cryptacl.h

来自「提供了很多种加密算法和CA认证及相关服务如CMP、OCSP等的开发」· C头文件 代码 · 共 1,568 行 · 第 1/5 页

H
1,568
字号
12345
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( CRYPT_ALGO_FIRST_PKC, CRYPT_ALGO_LAST_PKC ) ),
	MKACL_N(	/* Public-key encryption key size */
		CRYPT_OPTION_PKC_KEYSIZE,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( bitsToBytes( 512 ), CRYPT_MAX_PKCSIZE ) ),
	MKACL_N(	/* Signature algorithm */
		CRYPT_OPTION_SIG_ALGO,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( CRYPT_ALGO_FIRST_PKC, CRYPT_ALGO_LAST_PKC ) ),
	MKACL_N(	/* Signature keysize */
		CRYPT_OPTION_SIG_KEYSIZE,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( bitsToBytes( 512 ), CRYPT_MAX_PKCSIZE ) ),
	MKACL_N(	/* Key processing algorithm */
		CRYPT_OPTION_KEYING_ALGO,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( CRYPT_ALGO_HMAC_SHA, CRYPT_ALGO_HMAC_SHA ) ),
	MKACL_N(	/* Key processing iterations */
		CRYPT_OPTION_KEYING_ITERATIONS,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 1, 20000 ) ),

	MKACL_B(	/* Whether to create X.509v3 certs */
		CRYPT_OPTION_CERT_CREATEV3CERT,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),
	MKACL_B(	/* Use alternative PKCS #10 encoding */
		CRYPT_OPTION_CERT_PKCS10ALT,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),
	MKACL_B(	/* Whether to fix encoding of email addr.*/
		CRYPT_OPTION_CERT_FIXEMAILADDRESS,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),
	MKACL_B(	/* Whether to sign unrecog.attrs */
		CRYPT_OPTION_CERT_SIGNUNRECOGNISEDATTRIBUTES,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),
	MKACL_B(	/* Whether to trust cert chain root */
		CRYPT_OPTION_CERT_TRUSTCHAINROOT,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),
	MKACL_N(	/* Certificate validity period */
		CRYPT_OPTION_CERT_VALIDITY,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 1, 20 * 365 ) ),
	MKACL_N(	/* CRL update interval */
		CRYPT_OPTION_CERT_UPDATEINTERVAL,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 1, 365 ) ),
	MKACL_B(	/* Enforce validity nesting on write */
		CRYPT_OPTION_CERT_ENCODE_VALIDITYNESTING,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),
	MKACL_B(	/* Enforce validity nesting on read */
		CRYPT_OPTION_CERT_DECODE_VALIDITYNESTING,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),
	MKACL_B(	/* Enforce critical flag in extensions on write */
		CRYPT_OPTION_CERT_ENCODE_CRITICAL,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),
	MKACL_B(	/* Enforce critical flag in extensions on read */
		CRYPT_OPTION_CERT_DECODE_CRITICAL,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),

	MKACL_B(	/* Add default CMS attributes */
		CRYPT_OPTION_CMS_DEFAULTATTRIBUTES,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),

	MKACL_S(	/* Object class */
		CRYPT_OPTION_KEYS_LDAP_OBJECTCLASS,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, CRYPT_MAX_TEXTSIZE ) ),
	MKACL_EX(	/* Object type to fetch */
		CRYPT_OPTION_KEYS_LDAP_OBJECTTYPE, VALUE_NUMERIC,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx, 0,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE_ALLOWEDVALUES, allowedLDAPObjectTypes ),
	MKACL_S(	/* Query filter */
		CRYPT_OPTION_KEYS_LDAP_FILTER,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, CRYPT_MAX_TEXTSIZE ) ),
	MKACL_S(	/* CA certificate attribute name */
		CRYPT_OPTION_KEYS_LDAP_CACERTNAME,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, CRYPT_MAX_TEXTSIZE ) ),
	MKACL_S(	/* Certificate attribute name */
		CRYPT_OPTION_KEYS_LDAP_CERTNAME,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, CRYPT_MAX_TEXTSIZE ) ),
	MKACL_S(	/* CRL attribute name */
		CRYPT_OPTION_KEYS_LDAP_CRLNAME,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, CRYPT_MAX_TEXTSIZE ) ),
	MKACL_S(	/* Email attribute name */
		CRYPT_OPTION_KEYS_LDAP_EMAILNAME,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, CRYPT_MAX_TEXTSIZE ) ),

	MKACL_S(	/* Name of first PKCS #11 driver */
		CRYPT_OPTION_DEVICE_PKCS11_DVR01,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, MAX_PATH_LENGTH ) ),
	MKACL_S(	/* Name of second PKCS #11 driver */
		CRYPT_OPTION_DEVICE_PKCS11_DVR02,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, MAX_PATH_LENGTH ) ),
	MKACL_S(	/* Name of third PKCS #11 driver */
		CRYPT_OPTION_DEVICE_PKCS11_DVR03,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, MAX_PATH_LENGTH ) ),
	MKACL_S(	/* Name of fourth PKCS #11 driver */
		CRYPT_OPTION_DEVICE_PKCS11_DVR04,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, MAX_PATH_LENGTH ) ),
	MKACL_S(	/* Name of fifth PKCS #11 driver */
		CRYPT_OPTION_DEVICE_PKCS11_DVR05,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, MAX_PATH_LENGTH ) ),
	MKACL_B(	/* Use only hardware mechanisms */
		CRYPT_OPTION_DEVICE_PKCS11_HARDWAREONLY,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),

	MKACL_S(	/* Serial-port-based RNG name */
		CRYPT_OPTION_DEVICE_SERIALRNG,
		ST_NONE, ST_USER_SO, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, CRYPT_MAX_TEXTSIZE ) ),
	MKACL_S(	/* Serial RNG parameters */
		CRYPT_OPTION_DEVICE_SERIALRNG_PARAMS,
		ST_NONE, ST_USER_SO, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, CRYPT_MAX_TEXTSIZE ) ),

	MKACL_S(	/* Socks server name */
		CRYPT_OPTION_NET_SOCKS_SERVER,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( MIN_DNS_SIZE, MAX_DNS_SIZE ) ),
	MKACL_S(	/* Socks server name */
		CRYPT_OPTION_NET_SOCKS_USERNAME,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 2, CRYPT_MAX_TEXTSIZE ) ),
	MKACL_S(	/* Web proxy server */
		CRYPT_OPTION_NET_HTTP_PROXY,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( MIN_DNS_SIZE, MAX_DNS_SIZE ) ),
	MKACL_N(	/* Timeout for network connection setup */
		CRYPT_OPTION_NET_CONNECTTIMEOUT,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 5, 300 ) ),
	MKACL_N(	/* Timeout for network read/write */
		CRYPT_OPTION_NET_TIMEOUT,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE( 0, 300 ) ),

	MKACL_B(	/* Whether to init cryptlib async'ly */
		CRYPT_OPTION_MISC_ASYNCINIT,
		ST_NONE, ST_USER_SO, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_USER ) ),

	MKACL_EX(	/* Whether in-mem.opts match on-disk ones */
		CRYPT_OPTION_CONFIGCHANGED, VALUE_BOOLEAN,
		ST_NONE, ST_USER_ANY, ACCESS_RWx_RWx, 0,
		ROUTE( OBJECT_TYPE_USER ),
		RANGE_ALLOWEDVALUES, allowedConfigChanged ),
	MKACL_B(	/* Whether self-test was completed and OK */
		CRYPT_OPTION_SELFTESTOK,
		ST_NONE, ST_USER_ANY, ACCESS_xWx_xWx,
		ROUTE( OBJECT_TYPE_USER ) )

	MKACL_END()
	};

static const ATTRIBUTE_ACL contextACL[] = {		/* Context attributes */
	MKACL_N(	/* Algorithm */
		CRYPT_CTXINFO_ALGO,
		ST_CTX_ANY, ST_NONE, ACCESS_Rxx_Rxx,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( CRYPT_ALGO_NONE + 1, CRYPT_ALGO_LAST - 1 ) ),
	MKACL_N(	/* Mode */
		CRYPT_CTXINFO_MODE,
		ST_CTX_CONV, ST_NONE, ACCESS_Rxx_RWx,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( CRYPT_MODE_NONE + 1, CRYPT_MODE_LAST - 1 ) ),
	MKACL_S(	/* Algorithm name */
		CRYPT_CTXINFO_NAME_ALGO,
		ST_CTX_ANY, ST_NONE, ACCESS_Rxx_Rxx,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( 3, CRYPT_MAX_TEXTSIZE ) ),
	MKACL_S(	/* Mode name */
		CRYPT_CTXINFO_NAME_MODE,
		ST_CTX_CONV, ST_NONE, ACCESS_Rxx_Rxx,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( 3, CRYPT_MAX_TEXTSIZE ) ),
	MKACL_N(	/* Key size in bytes */
		CRYPT_CTXINFO_KEYSIZE,
		ST_CTX_CONV | ST_CTX_PKC | ST_CTX_MAC, ST_NONE, ACCESS_Rxx_RWx,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( bitsToBytes( MIN_KEYSIZE_BITS ), CRYPT_MAX_PKCSIZE ) ),
	MKACL_N(	/* Block size in bytes */
		CRYPT_CTXINFO_BLOCKSIZE,
		ST_CTX_ANY, ST_NONE, ACCESS_Rxx_Rxx,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( 1, CRYPT_MAX_HASHSIZE ) ),
	MKACL_N(	/* IV size in bytes */
		CRYPT_CTXINFO_IVSIZE,
		ST_CTX_CONV, ST_NONE, ACCESS_Rxx_Rxx,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( 1, CRYPT_MAX_HASHSIZE ) ),
	MKACL_N(	/* Key processing algorithm */
		CRYPT_CTXINFO_KEYING_ALGO,
		ST_CTX_CONV | ST_CTX_MAC, ST_NONE, ACCESS_Rxx_RWD,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( CRYPT_ALGO_HMAC_SHA, CRYPT_ALGO_HMAC_SHA ) ),
	MKACL_N(	/* Key processing iterations */
		CRYPT_CTXINFO_KEYING_ITERATIONS,
		ST_CTX_CONV | ST_CTX_MAC, ST_NONE, ACCESS_Rxx_RWD,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( 1, 20000 ) ),
	MKACL_S(	/* Key processing salt */
		CRYPT_CTXINFO_KEYING_SALT,
		ST_CTX_CONV | ST_CTX_MAC, ST_NONE, ACCESS_Rxx_RWD,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( 8, CRYPT_MAX_HASHSIZE ) ),
	MKACL_S_EX(	/* Value used to derive key */
		CRYPT_CTXINFO_KEYING_VALUE,
		ST_CTX_CONV | ST_CTX_MAC, ST_NONE, ACCESS_xxx_xWx, ATTRIBUTE_FLAG_TRIGGER,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( 1, MAX_ATTRIBUTE_SIZE ) ),
	MKACL_S_EX(	/* Key */
		CRYPT_CTXINFO_KEY,
		ST_CTX_CONV | ST_CTX_MAC, ST_NONE, ACCESS_xxx_xWx, ATTRIBUTE_FLAG_TRIGGER,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( bitsToBytes( MIN_KEYSIZE_BITS ), CRYPT_MAX_KEYSIZE ) ),
	MKACL_EX(	/* Public-key components */
		CRYPT_CTXINFO_KEY_COMPONENTS, VALUE_STRING,
		ST_CTX_PKC, ST_NONE, ACCESS_xxx_xWx, ATTRIBUTE_FLAG_TRIGGER,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE_ALLOWEDVALUES, allowedPKCKeysizes ),
	MKACL_S(	/* IV */
		CRYPT_CTXINFO_IV,
		ST_CTX_CONV, ST_NONE, ACCESS_RWx_RWx,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( 8, CRYPT_MAX_IVSIZE ) ),
	MKACL_S(	/* Hash value */
		CRYPT_CTXINFO_HASHVALUE,
		ST_CTX_HASH | ST_CTX_MAC, ST_NONE, ACCESS_RxD_RxD,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( 16, CRYPT_MAX_HASHSIZE ) ),
	MKACL_S(	/* Label for private/secret key */
		CRYPT_CTXINFO_LABEL,
		ST_CTX_CONV | ST_CTX_PKC | ST_CTX_MAC, ST_NONE, ACCESS_Rxx_RWD,
		ROUTE( OBJECT_TYPE_CONTEXT ),
		RANGE( 1, CRYPT_MAX_TEXTSIZE ) )

	MKACL_END()
	};

static const ATTRIBUTE_ACL certificateACL[] = {	/* Certificate: General info */
	MKACL_B(	/* Cert is self-signed */
		CRYPT_CERTINFO_SELFSIGNED,
		ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWx,
		ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
	MKACL_B(	/* Cert is signed and immutable */
		CRYPT_CERTINFO_IMMUTABLE,
		ST_CERT_ANY, ST_NONE, ACCESS_Rxx_Rxx,
		ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
	MKACL_B(	/* Cert is a magic just-works cert */
		CRYPT_CERTINFO_XYZZY,
		ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWx,
		ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
	MKACL_N(	/* Certificate object type */
		CRYPT_CERTINFO_CERTTYPE,
		ST_CERT_ANY, ST_NONE, ACCESS_Rxx_Rxx,
		ROUTE( OBJECT_TYPE_CERTIFICATE ),
		RANGE( CRYPT_CERTTYPE_NONE + 1, CRYPT_CERTTYPE_LAST - 1 ) ),
	MKACL_S(	/* Certificate fingerprint: MD5 */
		CRYPT_CERTINFO_FINGERPRINT,
		ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_xxx,
		ROUTE( OBJECT_TYPE_CERTIFICATE ),
		RANGE( 16, 16 ) ),
	MKACL_S(	/* Certificate fingerprint: SHA-1 */
		CRYPT_CERTINFO_FINGERPRINT_SHA,
		ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_xxx,
		ROUTE( OBJECT_TYPE_CERTIFICATE ),
		RANGE( 20, 20 ) ),
12345

cryptacl.h - 源码说明

本页面展示了「提供了很多种加密算法和CA认证及相关服务如CMP、OCSP等的开发」中的 cryptacl.h 源码文件,采用 C头文件 编程语言编写,共 1,568 行代码。您可以在线阅读完整代码内容,也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫开发者社区收录了大量与加密算法相关的技术资源,包括源代码、技术文档、电路图等,是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?