ca-certificates/nssckbi.h

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#ifndef NSSCKBI_H
#define NSSCKBI_H

/*
 * NSS BUILTINS Version numbers.
 *
 * These are the version numbers for the builtins module packaged with
 * this release on NSS. To determine the version numbers of the builtin
 * module you are using, use the appropriate PKCS #11 calls.
 *
 * These version numbers detail changes to the PKCS #11 interface. They map
 * to the PKCS #11 spec versions.
 */
#define NSS_BUILTINS_CRYPTOKI_VERSION_MAJOR 2
#define NSS_BUILTINS_CRYPTOKI_VERSION_MINOR 20

/* These version numbers detail the changes
 * to the list of trusted certificates.
 *
 * The NSS_BUILTINS_LIBRARY_VERSION_MINOR macro needs to be bumped
 * whenever we change the list of trusted certificates.
 *
 * Please use the following rules when increasing the version number:
 *
 * - starting with version 2.14, NSS_BUILTINS_LIBRARY_VERSION_MINOR
 *   must always be an EVEN number (e.g. 16, 18, 20 etc.)
 *
 * - whenever possible, if older branches require a modification to the
 *   list, these changes should be made on the main line of development (trunk),
 *   and the older branches should update to the most recent list.
 *
 * - ODD minor version numbers are reserved to indicate a snapshot that has
 *   deviated from the main line of development, e.g. if it was necessary
 *   to modify the list on a stable branch.
 *   Once the version has been changed to an odd number (e.g. 2.13) on a branch,
 *   it should remain unchanged on that branch, even if further changes are
 *   made on that branch.
 *
 * NSS_BUILTINS_LIBRARY_VERSION_MINOR is a CK_BYTE.  It's not clear
 * whether we may use its full range (0-255) or only 0-99 because
 * of the comment in the CK_VERSION type definition.
 * It's recommend to switch back to 0 after having reached version 98/99.
 */
#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2
#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 60
#define NSS_BUILTINS_LIBRARY_VERSION "2.60"

/* These version numbers detail the semantic changes to the ckfw engine. */
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1
#define NSS_BUILTINS_HARDWARE_VERSION_MINOR 0

/* These version numbers detail the semantic changes to ckbi itself
 * (new PKCS #11 objects), etc. */
#define NSS_BUILTINS_FIRMWARE_VERSION_MAJOR 1
#define NSS_BUILTINS_FIRMWARE_VERSION_MINOR 0

#endif /* NSSCKBI_H */
RHEL 9.0.0 Alpha bootstrap The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/ca-certificates#5221e001cb29e491c529e5d5e8c1d26c84f4d9b4 2020-10-14 20:35:13 +00:00			`/* This Source Code Form is subject to the terms of the Mozilla Public`
			`* License, v. 2.0. If a copy of the MPL was not distributed with this`
			`* file, You can obtain one at http://mozilla.org/MPL/2.0/. */`

			`#ifndef NSSCKBI_H`
			`#define NSSCKBI_H`

			`/*`
			`* NSS BUILTINS Version numbers.`
			`*`
			`* These are the version numbers for the builtins module packaged with`
			`* this release on NSS. To determine the version numbers of the builtin`
			`* module you are using, use the appropriate PKCS #11 calls.`
			`*`
			`* These version numbers detail changes to the PKCS #11 interface. They map`
			`* to the PKCS #11 spec versions.`
			`*/`
			`#define NSS_BUILTINS_CRYPTOKI_VERSION_MAJOR 2`
			`#define NSS_BUILTINS_CRYPTOKI_VERSION_MINOR 20`

			`/* These version numbers detail the changes`
			`* to the list of trusted certificates.`
			`*`
			`* The NSS_BUILTINS_LIBRARY_VERSION_MINOR macro needs to be bumped`
			`* whenever we change the list of trusted certificates.`
			`*`
			`* Please use the following rules when increasing the version number:`
			`*`
			`* - starting with version 2.14, NSS_BUILTINS_LIBRARY_VERSION_MINOR`
			`* must always be an EVEN number (e.g. 16, 18, 20 etc.)`
			`*`
			`* - whenever possible, if older branches require a modification to the`
			`* list, these changes should be made on the main line of development (trunk),`
			`* and the older branches should update to the most recent list.`
			`*`
			`* - ODD minor version numbers are reserved to indicate a snapshot that has`
			`* deviated from the main line of development, e.g. if it was necessary`
			`* to modify the list on a stable branch.`
			`* Once the version has been changed to an odd number (e.g. 2.13) on a branch,`
			`* it should remain unchanged on that branch, even if further changes are`
			`* made on that branch.`
			`*`
			`* NSS_BUILTINS_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear`
			`* whether we may use its full range (0-255) or only 0-99 because`
			`* of the comment in the CK_VERSION type definition.`
			`* It's recommend to switch back to 0 after having reached version 98/99.`
			`*/`
			`#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2`
Resolves: rhbz#2229003 Update to CKBI 2.60_v7.0.306 from NSS 3.91 Removing: # Certificate "Camerfirma Global Chambersign Root" # Certificate "Staat der Nederlanden EV Root CA" # Certificate "OpenTrust Root CA G1" # Certificate "Swedish Government Root Authority v1" # Certificate "DigiNotar Root CA G2" # Certificate "Federal Common Policy CA" # Certificate "TC TrustCenter Universal CA III" # Certificate "CCA India 2007" # Certificate "ipsCA Global CA Root" # Certificate "ipsCA Main CA Root" # Certificate "Macao Post eSignTrust Root Certification Authority" # Certificate "InfoNotary CSP Root" # Certificate "DigiNotar Root CA" # Certificate "Root CA" # Certificate "GPKIRootCA" # Certificate "D-TRUST Qualified Root CA 1 2007:PN" # Certificate "TC TrustCenter Universal CA I" # Certificate "TC TrustCenter Universal CA II" # Certificate "TC TrustCenter Class 2 CA II" # Certificate "TC TrustCenter Class 4 CA II" # Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı" # Certificate "CertRSA01" # Certificate "KISA RootCA 3" # Certificate "A-CERT ADVANCED" # Certificate "A-Trust-Qual-01" # Certificate "A-Trust-nQual-01" # Certificate "Serasa Certificate Authority II" # Certificate "TDC Internet" # Certificate "America Online Root Certification Authority 2" # Certificate "RSA Security Inc" # Certificate "Public Notary Root" # Certificate "Autoridade Certificadora Raiz Brasileira" # Certificate "Post.Trust Root CA" # Certificate "Entrust.net Secure Server Certification Authority" # Certificate "ePKI EV SSL Certification Authority - G1" Adding: # Certificate "DigiCert TLS ECC P384 Root G5" # Certificate "DigiCert TLS RSA4096 Root G5" # Certificate "DigiCert SMIME ECC P384 Root G5" # Certificate "DigiCert SMIME RSA4096 Root G5" # Certificate "Certainly Root R1" # Certificate "Certainly Root E1" # Certificate "E-Tugra Global Root CA RSA v3" # Certificate "E-Tugra Global Root CA ECC v3" # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" # Certificate "Symantec Enterprise Mobile Root for Microsoft" # Certificate "A-Trust-Root-05" # Certificate "ADOCA02" # Certificate "StartCom Certification Authority G2" # Certificate "ATHEX Root CA" # Certificate "EBG Elektronik Sertifika Hizmet Sağlayıcısı" # Certificate "GeoTrust Primary Certification Authority" # Certificate "thawte Primary Root CA" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" # Certificate "America Online Root Certification Authority 1" # Certificate "Juur-SK" # Certificate "ComSign CA" # Certificate "ComSign Secured CA" # Certificate "ComSign Advanced Security CA" # Certificate "Global Chambersign Root" # Certificate "Sonera Class2 CA" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G3" # Certificate "VeriSign, Inc." # Certificate "GTE CyberTrust Global Root" # Certificate "Equifax Secure Global eBusiness CA-1" # Certificate "Equifax" # Certificate "Class 1 Primary CA" # Certificate "Swiss Government Root CA III" # Certificate "Application CA G4 Root" # Certificate "SSC GDL CA Root A" # Certificate "GlobalSign Code Signing Root E45" # Certificate "GlobalSign Code Signing Root R45" # Certificate "Entrust Code Signing Root Certification Authority - CSBR1" 2023-08-21 21:32:43 +00:00			`#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 60`
			`#define NSS_BUILTINS_LIBRARY_VERSION "2.60"`
RHEL 9.0.0 Alpha bootstrap The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/ca-certificates#5221e001cb29e491c529e5d5e8c1d26c84f4d9b4 2020-10-14 20:35:13 +00:00
			`/* These version numbers detail the semantic changes to the ckfw engine. */`
			`#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1`
			`#define NSS_BUILTINS_HARDWARE_VERSION_MINOR 0`

			`/* These version numbers detail the semantic changes to ckbi itself`
			`* (new PKCS #11 objects), etc. */`
			`#define NSS_BUILTINS_FIRMWARE_VERSION_MAJOR 1`
			`#define NSS_BUILTINS_FIRMWARE_VERSION_MINOR 0`

			`#endif /* NSSCKBI_H */`