libp11 0.4.12
|
libp11 header file More...
#include "p11_err.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/x509.h>
#include <openssl/evp.h>
Go to the source code of this file.
Data Structures | |
struct | PKCS11_key_st |
PKCS11 key object (public or private) More... | |
struct | PKCS11_cert_st |
PKCS11 certificate object. More... | |
struct | PKCS11_token_st |
PKCS11 token: smart card or USB key. More... | |
struct | PKCS11_slot_st |
PKCS11 slot: card reader. More... | |
struct | PKCS11_ctx_st |
PKCS11 context. More... | |
Typedefs | |
typedef struct PKCS11_key_st | PKCS11_KEY |
PKCS11 key object (public or private) | |
typedef struct PKCS11_cert_st | PKCS11_CERT |
PKCS11 certificate object. | |
typedef struct PKCS11_token_st | PKCS11_TOKEN |
PKCS11 token: smart card or USB key. | |
typedef struct PKCS11_slot_st | PKCS11_SLOT |
PKCS11 slot: card reader. | |
typedef struct PKCS11_ctx_st | PKCS11_CTX |
PKCS11 context. | |
Functions | |
int | ERR_load_CKR_strings (void) |
void | ERR_unload_CKR_strings (void) |
void | ERR_CKR_error (int function, int reason, char *file, int line) |
int | ERR_get_CKR_code (void) |
PKCS11_CTX * | PKCS11_CTX_new (void) |
Create a new libp11 context. | |
void | PKCS11_CTX_init_args (PKCS11_CTX *ctx, const char *init_args) |
Specify any private PKCS#11 module initialization args, if necessary. | |
int | PKCS11_CTX_load (PKCS11_CTX *ctx, const char *ident) |
Load a PKCS#11 module. | |
void | PKCS11_CTX_unload (PKCS11_CTX *ctx) |
Unload a PKCS#11 module. | |
void | PKCS11_CTX_free (PKCS11_CTX *ctx) |
Free a libp11 context. | |
int | PKCS11_open_session (PKCS11_SLOT *slot, int rw) |
Open a session in RO or RW mode. | |
int | PKCS11_enumerate_slots (PKCS11_CTX *ctx, PKCS11_SLOT **slotsp, unsigned int *nslotsp) |
Get a list of all slots. | |
int | PKCS11_update_slots (PKCS11_CTX *ctx, PKCS11_SLOT **slotsp, unsigned int *nslotsp) |
Get or update a list of all slots. | |
unsigned long | PKCS11_get_slotid_from_slot (PKCS11_SLOT *slotp) |
Get the slot_id from a slot as it is stored in private. | |
void | PKCS11_release_all_slots (PKCS11_CTX *ctx, PKCS11_SLOT *slots, unsigned int nslots) |
Free the list of slots allocated by PKCS11_enumerate_slots() | |
PKCS11_SLOT * | PKCS11_find_token (PKCS11_CTX *ctx, PKCS11_SLOT *slots, unsigned int nslots) |
Find the first slot with a token. | |
PKCS11_SLOT * | PKCS11_find_next_token (PKCS11_CTX *ctx, PKCS11_SLOT *slots, unsigned int nslots, PKCS11_SLOT *slot) |
Find the next slot with a token. | |
int | PKCS11_is_logged_in (PKCS11_SLOT *slot, int so, int *res) |
Check if user is already authenticated to a card. | |
int | PKCS11_login (PKCS11_SLOT *slot, int so, const char *pin) |
Authenticate to the card. | |
int | PKCS11_logout (PKCS11_SLOT *slot) |
De-authenticate from the card. | |
int | PKCS11_enumerate_keys (PKCS11_TOKEN *, PKCS11_KEY **, unsigned int *) |
int | PKCS11_remove_key (PKCS11_KEY *) |
int | PKCS11_enumerate_public_keys (PKCS11_TOKEN *, PKCS11_KEY **, unsigned int *) |
int | PKCS11_get_key_type (PKCS11_KEY *) |
EVP_PKEY * | PKCS11_get_private_key (PKCS11_KEY *key) |
Returns a EVP_PKEY object for the private key. | |
EVP_PKEY * | PKCS11_get_public_key (PKCS11_KEY *key) |
Returns a EVP_PKEY object with the public key. | |
PKCS11_CERT * | PKCS11_find_certificate (PKCS11_KEY *) |
PKCS11_KEY * | PKCS11_find_key (PKCS11_CERT *) |
int | PKCS11_enumerate_certs (PKCS11_TOKEN *, PKCS11_CERT **, unsigned int *) |
int | PKCS11_remove_certificate (PKCS11_CERT *) |
int | PKCS11_set_ui_method (PKCS11_CTX *ctx, UI_METHOD *ui_method, void *ui_user_data) |
int | PKCS11_init_token (PKCS11_TOKEN *token, const char *pin, const char *label) |
Initialize a token. | |
int | PKCS11_init_pin (PKCS11_TOKEN *token, const char *pin) |
Initialize the user PIN on a token. | |
int | PKCS11_change_pin (PKCS11_SLOT *slot, const char *old_pin, const char *new_pin) |
Change the currently used (either USER or SO) PIN on a token. | |
int | PKCS11_store_private_key (PKCS11_TOKEN *token, EVP_PKEY *pk, char *label, unsigned char *id, size_t id_len) |
Store private key on a token. | |
int | PKCS11_store_public_key (PKCS11_TOKEN *token, EVP_PKEY *pk, char *label, unsigned char *id, size_t id_len) |
Store public key on a token. | |
int | PKCS11_store_certificate (PKCS11_TOKEN *token, X509 *x509, char *label, unsigned char *id, size_t id_len, PKCS11_CERT **ret_cert) |
Store certificate on a token. | |
int | PKCS11_seed_random (PKCS11_SLOT *slot, const unsigned char *s, unsigned int s_len) |
int | PKCS11_generate_random (PKCS11_SLOT *slot, unsigned char *r, unsigned int r_len) |
RSA_METHOD * | PKCS11_get_rsa_method (void) |
void * | PKCS11_get_ec_key_method (void) |
ECDSA_METHOD * | PKCS11_get_ecdsa_method (void) |
ECDH_METHOD * | PKCS11_get_ecdh_method (void) |
int | PKCS11_pkey_meths (ENGINE *e, EVP_PKEY_METHOD **pmeth, const int **nids, int nid) |
void | ERR_load_PKCS11_strings (void) |
Load PKCS11 error strings. | |
P11_DEPRECATED_FUNC int | PKCS11_generate_key (PKCS11_TOKEN *token, int algorithm, unsigned int bits, char *label, unsigned char *id, size_t id_len) |
Generate a private key on the token. | |
P11_DEPRECATED_FUNC int | PKCS11_get_key_size (PKCS11_KEY *) |
P11_DEPRECATED_FUNC int | PKCS11_get_key_modulus (PKCS11_KEY *, BIGNUM **) |
P11_DEPRECATED_FUNC int | PKCS11_get_key_exponent (PKCS11_KEY *, BIGNUM **) |
P11_DEPRECATED_FUNC int | PKCS11_ecdsa_sign (const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, PKCS11_KEY *key) |
P11_DEPRECATED_FUNC int | PKCS11_sign (int type, const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, PKCS11_KEY *key) |
P11_DEPRECATED_FUNC int | PKCS11_verify (int type, const unsigned char *m, unsigned int m_len, unsigned char *signature, unsigned int siglen, PKCS11_KEY *key) |
P11_DEPRECATED_FUNC int | PKCS11_private_encrypt (int flen, const unsigned char *from, unsigned char *to, PKCS11_KEY *rsa, int padding) |
P11_DEPRECATED_FUNC int | PKCS11_private_decrypt (int flen, const unsigned char *from, unsigned char *to, PKCS11_KEY *key, int padding) |
Decrypts data using the private key. | |
libp11 header file
Definition in file libp11.h.
#define CKRerr | ( | f, | |
r ) ERR_CKR_error((f),(r),__FILE__,__LINE__) |
#define P11_DEPRECATED_FUNC P11_DEPRECATED("This function will be removed in libp11 0.5.0") |
#define PKCS11_F_PKCS11_CHECK_TOKEN CKR_F_PKCS11_CHECK_TOKEN |
#define PKCS11_F_PKCS11_ECDH_DERIVE CKR_F_PKCS11_ECDH_DERIVE |
#define PKCS11_F_PKCS11_ENUMERATE_SLOTS CKR_F_PKCS11_ENUMERATE_SLOTS |
#define PKCS11_F_PKCS11_GENERATE_KEY CKR_F_PKCS11_GENERATE_KEY |
#define PKCS11_F_PKCS11_GENERATE_RANDOM CKR_F_PKCS11_GENERATE_RANDOM |
#define PKCS11_F_PKCS11_GETATTR_ALLOC CKR_F_PKCS11_GETATTR_ALLOC |
#define PKCS11_F_PKCS11_GETATTR_INT CKR_F_PKCS11_GETATTR_INT |
#define PKCS11_F_PKCS11_IS_LOGGED_IN CKR_F_PKCS11_IS_LOGGED_IN |
#define PKCS11_F_PKCS11_OPEN_SESSION CKR_F_PKCS11_OPEN_SESSION |
#define PKCS11_F_PKCS11_PRIVATE_DECRYPT CKR_F_PKCS11_PRIVATE_DECRYPT |
#define PKCS11_F_PKCS11_PRIVATE_ENCRYPT CKR_F_PKCS11_PRIVATE_ENCRYPT |
#define PKCS11_F_PKCS11_REMOVE_CERTIFICATE CKR_F_PKCS11_REMOVE_CERTIFICATE |
#define PKCS11_F_PKCS11_SEED_RANDOM CKR_F_PKCS11_SEED_RANDOM |
#define PKCS11_F_PKCS11_STORE_CERTIFICATE CKR_F_PKCS11_STORE_CERTIFICATE |
|
extern |
Load PKCS11 error strings.
Call this function to be able to use ERR_reason_error_string(ERR_get_error()) to get an textual version of the latest error code
|
extern |
Change the currently used (either USER or SO) PIN on a token.
slot | slot returned by PKCS11_find_token() |
old_pin | old PIN value |
new_pin | new PIN value |
0 | success |
-1 | error |
|
extern |
Free a libp11 context.
ctx | context allocated by PKCS11_CTX_new() |
|
extern |
Specify any private PKCS#11 module initialization args, if necessary.
|
extern |
Load a PKCS#11 module.
ctx | context allocated by PKCS11_CTX_new() |
ident | PKCS#11 library filename |
0 | success |
-1 | error |
|
extern |
Create a new libp11 context.
This should be the first function called in the use of libp11
|
extern |
Unload a PKCS#11 module.
ctx | context allocated by PKCS11_CTX_new() |
|
extern |
Get a list of all slots.
ctx | context allocated by PKCS11_CTX_new() |
slotsp | pointer on a list of slots |
nslotsp | size of the allocated list |
0 | success |
-1 | error |
PKCS11_SLOT * PKCS11_find_next_token | ( | PKCS11_CTX * | ctx, |
PKCS11_SLOT * | slots, | ||
unsigned int | nslots, | ||
PKCS11_SLOT * | slot ) |
Find the next slot with a token.
ctx | context allocated by PKCS11_CTX_new() |
slots | list of slots allocated by PKCS11_enumerate_slots() |
nslots | size of the list |
slot | current slot |
!=NULL | pointer on a slot structure |
NULL | error |
PKCS11_SLOT * PKCS11_find_token | ( | PKCS11_CTX * | ctx, |
PKCS11_SLOT * | slots, | ||
unsigned int | nslots ) |
Find the first slot with a token.
ctx | context allocated by PKCS11_CTX_new() |
slots | list of slots allocated by PKCS11_enumerate_slots() |
nslots | size of the list |
!=NULL | pointer on a slot structure |
NULL | error |
|
extern |
Generate a private key on the token.
token | token returned by PKCS11_find_token() |
algorithm | IGNORED (still here for backward compatibility) |
bits | size of the modulus in bits |
label | label for this key |
id | bytes to use as the id value |
id_len | length of the id value |
0 | success |
-1 | error |
|
extern |
Returns a EVP_PKEY object for the private key.
key | PKCS11_KEY object |
!=NULL | reference to the EVP_PKEY object |
NULL | error |
|
extern |
Returns a EVP_PKEY object with the public key.
key | PKCS11_KEY object |
!=NULL | reference to the EVP_PKEY object |
NULL | error |
|
extern |
Get the slot_id from a slot as it is stored in private.
slotp | pointer on a slot |
the | slotid |
|
extern |
Initialize the user PIN on a token.
token | token descriptor (in general slot->token) |
pin | new user PIN value |
0 | success |
-1 | error |
|
extern |
Initialize a token.
token | token descriptor (in general slot->token) |
pin | Security Officer PIN value |
label | new name of the token |
0 | success |
-1 | error |
|
extern |
Check if user is already authenticated to a card.
slot | slot returned by PKCS11_find_token() |
so | kind of login to check: CKU_SO if != 0, otherwise CKU_USER |
res | pointer to return value: 1 if logged in, 0 if not logged in |
0 | success |
-1 | error |
|
extern |
Authenticate to the card.
slot | slot returned by PKCS11_find_token() |
so | login as CKU_SO if != 0, otherwise login as CKU_USER |
pin | PIN value |
0 | success |
-1 | error |
|
extern |
De-authenticate from the card.
slot | slot returned by PKCS11_find_token() |
0 | success |
-1 | error |
|
extern |
Open a session in RO or RW mode.
slot | slot descriptor returned by PKCS11_find_token() or PKCS11_enumerate_slots() |
rw | open in read/write mode is mode != 0, otherwise in read only mode |
0 | success |
-1 | error |
|
extern |
Decrypts data using the private key.
flen | length of the encrypted data |
from | encrypted data |
to | output buffer (MUST be a least flen bytes long) |
key | private key object |
padding | padding algorithm to be used |
|
extern |
Free the list of slots allocated by PKCS11_enumerate_slots()
ctx | context allocated by PKCS11_CTX_new() |
slots | list of slots allocated by PKCS11_enumerate_slots() |
nslots | size of the list |
|
extern |
Store certificate on a token.
token | token returned by PKCS11_find_token() |
x509 | x509 certificate object |
label | label for this certificate |
id | bytes to use as the id value |
id_len | length of the id value |
ret_cert | put new PKCS11_CERT object here |
0 | success |
-1 | error |
|
extern |
Store private key on a token.
token | token returned by PKCS11_find_token() |
pk | private key |
label | label for this key |
id | bytes to use as the id value |
id_len | length of the id value |
0 | success |
-1 | error |
|
extern |
Store public key on a token.
token | token returned by PKCS11_find_token() |
pk | private key |
label | label for this key |
id | bytes to use as the id value |
id_len | length of the id value |
0 | success |
-1 | error |
|
extern |
Get or update a list of all slots.
The difference to PKCS11_enumerate_slots() is that this will expect as input previous slot list (or zero initialized count and null pointer) for the list. This function always reuses the slots found from the previous list to avoid unexpected slot and key object destructon.
ctx | context allocated by PKCS11_CTX_new() |
slotsp | pointer on a list of slots |
nslotsp | pointer to size of the allocated list |
0 | success |
-1 | error |
libp11, Copyright (C) 2005 Olaf Kirch <okir@lst.de> | ![]() |