Windows编程

开发平台：

Delphi

JwaWinCrypt.pas：源码内容

{******************************************************************************}
{ }
{ Windows Cryptography API interface Unit for Object Pascal }
{ }
{ }
{ The original file is: wincrypt.h, released June 2000. The original Pascal }
{ code is: WinCrypt.pas, released December 2000. The initial developer of the }
{ Pascal code is Marcel van Brakel (brakelm@chello.nl). }
{ }
{ }
{ Obtained through: Joint Endeavour of Delphi Innovators (Project JEDI) }
{ }
{ You may retrieve the latest version of this file at the Project JEDI home }
{ page, located at http://delphi-jedi.org or my personal homepage located at }
{ http://members.chello.nl/m.vanbrakel2 }
{ }
{ The contents of this file are used with permission, subject to the Mozilla }
{ Public License Version 1.1 (the "License"); you may not use this file except }
{ in compliance with the License. You may obtain a copy of the License at }
{ http://www.mozilla.org/MPL/MPL-1.1.html }
{ }
{ Software distributed under the License is distributed on an "AS IS" basis, }
{ WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for }
{ the specific language governing rights and limitations under the License. }
{ }
{ Alternatively, the contents of this file may be used under the terms of the }
{ GNU Lesser General Public License (the "LGPL License"), in which case the }
{ provisions of the LGPL License are applicable instead of those above. }
{ If you wish to allow use of your version of this file only under the terms }
{ of the LGPL License and not to allow others to use your version of this file }
{ under the MPL, indicate your decision by deleting the provisions above and }
{ replace them with the notice and other provisions required by the LGPL }
{ License. If you do not delete the provisions above, a recipient may use }
{ your version of this file under either the MPL or the LGPL License. }
{ }
{ For more information about the LGPL: http://www.gnu.org/copyleft/lesser.html }
{ }
{******************************************************************************}
unit JwaWinCrypt;
{$WEAKPACKAGEUNIT}
{$HPPEMIT ''}
{$HPPEMIT '#include <WinCrypt.h>'}
{$HPPEMIT ''}
{$HPPEMIT 'typedef HCRYPTPROV *PHCRYPTPROV'}
{$HPPEMIT 'typedef HCRYPTKEY *PHCRYPTKEY'}
{$HPPEMIT 'typedef HCRYPTHASH *PHCRYPTHASH'}
{$HPPEMIT 'typedef PROV_ENUMALGS *PPROV_ENUMALGS'}
{$HPPEMIT 'typedef PROV_ENUMALGS_EX *PPROV_ENUMALGS_EX'}
{$HPPEMIT 'typedef PUBLICKEYSTRUC *PPUBLICKEYSTRUC'}
{$HPPEMIT 'typedef RSAPUBKEY *PRSAPUBKEY'}
{$HPPEMIT 'typedef DSSSEED *PDSSSEED'}
{$HPPEMIT 'typedef PUBKEYVER3 *PPUBKEYVER3'}
{$HPPEMIT 'typedef DHPRIVKEY_VER3 *PPRIVKEYVER3'}
{$HPPEMIT 'typedef CERT_FORTEZZA_DATA_PROP *PCERT_FORTEZZA_DATA_PROP'}
{$HPPEMIT 'typedef HCRYPTMSG *PHCRYPTMSG'}
{$HPPEMIT 'typedef CMSG_RECIPIENT_ENCODE_INFO *PCMSG_RECIPIENT_ENCODE_INFO'}
{$HPPEMIT 'typedef _CMSG_RECIPIENT_ENCODE_INFO CMSG_RECIPIENT_ENCODE_INFO'}
{$HPPEMIT 'typedef PCMSG_KEY_AGREE_KEY_ENCRYPT_INFO *PPCMSG_KEY_AGREE_KEY_ENCRYPT_INFO'}
{$HPPEMIT 'typedef HCERTSTORE *PHCERTSTORE'}
{$HPPEMIT 'typedef PCCERT_CONTEXT *PPCCERT_CONTEXT'}
{$HPPEMIT 'typedef PCCRL_CONTEXT *PPCCRL_CONTEXT'}
{$HPPEMIT 'typedef PCERT_CHAIN_CONTEXT *PPCCERT_CHAIN_CONTEXT'}
{$HPPEMIT ''}
{$I WINDEFINES.INC}
interface
uses
JwaWinBase, JwaWinType;
//
// Algorithm IDs and Flags
//
// ALG_ID crackers
function GET_ALG_CLASS(x: DWORD): DWORD;
{$EXTERNALSYM GET_ALG_CLASS}
function GET_ALG_TYPE(x: DWORD): DWORD;
{$EXTERNALSYM GET_ALG_TYPE}
function GET_ALG_SID(x: DWORD): DWORD;
{$EXTERNALSYM GET_ALG_SID}
// Algorithm classes
const
ALG_CLASS_ANY = (0);
{$EXTERNALSYM ALG_CLASS_ANY}
ALG_CLASS_SIGNATURE = (1 shl 13);
{$EXTERNALSYM ALG_CLASS_SIGNATURE}
ALG_CLASS_MSG_ENCRYPT = (2 shl 13);
{$EXTERNALSYM ALG_CLASS_MSG_ENCRYPT}
ALG_CLASS_DATA_ENCRYPT = (3 shl 13);
{$EXTERNALSYM ALG_CLASS_DATA_ENCRYPT}
ALG_CLASS_HASH = (4 shl 13);
{$EXTERNALSYM ALG_CLASS_HASH}
ALG_CLASS_KEY_EXCHANGE = (5 shl 13);
{$EXTERNALSYM ALG_CLASS_KEY_EXCHANGE}
ALG_CLASS_ALL = (7 shl 13);
{$EXTERNALSYM ALG_CLASS_ALL}
// Algorithm types
ALG_TYPE_ANY = (0);
{$EXTERNALSYM ALG_TYPE_ANY}
ALG_TYPE_DSS = (1 shl 9);
{$EXTERNALSYM ALG_TYPE_DSS}
ALG_TYPE_RSA = (2 shl 9);
{$EXTERNALSYM ALG_TYPE_RSA}
ALG_TYPE_BLOCK = (3 shl 9);
{$EXTERNALSYM ALG_TYPE_BLOCK}
ALG_TYPE_STREAM = (4 shl 9);
{$EXTERNALSYM ALG_TYPE_STREAM}
ALG_TYPE_DH = (5 shl 9);
{$EXTERNALSYM ALG_TYPE_DH}
ALG_TYPE_SECURECHANNEL = (6 shl 9);
{$EXTERNALSYM ALG_TYPE_SECURECHANNEL}
// Generic sub-ids
ALG_SID_ANY = (0);
{$EXTERNALSYM ALG_SID_ANY}
// Some RSA sub-ids
ALG_SID_RSA_ANY = 0;
{$EXTERNALSYM ALG_SID_RSA_ANY}
ALG_SID_RSA_PKCS = 1;
{$EXTERNALSYM ALG_SID_RSA_PKCS}
ALG_SID_RSA_MSATWORK = 2;
{$EXTERNALSYM ALG_SID_RSA_MSATWORK}
ALG_SID_RSA_ENTRUST = 3;
{$EXTERNALSYM ALG_SID_RSA_ENTRUST}
ALG_SID_RSA_PGP = 4;
{$EXTERNALSYM ALG_SID_RSA_PGP}
// Some DSS sub-ids
//
ALG_SID_DSS_ANY = 0;
{$EXTERNALSYM ALG_SID_DSS_ANY}
ALG_SID_DSS_PKCS = 1;
{$EXTERNALSYM ALG_SID_DSS_PKCS}
ALG_SID_DSS_DMS = 2;
{$EXTERNALSYM ALG_SID_DSS_DMS}
// Block cipher sub ids
// DES sub_ids
ALG_SID_DES = 1;
{$EXTERNALSYM ALG_SID_DES}
ALG_SID_3DES = 3;
{$EXTERNALSYM ALG_SID_3DES}
ALG_SID_DESX = 4;
{$EXTERNALSYM ALG_SID_DESX}
ALG_SID_IDEA = 5;
{$EXTERNALSYM ALG_SID_IDEA}
ALG_SID_CAST = 6;
{$EXTERNALSYM ALG_SID_CAST}
ALG_SID_SAFERSK64 = 7;
{$EXTERNALSYM ALG_SID_SAFERSK64}
ALG_SID_SAFERSK128 = 8;
{$EXTERNALSYM ALG_SID_SAFERSK128}
ALG_SID_3DES_112 = 9;
{$EXTERNALSYM ALG_SID_3DES_112}
ALG_SID_CYLINK_MEK = 12;
{$EXTERNALSYM ALG_SID_CYLINK_MEK}
ALG_SID_RC5 = 13;
{$EXTERNALSYM ALG_SID_RC5}
// Fortezza sub-ids
ALG_SID_SKIPJACK = 10;
{$EXTERNALSYM ALG_SID_SKIPJACK}
ALG_SID_TEK = 11;
{$EXTERNALSYM ALG_SID_TEK}
// KP_MODE
CRYPT_MODE_CBCI = 6; // ANSI CBC Interleaved
{$EXTERNALSYM CRYPT_MODE_CBCI}
CRYPT_MODE_CFBP = 7; // ANSI CFB Pipelined
{$EXTERNALSYM CRYPT_MODE_CFBP}
CRYPT_MODE_OFBP = 8; // ANSI OFB Pipelined
{$EXTERNALSYM CRYPT_MODE_OFBP}
CRYPT_MODE_CBCOFM = 9; // ANSI CBC + OF Masking
{$EXTERNALSYM CRYPT_MODE_CBCOFM}
CRYPT_MODE_CBCOFMI = 10; // ANSI CBC + OFM Interleaved
{$EXTERNALSYM CRYPT_MODE_CBCOFMI}
// RC2 sub-ids
ALG_SID_RC2 = 2;
{$EXTERNALSYM ALG_SID_RC2}
// Stream cipher sub-ids
ALG_SID_RC4 = 1;
{$EXTERNALSYM ALG_SID_RC4}
ALG_SID_SEAL = 2;
{$EXTERNALSYM ALG_SID_SEAL}
// Diffie-Hellman sub-ids
ALG_SID_DH_SANDF = 1;
{$EXTERNALSYM ALG_SID_DH_SANDF}
ALG_SID_DH_EPHEM = 2;
{$EXTERNALSYM ALG_SID_DH_EPHEM}
ALG_SID_AGREED_KEY_ANY = 3;
{$EXTERNALSYM ALG_SID_AGREED_KEY_ANY}
ALG_SID_KEA = 4;
{$EXTERNALSYM ALG_SID_KEA}
// Hash sub ids
ALG_SID_MD2 = 1;
{$EXTERNALSYM ALG_SID_MD2}
ALG_SID_MD4 = 2;
{$EXTERNALSYM ALG_SID_MD4}
ALG_SID_MD5 = 3;
{$EXTERNALSYM ALG_SID_MD5}
ALG_SID_SHA = 4;
{$EXTERNALSYM ALG_SID_SHA}
ALG_SID_SHA1 = 4;
{$EXTERNALSYM ALG_SID_SHA1}
ALG_SID_MAC = 5;
{$EXTERNALSYM ALG_SID_MAC}
ALG_SID_RIPEMD = 6;
{$EXTERNALSYM ALG_SID_RIPEMD}
ALG_SID_RIPEMD160 = 7;
{$EXTERNALSYM ALG_SID_RIPEMD160}
ALG_SID_SSL3SHAMD5 = 8;
{$EXTERNALSYM ALG_SID_SSL3SHAMD5}
ALG_SID_HMAC = 9;
{$EXTERNALSYM ALG_SID_HMAC}
ALG_SID_TLS1PRF = 10;
{$EXTERNALSYM ALG_SID_TLS1PRF}
// secure channel sub ids
ALG_SID_SSL3_MASTER = 1;
{$EXTERNALSYM ALG_SID_SSL3_MASTER}
ALG_SID_SCHANNEL_MASTER_HASH = 2;
{$EXTERNALSYM ALG_SID_SCHANNEL_MASTER_HASH}
ALG_SID_SCHANNEL_MAC_KEY = 3;
{$EXTERNALSYM ALG_SID_SCHANNEL_MAC_KEY}
ALG_SID_PCT1_MASTER = 4;
{$EXTERNALSYM ALG_SID_PCT1_MASTER}
ALG_SID_SSL2_MASTER = 5;
{$EXTERNALSYM ALG_SID_SSL2_MASTER}
ALG_SID_TLS1_MASTER = 6;
{$EXTERNALSYM ALG_SID_TLS1_MASTER}
ALG_SID_SCHANNEL_ENC_KEY = 7;
{$EXTERNALSYM ALG_SID_SCHANNEL_ENC_KEY}
// Our silly example sub-id
ALG_SID_EXAMPLE = 80;
{$EXTERNALSYM ALG_SID_EXAMPLE}
type
ALG_ID = Cardinal;
{$EXTERNALSYM ALG_ID}
// algorithm identifier definitions
const
CALG_MD2 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD2);
{$EXTERNALSYM CALG_MD2}
CALG_MD4 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD4);
{$EXTERNALSYM CALG_MD4}
CALG_MD5 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD5);
{$EXTERNALSYM CALG_MD5}
CALG_SHA = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SHA);
{$EXTERNALSYM CALG_SHA}
CALG_SHA1 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SHA1);
{$EXTERNALSYM CALG_SHA1}
CALG_MAC = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MAC);
{$EXTERNALSYM CALG_MAC}
CALG_RSA_SIGN = (ALG_CLASS_SIGNATURE or ALG_TYPE_RSA or ALG_SID_RSA_ANY);
{$EXTERNALSYM CALG_RSA_SIGN}
CALG_DSS_SIGN = (ALG_CLASS_SIGNATURE or ALG_TYPE_DSS or ALG_SID_DSS_ANY);
{$EXTERNALSYM CALG_DSS_SIGN}
CALG_RSA_KEYX = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_RSA or ALG_SID_RSA_ANY);
{$EXTERNALSYM CALG_RSA_KEYX}
CALG_DES = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_DES);
{$EXTERNALSYM CALG_DES}
CALG_3DES_112 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_3DES_112);
{$EXTERNALSYM CALG_3DES_112}
CALG_3DES = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_3DES);
{$EXTERNALSYM CALG_3DES}
CALG_DESX = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_DESX);
{$EXTERNALSYM CALG_DESX}
CALG_RC2 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_RC2);
{$EXTERNALSYM CALG_RC2}
CALG_RC4 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_STREAM or ALG_SID_RC4);
{$EXTERNALSYM CALG_RC4}
CALG_SEAL = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_STREAM or ALG_SID_SEAL);
{$EXTERNALSYM CALG_SEAL}
CALG_DH_SF = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_DH_SANDF);
{$EXTERNALSYM CALG_DH_SF}
CALG_DH_EPHEM = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_DH_EPHEM);
{$EXTERNALSYM CALG_DH_EPHEM}
CALG_AGREEDKEY_ANY = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_AGREED_KEY_ANY);
{$EXTERNALSYM CALG_AGREEDKEY_ANY}
CALG_KEA_KEYX = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_KEA);
{$EXTERNALSYM CALG_KEA_KEYX}
CALG_HUGHES_MD5 = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_ANY or ALG_SID_MD5);
{$EXTERNALSYM CALG_HUGHES_MD5}
CALG_SKIPJACK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_SKIPJACK);
{$EXTERNALSYM CALG_SKIPJACK}
CALG_TEK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_TEK);
{$EXTERNALSYM CALG_TEK}
CALG_CYLINK_MEK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_CYLINK_MEK);
{$EXTERNALSYM CALG_CYLINK_MEK}
CALG_SSL3_SHAMD5 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SSL3SHAMD5);
{$EXTERNALSYM CALG_SSL3_SHAMD5}
CALG_SSL3_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SSL3_MASTER);
{$EXTERNALSYM CALG_SSL3_MASTER}
CALG_SCHANNEL_MASTER_HASH = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_MASTER_HASH);
{$EXTERNALSYM CALG_SCHANNEL_MASTER_HASH}
CALG_SCHANNEL_MAC_KEY = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_MAC_KEY);
{$EXTERNALSYM CALG_SCHANNEL_MAC_KEY}
CALG_SCHANNEL_ENC_KEY = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_ENC_KEY);
{$EXTERNALSYM CALG_SCHANNEL_ENC_KEY}
CALG_PCT1_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_PCT1_MASTER);
{$EXTERNALSYM CALG_PCT1_MASTER}
CALG_SSL2_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SSL2_MASTER);
{$EXTERNALSYM CALG_SSL2_MASTER}
CALG_TLS1_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_TLS1_MASTER);
{$EXTERNALSYM CALG_TLS1_MASTER}
CALG_RC5 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_RC5);
{$EXTERNALSYM CALG_RC5}
CALG_HMAC = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_HMAC);
{$EXTERNALSYM CALG_HMAC}
CALG_TLS1PRF = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_TLS1PRF);
{$EXTERNALSYM CALG_TLS1PRF}
// resource number for signatures in the CSP
SIGNATURE_RESOURCE_NUMBER = $29A;
{$EXTERNALSYM SIGNATURE_RESOURCE_NUMBER}
type
PVTableProvStruc = ^VTableProvStruc;
_VTableProvStruc = record
Version: DWORD;
FuncVerifyImage: FARPROC;
FuncReturnhWnd: FARPROC;
dwProvType: DWORD;
pbContextInfo: LPBYTE;
cbContextInfo: DWORD;
pszProvName: LPSTR;
end;
{$EXTERNALSYM _VTableProvStruc}
VTableProvStruc = _VTableProvStruc;
{$EXTERNALSYM VTableProvStruc}
TVTableProvStruc = VTableProvStruc;
HCRYPTPROV = ULONG_PTR;
{$EXTERNALSYM HCRYPTPROV}
HCRYPTKEY = ULONG_PTR;
{$EXTERNALSYM HCRYPTKEY}
HCRYPTHASH = ULONG_PTR;
{$EXTERNALSYM HCRYPTHASH}
PHCRYPTPROV = ^HCRYPTPROV;
{$NODEFINE PHCRYPTPROV}
PHCRYPTKEY = ^HCRYPTKEY;
{$NODEFINE PHCRYPTKEY}
PHCRYPTHASH = ^HCRYPTHASH;
{$NODEFINE PHCRYPTHASH}
// dwFlags definitions for CryptAcquireContext
const
CRYPT_VERIFYCONTEXT = DWORD($F0000000);
{$EXTERNALSYM CRYPT_VERIFYCONTEXT}
CRYPT_NEWKEYSET = $00000008;
{$EXTERNALSYM CRYPT_NEWKEYSET}
CRYPT_DELETEKEYSET = $00000010;
{$EXTERNALSYM CRYPT_DELETEKEYSET}
CRYPT_MACHINE_KEYSET = $00000020;
{$EXTERNALSYM CRYPT_MACHINE_KEYSET}
CRYPT_SILENT = $00000040;
{$EXTERNALSYM CRYPT_SILENT}
// dwFlag definitions for CryptGenKey
CRYPT_EXPORTABLE = $00000001;
{$EXTERNALSYM CRYPT_EXPORTABLE}
CRYPT_USER_PROTECTED = $00000002;
{$EXTERNALSYM CRYPT_USER_PROTECTED}
CRYPT_CREATE_SALT = $00000004;
{$EXTERNALSYM CRYPT_CREATE_SALT}
CRYPT_UPDATE_KEY = $00000008;
{$EXTERNALSYM CRYPT_UPDATE_KEY}
CRYPT_NO_SALT = $00000010;
{$EXTERNALSYM CRYPT_NO_SALT}
CRYPT_PREGEN = $00000040;
{$EXTERNALSYM CRYPT_PREGEN}
CRYPT_RECIPIENT = $00000010;
{$EXTERNALSYM CRYPT_RECIPIENT}
CRYPT_INITIATOR = $00000040;
{$EXTERNALSYM CRYPT_INITIATOR}
CRYPT_ONLINE = $00000080;
{$EXTERNALSYM CRYPT_ONLINE}
CRYPT_SF = $00000100;
{$EXTERNALSYM CRYPT_SF}
CRYPT_CREATE_IV = $00000200;
{$EXTERNALSYM CRYPT_CREATE_IV}
CRYPT_KEK = $00000400;
{$EXTERNALSYM CRYPT_KEK}
CRYPT_DATA_KEY = $00000800;
{$EXTERNALSYM CRYPT_DATA_KEY}
CRYPT_VOLATILE = $00001000;
{$EXTERNALSYM CRYPT_VOLATILE}
CRYPT_SGCKEY = $00002000;
{$EXTERNALSYM CRYPT_SGCKEY}
RSA1024BIT_KEY = $04000000;
{$EXTERNALSYM RSA1024BIT_KEY}
// dwFlags definitions for CryptDeriveKey
CRYPT_SERVER = $00000400;
{$EXTERNALSYM CRYPT_SERVER}
KEY_LENGTH_MASK = DWORD($FFFF0000);
{$EXTERNALSYM KEY_LENGTH_MASK}
// dwFlag definitions for CryptExportKey
CRYPT_Y_ONLY = $00000001;
{$EXTERNALSYM CRYPT_Y_ONLY}
CRYPT_SSL2_FALLBACK = $00000002;
{$EXTERNALSYM CRYPT_SSL2_FALLBACK}
CRYPT_DESTROYKEY = $00000004;
{$EXTERNALSYM CRYPT_DESTROYKEY}
CRYPT_OAEP = $00000040; // used with RSA encryptions/decryptions
// CryptExportKey, CryptImportKey,
// CryptEncrypt and CryptDecrypt
{$EXTERNALSYM CRYPT_OAEP}
CRYPT_BLOB_VER3 = $00000080; // export version 3 of a blob type
{$EXTERNALSYM CRYPT_BLOB_VER3}
// dwFlags definitions for CryptCreateHash
CRYPT_SECRETDIGEST = $00000001;
{$EXTERNALSYM CRYPT_SECRETDIGEST}
// dwFlags definitions for CryptHashSessionKey
CRYPT_LITTLE_ENDIAN = $00000001;
{$EXTERNALSYM CRYPT_LITTLE_ENDIAN}
// dwFlags definitions for CryptSignHash and CryptVerifySignature
CRYPT_NOHASHOID = $00000001;
{$EXTERNALSYM CRYPT_NOHASHOID}
CRYPT_TYPE2_FORMAT = $00000002;
{$EXTERNALSYM CRYPT_TYPE2_FORMAT}
CRYPT_X931_FORMAT = $00000004;
{$EXTERNALSYM CRYPT_X931_FORMAT}
// dwFlag definitions for CryptSetProviderEx and CryptGetDefaultProvider
CRYPT_MACHINE_DEFAULT = $00000001;
{$EXTERNALSYM CRYPT_MACHINE_DEFAULT}
CRYPT_USER_DEFAULT = $00000002;
{$EXTERNALSYM CRYPT_USER_DEFAULT}
CRYPT_DELETE_DEFAULT = $00000004;
{$EXTERNALSYM CRYPT_DELETE_DEFAULT}
// exported key blob definitions
SIMPLEBLOB = $1;
{$EXTERNALSYM SIMPLEBLOB}
PUBLICKEYBLOB = $6;
{$EXTERNALSYM PUBLICKEYBLOB}
PRIVATEKEYBLOB = $7;
{$EXTERNALSYM PRIVATEKEYBLOB}
PLAINTEXTKEYBLOB = $8;
{$EXTERNALSYM PLAINTEXTKEYBLOB}
OPAQUEKEYBLOB = $9;
{$EXTERNALSYM OPAQUEKEYBLOB}
PUBLICKEYBLOBEX = $A;
{$EXTERNALSYM PUBLICKEYBLOBEX}
SYMMETRICWRAPKEYBLOB = $B;
{$EXTERNALSYM SYMMETRICWRAPKEYBLOB}
AT_KEYEXCHANGE = 1;
{$EXTERNALSYM AT_KEYEXCHANGE}
AT_SIGNATURE = 2;
{$EXTERNALSYM AT_SIGNATURE}
CRYPT_USERDATA = 1;
{$EXTERNALSYM CRYPT_USERDATA}
// dwParam
KP_IV = 1; // Initialization vector
{$EXTERNALSYM KP_IV}
KP_SALT = 2; // Salt value
{$EXTERNALSYM KP_SALT}
KP_PADDING = 3; // Padding values
{$EXTERNALSYM KP_PADDING}
KP_MODE = 4; // Mode of the cipher
{$EXTERNALSYM KP_MODE}
KP_MODE_BITS = 5; // Number of bits to feedback
{$EXTERNALSYM KP_MODE_BITS}
KP_PERMISSIONS = 6; // Key permissions DWORD
{$EXTERNALSYM KP_PERMISSIONS}
KP_ALGID = 7; // Key algorithm
{$EXTERNALSYM KP_ALGID}
KP_BLOCKLEN = 8; // Block size of the cipher
{$EXTERNALSYM KP_BLOCKLEN}
KP_KEYLEN = 9; // Length of key in bits
{$EXTERNALSYM KP_KEYLEN}
KP_SALT_EX = 10; // Length of salt in bytes
{$EXTERNALSYM KP_SALT_EX}
KP_P = 11; // DSS/Diffie-Hellman P value
{$EXTERNALSYM KP_P}
KP_G = 12; // DSS/Diffie-Hellman G value
{$EXTERNALSYM KP_G}
KP_Q = 13; // DSS Q value
{$EXTERNALSYM KP_Q}
KP_X = 14; // Diffie-Hellman X value
{$EXTERNALSYM KP_X}
KP_Y = 15; // Y value
{$EXTERNALSYM KP_Y}
KP_RA = 16; // Fortezza RA value
{$EXTERNALSYM KP_RA}
KP_RB = 17; // Fortezza RB value
{$EXTERNALSYM KP_RB}
KP_INFO = 18; // for putting information into an RSA envelope
{$EXTERNALSYM KP_INFO}
KP_EFFECTIVE_KEYLEN = 19; // setting and getting RC2 effective key length
{$EXTERNALSYM KP_EFFECTIVE_KEYLEN}
KP_SCHANNEL_ALG = 20; // for setting the Secure Channel algorithms
{$EXTERNALSYM KP_SCHANNEL_ALG}
KP_CLIENT_RANDOM = 21; // for setting the Secure Channel client random data
{$EXTERNALSYM KP_CLIENT_RANDOM}
KP_SERVER_RANDOM = 22; // for setting the Secure Channel server random data
{$EXTERNALSYM KP_SERVER_RANDOM}
KP_RP = 23;
{$EXTERNALSYM KP_RP}
KP_PRECOMP_MD5 = 24;
{$EXTERNALSYM KP_PRECOMP_MD5}
KP_PRECOMP_SHA = 25;
{$EXTERNALSYM KP_PRECOMP_SHA}
KP_CERTIFICATE = 26; // for setting Secure Channel certificate data (PCT1)
{$EXTERNALSYM KP_CERTIFICATE}
KP_CLEAR_KEY = 27; // for setting Secure Channel clear key data (PCT1)
{$EXTERNALSYM KP_CLEAR_KEY}
KP_PUB_EX_LEN = 28;
{$EXTERNALSYM KP_PUB_EX_LEN}
KP_PUB_EX_VAL = 29;
{$EXTERNALSYM KP_PUB_EX_VAL}
KP_KEYVAL = 30;
{$EXTERNALSYM KP_KEYVAL}
KP_ADMIN_PIN = 31;
{$EXTERNALSYM KP_ADMIN_PIN}
KP_KEYEXCHANGE_PIN = 32;
{$EXTERNALSYM KP_KEYEXCHANGE_PIN}
KP_SIGNATURE_PIN = 33;
{$EXTERNALSYM KP_SIGNATURE_PIN}
KP_PREHASH = 34;
{$EXTERNALSYM KP_PREHASH}
KP_OAEP_PARAMS = 36; // for setting OAEP params on RSA keys
{$EXTERNALSYM KP_OAEP_PARAMS}
KP_CMS_KEY_INFO = 37;
{$EXTERNALSYM KP_CMS_KEY_INFO}
KP_CMS_DH_KEY_INFO = 38;
{$EXTERNALSYM KP_CMS_DH_KEY_INFO}
KP_PUB_PARAMS = 39; // for setting public parameters
{$EXTERNALSYM KP_PUB_PARAMS}
KP_VERIFY_PARAMS = 40; // for verifying DSA and DH parameters
{$EXTERNALSYM KP_VERIFY_PARAMS}
KP_HIGHEST_VERSION = 41; // for TLS protocol version setting
{$EXTERNALSYM KP_HIGHEST_VERSION}
// KP_PADDING
PKCS5_PADDING = 1; // PKCS 5 (sec 6.2) padding method
{$EXTERNALSYM PKCS5_PADDING}
RANDOM_PADDING = 2;
{$EXTERNALSYM RANDOM_PADDING}
ZERO_PADDING = 3;
{$EXTERNALSYM ZERO_PADDING}
// KP_MODE
CRYPT_MODE_CBC = 1; // Cipher block chaining
{$EXTERNALSYM CRYPT_MODE_CBC}
CRYPT_MODE_ECB = 2; // Electronic code book
{$EXTERNALSYM CRYPT_MODE_ECB}
CRYPT_MODE_OFB = 3; // Output feedback mode
{$EXTERNALSYM CRYPT_MODE_OFB}
CRYPT_MODE_CFB = 4; // Cipher feedback mode
{$EXTERNALSYM CRYPT_MODE_CFB}
CRYPT_MODE_CTS = 5; // Ciphertext stealing mode
{$EXTERNALSYM CRYPT_MODE_CTS}
// KP_PERMISSIONS
CRYPT_ENCRYPT = $0001; // Allow encryption
{$EXTERNALSYM CRYPT_ENCRYPT}
CRYPT_DECRYPT = $0002; // Allow decryption
{$EXTERNALSYM CRYPT_DECRYPT}
CRYPT_EXPORT = $0004; // Allow key to be exported
{$EXTERNALSYM CRYPT_EXPORT}
CRYPT_READ = $0008; // Allow parameters to be read
{$EXTERNALSYM CRYPT_READ}
CRYPT_WRITE = $0010; // Allow parameters to be set
{$EXTERNALSYM CRYPT_WRITE}
CRYPT_MAC = $0020; // Allow MACs to be used with key
{$EXTERNALSYM CRYPT_MAC}
CRYPT_EXPORT_KEY = $0040; // Allow key to be used for exporting keys
{$EXTERNALSYM CRYPT_EXPORT_KEY}
CRYPT_IMPORT_KEY = $0080; // Allow key to be used for importing keys
{$EXTERNALSYM CRYPT_IMPORT_KEY}
HP_ALGID = $0001; // Hash algorithm
{$EXTERNALSYM HP_ALGID}
HP_HASHVAL = $0002; // Hash value
{$EXTERNALSYM HP_HASHVAL}
HP_HASHSIZE = $0004; // Hash value size
{$EXTERNALSYM HP_HASHSIZE}
HP_HMAC_INFO = $0005; // information for creating an HMAC
{$EXTERNALSYM HP_HMAC_INFO}
HP_TLS1PRF_LABEL = $0006; // label for TLS1 PRF
{$EXTERNALSYM HP_TLS1PRF_LABEL}
HP_TLS1PRF_SEED = $0007; // seed for TLS1 PRF
{$EXTERNALSYM HP_TLS1PRF_SEED}
CRYPT_FAILED = FALSE;
{$EXTERNALSYM CRYPT_FAILED}
CRYPT_SUCCEED = TRUE;
{$EXTERNALSYM CRYPT_SUCCEED}
function RCRYPT_SUCCEEDED(rt: BOOL): BOOL;
{$EXTERNALSYM RCRYPT_SUCCEEDED}
function RCRYPT_FAILED(rt: BOOL): BOOL;
{$EXTERNALSYM RCRYPT_FAILED}
//
// CryptGetProvParam
//
const
PP_ENUMALGS = 1;
{$EXTERNALSYM PP_ENUMALGS}
PP_ENUMCONTAINERS = 2;
{$EXTERNALSYM PP_ENUMCONTAINERS}
PP_IMPTYPE = 3;
{$EXTERNALSYM PP_IMPTYPE}
PP_NAME = 4;
{$EXTERNALSYM PP_NAME}
PP_VERSION = 5;
{$EXTERNALSYM PP_VERSION}
PP_CONTAINER = 6;
{$EXTERNALSYM PP_CONTAINER}
PP_CHANGE_PASSWORD = 7;
{$EXTERNALSYM PP_CHANGE_PASSWORD}
PP_KEYSET_SEC_DESCR = 8; // get/set security descriptor of keyset
{$EXTERNALSYM PP_KEYSET_SEC_DESCR}
PP_CERTCHAIN = 9; // for retrieving certificates from tokens
{$EXTERNALSYM PP_CERTCHAIN}
PP_KEY_TYPE_SUBTYPE = 10;
{$EXTERNALSYM PP_KEY_TYPE_SUBTYPE}
PP_PROVTYPE = 16;
{$EXTERNALSYM PP_PROVTYPE}
PP_KEYSTORAGE = 17;
{$EXTERNALSYM PP_KEYSTORAGE}
PP_APPLI_CERT = 18;
{$EXTERNALSYM PP_APPLI_CERT}
PP_SYM_KEYSIZE = 19;
{$EXTERNALSYM PP_SYM_KEYSIZE}
PP_SESSION_KEYSIZE = 20;
{$EXTERNALSYM PP_SESSION_KEYSIZE}
PP_UI_PROMPT = 21;
{$EXTERNALSYM PP_UI_PROMPT}
PP_ENUMALGS_EX = 22;
{$EXTERNALSYM PP_ENUMALGS_EX}
PP_ENUMMANDROOTS = 25;
{$EXTERNALSYM PP_ENUMMANDROOTS}
PP_ENUMELECTROOTS = 26;
{$EXTERNALSYM PP_ENUMELECTROOTS}
PP_KEYSET_TYPE = 27;
{$EXTERNALSYM PP_KEYSET_TYPE}
PP_ADMIN_PIN = 31;
{$EXTERNALSYM PP_ADMIN_PIN}
PP_KEYEXCHANGE_PIN = 32;
{$EXTERNALSYM PP_KEYEXCHANGE_PIN}
PP_SIGNATURE_PIN = 33;
{$EXTERNALSYM PP_SIGNATURE_PIN}
PP_SIG_KEYSIZE_INC = 34;
{$EXTERNALSYM PP_SIG_KEYSIZE_INC}
PP_KEYX_KEYSIZE_INC = 35;
{$EXTERNALSYM PP_KEYX_KEYSIZE_INC}
PP_UNIQUE_CONTAINER = 36;
{$EXTERNALSYM PP_UNIQUE_CONTAINER}
PP_SGC_INFO = 37;
{$EXTERNALSYM PP_SGC_INFO}
PP_USE_HARDWARE_RNG = 38;
{$EXTERNALSYM PP_USE_HARDWARE_RNG}
PP_KEYSPEC = 39;
{$EXTERNALSYM PP_KEYSPEC}
PP_ENUMEX_SIGNING_PROT = 40;
{$EXTERNALSYM PP_ENUMEX_SIGNING_PROT}
CRYPT_FIRST = 1;
{$EXTERNALSYM CRYPT_FIRST}
CRYPT_NEXT = 2;
{$EXTERNALSYM CRYPT_NEXT}
CRYPT_SGC_ENUM = 4;
{$EXTERNALSYM CRYPT_SGC_ENUM}
CRYPT_IMPL_HARDWARE = 1;
{$EXTERNALSYM CRYPT_IMPL_HARDWARE}
CRYPT_IMPL_SOFTWARE = 2;
{$EXTERNALSYM CRYPT_IMPL_SOFTWARE}
CRYPT_IMPL_MIXED = 3;
{$EXTERNALSYM CRYPT_IMPL_MIXED}
CRYPT_IMPL_UNKNOWN = 4;
{$EXTERNALSYM CRYPT_IMPL_UNKNOWN}
CRYPT_IMPL_REMOVABLE = 8;
{$EXTERNALSYM CRYPT_IMPL_REMOVABLE}
// key storage flags
CRYPT_SEC_DESCR = $00000001;
{$EXTERNALSYM CRYPT_SEC_DESCR}
CRYPT_PSTORE = $00000002;
{$EXTERNALSYM CRYPT_PSTORE}
CRYPT_UI_PROMPT = $00000004;
{$EXTERNALSYM CRYPT_UI_PROMPT}
// protocol flags
CRYPT_FLAG_PCT1 = $0001;
{$EXTERNALSYM CRYPT_FLAG_PCT1}
CRYPT_FLAG_SSL2 = $0002;
{$EXTERNALSYM CRYPT_FLAG_SSL2}
CRYPT_FLAG_SSL3 = $0004;
{$EXTERNALSYM CRYPT_FLAG_SSL3}
CRYPT_FLAG_TLS1 = $0008;
{$EXTERNALSYM CRYPT_FLAG_TLS1}
CRYPT_FLAG_IPSEC = $0010;
{$EXTERNALSYM CRYPT_FLAG_IPSEC}
CRYPT_FLAG_SIGNING = $0020;
{$EXTERNALSYM CRYPT_FLAG_SIGNING}
// SGC flags
CRYPT_SGC = $0001;
{$EXTERNALSYM CRYPT_SGC}
CRYPT_FASTSGC = $0002;
{$EXTERNALSYM CRYPT_FASTSGC}
//
// CryptSetProvParam
//
PP_CLIENT_HWND = 1;
{$EXTERNALSYM PP_CLIENT_HWND}
PP_CONTEXT_INFO = 11;
{$EXTERNALSYM PP_CONTEXT_INFO}
PP_KEYEXCHANGE_KEYSIZE = 12;
{$EXTERNALSYM PP_KEYEXCHANGE_KEYSIZE}
PP_SIGNATURE_KEYSIZE = 13;
{$EXTERNALSYM PP_SIGNATURE_KEYSIZE}
PP_KEYEXCHANGE_ALG = 14;
{$EXTERNALSYM PP_KEYEXCHANGE_ALG}
PP_SIGNATURE_ALG = 15;
{$EXTERNALSYM PP_SIGNATURE_ALG}
PP_DELETEKEY = 24;
{$EXTERNALSYM PP_DELETEKEY}
PROV_RSA_FULL = 1;
{$EXTERNALSYM PROV_RSA_FULL}
PROV_RSA_SIG = 2;
{$EXTERNALSYM PROV_RSA_SIG}
PROV_DSS = 3;
{$EXTERNALSYM PROV_DSS}
PROV_FORTEZZA = 4;
{$EXTERNALSYM PROV_FORTEZZA}
PROV_MS_EXCHANGE = 5;
{$EXTERNALSYM PROV_MS_EXCHANGE}
PROV_SSL = 6;
{$EXTERNALSYM PROV_SSL}
PROV_RSA_SCHANNEL = 12;
{$EXTERNALSYM PROV_RSA_SCHANNEL}
PROV_DSS_DH = 13;
{$EXTERNALSYM PROV_DSS_DH}
PROV_EC_ECDSA_SIG = 14;
{$EXTERNALSYM PROV_EC_ECDSA_SIG}
PROV_EC_ECNRA_SIG = 15;
{$EXTERNALSYM PROV_EC_ECNRA_SIG}
PROV_EC_ECDSA_FULL = 16;
{$EXTERNALSYM PROV_EC_ECDSA_FULL}
PROV_EC_ECNRA_FULL = 17;
{$EXTERNALSYM PROV_EC_ECNRA_FULL}
PROV_DH_SCHANNEL = 18;
{$EXTERNALSYM PROV_DH_SCHANNEL}
PROV_SPYRUS_LYNKS = 20;
{$EXTERNALSYM PROV_SPYRUS_LYNKS}
PROV_RNG = 21;
{$EXTERNALSYM PROV_RNG}
PROV_INTEL_SEC = 22;
{$EXTERNALSYM PROV_INTEL_SEC}
//
// STT defined Providers
//
PROV_STT_MER = 7;
{$EXTERNALSYM PROV_STT_MER}
PROV_STT_ACQ = 8;
{$EXTERNALSYM PROV_STT_ACQ}
PROV_STT_BRND = 9;
{$EXTERNALSYM PROV_STT_BRND}
PROV_STT_ROOT = 10;
{$EXTERNALSYM PROV_STT_ROOT}
PROV_STT_ISS = 11;
{$EXTERNALSYM PROV_STT_ISS}
//
// Provider friendly names
//
MS_DEF_PROV_A = 'Microsoft Base Cryptographic Provider v1.0';
{$EXTERNALSYM MS_DEF_PROV_A}
MS_DEF_PROV_W = 'Microsoft Base Cryptographic Provider v1.0';
{$EXTERNALSYM MS_DEF_PROV_W}
{$IFDEF UNICODE}
MS_DEF_PROV = MS_DEF_PROV_W;
{$EXTERNALSYM MS_DEF_PROV}
{$ELSE}
MS_DEF_PROV = MS_DEF_PROV_A;
{$EXTERNALSYM MS_DEF_PROV}
{$ENDIF}
MS_ENHANCED_PROV_A = 'Microsoft Enhanced Cryptographic Provider v1.0';
{$EXTERNALSYM MS_ENHANCED_PROV_A}
MS_ENHANCED_PROV_W = 'Microsoft Enhanced Cryptographic Provider v1.0';
{$EXTERNALSYM MS_ENHANCED_PROV_W}
{$IFDEF UNICODE}
MS_ENHANCED_PROV = MS_ENHANCED_PROV_W;
{$EXTERNALSYM MS_ENHANCED_PROV}
{$ELSE}
MS_ENHANCED_PROV = MS_ENHANCED_PROV_A;
{$EXTERNALSYM MS_ENHANCED_PROV}
{$ENDIF}
MS_STRONG_PROV_A = 'Microsoft Strong Cryptographic Provider';
{$EXTERNALSYM MS_STRONG_PROV_A}
MS_STRONG_PROV_W = 'Microsoft Strong Cryptographic Provider';
{$EXTERNALSYM MS_STRONG_PROV_W}
{$IFDEF UNICODE}
MS_STRONG_PROV = MS_STRONG_PROV_W;
{$EXTERNALSYM MS_STRONG_PROV}
{$ELSE}
MS_STRONG_PROV = MS_STRONG_PROV_A;
{$EXTERNALSYM MS_STRONG_PROV}
{$ENDIF}
MS_DEF_RSA_SIG_PROV_A = 'Microsoft RSA Signature Cryptographic Provider';
{$EXTERNALSYM MS_DEF_RSA_SIG_PROV_A}
MS_DEF_RSA_SIG_PROV_W = 'Microsoft RSA Signature Cryptographic Provider';
{$EXTERNALSYM MS_DEF_RSA_SIG_PROV_W}
{$IFDEF UNICODE}
MS_DEF_RSA_SIG_PROV = MS_DEF_RSA_SIG_PROV_W;
{$EXTERNALSYM MS_DEF_RSA_SIG_PROV}
{$ELSE}
MS_DEF_RSA_SIG_PROV = MS_DEF_RSA_SIG_PROV_A;
{$EXTERNALSYM MS_DEF_RSA_SIG_PROV}
{$ENDIF}
MS_DEF_RSA_SCHANNEL_PROV_A = 'Microsoft RSA SChannel Cryptographic Provider';
{$EXTERNALSYM MS_DEF_RSA_SCHANNEL_PROV_A}
MS_DEF_RSA_SCHANNEL_PROV_W = 'Microsoft RSA SChannel Cryptographic Provider';
{$EXTERNALSYM MS_DEF_RSA_SCHANNEL_PROV_W}
{$IFDEF UNICODE}
MS_DEF_RSA_SCHANNEL_PROV = MS_DEF_RSA_SCHANNEL_PROV_W;
{$EXTERNALSYM MS_DEF_RSA_SCHANNEL_PROV}
{$ELSE}
MS_DEF_RSA_SCHANNEL_PROV = MS_DEF_RSA_SCHANNEL_PROV_A;
{$EXTERNALSYM MS_DEF_RSA_SCHANNEL_PROV}
{$ENDIF}
MS_DEF_DSS_PROV_A = 'Microsoft Base DSS Cryptographic Provider';
{$EXTERNALSYM MS_DEF_DSS_PROV_A}
MS_DEF_DSS_PROV_W = 'Microsoft Base DSS Cryptographic Provider';
{$EXTERNALSYM MS_DEF_DSS_PROV_W}
{$IFDEF UNICODE}
MS_DEF_DSS_PROV = MS_DEF_DSS_PROV_W;
{$EXTERNALSYM MS_DEF_DSS_PROV}
{$ELSE}
MS_DEF_DSS_PROV = MS_DEF_DSS_PROV_A;
{$EXTERNALSYM MS_DEF_DSS_PROV}
{$ENDIF}
MS_DEF_DSS_DH_PROV_A = 'Microsoft Base DSS and Diffie-Hellman Cryptographic Provider';
{$EXTERNALSYM MS_DEF_DSS_DH_PROV_A}
MS_DEF_DSS_DH_PROV_W = 'Microsoft Base DSS and Diffie-Hellman Cryptographic Provider';
{$EXTERNALSYM MS_DEF_DSS_DH_PROV_W}
{$IFDEF UNICODE}
MS_DEF_DSS_DH_PROV = MS_DEF_DSS_DH_PROV_W;
{$EXTERNALSYM MS_DEF_DSS_DH_PROV}
{$ELSE}
MS_DEF_DSS_DH_PROV = MS_DEF_DSS_DH_PROV_A;
{$EXTERNALSYM MS_DEF_DSS_DH_PROV}
{$ENDIF}
MS_ENH_DSS_DH_PROV_A = 'Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider';
{$EXTERNALSYM MS_ENH_DSS_DH_PROV_A}
MS_ENH_DSS_DH_PROV_W = 'Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider';
{$EXTERNALSYM MS_ENH_DSS_DH_PROV_W}
{$IFDEF UNICODE}
MS_ENH_DSS_DH_PROV = MS_ENH_DSS_DH_PROV_W;
{$EXTERNALSYM MS_ENH_DSS_DH_PROV}
{$ELSE}
MS_ENH_DSS_DH_PROV = MS_ENH_DSS_DH_PROV_A;
{$EXTERNALSYM MS_ENH_DSS_DH_PROV}
{$ENDIF}
MS_DEF_DH_SCHANNEL_PROV_A = 'Microsoft DH SChannel Cryptographic Provider';
{$EXTERNALSYM MS_DEF_DH_SCHANNEL_PROV_A}
MS_DEF_DH_SCHANNEL_PROV_W = 'Microsoft DH SChannel Cryptographic Provider';
{$EXTERNALSYM MS_DEF_DH_SCHANNEL_PROV_W}
{$IFDEF UNICODE}
MS_DEF_DH_SCHANNEL_PROV = MS_DEF_DH_SCHANNEL_PROV_W;
{$EXTERNALSYM MS_DEF_DH_SCHANNEL_PROV}
{$ELSE}
MS_DEF_DH_SCHANNEL_PROV = MS_DEF_DH_SCHANNEL_PROV_A;
{$EXTERNALSYM MS_DEF_DH_SCHANNEL_PROV}
{$ENDIF}
MS_SCARD_PROV_A = 'Microsoft Base Smart Card Crypto Provider';
{$EXTERNALSYM MS_SCARD_PROV_A}
MS_SCARD_PROV_W = 'Microsoft Base Smart Card Crypto Provider';
{$EXTERNALSYM MS_SCARD_PROV_W}
{$IFDEF UNICODE}
MS_SCARD_PROV = MS_SCARD_PROV_W;
{$EXTERNALSYM MS_SCARD_PROV}
{$ELSE}
MS_SCARD_PROV = MS_SCARD_PROV_A;
{$EXTERNALSYM MS_SCARD_PROV}
{$ENDIF}
MAXUIDLEN = 64;
{$EXTERNALSYM MAXUIDLEN}
// Exponentiation Offload Reg Location
EXPO_OFFLOAD_REG_VALUE = 'ExpoOffload';
{$EXTERNALSYM EXPO_OFFLOAD_REG_VALUE}
EXPO_OFFLOAD_FUNC_NAME = 'OffloadModExpo';
{$EXTERNALSYM EXPO_OFFLOAD_FUNC_NAME}
CUR_BLOB_VERSION = 2;
{$EXTERNALSYM CUR_BLOB_VERSION}
// structure for use with CryptSetKeyParam for CMS keys
// DO NOT USE THIS STRUCTURE!!!!!
type
PCMS_KEY_INFO = ^CMS_KEY_INFO;
{$EXTERNALSYM PCMS_KEY_INFO}
_CMS_KEY_INFO = record
dwVersion: DWORD; // sizeof(CMS_KEY_INFO)
Algid: ALG_ID; // algorithmm id for the key to be converted
pbOID: LPBYTE; // pointer to OID to hash in with Z
cbOID: DWORD; // length of OID to hash in with Z
end;
{$EXTERNALSYM _CMS_KEY_INFO}
CMS_KEY_INFO = _CMS_KEY_INFO;
{$EXTERNALSYM CMS_KEY_INFO}
TCmsKeyInfo = CMS_KEY_INFO;
PCmsKeyInfo = PCMS_KEY_INFO;
// structure for use with CryptSetHashParam with CALG_HMAC
PHMAC_Info = ^HMAC_Info;
{$EXTERNALSYM PHMAC_Info}
_HMAC_Info = record
HashAlgid: ALG_ID;
pbInnerString: LPBYTE;
cbInnerString: DWORD;
pbOuterString: LPBYTE;
cbOuterString: DWORD;
end;
{$EXTERNALSYM _HMAC_Info}
HMAC_Info = _HMAC_Info;
{$EXTERNALSYM HMAC_Info}
THMacInfo = HMAC_Info;
PHMacInfo = PHMAC_Info;
// structure for use with CryptSetKeyParam with KP_SCHANNEL_ALG
PSCHANNEL_ALG = ^SCHANNEL_ALG;
{$EXTERNALSYM PSCHANNEL_ALG}
_SCHANNEL_ALG = record
dwUse: DWORD;
Algid: ALG_ID;
cBits: DWORD;
dwFlags: DWORD;
dwReserved: DWORD;
end;
{$EXTERNALSYM _SCHANNEL_ALG}
SCHANNEL_ALG = _SCHANNEL_ALG;
{$EXTERNALSYM SCHANNEL_ALG}
TSChannelAlg = SCHANNEL_ALG;
PSChannelAlg = PSCHANNEL_ALG;
// uses of algortihms for SCHANNEL_ALG structure
const
SCHANNEL_MAC_KEY = $00000000;
{$EXTERNALSYM SCHANNEL_MAC_KEY}
SCHANNEL_ENC_KEY = $00000001;
{$EXTERNALSYM SCHANNEL_ENC_KEY}
// uses of dwFlags SCHANNEL_ALG structure
INTERNATIONAL_USAGE = $00000001;
{$EXTERNALSYM INTERNATIONAL_USAGE}
type
PPROV_ENUMALGS = ^PROV_ENUMALGS;
{$NODEFINE PPROV_ENUMALGS}
_PROV_ENUMALGS = record
aiAlgid: ALG_ID;
dwBitLen: DWORD;
dwNameLen: DWORD;
szName: array [0..19] of CHAR;
end;
{$EXTERNALSYM _PROV_ENUMALGS}
PROV_ENUMALGS = _PROV_ENUMALGS;
{$EXTERNALSYM PROV_ENUMALGS}
TProvEnumAlgs = PROV_ENUMALGS;
PProvEnumAlgs = PPROV_ENUMALGS;
PPROV_ENUMALGS_EX = ^PROV_ENUMALGS_EX;
{$NODEFINE PPROV_ENUMALGS_EX}
_PROV_ENUMALGS_EX = record
aiAlgid: ALG_ID;
dwDefaultLen: DWORD;
dwMinLen: DWORD;
dwMaxLen: DWORD;
dwProtocols: DWORD;
dwNameLen: DWORD;
szName: array [0..19] of CHAR;
dwLongNameLen: DWORD;
szLongName: array [0..39] of CHAR;
end;
{$EXTERNALSYM _PROV_ENUMALGS_EX}
PROV_ENUMALGS_EX = _PROV_ENUMALGS_EX;
{$EXTERNALSYM PROV_ENUMALGS_EX}
TProvEnumAlgsEx = PROV_ENUMALGS_EX;
PProvEnumAlgsEx = PPROV_ENUMALGS_EX;
PPUBLICKEYSTRUC = ^PUBLICKEYSTRUC;
{$NODEFINE PPUBLICKEYSTRUC}
_PUBLICKEYSTRUC = record
bType: BYTE;
bVersion: BYTE;
reserved: WORD;
aiKeyAlg: ALG_ID;
end;
{$EXTERNALSYM _PUBLICKEYSTRUC}
PUBLICKEYSTRUC = _PUBLICKEYSTRUC;
{$EXTERNALSYM PUBLICKEYSTRUC}
BLOBHEADER = _PUBLICKEYSTRUC;
{$EXTERNALSYM BLOBHEADER}
TPublicKeyStruc = PUBLICKEYSTRUC;
PRSAPUBKEY = ^RSAPUBKEY;
{$NODEFINE PRSAPUBKEY}
_RSAPUBKEY = record
magic: DWORD; // Has to be RSA1
bitlen: DWORD; // # of bits in modulus
pubexp: DWORD; // public exponent
// Modulus data follows
end;
{$EXTERNALSYM _RSAPUBKEY}
RSAPUBKEY = _RSAPUBKEY;
{$EXTERNALSYM RSAPUBKEY}
TRsaPubKey = RSAPUBKEY;
_PUBKEY = record
magic: DWORD;
bitlen: DWORD; // # of bits in modulus
end;
{$EXTERNALSYM _PUBKEY}
DHPUBKEY = _PUBKEY;
{$EXTERNALSYM DHPUBKEY}
DSSPUBKEY = _PUBKEY;
{$EXTERNALSYM DSSPUBKEY}
KEAPUBKEY = _PUBKEY;
{$EXTERNALSYM KEAPUBKEY}
TEKPUBKEY = _PUBKEY;
{$EXTERNALSYM TEKPUBKEY}
PDSSSEED = ^DSSSEED;
{$NODEFINE PDSSSEED}
_DSSSEED = record
counter: DWORD;
seed: array [0..19] of BYTE;
end;
{$EXTERNALSYM _DSSSEED}
DSSSEED = _DSSSEED;
{$EXTERNALSYM DSSSEED}
TDssSeed = DSSSEED;
PPUBKEYVER3 = ^PUBKEYVER3;
{$NODEFINE PPUBKEYVER3}
_PUBKEYVER3 = record
magic: DWORD;
bitlenP: DWORD; // # of bits in prime modulus
bitlenQ: DWORD; // # of bits in prime q, 0 if not available
bitlenJ: DWORD; // # of bits in (p-1)/q, 0 if not available
DSSSeed: DSSSEED;
end;
{$EXTERNALSYM _PUBKEYVER3}
PUBKEYVER3 = _PUBKEYVER3;
{$EXTERNALSYM PUBKEYVER3}
DHPUBKEY_VER3 = PUBKEYVER3;
{$EXTERNALSYM DHPUBKEY_VER3}
TPubKeyVer3 = PUBKEYVER3;
PPRIVKEYVER3 = ^DHPRIVKEY_VER3;
{$NODEFINE PPRIVKEYVER3}
_PRIVKEYVER3 = record
magic: DWORD;
bitlenP: DWORD; // # of bits in prime modulus
bitlenQ: DWORD; // # of bits in prime q, 0 if not available
bitlenJ: DWORD; // # of bits in (p-1)/q, 0 if not available
bitlenX: DWORD; // # of bits in X
DSSSeed: DSSSEED;
end;
{$EXTERNALSYM _PRIVKEYVER3}
DHPRIVKEY_VER3 = _PRIVKEYVER3;
{$EXTERNALSYM DHPRIVKEY_VER3}
DSSPRIVKEY_VER3 = _PRIVKEYVER3;
{$EXTERNALSYM DSSPRIVKEY_VER3}
TDssPrivKey3 = DHPRIVKEY_VER3;
PKEY_TYPE_SUBTYPE = ^KEY_TYPE_SUBTYPE;
{$EXTERNALSYM PKEY_TYPE_SUBTYPE}
_KEY_TYPE_SUBTYPE = record
dwKeySpec: DWORD;
Type_: GUID;
Subtype: GUID;
end;
{$EXTERNALSYM _KEY_TYPE_SUBTYPE}
KEY_TYPE_SUBTYPE = _KEY_TYPE_SUBTYPE;
{$EXTERNALSYM KEY_TYPE_SUBTYPE}
TKeyTypeSubType = KEY_TYPE_SUBTYPE;
PKeyTypeSubType = PKEY_TYPE_SUBTYPE;
PCERT_FORTEZZA_DATA_PROP = ^CERT_FORTEZZA_DATA_PROP;
{$NODEFINE PCERT_FORTEZZA_DATA_PROP}
_CERT_FORTEZZA_DATA_PROP = record
SerialNumber: array [0..7] of Byte;
CertIndex: Integer;
CertLabel: array [0..35] of Byte;
end;
{$EXTERNALSYM _CERT_FORTEZZA_DATA_PROP}
CERT_FORTEZZA_DATA_PROP = _CERT_FORTEZZA_DATA_PROP;
{$EXTERNALSYM CERT_FORTEZZA_DATA_PROP}
TCertFortezzaDataProp = CERT_FORTEZZA_DATA_PROP;
PCertFortezzaDataProp = PCERT_FORTEZZA_DATA_PROP;
//+-------------------------------------------------------------------------
// CRYPTOAPI BLOB definitions
//--------------------------------------------------------------------------
type
_CRYPTOAPI_BLOB = record
cbData: DWORD;
pbData: LPBYTE;
end;
{$EXTERNALSYM _CRYPTOAPI_BLOB}
CRYPT_INTEGER_BLOB = _CRYPTOAPI_BLOB;
TCryptIntegerBlob = CRYPT_INTEGER_BLOB;
{$EXTERNALSYM CRYPT_INTEGER_BLOB}
PCRYPT_INTEGER_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCRYPT_INTEGER_BLOB}
PCryptIntegerBlob = PCRYPT_INTEGER_BLOB;
CRYPT_UINT_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM CRYPT_UINT_BLOB}
TCryptUintBlob = CRYPT_UINT_BLOB;
PCRYPT_UINT_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCRYPT_UINT_BLOB}
PCryptUintBlob = PCRYPT_UINT_BLOB;
CRYPT_OBJID_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM CRYPT_OBJID_BLOB}
TCryptObjIdBlob = CRYPT_OBJID_BLOB;
PCRYPT_OBJID_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCRYPT_OBJID_BLOB}
PCryptObjIdBlob = PCRYPT_OBJID_BLOB;
CERT_NAME_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM CERT_NAME_BLOB}
TCertNameBlob = CERT_NAME_BLOB;
PCERT_NAME_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCERT_NAME_BLOB}
PCertNameBlob = PCERT_NAME_BLOB;
CERT_RDN_VALUE_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM CERT_RDN_VALUE_BLOB}
TCertRdnValueBlob = CERT_RDN_VALUE_BLOB;
PCERT_RDN_VALUE_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCERT_RDN_VALUE_BLOB}
PCertRdnValueBlob = PCERT_RDN_VALUE_BLOB;
CERT_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM CERT_BLOB}
TCertBlob = CERT_BLOB;
PCERT_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCERT_BLOB}
PCertBlob = PCERT_BLOB;
CRL_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM CRL_BLOB}
TCrlBlob = CRL_BLOB;
PCRL_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCRL_BLOB}
PCrlBlob = PCRL_BLOB;
DATA_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM DATA_BLOB}
TDataBlob = DATA_BLOB;
PDATA_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PDATA_BLOB}
PDataBlob = PDATA_BLOB;
CRYPT_DATA_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM CRYPT_DATA_BLOB}
TCryptDataBlob = CRYPT_DATA_BLOB;
PCRYPT_DATA_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCRYPT_DATA_BLOB}
PCryptDataBlob = PCRYPT_DATA_BLOB;
CRYPT_HASH_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM CRYPT_HASH_BLOB}
TCryptHashBlob = CRYPT_HASH_BLOB;
PCRYPT_HASH_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCRYPT_HASH_BLOB}
PCryptHashBlob = PCRYPT_HASH_BLOB;
CRYPT_DIGEST_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM CRYPT_DIGEST_BLOB}
TCryptDigestBlob = CRYPT_DIGEST_BLOB;
PCRYPT_DIGEST_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCRYPT_DIGEST_BLOB}
PCryptDigestBlob = PCRYPT_DIGEST_BLOB;
CRYPT_DER_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM CRYPT_DER_BLOB}
TCyptDerBlob = CRYPT_DER_BLOB;
PCRYPT_DER_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCRYPT_DER_BLOB}
PCyptDerBlob = PCRYPT_DER_BLOB;
CRYPT_ATTR_BLOB = _CRYPTOAPI_BLOB;
{$EXTERNALSYM CRYPT_ATTR_BLOB}
TCryptAttrBlob = CRYPT_ATTR_BLOB;
PCRYPT_ATTR_BLOB = ^_CRYPTOAPI_BLOB;
{$EXTERNALSYM PCRYPT_ATTR_BLOB}
PCryptAttrBlob = PCRYPT_ATTR_BLOB;
// structure for use with CryptSetKeyParam for CMS keys
PCMS_DH_KEY_INFO = ^CMS_DH_KEY_INFO;
{$EXTERNALSYM PCMS_DH_KEY_INFO}
_CMS_DH_KEY_INFO = record
dwVersion: DWORD; // sizeof(CMS_DH_KEY_INFO)
Algid: ALG_ID; // algorithmm id for the key to be converted
pszContentEncObjId: LPSTR; // pointer to OID to hash in with Z
PubInfo: CRYPT_DATA_BLOB; // OPTIONAL - public information
pReserved: Pointer; // reserved - should be NULL
end;
{$EXTERNALSYM _CMS_DH_KEY_INFO}
CMS_DH_KEY_INFO = _CMS_DH_KEY_INFO;
{$EXTERNALSYM CMS_DH_KEY_INFO}
TCmsDhKeyInfo = CMS_DH_KEY_INFO;
PCmsDhKeyInfo = PCMS_DH_KEY_INFO;
function CryptAcquireContextA(var phProv: HCRYPTPROV; pszContainer: LPCSTR;
pszProvider: LPCSTR; dwProvType: DWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptAcquireContextA}
function CryptAcquireContextW(var phProv: HCRYPTPROV; pszContainer: LPCWSTR;
pszProvider: LPCWSTR; dwProvType: DWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptAcquireContextW}
{$IFDEF UNICODE}
function CryptAcquireContext(var phProv: HCRYPTPROV; pszContainer: LPCWSTR;
pszProvider: LPCWSTR; dwProvType: DWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptAcquireContext}
{$ELSE}
function CryptAcquireContext(var phProv: HCRYPTPROV; pszContainer: LPCSTR;
pszProvider: LPCSTR; dwProvType: DWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptAcquireContext}
{$ENDIF}
function CryptReleaseContext(hProv: HCRYPTPROV; dwFlags: ULONG_PTR): BOOL; stdcall;
{$EXTERNALSYM CryptReleaseContext}
function CryptGenKey(hProv: HCRYPTPROV; Algid: ALG_ID; dwFlags: DWORD;
var phKey: HCRYPTKEY): BOOL; stdcall;
{$EXTERNALSYM CryptGenKey}
function CryptDeriveKey(hProv: HCRYPTPROV; Algid: ALG_ID; hBaseData: HCRYPTHASH;
dwFlags: DWORD; var phKey: HCRYPTKEY): BOOL; stdcall;
{$EXTERNALSYM CryptDeriveKey}
function CryptDestroyKey(hKey: HCRYPTKEY): BOOL; stdcall;
{$EXTERNALSYM CryptDestroyKey}
function CryptSetKeyParam(hKey: HCRYPTKEY; dwParam: DWORD; pbData: LPBYTE;
dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSetKeyParam}
function CryptGetKeyParam(hKey: HCRYPTKEY; dwParam: DWORD; pbData: LPBYTE;
var pdwDataLen: DWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptGetKeyParam}
function CryptSetHashParam(hHash: HCRYPTHASH; dwParam: DWORD; pbData: LPBYTE;
dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSetHashParam}
function CryptGetHashParam(hHash: HCRYPTHASH; dwParam: DWORD; pbData: LPBYTE;
var pdwDataLen: DWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptGetHashParam}
function CryptSetProvParam(hProv: HCRYPTPROV; dwParam: DWORD; pbData: LPBYTE;
dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSetProvParam}
function CryptGetProvParam(hProv: HCRYPTPROV; dwParam: DWORD; pbData: LPBYTE;
var pdwDataLen: DWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptGetProvParam}
function CryptGenRandom(hProv: HCRYPTPROV; dwLen: DWORD; pbBuffer: LPBYTE): BOOL; stdcall;
{$EXTERNALSYM CryptGenRandom}
function CryptGetUserKey(hProv: HCRYPTPROV; dwKeySpec: DWORD; var phUserKey: HCRYPTKEY): BOOL; stdcall;
{$EXTERNALSYM CryptGetUserKey}
function CryptExportKey(hKey, hExpKey: HCRYPTKEY; dwBlobType, dwFlags: DWORD;
pbData: LPBYTE; var pdwDataLen: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptExportKey}
function CryptImportKey(hProv: HCRYPTPROV; pbData: LPBYTE; dwDataLen: DWORD;
hPubKey: HCRYPTKEY; dwFlags: DWORD; var phKey: HCRYPTKEY): BOOL; stdcall;
{$EXTERNALSYM CryptImportKey}
function CryptEncrypt(hKey: HCRYPTKEY; hHash: HCRYPTHASH; Final: BOOL;
dwFlags: DWORD; pbData: LPBYTE; var pdwDataLen: DWORD; dwBufLen: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptEncrypt}
function CryptDecrypt(hKey: HCRYPTKEY; hHash: HCRYPTHASH; Final: BOOL;
dwFlags: DWORD; pbData: LPBYTE; var pdwDataLen: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptDecrypt}
function CryptCreateHash(hProv: HCRYPTPROV; Algid: ALG_ID; hKey: HCRYPTKEY;
dwFlags: DWORD; var phHash: HCRYPTHASH): BOOL; stdcall;
{$EXTERNALSYM CryptCreateHash}
function CryptHashData(hHash: HCRYPTHASH; pbData: LPBYTE; dwDataLen, dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptHashData}
function CryptHashSessionKey(hHash: HCRYPTHASH; hKey: HCRYPTKEY; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptHashSessionKey}
function CryptDestroyHash(hHash: HCRYPTHASH): BOOL; stdcall;
{$EXTERNALSYM CryptDestroyHash}
function CryptSignHashA(hHash: HCRYPTHASH; dwKeySpec: DWORD; sDescription: LPCSTR;
dwFlags: DWORD; pbSignature: LPBYTE; var pdwSigLen: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSignHashA}
function CryptSignHashW(hHash: HCRYPTHASH; dwKeySpec: DWORD; sDescription: LPCWSTR;
dwFlags: DWORD; pbSignature: LPBYTE; var pdwSigLen: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSignHashW}
{$IFDEF UNICODE}
function CryptSignHash(hHash: HCRYPTHASH; dwKeySpec: DWORD; sDescription: LPCWSTR;
dwFlags: DWORD; pbSignature: LPBYTE; var pdwSigLen: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSignHash}
{$ELSE}
function CryptSignHash(hHash: HCRYPTHASH; dwKeySpec: DWORD; sDescription: LPCSTR;
dwFlags: DWORD; pbSignature: LPBYTE; var pdwSigLen: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSignHash}
{$ENDIF}
function CryptVerifySignatureA(hHash: HCRYPTHASH; pbSignature: LPBYTE;
dwSigLen: DWORD; hPubKey: HCRYPTKEY; sDescription: LPCSTR; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptVerifySignatureA}
function CryptVerifySignatureW(hHash: HCRYPTHASH; pbSignature: LPBYTE;
dwSigLen: DWORD; hPubKey: HCRYPTKEY; sDescription: LPCWSTR; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptVerifySignatureW}
{$IFDEF UNICODE}
function CryptVerifySignature(hHash: HCRYPTHASH; pbSignature: LPBYTE;
dwSigLen: DWORD; hPubKey: HCRYPTKEY; sDescription: LPCWSTR; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptVerifySignature}
{$ELSE}
function CryptVerifySignature(hHash: HCRYPTHASH; pbSignature: LPBYTE;
dwSigLen: DWORD; hPubKey: HCRYPTKEY; sDescription: LPCSTR; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptVerifySignature}
{$ENDIF}
function CryptSetProviderA(pszProvName: LPCSTR; dwProvType: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSetProviderA}
function CryptSetProviderW(pszProvName: LPCWSTR; dwProvType: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSetProviderW}
{$IFDEF UNICODE}
function CryptSetProvider(pszProvName: LPCWSTR; dwProvType: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSetProvider}
{$ELSE}
function CryptSetProvider(pszProvName: LPCSTR; dwProvType: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSetProvider}
{$ENDIF}
function CryptSetProviderExA(pszProvName: LPCSTR; dwProvType: DWORD;
pdwReserved: LPDWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSetProviderExA}
function CryptSetProviderExW(pszProvName: LPCWSTR; dwProvType: DWORD;
pdwReserved: LPDWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSetProviderExW}
{$IFDEF UNICODE}
function CryptSetProviderEx(pszProvName: LPCWSTR; dwProvType: DWORD;
pdwReserved: LPDWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSetProviderEx}
{$ELSE}
function CryptSetProviderEx(pszProvName: LPCSTR; dwProvType: DWORD;
pdwReserved: LPDWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptSetProviderEx}
{$ENDIF}
function CryptGetDefaultProviderA(dwProvType: DWORD; pdwReserved: LPDWORD;
dwFlags: DWORD; pszProvName: LPSTR; var pcbProvName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptGetDefaultProviderA}
function CryptGetDefaultProviderW(dwProvType: DWORD; pdwReserved: LPDWORD;
dwFlags: DWORD; pszProvName: LPWSTR; var pcbProvName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptGetDefaultProviderW}
{$IFDEF UNICODE}
function CryptGetDefaultProvider(dwProvType: DWORD; pdwReserved: LPDWORD;
dwFlags: DWORD; pszProvName: LPWSTR; var pcbProvName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptGetDefaultProvider}
{$ELSE}
function CryptGetDefaultProvider(dwProvType: DWORD; pdwReserved: LPDWORD;
dwFlags: DWORD; pszProvName: LPSTR; var pcbProvName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptGetDefaultProvider}
{$ENDIF}
function CryptEnumProviderTypesA(dwIndex: DWORD; pdwReserved: LPDWORD;
dwFlags: DWORD; var pdwProvType: DWORD; pszTypeName: LPSTR;
var pcbTypeName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptEnumProviderTypesA}
function CryptEnumProviderTypesW(dwIndex: DWORD; pdwReserved: LPDWORD;
dwFlags: DWORD; var pdwProvType: DWORD; pszTypeName: LPWSTR;
var pcbTypeName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptEnumProviderTypesW}
{$IFDEF UNICODE}
function CryptEnumProviderTypes(dwIndex: DWORD; pdwReserved: LPDWORD;
dwFlags: DWORD; var pdwProvType: DWORD; pszTypeName: LPWSTR;
var pcbTypeName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptEnumProviderTypes}
{$ELSE}
function CryptEnumProviderTypes(dwIndex: DWORD; pdwReserved: LPDWORD;
dwFlags: DWORD; var pdwProvType: DWORD; pszTypeName: LPSTR;
var pcbTypeName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptEnumProviderTypes}
{$ENDIF}
function CryptEnumProvidersA(dwIndex: DWORD; pdwReserved: LPDWORD; dwFlags: DWORD;
var pdwProvType: DWORD; pszProvName: LPSTR; var pcbProvName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptEnumProvidersA}
function CryptEnumProvidersW(dwIndex: DWORD; pdwReserved: LPDWORD; dwFlags: DWORD;
var pdwProvType: DWORD; pszProvName: LPWSTR; var pcbProvName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptEnumProvidersW}
{$IFDEF UNICODE}
function CryptEnumProviders(dwIndex: DWORD; pdwReserved: LPDWORD; dwFlags: DWORD;
var pdwProvType: DWORD; pszProvName: LPWSTR; var pcbProvName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptEnumProviders}
{$ELSE}
function CryptEnumProviders(dwIndex: DWORD; pdwReserved: LPDWORD; dwFlags: DWORD;
var pdwProvType: DWORD; pszProvName: LPSTR; var pcbProvName: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptEnumProviders}
{$ENDIF}
function CryptContextAddRef(hProv: HCRYPTPROV; pdwReserved: LPDWORD; dwFlags: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptContextAddRef}
function CryptDuplicateKey(hKey: HCRYPTKEY; pdwReserved: LPDWORD; dwFlags: DWORD;
var phKey: HCRYPTKEY): BOOL; stdcall;
{$EXTERNALSYM CryptDuplicateKey}
function CryptDuplicateHash(hHash: HCRYPTHASH; pdwReserved: LPDWORD;
dwFlags: DWORD; var phHash: HCRYPTHASH): BOOL; stdcall;
{$EXTERNALSYM CryptDuplicateHash}
//+-------------------------------------------------------------------------
// In a CRYPT_BIT_BLOB the last byte may contain 0-7 unused bits. Therefore, the
// overall bit length is cbData * 8 - cUnusedBits.
//--------------------------------------------------------------------------
type
PCRYPT_BIT_BLOB = ^CRYPT_BIT_BLOB;
{$EXTERNALSYM PCRYPT_BIT_BLOB}
_CRYPT_BIT_BLOB = record
cbData: DWORD;
pbData: LPBYTE;
cUnusedBits: DWORD;
end;
{$EXTERNALSYM _CRYPT_BIT_BLOB}
CRYPT_BIT_BLOB = _CRYPT_BIT_BLOB;
{$EXTERNALSYM CRYPT_BIT_BLOB}
TCryptBitBlob = CRYPT_BIT_BLOB;
PCryptBitBlob = PCRYPT_BIT_BLOB;
//+-------------------------------------------------------------------------
// Type used for any algorithm
//
// Where the Parameters CRYPT_OBJID_BLOB is in its encoded representation. For most
// algorithm types, the Parameters CRYPT_OBJID_BLOB is NULL (Parameters.cbData = 0).
//--------------------------------------------------------------------------
type
PCRYPT_ALGORITHM_IDENTIFIER = ^CRYPT_ALGORITHM_IDENTIFIER;
{$EXTERNALSYM PCRYPT_ALGORITHM_IDENTIFIER}
_CRYPT_ALGORITHM_IDENTIFIER = record
pszObjId: LPSTR;
Parameters: CRYPT_OBJID_BLOB;
end;
{$EXTERNALSYM _CRYPT_ALGORITHM_IDENTIFIER}
CRYPT_ALGORITHM_IDENTIFIER = _CRYPT_ALGORITHM_IDENTIFIER;
{$EXTERNALSYM CRYPT_ALGORITHM_IDENTIFIER}
TCryptAlgorithmIdentifier = CRYPT_ALGORITHM_IDENTIFIER;
PCryptAlgorithmIdentifier = PCRYPT_ALGORITHM_IDENTIFIER;
// Following are the definitions of various algorithm object identifiers
// RSA
const
szOID_RSA = '1.2.840.113549';
{$EXTERNALSYM szOID_RSA}
szOID_PKCS = '1.2.840.113549.1';
{$EXTERNALSYM szOID_PKCS}
szOID_RSA_HASH = '1.2.840.113549.2';
{$EXTERNALSYM szOID_RSA_HASH}
szOID_RSA_ENCRYPT = '1.2.840.113549.3';
{$EXTERNALSYM szOID_RSA_ENCRYPT}
szOID_PKCS_1 = '1.2.840.113549.1.1';
{$EXTERNALSYM szOID_PKCS_1}
szOID_PKCS_2 = '1.2.840.113549.1.2';
{$EXTERNALSYM szOID_PKCS_2}
szOID_PKCS_3 = '1.2.840.113549.1.3';
{$EXTERNALSYM szOID_PKCS_3}
szOID_PKCS_4 = '1.2.840.113549.1.4';
{$EXTERNALSYM szOID_PKCS_4}
szOID_PKCS_5 = '1.2.840.113549.1.5';
{$EXTERNALSYM szOID_PKCS_5}
szOID_PKCS_6 = '1.2.840.113549.1.6';
{$EXTERNALSYM szOID_PKCS_6}
szOID_PKCS_7 = '1.2.840.113549.1.7';
{$EXTERNALSYM szOID_PKCS_7}
szOID_PKCS_8 = '1.2.840.113549.1.8';
{$EXTERNALSYM szOID_PKCS_8}
szOID_PKCS_9 = '1.2.840.113549.1.9';
{$EXTERNALSYM szOID_PKCS_9}
szOID_PKCS_10 = '1.2.840.113549.1.10';
{$EXTERNALSYM szOID_PKCS_10}
szOID_PKCS_12 = '1.2.840.113549.1.12';
{$EXTERNALSYM szOID_PKCS_12}
szOID_RSA_RSA = '1.2.840.113549.1.1.1';
{$EXTERNALSYM szOID_RSA_RSA}
szOID_RSA_MD2RSA = '1.2.840.113549.1.1.2';
{$EXTERNALSYM szOID_RSA_MD2RSA}
szOID_RSA_MD4RSA = '1.2.840.113549.1.1.3';
{$EXTERNALSYM szOID_RSA_MD4RSA}
szOID_RSA_MD5RSA = '1.2.840.113549.1.1.4';
{$EXTERNALSYM szOID_RSA_MD5RSA}
szOID_RSA_SHA1RSA = '1.2.840.113549.1.1.5';
{$EXTERNALSYM szOID_RSA_SHA1RSA}
szOID_RSA_SETOAEP_RSA = '1.2.840.113549.1.1.6';
{$EXTERNALSYM szOID_RSA_SETOAEP_RSA}
szOID_RSA_DH = '1.2.840.113549.1.3.1';
{$EXTERNALSYM szOID_RSA_DH}
szOID_RSA_data = '1.2.840.113549.1.7.1';
{$EXTERNALSYM szOID_RSA_data}
szOID_RSA_signedData = '1.2.840.113549.1.7.2';
{$EXTERNALSYM szOID_RSA_signedData}
szOID_RSA_envelopedData = '1.2.840.113549.1.7.3';
{$EXTERNALSYM szOID_RSA_envelopedData}
szOID_RSA_signEnvData = '1.2.840.113549.1.7.4';
{$EXTERNALSYM szOID_RSA_signEnvData}
szOID_RSA_digestedData = '1.2.840.113549.1.7.5';
{$EXTERNALSYM szOID_RSA_digestedData}
szOID_RSA_hashedData = '1.2.840.113549.1.7.5';
{$EXTERNALSYM szOID_RSA_hashedData}
szOID_RSA_encryptedData = '1.2.840.113549.1.7.6';
{$EXTERNALSYM szOID_RSA_encryptedData}
szOID_RSA_emailAddr = '1.2.840.113549.1.9.1';
{$EXTERNALSYM szOID_RSA_emailAddr}
szOID_RSA_unstructName = '1.2.840.113549.1.9.2';
{$EXTERNALSYM szOID_RSA_unstructName}
szOID_RSA_contentType = '1.2.840.113549.1.9.3';
{$EXTERNALSYM szOID_RSA_contentType}
szOID_RSA_messageDigest = '1.2.840.113549.1.9.4';
{$EXTERNALSYM szOID_RSA_messageDigest}
szOID_RSA_signingTime = '1.2.840.113549.1.9.5';
{$EXTERNALSYM szOID_RSA_signingTime}
szOID_RSA_counterSign = '1.2.840.113549.1.9.6';
{$EXTERNALSYM szOID_RSA_counterSign}
szOID_RSA_challengePwd = '1.2.840.113549.1.9.7';
{$EXTERNALSYM szOID_RSA_challengePwd}
szOID_RSA_unstructAddr = '1.2.840.113549.1.9.8';
{$EXTERNALSYM szOID_RSA_unstructAddr}
szOID_RSA_extCertAttrs = '1.2.840.113549.1.9.9';
{$EXTERNALSYM szOID_RSA_extCertAttrs}
szOID_RSA_certExtensions = '1.2.840.113549.1.9.14';
{$EXTERNALSYM szOID_RSA_certExtensions}
szOID_RSA_SMIMECapabilities = '1.2.840.113549.1.9.15';
{$EXTERNALSYM szOID_RSA_SMIMECapabilities}
szOID_RSA_preferSignedData = '1.2.840.113549.1.9.15.1';
{$EXTERNALSYM szOID_RSA_preferSignedData}
szOID_RSA_SMIMEalg = '1.2.840.113549.1.9.16.3';
{$EXTERNALSYM szOID_RSA_SMIMEalg}
szOID_RSA_SMIMEalgESDH = '1.2.840.113549.1.9.16.3.5';
{$EXTERNALSYM szOID_RSA_SMIMEalgESDH}
szOID_RSA_SMIMEalgCMS3DESwrap = '1.2.840.113549.1.9.16.3.6';
{$EXTERNALSYM szOID_RSA_SMIMEalgCMS3DESwrap}
szOID_RSA_SMIMEalgCMSRC2wrap = '1.2.840.113549.1.9.16.3.7';
{$EXTERNALSYM szOID_RSA_SMIMEalgCMSRC2wrap}
szOID_RSA_MD2 = '1.2.840.113549.2.2';
{$EXTERNALSYM szOID_RSA_MD2}
szOID_RSA_MD4 = '1.2.840.113549.2.4';
{$EXTERNALSYM szOID_RSA_MD4}
szOID_RSA_MD5 = '1.2.840.113549.2.5';
{$EXTERNALSYM szOID_RSA_MD5}
szOID_RSA_RC2CBC = '1.2.840.113549.3.2';
{$EXTERNALSYM szOID_RSA_RC2CBC}
szOID_RSA_RC4 = '1.2.840.113549.3.4';
{$EXTERNALSYM szOID_RSA_RC4}
szOID_RSA_DES_EDE3_CBC = '1.2.840.113549.3.7';
{$EXTERNALSYM szOID_RSA_DES_EDE3_CBC}
szOID_RSA_RC5_CBCPad = '1.2.840.113549.3.9';
{$EXTERNALSYM szOID_RSA_RC5_CBCPad}
szOID_ANSI_X942 = '1.2.840.10046';
{$EXTERNALSYM szOID_ANSI_X942}
szOID_ANSI_X942_DH = '1.2.840.10046.2.1';
{$EXTERNALSYM szOID_ANSI_X942_DH}
szOID_X957 = '1.2.840.10040';
{$EXTERNALSYM szOID_X957}
szOID_X957_DSA = '1.2.840.10040.4.1';
{$EXTERNALSYM szOID_X957_DSA}
szOID_X957_SHA1DSA = '1.2.840.10040.4.3';
{$EXTERNALSYM szOID_X957_SHA1DSA}
// ITU-T UsefulDefinitions
szOID_DS = '2.5';
{$EXTERNALSYM szOID_DS}
szOID_DSALG = '2.5.8';
{$EXTERNALSYM szOID_DSALG}
szOID_DSALG_CRPT = '2.5.8.1';
{$EXTERNALSYM szOID_DSALG_CRPT}
szOID_DSALG_HASH = '2.5.8.2';
{$EXTERNALSYM szOID_DSALG_HASH}
szOID_DSALG_SIGN = '2.5.8.3';
{$EXTERNALSYM szOID_DSALG_SIGN}
szOID_DSALG_RSA = '2.5.8.1.1';
{$EXTERNALSYM szOID_DSALG_RSA}
// NIST OSE Implementors' Workshop (OIW)
// http://nemo.ncsl.nist.gov/oiw/agreements/stable/OSI/12s_9506.w51
// http://nemo.ncsl.nist.gov/oiw/agreements/working/OSI/12w_9503.w51
szOID_OIW = '1.3.14';
{$EXTERNALSYM szOID_OIW}
// NIST OSE Implementors' Workshop (OIW) Security SIG algorithm identifiers
szOID_OIWSEC = '1.3.14.3.2';
{$EXTERNALSYM szOID_OIWSEC}
szOID_OIWSEC_md4RSA = '1.3.14.3.2.2';
{$EXTERNALSYM szOID_OIWSEC_md4RSA}
szOID_OIWSEC_md5RSA = '1.3.14.3.2.3';
{$EXTERNALSYM szOID_OIWSEC_md5RSA}
szOID_OIWSEC_md4RSA2 = '1.3.14.3.2.4';
{$EXTERNALSYM szOID_OIWSEC_md4RSA2}
szOID_OIWSEC_desECB = '1.3.14.3.2.6';
{$EXTERNALSYM szOID_OIWSEC_desECB}
szOID_OIWSEC_desCBC = '1.3.14.3.2.7';
{$EXTERNALSYM szOID_OIWSEC_desCBC}
szOID_OIWSEC_desOFB = '1.3.14.3.2.8';
{$EXTERNALSYM szOID_OIWSEC_desOFB}
szOID_OIWSEC_desCFB = '1.3.14.3.2.9';
{$EXTERNALSYM szOID_OIWSEC_desCFB}
szOID_OIWSEC_desMAC = '1.3.14.3.2.10';
{$EXTERNALSYM szOID_OIWSEC_desMAC}
szOID_OIWSEC_rsaSign = '1.3.14.3.2.11';
{$EXTERNALSYM szOID_OIWSEC_rsaSign}
szOID_OIWSEC_dsa = '1.3.14.3.2.12';
{$EXTERNALSYM szOID_OIWSEC_dsa}
szOID_OIWSEC_shaDSA = '1.3.14.3.2.13';
{$EXTERNALSYM szOID_OIWSEC_shaDSA}
szOID_OIWSEC_mdc2RSA = '1.3.14.3.2.14';
{$EXTERNALSYM szOID_OIWSEC_mdc2RSA}
szOID_OIWSEC_shaRSA = '1.3.14.3.2.15';
{$EXTERNALSYM szOID_OIWSEC_shaRSA}
szOID_OIWSEC_dhCommMod = '1.3.14.3.2.16';
{$EXTERNALSYM szOID_OIWSEC_dhCommMod}
szOID_OIWSEC_desEDE = '1.3.14.3.2.17';
{$EXTERNALSYM szOID_OIWSEC_desEDE}
szOID_OIWSEC_sha = '1.3.14.3.2.18';
{$EXTERNALSYM szOID_OIWSEC_sha}
szOID_OIWSEC_mdc2 = '1.3.14.3.2.19';
{$EXTERNALSYM szOID_OIWSEC_mdc2}
szOID_OIWSEC_dsaComm = '1.3.14.3.2.20';
{$EXTERNALSYM szOID_OIWSEC_dsaComm}
szOID_OIWSEC_dsaCommSHA = '1.3.14.3.2.21';
{$EXTERNALSYM szOID_OIWSEC_dsaCommSHA}
szOID_OIWSEC_rsaXchg = '1.3.14.3.2.22';
{$EXTERNALSYM szOID_OIWSEC_rsaXchg}
szOID_OIWSEC_keyHashSeal = '1.3.14.3.2.23';
{$EXTERNALSYM szOID_OIWSEC_keyHashSeal}
szOID_OIWSEC_md2RSASign = '1.3.14.3.2.24';
{$EXTERNALSYM szOID_OIWSEC_md2RSASign}
szOID_OIWSEC_md5RSASign = '1.3.14.3.2.25';
{$EXTERNALSYM szOID_OIWSEC_md5RSASign}
szOID_OIWSEC_sha1 = '1.3.14.3.2.26';
{$EXTERNALSYM szOID_OIWSEC_sha1}
szOID_OIWSEC_dsaSHA1 = '1.3.14.3.2.27';
{$EXTERNALSYM szOID_OIWSEC_dsaSHA1}
szOID_OIWSEC_dsaCommSHA1 = '1.3.14.3.2.28';
{$EXTERNALSYM szOID_OIWSEC_dsaCommSHA1}
szOID_OIWSEC_sha1RSASign = '1.3.14.3.2.29';
{$EXTERNALSYM szOID_OIWSEC_sha1RSASign}
// NIST OSE Implementors' Workshop (OIW) Directory SIG algorithm identifiers
szOID_OIWDIR = '1.3.14.7.2';
{$EXTERNALSYM szOID_OIWDIR}
szOID_OIWDIR_CRPT = '1.3.14.7.2.1';
{$EXTERNALSYM szOID_OIWDIR_CRPT}
szOID_OIWDIR_HASH = '1.3.14.7.2.2';
{$EXTERNALSYM szOID_OIWDIR_HASH}
szOID_OIWDIR_SIGN = '1.3.14.7.2.3';
{$EXTERNALSYM szOID_OIWDIR_SIGN}
szOID_OIWDIR_md2 = '1.3.14.7.2.2.1';
{$EXTERNALSYM szOID_OIWDIR_md2}
szOID_OIWDIR_md2RSA = '1.3.14.7.2.3.1';
{$EXTERNALSYM szOID_OIWDIR_md2RSA}
// INFOSEC Algorithms
// joint-iso-ccitt(2) country(16) us(840) organization(1) us-government(101) dod(2) id-infosec(1)
szOID_INFOSEC = '2.16.840.1.101.2.1';
{$EXTERNALSYM szOID_INFOSEC}
szOID_INFOSEC_sdnsSignature = '2.16.840.1.101.2.1.1.1';
{$EXTERNALSYM szOID_INFOSEC_sdnsSignature}
szOID_INFOSEC_mosaicSignature = '2.16.840.1.101.2.1.1.2';
{$EXTERNALSYM szOID_INFOSEC_mosaicSignature}
szOID_INFOSEC_sdnsConfidentiality = '2.16.840.1.101.2.1.1.3';
{$EXTERNALSYM szOID_INFOSEC_sdnsConfidentiality}
szOID_INFOSEC_mosaicConfidentiality = '2.16.840.1.101.2.1.1.4';
{$EXTERNALSYM szOID_INFOSEC_mosaicConfidentiality}
szOID_INFOSEC_sdnsIntegrity = '2.16.840.1.101.2.1.1.5';
{$EXTERNALSYM szOID_INFOSEC_sdnsIntegrity}
szOID_INFOSEC_mosaicIntegrity = '2.16.840.1.101.2.1.1.6';
{$EXTERNALSYM szOID_INFOSEC_mosaicIntegrity}
szOID_INFOSEC_sdnsTokenProtection = '2.16.840.1.101.2.1.1.7';
{$EXTERNALSYM szOID_INFOSEC_sdnsTokenProtection}
szOID_INFOSEC_mosaicTokenProtection = '2.16.840.1.101.2.1.1.8';
{$EXTERNALSYM szOID_INFOSEC_mosaicTokenProtection}
szOID_INFOSEC_sdnsKeyManagement = '2.16.840.1.101.2.1.1.9';
{$EXTERNALSYM szOID_INFOSEC_sdnsKeyManagement}
szOID_INFOSEC_mosaicKeyManagement = '2.16.840.1.101.2.1.1.10';
{$EXTERNALSYM szOID_INFOSEC_mosaicKeyManagement}
szOID_INFOSEC_sdnsKMandSig = '2.16.840.1.101.2.1.1.11';
{$EXTERNALSYM szOID_INFOSEC_sdnsKMandSig}
szOID_INFOSEC_mosaicKMandSig = '2.16.840.1.101.2.1.1.12';
{$EXTERNALSYM szOID_INFOSEC_mosaicKMandSig}
szOID_INFOSEC_SuiteASignature = '2.16.840.1.101.2.1.1.13';
{$EXTERNALSYM szOID_INFOSEC_SuiteASignature}
szOID_INFOSEC_SuiteAConfidentiality = '2.16.840.1.101.2.1.1.14';
{$EXTERNALSYM szOID_INFOSEC_SuiteAConfidentiality}
szOID_INFOSEC_SuiteAIntegrity = '2.16.840.1.101.2.1.1.15';
{$EXTERNALSYM szOID_INFOSEC_SuiteAIntegrity}
szOID_INFOSEC_SuiteATokenProtection = '2.16.840.1.101.2.1.1.16';
{$EXTERNALSYM szOID_INFOSEC_SuiteATokenProtection}
szOID_INFOSEC_SuiteAKeyManagement = '2.16.840.1.101.2.1.1.17';
{$EXTERNALSYM szOID_INFOSEC_SuiteAKeyManagement}
szOID_INFOSEC_SuiteAKMandSig = '2.16.840.1.101.2.1.1.18';
{$EXTERNALSYM szOID_INFOSEC_SuiteAKMandSig}
szOID_INFOSEC_mosaicUpdatedSig = '2.16.840.1.101.2.1.1.19';
{$EXTERNALSYM szOID_INFOSEC_mosaicUpdatedSig}
szOID_INFOSEC_mosaicKMandUpdSig = '2.16.840.1.101.2.1.1.20';
{$EXTERNALSYM szOID_INFOSEC_mosaicKMandUpdSig}
szOID_INFOSEC_mosaicUpdatedInteg = '2.16.840.1.101.2.1.1.21';
{$EXTERNALSYM szOID_INFOSEC_mosaicUpdatedInteg}
type
PCRYPT_OBJID_TABLE = ^CRYPT_OBJID_TABLE;
{$EXTERNALSYM PCRYPT_OBJID_TABLE}
_CRYPT_OBJID_TABLE = record
dwAlgId: DWORD;
pszObjId: LPCSTR;
end;
{$EXTERNALSYM _CRYPT_OBJID_TABLE}
CRYPT_OBJID_TABLE = _CRYPT_OBJID_TABLE;
{$EXTERNALSYM CRYPT_OBJID_TABLE}
TCryptObjIdTable = CRYPT_OBJID_TABLE;
PCryptObjIdTable = PCRYPT_OBJID_TABLE;
//+-------------------------------------------------------------------------
// PKCS #1 HashInfo (DigestInfo)
//--------------------------------------------------------------------------
PCRYPT_HASH_INFO = ^CRYPT_HASH_INFO;
{$EXTERNALSYM PCRYPT_HASH_INFO}
_CRYPT_HASH_INFO = record
HashAlgorithm: CRYPT_ALGORITHM_IDENTIFIER;
Hash: CRYPT_HASH_BLOB;
end;
{$EXTERNALSYM _CRYPT_HASH_INFO}
CRYPT_HASH_INFO = _CRYPT_HASH_INFO;
{$EXTERNALSYM CRYPT_HASH_INFO}
TCryptHashInfo = CRYPT_HASH_INFO;
PCryptHashInfo = PCRYPT_HASH_INFO;
//+-------------------------------------------------------------------------
// Type used for an extension to an encoded content
//
// Where the Value's CRYPT_OBJID_BLOB is in its encoded representation.
//--------------------------------------------------------------------------
PCERT_EXTENSION = ^CERT_EXTENSION;
{$EXTERNALSYM PCERT_EXTENSION}
_CERT_EXTENSION = record
pszObjId: LPSTR;
fCritical: BOOL;
Value: CRYPT_OBJID_BLOB;
end;
{$EXTERNALSYM _CERT_EXTENSION}
CERT_EXTENSION = _CERT_EXTENSION;
{$EXTERNALSYM CERT_EXTENSION}
TCertExtension = CERT_EXTENSION;
PCertExtension = PCERT_EXTENSION;
//+-------------------------------------------------------------------------
// AttributeTypeValue
//
// Where the Value's CRYPT_OBJID_BLOB is in its encoded representation.
//--------------------------------------------------------------------------
PCRYPT_ATTRIBUTE_TYPE_VALUE = ^CRYPT_ATTRIBUTE_TYPE_VALUE;
{$EXTERNALSYM PCRYPT_ATTRIBUTE_TYPE_VALUE}
_CRYPT_ATTRIBUTE_TYPE_VALUE = record
pszObjId: LPSTR;
Value: CRYPT_OBJID_BLOB;
end;
{$EXTERNALSYM _CRYPT_ATTRIBUTE_TYPE_VALUE}
CRYPT_ATTRIBUTE_TYPE_VALUE = _CRYPT_ATTRIBUTE_TYPE_VALUE;
{$EXTERNALSYM CRYPT_ATTRIBUTE_TYPE_VALUE}
TCryptAttributeTypeValue = CRYPT_ATTRIBUTE_TYPE_VALUE;
PCryptAttributeTypeValue = PCRYPT_ATTRIBUTE_TYPE_VALUE;
//+-------------------------------------------------------------------------
// Attributes
//
// Where the Value's PATTR_BLOBs are in their encoded representation.
//--------------------------------------------------------------------------
PCRYPT_ATTRIBUTE = ^CRYPT_ATTRIBUTE;
{$EXTERNALSYM PCRYPT_ATTRIBUTE}
_CRYPT_ATTRIBUTE = record
pszObjId: LPSTR;
cValue: DWORD;
rgValue: PCRYPT_ATTR_BLOB;
end;
{$EXTERNALSYM _CRYPT_ATTRIBUTE}
CRYPT_ATTRIBUTE = _CRYPT_ATTRIBUTE;
{$EXTERNALSYM CRYPT_ATTRIBUTE}
TCryptAttribute = CRYPT_ATTRIBUTE;
PCryptAttribute = PCRYPT_ATTRIBUTE;
PCRYPT_ATTRIBUTES = ^CRYPT_ATTRIBUTES;
{$EXTERNALSYM PCRYPT_ATTRIBUTES}
_CRYPT_ATTRIBUTES = record
cAttr: DWORD;
rgAttr: PCRYPT_ATTRIBUTE;
end;
{$EXTERNALSYM _CRYPT_ATTRIBUTES}
CRYPT_ATTRIBUTES = _CRYPT_ATTRIBUTES;
{$EXTERNALSYM CRYPT_ATTRIBUTES}
TCryptAttributes = CRYPT_ATTRIBUTES;
PCryptAttributes = PCRYPT_ATTRIBUTES;
//+-------------------------------------------------------------------------
// Attributes making up a Relative Distinguished Name (CERT_RDN)
//
// The interpretation of the Value depends on the dwValueType.
// See below for a list of the types.
//--------------------------------------------------------------------------
PCERT_RDN_ATTR = ^CERT_RDN_ATTR;
{$EXTERNALSYM PCERT_RDN_ATTR}
_CERT_RDN_ATTR = record
pszObjId: LPSTR;
dwValueType: DWORD;
Value: CERT_RDN_VALUE_BLOB;
end;
{$EXTERNALSYM _CERT_RDN_ATTR}
CERT_RDN_ATTR = _CERT_RDN_ATTR;
{$EXTERNALSYM CERT_RDN_ATTR}
TCertRdnAttr = CERT_RDN_ATTR;
PCertRdnAttr = PCERT_RDN_ATTR;
//+-------------------------------------------------------------------------
// CERT_RDN attribute Object Identifiers
//--------------------------------------------------------------------------
// Labeling attribute types:
const
szOID_COMMON_NAME = '2.5.4.3'; // case-ignore string
{$EXTERNALSYM szOID_COMMON_NAME}
szOID_SUR_NAME = '2.5.4.4'; // case-ignore string
{$EXTERNALSYM szOID_SUR_NAME}
szOID_DEVICE_SERIAL_NUMBER = '2.5.4.5'; // printable string
{$EXTERNALSYM szOID_DEVICE_SERIAL_NUMBER}
// Geographic attribute types:
szOID_COUNTRY_NAME = '2.5.4.6'; // printable 2char string
{$EXTERNALSYM szOID_COUNTRY_NAME}
szOID_LOCALITY_NAME = '2.5.4.7'; // case-ignore string
{$EXTERNALSYM szOID_LOCALITY_NAME}
szOID_STATE_OR_PROVINCE_NAME = '2.5.4.8'; // case-ignore string
{$EXTERNALSYM szOID_STATE_OR_PROVINCE_NAME}
szOID_STREET_ADDRESS = '2.5.4.9'; // case-ignore string
{$EXTERNALSYM szOID_STREET_ADDRESS}
// Organizational attribute types:
szOID_ORGANIZATION_NAME = '2.5.4.10'; // case-ignore string
{$EXTERNALSYM szOID_ORGANIZATION_NAME}
szOID_ORGANIZATIONAL_UNIT_NAME = '2.5.4.11'; // case-ignore string
{$EXTERNALSYM szOID_ORGANIZATIONAL_UNIT_NAME}
szOID_TITLE = '2.5.4.12'; // case-ignore string
{$EXTERNALSYM szOID_TITLE}
// Explanatory attribute types:
szOID_DESCRIPTION = '2.5.4.13'; // case-ignore string
{$EXTERNALSYM szOID_DESCRIPTION}
szOID_SEARCH_GUIDE = '2.5.4.14';
{$EXTERNALSYM szOID_SEARCH_GUIDE}
szOID_BUSINESS_CATEGORY = '2.5.4.15'; // case-ignore string
{$EXTERNALSYM szOID_BUSINESS_CATEGORY}
// Postal addressing attribute types:
szOID_POSTAL_ADDRESS = '2.5.4.16';
{$EXTERNALSYM szOID_POSTAL_ADDRESS}
szOID_POSTAL_CODE = '2.5.4.17'; // case-ignore string
{$EXTERNALSYM szOID_POSTAL_CODE}
szOID_POST_OFFICE_BOX = '2.5.4.18'; // case-ignore string
{$EXTERNALSYM szOID_POST_OFFICE_BOX}
szOID_PHYSICAL_DELIVERY_OFFICE_NAME = '2.5.4.19'; // case-ignore string
{$EXTERNALSYM szOID_PHYSICAL_DELIVERY_OFFICE_NAME}
// Telecommunications addressing attribute types:
szOID_TELEPHONE_NUMBER = '2.5.4.20'; // telephone number
{$EXTERNALSYM szOID_TELEPHONE_NUMBER}
szOID_TELEX_NUMBER = '2.5.4.21';
{$EXTERNALSYM szOID_TELEX_NUMBER}
szOID_TELETEXT_TERMINAL_IDENTIFIER = '2.5.4.22';
{$EXTERNALSYM szOID_TELETEXT_TERMINAL_IDENTIFIER}
szOID_FACSIMILE_TELEPHONE_NUMBER = '2.5.4.23';
{$EXTERNALSYM szOID_FACSIMILE_TELEPHONE_NUMBER}
szOID_X21_ADDRESS = '2.5.4.24'; // numeric string
{$EXTERNALSYM szOID_X21_ADDRESS}
szOID_INTERNATIONAL_ISDN_NUMBER = '2.5.4.25'; // numeric string
{$EXTERNALSYM szOID_INTERNATIONAL_ISDN_NUMBER}
szOID_REGISTERED_ADDRESS = '2.5.4.26';
{$EXTERNALSYM szOID_REGISTERED_ADDRESS}
szOID_DESTINATION_INDICATOR = '2.5.4.27'; // printable string
{$EXTERNALSYM szOID_DESTINATION_INDICATOR}
// Preference attribute types:
szOID_PREFERRED_DELIVERY_METHOD = '2.5.4.28';
{$EXTERNALSYM szOID_PREFERRED_DELIVERY_METHOD}
// OSI application attribute types:
szOID_PRESENTATION_ADDRESS = '2.5.4.29';
{$EXTERNALSYM szOID_PRESENTATION_ADDRESS}
szOID_SUPPORTED_APPLICATION_CONTEXT = '2.5.4.30';
{$EXTERNALSYM szOID_SUPPORTED_APPLICATION_CONTEXT}
// Relational application attribute types:
szOID_MEMBER = '2.5.4.31';
{$EXTERNALSYM szOID_MEMBER}
szOID_OWNER = '2.5.4.32';
{$EXTERNALSYM szOID_OWNER}
szOID_ROLE_OCCUPANT = '2.5.4.33';
{$EXTERNALSYM szOID_ROLE_OCCUPANT}
szOID_SEE_ALSO = '2.5.4.34';
{$EXTERNALSYM szOID_SEE_ALSO}
// Security attribute types:
szOID_USER_PASSWORD = '2.5.4.35';
{$EXTERNALSYM szOID_USER_PASSWORD}
szOID_USER_CERTIFICATE = '2.5.4.36';
{$EXTERNALSYM szOID_USER_CERTIFICATE}
szOID_CA_CERTIFICATE = '2.5.4.37';
{$EXTERNALSYM szOID_CA_CERTIFICATE}
szOID_AUTHORITY_REVOCATION_LIST = '2.5.4.38';
{$EXTERNALSYM szOID_AUTHORITY_REVOCATION_LIST}
szOID_CERTIFICATE_REVOCATION_LIST = '2.5.4.39';
{$EXTERNALSYM szOID_CERTIFICATE_REVOCATION_LIST}
szOID_CROSS_CERTIFICATE_PAIR = '2.5.4.40';
{$EXTERNALSYM szOID_CROSS_CERTIFICATE_PAIR}
// Undocumented attribute types???
//#define szOID_??? "2.5.4.41"
szOID_GIVEN_NAME = '2.5.4.42'; // case-ignore string
{$EXTERNALSYM szOID_GIVEN_NAME}
szOID_INITIALS = '2.5.4.43'; // case-ignore string
{$EXTERNALSYM szOID_INITIALS}
// The DN Qualifier attribute type specifies disambiguating information to add
// to the relative distinguished name of an entry. It is intended to be used
// for entries held in multiple DSAs which would otherwise have the same name,
// and that its value be the same in a given DSA for all entries to which
// the information has been added.
szOID_DN_QUALIFIER = '2.5.4.46';
{$EXTERNALSYM szOID_DN_QUALIFIER}
// Pilot user attribute types:
szOID_DOMAIN_COMPONENT = '0.9.2342.19200300.100.1.25'; // IA5, UTF8 string
{$EXTERNALSYM szOID_DOMAIN_COMPONENT}
// used for PKCS 12 attributes
szOID_PKCS_12_FRIENDLY_NAME_ATTR = '1.2.840.113549.1.9.20';
{$EXTERNALSYM szOID_PKCS_12_FRIENDLY_NAME_ATTR}
szOID_PKCS_12_LOCAL_KEY_ID = '1.2.840.113549.1.9.21';
{$EXTERNALSYM szOID_PKCS_12_LOCAL_KEY_ID}
szOID_PKCS_12_KEY_PROVIDER_NAME_ATTR = '1.3.6.1.4.1.311.17.1';
{$EXTERNALSYM szOID_PKCS_12_KEY_PROVIDER_NAME_ATTR}
szOID_LOCAL_MACHINE_KEYSET = '1.3.6.1.4.1.311.17.2';
{$EXTERNALSYM szOID_LOCAL_MACHINE_KEYSET}
//+-------------------------------------------------------------------------
// Microsoft CERT_RDN attribute Object Identifiers
//--------------------------------------------------------------------------
// Special RDN containing the KEY_ID. Its value type is CERT_RDN_OCTET_STRING.
szOID_KEYID_RDN = '1.3.6.1.4.1.311.10.7.1';
{$EXTERNALSYM szOID_KEYID_RDN}
//+-------------------------------------------------------------------------
// CERT_RDN Attribute Value Types
//
// For RDN_ENCODED_BLOB, the Value's CERT_RDN_VALUE_BLOB is in its encoded
// representation. Otherwise, its an array of bytes.
//
// For all CERT_RDN types, Value.cbData is always the number of bytes, not
// necessarily the number of elements in the string. For instance,
// RDN_UNIVERSAL_STRING is an array of ints (cbData == intCnt * 4) and
// RDN_BMP_STRING is an array of unsigned shorts (cbData == ushortCnt * 2).
//
// A RDN_UTF8_STRING is an array of UNICODE characters (cbData == charCnt *2).
// These UNICODE characters are encoded as UTF8 8 bit characters.
//
// For CertDecodeName, two 0 bytes are always appended to the end of the
// string (ensures a CHAR or WCHAR string is null terminated).
// These added 0 bytes are't included in the BLOB.cbData.
//--------------------------------------------------------------------------
CERT_RDN_ANY_TYPE = 0;
{$EXTERNALSYM CERT_RDN_ANY_TYPE}
CERT_RDN_ENCODED_BLOB = 1;
{$EXTERNALSYM CERT_RDN_ENCODED_BLOB}
CERT_RDN_OCTET_STRING = 2;
{$EXTERNALSYM CERT_RDN_OCTET_STRING}
CERT_RDN_NUMERIC_STRING = 3;
{$EXTERNALSYM CERT_RDN_NUMERIC_STRING}
CERT_RDN_PRINTABLE_STRING = 4;
{$EXTERNALSYM CERT_RDN_PRINTABLE_STRING}
CERT_RDN_TELETEX_STRING = 5;
{$EXTERNALSYM CERT_RDN_TELETEX_STRING}
CERT_RDN_T61_STRING = 5;
{$EXTERNALSYM CERT_RDN_T61_STRING}
CERT_RDN_VIDEOTEX_STRING = 6;
{$EXTERNALSYM CERT_RDN_VIDEOTEX_STRING}
CERT_RDN_IA5_STRING = 7;
{$EXTERNALSYM CERT_RDN_IA5_STRING}
CERT_RDN_GRAPHIC_STRING = 8;
{$EXTERNALSYM CERT_RDN_GRAPHIC_STRING}
CERT_RDN_VISIBLE_STRING = 9;
{$EXTERNALSYM CERT_RDN_VISIBLE_STRING}
CERT_RDN_ISO646_STRING = 9;
{$EXTERNALSYM CERT_RDN_ISO646_STRING}
CERT_RDN_GENERAL_STRING = 10;
{$EXTERNALSYM CERT_RDN_GENERAL_STRING}
CERT_RDN_UNIVERSAL_STRING = 11;
{$EXTERNALSYM CERT_RDN_UNIVERSAL_STRING}
CERT_RDN_INT4_STRING = 11;
{$EXTERNALSYM CERT_RDN_INT4_STRING}
CERT_RDN_BMP_STRING = 12;
{$EXTERNALSYM CERT_RDN_BMP_STRING}
CERT_RDN_UNICODE_STRING = 12;
{$EXTERNALSYM CERT_RDN_UNICODE_STRING}
CERT_RDN_UTF8_STRING = 13;
{$EXTERNALSYM CERT_RDN_UTF8_STRING}
CERT_RDN_TYPE_MASK = $000000FF;
{$EXTERNALSYM CERT_RDN_TYPE_MASK}
CERT_RDN_FLAGS_MASK = DWORD($FF000000);
{$EXTERNALSYM CERT_RDN_FLAGS_MASK}
//+-------------------------------------------------------------------------
// Flags that can be or'ed with the above Value Type when encoding/decoding
//--------------------------------------------------------------------------
// For encoding: when set, CERT_RDN_T61_STRING is selected instead of
// CERT_RDN_UNICODE_STRING if all the unicode characters are <= 0xFF
CERT_RDN_ENABLE_T61_UNICODE_FLAG = DWORD($80000000);
{$EXTERNALSYM CERT_RDN_ENABLE_T61_UNICODE_FLAG}
// For encoding: when set, CERT_RDN_UTF8_STRING is selected instead of
// CERT_RDN_UNICODE_STRING.
CERT_RDN_ENABLE_UTF8_UNICODE_FLAG = $20000000;
{$EXTERNALSYM CERT_RDN_ENABLE_UTF8_UNICODE_FLAG}
// For encoding: when set, the characters aren't checked to see if they
// are valid for the Value Type.
CERT_RDN_DISABLE_CHECK_TYPE_FLAG = $40000000;
{$EXTERNALSYM CERT_RDN_DISABLE_CHECK_TYPE_FLAG}
// For decoding: by default, CERT_RDN_T61_STRING values are initially decoded
// as UTF8. If the UTF8 decoding fails, then, decoded as 8 bit characters.
// Setting this flag skips the initial attempt to decode as UTF8.
CERT_RDN_DISABLE_IE4_UTF8_FLAG = $01000000;
{$EXTERNALSYM CERT_RDN_DISABLE_IE4_UTF8_FLAG}
// Macro to check that the dwValueType is a character string and not an
// encoded blob or octet string
function IS_CERT_RDN_CHAR_STRING(X: DWORD): Boolean;
{$EXTERNALSYM IS_CERT_RDN_CHAR_STRING}
//+-------------------------------------------------------------------------
// A CERT_RDN consists of an array of the above attributes
//--------------------------------------------------------------------------
type
PCERT_RDN = ^CERT_RDN;
{$EXTERNALSYM PCERT_RDN}
_CERT_RDN = record
cRDNAttr: DWORD;
rgRDNAttr: PCERT_RDN_ATTR;
end;
{$EXTERNALSYM _CERT_RDN}
CERT_RDN = _CERT_RDN;
{$EXTERNALSYM CERT_RDN}
TCertRdn = CERT_RDN;
PCertRdn = PCERT_RDN;
//+-------------------------------------------------------------------------
// Information stored in a subject's or issuer's name. The information
// is represented as an array of the above RDNs.
//--------------------------------------------------------------------------
PCERT_NAME_INFO = ^CERT_NAME_INFO;
{$EXTERNALSYM PCERT_NAME_INFO}
_CERT_NAME_INFO = record
cRDN: DWORD;
rgRDN: PCERT_RDN;
end;
{$EXTERNALSYM _CERT_NAME_INFO}
CERT_NAME_INFO = _CERT_NAME_INFO;
{$EXTERNALSYM CERT_NAME_INFO}
TCertNameInfo = CERT_NAME_INFO;
PCertNameInfo = PCERT_NAME_INFO;
//+-------------------------------------------------------------------------
// Name attribute value without the Object Identifier
//
// The interpretation of the Value depends on the dwValueType.
// See above for a list of the types.
//--------------------------------------------------------------------------
PCERT_NAME_VALUE = ^CERT_NAME_VALUE;
{$EXTERNALSYM PCERT_NAME_VALUE}
_CERT_NAME_VALUE = record
dwValueType: DWORD;
Value: CERT_RDN_VALUE_BLOB;
end;
{$EXTERNALSYM _CERT_NAME_VALUE}
CERT_NAME_VALUE = _CERT_NAME_VALUE;
{$EXTERNALSYM CERT_NAME_VALUE}
TCertNameValue = CERT_NAME_VALUE;
PCertNameValue = PCERT_NAME_VALUE;
//+-------------------------------------------------------------------------
// Public Key Info
//
// The PublicKey is the encoded representation of the information as it is
// stored in the bit string
//--------------------------------------------------------------------------
PCERT_PUBLIC_KEY_INFO = ^CERT_PUBLIC_KEY_INFO;
{$EXTERNALSYM PCERT_PUBLIC_KEY_INFO}
_CERT_PUBLIC_KEY_INFO = record
Algorithm: CRYPT_ALGORITHM_IDENTIFIER;
PublicKey: CRYPT_BIT_BLOB;
end;
{$EXTERNALSYM _CERT_PUBLIC_KEY_INFO}
CERT_PUBLIC_KEY_INFO = _CERT_PUBLIC_KEY_INFO;
{$EXTERNALSYM CERT_PUBLIC_KEY_INFO}
TCertPublicKeyInfo = CERT_PUBLIC_KEY_INFO;
PCertPublicKeyInfo = PCERT_PUBLIC_KEY_INFO;
const
CERT_RSA_PUBLIC_KEY_OBJID = szOID_RSA_RSA;
{$EXTERNALSYM CERT_RSA_PUBLIC_KEY_OBJID}
CERT_DEFAULT_OID_PUBLIC_KEY_SIGN = szOID_RSA_RSA;
{$EXTERNALSYM CERT_DEFAULT_OID_PUBLIC_KEY_SIGN}
CERT_DEFAULT_OID_PUBLIC_KEY_XCHG = szOID_RSA_RSA;
{$EXTERNALSYM CERT_DEFAULT_OID_PUBLIC_KEY_XCHG}
//+-------------------------------------------------------------------------
// structure that contains all the information in a PKCS#8 PrivateKeyInfo
//--------------------------------------------------------------------------
type
PCRYPT_PRIVATE_KEY_INFO = ^CRYPT_PRIVATE_KEY_INFO;
{$EXTERNALSYM PCRYPT_PRIVATE_KEY_INFO}
_CRYPT_PRIVATE_KEY_INFO = record
Version: DWORD;
Algorithm: CRYPT_ALGORITHM_IDENTIFIER;
PrivateKey: CRYPT_DER_BLOB;
pAttributes: PCRYPT_ATTRIBUTES;
end;
{$EXTERNALSYM _CRYPT_PRIVATE_KEY_INFO}
CRYPT_PRIVATE_KEY_INFO = _CRYPT_PRIVATE_KEY_INFO;
{$EXTERNALSYM CRYPT_PRIVATE_KEY_INFO}
TCryptPrivateKeyInfo = CRYPT_PRIVATE_KEY_INFO;
PCryptPrivateKeyInfo = PCRYPT_PRIVATE_KEY_INFO;
//+-------------------------------------------------------------------------
// structure that contains all the information in a PKCS#8
// EncryptedPrivateKeyInfo
//--------------------------------------------------------------------------
PCRYPT_ENCRYPTED_PRIVATE_KEY_INFO = ^CRYPT_ENCRYPTED_PRIVATE_KEY_INFO;
{$EXTERNALSYM PCRYPT_ENCRYPTED_PRIVATE_KEY_INFO}
_CRYPT_ENCRYPTED_PRIVATE_KEY_INFO = record
EncryptionAlgorithm: CRYPT_ALGORITHM_IDENTIFIER;
EncryptedPrivateKey: CRYPT_DATA_BLOB;
end;
{$EXTERNALSYM _CRYPT_ENCRYPTED_PRIVATE_KEY_INFO}
CRYPT_ENCRYPTED_PRIVATE_KEY_INFO = _CRYPT_ENCRYPTED_PRIVATE_KEY_INFO;
{$EXTERNALSYM CRYPT_ENCRYPTED_PRIVATE_KEY_INFO}
TCryptEncryptedPrivateKeyInfo = CRYPT_ENCRYPTED_PRIVATE_KEY_INFO;
PCryptEncryptedPrivateKeyInfo = PCRYPT_ENCRYPTED_PRIVATE_KEY_INFO;
//+-------------------------------------------------------------------------
// this callback is given when an EncryptedProvateKeyInfo structure is
// encountered during ImportPKCS8. the caller is then expected to decrypt
// the private key and hand back the decrypted contents.
//
// the parameters are:
// Algorithm - the algorithm used to encrypt the PrivateKeyInfo
// EncryptedPrivateKey - the encrypted private key blob
// pClearTextKey - a buffer to receive the clear text
// cbClearTextKey - the number of bytes of the pClearTextKey buffer
// note the if this is zero then this should be
// filled in with the size required to decrypt the
// key into, and pClearTextKey should be ignored
// pVoidDecryptFunc - this is the pVoid that was passed into the call
// and is preserved and passed back as context
//+-------------------------------------------------------------------------
type
PCRYPT_DECRYPT_PRIVATE_KEY_FUNC = function (Algorithm: CRYPT_ALGORITHM_IDENTIFIER;
EncryptedPrivateKey: CRYPT_DATA_BLOB; pbClearTextKey: LPBYTE;
pcbClearTextKey: LPDWORD; pVoidDecryptFunc: LPVOID): BOOL; stdcall;
{$EXTERNALSYM PCRYPT_DECRYPT_PRIVATE_KEY_FUNC}
PCryptDecryptPrivateKeyFunc = PCRYPT_DECRYPT_PRIVATE_KEY_FUNC;
//+-------------------------------------------------------------------------
// this callback is given when creating a PKCS8 EncryptedPrivateKeyInfo.
// The caller is then expected to encrypt the private key and hand back
// the encrypted contents.
//
// the parameters are:
// Algorithm - the algorithm used to encrypt the PrivateKeyInfo
// pClearTextPrivateKey - the cleartext private key to be encrypted
// pbEncryptedKey - the output encrypted private key blob
// cbEncryptedKey - the number of bytes of the pbEncryptedKey buffer
// note the if this is zero then this should be
// filled in with the size required to encrypt the
// key into, and pbEncryptedKey should be ignored
// pVoidEncryptFunc - this is the pVoid that was passed into the call
// and is preserved and passed back as context
//+-------------------------------------------------------------------------
type
PCRYPT_ENCRYPT_PRIVATE_KEY_FUNC = function (pAlgorithm: PCRYPT_ALGORITHM_IDENTIFIER;
pClearTextPrivateKey: PCRYPT_DATA_BLOB; pbEncryptedKey: LPBYTE;
pcbEncryptedKey: LPDWORD; pVoidEncryptFunc: LPVOID): BOOL; stdcall;
{$EXTERNALSYM PCRYPT_ENCRYPT_PRIVATE_KEY_FUNC}
PCryptEncryptPrivateKeyFunc = PCRYPT_ENCRYPT_PRIVATE_KEY_FUNC;
//+-------------------------------------------------------------------------
// this callback is given from the context of a ImportPKCS8 calls. the caller
// is then expected to hand back an HCRYPTPROV to receive the key being imported
//
// the parameters are:
// pPrivateKeyInfo - pointer to a CRYPT_PRIVATE_KEY_INFO structure which
// describes the key being imported
// EncryptedPrivateKey - the encrypted private key blob
// phCryptProv - a pointer to a HCRRYPTPROV to be filled in
// pVoidResolveFunc - this is the pVoidResolveFunc passed in by the caller in the
// CRYPT_PRIVATE_KEY_BLOB_AND_PARAMS struct
//+-------------------------------------------------------------------------
type
PCRYPT_RESOLVE_HCRYPTPROV_FUNC = function (pPrivateKeyInfo: PCRYPT_PRIVATE_KEY_INFO;
phCryptProv: PHCRYPTPROV; pVoidResolveFunc: LPVOID): BOOL; stdcall;
{$EXTERNALSYM PCRYPT_RESOLVE_HCRYPTPROV_FUNC}
PCryptResolveHCryptProvFunc = PCRYPT_RESOLVE_HCRYPTPROV_FUNC;
//+-------------------------------------------------------------------------
// this struct contains a PKCS8 private key and two pointers to callback
// functions, with a corresponding pVoids. the first callback is used to give
// the caller the opportunity to specify where the key is imported to. the callback
// passes the caller the algoroithm OID and key size to use in making the decision.
// the other callback is used to decrypt the private key if the PKCS8 contains an
// EncryptedPrivateKeyInfo. both pVoids are preserved and passed back to the caller
// in the respective callback
//+-------------------------------------------------------------------------
PCRYPT_PKCS8_IMPORT_PARAMS = ^CRYPT_PKCS8_IMPORT_PARAMS;
{$EXTERNALSYM PCRYPT_PKCS8_IMPORT_PARAMS}
_CRYPT_PKCS8_IMPORT_PARAMS = record
PrivateKey: CRYPT_DIGEST_BLOB; // PKCS8 blob
pResolvehCryptProvFunc: PCRYPT_RESOLVE_HCRYPTPROV_FUNC; // optional
pVoidResolveFunc: LPVOID; // optional
pDecryptPrivateKeyFunc: PCRYPT_DECRYPT_PRIVATE_KEY_FUNC;
pVoidDecryptFunc: LPVOID;
end;
{$EXTERNALSYM _CRYPT_PKCS8_IMPORT_PARAMS}
CRYPT_PKCS8_IMPORT_PARAMS = _CRYPT_PKCS8_IMPORT_PARAMS;
{$EXTERNALSYM CRYPT_PKCS8_IMPORT_PARAMS}
TCryptPkcs8ImportParams = CRYPT_PKCS8_IMPORT_PARAMS;
PCryptPkcs8ImportParams = PCRYPT_PKCS8_IMPORT_PARAMS;
CRYPT_PRIVATE_KEY_BLOB_AND_PARAMS = CRYPT_PKCS8_IMPORT_PARAMS;
{$EXTERNALSYM CRYPT_PRIVATE_KEY_BLOB_AND_PARAMS}
PCRYPT_PRIVATE_KEY_BLOB_AND_PARAMS = PCRYPT_PKCS8_IMPORT_PARAMS;
{$EXTERNALSYM PCRYPT_PRIVATE_KEY_BLOB_AND_PARAMS}
//+-------------------------------------------------------------------------
// this struct contains information identifying a private key and a pointer
// to a callback function, with a corresponding pVoid. The callback is used
// to encrypt the private key. If the pEncryptPrivateKeyFunc is NULL, the
// key will not be encrypted and an EncryptedPrivateKeyInfo will not be generated.
// The pVoid is preserved and passed back to the caller in the respective callback
//+-------------------------------------------------------------------------
PCRYPT_PKCS8_EXPORT_PARAMS = ^CRYPT_PKCS8_EXPORT_PARAMS;
{$EXTERNALSYM PCRYPT_PKCS8_EXPORT_PARAMS}
_CRYPT_PKCS8_EXPORT_PARAMS = record
hCryptProv: HCRYPTPROV;
dwKeySpec: DWORD;
pszPrivateKeyObjId: LPSTR;
pEncryptPrivateKeyFunc: PCRYPT_ENCRYPT_PRIVATE_KEY_FUNC;
pVoidEncryptFunc: LPVOID;
end;
{$EXTERNALSYM _CRYPT_PKCS8_EXPORT_PARAMS}
CRYPT_PKCS8_EXPORT_PARAMS = _CRYPT_PKCS8_EXPORT_PARAMS;
{$EXTERNALSYM CRYPT_PKCS8_EXPORT_PARAMS}
TCryptPkcs8ExportParams = CRYPT_PKCS8_EXPORT_PARAMS;
PCryptPkcs8ExportParams = PCRYPT_PKCS8_EXPORT_PARAMS;
//+-------------------------------------------------------------------------
// Information stored in a certificate
//
// The Issuer, Subject, Algorithm, PublicKey and Extension BLOBs are the
// encoded representation of the information.
//--------------------------------------------------------------------------
PCERT_INFO = ^CERT_INFO;
{$EXTERNALSYM PCERT_INFO}
_CERT_INFO = record
dwVersion: DWORD;
SerialNumber: CRYPT_INTEGER_BLOB;
SignatureAlgorithm: CRYPT_ALGORITHM_IDENTIFIER;
Issuer: CERT_NAME_BLOB;
NotBefore: FILETIME;
NotAfter: FILETIME;
Subject: CERT_NAME_BLOB;
SubjectPublicKeyInfo: CERT_PUBLIC_KEY_INFO;
IssuerUniqueId: CRYPT_BIT_BLOB;
SubjectUniqueId: CRYPT_BIT_BLOB;
cExtension: DWORD;
rgExtension: PCERT_EXTENSION;
end;
{$EXTERNALSYM _CERT_INFO}
CERT_INFO = _CERT_INFO;
{$EXTERNALSYM CERT_INFO}
TCertInfo = CERT_INFO;
PCertInfo = PCERT_INFO;
//+-------------------------------------------------------------------------
// Certificate versions
//--------------------------------------------------------------------------
const
CERT_V1 = 0;
{$EXTERNALSYM CERT_V1}
CERT_V2 = 1;
{$EXTERNALSYM CERT_V2}
CERT_V3 = 2;
{$EXTERNALSYM CERT_V3}
//+-------------------------------------------------------------------------
// Certificate Information Flags
//--------------------------------------------------------------------------
CERT_INFO_VERSION_FLAG = 1;
{$EXTERNALSYM CERT_INFO_VERSION_FLAG}
CERT_INFO_SERIAL_NUMBER_FLAG = 2;
{$EXTERNALSYM CERT_INFO_SERIAL_NUMBER_FLAG}
CERT_INFO_SIGNATURE_ALGORITHM_FLAG = 3;
{$EXTERNALSYM CERT_INFO_SIGNATURE_ALGORITHM_FLAG}
CERT_INFO_ISSUER_FLAG = 4;
{$EXTERNALSYM CERT_INFO_ISSUER_FLAG}
CERT_INFO_NOT_BEFORE_FLAG = 5;
{$EXTERNALSYM CERT_INFO_NOT_BEFORE_FLAG}
CERT_INFO_NOT_AFTER_FLAG = 6;
{$EXTERNALSYM CERT_INFO_NOT_AFTER_FLAG}
CERT_INFO_SUBJECT_FLAG = 7;
{$EXTERNALSYM CERT_INFO_SUBJECT_FLAG}
CERT_INFO_SUBJECT_PUBLIC_KEY_INFO_FLAG = 8;
{$EXTERNALSYM CERT_INFO_SUBJECT_PUBLIC_KEY_INFO_FLAG}
CERT_INFO_ISSUER_UNIQUE_ID_FLAG = 9;
{$EXTERNALSYM CERT_INFO_ISSUER_UNIQUE_ID_FLAG}
CERT_INFO_SUBJECT_UNIQUE_ID_FLAG = 10;
{$EXTERNALSYM CERT_INFO_SUBJECT_UNIQUE_ID_FLAG}
CERT_INFO_EXTENSION_FLAG = 11;
{$EXTERNALSYM CERT_INFO_EXTENSION_FLAG}
//+-------------------------------------------------------------------------
// An entry in a CRL
//
// The Extension BLOBs are the encoded representation of the information.
//--------------------------------------------------------------------------
type
PCRL_ENTRY = ^CRL_ENTRY;
{$EXTERNALSYM PCRL_ENTRY}
_CRL_ENTRY = record
SerialNumber: CRYPT_INTEGER_BLOB;
RevocationDate: FILETIME;
cExtension: DWORD;
rgExtension: PCERT_EXTENSION;
end;
{$EXTERNALSYM _CRL_ENTRY}
CRL_ENTRY = _CRL_ENTRY;
{$EXTERNALSYM CRL_ENTRY}
TCrlEntry = CRL_ENTRY;
PCrlEntry = PCRL_ENTRY;
//+-------------------------------------------------------------------------
// Information stored in a CRL
//
// The Issuer, Algorithm and Extension BLOBs are the encoded
// representation of the information.
//--------------------------------------------------------------------------
PCRL_INFO = ^CRL_INFO;
{$EXTERNALSYM PCRL_INFO}
_CRL_INFO = record
dwVersion: DWORD;
SignatureAlgorithm: CRYPT_ALGORITHM_IDENTIFIER;
Issuer: CERT_NAME_BLOB;
ThisUpdate: FILETIME;
NextUpdate: FILETIME;
cCRLEntry: DWORD;
rgCRLEntry: PCRL_ENTRY;
cExtension: DWORD;
rgExtension: PCERT_EXTENSION;
end;
{$EXTERNALSYM _CRL_INFO}
CRL_INFO = _CRL_INFO;
{$EXTERNALSYM CRL_INFO}
TCrlInfo = CRL_INFO;
PCrlInfo = PCRL_INFO;
//+-------------------------------------------------------------------------
// CRL versions
//--------------------------------------------------------------------------
const
CRL_V1 = 0;
{$EXTERNALSYM CRL_V1}
CRL_V2 = 1;
{$EXTERNALSYM CRL_V2}
//+-------------------------------------------------------------------------
// Information stored in a certificate request
//
// The Subject, Algorithm, PublicKey and Attribute BLOBs are the encoded
// representation of the information.
//--------------------------------------------------------------------------
type
PCERT_REQUEST_INFO = ^CERT_REQUEST_INFO;
{$EXTERNALSYM PCERT_REQUEST_INFO}
_CERT_REQUEST_INFO = record
dwVersion: DWORD;
Subject: CERT_NAME_BLOB;
SubjectPublicKeyInfo: CERT_PUBLIC_KEY_INFO;
cAttribute: DWORD;
rgAttribute: PCRYPT_ATTRIBUTE;
end;
{$EXTERNALSYM _CERT_REQUEST_INFO}
CERT_REQUEST_INFO = _CERT_REQUEST_INFO;
{$EXTERNALSYM CERT_REQUEST_INFO}
TCertRequestInfo = CERT_REQUEST_INFO;
PCertRequestInfo = PCERT_REQUEST_INFO;
//+-------------------------------------------------------------------------
// Certificate Request versions
//--------------------------------------------------------------------------
const
CERT_REQUEST_V1 = 0;
{$EXTERNALSYM CERT_REQUEST_V1}
//+-------------------------------------------------------------------------
// Information stored in Netscape's Keygen request
//--------------------------------------------------------------------------
type
PCERT_KEYGEN_REQUEST_INFO = ^CERT_KEYGEN_REQUEST_INFO;
{$EXTERNALSYM PCERT_KEYGEN_REQUEST_INFO}
_CERT_KEYGEN_REQUEST_INFO = record
dwVersion: DWORD;
SubjectPublicKeyInfo: CERT_PUBLIC_KEY_INFO;
pwszChallengeString: LPWSTR; // encoded as IA5
end;
{$EXTERNALSYM _CERT_KEYGEN_REQUEST_INFO}
CERT_KEYGEN_REQUEST_INFO = _CERT_KEYGEN_REQUEST_INFO;
{$EXTERNALSYM CERT_KEYGEN_REQUEST_INFO}
TCertKeygenRequestInfo = CERT_KEYGEN_REQUEST_INFO;
PCertKeygenRequestInfo = PCERT_KEYGEN_REQUEST_INFO;
const
CERT_KEYGEN_REQUEST_V1 = 0;
{$EXTERNALSYM CERT_KEYGEN_REQUEST_V1}
//+-------------------------------------------------------------------------
// Certificate, CRL, Certificate Request or Keygen Request Signed Content
//
// The "to be signed" encoded content plus its signature. The ToBeSigned
// is the encoded CERT_INFO, CRL_INFO, CERT_REQUEST_INFO or
// CERT_KEYGEN_REQUEST_INFO.
//--------------------------------------------------------------------------
type
PCERT_SIGNED_CONTENT_INFO = ^CERT_SIGNED_CONTENT_INFO;
{$EXTERNALSYM PCERT_SIGNED_CONTENT_INFO}
_CERT_SIGNED_CONTENT_INFO = record
ToBeSigned: CRYPT_DER_BLOB;
SignatureAlgorithm: CRYPT_ALGORITHM_IDENTIFIER;
Signature: CRYPT_BIT_BLOB;
end;
{$EXTERNALSYM _CERT_SIGNED_CONTENT_INFO}
CERT_SIGNED_CONTENT_INFO = _CERT_SIGNED_CONTENT_INFO;
{$EXTERNALSYM CERT_SIGNED_CONTENT_INFO}
TCertSignedContentInfo = CERT_SIGNED_CONTENT_INFO;
PCertSignedContentInfo = PCERT_SIGNED_CONTENT_INFO;
//+-------------------------------------------------------------------------
// Certificate Trust List (CTL)
//--------------------------------------------------------------------------
//+-------------------------------------------------------------------------
// CTL Usage. Also used for EnhancedKeyUsage extension.
//--------------------------------------------------------------------------
PCTL_USAGE = ^CTL_USAGE;
{$EXTERNALSYM PCTL_USAGE}
_CTL_USAGE = record
cUsageIdentifier: DWORD;
rgpszUsageIdentifier: LPSTR; // array of pszObjId
end;
{$EXTERNALSYM _CTL_USAGE}
CTL_USAGE = _CTL_USAGE;
{$EXTERNALSYM CTL_USAGE}
TCtlUsage = CTL_USAGE;
PCtlUsage = PCTL_USAGE;
CERT_ENHKEY_USAGE = CTL_USAGE;
{$EXTERNALSYM CERT_ENHKEY_USAGE}
PCERT_ENHKEY_USAGE = PCTL_USAGE;
{$EXTERNALSYM PCERT_ENHKEY_USAGE}
//+-------------------------------------------------------------------------
// An entry in a CTL
//--------------------------------------------------------------------------
PCTL_ENTRY = ^CTL_ENTRY;
{$EXTERNALSYM PCTL_ENTRY}
_CTL_ENTRY = record
SubjectIdentifier: CRYPT_DATA_BLOB; // For example, its hash
cAttribute: DWORD;
rgAttribute: PCRYPT_ATTRIBUTE; // OPTIONAL
end;
{$EXTERNALSYM _CTL_ENTRY}
CTL_ENTRY = _CTL_ENTRY;
{$EXTERNALSYM CTL_ENTRY}
TCtlEntry = CTL_ENTRY;
PCtlEntry = PCTL_ENTRY;
//+-------------------------------------------------------------------------
// Information stored in a CTL
//--------------------------------------------------------------------------
PCTL_INFO = ^CTL_INFO;
{$EXTERNALSYM PCTL_INFO}
_CTL_INFO = record
dwVersion: DWORD;
SubjectUsage: CTL_USAGE;
ListIdentifier: CRYPT_DATA_BLOB; // OPTIONAL
SequenceNumber: CRYPT_INTEGER_BLOB; // OPTIONAL
ThisUpdate: FILETIME;
NextUpdate: FILETIME; // OPTIONAL
SubjectAlgorithm: CRYPT_ALGORITHM_IDENTIFIER;
cCTLEntry: DWORD;
rgCTLEntry: PCTL_ENTRY; // OPTIONAL
cExtension: DWORD;
rgExtension: PCERT_EXTENSION; // OPTIONAL
end;
{$EXTERNALSYM _CTL_INFO}
CTL_INFO = _CTL_INFO;
{$EXTERNALSYM CTL_INFO}
TCtlInfo = CTL_INFO;
PCtlInfo = PCTL_INFO;
//+-------------------------------------------------------------------------
// CTL versions
//--------------------------------------------------------------------------
const
CTL_V1 = 0;
{$EXTERNALSYM CTL_V1}
//+-------------------------------------------------------------------------
// TimeStamp Request
//
// The pszTimeStamp is the OID for the Time type requested
// The pszContentType is the Content Type OID for the content, usually DATA
// The Content is a un-decoded blob
//--------------------------------------------------------------------------
type
PCRYPT_TIME_STAMP_REQUEST_INFO = ^CRYPT_TIME_STAMP_REQUEST_INFO;
{$EXTERNALSYM PCRYPT_TIME_STAMP_REQUEST_INFO}
_CRYPT_TIME_STAMP_REQUEST_INFO = record
pszTimeStampAlgorithm: LPSTR; // pszObjId
pszContentType: LPSTR; // pszObjId
Content: CRYPT_OBJID_BLOB;
cAttribute: DWORD;
rgAttribute: PCRYPT_ATTRIBUTE;
end;
{$EXTERNALSYM _CRYPT_TIME_STAMP_REQUEST_INFO}
CRYPT_TIME_STAMP_REQUEST_INFO = _CRYPT_TIME_STAMP_REQUEST_INFO;
{$EXTERNALSYM CRYPT_TIME_STAMP_REQUEST_INFO}
TCryptTimeStampRequestInfo = CRYPT_TIME_STAMP_REQUEST_INFO;
PCryptTimeStampRequestInfo = PCRYPT_TIME_STAMP_REQUEST_INFO;
//+-------------------------------------------------------------------------
// Name Value Attribute
//--------------------------------------------------------------------------
PCRYPT_ENROLLMENT_NAME_VALUE_PAIR = ^CRYPT_ENROLLMENT_NAME_VALUE_PAIR;
{$EXTERNALSYM PCRYPT_ENROLLMENT_NAME_VALUE_PAIR}
_CRYPT_ENROLLMENT_NAME_VALUE_PAIR = record
pwszName: LPWSTR;
pwszValue: LPWSTR;
end;
{$EXTERNALSYM _CRYPT_ENROLLMENT_NAME_VALUE_PAIR}
CRYPT_ENROLLMENT_NAME_VALUE_PAIR = _CRYPT_ENROLLMENT_NAME_VALUE_PAIR;
{$EXTERNALSYM CRYPT_ENROLLMENT_NAME_VALUE_PAIR}
TCryptEnrollmentNameValuePair = CRYPT_ENROLLMENT_NAME_VALUE_PAIR;
PCryptEnrollmentNameValuePair = PCRYPT_ENROLLMENT_NAME_VALUE_PAIR;
//+-------------------------------------------------------------------------
// CSP Provider
//--------------------------------------------------------------------------
PCRYPT_CSP_PROVIDER = ^CRYPT_CSP_PROVIDER;
{$EXTERNALSYM PCRYPT_CSP_PROVIDER}
_CRYPT_CSP_PROVIDER = record
dwKeySpec: DWORD;
pwszProviderName: LPWSTR;
Signature: CRYPT_BIT_BLOB;
end;
{$EXTERNALSYM _CRYPT_CSP_PROVIDER}
CRYPT_CSP_PROVIDER = _CRYPT_CSP_PROVIDER;
{$EXTERNALSYM CRYPT_CSP_PROVIDER}
TCryptCspProvider = CRYPT_CSP_PROVIDER;
PCryptCspProvider = PCRYPT_CSP_PROVIDER;
//+-------------------------------------------------------------------------
// Certificate and Message encoding types
//
// The encoding type is a DWORD containing both the certificate and message
// encoding types. The certificate encoding type is stored in the LOWORD.
// The message encoding type is stored in the HIWORD. Some functions or
// structure fields require only one of the encoding types. The following
// naming convention is used to indicate which encoding type(s) are
// required:
// dwEncodingType (both encoding types are required)
// dwMsgAndCertEncodingType (both encoding types are required)
// dwMsgEncodingType (only msg encoding type is required)
// dwCertEncodingType (only cert encoding type is required)
//
// Its always acceptable to specify both.
//--------------------------------------------------------------------------
const
CERT_ENCODING_TYPE_MASK = $0000FFFF;
{$EXTERNALSYM CERT_ENCODING_TYPE_MASK}
CMSG_ENCODING_TYPE_MASK = DWORD($FFFF0000);
{$EXTERNALSYM CMSG_ENCODING_TYPE_MASK}
function GET_CERT_ENCODING_TYPE(X: DWORD): DWORD;
{$EXTERNALSYM GET_CERT_ENCODING_TYPE}
function GET_CMSG_ENCODING_TYPE(X: DWORD): DWORD;
{$EXTERNALSYM GET_CMSG_ENCODING_TYPE}
const
CRYPT_ASN_ENCODING = $00000001;
{$EXTERNALSYM CRYPT_ASN_ENCODING}
CRYPT_NDR_ENCODING = $00000002;
{$EXTERNALSYM CRYPT_NDR_ENCODING}
X509_ASN_ENCODING = $00000001;
{$EXTERNALSYM X509_ASN_ENCODING}
X509_NDR_ENCODING = $00000002;
{$EXTERNALSYM X509_NDR_ENCODING}
PKCS_7_ASN_ENCODING = $00010000;
{$EXTERNALSYM PKCS_7_ASN_ENCODING}
PKCS_7_NDR_ENCODING = $00020000;
{$EXTERNALSYM PKCS_7_NDR_ENCODING}
//+-------------------------------------------------------------------------
// format the specified data structure according to the certificate
// encoding type.
//
// The default behavior of CryptFormatObject is to return single line
// display of the encoded data, that is, each subfield will be concatenated with
// a ", " on one line. If user prefers to display the data in multiple line,
// set the flag CRYPT_FORMAT_STR_MULTI_LINE, that is, each subfield will be displayed
// on a seperate line.
//
// If there is no formatting routine installed or registered
// for the lpszStructType, the hex dump of the encoded BLOB will be returned.
// User can set the flag CRYPT_FORMAT_STR_NO_HEX to disable the hex dump.
//--------------------------------------------------------------------------
function CryptFormatObject(dwCertEncodingType, dwFormatType, dwFormatStrType: DWORD;
pFormatStruct: Pointer; lpszStructType: LPCSTR; pbEncoded: LPBYTE;
cbEncoded: DWORD; pbFormat: Pointer; var pcbFormat: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptFormatObject}
//-------------------------------------------------------------------------
// constants for dwFormatStrType of function CryptFormatObject
//-------------------------------------------------------------------------
const
CRYPT_FORMAT_STR_MULTI_LINE = $0001;
{$EXTERNALSYM CRYPT_FORMAT_STR_MULTI_LINE}
CRYPT_FORMAT_STR_NO_HEX = $0010;
{$EXTERNALSYM CRYPT_FORMAT_STR_NO_HEX}
//-------------------------------------------------------------------------
// constants for dwFormatType of function CryptFormatObject
// when format X509_NAME or X509_UNICODE_NAME
//-------------------------------------------------------------------------
// Just get the simple string
CRYPT_FORMAT_SIMPLE = $0001;
{$EXTERNALSYM CRYPT_FORMAT_SIMPLE}
//Put an attribute name infront of the attribute
//such as "O=Microsoft,DN=xiaohs"
CRYPT_FORMAT_X509 = $0002;
{$EXTERNALSYM CRYPT_FORMAT_X509}
//Put an OID infront of the simple string, such as
//"2.5.4.22=Microsoft,2.5.4.3=xiaohs"
CRYPT_FORMAT_OID = $0004;
{$EXTERNALSYM CRYPT_FORMAT_OID}
//Put a ";" between each RDN. The default is ","
CRYPT_FORMAT_RDN_SEMICOLON = $0100;
{$EXTERNALSYM CRYPT_FORMAT_RDN_SEMICOLON}
//Put a "n" between each RDN.
CRYPT_FORMAT_RDN_CRLF = $0200;
{$EXTERNALSYM CRYPT_FORMAT_RDN_CRLF}
//Unquote the DN value, which is quoated by default va the following
//rules: if the DN contains leading or trailing
//white space or one of the following characters: ",", "+", "=",
//""", "n", "<", ">", "#" or ";". The quoting character is ".
//If the DN Value contains a " it is double quoted ("").
CRYPT_FORMAT_RDN_UNQUOTE = $0400;
{$EXTERNALSYM CRYPT_FORMAT_RDN_UNQUOTE}
//reverse the order of the RDNs before converting to the string
CRYPT_FORMAT_RDN_REVERSE = $0800;
{$EXTERNALSYM CRYPT_FORMAT_RDN_REVERSE}
//-------------------------------------------------------------------------
// contants dwFormatType of function CryptFormatObject when format a DN.:
//
// The following three values are defined in the section above:
// CRYPT_FORMAT_SIMPLE: Just a simple string
// such as "Microsoft+xiaohs+NT"
// CRYPT_FORMAT_X509 Put an attribute name infront of the attribute
// such as "O=Microsoft+xiaohs+NT"
//
// CRYPT_FORMAT_OID Put an OID infront of the simple string,
// such as "2.5.4.22=Microsoft+xiaohs+NT"
//
// Additional values are defined as following:
//----------------------------------------------------------------------------
//Put a "," between each value. Default is "+"
CRYPT_FORMAT_COMMA = $1000;
{$EXTERNALSYM CRYPT_FORMAT_COMMA}
//Put a ";" between each value
CRYPT_FORMAT_SEMICOLON = CRYPT_FORMAT_RDN_SEMICOLON;
{$EXTERNALSYM CRYPT_FORMAT_SEMICOLON}
//Put a "n" between each value
CRYPT_FORMAT_CRLF = CRYPT_FORMAT_RDN_CRLF;
{$EXTERNALSYM CRYPT_FORMAT_CRLF}
//+-------------------------------------------------------------------------
// Encode / decode the specified data structure according to the certificate
// encoding type.
//
// See below for a list of the predefined data structures.
//--------------------------------------------------------------------------
type
PFN_CRYPT_ALLOC = function (cbSize: size_t): LPVOID; stdcall;
{$EXTERNALSYM PFN_CRYPT_ALLOC}
PFN_CRYPT_FREE = procedure (pv: LPVOID); stdcall;
{$EXTERNALSYM PFN_CRYPT_FREE}
PCRYPT_ENCODE_PARA = ^CRYPT_ENCODE_PARA;
{$EXTERNALSYM PCRYPT_ENCODE_PARA}
_CRYPT_ENCODE_PARA = record
cbSize: DWORD;
pfnAlloc: PFN_CRYPT_ALLOC; // OPTIONAL
pfnFree: PFN_CRYPT_FREE; // OPTIONAL
end;
{$EXTERNALSYM _CRYPT_ENCODE_PARA}
CRYPT_ENCODE_PARA = _CRYPT_ENCODE_PARA;
{$EXTERNALSYM CRYPT_ENCODE_PARA}
TCryptEncodePara = CRYPT_ENCODE_PARA;
PCryptEncodePara = PCRYPT_ENCODE_PARA;
function CryptEncodeObjectEx(dwCertEncodingType: DWORD; lpszStructType: LPCSTR;
pvStructInfo: Pointer; dwFlags: DWORD; pEncodePara: PCRYPT_ENCODE_PARA;
pvEncoded: Pointer; var pcbEncoded: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptEncodeObjectEx}
function CryptEncodeObject(dwCertEncodingType: DWORD; lpszStructType: LPCSTR;
pvStructInfo: Pointer; pbEncoded: LPBYTE; var pcbEncoded: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptEncodeObject}
// By default the signature bytes are reversed. The following flag can
// be set to inhibit the byte reversal.
//
// This flag is applicable to
// X509_CERT_TO_BE_SIGNED
const
CRYPT_ENCODE_NO_SIGNATURE_BYTE_REVERSAL_FLAG = $8;
{$EXTERNALSYM CRYPT_ENCODE_NO_SIGNATURE_BYTE_REVERSAL_FLAG}
// When the following flag is set the called encode function allocates
// memory for the encoded bytes. A pointer to the allocated bytes
// is returned in pvEncoded. If pEncodePara or pEncodePara->pfnAlloc is
// NULL, then, LocalAlloc is called for the allocation and LocalFree must
// be called to do the free. Otherwise, pEncodePara->pfnAlloc is called
// for the allocation.
//
// *pcbEncoded is ignored on input and updated with the length of the
// allocated, encoded bytes.
//
// If pfnAlloc is set, then, pfnFree should also be set.
CRYPT_ENCODE_ALLOC_FLAG = $8000;
{$EXTERNALSYM CRYPT_ENCODE_ALLOC_FLAG}
// The following flag is applicable when encoding X509_UNICODE_NAME.
// When set, CERT_RDN_T61_STRING is selected instead of
// CERT_RDN_UNICODE_STRING if all the unicode characters are <= 0xFF
CRYPT_UNICODE_NAME_ENCODE_ENABLE_T61_UNICODE_FLAG = CERT_RDN_ENABLE_T61_UNICODE_FLAG;
{$EXTERNALSYM CRYPT_UNICODE_NAME_ENCODE_ENABLE_T61_UNICODE_FLAG}