perlcryptlib.ph

cryptlib安全工具包

# *****************************************************************************
# *                                                                           *
# *                        cryptlib External API Interface                    *
# *                       Copyright Peter Gutmann 1997-2008                   *
# *                                                                           *
# *                 adapted for Perl Version 5.x  by Alvaro Livraghi          *
# *****************************************************************************
#
#
# ----------------------------------------------------------------------------
#
# This file has been created automatically by a perl script from the file:
#
# "cryptlib.h" dated Fri Nov 23 02:07:02 2007, filesize = 85740.
#
# Please check twice that the file matches the version of cryptlib.h
# in your cryptlib source! If this is not the right version, try to download an
# update from CPAN web site. If the filesize or file creation date do not match,
# then please do not complain about problems.
#
# Published by Alvaro Livraghi, 
# mailto: perlcryptlib@gmail.com if you find errors in this file.
#
# -----------------------------------------------------------------------------
#

	sub CRYPTLIB_VERSION { 3320 }


#****************************************************************************
#*                                                                           *
#*                           Algorithm and Object Types                      *
#*                                                                           *
#****************************************************************************

# Algorithm and mode types 

##### BEGIN ENUM CRYPT_ALGO_TYPE 	# Algorithms
	# No encryption
	sub CRYPT_ALGO_NONE { 0 }	# No encryption

	# Conventional encryption
	sub CRYPT_ALGO_DES { 1 }	# DES
	sub CRYPT_ALGO_3DES { 2 }	# Triple DES
	sub CRYPT_ALGO_IDEA { 3 }	# IDEA
	sub CRYPT_ALGO_CAST { 4 }	# CAST-128
	sub CRYPT_ALGO_RC2 { 5 }	# RC2
	sub CRYPT_ALGO_RC4 { 6 }	# RC4
	sub CRYPT_ALGO_RC5 { 7 }	# RC5
	sub CRYPT_ALGO_AES { 8 }	# AES
	sub CRYPT_ALGO_BLOWFISH { 9 }	# Blowfish
	sub CRYPT_ALGO_SKIPJACK { 10 }	# Skipjack

	# Public-key encryption
	sub CRYPT_ALGO_DH { 100 }	# Diffie-Hellman
	sub CRYPT_ALGO_RSA { 101 }	# RSA
	sub CRYPT_ALGO_DSA { 102 }	# DSA
	sub CRYPT_ALGO_ELGAMAL { 103 }	# ElGamal
	sub CRYPT_ALGO_KEA { 104 }	# KEA
	sub CRYPT_ALGO_ECDSA { 105 }	# ECDSA

	# Hash algorithms
	sub CRYPT_ALGO_MD2 { 200 }	# MD2
	sub CRYPT_ALGO_MD4 { 201 }	# MD4
	sub CRYPT_ALGO_MD5 { 202 }	# MD5
	sub CRYPT_ALGO_SHA { 203 }	# SHA/SHA1
	sub CRYPT_ALGO_RIPEMD160 { 204 }	# RIPE-MD 160
	sub CRYPT_ALGO_SHA2 { 205 }	# SHA2 (SHA-256/384/512)

	# MAC's
	sub CRYPT_ALGO_HMAC_MD5 { 300 }	# HMAC-MD5
	sub CRYPT_ALGO_HMAC_SHA1 { 301 }	# HMAC-SHA
	sub CRYPT_ALGO_HMAC_SHA { CRYPT_ALGO_HMAC_SHA1 }	# Older form
	sub CRYPT_ALGO_HMAC_RIPEMD160 { 302 }	# HMAC-RIPEMD-160

	# Vendors may want to use their own algorithms that aren't part of the
	# general cryptlib suite.  The following values are for vendor-defined
	# algorithms, and can be used just like the named algorithm types (it's
	# up to the vendor to keep track of what _VENDOR1 actually corresponds
	# to)

	sub CRYPT_ALGO_LAST { 303 }	# Last possible crypt algo value

	# In order that we can scan through a range of algorithms with
	# cryptQueryCapability(), we define the following boundary points for
	# each algorithm class
	sub CRYPT_ALGO_FIRST_CONVENTIONAL { CRYPT_ALGO_DES }
	sub CRYPT_ALGO_LAST_CONVENTIONAL { CRYPT_ALGO_DH - 1 }
	sub CRYPT_ALGO_FIRST_PKC { CRYPT_ALGO_DH }
	sub CRYPT_ALGO_LAST_PKC { CRYPT_ALGO_MD2 - 1 }
	sub CRYPT_ALGO_FIRST_HASH { CRYPT_ALGO_MD2 }
	sub CRYPT_ALGO_LAST_HASH { CRYPT_ALGO_HMAC_MD5 - 1 }
	sub CRYPT_ALGO_FIRST_MAC { CRYPT_ALGO_HMAC_MD5 }
	sub CRYPT_ALGO_LAST_MAC { CRYPT_ALGO_HMAC_MD5 + 99 }	# End of mac algo.range


##### END ENUM CRYPT_ALGO_TYPE

##### BEGIN ENUM CRYPT_MODE_TYPE
	# Block cipher modes
	sub CRYPT_MODE_NONE { 0 }	# No encryption mode
	sub CRYPT_MODE_ECB { 1 }	# ECB
	sub CRYPT_MODE_CBC { 2 }	# CBC
	sub CRYPT_MODE_CFB { 3 }	# CFB
	sub CRYPT_MODE_OFB { 4 }	# OFB
	sub CRYPT_MODE_LAST { 5 }	# Last possible crypt mode value


##### END ENUM CRYPT_MODE_TYPE


# Keyset subtypes 

##### BEGIN ENUM CRYPT_KEYSET_TYPE
	# Keyset types
	sub CRYPT_KEYSET_NONE { 0 }	# No keyset type
	sub CRYPT_KEYSET_FILE { 1 }	# Generic flat file keyset
	sub CRYPT_KEYSET_HTTP { 2 }	# Web page containing cert/CRL
	sub CRYPT_KEYSET_LDAP { 3 }	# LDAP directory service
	sub CRYPT_KEYSET_ODBC { 4 }	# Generic ODBC interface
	sub CRYPT_KEYSET_DATABASE { 5 }	# Generic RDBMS interface
	sub CRYPT_KEYSET_PLUGIN { 6 }	# Generic database plugin
	sub CRYPT_KEYSET_ODBC_STORE { 7 }	# ODBC certificate store
	sub CRYPT_KEYSET_DATABASE_STORE { 8 }	# Database certificate store
	sub CRYPT_KEYSET_PLUGIN_STORE { 9 }	# Database plugin certificate store
	sub CRYPT_KEYSET_LAST { 10 }	# Last possible keyset type



##### END ENUM CRYPT_KEYSET_TYPE

# Device subtypes 

##### BEGIN ENUM CRYPT_DEVICE_TYPE
	# Crypto device types
	sub CRYPT_DEVICE_NONE { 0 }	# No crypto device
	sub CRYPT_DEVICE_FORTEZZA { 1 }	# Fortezza card
	sub CRYPT_DEVICE_PKCS11 { 2 }	# PKCS #11 crypto token
	sub CRYPT_DEVICE_CRYPTOAPI { 3 }	# Microsoft CryptoAPI
	sub CRYPT_DEVICE_LAST { 4 }	# Last possible crypto device type


##### END ENUM CRYPT_DEVICE_TYPE

# Certificate subtypes 

##### BEGIN ENUM CRYPT_CERTTYPE_TYPE
	# Certificate object types
	sub CRYPT_CERTTYPE_NONE { 0 }	# No certificate type
	sub CRYPT_CERTTYPE_CERTIFICATE { 1 }	# Certificate
	sub CRYPT_CERTTYPE_ATTRIBUTE_CERT { 2 }	# Attribute certificate
	sub CRYPT_CERTTYPE_CERTCHAIN { 3 }	# PKCS #7 certificate chain
	sub CRYPT_CERTTYPE_CERTREQUEST { 4 }	# PKCS #10 certification request
	sub CRYPT_CERTTYPE_REQUEST_CERT { 5 }	# CRMF certification request
	sub CRYPT_CERTTYPE_REQUEST_REVOCATION { 6 }	# CRMF revocation request
	sub CRYPT_CERTTYPE_CRL { 7 }	# CRL
	sub CRYPT_CERTTYPE_CMS_ATTRIBUTES { 8 }	# CMS attributes
	sub CRYPT_CERTTYPE_RTCS_REQUEST { 9 }	# RTCS request
	sub CRYPT_CERTTYPE_RTCS_RESPONSE { 10 }	# RTCS response
	sub CRYPT_CERTTYPE_OCSP_REQUEST { 11 }	# OCSP request
	sub CRYPT_CERTTYPE_OCSP_RESPONSE { 12 }	# OCSP response
	sub CRYPT_CERTTYPE_PKIUSER { 13 }	# PKI user information
	sub CRYPT_CERTTYPE_LAST { 14 }	# Last possible cert.type


##### END ENUM CRYPT_CERTTYPE_TYPE

# Envelope/data format subtypes 

##### BEGIN ENUM CRYPT_FORMAT_TYPE

	sub CRYPT_FORMAT_NONE { 0 }	# No format type
	sub CRYPT_FORMAT_AUTO { 1 }	# Deenv, auto-determine type
	sub CRYPT_FORMAT_CRYPTLIB { 2 }	# cryptlib native format
	sub CRYPT_FORMAT_CMS { 3 }	# PKCS #7 / CMS / S/MIME fmt.
	sub CRYPT_FORMAT_PKCS7 { CRYPT_FORMAT_CMS }
	sub CRYPT_FORMAT_SMIME { 4 }	# As CMS with MSG-style behaviour
	sub CRYPT_FORMAT_PGP { 5 }	# PGP format
	sub CRYPT_FORMAT_LAST { 6 }	# Last possible format type


##### END ENUM CRYPT_FORMAT_TYPE

# Session subtypes 

##### BEGIN ENUM CRYPT_SESSION_TYPE

	sub CRYPT_SESSION_NONE { 0 }	# No session type
	sub CRYPT_SESSION_SSH { 1 }	# SSH
	sub CRYPT_SESSION_SSH_SERVER { 2 }	# SSH server
	sub CRYPT_SESSION_SSL { 3 }	# SSL/TLS
	sub CRYPT_SESSION_SSL_SERVER { 4 }	# SSL/TLS server
	sub CRYPT_SESSION_RTCS { 5 }	# RTCS
	sub CRYPT_SESSION_RTCS_SERVER { 6 }	# RTCS server
	sub CRYPT_SESSION_OCSP { 7 }	# OCSP
	sub CRYPT_SESSION_OCSP_SERVER { 8 }	# OCSP server
	sub CRYPT_SESSION_TSP { 9 }	# TSP
	sub CRYPT_SESSION_TSP_SERVER { 10 }	# TSP server
	sub CRYPT_SESSION_CMP { 11 }	# CMP
	sub CRYPT_SESSION_CMP_SERVER { 12 }	# CMP server
	sub CRYPT_SESSION_SCEP { 13 }	# SCEP
	sub CRYPT_SESSION_SCEP_SERVER { 14 }	# SCEP server
	sub CRYPT_SESSION_CERTSTORE_SERVER { 15 }	# HTTP cert store interface
	sub CRYPT_SESSION_LAST { 16 }	# Last possible session type


##### END ENUM CRYPT_SESSION_TYPE

# User subtypes 

##### BEGIN ENUM CRYPT_USER_TYPE

	sub CRYPT_USER_NONE { 0 }	# No user type
	sub CRYPT_USER_NORMAL { 1 }	# Normal user
	sub CRYPT_USER_SO { 2 }	# Security officer
	sub CRYPT_USER_CA { 3 }	# CA user
	sub CRYPT_USER_LAST { 4 }	# Last possible user type


##### END ENUM CRYPT_USER_TYPE

#****************************************************************************
#*                                                                           *
#*                               Attribute Types                             *
#*                                                                           *
#****************************************************************************

#  Attribute types.  These are arranged in the following order:
#
#   PROPERTY    - Object property
#   ATTRIBUTE   - Generic attributes
#   OPTION      - Global or object-specific config.option
#   CTXINFO     - Context-specific attribute
#   CERTINFO    - Certificate-specific attribute
#   KEYINFO     - Keyset-specific attribute
#   DEVINFO     - Device-specific attribute
#   ENVINFO     - Envelope-specific attribute
#   SESSINFO    - Session-specific attribute
#   USERINFO    - User-specific attribute 

##### BEGIN ENUM CRYPT_ATTRIBUTE_TYPE 
	sub CRYPT_ATTRIBUTE_NONE { 0 }	# Non-value

	# Used internally
	sub CRYPT_PROPERTY_FIRST { 1 }

	# *******************
	# Object attributes
	# *******************

	# Object properties
	sub CRYPT_PROPERTY_HIGHSECURITY { 2 }	# Owned+non-forwardcount+locked
	sub CRYPT_PROPERTY_OWNER { 3 }	# Object owner
	sub CRYPT_PROPERTY_FORWARDCOUNT { 4 }	# No.of times object can be forwarded
	sub CRYPT_PROPERTY_LOCKED { 5 }	# Whether properties can be chged/read
	sub CRYPT_PROPERTY_USAGECOUNT { 6 }	# Usage count before object expires
	sub CRYPT_PROPERTY_NONEXPORTABLE { 7 }	# Whether key is nonexp.from context

	# Used internally
	sub CRYPT_PROPERTY_LAST { 8 }
	sub CRYPT_GENERIC_FIRST { 8 }

	# Extended error information
	sub CRYPT_ATTRIBUTE_ERRORTYPE { 9 }	# Type of last error
	sub CRYPT_ATTRIBUTE_ERRORLOCUS { 10 }	# Locus of last error
	sub CRYPT_ATTRIBUTE_INT_ERRORCODE { 11 }	# Low-level software-specific
	sub CRYPT_ATTRIBUTE_INT_ERRORMESSAGE { 12 }	# error code and message

	# Generic information
	sub CRYPT_ATTRIBUTE_CURRENT_GROUP { 13 }	# Cursor mgt: Group in attribute list
	sub CRYPT_ATTRIBUTE_CURRENT { 14 }	# Cursor mgt: Entry in attribute list
	sub CRYPT_ATTRIBUTE_CURRENT_INSTANCE { 15 }	# Cursor mgt: Instance in attribute list
	sub CRYPT_ATTRIBUTE_BUFFERSIZE { 16 }	# Internal data buffer size

	# User internally
	sub CRYPT_GENERIC_LAST { 100 }
	sub CRYPT_OPTION_FIRST { 100 }

	# **************************
	# Configuration attributes
	# **************************

	# cryptlib information (read-only)
	sub CRYPT_OPTION_INFO_DESCRIPTION { 101 }	# Text description
	sub CRYPT_OPTION_INFO_COPYRIGHT { 102 }	# Copyright notice
	sub CRYPT_OPTION_INFO_MAJORVERSION { 103 }	# Major release version
	sub CRYPT_OPTION_INFO_MINORVERSION { 104 }	# Minor release version
	sub CRYPT_OPTION_INFO_STEPPING { 105 }	# Release stepping

	# Encryption options
	sub CRYPT_OPTION_ENCR_ALGO { 106 }	# Encryption algorithm
	sub CRYPT_OPTION_ENCR_HASH { 107 }	# Hash algorithm
	sub CRYPT_OPTION_ENCR_MAC { 108 }	# MAC algorithm

	# PKC options
	sub CRYPT_OPTION_PKC_ALGO { 109 }	# Public-key encryption algorithm
	sub CRYPT_OPTION_PKC_KEYSIZE { 110 }	# Public-key encryption key size

	# Signature options
	sub CRYPT_OPTION_SIG_ALGO { 111 }	# Signature algorithm
	sub CRYPT_OPTION_SIG_KEYSIZE { 112 }	# Signature keysize

	# Keying options
	sub CRYPT_OPTION_KEYING_ALGO { 113 }	# Key processing algorithm
	sub CRYPT_OPTION_KEYING_ITERATIONS { 114 }	# Key processing iterations

	# Certificate options
	sub CRYPT_OPTION_CERT_SIGNUNRECOGNISEDATTRIBUTES { 115 }	# Whether to sign unrecog.attrs
	sub CRYPT_OPTION_CERT_VALIDITY { 116 }	# Certificate validity period
	sub CRYPT_OPTION_CERT_UPDATEINTERVAL { 117 }	# CRL update interval
	sub CRYPT_OPTION_CERT_COMPLIANCELEVEL { 118 }	# PKIX compliance level for cert chks.
	sub CRYPT_OPTION_CERT_REQUIREPOLICY { 119 }	# Whether explicit policy req'd for certs

	# CMS/SMIME options
	sub CRYPT_OPTION_CMS_DEFAULTATTRIBUTES { 120 }	# Add default CMS attributes
	sub CRYPT_OPTION_SMIME_DEFAULTATTRIBUTES { CRYPT_OPTION_CMS_DEFAULTATTRIBUTES }