OpenVPN
pkcs11.h
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License along
20  * with this program; if not, write to the Free Software Foundation, Inc.,
21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 #ifndef OPENVPN_PKCS11_H
25 #define OPENVPN_PKCS11_H
26 
27 #if defined(ENABLE_PKCS11)
28 
29 #include "ssl_common.h"
30 
31 bool
32 pkcs11_initialize(
33  const bool fProtectedAuthentication,
34  const int nPINCachePeriod
35  );
36 
37 void
38 pkcs11_terminate();
39 
40 bool
41 pkcs11_addProvider(
42  const char *const provider,
43  const bool fProtectedAuthentication,
44  const unsigned private_mode,
45  const bool fCertIsPrivate
46  );
47 
48 int
49 pkcs11_logout();
50 
51 int
52 pkcs11_management_id_count();
53 
54 bool
55 pkcs11_management_id_get(
56  const int index,
57  char **id,
58  char **base64
59  );
60 
61 int
62 tls_ctx_use_pkcs11(
63  struct tls_root_ctx *const ssl_ctx,
64  bool pkcs11_id_management,
65  const char *const pkcs11_id
66  );
67 
68 void
69 show_pkcs11_ids(
70  const char *const provider,
71  bool cert_private
72  );
73 
74 #endif /* ENABLE_PKCS11 */
75 
76 #endif /* OPENVPN_PKCS11H_H */
Structure that wraps the TLS context.
Definition: ssl_mbedtls.h:90