00001
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051 #ifndef MBEDTLS_PKCS11_H
00052 #define MBEDTLS_PKCS11_H
00053
00054 #if !defined(MBEDTLS_CONFIG_FILE)
00055 #include "config.h"
00056 #else
00057 #include MBEDTLS_CONFIG_FILE
00058 #endif
00059
00060 #if defined(MBEDTLS_PKCS11_C)
00061
00062 #include "x509_crt.h"
00063
00064 #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
00065
00066 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
00067 !defined(inline) && !defined(__cplusplus)
00068 #define inline __inline
00069 #endif
00070
00071 #ifdef __cplusplus
00072 extern "C" {
00073 #endif
00074
00078 typedef struct {
00079 pkcs11h_certificate_t pkcs11h_cert;
00080 int len;
00081 } mbedtls_pkcs11_context;
00082
00087 void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx );
00088
00097 int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
00098
00109 int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key,
00110 pkcs11h_certificate_t pkcs11_cert );
00111
00118 void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key );
00119
00137 int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
00138 int mode, size_t *olen,
00139 const unsigned char *input,
00140 unsigned char *output,
00141 size_t output_max_len );
00142
00159 int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
00160 int mode,
00161 mbedtls_md_type_t md_alg,
00162 unsigned int hashlen,
00163 const unsigned char *hash,
00164 unsigned char *sig );
00165
00169 static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
00170 const unsigned char *input, unsigned char *output,
00171 size_t output_max_len )
00172 {
00173 return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
00174 output_max_len );
00175 }
00176
00177 static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
00178 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
00179 int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
00180 const unsigned char *hash, unsigned char *sig )
00181 {
00182 ((void) f_rng);
00183 ((void) p_rng);
00184 return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg,
00185 hashlen, hash, sig );
00186 }
00187
00188 static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx )
00189 {
00190 return ( (mbedtls_pkcs11_context *) ctx )->len;
00191 }
00192
00193 #ifdef __cplusplus
00194 }
00195 #endif
00196
00197 #endif
00198
00199 #endif