web
/
surfer
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
A simple Qt based browser with no bullshit that supports PKCS#11 tokens (such as the SuisseID).
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
13 Tags
415 MiB
 
 
 
 
Tag: Branch: Tree: f5e983f5b9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f5e983f5b9'
${ noResults }
surfer/openssl-act-engine/engine_sct_internal.h

90 lines
2.4 KiB
Raw Blame History

#ifndef _ENGINE_SCT_INTERNAL_H_
#define _ENGINE_SCT_INTERNAL_H_
#include <memory>
#include <list>
#include <vector>
#include <map>
#include <openssl/crypto.h>
#include <openssl/objects.h>
#include <openssl/engine.h>
#if defined(_MSC_VER)
#pragma comment(lib, "libeay32.lib")
#endif
#ifdef U64
#undef U64
#endif
#include <actBlob.h>
struct load_cert_params;
#include "SlotList.h"
#include "CertificateList.h"
class CardKey;
struct enum_certs_s;
#define EXTRACT_CARD_KEY(rsastruct) (reinterpret_cast<CardKey*>(RSA_get_app_data(rsastruct)))
/*
* Core module. Actual engine startup/finish code and crypto operations.
*/
class SecureTokenEngine
{
public:
SecureTokenEngine() { }
~SecureTokenEngine() { }
// NOTE: contents of source string will be overwritten for security reasons
int setPin(char *pin);
int incVerbosity();
int setInitArgs(const char *args);
int init();
int finish();
int rsa_finish(RSA *rsa);
int loadCertCtrl(ENGINE *e, load_cert_params *p);
EVP_PKEY *load_pubkey(const char *s_key_id, UI_METHOD *ui_method, void *callback_data);
EVP_PKEY *load_privkey(const char *s_key_id, UI_METHOD *ui_method, void *callback_data);
// Caller is required to provide an output buffer of sufficient size, depending on input data's length
// and used key material. Improper usage may cause buffer overruns. OpenSSL API's weakness.
// Encrypt/Decrypt return size of output data on success, -1 on failure.
int rsa_encrypt(int flen, const unsigned char *from, unsigned char *to, const CardKey* ck, int padding);
int rsa_decrypt(int flen, const unsigned char *from, unsigned char *to, CardKey* ck, int padding);
// Sign/Verify return 1 on success, 0 on failure.
int rsa_sign(int type, const unsigned char *msg, unsigned int msglen, unsigned char *sigret, unsigned int *siglen, CardKey* ck);
int rsa_verify(int type, const unsigned char *msg, unsigned int msglen, unsigned char *signature, unsigned int siglen, const CardKey* ck);
// Return a list of all certificates and the necessary IDs to use them
// !! frees up the memory of the previosly returned structure in subsequent calls !!
int enumerate_certs(ENGINE *e, enum_certs_s **p);
private:
EVP_PKEY *encapsule_CardKey(CardKey *ck);
act::Blob m_pin;
SlotList m_slot_list;
std::auto_ptr<CertificateList> m_cert_list;
};
// Needed in SecureTokenEngine for creation of new RSA key (stubs) as well
RSA_METHOD* RSA_get_sct_method();
#endif