1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
/*
* Copyright (c) 2012 Red Hat Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* * Redistributions of source code must retain the above
* copyright notice, this list of conditions and the
* following disclaimer.
* * Redistributions in binary form must reproduce the
* above copyright notice, this list of conditions and
* the following disclaimer in the documentation and/or
* other materials provided with the distribution.
* * The names of contributors to this software may not be
* used to endorse or promote products derived from this
* software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
* THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
* DAMAGE.
*
* Author: Stef Walter <stefw@redhat.com>
*/
#ifndef PKCS11_X_H_
#define PKCS11_X_H_ 1
#if defined(__cplusplus)
extern "C" {
#endif
/* -------------------------------------------------------------------
* NSS TRUST OBJECTS
*
* And related, non-standard
*/
/* Define this if you want the NSS specific symbols */
#define CRYPTOKI_NSS_VENDOR_DEFINED 1
#ifdef CRYPTOKI_NSS_VENDOR_DEFINED
/* Various NSS objects */
#define CKO_NSS_CRL 0xce534351UL
#define CKO_NSS_SMIME 0xce534352UL
#define CKO_NSS_TRUST 0xce534353UL
#define CKO_NSS_BUILTIN_ROOT_LIST 0xce534354UL
#define CKO_NSS_NEWSLOT 0xce534355UL
#define CKO_NSS_DELSLOT 0xce534356UL
/* Various NSS key types */
#define CKK_NSS_PKCS8 0xce534351UL
/* Various NSS attributes */
#define CKA_NSS_URL 0xce534351UL
#define CKA_NSS_EMAIL 0xce534352UL
#define CKA_NSS_SMIME_INFO 0xce534353UL
#define CKA_NSS_SMIME_TIMESTAMP 0xce534354UL
#define CKA_NSS_PKCS8_SALT 0xce534355UL
#define CKA_NSS_PASSWORD_CHECK 0xce534356UL
#define CKA_NSS_EXPIRES 0xce534357UL
#define CKA_NSS_KRL 0xce534358UL
#define CKA_NSS_PQG_COUNTER 0xce534364UL
#define CKA_NSS_PQG_SEED 0xce534365UL
#define CKA_NSS_PQG_H 0xce534366UL
#define CKA_NSS_PQG_SEED_BITS 0xce534367UL
#define CKA_NSS_MODULE_SPEC 0xce534368UL
/* NSS trust attributes */
#define CKA_TRUST_DIGITAL_SIGNATURE 0xce536351UL
#define CKA_TRUST_NON_REPUDIATION 0xce536352UL
#define CKA_TRUST_KEY_ENCIPHERMENT 0xce536353UL
#define CKA_TRUST_DATA_ENCIPHERMENT 0xce536354UL
#define CKA_TRUST_KEY_AGREEMENT 0xce536355UL
#define CKA_TRUST_KEY_CERT_SIGN 0xce536356UL
#define CKA_TRUST_CRL_SIGN 0xce536357UL
#define CKA_TRUST_SERVER_AUTH 0xce536358UL
#define CKA_TRUST_CLIENT_AUTH 0xce536359UL
#define CKA_TRUST_CODE_SIGNING 0xce53635aUL
#define CKA_TRUST_EMAIL_PROTECTION 0xce53635bUL
#define CKA_TRUST_IPSEC_END_SYSTEM 0xce53635cUL
#define CKA_TRUST_IPSEC_TUNNEL 0xce53635dUL
#define CKA_TRUST_IPSEC_USER 0xce53635eUL
#define CKA_TRUST_TIME_STAMPING 0xce53635fUL
#define CKA_TRUST_STEP_UP_APPROVED 0xce536360UL
#define CKA_CERT_SHA1_HASH 0xce5363b4UL
#define CKA_CERT_MD5_HASH 0xce5363b5UL
/* NSS trust values */
typedef CK_ULONG CK_TRUST;
#define CKT_NSS_TRUSTED 0xce534351UL
#define CKT_NSS_TRUSTED_DELEGATOR 0xce534352UL
#define CKT_NSS_MUST_VERIFY_TRUST 0xce534353UL
#define CKT_NSS_NOT_TRUSTED 0xce53435AUL
#define CKT_NSS_TRUST_UNKNOWN 0xce534355UL
#define CKT_NSS_VALID_DELEGATOR 0xce53435BUL
/* NSS specific mechanisms */
#define CKM_NSS_AES_KEY_WRAP 0xce534351UL
#define CKM_NSS_AES_KEY_WRAP_PAD 0xce534352UL
/* NSS specific return values */
#define CKR_NSS_CERTDB_FAILED 0xce534351UL
#define CKR_NSS_KEYDB_FAILED 0xce534352UL
#endif /* CRYPTOKI_NSS_VENDOR_DEFINED */
/* Define this if you want the vendor specific symbols */
#define CRYPTOKI_X_VENDOR_DEFINED 1
#ifdef CRYPTOKI_X_VENDOR_DEFINED
#define CKA_X_VENDOR (CKA_VENDOR_DEFINED | 0x58444700UL)
#define CKO_X_VENDOR (CKA_VENDOR_DEFINED | 0x58444700UL)
/* -------------------------------------------------------------------
* BLACKLISTS
*/
#define CKA_X_DISTRUSTED (CKA_X_VENDOR + 100)
/* -------------------------------------------------------------------
* CERTIFICATE EXTENSIONS
*
* For attaching certificate extensions to certificates
*/
#define CKO_X_CERTIFICATE_EXTENSION (CKO_X_VENDOR + 200)
/* From the 2.40 draft */
#ifndef CKA_PUBLIC_KEY_INFO
#define CKA_PUBLIC_KEY_INFO 0x00000129UL
#endif
#endif /* CRYPTOKI_X_VENDOR_DEFINED */
#if defined(__cplusplus)
}
#endif
#endif /* PKCS11_X_H_ */
|
