Imported Upstream version 4.5.1

1 files changed, 20 insertions, 1 deletions

diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
index 1457d24d4..abe023448 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
@@ -21,6 +21,7 @@
 #ifndef PKCS11_LIBRARY_H_
 #define PKCS11_LIBRARY_H_
 
+typedef enum pkcs11_feature_t pkcs11_feature_t;
 typedef struct pkcs11_library_t pkcs11_library_t;
 
 #include "pkcs11.h"
@@ -29,6 +30,16 @@ typedef struct pkcs11_library_t pkcs11_library_t;
 #include <utils/enumerator.h>
 
 /**
+ * Optional PKCS#11 features some libraries support, some not
+ */
+enum pkcs11_feature_t {
+	/** CKA_TRUSTED attribute supported for certificate objects */
+	PKCS11_TRUSTED_CERTS = (1<<0),
+	/** CKA_ALWAYS_AUTHENTICATE attribute supported for private keys */
+	PKCS11_ALWAYS_AUTH_KEYS = (1<<1),
+};
+
+/**
  * A loaded and initialized PKCS#11 library.
  */
 struct pkcs11_library_t {
@@ -46,6 +57,13 @@ struct pkcs11_library_t {
 	char* (*get_name)(pkcs11_library_t *this);
 
 	/**
+	 * Get the feature set supported by this library.
+	 *
+	 * @return			ORed set of features supported
+	 */
+	pkcs11_feature_t (*get_features)(pkcs11_library_t *this);
+
+	/**
 	 * Create an enumerator over CK_OBJECT_HANDLE using a search template.
 	 *
 	 * An optional attribute array is automatically filled in with the
@@ -103,8 +121,9 @@ void pkcs11_library_trim(char *str, int len);
  *
  * @param name		an arbitrary name, for debugging
  * @param file		pkcs11 library file to dlopen()
+ * @param os_lock	enforce OS Locking for this library
  * @return			library abstraction
  */
-pkcs11_library_t *pkcs11_library_create(char *name, char *file);
+pkcs11_library_t *pkcs11_library_create(char *name, char *file, bool os_lock);
 
 #endif /** PKCS11_LIBRARY_H_ @}*/