pgptls.pas
来自「用DELPHI实现的 PGP 加密算法」· PAS 代码 · 共 340 行 · 第 1/2 页
PAS
340 行
{$J+,Z4}
unit pgpTLS;
{**********************************************************************************}
{ }
{ The contents of this file are subject to the Mozilla Public License Version 1.1 }
{ (the "License"); you may not use this file except in compliance with the }
{ License. You may obtain a copy of the License at http://www.mozilla.org/MPL/. }
{ }
{ Software distributed under the License is distributed on an "AS IS" basis, }
{ WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for the }
{ specific language governing rights and limitations under the License. }
{ }
{ The Original Code is the "Borland Delphi Runtime Library PGPsdk" released 10 Apr }
{ 2000, available at http://www.oz.net/~srheller/dpgp/sdk/. }
{ }
{ The Initial Developer of the Original Code is Steven R. Heller. }
{ }
{ Portions created by Steven R. Heller are Copyright (C) 2000 Steven R. Heller. }
{ All Rights Reserved. }
{ }
{ Contributor(s): Michael in der Wiesche <idw.doc@t-online.de> ("idw"). }
{ }
{ The original file is pgpTLS.pas based on pgpTLS.h from the PGP sources }
{ which are Copyright (C) Network Associates Inc. and affiliated companies. }
{ }
{ Modifications by "idw" (other than stated in the code below): }
{ }
{ Types pPGPtlsContext, pPGPtlsConstContext, pPGPtlsSession, pPGPtlsConstSession }
{ moved to pgpPubTypes.pas, all functions taking OptionLists modified according }
{ to a suggestion by Steven R. Heller, for details see pgpOptionList.pas }
{ }
{**********************************************************************************}
interface
uses
pgpBase,
pgpPubTypes;
type
PGPtlsFlags = PGPFlags;
const
kPGPtlsFlags_ServerSide = $01;
kPGPtlsFlags_ClientSide = $02;
kPGPtlsFlags_RequestClientCert = $04;
kPGPtlsFlags_NonBlockingIO = $08;
type
PGPtlsCipherSuiteNum = PGPEnumType;
const
kPGPtls_TLS_NULL_WITH_NULL_NULL = 0;
kPGPtls_TLS_PGP_DHE_DSS_WITH_CAST_CBC_SHA = 1;
kPGPtls_TLS_PGP_DHE_RSA_WITH_CAST_CBC_SHA = 2;
kPGPtls_TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 3;
kPGPtls_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 4;
kPGPtls_TLS_RSA_WITH_3DES_EDE_CBC_SHA = 5;
kPGPtls_TLS_RSA_WITH_IDEA_CBC_SHA = 6;
kPGPtls_TLS_PGP_RSA_WITH_CAST_CBC_SHA = 7;
kPGPtls_TLS_PGP_DHE_DSS_WITH_NULL_SHA = 8;
kPGPtls_TLS_DHE_DSS_WITH_NULL_SHA = 9;
type
PGPtlsProtocolState = PGPEnumType;
const
kPGPtls_IdleState = 0;
kPGPtls_FatalErrorState = 1;
kPGPtls_ClosedState = 2;
kPGPtls_HandshakeState = 3;
kPGPtls_ReadyState = 4;
type
PGPtlsPrime = PGPEnumType;
const
kPGPtls_DHPrime1024 = 0;
kPGPtls_DHPrime1536 = 1;
kPGPtls_DHPrime2048 = 2;
kPGPtls_DHPrime3072 = 3;
kPGPtls_DHPrime4096 = 4;
type
PGPtlsAlert = PGPEnumType;
const
kPGPtls_AT_CloseNotify = 000;
kPGPtls_AT_UnexpectedMessage = 010; { FATAL }
kPGPtls_AT_BadRecordMAC = 020; { FATAL }
kPGPtls_AT_DecryptionFailed = 021; { FATAL }
kPGPtls_AT_RecordOverflow = 022; { FATAL }
kPGPtls_AT_DecompressionFailure = 030; { FATAL }
kPGPtls_AT_HandshakeFailure = 040; { FATAL }
kPGPtls_AT_NoCertificate = 041; { SSL3 }
kPGPtls_AT_BadCertificate = 042;
kPGPtls_AT_UnsupportedCert = 043;
kPGPtls_AT_CertRevoked = 044;
kPGPtls_AT_CertExpired = 045;
kPGPtls_AT_CertUnknown = 046;
kPGPtls_AT_IllegalParameter = 047; { FATAL }
kPGPtls_AT_UnknownCA = 048; { FATAL }
kPGPtls_AT_AccessDenied = 049; { FATAL }
kPGPtls_AT_DecodeError = 050; { FATAL }
kPGPtls_AT_DecryptError = 051;
kPGPtls_AT_ExportRestriction = 060; { FATAL }
kPGPtls_AT_ProtocolVersion = 070; { FATAL }
kPGPtls_AT_InsufficientSecurity = 071; { FATAL }
kPGPtls_AT_InternalError = 080; { FATAL }
kPGPtls_AT_UserCancelled = 090;
kPGPtls_AT_NoRenegotiation = 100;
kPGPtls_AT_None = 255;
type
TPGPtlsReceiveProcPtr = function(InData: Pointer; OutBuffer: Pointer; InBufferSize: PGPInt32): PGPInt32; cdecl;
TPGPtlsSendProcPtr = function(InData: Pointer; const InBuffer: Pointer; InBufferLength: PGPInt32): PGPInt32; cdecl;
var // added by idw from pgpUtilities.h
PGPsdkNetworkLibInit: function(Options: PGPFlags): PGPError; cdecl; // Options is ignored prior to 7.X
PGPsdkNetworkLibCleanup: function: PGPError; cdecl;
{____________________________________________________________________________
The Send and Receive function Pointers should return
kPGPError_TLSWouldBlock when the socket is non-blocking and the
call would block. The Send and Receive functions passed in will
need to translate the platform-specific socket error in appropriate
cases by using calls such as WSAGetLastError() on Win32. Remember
to call PGPtlsSendQueueIdle for non-blocking sockets also if
kPGPError_TLSWouldBlock is returned from a send on a non-blocking
socket.
____________________________________________________________________________}
PGPNewTLSContext: function(Context: pPGPContext; var OutRef: pPGPtlsContext): PGPError; cdecl;
PGPFreeTLSContext: function(Ref: pPGPtlsContext): PGPError; cdecl;
{____________________________________________________________________________
The following function activates or deactivates the session key cache
for TLS sessions. This defaults to on but can be deactivated with this
function to force all connections to proceed through the entire
handshake.
____________________________________________________________________________}
PGPtlsSetCache: function(Ref: pPGPtlsContext; UseCache: PGPBoolean): PGPError; cdecl;
PGPtlsClearCache: function(Ref: pPGPtlsContext): PGPError; cdecl;
PGPNewTLSSession: function(Ref: pPGPtlsContext; var OutRef: pPGPtlsSession): PGPError; cdecl;
PGPFreeTLSSession: function(Ref: pPGPtlsSession): PGPError; cdecl;
PGPCopyTLSSession: function(Ref: pPGPtlsSession; var OutRef: pPGPtlsSession): PGPError; cdecl;
{____________________________________________________________________________
Default options are client side and no client cert request
____________________________________________________________________________}
PGPtlsSetProtocolOptions: function(Ref: pPGPtlsSession; Options: PGPtlsFlags): PGPError; cdecl;
{____________________________________________________________________________
The following function must be called to cleanly close a TLS
connection. If it is not called, the session will not be able
to be resumed from the session cache.
In the event the application determines any problem with the
connection such as the remote key not being valid, call this
function with dontCache set to true in order to not cache the
session keys.
____________________________________________________________________________}
PGPtlsClose: function(Ref: pPGPtlsSession; DontCache: PGPBoolean): PGPError; cdecl;
{____________________________________________________________________________
The following function must be called to initiate the PGPtls session.
Once a TLS session has been assigned to a socket, no data can be sent
over that socket by the application until the handshake is completed.
Handshake completion is indicated by completion of this call without
error or by checking the state of the PGPtlsSession. It will be
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?