wc_pkcs11.h
1 /* wc_pkcs11.h
2  *
3  * Copyright (C) 2006-2020 wolfSSL Inc.
4  *
5  * This file is part of wolfSSL.
6  *
7  * wolfSSL is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 3 of the License, or
10  * (at your option) any later version.
11  *
12  * wolfSSL is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20  */
21 
22 #ifndef _WOLFPKCS11_H_
23 #define _WOLFPKCS11_H_
24 
25 #include <wolfssl/wolfcrypt/types.h>
26 
27 #ifdef HAVE_PKCS11
28 
29 #ifndef WOLF_CRYPTO_CB
30  #error PKCS11 support requires ./configure --enable-cryptocb or WOLF_CRYPTO_CB to be defined
31 #endif
32 
33 #include <wolfssl/wolfcrypt/cryptocb.h>
34 #include <wolfssl/wolfcrypt/pkcs11.h>
35 
36 #ifdef __cplusplus
37  extern "C" {
38 #endif
39 
40 
41 typedef struct Pkcs11Dev {
42  void* dlHandle; /* Handle to library */
43  CK_FUNCTION_LIST* func; /* Array of functions */
44  void* heap;
45 } Pkcs11Dev;
46 
47 typedef struct Pkcs11Token {
48  CK_FUNCTION_LIST* func; /* Table of PKCS#11 function from lib */
49  CK_SLOT_ID slotId; /* Id of slot to use */
50  CK_SESSION_HANDLE handle; /* Handle to active session */
51  CK_UTF8CHAR_PTR userPin; /* User's PIN to login with */
52  CK_ULONG userPinSz; /* Size of user's PIN in bytes */
53 } Pkcs11Token;
54 
55 typedef struct Pkcs11Session {
56  CK_FUNCTION_LIST* func; /* Table of PKCS#11 function from lib */
57  CK_SLOT_ID slotId; /* Id of slot to use */
58  CK_SESSION_HANDLE handle; /* Handle to active session */
59 } Pkcs11Session;
60 
61 /* Types of keys that can be stored. */
62 enum Pkcs11KeyType {
63  PKCS11_KEY_TYPE_AES_GCM,
64  PKCS11_KEY_TYPE_AES_CBC,
65  PKCS11_KEY_TYPE_HMAC,
66  PKCS11_KEY_TYPE_RSA,
67  PKCS11_KEY_TYPE_EC,
68 };
69 
70 
71 WOLFSSL_API int wc_Pkcs11_Initialize(Pkcs11Dev* dev, const char* library,
72  void* heap);
73 WOLFSSL_API void wc_Pkcs11_Finalize(Pkcs11Dev* dev);
74 
75 WOLFSSL_API int wc_Pkcs11Token_Init(Pkcs11Token* token, Pkcs11Dev* dev,
76  int slotId, const char* tokenName, const unsigned char *userPin,
77  int userPinSz);
78 WOLFSSL_API void wc_Pkcs11Token_Final(Pkcs11Token* token);
79 WOLFSSL_API int wc_Pkcs11Token_Open(Pkcs11Token* token, int readWrite);
80 WOLFSSL_API void wc_Pkcs11Token_Close(Pkcs11Token* token);
81 
82 WOLFSSL_API int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear,
83  void* key);
84 
85 WOLFSSL_API int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info,
86  void* ctx);
87 
88 #ifdef __cplusplus
89  } /* extern "C" */
90 #endif
91 
92 #endif /* HAVE_PKCS11 */
93 
94 #endif /* _WOLFPKCS11_H_ */
wc_Pkcs11Token_Init
WOLFSSL_API int wc_Pkcs11Token_Init(Pkcs11Token *token, Pkcs11Dev *dev, int slotId, const char *tokenName, const unsigned char *userPin, int userPinSz)
Definition: wc_pkcs11.c:180
CK_FUNCTION_LIST
Definition: pkcs11.h:349
wc_Pkcs11Token_Final
WOLFSSL_API void wc_Pkcs11Token_Final(Pkcs11Token *token)
Definition: wc_pkcs11.c:236
wc_Pkcs11_Finalize
WOLFSSL_API void wc_Pkcs11_Finalize(Pkcs11Dev *dev)
Definition: wc_pkcs11.c:152
wc_Pkcs11_Initialize
WOLFSSL_API int wc_Pkcs11_Initialize(Pkcs11Dev *dev, const char *library, void *heap)
Definition: wc_pkcs11.c:105
Pkcs11Session
Definition: wc_pkcs11.h:55
wc_Pkcs11Token_Open
WOLFSSL_API int wc_Pkcs11Token_Open(Pkcs11Token *token, int readWrite)
Definition: wc_pkcs11.c:320
Pkcs11Token
Definition: wc_pkcs11.h:47
wc_Pkcs11Token_Close
WOLFSSL_API void wc_Pkcs11Token_Close(Pkcs11Token *token)
Definition: wc_pkcs11.c:342