Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

556 lines
22 KiB

/*++
Copyright (C) Microsoft Corporation, 2000
Module Name:
locpolicy
Abstract:
This module provides the local policy tables used for algorithm strength
control in this CSP.
Author:
Doug Barlow (dbarlow) 8/11/2000
Notes:
?Notes?
--*/
#ifndef WIN32_LEAN_AND_MEAN
#define WIN32_LEAN_AND_MEAN
#endif
#include <windows.h>
#include <wincrypt.h>
#include <cspdk.h>
#include <scp.h>
#include <contman.h>
#include <ntagimp1.h>
#include <sha.h>
#include <nt_rsa.h>
#include <md4.h>
#include <md5.h>
#include <policy.h>
#define SUPPORTED_PROTOCOLS \
CRYPT_FLAG_PCT1 | CRYPT_FLAG_SSL2 | CRYPT_FLAG_SSL3 | CRYPT_FLAG_TLS1
#define AlgNm(alg) (sizeof(alg) / sizeof(TCHAR)), TEXT(alg)
#define MD2LEN (MD2DIGESTLEN * 8)
#define MD4LEN (MD4DIGESTLEN * 8)
#define MD5LEN (MD5DIGESTLEN * 8)
#define SHALEN (A_SHA_DIGEST_LEN * 8)
#define SHAMD5LEN ((MD5DIGESTLEN + A_SHA_DIGEST_LEN) * 8)
#ifndef MAXHASHLEN
#define MAXHASHLEN SHAMD5LEN
#endif
#define MAC_MIN_LEN 0
#define MAC_WEAK_LEN 0
#define MAC_WEAK_MAX 0
#define MAC_STRONG_LEN 0
#define MAC_MAX_LEN 0
#define HMAC_MIN_LEN 0
#define HMAC_WEAK_LEN 0
#define HMAC_WEAK_MAX 0
#define HMAC_STRONG_LEN 0
#define HMAC_MAX_LEN 0
#define RC2_MIN_LEN 40
#define RC2_WEAK_LEN 40
#define RC2_WEAK_MAX 56
#define RC2_STRONG_LEN 128
#define RC2_MAX_LEN 128
#define RC4_MIN_LEN 40
#define RC4_WEAK_LEN 40
#define RC4_WEAK_MAX 56
#define RC4_STRONG_LEN 128
#define RC4_MAX_LEN 128
#define DES_MIN_LEN 56
#define DES_WEAK_LEN 56
#define DES_WEAK_MAX 56
#define DES_STRONG_LEN 56
#define DES_MAX_LEN 56
#define RSAS_MIN_LEN 384
#define RSAS_WEAK_LEN 512
#define RSAS_WEAK_MAX 16384
#define RSAS_STRONG_LEN 1024
#define RSAS_MAX_LEN 16384
#define RSAX_MIN_LEN 384
#define RSAX_WEAK_LEN 512
#define RSAX_WEAK_MAX 1024
#define RSAX_STRONG_LEN 1024
#define RSAX_MAX_LEN 16384
#ifndef TLS1_MASTER_KEYSIZE
#define TLS1_MASTER_KEYSIZE SSL3_MASTER_KEYSIZE
#endif
#define PCT1_MASTER_MIN_LEN PCT1_MASTER_KEYSIZE * 8
#define PCT1_MASTER_DEF_LEN PCT1_MASTER_KEYSIZE * 8
#define PCT1_MASTER_MAX_LEN PCT1_MASTER_KEYSIZE * 8
#define SSL2_MASTER_MIN_LEN 40
#define SSL2_MASTER_DEF_LEN SSL2_MASTER_KEYSIZE * 8
#define SSL2_MASTER_MAX_LEN SSL2_MAX_MASTER_KEYSIZE * 8
#define SSL3_MASTER_MIN_LEN SSL3_MASTER_KEYSIZE * 8
#define SSL3_MASTER_DEF_LEN SSL3_MASTER_KEYSIZE * 8
#define SSL3_MASTER_MAX_LEN SSL3_MASTER_KEYSIZE * 8
#define TLS1_MASTER_MIN_LEN TLS1_MASTER_KEYSIZE * 8
#define TLS1_MASTER_DEF_LEN TLS1_MASTER_KEYSIZE * 8
#define TLS1_MASTER_MAX_LEN TLS1_MASTER_KEYSIZE * 8
// check for the maximum hash length greater than the mod length
#if RSAS_MIN_LEN < MAXHASHLEN
#error "RSAS_MIN_LEN must be greater than or equal to MAXHASHLEN"
#endif
//
/////////////////////////////////////////////////////////////////////////////
//
// The following tables define the minimum, default, and maximum key lengths
// supported by the CSP. There are four tables, representing each
// incarnation of the CSP:
//
// * Microsoft Base Cryptographic Provider v1.0
// * Microsoft Strong Cryptographic Provider
// * Microsoft Enhanced Cryptographic Provider v1.0
// * Microsoft RSA SChannel Cryptographic Provider
// * A yet unnamed Signature Only CSP
//
// Tables are built from the PROV_ENUMALGS_EX structure defined in
// wincrypt.h.
//
PROV_ENUMALGS_EX g_RsaBasePolicy[] = {
// Algorithm Default Minimum Maximum Supported
// Id Length Length Length Protocols
// --------- ------- ------- ------- ---------
// Simple Long
// Name Name
// --------- -------
#ifdef CSP_USE_RC2
{ CALG_RC2, RC2_WEAK_LEN, RC2_MIN_LEN, RC2_WEAK_MAX, 0,
AlgNm("RC2"), AlgNm("RSA Data Security's RC2") },
#endif
#ifdef CSP_USE_RC4
{ CALG_RC4, RC4_WEAK_LEN, RC4_MIN_LEN, RC4_WEAK_MAX, 0,
AlgNm("RC4"), AlgNm("RSA Data Security's RC4") },
#endif
#ifdef CSP_USE_DES
{ CALG_DES, DES_WEAK_LEN, DES_MIN_LEN, DES_WEAK_MAX, 0,
AlgNm("DES"), AlgNm("Data Encryption Standard (DES)") },
#endif
#ifdef CSP_USE_SHA
{ CALG_SHA, SHALEN, SHALEN, SHALEN, CRYPT_FLAG_SIGNING,
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
#endif
#ifdef CSP_USE_MD2
{ CALG_MD2, MD2LEN, MD2LEN, MD2LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD2"), AlgNm("Message Digest 2 (MD2)") },
#endif
#ifdef CSP_USE_MD4
{ CALG_MD4, MD4LEN, MD4LEN, MD4LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD4"), AlgNm("Message Digest 4 (MD4)") },
#endif
#ifdef CSP_USE_MD5
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
#endif
{ CALG_SSL3_SHAMD5,
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
#ifdef CSP_USE_MAC
{ CALG_MAC, MAC_WEAK_LEN, MAC_MIN_LEN, MAC_WEAK_MAX, 0,
AlgNm("MAC"), AlgNm("Message Authentication Code") },
#endif
{ CALG_RSA_SIGN,
RSAS_WEAK_LEN, RSAS_MIN_LEN, RSAS_WEAK_MAX, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
{ CALG_RSA_KEYX,
RSAX_WEAK_LEN, RSAX_MIN_LEN, RSAX_WEAK_MAX, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
AlgNm("RSA_KEYX"), AlgNm("RSA Key Exchange") },
{ CALG_HMAC, HMAC_WEAK_LEN, HMAC_MIN_LEN, HMAC_WEAK_MAX, 0,
AlgNm("HMAC"), AlgNm("Hugo's MAC (HMAC)") },
// List Terminator
{ 0, 0, 0, 0, 0,
0, 0, 0, 0 } };
PROV_ENUMALGS_EX g_RsaStrongPolicy[] = {
// Algorithm Default Minimum Maximum Supported
// Id Length Length Length Protocols
// --------- ------- ------- ------- ---------
// Simple Long
// Name Name
// --------- -------
#ifdef CSP_USE_RC2
{ CALG_RC2, RC2_MAX_LEN, RC2_MIN_LEN, RC2_MAX_LEN, 0,
AlgNm("RC2"), AlgNm("RSA Data Security's RC2") },
#endif
#ifdef CSP_USE_RC4
{ CALG_RC4, RC4_MAX_LEN, RC4_MIN_LEN, RC4_MAX_LEN, 0,
AlgNm("RC4"), AlgNm("RSA Data Security's RC4") },
#endif
#ifdef CSP_USE_DES
{ CALG_DES, DES_WEAK_LEN, DES_MIN_LEN, DES_MAX_LEN, 0,
AlgNm("DES"), AlgNm("Data Encryption Standard (DES)") },
#endif
#ifdef CSP_USE_3DES
{ CALG_3DES_112,
DES_WEAK_LEN * 2,
DES_MIN_LEN * 2,
DES_MAX_LEN * 2,
0,
AlgNm("3DES TWO KEY"), AlgNm("Two Key Triple DES") },
{ CALG_3DES, DES_WEAK_LEN * 3,
DES_MIN_LEN * 3,
168,
0,
AlgNm("3DES"), AlgNm("Three Key Triple DES") },
#endif
#ifdef CSP_USE_SHA
{ CALG_SHA, SHALEN, SHALEN, SHALEN, CRYPT_FLAG_SIGNING,
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
#endif
#ifdef CSP_USE_MD2
{ CALG_MD2, MD2LEN, MD2LEN, MD2LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD2"), AlgNm("Message Digest 2 (MD2)") },
#endif
#ifdef CSP_USE_MD4
{ CALG_MD4, MD4LEN, MD4LEN, MD4LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD4"), AlgNm("Message Digest 4 (MD4)") },
#endif
#ifdef CSP_USE_MD5
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
#endif
{ CALG_SSL3_SHAMD5,
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
#ifdef CSP_USE_MAC
{ CALG_MAC, MAC_WEAK_LEN, MAC_MIN_LEN, MAC_MAX_LEN, 0,
AlgNm("MAC"), AlgNm("Message Authentication Code") },
#endif
{ CALG_RSA_SIGN,
RSAS_STRONG_LEN, RSAS_MIN_LEN, RSAS_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
{ CALG_RSA_KEYX,
RSAX_STRONG_LEN, RSAX_MIN_LEN, RSAX_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
AlgNm("RSA_KEYX"), AlgNm("RSA Key Exchange") },
{ CALG_HMAC, HMAC_WEAK_LEN, HMAC_MIN_LEN, HMAC_MAX_LEN, 0,
AlgNm("HMAC"), AlgNm("Hugo's MAC (HMAC)") },
// List Terminator
{ 0, 0, 0, 0, 0,
0, 0, 0, 0 } };
PROV_ENUMALGS_EX g_RsaEnhPolicy[] = {
// Algorithm Default Minimum Maximum Supported
// Id Length Length Length Protocols
// --------- ------- ------- ------- ---------
// Simple Long
// Name Name
// --------- -------
#ifdef CSP_USE_RC2
{ CALG_RC2, RC2_STRONG_LEN, RC2_MIN_LEN, RC2_MAX_LEN, 0,
AlgNm("RC2"), AlgNm("RSA Data Security's RC2") },
#endif
#ifdef CSP_USE_RC4
{ CALG_RC4, RC4_STRONG_LEN, RC2_MIN_LEN, RC4_MAX_LEN, 0,
AlgNm("RC4"), AlgNm("RSA Data Security's RC4") },
#endif
#ifdef CSP_USE_DES
{ CALG_DES, DES_STRONG_LEN, DES_MIN_LEN, DES_MAX_LEN, 0,
AlgNm("DES"), AlgNm("Data Encryption Standard (DES)") },
#endif
#ifdef CSP_USE_3DES
{ CALG_3DES_112,
DES_STRONG_LEN * 2,
DES_MIN_LEN * 2,
DES_MAX_LEN * 2,
0,
AlgNm("3DES TWO KEY"), AlgNm("Two Key Triple DES") },
{ CALG_3DES,
DES_STRONG_LEN * 3,
DES_MIN_LEN * 3,
DES_MAX_LEN * 3,
0,
AlgNm("3DES"), AlgNm("Three Key Triple DES") },
#endif
#ifdef CSP_USE_SHA
{ CALG_SHA, SHALEN, SHALEN, SHALEN, CRYPT_FLAG_SIGNING,
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
#endif
#ifdef CSP_USE_MD2
{ CALG_MD2, MD2LEN, MD2LEN, MD2LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD2"), AlgNm("Message Digest 2 (MD2)") },
#endif
#ifdef CSP_USE_MD4
{ CALG_MD4, MD4LEN, MD4LEN, MD4LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD4"), AlgNm("Message Digest 4 (MD4)") },
#endif
#ifdef CSP_USE_MD5
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
#endif
{ CALG_SSL3_SHAMD5,
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
#ifdef CSP_USE_MAC
{ CALG_MAC, MAC_STRONG_LEN, MAC_MIN_LEN, MAC_MAX_LEN, 0,
AlgNm("MAC"), AlgNm("Message Authentication Code") },
#endif
{ CALG_RSA_SIGN,
RSAS_STRONG_LEN,
RSAS_MIN_LEN, RSAS_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
{ CALG_RSA_KEYX,
RSAX_STRONG_LEN,
RSAX_MIN_LEN, RSAX_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
AlgNm("RSA_KEYX"), AlgNm("RSA Key Exchange") },
{ CALG_HMAC, HMAC_STRONG_LEN,
HMAC_MIN_LEN, HMAC_MAX_LEN, 0,
AlgNm("HMAC"), AlgNm("Hugo's MAC (HMAC)") },
// List Terminator
{ 0, 0, 0, 0, 0,
0, 0, 0, 0 } };
PROV_ENUMALGS_EX g_RsaAesPolicy[] = {
// Algorithm Default Minimum Maximum Supported
// Id Length Length Length Protocols
// --------- ------- ------- ------- ---------
// Simple Long
// Name Name
// --------- -------
#ifdef CSP_USE_RC2
{ CALG_RC2, RC2_STRONG_LEN, RC2_MIN_LEN, RC2_MAX_LEN, 0,
AlgNm("RC2"), AlgNm("RSA Data Security's RC2") },
#endif
#ifdef CSP_USE_RC4
{ CALG_RC4, RC4_STRONG_LEN, RC2_MIN_LEN, RC4_MAX_LEN, 0,
AlgNm("RC4"), AlgNm("RSA Data Security's RC4") },
#endif
#ifdef CSP_USE_DES
{ CALG_DES, DES_STRONG_LEN, DES_MIN_LEN, DES_MAX_LEN, 0,
AlgNm("DES"), AlgNm("Data Encryption Standard (DES)") },
#endif
#ifdef CSP_USE_3DES
{ CALG_3DES_112,
DES_STRONG_LEN * 2,
DES_MIN_LEN * 2,
DES_MAX_LEN * 2,
0,
AlgNm("3DES TWO KEY"), AlgNm("Two Key Triple DES") },
{ CALG_3DES,
DES_STRONG_LEN * 3,
DES_MIN_LEN * 3,
DES_MAX_LEN * 3,
0,
AlgNm("3DES"), AlgNm("Three Key Triple DES") },
#endif
#ifdef CSP_USE_SHA
{ CALG_SHA, SHALEN, SHALEN, SHALEN, CRYPT_FLAG_SIGNING,
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
#endif
#ifdef CSP_USE_MD2
{ CALG_MD2, MD2LEN, MD2LEN, MD2LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD2"), AlgNm("Message Digest 2 (MD2)") },
#endif
#ifdef CSP_USE_MD4
{ CALG_MD4, MD4LEN, MD4LEN, MD4LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD4"), AlgNm("Message Digest 4 (MD4)") },
#endif
#ifdef CSP_USE_MD5
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
#endif
{ CALG_SSL3_SHAMD5,
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
#ifdef CSP_USE_MAC
{ CALG_MAC, MAC_STRONG_LEN, MAC_MIN_LEN, MAC_MAX_LEN, 0,
AlgNm("MAC"), AlgNm("Message Authentication Code") },
#endif
{ CALG_RSA_SIGN,
RSAS_STRONG_LEN,
RSAS_MIN_LEN, RSAS_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
{ CALG_RSA_KEYX,
RSAX_STRONG_LEN,
RSAX_MIN_LEN, RSAX_MAX_LEN, CRYPT_FLAG_IPSEC | CRYPT_FLAG_SIGNING,
AlgNm("RSA_KEYX"), AlgNm("RSA Key Exchange") },
{ CALG_HMAC, HMAC_STRONG_LEN,
HMAC_MIN_LEN, HMAC_MAX_LEN, 0,
AlgNm("HMAC"), AlgNm("Hugo's MAC (HMAC)") },
#ifdef CSP_USE_AES
{ CALG_AES_128,
128, 128, 128, 0,
AlgNm("AES 128"), AlgNm("American Encryption Standard 128-bit") },
{ CALG_AES_192,
192, 192, 192, 0,
AlgNm("AES 192"), AlgNm("American Encryption Standard 192-bit") },
{ CALG_AES_256,
256, 256, 256, 0,
AlgNm("AES 256"), AlgNm("American Encryption Standard 256-bit") },
#endif
// List Terminator
{ 0, 0, 0, 0, 0,
0, 0, 0, 0 } };
PROV_ENUMALGS_EX g_RsaSchPolicy[] = {
// Algorithm Default Minimum Maximum Supported
// Id Length Length Length Protocols
// --------- ------- ------- ------- ---------
// Simple Long
// Name Name
// --------- -------
#ifdef CSP_USE_RC2
{ CALG_RC2, RC2_STRONG_LEN, RC2_MIN_LEN, RC2_MAX_LEN, SUPPORTED_PROTOCOLS,
AlgNm("RC2"), AlgNm("RSA Data Security's RC2") },
#endif
#ifdef CSP_USE_RC4
{ CALG_RC4, RC4_STRONG_LEN, RC4_MIN_LEN, RC4_MAX_LEN, SUPPORTED_PROTOCOLS,
AlgNm("RC4"), AlgNm("RSA Data Security's RC4") },
#endif
#ifdef CSP_USE_DES
{ CALG_DES, DES_STRONG_LEN, DES_MIN_LEN, DES_MAX_LEN, SUPPORTED_PROTOCOLS,
AlgNm("DES"), AlgNm("Data Encryption Standard (DES)") },
#endif
#ifdef CSP_USE_3DES
{ CALG_3DES_112,
DES_STRONG_LEN * 2,
DES_MIN_LEN * 2,
DES_MAX_LEN * 2,
SUPPORTED_PROTOCOLS,
AlgNm("3DES TWO KEY"), AlgNm("Two Key Triple DES") },
{ CALG_3DES,
DES_STRONG_LEN * 3,
DES_MIN_LEN * 3,
DES_MAX_LEN * 3,
SUPPORTED_PROTOCOLS,
AlgNm("3DES"), AlgNm("Three Key Triple DES") },
#endif
#ifdef CSP_USE_SHA
{ CALG_SHA, SHALEN, SHALEN, SHALEN, SUPPORTED_PROTOCOLS | CRYPT_FLAG_SIGNING,
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
#endif
#ifdef CSP_USE_MD5
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, SUPPORTED_PROTOCOLS | CRYPT_FLAG_SIGNING,
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
#endif
{ CALG_SSL3_SHAMD5,
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
#ifdef CSP_USE_MAC
{ CALG_MAC, MAC_STRONG_LEN, MAC_MIN_LEN, MAC_MAX_LEN, 0,
AlgNm("MAC"), AlgNm("Message Authentication Code") },
#endif
{ CALG_RSA_SIGN,
RSAS_STRONG_LEN,
RSAS_MIN_LEN, RSAS_MAX_LEN, SUPPORTED_PROTOCOLS | CRYPT_FLAG_SIGNING,
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
{ CALG_RSA_KEYX,
RSAX_STRONG_LEN,
RSAX_MIN_LEN, RSAX_MAX_LEN, SUPPORTED_PROTOCOLS | CRYPT_FLAG_SIGNING,
AlgNm("RSA_KEYX"), AlgNm("RSA Key Exchange") },
{ CALG_HMAC, HMAC_STRONG_LEN,
HMAC_MIN_LEN, HMAC_MAX_LEN, 0,
AlgNm("HMAC"), AlgNm("Hugo's MAC (HMAC)") },
{ CALG_PCT1_MASTER,
PCT1_MASTER_DEF_LEN,
PCT1_MASTER_MIN_LEN,
PCT1_MASTER_MAX_LEN,
CRYPT_FLAG_PCT1,
AlgNm("PCT1 MASTER"), AlgNm("PCT1 Master") },
{ CALG_SSL2_MASTER,
SSL2_MASTER_DEF_LEN,
SSL2_MASTER_MIN_LEN,
SSL2_MASTER_MAX_LEN,
CRYPT_FLAG_SSL2,
AlgNm("SSL2 MASTER"), AlgNm("SSL2 Master") },
{ CALG_SSL3_MASTER,
SSL3_MASTER_DEF_LEN,
SSL3_MASTER_MIN_LEN,
SSL3_MASTER_MAX_LEN,
CRYPT_FLAG_SSL3,
AlgNm("SSL3 MASTER"), AlgNm("SSL3 Master") },
{ CALG_TLS1_MASTER,
TLS1_MASTER_DEF_LEN,
TLS1_MASTER_MIN_LEN,
TLS1_MASTER_MAX_LEN,
CRYPT_FLAG_TLS1,
AlgNm("TLS1 MASTER"), AlgNm("TLS1 Master") },
{ CALG_SCHANNEL_MASTER_HASH,
0, 0, (DWORD)(-1), 0,
AlgNm("SCH MASTER HASH"), AlgNm("SChannel Master Hash") },
{ CALG_SCHANNEL_MAC_KEY,
0, 0, (DWORD)(-1), 0,
AlgNm("SCH MAC KEY"), AlgNm("SChannel MAC Key") },
{ CALG_SCHANNEL_ENC_KEY,
0, 0, (DWORD)(-1), 0,
AlgNm("SCH ENC KEY"), AlgNm("SChannel Encryption Key") },
// List Terminator
{ 0, 0, 0, 0, 0,
0, 0, 0, 0 } };
PROV_ENUMALGS_EX g_RsaSigPolicy[] = {
// Algorithm Default Minimum Maximum Supported
// Id Length Length Length Protocols
// --------- ------- ------- ------- ---------
// Simple Long
// Name Name
// --------- -------
#ifdef CSP_USE_SHA
{ CALG_SHA, SHALEN, SHALEN, SHALEN, CRYPT_FLAG_SIGNING,
AlgNm("SHA-1"), AlgNm("Secure Hash Algorithm (SHA-1)") },
#endif
#ifdef CSP_USE_MD2
{ CALG_MD2, MD2LEN, MD2LEN, MD2LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD2"), AlgNm("Message Digest 2 (MD2)") },
#endif
#ifdef CSP_USE_MD4
{ CALG_MD4, MD4LEN, MD4LEN, MD4LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD4"), AlgNm("Message Digest 4 (MD4)") },
#endif
#ifdef CSP_USE_MD5
{ CALG_MD5, MD5LEN, MD5LEN, MD5LEN, CRYPT_FLAG_SIGNING,
AlgNm("MD5"), AlgNm("Message Digest 5 (MD5)") },
#endif
{ CALG_SSL3_SHAMD5,
SHAMD5LEN, SHAMD5LEN, SHAMD5LEN, 0,
AlgNm("SSL3 SHAMD5"), AlgNm("SSL3 SHAMD5") },
{ CALG_RSA_SIGN,
RSAS_STRONG_LEN,
RSAS_MIN_LEN, RSAS_MAX_LEN, CRYPT_FLAG_SIGNING,
AlgNm("RSA_SIGN"), AlgNm("RSA Signature") },
// List Terminator
{ 0, 0, 0, 0, 0,
0, 0, 0, 0 } };
//
// The list of tables.
//
PROV_ENUMALGS_EX *g_AlgTables[] = {
g_RsaBasePolicy, // Key length table for PROV_MS_DEF
g_RsaStrongPolicy, // Key length table for PROV_MS_STRONG
g_RsaEnhPolicy, // Key length table for PROV_MS_ENHANCED
g_RsaSchPolicy, // Key length table for PROV_MS_SCHANNEL
g_RsaSigPolicy, // Key length table for undefined signature only CSP
g_RsaAesPolicy }; // Key length table for MS_ENH_RSA_AES_PROV