557 lines
22 KiB
C
557 lines
22 KiB
C
|
/*++
|
||
|
|
|
||
|
|
Copyright (C) Microsoft Corporation, 2000
|
||
|
|
|
||
|
|
Module Name:
|
||
|
|
|
||
|
|
locpolicy
|
||
|
|
|
||
|
|
Abstract:
|
||
|
|
|
||
|
|
This module provides the local policy tables used for algorithm strength
|
||
|
|
control in this CSP.
|
||
|
|
|
||
|
|
Author:
|
||
|
|
|
||
|
|
Doug Barlow (dbarlow) 8/11/2000
|
||
|
|
|
||
|
|
Notes:
|
||
|
|
|
||
|
|
?Notes?
|
||
|
|
|
||
|
|
--*/
|
||
|
|
|
||
|
|
#ifndef WIN32_LEAN_AND_MEAN
|
||
|
|
#define WIN32_LEAN_AND_MEAN
|
||
|
|
#endif
|
||
|
|
|
||
|
|
#include <windows.h>
|
||
|
|
#include <wincrypt.h>
|
||
|
|
#include <cspdk.h>
|
||
|
|
#include <scp.h>
|
||
|
|
#include <contman.h>
|
||
|
|
#include <ntagimp1.h>
|
||
|
|
#include <sha.h>
|
||
|
|
#include <nt_rsa.h>
|
||
|
|
#include <md4.h>
|
||
|
|
#include <md5.h>
|
||
|
|
#include <policy.h>
|
||
|
|
|
||
|
|
#define SUPPORTED_PROTOCOLS \
|
||
|
|
CRYPT_FLAG_PCT1 | CRYPT_FLAG_SSL2 | CRYPT_FLAG_SSL3 | CRYPT_FLAG_TLS1
|
||
|
|
#define AlgNm(alg) (sizeof(alg) / sizeof(TCHAR)), TEXT(alg)
|
||
|
|
|
||
|
|
#define MD2LEN (MD2DIGESTLEN * 8)
|
||
|
|
#define MD4LEN (MD4DIGESTLEN * 8)
|
||
|
|
#define MD5LEN (MD5DIGESTLEN * 8)
|
||
|
|
#define SHALEN (A_SHA_DIGEST_LEN * 8)
|
||
|
|
#define SHAMD5LEN ((MD5DIGESTLEN + A_SHA_DIGEST_LEN) * 8)
|
||
|
|
#ifndef MAXHASHLEN
|
||
|
|
#define MAXHASHLEN SHAMD5LEN
|
||
|
|
#endif
|
||
|
|
|
||
|
|
#define MAC_MIN_LEN 0
|
||
|
|
#define MAC_WEAK_LEN 0
|
||
|
|
#define MAC_WEAK_MAX 0
|
||
|
|
#define MAC_STRONG_LEN 0
|
||
|
|
#define MAC_MAX_LEN 0
|
||
|
|
|
||
|
|
#define HMAC_MIN_LEN 0
|
||
|
|
#define HMAC_WEAK_LEN 0
|
||
|
|
#define HMAC_WEAK_MAX 0
|
||
|
|
#define HMAC_STRONG_LEN 0
|
||
|
|
#define HMAC_MAX_LEN 0
|
||
|
|
|
||
|
|
#define RC2_MIN_LEN 40
|
||
|
|
#define RC2_WEAK_LEN 40
|
||
|
|
#define RC2_WEAK_MAX 56
|
||
|
|
#define RC2_STRONG_LEN 128
|
||
|
|
#define RC2_MAX_LEN 128
|
||
|
|
|
||
|
|
#define RC4_MIN_LEN 40
|
||
|
|
#define RC4_WEAK_LEN 40
|
||
|
|
#define RC4_WEAK_MAX 56
|
||
|
|
#define RC4_STRONG_LEN 128
|
||
|
|
#define RC4_MAX_LEN 128
|
||
|
|
|
||
|
|
#define DES_MIN_LEN 56
|
||
|
|
#define DES_WEAK_LEN 56
|
||
|
|
#define DES_WEAK_MAX 56
|
||
|
|
#define DES_STRONG_LEN 56
|
||
|
|
#define DES_MAX_LEN 56
|
||
|
|
|
||
|
|
#define RSAS_MIN_LEN 384
|
||
|
|
#define RSAS_WEAK_LEN 512
|
||
|
|
#define RSAS_WEAK_MAX 16384
|
||
|
|
#define RSAS_STRONG_LEN 1024
|
||
|
|
#define RSAS_MAX_LEN 16384
|
||
|
|
|
||
|
|
#define RSAX_MIN_LEN 384
|
||
|
|
#define RSAX_WEAK_LEN 512
|
||
|
|
#define RSAX_WEAK_MAX 1024
|
||
|
|
#define RSAX_STRONG_LEN 1024
|
||
|
|
#define RSAX_MAX_LEN 16384
|
||
|
|
|
||
|
|
#ifndef TLS1_MASTER_KEYSIZE
|
||
|
|
#define TLS1_MASTER_KEYSIZE SSL3_MASTER_KEYSIZE
|
||
|
|
#endif
|
||
|
|
|
||
|
|
#define PCT1_MASTER_MIN_LEN PCT1_MASTER_KEYSIZE * 8
|
||
|
|
#define PCT1_MASTER_DEF_LEN PCT1_MASTER_KEYSIZE * 8
|
||
|
|
#define PCT1_MASTER_MAX_LEN PCT1_MASTER_KEYSIZE * 8
|
||
|
|
|
||
|
|
#define SSL2_MASTER_MIN_LEN 40
|
||
|
|
#define SSL2_MASTER_DEF_LEN SSL2_MASTER_KEYSIZE * 8
|
||
|
|
#define SSL2_MASTER_MAX_LEN SSL2_MAX_MASTER_KEYSIZE * 8
|
||
|
|
|
||
|
|
#define SSL3_MASTER_MIN_LEN SSL3_MASTER_KEYSIZE * 8
|
||
|
|
#define SSL3_MASTER_DEF_LEN SSL3_MASTER_KEYSIZE * 8
|
||
|
|
#define SSL3_MASTER_MAX_LEN SSL3_MASTER_KEYSIZE * 8
|
||
|
|
|
||
|
|
#define TLS1_MASTER_MIN_LEN TLS1_MASTER_KEYSIZE * 8
|
||
|
|
#define TLS1_MASTER_DEF_LEN TLS1_MASTER_KEYSIZE * 8
|
||
|
|
#define TLS1_MASTER_MAX_LEN TLS1_MASTER_KEYSIZE * 8
|
||
|
|
|
||
|
|
|
||
|
|
// check for the maximum hash length greater than the mod length
|
||
|
|
#if RSAS_MIN_LEN < MAXHASHLEN
|
||
|
|
#error "RSAS_MIN_LEN must be greater than or equal to MAXHASHLEN"
|
||
|
|
#endif
|
||
|
|
|
||
|
|
//
|
||
|
|
/////////////////////////////////////////////////////////////////////////////
|
||
|
|
//
|
||
|
|
// The following tables define the minimum, default, and maximum key lengths
|
||
|
|
// supported by the CSP. There are four tables, representing each
|
||
|
|
// incarnation of the CSP:
|
||
|
|
//
|
||
|
|
// * Microsoft Base Cryptographic Provider v1.0
|
||
|
|
// * Microsoft Strong Cryptographic Provider
|
||
|
|
// * Microsoft Enhanced Cryptographic Provider v1.0
|
||
|
|
// * Microsoft RSA SChannel Cryptographic Provider
|
||
|
|
// * A yet unnamed Signature Only CSP
|
||
|
|
//
|
||
|
|
// Tables are built from the PROV_ENUMALGS_EX structure defined in
|
||
|
|
// wincrypt.h.
|
||
|
|
//
|
||
|
|
|
||
|
|
PROV_ENUMALGS_EX g_RsaBasePolicy[] = {
|
||
|
|
// Algorithm Default Minimum Maximum Supported
|
||
|
|
// Id Length Length Length Protocols
|
||
|
|
// --------- ------- ------- ------- ---------
|
||
|
|
// Simple Long
|
||
|
|
// Name Name
|
||
|
|
// --------- -------
|
||
|
|
#ifdef CSP_USE_RC2
|
||
|
|
{ CALG_RC2, RC2_WEAK_LEN, RC2_MIN_LEN, RC2_WEAK_MAX, 0,
|
||
|
|
AlgNm("RC2"), AlgNm("RSA Data Security's RC2") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_RC4
|
||
|
|
{ CALG_RC4, RC4_WEAK_LEN, RC4_MIN_LEN, RC4_WEAK_MAX, 0,
|
||
|
|
AlgNm("RC4"), AlgNm("RSA Data Security's RC4") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_DES
|
||
|
|
{ CALG_DES, DES_WEAK_LEN, DES_MIN_LEN, DES_WEAK_MAX, 0,
|
||
|
|
AlgNm("DES"), AlgNm("Data Encryption Standard (DES)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_SHA
|
||
|
|
{ CALG_SHA, SHALEN, SHALEN, SHALEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD2
|
||
|
|
{ CALG_MD2, MD2LEN, MD2LEN, MD2LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD2"), AlgNm("Message Digest 2 (MD2)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD4
|
||
|
|
{ CALG_MD4, MD4LEN, MD4LEN, MD4LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD4"), AlgNm("Message Digest 4 (MD4)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD5
|
||
|
|
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
|
||
|
|
#endif
|
||
|
|
{ CALG_SSL3_SHAMD5,
|
||
|
|
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
|
||
|
|
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
|
||
|
|
#ifdef CSP_USE_MAC
|
||
|
|
{ CALG_MAC, MAC_WEAK_LEN, MAC_MIN_LEN, MAC_WEAK_MAX, 0,
|
||
|
|
AlgNm("MAC"), AlgNm("Message Authentication Code") },
|
||
|
|
#endif
|
||
|
|
{ CALG_RSA_SIGN,
|
||
|
|
RSAS_WEAK_LEN, RSAS_MIN_LEN, RSAS_WEAK_MAX, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
|
||
|
|
{ CALG_RSA_KEYX,
|
||
|
|
RSAX_WEAK_LEN, RSAX_MIN_LEN, RSAX_WEAK_MAX, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("RSA_KEYX"), AlgNm("RSA Key Exchange") },
|
||
|
|
{ CALG_HMAC, HMAC_WEAK_LEN, HMAC_MIN_LEN, HMAC_WEAK_MAX, 0,
|
||
|
|
AlgNm("HMAC"), AlgNm("Hugo's MAC (HMAC)") },
|
||
|
|
// List Terminator
|
||
|
|
{ 0, 0, 0, 0, 0,
|
||
|
|
0, 0, 0, 0 } };
|
||
|
|
|
||
|
|
|
||
|
|
PROV_ENUMALGS_EX g_RsaStrongPolicy[] = {
|
||
|
|
// Algorithm Default Minimum Maximum Supported
|
||
|
|
// Id Length Length Length Protocols
|
||
|
|
// --------- ------- ------- ------- ---------
|
||
|
|
// Simple Long
|
||
|
|
// Name Name
|
||
|
|
// --------- -------
|
||
|
|
#ifdef CSP_USE_RC2
|
||
|
|
{ CALG_RC2, RC2_MAX_LEN, RC2_MIN_LEN, RC2_MAX_LEN, 0,
|
||
|
|
AlgNm("RC2"), AlgNm("RSA Data Security's RC2") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_RC4
|
||
|
|
{ CALG_RC4, RC4_MAX_LEN, RC4_MIN_LEN, RC4_MAX_LEN, 0,
|
||
|
|
AlgNm("RC4"), AlgNm("RSA Data Security's RC4") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_DES
|
||
|
|
{ CALG_DES, DES_WEAK_LEN, DES_MIN_LEN, DES_MAX_LEN, 0,
|
||
|
|
AlgNm("DES"), AlgNm("Data Encryption Standard (DES)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_3DES
|
||
|
|
{ CALG_3DES_112,
|
||
|
|
DES_WEAK_LEN * 2,
|
||
|
|
DES_MIN_LEN * 2,
|
||
|
|
DES_MAX_LEN * 2,
|
||
|
|
0,
|
||
|
|
AlgNm("3DES TWO KEY"), AlgNm("Two Key Triple DES") },
|
||
|
|
{ CALG_3DES, DES_WEAK_LEN * 3,
|
||
|
|
DES_MIN_LEN * 3,
|
||
|
|
168,
|
||
|
|
0,
|
||
|
|
AlgNm("3DES"), AlgNm("Three Key Triple DES") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_SHA
|
||
|
|
{ CALG_SHA, SHALEN, SHALEN, SHALEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD2
|
||
|
|
{ CALG_MD2, MD2LEN, MD2LEN, MD2LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD2"), AlgNm("Message Digest 2 (MD2)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD4
|
||
|
|
{ CALG_MD4, MD4LEN, MD4LEN, MD4LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD4"), AlgNm("Message Digest 4 (MD4)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD5
|
||
|
|
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
|
||
|
|
#endif
|
||
|
|
{ CALG_SSL3_SHAMD5,
|
||
|
|
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
|
||
|
|
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
|
||
|
|
#ifdef CSP_USE_MAC
|
||
|
|
{ CALG_MAC, MAC_WEAK_LEN, MAC_MIN_LEN, MAC_MAX_LEN, 0,
|
||
|
|
AlgNm("MAC"), AlgNm("Message Authentication Code") },
|
||
|
|
#endif
|
||
|
|
{ CALG_RSA_SIGN,
|
||
|
|
RSAS_STRONG_LEN, RSAS_MIN_LEN, RSAS_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
|
||
|
|
{ CALG_RSA_KEYX,
|
||
|
|
RSAX_STRONG_LEN, RSAX_MIN_LEN, RSAX_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("RSA_KEYX"), AlgNm("RSA Key Exchange") },
|
||
|
|
{ CALG_HMAC, HMAC_WEAK_LEN, HMAC_MIN_LEN, HMAC_MAX_LEN, 0,
|
||
|
|
AlgNm("HMAC"), AlgNm("Hugo's MAC (HMAC)") },
|
||
|
|
// List Terminator
|
||
|
|
{ 0, 0, 0, 0, 0,
|
||
|
|
0, 0, 0, 0 } };
|
||
|
|
|
||
|
|
|
||
|
|
PROV_ENUMALGS_EX g_RsaEnhPolicy[] = {
|
||
|
|
// Algorithm Default Minimum Maximum Supported
|
||
|
|
// Id Length Length Length Protocols
|
||
|
|
// --------- ------- ------- ------- ---------
|
||
|
|
// Simple Long
|
||
|
|
// Name Name
|
||
|
|
// --------- -------
|
||
|
|
#ifdef CSP_USE_RC2
|
||
|
|
{ CALG_RC2, RC2_STRONG_LEN, RC2_MIN_LEN, RC2_MAX_LEN, 0,
|
||
|
|
AlgNm("RC2"), AlgNm("RSA Data Security's RC2") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_RC4
|
||
|
|
{ CALG_RC4, RC4_STRONG_LEN, RC2_MIN_LEN, RC4_MAX_LEN, 0,
|
||
|
|
AlgNm("RC4"), AlgNm("RSA Data Security's RC4") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_DES
|
||
|
|
{ CALG_DES, DES_STRONG_LEN, DES_MIN_LEN, DES_MAX_LEN, 0,
|
||
|
|
AlgNm("DES"), AlgNm("Data Encryption Standard (DES)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_3DES
|
||
|
|
{ CALG_3DES_112,
|
||
|
|
DES_STRONG_LEN * 2,
|
||
|
|
DES_MIN_LEN * 2,
|
||
|
|
DES_MAX_LEN * 2,
|
||
|
|
0,
|
||
|
|
AlgNm("3DES TWO KEY"), AlgNm("Two Key Triple DES") },
|
||
|
|
{ CALG_3DES,
|
||
|
|
DES_STRONG_LEN * 3,
|
||
|
|
DES_MIN_LEN * 3,
|
||
|
|
DES_MAX_LEN * 3,
|
||
|
|
0,
|
||
|
|
AlgNm("3DES"), AlgNm("Three Key Triple DES") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_SHA
|
||
|
|
{ CALG_SHA, SHALEN, SHALEN, SHALEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD2
|
||
|
|
{ CALG_MD2, MD2LEN, MD2LEN, MD2LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD2"), AlgNm("Message Digest 2 (MD2)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD4
|
||
|
|
{ CALG_MD4, MD4LEN, MD4LEN, MD4LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD4"), AlgNm("Message Digest 4 (MD4)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD5
|
||
|
|
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
|
||
|
|
#endif
|
||
|
|
{ CALG_SSL3_SHAMD5,
|
||
|
|
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
|
||
|
|
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
|
||
|
|
#ifdef CSP_USE_MAC
|
||
|
|
{ CALG_MAC, MAC_STRONG_LEN, MAC_MIN_LEN, MAC_MAX_LEN, 0,
|
||
|
|
AlgNm("MAC"), AlgNm("Message Authentication Code") },
|
||
|
|
#endif
|
||
|
|
{ CALG_RSA_SIGN,
|
||
|
|
RSAS_STRONG_LEN,
|
||
|
|
RSAS_MIN_LEN, RSAS_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
|
||
|
|
{ CALG_RSA_KEYX,
|
||
|
|
RSAX_STRONG_LEN,
|
||
|
|
RSAX_MIN_LEN, RSAX_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("RSA_KEYX"), AlgNm("RSA Key Exchange") },
|
||
|
|
{ CALG_HMAC, HMAC_STRONG_LEN,
|
||
|
|
HMAC_MIN_LEN, HMAC_MAX_LEN, 0,
|
||
|
|
AlgNm("HMAC"), AlgNm("Hugo's MAC (HMAC)") },
|
||
|
|
// List Terminator
|
||
|
|
{ 0, 0, 0, 0, 0,
|
||
|
|
0, 0, 0, 0 } };
|
||
|
|
|
||
|
|
PROV_ENUMALGS_EX g_RsaAesPolicy[] = {
|
||
|
|
// Algorithm Default Minimum Maximum Supported
|
||
|
|
// Id Length Length Length Protocols
|
||
|
|
// --------- ------- ------- ------- ---------
|
||
|
|
// Simple Long
|
||
|
|
// Name Name
|
||
|
|
// --------- -------
|
||
|
|
#ifdef CSP_USE_RC2
|
||
|
|
{ CALG_RC2, RC2_STRONG_LEN, RC2_MIN_LEN, RC2_MAX_LEN, 0,
|
||
|
|
AlgNm("RC2"), AlgNm("RSA Data Security's RC2") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_RC4
|
||
|
|
{ CALG_RC4, RC4_STRONG_LEN, RC2_MIN_LEN, RC4_MAX_LEN, 0,
|
||
|
|
AlgNm("RC4"), AlgNm("RSA Data Security's RC4") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_DES
|
||
|
|
{ CALG_DES, DES_STRONG_LEN, DES_MIN_LEN, DES_MAX_LEN, 0,
|
||
|
|
AlgNm("DES"), AlgNm("Data Encryption Standard (DES)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_3DES
|
||
|
|
{ CALG_3DES_112,
|
||
|
|
DES_STRONG_LEN * 2,
|
||
|
|
DES_MIN_LEN * 2,
|
||
|
|
DES_MAX_LEN * 2,
|
||
|
|
0,
|
||
|
|
AlgNm("3DES TWO KEY"), AlgNm("Two Key Triple DES") },
|
||
|
|
{ CALG_3DES,
|
||
|
|
DES_STRONG_LEN * 3,
|
||
|
|
DES_MIN_LEN * 3,
|
||
|
|
DES_MAX_LEN * 3,
|
||
|
|
0,
|
||
|
|
AlgNm("3DES"), AlgNm("Three Key Triple DES") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_SHA
|
||
|
|
{ CALG_SHA, SHALEN, SHALEN, SHALEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD2
|
||
|
|
{ CALG_MD2, MD2LEN, MD2LEN, MD2LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD2"), AlgNm("Message Digest 2 (MD2)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD4
|
||
|
|
{ CALG_MD4, MD4LEN, MD4LEN, MD4LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD4"), AlgNm("Message Digest 4 (MD4)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD5
|
||
|
|
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
|
||
|
|
#endif
|
||
|
|
{ CALG_SSL3_SHAMD5,
|
||
|
|
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
|
||
|
|
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
|
||
|
|
#ifdef CSP_USE_MAC
|
||
|
|
{ CALG_MAC, MAC_STRONG_LEN, MAC_MIN_LEN, MAC_MAX_LEN, 0,
|
||
|
|
AlgNm("MAC"), AlgNm("Message Authentication Code") },
|
||
|
|
#endif
|
||
|
|
{ CALG_RSA_SIGN,
|
||
|
|
RSAS_STRONG_LEN,
|
||
|
|
RSAS_MIN_LEN, RSAS_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
|
||
|
|
{ CALG_RSA_KEYX,
|
||
|
|
RSAX_STRONG_LEN,
|
||
|
|
RSAX_MIN_LEN, RSAX_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("RSA_KEYX"), AlgNm("RSA Key Exchange") },
|
||
|
|
{ CALG_HMAC, HMAC_STRONG_LEN,
|
||
|
|
HMAC_MIN_LEN, HMAC_MAX_LEN, 0,
|
||
|
|
AlgNm("HMAC"), AlgNm("Hugo's MAC (HMAC)") },
|
||
|
|
#ifdef CSP_USE_AES
|
||
|
|
{ CALG_AES_128,
|
||
|
|
128, 128, 128, 0,
|
||
|
|
AlgNm("AES 128"), AlgNm("American Encryption Standard 128-bit") },
|
||
|
|
{ CALG_AES_192,
|
||
|
|
192, 192, 192, 0,
|
||
|
|
AlgNm("AES 192"), AlgNm("American Encryption Standard 192-bit") },
|
||
|
|
{ CALG_AES_256,
|
||
|
|
256, 256, 256, 0,
|
||
|
|
AlgNm("AES 256"), AlgNm("American Encryption Standard 256-bit") },
|
||
|
|
#endif
|
||
|
|
// List Terminator
|
||
|
|
{ 0, 0, 0, 0, 0,
|
||
|
|
0, 0, 0, 0 } };
|
||
|
|
|
||
|
|
PROV_ENUMALGS_EX g_RsaSchPolicy[] = {
|
||
|
|
// Algorithm Default Minimum Maximum Supported
|
||
|
|
// Id Length Length Length Protocols
|
||
|
|
// --------- ------- ------- ------- ---------
|
||
|
|
// Simple Long
|
||
|
|
// Name Name
|
||
|
|
// --------- -------
|
||
|
|
#ifdef CSP_USE_RC2
|
||
|
|
{ CALG_RC2, RC2_STRONG_LEN, RC2_MIN_LEN, RC2_MAX_LEN, SUPPORTED_PROTOCOLS,
|
||
|
|
AlgNm("RC2"), AlgNm("RSA Data Security's RC2") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_RC4
|
||
|
|
{ CALG_RC4, RC4_STRONG_LEN, RC4_MIN_LEN, RC4_MAX_LEN, SUPPORTED_PROTOCOLS,
|
||
|
|
AlgNm("RC4"), AlgNm("RSA Data Security's RC4") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_DES
|
||
|
|
{ CALG_DES, DES_STRONG_LEN, DES_MIN_LEN, DES_MAX_LEN, SUPPORTED_PROTOCOLS,
|
||
|
|
AlgNm("DES"), AlgNm("Data Encryption Standard (DES)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_3DES
|
||
|
|
{ CALG_3DES_112,
|
||
|
|
DES_STRONG_LEN * 2,
|
||
|
|
DES_MIN_LEN * 2,
|
||
|
|
DES_MAX_LEN * 2,
|
||
|
|
SUPPORTED_PROTOCOLS,
|
||
|
|
AlgNm("3DES TWO KEY"), AlgNm("Two Key Triple DES") },
|
||
|
|
{ CALG_3DES,
|
||
|
|
DES_STRONG_LEN * 3,
|
||
|
|
DES_MIN_LEN * 3,
|
||
|
|
DES_MAX_LEN * 3,
|
||
|
|
SUPPORTED_PROTOCOLS,
|
||
|
|
AlgNm("3DES"), AlgNm("Three Key Triple DES") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_SHA
|
||
|
|
{ CALG_SHA, SHALEN, SHALEN, SHALEN, SUPPORTED_PROTOCOLS | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD5
|
||
|
|
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, SUPPORTED_PROTOCOLS | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
|
||
|
|
#endif
|
||
|
|
{ CALG_SSL3_SHAMD5,
|
||
|
|
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
|
||
|
|
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
|
||
|
|
#ifdef CSP_USE_MAC
|
||
|
|
{ CALG_MAC, MAC_STRONG_LEN, MAC_MIN_LEN, MAC_MAX_LEN, 0,
|
||
|
|
AlgNm("MAC"), AlgNm("Message Authentication Code") },
|
||
|
|
#endif
|
||
|
|
{ CALG_RSA_SIGN,
|
||
|
|
RSAS_STRONG_LEN,
|
||
|
|
RSAS_MIN_LEN, RSAS_MAX_LEN, SUPPORTED_PROTOCOLS | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
|
||
|
|
{ CALG_RSA_KEYX,
|
||
|
|
RSAX_STRONG_LEN,
|
||
|
|
RSAX_MIN_LEN, RSAX_MAX_LEN, SUPPORTED_PROTOCOLS | CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("RSA_KEYX"), AlgNm("RSA Key Exchange") },
|
||
|
|
{ CALG_HMAC, HMAC_STRONG_LEN,
|
||
|
|
HMAC_MIN_LEN, HMAC_MAX_LEN, 0,
|
||
|
|
AlgNm("HMAC"), AlgNm("Hugo's MAC (HMAC)") },
|
||
|
|
{ CALG_PCT1_MASTER,
|
||
|
|
PCT1_MASTER_DEF_LEN,
|
||
|
|
PCT1_MASTER_MIN_LEN,
|
||
|
|
PCT1_MASTER_MAX_LEN,
|
||
|
|
CRYPT_FLAG_PCT1,
|
||
|
|
AlgNm("PCT1 MASTER"), AlgNm("PCT1 Master") },
|
||
|
|
{ CALG_SSL2_MASTER,
|
||
|
|
SSL2_MASTER_DEF_LEN,
|
||
|
|
SSL2_MASTER_MIN_LEN,
|
||
|
|
SSL2_MASTER_MAX_LEN,
|
||
|
|
CRYPT_FLAG_SSL2,
|
||
|
|
AlgNm("SSL2 MASTER"), AlgNm("SSL2 Master") },
|
||
|
|
{ CALG_SSL3_MASTER,
|
||
|
|
SSL3_MASTER_DEF_LEN,
|
||
|
|
SSL3_MASTER_MIN_LEN,
|
||
|
|
SSL3_MASTER_MAX_LEN,
|
||
|
|
CRYPT_FLAG_SSL3,
|
||
|
|
AlgNm("SSL3 MASTER"), AlgNm("SSL3 Master") },
|
||
|
|
{ CALG_TLS1_MASTER,
|
||
|
|
TLS1_MASTER_DEF_LEN,
|
||
|
|
TLS1_MASTER_MIN_LEN,
|
||
|
|
TLS1_MASTER_MAX_LEN,
|
||
|
|
CRYPT_FLAG_TLS1,
|
||
|
|
AlgNm("TLS1 MASTER"), AlgNm("TLS1 Master") },
|
||
|
|
{ CALG_SCHANNEL_MASTER_HASH,
|
||
|
|
0, 0, (DWORD)(-1), 0,
|
||
|
|
AlgNm("SCH MASTER HASH"), AlgNm("SChannel Master Hash") },
|
||
|
|
{ CALG_SCHANNEL_MAC_KEY,
|
||
|
|
0, 0, (DWORD)(-1), 0,
|
||
|
|
AlgNm("SCH MAC KEY"), AlgNm("SChannel MAC Key") },
|
||
|
|
{ CALG_SCHANNEL_ENC_KEY,
|
||
|
|
0, 0, (DWORD)(-1), 0,
|
||
|
|
AlgNm("SCH ENC KEY"), AlgNm("SChannel Encryption Key") },
|
||
|
|
// List Terminator
|
||
|
|
{ 0, 0, 0, 0, 0,
|
||
|
|
0, 0, 0, 0 } };
|
||
|
|
|
||
|
|
|
||
|
|
PROV_ENUMALGS_EX g_RsaSigPolicy[] = {
|
||
|
|
// Algorithm Default Minimum Maximum Supported
|
||
|
|
// Id Length Length Length Protocols
|
||
|
|
// --------- ------- ------- ------- ---------
|
||
|
|
// Simple Long
|
||
|
|
// Name Name
|
||
|
|
// --------- -------
|
||
|
|
#ifdef CSP_USE_SHA
|
||
|
|
{ CALG_SHA, SHALEN, SHALEN, SHALEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD2
|
||
|
|
{ CALG_MD2, MD2LEN, MD2LEN, MD2LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD2"), AlgNm("Message Digest 2 (MD2)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD4
|
||
|
|
{ CALG_MD4, MD4LEN, MD4LEN, MD4LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD4"), AlgNm("Message Digest 4 (MD4)") },
|
||
|
|
#endif
|
||
|
|
#ifdef CSP_USE_MD5
|
||
|
|
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
|
||
|
|
#endif
|
||
|
|
{ CALG_SSL3_SHAMD5,
|
||
|
|
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
|
||
|
|
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
|
||
|
|
{ CALG_RSA_SIGN,
|
||
|
|
RSAS_STRONG_LEN,
|
||
|
|
RSAS_MIN_LEN, RSAS_MAX_LEN, CRYPT_FLAG_SIGNING,
|
||
|
|
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
|
||
|
|
// List Terminator
|
||
|
|
{ 0, 0, 0, 0, 0,
|
||
|
|
0, 0, 0, 0 } };
|
||
|
|
|
||
|
|
|
||
|
|
//
|
||
|
|
// The list of tables.
|
||
|
|
//
|
||
|
|
|
||
|
|
PROV_ENUMALGS_EX *g_AlgTables[] = {
|
||
|
|
g_RsaBasePolicy, // Key length table for PROV_MS_DEF
|
||
|
|
g_RsaStrongPolicy, // Key length table for PROV_MS_STRONG
|
||
|
|
g_RsaEnhPolicy, // Key length table for PROV_MS_ENHANCED
|
||
|
|
g_RsaSchPolicy, // Key length table for PROV_MS_SCHANNEL
|
||
|
|
g_RsaSigPolicy, // Key length table for undefined signature only CSP
|
||
|
|
g_RsaAesPolicy }; // Key length table for MS_ENH_RSA_AES_PROV
|