summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/util/pkcs11n.h
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/util/pkcs11n.h')
-rw-r--r--security/nss/lib/util/pkcs11n.h78
1 files changed, 78 insertions, 0 deletions
diff --git a/security/nss/lib/util/pkcs11n.h b/security/nss/lib/util/pkcs11n.h
index 399d656a8..7fbfb780c 100644
--- a/security/nss/lib/util/pkcs11n.h
+++ b/security/nss/lib/util/pkcs11n.h
@@ -94,6 +94,8 @@
#define CKA_NSS_JPAKE_X2S (CKA_NSS + 33)
#define CKA_NSS_MOZILLA_CA_POLICY (CKA_NSS + 34)
+#define CKA_NSS_SERVER_DISTRUST_AFTER (CKA_NSS + 35)
+#define CKA_NSS_EMAIL_DISTRUST_AFTER (CKA_NSS + 36)
/*
* Trust attributes:
@@ -230,6 +232,16 @@
#define CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN (CKM_NSS + 31)
#define CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN (CKM_NSS + 32)
+#define CKM_NSS_CHACHA20_CTR (CKM_NSS + 33)
+
+/* IKE mechanism (to be proposed to PKCS #11 */
+#define CKM_NSS_IKE_PRF_PLUS_DERIVE (CKM_NSS + 34)
+#define CKM_NSS_IKE_PRF_DERIVE (CKM_NSS + 35)
+#define CKM_NSS_IKE1_PRF_DERIVE (CKM_NSS + 36)
+#define CKM_NSS_IKE1_APP_B_PRF_DERIVE (CKM_NSS + 37)
+
+#define CKM_NSS_PUB_FROM_PRIV (CKM_NSS + 40)
+
/*
* HISTORICAL:
* Do not attempt to use these. They are only used by NETSCAPE's internal
@@ -342,6 +354,72 @@ typedef struct CK_NSS_HKDFParams {
} CK_NSS_HKDFParams;
/*
+ * CK_NSS_IKE_PRF_PLUS_PARAMS is a structure that provides the parameters to
+ * the CKM_NSS_IKE_PRF_PLUS_DERIVE mechanism.
+ * The fields of the structure have the following meanings:
+ * prfMechanism underlying MAC mechanism used to generate the prf.
+ * bHasSeedKey hSeed key is present.
+ * hSeedKey optional seed from key
+ * pSeedData optional seed from data.
+ * ulSeedDataLen length of optional seed data.
+ * If no seed data is present this value is NULL.
+ */
+typedef struct CK_NSS_IKE_PRF_PLUS_DERIVE_PARAMS {
+ CK_MECHANISM_TYPE prfMechanism;
+ CK_BBOOL bHasSeedKey;
+ CK_OBJECT_HANDLE hSeedKey;
+ CK_BYTE_PTR pSeedData;
+ CK_ULONG ulSeedDataLen;
+} CK_NSS_IKE_PRF_PLUS_DERIVE_PARAMS;
+
+/* CK_NSS_IKE_PRF_DERIVE_PARAMS is a structure that provides the parameters to
+ * the CKM_NSS_IKE_PRF_DERIVE mechanism.
+ *
+ * The fields of the structure have the following meanings:
+ * prfMechanism underlying MAC mechanism used to generate the prf.
+ * bRekey hNewKey is present.
+ * pNi Ni value
+ * ulNiLen length of Ni
+ * pNr Nr value
+ * ulNrLen length of Nr
+ * hNewKey New key value to drive the rekey.
+ */
+typedef struct CK_NSS_IKE_PRF_DERIVE_PARAMS {
+ CK_MECHANISM_TYPE prfMechanism;
+ CK_BBOOL bDataAsKey;
+ CK_BBOOL bRekey;
+ CK_BYTE_PTR pNi;
+ CK_ULONG ulNiLen;
+ CK_BYTE_PTR pNr;
+ CK_ULONG ulNrLen;
+ CK_OBJECT_HANDLE hNewKey;
+} CK_NSS_IKE_PRF_DERIVE_PARAMS;
+
+/* CK_NSS_IKE1_PRF_DERIVE_PARAMS is a structure that provides the parameters
+ * to the CKM_NSS_IKE_PRF_DERIVE mechanism.
+ *
+ * The fields of the structure have the following meanings:
+ * prfMechanism underlying MAC mechanism used to generate the prf.
+ * bRekey hNewKey is present.
+ * pCKYi CKYi value
+ * ulCKYiLen length of CKYi
+ * pCKYr CKYr value
+ * ulCKYrLen length of CKYr
+ * hNewKey New key value to drive the rekey.
+ */
+typedef struct CK_NSS_IKE1_PRF_DERIVE_PARAMS {
+ CK_MECHANISM_TYPE prfMechanism;
+ CK_BBOOL bHasPrevKey;
+ CK_OBJECT_HANDLE hKeygxy;
+ CK_OBJECT_HANDLE hPrevKey;
+ CK_BYTE_PTR pCKYi;
+ CK_ULONG ulCKYiLen;
+ CK_BYTE_PTR pCKYr;
+ CK_ULONG ulCKYrLen;
+ CK_BYTE keyNumber;
+} CK_NSS_IKE1_PRF_DERIVE_PARAMS;
+
+/*
* Parameter for the TLS extended master secret key derivation mechanisms:
*
* * CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE