📄 clcryptapi.pas
字号:
// For CertDecodeName, two 0 bytes are always appended to the end of the
// string (ensures a CHAR or WCHAR string is null terminated).
// These added 0 bytes are't included in the BLOB.cbData.
//--------------------------------------------------------------------------
const
CERT_RDN_ANY_TYPE = 0;
CERT_RDN_ENCODED_BLOB = 1;
CERT_RDN_OCTET_STRING = 2;
CERT_RDN_NUMERIC_STRING = 3;
CERT_RDN_PRINTABLE_STRING = 4;
CERT_RDN_TELETEX_STRING = 5;
CERT_RDN_T61_STRING = 5;
CERT_RDN_VIDEOTEX_STRING = 6;
CERT_RDN_IA5_STRING = 7;
CERT_RDN_GRAPHIC_STRING = 8;
CERT_RDN_VISIBLE_STRING = 9;
CERT_RDN_ISO646_STRING = 9;
CERT_RDN_GENERAL_STRING = 10;
CERT_RDN_UNIVERSAL_STRING = 11;
CERT_RDN_INT4_STRING = 11;
CERT_RDN_BMP_STRING = 12;
CERT_RDN_UNICODE_STRING = 12;
// Macro to check that the dwValueType is a character string and not an
// encoded blob or octet string
function IS_CERT_RDN_CHAR_STRING(X :DWORD) :BOOL;
//+-------------------------------------------------------------------------
// A CERT_RDN consists of an array of the above attributes
//--------------------------------------------------------------------------
type
PCERT_RDN = ^CERT_RDN;
CERT_RDN = record
cRDNAttr :DWORD;
rgRDNAttr :PCERT_RDN_ATTR;
end;
//+-------------------------------------------------------------------------
// Information stored in a subject's or issuer's name. The information
// is represented as an array of the above RDNs.
//--------------------------------------------------------------------------
type
PCERT_NAME_INFO = ^CERT_NAME_INFO;
CERT_NAME_INFO = record
cRDN :DWORD;
rgRDN :PCERT_RDN;
end;
//+-------------------------------------------------------------------------
// Name attribute value without the Object Identifier
//
// The interpretation of the Value depends on the dwValueType.
// See above for a list of the types.
//--------------------------------------------------------------------------
type
PCERT_NAME_VALUE = ^CERT_NAME_VALUE;
CERT_NAME_VALUE = record
dwValueType :DWORD;
Value :CERT_RDN_VALUE_BLOB;
end;
//+-------------------------------------------------------------------------
// Public Key Info
//
// The PublicKey is the encoded representation of the information as it is
// stored in the bit string
//--------------------------------------------------------------------------
type
PCERT_PUBLIC_KEY_INFO = ^CERT_PUBLIC_KEY_INFO;
CERT_PUBLIC_KEY_INFO = record
Algorithm :CRYPT_ALGORITHM_IDENTIFIER;
PublicKey :CRYPT_BIT_BLOB;
end;
const
CERT_RSA_PUBLIC_KEY_OBJID = szOID_RSA_RSA;
CERT_DEFAULT_OID_PUBLIC_KEY_SIGN = szOID_RSA_RSA;
CERT_DEFAULT_OID_PUBLIC_KEY_XCHG = szOID_RSA_RSA;
//+-------------------------------------------------------------------------
// Information stored in a certificate
//
// The Issuer, Subject, Algorithm, PublicKey and Extension BLOBs are the
// encoded representation of the information.
//--------------------------------------------------------------------------
type
PCERT_INFO = ^CERT_INFO;
CERT_INFO = record
dwVersion :DWORD;
SerialNumber :CRYPT_INTEGER_BLOB;
SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
Issuer :CERT_NAME_BLOB;
NotBefore :TFILETIME;
NotAfter :TFILETIME;
Subject :CERT_NAME_BLOB;
SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO;
IssuerUniqueId :CRYPT_BIT_BLOB;
SubjectUniqueId :CRYPT_BIT_BLOB;
cExtension :DWORD;
rgExtension :PCERT_EXTENSION;
end;
//+-------------------------------------------------------------------------
// Certificate versions
//--------------------------------------------------------------------------
const
CERT_V1 = 0;
CERT_V2 = 1;
CERT_V3 = 2;
//+-------------------------------------------------------------------------
// Certificate Information Flags
//--------------------------------------------------------------------------
CERT_INFO_VERSION_FLAG = 1;
CERT_INFO_SERIAL_NUMBER_FLAG = 2;
CERT_INFO_SIGNATURE_ALGORITHM_FLAG = 3;
CERT_INFO_ISSUER_FLAG = 4;
CERT_INFO_NOT_BEFORE_FLAG = 5;
CERT_INFO_NOT_AFTER_FLAG = 6;
CERT_INFO_SUBJECT_FLAG = 7;
CERT_INFO_SUBJECT_PUBLIC_KEY_INFO_FLAG = 8;
CERT_INFO_ISSUER_UNIQUE_ID_FLAG = 9;
CERT_INFO_SUBJECT_UNIQUE_ID_FLAG = 10;
CERT_INFO_EXTENSION_FLAG = 11;
//+-------------------------------------------------------------------------
// An entry in a CRL
//
// The Extension BLOBs are the encoded representation of the information.
//--------------------------------------------------------------------------
type
PCRL_ENTRY = ^CRL_ENTRY;
CRL_ENTRY = record
SerialNumber :CRYPT_INTEGER_BLOB;
RevocationDate :TFILETIME;
cExtension :DWORD;
rgExtension :PCERT_EXTENSION;
end;
//+-------------------------------------------------------------------------
// Information stored in a CRL
//
// The Issuer, Algorithm and Extension BLOBs are the encoded
// representation of the information.
//--------------------------------------------------------------------------
type
PCRL_INFO = ^CRL_INFO;
CRL_INFO = record
dwVersion :DWORD;
SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
Issuer :CERT_NAME_BLOB;
ThisUpdate :TFILETIME;
NextUpdate :TFILETIME;
cCRLEntry :DWORD;
rgCRLEntry :PCRL_ENTRY;
cExtension :DWORD;
rgExtension :PCERT_EXTENSION;
end;
//+-------------------------------------------------------------------------
// CRL versions
//--------------------------------------------------------------------------
const
CRL_V1 = 0;
CRL_V2 = 1;
//+-------------------------------------------------------------------------
// Information stored in a certificate request
//
// The Subject, Algorithm, PublicKey and Attribute BLOBs are the encoded
// representation of the information.
//--------------------------------------------------------------------------
type
PCERT_REQUEST_INFO = ^CERT_REQUEST_INFO;
CERT_REQUEST_INFO = record
dwVersion :DWORD;
Subject :CERT_NAME_BLOB;
SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO;
cAttribute :DWORD;
rgAttribute :PCRYPT_ATTRIBUTE;
end;
//+-------------------------------------------------------------------------
// Certificate Request versions
//--------------------------------------------------------------------------
const CERT_REQUEST_V1 = 0;
//+-------------------------------------------------------------------------
// Information stored in Netscape's Keygen request
//--------------------------------------------------------------------------
type
PCERT_KEYGEN_REQUEST_INFO = ^CERT_KEYGEN_REQUEST_INFO;
CERT_KEYGEN_REQUEST_INFO = record
dwVersion :DWORD;
SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO;
pwszChallengeString :LPWSTR; // encoded as IA5
end;
const
CERT_KEYGEN_REQUEST_V1 = 0;
//+-------------------------------------------------------------------------
// Certificate, CRL, Certificate Request or Keygen Request Signed Content
//
// The "to be signed" encoded content plus its signature. The ToBeSigned
// is the encoded CERT_INFO, CRL_INFO, CERT_REQUEST_INFO or
// CERT_KEYGEN_REQUEST_INFO.
//--------------------------------------------------------------------------
type
PCERT_SIGNED_CONTENT_INFO = ^CERT_SIGNED_CONTENT_INFO;
CERT_SIGNED_CONTENT_INFO = record
ToBeSigned :CRYPT_DER_BLOB;
SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
Signature :CRYPT_BIT_BLOB;
end;
//+-------------------------------------------------------------------------
// Certificate Trust List (CTL)
//--------------------------------------------------------------------------
//+-------------------------------------------------------------------------
// CTL Usage. Also used for EnhancedKeyUsage extension.
//--------------------------------------------------------------------------
type
PCTL_USAGE =^CTL_USAGE;
CTL_USAGE = record
cUsageIdentifier :DWORD;
rgpszUsageIdentifier :PLPSTR; // array of pszObjId
end;
type
CERT_ENHKEY_USAGE = CTL_USAGE;
PCERT_ENHKEY_USAGE = ^CERT_ENHKEY_USAGE;
//+-------------------------------------------------------------------------
// An entry in a CTL
//--------------------------------------------------------------------------
type
PCTL_ENTRY = ^CTL_ENTRY;
CTL_ENTRY = record
SubjectIdentifier :CRYPT_DATA_BLOB; // For example, its hash
cAttribute :DWORD;
rgAttribute :PCRYPT_ATTRIBUTE; // OPTIONAL
end;
//+-------------------------------------------------------------------------
// Information stored in a CTL
//--------------------------------------------------------------------------
type
PCTL_INFO = ^CTL_INFO;
CTL_INFO = record
dwVersion :DWORD;
SubjectUsage :CTL_USAGE;
ListIdentifier :CRYPT_DATA_BLOB; // OPTIONAL
SequenceNumber :CRYPT_INTEGER_BLOB; // OPTIONAL
ThisUpdate :TFILETIME;
NextUpdate :TFILETIME; // OPTIONAL
SubjectAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
cCTLEntry :DWORD;
rgCTLEntry :PCTL_ENTRY; // OPTIONAL
cExtension :DWORD;
rgExtension :PCERT_EXTENSION; // OPTIONAL
end;
//+-------------------------------------------------------------------------
// CTL versions
//--------------------------------------------------------------------------
const
CTL_V1 = 0;
//+-------------------------------------------------------------------------
// TimeStamp Request
//
// The pszTimeStamp is the OID for the Time type requested
// The pszContentType is the Content Type OID for the content, usually DATA
// The Content is a un-decoded blob
//--------------------------------------------------------------------------
type
PCRYPT_TIME_STAMP_REQUEST_INFO = ^CRYPT_TIME_STAMP_REQUEST_INFO;
CRYPT_TIME_STAMP_REQUEST_INFO = record
pszTimeStampAlgorithm :LPSTR; // pszObjId
pszContentType :LPSTR; // pszObjId
Content :CRYPT_OBJID_BLOB;
cAttribute :DWORD;
rgAttribute :PCRYPT_ATTRIBUTE;
end;
//+-------------------------------------------------------------------------
// Certificate and Message encoding types
//
// The encoding type is a DWORD containing both the certificate and message
// encoding types. The certificate encoding type is stored in the LOWORD.
// The message encoding type is stored in the HIWORD. Some functions or
// structure fields require only one of the encoding types. The following
// naming convention is used to indicate which encoding type(s) are
// required:
// dwEncodingType (both encoding types are required)
// dwMsgAndCertEncodingType (both encoding types are required)
// dwMsgEncodingType (only msg encoding type is required)
// dwCertEncodingType (only cert encoding type is required)
//
// Its always acceptable to specify both.
//--------------------------------------------------------------------------
const
CERT_ENCODING_TYPE_MASK = $0000FFFF;
CMSG_ENCODING_TYPE_MASK = $FFFF0000;
//#define GET_CERT_ENCODING_TYPE(X) (X & CERT_ENCODING_TYPE_MASK)
//#define GET_CMSG_ENCODING_TYPE(X) (X & CMSG_ENCODING_TYPE_MASK)
function GET_CERT_ENCODING_TYPE(X :DWORD):DWORD;
function GET_CMSG_ENCODING_TYPE(X :DWORD):DWORD;
const
CRYPT_ASN_ENCODING = $00000001;
CRYPT_NDR_ENCODING = $00000002;
X509_ASN_ENCODING = $00000001;
X509_NDR_ENCODING = $00000002;
PKCS_7_ASN_ENCODING = $00010000;
PKCS_7_NDR_ENCODING = $00020000;
//+-------------------------------------------------------------------------
// format the specified data structure according to the certificate
// encoding type.
//
//--------------------------------------------------------------------------
(*
function CryptFormatObject(dwCertEncodingType :DWORD;
dwFormatType :DWORD;
dwFormatStrType :DWORD;
pFormatStruct :PVOID;
lpszStructType :LPCSTR;
const pbEncoded :PBYTE;
cb⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -