Safe Haskell | None |
---|---|
Language | Haskell2010 |
- data Library
- loadLibrary :: String -> IO Library
- releaseLibrary :: Library -> IO ()
- data Info
- getInfo :: Library -> IO Info
- infoCryptokiVersion :: Info -> Version
- infoManufacturerId :: Info -> String
- infoFlags :: Info -> Int
- infoLibraryDescription :: Info -> String
- infoLibraryVersion :: Info -> Version
- type SlotId = CULong
- getSlotList :: Library -> Bool -> Int -> IO [SlotId]
- data SlotInfo
- getSlotInfo :: Library -> SlotId -> IO SlotInfo
- slotInfoDescription :: SlotInfo -> String
- slotInfoManufacturerId :: SlotInfo -> String
- slotInfoFlags :: SlotInfo -> Int
- slotInfoHardwareVersion :: SlotInfo -> Version
- slotInfoFirmwareVersion :: SlotInfo -> Version
- data TokenInfo
- getTokenInfo :: Library -> SlotId -> IO TokenInfo
- tokenInfoLabel :: TokenInfo -> String
- tokenInfoManufacturerId :: TokenInfo -> String
- tokenInfoModel :: TokenInfo -> String
- tokenInfoSerialNumber :: TokenInfo -> String
- tokenInfoFlags :: TokenInfo -> Int
- initToken :: Library -> SlotId -> ByteString -> String -> IO ()
- initPin :: Session -> ByteString -> IO ()
- setPin :: Session -> ByteString -> ByteString -> IO ()
- data MechType
- data MechInfo
- getMechanismList :: Library -> SlotId -> Int -> IO [Int]
- getMechanismInfo :: Library -> SlotId -> MechType -> IO MechInfo
- mechInfoMinKeySize :: MechInfo -> Int
- mechInfoMaxKeySize :: MechInfo -> Int
- mechInfoFlags :: MechInfo -> Int
- simpleMech :: MechType -> Mech
- data Session
- data UserType
- withSession :: Library -> SlotId -> Bool -> (Session -> IO a) -> IO a
- closeAllSessions :: Library -> SlotId -> IO ()
- getSessionInfo :: Session -> IO SessionInfo
- getOperationState :: Session -> CULong -> IO ByteString
- login :: Session -> UserType -> ByteString -> IO ()
- logout :: Session -> IO ()
- type ObjectHandle = CULong
- data Attribute
- data ClassType
- data KeyTypeValue
- destroyObject :: Session -> ObjectHandle -> IO ()
- createObject :: Session -> [Attribute] -> IO ObjectHandle
- copyObject :: Session -> ObjectHandle -> [Attribute] -> IO ObjectHandle
- getObjectSize :: Session -> ObjectHandle -> IO CULong
- findObjects :: Session -> [Attribute] -> IO [ObjectHandle]
- getTokenFlag :: Session -> ObjectHandle -> IO Bool
- getPrivateFlag :: Session -> ObjectHandle -> IO Bool
- getSensitiveFlag :: Session -> ObjectHandle -> IO Bool
- getEncryptFlag :: Session -> ObjectHandle -> IO Bool
- getDecryptFlag :: Session -> ObjectHandle -> IO Bool
- getWrapFlag :: Session -> ObjectHandle -> IO Bool
- getUnwrapFlag :: Session -> ObjectHandle -> IO Bool
- getSignFlag :: Session -> ObjectHandle -> IO Bool
- getModulus :: Session -> ObjectHandle -> IO Integer
- getPublicExponent :: Session -> ObjectHandle -> IO Integer
- getPrime :: Session -> ObjectHandle -> IO Integer
- getBase :: Session -> ObjectHandle -> IO Integer
- setAttributes :: Session -> ObjectHandle -> [Attribute] -> IO ()
- generateKey :: Session -> Mech -> [Attribute] -> IO ObjectHandle
- generateKeyPair :: Session -> Mech -> [Attribute] -> [Attribute] -> IO (ObjectHandle, ObjectHandle)
- deriveKey :: Session -> Mech -> ObjectHandle -> [Attribute] -> IO ObjectHandle
- wrapKey :: Mech -> Session -> ObjectHandle -> ObjectHandle -> CULong -> IO ByteString
- unwrapKey :: Mech -> Session -> ObjectHandle -> ByteString -> [Attribute] -> IO ObjectHandle
- decryptInit :: Mech -> Session -> ObjectHandle -> IO ()
- decrypt :: Session -> ByteString -> CULong -> IO ByteString
- encryptInit :: Mech -> Session -> ObjectHandle -> IO ()
- encrypt :: Session -> ByteString -> CULong -> IO ByteString
- encryptUpdate :: Session -> ByteString -> CULong -> IO ByteString
- encryptFinal :: Session -> CULong -> IO ByteString
- digestInit :: Mech -> Session -> IO ()
- digest :: Session -> ByteString -> CULong -> IO ByteString
- signInit :: Mech -> Session -> ObjectHandle -> IO ()
- sign :: Session -> ByteString -> CULong -> IO ByteString
- signRecoverInit :: Mech -> Session -> ObjectHandle -> IO ()
- signRecover :: Session -> ByteString -> CULong -> IO ByteString
- verifyInit :: Session -> Mech -> ObjectHandle -> IO ()
- verify :: Session -> ByteString -> ByteString -> IO Bool
- seedRandom :: Session -> ByteString -> IO ()
- generateRandom :: Session -> CULong -> IO ByteString
- data Version
- versionMajor :: Version -> Int
- versionMinor :: Version -> Int
Library
loadLibrary :: String -> IO Library Source #
Load PKCS#11 dynamically linked library
lib <- loadLibrary "/path/to/dll.so"
releaseLibrary :: Library -> IO () Source #
Reading library information
infoCryptokiVersion :: Info -> Version Source #
Cryptoki interface version number, for compatibility with future revisions of this interface
infoManufacturerId :: Info -> String Source #
ID of the Cryptoki library manufacturer
infoFlags :: Info -> Int Source #
bit flags reserved for future versions. Must be zero for this version
infoLibraryDescription :: Info -> String Source #
infoLibraryVersion :: Info -> Version Source #
Cryptoki library version number
Slots
getSlotList :: Library -> Bool -> Int -> IO [SlotId] Source #
Allows to obtain a list of slots in the system
slotsIds <- getSlotList lib True 10
In this example retrieves list of, at most 10 (third parameter) slot identifiers with tokens present (second parameter is set to True)
Reading slot information
getSlotInfo :: Library -> SlotId -> IO SlotInfo Source #
Obtains information about a particular slot in the system
slotInfo <- getSlotInfo lib slotId
slotInfoDescription :: SlotInfo -> String Source #
slotInfoFlags :: SlotInfo -> Int Source #
bit flags indicating capabilities and status of the slot as defined in https://www.cryptsoft.com/pkcs11doc/v220/pkcs11__all_8h.html#aCK_SLOT_INFO
Working with tokens
getTokenInfo :: Library -> SlotId -> IO TokenInfo Source #
Obtains information about a particular token in the system
tokenInfo <- getTokenInfo lib slotId
tokenInfoLabel :: TokenInfo -> String Source #
tokenInfoModel :: TokenInfo -> String Source #
tokenInfoFlags :: TokenInfo -> Int Source #
bit flags indicating capabilities and status of the device as defined in https://www.cryptsoft.com/pkcs11doc/v220/pkcs11__all_8h.html#aCK_TOKEN_INFO
setPin :: Session -> ByteString -> ByteString -> IO () Source #
Mechanisms
getMechanismList :: Library -> SlotId -> Int -> IO [Int] Source #
Obtains a list of mechanism types supported by a token
getMechanismInfo :: Library -> SlotId -> MechType -> IO MechInfo Source #
Obtains information about a particular mechanism possibly supported by a token
mechInfoMinKeySize :: MechInfo -> Int Source #
mechInfoMaxKeySize :: MechInfo -> Int Source #
mechInfoFlags :: MechInfo -> Int Source #
simpleMech :: MechType -> Mech Source #
Session management
getSessionInfo :: Session -> IO SessionInfo Source #
getOperationState :: Session -> CULong -> IO ByteString Source #
Object attributes
type ObjectHandle = CULong Source #
data KeyTypeValue Source #
destroyObject :: Session -> ObjectHandle -> IO () Source #
createObject :: Session -> [Attribute] -> IO ObjectHandle Source #
copyObject :: Session -> ObjectHandle -> [Attribute] -> IO ObjectHandle Source #
getObjectSize :: Session -> ObjectHandle -> IO CULong Source #
Searching objects
findObjects :: Session -> [Attribute] -> IO [ObjectHandle] Source #
Reading object attributes
getTokenFlag :: Session -> ObjectHandle -> IO Bool Source #
getPrivateFlag :: Session -> ObjectHandle -> IO Bool Source #
getSensitiveFlag :: Session -> ObjectHandle -> IO Bool Source #
getEncryptFlag :: Session -> ObjectHandle -> IO Bool Source #
getDecryptFlag :: Session -> ObjectHandle -> IO Bool Source #
getWrapFlag :: Session -> ObjectHandle -> IO Bool Source #
getUnwrapFlag :: Session -> ObjectHandle -> IO Bool Source #
getSignFlag :: Session -> ObjectHandle -> IO Bool Source #
getModulus :: Session -> ObjectHandle -> IO Integer Source #
getPublicExponent :: Session -> ObjectHandle -> IO Integer Source #
Writing attributes
setAttributes :: Session -> ObjectHandle -> [Attribute] -> IO () Source #
Key generation
generateKey :: Session -> Mech -> [Attribute] -> IO ObjectHandle Source #
generateKeyPair :: Session -> Mech -> [Attribute] -> [Attribute] -> IO (ObjectHandle, ObjectHandle) Source #
deriveKey :: Session -> Mech -> ObjectHandle -> [Attribute] -> IO ObjectHandle Source #
Key wrapping/unwrapping
wrapKey :: Mech -> Session -> ObjectHandle -> ObjectHandle -> CULong -> IO ByteString Source #
unwrapKey :: Mech -> Session -> ObjectHandle -> ByteString -> [Attribute] -> IO ObjectHandle Source #
Encryption/decryption
decryptInit :: Mech -> Session -> ObjectHandle -> IO () Source #
decrypt :: Session -> ByteString -> CULong -> IO ByteString Source #
encryptInit :: Mech -> Session -> ObjectHandle -> IO () Source #
encrypt :: Session -> ByteString -> CULong -> IO ByteString Source #
encryptUpdate :: Session -> ByteString -> CULong -> IO ByteString Source #
encryptFinal :: Session -> CULong -> IO ByteString Source #
Digest
digestInit :: Mech -> Session -> IO () Source #
digest :: Session -> ByteString -> CULong -> IO ByteString Source #
Signing
sign :: Session -> ByteString -> CULong -> IO ByteString Source #
signRecoverInit :: Mech -> Session -> ObjectHandle -> IO () Source #
signRecover :: Session -> ByteString -> CULong -> IO ByteString Source #
verifyInit :: Session -> Mech -> ObjectHandle -> IO () Source #
verify :: Session -> ByteString -> ByteString -> IO Bool Source #
Random
seedRandom :: Session -> ByteString -> IO () Source #
generateRandom :: Session -> CULong -> IO ByteString Source #
Misc
versionMajor :: Version -> Int Source #
versionMinor :: Version -> Int Source #