C API for BALTECH SDK
pki.h
Go to the documentation of this file.
1 
11 #ifndef __BRP_BALTECH_API_CMDS_PKI_H__
12 #define __BRP_BALTECH_API_CMDS_PKI_H__
13 #include "../typedefs.h"
17 #define BRP_Pki_ErrCrypto BRP_ERR_STATUS(0x0900, 0x01)
18 
21 #define BRP_Pki_ErrTunnel BRP_ERR_STATUS(0x0900, 0x02)
22 
25 #define BRP_Pki_ErrCert BRP_ERR_STATUS(0x0900, 0x03)
26 
29 #define BRP_Pki_ErrSeqctr BRP_ERR_STATUS(0x0900, 0x04)
30 
33 #define BRP_Pki_ErrSeclevelUnsupported BRP_ERR_STATUS(0x0900, 0x05)
34 
37 #define BRP_Pki_ErrSessionTimeout BRP_ERR_STATUS(0x0900, 0x06)
38 
76 brp_errcode brp_Pki_PfsGenKey(brp_protocol protocol, brp_buf TmpHostPubKey, size_t TmpHostPubKey_len, brp_buf* TmpRdrPubKey, size_t* TmpRdrPubKey_len, brp_mempool *mempool);
109 brp_errcode brp_Pki_PfsAuthHostCert(brp_protocol protocol, brp_buf EncryptedPayload, size_t EncryptedPayload_len);
127 brp_errcode brp_Pki_PfsAuthRdrCert(brp_protocol protocol, brp_buf* EncryptedResponse, size_t* EncryptedResponse_len, brp_mempool *mempool);
154 brp_errcode brp_Pki_Tunnel2(brp_protocol protocol, unsigned SequenceCounter, brp_buf CmdHMAC, brp_buf EncryptedCmd, size_t EncryptedCmd_len, brp_buf* RspHMAC, brp_buf* EncryptedRsp, size_t* EncryptedRsp_len, brp_mempool *mempool);
167 brp_errcode brp_Pki_GetX509Csr(brp_protocol protocol, brp_buf* Csr, size_t* Csr_len, brp_mempool *mempool);
215 brp_errcode brp_Pki_StoreX509Cert(brp_protocol protocol, unsigned SecLevel, brp_buf Cert, size_t Cert_len);
266 brp_errcode brp_Pki_StoreX509RootCert(brp_protocol protocol, unsigned SecLevel, brp_buf Cert, size_t Cert_len);
267 #endif
268 
brp_Pki_Tunnel2
brp_errcode brp_Pki_Tunnel2(brp_protocol protocol, unsigned SequenceCounter, brp_buf CmdHMAC, brp_buf EncryptedCmd, size_t EncryptedCmd_len, brp_buf *RspHMAC, brp_buf *EncryptedRsp, size_t *EncryptedRsp_len, brp_mempool *mempool)
Runs a command in the Security Level authenticated by the brp_Pki_PfsGenKey(), brp_Pki_PfsAuthHostCer...
brp_errcode
unsigned int brp_errcode
This type is used library-wide for passing error codes in the return value of functions.
Definition: errorcodes.h:23
brp_protocol
struct brp_protocol_t * brp_protocol
This is a generic handle of a protocol.
Definition: protocol.h:34
brp_mempool
struct brp_mempool_object_t * brp_mempool
mempool handle.
Definition: mempool.h:27
brp_Pki_GetX509Csr
brp_errcode brp_Pki_GetX509Csr(brp_protocol protocol, brp_buf *Csr, size_t *Csr_len, brp_mempool *mempool)
Every reader is shipped with a unique ECC P-256 key, generated at the time of manufacturing.
brp_Pki_PfsAuthHostCert
brp_errcode brp_Pki_PfsAuthHostCert(brp_protocol protocol, brp_buf EncryptedPayload, size_t EncryptedPayload_len)
This command authenticates the host's certificate chain to the reader.
brp_Pki_PfsAuthRdrCert
brp_errcode brp_Pki_PfsAuthRdrCert(brp_protocol protocol, brp_buf *EncryptedResponse, size_t *EncryptedResponse_len, brp_mempool *mempool)
After successfully authenticating the host against the reader using the brp_Pki_PfsAuthHostCert() com...
brp_Pki_PfsGenKey
brp_errcode brp_Pki_PfsGenKey(brp_protocol protocol, brp_buf TmpHostPubKey, size_t TmpHostPubKey_len, brp_buf *TmpRdrPubKey, size_t *TmpRdrPubKey_len, brp_mempool *mempool)
This command prepares a perfect forward secrecy (PFS) session by exchanging the public part of tempor...
brp_Pki_StoreX509Cert
brp_errcode brp_Pki_StoreX509Cert(brp_protocol protocol, unsigned SecLevel, brp_buf Cert, size_t Cert_len)
After signing a CSR using the brp_Pki_GetX509Csr() command, run this command to store the resulting i...
brp_buf
unsigned char * brp_buf
represents a pointer to a protocol data buffer.
Definition: common.h:61
brp_Pki_StoreX509RootCert
brp_errcode brp_Pki_StoreX509RootCert(brp_protocol protocol, unsigned SecLevel, brp_buf Cert, size_t Cert_len)
Every security level that should be usable with the PKI must be provided with a root certificate...