aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--go.mod2
-rw-r--r--go.sum6
-rw-r--r--vendor/github.com/containers/ocicrypt/go.mod4
-rw-r--r--vendor/github.com/containers/ocicrypt/go.sum8
-rw-r--r--vendor/github.com/miekg/pkcs11/.travis.yml14
-rw-r--r--vendor/github.com/miekg/pkcs11/README.md10
-rw-r--r--vendor/github.com/miekg/pkcs11/pkcs11.go11
-rw-r--r--vendor/github.com/miekg/pkcs11/release.go3
-rw-r--r--vendor/github.com/miekg/pkcs11/types.go12
-rw-r--r--vendor/github.com/miekg/pkcs11/zconst.go (renamed from vendor/github.com/miekg/pkcs11/const.go)196
-rw-r--r--vendor/modules.txt4
11 files changed, 152 insertions, 118 deletions
diff --git a/go.mod b/go.mod
index ada985908..224a4fe81 100644
--- a/go.mod
+++ b/go.mod
@@ -15,7 +15,7 @@ require (
github.com/containers/common v0.47.5-0.20220318125043-0ededd18a1f9
github.com/containers/conmon v2.0.20+incompatible
github.com/containers/image/v5 v5.20.1-0.20220310094651-0d8056ee346f
- github.com/containers/ocicrypt v1.1.2
+ github.com/containers/ocicrypt v1.1.3
github.com/containers/psgo v1.7.2
github.com/containers/storage v1.38.3-0.20220321121613-8e565392dd91
github.com/coreos/go-systemd/v22 v22.3.2
diff --git a/go.sum b/go.sum
index 19c625288..eb78eb72a 100644
--- a/go.sum
+++ b/go.sum
@@ -370,8 +370,9 @@ github.com/containers/libtrust v0.0.0-20200511145503-9c3a6c22cd9a/go.mod h1:9rfv
github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc=
github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4=
github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY=
-github.com/containers/ocicrypt v1.1.2 h1:Ez+GAMP/4GLix5Ywo/fL7O0nY771gsBIigiqUm1aXz0=
github.com/containers/ocicrypt v1.1.2/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY=
+github.com/containers/ocicrypt v1.1.3 h1:uMxn2wTb4nDR7GqG3rnZSfpJXqWURfzZ7nKydzIeKpA=
+github.com/containers/ocicrypt v1.1.3/go.mod h1:xpdkbVAuaH3WzbEabUd5yDsl9SwJA5pABH85425Es2g=
github.com/containers/psgo v1.7.2 h1:WbCvsY9w+nCv3j4der0mbD3PSRUv/W8l+G0YrZrdSDc=
github.com/containers/psgo v1.7.2/go.mod h1:SLpqxsPOHtTqRygjutCPXmeU2PoEFzV3gzJplN4BMx0=
github.com/containers/storage v1.37.0/go.mod h1:kqeJeS0b7DO2ZT1nVWs0XufrmPFbgV3c+Q/45RlH6r4=
@@ -975,8 +976,9 @@ github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKju
github.com/miekg/dns v1.1.35/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI=
github.com/miekg/pkcs11 v1.0.2/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
-github.com/miekg/pkcs11 v1.0.3 h1:iMwmD7I5225wv84WxIG/bmxz9AXjWvTWIbM/TYHvWtw=
github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
+github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU=
+github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible h1:aKW/4cBs+yK6gpqU3K/oIwk9Q/XICqd3zOX/UFuvqmk=
github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4=
github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
diff --git a/vendor/github.com/containers/ocicrypt/go.mod b/vendor/github.com/containers/ocicrypt/go.mod
index 02be18591..8837d288e 100644
--- a/vendor/github.com/containers/ocicrypt/go.mod
+++ b/vendor/github.com/containers/ocicrypt/go.mod
@@ -5,9 +5,9 @@ go 1.12
require (
github.com/golang/protobuf v1.4.3
github.com/google/go-cmp v0.5.2 // indirect
- github.com/miekg/pkcs11 v1.0.3
+ github.com/miekg/pkcs11 v1.1.1
github.com/opencontainers/go-digest v1.0.0
- github.com/opencontainers/image-spec v1.0.1
+ github.com/opencontainers/image-spec v1.0.2
github.com/pkg/errors v0.9.1
github.com/sirupsen/logrus v1.7.0
github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980
diff --git a/vendor/github.com/containers/ocicrypt/go.sum b/vendor/github.com/containers/ocicrypt/go.sum
index 7153900da..a621a145c 100644
--- a/vendor/github.com/containers/ocicrypt/go.sum
+++ b/vendor/github.com/containers/ocicrypt/go.sum
@@ -30,12 +30,12 @@ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.2 h1:X2ev0eStA3AbceY54o37/0PQ/UWqKEiiO2dKL5OPaFM=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/miekg/pkcs11 v1.0.3 h1:iMwmD7I5225wv84WxIG/bmxz9AXjWvTWIbM/TYHvWtw=
-github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
+github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU=
+github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
-github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI=
-github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
+github.com/opencontainers/image-spec v1.0.2 h1:9yCKha/T5XdGtO0q9Q9a6T5NUCsTn/DrBg0D7ufOcFM=
+github.com/opencontainers/image-spec v1.0.2/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
diff --git a/vendor/github.com/miekg/pkcs11/.travis.yml b/vendor/github.com/miekg/pkcs11/.travis.yml
deleted file mode 100644
index 687044d83..000000000
--- a/vendor/github.com/miekg/pkcs11/.travis.yml
+++ /dev/null
@@ -1,14 +0,0 @@
-language: go
-sudo: required
-dist: trusty
-
-go:
- - 1.9
- - tip
-
-script:
- - go test -v ./...
-
-before_script:
- - sudo apt-get update
- - sudo apt-get -y install libsofthsm
diff --git a/vendor/github.com/miekg/pkcs11/README.md b/vendor/github.com/miekg/pkcs11/README.md
index 0a5c1b7b6..18a361a99 100644
--- a/vendor/github.com/miekg/pkcs11/README.md
+++ b/vendor/github.com/miekg/pkcs11/README.md
@@ -1,6 +1,6 @@
-# PKCS#11 [![Build Status](https://travis-ci.org/miekg/pkcs11.png?branch=master)](https://travis-ci.org/miekg/pkcs11) [![GoDoc](https://img.shields.io/badge/godoc-reference-blue.svg)](http://godoc.org/github.com/miekg/pkcs11)
+# PKCS#11
-This is a Go implementation of the PKCS#11 API. It wraps the library closely, but uses Go idiom were
+This is a Go implementation of the PKCS#11 API. It wraps the library closely, but uses Go idiom where
it makes sense. It has been tested with SoftHSM.
## SoftHSM
@@ -13,10 +13,10 @@ it makes sense. It has been tested with SoftHSM.
softhsm --init-token --slot 0 --label test --pin 1234
~~~
- * Then use `libsofthsm.so` as the pkcs11 module:
+ * Then use `libsofthsm2.so` as the pkcs11 module:
~~~ go
- p := pkcs11.New("/usr/lib/softhsm/libsofthsm.so")
+ p := pkcs11.New("/usr/lib/softhsm/libsofthsm2.so")
~~~
## Examples
@@ -24,7 +24,7 @@ it makes sense. It has been tested with SoftHSM.
A skeleton program would look somewhat like this (yes, pkcs#11 is verbose):
~~~ go
-p := pkcs11.New("/usr/lib/softhsm/libsofthsm.so")
+p := pkcs11.New("/usr/lib/softhsm/libsofthsm2.so")
err := p.Initialize()
if err != nil {
panic(err)
diff --git a/vendor/github.com/miekg/pkcs11/pkcs11.go b/vendor/github.com/miekg/pkcs11/pkcs11.go
index e21d23b73..e1b5824ec 100644
--- a/vendor/github.com/miekg/pkcs11/pkcs11.go
+++ b/vendor/github.com/miekg/pkcs11/pkcs11.go
@@ -2,6 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:generate go run const_generate.go
+
// Package pkcs11 is a wrapper around the PKCS#11 cryptographic library.
package pkcs11
@@ -14,7 +16,7 @@ package pkcs11
#cgo windows CFLAGS: -DPACKED_STRUCTURES
#cgo linux LDFLAGS: -ldl
#cgo darwin LDFLAGS: -ldl
-#cgo openbsd LDFLAGS: -ldl
+#cgo openbsd LDFLAGS:
#cgo freebsd LDFLAGS: -ldl
#include <stdlib.h>
@@ -770,9 +772,10 @@ static inline CK_VOID_PTR getAttributePval(CK_ATTRIBUTE_PTR a)
*/
import "C"
-import "strings"
-
-import "unsafe"
+import (
+ "strings"
+ "unsafe"
+)
// Ctx contains the current pkcs11 context.
type Ctx struct {
diff --git a/vendor/github.com/miekg/pkcs11/release.go b/vendor/github.com/miekg/pkcs11/release.go
index 4380f374d..d8b99f147 100644
--- a/vendor/github.com/miekg/pkcs11/release.go
+++ b/vendor/github.com/miekg/pkcs11/release.go
@@ -1,3 +1,4 @@
+//go:build release
// +build release
package pkcs11
@@ -5,7 +6,7 @@ package pkcs11
import "fmt"
// Release is current version of the pkcs11 library.
-var Release = R{1, 0, 3}
+var Release = R{1, 1, 1}
// R holds the version of this library.
type R struct {
diff --git a/vendor/github.com/miekg/pkcs11/types.go b/vendor/github.com/miekg/pkcs11/types.go
index 970db9061..60eadcb71 100644
--- a/vendor/github.com/miekg/pkcs11/types.go
+++ b/vendor/github.com/miekg/pkcs11/types.go
@@ -182,8 +182,20 @@ func NewAttribute(typ uint, x interface{}) *Attribute {
}
case int:
a.Value = uintToBytes(uint64(v))
+ case int16:
+ a.Value = uintToBytes(uint64(v))
+ case int32:
+ a.Value = uintToBytes(uint64(v))
+ case int64:
+ a.Value = uintToBytes(uint64(v))
case uint:
a.Value = uintToBytes(uint64(v))
+ case uint16:
+ a.Value = uintToBytes(uint64(v))
+ case uint32:
+ a.Value = uintToBytes(uint64(v))
+ case uint64:
+ a.Value = uintToBytes(uint64(v))
case string:
a.Value = []byte(v)
case []byte:
diff --git a/vendor/github.com/miekg/pkcs11/const.go b/vendor/github.com/miekg/pkcs11/zconst.go
index 408856146..41df5cfcf 100644
--- a/vendor/github.com/miekg/pkcs11/const.go
+++ b/vendor/github.com/miekg/pkcs11/zconst.go
@@ -2,48 +2,18 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-package pkcs11
-
-const (
- CKU_SO uint = 0
- CKU_USER uint = 1
- CKU_CONTEXT_SPECIFIC uint = 2
-)
-
-const (
- CKO_DATA uint = 0x00000000
- CKO_CERTIFICATE uint = 0x00000001
- CKO_PUBLIC_KEY uint = 0x00000002
- CKO_PRIVATE_KEY uint = 0x00000003
- CKO_SECRET_KEY uint = 0x00000004
- CKO_HW_FEATURE uint = 0x00000005
- CKO_DOMAIN_PARAMETERS uint = 0x00000006
- CKO_MECHANISM uint = 0x00000007
- CKO_OTP_KEY uint = 0x00000008
- CKO_VENDOR_DEFINED uint = 0x80000000
-)
-
-const (
- CKG_MGF1_SHA1 uint = 0x00000001
- CKG_MGF1_SHA224 uint = 0x00000005
- CKG_MGF1_SHA256 uint = 0x00000002
- CKG_MGF1_SHA384 uint = 0x00000003
- CKG_MGF1_SHA512 uint = 0x00000004
- CKG_MGF1_SHA3_224 uint = 0x00000006
- CKG_MGF1_SHA3_256 uint = 0x00000007
- CKG_MGF1_SHA3_384 uint = 0x00000008
- CKG_MGF1_SHA3_512 uint = 0x00000009
-)
-
-const (
- CKZ_DATA_SPECIFIED uint = 0x00000001
-)
+// Code generated by "go run const_generate.go"; DO NOT EDIT.
-// Generated with: awk '/#define CK[AFKMRC]/{ print $2 " = " $3 }' pkcs11t.h | sed -e 's/UL$//g' -e 's/UL)$/)/g'
+package pkcs11
-// All the flag (CKF_), attribute (CKA_), error code (CKR_), key type (CKK_), certificate type (CKC_) and
-// mechanism (CKM_) constants as defined in PKCS#11.
const (
+ CK_TRUE = 1
+ CK_FALSE = 0
+ CK_UNAVAILABLE_INFORMATION = ^uint(0)
+ CK_EFFECTIVELY_INFINITE = 0
+ CK_INVALID_HANDLE = 0
+ CKN_SURRENDER = 0
+ CKN_OTP_CHANGED = 1
CKF_TOKEN_PRESENT = 0x00000001
CKF_REMOVABLE_DEVICE = 0x00000002
CKF_HW_SLOT = 0x00000004
@@ -66,12 +36,34 @@ const (
CKF_SO_PIN_LOCKED = 0x00400000
CKF_SO_PIN_TO_BE_CHANGED = 0x00800000
CKF_ERROR_STATE = 0x01000000
+ CKU_SO = 0
+ CKU_USER = 1
+ CKU_CONTEXT_SPECIFIC = 2
+ CKS_RO_PUBLIC_SESSION = 0
+ CKS_RO_USER_FUNCTIONS = 1
+ CKS_RW_PUBLIC_SESSION = 2
+ CKS_RW_USER_FUNCTIONS = 3
+ CKS_RW_SO_FUNCTIONS = 4
CKF_RW_SESSION = 0x00000002
CKF_SERIAL_SESSION = 0x00000004
+ CKO_DATA = 0x00000000
+ CKO_CERTIFICATE = 0x00000001
+ CKO_PUBLIC_KEY = 0x00000002
+ CKO_PRIVATE_KEY = 0x00000003
+ CKO_SECRET_KEY = 0x00000004
+ CKO_HW_FEATURE = 0x00000005
+ CKO_DOMAIN_PARAMETERS = 0x00000006
+ CKO_MECHANISM = 0x00000007
+ CKO_OTP_KEY = 0x00000008
+ CKO_VENDOR_DEFINED = 0x80000000
+ CKH_MONOTONIC_COUNTER = 0x00000001
+ CKH_CLOCK = 0x00000002
+ CKH_USER_INTERFACE = 0x00000003
+ CKH_VENDOR_DEFINED = 0x80000000
CKK_RSA = 0x00000000
CKK_DSA = 0x00000001
CKK_DH = 0x00000002
- CKK_ECDSA = 0x00000003
+ CKK_ECDSA = 0x00000003 // Deprecated
CKK_EC = 0x00000003
CKK_X9_42_DH = 0x00000004
CKK_KEA = 0x00000005
@@ -83,7 +75,7 @@ const (
CKK_DES3 = 0x00000015
CKK_CAST = 0x00000016
CKK_CAST3 = 0x00000017
- CKK_CAST5 = 0x00000018
+ CKK_CAST5 = 0x00000018 // Deprecated
CKK_CAST128 = 0x00000018
CKK_RC5 = 0x00000019
CKK_IDEA = 0x0000001A
@@ -99,14 +91,14 @@ const (
CKK_ACTI = 0x00000024
CKK_CAMELLIA = 0x00000025
CKK_ARIA = 0x00000026
- CKK_SHA512_224_HMAC = 0x00000027
- CKK_SHA512_256_HMAC = 0x00000028
- CKK_SHA512_T_HMAC = 0x00000029
+ CKK_MD5_HMAC = 0x00000027
CKK_SHA_1_HMAC = 0x00000028
- CKK_SHA224_HMAC = 0x0000002E
+ CKK_RIPEMD128_HMAC = 0x00000029
+ CKK_RIPEMD160_HMAC = 0x0000002A
CKK_SHA256_HMAC = 0x0000002B
CKK_SHA384_HMAC = 0x0000002C
CKK_SHA512_HMAC = 0x0000002D
+ CKK_SHA224_HMAC = 0x0000002E
CKK_SEED = 0x0000002F
CKK_GOSTR3410 = 0x00000030
CKK_GOSTR3411 = 0x00000031
@@ -116,11 +108,26 @@ const (
CKK_SHA3_384_HMAC = 0x00000035
CKK_SHA3_512_HMAC = 0x00000036
CKK_VENDOR_DEFINED = 0x80000000
+ CK_CERTIFICATE_CATEGORY_UNSPECIFIED = 0
+ CK_CERTIFICATE_CATEGORY_TOKEN_USER = 1
+ CK_CERTIFICATE_CATEGORY_AUTHORITY = 2
+ CK_CERTIFICATE_CATEGORY_OTHER_ENTITY = 3
+ CK_SECURITY_DOMAIN_UNSPECIFIED = 0
+ CK_SECURITY_DOMAIN_MANUFACTURER = 1
+ CK_SECURITY_DOMAIN_OPERATOR = 2
+ CK_SECURITY_DOMAIN_THIRD_PARTY = 3
CKC_X_509 = 0x00000000
CKC_X_509_ATTR_CERT = 0x00000001
CKC_WTLS = 0x00000002
CKC_VENDOR_DEFINED = 0x80000000
CKF_ARRAY_ATTRIBUTE = 0x40000000
+ CK_OTP_FORMAT_DECIMAL = 0
+ CK_OTP_FORMAT_HEXADECIMAL = 1
+ CK_OTP_FORMAT_ALPHANUMERIC = 2
+ CK_OTP_FORMAT_BINARY = 3
+ CK_OTP_PARAM_IGNORED = 0
+ CK_OTP_PARAM_OPTIONAL = 1
+ CK_OTP_PARAM_MANDATORY = 2
CKA_CLASS = 0x00000000
CKA_TOKEN = 0x00000001
CKA_PRIVATE = 0x00000002
@@ -183,15 +190,16 @@ const (
CKA_MODIFIABLE = 0x00000170
CKA_COPYABLE = 0x00000171
CKA_DESTROYABLE = 0x00000172
- CKA_ECDSA_PARAMS = 0x00000180
+ CKA_ECDSA_PARAMS = 0x00000180 // Deprecated
CKA_EC_PARAMS = 0x00000180
CKA_EC_POINT = 0x00000181
- CKA_SECONDARY_AUTH = 0x00000200
- CKA_AUTH_PIN_FLAGS = 0x00000201
+ CKA_SECONDARY_AUTH = 0x00000200 // Deprecated
+ CKA_AUTH_PIN_FLAGS = 0x00000201 // Deprecated
CKA_ALWAYS_AUTHENTICATE = 0x00000202
CKA_WRAP_WITH_TRUSTED = 0x00000210
- CKA_WRAP_TEMPLATE = CKF_ARRAY_ATTRIBUTE | 0x00000211
- CKA_UNWRAP_TEMPLATE = CKF_ARRAY_ATTRIBUTE | 0x00000212
+ CKA_WRAP_TEMPLATE = (CKF_ARRAY_ATTRIBUTE | 0x00000211)
+ CKA_UNWRAP_TEMPLATE = (CKF_ARRAY_ATTRIBUTE | 0x00000212)
+ CKA_DERIVE_TEMPLATE = (CKF_ARRAY_ATTRIBUTE | 0x00000213)
CKA_OTP_FORMAT = 0x00000220
CKA_OTP_LENGTH = 0x00000221
CKA_OTP_TIME_INTERVAL = 0x00000222
@@ -226,7 +234,7 @@ const (
CKA_REQUIRED_CMS_ATTRIBUTES = 0x00000501
CKA_DEFAULT_CMS_ATTRIBUTES = 0x00000502
CKA_SUPPORTED_CMS_ATTRIBUTES = 0x00000503
- CKA_ALLOWED_MECHANISMS = CKF_ARRAY_ATTRIBUTE | 0x00000600
+ CKA_ALLOWED_MECHANISMS = (CKF_ARRAY_ATTRIBUTE | 0x00000600)
CKA_VENDOR_DEFINED = 0x80000000
CKM_RSA_PKCS_KEY_PAIR_GEN = 0x00000000
CKM_RSA_PKCS = 0x00000001
@@ -246,11 +254,10 @@ const (
CKM_DSA_KEY_PAIR_GEN = 0x00000010
CKM_DSA = 0x00000011
CKM_DSA_SHA1 = 0x00000012
- CKM_DSA_FIPS_G_GEN = 0x00000013
- CKM_DSA_SHA224 = 0x00000014
- CKM_DSA_SHA256 = 0x00000015
- CKM_DSA_SHA384 = 0x00000016
- CKM_DSA_SHA512 = 0x00000017
+ CKM_DSA_SHA224 = 0x00000013
+ CKM_DSA_SHA256 = 0x00000014
+ CKM_DSA_SHA384 = 0x00000015
+ CKM_DSA_SHA512 = 0x00000016
CKM_DSA_SHA3_224 = 0x00000018
CKM_DSA_SHA3_256 = 0x00000019
CKM_DSA_SHA3_384 = 0x0000001A
@@ -387,13 +394,13 @@ const (
CKM_CAST128_KEY_GEN = 0x00000320
CKM_CAST5_ECB = 0x00000321
CKM_CAST128_ECB = 0x00000321
- CKM_CAST5_CBC = 0x00000322
+ CKM_CAST5_CBC = 0x00000322 // Deprecated
CKM_CAST128_CBC = 0x00000322
- CKM_CAST5_MAC = 0x00000323
+ CKM_CAST5_MAC = 0x00000323 // Deprecated
CKM_CAST128_MAC = 0x00000323
- CKM_CAST5_MAC_GENERAL = 0x00000324
+ CKM_CAST5_MAC_GENERAL = 0x00000324 // Deprecated
CKM_CAST128_MAC_GENERAL = 0x00000324
- CKM_CAST5_CBC_PAD = 0x00000325
+ CKM_CAST5_CBC_PAD = 0x00000325 // Deprecated
CKM_CAST128_CBC_PAD = 0x00000325
CKM_RC5_KEY_GEN = 0x00000330
CKM_RC5_ECB = 0x00000331
@@ -441,9 +448,9 @@ const (
CKM_PBE_MD5_DES_CBC = 0x000003A1
CKM_PBE_MD5_CAST_CBC = 0x000003A2
CKM_PBE_MD5_CAST3_CBC = 0x000003A3
- CKM_PBE_MD5_CAST5_CBC = 0x000003A4
+ CKM_PBE_MD5_CAST5_CBC = 0x000003A4 // Deprecated
CKM_PBE_MD5_CAST128_CBC = 0x000003A4
- CKM_PBE_SHA1_CAST5_CBC = 0x000003A5
+ CKM_PBE_SHA1_CAST5_CBC = 0x000003A5 // Deprecated
CKM_PBE_SHA1_CAST128_CBC = 0x000003A5
CKM_PBE_SHA1_RC4_128 = 0x000003A6
CKM_PBE_SHA1_RC4_40 = 0x000003A7
@@ -522,7 +529,7 @@ const (
CKM_BATON_COUNTER = 0x00001034
CKM_BATON_SHUFFLE = 0x00001035
CKM_BATON_WRAP = 0x00001036
- CKM_ECDSA_KEY_PAIR_GEN = 0x00001040
+ CKM_ECDSA_KEY_PAIR_GEN = 0x00001040 // Deprecated
CKM_EC_KEY_PAIR_GEN = 0x00001040
CKM_ECDSA = 0x00001041
CKM_ECDSA_SHA1 = 0x00001042
@@ -551,9 +558,9 @@ const (
CKM_AES_CTR = 0x00001086
CKM_AES_GCM = 0x00001087
CKM_AES_CCM = 0x00001088
- CKM_AES_CMAC_GENERAL = 0x00001089
+ CKM_AES_CTS = 0x00001089
CKM_AES_CMAC = 0x0000108A
- CKM_AES_CTS = 0x0000108B
+ CKM_AES_CMAC_GENERAL = 0x0000108B
CKM_AES_XCBC_MAC = 0x0000108C
CKM_AES_XCBC_MAC_96 = 0x0000108D
CKM_AES_GMAC = 0x0000108E
@@ -704,33 +711,56 @@ const (
CKR_MUTEX_NOT_LOCKED = 0x000001A1
CKR_NEW_PIN_MODE = 0x000001B0
CKR_NEXT_OTP = 0x000001B1
- CKR_EXCEEDED_MAX_ITERATIONS = 0x000001C0
- CKR_FIPS_SELF_TEST_FAILED = 0x000001C1
- CKR_LIBRARY_LOAD_FAILED = 0x000001C2
- CKR_PIN_TOO_WEAK = 0x000001C3
- CKR_PUBLIC_KEY_INVALID = 0x000001C4
+ CKR_EXCEEDED_MAX_ITERATIONS = 0x000001B5
+ CKR_FIPS_SELF_TEST_FAILED = 0x000001B6
+ CKR_LIBRARY_LOAD_FAILED = 0x000001B7
+ CKR_PIN_TOO_WEAK = 0x000001B8
+ CKR_PUBLIC_KEY_INVALID = 0x000001B9
CKR_FUNCTION_REJECTED = 0x00000200
CKR_VENDOR_DEFINED = 0x80000000
CKF_LIBRARY_CANT_CREATE_OS_THREADS = 0x00000001
CKF_OS_LOCKING_OK = 0x00000002
CKF_DONT_BLOCK = 1
+ CKG_MGF1_SHA1 = 0x00000001
+ CKG_MGF1_SHA256 = 0x00000002
+ CKG_MGF1_SHA384 = 0x00000003
+ CKG_MGF1_SHA512 = 0x00000004
+ CKG_MGF1_SHA224 = 0x00000005
+ CKZ_DATA_SPECIFIED = 0x00000001
+ CKD_NULL = 0x00000001
+ CKD_SHA1_KDF = 0x00000002
+ CKD_SHA1_KDF_ASN1 = 0x00000003
+ CKD_SHA1_KDF_CONCATENATE = 0x00000004
+ CKD_SHA224_KDF = 0x00000005
+ CKD_SHA256_KDF = 0x00000006
+ CKD_SHA384_KDF = 0x00000007
+ CKD_SHA512_KDF = 0x00000008
+ CKD_CPDIVERSIFY_KDF = 0x00000009
+ CKD_SHA3_224_KDF = 0x0000000A
+ CKD_SHA3_256_KDF = 0x0000000B
+ CKD_SHA3_384_KDF = 0x0000000C
+ CKD_SHA3_512_KDF = 0x0000000D
+ CKP_PKCS5_PBKD2_HMAC_SHA1 = 0x00000001
+ CKP_PKCS5_PBKD2_HMAC_GOSTR3411 = 0x00000002
+ CKP_PKCS5_PBKD2_HMAC_SHA224 = 0x00000003
+ CKP_PKCS5_PBKD2_HMAC_SHA256 = 0x00000004
+ CKP_PKCS5_PBKD2_HMAC_SHA384 = 0x00000005
+ CKP_PKCS5_PBKD2_HMAC_SHA512 = 0x00000006
+ CKP_PKCS5_PBKD2_HMAC_SHA512_224 = 0x00000007
+ CKP_PKCS5_PBKD2_HMAC_SHA512_256 = 0x00000008
+ CKZ_SALT_SPECIFIED = 0x00000001
+ CK_OTP_VALUE = 0
+ CK_OTP_PIN = 1
+ CK_OTP_CHALLENGE = 2
+ CK_OTP_TIME = 3
+ CK_OTP_COUNTER = 4
+ CK_OTP_FLAGS = 5
+ CK_OTP_OUTPUT_LENGTH = 6
+ CK_OTP_OUTPUT_FORMAT = 7
CKF_NEXT_OTP = 0x00000001
CKF_EXCLUDE_TIME = 0x00000002
CKF_EXCLUDE_COUNTER = 0x00000004
CKF_EXCLUDE_CHALLENGE = 0x00000008
CKF_EXCLUDE_PIN = 0x00000010
CKF_USER_FRIENDLY_OTP = 0x00000020
- CKD_NULL = 0x00000001
- CKD_SHA1_KDF = 0x00000002
-)
-
-// Special return values defined in PKCS#11 v2.40 section 3.2.
-const (
- // CK_EFFECTIVELY_INFINITE may be returned in the CK_TOKEN_INFO fields ulMaxSessionCount and ulMaxRwSessionCount.
- // It indicates there is no practical limit on the number of sessions.
- CK_EFFECTIVELY_INFINITE = 0
-
- // CK_UNAVAILABLE_INFORMATION may be returned for several fields within CK_TOKEN_INFO. It indicates
- // the token is unable or unwilling to provide the requested information.
- CK_UNAVAILABLE_INFORMATION = ^uint(0)
)
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 90d924d8d..f75c3810d 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -206,7 +206,7 @@ github.com/containers/image/v5/types
github.com/containers/image/v5/version
# github.com/containers/libtrust v0.0.0-20200511145503-9c3a6c22cd9a
github.com/containers/libtrust
-# github.com/containers/ocicrypt v1.1.2
+# github.com/containers/ocicrypt v1.1.3
## explicit
github.com/containers/ocicrypt
github.com/containers/ocicrypt/blockcipher
@@ -478,7 +478,7 @@ github.com/mattn/go-runewidth
github.com/mattn/go-shellwords
# github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369
github.com/matttproud/golang_protobuf_extensions/pbutil
-# github.com/miekg/pkcs11 v1.0.3
+# github.com/miekg/pkcs11 v1.1.1
github.com/miekg/pkcs11
# github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible
github.com/mistifyio/go-zfs