cryptlib.pas

cryptlib是功能强大的安全工具集。允许开发人员快速在自己的软件中集成加密和认证服务。

{  The maximum hash size - 256 bits  }

  CRYPT_MAX_HASHSIZE = 32;

{  The maximum size of a text string (e.g.key owner name)  }

  CRYPT_MAX_TEXTSIZE = 64;

{  A magic value indicating that the default setting for this parameter
   should be used  }

  CRYPT_USE_DEFAULT = -10;

{  A magic value for unused parameters  }

  CRYPT_UNUSED = -11;

{  Whether the PKC key is a public or private key  }

  CRYPT_KEYTYPE_PRIVATE = 0;
  CRYPT_KEYTYPE_PUBLIC = 1;

{  The type of information polling to perform to get random seed information  }

  CRYPT_RANDOM_FASTPOLL = -10;
  CRYPT_RANDOM_SLOWPOLL = -11;

{  Cursor positioning codes for certificate/CRL extensions  }

  CRYPT_CURSOR_FIRST = -20;
  CRYPT_CURSOR_PREVIOUS = -21;
  CRYPT_CURSOR_NEXT = -22;
  CRYPT_CURSOR_LAST = -23;

{  Keyset open options  }


type
  CRYPT_KEYOPT_TYPE = (  
    CRYPT_KEYOPT_NONE,              {  No options  }
    CRYPT_KEYOPT_READONLY,          {  Open keyset in read-only mode  }
    CRYPT_KEYOPT_CREATE,            {  Create a new keyset  }
    CRYPT_KEYOPT_LAST               {  Last possible key option type  }
    
  );

{  The various cryptlib objects - these are just integer handles  }

  CRYPT_CERTIFICATE = Integer;
  CRYPT_CONTEXT = Integer;
  CRYPT_DEVICE = Integer;
  CRYPT_ENVELOPE = Integer;
  CRYPT_KEYSET = Integer;
  CRYPT_SESSION = Integer;
  CRYPT_USER = Integer;

{  Sometimes we don't know the exact type of a cryptlib object, so we use a
   generic handle type to identify it  }

  CRYPT_HANDLE = Integer;

{****************************************************************************
*                                                                           *
*                           Encryption Data Structures                      *
*                                                                           *
****************************************************************************}

{  Results returned from the capability query  }

  CRYPT_QUERY_INFO = record  
    { Algorithm information }
    algoName: array[0 .. CRYPT_MAX_TEXTSIZE-1] of char;{ Algorithm name }
    blockSize: Integer;                  { Block size of the algorithm }
    minKeySize: Integer;                 { Minimum key size in bytes }
    keySize: Integer;                    { Recommended key size in bytes }
    maxKeySize: Integer;                 { Maximum key size in bytes }
    

  end;

{  Results returned from the encoded object query.  These provide
   information on the objects created by cryptExportKey()/
   cryptCreateSignature()  }

  CRYPT_OBJECT_INFO = record  
    { The object type }
    objectType: CRYPT_OBJECT_TYPE;

    { The encryption algorithm and mode }
    cryptAlgo: CRYPT_ALGO_TYPE;
    cryptMode: CRYPT_MODE_TYPE;

    { The hash algorithm for Signature objects }
    hashAlgo: CRYPT_ALGO_TYPE;

    { The salt for derived keys }
    salt: array[0 .. CRYPT_MAX_HASHSIZE-1] of byte;
    saltSize: Integer;
    

  end;

{  Key information for the public-key encryption algorithms.  These fields
   are not accessed directly, but can be manipulated with the init/set/
   destroyComponents() macros  }

  CRYPT_PKCINFO_RSA = record  
    { Status information }
    isPublicKey: Integer;            { Whether this is a public or private key }

    { Public components }
    n: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;   { Modulus }
    nLen: Integer;                   { Length of modulus in bits }
    e: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;   { Public exponent }
    eLen: Integer;                   { Length of public exponent in bits }

    { Private components }
    d: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;   { Private exponent }
    dLen: Integer;                   { Length of private exponent in bits }
    p: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;   { Prime factor 1 }
    pLen: Integer;                   { Length of prime factor 1 in bits }
    q: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;   { Prime factor 2 }
    qLen: Integer;                   { Length of prime factor 2 in bits }
    u: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;   { Mult.inverse of q, mod p }
    uLen: Integer;                   { Length of private exponent in bits }
    e1: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;  { Private exponent 1 (PKCS) }
    e1Len: Integer;                  { Length of private exponent in bits }
    e2: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;  { Private exponent 2 (PKCS) }
    e2Len: Integer;                  { Length of private exponent in bits }
    

  end;

  CRYPT_PKCINFO_DLP = record  
    { Status information }
    isPublicKey: Integer;            { Whether this is a public or private key }

    { Public components }
    p: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;   { Prime modulus }
    pLen: Integer;                   { Length of prime modulus in bits }
    q: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;   { Prime divisor }
    qLen: Integer;                   { Length of prime divisor in bits }
    g: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;   { h^( ( p - 1 ) / q ) mod p }
    gLen: Integer;                   { Length of g in bits }
    y: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;   { Public random integer }
    yLen: Integer;                   { Length of public integer in bits }

    { Private components }
    x: array[0 .. CRYPT_MAX_PKCSIZE-1] of byte;   { Private random integer }
    xLen: Integer;                   { Length of private integer in bits }
    

  end;

{  Macros to initialise and destroy the structure that stores the components
   of a public key  }

{ C-macro not translated to Delphi code: 
{   #define cryptInitComponents( componentInfo, componentKeyType ) 
    < memset( ( componentInfo ), 0, sizeof( *componentInfo ) ); 
      ( componentInfo )->isPublicKey = ( ( componentKeyType ) ? 1 : 0 ); > }

{ C-macro not translated to Delphi code: 
{   #define cryptDestroyComponents( componentInfo ) 
    memset( ( componentInfo ), 0, sizeof( *componentInfo ) ) }

{  Macros to set a component of a public key  }

{ C-macro not translated to Delphi code: 
{   #define cryptSetComponent( destination, source, length ) 
    < memcpy( ( destination ), ( source ), ( ( length ) + 7 ) >> 3 ); 
      ( destination##Len ) = length; > }

{****************************************************************************
*                                                                           *
*                               Status Codes                                *
*                                                                           *
****************************************************************************}

{  No error in function call  }


const
  CRYPT_OK = 0;   {  No error  }

{  Error in parameters passed to function  }

  CRYPT_ERROR_PARAM1 = -1;  {  Bad argument, parameter 1  }
  CRYPT_ERROR_PARAM2 = -2;  {  Bad argument, parameter 2  }
  CRYPT_ERROR_PARAM3 = -3;  {  Bad argument, parameter 3  }
  CRYPT_ERROR_PARAM4 = -4;  {  Bad argument, parameter 4  }
  CRYPT_ERROR_PARAM5 = -5;  {  Bad argument, parameter 5  }
  CRYPT_ERROR_PARAM6 = -6;  {  Bad argument, parameter 6  }
  CRYPT_ERROR_PARAM7 = -7;  {  Bad argument, parameter 7  }

{  Errors due to insufficient resources  }

  CRYPT_ERROR_MEMORY = -10; {  Out of memory  }
  CRYPT_ERROR_NOTINITED = -11; {  Data has not been initialised  }
  CRYPT_ERROR_INITED = -12; {  Data has already been init'd  }
  CRYPT_ERROR_NOSECURE = -13; {  Opn.not avail.at requested sec.level  }
  CRYPT_ERROR_RANDOM = -14; {  No reliable random data available  }
  CRYPT_ERROR_FAILED = -15; {  Operation failed  }

{  Security violations  }

  CRYPT_ERROR_NOTAVAIL = -20; {  This type of opn.not available  }
  CRYPT_ERROR_PERMISSION = -21; {  No permiss.to perform this operation  }
  CRYPT_ERROR_WRONGKEY = -22; {  Incorrect key used to decrypt data  }
  CRYPT_ERROR_INCOMPLETE = -23; {  Operation incomplete/still in progress  }
  CRYPT_ERROR_COMPLETE = -24; {  Operation complete/can't continue  }
  CRYPT_ERROR_TIMEOUT = -25; {  Operation timed out before completion  }
  CRYPT_ERROR_INVALID = -26; {  Invalid/inconsistent information  }
  CRYPT_ERROR_SIGNALLED = -27; {  Resource destroyed by extnl.event  }

{  High-level function errors  }

  CRYPT_ERROR_OVERFLOW = -30; {  Resources/space exhausted  }
  CRYPT_ERROR_UNDERFLOW = -31; {  Not enough data available  }
  CRYPT_ERROR_BADDATA = -32; {  Bad/unrecognised data format  }
  CRYPT_ERROR_SIGNATURE = -33; {  Signature/integrity check failed  }

{  Data access function errors  }

  CRYPT_ERROR_OPEN = -40; {  Cannot open object  }
  CRYPT_ERROR_READ = -41; {  Cannot read item from object  }
  CRYPT_ERROR_WRITE = -42; {  Cannot write item to object  }
  CRYPT_ERROR_NOTFOUND = -43; {  Requested item not found in object  }
  CRYPT_ERROR_DUPLICATE = -44; {  Item already present in object  }

{  Data enveloping errors  }

  CRYPT_ENVELOPE_RESOURCE = -50; {  Need resource to proceed  }

{  Macros to examine return values  }

{ C-macro not translated to Delphi code: 
{   #define cryptStatusError( status )  ( ( status ) < CRYPT_OK ) }
{ C-macro not translated to Delphi code: 
{   #define cryptStatusOK( status )     ( ( status ) == CRYPT_OK ) }

{****************************************************************************
*                                                                           *
*                                   General Functions                       *
*                                                                           *
****************************************************************************}

{  The following is necessary to stop C++ name mangling  }


{  Initialise and shut down cryptlib  }

function cryptInit: Integer;
{$IFDEF WIN32} stdcall; {$ELSE} cdecl; {$ENDIF} external cryptlibname;


function cryptEnd: Integer;
{$IFDEF WIN32} stdcall; {$ELSE} cdecl; {$ENDIF} external cryptlibname;



{  Query cryptlibs capabilities  }

function cryptQueryCapability( const cryptAlgo: CRYPT_ALGO_TYPE;
  var cryptQueryInfo: CRYPT_QUERY_INFO ): Integer;
{$IFDEF WIN32} stdcall; {$ELSE} cdecl; {$ENDIF} external cryptlibname;


{  Create and destroy an encryption context  }

function cryptCreateContext( var cryptContext: CRYPT_CONTEXT;
  const cryptUser: CRYPT_USER;
  const cryptAlgo: CRYPT_ALGO_TYPE ): Integer;
{$IFDEF WIN32} stdcall; {$ELSE} cdecl; {$ENDIF} external cryptlibname;

function cryptDestroyContext( const cryptContext: CRYPT_CONTEXT ): Integer;
{$IFDEF WIN32} stdcall; {$ELSE} cdecl; {$ENDIF} external cryptlibname;


{  Generic "destroy an object" function  }

function cryptDestroyObject( const cryptObject: CRYPT_HANDLE ): Integer;
{$IFDEF WIN32} stdcall; {$ELSE} cdecl; {$ENDIF} external cryptlibname;


{  Generate a key into a context  }

function cryptGenerateKey( const cryptContext: CRYPT_CONTEXT ): Integer;
{$IFDEF WIN32} stdcall; {$ELSE} cdecl; {$ENDIF} external cryptlibname;

function cryptGenerateKeyAsync( const cryptContext: CRYPT_CONTEXT ): Integer;
{$IFDEF WIN32} stdcall; {$ELSE} cdecl; {$ENDIF} external cryptlibname;

function cryptAsyncQuery( const cryptObject: CRYPT_HANDLE ): Integer;
{$IFDEF WIN32} stdcall; {$ELSE} cdecl; {$ENDIF} external cryptlibname;

function cryptAsyncCancel( const cryptObject: CRYPT_HANDLE ): Integer;
{$IFDEF WIN32} stdcall; {$ELSE} cdecl; {$ENDIF} external cryptlibname;


{  Encrypt/decrypt/hash a block of memory  }

function cryptEncrypt( const cryptContext: CRYPT_CONTEXT;
  buffer: Pointer;
  const length: Integer ): Integer;
{$IFDEF WIN32} stdcall; {$ELSE} cdecl; {$ENDIF} external cryptlibname;

function cryptDecrypt( const cryptContext: CRYPT_CONTEXT;
  buffer: Pointer;
  const length: Integer ): Integer;