pkcs11-helper
|
Files | |
file | pkcs11h-certificate.h |
pkcs11-helper certificate functions. | |
Classes | |
struct | pkcs11h_certificate_id_s |
Certificate id reference. More... | |
struct | pkcs11h_certificate_id_list_s |
Certificate id list. More... | |
Typedefs | |
typedef struct pkcs11h_certificate_id_s * | pkcs11h_certificate_id_t |
Certificate id reference. | |
typedef struct pkcs11h_certificate_s * | pkcs11h_certificate_t |
Certificate object. | |
typedef struct pkcs11h_certificate_id_list_s * | pkcs11h_certificate_id_list_t |
Certificate id list. | |
Functions | |
CK_RV | pkcs11h_certificate_freeCertificateId (IN pkcs11h_certificate_id_t certificate_id) |
Free certificate_id object. More... | |
CK_RV | pkcs11h_certificate_duplicateCertificateId (OUT pkcs11h_certificate_id_t *const to, IN const pkcs11h_certificate_id_t from) |
Duplicate certificate_id object. More... | |
CK_RV | pkcs11h_certificate_setCertificateIdCertificateBlob (IN const pkcs11h_certificate_id_t certificate_id, IN const unsigned char *const blob, IN const size_t blob_size) |
Sets internal certificate_id blob. More... | |
CK_RV | pkcs11h_certificate_freeCertificate (IN pkcs11h_certificate_t certificate) |
Free certificate object. More... | |
CK_RV | pkcs11h_certificate_create (IN const pkcs11h_certificate_id_t certificate_id, IN void *const user_data, IN const unsigned mask_prompt, IN const int pin_cache_period, OUT pkcs11h_certificate_t *const p_certificate) |
Create a certificate object out of certificate_id. More... | |
unsigned | pkcs11h_certificate_getPromptMask (IN const pkcs11h_certificate_t certificate) |
Extract user data out of certificate. More... | |
void | pkcs11h_certificate_setPromptMask (IN const pkcs11h_certificate_t certificate, IN const unsigned mask_prompt) |
Extract user data out of certificate. More... | |
void * | pkcs11h_certificate_getUserData (IN const pkcs11h_certificate_t certificate) |
Extract user data out of certificate. More... | |
void | pkcs11h_certificate_setUserData (IN const pkcs11h_certificate_t certificate, IN void *const user_data) |
Extract user data out of certificate. More... | |
CK_RV | pkcs11h_certificate_getCertificateId (IN const pkcs11h_certificate_t certificate, OUT pkcs11h_certificate_id_t *const p_certificate_id) |
Get certifiate id object out of a certifiate. More... | |
CK_RV | pkcs11h_certificate_getCertificateBlob (IN const pkcs11h_certificate_t certificate, OUT unsigned char *const certificate_blob, IN OUT size_t *const p_certificate_blob_size) |
Get the certificate blob out of the certificate object. More... | |
CK_RV | pkcs11h_certificate_serializeCertificateId (OUT char *const sz, IN OUT size_t *max, IN const pkcs11h_certificate_id_t certificate_id) |
Serialize certificate_id into a string. More... | |
CK_RV | pkcs11h_certificate_deserializeCertificateId (OUT pkcs11h_certificate_id_t *const p_certificate_id, IN const char *const sz) |
Deserialize certificate_id out of string. More... | |
CK_RV | pkcs11h_certificate_ensureCertificateAccess (IN const pkcs11h_certificate_t certificate) |
Ensure certificate is accessible. More... | |
CK_RV | pkcs11h_certificate_ensureKeyAccess (IN const pkcs11h_certificate_t certificate) |
Ensure key is accessible. More... | |
CK_RV | pkcs11h_certificate_lockSession (IN const pkcs11h_certificate_t certificate) |
Lock session for threded environment. More... | |
CK_RV | pkcs11h_certificate_releaseSession (IN const pkcs11h_certificate_t certificate) |
Releases session lock. More... | |
CK_RV | pkcs11h_certificate_sign (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Sign data. More... | |
CK_RV | pkcs11h_certificate_signRecover (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Sign data. More... | |
CK_RV | pkcs11h_certificate_decrypt (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Decrypt data. More... | |
CK_RV | pkcs11h_certificate_unwrap (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Decrypt data. More... | |
CK_RV | pkcs11h_certificate_signAny (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Sign data mechanism determined by key attributes. More... | |
CK_RV | pkcs11h_certificate_decryptAny (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Decrypt data mechanism determined by key attributes. More... | |
CK_RV | pkcs11h_certificate_freeCertificateIdList (IN const pkcs11h_certificate_id_list_t cert_id_list) |
Free certificate_id list. More... | |
CK_RV | pkcs11h_certificate_enumTokenCertificateIds (IN const pkcs11h_token_id_t token_id, IN const unsigned method, IN void *const user_data, IN const unsigned mask_prompt, OUT pkcs11h_certificate_id_list_t *const p_cert_id_issuers_list, OUT pkcs11h_certificate_id_list_t *const p_cert_id_end_list) |
Enumerate available certificates on specific token. More... | |
CK_RV | pkcs11h_certificate_enumCertificateIds (IN const unsigned method, IN void *const user_data, IN const unsigned mask_prompt, OUT pkcs11h_certificate_id_list_t *const p_cert_id_issuers_list, OUT pkcs11h_certificate_id_list_t *const p_cert_id_end_list) |
Enumerate available certificates. More... | |
X.509 certificate interface, provides signature and decryption.
CK_RV pkcs11h_certificate_create | ( | IN const pkcs11h_certificate_id_t | certificate_id, |
IN void *const | user_data, | ||
IN const unsigned | mask_prompt, | ||
IN const int | pin_cache_period, | ||
OUT pkcs11h_certificate_t *const | p_certificate | ||
) |
Create a certificate object out of certificate_id.
certificate_id | Certificate id object to be based on. |
user_data | Optional user data, to be passed to hooks. |
mask_prompt | Allow prompt PKCS11H_PROMPT_MASK. |
pin_cache_period | Session specific cache period. |
p_certificate | Receives certificate object. |
CK_RV pkcs11h_certificate_decrypt | ( | IN const pkcs11h_certificate_t | certificate, |
IN const CK_MECHANISM_TYPE | mech_type, | ||
IN const unsigned char *const | source, | ||
IN const size_t | source_size, | ||
OUT unsigned char *const | target, | ||
IN OUT size_t *const | p_target_size | ||
) |
Decrypt data.
certificate | Certificate object. |
mech_type | PKCS#11 mechanism. |
source | Buffer to sign. |
source_size | Buffer size. |
target | Target buffer. |
p_target_size | Target buffer size. |
CK_RV pkcs11h_certificate_decryptAny | ( | IN const pkcs11h_certificate_t | certificate, |
IN const CK_MECHANISM_TYPE | mech_type, | ||
IN const unsigned char *const | source, | ||
IN const size_t | source_size, | ||
OUT unsigned char *const | target, | ||
IN OUT size_t *const | p_target_size | ||
) |
Decrypt data mechanism determined by key attributes.
certificate | Certificate object. |
mech_type | PKCS#11 mechanism. |
source | Buffer to sign. |
source_size | Buffer size. |
target | Target buffer. |
p_target_size | Target buffer size. |
CK_RV pkcs11h_certificate_deserializeCertificateId | ( | OUT pkcs11h_certificate_id_t *const | p_certificate_id, |
IN const char *const | sz | ||
) |
Deserialize certificate_id out of string.
p_certificate_id | id. |
sz | Inut string |
CK_RV pkcs11h_certificate_duplicateCertificateId | ( | OUT pkcs11h_certificate_id_t *const | to, |
IN const pkcs11h_certificate_id_t | from | ||
) |
Duplicate certificate_id object.
to | Target. |
from | Source. |
CK_RV pkcs11h_certificate_ensureCertificateAccess | ( | IN const pkcs11h_certificate_t | certificate | ) |
Ensure certificate is accessible.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_ensureKeyAccess | ( | IN const pkcs11h_certificate_t | certificate | ) |
Ensure key is accessible.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_enumCertificateIds | ( | IN const unsigned | method, |
IN void *const | user_data, | ||
IN const unsigned | mask_prompt, | ||
OUT pkcs11h_certificate_id_list_t *const | p_cert_id_issuers_list, | ||
OUT pkcs11h_certificate_id_list_t *const | p_cert_id_end_list | ||
) |
Enumerate available certificates.
method | How to fetch certificates PKCS11H_ENUM_METHOD. |
user_data | Some user specific data. |
mask_prompt | Allow prompt PKCS11H_PROMPT_MASK. |
p_cert_id_issuers_list | Receives issues list. |
p_cert_id_end_list | Receives end certificates list. |
CK_RV pkcs11h_certificate_enumTokenCertificateIds | ( | IN const pkcs11h_token_id_t | token_id, |
IN const unsigned | method, | ||
IN void *const | user_data, | ||
IN const unsigned | mask_prompt, | ||
OUT pkcs11h_certificate_id_list_t *const | p_cert_id_issuers_list, | ||
OUT pkcs11h_certificate_id_list_t *const | p_cert_id_end_list | ||
) |
Enumerate available certificates on specific token.
token_id | Token id to enum. |
method | How to fetch certificates PKCS11H_ENUM_METHOD. |
user_data | Some user specific data. |
mask_prompt | Allow prompt PKCS11H_PROMPT_MASK. |
p_cert_id_issuers_list | Receives issues list. |
p_cert_id_end_list | Receives end certificates list. |
CK_RV pkcs11h_certificate_freeCertificate | ( | IN pkcs11h_certificate_t | certificate | ) |
Free certificate object.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_freeCertificateId | ( | IN pkcs11h_certificate_id_t | certificate_id | ) |
Free certificate_id object.
certificate_id | Certificate id. |
CK_RV pkcs11h_certificate_freeCertificateIdList | ( | IN const pkcs11h_certificate_id_list_t | cert_id_list | ) |
CK_RV pkcs11h_certificate_getCertificateBlob | ( | IN const pkcs11h_certificate_t | certificate, |
OUT unsigned char *const | certificate_blob, | ||
IN OUT size_t *const | p_certificate_blob_size | ||
) |
Get the certificate blob out of the certificate object.
certificate | Certificate object. |
certificate_blob | Buffer. |
p_certificate_blob_size | Buffer size. |
CK_RV pkcs11h_certificate_getCertificateId | ( | IN const pkcs11h_certificate_t | certificate, |
OUT pkcs11h_certificate_id_t *const | p_certificate_id | ||
) |
Get certifiate id object out of a certifiate.
certificate | Certificate object. |
p_certificate_id | Certificate id object pointer. |
unsigned pkcs11h_certificate_getPromptMask | ( | IN const pkcs11h_certificate_t | certificate | ) |
Extract user data out of certificate.
certificate | Certificate object. |
void* pkcs11h_certificate_getUserData | ( | IN const pkcs11h_certificate_t | certificate | ) |
Extract user data out of certificate.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_lockSession | ( | IN const pkcs11h_certificate_t | certificate | ) |
Lock session for threded environment.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_releaseSession | ( | IN const pkcs11h_certificate_t | certificate | ) |
Releases session lock.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_serializeCertificateId | ( | OUT char *const | sz, |
IN OUT size_t * | max, | ||
IN const pkcs11h_certificate_id_t | certificate_id | ||
) |
Serialize certificate_id into a string.
sz | Output string. |
max | Max buffer size. |
certificate_id | id to serialize |
CK_RV pkcs11h_certificate_setCertificateIdCertificateBlob | ( | IN const pkcs11h_certificate_id_t | certificate_id, |
IN const unsigned char *const | blob, | ||
IN const size_t | blob_size | ||
) |
Sets internal certificate_id blob.
certificate_id | Certificate id object. |
blob | Certificate blob. |
blob_size | Certificate blob size. |
void pkcs11h_certificate_setPromptMask | ( | IN const pkcs11h_certificate_t | certificate, |
IN const unsigned | mask_prompt | ||
) |
Extract user data out of certificate.
certificate | Certificate object. |
mask_prompt | Allow prompt PKCS11H_PROMPT_MASK. |
void pkcs11h_certificate_setUserData | ( | IN const pkcs11h_certificate_t | certificate, |
IN void *const | user_data | ||
) |
Extract user data out of certificate.
certificate | Certificate object. |
user_data | Optional user data, to be passed to hooks. |
CK_RV pkcs11h_certificate_sign | ( | IN const pkcs11h_certificate_t | certificate, |
IN const CK_MECHANISM_TYPE | mech_type, | ||
IN const unsigned char *const | source, | ||
IN const size_t | source_size, | ||
OUT unsigned char *const | target, | ||
IN OUT size_t *const | p_target_size | ||
) |
Sign data.
certificate | Certificate object. |
mech_type | PKCS#11 mechanism. |
source | Buffer to sign. |
source_size | Buffer size. |
target | Target buffer. |
p_target_size | Target buffer size. |
CK_RV pkcs11h_certificate_signAny | ( | IN const pkcs11h_certificate_t | certificate, |
IN const CK_MECHANISM_TYPE | mech_type, | ||
IN const unsigned char *const | source, | ||
IN const size_t | source_size, | ||
OUT unsigned char *const | target, | ||
IN OUT size_t *const | p_target_size | ||
) |
Sign data mechanism determined by key attributes.
certificate | Certificate object. |
mech_type | PKCS#11 mechanism. |
source | Buffer to sign. |
source_size | Buffer size. |
target | Target buffer. |
p_target_size | Target buffer size. |
CK_RV pkcs11h_certificate_signRecover | ( | IN const pkcs11h_certificate_t | certificate, |
IN const CK_MECHANISM_TYPE | mech_type, | ||
IN const unsigned char *const | source, | ||
IN const size_t | source_size, | ||
OUT unsigned char *const | target, | ||
IN OUT size_t *const | p_target_size | ||
) |
Sign data.
certificate | Certificate object. |
mech_type | PKCS#11 mechanism. |
source | Buffer to sign. |
source_size | Buffer size. |
target | Target buffer. |
p_target_size | Target buffer size. |
CK_RV pkcs11h_certificate_unwrap | ( | IN const pkcs11h_certificate_t | certificate, |
IN const CK_MECHANISM_TYPE | mech_type, | ||
IN const unsigned char *const | source, | ||
IN const size_t | source_size, | ||
OUT unsigned char *const | target, | ||
IN OUT size_t *const | p_target_size | ||
) |
Decrypt data.
certificate | Certificate object. |
mech_type | PKCS#11 mechanism. |
source | Buffer to sign. |
source_size | Buffer size. |
target | Target buffer. |
p_target_size | Target buffer size. |
pkcs11-helper, Copyright (C) Alon Bar-Lev <alon.barlev@gmail.com> | ![]() |