PKCS11 key object wrapper.
More...
#include <PKCS11Key.h>
|
| | PKCS11Key (std::shared_ptr< PKCS11Session > &&session, CK_OBJECT_HANDLE keyHandle) noexcept |
| | Create key object with parameters. More...
|
| |
| bool | isCompatible (AlgorithmType type) noexcept |
| | Method to check if key has a correct type and supports given algorithm type. More...
|
| |
| bool | getAttributes (std::vector< unsigned char > &checksum, bool &neverExtractable) noexcept |
| | Method to query key attributes. More...
|
| |
| bool | encrypt (AlgorithmType algorithmType, const std::vector< unsigned char > &iv, const std::vector< unsigned char > &aad, const std::vector< unsigned char > &plaintext, std::vector< unsigned char > &ciphertext, std::vector< unsigned char > &tag) noexcept |
| | Function to encrypt data with given parameters. More...
|
| |
| bool | decrypt (AlgorithmType algorithmType, const std::vector< unsigned char > &iv, const std::vector< unsigned char > &aad, const std::vector< unsigned char > &ciphertext, const std::vector< unsigned char > &tag, std::vector< unsigned char > &plaintext) noexcept |
| | Function to decrypt data with given parameters. More...
|
| |
| bool | configureMechanism (CK_MECHANISM_TYPE mechanismType, const std::vector< unsigned char > &iv, const std::vector< unsigned char > &aad, CK_MECHANISM ¶ms, CK_GCM_PARAMS &gcmParams) noexcept |
| | Configure PKCS#11 mechanism according to parameters. More...
|
| |
PKCS11 key object wrapper.
This class wraps PKCS#11 key handle and related operations.
◆ PKCS11Key()
| alexaClientSDK::acsdkPkcs11::PKCS11Key::PKCS11Key |
( |
std::shared_ptr< PKCS11Session > && |
session, |
|
|
CK_OBJECT_HANDLE |
keyHandle |
|
) |
| |
|
noexcept |
Create key object with parameters.
- Parameters
-
| [in] | session | Owner session. |
| [in] | keyHandle | PKCS11 ket object handle. |
◆ configureMechanism()
| bool alexaClientSDK::acsdkPkcs11::PKCS11Key::configureMechanism |
( |
CK_MECHANISM_TYPE |
mechanismType, |
|
|
const std::vector< unsigned char > & |
iv, |
|
|
const std::vector< unsigned char > & |
aad, |
|
|
CK_MECHANISM & |
params, |
|
|
CK_GCM_PARAMS & |
gcmParams |
|
) |
| |
|
noexcept |
Configure PKCS#11 mechanism according to parameters.
- Parameters
-
| [in] | mechanismType | Type of encryption. |
| [in] | iv | Initialization vector. |
| [in] | aad | Additional authenticaiton data. |
| [out] | params | Mechanism parameters for PKCS#11 calls. |
| [out] | gcmParams | GCM-specific parameters for PKCS#11 calls. |
- Returns
- True if operation is successful.
◆ decrypt()
| bool alexaClientSDK::acsdkPkcs11::PKCS11Key::decrypt |
( |
AlgorithmType |
algorithmType, |
|
|
const std::vector< unsigned char > & |
iv, |
|
|
const std::vector< unsigned char > & |
aad, |
|
|
const std::vector< unsigned char > & |
ciphertext, |
|
|
const std::vector< unsigned char > & |
tag, |
|
|
std::vector< unsigned char > & |
plaintext |
|
) |
| |
|
noexcept |
Function to decrypt data with given parameters.
- Parameters
-
| [in] | algorithmType | Algorithm to use. |
| [in] | iv | Initialization vector. |
| [in] | aad | Additional authenticated data. |
| [in] | ciphertext | Encrypted data. |
| [in] | tag | Authentication tag. |
| [out] | plaintext | Decrypted data. |
- Returns
- True if operation is successful.
◆ encrypt()
| bool alexaClientSDK::acsdkPkcs11::PKCS11Key::encrypt |
( |
AlgorithmType |
algorithmType, |
|
|
const std::vector< unsigned char > & |
iv, |
|
|
const std::vector< unsigned char > & |
aad, |
|
|
const std::vector< unsigned char > & |
plaintext, |
|
|
std::vector< unsigned char > & |
ciphertext, |
|
|
std::vector< unsigned char > & |
tag |
|
) |
| |
|
noexcept |
Function to encrypt data with given parameters.
- Parameters
-
| [in] | algorithmType | Algorithm to use. |
| [in] | iv | Initialization vector. |
| [in] | aad | Additional authenticated data. |
| [in] | plaintext | Unencrypted data. |
| [out] | ciphertext | Encrypted data. |
| [out] | tag | Message authentication code. |
- Returns
- True if operation is successful.
◆ getAttributes()
| bool alexaClientSDK::acsdkPkcs11::PKCS11Key::getAttributes |
( |
std::vector< unsigned char > & |
checksum, |
|
|
bool & |
neverExtractable |
|
) |
| |
|
noexcept |
Method to query key attributes.
This method queries key CKA_CHECKSUM (if it supported) and CKA_NEVER_EXTRACTABLE flags.
- Parameters
-
| [out] | checksum | Key checksum if it is available. The value can be empty if HSM doesn't support checksums. |
| [out] | neverExtractable | Flag if the key has never been extracted. |
- Returns
- True on success, False on error.
◆ isCompatible()
| bool alexaClientSDK::acsdkPkcs11::PKCS11Key::isCompatible |
( |
AlgorithmType |
type | ) |
|
|
noexcept |
Method to check if key has a correct type and supports given algorithm type.
- Parameters
-
- Returns
- True if key supports given algorithm type, False on error or if key doesn't support the algorithm.
The documentation for this class was generated from the following files:
- /workplace/avs-device-sdk/core/Crypto/acsdkPkcs11/privateInclude/acsdkPkcs11/private/PKCS11Key.h
- /workplace/avs-device-sdk/core/Crypto/acsdkPkcs11/src/PKCS11Key.cpp
AlexaClientSDK 1.26.0 - Copyright 2016-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
Licensed under the Apache License, Version 2.0
