mbed TLS v2.7.16
pkcs11.h
Go to the documentation of this file.
1 
8 /*
9  * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
10  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
11  *
12  * This file is provided under the Apache License 2.0, or the
13  * GNU General Public License v2.0 or later.
14  *
15  * **********
16  * Apache License 2.0:
17  *
18  * Licensed under the Apache License, Version 2.0 (the "License"); you may
19  * not use this file except in compliance with the License.
20  * You may obtain a copy of the License at
21  *
22  * http://www.apache.org/licenses/LICENSE-2.0
23  *
24  * Unless required by applicable law or agreed to in writing, software
25  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
26  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
27  * See the License for the specific language governing permissions and
28  * limitations under the License.
29  *
30  * **********
31  *
32  * **********
33  * GNU General Public License v2.0 or later:
34  *
35  * This program is free software; you can redistribute it and/or modify
36  * it under the terms of the GNU General Public License as published by
37  * the Free Software Foundation; either version 2 of the License, or
38  * (at your option) any later version.
39  *
40  * This program is distributed in the hope that it will be useful,
41  * but WITHOUT ANY WARRANTY; without even the implied warranty of
42  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
43  * GNU General Public License for more details.
44  *
45  * You should have received a copy of the GNU General Public License along
46  * with this program; if not, write to the Free Software Foundation, Inc.,
47  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
48  *
49  * **********
50  *
51  * This file is part of mbed TLS (https://tls.mbed.org)
52  */
53 #ifndef MBEDTLS_PKCS11_H
54 #define MBEDTLS_PKCS11_H
55 
56 #if !defined(MBEDTLS_CONFIG_FILE)
57 #include "config.h"
58 #else
59 #include MBEDTLS_CONFIG_FILE
60 #endif
61 
62 #if defined(MBEDTLS_PKCS11_C)
63 
64 #include "x509_crt.h"
65 
66 #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
67 
68 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
69  !defined(inline) && !defined(__cplusplus)
70 #define inline __inline
71 #endif
72 
73 #ifdef __cplusplus
74 extern "C" {
75 #endif
76 
80 typedef struct {
81  pkcs11h_certificate_t pkcs11h_cert;
82  int len;
84 
90 
99 int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
100 
112  pkcs11h_certificate_t pkcs11_cert );
113 
121 
140  int mode, size_t *olen,
141  const unsigned char *input,
142  unsigned char *output,
143  size_t output_max_len );
144 
162  int mode,
163  mbedtls_md_type_t md_alg,
164  unsigned int hashlen,
165  const unsigned char *hash,
166  unsigned char *sig );
167 
171 static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
172  const unsigned char *input, unsigned char *output,
173  size_t output_max_len )
174 {
175  return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
176  output_max_len );
177 }
178 
179 static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
180  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
181  int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
182  const unsigned char *hash, unsigned char *sig )
183 {
184  ((void) f_rng);
185  ((void) p_rng);
186  return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg,
187  hashlen, hash, sig );
188 }
189 
190 static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx )
191 {
192  return ( (mbedtls_pkcs11_context *) ctx )->len;
193 }
194 
195 #ifdef __cplusplus
196 }
197 #endif
198 
199 #endif /* MBEDTLS_PKCS11_C */
200 
201 #endif /* MBEDTLS_PKCS11_H */
static int mbedtls_ssl_pkcs11_sign(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Definition: pkcs11.h:179
void mbedtls_pkcs11_init(mbedtls_pkcs11_context *ctx)
Configuration options (set of defines)
int mbedtls_pkcs11_priv_key_bind(mbedtls_pkcs11_context *priv_key, pkcs11h_certificate_t pkcs11_cert)
int mbedtls_pkcs11_x509_cert_bind(mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert)
int mbedtls_pkcs11_sign(mbedtls_pkcs11_context *ctx, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Do a private RSA to sign a message digest.
X.509 certificate parsing and writing.
int mbedtls_pkcs11_decrypt(mbedtls_pkcs11_context *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Do an RSA private key decrypt, then remove the message padding.
pkcs11h_certificate_t pkcs11h_cert
Definition: pkcs11.h:81
static size_t mbedtls_ssl_pkcs11_key_len(void *ctx)
Definition: pkcs11.h:190
static int mbedtls_ssl_pkcs11_decrypt(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Definition: pkcs11.h:171
mbedtls_md_type_t
Enumeration of supported message digests.
Definition: md.h:83
void mbedtls_pkcs11_priv_key_free(mbedtls_pkcs11_context *priv_key)