{ Delphi function declarations for CryptoSys PKI $Id: diCrPKI.pas $ Copyright (C) 2010 DI Management Services Pty Limited. All rights reserved. Provided as is with no warranties. Use at your own risk. Last updated: $Date: 2010-03-17 07:26 $ $Revision: 3.4.0 $ } // GENERAL FUNCTIONS function PKI_Version(reserved1 : PByte; reserved2 : PByte) : Integer; stdcall; external 'diCrPKI.dll'; function PKI_LicenceType(reserved : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function PKI_LastError(szErrMsg : PAnsiChar; nMsgLen : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function PKI_ErrorCode : Integer; stdcall; external 'diCrPKI.dll'; function PKI_ErrorLookup(szErrMsg : PAnsiChar; nMsgLen : Integer; nErrCode : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function PKI_CompileTime(szOutput : PAnsiChar; nOutputLen : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function PKI_ModuleName(szOutput : PAnsiChar; nOutputLen : Integer; reserved : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function PKI_PowerUpTests(nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; // RFC3369 CRYPTOGRAPHIC MESSAGE SYNTAX FUNCTIONS function CMS_MakeEnvData(szFileOut : AnsiString; szFileIn : AnsiString; szCertList : AnsiString; sSeed : AnsiString; nSeedLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_MakeEnvDataFromString(szFileOut : AnsiString; szDataIn : AnsiString; szCertList : AnsiString; sSeed : AnsiString; nSeedLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_ReadEnvData(szFileOut : AnsiString; szFileIn : AnsiString; szX509File : AnsiString; szRSAPrivateKey : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_ReadEnvDataToString(szDataOut : PAnsiChar; nDataOutLen : Integer; szFileIn : AnsiString; szX509File : AnsiString; szRSAPrivateKey : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_MakeSigData(szFileOut : AnsiString; szFileIn : AnsiString; szCertList : AnsiString; szRSAPrivateKey : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_MakeSigDataFromString(szFileOut : AnsiString; szDataIn : AnsiString; szCertList : AnsiString; szRSAPrivateKey : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_MakeSigDataFromSigValue(szFileOut : AnsiString; pSigValue : PByte; nSigLen : Integer; pData : PByte; nDataLen : Integer; szCertList : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_MakeDetachedSig(szFileOut : AnsiString; szHexDigest : AnsiString; szCertList : AnsiString; szRSAPrivateKey : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_ReadSigData(szFileOut : AnsiString; szFileIn : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_ReadSigDataToString(szDataOut : PAnsiChar; nDataOutLen : Integer; szFileIn : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_GetSigDataDigest(szHexDigestOut : PAnsiChar; nDigestLen : Integer; szFileIn : AnsiString; szX509File : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_VerifySigData(szFileIn : AnsiString; szX509File : AnsiString; szHexDigest : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_QuerySigData(szDataOut : PAnsiChar; nDataOutLen : Integer; szFileIn : AnsiString; szQuery : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CMS_QueryEnvData(szDataOut : PAnsiChar; nDataOutLen : Integer; szFileIn : AnsiString; szQuery : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; // RSA KEY FUNCTIONS function RSA_MakeKeys(szPubKeyFile : AnsiString; szPVKFile : AnsiString; nBits : Integer; nExpFermat : Integer; nTests : Integer; nCount : Integer; szPassword : AnsiString; lpSeed : PByte; nSeedLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_ReadEncPrivateKey(szOutput : PAnsiChar; nOutputLen : Integer; szPVKFile : AnsiString; szPassword : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_ReadPrivateKeyInfo(szOutput : PAnsiChar; nOutputLen : Integer; szKeyFile : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_GetPrivateKeyFromPFX(szOutputFile : AnsiString; szPFXFile : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_ReadPublicKey(szOutput : PAnsiChar; nOutputLen : Integer; szKeyFile : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_GetPublicKeyFromCert(szOutput : PAnsiChar; nOutputLen : Integer; szCertFile : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_SavePublicKey(szFileOut : AnsiString; szKeyString : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_SavePrivateKeyInfo(szFileOut : AnsiString; szKeyString : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_SaveEncPrivateKey(szFileOut : AnsiString; szKeyString : AnsiString; nCount : Integer; szPassword : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_KeyBits(szKeyString : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_KeyBytes(szKeyString : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_ToXMLString(szOutput : PAnsiChar; nOutputLen : Integer; szKeyString : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_FromXMLString(szOutput : PAnsiChar; nOutputLen : Integer; szXmlString : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_CheckKey(szKeyString : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_KeyHashCode(szKeyString : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_KeyMatch(szPrivateKey : AnsiString; szPublicKey : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; // 'RAW' RSA ENCRYPTION/DECRYPTION FUNCTIONS function RSA_RawPublic(lpData : PByte; nDataLen : Integer; szPublicKey64 : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_RawPrivate(lpData : PByte; nDataLen : Integer; szPrivateKey64 : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_EncodeMsg(lpOutput : PByte; nOutputLen : Integer; abMessage : PByte; nMsgLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RSA_DecodeMsg(lpOutput : PByte; nOutputLen : Integer; abInput : PByte; nInputLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; // PKCS12 FILE FUNCTIONS function PFX_MakeFile(szFileOut : AnsiString; szCertFile : AnsiString; szKeyFile : AnsiString; szPassword : AnsiString; szFriendlyName : AnsiString; options : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function PFX_VerifySig(szFileName : AnsiString; szPassword : AnsiString; options : Integer) : Integer; stdcall; external 'diCrPKI.dll'; // X509 CERTIFICATE FUNCTIONS function X509_MakeCert(certfile : AnsiString; issuerCert : AnsiString; subjectPubkeyFile : AnsiString; issuerPvkInfoFile : AnsiString; certnum : Integer; yearsvalid : Integer; distName : AnsiString; extensions : AnsiString; keyUsageFlags : Integer; password : AnsiString; optionFlags : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_MakeCertSelf(certfile : AnsiString; epkfile : AnsiString; certnum : Integer; yearsvalid : Integer; distName : AnsiString; extensions : AnsiString; keyUsageFlags : Integer; password : AnsiString; optionFlags : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_CertRequest(reqfile : AnsiString; epkfile : AnsiString; distName : AnsiString; reserved : AnsiString; password : AnsiString; optionFlags : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_VerifyCert(szCertToVerify : AnsiString; szIssuerCert : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_CertThumb(szCertFile : AnsiString; szHash : PAnsiChar; nHashLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_CertIsValidNow(szCertFile : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_CertIssuedOn(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_CertExpiresOn(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_CertSerialNumber(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_HashIssuerAndSN(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_CertIssuerName(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : Integer; szDelim : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_CertSubjectName(szCertFile : AnsiString; szOutput : PAnsiChar; nOutChars : Integer; szDelim : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_GetCertFromP7Chain(szNewCertFile : AnsiString; szP7cFile : AnsiString; nIndex : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_GetCertFromPFX(szNewCertFile : AnsiString; szPfxFile : AnsiString; szReserved : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_KeyUsageFlags(szCertFile : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; function X509_QueryCert(szOutput : PAnsiChar; nOutChars : Integer; szCertFile : AnsiString; szQuery : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_ReadStringFromFile(szOutput : PAnsiChar; nOutChars : Integer; szCertFile : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function X509_SaveFileFromString(szNewCertFile : AnsiString; szCertString : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; // TRIPLE DES FUNCTIONS function TDEA_HexMode(szOutput : PAnsiChar; szInput : AnsiString; szKey : AnsiString; fEncrypt : Integer; szMode : AnsiString; szIV : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; function TDEA_B64Mode(szOutput : PAnsiChar; szInput : AnsiString; szKey : AnsiString; fEncrypt : Integer; szMode : AnsiString; szIV : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; function TDEA_BytesMode(lpOutput : PByte; lpInput : PByte; nBytes : Integer; lpKey : PByte; fEncrypt : Integer; szMode : AnsiString; lpIV : PByte) : Integer; stdcall; external 'diCrPKI.dll'; function TDEA_File(szFileOut : AnsiString; szFileIn : AnsiString; lpKey : PByte; fEncrypt : Integer; szMode : AnsiString; lpIV : PByte) : Integer; stdcall; external 'diCrPKI.dll'; // GENERIC BLOCK CIPHER FUNCTIONS function CIPHER_Bytes(fEncrypt : Integer; lpOutput : PByte; lpData : PByte; nDataLen : Integer; lpKey : PByte; lpIV : PByte; szAlgAndMode : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CIPHER_File(fEncrypt : Integer; szFileOut : AnsiString; szFileIn : AnsiString; lpKey : PByte; lpIV : PByte; szAlgAndMode : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CIPHER_Hex(fEncrypt : Integer; szOutput : PAnsiChar; nOutChars : Integer; szData : AnsiString; szKey : AnsiString; szIV : AnsiString; szAlgAndMode : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CIPHER_KeyWrap(lpOutput : PByte; nOutBytes : Integer; lpData : PByte; nDataLen : Integer; lpKEK : PByte; nKekLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CIPHER_KeyUnwrap(lpOutput : PByte; nOutBytes : Integer; lpData : PByte; nDataLen : Integer; lpKEK : PByte; nKekLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; // MESSAGE DIGEST HASH FUNCTIONS function HASH_Bytes(lpDigest : PByte; nDigLen : Integer; lpMessage : PByte; nMsgLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function HASH_File(lpDigest : PByte; nDigLen : Integer; szFileName : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function HASH_HexFromBytes(szOutput : PAnsiChar; nOutChars : Integer; lpMessage : PByte; nMsgLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function HASH_HexFromFile(szOutput : PAnsiChar; nOutChars : Integer; szFileName : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function HASH_HexFromHex(szOutput : PAnsiChar; nOutChars : Integer; szMsgHex : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; // HMAC FUNCTIONS function HMAC_Bytes(lpDigest : PByte; nDigLen : Integer; lpMessage : PByte; nMsgLen : Integer; lpKey : PByte; nKeyLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function HMAC_HexFromBytes(szOutput : PAnsiChar; nOutChars : Integer; lpMessage : PByte; nMsgLen : Integer; lpKey : PByte; nKeyLen : Integer; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function HMAC_HexFromHex(szOutput : PAnsiChar; nOutChars : Integer; szMsgHex : AnsiString; szKeyHex : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; // BASE64 AND HEX CONVERSION FUNCTIONS function CNV_B64StrFromBytes(szOutput : PAnsiChar; nOutChars : Integer; input : PByte; nbytes : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CNV_BytesFromB64Str(output : PByte; out_len : Integer; input : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; function CNV_B64Filter(szOutput : PAnsiChar; input : AnsiString; len : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CNV_HexStrFromBytes(szOutput : PAnsiChar; nOutChars : Integer; input : PByte; nbytes : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function CNV_BytesFromHexStr(output : PByte; out_len : Integer; input : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; function CNV_HexFilter(szOutput : PAnsiChar; input : AnsiString; len : Integer) : Integer; stdcall; external 'diCrPKI.dll'; // UTF-8 CONVERSION/CHECK FUNCTIONS function CNV_UTF8FromLatin1(szOutput : PAnsiChar; nOutChars : Integer; szInput : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; function CNV_Latin1FromUTF8(szOutput : PAnsiChar; nOutChars : Integer; szInput : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; function CNV_CheckUTF8(szInput : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; // PEM/BINARY FILE CONVERSIONS function PEM_FileFromBinFile(szOutputFile : AnsiString; szFileIn : AnsiString; szHeader : AnsiString; nLineLen : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function PEM_FileToBinFile(szOutputFile : AnsiString; szFileIn : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; // RNG FUNCTIONS function RNG_Bytes(lpOutput : PByte; nOutputLen : Integer; lpSeed : PByte; nSeedLen : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RNG_Number(nLower : Integer; nUpper : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RNG_BytesWithPrompt(lpOutput : PByte; nOutputLen : Integer; szPrompt : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RNG_Initialize(szSeedFile : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RNG_MakeSeedFile(szSeedFile : AnsiString; szPrompt : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RNG_UpdateSeedFile(szSeedFile : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function RNG_Test(szFileName : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; // MISC UTILITIES function WIPE_File(szFileName : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function WIPE_Data(lpData : PByte; nDataLen : Integer) : Integer; stdcall; external 'diCrPKI.dll'; function PWD_Prompt(szPassword : PAnsiChar; nPwdLen : Integer; szCaption : AnsiString) : Integer; stdcall; external 'diCrPKI.dll'; function PWD_PromptEx(szPassword : PAnsiChar; nPwdLen : Integer; szCaption : AnsiString; szPrompt : AnsiString; nOptions : Integer) : Integer; stdcall; external 'diCrPKI.dll'; const // GENERAL CONSTANTS PKI_DIR_ENCRYPT = 1; PKI_DIR_DECRYPT = 0; // Synonyms for direction ENCRYPT = 1; DECRYPT = 0; // Maximum number of bytes in hash digest byte array PKI_MAX_HASH_BYTES =64; PKI_SHA1_BYTES = 20; PKI_SHA224_BYTES = 28; PKI_SHA256_BYTES = 32; PKI_SHA384_BYTES = 48; PKI_SHA512_BYTES = 64; PKI_MD5_BYTES = 16; PKI_MD2_BYTES = 16; // Maximum number of hex characters in hash digest (excl null) PKI_MAX_HASH_CHARS =(2*PKI_MAX_HASH_BYTES); PKI_SHA1_CHARS = (2*PKI_SHA1_BYTES); PKI_SHA224_CHARS = (2*PKI_SHA224_BYTES); PKI_SHA256_CHARS = (2*PKI_SHA256_BYTES); PKI_SHA384_CHARS = (2*PKI_SHA384_BYTES); PKI_SHA512_CHARS = (2*PKI_SHA512_BYTES); PKI_MD5_CHARS = (2*PKI_MD5_BYTES); PKI_MD2_CHARS = (2*PKI_MD2_BYTES); // Synonym retained for backwards compatibility PKI_MAX_HASH_LEN = PKI_MAX_HASH_CHARS; // Encryption block sizes in bytes PKI_BLK_TDEA_BYTES =8; PKI_BLK_AES_BYTES = 16; // Key size in bytes PKI_KEYSIZE_TDEA_BYTES =24; PKI_KEYSIZE_MAX_BYTES = 32; // Required size for RNG seed file PKI_RNG_SEED_BYTES =64; // OPTION FLAGS PKI_DEFAULT = 0; // Signature algorithms PKI_SIG_SHA1RSA = 0; PKI_SIG_MD5RSA = 1; PKI_SIG_MD2RSA = 2; PKI_SIG_SHA256RSA =3; PKI_SIG_SHA384RSA =4; PKI_SIG_SHA512RSA =5; PKI_SIG_SHA224RSA =6; // PKCS#5 Password-based encryption algorithms PKI_PBE_SHA_3DES = 0; PKI_PBE_MD5_DES = 1; PKI_PBE_MD2_DES = 2; PKI_PBE_SHA_DES = 3; // --4 Deprecated option PKI_PBES2_3DES PKI_PBE_PBES2 = $1000; // Message digest hash algorithms PKI_HASH_SHA1 = 0; PKI_HASH_MD5 = 1; PKI_HASH_MD2 = 2; PKI_HASH_SHA256 = 3; PKI_HASH_SHA384 = 4; PKI_HASH_SHA512 = 5; PKI_HASH_SHA224 = 6; PKI_HASH_MODE_TEXT = $10000; // nFermatExp values for RSA exponent PKI_RSAEXP_EQ_3 = 0; PKI_RSAEXP_EQ_5 = 1; PKI_RSAEXP_EQ_17 = 2; PKI_RSAEXP_EQ_257 = 3; PKI_RSAEXP_EQ_65537 =4; // Return values for RSA_CheckKey PKI_VALID_PUBLICKEY = 1; PKI_VALID_PRIVATEKEY =0; // RSA key generation PKI_KEYGEN_INDICATE = $1000000; PKI_KEY_FORMAT_PEM = $10000; PKI_KEY_FORMAT_SSL = $20000; PKI_PFX_NO_PRIVKEY = $10; PKI_CMS_FORMAT_BASE64 = $10000; PKI_CMS_EXCLUDE_CERTS = $0100; PKI_CMS_EXCLUDE_DATA = $0200; PKI_CMS_INCLUDE_ATTRS = $0800; PKI_CMS_ADD_SIGNTIME = $1000; PKI_CMS_ADD_SMIMECAP = $2000; PKI_CMS_CERTS_ONLY = $0400; PKI_CMS_NO_OUTER = $2000000; PKI_CMS_ALT_ALGID = $4000000; PKI_XML_RSAKEYVALUE = $0001; PKI_XML_EXCLPRIVATE = $0010; PKI_XML_HEXBINARY = $0100; PKI_EME_DEFAULT = $00; PKI_EME_PKCSV1_5 = $00; PKI_EME_OAEP = $10; PKI_EMSIG_DEFAULT = $20; PKI_EMSIG_PKCSV1_5 = $20; PKI_EMSIG_DIGESTONLY = $1000; PKI_EMSIG_DIGINFO = $2000; PKI_EMSIG_ISO9796 = $100000; // Option flags PKI_X509_FORMAT_PEM = $10000; PKI_X509_FORMAT_BIN = $20000; PKI_X509_REQ_KLUDGE = $100000; PKI_X509_LATIN1 = $400000; PKI_X509_UTF8 = $800000; PKI_X509_AUTHKEYID = $1000000; PKI_X509_NO_BASIC = $2000000; PKI_X509_CA_TRUE = $4000000; PKI_X509_VERSION1 = $8000000; // Flags for Key Usage PKI_X509_KEYUSAGE_DIGITALSIGNATURE = $0001; PKI_X509_KEYUSAGE_NONREPUDIATION = $0002; PKI_X509_KEYUSAGE_KEYENCIPHERMENT = $0004; PKI_X509_KEYUSAGE_DATAENCIPHERMENT = $0008; PKI_X509_KEYUSAGE_KEYAGREEMENT = $0010; PKI_X509_KEYUSAGE_KEYCERTSIGN = $0020; PKI_X509_KEYUSAGE_CRLSIGN = $0040; PKI_X509_KEYUSAGE_ENCIPHERONLY = $0080; PKI_X509_KEYUSAGE_DECIPHERONLY = $0100; // Specific return values PKI_X509_EXPIRED = -1; PKI_X509_VALID_NOW = 0; PKI_X509_VERIFY_SUCCESS = 0; PKI_X509_VERIFY_FAILURE =-1; // Return values for CNV_CheckUTF PKI_CHRS_NOT_UTF8 = 0; PKI_CHRS_ALL_ASCII = 1; PKI_CHRS_ANSI8 = 2; PKI_CHRS_MULTIBYTE = 3; // Flags and return values for X.509 and CMS query functions PKI_QUERY_GETTYPE = $100000; PKI_QUERY_NUMBER = 1; PKI_QUERY_STRING = 2; // Options for RNG functions PKI_RNG_STRENGTH_112 = $00; PKI_RNG_STRENGTH_128 = $01; // Block cipher (BC) algorithm options PKI_BC_TDEA = $10; // ( PKI_BC_3DES = $10; // ( equiv. synonyms for Triple DES PKI_BC_DESEDE3 =$10; // ( PKI_BC_AES128 = $20; PKI_BC_AES192 = $30; PKI_BC_AES256 = $40; // Block cipher mode options PKI_MODE_ECB = $000; PKI_MODE_CBC = $100; PKI_MODE_OFB = $200; PKI_MODE_CFB = $300; PKI_MODE_CTR = $400; // Key transport algorithms PKI_KT_RSAES_PKCS = $0000; // --$1000L Reserved for PKI_KT_RSAES_OEAP // --$2000L Reserved for PKI_KT_RSA_KEM // Key derivation functions PKI_KDF_KDF2 = $000; // --$300L Reserved for PKI_KDF_KDF3 // General PKI_GEN_PLATFORM =$40;