00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019 #ifndef _LIB11_H
00020 #define _LIB11_H
00021
00022 #include <openssl/bio.h>
00023 #include <openssl/err.h>
00024 #include <openssl/x509.h>
00025
00026 #ifdef __cplusplus
00027 extern "C" {
00028 #endif
00029
00030
00031 #define ERR_LIB_PKCS11 ERR_LIB_USER
00032
00033 #define PKCS11err(f,r) \
00034 ERR_PUT_error(ERR_LIB_PKCS11,(f),(r),__FILE__,__LINE__)
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048 typedef struct PKCS11_key_st {
00049 char *label;
00050 unsigned char *id;
00051 int id_len;
00052 unsigned char isPrivate;
00053 unsigned char needLogin;
00054 EVP_PKEY *evp_key;
00055 void *_private;
00056 } PKCS11_KEY;
00057
00058
00059 typedef struct PKCS11_cert_st {
00060 char *label;
00061 unsigned char *id;
00062 int id_len;
00063 X509 *x509;
00064 void *_private;
00065 } PKCS11_CERT;
00066
00067
00068 typedef struct PKCS11_token_st {
00069 char *label;
00070 char *manufacturer;
00071 char *model;
00072 char *serialnr;
00073 unsigned char initialized;
00074 unsigned char loginRequired;
00075 unsigned char secureLogin;
00076 unsigned char userPinSet;
00077 unsigned char readOnly;
00078 void *_private;
00079 } PKCS11_TOKEN;
00080
00081
00082 typedef struct PKCS11_slot_st {
00083 char *manufacturer;
00084 char *description;
00085 unsigned char removable;
00086 PKCS11_TOKEN *token;
00087 void *_private;
00088 } PKCS11_SLOT;
00089
00090 typedef struct PKCS11_ctx_st {
00091 char *manufacturer;
00092 char *description;
00093 void *_private;
00094 } PKCS11_CTX;
00095
00096 extern PKCS11_CTX *PKCS11_CTX_new(void);
00097 extern int PKCS11_CTX_load(PKCS11_CTX *, const char *ident);
00098 extern void PKCS11_CTX_unload(PKCS11_CTX *);
00099 extern void PKCS11_CTX_free(PKCS11_CTX *);
00100
00101
00102 extern int PKCS11_open_session(PKCS11_SLOT *, int);
00103
00104
00105 extern int PKCS11_enumerate_slots(PKCS11_CTX *,
00106 PKCS11_SLOT **slotsp, unsigned int *nslotsp);
00107
00108
00109 extern void PKCS11_release_all_slots(PKCS11_CTX *,
00110 PKCS11_SLOT *slots, unsigned int nslots);
00111
00112
00113 PKCS11_SLOT *PKCS11_find_token(PKCS11_CTX * ctx,
00114 PKCS11_SLOT *slots, unsigned int nslots);
00115
00116
00117 extern int PKCS11_login(PKCS11_SLOT *, int so, const char *pin);
00118 extern int PKCS11_logout(PKCS11_SLOT *);
00119
00120
00121 extern int PKCS11_enumerate_keys(PKCS11_TOKEN *, PKCS11_KEY **, unsigned int *);
00122
00123
00124 extern int PKCS11_get_key_type(PKCS11_KEY *);
00125
00126
00127 extern int PKCS11_get_key_size(const PKCS11_KEY *);
00128
00129 extern int PKCS11_get_key_modulus(PKCS11_KEY *, BIGNUM **);
00130 extern int PKCS11_get_key_exponent(PKCS11_KEY *, BIGNUM **);
00131
00132
00133 extern EVP_PKEY *PKCS11_get_private_key(PKCS11_KEY *);
00134 extern EVP_PKEY *PKCS11_get_public_key(PKCS11_KEY *);
00135
00136
00137 extern PKCS11_CERT *PKCS11_find_certificate(PKCS11_KEY *);
00138
00139
00140 extern PKCS11_KEY *PKCS11_find_key(PKCS11_CERT *);
00141
00142
00143 extern int PKCS11_enumerate_certs(PKCS11_TOKEN *, PKCS11_CERT **, unsigned int *);
00144
00145
00146 extern int PKCS11_init_token(PKCS11_TOKEN *, const char *pin,
00147 const char *label);
00148
00149
00150 extern int PKCS11_init_pin(PKCS11_TOKEN *, const char *pin);
00151
00152
00153 extern int PKCS11_change_pin(PKCS11_SLOT *, const char *old_pin,
00154 const char *new_pin);
00155
00156
00157 extern int PKCS11_generate_key(PKCS11_TOKEN *, int, unsigned int, char *);
00158 extern int PKCS11_store_private_key(PKCS11_TOKEN *, EVP_PKEY *, char *);
00159
00160
00161 extern int PKCS11_sign(int type, const unsigned char *m, unsigned int m_len,
00162 unsigned char *sigret, unsigned int *siglen, const PKCS11_KEY * key);
00163 extern int PKCS11_private_encrypt(int flen, const unsigned char *from,
00164 unsigned char *to, const PKCS11_KEY * rsa, int padding);
00165 extern int PKCS11_private_decrypt(int flen, const unsigned char *from,
00166 unsigned char *to, PKCS11_KEY * key, int padding);
00167 extern int PKCS11_verify(int type, const unsigned char *m, unsigned int m_len,
00168 unsigned char *signature, unsigned int siglen, PKCS11_KEY * key);
00169
00170
00171 extern int PKCS11_seed_random(PKCS11_SLOT *, const unsigned char *s, unsigned int s_len);
00172 extern int PKCS11_generate_random(PKCS11_SLOT *, unsigned char *r, unsigned int r_len);
00173
00174
00175 extern void ERR_load_PKCS11_strings(void);
00176
00177
00178
00179
00180 #define PKCS11_F_PKCS11_CTX_LOAD 1
00181 #define PKCS11_F_PKCS11_ENUM_SLOTS 2
00182 #define PKCS11_F_PKCS11_CHECK_TOKEN 3
00183 #define PKCS11_F_PKCS11_OPEN_SESSION 4
00184 #define PKCS11_F_PKCS11_LOGIN 5
00185 #define PKCS11_F_PKCS11_ENUM_KEYS 6
00186 #define PKCS11_F_PKCS11_GET_KEY 7
00187 #define PKCS11_F_PKCS11_RSA_DECRYPT 8
00188 #define PKCS11_F_PKCS11_RSA_ENCRYPT 9
00189 #define PKCS11_F_PKCS11_RSA_SIGN 10
00190 #define PKCS11_F_PKCS11_RSA_VERIFY 11
00191 #define PKCS11_F_PKCS11_ENUM_CERTS 12
00192 #define PKCS11_F_PKCS11_INIT_TOKEN 13
00193 #define PKCS11_F_PKCS11_INIT_PIN 14
00194 #define PKCS11_F_PKCS11_LOGOUT 15
00195 #define PKCS11_F_PKCS11_STORE_PRIVATE_KEY 16
00196 #define PKCS11_F_PKCS11_GENERATE_KEY 17
00197 #define PKCS11_F_PKCS11_STORE_PUBLIC_KEY 18
00198 #define PKCS11_F_PKCS11_STORE_CERTIFICATE 19
00199 #define PKCS11_F_PKCS11_SEED_RANDOM 20
00200 #define PKCS11_F_PKCS11_GENERATE_RANDOM 21
00201 #define PKCS11_F_PKCS11_CHANGE_PIN 22
00202 #define PKCS11_F_PKCS11_GETATTR 40
00203
00204 #define PKCS11_ERR_BASE 1024
00205 #define PKCS11_LOAD_MODULE_ERROR (PKCS11_ERR_BASE+1)
00206 #define PKCS11_MODULE_LOADED_ERROR (PKCS11_ERR_BASE+2)
00207 #define PKCS11_SYMBOL_NOT_FOUND_ERROR (PKCS11_ERR_BASE+3)
00208 #define PKCS11_NOT_SUPPORTED (PKCS11_ERR_BASE+4)
00209 #define PKCS11_NO_SESSION (PKCS11_ERR_BASE+5)
00210 #define PKCS11_KEYGEN_FAILED (PKCS11_ERR_BASE+6)
00211
00212 #ifdef __cplusplus
00213 }
00214 #endif
00215 #endif