diCrPKI.D

module diCrPKI;
/*  $Id: diCrPKI.h $ */

/*  For `CryptoSys PKI` Version 3.9.0.
  Requires `diCrPKI.lib` and `diCrPKI.dll` for Win32/64
  or `diCrPKI.a` for Linux.
*/

/*  Copyright (C) 2002-12 DI Management Services Pty Limited
  <www.di-mgt.com.au> <www.cryptosys.net>
  All rights reserved.

  Last updated:
  $Date: 2012-09-08 15:23:00 $
  $Revision: 3.9.0 $
*/


const DICRPKI_H_ = 1;
/* GENERAL CONSTANTS */
const PKI_DIR_ENCRYPT = 1;
/* Synonyms for direction */
const PKI_DIR_DECRYPT = 0;
const ENCRYPT = 1;
/* Maximum number of bytes in hash digest byte array */
const DECRYPT = 0;
const PKI_MAX_HASH_BYTES = 64;
const PKI_SHA1_BYTES = 20;
const PKI_SHA224_BYTES = 28;
const PKI_SHA256_BYTES = 32;
const PKI_SHA384_BYTES = 48;
const PKI_SHA512_BYTES = 64;
const PKI_MD5_BYTES = 16;
/* Maximum number of hex characters in hash digest (excl null) */
const PKI_MD2_BYTES = 16;
/* Synonym retained for backwards compatibility */
/* Encryption block sizes in bytes */
alias PKI_MAX_HASH_CHARS PKI_MAX_HASH_LEN;
const PKI_BLK_TDEA_BYTES = 8;
/* Key size in bytes */
const PKI_BLK_AES_BYTES = 16;
const PKI_KEYSIZE_TDEA_BYTES = 24;
/* Required size for RNG seed file */
const PKI_KEYSIZE_MAX_BYTES = 32;

const PKI_RNG_SEED_BYTES = 64;
/* OPTIONS */

const PKI_DEFAULT = 0;
/* Signature algorithms */
const PKI_SIG_SHA1RSA = 0;
const PKI_SIG_MD5RSA = 1;
const PKI_SIG_MD2RSA = 2;
const PKI_SIG_SHA256RSA = 3;
const PKI_SIG_SHA384RSA = 4;
const PKI_SIG_SHA512RSA = 5;

const PKI_SIG_SHA224RSA = 6;
/* PKCS#5 Password-based encryption algorithms */
const PKI_PBE_SHA_3DES = 0;
const PKI_PBE_MD5_DES = 1;
const PKI_PBE_MD2_DES = 2;
const PKI_PBE_SHA_DES = 3;
const PKI_PBES2_3DES = 4;

const PKI_PBE_PBES2 = 0x1000;
/* Message digest hash algorithms */
const PKI_HASH_SHA1 = 0;
const PKI_HASH_MD5 = 1;
const PKI_HASH_MD2 = 2;
const PKI_HASH_SHA256 = 3;
const PKI_HASH_SHA384 = 4;
const PKI_HASH_SHA512 = 5;
const PKI_HASH_SHA224 = 6;

const PKI_HASH_MODE_TEXT = 0x10000;
/* nFermatExp values for RSA exponent */
const PKI_RSAEXP_EQ_3 = 0;
const PKI_RSAEXP_EQ_5 = 1;
const PKI_RSAEXP_EQ_17 = 2;
const PKI_RSAEXP_EQ_257 = 3;

const PKI_RSAEXP_EQ_65537 = 4;
/* Return values for RSA_CheckKey */
const PKI_VALID_PUBLICKEY = 1;

const PKI_VALID_PRIVATEKEY = 0;
/* BIT FLAGS */

/* RSA key generation */
/* PKI_KEY_NODELAY removed in v3.3 */
const PKI_KEYGEN_INDICATE = 0x1000000;

const PKI_KEY_FORMAT_PEM = 0x10000;

const PKI_KEY_FORMAT_SSL = 0x20000;
const PKI_PFX_NO_PRIVKEY = 0x10;
const PKI_PFX_PLAIN_CERT = 0x2000000;
const PKI_PFX_CLONE_KEY = 0x4000000;

const PKI_PFX_ALT_FORMAT = 0x100000;
const PKI_CMS_FORMAT_BASE64 = 0x10000;
const PKI_CMS_EXCLUDE_CERTS = 0x0100;
const PKI_CMS_EXCLUDE_DATA = 0x0200;
const PKI_CMS_CERTS_ONLY = 0x0400;
const PKI_CMS_INCLUDE_ATTRS = 0x0800;
const PKI_CMS_ADD_SIGNTIME = 0x1000;
// --0x1000000L Reserved for PKI_CMS_NO_INFLATE
const PKI_CMS_ADD_SMIMECAP = 0x2000;
const PKI_CMS_NO_OUTER = 0x2000000;
const PKI_CMS_ALT_ALGID = 0x4000000;

const PKI_CMS_BIGFILE = 0x8000000;
const PKI_XML_RSAKEYVALUE = 0x0001;
const PKI_XML_EXCLPRIVATE = 0x0010;
const PKI_XML_HEXBINARY = 0x0100;

const PKI_EME_DEFAULT = 0x00;
const PKI_EME_PKCSV1_5 = 0x00;
const PKI_EME_OAEP = 0x10;
const PKI_EMSIG_DEFAULT = 0x20;
const PKI_EMSIG_PKCSV1_5 = 0x20;
const PKI_EMSIG_DIGESTONLY = 0x1000;
const PKI_EMSIG_DIGINFO = 0x2000;
const PKI_EMSIG_ISO9796 = 0x100000;

/* Option flags */
const PKI_X509_FORMAT_PEM = 0x10000;
const PKI_X509_FORMAT_BIN = 0x20000;
const PKI_X509_REQ_KLUDGE = 0x100000;
const PKI_X509_NO_TIMECHECK = 0x200000;
const PKI_X509_LATIN1 = 0x400000;
const PKI_X509_UTF8 = 0x800000;
const PKI_X509_AUTHKEYID = 0x1000000;
const PKI_X509_NO_BASIC = 0x2000000;
const PKI_X509_CA_TRUE = 0x4000000;
const PKI_X509_VERSION1 = 0x8000000;
const PKI_X509_LDAP = 0x1000;
/* Flags for Key Usage */
const PKI_X509_DECIMAL = 0x8000;
const PKI_X509_KEYUSAGE_DIGITALSIGNATURE = 0x0001;
const PKI_X509_KEYUSAGE_NONREPUDIATION = 0x0002;
const PKI_X509_KEYUSAGE_KEYENCIPHERMENT = 0x0004;
const PKI_X509_KEYUSAGE_DATAENCIPHERMENT = 0x0008;
const PKI_X509_KEYUSAGE_KEYAGREEMENT = 0x0010;
const PKI_X509_KEYUSAGE_KEYCERTSIGN = 0x0020;
const PKI_X509_KEYUSAGE_CRLSIGN = 0x0040;
const PKI_X509_KEYUSAGE_ENCIPHERONLY = 0x0080;
/* Specific return values */
const PKI_X509_KEYUSAGE_DECIPHERONLY = 0x0100;
const PKI_X509_EXPIRED = -1;
const PKI_X509_VALID_NOW = 0;
const PKI_X509_VERIFY_SUCCESS = 0;
const PKI_X509_VERIFY_FAILURE = -1;
const PKI_X509_REVOKED = 1;
const PKI_X509_INVALID = 1;

/* Return values for CNV_CheckUTF */
const PKI_CHRS_NOT_UTF8 = 0;
const PKI_CHRS_ALL_ASCII = 1;
const PKI_CHRS_ANSI8 = 2;

const PKI_CHRS_MULTIBYTE = 3;
/* Options for CNV_ByteEncoding */
const PKI_CNV_UTF8_FROM_LATIN1 = 1;

const PKI_CNV_LATIN1_FROM_UTF8 = 2;
/* Flags and return values for X.509 and CMS query functions */
const PKI_QUERY_GETTYPE = 0x100000;
const PKI_QUERY_NUMBER = 1;
const PKI_QUERY_STRING = 2;

/* Options for RNG functions */
const PKI_RNG_STRENGTH_112 = 0x00;

const PKI_RNG_STRENGTH_128 = 0x01;
/* Block cipher (BC) algorithm options */
const PKI_BC_TDEA = 0x10;
const PKI_BC_3DES = 0x10;
const PKI_BC_DESEDE3 = 0x10;
const PKI_BC_AES128 = 0x20;
const PKI_BC_AES192 = 0x30;

const PKI_BC_AES256 = 0x40;
/* Block cipher mode options */
const PKI_MODE_ECB = 0x000;
const PKI_MODE_CBC = 0x100;
const PKI_MODE_OFB = 0x200;
const PKI_MODE_CFB = 0x300;

const PKI_MODE_CTR = 0x400;
/* Cipher file option flags - added [v3.7] */
const PKI_IV_PREFIX = 0x1000;

const PKI_PAD_LEAVE = 0x2000;
/* Key transport algorithms */
// --0x1000L Reserved for PKI_KT_RSAES_OEAP
const PKI_KT_RSAES_PKCS = 0x0000;
// --0x2000L Reserved for PKI_KT_RSA_KEM    // added v3.2; withdrawn v3.4

/* Key derivation functions */
// --0x300L Reserved for PKI_KDF_KDF3
const PKI_KDF_KDF2 = 0x000;

/* General */

const PKI_GEN_PLATFORM = 0x40;
/* __stdcall convention required for Win32 DLL only */


/* GENERAL FUNCTIONS */
extern (Windows):
int  PKI_Version(void *reserved1, void *reserved2);
int  PKI_LicenceType(int reserved);
int  PKI_LastError(char *szErrMsg, int nMsgLen);
int  PKI_ErrorCode();
int  PKI_ErrorLookup(char *szErrMsg, int nMsgLen, int nErrCode);
int  PKI_CompileTime(char *szOutput, int nOutputLen);
int  PKI_ModuleName(char *szOutput, int nOutputLen, int reserved);
int  PKI_PowerUpTests(int nOptions);

/* RFC5652 CRYPTOGRAPHIC MESSAGE SYNTAX (CMS) FUNCTIONS */
int  CMS_MakeEnvData(char *szFileOut, char *szFileIn, char *szCertList, char *sSeed, int nSeedLen, int nOptions);
int  CMS_MakeEnvDataFromString(char *szFileOut, char *szDataIn, char *szCertList, char *sSeed, int nSeedLen, int nOptions);
int  CMS_ReadEnvData(char *szFileOut, char *szFileIn, char *szX509File, char *szRSAPrivateKey, int nOptions);
int  CMS_ReadEnvDataToString(char *szDataOut, int nDataOutLen, char *szFileIn, char *szX509File, char *szRSAPrivateKey, int nOptions);
int  CMS_MakeSigData(char *szFileOut, char *szFileIn, char *szCertList, char *szRSAPrivateKey, int nOptions);
int  CMS_MakeSigDataFromString(char *szFileOut, char *szDataIn, char *szCertList, char *szRSAPrivateKey, int nOptions);
int  CMS_MakeSigDataFromSigValue(char *szFileOut, ubyte *pSigValue, int nSigLen, ubyte *pData, int nDataLen, char *szCertList, int nOptions);
int  CMS_MakeDetachedSig(char *szFileOut, char *szHexDigest, char *szCertList, char *szRSAPrivateKey, int nOptions);
int  CMS_ReadSigData(char *szFileOut, char *szFileIn, int nOptions);
int  CMS_ReadSigDataToString(char *szDataOut, int nDataOutLen, char *szFileIn, int nOptions);
int  CMS_GetSigDataDigest(char *szHexDigestOut, int nDigestLen, char *szFileIn, char *szX509File, int nOptions);
int  CMS_VerifySigData(char *szFileIn, char *szX509File, char *szHexDigest, int nOptions);
int  CMS_QuerySigData(char *szOutput, int nOutChars, char *szFileIn, char *szQuery, int nOptions);
int  CMS_QueryEnvData(char *szOutput, int nOutChars, char *szFileIn, char *szQuery, int nOptions);

/* RSA KEY FUNCTIONS */
int  RSA_MakeKeys(char *szPubKeyFile, char *szPVKFile, int nBits, int nExpFermat, int nTests, int nCount, char *szPassword, void *lpSeed, int nSeedLen, int nOptions);
int  RSA_ReadEncPrivateKey(char *szOutput, int nOutputLen, char *szPVKFile, char *szPassword, int nOptions);
int  RSA_ReadPrivateKeyInfo(char *szOutput, int nOutputLen, char *szKeyFile, int nOptions);
int  RSA_GetPrivateKeyFromPFX(char *szOutputFile, char *szPFXFile, int nOptions);
int  RSA_ReadPublicKey(char *szOutput, int nOutputLen, char *szKeyFile, int nOptions);
int  RSA_GetPublicKeyFromCert(char *szOutput, int nOutputLen, char *szCertFile, int nOptions);
int  RSA_SavePublicKey(char *szFileOut, char *szKeyString, int nOptions);
int  RSA_SavePrivateKeyInfo(char *szFileOut, char *szKeyString, int nOptions);
int  RSA_SaveEncPrivateKey(char *szFileOut, char *szKeyString, int nCount, char *szPassword, int nOptions);
int  RSA_KeyBits(char *szKeyString);
int  RSA_KeyBytes(char *szKeyString);
int  RSA_ToXMLString(char *szOutput, int nOutputLen, char *szKeyString, int nOptions);
int  RSA_FromXMLString(char *szOutput, int nOutputLen, char *szXmlString, int nOptions);
int  RSA_CheckKey(char *szKeyString, int nOptions);
int  RSA_KeyHashCode(char *szKeyString);
int  RSA_KeyMatch(char *szPrivateKey, char *szPublicKey);
/* New in v3.8 */
int  RSA_ReadPrivateKeyFromPFX(char *szOutput, int nOutChars, char *szPfxFile, char *szPassword, int nOptions);
int  RSA_PublicKeyFromPrivate(char *szOutput, int nOutChars, char *szKeyString, int nOptions);

/* 'RAW' RSA ENCRYPTION/DECRYPTION FUNCTIONS */
int  RSA_RawPublic(ubyte *lpData, int nDataLen, char *szPublicKey64, int nOptions);
int  RSA_RawPrivate(ubyte *lpData, int nDataLen, char *szPrivateKey64, int nOptions);
int  RSA_EncodeMsg(ubyte *lpOutput, int nOutputLen, ubyte *abMessage, int nMsgLen, int nOptions);
int  RSA_DecodeMsg(ubyte *lpOutput, int nOutputLen, ubyte *abInput, int nInputLen, int nOptions);

/* PKCS12 FILE FUNCTIONS */
int  PFX_MakeFile(char *szFileOut, char *szCertFile, char *szKeyFile, char *szPassword, char *szFriendlyName, int options);
int  PFX_VerifySig(char *szFileName, char *szPassword, int options);

/* X509 CERTIFICATE FUNCTIONS */
int  X509_MakeCert(char *certfile, char *issuerCert, char *subjectPubkeyFile, char *issuerPvkInfoFile, int certnum, int yearsvalid, char *distName, char *extensions, int keyUsageFlags, char *password, int optionFlags);
int  X509_MakeCertSelf(char *certfile, char *epkfile, int certnum, int yearsvalid, char *distName, char *extensions, int keyUsageFlags, char *password, int optionFlags);
int  X509_CertRequest(char *reqfile, char *epkfile, char *distName, char *reserved, char *password, int optionFlags);
int  X509_VerifyCert(char *szCertToVerify, char *szIssuerCert, int nOptions);
int  X509_CertThumb(char *szCertFile, char *szHash, int nHashLen, int nOptions);
int  X509_CertIsValidNow(char *szCertFile, int nOptions);
int  X509_CertIssuedOn(char *szCertFile, char *szOutput, int nOutChars, int nOptions);
int  X509_CertExpiresOn(char *szCertFile, char *szOutput, int nOutChars, int nOptions);
int  X509_CertSerialNumber(char *szCertFile, char *szOutput, int nOutChars, int nOptions);
int  X509_HashIssuerAndSN(char *szCertFile, char *szOutput, int nOutChars, int nOptions);
int  X509_CertIssuerName(char *szCertFile, char *szOutput, int nOutChars, char *szDelim, int nOptions);
int  X509_CertSubjectName(char *szCertFile, char *szOutput, int nOutChars, char *szDelim, int nOptions);
int  X509_GetCertFromP7Chain(char *szNewCertFile, char *szP7cFile, int nIndex, int nOptions);
int  X509_GetCertFromPFX(char *szNewCertFile, char *szPfxFile, char *szPassword, int nOptions);
int  X509_KeyUsageFlags(char *szCertFile);
int  X509_QueryCert(char *szOutput, int nOutChars, char *szCertFile, char *szQuery, int nOptions);
int  X509_ReadStringFromFile(char *szOutput, int nOutChars, char *szCertFile, int nOptions);
int  X509_SaveFileFromString(char *szNewCertFile, char *szCertString, int nOptions);
int  X509_TextDump(char *szFileOut, char *szCertFile, int nOptions);
int  X509_ValidatePath(char *szCertListOrP7File, char *szTrustedCert, int nOptions);

/* X509 CRL FUNCTIONS */
int  X509_MakeCRL(char *szCrlFile, char *szIssuerCert, char *szIssuerKeyFile, char *szPassword, char *szRevokedCertList, char *szExtensions, int nOptions);
int  X509_CheckCertInCRL(char *szCertFile, char *szCrlFile, char *szCRLIssuerCert, char *szDate, int nOptions);

/* ONLINE CERTIFICATE STATUS PROTOCOL (OCSP) FUNCTIONS [new in v3.5] */
int  OCSP_MakeRequest(char *szOutput, int nOutChars, char *szIssuerCert, char *szCertFileOrSerialNum, char *szExtensions, int nOptions);
int  OCSP_ReadResponse(char *szOutput, int nOutChars, char *szResponseFile, char *szIssuerCert, char *szExtensions, int nOptions);

/* TRIPLE DES FUNCTIONS */
int  TDEA_HexMode(char *szOutput, char *szInput, char *szKey, int fEncrypt, char *szMode, char *szIV);
int  TDEA_B64Mode(char *szOutput, char *szInput, char *szKey, int fEncrypt, char *szMode, char *szIV);
int  TDEA_BytesMode(ubyte *lpOutput, ubyte *lpInput, int nBytes, ubyte *lpKey, int fEncrypt, char *szMode, ubyte *lpIV);
int  TDEA_File(char *szFileOut, char *szFileIn, ubyte *lpKey, int fEncrypt, char *szMode, ubyte *lpIV);

/* GENERIC BLOCK CIPHER FUNCTIONS */
int  CIPHER_Bytes(int fEncrypt, ubyte *lpOutput, ubyte *lpData, int nDataLen, ubyte *lpKey, ubyte *lpIV, char *szAlgAndMode, int nOptions);
int  CIPHER_File(int fEncrypt, char *szFileOut, char *szFileIn, ubyte *lpKey, ubyte *lpIV, char *szAlgAndMode, int nOptions);
int  CIPHER_Hex(int fEncrypt, char *szOutput, int nOutChars, char *szData, char *szKey, char *szIV, char *szAlgAndMode, int nOptions);
int  CIPHER_KeyWrap(ubyte *lpOutput, int nOutBytes, ubyte *lpData, int nDataLen, ubyte *lpKEK, int nKekLen, int nOptions);
int  CIPHER_KeyUnwrap(ubyte *lpOutput, int nOutBytes, ubyte *lpData, int nDataLen, ubyte *lpKEK, int nKekLen, int nOptions);

/* MESSAGE DIGEST HASH FUNCTIONS */
int  HASH_Bytes(ubyte *lpDigest, int nDigLen, void *lpMessage, int nMsgLen, int nOptions);
int  HASH_File(ubyte *lpDigest, int nDigLen, char *szFileName, int nOptions);
int  HASH_HexFromBytes(char *szOutput, int nOutChars, void *lpMessage, int nMsgLen, int nOptions);
int  HASH_HexFromFile(char *szOutput, int nOutChars, char *szFileName, int nOptions);
int  HASH_HexFromHex(char *szOutput, int nOutChars, char *szMsgHex, int nOptions);

/* HMAC FUNCTIONS */
int  HMAC_Bytes(ubyte *lpDigest, int nDigLen, void *lpMessage, int nMsgLen, void *lpKey, int nKeyLen, int nOptions);
int  HMAC_HexFromBytes(char *szOutput, int nOutChars, void *lpMessage, int nMsgLen, void *lpKey, int nKeyLen, int nOptions);
int  HMAC_HexFromHex(char *szOutput, int nOutChars, char *szMsgHex, char *szKeyHex, int nOptions);

/* BASE64 AND HEX CONVERSION FUNCTIONS */
int  CNV_B64StrFromBytes(char *szOutput, int nOutChars, ubyte *input, int nBytes);
int  CNV_BytesFromB64Str(ubyte *output, int out_len, char *input);
int  CNV_B64Filter(char *szOutput, char *input, int len);
int  CNV_HexStrFromBytes(char *szOutput, int nOutChars, ubyte *input, int nBytes);
int  CNV_BytesFromHexStr(ubyte *output, int out_len, char *input);
int  CNV_HexFilter(char *szOutput, char *input, int len);

/* UTF-8 CONVERSION/CHECK FUNCTIONS */
/* [Note: the following three functions are deprecated as of v3.6] */
int  CNV_UTF8FromLatin1(char *szOutput, int nOutChars, char *szInput);
int  CNV_Latin1FromUTF8(char *szOutput, int nOutChars, char *szInput);
int  CNV_CheckUTF8(char *szInput);
/* [New in v3.6] */
int  CNV_UTF8BytesFromLatin1(ubyte *lpOutput, int nOutBytes, char *szInput);
int  CNV_Latin1FromUTF8Bytes(char *szOutput, int nOutChars, ubyte *lpInput, int nBytes);
int  CNV_CheckUTF8Bytes(ubyte *lpInput, int nBytes);
int  CNV_CheckUTF8File(char *szFileName);
int  CNV_ByteEncoding(ubyte *lpOutput, int nOutBytes, ubyte *lpInput, int nBytes, int nOptions);

/* PEM/BINARY FILE CONVERSIONS */
int  PEM_FileFromBinFile(char *szOutputFile, char *szFileIn, char *szHeader, int nLineLen);
int  PEM_FileFromBinFileEx(char *szOutputFile, char *szFileIn, char *szHeader, int nLineLen, int nOptions);
int  PEM_FileToBinFile(char *szOutputFile, char *szFileIn);

/* RNG FUNCTIONS */
int  RNG_Bytes(ubyte *lpOutput, int nOutputLen, void *lpSeed, int nSeedLen);
int  RNG_Number(int nLower, int nUpper);
int  RNG_BytesWithPrompt(ubyte *lpOutput, int nOutputLen, char *szPrompt, int nOptions);
int  RNG_Initialize(char *szSeedFile, int nOptions);
int  RNG_MakeSeedFile(char *szSeedFile, char *szPrompt, int nOptions);
int  RNG_UpdateSeedFile(char *szSeedFile, int nOptions);
int  RNG_Test(char *szFileName, int nOptions);

/* PADDING FUNCTIONS */
int  PAD_BytesBlock(ubyte *lpOutput, int nOutputLen, ubyte *lpInput, int nBytes, int nBlkLen, int nOptions);
int  PAD_UnpadBytes(ubyte *lpOutput, int nOutputLen, ubyte *lpInput, int nBytes, int nBlkLen, int nOptions);
int  PAD_HexBlock(char *szOutput, int nMaxChars, char *szInput, int nBlkLen, int nOptions);
int  PAD_UnpadHex(char *szOutput, int nMaxChars, char *szInput, int nBlkLen, int nOptions);

/* MISC UTILITIES */
int  WIPE_File(char *szFileName, int nOptions);
int  WIPE_Data(void *lpData, int nDataLen);
int  PWD_Prompt(char *szPassword, int nPwdLen, char *szCaption);
int  PWD_PromptEx(char *szPassword, int nPwdLen, char *szCaption, char *szPrompt, int nOptions);