[gnome-keyring/dbus-api] [pkcs11] Implement CKM_G_NULL mechanism and CKK_G_NULL key.
- From: Stefan Walter <stefw src gnome org>
- To: svn-commits-list gnome org
- Cc:
- Subject: [gnome-keyring/dbus-api] [pkcs11] Implement CKM_G_NULL mechanism and CKK_G_NULL key.
- Date: Mon, 14 Dec 2009 01:57:29 +0000 (UTC)
commit c406ca0ffdeee01c0210b6cb78eb8e6dd0dc6cdc
Author: Stef Walter <stef memberwebs com>
Date: Sat Dec 12 16:02:53 2009 +0000
[pkcs11] Implement CKM_G_NULL mechanism and CKK_G_NULL key.
These are used to wrap/unwrap keys in a plaintext way without
any encryption. This allows callers to use the same code for
AES based wrapping and plaintext wrapping.
pkcs11/gck/Makefile.am | 2 +
pkcs11/gck/gck-crypto.c | 7 ++
pkcs11/gck/gck-dh-mechanism.c | 7 +-
pkcs11/gck/gck-module.c | 9 ++
pkcs11/gck/gck-null-key.c | 130 +++++++++++++++++++++++++++++++++
pkcs11/gck/gck-null-key.h | 52 +++++++++++++
pkcs11/gck/gck-null-mechanism.c | 154 +++++++++++++++++++++++++++++++++++++++
pkcs11/gck/gck-null-mechanism.h | 55 ++++++++++++++
pkcs11/gck/gck-types.h | 1 +
pkcs11/pkcs11g.h | 8 +-
pkcs11/pkcs11i.h | 9 ++
11 files changed, 429 insertions(+), 5 deletions(-)
---
diff --git a/pkcs11/gck/Makefile.am b/pkcs11/gck/Makefile.am
index 8fa04b0..7fe5cc4 100644
--- a/pkcs11/gck/Makefile.am
+++ b/pkcs11/gck/Makefile.am
@@ -40,6 +40,8 @@ libgck_la_SOURCES = \
gck-mechanism-rsa.c gck-mechanism-rsa.h \
gck-memory-store.c gck-memory-store.h \
gck-module.c gck-module.h gck-module-ep.h \
+ gck-null-key.c gck-null-key.h \
+ gck-null-mechanism.c gck-null-mechanism.h \
gck-object.c gck-object.h \
gck-padding.c gck-padding.h \
gck-private-xsa-key.c gck-private-xsa-key.h \
diff --git a/pkcs11/gck/gck-crypto.c b/pkcs11/gck/gck-crypto.c
index 422cd44..0b90cc7 100644
--- a/pkcs11/gck/gck-crypto.c
+++ b/pkcs11/gck/gck-crypto.c
@@ -26,6 +26,7 @@
#include "gck-dh-mechanism.h"
#include "gck-mechanism-dsa.h"
#include "gck-mechanism-rsa.h"
+#include "gck-null-mechanism.h"
#include "gck-session.h"
#include "gck-sexp.h"
#include "gck-sexp-key.h"
@@ -454,6 +455,9 @@ gck_crypto_wrap_key (GckSession *session, CK_MECHANISM_PTR mech, GckObject *wrap
case CKM_AES_CBC_PAD:
return gck_aes_mechanism_wrap (session, mech, wrapper, wrapped,
output, n_output);
+ case CKM_G_NULL:
+ return gck_null_mechanism_wrap (session, mech, wrapper, wrapped,
+ output, n_output);
default:
return CKR_MECHANISM_INVALID;
}
@@ -479,6 +483,9 @@ gck_crypto_unwrap_key (GckSession *session, CK_MECHANISM_PTR mech, GckObject *wr
case CKM_AES_CBC_PAD:
return gck_aes_mechanism_unwrap (session, mech, wrapper, input,
n_input, attrs, n_attrs, unwrapped);
+ case CKM_G_NULL:
+ return gck_null_mechanism_unwrap (session, mech, wrapper, input,
+ n_input, attrs, n_attrs, unwrapped);
default:
return CKR_MECHANISM_INVALID;
}
diff --git a/pkcs11/gck/gck-dh-mechanism.c b/pkcs11/gck/gck-dh-mechanism.c
index 7478f78..f85ac02 100644
--- a/pkcs11/gck/gck-dh-mechanism.c
+++ b/pkcs11/gck/gck-dh-mechanism.c
@@ -209,7 +209,7 @@ gck_dh_mechanism_derive (GckSession *session, CK_MECHANISM_PTR mech, GckObject *
gcry_error_t gcry;
CK_ATTRIBUTE attr;
GArray *array;
- CK_ULONG n_value;
+ CK_ULONG n_value = 0;
gpointer value;
GckTransaction *transaction;
CK_KEY_TYPE type;
@@ -230,12 +230,15 @@ gck_dh_mechanism_derive (GckSession *session, CK_MECHANISM_PTR mech, GckObject *
priv = gck_dh_private_key_get_value (GCK_DH_PRIVATE_KEY (base));
/* What length should we truncate to? */
- n_value = (gcry_mpi_get_nbits(prime) + 7) / 8;
if (!gck_attributes_find_ulong (attrs, n_attrs, CKA_VALUE_LEN, &n_value)) {
if (gck_attributes_find_ulong (attrs, n_attrs, CKA_KEY_TYPE, &type))
n_value = gck_crypto_secret_key_length (type);
}
+ /* Default to full length of the DH prime */
+ if (n_value == 0)
+ n_value = (gcry_mpi_get_nbits (prime) + 7) / 8;
+
value = egg_dh_gen_secret (peer, priv, prime, n_value);
gcry_mpi_release (peer);
diff --git a/pkcs11/gck/gck-module.c b/pkcs11/gck/gck-module.c
index 88e5479..78ef5d6 100644
--- a/pkcs11/gck/gck-module.c
+++ b/pkcs11/gck/gck-module.c
@@ -34,6 +34,8 @@
#include "gck-manager.h"
#include "gck-memory-store.h"
#include "gck-module.h"
+#include "gck-null-key.h"
+#include "gck-null-mechanism.h"
#include "gck-dh-private-key.h"
#include "gck-private-xsa-key.h"
#include "gck-dh-public-key.h"
@@ -168,6 +170,12 @@ static const MechanismAndInfo mechanism_list[] = {
* For AES the min and max are sizes of key in bytes.
*/
{ CKM_AES_CBC_PAD, { GCK_AES_MECHANISM_MIN_LENGTH, GCK_AES_MECHANISM_MAX_LENGTH, CKF_WRAP | CKF_UNWRAP } },
+
+ /*
+ * CKM_G_NULL
+ * For NULL min and max are zero
+ */
+ { CKM_G_NULL, { GCK_NULL_MECHANISM_MIN_LENGTH, GCK_NULL_MECHANISM_MAX_LENGTH, CKF_WRAP | CKF_UNWRAP } },
};
/* Hidden function that you should not use */
@@ -585,6 +593,7 @@ gck_module_init (GckModule *self)
gck_module_register_factory (self, GCK_FACTORY_AES_KEY);
gck_module_register_factory (self, GCK_FACTORY_CERTIFICATE);
gck_module_register_factory (self, GCK_FACTORY_CREDENTIAL);
+ gck_module_register_factory (self, GCK_FACTORY_NULL_KEY);
gck_module_register_factory (self, GCK_FACTORY_DH_PRIVATE_KEY);
gck_module_register_factory (self, GCK_FACTORY_PRIVATE_XSA_KEY);
gck_module_register_factory (self, GCK_FACTORY_DH_PUBLIC_KEY);
diff --git a/pkcs11/gck/gck-null-key.c b/pkcs11/gck/gck-null-key.c
new file mode 100644
index 0000000..7bb912d
--- /dev/null
+++ b/pkcs11/gck/gck-null-key.c
@@ -0,0 +1,130 @@
+/*
+ * gnome-keyring
+ *
+ * Copyright (C) 2008 Stefan Walter
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.
+ */
+
+#include "config.h"
+
+#include "gck-attributes.h"
+#include "gck-null-mechanism.h"
+#include "gck-null-key.h"
+#include "gck-session.h"
+#include "gck-util.h"
+
+#include "pkcs11/pkcs11.h"
+#include "pkcs11/pkcs11i.h"
+
+struct _GckNullKey {
+ GckSecretKey parent;
+};
+
+G_DEFINE_TYPE (GckNullKey, gck_null_key, GCK_TYPE_SECRET_KEY);
+
+/* -----------------------------------------------------------------------------
+ * INTERNAL
+ */
+
+static GckObject*
+factory_create_null_key (GckSession *session, GckTransaction *transaction,
+ CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs)
+{
+ GckNullKey *key;
+ GckManager *manager;
+
+ manager = gck_manager_for_template (attrs, n_attrs, session);
+ key = g_object_new (GCK_TYPE_NULL_KEY,
+ "module", gck_session_get_module (session),
+ "manager", manager,
+ NULL);
+
+ gck_session_complete_object_creation (session, transaction, GCK_OBJECT (key), attrs, n_attrs);
+ return GCK_OBJECT (key);
+}
+
+/* -----------------------------------------------------------------------------
+ * OBJECT
+ */
+
+static CK_RV
+gck_null_key_real_get_attribute (GckObject *base, GckSession *session, CK_ATTRIBUTE *attr)
+{
+ switch (attr->type)
+ {
+ case CKA_KEY_TYPE:
+ return gck_attribute_set_ulong (attr, CKK_G_NULL);
+
+ case CKA_UNWRAP:
+ case CKA_WRAP:
+ return gck_attribute_set_bool (attr, CK_TRUE);
+
+ case CKA_VALUE:
+ return gck_attribute_set_empty (attr);
+
+ case CKA_VALUE_LEN:
+ return gck_attribute_set_ulong (attr, 0);
+
+ case CKA_CHECK_VALUE:
+ return gck_attribute_set_data (attr, "\0\0\0", 3);
+
+ case CKA_ALLOWED_MECHANISMS:
+ return gck_attribute_set_data (attr, (CK_VOID_PTR)GCK_NULL_MECHANISMS,
+ sizeof (GCK_NULL_MECHANISMS));
+ };
+
+ return GCK_OBJECT_CLASS (gck_null_key_parent_class)->get_attribute (base, session, attr);
+}
+
+static void
+gck_null_key_init (GckNullKey *self)
+{
+
+}
+
+static void
+gck_null_key_class_init (GckNullKeyClass *klass)
+{
+ GckObjectClass *gck_class = GCK_OBJECT_CLASS (klass);
+
+ gck_null_key_parent_class = g_type_class_peek_parent (klass);
+ gck_class->get_attribute = gck_null_key_real_get_attribute;
+}
+
+/* -----------------------------------------------------------------------------
+ * PUBLIC
+ */
+
+GckFactory*
+gck_null_key_get_factory (void)
+{
+ static CK_OBJECT_CLASS klass = CKO_SECRET_KEY;
+ static CK_KEY_TYPE type = CKK_G_NULL;
+
+ static CK_ATTRIBUTE attributes[] = {
+ { CKA_CLASS, &klass, sizeof (klass) },
+ { CKA_KEY_TYPE, &type, sizeof (type) }
+ };
+
+ static GckFactory factory = {
+ attributes,
+ G_N_ELEMENTS (attributes),
+ factory_create_null_key
+ };
+
+ return &factory;
+}
diff --git a/pkcs11/gck/gck-null-key.h b/pkcs11/gck/gck-null-key.h
new file mode 100644
index 0000000..f6b7472
--- /dev/null
+++ b/pkcs11/gck/gck-null-key.h
@@ -0,0 +1,52 @@
+/*
+ * gnome-keyring
+ *
+ * Copyright (C) 2008 Stefan Walter
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.
+ */
+
+#ifndef __GCK_NULL_KEY_H__
+#define __GCK_NULL_KEY_H__
+
+#include <glib-object.h>
+
+#include "gck-secret-key.h"
+#include "gck-types.h"
+
+#include <gcrypt.h>
+
+#define GCK_FACTORY_NULL_KEY (gck_null_key_get_factory ())
+
+#define GCK_TYPE_NULL_KEY (gck_null_key_get_type ())
+#define GCK_NULL_KEY(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GCK_TYPE_NULL_KEY, GckNullKey))
+#define GCK_NULL_KEY_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), GCK_TYPE_NULL_KEY, GckNullKeyClass))
+#define GCK_IS_NULL_KEY(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GCK_TYPE_NULL_KEY))
+#define GCK_IS_NULL_KEY_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GCK_TYPE_NULL_KEY))
+#define GCK_NULL_KEY_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), GCK_TYPE_NULL_KEY, GckNullKeyClass))
+
+typedef struct _GckNullKeyClass GckNullKeyClass;
+typedef struct _GckNullKeyPrivate GckNullKeyPrivate;
+
+struct _GckNullKeyClass {
+ GckSecretKeyClass parent_class;
+};
+
+GType gck_null_key_get_type (void);
+
+GckFactory* gck_null_key_get_factory (void);
+
+#endif /* __GCK_NULL_KEY_H__ */
diff --git a/pkcs11/gck/gck-null-mechanism.c b/pkcs11/gck/gck-null-mechanism.c
new file mode 100644
index 0000000..df4a795
--- /dev/null
+++ b/pkcs11/gck/gck-null-mechanism.c
@@ -0,0 +1,154 @@
+/*
+ * gnome-keyring
+ *
+ * Copyright (C) 2009 Stefan Walter
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.
+ */
+
+#include "config.h"
+
+#include "gck-null-key.h"
+#include "gck-null-mechanism.h"
+#include "gck-padding.h"
+#include "gck-session.h"
+#include "gck-transaction.h"
+#include "gck-util.h"
+
+#include "egg/egg-libgcrypt.h"
+#include "egg/egg-secure-memory.h"
+
+static gboolean
+retrieve_length (GckSession *session, GckObject *wrapped, gsize *length)
+{
+ CK_ATTRIBUTE attr;
+
+ attr.type = CKA_VALUE;
+ attr.pValue = NULL;
+ attr.ulValueLen = 0;
+
+ if (gck_object_get_attribute (wrapped, session, &attr) != CKR_OK)
+ return FALSE;
+
+ *length = attr.ulValueLen;
+ return TRUE;
+}
+
+static gpointer
+retrieve_value (GckSession *session, GckObject *wrapped, gsize *n_value)
+{
+ CK_ATTRIBUTE attr;
+
+ if (!retrieve_length (session, wrapped, n_value))
+ return NULL;
+
+ attr.type = CKA_VALUE;
+ attr.pValue = egg_secure_alloc (*n_value);
+ attr.ulValueLen = *n_value;
+
+ if (gck_object_get_attribute (wrapped, session, &attr) != CKR_OK) {
+ egg_secure_free (attr.pValue);
+ return NULL;
+ }
+
+ return attr.pValue;
+}
+
+CK_RV
+gck_null_mechanism_wrap (GckSession *session, CK_MECHANISM_PTR mech,
+ GckObject *wrapper, GckObject *wrapped,
+ CK_BYTE_PTR output, CK_ULONG_PTR n_output)
+{
+ GckNullKey *key;
+ gpointer value;
+ gsize n_value;
+ CK_RV rv;
+
+ g_return_val_if_fail (GCK_IS_SESSION (session), CKR_GENERAL_ERROR);
+ g_return_val_if_fail (mech, CKR_GENERAL_ERROR);
+ g_return_val_if_fail (mech->mechanism == CKM_G_NULL, CKR_GENERAL_ERROR);
+ g_return_val_if_fail (GCK_IS_OBJECT (wrapped), CKR_GENERAL_ERROR);
+ g_return_val_if_fail (n_output, CKR_GENERAL_ERROR);
+
+ if (!GCK_IS_NULL_KEY (wrapper))
+ return CKR_WRAPPING_KEY_TYPE_INCONSISTENT;
+ key = GCK_NULL_KEY (wrapper);
+
+ /* They just want the length */
+ if (!output) {
+ if (!retrieve_length (session, wrapped, &n_value))
+ return CKR_KEY_NOT_WRAPPABLE;
+ *n_output = n_value;
+ return CKR_OK;
+ }
+
+ if (mech->ulParameterLen)
+ return CKR_MECHANISM_PARAM_INVALID;
+
+ value = retrieve_value (session, wrapped, &n_value);
+ if (value == NULL)
+ return CKR_KEY_NOT_WRAPPABLE;
+
+ rv = gck_util_return_data (output, n_output, value, n_value);
+ egg_secure_free (value);
+ return rv;
+}
+
+CK_RV
+gck_null_mechanism_unwrap (GckSession *session, CK_MECHANISM_PTR mech,
+ GckObject *wrapper, CK_VOID_PTR input, CK_ULONG n_input,
+ CK_ATTRIBUTE_PTR attrs, CK_ULONG n_attrs,
+ GckObject **unwrapped)
+{
+ CK_ATTRIBUTE attr;
+ GArray *array;
+ GckNullKey *key;
+ GckTransaction *transaction;
+
+ g_return_val_if_fail (GCK_IS_SESSION (session), CKR_GENERAL_ERROR);
+ g_return_val_if_fail (mech, CKR_GENERAL_ERROR);
+ g_return_val_if_fail (mech->mechanism == CKM_G_NULL, CKR_GENERAL_ERROR);
+ g_return_val_if_fail (GCK_IS_OBJECT (wrapper), CKR_GENERAL_ERROR);
+
+ if (!GCK_IS_NULL_KEY (wrapper))
+ return CKR_WRAPPING_KEY_TYPE_INCONSISTENT;
+ key = GCK_NULL_KEY (wrapper);
+
+ if (mech->ulParameterLen)
+ return CKR_MECHANISM_PARAM_INVALID;
+
+ /* Now setup the attributes with our new value */
+ array = g_array_new (FALSE, FALSE, sizeof (CK_ATTRIBUTE));
+
+ /* Prepend the value */
+ attr.type = CKA_VALUE;
+ attr.pValue = input;
+ attr.ulValueLen = n_input;
+ g_array_append_val (array, attr);
+
+ /* Add the remainder of the attributes */
+ g_array_append_vals (array, attrs, n_attrs);
+
+ transaction = gck_transaction_new ();
+
+ /* Now create an object with these attributes */
+ *unwrapped = gck_session_create_object_for_attributes (session, transaction,
+ (CK_ATTRIBUTE_PTR)array->data, array->len);
+
+ g_array_free (array, TRUE);
+
+ return gck_transaction_complete_and_unref (transaction);
+}
diff --git a/pkcs11/gck/gck-null-mechanism.h b/pkcs11/gck/gck-null-mechanism.h
new file mode 100644
index 0000000..c32f72f
--- /dev/null
+++ b/pkcs11/gck/gck-null-mechanism.h
@@ -0,0 +1,55 @@
+/*
+ * gnome-keyring
+ *
+ * Copyright (C) 2009 Stefan Walter
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.
+ */
+
+#ifndef GCK_NULL_MECHANISM_H_
+#define GCK_NULL_MECHANISM_H_
+
+#include "gck-types.h"
+
+#include "pkcs11/pkcs11.h"
+#include "pkcs11/pkcs11i.h"
+
+#include <glib.h>
+
+#define GCK_NULL_MECHANISM_MIN_LENGTH 0
+#define GCK_NULL_MECHANISM_MAX_LENGTH 0
+
+static const CK_MECHANISM_TYPE GCK_NULL_MECHANISMS[] = {
+ CKM_G_NULL
+};
+
+CK_RV gck_null_mechanism_wrap (GckSession *session,
+ CK_MECHANISM_PTR mech,
+ GckObject *wrapper,
+ GckObject *wrapped,
+ CK_BYTE_PTR output,
+ CK_ULONG_PTR n_output);
+
+CK_RV gck_null_mechanism_unwrap (GckSession *session,
+ CK_MECHANISM_PTR mech,
+ GckObject *wrapper,
+ CK_VOID_PTR input,
+ CK_ULONG n_input,
+ CK_ATTRIBUTE_PTR attrs,
+ CK_ULONG n_attrs,
+ GckObject **unwrapped);
+
+#endif /* GCK_NULL_MECHANISM_H_ */
diff --git a/pkcs11/gck/gck-types.h b/pkcs11/gck/gck-types.h
index 1920f8f..c92c28c 100644
--- a/pkcs11/gck/gck-types.h
+++ b/pkcs11/gck/gck-types.h
@@ -33,6 +33,7 @@ typedef struct _GckDhPublicKey GckDhPublicKey;
typedef struct _GckFactory GckFactory;
typedef struct _GckManager GckManager;
typedef struct _GckModule GckModule;
+typedef struct _GckNullKey GckNullKey;
typedef struct _GckObject GckObject;
typedef struct _GckPrivateXsaKey GckPrivateXsaKey;
typedef struct _GckPublicXsaKey GckPublicXsaKey;
diff --git a/pkcs11/pkcs11g.h b/pkcs11/pkcs11g.h
index d141e7d..a84e7d9 100644
--- a/pkcs11/pkcs11g.h
+++ b/pkcs11/pkcs11g.h
@@ -26,9 +26,11 @@
#include "pkcs11.h"
-#define CKA_GNOME (CKA_VENDOR_DEFINED | 0x474E4D45UL /* GNME */ )
-#define CKO_GNOME (CKO_VENDOR_DEFINED | 0x474E4D45UL /* GNME */ )
-#define CKR_GNOME (CKR_VENDOR_DEFINED | 0x474E4D45UL /* GNME */ )
+#define CKA_GNOME (CKA_VENDOR_DEFINED | 0x474E4D45UL /* GNME */ )
+#define CKO_GNOME (CKO_VENDOR_DEFINED | 0x474E4D45UL /* GNME */ )
+#define CKR_GNOME (CKR_VENDOR_DEFINED | 0x474E4D45UL /* GNME */ )
+#define CKM_GNOME (CKR_VENDOR_DEFINED | 0x474E4D45UL /* GNME */ )
+#define CKK_GNOME (CKR_VENDOR_DEFINED | 0x474E4D45UL /* GNME */ )
/* -------------------------------------------------------------------
* OBJECT UNIQUE IDENTIFIER
diff --git a/pkcs11/pkcs11i.h b/pkcs11/pkcs11i.h
index 734971c..1a34f33 100644
--- a/pkcs11/pkcs11i.h
+++ b/pkcs11/pkcs11i.h
@@ -82,4 +82,13 @@ typedef CK_G_APPLICATION* CK_G_APPLICATION_PTR;
#define CKA_G_MATCHED (CKA_GNOME + 215)
+/* -------------------------------------------------------------------
+ * MECHANISMS
+ */
+
+/* Used for wrapping and unwrapping as null */
+#define CKM_G_NULL (CKM_GNOME + 100)
+
+#define CKK_G_NULL (CKK_GNOME + 100)
+
#endif /* PKCS11I_H */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]