Sleds/libeye/eyeconstants.h

// Copyright (c) 2013-2015 IONU Security, Inc. All rights reserved.
// Copyright (c) 2016 Sequence Logic, Inc. All rights reserved
//
// Shared constants

#ifndef eyeconstants_h
#define eyeconstants_h

#ifdef WIN32

#define SL_ENDL_LEN              2
#define SL_MAX_PATH            260 // MAX_PATH=260 in winapi, extended paths may be longer "\\?\D:\very long path"
#define SL_MAX_NAME              SL_MAX_PATH
#elif defined(__APPLE__)
#include <sys/syslimits.h>
#define SL_MAX_PATH              PATH_MAX
#define SL_MAX_NAME              NAME_MAX
#define SL_ENDL_LEN              1
#elif defined(LIN64)
#include <limits.h>
#define SL_MAX_PATH              PATH_MAX
#define SL_MAX_NAME              NAME_MAX
#define SL_ENDL_LEN              1
#else
#define SL_MAX_PATH            255
#define SL_MAX_NAME            255
#define SL_ENDL_LEN              1
#endif

//generic dictionary keys used all over
#define DICT_KEY_DELETED        "deleted"

#define SL_PATH_MAX_LEN        247
#define SL_PATH_INTERNAL_MAX     (SL_PATH_MAX_LEN+2)
#define SL_PATH_BUFFER_MAX       (SL_PATH_INTERNAL_MAX+2)
#define SL_MAX_XATTR_LENGTH   4096    // this is name\000value\n max for shadow xattr

#define SL_EYE_TYPE              "sequencelogic"
#define SL_EYE_GZIP_HEADER       "1f8b08"     // File header for compressed files
#define SL_EYE_STREAM_CHUNK      65536        // Process streams in 64k chunks

#define SL_DIGEST_DEFAULT        "sha1"
#define SL_CIPHER_DEFAULT        "aes256cbc"
#define SL_PK_DEFAULT            "rsa2048"

#define SL_AES_KEY_BITS        256   // 32 bytes = 256 bits
#define SL_AES_KEY_LEN          32   // 32 bytes = 256 bits
#define SL_AES_BLOCK_LEN        16   // 16 bytes = 128 bits
#define SL_RSA_KEY_BITS       2048   // 256 bytes = 2048 bits
#define SL_RSA_KEY_LEN         256   // 128 bytes (1024 bit + public exponent)
#define SL_RSA_PUBLIC_EXP    65537   // Default public exponent
#define SL_MD5_LEN              16   // 16 bytes or 128 bits
#define SL_SHA1_LEN             20   // 20 bytes or 160 bits
#define SL_SHA224_LEN           28   // 28 bytes or 224 bits
#define SL_SHA256_LEN           32   // 32 bytes or 256 bits
#define SL_SHA512_LEN           64   // 64 bytes or 512 bits
#define SL_TGI_SIG_LEN          12   // 12 bytes or 96 bits

#define SL_ISIS_PIN_HASH        "fc342bb3a2f691c9fb7916ca2ed2473db3388ab2"

#define SL_URN_PREFIX           "urn:sl:"
#define SL_URN_DEFAULT          "urn:sl:000000:00000000:0000:000000000000"

#define SL_URN_MIN_LEN          12   // "urn:sl::::"
#define SL_URN_MAX_LEN          55   // "urn:sl:000000:00000000:0000:000000000000{:00000000000}"
#define SL_URN_VAN_LEN           6
#define SL_URN_PMO_LEN           8
#define SL_URN_DEV_LEN           4
#define SL_URN_DOC_LEN          12
#define SL_URN_MSG_LEN          16
#define SL_URN_USERGRP_LEN       8

#define SL_ISO8601_DATE_LEN     20   // 2012-08-25T14:30:56Z (GMT! trailing Z optional and assumed!)
#define SL_PASSWORD_MAX_LEN    255

#define SL_SYNC_DEPTH_MAX       50

#define TEST_VAN_ID                "000000"             // Unit test van ID. Do not use this VAN except for localhost/integration QA
#define TEST_PMO_ID                "00000000"           // This is for automated unit tests
#define CG_PMO_ID                  "00000000"          // CG thinks it's an office for keyring management purposes
#define SG_PMO_ID                  "00000001"           // Storage guard office user
#define RESERVED_PMO_ID_REGEX      "000000.."           // Reserved PMO are six zeroes 00:FF
#define TEST_DEVICE_ID             "FFFF"               // Do not use this device ID for testing in ANY VAN or ANY PMO
#define BROWSER_DEVICE_ID          "0000"               // Special device UUID signifying a web browse
#define CG_DEV_ID                  "0000"
#define HEADLESS_DEVICE_ID         "0001"               // Special device UUID signifying headless device (e.g. Nikki)
#define GROUP_DOC_DEVICE_ID        "FFFD"               // Special device UUID for group docs
#define ANDROID_DEVICE_ID          "FFFE"               //  Special device for android testing
#define PMO_ALL_ID                 "FFFFFFFF"           //  When seen in a permission URN as the PMO value, this signifies that "all" can perform the operation

#define CG_PUBLIC_KEY_ALIAS        "cgPublic"
#define VAN_PUBLIC_KEY_ALIAS       "vanPublic"
#define DEVICE_PUBLIC_KEY_ALIAS    "devicePublic"
#define OFFICE_PUBLIC_KEY_ALIAS    "officePublic"
#define DEVICE_PRIVATE_KEY_ALIAS   "devicePrivate"
#define OFFICE_PRIVATE_KEY_ALIAS   "officePrivate"
#define EG_KEYRING_CONFIG          "keyringConfig"      // A "message" name indicating keyring office JSON

#define K2_ONLINE                   "online"

#define NPMO_PARAM_VERSION          "v"
#define NPMO_PARAM_STUB             "stub"
#define NPMO_PARAM_OTHER_STUB       "_stub"
#define NPMO_PARAM_OFFICES          "offices"
#define NPMO_PARAM_PMO              "pmo"

//namespace PermissionConsts {
#define PERMISSION_AUTHORITY       "authority" /** Authority key */
#define PERMISSION_KEY_OWNER       "owner" /** Owner key */
#define PERMISSION_KEY_SIGNATURE   "signature"
#define PERMISSION_READ            "read"
#define PERMISSION_WRITE           "write"
#define PERMISSION_SHOW_SHREDDED   "hide"
#define PERMISSION_ADMIN           "admin"
#define PERMISSION_DOORWAY         "doorway"
#define PERMISSION_STREAM          "stream"
#define PERMISSION_ALL             "read|write|hide|admin|doorway|stream|readAssign|writeAssign|hideAssign|doorwayAssign|adminAssign|streamAssign"
#define PERMISSION_VALUE_OWNER     "owner"
#define PERMISSION_VALUE_OTHER     "other"
#define PERMISSION_GROUP_PREFIX    "g@"                 // g@docuuid
#define PERMISSION_ROOT_KEY        "perms"
#define PERMISSION_TYPE_KEY        "type"           // unset/empty "file" "group"
#define PERMISSION_NAME_KEY        "name"           // for groups
#define PERMISSION_ASSIGNMENT_SUFFIX "Assign"
#define PERMISSION_TYPE_VALUES     "file|group" // unset/empty implies "file"
#define PERMISSION_MEMBERS_KEY     "mbrs"   //  The members key and data [pmo-uuid,...] is built by the updateMembers method
//}


#define PMO_USER_CONFIGURATION     "uc"
#define PMO_CONFIG_SDE_IOS         "sde_ios"

#define POLICY_NAME                "policyName"
#define POLICY_TYPE                "type"
#define POLICY_VALUE               "value"

#define MT_STORAGE                 "storage"
#define MT_DEVICES                 "devices"
#define MT_STORAGE_GUARD           "storage-guard"
#define MT_DIRECTORY_SELECTOR      "directory-selector"
#define MT_DEVICE_ROOT             "device-root"           // Inbox or Documents local to device
#define MT_DOORWAY                 "doorway"
#define MT_CLOUD_FOLDERS           "cloud-folders"
#define MT_MOUNT                   "mount"
#define MT_ACTION                  "action"
#define MT_AVAILABLE_PEERS         "available-peers"
#define MT_DIRECTORY               "directory"
#define MT_FILE                    "file"
#define MT_PEER                    "peer"                  // typ. overridden by device
#define MT_PEER_DIRECTORY          "peer-directory"
#define MT_PEER_FILE               "peer-file"
#define MT_DEVICE_DIRECTORY        "device-directory"
#define MT_DEVICE_FILE             "device-file"
#define MT_LOCAL_FILE              "local-file"
#define MT_CREATE_GROUP            "create-group"
#define MT_GROUP                   "group"
#define MT_MESSAGE                 "message"

#define SNT_ACTION_MIME_TYPE       "application/json"

#define IM_CHAT_HTML_MIME_TYPE1    "text/html"
#define IM_CHAT_HTML_MIME_TYPE2    "application/html"
#define IM_CHAT_PDF_MIME_TYPE      "application/pdf"

#define STORAGE_NODE_NAME           "name"
#define STORAGE_NODE_ID             "_id"
#define STORAGE_NODE_MIME_TYPE      "mimetype"
#define STORAGE_NODE_LENGTH         "length"
#define STORAGE_NODE_LAST_ACCESS    "lastAccessTime"
#define STORAGE_NODE_LAST_MODIFIED  "lastModifiedTime"
#define STORAGE_NODE_CREATE_TIME    "creationTime"
#define STORAGE_NODE_HOST           "host"
#define STORAGE_NODE_LOC            "loc"
#define STORAGE_NODE_MOUNT          "mount"
#define STORAGE_NODE_SOURCE         "source"
#define STORAGE_NODE_PATH           "path"
#define STORAGE_NODE_FOLDER         "folder"
#define STORAGE_NODE_PARENTS        "parents"
#define STORAGE_NODE_STATUS         "status"
#define STORAGE_NODE_TYPE           "type"
#define STORAGE_NODE_META_TYPE      "metaType"
#define STORAGE_NODE_CHILDREN       "contents"
#define STORAGE_NODE_META_DATA      "metaData"
#define STORAGE_NODE_REMOTE_KIND    "remoteKind"
#define STORAGE_NODE_REMOTE_STATUS  "remoteStatus"
#define STORAGE_NODE_UTIME          "utime"
#define STORAGE_NODE_SIZE           "size"
#define STORAGE_NODE_ABS_PATH       "abspath"
#define STORAGE_NODE_DESC           "description"
#define STORAGE_NODE_HASH           "hash"
#define STORAGE_NODE_URN            "urn"
#define STORAGE_NODE_SYNC           "sync"
#define STORAGE_NODE_VIEW           "view"
#define STORAGE_NODE_PORT           "port"
#define STORAGE_NODE_MTIME          "mtime"
#define STORAGE_NODE_ISDIR          "isDirectory"
#define STORAGE_NODE_FILENAME       "_filename"
#define STORAGE_NODE_SIGNATURE      "signature"
#define STORAGE_NODE_CHECKSUM       "md5chk"
#define STORAGE_NODE_DOCURN         "docURN"
#define STORAGE_NODE_PERMISSIONS    "permissions"

#define MIME_TYPE_APP_UNKNOWN       "application/unknown"

#define URL_ARGUMENT_SHARE          "share"
#define URL_VALUE_BOOL_TRUE         "true"
#define URL_VALUE_BOOL_FALSE        "false"
#define URL_ARGUMENT_MKDIR          "mkdir"
#define URL_ARGUMENT_DELETE         "delete"
#define URL_ARGUMENT_RENAME         "rename"

/**
 * Policy names. Note that these are auto-extracted from this file to src/com/ionu/PolicyNames.java.
 */
// @todo many more
// FORMATTING IS IMPORTANT:
// #define PN_name "name" // type defaultValue ["listval1",...] @@en_US_prompt
// allowed types are: boolean/int/long/string/duration/date
// duration is simply a long whose value is interpreted as millisecs
// date is stored as ISO8601 string
// The ["listval1",...] is optional
//
//namespace PolicyNames {
#define PN_USER_REGEX							"userRegex" // regex "[a-zA-Z0-9][a-zA-Z0-9_@.+-]{1,32}" @@"Username must be 2 to 20 characters and begin with a letter or digit then consist only of letters, digits and the characters '_@.+-'"
#define PN_ALLOW_USER_PASSWORD_CHANGE			"allowUserPasswordChange" // boolean true @@"{logic-only}"
#define PN_PASSWORD_MIN_LENGTH					"passwordMinLength" // int 8 @@"Password minimum length is 8 characters"
#define PN_PASSWORD_DIGIT_REQUIRED				"passwordDigitRequired"	// boolean false @@"Your password must include a digit"
#define PN_PASSWORD_ALPHA_REQUIRED				"passwordAlphaRequired"	// boolean true @@"Your password must include a letter"
#define PN_CHALLENGE_RESPONSE_MIN_LENGTH		"challengeResponseMinLength" // int 3 @@"Your security response must be at least 3 characters"
#define PN_PASSWORD_STRENGTH_MIN				"passwordStrengthMin" // double 0.5 @@"Your password is not strong/complex enough"
#define PN_PASSPHRASE_MIN_LENGTH				"passphraseMinLength" // int 10 @@"Your passphrase must be at least 10 characters"
#define PN_PASSPHRASE_STRENGTH_MIN				"passphraseStrengthMin" // double 0.75 @@"Your passphrase is not strong enough"
#define PN_PASSPHRASE_CHALLENGE_OPTIONAL		"passphraseChallengeOptional" // boolean true @@"{logic-only}"
#define PN_PASSPHRASE_CHALLENGE_REQUIRED		"passphraseChallengeRequired" // boolean false @@"You must select a passphrase"
#define PN_PASSWORD_RESET_ALLOWED               "passwordResetAllowed" // boolean true @@"{logic-only}"
#define PN_PASSWORD_RECOVERY_ENABLED			"passwordRecoveryEnabled" // boolean true @@"{logic-only}"
#define PN_MIN_NUMBER_CHALLENGES_INC_PASSWORD	"minNumberChallengesIncludingPassword" // int 4 @@"{logic-only}"
#define PN_CUSTOM_CHALLENGE_REQUIRED			"customChallengeRequired" // boolean false @@"A custom security question is required to be selected"
#define PN_CUSTOM_CHALLENGE_MIN_LENGTH			"customChallengeMinLength" // int 6 @@"Custom security questions must be at least 6 characters"
#define PN_PASSWORD_FAIL_LOCKOUT				"passwordFailLockout"	// int 5 @@"{logic-only}"
#define PN_PASSWORD_LOCKOUT_ACTION				"passwordLockoutAction"	// list "delay" ["delay","disable-account"] @@"{logic-only}"
#define PN_PASSWORD_LOCKOUT_DELAY				"passwordLockoutDelay" // duration 15000 @@"{logic-only 15secs}"
#define PN_MAX_VAN_USERS						"maxUsers" // long 50000 @@"A maximum of 50,000 users is currently supported"
#define PN_REQUIRE_OFFICE_ACTIVATION			"requireOfficeActivation" // boolean true @@"{logic-only}"
#define PN_ALLLOW_ACTIVATION_BYPASS				"allowActivationBypass" // regex "qa[^@]+@sl-int[.]com" @@"{logic-only}"
#define PN_REQUIRE_CAPTCHA_ON_CREATE_OFFICE		"requireCreateOfficeCaptcha" // boolean false @@"{logic-only}"
#define PN_REQUIRE_CAPTCHA_ON_WEB_LOGIN			"requireWebLoginCaptcha" // boolean false @@"{logic-only}"
#define PN_DELAY_LOGIN_FAILURE					"delayLoginFailure" // duration 1500 @@"{logic-only 1.5secs}"
#define PN_MAX_DEVICES							"maxDevices" // int 100 @@"A maximum of 100 devices is supported per user"
#define PN_AUTO_LOGOUT_INACTIVITY_MAX			"autoLogoutMax" // duration 604800000 @@"The maximum inactivity time before auto logout is one week"
#define PN_COMPATIBILITY_REQUIRMENT				"compatibilityRequirement" // regex "default" @@"This application is not compatible with the server VAN"
#define PN_SERVER_USER_TRACKING                 "serverUserTracking" // list "on"  ["user-selectable","off","on"] @@"Allow user to have web service events tracked"
#define PN_SERVER_USER_TRACKING_TTL				"serverUserTrackingTTL" // duration 2592000000 @@"Server tracking events expire after 30 days"
#define PN_WEB_TOKEN_EXPIRY						"webTokenExpiry" // duration 14400000 @@"{logic-only 4 hours}"
#define PN_TEAMS_SUPPORTED 						"secureManagedNetworkSupportEnabled" // boolean true @@"{logic-only should admin UX support network features}"
#define PN_TEAMS_ALLOW_USER_VIEW_MEMBERS		"smnViewMembersEnabled" // boolean true @@"{logic-only can users see members in web admin}"
#define PN_EMAIL_REGEX 							"emailRegex" // regex "^[_A-Za-z0-9-\\+]+(\\.[_A-Za-z0-9-]+)*@[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$" @@"A valid email must contain an @ and a domain"
#define PN_PHONE_REGEX 							"phoneRegex" // regex "^[01]?[-\\s.]?\\(?[2-9]\\d{2}\\)?[-\\s.]?\\d{3}[-\\s.]?\\d{4}$" @@"A valid phone number is of the form (303)555-1212"
#define PN_ALLOW_USER_PRECREATION				"userPrecreationEnabled" // boolean true @@"{logic-only should admin UX support account precreation}"
#define PN_NO_LOGIN_INACTIVATE_DURATION			"noLoginInactivateDuration" // duration 2709400000 @@"Device not logged in inactivation duration"
#define PN_NO_LOGIN_REMOVE_DURATION				"noLoginRemoveDuration" // duration 15732000000 @@"Device not logged in removal duration"
#define PN_BROWSER_PROVISIONING					"browserProvisioning"	// list "allow" ["prohibit","insecure","allow","activation"] @@"Allow browsers to be provisioned as data devices"
#define PN_DATA_ENCRYPTION						"dataEncryption"	// list "files_data" ["files_data","files","data","none"] @@"Encrypt files and data; files only; data only; nothing"
#define PN_DEMO_ENABLED							"demoEnabled" // boolean false @@"Enable demo features"
#define PN_WORFLOW_EMAIL						"workflowEmailAddresses" // string "" @@"Comma or bar separated list of email addresses to send on important workflow events"
#define PN_MAX_BROWSER_FILE_SIZE				"maxBrowserFileSize" // long 10485760 @@"A maximum file size of 10MB is supported within the browser"
//}
// end generation of policy constants
#endif

// previously... #define PN_PASSWORD_LOCKOUT_ACTION				"passwordLockoutAction"	// list "delay" ["delay","disable-account","re-enter-challenges"] @@"{logic-only}"


/* Obsoleted 10/20/16
#define PN_VERSION_ANDROID_CURRENT				"versionANDROIDCurrent" // int 29 @@"{logic-only}"
#define PN_VERSION_IOS_CURRENT					"versionIOSCurrent" // int 0 @@"{logic-only}"
#define PN_VERSION_OSX_CURRENT					"versionOSXCurrent" // int 0 @@"{logic-only}"
#define PN_VERSION_WINDOWS_CURRENT				"versionWINDOWSCurrent" // int 0 @@"{logic-only}"
#define PN_VERSION_ANDROID_MIN					"versionANDROIDMin" // int 1 @@"This application version does not meet the minimum allowed by the server"
#define PN_VERSION_IOS_MIN						"versionIOSMin" // int 1 @@"This application version does not meet the minimum allowed by the server"
#define PN_VERSION_OSX_MIN						"versionOSXMin" // int 1 @@"This application version does not meet the minimum allowed by the server"
#define PN_VERSION_WINDOWS_MIN					"versionWINDOWSMin" // int 1 @@"This application version does not meet the minimum allowed by the server"
#define PN_MAX_CHAT_MESSAGE_LENGTH				"maxChatMessageLength" // int 1024 @@"Maximum length of a chat message is 1024 characters"
#define PN_VANISH_ON_READ_TIME_TO_DISPLAY		"vanishOnReadTimeToDisplay" // duration 30000 @@"You have 30 seconds to read this message"
#define PN_SMS_APP_DOWNLOAD_LINK                "smsAppDownloadLink" // string "http://www.sequencelogic.net/download" @@"Please click on this link to visit the downloads page"
#define PN_VAN_SOLO_RESIDENCY					"vanSoloResidency" // boolean false @@"The selected VAN may not be used in conjunction with any other VANs on this device"
#define PN_MAX_ATTACHMENT_SIZE					"maxAttachmentSize" // int 5242880 @@"The maximum size of an attachment is 5MB"
#define PN_LINK_WINDOWS_APP						"linkWindowsApp" // string "https://prod1.sl.com/release/win32/IOnUSetupBeta.exe" @@"{logic-only IONU Windows installer deep link}"
#define PN_PAYMENT_ENABLED						"paymentEnabled" // boolean true @@"{logic-only should admin UX support payment features}"
#define PN_CLOUD_PROVIDERS_SUPPORTED			"cloudProvidersSupported" // regex "^(?:dropbox|box|google)$" @@"Supported Cloud Providers"
#define PN_ALLOW_CREDENTIALS_IN_KEYCHAIN		"allowCredentialsInKeychain" // boolean true @@"{logic-only Apps may persist cloud or other credentials in OS keychain}"
#define PN_ALLOW_TOUCH_ID						"allowTouchID" // boolean true @@"{logic-only Touch ID allowed to unlock iOS app}"
#define PN_MAX_FILE_SIZE						"maxFileSize" // long 2147483648 @@"A maximum file size of 2GB is supported"
#define PN_ALLOW_SEARCHABLE_GROUPS              "allowSearchableGroups" // boolean true @@"Allow searchable setting for groups to be modified"
#define PN_ALLOW_NESTED_GROUPS              	"allowNestedGroups" // boolean true @@"Allow groups to contain groups"
#define PN_TRACK_BANDWIDTH						"trackBandwidth" // boolean false @@"Track (and thus enforce) bandwidth consumption per product configurations"
 */
Initial commit part 2 2025-03-13 21:28:38 +00:00			`// Copyright (c) 2013-2015 IONU Security, Inc. All rights reserved.`
			`// Copyright (c) 2016 Sequence Logic, Inc. All rights reserved`
			`//`
			`// Shared constants`

			`#ifndef eyeconstants_h`
			`#define eyeconstants_h`

			`#ifdef WIN32`

			`#define SL_ENDL_LEN 2`
			`#define SL_MAX_PATH 260 // MAX_PATH=260 in winapi, extended paths may be longer "\\?\D:\very long path"`
			`#define SL_MAX_NAME SL_MAX_PATH`
			`#elif defined(__APPLE__)`
			`#include <sys/syslimits.h>`
			`#define SL_MAX_PATH PATH_MAX`
			`#define SL_MAX_NAME NAME_MAX`
			`#define SL_ENDL_LEN 1`
			`#elif defined(LIN64)`
			`#include <limits.h>`
			`#define SL_MAX_PATH PATH_MAX`
			`#define SL_MAX_NAME NAME_MAX`
			`#define SL_ENDL_LEN 1`
			`#else`
			`#define SL_MAX_PATH 255`
			`#define SL_MAX_NAME 255`
			`#define SL_ENDL_LEN 1`
			`#endif`

			`//generic dictionary keys used all over`
			`#define DICT_KEY_DELETED "deleted"`

			`#define SL_PATH_MAX_LEN 247`
			`#define SL_PATH_INTERNAL_MAX (SL_PATH_MAX_LEN+2)`
			`#define SL_PATH_BUFFER_MAX (SL_PATH_INTERNAL_MAX+2)`
			`#define SL_MAX_XATTR_LENGTH 4096 // this is name\000value\n max for shadow xattr`

			`#define SL_EYE_TYPE "sequencelogic"`
			`#define SL_EYE_GZIP_HEADER "1f8b08" // File header for compressed files`
			`#define SL_EYE_STREAM_CHUNK 65536 // Process streams in 64k chunks`

			`#define SL_DIGEST_DEFAULT "sha1"`
			`#define SL_CIPHER_DEFAULT "aes256cbc"`
			`#define SL_PK_DEFAULT "rsa2048"`

			`#define SL_AES_KEY_BITS 256 // 32 bytes = 256 bits`
			`#define SL_AES_KEY_LEN 32 // 32 bytes = 256 bits`
			`#define SL_AES_BLOCK_LEN 16 // 16 bytes = 128 bits`
			`#define SL_RSA_KEY_BITS 2048 // 256 bytes = 2048 bits`
			`#define SL_RSA_KEY_LEN 256 // 128 bytes (1024 bit + public exponent)`
			`#define SL_RSA_PUBLIC_EXP 65537 // Default public exponent`
			`#define SL_MD5_LEN 16 // 16 bytes or 128 bits`
			`#define SL_SHA1_LEN 20 // 20 bytes or 160 bits`
			`#define SL_SHA224_LEN 28 // 28 bytes or 224 bits`
			`#define SL_SHA256_LEN 32 // 32 bytes or 256 bits`
			`#define SL_SHA512_LEN 64 // 64 bytes or 512 bits`
			`#define SL_TGI_SIG_LEN 12 // 12 bytes or 96 bits`

			`#define SL_ISIS_PIN_HASH "fc342bb3a2f691c9fb7916ca2ed2473db3388ab2"`

			`#define SL_URN_PREFIX "urn:sl:"`
			`#define SL_URN_DEFAULT "urn:sl:000000:00000000:0000:000000000000"`

			`#define SL_URN_MIN_LEN 12 // "urn:sl::::"`
			`#define SL_URN_MAX_LEN 55 // "urn:sl:000000:00000000:0000:000000000000{:00000000000}"`
			`#define SL_URN_VAN_LEN 6`
			`#define SL_URN_PMO_LEN 8`
			`#define SL_URN_DEV_LEN 4`
			`#define SL_URN_DOC_LEN 12`
			`#define SL_URN_MSG_LEN 16`
			`#define SL_URN_USERGRP_LEN 8`

			`#define SL_ISO8601_DATE_LEN 20 // 2012-08-25T14:30:56Z (GMT! trailing Z optional and assumed!)`
			`#define SL_PASSWORD_MAX_LEN 255`

			`#define SL_SYNC_DEPTH_MAX 50`

			`#define TEST_VAN_ID "000000" // Unit test van ID. Do not use this VAN except for localhost/integration QA`
			`#define TEST_PMO_ID "00000000" // This is for automated unit tests`
			`#define CG_PMO_ID "00000000" // CG thinks it's an office for keyring management purposes`
			`#define SG_PMO_ID "00000001" // Storage guard office user`
			`#define RESERVED_PMO_ID_REGEX "000000.." // Reserved PMO are six zeroes 00:FF`
			`#define TEST_DEVICE_ID "FFFF" // Do not use this device ID for testing in ANY VAN or ANY PMO`
			`#define BROWSER_DEVICE_ID "0000" // Special device UUID signifying a web browse`
			`#define CG_DEV_ID "0000"`
			`#define HEADLESS_DEVICE_ID "0001" // Special device UUID signifying headless device (e.g. Nikki)`
			`#define GROUP_DOC_DEVICE_ID "FFFD" // Special device UUID for group docs`
			`#define ANDROID_DEVICE_ID "FFFE" // Special device for android testing`
			`#define PMO_ALL_ID "FFFFFFFF" // When seen in a permission URN as the PMO value, this signifies that "all" can perform the operation`

			`#define CG_PUBLIC_KEY_ALIAS "cgPublic"`
			`#define VAN_PUBLIC_KEY_ALIAS "vanPublic"`
			`#define DEVICE_PUBLIC_KEY_ALIAS "devicePublic"`
			`#define OFFICE_PUBLIC_KEY_ALIAS "officePublic"`
			`#define DEVICE_PRIVATE_KEY_ALIAS "devicePrivate"`
			`#define OFFICE_PRIVATE_KEY_ALIAS "officePrivate"`
			`#define EG_KEYRING_CONFIG "keyringConfig" // A "message" name indicating keyring office JSON`

			`#define K2_ONLINE "online"`

			`#define NPMO_PARAM_VERSION "v"`
			`#define NPMO_PARAM_STUB "stub"`
			`#define NPMO_PARAM_OTHER_STUB "_stub"`
			`#define NPMO_PARAM_OFFICES "offices"`
			`#define NPMO_PARAM_PMO "pmo"`

			`//namespace PermissionConsts {`
			`#define PERMISSION_AUTHORITY "authority" /** Authority key */`
			`#define PERMISSION_KEY_OWNER "owner" /** Owner key */`
			`#define PERMISSION_KEY_SIGNATURE "signature"`
			`#define PERMISSION_READ "read"`
			`#define PERMISSION_WRITE "write"`
			`#define PERMISSION_SHOW_SHREDDED "hide"`
			`#define PERMISSION_ADMIN "admin"`
			`#define PERMISSION_DOORWAY "doorway"`
			`#define PERMISSION_STREAM "stream"`
			`#define PERMISSION_ALL "read\|write\|hide\|admin\|doorway\|stream\|readAssign\|writeAssign\|hideAssign\|doorwayAssign\|adminAssign\|streamAssign"`
			`#define PERMISSION_VALUE_OWNER "owner"`
			`#define PERMISSION_VALUE_OTHER "other"`
			`#define PERMISSION_GROUP_PREFIX "g@" // g@docuuid`
			`#define PERMISSION_ROOT_KEY "perms"`
			`#define PERMISSION_TYPE_KEY "type" // unset/empty "file" "group"`
			`#define PERMISSION_NAME_KEY "name" // for groups`
			`#define PERMISSION_ASSIGNMENT_SUFFIX "Assign"`
			`#define PERMISSION_TYPE_VALUES "file\|group" // unset/empty implies "file"`
			`#define PERMISSION_MEMBERS_KEY "mbrs" // The members key and data [pmo-uuid,...] is built by the updateMembers method`
			`//}`


			`#define PMO_USER_CONFIGURATION "uc"`
			`#define PMO_CONFIG_SDE_IOS "sde_ios"`

			`#define POLICY_NAME "policyName"`
			`#define POLICY_TYPE "type"`
			`#define POLICY_VALUE "value"`

			`#define MT_STORAGE "storage"`
			`#define MT_DEVICES "devices"`
			`#define MT_STORAGE_GUARD "storage-guard"`
			`#define MT_DIRECTORY_SELECTOR "directory-selector"`
			`#define MT_DEVICE_ROOT "device-root" // Inbox or Documents local to device`
			`#define MT_DOORWAY "doorway"`
			`#define MT_CLOUD_FOLDERS "cloud-folders"`
			`#define MT_MOUNT "mount"`
			`#define MT_ACTION "action"`
			`#define MT_AVAILABLE_PEERS "available-peers"`
			`#define MT_DIRECTORY "directory"`
			`#define MT_FILE "file"`
			`#define MT_PEER "peer" // typ. overridden by device`
			`#define MT_PEER_DIRECTORY "peer-directory"`
			`#define MT_PEER_FILE "peer-file"`
			`#define MT_DEVICE_DIRECTORY "device-directory"`
			`#define MT_DEVICE_FILE "device-file"`
			`#define MT_LOCAL_FILE "local-file"`
			`#define MT_CREATE_GROUP "create-group"`
			`#define MT_GROUP "group"`
			`#define MT_MESSAGE "message"`

			`#define SNT_ACTION_MIME_TYPE "application/json"`

			`#define IM_CHAT_HTML_MIME_TYPE1 "text/html"`
			`#define IM_CHAT_HTML_MIME_TYPE2 "application/html"`
			`#define IM_CHAT_PDF_MIME_TYPE "application/pdf"`

			`#define STORAGE_NODE_NAME "name"`
			`#define STORAGE_NODE_ID "_id"`
			`#define STORAGE_NODE_MIME_TYPE "mimetype"`
			`#define STORAGE_NODE_LENGTH "length"`
			`#define STORAGE_NODE_LAST_ACCESS "lastAccessTime"`
			`#define STORAGE_NODE_LAST_MODIFIED "lastModifiedTime"`
			`#define STORAGE_NODE_CREATE_TIME "creationTime"`
			`#define STORAGE_NODE_HOST "host"`
			`#define STORAGE_NODE_LOC "loc"`
			`#define STORAGE_NODE_MOUNT "mount"`
			`#define STORAGE_NODE_SOURCE "source"`
			`#define STORAGE_NODE_PATH "path"`
			`#define STORAGE_NODE_FOLDER "folder"`
			`#define STORAGE_NODE_PARENTS "parents"`
			`#define STORAGE_NODE_STATUS "status"`
			`#define STORAGE_NODE_TYPE "type"`
			`#define STORAGE_NODE_META_TYPE "metaType"`
			`#define STORAGE_NODE_CHILDREN "contents"`
			`#define STORAGE_NODE_META_DATA "metaData"`
			`#define STORAGE_NODE_REMOTE_KIND "remoteKind"`
			`#define STORAGE_NODE_REMOTE_STATUS "remoteStatus"`
			`#define STORAGE_NODE_UTIME "utime"`
			`#define STORAGE_NODE_SIZE "size"`
			`#define STORAGE_NODE_ABS_PATH "abspath"`
			`#define STORAGE_NODE_DESC "description"`
			`#define STORAGE_NODE_HASH "hash"`
			`#define STORAGE_NODE_URN "urn"`
			`#define STORAGE_NODE_SYNC "sync"`
			`#define STORAGE_NODE_VIEW "view"`
			`#define STORAGE_NODE_PORT "port"`
			`#define STORAGE_NODE_MTIME "mtime"`
			`#define STORAGE_NODE_ISDIR "isDirectory"`
			`#define STORAGE_NODE_FILENAME "_filename"`
			`#define STORAGE_NODE_SIGNATURE "signature"`
			`#define STORAGE_NODE_CHECKSUM "md5chk"`
			`#define STORAGE_NODE_DOCURN "docURN"`
			`#define STORAGE_NODE_PERMISSIONS "permissions"`

			`#define MIME_TYPE_APP_UNKNOWN "application/unknown"`

			`#define URL_ARGUMENT_SHARE "share"`
			`#define URL_VALUE_BOOL_TRUE "true"`
			`#define URL_VALUE_BOOL_FALSE "false"`
			`#define URL_ARGUMENT_MKDIR "mkdir"`
			`#define URL_ARGUMENT_DELETE "delete"`
			`#define URL_ARGUMENT_RENAME "rename"`

			`/**`
			`* Policy names. Note that these are auto-extracted from this file to src/com/ionu/PolicyNames.java.`
			`*/`
			`// @todo many more`
			`// FORMATTING IS IMPORTANT:`
			`// #define PN_name "name" // type defaultValue ["listval1",...] @@en_US_prompt`
			`// allowed types are: boolean/int/long/string/duration/date`
			`// duration is simply a long whose value is interpreted as millisecs`
			`// date is stored as ISO8601 string`
			`// The ["listval1",...] is optional`
			`//`
			`//namespace PolicyNames {`
			`#define PN_USER_REGEX "userRegex" // regex "[a-zA-Z0-9][a-zA-Z0-9_@.+-]{1,32}" @@"Username must be 2 to 20 characters and begin with a letter or digit then consist only of letters, digits and the characters '_@.+-'"`
			`#define PN_ALLOW_USER_PASSWORD_CHANGE "allowUserPasswordChange" // boolean true @@"{logic-only}"`
			`#define PN_PASSWORD_MIN_LENGTH "passwordMinLength" // int 8 @@"Password minimum length is 8 characters"`
			`#define PN_PASSWORD_DIGIT_REQUIRED "passwordDigitRequired" // boolean false @@"Your password must include a digit"`
			`#define PN_PASSWORD_ALPHA_REQUIRED "passwordAlphaRequired" // boolean true @@"Your password must include a letter"`
			`#define PN_CHALLENGE_RESPONSE_MIN_LENGTH "challengeResponseMinLength" // int 3 @@"Your security response must be at least 3 characters"`
			`#define PN_PASSWORD_STRENGTH_MIN "passwordStrengthMin" // double 0.5 @@"Your password is not strong/complex enough"`
			`#define PN_PASSPHRASE_MIN_LENGTH "passphraseMinLength" // int 10 @@"Your passphrase must be at least 10 characters"`
			`#define PN_PASSPHRASE_STRENGTH_MIN "passphraseStrengthMin" // double 0.75 @@"Your passphrase is not strong enough"`
			`#define PN_PASSPHRASE_CHALLENGE_OPTIONAL "passphraseChallengeOptional" // boolean true @@"{logic-only}"`
			`#define PN_PASSPHRASE_CHALLENGE_REQUIRED "passphraseChallengeRequired" // boolean false @@"You must select a passphrase"`
			`#define PN_PASSWORD_RESET_ALLOWED "passwordResetAllowed" // boolean true @@"{logic-only}"`
			`#define PN_PASSWORD_RECOVERY_ENABLED "passwordRecoveryEnabled" // boolean true @@"{logic-only}"`
			`#define PN_MIN_NUMBER_CHALLENGES_INC_PASSWORD "minNumberChallengesIncludingPassword" // int 4 @@"{logic-only}"`
			`#define PN_CUSTOM_CHALLENGE_REQUIRED "customChallengeRequired" // boolean false @@"A custom security question is required to be selected"`
			`#define PN_CUSTOM_CHALLENGE_MIN_LENGTH "customChallengeMinLength" // int 6 @@"Custom security questions must be at least 6 characters"`
			`#define PN_PASSWORD_FAIL_LOCKOUT "passwordFailLockout" // int 5 @@"{logic-only}"`
			`#define PN_PASSWORD_LOCKOUT_ACTION "passwordLockoutAction" // list "delay" ["delay","disable-account"] @@"{logic-only}"`
			`#define PN_PASSWORD_LOCKOUT_DELAY "passwordLockoutDelay" // duration 15000 @@"{logic-only 15secs}"`
			`#define PN_MAX_VAN_USERS "maxUsers" // long 50000 @@"A maximum of 50,000 users is currently supported"`
			`#define PN_REQUIRE_OFFICE_ACTIVATION "requireOfficeActivation" // boolean true @@"{logic-only}"`
			`#define PN_ALLLOW_ACTIVATION_BYPASS "allowActivationBypass" // regex "qa[^@]+@sl-int[.]com" @@"{logic-only}"`
			`#define PN_REQUIRE_CAPTCHA_ON_CREATE_OFFICE "requireCreateOfficeCaptcha" // boolean false @@"{logic-only}"`
			`#define PN_REQUIRE_CAPTCHA_ON_WEB_LOGIN "requireWebLoginCaptcha" // boolean false @@"{logic-only}"`
			`#define PN_DELAY_LOGIN_FAILURE "delayLoginFailure" // duration 1500 @@"{logic-only 1.5secs}"`
			`#define PN_MAX_DEVICES "maxDevices" // int 100 @@"A maximum of 100 devices is supported per user"`
			`#define PN_AUTO_LOGOUT_INACTIVITY_MAX "autoLogoutMax" // duration 604800000 @@"The maximum inactivity time before auto logout is one week"`
			`#define PN_COMPATIBILITY_REQUIRMENT "compatibilityRequirement" // regex "default" @@"This application is not compatible with the server VAN"`
			`#define PN_SERVER_USER_TRACKING "serverUserTracking" // list "on" ["user-selectable","off","on"] @@"Allow user to have web service events tracked"`
			`#define PN_SERVER_USER_TRACKING_TTL "serverUserTrackingTTL" // duration 2592000000 @@"Server tracking events expire after 30 days"`
			`#define PN_WEB_TOKEN_EXPIRY "webTokenExpiry" // duration 14400000 @@"{logic-only 4 hours}"`
			`#define PN_TEAMS_SUPPORTED "secureManagedNetworkSupportEnabled" // boolean true @@"{logic-only should admin UX support network features}"`
			`#define PN_TEAMS_ALLOW_USER_VIEW_MEMBERS "smnViewMembersEnabled" // boolean true @@"{logic-only can users see members in web admin}"`
			`#define PN_EMAIL_REGEX "emailRegex" // regex "^[_A-Za-z0-9-\\+]+(\\.[_A-Za-z0-9-]+)@[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)(\\.[A-Za-z]{2,})$" @@"A valid email must contain an @ and a domain"`
			`#define PN_PHONE_REGEX "phoneRegex" // regex "^[01]?[-\\s.]?\\(?[2-9]\\d{2}\\)?[-\\s.]?\\d{3}[-\\s.]?\\d{4}$" @@"A valid phone number is of the form (303)555-1212"`
			`#define PN_ALLOW_USER_PRECREATION "userPrecreationEnabled" // boolean true @@"{logic-only should admin UX support account precreation}"`
			`#define PN_NO_LOGIN_INACTIVATE_DURATION "noLoginInactivateDuration" // duration 2709400000 @@"Device not logged in inactivation duration"`
			`#define PN_NO_LOGIN_REMOVE_DURATION "noLoginRemoveDuration" // duration 15732000000 @@"Device not logged in removal duration"`
			`#define PN_BROWSER_PROVISIONING "browserProvisioning" // list "allow" ["prohibit","insecure","allow","activation"] @@"Allow browsers to be provisioned as data devices"`
			`#define PN_DATA_ENCRYPTION "dataEncryption" // list "files_data" ["files_data","files","data","none"] @@"Encrypt files and data; files only; data only; nothing"`
			`#define PN_DEMO_ENABLED "demoEnabled" // boolean false @@"Enable demo features"`
			`#define PN_WORFLOW_EMAIL "workflowEmailAddresses" // string "" @@"Comma or bar separated list of email addresses to send on important workflow events"`
			`#define PN_MAX_BROWSER_FILE_SIZE "maxBrowserFileSize" // long 10485760 @@"A maximum file size of 10MB is supported within the browser"`
			`//}`
			`// end generation of policy constants`
			`#endif`

			`// previously... #define PN_PASSWORD_LOCKOUT_ACTION "passwordLockoutAction" // list "delay" ["delay","disable-account","re-enter-challenges"] @@"{logic-only}"`


			`/* Obsoleted 10/20/16`
			`#define PN_VERSION_ANDROID_CURRENT "versionANDROIDCurrent" // int 29 @@"{logic-only}"`
			`#define PN_VERSION_IOS_CURRENT "versionIOSCurrent" // int 0 @@"{logic-only}"`
			`#define PN_VERSION_OSX_CURRENT "versionOSXCurrent" // int 0 @@"{logic-only}"`
			`#define PN_VERSION_WINDOWS_CURRENT "versionWINDOWSCurrent" // int 0 @@"{logic-only}"`
			`#define PN_VERSION_ANDROID_MIN "versionANDROIDMin" // int 1 @@"This application version does not meet the minimum allowed by the server"`
			`#define PN_VERSION_IOS_MIN "versionIOSMin" // int 1 @@"This application version does not meet the minimum allowed by the server"`
			`#define PN_VERSION_OSX_MIN "versionOSXMin" // int 1 @@"This application version does not meet the minimum allowed by the server"`
			`#define PN_VERSION_WINDOWS_MIN "versionWINDOWSMin" // int 1 @@"This application version does not meet the minimum allowed by the server"`
			`#define PN_MAX_CHAT_MESSAGE_LENGTH "maxChatMessageLength" // int 1024 @@"Maximum length of a chat message is 1024 characters"`
			`#define PN_VANISH_ON_READ_TIME_TO_DISPLAY "vanishOnReadTimeToDisplay" // duration 30000 @@"You have 30 seconds to read this message"`
			`#define PN_SMS_APP_DOWNLOAD_LINK "smsAppDownloadLink" // string "http://www.sequencelogic.net/download" @@"Please click on this link to visit the downloads page"`
			`#define PN_VAN_SOLO_RESIDENCY "vanSoloResidency" // boolean false @@"The selected VAN may not be used in conjunction with any other VANs on this device"`
			`#define PN_MAX_ATTACHMENT_SIZE "maxAttachmentSize" // int 5242880 @@"The maximum size of an attachment is 5MB"`
			`#define PN_LINK_WINDOWS_APP "linkWindowsApp" // string "https://prod1.sl.com/release/win32/IOnUSetupBeta.exe" @@"{logic-only IONU Windows installer deep link}"`
			`#define PN_PAYMENT_ENABLED "paymentEnabled" // boolean true @@"{logic-only should admin UX support payment features}"`
			`#define PN_CLOUD_PROVIDERS_SUPPORTED "cloudProvidersSupported" // regex "^(?:dropbox\|box\|google)$" @@"Supported Cloud Providers"`
			`#define PN_ALLOW_CREDENTIALS_IN_KEYCHAIN "allowCredentialsInKeychain" // boolean true @@"{logic-only Apps may persist cloud or other credentials in OS keychain}"`
			`#define PN_ALLOW_TOUCH_ID "allowTouchID" // boolean true @@"{logic-only Touch ID allowed to unlock iOS app}"`
			`#define PN_MAX_FILE_SIZE "maxFileSize" // long 2147483648 @@"A maximum file size of 2GB is supported"`
			`#define PN_ALLOW_SEARCHABLE_GROUPS "allowSearchableGroups" // boolean true @@"Allow searchable setting for groups to be modified"`
			`#define PN_ALLOW_NESTED_GROUPS "allowNestedGroups" // boolean true @@"Allow groups to contain groups"`
			`#define PN_TRACK_BANDWIDTH "trackBandwidth" // boolean false @@"Track (and thus enforce) bandwidth consumption per product configurations"`
			`*/`