SecureBlackbox 2020 macOS Edition

Questions / Feedback?

Constants

All constants are defined in the SecureBlackboxConstants.h file.

Error Codes

SB_ERROR_INVALID_PARAMETER 0x100001 Invalid parameter value

SB_ERROR_INVALID_SETUP 0x100002 Component is configured incorrectly

SB_ERROR_INVALID_STATE 0x100003 Operation cannot be executed in the current state

SB_ERROR_INVALID_VALUE 0x100004 Attempt to set an invalid value to a property

SB_ERROR_NO_PRIVATE_KEY 0x100005 Certificate does not have its private key loaded

SB_ERROR_CANCELLED_BY_USER 0x100006 Cancelled by the user

SB_ERROR_ASIC_UNSUPPORTED_LEVEL 0x01000001 Unsupported level

SB_ERROR_ASIC_UNSUPPORTED_SIGNATURE_FORM 0x01000002 Unsupported signature form

SB_ERROR_ASIC_UNSUPPORTED_SIGNATURE_TYPE 0x01000003 Unsupported signature type

SB_ERROR_ASIC_UNSUPPORTED_EXTRACTION_MODE 0x01000004 Unsupported extraction mode

SB_ERROR_ASIC_INPUTFILE_NOT_EXISTS 0x01000005 Input file does not exist

SB_ERROR_ASIC_OUTPUTFILE_ALREADY_EXISTS 0x01000006 Output file already exists

SB_ERROR_FTP_UNSUPPORTED_FILEOPERATION 0x01200001 Unsupported file operation

SB_ERROR_HTTP_UNSUPPORTED_KEEPALIVEPOLICY 0x01300001 Unsupported keep-alive policy

SB_ERROR_KMIP_REQUEST_FAILED 0x01400001 Request failed

SB_ERROR_KMIP_INPUTFILE_NOT_EXISTS 0x01400002 Input file does not exist

SB_ERROR_KMIP_UNSUPPORTED_KEY_ALGORITHM 0x01400003 Unsupported key algorithm

SB_ERROR_KMIP_INVALID_KEY 0x01400004 Unsupported extraction mode

SB_ERROR_MAIL_ASSEMBLY_FAILED 0x01500001 Failed to assemble a mail message

SB_ERROR_MAIL_PARSING_FAILED 0x01500002 Failed to parse a mail message

SB_ERROR_MAIL_NO_DECRYPTION_CERTIFICATE 0x01500003 Failed to decrypt a message because there is no decryption certificate provided

SB_ERROR_OFFICE_INPUTFILE_NOT_EXISTS 0x01700001 Input file does not exist

SB_ERROR_OFFICE_UNSUPPORTED_DOCUMENT_FORMAT 0x01700002 Unsupported document format

SB_ERROR_OFFICE_DOCUMENT_NOT_SIGNABLE 0x01700003 Document cannot be signed

SB_ERROR_OFFICE_DOCUMENT_NOT_SIGNED 0x01700004 Document is not signed

SB_ERROR_OFFICE_DOCUMENT_ENCRYPTED 0x01700005 Document is encrypted

SB_ERROR_OFFICE_DOCUMENT_NOT_ENCRYPTABLE 0x01700006 Document cannot be encrypted

SB_ERROR_OFFICE_DOCUMENT_NOT_ENCRYPTED 0x01700007 Document is not encrypted

SB_ERROR_OFFICE_DOCUMENT_UNKNOWN_ENCRYPTION 0x01700008 Unknown encryption algorithm

SB_ERROR_OFFICE_INVALID_PASSWORD 0x01700009 Invalid password

SB_ERROR_OFFICE_SIGNATURE_NOT_FOUND 0x0170000A Signature not found

SB_ERROR_OTP_USER_NOT_FOUND 0x01800001 User not found

SB_ERROR_PDF_INPUTFILE_NOT_EXISTS 0x01900001 Input file does not exist

SB_ERROR_PDF_ENCRYPTED 0x01900002 Document is encrypted

SB_ERROR_PDF_NOT_ENCRYPTED 0x01900003 Document not encrypted

SB_ERROR_PDF_UNKNOWN_ENCRYPTION_TYPE 0x01900004 Unknown certificate type

SB_ERROR_PDF_INVALID_PASSWORD 0x01900005 Invalid password

SB_ERROR_PDF_DECRYPTION_FAILED 0x01900006 Decryption failed

SB_ERROR_PDF_SIGNED 0x01900007 Document is signed

SB_ERROR_PDF_NOT_SIGNED 0x01900008 Document is not signed

SB_ERROR_PDF_INAPPROPRIATE_SIGNATURE 0x01900009 Inappropriate signature

SB_ERROR_PDF_NOT_SUPPORTED 0x0190000A Not supported

SB_ERROR_PGP_FILE_NOT_EXISTS 0x01A00001 File does not exist

SB_ERROR_PGP_INVALID_KEY 0x01A00002 Invalid key

SB_ERROR_PGP_NO_PUBLIC_KEY 0x01A00003 No public key

SB_ERROR_PGP_NO_SECRET_KEY 0x01A00004 No secret key

SB_ERROR_PGP_NOT_FOUND 0x01A00005 Not found

SB_ERROR_PGP_OPERATION_ON_SUBKEY 0x01A00006 Operation cannot be performed on a subkey

SB_ERROR_SAML_INVALID_BINDING_NAME 0x01D00001 Invalid binging name

SB_ERROR_SAML_INVALID_BINDING_TYPE 0x01D00002 Invalid binding type

SB_ERROR_SAML_SP_BASE_DIRECTORY_NOT_SET 0x01D00003 Base directory not set

SB_ERROR_SFTP_UNSUPPORTED_FILEOPERATION 0x01E00001 Unsupported file operation

SB_ERROR_SOAP_INPUTFILE_NOT_EXISTS 0x02000001 Input file does not exist

SB_ERROR_SOAP_INVALID_KEY_TYPE 0x02000002 Invalid key type

SB_ERROR_SOAP_SIGNATURE_NOT_FOUND 0x02000003 Signature not found

SB_ERROR_SOAP_UNSUPPORTED_SIGNATURE_TYPE 0x02000004 Unsupported signature type

SB_ERROR_SOAP_CLIENT_UNEXPECTED_HTTP_STATUS_CODE 0x02000101 Unexpected HTTP status code

SB_ERROR_SOAP_CLIENT_SERVICE_FAILED 0x02000102 SOAP service failed

SB_ERROR_SSH_INVALID_KEY 0x02100001 Invalid key

SB_ERROR_XML_INPUTFILE_NOT_EXISTS 0x02600001 Input file does not exist

SB_ERROR_XML_DATAFILE_NOT_EXISTS 0x02600002 Data file does not exist

SB_ERROR_XML_UNSUPPORTED_SIGNATURE_METHOD_TYPE 0x02600003 Unsupported signature method type

SB_ERROR_XML_UNSUPPORTED_HASH_ALGORITHM 0x02600004 Unsupported has algorithm

SB_ERROR_XML_UNSUPPORTED_KEY_TYPE 0x02600005 Unsupported key type

SB_ERROR_XML_INVALID_KEY_TYPE 0x02600006 Invalid key type

SB_ERROR_XML_INVALID_ENCRYPTION_METHOD 0x02600007 Invalid encryption method

SB_ERROR_XML_NOT_FOUND 0x02600008 Not found

SB_ERROR_XML_NO_ELEMENT_ID 0x02600009 No element ID

CAdES Compatibility Errors

cerrUnknown 0x00001 Unknown validation error

cerrNoMessageDigest 0x00002 No message digest attribute included in the signature

cerrNoContentType 0x00004 No mandatory content-type attribute is included in the signature

cerrNoSigningCertificate 0x00008 No mandatory signing-certificate (-v2) attribute is included in the signature

cerrNoSignaturePolicy 0x00010 No signature policy information is included in the signature

cerrNoSignatureTimestamp 0x00020 The signature is not timestamped

cerrNoCertificateReferences 0x00040 No certificate-references attribute was found in the signature

cerrNoRevocationReferences 0x00080 No revocation-references attribute was found in the signature

cerrNoCertificateValues 0x00100 No certificate-values attribute was found in the signature

cerrNoRevocationValues 0x00200 No revocation-values attribute was found in the signature

cerrNoTimestampedValidationData 0x00400 No timestamped validation data was found in the signature

cerrNoArchivalTimestamp 0x00800 No archival timestamp was found in the signature

cerrUnexpectedValidationElements 0x01000 Unexpected validation elements were found in the signature

cerrMissingValidationElements 0x02000 Some mandatory validation elements are missing from the signature

cerrInvalidATSHashIndex 0x04000 ATS Hash Index attribute is invalid

cerrNoSigningTime 0x08000 No mandatory signing-time attribute was found in the signature

cerrMisplacedSigPolicyStore 0x10000 Signature policy store attribute is misplaced

CAdES Signature Levels

cslUnknown 0 Unknown signature level

cslBES 1 BES (Basic Electronic Signature)

cslEPES 2 EPES (Electronic Signature with an Explicit Policy)

cslT 3 T (Timestamped)

cslC 4 C (T with revocation references)

cslXType1 5 X Type 1 (C with an ES-C timestamp)

cslXType2 6 X Type 2 (C with a CertsAndCRLs timestamp)

cslXLType1 7 XL Type 1 (C with revocation values and an ES-C timestamp)

cslXLType2 8 XL Type 2 (C with revocation values and a CertsAndCRLs timestamp)

cslBaselineB 9 Baseline B (B-B, basic)

cslBaselineT 10 Baseline T (B-T, timestamped)

cslBaselineLT 11 Baseline LT (B-LT, long-term)

cslBaselineLTA 12 Baseline LTA (B-LTA, long-term with archived timestamp)

cslExtendedBES 13 Extended BES

cslExtendedEPES 14 Extended EPES

cslExtendedT 15 Extended T

cslExtendedC 16 Extended C

cslExtendedXType1 17 Extended X Type 1

cslExtendedXType2 18 Extended X Type 2

cslExtendedXLType1 19 Extended XL Type 1

cslExtendedXLType2 20 Extended XL Type 2

cslExtendedA 21 Extended A

cslA 22 A (archived)

CAdES Timestamp Types

cttUnknown 0 Unknown timestamp type

cttGeneric 1 Generic signature timestamp

cttESC 2 ES-C timestamp (X and XL type 1)

cttCertsAndCRLs 3 CertsAndCRLs timestamp (X and XL type 2)

cttArchive 4 Archival timestamp v1

cttArchive2 5 Archival timestamp v2

cttArchive3 6 Archival timestamp v3

cttContent 7 Content timestamp

Certificate File Formats

cfmUnknown 0 Unknown certificate format

cfmDER 1 DER file format. Applicable to certificates, certificate requests, private keys. Encryption not supported

cfmPEM 2 PEM file format. Applicable to certificates, certificate requests, private keys. Encryption supported for private keys.

cfmPFX 3 PFX/PKCS#12 file format. Applicable to certificates. Encryption supported.

cfmSPC 4 SPC file format. Applicable to certificates. Encryption not supported.

cfmPVK 5 PVK file format. Applicable to private keys. Encryption not supported.

cfmPKCS8 6 PKCS#8 file format. Applicable to private keys. Encryption supported.

cfmNET 7 NET file format. Applicable to private keys. Encryption not supported.

Certificate Key Usages

ckuUnknown 0x00000 Unknown key usage

ckuDigitalSignature 0x00001 Digital signature

ckuNonRepudiation 0x00002 Non-repudiation

ckuKeyEncipherment 0x00004 Key encipherment

ckuDataEncipherment 0x00008 Data encipherment

ckuKeyAgreement 0x00010 Key agreement

ckuKeyCertSign 0x00020 Certificate signing

ckuCRLSign 0x00040 Revocation signing

ckuEncipherOnly 0x00080 Encipher only

ckuDecipherOnly 0x00100 Decipher only

ckuServerAuthentication 0x00200 Server authentication

ckuClientAuthentication 0x00400 Client authentication

ckuCodeSigning 0x00800 Code signing

ckuEmailProtection 0x01000 Email protection

ckuTimeStamping 0x02000 Timestamping

ckuOCSPSigning 0x04000 OCSP signing

ckuSmartCardLogon 0x08000 Smartcard logon

ckuKeyPurposeClientAuth 0x10000 Kerberos - client authentication

ckuKeyPurposeKDC 0x20000 Kerberos - KDC

Certificate Pulbic Key Algorithms

SB_CERT_ALGORITHM_ID_RSA_ENCRYPTION rsaEncryption
SB_CERT_ALGORITHM_MD2_RSA_ENCRYPTION md2withRSAEncryption
SB_CERT_ALGORITHM_MD5_RSA_ENCRYPTION md5withRSAEncryption
SB_CERT_ALGORITHM_SHA1_RSA_ENCRYPTION sha1withRSAEncryption
SB_CERT_ALGORITHM_ID_DSA id-dsa
SB_CERT_ALGORITHM_ID_DSA_SHA1 id-dsa-with-sha1
SB_CERT_ALGORITHM_DH_PUBLIC dhpublicnumber
SB_CERT_ALGORITHM_SHA224_RSA_ENCRYPTION sha224WithRSAEncryption
SB_CERT_ALGORITHM_SHA256_RSA_ENCRYPTION sha256WithRSAEncryption
SB_CERT_ALGORITHM_SHA384_RSA_ENCRYPTION sha384WithRSAEncryption
SB_CERT_ALGORITHM_SHA512_RSA_ENCRYPTION sha512WithRSAEncryption
SB_CERT_ALGORITHM_ID_RSAPSS id-RSASSA-PSS
SB_CERT_ALGORITHM_ID_RSAOAEP id-RSAES-OAEP
SB_CERT_ALGORITHM_RSASIGNATURE_RIPEMD160 ripemd160withRSA
SB_CERT_ALGORITHM_ID_ELGAMAL elGamal
SB_CERT_ALGORITHM_SHA1_ECDSA ecdsa-with-SHA1
SB_CERT_ALGORITHM_RECOMMENDED_ECDSA ecdsa-recommended
SB_CERT_ALGORITHM_SHA224_ECDSA ecdsa-with-SHA224
SB_CERT_ALGORITHM_SHA256_ECDSA ecdsa-with-SHA256
SB_CERT_ALGORITHM_SHA384_ECDSA ecdsa-with-SHA384
SB_CERT_ALGORITHM_SHA512_ECDSA ecdsa-with-SHA512
SB_CERT_ALGORITHM_EC id-ecPublicKey
SB_CERT_ALGORITHM_SPECIFIED_ECDSA ecdsa-specified
SB_CERT_ALGORITHM_GOST_R3410_1994 id-GostR3410-94
SB_CERT_ALGORITHM_GOST_R3410_2001 id-GostR3410-2001
SB_CERT_ALGORITHM_GOST_R3411_WITH_R3410_1994 id-GostR3411-94-with-GostR3410-94
SB_CERT_ALGORITHM_GOST_R3411_WITH_R3410_2001 id-GostR3411-94-with-GostR3410-2001
SB_CERT_ALGORITHM_SHA1_ECDSA_PLAIN ecdsa-plain-SHA1
SB_CERT_ALGORITHM_SHA224_ECDSA_PLAIN ecdsa-plain-SHA224
SB_CERT_ALGORITHM_SHA256_ECDSA_PLAIN ecdsa-plain-SHA256
SB_CERT_ALGORITHM_SHA384_ECDSA_PLAIN ecdsa-plain-SHA384
SB_CERT_ALGORITHM_SHA512_ECDSA_PLAIN ecdsa-plain-SHA512
SB_CERT_ALGORITHM_RIPEMD160_ECDSA_PLAIN ecdsa-plain-RIPEMD160
SB_CERT_ALGORITHM_WHIRLPOOL_RSA_ENCRYPTION whirlpoolWithRSAEncryption
SB_CERT_ALGORITHM_ID_DSA_SHA224 id-dsa-with-sha224
SB_CERT_ALGORITHM_ID_DSA_SHA256 id-dsa-with-sha256
SB_CERT_ALGORITHM_SHA3_224_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-sha3-224
SB_CERT_ALGORITHM_SHA3_256_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-sha3-256
SB_CERT_ALGORITHM_SHA3_384_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-sha3-384
SB_CERT_ALGORITHM_SHA3_512_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-sha3-512
SB_CERT_ALGORITHM_SHA3_224_ECDSA id-ecdsa-with-sha3-224
SB_CERT_ALGORITHM_SHA3_256_ECDSA id-ecdsa-with-sha3-256
SB_CERT_ALGORITHM_SHA3_384_ECDSA id-ecdsa-with-sha3-384
SB_CERT_ALGORITHM_SHA3_512_ECDSA id-ecdsa-with-sha3-512
SB_CERT_ALGORITHM_SHA3_224_ECDSA_PLAIN id-ecdsa-plain-with-sha3-224
SB_CERT_ALGORITHM_SHA3_256_ECDSA_PLAIN id-ecdsa-plain-with-sha3-256
SB_CERT_ALGORITHM_SHA3_384_ECDSA_PLAIN id-ecdsa-plain-with-sha3-384
SB_CERT_ALGORITHM_SHA3_512_ECDSA_PLAIN id-ecdsa-plain-with-sha3-512
SB_CERT_ALGORITHM_ID_DSA_SHA3_224 id-dsa-with-sha3-224
SB_CERT_ALGORITHM_ID_DSA_SHA3_256 id-dsa-with-sha3-256
SB_CERT_ALGORITHM_BLAKE2S_128_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-blake2s128
SB_CERT_ALGORITHM_BLAKE2S_160_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-blake2s160
SB_CERT_ALGORITHM_BLAKE2S_224_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-blake2s224
SB_CERT_ALGORITHM_BLAKE2S_256_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-blake2s256
SB_CERT_ALGORITHM_BLAKE2B_160_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-blake2b160
SB_CERT_ALGORITHM_BLAKE2B_256_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-blake2b256
SB_CERT_ALGORITHM_BLAKE2B_384_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-blake2b384
SB_CERT_ALGORITHM_BLAKE2B_512_RSA_ENCRYPTION id-rsassa-pkcs1-v1_5-with-blake2b512
SB_CERT_ALGORITHM_BLAKE2S_128_ECDSA id-ecdsa-with-blake2s128
SB_CERT_ALGORITHM_BLAKE2S_160_ECDSA id-ecdsa-with-blake2s160
SB_CERT_ALGORITHM_BLAKE2S_224_ECDSA id-ecdsa-with-blake2s224
SB_CERT_ALGORITHM_BLAKE2S_256_ECDSA id-ecdsa-with-blake2s256
SB_CERT_ALGORITHM_BLAKE2B_160_ECDSA id-ecdsa-with-blake2b160
SB_CERT_ALGORITHM_BLAKE2B_256_ECDSA id-ecdsa-with-blake2b256
SB_CERT_ALGORITHM_BLAKE2B_384_ECDSA id-ecdsa-with-blake2b384
SB_CERT_ALGORITHM_BLAKE2B_512_ECDSA id-ecdsa-with-blake2b512
SB_CERT_ALGORITHM_BLAKE2S_128_ECDSA_PLAIN id-ecdsa-plain-with-blake2s128
SB_CERT_ALGORITHM_BLAKE2S_160_ECDSA_PLAIN id-ecdsa-plain-with-blake2s160
SB_CERT_ALGORITHM_BLAKE2S_224_ECDSA_PLAIN id-ecdsa-plain-with-blake2s224
SB_CERT_ALGORITHM_BLAKE2S_256_ECDSA_PLAIN id-ecdsa-plain-with-blake2s256
SB_CERT_ALGORITHM_BLAKE2B_160_ECDSA_PLAIN id-ecdsa-plain-with-blake2b160
SB_CERT_ALGORITHM_BLAKE2B_256_ECDSA_PLAIN id-ecdsa-plain-with-blake2b256
SB_CERT_ALGORITHM_BLAKE2B_384_ECDSA_PLAIN id-ecdsa-plain-with-blake2b384
SB_CERT_ALGORITHM_BLAKE2B_512_ECDSA_PLAIN id-ecdsa-plain-with-blake2b512
SB_CERT_ALGORITHM_ID_DSA_BLAKE2S_224 id-dsa-with-blake2s224
SB_CERT_ALGORITHM_ID_DSA_BLAKE2S_256 id-dsa-with-blake2s256
SB_CERT_ALGORITHM_EDDSA_ED25519 id-Ed25519
SB_CERT_ALGORITHM_EDDSA_ED448 id-Ed448
SB_CERT_ALGORITHM_EDDSA_ED25519_PH id-Ed25519ph
SB_CERT_ALGORITHM_EDDSA_ED448_PH id-Ed448ph
SB_CERT_ALGORITHM_EDDSA id-EdDSA
SB_CERT_ALGORITHM_EDDSA_SIGNATURE id-EdDSA-sig

DC Certificate Storage Locations

cslUnspecified unspecified
cslMemory memory in-memory storage

cslFile file file storage

cslSystem system OS-specific certificate storage (e.g. CryptoAPI)

cslPKCS11 pkcs11 PKCS#11 compatible device

cslKMIP kmip
cslApple apple Apple certificates storage (macOS and iOS only)

cslJava java java key storage

Cryptographic Key Formats

kffUnknown 0 The key format was not recognized as one of the known formats.

kffAuto 1 The default format in current circumstances. This depends on the key being loaded or saved.

kffDER 2 DER (binary) format

kffPEM 3 PEM format (base64-encoded with headers)

kffJSON 4 JSON key format

Cryptographic Key Types

ktAuto 0 The default key type in current circumstances. This depends on the operation, the file content, and the storage type.

ktPublic 1 The operation should be performed on a public key.

ktSecret 2 The operation should be performed on a private or secret key

Cryptographic Data Encoding Types

cetDefault 0 The default encoding type in current circumstances. This depends on the operation and the type of the key being used.

cetBinary 1 Raw binary encoding (no encoding)

cetBase64 2 Base64 encoding (armouring)

cetCompact 3 JSON compact encoding

cetJSON 4 JSON standard encoding

Chain Validation Results

cvtValid 0 The chain is valid

cvtValidButUntrusted 1 The chain is valid, but the root certificate is not trusted

cvtInvalid 2 The chain is not valid (some of certificates are revoked, expired, or contain an invalid signature)

cvtCantBeEstablished 3 The validity of the chain cannot be established because of missing or unavailable validation information (certificates, CRLs, or OCSP responses)

Chain Validity Reasons

cvrBadData 0x0001 One or more certificates in the validation path are malformed

cvrRevoked 0x0002 One or more certificates are revoked

cvrNotYetValid 0x0004 One or more certificates are not yet valid

cvrExpired 0x0008 One or more certificates are expired

cvrInvalidSignature 0x0010 A certificate contains a non-valid digital signature

cvrUnknownCA 0x0020 A CA certificate for one or more certificates has not been found (chain incomplete)

cvrCAUnauthorized 0x0040 One of the CA certificates are not authorized to act as CA

cvrCRLNotVerified 0x0080 One or more CRLs could not be verified

cvrOCSPNotVerified 0x0100 One or more OCSP responses could not be verified

cvrIdentityMismatch 0x0200 The identity protected by the certificate (a TLS endpoint or an e-mail addressee) does not match what is recorded in the certificate

cvrNoKeyUsage 0x0400 A mandatory key usage is not enabled in one of the chain certificates

cvrBlocked 0x0800 One or more certificates are blocked

cvrFailure 0x1000 General validation failure

cvrChainLoop 0x2000 Chain loop: one of the CA certificates recursively signs itself

cvrWeakAlgorithm 0x4000 A weak algorithm is used in one of certificates or revocation elements

cvrUserEnforced 0x8000 The chain was considered invalid following intervention from a user code

EC Curve Names

SB_EC_SECP112R1 SECP112R1
SB_EC_SECP112R2 SECP112R2
SB_EC_SECP128R1 SECP128R1
SB_EC_SECP128R2 SECP128R2
SB_EC_SECP160K1 SECP160K1
SB_EC_SECP160R1 SECP160R1
SB_EC_SECP160R2 SECP160R2
SB_EC_SECP192K1 SECP192K1
SB_EC_SECP192R1 SECP192R1
SB_EC_SECP224K1 SECP224K1
SB_EC_SECP224R1 SECP224R1
SB_EC_SECP256K1 SECP256K1
SB_EC_SECP256R1 SECP256R1
SB_EC_SECP384R1 SECP384R1
SB_EC_SECP521R1 SECP521R1
SB_EC_SECT113R1 SECT113R1
SB_EC_SECT113R2 SECT113R2
SB_EC_SECT131R1 SECT131R1
SB_EC_SECT131R2 SECT131R2
SB_EC_SECT163K1 SECT163K1
SB_EC_SECT163R1 SECT163R1
SB_EC_SECT163R2 SECT163R2
SB_EC_SECT193R1 SECT193R1
SB_EC_SECT193R2 SECT193R2
SB_EC_SECT233K1 SECT233K1
SB_EC_SECT233R1 SECT233R1
SB_EC_SECT239K1 SECT239K1
SB_EC_SECT283K1 SECT283K1
SB_EC_SECT283R1 SECT283R1
SB_EC_SECT409K1 SECT409K1
SB_EC_SECT409R1 SECT409R1
SB_EC_SECT571K1 SECT571K1
SB_EC_SECT571R1 SECT571R1
SB_EC_PRIME192V1 PRIME192V1
SB_EC_PRIME192V2 PRIME192V2
SB_EC_PRIME192V3 PRIME192V3
SB_EC_PRIME239V1 PRIME239V1
SB_EC_PRIME239V2 PRIME239V2
SB_EC_PRIME239V3 PRIME239V3
SB_EC_PRIME256V1 PRIME256V1
SB_EC_C2PNB163V1 C2PNB163V1
SB_EC_C2PNB163V2 C2PNB163V2
SB_EC_C2PNB163V3 C2PNB163V3
SB_EC_C2PNB176W1 C2PNB176W1
SB_EC_C2TNB191V1 C2TNB191V1
SB_EC_C2TNB191V2 C2TNB191V2
SB_EC_C2TNB191V3 C2TNB191V3
SB_EC_C2ONB191V4 C2ONB191V4
SB_EC_C2ONB191V5 C2ONB191V5
SB_EC_C2PNB208W1 C2PNB208W1
SB_EC_C2TNB239V1 C2TNB239V1
SB_EC_C2TNB239V2 C2TNB239V2
SB_EC_C2TNB239V3 C2TNB239V3
SB_EC_C2ONB239V4 C2ONB239V4
SB_EC_C2ONB239V5 C2ONB239V5
SB_EC_C2PNB272W1 C2PNB272W1
SB_EC_C2PNB304W1 C2PNB304W1
SB_EC_C2TNB359V1 C2TNB359V1
SB_EC_C2PNB368W1 C2PNB368W1
SB_EC_C2TNB431R1 C2TNB431R1
SB_EC_NISTP192 NISTP192
SB_EC_NISTP224 NISTP224
SB_EC_NISTP256 NISTP256
SB_EC_NISTP384 NISTP384
SB_EC_NISTP521 NISTP521
SB_EC_NISTB163 NISTB163
SB_EC_NISTB233 NISTB233
SB_EC_NISTB283 NISTB283
SB_EC_NISTB409 NISTB409
SB_EC_NISTB571 NISTB571
SB_EC_NISTK163 NISTK163
SB_EC_NISTK233 NISTK233
SB_EC_NISTK283 NISTK283
SB_EC_NISTK409 NISTK409
SB_EC_NISTK571 NISTK571
SB_EC_GOSTCPTEST GOSTCPTEST
SB_EC_GOSTCPA GOSTCPA
SB_EC_GOSTCPB GOSTCPB
SB_EC_GOSTCPC GOSTCPC
SB_EC_GOSTCPXCHA GOSTCPXCHA
SB_EC_GOSTCPXCHB GOSTCPXCHB
SB_EC_BRAINPOOLP160R1 BRAINPOOLP160R1
SB_EC_BRAINPOOLP160T1 BRAINPOOLP160T1
SB_EC_BRAINPOOLP192R1 BRAINPOOLP192R1
SB_EC_BRAINPOOLP192T1 BRAINPOOLP192T1
SB_EC_BRAINPOOLP224R1 BRAINPOOLP224R1
SB_EC_BRAINPOOLP224T1 BRAINPOOLP224T1
SB_EC_BRAINPOOLP256R1 BRAINPOOLP256R1
SB_EC_BRAINPOOLP256T1 BRAINPOOLP256T1
SB_EC_BRAINPOOLP320R1 BRAINPOOLP320R1
SB_EC_BRAINPOOLP320T1 BRAINPOOLP320T1
SB_EC_BRAINPOOLP384R1 BRAINPOOLP384R1
SB_EC_BRAINPOOLP384T1 BRAINPOOLP384T1
SB_EC_BRAINPOOLP512R1 BRAINPOOLP512R1
SB_EC_BRAINPOOLP512T1 BRAINPOOLP512T1
SB_EC_CURVE25519 CURVE25519
SB_EC_CURVE448 CURVE448

File Operation Statuses

ostOk 1
ostNoSuchFile 2
ostAccessDenied 3
ostWriteProtect 4
ostUnsupported 5
ostInvalidParameter 6
ostEOF 7

File Request Actions

fraAuto 1 Handle the requested action automatically by the server

fraCustom 2 Override the action using the user code logic

fraAbort 3 Abort the requested action

FTP File Operations

cffoDownloadFile 0 Download file

cffoUploadFile 1 Upload file

cffoDeleteFile 2 Delete file

cffoMakeDir 3 Make directory

Hash Algorithms

SB_HASH_ALGORITHM_SHA1 SHA1
SB_HASH_ALGORITHM_SHA224 SHA224
SB_HASH_ALGORITHM_SHA256 SHA256
SB_HASH_ALGORITHM_SHA384 SHA384
SB_HASH_ALGORITHM_SHA512 SHA512
SB_HASH_ALGORITHM_MD2 MD2
SB_HASH_ALGORITHM_MD4 MD4
SB_HASH_ALGORITHM_MD5 MD5
SB_HASH_ALGORITHM_RIPEMD160 RIPEMD160
SB_HASH_ALGORITHM_CRC32 CRC32
SB_HASH_ALGORITHM_SSL3 SSL3
SB_HASH_ALGORITHM_GOST_R3411_1994 GOST1994
SB_HASH_ALGORITHM_WHIRLPOOL WHIRLPOOL
SB_HASH_ALGORITHM_POLY1305 POLY1305
SB_HASH_ALGORITHM_SHA3_224 SHA3_224
SB_HASH_ALGORITHM_SHA3_256 SHA3_256
SB_HASH_ALGORITHM_SHA3_384 SHA3_384
SB_HASH_ALGORITHM_SHA3_512 SHA3_512
SB_HASH_ALGORITHM_BLAKE2S_128 BLAKE2S_128
SB_HASH_ALGORITHM_BLAKE2S_160 BLAKE2S_160
SB_HASH_ALGORITHM_BLAKE2S_224 BLAKE2S_224
SB_HASH_ALGORITHM_BLAKE2S_256 BLAKE2S_256
SB_HASH_ALGORITHM_BLAKE2B_160 BLAKE2B_160
SB_HASH_ALGORITHM_BLAKE2B_256 BLAKE2B_256
SB_HASH_ALGORITHM_BLAKE2B_384 BLAKE2B_384
SB_HASH_ALGORITHM_BLAKE2B_512 BLAKE2B_512
SB_HASH_ALGORITHM_SHAKE_128 SHAKE_128
SB_HASH_ALGORITHM_SHAKE_256 SHAKE_256
SB_HASH_ALGORITHM_SHAKE_128_LEN SHAKE_128_LEN
SB_HASH_ALGORITHM_SHAKE_256_LEN SHAKE_256_LEN

IMAP Message Flags

imapMessageAnswered 0x01 Message has been answered.

imapMessageDeleted 0x02 Message is 'deleted' for removal later.

imapMessageDraft 0x04 Message has not completed composition (marked as a draft).

imapMessageFlagged 0x08 Message is 'flagged' for urgent/special attention.

imapMessageRecent 0x10 Message is 'recently' arrived in this mailbox. This session is the first session to have been notified about this message.

imapMessageSeen 0x20 Message has been read.

KMIP Object Types

otUnknown 0x00
otCertificate 0x01
otSymmetricKey 0x02
otPublicKey 0x04
otPrivateKey 0x08

MAC Algorithms

SB_MAC_ALGORITHM_HMAC_SHA1 SHA1
SB_MAC_ALGORITHM_HMAC_SHA256 SHA256
SB_MAC_ALGORITHM_HMAC_SHA512 SHA512

PGP Compression Algorithms

SB_PGP_COMPRESSION_ALGORITHM_NONE Uncompressed
SB_PGP_COMPRESSION_ALGORITHM_ZIP ZIP
SB_PGP_COMPRESSION_ALGORITHM_ZLIB Zlib
SB_PGP_COMPRESSION_ALGORITHM_BZIP2 Bzip2

PGP Curve Names

SB_PGP_CURVE_P256 P256
SB_PGP_CURVE_P384 P384
SB_PGP_CURVE_P521 P521
SB_PGP_CURVE_ED25519 ED25519
SB_PGP_CURVE_CURVE25519 CURVE25519
SB_PGP_CURVE_BRAINPOOLP256R1 BRAINPOOLP256
SB_PGP_CURVE_BRAINPOOLP512R1 BRAINPOOLP512

PGP Key Validities

pkvStrictlyValid 0 Strictly valid

pkvValid 1 Valid

pkvInvalid 2 Invalid

pkvFailure 3 Generic validation failure

pkvUnknown 4 Validity unknown

PGP Public Key Algorithms

SB_PGP_PUBLIC_KEY_ALGORITHM_RSA RSA
SB_PGP_PUBLIC_KEY_ALGORITHM_RSA_ENCRYPT RSA-encrypt
SB_PGP_PUBLIC_KEY_ALGORITHM_RSA_SIGN RSA-sign
SB_PGP_PUBLIC_KEY_ALGORITHM_DSA DSA
SB_PGP_PUBLIC_KEY_ALGORITHM_ECDSA ECDSA
SB_PGP_PUBLIC_KEY_ALGORITHM_ECDH ECDH
SB_PGP_PUBLIC_KEY_ALGORITHM_ELGAMAL_ENCRYPT Elgamal-encrypt
SB_PGP_PUBLIC_KEY_ALGORITHM_ELGAMAL Elgamal
SB_PGP_PUBLIC_KEY_ALGORITHM_EDDSA EDDSA

PGP Signature Types

pstNormal 0 A traditional signature, compatible (algorithm permitting) with PGP 2.6.x

pstOnePass 1 A newer one-pass signature

pstDetached 2 A detached signature, i.e., a signature contained in a separate file from the data it covers

pstCleartext 3 A signature made over textual data and appended to it

PGP Symmetric Encryption Algorithms

SB_PGP_SYMMETRIC_ALGORITHM_PLAINTEXT Plaintext
SB_PGP_SYMMETRIC_ALGORITHM_IDEA Idea
SB_PGP_SYMMETRIC_ALGORITHM_3DES 3DES
SB_PGP_SYMMETRIC_ALGORITHM_CAST5 CAST5
SB_PGP_SYMMETRIC_ALGORITHM_BLOWFISH Blowfish
SB_PGP_SYMMETRIC_ALGORITHM_AES128 AES128
SB_PGP_SYMMETRIC_ALGORITHM_AES192 AES192
SB_PGP_SYMMETRIC_ALGORITHM_AES256 AES256
SB_PGP_SYMMETRIC_ALGORITHM_TWOFISH256 Twofish256

PKI Failure Information

pfiBadAlg 0 Unsupported or weak security algorithm

pfiBadMessageCheck 1 Message check failed

pfiBadRequest 2 Bad request

pfiBadTime 3 Bad timing

pfiBadCertId 4 Bad certificate ID

pfiBadDataFormat 5 Bad data format

pfiWrongAuthority 6 Wrong authority

pfiIncorrectData 7 Incorrect data

pfiMissingTimestamp 8 Missing timestamp

pfiBadPOP 9 Bad POP

PKI Results

psGranted 0 Request granted

psGrantedWithMods 1 Request granted with modifications

psRejection 2 Request rejected

psWaiting 3 Waiting (service busy)

psRevocationWarning 4 Revocation warning

psRevocationNotification 5 Revocation notification

psKeyUpdateWarning 6 Key update warning

Signature/Certificate Qualified Status

sqsUnknown 0 Qualified status unknown. Use config's QualifiedInfo setting to obtain service status URI.

sqsNone 1 None

sqsGranted 2 Granted

sqsWithdrawn 3 Withdrawn

sqsSetByNationalLaw 4 Set by national law

sqsDeprecatedByNationalLaw 5 Deprecated by national law

sqsRecognizedAtNationalLevel 6 Recognized at national level

sqsDeprecatedAtNationalLevel 7 Deprecated at national level

sqsUnderSupervision 8 Under supervision

sqsSupervisionInCessation 9 Supervision in cessation

sqsSupervisionCeased 10 Supervision ceased

sqsSupervisionRevoked 11 Supervision revoked

sqsAccredited 12 Accredited

sqsAccreditationCeased 13 Accreditation ceased

sqsAccreditationRevoked 14 Accreditation revoked

sqsInAccordance 15 Deprecated. The subject service is in accordance with the scheme's specific status determination criteria (only for use in positive approval schemes).

sqsExpired 16 Deprecated. The subject service is no longer overseen by the scheme, e.g. due to nonrenewal or withdrawal by the TSP, or cessation of the service or the scheme's operations.

sqsSuspended 17 Deprecated. The subject service's status is temporarily uncertain whilst checks are made by the scheme operator (typically e.g. while a revocation request is being investigated or if action is required to resolve a deficiency in the service fulfilling the scheme's criteria.

sqsRevoked 18 Deprecated. The subject service's approved status has been revoked because it is no longer in accordance with the scheme's specific status determination criteria (only for use in positive approval schemes).

sqsNotInAccordance 19 Deprecated. The subject service is not in accordance with the scheme's specific status determination criteria (only for use in negative approval schemes).

Revocation Reasons

rrUnknown 0x0000
rrUnspecified 0x0001
rrKeyCompromise 0x0002
rrCACompromise 0x0004
rrAffiliationChanged 0x0008
rrSuperseded 0x0010
rrCessationOfOperation 0x0020
rrCertificateHold 0x0040
rrRemoveFromCRL 0x0080
rrPrivilegeWithdrawn 0x0100
rrAACompromise 0x0200

SFTP File Operations

csfoDownloadFile 0 Download file

csfoUploadFile 1 Upload file

csfoDeleteFile 2 Delete file

csfoMakeDir 3 Make directory

Signature Validation Results

svtValid 0 The signature is valid

svtUnknown 1 Signature validity is unknown

svtCorrupted 2 The signature is corrupted

svtSignerNotFound 3 Failed to acquire the signing certificate. The signature cannot be validated.

svtFailure 4 General failure

SSH Authentication Types

atRhosts 0x01 RHOSTS file authentication. Rarely used today.

atPublicKey 0x02 Public key (sometimes called private key) authentication

atPassword 0x04 Password-based authentication

atHostbased 0x08 Hostbased authentication

atKeyboard 0x10 Keyboard-interactive authentication. This is often used in place of generic password authentication.

atGssWithMic 0x20 GSS authentication

atGssKeyex 0x40 GSS authentication with key exchange

atPublicKeyAgent 0x80 Public key agent authentication

SSH Key Types

cktPrivate 0 A private key

cktPublic 1 A public key

SSL Options

cssloExpectShutdownMessage 0x001 Wait for the close-notify message when shutting down the connection

cssloOpenSSLDTLSWorkaround 0x002 (DEPRECATED) Use a DTLS version workaround when talking to very old OpenSSL versions

cssloDisableKexLengthAlignment 0x004 Do not align the client-side PMS by the RSA modulus size. It is unlikely that you will ever need to adjust it.

cssloForceUseOfClientCertHashAlg 0x008 Enforce use of client certificate hash algorithm. It is unlikely that you will ever need to adjust it.

cssloAutoAddServerNameExtension 0x010 Automatically add server name extension when known

cssloAcceptTrustedSRPPrimesOnly 0x020 Accept trusted SRP primes only

cssloDisableSignatureAlgorithmsExtension 0x040 Disable (not send) signature algorithms extension. It is unlikely that you will ever need to adjust it.

cssloIntolerateHigherProtocolVersions 0x080 (server option) Do not allow fallback from TLS versions higher than currently enabled

cssloStickToPrefCertHashAlg 0x100 Stick to preferred certificate hash algorithms

cssloNoImplicitTLS12Fallback 0x200 Disable implicit TLS 1.3 to 1.2 fallbacks

cssloUseHandshakeBatches 0x400 Send handshake message as large batches rather than individually

SSL Versions

csbSSL2 0x01 SSL 2

csbSSL3 0x02 SSL 3

csbTLS1 0x04 TLS 1.0

csbTLS11 0x08 TLS 1.1

csbTLS12 0x10 TLS 1.2

csbTLS13 0x20 TLS 1.3

Symmetric Encryption Algorithms

SB_SYMMETRIC_ALGORITHM_RC4 RC4
SB_SYMMETRIC_ALGORITHM_DES DES
SB_SYMMETRIC_ALGORITHM_3DES 3DES
SB_SYMMETRIC_ALGORITHM_RC2 RC2
SB_SYMMETRIC_ALGORITHM_AES128 AES128
SB_SYMMETRIC_ALGORITHM_AES192 AES192
SB_SYMMETRIC_ALGORITHM_AES256 AES256
SB_SYMMETRIC_ALGORITHM_IDENTITY Identity
SB_SYMMETRIC_ALGORITHM_BLOWFISH Blowfish
SB_SYMMETRIC_ALGORITHM_CAST128 CAST128
SB_SYMMETRIC_ALGORITHM_IDEA IDEA
SB_SYMMETRIC_ALGORITHM_TWOFISH Twofish
SB_SYMMETRIC_ALGORITHM_TWOFISH128 Twofish128
SB_SYMMETRIC_ALGORITHM_TWOFISH192 Twofish192
SB_SYMMETRIC_ALGORITHM_TWOFISH256 Twofish256
SB_SYMMETRIC_ALGORITHM_CAMELLIA Camellia
SB_SYMMETRIC_ALGORITHM_CAMELLIA128 Camellia128
SB_SYMMETRIC_ALGORITHM_CAMELLIA192 Camellia192
SB_SYMMETRIC_ALGORITHM_CAMELLIA256 Camellia256
SB_SYMMETRIC_ALGORITHM_SERPENT Serpent
SB_SYMMETRIC_ALGORITHM_SERPENT128 Serpent128
SB_SYMMETRIC_ALGORITHM_SERPENT192 Serpent192
SB_SYMMETRIC_ALGORITHM_SERPENT256 Serpent256
SB_SYMMETRIC_ALGORITHM_SEED SEED
SB_SYMMETRIC_ALGORITHM_RABBIT Rabbit
SB_SYMMETRIC_ALGORITHM_SYMMETRIC Generic
SB_SYMMETRIC_ALGORITHM_GOST_28147_1989 GOST-28147-1989
SB_SYMMETRIC_ALGORITHM_CHACHA20 ChaCha20

Symmetric Crypto Modes

scmDefault 0 The default mode in current circumstances.

scmECB 1 ECB (electronic code book) mode. This is insecure, unless you know how to use it right.

scmCBC 2 CBC (cipher block chaining mode)

scmCTR 3 Counter mode

scmCFB8 4 Cipher feedback mode

scmGCM 5 Galois counter mode

scmCCM 6 CCM mode

Symmetric Crypto Paddings

scpNone 0 No padding. You might need to adjust the length of the input data to align it by the encryption block boundary.

scpPKCS5 1 Standard PKCS5 (sometimes also referred to as PKCS7) padding

scpANSIX923 2 ANSI X.923 padding

Timestamp Types

tstUnknown 0
tstLegacy 1 Supported by: AuthenticodeVerifier

tstTrusted 2 Supported by: AuthenticodeVerifier

tstGeneric 3 Supported by: CAdESVerifier

tstESC 4 Supported by: CAdESVerifier

tstContent 5 Supported by: CAdESVerifier

tstCertsAndCRLs 6 Supported by: CAdESVerifier

tstArchive 7 Archive timestamp. Supported by: CAdESVerifier, OfficeVerifier, SOAPVerifier, XAdESVerifier

tstArchive2 8 Archive v2 timestamp. Supported by: CAdESVerifier

tstArchive3 9 Archive v3 timestamp. Supported by: CAdESVerifier

tstIndividualDataObjects 10 Supported by: OfficeVerifier, SOAPVerifier, XAdESVerifier

tstAllDataObjects 11 Supported by: OfficeVerifier, SOAPVerifier, XAdESVerifier

tstSignature 12 Signature timestamp. Supported by: OfficeVerifier, SOAPVerifier, XAdESVerifier

tstRefsOnly 13 RefsOnly timestamp. Supported by: OfficeVerifier, SOAPVerifier, XAdESVerifier

tstSigAndRefs 14 SigAndRefs timestamp. Supported by: OfficeVerifier, SOAPVerifier, XAdESVerifier

XML Encryption Algorithms

SB_XML_ENCRYPTION_ALGORITHM_RC4 RC4
SB_XML_ENCRYPTION_ALGORITHM_DES DES
SB_XML_ENCRYPTION_ALGORITHM_3DES 3DEST
SB_XML_ENCRYPTION_ALGORITHM_AES128 AES128
SB_XML_ENCRYPTION_ALGORITHM_AES192 AES192
SB_XML_ENCRYPTION_ALGORITHM_AES256 AES256
SB_XML_ENCRYPTION_ALGORITHM_CAMELLIA128 Camellia128
SB_XML_ENCRYPTION_ALGORITHM_CAMELLIA192 Camellia192
SB_XML_ENCRYPTION_ALGORITHM_CAMELLIA256 Camellia256
SB_XML_ENCRYPTION_ALGORITHM_SEED SEED

XML Signature Validation Results

xsvValid 0
xsvUnknown 1
xsvCorrupted 2
xsvSignerNotFound 3
xsvFailure 4
xsvReferenceCorrupted 5

Copyright (c) 2022 /n software inc. - All rights reserved.
SecureBlackbox 2020 macOS Edition - Version 20.0 [Build 8165]