aboutsummaryrefslogtreecommitdiff
path: root/openssl/agent/pkcs11/pkcs11.hxx
blob: e1c90b1d1332a98bb2cf833e257688b962bdb7d4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
// file      : openssl/agent/pkcs11/pkcs11.hxx -*- C++ -*-
// copyright : Copyright (c) 2014-2018 Code Synthesis Ltd
// license   : MIT; see accompanying LICENSE file

#ifndef OPENSSL_AGENT_PKCS11_PKCS11_HXX
#define OPENSSL_AGENT_PKCS11_PKCS11_HXX

// PKCS#11 API (Cryptoki) definitions.
//
#include <openssl/agent/pkcs11/pkcs11.h>

#include <openssl/types.hxx>
#include <openssl/utility.hxx>

namespace openssl
{
  namespace agent
  {
    namespace pkcs11
    {
      // For simplicity we will not handle multiple PKCS#11 modules
      // simultaneously. The first one loaded will stay till the end of the
      // process lifetime.
      //

      // Return the PKCS#11 API pointer. If requested, ignore non-existent
      // module returning NULL.
      //
      // On the first call load the PKCS#11 module using the specified path
      // and initialize the API. Return the same pointer on the subsequent
      // calls regardless of the path. Throw runtime_error if anything goes
      // wrong.
      //
      CK_FUNCTION_LIST*
      api (const path&, bool ignore_nonexistent = false);

      // Return a pointer to the previously initialized PKCS#11 API.
      //
      CK_FUNCTION_LIST*
      api ();

      // Throw runtime_error describing a PKCS#11 API error.
      //
      [[noreturn]] void
      throw_api_error (CK_RV error, string what);

      // Convert API string representation to a regular one.
      //
      // PKCS#11 API struct string members are fixed-sized unsigned character
      // arrays right-padded with the space character. Return such a string
      // with the trailing spaces stripped.
      //
      inline string
      api_string (const unsigned char* s, size_t n)
      {
        for (; n != 0 && s[n - 1] == ' '; --n) ;
        return string (reinterpret_cast<const char*> (s), n);
      }
    }
  }
}

#endif // OPENSSL_AGENT_PKCS11_PKCS11_HXX