Restore the functionality of CAC usage flags deriving from X509 certificates
This commit is contained in:
parent
35bae65f11
commit
20e3836c9e
|
@ -120,23 +120,32 @@ cac_alg_flags_from_algorithm(int algorithm)
|
|||
return 0;
|
||||
}
|
||||
|
||||
#define SC_X509_DIGITAL_SIGNATURE 0x0001UL
|
||||
#define SC_X509_NON_REPUDIATION 0x0002UL
|
||||
#define SC_X509_KEY_ENCIPHERMENT 0x0004UL
|
||||
#define SC_X509_DATA_ENCIPHERMENT 0x0008UL
|
||||
#define SC_X509_KEY_AGREEMENT 0x0010UL
|
||||
#define SC_X509_KEY_CERT_SIGN 0x0020UL
|
||||
#define SC_X509_CRL_SIGN 0x0040UL
|
||||
#define SC_X509_SIGN_ONLY 0x0080UL
|
||||
#define SC_X509_DECIPHER_ONLY 0x0100UL
|
||||
|
||||
/* These are the cert key usage bits that map to various PKCS #11 (and thus PKCS #15) flags */
|
||||
#define CAC_X509_USAGE_SIGNATURE \
|
||||
(SC_PKCS15INIT_X509_DIGITAL_SIGNATURE | \
|
||||
SC_PKCS15INIT_X509_NON_REPUDIATION | \
|
||||
SC_PKCS15INIT_X509_KEY_CERT_SIGN | \
|
||||
SC_PKCS15INIT_X509_CRL_SIGN)
|
||||
#define CAC_X509_USAGE_DERIVE \
|
||||
SC_PKCS15INIT_X509_KEY_AGREEMENT
|
||||
#define CAC_X509_USAGE_UNWRAP \
|
||||
(SC_PKCS15INIT_X509_KEY_ENCIPHERMENT | \
|
||||
SC_PKCS15INIT_X509_KEY_AGREEMENT)
|
||||
#define CAC_X509_USAGE_DECRYPT \
|
||||
(SC_PKCS15INIT_X509_DATA_ENCIPHERMENT \
|
||||
/* | encipher? */)
|
||||
#define CAC_X509_USAGE_NONREPUDIATION \
|
||||
SC_PKCS15INIT_X509_NON_REPUDIATION
|
||||
#define CAC_X509_USAGE_SIGNATURE \
|
||||
(SC_X509_DIGITAL_SIGNATURE | \
|
||||
SC_X509_NON_REPUDIATION | \
|
||||
SC_X509_KEY_CERT_SIGN | \
|
||||
SC_X509_CRL_SIGN)
|
||||
#define CAC_X509_USAGE_DERIVE \
|
||||
SC_X509_KEY_AGREEMENT
|
||||
#define CAC_X509_USAGE_UNWRAP \
|
||||
(SC_X509_KEY_ENCIPHERMENT | \
|
||||
SC_X509_KEY_AGREEMENT)
|
||||
#define CAC_X509_USAGE_DECRYPT \
|
||||
(SC_X509_DATA_ENCIPHERMENT | \
|
||||
SC_X509_SIGN_ONLY)
|
||||
#define CAC_X509_USAGE_NONREPUDIATION \
|
||||
SC_X509_NON_REPUDIATION
|
||||
|
||||
/* map a cert usage and algorithm to public and private key usages */
|
||||
static int
|
||||
|
|
Loading…
Reference in New Issue