mbed TLS v2.7.17
pkcs11.h
Go to the documentation of this file.
1 
8 /*
9  * Copyright The Mbed TLS Contributors
10  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
11  *
12  * This file is provided under the Apache License 2.0, or the
13  * GNU General Public License v2.0 or later.
14  *
15  * **********
16  * Apache License 2.0:
17  *
18  * Licensed under the Apache License, Version 2.0 (the "License"); you may
19  * not use this file except in compliance with the License.
20  * You may obtain a copy of the License at
21  *
22  * http://www.apache.org/licenses/LICENSE-2.0
23  *
24  * Unless required by applicable law or agreed to in writing, software
25  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
26  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
27  * See the License for the specific language governing permissions and
28  * limitations under the License.
29  *
30  * **********
31  *
32  * **********
33  * GNU General Public License v2.0 or later:
34  *
35  * This program is free software; you can redistribute it and/or modify
36  * it under the terms of the GNU General Public License as published by
37  * the Free Software Foundation; either version 2 of the License, or
38  * (at your option) any later version.
39  *
40  * This program is distributed in the hope that it will be useful,
41  * but WITHOUT ANY WARRANTY; without even the implied warranty of
42  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
43  * GNU General Public License for more details.
44  *
45  * You should have received a copy of the GNU General Public License along
46  * with this program; if not, write to the Free Software Foundation, Inc.,
47  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
48  *
49  * **********
50  */
51 #ifndef MBEDTLS_PKCS11_H
52 #define MBEDTLS_PKCS11_H
53 
54 #if !defined(MBEDTLS_CONFIG_FILE)
55 #include "config.h"
56 #else
57 #include MBEDTLS_CONFIG_FILE
58 #endif
59 
60 #if defined(MBEDTLS_PKCS11_C)
61 
62 #include "x509_crt.h"
63 
64 #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
65 
66 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
67  !defined(inline) && !defined(__cplusplus)
68 #define inline __inline
69 #endif
70 
71 #ifdef __cplusplus
72 extern "C" {
73 #endif
74 
78 typedef struct {
79  pkcs11h_certificate_t pkcs11h_cert;
80  int len;
82 
88 
97 int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
98 
110  pkcs11h_certificate_t pkcs11_cert );
111 
119 
138  int mode, size_t *olen,
139  const unsigned char *input,
140  unsigned char *output,
141  size_t output_max_len );
142 
160  int mode,
161  mbedtls_md_type_t md_alg,
162  unsigned int hashlen,
163  const unsigned char *hash,
164  unsigned char *sig );
165 
169 static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
170  const unsigned char *input, unsigned char *output,
171  size_t output_max_len )
172 {
173  return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
174  output_max_len );
175 }
176 
177 static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
178  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
179  int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
180  const unsigned char *hash, unsigned char *sig )
181 {
182  ((void) f_rng);
183  ((void) p_rng);
184  return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg,
185  hashlen, hash, sig );
186 }
187 
188 static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx )
189 {
190  return ( (mbedtls_pkcs11_context *) ctx )->len;
191 }
192 
193 #ifdef __cplusplus
194 }
195 #endif
196 
197 #endif /* MBEDTLS_PKCS11_C */
198 
199 #endif /* MBEDTLS_PKCS11_H */
static int mbedtls_ssl_pkcs11_sign(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Definition: pkcs11.h:177
void mbedtls_pkcs11_init(mbedtls_pkcs11_context *ctx)
Configuration options (set of defines)
int mbedtls_pkcs11_priv_key_bind(mbedtls_pkcs11_context *priv_key, pkcs11h_certificate_t pkcs11_cert)
int mbedtls_pkcs11_x509_cert_bind(mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert)
int mbedtls_pkcs11_sign(mbedtls_pkcs11_context *ctx, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Do a private RSA to sign a message digest.
X.509 certificate parsing and writing.
int mbedtls_pkcs11_decrypt(mbedtls_pkcs11_context *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Do an RSA private key decrypt, then remove the message padding.
pkcs11h_certificate_t pkcs11h_cert
Definition: pkcs11.h:79
static size_t mbedtls_ssl_pkcs11_key_len(void *ctx)
Definition: pkcs11.h:188
static int mbedtls_ssl_pkcs11_decrypt(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Definition: pkcs11.h:169
mbedtls_md_type_t
Enumeration of supported message digests.
Definition: md.h:81
void mbedtls_pkcs11_priv_key_free(mbedtls_pkcs11_context *priv_key)