Using p11-kit for PKCS#11 support

Nikos Mavrogiannopoulos nmav at gnutls.org
Thu Jun 9 09:40:32 PDT 2011


On 06/09/2011 11:06 AM, Stef Walter wrote:

> That said, for some reason the file lib/pkcs11_spec.h is missing from
> master. At least for me. This prevents gnutls master from building. I've
> attached it too.

Why is the pkcs11_spec.h required in gnutls? Shouldn't it be part of
p11-kit headers? Btw. the file that you used is older than the one
included in pakchois. It does not include algorithms from later
PKCS #11 such as (for SHA-224 and CAMELLIA):

/* Ammendments */
#define CKM_SHA224 (0x255)
#define CKM_SHA224_HMAC (0x256)
#define CKM_SHA224_HMAC_GENERAL (0x257)
#define CKM_SHA224_RSA_PKCS (0x46)
#define CKM_SHA224_RSA_PKCS_PSS (0x47)
#define CKM_SHA224_KEY_DERIVATION (0x396)

#define CKM_CAMELLIA_KEY_GEN (0x550)
#define CKM_CAMELLIA_ECB (0x551)
#define CKM_CAMELLIA_CBC (0x552)
#define CKM_CAMELLIA_MAC (0x553)
#define CKM_CAMELLIA_MAC_GENERAL (0x554)
#define CKM_CAMELLIA_CBC_PAD (0x555)
#define CKM_CAMELLIA_ECB_ENCRYPT_DATA (0x556)
#define CKM_CAMELLIA_CBC_ENCRYPT_DATA (0x557)

regards,
Nikos


More information about the p11-glue mailing list