|
libp11 0.4.12_git
|
libp11 header file More...
#include "p11_err.h"#include <openssl/bio.h>#include <openssl/err.h>#include <openssl/bn.h>#include <openssl/rsa.h>#include <openssl/x509.h>#include <openssl/evp.h>Go to the source code of this file.
Data Structures | |
| struct | PKCS11_key_st |
| PKCS11 key object (public or private) More... | |
| struct | PKCS11_cert_st |
| PKCS11 certificate object. More... | |
| struct | PKCS11_token_st |
| PKCS11 token: smart card or USB key. More... | |
| struct | PKCS11_slot_st |
| PKCS11 slot: card reader. More... | |
| struct | PKCS11_ctx_st |
| PKCS11 context. More... | |
Typedefs | |
| typedef struct PKCS11_key_st | PKCS11_KEY |
| PKCS11 key object (public or private) | |
| typedef struct PKCS11_cert_st | PKCS11_CERT |
| PKCS11 certificate object. | |
| typedef struct PKCS11_token_st | PKCS11_TOKEN |
| PKCS11 token: smart card or USB key. | |
| typedef struct PKCS11_slot_st | PKCS11_SLOT |
| PKCS11 slot: card reader. | |
| typedef struct PKCS11_ctx_st | PKCS11_CTX |
| PKCS11 context. | |
Functions | |
| int | ERR_load_CKR_strings (void) |
| void | ERR_unload_CKR_strings (void) |
| void | ERR_CKR_error (int function, int reason, char *file, int line) |
| int | ERR_get_CKR_code (void) |
| PKCS11_CTX * | PKCS11_CTX_new (void) |
| Create a new libp11 context. More... | |
| void | PKCS11_CTX_init_args (PKCS11_CTX *ctx, const char *init_args) |
| Specify any private PKCS#11 module initialization args, if necessary. More... | |
| int | PKCS11_CTX_load (PKCS11_CTX *ctx, const char *ident) |
| Load a PKCS#11 module. More... | |
| void | PKCS11_CTX_unload (PKCS11_CTX *ctx) |
| Unload a PKCS#11 module. More... | |
| void | PKCS11_CTX_free (PKCS11_CTX *ctx) |
| Free a libp11 context. More... | |
| int | PKCS11_open_session (PKCS11_SLOT *slot, int rw) |
| Open a session in RO or RW mode. More... | |
| int | PKCS11_enumerate_slots (PKCS11_CTX *ctx, PKCS11_SLOT **slotsp, unsigned int *nslotsp) |
| Get a list of all slots. More... | |
| unsigned long | PKCS11_get_slotid_from_slot (PKCS11_SLOT *slotp) |
| Get the slot_id from a slot as it is stored in private. More... | |
| void | PKCS11_release_all_slots (PKCS11_CTX *ctx, PKCS11_SLOT *slots, unsigned int nslots) |
| Free the list of slots allocated by PKCS11_enumerate_slots() More... | |
| PKCS11_SLOT * | PKCS11_find_token (PKCS11_CTX *ctx, PKCS11_SLOT *slots, unsigned int nslots) |
| Find the first slot with a token. More... | |
| PKCS11_SLOT * | PKCS11_find_next_token (PKCS11_CTX *ctx, PKCS11_SLOT *slots, unsigned int nslots, PKCS11_SLOT *slot) |
| Find the next slot with a token. More... | |
| int | PKCS11_is_logged_in (PKCS11_SLOT *slot, int so, int *res) |
| Check if user is already authenticated to a card. More... | |
| int | PKCS11_login (PKCS11_SLOT *slot, int so, const char *pin) |
| Authenticate to the card. More... | |
| int | PKCS11_logout (PKCS11_SLOT *slot) |
| De-authenticate from the card. More... | |
| int | PKCS11_enumerate_keys (PKCS11_TOKEN *, PKCS11_KEY **, unsigned int *) |
| int | PKCS11_remove_key (PKCS11_KEY *) |
| int | PKCS11_enumerate_public_keys (PKCS11_TOKEN *, PKCS11_KEY **, unsigned int *) |
| int | PKCS11_get_key_type (PKCS11_KEY *) |
| EVP_PKEY * | PKCS11_get_private_key (PKCS11_KEY *key) |
| Returns a EVP_PKEY object for the private key. More... | |
| EVP_PKEY * | PKCS11_get_public_key (PKCS11_KEY *key) |
| Returns a EVP_PKEY object with the public key. More... | |
| PKCS11_CERT * | PKCS11_find_certificate (PKCS11_KEY *) |
| PKCS11_KEY * | PKCS11_find_key (PKCS11_CERT *) |
| int | PKCS11_enumerate_certs (PKCS11_TOKEN *, PKCS11_CERT **, unsigned int *) |
| int | PKCS11_remove_certificate (PKCS11_CERT *) |
| int | PKCS11_set_ui_method (PKCS11_CTX *ctx, UI_METHOD *ui_method, void *ui_user_data) |
| int | PKCS11_init_token (PKCS11_TOKEN *token, const char *pin, const char *label) |
| Initialize a token. More... | |
| int | PKCS11_init_pin (PKCS11_TOKEN *token, const char *pin) |
| Initialize the user PIN on a token. More... | |
| int | PKCS11_change_pin (PKCS11_SLOT *slot, const char *old_pin, const char *new_pin) |
| Change the currently used (either USER or SO) PIN on a token. More... | |
| int | PKCS11_store_private_key (PKCS11_TOKEN *token, EVP_PKEY *pk, char *label, unsigned char *id, size_t id_len) |
| Store private key on a token. More... | |
| int | PKCS11_store_public_key (PKCS11_TOKEN *token, EVP_PKEY *pk, char *label, unsigned char *id, size_t id_len) |
| Store public key on a token. More... | |
| int | PKCS11_store_certificate (PKCS11_TOKEN *token, X509 *x509, char *label, unsigned char *id, size_t id_len, PKCS11_CERT **ret_cert) |
| Store certificate on a token. More... | |
| int | PKCS11_seed_random (PKCS11_SLOT *slot, const unsigned char *s, unsigned int s_len) |
| int | PKCS11_generate_random (PKCS11_SLOT *slot, unsigned char *r, unsigned int r_len) |
| RSA_METHOD * | PKCS11_get_rsa_method (void) |
| void * | PKCS11_get_ec_key_method (void) |
| ECDSA_METHOD * | PKCS11_get_ecdsa_method (void) |
| ECDH_METHOD * | PKCS11_get_ecdh_method (void) |
| int | PKCS11_pkey_meths (ENGINE *e, EVP_PKEY_METHOD **pmeth, const int **nids, int nid) |
| void | ERR_load_PKCS11_strings (void) |
| Load PKCS11 error strings. More... | |
| P11_DEPRECATED_FUNC int | PKCS11_generate_key (PKCS11_TOKEN *token, int algorithm, unsigned int bits, char *label, unsigned char *id, size_t id_len) |
| Generate a private key on the token. More... | |
| P11_DEPRECATED_FUNC int | PKCS11_get_key_size (PKCS11_KEY *) |
| P11_DEPRECATED_FUNC int | PKCS11_get_key_modulus (PKCS11_KEY *, BIGNUM **) |
| P11_DEPRECATED_FUNC int | PKCS11_get_key_exponent (PKCS11_KEY *, BIGNUM **) |
| P11_DEPRECATED_FUNC int | PKCS11_ecdsa_sign (const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, PKCS11_KEY *key) |
| P11_DEPRECATED_FUNC int | PKCS11_sign (int type, const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, PKCS11_KEY *key) |
| P11_DEPRECATED_FUNC int | PKCS11_verify (int type, const unsigned char *m, unsigned int m_len, unsigned char *signature, unsigned int siglen, PKCS11_KEY *key) |
| P11_DEPRECATED_FUNC int | PKCS11_private_encrypt (int flen, const unsigned char *from, unsigned char *to, PKCS11_KEY *rsa, int padding) |
| P11_DEPRECATED_FUNC int | PKCS11_private_decrypt (int flen, const unsigned char *from, unsigned char *to, PKCS11_KEY *key, int padding) |
| Decrypts data using the private key. More... | |
libp11 header file
Definition in file libp11.h.
| #define CKRerr | ( | f, | |
| r | |||
| ) | ERR_CKR_error((f),(r),__FILE__,__LINE__) |
| #define P11_DEPRECATED_FUNC P11_DEPRECATED("This function will be removed in libp11 0.5.0") |
| #define PKCS11_F_PKCS11_CHECK_TOKEN CKR_F_PKCS11_CHECK_TOKEN |
| #define PKCS11_F_PKCS11_ECDH_DERIVE CKR_F_PKCS11_ECDH_DERIVE |
| #define PKCS11_F_PKCS11_ENUMERATE_SLOTS CKR_F_PKCS11_ENUMERATE_SLOTS |
| #define PKCS11_F_PKCS11_GENERATE_KEY CKR_F_PKCS11_GENERATE_KEY |
| #define PKCS11_F_PKCS11_GENERATE_RANDOM CKR_F_PKCS11_GENERATE_RANDOM |
| #define PKCS11_F_PKCS11_GETATTR_ALLOC CKR_F_PKCS11_GETATTR_ALLOC |
| #define PKCS11_F_PKCS11_GETATTR_INT CKR_F_PKCS11_GETATTR_INT |
| #define PKCS11_F_PKCS11_IS_LOGGED_IN CKR_F_PKCS11_IS_LOGGED_IN |
| #define PKCS11_F_PKCS11_OPEN_SESSION CKR_F_PKCS11_OPEN_SESSION |
| #define PKCS11_F_PKCS11_PRIVATE_DECRYPT CKR_F_PKCS11_PRIVATE_DECRYPT |
| #define PKCS11_F_PKCS11_PRIVATE_ENCRYPT CKR_F_PKCS11_PRIVATE_ENCRYPT |
| #define PKCS11_F_PKCS11_REMOVE_CERTIFICATE CKR_F_PKCS11_REMOVE_CERTIFICATE |
| #define PKCS11_F_PKCS11_SEED_RANDOM CKR_F_PKCS11_SEED_RANDOM |
| #define PKCS11_F_PKCS11_STORE_CERTIFICATE CKR_F_PKCS11_STORE_CERTIFICATE |
| void ERR_load_PKCS11_strings | ( | void | ) |
Load PKCS11 error strings.
Call this function to be able to use ERR_reason_error_string(ERR_get_error()) to get an textual version of the latest error code
| int PKCS11_change_pin | ( | PKCS11_SLOT * | slot, |
| const char * | old_pin, | ||
| const char * | new_pin | ||
| ) |
Change the currently used (either USER or SO) PIN on a token.
| slot | slot returned by PKCS11_find_token() |
| old_pin | old PIN value |
| new_pin | new PIN value |
| 0 | success |
| -1 | error |
| void PKCS11_CTX_free | ( | PKCS11_CTX * | ctx | ) |
Free a libp11 context.
| ctx | context allocated by PKCS11_CTX_new() |
| void PKCS11_CTX_init_args | ( | PKCS11_CTX * | ctx, |
| const char * | init_args | ||
| ) |
Specify any private PKCS#11 module initialization args, if necessary.
| int PKCS11_CTX_load | ( | PKCS11_CTX * | ctx, |
| const char * | ident | ||
| ) |
Load a PKCS#11 module.
| ctx | context allocated by PKCS11_CTX_new() |
| ident | PKCS#11 library filename |
| 0 | success |
| -1 | error |
| PKCS11_CTX * PKCS11_CTX_new | ( | void | ) |
Create a new libp11 context.
This should be the first function called in the use of libp11
| void PKCS11_CTX_unload | ( | PKCS11_CTX * | ctx | ) |
Unload a PKCS#11 module.
| ctx | context allocated by PKCS11_CTX_new() |
| int PKCS11_enumerate_slots | ( | PKCS11_CTX * | ctx, |
| PKCS11_SLOT ** | slotsp, | ||
| unsigned int * | nslotsp | ||
| ) |
Get a list of all slots.
| ctx | context allocated by PKCS11_CTX_new() |
| slotsp | pointer on a list of slots |
| nslotsp | size of the allocated list |
| 0 | success |
| -1 | error |
| PKCS11_SLOT * PKCS11_find_next_token | ( | PKCS11_CTX * | ctx, |
| PKCS11_SLOT * | slots, | ||
| unsigned int | nslots, | ||
| PKCS11_SLOT * | slot | ||
| ) |
Find the next slot with a token.
| ctx | context allocated by PKCS11_CTX_new() |
| slots | list of slots allocated by PKCS11_enumerate_slots() |
| nslots | size of the list |
| slot | current slot |
| !=NULL | pointer on a slot structure |
| NULL | error |
| PKCS11_SLOT * PKCS11_find_token | ( | PKCS11_CTX * | ctx, |
| PKCS11_SLOT * | slots, | ||
| unsigned int | nslots | ||
| ) |
Find the first slot with a token.
| ctx | context allocated by PKCS11_CTX_new() |
| slots | list of slots allocated by PKCS11_enumerate_slots() |
| nslots | size of the list |
| !=NULL | pointer on a slot structure |
| NULL | error |
| P11_DEPRECATED_FUNC int PKCS11_generate_key | ( | PKCS11_TOKEN * | token, |
| int | algorithm, | ||
| unsigned int | bits, | ||
| char * | label, | ||
| unsigned char * | id, | ||
| size_t | id_len | ||
| ) |
Generate a private key on the token.
| token | token returned by PKCS11_find_token() |
| algorithm | IGNORED (still here for backward compatibility) |
| bits | size of the modulus in bits |
| label | label for this key |
| id | bytes to use as the id value |
| id_len | length of the id value |
| 0 | success |
| -1 | error |
| EVP_PKEY * PKCS11_get_private_key | ( | PKCS11_KEY * | key | ) |
Returns a EVP_PKEY object for the private key.
| key | PKCS11_KEY object |
| !=NULL | reference to the EVP_PKEY object |
| NULL | error |
| EVP_PKEY * PKCS11_get_public_key | ( | PKCS11_KEY * | key | ) |
Returns a EVP_PKEY object with the public key.
| key | PKCS11_KEY object |
| !=NULL | reference to the EVP_PKEY object |
| NULL | error |
| unsigned long PKCS11_get_slotid_from_slot | ( | PKCS11_SLOT * | slotp | ) |
Get the slot_id from a slot as it is stored in private.
| slotp | pointer on a slot |
| the | slotid |
| int PKCS11_init_pin | ( | PKCS11_TOKEN * | token, |
| const char * | pin | ||
| ) |
Initialize the user PIN on a token.
| token | token descriptor (in general slot->token) |
| pin | new user PIN value |
| 0 | success |
| -1 | error |
| int PKCS11_init_token | ( | PKCS11_TOKEN * | token, |
| const char * | pin, | ||
| const char * | label | ||
| ) |
Initialize a token.
| token | token descriptor (in general slot->token) |
| pin | Security Officer PIN value |
| label | new name of the token |
| 0 | success |
| -1 | error |
| int PKCS11_is_logged_in | ( | PKCS11_SLOT * | slot, |
| int | so, | ||
| int * | res | ||
| ) |
Check if user is already authenticated to a card.
| slot | slot returned by PKCS11_find_token() |
| so | kind of login to check: CKU_SO if != 0, otherwise CKU_USER |
| res | pointer to return value: 1 if logged in, 0 if not logged in |
| 0 | success |
| -1 | error |
| int PKCS11_login | ( | PKCS11_SLOT * | slot, |
| int | so, | ||
| const char * | pin | ||
| ) |
Authenticate to the card.
| slot | slot returned by PKCS11_find_token() |
| so | login as CKU_SO if != 0, otherwise login as CKU_USER |
| pin | PIN value |
| 0 | success |
| -1 | error |
| int PKCS11_logout | ( | PKCS11_SLOT * | slot | ) |
De-authenticate from the card.
| slot | slot returned by PKCS11_find_token() |
| 0 | success |
| -1 | error |
| int PKCS11_open_session | ( | PKCS11_SLOT * | slot, |
| int | rw | ||
| ) |
Open a session in RO or RW mode.
| slot | slot descriptor returned by PKCS11_find_token() or PKCS11_enumerate_slots() |
| rw | open in read/write mode is mode != 0, otherwise in read only mode |
| 0 | success |
| -1 | error |
| P11_DEPRECATED_FUNC int PKCS11_private_decrypt | ( | int | flen, |
| const unsigned char * | from, | ||
| unsigned char * | to, | ||
| PKCS11_KEY * | key, | ||
| int | padding | ||
| ) |
Decrypts data using the private key.
| flen | length of the encrypted data |
| from | encrypted data |
| to | output buffer (MUST be a least flen bytes long) |
| key | private key object |
| padding | padding algorithm to be used |
| void PKCS11_release_all_slots | ( | PKCS11_CTX * | ctx, |
| PKCS11_SLOT * | slots, | ||
| unsigned int | nslots | ||
| ) |
Free the list of slots allocated by PKCS11_enumerate_slots()
| ctx | context allocated by PKCS11_CTX_new() |
| slots | list of slots allocated by PKCS11_enumerate_slots() |
| nslots | size of the list |
| int PKCS11_store_certificate | ( | PKCS11_TOKEN * | token, |
| X509 * | x509, | ||
| char * | label, | ||
| unsigned char * | id, | ||
| size_t | id_len, | ||
| PKCS11_CERT ** | ret_cert | ||
| ) |
Store certificate on a token.
| token | token returned by PKCS11_find_token() |
| x509 | x509 certificate object |
| label | label for this certificate |
| id | bytes to use as the id value |
| id_len | length of the id value |
| ret_cert | put new PKCS11_CERT object here |
| 0 | success |
| -1 | error |
| int PKCS11_store_private_key | ( | PKCS11_TOKEN * | token, |
| EVP_PKEY * | pk, | ||
| char * | label, | ||
| unsigned char * | id, | ||
| size_t | id_len | ||
| ) |
Store private key on a token.
| token | token returned by PKCS11_find_token() |
| pk | private key |
| label | label for this key |
| id | bytes to use as the id value |
| id_len | length of the id value |
| 0 | success |
| -1 | error |
| int PKCS11_store_public_key | ( | PKCS11_TOKEN * | token, |
| EVP_PKEY * | pk, | ||
| char * | label, | ||
| unsigned char * | id, | ||
| size_t | id_len | ||
| ) |
Store public key on a token.
| token | token returned by PKCS11_find_token() |
| pk | private key |
| label | label for this key |
| id | bytes to use as the id value |
| id_len | length of the id value |
| 0 | success |
| -1 | error |
| libp11, Copyright (C) 2005 Olaf Kirch <okir@lst.de> | |