Constants class

This class contains veriously commonly used constants.

Component Types

static public final long TYPE_HASH_FUNCTION         = 0x0000000000000001L;
static public final long TYPE_MAC                   = 0x0000000000000004L;
static public final long TYPE_BLOCK_CIPHER          = 0x0000000000000010L;
static public final long TYPE_STREAM_CIPHER         = 0x0000000000000020L;
static public final long TYPE_PUBLIC_KEY_CIPHER     = 0x0000000000000040L;
static public final long TYPE_DIGITAL_SIGNATURE     = 0x0000000000000080L;
static public final long TYPE_KEY_EXCHANGE          = 0x0000000000000100L;
static public final long TYPE_COMPRESSOR            = 0x0000000000001000L;
static public final long TYPE_ENCODER               = 0x0000000000008000L;
static public final long TYPE_TRUE_RNG              = 0x0000000000010000L;
static public final long TYPE_PSEUDO_RNG            = 0x0000000000020000L;
static public final long TYPE_KEY_MANAGER           = 0x0000000000100000L;
static public final long TYPE_STORAGE_HANDLER       = 0x0000000002000000L;
static public final long TYPE_STORAGE_AGENT         = 0x0000000008000000L;
static public final long TYPE_FILE_AGENT            = 0x0000000010000000L;
static public final long TYPE_BACKUP_AGENT          = 0x0000000020000000L;
static public final long TYPE_SHREDDER              = 0x0000004000000000L;
static public final long TYPE_PARCEL_CREATOR        = 0x0000100000000000L;
static public final long TYPE_PARCEL_EXTRACTOR      = 0x0000200000000000L;
static public final long TYPE_WEB_STORAGE           = 0x0001000000000000L;
static public final long TYPE_HIDDEN_COMPONENT      = 0x8000000000000000L;

static public final long TYPE_ANY_COMPONENT         = 0x0FFFFFFFFFFFFFFFL;

One of these constants, or logical OR of several constants, is returned by component's IKryptelComponent.ComponentType. They can also be used as an argument for Loader.GetComponentList to get a list of the components of a given type.

An important constant deserving a special note is TYPE_HIDDEN_COMPONENT. It specifies a component, which a user is not allowed to select. An example is NullCipher, which imitates a cipher but performs no encryption at all. Marking this component as hidden limits its use for debugging purpose only.

Another example is DES cipher. We need to include it for compatibility with old versions, but it should not be selected for creating new files.

Note also that programmatically a hidden component can be created and used without any limitation. TYPE_HIDDEN_COMPONENT just declares that the component is not user-selectable. If user preferences includes some component GUIDs, make sure that they don't refer to hidden components (it would probably be easy for an attacker to edit user preferences data).

Encrypted Storage Capabilities

static public final int ESTOR_CREATE_OBJECT             = 0x00000001;
static public final int ESTOR_DELETE_OBJECT             = 0x00000002;
static public final int ESTOR_MODIFY_ATTRIBUTES         = 0x00000008;
static public final int ESTOR_CREATE_STREAM             = 0x00000010;
static public final int ESTOR_MODIFY_STREAM             = 0x00000020;
static public final int ESTOR_EXTEND_STREAM             = 0x00000040;
static public final int ESTOR_TRUNCATE_STREAM           = 0x00000100;
static public final int ESTOR_DELETE_STREAM             = 0x00000200;
static public final int ESTOR_MOVE_POINTER              = 0x00000800;
static public final int ESTOR_MULTI_STREAM              = 0x00001000;
static public final int ESTOR_MULTI_STREAM_READ         = 0x00002000;
static public final int ESTOR_MULTI_STREAM_WRITE        = 0x00004000;
static public final int ESTOR_FLUSH_SUPPORTED           = 0x00100000;
static public final int ESTOR_CAN_BE_COMPRESSED         = 0x00200000;
static public final int ESTOR_DISCARD_CHANGES           = 0x00800000;
static public final int ESTOR_YUBIKEY                   = 0x01000000;
static public final int ESTOR_PROTECTED_KEY             = 0x02000000;
static public final int ESTOR_STATISTICS                = 0x10000000;
static public final int ESTOR_KEEPS_DELETED_OBJECTS     = 0x20000000;
static public final int ESTOR_CAN_UNDELETE              = 0x40000000;
static public final int ESTOR_RECOVERY_BLOCKS           = 0x80000000;

A combination of these bits is returned by IEncryptedStorageInfo.GetStorageCapabilities and describes the operations that the storage handler supports.

The storage allows creating new objects. If this bit is not set then the container is open in read-only mode.
The storage supports object deletion.
The storage allows setting object's attribute block. Like ESTOR_CREATE_OBJECT it is a basic operation which is always allowed except in read-only mode.
The storage can create object's data stream. This is another basic operation always allowed in read/write mode.
If this bit is set, the storage can write to data stream in random access mode.
Stream append operation is supported.
SetEof command is supported.
The storage can delete data streams.
Seek and SeekEof commands are supported.
Several streams can be opened. If this bit is not set, the client must close an active stream before opening another one.
Read operations on multiple streams are allowed. If this bit is set, ESTOR_MULTI_STREAM must also be set.
Write operations on multiple streams are allowed. If this bit is set, ESTOR_MULTI_STREAM must also be set.
The handler supports flush operation, i.e. writing buffered data and finalizing the container without closing it. Flush operation is equivalent to closing and reopening the container but works much faster.
The container can be compressed, i.e. it has unused data and the storage handler supports compression. If this bit is not set, a call to Compress function will simply be redirected to Close.
Discard function is supported. Discard closes the container discarding all changes made it it. The container returns to the state before Open call. A newly created container will be deleted.
Storage handler supports Yubikey.
Storage handler supports protected binary keys.
Storage handler maintains container statistics, which can be obtained by IEncryptedStorageInfo.GetStorageStatistics.
The handler does not physically removes deleted objects, just sets their EFL_OBJECT_DELETED flag.
The handler supports Undelete command. If this flag is set, ESTOR_KEEPS_DELETED_OBJECTS must also be set.
Storage handler can create data recovery blocks.

File Agent Capabilities

static public final long EFSTOR_THUMBNAILS              = 0x0000080000000000L;
static public final long EFSTOR_ITEM_DESCRIPTIONS       = 0x0000200000000000L;
static public final long EFSTOR_KEYWORDS                = 0x0000400000000000L;
static public final long EFSTOR_DESCRIPTIONS            = 0x0001000000000000L;
static public final long EFSTOR_ENCRYPTED_DESCRIPTIONS  = 0x0002000000000000L;
static public final long EFSTOR_ASSOCIATED_DATA         = 0x0004000000000000L;
static public final long EFSTOR_FILE_STORAGE_STATISTICS = 0x1000000000000000L;
static public final long EFSTOR_TARGETS                 = 0x8000000000000000L;

These bits describe capabilities of File and Backup agents and are returned by IEncryptedFileStorageInfo.GetFileStorageCapabilities. Bits 32-47 are item-related; bits 48-63 are container-related; the lower 32 bits contain ESTOR_XXX bits returned by the underlying storage handler.

During encryption the agent automatically generates and stores picture thumbnails.
The agent allows attaching text descriptions to stored files and directories (see IFileSystemAttributes.SetDescription).
The agent allows attaching keywords to stored files (see IEncryptedFile.SetKeywords).
Container can have an unencrypted (publicly visible) text description (see IEncryptedFileStorage.SetDescription).
Container can have an encrypted text description (see IEncryptedFileStorage.SetEncryptedDescription).
Container allows attaching additional associated data (see IEncryptedFileStorage.SetAssociatedData). Only backup agents have associated data, at least in the current version. File agents do not support this feature.
The agent maintains file-related container statistics, which can be obtained by IEncryptedFileStorageInfo.GetFileStorageStatistics.
The agent supports multiple targets, i.e. it is a backup agent. This flag is guaranteed to be cleared for a file agent.

File Storage Control Flags

static public final int FSCF_PERSISTANT_DESCRIPTIONS    = 0x00000020;
static public final int FSCF_PERSISTANT_KEYWORDS        = 0x00000040;
static public final int FSCF_ENUMS_RETURN_DELETED       = 0x00010000;
static public final int FSCF_WILDCARDS_DECRYPT_DELETED  = 0x00020000;

static public final int FSCF_PERSISTANT_ATTRIBUTES      =

static public final int FSCF_DEFAULT                    = FSCF_PERSISTANT_ATTRIBUTES;

These flags control file/backup agent behavior and can be set with IEncryptedFileStorage.SetStorageControlFlags.

If a file is replaced with a newer version, the newer file inherits the file's description.
If a file is replaced with a newer version, the newer file inherits the file's keywords.
Enumeration functions IEncryptedDirectory.GetDirectories and IEncryptedDirectory.GetFiles also return deleted items.
The batch decryption functions also decrypt deleted items.

Encrypted Object Flags

static public final int EFL_ATTRIBUTE_BLOCK     = 0x00000001;
static public final int EFL_DATA_STREAM         = 0x00000002;
static public final int EFL_CHILD_OBJECTS       = 0x00000010;
static public final int EFL_STREAM_BUSY         = 0x10000000;
static public final int EFL_OBJECT_DELETED      = 0x80000000;

These flags are returned by IEncryptedObject.GetObjectFlags

The object has an attribute block.
The object has a data stream.
The object has children objects.
The object's data stream is open and is used by the client.
The object is deleted and will be physically removed on the next container compression operation.

Encrypted File Object Flags

static public final long EFFL_ITEM_IS_DIRECTORY             = 0x0000000100000000L;
static public final long EFFL_ITEM_CONTAINS_DIRECTORIES     = 0x0000000200000000L;
static public final long EFFL_ITEM_CONTAINS_FILES           = 0x0000000400000000L;
static public final long EFFL_ITEM_HAS_DESCRIPTION          = 0x0000200000000000L;
static public final long EFFL_ITEM_HAS_KEYWORDS             = 0x0000400000000000L;
static public final long EFFL_ITEM_HAS_THUMBNAILS           = 0x0010000000000000L;
static public final long EFFL_ITEM_DELETED                  = 0x8000000000000000L;

File and directory flags returned by IFileSystemAttributes.GetAttributes.

If this flag is set, the item is a directory, otherwise it is a file.
The item contains children directories. If this flag is set, the flag EFFL_ITEM_IS_DIRECTORY is also set.
The item contains children files. If this flag is set, the flag EFFL_ITEM_IS_DIRECTORY is also set.
The item has an attached description.
The item is a file and has attached keywords.
The item is a file and has a stored thumbnail.
The item is deleted and will be removed on the next container compression operation.

Compression Levels

static public final byte CT_DEFAULT_COMPRESSION     = -1;
static public final byte CT_NO_COMPRESSION          = 0;
static public final byte CT_MIN_COMPRESSION         = 1;
static public final byte CT_AVERAGE_COMPRESSION     = 6;
static public final byte CT_MAX_COMPRESSION         = 9;


These constants are just convenient names for most often used compression levels.

Note that CT_DEFAULT_COMPRESSION is not a valid compression level and may be used only as the argument of ICompressorParams.SetLevel. The actual default compression level is compressor-specific; for example for ZIP it is 6 (average), and for BZIP it is 9 (maximum).

DEFAULT_COMPRESSION_LEVEL is used by higher-level component when a real value is required.