25 #ifndef MBEDTLS_PKCS11_H
26 #define MBEDTLS_PKCS11_H
28 #if !defined(MBEDTLS_CONFIG_FILE)
31 #include MBEDTLS_CONFIG_FILE
34 #if defined(MBEDTLS_PKCS11_C)
38 #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
40 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
41 !defined(inline) && !defined(__cplusplus)
42 #define inline __inline
84 pkcs11h_certificate_t pkcs11_cert );
112 int mode,
size_t *olen,
113 const unsigned char *input,
114 unsigned char *output,
115 size_t output_max_len );
136 unsigned int hashlen,
137 const unsigned char *hash,
138 unsigned char *sig );
144 const unsigned char *input,
unsigned char *output,
145 size_t output_max_len )
152 int (*f_rng)(
void *,
unsigned char *,
size_t),
void *p_rng,
154 const unsigned char *hash,
unsigned char *sig )
159 hashlen, hash, sig );
static int mbedtls_ssl_pkcs11_sign(void *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
void mbedtls_pkcs11_init(mbedtls_pkcs11_context *ctx)
Initialize a mbedtls_pkcs11_context.
Configuration options (set of defines)
int mbedtls_pkcs11_priv_key_bind(mbedtls_pkcs11_context *priv_key, pkcs11h_certificate_t pkcs11_cert)
Set up a mbedtls_pkcs11_context storing the given certificate.
Context for PKCS #11 private keys.
int mbedtls_pkcs11_x509_cert_bind(mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert)
Fill in a mbed TLS certificate, based on the given PKCS11 helper certificate.
int mbedtls_pkcs11_sign(mbedtls_pkcs11_context *ctx, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Do a private RSA to sign a message digest.
X.509 certificate parsing and writing.
int mbedtls_pkcs11_decrypt(mbedtls_pkcs11_context *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Do an RSA private key decrypt, then remove the message padding.
pkcs11h_certificate_t pkcs11h_cert
Container for an X.509 certificate.
static size_t mbedtls_ssl_pkcs11_key_len(void *ctx)
static int mbedtls_ssl_pkcs11_decrypt(void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
SSL/TLS wrappers for PKCS#11 functions.
void mbedtls_pkcs11_priv_key_free(mbedtls_pkcs11_context *priv_key)
Free the contents of the given private key context.