Network Working Group C. Adams Request for Comments: 2479 Entrust Technologies Category: Informational December 1998
Network Working Group C. Adams Request for Comments: 2479 Entrust Technologies Category: Informational December 1998
Independent Data Unit Protection Generic Security Service Application Program Interface (IDUP-GSS-API)
独立数据单元保护通用安全服务应用程序接口(IDUP-GSS-API)
Status of this Memo
本备忘录的状况
This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (1998). All Rights Reserved.
版权所有(C)互联网协会(1998年)。版权所有。
ABSTRACT
摘要
The IDUP-GSS-API extends the GSS-API [RFC-2078] for applications requiring protection of a generic data unit (such as a file or message) in a way which is independent of the protection of any other data unit and independent of any concurrent contact with designated "receivers" of the data unit. Thus, it is suitable for applications such as secure electronic mail where data needs to be protected without any on-line connection with the intended recipient(s) of that data. The protection offered by IDUP includes services such as data origin authentication with data integrity, data confidentiality with data integrity, and support for non-repudiation services. Subsequent to being protected, the data unit can be transferred to the recipient(s) - or to an archive - perhaps to be processed ("unprotected") only days or years later.
IDUP-GSS-API扩展了GSS-API[RFC-2078],适用于需要保护通用数据单元(如文件或消息)的应用,其方式独立于任何其他数据单元的保护,并且独立于与数据单元的指定“接收器”的任何并发联系。因此,它适用于安全电子邮件等需要保护数据的应用,而无需与该数据的预期收件人建立任何在线连接。IDUP提供的保护包括诸如具有数据完整性的数据源身份验证、具有数据完整性的数据机密性以及对不可否认服务的支持等服务。在受到保护之后,数据单元可以传输给接收者,或者传输到存档中,可能仅在几天或几年后进行处理(“不受保护”)。
Throughout the remainder of this document, the "unit" of data described in the above paragraph will be referred to as an IDU (Independent Data Unit). The IDU can be of any size (the application may, if it wishes, split the IDU into pieces and have the protection computed a piece at a time, but the resulting protection token applies to the entire IDU). However, the primary characteristic of an IDU is that it represents a stand-alone unit of data whose protection is entirely independent of any other unit of data. If an application protects several IDUs and sends them all to a single receiver, the IDUs may be unprotected by that receiver in any order over any time span; no logical connection of any kind is implied by the protection process itself.
在本文件其余部分中,上述段落中描述的数据“单位”将被称为IDU(独立数据单位)。IDU可以是任意大小的(如果应用程序愿意,可以将IDU分割成多个部分,并一次计算一个部分的保护,但生成的保护令牌适用于整个IDU)。然而,IDU的主要特征是它代表一个独立的数据单元,其保护完全独立于任何其他数据单元。如果一个应用程序保护多个IDU并将其全部发送到单个接收器,则该接收器可能在任何时间跨度内以任何顺序解除对IDU的保护;保护过程本身并不隐含任何类型的逻辑连接。
As with RFC-2078, this IDUP-GSS-API definition provides security services to callers in a generic fashion, supportable with a range of underlying mechanisms and technologies and hence allowing source-level portability of applications to different environments. This specification defines IDUP-GSS-API services and primitives at a level independent of underlying mechanism and programming language environment, and is to be complemented by other, related specifications:
与RFC-2078一样,此IDUP-GSS-API定义以通用方式向调用者提供安全服务,可通过一系列底层机制和技术进行支持,从而允许应用程序在源代码级别可移植到不同的环境。本规范在独立于底层机制和编程语言环境的级别上定义IDUP-GSS-API服务和原语,并由其他相关规范补充:
- documents defining specific parameter bindings for particular language environments; - documents defining token formats, protocols, and procedures to be implemented in order to realize IDUP-GSS-API services atop particular security mechanisms.
- 为特定语言环境定义特定参数绑定的文档;-定义令牌格式、协议和过程的文档,以便在特定安全机制上实现IDUP-GSS-API服务。
TABLE OF CONTENTS
目录
1. IDUP-GSS-API Characteristics and Concepts .................. 3 1.1. IDUP-GSS-API Constructs .................................. 5 1.1.1. Credentials ............................................ 5 1.1.2. Tokens ................................................. 5 1.1.3. Security Environment ................................... 6 1.1.4. Mechanism Types ........................................ 6 1.1.5. Naming ................................................. 6 1.1.6. Channel Bindings ....................................... 6 1.2. IDUP-GSS-API Features and Issues ......................... 6 1.2.1. Status Reporting ....................................... 6 1.2.2. Per-IDU Security Service Availability .................. 9 1.2.3. Per-IDU Replay Detection and Sequencing ................ 9 1.2.4. Quality of Protection .................................. 9 1.2.5. The Provision of Time .................................. 12 2. Interface Descriptions ..................................... 13 2.1. Credential management calls .............................. 14 2.1.1. Relationship to GSS-API ................................ 14 2.2. Environment-level calls .................................. 15 2.2.1. Relationship to GSS-API ................................ 15 2.2.2. IDUP_Establish_Env call ................................ 15 2.2.3. IDUP_Abolish_Env call .................................. 19 2.2.4. IDUP_Inquire_Env call .................................. 19 2.3. Per-IDU protection/unprotection calls .................... 20 2.3.1. Relationship to GSS-API ................................ 20 2.3.2. The "SE" Calls ......................................... 21 2.3.3. The "EV" Calls ......................................... 27 2.3.4. The "GP" Calls ......................................... 36 2.4. Special-Purpose calls .................................... 47 2.4.1. Relationship to GSS-API ................................ 47 2.4.2. IDUP_Form_Complete_PIDU ................................ 48 2.5. Support calls ............................................ 49
1. IDUP-GSS-API Characteristics and Concepts .................. 3 1.1. IDUP-GSS-API Constructs .................................. 5 1.1.1. Credentials ............................................ 5 1.1.2. Tokens ................................................. 5 1.1.3. Security Environment ................................... 6 1.1.4. Mechanism Types ........................................ 6 1.1.5. Naming ................................................. 6 1.1.6. Channel Bindings ....................................... 6 1.2. IDUP-GSS-API Features and Issues ......................... 6 1.2.1. Status Reporting ....................................... 6 1.2.2. Per-IDU Security Service Availability .................. 9 1.2.3. Per-IDU Replay Detection and Sequencing ................ 9 1.2.4. Quality of Protection .................................. 9 1.2.5. The Provision of Time .................................. 12 2. Interface Descriptions ..................................... 13 2.1. Credential management calls .............................. 14 2.1.1. Relationship to GSS-API ................................ 14 2.2. Environment-level calls .................................. 15 2.2.1. Relationship to GSS-API ................................ 15 2.2.2. IDUP_Establish_Env call ................................ 15 2.2.3. IDUP_Abolish_Env call .................................. 19 2.2.4. IDUP_Inquire_Env call .................................. 19 2.3. Per-IDU protection/unprotection calls .................... 20 2.3.1. Relationship to GSS-API ................................ 20 2.3.2. The "SE" Calls ......................................... 21 2.3.3. The "EV" Calls ......................................... 27 2.3.4. The "GP" Calls ......................................... 36 2.4. Special-Purpose calls .................................... 47 2.4.1. Relationship to GSS-API ................................ 47 2.4.2. IDUP_Form_Complete_PIDU ................................ 48 2.5. Support calls ............................................ 49
2.5.1. Relationship to GSS-API ................................ 49 2.5.2. IDUP_Acquire_Cred_With_Auth ............................ 49 2.5.3. IDUP_Get_Token_Details ................................. 50 2.5.4. IDUP_Get_Policy_Info ................................... 53 2.5.5. IDUP_Cancel_Multibuffer_Op ............................. 55 3. Related Activities ......................................... 55 4. Acknowledgments ............................................ 56 5. Security Considerations .................................... 56 6. References ........................................... 56 7. Author's Address ........................................... 56 Appendix A Mechanism-Independent Token Format ................. 57 Appendix B Examples of IDUP Use ............................... 58 Full Copyright Statement ....................................... 70
2.5.1. Relationship to GSS-API ................................ 49 2.5.2. IDUP_Acquire_Cred_With_Auth ............................ 49 2.5.3. IDUP_Get_Token_Details ................................. 50 2.5.4. IDUP_Get_Policy_Info ................................... 53 2.5.5. IDUP_Cancel_Multibuffer_Op ............................. 55 3. Related Activities ......................................... 55 4. Acknowledgments ............................................ 56 5. Security Considerations .................................... 56 6. References ........................................... 56 7. Author's Address ........................................... 56 Appendix A Mechanism-Independent Token Format ................. 57 Appendix B Examples of IDUP Use ............................... 58 Full Copyright Statement ....................................... 70
The paradigm within which IDUP-GSS-API operates is as follows. An IDUP-GSS-API caller is any application that works with IDUs, calling on IDUP-GSS-API in order to protect its IDUs with services such as data origin authentication with integrity (DOA), confidentiality with integrity (CONF), and/or support for non-repudiation (e.g., evidence generation, where "evidence" is information that either by itself, or when used in conjunction with other information, is used to establish proof about an event or action (note: the evidence itself does not necessarily prove truth or existence of something, but contributes to establish proof) -- see [ISO/IEC] for fuller discussion regarding evidence and its role in various types of non-repudiation). An IDUP-GSS-API caller passes an IDU to, and accepts a token from, its local IDUP-GSS-API implementation, transferring the resulting protected IDU (P-IDU) to a peer or to any storage medium. When a P-IDU is to be "unprotected", it is passed to an IDUP-GSS-API implementation for processing. The security services available through IDUP-GSS-API in this fashion are implementable over a range of underlying mechanisms based on secret-key and/or public-key cryptographic technologies.
IDUP-GSS-API的运行模式如下。IDUP-GSS-API调用者是与IDU一起工作的任何应用程序,调用IDUP-GSS-API以使用诸如数据源完整性认证(DOA)、完整性保密性(CONF)和/或不可否认性支持(例如,证据生成,其中“证据”)等服务来保护其IDU信息本身或与其他信息一起使用时,用于证明事件或行为的证据(注:证据本身不一定证明某事物的真实性或存在性,但有助于证明)——参见[ISO/IEC]更全面地讨论证据及其在各种类型的不可否认性中的作用)。IDUP-GSS-API调用方将IDU传递给其本地IDUP-GSS-API实现,并从中接受令牌,从而将生成的受保护IDU(P-IDU)传输到对等方或任何存储介质。当P-IDU要“不受保护”时,它将被传递给IDUP-GSS-API实现进行处理。通过IDUP-GSS-API以这种方式提供的安全服务可在基于密钥和/或公钥加密技术的一系列底层机制上实现。
During the protection operation, the input IDU buffers may be modified (for example, the data may be encrypted or encoded in some way) or may remain unchanged. In any case, the result is termed a "M-IDU" (Modified IDU) in order to distinguish it from the original IDU. Depending on the desire of the calling application and the capabilities of the underlying IDUP mechanism, the output produced by the protection processing may or may not encapsulate the M-IDU. Thus, the P-IDU may be the contents of a single output parameter (if encapsulation is done) or may be the logical concatenation of an unencapsulated token parameter and a M-IDU parameter (if encapsulation is not done). In the latter case, the protecting application may choose whatever method it wishes to concatenate or
在保护操作期间,输入IDU缓冲器可以被修改(例如,数据可以以某种方式被加密或编码)或者可以保持不变。在任何情况下,结果被称为“M-IDU”(修改的IDU),以便将其与原始IDU区分开来。根据调用应用程序的需求和底层IDUP机制的能力,由保护处理产生的输出可以封装也可以不封装M-IDU。因此,P-IDU可以是单个输出参数的内容(如果封装完成),或者可以是未封装令牌参数和M-IDU参数的逻辑串联(如果封装未完成)。在后一种情况下,保护应用程序可以选择它希望连接或删除的任何方法
combine the unencapsulated token and the M-IDU into a P-IDU, provided the unprotecting application knows how to de-couple the P-IDU back into its component parts prior to calling the IDUP unprotection set of functions.
将未封装的令牌和M-IDU组合成一个P-IDU,前提是在调用IDUP unprotection函数集之前,不受保护的应用程序知道如何将P-IDU解耦回其组件部分。
It is expected that any output buffer returned by IDUP (i.e., P-IDU or portion thereof) is ready for immediate transmission to the intended receiver(s) by the calling application, if this is desired. In other words, an application wishing to transmit data buffers as they appear from IDUP should not be unduly restricted from doing so by the underlying mechanism.
预期由IDUP返回的任何输出缓冲区(即P-IDU或其部分)准备好由呼叫应用程序立即传输到预期的接收器(如果需要)。换句话说,希望从IDUP传输数据缓冲区的应用程序不应受到底层机制的过度限制。
The IDUP-GSS-API separates the operation of initializing a security environment (the IDUP_Establish_Env() call) from the operations of providing per-IDU protection, for IDUs subsequently protected in conjunction with that environment. Per-IDU protection and unprotection calls provide DOA, CONF, evidence, and other services, as requested by the calling application and as supported by the underlying mechanism.
IDUP-GSS-API将初始化安全环境的操作(IDUP_-setup_-Env()调用)与为随后与该环境一起受保护的IDU提供每个IDU保护的操作分离开来。按IDU保护和取消保护调用提供DOA、CONF、证据和其他服务,这些服务由调用应用程序请求并由底层机制支持。
The following paragraphs provide an example illustrating the dataflows involved in the use of the IDUP-GSS-API by the sender and receiver of a P-IDU in a mechanism-independent fashion. The example assumes that credential acquisition has already been completed by both sides. Furthermore, the example does not cover all possible options available in the protection/unprotection calls.
以下段落提供了一个示例,说明P-IDU的发送方和接收方以独立于机制的方式使用IDUP-GSS-API时涉及的数据流。该示例假设双方都已完成凭证获取。此外,该示例并未涵盖保护/取消保护调用中可用的所有可能选项。
The sender first calls IDUP_Establish_Env() to establish a security environment. Then, for the IDU to be protected the sender calls the appropriate protection calls (SE, EV, or GP) to perform the IDU protection. The resulting P-IDU, which may (depending on whether or not encapsulation was chosen/available) be either the token itself or the logical concatenation of the token and the M-IDU, is now ready to be sent to the target. The sender then calls IDUP_Abolish_Env() to flush all environment-specific information.
发送方首先调用IDUP\U ESTABLE\U Env()来建立安全环境。然后,对于要保护的IDU,发送方调用适当的保护调用(SE、EV或GP)来执行IDU保护。生成的P-IDU(取决于是否选择/可用封装)可能是令牌本身,也可能是令牌和M-IDU的逻辑连接,现在可以发送到目标。然后,发送方调用IDUP_Env()刷新所有特定于环境的信息。
The receiver first calls IDUP_Establish_Env() to establish a security environment in order to unprotect the P-IDU. Then, for the received P-IDU the receiver calls the appropriate unprotection calls (SE, EV, or GP (known a priori, or possibly determined through the use of the IDUP_Get_token_details call)) to perform the P-IDU unprotection. The receiver then calls IDUP_Abolish_Env() to flush all environment-specific information.
接收方首先调用IDUP\U ASCRUSE\U Env()来建立安全环境,以解除对P-IDU的保护。然后,对于接收到的P-IDU,接收器调用适当的解除保护调用(SE、EV或GP(先验已知,或可能通过使用IDUP\u Get\u令牌\u details调用确定))以执行P-IDU解除保护。然后,接收器调用IDUP_Env()刷新所有特定于环境的信息。
It is important to note that absolutely no synchronization is implied or expected between the data buffer size used by the sender as input to the protection calls, the data buffer size used by the receiver as
需要注意的是,发送方用作保护调用输入的数据缓冲区大小与接收方用作保护调用输入的数据缓冲区大小之间绝对不存在同步
input to the unprotection calls, and the block sizes required by the underlying protection algorithms (integrity and confidentiality). All these sizes are meant to be independent; furthermore, the data buffer sizes used for the protection and unprotection calls are purely a function of the local environment where the calls are made.
取消保护调用的输入,以及底层保护算法所需的块大小(完整性和机密性)。所有这些尺寸都是独立的;此外,用于保护和取消保护调用的数据缓冲区大小纯粹是进行调用的本地环境的函数。
The IDUP-GSS-API design assumes and addresses several basic goals, including the following.
IDUP-GSS-API设计假定并实现几个基本目标,包括以下目标。
Mechanism independence: The IDUP-GSS-API defines an interface to cryptographically implemented security services at a generic level which is independent of particular underlying mechanisms. For example, IDUP-GSS-API-provided services can be implemented by secret-key technologies or public-key approaches.
机制独立性:IDUP-GSS-API在通用级别上定义了与加密实现的安全服务的接口,该接口独立于特定的底层机制。例如,IDUP GSS API提供的服务可以通过密钥技术或公钥方法实现。
Protocol environment independence: The IDUP-GSS-API is independent of the communications protocol suites which may be used to transfer P-IDUs, permitting use in a broad range of protocol environments.
协议环境独立性:IDUP-GSS-API独立于可用于传输P-IDU的通信协议套件,允许在广泛的协议环境中使用。
Protocol association independence: The IDUP-GSS-API's security environment construct has nothing whatever to do with communications protocol association constructs, so that IDUP-GSS-API services can be invoked by applications, wholly independent of protocol associations.
协议关联独立性:IDUP-GSS-API的安全环境构造与通信协议关联构造无关,因此IDUP-GSS-API服务可以由应用程序调用,完全独立于协议关联。
Suitability for a range of implementation placements: IDUP-GSS-API clients are not constrained to reside within any Trusted Computing Base (TCB) perimeter defined on a system where the IDUP-GSS-API is implemented; security services are specified in a manner suitable for both intra-TCB and extra-TCB callers.
适用于一系列实施位置:IDUP-GSS-API客户端不受限制地驻留在实施IDUP-GSS-API的系统上定义的任何可信计算基础(TCB)周界内;安全服务的指定方式既适用于TCB内部调用方,也适用于TCB外部调用方。
This section describes the basic elements comprising the IDUP-GSS-API.
本节介绍构成IDUP-GSS-API的基本要素。
Credentials in IDUP-GSS-API are to be understood and used as described in GSS-API [RFC-2078].
IDUP-GSS-API中的凭证应按照GSS-API[RFC-2078]中的说明理解和使用。
Tokens in IDUP-GSS-API are to be understood and used as described in GSS-API [RFC-2078] with the exception that there are no context-level tokens generated by IDUP-GSS-API. The IDUP-GSS-API token may (depending on the underlying mechanism) encapsulate the M-IDU or may
IDUP-GSS-API中的令牌应按照GSS-API[RFC-2078]中的说明理解和使用,但IDUP-GSS-API不生成上下文级令牌除外。IDUP-GSS-API令牌可以(取决于底层机制)封装M-IDU,也可以
be logically concatenated with the M-IDU prior to transfer to a target; furthermore, for some evidence services the token may be sent independently of any other data transfer.
在传输到目标之前与M-IDU逻辑连接;此外,对于一些证据服务,令牌可以独立于任何其他数据传输而发送。
The "security environment" in IDUP-GSS-API is entirely different from the concept of security contexts used in GSS-API [RFC-2078]. Here, a security environment exists within a calling application (that is, it is purely local to the caller) for the purpose of protecting or unprotecting one or more IDUs using a particular caller credential or set of credentials. In GSS-API, on the other hand, a security context exists between peers (the initiator and the target) for the purpose of protecting, in real time, the data that is exchanged between them. Although they are different concepts, the env_handle in IDUP-GSS-API is similar to the context_handle in GSS-API in that it is a convenient way of tying together the entire process of protecting or unprotecting one or more IDUs using a particular underlying mechanism. As with the GSS-API security contexts, a caller can initiate and maintain multiple environments using the same or different credentials.
IDUP-GSS-API中的“安全环境”与GSS-API中使用的安全上下文概念完全不同[RFC-2078]。这里,安全环境存在于调用应用程序中(即,它对于调用方来说是纯本地的),目的是使用特定的调用方凭据或凭据集来保护或取消保护一个或多个idu。另一方面,在GSS-API中,对等方(发起方和目标方)之间存在安全上下文,以实时保护它们之间交换的数据。尽管它们是不同的概念,IDUP-GSS-API中的env_句柄与GSS-API中的context_句柄类似,因为它是一种方便的方式,可以使用特定的底层机制将保护或取消保护一个或多个IDU的整个过程联系在一起。与GSS-API安全上下文一样,调用方可以使用相同或不同的凭据启动和维护多个环境。
Mechanism types in IDUP-GSS-API are to be understood and used as described in GSS-API [RFC-2078].
IDUP-GSS-API中的机构类型应按照GSS-API[RFC-2078]中的说明理解和使用。
Naming in IDUP-GSS-API is to be understood and used as described in GSS-API [RFC-2078].
IDUP-GSS-API中的命名应按照GSS-API[RFC-2078]中的说明理解和使用。
The concept of channel bindings discussed in GSS-API [RFC-2078] is not relevant to the IDUP-GSS-API.
GSS-API[RFC-2078]中讨论的通道绑定概念与IDUP-GSS-API无关。
This section describes aspects of IDUP-GSS-API operations and of the security services which the IDUP-GSS-API provides. It also provides commentary on design issues.
本节介绍IDUP-GSS-API操作的各个方面以及IDUP-GSS-API提供的安全服务。它还提供了对设计问题的评论。
Status reporting in IDUP-GSS-API is to be understood and used as described in GSS-API [RFC-2078], with the addition of a number of IDUP-specific status codes. Descriptions of the major_status codes
IDUP-GSS-API中的状态报告应按照GSS-API[RFC-2078]中的说明理解和使用,并添加一些IDUP特定的状态代码。主要_状态代码的说明
used in IDUP are provided in Table 1. Codes that are informatory (i.e., that do not cause the requested operation to fail) are indicated with the symbol "(I)".
表1提供了IDUP中使用的数据。信息性代码(即不会导致请求的操作失败)用符号“(i)”表示。
As with GSS-API, minor_status codes, which provide more detailed status information than major_status codes, and which may include status codes specific to the underlying security mechanism, are not specified in this document.
与GSS-API一样,本文件中未规定次要_状态代码,次要_状态代码提供比主要_状态代码更详细的状态信息,可能包括特定于底层安全机制的状态代码。
Table 1: IDUP-GSS-API Major Status Codes
表1:IDUP-GSS-API主要状态代码
GSS_S_BAD_MECH indicates that a mech_type unsupported by the IDUP_GSS-API implementation was requested, causing the environment establishment operation to fail.
GSS_S_BAD_MECH表示请求了IDUP_GSS-API实现不支持的MECH_类型,导致环境建立操作失败。
GSS_S_BAD_QOP indicates that the provided qop_alg value is not recognized or supported for the environment.
GSS_S_BAD_QOP表示环境不识别或不支持提供的QOP_alg值。
GSS_S_BAD_MIC indicates that the received P-IDU contains an incorrect integrity field (e.g., signature or MAC) for the data.
GSS_S_BAD_MIC表示接收到的P-IDU包含不正确的数据完整性字段(例如,签名或MAC)。
GSS_S_COMPLETE indicates that the requested operation was successful.
GSS_S_COMPLETE表示请求的操作成功。
GSS_S_CREDENTIALS_EXPIRED indicates that the credentials associated with this operation have expired, so that the requested operation cannot be performed.
GSS\u S\u凭据\u EXPIRED表示与此操作关联的凭据已过期,因此无法执行请求的操作。
GSS_S_DEFECTIVE_CREDENTIAL indicates that consistency checks performed on the credential structure referenced by claimant_cred_handle failed, preventing further processing from being performed using that credential structure.
GSS_S_DEFECTIVE_CREDENTIAL表示在索赔人_cred_handle引用的凭证结构上执行的一致性检查失败,从而阻止使用该凭证结构执行进一步的处理。
GSS_S_DEFECTIVE_TOKEN indicates that consistency checks performed on the received P-IDU failed, preventing further processing from being performed.
GSS_S_DEFECTIVE_令牌表示对接收到的P-IDU执行的一致性检查失败,从而阻止执行进一步的处理。
GSS_S_FAILURE indicates that the requested operation could not be accomplished for reasons unspecified at the IDUP-GSS-API level, and that no interface-defined recovery action is available.
GSS_S_故障表示由于IDUP-GSS-API级别未指定的原因,无法完成请求的操作,并且没有接口定义的恢复操作可用。
GSS_S_NO_CRED indicates that no environment was established, either because the input cred_handle was invalid or because the caller lacks authorization to access the referenced credentials.
GSS_S_NO_CRED表示未建立任何环境,这可能是因为输入CRED_句柄无效,或者是因为调用方缺乏访问引用凭据的授权。
IDUP_S_BAD_DOA_KEY indicates that the key used to provide IDU data origin auth. / integ. has either expired or been revoked.
IDUP_S_BAD_DOA_KEY表示用于提供IDU数据源身份验证的密钥。/整数。已过期或已被撤销。
IDUP_S_BAD_ENC_IDU indicates that decryption of the received IDU cannot be completed because the encrypted IDU was invalid/defective (e.g., the final block was short or had incorrect padding).
IDUP_S_BAD_ENC_IDU表示无法完成对接收到的IDU的解密,因为加密的IDU无效/有缺陷(例如,最后一个块很短或填充不正确)。
IDUP_S_BAD_KE_KEY indicates that the key used to establish a key for confidentiality purposes between originator and target has either expired or been revoked.
IDUP_S_BAD_KE_KEY表示用于在发起方和目标方之间建立密钥以用于保密目的的密钥已过期或已被撤销。
IDUP_S_BAD_TARG_INFO indicates that the full set of supplied information regarding the target(s) is invalid or is insufficient for the protection of an IDU, so P-IDU cannot be created.
IDUP\U S\U BAD\U TARG\U INFO表示提供的有关目标的完整信息集无效或不足以保护IDU,因此无法创建P-IDU。
IDUP_S_DEFECTIVE_VERIF indicates that consistency checks performed on Service_Verification_Info failed, preventing further processing from being performed with that parameter.
IDUP\u S\u DEFECTIVE\u VERIF表示对服务\u验证\u信息执行的一致性检查失败,阻止使用该参数执行进一步的处理。
IDUP_S_ENCAPSULATION_UNAVAIL (I) indicates that the underlying mechanism does not support encapsulation of the M-IDU into the token.
IDUP_S_封装_UNAVAIL(I)表示底层机制不支持将M-IDU封装到令牌中。
IDUP_S_INAPPROPRIATE_CRED indicates that the credentials supplied do not contain the information necessary for P-IDU unprotection.
IDUP\u S\u不适当\u CRED表示提供的凭据不包含P-IDU解除保护所需的信息。
IDUP_S_INCOMPLETE (I) indicates that the unprotection of the P-IDU is not yet complete (i.e., a determination cannot yet be made on the validity of the P-IDU). The application should call IDUP_Form_Complete_PIDU and then should call this function again with the complete P-IDU.
IDUP_S_complete(I)表示P-IDU的解除保护尚未完成(即,无法确定P-IDU的有效性)。应用程序应该调用IDUP_Form_Complete_PIDU,然后使用完整的P-IDU再次调用此函数。
IDUP_S_INCONSISTENT_PARAMS indicates that the supplied parameters are inconsistent (e.g., only one or the other of two parameters may be supplied, but both have been input).
IDUP_S_INCONSISTENT_PARAMS表示提供的参数不一致(例如,只能提供两个参数中的一个或另一个,但都已输入)。
IDUP_S_MORE_OUTBUFFER_NEEDED (I) indicates that the output buffer supplied is too small to hold the generated data. The application should continue calling this routine (until GSS_S_COMPLETE is returned) in order to get all remaining output data.
IDUP_S_MORE_exputfer_NEEDED(I)表示提供的输出缓冲区太小,无法容纳生成的数据。应用程序应继续调用此例程(直到返回GSS_S_COMPLETE),以获取所有剩余的输出数据。
IDUP_S_MORE_PIDU_NEEDED (I) indicates that not enough of the P-IDU has been input yet for the completion of StartUnprotect. The application should call this routine again with another buffer of P-IDU in partial(initial)_pidu_buffer.
IDUP_S_MORE_PIDU_NEEDED(I)表示尚未输入足够的P-IDU来完成StartUnprotect。应用程序应使用部分(初始)pidu_缓冲区中的另一个P-IDU缓冲区再次调用此例程。
IDUP_S_NO_ENV indicates that no valid environment was recognized for the env_handle provided.
IDUP_S_NO_ENV表示没有为提供的ENV_句柄识别有效的环境。
IDUP_S_NO_MATCH indicates that Service_Verification_Info (or evidence_check) and the P-IDU to be verified do not match.
IDUP\U S\U NO\u MATCH表示服务验证信息(或证据检查)和要验证的P-IDU不匹配。
IDUP_S_REQ_TIME_SERVICE_UNAVAIL indicates that the time service requested (TTIME or UTIME) is not available in the environment.
IDUP\U S\U REQ\U TIME\U SERVICE\U UNAVAIL表示请求的时间服务(TTIME或UTIME)在环境中不可用。
IDUP_S_SERVICE_UNAVAIL indicates that the underlying mechanism does not support the service requested.
IDUP_S_SERVICE_UNAVAIL表示底层机制不支持请求的服务。
IDUP_S_SERV_VERIF_INFO_NEEDED (I) indicates that the Service_Verification_Info parameter bundle must be input in order for service verification to proceed. The output parameter service_verification_info_id contains an identifier which may be used by the calling application to locate the necessary information.
IDUP_S_SERV_VERIF_INFO_NEEDED(I)表示必须输入Service_Verification_INFO参数包才能继续进行Service Verification。输出参数service_verification_info_id包含一个标识符,调用应用程序可以使用该标识符来定位必要的信息。
IDUP_S_UNKNOWN_OPER_ID indicates that the input prot_oper_id value is not recognized or supported in the underlying mechanism.
IDUP_S_UNKNOWN_OPER_ID表示基础机制中不识别或不支持输入保护操作ID值。
Per-IDU security service availability in IDUP-GSS-API is to be understood and used as described in GSS-API [RFC-2078], with the exception that combinations of services requested by the calling application and supported by the underlying mechanism may be applied simultaneously to any IDU (true for both the SE and the EV calls, but true in the fullest sense for the GP calls).
IDUP-GSS-API中的每个IDU安全服务可用性应按照GSS-API[RFC-2078]中的描述理解和使用,但调用应用程序请求并由底层机制支持的服务组合可同时应用于任何IDU的情况除外(SE和EV呼叫均为真,但GP呼叫完全为真)。
GSS-API callers desiring per-message security services should check the relevant service OBJECT IDs at environment establishment time to ensure that what is available in the established environment is suitable for their security needs.
希望获得每条消息安全服务的GSS-API调用方应在环境建立时检查相关的服务对象ID,以确保在已建立的环境中可用的内容适合其安全需求。
The concept of per-IDU replay detection and sequencing discussed in GSS-API [RFC-2078] is not relevant to the IDUP-GSS-API.
GSS-API[RFC-2078]中讨论的每IDU重播检测和排序概念与IDUP-GSS-API无关。
The concept of QOP control in IDUP-GSS-API is to be understood essentially as described in GSS-API [RFC-2078]. However, the actual description and use of the QOP parameter is given as follows.
IDUP-GSS-API中的QOP控制概念基本上如GSS-API[RFC-2078]所述。然而,QOP参数的实际描述和使用如下所示。
The qop_algs parameter for IDUP is defined to be a 32-bit unsigned integer with the following bit-field assignments:
IDUP的qop_algs参数定义为具有以下位字段分配的32位无符号整数:
31 (MSB) (LSB) 0 ---------------------------------------------- | U(19) | TS(5) | IA(4) | MA(4) | ----------------------------------------------
31 (MSB) (LSB) 0 ---------------------------------------------- | U(19) | TS(5) | IA(4) | MA(4) | ----------------------------------------------
where
哪里
U is a 19-bit Unspecified field (available for future use/expansion) -- must be set to zero;
U是一个19位未指定字段(可供将来使用/扩展)——必须设置为零;
TS is a 5-bit Type Specifier (a semantic qualifier whose value specifies the type of algorithm which may be used to protect the corresponding IDU -- see below for details);
TS是一个5位类型说明符(一个语义限定符,其值指定可用于保护相应IDU的算法类型——详见下文);
IA is a 4-bit field enumerating Implementation-specific Algorithms; and
IA是一种4位字段枚举实现特定算法;和
MA is a 4-bit field enumerating Mechanism-defined Algorithms.
MA是一种4位字段枚举机制定义的算法。
The interpretation of the qop_algs parameter is as follows. The MA field is examined first. If it is non-zero then the algorithm used to protect the IDU is the mechanism-specified algorithm corresponding to that integer value.
qop_algs参数的解释如下。首先检查MA字段。如果为非零,则用于保护IDU的算法是对应于该整数值的机制指定算法。
If MA is zero then IA is examined. If this field value is non-zero then the algorithm used to protect the IDU is the implementation-specified algorithm corresponding to that integer value. Note that use of this field may hinder portability since a particular value may specify one algorithm in one implementation of the mechanism and may not be supported or may specify a completely different algorithm in another implementation of the mechanism.
如果MA为零,则检查IA。如果此字段值非零,则用于保护IDU的算法是与该整数值对应的实现指定的算法。请注意,使用此字段可能会妨碍可移植性,因为特定值可能在机制的一个实现中指定一个算法,并且可能不受支持,或者可能在机制的另一个实现中指定完全不同的算法。
Finally, if both MA and IA are zero then TS is examined. A value of zero for TS specifies the default algorithm for the established mechanism. A non-zero value for TS corresponds to a particular algorithm qualifier and selects any algorithm from the mechanism specification which satisfies that qualifier (which actual algorithm is selected is an implementation choice; the calling application need not be aware of the choice made).
最后,如果MA和IA均为零,则检查TS。TS的值为零指定已建立机制的默认算法。TS的非零值对应于特定的算法限定符,并从满足该限定符的机制规范中选择任何算法(选择的实际算法是实现选择;调用应用程序不需要知道所做的选择)。
The following TS values (i.e., algorithm qualifiers) are specified; other values may be added in the future.
指定以下TS值(即算法限定符);将来可能会添加其他值。
When qop_algs is used to select a confidentiality algorithm:
使用qop_algs选择保密算法时:
00000 (0) = default confidentiality algorithm 00001 (1) = IDUP_SYM_ALG_STRENGTH_STRONG 00010 (2) = IDUP_SYM_ALG_STRENGTH_MEDIUM 00011 (3) = IDUP_SYM_ALG_STRENGTH_WEAK 11111 (31) = IDUP_NO_CONFIDENTIALITY
00000(0)=默认保密算法00001(1)=IDUP\u SYM\u ALG\u STRENGTH\u 00010(2)=IDUP\u SYM\u ALG\u STRENGTH\u MEDIUM 00011(3)=IDUP\u SYM\u ALG\u STRENGTH\u弱11111(31)=IDUP\u NO\u保密性
When qop_algs is used to select a DOA/integrity algorithm:
使用qop_algs选择DOA/完整性算法时:
00000 (0) = default integrity algorithm 00001 (1) = IDUP_INT_ALG_DIG_SIGNATURE (integrity provided through a digital signature) 00010 (2) = IDUP_INT_ALG_NON_DIG_SIGNATURE (integrity without a dig. sig. (e.g., with a MAC)) 11111 (31) = IDUP_NO_INTEGRITY
00000(0)=默认完整性算法00001(1)=IDUP_INT_ALG_DIG_签名(通过数字签名提供的完整性)00010(2)=IDUP_INT_ALG_非DIG_签名(没有DIG.sig的完整性。(例如,有MAC))11111(31)=IDUP_NO_完整性
Clearly, qualifiers such as strong, medium, and weak are debatable and likely to change with time, but for the purposes of this version of the specification we define these terms as follows. A confidentiality algorithm is "weak" if the effective key length of the cipher is 40 bits or less; it is "medium-strength" if the effective key length is strictly between 40 and 80 bits; and it is "strong" if the effective key length is 80 bits or greater. ("Effective key length" describes the computational effort required to break a cipher using the best-known cryptanalytic attack against that cipher.)
很明显,诸如strong、medium和weak之类的限定词是有争议的,并且可能会随着时间的推移而改变,但是在本规范版本中,我们将这些术语定义如下。如果密码的有效密钥长度小于等于40位,则保密算法为“弱”;如果有效密钥长度严格在40到80位之间,则为“中等强度”;如果有效密钥长度为80位或更大,则为“强”。(“有效密钥长度”描述了使用最著名的密码分析攻击破解密码所需的计算工作量。)
A five-bit TS field allows up to 30 qualifiers for each of confidentiality and integrity (since "0" is reserved for "default" and "31" is reserved for "none", as shown above). This document specifies three for confidentiality and two for integrity, leaving a lot of room for future specification. Suggestions of qualifiers such as "fast", "medium-speed", and "slow" have been made, but such terms are difficult to quantify (and in any case are platform- and processor-dependent), and so have been left out of this initial specification. The intention is that the TS terms be quantitative, environment-independent qualifiers of algorithms, as much as this is possible.
五位TS字段最多允许30个限定符用于机密性和完整性(因为“0”保留为“默认”,而“31”保留为“无”,如上所示)。本文件规定了三个机密性和两个完整性,为将来的规范留下了很大的空间。已经提出了诸如“快”、“中速”和“慢”等限定词的建议,但这些术语很难量化(并且在任何情况下都依赖于平台和处理器),因此在本初始规范中被忽略。其目的是尽可能使TS术语成为定量的、与环境无关的算法限定符。
Use of the qop_algs parameter as defined above is ultimately meant to be as follows.
使用上述qop_algs参数的最终含义如下。
- TS values are specified at the IDUP-GSS-API level and are therefore portable across mechanisms. Applications which know nothing about algorithms are still able to choose "quality" of protection for their message tokens.
- TS值在IDUP-GSS-API级别指定,因此可以跨机制移植。对算法一无所知的应用程序仍然能够为其消息令牌选择“质量”保护。
- MA values are specified at the mechanism level and are therefore portable across implementations of a mechanism.
- MA值是在机制级别指定的,因此可以跨机制的实现进行移植。
- IA values are specified at the implementation level (in user documentation, for example) and are therefore typically non-portable. An application which is aware of its own mechanism implementation and the mechanism implementation of its intended P-IDU recipient, however, is free to use these values since they will be perfectly valid and meaningful for protecting IDUs between those entities.
- IA值是在实现级别指定的(例如在用户文档中),因此通常是不可移植的。但是,了解自己的机制实现及其预期的P-IDU接收方的机制实现的应用程序可以自由使用这些值,因为它们对于保护这些实体之间的IDU是完全有效和有意义的。
The receiver of a P-IDU must pass back to its calling application (in IDUP_Start_Unprotect()) a qop_algs parameter with all relevant fields set. For example, if triple-DES has been specified by a mechanism as algorithm 8, then a receiver of a triple-DES-protected P-IDU must pass to its application (TS=1, IA=0, MA=8). In this way, the application is free to read whatever part of the qop_algs parameter it understands (TS or IA/MA).
P-IDU的接收器必须将设置了所有相关字段的qop\U algs参数传回其调用应用程序(在IDUP\U Start\U Unprotect()中)。例如,如果机制将三重DES指定为算法8,则受三重DES保护的P-IDU的接收器必须传递给其应用程序(TS=1,IA=0,MA=8)。通过这种方式,应用程序可以自由读取其理解的qop_algs参数的任何部分(TS或IA/MA)。
IDUP mechanisms should make provision in their protocols for the carrying of time information from originator to target(s). That is, a target (a legitimate recipient) should get some indication during unprotection regarding the time at which the protection operation took place. This is particularly important if the mechanism offers non-repudiation services because in some cases evidence verification may only be achievable if the time at which the evidence was generated is known.
IDUP机制应在其协议中规定将时间信息从发起者传送到目标。也就是说,目标(合法接收者)应该在解除保护期间获得一些关于保护操作发生时间的指示。如果该机制提供不可否认性服务,这一点尤其重要,因为在某些情况下,只有在证据生成的时间已知的情况下,才能进行证据核实。
Depending upon the platform and resources available to the implementation, an IDUP environment may have access to a source of trusted (secure) time, untrusted (local) time, both kinds of time, or no time. OBJECT IDs indicating such availability are returned by the IDUP_Establish_Env() call. When starting a protection operation, an application may specify which time services it wishes to have applied to the IDU. Similarly, for unprotection, an application may specify which kind of time (if any) to consult when the validity of the P-IDU is to be established. Specifying both kinds of time is interpreted to mean that the calling application does not care which kind of time is used.
根据平台和实现可用的资源,IDUP环境可以访问可信(安全)时间、不可信(本地)时间、两种时间或无时间的来源。IDUP\U ESTABLE\U Env()调用返回指示此类可用性的对象ID。启动保护操作时,应用程序可以指定它希望应用于IDU的时间服务。类似地,对于取消保护,应用程序可以指定在建立P-IDU的有效性时咨询哪种时间(如果有)。指定这两种时间意味着调用应用程序不关心使用哪种时间。
The IDUP calls which use a time parameter specify the type of that parameter to be INTEGER. This INTEGER is defined in all cases to be the number of seconds which have elapsed since midnight, January 1, 1970, coordinated universal time.
使用时间参数的IDUP调用将该参数的类型指定为整数。在所有情况下,该整数定义为自协调世界时1970年1月1日午夜以来经过的秒数。
This section describes the IDUP-GSS-API's operational interface, dividing the set of calls offered into five groups. Credential management calls are related to the acquisition and release of credentials by API callers. Environment-level calls are related to the management of the security environment by an API caller. Per-IDU calls are related to the protection or unprotection of individual IDUs in established security environments. Special-purpose calls deal with unusual or auxiliary evidence generation/verification requirements. Support calls provide extra functions useful to IDUP-GSS-API callers. Table 2 groups and summarizes the calls in tabular fashion.
本节描述IDUP-GSS-API的操作接口,将提供的调用集分为五个组。凭据管理调用与API调用方获取和释放凭据有关。环境级调用与API调用方对安全环境的管理相关。每IDU呼叫与在已建立的安全环境中保护或取消保护单个IDU有关。特殊用途调用处理异常或辅助证据生成/验证要求。支持调用提供了对IDUP-GSS-API调用方有用的额外函数。表2以表格形式对调用进行分组和总结。
Table 2: IDUP-GSS-API Calls
表2:IDUP-GSS-API调用
CREDENTIAL MANAGEMENT (see the calls given in Section 2.1 of GSS-API [RFC-2078])
凭证管理(参见GSS-API[RFC-2078]第2.1节中给出的调用)
ENVIRONMENT-LEVEL CALLS IDUP_Establish_Env IDUP_Abolish_Env IDUP_Inquire_Env
环境级调用IDUP\U建立\U环境IDUP\U废除\U环境IDUP\U查询\U环境
PER-IDU CALLS SE (SIGN,ENCRYPT) CALLS IDUP_SE_SingleBuffer_Protect IDUP_SE_SingleBuffer_Unprotect IDUP_SE_MultiBuffer_StartProtect IDUP_SE_MultiBuffer_EndProtect IDUP_SE_MultiBuffer_StartUnprotect IDUP_SE_MultiBuffer_EndUnprotect IDUP_SE_Process_Buffer EV (EVIDENCE) CALLS IDUP_EV_SingleBuffer_Generate IDUP_EV_SingleBuffer_Verify IDUP_EV_MultiBuffer_StartGenerate IDUP_EV_MultiBuffer_EndGenerate IDUP_EV_MultiBuffer_StartVerify IDUP_EV_MultiBuffer_EndVerify IDUP_EV_Process_Buffer GP (GENERAL PROTECTION) CALLS IDUP_Start_Protect IDUP_Protect IDUP_End_Protect IDUP_Start_Unprotect IDUP_Unprotect IDUP_End_Unprotect
PER-IDU调用SE(签名、加密)调用IDUP\u SE\u SingleBuffer\u Protect IDUP\u SE\u SingleBuffer\u Unprotect IDUP\u SE\u multi Buffer\u start保护IDUP\u SE\u multi Buffer\u start保护IDUP\u SE\u multi Buffer\u EndUnprotect IDUP\u进程\u Buffer EV(证据)调用IDUP\u EV\u SingleBuffer\u Generate IDUP\u EV\u SingleBuffer\u Verify IDUP\u EV\u MultiBuffer\u EndGenerate IDUP\u EV\u MultiBuffer\u StartVerify IDUP\u EV\u MultiBuffer\u EndVerify IDUP\u EV\u Process\u Buffer GP(一般保护)调用IDUP\u启动\u保护IDUP\u End\u保护IDUP\u启动\u取消保护IDUP\u End
SPECIAL-PURPOSE CALLS (might not be supported by all mechanisms) IDUP_Form_Complete_PIDU
特殊用途调用(可能不是所有机制都支持)IDUP\u Form\u Complete\u PIDU
SUPPORT CALLS IDUP_Acquire_cred_with_auth IDUP_Get_Token_Details IDUP_Get_Policy_Info IDUP_Cancel_Multibuffer_Op (see also the calls given in Section 2.4 of GSS-API [RFC-2078])
支持调用IDUP\u Acquire\u cred\u和\u auth IDUP\u Get\u Token\u Details IDUP\u Get\u Policy\u Info IDUP\u Cancel\u Multibuffer\u Op(另请参见GSS-API[RFC-2078]第2.4节中给出的调用)
In terms of conformance to this specification, IDUP-GSS-API implementations must support the credential management calls, the environment-level calls, some subset of the per-IDU calls, and the support calls (except where explicitly stated otherwise in Section 2.5). The subset of per-IDU calls supported will depend upon the underlying mechanisms supported and will typically be the SE calls, or the EV calls, or both. As stated in Section 2.3.2.1, implementations are encouraged to support the more powerful GP calls to anticipate the future needs of applications developers, but this is not required for conformance.
就与本规范的一致性而言,IDUP-GSS-API实现必须支持凭证管理调用、环境级调用、每个IDU调用的某些子集以及支持调用(除非第2.5节另有明确规定)。支持的每IDU呼叫子集将取决于支持的底层机制,通常是SE呼叫或EV呼叫,或两者兼而有之。如第2.3.2.1节所述,鼓励实现支持更强大的GP调用,以预测应用程序开发人员的未来需求,但这不是一致性所必需的。
Credential management in IDUP-GSS-API is to be understood and used as described in GSS-API [RFC-2078]. The calls given in Section 2.1 of GSS-API (including all associated parameters) are unchanged, although the interpretation of the cred_usage parameter in the GSS-API calls for IDUP purposes is as follows.
IDUP-GSS-API中的凭证管理应按照GSS-API[RFC-2078]中的说明理解和使用。GSS-API第2.1节中给出的调用(包括所有相关参数)保持不变,尽管出于IDUP目的,GSS-API调用中的cred_用法参数解释如下。
ENCRYPT_ONLY 8 DECRYPT_ONLY 16 SIGN_ONLY 32 VERIFY_ONLY 64
加密仅8解密仅16签名仅32验证仅64
The values above may be logically OR'ed together in any desired combination to restrict credential usage (where OR'ing all values results in NO_RESTRICTION). Future possible values for this parameter are for further study.
上述值可以逻辑地或组合在一起,以任何所需的组合来限制凭证的使用(其中或组合所有值不会导致任何限制)。此参数的未来可能值有待进一步研究。
The call IDUP_Acquire_cred_with_auth has been added as a support call in this specification to permit authenticated credential acquirement; see Section 2.5.2 for details.
在本规范中,已将调用IDUP_Acquire_cred_with_auth添加为支持调用,以允许通过身份验证的凭证获取;详见第2.5.2节。
This group of calls is devoted to the establishment and management of an environment for the purpose of IDU protection and unprotection. Before protecting or unprotecting any IDU, an application must call IDUP_Establish_Env() to initialize environment information and select the underlying IDUP-GSS mechanism to be used. A series of protection or unprotection calls is made to process each IDU, the protection calls resulting in a P-IDU for each. Finally, IDUP_Abolish_Env() is called to flush all environment information.
这组电话专门用于建立和管理环境,以保护和取消保护IDU。在保护或取消保护任何IDU之前,应用程序必须调用IDUP\U ESTABLE\U Env()来初始化环境信息,并选择要使用的基础IDUP-GSS机制。为处理每个IDU进行了一系列保护或取消保护调用,这些保护调用导致每个IDU都有一个P-IDU。最后,调用IDUP_involution_Env()刷新所有环境信息。
Semantically, acquiring credentials and establishing an environment is (in many cases) analogous to logging in to a system -- it authenticates a local user to the system and gives that user access to a set of operations which can be performed.
从语义上讲,获取凭证和建立环境(在许多情况下)类似于登录到系统——它向系统验证本地用户,并允许该用户访问可以执行的一组操作。
The set of calls described in this section is used in place of the calls described in Section 2.2 of GSS-API [RFC-2078], since those calls are specific to a session-oriented environment.
本节中描述的调用集用于替代GSS-API[RFC-2078]第2.2节中描述的调用,因为这些调用特定于面向会话的环境。
Inputs: o claimant_cred_handle CREDENTIAL HANDLE, -- NULL parameter specifies "use default"
输入:o凭证句柄凭证句柄,-NULL参数指定“使用默认值”
o req_mech_type OBJECT IDENTIFIER, -- NULL parameter specifies "use default" o req_environmentPolicies EnvironmentPolicies, -- NULL parameter specifies "use default" o req_services SET OF OBJECT IDENTIFIER, -- GSS_C_NO_OID_SET requests full set of services available -- for req_mech_type
o req_mech_类型对象标识符,-NULL参数指定“使用默认值”o req_环境策略环境策略,-NULL参数指定“使用默认值”o对象标识符的req_服务集,--GSS_C_NO_OID_SET请求可用的全套服务--对于req_mech_类型
Outputs: o major_status INTEGER, o minor_status INTEGER, o env_handle ENVIRONMENT HANDLE, o actual_mech_type OBJECT IDENTIFIER, -- actual mechanism always indicated, never NULL o actual_environmentPolicies EnvironmentPolicies, -- actual values always indicated, never NULL o ret_services SET OF OBJECT IDENTIFIER,
Outputs: o major_status INTEGER, o minor_status INTEGER, o env_handle ENVIRONMENT HANDLE, o actual_mech_type OBJECT IDENTIFIER, -- actual mechanism always indicated, never NULL o actual_environmentPolicies EnvironmentPolicies, -- actual values always indicated, never NULL o ret_services SET OF OBJECT IDENTIFIER,
Return major_status codes: o GSS_S_COMPLETE -- environment-level information was successfully initialized,
返回主要_状态代码:o GSS_S_COMPLETE--环境级别信息已成功初始化,
-- and IDU / P-IDU processing can begin. o GSS_S_DEFECTIVE_CREDENTIAL o GSS_S_NO_CRED o GSS_S_CREDENTIALS_EXPIRED -- the credentials provided through claimant_cred_handle are -- no longer valid, so environment cannot be established. o GSS_S_BAD_MECH o GSS_S_FAILURE
-- and IDU / P-IDU processing can begin. o GSS_S_DEFECTIVE_CREDENTIAL o GSS_S_NO_CRED o GSS_S_CREDENTIALS_EXPIRED -- the credentials provided through claimant_cred_handle are -- no longer valid, so environment cannot be established. o GSS_S_BAD_MECH o GSS_S_FAILURE
The following structures are defined to facilitate environment policy input and output:
为便于环境政策的输入和输出,定义了以下结构:
EnvironmentPolicies ::= SEQUENCE { confPolicy [0] PolicyAndTime OPTIONAL, -- NULL parameter (on input) specifies "use default" integPolicy [1] PolicyAndTime OPTIONAL, -- NULL parameter (on input) specifies "use default" evidencePolicy [2] PolicyAndTime OPTIONAL } -- NULL parameter (on input) specifies "use default"
EnvironmentPolicies ::= SEQUENCE { confPolicy [0] PolicyAndTime OPTIONAL, -- NULL parameter (on input) specifies "use default" integPolicy [1] PolicyAndTime OPTIONAL, -- NULL parameter (on input) specifies "use default" evidencePolicy [2] PolicyAndTime OPTIONAL } -- NULL parameter (on input) specifies "use default"
PolicyAndTime ::= SEQUENCE { policy OBJECT IDENTIFIER, -- this environment-level policy identifier is separate from -- the policy provisions connected with credentials, if they exist time INTEGER -- on input: the policy rules available at the specified time -- on output: the time at which the policy rules came into effect -- (defined to be the number of seconds elapsed since midnight, -- January 1, 1970, coordinated universal time) endTime INTEGER OPTIONAL } -- on input: unused -- on output: the expiration time of the given policy rules
PolicyAndTime ::= SEQUENCE { policy OBJECT IDENTIFIER, -- this environment-level policy identifier is separate from -- the policy provisions connected with credentials, if they exist time INTEGER -- on input: the policy rules available at the specified time -- on output: the time at which the policy rules came into effect -- (defined to be the number of seconds elapsed since midnight, -- January 1, 1970, coordinated universal time) endTime INTEGER OPTIONAL } -- on input: unused -- on output: the expiration time of the given policy rules
This routine is used by an application which protects or unprotects IDUs. Using information in the credentials structure referenced by claimant_cred_handle, IDUP_Establish_Env() initializes the data structures required to protect or unprotect IDUs. The claimant_cred_handle, if non-NULL, must correspond to a valid credentials structure.
此例程由保护或取消保护IDU的应用程序使用。IDUP\U ESTABLE\U Env()使用索赔人\u cred\u handle引用的凭据结构中的信息初始化保护或取消保护IDU所需的数据结构。索赔人凭证句柄(如果不为NULL)必须对应于有效的凭证结构。
This routine returns an env_handle for all future references to this environment; when protection, unprotection, or IDUP_Abolish_Env() calls are made, this handle value will be used as the input env_handle argument. It is the caller's responsibility to establish a communications path to the intended recipients of the P-IDU, and to transmit the P-IDU to those recipients over that path. This may occur subsequent to the IDUP_Abolish_Env() call.
该例程为将来对该环境的所有引用返回一个env_句柄;在调用protection、unprotection或IDUP\u-involution\u-Env()时,此句柄值将用作输入Env\u-handle参数。呼叫方负责建立到P-IDU的预期接收者的通信路径,并通过该路径将P-IDU传输给这些接收者。这可能发生在IDUP_exclude_Env()调用之后。
The req_services parameter may be used by the calling application to request that data origin authentication with integrity, confidentiality with integrity, evidence generation, and/or evidence verification services be available in the established environment. Requests can also be made for "trusted" or "untrusted" time services. Requesting evidence generation or verification indicates that the calling application may wish to generate or verify evidence information for non-repudiation purposes (note: an IDU protector may request that a flag be inserted into a P-IDU asking a recipient to provide an evidence of the type "non-repudiation of delivery"; however, the IDUP-GSS-API cannot by itself guarantee that the evidence will be sent because there is no way to force a target to send an evidence_token back to the IDU protector).
调用应用程序可以使用req_services参数来请求在已建立的环境中提供具有完整性的数据源认证、具有完整性的机密性、证据生成和/或证据验证服务。还可以请求“受信任”或“不受信任”的时间服务。请求证据生成或验证表示呼叫应用程序可能希望生成或验证证据信息,以达到不可抵赖的目的(注:IDU保护人可请求在P-IDU中插入一个标志,要求接收方提供“不可抵赖交付”类型的证据);但是,IDUP-GSS-API本身无法保证将发送证据,因为无法强制目标向IDU保护者发送证据(IDU令牌)。
Not all features will be available in all underlying mech_types; the returned value of ret_services indicates, as a function of mech_type processing capabilities and the initiator-provided input OBJECT IDs, the set of features which will be available in the environment. The value of this parameter is undefined unless the routine's major_status indicates COMPLETE. Failure to provide the precise set of services desired by the caller does not cause environment establishment to fail; it is the caller's choice to abolish the environment if the service set provided is unsuitable for the caller's use. The returned mech_type value indicates the specific mechanism employed in the environment and will never indicate the value for "default".
并非所有基础机械类型中的所有功能都可用;ret_services的返回值表示,作为mech_类型处理能力和启动器提供的输入对象ID的函数,环境中可用的功能集。除非例程的主_状态指示完成,否则此参数的值未定义。未能提供调用方所需的精确服务集不会导致环境建立失败;如果提供的服务集不适合调用者使用,则调用者可以选择取消环境。返回的mech_类型值指示环境中使用的特定机制,并且永远不会指示“default”的值。
The following OBJECT IDs are defined for protection and unprotection services (the OBJECT ID iso.org.dod.internet.security.services, 1.3.6.1.5.7, has been assigned by IANA, and some of the security services under that node are assigned as shown below). It is recognized that this list may grow over time.
为保护和非保护服务定义了以下对象ID(对象ID iso.org.dod.internet.security.services,1.3.6.1.5.7已由IANA分配,该节点下的一些安全服务分配如下所示)。人们认识到,这一名单可能会随着时间的推移而增加。
PER_CONF = { 1.3.6.1.5.7.1.1 } -- perform data confidentiality (i.e., encrypt data) PER_CONF_FULL = { 1.3.6.1.5.7.1.3 } -- perform full confidentiality (i.e., encrypt data and sig) -- (may be used only when PER_DOA is requested simultaneously) PER_DOA = { 1.3.6.1.5.7.3.1 } -- perform data origin authentication with data integrity PER_DOA_CIPH = { 1.3.6.1.5.7.3.3 } -- perform DOA with DI over ciphertext (rather than plaintext) -- (may be used only when PER_CONF is requested simultaneously) PER_POO = { 1.3.6.1.5.7.4.1 } -- perform (i.e., create) non-repudiable "proof of origin" PER_POD = { 1.3.6.1.5.7.4.3 } -- perform (i.e., create) non-repudiable "proof of delivery"
PER_CONF = { 1.3.6.1.5.7.1.1 } -- perform data confidentiality (i.e., encrypt data) PER_CONF_FULL = { 1.3.6.1.5.7.1.3 } -- perform full confidentiality (i.e., encrypt data and sig) -- (may be used only when PER_DOA is requested simultaneously) PER_DOA = { 1.3.6.1.5.7.3.1 } -- perform data origin authentication with data integrity PER_DOA_CIPH = { 1.3.6.1.5.7.3.3 } -- perform DOA with DI over ciphertext (rather than plaintext) -- (may be used only when PER_CONF is requested simultaneously) PER_POO = { 1.3.6.1.5.7.4.1 } -- perform (i.e., create) non-repudiable "proof of origin" PER_POD = { 1.3.6.1.5.7.4.3 } -- perform (i.e., create) non-repudiable "proof of delivery"
REC_CONF = { 1.3.6.1.5.7.1.2 } -- receive data confidentiality (i.e., decrypt data) REC_CONF_FULL = { 1.3.6.1.5.7.1.4 } -- receive full confidentiality (i.e., decrypt data and sig) -- (may be used only when REC_DOA is received simultaneously) REC_DOA = { 1.3.6.1.5.7.3.2 } -- receive / verify DOA with data integrity REC_DOA_CIPH = { 1.3.6.1.5.7.3.4 } -- verify DOA with DI over ciphertext (rather than plaintext) -- (may be used only when PER_CONF is received simultaneously) REC_POO = { 1.3.6.1.5.7.4.2 } -- receive / verify "proof of origin" REC_POD = { 1.3.6.1.5.7.4.4 } -- receive / verify "proof of delivery" TTIME = { 1.3.6.1.5.7.7.1 } -- trusted time availability UTIME = { 1.3.6.1.5.7.7.2 } -- untrusted time availability
REC_CONF = { 1.3.6.1.5.7.1.2 } -- receive data confidentiality (i.e., decrypt data) REC_CONF_FULL = { 1.3.6.1.5.7.1.4 } -- receive full confidentiality (i.e., decrypt data and sig) -- (may be used only when REC_DOA is received simultaneously) REC_DOA = { 1.3.6.1.5.7.3.2 } -- receive / verify DOA with data integrity REC_DOA_CIPH = { 1.3.6.1.5.7.3.4 } -- verify DOA with DI over ciphertext (rather than plaintext) -- (may be used only when PER_CONF is received simultaneously) REC_POO = { 1.3.6.1.5.7.4.2 } -- receive / verify "proof of origin" REC_POD = { 1.3.6.1.5.7.4.4 } -- receive / verify "proof of delivery" TTIME = { 1.3.6.1.5.7.7.1 } -- trusted time availability UTIME = { 1.3.6.1.5.7.7.2 } -- untrusted time availability
The PER_CONF return value (in the ret_services paramater) indicates whether the environment supports confidentiality services, and so informs the caller whether or not a request for encryption can be honored. In similar fashion, the PER_DOA return value indicates whether DOA services are available in the established environment, and the PER_POO and PER_POD return values indicate whether evidence generation services are available. The TTIME and UTIME values indicate whether trusted time and untrusted time are available for protection / unprotection services.
PER_CONF返回值(在ret_services参数中)指示环境是否支持保密服务,从而通知调用方是否可以接受加密请求。以类似的方式,PER_DOA返回值指示DOA服务在已建立的环境中是否可用,PER_POO和PER_POD返回值指示证据生成服务是否可用。TTIME和UTIME值指示受信任时间和不受信任时间是否可用于保护/取消保护服务。
Note that, unlike a GSS "context", an IDUP environment does not have an explicit lifetime associated with it. Instead, it relies on the lifetime of the calling entity's credential (set by the caller in the GSS_Acquire_cred() call). When the credential expires (or is explicitly deleted in any other way), no new operations are allowed in the IDUP environment (although operations which have begun, such as the Protection set of calls, can be taken to completion).
请注意,与GSS“上下文”不同,IDUP环境没有与其关联的显式生存期。相反,它依赖于调用实体的凭据的生存期(由调用方在GSS_Acquire_cred()调用中设置)。当凭据过期(或以任何其他方式显式删除)时,IDUP环境中不允许新操作(尽管已开始的操作(如保护调用集)可以完成)。
Input: o env_handle ENVIRONMENT HANDLE
输入:o环境句柄环境句柄
Outputs: o major_status INTEGER, o minor_status INTEGER,
输出:o大\小\状态整数,
Return major_status codes: o GSS_S_COMPLETE -- the relevant environment-specific information was flushed. o IDUP_S_NO_ENV o GSS_S_FAILURE
返回主要_状态代码:o GSS_S_COMPLETE——相关环境特定信息已刷新。o IDUP\U S\U无环境o GSS\U故障
This call is made to flush environment-specific information. (Once an environment is established, cached credential and environment-related info. is expected to be retained until an IDUP_Abolish_Env() call is made or until the cred. lifetime expires.) Attempts to perform IDU processing on a deleted environment will result in error returns.
此调用用于刷新特定于环境的信息。(一旦建立了一个环境,缓存的凭证和与环境相关的信息将被保留,直到进行IDUP_exclude_Env()调用或直到cred.lifetime过期。)尝试在已删除的环境上执行IDU处理将导致错误返回。
Input: o env_handle ENVIRONMENT HANDLE,
输入:o环境句柄环境句柄,
Outputs: o major_status INTEGER, o minor_status INTEGER, o mech_type OBJECT IDENTIFIER, -- the mechanism supporting this environment o environmentPolicies EnvironmentPolicies, -- the environment policies in effect o ret_services SET OF OBJECT IDENTIFIER,
Outputs: o major_status INTEGER, o minor_status INTEGER, o mech_type OBJECT IDENTIFIER, -- the mechanism supporting this environment o environmentPolicies EnvironmentPolicies, -- the environment policies in effect o ret_services SET OF OBJECT IDENTIFIER,
Return major_status codes: o GSS_S_COMPLETE -- referenced environment is valid and mech_type and other return -- values describe the characteristics of the environment. o GSS_S_CREDENTIALS_EXPIRED o IDUP_S_NO_ENV o GSS_S_FAILURE
Return major_status codes: o GSS_S_COMPLETE -- referenced environment is valid and mech_type and other return -- values describe the characteristics of the environment. o GSS_S_CREDENTIALS_EXPIRED o IDUP_S_NO_ENV o GSS_S_FAILURE
This routine provides environment-related information to the caller.
此例程向调用者提供与环境相关的信息。
This group of calls is used to perform IDU protection and unprotection processing on an established IDUP environment. Some of these calls may block pending network interactions (depending on the underlying mechanism in use). These calls may be invoked by an IDU's protector or by the P-IDU's recipient. Members of this group form pairs; the output from the protection types of calls is typically meant to be input to the unprotection types of calls.
这组调用用于在已建立的IDU环境上执行IDU保护和取消保护处理。其中一些调用可能会阻止挂起的网络交互(取决于使用的底层机制)。这些呼叫可以由IDU的保护者或P-IDU的接收者调用。这一组的成员结成一对;保护类型调用的输出通常是非保护类型调用的输入。
The per-IDU calls can support caller-requested data origin authentication with data integrity, confidentiality with data integrity, evidence, and evidence-requested-from-target services.
每IDU呼叫可以支持呼叫方请求的数据源身份验证(具有数据完整性)、机密性(具有数据完整性)、证据以及从目标服务请求的证据。
The protection operations output a token which encapsulates all the information required to unprotect the IDU. The token is passed to the target (possibly separate from the M-IDU) and is processed by the unprotection calls at that system. Unprotection performs decipherment, DOA verification, evidence verification, or notification of evidence requested, as required.
保护操作输出一个令牌,该令牌封装了解除IDU保护所需的所有信息。令牌被传递到目标(可能与M-IDU分离),并由该系统上的取消保护调用进行处理。Unprotection根据需要执行解密、DOA验证、证据验证或请求的证据通知。
Each of the two main operations (protection and unprotection) may be separated into three parts: "Start_Operation"; "Operation" (which may be called once for each buffer of input data); and "End_Operation". This separation is available for the case where the IDU or P-IDU is to be processed one buffer at a time. "Start_Operation" allows the caller to specify or retrieve the appropriate "Quality" used during the processing. "Operation" is concerned with the processing itself, receiving a buffer of input data and potentially returning a buffer of output data. "End_Operation" performs any required clean-up and creates the appropriate token or states whether the input token was verified.
两个主要操作(保护和取消保护)可分为三个部分:“启动操作”;“操作”(每个输入数据缓冲区可调用一次);和“结束行动”。这种分离适用于一次处理一个缓冲区的IDU或P-IDU的情况。“启动_操作”允许调用方指定或检索处理过程中使用的适当“质量”。“操作”涉及处理本身,接收输入数据的缓冲区,并可能返回输出数据的缓冲区。“End_操作”执行任何所需的清理,并创建适当的令牌或说明是否验证了输入令牌。
If the IDU or P-IDU is wholly contained in a single buffer, the three-part protection/unprotection processing need not be done. Instead, protection or unprotection can be accomplished using only a single call, simplifying application code.
如果IDU或P-IDU完全包含在单个缓冲区中,则无需执行三部分保护/取消保护处理。相反,只需一次调用即可完成保护或取消保护,从而简化了应用程序代码。
The set of calls described in this section is used in place of the calls GSS_GetMIC(), GSS_VerifyMIC, GSS_Wrap(), and GSS_Unwrap() which are specified in [RFC-2078], since those calls are specific to a session-oriented environment.
本节中描述的调用集用于替代[RFC-2078]中指定的调用GSS_GetMIC()、GSS_VerifyMIC、GSS_Wrap()和GSS_Unwrap(),因为这些调用特定于面向会话的环境。
The "SE" group of calls provides a very simple, high-level interface to underlying IDUP mechanisms when application developers need access only to signature and encryption protection/unprotection services. It includes both the single-buffer and multiple-buffer IDU cases and can be used for signing only, encrypting only, signing and encrypting (in either order, and with or without visibility of the resulting signature), and "clear signing" (where the data is not modified in any way and the signature itself is returned as a separate item). [Note that encapsulation occurs in all cases except for clear signing, so that these calls provide functionality similar to the GSS_Wrap call.]
当应用程序开发人员只需要访问签名和加密保护/取消保护服务时,“SE”组调用为底层IDUP机制提供了一个非常简单的高级接口。它包括单缓冲区和多缓冲区IDU情况,并可用于仅签名、仅加密、签名和加密(按任意顺序,以及有无结果签名的可见性)和“清除签名”(其中数据未以任何方式修改,签名本身作为单独项返回)。[请注意,封装在除清除签名之外的所有情况下都会发生,因此这些调用提供类似于GSS_Wrap调用的功能。]
Note that the term "signing" is used in its most generic sense, not necessarily implying the use of public-key techniques. This concept has also been called "sealing" in other contexts (e.g., in other standardization efforts).
请注意,“签名”一词是在最一般的意义上使用的,不一定意味着使用公钥技术。在其他情况下(例如,在其他标准化工作中),这一概念也被称为“密封”。
The SE calls may be viewed by mechanism implementors as an "API" to the more powerful GP calls defined later and so may be implemented as simple mapping functions to those calls (when those optional calls are supported). Application callers, on the other hand, may find that the SE calls are all they currently need for many environments. At some time in the future when they have need of non-repudiation or "directed receipts" types of services, they may consider using the EV calls (or the GP calls -- when these are supported -- if complex and sophisticated combinations of services are required). To assist in this migration path, mechanism implementors are encouraged to support the full set of IDUP calls (i.e., the SE, EV, and GP calls) even though some calling applications will only use the SE calls in the short term.
机制实现者可以将SE调用视为以后定义的更强大的GP调用的“API”,因此可以将SE调用实现为这些调用的简单映射函数(当支持这些可选调用时)。另一方面,应用程序调用者可能会发现,对于许多环境,SE调用是他们当前所需要的全部。在将来的某一时刻,当他们需要不可否认或“定向收据”类型的服务时,他们可以考虑使用EV呼叫(或者GP呼叫——当这些被支持时)——如果需要复杂和复杂的服务组合)。为了帮助实现这一迁移路径,鼓励机制实现者支持全套IDUP调用(即SE、EV和GP调用),即使某些调用应用程序只在短期内使用SE调用。
The concept of "parameter bundles" is used in the calls presented in the following subsections in order to simplify their presentation and clarify their intended purpose and use. See Section 2.3.4.1 for a more complete description of parameter bundles.
“参数束”的概念在以下小节中介绍的调用中使用,以简化它们的表示并阐明它们的预期用途。有关参数束的更完整说明,请参见第2.3.4.1节。
The following parameter bundles are used in the "SE" protection and unprotection sets of calls.
以下参数束用于“SE”保护和取消保护调用集。
o Protect_Options PARAMETER BUNDLE o protect_operation INTEGER { sign_only (0), encrypt_only (1), sign_and_encrypt (2), -- let mechanism choose order (and readability of signature) sign_then_encrypt_data (3), -- sign, then encrypt plaintext (leaving signature in clear) sign_then_encrypt_full (4), -- sign, then encrypt everything (including signature) encrypt_then_sign (5), -- encrypt, then sign the ciphertext clear_sign_only (6) } OPTIONAL, o protect_oper_oid OBJECT IDENTIFIER OPTIONAL, -- may be used in place of above parameter if OID is known o sign_qop_alg UNSIGNED INTEGER, o sign_qop_algID AlgorithmIdentifier, --overrides sign_qop_alg o enc_qop_alg UNSIGNED INTEGER, o enc_qop_algID AlgorithmIdentifier, --overrides enc_qop_alg o idu_type_string OCTET STRING, -- type of the IDU ("data", "e-mail doc", MIME type, etc.) o pidu_type_string OCTET STRING, o mech_indep_encap_req BOOLEAN -- (see Appendix A)
o Protect_Options参数BUNDLE o Protect_操作整数{sign_only(0),encrypt_only(1),sign_and_encrypt(2),--让机制选择顺序(以及签名的可读性)sign_然后_encrypt_data(3),--sign,然后加密明文(保留清晰签名)sign_然后_encrypt_full(4),--sign,然后加密所有内容(包括签名)加密然后签名(5),--加密,然后签名密文clear\u sign\u only(6)}可选,o protect\u Operator\u oid OBJECT IDENTIFIER可选,--如果oid已知o sign\u qop\u alg UNSIGNED INTEGER,o sign\u qop\u algID algID algID AlgorithmIdentifier,-覆盖sign\u qop\u alg enc\u qop\u alg UNSIGNED INTEGER,则可替代上述参数,o enc_qop_algID算法标识符,--覆盖enc_qop_alg o idu类型字符串八位字符串,--idu类型(“数据”、“电子邮件文档”、MIME类型等)o pidu类型字符串八位字符串,o mech_indep_encap_req布尔值--(见附录A)
o PIDU_Information PARAMETER BUNDLE o protect_options Protect_Options, o originator_name INTERNAL NAME, o originator_role Originator_Role, -- (see Section 2.3.4.1) o protection_time INTEGER, o Bad_Target_Name PARAMETER BUNDLE, -- same as in Section 2.3.3.2 o bad_targ_name INTERNAL NAME, o bad_targ_status INTEGER, -- a status flag giving the reason for rejection of the name -- in bad_targ_name. Specified reasons include: -- SYNTAX_INVALID (0) the syntax of the name is invalid; -- NAME_UNRECOGNIZED (1) the name is not recognized; -- NAME_AMBIGUOUS (2) the name cannot be resolved; -- ACCESS_DENIED (3) access to this target is denied; -- CERTIFICATE_NOT_FOUND (4) the encryption certificate of the target could not be found.
o PIDU_信息参数BUNDLE o protect_options protect_options,o originator_name INTERNAL name,o originator_role originator_role,--(参见第2.3.4.1节)o protection_time INTEGER,o Bad_Target_name参数BUNDLE,--与第2.3.3.2节中相同o Bad_Target name INTERNAL name,o Bad_Target status INTEGER,--一个状态标志,给出拒绝该名称的原因--在bad_targ_名称中。指定的原因包括:--SYNTAX_INVALID(0)名称的语法无效;--名称\u无法识别(1)名称无法识别;——名称不明确(2)无法解析名称;——访问被拒绝(3)对此目标的访问被拒绝;——找不到证书(4)找不到目标的加密证书。
o Target_Info PARAMETER BUNDLE, -- same as in Section 2.3.3.2 o targ_names SET OF INTERNAL NAME, o bad_targ_count INTEGER, o bad_target_names SET OF Bad_Target_Name,
o 目标信息参数束,--与第2.3.3.2节中相同o内部名称的目标名称集,o坏目标计数整数,o坏目标名称集,
The following major_status return codes are defined for the "SE" calls in this section:
本节为“SE”调用定义了以下主要_状态返回码:
o GSS_S_COMPLETE o IDUP_S_MORE_OUTBUFFER_NEEDED -- returned (by any SE call) to indicate that there is more output -- data than can fit into the supplied buffers. The application -- should save the returned data and call again to retrieve the -- remaining output. o IDUP_S_MORE_PIDU_NEEDED -- indicates that more PIDU data is needed for the StartUnprotect -- operation (e.g., so that PIDU_Information or initial_idu_buffer -- may be returned). o IDUP_S_INCONSISTENT_PARAMS o GSS_S_CREDENTIALS_EXPIRED o IDUP_S_NO_ENV o GSS_S_BAD_QOP o GSS_S_FAILURE
o GSS_S_COMPLETE o IDUP_S_MORE_exputfer_NEEDED(通过任何SE调用)返回以指示有更多的输出——数据超出了提供的缓冲区的容量。应用程序--应该保存返回的数据并再次调用以检索--剩余的输出。o IDUP_S_MORE_PIDU_NEEDED——表示StartUnprotect——操作需要更多的PIDU数据(例如,这样可以返回PIDU_信息或初始的idu缓冲区)。o IDUP__参数不一致o GSS_凭证过期o IDUP__无环境o GSS_坏_质量o GSS_失败
If Target_Info is used as an input parameter (e.g., if an encryption operation is being performed), the following major_status return code is also defined:
如果目标_信息用作输入参数(例如,如果正在执行加密操作),则还将定义以下主要_状态返回码:
o IDUP_S_BAD_TARG_INFO
o IDUP\u S\u错误\u目标信息
Note for this return code that if one or more of the targets in targ_names cannot be used as a valid recipient of the P-IDU, these names will be returned in bad_targ_names (with associated status codes in bad_targ_status). As long as at least one of the targets can be used, however, this does not cause this call to fail (i.e., the failure code IDUP_S_BAD_TARG_INFO is not returned); it is the caller's choice to discontinue IDU protection if the target set which can be used is unsuitable for the caller's purposes.
请注意,对于此返回代码,如果targ_名称中的一个或多个目标不能用作P-IDU的有效收件人,则这些名称将以bad_targ_名称返回(相关状态代码处于bad_targ_状态)。但是,只要至少可以使用一个目标,这不会导致调用失败(即,不会返回失败代码IDUP\U S\U BAD\U TARG\U INFO);如果可以使用的目标集不适合呼叫者的目的,则呼叫者可以选择停止IDU保护。
Inputs: o env_handle ENVIRONMENT HANDLE, o Protect_Options PARAMETER BUNDLE, o Target_Info PARAMETER BUNDLE, o idu_buffer OCTET STRING o additional_protection BOOLEAN -- TRUE if idu_buffer is the output of a previous protection -- operation (i.e., if this is the second (or higher) in a -- series of SE/EV protection calls)
Inputs: o env_handle ENVIRONMENT HANDLE, o Protect_Options PARAMETER BUNDLE, o Target_Info PARAMETER BUNDLE, o idu_buffer OCTET STRING o additional_protection BOOLEAN -- TRUE if idu_buffer is the output of a previous protection -- operation (i.e., if this is the second (or higher) in a -- series of SE/EV protection calls)
Outputs: o major_status INTEGER, o minor_status INTEGER, o pidu_buffer OCTET STRING, o sig_token OCTET STRING -- used if Protect_Options is clear_sign_only
Outputs: o major_status INTEGER, o minor_status INTEGER, o pidu_buffer OCTET STRING, o sig_token OCTET STRING -- used if Protect_Options is clear_sign_only
Using the security environment referenced by env_handle, encrypt and/or sign the supplied IDU. If "clear signing" is performed, the signature will be returned in sig_token and pidu_buffer may be empty (depends on underlying mechanism).
使用env_handle引用的安全环境,对提供的IDU进行加密和/或签名。如果执行“清除签名”,签名将在sig_令牌中返回,并且pidu_缓冲区可能为空(取决于底层机制)。
Inputs: o env_handle ENVIRONMENT HANDLE, o pidu_buffer OCTET STRING, -- may contain an IDU if sig_token is non-NULL (i.e., if -- clear_sign_only protection was applied) o sig_token OCTET STRING
Inputs: o env_handle ENVIRONMENT HANDLE, o pidu_buffer OCTET STRING, -- may contain an IDU if sig_token is non-NULL (i.e., if -- clear_sign_only protection was applied) o sig_token OCTET STRING
Outputs: o major_status INTEGER, o minor_status INTEGER, o idu_buffer OCTET STRING, -- may be empty if clear_sign_only protection was applied (depends -- on underlying mechanism) o PIDU_Information PARAMETER BUNDLE o additional_unprotection BOOLEAN -- TRUE if idu_buffer should be input to another unprotection -- operation (i.e., if this should not be the last in a series -- of SE/EV unprotection calls)
Outputs: o major_status INTEGER, o minor_status INTEGER, o idu_buffer OCTET STRING, -- may be empty if clear_sign_only protection was applied (depends -- on underlying mechanism) o PIDU_Information PARAMETER BUNDLE o additional_unprotection BOOLEAN -- TRUE if idu_buffer should be input to another unprotection -- operation (i.e., if this should not be the last in a series -- of SE/EV unprotection calls)
Using the security environment referenced by env_handle, decrypt and/or verify the supplied PIDU and return the contained IDU along with all available PIDU_Information.
使用env_handle引用的安全环境,解密和/或验证提供的PIDU,并返回包含的IDU以及所有可用的PIDU_信息。
Inputs: o env_handle ENVIRONMENT HANDLE, o Protect_Options PARAMETER BUNDLE, o Target_Info PARAMETER BUNDLE, o additional_protection BOOLEAN, -- (see Section 2.3.2.4) o idu_size INTEGER -- (see Section 2.3.4.2)
Inputs: o env_handle ENVIRONMENT HANDLE, o Protect_Options PARAMETER BUNDLE, o Target_Info PARAMETER BUNDLE, o additional_protection BOOLEAN, -- (see Section 2.3.2.4) o idu_size INTEGER -- (see Section 2.3.4.2)
Outputs: o major_status INTEGER, o minor_status INTEGER, o initial_pidu_buffer OCTET STRING -- may be empty (depends on underlying mechanism)
输出:o大_状态整数、o小_状态整数、o初始_pidu_缓冲区八位字节字符串——可能为空(取决于底层机制)
Using the security environment referenced by env_handle, initialize the data structures required to begin the process of signing and/or encrypting the IDU (which will be supplied in multiple buffers to the Process_Buffer call).
使用env_handle引用的安全环境,初始化开始签名和/或加密IDU(将在多个缓冲区中提供给process_Buffer调用)过程所需的数据结构。
Inputs: o env_handle ENVIRONMENT HANDLE
输入:o环境句柄环境句柄
Outputs: o major_status INTEGER, o minor_status INTEGER, o final_pidu_buffer OCTET STRING, o sig_token OCTET STRING -- used if Protect_Options was clear_sign_only
Outputs: o major_status INTEGER, o minor_status INTEGER, o final_pidu_buffer OCTET STRING, o sig_token OCTET STRING -- used if Protect_Options was clear_sign_only
Using the security environment referenced by env_handle, complete the protection processing on the data and place the computed output in final_pidu_buffer and/or sig_token. Successful application of IDUP_SE_MultiBuffer_EndProtect() does not guarantee that unprotection can necessarily be performed successfully when the P-IDU arrives at the target (for example, it may be damaged in transit).
使用env_handle引用的安全环境,完成对数据的保护处理,并将计算出的输出放入final_pidu_缓冲区和/或sig_令牌中。成功应用IDUP_SE_MultiBuffer_EndProtect()并不保证在P-IDU到达目标时(例如,它可能在运输过程中损坏)可以成功执行解除保护。
Inputs: o env_handle ENVIRONMENT HANDLE, o initial_pidu_buffer OCTET STRING, o sign_qop_alg_in UNSIGNED INTEGER, -- used if Protect_Options was clear_sign_only (and calling -- application has prior knowledge of signing alg. applied); -- if NULL, then sig_token must be supplied o sig_token OCTET STRING -- used if Protect_Options was clear_sign_only; -- if NULL, then sign_qop_alg_in must be supplied
Inputs: o env_handle ENVIRONMENT HANDLE, o initial_pidu_buffer OCTET STRING, o sign_qop_alg_in UNSIGNED INTEGER, -- used if Protect_Options was clear_sign_only (and calling -- application has prior knowledge of signing alg. applied); -- if NULL, then sig_token must be supplied o sig_token OCTET STRING -- used if Protect_Options was clear_sign_only; -- if NULL, then sign_qop_alg_in must be supplied
Outputs: o major_status INTEGER, o minor_status INTEGER, o PIDU_Information PARAMETER BUNDLE, -- returns all available information
输出:o主_状态整数、o次_状态整数、o PIDU_信息参数束,--返回所有可用信息
o initial_idu_buffer OCTET STRING -- may be empty
o 初始\u idu\u缓冲区八位字节字符串--可能为空
Using the security environment referenced by env_handle, initialize the data structures required to begin the process of decrypting and/or verifying the PIDU (which will be supplied in multiple buffers to the Process_Buffer call).
使用env_handle引用的安全环境,初始化开始解密和/或验证PIDU过程所需的数据结构(将在多个缓冲区中提供给process_Buffer调用)。
The parameters sign_qop_alg_in and sig_token should not both be supplied (i.e., they should not both be non-NULL). If they are both non-NULL, however, sig_token is taken to be authoritative since this is the token created at protection time and therefore is guaranteed to carry the information needed to unprotect.
参数sign_qop_alg_in和sig_token不应同时提供(即,它们不应都为非NULL)。但是,如果它们都不为空,则sig_令牌将被视为权威令牌,因为这是在保护时创建的令牌,因此保证携带解除保护所需的信息。
Inputs: o env_handle ENVIRONMENT HANDLE, o sig_token OCTET STRING OPTIONAL -- used if Protect_Options was clear_sign_only and sig_token was -- not available when StartUnprotect was called
Inputs: o env_handle ENVIRONMENT HANDLE, o sig_token OCTET STRING OPTIONAL -- used if Protect_Options was clear_sign_only and sig_token was -- not available when StartUnprotect was called
Outputs: o major_status INTEGER, o minor_status INTEGER, o PIDU_Information PARAMETER BUNDLE, -- returns all available information o final_idu_buffer OCTET STRING -- may be empty o additional_unprotection BOOLEAN -- (see Section 2.3.2.5)
Outputs: o major_status INTEGER, o minor_status INTEGER, o PIDU_Information PARAMETER BUNDLE, -- returns all available information o final_idu_buffer OCTET STRING -- may be empty o additional_unprotection BOOLEAN -- (see Section 2.3.2.5)
Using the security environment referenced by env_handle, complete the decryption and/or verification processing on the data and place any residual output in final_idu_buffer.
使用env_handle引用的安全环境,完成对数据的解密和/或验证处理,并将任何剩余输出放入最终的_idu_缓冲区。
Inputs: o env_handle ENVIRONMENT HANDLE, o input_buffer OCTET STRING,
输入:o环境句柄环境句柄,o输入缓存八位字节字符串,
Outputs: o major_status INTEGER, o minor_status INTEGER, o output_buffer OCTET STRING -- may be zero length (depends on underlying mechanism and -- corresponding Start() call and Protect_Options value)
Outputs: o major_status INTEGER, o minor_status INTEGER, o output_buffer OCTET STRING -- may be zero length (depends on underlying mechanism and -- corresponding Start() call and Protect_Options value)
Using the security environment referenced by env_handle, continue the processing on the data in input_buffer and, if it is available, put any resulting output data in output_buffer. The application calls this routine over and over again with new buffers of data until it has processed all the data buffers of the IDU/PIDU. It then calls the appropriate End() call to complete the processing.
使用env_handle引用的安全环境,继续对input_buffer中的数据进行处理,如果可用,则将生成的任何输出数据放入output_buffer。应用程序使用新的数据缓冲区反复调用此例程,直到处理完IDU/PIDU的所有数据缓冲区。然后调用相应的End()调用来完成处理。
The "EV" group of calls provides a simple, high-level interface to underlying IDUP mechanisms when application developers need to deal only with evidence but not with encryption or integrity services. It includes both the single-buffer and multiple-buffer IDU cases and can be used for the generation and verification of evidence tokens embodying several different types of evidences.
当应用程序开发人员只需要处理证据而不需要处理加密或完整性服务时,“EV”组调用为底层IDUP机制提供了一个简单的高级接口。它包括单缓冲区和多缓冲区IDU案例,可用于生成和验证包含多种不同类型证据的证据令牌。
The following list of evidence types is supported. This list is by no means exhaustive and it is anticipated that it may be extended in future versions of this specification.
支持以下证据类型列表。本清单并非详尽无遗,预计可在本规范的未来版本中扩展。
"Non-repudiation of Origin" prevents a message creator's false denial of creating and sending a message.
“来源不可否认性”可防止邮件创建者错误拒绝创建和发送邮件。
"Non-repudiation of Creation" prevents a message creator's false denial of creating a message.
“创建的不可否认性”防止消息创建者错误地拒绝创建消息。
"Non-repudiation of Sender" prevents a message creator's false denial of sending a message (that was not necessarily created by the sender).
“发件人的不可抵赖性”可防止邮件创建者错误拒绝发送邮件(不一定由发件人创建)。
"Non-repudiation of Delivery" prevents a message recipient's false denial of having received and looked at the content of a message.
“不可否认传递”可防止邮件收件人错误地拒绝接收和查看邮件内容。
"Non-repudiation of Receipt" prevents a message recipient's false denial of having received a message (whose content was not necessarily looked at by the recipient).
“不可否认接收”可防止邮件收件人错误地拒绝接收邮件(其内容不一定由收件人查看)。
"Non-repudiation of Approval" prevents a message recipient's false denial of having approved the content of a received message.
“不可否认批准”可防止邮件收件人错误拒绝已批准接收邮件的内容。
An evidence is provided in the form of a evidence token. Two forms of evidence tokens are supported:
证据以证据令牌的形式提供。支持两种形式的证据令牌:
o Tokens including the associated data,
o 包括关联数据的令牌,
o Tokens without included data (but with a unique reference to the associated data).
o 不包含数据的令牌(但具有对关联数据的唯一引用)。
Evidence tokens may be freely distributed. Any possessor of an evidence token (and of the associated data, if not included in the token) can verify the evidence if it has the appropriate credentials which include the definition of security policies (i.e., keys alone do not permit the verification of evidence tokens). Any holder of an evidence token may store it (along with the associated data, if not included in the token) for later verification.
证据代币可以自由分发。如果证据令牌(以及相关数据,如果不包括在令牌中)拥有包括安全策略定义在内的适当凭证(即,仅密钥不允许验证证据令牌),则证据令牌(以及相关数据,如果不包括在令牌中)的任何拥有者都可以验证该证据。证据令牌的任何持有人都可以存储该令牌(以及相关数据,如果未包含在令牌中),以供以后验证。
Calls that are specific to the support of evidence include:
特定于证据支持的电话包括:
* Generate_token, which generates a non-repudiation token using the current environment. The generated token may consist of:
* Generate_token,它使用当前环境生成不可否认令牌。生成的令牌可以包括:
1 - an evidence token 2 - a token containing a request for an evidence, which carries information describing which evidence type should be generated by the recipient(s) and sent back to some entities (that may or may not include the sender). 3 - a token containing an evidence token which is an answer to an evidence that has been previously requested. 4 - a token including both an evidence and a request for another evidence to be provided.
1-证据令牌2-包含证据请求的令牌,其中包含描述接收方应生成并发送回某些实体(可能包括也可能不包括发送方)的证据类型的信息。3-包含证据令牌的令牌,该令牌是对先前请求的证据的回答。4-一种令牌,包括证据和提供另一证据的请求。
* Verify_evidence, which verifies the evidence token using the current environment. This operation returns a major_status code which can be used to determine whether the evidence contained in a token is complete (i.e., can be successfully verified (perhaps years) later). If a token's evidence is not complete, the token can be passed to form_complete_pidu to complete it.
* Verify_证据,它使用当前环境验证证据令牌。此操作返回一个主_状态代码,该代码可用于确定令牌中包含的证据是否完整(即,可以在几年后成功验证)。如果令牌的证据不完整,则可以将令牌传递到form_complete_pidu以完成它。
Additional useful calls for evidence services include: * IDUP_Get_token_details (see Section 2.5.3); * IDUP_Form_Complete_PIDU (see Section 2.4.2).
其他有用的证据服务调用包括:*IDUP_Get_token_详细信息(见第2.5.3节);*填写表格(见第2.4.2节)。
The following parameter bundles are used in the "EV" protection and unprotection sets of calls.
以下参数束用于“EV”保护和取消保护调用集。
o Nr_Options PARAMETER BUNDLE o evidence_type INTEGER { no_evidence (0) -- used when request-only token desired proof_of_receipt (1), proof_of_delivery (2),
o Nr_Options参数BUNDLE o evidence_type INTEGER{no_evidence(0)--当仅请求令牌所需的_收据证明(1)、_交付证明(2)时使用,
proof_of_approval (3), proof_of_creation (4), proof_of_sender (5), proof_of_origin (6) } OPTIONAL, o evidence_type_oid OBJECT IDENTIFIER OPTIONAL, -- may be used in place of above parameter if OID is known o evidence_validity_duration INTEGER, -- duration_in_minutes -- DURATION_HOUR = 60; -- DURATION_DAY = 1440; -- DURATION_WEEK = 10080; -- DURATION_MONTH = 43200;// 30 days -- DURATION_YEAR = 525600;//365 days o mech_indep_encap_req BOOLEAN -- (see Appendix A)
proof_of_approval (3), proof_of_creation (4), proof_of_sender (5), proof_of_origin (6) } OPTIONAL, o evidence_type_oid OBJECT IDENTIFIER OPTIONAL, -- may be used in place of above parameter if OID is known o evidence_validity_duration INTEGER, -- duration_in_minutes -- DURATION_HOUR = 60; -- DURATION_DAY = 1440; -- DURATION_WEEK = 10080; -- DURATION_MONTH = 43200;// 30 days -- DURATION_YEAR = 525600;//365 days o mech_indep_encap_req BOOLEAN -- (see Appendix A)
o Originator_Information PARAMETER BUNDLE o token_generator_name INTERNAL NAME, -- obtained from the credentials of the originator -- (e.g., from its public key certificate) o token_generator_role Originator_Role OPTIONAL, -- (see Section 2.3.4.1) o protection_time INTEGER OPTIONAL
o 发起人信息参数BUNDLE o token_generator_name INTERNAL name,--从发起人的凭据中获取--(例如,从其公钥证书中)o token_generator_role发起人_role可选,-(参见第2.3.4.1节)o protection_time INTEGER可选
o Bad_Target_Name PARAMETER BUNDLE -- (see Section 2.3.2.2) o bad_targ_name INTERNAL NAME, o bad_targ_status INTEGER -- a status flag giving the reason for rejection of the -- name in bad_targ_name
o Bad_Target_Name参数包--(参见第2.3.2.2节)o Bad_targ_Name内部名称,o Bad_targ_status INTEGER--一个状态标志,给出拒绝Bad_targ_Name中--Name的原因
o Target_Info PARAMETER BUNDLE -- same as in Section 2.3.2.2 o targ_names SET OF INTERNAL NAME, o bad_targ_count INTEGER, o bad_target_names SET OF Bad_Target_Name
o 目标信息参数包——与第2.3.2.2节相同o内部名称的目标名称集,o错误目标计数整数,o错误目标名称的错误目标名称集
o Request_Features PARAMETER BUNDLE o requested_evidence_type INTEGER { no_evidence (0), - used when no token desired proof_of_receipt (1), proof_of_delivery (2), proof_of_approval (3), }, o nr_req_policy OBJECT IDENTIFIER, o evidence_from Target_Info, o evidence_to Target_Info, o include_received_token_in_evidence BOOLEAN
o 请求\u的特征是参数BUNDLE o requested\u defence\u type INTEGER{no\u defence(0),-在没有令牌需要接收证明(1)、发送证明(2)、批准证明(3)时使用,},o nr\u req\u策略对象标识符,o来自目标信息的证据,o证据到目标信息,o将接收到的令牌包含在证据中
The following data_type is used in the "EV" protection calls.
以下数据类型用于“EV”保护呼叫。
o Nr_Operation INTEGER { evidence_and_or_evidence_request (1), returned_evidence (2) }
o Nr_操作整数{证据和或证据请求(1),返回证据(2)}
The following major_status return codes are defined for the "EV" calls in this section:
本节为“EV”呼叫定义了以下主要_状态返回码:
o GSS_S_COMPLETE -- indicates that the evidence is complete o IDUP_S_INCOMPLETE o IDUP_S_MORE_OUTBUFFER_NEEDED -- returned (by any EV call) to indicate that there is more output -- data than can fit into the supplied buffers. The application -- should save the returned data and call again to retrieve the -- remaining output. o IDUP_S_INCONSISTENT_PARAMS o GSS_S_CREDENTIALS_EXPIRED o IDUP_S_NO_MATCH o IDUP_S_NO_ENV o GSS_S_FAILURE
o GSS_S_COMPLETE(GSS_S_COMPLETE)——表示证据已完成或IDUP_S_不完整或IDUP_S_需要更多的突发事件——返回(通过任何EV调用)以表示有更多的输出——数据无法放入提供的缓冲区。应用程序--应该保存返回的数据并再次调用以检索--剩余的输出。o IDUP\u S\u参数不一致o GSS\u凭据过期o IDUP\u S\u不匹配o IDUP\u S\u不环境o GSS\u失败
If Target_Info is used as an input parameter (i.e., if an evidence is being requested ), the following major_status return code is also defined:
如果将目标_信息用作输入参数(即,如果正在请求证据),则还将定义以下主要_状态返回代码:
o IDUP_S_BAD_TARG_INFO
o IDUP\u S\u错误\u目标信息
Note for this return code that if one or more of the targets in targ_names cannot be used as a valid recipient of the P-IDU, these names will be returned in bad_targ_names (with associated status codes in bad_targ_status). As long as at least one of the targets can be used, however, this does not cause this call to fail (i.e., the failure code IDUP_S_BAD_TARG_INFO is not returned); it is the caller's choice to discontinue IDU protection if the target set which can be used is unsuitable for the caller's purposes.
请注意,对于此返回代码,如果targ_名称中的一个或多个目标不能用作P-IDU的有效收件人,则这些名称将以bad_targ_名称返回(相关状态代码处于bad_targ_状态)。但是,只要至少可以使用一个目标,这不会导致调用失败(即,不会返回失败代码IDUP\U S\U BAD\U TARG\U INFO);如果可以使用的目标集不适合呼叫者的目的,则呼叫者可以选择停止IDU保护。
Inputs: o env_handle ENVIRONMENT HANDLE, o nr_operation Nr_Operation, o Nr_Options PARAMETER BUNDLE, o idu_buffer OCTET STRING, o form_complete_pidu BOOLEAN, -- if TRUE the implementation will attempt to form a complete PIDU o include_data_in_token BOOLEAN,
Inputs: o env_handle ENVIRONMENT HANDLE, o nr_operation Nr_Operation, o Nr_Options PARAMETER BUNDLE, o idu_buffer OCTET STRING, o form_complete_pidu BOOLEAN, -- if TRUE the implementation will attempt to form a complete PIDU o include_data_in_token BOOLEAN,
-- if TRUE, data provided in idu_buffer will be included in the -- generated token; if FALSE, the data will not be included o Request_Features PARAMETER BUNDLE -- the type of the evidence that is requested; -- policy under which the returned evidence should be generated; -- the recipients that are supposed to send back an evidence; -- the recipients that should receive the requested evidence; -- an indicator include_received_token_in_evidence: -- if TRUE, the evidence token incorporating the request will be -- included in the data for which recipients will generate -- evidence; if FALSE, evidence will be generated using only -- the data (and not the token incorporating the request). o additional_protection BOOLEAN -- (see Section 2.3.2.4)
-- if TRUE, data provided in idu_buffer will be included in the -- generated token; if FALSE, the data will not be included o Request_Features PARAMETER BUNDLE -- the type of the evidence that is requested; -- policy under which the returned evidence should be generated; -- the recipients that are supposed to send back an evidence; -- the recipients that should receive the requested evidence; -- an indicator include_received_token_in_evidence: -- if TRUE, the evidence token incorporating the request will be -- included in the data for which recipients will generate -- evidence; if FALSE, evidence will be generated using only -- the data (and not the token incorporating the request). o additional_protection BOOLEAN -- (see Section 2.3.2.4)
Outputs: o major_status INTEGER, o minor_status INTEGER, o token OCTET STRING, o evidence_check OCTET STRING, -- present only if an evidence is requested. Consists of data to -- be used to verify the requested token(s) (if any) when they are -- received.
Outputs: o major_status INTEGER, o minor_status INTEGER, o token OCTET STRING, o evidence_check OCTET STRING, -- present only if an evidence is requested. Consists of data to -- be used to verify the requested token(s) (if any) when they are -- received.
Description:
说明:
This operation generates a non-repudiation token associated with the data passed in an input buffer. Two kinds of operations can be performed (using the Nr_Operation parameter):
此操作生成与输入缓冲区中传递的数据相关联的不可否认令牌。可以执行两种操作(使用Nr_操作参数):
a) generating a token that includes either an evidence only, or an evidence request only, or both an evidence and an evidence request;
a) 生成仅包含证据或仅包含证据请求,或同时包含证据和证据请求的令牌;
b) generating a response token for some recipients that includes an evidence generated as a response to a request (in this case the idu_buffer is used to enter the request token that was received).
b) 为某些收件人生成响应令牌,其中包括作为请求响应生成的证据(在这种情况下,idu_缓冲区用于输入接收到的请求令牌)。
It is possible to request the generation of complete evidence. This may succeed or fail; if it fails, a subsequent call to Form_Complete_PIDU can be made.
可以要求生成完整的证据。这可能成功,也可能失败;如果失败,可以调用Form_Complete_PIDU。
Inputs: o env_handle ENVIRONMENT HANDLE, o token OCTET STRING, o external_idu_buffer OCTET STRING, -- if not present within the token
输入:o env_handle环境句柄,o token八位字节字符串,o external_idu_buffer八位字节字符串,--如果令牌中不存在
o evidence_check OCTET STRING, -- present only if the input token is a response to a previous -- request for evidence (this parameter is used to validate that -- evidence).
o 证据\u检查八位字节字符串,--仅当输入标记是对上一个--证据请求的响应时出现(此参数用于验证--证据)。
Outputs: o major_status INTEGER, o minor_status INTEGER, o Nr_Options PARAMETER BUNDLE, o Originator_Information PARAMETER BUNDLE, o Request_Features PARAMETER BUNDLE, o trusted_time_stamping_time INTEGER OPTIONAL, -- present for informational purposes only o complete_evidence_before INTEGER OPTIONAL, -- if the major status code that is returned is -- IDUP_S_INCOMPLETE, IDUP_Form_Complete_PIDU should be called -- with the same token before this time. -- This may be required, for example, in order to insure that -- the time skew between the evidence generation time and -- the trusted time service's countersignature on the evidence -- falls within the interval allowed by the current NR policy. o complete_evidence_after INTEGER OPTIONAL, -- if the major status code that is returned is -- IDUP_S_INCOMPLETE, IDUP_Form_Complete_PIDU should be called -- with the same token after this time. -- This may be required, for example, to insure that all -- authorities involved in generating the evidence have passed -- the last time at which the current NR policy allows them to -- repudiate their keys. o encapsulated_idu_buffer OCTET STRING -- if the IDU was present within the token o additional_unprotection BOOLEAN -- (see Section 2.3.2.5)
Outputs: o major_status INTEGER, o minor_status INTEGER, o Nr_Options PARAMETER BUNDLE, o Originator_Information PARAMETER BUNDLE, o Request_Features PARAMETER BUNDLE, o trusted_time_stamping_time INTEGER OPTIONAL, -- present for informational purposes only o complete_evidence_before INTEGER OPTIONAL, -- if the major status code that is returned is -- IDUP_S_INCOMPLETE, IDUP_Form_Complete_PIDU should be called -- with the same token before this time. -- This may be required, for example, in order to insure that -- the time skew between the evidence generation time and -- the trusted time service's countersignature on the evidence -- falls within the interval allowed by the current NR policy. o complete_evidence_after INTEGER OPTIONAL, -- if the major status code that is returned is -- IDUP_S_INCOMPLETE, IDUP_Form_Complete_PIDU should be called -- with the same token after this time. -- This may be required, for example, to insure that all -- authorities involved in generating the evidence have passed -- the last time at which the current NR policy allows them to -- repudiate their keys. o encapsulated_idu_buffer OCTET STRING -- if the IDU was present within the token o additional_unprotection BOOLEAN -- (see Section 2.3.2.5)
Description:
说明:
Verifies the validity and discloses the content of a nr_token.
验证有效性并公开nr_令牌的内容。
If the token containing the evidence to be verified was provided to the calling application by a partner responding to the calling application's request, then the calling application must pass the evidence check it received when it generated the request as a parameter along with the token it received from the partner.
如果包含要验证的证据的令牌是由响应调用应用程序请求的伙伴提供给调用应用程序的,则调用应用程序必须通过在生成作为参数的请求时收到的证据检查以及从伙伴收到的令牌。
Output indicators are provided which give guidance about the time or times at which form_complete_pidu should be called; see the parameter descriptions for explanations of these indicators and their use. Note that the time specified by complete_evidence_before may be earlier than that specified by complete_evidence_after; in this case it will
提供了输出指示器,用于指导应调用form_complete_pidu的时间;有关这些指示器及其使用的说明,请参见参数说明。请注意,之前的完整证据指定的时间可能早于之后的完整证据指定的时间;在这种情况下,它将
be necessary to call form_complete_pidu twice.
有必要调用表单_complete_pidu两次。
Because keys can be revoked or declared compromised, the return from verify_evidence cannot in all cases be a definitive "valid" or "invalid"; sometimes "conditionally valid" may be returned, depending upon the policy in use. IDUP_S_INCOMPLETE will be returned, for example, if:
因为密钥可以被撤销或声明泄露,所以从verify_证据返回的结果在所有情况下都不能是确定的“有效”或“无效”;有时可能会返回“有条件有效”,具体取决于使用的策略。将返回IDUP_S_complete,例如,如果:
- the interval during which the generator of the evidence may permissibly declare his key invalid has not yet expired (and therefore it is possible that the evidence may be declared invalid in the future), or
- 证据生成人可允许宣布其密钥无效的时间间隔尚未到期(因此,证据可能在将来被宣布无效),或
- trusted time is required for verification, and the time obtained from the token is not trusted.
- 验证需要可信时间,从令牌获得的时间不可信。
Inputs: o env_handle ENVIRONMENT HANDLE, o nr_operation Nr_Operation, o Nr_Options PARAMETER BUNDLE, o form_complete_pidu BOOLEAN, o include_data_in_token BOOLEAN, o idu_size INTEGER, -- (see Section 2.3.4.2) o Request_Features PARAMETER BUNDLE o additional_protection BOOLEAN -- (see Section 2.3.2.4)
Inputs: o env_handle ENVIRONMENT HANDLE, o nr_operation Nr_Operation, o Nr_Options PARAMETER BUNDLE, o form_complete_pidu BOOLEAN, o include_data_in_token BOOLEAN, o idu_size INTEGER, -- (see Section 2.3.4.2) o Request_Features PARAMETER BUNDLE o additional_protection BOOLEAN -- (see Section 2.3.2.4)
Outputs: o major_status INTEGER, o minor_status INTEGER, o initial_pidu_buffer OCTET STRING -- may be empty (depends on underlying mechanism)
输出:o大_状态整数、o小_状态整数、o初始_pidu_缓冲区八位字节字符串——可能为空(取决于底层机制)
Description:
说明:
Using the security environment referenced by env_handle, initialize the data structures required to begin the generation of a token. The IDU will be supplied in multiple buffers to the IDUP_EV_Process_Buffer call). Two kinds of operations can be performed (using the Nr_Operation parameter) :
使用env_handle引用的安全环境,初始化开始生成令牌所需的数据结构。IDU将在多个缓冲区中提供给IDUP_EV_进程(缓冲区调用)。可以执行两种操作(使用Nr_操作参数):
a) generating a token that includes either an evidence only, or an evidence request only, or both an evidence and an evidence request.
a) 生成一个令牌,该令牌既包括仅证据,也包括仅证据请求,或者同时包括证据和证据请求。
b) generating a return token for some recipients that includes an evidence generated as a response to a request. In that case the received token will be passed into the subsequent IDUP_EV_Process_Buffer calls. The boolean include_data_in_token is ignored as the output will always be contained in a single token. The Request_Features are ignored in that case at this time in order to keep things simple and to avoid the piggy-backing that is theoretically possible.
b) 为某些收件人生成返回令牌,该令牌包括作为请求响应生成的证据。在这种情况下,接收到的令牌将被传递到后续的IDUP\u EV\u进程\u缓冲区调用中。忽略布尔值include_data_in_令牌,因为输出将始终包含在单个令牌中。在这种情况下,此时将忽略Request_特性,以保持简单,并避免理论上可能的背驮。
It is possible to request the generation of complete evidence. This may succeed or fail; if it fails, a subsequent call to Form_Complete_PIDU can be made.
可以要求生成完整的证据。这可能成功,也可能失败;如果失败,可以调用Form_Complete_PIDU。
Inputs: o env_handle ENVIRONMENT HANDLE
输入:o环境句柄环境句柄
Outputs: o major_status INTEGER, o minor_status INTEGER, o final_pidu OCTET STRING, o token OCTET STRING, o evidence_check OCTET STRING -- present only if an evidence is requested.
Outputs: o major_status INTEGER, o minor_status INTEGER, o final_pidu OCTET STRING, o token OCTET STRING, o evidence_check OCTET STRING -- present only if an evidence is requested.
Description:
说明:
Using the security environment referenced by env_handle, provide the requested token or the final P-IDU. A token will be generated if encapsulation was not requested; otherwise, the final P-IDU is provided.
使用env_handle引用的安全环境,提供请求的令牌或最终的P-IDU。如果未请求封装,将生成令牌;否则,将提供最终的P-IDU。
Inputs: o env_handle ENVIRONMENT HANDLE, o token OCTET STRING, o evidence_check OCTET STRING, -- present only if an evidence has been previously requested.
输入:o env_handle环境句柄、o token八位字节字符串、o证据检查八位字节字符串,--仅当先前请求了证据时才显示。
Outputs: o major_status INTEGER, o minor_status INTEGER
输出:o主\u状态整数,o次\u状态整数
Description:
说明:
Using the security environment referenced by env_handle, initialize the data structures required to begin the process of verifying the token. The P-IDU will be supplied in multiple buffers to the IDUP_EV_Process_Buffer call.
使用env_handle引用的安全环境,初始化开始验证令牌过程所需的数据结构。P-IDU将在多个缓冲区中提供给IDUP\u EV\u进程\u缓冲区调用。
Input: o env_handle ENVIRONMENT HANDLE
输入:o环境句柄环境句柄
Outputs: o major_status INTEGER, o minor_status INTEGER, o Nr_Options PARAMETER BUNDLE, o Originator_Information PARAMETER BUNDLE, o Request_Features PARAMETER BUNDLE, o trusted_time_stamping_time INTEGER OPTIONAL, o complete_evidence_before INTEGER OPTIONAL, o complete_evidence_after INTEGER OPTIONAL, o idu_buffer OCTET STRING -- if the IDU was present within the token o additional_unprotection BOOLEAN -- (see Section 2.3.2.5)
Outputs: o major_status INTEGER, o minor_status INTEGER, o Nr_Options PARAMETER BUNDLE, o Originator_Information PARAMETER BUNDLE, o Request_Features PARAMETER BUNDLE, o trusted_time_stamping_time INTEGER OPTIONAL, o complete_evidence_before INTEGER OPTIONAL, o complete_evidence_after INTEGER OPTIONAL, o idu_buffer OCTET STRING -- if the IDU was present within the token o additional_unprotection BOOLEAN -- (see Section 2.3.2.5)
Description:
说明:
Using the security environment referenced by env_handle, complete the verification processing on the data and provide verified output parameters to the caller when the major status code is either:
使用env_handle引用的安全环境,完成对数据的验证处理,并在主要状态代码为以下任一状态时向调用者提供已验证的输出参数:
o GSS_S_COMPLETE or o IDUP_S_INCOMPLETE
o GSS__完成或o IDUP_未完成
Inputs: o env_handle ENVIRONMENT HANDLE, o input_buffer OCTET STRING
输入:o环境句柄环境句柄,o输入缓存八位字节字符串
Outputs: o major_status INTEGER, o minor_status INTEGER, o output_buffer OCTET STRING -- may be zero length (depends on underlying mechanism and -- corresponding Generate () call and options -- (e.g., data_included_in_token)
Outputs: o major_status INTEGER, o minor_status INTEGER, o output_buffer OCTET STRING -- may be zero length (depends on underlying mechanism and -- corresponding Generate () call and options -- (e.g., data_included_in_token)
Description:
说明:
Using the security environment referenced by env_handle, continue the processing on the data in input_buffer and, if it is available, put any resulting output data in output_buffer. The application calls this routine over and over again with new buffers of data until it has processed all the data buffers of the IDU/PIDU. It then calls the appropriate End() call to complete the processing.
使用env_handle引用的安全环境,继续对input_buffer中的数据进行处理,如果可用,则将生成的任何输出数据放入output_buffer。应用程序使用新的数据缓冲区反复调用此例程,直到处理完IDU/PIDU的所有数据缓冲区。然后调用相应的End()调用来完成处理。
The "GP" group of calls provides a powerful interface to flexible and sophisticated combinations of protection and unprotection services. This power and flexibility, however, necessitates a more complex interface than either the SE or the EV calls. Furthermore, such combinations of services are not needed in many of the security mechanisms in common use today (although this is likely to change as time goes on). The GP calls are therefore specified to be OPTIONAL and need not be supported by IDUP-conformant implementations. Note, however, that the structure of IDUP tokens should be such that the SE/EV and GP calls may be used interchangably by the receiver.
“GP”组调用为保护和非保护服务的灵活复杂组合提供了强大的接口。然而,这种能力和灵活性需要比SE或EV调用更复杂的接口。此外,在当今许多常用的安全机制中,不需要这样的服务组合(尽管这可能会随着时间的推移而改变)。因此,GP调用被指定为可选的,不需要符合IDUP的实现支持。然而,请注意,IDUP令牌的结构应当使得接收器可以互换地使用SE/EV和GP呼叫。
The concept of "parameter bundles" is used in the calls presented in the following subsections in order to simplify their presentation and clarify their intended purpose and use (note that specific language bindings may or may not use parameter bundles for its actual calling conventions). A parameter bundle is simply a set of closely-related parameters of a call which are either all used by / available to the calling application or all not used by / unavailable to the calling application. These parameters may be all input parameters, all output parameters, or any combination of the two.
“参数束”的概念在以下小节中介绍的调用中使用,以简化它们的表示并阐明它们的预期目的和用途(请注意,特定的语言绑定可能使用参数束,也可能不使用参数束进行实际的调用约定)。参数包只是调用的一组密切相关的参数,这些参数要么全部由调用应用程序使用/可用,要么全部不由调用应用程序使用/不可用。这些参数可以是所有输入参数、所有输出参数或两者的任意组合。
An example use envisioned for parameter bundles in a language such as C would be as a structure, where individual parameters in the bundle are structure members. The calling application wishing to use a particular bundle would then allocate the appropriate structure variable, assign the desired input values to the appropriate members, and pass the address of the structure as the bundle "parameter". On output, the values of the appropriate output members may be read. An application not wishing to use a particular bundle (or one which is satisfied with default values for all input parameters of the bundle and which doesn't care about output values), can pass NULL as the bundle "parameter". From the mechanism implementor's perspective, if a parameter bundle is not supported (for example, if it represents a security service which is not supported by the implementation), then any non-NULL value passed as the bundle parameter will generate an
在诸如C这样的语言中,参数束的一个示例用途是作为结构,其中束中的各个参数是结构成员。希望使用特定bundle的调用应用程序随后将分配适当的结构变量,将所需的输入值分配给适当的成员,并将结构的地址作为bundle“参数”传递。在输出时,可以读取相应输出成员的值。不希望使用特定bundle的应用程序(或满足bundle所有输入参数的默认值且不关心输出值的应用程序)可以将NULL作为bundle“参数”传递。从机制实现者的角度来看,如果不支持参数bundle(例如,如果它表示实现不支持的安全服务),那么作为bundle参数传递的任何非NULL值都将生成
error status return code.
错误状态返回代码。
[Note that the parameter bundles given below, except where explicitly referenced by the SE and EV calls, are specific to the (optional) GP calls. Thus, these bundles need not be supported by IDUP-conformant implementations if the GP calls are not supported.]
[请注意,以下给出的参数包(SE和EV调用明确引用的参数包除外)特定于(可选)GP调用。因此,如果GP调用不受支持,则符合IDUP的实现不需要支持这些包。]
The following parameter bundles are used in the subsequent protection and unprotection sets of calls. A parameter preceded by "(I)" is an input parameter; one preceded by "(O)" is an output parameter; one preceded by neither is an input if the bundle itself is an input and is an output if the bundle itself is an output; one preceded by "(X)" is the opposite: an output if the bundle itself is an input and an input if the bundle itself is an output.
以下参数束用于后续的保护和取消保护调用集。“I”前面的参数是输入参数;一个前面带有“(O)”的参数是输出参数;如果bundle本身是一个输入,则前面加上两者都不是输入;如果bundle本身是一个输出,则前面加上两者都不是输入;“X”前面的一个是相反的:如果捆绑包本身是输入,则为输出;如果捆绑包本身是输出,则为输入。
o Mech_Specific_Info PARAMETER BUNDLE -- actual parameters included in this bundle are defined by (and -- specific to) the underlying mechanism
o Mech_-Specific_-Info参数包——此包中包含的实际参数由底层机制定义(和——特定于)
o Sensitivity PARAMETER BUNDLE, -- actual parameters included in this bundle are defined by (and -- specific to) the underlying mechanism, but may include -- codified values for "Unclassified", "Secret", "Top Secret", -- and so on
o 敏感度参数束,--此束中包含的实际参数由底层机制定义(具体到),但可能包括--“未分类”、“机密”、“绝密”等的编码值
o Service_Creation_Info PARAMETER BUNDLE -- actual parameters included in this bundle are defined by (and -- specific to) the underlying mechanism, but it is mandatory -- that they include at least service_id and Quality
o Service_Creation_Info PARAMETER BUNDLE--此BUNDLE中包含的实际参数是由底层机制定义的(并且是特定于底层机制的),但必须至少包含Service_id和Quality
o Service_Verification_Info PARAMETER BUNDLE -- actual parameters included in this bundle are defined by (and -- specific to) the underlying mechanism, but it is mandatory -- that they include at least service_id and Quality
o Service_Verification_Info参数BUNDLE——此BUNDLE中包含的实际参数由底层机制定义(并且——特定于底层机制),但必须至少包含Service_id和Quality
o Quality PARAMETER BUNDLE o qop_algs UNSIGNED INTEGER, o qop_algID AlgorithmIdentifier, --overrides qop_algs o validity UNSIGNED INTEGER, -- protection guaranteed to be valid until time specified o policy_id OBJECT IDENTIFIER, -- security policy under which protection is/was carried out o allow_policy_mapping BOOLEAN, -- determines whether mapping between policy IDs is allowed o actual_policy_time INTEGER -- time at which the above policy rules came into effect
o 质量参数BUNDLE o qop_algs无符号整数,o qop_algID AlgorithmIdentifier,-覆盖qop_algs o validity无符号整数,-保护保证在指定时间之前有效o policy_id OBJECT IDENTIFIER,-执行保护的安全策略o allow_policy映射布尔,--确定是否允许策略ID之间的映射为实际\u policy\u time INTEGER--上述策略规则生效的时间
o Idu_Information PARAMETER BUNDLE, o idu_type_oid OBJECT IDENTIFIER, o idu_type_string OCTET STRING, o idu_title OCTET STRING, o idu_sensitivity Sensitivity, o pidu_type_oid OBJECT IDENTIFIER, o pidu_type_string OCTET STRING, o pidu_title OCTET STRING, o pidu_sensitivity Sensitivity,
o Idu_信息参数束,o Idu_类型_oid对象标识符,o Idu_类型_字符串八位字符串,o Idu_标题八位字符串,o Idu_敏感度,o pidu_类型_oid对象标识符,o pidu_类型_字符串八位字符串,o pidu_标题八位字符串,o pidu_敏感度,
o Prot_Information PARAMETER BUNDLE, o originator_name INTERNAL NAME, o originator_role Originator_Role, o idu_information Idu_Information, o protection_time INTEGER,
o 保护信息参数包,o发起人名称内部名称,o发起人角色发起人角色,o idu信息idu信息,o保护时间整数,
o Originator_Role PARAMETER BUNDLE, -- role in organization o domain_name INTERNAL NAME OPTIONAL, o role PRINTABLE STRING, o role_info_is_authenticated BOOLEAN -- TRUE if info. is authenticated (e.g., inside a cert.)
o 发起人角色参数束,--组织中的角色o域名\u内部名称可选,o角色可打印字符串,o角色\u信息\u是经过身份验证的布尔值--如果信息为TRUE。已验证(例如,在证书内)
o Special_Conditions PARAMETER BUNDLE, o prot_oper_id INTEGER, o form_complete_pidu BOOLEAN, -- input to protection operations for evidence generation o pidu_in_solic_service BOOLEAN, -- in protection operations, used as input for service -- solicitation to request that receiver include the -- received PIDU when generating the response. In unprot. -- operations, used as output to inform receiver that PIDU -- should be included when generating the response. o use_trusted_time BOOLEAN, o use_untrusted_time BOOLEAN, o mech_indep_encap_req BOOLEAN -- (see Appendix A)
o 特殊条件参数BUNDLE,o prot_oper_id INTEGER,o form_complete_pidu BOOLEAN,--输入到保护操作以生成证据o pidu_in_solic_service BOOLEAN,--在保护操作中,用作服务的输入--请求接收方在生成响应时包括收到的pidu。联保部队操作,用作输出,通知接收方在生成响应时应包括PIDU。o使用受信任的时间布尔值,o使用不受信任的时间布尔值,o机械索引封装要求布尔值--(见附录A)
o Bad_Target_Name PARAMETER BUNDLE, o (O) bad_targ_name INTERNAL NAME, o (O) bad_targ_status INTEGER, -- a status flag giving the reason for rejection of -- the name in bad_targ_name. Specified reasons include: -- SYNTAX_INVALID (0) -- the syntax of the name is invalid; -- NAME_UNRECOGNIZED (1) -- the name is not recognized; -- NAME_AMBIGUOUS (2) -- the name cannot be resolved; -- ACCESS_DENIED (3)
o Bad_Target_Name参数包,o(o)Bad_targ_Name内部名称,o(o)Bad_targ_status INTEGER,--给出拒绝原因的状态标志--Bad_targ_Name中的名称。指定的原因包括:--SYNTAX_INVALID(0)--名称的语法无效;--名称\u无法识别(1)--名称无法识别;--名称不明确(2)--无法解析名称;--访问被拒绝(3)
-- access to this target is denied; -- CERTIFICATE_NOT_FOUND (4) -- the encryption certificate of the target could -- not be found.
-- access to this target is denied; -- CERTIFICATE_NOT_FOUND (4) -- the encryption certificate of the target could -- not be found.
o Target_Info PARAMETER BUNDLE, o targ_names SET OF INTERNAL NAME, o (O) bad_targ_count INTEGER, o (O) bad_target_names SET OF Bad_Target_Name,
o 目标信息参数包,o个目标名称内部名称集,o(o)个坏目标计数整数,o(o)个坏目标名称坏目标名称,
o General_Service_Data PARAMETER BUNDLE, o target_info Target_Info, o (X) unencapsulated_token OCTET STRING, -- zero length if encapsulation_request is TRUE o (O) minor_status INTEGER,
o 一般\u服务\u数据参数包,o目标\u信息目标\u信息,o(X)未封装\u令牌八位字节字符串,--如果封装\u请求为真,则长度为零o(o)次要\u状态整数,
Three types of protection services are defined in IDUP. These are:
IDUP中定义了三种类型的保护服务。这些是:
1. perform unsolicited service (i.e., act on a locally-generated service request), 2. perform solicited service (i.e., act on a remotely-generated service request), and 3. perform service solicitation (i.e., send a service request to the remote end).
1. 执行未经请求的服务(即,根据本地生成的服务请求采取行动),2。执行请求服务(即,对远程生成的服务请求采取行动),以及3。执行服务请求(即,向远程端发送服务请求)。
As an originator, applying data confidentiality with data integrity, or data origin authentication with data integrity, or proof of origin evidence is an example of service type 1. As a target, creating a proof of delivery (i.e., receipt) evidence token as the result of a request received from the originator is an example of service type 2. Finally, as an originator, submitting a request that one or more targets return a receipt for the data sent is an example of service type 3.
作为发起人,应用具有数据完整性的数据机密性,或具有数据完整性的数据源身份验证,或源证据是服务类型1的一个示例。作为目标,根据从发起人收到的请求创建交付证明(即,收据)证据令牌是服务类型2的一个示例。最后,作为发起人,提交一个请求,要求一个或多个目标返回发送数据的收据是服务类型3的一个示例。
The first four parameters in the Prot_Service parameter bundle pertain to all service types; the fifth parameter is used if and only if service type 2 is desired; parameters 6-8 are used if and only if service type 3 is desired.
Prot_服务参数包中的前四个参数适用于所有服务类型;当且仅当需要服务类型2时才使用第五个参数;当且仅当需要服务类型3时,才使用参数6-8。
o Prot_Service PARAMETER BUNDLE o (I) prot_service_type INTEGER, o (I) service_id OBJECT IDENTIFIER, o (I) quality Quality, -- NULL specifies default Quality o (I) general_service_data General_Service_Data, o (I) service_creation_info Service_Creation_Info, o (I) service_to SET OF INTERNAL NAME, o (O) service_verification_info Service_Verification_Info, o (O) service_verification_info_id INTEGER,
o 保护服务参数BUNDLE o(I)保护服务类型整数,o(I)服务id对象标识符,o(I)质量质量,-NULL指定默认质量o(I)一般服务数据一般服务数据,o(I)服务创建信息服务创建信息,o(I)服务设置内部名称,o(o)服务验证信息服务验证信息,o(o)服务验证信息id整数,
Also, three types of unprotection services are defined. These are:
此外,还定义了三种类型的无保护服务。这些是:
1. receive unsolicited service (i.e., process unrequested remotely-generated service), 2. receive solicited service (i.e., process remotely-generated response to locally-generated request), and 3. receive service solicitation (i.e., process req. from rem. end)
1. 接收未经请求的服务(即,处理未经请求的远程生成的服务),2。接收请求的服务(即,对本地生成的请求处理远程生成的响应),以及3。接收服务请求(即,从rem.端发出的处理请求)
As a target, unprotecting an encrypted message, or verifying the originator's proof of origin is an example of service type 1. As an originator, verifying a proof of delivery which you requested from a target is an example of service type 2. Finally, as a target, receiving a request from an originator for a proof of delivery is an example of service type 3.
作为目标,取消加密消息的保护或验证发起者的来源证明是服务类型1的一个示例。作为发起人,验证您向目标公司请求的交付证明是服务类型2的一个示例。最后,作为一个目标,接收来自发起人的提交证明请求是服务类型3的一个示例。
The first four parameters in the Unprot_Service parameter bundle pertain to all service types; parameters 5-6 are used if and only if service type 2 is required; parameters 7-8 are used only if service type 3 is required.
UNPT_服务参数包中的前四个参数适用于所有服务类型;当且仅当需要服务类型2时才使用参数5-6;参数7-8仅在需要服务类型3时使用。
o Unprot_Service PARAMETER BUNDLE o (O) unprot_service_type INTEGER, o (O) service_id OBJECT IDENTIFIER, o (O) quality Quality, -- actual Quality specified (never NULL) o (O) general_service_data General_Service_Data, o (O) service_verification_info_id INTEGER, o (I) service_verification_info Service_Verification_Info, o (O) service_to SET OF INTERNAL NAME, o (O) service_creation_info Service_Creation_Info,
o 未保护服务参数BUNDLE o(o)未保护服务类型整数,o(o)服务id对象标识符,o(o)质量质量,--指定的实际质量(从不为空)o(o)一般服务数据一般服务数据,o(o)服务验证信息id整数,o(I)服务验证信息服务验证信息,o(o)服务\设置内部名称,o(o)服务\创建\信息服务\创建\信息,
Inputs: o env_handle ENVIRONMENT HANDLE, o Mech_Specific_Info PARAMETER BUNDLE, -- NULL selects the mechanism-defined default values o Idu_Information PARAMETER BUNDLE, o Special_Conditions PARAMETER BUNDLE, o encapsulation_request BOOLEAN, o single_idu_buffer OCTET STRING, -- non-zero length for this buffer means that Protect/End_Protect -- won't be called (i.e., entire IDU is contained in this buffer) o idu_size INTEGER, -- size (in bytes) of the IDU to be protected; -- may be "-1" signifying "UNKNOWN" (note that some mechanisms -- may not support encapsulation in such a case) o Target_Info PARAMETER BUNDLE,
Inputs: o env_handle ENVIRONMENT HANDLE, o Mech_Specific_Info PARAMETER BUNDLE, -- NULL selects the mechanism-defined default values o Idu_Information PARAMETER BUNDLE, o Special_Conditions PARAMETER BUNDLE, o encapsulation_request BOOLEAN, o single_idu_buffer OCTET STRING, -- non-zero length for this buffer means that Protect/End_Protect -- won't be called (i.e., entire IDU is contained in this buffer) o idu_size INTEGER, -- size (in bytes) of the IDU to be protected; -- may be "-1" signifying "UNKNOWN" (note that some mechanisms -- may not support encapsulation in such a case) o Target_Info PARAMETER BUNDLE,
o Services_to_Perform SET OF Prot_Service,
o 服务到执行一组保护服务,
Outputs: o major_status INTEGER, o minor_status INTEGER, o midu_buffer OCTET STRING, -- zero length if encapsulation_request is TRUE; -- may be zero length otherwise (depends on underlying mechanism) o pidu_buffer OCTET STRING, -- zero length if encapsulation_request is FALSE; -- may be zero length otherwise (depends on underlying mechanism)
Outputs: o major_status INTEGER, o minor_status INTEGER, o midu_buffer OCTET STRING, -- zero length if encapsulation_request is TRUE; -- may be zero length otherwise (depends on underlying mechanism) o pidu_buffer OCTET STRING, -- zero length if encapsulation_request is FALSE; -- may be zero length otherwise (depends on underlying mechanism)
Return major_status codes: o GSS_S_COMPLETE -- the protection process can begin (or has completed, if -- single_idu_buffer has non-zero length). o IDUP_S_MORE_OUTBUFFER_NEEDED o GSS_S_CREDENTIALS_EXPIRED o IDUP_S_NO_ENV o IDUP_S_ENCAPSULATION_UNAVAIL o IDUP_S_SERVICE_UNAVAIL o IDUP_S_REQ_TIME_SERVICE_UNAVAIL o IDUP_S_UNKNOWN_OPER_ID o GSS_S_BAD_QOP o IDUP_S_BAD_TARG_INFO o GSS_S_FAILURE
Return major_status codes: o GSS_S_COMPLETE -- the protection process can begin (or has completed, if -- single_idu_buffer has non-zero length). o IDUP_S_MORE_OUTBUFFER_NEEDED o GSS_S_CREDENTIALS_EXPIRED o IDUP_S_NO_ENV o IDUP_S_ENCAPSULATION_UNAVAIL o IDUP_S_SERVICE_UNAVAIL o IDUP_S_REQ_TIME_SERVICE_UNAVAIL o IDUP_S_UNKNOWN_OPER_ID o GSS_S_BAD_QOP o IDUP_S_BAD_TARG_INFO o GSS_S_FAILURE
Using the security environment referenced by env_handle, initialize the data structures required to begin the process of protecting the IDU buffers. The caller requests specific protection services by supplying the appropriate Prot_Service parameter bundles in Services_to_Perform. Each service is able to return a minor status code to the calling application, if necessary.
使用env_handle引用的安全环境,初始化开始保护IDU缓冲区过程所需的数据结构。调用方通过在要执行的服务中提供适当的Prot_服务参数包来请求特定的保护服务。如果需要,每个服务都能够向调用应用程序返回次要状态代码。
The calling application, knowing the size of the IDU it wishes to protect and the buffer size which it has available to it, can choose to input the entire IDU in a single buffer and omit the subsequent IDUP_Protect() and IDUP_End_Protect() calls. Furthermore, the application can request that the resulting M-IDU be encapsulated in the token -- so that the token contains the entire P-IDU -- rather than having it be returned separately in midu_buffer. Encapsulation, however, may not be supported by all underlying mechanisms or implementations; if this is the case, the IDUP_S_ENCAPSULATION_UNAVAIL major status code will be returned and M-IDU will be returned in midu_buffer.
调用应用程序知道它希望保护的IDU的大小以及它可用的缓冲区大小,可以选择在单个缓冲区中输入整个IDU,并省略后续的IDUP_protect()和IDUP_End_protect()调用。此外,应用程序可以请求将生成的M-IDU封装在令牌中,以便令牌包含整个P-IDU,而不是将其单独返回到midu缓冲区中。然而,并非所有底层机制或实现都支持封装;如果是这种情况,将返回IDUP\U S\U封装\U不可用主要状态代码,并在midu\U缓冲区中返回M-IDU。
For those mechanisms which allow or require multiple stages of processing, each producing a different aspect of protection for the IDU, the operation identifier prot_oper_id is used to specify which stage is currently being requested by the application. An example where this would be useful is a mechanism which implements the signed Message Security Protocol [MSP]. As another example, a mechanism may choose to do a digital signature in two stages: one for the hashing of the message and another for the signature on the hash. The calling application would therefore use the protection set of calls on the IDU in stage 1 and then use the protection set of calls on the token (from stage 1) in stage 2.
对于那些允许或需要多个处理阶段的机制,每个阶段都为IDU提供不同的保护,操作标识符prot_oper_id用于指定应用程序当前正在请求哪个阶段。其中一个有用的示例是实现签名消息安全协议[MSP]的机制。作为另一个示例,一种机制可以选择分两个阶段进行数字签名:一个阶段用于对消息进行散列,另一个阶段用于对散列进行签名。因此,调用应用程序将在阶段1中使用IDU上的调用保护集,然后在阶段2中使用令牌(来自阶段1)上的调用保护集。
Note that prot_oper_id is simply an integer (1, 2, 3, ..., n, where "n" is the number of stages as defined by the mechanism (typically 1 or 2)). The calling application uses this parameter to indicate to the underlying mechanism whether it wishes to do stage 1 of protection / unprotection processing, or stage 2, and so on. Portable applications may pass "0" to let the mechanism choose the stage (note that mechanism implementers may still iterate when prot_oper_id = 0 (e.g., use output as next input, et cetera).
注意,prot_oper_id只是一个整数(1,2,3,…,n,其中“n”是由机制定义的阶段数(通常为1或2))。调用应用程序使用此参数向底层机制指示它是希望执行保护/取消保护处理的阶段1,还是阶段2,依此类推。可移植应用程序可以通过“0”让机制选择阶段(注意,当prot_oper_id=0时,机制实现者仍然可以迭代(例如,使用输出作为下一个输入,等等)。
If one or more of the targets in targ_names cannot be used as a valid recipient of the P-IDU, these names will be returned in bad_targ_names (with associated status codes in bad_targ_status). As long as at least one of the targets can be used, this does not cause this call to fail; it is the caller's choice to discontinue IDU protection if the target set which can be used is unsuitable for the caller's purposes. Note that each Prot_Service parameter bundle can also input a list of targ_names; this is used if a separate list is to be used for that service only (the general list of targets is to be used for all services unless overridden in this way).
如果targ_名称中的一个或多个目标不能用作P-IDU的有效收件人,则这些名称将以bad_targ_名称返回(相关状态代码处于bad_targ_状态)。只要至少可以使用一个目标,这不会导致此调用失败;如果可以使用的目标集不适合呼叫者的目的,则呼叫者可以选择停止IDU保护。请注意,每个Prot_服务参数包还可以输入目标名称列表;如果单独的列表仅用于该服务,则使用此选项(目标的常规列表将用于所有服务,除非以这种方式重写)。
Inputs: o env_handle ENVIRONMENT HANDLE, o input_buffer OCTET STRING,
输入:o环境句柄环境句柄,o输入缓存八位字节字符串,
Outputs: o major_status INTEGER, o minor_status INTEGER, o output_buffer OCTET STRING -- may be zero length if encapsulation_request was set to TRUE in -- IDUP_Start_Protect() (depends on underlying mechanism)
Outputs: o major_status INTEGER, o minor_status INTEGER, o output_buffer OCTET STRING -- may be zero length if encapsulation_request was set to TRUE in -- IDUP_Start_Protect() (depends on underlying mechanism)
Return major_status codes: o GSS_S_COMPLETE o IDUP_S_NO_ENV
返回主要状态代码:o GSS\U S\U完成o IDUP\U S\U NO\U环境
o GSS_S_FAILURE
o GSS__故障
Using the security environment referenced by env_handle, continue the protection processing on the data in input_buffer and, if the underlying mechanism defines this, put any resulting P-IDU/M-IDU data in output_buffer. The application calls this routine over and over again with new buffers of data until it has protected all the data buffers of the IDU. It then calls IDUP_End_Protect() to complete the protection processing.
使用env_handle引用的安全环境,继续对输入_缓冲区中的数据进行保护处理,如果底层机制定义了这一点,则将生成的任何P-IDU/M-IDU数据放入输出_缓冲区。应用程序使用新的数据缓冲区反复调用此例程,直到它保护了IDU的所有数据缓冲区。然后调用IDUP\u End\u Protect()来完成保护处理。
Inputs: o env_handle ENVIRONMENT HANDLE,
输入:o环境句柄环境句柄,
Outputs: o major_status INTEGER, o minor_status INTEGER, o Services_to_Perform SET OF Prot_Service, o final_midu_buffer OCTET STRING, -- zero length if encapsulation_request was set to TRUE in -- IDUP_Start_Protect(), in which case pidu is used o final_pidu_buffer OCTET STRING, -- zero length if encapsulation_request was set to FALSE in -- IDUP_Start_Protect(), in which case token and midu are used
Outputs: o major_status INTEGER, o minor_status INTEGER, o Services_to_Perform SET OF Prot_Service, o final_midu_buffer OCTET STRING, -- zero length if encapsulation_request was set to TRUE in -- IDUP_Start_Protect(), in which case pidu is used o final_pidu_buffer OCTET STRING, -- zero length if encapsulation_request was set to FALSE in -- IDUP_Start_Protect(), in which case token and midu are used
Return major_status codes: o GSS_S_COMPLETE -- protection has successfully completed and the resulting P-IDU -- is ready for transfer. If defined by the underlying mechanism, -- final_midu_buffer will contain any residual M-IDU data. o IDUP_S_MORE_OUTBUFFER_NEEDED o IDUP_S_NO_ENV o GSS_S_FAILURE
Return major_status codes: o GSS_S_COMPLETE -- protection has successfully completed and the resulting P-IDU -- is ready for transfer. If defined by the underlying mechanism, -- final_midu_buffer will contain any residual M-IDU data. o IDUP_S_MORE_OUTBUFFER_NEEDED o IDUP_S_NO_ENV o GSS_S_FAILURE
Using the security environment referenced by env_handle, complete the protection processing on the data and place the computed output in final_pidu_buffer (or final_midu_buffer and the unencapsulated_token parameter for each Prot_Service). If a service was requested from one or more targets in Start_Protect() - and if this is supported by the underlying mechanism - Service_Verification_Info will hold whatever data is necessary for the mechanism to verify a service returned by a target (unprotector) of the P-IDU. Successful application of IDUP_End_Protect() does not guarantee that the corresponding unprotection set of calls can necessarily be performed successfully when the P-IDU arrives at the target (for example, it may be damaged in transit).
使用env_handle引用的安全环境,完成对数据的保护处理,并将计算出的输出放入final_pidu_buffer(或final_midu_buffer和每个Prot_服务的未封装_令牌参数)。如果从Start_Protect()中的一个或多个目标请求服务,并且基础机制支持此操作,则service_Verification_Info将保存机制验证P-IDU的目标(取消保护)返回的服务所需的任何数据。成功应用IDUP_End_Protect()并不保证当P-IDU到达目标时(例如,它可能在传输过程中损坏),相应的取消保护调用集一定能够成功执行。
Inputs: o env_handle ENVIRONMENT HANDLE, o Mech_Specific_Info PARAMETER BUNDLE, -- NULL selects the mechanism-defined default values o single_pidu_buffer OCTET STRING, -- non-zero length for this buffer means that IDUP_Unprotect() and -- IDUP_End_Unprotect() will not be called (i.e., the entire P-IDU -- (if encapsulation is used) or M-IDU (if encap. is not used) -- is contained in this buffer) o partial_pidu_buffer OCTET STRING, -- may be an arbitrary-sized piece of the full pidu (if the -- application's buffer isn't large enough to hold entire pidu). -- Used if pidu_buffer will be input a buffer at a time (except -- that the final buffer must be passed in final_pidu_buffer -- rather than partial_pidu_buffer). Only one of -- single_pidu_buffer and partial(final)_pidu_buffer can have -- nonzero length. o final_pidu_buffer OCTET STRING, o Special_Conditions PARAMETER BUNDLE,
Inputs: o env_handle ENVIRONMENT HANDLE, o Mech_Specific_Info PARAMETER BUNDLE, -- NULL selects the mechanism-defined default values o single_pidu_buffer OCTET STRING, -- non-zero length for this buffer means that IDUP_Unprotect() and -- IDUP_End_Unprotect() will not be called (i.e., the entire P-IDU -- (if encapsulation is used) or M-IDU (if encap. is not used) -- is contained in this buffer) o partial_pidu_buffer OCTET STRING, -- may be an arbitrary-sized piece of the full pidu (if the -- application's buffer isn't large enough to hold entire pidu). -- Used if pidu_buffer will be input a buffer at a time (except -- that the final buffer must be passed in final_pidu_buffer -- rather than partial_pidu_buffer). Only one of -- single_pidu_buffer and partial(final)_pidu_buffer can have -- nonzero length. o final_pidu_buffer OCTET STRING, o Special_Conditions PARAMETER BUNDLE,
Outputs: o major_status INTEGER, o minor_status INTEGER, o Services_to_Receive SET OF Unprot_Service, o Prot_Information PARAMETER BUNDLE, o single_idu_buffer OCTET STRING, -- if this buffer has non-zero length, then service processing has -- been completed on the data in single_pidu_buffer o initial_idu_buffer OCTET STRING, -- holds any data from partial(final)_pidu_buffer which has been -- unprotected; remaining data will be returned by Unprotect and -- End_Unprotect as they are called with successive buffers of -- pidu o Service_Verification_Info PARAMETER BUNDLE, -- used only if target is on "service_to" list in Unprot_Service o service_verification_info_id INTEGER, -- used only if target is on "service_to" list in Unprot_Service
Outputs: o major_status INTEGER, o minor_status INTEGER, o Services_to_Receive SET OF Unprot_Service, o Prot_Information PARAMETER BUNDLE, o single_idu_buffer OCTET STRING, -- if this buffer has non-zero length, then service processing has -- been completed on the data in single_pidu_buffer o initial_idu_buffer OCTET STRING, -- holds any data from partial(final)_pidu_buffer which has been -- unprotected; remaining data will be returned by Unprotect and -- End_Unprotect as they are called with successive buffers of -- pidu o Service_Verification_Info PARAMETER BUNDLE, -- used only if target is on "service_to" list in Unprot_Service o service_verification_info_id INTEGER, -- used only if target is on "service_to" list in Unprot_Service
Return major_status codes: o GSS_S_COMPLETE -- unprotection processing can begin (or has completed, if -- single_idu_buffer has non-zero length). o IDUP_S_INCOMPLETE -- used only if single_idu_buffer has non-zero length. o IDUP_S_MORE_OUTBUFFER_NEEDED o IDUP_S_MORE_PIDU_NEEDED o GSS_S_DEFECTIVE_TOKEN o IDUP_S_INAPPROPRIATE_CRED o IDUP_S_INCONSISTENT_PARAMS o IDUP_S_DEFECTIVE_VERIF o IDUP_S_NO_MATCH o IDUP_S_SERVICE_UNAVAIL o IDUP_S_REQ_TIME_SERVICE_UNAVAIL o IDUP_S_SERV_VERIF_INFO_NEEDED o GSS_S_CREDENTIALS_EXPIRED o IDUP_S_NO_ENV o IDUP_S_UNKNOWN_OPER_ID o GSS_S_BAD_QOP -- the qop_algs value specified in P-IDU for at least one of the -- services is unavailable in the local mechanism, so processing -- cannot continue. o GSS_S_BAD_MIC o IDUP_S_BAD_DOA_KEY o IDUP_S_BAD_KE_KEY o IDUP_S_BAD_ENC_IDU o GSS_S_FAILURE
Return major_status codes: o GSS_S_COMPLETE -- unprotection processing can begin (or has completed, if -- single_idu_buffer has non-zero length). o IDUP_S_INCOMPLETE -- used only if single_idu_buffer has non-zero length. o IDUP_S_MORE_OUTBUFFER_NEEDED o IDUP_S_MORE_PIDU_NEEDED o GSS_S_DEFECTIVE_TOKEN o IDUP_S_INAPPROPRIATE_CRED o IDUP_S_INCONSISTENT_PARAMS o IDUP_S_DEFECTIVE_VERIF o IDUP_S_NO_MATCH o IDUP_S_SERVICE_UNAVAIL o IDUP_S_REQ_TIME_SERVICE_UNAVAIL o IDUP_S_SERV_VERIF_INFO_NEEDED o GSS_S_CREDENTIALS_EXPIRED o IDUP_S_NO_ENV o IDUP_S_UNKNOWN_OPER_ID o GSS_S_BAD_QOP -- the qop_algs value specified in P-IDU for at least one of the -- services is unavailable in the local mechanism, so processing -- cannot continue. o GSS_S_BAD_MIC o IDUP_S_BAD_DOA_KEY o IDUP_S_BAD_KE_KEY o IDUP_S_BAD_ENC_IDU o GSS_S_FAILURE
Using the security environment referenced by env_handle, initialize the data structures required to begin the process of unprotecting a P-IDU. The caller will be alerted as to which services were applied to the P-IDU in the returned Services_to_Receive set of parameters.
使用env_handle引用的安全环境,初始化开始取消保护P-IDU过程所需的数据结构。在返回的services_to_Receive参数集中,调用方将收到关于哪些服务应用于P-IDU的警报。
If encapsulation was not used by the originator, it is the receiving application's responsibility to separate the received P-IDU into a M-IDU and one or more unencapsulated_token buffers (the latter being input in separate Unprot_Service bundles in the Services_to_Receive parameter). These unencapsulated_token buffers should be input before the M-IDU (i.e., in IDUP_Start_Unprotect) or after the M-IDU (i.e., in IDUP_End_Unprotect) as appropriate; this order may be dictated, for example, by their placement in the in-coming message.
如果发端人未使用封装,则接收应用程序负责将接收到的P-IDU分离为M-IDU和一个或多个未封装的\u令牌缓冲区(后者在服务\u to \u接收参数中的单独未封装的\u服务包中输入)。这些未封装的_令牌缓冲区应在M-IDU之前(即,在IDUP_启动_取消保护)或在M-IDU之后(即,在IDUP_结束_取消保护)输入(视情况而定);例如,该顺序可以由它们在传入消息中的位置决定。
If unprotection will be applied more than once to a given P-IDU, it is the responsibility of the calling application to remember if a service solicitation has been responded to previously (i.e., if the requested service has already been generated / sent for that P-IDU) and thus ignore subsequent solicitations on unprotect.
如果取消保护将不止一次地应用于给定的P-IDU,则调用应用程序有责任记住之前是否响应过服务请求(即,如果已为该P-IDU生成/发送请求的服务),从而忽略取消保护的后续请求。
The time flags indicate whether to consult trusted, untrusted, or no time (if both flags are FALSE) during the unprotection operation. If the current time is not to be checked, then unprotection may be successful even if the protector's key has expired since the P-IDU was generated (that is, if the Validity period -- as specified in the Quality parameter bundle -- has expired).
时间标志指示在解除保护操作期间是咨询受信任的、不受信任的还是无时间(如果两个标志都为FALSE)。如果不检查当前时间,则即使保护器的密钥在生成P-IDU后已过期(即,如果质量参数包中指定的有效期已过期),解除保护也可能成功。
If the underlying mechanism supports it and if this information is contained in the P-IDU, information regarding the originator (that is, the entity which used the protection set of calls to generate this P-IDU) is returned in the Prot_Information parameter bundle.
如果基础机制支持,并且该信息包含在P-IDU中,则在Prot_信息参数包中返回有关发起人(即使用保护调用集生成该P-IDU的实体)的信息。
Inputs: o env_handle ENVIRONMENT HANDLE, o input_buffer OCTET STRING
输入:o环境句柄环境句柄,o输入缓存八位字节字符串
Outputs: o major_status INTEGER, o minor_status INTEGER, o output_buffer OCTET STRING
输出:o大_状态整数、o小_状态整数、o输出_缓冲区八位字符串
Return major_status codes: o GSS_S_COMPLETE o IDUP_S_NO_ENV o GSS_S_FAILURE
返回主要状态代码:o GSS\U S\U完成o IDUP\U S\U NO\U ENV o GSS\U故障
Using the security environment referenced by env_handle, continue the unprotection processing on the data in input_buffer, putting any resulting IDU data in output_buffer (if required).
使用env_handle引用的安全环境,继续对input_buffer中的数据进行解除保护处理,将任何生成的IDU数据放入output_buffer(如果需要)。
Inputs: o env_handle ENVIRONMENT HANDLE,
输入:o环境句柄环境句柄,
Outputs: o major_status INTEGER, o minor_status INTEGER, o Prot_Information PARAMETER BUNDLE, o Services_to_Receive SET OF Unprot_Service, o final_idu_buffer OCTET STRING, o Service_Verification_Info PARAMETER BUNDLE, -- used only if target is on "service_to" list in Unprot_Service o service_verification_info_id INTEGER, -- used only if target is on "service_to" list in Unprot_Service
Outputs: o major_status INTEGER, o minor_status INTEGER, o Prot_Information PARAMETER BUNDLE, o Services_to_Receive SET OF Unprot_Service, o final_idu_buffer OCTET STRING, o Service_Verification_Info PARAMETER BUNDLE, -- used only if target is on "service_to" list in Unprot_Service o service_verification_info_id INTEGER, -- used only if target is on "service_to" list in Unprot_Service
Return major_status codes: o GSS_S_COMPLETE -- residual IDU data will be returned in final_idu_buffer. o IDUP_S_INCOMPLETE o IDUP_S_MORE_OUTBUFFER_NEEDED o GSS_S_BAD_MIC o IDUP_S_BAD_DOA_KEY o IDUP_S_BAD_KE_KEY o IDUP_S_BAD_ENC_IDU o IDUP_S_NO_ENV o GSS_S_FAILURE
Return major_status codes: o GSS_S_COMPLETE -- residual IDU data will be returned in final_idu_buffer. o IDUP_S_INCOMPLETE o IDUP_S_MORE_OUTBUFFER_NEEDED o GSS_S_BAD_MIC o IDUP_S_BAD_DOA_KEY o IDUP_S_BAD_KE_KEY o IDUP_S_BAD_ENC_IDU o IDUP_S_NO_ENV o GSS_S_FAILURE
Using the security environment referenced by env_handle, complete the unprotection processing on the data and return the appropriate status code. If there is any residual IDU data it will be returned in final_idu_buffer.
使用env_handle引用的安全环境,完成对数据的解除保护处理,并返回相应的状态代码。如果有任何剩余的IDU数据,它将在最终的IDU缓冲区中返回。
If the IDUP_S_INCOMPLETE major status value is returned, all output parameters are conditionally valid; the unprotection set of functions will have to be called again (perhaps with a complete P-IDU, as produced by IDUP_Form_Complete_PIDU) in order to get valid values for all parameters. "Conditional validity" may arise, for example, if all relevant certificates verify correctly, but it is not yet past the time up to which the current policy allows the authorities involved to repudiate their keys.
如果返回IDUP_S_complete mair status值,则所有输出参数都有条件有效;为了获得所有参数的有效值,必须再次调用未保护的函数集(可能使用IDUP_Form_complete_PIDU生成的完整P-IDU)。例如,如果所有相关证书都正确验证,但尚未超过当前政策允许相关机构拒绝其密钥的时间,则可能会出现“条件有效性”。
If the underlying mechanism supports it and if this information is contained in the token, information regarding the originator (that is, the entity which used the protection set of calls to generate this token) is returned in the Prot_Information parameter bundle. This information may or may not be omitted if it was returned by the IDUP_Start_Unprotect() call.
如果基础机制支持此功能,并且此信息包含在令牌中,则在Prot_信息参数包中返回有关发起人(即使用保护调用集生成此令牌的实体)的信息。如果此信息是由IDUP\u Start\u Unprotect()调用返回的,则可以忽略此信息,也可以不忽略此信息。
Note that, unlike GSS-API, IDUP-GSS-API does not incorporate the concept of error tokens transferred between sender and recipient since the protection and unprotection of an IDU may be separated by an indefinite amount of time and may or may not be performed by the same entity.
请注意,与GSS-API不同,IDUP-GSS-API不包含发送方和接收方之间传输的错误令牌的概念,因为IDU的保护和取消保护可能会被不确定的时间分隔,并且可能由同一实体执行,也可能不由同一实体执行。
The special-purpose call described in this section has no analog in GSS-API [RFC-2078]. This call is used to complete a P-IDU (that is, to generate a P-IDU which can be unprotected successfully with no additional data at any time during its validity period). This call may not be supported by all underlying IDUP mechanisms or
本节中描述的专用调用在GSS-API[RFC-2078]中没有模拟。此调用用于完成一个P-IDU(即,生成一个P-IDU,该P-IDU在其有效期内的任何时候都可以在没有额外数据的情况下成功解除保护)。此调用可能不受所有基础IDUP机制或
implementations.
实现。
Inputs: o env_handle ENVIRONMENT HANDLE, o single_pidu_buffer OCTET STRING, o partial_pidu_buffer OCTET STRING, -- an arbitrary-sized piece of the full pidu token. Used if pidu -- will be input a buffer at a time (except that the final buffer -- must be passed in final_pidu_buffer rather than -- partial_pidu_buffer). Only one of single_pidu_buffer and -- partial(final)_pidu_buffer can have nonzero length. o final_pidu_buffer OCTET STRING,
Inputs: o env_handle ENVIRONMENT HANDLE, o single_pidu_buffer OCTET STRING, o partial_pidu_buffer OCTET STRING, -- an arbitrary-sized piece of the full pidu token. Used if pidu -- will be input a buffer at a time (except that the final buffer -- must be passed in final_pidu_buffer rather than -- partial_pidu_buffer). Only one of single_pidu_buffer and -- partial(final)_pidu_buffer can have nonzero length. o final_pidu_buffer OCTET STRING,
Outputs: o major_status INTEGER, o minor_status INTEGER, o pidu_token_out OCTET STRING -- the augmented PIDU; may be complete o call_again_before INTEGER, o call_again_after INTEGER, o trusted_time_stamping_time INTEGER -- for information only
Outputs: o major_status INTEGER, o minor_status INTEGER, o pidu_token_out OCTET STRING -- the augmented PIDU; may be complete o call_again_before INTEGER, o call_again_after INTEGER, o trusted_time_stamping_time INTEGER -- for information only
Return major_status codes: o GSS_S_COMPLETE o IDUP_S_MORE_OUTBUFFER_NEEDED o IDUP_S_INCOMPLETE -- generation of the P-IDU is not yet complete. The application -- should call this function again before the time given in -- call_again_before (if not NULL), or after the time given in -- call_again_after (if not NULL), or both (if neither are NULL). o IDUP_S_INCONSISTENT_PARAMS o IDUP_S_SERVICE_UNAVAIL o GSS_S_DEFECTIVE_TOKEN o GSS_S_FAILURE
Return major_status codes: o GSS_S_COMPLETE o IDUP_S_MORE_OUTBUFFER_NEEDED o IDUP_S_INCOMPLETE -- generation of the P-IDU is not yet complete. The application -- should call this function again before the time given in -- call_again_before (if not NULL), or after the time given in -- call_again_after (if not NULL), or both (if neither are NULL). o IDUP_S_INCONSISTENT_PARAMS o IDUP_S_SERVICE_UNAVAIL o GSS_S_DEFECTIVE_TOKEN o GSS_S_FAILURE
Form_Complete_PIDU is used primarily by the evidence services; in particular, when the evidence token itself does not contain all the data required for its verification and it is anticipated that some of the data not stored in the token may become unavailable during the interval between generation of the evidence token and verification unless it is stored in the token. The Form_Complete_PIDU operation gathers the missing information and includes it in the token so that verification can be guaranteed to be possible at any future time.
表格_Complete_PIDU主要由证据服务机构使用;特别地,当证据令牌本身不包含其验证所需的所有数据时,并且预期在生成证据令牌和验证之间的间隔期间,未存储在令牌中的一些数据可能变得不可用,除非其存储在令牌中。Form_Complete_PIDU操作收集丢失的信息并将其包含在令牌中,以便保证在将来任何时候都可以进行验证。
This call generates a PIDU which can be unprotected successfully with no additional data at any time during its validity period. [For background information on the notion of "complete" evidence, see
此调用生成一个PIDU,该PIDU可以在其有效期内的任何时候在没有额外数据的情况下成功解除保护。[关于“完整”证据概念的背景资料,见
"CORBA Security Service v1.2 Draft D02", 18 June 1997.]
“CORBA安全服务v1.2 D02草案”,1997年6月18日。]
Using the security environment referenced by env_handle, complete the generation of a P-IDU token and return the appropriate status value along with the completed token (if available). Such a call may be used, for example, for the purpose of batch evidence generation on an "evidence server". A local machine may be able to use the protection set of calls to fill out most of an evidence token and then send a number of these to a batch processor which forms the complete evidence tokens (perhaps by adding a certification path, or a timestamp and signature from a timestamping authority). As another example, on the receiving end an application may make such a call in order to collect all the information necessary to unprotect a P-IDU (such as all relevant certificates and Certificate Revocation Lists); this will ensure that the calls to the unprotection set of operations will be entirely local (i.e., can be performed off-line) and fast.
使用env_handle引用的安全环境,完成P-IDU令牌的生成,并返回相应的状态值以及已完成的令牌(如果可用)。例如,这种调用可用于在“证据服务器”上批量生成证据。本地机器可能能够使用保护调用集来填写大部分证据令牌,然后将其中的一部分发送给批处理器,批处理器形成完整的证据令牌(可能通过添加认证路径,或时间戳机构的时间戳和签名)。作为另一个示例,在接收端,应用程序可以进行这样的调用,以收集取消保护P-IDU所需的所有信息(例如所有相关证书和证书撤销列表);这将确保对无保护操作集的调用完全是本地的(即,可以离线执行)且快速。
Note that the complete P-IDU generated will be formed using trusted time if this is available in the environment referenced by env_handle and will use untrusted time or no time otherwise (depending on what is available).
请注意,如果在env_handle引用的环境中有可信时间,则生成的完整P-IDU将使用可信时间生成,并将使用不可信时间或无时间生成(取决于可用时间)。
Support calls in IDUP-GSS-API are to be understood and used as described in GSS-API [RFC-2078]. The calls described in Section 2.4 of GSS-API (including all associated parameters) are unchanged. The following additional calls are specified for IDUP-GSS-API.
IDUP-GSS-API中的支持调用应按照GSS-API[RFC-2078]中的说明理解和使用。GSS-API第2.4节中描述的调用(包括所有相关参数)保持不变。为IDUP-GSS-API指定了以下附加调用。
2.5.2: IDUP_Acquire_cred_with_auth call
2.5.2:IDUP\u Acquire\u cred\u与\u auth call
Inputs: o desired_name INTERNAL NAME, -- NULL requests locally-determined default o authenticator OCTET STRING -- string which authenticates the caller claiming to be -- desired_name o lifetime_req INTEGER, -- in seconds; 0 requests default o desired_mechs SET OF OBJECT IDENTIFIER, -- empty set requests system-selected default o cred_usage BIT STRING -- actual values which can be used currently correspond to those -- given in Section 2.1.1 (i.e., -- ENCRYPT_ONLY 8 -- DECRYPT_ONLY 16
Inputs: o desired_name INTERNAL NAME, -- NULL requests locally-determined default o authenticator OCTET STRING -- string which authenticates the caller claiming to be -- desired_name o lifetime_req INTEGER, -- in seconds; 0 requests default o desired_mechs SET OF OBJECT IDENTIFIER, -- empty set requests system-selected default o cred_usage BIT STRING -- actual values which can be used currently correspond to those -- given in Section 2.1.1 (i.e., -- ENCRYPT_ONLY 8 -- DECRYPT_ONLY 16
-- SIGN_ONLY 32 -- VERIFY_ONLY 64 -- with the values logically OR'ed together in any desired -- combination to restrict credential usage; OR'ing all values -- results in NO_RESTRICTION). -- Future possible values for this parameter are for further -- study (note that the type of this parameter is BIT STRING -- (rather than INTEGER as in GSS_Acquire_cred) to facilitate -- such future expansion).
-- SIGN_ONLY 32 -- VERIFY_ONLY 64 -- with the values logically OR'ed together in any desired -- combination to restrict credential usage; OR'ing all values -- results in NO_RESTRICTION). -- Future possible values for this parameter are for further -- study (note that the type of this parameter is BIT STRING -- (rather than INTEGER as in GSS_Acquire_cred) to facilitate -- such future expansion).
Outputs: o major_status INTEGER, o minor_status INTEGER, o output_cred_handle CREDENTIAL HANDLE, o actual_mechs SET OF OBJECT IDENTIFIER, o actual_cred_usage BIT STRING, o lifetime_rec INTEGER -- in seconds, or reserved value for INDEFINITE
Outputs: o major_status INTEGER, o minor_status INTEGER, o output_cred_handle CREDENTIAL HANDLE, o actual_mechs SET OF OBJECT IDENTIFIER, o actual_cred_usage BIT STRING, o lifetime_rec INTEGER -- in seconds, or reserved value for INDEFINITE
This call (which need not be supported by all underlying mechanisms or implementations) is identical to the GSS_Acquire_cred call, with the exception of the added input parameter "authenticator" and the added output parameter "actual_cred_usage". The authenticator (typically a password, pass-phrase, or PIN) is used to authenticate the caller claiming to be desired_name to the underlying GSS (or mechanism) code. The actual_cred_usage specifies the actual uses available for these credentials; it is up to the caller to determine if this is sufficient for its purposes.
此调用(不需要所有底层机制或实现都支持)与GSS_Acquire_cred调用相同,但添加的输入参数“authenticator”和输出参数“actual_cred_usage”除外。验证器(通常是密码、密码短语或PIN)用于对声称是底层GSS(或机制)代码所需名称的调用方进行身份验证。实际凭证使用情况指定这些凭证的实际使用情况;由调用方确定这是否足以满足其目的。
Implementations that are able to authenticate the caller in some other way are encouraged to use the GSS_Acquire_cred call; those having no other means available to them, or wishing to explicitly authenticate the caller at the time of credential acquisition, should use the IDUP_Acquire_cred_with_auth call (if supported).
鼓励能够以其他方式验证调用方身份的实现使用GSS_Acquire_cred调用;那些没有其他可用手段的人,或者希望在获取凭证时显式验证呼叫者,应该使用IDUP_Acquire_cred_with_auth call(如果支持)。
Note that the return major status codes for this call are identical to those given for the GSS_Acquire_cred call. If the authentication fails (e.g., the wrong authenticator is supplied for the given desired_name), the major status GSS_S_FAILURE is returned (along with an appropriate minor status code).
请注意,此呼叫的返回主要状态代码与GSS_Acquire_cred呼叫的返回主要状态代码相同。如果身份验证失败(例如,为给定的所需的_名称提供了错误的身份验证程序),则返回主要状态GSS_S_FAILURE(以及适当的次要状态代码)。
Inputs: o token OCTET STRING, -- all the data to be returned shall be within the first 4 KB of -- the token; hence, a single call is needed. It is not necessary -- to provide the entire token when the token includes the IDU.
Inputs: o token OCTET STRING, -- all the data to be returned shall be within the first 4 KB of -- the token; hence, a single call is needed. It is not necessary -- to provide the entire token when the token includes the IDU.
o mech_type SET OF OBJECT IDENTIFIER -- input if known (typically SET will contain a single member)
o 对象标识符的机械类型集——输入(如果已知)(通常该集将包含单个成员)
Outputs: o major_status INTEGER, o minor_status INTEGER, o actual_mech_type OBJECT IDENTIFIER, o data_included_in_token BOOLEAN, -- true if the data is encapsulated o idu_size INTEGER, o has_SE_protection BOOLEAN, o has_EV_protection BOOLEAN, o PIDU_Information PARAMETER BUNDLE, o nr_policy OBJECT IDENTIFIER, -- this and subsequent parameters pertain only to evidence tokens o Nr_Options PARAMETER BUNDLE, o Originator_Information PARAMETER BUNDLE, o time_stamping_time INTEGER OPTIONAL o Request_Features PARAMETER BUNDLE, -- describes the included request, if any. o requested_evidence_back BOOLEAN, -- true if this is an evidence generated in response to a -- previously-sent request o evidence_check OCTET STRING, -- meaningful if the boolean above is true
Outputs: o major_status INTEGER, o minor_status INTEGER, o actual_mech_type OBJECT IDENTIFIER, o data_included_in_token BOOLEAN, -- true if the data is encapsulated o idu_size INTEGER, o has_SE_protection BOOLEAN, o has_EV_protection BOOLEAN, o PIDU_Information PARAMETER BUNDLE, o nr_policy OBJECT IDENTIFIER, -- this and subsequent parameters pertain only to evidence tokens o Nr_Options PARAMETER BUNDLE, o Originator_Information PARAMETER BUNDLE, o time_stamping_time INTEGER OPTIONAL o Request_Features PARAMETER BUNDLE, -- describes the included request, if any. o requested_evidence_back BOOLEAN, -- true if this is an evidence generated in response to a -- previously-sent request o evidence_check OCTET STRING, -- meaningful if the boolean above is true
Return major_status codes: o GSS_S_COMPLETE -- input_token could be parsed for all relevant fields. o GSS_S_CREDENTIALS_EXPIRED o GSS_S_DEFECTIVE_TOKEN -- the mechanism type could be parsed, but either the other fields -- could not be determined from the input_token, or their values -- did not correspond to valid values for that mechanism. o GSS_S_FAILURE -- the mechanism type was missing or corrupted.
Return major_status codes: o GSS_S_COMPLETE -- input_token could be parsed for all relevant fields. o GSS_S_CREDENTIALS_EXPIRED o GSS_S_DEFECTIVE_TOKEN -- the mechanism type could be parsed, but either the other fields -- could not be determined from the input_token, or their values -- did not correspond to valid values for that mechanism. o GSS_S_FAILURE -- the mechanism type was missing or corrupted.
IDUP_Get_token_details() is used to return to an application the attributes that correspond to a given input token. Since IDUP-GSS-API tokens are meant to be opaque to the calling application, this function allows the application to determine information about the token without having to violate the opaqueness intention of IDUP. Of primary importance is the mechanism type, which the application can then use as input to the IDUP_Establish_Env() call in order to establish the correct environment in which to have the token processed.
IDUP_Get_token_details()用于将与给定输入令牌对应的属性返回给应用程序。由于IDUP-GSS-API令牌对于调用应用程序来说是不透明的,因此此函数允许应用程序确定关于令牌的信息,而不必违反IDUP的不透明意图。最重要的是机制类型,然后应用程序可以将其用作IDUP_-Establish_-Env()调用的输入,以建立正确的环境来处理令牌。
If all tokens are framed as suggested in Section 3.1 of [RFC-2078] (mandated in the Kerberos V5 GSS mechanism [RFC 1964] and in the SPKM GSS Mechanism [RFC 2025]), then any mechanism implementation should be able to return the mech_type parameter for any uncorrupted input token. If the mechanism implementation whose IDUP_Get_token_details() function is being called does recognize the token, it can return any further relevant information in the other token attributes, as specified. In particular, this function can set has_SE_protection if the SE calls may be used to unprotect it, or has_EV_protection if the EV calls may be used to unprotect it, or both if both kinds of protection have been applied (so that SE or EV calls may be used in any order for unprotection) [note that GP calls, when supported, should be usable for unprotection of any IDUP token].
如果所有令牌都按照[RFC-2078]第3.1节(Kerberos V5 GSS机制[RFC 1964]和SPKM GSS机制[RFC 2025]中的规定)的建议进行了帧设置,则任何机制实现都应该能够为任何未损坏的输入令牌返回mech_类型参数。如果调用其IDUP\u Get\u token\u details()函数的机制实现确实识别该令牌,则它可以按照指定返回其他令牌属性中的任何其他相关信息。特别是,如果SE呼叫可用于解除保护,则此功能可设置为has_SE_保护;如果EV呼叫可用于解除保护,则此功能可设置为has_EV_保护;如果两种保护均已应用,则此功能可设置为has_EV_保护(以便SE或EV呼叫可按任意顺序用于解除保护)[请注意,支持GP调用时,应可用于解除任何IDUP令牌的保护]。
IDUP_Get_token_details (which need not be supported by all underlying mechanisms or implementations) gives only a hint about the content of the token, there is no integrity check of any kind performed. Regardless of the token type, it is possible to check that this information is correct only by doing a proper unprotection of the token. It is recommended that IDUP callers supply a token buffer at least 4 KB in length in order to ensure that the desired data can easily flow across this interface.
IDUP_Get_token_details(不需要所有底层机制或实现都支持)只提供关于令牌内容的提示,没有执行任何类型的完整性检查。无论令牌类型如何,只有通过对令牌进行适当的解除保护,才能检查此信息是否正确。建议IDUP调用者提供长度至少为4KB的令牌缓冲区,以确保所需的数据可以轻松地通过该接口。
The OID of the mechanism and whether the token contains the associated data is returned. In addition the size of the associated data, whether inside or outside the token, is included if known. [Note: data size will typically be unknown if the data was protected using multibuffer calls. A value of "-1" may be used to indicate "UNKNOWN".]
返回机制的OID以及令牌是否包含关联数据。此外,如果已知,还包括相关数据的大小,无论是在令牌内部还是外部。[注意:如果数据使用多缓冲区调用进行保护,则数据大小通常是未知的。值“-1”可用于表示“未知”。]
When the input token contains only an evidence generated spontaneously, the following is returned: - the evidence type; - the Non-Repudiation policy under which the evidence was generated; - the name of the generator of the evidence; - the date and time when the evidence was generated (if available); - the date and time when it was time stamped (if available).
When the input token contains only an evidence generated spontaneously, the following is returned: - the evidence type; - the Non-Repudiation policy under which the evidence was generated; - the name of the generator of the evidence; - the date and time when the evidence was generated (if available); - the date and time when it was time stamped (if available).
When the input token contains only an evidence generated in response to a request from another entity, the following additional information is returned: - an indicator to state that this evidence relates to a request; - a string significant for the requester that will allow him to check whether the answer corresponds to the requested evidence.
当输入令牌仅包含响应另一实体的请求而生成的证据时,将返回以下附加信息:-表示此证据与请求相关的指示符;-一个对请求者有意义的字符串,允许他检查答案是否与请求的证据相符。
When the input token only contains a request, the following is returned: - the name of the requestor of the evidence,
当输入令牌仅包含请求时,将返回以下内容:-证据请求者的名称,
- the date and time when the request was made, - the evidence type to send back, - the non-repudiation policy under which the evidence to send back should be generated, - the names of the recipients which should generate and distribute the requested evidence, - the names of the recipients to whom the requested evidence should be sent after it has been generated.
- 提出请求的日期和时间,-要发回的证据类型,-应根据其生成要发回的证据的不可否认政策,-应生成和分发所请求证据的收件人的姓名,-生成请求的证据后应向其发送的收件人的姓名。
When the input token contains both evidence and a request, an indicator is returned describing whether the new evidence should be generated using only the data in the input token, or using both the data and the evidence in the input token.
当输入令牌同时包含证据和请求时,将返回一个指示符,说明是应仅使用输入令牌中的数据生成新证据,还是同时使用输入令牌中的数据和证据生成新证据。
When the input token contains only CONF and DOA services, the PIDU_Information bundle is returned. Other relevant parameters (such as idu_size and time_stamping_time) may also be returned if this data is available.
当输入令牌仅包含CONF和DOA服务时,将返回PIDU_信息包。如果此数据可用,还可以返回其他相关参数(如idu大小和时间)。
Inputs: o policy_id OBJECT IDENTIFIER
输入:o策略\u id对象标识符
Outputs: o major_status INTEGER, o minor_status INTEGER, o policy_version INTEGER, o policy_effective_time INTEGER, o policy_expiry_time INTEGER, o supported_services SET OF Service_Descriptor, -- services supported by this particular policy_id (equal to the -- intersection of the services supported by the mechanisms -- listed in supported_mechanisms) o supported_mechanisms SET OF Mechanism_Descriptor -- mechanisms supported by this particular policy_id
Outputs: o major_status INTEGER, o minor_status INTEGER, o policy_version INTEGER, o policy_effective_time INTEGER, o policy_expiry_time INTEGER, o supported_services SET OF Service_Descriptor, -- services supported by this particular policy_id (equal to the -- intersection of the services supported by the mechanisms -- listed in supported_mechanisms) o supported_mechanisms SET OF Mechanism_Descriptor -- mechanisms supported by this particular policy_id
Return major_status codes: o GSS_S_COMPLETE -- policy_id recognized; all relevant fields have been returned. o GSS_S_FAILURE -- the policy_id was not recognized.
Return major_status codes: o GSS_S_COMPLETE -- policy_id recognized; all relevant fields have been returned. o GSS_S_FAILURE -- the policy_id was not recognized.
This call (which need not be supported by all underlying mechanisms or implementations) allows the application to retrieve information pertaining to a given policy_id. Policies define the following: - rules for the protection of IDUs, such as trusted third parties which may be involved in P-IDU generation, the roles in
此调用(不需要所有底层机制或实现都支持)允许应用程序检索与给定策略id有关的信息。策略定义了以下内容:-用于保护IDU的规则,例如可能参与P-IDU生成的受信任第三方,在
which they may be involved, and the duration for which the generated P-IDU is valid;
他们可能参与的,以及生成的P-IDU有效的持续时间;
- rules for the unprotection of P-IDUs, such as the interval during which a trusted third party may legitimately declare its key to have been compromised or revoked; and
- 取消P-IDU保护的规则,如可信第三方合法声明其密钥已被泄露或撤销的时间间隔;和
- rules for adjudication, such as which authorities may be used to adjudicate disputes.
- 裁决规则,例如可以使用哪些机构裁决争议。
The policy itself may be used by an adjudicator when resolving a dispute. For example, the adjudicator might refer to the policy to determine whether the rules for generation of the P-IDU have been followed.
仲裁员在解决争议时可使用保单本身。例如,裁决员可能参考政策,以确定是否遵守了生成P-IDU的规则。
The following parameter bundles are associated with this call.
以下参数束与此调用关联。
o Service_Descriptor PARAMETER BUNDLE, o service_type OBJECT IDENTIFIER, o service_validity_duration INTEGER, o must_use_trusted_time BOOLEAN
o 服务描述符参数包,o服务类型对象标识符,o服务有效性\u持续时间整数,o必须\u使用\u受信任\u时间布尔值
o Mechanism_Descriptor PARAMETER BUNDLE, o mechanism_type OBJECT IDENTIFIER, o Authority_List PARAMETER BUNDLE, o maximum_time_skew INTEGER -- maximum permissible difference between P-IDU generation -- time and the time of countersignature from a time -- service (if required). This parameter is unused if -- trusted time is not required.
o 机制描述符参数束、o机制类型对象标识符、o权限列表参数束、o最大时间偏移整数——P-IDU生成时间与时间服务的会签时间之间的最大允许差值(如果需要)。如果不需要--trusted time,则此参数未使用。
o Authority_List PARAMETER BUNDLE, o authority_name INTERNAL NAME, o authority_role OCTET STRING, o last_revocation_check_offset INTEGER -- may be 0, greater than 0, or less than 0. The value of -- this parameter is added to P-IDU generation time to -- get latest time at which the mechanism will check to -- see if this authority's key has been revoked.
o Authority\u List参数BUNDLE、o Authority\u name内部名称、o Authority\u role八位字节字符串、o last\u revocation\u check\u offset整数——可以是0、大于0或小于0。--此参数的值被添加到P-IDU生成时间,以--获取机制将检查的最新时间--查看此授权的密钥是否已被吊销。
An example of the use of the last parameter in Authority_List is as follows. If an authority has a defined last_revocation_check_offset of negative one hour, then all revocations taking effect earlier than one hour before the generation of a P-IDU will render that P-IDU invalid; no revocation taking place later than one hour before the generation of the P-IDU will affect the P-IDU's validity.
下面是使用Authority_列表中最后一个参数的示例。如果一个机构定义了一个负1小时的最后撤销检查偏移量,那么在生成P-IDU前1小时之前生效的所有撤销将使该P-IDU无效;在生成P-IDU前一小时内发生的撤销不会影响P-IDU的有效性。
Note that both the maximum_time_skew and the last_revocation_check_offset values are given in minutes.
请注意,最大时间偏移和最后一次撤销检查偏移值均以分钟为单位。
Inputs: o env_handle ENVIRONMENT HANDLE,
输入:o环境句柄环境句柄,
Outputs: o major_status INTEGER, o minor_status INTEGER,
输出:o大\小\状态整数,
Return major_status codes: o GSS_S_COMPLETE -- operation cancelled; state purged. o GSS_S_FAILURE -- unable to cancel operation; state retained.
Return major_status codes: o GSS_S_COMPLETE -- operation cancelled; state purged. o GSS_S_FAILURE -- unable to cancel operation; state retained.
This call (which need not be supported by all underlying mechanisms or implementations) allows the application to cancel a multibuffer operation prior to normal completion (e.g., subsequent to calling Start_operation and zero or more Process_operation, but prior to calling End_operation). When successful, this call purges any internal state information which would have been used to continue processing for the full set of multibuffer calls.
此调用(不需要所有底层机制或实现都支持)允许应用程序在正常完成之前取消多缓冲区操作(例如,在调用Start_操作和零或多个Process_操作之后,但在调用End_操作之前)。成功时,此调用将清除所有内部状态信息,这些信息将用于继续处理整个多缓冲区调用集。
In order to implement the IDUP-GSS-API atop existing, emerging, and future security mechanisms, the following is necessary:
为了在现有、新兴和未来的安全机制上实现IDUP-GSS-API,需要执行以下操作:
- object identifiers must be assigned to candidate IDUP-GSS-API mechanisms and the name types which they support; and
- 对象标识符必须分配给候选IDUP-GSS-API机制及其支持的名称类型;和
- concrete data element (i.e., token and parameter bundle) formats must be defined for candidate mechanisms.
- 必须为候选机制定义具体的数据元素(即令牌和参数包)格式。
Calling applications must implement formatting conventions which will enable them to distinguish IDUP-GSS-API P-IDUs from other IDUs in their environment.
调用应用程序必须实现格式化约定,使它们能够将IDUP-GSS-API P-IDU与环境中的其他IDU区分开来。
Concrete language bindings are required for the programming environments in which the IDUP-GSS-API is to be employed.
使用IDUP-GSS-API的编程环境需要具体的语言绑定。
Many thanks are due to Tim Moses and Dhanya Thakkar of Entrust Technologies, Denis Pinkas of Bull, and David Kurn of Tandem Computers for a number of helpful comments and contributions.
非常感谢Trust Technologies公司的Tim Moses和Dhanya Thakkar、Bull公司的Denis Pinkas和Tandem Computers公司的David Kurn,感谢他们提供了许多有用的评论和贡献。
Security issues are discussed throughout this memo.
本备忘录中讨论了安全问题。
[MSP] U.S. National Security Agency, "Message Security Protocol", Secure Data Network System SDN.701, March 1994.
[MSP]美国国家安全局,“信息安全协议”,安全数据网络系统SDN.701,1994年3月。
[RFC-1421] Linn, J., "Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures", RFC 1421, February 1993.
[RFC-1421]Linn,J.,“互联网电子邮件的隐私增强:第一部分:信息加密和认证程序”,RFC 14211993年2月。
[RFC-2078] Linn, J., "Generic Security Service Application Program Interface, Version 2", RFC 2078, January 1997..
[RFC-2078]林恩,J.,“通用安全服务应用程序接口,第2版”,RFC 2078,1997年1月。。
[RFC 1964] Linn, J, "The Kerberos Version 5 GSS-API Mechanism", RFC 1964, June 1996.
[RFC 1964]Linn,J,“Kerberos版本5 GSS-API机制”,RFC 1964,1996年6月。
[RFC 2025] Adams, C., "The Simple Public-Key GSS-API Mechanism (SPKM)", RFC 2025, October 1996.
[RFC 2025]Adams,C.“简单公钥GSS-API机制(SPKM)”,RFC 2025,1996年10月。
[ISO/IEC] 2nd ISO/IEC CD 13888-1, "Information technology - Security techniques - Non-repudiation - Part 1: General Model", ISO/IEC JTC 1/SC 27, May 30, 1995
[ISO/IEC] 2nd ISO/IEC CD 13888-1, "Information technology - Security techniques - Non-repudiation - Part 1: General Model", ISO/IEC JTC 1/SC 27, May 30, 1995
Carlisle Adams Entrust Technologies 750 Heron Road, Suite E08, Ottawa, Ontario, CANADA K1V 1A7
加拿大安大略省渥太华Heron路750号E08室卡莱尔亚当斯信托科技公司K1V 1A7
Phone: +1 613.247.3180 EMail: cadams@entrust.com
Phone: +1 613.247.3180 EMail: cadams@entrust.com
APPENDIX A: MECHANISM-INDEPENDENT TOKEN FORMAT
附录A:独立于机制的令牌格式
This appendix specifies the use, for IDUP-GSS-API tokens, of the mechanism-independent level of encapsulating representation for tokens given in Section 3.1 of GSS-API [RFC-2078]. The representation given there incorporates an identifier of the mechanism type to be used when processing the associated tokens. Use of that octet format is recommended to the designers of IDUP-GSS-API implementations based on various mechanisms so that tokens can be interpreted unambiguously at IDUP-GSS-API peers. It is recognized, however, that for interoperability purposes with peers not using IDUP for specific IDU protection/unprotection protocols, the encapsulating representation may need to be omitted. (In such a case it is necessary that the underlying mechanism provides some sort of internal or external identification that allows it to recognize its own tokens.) When the mechanism-independent level of encapsulating representation is not desired, callers SHOULD set mech_indep_encap_req to FALSE (note that some underlying mechanisms may default this parameter to FALSE).
本附录规定了IDUP-GSS-API令牌使用GSS-API[RFC-2078]第3.1节中给出的令牌封装表示的机制独立级别。这里给出的表示包含了处理关联令牌时要使用的机制类型的标识符。基于各种机制,建议IDUP-GSS-API实现的设计者使用该八位字节格式,以便令牌可以在IDUP-GSS-API对等点上明确解释。然而,人们认识到,为了与不使用IDUP进行特定IDU保护/取消保护协议的对等方进行互操作,可能需要省略封装表示。(在这种情况下,底层机制必须提供某种内部或外部标识,允许其识别自己的令牌。)当不需要与机制无关的封装表示级别时,调用方应将mech_indep_encap_req设置为FALSE(请注意,某些底层机制可能会将此参数默认为FALSE)。
For purely descriptive purposes, the following simple ASN.1 structure is used to illustrate the structural relationships among token and tag objects. For interoperability purposes, token and tag encoding shall be performed using the concrete encoding procedures described in Section 3.1 of GSS-API [RFC-2078].
出于纯粹的描述目的,以下简单的ASN.1结构用于说明令牌和标记对象之间的结构关系。出于互操作性目的,应使用GSS-API[RFC-2078]第3.1节所述的具体编码程序进行令牌和标签编码。
-- top-level token definition to frame different mechanisms
--顶级令牌定义,用于框架不同的机制
IDUP-GSS-API DEFINITIONS ::= BEGIN MechType ::= OBJECT IDENTIFIER
IDUP-GSS-API DEFINITIONS ::= BEGIN MechType ::= OBJECT IDENTIFIER
Token ::= [APPLICATION 0] IMPLICIT SEQUENCE { thisMech MechType, token ANY DEFINED BY thisMech -- contents mechanism-specific } END
Token ::= [APPLICATION 0] IMPLICIT SEQUENCE { thisMech MechType, token ANY DEFINED BY thisMech -- contents mechanism-specific } END
APPENDIX B: EXAMPLES OF IDUP USE
附录B:IDUP使用示例
This appendix provides examples of the use of IDUP to do IDU protection and unprotection. It should not be regarded as constrictive to implementations or as defining the only means through which IDUP-GSS-API functions can be realized with particular underlying technology, and does not demonstrate all IDUP-GSS-API features.
本附录提供了使用IDUP进行IDU保护和取消保护的示例。它不应被视为对实现的限制,也不应被视为定义了使用特定底层技术实现IDUP-GSS-API功能的唯一方法,并且没有演示所有IDUP-GSS-API功能。
Most of the examples below only illustrate the use of CONF/DOA protection services. Note that when both CONF/DOA and Evidence services are required, calling applications may use a series of SE and EV calls, or may use the GP calls (when these are supported). Using the former approach implies multiple calls (e.g., the SE calls are used to protect some data and the resulting token is then input to the EV calls to add evidence information), but some callers may find this to be more attractive than coding to the GP calls because of the simpler SE/EV interface. Depending upon the underlying mechanism, the series of SE/EV calls may result in a single token that can be unprotected using the SE and EV calls in any order (for example, because it is a single ASN.1 SEQUENCE that incorporates all the specified protection services at one level), or the series may result in a token that can only be unprotected in the reverse order of protection (for example, because each SE/EV output token was effectively embedded in the token of the subsequent call). The IDUP_Get_token_details call can assist callers in determining how to unprotect any received token.
下面的大多数示例仅说明了CONF/DOA保护服务的使用。请注意,当需要CONF/DOA和证据服务时,调用应用程序可能会使用一系列SE和EV调用,或者可能会使用GP调用(如果支持这些调用)。使用前一种方法意味着多个调用(例如,SE调用用于保护某些数据,然后将生成的令牌输入EV调用以添加证据信息),但由于SE/EV接口更简单,一些调用方可能会发现这比编码GP调用更有吸引力。根据基础机制,SE/EV呼叫序列可能会产生单个令牌,该令牌可以以任何顺序使用SE和EV呼叫解除保护(例如,因为它是一个单一ASN.1序列,在一个级别上包含所有指定的保护服务),或者,该系列可能导致令牌只能以保护的相反顺序解除保护(例如,因为每个SE/EV输出令牌有效地嵌入到后续呼叫的令牌中)。IDUP_Get_token_details调用可以帮助呼叫者确定如何取消对任何接收到的令牌的保护。
To illustrate the simplest possible case, consider an underlying IDUP mechanism which does straightforward encryption/decryption and signing/verification only using public-key techniques; none of the other possible services, such as creation of proof-of-origin evidence, requests for proof-of-delivery evidence, or use of trusted time, are supported. PEM[RFC-1421] is one example of a mechanism which fits this description. Furthermore (again for simplicity), assume that encapsulation is chosen by the calling application during IDU protection.
为了说明最简单的可能的情况,考虑一个底层的IDUP机制,它只使用公钥技术进行直接的加密/解密和签名/验证;不支持任何其他可能的服务,例如创建原产地证明证据、请求提供交货证明证据或使用受信任的时间。PEM[RFC-1421]是符合此描述的机制的一个示例。此外(同样为了简单起见),假设在IDU保护期间调用应用程序选择了封装。
Such a mechanism would likely use the "SE" set of IDUP-GSS-API calls. The following parameter bundle uses and defaults would therefore be specified in the relevant IDUP mechanism document.
这种机制可能会使用IDUP-GSS-API调用的“SE”集合。因此,以下参数bundle使用和默认值将在相关IDUP机制文档中指定。
SENDER:
发件人:
Set env_handle = environment handle in use; idu_buffer = data buffer; Target_Info.targ_names = receiver names; Protect_Options = as necessary;
Set env_handle = environment handle in use; idu_buffer = data buffer; Target_Info.targ_names = receiver names; Protect_Options = as necessary;
Call IDUP_SE_SingleBuffer_Protect() with above input parameters
使用上述输入参数调用IDUP_SE_SingleBuffer_Protect()
Check major_status. If not GSS_S_COMPLETE, check minor_status, Target_Info.Bad_Targ_Name, (as required) for more detailed information.
检查主控单元状态。如果未完成GSS,请检查次要状态、目标信息、坏目标名称(根据需要)以了解更多详细信息。
Send Output parameter pidu_buffer to receiver.
向接收器发送输出参数pidu_缓冲区。
RECEIVER (any parameters not listed below are given the value NULL):
接收器(以下未列出的任何参数的值均为NULL):
Set env_handle = environment handle in use; pidu_buffer = received data buffer;
Set env_handle = environment handle in use; pidu_buffer = received data buffer;
Call IDUP_SE_SingleBuffer_Unprotect() with above input parameters Check major_status. If not GSS_S_COMPLETE, check minor_status, (as required) for more detailed information
使用上述输入参数调用IDUP\u SE\u SingleBuffer\u Unprotect(),检查主\u状态。如果GSS_未完成,请检查次要_状态(根据需要)以了解更多详细信息
Utilize PIDU_Information.Protect_Options.Protect_Operation, (to determine which services were applied by the originator) PIDU_Information.Protect_Options.sign_qop_alg / enc_qop_alg, (to determine the corresponding qualities of the services) Prot_Information.originator_name, (to determine the name of the originator) Prot_Information.protection_time, (to determine when the IDU was protected) idu_buffer (to retrieve the unprotected data).
利用PIDU_信息。保护_选项。保护_操作,(确定发起人应用了哪些服务)PIDU_信息。保护_选项。签名(确定服务的相应质量)保护信息。发起人名称,(确定发起人名称)保护信息。保护时间,(确定IDU何时受保护)IDU缓冲区(检索未受保护的数据)。
To illustrate a slight variation on the simplest possible case, assume that everything is as in the previous scenario except that the "GP" calls are used.
为了说明在最简单的情况下的细微变化,假设除了使用“GP”调用之外,所有内容都与前面的场景相同。
The following parameter bundle uses and defaults would therefore be specified in the relevant IDUP mechanism document.
因此,以下参数bundle使用和默认值将在相关IDUP机制文档中指定。
Mech_Specific_Info - NOT USED (the only acceptable input, therefore, is NULL)
机械特定信息-未使用(因此,唯一可接受的输入为空)
Idu_Sensitivity - NOT USED (the only acceptable input, therefore, is NULL)
Idu_灵敏度-未使用(因此,唯一可接受的输入为空)
Service_Creation_Info - NOT USED (the only acceptable input, therefore, is NULL)
服务创建信息-未使用(因此,唯一可接受的输入为空)
Service_Verification_Info - NOT USED (the only acceptable input, therefore, is NULL)
服务验证信息-未使用(因此,唯一可接受的输入为空)
Quality - the qop_algs parameter must be supported, with a suitable DEFAULT value specified; - suitable DEFAULT values for validity, policy_id, and allow_policy_mapping must be specified (it may be an implementation option as to whether these parameters are explicitly modifiable by the calling application, or whether NULLs are the only acceptable input)
质量-必须支持qop_algs参数,并指定适当的默认值;-必须指定有效性、策略\u id和允许\u策略\u映射的适当默认值(这可能是一个实现选项,以确定调用应用程序是否可以显式修改这些参数,或者null是否是唯一可接受的输入)
Idu_Information - the idu_type parameter must have a value representing a suitable IDU type (for example, in PEM a value representing the string "RFC822" or some other valid "Content-Domain" would be used), with a suitable DEFAULT value specified; - the idu_title parameter is NOT USED (the only acceptable input, therefore, is NULL)
Idu_信息-Idu_类型参数必须具有表示适当Idu类型的值(例如,在PEM中,将使用表示字符串“RFC822”或其他有效“内容域”的值),并指定适当的默认值;-未使用idu_title参数(因此,唯一可接受的输入为NULL)
Prot_Information - the originator_name and idu_type (in Idu_Information) parameters are read from the encapsulating information and output by IDUP_Start_Unprotect; - all other parameters are NOT USED (and therefore NULL)
保护信息-从封装信息中读取发起人名称和idu类型(在idu信息中)参数,并由IDUP\U Start\U Unprotect输出;-未使用所有其他参数(因此为空)
Special_Conditions - NOT USED (the only acceptable input, therefore, is NULL)
特殊_条件-未使用(因此,唯一可接受的输入为空)
Target_Info - this bundle is used as described in IDUP; no DEFAULT values are specified
目标信息-此捆绑包按照IDUP中的说明使用;未指定默认值
General_Service_Data - the unencapsulated_token parameter is used if encapsulation_request is FALSE; - the minor_status parameter is used to return minor status values as specified by the mechanism document
常规\u服务\u数据-如果封装\u请求为FALSE,则使用未封装的\u令牌参数;-次要_状态参数用于返回机制文档指定的次要状态值
Prot_Service - the prot_service_type parameter may have a value of "1" ("perform unsolicited service") or NULL (which specifies the DEFAULT value of "1"); - the service_id parameter must have a value representing "PER_CONF" or "PER_DOA"; - the parameters Service_Creation_Info, service_to, Service_Verification_Info, and service_verification_info_id are NOT USED (and therefore NULL)
Prot_Service - the prot_service_type parameter may have a value of "1" ("perform unsolicited service") or NULL (which specifies the DEFAULT value of "1"); - the service_id parameter must have a value representing "PER_CONF" or "PER_DOA"; - the parameters Service_Creation_Info, service_to, Service_Verification_Info, and service_verification_info_id are NOT USED (and therefore NULL)
Unprot_Service - the unprot_service_type parameter will always have a value of "1" ("receive unsolicited service"); - the service_id parameter will have a value representing "REC_CONF" or "REC_DOA"; - the parameters service_verification_info_id, Service_Verification_Info, service_to, and Service_Creation_Info, are NOT USED (and therefore NULL)
Unprot_Service - the unprot_service_type parameter will always have a value of "1" ("receive unsolicited service"); - the service_id parameter will have a value representing "REC_CONF" or "REC_DOA"; - the parameters service_verification_info_id, Service_Verification_Info, service_to, and Service_Creation_Info, are NOT USED (and therefore NULL)
Assuming that the calling application has only a single buffer of data to protect/unprotect, the following sequence of operations must be performed by the sender and receivers (subsequent to environment establishment).
假设调用应用程序只有一个要保护/取消保护的数据缓冲区,则发送方和接收方必须执行以下操作序列(在环境建立之后)。
SENDER (any parameters not listed below are given the value NULL):
发送方(以下未列出的任何参数的值均为NULL):
Set env_handle = environment handle in use; encapsulation_request = TRUE; single_idu_buffer = data buffer; Target_Info.targ_names = receiver names; P_Services.Prot_Service_1.service_id = PER_CONF; P_Services.Prot_Service_2.service_id = PER_DOA;
Set env_handle = environment handle in use; encapsulation_request = TRUE; single_idu_buffer = data buffer; Target_Info.targ_names = receiver names; P_Services.Prot_Service_1.service_id = PER_CONF; P_Services.Prot_Service_2.service_id = PER_DOA;
Call IDUP_Start_Protect() with above input parameters
使用上述输入参数调用IDUP\u Start\u Protect()
Check major_status. If not GSS_S_COMPLETE, check minor_status, Target_Info.bad_targ_names / Target_Info.bad_targ_status, P_Services.Prot_Service_1.General_Service_Data.minor_status, P_Services.Prot_Service_2.General_Service_Data.minor_status (as required) for more detailed information.
检查主控单元状态。如果GSS\U S\U未完成,请检查次要状态、目标信息、坏目标名称/目标信息、坏目标状态、P\U服务、保护服务1、一般服务数据、次要服务状态、保护服务数据2、一般服务数据、次要服务状态(根据需要)以了解更多详细信息。
Send Output parameter pidu_buffer to receiver.
向接收器发送输出参数pidu_缓冲区。
RECEIVER (any parameters not listed below are given the value NULL):
接收器(以下未列出的任何参数的值均为NULL):
Set env_handle = environment handle in use; single_pidu_buffer = received data buffer;
Set env_handle = environment handle in use; single_pidu_buffer = received data buffer;
Call IDUP_Start_Unprotect() with above input parameters Check major_status. If not GSS_S_COMPLETE, check minor_status, R_Services.Unprot_Service_1.General_Service_Data.minor_status, R_Services.Unprot_Service_2.General_Service_Data.minor_status (as required) for more detailed information
使用上述输入参数调用IDUP\U Start\U Unprotect(),检查主\U状态。如果GSS\U S\U未完成,请检查次要\U状态、R\U服务。未维护服务\U 1.一般\U服务\U数据。次要\U状态、R\U服务。未维护服务\U 2.一般\U服务\U数据。次要\U状态(根据需要)以了解更多详细信息
Utilize R_Services.Unprot_Service_1/2.service_id, (to determine which services were applied by the originator) R_Services.Unprot_Service_1/2.Quality, (to determine the corresponding qualities of the services) Prot_Information.originator_name, (to determine the name of the originator) single_idu_buffer (to retrieve the unprotected data).
利用R_Services.unput_Service_1/2.Service_id,(确定发起者应用了哪些服务)R_Services.unput_Service_1/2.Quality,(确定服务的相应质量)Prot_Information.originator_name,(确定发起者的名称)单个_idu缓冲区(检索未受保护的数据)。
To illustrate the next step up in complexity, consider the use of the simple IDUP mechanism described in B.2 above with multiple data buffers. In particular, consider the case in which a large data file is to be signed. For this example, assume that the calling application does not wish to use encapsulation.
为了说明复杂性的下一步,考虑使用上面的B.2中描述的简单IDUP机制与多个数据缓冲区。特别地,考虑要签署大数据文件的情况。对于本例,假设调用应用程序不希望使用封装。
Note that the parameter bundle uses and defaults are as specified in B.2. above.
请注意,参数bundle的使用和默认值如B.2所述。在上面
SENDER (any parameters not listed below are given the value NULL):
发送方(以下未列出的任何参数的值均为NULL):
Set env_handle = environment handle in use; encapsulation_request = FALSE; P_Services.Prot_Service.service_id = PER_DOA;
Set env_handle = environment handle in use; encapsulation_request = FALSE; P_Services.Prot_Service.service_id = PER_DOA;
Call IDUP_Start_Protect() with above input parameters Check major_status. If not GSS_S_COMPLETE, check minor_status, P_Services.Prot_Service.General_Service_Data.minor_status (as required) for more detailed information.
使用上述输入参数调用IDUP\U Start\U Protect(),检查主\U状态。如果GSS_S_未完成,请检查次要_状态、P_服务。保护_服务。一般_服务_数据。次要_状态(根据需要)以了解更多详细信息。
For each buffer of input data: Set input_buffer = buffer Call IDUP_Protect() with above input parameter Check major_status. If not GSS_S_COMPLETE, check minor_status
对于输入数据的每个缓冲区:使用上述输入参数Check major\u status设置input\u buffer=buffer Call IDUP\u Protect()。如果GSS\U未完成,请检查次要\U状态
Call IDUP_End_Protect() Check major_status. If not GSS_S_COMPLETE, check minor_status, P_Services.Prot_Service.General_Service_Data.minor_status (as required) for more detailed information.
调用IDUP\u End\u Protect()检查主\u状态。如果GSS_S_未完成,请检查次要_状态、P_服务。保护_服务。一般_服务_数据。次要_状态(根据需要)以了解更多详细信息。
Send P_Services.Prot_Service.General_Service_Data.unencapsulated_token, and the file for which the signature was calculated (if required), to receiver.
将P_Services.Prot_Service.General_Service_Data.unecapsulated_token和计算签名的文件(如果需要)发送给接收方。
RECEIVER (any parameters not listed below are given the value NULL):
接收器(以下未列出的任何参数的值均为NULL):
Set env_handle = environment handle in use; R_Services.Unprot_Service_1.General_Service_Data. unencapsulated_token = received unencapsulated token;
Set env_handle = environment handle in use; R_Services.Unprot_Service_1.General_Service_Data. unencapsulated_token = received unencapsulated token;
Call IDUP_Start_Unprotect() with above input parameters Check major_status. If not GSS_S_COMPLETE, check
使用上述输入参数调用IDUP\U Start\U Unprotect(),检查主\U状态。如果GSS\U未完成,请检查
minor_status, R_Services.Unprot_Service_1.General_Service_Data.minor_status, (as required) for more detailed information
次要状态,R_服务。未保护的服务\u 1。一般的服务\u数据。次要状态(根据需要),了解更多详细信息
For each buffer of input data: Set input_buffer = buffer Call IDUP_Unprotect() with above input parameter Check major_status. If not GSS_S_COMPLETE, check minor_status
对于输入数据的每个缓冲区:使用上述输入参数Check major\u status设置input\u buffer=buffer Call IDUP\u Unprotect()。如果GSS\U未完成,请检查次要\U状态
Call IDUP_End_Unprotect() Check major_status. If not GSS_S_COMPLETE, check minor_status, R_Services.Unprot_Service_1.General_Service_Data.minor_status, (as required) for more detailed information.
调用IDUP\u End\u Unprotect()检查主\u状态。如果GSS\U S\U未完成,请检查次要\U状态、R\U服务、UNPT\U服务\U 1、一般\U服务\U数据、次要\U状态(根据需要)以了解更多详细信息。
Utilize R_Services.Unprot_Service_1.service_id, (to determine which service was applied by the originator; note that Unprot_Service_2 will have NULL in unprot_service_type to indicate that it is not used) R_Services.Unprot_Service_1.Quality, (to determine the corresponding quality of the service) Prot_Information.originator_name, (from IDUP_Start_Unprotect) (to determine the name of the signer) major_status (from IDUP_End_Unprotect) (to determine pass/fail status of signature verification).
利用R_Services.unput_Service_1.Service_id,(确定发起人应用了哪种服务;注意,unput_Service_2在unput_Service_type中有NULL表示未使用)R_Services.unput_Service_1.Quality,(确定相应的服务质量)Prot_信息。发起人名称,(从IDUP_开始_取消保护)(确定签名人姓名)主要_状态(从IDUP_结束_取消保护)(确定签名验证的通过/失败状态)。
To illustrate a higher level of complexity, consider the use of a more sophisticated IDUP mechanism and a calling application with small data buffers. In particular, consider the case in which a very small e-mail message is to be encrypted for a relatively large receiver list (R), some subset of whom (r) will be asked to send proofs of receipt of the message to some other subset (L) (which includes the originator). So that the example is not unnecessarily complicated, assume again that the originating application uses encapsulation.
为了说明更高级别的复杂性,考虑使用更复杂的IDUP机制和具有小数据缓冲区的调用应用程序。特别地,考虑一个非常小的电子邮件消息将被加密为相对大的接收者列表(R)的情况,其中一些子集(R)将被要求发送消息到其他子集(L)(包括始发者)的接收的证明。为了使示例不会变得不必要的复杂,再次假设原始应用程序使用封装。
The uses and defaults for the various parameter bundles for this mechanism would be specified in the relevant IDUP mechanism document as follows.
此机制的各种参数包的用法和默认值将在相关IDUP机制文档中指定,如下所示。
Mech_Specific_Info - NOT USED (the only acceptable input, therefore, is NULL)
机械特定信息-未使用(因此,唯一可接受的输入为空)
Idu_Sensitivity - NOT USED (the only acceptable input, therefore, is NULL)
Idu_灵敏度-未使用(因此,唯一可接受的输入为空)
Service_Creation_Info - used to create "proof of delivery" evidence (but actual structure is opaque to calling application)
服务创建信息-用于创建“交付证明”证据(但实际结构对调用应用程序不透明)
Service_Verification_Info - used to verify "proof of delivery" evidence (but actual structure is opaque to calling application)
服务验证信息-用于验证“交付证明”证据(但实际结构对调用应用程序不透明)
Quality - the qop_algs parameter must be supported, with a suitable DEFAULT value specified; - suitable DEFAULT values for validity, policy_id, and allow_policy_mapping must be specified (it may be an implementation option as to whether these parameters are explicitly modifiable by the calling application, or whether NULLs are the only acceptable input)
质量-必须支持qop_algs参数,并指定适当的默认值;-必须指定有效性、策略\u id和允许\u策略\u映射的适当默认值(这可能是一个实现选项,以确定调用应用程序是否可以显式修改这些参数,或者null是否是唯一可接受的输入)
Idu_Information - the idu_type parameter must have a value representing a suitable IDU type, with a suitable DEFAULT value specified; - the idu_title parameter must have a value representing a suitable IDU title, with a suitable DEFAULT value specified
Idu_信息-Idu_类型参数必须具有表示适当Idu类型的值,并指定适当的默认值;-idu_title参数必须具有表示适当idu标题的值,并指定适当的默认值
Prot_Information - the originator_name, protection_time, and idu_type / idu_title (in Idu_Information) parameters are read from the contained header information and output by IDUP_Start_Unprotect;
保护信息-从包含的标题信息中读取发起人名称、保护时间和idu类型/idu标题(在idu信息中)参数,并由idu Start\U Unprotect输出;
Special_Conditions - the parameter prot_oper_id is NOT USED (the only acceptable input, therefore, is NULL); - trusted or untrusted time may be selected by the calling application, with a suitable DEFAULT value specified
特殊条件-未使用参数prot_oper_id(因此,唯一可接受的输入为NULL);-调用应用程序可以选择受信任或不受信任的时间,并指定适当的默认值
Target_Info - this bundle is used as described in IDUP; no DEFAULT values are specified
目标信息-此捆绑包按照IDUP中的说明使用;未指定默认值
General_Service_Data - the unencapsulated_token parameter is used if encapsulation_request is FALSE; - the minor_status parameter is used to return minor status values
常规\u服务\u数据-如果封装\u请求为FALSE,则使用未封装的\u令牌参数;-次要_状态参数用于返回次要状态值
as specified by the mechanism document
按照机制文件的规定
Prot_Service - the prot_service_type parameter may have a value of "1" ("perform unsolicited service"), "2" ("perform solicited service"), "3" (perform service solicitation), or NULL (which specifies the DEFAULT value of "1"); - the service_id parameter must have a value representing "PER_CONF", "PER_DOA", "PER_POO", or "PER_POD"; - the parameters Service_Creation_Info, service_to, Service_Verification_Info, and service_verification_info_id are used when required by the IDUP operation
Prot_Service - the prot_service_type parameter may have a value of "1" ("perform unsolicited service"), "2" ("perform solicited service"), "3" (perform service solicitation), or NULL (which specifies the DEFAULT value of "1"); - the service_id parameter must have a value representing "PER_CONF", "PER_DOA", "PER_POO", or "PER_POD"; - the parameters Service_Creation_Info, service_to, Service_Verification_Info, and service_verification_info_id are used when required by the IDUP operation
Unprot_Service - the unprot_service_type parameter may have a value of "1" ("receive unsolicited service"), "2" ("receive solicited service"), or "3" (receive service solicitation); - the service_id parameter will have a value representing "REC_CONF", "REC_DOA", "REC_POO", or "REC_POD"; - the parameters service_verification_info_id, Service_Verification_Info, service_to, and Service_Creation_Info, are used when required by the IDUP operation
Unprot_Service - the unprot_service_type parameter may have a value of "1" ("receive unsolicited service"), "2" ("receive solicited service"), or "3" (receive service solicitation); - the service_id parameter will have a value representing "REC_CONF", "REC_DOA", "REC_POO", or "REC_POD"; - the parameters service_verification_info_id, Service_Verification_Info, service_to, and Service_Creation_Info, are used when required by the IDUP operation
SENDER (any parameters not listed below are given the value NULL):
发送方(以下未列出的任何参数的值均为NULL):
Set env_handle = environment handle in use; Idu_Information.idu_type = value for "e-mail document"; Idu_Information.idu_title = "Contract 1234"; Special_Conditions.use_trusted_time = TRUE; encapsulation_request = TRUE; single_idu_buffer = very small e-mail message; Target_Info.targ_names = receiver names (R); Prot_Service_1.prot_service_type = "1"; Prot_Service_1.service_id = PER_CONF; Prot_Service_2.prot_service_type = "3"; Prot_Service_2.service_id = PER_POD; Prot_Service_2.General_Service_Data.Target_Info.targ_names = "receipts from" list (r); Prot_Service_2.service_to = "receipts to" list (L); P_Services.Prot_Service_1 = Prot_Service_1; P_Services.Prot_Service_2 = Prot_Service_2;
Set env_handle = environment handle in use; Idu_Information.idu_type = value for "e-mail document"; Idu_Information.idu_title = "Contract 1234"; Special_Conditions.use_trusted_time = TRUE; encapsulation_request = TRUE; single_idu_buffer = very small e-mail message; Target_Info.targ_names = receiver names (R); Prot_Service_1.prot_service_type = "1"; Prot_Service_1.service_id = PER_CONF; Prot_Service_2.prot_service_type = "3"; Prot_Service_2.service_id = PER_POD; Prot_Service_2.General_Service_Data.Target_Info.targ_names = "receipts from" list (r); Prot_Service_2.service_to = "receipts to" list (L); P_Services.Prot_Service_1 = Prot_Service_1; P_Services.Prot_Service_2 = Prot_Service_2;
Call IDUP_Start_Protect() with above input parameters
使用上述输入参数调用IDUP\u Start\u Protect()
Check major_status. If not GSS_S_COMPLETE, while major_status == IDUP_S_MORE_OUTBUFFER_NEEDED Save pidu_buffer, Call IDUP_Start_Protect() (to get next portion of pidu_buffer) Check major_status, minor_status, Target_Info.bad_targ_names / Target_Info.bad_targ_status, P_Services.Prot_Service_1.General_Service_Data.minor_status, P_Services.Prot_Service_2.General_Service_Data.minor_status (as required) for more detailed information.
检查主控单元状态。如果GSS\U未完成,而MARGY\U status==IDUP\U MORE\U EXPUFFER\U需要保存pidu\U缓冲区,请调用IDUP\U Start\U Protect()(以获取pidu\U缓冲区的下一部分)检查MARGY\U status、MARGE\U Info.bad\U targ\U NAME/Target\U Info.bad\U targ\U status、P\U Service.Prot\U Service\U 1.General\U Service\U Data.MARGE\U status,P_Services.Prot_Service_2.General_Service_Data.minor_status(根据需要)了解更多详细信息。
Save Prot_Service_2.Service_Verification_Info, Prot_Service_2.service_verification_info_id
保存保护服务2.服务验证信息,保护服务2.服务验证信息id
Send All saved buffers of pidu_buffer to receiver list (R).
将所有保存的pidu_缓冲区发送到接收器列表(R)。
RECEIVER (ON RECEIVER LIST (R)): (any parameters not listed below are given the value NULL)
RECEIVER(在RECEIVER LIST(R)中):(以下未列出的任何参数的值均为NULL)
Set env_handle = environment handle in use; partial_pidu_buffer = initial buffer of received p-idu;
Set env_handle = environment handle in use; partial_pidu_buffer = initial buffer of received p-idu;
Call IDUP_Start_Unprotect() with above input parameters While major_status == IDUP_S_MORE_PIDU_NEEDED, Set partial_pidu_buffer = next buffer of p-idu Call IDUP_Start_Unprotect() Check major_status, minor_status, R_Services.Unprot_Service_1.General_Service_Data.minor_status, R_Services.Unprot_Service_2.General_Service_Data.minor_status, (as required) for more detailed information
使用上述输入参数调用IDUP\U Start\U Unprotect(),而MARGY\U status==IDUP\U MORE\U PIDU\U需要时,设置partial\U PIDU\U buffer=p-idu的下一个缓冲区调用IDUP\U Start\U Unprotect(),检查MARGY\U状态、MARGER\U状态、MARGER\U状态、MARGER\U服务、UNPT\U状态、R\U服务、Data数据、MARGE\U状态、R\U状态,(根据需要)了解更多详细信息
Save initial_idu_buffer (if non-empty)
保存初始\u idu\u缓冲区(如果非空)
Set input_buffer = remaining p-idu buffer Call IDUP_Unprotect() with above input parameter Check major_status. If not GSS_S_COMPLETE, check minor_status Save output_buffer
设置input_buffer=剩余的p-idu缓冲区调用IDUP_Unprotect(),并使用上述输入参数检查主要_状态。如果GSS\U未完成,请检查次要\U状态保存输出\U缓冲区
Call IDUP_End_Unprotect() Check major_status. If not GSS_S_COMPLETE, check minor_status, R_Services.Unprot_Service_1.General_Service_Data.minor_status, R_Services.Unprot_Service_2.General_Service_Data.minor_status, (as required) for more detailed information.
调用IDUP\u End\u Unprotect()检查主\u状态。如果GSS___未完成,请检查次要_状态、R_服务。未维护服务_1.一般_服务_数据。次要_状态、R_服务。未维护服务_2.一般_服务_数据。次要_状态(根据需要)以了解更多详细信息。
Utilize R_Services.Unprot_Service_1/2.service_id, (to determine which services were applied by the originator) R_Services.Unprot_Service_1/2.Quality, (to determine the corresponding qualities of the service) Prot_Information.originator_name/protection_time and Prot_Information.Idu_Information.idu_type/idu_title, (from IDUP_Start_Unprotect) (to determine originator info.) R_Services.Unprot_Service_2.General_Service_Data.Target_Info. targ.names, (to determine if rec. is in "receipts from" (r)) Service_Verification_Info/service_verification_info_id (to determine if receiver is in "receipts to" list (L))
利用R_Services.unpt_Service_1/2.Service_id,(确定发起人应用了哪些服务)R_Services.unpt_Service_1/2.Quality,(确定服务的相应质量)Prot_Information.originator_name/protection_time和Prot_Information.Idu_Information.Idu type/Idu title,(从IDUP_Start_Unprotect开始)(确定发起人信息。)R_服务。Unput_服务2。General_服务_数据。Target_信息。Target名称,(确定收款人是否在“收款人”(R)中)服务_验证_信息/服务_验证_信息_id(确定收款人是否在“收款人”列表(L)中)
If receiver is in "receipts from" list (r) Save R_Services.Unprot_Service_2.service_to, R_Services.Unprot_Service_2.Service_Creation_Info
如果接收方位于“收货自”列表(r)中,则保存r_服务。未付服务。服务。服务。至,r_服务。未付服务。服务。创建信息
If receiver is in "receipts to" list (L) Save Service_Verification_Info, service_verification_info_id
如果接收人在“收货到”列表(L)中,则保存服务验证信息、服务验证信息标识
RECEIVER (ON "RECEIPTS FROM" LIST (r)): (procedure to generate receipt)
接收人(在“来自”列表(r)的收据上):(生成收据的过程)
Set env_handle = environment handle in use; Target_Info.targ_names = service_to
设置环境句柄=正在使用的环境句柄;Target\u Info.Target\u names=服务对象
Prot_Service_1.prot_service_type = "2"; Prot_Service_1.service_id = "PER_POD"; Prot_Service_1.Service_Creation_Info = Service_Creation_Info; P_Services.Prot_Service_1 = Prot_Service_1
Prot_Service_1.prot_service_type = "2"; Prot_Service_1.service_id = "PER_POD"; Prot_Service_1.Service_Creation_Info = Service_Creation_Info; P_Services.Prot_Service_1 = Prot_Service_1
Call IDUP_Start_Protect() with above input parameters Check major_status. If not GSS_S_COMPLETE, check minor_status, P_Services.Prot_Service_1.General_Service_Data.minor_status (as required) for more detailed information.
使用上述输入参数调用IDUP\U Start\U Protect(),检查主\U状态。如果GSS\U S\U未完成,请检查次要\U状态、P\U服务。保护\U服务\U 1。一般\U服务\U数据。次要\U状态(根据需要)以了解更多详细信息。
Send pidu_buffer to "receipts to" list (L)
将pidu_缓冲区发送到“收件人”列表(L)
RECEIVER (ON "RECEIPTS TO" LIST (L)): (procedure to process received receipt)
接收人(在“收据到”列表(L)上):(处理收到的收据的程序)
Set env_handle = environment handle in use; single_pidu_buffer = received p-idu buffer (if it fits in a single buffer; otherwise use partial_pidu_buffer and make multiple calls, as above)
设置环境句柄=正在使用的环境句柄;single_pidu_buffer=接收到的p-idu缓冲区(如果它适合于单个缓冲区;否则使用partial_pidu_buffer并进行多个调用,如上所述)
Call IDUP_Start_Unprotect() with above input parameters If major_status == IDUP_S_SERV_VERIF_INFO_NEEDED Utilize R_Services.Unprot_Service_1.service_verification_info.id (to assist in locating necessary Service_Verification_Info) Set R_Services.Unprot_Service_1.Service_Verification_Info = Service_Verification_Info Call IDUP_Start_Unprotect() with above input parameters Check major_status, minor_status, R_Services.Unprot_Service_1.General_Service_Data.minor_status (as required) for more detailed information.
如果需要使用R\u服务,则使用上述输入参数调用IDUP\u Start\u Unprotect()使用上述输入参数,检查主要服务状态、次要服务状态、R服务。未保护服务1。一般服务数据。次要服务状态(根据需要)以了解更多详细信息。
Utilize R_Services.Unprot_Service_1.service_id, (to determine that this is a "proof of delivery" evidence) R_Services.Unprot_Service_1.Quality, Prot_Information.originator_name, (for evidence generator info.) major_status (to determine pass/fail status of evi. verif.).
利用R_Services.Unput_Service_1.Service_id,(确定这是“交付证明”证据)R_Services.Unput_Service_1.Quality,Prot_Information.originator_name,(用于证据生成器信息)主要_状态(确定evi.verif的通过/失败状态)。
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (1998). All Rights Reserved.
版权所有(C)互联网协会(1998年)。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。