00001
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026 #ifndef MBEDTLS_PKCS11_H
00027 #define MBEDTLS_PKCS11_H
00028
00029 #if !defined(MBEDTLS_CONFIG_FILE)
00030 #include "config.h"
00031 #else
00032 #include MBEDTLS_CONFIG_FILE
00033 #endif
00034
00035 #if defined(MBEDTLS_PKCS11_C)
00036
00037 #include "x509_crt.h"
00038
00039 #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
00040
00041 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
00042 !defined(inline) && !defined(__cplusplus)
00043 #define inline __inline
00044 #endif
00045
00046 #ifdef __cplusplus
00047 extern "C" {
00048 #endif
00049
00053 typedef struct {
00054 pkcs11h_certificate_t pkcs11h_cert;
00055 int len;
00056 } mbedtls_pkcs11_context;
00057
00062 void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx );
00063
00072 int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
00073
00084 int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key,
00085 pkcs11h_certificate_t pkcs11_cert );
00086
00093 void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key );
00094
00112 int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
00113 int mode, size_t *olen,
00114 const unsigned char *input,
00115 unsigned char *output,
00116 size_t output_max_len );
00117
00134 int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
00135 int mode,
00136 mbedtls_md_type_t md_alg,
00137 unsigned int hashlen,
00138 const unsigned char *hash,
00139 unsigned char *sig );
00140
00144 static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
00145 const unsigned char *input, unsigned char *output,
00146 size_t output_max_len )
00147 {
00148 return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
00149 output_max_len );
00150 }
00151
00152 static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
00153 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
00154 int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
00155 const unsigned char *hash, unsigned char *sig )
00156 {
00157 ((void) f_rng);
00158 ((void) p_rng);
00159 return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg,
00160 hashlen, hash, sig );
00161 }
00162
00163 static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx )
00164 {
00165 return ( (mbedtls_pkcs11_context *) ctx )->len;
00166 }
00167
00168 #ifdef __cplusplus
00169 }
00170 #endif
00171
00172 #endif
00173
00174 #endif