📄 cryptlib.bas
字号:
CRYPT_OPTION_CERT_UPDATEINTERVAL ' CRL update interval
CRYPT_OPTION_CERT_COMPLIANCELEVEL ' PKIX compliance level for cert chks.
' CMS/SMIME options
CRYPT_OPTION_CMS_DEFAULTATTRIBUTES ' Add default CMS attributes
CRYPT_OPTION_SMIME_DEFAULTATTRIBUTES = CRYPT_OPTION_CMS_DEFAULTATTRIBUTES
' LDAP keyset options
CRYPT_OPTION_KEYS_LDAP_OBJECTCLASS ' Object class
CRYPT_OPTION_KEYS_LDAP_OBJECTTYPE ' Object type to fetch
CRYPT_OPTION_KEYS_LDAP_FILTER ' Query filter
CRYPT_OPTION_KEYS_LDAP_CACERTNAME ' CA certificate attribute name
CRYPT_OPTION_KEYS_LDAP_CERTNAME ' Certificate attribute name
CRYPT_OPTION_KEYS_LDAP_CRLNAME ' CRL attribute name
CRYPT_OPTION_KEYS_LDAP_EMAILNAME ' Email attribute name
' Crypto device options
CRYPT_OPTION_DEVICE_PKCS11_DVR01 ' Name of first PKCS #11 driver
CRYPT_OPTION_DEVICE_PKCS11_DVR02 ' Name of second PKCS #11 driver
CRYPT_OPTION_DEVICE_PKCS11_DVR03 ' Name of third PKCS #11 driver
CRYPT_OPTION_DEVICE_PKCS11_DVR04 ' Name of fourth PKCS #11 driver
CRYPT_OPTION_DEVICE_PKCS11_DVR05 ' Name of fifth PKCS #11 driver
CRYPT_OPTION_DEVICE_PKCS11_HARDWAREONLY ' Use only hardware mechanisms
' Network access options
CRYPT_OPTION_NET_SOCKS_SERVER ' Socks server name
CRYPT_OPTION_NET_SOCKS_USERNAME ' Socks user name
CRYPT_OPTION_NET_HTTP_PROXY ' Web proxy server
CRYPT_OPTION_NET_CONNECTTIMEOUT ' Timeout for network connection setup
CRYPT_OPTION_NET_TIMEOUT ' Timeout for network read/write
' Miscellaneous options
CRYPT_OPTION_MISC_ASYNCINIT ' Whether to init cryptlib async'ly
CRYPT_OPTION_MISC_SIDECHANNELPROTECTION ' Protect against side-channel attacks
' cryptlib state information
CRYPT_OPTION_CONFIGCHANGED ' Whether in-mem.opts match on-disk ones
CRYPT_OPTION_SELFTESTOK ' Whether self-test was completed and OK
' Used internally
CRYPT_OPTION_LAST
CRYPT_CTXINFO_FIRST = 1000
'********************
' Context attributes
'********************
' Algorithm and mode information
CRYPT_CTXINFO_ALGO ' Algorithm
CRYPT_CTXINFO_MODE ' Mode
CRYPT_CTXINFO_NAME_ALGO ' Algorithm name
CRYPT_CTXINFO_NAME_MODE ' Mode name
CRYPT_CTXINFO_KEYSIZE ' Key size in bytes
CRYPT_CTXINFO_BLOCKSIZE ' Block size
CRYPT_CTXINFO_IVSIZE ' IV size
CRYPT_CTXINFO_KEYING_ALGO ' Key processing algorithm
CRYPT_CTXINFO_KEYING_ITERATIONS ' Key processing iterations
CRYPT_CTXINFO_KEYING_SALT ' Key processing salt
CRYPT_CTXINFO_KEYING_VALUE ' Value used to derive key
' State information
CRYPT_CTXINFO_KEY ' Key
CRYPT_CTXINFO_KEY_COMPONENTS ' Public-key components
CRYPT_CTXINFO_IV ' IV
CRYPT_CTXINFO_HASHVALUE ' Hash value
' Misc.information
CRYPT_CTXINFO_LABEL ' Label for private/secret key
' Used internally
CRYPT_CTXINFO_LAST
CRYPT_CERTINFO_FIRST = 2000
'************************
' Certificate attributes
'************************
' Because there are so many cert attributes, we break them down into
' blocks to minimise the number of values that change if a new one is
' added halfway through
' Pseudo-information on a cert object or meta-information which is used
' to control the way that a cert object is processed
CRYPT_CERTINFO_SELFSIGNED ' Cert is self-signed
CRYPT_CERTINFO_IMMUTABLE ' Cert is signed and immutable
CRYPT_CERTINFO_XYZZY ' Cert is a magic just-works cert
CRYPT_CERTINFO_CERTTYPE ' Certificate object type
CRYPT_CERTINFO_FINGERPRINT ' Certificate fingerprints
CRYPT_CERTINFO_FINGERPRINT_MD5 = CRYPT_CERTINFO_FINGERPRINT
CRYPT_CERTINFO_FINGERPRINT_SHA
CRYPT_CERTINFO_CURRENT_CERTIFICATE ' Cursor mgt: Rel.pos in chain/CRL/OCSP
CRYPT_CERTINFO_CURRENT_EXTENSION ' Cursor mgt: Rel.pos.or abs.extension
CRYPT_CERTINFO_CURRENT_FIELD ' Cursor mgt: Rel.pos.or abs.field in ext
CRYPT_CERTINFO_CURRENT_COMPONENT ' Cursor mgt: Rel.pos in multival.field
CRYPT_CERTINFO_TRUSTED_USAGE ' Usage that cert is trusted for
CRYPT_CERTINFO_TRUSTED_IMPLICIT ' Whether cert is implicitly trusted
CRYPT_CERTINFO_SIGNATURELEVEL ' Amount of detail to include in sigs.
' General certificate object information
CRYPT_CERTINFO_VERSION ' Cert.format version
CRYPT_CERTINFO_SERIALNUMBER ' Serial number
CRYPT_CERTINFO_SUBJECTPUBLICKEYINFO ' Public key
CRYPT_CERTINFO_CERTIFICATE ' User certificate
CRYPT_CERTINFO_USERCERTIFICATE = CRYPT_CERTINFO_CERTIFICATE
CRYPT_CERTINFO_CACERTIFICATE ' CA certificate
CRYPT_CERTINFO_ISSUERNAME ' Issuer DN
CRYPT_CERTINFO_VALIDFROM ' Cert valid-from time
CRYPT_CERTINFO_VALIDTO ' Cert valid-to time
CRYPT_CERTINFO_SUBJECTNAME ' Subject DN
CRYPT_CERTINFO_ISSUERUNIQUEID ' Issuer unique ID
CRYPT_CERTINFO_SUBJECTUNIQUEID ' Subject unique ID
CRYPT_CERTINFO_CERTREQUEST ' Cert.request (DN + public key)
CRYPT_CERTINFO_THISUPDATE ' CRL/OCSP current-update time
CRYPT_CERTINFO_NEXTUPDATE ' CRL/OCSP next-update time
CRYPT_CERTINFO_REVOCATIONDATE ' CRL/OCSP cert-revocation time
CRYPT_CERTINFO_REVOCATIONSTATUS ' OCSP revocation status
CRYPT_CERTINFO_CERTSTATUS ' RTCS certificate status
CRYPT_CERTINFO_DN ' Currently selected DN in string form
CRYPT_CERTINFO_PKIUSER_ID ' PKI user ID
CRYPT_CERTINFO_PKIUSER_ISSUEPASSWORD ' PKI user issue password
CRYPT_CERTINFO_PKIUSER_REVPASSWORD ' PKI user revocation password
' X.520 Distinguished Name components. This is a composite field, the
' DN to be manipulated is selected through the addition of a
' pseudocomponent, and then one of the following is used to access the
' DN components directly
CRYPT_CERTINFO_COUNTRYNAME = CRYPT_CERTINFO_FIRST + 100 ' countryName
CRYPT_CERTINFO_STATEORPROVINCENAME ' stateOrProvinceName
CRYPT_CERTINFO_LOCALITYNAME ' localityName
CRYPT_CERTINFO_ORGANIZATIONNAME ' organizationName
CRYPT_CERTINFO_ORGANISATIONNAME = CRYPT_CERTINFO_ORGANIZATIONNAME
CRYPT_CERTINFO_ORGANIZATIONALUNITNAME ' organizationalUnitName
CRYPT_CERTINFO_ORGANISATIONALUNITNAME = CRYPT_CERTINFO_ORGANIZATIONALUNITNAME
CRYPT_CERTINFO_COMMONNAME ' commonName
' X.509 General Name components. These are handled in the same way as
' the DN composite field, with the current GeneralName being selected by
' a pseudo-component after which the individual components can be
' modified through one of the following
CRYPT_CERTINFO_OTHERNAME_TYPEID ' otherName.typeID
CRYPT_CERTINFO_OTHERNAME_VALUE ' otherName.value
CRYPT_CERTINFO_RFC822NAME ' rfc822Name
CRYPT_CERTINFO_EMAIL = CRYPT_CERTINFO_RFC822NAME
CRYPT_CERTINFO_DNSNAME ' dNSName
CRYPT_CERTINFO_DIRECTORYNAME ' directoryName
CRYPT_CERTINFO_EDIPARTYNAME_NAMEASSIGNER ' ediPartyName.nameAssigner
CRYPT_CERTINFO_EDIPARTYNAME_PARTYNAME ' ediPartyName.partyName
CRYPT_CERTINFO_UNIFORMRESOURCEIDENTIFIER ' uniformResourceIdentifier
CRYPT_CERTINFO_IPADDRESS ' iPAddress
CRYPT_CERTINFO_REGISTEREDID ' registeredID
' X.509 certificate extensions. Although it would be nicer to use names
' that match the extensions more closely (e.g.
' CRYPT_CERTINFO_BASICCONSTRAINTS_PATHLENCONSTRAINT), these exceed the
' 32-character ANSI minimum length for unique names, and get really
' hairy once you get into the weird policy constraints extensions whose
' names wrap around the screen about three times.
'
' The following values are defined in OID order, this isn't absolutely
' necessary but saves an extra layer of processing when encoding them
' 1 2 840 113549 1 9 7 challengePassword. This is here even though it's
' a CMS attribute because SCEP stuffs it into PKCS #10 requests
CRYPT_CERTINFO_CHALLENGEPASSWORD = CRYPT_CERTINFO_FIRST + 200
' 1 3 6 1 4 1 3029 3 1 4 cRLExtReason
CRYPT_CERTINFO_CRLEXTREASON
' 1 3 6 1 4 1 3029 3 1 5 keyFeatures
CRYPT_CERTINFO_KEYFEATURES
' 1 3 6 1 5 5 7 1 1 authorityInfoAccess
CRYPT_CERTINFO_AUTHORITYINFOACCESS
CRYPT_CERTINFO_AUTHORITYINFO_RTCS ' accessDescription.accessLocation
CRYPT_CERTINFO_AUTHORITYINFO_OCSP ' accessDescription.accessLocation
CRYPT_CERTINFO_AUTHORITYINFO_CAISSUERS ' accessDescription.accessLocation
CRYPT_CERTINFO_AUTHORITYINFO_TIMESTAMPING ' accessDescription.accessLocation
' 1 3 6 1 5 5 7 48 1 2 ocspNonce
CRYPT_CERTINFO_OCSP_NONCE ' nonce
' 1 3 6 1 5 5 7 48 1 4 ocspAcceptableResponses
CRYPT_CERTINFO_OCSP_RESPONSE
CRYPT_CERTINFO_OCSP_RESPONSE_OCSP ' OCSP standard response
' 1 3 6 1 5 5 7 48 1 5 ocspNoCheck
CRYPT_CERTINFO_OCSP_NOCHECK
' 1 3 6 1 5 5 7 48 1 6 ocspArchiveCutoff
CRYPT_CERTINFO_OCSP_ARCHIVECUTOFF
' 1 3 6 1 5 5 7 48 1 11 subjectInfoAccess
CRYPT_CERTINFO_SUBJECTINFOACCESS
CRYPT_CERTINFO_SUBJECTINFO_CAREPOSITORY ' accessDescription.accessLocation
CRYPT_CERTINFO_SUBJECTINFO_TIMESTAMPING ' accessDescription.accessLocation
' 1 3 36 8 3 1 siggDateOfCertGen
CRYPT_CERTINFO_SIGG_DATEOFCERTGEN
' 1 3 36 8 3 2 siggProcuration
CRYPT_CERTINFO_SIGG_PROCURATION
CRYPT_CERTINFO_SIGG_PROCURE_COUNTRY ' country
CRYPT_CERTINFO_SIGG_PROCURE_TYPEOFSUBSTITUTION ' typeOfSubstitution
CRYPT_CERTINFO_SIGG_PROCURE_SIGNINGFOR ' signingFor.thirdPerson
' 1 3 36 8 3 4 siggMonetaryLimit
CRYPT_CERTINFO_SIGG_MONETARYLIMIT
CRYPT_CERTINFO_SIGG_MONETARY_CURRENCY ' currency
CRYPT_CERTINFO_SIGG_MONETARY_AMOUNT ' amount
CRYPT_CERTINFO_SIGG_MONETARY_EXPONENT ' exponent
' 1 3 36 8 3 8 siggRestriction
CRYPT_CERTINFO_SIGG_RESTRICTION
' 1 3 101 1 4 1 strongExtranet
CRYPT_CERTINFO_STRONGEXTRANET
CRYPT_CERTINFO_STRONGEXTRANET_ZONE ' sxNetIDList.sxNetID.zone
CRYPT_CERTINFO_STRONGEXTRANET_ID ' sxNetIDList.sxNetID.id
' 2 5 29 9 subjectDirectoryAttributes
CRYPT_CERTINFO_SUBJECTDIRECTORYATTRIBUTES
CRYPT_CERTINFO_SUBJECTDIR_TYPE ' attribute.type
CRYPT_CERTINFO_SUBJECTDIR_VALUES ' attribute.values
' 2 5 29 14 subjectKeyIdentifier
CRYPT_CERTINFO_SUBJECTKEYIDENTIFIER
' 2 5 29 15 keyUsage
CRYPT_CERTINFO_KEYUSAGE
' 2 5 29 16 privateKeyUsagePeriod
CRYPT_CERTINFO_PRIVATEKEYUSAGEPERIOD
CRYPT_CERTINFO_PRIVATEKEY_NOTBEFORE ' notBefore
CRYPT_CERTINFO_PRIVATEKEY_NOTAFTER ' notAfter
' 2 5 29 17 subjectAltName
CRYPT_CERTINFO_SUBJECTALTNAME
' 2 5 29 18 issuerAltName
CRYPT_CERTINFO_ISSUERALTNAME
' 2 5 29 19 basicConstraints
CRYPT_CERTINFO_BASICCONSTRAINTS
CRYPT_CERTINFO_CA ' cA
CRYPT_CERTINFO_AUTHORITY = CRYPT_CERTINFO_CA
CRYPT_CERTINFO_PATHLENCONSTRAINT ' pathLenConstraint
' 2 5 29 20 cRLNumber
CRYPT_CERTINFO_CRLNUMBER
' 2 5 29 21 cRLReason
CRYPT_CERTINFO_CRLREASON
' 2 5 29 23 holdInstructionCode
CRYPT_CERTINFO_HOLDINSTRUCTIONCODE
' 2 5 29 24 invalidityDate
CRYPT_CERTINFO_INVALIDITYDATE
' 2 5 29 27 deltaCRLIndicator
CRYPT_CERTINFO_DELTACRLINDICATOR
' 2 5 29 28 issuingDistributionPoint
CRYPT_CERTINFO_ISSUINGDISTRIBUTIONPOINT
CRYPT_CERTINFO_ISSUINGDIST_FULLNAME ' distributionPointName.fullName
CRYPT_CERTINFO_ISSUINGDIST_USERCERTSONLY ' onlyContainsUserCerts
CRYPT_CERTINFO_ISSUINGDIST_CACERTSONLY ' onlyContainsCACerts
CRYPT_CERTINFO_ISSUINGDIST_SOMEREASONSONLY ' onlySomeReasons
CRYPT_CERTINFO_ISSUINGDIST_INDIRECTCRL ' indirectCRL
' 2 5 29 29 certificateIssuer
CRYPT_CERTINFO_CERTIFICATEISSUER
' 2 5 29 30 nameConstraints
CRYPT_CERTINFO_NAMECONSTRAINTS
CRYPT_CERTINFO_PERMITTEDSUBTREES ' permittedSubtrees
CRYPT_CERTINFO_EXCLUDEDSUBTREES ' excludedSubtrees
' 2 5 29 31 cRLDistributionPoint
CRYPT_CERTINFO_CRLDISTRIBUTIONPOINT
CRYPT_CERTINFO_CRLDIST_FULLNAME ' distributionPointName.fullName
CRYPT_CERTINFO_CRLDIST_REASONS ' reasons
CRYPT_CERTINFO_CRLDIST_CRLISSUER ' cRLIssuer
' 2 5 29 32 certificatePolicies
CRYPT_CERTINFO_CERTIFICATEPOLICIES
CRYPT_CERTINFO_CERTPOLICYID ' policyInformation.policyIdentifier
CRYPT_CERTINFO_CERTPOLICY_CPSURI
' policyInformation.policyQualifiers.qualifier.cPSuri
CRYPT_CERTINFO_CERTPOLICY_ORGANIZATION
' policyInformation.policyQualifiers.qualifier.userNotice.noticeRef.organization
CRYPT_CERTINFO_CERTPOLICY_NOTICENUMBERS
' policyInformation.policyQualifiers.qualifier.userNotice.noticeRef.noticeNumbers
CRYPT_CERTINFO_CERTPOLICY_EXPLICITTEXT
' policyInformation.policyQualifiers.qualifier.userNotice.explicitText
' 2 5 29 33 policyMappings
CRYPT_CERTINFO_POLICYMAPPINGS
CRYPT_CERTINFO_ISSUERDOMAINPOLICY ' policyMappings.issuerDomainPolicy
CRYPT_CERTINFO_SUBJECTDOMAINPOLICY ' policyMappings.subjectDomainPolicy
' 2 5 29 35 authorityKeyIdentifier
CRYPT_CERTINFO_AUTHORITYKEYIDENTIFIER
CRYPT_CERTINFO_AUTHORITY_KEYIDENTIFIER ' keyIdentifier
CRYPT_CERTINFO_AUTHORITY_CERTISSUER ' authorityCertIssuer
CRYPT_CERTINFO_AUTHORITY_CERTSERIALNUMBER ' authorityCertSerialNumber
' 2 5 29 36 policyConstraints
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -