[crypto] Allow private key to be specified as a TLS connection parameter

Signed-off-by: Michael Brown <mcb30@ipxe.org>

1 files changed, 54 insertions, 1 deletions

diff --git a/src/include/ipxe/privkey.h b/src/include/ipxe/privkey.h
index 81108b6bf..a65cf6106 100644
--- a/src/include/ipxe/privkey.h
+++ b/src/include/ipxe/privkey.h
@@ -10,7 +10,60 @@
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 
 #include <ipxe/asn1.h>
+#include <ipxe/refcnt.h>
 
-extern struct asn1_cursor private_key;
+/** A private key */
+struct private_key {
+	/** Reference counter */
+	struct refcnt refcnt;
+	/** ASN.1 object builder */
+	struct asn1_builder builder;
+};
+
+/**
+ * Get reference to private key
+ *
+ * @v key		Private key
+ * @ret key		Private key
+ */
+static inline __attribute__ (( always_inline )) struct private_key *
+privkey_get ( struct private_key *key ) {
+	ref_get ( &key->refcnt );
+	return key;
+}
+
+/**
+ * Drop reference to private key
+ *
+ * @v key		Private key
+ */
+static inline __attribute__ (( always_inline )) void
+privkey_put ( struct private_key *key ) {
+	ref_put ( &key->refcnt );
+}
+
+/**
+ * Get private key ASN.1 cursor
+ *
+ * @v key		Private key
+ * @ret cursor		ASN.1 cursor
+ */
+static inline __attribute__ (( always_inline )) struct asn1_cursor *
+privkey_cursor ( struct private_key *key ) {
+	return asn1_built ( &key->builder );
+}
+
+extern void privkey_free ( struct refcnt *refcnt );
+
+/**
+ * Initialise empty private key
+ *
+ */
+static inline __attribute__ (( always_inline )) void
+privkey_init ( struct private_key *key ) {
+	ref_init ( &key->refcnt, privkey_free );
+}
+
+extern struct private_key private_key;
 
 #endif /* _IPXE_PRIVKEY_H */