src/libstrongswan/plugins/pkcs11/pkcs11_private_key.h

   1 /*
   2  * Copyright (C) 2011 Tobias Brunner
   3  * Hochschule fuer Technik Rapperswil
   4  *
   5  * Copyright (C) 2010 Martin Willi
   6  * Copyright (C) 2010 revosec AG
   7  *
   8  * This program is free software; you can redistribute it and/or modify it
   9  * under the terms of the GNU General Public License as published by the
  10  * Free Software Foundation; either version 2 of the License, or (at your
  11  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  12  *
  13  * This program is distributed in the hope that it will be useful, but
  14  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  15  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  16  * for more details.
  17  */
  18
  19 /**
  20  * @defgroup pkcs11_private_key pkcs11_private_key
  21  * @{ @ingroup pkcs11
  22  */
  23
  24 #ifndef PKCS11_PRIVATE_KEY_H_
  25 #define PKCS11_PRIVATE_KEY_H_
  26
  27 typedef struct pkcs11_private_key_t pkcs11_private_key_t;
  28
  29 #include <credentials/builder.h>
  30 #include <credentials/keys/private_key.h>
  31
  32 #include "pkcs11.h"
  33
  34 /**
  35  * Private Key implementation on top of PKCS#11.
  36  */
  37 struct pkcs11_private_key_t {
  38
  39         /**
  40          * Implements private_key_t interface.
  41          */
  42         private_key_t key;
  43 };
  44
  45 /**
  46  * Open a private key on a PKCS#11 device.
  47  *
  48  * Accepts the BUILD_SMARTCARD_KEYID and the BUILD_SMARTCARD_PIN arguments.
  49  *
  50  * @param type          type of the key
  51  * @param args          builder_part_t argument list
  52  * @return                      loaded key, NULL on failure
  53  */
  54 pkcs11_private_key_t *pkcs11_private_key_connect(key_type_t type, va_list args);
  55
  56 /**
  57  * Get the Cryptoki mechanism for a signature scheme.
  58  *
  59  * Verifies that the given key is usable for this scheme.
  60  *
  61  * @param scheme                signature scheme
  62  * @param type                  key type
  63  * @param keylen                key length in bits
  64  * @param hash                  hash algorithm to apply first (HASH_UNKNOWN if none)
  65  */
  66 CK_MECHANISM_PTR pkcs11_signature_scheme_to_mech(signature_scheme_t scheme,
  67                                                                                                  key_type_t type, size_t keylen,
  68                                                                                                  hash_algorithm_t *hash);
  69
  70 /**
  71  * Get the Cryptoki mechanism for a encryption scheme.
  72  */
  73 CK_MECHANISM_PTR pkcs11_encryption_scheme_to_mech(encryption_scheme_t scheme);
  74
  75 #endif /** PKCS11_PRIVATE_KEY_H_ @}*/