Removed CKF_HW flags from all soft token mechanisms and added the CKF_GENERATE flag to the AES keygen mechanism.
Signed-off-by: Kent Yoder <[email protected]> diff --git a/usr/lib/pkcs11/soft_stdll/soft_specific.c b/usr/lib/pkcs11/soft_stdll/soft_specific.c index c9eecb6..3cdda4b 100644 --- a/usr/lib/pkcs11/soft_stdll/soft_specific.c +++ b/usr/lib/pkcs11/soft_stdll/soft_specific.c @@ -1454,140 +1454,123 @@ token_specific_dh_pkcs_key_pair_gen( TEMPLATE * publ_tmpl, /* End code contributed by Corrent corp. */ MECH_LIST_ELEMENT mech_list[] = { - { CKM_RSA_PKCS_KEY_PAIR_GEN, {512, 4096, CKF_HW | CKF_GENERATE_KEY_PAIR} }, + { CKM_RSA_PKCS_KEY_PAIR_GEN, {512, 4096, CKF_GENERATE_KEY_PAIR} }, #if !(NODSA) - { CKM_DSA_KEY_PAIR_GEN, {512, 1024, CKF_HW | CKF_GENERATE_KEY_PAIR} }, + { CKM_DSA_KEY_PAIR_GEN, {512, 1024, CKF_GENERATE_KEY_PAIR} }, #endif - { CKM_DES_KEY_GEN, {8, 8, CKF_HW | CKF_GENERATE} }, - { CKM_DES3_KEY_GEN, {24, 24, CKF_HW | CKF_GENERATE} }, + { CKM_DES_KEY_GEN, {8, 8, CKF_GENERATE} }, + { CKM_DES3_KEY_GEN, {24, 24, CKF_GENERATE} }, #if !(NOCDMF) - { CKM_CDMF_KEY_GEN, {0, 0, CKF_HW | CKF_GENERATE} }, + { CKM_CDMF_KEY_GEN, {0, 0, CKF_GENERATE} }, #endif - { CKM_RSA_PKCS, {512, 4096, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_RSA_PKCS, {512, 4096, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP | CKF_SIGN | CKF_VERIFY | CKF_SIGN_RECOVER | CKF_VERIFY_RECOVER} }, #if !(NOX509) - { CKM_RSA_X_509, {512, 4096, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_RSA_X_509, {512, 4096, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP | CKF_SIGN | CKF_VERIFY | CKF_SIGN_RECOVER | CKF_VERIFY_RECOVER} }, #endif #if !(NOMD2) - { CKM_MD2_RSA_PKCS, {512, 4096, CKF_HW | - CKF_SIGN | CKF_VERIFY} }, + { CKM_MD2_RSA_PKCS, {512, 4096, CKF_SIGN | CKF_VERIFY} }, #endif #if !(NOMD5) - { CKM_MD5_RSA_PKCS, {512, 4096, CKF_HW | - CKF_SIGN | CKF_VERIFY} }, + { CKM_MD5_RSA_PKCS, {512, 4096, CKF_SIGN | CKF_VERIFY} }, #endif #if !(NOSHA1) - { CKM_SHA1_RSA_PKCS, {512, 4096, CKF_HW | - CKF_SIGN | CKF_VERIFY} }, + { CKM_SHA1_RSA_PKCS, {512, 4096, CKF_SIGN | CKF_VERIFY} }, #endif #if !(NODSA) - { CKM_DSA, {512, 1024, CKF_HW | - CKF_SIGN | CKF_VERIFY} }, + { CKM_DSA, {512, 1024, CKF_SIGN | CKF_VERIFY} }, #endif /* Begin code contributed by Corrent corp. */ #if !(NODH) - { CKM_DH_PKCS_DERIVE, {512, 2048, CKF_HW | CKF_DERIVE} }, - { CKM_DH_PKCS_KEY_PAIR_GEN, {512, 2048, CKF_HW | CKF_GENERATE_KEY_PAIR} }, + { CKM_DH_PKCS_DERIVE, {512, 2048, CKF_DERIVE} }, + { CKM_DH_PKCS_KEY_PAIR_GEN, {512, 2048, CKF_GENERATE_KEY_PAIR} }, #endif /* End code contributed by Corrent corp. */ - { CKM_DES_ECB, {8, 8, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_DES_ECB, {8, 8, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP} }, - { CKM_DES_CBC, {8, 8, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_DES_CBC, {8, 8, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP} }, - { CKM_DES_CBC_PAD, {8, 8, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_DES_CBC_PAD, {8, 8, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP} }, #if !(NOCDMF) - { CKM_CDMF_ECB, {0, 0, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_CDMF_ECB, {0, 0, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP} }, - { CKM_CDMF_CBC, {0, 0, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_CDMF_CBC, {0, 0, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP} }, #endif - { CKM_DES3_ECB, {24, 24, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_DES3_ECB, {24, 24, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP} }, - { CKM_DES3_CBC, {24, 24, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_DES3_CBC, {24, 24, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP} }, - { CKM_DES3_CBC_PAD, {24, 24, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_DES3_CBC_PAD, {24, 24, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP} }, #if !(NOSHA1) - { CKM_SHA_1, {0, 0, CKF_HW | CKF_DIGEST} }, - { CKM_SHA_1_HMAC, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, - { CKM_SHA_1_HMAC_GENERAL, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, + { CKM_SHA_1, {0, 0, CKF_DIGEST} }, + { CKM_SHA_1_HMAC, {0, 0, CKF_SIGN | CKF_VERIFY} }, + { CKM_SHA_1_HMAC_GENERAL, {0, 0, CKF_SIGN | CKF_VERIFY} }, #endif #if 0 - { CKM_SHA256, {0, 0, CKF_HW | CKF_DIGEST} }, - { CKM_SHA256_HMAC, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, - { CKM_SHA256_HMAC_GENERAL, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, + { CKM_SHA256, {0, 0, CKF_DIGEST} }, + { CKM_SHA256_HMAC, {0, 0, CKF_SIGN | CKF_VERIFY} }, + { CKM_SHA256_HMAC_GENERAL, {0, 0, CKF_SIGN | CKF_VERIFY} }, #endif #if !(NOMD2) - { CKM_MD2, {0, 0, CKF_HW | CKF_DIGEST} }, - { CKM_MD2_HMAC, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, - { CKM_MD2_HMAC_GENERAL, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, + { CKM_MD2, {0, 0, CKF_DIGEST} }, + { CKM_MD2_HMAC, {0, 0, CKF_SIGN | CKF_VERIFY} }, + { CKM_MD2_HMAC_GENERAL, {0, 0, CKF_SIGN | CKF_VERIFY} }, #endif #if !(NOMD5) - { CKM_MD5, {0, 0, CKF_HW | CKF_DIGEST} }, - { CKM_MD5_HMAC, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, - { CKM_MD5_HMAC_GENERAL, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, + { CKM_MD5, {0, 0, CKF_DIGEST} }, + { CKM_MD5_HMAC, {0, 0, CKF_SIGN | CKF_VERIFY} }, + { CKM_MD5_HMAC_GENERAL, {0, 0, CKF_SIGN | CKF_VERIFY} }, #endif - { CKM_SSL3_PRE_MASTER_KEY_GEN, {48, 48, CKF_HW | CKF_GENERATE} }, - { CKM_SSL3_MASTER_KEY_DERIVE, {48, 48, CKF_HW | CKF_DERIVE} }, - { CKM_SSL3_KEY_AND_MAC_DERIVE, {48, 48, CKF_HW | CKF_DERIVE} }, - { CKM_SSL3_MD5_MAC, {384, 384, CKF_HW | CKF_SIGN | CKF_VERIFY} }, - { CKM_SSL3_SHA1_MAC, {384, 384, CKF_HW | CKF_SIGN | CKF_VERIFY} }, + { CKM_SSL3_PRE_MASTER_KEY_GEN, {48, 48, CKF_GENERATE} }, + { CKM_SSL3_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE} }, + { CKM_SSL3_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE} }, + { CKM_SSL3_MD5_MAC, {384, 384, CKF_SIGN | CKF_VERIFY} }, + { CKM_SSL3_SHA1_MAC, {384, 384, CKF_SIGN | CKF_VERIFY} }, #if !(NOAES) - { CKM_AES_KEY_GEN, {16, 32, CKF_HW} }, - { CKM_AES_ECB, {16, 32, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_AES_KEY_GEN, {16, 32, CKF_GENERATE} }, + { CKM_AES_ECB, {16, 32, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP} }, - { CKM_AES_CBC, {16, 32, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_AES_CBC, {16, 32, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP} }, - { CKM_AES_MAC, {16, 32, CKF_HW | CKF_SIGN | CKF_VERIFY} }, - { CKM_AES_MAC_GENERAL, {16, 32, CKF_HW | CKF_SIGN | CKF_VERIFY} }, - { CKM_AES_CBC_PAD, {16, 32, CKF_HW | - CKF_ENCRYPT | CKF_DECRYPT | + { CKM_AES_MAC, {16, 32, CKF_SIGN | CKF_VERIFY} }, + { CKM_AES_MAC_GENERAL, {16, 32, CKF_SIGN | CKF_VERIFY} }, + { CKM_AES_CBC_PAD, {16, 32, CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP} }, #endif #if !(NORIPE) - { CKM_RIPEMD128, {0, 0, CKF_HW | CKF_DIGEST} }, - { CKM_RIPEMD128_HMAC, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, - { CKM_RIPEMD128_HMAC_GENERAL, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, - { CKM_RIPEMD160, {0, 0, CKF_HW | CKF_DIGEST} }, - { CKM_RIPEMD160_HMAC, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, - { CKM_RIPEMD160_HMAC_GENERAL, {0, 0, CKF_HW | CKF_SIGN | CKF_VERIFY} }, + { CKM_RIPEMD128, {0, 0, CKF_DIGEST} }, + { CKM_RIPEMD128_HMAC, {0, 0, CKF_SIGN | CKF_VERIFY} }, + { CKM_RIPEMD128_HMAC_GENERAL, {0, 0, CKF_SIGN | CKF_VERIFY} }, + { CKM_RIPEMD160, {0, 0, CKF_DIGEST} }, + { CKM_RIPEMD160_HMAC, {0, 0, CKF_SIGN | CKF_VERIFY} }, + { CKM_RIPEMD160_HMAC_GENERAL, {0, 0, CKF_SIGN | CKF_VERIFY} }, #endif }; ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
