commit 79f89537c6fd3baeac03354a3381f42895fe2ca8
author Nathan Skrzypczak <nathan.skrzypczak@gmail.com> Fri Sep 13 11:08:13 2019 +0200
committer Florin Coras <florin.coras@gmail.com> Wed Oct 09 01:09:11 2019 +0000
tree 967f83e5a26a4fcfb7857c122d2217a1094f9942
parent ff5a9b6ecd744ff5c42e6c2388dd31a338ea6a0c

session: Add certificate store

Type: feature

This changes the behavior of both API calls
APPLICATION_TLS_CERT_ADD & APPLICATION_TLS_KEY_ADD
certificates and keys aren't bound to an app, they are
passed to it via connect / listen using the message
queue.

This should be followed by a per protocol (QUIC/TLS)
crypto_context store to save devrived structs

Change-Id: I36873bc8b63b5c72776c69e8cd9febc9cae31882
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>

src/vnet/session/session.api

diff --git a/src/vnet/session/session.api b/src/vnet/session/session.api
index 6f208ff..33e5341 100644
--- a/src/vnet/session/session.api
+++ b/src/vnet/session/session.api
@@ -108,7 +108,46 @@
     u64 segment_handle;
 };
 
+/** \brief Add certificate and key
+    @param client_index - opaque cookie to identify the sender
+    @param context - sender context, to match reply w/ request
+    @param engine - crypto engine
+    @param cert_len - cert length (comes first)
+    @param certkey_len - cert and key length
+    @param certkey - cert & key data (due to API limitation)
+*/
+define app_add_cert_key_pair {
+    u32 client_index;
+    u32 context;
+    u16 cert_len;
+    u16 certkey_len;
+    u8 certkey[certkey_len];
+};
+
+/** \brief Add certificate and key
+    @param context - sender context, to match reply w/ request
+    @param retval - return code for the request
+    @param index - index in certificate store
+*/
+define app_add_cert_key_pair_reply {
+    u32 context;
+    i32 retval;
+    u32 index;
+};
+
+/** \brief Delete certificate and key
+    @param client_index - opaque cookie to identify the sender
+    @param context - sender context, to match reply w/ request
+    @param index - index in certificate store
+*/
+autoreply define app_del_cert_key_pair {
+    u32 client_index;
+    u32 context;
+    u32 index;
+};
+
 /** \brief Application add TLS certificate
+ 	### WILL BE DEPRECATED POST 20.01 ###
     @param client_index - opaque cookie to identify the sender
     @param context - sender context, to match reply w/ request
     @param cert_len - certificate length
@@ -123,6 +162,7 @@
 };
 
 /** \brief Application add TLS key
+ 	### WILL BE DEPRECATED POST 20.01 ###
     @param client_index - opaque cookie to identify the sender
     @param context - sender context, to match reply w/ request
     @param key_len - certificate length