Windows编程

开发平台：

Delphi

JwaWinCrypt.pas：源码内容

PCryptProtectPromptStruct = PCRYPTPROTECT_PROMPTSTRUCT;
//
// base provider action
//
const
CRYPTPROTECT_DEFAULT_PROVIDER: GUID = (
D1:$df9d8cd0; D2:$1501; D3:$11d1; D4:($8c, $7a, $00, $c0, $4f, $c2, $97, $eb));
{$EXTERNALSYM CRYPTPROTECT_DEFAULT_PROVIDER}
//
// CryptProtect PromptStruct dwPromtFlags
//
//
// prompt on unprotect
CRYPTPROTECT_PROMPT_ON_UNPROTECT = $1; // 1<<0
{$EXTERNALSYM CRYPTPROTECT_PROMPT_ON_UNPROTECT}
//
// prompt on protect
CRYPTPROTECT_PROMPT_ON_PROTECT = $2; // 1<<1
{$EXTERNALSYM CRYPTPROTECT_PROMPT_ON_PROTECT}
CRYPTPROTECT_PROMPT_RESERVED = $04; // reserved, do not use.
{$EXTERNALSYM CRYPTPROTECT_PROMPT_RESERVED}
//
// only allow strong variant UI protection (user supplied password currently).
CRYPTPROTECT_PROMPT_STRONG = $08; // 1<<3
{$EXTERNALSYM CRYPTPROTECT_PROMPT_STRONG}
//
// CryptProtectData and CryptUnprotectData dwFlags
//
// for remote-access situations where ui is not an option
// if UI was specified on protect or unprotect operation, the call
// will fail and GetLastError() will indicate ERROR_PASSWORD_RESTRICTION
CRYPTPROTECT_UI_FORBIDDEN = $1;
{$EXTERNALSYM CRYPTPROTECT_UI_FORBIDDEN}
//
// per machine protected data -- any user on machine where CryptProtectData
// took place may CryptUnprotectData
CRYPTPROTECT_LOCAL_MACHINE = $4;
{$EXTERNALSYM CRYPTPROTECT_LOCAL_MACHINE}
//
// force credential synchronize during CryptProtectData()
// Synchronize is only operation that occurs during this operation
CRYPTPROTECT_CRED_SYNC = $8;
{$EXTERNALSYM CRYPTPROTECT_CRED_SYNC}
// flags reserved for system use
CRYPTPROTECT_FIRST_RESERVED_FLAGVAL = $0FFFFFFF;
{$EXTERNALSYM CRYPTPROTECT_FIRST_RESERVED_FLAGVAL}
CRYPTPROTECT_LAST_RESERVED_FLAGVAL = DWORD($FFFFFFFF);
{$EXTERNALSYM CRYPTPROTECT_LAST_RESERVED_FLAGVAL}
//
// flags specific to base provider
//
function CryptProtectData(pDataIn: PDATA_BLOB; szDataDescr: LPCWSTR;
pOptionalEntropy: PDATA_BLOB; pvReserved: PVOID;
pPromptStruct: PCRYPTPROTECT_PROMPTSTRUCT; dwFlags: DWORD; pDataOut: PDATA_BLOB): BOOL; stdcall;
{$EXTERNALSYM CryptProtectData}
function CryptUnprotectData(pDataIn: PDATA_BLOB; ppszDataDescr: LPLPWSTR;
pOptionalEntropy: PDATA_BLOB; pvReserved: PVOID;
pPromptStruct: PCRYPTPROTECT_PROMPTSTRUCT; dwFlags: DWORD; pDataOut: PDATA_BLOB): BOOL; stdcall;
{$EXTERNALSYM CryptUnprotectData}
//+=========================================================================
// Helper functions to build certificates
//==========================================================================
//+-------------------------------------------------------------------------
//
// Builds a self-signed certificate and returns a PCCERT_CONTEXT representing
// the certificate. A hProv must be specified to build the cert context.
//
// pSubjectIssuerBlob is the DN for the certifcate. If an alternate subject
// name is desired it must be specified as an extension in the pExtensions
// parameter. pSubjectIssuerBlob can NOT be NULL, so minimually an empty DN
// must be specified.
//
// By default:
// pKeyProvInfo - The CSP is queried for the KeyProvInfo parameters. Only the Provider,
// Provider Type and Container is queried. Many CSPs don't support these
// queries and will cause a failure. In such cases the pKeyProvInfo
// must be specified (RSA BASE works fine).
//
// pSignatureAlgorithm - will default to SHA1RSA
// pStartTime will default to the current time
// pEndTime will default to 1 year
// pEntensions will be empty.
//
// The returned PCCERT_CONTEXT will reference the private keys by setting the
// CERT_KEY_PROV_INFO_PROP_ID. However, if this property is not desired specify the
// CERT_CREATE_SELFSIGN_NO_KEY_INFO in dwFlags.
//
// If the cert being built is only a dummy placeholder cert for speed it may not
// need to be signed. Signing of the cert is skipped if CERT_CREATE_SELFSIGN_NO_SIGN
// is specified in dwFlags.
//
//--------------------------------------------------------------------------
function CertCreateSelfSignCertificate(hProv: HCRYPTPROV;
pSubjectIssuerBlob: PCERT_NAME_BLOB; dwFlags: DWORD;
pKeyProvInfo: PCRYPT_KEY_PROV_INFO; pSignatureAlgorithm: PCRYPT_ALGORITHM_IDENTIFIER;
pStartTime, pEndTime: PSYSTEMTIME; pExtensions: PCERT_EXTENSIONS): PCCERT_CONTEXT; stdcall;
{$EXTERNALSYM CertCreateSelfSignCertificate}
const
CERT_CREATE_SELFSIGN_NO_SIGN = 1;
{$EXTERNALSYM CERT_CREATE_SELFSIGN_NO_SIGN}
CERT_CREATE_SELFSIGN_NO_KEY_INFO = 2;
{$EXTERNALSYM CERT_CREATE_SELFSIGN_NO_KEY_INFO}
//+=========================================================================
// Key Identifier Property Data Structures and APIs
//==========================================================================
//+-------------------------------------------------------------------------
// Get the property for the specified Key Identifier.
//
// The Key Identifier is the SHA1 hash of the encoded CERT_PUBLIC_KEY_INFO.
// The Key Identifier for a certificate can be obtained by getting the
// certificate's CERT_KEY_IDENTIFIER_PROP_ID. The
// CryptCreateKeyIdentifierFromCSP API can be called to create the Key
// Identifier from a CSP Public Key Blob.
//
// A Key Identifier can have the same properties as a certificate context.
// CERT_KEY_PROV_INFO_PROP_ID is the property of most interest.
// For CERT_KEY_PROV_INFO_PROP_ID, pvData points to a CRYPT_KEY_PROV_INFO
// structure. Elements pointed to by fields in the pvData structure follow the
// structure. Therefore, *pcbData will exceed the size of the structure.
//
// If CRYPT_KEYID_ALLOC_FLAG is set, then, *pvData is updated with a
// pointer to allocated memory. LocalFree() must be called to free the
// allocated memory.
//
// By default, searches the CurrentUser's list of Key Identifiers.
// CRYPT_KEYID_MACHINE_FLAG can be set to search the LocalMachine's list
// of Key Identifiers. When CRYPT_KEYID_MACHINE_FLAG is set, pwszComputerName
// can also be set to specify the name of a remote computer to be searched
// instead of the local machine.
//--------------------------------------------------------------------------
function CryptGetKeyIdentifierProperty(pKeyIdentifier: PCRYPT_HASH_BLOB;
dwPropId: DWORD; dwFlags: DWORD; pwszComputerName: LPCWSTR; pvReserved: Pointer;
pvData: Pointer; var pcbData: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptGetKeyIdentifierProperty}
// When the following flag is set, searches the LocalMachine instead of the
// CurrentUser. This flag is applicable to all the KeyIdentifierProperty APIs.
const
CRYPT_KEYID_MACHINE_FLAG = $00000020;
{$EXTERNALSYM CRYPT_KEYID_MACHINE_FLAG}
// When the following flag is set, *pvData is updated with a pointer to
// allocated memory. LocalFree() must be called to free the allocated memory.
CRYPT_KEYID_ALLOC_FLAG = $00008000;
{$EXTERNALSYM CRYPT_KEYID_ALLOC_FLAG}
//+-------------------------------------------------------------------------
// Set the property for the specified Key Identifier.
//
// For CERT_KEY_PROV_INFO_PROP_ID pvData points to the
// CRYPT_KEY_PROV_INFO data structure. For all other properties, pvData
// points to a CRYPT_DATA_BLOB.
//
// Setting pvData == NULL, deletes the property.
//
// Set CRYPT_KEYID_MACHINE_FLAG to set the property for a LocalMachine
// Key Identifier. Set pwszComputerName, to select a remote computer.
//
// If CRYPT_KEYID_DELETE_FLAG is set, the Key Identifier and all its
// properties is deleted.
//
// If CRYPT_KEYID_SET_NEW_FLAG is set, the set fails if the property already
// exists. For an existing property, FALSE is returned with LastError set to
// CRYPT_E_EXISTS.
//--------------------------------------------------------------------------
function CryptSetKeyIdentifierProperty(pKeyIdentifier: PCRYPT_HASH_BLOB;
dwPropId: DWORD; dwFlags: DWORD; pwszComputerName: LPCWSTR; pvReserved: Pointer;
pvData: Pointer): BOOL; stdcall;
{$EXTERNALSYM CryptSetKeyIdentifierProperty}
// When the following flag is set, the Key Identifier and all its properties
// are deleted.
const
CRYPT_KEYID_DELETE_FLAG = $00000010;
{$EXTERNALSYM CRYPT_KEYID_DELETE_FLAG}
// When the following flag is set, the set fails if the property already
// exists.
CRYPT_KEYID_SET_NEW_FLAG = $00002000;
{$EXTERNALSYM CRYPT_KEYID_SET_NEW_FLAG}
//+-------------------------------------------------------------------------
// For CERT_KEY_PROV_INFO_PROP_ID, rgppvData[] points to a
// CRYPT_KEY_PROV_INFO.
//
// Return FALSE to stop the enumeration.
//--------------------------------------------------------------------------
type
PFN_CRYPT_ENUM_KEYID_PROP = function (pKeyIdentifier: PCRYPT_HASH_BLOB;
dwFlags: DWORD; pvReserved: Pointer; pvArg: Pointer; cProp: DWORD;
rgdwPropId: LPDWORD; rgpvData: Pointer; rgcbData: LPDWORD): BOOL; stdcall;
{$EXTERNALSYM PFN_CRYPT_ENUM_KEYID_PROP}
PFnCryptEnumKeyIdProp = PFN_CRYPT_ENUM_KEYID_PROP;
//+-------------------------------------------------------------------------
// Enumerate the Key Identifiers.
//
// If pKeyIdentifier is NULL, enumerates all Key Identifers. Otherwise,
// calls the callback for the specified KeyIdentifier. If dwPropId is
// 0, calls the callback with all the properties. Otherwise, only calls
// the callback with the specified property (cProp = 1).
// Furthermore, when dwPropId is specified, skips KeyIdentifiers not
// having the property.
//
// Set CRYPT_KEYID_MACHINE_FLAG to enumerate the LocalMachine
// Key Identifiers. Set pwszComputerName, to enumerate Key Identifiers on
// a remote computer.
//--------------------------------------------------------------------------
function CryptEnumKeyIdentifierProperties(pKeyIdentifier: PCRYPT_HASH_BLOB;
dwPropId: DWORD; dwFlags: DWORD; pwszComputerName: LPCWSTR; pvReserved: Pointer;
pvArg: Pointer; pfnEnum: PFN_CRYPT_ENUM_KEYID_PROP): BOOL; stdcall;
{$EXTERNALSYM CryptEnumKeyIdentifierProperties}
//+-------------------------------------------------------------------------
// Create a KeyIdentifier from the CSP Public Key Blob.
//
// Converts the CSP PUBLICKEYSTRUC into a X.509 CERT_PUBLIC_KEY_INFO and
// encodes. The encoded CERT_PUBLIC_KEY_INFO is SHA1 hashed to obtain
// the Key Identifier.
//
// By default, the pPubKeyStruc->aiKeyAlg is used to find the appropriate
// public key Object Identifier. pszPubKeyOID can be set to override
// the default OID obtained from the aiKeyAlg.
//--------------------------------------------------------------------------
function CryptCreateKeyIdentifierFromCSP(dwCertEncodingType: DWORD;
pszPubKeyOID: LPCSTR; pPubKeyStruc: PPUBLICKEYSTRUC; cbPubKeyStruc: DWORD;
dwFlags: DWORD; pvReserved: Pointer; pbHash: LPBYTE; pcbHash: DWORD): BOOL; stdcall;
{$EXTERNALSYM CryptCreateKeyIdentifierFromCSP}
//+=========================================================================
// Certificate Chaining Infrastructure
//==========================================================================
//
// The chain engine defines the store namespace and cache partitioning for
// the Certificate Chaining infrastructure. A default chain engine
// is defined for the process which uses all default system stores e.g.
// Root, CA, Trust, for chain building and caching. If an application
// wishes to define its own store namespace or have its own partitioned
// cache then it can create its own chain engine. It is advisable to create
// a chain engine at application startup and use it throughout the lifetime
// of the application in order to get optimal caching behavior
//
type
HCERTCHAINENGINE = HANDLE;
{$EXTERNALSYM HCERTCHAINENGINE}
const
HCCE_CURRENT_USER = HCERTCHAINENGINE(0);
{$EXTERNALSYM HCCE_CURRENT_USER}
HCCE_LOCAL_MACHINE = HCERTCHAINENGINE($1);
{$EXTERNALSYM HCCE_LOCAL_MACHINE}
//
// Create a certificate chain engine.
//
//
// Configuration parameters for the certificate chain engine
//
// hRestrictedRoot - restrict the root store (must be a subset of "Root")
//
// hRestrictedTrust - restrict the store for CTLs
//
// hRestrictedOther - restrict the store for certs and CRLs
//
// cAdditionalStore, rghAdditionalStore - additional stores
//
// NOTE: The algorithm used to define the stores for the engine is as
// follows:
//
// hRoot = hRestrictedRoot or System Store "Root"
//
// hTrust = hRestrictedTrust or hWorld (defined later)
//
// hOther = hRestrictedOther or (hRestrictedTrust == NULL) ? hWorld :
// hRestrictedTrust + hWorld
//
// hWorld = hRoot + "CA" + "My" + "Trust" + rghAdditionalStore
//
// dwFlags - flags
//
// CERT_CHAIN_CACHE_END_CERT - information will be cached on
// the end cert as well as the other
// certs in the chain
//
// CERT_CHAIN_THREAD_STORE_SYNC - use separate thread for store syncs
// and related cache updates
//
// CERT_CHAIN_CACHE_ONLY_URL_RETRIEVAL - don't hit the wire to get
// URL based objects
//
// dwUrlRetrievalTimeout - timeout for wire based URL object retrievals
//
const
CERT_CHAIN_CACHE_END_CERT = $00000001;
{$EXTERNALSYM CERT_CHAIN_CACHE_END_CERT}
CERT_CHAIN_THREAD_STORE_SYNC = $00000002;
{$EXTERNALSYM CERT_CHAIN_THREAD_STORE_SYNC}
CERT_CHAIN_CACHE_ONLY_URL_RETRIEVAL = $00000004;
{$EXTERNALSYM CERT_CHAIN_CACHE_ONLY_URL_RETRIEVAL}
CERT_CHAIN_USE_LOCAL_MACHINE_STORE = $00000008;
{$EXTERNALSYM CERT_CHAIN_USE_LOCAL_MACHINE_STORE}
CERT_CHAIN_ENABLE_CACHE_AUTO_UPDATE = $00000010;
{$EXTERNALSYM CERT_CHAIN_ENABLE_CACHE_AUTO_UPDATE}
type
PCERT_CHAIN_ENGINE_CONFIG = ^CERT_CHAIN_ENGINE_CONFIG;
{$EXTERNALSYM PCERT_CHAIN_ENGINE_CONFIG}
_CERT_CHAIN_ENGINE_CONFIG = record
cbSize: DWORD;
hRestrictedRoot: HCERTSTORE;
hRestrictedTrust: HCERTSTORE;
hRestrictedOther: HCERTSTORE;
cAdditionalStore: DWORD;
rghAdditionalStore: PHCERTSTORE;
dwFlags: DWORD;
dwUrlRetrievalTimeout: DWORD;
MaximumCachedCertificates: DWORD;
CycleDetectionModulus: DWORD;
end;
{$EXTERNALSYM _CERT_CHAIN_ENGINE_CONFIG}
CERT_CHAIN_ENGINE_CONFIG = _CERT_CHAIN_ENGINE_CONFIG;
{$EXTERNALSYM CERT_CHAIN_ENGINE_CONFIG}
TCertChainEngineConfig = CERT_CHAIN_ENGINE_CONFIG;
PCertChainEngineConfig = PCERT_CHAIN_ENGINE_CONFIG;
function CertCreateCertificateChainEngine(pConfig: PCERT_CHAIN_ENGINE_CONFIG;
var phChainEngine: HCERTCHAINENGINE): BOOL; stdcall;
{$EXTERNALSYM CertCreateCertificateChainEngine}
//
// Free a certificate trust engine
//
procedure CertFreeCertificateChainEngine(hChainEngine: HCERTCHAINENGINE); stdcall;
{$EXTERNALSYM CertFreeCertificateChainEngine}
//
// Resync the certificate chain engine. This resync's the stores backing
// the engine and updates the engine caches.
//
function CertResyncCertificateChainEngine(hChainEngine: HCERTCHAINENGINE): BOOL; stdcall;
{$EXTERNALSYM CertResyncCertificateChainEngine}
//
// When an application requests a certificate chain, the data structure
// returned is in the form of a CERT_CHAIN_CONTEXT. This contains
// an array of CERT_SIMPLE_CHAIN where each simple chain goes from
// an end cert to a self signed cert and the chain context connects simple
// chains via trust lists. Each simple chain contains the chain of
// certificates, summary trust information about the chain and trust information
// about each certificate element in the chain.
//
//
// Trust status bits
//
type
PCERT_TRUST_STATUS = ^CERT_TRUST_STATUS;
{$EXTERNALSYM PCERT_TRUST_STATUS}
_CERT_TRUST_STATUS = record
dwErrorStatus: DWORD;
dwInfoStatus: DWORD;
end;
{$EXTERNALSYM _CERT_TRUST_STATUS}
CERT_TRUST_STATUS = _CERT_TRUST_STATUS;
{$EXTERNALSYM CERT_TRUST_STATUS}
TCertTrustStatus = CERT_TRUST_STATUS;
PCertTrustStatus = PCERT_TRUST_STATUS;
//
// The following are error status bits
//
// These can be applied to certificates and chains
const
CERT_TRUST_NO_ERROR = $00000000;
{$EXTERNALSYM CERT_TRUST_NO_ERROR}
CERT_TRUST_IS_NOT_TIME_VALID = $00000001;
{$EXTERNALSYM CERT_TRUST_IS_NOT_TIME_VALID}
CERT_TRUST_IS_NOT_TIME_NESTED = $00000002;
{$EXTERNALSYM CERT_TRUST_IS_NOT_TIME_NESTED}
CERT_TRUST_IS_REVOKED = $00000004;
{$EXTERNALSYM CERT_TRUST_IS_REVOKED}
CERT_TRUST_IS_NOT_SIGNATURE_VALID = $00000008;
{$EXTERNALSYM CERT_TRUST_IS_NOT_SIGNATURE_VALID}
CERT_TRUST_IS_NOT_VALID_FOR_USAGE = $00000010;
{$EXTERNALSYM CERT_TRUST_IS_NOT_VALID_FOR_USAGE}
CERT_TRUST_IS_UNTRUSTED_ROOT = $00000020;
{$EXTERNALSYM CERT_TRUST_IS_UNTRUSTED_ROOT}
CERT_TRUST_REVOCATION_STATUS_UNKNOWN = $00000040;
{$EXTERNALSYM CERT_TRUST_REVOCATION_STATUS_UNKNOWN}
CERT_TRUST_IS_CYCLIC = $00000080;
{$EXTERNALSYM CERT_TRUST_IS_CYCLIC}
// These can be applied to chains only
CERT_TRUST_IS_PARTIAL_CHAIN = $00010000;
{$EXTERNALSYM CERT_TRUST_IS_PARTIAL_CHAIN}
CERT_TRUST_CTL_IS_NOT_TIME_VALID = $00020000;
{$EXTERNALSYM CERT_TRUST_CTL_IS_NOT_TIME_VALID}
CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID = $00040000;
{$EXTERNALSYM CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID}
CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE = $00080000;
{$EXTERNALSYM CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE}
//
// The following are info status bits
//
// These can be applied to certificates only
CERT_TRUST_HAS_EXACT_MATCH_ISSUER = $00000001;
{$EXTERNALSYM CERT_TRUST_HAS_EXACT_MATCH_ISSUER}
CERT_TRUST_HAS_KEY_MATCH_ISSUER = $00000002;
{$EXTERNALSYM CERT_TRUST_HAS_KEY_MATCH_ISSUER}
CERT_TRUST_HAS_NAME_MATCH_ISSUER = $00000004;
{$EXTERNALSYM CERT_TRUST_HAS_NAME_MATCH_ISSUER}
CERT_TRUST_IS_SELF_SIGNED = $00000008;
{$EXTERNALSYM CERT_TRUST_IS_SELF_SIGNED}
// These can be applied to chains only
CERT_TRUST_IS_COMPLEX_CHAIN = $00010000;
{$EXTERNALSYM CERT_TRUST_IS_COMPLEX_CHAIN}
//
// Each certificate context in a simple chain has a corresponding chain element
// in the simple chain context
//
// dwErrorStatus has CERT_TRUST_IS_REVOKED, pRevocationInfo set
// dwErrorStatus has CERT_TRUST_REVOCATION_STATUS_UNKNOWN, pRevocationInfo set
//
// BUGBUG: Note that the post processing revocation supported in the first
// version only sets cbSize and dwRevocationResult. Everything else
// is NULL
//
//
// Revocation Information
//
type
PCERT_REVOCATION_INFO = ^CERT_REVOCATION_INFO;
{$EXTERNALSYM PCERT_REVOCATION_INFO}
_CERT_REVOCATION_INFO = record
cbSize: DWORD;
dwRevocationResult: DWORD;
pszRevocationOid: LPCSTR;
pvOidSpecificInfo: LPVOID;
end;
{$EXTERNALSYM _CERT_REVOCATION_INFO}
CERT_REVOCATION_INFO = _CERT_REVOCATION_INFO;
{$EXTERNALSYM CERT_REVOCATION_INFO}
TCertRevocationInfo = CERT_REVOCATION_INFO;
PCertRevocationInfo = PCERT_REVOCATION_INFO;
//
// Trust List Information
//
PCERT_TRUST_LIST_INFO = ^CERT_TRUST_LIST_INFO;
{$EXTERNALSYM PCERT_TRUST_LIST_INFO}
_CERT_TRUST_LIST_INFO = record
cbSize: DWORD;
pCtlEntry: PCTL_ENTRY;
pCtlContext: PCCTL_CONTEXT;
end;
{$EXTERNALSYM _CERT_TRUST_LIST_INFO}
CERT_TRUST_LIST_INFO = _CERT_TRUST_LIST_INFO;
{$EXTERNALSYM CERT_TRUST_LIST_INFO}
TCertTrustListInfo = CERT_TRUST_LIST_INFO;
PCertTrustListInfo = PCERT_TRUST_LIST_INFO;
//
// Chain Element
//
PCERT_CHAIN_ELEMENT = ^CERT_CHAIN_ELEMENT;
{$EXTERNALSYM PCERT_CHAIN_ELEMENT}
_CERT_CHAIN_ELEMENT = record
cbSize: DWORD;
pCertContext: PCCERT_CONTEXT;
TrustStatus: CERT_TRUST_STATUS;
pRevocationInfo: PCERT_REVOCATION_INFO;
end;
{$EXTERNALSYM _CERT_CHAIN_ELEMENT}
CERT_CHAIN_ELEMENT = _CERT_CHAIN_ELEMENT;
{$EXTERNALSYM CERT_CHAIN_ELEMENT}
TCertChainElement = CERT_CHAIN_ELEMENT;
PCertChainElement = PCERT_CHAIN_ELEMENT;
//
// The simple chain is an array of chain elements and a summary trust status
// for the chain
//
// rgpElements[0] is the end certificate chain element
//
// rgpElements[cElement-1] is the self-signed "root" certificate chain element
//
PCERT_SIMPLE_CHAIN = ^CERT_SIMPLE_CHAIN;
{$EXTERNALSYM PCERT_SIMPLE_CHAIN}
_CERT_SIMPLE_CHAIN = record
cbSize: DWORD;
TrustStatus: CERT_TRUST_STATUS;
cElement: DWORD;
rgpElement: PCERT_CHAIN_ELEMENT;
pTrustListInfo: PCERT_TRUST_LIST_INFO;
end;
{$EXTERNALSYM _CERT_SIMPLE_CHAIN}
CERT_SIMPLE_CHAIN = _CERT_SIMPLE_CHAIN;
{$EXTERNALSYM CERT_SIMPLE_CHAIN}
TCertSimpleChain = CERT_SIMPLE_CHAIN;
PCertSimpleChain = PCERT_SIMPLE_CHAIN;
//
// And the chain context contains an array of simple chains and summary trust
// status for all the connected simple chains
//
// rgpChains[0] is the end certificate simple chain
//
// rgpChains[cChain-1] is the final (possibly trust list signer) chain which
// ends in a certificate which is contained in the root store
//
PCERT_CHAIN_CONTEXT = ^CERT_CHAIN_CONTEXT;
{$EXTERNALSYM PCERT_CHAIN_CONTEXT}
_CERT_CHAIN_CONTEXT = record
cbSize: DWORD;
TrustStatus: CERT_TRUST_STATUS;
cChain: DWORD;
rgpChain: PCERT_SIMPLE_CHAIN;
end;
{$EXTERNALSYM _CERT_CHAIN_CONTEXT}
CERT_CHAIN_CONTEXT = _CERT_CHAIN_CONTEXT;
{$EXTERNALSYM CERT_CHAIN_CONTEXT}
TCertChainContext = CERT_CHAIN_CONTEXT;
PCertChainContext = PCERT_CHAIN_CONTEXT;
PCCERT_CHAIN_CONTEXT = ^CERT_CHAIN_CONTEXT;
{$EXTERNALSYM PCCERT_CHAIN_CONTEXT}
PPCCERT_CHAIN_CONTEXT = ^PCERT_CHAIN_CONTEXT;
{$NODEFINE PPCCERT_CHAIN_CONTEXT}
//
// When building a chain, the there are various parameters used for finding
// issuing certificates and trust lists. They are identified in the
// following structure
//
// Default usage match type is AND with value zero
const
USAGE_MATCH_TYPE_AND = $00000000;
{$EXTERNALSYM USAGE_MATCH_TYPE_AND}
USAGE_MATCH_TYPE_OR = $00000001;
{$EXTERNALSYM USAGE_MATCH_TYPE_OR}
type
PCERT_USAGE_MATCH = ^CERT_USAGE_MATCH;
{$EXTERNALSYM PCERT_USAGE_MATCH}
_CERT_USAGE_MATCH = record
dwType: DWORD;
Usage: CERT_ENHKEY_USAGE;
end;
{$EXTERNALSYM _CERT_USAGE_MATCH}
CERT_USAGE_MATCH = _CERT_USAGE_MATCH;
{$EXTERNALSYM CERT_USAGE_MATCH}
TCertUsageMatch = CERT_USAGE_MATCH;
PCertUsageMatch = PCERT_USAGE_MATCH;
PCTL_USAGE_MATCH = ^CTL_USAGE_MATCH;
{$EXTERNALSYM PCTL_USAGE_MATCH}
_CTL_USAGE_MATCH = record
dwType: DWORD;
Usage: CTL_USAGE;
end;
{$EXTERNALSYM _CTL_USAGE_MATCH}
CTL_USAGE_MATCH = _CTL_USAGE_MATCH;
{$EXTERNALSYM CTL_USAGE_MATCH}
TCtlUsageMatch = CTL_USAGE_MATCH;
PCtlUsageMatch = PCTL_USAGE_MATCH;
PCERT_CHAIN_PARA = ^CERT_CHAIN_PARA;
{$EXTERNALSYM PCERT_CHAIN_PARA}
_CERT_CHAIN_PARA = record
cbSize: DWORD;
RequestedUsage: CERT_USAGE_MATCH;
end;
{$EXTERNALSYM _CERT_CHAIN_PARA}
CERT_CHAIN_PARA = _CERT_CHAIN_PARA;
{$EXTERNALSYM CERT_CHAIN_PARA}
TCertChainPara = CERT_CHAIN_PARA;
PCertChainPara = PCERT_CHAIN_PARA;
//
// The following API is used for retrieving certificate chains
//
// Parameters:
//
// hChainEngine - the chain engine (namespace and cache) to use, NULL
// mean use the default chain engine
//
// pCertContext - the context we are retrieving the chain for, it
// will be the zero index element in the chain
//
// pTime - the point in time that we want the chain validated
// for. Note that the time does not affect trust list,
// revocation, or root store checking. NULL means use
// the current system time
//
// hAdditionalStore - additional store to use when looking up objects
//
// pChainPara - parameters for chain building
//
// dwFlags - flags such as should revocation checking be done
// on the chain?
//
// pvReserved - reserved parameter, must be NULL
//
// ppChainContext - chain context returned
//
// CERT_CHAIN_CACHE_END_CERT can be used here as well
// Revocation flags are in the high nibble
const
CERT_CHAIN_REVOCATION_CHECK_END_CERT = $10000000;
{$EXTERNALSYM CERT_CHAIN_REVOCATION_CHECK_END_CERT}
CERT_CHAIN_REVOCATION_CHECK_CHAIN = $20000000;
{$EXTERNALSYM CERT_CHAIN_REVOCATION_CHECK_CHAIN}
CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT = $40000000;
{$EXTERNALSYM CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT}
CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY = DWORD($80000000);
{$EXTERNALSYM CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY}
function CertGetCertificateChain(hChainEngine: HCERTCHAINENGINE;
pCertContext: PCCERT_CONTEXT; pTime: LPFILETIME; hAdditionalStore: HCERTSTORE;
pChainPara: PCERT_CHAIN_PARA; dwFlags: DWORD; pvReserved: LPVOID;
ppChainContext: PPCCERT_CHAIN_CONTEXT): BOOL; stdcall;
{$EXTERNALSYM CertGetCertificateChain}
//
// Free a certificate chain
//
procedure CertFreeCertificateChain(pChainContext: PCCERT_CHAIN_CONTEXT); stdcall;
{$EXTERNALSYM CertFreeCertificateChain}
//
// Duplicate (add a reference to) a certificate chain
//
function CertDuplicateCertificateChain(pChainContext: PCCERT_CHAIN_CONTEXT): PCCERT_CHAIN_CONTEXT; stdcall;
{$EXTERNALSYM CertDuplicateCertificateChain}
//
// Specific Revocation Type OID and structure definitions
//
//
// CRL Revocation OID
//
const
REVOCATION_OID_CRL_REVOCATION = LPCSTR(1);
{$EXTERNALSYM REVOCATION_OID_CRL_REVOCATION}
//
// For the CRL revocation OID the pvRevocationPara is NULL
//
//
// CRL Revocation Info
//
type
PCRL_REVOCATION_INFO = ^CRL_REVOCATION_INFO;
{$EXTERNALSYM PCRL_REVOCATION_INFO}
_CRL_REVOCATION_INFO = record
pCrlEntry: PCRL_ENTRY;
pCrlContext: PCCRL_CONTEXT;
pCrlIssuerChain: PCCERT_CHAIN_CONTEXT;
end;
{$EXTERNALSYM _CRL_REVOCATION_INFO}
CRL_REVOCATION_INFO = _CRL_REVOCATION_INFO;
{$EXTERNALSYM CRL_REVOCATION_INFO}
TCrlRevocationInfo = CRL_REVOCATION_INFO;
PCrlRevocationInfo = PCRL_REVOCATION_INFO;
//+-------------------------------------------------------------------------
// Find the first or next certificate chain context in the store.
//
// The chain context is found according to the dwFindFlags, dwFindType and
// its pvFindPara. See below for a list of the find types and its parameters.
//
// If the first or next chain context isn't found, NULL is returned.
// Otherwise, a pointer to a read only CERT_CHAIN_CONTEXT is returned.
// CERT_CHAIN_CONTEXT must be freed by calling CertFreeCertificateChain
// or is freed when passed as the
// pPrevChainContext on a subsequent call. CertDuplicateCertificateChain
// can be called to make a duplicate.
//
// pPrevChainContext MUST BE NULL on the first
// call to find the chain context. To find the next chain context, the
// pPrevChainContext is set to the CERT_CHAIN_CONTEXT returned by a previous
// call.
//
// NOTE: a NON-NULL pPrevChainContext is always CertFreeCertificateChain'ed by
// this function, even for an error.
//--------------------------------------------------------------------------
function CertFindChainInStore(hCertStore: HCERTSTORE; dwCertEncodingType: DWORD;
dwFindFlags: DWORD; dwFindType: DWORD; pvFindPara: Pointer;
pPrevChainContext: PCCERT_CHAIN_CONTEXT): PCCERT_CHAIN_CONTEXT; stdcall;
{$EXTERNALSYM CertFindChainInStore}
const
CERT_CHAIN_FIND_BY_ISSUER = 1;
{$EXTERNALSYM CERT_CHAIN_FIND_BY_ISSUER}
//+-------------------------------------------------------------------------
// CERT_CHAIN_FIND_BY_ISSUER
//
// Find a certificate chain having a private key for the end certificate and
// matching one of the given issuer names. A matching dwKeySpec and
// enhanced key usage can also be specified. Additionally a callback can
// be provided for even more caller provided filtering before building the
// chain.
//
// By default, only the issuers in the first simple chain are compared
// for a name match. CERT_CHAIN_FIND_BY_ISSUER_COMPLEX_CHAIN_FLAG can
// be set in dwFindFlags to match issuers in all the simple chains.
//
// CERT_CHAIN_FIND_BY_ISSUER_NO_KEY_FLAG can be set in dwFindFlags to
// not check if the end certificate has a private key.
//
// CERT_CHAIN_FIND_BY_ISSUER_COMPARE_KEY_FLAG can be set in dwFindFlags
// to compare the public key in the end certificate with the crypto
// provider's public key. The dwAcquirePrivateKeyFlags can be set
// in CERT_CHAIN_FIND_BY_ISSUER_PARA to enable caching of the private key's
// HKEY returned by the CSP.
//
// If dwCertEncodingType == 0, defaults to X509_ASN_ENCODING for the
// array of encoded issuer names.
//
// By default, the hCertStore passed to CertFindChainInStore, is passed
// as an additional store to CertGetCertificateChain.
// CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG can be set in dwFindFlags
// to improve performance by only searching the cached system stores
// (root, my, ca, trust) to find the issuer certificates. If you are doing
// a find in the "my" system store, than, this flag should be set to
// improve performance.
//
// Setting CERT_CHAIN_FIND_BY_ISSUER_LOCAL_MACHINE_FLAG in dwFindFlags
// restricts CertGetCertificateChain to search the Local Machine
// cached system stores instead of the Current User's.
//
// Setting CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG in dwFindFlags
// restricts CertGetCertificateChain to only search the URL cache
// and not hit the wire.
//--------------------------------------------------------------------------
// Returns FALSE to skip this certificate. Otherwise, returns TRUE to
// build a chain for this certificate.
type
PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK = function (pCert: PCCERT_CONTEXT;
pvFindArg: Pointer): BOOL; stdcall;
{$EXTERNALSYM PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK}
PFnCertChainFindByIssuerCallback = PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK;
PCERT_CHAIN_FIND_BY_ISSUER_PARA = ^CERT_CHAIN_FIND_BY_ISSUER_PARA;
{$EXTERNALSYM PCERT_CHAIN_FIND_BY_ISSUER_PARA}
_CERT_CHAIN_FIND_BY_ISSUER_PARA = record
cbSize: DWORD;
// If pszUsageIdentifier == NULL, matches any usage.
pszUsageIdentifier: LPCSTR;
// If dwKeySpec == 0, matches any KeySpec
dwKeySpec: DWORD;
// When CERT_CHAIN_FIND_BY_ISSUER_COMPARE_KEY_FLAG is set in dwFindFlags,
// CryptAcquireCertificatePrivateKey is called to do the public key
// comparison. The following flags can be set to enable caching
// of the acquired private key. See the API for more details on these
// flags.
dwAcquirePrivateKeyFlags: DWORD;
// Pointer to an array of X509, ASN.1 encoded issuer name blobs. If
// cIssuer == 0, matches any issuer
cIssuer: DWORD;
rgIssuer: PCERT_NAME_BLOB;
// If NULL or Callback returns TRUE, builds the chain for the end
// certificate having a private key with the specified KeySpec and
// enhanced key usage.
pfnFindCallback: PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK;
pvFindArg: Pointer;
end;
{$EXTERNALSYM _CERT_CHAIN_FIND_BY_ISSUER_PARA}
CERT_CHAIN_FIND_BY_ISSUER_PARA = _CERT_CHAIN_FIND_BY_ISSUER_PARA;
{$EXTERNALSYM CERT_CHAIN_FIND_BY_ISSUER_PARA}
TCertChainFindByIssuerPara = CERT_CHAIN_FIND_BY_ISSUER_PARA;
PCertChainFindByIssuerPara = PCERT_CHAIN_FIND_BY_ISSUER_PARA;
// The following dwFindFlags can be set for CERT_CHAIN_FIND_BY_ISSUER
// If set, compares the public key in the end certificate with the crypto
// provider's public key. This comparison is the last check made on the
// build chain.
const
CERT_CHAIN_FIND_BY_ISSUER_COMPARE_KEY_FLAG = $0001;
{$EXTERNALSYM CERT_CHAIN_FIND_BY_ISSUER_COMPARE_KEY_FLAG}
// If not set, only checks the first simple chain for an issuer name match.
// When set, also checks second and subsequent simple chains.
CERT_CHAIN_FIND_BY_ISSUER_COMPLEX_CHAIN_FLAG = $0002;
{$EXTERNALSYM CERT_CHAIN_FIND_BY_ISSUER_COMPLEX_CHAIN_FLAG}
// If set, CertGetCertificateChain only searches the URL cache and
// doesn't hit the wire.
CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG = $0004;
{$EXTERNALSYM CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG}
// If set, CertGetCertificateChain only opens the Local Machine
// certificate stores instead of the Current User's.
CERT_CHAIN_FIND_BY_ISSUER_LOCAL_MACHINE_FLAG = $0008;
{$EXTERNALSYM CERT_CHAIN_FIND_BY_ISSUER_LOCAL_MACHINE_FLAG}
// If set, no check is made to see if the end certificate has a private
// key associated with it.
CERT_CHAIN_FIND_BY_ISSUER_NO_KEY_FLAG = $4000;
{$EXTERNALSYM CERT_CHAIN_FIND_BY_ISSUER_NO_KEY_FLAG}
// By default, the hCertStore passed to CertFindChainInStore, is passed
// as the additional store to CertGetCertificateChain. This flag can be
// set to improve performance by only searching the cached system stores
// (root, my, ca, trust) to find the issuer certificates. If not set, then,
// the hCertStore is always searched in addition to the cached system
// stores.
CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG = $8000;
{$EXTERNALSYM CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG}
//+=========================================================================
// Certificate Chain Policy Data Structures and APIs
//==========================================================================
type
PCERT_CHAIN_POLICY_PARA = ^CERT_CHAIN_POLICY_PARA;
{$EXTERNALSYM PCERT_CHAIN_POLICY_PARA}
_CERT_CHAIN_POLICY_PARA = record
cbSize: DWORD;
dwFlags: DWORD;
pvExtraPolicyPara: Pointer; // pszPolicyOID specific
end;
{$EXTERNALSYM _CERT_CHAIN_POLICY_PARA}
CERT_CHAIN_POLICY_PARA = _CERT_CHAIN_POLICY_PARA;
{$EXTERNALSYM CERT_CHAIN_POLICY_PARA}
TCertChainPolicyPara = CERT_CHAIN_POLICY_PARA;
PCertChainPolicyPara = PCERT_CHAIN_POLICY_PARA;
// If both lChainIndex and lElementIndex are set to -1, the dwError applies
// to the whole chain context. If only lElementIndex is set to -1, the
// dwError applies to the lChainIndex'ed chain. Otherwise, the dwError applies
// to the certificate element at
// pChainContext->rgpChain[lChainIndex]->rgpElement[lElementIndex].
PCERT_CHAIN_POLICY_STATUS = ^CERT_CHAIN_POLICY_STATUS;
{$EXTERNALSYM PCERT_CHAIN_POLICY_STATUS}
_CERT_CHAIN_POLICY_STATUS = record
cbSize: DWORD;
dwError: DWORD;
lChainIndex: LONG;
lElementIndex: LONG;
pvExtraPolicyStatus: Pointer; // pszPolicyOID specific
end;
{$EXTERNALSYM _CERT_CHAIN_POLICY_STATUS}
CERT_CHAIN_POLICY_STATUS = _CERT_CHAIN_POLICY_STATUS;
{$EXTERNALSYM CERT_CHAIN_POLICY_STATUS}
TCertChainPolicyStatus = CERT_CHAIN_POLICY_STATUS;
PCertChainPolicyStatus = PCERT_CHAIN_POLICY_STATUS;
// Common chain policy flags
const
CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG = $00000001;
{$EXTERNALSYM CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG}
CERT_CHAIN_POLICY_IGNORE_CTL_NOT_TIME_VALID_FLAG = $00000002;
{$EXTERNALSYM CERT_CHAIN_POLICY_IGNORE_CTL_NOT_TIME_VALID_FLAG}
CERT_CHAIN_POLICY_IGNORE_NOT_TIME_NESTED_FLAG = $00000004;
{$EXTERNALSYM CERT_CHAIN_POLICY_IGNORE_NOT_TIME_NESTED_FLAG}
CERT_CHAIN_POLICY_IGNORE_ALL_NOT_TIME_VALID_FLAGS = (
CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG or
CERT_CHAIN_POLICY_IGNORE_CTL_NOT_TIME_VALID_FLAG or
CERT_CHAIN_POLICY_IGNORE_NOT_TIME_NESTED_FLAG);
{$EXTERNALSYM CERT_CHAIN_POLICY_IGNORE_ALL_NOT_TIME_VALID_FLAGS}
CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG = $00000010;
{$EXTERNALSYM CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG}
CERT_CHAIN_POLICY_IGNORE_WRONG_USAGE_FLAG = $00000020;
{$EXTERNALSYM CERT_CHAIN_POLICY_IGNORE_WRONG_USAGE_FLAG}
CERT_CHAIN_POLICY_IGNORE_END_REV_UNKNOWN_FLAG = $00000100;
{$EXTERNALSYM CERT_CHAIN_POLICY_IGNORE_END_REV_UNKNOWN_FLAG}
CERT_CHAIN_POLICY_IGNORE_CTL_SIGNER_REV_UNKNOWN_FLAG = $00000200;
{$EXTERNALSYM CERT_CHAIN_POLICY_IGNORE_CTL_SIGNER_REV_UNKNOWN_FLAG}
CERT_CHAIN_POLICY_IGNORE_CA_REV_UNKNOWN_FLAG = $00000400;
{$EXTERNALSYM CERT_CHAIN_POLICY_IGNORE_CA_REV_UNKNOWN_FLAG}
CERT_CHAIN_POLICY_IGNORE_ROOT_REV_UNKNOWN_FLAG = $00000800;
{$EXTERNALSYM CERT_CHAIN_POLICY_IGNORE_ROOT_REV_UNKNOWN_FLAG}
CERT_CHAIN_POLICY_IGNORE_ALL_REV_UNKNOWN_FLAGS = (
CERT_CHAIN_POLICY_IGNORE_END_REV_UNKNOWN_FLAG or
CERT_CHAIN_POLICY_IGNORE_CTL_SIGNER_REV_UNKNOWN_FLAG or
CERT_CHAIN_POLICY_IGNORE_CA_REV_UNKNOWN_FLAG or
CERT_CHAIN_POLICY_IGNORE_ROOT_REV_UNKNOWN_FLAG);
{$EXTERNALSYM CERT_CHAIN_POLICY_IGNORE_ALL_REV_UNKNOWN_FLAGS}
CERT_CHAIN_POLICY_ALLOW_TESTROOT_FLAG = $00008000;
{$EXTERNALSYM CERT_CHAIN_POLICY_ALLOW_TESTROOT_FLAG}
CERT_CHAIN_POLICY_TRUST_TESTROOT_FLAG = $00004000;
{$EXTERNALSYM CERT_CHAIN_POLICY_TRUST_TESTROOT_FLAG}
//+-------------------------------------------------------------------------
// Verify that the certificate chain satisfies the specified policy
// requirements. If we were able to verify the chain policy, TRUE is returned
// and the dwError field of the pPolicyStatus is updated. A dwError of 0
// (ERROR_SUCCESS, S_OK) indicates the chain satisfies the specified policy.
//
// If dwError applies to the entire chain context, both lChainIndex and
// lElementIndex are set to -1. If dwError applies to a simple chain,
// lElementIndex is set to -1 and lChainIndex is set to the index of the
// first offending chain having the error. If dwError applies to a
// certificate element, lChainIndex and lElementIndex are updated to
// index the first offending certificate having the error, where, the
// the certificate element is at:
// pChainContext->rgpChain[lChainIndex]->rgpElement[lElementIndex].
//
// The dwFlags in pPolicyPara can be set to change the default policy checking
// behaviour. In addition, policy specific parameters can be passed in
// the pvExtraPolicyPara field of pPolicyPara.
//
// In addition to returning dwError, in pPolicyStatus, policy OID specific
// extra status may be returned via pvExtraPolicyStatus.
//--------------------------------------------------------------------------
function CertVerifyCertificateChainPolicy(pszPolicyOID: LPCSTR;
pChainContext: PCCERT_CHAIN_CONTEXT; pPolicyPara: PCERT_CHAIN_POLICY_PARA;
pPolicyStatus: PCERT_CHAIN_POLICY_STATUS): BOOL; stdcall;
{$EXTERNALSYM CertVerifyCertificateChainPolicy}
// Predefined OID Function Names
const
CRYPT_OID_VERIFY_CERTIFICATE_CHAIN_POLICY_FUNC = 'CertDllVerifyCertificateChainPolicy';
{$EXTERNALSYM CRYPT_OID_VERIFY_CERTIFICATE_CHAIN_POLICY_FUNC}
// CertDllVerifyCertificateChainPolicy has same function signature as
// CertVerifyCertificateChainPolicy.
//+-------------------------------------------------------------------------
// Predefined verify chain policies
//--------------------------------------------------------------------------
CERT_CHAIN_POLICY_BASE = LPCSTR(1);
{$EXTERNALSYM CERT_CHAIN_POLICY_BASE}
CERT_CHAIN_POLICY_AUTHENTICODE = LPCSTR(2);
{$EXTERNALSYM CERT_CHAIN_POLICY_AUTHENTICODE}
CERT_CHAIN_POLICY_AUTHENTICODE_TS = LPCSTR(3);
{$EXTERNALSYM CERT_CHAIN_POLICY_AUTHENTICODE_TS}
CERT_CHAIN_POLICY_SSL = LPCSTR(4);
{$EXTERNALSYM CERT_CHAIN_POLICY_SSL}
CERT_CHAIN_POLICY_BASIC_CONSTRAINTS = LPCSTR(5);
{$EXTERNALSYM CERT_CHAIN_POLICY_BASIC_CONSTRAINTS}
CERT_CHAIN_POLICY_NT_AUTH = LPCSTR(6);
{$EXTERNALSYM CERT_CHAIN_POLICY_NT_AUTH}
//+-------------------------------------------------------------------------
// CERT_CHAIN_POLICY_BASE
//
// Implements the base chain policy verification checks. dwFlags can
// be set in pPolicyPara to alter the default policy checking behaviour.
//--------------------------------------------------------------------------
//+-------------------------------------------------------------------------
// CERT_CHAIN_POLICY_AUTHENTICODE
//
// Implements the Authenticode chain policy verification checks.
//
// pvExtraPolicyPara may optionally be set to point to the following
// AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA.
//
// pvExtraPolicyStatus may optionally be set to point to the following
// AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS.
//--------------------------------------------------------------------------
// dwRegPolicySettings are defined in wintrust.h
type
PAUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA = ^AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA;
{$EXTERNALSYM PAUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA}
_AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA = record
cbSize: DWORD;
dwRegPolicySettings: DWORD;
pSignerInfo: PCMSG_SIGNER_INFO; // optional
end;
{$EXTERNALSYM _AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA}
AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA = _AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA;
{$EXTERNALSYM AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA}
TAuthenticodeExtraCertChainPolicyPara = AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA;
PAuthenticodeExtraCertChainPolicyPara = PAUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA;
PAUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS = ^AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS;
{$EXTERNALSYM PAUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS}
_AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS = record
cbSize: DWORD;
fCommercial: BOOL; // obtained from signer statement
end;
{$EXTERNALSYM _AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS}
AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS = _AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS;
{$EXTERNALSYM AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS}
TAuthenticodeExtraCertChainPolicyStatus = AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS;
PAuthenticodeExtraCertChainPolicyStatus = PAUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS;
//+-------------------------------------------------------------------------
// CERT_CHAIN_POLICY_AUTHENTICODE_TS
//
// Implements the Authenticode Time Stamp chain policy verification checks.
//
// pvExtraPolicyPara may optionally be set to point to the following
// AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA.
//
// pvExtraPolicyStatus isn't used and must be set to NULL.
//--------------------------------------------------------------------------
// dwRegPolicySettings are defined in wintrust.h
PAUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA = ^AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA;
{$EXTERNALSYM PAUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA}
_AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA = record
cbSize: DWORD;
dwRegPolicySettings: DWORD;
fCommercial: BOOL;
end;
{$EXTERNALSYM _AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA}
AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA = _AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA;
{$EXTERNALSYM AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA}
TAuthenticodeTsExtraCertChainPolicyPara = AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA;
PAuthenticodeTsExtraCertChainPolicyPara = PAUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA;
//+-------------------------------------------------------------------------
// CERT_CHAIN_POLICY_SSL
//
// Implements the SSL client/server chain policy verification checks.
//
// pvExtraPolicyPara may optionally be set to point to the following
// SSL_EXTRA_CERT_CHAIN_POLICY_PARA data structure
//--------------------------------------------------------------------------
// fdwChecks flags are defined in wininet.h
const
AUTHTYPE_CLIENT = 1;
{$EXTERNALSYM AUTHTYPE_CLIENT}
AUTHTYPE_SERVER = 2;
{$EXTERNALSYM AUTHTYPE_SERVER}
type
PHTTPSPolicyCallbackData = ^HTTPSPolicyCallbackData;
{$EXTERNALSYM PHTTPSPolicyCallbackData}
_HTTPSPolicyCallbackData = record
//union {
//cbStruct: DWORD; // sizeof(HTTPSPolicyCallbackData);
cbSize: DWORD; // sizeof(HTTPSPolicyCallbackData);
//};
dwAuthType: DWORD;
fdwChecks: DWORD;
pwszServerName: PWCHAR; // used to check against CN=xxxx
end;
{$EXTERNALSYM _HTTPSPolicyCallbackData}
HTTPSPolicyCallbackData = _HTTPSPolicyCallbackData;
{$EXTERNALSYM HTTPSPolicyCallbackData}
THttpsPolicyCallbackData = HTTPSPolicyCallbackData;
SSL_EXTRA_CERT_CHAIN_POLICY_PARA = HTTPSPolicyCallbackData;
{$EXTERNALSYM SSL_EXTRA_CERT_CHAIN_POLICY_PARA}
PSSL_EXTRA_CERT_CHAIN_POLICY_PARA = PHTTPSPolicyCallbackData;
{$EXTERNALSYM PSSL_EXTRA_CERT_CHAIN_POLICY_PARA}
TSSLExtraCertChainPolicyPara = SSL_EXTRA_CERT_CHAIN_POLICY_PARA;
PSSLExtraCertChainPolicyPara = PSSL_EXTRA_CERT_CHAIN_POLICY_PARA;
//+-------------------------------------------------------------------------
// CERT_CHAIN_POLICY_BASIC_CONSTRAINTS
//
// Implements the basic constraints chain policy.
//
// Iterates through all the certificates in the chain checking for either
// a szOID_BASIC_CONSTRAINTS or a szOID_BASIC_CONSTRAINTS2 extension. If
// neither extension is present, the certificate is assumed to have
// valid policy. Otherwise, for the first certificate element, checks if
// it matches the expected CA_FLAG or END_ENTITY_FLAG specified in
// pPolicyPara->dwFlags. If neither or both flags are set, then, the first
// element can be either a CA or END_ENTITY. All other elements must be
// a CA. If the PathLenConstraint is present in the extension, its
// checked.
//
// The first elements in the remaining simple chains (ie, the certificate
// used to sign the CTL) are checked to be an END_ENTITY.
//
// If this verification fails, dwError will be set to
// TRUST_E_BASIC_CONSTRAINTS.
//--------------------------------------------------------------------------
const
BASIC_CONSTRAINTS_CERT_CHAIN_POLICY_CA_FLAG = DWORD($80000000);
{$EXTERNALSYM BASIC_CONSTRAINTS_CERT_CHAIN_POLICY_CA_FLAG}
BASIC_CONSTRAINTS_CERT_CHAIN_POLICY_END_ENTITY_FLAG = $40000000;
{$EXTERNALSYM BASIC_CONSTRAINTS_CERT_CHAIN_POLICY_END_ENTITY_FLAG}
//+-------------------------------------------------------------------------
// CERT_CHAIN_POLICY_NT_AUTH
//
// Implements the NT Authentication chain policy.
//
// The NT Authentication chain policy consists of 3 distinct chain
// verifications in the following order:
// [1] CERT_CHAIN_POLICY_BASE - Implements the base chain policy
// verification checks. The LOWORD of dwFlags can be set in
// pPolicyPara to alter the default policy checking behaviour. See
// CERT_CHAIN_POLICY_BASE for more details.
//
// [2] CERT_CHAIN_POLICY_BASIC_CONSTRAINTS - Implements the basic
// constraints chain policy. The HIWORD of dwFlags can be set
// to specify if the first element must be either a CA or END_ENTITY.
// See CERT_CHAIN_POLICY_BASIC_CONSTRAINTS for more details.
//
// [3] Checks if the second element in the chain, the CA that issued
// the end certificate, is a trusted CA for NT
// Authentication. A CA is considered to be trusted if it exists in
// the "NTAuth" system registry store found in the
// CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE store location.
// If this verification fails, whereby the CA isn't trusted,
// dwError is set to CERT_E_UNTRUSTEDCA.
//--------------------------------------------------------------------------
implementation
function GET_ALG_CLASS(x: DWORD): DWORD;
begin
Result := (x and (7 shl 13));
end;
function GET_ALG_TYPE(x: DWORD): DWORD;
begin
Result := (x and (15 shl 9));
end;
function GET_ALG_SID(x: DWORD): DWORD;
begin
Result := x and 511;
end;
function RCRYPT_SUCCEEDED(rt: BOOL): BOOL;
begin
Result := (rt = CRYPT_SUCCEED);
end;
function RCRYPT_FAILED(rt: BOOL): BOOL;
begin
Result := (rt = CRYPT_FAILED)
end;
function IS_CERT_RDN_CHAR_STRING(X: DWORD): Boolean;
begin
Result := (X and CERT_RDN_TYPE_MASK) >= CERT_RDN_NUMERIC_STRING;
end;
function GET_CERT_ENCODING_TYPE(X: DWORD): DWORD;
begin
Result := X and CERT_ENCODING_TYPE_MASK;
end;
function GET_CMSG_ENCODING_TYPE(X: DWORD): DWORD;
begin
Result := X and CMSG_ENCODING_TYPE_MASK;
end;
function GET_CERT_UNICODE_RDN_ERR_INDEX(X: DWORD): DWORD;
begin
Result := (X shr CERT_UNICODE_RDN_ERR_INDEX_SHIFT) and CERT_UNICODE_RDN_ERR_INDEX_MASK;
end;
function GET_CERT_UNICODE_ATTR_ERR_INDEX(X: DWORD): DWORD;
begin
Result := (X shr CERT_UNICODE_ATTR_ERR_INDEX_SHIFT) and CERT_UNICODE_ATTR_ERR_INDEX_MASK;
end;
function GET_CERT_UNICODE_VALUE_ERR_INDEX(X: DWORD): DWORD;
begin
Result := X and CERT_UNICODE_VALUE_ERR_INDEX_MASK;
end;
function GET_CERT_ALT_NAME_ENTRY_ERR_INDEX(X: DWORD): DWORD;
begin
Result := (X shr CERT_ALT_NAME_ENTRY_ERR_INDEX_SHIFT) and CERT_ALT_NAME_ENTRY_ERR_INDEX_MASK;
end;
function GET_CERT_ALT_NAME_VALUE_ERR_INDEX(X: DWORD): DWORD;
begin
Result := X and CERT_ALT_NAME_VALUE_ERR_INDEX_MASK;
end;
function IS_CRL_DIST_POINT_ERR_CRL_ISSUER(X: DWORD): Boolean;
begin
Result := (X and CRL_DIST_POINT_ERR_CRL_ISSUER_BIT) <> 0;
end;
function GET_CRL_DIST_POINT_ERR_INDEX(X: DWORD): DWORD;
begin
Result := ((X shr CRL_DIST_POINT_ERR_INDEX_SHIFT) and CRL_DIST_POINT_ERR_INDEX_MASK);
end;
function IS_CERT_HASH_PROP_ID(X: DWORD): Boolean;
begin
Result := (CERT_SHA1_HASH_PROP_ID = X) or (CERT_MD5_HASH_PROP_ID = X) or
(CERT_SIGNATURE_HASH_PROP_ID = X);
end;
const
crypt32 = 'crypt32.dll';
advapi32 = 'advapi32.dll';
softpub = 'softpub.dll';
{$IFDEF DYNAMIC_LINK}
var
_CryptAcquireContextA: Pointer;
function CryptAcquireContextA;
begin
GetProcedureAddress(_CryptAcquireContextA, advapi32, 'CryptAcquireContextA');
asm
mov esp, ebp
pop ebp
jmp [_CryptAcquireContextA]
end;
end;
{$ELSE}
function CryptAcquireContextA; external advapi32 name 'CryptAcquireContextA';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptAcquireContextW: Pointer;
function CryptAcquireContextW;
begin
GetProcedureAddress(_CryptAcquireContextW, advapi32, 'CryptAcquireContextW');
asm
mov esp, ebp
pop ebp
jmp [_CryptAcquireContextW]
end;
end;
{$ELSE}
function CryptAcquireContextW; external advapi32 name 'CryptAcquireContextW';
{$ENDIF DYNAMIC_LINK}
{$IFDEF UNICODE}
{$IFDEF DYNAMIC_LINK}
var
_CryptAcquireContext: Pointer;
function CryptAcquireContext;
begin
GetProcedureAddress(_CryptAcquireContext, advapi32, 'CryptAcquireContextW');
asm
mov esp, ebp
pop ebp
jmp [_CryptAcquireContext]
end;
end;
{$ELSE}
function CryptAcquireContext; external advapi32 name 'CryptAcquireContextW';
{$ENDIF DYNAMIC_LINK}
{$ELSE}
{$IFDEF DYNAMIC_LINK}
var
_CryptAcquireContext: Pointer;
function CryptAcquireContext;
begin
GetProcedureAddress(_CryptAcquireContext, advapi32, 'CryptAcquireContextA');
asm
mov esp, ebp
pop ebp
jmp [_CryptAcquireContext]
end;
end;
{$ELSE}
function CryptAcquireContext; external advapi32 name 'CryptAcquireContextA';
{$ENDIF DYNAMIC_LINK}
{$ENDIF}
{$IFDEF DYNAMIC_LINK}
var
_CryptReleaseContext: Pointer;
function CryptReleaseContext;
begin
GetProcedureAddress(_CryptReleaseContext, advapi32, 'CryptReleaseContext');
asm
mov esp, ebp
pop ebp
jmp [_CryptReleaseContext]
end;
end;
{$ELSE}
function CryptReleaseContext; external advapi32 name 'CryptReleaseContext';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptGenKey: Pointer;
function CryptGenKey;
begin
GetProcedureAddress(_CryptGenKey, advapi32, 'CryptGenKey');
asm
mov esp, ebp
pop ebp
jmp [_CryptGenKey]
end;
end;
{$ELSE}
function CryptGenKey; external advapi32 name 'CryptGenKey';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptDeriveKey: Pointer;
function CryptDeriveKey;
begin
GetProcedureAddress(_CryptDeriveKey, advapi32, 'CryptDeriveKey');
asm
mov esp, ebp
pop ebp
jmp [_CryptDeriveKey]
end;
end;
{$ELSE}
function CryptDeriveKey; external advapi32 name 'CryptDeriveKey';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptDestroyKey: Pointer;
function CryptDestroyKey;
begin
GetProcedureAddress(_CryptDestroyKey, advapi32, 'CryptDestroyKey');
asm
mov esp, ebp
pop ebp
jmp [_CryptDestroyKey]
end;
end;
{$ELSE}
function CryptDestroyKey; external advapi32 name 'CryptDestroyKey';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetKeyParam: Pointer;
function CryptSetKeyParam;
begin
GetProcedureAddress(_CryptSetKeyParam, crypt32, 'CryptSetKeyParam');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetKeyParam]
end;
end;
{$ELSE}
function CryptSetKeyParam; external crypt32 name 'CryptSetKeyParam';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetKeyParam: Pointer;
function CryptGetKeyParam;
begin
GetProcedureAddress(_CryptGetKeyParam, advapi32, 'CryptGetKeyParam');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetKeyParam]
end;
end;
{$ELSE}
function CryptGetKeyParam; external advapi32 name 'CryptGetKeyParam';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetHashParam: Pointer;
function CryptSetHashParam;
begin
GetProcedureAddress(_CryptSetHashParam, advapi32, 'CryptSetHashParam');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetHashParam]
end;
end;
{$ELSE}
function CryptSetHashParam; external advapi32 name 'CryptSetHashParam';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetHashParam: Pointer;
function CryptGetHashParam;
begin
GetProcedureAddress(_CryptGetHashParam, advapi32, 'CryptGetHashParam');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetHashParam]
end;
end;
{$ELSE}
function CryptGetHashParam; external advapi32 name 'CryptGetHashParam';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetProvParam: Pointer;
function CryptSetProvParam;
begin
GetProcedureAddress(_CryptSetProvParam, advapi32, 'CryptSetProvParam');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetProvParam]
end;
end;
{$ELSE}
function CryptSetProvParam; external advapi32 name 'CryptSetProvParam';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetProvParam: Pointer;
function CryptGetProvParam;
begin
GetProcedureAddress(_CryptGetProvParam, advapi32, 'CryptGetProvParam');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetProvParam]
end;
end;
{$ELSE}
function CryptGetProvParam; external advapi32 name 'CryptGetProvParam';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptGenRandom: Pointer;
function CryptGenRandom;
begin
GetProcedureAddress(_CryptGenRandom, advapi32, 'CryptGenRandom');
asm
mov esp, ebp
pop ebp
jmp [_CryptGenRandom]
end;
end;
{$ELSE}
function CryptGenRandom; external advapi32 name 'CryptGenRandom';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetUserKey: Pointer;
function CryptGetUserKey;
begin
GetProcedureAddress(_CryptGetUserKey, advapi32, 'CryptGetUserKey');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetUserKey]
end;
end;
{$ELSE}
function CryptGetUserKey; external advapi32 name 'CryptGetUserKey';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptExportKey: Pointer;
function CryptExportKey;
begin
GetProcedureAddress(_CryptExportKey, advapi32, 'CryptExportKey');
asm
mov esp, ebp
pop ebp
jmp [_CryptExportKey]
end;
end;
{$ELSE}
function CryptExportKey; external advapi32 name 'CryptExportKey';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptImportKey: Pointer;
function CryptImportKey;
begin
GetProcedureAddress(_CryptImportKey, advapi32, 'CryptImportKey');
asm
mov esp, ebp
pop ebp
jmp [_CryptImportKey]
end;
end;
{$ELSE}
function CryptImportKey; external advapi32 name 'CryptImportKey';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptEncrypt: Pointer;
function CryptEncrypt;
begin
GetProcedureAddress(_CryptEncrypt, advapi32, 'CryptEncrypt');
asm
mov esp, ebp
pop ebp
jmp [_CryptEncrypt]
end;
end;
{$ELSE}
function CryptEncrypt; external advapi32 name 'CryptEncrypt';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptDecrypt: Pointer;
function CryptDecrypt;
begin
GetProcedureAddress(_CryptDecrypt, advapi32, 'CryptDecrypt');
asm
mov esp, ebp
pop ebp
jmp [_CryptDecrypt]
end;
end;
{$ELSE}
function CryptDecrypt; external advapi32 name 'CryptDecrypt';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptCreateHash: Pointer;
function CryptCreateHash;
begin
GetProcedureAddress(_CryptCreateHash, advapi32, 'CryptCreateHash');
asm
mov esp, ebp
pop ebp
jmp [_CryptCreateHash]
end;
end;
{$ELSE}
function CryptCreateHash; external advapi32 name 'CryptCreateHash';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptHashData: Pointer;
function CryptHashData;
begin
GetProcedureAddress(_CryptHashData, advapi32, 'CryptHashData');
asm
mov esp, ebp
pop ebp
jmp [_CryptHashData]
end;
end;
{$ELSE}
function CryptHashData; external advapi32 name 'CryptHashData';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptHashSessionKey: Pointer;
function CryptHashSessionKey;
begin
GetProcedureAddress(_CryptHashSessionKey, advapi32, 'CryptHashSessionKey');
asm
mov esp, ebp
pop ebp
jmp [_CryptHashSessionKey]
end;
end;
{$ELSE}
function CryptHashSessionKey; external advapi32 name 'CryptHashSessionKey';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptDestroyHash: Pointer;
function CryptDestroyHash;
begin
GetProcedureAddress(_CryptDestroyHash, advapi32, 'CryptDestroyHash');
asm
mov esp, ebp
pop ebp
jmp [_CryptDestroyHash]
end;
end;
{$ELSE}
function CryptDestroyHash; external advapi32 name 'CryptDestroyHash';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptSignHashA: Pointer;
function CryptSignHashA;
begin
GetProcedureAddress(_CryptSignHashA, advapi32, 'CryptSignHashA');
asm
mov esp, ebp
pop ebp
jmp [_CryptSignHashA]
end;
end;
{$ELSE}
function CryptSignHashA; external advapi32 name 'CryptSignHashA';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptSignHashW: Pointer;
function CryptSignHashW;
begin
GetProcedureAddress(_CryptSignHashW, advapi32, 'CryptSignHashW');
asm
mov esp, ebp
pop ebp
jmp [_CryptSignHashW]
end;
end;
{$ELSE}
function CryptSignHashW; external advapi32 name 'CryptSignHashW';
{$ENDIF DYNAMIC_LINK}
{$IFDEF UNICODE}
{$IFDEF DYNAMIC_LINK}
var
_CryptSignHash: Pointer;
function CryptSignHash;
begin
GetProcedureAddress(_CryptSignHash, advapi32, 'CryptSignHashW');
asm
mov esp, ebp
pop ebp
jmp [_CryptSignHash]
end;
end;
{$ELSE}
function CryptSignHash; external advapi32 name 'CryptSignHashW';
{$ENDIF DYNAMIC_LINK}
{$ELSE}
{$IFDEF DYNAMIC_LINK}
var
_CryptSignHash: Pointer;
function CryptSignHash;
begin
GetProcedureAddress(_CryptSignHash, advapi32, 'CryptSignHashA');
asm
mov esp, ebp
pop ebp
jmp [_CryptSignHash]
end;
end;
{$ELSE}
function CryptSignHash; external advapi32 name 'CryptSignHashA';
{$ENDIF DYNAMIC_LINK}
{$ENDIF}
{$IFDEF DYNAMIC_LINK}
var
_CryptVerifySignatureA: Pointer;
function CryptVerifySignatureA;
begin
GetProcedureAddress(_CryptVerifySignatureA, advapi32, 'CryptVerifySignatureA');
asm
mov esp, ebp
pop ebp
jmp [_CryptVerifySignatureA]
end;
end;
{$ELSE}
function CryptVerifySignatureA; external advapi32 name 'CryptVerifySignatureA';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptVerifySignatureW: Pointer;
function CryptVerifySignatureW;
begin
GetProcedureAddress(_CryptVerifySignatureW, advapi32, 'CryptVerifySignatureW');
asm
mov esp, ebp
pop ebp
jmp [_CryptVerifySignatureW]
end;
end;
{$ELSE}
function CryptVerifySignatureW; external advapi32 name 'CryptVerifySignatureW';
{$ENDIF DYNAMIC_LINK}
{$IFDEF UNICODE}
{$IFDEF DYNAMIC_LINK}
var
_CryptVerifySignature: Pointer;
function CryptVerifySignature;
begin
GetProcedureAddress(_CryptVerifySignature, advapi32, 'CryptVerifySignatureW');
asm
mov esp, ebp
pop ebp
jmp [_CryptVerifySignature]
end;
end;
{$ELSE}
function CryptVerifySignature; external advapi32 name 'CryptVerifySignatureW';
{$ENDIF DYNAMIC_LINK}
{$ELSE}
{$IFDEF DYNAMIC_LINK}
var
_CryptVerifySignature: Pointer;
function CryptVerifySignature;
begin
GetProcedureAddress(_CryptVerifySignature, advapi32, 'CryptVerifySignatureA');
asm
mov esp, ebp
pop ebp
jmp [_CryptVerifySignature]
end;
end;
{$ELSE}
function CryptVerifySignature; external advapi32 name 'CryptVerifySignatureA';
{$ENDIF DYNAMIC_LINK}
{$ENDIF}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetProviderA: Pointer;
function CryptSetProviderA;
begin
GetProcedureAddress(_CryptSetProviderA, advapi32, 'CryptSetProviderA');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetProviderA]
end;
end;
{$ELSE}
function CryptSetProviderA; external advapi32 name 'CryptSetProviderA';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetProviderW: Pointer;
function CryptSetProviderW;
begin
GetProcedureAddress(_CryptSetProviderW, advapi32, 'CryptSetProviderW');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetProviderW]
end;
end;
{$ELSE}
function CryptSetProviderW; external advapi32 name 'CryptSetProviderW';
{$ENDIF DYNAMIC_LINK}
{$IFDEF UNICODE}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetProvider: Pointer;
function CryptSetProvider;
begin
GetProcedureAddress(_CryptSetProvider, advapi32, 'CryptSetProviderW');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetProvider]
end;
end;
{$ELSE}
function CryptSetProvider; external advapi32 name 'CryptSetProviderW';
{$ENDIF DYNAMIC_LINK}
{$ELSE}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetProvider: Pointer;
function CryptSetProvider;
begin
GetProcedureAddress(_CryptSetProvider, advapi32, 'CryptSetProviderA');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetProvider]
end;
end;
{$ELSE}
function CryptSetProvider; external advapi32 name 'CryptSetProviderA';
{$ENDIF DYNAMIC_LINK}
{$ENDIF}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetProviderExA: Pointer;
function CryptSetProviderExA;
begin
GetProcedureAddress(_CryptSetProviderExA, advapi32, 'CryptSetProviderExA');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetProviderExA]
end;
end;
{$ELSE}
function CryptSetProviderExA; external advapi32 name 'CryptSetProviderExA';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetProviderExW: Pointer;
function CryptSetProviderExW;
begin
GetProcedureAddress(_CryptSetProviderExW, advapi32, 'CryptSetProviderExW');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetProviderExW]
end;
end;
{$ELSE}
function CryptSetProviderExW; external advapi32 name 'CryptSetProviderExW';
{$ENDIF DYNAMIC_LINK}
{$IFDEF UNICODE}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetProviderEx: Pointer;
function CryptSetProviderEx;
begin
GetProcedureAddress(_CryptSetProviderEx, advapi32, 'CryptSetProviderExW');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetProviderEx]
end;
end;
{$ELSE}
function CryptSetProviderEx; external advapi32 name 'CryptSetProviderExW';
{$ENDIF DYNAMIC_LINK}
{$ELSE}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetProviderEx: Pointer;
function CryptSetProviderEx;
begin
GetProcedureAddress(_CryptSetProviderEx, advapi32, 'CryptSetProviderExA');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetProviderEx]
end;
end;
{$ELSE}
function CryptSetProviderEx; external advapi32 name 'CryptSetProviderExA';
{$ENDIF DYNAMIC_LINK}
{$ENDIF}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetDefaultProviderA: Pointer;
function CryptGetDefaultProviderA;
begin
GetProcedureAddress(_CryptGetDefaultProviderA, advapi32, 'CryptGetDefaultProviderA');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetDefaultProviderA]
end;
end;
{$ELSE}
function CryptGetDefaultProviderA; external advapi32 name 'CryptGetDefaultProviderA';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetDefaultProviderW: Pointer;
function CryptGetDefaultProviderW;
begin
GetProcedureAddress(_CryptGetDefaultProviderW, advapi32, 'CryptGetDefaultProviderW');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetDefaultProviderW]
end;
end;
{$ELSE}
function CryptGetDefaultProviderW; external advapi32 name 'CryptGetDefaultProviderW';
{$ENDIF DYNAMIC_LINK}
{$IFDEF UNICODE}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetDefaultProvider: Pointer;
function CryptGetDefaultProvider;
begin
GetProcedureAddress(_CryptGetDefaultProvider, advapi32, 'CryptGetDefaultProviderW');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetDefaultProvider]
end;
end;
{$ELSE}
function CryptGetDefaultProvider; external advapi32 name 'CryptGetDefaultProviderW';
{$ENDIF DYNAMIC_LINK}
{$ELSE}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetDefaultProvider: Pointer;
function CryptGetDefaultProvider;
begin
GetProcedureAddress(_CryptGetDefaultProvider, advapi32, 'CryptGetDefaultProviderA');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetDefaultProvider]
end;
end;
{$ELSE}
function CryptGetDefaultProvider; external advapi32 name 'CryptGetDefaultProviderA';
{$ENDIF DYNAMIC_LINK}
{$ENDIF}
{$IFDEF DYNAMIC_LINK}
var
_CryptEnumProviderTypesA: Pointer;
function CryptEnumProviderTypesA;
begin
GetProcedureAddress(_CryptEnumProviderTypesA, advapi32, 'CryptEnumProviderTypesA');
asm
mov esp, ebp
pop ebp
jmp [_CryptEnumProviderTypesA]
end;
end;
{$ELSE}
function CryptEnumProviderTypesA; external advapi32 name 'CryptEnumProviderTypesA';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptEnumProviderTypesW: Pointer;
function CryptEnumProviderTypesW;
begin
GetProcedureAddress(_CryptEnumProviderTypesW, advapi32, 'CryptEnumProviderTypesW');
asm
mov esp, ebp
pop ebp
jmp [_CryptEnumProviderTypesW]
end;
end;
{$ELSE}
function CryptEnumProviderTypesW; external advapi32 name 'CryptEnumProviderTypesW';
{$ENDIF DYNAMIC_LINK}
{$IFDEF UNICODE}
{$IFDEF DYNAMIC_LINK}
var
_CryptEnumProviderTypes: Pointer;
function CryptEnumProviderTypes;
begin
GetProcedureAddress(_CryptEnumProviderTypes, advapi32, 'CryptEnumProviderTypesW');
asm
mov esp, ebp
pop ebp
jmp [_CryptEnumProviderTypes]
end;
end;
{$ELSE}
function CryptEnumProviderTypes; external advapi32 name 'CryptEnumProviderTypesW';
{$ENDIF DYNAMIC_LINK}
{$ELSE}
{$IFDEF DYNAMIC_LINK}
var
_CryptEnumProviderTypes: Pointer;
function CryptEnumProviderTypes;
begin
GetProcedureAddress(_CryptEnumProviderTypes, advapi32, 'CryptEnumProviderTypesA');
asm
mov esp, ebp
pop ebp
jmp [_CryptEnumProviderTypes]
end;
end;
{$ELSE}
function CryptEnumProviderTypes; external advapi32 name 'CryptEnumProviderTypesA';
{$ENDIF DYNAMIC_LINK}
{$ENDIF}
{$IFDEF DYNAMIC_LINK}
var
_CryptEnumProvidersA: Pointer;
function CryptEnumProvidersA;
begin
GetProcedureAddress(_CryptEnumProvidersA, advapi32, 'CryptEnumProvidersA');
asm
mov esp, ebp
pop ebp
jmp [_CryptEnumProvidersA]
end;
end;
{$ELSE}
function CryptEnumProvidersA; external advapi32 name 'CryptEnumProvidersA';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptEnumProvidersW: Pointer;
function CryptEnumProvidersW;
begin
GetProcedureAddress(_CryptEnumProvidersW, advapi32, 'CryptEnumProvidersW');
asm
mov esp, ebp
pop ebp
jmp [_CryptEnumProvidersW]
end;
end;
{$ELSE}
function CryptEnumProvidersW; external advapi32 name 'CryptEnumProvidersW';
{$ENDIF DYNAMIC_LINK}
{$IFDEF UNICODE}
{$IFDEF DYNAMIC_LINK}
var
_CryptEnumProviders: Pointer;
function CryptEnumProviders;
begin
GetProcedureAddress(_CryptEnumProviders, advapi32, 'CryptEnumProvidersW');
asm
mov esp, ebp
pop ebp
jmp [_CryptEnumProviders]
end;
end;
{$ELSE}
function CryptEnumProviders; external advapi32 name 'CryptEnumProvidersW';
{$ENDIF DYNAMIC_LINK}
{$ELSE}
{$IFDEF DYNAMIC_LINK}
var
_CryptEnumProviders: Pointer;
function CryptEnumProviders;
begin
GetProcedureAddress(_CryptEnumProviders, advapi32, 'CryptEnumProvidersA');
asm
mov esp, ebp
pop ebp
jmp [_CryptEnumProviders]
end;
end;
{$ELSE}
function CryptEnumProviders; external advapi32 name 'CryptEnumProvidersA';
{$ENDIF DYNAMIC_LINK}
{$ENDIF}
{$IFDEF DYNAMIC_LINK}
var
_CryptContextAddRef: Pointer;
function CryptContextAddRef;
begin
GetProcedureAddress(_CryptContextAddRef, advapi32, 'CryptContextAddRef');
asm
mov esp, ebp
pop ebp
jmp [_CryptContextAddRef]
end;
end;
{$ELSE}
function CryptContextAddRef; external advapi32 name 'CryptContextAddRef';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptDuplicateKey: Pointer;
function CryptDuplicateKey;
begin
GetProcedureAddress(_CryptDuplicateKey, advapi32, 'CryptDuplicateKey');
asm
mov esp, ebp
pop ebp
jmp [_CryptDuplicateKey]
end;
end;
{$ELSE}
function CryptDuplicateKey; external advapi32 name 'CryptDuplicateKey';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptDuplicateHash: Pointer;
function CryptDuplicateHash;
begin
GetProcedureAddress(_CryptDuplicateHash, advapi32, 'CryptDuplicateHash');
asm
mov esp, ebp
pop ebp
jmp [_CryptDuplicateHash]
end;
end;
{$ELSE}
function CryptDuplicateHash; external advapi32 name 'CryptDuplicateHash';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptFormatObject: Pointer;
function CryptFormatObject;
begin
GetProcedureAddress(_CryptFormatObject, crypt32, 'CryptFormatObject');
asm
mov esp, ebp
pop ebp
jmp [_CryptFormatObject]
end;
end;
{$ELSE}
function CryptFormatObject; external crypt32 name 'CryptFormatObject';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptEncodeObjectEx: Pointer;
function CryptEncodeObjectEx;
begin
GetProcedureAddress(_CryptEncodeObjectEx, crypt32, 'CryptEncodeObjectEx');
asm
mov esp, ebp
pop ebp
jmp [_CryptEncodeObjectEx]
end;
end;
{$ELSE}
function CryptEncodeObjectEx; external crypt32 name 'CryptEncodeObjectEx';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptEncodeObject: Pointer;
function CryptEncodeObject;
begin
GetProcedureAddress(_CryptEncodeObject, crypt32, 'CryptEncodeObject');
asm
mov esp, ebp
pop ebp
jmp [_CryptEncodeObject]
end;
end;
{$ELSE}
function CryptEncodeObject; external crypt32 name 'CryptEncodeObject';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptDecodeObjectEx: Pointer;
function CryptDecodeObjectEx;
begin
GetProcedureAddress(_CryptDecodeObjectEx, crypt32, 'CryptDecodeObjectEx');
asm
mov esp, ebp
pop ebp
jmp [_CryptDecodeObjectEx]
end;
end;
{$ELSE}
function CryptDecodeObjectEx; external crypt32 name 'CryptDecodeObjectEx';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptDecodeObject: Pointer;
function CryptDecodeObject;
begin
GetProcedureAddress(_CryptDecodeObject, crypt32, 'CryptDecodeObject');
asm
mov esp, ebp
pop ebp
jmp [_CryptDecodeObject]
end;
end;
{$ELSE}
function CryptDecodeObject; external crypt32 name 'CryptDecodeObject';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptInstallOIDFunctionAddress: Pointer;
function CryptInstallOIDFunctionAddress;
begin
GetProcedureAddress(_CryptInstallOIDFunctionAddress, crypt32, 'CryptInstallOIDFunctionAddress');
asm
mov esp, ebp
pop ebp
jmp [_CryptInstallOIDFunctionAddress]
end;
end;
{$ELSE}
function CryptInstallOIDFunctionAddress; external crypt32 name 'CryptInstallOIDFunctionAddress';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptInitOIDFunctionSet: Pointer;
function CryptInitOIDFunctionSet;
begin
GetProcedureAddress(_CryptInitOIDFunctionSet, crypt32, 'CryptInitOIDFunctionSet');
asm
mov esp, ebp
pop ebp
jmp [_CryptInitOIDFunctionSet]
end;
end;
{$ELSE}
function CryptInitOIDFunctionSet; external crypt32 name 'CryptInitOIDFunctionSet';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetOIDFunctionAddress: Pointer;
function CryptGetOIDFunctionAddress;
begin
GetProcedureAddress(_CryptGetOIDFunctionAddress, crypt32, 'CryptGetOIDFunctionAddress');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetOIDFunctionAddress]
end;
end;
{$ELSE}
function CryptGetOIDFunctionAddress; external crypt32 name 'CryptGetOIDFunctionAddress';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetDefaultOIDDllList: Pointer;
function CryptGetDefaultOIDDllList;
begin
GetProcedureAddress(_CryptGetDefaultOIDDllList, crypt32, 'CryptGetDefaultOIDDllList');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetDefaultOIDDllList]
end;
end;
{$ELSE}
function CryptGetDefaultOIDDllList; external crypt32 name 'CryptGetDefaultOIDDllList';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetDefaultOIDFunctionAddr: Pointer;
function CryptGetDefaultOIDFunctionAddress;
begin
GetProcedureAddress(_CryptGetDefaultOIDFunctionAddr, crypt32, 'CryptGetDefaultOIDFunctionAddress');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetDefaultOIDFunctionAddr]
end;
end;
{$ELSE}
function CryptGetDefaultOIDFunctionAddress; external crypt32 name 'CryptGetDefaultOIDFunctionAddress';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptFreeOIDFunctionAddress: Pointer;
function CryptFreeOIDFunctionAddress;
begin
GetProcedureAddress(_CryptFreeOIDFunctionAddress, crypt32, 'CryptFreeOIDFunctionAddress');
asm
mov esp, ebp
pop ebp
jmp [_CryptFreeOIDFunctionAddress]
end;
end;
{$ELSE}
function CryptFreeOIDFunctionAddress; external crypt32 name 'CryptFreeOIDFunctionAddress';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptRegisterOIDFunction: Pointer;
function CryptRegisterOIDFunction;
begin
GetProcedureAddress(_CryptRegisterOIDFunction, crypt32, 'CryptRegisterOIDFunction');
asm
mov esp, ebp
pop ebp
jmp [_CryptRegisterOIDFunction]
end;
end;
{$ELSE}
function CryptRegisterOIDFunction; external crypt32 name 'CryptRegisterOIDFunction';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptUnregisterOIDFunction: Pointer;
function CryptUnregisterOIDFunction;
begin
GetProcedureAddress(_CryptUnregisterOIDFunction, crypt32, 'CryptUnregisterOIDFunction');
asm
mov esp, ebp
pop ebp
jmp [_CryptUnregisterOIDFunction]
end;
end;
{$ELSE}
function CryptUnregisterOIDFunction; external crypt32 name 'CryptUnregisterOIDFunction';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptRegisterDefaultOIDFunction: Pointer;
function CryptRegisterDefaultOIDFunction;
begin
GetProcedureAddress(_CryptRegisterDefaultOIDFunction, crypt32, 'CryptRegisterDefaultOIDFunction');
asm
mov esp, ebp
pop ebp
jmp [_CryptRegisterDefaultOIDFunction]
end;
end;
{$ELSE}
function CryptRegisterDefaultOIDFunction; external crypt32 name 'CryptRegisterDefaultOIDFunction';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptUnregisterDefaultOIDFunc: Pointer;
function CryptUnregisterDefaultOIDFunction;
begin
GetProcedureAddress(_CryptUnregisterDefaultOIDFunc, crypt32, 'CryptUnregisterDefaultOIDFunction');
asm
mov esp, ebp
pop ebp
jmp [_CryptUnregisterDefaultOIDFunc]
end;
end;
{$ELSE}
function CryptUnregisterDefaultOIDFunction; external crypt32 name 'CryptUnregisterDefaultOIDFunction';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptSetOIDFunctionValue: Pointer;
function CryptSetOIDFunctionValue;
begin
GetProcedureAddress(_CryptSetOIDFunctionValue, crypt32, 'CryptSetOIDFunctionValue');
asm
mov esp, ebp
pop ebp
jmp [_CryptSetOIDFunctionValue]
end;
end;
{$ELSE}
function CryptSetOIDFunctionValue; external crypt32 name 'CryptSetOIDFunctionValue';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptGetOIDFunctionValue: Pointer;
function CryptGetOIDFunctionValue;
begin
GetProcedureAddress(_CryptGetOIDFunctionValue, crypt32, 'CryptGetOIDFunctionValue');
asm
mov esp, ebp
pop ebp
jmp [_CryptGetOIDFunctionValue]
end;
end;
{$ELSE}
function CryptGetOIDFunctionValue; external crypt32 name 'CryptGetOIDFunctionValue';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptEnumOIDFunction: Pointer;
function CryptEnumOIDFunction;
begin
GetProcedureAddress(_CryptEnumOIDFunction, crypt32, 'CryptEnumOIDFunction');
asm
mov esp, ebp
pop ebp
jmp [_CryptEnumOIDFunction]
end;
end;
{$ELSE}
function CryptEnumOIDFunction; external crypt32 name 'CryptEnumOIDFunction';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptFindOIDInfo: Pointer;
function CryptFindOIDInfo;
begin
GetProcedureAddress(_CryptFindOIDInfo, crypt32, 'CryptFindOIDInfo');
asm
mov esp, ebp
pop ebp
jmp [_CryptFindOIDInfo]
end;
end;
{$ELSE}
function CryptFindOIDInfo; external crypt32 name 'CryptFindOIDInfo';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptRegisterOIDInfo: Pointer;
function CryptRegisterOIDInfo;
begin
GetProcedureAddress(_CryptRegisterOIDInfo, crypt32, 'CryptRegisterOIDInfo');
asm
mov esp, ebp
pop ebp
jmp [_CryptRegisterOIDInfo]
end;
end;
{$ELSE}
function CryptRegisterOIDInfo; external crypt32 name 'CryptRegisterOIDInfo';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptUnregisterOIDInfo: Pointer;
function CryptUnregisterOIDInfo;
begin
GetProcedureAddress(_CryptUnregisterOIDInfo, crypt32, 'CryptUnregisterOIDInfo');
asm
mov esp, ebp
pop ebp
jmp [_CryptUnregisterOIDInfo]
end;
end;
{$ELSE}
function CryptUnregisterOIDInfo; external crypt32 name 'CryptUnregisterOIDInfo';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptEnumOIDInfo: Pointer;
function CryptEnumOIDInfo;
begin
GetProcedureAddress(_CryptEnumOIDInfo, crypt32, 'CryptEnumOIDInfo');
asm
mov esp, ebp
pop ebp
jmp [_CryptEnumOIDInfo]
end;
end;
{$ELSE}
function CryptEnumOIDInfo; external crypt32 name 'CryptEnumOIDInfo';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptFindLocalizedName: Pointer;
function CryptFindLocalizedName;
begin
GetProcedureAddress(_CryptFindLocalizedName, crypt32, 'CryptFindLocalizedName');
asm
mov esp, ebp
pop ebp
jmp [_CryptFindLocalizedName]
end;
end;
{$ELSE}
function CryptFindLocalizedName; external crypt32 name 'CryptFindLocalizedName';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgOpenToEncode: Pointer;
function CryptMsgOpenToEncode;
begin
GetProcedureAddress(_CryptMsgOpenToEncode, crypt32, 'CryptMsgOpenToEncode');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgOpenToEncode]
end;
end;
{$ELSE}
function CryptMsgOpenToEncode; external crypt32 name 'CryptMsgOpenToEncode';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgCalculateEncodedLength: Pointer;
function CryptMsgCalculateEncodedLength;
begin
GetProcedureAddress(_CryptMsgCalculateEncodedLength, crypt32, 'CryptMsgCalculateEncodedLength');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgCalculateEncodedLength]
end;
end;
{$ELSE}
function CryptMsgCalculateEncodedLength; external crypt32 name 'CryptMsgCalculateEncodedLength';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgOpenToDecode: Pointer;
function CryptMsgOpenToDecode;
begin
GetProcedureAddress(_CryptMsgOpenToDecode, crypt32, 'CryptMsgOpenToDecode');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgOpenToDecode]
end;
end;
{$ELSE}
function CryptMsgOpenToDecode; external crypt32 name 'CryptMsgOpenToDecode';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgDuplicate: Pointer;
function CryptMsgDuplicate;
begin
GetProcedureAddress(_CryptMsgDuplicate, crypt32, 'CryptMsgDuplicate');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgDuplicate]
end;
end;
{$ELSE}
function CryptMsgDuplicate; external crypt32 name 'CryptMsgDuplicate';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgClose: Pointer;
function CryptMsgClose;
begin
GetProcedureAddress(_CryptMsgClose, crypt32, 'CryptMsgClose');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgClose]
end;
end;
{$ELSE}
function CryptMsgClose; external crypt32 name 'CryptMsgClose';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgUpdate: Pointer;
function CryptMsgUpdate;
begin
GetProcedureAddress(_CryptMsgUpdate, crypt32, 'CryptMsgUpdate');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgUpdate]
end;
end;
{$ELSE}
function CryptMsgUpdate; external crypt32 name 'CryptMsgUpdate';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgGetParam: Pointer;
function CryptMsgGetParam;
begin
GetProcedureAddress(_CryptMsgGetParam, crypt32, 'CryptMsgGetParam');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgGetParam]
end;
end;
{$ELSE}
function CryptMsgGetParam; external crypt32 name 'CryptMsgGetParam';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgControl: Pointer;
function CryptMsgControl;
begin
GetProcedureAddress(_CryptMsgControl, crypt32, 'CryptMsgControl');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgControl]
end;
end;
{$ELSE}
function CryptMsgControl; external crypt32 name 'CryptMsgControl';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgVerifyCountersigEnc: Pointer;
function CryptMsgVerifyCountersignatureEncoded;
begin
GetProcedureAddress(_CryptMsgVerifyCountersigEnc, crypt32, 'CryptMsgVerifyCountersignatureEncoded');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgVerifyCountersigEnc]
end;
end;
{$ELSE}
function CryptMsgVerifyCountersignatureEncoded; external crypt32 name 'CryptMsgVerifyCountersignatureEncoded';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgVerifyCountersigEncEx: Pointer;
function CryptMsgVerifyCountersignatureEncodedEx;
begin
GetProcedureAddress(_CryptMsgVerifyCountersigEncEx, crypt32, 'CryptMsgVerifyCountersignatureEncodedEx');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgVerifyCountersigEncEx]
end;
end;
{$ELSE}
function CryptMsgVerifyCountersignatureEncodedEx; external crypt32 name 'CryptMsgVerifyCountersignatureEncodedEx';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgCountersign: Pointer;
function CryptMsgCountersign;
begin
GetProcedureAddress(_CryptMsgCountersign, crypt32, 'CryptMsgCountersign');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgCountersign]
end;
end;
{$ELSE}
function CryptMsgCountersign; external crypt32 name 'CryptMsgCountersign';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CryptMsgCountersignEncoded: Pointer;
function CryptMsgCountersignEncoded;
begin
GetProcedureAddress(_CryptMsgCountersignEncoded, crypt32, 'CryptMsgCountersignEncoded');
asm
mov esp, ebp
pop ebp
jmp [_CryptMsgCountersignEncoded]
end;
end;
{$ELSE}
function CryptMsgCountersignEncoded; external crypt32 name 'CryptMsgCountersignEncoded';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CertOpenStore: Pointer;
function CertOpenStore;
begin
GetProcedureAddress(_CertOpenStore, crypt32, 'CertOpenStore');
asm
mov esp, ebp
pop ebp
jmp [_CertOpenStore]
end;
end;
{$ELSE}
function CertOpenStore; external crypt32 name 'CertOpenStore';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CertDuplicateStore: Pointer;
function CertDuplicateStore;
begin
GetProcedureAddress(_CertDuplicateStore, crypt32, 'CertDuplicateStore');
asm
mov esp, ebp
pop ebp
jmp [_CertDuplicateStore]
end;
end;
{$ELSE}
function CertDuplicateStore; external crypt32 name 'CertDuplicateStore';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CertSaveStore: Pointer;
function CertSaveStore;
begin
GetProcedureAddress(_CertSaveStore, crypt32, 'CertSaveStore');
asm
mov esp, ebp
pop ebp
jmp [_CertSaveStore]
end;
end;
{$ELSE}
function CertSaveStore; external crypt32 name 'CertSaveStore';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CertCloseStore: Pointer;
function CertCloseStore;
begin
GetProcedureAddress(_CertCloseStore, crypt32, 'CertCloseStore');
asm
mov esp, ebp
pop ebp
jmp [_CertCloseStore]
end;
end;
{$ELSE}
function CertCloseStore; external crypt32 name 'CertCloseStore';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CertGetSubjectCertFromStore: Pointer;
function CertGetSubjectCertificateFromStore;
begin
GetProcedureAddress(_CertGetSubjectCertFromStore, crypt32, 'CertGetSubjectCertificateFromStore');
asm
mov esp, ebp
pop ebp
jmp [_CertGetSubjectCertFromStore]
end;
end;
{$ELSE}
function CertGetSubjectCertificateFromStore; external crypt32 name 'CertGetSubjectCertificateFromStore';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CertEnumCertificatesInStore: Pointer;
function CertEnumCertificatesInStore;
begin
GetProcedureAddress(_CertEnumCertificatesInStore, crypt32, 'CertEnumCertificatesInStore');
asm
mov esp, ebp
pop ebp
jmp [_CertEnumCertificatesInStore]
end;
end;
{$ELSE}
function CertEnumCertificatesInStore; external crypt32 name 'CertEnumCertificatesInStore';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CertFindCertificateInStore: Pointer;
function CertFindCertificateInStore;
begin
GetProcedureAddress(_CertFindCertificateInStore, crypt32, 'CertFindCertificateInStore');
asm
mov esp, ebp
pop ebp
jmp [_CertFindCertificateInStore]
end;
end;
{$ELSE}
function CertFindCertificateInStore; external crypt32 name 'CertFindCertificateInStore';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CertGetIssuerCertFromStore: Pointer;
function CertGetIssuerCertificateFromStore;
begin
GetProcedureAddress(_CertGetIssuerCertFromStore, crypt32, 'CertGetIssuerCertificateFromStore');
asm
mov esp, ebp
pop ebp
jmp [_CertGetIssuerCertFromStore]
end;
end;
{$ELSE}
function CertGetIssuerCertificateFromStore; external crypt32 name 'CertGetIssuerCertificateFromStore';
{$ENDIF DYNAMIC_LINK}
{$IFDEF DYNAMIC_LINK}
var
_CertVerifySubjectCertContext: Pointer;
function CertVerifySubjectCertificateContext;