DEFINITION MODULE diCrPKI;
<*/CALLS:OSCALL*>
<*/NOHIGH*>
<*/ALIGN:8/NOPACK*>
FROM SYSTEM IMPORT BYTE, ADDRESS;

CONST
(* GENERAL CONSTANTS *)
  PKI_MAX_HASH_LEN  = 40;
  PKI_DIR_ENCRYPT   =  1;
  PKI_DIR_DECRYPT   =  0;

(* OPTION FLAGS *)
  PKI_DEFAULT        = 0;
  PKI_SIG_SHA1RSA    = 0;
  PKI_SIG_MD5RSA     = 1;
  PKI_SIG_MD2RSA     = 2;
  PKI_PBE_SHA_3DES   = 0;
  PKI_PBE_MD5_DES    = 1;
  PKI_PBE_MD2_DES    = 2;

  PKI_HASH_SHA1  = 0;
  PKI_HASH_MD5   = 1;
  PKI_HASH_MD2   = 2;
(*#define PKI_HASH_DEFINED_*)
  PKI_HASH_MODE_TEXT = 10000H;

(* nFermatExp values for RSA exponent *)
  PKI_RSAEXP_EQ_3      = 0;
  PKI_RSAEXP_EQ_5      = 1;
  PKI_RSAEXP_EQ_17     = 2;
  PKI_RSAEXP_EQ_257    = 3;
  PKI_RSAEXP_EQ_65537  = 4;

  PKI_KEYGEN_INDICATE  = 010H;
  PKI_KEY_NODELAY      = 020H;

  PKI_CMS_FORMAT_BASE64       = 010000H;
  PKI_CMS_EXCLUDE_CERTS       = 00100H;
  PKI_CMS_EXCLUDE_DATA        = 00200H;
  PKI_CMS_INCLUDE_ATTRS       = 00800H;
  PKI_CMS_ADD_SIGNTIME        = 01000H;
  PKI_CMS_ADD_SMIMECAP        = 02000H;
(*#define PKI_CMS_DEFINED_*)

  PKI_X509_FORMAT_PEM         = 010000H;
  PKI_X509_FORMAT_BIN         = 020000H;
  PKI_X509_REQ_KLUDGE         = 0100000H;
  PKI_X509_NO_BASIC           = 02000000H;
  PKI_X509_CA_TRUE            = 04000000H;
  PKI_X509_VERSION1           = 08000000H;
(* Flags for Key Usage *)
  PKI_X509_KEYUSAGE_DIGITALSIGNATURE   = 00001H;
  PKI_X509_KEYUSAGE_NONREPUDIATION     = 00002H;
  PKI_X509_KEYUSAGE_KEYENCIPHERMENT    = 00004H;
  PKI_X509_KEYUSAGE_DATAENCIPHERMENT   = 00008H;
  PKI_X509_KEYUSAGE_KEYAGREEMENT       = 00010H;
  PKI_X509_KEYUSAGE_KEYCERTSIGN        = 00020H;
  PKI_X509_KEYUSAGE_CRLSIGN            = 00040H;
  PKI_X509_KEYUSAGE_ENCIPHERONLY       = 00080H;
  PKI_X509_KEYUSAGE_DECIPHERONLY       = 00100H;
(*#define PKI_X509_DEFINED_*)


TYPE
  PKI_ERROR = (OK_success_no_error = 0,
               Cannot_open_input_file,
               Cannot_create_output_file,
               File_read_error,
               File_write_error,Memory_error,
               Parameter_is_missing_or_wrong,
               Data_in_the_wrong_format,
               Data_corrupted,
               Unexpected_end_of_file_found,
               Unable_to_convert,
               Value_out_of_range,
               Duplicate_data,
               Misc_file_IO_error,
               Unexpected_NULL_value,
               Decryption_error,
               Data_invalid,
               Invalid_flag,
               Failed_to_wipe_data,
               Algorithm_not_supported,
               No_data_to_process,
               No_match,
               Bad_signature,
               Failed_a_test_eg_known_answer_test,
               RSA_key_generator_failed_to_find_a_prime,
               Data_not_a_valid_length = 26,
               Invalid_key_length = 33,
               Invalid_block_length = 34,
               Invalid_mode = 35,
               Invalid_key = 48,
               Invalid_block = 49,
               Invalid_initialisation_vector = 51,
               Miscellaneous_error = 9999);


PROCEDURE PKI_Version(VAR nMajor: INTEGER; VAR nMinor: INTEGER): INTEGER;
PROCEDURE PKI_LicenceType(reserved: INTEGER): INTEGER;
PROCEDURE PKI_LastError(VAR szErrMsg: ARRAY OF CHAR; nMsgLen: INTEGER): INTEGER;
PROCEDURE PKI_ErrorCode(): INTEGER;
PROCEDURE PKI_ErrorLookup(VAR szErrMsg: ARRAY OF CHAR; nMsgLen: INTEGER; nErrCode: INTEGER);
PROCEDURE PKI_CompileTime(VAR szTimestamp: ARRAY OF CHAR; nLen: INTEGER): INTEGER;
PROCEDURE PKI_ModuleName(VAR szTimestamp: ARRAY OF CHAR; nLen: INTEGER; reserved: INTEGER): INTEGER;
PROCEDURE PKI_PowerUpTests(nOptions: INTEGER): INTEGER;

(* RFC3369 CRYPTOGRAPHIC MESSAGE SYNTAX FUNCTIONS *)
PROCEDURE CMS_MakeEnvData(VAR szFileOut: ARRAY OF CHAR; VAR szFileIn: ARRAY OF CHAR; VAR szCertList: ARRAY OF CHAR; VAR sSeed: ARRAY OF CHAR; nSeedLen: INTEGER; nOptions: INTEGER): INTEGER;
PROCEDURE CMS_MakeEnvDataFromString(VAR szFileOut: ARRAY OF CHAR; VAR szDataIn: ARRAY OF CHAR; VAR szCertList: ARRAY OF CHAR; VAR sSeed: ARRAY OF CHAR; nSeedLen: INTEGER; nOptions: INTEGER): INTEGER;
PROCEDURE CMS_ReadEnvData(VAR szFileOut: ARRAY OF CHAR; VAR szFileIn: ARRAY OF CHAR; VAR szX509File: ARRAY OF CHAR; VAR szRSAPrivateKey: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE CMS_ReadEnvDataToString(VAR szDataOut: ARRAY OF CHAR; nDataOutLen: INTEGER; VAR szFileIn: ARRAY OF CHAR; VAR szX509File: ARRAY OF CHAR; VAR szRSAPrivateKey: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE CMS_MakeSigData(VAR szFileOut: ARRAY OF CHAR; VAR szFileIn: ARRAY OF CHAR; VAR szCertList: ARRAY OF CHAR; VAR szRSAPrivateKey: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE CMS_MakeSigDataFromString(VAR szFileOut: ARRAY OF CHAR; VAR szDataIn: ARRAY OF CHAR; VAR szCertList: ARRAY OF CHAR; VAR szRSAPrivateKey: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE CMS_MakeDetachedSig(VAR szFileOut: ARRAY OF CHAR; VAR szHexDigest: ARRAY OF CHAR; VAR szCertList: ARRAY OF CHAR; VAR szRSAPrivateKey: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE CMS_ReadSigData(VAR szFileOut: ARRAY OF CHAR; VAR szFileIn: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE CMS_ReadSigDataToString(VAR szDataOut: ARRAY OF CHAR; nDataOutLen: INTEGER; VAR szFileIn: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE CMS_GetSigDataDigest(VAR szHexDigestOut: ARRAY OF CHAR; nDigestLen: INTEGER; VAR szFileIn: ARRAY OF CHAR; VAR szX509File: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;

(* RSA KEY FUNCTIONS *)
PROCEDURE RSA_MakeKeys(VAR szPubKeyFile: ARRAY OF CHAR; VAR szPVKFile: ARRAY OF CHAR; nBits: INTEGER; nExpFermat: INTEGER; nTests: INTEGER; nCount: INTEGER; VAR szPassword: ARRAY OF CHAR; VAR sSeed: ARRAY OF CHAR; nSeedLen: INTEGER; nOptions: INTEGER): INTEGER;
PROCEDURE RSA_ReadEncPrivateKey(VAR szOutput: ARRAY OF CHAR; nOutputLen: INTEGER; VAR szPVKFile: ARRAY OF CHAR; VAR szPassword: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE RSA_ReadPrivateKeyInfo(VAR szOutput: ARRAY OF CHAR; nOutputLen: INTEGER; VAR szKeyFile: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE RSA_GetPrivateKeyFromPFX(VAR szOutputFile: ARRAY OF CHAR; VAR szPFXFile: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE RSA_ReadPublicKey(VAR szOutput: ARRAY OF CHAR; nOutputLen: INTEGER; VAR szKeyFile: ARRAY OF CHAR; flags: INTEGER): INTEGER;
PROCEDURE RSA_GetPublicKeyFromCert(VAR szOutput: ARRAY OF CHAR; nOutputLen: INTEGER; VAR szCertFile: ARRAY OF CHAR; flags: INTEGER): INTEGER;

PROCEDURE RSA_SavePublicKey(VAR szFileOut: ARRAY OF CHAR; VAR szKeyString: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE RSA_SavePrivateKeyInfo(VAR szFileOut: ARRAY OF CHAR; VAR szKeyString: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE RSA_SaveEncPrivateKey(VAR szFileOut: ARRAY OF CHAR; VAR szKeyString: ARRAY OF CHAR; nCount: INTEGER; VAR szPassword: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE RSA_KeyBits(VAR szRsaKey64: ARRAY OF CHAR): INTEGER;
PROCEDURE RSA_KeyBytes(VAR szRsaKey64: ARRAY OF CHAR): INTEGER;

(* PKCS12 FILE FUNCTIONS *)
PROCEDURE PFX_MakeFile(VAR szFileOut: ARRAY OF CHAR; VAR szCertFile: ARRAY OF CHAR; VAR szKeyFile: ARRAY OF CHAR; VAR szPassword: ARRAY OF CHAR; VAR szFriendlyName: ARRAY OF CHAR; options: INTEGER): INTEGER;
PROCEDURE PFX_VerifySig(VAR szFileName: ARRAY OF CHAR; VAR szPassword: ARRAY OF CHAR; options: INTEGER): INTEGER;

(* 'RAW' RSA ENCRYPTION/DECRYPTION FUNCTIONS *)
PROCEDURE RSA_RawPublic(VAR abData: ARRAY OF BYTE; nDataLen: INTEGER; VAR szPublicKey64: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;
PROCEDURE RSA_RawPrivate(VAR abData: ARRAY OF BYTE; nDataLen: INTEGER; VAR szPrivateKey64: ARRAY OF CHAR; nOptions: INTEGER): INTEGER;

(* X509 CERTIFICATE FUNCTIONS *)
PROCEDURE X509_MakeCert(VAR certfile: ARRAY OF CHAR; VAR issuerCert: ARRAY OF CHAR; VAR subjectPubkeyFile: ARRAY OF CHAR; VAR issuerPvkInfoFile: ARRAY OF CHAR; certnum: INTEGER; yearsvalid: INTEGER; VAR distName: ARRAY OF CHAR; VAR email: ARRAY OF CHAR; keyUsageFlags: INTEGER; VAR password: ARRAY OF CHAR; optionFlags: INTEGER): INTEGER;
PROCEDURE X509_MakeCertSelf(VAR certfile: ARRAY OF CHAR; VAR epkfile: ARRAY OF CHAR; certnum: INTEGER; yearsvalid: INTEGER; VAR distName: ARRAY OF CHAR; VAR email: ARRAY OF CHAR; keyUsageFlags: INTEGER; VAR password: ARRAY OF CHAR; optionFlags: INTEGER): INTEGER;
PROCEDURE X509_CertRequest(VAR reqfile: ARRAY OF CHAR; VAR epkfile: ARRAY OF CHAR; VAR distName: ARRAY OF CHAR; VAR reserved: ARRAY OF CHAR; VAR password: ARRAY OF CHAR; optionFlags: INTEGER): INTEGER;
PROCEDURE X509_VerifyCert(VAR szCertToVerify: ARRAY OF CHAR; VAR szIssuerCert: ARRAY OF CHAR; flags: INTEGER): INTEGER;
PROCEDURE X509_CertThumb(VAR szCertFile: ARRAY OF CHAR; VAR szHash: ARRAY OF CHAR; hashlen: INTEGER; flags: INTEGER): INTEGER;
PROCEDURE X509_CertIsValidNow(VAR szCertFile: ARRAY OF CHAR; flags: INTEGER): INTEGER;
PROCEDURE X509_CertIssuedOn(VAR szCertFile: ARRAY OF CHAR; VAR szOutput: ARRAY OF CHAR; nOutputLen: INTEGER; flags: INTEGER): INTEGER;
PROCEDURE X509_CertExpiresOn(VAR szCertFile: ARRAY OF CHAR; VAR szOutput: ARRAY OF CHAR; nOutputLen: INTEGER; flags: INTEGER): INTEGER;
PROCEDURE X509_CertSerialNumber(VAR szCertFile: ARRAY OF CHAR; VAR szOutput: ARRAY OF CHAR; nOutputLen: INTEGER; flags: INTEGER): INTEGER;
PROCEDURE X509_HashIssuerAndSN(VAR szCertFile: ARRAY OF CHAR; VAR szOutput: ARRAY OF CHAR; nOutputLen: INTEGER; flags: INTEGER): INTEGER;
PROCEDURE X509_CertIssuerName(VAR szCertFile: ARRAY OF CHAR; VAR szOutput: ARRAY OF CHAR; nOutputLen: INTEGER; VAR szDelim: ARRAY OF CHAR; flags: INTEGER): INTEGER;
PROCEDURE X509_CertSubjectName(VAR szCertFile: ARRAY OF CHAR; VAR szOutput: ARRAY OF CHAR; nOutputLen: INTEGER; VAR szDelim: ARRAY OF CHAR; flags: INTEGER): INTEGER;

(* TRIPLE DES FUNCTIONS *)
PROCEDURE TDEA_HexMode(VAR output: ARRAY OF CHAR; VAR input: ARRAY OF CHAR; VAR szHexKey: ARRAY OF CHAR; bEncrypt: INTEGER; VAR szMode: ARRAY OF CHAR; VAR sHexIV: ARRAY OF CHAR): INTEGER;
PROCEDURE TDEA_B64Mode(VAR output: ARRAY OF CHAR; VAR input: ARRAY OF CHAR; VAR szB64Key: ARRAY OF CHAR; bEncrypt: INTEGER; VAR szMode: ARRAY OF CHAR; VAR sB64IV: ARRAY OF CHAR): INTEGER;
PROCEDURE TDEA_BytesMode(VAR output: ARRAY OF BYTE; VAR input: ARRAY OF BYTE; nbytes: INTEGER; VAR key: ARRAY OF BYTE; bEncrypt: INTEGER; VAR szMode: ARRAY OF CHAR; VAR iv: ARRAY OF BYTE): INTEGER;

(* MISC UTILITIES *)
PROCEDURE HASH_HexFromFile(VAR szHexDigest: ARRAY OF CHAR; digLen: INTEGER; VAR sFileName: ARRAY OF CHAR; flags: INTEGER): INTEGER;
PROCEDURE HASH_HexFromBytes(VAR szHexDigest: ARRAY OF CHAR; digLen: INTEGER; aMessage: ADDRESS; messageLen: INTEGER; flags: INTEGER): INTEGER;
PROCEDURE WIPE_File(VAR szFileName: ARRAY OF CHAR; flags: INTEGER): INTEGER;
PROCEDURE WIPE_Data(lpData: ADDRESS; datalen: INTEGER): INTEGER;
PROCEDURE RNG_Bytes(VAR output: ARRAY OF BYTE; out_len: INTEGER; VAR seed: ARRAY OF CHAR; seedlen: INTEGER): INTEGER;
PROCEDURE PWD_Prompt(VAR szPassword: ARRAY OF CHAR; nPwdLen: INTEGER; VAR szCaption: ARRAY OF CHAR): INTEGER;
PROCEDURE PWD_PromptEx(VAR szPassword: ARRAY OF CHAR; nPwdLen: INTEGER; VAR szCaption: ARRAY OF CHAR; VAR szPrompt: ARRAY OF CHAR; flags: INTEGER): INTEGER;

(* BASE64 AND HEX CONVERSION FUNCTIONS *)
PROCEDURE CNV_B64StrFromBytes(VAR output: ARRAY OF CHAR; out_len: INTEGER; VAR input: ARRAY OF BYTE; in_len: INTEGER): INTEGER;
PROCEDURE CNV_BytesFromB64Str(VAR output: ARRAY OF BYTE; out_len: INTEGER; VAR input: ARRAY OF CHAR): INTEGER;
PROCEDURE CNV_B64Filter(VAR output: ARRAY OF CHAR; VAR input: ARRAY OF CHAR; len: INTEGER): INTEGER;
PROCEDURE CNV_HexStrFromBytes(VAR output: ARRAY OF CHAR; out_len: INTEGER; VAR input: ARRAY OF BYTE; in_len: INTEGER): INTEGER;
PROCEDURE CNV_BytesFromHexStr(VAR output: ARRAY OF BYTE; out_len: INTEGER; VAR input: ARRAY OF CHAR): INTEGER;
PROCEDURE CNV_HexFilter(VAR output: ARRAY OF CHAR; VAR input: ARRAY OF CHAR; len: INTEGER): INTEGER;


END diCrPKI.