CryptoSys PKI Pro Manual

Function List    X-refs    Method List    Error Codes    References    Index

Contents

• Introduction to CryptoSys PKI Pro
• Getting Started
• New in this version
• Changes in earlier versions
• Conventions in this document
• Copyright Notice
• Theory
• Supported Algorithms
  • CMS Content Types
  • Unsupported algorithms
  • Key Storage Format (RSA)
  • Key Storage Format (ECC)
• A caution about insecure default algorithms
• Installation
  • Win64 (X64) Platform
  • Detecting Win32 or X64 platform
• Visual Basic or Visual Basic: VB6 vs VB.NET
• General Programming Issues
  • Return Values
  • 'Hello world' programs
  • Converting strings to bytes and vice versa
  • Converting VB6 to VB.NET
• Using with Classic Visual Basic VB6 and VBA
  • Core VBA/VB6 functions vs better wrapper functions
  • Pre-dimensioning for VB6
  • Find length of byte array
  • Zero-length byte arrays in VB6/VBA
  • Passing a reference to an empty byte array in VB6/VBA
  • Other Issues For VB6/VBA Users
  • Notes on VBA wrapper functions
• Using with ANSI C
  • Type Conversions
  • Compiling with C
  • Using With Borland C++
  • Using With MinGW gcc
  • Cautions for C/C++ Users
  • C/C++ users must add one to this value...
  • Examples of C code
• Using with C++ (STL)
• Using with .NET: C# and VB.NET
  • Combining bitwise options
• Using with Python
• UTF-8 and Latin-1
• Filenames with 'International' characters
• Security Issues
• Key Security
• Internal key strings
• Security options for encrypted private keys
• Elliptic Curve Cryptography (ECC)
  • Hex format for NIST/SEC EC keys
  • Can you read a key in compressed representation?
• Safe curves for elliptic cryptography
• Technical Details
• Self-Tests
  • Power-up Self-Tests
    • Cryptographic algorithm test:
    • RNG health test:
    • Software integrity test:
  • Conditional Tests
    • Pair-wise consistency test:
    • Continuous random number generator test:
  • Action if a self-test fails
• Critical Errors
• Optional Registry Settings
• Random Number Generator
  • RNG Mechanisms
  • Intel(R) DRNG support
  • Techniques to add known security strength to the RNG process
  • User-supplied entropy (seeds)
• Specifying Distinguished Names
  • Default encoding
  • UTF-8 encoding in distinguished names
  • Specifying an arbitrary RDN in a distinguished name
• LDAP String Representation of Distinguished Names
• X.509 Extensions Parameter
  • Add an arbitrary X.509 Extension
• AOC policy for X.509 content
• ISO 8601 date-time formats
• ASN.1 objects: binary DER- and BER-encoded files vs PEM-encoded text files
• Base64 alternative for X.509 certificates
• PEM string alternative for X.509 certificates, RSA and EC keys, etc
• Base64 and PEM string alternatives for CMS objects
• Specifying the algorithm, mode and padding for generic block cipher functions
• Padding schemes for block ciphers
• Valid key and block sizes for block cipher algorithms
• Specifying the signature algorithm in a SIG_ function
• AUTACK messages and ISO/IEC 9796-1 signatures
  • ISO/IEC 9796-1 Formatting
  • RSA2 Signing
• CMS Content Types
  • CMS SignedData objects
    • Additional security attributes New in v12.4
  • CMS EnvelopedData objects
  • CMS AuthEnvelopedData objects
• Using in MIME-conformant email messages
• Using output in XML documents
• Base64url encoding and JSON Web Signatures (JWS)
• Raw RSA Techniques
• RSA signature and encryption schemes: RSA-PSS and RSA-OAEP
  • Parameters for RSA-PSS and RSA-OAEP available in this Toolkit
• Elliptic curve Diffie-Hellman (ECDH)
• Authenticated Encryption with Associated Data (AEAD)
• Hybrid Public Key Encryption (HPKE)
• HASH vs XOF vs MAC vs PRF vs KDF
• VB6/C Function Summary
  • ASN.1 analysis functions
  • Block Cipher Functions
  • CMS functions
  • Conversion functions
  • Compression functions
  • Certificate Revocation List (CRL) functions
  • Elliptic curve cryptography functions
  • General functions
  • Message Digest Hash Functions
  • HMAC Functions
  • Hybrid Public Key Encryption (HPKE) functions
  • Key Derivation Functions
  • OCSP Functions
  • Padding functions
  • Password-based encryption functions
  • PEM/binary file conversion functions
  • PFX Functions
  • Pseudorandom functions (PRF)
  • Password prompt functions
  • Random number generator functions
  • RSA key functions
  • Raw RSA functions
  • SIG functions
  • S/MIME functions
  • Triple DES (TDEA/3DES) Functions
  • Wipe functions
  • X.509 certificate functions
  • eXtendable-output functions (XOF)
• List of Functions
• VBA Wrapper Functions
  • VBA Wrapper Function List
• C++ (STL) Functions
• .NET Classes and Methods
  • Cross-reference between Functions and .NET Methods
  • .NET Help File
• Summary of .NET Classes
  • Asn1 Class
  • Cipher Class
  • Cms Class
  • Cnv Class
  • Compr Class
  • Ecc Class
  • General Class
  • Hash Class
  • Hmac Class
  • Hpke Class
  • Kdf Class
  • Ocsp Class
  • Pbe Class
  • Pem Class
  • Pfx Class
  • Prf Class
  • Pwd Class
  • Rng Class
  • Rsa Class
  • Sig Class
  • Smime Class
  • Tdea Class
  • Wipe Class
  • X509 Class
  • Xof Class
• List of .Net Methods
• Enumerations in .NET
• Error Handling and Error Codes
• Acknowledgements
• Primary References
• Bibliography
• Index
• Revision History