List of configuration macros for the corePKCS11 library along with their default values. More...
Go to the source code of this file.
Macros | |
#define | pkcs11configPKCS11_MALLOC malloc |
Definitions mapping deprecated configuration macro names to their current equivalent configurations for backwards compatibility of API. | |
#define | pkcs11configPKCS11_FREE free |
Free API used by iot_pkcs11.h. | |
#define | pkcs11configPKCS11_DEFAULT_USER_PIN "0000" |
PKCS #11 default user PIN. | |
#define | pkcs11configMAX_LABEL_LENGTH 32 |
Maximum length (in characters) for a PKCS #11 CKA_LABEL attribute. | |
#define | pkcs11configMAX_NUM_OBJECTS 6 |
Maximum number of token objects that can be stored by the PKCS #11 module. | |
#define | pkcs11configMAX_SESSIONS 10 |
Maximum number of sessions that can be stored by the PKCS #11 module. | |
#define | pkcs11configPAL_DESTROY_SUPPORTED 0 |
Set to 1 if a PAL destroy object is implemented. | |
#define | pkcs11configOTA_SUPPORTED 0 |
Set to 1 if OTA image verification via PKCS #11 module is supported. | |
#define | pkcs11configJITP_CODEVERIFY_ROOT_CERT_SUPPORTED 0 |
Set to 1 if PAL supports storage for JITP certificate, code verify certificate, and trusted server root certificate. | |
#define | pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS "Device Priv TLS Key" |
The PKCS #11 label for device private key. | |
#define | pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS "Device Pub TLS Key" |
The PKCS #11 label for device public key. | |
#define | pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS "Device Cert" |
The PKCS #11 label for the device certificate. | |
#define | pkcs11configLABEL_ROOT_CERTIFICATE "Root Cert" |
The PKCS #11 label for the AWS Trusted Root Certificate. | |
#define | pkcs11configLABEL_HMAC_KEY "HMAC Key" |
The PKCS #11 label for the object to be used for HMAC operations. | |
#define | pkcs11configLABEL_CMAC_KEY "CMAC Key" |
The PKCS #11 label for the object to be used for CMAC operations. | |
#define | pkcs11configLABEL_CODE_VERIFICATION_KEY "Code Verify Key" |
The PKCS #11 label for the object to be used for code verification. | |
#define | pkcs11configLABEL_JITP_CERTIFICATE "JITP Cert" |
The PKCS #11 label for AWS IoT Just-In-Time-Provisioning. | |
#define | pkcs11configLABEL_CLAIM_CERTIFICATE "Claim Cert" |
The PKCS #11 label for AWS IoT Fleet Provisioning claim certificate. | |
#define | pkcs11configLABEL_CLAIM_PRIVATE_KEY "Claim Key" |
The PKCS #11 label for AWS IoT Fleet Provisioning claim private key. | |
#define | LogError(message) |
Macro that is called in the corePKCS11 library for logging "Error" level messages. | |
#define | LogWarn(message) |
Macro that is called in the corePKCS11 library for logging "Warning" level messages. | |
#define | LogInfo(message) |
Macro that is called in the corePKCS11 library for logging "Info" level messages. | |
#define | LogDebug(message) |
Macro that is called in the corePKCS11 library for logging "Debug" level messages. | |
List of configuration macros for the corePKCS11 library along with their default values.
#define pkcs11configPKCS11_MALLOC malloc |
Definitions mapping deprecated configuration macro names to their current equivalent configurations for backwards compatibility of API.
Malloc API used by iot_pkcs11.h
Possible values: Any platform-specific function for allocating memory.
Default value: The standard C "malloc"
function
#define pkcs11configPKCS11_FREE free |
Free API used by iot_pkcs11.h.
Possible values: Any platform-specific function for freeing memory.
Default value: The standard C "free"
function
#define pkcs11configPKCS11_DEFAULT_USER_PIN "0000" |
PKCS #11 default user PIN.
The PKCS #11 standard specifies the presence of a user PIN. That feature is sensible for applications that have an interactive user interface and memory protections. However, since typical microcontroller applications lack one or both of those, the user PIN is assumed to be used herein for interoperability purposes only, and not as a security feature.
Possible values: Any four digit code
Default value: "0000"
#define pkcs11configMAX_LABEL_LENGTH 32 |
Maximum length (in characters) for a PKCS #11 CKA_LABEL attribute.
Possible values: Any positive integer.
Default value: 32
#define pkcs11configMAX_NUM_OBJECTS 6 |
Maximum number of token objects that can be stored by the PKCS #11 module.
Possible values: Any positive integer.
Default value: 6
#define pkcs11configMAX_SESSIONS 10 |
Maximum number of sessions that can be stored by the PKCS #11 module.
Possible values: Any positive integer.
Default value: 10
#define pkcs11configPAL_DESTROY_SUPPORTED 0 |
Set to 1 if a PAL destroy object is implemented.
If set to 0, no PAL destroy object is implemented, and this functionality is implemented in the common PKCS #11 layer.
Possible values: 0
or 1
Default value: 0
#define pkcs11configOTA_SUPPORTED 0 |
Set to 1 if OTA image verification via PKCS #11 module is supported.
If set to 0, OTA code signing certificate is built in via aws_ota_codesigner_certificate.h.
Possible values: 0
or 1
Default value: 0
#define pkcs11configJITP_CODEVERIFY_ROOT_CERT_SUPPORTED 0 |
Set to 1 if PAL supports storage for JITP certificate, code verify certificate, and trusted server root certificate.
If set to 0, PAL does not support storage mechanism for these, and they are accessed via headers compiled into the code.
Possible values: 0
or 1
Default value: 0
#define pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS "Device Priv TLS Key" |
The PKCS #11 label for device private key.
Private key for connection to AWS IoT endpoint. The corresponding public key should be registered with the AWS IoT endpoint.
Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value: Device Priv TLS Key
#define pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS "Device Pub TLS Key" |
The PKCS #11 label for device public key.
The public key corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS.
Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value: Device Pub TLS Key
#define pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS "Device Cert" |
The PKCS #11 label for the device certificate.
Device certificate corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS.
Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value: Device Cert
#define pkcs11configLABEL_ROOT_CERTIFICATE "Root Cert" |
The PKCS #11 label for the AWS Trusted Root Certificate.
Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value: Root Cert
#define pkcs11configLABEL_HMAC_KEY "HMAC Key" |
The PKCS #11 label for the object to be used for HMAC operations.
Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value: HMAC Key
#define pkcs11configLABEL_CMAC_KEY "CMAC Key" |
The PKCS #11 label for the object to be used for CMAC operations.
Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value: CMAC Key
#define pkcs11configLABEL_CODE_VERIFICATION_KEY "Code Verify Key" |
The PKCS #11 label for the object to be used for code verification.
Used by AWS IoT Over-the-Air Update (OTA) code to verify an incoming signed image.
Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value: Code Verify Key
#define pkcs11configLABEL_JITP_CERTIFICATE "JITP Cert" |
The PKCS #11 label for AWS IoT Just-In-Time-Provisioning.
The certificate corresponding to the issuer of the device certificate (pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS) when using the JITR or JITP flow.
Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value: Code Verify Key
#define pkcs11configLABEL_CLAIM_CERTIFICATE "Claim Cert" |
The PKCS #11 label for AWS IoT Fleet Provisioning claim certificate.
This label is used for the provisioning claim certificate. The provisioning claim certificate is used to connect to AWS IoT Core for provisioning a client device using "Provisioning by Claim" workflow of the Fleet Provisioning Service.
Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value: Claim Cert
#define pkcs11configLABEL_CLAIM_PRIVATE_KEY "Claim Key" |
The PKCS #11 label for AWS IoT Fleet Provisioning claim private key.
This label is used for the provisioning claim private key. The provisioning claim private key corresponds to the provisioning claim certificate and is used to to connect to AWS IoT Core for provisioning a client device using "Provisioning by Claim" workflow of the Fleet Provisioning Service.
Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value: Claim Key
#define LogError | ( | message | ) |
Macro that is called in the corePKCS11 library for logging "Error" level messages.
To enable error level logging in the corePKCS11 library, this macro should be mapped to the application-specific logging implementation that supports error logging.
Default value: Error logging is turned off, and no code is generated for calls to the macro in the corePKCS11 library on compilation.
#define LogWarn | ( | message | ) |
Macro that is called in the corePKCS11 library for logging "Warning" level messages.
To enable warning level logging in the corePKCS11 library, this macro should be mapped to the application-specific logging implementation that supports warning logging.
Default value: Warning logs are turned off, and no code is generated for calls to the macro in the corePKCS11 library on compilation.
#define LogInfo | ( | message | ) |
Macro that is called in the corePKCS11 library for logging "Info" level messages.
To enable info level logging in the corePKCS11 library, this macro should be mapped to the application-specific logging implementation that supports info logging.
Default value: Info logging is turned off, and no code is generated for calls to the macro in the corePKCS11 library on compilation.
#define LogDebug | ( | message | ) |
Macro that is called in the corePKCS11 library for logging "Debug" level messages.
To enable debug level logging from corePKCS11 library, this macro should be mapped to the application-specific logging implementation that supports debug logging.
Default value: Debug logging is turned off, and no code is generated for calls to the macro in the corePKCS11 library on compilation.