12fd55320SChuck Lever /* SPDX-License-Identifier: GPL-2.0-only */ 22fd55320SChuck Lever /* 32fd55320SChuck Lever * Generic netlink HANDSHAKE service. 42fd55320SChuck Lever * 52fd55320SChuck Lever * Author: Chuck Lever <chuck.lever@oracle.com> 62fd55320SChuck Lever * 72fd55320SChuck Lever * Copyright (c) 2023, Oracle and/or its affiliates. 82fd55320SChuck Lever */ 92fd55320SChuck Lever 102fd55320SChuck Lever #ifndef _NET_HANDSHAKE_H 112fd55320SChuck Lever #define _NET_HANDSHAKE_H 122fd55320SChuck Lever 132fd55320SChuck Lever enum { 142fd55320SChuck Lever TLS_NO_KEYRING = 0, 152fd55320SChuck Lever TLS_NO_PEERID = 0, 162fd55320SChuck Lever TLS_NO_CERT = 0, 172fd55320SChuck Lever TLS_NO_PRIVKEY = 0, 182fd55320SChuck Lever }; 192fd55320SChuck Lever 202fd55320SChuck Lever typedef void (*tls_done_func_t)(void *data, int status, 212fd55320SChuck Lever key_serial_t peerid); 222fd55320SChuck Lever 232fd55320SChuck Lever struct tls_handshake_args { 242fd55320SChuck Lever struct socket *ta_sock; 252fd55320SChuck Lever tls_done_func_t ta_done; 262fd55320SChuck Lever void *ta_data; 2726fb5480SChuck Lever const char *ta_peername; 282fd55320SChuck Lever unsigned int ta_timeout_ms; 292fd55320SChuck Lever key_serial_t ta_keyring; 302fd55320SChuck Lever key_serial_t ta_my_cert; 312fd55320SChuck Lever key_serial_t ta_my_privkey; 322fd55320SChuck Lever unsigned int ta_num_peerids; 332fd55320SChuck Lever key_serial_t ta_my_peerids[5]; 342fd55320SChuck Lever }; 352fd55320SChuck Lever 362fd55320SChuck Lever int tls_client_hello_anon(const struct tls_handshake_args *args, gfp_t flags); 372fd55320SChuck Lever int tls_client_hello_x509(const struct tls_handshake_args *args, gfp_t flags); 382fd55320SChuck Lever int tls_client_hello_psk(const struct tls_handshake_args *args, gfp_t flags); 392fd55320SChuck Lever int tls_server_hello_x509(const struct tls_handshake_args *args, gfp_t flags); 402fd55320SChuck Lever int tls_server_hello_psk(const struct tls_handshake_args *args, gfp_t flags); 412fd55320SChuck Lever 422fd55320SChuck Lever bool tls_handshake_cancel(struct sock *sk); 4335b1b538SChuck Lever void tls_handshake_close(struct socket *sock); 442fd55320SChuck Lever 45*39d0e38dSChuck Lever u8 tls_get_record_type(const struct sock *sk, const struct cmsghdr *msg); 46*39d0e38dSChuck Lever void tls_alert_recv(const struct sock *sk, const struct msghdr *msg, 47*39d0e38dSChuck Lever u8 *level, u8 *description); 48*39d0e38dSChuck Lever 492fd55320SChuck Lever #endif /* _NET_HANDSHAKE_H */ 50