Struct scratchstack_wrapper_aws_c_io::aws_tls_ctx_pkcs11_options

source · 
#[repr(C)]
pub struct aws_tls_ctx_pkcs11_options {
    pub pkcs11_lib: *mut aws_pkcs11_lib,
    pub user_pin: aws_byte_cursor,
    pub slot_id: *const u64,
    pub token_label: aws_byte_cursor,
    pub private_key_object_label: aws_byte_cursor,
    pub cert_file_path: aws_byte_cursor,
    pub cert_file_contents: aws_byte_cursor,
}
Expand description

This struct exists as a graceful way to pass many arguments when calling init-with-pkcs11 functions on aws_tls_ctx_options (this also makes it easy to introduce optional arguments in the future). Instances of this struct should only exist briefly on the stack.

Instructions for binding this to high-level languages:

  • Python: The members of this struct should be the keyword args to the init-with-pkcs11 functions.
  • JavaScript: This should be an options map passed to init-with-pkcs11 functions.
  • Java: This should be an options class passed to init-with-pkcs11 functions.
  • C++: Same as Java

Notes on integer types: PKCS#11 uses unsigned long for IDs, handles, etc but we expose them as uint64_t in public APIs. We do this because sizeof(long) is inconsistent across platform/arch/language (ex: always 64bit in Java, always 32bit in C on Windows, matches CPU in C on Linux and Apple). By using uint64_t in our public API, we can keep the careful bounds-checking all in one place, instead of expecting each high-level language binding to get it just right.

Fields

pkcs11_lib: *mut aws_pkcs11_lib

The PKCS#11 library to use. This field is required.

user_pin: aws_byte_cursor

User PIN, for logging into the PKCS#11 token (UTF-8). Zero out to log into a token with a “protected authentication path”.

slot_id: *const u64

ID of slot containing PKCS#11 token. If set to NULL, the token will be chosen based on other criteria (such as token label).

token_label: aws_byte_cursor

Label of PKCS#11 token to use. If zeroed out, the token will be chosen based on other criteria (such as slot ID).

private_key_object_label: aws_byte_cursor

Label of private key object on PKCS#11 token (UTF-8). If zeroed out, the private key will be chosen based on other criteria (such as being the only available private key on the token).

cert_file_path: aws_byte_cursor

Certificate’s file path on disk (UTF-8). The certificate must be PEM formatted and UTF-8 encoded. Zero out if passing in certificate by some other means (such as file contents).

cert_file_contents: aws_byte_cursor

Certificate’s file contents (UTF-8). The certificate must be PEM formatted and UTF-8 encoded. Zero out if passing in certificate by some other means (such as file path).

Trait Implementations

Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
Formats the value using the given formatter. Read more
Returns the “default value” for a type. Read more
This method tests for self and other values to be equal, and is used by ==. Read more
This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.