pgptls.pas

来自「用DELPHI实现的 PGP 加密算法」· PAS 代码 · 共 340 行 · 第 1/2 页

  kPGPtls_ReadyState when the application layer may send and receive
  data securely.

  This function performs all negotiation of the TLS connection.
____________________________________________________________________________}

  PGPtlsHandshake: function(Ref: pPGPtlsSession): PGPError; cdecl;

{____________________________________________________________________________
  The following function should be called before PGPtlsHandshake.
  In the general case, the remoteID will be an IP address.  This
  is provided to PGPtls in order to allow it to cache the current
  session and be able to look it up later.  If the remoteID passed
  into a future session is the same as a previously cached session,
  PGPtls will attempt to resume the session.
____________________________________________________________________________}

  PGPtlsSetRemoteUniqueID: function(Ref: pPGPtlsSession; RemoteID: PGPUInt32): PGPError; cdecl;

{____________________________________________________________________________
  The following function sets the local private authenticating key.

  The passphrase and key are retained in memory.  By default, no
  key is specified and a client side session will return no key in the
  client key exchange message to the server.
  It is an error not to specify a key on a server side TLS session.
  This function must be passed either PGPOPassphrase or PGPOPasskeyBuffer.
  You may pass in just a PGP key, PGP w/ X.509 cert, or both -- and they
  must be the same -- the cert must be from the key.  For an X.509 cert,
  the inCertChain keyset must contain the keys of all keys in the
  certificate chain for that certificate up to the root.  [To disable X.509
  certs, simply pass nothing (ie. kPGPInvalidSigRef).]  The inCertChain
  keyset must remain valid for the lifetime of the TLS connection.
____________________________________________________________________________}

  {// PGP 6.5.X
  PGPtlsSetLocalPrivateKey: function(Ref: pPGPtlsSession; InKey: pPGPKey; InX509Cert: pPGPSig; InCertChain: pPGPKeySet;
				     Options: pPGPOptionList; LastOption: pPGPOptionList): PGPError; cdecl;}

  {// PGP 7.X
  PGPtlsSetLocalPrivateKey: function(Ref: pPGPtlsSession; InKey: pPGPKeyDBObj; InCertChain: pPGPKeySet;
				     Options: pPGPOptionList; LastOption: pPGPOptionList): PGPError; cdecl;}

{____________________________________________________________________________
  The following function sets the preferred cipher suite.

  There is no guarantee that cipher will actually be negotiated,
  but it will be attempted in preference to others.
____________________________________________________________________________}

  PGPtlsSetPreferredCipherSuite: function(Ref: pPGPtlsSession; Cipher: PGPtlsCipherSuiteNum): PGPError; cdecl;

{____________________________________________________________________________
  The following function sets the desired DH prime.

  The requested primes are drawn from a set of primes hard-coded
  into PGPtls.  New primes can be added in a fully compatible
  fashion since the server sends the prime to the client, but this
  version of the API does not support passing in a desired prime.  The
  default prime if this function is not called is kPGPtls_DHPrime2048.
____________________________________________________________________________}

  PGPtlsSetDHPrime: function(Ref: pPGPtlsSession; Prime: PGPtlsPrime): PGPError; cdecl;

{____________________________________________________________________________
  The following function gets the authenticated remote key after a
  successful handshake.  You must call this function after a successful
  handshake to verify that the remote key is authorized to make the
  connection.
____________________________________________________________________________}

  {// PGP 6.5.X
  PGPtlsGetRemoteAuthenticatedKey: function(Ref: pPGPtlsSession; var OutKey: pPGPKey;
  					    var OutKeySet: pPGPKeySet): PGPError; cdecl;}

  {// PGP 7.X
  PGPtlsGetRemoteAuthenticatedKey: function(Ref: pPGPtlsSession; var OutKey: pPGPKeyDBObj;
  					    var OutKeyDB: pPGPKeyDB): PGPError; cdecl;}

{____________________________________________________________________________
  The following function returns the negotiated symmetric cipher.

  This function will return an error if called before a successful
  handshake.
____________________________________________________________________________}

  PGPtlsGetNegotiatedCipherSuite: function(Ref: pPGPtlsSession; var OutCipher: PGPtlsCipherSuiteNum): PGPError; cdecl;
  PGPtlsGetState: function(Ref: pPGPtlsSession; var OutState: PGPtlsProtocolState): PGPError; cdecl;

{____________________________________________________________________________
  The following two functions process data through TLS.

  It is an error to call these functions without having set a
  Read function Pointer or Write function Pointer.  Most applications
  will never need to use these functions as the function Pointers
  are automatically configured by PGPsockets, and these functions
  are automatically called by the PGPsockets implementations of
  PGPWrite and PGPRead whenever a pPGPtlsSession has been set for
  a given socket.
____________________________________________________________________________}

  PGPtlsReceive: function(Ref: pPGPtlsSession; var OutBuffer: Pointer; var BufferSize: PGPSize): PGPError; cdecl;
  PGPtlsSend: function(Ref: pPGPtlsSession; const InBuffer: Pointer; InBufferLength: PGPSize): PGPError; cdecl;
  PGPtlsSetReceiveCallback: function(Ref: pPGPtlsSession; TLSReceiveProc: TPGPtlsReceiveProcPtr; InData: Pointer): PGPError; cdecl;
  PGPtlsSetSendCallback: function(Ref: pPGPtlsSession; TLSSendProc: TPGPtlsSendProcPtr; InData: Pointer): PGPError; cdecl;

{____________________________________________________________________________
  The following function is necessary *only* on a non-blocking socket.
  If a call to PGPtlsSend returns kPGPError_TLSWouldBlock, call
  the following function repeatedly until that error is no longer
  returned in order to make sure data is sent.  Another call to
  PGPtlsSend will also call this function automatically and queue
  any new data if necessary.
____________________________________________________________________________}

  PGPtlsSendQueueIdle: function(Ref: pPGPtlsSession): PGPError; cdecl;
  PGPtlsReceiveBufferSize: function(Ref: pPGPtlsSession): PGPSize; cdecl;

{____________________________________________________________________________
  The following function gets the ID of the fatal alert which caused
  the TLS session to abort and go into the kPGPtls_FatalErrorState.
____________________________________________________________________________}

  PGPtlsGetAlert: function(Ref: pPGPtlsSession; var OutAlert: PGPtlsAlert): PGPError; cdecl;

implementation	// code modified by idw

uses
  Windows;

initialization

  if PGPInitErrorCode=ieNone then begin
    PGPsdkNetworkLibInit:=GetProcAddress(hPGPsdkNLLib, 'PGPsdkNetworkLibInit');
    PGPsdkNetworkLibCleanup:=GetProcAddress(hPGPsdkNLLib, 'PGPsdkNetworkLibCleanup');
    PGPNewTLSContext:=GetProcAddress(hPGPsdkNLLib, 'PGPNewTLSContext');
    PGPFreeTLSContext:=GetProcAddress(hPGPsdkNLLib, 'PGPFreeTLSContext');
    PGPtlsSetCache:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsSetCache');
    PGPtlsClearCache:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsClearCache');
    PGPNewTLSSession:=GetProcAddress(hPGPsdkNLLib, 'PGPNewTLSSession');
    PGPFreeTLSSession:=GetProcAddress(hPGPsdkNLLib, 'PGPFreeTLSSession');
    PGPCopyTLSSession:=GetProcAddress(hPGPsdkNLLib, 'PGPCopyTLSSession');
    PGPtlsSetProtocolOptions:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsSetProtocolOptions');
    PGPtlsClose:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsClose');
    PGPtlsHandshake:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsHandshake');
    PGPtlsSetRemoteUniqueID:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsSetRemoteUniqueID');
    {PGPtlsSetLocalPrivateKey:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsSetLocalPrivateKey');}
    PGPtlsSetPreferredCipherSuite:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsSetPreferredCipherSuite');
    PGPtlsSetDHPrime:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsSetDHPrime');
    {PGPtlsGetRemoteAuthenticatedKey:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsGetRemoteAuthenticatedKey');}
    PGPtlsGetNegotiatedCipherSuite:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsGetNegotiatedCipherSuite');
    PGPtlsGetState:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsGetState');
    PGPtlsReceive:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsReceive');
    PGPtlsSend:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsSend');
    PGPtlsSetReceiveCallback:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsSetReceiveCallback');
    PGPtlsSetSendCallback:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsSetSendCallback');
    PGPtlsSendQueueIdle:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsSendQueueIdle');
    PGPtlsReceiveBufferSize:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsReceiveBufferSize');
    PGPtlsGetAlert:=GetProcAddress(hPGPsdkNLLib, 'PGPtlsGetAlert');

    PGPsdkNetworkLibInit(InitFlags);
  end;

finalization

  if Assigned(PGPsdkNetworkLibCleanup) then PGPsdkNetworkLibCleanup;

end.