32#include <ldns/rbtree.h>
35#define HSM_MAX_SESSIONS 100
45#define HSM_MAX_SESSIONS 100
47#define HSM_MAX_ALGONAME 16
49#define HSM_ERROR_MSGSIZE 512
53#define HSM_MAX_SIGNATURE_LENGTH 512
59#define HSM_MAX_PIN_LENGTH 255
66#define HSM_ERROR 0x10000001
67#define HSM_PIN_INCORRECT 0x10000002
68#define HSM_CONFIG_FILE_ERROR 0x10000003
69#define HSM_REPOSITORY_NOT_FOUND 0x10000004
70#define HSM_NO_REPOSITORIES 0x10000005
71#define HSM_MODULE_NOT_FOUND 0x10000006
74#define HSM_PIN_FIRST 0
75#define HSM_PIN_RETRY 1
81 unsigned int use_pubkey;
82 unsigned int allow_extract;
99 unsigned long session;
105 unsigned long private_key;
106 unsigned long public_key;
113 char *algorithm_name;
114 unsigned long keysize;
140 const char *error_action;
145 ldns_rbtree_t* keycache;
146 pthread_mutex_t *keycache_lock;
163 const char *message, ...)
164#ifdef HAVE___ATTRIBUTE__
165 __attribute__ ((format (printf, 4, 5)))
186 char *(pin_callback)(
unsigned int,
const char *,
unsigned int));
200 uint8_t use_pubkey, uint8_t allowextract, uint8_t require_backup);
219hsm_prompt_pin(
unsigned int id,
const char *repository,
unsigned int mode);
231hsm_check_pin(
unsigned int id,
const char *repository,
unsigned int mode);
319 const char *repository);
351 const char *repository,
352 unsigned long keysize);
368 const char *repository,
369 unsigned long keysize);
384 const char *repository);
400 const char *repository,
417 const char *repository,
488 unsigned char *buffer,
489 unsigned long length);
528 const char *token_name,
540 const char *repository);
hsm_repository_t * hsm_repository_new(char *name, char *module, char *tokenlabel, char *pin, uint8_t use_pubkey, uint8_t allowextract, uint8_t require_backup)
char * hsm_prompt_pin(unsigned int id, const char *repository, unsigned int mode)
libhsm_key_t ** hsm_list_keys_repository(hsm_ctx_t *context, size_t *count, const char *repository)
void libhsm_key_list_free(libhsm_key_t **key_list, size_t count)
libhsm_key_t * hsm_generate_ecdsa_key(hsm_ctx_t *context, const char *repository, const char *curve)
int hsm_attach(const char *repository, const char *token_name, const char *path, const char *pin, const hsm_config_t *config)
void hsm_ctx_set_error(hsm_ctx_t *ctx, int error, const char *action, const char *message,...)
hsm_ctx_t * hsm_create_context(void)
const libhsm_key_t * keycache_lookup(hsm_ctx_t *ctx, const char *locator)
uint64_t hsm_random64(hsm_ctx_t *ctx)
char * hsm_get_error(hsm_ctx_t *gctx)
uint32_t hsm_random32(hsm_ctx_t *ctx)
libhsm_key_t * hsm_generate_rsa_key(hsm_ctx_t *context, const char *repository, unsigned long keysize)
int hsm_token_attached(hsm_ctx_t *ctx, const char *repository)
int hsm_remove_key(hsm_ctx_t *context, libhsm_key_t *key)
char * hsm_check_pin(unsigned int id, const char *repository, unsigned int mode)
#define HSM_ERROR_MSGSIZE
libhsm_key_t * hsm_find_key_by_id(hsm_ctx_t *context, const char *id)
void hsm_print_key(hsm_ctx_t *ctx, libhsm_key_t *key)
libhsm_key_t * hsm_generate_dsa_key(hsm_ctx_t *context, const char *repository, unsigned long keysize)
void hsm_print_error(hsm_ctx_t *ctx)
libhsm_key_t * hsm_generate_eddsa_key(hsm_ctx_t *context, const char *repository, const char *curve)
void hsm_print_ctx(hsm_ctx_t *ctx)
void hsm_repository_free(hsm_repository_t *r)
libhsm_key_t * hsm_generate_gost_key(hsm_ctx_t *context, const char *repository)
void libhsm_key_info_free(libhsm_key_info_t *key_info)
libhsm_key_t ** hsm_list_keys(hsm_ctx_t *context, size_t *count)
int hsm_random_buffer(hsm_ctx_t *ctx, unsigned char *buffer, unsigned long length)
int hsm_open2(hsm_repository_t *rlist, char *(pin_callback)(unsigned int, const char *, unsigned int))
void hsm_print_session(hsm_session_t *session)
void keycache_create(hsm_ctx_t *ctx)
void hsm_print_tokeninfo(hsm_ctx_t *ctx)
void hsm_destroy_context(hsm_ctx_t *context)
char * hsm_get_key_id(hsm_ctx_t *context, const libhsm_key_t *key)
libhsm_key_info_t * hsm_get_key_info(hsm_ctx_t *context, const libhsm_key_t *key)
void keycache_destroy(hsm_ctx_t *ctx)
void libhsm_key_free(libhsm_key_t *key)
unsigned int allow_extract