Credentials management module for (D)TLS. More...

Detailed Description

Credentials management module for (D)TLS.

Modules
	(D)TLS Credential Manager compile configurations

Files
file	credman.h
	(D)TLS credentials management module definitions

Data Structures
struct	credman_buffer_t
	Buffer of the credential. More...

struct	psk_params_t
	PSK parameters. More...

struct	ecdsa_public_key_t
	ECDSA public keys. More...

struct	ecdsa_params_t
	ECDSA parameters. More...

struct	credman_credential_t
	Credential information. More...

Macros
#define	CREDMAN_TAG_EMPTY (0)
	Used to signal empty/no tag.

Typedefs
typedef uint16_t	credman_tag_t
	Tag of the credential.

Enumerations
enum	credman_type_t { CREDMAN_TYPE_EMPTY = 0 , CREDMAN_TYPE_PSK = 1 , CREDMAN_TYPE_ECDSA = 2 }
	Credential types. More...

enum	{ CREDMAN_OK = 0 , CREDMAN_EXIST = -1 , CREDMAN_NO_SPACE = -2 , CREDMAN_NOT_FOUND = -3 , CREDMAN_INVALID = -4 , CREDMAN_TYPE_UNKNOWN = -5 , CREDMAN_ERROR = -6 }
	Return values. More...

Functions
int	credman_add (const credman_credential_t *credential)
	Adds a credential to the credential pool.

int	credman_get (credman_credential_t *credential, credman_tag_t tag, credman_type_t type)
	Gets a credential from credential pool.

void	credman_delete (credman_tag_t tag, credman_type_t type)
	Delete a credential from the credential pool.

int	credman_get_used_count (void)
	Gets the number of credentials currently in the credential pool.

int	credman_load_public_key (const void buf, size_t buf_len, ecdsa_public_key_t out)
	Load a public key from a buffer, as a `SubjectPublicKeyInfo` sequence, according to RFC5280.

int	credman_load_private_key (const void buf, size_t buf_len, credman_credential_t cred)
	Load a private key from a buffer, as a `OneAsymmetricKey` sequence, according to RFC5958.

int	credman_load_private_ecc_key (const void buf, size_t buf_len, credman_credential_t cred)
	Load an ECC private key from a buffer, as an `ECPrivateKey` sequence, according to RFC5915.

void	credman_reset (void)
	Empties the credential pool.

Macro Definition Documentation

◆ CREDMAN_TAG_EMPTY

#define CREDMAN_TAG_EMPTY (0)

Used to signal empty/no tag.

Definition at line 101 of file credman.h.

Typedef Documentation

◆ credman_tag_t

typedef uint16_t credman_tag_t

Tag of the credential.

Definition at line 96 of file credman.h.

Enumeration Type Documentation

◆ anonymous enum

anonymous enum

Return values.

Enumerator
CREDMAN_OK	No error.
CREDMAN_EXIST	Credential already exist in system pool.
CREDMAN_NO_SPACE	No space in system pool for new credential.
CREDMAN_NOT_FOUND	Credential not found in the system pool.
CREDMAN_INVALID	Invalid input parameter(s)
CREDMAN_TYPE_UNKNOWN	Unknown credential type.
CREDMAN_ERROR	Other errors.

Definition at line 132 of file credman.h.

◆ credman_type_t

enum credman_type_t

Credential types.

Enumerator

CREDMAN_TYPE_EMPTY

Empty type.

Used to detect uninitialized credman_credential_t internally.

CREDMAN_TYPE_PSK

PSK credential type.

CREDMAN_TYPE_ECDSA

ECDSA credential type.

Definition at line 106 of file credman.h.

Function Documentation

◆ credman_add()

int credman_add ( const credman_credential_t * credential )

Adds a credential to the credential pool.

Parameters

[in] credential Credential to add.

Returns: CREDMAN_OK on success; CREDMAN_EXIST if credential of tag and type already exist; CREDMAN_NO_SPACE if credential pool is full; CREDMAN_TYPE_UNKNOWN if credential has unknown credman_credential_t::type; CREDMAN_INVALID if credential has; CREDMAN_INVALID credman_credential_t::tag with the value of CREDMAN_TAG_EMPTY; CREDMAN_INVALID credman_credential_t::type with the value of CREDMAN_TYPE_EMPTY; CREDMAN_INVALID credman_credential_t::params with invalid credential parameters i.e. the key points to NULL or has a length of 0; CREDMAN_ERROR on other errors

◆ credman_delete()

void credman_delete	(	credman_tag_t	tag,
		credman_type_t	type
	)

Delete a credential from the credential pool.

Does nothing if credential with credman_credential_t::tag tag and credman_credential_t::type type is not found.

Parameters

[in]	tag	Tag of the credential
[in]	type	Type of the credential

◆ credman_get()

int credman_get	(	credman_credential_t *	credential,
		credman_tag_t	tag,
		credman_type_t	type
	)

Gets a credential from credential pool.

Parameters

[out]	credential	Found credential
[in]	tag	Tag of credential to get
[in]	type	Type of credential to get

Returns: CREDMAN_OK on success; CREDMAN_NOT_FOUND if no credential with tag and type found; CREDMAN_ERROR on other errors

◆ credman_get_used_count()

int credman_get_used_count ( void )

Gets the number of credentials currently in the credential pool.

Maximum number of allowed credentials is defined by CONFIG_CREDMAN_MAX_CREDENTIALS

Returns: number of credentials currently in the credential pool

◆ credman_load_private_ecc_key()

int credman_load_private_ecc_key	(	const void *	buf,
		size_t	buf_len,
		credman_credential_t *	cred
	)

Load an ECC private key from a buffer, as an ECPrivateKey sequence, according to RFC5915.

If the optional respective public key is present, it will be loaded as well. The key should be encoded in DER format.

Precondition: buf != NULL && cred != NULL

Note: To use this functionality include the module credman_load.

Warning: This feature is experimental!
This API is considered experimental and will probably change without notice!

See also: https://tools.ietf.org/html/rfc5915#section-3

Parameters

[in]	buf	Buffer holding the encoded private key
[in]	buf_len	Length of `buf`
[out]	cred	Credential to populate

Return values

CREDMAN_OK	on success
CREDMAN_INVALID	if the key is not valid

◆ credman_load_private_key()

int credman_load_private_key	(	const void *	buf,
		size_t	buf_len,
		credman_credential_t *	cred
	)

Load a private key from a buffer, as a OneAsymmetricKey sequence, according to RFC5958.

This is compatible with the previous version PKCS#8 (defined in RFC5208). If the optional respective public key is present, it will be loaded as well. The key should be encoded in DER format.

Precondition: buf != NULL && cred != NULL

Note: To use this functionality include the module credman_load. Credman only supports ECDSA for now.

Warning: This feature is experimental!
This API is considered experimental and will probably change without notice!

See also: https://tools.ietf.org/html/rfc5958#section-2

Parameters

[in]	buf	Buffer holding the encoded private key
[in]	buf_len	Length of `buf`
[out]	cred	Credential to populate

Return values

CREDMAN_OK	on success
CREDMAN_INVALID	if the key is not valid

◆ credman_load_public_key()

int credman_load_public_key	(	const void *	buf,
		size_t	buf_len,
		ecdsa_public_key_t *	out
	)

Load a public key from a buffer, as a SubjectPublicKeyInfo sequence, according to RFC5280.

The key should be encoded in DER format.

Precondition: buf != NULL && out != NULL.

Note: To use this functionality include the module credman_load. Credman only supports ECDSA for now, so RFC5480 applies.

Warning: This feature is experimental!
This API is considered experimental and will probably change without notice!

See also: https://tools.ietf.org/html/rfc5280#section-4.1

Parameters

[in]	buf	Buffer holding the encoded public key
[in]	buf_len	Length of `buf`
[out]	out	ECDSA public key to populate

Return values

CREDMAN_OK	on success
CREDMAN_INVALID	if the key is not valid

Detailed Description

Modules

Files

Data Structures

Macros

Typedefs

Enumerations

Functions

Macro Definition Documentation

◆ CREDMAN_TAG_EMPTY

Typedef Documentation

◆ credman_tag_t

Enumeration Type Documentation

◆ anonymous enum

◆ credman_type_t

Function Documentation

◆ credman_add()

◆ credman_delete()

◆ credman_get()

◆ credman_get_used_count()

◆ credman_load_private_ecc_key()

◆ credman_load_private_key()

◆ credman_load_public_key()