unit diCrPKI;
interface
{
Delphi/FreePascal interface for CryptoSys PKI
$Id: diCrPKI.pas $
$Date: 2023-10-12 07:16:00 $
$Revision: 22.0.0 $
************************** LICENSE *****************************************
Copyright (C) 2010-23 David Ireland, DI Management Services Pty Limited.
All rights reserved. <www.di-mgt.com.au> <www.cryptosys.net>
The code in this module is licensed under the terms of the MIT license.
@license MIT
For a copy, see <http://opensource.org/licenses/MIT>
****************************************************************************
}
{ GENERAL FUNCTIONS }
function PKI_Version(nReserved1 : PByte; nReserved2 : PByte) : LongInt; stdcall; external 'diCrPKI.dll';
function PKI_LicenceType(nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PKI_CompileTime(szOutput : PAnsiChar; nOutChars : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PKI_ModuleName(szOutput : PAnsiChar; nOutChars : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PKI_PowerUpTests(nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PKI_Platform(szOutput : PAnsiChar; nOutChars : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PKI_ModuleInfo(szOutput : PAnsiChar; nOutChars : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ New in [v21.0] }
function PKI_FormatErrorMessage(szOutput : PAnsiChar; nOutChars : LongInt; nErrCode : LongInt; szUserMsg : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
{ ERROR-RELATED FUNCTIONS }
function PKI_LastError(szOutput : PAnsiChar; nOutChars : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PKI_ErrorCode : LongInt; stdcall; external 'diCrPKI.dll';
function PKI_ErrorLookup(szOutput : PAnsiChar; nOutChars : LongInt; nErrCode : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ CRYPTOGRAPHIC MESSAGE SYNTAX (CMS) FUNCTIONS }
function CMS_MakeEnvData(szFileOut : AnsiString; szFileIn : AnsiString; szCertList : AnsiString; szSeed : AnsiString; nSeedLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_MakeEnvDataFromString(szFileOut : AnsiString; szDataIn : AnsiString; szCertList : AnsiString; szSeed : AnsiString; nSeedLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_ReadEnvData(szFileOut : AnsiString; szFileIn : AnsiString; szCertFile : AnsiString; szPrivateKey : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_ReadEnvDataToString(szOutput : PAnsiChar; nOutChars : LongInt; szFileIn : AnsiString; szCertFile : AnsiString; szPrivateKey : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_MakeSigData(szFileOut : AnsiString; szFileIn : AnsiString; szCertList : AnsiString; szPrivateKey : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_MakeSigDataFromString(szFileOut : AnsiString; szDataIn : AnsiString; szCertList : AnsiString; szPrivateKey : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_MakeSigDataFromSigValue(szFileOut : AnsiString; lpSigValue : PByte; nSigLen : LongInt; lpData : PByte; nDataLen : LongInt; szCertListOrFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_MakeDetachedSig(szFileOut : AnsiString; szHexDigest : AnsiString; szCertList : AnsiString; szPrivateKey : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_ReadSigData(szFileOut : AnsiString; szFileIn : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_ReadSigDataToString(szOutput : PAnsiChar; nOutChars : LongInt; szFileIn : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_GetSigDataDigest(szOutput : PAnsiChar; nOutChars : LongInt; szFileIn : AnsiString; szCertFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_VerifySigData(szFileIn : AnsiString; szCertFile : AnsiString; szHexDigest : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_QuerySigData(szOutput : PAnsiChar; nOutChars : LongInt; szFileIn : AnsiString; szQuery : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_QueryEnvData(szOutput : PAnsiChar; nOutChars : LongInt; szFileIn : AnsiString; szQuery : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_MakeComprData(szFileOut : AnsiString; szFileIn : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_ReadComprData(szFileOut : AnsiString; szFileIn : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_ReadEnvDataToBytes(lpOutput : PByte; nOutBytes : LongInt; szFileIn : AnsiString; szCertFile : AnsiString; szPrivateKey : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_ReadSigDataToBytes(lpOutput : PByte; nOutBytes : LongInt; szFileIn : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_MakeEnvDataFromBytes(szFileOut : AnsiString; lpInput : PByte; nInputLen : LongInt; szCertList : AnsiString; szSeed : AnsiString; nSeedLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CMS_MakeSigDataFromBytes(szFileOut : AnsiString; lpInput : PByte; nInputLen : LongInt; szCertList : AnsiString; szPrivateKey : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ RSA KEY FUNCTIONS }
{ New in [v12.3] }
function RSA_MakeKeysXtd(szPubKeyFile : AnsiString; szPriKeyFile : AnsiString; szPassword : AnsiString; nBits : LongInt; nExpFermat : LongInt; szParams : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ ...supersedes the function: }
function RSA_MakeKeys(szPubKeyFile : AnsiString; szEpkFile : AnsiString; nBits : LongInt; nExpFermat : LongInt; nTests : LongInt; nCount : LongInt; szPassword : AnsiString; lpSeed : PByte; nSeedLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ New in [v12.3] }
function RSA_SaveEncKey(szFileOut : AnsiString; szIntKeyString : AnsiString; szPassword : AnsiString; szParams : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ ...supersedes the function: }
function RSA_SaveEncPrivateKey(szFileOut : AnsiString; szKeyString : AnsiString; nCount : LongInt; szPassword : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_SavePublicKey(szFileOut : AnsiString; szKeyString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_SavePrivateKeyInfo(szFileOut : AnsiString; szKeyString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_GetPrivateKeyFromPFX(szFileOut : AnsiString; szPfxFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_GetPublicKeyFromCert(szOutput : PAnsiChar; nOutChars : LongInt; szCertFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_KeyBits(szKeyString : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_KeyBytes(szKeyString : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_ToXMLString(szOutput : PAnsiChar; nOutChars : LongInt; szKeyString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_ToXMLStringEx(szOutput : PAnsiChar; nOutChars : LongInt; szKeyString : AnsiString; szPrefix : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_FromXMLString(szOutput : PAnsiChar; nOutChars : LongInt; szXmlString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_CheckKey(szKeyString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_KeyHashCode(szKeyString : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_KeyMatch(szPrivateKey : AnsiString; szPublicKey : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_ReadPrivateKeyFromPFX(szOutput : PAnsiChar; nOutChars : LongInt; szPfxFile : AnsiString; szPassword : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_PublicKeyFromPrivate(szOutput : PAnsiChar; nOutChars : LongInt; szKeyString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_ReadAnyPrivateKey(szOutput : PAnsiChar; nOutChars : LongInt; szKeyFileOrString : AnsiString; szPassword : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_ReadAnyPublicKey(szOutput : PAnsiChar; nOutChars : LongInt; szKeyFileOrString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_KeyValue(szOutput : PAnsiChar; nOutChars : LongInt; szKeyString : AnsiString; szFieldName : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_ReadEncPrivateKey(szOutput : PAnsiChar; nOutChars : LongInt; szEpkFile : AnsiString; szPassword : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_ReadPrivateKeyInfo(szOutput : PAnsiChar; nOutChars : LongInt; szKeyFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_ReadPublicKey(szOutput : PAnsiChar; nOutChars : LongInt; szPubKeyFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ 'RAW' RSA ENCRYPTION/DECRYPTION FUNCTIONS }
function RSA_RawPublic(lpData : PByte; nDataLen : LongInt; szPublicKey : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_RawPrivate(lpData : PByte; nDataLen : LongInt; szPrivateKey : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_EncodeMsg(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_DecodeMsg(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_Encrypt(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; szPublicKeyFile : AnsiString; szParameters : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RSA_Decrypt(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; szPrivateKeyFile : AnsiString; szPassword : AnsiString; szParameters : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ ELLIPTIC CURVE CRYPTOGRAPHY FUNCTIONS }
function ECC_MakeKeys(szPubKeyFile : AnsiString; szPriKeyFile : AnsiString; szCurveName : AnsiString; szPassword : AnsiString; szParams : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function ECC_ReadKeyByCurve(szOutput : PAnsiChar; nOutChars : LongInt; szHexKey : AnsiString; szCurveName : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function ECC_ReadPrivateKey(szOutput : PAnsiChar; nOutChars : LongInt; szKeyFileOrString : AnsiString; szPassword : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function ECC_ReadPublicKey(szOutput : PAnsiChar; nOutChars : LongInt; szKeyFileOrString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function ECC_SaveEncKey(szFileOut : AnsiString; szIntKeyString : AnsiString; szPassword : AnsiString; szParams : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function ECC_SaveKey(szFileOut : AnsiString; szIntKeyString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function ECC_PublicKeyFromPrivate(szOutput : PAnsiChar; nOutChars : LongInt; szIntKeyString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function ECC_QueryKey(szOutput : PAnsiChar; nOutChars : LongInt; szIntKeyString : AnsiString; szQuery : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function ECC_KeyHashCode(szKeyString : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function ECC_DHSharedSecret(lpZZ : PByte; nOutBytes : LongInt; szIntPrivateKey : AnsiString; szIntPublicKey : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ PKCS12 FILE FUNCTIONS }
function PFX_MakeFile(szFileOut : AnsiString; szCertFile : AnsiString; szEpkFile : AnsiString; szPassword : AnsiString; szFriendlyName : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PFX_VerifySig(szFileName : AnsiString; szPassword : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ X509 CERTIFICATE FUNCTIONS }
function X509_MakeCert(szNewCertFile : AnsiString; szIssuerCertFile : AnsiString; szSubjectPubKeyFile : AnsiString; szIssuerEpkFile : AnsiString; nCertNum : LongInt; nYearsValid : LongInt; szDistName : AnsiString; szExtensions : AnsiString; nKeyUsageFlags : LongInt; szPassword : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_MakeCertSelf(szNewCertFile : AnsiString; szEpkFile : AnsiString; nCertNum : LongInt; nYearsValid : LongInt; szDistName : AnsiString; szExtensions : AnsiString; nKeyUsageFlags : LongInt; szPassword : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_CertRequest(szNewReqFile : AnsiString; szEpkFile : AnsiString; szDistName : AnsiString; szExtensions : AnsiString; szPassword : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_VerifyCert(szCertToVerify : AnsiString; szIssuerCert : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_CertThumb(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_CertIsValidNow(szCertFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_CertIssuedOn(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_CertExpiresOn(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_CertSerialNumber(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_HashIssuerAndSN(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_CertIssuerName(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : LongInt; szDelim : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_CertSubjectName(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : LongInt; szDelim : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_GetCertFromP7Chain(szNewCertFile : AnsiString; szP7cFile : AnsiString; nIndex : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_GetCertFromPFX(szNewCertFile : AnsiString; szPfxFile : AnsiString; szPassword : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_KeyUsageFlags(szCertFile : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_QueryCert(szOutput : PAnsiChar; nOutChars : LongInt; szCertFile : AnsiString; szQuery : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_ReadStringFromFile(szOutput : PAnsiChar; nOutChars : LongInt; szCertFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_SaveFileFromString(szNewCertFile : AnsiString; szCertString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_TextDump(szFileOut : AnsiString; szCertFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_ValidatePath(szCertListOrP7File : AnsiString; szTrustedCert : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_TextDumpToString(szOutput : PAnsiChar; nOutChars : LongInt; szCertFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_ReadCertStringFromP7Chain(szOutput : PAnsiChar; nOutChars : LongInt; szP7cFile : AnsiString; nIndex : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_ReadCertStringFromPFX(szOutput : PAnsiChar; nOutChars : LongInt; szPfxFile : AnsiString; szPassword : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_GetCertCountInP7Chain(szP7cFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ X509 CRL FUNCTIONS }
function X509_MakeCRL(szCrlFile : AnsiString; szIssuerCert : AnsiString; szIssuerKeyFile : AnsiString; szPassword : AnsiString; szRevokedCertList : AnsiString; szExtensions : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function X509_CheckCertInCRL(szCertFile : AnsiString; szCrlFile : AnsiString; szCRLIssuerCert : AnsiString; szDate : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ ONLINE CERTIFICATE STATUS PROTOCOL (OCSP) FUNCTIONS }
function OCSP_MakeRequest(szOutput : PAnsiChar; nOutChars : LongInt; szIssuerCert : AnsiString; szCertFileOrSerialNum : AnsiString; szExtensions : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function OCSP_ReadResponse(szOutput : PAnsiChar; nOutChars : LongInt; szResponseFile : AnsiString; szIssuerCert : AnsiString; szExtensions : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ TRIPLE DES FUNCTIONS }
function TDEA_HexMode(szOutput : PAnsiChar; szInput : AnsiString; szKey : AnsiString; fEncrypt : LongInt; szMode : AnsiString; szIV : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function TDEA_B64Mode(szOutput : PAnsiChar; szInput : AnsiString; szKey : AnsiString; fEncrypt : LongInt; szMode : AnsiString; szIV : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function TDEA_BytesMode(lpOutput : PByte; lpData : PByte; nDataLen : LongInt; lpKey : PByte; fEncrypt : LongInt; szMode : AnsiString; lpIV : PByte) : LongInt; stdcall; external 'diCrPKI.dll';
function TDEA_File(szFileOut : AnsiString; szFileIn : AnsiString; lpKey : PByte; fEncrypt : LongInt; szMode : AnsiString; lpIV : PByte) : LongInt; stdcall; external 'diCrPKI.dll';
{ GENERIC BLOCK CIPHER FUNCTIONS }
function CIPHER_Bytes(fEncrypt : LongInt; lpOutput : PByte; lpData : PByte; nDataLen : LongInt; lpKey : PByte; lpIV : PByte; szAlgAndMode : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_File(fEncrypt : LongInt; szFileOut : AnsiString; szFileIn : AnsiString; lpKey : PByte; lpIV : PByte; szAlgAndMode : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_Hex(fEncrypt : LongInt; szOutput : PAnsiChar; nOutChars : LongInt; szData : AnsiString; szKey : AnsiString; szIV : AnsiString; szAlgAndMode : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ Changed in [v20.2]: Renamed ~Bytes2 to ~Bytes }
function CIPHER_EncryptBytes(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; lpKey : PByte; nKeyLen : LongInt; lpIV : PByte; nIvLen : LongInt; szAlgModePad : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_DecryptBytes(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; lpKey : PByte; nKeyLen : LongInt; lpIV : PByte; nIvLen : LongInt; szAlgModePad : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_EncryptBytes2(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; lpKey : PByte; nKeyLen : LongInt; lpIV : PByte; nIvLen : LongInt; szAlgModePad : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_DecryptBytes2(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; lpKey : PByte; nKeyLen : LongInt; lpIV : PByte; nIvLen : LongInt; szAlgModePad : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_FileEncrypt(szFileOut : AnsiString; szFileIn : AnsiString; lpKey : PByte; nKeyLen : LongInt; lpIV : PByte; nIvLen : LongInt; szAlgModePad : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_FileDecrypt(szFileOut : AnsiString; szFileIn : AnsiString; lpKey : PByte; nKeyLen : LongInt; lpIV : PByte; nIvLen : LongInt; szAlgModePad : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_EncryptAEAD(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; lpKey : PByte; nKeyLen : LongInt; lpIV : PByte; nIvLen : LongInt; lpAAD : PByte; nAadLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_DecryptAEAD(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; lpKey : PByte; nKeyLen : LongInt; lpIV : PByte; nIvLen : LongInt; lpAAD : PByte; nAadLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_KeyWrap(lpOutput : PByte; nOutBytes : LongInt; lpData : PByte; nDataLen : LongInt; lpKek : PByte; nKekLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_KeyUnwrap(lpOutput : PByte; nOutBytes : LongInt; lpData : PByte; nDataLen : LongInt; lpKek : PByte; nKekLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_EncryptHex(szOutput : PAnsiChar; nOutChars : LongInt; szInputHex : AnsiString; szKeyHex : AnsiString; szIvHex : AnsiString; szAlgModePad : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CIPHER_DecryptHex(szOutput : PAnsiChar; nOutChars : LongInt; szInputHex : AnsiString; szKeyHex : AnsiString; szIvHex : AnsiString; szAlgModePad : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ MESSAGE DIGEST HASH FUNCTIONS }
function HASH_Bytes(lpOutput : PByte; nOutBytes : LongInt; lpMessage : PByte; nMsgLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function HASH_File(lpOutput : PByte; nOutBytes : LongInt; szFileName : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function HASH_HexFromBytes(szOutput : PAnsiChar; nOutChars : LongInt; lpMessage : PByte; nMsgLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function HASH_HexFromFile(szOutput : PAnsiChar; nOutChars : LongInt; szFileName : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function HASH_HexFromHex(szOutput : PAnsiChar; nOutChars : LongInt; szMsgHex : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function HASH_Length(nAlgId : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ HMAC FUNCTIONS }
function HMAC_Bytes(lpOutput : PByte; nOutBytes : LongInt; lpMessage : PByte; nMsgLen : LongInt; lpKey : PByte; nKeyLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function HMAC_HexFromBytes(szOutput : PAnsiChar; nOutChars : LongInt; lpMessage : PByte; nMsgLen : LongInt; lpKey : PByte; nKeyLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function HMAC_HexFromHex(szOutput : PAnsiChar; nOutChars : LongInt; szMsgHex : AnsiString; szKeyHex : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ BASE64 AND HEX CONVERSION FUNCTIONS }
function CNV_B64StrFromBytes(szOutput : PAnsiChar; nOutChars : LongInt; lpInput : PByte; nInputLen : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_BytesFromB64Str(lpOutput : PByte; nOutBytes : LongInt; szInput : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_B64Filter(szOutput : PAnsiChar; szInput : AnsiString; nStrLen : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_HexStrFromBytes(szOutput : PAnsiChar; nOutChars : LongInt; lpInput : PByte; nInputLen : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_BytesFromHexStr(lpOutput : PByte; nOutBytes : LongInt; szInput : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_HexFilter(szOutput : PAnsiChar; szInput : AnsiString; nStrLen : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ BASE58 FUNCTIONS }
function CNV_Base58FromBytes(szOutput : PAnsiChar; nOutChars : LongInt; lpInput : PByte; nInputLen : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_Base58ToBytes(lpOutput : PByte; nOutBytes : LongInt; szInput : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
{ UTF-8 CONVERSION/CHECK FUNCTIONS }
function CNV_UTF8BytesFromLatin1(lpOutput : PByte; nOutBytes : LongInt; szInput : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_Latin1FromUTF8Bytes(szOutput : PAnsiChar; nOutChars : LongInt; lpInput : PByte; nBytes : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_CheckUTF8Bytes(lpInput : PByte; nBytes : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_CheckUTF8File(szFileName : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_ByteEncoding(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nBytes : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ MISC BYTE UTILITIES }
function CNV_ReverseBytes(lpOutput : PByte; lpInput : PByte; nBytes : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_NumToBytes(lpOutput : PByte; nOutBytes : LongInt; nNumber : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function CNV_NumFromBytes(lpInput : PByte; nBytes : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ PEM/BINARY FILE CONVERSIONS }
function PEM_FileFromBinFile(szFileOut : AnsiString; szFileIn : AnsiString; szHeader : AnsiString; nLineLen : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PEM_FileFromBinFileEx(szFileOut : AnsiString; szFileIn : AnsiString; szHeader : AnsiString; nLineLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PEM_FileToBinFile(szFileOut : AnsiString; szFileIn : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
{ RNG FUNCTIONS }
function RNG_Bytes(lpOutput : PByte; nOutBytes : LongInt; lpSeed : PByte; nSeedLen : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RNG_Number(nLower : LongInt; nUpper : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RNG_BytesWithPrompt(lpOutput : PByte; nOutBytes : LongInt; szPrompt : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RNG_Initialize(szSeedFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RNG_MakeSeedFile(szSeedFile : AnsiString; szPrompt : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RNG_UpdateSeedFile(szSeedFile : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RNG_Test(szFileOut : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function RNG_Guid(szOutput : PAnsiChar; nOutChars : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ PADDING FUNCTIONS }
function PAD_BytesBlock(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; nBlkLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PAD_UnpadBytes(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; nBlkLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PAD_HexBlock(szOutput : PAnsiChar; nOutChars : LongInt; szInput : AnsiString; nBlkLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PAD_UnpadHex(szOutput : PAnsiChar; nOutChars : LongInt; szInput : AnsiString; nBlkLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ MISC UTILITIES }
function WIPE_File(szFileName : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function WIPE_Data(lpData : PByte; nDataLen : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PWD_Prompt(szPassword : PAnsiChar; nPwdLen : LongInt; szCaption : AnsiString) : LongInt; stdcall; external 'diCrPKI.dll';
function PWD_PromptEx(szPassword : PAnsiChar; nPwdLen : LongInt; szCaption : AnsiString; szPrompt : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ PASSWORD-BASED ENCRYPTION PROTOTYPES }
function PBE_Kdf2(lpOutput : PByte; nOutBytes : LongInt; lpPwd : PByte; nPwdLen : LongInt; lpSalt : PByte; nSaltLen : LongInt; nCount : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PBE_Kdf2Hex(szOutput : PAnsiChar; nOutChars : LongInt; dkBytes : LongInt; szPwd : AnsiString; szSaltHex : AnsiString; nCount : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ New in [v22.0] }
function PBE_Scrypt(lpDerivedKey : PByte; nKeyLen : LongInt; lpPwd : PByte; nPwdLen : LongInt; lpSalt : PByte; nSaltLen : LongInt; nParamN : LongInt; nParamR : LongInt; nParamP : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PBE_ScryptHex(szOutput : PAnsiChar; nMaxChars : LongInt; dkBytes : LongInt; szPwd : AnsiString; szSaltHex : AnsiString; nParamN : LongInt; nParamR : LongInt; nParamP : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ ASN.1 UTILITIES }
function ASN1_TextDump(szFileOut : AnsiString; szFileOrPEMString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function ASN1_Type(szOutput : PAnsiChar; nOutChars : LongInt; szFileOrPEMString : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function ASN1_TextDumpToString(szOutput : PAnsiChar; nOutChars : LongInt; szFileOrPEMString : AnsiString; szDirName : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ SIGNATURE FUNCTIONS }
function SIG_SignData(szOutput : PAnsiChar; nOutChars : LongInt; lpData : PByte; nDataLen : LongInt; szKeyFile : AnsiString; szPassword : AnsiString; szAlgName : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function SIG_SignFile(szOutput : PAnsiChar; nOutChars : LongInt; szDataFile : AnsiString; szKeyFile : AnsiString; szPassword : AnsiString; szAlgName : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function SIG_VerifyData(szSignature : AnsiString; lpData : PByte; nDataLen : LongInt; szCertOrKeyFile : AnsiString; szAlgName : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function SIG_VerifyFile(szSignature : AnsiString; szDataFile : AnsiString; szCertOrKeyFile : AnsiString; szAlgName : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ SMIME FUNCTIONS }
function SMIME_Wrap(szFileOut : AnsiString; szFileIn : AnsiString; szFeatures : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function SMIME_Extract(szFileOut : AnsiString; szFileIn : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function SMIME_Query(szOutput : PAnsiChar; nOutChars : LongInt; szFileIn : AnsiString; szQuery : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ COMPRESSION FUNCTIONS }
function COMPR_Compress(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function COMPR_Uncompress(lpOutput : PByte; nOutBytes : LongInt; lpInput : PByte; nInputLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ KEY DERIVATION FUNCTIONS }
{ New in [v20.5] }
function KDF_Bytes(lpOutput : PByte; nOutBytes : LongInt; lpIKM : PByte; nIkmLen : LongInt; lpInfo : PByte; nInfoLen : LongInt; szParams : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function KDF_ForCms(lpOutput : PByte; nOutBytes : LongInt; lpZZ : PByte; nZzLen : LongInt; lpUkm : PByte; nUkmLen : LongInt; szParams : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ XOF/PRF FUNCTIONS }
{ New in [v21.0] }
function XOF_Bytes(lpOutput : PByte; nOutBytes : LongInt; lpMessage : PByte; nMsgLen : LongInt; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function PRF_Bytes(lpOutput : PByte; nOutBytes : LongInt; lpMessage : PByte; nMsgLen : LongInt; lpKey : PByte; nKeyLen : LongInt; szCustom : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
{ HPKE RFC9180 FUNCTIONS }
{ New in [v22.0] }
function HPKE_LabeledExtract(lpOutput : PByte; nOutBytes : LongInt; lpSalt : PByte; nSaltLen : LongInt; szLabel : AnsiString; lpIkm : PByte; nIkmLen : LongInt; szCurveName : AnsiString; szParams : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function HPKE_LabeledExpand(lpOutput : PByte; nOutBytes : LongInt; lpPrk : PByte; nPrkLen : LongInt; szLabel : AnsiString; lpInfo : PByte; nInfoLen : LongInt; szCurveName : AnsiString; szParams : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
function HPKE_DerivePrivateKey(szOutput : PAnsiChar; nOutChars : LongInt; lpIkm : PByte; nIkmLen : LongInt; szCurveName : AnsiString; szParams : AnsiString; nOptions : LongInt) : LongInt; stdcall; external 'diCrPKI.dll';
const
{ GENERAL CONSTANTS }
PKI_DIR_ENCRYPT = 1;
PKI_DIR_DECRYPT = 0;
{ Synonyms for direction }
ENCRYPT = 1;
DECRYPT = 0;
{ Maximum number of bytes in hash digest byte array }
PKI_MAX_HASH_BYTES = 64;
PKI_SHA1_BYTES = 20;
PKI_SHA224_BYTES = 28;
PKI_SHA256_BYTES = 32;
PKI_SHA384_BYTES = 48;
PKI_SHA512_BYTES = 64;
PKI_MD5_BYTES = 16;
PKI_MD2_BYTES = 16;
PKI_RMD160_BYTES = 20;
PKI_BTC160_BYTES = 20;
{ Maximum number of hex characters in hash digest (excl null) }
PKI_MAX_HASH_CHARS = (2*PKI_MAX_HASH_BYTES);
PKI_SHA1_CHARS = (2*PKI_SHA1_BYTES);
PKI_SHA224_CHARS = (2*PKI_SHA224_BYTES);
PKI_SHA256_CHARS = (2*PKI_SHA256_BYTES);
PKI_SHA384_CHARS = (2*PKI_SHA384_BYTES);
PKI_SHA512_CHARS = (2*PKI_SHA512_BYTES);
PKI_MD5_CHARS = (2*PKI_MD5_BYTES);
PKI_MD2_CHARS = (2*PKI_MD2_BYTES);
PKI_RMD160_CHARS = (2*PKI_RMD160_BYTES);
PKI_BTC160_CHARS = (2*PKI_BTC160_BYTES);
{ Synonym retained for backwards compatibility }
PKI_MAX_HASH_LEN = PKI_MAX_HASH_CHARS;
{ Encryption block sizes in bytes }
PKI_BLK_TDEA_BYTES = 8;
PKI_BLK_AES_BYTES = 16;
{ Key size in bytes }
PKI_KEYSIZE_TDEA_BYTES = 24;
PKI_KEYSIZE_MAX_BYTES = 32;
{ Required size for RNG seed file }
PKI_RNG_SEED_BYTES = 64;
{ Length of GUID string - added [v12.3] }
PKI_RNG_GUID_CHARS = 36;
{ Maximum number of characters in a last error message }
PKI_MAX_LASTERROR_CHARS = 647;
PKI_MAX_ERROR_CHARS = (PKI_MAX_LASTERROR_CHARS);
{ Maximum number of characters in an error lookup message }
PKI_MAX_ERRORLOOKUP_CHARS = 127;
{ OPTIONS }
PKI_DEFAULT = 0;
{ Signature algorithms }
PKI_SIG_SHA1RSA = $0;
PKI_SIG_MD5RSA = $1;
PKI_SIG_MD2RSA = $2;
PKI_SIG_SHA256RSA = $3;
PKI_SIG_SHA384RSA = $4;
PKI_SIG_SHA512RSA = $5;
PKI_SIG_SHA224RSA = $6;
{ Synonyms added [v12.0] }
PKI_SIG_RSA_SHA1 = $0;
PKI_SIG_RSA_SHA224 = $6;
PKI_SIG_RSA_SHA256 = $3;
PKI_SIG_RSA_SHA384 = $4;
PKI_SIG_RSA_SHA512 = $5;
PKI_SIG_RSA_MD5 = $1;
{ New in [v11.0] }
PKI_SIG_ECDSA_SHA1 = $10;
PKI_SIG_ECDSA_SHA224 = $20;
PKI_SIG_ECDSA_SHA256 = $30;
PKI_SIG_ECDSA_SHA384 = $40;
PKI_SIG_ECDSA_SHA512 = $50;
{ New in [v12.0] }
PKI_SIG_RSA_PSS_SHA1 = $B0;
PKI_SIG_RSA_PSS_SHA224 = $B6;
PKI_SIG_RSA_PSS_SHA256 = $B3;
PKI_SIG_RSA_PSS_SHA384 = $B4;
PKI_SIG_RSA_PSS_SHA512 = $B5;
{ Safe curves for EdDSA - new in [v20.0] }
PKI_SIG_ED25519 = $C0;
PKI_SIG_ED448 = $C1;
{ Salt lengths for RSA-PSS - new in [v12.0] }
PKI_PSS_SALTLEN_HLEN = $000000;
PKI_PSS_SALTLEN_MAX = $200000;
PKI_PSS_SALTLEN_20 = $300000;
PKI_PSS_SALTLEN_ZERO = $400000;
{ MGF parameters for RSA-OAEP/PSS - new in [v12.0] }
PKI_MGF_MGF1SHA1 = $800000;
{ PKCS#5 Password-based encryption algorithms }
PKI_PBE_SHA_3DES = $0;
{ Added in [v11.0] as simpler alternative to PKI_PBE_PBES2 + PKI_BC }
PKI_PBE_PBKDF2_DESEDE3 = $1010;
PKI_PBE_PBKDF2_AES128 = $1020;
PKI_PBE_PBKDF2_AES192 = $1030;
PKI_PBE_PBKDF2_AES256 = $1040;
{ These next 3 changed in [v11.0] (by adding 0x8000000) }
PKI_PBE_MD5_DES = $8000001;
PKI_PBE_MD2_DES = $8000002;
PKI_PBE_SHA_DES = $8000003;
{ Synonym retained for backwards compatibility }
PKI_PBES2_3DES = PKI_PBE_PBKDF2_DESEDE3;
{ Older alternative to specify PBES2 PBKDF2 }
PKI_PBE_PBES2 = $1000;
{ Message digest hash algorithms }
PKI_HASH_SHA1 = $0;
PKI_HASH_MD5 = $1;
PKI_HASH_MD2 = $2;
PKI_HASH_SHA256 = $3;
PKI_HASH_SHA384 = $4;
PKI_HASH_SHA512 = $5;
PKI_HASH_SHA224 = $6;
PKI_HASH_RMD160 = $7;
PKI_HASH_BTC160 = $8;
PKI_HASH_SHA3_224 = $A;
PKI_HASH_SHA3_256 = $B;
PKI_HASH_SHA3_384 = $C;
PKI_HASH_SHA3_512 = $D;
PKI_HASH_MODE_TEXT = $10000;
PKI_HASH_DOUBLE = $20000;
{ HMAC algorithms }
PKI_HMAC_SHA1 = $0;
PKI_HMAC_SHA224 = $6;
PKI_HMAC_SHA256 = $3;
PKI_HMAC_SHA384 = $4;
PKI_HMAC_SHA512 = $5;
PKI_HMAC_SHA3_224 = $A;
PKI_HMAC_SHA3_256 = $B;
PKI_HMAC_SHA3_384 = $C;
PKI_HMAC_SHA3_512 = $D;
{ Options for MAC/XOF/PRF functions }
PKI_KMAC_128 = $201;
PKI_KMAC_256 = $202;
PKI_XOF_SHAKE128 = $203;
PKI_XOF_SHAKE256 = $204;
PKI_XOF_MGF1_SHA1 = $210;
PKI_XOF_MGF1_SHA256 = $213;
PKI_XOF_MGF1_SHA512 = $215;
{ nFermatExp values for RSA exponent }
PKI_RSAEXP_EQ_3 = 0;
PKI_RSAEXP_EQ_5 = 1;
PKI_RSAEXP_EQ_17 = 2;
PKI_RSAEXP_EQ_257 = 3;
PKI_RSAEXP_EQ_65537 = 4;
{ Return values for RSA_CheckKey }
PKI_VALID_PUBLICKEY = 1;
PKI_VALID_PRIVATEKEY = 0;
{ Options for ECC Keys - New in [v20.0] }
PKI_ECC_PRIVATE_KEY = $0;
PKI_ECC_PUBLIC_KEY = $1;
{ HPKE constants - New in [v22.0] }
PKI_HPKE_MAX_NH = 64;
PKI_HPKE_MAX_NSK = 66;
PKI_HPKE_MAX_NSK_CHARS = (PKI_HPKE_MAX_NSK*2);
{ BIT FLAGS }
{ Key generation and storage }
PKI_KEYGEN_INDICATE = $1000000;
PKI_KEY_SECURE_OFF = $2000000;
PKI_KEY_FORMAT_PEM = $10000;
PKI_KEY_FORMAT_SSL = $20000;
PKI_KEY_TYPE_PKCS8 = $40000;
PKI_KEY_LEGACY = $80000;
PKI_PFX_STRONG_CERT = $1000000;
PKI_PFX_PLAIN_CERT = $2000000;
PKI_PFX_CLONE_KEY = $4000000;
PKI_PFX_DOUBLE_ENCRYPT = $8000000;
PKI_PFX_ALT_FORMAT = $100000;
PKI_PFX_P7CHAIN = $0400;
PKI_PFX_AES256_SHA256 = $1043;
PKI_CMS_FORMAT_BASE64 = $10000;
PKI_CMS_EXCLUDE_CERTS = $0100;
PKI_CMS_EXCLUDE_DATA = $0200;
PKI_CMS_CERTS_ONLY = $0400;
PKI_CMS_INCLUDE_ATTRS = $0800;
PKI_CMS_ADD_SIGNTIME = $1000;
PKI_CMS_ADD_SMIMECAP = $2000;
PKI_CMS_ADD_SIGNINGCERT = $4000;
PKI_CMS_ADD_ALGPROTECT = $8000;
PKI_CMS_NO_INFLATE = $1000000;
PKI_CMS_NO_OUTER = $2000000;
PKI_CMS_ALT_ALGID = $4000000;
PKI_CMS_BIGFILE = $8000000;
PKI_CMS_PSEUDOSIG = $100000;
PKI_XML_RSAKEYVALUE = $0001;
PKI_XML_EXCLPRIVATE = $0010;
PKI_XML_REQPRIVATE = $0020;
PKI_XML_HEXBINARY = $0100;
PKI_EME_DEFAULT = $00;
PKI_EME_PKCSV1_5 = $00;
PKI_EME_OAEP = $10;
PKI_EMSIG_DEFAULT = $20;
PKI_EMSIG_PKCSV1_5 = $20;
PKI_EMSIG_DIGESTONLY = $1000;
PKI_EMSIG_DIGINFO = $2000;
PKI_EMSIG_ISO9796 = $100000;
{ X.509 Option flags }
PKI_X509_FORMAT_PEM = $10000;
PKI_X509_FORMAT_BIN = $20000;
PKI_X509_REQ_KLUDGE = $100000;
PKI_X509_NO_TIMECHECK = $200000;
PKI_X509_LATIN1 = $400000;
PKI_X509_UTF8 = $800000;
PKI_X509_AUTHKEYID = $1000000;
PKI_X509_NO_BASIC = $2000000;
PKI_X509_CA_TRUE = $4000000;
PKI_X509_VERSION1 = $8000000;
PKI_X509_LDAP = $1000;
PKI_X509_DECIMAL = $8000;
{ Flags for X.509 Key Usage }
PKI_X509_KEYUSAGE_DIGITALSIGNATURE = $0001;
PKI_X509_KEYUSAGE_NONREPUDIATION = $0002;
PKI_X509_KEYUSAGE_KEYENCIPHERMENT = $0004;
PKI_X509_KEYUSAGE_DATAENCIPHERMENT = $0008;
PKI_X509_KEYUSAGE_KEYAGREEMENT = $0010;
PKI_X509_KEYUSAGE_KEYCERTSIGN = $0020;
PKI_X509_KEYUSAGE_CRLSIGN = $0040;
PKI_X509_KEYUSAGE_ENCIPHERONLY = $0080;
PKI_X509_KEYUSAGE_DECIPHERONLY = $0100;
{ Specific return values }
{ [v12.0] Changed from +1/-1 to proper error codes }
PKI_X509_EXPIRED = 16;
PKI_X509_VERIFY_FAILURE = 22;
PKI_X509_REVOKED = 42;
PKI_X509_INVALID = 43;
PKI_X509_VALID_NOW = 0;
PKI_X509_VERIFY_SUCCESS = 0;
{ Return values for CNV_CheckUTF }
PKI_CHRS_NOT_UTF8 = 0;
PKI_CHRS_ALL_ASCII = 1;
PKI_CHRS_ANSI8 = 2;
PKI_CHRS_MULTIBYTE = 3;
{ Options for CNV_ByteEncoding }
PKI_CNV_UTF8_FROM_LATIN1 = $1;
PKI_CNV_LATIN1_FROM_UTF8 = $2;
{ Options for CNV_Num[To/From]Bytes }
PKI_CNV_BIG_ENDIAN = $0;
PKI_CNV_LITTLE_ENDIAN = $1;
{ Flags and return values for X.509 and CMS query functions }
PKI_QUERY_GETTYPE = $100000;
PKI_QUERY_NUMBER = 1;
PKI_QUERY_STRING = 2;
{ Options for RNG functions }
PKI_RNG_STRENGTH_112 = $00;
PKI_RNG_STRENGTH_128 = $01;
{ Block cipher (BC) algorithm options }
PKI_BC_TDEA = $10;
PKI_BC_3DES = $10;
PKI_BC_DESEDE3 = $10;
PKI_BC_AES128 = $20;
PKI_BC_AES192 = $30;
PKI_BC_AES256 = $40;
{ Block cipher mode options }
PKI_MODE_ECB = $000;
PKI_MODE_CBC = $100;
PKI_MODE_OFB = $200;
PKI_MODE_CFB = $300;
PKI_MODE_CTR = $400;
{ Added [v12.1] AEAD only }
PKI_MODE_GCM = $500;
{ Block cipher padding options }
PKI_PAD_DEFAULT = $0;
PKI_PAD_NOPAD = $10000;
PKI_PAD_PKCS5 = $20000;
PKI_PAD_1ZERO = $30000;
{ Added [v11.1] }
PKI_PAD_AX923 = $40000;
PKI_PAD_W3C = $50000;
{ AEAD algorithms - added [v12.1] }
PKI_AEAD_AES_128_GCM = $520;
PKI_AEAD_AES_192_GCM = $530;
PKI_AEAD_AES_256_GCM = $540;
PKI_AEAD_CHACHA20_POLY1305 = $550;
PKI_AEAD_TAG_BYTES = 16;
{ Block cipher option flags }
PKI_IV_PREFIX = $1000;
{ Key wrap algorithms - added [v20.5] }
PKI_KWRAP_3DES = $100000;
PKI_KWRAP_AES128 = $200000;
PKI_KWRAP_AES192 = $300000;
PKI_KWRAP_AES256 = $400000;
{ Key transport algorithms }
PKI_KT_RSAES_PKCS = $0000;
PKI_KT_RSAES_OAEP = $8000;
{ Key derivation functions }
{ Changed [v20.5] }
PKI_KDF_X963 = $0000;
PKI_KDF_HKDF = $1000;
{ ASN.1 utilities - added [v10.0] }
PKI_ASN1_NOCOMMENTS = $100000;
PKI_ASN1_ADDLEVELS = $800000;
PKI_ASN1_TYPE_MAXCHARS = 64;
{ SIG functions }
PKI_SIG_USEDIGEST = $1000;
PKI_SIG_DETERMINISTIC = $2000;
PKI_SIG_ASN1DER = $4000;
{ SMIME functions - added [v10.0] }
PKI_SMIME_ENCODE_BASE64 = $10000;
PKI_SMIME_ENCODE_BINARY = $20000;
PKI_SMIME_ADDX = $100000;
{ Encoding options - added [v11.0] }
PKI_ENCODE_HEX = $30000;
PKI_ENCODE_BASE64URL = $40000;
{ Wipefile options - added [v12.0] }
PKI_WIPEFILE_DOD7 = $0;
PKI_WIPEFILE_SIMPLE = $1;
{ General }
PKI_GEN_PLATFORM = $40;
PKI_GEN_LEGACY = $8000000;
implementation
end.