From a84b9b4e5d985a5d8a37268a76e1d35210fd31c5 Mon Sep 17 00:00:00 2001
From: Laurent Bercot <ska-skaware@skarnet.org>
Date: Tue, 1 Jun 2021 11:27:05 +0000
Subject:  Add all the missing pieces for sni_policy

 sbearssl_server_init_and_run is yet unchanged, the next step
is to rewrite it using the new primitives.
---
 src/include/s6-networking/sbearssl.h | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

(limited to 'src/include')

diff --git a/src/include/s6-networking/sbearssl.h b/src/include/s6-networking/sbearssl.h
index 83bc376..f7f721d 100644
--- a/src/include/s6-networking/sbearssl.h
+++ b/src/include/s6-networking/sbearssl.h
@@ -154,7 +154,8 @@ extern int sbearssl_skey_from (sbearssl_skey *, br_skey const *, stralloc *) ;
 extern int sbearssl_skey_to (sbearssl_skey const *, br_skey *, char *) ;
 
 extern int sbearssl_skey_readfile (char const *, sbearssl_skey *, stralloc *) ;
-extern void sbearssl_skey_wipe (sbearssl_skey, char *) ;
+extern size_t sbearssl_skey_storagelen (sbearssl_skey const *) ;
+extern void sbearssl_skey_wipe (sbearssl_skey *, char *) ;
 
 
  /* Public keys */
@@ -266,6 +267,9 @@ extern void sbearssl_run (br_ssl_engine_context *, int *, tain_t const *, uint32
 
  /* Generic server policy class and server-side SNI implementation */
 
+extern int sbearssl_choose_algos_rsa (br_ssl_server_context const *, br_ssl_server_choices *, unsigned int) ;
+extern int sbearssl_choose_algos_ec (br_ssl_server_context const *, br_ssl_server_choices *, unsigned int, int) ;
+
 typedef struct sbearssl_sni_map_s sbearssl_sni_map, *sbearssl_sni_map_ref ;
 struct sbearssl_sni_map_s
 {
@@ -284,10 +288,13 @@ struct sbearssl_sni_policy_context_s
   genalloc mapga ;
   genalloc certga ;
   stralloc storage ;
-}
+  union { br_rsa_private rsa ; br_ec_impl const *ec ; } keyx ;
+  union { br_rsa_pkcs1_sign rsa ; br_ecdsa_sign ec ; } sign ;
+  br_multihash_context const *mhash ;
+} ;
 
 extern br_ssl_server_policy_class const sbearssl_sni_policy_vtable ;
-extern int sbearssl_sni_policy_init (sbearssl_sni_policy_context *) ;
+extern void sbearssl_sni_policy_init (sbearssl_sni_policy_context *) ;
 extern int sbearssl_sni_policy_add_keypair_file (sbearssl_sni_policy_context *, char const *, char const *, char const *) ;
 
 extern void sbearssl_sctx_init_full_generic (br_ssl_server_context *) ;
-- 
cgit v1.2.3