diff options
| author | Rob Austein <sra@hactrn.net> | 2016-10-24 17:57:35 -0400 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2016-10-24 17:57:35 -0400 |
| commit | 41bc63d2ee629610de41c793e1eb00e1571d38d4 (patch) | |
| tree | d0b9f10981d8e7be969eda0f27e029454ff8c7b7 /hal.h | |
| parent | dcf3c671314b36285277073c0a3d3a09bf4d93e6 (diff) | |
Flesh out key object access control.
This is more complicated than I'd have liked, because the PKCS #11
semantics are (much) more complicated than just "are you logged in?"
New code passes basic testing with libhal.py and the PKCS #11 unit
tests, but there are still unexplored corner cases to be checked.
Private token objects remain simple. Code which does not need PKCS
HAL_KEY_FLAG_TOKEN and avoid HAL_KEY_FLAG_PUBLIC.
Diffstat (limited to 'hal.h')
| -rw-r--r-- | hal.h | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -692,6 +692,7 @@ typedef uint32_t hal_key_flags_t; #define HAL_KEY_FLAG_USAGE_KEYENCIPHERMENT (1 << 1) #define HAL_KEY_FLAG_USAGE_DATAENCIPHERMENT (1 << 2) #define HAL_KEY_FLAG_TOKEN (1 << 3) +#define HAL_KEY_FLAG_PUBLIC (1 << 4) extern hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client, const hal_session_handle_t session, |