synapse/Crypt32.pas

676 lines
29 KiB
ObjectPascal
Raw Normal View History

{==============================================================================|
| Project : Ararat Synapse | 001.000.000 |
|==============================================================================|
| Content: minimal support for crypt32 windows API |
|==============================================================================|
| Copyright (c)2018, Pepak |
| All rights reserved. |
| |
| Redistribution and use in source and binary forms, with or without |
| modification, are permitted provided that the following conditions are met: |
| |
| Redistributions of source code must retain the above copyright notice, this |
| list of conditions and the following disclaimer. |
| |
| Redistributions in binary form must reproduce the above copyright notice, |
| this list of conditions and the following disclaimer in the documentation |
| and/or other materials provided with the distribution. |
| |
| Neither the name of Lukas Gebauer nor the names of its contributors may |
| be used to endorse or promote products derived from this software without |
| specific prior written permission. |
| |
| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
| AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR |
| ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR |
| SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
| CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH |
| DAMAGE. |
|==============================================================================|
| The Initial Developer of the Original Code is Pepak (Czech Republic). |
| Portions created by Pepak are Copyright (c)2018. |
| All Rights Reserved. |
|==============================================================================|
| Contributor(s): |
|==============================================================================|
| History: see HISTORY.HTM from distribution package |
| (Found at URL: http://www.ararat.cz/synapse/) |
|==============================================================================}
unit Crypt32;
// Pozor, tohle je naprosto minimalni mnozina toho, co Crypt32.dll nabizi.
// Prevedl jsem jen to, co jsem potreboval.
interface
uses
Windows;
const
AdvapiLib = 'advapi32.dll';
CryptoLib = 'crypt32.dll';
CryptDlgLib = 'cryptdlg.dll';
type
HCERTSTORE = THandle;
HCRYPTPROV = THandle;
HCRYPTKEY = THandle;
PCRYPT_DATA_BLOB = ^CRYPT_DATA_BLOB;
CRYPT_DATA_BLOB = record
cbData: DWORD;
pbData: PByte;
end;
const
CRYPT_EXPORTABLE = $00000001;
CRYPT_USER_PROTECTED = $00000002;
CRYPT_MACHINE_KEYSET = $00000020;
CRYPT_USER_KEYSET = $00001000;
const
PKCS12_PREFER_CNG_KSP = $00000100;
PKCS12_ALWAYS_CNG_KSP = $00000200;
PKCS12_ALLOW_OVERWRITE_KEY = $00004000;
PKCS12_NO_PERSIST_KEY = $00008000;
PKCS12_INCLUDE_EXTENDED_PROPERTIES = $0010;
type
CRYPT_ALGORITHM_IDENTIFIER = record
pszObjId: PAnsiChar;
Parameters: CRYPT_DATA_BLOB;
end;
CERT_PUBLIC_KEY_INFO = record
Algorithm: CRYPT_ALGORITHM_IDENTIFIER;
PublicKey: CRYPT_DATA_BLOB;
end;
PCERT_EXTENSION = ^CERT_EXTENSION;
CERT_EXTENSION = record
pszObjId: PAnsiChar;
bCritical: BOOL;
Value: CRYPT_DATA_BLOB;
end;
PCERT_INFO = ^CERT_INFO;
CERT_INFO = record
dwVersion: DWORD;
SerialNumber: CRYPT_DATA_BLOB;
SignatureAlgorithm: CRYPT_ALGORITHM_IDENTIFIER;
Issuer: CRYPT_DATA_BLOB;
NotBefore: FILETIME;
NotAfter: FILETIME;
Subject: CRYPT_DATA_BLOB;
SubjectPublicKeyInfo: CERT_PUBLIC_KEY_INFO;
IssuerUniqueId: CRYPT_DATA_BLOB;
SubjectUniqueId: CRYPT_DATA_BLOB;
cExtension: DWORD;
rgExtension: PCERT_EXTENSION;
end;
PPCCERT_CONTEXT = ^PCCERT_CONTEXT;
PCCERT_CONTEXT = ^CERT_CONTEXT;
CERT_CONTEXT = record
dwCertEncodingType: DWORD;
pbCertEncoded: PByte;
cbCertEncoded: DWORD;
pCertInfo: PCERT_INFO;
hCertStore: HCERTSTORE;
end;
PCRYPT_KEY_PROV_PARAM = ^CRYPT_KEY_PROV_PARAM;
CRYPT_KEY_PROV_PARAM = record
dwParam: DWORD;
pbData: PByte;
cbData: DWORD;
dwFlags: DWORD;
end;
PCRYPT_KEY_PROV_INFO = ^CRYPT_KEY_PROV_INFO;
CRYPT_KEY_PROV_INFO = record
pwszContainerName: PWideChar;
pwszProvName: PWideChar;
dwProvType: DWORD;
dwFlags: DWORD;
cProvParam: DWORD;
rgProvParam: PCRYPT_KEY_PROV_PARAM;
dwKeySpec: DWORD;
__dummy: array[0..65535] of byte;
end;
PCRYPT_HASH_BLOB = ^CRYPT_HASH_BLOB;
CRYPT_HASH_BLOB = record
cbData: DWORD;
pbData: Pointer;
end;
PCRL_ENTRY = ^CRL_ENTRY;
CRL_ENTRY = record
SerialNumber: CRYPT_DATA_BLOB;
RevocationDate: FILETIME;
cExtension: DWORD;
rgExtension: PCERT_EXTENSION;
end;
PCRL_INFO = ^CRL_INFO;
CRL_INFO = record
dwVersion: DWORD;
SignatureAlgorithm: CRYPT_ALGORITHM_IDENTIFIER;
Issuer: CRYPT_DATA_BLOB;
ThisUpdate: FILETIME;
NextUpdate: FILETIME;
cCRLEntry: DWORD;
rgCRLEntry: PCRL_ENTRY;
cExtension: DWORD;
rgExtension: PCERT_EXTENSION;
end;
PCCRL_CONTEXT = ^CRL_CONTEXT;
CRL_CONTEXT = record
dwCertEncodingType: DWORD;
pbCrlEncoded: Pointer;
cbCrlEncoded: DWORD;
pCrlInfo: PCRL_INFO;
hCertStore: HCERTSTORE;
end;
PCRYPT_ATTRIBUTE = ^CRYPT_ATTRIBUTE;
CRYPT_ATTRIBUTE = record
pszObjId: LPSTR;
cValue: DWORD;
rgValue: PCRYPT_DATA_BLOB;
end;
PCRYPT_SIGN_MESSAGE_PARA = ^CRYPT_SIGN_MESSAGE_PARA;
CRYPT_SIGN_MESSAGE_PARA = record
cbSize: DWORD;
dwMsgEncodingType: DWORD;
pSigningCert: PCCERT_CONTEXT;
HashAlgorithm: CRYPT_ALGORITHM_IDENTIFIER;
pvHashAuxInfo: Pointer;
cMsgCert: DWORD;
rgpMsgCert: PCCERT_CONTEXT;
cMsgCrl: DWORD;
rgpMsgCrl: PCCRL_CONTEXT;
cAuthAttr: DWORD;
rgAuthAttr: PCRYPT_ATTRIBUTE;
cUnauthAttr: DWORD;
rgUnauthAttr: PCRYPT_ATTRIBUTE;
dwFlags: DWORD;
dwInnerContentType: DWORD;
HashEncryptionAlgorithm: CRYPT_ALGORITHM_IDENTIFIER;
pvHashEncryptionAuxInfo: Pointer;
end;
PPtrArray = ^TPtrArray;
TPtrArray = array[0..32767] of Pointer;
PDWORDArray = ^TDWORDArray;
TDWORDArray = array[0..32767] of DWORD;
const
CERT_STORE_PROV_MSG = LPCSTR(1);
CERT_STORE_PROV_MEMORY = LPCSTR(2);
CERT_STORE_PROV_FILE = LPCSTR(3);
CERT_STORE_PROV_REG = LPCSTR(4);
CERT_STORE_PROV_PKCS7 = LPCSTR(5);
CERT_STORE_PROV_SERIALIZED = LPCSTR(6);
CERT_STORE_PROV_FILENAME_A = LPCSTR(7);
CERT_STORE_PROV_FILENAME_W = LPCSTR(8);
CERT_STORE_PROV_FILENAME = CERT_STORE_PROV_FILENAME_W;
CERT_STORE_PROV_SYSTEM_A = LPCSTR(9);
CERT_STORE_PROV_SYSTEM_W = LPCSTR(10);
CERT_STORE_PROV_SYSTEM = CERT_STORE_PROV_SYSTEM_W;
CERT_STORE_PROV_COLLECTION = LPCSTR(11);
CERT_STORE_PROV_SYSTEM_REGISTRY_A = LPCSTR(12);
CERT_STORE_PROV_SYSTEM_REGISTRY_W = LPCSTR(13);
CERT_STORE_PROV_SYSTEM_REGISTRY = CERT_STORE_PROV_SYSTEM_REGISTRY_W;
CERT_STORE_PROV_PHYSICAL_W = LPCSTR(14);
CERT_STORE_PROV_PHYSICAL = CERT_STORE_PROV_PHYSICAL_W;
CERT_STORE_PROV_SMART_CARD_W = LPCSTR(15);
CERT_STORE_PROV_SMART_CARD = CERT_STORE_PROV_SMART_CARD_W;
CERT_STORE_PROV_LDAP_W = LPCSTR(16);
CERT_STORE_PROV_LDAP = CERT_STORE_PROV_LDAP_W;
sz_CERT_STORE_PROV_MEMORY = 'Memory';
sz_CERT_STORE_PROV_FILENAME_W = 'File';
sz_CERT_STORE_PROV_FILENAME = sz_CERT_STORE_PROV_FILENAME_W;
sz_CERT_STORE_PROV_SYSTEM_W = 'System';
sz_CERT_STORE_PROV_SYSTEM = sz_CERT_STORE_PROV_SYSTEM_W;
sz_CERT_STORE_PROV_PKCS7 = 'PKCS7';
sz_CERT_STORE_PROV_SERIALIZED = 'Serialized';
sz_CERT_STORE_PROV_COLLECTION = 'Collection';
sz_CERT_STORE_PROV_SYSTEM_REGISTRY_W = 'SystemRegistry';
sz_CERT_STORE_PROV_SYSTEM_REGISTRY = sz_CERT_STORE_PROV_SYSTEM_REGISTRY_W;
sz_CERT_STORE_PROV_PHYSICAL_W = 'Physical';
sz_CERT_STORE_PROV_PHYSICAL = sz_CERT_STORE_PROV_PHYSICAL_W;
sz_CERT_STORE_PROV_SMART_CARD_W = 'SmartCard';
sz_CERT_STORE_PROV_SMART_CARD = sz_CERT_STORE_PROV_SMART_CARD_W;
sz_CERT_STORE_PROV_LDAP_W = 'Ldap';
sz_CERT_STORE_PROV_LDAP = sz_CERT_STORE_PROV_LDAP_W;
const
X509_ASN_ENCODING = 1;
PKCS_7_ASN_ENCODING = 65536;
const
CERT_SYSTEM_STORE_UNPROTECTED_FLAG = $40000000;
CERT_SYSTEM_STORE_LOCATION_MASK = $ff0000;
CERT_SYSTEM_STORE_LOCATION_SHIFT = 16;
CERT_SYSTEM_STORE_CURRENT_USER_ID = 1;
CERT_SYSTEM_STORE_LOCAL_MACHINE_ID = 2;
CERT_SYSTEM_STORE_CURRENT_SERVICE_ID = 4;
CERT_SYSTEM_STORE_SERVICES_ID = 5;
CERT_SYSTEM_STORE_USERS_ID = 6;
CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY_ID = 7;
CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY_ID = 8;
CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE_ID = 9;
CERT_SYSTEM_STORE_CURRENT_USER = (CERT_SYSTEM_STORE_CURRENT_USER_ID shl CERT_SYSTEM_STORE_LOCATION_SHIFT);
CERT_SYSTEM_STORE_LOCAL_MACHINE = (CERT_SYSTEM_STORE_LOCAL_MACHINE_ID shl CERT_SYSTEM_STORE_LOCATION_SHIFT);
CERT_SYSTEM_STORE_CURRENT_SERVICE = (CERT_SYSTEM_STORE_CURRENT_SERVICE_ID shl CERT_SYSTEM_STORE_LOCATION_SHIFT);
CERT_SYSTEM_STORE_SERVICES = (CERT_SYSTEM_STORE_SERVICES_ID shl CERT_SYSTEM_STORE_LOCATION_SHIFT);
CERT_SYSTEM_STORE_USERS = (CERT_SYSTEM_STORE_USERS_ID shl CERT_SYSTEM_STORE_LOCATION_SHIFT);
CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY = (CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY_ID shl CERT_SYSTEM_STORE_LOCATION_SHIFT);
CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY = (CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY_ID shl CERT_SYSTEM_STORE_LOCATION_SHIFT);
CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE = (CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE_ID shl CERT_SYSTEM_STORE_LOCATION_SHIFT);
CERT_STORE_READONLY_FLAG = $8000;
const
CERT_FIND_ANY = 0;
CERT_FIND_CERT_ID = 1048576;
CERT_FIND_CTL_USAGE = 655360;
CERT_FIND_ENHKEY_USAGE = 655360;
CERT_FIND_EXISTING = 851968;
CERT_FIND_HASH = 65536;
CERT_FIND_ISSUER_ATTR = 196612;
CERT_FIND_ISSUER_NAME = 131076;
CERT_FIND_ISSUER_OF = 786432;
CERT_FIND_KEY_IDENTIFIER = 983040;
CERT_FIND_KEY_SPEC = 589824;
CERT_FIND_MD5_HASH = 262144;
CERT_FIND_PROPERTY = 327680;
CERT_FIND_PUBLIC_KEY = 393216;
CERT_FIND_SHA1_HASH = 65536;
CERT_FIND_SIGNATURE_HASH = 917504;
CERT_FIND_SUBJECT_ATTR = 196615;
CERT_FIND_SUBJECT_CERT = 720896;
CERT_FIND_SUBJECT_NAME = 131079;
CERT_FIND_SUBJECT_STR_A = 458759;
CERT_FIND_SUBJECT_STR_W = 524295;
CERT_FIND_ISSUER_STR_A = 458756;
CERT_FIND_ISSUER_STR_W = 524292;
CERT_FIND_OR_ENHKEY_USAGE_FLAG = 16;
CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG = 1;
CERT_FIND_NO_ENHKEY_USAGE_FLAG = 8;
CERT_FIND_VALID_ENHKEY_USAGE_FLAG = 32;
CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG = 2;
const
CERT_NAME_EMAIL_TYPE = 1;
CERT_NAME_RDN_TYPE = 2;
CERT_NAME_ATTR_TYPE = 3;
CERT_NAME_SIMPLE_DISPLAY_TYPE = 4;
CERT_NAME_FRIENDLY_DISPLAY_TYPE = 5;
CERT_NAME_DNS_TYPE = 6;
CERT_NAME_URL_TYPE = 7;
CERT_NAME_UPN_TYPE = 8;
const
CERT_NAME_ISSUER_FLAG = 1;
const
CERT_KEY_PROV_HANDLE_PROP_ID = 1;
CERT_KEY_PROV_INFO_PROP_ID = 2;
CERT_SHA1_HASH_PROP_ID = 3;
CERT_MD5_HASH_PROP_ID = 4;
CERT_HASH_PROP_ID = CERT_SHA1_HASH_PROP_ID;
CERT_KEY_CONTEXT_PROP_ID = 5;
CERT_KEY_SPEC_PROP_ID = 6;
CERT_IE30_RESERVED_PROP_ID = 7;
CERT_PUBKEY_HASH_RESERVED_PROP_ID = 8;
CERT_ENHKEY_USAGE_PROP_ID = 9;
CERT_CTL_USAGE_PROP_ID = CERT_ENHKEY_USAGE_PROP_ID;
CERT_NEXT_UPDATE_LOCATION_PROP_ID = 10;
CERT_FRIENDLY_NAME_PROP_ID = 11;
CERT_PVK_FILE_PROP_ID = 12;
CERT_DESCRIPTION_PROP_ID = 13;
CERT_ACCESS_STATE_PROP_ID = 14;
CERT_SIGNATURE_HASH_PROP_ID = 15;
CERT_SMART_CARD_DATA_PROP_ID = 16;
CERT_EFS_PROP_ID = 17;
CERT_FORTEZZA_DATA_PROP_ID = 18;
CERT_ARCHIVED_PROP_ID = 19;
CERT_KEY_IDENTIFIER_PROP_ID = 20;
CERT_AUTO_ENROLL_PROP_ID = 21;
CERT_PUBKEY_ALG_PARA_PROP_ID = 22;
CERT_CROSS_CERT_DIST_POINTS_PROP_ID = 23;
CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID = 24;
CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID = 25;
CERT_ENROLLMENT_PROP_ID = 26;
CERT_DATE_STAMP_PROP_ID = 27;
CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID = 28;
CERT_SUBJECT_NAME_MD5_HASH_PROP_ID = 29;
CERT_EXTENDED_ERROR_INFO_PROP_ID = 30;
CERT_RENEWAL_PROP_ID = 64;
CERT_ARCHIVED_KEY_HASH_PROP_ID = 65;
CERT_AUTO_ENROLL_RETRY_PROP_ID = 66;
CERT_AIA_URL_RETRIEVED_PROP_ID = 67;
CERT_AUTHORITY_INFO_ACCESS_PROP_ID = 68;
CERT_BACKED_UP_PROP_ID = 69;
CERT_OCSP_RESPONSE_PROP_ID = 70;
CERT_REQUEST_ORIGINATOR_PROP_ID = 71;
CERT_SOURCE_LOCATION_PROP_ID = 72;
CERT_SOURCE_URL_PROP_ID = 73;
CERT_NEW_KEY_PROP_ID = 74;
CERT_OCSP_CACHE_PREFIX_PROP_ID = 75;
CERT_SMART_CARD_ROOT_INFO_PROP_ID = 76;
CERT_NO_AUTO_EXPIRE_CHECK_PROP_ID = 77;
CERT_NCRYPT_KEY_HANDLE_PROP_ID = 78;
CERT_HCRYPTPROV_OR_NCRYPT_KEY_HANDLE_PROP_ID = 79;
CERT_SUBJECT_INFO_ACCESS_PROP_ID = 80;
CERT_CA_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID = 81;
CERT_CA_DISABLE_CRL_PROP_ID = 82;
CERT_ROOT_PROGRAM_CERT_POLICIES_PROP_ID = 83;
CERT_ROOT_PROGRAM_NAME_CONSTRAINTS_PROP_ID = 84;
CERT_SUBJECT_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID = 85;
CERT_SUBJECT_DISABLE_CRL_PROP_ID = 86;
CERT_CEP_PROP_ID = 87;
CERT_SIGN_HASH_CNG_ALG_PROP_ID = 89;
CERT_SCARD_PIN_ID_PROP_ID = 90;
CERT_SCARD_PIN_INFO_PROP_ID = 91;
CERT_SUBJECT_PUB_KEY_BIT_LENGTH_PROP_ID = 92;
CERT_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID = 93;
CERT_ISSUER_PUB_KEY_BIT_LENGTH_PROP_ID = 94;
CERT_ISSUER_CHAIN_SIGN_HASH_CNG_ALG_PROP_ID = 95;
CERT_ISSUER_CHAIN_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID = 96;
CERT_NO_EXPIRE_NOTIFICATION_PROP_ID = 97;
CERT_AUTH_ROOT_SHA256_HASH_PROP_ID = 98;
CERT_NCRYPT_KEY_HANDLE_TRANSFER_PROP_ID = 99;
CERT_HCRYPTPROV_TRANSFER_PROP_ID = 100;
CERT_SMART_CARD_READER_PROP_ID = 101;
CERT_SEND_AS_TRUSTED_ISSUER_PROP_ID = 102;
CERT_KEY_REPAIR_ATTEMPTED_PROP_ID = 103;
CERT_DISALLOWED_FILETIME_PROP_ID = 104;
CERT_ROOT_PROGRAM_CHAIN_POLICIES_PROP_ID = 105;
CERT_SMART_CARD_READER_NON_REMOVABLE_PROP_ID = 106;
CERT_FIRST_RESERVED_PROP_ID = 107;
CERT_LAST_RESERVED_PROP_ID = $00007fff;
CERT_FIRST_USER_PROP_ID = $8000;
CERT_LAST_USER_PROP_ID = $0000ffff;
const
CRYPT_DELETEKEYSET = 16;
const
CRYPT_E_NOT_FOUND = $80092004;
const
CRYPT_ACQUIRE_CACHE_FLAG = $1;
CRYPT_ACQUIRE_USE_PROV_INFO_FLAG = $2;
CRYPT_ACQUIRE_COMPARE_KEY_FLAG = $4;
CRYPT_ACQUIRE_NO_HEALING = $8;
CRYPT_ACQUIRE_SILENT_FLAG = $40;
CRYPT_ACQUIRE_WINDOW_HANDLE_FLAG = $80;
CRYPT_ACQUIRE_NCRYPT_KEY_FLAGS_MASK = $70000;
CRYPT_ACQUIRE_ALLOW_NCRYPT_KEY_FLAG = $10000;
CRYPT_ACQUIRE_PREFER_NCRYPT_KEY_FLAG = $20000;
CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG = $40000;
const
szOID_RSA = '1.2.840.113549';
szOID_PKCS = '1.2.840.113549.1';
szOID_RSA_HASH = '1.2.840.113549.2';
szOID_RSA_ENCRYPT = '1.2.840.113549.3';
szOID_PKCS_1 = '1.2.840.113549.1.1';
szOID_PKCS_2 = '1.2.840.113549.1.2';
szOID_PKCS_3 = '1.2.840.113549.1.3';
szOID_PKCS_4 = '1.2.840.113549.1.4';
szOID_PKCS_5 = '1.2.840.113549.1.5';
szOID_PKCS_6 = '1.2.840.113549.1.6';
szOID_PKCS_7 = '1.2.840.113549.1.7';
szOID_PKCS_8 = '1.2.840.113549.1.8';
szOID_PKCS_9 = '1.2.840.113549.1.9';
szOID_PKCS_10 = '1.2.840.113549.1.10';
szOID_PKCS_12 = '1.2.840.113549.1.12';
szOID_RSA_RSA = '1.2.840.113549.1.1.1';
szOID_RSA_MD2RSA = '1.2.840.113549.1.1.2';
szOID_RSA_MD4RSA = '1.2.840.113549.1.1.3';
szOID_RSA_MD5RSA = '1.2.840.113549.1.1.4';
szOID_RSA_SHA1RSA = '1.2.840.113549.1.1.5';
szOID_RSA_SETOAEP_RSA = '1.2.840.113549.1.1.6';
szOID_RSAES_OAEP = '1.2.840.113549.1.1.7';
szOID_RSA_MGF1 = '1.2.840.113549.1.1.8';
szOID_RSA_PSPECIFIED = '1.2.840.113549.1.1.9';
szOID_RSA_SSA_PSS = '1.2.840.113549.1.1.10';
szOID_RSA_SHA256RSA = '1.2.840.113549.1.1.11';
szOID_RSA_SHA384RSA = '1.2.840.113549.1.1.12';
szOID_RSA_SHA512RSA = '1.2.840.113549.1.1.13';
szOID_RSA_DH = '1.2.840.113549.1.3.1';
szOID_RSA_data = '1.2.840.113549.1.7.1';
szOID_RSA_signedData = '1.2.840.113549.1.7.2';
szOID_RSA_envelopedData = '1.2.840.113549.1.7.3';
szOID_RSA_signEnvData = '1.2.840.113549.1.7.4';
szOID_RSA_digestedData = '1.2.840.113549.1.7.5';
szOID_RSA_hashedData = '1.2.840.113549.1.7.5';
szOID_RSA_encryptedData = '1.2.840.113549.1.7.6';
szOID_RSA_emailAddr = '1.2.840.113549.1.9.1';
szOID_RSA_unstructName = '1.2.840.113549.1.9.2';
szOID_RSA_contentType = '1.2.840.113549.1.9.3';
szOID_RSA_messageDigest = '1.2.840.113549.1.9.4';
szOID_RSA_signingTime = '1.2.840.113549.1.9.5';
szOID_RSA_counterSign = '1.2.840.113549.1.9.6';
szOID_RSA_challengePwd = '1.2.840.113549.1.9.7';
szOID_RSA_unstructAddr = '1.2.840.113549.1.9.8';
szOID_RSA_extCertAttrs = '1.2.840.113549.1.9.9';
szOID_RSA_certExtensions = '1.2.840.113549.1.9.14';
szOID_RSA_SMIMECapabilities = '1.2.840.113549.1.9.15';
szOID_RSA_preferSignedData = '1.2.840.113549.1.9.15.1';
szOID_TIMESTAMP_TOKEN = '1.2.840.113549.1.9.16.1.4';
szOID_RFC3161_counterSign = '1.3.6.1.4.1.311.3.3.1';
szOID_RSA_SMIMEalg = '1.2.840.113549.1.9.16.3';
szOID_RSA_SMIMEalgESDH = '1.2.840.113549.1.9.16.3.5';
szOID_RSA_SMIMEalgCMS3DESwrap = '1.2.840.113549.1.9.16.3.6';
szOID_RSA_SMIMEalgCMSRC2wrap = '1.2.840.113549.1.9.16.3.7';
szOID_RSA_MD2 = '1.2.840.113549.2.2';
szOID_RSA_MD4 = '1.2.840.113549.2.4';
szOID_RSA_MD5 = '1.2.840.113549.2.5';
szOID_RSA_RC2CBC = '1.2.840.113549.3.2';
szOID_RSA_RC4 = '1.2.840.113549.3.4';
szOID_RSA_DES_EDE3_CBC = '1.2.840.113549.3.7';
szOID_RSA_RC5_CBCPad = '1.2.840.113549.3.9';
szOID_ANSI_X942 = '1.2.840.10046';
szOID_ANSI_X942_DH = '1.2.840.10046.2.1';
szOID_X957 = '1.2.840.10040';
szOID_X957_DSA = '1.2.840.10040.4.1';
szOID_X957_SHA1DSA = '1.2.840.10040.4.3';
szOID_ECC_PUBLIC_KEY = '1.2.840.10045.2.1';
szOID_ECC_CURVE_P256 = '1.2.840.10045.3.1.7';
szOID_ECC_CURVE_P384 = '1.3.132.0.34';
szOID_ECC_CURVE_P521 = '1.3.132.0.35';
szOID_ECDSA_SHA1 = '1.2.840.10045.4.1';
szOID_ECDSA_SPECIFIED = '1.2.840.10045.4.3';
szOID_ECDSA_SHA256 = '1.2.840.10045.4.3.2';
szOID_ECDSA_SHA384 = '1.2.840.10045.4.3.3';
szOID_ECDSA_SHA512 = '1.2.840.10045.4.3.4';
szOID_NIST_AES128_CBC = '2.16.840.1.101.3.4.1.2';
szOID_NIST_AES192_CBC = '2.16.840.1.101.3.4.1.22';
szOID_NIST_AES256_CBC = '2.16.840.1.101.3.4.1.42';
szOID_NIST_AES128_WRAP = '2.16.840.1.101.3.4.1.5';
szOID_NIST_AES192_WRAP = '2.16.840.1.101.3.4.1.25';
szOID_NIST_AES256_WRAP = '2.16.840.1.101.3.4.1.45';
szOID_DH_SINGLE_PASS_STDDH_SHA1_KDF = '1.3.133.16.840.63.0.2';
szOID_DH_SINGLE_PASS_STDDH_SHA256_KDF = '1.3.132.1.11.1';
szOID_DH_SINGLE_PASS_STDDH_SHA384_KDF = '1.3.132.1.11.2';
szOID_DS = '2.5';
szOID_DSALG = '2.5.8';
szOID_DSALG_CRPT = '2.5.8.1';
szOID_DSALG_HASH = '2.5.8.2';
szOID_DSALG_SIGN = '2.5.8.3';
szOID_DSALG_RSA = '2.5.8.1.1';
szOID_OIW = '1.3.14';
szOID_OIWSEC = '1.3.14.3.2';
szOID_OIWSEC_md4RSA = '1.3.14.3.2.2';
szOID_OIWSEC_md5RSA = '1.3.14.3.2.3';
szOID_OIWSEC_md4RSA2 = '1.3.14.3.2.4';
szOID_OIWSEC_desECB = '1.3.14.3.2.6';
szOID_OIWSEC_desCBC = '1.3.14.3.2.7';
szOID_OIWSEC_desOFB = '1.3.14.3.2.8';
szOID_OIWSEC_desCFB = '1.3.14.3.2.9';
szOID_OIWSEC_desMAC = '1.3.14.3.2.10';
szOID_OIWSEC_rsaSign = '1.3.14.3.2.11';
szOID_OIWSEC_dsa = '1.3.14.3.2.12';
szOID_OIWSEC_shaDSA = '1.3.14.3.2.13';
szOID_OIWSEC_mdc2RSA = '1.3.14.3.2.14';
szOID_OIWSEC_shaRSA = '1.3.14.3.2.15';
szOID_OIWSEC_dhCommMod = '1.3.14.3.2.16';
szOID_OIWSEC_desEDE = '1.3.14.3.2.17';
szOID_OIWSEC_sha = '1.3.14.3.2.18';
szOID_OIWSEC_mdc2 = '1.3.14.3.2.19';
szOID_OIWSEC_dsaComm = '1.3.14.3.2.20';
szOID_OIWSEC_dsaCommSHA = '1.3.14.3.2.21';
szOID_OIWSEC_rsaXchg = '1.3.14.3.2.22';
szOID_OIWSEC_keyHashSeal = '1.3.14.3.2.23';
szOID_OIWSEC_md2RSASign = '1.3.14.3.2.24';
szOID_OIWSEC_md5RSASign = '1.3.14.3.2.25';
szOID_OIWSEC_sha1 = '1.3.14.3.2.26';
szOID_OIWSEC_dsaSHA1 = '1.3.14.3.2.27';
szOID_OIWSEC_dsaCommSHA1 = '1.3.14.3.2.28';
szOID_OIWSEC_sha1RSASign = '1.3.14.3.2.29';
szOID_OIWDIR = '1.3.14.7.2';
szOID_OIWDIR_CRPT = '1.3.14.7.2.1';
szOID_OIWDIR_HASH = '1.3.14.7.2.2';
szOID_OIWDIR_SIGN = '1.3.14.7.2.3';
szOID_OIWDIR_md2 = '1.3.14.7.2.2.1';
szOID_OIWDIR_md2RSA = '1.3.14.7.2.3.1';
szOID_INFOSEC = '2.16.840.1.101.2.1';
szOID_INFOSEC_sdnsSignature = '2.16.840.1.101.2.1.1.1';
szOID_INFOSEC_mosaicSignature = '2.16.840.1.101.2.1.1.2';
szOID_INFOSEC_sdnsConfidentiality = '2.16.840.1.101.2.1.1.3';
szOID_INFOSEC_mosaicConfidentiality = '2.16.840.1.101.2.1.1.4';
szOID_INFOSEC_sdnsIntegrity = '2.16.840.1.101.2.1.1.5';
szOID_INFOSEC_mosaicIntegrity = '2.16.840.1.101.2.1.1.6';
szOID_INFOSEC_sdnsTokenProtection = '2.16.840.1.101.2.1.1.7';
szOID_INFOSEC_mosaicTokenProtection = '2.16.840.1.101.2.1.1.8';
szOID_INFOSEC_sdnsKeyManagement = '2.16.840.1.101.2.1.1.9';
szOID_INFOSEC_mosaicKeyManagement = '2.16.840.1.101.2.1.1.10';
szOID_INFOSEC_sdnsKMandSig = '2.16.840.1.101.2.1.1.11';
szOID_INFOSEC_mosaicKMandSig = '2.16.840.1.101.2.1.1.12';
szOID_INFOSEC_SuiteASignature = '2.16.840.1.101.2.1.1.13';
szOID_INFOSEC_SuiteAConfidentiality = '2.16.840.1.101.2.1.1.14';
szOID_INFOSEC_SuiteAIntegrity = '2.16.840.1.101.2.1.1.15';
szOID_INFOSEC_SuiteATokenProtection = '2.16.840.1.101.2.1.1.16';
szOID_INFOSEC_SuiteAKeyManagement = '2.16.840.1.101.2.1.1.17';
szOID_INFOSEC_SuiteAKMandSig = '2.16.840.1.101.2.1.1.18';
szOID_INFOSEC_mosaicUpdatedSig = '2.16.840.1.101.2.1.1.19';
szOID_INFOSEC_mosaicKMandUpdSig = '2.16.840.1.101.2.1.1.20';
szOID_INFOSEC_mosaicUpdatedInteg = '2.16.840.1.101.2.1.1.21';
szOID_NIST_sha256 = '2.16.840.1.101.3.4.2.1';
szOID_NIST_sha384 = '2.16.840.1.101.3.4.2.2';
szOID_NIST_sha512 = '2.16.840.1.101.3.4.2.3';
const
CERT_STORE_ADD_NEW = 1;
CERT_STORE_ADD_USE_EXISTING = 2;
CERT_STORE_ADD_REPLACE_EXISTING = 3;
CERT_STORE_ADD_ALWAYS = 4;
CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES = 5;
CERT_STORE_ADD_NEWER = 6;
CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES = 7;
function PFXImportCertStore(pPFX: PCRYPT_DATA_BLOB; szPassword: PWideChar; dwFlags: DWORD): HCERTSTORE; stdcall; external CryptoLib;
function CertOpenSystemStore(hProv: HCRYPTPROV; szSubsystemProtocol: PChar): HCERTSTORE; stdcall; external CryptoLib name {$IFDEF UNICODE} 'CertOpenSystemStoreW' {$ELSE} 'CertOpenSystemStoreA' {$ENDIF} ;
function CertOpenStore(szStoreProvider: LPCSTR; dwMsgAndCertEncodingType: DWORD; hCryptProv: HCRYPTPROV; dwFlags: DWORD; pvPara: Pointer): HCERTSTORE; stdcall; external CryptoLib name 'CertOpenStore';
function CertCloseStore(hCertStore: HCERTSTORE; dwFlags: DWORD): BOOL; stdcall; external CryptoLib;
function CertEnumCertificatesInStore(hCertStore: HCERTSTORE; pPrevCertContext: PCCERT_CONTEXT): PCCERT_CONTEXT; stdcall; external CryptoLib;
function CertFindCertificateInStore(hCertStore: HCERTSTORE; dwCertEncodingType: DWORD; dwFindFlags: DWORD; dwFindType: DWORD; pvFindPara: Pointer; pPrevCertContext: PCCERT_CONTEXT): PCCERT_CONTEXT; stdcall; external CryptoLib;
function CertFreeCertificateContext(pCertContext: PCCERT_CONTEXT): BOOL; stdcall; external CryptoLib;
function CertDuplicateCertificateContext(pCertContext: PCCERT_CONTEXT): PCCERT_CONTEXT; stdcall; external CryptoLib;
function CertGetNameStringA(pCertContext: PCCERT_CONTEXT; dwType, dwFlags: DWORD; pvTypePara: Pointer; pszNameString: PAnsiChar; cchNameString: DWORD): DWORD; stdcall; external CryptoLib name 'CertGetNameStringA';
function CertGetNameStringW(pCertContext: PCCERT_CONTEXT; dwType, dwFlags: DWORD; pvTypePara: Pointer; pszNameString: PWideChar; cchNameString: DWORD): DWORD; stdcall; external CryptoLib name 'CertGetNameStringW';
function CertGetNameString(pCertContext: PCCERT_CONTEXT; dwType, dwFlags: DWORD; pvTypePara: Pointer; pszNameString: PChar; cchNameString: DWORD): DWORD; stdcall; external CryptoLib name {$IFDEF UNICODE} 'CertGetNameStringW' {$ELSE} 'CertGetNameStringA' {$ENDIF} ;
function GetFriendlyNameOfCert(pCertContext: PCCERT_CONTEXT; pchBuffer: PChar; cchBuffer: DWORD): DWORD; stdcall; external CryptDlgLib name {$IFDEF UNICODE} 'GetFriendlyNameOfCertW' {$ELSE} 'GetFriendlyNameOfCertA' {$ENDIF} ;
function CertGetCertificateContextProperty(pCertContext: PCCERT_CONTEXT; dwPropId: DWORD; pvData: Pointer; var pcbData: DWORD): BOOL; stdcall; external CryptoLib;
function CryptAcquireContextA(var phProv: HCRYPTPROV; pszContainer, pszProvider: PAnsiChar; dwProvType, dwFlags: DWORD): BOOL; stdcall; external AdvapiLib;
function CryptAcquireContextU(var phProv: HCRYPTPROV; pszContainer, pszProvider: PWideChar; dwProvType, dwFlags: DWORD): BOOL; stdcall; external AdvapiLib name 'CryptAcquireContextW';
function CryptAcquireContextW(var phProv: HCRYPTPROV; pszContainer, pszProvider: PWideChar; dwProvType, dwFlags: DWORD): BOOL; stdcall; external AdvapiLib;
function CryptAcquireContext(var phProv: HCRYPTPROV; pszContainer, pszProvider: PChar; dwProvType, dwFlags: DWORD): BOOL; stdcall; external AdvapiLib name {$IFDEF UNICODE} 'CryptAcquireContextW' {$ELSE} 'CryptAcquireContextA' {$ENDIF} ;
function CryptAcquireCertificatePrivateKey(pCertContext: PCCERT_CONTEXT; dwFlags: DWORD; pvParameters: Pointer; var phCryptProv: HCRYPTPROV; var pdwKeySpec: DWORD; pfCallerFreeProv: PBOOL): BOOL; stdcall; external CryptoLib;
function CertAddCertificateContextToStore(hCertStore: HCERTSTORE; pCertContext: PCCERT_CONTEXT; dwAddDisposition: DWORD; ppStoreContext: PPCCERT_CONTEXT): BOOL; stdcall; external CryptoLib;
function CryptSignMessage(pSignPara: PCRYPT_SIGN_MESSAGE_PARA; fDetachedSignature: BOOL; cToBeSigned: DWORD; rgpbToBeSigned: PPtrArray; rgcbToBeSigned: PDWORDArray; pbSignedBlob: PByte; var pcbSignedBlob: DWORD): BOOL; stdcall external CryptoLib;
function CertGetNameStringPAS(pCertContext: PCCERT_CONTEXT; dwType, dwFlags: DWORD; pvTypePara: Pointer; out Name: string): boolean; overload;
function CertGetNameStringPAS(pCertContext: PCCERT_CONTEXT; dwType, dwFlags: DWORD; pvTypePara: Pointer): string; overload;
function CertGetCertificateContextPropertyPAS(pCertContext: PCCERT_CONTEXT; dwPropId: DWORD; out Data: AnsiString): BOOL; overload;
function CertGetCertificateContextPropertyPAS(pCertContext: PCCERT_CONTEXT; dwPropId: DWORD): AnsiString; overload;
implementation
function CertGetNameStringPAS(pCertContext: PCCERT_CONTEXT; dwType, dwFlags: DWORD; pvTypePara: Pointer; out Name: string): boolean; overload;
var
n: DWORD;
begin
Result := False;
Name := '';
n := CertGetNameString(pCertContext, dwType, dwFlags, pvTypePara, nil, 0);
if n > 0 then
begin
SetLength(Name, n);
n := CertGetNameString(pCertContext, dwType, dwFlags, pvTypePara, @Name[1], n);
if n > 0 then
begin
SetLength(Name, n-1);
Result := True;
end
else
Name := '';
end;
end;
function CertGetNameStringPAS(pCertContext: PCCERT_CONTEXT; dwType, dwFlags: DWORD; pvTypePara: Pointer): string;
begin
if not CertGetNameStringPAS(pCertContext, dwType, dwFlags, pvTypePara, Result) then
Result := '';
end;
function CertGetCertificateContextPropertyPAS(pCertContext: PCCERT_CONTEXT; dwPropId: DWORD; out Data: AnsiString): BOOL;
var
n: DWORD;
begin
Result := False;
Data := '';
n := 0;
if CertGetCertificateContextProperty(pCertContext, dwPropId, nil, n) then
begin
SetLength(Data, n);
if CertGetCertificateContextProperty(pCertContext, dwPropId, @Data[1], n) then
begin
SetLength(Data, n);
Result := True;
end
else
Data := '';
end;
end;
function CertGetCertificateContextPropertyPAS(pCertContext: PCCERT_CONTEXT; dwPropId: DWORD): AnsiString;
begin
if not CertGetCertificateContextPropertyPAS(pCertContext, dwPropId, Result) then
Result := '';
end;
end.