00001
00025 #ifndef MBEDTLS_PKCS11_H
00026 #define MBEDTLS_PKCS11_H
00027
00028 #if !defined(MBEDTLS_CONFIG_FILE)
00029 #include "config.h"
00030 #else
00031 #include MBEDTLS_CONFIG_FILE
00032 #endif
00033
00034 #if defined(MBEDTLS_PKCS11_C)
00035
00036 #include "x509_crt.h"
00037
00038 #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
00039
00040 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
00041 !defined(inline) && !defined(__cplusplus)
00042 #define inline __inline
00043 #endif
00044
00045 #ifdef __cplusplus
00046 extern "C" {
00047 #endif
00048
00052 typedef struct {
00053 pkcs11h_certificate_t pkcs11h_cert;
00054 int len;
00055 } mbedtls_pkcs11_context;
00056
00061 void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx );
00062
00071 int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
00072
00083 int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key,
00084 pkcs11h_certificate_t pkcs11_cert );
00085
00092 void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key );
00093
00111 int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
00112 int mode, size_t *olen,
00113 const unsigned char *input,
00114 unsigned char *output,
00115 size_t output_max_len );
00116
00133 int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
00134 int mode,
00135 mbedtls_md_type_t md_alg,
00136 unsigned int hashlen,
00137 const unsigned char *hash,
00138 unsigned char *sig );
00139
00143 static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
00144 const unsigned char *input, unsigned char *output,
00145 size_t output_max_len )
00146 {
00147 return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
00148 output_max_len );
00149 }
00150
00151 static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
00152 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
00153 int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
00154 const unsigned char *hash, unsigned char *sig )
00155 {
00156 ((void) f_rng);
00157 ((void) p_rng);
00158 return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg,
00159 hashlen, hash, sig );
00160 }
00161
00162 static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx )
00163 {
00164 return ( (mbedtls_pkcs11_context *) ctx )->len;
00165 }
00166
00167 #ifdef __cplusplus
00168 }
00169 #endif
00170
00171 #endif
00172
00173 #endif