📄 cryptlib.bas

📁 cryptlib安全工具包
💻 BAS
📖 第 1 页 / 共 5 页
字号:
    CRYPT_OPTION_KEYING_ALGO        ' Key processing algorithm     CRYPT_OPTION_KEYING_ITERATIONS  ' Key processing iterations     ' Certificate options     CRYPT_OPTION_CERT_SIGNUNRECOGNISEDATTRIBUTES    ' Whether to sign unrecog.attrs     CRYPT_OPTION_CERT_VALIDITY      ' Certificate validity period     CRYPT_OPTION_CERT_UPDATEINTERVAL    ' CRL update interval     CRYPT_OPTION_CERT_COMPLIANCELEVEL   ' PKIX compliance level for cert chks.    CRYPT_OPTION_CERT_REQUIREPOLICY     ' Whether explicit policy req'd for certs     ' CMS/SMIME options     CRYPT_OPTION_CMS_DEFAULTATTRIBUTES  ' Add default CMS attributes         CRYPT_OPTION_SMIME_DEFAULTATTRIBUTES = CRYPT_OPTION_CMS_DEFAULTATTRIBUTES    ' LDAP keyset options     CRYPT_OPTION_KEYS_LDAP_OBJECTCLASS  ' Object class     CRYPT_OPTION_KEYS_LDAP_OBJECTTYPE   ' Object type to fetch     CRYPT_OPTION_KEYS_LDAP_FILTER       ' Query filter     CRYPT_OPTION_KEYS_LDAP_CACERTNAME   ' CA certificate attribute name     CRYPT_OPTION_KEYS_LDAP_CERTNAME     ' Certificate attribute name     CRYPT_OPTION_KEYS_LDAP_CRLNAME      ' CRL attribute name     CRYPT_OPTION_KEYS_LDAP_EMAILNAME    ' Email attribute name     ' Crypto device options     CRYPT_OPTION_DEVICE_PKCS11_DVR01    ' Name of first PKCS #11 driver     CRYPT_OPTION_DEVICE_PKCS11_DVR02    ' Name of second PKCS #11 driver     CRYPT_OPTION_DEVICE_PKCS11_DVR03    ' Name of third PKCS #11 driver     CRYPT_OPTION_DEVICE_PKCS11_DVR04    ' Name of fourth PKCS #11 driver     CRYPT_OPTION_DEVICE_PKCS11_DVR05    ' Name of fifth PKCS #11 driver     CRYPT_OPTION_DEVICE_PKCS11_HARDWAREONLY ' Use only hardware mechanisms     ' Network access options     CRYPT_OPTION_NET_SOCKS_SERVER       ' Socks server name     CRYPT_OPTION_NET_SOCKS_USERNAME     ' Socks user name     CRYPT_OPTION_NET_HTTP_PROXY         ' Web proxy server     CRYPT_OPTION_NET_CONNECTTIMEOUT     ' Timeout for network connection setup     CRYPT_OPTION_NET_READTIMEOUT        ' Timeout for network reads     CRYPT_OPTION_NET_WRITETIMEOUT       ' Timeout for network writes     ' Miscellaneous options     CRYPT_OPTION_MISC_ASYNCINIT     ' Whether to init cryptlib async'ly     CRYPT_OPTION_MISC_SIDECHANNELPROTECTION  ' Protect against side-channel attacks     ' cryptlib state information     CRYPT_OPTION_CONFIGCHANGED      ' Whether in-mem.opts match on-disk ones     CRYPT_OPTION_SELFTESTOK         ' Whether self-test was completed and OK     ' Used internally     CRYPT_OPTION_LAST    CRYPT_CTXINFO_FIRST = 1000    '********************    ' Context attributes     '********************    ' Algorithm and mode information     CRYPT_CTXINFO_ALGO              ' Algorithm     CRYPT_CTXINFO_MODE              ' Mode     CRYPT_CTXINFO_NAME_ALGO         ' Algorithm name     CRYPT_CTXINFO_NAME_MODE         ' Mode name     CRYPT_CTXINFO_KEYSIZE           ' Key size in bytes     CRYPT_CTXINFO_BLOCKSIZE         ' Block size     CRYPT_CTXINFO_IVSIZE            ' IV size     CRYPT_CTXINFO_KEYING_ALGO       ' Key processing algorithm     CRYPT_CTXINFO_KEYING_ITERATIONS ' Key processing iterations     CRYPT_CTXINFO_KEYING_SALT       ' Key processing salt     CRYPT_CTXINFO_KEYING_VALUE      ' Value used to derive key     ' State information     CRYPT_CTXINFO_KEY               ' Key     CRYPT_CTXINFO_KEY_COMPONENTS    ' Public-key components     CRYPT_CTXINFO_IV                ' IV     CRYPT_CTXINFO_HASHVALUE         ' Hash value     ' Misc.information     CRYPT_CTXINFO_LABEL             ' Label for private/secret key     CRYPT_CTXINFO_PERSISTENT        ' Obj.is backed by device or keyset     ' Used internally     CRYPT_CTXINFO_LAST    CRYPT_CERTINFO_FIRST = 2000    '************************    ' Certificate attributes     '************************'      Because there are so many cert attributes, we break them down into'      blocks to minimise the number of values that change if a new one is'      added halfway through '      Pseudo-information on a cert object or meta-information which is used'      to control the way that a cert object is processed     CRYPT_CERTINFO_SELFSIGNED       ' Cert is self-signed     CRYPT_CERTINFO_IMMUTABLE        ' Cert is signed and immutable     CRYPT_CERTINFO_XYZZY            ' Cert is a magic just-works cert     CRYPT_CERTINFO_CERTTYPE         ' Certificate object type     CRYPT_CERTINFO_FINGERPRINT      ' Certificate fingerprints         CRYPT_CERTINFO_FINGERPRINT_MD5 = CRYPT_CERTINFO_FINGERPRINT    CRYPT_CERTINFO_FINGERPRINT_SHA    CRYPT_CERTINFO_CURRENT_CERTIFICATE ' Cursor mgt: Rel.pos in chain/CRL/OCSP     CRYPT_CERTINFO_TRUSTED_USAGE    ' Usage that cert is trusted for     CRYPT_CERTINFO_TRUSTED_IMPLICIT ' Whether cert is implicitly trusted     CRYPT_CERTINFO_SIGNATURELEVEL   ' Amount of detail to include in sigs.    ' General certificate object information     CRYPT_CERTINFO_VERSION          ' Cert.format version     CRYPT_CERTINFO_SERIALNUMBER     ' Serial number     CRYPT_CERTINFO_SUBJECTPUBLICKEYINFO     ' Public key     CRYPT_CERTINFO_CERTIFICATE      ' User certificate         CRYPT_CERTINFO_USERCERTIFICATE = CRYPT_CERTINFO_CERTIFICATE    CRYPT_CERTINFO_CACERTIFICATE    ' CA certificate     CRYPT_CERTINFO_ISSUERNAME       ' Issuer DN     CRYPT_CERTINFO_VALIDFROM        ' Cert valid-from time     CRYPT_CERTINFO_VALIDTO          ' Cert valid-to time     CRYPT_CERTINFO_SUBJECTNAME      ' Subject DN     CRYPT_CERTINFO_ISSUERUNIQUEID   ' Issuer unique ID     CRYPT_CERTINFO_SUBJECTUNIQUEID  ' Subject unique ID     CRYPT_CERTINFO_CERTREQUEST      ' Cert.request (DN + public key)     CRYPT_CERTINFO_THISUPDATE       ' CRL/OCSP current-update time     CRYPT_CERTINFO_NEXTUPDATE       ' CRL/OCSP next-update time     CRYPT_CERTINFO_REVOCATIONDATE   ' CRL/OCSP cert-revocation time     CRYPT_CERTINFO_REVOCATIONSTATUS ' OCSP revocation status     CRYPT_CERTINFO_CERTSTATUS       ' RTCS certificate status     CRYPT_CERTINFO_DN               ' Currently selected DN in string form     CRYPT_CERTINFO_PKIUSER_ID       ' PKI user ID     CRYPT_CERTINFO_PKIUSER_ISSUEPASSWORD    ' PKI user issue password     CRYPT_CERTINFO_PKIUSER_REVPASSWORD      ' PKI user revocation password '      X.520 Distinguished Name components.  This is a composite field, the'      DN to be manipulated is selected through the addition of a'      pseudocomponent, and then one of the following is used to access the'      DN components directly     CRYPT_CERTINFO_COUNTRYNAME = CRYPT_CERTINFO_FIRST + 100     ' countryName     CRYPT_CERTINFO_STATEORPROVINCENAME  ' stateOrProvinceName     CRYPT_CERTINFO_LOCALITYNAME         ' localityName     CRYPT_CERTINFO_ORGANIZATIONNAME     ' organizationName         CRYPT_CERTINFO_ORGANISATIONNAME = CRYPT_CERTINFO_ORGANIZATIONNAME    CRYPT_CERTINFO_ORGANIZATIONALUNITNAME   ' organizationalUnitName         CRYPT_CERTINFO_ORGANISATIONALUNITNAME = CRYPT_CERTINFO_ORGANIZATIONALUNITNAME    CRYPT_CERTINFO_COMMONNAME       ' commonName '      X.509 General Name components.  These are handled in the same way as'      the DN composite field, with the current GeneralName being selected by'      a pseudo-component after which the individual components can be'      modified through one of the following     CRYPT_CERTINFO_OTHERNAME_TYPEID         ' otherName.typeID     CRYPT_CERTINFO_OTHERNAME_VALUE          ' otherName.value     CRYPT_CERTINFO_RFC822NAME               ' rfc822Name         CRYPT_CERTINFO_EMAIL = CRYPT_CERTINFO_RFC822NAME    CRYPT_CERTINFO_DNSNAME                  ' dNSName     CRYPT_CERTINFO_DIRECTORYNAME            ' directoryName     CRYPT_CERTINFO_EDIPARTYNAME_NAMEASSIGNER    ' ediPartyName.nameAssigner     CRYPT_CERTINFO_EDIPARTYNAME_PARTYNAME   ' ediPartyName.partyName     CRYPT_CERTINFO_UNIFORMRESOURCEIDENTIFIER    ' uniformResourceIdentifier     CRYPT_CERTINFO_IPADDRESS                ' iPAddress     CRYPT_CERTINFO_REGISTEREDID             ' registeredID '      X.509 certificate extensions.  Although it would be nicer to use names'      that match the extensions more closely (e.g.'      CRYPT_CERTINFO_BASICCONSTRAINTS_PATHLENCONSTRAINT), these exceed the'      32-character ANSI minimum length for unique names, and get really'      hairy once you get into the weird policy constraints extensions whose'      names wrap around the screen about three times.''      The following values are defined in OID order, this isn't absolutely'      necessary but saves an extra layer of processing when encoding them '      1 2 840 113549 1 9 7 challengePassword.  This is here even though it's'      a CMS attribute because SCEP stuffs it into PKCS #10 requests     CRYPT_CERTINFO_CHALLENGEPASSWORD = CRYPT_CERTINFO_FIRST + 200    ' 1 3 6 1 4 1 3029 3 1 4 cRLExtReason     CRYPT_CERTINFO_CRLEXTREASON    ' 1 3 6 1 4 1 3029 3 1 5 keyFeatures     CRYPT_CERTINFO_KEYFEATURES    ' 1 3 6 1 5 5 7 1 1 authorityInfoAccess     CRYPT_CERTINFO_AUTHORITYINFOACCESS    CRYPT_CERTINFO_AUTHORITYINFO_RTCS       ' accessDescription.accessLocation     CRYPT_CERTINFO_AUTHORITYINFO_OCSP       ' accessDescription.accessLocation     CRYPT_CERTINFO_AUTHORITYINFO_CAISSUERS  ' accessDescription.accessLocation     CRYPT_CERTINFO_AUTHORITYINFO_CERTSTORE  ' accessDescription.accessLocation     CRYPT_CERTINFO_AUTHORITYINFO_CRLS       ' accessDescription.accessLocation     ' 1 3 6 1 5 5 7 1 2 biometricInfo     CRYPT_CERTINFO_BIOMETRICINFO    CRYPT_CERTINFO_BIOMETRICINFO_TYPE       ' biometricData.typeOfData     CRYPT_CERTINFO_BIOMETRICINFO_HASHALGO   ' biometricData.hashAlgorithm     CRYPT_CERTINFO_BIOMETRICINFO_HASH       ' biometricData.dataHash     CRYPT_CERTINFO_BIOMETRICINFO_URL        ' biometricData.sourceDataUri     ' 1 3 6 1 5 5 7 1 3 qcStatements     CRYPT_CERTINFO_QCSTATEMENT    CRYPT_CERTINFO_QCSTATEMENT_SEMANTICS                    ' qcStatement.statementInfo.semanticsIdentifier     CRYPT_CERTINFO_QCSTATEMENT_REGISTRATIONAUTHORITY                    ' qcStatement.statementInfo.nameRegistrationAuthorities     ' 1 3 6 1 5 5 7 48 1 2 ocspNonce     CRYPT_CERTINFO_OCSP_NONCE               ' nonce     ' 1 3 6 1 5 5 7 48 1 4 ocspAcceptableResponses     CRYPT_CERTINFO_OCSP_RESPONSE    CRYPT_CERTINFO_OCSP_RESPONSE_OCSP       ' OCSP standard response     ' 1 3 6 1 5 5 7 48 1 5 ocspNoCheck     CRYPT_CERTINFO_OCSP_NOCHECK    ' 1 3 6 1 5 5 7 48 1 6 ocspArchiveCutoff     CRYPT_CERTINFO_OCSP_ARCHIVECUTOFF    ' 1 3 6 1 5 5 7 48 1 11 subjectInfoAccess     CRYPT_CERTINFO_SUBJECTINFOACCESS    CRYPT_CERTINFO_SUBJECTINFO_CAREPOSITORY ' accessDescription.accessLocation     CRYPT_CERTINFO_SUBJECTINFO_TIMESTAMPING ' accessDescription.accessLocation     ' 1 3 36 8 3 1 siggDateOfCertGen     CRYPT_CERTINFO_SIGG_DATEOFCERTGEN    ' 1 3 36 8 3 2 siggProcuration     CRYPT_CERTINFO_SIGG_PROCURATION    CRYPT_CERTINFO_SIGG_PROCURE_COUNTRY     ' country     CRYPT_CERTINFO_SIGG_PROCURE_TYPEOFSUBSTITUTION  ' typeOfSubstitution     CRYPT_CERTINFO_SIGG_PROCURE_SIGNINGFOR  ' signingFor.thirdPerson     ' 1 3 36 8 3 4 siggMonetaryLimit     CRYPT_CERTINFO_SIGG_MONETARYLIMIT    CRYPT_CERTINFO_SIGG_MONETARY_CURRENCY   ' currency     CRYPT_CERTINFO_SIGG_MONETARY_AMOUNT     ' amount     CRYPT_CERTINFO_SIGG_MONETARY_EXPONENT   ' exponent     ' 1 3 36 8 3 8 siggRestriction     CRYPT_CERTINFO_SIGG_RESTRICTION    ' 1 3 101 1 4 1 strongExtranet     CRYPT_CERTINFO_STRONGEXTRANET    CRYPT_CERTINFO_STRONGEXTRANET_ZONE      ' sxNetIDList.sxNetID.zone     CRYPT_CERTINFO_STRONGEXTRANET_ID        ' sxNetIDList.sxNetID.id     ' 2 5 29 9 subjectDirectoryAttributes     CRYPT_CERTINFO_SUBJECTDIRECTORYATTRIBUTES    CRYPT_CERTINFO_SUBJECTDIR_TYPE          ' attribute.type     CRYPT_CERTINFO_SUBJECTDIR_VALUES        ' attribute.values     ' 2 5 29 14 subjectKeyIdentifier     CRYPT_CERTINFO_SUBJECTKEYIDENTIFIER    ' 2 5 29 15 keyUsage     CRYPT_CERTINFO_KEYUSAGE    ' 2 5 29 16 privateKeyUsagePeriod     CRYPT_CERTINFO_PRIVATEKEYUSAGEPERIOD    CRYPT_CERTINFO_PRIVATEKEY_NOTBEFORE     ' notBefore     CRYPT_CERTINFO_PRIVATEKEY_NOTAFTER      ' notAfter     ' 2 5 29 17 subjectAltName     CRYPT_CERTINFO_SUBJECTALTNAME    ' 2 5 29 18 issuerAltName     CRYPT_CERTINFO_ISSUERALTNAME    ' 2 5 29 19 basicConstraints     CRYPT_CERTINFO_BASICCONSTRAINTS    CRYPT_CERTINFO_CA                       ' cA         CRYPT_CERTINFO_AUTHORITY = CRYPT_CERTINFO_CA    CRYPT_CERTINFO_PATHLENCONSTRAINT        ' pathLenConstraint     ' 2 5 29 20 cRLNumber     CRYPT_CERTINFO_CRLNUMBER    ' 2 5 29 21 cRLReason     CRYPT_CERTINFO_CRLREASON    ' 2 5 29 23 holdInstructionCode     CRYPT_CERTINFO_HOLDINSTRUCTIONCODE    ' 2 5 29 24 invalidityDate     CRYPT_CERTINFO_INVALIDITYDATE    ' 2 5 29 27 deltaCRLIndicator     CRYPT_CERTINFO_DELTACRLINDICATOR    ' 2 5 29 28 issuingDistributionPoint     CRYPT_CERTINFO_ISSUINGDISTRIBUTIONPOINT    CRYPT_CERTINFO_ISSUINGDIST_FULLNAME     ' distributionPointName.fullName     CRYPT_CERTINFO_ISSUINGDIST_USERCERTSONLY    ' onlyContainsUserCerts     CRYPT_CERTINFO_ISSUINGDIST_CACERTSONLY  ' onlyContainsCACerts     CRYPT_CERTINFO_ISSUINGDIST_SOMEREASONSONLY  ' onlySomeReasons     CRYPT_CERTINFO_ISSUINGDIST_INDIRECTCRL  ' indirectCRL     ' 2 5 29 29 certificateIssuer     CRYPT_CERTINFO_CERTIFICATEISSUER    ' 2 5 29 30 nameConstraints     CRYPT_CERTINFO_NAMECONSTRAINTS    CRYPT_CERTINFO_PERMITTEDSUBTREES        ' permittedSubtrees     CRYPT_CERTINFO_EXCLUDEDSUBTREES         ' excludedSubtrees     ' 2 5 29 31 cRLDistributionPoint     CRYPT_CERTINFO_CRLDISTRIBUTIONPOINT    CRYPT_CERTINFO_CRLDIST_FULLNAME         ' distributionPointName.fullName     CRYPT_CERTINFO_CRLDIST_REASONS          ' reasons     CRYPT_CERTINFO_CRLDIST_CRLISSUER        ' cRLIssuer     ' 2 5 29 32 certificatePolicies     CRYPT_CERTINFO_CERTIFICATEPOLICIES    CRYPT_CERTINFO_CERTPOLICYID         ' policyInformation.policyIdentifier     CRYPT_CERTINFO_CERTPOLICY_CPSURI        ' policyInformation.policyQualifiers.qualifier.cPSuri
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -