[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11] Proposal: Define CKA_JAVA_MIDP_SECURITY_DOMAIN constants
Hi Stef -My take is the general model is that CK_XXX is used for typedefs and structs, while CKx_XXX is used for value enumerations. The fact that the OTP stuff did this differently is an interesting point of information, but not compelling - it actually has a few "type"ing problems - see below.
CKV_xxx might not be the correct prefix, but there are a number of these small enumerations that need to go somewhere and ideally not at the top level, but grouped and defined under an enum-like type definition.
How about CKCC_XXX for certificate categories and CKCM_XXX for midp security domains?
Add CK_JAVA_MIDP_SECURITY_DOMAIN as a typedef for CK_ULONG (identified by CKCM_XXX), add CK_CERTIFICATE_CATEGORY as a typedef for CK_ulong (identified by CKCM_xxx), update the appropriate tables with that type. (table 24 for midp, table 23 for certificate category).
For the OTP stuff, there probably needs to be a few changes -Move the CK_OTP_FORMAT* values under CKPF_* and type that as a CK_OTP_FORMAT enum Move the CK_OTP_PARAM* values under CKPP_* and type that as a CK_OTP_PARAM enum
(Update table 86 to reflect those changes - specifically the data type).I don't have strong feelings on this, but if we're going to throw away the enum model, we should do it with eyes wide open.
Mike On 6/24/2013 10:45 AM, Stef Walter wrote:
Changed to use 'CK_XXXX' instead of 'CKV_' for the constant prefix. This is similar to the new OTP constants and other other odds and ends constants we have. Cheers, Stef 9.4 Object types *** new item to be added | o CK_JAVA_MIDP_SECURITY_DOMAIN | | CK_JAVA_MIDP_SECURITY_DOMAIN is a value that identifies the Java | MIDP security domain of a certificate. It is defined as follows: | | typedef CK_ULONG CK_JAVA_MIDP_SECURITY_DOMAIN; | | For this version of Cryptoki, the following security domains | are defined. See the Java MIDP specification for further | information. | | |-----------------------------------------------------------------| | | Constant | Value | Meaning | | |-----------------------------------------------------------------| | | CK_SECURITY_DOMAIN_UNSPECIFIED | 0UL | No domain specified | | | CK_SECURITY_DOMAIN_MANUFACTURER | 1UL | Manufacturer | | | | | protection domain | | | CK_SECURITY_DOMAIN_OPERATOR | 2UL | Operator protection | | | | | domain | | | CK_SECURITY_DOMAIN_THIRD_PARTY | 3UL | Third party | | | | | protection domain | | |-----------------------------------------------------------------| 10.6.3 X.509 public key certificate objects *** table row to be updated | CKA_JAVA_MIDP_SECURITY_DOMAIN CK_JAVA_MIDP_SECURITY_DOMAIN Java MIDP | security domain. | (default CK_SECURITY_DOMAIN_UNSPECIFIED) A Manifest Constants *** Lines to be added | #define CK_SECURITY_DOMAIN_UNSPECIFIED 0UL | #define CK_SECURITY_DOMAIN_MANUFACTURER 1UL | #define CK_SECURITY_DOMAIN_OPERATOR 2UL | #define CK_SECURITY_DOMAIN_THIRD_PARTY 3UL --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]