1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
/*
* Copyright (c) 2012 Red Hat Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* * Redistributions of source code must retain the above
* copyright notice, this list of conditions and the
* following disclaimer.
* * Redistributions in binary form must reproduce the
* above copyright notice, this list of conditions and
* the following disclaimer in the documentation and/or
* other materials provided with the distribution.
* * The names of contributors to this software may not be
* used to endorse or promote products derived from this
* software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
* THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
* DAMAGE.
*
* Author: Stef Walter <stefw@redhat.com>
*/
#ifndef PKCS11_X_H_
#define PKCS11_X_H_ 1
#if defined(__cplusplus)
extern "C" {
#endif
/* -------------------------------------------------------------------
* NSS TRUST OBJECTS
*
* And related, non-standard
*/
/* Define this if you want the NSS specific symbols */
#define CRYPTOKI_NSS_VENDOR_DEFINED 1
#ifdef CRYPTOKI_NSS_VENDOR_DEFINED
/* Various NSS objects */
#define CKO_NETSCAPE_CRL 0xce534351UL
#define CKO_NETSCAPE_SMIME 0xce534352UL
#define CKO_NETSCAPE_TRUST 0xce534353UL
#define CKO_NETSCAPE_BUILTIN_ROOT_LIST 0xce534354UL
#define CKO_NETSCAPE_NEWSLOT 0xce534355UL
#define CKO_NETSCAPE_DELSLOT 0xce534356UL
/* Various NSS key types */
#define CKK_NETSCAPE_PKCS8 0xce534351UL
/* Various NSS attributes */
#define CKA_NETSCAPE_URL 0xce534351UL
#define CKA_NETSCAPE_EMAIL 0xce534352UL
#define CKA_NETSCAPE_SMIME_INFO 0xce534353UL
#define CKA_NETSCAPE_SMIME_TIMESTAMP 0xce534354UL
#define CKA_NETSCAPE_PKCS8_SALT 0xce534355UL
#define CKA_NETSCAPE_PASSWORD_CHECK 0xce534356UL
#define CKA_NETSCAPE_EXPIRES 0xce534357UL
#define CKA_NETSCAPE_KRL 0xce534358UL
#define CKA_NETSCAPE_PQG_COUNTER 0xce534364UL
#define CKA_NETSCAPE_PQG_SEED 0xce534365UL
#define CKA_NETSCAPE_PQG_H 0xce534366UL
#define CKA_NETSCAPE_PQG_SEED_BITS 0xce534367UL
#define CKA_NETSCAPE_MODULE_SPEC 0xce534368UL
/* NSS trust attributes */
#define CKA_TRUST_DIGITAL_SIGNATURE 0xce536351UL
#define CKA_TRUST_NON_REPUDIATION 0xce536352UL
#define CKA_TRUST_KEY_ENCIPHERMENT 0xce536353UL
#define CKA_TRUST_DATA_ENCIPHERMENT 0xce536354UL
#define CKA_TRUST_KEY_AGREEMENT 0xce536355UL
#define CKA_TRUST_KEY_CERT_SIGN 0xce536356UL
#define CKA_TRUST_CRL_SIGN 0xce536357UL
#define CKA_TRUST_SERVER_AUTH 0xce536358UL
#define CKA_TRUST_CLIENT_AUTH 0xce536359UL
#define CKA_TRUST_CODE_SIGNING 0xce53635aUL
#define CKA_TRUST_EMAIL_PROTECTION 0xce53635bUL
#define CKA_TRUST_IPSEC_END_SYSTEM 0xce53635cUL
#define CKA_TRUST_IPSEC_TUNNEL 0xce53635dUL
#define CKA_TRUST_IPSEC_USER 0xce53635eUL
#define CKA_TRUST_TIME_STAMPING 0xce53635fUL
#define CKA_TRUST_STEP_UP_APPROVED 0xce536360UL
#define CKA_CERT_SHA1_HASH 0xce5363b4UL
#define CKA_CERT_MD5_HASH 0xce5363b5UL
/* NSS trust values */
typedef CK_ULONG CK_TRUST;
#define CKT_NETSCAPE_TRUSTED 0xce534351UL
#define CKT_NETSCAPE_TRUSTED_DELEGATOR 0xce534352UL
#define CKT_NETSCAPE_UNTRUSTED 0xce534353UL
#define CKT_NETSCAPE_MUST_VERIFY 0xce534354UL
#define CKT_NETSCAPE_TRUST_UNKNOWN 0xce534355UL
/* NSS specific mechanisms */
#define CKM_NETSCAPE_AES_KEY_WRAP 0xce534351UL
#define CKM_NETSCAPE_AES_KEY_WRAP_PAD 0xce534352UL
/* NSS specific return values */
#define CKR_NETSCAPE_CERTDB_FAILED 0xce534351UL
#define CKR_NETSCAPE_KEYDB_FAILED 0xce534352UL
#endif /* CRYPTOKI_NSS_VENDOR_DEFINED */
/* Define this if you want the vendor specific symbols */
#define CRYPTOKI_X_VENDOR_DEFINED 1
#ifdef CRYPTOKI_X_VENDOR_DEFINED
#define CKA_X_VENDOR (CKA_VENDOR_DEFINED | 0x58444700UL)
#define CKO_X_VENDOR (CKA_VENDOR_DEFINED | 0x58444700UL)
/* -------------------------------------------------------------------
* TRUST ASSERTIONS
*
* These are retired and should not be used in new code
*/
#define CKO_X_TRUST_ASSERTION (CKO_X_VENDOR + 100)
#define CKA_X_ASSERTION_TYPE (CKA_X_VENDOR + 1)
#define CKA_X_CERTIFICATE_VALUE (CKA_X_VENDOR + 2)
#define CKA_X_PURPOSE (CKA_X_VENDOR + 3)
#define CKA_X_PEER (CKA_X_VENDOR + 4)
typedef CK_ULONG CK_X_ASSERTION_TYPE;
#define CKT_X_DISTRUSTED_CERTIFICATE 1UL
#define CKT_X_PINNED_CERTIFICATE 2UL
#define CKT_X_ANCHORED_CERTIFICATE 3UL
/* -------------------------------------------------------------------
* STAPLED CERTIFICATES
*
* Not yet final
*/
#define CKO_X_CERTIFICATE_EXTENSION (CKO_X_VENDOR + 200)
#define CKA_X_DISTRUSTED (CKA_X_VENDOR + 100)
#define CKA_X_CRITICAL (CKA_X_VENDOR + 101)
#endif /* CRYPTOKI_X_VENDOR_DEFINED */
#if defined(__cplusplus)
}
#endif
#endif /* PKCS11_X_H_ */
|
