32 #if defined(POLARSSL_PKCS11_C)
37 #if defined(POLARSSL_MEMORY_C)
40 #define polarssl_malloc malloc
41 #define polarssl_free free
46 int pkcs11_x509_cert_init(
x509_crt *cert, pkcs11h_certificate_t pkcs11_cert )
49 unsigned char *cert_blob = NULL;
50 size_t cert_blob_size = 0;
58 if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, NULL, &cert_blob_size ) != CKR_OK )
65 if( NULL == cert_blob )
71 if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, cert_blob, &cert_blob_size ) != CKR_OK )
86 if( NULL != cert_blob )
93 int pkcs11_priv_key_init( pkcs11_context *priv_key,
94 pkcs11h_certificate_t pkcs11_cert )
101 if( priv_key == NULL )
104 if( 0 != pkcs11_x509_cert_init( &cert, pkcs11_cert ) )
108 priv_key->pkcs11h_cert = pkcs11_cert;
118 void pkcs11_priv_key_free( pkcs11_context *priv_key )
120 if( NULL != priv_key )
121 pkcs11h_certificate_freeCertificate( priv_key->pkcs11h_cert );
124 int pkcs11_decrypt( pkcs11_context *ctx,
125 int mode,
size_t *olen,
126 const unsigned char *input,
127 unsigned char *output,
128 size_t output_max_len )
130 size_t input_len, output_len;
138 output_len = input_len = ctx->len;
140 if( input_len < 16 || input_len > output_max_len )
144 if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
145 input_len, NULL, &output_len ) != CKR_OK )
150 if( output_len > output_max_len )
153 if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
154 input_len, output, &output_len ) != CKR_OK )
162 int pkcs11_sign( pkcs11_context *ctx,
165 unsigned int hashlen,
166 const unsigned char *hash,
169 size_t olen, asn_len = 0, oid_size = 0;
170 unsigned char *p = sig;
184 if( md_info == NULL )
195 memcpy( p, hash, hashlen );
209 *p++ = (
unsigned char) ( 0x08 + oid_size + hashlen );
211 *p++ = (
unsigned char) ( 0x04 + oid_size );
213 *p++ = oid_size & 0xFF;
214 memcpy( p, oid, oid_size );
224 memcpy( p, hash, hashlen );
227 if( pkcs11h_certificate_signAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, sig,
228 asn_len + hashlen, sig, &olen ) != CKR_OK )
#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE
The output buffer for decryption is not large enough.
static size_t pk_get_len(const pk_context *ctx)
Get the length in bytes of the underlying key.
void *(* polarssl_malloc)(size_t len)
int x509_crt_parse(x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse one or more certificates and add them to the chained list.
void x509_crt_free(x509_crt *crt)
Unallocate all certificate data.
static unsigned char md_get_size(const md_info_t *md_info)
Returns the size of the message digest output.
Object Identifier (OID) database.
const md_info_t * md_info_from_type(md_type_t md_type)
Returns the message digest information associated with the given digest type.
Container for an X.509 certificate.
void x509_crt_init(x509_crt *crt)
Initialize a certificate (chain)
void(* polarssl_free)(void *ptr)
X.509 certificate parsing and writing.
Generic message digest wrapper.
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA
Bad input parameters to function.
int oid_get_oid_by_md(md_type_t md_alg, const char **oid, size_t *olen)
Translate md_type into hash algorithm OID.
pk_context pk
Container for the public key context.
#define ASN1_OCTET_STRING
Wrapper for PKCS#11 library libpkcs11-helper.
Message digest information.