📄 wcrypt2.pas
字号:
type
PCERT_NAME_VALUE = ^CERT_NAME_VALUE;
CERT_NAME_VALUE = record
dwValueType :DWORD;
Value :CERT_RDN_VALUE_BLOB;
end;
//+-------------------------------------------------------------------------
// Public Key Info
//
// The PublicKey is the encoded representation of the information as it is
// stored in the bit string
//--------------------------------------------------------------------------
type
PCERT_PUBLIC_KEY_INFO = ^CERT_PUBLIC_KEY_INFO;
CERT_PUBLIC_KEY_INFO = record
Algorithm :CRYPT_ALGORITHM_IDENTIFIER;
PublicKey :CRYPT_BIT_BLOB;
end;
const
CERT_RSA_PUBLIC_KEY_OBJID = szOID_RSA_RSA;
CERT_DEFAULT_OID_PUBLIC_KEY_SIGN = szOID_RSA_RSA;
CERT_DEFAULT_OID_PUBLIC_KEY_XCHG = szOID_RSA_RSA;
//+-------------------------------------------------------------------------
// Information stored in a certificate
//
// The Issuer, Subject, Algorithm, PublicKey and Extension BLOBs are the
// encoded representation of the information.
//--------------------------------------------------------------------------
type
PCERT_INFO = ^CERT_INFO;
CERT_INFO = record
dwVersion :DWORD;
SerialNumber :CRYPT_INTEGER_BLOB;
SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
Issuer :CERT_NAME_BLOB;
NotBefore :TFILETIME;
NotAfter :TFILETIME;
Subject :CERT_NAME_BLOB;
SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO;
IssuerUniqueId :CRYPT_BIT_BLOB;
SubjectUniqueId :CRYPT_BIT_BLOB;
cExtension :DWORD;
rgExtension :PCERT_EXTENSION;
end;
//+-------------------------------------------------------------------------
// Certificate versions
//--------------------------------------------------------------------------
const
CERT_V1 = 0;
CERT_V2 = 1;
CERT_V3 = 2;
//+-------------------------------------------------------------------------
// Certificate Information Flags
//--------------------------------------------------------------------------
CERT_INFO_VERSION_FLAG = 1;
CERT_INFO_SERIAL_NUMBER_FLAG = 2;
CERT_INFO_SIGNATURE_ALGORITHM_FLAG = 3;
CERT_INFO_ISSUER_FLAG = 4;
CERT_INFO_NOT_BEFORE_FLAG = 5;
CERT_INFO_NOT_AFTER_FLAG = 6;
CERT_INFO_SUBJECT_FLAG = 7;
CERT_INFO_SUBJECT_PUBLIC_KEY_INFO_FLAG = 8;
CERT_INFO_ISSUER_UNIQUE_ID_FLAG = 9;
CERT_INFO_SUBJECT_UNIQUE_ID_FLAG = 10;
CERT_INFO_EXTENSION_FLAG = 11;
//+-------------------------------------------------------------------------
// An entry in a CRL
//
// The Extension BLOBs are the encoded representation of the information.
//--------------------------------------------------------------------------
type
PCRL_ENTRY = ^CRL_ENTRY;
CRL_ENTRY = record
SerialNumber :CRYPT_INTEGER_BLOB;
RevocationDate :TFILETIME;
cExtension :DWORD;
rgExtension :PCERT_EXTENSION;
end;
//+-------------------------------------------------------------------------
// Information stored in a CRL
//
// The Issuer, Algorithm and Extension BLOBs are the encoded
// representation of the information.
//--------------------------------------------------------------------------
type
PCRL_INFO = ^CRL_INFO;
CRL_INFO = record
dwVersion :DWORD;
SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
Issuer :CERT_NAME_BLOB;
ThisUpdate :TFILETIME;
NextUpdate :TFILETIME;
cCRLEntry :DWORD;
rgCRLEntry :PCRL_ENTRY;
cExtension :DWORD;
rgExtension :PCERT_EXTENSION;
end;
//+-------------------------------------------------------------------------
// CRL versions
//--------------------------------------------------------------------------
const
CRL_V1 = 0;
CRL_V2 = 1;
//+-------------------------------------------------------------------------
// Information stored in a certificate request
//
// The Subject, Algorithm, PublicKey and Attribute BLOBs are the encoded
// representation of the information.
//--------------------------------------------------------------------------
type
PCERT_REQUEST_INFO = ^CERT_REQUEST_INFO;
CERT_REQUEST_INFO = record
dwVersion :DWORD;
Subject :CERT_NAME_BLOB;
SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO;
cAttribute :DWORD;
rgAttribute :PCRYPT_ATTRIBUTE;
end;
//+-------------------------------------------------------------------------
// Certificate Request versions
//--------------------------------------------------------------------------
const CERT_REQUEST_V1 = 0;
//+-------------------------------------------------------------------------
// Information stored in Netscape's Keygen request
//--------------------------------------------------------------------------
type
PCERT_KEYGEN_REQUEST_INFO = ^CERT_KEYGEN_REQUEST_INFO;
CERT_KEYGEN_REQUEST_INFO = record
dwVersion :DWORD;
SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO;
pwszChallengeString :LPWSTR; // encoded as IA5
end;
const
CERT_KEYGEN_REQUEST_V1 = 0;
//+-------------------------------------------------------------------------
// Certificate, CRL, Certificate Request or Keygen Request Signed Content
//
// The "to be signed" encoded content plus its signature. The ToBeSigned
// is the encoded CERT_INFO, CRL_INFO, CERT_REQUEST_INFO or
// CERT_KEYGEN_REQUEST_INFO.
//--------------------------------------------------------------------------
type
PCERT_SIGNED_CONTENT_INFO = ^CERT_SIGNED_CONTENT_INFO;
CERT_SIGNED_CONTENT_INFO = record
ToBeSigned :CRYPT_DER_BLOB;
SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
Signature :CRYPT_BIT_BLOB;
end;
//+-------------------------------------------------------------------------
// Certificate Trust List (CTL)
//--------------------------------------------------------------------------
//+-------------------------------------------------------------------------
// CTL Usage. Also used for EnhancedKeyUsage extension.
//--------------------------------------------------------------------------
type
PCTL_USAGE =^CTL_USAGE;
CTL_USAGE = record
cUsageIdentifier :DWORD;
rgpszUsageIdentifier :PLPSTR; // array of pszObjId
end;
type
CERT_ENHKEY_USAGE = CTL_USAGE;
PCERT_ENHKEY_USAGE = ^CERT_ENHKEY_USAGE;
//+-------------------------------------------------------------------------
// An entry in a CTL
//--------------------------------------------------------------------------
type
PCTL_ENTRY = ^CTL_ENTRY;
CTL_ENTRY = record
SubjectIdentifier :CRYPT_DATA_BLOB; // For example, its hash
cAttribute :DWORD;
rgAttribute :PCRYPT_ATTRIBUTE; // OPTIONAL
end;
//+-------------------------------------------------------------------------
// Information stored in a CTL
//--------------------------------------------------------------------------
type
PCTL_INFO = ^CTL_INFO;
CTL_INFO = record
dwVersion :DWORD;
SubjectUsage :CTL_USAGE;
ListIdentifier :CRYPT_DATA_BLOB; // OPTIONAL
SequenceNumber :CRYPT_INTEGER_BLOB; // OPTIONAL
ThisUpdate :TFILETIME;
NextUpdate :TFILETIME; // OPTIONAL
SubjectAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
cCTLEntry :DWORD;
rgCTLEntry :PCTL_ENTRY; // OPTIONAL
cExtension :DWORD;
rgExtension :PCERT_EXTENSION; // OPTIONAL
end;
//+-------------------------------------------------------------------------
// CTL versions
//--------------------------------------------------------------------------
const
CTL_V1 = 0;
//+-------------------------------------------------------------------------
// TimeStamp Request
//
// The pszTimeStamp is the OID for the Time type requested
// The pszContentType is the Content Type OID for the content, usually DATA
// The Content is a un-decoded blob
//--------------------------------------------------------------------------
type
PCRYPT_TIME_STAMP_REQUEST_INFO = ^CRYPT_TIME_STAMP_REQUEST_INFO;
CRYPT_TIME_STAMP_REQUEST_INFO = record
pszTimeStampAlgorithm :LPSTR; // pszObjId
pszContentType :LPSTR; // pszObjId
Content :CRYPT_OBJID_BLOB;
cAttribute :DWORD;
rgAttribute :PCRYPT_ATTRIBUTE;
end;
//+-------------------------------------------------------------------------
// Certificate and Message encoding types
//
// The encoding type is a DWORD containing both the certificate and message
// encoding types. The certificate encoding type is stored in the LOWORD.
// The message encoding type is stored in the HIWORD. Some functions or
// structure fields require only one of the encoding types. The following
// naming convention is used to indicate which encoding type(s) are
// required:
// dwEncodingType (both encoding types are required)
// dwMsgAndCertEncodingType (both encoding types are required)
// dwMsgEncodingType (only msg encoding type is required)
// dwCertEncodingType (only cert encoding type is required)
//
// Its always acceptable to specify both.
//--------------------------------------------------------------------------
const
CERT_ENCODING_TYPE_MASK = $0000FFFF;
CMSG_ENCODING_TYPE_MASK = $FFFF0000;
//#define GET_CERT_ENCODING_TYPE(X) (X & CERT_ENCODING_TYPE_MASK)
//#define GET_CMSG_ENCODING_TYPE(X) (X & CMSG_ENCODING_TYPE_MASK)
function GET_CERT_ENCODING_TYPE(X :DWORD):DWORD;
function GET_CMSG_ENCODING_TYPE(X :DWORD):DWORD;
const
CRYPT_ASN_ENCODING = $00000001;
CRYPT_NDR_ENCODING = $00000002;
X509_ASN_ENCODING = $00000001;
X509_NDR_ENCODING = $00000002;
PKCS_7_ASN_ENCODING = $00010000;
PKCS_7_NDR_ENCODING = $00020000;
//+-------------------------------------------------------------------------
// format the specified data structure according to the certificate
// encoding type.
//
//--------------------------------------------------------------------------
function CryptFormatObject(dwCertEncodingType :DWORD;
dwFormatType :DWORD;
dwFormatStrType :DWORD;
pFormatStruct :PVOID;
lpszStructType :LPCSTR;
const pbEncoded :PBYTE;
cbEncoded :DWORD;
pbFormat :PVOID;
pcbFormat :PDWORD):BOOL ; stdcall;
//+-------------------------------------------------------------------------
// Encode / decode the specified data structure according to the certificate
// encoding type.
//
// See below for a list of the predefined data structures.
//--------------------------------------------------------------------------
function CryptEncodeObject(dwCertEncodingType :DWORD;
lpszStructType :LPCSTR;
const pvStructInfo :PVOID;
pbEncoded :PBYTE;
pcbEncoded :PDWORD ):BOOL ; stdcall;
function CryptDecodeObject(dwCertEncodingType :DWORD;
lpszStructType :LPCSTR;
const pbEncoded :PBYTE;
cbEncoded :DWORD;
dwFlags :DWORD;
pvStructInfo :PVOID;
pcbStructInfo :PDWORD):BOOL ; stdcall;
// When the following flag is set the nocopy optimization is enabled.
// This optimization where appropriate, updates the pvStructInfo fields
// to point to content residing within pbEncoded instead of making a copy
// of and appending to pvStructInfo.
//
// Note, when set, pbEncoded can't be freed until pvStructInfo is freed.
const
CRYPT_DECODE_NOCOPY_FLAG = $1;
//+-------------------------------------------------------------------------
// Predefined X509 certificate data structures that can be encoded / decoded.
//--------------------------------------------------------------------------
CRYPT_ENCODE_DECODE_NONE = 0;
X509_CERT = (LPCSTR(1));
X509_CERT_TO_BE_SIGNED = (LPCSTR(2));
X509_CERT_CRL_TO_BE_SIGNED = (LPCSTR(3));
X509_CERT_REQUEST_TO_BE_SIGNED = (LPCSTR(4));
X509_EXTENSIONS = (LPCSTR(5));
X509_NAME_VALUE = (LPCSTR(6));
X509_NAME = (LPCSTR(7));
X509_PUBLIC_KEY_INFO = (LPCSTR(8));
//+-------------------------------------------------------------------------
// Predefined X509 certificate extension data structures that can be
// encoded / decoded.
//--------------------------------------------------------------------------
X509_AUTHORITY_KEY_ID = (LPCSTR(9));
X509_KEY_ATTRIBUTES = (LPCSTR(10))⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -