sync toc
+ CryptoSys PKI Manual
o Introduction to CryptoSys PKI
o Getting Started
o Changes in this version
o Changes in earlier versions
o Conventions in this document
o Copyright Notice
o Theory
+ Supported Algorithms
o Unsupported algorithms
o Key Storage Format
+ Installation
o Win64 (X64) Platform
o Detecting Win32 or X64 platform
o Visual Basic or Visual Basic: VB6 vs VB.NET
+ General Programming Issues
o Return Values
o 'Hello world' programs
o Converting strings to bytes and vice versa
o Converting VB6 to VB.NET
+ Using with Classic Visual Basic and VBA
o Pre-dimensioning for VB6
+ Using with C and C++
o Type Conversions
o Compiling with C
o Using With Borland C++
o Using With MinGW gcc
o Cautions for C/C++ Users
o Examples of C code
o Using with .NET: C# and VB.NET
o UTF-8 and Latin-1
o Security Issues
o Key Security
o Internal key strings
o Security options for encrypted private keys
o Technical Details
+ Self-Tests
+ Power-up Self-Tests
o Cryptographic algorithm test:
o RNG health test:
o Software integrity test:
+ Conditional Tests
o Pair-wise consistency test:
o Continuous random number generator test:
o Action if a self-test fails
o Critical Errors
o Optional Registry Settings
+ Random Number Generator
o RNG Mechanisms
o Techniques to add known security strength to the RNG process
o User-supplied entropy (seeds)
+ Specifying Distinguished Names
o UTF-8 encoding in distinguished names
o Entering values that include the semi-colon and equals sign
+ X.509 Extensions Parameter
o AOC policy for X.509 content
o ISO 8601 date-time formats
o Base64 alternative for X.509 certificates
o PEM string alternative for X.509 certificates, RSA keys, etc
o Base64 and PEM string alternatives for CMS objects
o Specifying the algorithm and mode for generic block cipher functions
o Valid key and block sizes for block cipher algorithms
+ AUTACK messages and ISO/IEC 9796-1 signatures
o ISO/IEC 9796-1 Formatting
o RSA2 Signing
+ CMS Content Types
o CMS SignedData objects
o Using in MIME-conformant email messages
o Raw RSA Techniques
+ VB6/C Function Summary
o Block Cipher Functions
o CMS functions
o Encoding conversion functions
o Certificate Revocation List (CRL) functions
o General functions
o Message Digest Hash Functions
o HMAC Functions
o OCSP Functions
o Padding functions
o PEM/binary file conversion functions
o PFX Functions
o Password prompt functions
o Random number generator functions
o RSA key functions
o Raw RSA functions
o Triple DES (TDEA/3DES) Functions
o Wipe functions
o X.509 certificate functions
+ List of Functions
o CIPHER_Bytes
o CIPHER_File
o CIPHER_Hex
o CIPHER_KeyWrap
o CIPHER_KeyUnwrap
o CMS_GetSigDataDigest
o CMS_MakeDetachedSig
o CMS_MakeEnvData
o CMS_MakeEnvDataFromString
o CMS_MakeSigData
o CMS_MakeSigDataFromSigValue
o CMS_MakeSigDataFromString
o CMS_QueryEnvData
o CMS_QuerySigData
o CMS_ReadEnvData
o CMS_ReadEnvDataToString
o CMS_ReadSigData
o CMS_ReadSigDataToString
o CMS_VerifySigData
o CNV_B64Filter
o CNV_B64StrFromBytes
o CNV_ByteEncoding
o CNV_BytesFromB64Str
o CNV_BytesFromHexStr
o CNV_CheckUTF8
o CNV_CheckUTF8Bytes
o CNV_HexFilter
o CNV_HexStrFromBytes
o CNV_Latin1FromUTF8
o CNV_Latin1FromUTF8Bytes
o CNV_UTF8FromLatin1
o CNV_UTF8BytesFromLatin1
o HASH_Bytes
o HASH_File
o HASH_HexFromBytes
o HASH_HexFromFile
o HASH_HexFromHex
o HMAC_Bytes
o HMAC_HexFromBytes
o HMAC_HexFromHex
o OCSP_MakeRequest
o OCSP_ReadResponse
o PAD_BytesBlock
o PAD_HexBlock
o PAD_UnpadBytes
o PAD_UnpadHex
o PEM_FileFromBinFile
o PEM_FileToBinFile
o PFX_MakeFile
o PFX_VerifySig
o PKI_CompileTime
o PKI_ErrorCode
o PKI_ErrorLookup
o PKI_LastError
o PKI_LicenceType
o PKI_ModuleName
o PKI_PowerUpTests
o PKI_Version
o PWD_Prompt
o PWD_PromptEx
o RNG_Bytes
o RNG_BytesWithPrompt
o RNG_Initialize
o RNG_MakeSeedFile
o RNG_Number
o RNG_String
o RNG_StringWithPrompt
o RNG_Test
o RNG_UpdateSeedFile
o RSA_CheckKey
o RSA_DecodeMsg
o RSA_EncodeMsg
o RSA_FromXMLString
o RSA_GetPrivateKeyFromPFX
o RSA_GetPublicKeyFromCert
o RSA_KeyBits
o RSA_KeyBytes
o RSA_KeyHashCode
o RSA_KeyMatch
o RSA_MakeKeys
o RSA_RawPrivate
o RSA_RawPublic
o RSA_ReadEncPrivateKey
o RSA_ReadPrivateKeyInfo
o RSA_ReadPublicKey
o RSA_SaveEncPrivateKey
o RSA_SavePrivateKeyInfo
o RSA_SavePublicKey
o RSA_ToXMLString
o TDEA_B64Mode
o TDEA_BytesMode
o TDEA_File
o TDEA_HexMode
o WIPE_Data
o WIPE_File
o X509_CertExpiresOn
o X509_CertIssuedOn
o X509_CertIssuerName
o X509_CertIsValidNow
o X509_CertRequest
o X509_CertSerialNumber
o X509_CertSubjectName
o X509_CertThumb
o X509_CheckCertInCRL
o X509_GetCertFromP7Chain
o X509_GetCertFromPFX
o X509_HashIssuerAndSN
o X509_KeyUsageFlags
o X509_MakeCert
o X509_MakeCertSelf
o X509_MakeCRL
o X509_QueryCert
o X509_ReadStringFromFile
o X509_SaveFileFromString
o X509_TextDump
o X509_ValidatePath
o X509_VerifyCert
+ .NET Classes and Methods
o Cross-reference between Functions and .NET Methods
o .NET Help File
+ Summary of .NET Classes
o Cipher Class
o Cms Class
o Cnv Class
o General Class
o Hash Class
o Hmac Class
o Ocsp Class
o Pem Class
o Pfx Class
o Pwd Class
o Rng Class
o Rsa Class
o Tdea Class
o Wipe Class
o X509 Class
+ List of .Net Methods
o Cipher.Decrypt Method (Byte, Byte, Byte, CipherAlgorithm, Mode)
o Cipher.Decrypt Method (String, String, String, CipherAlgorithm, Mode)
o Cipher.Encrypt Method (Byte, Byte, Byte, CipherAlgorithm, Mode)
o Cipher.Encrypt Method (String, String, String, CipherAlgorithm, Mode)
o Cipher.FileDecrypt Method (String, String, Byte, Byte, CipherAlgorithm, Mode)
o Cipher.FileDecrypt Method (String, String, String, String, CipherAlgorithm, Mode)
o Cipher.FileEncrypt Method (String, String, Byte, Byte, CipherAlgorithm, Mode)
o Cipher.FileEncrypt Method (String, String, String, String, CipherAlgorithm, Mode)
o Cipher.KeyUnwrap Method
o Cipher.KeyWrap Method
o Cipher.Pad Method (Byte, CipherAlgorithm)
o Cipher.Pad Method (String, CipherAlgorithm)
o Cipher.Unpad Method (Byte, CipherAlgorithm)
o Cipher.Unpad Method (String, CipherAlgorithm)
o Cms.GetSigDataDigest Method
o Cms.GetSigHashAlgorithm Method
o Cms.MakeDetachedSig Method
o Cms.MakeEnvData Method (String, String, String, CipherAlgorithm, Cms.KeyEncrAlgorithm, HashAlgorithm, Cms.EnvDataOptions)
o Cms.MakeEnvDataFromString Method (String, String, String, CipherAlgorithm, Cms.KeyEncrAlgorithm, HashAlgorithm, Cms.EnvDataOptions)
o Cms.MakeEnvDataFromString Method (String, String, String, Cms.Options)
o Cms.MakeEnvData Method (String, String, String, Cms.Options)
o Cms.MakeSigData Method
o Cms.MakeSigDataFromSigValue Method
o Cms.MakeSigDataFromString Method
o Cms.QueryEnvData Method
o Cms.QuerySigData Method
o Cms.ReadEnvDataToFile Method
o Cms.ReadEnvDataToString Method
o Cms.ReadSigDataToFile Method
o Cms.ReadSigDataToString Method
o Cms.VerifySigData Method
o Cnv.Base64Filter Method
o Cnv.Base64FromHex Method
o Cnv.ByteEncoding Method
o Cnv.CheckUTF8 Method (Byte)
o Cnv.CheckUTF8 Method (String)
o Cnv.FromBase64 Method
o Cnv.FromHex Method
o Cnv.HexFilter Method
o Cnv.HexFromBase64 Method
o Cnv.StringFromBase64 Method
o Cnv.StringFromHex Method
o Cnv.ToBase64 Method (Byte)
o Cnv.ToBase64 Method (String)
o Cnv.ToHex Method
o General.CompileTime Method
o General.ErrorCode Method
o General.ErrorLookup Method
o General.IsWin64 Method
o General.LastError Method
o General.LicenceType Method
o General.ModuleName Method
o General.Platform Method
o General.PowerUpTests Method
o General.Version Method
o Hash.BytesFromBytes Method
o Hash.BytesFromFile Method
o Hash.HexFromBytes Method
o Hash.HexFromFile Method
o Hash.HexFromHex Method
o Hash.HexFromString Method
o Hash.HexFromTextFile Method
o Hmac.BytesFromBytes Method
o Hmac.HexFromBytes Method
o Hmac.HexFromHex Method
o Ocsp.MakeRequest Method
o Ocsp.ReadResponse Method
o Pem.FileFromBinFile Method
o Pem.FileToBinFile Method
o Pfx.MakeFile Method
o Pfx.SignatureIsValid Method
o Pwd.Prompt Method (Int32, String)
o Pwd.Prompt Method (Int32, String, String)
o Rng.Bytes Method (Int32)
o Rng.BytesWithPrompt Method (Int32)
o Rng.BytesWithPrompt Method (Int32, String, Rng.Strength)
o Rng.Bytes Method (Int32, Byte)
o Rng.Bytes Method (Int32, String)
o Rng.Initialize Method
o Rng.MakeSeedFile Method
o Rng.Number Method
o Rng.Octet Method
o Rng.Test Method
o Rng.UpdateSeedFile Method
o Rsa.CheckKey Method (String)
o Rsa.CheckKey Method (StringBuilder)
o Rsa.DecodeDigestForSignature Method (Byte)
o Rsa.DecodeDigestForSignature Method (Byte, Boolean)
o Rsa.DecodeMsg Method
o Rsa.DecodeMsgForEncryption Method
o Rsa.DecodeMsgIso9796 Method
o Rsa.EncodeDigestForSignature Method
o Rsa.EncodeMsg Method
o Rsa.EncodeMsgForEncryption Method
o Rsa.EncodeMsgForSignature Method
o Rsa.EncodeMsgIso9796 Method
o Rsa.FromXMLString Method
o Rsa.GetPrivateKeyFromPFX Method
o Rsa.GetPublicKeyFromCert Method
o Rsa.KeyBits Method (String)
o Rsa.KeyBits Method (StringBuilder)
o Rsa.KeyBytes Method (String)
o Rsa.KeyBytes Method (StringBuilder)
o Rsa.KeyHashCode Method (String)
o Rsa.KeyHashCode Method (StringBuilder)
o Rsa.KeyMatch Method (String, String)
o Rsa.KeyMatch Method (StringBuilder, StringBuilder)
o Rsa.MakeKeys Method (String, String, Int32, Rsa.PublicExponent, Int32, String, CipherAlgorithm, HashAlgorithm, Rsa.Format, Boolean)
o Rsa.MakeKeys Method (String, String, Int32, Rsa.PublicExponent, Int32, String, Rsa.PbeOptions, Boolean)
o Rsa.MakeKeys Method (String, String, Int32, Rsa.PublicExponent, Int32, String, Rsa.PbeOptions, Boolean, Byte)
o Rsa.RawPrivate Method (Byte, String)
o Rsa.RawPrivate Method (Byte, String, Int32)
o Rsa.RawPublic Method (Byte, String)
o Rsa.RawPublic Method (Byte, String, Int32)
o Rsa.ReadEncPrivateKey Method
o Rsa.ReadPrivateKeyInfo Method
o Rsa.ReadPublicKey Method
o Rsa.SaveEncPrivateKey Method (String, String, Int32, String, CipherAlgorithm, HashAlgorithm, Rsa.Format)
o Rsa.SaveEncPrivateKey Method (String, String, Int32, String, Rsa.PbeOptions, Rsa.Format)
o Rsa.SavePrivateKeyInfo Method
o Rsa.SavePublicKey Method
o Rsa.ToXMLString Method
o Tdea.Decrypt Method (Byte, Byte, Mode, Byte)
o Tdea.Decrypt Method (String, String, Mode, String)
o Tdea.Decrypt Method (String, String, Mode, String, EncodingBase)
o Tdea.Encrypt Method (Byte, Byte, Mode, Byte)
o Tdea.Encrypt Method (String, String, Mode, String)
o Tdea.Encrypt Method (String, String, Mode, String, EncodingBase)
o Tdea.FileDecrypt Method (String, String, Byte, Mode, Byte)
o Tdea.FileDecrypt Method (String, String, String, Mode, String)
o Tdea.FileEncrypt Method (String, String, Byte, Mode, Byte)
o Tdea.FileEncrypt Method (String, String, String, Mode, String)
o Wipe.Data Method
o Wipe.File Method
o Wipe.String Method
o X509.CertExpiresOn Method
o X509.CertIsValidNow Method
o X509.CertIssuedOn Method
o X509.CertIssuerName Method
o X509.CertRequest Method
o X509.CertSerialNumber Method
o X509.CertSubjectName Method
o X509.CertThumb Method
o X509.CheckCertInCRL Method
o X509.GetCertFromP7Chain Method
o X509.GetCertFromPFX Method
o X509.HashIssuerAndSN Method
o X509.KeyUsageFlags Method
o X509.MakeCRL Method
o X509.MakeCert Method
o X509.MakeCertSelf Method
o X509.QueryCert Method (String, String)
o X509.QueryCert Method (String, String, X509.Options)
o X509.ReadStringFromFile Method
o X509.SaveFileFromString Method
o X509.TextDump Method
o X509.ValidatePath Method (String)
o X509.ValidatePath Method (String, String, Boolean)
o X509.VerifyCert Method
+ Example code in VB.NET (VB2005/8/x)
o Example: Cipher.Decrypt 
o Example: Cipher.FileDecrypt 
o Example: Cipher.Decrypt 
o Example: Cipher.KeyWrap 
o Example: Cipher.KeyUnwrap 
o Example: Cms.GetSigDataDigest 
o Example: Cms.GetSigDataDigest 
o Example: Cms.MakeDetachedSig 
o Example: Cms.MakeEnvData 
o Example: Cms.MakeEnvData 
o Example: Cms.KeyEncrAlgorithm 
o Example: Cms.MakeEnvDataFromString 
o Example: Cms.MakeSigData 
o Example: Cms.MakeSigData 
o Example: Cms.MakeSigDataFromSigValue 
o Example: Cms.ReadEnvDataToFile 
o Example: Cms.QueryEnvData 
o Example: Cms.ReadSigDataToFile 
o Example: Cms.ReadSigDataToString 
o Example: Cms.VerifySigData 
o Example: Cnv.ByteEncoding 
o Example: Cnv.CheckUTF8 
o Example: Hash.BytesFromBytes 
o Example: Hash.BytesFromFile 
o Example: Hash.HexFromBytes 
o Example: Hash.HexFromString 
o Example: Hash.HexFromFile 
o Example: Hash.HexFromHex 
o Example: Hmac.BytesFromBytes 
o Example: Hmac.HexFromBytes 
o Example: Hmac.HexFromHex 
o Example: Ocsp.MakeRequest 
o Example: Ocsp.ReadResponse 
o Example: Pem.FileFromBinFile 
o Example: Pem.FileToBinFile 
o Example: Pfx.MakeFile 
o Example: Pfx.MakeFile 
o Example: General.CompileTime 
o Example: General.ErrorLookup 
o Example: General.LicenceType 
o Example: General.ModuleName 
o Example: General.PowerUpTests 
o Example: General.Version 
o Example: Pwd.Prompt 
o Example: Rng.Bytes 
o Example: Rng.BytesWithPrompt 
o Example: Rng.Bytes 
o Example: Rng.Number 
o Example: Rng.Test 
o Example: Rsa.DecodeDigestForSignature 
o Example: Rsa.DecodeMsgForEncryption 
o Example: Rsa.CheckKey 
o Example: Rsa.CheckKey 
o Example: Rsa.GetPublicKeyFromCert 
o Example: Rsa.GetPublicKeyFromCert 
o Example: Rsa.MakeKeys 
o Example: Rsa.KeyBits 
o Example: Rsa.GetPublicKeyFromCert 
o Example: Rsa.KeyHashCode 
o Example: Rsa.KeyBits 
o Example: Rsa.Format 
o Example: Rsa.KeyBits 
o Example: Tdea.Decrypt 
o Example: Tdea.Decrypt 
o Example: Tdea.FileDecrypt 
o Example: Tdea.Decrypt 
o Example: Wipe.File 
o Example: X509.CertExpiresOn 
o Example: X509.CertIsValidNow 
o Example: X509.CertRequest 
o Example: X509.CertRequest 
o Example: X509.CertSerialNumber 
o Example: X509.CertIssuerName 
o Example: X509.CertThumb 
o Example: X509.CheckCertInCRL 
o Example: X509.GetCertFromP7Chain 
o Example: X509.HashIssuerAndSN 
o Example: X509.KeyUsageFlags 
o Example: X509.MakeCert 
o Example: X509.KeyUsageOptions 
o Example: X509.KeyUsageOptions 
o Example: X509.MakeCRL 
o Example: X509.TextDump 
o Example: X509.ValidatePath 
o Example: X509.VerifyCert 
o Error Handling and Error Codes
o Acknowledgements
o Primary References
o Bibliography
o Index
o Revision History