📄 cryptacl.h
字号:
CRYPT_CERTINFO_EXTKEY_VS_SERVERGATEDCRYPTO_CA,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
/* 2 5 29 46 freshestCRL */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_FRESHESTCRL,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_N( /* distributionPointName.fullName */
CRYPT_CERTINFO_FRESHESTCRL_FULLNAME,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
MKACL_N( /* reasons */
CRYPT_CERTINFO_FRESHESTCRL_REASONS,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_CRLREASONFLAG_UNUSED, CRYPT_CRLREASONFLAG_LAST - 1 ) ),
MKACL_N( /* cRLIssuer */
CRYPT_CERTINFO_FRESHESTCRL_CRLISSUER,
ST_CERT_CERT | ST_CERT_CERTCHAIN | ST_CERT_ATTRCERT, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
/* 2 5 29 54 inhibitAnyPolicy */
MKACL_N( /* inhibitAnyPolicy */
CRYPT_CERTINFO_INHIBITANYPOLICY,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 0, 64 ) ),
/* 2 16 840 1 113730 1 x Netscape extensions (obsolete) */
MKACL_N( /* netscape-cert-type */
CRYPT_CERTINFO_NS_CERTTYPE,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_Rxx,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_NS_CERTTYPE_SSLCLIENT, CRYPT_NS_CERTTYPE_LAST - 1 ) ),
MKACL_S( /* netscape-base-url */
CRYPT_CERTINFO_NS_BASEURL,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_Rxx,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( MIN_URL_SIZE, MAX_URL_SIZE ) ),
MKACL_S( /* netscape-revocation-url */
CRYPT_CERTINFO_NS_REVOCATIONURL,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_Rxx,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( MIN_URL_SIZE, MAX_URL_SIZE ) ),
MKACL_S( /* netscape-ca-revocation-url */
CRYPT_CERTINFO_NS_CAREVOCATIONURL,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_Rxx,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( MIN_URL_SIZE, MAX_URL_SIZE ) ),
MKACL_S( /* netscape-cert-renewal-url */
CRYPT_CERTINFO_NS_CERTRENEWALURL,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_Rxx,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( MIN_URL_SIZE, MAX_URL_SIZE ) ),
MKACL_S( /* netscape-ca-policy-url */
CRYPT_CERTINFO_NS_CAPOLICYURL,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_Rxx,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( MIN_URL_SIZE, MAX_URL_SIZE ) ),
MKACL_S( /* netscape-ssl-server-name */
CRYPT_CERTINFO_NS_SSLSERVERNAME,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_Rxx,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( MIN_URL_SIZE, MAX_URL_SIZE ) ),
MKACL_S( /* netscape-comment */
CRYPT_CERTINFO_NS_COMMENT,
ST_CERT_ANY_CERT, ST_NONE, ACCESS_Rxx_Rxx,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, MAX_ATTRIBUTE_SIZE ) ),
/* 2 23 42 7 0 SET hashedRootKey */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_SET_HASHEDROOTKEY,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_S( /* rootKeyThumbPrint */
CRYPT_CERTINFO_SET_ROOTKEYTHUMBPRINT,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 20, 20 ) ),
/* 2 23 42 7 1 SET certificateType */
MKACL_N( /* certificateType */
CRYPT_CERTINFO_SET_CERTIFICATETYPE,
ST_CERT_CERT | ST_CERT_CERTREQ | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_SET_CERTTYPE_CARD, CRYPT_SET_CERTTYPE_LAST - 1 ) ),
/* 2 23 42 7 2 SET merchantData */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_SET_MERCHANTDATA,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_S( /* merID */
CRYPT_CERTINFO_SET_MERID,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 30 ) ),
MKACL_S( /* merAcquirerBIN */
CRYPT_CERTINFO_SET_MERACQUIRERBIN,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 6, 6 ) ),
MKACL_S( /* merNames.language */
CRYPT_CERTINFO_SET_MERCHANTLANGUAGE,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 35 ) ),
MKACL_S( /* merNames.name */
CRYPT_CERTINFO_SET_MERCHANTNAME,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 50 ) ),
MKACL_S( /* merNames.city */
CRYPT_CERTINFO_SET_MERCHANTCITY,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 50 ) ),
MKACL_S( /* merNames.stateProvince */
CRYPT_CERTINFO_SET_MERCHANTSTATEPROVINCE,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 50 ) ),
MKACL_S( /* merNames.postalCode */
CRYPT_CERTINFO_SET_MERCHANTPOSTALCODE,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 50 ) ),
MKACL_S( /* merNames.countryName */
CRYPT_CERTINFO_SET_MERCHANTCOUNTRYNAME,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 50 ) ),
MKACL_N( /* merCountry */
CRYPT_CERTINFO_SET_MERCOUNTRY,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 999 ) ),
MKACL_B( /* merAuthFlag */
CRYPT_CERTINFO_SET_MERAUTHFLAG,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
/* 2 23 42 7 3 SET certCardRequired */
MKACL_B( /* certCardRequired */
CRYPT_CERTINFO_SET_CERTCARDREQUIRED,
ST_CERT_CERT | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
/* 2 23 42 7 4 SET tunneling */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_SET_TUNNELING,
ST_CERT_CERT | ST_CERT_CERTREQ | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_B( /* tunneling */
CRYPT_CERTINFO_SET_TUNNELINGFLAG,
ST_CERT_CERT | ST_CERT_CERTREQ | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_S( /* tunnelingAlgID */
CRYPT_CERTINFO_SET_TUNNELINGALGID,
ST_CERT_CERT | ST_CERT_CERTREQ | ST_CERT_CERTCHAIN, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 3, 32 ) )
MKACL_END()
};
/* Certificate: S/MIME attributes */
static const FAR_BSS ATTRIBUTE_ACL certSmimeACL[] = {
/* 1 2 840 113549 1 9 3 contentType */
MKACL_N( /* contentType */
CRYPT_CERTINFO_CMS_CONTENTTYPE,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_CONTENT_NONE + 1, CRYPT_CONTENT_LAST - 1 ) ),
/* 1 2 840 113549 1 9 4 messageDigest */
MKACL_S( /* messageDigest */
CRYPT_CERTINFO_CMS_MESSAGEDIGEST,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 16, CRYPT_MAX_HASHSIZE ) ),
/* 1 2 840 113549 1 9 5 signingTime */
MKACL_T( /* signingTime */
CRYPT_CERTINFO_CMS_SIGNINGTIME,
ST_CERT_CMSATTR, ST_NONE, ACCESS_SPECIAL_Rxx_RWx_Rxx_Rxx,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
/* 1 2 840 113549 1 9 6 counterSignature */
MKACL_S( /* counterSignature */
CRYPT_CERTINFO_CMS_COUNTERSIGNATURE,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_xxx,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 64, MAX_ATTRIBUTE_SIZE ) ),
/* 1 2 840 113549 1 9 15 sMIMECapabilities */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_CMS_SMIMECAPABILITIES,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_N( /* 3DES encryption */
CRYPT_CERTINFO_CMS_SMIMECAP_3DES,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_UNUSED, CRYPT_UNUSED ) ),
MKACL_N( /* AES encryption */
CRYPT_CERTINFO_CMS_SMIMECAP_AES,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_UNUSED, CRYPT_UNUSED ) ),
MKACL_N( /* CAST-128 encryption */
CRYPT_CERTINFO_CMS_SMIMECAP_CAST128,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_UNUSED, CRYPT_UNUSED ) ),
MKACL_N( /* IDEA encryption */
CRYPT_CERTINFO_CMS_SMIMECAP_IDEA,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_UNUSED, CRYPT_UNUSED ) ),
MKACL_N( /* RC2 encryption (w.128 key) */
CRYPT_CERTINFO_CMS_SMIMECAP_RC2,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_UNUSED, CRYPT_UNUSED ) ),
MKACL_N( /* RC5 encryption (w.128 key) */
CRYPT_CERTINFO_CMS_SMIMECAP_RC5,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_UNUSED, CRYPT_UNUSED ) ),
MKACL_N( /* Skipjack encryption */
CRYPT_CERTINFO_CMS_SMIMECAP_SKIPJACK,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_UNUSED, CRYPT_UNUSED ) ),
MKACL_N( /* DES encryption */
CRYPT_CERTINFO_CMS_SMIMECAP_DES,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_UNUSED, CRYPT_UNUSED ) ),
MKACL_N( /* preferSignedData */
CRYPT_CERTINFO_CMS_SMIMECAP_PREFERSIGNEDDATA,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_UNUSED, CRYPT_UNUSED ) ),
MKACL_N( /* canNotDecryptAny */
CRYPT_CERTINFO_CMS_SMIMECAP_CANNOTDECRYPTANY,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_UNUSED, CRYPT_UNUSED ) ),
/* 1 2 840 113549 1 9 16 2 1 receiptRequest */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_CMS_RECEIPTREQUEST,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_S( /* contentIdentifier */
CRYPT_CERTINFO_CMS_RECEIPT_CONTENTIDENTIFIER,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 16, 64 ) ),
MKACL_N( /* receiptsFrom */
CRYPT_CERTINFO_CMS_RECEIPT_FROM,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 0, 1 ) ),
MKACL_N( /* receiptsTo */
CRYPT_CERTINFO_CMS_RECEIPT_TO,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( FALSE, TRUE ) ),
/* 1 2 840 113549 1 9 16 2 2 essSecurityLabel */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_CMS_SECURITYLABEL,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_N( /* securityClassification */
CRYPT_CERTINFO_CMS_SECLABEL_CLASSIFICATION,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( CRYPT_CLASSIFICATION_UNMARKED, CRYPT_CLASSIFICATION_LAST ) ),
MKACL_S( /* securityPolicyIdentifier */
CRYPT_CERTINFO_CMS_SECLABEL_POLICY,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 3, 32 ) ),
MKACL_S( /* privacyMark */
CRYPT_CERTINFO_CMS_SECLABEL_PRIVACYMARK,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 64 ) ),
MKACL_S( /* securityCategories.securityCategory.type */
CRYPT_CERTINFO_CMS_SECLABEL_CATTYPE,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 3, 32 ) ),
MKACL_S( /* securityCategories.securityCategory.value */
CRYPT_CERTINFO_CMS_SECLABEL_CATVALUE,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 512 ) ),
/* 1 2 840 113549 1 9 16 2 3 mlExpansionHistory */
MKACL_B( /* Extension present flag */
CRYPT_CERTINFO_CMS_MLEXPANSIONHISTORY,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RxD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_S( /* mlData.mailListIdentifier.issuerAndSerialNumber */
CRYPT_CERTINFO_CMS_MLEXP_ENTITYIDENTIFIER,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ),
RANGE( 1, 512 ) ),
MKACL_T( /* mlData.expansionTime */
CRYPT_CERTINFO_CMS_MLEXP_TIME,
ST_CERT_CMSATTR, ST_NONE, ACCESS_Rxx_RWD,
ROUTE( OBJECT_TYPE_CERTIFICATE ) ),
MKACL_N( /* mlData.mlReceiptPolicy.none */
CRYPT_CERTINFO_CMS_M⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -