📄 cryptacl.h
字号:
RANGE( 1, MAX_ATTRIBUTE_SIZE ) ),
/* 2 5 29 14 subjectKeyIdentifier */
MKACL_S( /* subjectKeyIdentifier */
CRYPT_CERTINFO_SUBJECTKEYIDENTIFIER,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 64 ) ),
/* 2 5 29 15 keyUsage */
MKACL_N( /* keyUsage */
CRYPT_CERTINFO_KEYUSAGE,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_KEYUSAGE_NONE + 1, CRYPT_KEYUSAGE_LAST + 1 ) ),
/* 2 5 29 16 privateKeyUsagePeriod */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_PRIVATEKEYUSAGEPERIOD,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_T( /* notBefore */
CRYPT_CERTINFO_PRIVATEKEY_NOTBEFORE,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_T( /* notBefore */
CRYPT_CERTINFO_PRIVATEKEY_NOTAFTER,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
/* 2 5 29 17 subjectAltName */
MKACL_N( /* subjectAltName */
CRYPT_CERTINFO_SUBJECTALTNAME,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
/* 2 5 29 18 issuerAltName */
MKACL_N( /* issuerAltName */
CRYPT_CERTINFO_ISSUERALTNAME,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
/* 2 5 29 19 basicConstraints */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_BASICCONSTRAINTS,
ST_CERT_ANY_CERT | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* cA */
CRYPT_CERTINFO_CA,
ST_CERT_ANY_CERT | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_N( /* pathLenConstraint */
CRYPT_CERTINFO_PATHLENCONSTRAINT,
ST_CERT_ANY_CERT | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 0, 64 ) ),
/* 2 5 29 20 cRLNumber */
MKACL_N( /* cRLNumber */
CRYPT_CERTINFO_CRLNUMBER,
ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 0, RANGE_MAX ) ),
/* 2 5 29 21 cRLReason */
MKACL_N( /* cRLReason */
/* We allow a range up to the last extended reason because the cert-
handling code transparently maps one to the other to provide the
illusion of a unified crlReason attribute */
CRYPT_CERTINFO_CRLREASON,
ST_CERT_CRL | ST_CERT_REQ_REV, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_CRLREASON_UNSPECIFIED, CRYPT_CRLEXTREASON_LAST - 1 ) ),
/* 2 5 29 23 holdInstructionCode */
MKACL_N( /* holdInstructionCode */
CRYPT_CERTINFO_HOLDINSTRUCTIONCODE,
ST_CERT_CRL | ST_CERT_REQ_REV, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_HOLDINSTRUCTION_NONE + 1, CRYPT_HOLDINSTRUCTION_LAST - 1 ) ),
/* 2 5 29 24 invalidityDate */
MKACL_T( /* invalidityDate */
CRYPT_CERTINFO_INVALIDITYDATE,
ST_CERT_CRL | ST_CERT_REQ_REV, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
/* 2 5 29 27 deltaCRLIndicator */
MKACL_N( /* deltaCRLIndicator */
CRYPT_CERTINFO_DELTACRLINDICATOR,
ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 0, RANGE_MAX ) ),
/* 2 5 29 28 issuingDistributionPoint */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_ISSUINGDISTRIBUTIONPOINT,
ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_N( /* distributionPointName.fullName */
CRYPT_CERTINFO_ISSUINGDIST_FULLNAME,
ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
MKACL_B( /* onlyContainsUserCerts */
CRYPT_CERTINFO_ISSUINGDIST_USERCERTSONLY,
ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* onlyContainsCACerts */
CRYPT_CERTINFO_ISSUINGDIST_CACERTSONLY,
ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_N( /* onlySomeReasons */
CRYPT_CERTINFO_ISSUINGDIST_SOMEREASONSONLY,
ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_CRLREASONFLAG_UNUSED, CRYPT_CRLREASONFLAG_LAST - 1 ) ),
MKACL_B( /* indirectCRL */
CRYPT_CERTINFO_ISSUINGDIST_INDIRECTCRL,
ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
/* 2 5 29 29 certificateIssuer */
MKACL_N( /* certificateIssuer */
CRYPT_CERTINFO_CERTIFICATEISSUER,
ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
/* 2 5 29 30 nameConstraints */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_NAMECONSTRAINTS,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_N( /* permittedSubtrees */
CRYPT_CERTINFO_PERMITTEDSUBTREES,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
MKACL_N( /* excludedSubtrees */
CRYPT_CERTINFO_EXCLUDEDSUBTREES,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
/* 2 5 29 31 cRLDistributionPoint */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_CRLDISTRIBUTIONPOINT,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_N( /* distributionPointName.fullName */
CRYPT_CERTINFO_CRLDIST_FULLNAME,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
MKACL_N( /* reasons */
CRYPT_CERTINFO_CRLDIST_REASONS,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_CRLREASONFLAG_UNUSED, CRYPT_CRLREASONFLAG_LAST - 1 ) ),
MKACL_N( /* cRLIssuer */
CRYPT_CERTINFO_CRLDIST_CRLISSUER,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
/* 2 5 29 32 certificatePolicies */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_CERTIFICATEPOLICIES,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_S( /* policyInformation.policyIdentifier */
CRYPT_CERTINFO_CERTPOLICYID,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 3, 32 ) ),
MKACL_S( /* policyInformation.policyQualifiers.qualifier.cPSuri */
CRYPT_CERTINFO_CERTPOLICY_CPSURI,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( MIN_URL_SIZE, MAX_URL_SIZE ) ),
MKACL_S( /* policyInformation.policyQualifiers.qualifier.userNotice.noticeRef.organization */
CRYPT_CERTINFO_CERTPOLICY_ORGANIZATION,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 200 ) ),
MKACL_N( /* policyInformation.policyQualifiers.qualifier.userNotice.noticeRef.noticeNumbers */
CRYPT_CERTINFO_CERTPOLICY_NOTICENUMBERS,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 1024 ) ),
MKACL_S( /* policyInformation.policyQualifiers.qualifier.userNotice.explicitText */
CRYPT_CERTINFO_CERTPOLICY_EXPLICITTEXT,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 200 ) ),
/* 2 5 29 33 policyMappings */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_POLICYMAPPINGS,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_S( /* policyMappings.issuerDomainPolicy */
CRYPT_CERTINFO_ISSUERDOMAINPOLICY,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 3, 32 ) ),
MKACL_S( /* policyMappings.subjectDomainPolicy */
CRYPT_CERTINFO_SUBJECTDOMAINPOLICY,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 3, 32 ) ),
/* 2 5 29 35 authorityKeyIdentifier */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_AUTHORITYKEYIDENTIFIER,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_S( /* keyIdentifier */
CRYPT_CERTINFO_AUTHORITY_KEYIDENTIFIER,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 64 ) ),
MKACL_N( /* authorityCertIssuer */
CRYPT_CERTINFO_AUTHORITY_CERTISSUER,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
MKACL_S( /* authorityCertSerialNumber */
CRYPT_CERTINFO_AUTHORITY_CERTSERIALNUMBER,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_CRL, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 32 ) ),
/* 2 5 29 36 policyConstraints */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_POLICYCONSTRAINTS,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_N( /* policyConstraints.requireExplicitPolicy */
CRYPT_CERTINFO_REQUIREEXPLICITPOLICY,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 0, 64 ) ),
MKACL_N( /* policyConstraints.inhibitPolicyMapping */
CRYPT_CERTINFO_INHIBITPOLICYMAPPING,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 0, 64 ) ),
/* 2 5 29 37 extKeyUsage */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_EXTKEYUSAGE,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* individualCodeSigning */
CRYPT_CERTINFO_EXTKEY_MS_INDIVIDUALCODESIGNING,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* commercialCodeSigning */
CRYPT_CERTINFO_EXTKEY_MS_COMMERCIALCODESIGNING,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* certTrustListSigning */
CRYPT_CERTINFO_EXTKEY_MS_CERTTRUSTLISTSIGNING,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* timeStampSigning */
CRYPT_CERTINFO_EXTKEY_MS_TIMESTAMPSIGNING,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* serverGatedCrypto */
CRYPT_CERTINFO_EXTKEY_MS_SERVERGATEDCRYPTO,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* encrypedFileSystem */
CRYPT_CERTINFO_EXTKEY_MS_ENCRYPTEDFILESYSTEM,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* serverAuth */
CRYPT_CERTINFO_EXTKEY_SERVERAUTH,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* clientAuth */
CRYPT_CERTINFO_EXTKEY_CLIENTAUTH,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* codeSigning */
CRYPT_CERTINFO_EXTKEY_CODESIGNING,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* emailProtection */
CRYPT_CERTINFO_EXTKEY_EMAILPROTECTION,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* ipsecEndSystem */
CRYPT_CERTINFO_EXTKEY_IPSECENDSYSTEM,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* ipsecTunnel */
CRYPT_CERTINFO_EXTKEY_IPSECTUNNEL,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* ipsecUser */
CRYPT_CERTINFO_EXTKEY_IPSECUSER,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* timeStamping */
CRYPT_CERTINFO_EXTKEY_TIMESTAMPING,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* ocspSigning */
CRYPT_CERTINFO_EXTKEY_OCSPSIGNING,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* directoryService */
CRYPT_CERTINFO_EXTKEY_DIRECTORYSERVICE,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* serverGatedCrypto */
CRYPT_CERTINFO_EXTKEY_NS_SERVERGATEDCRYPTO,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* serverGatedCrypto CA */
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -