diff options
Diffstat (limited to 'security/nss/lib/util/pkcs11n.h')
-rw-r--r-- | security/nss/lib/util/pkcs11n.h | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/security/nss/lib/util/pkcs11n.h b/security/nss/lib/util/pkcs11n.h index 399d656a8..7fbfb780c 100644 --- a/security/nss/lib/util/pkcs11n.h +++ b/security/nss/lib/util/pkcs11n.h @@ -94,6 +94,8 @@ #define CKA_NSS_JPAKE_X2S (CKA_NSS + 33) #define CKA_NSS_MOZILLA_CA_POLICY (CKA_NSS + 34) +#define CKA_NSS_SERVER_DISTRUST_AFTER (CKA_NSS + 35) +#define CKA_NSS_EMAIL_DISTRUST_AFTER (CKA_NSS + 36) /* * Trust attributes: @@ -230,6 +232,16 @@ #define CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN (CKM_NSS + 31) #define CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN (CKM_NSS + 32) +#define CKM_NSS_CHACHA20_CTR (CKM_NSS + 33) + +/* IKE mechanism (to be proposed to PKCS #11 */ +#define CKM_NSS_IKE_PRF_PLUS_DERIVE (CKM_NSS + 34) +#define CKM_NSS_IKE_PRF_DERIVE (CKM_NSS + 35) +#define CKM_NSS_IKE1_PRF_DERIVE (CKM_NSS + 36) +#define CKM_NSS_IKE1_APP_B_PRF_DERIVE (CKM_NSS + 37) + +#define CKM_NSS_PUB_FROM_PRIV (CKM_NSS + 40) + /* * HISTORICAL: * Do not attempt to use these. They are only used by NETSCAPE's internal @@ -342,6 +354,72 @@ typedef struct CK_NSS_HKDFParams { } CK_NSS_HKDFParams; /* + * CK_NSS_IKE_PRF_PLUS_PARAMS is a structure that provides the parameters to + * the CKM_NSS_IKE_PRF_PLUS_DERIVE mechanism. + * The fields of the structure have the following meanings: + * prfMechanism underlying MAC mechanism used to generate the prf. + * bHasSeedKey hSeed key is present. + * hSeedKey optional seed from key + * pSeedData optional seed from data. + * ulSeedDataLen length of optional seed data. + * If no seed data is present this value is NULL. + */ +typedef struct CK_NSS_IKE_PRF_PLUS_DERIVE_PARAMS { + CK_MECHANISM_TYPE prfMechanism; + CK_BBOOL bHasSeedKey; + CK_OBJECT_HANDLE hSeedKey; + CK_BYTE_PTR pSeedData; + CK_ULONG ulSeedDataLen; +} CK_NSS_IKE_PRF_PLUS_DERIVE_PARAMS; + +/* CK_NSS_IKE_PRF_DERIVE_PARAMS is a structure that provides the parameters to + * the CKM_NSS_IKE_PRF_DERIVE mechanism. + * + * The fields of the structure have the following meanings: + * prfMechanism underlying MAC mechanism used to generate the prf. + * bRekey hNewKey is present. + * pNi Ni value + * ulNiLen length of Ni + * pNr Nr value + * ulNrLen length of Nr + * hNewKey New key value to drive the rekey. + */ +typedef struct CK_NSS_IKE_PRF_DERIVE_PARAMS { + CK_MECHANISM_TYPE prfMechanism; + CK_BBOOL bDataAsKey; + CK_BBOOL bRekey; + CK_BYTE_PTR pNi; + CK_ULONG ulNiLen; + CK_BYTE_PTR pNr; + CK_ULONG ulNrLen; + CK_OBJECT_HANDLE hNewKey; +} CK_NSS_IKE_PRF_DERIVE_PARAMS; + +/* CK_NSS_IKE1_PRF_DERIVE_PARAMS is a structure that provides the parameters + * to the CKM_NSS_IKE_PRF_DERIVE mechanism. + * + * The fields of the structure have the following meanings: + * prfMechanism underlying MAC mechanism used to generate the prf. + * bRekey hNewKey is present. + * pCKYi CKYi value + * ulCKYiLen length of CKYi + * pCKYr CKYr value + * ulCKYrLen length of CKYr + * hNewKey New key value to drive the rekey. + */ +typedef struct CK_NSS_IKE1_PRF_DERIVE_PARAMS { + CK_MECHANISM_TYPE prfMechanism; + CK_BBOOL bHasPrevKey; + CK_OBJECT_HANDLE hKeygxy; + CK_OBJECT_HANDLE hPrevKey; + CK_BYTE_PTR pCKYi; + CK_ULONG ulCKYiLen; + CK_BYTE_PTR pCKYr; + CK_ULONG ulCKYrLen; + CK_BYTE keyNumber; +} CK_NSS_IKE1_PRF_DERIVE_PARAMS; + +/* * Parameter for the TLS extended master secret key derivation mechanisms: * * * CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE |