mbed TLS v2.7.6
pkcs11.h
Go to the documentation of this file.
1 
8 /*
9  * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
10  * SPDX-License-Identifier: Apache-2.0
11  *
12  * Licensed under the Apache License, Version 2.0 (the "License"); you may
13  * not use this file except in compliance with the License.
14  * You may obtain a copy of the License at
15  *
16  * http://www.apache.org/licenses/LICENSE-2.0
17  *
18  * Unless required by applicable law or agreed to in writing, software
19  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
20  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  * See the License for the specific language governing permissions and
22  * limitations under the License.
23  *
24  * This file is part of mbed TLS (https://tls.mbed.org)
25  */
26 #ifndef MBEDTLS_PKCS11_H
27 #define MBEDTLS_PKCS11_H
28 
29 #if !defined(MBEDTLS_CONFIG_FILE)
30 #include "config.h"
31 #else
32 #include MBEDTLS_CONFIG_FILE
33 #endif
34 
35 #if defined(MBEDTLS_PKCS11_C)
36 
37 #include "x509_crt.h"
38 
39 #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
40 
41 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
42  !defined(inline) && !defined(__cplusplus)
43 #define inline __inline
44 #endif
45 
46 #ifdef __cplusplus
47 extern "C" {
48 #endif
49 
53 typedef struct {
54  pkcs11h_certificate_t pkcs11h_cert;
55  int len;
56 } mbedtls_pkcs11_context;
57 
62 void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx );
63 
72 int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
73 
84 int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key,
85  pkcs11h_certificate_t pkcs11_cert );
86 
93 void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key );
94 
112 int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
113  int mode, size_t *olen,
114  const unsigned char *input,
115  unsigned char *output,
116  size_t output_max_len );
117 
134 int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
135  int mode,
136  mbedtls_md_type_t md_alg,
137  unsigned int hashlen,
138  const unsigned char *hash,
139  unsigned char *sig );
140 
144 static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
145  const unsigned char *input, unsigned char *output,
146  size_t output_max_len )
147 {
148  return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
149  output_max_len );
150 }
151 
152 static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
153  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
154  int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
155  const unsigned char *hash, unsigned char *sig )
156 {
157  ((void) f_rng);
158  ((void) p_rng);
159  return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg,
160  hashlen, hash, sig );
161 }
162 
163 static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx )
164 {
165  return ( (mbedtls_pkcs11_context *) ctx )->len;
166 }
167 
168 #ifdef __cplusplus
169 }
170 #endif
171 
172 #endif /* MBEDTLS_PKCS11_C */
173 
174 #endif /* MBEDTLS_PKCS11_H */
Configuration options (set of defines)
X.509 certificate parsing and writing.
mbedtls_md_type_t
Enumeration of supported message digests.
Definition: md.h:56