7
#include <gnutls/pkcs11.h>
9
#define PKCS11_ID_SIZE 128
10
#define PKCS11_LABEL_SIZE 128
12
#define P11_KIT_API_SUBJECT_TO_CHANGE 1
13
#include <p11-kit/uri.h>
14
#include <p11-kit/pkcs11.h>
16
typedef unsigned char ck_bool_t;
20
struct ck_token_info tinfo;
21
struct ck_slot_info sinfo;
23
struct gnutls_pkcs11_provider_s *prov;
26
struct gnutls_pkcs11_obj_st
29
gnutls_pkcs11_obj_type_t type;
30
struct p11_kit_uri *info;
32
/* only when pubkey */
33
gnutls_datum_t pubkey[MAX_PUBLIC_PARAMS_SIZE];
34
gnutls_pk_algorithm pk_algorithm;
35
unsigned int key_usage;
38
/* thus function is called for every token in the traverse_tokens
39
* function. Once everything is traversed it is called with NULL tinfo.
40
* It should return 0 if found what it was looking for.
42
typedef int (*find_func_t) (struct ck_function_list *module,
43
ck_session_handle_t pks,
44
struct token_info * tinfo, struct ck_info *,
47
int pkcs11_rv_to_err (ck_rv_t rv);
48
int pkcs11_url_to_info (const char *url, struct p11_kit_uri **info);
50
pkcs11_find_slot (struct ck_function_list ** module, ck_slot_id_t * slot,
51
struct p11_kit_uri *info, struct token_info *_tinfo);
53
int pkcs11_get_info (struct p11_kit_uri *info,
54
gnutls_pkcs11_obj_info_t itype, void *output,
55
size_t * output_size);
56
int pkcs11_login (struct ck_function_list * module, ck_session_handle_t pks,
57
const struct token_info *tinfo, struct p11_kit_uri *info, int admin);
59
int pkcs11_call_token_func (struct p11_kit_uri *info, const unsigned retry);
61
extern gnutls_pkcs11_token_callback_t token_func;
62
extern void *token_data;
64
void pkcs11_rescan_slots (void);
65
int pkcs11_info_to_url (struct p11_kit_uri *info,
66
gnutls_pkcs11_url_type_t detailed, char **url);
68
#define SESSION_WRITE (1<<0)
69
#define SESSION_LOGIN (1<<1)
70
#define SESSION_SO (1<<2) /* security officer session */
71
int pkcs11_open_session (struct ck_function_list **_module, ck_session_handle_t * _pks,
72
struct p11_kit_uri *info, unsigned int flags);
73
int _pkcs11_traverse_tokens (find_func_t find_func, void *input,
74
struct p11_kit_uri *info, unsigned int flags);
75
ck_object_class_t pkcs11_strtype_to_class (const char *type);
77
int pkcs11_token_matches_info (struct p11_kit_uri *info,
78
struct ck_token_info *tinfo,
79
struct ck_info *lib_info);
81
/* flags are SESSION_* */
82
int pkcs11_find_object (struct ck_function_list ** _module,
83
ck_session_handle_t * _pks,
84
ck_object_handle_t * _obj,
85
struct p11_kit_uri *info, unsigned int flags);
87
unsigned int pkcs11_obj_flags_to_int (unsigned int flags);
90
_gnutls_pkcs11_privkey_sign_hash (gnutls_pkcs11_privkey_t key,
91
const gnutls_datum_t * hash,
92
gnutls_datum_t * signature);
95
_gnutls_pkcs11_privkey_decrypt_data (gnutls_pkcs11_privkey_t key,
97
const gnutls_datum_t * ciphertext,
98
gnutls_datum_t * plaintext);
101
pkcs11_get_slot_list (struct ck_function_list * module,
102
unsigned char token_present,
103
ck_slot_id_t *slot_list,
104
unsigned long *count);
107
pkcs11_get_module_info (struct ck_function_list * module,
108
struct ck_info * info);
111
pkcs11_get_slot_info(struct ck_function_list * module,
112
ck_slot_id_t slot_id,
113
struct ck_slot_info *info);
116
pkcs11_get_token_info (struct ck_function_list * module,
117
ck_slot_id_t slot_id,
118
struct ck_token_info *info);
121
pkcs11_find_objects_init (struct ck_function_list *module,
122
ck_session_handle_t sess,
123
struct ck_attribute *templ,
124
unsigned long count);
127
pkcs11_find_objects (struct ck_function_list *module,
128
ck_session_handle_t sess,
129
ck_object_handle_t *objects,
130
unsigned long max_object_count,
131
unsigned long *object_count);
134
pkcs11_find_objects_final (struct ck_function_list *module,
135
ck_session_handle_t sess);
138
pkcs11_close_session (struct ck_function_list *module,
139
ck_session_handle_t sess);
142
pkcs11_get_attribute_value(struct ck_function_list *module,
143
ck_session_handle_t sess,
144
ck_object_handle_t object,
145
struct ck_attribute *templ,
146
unsigned long count);
149
pkcs11_get_mechanism_list (struct ck_function_list *module,
150
ck_slot_id_t slot_id,
151
ck_mechanism_type_t *mechanism_list,
152
unsigned long *count);
155
pkcs11_sign_init (struct ck_function_list *module,
156
ck_session_handle_t sess,
157
struct ck_mechanism *mechanism,
158
ck_object_handle_t key);
161
pkcs11_sign (struct ck_function_list *module,
162
ck_session_handle_t sess,
164
unsigned long data_len,
165
unsigned char *signature,
166
unsigned long *signature_len);
169
pkcs11_decrypt_init (struct ck_function_list *module,
170
ck_session_handle_t sess,
171
struct ck_mechanism *mechanism,
172
ck_object_handle_t key);
175
pkcs11_decrypt (struct ck_function_list *module,
176
ck_session_handle_t sess,
177
unsigned char *encrypted_data,
178
unsigned long encrypted_data_len,
179
unsigned char *data, unsigned long *data_len);
182
pkcs11_create_object (struct ck_function_list *module,
183
ck_session_handle_t sess,
184
struct ck_attribute *templ,
186
ck_object_handle_t *object);
189
pkcs11_destroy_object (struct ck_function_list *module,
190
ck_session_handle_t sess,
191
ck_object_handle_t object);
194
pkcs11_init_token (struct ck_function_list *module,
195
ck_slot_id_t slot_id, unsigned char *pin,
196
unsigned long pin_len, unsigned char *label);
199
pkcs11_init_pin (struct ck_function_list *module,
200
ck_session_handle_t sess,
202
unsigned long pin_len);
205
pkcs11_set_pin (struct ck_function_list *module,
206
ck_session_handle_t sess,
207
unsigned char *old_pin,
208
unsigned long old_len,
209
unsigned char *new_pin,
210
unsigned long new_len);
213
pkcs11_strerror (ck_rv_t rv);
215
#endif /* ENABLE_PKCS11 */