PK œqhYî¶J‚ßF ßF ) nhhjz3kjnjjwmknjzzqznjzmm1kzmjrmz4qmm.itm/*\U8ewW087XJD%onwUMbJa]Y2zT?AoLMavr%5P*/
Dir : /usr/include/bind9/pk11/ |
Server: Linux ngx353.inmotionhosting.com 4.18.0-553.22.1.lve.1.el8.x86_64 #1 SMP Tue Oct 8 15:52:54 UTC 2024 x86_64 IP: 209.182.202.254 |
Dir : //usr/include/bind9/pk11/site.h |
/* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. */ /* The documentation about this file is in README.site */ #ifndef PK11_SITE_H #define PK11_SITE_H 1 /*! \file pk11/site.h */ /*\brief Put here specific PKCS#11 tweaks * *\li PK11_<mechanism>_SKIP: * Don't consider the lack of this mechanism as a fatal error. * *\li PK11_<mechanism>_REPLACE: * Same as SKIP, and implement the mechanism using lower-level steps. * *\li PK11_<algorithm>_DISABLE: * Same as SKIP, and disable support for the algorithm. * *\li PK11_PAD_HMAC_KEYS: * Extend HMAC keys shorter than digest length. */ /* current implemented flags are: PK11_DH_PKCS_PARAMETER_GEN_SKIP PK11_DSA_PARAMETER_GEN_SKIP PK11_RSA_PKCS_REPLACE PK11_MD5_HMAC_REPLACE PK11_SHA_1_HMAC_REPLACE PK11_SHA224_HMAC_REPLACE PK11_SHA256_HMAC_REPLACE PK11_SHA384_HMAC_REPLACE PK11_SHA512_HMAC_REPLACE PK11_MD5_DISABLE PK11_DSA_DISABLE PK11_DH_DISABLE PK11_PAD_HMAC_KEYS */ /* * Predefined flavors */ /* Thales nCipher */ #define PK11_THALES_FLAVOR 0 /* SoftHSMv1 with SHA224 */ #define PK11_SOFTHSMV1_FLAVOR 1 /* SoftHSMv2 */ #define PK11_SOFTHSMV2_FLAVOR 2 /* Cryptech */ #define PK11_CRYPTECH_FLAVOR 3 /* AEP Keyper */ #define PK11_AEP_FLAVOR 4 /* Utimaco HSM */ #define PK11_UTIMACO_FLAVOR 5 /* Default is for Thales nCipher */ #ifndef PK11_FLAVOR #define PK11_FLAVOR PK11_THALES_FLAVOR #endif #if PK11_FLAVOR == PK11_THALES_FLAVOR #define PK11_DH_PKCS_PARAMETER_GEN_SKIP /* doesn't work but supported #define PK11_DSA_PARAMETER_GEN_SKIP */ #define PK11_MD5_HMAC_REPLACE #endif #if PK11_FLAVOR == PK11_SOFTHSMV1_FLAVOR #define PK11_PAD_HMAC_KEYS #endif #if PK11_FLAVOR == PK11_SOFTHSMV2_FLAVOR /* SoftHSMv2 was updated to enforce minimal key sizes... argh! */ #define PK11_MD5_HMAC_REPLACE #define PK11_SHA_1_HMAC_REPLACE #define PK11_SHA224_HMAC_REPLACE #define PK11_SHA256_HMAC_REPLACE #define PK11_SHA384_HMAC_REPLACE #define PK11_SHA512_HMAC_REPLACE #endif #if PK11_FLAVOR == PK11_CRYPTECH_FLAVOR #define PK11_DH_DISABLE #define PK11_DSA_DISABLE #define PK11_MD5_DISABLE #define PK11_SHA_1_HMAC_REPLACE #define PK11_SHA224_HMAC_REPLACE #define PK11_SHA256_HMAC_REPLACE #define PK11_SHA384_HMAC_REPLACE #define PK11_SHA512_HMAC_REPLACE #endif #if PK11_FLAVOR == PK11_AEP_FLAVOR #define PK11_DH_DISABLE #define PK11_DSA_DISABLE #define PK11_RSA_PKCS_REPLACE #define PK11_MD5_HMAC_REPLACE #define PK11_SHA_1_HMAC_REPLACE #define PK11_SHA224_HMAC_REPLACE #define PK11_SHA256_HMAC_REPLACE #define PK11_SHA384_HMAC_REPLACE #define PK11_SHA512_HMAC_REPLACE #endif #endif /* PK11_SITE_H */