CSSM_DB_CERTRECORD_SEMANTICS

These bit-masks define a list of usage semantics for how certificates may be used. It is anticipated that additional sets of bit-masks will be defined listing the usage semantics of how other record types can be used, such as CRL record semantics, key record semantics, policy record semantics, etc.

#define CSSM_DB_CERT_USE_ROOT    0x00000001 /* a self-signed root cert */ 
#define CSSM_DB_CERT_USE_TRUSTED 0x00000002 /* re-issued locally */
#define CSSM_DB_CERT_USE_SYSTEM  0x00000004 /* contains CSSM system cert */
#define CSSM_DB_CERT_USE_OWNER   0x00000008 /* private key is owned by the
system's user */ 
#define CSSM_DB_CERT_USE_REVOKED 0x00000010 /* revoked cert - used w\ CRL APIs */
#define CSSM_DB_CERT_SIGNING     0x00000011 /* use cert for signing only */
#define CSSM_DB_CERT_PRIVACY     0x00000012 /* use cert for encryption only */