cryptacd.h

老外写的加密库cryptlib(版本3.1)

/****************************************************************************
*																			*
*								ACL Definitions								*
*						Copyright Peter Gutmann 1998-2003					*
*																			*
****************************************************************************/

#ifndef _CRYPTACD_DEFINED

#define _CRYPTACD_DEFINED

/* Various includes and defines needed for range checking */

#include <limits.h>		/* For INT_MAX */

/****************************************************************************
*																			*
*						Object/Parameter Type Information					*
*																			*
****************************************************************************/

/* The attribute's type, for attribute ACLs.  The basic values are boolean,
   numeric, or byte string, there are also some special types such as object
   handles that place extra constraints on the attribute */

typedef enum {
	ATTRIBUTE_VALUE_NONE,			/* Non-value */
	ATTRIBUTE_VALUE_BOOLEAN,		/* Boolean flag */
	ATTRIBUTE_VALUE_NUMERIC,		/* Numeric value */
	ATTRIBUTE_VALUE_STRING,			/* Byte string */
	ATTRIBUTE_VALUE_WCSTRING,		/* (Possible) widechar string */
	ATTRIBUTE_VALUE_OBJECT,			/* Object handle */
	ATTRIBUTE_VALUE_TIME,			/* Timestamp */
	ATTRIBUTE_VALUE_SPECIAL			/* Special-case value with sub-ACLs */
	} ATTRIBUTE_VALUE_TYPE;

/* The parameter's type, for mechanism ACLs.  The basic values are boolean, 
   numeric, or byte string, there are also some special types such as object 
   handles that place extra constraints on the attribute */

typedef enum {
	MECHPARAM_VALUE_NONE,			/* Non-value */
	MECHPARAM_VALUE_BOOLEAN,		/* Boolean flag */
	MECHPARAM_VALUE_NUMERIC,		/* Numeric value */
	MECHPARAM_VALUE_STRING,			/* Byte string */
	MECHPARAM_VALUE_STRING_OPT,		/* Byte string or (NULL, 0) */
	MECHPARAM_VALUE_STRING_NONE,	/* Empty (NULL, 0) string */
	MECHPARAM_VALUE_OBJECT,			/* Object handle */
	MECHPARAM_VALUE_UNUSED			/* CRYPT_UNUSED */
	} MECHPARAM_VALUE_TYPE;

/* Bit flags for specifying valid object subtypes.  Since the full field names 
   are rather long, we define a shortened form (only visible within the ACL
   definitions) that reduces the space required to define them */

#define ST_CTX_CONV				SUBTYPE_CTX_CONV
#define ST_CTX_PKC				SUBTYPE_CTX_PKC
#define ST_CTX_HASH				SUBTYPE_CTX_HASH
#define ST_CTX_MAC				SUBTYPE_CTX_MAC
#define ST_CTX_ANY				( ST_CTX_CONV | ST_CTX_PKC | ST_CTX_HASH | \
								  ST_CTX_MAC )

#define ST_CERT_CERT			SUBTYPE_CERT_CERT
#define ST_CERT_CERTREQ			SUBTYPE_CERT_CERTREQ
#define ST_CERT_REQ_CERT		SUBTYPE_CERT_REQ_CERT
#define ST_CERT_REQ_REV			SUBTYPE_CERT_REQ_REV
#define ST_CERT_CERTCHAIN		SUBTYPE_CERT_CERTCHAIN
#define ST_CERT_ATTRCERT		SUBTYPE_CERT_ATTRCERT
#define ST_CERT_CRL				SUBTYPE_CERT_CRL
#define ST_CERT_CMSATTR			SUBTYPE_CERT_CMSATTR
#define ST_CERT_RTCS_REQ		SUBTYPE_CERT_RTCS_REQ
#define ST_CERT_RTCS_RESP		SUBTYPE_CERT_RTCS_RESP
#define ST_CERT_OCSP_REQ		SUBTYPE_CERT_OCSP_REQ
#define ST_CERT_OCSP_RESP		SUBTYPE_CERT_OCSP_RESP
#define ST_CERT_PKIUSER			SUBTYPE_CERT_PKIUSER
#define ST_CERT_ANY_CERT		( ST_CERT_CERT | ST_CERT_CERTREQ | \
								  SUBTYPE_CERT_REQ_CERT | ST_CERT_CERTCHAIN )
#define ST_CERT_ANY				( ST_CERT_ANY_CERT | ST_CERT_ATTRCERT | \
								  ST_CERT_REQ_REV | ST_CERT_CRL | \
								  ST_CERT_CMSATTR | ST_CERT_RTCS_REQ | \
								  ST_CERT_RTCS_RESP | ST_CERT_OCSP_REQ | \
								  ST_CERT_OCSP_RESP | ST_CERT_PKIUSER )

#define ST_KEYSET_FILE			SUBTYPE_KEYSET_FILE
#define ST_KEYSET_FILE_PARTIAL	SUBTYPE_KEYSET_FILE_PARTIAL
#define ST_KEYSET_DBMS			SUBTYPE_KEYSET_DBMS
#define ST_KEYSET_DBMS_STORE	SUBTYPE_KEYSET_DBMS_STORE
#define ST_KEYSET_HTTP			SUBTYPE_KEYSET_HTTP
#define ST_KEYSET_LDAP			SUBTYPE_KEYSET_LDAP
#define ST_KEYSET_ANY			( ST_KEYSET_FILE | ST_KEYSET_FILE_PARTIAL | \
								  ST_KEYSET_DBMS | ST_KEYSET_DBMS_STORE | \
								  ST_KEYSET_HTTP | ST_KEYSET_LDAP )

#define ST_ENV_ENV				SUBTYPE_ENV_ENV
#define ST_ENV_ENV_PGP			SUBTYPE_ENV_ENV_PGP
#define ST_ENV_DEENV			SUBTYPE_ENV_DEENV
#define ST_ENV_ANY				( SUBTYPE_ENV_ENV | SUBTYPE_ENV_ENV_PGP | \
								  SUBTYPE_ENV_DEENV )

#define ST_DEV_SYSTEM			SUBTYPE_DEV_SYSTEM
#define ST_DEV_FORT				SUBTYPE_DEV_FORTEZZA
#define ST_DEV_P11				SUBTYPE_DEV_PKCS11
#define ST_DEV_CAPI				SUBTYPE_DEV_CRYPTOAPI
#define ST_DEV_ANY_STD			( SUBTYPE_DEV_FORTEZZA | SUBTYPE_DEV_PKCS11 | \
								  SUBTYPE_DEV_CRYPTOAPI )
#define ST_DEV_ANY				( ST_DEV_ANY_STD | SUBTYPE_DEV_SYSTEM )

#define ST_SESS_SSH				SUBTYPE_SESSION_SSH
#define ST_SESS_SSH_SVR			SUBTYPE_SESSION_SSH_SVR
#define ST_SESS_SSL				SUBTYPE_SESSION_SSL
#define ST_SESS_SSL_SVR			SUBTYPE_SESSION_SSL_SVR
#define ST_SESS_RTCS			SUBTYPE_SESSION_RTCS
#define ST_SESS_RTCS_SVR		SUBTYPE_SESSION_RTCS_SVR
#define ST_SESS_OCSP			SUBTYPE_SESSION_OCSP
#define ST_SESS_OCSP_SVR		SUBTYPE_SESSION_OCSP_SVR
#define ST_SESS_TSP				SUBTYPE_SESSION_TSP
#define ST_SESS_TSP_SVR			SUBTYPE_SESSION_TSP_SVR
#define ST_SESS_CMP				SUBTYPE_SESSION_CMP
#define ST_SESS_CMP_SVR			SUBTYPE_SESSION_CMP_SVR
#define ST_SESS_SCEP			SUBTYPE_SESSION_SCEP
#define ST_SESS_SCEP_SVR		SUBTYPE_SESSION_SCEP_SVR
#define ST_SESS_ANY_SVR			( ST_SESS_SSH_SVR | ST_SESS_SSL_SVR | \
								  ST_SESS_RTCS_SVR | ST_SESS_OCSP_SVR | \
								  ST_SESS_TSP_SVR | ST_SESS_CMP_SVR | \
								  ST_SESS_SCEP_SVR )
#define ST_SESS_ANY_CLIENT		( ST_SESS_SSH | ST_SESS_SSL | ST_SESS_RTCS | \
								  ST_SESS_OCSP | ST_SESS_TSP | ST_SESS_CMP | \
								  ST_SESS_SCEP )
#define ST_SESS_ANY_DATA		( ST_SESS_SSH | ST_SESS_SSH_SVR | \
								  ST_SESS_SSL | ST_SESS_SSL_SVR )
#define ST_SESS_ANY_REQRESP		( ST_SESS_RTCS | ST_SESS_RTCS_SVR | \
								  ST_SESS_OCSP | ST_SESS_OCSP_SVR | \
								  ST_SESS_TSP | ST_SESS_TSP_SVR | \
								  ST_SESS_CMP | ST_SESS_CMP_SVR | \
								  ST_SESS_SCEP | ST_SESS_SCEP_SVR )
#define ST_SESS_ANY_SEC			( ST_SESS_ANY_DATA | \
								  ST_SESS_CMP | ST_SESSION_CMP_SVR )
#define ST_SESS_ANY				( ST_SESS_ANY_CLIENT | ST_SESS_ANY_SVR )

#define ST_USER_NORMAL			SUBTYPE_USER_NORMAL
#define ST_USER_SO				SUBTYPE_USER_SO
#define ST_USER_CA				SUBTYPE_USER_CA
#define ST_USER_ANY				( SUBTYPE_USER_NORMAL | SUBTYPE_USER_SO | \
								  SUBTYPE_USER_CA )

/* A subtype value that allows access for any object subtype and for no
   object subtypes */

#define ST_ANY					0x7FFFFFFFL
#define ST_NONE					0

/* A data type to store subtype values */

#if INT_MAX <= 65535L
  typedef unsigned long OBJECT_SUBTYPE;
#else
  typedef unsigned int OBJECT_SUBTYPE;
#endif /* 16- vs.32-bit systems */

/****************************************************************************
*																			*
*							Access Permission Information					*
*																			*
****************************************************************************/

/* Read/write/delete permission flags.  Each object can have two modes, "low" 
   and "high", whose exact definition depends on the object type.  At some 
   point an operation on an object (loading a key for a context, signing a 
   cert) will move it from the low to the high state, at which point a much
   more restricted set of permissions apply.  The permissions are given as
   RWD_RWD with the first set being for the object in the high state and the
   second for the object in the low state.

   In addition to the usual external-access permssions, some attributes are
   only visible internally.  Normal attributes have matching internal-access
   and external-access permssions but the internal-access-only ones have the
   external-access permissions turned off.

   Some of the odder combinations arise from ACLs with sub-ACLs, for which 
   the overall access permission is the union of the permissions in all the
   sub-ACLs.  For example if one sub-ACL has xxx_RWx and another has xWD_xxx,
   the parent ACL will have xWD_RWx.  Finally, there are a small number of 
   special-case permissions in which internal access differs from external 
   access.  This is used for attributes that are used for control purposes 
   (e.g. identifier information in cert requests) and can be set internally 
   but are read-only externally.

			  Internal low ----++---- External high
			  Internal high --+||+--- External low */
#define ACCESS_xxx_xxx		0x0000	/* No access */
#define ACCESS_xxx_xWx		0x0202	/* Low: Write-only */
#define ACCESS_xxx_xWD		0x0303	/* Low: Write/delete */
#define ACCESS_xxx_Rxx		0x0404	/* Low: Read-only */
#define ACCESS_xxx_RWx		0x0606	/* Low: Read/write */
#define ACCESS_xxx_RWD		0x0707	/* Low: All access */
#define ACCESS_xWx_xWx		0x2222	/* High: Write-only, Low: Write-only */
#define ACCESS_xWD_xWD		0x3333	/* High: Write/delete, Low: Write/delete */
#define ACCESS_xWx_xxx		0x2020	/* High: Write-only, Low: None */
#define ACCESS_Rxx_xxx		0x4040	/* High: Read-only, Low: None */
#define ACCESS_Rxx_xWx		0x4242	/* High: Read-only, Low: Write-only */
#define ACCESS_Rxx_Rxx		0x4444	/* High: Read-only, Low: Read-only */
#define ACCESS_Rxx_RxD		0x4545	/* High: Read-only, Low: Read/delete */
#define ACCESS_Rxx_RWx		0x4646	/* High: Read-only, Low: Read/write */
#define ACCESS_Rxx_RWD		0x4747	/* High: Read-only, Low: All access */
#define ACCESS_RxD_RxD		0x5555	/* High: Read/delete, Low: Read/delete */
#define ACCESS_RWx_xxx		0x6060	/* High: Read/write, Low: None */
#define ACCESS_RWx_xWx		0x6262	/* High: Read/write, Low: Write-only */
#define ACCESS_RWx_Rxx		0x6464	/* High: Read/write, Low: Read-only */
#define ACCESS_RWx_RWx		0x6666	/* High: Read/write, Low: Read/write */
#define ACCESS_RWx_RWD		0x6767	/* High: Read/write, Low: All access */
#define ACCESS_RWD_xxx		0x7070	/* High: All access, Low: None */
#define ACCESS_RWD_xWD		0x7373	/* High: All access, Low: Write/delete */
#define ACCESS_RWD_RWD		0x7777	/* High: All access, Low: All access */

#define ACCESS_INT_xxx_xxx	0x0200	/* Internal: No access */
#define ACCESS_INT_xxx_xWx	0x0200	/* Internal: None, write-only */
#define ACCESS_INT_xxx_Rxx	0x0400	/* Internal: None, read-only */
#define ACCESS_INT_xWx_xxx	0x2000	/* Internal: Write-only, none */
#define ACCESS_INT_xWx_xWx	0x2200	/* Internal: Write-only, write-only */
#define ACCESS_INT_Rxx_xxx	0x4000	/* Internal: Read-only, none */
#define ACCESS_INT_Rxx_xWx	0x4200	/* Internal: Read-only, write-only */
#define ACCESS_INT_Rxx_Rxx	0x4400	/* Internal: Read-only, read-only */
#define ACCESS_INT_Rxx_RWx	0x4600	/* Internal: Read-only, read/write */
#define ACCESS_INT_RWx_xxx	0x6000	/* Internal: Read/write, none */
#define ACCESS_INT_RWx_RWx	0x6600	/* Internal: Read/write, read/write */

#define ACCESS_SPECIAL_Rxx_RWx_Rxx_Rxx \
							0x4644	/* Internal = Read-only, read/write, 
									   External = Read-only, read-only */

#define ACCESS_FLAG_R		0x0004	/* Read access permitted */
#define ACCESS_FLAG_W		0x0002	/* Write access permitted */
#define ACCESS_FLAG_D		0x0001	/* Delete access permitted */
#define ACCESS_FLAG_H_R		0x0040	/* Read access permitted in high mode */
#define ACCESS_FLAG_H_W		0x0020	/* Write access permitted in high mode */
#define ACCESS_FLAG_H_D		0x0010	/* Delete access permitted in high mode */

#define ACCESS_MASK_EXTERNAL 0x0077	/* External-access flags mask */
#define ACCESS_MASK_INTERNAL 0x7700	/* Internal-access flags mask */

#define MK_ACCESS_INTERNAL( value )	( ( value ) << 8 )

/* The basic RWD access flags are also used for checking some parameters
   passed with keyset mechanism messages, in addition to these we have flags
   for getFirst/getNext functions that are only used with keysets.  Note
   that although these partially overlap with the high-mode access flags for
   attributes this isn't a problem since keysets don't distinguish between
   high and low states.  In addition some of the combinations may seem a bit
   odd, but that's because they're for mechanism parameters such as key ID
   information which is needed for reads and deletes but not writes, since
   it's implicitly included with the key which is being written.  Finally,
   one type of mechanism has parameter semantics that are too complex to
   express via a simple ACL entry, these are given a different-looking ACL
   entry xxXXxx to indicate to readers that this isn't the same as a normal
   entry with the same value.  In addition to this, the semantics of some
   of the getFirst/Next accesses are complex enough that we need to hardcode
   them into the ACL checking, leaving only a representative entry on the ACL
   definition itself (see cryptack for more details) */

#define ACCESS_KEYSET_xxxxx	0x0000	/* No access */
#define ACCESS_KEYSET_xxXXx	0x0006	/* Special-case values (params optional) */
#define ACCESS_KEYSET_xxRxD	0x0005	/* Read and delete */
#define ACCESS_KEYSET_xxRWx	0x0006	/* Read/write */
#define ACCESS_KEYSET_xxRWD	0x0007	/* Read/write and delete */
#define ACCESS_KEYSET_FxRxD	0x0015	/* GetFirst, read, and delete */
#define ACCESS_KEYSET_FNxxx	0x0018	/* GetFirst/Next */
#define ACCESS_KEYSET_FNRWD	0x001F	/* All access */