Classes | |
struct | pkcs11h_certificate_id_s |
Certificate id reference. More... | |
struct | pkcs11h_certificate_id_list_s |
Certificate id list. More... | |
Files | |
file | pkcs11h-certificate.h |
pkcs11-helper certificate functions. | |
Typedefs | |
typedef struct pkcs11h_certificate_id_s * | pkcs11h_certificate_id_t |
Certificate id reference. | |
typedef struct pkcs11h_certificate_s * | pkcs11h_certificate_t |
Certificate object. | |
typedef struct pkcs11h_certificate_id_list_s * | pkcs11h_certificate_id_list_t |
Certificate id list. | |
Functions | |
CK_RV | pkcs11h_certificate_freeCertificateId (IN pkcs11h_certificate_id_t certificate_id) |
Free certificate_id object. | |
CK_RV | pkcs11h_certificate_duplicateCertificateId (OUT pkcs11h_certificate_id_t *const to, IN const pkcs11h_certificate_id_t from) |
Duplicate certificate_id object. | |
CK_RV | pkcs11h_certificate_setCertificateIdCertificateBlob (IN const pkcs11h_certificate_id_t certificate_id, IN const unsigned char *const blob, IN const size_t blob_size) |
Sets internal certificate_id blob. | |
CK_RV | pkcs11h_certificate_freeCertificate (IN pkcs11h_certificate_t certificate) |
Free certificate object. | |
CK_RV | pkcs11h_certificate_create (IN const pkcs11h_certificate_id_t certificate_id, IN void *const user_data, IN const unsigned mask_prompt, IN const int pin_cache_period, OUT pkcs11h_certificate_t *const p_certificate) |
Create a certificate object out of certificate_id. | |
unsigned | pkcs11h_certificate_getPromptMask (IN const pkcs11h_certificate_t certificate) |
Extract user data out of certificate. | |
void | pkcs11h_certificate_setPromptMask (IN const pkcs11h_certificate_t certificate, IN const unsigned mask_prompt) |
Extract user data out of certificate. | |
void * | pkcs11h_certificate_getUserData (IN const pkcs11h_certificate_t certificate) |
Extract user data out of certificate. | |
void | pkcs11h_certificate_setUserData (IN const pkcs11h_certificate_t certificate, IN void *const user_data) |
Extract user data out of certificate. | |
CK_RV | pkcs11h_certificate_getCertificateId (IN const pkcs11h_certificate_t certificate, OUT pkcs11h_certificate_id_t *const p_certificate_id) |
Get certifiate id object out of a certifiate. | |
CK_RV | pkcs11h_certificate_getCertificateBlob (IN const pkcs11h_certificate_t certificate, OUT unsigned char *const certificate_blob, IN OUT size_t *const p_certificate_blob_size) |
Get the certificate blob out of the certificate object. | |
CK_RV | pkcs11h_certificate_serializeCertificateId (OUT char *const sz, IN OUT size_t *max, IN const pkcs11h_certificate_id_t certificate_id) |
Serialize certificate_id into a string. | |
CK_RV | pkcs11h_certificate_deserializeCertificateId (OUT pkcs11h_certificate_id_t *const p_certificate_id, IN const char *const sz) |
Deserialize certificate_id out of string. | |
CK_RV | pkcs11h_certificate_ensureCertificateAccess (IN const pkcs11h_certificate_t certificate) |
Ensure certificate is accessible. | |
CK_RV | pkcs11h_certificate_ensureKeyAccess (IN const pkcs11h_certificate_t certificate) |
Ensure key is accessible. | |
CK_RV | pkcs11h_certificate_lockSession (IN const pkcs11h_certificate_t certificate) |
Lock session for threded environment. | |
CK_RV | pkcs11h_certificate_releaseSession (IN const pkcs11h_certificate_t certificate) |
Releases session lock. | |
CK_RV | pkcs11h_certificate_sign (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Sign data. | |
CK_RV | pkcs11h_certificate_signRecover (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Sign data. | |
CK_RV | pkcs11h_certificate_decrypt (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Decrypt data. | |
CK_RV | pkcs11h_certificate_unwrap (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Decrypt data. | |
CK_RV | pkcs11h_certificate_signAny (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Sign data mechanism determined by key attributes. | |
CK_RV | pkcs11h_certificate_decryptAny (IN const pkcs11h_certificate_t certificate, IN const CK_MECHANISM_TYPE mech_type, IN const unsigned char *const source, IN const size_t source_size, OUT unsigned char *const target, IN OUT size_t *const p_target_size) |
Decrypt data mechanism determined by key attributes. | |
CK_RV | pkcs11h_certificate_freeCertificateIdList (IN const pkcs11h_certificate_id_list_t cert_id_list) |
Free certificate_id list. | |
CK_RV | pkcs11h_certificate_enumTokenCertificateIds (IN const pkcs11h_token_id_t token_id, IN const unsigned method, IN void *const user_data, IN const unsigned mask_prompt, OUT pkcs11h_certificate_id_list_t *const p_cert_id_issuers_list, OUT pkcs11h_certificate_id_list_t *const p_cert_id_end_list) |
Enumerate available certificates on specific token. | |
CK_RV | pkcs11h_certificate_enumCertificateIds (IN const unsigned method, IN void *const user_data, IN const unsigned mask_prompt, OUT pkcs11h_certificate_id_list_t *const p_cert_id_issuers_list, OUT pkcs11h_certificate_id_list_t *const p_cert_id_end_list) |
Enumerate available certificates. |
X.509 certificate interface, provides signature and decryption.
CK_RV pkcs11h_certificate_create | ( | IN const pkcs11h_certificate_id_t | certificate_id, | |
IN void *const | user_data, | |||
IN const unsigned | mask_prompt, | |||
IN const int | pin_cache_period, | |||
OUT pkcs11h_certificate_t *const | p_certificate | |||
) |
Create a certificate object out of certificate_id.
certificate_id | Certificate id object to be based on. | |
user_data | Optional user data, to be passed to hooks. | |
mask_prompt | Allow prompt PKCS11H_PROMPT_MASK. | |
pin_cache_period | Session specific cache period. | |
p_certificate | Receives certificate object. |
CK_RV pkcs11h_certificate_decrypt | ( | IN const pkcs11h_certificate_t | certificate, | |
IN const CK_MECHANISM_TYPE | mech_type, | |||
IN const unsigned char *const | source, | |||
IN const size_t | source_size, | |||
OUT unsigned char *const | target, | |||
IN OUT size_t *const | p_target_size | |||
) |
Decrypt data.
certificate | Certificate object. | |
mech_type | PKCS#11 mechanism. | |
source | Buffer to sign. | |
source_size | Buffer size. | |
target | Target buffer. | |
p_target_size | Target buffer size. |
CK_RV pkcs11h_certificate_decryptAny | ( | IN const pkcs11h_certificate_t | certificate, | |
IN const CK_MECHANISM_TYPE | mech_type, | |||
IN const unsigned char *const | source, | |||
IN const size_t | source_size, | |||
OUT unsigned char *const | target, | |||
IN OUT size_t *const | p_target_size | |||
) |
Decrypt data mechanism determined by key attributes.
certificate | Certificate object. | |
mech_type | PKCS#11 mechanism. | |
source | Buffer to sign. | |
source_size | Buffer size. | |
target | Target buffer. | |
p_target_size | Target buffer size. |
CK_RV pkcs11h_certificate_deserializeCertificateId | ( | OUT pkcs11h_certificate_id_t *const | p_certificate_id, | |
IN const char *const | sz | |||
) |
Deserialize certificate_id out of string.
p_certificate_id | id. | |
sz | Inut string |
CK_RV pkcs11h_certificate_duplicateCertificateId | ( | OUT pkcs11h_certificate_id_t *const | to, | |
IN const pkcs11h_certificate_id_t | from | |||
) |
Duplicate certificate_id object.
to | Target. | |
from | Source. |
CK_RV pkcs11h_certificate_ensureCertificateAccess | ( | IN const pkcs11h_certificate_t | certificate | ) |
Ensure certificate is accessible.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_ensureKeyAccess | ( | IN const pkcs11h_certificate_t | certificate | ) |
Ensure key is accessible.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_enumCertificateIds | ( | IN const unsigned | method, | |
IN void *const | user_data, | |||
IN const unsigned | mask_prompt, | |||
OUT pkcs11h_certificate_id_list_t *const | p_cert_id_issuers_list, | |||
OUT pkcs11h_certificate_id_list_t *const | p_cert_id_end_list | |||
) |
Enumerate available certificates.
method | How to fetch certificates PKCS11H_ENUM_METHOD. | |
user_data | Some user specific data. | |
mask_prompt | Allow prompt PKCS11H_PROMPT_MASK. | |
p_cert_id_issuers_list | Receives issues list. | |
p_cert_id_end_list | Receives end certificates list. |
CK_RV pkcs11h_certificate_enumTokenCertificateIds | ( | IN const pkcs11h_token_id_t | token_id, | |
IN const unsigned | method, | |||
IN void *const | user_data, | |||
IN const unsigned | mask_prompt, | |||
OUT pkcs11h_certificate_id_list_t *const | p_cert_id_issuers_list, | |||
OUT pkcs11h_certificate_id_list_t *const | p_cert_id_end_list | |||
) |
Enumerate available certificates on specific token.
token_id | Token id to enum. | |
method | How to fetch certificates PKCS11H_ENUM_METHOD. | |
user_data | Some user specific data. | |
mask_prompt | Allow prompt PKCS11H_PROMPT_MASK. | |
p_cert_id_issuers_list | Receives issues list. | |
p_cert_id_end_list | Receives end certificates list. |
CK_RV pkcs11h_certificate_freeCertificate | ( | IN pkcs11h_certificate_t | certificate | ) |
Free certificate object.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_freeCertificateId | ( | IN pkcs11h_certificate_id_t | certificate_id | ) |
Free certificate_id object.
certificate_id | Certificate id. |
CK_RV pkcs11h_certificate_freeCertificateIdList | ( | IN const pkcs11h_certificate_id_list_t | cert_id_list | ) |
Free certificate_id list.
cert_id_list | List. |
CK_RV pkcs11h_certificate_getCertificateBlob | ( | IN const pkcs11h_certificate_t | certificate, | |
OUT unsigned char *const | certificate_blob, | |||
IN OUT size_t *const | p_certificate_blob_size | |||
) |
Get the certificate blob out of the certificate object.
certificate | Certificate object. | |
certificate_blob | Buffer. | |
p_certificate_blob_size | Buffer size. |
CK_RV pkcs11h_certificate_getCertificateId | ( | IN const pkcs11h_certificate_t | certificate, | |
OUT pkcs11h_certificate_id_t *const | p_certificate_id | |||
) |
Get certifiate id object out of a certifiate.
certificate | Certificate object. | |
p_certificate_id | Certificate id object pointer. |
unsigned pkcs11h_certificate_getPromptMask | ( | IN const pkcs11h_certificate_t | certificate | ) |
Extract user data out of certificate.
certificate | Certificate object. |
void* pkcs11h_certificate_getUserData | ( | IN const pkcs11h_certificate_t | certificate | ) |
Extract user data out of certificate.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_lockSession | ( | IN const pkcs11h_certificate_t | certificate | ) |
Lock session for threded environment.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_releaseSession | ( | IN const pkcs11h_certificate_t | certificate | ) |
Releases session lock.
certificate | Certificate object. |
CK_RV pkcs11h_certificate_serializeCertificateId | ( | OUT char *const | sz, | |
IN OUT size_t * | max, | |||
IN const pkcs11h_certificate_id_t | certificate_id | |||
) |
Serialize certificate_id into a string.
sz | Output string. | |
max | Max buffer size. | |
certificate_id | id to serialize |
CK_RV pkcs11h_certificate_setCertificateIdCertificateBlob | ( | IN const pkcs11h_certificate_id_t | certificate_id, | |
IN const unsigned char *const | blob, | |||
IN const size_t | blob_size | |||
) |
Sets internal certificate_id blob.
certificate_id | Certificate id object. | |
blob | Certificate blob. | |
blob_size | Certificate blob size. |
void pkcs11h_certificate_setPromptMask | ( | IN const pkcs11h_certificate_t | certificate, | |
IN const unsigned | mask_prompt | |||
) |
Extract user data out of certificate.
certificate | Certificate object. | |
mask_prompt | Allow prompt PKCS11H_PROMPT_MASK. |
void pkcs11h_certificate_setUserData | ( | IN const pkcs11h_certificate_t | certificate, | |
IN void *const | user_data | |||
) |
Extract user data out of certificate.
certificate | Certificate object. | |
user_data | Optional user data, to be passed to hooks. |
CK_RV pkcs11h_certificate_sign | ( | IN const pkcs11h_certificate_t | certificate, | |
IN const CK_MECHANISM_TYPE | mech_type, | |||
IN const unsigned char *const | source, | |||
IN const size_t | source_size, | |||
OUT unsigned char *const | target, | |||
IN OUT size_t *const | p_target_size | |||
) |
Sign data.
certificate | Certificate object. | |
mech_type | PKCS#11 mechanism. | |
source | Buffer to sign. | |
source_size | Buffer size. | |
target | Target buffer. | |
p_target_size | Target buffer size. |
CK_RV pkcs11h_certificate_signAny | ( | IN const pkcs11h_certificate_t | certificate, | |
IN const CK_MECHANISM_TYPE | mech_type, | |||
IN const unsigned char *const | source, | |||
IN const size_t | source_size, | |||
OUT unsigned char *const | target, | |||
IN OUT size_t *const | p_target_size | |||
) |
Sign data mechanism determined by key attributes.
certificate | Certificate object. | |
mech_type | PKCS#11 mechanism. | |
source | Buffer to sign. | |
source_size | Buffer size. | |
target | Target buffer. | |
p_target_size | Target buffer size. |
CK_RV pkcs11h_certificate_signRecover | ( | IN const pkcs11h_certificate_t | certificate, | |
IN const CK_MECHANISM_TYPE | mech_type, | |||
IN const unsigned char *const | source, | |||
IN const size_t | source_size, | |||
OUT unsigned char *const | target, | |||
IN OUT size_t *const | p_target_size | |||
) |
Sign data.
certificate | Certificate object. | |
mech_type | PKCS#11 mechanism. | |
source | Buffer to sign. | |
source_size | Buffer size. | |
target | Target buffer. | |
p_target_size | Target buffer size. |
CK_RV pkcs11h_certificate_unwrap | ( | IN const pkcs11h_certificate_t | certificate, | |
IN const CK_MECHANISM_TYPE | mech_type, | |||
IN const unsigned char *const | source, | |||
IN const size_t | source_size, | |||
OUT unsigned char *const | target, | |||
IN OUT size_t *const | p_target_size | |||
) |
Decrypt data.
certificate | Certificate object. | |
mech_type | PKCS#11 mechanism. | |
source | Buffer to sign. | |
source_size | Buffer size. | |
target | Target buffer. | |
p_target_size | Target buffer size. |
pkcs11-helper, Copyright (C) Alon Bar-Lev <alon.barlev@gmail.com> | ![]() |