 /* 2 * Copyright (c) 2018 Nordic Semiconductor ASA 3 * 4 * SPDX-License-Identifier: Apache-2.0 5 */ 6 7 /** @file 8 * @brief Internal API for fetching TLS credentials 9 */ 10 11 #ifndef __TLS_INTERNAL_H 12 #define __TLS_INTERNAL_H 13 14 #include <zephyr/net/tls_credentials.h> 15 16 /* Internal structure representing TLS credential. */ 17 struct tls_credential { 18 /* TLS credential type. */ 19 enum tls_credential_type type; 20 21 /* Secure tag that credential can be referenced with. */ 22 sec_tag_t tag; 23 24 /* A pointer to the credential buffer. */ 25 const void *buf; 26 27 /* Credential length. */ 28 size_t len; 29 }; 30 31 /* 32 * Special sec_tag value indicating none or invalid sec_tag. For internal use only for now. 33 */ 34 #define TLS_SEC_TAG_NONE -1 35 36 /* Lock TLS credential access. */ 37 void credentials_lock(void); 38 39 /* Unlock TLS credential access. */ 40 void credentials_unlock(void); 41 42 /* Function for getting credential by tag and type. 43 * 44 * Note, that to assure thread safety, credential access should be locked with 45 * credentials_lock before calling this function. 46 */ 47 struct tls_credential *credential_get(sec_tag_t tag, 48 enum tls_credential_type type); 49 50 /* Function for iterating over credentials by tag. 51 * 52 * Note, that to assure thread safety, credential access should be locked with 53 * credentials_lock before calling this function. 54 */ 55 struct tls_credential *credential_next_get(sec_tag_t tag, 56 struct tls_credential *iter); 57 58 /* Function for iterating over occupied sec tags. 59 * 60 * Returns the next occupied sec tag after the one provided, or TLS_SEC_TAG_NONE if there are no 61 * more. 62 * 63 * Provide TLS_SEC_TAG_NONE to start from the first available sec tag. 64 */ 65 sec_tag_t credential_next_tag_get(sec_tag_t iter); 66 67 /* Writes a (NULL-terminated, printable) string digest of the contents of the provided credential 68 * to the provided destination buffer. 69 * 70 * Digest format/type is up to the tls_credentials backend in use. 71 * 72 * len pointer should be set to the amount of space available in the destination buffer prior to 73 * calling, and will be set to the amount written to the destination buffer after calling 74 * (excluding the NULL terminator). 75 * 76 * Note, that to assure thread safety, credential access should be locked with 77 * credentials_lock before calling this function. 78 */ 79 int credential_digest(struct tls_credential *credential, void *dest, size_t *len); 80 81 #endif /* __TLS_INTERNAL_H */ 82