1 /* 2 * OpenVPN -- An application to securely tunnel IP networks 3 * over a single TCP/UDP port, with support for SSL/TLS-based 4 * session authentication and key exchange, 5 * packet encryption, packet authentication, and 6 * packet compression. 7 * 8 * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License along 20 * with this program; if not, write to the Free Software Foundation, Inc., 21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 22 */ 23 24 #ifndef OPENVPN_PKCS11_H 25 #define OPENVPN_PKCS11_H 26 27 #if defined(ENABLE_PKCS11) 28 29 #include "ssl_common.h" 30 31 bool 32 pkcs11_initialize( 33 const bool fProtectedAuthentication, 34 const int nPINCachePeriod 35 ); 36 37 void 38 pkcs11_terminate(); 39 40 bool 41 pkcs11_addProvider( 42 const char *const provider, 43 const bool fProtectedAuthentication, 44 const unsigned private_mode, 45 const bool fCertIsPrivate 46 ); 47 48 int 49 pkcs11_logout(); 50 51 int 52 pkcs11_management_id_count(); 53 54 bool 55 pkcs11_management_id_get( 56 const int index, 57 char **id, 58 char **base64 59 ); 60 61 int 62 tls_ctx_use_pkcs11( 63 struct tls_root_ctx *const ssl_ctx, 64 bool pkcs11_id_management, 65 const char *const pkcs11_id 66 ); 67 68 void 69 show_pkcs11_ids( 70 const char *const provider, 71 bool cert_private 72 ); 73 74 #endif /* ENABLE_PKCS11 */ 75 76 #endif /* OPENVPN_PKCS11H_H */ 77