mbed TLS v2.16.6
pkcs11.h
Go to the documentation of this file.
1 
8 /*
9  * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
10  * SPDX-License-Identifier: GPL-2.0
11  *
12  * This program is free software; you can redistribute it and/or modify
13  * it under the terms of the GNU General Public License as published by
14  * the Free Software Foundation; either version 2 of the License, or
15  * (at your option) any later version.
16  *
17  * This program is distributed in the hope that it will be useful,
18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20  * GNU General Public License for more details.
21  *
22  * You should have received a copy of the GNU General Public License along
23  * with this program; if not, write to the Free Software Foundation, Inc.,
24  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
25  *
26  * This file is part of mbed TLS (https://tls.mbed.org)
27  */
28 #ifndef MBEDTLS_PKCS11_H
29 #define MBEDTLS_PKCS11_H
30 
31 #if !defined(MBEDTLS_CONFIG_FILE)
32 #include "config.h"
33 #else
34 #include MBEDTLS_CONFIG_FILE
35 #endif
36 
37 #if defined(MBEDTLS_PKCS11_C)
38 
39 #include "x509_crt.h"
40 
41 #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
42 
43 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
44  !defined(inline) && !defined(__cplusplus)
45 #define inline __inline
46 #endif
47 
48 #ifdef __cplusplus
49 extern "C" {
50 #endif
51 
55 typedef struct mbedtls_pkcs11_context
56 {
57  pkcs11h_certificate_t pkcs11h_cert;
58  int len;
59 } mbedtls_pkcs11_context;
60 
65 void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx );
66 
75 int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
76 
87 int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key,
88  pkcs11h_certificate_t pkcs11_cert );
89 
96 void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key );
97 
115 int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
116  int mode, size_t *olen,
117  const unsigned char *input,
118  unsigned char *output,
119  size_t output_max_len );
120 
137 int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
138  int mode,
139  mbedtls_md_type_t md_alg,
140  unsigned int hashlen,
141  const unsigned char *hash,
142  unsigned char *sig );
143 
147 static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
148  const unsigned char *input, unsigned char *output,
149  size_t output_max_len )
150 {
151  return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
152  output_max_len );
153 }
154 
155 static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
156  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
157  int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
158  const unsigned char *hash, unsigned char *sig )
159 {
160  ((void) f_rng);
161  ((void) p_rng);
162  return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg,
163  hashlen, hash, sig );
164 }
165 
166 static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx )
167 {
168  return ( (mbedtls_pkcs11_context *) ctx )->len;
169 }
170 
171 #ifdef __cplusplus
172 }
173 #endif
174 
175 #endif /* MBEDTLS_PKCS11_C */
176 
177 #endif /* MBEDTLS_PKCS11_H */
Configuration options (set of defines)
X.509 certificate parsing and writing.
mbedtls_md_type_t
Supported message digests.
Definition: md.h:60