/Gedemin/Common/Wcrypt2.pas

http://gedemin.googlecode.com/ · Pascal · 1715 lines · 1091 code · 260 blank · 364 comment · 0 complexity · 5ffa2cba1a78630abdd143bc578c476a MD5 · raw file

Large files are truncated click here to view the full file

  1. {******************************************************************}
  2. { }
  3. { Borland Delphi Runtime Library }
  4. { Cryptographic API interface unit }
  5. { }
  6. { Portions created by Microsoft are }
  7. { Copyright (C) 1993-1998 Microsoft Corporation. }
  8. { All Rights Reserved. }
  9. { }
  10. { The original file is: wincrypt.h, 1992 - 1997 }
  11. { The original Pascal code is: wcrypt2.pas, released 01 Jan 1998 }
  12. { The initial developer of the Pascal code is }
  13. { Massimo Maria Ghisalberti (nissl@dada.it) }
  14. { }
  15. { Portions created by Massimo Maria Ghisalberti are }
  16. { Copyright (C) 1997-1998 Massimo Maria Ghisalberti }
  17. { }
  18. { Contributor(s): }
  19. { Peter Tang (peter.tang@citicorp.com) }
  20. { Phil Shrimpton (phil@shrimpton.co.uk) }
  21. { }
  22. { Obtained through: }
  23. { }
  24. { Joint Endeavour of Delphi Innovators (Project JEDI) }
  25. { }
  26. { You may retrieve the latest version of this file at the Project }
  27. { JEDI home page, located at http://delphi-jedi.org }
  28. { }
  29. { The contents of this file are used with permission, subject to }
  30. { the Mozilla Public License Version 1.1 (the "License"); you may }
  31. { not use this file except in compliance with the License. You may }
  32. { obtain a copy of the License at }
  33. { http://www.mozilla.org/MPL/MPL-1.1.html }
  34. { }
  35. { Software distributed under the License is distributed on an }
  36. { "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or }
  37. { implied. See the License for the specific language governing }
  38. { rights and limitations under the License. }
  39. { }
  40. {******************************************************************}
  41. unit wcrypt2;
  42. {.$DEFINE NT5}
  43. {$ALIGN ON}
  44. {$IFNDEF VER90}
  45. {$WEAKPACKAGEUNIT}
  46. {$ENDIF}
  47. interface
  48. uses
  49. Windows
  50. {$IFDEF VER90}
  51. ,Ole2
  52. {$ENDIF};
  53. const
  54. ADVAPI32 = 'advapi32.dll';
  55. CRYPT32 = 'crypt32.dll';
  56. SOFTPUB = 'softpub.dll';
  57. {$IFDEF NT5}
  58. ADVAPI32NT5 = 'advapi32.dll';
  59. {$ENDIF}
  60. {Support Type}
  61. type
  62. PVOID = Pointer;
  63. LONG = DWORD;
  64. {$IFDEF UNICODE}
  65. LPAWSTR = PWideChar;
  66. {$ELSE}
  67. LPAWSTR = PAnsiChar;
  68. {$ENDIF}
  69. //-----------------------------------------------------------------------------
  70. // Type support for a pointer to an array of pointer (type **name)
  71. PLPSTR = Pointer; // type for a pointer to Array of pointer a type
  72. PPCERT_INFO = Pointer; // type for a pointer to Array of pointer a type
  73. PPVOID = Pointer; // type for a pointer to Array of pointer a type
  74. PPCCERT_CONTEXT = Pointer; // type for a pointer to Array of pointer a type
  75. PPCCTL_CONTEXT = Pointer; // type for a pointer to Array of pointer a type
  76. PPCCRL_CONTEXT = Pointer; // type for a pointer to Array of pointer a type
  77. //-----------------------------------------------------------------------------
  78. //+---------------------------------------------------------------------------
  79. //
  80. // Microsoft Windows
  81. // Copyright (C) Microsoft Corporation, 1992 - 1997.
  82. //
  83. // File: wincrypt.h
  84. //
  85. // Contents: Cryptographic API Prototypes and Definitions
  86. //
  87. //----------------------------------------------------------------------------
  88. //
  89. // Algorithm IDs and Flags
  90. //
  91. // ALG_ID crackers
  92. function GET_ALG_CLASS(x:integer) :integer;
  93. function GET_ALG_TYPE(x:integer) :integer;
  94. function GET_ALG_SID(x:integer) :integer;
  95. Const
  96. // Algorithm classes
  97. ALG_CLASS_ANY = 0;
  98. ALG_CLASS_SIGNATURE = (1 shl 13);
  99. ALG_CLASS_MSG_ENCRYPT = (2 shl 13);
  100. ALG_CLASS_DATA_ENCRYPT = (3 shl 13);
  101. ALG_CLASS_HASH = (4 shl 13);
  102. ALG_CLASS_KEY_EXCHANGE = (5 shl 13);
  103. // Algorithm types
  104. ALG_TYPE_ANY = 0;
  105. ALG_TYPE_DSS = (1 shl 9);
  106. ALG_TYPE_RSA = (2 shl 9);
  107. ALG_TYPE_BLOCK = (3 shl 9);
  108. ALG_TYPE_STREAM = (4 shl 9);
  109. ALG_TYPE_DH = (5 shl 9);
  110. ALG_TYPE_SECURECHANNEL = (6 shl 9);
  111. // Generic sub-ids
  112. ALG_SID_ANY = 0;
  113. // Some RSA sub-ids
  114. ALG_SID_RSA_ANY = 0;
  115. ALG_SID_RSA_PKCS = 1;
  116. ALG_SID_RSA_MSATWORK = 2;
  117. ALG_SID_RSA_ENTRUST = 3;
  118. ALG_SID_RSA_PGP = 4;
  119. // Some DSS sub-ids
  120. ALG_SID_DSS_ANY = 0;
  121. ALG_SID_DSS_PKCS = 1;
  122. ALG_SID_DSS_DMS = 2;
  123. // Block cipher sub ids
  124. // DES sub_ids
  125. ALG_SID_DES = 1;
  126. ALG_SID_3DES = 3;
  127. ALG_SID_DESX = 4;
  128. ALG_SID_IDEA = 5;
  129. ALG_SID_CAST = 6;
  130. ALG_SID_SAFERSK64 = 7;
  131. ALD_SID_SAFERSK128 = 8;
  132. ALG_SID_SAFERSK128 = 8;
  133. ALG_SID_3DES_112 = 9;
  134. ALG_SID_CYLINK_MEK = 12;
  135. ALG_SID_RC5 = 13;
  136. // Fortezza sub-ids
  137. ALG_SID_SKIPJACK = 10;
  138. ALG_SID_TEK = 11;
  139. // KP_MODE
  140. CRYPT_MODE_CBCI = 6; {ANSI CBC Interleaved}
  141. CRYPT_MODE_CFBP = 7; {ANSI CFB Pipelined}
  142. CRYPT_MODE_OFBP = 8; {ANSI OFB Pipelined}
  143. CRYPT_MODE_CBCOFM = 9; {ANSI CBC + OF Masking}
  144. CRYPT_MODE_CBCOFMI = 10; {ANSI CBC + OFM Interleaved}
  145. // RC2 sub-ids
  146. ALG_SID_RC2 = 2;
  147. // Stream cipher sub-ids
  148. ALG_SID_RC4 = 1;
  149. ALG_SID_SEAL = 2;
  150. // Diffie-Hellman sub-ids
  151. ALG_SID_DH_SANDF = 1;
  152. ALG_SID_DH_EPHEM = 2;
  153. ALG_SID_AGREED_KEY_ANY = 3;
  154. ALG_SID_KEA = 4;
  155. // Hash sub ids
  156. ALG_SID_MD2 = 1;
  157. ALG_SID_MD4 = 2;
  158. ALG_SID_MD5 = 3;
  159. ALG_SID_SHA = 4;
  160. ALG_SID_SHA1 = 4;
  161. ALG_SID_MAC = 5;
  162. ALG_SID_RIPEMD = 6;
  163. ALG_SID_RIPEMD160 = 7;
  164. ALG_SID_SSL3SHAMD5 = 8;
  165. ALG_SID_HMAC = 9;
  166. // secure channel sub ids
  167. ALG_SID_SSL3_MASTER = 1;
  168. ALG_SID_SCHANNEL_MASTER_HASH = 2;
  169. ALG_SID_SCHANNEL_MAC_KEY = 3;
  170. ALG_SID_PCT1_MASTER = 4;
  171. ALG_SID_SSL2_MASTER = 5;
  172. ALG_SID_TLS1_MASTER = 6;
  173. ALG_SID_SCHANNEL_ENC_KEY = 7;
  174. // Our silly example sub-id
  175. ALG_SID_EXAMPLE = 80;
  176. {$IFNDEF ALGIDDEF}
  177. {$DEFINE ALGIDDEF}
  178. Type ALG_ID = ULONG;
  179. {$ENDIF}
  180. // algorithm identifier definitions
  181. Const
  182. CALG_MD2 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD2);
  183. CALG_MD4 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD4);
  184. CALG_MD5 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD5);
  185. CALG_SHA = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SHA);
  186. CALG_SHA1 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SHA1);
  187. CALG_MAC = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MAC);
  188. CALG_RSA_SIGN = (ALG_CLASS_SIGNATURE or ALG_TYPE_RSA or ALG_SID_RSA_ANY);
  189. CALG_DSS_SIGN = (ALG_CLASS_SIGNATURE or ALG_TYPE_DSS or ALG_SID_DSS_ANY);
  190. CALG_RSA_KEYX = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_RSA or ALG_SID_RSA_ANY);
  191. CALG_DES = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_DES);
  192. CALG_3DES_112 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_3DES_112);
  193. CALG_3DES = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_3DES);
  194. CALG_RC2 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_RC2);
  195. CALG_RC4 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_STREAM or ALG_SID_RC4);
  196. CALG_SEAL = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_STREAM or ALG_SID_SEAL);
  197. CALG_DH_SF = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_DH_SANDF);
  198. CALG_DH_EPHEM = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_DH_EPHEM);
  199. CALG_AGREEDKEY_ANY = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_AGREED_KEY_ANY);
  200. CALG_KEA_KEYX = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_KEA);
  201. CALG_HUGHES_MD5 = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_ANY or ALG_SID_MD5);
  202. CALG_SKIPJACK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_SKIPJACK);
  203. CALG_TEK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_TEK);
  204. CALG_CYLINK_MEK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_CYLINK_MEK);
  205. CALG_SSL3_SHAMD5 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SSL3SHAMD5);
  206. CALG_SSL3_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SSL3_MASTER);
  207. CALG_SCHANNEL_MASTER_HASH = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_MASTER_HASH);
  208. CALG_SCHANNEL_MAC_KEY = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_MAC_KEY);
  209. CALG_SCHANNEL_ENC_KEY = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_ENC_KEY);
  210. CALG_PCT1_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_PCT1_MASTER);
  211. CALG_SSL2_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SSL2_MASTER);
  212. CALG_TLS1_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_TLS1_MASTER);
  213. CALG_RC5 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_RC5);
  214. CALG_HMAC = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_HMAC);
  215. type
  216. PVTableProvStruc = ^VTableProvStruc;
  217. VTableProvStruc = record
  218. Version :DWORD;
  219. FuncVerifyImage :TFarProc;
  220. FuncReturnhWnd :TFarProc;
  221. dwProvType :DWORD;
  222. pbContextInfo :PBYTE;
  223. cbContextInfo :DWORD;
  224. end;
  225. //type HCRYPTPROV = ULONG;
  226. //type HCRYPTKEY = ULONG;
  227. //type HCRYPTHASH = ULONG;
  228. const
  229. // dwFlags definitions for CryptAcquireContext
  230. CRYPT_VERIFYCONTEXT = $F0000000;
  231. CRYPT_NEWKEYSET = $00000008;
  232. CRYPT_DELETEKEYSET = $00000010;
  233. CRYPT_MACHINE_KEYSET = $00000020;
  234. // dwFlag definitions for CryptGenKey
  235. CRYPT_EXPORTABLE = $00000001;
  236. CRYPT_USER_PROTECTED = $00000002;
  237. CRYPT_CREATE_SALT = $00000004;
  238. CRYPT_UPDATE_KEY = $00000008;
  239. CRYPT_NO_SALT = $00000010;
  240. CRYPT_PREGEN = $00000040;
  241. CRYPT_RECIPIENT = $00000010;
  242. CRYPT_INITIATOR = $00000040;
  243. CRYPT_ONLINE = $00000080;
  244. CRYPT_SF = $00000100;
  245. CRYPT_CREATE_IV = $00000200;
  246. CRYPT_KEK = $00000400;
  247. CRYPT_DATA_KEY = $00000800;
  248. // dwFlags definitions for CryptDeriveKey
  249. CRYPT_SERVER = $00000400;
  250. KEY_LENGTH_MASK = $FFFF0000;
  251. // dwFlag definitions for CryptExportKey
  252. CRYPT_Y_ONLY = $00000001;
  253. CRYPT_SSL2_SLUMMING = $00000002;
  254. // dwFlags definitions for CryptHashSessionKey
  255. CRYPT_LITTLE_ENDIAN = $00000001;
  256. // dwFlag definitions for CryptSetProviderEx and CryptGetDefaultProvider
  257. CRYPT_MACHINE_DEFAULT = $00000001;
  258. CRYPT_USER_DEFAULT = $00000002;
  259. CRYPT_DELETE_DEFAULT = $00000004;
  260. // exported key blob definitions
  261. SIMPLEBLOB = $1;
  262. PUBLICKEYBLOB = $6;
  263. PRIVATEKEYBLOB = $7;
  264. PLAINTEXTKEYBLOB = $8;
  265. AT_KEYEXCHANGE = 1;
  266. AT_SIGNATURE = 2;
  267. CRYPT_USERDATA = 1;
  268. // dwParam
  269. KP_IV = 1; // Initialization vector
  270. KP_SALT = 2; // Salt value
  271. KP_PADDING = 3; // Padding values
  272. KP_MODE = 4; // Mode of the cipher
  273. KP_MODE_BITS = 5; // Number of bits to feedback
  274. KP_PERMISSIONS = 6; // Key permissions DWORD
  275. KP_ALGID = 7; // Key algorithm
  276. KP_BLOCKLEN = 8; // Block size of the cipher
  277. KP_KEYLEN = 9; // Length of key in bits
  278. KP_SALT_EX = 10; // Length of salt in bytes
  279. KP_P = 11; // DSS/Diffie-Hellman P value
  280. KP_G = 12; // DSS/Diffie-Hellman G value
  281. KP_Q = 13; // DSS Q value
  282. KP_X = 14; // Diffie-Hellman X value
  283. KP_Y = 15; // Y value
  284. KP_RA = 16; // Fortezza RA value
  285. KP_RB = 17; // Fortezza RB value
  286. KP_INFO = 18; // for putting information into an RSA envelope
  287. KP_EFFECTIVE_KEYLEN = 19; // setting and getting RC2 effective key length
  288. KP_SCHANNEL_ALG = 20; // for setting the Secure Channel algorithms
  289. KP_CLIENT_RANDOM = 21; // for setting the Secure Channel client random data
  290. KP_SERVER_RANDOM = 22; // for setting the Secure Channel server random data
  291. KP_RP = 23;
  292. KP_PRECOMP_MD5 = 24;
  293. KP_PRECOMP_SHA = 25;
  294. KP_CERTIFICATE = 26; // for setting Secure Channel certificate data (PCT1)
  295. KP_CLEAR_KEY = 27; // for setting Secure Channel clear key data (PCT1)
  296. KP_PUB_EX_LEN = 28;
  297. KP_PUB_EX_VAL = 29;
  298. // KP_PADDING
  299. PKCS5_PADDING = 1; {PKCS 5 (sec 6.2) padding method}
  300. RANDOM_PADDING = 2;
  301. ZERO_PADDING = 3;
  302. // KP_MODE
  303. CRYPT_MODE_CBC = 1; // Cipher block chaining
  304. CRYPT_MODE_ECB = 2; // Electronic code book
  305. CRYPT_MODE_OFB = 3; // Output feedback mode
  306. CRYPT_MODE_CFB = 4; // Cipher feedback mode
  307. CRYPT_MODE_CTS = 5; // Ciphertext stealing mode
  308. // KP_PERMISSIONS
  309. CRYPT_ENCRYPT = $0001; // Allow encryption
  310. CRYPT_DECRYPT = $0002; // Allow decryption
  311. CRYPT_EXPORT = $0004; // Allow key to be exported
  312. CRYPT_READ = $0008; // Allow parameters to be read
  313. CRYPT_WRITE = $0010; // Allow parameters to be set
  314. CRYPT_MAC = $0020; // Allow MACs to be used with key
  315. CRYPT_EXPORT_KEY = $0040; // Allow key to be used for exporting keys
  316. CRYPT_IMPORT_KEY = $0080; // Allow key to be used for importing keys
  317. HP_ALGID = $0001; // Hash algorithm
  318. HP_HASHVAL = $0002; // Hash value
  319. HP_HASHSIZE = $0004; // Hash value size
  320. HP_HMAC_INFO = $0005; // information for creating an HMAC
  321. CRYPT_FAILED = FALSE;
  322. CRYPT_SUCCEED = TRUE;
  323. function RCRYPT_SUCCEEDED(rt:BOOL):BOOL;
  324. function RCRYPT_FAILED(rt:BOOL):BOOL;
  325. const
  326. // CryptGetProvParam
  327. PP_ENUMALGS = 1;
  328. PP_ENUMCONTAINERS = 2;
  329. PP_IMPTYPE = 3;
  330. PP_NAME = 4;
  331. PP_VERSION = 5;
  332. PP_CONTAINER = 6;
  333. PP_CHANGE_PASSWORD = 7;
  334. PP_KEYSET_SEC_DESCR = 8; // get/set security descriptor of keyset
  335. PP_CERTCHAIN = 9; // for retrieving certificates from tokens
  336. PP_KEY_TYPE_SUBTYPE = 10;
  337. PP_PROVTYPE = 16;
  338. PP_KEYSTORAGE = 17;
  339. PP_APPLI_CERT = 18;
  340. PP_SYM_KEYSIZE = 19;
  341. PP_SESSION_KEYSIZE = 20;
  342. PP_UI_PROMPT = 21;
  343. PP_ENUMALGS_EX = 22;
  344. CRYPT_FIRST = 1;
  345. CRYPT_NEXT = 2;
  346. CRYPT_IMPL_HARDWARE = 1;
  347. CRYPT_IMPL_SOFTWARE = 2;
  348. CRYPT_IMPL_MIXED = 3;
  349. CRYPT_IMPL_UNKNOWN = 4;
  350. // key storage flags
  351. CRYPT_SEC_DESCR = $00000001;
  352. CRYPT_PSTORE = $00000002;
  353. CRYPT_UI_PROMPT = $00000004;
  354. // protocol flags
  355. CRYPT_FLAG_PCT1 = $0001;
  356. CRYPT_FLAG_SSL2 = $0002;
  357. CRYPT_FLAG_SSL3 = $0004;
  358. CRYPT_FLAG_TLS1 = $0008;
  359. // CryptSetProvParam
  360. PP_CLIENT_HWND = 1;
  361. PP_CONTEXT_INFO = 11;
  362. PP_KEYEXCHANGE_KEYSIZE = 12;
  363. PP_SIGNATURE_KEYSIZE = 13;
  364. PP_KEYEXCHANGE_ALG = 14;
  365. PP_SIGNATURE_ALG = 15;
  366. PP_DELETEKEY = 24;
  367. PROV_RSA_FULL = 1;
  368. PROV_RSA_SIG = 2;
  369. PROV_DSS = 3;
  370. PROV_FORTEZZA = 4;
  371. PROV_MS_EXCHANGE = 5;
  372. PROV_SSL = 6;
  373. PROV_RSA_SCHANNEL = 12;
  374. PROV_DSS_DH = 13;
  375. PROV_EC_ECDSA_SIG = 14;
  376. PROV_EC_ECNRA_SIG = 15;
  377. PROV_EC_ECDSA_FULL = 16;
  378. PROV_EC_ECNRA_FULL = 17;
  379. PROV_SPYRUS_LYNKS = 20;
  380. // STT defined Providers
  381. PROV_STT_MER = 7;
  382. PROV_STT_ACQ = 8;
  383. PROV_STT_BRND = 9;
  384. PROV_STT_ROOT = 10;
  385. PROV_STT_ISS = 11;
  386. // Provider friendly names
  387. MS_DEF_PROV_A = 'Microsoft Base Cryptographic Provider v1.0';
  388. {$IFNDEF VER90}
  389. MS_DEF_PROV_W = WideString( 'Microsoft Base Cryptographic Provider v1.0');
  390. {$ELSE}
  391. MS_DEF_PROV_W = ( 'Microsoft Base Cryptographic Provider v1.0');
  392. {$ENDIF}
  393. {$IFDEF UNICODE}
  394. MS_DEF_PROV = MS_DEF_PROV_W;
  395. {$ELSE}
  396. MS_DEF_PROV = MS_DEF_PROV_A;
  397. {$ENDIF}
  398. MS_ENHANCED_PROV_A = 'Microsoft Enhanced Cryptographic Provider v1.0';
  399. {$IFNDEF VER90}
  400. MS_ENHANCED_PROV_W = WideString('Microsoft Enhanced Cryptographic Provider v1.0');
  401. {$ELSE}
  402. MS_ENHANCED_PROV_W = ('Microsoft Enhanced Cryptographic Provider v1.0');
  403. {$ENDIF}
  404. {$IFDEF UNICODE}
  405. MS_ENHANCED_PROV = MS_ENHANCED_PROV_W;
  406. {$ELSE}
  407. MS_ENHANCED_PROV = MS_ENHANCED_PROV_A;
  408. {$ENDIF}
  409. MS_DEF_RSA_SIG_PROV_A = 'Microsoft RSA Signature Cryptographic Provider';
  410. {$IFNDEF VER90}
  411. MS_DEF_RSA_SIG_PROV_W = WideString('Microsoft RSA Signature Cryptographic Provider');
  412. {$ELSE}
  413. MS_DEF_RSA_SIG_PROV_W = ('Microsoft RSA Signature Cryptographic Provider');
  414. {$ENDIF}
  415. {$IFDEF UNICODE}
  416. MS_DEF_RSA_SIG_PROV = MS_DEF_RSA_SIG_PROV_W;
  417. {$ELSE}
  418. MS_DEF_RSA_SIG_PROV = MS_DEF_RSA_SIG_PROV_A;
  419. {$ENDIF}
  420. MS_DEF_RSA_SCHANNEL_PROV_A = 'Microsoft Base RSA SChannel Cryptographic Provider';
  421. {$IFNDEF VER90}
  422. MS_DEF_RSA_SCHANNEL_PROV_W = WideString('Microsoft Base RSA SChannel Cryptographic Provider');
  423. {$ELSE}
  424. MS_DEF_RSA_SCHANNEL_PROV_W = ('Microsoft Base RSA SChannel Cryptographic Provider');
  425. {$ENDIF}
  426. {$IFDEF UNICODE}
  427. MS_DEF_RSA_SCHANNEL_PROV = MS_DEF_RSA_SCHANNEL_PROV_W;
  428. {$ELSE}
  429. MS_DEF_RSA_SCHANNEL_PROV = MS_DEF_RSA_SCHANNEL_PROV_A;
  430. {$ENDIF}
  431. MS_ENHANCED_RSA_SCHANNEL_PROV_A = 'Microsoft Enhanced RSA SChannel Cryptographic Provider';
  432. {$IFNDEF VER90}
  433. MS_ENHANCED_RSA_SCHANNEL_PROV_W = WideString('Microsoft Enhanced RSA SChannel Cryptographic Provider');
  434. {$ELSE}
  435. MS_ENHANCED_RSA_SCHANNEL_PROV_W = ('Microsoft Enhanced RSA SChannel Cryptographic Provider');
  436. {$ENDIF}
  437. {$IFDEF UNICODE}
  438. MS_ENHANCED_RSA_SCHANNEL_PROV = MS_ENHANCED_RSA_SCHANNEL_PROV_W;
  439. {$ELSE}
  440. MS_ENHANCED_RSA_SCHANNEL_PROV = MS_ENHANCED_RSA_SCHANNEL_PROV_A;
  441. {$ENDIF}
  442. MS_DEF_DSS_PROV_A = 'Microsoft Base DSS Cryptographic Provider';
  443. {$IFNDEF VER90}
  444. MS_DEF_DSS_PROV_W = WideString('Microsoft Base DSS Cryptographic Provider');
  445. {$ELSE}
  446. MS_DEF_DSS_PROV_W = ('Microsoft Base DSS Cryptographic Provider');
  447. {$ENDIF}
  448. {$IFDEF UNICODE}
  449. MS_DEF_DSS_PROV = MS_DEF_DSS_PROV_W;
  450. {$ELSE}
  451. MS_DEF_DSS_PROV = MS_DEF_DSS_PROV_A;
  452. {$ENDIF}
  453. MS_DEF_DSS_DH_PROV_A = 'Microsoft Base DSS and Diffie-Hellman Cryptographic Provider';
  454. {$IFNDEF VER90}
  455. MS_DEF_DSS_DH_PROV_W = WideString('Microsoft Base DSS and Diffie-Hellman Cryptographic Provider');
  456. {$ELSE}
  457. MS_DEF_DSS_DH_PROV_W = ('Microsoft Base DSS and Diffie-Hellman Cryptographic Provider');
  458. {$ENDIF}
  459. {$IFDEF UNICODE}
  460. MS_DEF_DSS_DH_PROV = MS_DEF_DSS_DH_PROV_W;
  461. {$ELSE}
  462. MS_DEF_DSS_DH_PROV = MS_DEF_DSS_DH_PROV_A;
  463. {$ENDIF}
  464. MAXUIDLEN = 64;
  465. CUR_BLOB_VERSION = 2;
  466. {structure for use with CryptSetHashParam with CALG_HMAC}
  467. type
  468. PHMAC_INFO = ^HMAC_INFO;
  469. HMAC_INFO = record
  470. HashAlgid :ALG_ID;
  471. pbInnerString :PBYTE;
  472. cbInnerString :DWORD;
  473. pbOuterString :PBYTE;
  474. cbOuterString :DWORD;
  475. end;
  476. // structure for use with CryptSetHashParam with CALG_HMAC
  477. type
  478. PSCHANNEL_ALG = ^SCHANNEL_ALG;
  479. SCHANNEL_ALG = record
  480. dwUse :DWORD;
  481. Algid :ALG_ID;
  482. cBits :DWORD;
  483. end;
  484. // uses of algortihms for SCHANNEL_ALG structure
  485. const
  486. SCHANNEL_MAC_KEY = $00000000;
  487. SCHANNEL_ENC_KEY = $00000001;
  488. type
  489. PPROV_ENUMALGS = ^PROV_ENUMALGS;
  490. PROV_ENUMALGS = record
  491. aiAlgid :ALG_ID;
  492. dwBitLen :DWORD;
  493. dwNameLen :DWORD;
  494. szName :array[0..20-1] of Char;
  495. end ;
  496. type
  497. PPROV_ENUMALGS_EX = ^PROV_ENUMALGS_EX;
  498. PROV_ENUMALGS_EX = record
  499. aiAlgid :ALG_ID;
  500. dwDefaultLen :DWORD;
  501. dwMinLen :DWORD;
  502. dwMaxLen :DWORD;
  503. dwProtocols :DWORD;
  504. dwNameLen :DWORD;
  505. szName :array[0..20-1] of Char;
  506. dwLongNameLen :DWORD;
  507. szLongName :array[0..40-1] of Char;
  508. end;
  509. type
  510. PPUBLICKEYSTRUC = ^PUBLICKEYSTRUC;
  511. PUBLICKEYSTRUC = record
  512. bType :BYTE;
  513. bVersion :BYTE;
  514. reserved :Word;
  515. aiKeyAlg :ALG_ID;
  516. end;
  517. type
  518. BLOBHEADER = PUBLICKEYSTRUC;
  519. PBLOBHEADER = ^BLOBHEADER;
  520. type
  521. PRSAPUBKEY = ^RSAPUBKEY;
  522. RSAPUBKEY = record
  523. magic :DWORD; // Has to be RSA1
  524. bitlen :DWORD; // # of bits in modulus
  525. pubexp :DWORD; // public exponent
  526. // Modulus data follows
  527. end;
  528. type
  529. PPUBKEY = ^PUBKEY;
  530. PUBKEY = record
  531. magic :DWORD;
  532. bitlen :DWORD; // # of bits in modulus
  533. end;
  534. type
  535. DHPUBKEY = PUBKEY;
  536. DSSPUBKEY = PUBKEY;
  537. KEAPUBKEY = PUBKEY;
  538. TEKPUBKEY = PUBKEY;
  539. type
  540. PDSSSEED = ^DSSSEED;
  541. DSSSEED = record
  542. counter :DWORD;
  543. seed :array[0..20-1] of BYTE;
  544. end;
  545. type
  546. PKEY_TYPE_SUBTYPE = ^KEY_TYPE_SUBTYPE;
  547. KEY_TYPE_SUBTYPE = record
  548. dwKeySpec :DWORD;
  549. Type_ :TGUID; {conflict with base Delphi type: original name 'Type'}
  550. Subtype :TGUID;
  551. end;
  552. type
  553. HCRYPTPROV = ULONG;
  554. PHCRYPTPROV = ^HCRYPTPROV;
  555. HCRYPTKEY = ULONG;
  556. PHCRYPTKEY = ^HCRYPTKEY;
  557. HCRYPTHASH = ULONG;
  558. PHCRYPTHASH = ^HCRYPTHASH;
  559. function CryptAcquireContextA(phProv :PHCRYPTPROV;
  560. pszContainer :PAnsiChar;
  561. pszProvider :PAnsiChar;
  562. dwProvType :DWORD;
  563. dwFlags :DWORD) :BOOL;stdcall;
  564. function CryptAcquireContext(phProv :PHCRYPTPROV;
  565. pszContainer :LPAWSTR;
  566. pszProvider :LPAWSTR;
  567. dwProvType :DWORD;
  568. dwFlags :DWORD) :BOOL;stdcall;
  569. function CryptAcquireContextW(phProv :PHCRYPTPROV;
  570. pszContainer :PWideChar;
  571. pszProvider :PWideChar;
  572. dwProvType :DWORD;
  573. dwFlags :DWORD) :BOOL ;stdcall;
  574. function CryptReleaseContext(hProv :HCRYPTPROV;
  575. dwFlags :DWORD) :BOOL;stdcall;
  576. function CryptGenKey(hProv :HCRYPTPROV;
  577. Algid :ALG_ID;
  578. dwFlags :DWORD;
  579. phKey :PHCRYPTKEY) :BOOL;stdcall ;
  580. function CryptDeriveKey(hProv :HCRYPTPROV;
  581. Algid :ALG_ID;
  582. hBaseData :HCRYPTHASH;
  583. dwFlags :DWORD;
  584. phKey :PHCRYPTKEY) :BOOL;stdcall ;
  585. function CryptDestroyKey(hKey :HCRYPTKEY) :BOOL;stdcall ;
  586. function CryptSetKeyParam(hKey :HCRYPTKEY;
  587. dwParam :DWORD;
  588. pbData :PBYTE;
  589. dwFlags :DWORD) :BOOL;stdcall;
  590. function CryptGetKeyParam(hKey :HCRYPTKEY;
  591. dwParam :DWORD;
  592. pbData :PBYTE;
  593. pdwDataLen :PDWORD;
  594. dwFlags :DWORD) :BOOL;stdcall;
  595. function CryptSetHashParam(hHash :HCRYPTHASH;
  596. dwParam :DWORD;
  597. pbData :PBYTE;
  598. dwFlags :DWORD) :BOOL;stdcall;
  599. function CryptGetHashParam(hHash :HCRYPTHASH;
  600. dwParam :DWORD;
  601. pbData :PBYTE;
  602. pdwDataLen :PDWORD;
  603. dwFlags :DWORD) :BOOL;stdcall;
  604. function CryptSetProvParam(hProv :HCRYPTPROV;
  605. dwParam :DWORD;
  606. pbData :PBYTE;
  607. dwFlags :DWORD) :BOOL;stdcall;
  608. function CryptGetProvParam(hProv :HCRYPTPROV;
  609. dwParam :DWORD;
  610. pbData :PBYTE;
  611. pdwDataLen :PDWORD;
  612. dwFlags :DWORD) :BOOL;stdcall;
  613. function CryptGenRandom(hProv :HCRYPTPROV;
  614. dwLen :DWORD;
  615. pbBuffer :PBYTE) :BOOL;stdcall;
  616. function CryptGetUserKey(hProv :HCRYPTPROV;
  617. dwKeySpec :DWORD;
  618. phUserKey :PHCRYPTKEY) :BOOL;stdcall;
  619. function CryptExportKey(hKey :HCRYPTKEY;
  620. hExpKey :HCRYPTKEY;
  621. dwBlobType :DWORD;
  622. dwFlags :DWORD;
  623. pbData :PBYTE;
  624. pdwDataLen :PDWORD) :BOOL;stdcall;
  625. function CryptImportKey(hProv :HCRYPTPROV;
  626. pbData :PBYTE;
  627. dwDataLen :DWORD;
  628. hPubKey :HCRYPTKEY;
  629. dwFlags :DWORD;
  630. phKey :PHCRYPTKEY) :BOOL;stdcall;
  631. function CryptEncrypt(hKey :HCRYPTKEY;
  632. hHash :HCRYPTHASH;
  633. Final :BOOL;
  634. dwFlags :DWORD;
  635. pbData :PBYTE;
  636. pdwDataLen :PDWORD;
  637. dwBufLen :DWORD) :BOOL;stdcall;
  638. function CryptDecrypt(hKey :HCRYPTKEY;
  639. hHash :HCRYPTHASH;
  640. Final :BOOL;
  641. dwFlags :DWORD;
  642. pbData :PBYTE;
  643. pdwDataLen :PDWORD) :BOOL;stdcall;
  644. function CryptCreateHash(hProv :HCRYPTPROV;
  645. Algid :ALG_ID;
  646. hKey :HCRYPTKEY;
  647. dwFlags :DWORD;
  648. phHash :PHCRYPTHASH) :BOOL;stdcall;
  649. function CryptHashData(hHash :HCRYPTHASH;
  650. const pbData :PBYTE;
  651. dwDataLen :DWORD;
  652. dwFlags :DWORD) :BOOL;stdcall;
  653. function CryptHashSessionKey(hHash :HCRYPTHASH;
  654. hKey :HCRYPTKEY;
  655. dwFlags :DWORD) :BOOL;stdcall;
  656. function CryptDestroyHash(hHash :HCRYPTHASH) :BOOL;stdcall;
  657. function CryptSignHashA(hHash :HCRYPTHASH;
  658. dwKeySpec :DWORD;
  659. sDescription :PAnsiChar;
  660. dwFlags :DWORD;
  661. pbSignature :PBYTE;
  662. pdwSigLen :PDWORD) :BOOL;stdcall;
  663. function CryptSignHash(hHash :HCRYPTHASH;
  664. dwKeySpec :DWORD;
  665. sDescription :LPAWSTR;
  666. dwFlags :DWORD;
  667. pbSignature :PBYTE;
  668. pdwSigLen :PDWORD) :BOOL;stdcall;
  669. function CryptSignHashW(hHash :HCRYPTHASH;
  670. dwKeySpec :DWORD;
  671. sDescription :PWideChar;
  672. dwFlags :DWORD;
  673. pbSignature :PBYTE;
  674. pdwSigLen :PDWORD) :BOOL;stdcall;
  675. function CryptSignHashU(hHash :HCRYPTHASH;
  676. dwKeySpec :DWORD;
  677. sDescription :PWideChar;
  678. dwFlags :DWORD;
  679. pbSignature :PBYTE;
  680. pdwSigLen :PDWORD) :BOOL;stdcall;
  681. function CryptVerifySignatureA(hHash :HCRYPTHASH;
  682. const pbSignature :PBYTE;
  683. dwSigLen :DWORD;
  684. hPubKey :HCRYPTKEY;
  685. sDescription :PAnsiChar;
  686. dwFlags :DWORD) :BOOL;stdcall;
  687. function CryptVerifySignature(hHash :HCRYPTHASH;
  688. const pbSignature :PBYTE;
  689. dwSigLen :DWORD;
  690. hPubKey :HCRYPTKEY;
  691. sDescription :LPAWSTR;
  692. dwFlags :DWORD) :BOOL;stdcall;
  693. function CryptVerifySignatureW(hHash :HCRYPTHASH;
  694. const pbSignature :PBYTE;
  695. dwSigLen :DWORD;
  696. hPubKey :HCRYPTKEY;
  697. sDescription :PWideChar;
  698. dwFlags :DWORD) :BOOL;stdcall;
  699. function CryptSetProviderA(pszProvName :PAnsiChar;
  700. dwProvType :DWORD) :BOOL;stdcall;
  701. function CryptSetProvider(pszProvName :LPAWSTR;
  702. dwProvType :DWORD) :BOOL;stdcall;
  703. function CryptSetProviderW(pszProvName :PWideChar;
  704. dwProvType :DWORD) :BOOL;stdcall;
  705. function CryptSetProviderU(pszProvName :PWideChar;
  706. dwProvType :DWORD) :BOOL;stdcall;
  707. {$IFDEF NT5}
  708. function CryptSetProviderExA(pszProvName :LPCSTR;
  709. dwProvType :DWORD;
  710. pdwReserved :PDWORD;
  711. dwFlags :DWORD):BOOL;stdcall;
  712. function CryptSetProviderExW(pszProvName :LPCWSTR;
  713. dwProvType :DWORD;
  714. pdwReserved :PDWORD;
  715. dwFlags :DWORD):BOOL;stdcall;
  716. function CryptSetProviderEx(pszProvName :LPAWSTR;
  717. dwProvType :DWORD;
  718. pdwReserved :PDWORD;
  719. dwFlags :DWORD):BOOL;stdcall;
  720. function CryptGetDefaultProviderA(dwProvType :DWORD;
  721. pdwReserved :DWORD;
  722. dwFlags :DWORD;
  723. pszProvName :LPSTR;
  724. pcbProvName :PDWORD):BOOL ; stdcall;
  725. function CryptGetDefaultProviderW(dwProvType :DWORD;
  726. pdwReserved :DWORD;
  727. dwFlags :DWORD;
  728. pszProvName :LPWSTR;
  729. pcbProvName :PDWORD):BOOL ; stdcall;
  730. function CryptGetDefaultProvider(dwProvType :DWORD;
  731. pdwReserved :DWORD;
  732. dwFlags :DWORD;
  733. pszProvName :LPAWSTR;
  734. pcbProvName :PDWORD):BOOL ; stdcall;
  735. function CryptEnumProviderTypesA(dwIndex :DWORD;
  736. pdwReserved :PDWORD;
  737. dwFlags :DWORD;
  738. pdwProvType :PDWORD;
  739. pszTypeName :LPSTR;
  740. pcbTypeName :PDWORD):BOOL ; stdcall;
  741. function CryptEnumProviderTypesW(dwIndex :DWORD;
  742. pdwReserved :PDWORD;
  743. dwFlags :DWORD;
  744. pdwProvType :PDWORD;
  745. pszTypeName :LPWSTR;
  746. pcbTypeName :PDWORD):BOOL ; stdcall;
  747. function CryptEnumProviderTypes(dwIndex :DWORD;
  748. pdwReserved :PDWORD;
  749. dwFlags :DWORD;
  750. pdwProvType :PDWORD;
  751. pszTypeName :LPAWSTR;
  752. pcbTypeName :PDWORD):BOOL ; stdcall;
  753. function CryptEnumProvidersA(dwIndex :DWORD;
  754. pdwReserved :PDWORD;
  755. dwFlags :DWORD;
  756. pdwProvType :PDWORD;
  757. pszProvName :LPSTR;
  758. pcbProvName :PDWORD):BOOL ; stdcall;
  759. function CryptEnumProvidersW(dwIndex :DWORD;
  760. pdwReserved :PDWORD;
  761. dwFlags :DWORD;
  762. pdwProvType :PDWORD;
  763. pszProvName :LPWSTR;
  764. pcbProvName :PDWORD):BOOL ; stdcall;
  765. function CryptEnumProviders(dwIndex :DWORD;
  766. pdwReserved :PDWORD;
  767. dwFlags :DWORD;
  768. pdwProvType :PDWORD;
  769. pszProvName :LPAWSTR;
  770. pcbProvName :PDWORD):BOOL ; stdcall;
  771. function CryptContextAddRef(hProv :HCRYPTPROV;
  772. pdwReserved :PDWORD;
  773. dwFlags :DWORD):BOOL ; stdcall;
  774. function CryptDuplicateKey(hKey :HCRYPTKEY;
  775. pdwReserved :PDWORD;
  776. dwFlags :DWORD;
  777. phKey :PHCRYPTKEY):BOOL ; stdcall;
  778. function CryptDuplicateHash(hHash :HCRYPTHASH;
  779. pdwReserved :PDWORD;
  780. dwFlags :DWORD;
  781. phHash :PHCRYPTHASH):BOOL ; stdcall;
  782. {$ENDIF NT5}
  783. function CryptEnumProvidersU(dwIndex :DWORD;
  784. pdwReserved :PDWORD;
  785. dwFlags :DWORD;
  786. pdwProvType :PDWORD;
  787. pszProvName :LPWSTR;
  788. pcbProvName :PDWORD):BOOL ; stdcall;
  789. //+-------------------------------------------------------------------------
  790. // CRYPTOAPI BLOB definitions
  791. //--------------------------------------------------------------------------
  792. type
  793. PCRYPTOAPI_BLOB = ^CRYPTOAPI_BLOB;
  794. CRYPTOAPI_BLOB = record
  795. cbData :DWORD;
  796. pbData :PBYTE;
  797. end;
  798. type
  799. CRYPT_INTEGER_BLOB = CRYPTOAPI_BLOB;
  800. PCRYPT_INTEGER_BLOB = ^CRYPT_INTEGER_BLOB;
  801. CRYPT_UINT_BLOB = CRYPTOAPI_BLOB;
  802. PCRYPT_UINT_BLOB = ^CRYPT_UINT_BLOB;
  803. CRYPT_OBJID_BLOB = CRYPTOAPI_BLOB;
  804. PCRYPT_OBJID_BLOB = ^CRYPT_OBJID_BLOB;
  805. CERT_NAME_BLOB = CRYPTOAPI_BLOB;
  806. PCERT_NAME_BLOB = ^CERT_NAME_BLOB;
  807. CERT_RDN_VALUE_BLOB = CRYPTOAPI_BLOB;
  808. PCERT_RDN_VALUE_BLOB = ^CERT_RDN_VALUE_BLOB;
  809. CERT_BLOB = CRYPTOAPI_BLOB;
  810. PCERT_BLOB = ^CERT_BLOB;
  811. CRL_BLOB = CRYPTOAPI_BLOB;
  812. PCRL_BLOB = ^CRL_BLOB;
  813. DATA_BLOB = CRYPTOAPI_BLOB;
  814. PDATA_BLOB = ^DATA_BLOB; // JEFFJEFF temporary (too generic)
  815. CRYPT_DATA_BLOB = CRYPTOAPI_BLOB;
  816. PCRYPT_DATA_BLOB = ^CRYPT_DATA_BLOB;
  817. CRYPT_HASH_BLOB = CRYPTOAPI_BLOB;
  818. PCRYPT_HASH_BLOB = ^CRYPT_HASH_BLOB;
  819. CRYPT_DIGEST_BLOB = CRYPTOAPI_BLOB;
  820. PCRYPT_DIGEST_BLOB = ^CRYPT_DIGEST_BLOB;
  821. CRYPT_DER_BLOB = CRYPTOAPI_BLOB;
  822. PCRYPT_DER_BLOB = ^CRYPT_DER_BLOB;
  823. CRYPT_ATTR_BLOB = CRYPTOAPI_BLOB;
  824. PCRYPT_ATTR_BLOB = ^CRYPT_ATTR_BLOB;
  825. //+-------------------------------------------------------------------------
  826. // In a CRYPT_BIT_BLOB the last byte may contain 0-7 unused bits. Therefore, the
  827. // overall bit length is cbData * 8 - cUnusedBits.
  828. //--------------------------------------------------------------------------
  829. type
  830. PCRYPT_BIT_BLOB = ^CRYPT_BIT_BLOB;
  831. CRYPT_BIT_BLOB = record
  832. cbData :DWORD;
  833. pbData :PBYTE;
  834. cUnusedBits :DWORD;
  835. end;
  836. //+-------------------------------------------------------------------------
  837. // Type used for any algorithm
  838. //
  839. // Where the Parameters CRYPT_OBJID_BLOB is in its encoded representation. For most
  840. // algorithm types, the Parameters CRYPT_OBJID_BLOB is NULL (Parameters.cbData = 0).
  841. //--------------------------------------------------------------------------
  842. type
  843. PCRYPT_ALGORITHM_IDENTIFIER = ^CRYPT_ALGORITHM_IDENTIFIER;
  844. CRYPT_ALGORITHM_IDENTIFIER = record
  845. pszObjId :LPSTR;
  846. Parameters :CRYPT_OBJID_BLOB;
  847. end;
  848. // Following are the definitions of various algorithm object identifiers
  849. // RSA
  850. const
  851. szOID_RSA = '1.2.840.113549';
  852. szOID_PKCS = '1.2.840.113549.1';
  853. szOID_RSA_HASH = '1.2.840.113549.2';
  854. szOID_RSA_ENCRYPT = '1.2.840.113549.3';
  855. szOID_PKCS_1 = '1.2.840.113549.1.1';
  856. szOID_PKCS_2 = '1.2.840.113549.1.2';
  857. szOID_PKCS_3 = '1.2.840.113549.1.3';
  858. szOID_PKCS_4 = '1.2.840.113549.1.4';
  859. szOID_PKCS_5 = '1.2.840.113549.1.5';
  860. szOID_PKCS_6 = '1.2.840.113549.1.6';
  861. szOID_PKCS_7 = '1.2.840.113549.1.7';
  862. szOID_PKCS_8 = '1.2.840.113549.1.8';
  863. szOID_PKCS_9 = '1.2.840.113549.1.9';
  864. szOID_PKCS_10 = '1.2.840.113549.1.10';
  865. szOID_RSA_RSA = '1.2.840.113549.1.1.1';
  866. szOID_RSA_MD2RSA = '1.2.840.113549.1.1.2';
  867. szOID_RSA_MD4RSA = '1.2.840.113549.1.1.3';
  868. szOID_RSA_MD5RSA = '1.2.840.113549.1.1.4';
  869. szOID_RSA_SHA1RSA = '1.2.840.113549.1.1.5';
  870. szOID_RSA_SETOAEP_RSA = '1.2.840.113549.1.1.6';
  871. szOID_RSA_data = '1.2.840.113549.1.7.1';
  872. szOID_RSA_signedData = '1.2.840.113549.1.7.2';
  873. szOID_RSA_envelopedData = '1.2.840.113549.1.7.3';
  874. szOID_RSA_signEnvData = '1.2.840.113549.1.7.4';
  875. szOID_RSA_digestedData = '1.2.840.113549.1.7.5';
  876. szOID_RSA_hashedData = '1.2.840.113549.1.7.5';
  877. szOID_RSA_encryptedData = '1.2.840.113549.1.7.6';
  878. szOID_RSA_emailAddr = '1.2.840.113549.1.9.1';
  879. szOID_RSA_unstructName = '1.2.840.113549.1.9.2';
  880. szOID_RSA_contentType = '1.2.840.113549.1.9.3';
  881. szOID_RSA_messageDigest = '1.2.840.113549.1.9.4';
  882. szOID_RSA_signingTime = '1.2.840.113549.1.9.5';
  883. szOID_RSA_counterSign = '1.2.840.113549.1.9.6';
  884. szOID_RSA_challengePwd = '1.2.840.113549.1.9.7';
  885. szOID_RSA_unstructAddr = '1.2.840.113549.1.9.8';
  886. szOID_RSA_extCertAttrs = '1.2.840.113549.1.9.9';
  887. szOID_RSA_SMIMECapabilities = '1.2.840.113549.1.9.15';
  888. szOID_RSA_preferSignedData = '1.2.840.113549.1.9.15.1';
  889. szOID_RSA_MD2 = '1.2.840.113549.2.2';
  890. szOID_RSA_MD4 = '1.2.840.113549.2.4';
  891. szOID_RSA_MD5 = '1.2.840.113549.2.5';
  892. szOID_RSA_RC2CBC = '1.2.840.113549.3.2';
  893. szOID_RSA_RC4 = '1.2.840.113549.3.4';
  894. szOID_RSA_DES_EDE3_CBC = '1.2.840.113549.3.7';
  895. szOID_RSA_RC5_CBCPad = '1.2.840.113549.3.9';
  896. // ITU-T UsefulDefinitions
  897. szOID_DS = '2.5';
  898. szOID_DSALG = '2.5.8';
  899. szOID_DSALG_CRPT = '2.5.8.1';
  900. szOID_DSALG_HASH = '2.5.8.2';
  901. szOID_DSALG_SIGN = '2.5.8.3';
  902. szOID_DSALG_RSA = '2.5.8.1.1';
  903. // NIST OSE Implementors' Workshop (OIW)
  904. // http://nemo.ncsl.nist.gov/oiw/agreements/stable/OSI/12s_9506.w51
  905. // http://nemo.ncsl.nist.gov/oiw/agreements/working/OSI/12w_9503.w51
  906. szOID_OIW = '1.3.14';
  907. // NIST OSE Implementors' Workshop (OIW) Security SIG algorithm identifiers
  908. szOID_OIWSEC = '1.3.14.3.2';
  909. szOID_OIWSEC_md4RSA = '1.3.14.3.2.2';
  910. szOID_OIWSEC_md5RSA = '1.3.14.3.2.3';
  911. szOID_OIWSEC_md4RSA2 = '1.3.14.3.2.4';
  912. szOID_OIWSEC_desECB = '1.3.14.3.2.6';
  913. szOID_OIWSEC_desCBC = '1.3.14.3.2.7';
  914. szOID_OIWSEC_desOFB = '1.3.14.3.2.8';
  915. szOID_OIWSEC_desCFB = '1.3.14.3.2.9';
  916. szOID_OIWSEC_desMAC = '1.3.14.3.2.10';
  917. szOID_OIWSEC_rsaSign = '1.3.14.3.2.11';
  918. szOID_OIWSEC_dsa = '1.3.14.3.2.12';
  919. szOID_OIWSEC_shaDSA = '1.3.14.3.2.13';
  920. szOID_OIWSEC_mdc2RSA = '1.3.14.3.2.14';
  921. szOID_OIWSEC_shaRSA = '1.3.14.3.2.15';
  922. szOID_OIWSEC_dhCommMod = '1.3.14.3.2.16';
  923. szOID_OIWSEC_desEDE = '1.3.14.3.2.17';
  924. szOID_OIWSEC_sha = '1.3.14.3.2.18';
  925. szOID_OIWSEC_mdc2 = '1.3.14.3.2.19';
  926. szOID_OIWSEC_dsaComm = '1.3.14.3.2.20';
  927. szOID_OIWSEC_dsaCommSHA = '1.3.14.3.2.21';
  928. szOID_OIWSEC_rsaXchg = '1.3.14.3.2.22';
  929. szOID_OIWSEC_keyHashSeal = '1.3.14.3.2.23';
  930. szOID_OIWSEC_md2RSASign = '1.3.14.3.2.24';
  931. szOID_OIWSEC_md5RSASign = '1.3.14.3.2.25';
  932. szOID_OIWSEC_sha1 = '1.3.14.3.2.26';
  933. szOID_OIWSEC_dsaSHA1 = '1.3.14.3.2.27';
  934. szOID_OIWSEC_dsaCommSHA1 = '1.3.14.3.2.28';
  935. szOID_OIWSEC_sha1RSASign = '1.3.14.3.2.29';
  936. // NIST OSE Implementors' Workshop (OIW) Directory SIG algorithm identifiers
  937. szOID_OIWDIR = '1.3.14.7.2';
  938. szOID_OIWDIR_CRPT = '1.3.14.7.2.1';
  939. szOID_OIWDIR_HASH = '1.3.14.7.2.2';
  940. szOID_OIWDIR_SIGN = '1.3.14.7.2.3';
  941. szOID_OIWDIR_md2 = '1.3.14.7.2.2.1';
  942. szOID_OIWDIR_md2RSA = '1.3.14.7.2.3.1';
  943. // INFOSEC Algorithms
  944. // joint-iso-ccitt(2) country(16) us(840) organization(1) us-government(101) dod(2) id-infosec(1)
  945. szOID_INFOSEC = '2.16.840.1.101.2.1';
  946. szOID_INFOSEC_sdnsSignature = '2.16.840.1.101.2.1.1.1';
  947. szOID_INFOSEC_mosaicSignature = '2.16.840.1.101.2.1.1.2';
  948. szOID_INFOSEC_sdnsConfidentiality = '2.16.840.1.101.2.1.1.3';
  949. szOID_INFOSEC_mosaicConfidentiality = '2.16.840.1.101.2.1.1.4';
  950. szOID_INFOSEC_sdnsIntegrity = '2.16.840.1.101.2.1.1.5';
  951. szOID_INFOSEC_mosaicIntegrity = '2.16.840.1.101.2.1.1.6';
  952. szOID_INFOSEC_sdnsTokenProtection = '2.16.840.1.101.2.1.1.7';
  953. szOID_INFOSEC_mosaicTokenProtection = '2.16.840.1.101.2.1.1.8';
  954. szOID_INFOSEC_sdnsKeyManagement = '2.16.840.1.101.2.1.1.9';
  955. szOID_INFOSEC_mosaicKeyManagement = '2.16.840.1.101.2.1.1.10';
  956. szOID_INFOSEC_sdnsKMandSig = '2.16.840.1.101.2.1.1.11';
  957. szOID_INFOSEC_mosaicKMandSig = '2.16.840.1.101.2.1.1.12';
  958. szOID_INFOSEC_SuiteASignature = '2.16.840.1.101.2.1.1.13';
  959. szOID_INFOSEC_SuiteAConfidentiality = '2.16.840.1.101.2.1.1.14';
  960. szOID_INFOSEC_SuiteAIntegrity = '2.16.840.1.101.2.1.1.15';
  961. szOID_INFOSEC_SuiteATokenProtection = '2.16.840.1.101.2.1.1.16';
  962. szOID_INFOSEC_SuiteAKeyManagement = '2.16.840.1.101.2.1.1.17';
  963. szOID_INFOSEC_SuiteAKMandSig = '2.16.840.1.101.2.1.1.18';
  964. szOID_INFOSEC_mosaicUpdatedSig = '2.16.840.1.101.2.1.1.19';
  965. szOID_INFOSEC_mosaicKMandUpdSig = '2.16.840.1.101.2.1.1.20';
  966. szOID_INFOSEC_mosaicUpdatedInteg = '2.16.840.1.101.2.1.1.21';
  967. type
  968. PCRYPT_OBJID_TABLE = ^CRYPT_OBJID_TABLE;
  969. CRYPT_OBJID_TABLE = record
  970. dwAlgId :DWORD;
  971. pszObjId :LPCSTR;
  972. end;
  973. //+-------------------------------------------------------------------------
  974. // PKCS #1 HashInfo (DigestInfo)
  975. //--------------------------------------------------------------------------
  976. type
  977. PCRYPT_HASH_INFO = ^CRYPT_HASH_INFO;
  978. CRYPT_HASH_INFO = record
  979. HashAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
  980. Hash :CRYPT_HASH_BLOB;
  981. end;
  982. //+-------------------------------------------------------------------------
  983. // Type used for an extension to an encoded content
  984. //
  985. // Where the Value's CRYPT_OBJID_BLOB is in its encoded representation.
  986. //--------------------------------------------------------------------------
  987. type
  988. PCERT_EXTENSION = ^CERT_EXTENSION;
  989. CERT_EXTENSION = record
  990. pszObjId :LPSTR;
  991. fCritical :BOOL;
  992. Value :CRYPT_OBJID_BLOB;
  993. end;
  994. //+-------------------------------------------------------------------------
  995. // AttributeTypeValue
  996. //
  997. // Where the Value's CRYPT_OBJID_BLOB is in its encoded representation.
  998. //--------------------------------------------------------------------------
  999. type
  1000. PCRYPT_ATTRIBUTE_TYPE_VALUE =^CRYPT_ATTRIBUTE_TYPE_VALUE;
  1001. CRYPT_ATTRIBUTE_TYPE_VALUE = record
  1002. pszObjId :LPSTR;
  1003. Value :CRYPT_OBJID_BLOB;
  1004. end;
  1005. //+-------------------------------------------------------------------------
  1006. // Attributes
  1007. //
  1008. // Where the Value's PATTR_BLOBs are in their encoded representation.
  1009. //--------------------------------------------------------------------------
  1010. type
  1011. PCRYPT_ATTRIBUTE = ^CRYPT_ATTRIBUTE;
  1012. CRYPT_ATTRIBUTE = record
  1013. pszObjId :LPSTR;
  1014. cValue :DWORD;
  1015. rgValue :PCRYPT_ATTR_BLOB;
  1016. end;
  1017. type
  1018. PCRYPT_ATTRIBUTES =^CRYPT_ATTRIBUTES;
  1019. CRYPT_ATTRIBUTES = record
  1020. cAttr :DWORD; {IN}
  1021. rgAttr :PCRYPT_ATTRIBUTE; {IN}
  1022. end;
  1023. //+-------------------------------------------------------------------------
  1024. // Attributes making up a Relative Distinguished Name (CERT_RDN)
  1025. //
  1026. // The interpretation of the Value depends on the dwValueType.
  1027. // See below for a list of the types.
  1028. //--------------------------------------------------------------------------
  1029. type
  1030. PCERT_RDN_ATTR = ^CERT_RDN_ATTR;
  1031. CERT_RDN_ATTR = record
  1032. pszObjId :LPSTR;
  1033. dwValueType :DWORD;
  1034. Value :CERT_RDN_VALUE_BLOB;
  1035. end;
  1036. //+-------------------------------------------------------------------------
  1037. // CERT_RDN attribute Object Identifiers
  1038. //--------------------------------------------------------------------------
  1039. // Labeling attribute types:
  1040. const
  1041. szOID_COMMON_NAME = '2.5.4.3'; // case-ignore string
  1042. szOID_SUR_NAME = '2.5.4.4'; // case-ignore string
  1043. szOID_DEVICE_SERIAL_NUMBER = '2.5.4.5'; // printable string
  1044. // Geographic attribute types:
  1045. szOID_COUNTRY_NAME = '2.5.4.6'; // printable 2char string
  1046. szOID_LOCALITY_NAME = '2.5.4.7'; // case-ignore string
  1047. szOID_STATE_OR_PROVINCE_NAME = '2.5.4.8'; // case-ignore string
  1048. szOID_STREET_ADDRESS = '2.5.4.9'; // case-ignore string
  1049. // Organizational attribute types:
  1050. szOID_ORGANIZATION_NAME = '2.5.4.10';// case-ignore string
  1051. szOID_ORGANIZATIONAL_UNIT_NAME = '2.5.4.11'; // case-ignore string
  1052. szOID_TITLE = '2.5.4.12'; // case-ignore string
  1053. // Explanatory attribute types:
  1054. szOID_DESCRIPTION = '2.5.4.13'; // case-ignore string
  1055. szOID_SEARCH_GUIDE = '2.5.4.14';
  1056. szOID_BUSINESS_CATEGORY = '2.5.4.15'; // case-ignore string
  1057. // Postal addressing attribute types:
  1058. szOID_POSTAL_ADDRESS = '2.5.4.16';
  1059. szOID_POSTAL_CODE = '2.5.4.17'; // case-ignore string
  1060. szOID_POST_OFFICE_BOX = '2.5.4.18'; // case-ignore string
  1061. szOID_PHYSICAL_DELIVERY_OFFICE_NAME = '2.5.4.19'; // case-ignore string
  1062. // Telecommunications addressing attribute types:
  1063. szOID_TELEPHONE_NUMBER = '2.5.4.20'; // telephone number
  1064. szOID_TELEX_NUMBER = '2.5.4.21';
  1065. szOID_TELETEXT_TERMINAL_IDENTIFIER = '2.5.4.22';
  1066. szOID_FACSIMILE_TELEPHONE_NUMBER = '2.5.4.23';
  1067. szOID_X21_ADDRESS = '2.5.4.24'; // numeric string
  1068. szOID_INTERNATIONAL_ISDN_NUMBER = '2.5.4.25'; // numeric string
  1069. szOID_REGISTERED_ADDRESS = '2.5.4.26';
  1070. szOID_DESTINATION_INDICATOR = '2.5.4.27'; // printable string
  1071. // Preference attribute types:
  1072. szOID_PREFERRED_DELIVERY_METHOD = '2.5.4.28';
  1073. // OSI application attribute types:
  1074. szOID_PRESENTATION_ADDRESS = '2.5.4.29';
  1075. szOID_SUPPORTED_APPLICATION_CONTEXT = '2.5.4.30';
  1076. // Relational application attribute types:
  1077. szOID_MEMBER = '2.5.4.31';
  1078. szOID_OWNER = '2.5.4.32';
  1079. szOID_ROLE_OCCUPANT = '2.5.4.33';
  1080. szOID_SEE_ALSO = '2.5.4.34';
  1081. // Security attribute types:
  1082. szOID_USER_PASSWORD = '2.5.4.35';
  1083. szOID_USER_CERTIFICATE = '2.5.4.36';
  1084. szOID_CA_CERTIFICATE = '2.5.4.37';
  1085. szOID_AUTHORITY_REVOCATION_LIST = '2.5.4.38';
  1086. szOID_CERTIFICATE_REVOCATION_LIST = '2.5.4.39';
  1087. szOID_CROSS_CERTIFICATE_PAIR = '2.5.4.40';
  1088. // Undocumented attribute types???
  1089. //#define szOID_??? '2.5.4.41'
  1090. szOID_GIVEN_NAME = '2.5.4.42'; // case-ignore string
  1091. szOID_INITIALS = '2.5.4.43'; // case-ignore string
  1092. // Pilot user attribute types:
  1093. szOID_DOMAIN_COMPONENT = '0.9.2342.19200300.100.1.25'; // IA5 string
  1094. //+-------------------------------------------------------------------------
  1095. // CERT_RDN Attribute Value Types
  1096. //
  1097. // For RDN_ENCODED_BLOB, the Value's CERT_RDN_VALUE_BLOB is in its encoded
  1098. // representation. Otherwise, its an array of bytes.
  1099. //
  1100. // For all CERT_RDN types, Value.cbData is always the number of bytes, not
  1101. // necessarily the number of elements in the string. For instance,
  1102. // RDN_UNIVERSAL_STRING is an array of ints (cbData == intCnt * 4) and
  1103. // RDN_BMP_STRING is an array of unsigned shorts (cbData == ushortCnt * 2).
  1104. //
  1105. // For CertDecodeName, two 0 bytes are always appended to the end of the
  1106. // string (ensures a CHAR or WCHAR string is null termi…