Functions
pkcs11_reinit_function ()
int
(*pkcs11_reinit_function) (void *priv
);
FIX_KEY_USAGE()
#define FIX_KEY_USAGE(pk, usage)
PKCS11_CHECK_INIT_RET()
#define PKCS11_CHECK_INIT_RET(x)
PKCS11_CHECK_INIT_FLAGS()
#define PKCS11_CHECK_INIT_FLAGS(f)
PKCS11_CHECK_INIT_FLAGS_RET()
#define PKCS11_CHECK_INIT_FLAGS_RET(f, x)
find_func_t ()
int
(*find_func_t) (struct ck_function_list *Param1
,
struct pkcs11_session_info *Param2
,
struct ck_token_info *tinfo
,
struct ck_info *Param4
,
void *input
);
pkcs11_rv_to_err ()
int
pkcs11_rv_to_err (ck_rv_t rv
);
pkcs11_url_to_info ()
int
pkcs11_url_to_info (const char *url
,
struct p11_kit_uri **info
,
unsigned flags
);
pkcs11_find_slot ()
int
pkcs11_find_slot (struct ck_function_list **module
,
ck_slot_id_t *slot
,
struct p11_kit_uri *info
,
struct ck_token_info *_tinfo
,
struct ck_slot_info *_slot_info
,
unsigned int *trusted
);
pkcs11_read_pubkey ()
int
pkcs11_read_pubkey (struct ck_function_list *module
,
ck_session_handle_t pks
,
ck_object_handle_t obj
,
ck_key_type_t key_type
,
gnutls_pkcs11_obj_t pobj
);
pkcs11_get_info ()
int
pkcs11_get_info (struct p11_kit_uri *info
,
gnutls_pkcs11_obj_info_t itype
,
void *output
,
size_t *output_size
);
pkcs11_login ()
int
pkcs11_login (struct pkcs11_session_info *sinfo
,
struct pin_info_st *pin_info
,
struct p11_kit_uri *info
,
unsigned flags
);
pkcs11_call_token_func ()
int
pkcs11_call_token_func (struct p11_kit_uri *info
,
const unsigned retry Param2
);
pkcs11_rescan_slots ()
void
pkcs11_rescan_slots (void
);
pkcs11_open_session ()
int
pkcs11_open_session (struct pkcs11_session_info *sinfo
,
struct pin_info_st *pin_info
,
struct p11_kit_uri *info
,
unsigned int flags
);
pkcs11_strtype_to_class ()
ck_object_class_t
pkcs11_strtype_to_class (const char *type
);
pkcs11_token_matches_info ()
int
pkcs11_token_matches_info (struct p11_kit_uri *info
,
struct ck_token_info *tinfo
,
struct ck_info *lib_info
);
pkcs11_obj_flags_to_int ()
unsigned int
pkcs11_obj_flags_to_int (unsigned int flags
);
pkcs11_retrieve_pin ()
int
pkcs11_retrieve_pin (struct pin_info_st *pin_info
,
struct p11_kit_uri *info
,
struct ck_token_info *token_info
,
int attempts
,
ck_user_type_t user_type
,
struct p11_kit_pin **pin
);
pkcs11_generate_key ()
ck_rv_t
pkcs11_generate_key (struct ck_function_list *module
,
ck_session_handle_t sess
,
struct ck_mechanism *mechanism
,
struct ck_attribute *templ
,
unsigned long count
,
ck_object_handle_t *key
);
pkcs11_generate_key_pair ()
ck_rv_t
pkcs11_generate_key_pair (struct ck_function_list *module
,
ck_session_handle_t sess
,
struct ck_mechanism *mechanism
,
struct ck_attribute *pub_templ
,
unsigned long pub_templ_count
,
struct ck_attribute *priv_templ
,
unsigned long priv_templ_count
,
ck_object_handle_t *pub
,
ck_object_handle_t *priv
);
pkcs11_get_slot_list ()
ck_rv_t
pkcs11_get_slot_list (struct ck_function_list *module
,
unsigned char token_present
,
ck_slot_id_t *slot_list
,
unsigned long *count
);
pkcs11_get_module_info ()
ck_rv_t
pkcs11_get_module_info (struct ck_function_list *module
,
struct ck_info *info
);
pkcs11_get_slot_info ()
ck_rv_t
pkcs11_get_slot_info (struct ck_function_list *module
,
ck_slot_id_t slot_id
,
struct ck_slot_info *info
);
pkcs11_get_token_info ()
ck_rv_t
pkcs11_get_token_info (struct ck_function_list *module
,
ck_slot_id_t slot_id
,
struct ck_token_info *info
);
pkcs11_find_objects_init ()
ck_rv_t
pkcs11_find_objects_init (struct ck_function_list *module
,
ck_session_handle_t sess
,
struct ck_attribute *templ
,
unsigned long count
);
pkcs11_find_objects ()
ck_rv_t
pkcs11_find_objects (struct ck_function_list *module
,
ck_session_handle_t sess
,
ck_object_handle_t *objects
,
unsigned long max_object_count
,
unsigned long *object_count
);
pkcs11_find_objects_final ()
ck_rv_t
pkcs11_find_objects_final (struct pkcs11_session_info *Param1
);
pkcs11_close_session ()
ck_rv_t
pkcs11_close_session (struct pkcs11_session_info *Param1
);
pkcs11_set_attribute_value ()
ck_rv_t
pkcs11_set_attribute_value (struct ck_function_list *module
,
ck_session_handle_t sess
,
ck_object_handle_t object
,
struct ck_attribute *templ
,
unsigned long count
);
pkcs11_get_attribute_value ()
ck_rv_t
pkcs11_get_attribute_value (struct ck_function_list *module
,
ck_session_handle_t sess
,
ck_object_handle_t object
,
struct ck_attribute *templ
,
unsigned long count
);
pkcs11_get_attribute_avalue ()
ck_rv_t
pkcs11_get_attribute_avalue (struct ck_function_list *module
,
ck_session_handle_t sess
,
ck_object_handle_t object
,
ck_attribute_type_t type
,
gnutls_datum_t *res
);
pkcs11_get_mechanism_list ()
ck_rv_t
pkcs11_get_mechanism_list (struct ck_function_list *module
,
ck_slot_id_t slot_id
,
ck_mechanism_type_t *mechanism_list
,
unsigned long *count
);
pkcs11_get_mechanism_info ()
ck_rv_t
pkcs11_get_mechanism_info (struct ck_function_list *module
,
ck_slot_id_t slot_id
,
ck_mechanism_type_t mechanism
,
struct ck_mechanism_info *ptr
);
pkcs11_sign_init ()
ck_rv_t
pkcs11_sign_init (struct ck_function_list *module
,
ck_session_handle_t sess
,
struct ck_mechanism *mechanism
,
ck_object_handle_t key
);
pkcs11_sign ()
ck_rv_t
pkcs11_sign (struct ck_function_list *module
,
ck_session_handle_t sess
,
unsigned char *data
,
unsigned long data_len
,
unsigned char *signature
,
unsigned long *signature_len
);
pkcs11_decrypt_init ()
ck_rv_t
pkcs11_decrypt_init (struct ck_function_list *module
,
ck_session_handle_t sess
,
struct ck_mechanism *mechanism
,
ck_object_handle_t key
);
pkcs11_decrypt ()
ck_rv_t
pkcs11_decrypt (struct ck_function_list *module
,
ck_session_handle_t sess
,
unsigned char *encrypted_data
,
unsigned long encrypted_data_len
,
unsigned char *data
,
unsigned long *data_len
);
pkcs11_create_object ()
ck_rv_t
pkcs11_create_object (struct ck_function_list *module
,
ck_session_handle_t sess
,
struct ck_attribute *templ
,
unsigned long count
,
ck_object_handle_t *object
);
pkcs11_destroy_object ()
ck_rv_t
pkcs11_destroy_object (struct ck_function_list *module
,
ck_session_handle_t sess
,
ck_object_handle_t object
);
pkcs11_init_token ()
ck_rv_t
pkcs11_init_token (struct ck_function_list *module
,
ck_slot_id_t slot_id
,
unsigned char *pin
,
unsigned long pin_len
,
unsigned char *label
);
pkcs11_init_pin ()
ck_rv_t
pkcs11_init_pin (struct ck_function_list *module
,
ck_session_handle_t sess
,
unsigned char *pin
,
unsigned long pin_len
);
pkcs11_set_pin ()
ck_rv_t
pkcs11_set_pin (struct ck_function_list *module
,
ck_session_handle_t sess
,
const char *old_pin
,
unsigned long old_len
,
const char *new_pin
,
unsigned long new_len
);
pkcs11_strerror ()
const char *
pkcs11_strerror (ck_rv_t rv
);
is_pkcs11_url_object ()
bool
is_pkcs11_url_object ();
Types and Values
CRYPTOKI_GNU
#define CRYPTOKI_GNU
HAVE_CKM_EDDSA
#define HAVE_CKM_EDDSA
PKCS11_ID_SIZE
#define PKCS11_ID_SIZE 128
PKCS11_LABEL_SIZE
#define PKCS11_LABEL_SIZE 128
ck_bool_t
typedef unsigned char ck_bool_t;
struct pkcs11_session_info
struct pkcs11_session_info {
struct ck_function_list *module;
struct ck_token_info tinfo;
struct ck_slot_info slot_info;
ck_session_handle_t pks;
ck_slot_id_t sid;
unsigned int init;
unsigned int trusted; /* whether module is marked as trusted */
};
struct gnutls_pkcs11_obj_st
struct gnutls_pkcs11_obj_st {
gnutls_datum_t raw;
gnutls_pkcs11_obj_type_t type;
ck_object_class_t class;
unsigned int flags;
struct p11_kit_uri *info;
/* only when pubkey */
gnutls_datum_t pubkey[MAX_PUBLIC_PARAMS_SIZE];
unsigned pubkey_size;
gnutls_pk_algorithm_t pk_algorithm;
unsigned int key_usage;
struct pin_info_st pin;
};
struct gnutls_pkcs11_privkey_st
struct gnutls_pkcs11_privkey_st {
gnutls_pk_algorithm_t pk_algorithm;
unsigned int rsa_pss_ok; /* if it is an RSA key, it can do RSA-PSS */
unsigned int bits;
unsigned int flags;
struct p11_kit_uri *uinfo;
char *url;
struct pkcs11_session_info sinfo;
ck_object_handle_t ref; /* the key in the session */
unsigned reauth; /* whether we need to login on each operation */
void *mutex; /* lock for operations requiring co-ordination */
struct pin_info_st pin;
};
PKCS11_CHECK_INIT
#define PKCS11_CHECK_INIT
SESSION_WRITE
#define SESSION_WRITE (1<<0)
SESSION_LOGIN
#define SESSION_LOGIN (1<<1)
SESSION_SO
#define SESSION_SO (1<<2) /* security officer session */
SESSION_TRUSTED
#define SESSION_TRUSTED (1<<3) /* session on a marked as trusted (p11-kit) module */
SESSION_FORCE_LOGIN
#define SESSION_FORCE_LOGIN (1<<4) /* force login even when CFK_LOGIN_REQUIRED is not set */
SESSION_CONTEXT_SPECIFIC
#define SESSION_CONTEXT_SPECIFIC (1<<5)
SESSION_NO_CLOSE
#define SESSION_NO_CLOSE (1<<6) /* don't close session on success */
GNUTLS_PKCS11_OBJ_FLAG_FIRST_CLOSE_MATCH
#define GNUTLS_PKCS11_OBJ_FLAG_FIRST_CLOSE_MATCH ((unsigned int)1<<28)
GNUTLS_PKCS11_OBJ_FLAG_EXPECT_CERT
#define GNUTLS_PKCS11_OBJ_FLAG_EXPECT_CERT (1<<29)
GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PRIVKEY
#define GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PRIVKEY (1<<30)
GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PUBKEY
#define GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PUBKEY ((unsigned int)1<<31)