cryptacd.h

老外写的加密库cryptlib(版本3.1)

#define ACCESS_FLAG_F		0x0010	/* GetFirst access permitted */
#define ACCESS_FLAG_N		0x0008	/* GetNext access permitted */

/****************************************************************************
*																			*
*								Routing Information							*
*																			*
****************************************************************************/

/* Routing types, which specify the routing used for the message.  This 
   routing applies not only for attribute manipulation messages but for all 
   messages in general, some of the routing types defined below only apply 
   for non-attribute messages.  The routing types are:

	ROUTE_NONE
		Not routed (the message or attribute is valid for any object type).

	ROUTE( target )
	ROUTE_ALT( target, altTarget )
	ROUTE_ALT2( target, altTarget1, altTarget2 )
		Fixed-target messages always routed to a particular object type or
		set of types (e.g. a certificate attribute is always routed to a 
		certificate object; a generate key message is always routed to a 
		context).

	ROUTE_FIXED( target )
	ROUTE_FIXED_ALT( target, altTarget )
		Not routed, but checked to make sure they're addressed to the
		required target type.  These message types aren't routed because
		they're specific to a particular object and are explicitly unroutable
		(for example a get key message sent to a cert or context tied to a
		device shouldn't be forwarded on to the device, since it would result
		in the cert acting as a keyset.  This is theoretically justifiable -
		"Get me another cert from the same place this one came from" - but
		it's stretching the orthogonality of objects a bit far).

	ROUTE_IMPLICIT
		For object attribute manipulation messages, implicitly routed by
		attribute type.

	ROUTE_SPECIAL( routingFunction )
		Special-case, message-dependent routing */

#define ROUTE_NONE \
		OBJECT_TYPE_NONE, NULL
#define ROUTE( target ) \
		( target ), findTargetType
#define ROUTE_ALT( target, altTarget ) \
		( target ) | ( ( altTarget ) << 8 ), findTargetType
#define ROUTE_ALT2( target, altTarget1, altTarget2 ) \
		( target ) | ( ( altTarget1 ) << 8 ) | ( ( altTarget2 ) << 16 ), findTargetType
#define ROUTE_FIXED( target ) \
		( target ), checkTargetType
#define ROUTE_FIXED_ALT( target, altTarget ) \
		( target ) | ( ( altTarget ) << 8 ), checkTargetType
#define ROUTE_IMPLICIT \
		OBJECT_TYPE_LAST, findTargetType
#define ROUTE_SPECIAL( function ) \
		OBJECT_TYPE_NONE, ( function )

/* Macros to determine which type of routing to apply */

#define isImplicitRouting( target ) \
		( ( target ) == OBJECT_TYPE_LAST )
#define isExplicitRouting( target ) \
		( ( target ) == OBJECT_TYPE_NONE )

/* Prototypes for routing functions used with the above definitions */

static int findTargetType( const int objectHandle, const int arg );
static int checkTargetType( const int objectHandle, const int targets );

/****************************************************************************
*																			*
*								Value Range Information						*
*																			*
****************************************************************************/

/* The value range (for numeric or boolean values) or length range (for 
   variable-length data).  Some values aren't amenable to a simple range 
   check so we also allow various extended types of checking.  To denote that 
   an extended check needs to be performed, we set the low range value to 
   RANGE_EXT_MARKER and the high range value to an indicator of the type of 
   check to be performed.  The range types are:

	RANGE_ANY
		Allow any value
	RANGE_ALLOWEDVALUES
		extendedInfo contains int [] of allowed values, terminated by
		CRYPT_ERROR
	RANGE_SUBRANGES
		extendedInfo contains subrange [] of allowed subranges, terminated
		by { CRYPT_ERROR, CRYPT_ERROR }
	RANGE_SUBTYPED
		extendedInfo contains sub-acl [] of object-type-specific sub-ACLs.
		Most checking is done by the main ACL, the sub-ACL is then
		recursively applied.
	RANGE_SELECTVALUE
		Special-case value that would normally be a RANGE_SUBTYPED value but
		is used frequently enough that it's handled specially.  On write this
		value is CRYPT_UNUSED to select this attribute, on read it's a 
		presence check and returns TRUE or FALSE.  This is used for composite
		attributes with sub-components, e.g. DNs */

typedef enum {
	RANGEVAL_NONE,					/* No range type */
	RANGEVAL_ANY,					/* Any value allowed */
	RANGEVAL_ALLOWEDVALUES,			/* List of permissible values */
	RANGEVAL_SUBRANGES,				/* List of permissible subranges */
	RANGEVAL_SUBTYPED,				/* Object-subtype-specific sub-ACL */
	RANGEVAL_SELECTVALUE,			/* Write = select attr, read = pres.chk */
	RANGEVAL_LAST					/* Last valid range type */
	} RANGEVAL_TYPE;

#define RANGE_EXT_MARKER	-1000	/* Marker to denote extended range value */

#define RANGE_ANY			RANGE_EXT_MARKER, RANGEVAL_ANY
#define RANGE_ALLOWEDVALUES	RANGE_EXT_MARKER, RANGEVAL_ALLOWEDVALUES
#define RANGE_SUBRANGES		RANGE_EXT_MARKER, RANGEVAL_SUBRANGES
#define RANGE_SUBTYPED		RANGE_EXT_MARKER, RANGEVAL_SUBTYPED
#define RANGE_SELECTVALUE	RANGE_EXT_MARKER, RANGEVAL_SELECTVALUE
#define RANGE( low, high )	( low ), ( high )

/* The maximum possible integer value, used to indicate that any value is
   allowed (e.g. when returning device-specific error codes).  Note that this
   differs from MAX_INTLENGTH from crypt.h, which defines the maximum data
   length value that can be safely specified by a signed integer */

#define RANGE_MAX			( INT_MAX - 128 )

/* Data structures to contain special-case range information */

typedef struct { int lowRange, highRange; } RANGE_SUBRANGE_TYPE;

/* Macro to check whether it's an extended range and to extract the special
   range type */

#define isSpecialRange( attributeACL ) \
		( ( attributeACL )->lowRange == RANGE_EXT_MARKER )
#define getSpecialRangeType( attributeACL )	( ( attributeACL )->highRange )
#define getSpecialRangeInfo( attributeACL )	( ( attributeACL )->extendedInfo )

/****************************************************************************
*																			*
*								ACL Entry Definitions						*
*																			*
****************************************************************************/

/* Attribute ACL entry.  If the code is compiled in debug mode, we also add
   the attribute type, which is used for an internal consistency check */

typedef struct {
#ifndef NDEBUG
	/* The attribute type, used for consistency checking */
	const CRYPT_ATTRIBUTE_TYPE attribute;/* Attribute */
#endif /* NDEBUG */

	/* Attribute type checking information: The attribute value type and
	   object subtypes for which the attribute is valid */
	const ATTRIBUTE_VALUE_TYPE valueType;/* Attribute value type */
	const OBJECT_SUBTYPE subTypeA, subTypeB;
									/* Object subtypes for which attr.valid */

	/* Access information: The type of access and object states that are
	   permitted, and attribute flags for this attribute */
	const int access;				/* Permitted access type */
	const int flags;				/* Attribute flags */

	/* Routing information: The object type the attribute applies to, and the
	   routing function applied to the attribute message */
	const OBJECT_TYPE routingTarget;	/* Target type if routable */
	int ( *routingFunction )( const int objectHandle, const int arg );

	/* Attribute value checking information */
	const int lowRange;				/* Min/max allowed if numeric/boolean, */
	const int highRange;			/*	length if string */
	const void *extendedInfo;		/* Extended access information */
	} ATTRIBUTE_ACL;

/* Key management ACL entry.  If the code is compiled in debug mode, we also
   add the item type, which is used for an internal consistency check */

typedef struct {
#ifndef NDEBUG
	/* The item type, used for consistency checking */
	const KEYMGMT_ITEM_TYPE itemType;/* Key management item type */
#endif /* NDEBUG */

	/* Valid keyset types and access types for this item type.  This is a
	   matrix giving keyset types for which read/write/delete (R/W/D),
	   getFirst/Next (FN), and query (Q) access are valid */
	const OBJECT_SUBTYPE keysetR_subTypeA, keysetR_subTypeB;
	const OBJECT_SUBTYPE keysetW_subTypeA, keysetW_subTypeB;
	const OBJECT_SUBTYPE keysetD_subTypeA, keysetD_subTypeB;
	const OBJECT_SUBTYPE keysetFN_subTypeA, keysetFN_subTypeB;
	const OBJECT_SUBTYPE keysetQ_subTypeA, keysetQ_subTypeB;

	/* Permitted object types and key management flags for this item type */
	const OBJECT_SUBTYPE objSubTypeA, objSubTypeB;
									/* Permitted object types for item */
	const int allowedFlags;			/* Permitted key management flags */

	/* Parameter flags for the mechanism information.  These define which
	   types of optional/mandatory parameters can and can't be present.
	   These use an extended form of the ACCESS_xxx flags to indicate
	   whether the parameter is required or not/permitted or not for
	   read, write, and delete messages */
	const int idUseFlags;			/* ID required/not permitted */
	const int pwUseFlags;			/* Password required/not permitted */

	/* In the case of public/private keys the general-purpose ACL entries
	   aren't quite specific enough since some keysets require specific
	   types of certificates while others require generic public-key objects.
	   In the latter case they can have almost any kind of certificate object
	   attached, which doesn't matter when we're interested only in the
	   public key but does matter if we want a specific type of cert.  If we
	   want a specific cert type, we specify the subset of keysets that this
	   applies to and the cert type(s) here */
	const OBJECT_SUBTYPE specificKeysetSubTypeA, specificKeysetSubTypeB;
	const OBJECT_SUBTYPE specificObjSubTypeA, specificObjSubTypeB;
	} KEYMGMT_ACL;

/* Object ACL entry for object parameters */

typedef struct {
	const OBJECT_SUBTYPE subTypeA, subTypeB;
									/* Object subtypes for which attr.valid */
	const int flags;				/* ACL flags */
	} OBJECT_ACL;

/* Mechanism ACL parameter entry, which defines the type and valid values for 
   that mechanism.  A list of these constitutes a mechanism ACL */

typedef struct {
	const MECHPARAM_VALUE_TYPE valueType;	/* Parameter value type */
	const int lowRange, highRange;	/* Min/max value or length */
	const int flags;				/* ACL flags */
	const OBJECT_SUBTYPE subTypeA, subTypeB;
									/* Object subtypes for which param.valid */
	} MECHANISM_PARAM_ACL;

typedef struct {
	const MECHANISM_TYPE type;		/* Mechanism type */
	const MECHANISM_PARAM_ACL paramACL[ 5 ];
									/* Parameter ACL information */
	} MECHANISM_ACL;

/****************************************************************************
*																			*
*							ACL Initialisation Macros						*
*																			*
****************************************************************************/

/* Macros to make it easy to set up ACL's.  We have one for each of the
   basic types and two general-purpose ones that provide more control over
   the values */

#ifndef NDEBUG
  /* Standard ACL entries */
  #define MKACL_B( attribute, subTypeA, subTypeB, access, routing ) \
			{ attribute, ATTRIBUTE_VALUE_BOOLEAN, subTypeA, subTypeB, access, \
			  0, routing, FALSE, TRUE, NULL }
  #define MKACL_N( attribute, subTypeA, subTypeB, access, routing, range ) \
			{ attribute, ATTRIBUTE_VALUE_NUMERIC, subTypeA, subTypeB, access, \
			  0, routing, range, NULL }
  #define MKACL_S( attribute, subTypeA, subTypeB, access, routing, range ) \