Maybe I'm fooling around with stuff I should stay out of, but I'm trying to create a secure connection for connecting to e.g. gmail..
The following code using 'Cryptlib' seems to work up to the '#CRYPT_SESSINFO_ACTIVE' line. This returns the error value -32, meaning: 'Bad/unrecognised Data format'. The other functions all return 0, meaning 'OK'. I've based this piece of code on the following axample: http://www.coastrd.com/smtps/cryptlib under 'Creating an SSL Session'. Could anyone try to get me in the right direction on this?.. I'm practicly only familiar with PB...
Thanks in advance!
Code: Select all
XIncludeFile "Cryptlib constants.pb"
InitNetwork()
Procedure.s wait(ConnID)
res.s=""
For tmp=1 To 4999
res+" "
Next
ReceiveNetworkData(ConnID,@res,4999)
Debug "received: "+res
res=Left(res,3)
ProcedureReturn res
EndProcedure
Define hSess.l, sSrvr.s, nPort.l
sSrvr = "smtp.gmail.com"
nPort = 25
#Cryptlib = 1
If OpenLibrary(#Cryptlib, "cl32.dll")
*CryptInit = GetFunction(#Cryptlib, "cryptInit")
*CryptCreateSession = GetFunction(#Cryptlib, "cryptCreateSession")
*CryptSetAttributeString = GetFunction(#Cryptlib, "cryptSetAttributeString")
*CryptSetAttribute = GetFunction(#Cryptlib, "cryptSetAttribute")
*CryptGetAttributeString = GetFunction(#Cryptlib, "cryptGetAttributeString")
ConnID = OpenNetworkConnection(sSrvr, 25)
hSess = ConnectionID(ConnID)
Debug "ConnID = " + Str(ConnID)
Debug "hSess= " + Str(hSess)
;To use the library, we must first intitialize it:
Debug CallFunctionFast(*CryptInit)
Debug CallFunctionFast(*CryptCreateSession, @hSess, #CRYPT_UNUSED, #CRYPT_SESSION_SSL);_SERVER
Debug CallFunctionFast(*CryptSetAttributeString, hSess, #CRYPT_SESSINFO_SERVER_NAME, @sSrvr, Len(sSrvr))
Debug CallFunctionFast(*CryptSetAttribute, hSess, #CRYPT_SESSINFO_SERVER_PORT, nPort)
Debug CallFunctionFast(*CryptSetAttribute, hSess, #CRYPT_SESSINFO_ACTIVE, 1)
wait(ConnID)
EndIf
Code: Select all
Enumeration
#CRYPT_SESSION_NONE; ;/* No session type */
#CRYPT_SESSION_SSH; ;/* SSH */
#CRYPT_SESSION_SSH_SERVER; ;/* SSH server */
#CRYPT_SESSION_SSL;, ;/* SSL/TLS */
#CRYPT_SESSION_SSL_SERVER;, ;/* SSL/TLS server */
#CRYPT_SESSION_RTCS;, ;/* RTCS */
#CRYPT_SESSION_RTCS_SERVER;, ;/* RTCS server */
#CRYPT_SESSION_OCSP;, ;/* OCSP */
#CRYPT_SESSION_OCSP_SERVER;, ;/* OCSP server */
#CRYPT_SESSION_TSP;, ;/* TSP */
#CRYPT_SESSION_TSP_SERVER;, ;/* TSP server */
#CRYPT_SESSION_CMP;, ;/* CMP */
#CRYPT_SESSION_CMP_SERVER;, ;/* CMP server */
#CRYPT_SESSION_SCEP;, ;/* SCEP */
#CRYPT_SESSION_SCEP_SERVER;, ;/* SCEP server */
#CRYPT_SESSION_CERTSTORE_SERVER;, ;/* HTTP cert store Interface */
#CRYPT_SESSION_LAST; ;/* Last possible session type */
EndEnumeration
#CRYPT_UNUSED = -101
Enumeration
#CRYPT_ATTRIBUTE_NONE ; ;/* Non-value */
; ;/* Used internally */
#CRYPT_PROPERTY_FIRST
; ;/*********************/
; ;/* Object attributes */
; ;/*********************/
; ;/* Object properties */
#CRYPT_PROPERTY_HIGHSECURITY ; ;/* Owned+non-forwardcount+locked */
#CRYPT_PROPERTY_OWNER ; ;/* Object owner */
#CRYPT_PROPERTY_FORWARDCOUNT ; ;/* No.of times object can be forwarded */
#CRYPT_PROPERTY_LOCKED ; ;/* Whether properties can be chged/Read */
#CRYPT_PROPERTY_USAGECOUNT ; ;/* Usage count before object expires */
#CRYPT_PROPERTY_NONEXPORTABLE ; ;/* Whether key is nonexp.from context */
; ;/* Used internally */
#CRYPT_PROPERTY_LAST
#CRYPT_GENERIC_FIRST
; ;/* Extended error information */
#CRYPT_ATTRIBUTE_ERRORTYPE ; ;/* Type of last error */
#CRYPT_ATTRIBUTE_ERRORLOCUS ; ;/* Locus of last error */
#CRYPT_ATTRIBUTE_INT_ERRORCODE ; ;/* Low-level software-specific */
#CRYPT_ATTRIBUTE_INT_ERRORMESSAGE ; ;/* error code And message */
; ;/* Generic information */
#CRYPT_ATTRIBUTE_CURRENT_GROUP ; ;/* Cursor mgt: Group in attribute List */
#CRYPT_ATTRIBUTE_CURRENT ; ;/* Cursor mgt: Entry in attribute List */
#CRYPT_ATTRIBUTE_CURRENT_INSTANCE ; ;/* Cursor mgt: Instance in attribute List */
#CRYPT_ATTRIBUTE_BUFFERSIZE ; ;/* Internal Data buffer size */
; ;/* User internally */
#CRYPT_GENERIC_LAST
#CRYPT_OPTION_FIRST = 100
; ;/****************************/
; ;/* Configuration attributes */
; ;/****************************/
; ;/* cryptlib information (Read-only) */
#CRYPT_OPTION_INFO_DESCRIPTION ; ;/* Text description */
#CRYPT_OPTION_INFO_COPYRIGHT ; ;/* Copyright notice */
#CRYPT_OPTION_INFO_MAJORVERSION ; ;/* Major release version */
#CRYPT_OPTION_INFO_MINORVERSION ; ;/* Minor release version */
#CRYPT_OPTION_INFO_STEPPING ; ;/* Release stepping */
; ;/* Encryption options */
#CRYPT_OPTION_ENCR_ALGO ; ;/* Encryption algorithm */
#CRYPT_OPTION_ENCR_HASH ; ;/* Hash algorithm */
#CRYPT_OPTION_ENCR_MAC ; ;/* MAC algorithm */
; ;/* PKC options */
#CRYPT_OPTION_PKC_ALGO ; ;/* Public-key encryption algorithm */
#CRYPT_OPTION_PKC_KEYSIZE ; ;/* Public-key encryption key size */
; ;/* Signature options */
#CRYPT_OPTION_SIG_ALGO ; ;/* Signature algorithm */
#CRYPT_OPTION_SIG_KEYSIZE ; ;/* Signature keysize */
; ;/* Keying options */
#CRYPT_OPTION_KEYING_ALGO ; ;/* Key processing algorithm */
#CRYPT_OPTION_KEYING_ITERATIONS ; ;/* Key processing iterations */
; ;/* Certificate options */
#CRYPT_OPTION_CERT_SIGNUNRECOGNISEDATTRIBUTES ; ;/* Whether To sign unrecog.attrs */
#CRYPT_OPTION_CERT_VALIDITY ; ;/* Certificate validity period */
#CRYPT_OPTION_CERT_UPDATEINTERVAL ; ;/* CRL update interval */
#CRYPT_OPTION_CERT_COMPLIANCELEVEL ; ;/* PKIX compliance level For cert chks.*/
#CRYPT_OPTION_CERT_REQUIREPOLICY ; ;/* Whether explicit policy req'd for certs */
; ;/* CMS/SMIME options */
#CRYPT_OPTION_CMS_DEFAULTATTRIBUTES ; ;/* Add Default CMS attributes */
#CRYPT_OPTION_SMIME_DEFAULTATTRIBUTES = #CRYPT_OPTION_CMS_DEFAULTATTRIBUTES
; ;/* LDAP keyset options */
#CRYPT_OPTION_KEYS_LDAP_OBJECTCLASS ; ;/* Object class */
#CRYPT_OPTION_KEYS_LDAP_OBJECTTYPE ; ;/* Object type To fetch */
#CRYPT_OPTION_KEYS_LDAP_FILTER ; ;/* Query filter */
#CRYPT_OPTION_KEYS_LDAP_CACERTNAME ; ;/* CA certificate attribute name */
#CRYPT_OPTION_KEYS_LDAP_CERTNAME ; ;/* Certificate attribute name */
#CRYPT_OPTION_KEYS_LDAP_CRLNAME ; ;/* CRL attribute name */
#CRYPT_OPTION_KEYS_LDAP_EMAILNAME ; ;/* Email attribute name */
; ;/* Crypto device options */
#CRYPT_OPTION_DEVICE_PKCS11_DVR01 ; ;/* Name of first PKCS #11 driver */
#CRYPT_OPTION_DEVICE_PKCS11_DVR02 ; ;/* Name of second PKCS #11 driver */
#CRYPT_OPTION_DEVICE_PKCS11_DVR03 ; ;/* Name of third PKCS #11 driver */
#CRYPT_OPTION_DEVICE_PKCS11_DVR04 ; ;/* Name of fourth PKCS #11 driver */
#CRYPT_OPTION_DEVICE_PKCS11_DVR05 ; ;/* Name of fifth PKCS #11 driver */
#CRYPT_OPTION_DEVICE_PKCS11_HARDWAREONLY ; ;/* Use only hardware mechanisms */
; ;/* Network access options */
#CRYPT_OPTION_NET_SOCKS_SERVER ; ;/* Socks server name */
#CRYPT_OPTION_NET_SOCKS_USERNAME ; ;/* Socks user name */
#CRYPT_OPTION_NET_HTTP_PROXY ; ;/* Web proxy server */
#CRYPT_OPTION_NET_CONNECTTIMEOUT ; ;/* Timeout For network connection setup */
#CRYPT_OPTION_NET_READTIMEOUT ; ;/* Timeout For network reads */
#CRYPT_OPTION_NET_WRITETIMEOUT ; ;/* Timeout For network writes */
; ;/* Miscellaneous options */
#CRYPT_OPTION_MISC_ASYNCINIT ; ;/* Whether To init cryptlib async'ly */
#CRYPT_OPTION_MISC_SIDECHANNELPROTECTION ; ;/* Protect against side-channel attacks */
; ;/* cryptlib state information */
#CRYPT_OPTION_CONFIGCHANGED ; ;/* Whether in-mem.opts match on-disk ones */
#CRYPT_OPTION_SELFTESTOK ; ;/* Whether self-test was completed And OK */
; ;/* Used internally */
#CRYPT_OPTION_LAST
#CRYPT_CTXINFO_FIRST = 1000
; ;/**********************/
; ;/* Context attributes */
; ;/**********************/
; ;/* Algorithm And mode information */
#CRYPT_CTXINFO_ALGO ; ;/* Algorithm */
#CRYPT_CTXINFO_MODE ; ;/* Mode */
#CRYPT_CTXINFO_NAME_ALGO ; ;/* Algorithm name */
#CRYPT_CTXINFO_NAME_MODE ; ;/* Mode name */
#CRYPT_CTXINFO_KEYSIZE ; ;/* Key size in bytes */
#CRYPT_CTXINFO_BLOCKSIZE ; ;/* Block size */
#CRYPT_CTXINFO_IVSIZE ; ;/* IV size */
#CRYPT_CTXINFO_KEYING_ALGO ; ;/* Key processing algorithm */
#CRYPT_CTXINFO_KEYING_ITERATIONS ; ;/* Key processing iterations */
#CRYPT_CTXINFO_KEYING_SALT ; ;/* Key processing salt */
#CRYPT_CTXINFO_KEYING_VALUE ; ;/* Value used To derive key */
; ;/* State information */
#CRYPT_CTXINFO_KEY ; ;/* Key */
#CRYPT_CTXINFO_KEY_COMPONENTS ; ;/* Public-key components */
#CRYPT_CTXINFO_IV ; ;/* IV */
#CRYPT_CTXINFO_HASHVALUE ; ;/* Hash value */
; ;/* Misc.information */
#CRYPT_CTXINFO_LABEL ; ;/* Label For private/secret key */
#CRYPT_CTXINFO_PERSISTENT ; ;/* Obj.is backed by device Or keyset */
; ;/* Used internally */
#CRYPT_CTXINFO_LAST
#CRYPT_CERTINFO_FIRST = 2000
; ;/**************************/
; ;/* Certificate attributes */
; ;/**************************/
; ;/* Because there are so many cert attributes we Break them down into
; blocks To minimise the number of values that change If a new one is
; added halfway through */
; ;/* Pseudo-information on a cert object Or meta-information which is used
; To control the way that a cert object is processed */
#CRYPT_CERTINFO_SELFSIGNED ; ;/* Cert is self-signed */
#CRYPT_CERTINFO_IMMUTABLE ; ;/* Cert is signed And immutable */
#CRYPT_CERTINFO_XYZZY ; ;/* Cert is a magic just-works cert */
#CRYPT_CERTINFO_CERTTYPE ; ;/* Certificate object type */
#CRYPT_CERTINFO_FINGERPRINT ; ;/* Certificate fingerprints */
#CRYPT_CERTINFO_FINGERPRINT_MD5 = #CRYPT_CERTINFO_FINGERPRINT
#CRYPT_CERTINFO_FINGERPRINT_SHA
;#if 0 ; ;/* Not enabled Until the Next minor-version rev */
#CRYPT_CERTINFO_FINGERPRINT_SHA2
#CRYPT_CERTINFO_FINGERPRINT_SHAng
;#endif ; ;/* 0 */
#CRYPT_CERTINFO_CURRENT_CERTIFICATE ; ;/* Cursor mgt: Rel.pos in chain/CRL/OCSP */
#CRYPT_CERTINFO_TRUSTED_USAGE ; ;/* Usage that cert is trusted For */
#CRYPT_CERTINFO_TRUSTED_IMPLICIT ; ;/* Whether cert is implicitly trusted */
#CRYPT_CERTINFO_SIGNATURELEVEL ; ;/* Amount of detail To include in sigs.*/
; ;/* General certificate object information */
#CRYPT_CERTINFO_VERSION ; ;/* Cert.format version */
#CRYPT_CERTINFO_SERIALNUMBER ; ;/* Serial number */
#CRYPT_CERTINFO_SUBJECTPUBLICKEYINFO ; ;/* Public key */
#CRYPT_CERTINFO_CERTIFICATE ; ;/* User certificate */
#CRYPT_CERTINFO_USERCERTIFICATE = #CRYPT_CERTINFO_CERTIFICATE
#CRYPT_CERTINFO_CACERTIFICATE ; ;/* CA certificate */
#CRYPT_CERTINFO_ISSUERNAME ; ;/* Issuer DN */
#CRYPT_CERTINFO_VALIDFROM ; ;/* Cert valid-from time */
#CRYPT_CERTINFO_VALIDTO ; ;/* Cert valid-To time */
#CRYPT_CERTINFO_SUBJECTNAME ; ;/* Subject DN */
#CRYPT_CERTINFO_ISSUERUNIQUEID ; ;/* Issuer unique ID */
#CRYPT_CERTINFO_SUBJECTUNIQUEID ; ;/* Subject unique ID */
#CRYPT_CERTINFO_CERTREQUEST ; ;/* Cert.request (DN + public key) */
#CRYPT_CERTINFO_THISUPDATE ; ;/* CRL/OCSP current-update time */
#CRYPT_CERTINFO_NEXTUPDATE ; ;/* CRL/OCSP Next-update time */
#CRYPT_CERTINFO_REVOCATIONDATE ; ;/* CRL/OCSP cert-revocation time */
#CRYPT_CERTINFO_REVOCATIONSTATUS ; ;/* OCSP revocation status */
#CRYPT_CERTINFO_CERTSTATUS ; ;/* RTCS certificate status */
#CRYPT_CERTINFO_DN ; ;/* Currently selected DN in string form */
#CRYPT_CERTINFO_PKIUSER_ID ; ;/* PKI user ID */
#CRYPT_CERTINFO_PKIUSER_ISSUEPASSWORD ; ;/* PKI user issue password */
#CRYPT_CERTINFO_PKIUSER_REVPASSWORD ; ;/* PKI user revocation password */
; ;/* X.520 Distinguished Name components. This is a composite field the
; DN To be manipulated is selected through the addition of a
; pseudocomponent And then one of the following is used To access the
; DN components directly */
#CRYPT_CERTINFO_COUNTRYNAME = #CRYPT_CERTINFO_FIRST + 100 ; ;/* countryName */
#CRYPT_CERTINFO_STATEORPROVINCENAME ; ;/* stateOrProvinceName */
#CRYPT_CERTINFO_LOCALITYNAME ; ;/* localityName */
#CRYPT_CERTINFO_ORGANIZATIONNAME ; ;/* organizationName */
#CRYPT_CERTINFO_ORGANISATIONNAME = #CRYPT_CERTINFO_ORGANIZATIONNAME
#CRYPT_CERTINFO_ORGANIZATIONALUNITNAME ; ;/* organizationalUnitName */
#CRYPT_CERTINFO_ORGANISATIONALUNITNAME = #CRYPT_CERTINFO_ORGANIZATIONALUNITNAME
#CRYPT_CERTINFO_COMMONNAME ; ;/* commonName */
; ;/* X.509 General Name components. These are handled in the same way As
; the DN composite field With the current GeneralName being selected by
; a pseudo-component after which the individual components can be
; modified through one of the following */
#CRYPT_CERTINFO_OTHERNAME_TYPEID ; ;/* otherName.typeID */
#CRYPT_CERTINFO_OTHERNAME_VALUE ; ;/* otherName.value */
#CRYPT_CERTINFO_RFC822NAME ; ;/* rfc822Name */
#CRYPT_CERTINFO_EMAIL = #CRYPT_CERTINFO_RFC822NAME
#CRYPT_CERTINFO_DNSNAME ; ;/* dNSName */
;#if 0 ; ;/* Not supported these are never used in practice And have an
; insane internal Structure */
#CRYPT_CERTINFO_X400ADDRESS ; ;/* x400Address */;
;#endif ; ;/* 0 */
#CRYPT_CERTINFO_DIRECTORYNAME ; ;/* directoryName */
#CRYPT_CERTINFO_EDIPARTYNAME_NAMEASSIGNER ; ;/* ediPartyName.nameAssigner */
#CRYPT_CERTINFO_EDIPARTYNAME_PARTYNAME ; ;/* ediPartyName.partyName */
#CRYPT_CERTINFO_UNIFORMRESOURCEIDENTIFIER ; ;/* uniformResourceIdentifier */
#CRYPT_CERTINFO_IPADDRESS ; ;/* iPAddress */
#CRYPT_CERTINFO_REGISTEREDID ; ;/* registeredID */
; ; ;/* X.509 certificate extensions. Although it would be nicer To use names
; that match the extensions more closely (e.g.
; #CRYPT_CERTINFO_BASICCONSTRAINTS_PATHLENCONSTRAINT) these exceed the
; 32-character ANSI minimum length For unique names And get really
; hairy once you get into the weird policy constraints extensions whose
; names wrap around the screen about three times.;
; The following values are defined in OID order this isn't absolutely
; necessary but saves an extra layer of processing when encoding them */
; ;/* 1 2 840 113549 1 9 7 challengePassword. This is here even though it's
; a CMS attribute because SCEP stuffs it into PKCS #10 requests */
#CRYPT_CERTINFO_CHALLENGEPASSWORD = #CRYPT_CERTINFO_FIRST + 200
; ;/* 1 3 6 1 4 1 3029 3 1 4 cRLExtReason */
#CRYPT_CERTINFO_CRLEXTREASON
; ;/* 1 3 6 1 4 1 3029 3 1 5 keyFeatures */
#CRYPT_CERTINFO_KEYFEATURES
; ;/* 1 3 6 1 5 5 7 1 1 authorityInfoAccess */
#CRYPT_CERTINFO_AUTHORITYINFOACCESS
#CRYPT_CERTINFO_AUTHORITYINFO_RTCS ; ;/* accessDescription.accessLocation */
#CRYPT_CERTINFO_AUTHORITYINFO_OCSP ; ;/* accessDescription.accessLocation */
#CRYPT_CERTINFO_AUTHORITYINFO_CAISSUERS ; ;/* accessDescription.accessLocation */
#CRYPT_CERTINFO_AUTHORITYINFO_CERTSTORE ; ;/* accessDescription.accessLocation */
#CRYPT_CERTINFO_AUTHORITYINFO_CRLS ; ;/* accessDescription.accessLocation */
; ;/* 1 3 6 1 5 5 7 1 2 biometricInfo */
#CRYPT_CERTINFO_BIOMETRICINFO
#CRYPT_CERTINFO_BIOMETRICINFO_TYPE ; ;/* biometricData.typeOfData */
#CRYPT_CERTINFO_BIOMETRICINFO_HASHALGO ; ;/* biometricData.hashAlgorithm */
#CRYPT_CERTINFO_BIOMETRICINFO_HASH ; ;/* biometricData.dataHash */
#CRYPT_CERTINFO_BIOMETRICINFO_URL ; ;/* biometricData.sourceDataUri */
; ;/* 1 3 6 1 5 5 7 1 3 qcStatements */
#CRYPT_CERTINFO_QCSTATEMENT
#CRYPT_CERTINFO_QCSTATEMENT_SEMANTICS
; ;/* qcStatement.statementInfo.semanticsIdentifier */
#CRYPT_CERTINFO_QCSTATEMENT_REGISTRATIONAUTHORITY
; ;/* qcStatement.statementInfo.nameRegistrationAuthorities */
; ;/* 1 3 6 1 5 5 7 48 1 2 ocspNonce */
#CRYPT_CERTINFO_OCSP_NONCE ; ;/* nonce */
; ;/* 1 3 6 1 5 5 7 48 1 4 ocspAcceptableResponses */
#CRYPT_CERTINFO_OCSP_RESPONSE
#CRYPT_CERTINFO_OCSP_RESPONSE_OCSP ; ;/* OCSP standard response */
; ;/* 1 3 6 1 5 5 7 48 1 5 ocspNoCheck */
#CRYPT_CERTINFO_OCSP_NOCHECK
; ;/* 1 3 6 1 5 5 7 48 1 6 ocspArchiveCutoff */
#CRYPT_CERTINFO_OCSP_ARCHIVECUTOFF
; ;/* 1 3 6 1 5 5 7 48 1 11 subjectInfoAccess */
#CRYPT_CERTINFO_SUBJECTINFOACCESS
#CRYPT_CERTINFO_SUBJECTINFO_CAREPOSITORY ; ;/* accessDescription.accessLocation */
#CRYPT_CERTINFO_SUBJECTINFO_TIMESTAMPING ; ;/* accessDescription.accessLocation */
; ;/* 1 3 36 8 3 1 siggDateOfCertGen */
#CRYPT_CERTINFO_SIGG_DATEOFCERTGEN
; ;/* 1 3 36 8 3 2 siggProcuration */
#CRYPT_CERTINFO_SIGG_PROCURATION
#CRYPT_CERTINFO_SIGG_PROCURE_COUNTRY ; ;/* country */
#CRYPT_CERTINFO_SIGG_PROCURE_TYPEOFSUBSTITUTION ; ;/* typeOfSubstitution */
#CRYPT_CERTINFO_SIGG_PROCURE_SIGNINGFOR ; ;/* signingFor.thirdPerson */
; ;/* 1 3 36 8 3 4 siggMonetaryLimit */
#CRYPT_CERTINFO_SIGG_MONETARYLIMIT
#CRYPT_CERTINFO_SIGG_MONETARY_CURRENCY ; ;/* currency */
#CRYPT_CERTINFO_SIGG_MONETARY_AMOUNT ; ;/* amount */
#CRYPT_CERTINFO_SIGG_MONETARY_EXPONENT ; ;/* exponent */
; ;/* 1 3 36 8 3 8 siggRestriction */
#CRYPT_CERTINFO_SIGG_RESTRICTION
; ;/* 1 3 101 1 4 1 strongExtranet */
#CRYPT_CERTINFO_STRONGEXTRANET
#CRYPT_CERTINFO_STRONGEXTRANET_ZONE ; ;/* sxNetIDList.sxNetID.zone */
#CRYPT_CERTINFO_STRONGEXTRANET_ID ; ;/* sxNetIDList.sxNetID.id */
; ;/* 2 5 29 9 subjectDirectoryAttributes */
#CRYPT_CERTINFO_SUBJECTDIRECTORYATTRIBUTES
#CRYPT_CERTINFO_SUBJECTDIR_TYPE ; ;/* attribute.type */
#CRYPT_CERTINFO_SUBJECTDIR_VALUES ; ;/* attribute.values */
; ;/* 2 5 29 14 subjectKeyIdentifier */
#CRYPT_CERTINFO_SUBJECTKEYIDENTIFIER
; ;/* 2 5 29 15 keyUsage */
#CRYPT_CERTINFO_KEYUSAGE
; ;/* 2 5 29 16 privateKeyUsagePeriod */
#CRYPT_CERTINFO_PRIVATEKEYUSAGEPERIOD
#CRYPT_CERTINFO_PRIVATEKEY_NOTBEFORE ; ;/* notBefore */
#CRYPT_CERTINFO_PRIVATEKEY_NOTAFTER ; ;/* notAfter */
; ;/* 2 5 29 17 subjectAltName */
#CRYPT_CERTINFO_SUBJECTALTNAME
; ;/* 2 5 29 18 issuerAltName */
#CRYPT_CERTINFO_ISSUERALTNAME
; ;/* 2 5 29 19 basicConstraints */
#CRYPT_CERTINFO_BASICCONSTRAINTS
#CRYPT_CERTINFO_CA ; ;/* cA */
#CRYPT_CERTINFO_AUTHORITY = #CRYPT_CERTINFO_CA
#CRYPT_CERTINFO_PATHLENCONSTRAINT ; ;/* pathLenConstraint */
; ;/* 2 5 29 20 cRLNumber */
#CRYPT_CERTINFO_CRLNUMBER
; ;/* 2 5 29 21 cRLReason */
#CRYPT_CERTINFO_CRLREASON
; ;/* 2 5 29 23 holdInstructionCode */
#CRYPT_CERTINFO_HOLDINSTRUCTIONCODE
; ;/* 2 5 29 24 invalidityDate */
#CRYPT_CERTINFO_INVALIDITYDATE
; ;/* 2 5 29 27 deltaCRLIndicator */
#CRYPT_CERTINFO_DELTACRLINDICATOR
; ;/* 2 5 29 28 issuingDistributionPoint */
#CRYPT_CERTINFO_ISSUINGDISTRIBUTIONPOINT
#CRYPT_CERTINFO_ISSUINGDIST_FULLNAME ; ;/* distributionPointName.fullName */
#CRYPT_CERTINFO_ISSUINGDIST_USERCERTSONLY ; ;/* onlyContainsUserCerts */
#CRYPT_CERTINFO_ISSUINGDIST_CACERTSONLY ; ;/* onlyContainsCACerts */
#CRYPT_CERTINFO_ISSUINGDIST_SOMEREASONSONLY ; ;/* onlySomeReasons */
#CRYPT_CERTINFO_ISSUINGDIST_INDIRECTCRL ; ;/* indirectCRL */
; ;/* 2 5 29 29 certificateIssuer */
#CRYPT_CERTINFO_CERTIFICATEISSUER
; ;/* 2 5 29 30 nameConstraints */
#CRYPT_CERTINFO_NAMECONSTRAINTS
#CRYPT_CERTINFO_PERMITTEDSUBTREES ; ;/* permittedSubtrees */
#CRYPT_CERTINFO_EXCLUDEDSUBTREES ; ;/* excludedSubtrees */
; ;/* 2 5 29 31 cRLDistributionPoint */
#CRYPT_CERTINFO_CRLDISTRIBUTIONPOINT
#CRYPT_CERTINFO_CRLDIST_FULLNAME ; ;/* distributionPointName.fullName */
#CRYPT_CERTINFO_CRLDIST_REASONS ; ;/* reasons */
#CRYPT_CERTINFO_CRLDIST_CRLISSUER ; ;/* cRLIssuer */
; ;/* 2 5 29 32 certificatePolicies */
#CRYPT_CERTINFO_CERTIFICATEPOLICIES
#CRYPT_CERTINFO_CERTPOLICYID ; ;/* policyInformation.policyIdentifier */
#CRYPT_CERTINFO_CERTPOLICY_CPSURI
; ;/* policyInformation.policyQualifiers.qualifier.cPSuri */
#CRYPT_CERTINFO_CERTPOLICY_ORGANIZATION
; ;/* policyInformation.policyQualifiers.qualifier.userNotice.noticeRef.organization */
#CRYPT_CERTINFO_CERTPOLICY_NOTICENUMBERS
; ;/* policyInformation.policyQualifiers.qualifier.userNotice.noticeRef.noticeNumbers */
#CRYPT_CERTINFO_CERTPOLICY_EXPLICITTEXT
; ;/* policyInformation.policyQualifiers.qualifier.userNotice.explicitText */
; ;/* 2 5 29 33 policyMappings */
#CRYPT_CERTINFO_POLICYMAPPINGS
#CRYPT_CERTINFO_ISSUERDOMAINPOLICY ; ;/* policyMappings.issuerDomainPolicy */
#CRYPT_CERTINFO_SUBJECTDOMAINPOLICY ; ;/* policyMappings.subjectDomainPolicy */
; ;/* 2 5 29 35 authorityKeyIdentifier */
#CRYPT_CERTINFO_AUTHORITYKEYIDENTIFIER
#CRYPT_CERTINFO_AUTHORITY_KEYIDENTIFIER ; ;/* keyIdentifier */
#CRYPT_CERTINFO_AUTHORITY_CERTISSUER ; ;/* authorityCertIssuer */
#CRYPT_CERTINFO_AUTHORITY_CERTSERIALNUMBER ; ;/* authorityCertSerialNumber */
; ;/* 2 5 29 36 policyConstraints */
#CRYPT_CERTINFO_POLICYCONSTRAINTS
#CRYPT_CERTINFO_REQUIREEXPLICITPOLICY ; ;/* policyConstraints.requireExplicitPolicy */
#CRYPT_CERTINFO_INHIBITPOLICYMAPPING ; ;/* policyConstraints.inhibitPolicyMapping */
; ;/* 2 5 29 37 extKeyUsage */
#CRYPT_CERTINFO_EXTKEYUSAGE
#CRYPT_CERTINFO_EXTKEY_MS_INDIVIDUALCODESIGNING ; ;/* individualCodeSigning */
#CRYPT_CERTINFO_EXTKEY_MS_COMMERCIALCODESIGNING ; ;/* commercialCodeSigning */
#CRYPT_CERTINFO_EXTKEY_MS_CERTTRUSTLISTSIGNING ; ;/* certTrustListSigning */
#CRYPT_CERTINFO_EXTKEY_MS_TIMESTAMPSIGNING ; ;/* timeStampSigning */
#CRYPT_CERTINFO_EXTKEY_MS_SERVERGATEDCRYPTO ; ;/* serverGatedCrypto */
#CRYPT_CERTINFO_EXTKEY_MS_ENCRYPTEDFILESYSTEM ; ;/* encrypedFileSystem */
#CRYPT_CERTINFO_EXTKEY_SERVERAUTH ; ;/* serverAuth */
#CRYPT_CERTINFO_EXTKEY_CLIENTAUTH ; ;/* clientAuth */
#CRYPT_CERTINFO_EXTKEY_CODESIGNING ; ;/* codeSigning */
#CRYPT_CERTINFO_EXTKEY_EMAILPROTECTION ; ;/* emailProtection */
#CRYPT_CERTINFO_EXTKEY_IPSECENDSYSTEM ; ;/* ipsecEndSystem */
#CRYPT_CERTINFO_EXTKEY_IPSECTUNNEL ; ;/* ipsecTunnel */
#CRYPT_CERTINFO_EXTKEY_IPSECUSER ; ;/* ipsecUser */
#CRYPT_CERTINFO_EXTKEY_TIMESTAMPING ; ;/* timeStamping */
#CRYPT_CERTINFO_EXTKEY_OCSPSIGNING ; ;/* ocspSigning */
#CRYPT_CERTINFO_EXTKEY_DIRECTORYSERVICE ; ;/* directoryService */
#CRYPT_CERTINFO_EXTKEY_ANYKEYUSAGE ; ;/* anyExtendedKeyUsage */
#CRYPT_CERTINFO_EXTKEY_NS_SERVERGATEDCRYPTO ; ;/* serverGatedCrypto */
#CRYPT_CERTINFO_EXTKEY_VS_SERVERGATEDCRYPTO_CA ; ;/* serverGatedCrypto CA */
; ;/* 2 5 29 46 freshestCRL */
#CRYPT_CERTINFO_FRESHESTCRL
#CRYPT_CERTINFO_FRESHESTCRL_FULLNAME ; ;/* distributionPointName.fullName */
#CRYPT_CERTINFO_FRESHESTCRL_REASONS ; ;/* reasons */
#CRYPT_CERTINFO_FRESHESTCRL_CRLISSUER ; ;/* cRLIssuer */
; ;/* 2 5 29 54 inhibitAnyPolicy */
#CRYPT_CERTINFO_INHIBITANYPOLICY
; ;/* 2 16 840 1 113730 1 x Netscape extensions */
#CRYPT_CERTINFO_NS_CERTTYPE ; ;/* netscape-cert-type */
#CRYPT_CERTINFO_NS_BASEURL ; ;/* netscape-base-url */
#CRYPT_CERTINFO_NS_REVOCATIONURL ; ;/* netscape-revocation-url */
#CRYPT_CERTINFO_NS_CAREVOCATIONURL ; ;/* netscape-ca-revocation-url */
#CRYPT_CERTINFO_NS_CERTRENEWALURL ; ;/* netscape-cert-renewal-url */
#CRYPT_CERTINFO_NS_CAPOLICYURL ; ;/* netscape-ca-policy-url */
#CRYPT_CERTINFO_NS_SSLSERVERNAME ; ;/* netscape-ssl-server-name */
#CRYPT_CERTINFO_NS_COMMENT ; ;/* netscape-comment */
; ;/* 2 23 42 7 0 SET hashedRootKey */
#CRYPT_CERTINFO_SET_HASHEDROOTKEY
#CRYPT_CERTINFO_SET_ROOTKEYTHUMBPRINT ; ;/* rootKeyThumbPrint */
; ;/* 2 23 42 7 1 SET certificateType */
#CRYPT_CERTINFO_SET_CERTIFICATETYPE
; ;/* 2 23 42 7 2 SET merchantData */
#CRYPT_CERTINFO_SET_MERCHANTDATA
#CRYPT_CERTINFO_SET_MERID ; ;/* merID */
#CRYPT_CERTINFO_SET_MERACQUIRERBIN ; ;/* merAcquirerBIN */
#CRYPT_CERTINFO_SET_MERCHANTLANGUAGE ; ;/* merNames.language */
#CRYPT_CERTINFO_SET_MERCHANTNAME ; ;/* merNames.name */
#CRYPT_CERTINFO_SET_MERCHANTCITY ; ;/* merNames.city */
#CRYPT_CERTINFO_SET_MERCHANTSTATEPROVINCE ; ;/* merNames.stateProvince */
#CRYPT_CERTINFO_SET_MERCHANTPOSTALCODE ; ;/* merNames.postalCode */
#CRYPT_CERTINFO_SET_MERCHANTCOUNTRYNAME ; ;/* merNames.countryName */
#CRYPT_CERTINFO_SET_MERCOUNTRY ; ;/* merCountry */
#CRYPT_CERTINFO_SET_MERAUTHFLAG ; ;/* merAuthFlag */
; ;/* 2 23 42 7 3 SET certCardRequired */
#CRYPT_CERTINFO_SET_CERTCARDREQUIRED
; ;/* 2 23 42 7 4 SET tunneling */
#CRYPT_CERTINFO_SET_TUNNELING
#CRYPT_CERTINFO_SET_TUNNELLING = #CRYPT_CERTINFO_SET_TUNNELING
#CRYPT_CERTINFO_SET_TUNNELINGFLAG ; ;/* tunneling */
#CRYPT_CERTINFO_SET_TUNNELLINGFLAG = #CRYPT_CERTINFO_SET_TUNNELINGFLAG
#CRYPT_CERTINFO_SET_TUNNELINGALGID ; ;/* tunnelingAlgID */
#CRYPT_CERTINFO_SET_TUNNELLINGALGID = #CRYPT_CERTINFO_SET_TUNNELINGALGID
; ;/* S/MIME attributes */
; ;/* 1 2 840 113549 1 9 3 contentType */
#CRYPT_CERTINFO_CMS_CONTENTTYPE = #CRYPT_CERTINFO_FIRST + 500
; ;/* 1 2 840 113549 1 9 4 messageDigest */
#CRYPT_CERTINFO_CMS_MESSAGEDIGEST
; ;/* 1 2 840 113549 1 9 5 signingTime */
#CRYPT_CERTINFO_CMS_SIGNINGTIME
; ;/* 1 2 840 113549 1 9 6 counterSignature */
#CRYPT_CERTINFO_CMS_COUNTERSIGNATURE ; ;/* counterSignature */
; ;/* 1 2 840 113549 1 9 13 signingDescription */
#CRYPT_CERTINFO_CMS_SIGNINGDESCRIPTION
; ;/* 1 2 840 113549 1 9 15 sMIMECapabilities */
#CRYPT_CERTINFO_CMS_SMIMECAPABILITIES
#CRYPT_CERTINFO_CMS_SMIMECAP_3DES ; ;/* 3DES encryption */
#CRYPT_CERTINFO_CMS_SMIMECAP_AES ; ;/* AES encryption */
#CRYPT_CERTINFO_CMS_SMIMECAP_CAST128 ; ;/* CAST-128 encryption */
#CRYPT_CERTINFO_CMS_SMIMECAP_IDEA ; ;/* IDEA encryption */
#CRYPT_CERTINFO_CMS_SMIMECAP_RC2 ; ;/* RC2 encryption (w.128 key) */
#CRYPT_CERTINFO_CMS_SMIMECAP_RC5 ; ;/* RC5 encryption (w.128 key) */
#CRYPT_CERTINFO_CMS_SMIMECAP_SKIPJACK ; ;/* Skipjack encryption */
#CRYPT_CERTINFO_CMS_SMIMECAP_DES ; ;/* DES encryption */
#CRYPT_CERTINFO_CMS_SMIMECAP_PREFERSIGNEDDATA ; ;/* preferSignedData */
#CRYPT_CERTINFO_CMS_SMIMECAP_CANNOTDECRYPTANY ; ;/* canNotDecryptAny */
; ;/* 1 2 840 113549 1 9 16 2 1 receiptRequest */
#CRYPT_CERTINFO_CMS_RECEIPTREQUEST
#CRYPT_CERTINFO_CMS_RECEIPT_CONTENTIDENTIFIER ; ;/* contentIdentifier */
#CRYPT_CERTINFO_CMS_RECEIPT_FROM ; ;/* receiptsFrom */
#CRYPT_CERTINFO_CMS_RECEIPT_TO ; ;/* receiptsTo */
; ;/* 1 2 840 113549 1 9 16 2 2 essSecurityLabel */
#CRYPT_CERTINFO_CMS_SECURITYLABEL
#CRYPT_CERTINFO_CMS_SECLABEL_POLICY ; ;/* securityPolicyIdentifier */
#CRYPT_CERTINFO_CMS_SECLABEL_CLASSIFICATION ; ;/* securityClassification */
#CRYPT_CERTINFO_CMS_SECLABEL_PRIVACYMARK ; ;/* privacyMark */
#CRYPT_CERTINFO_CMS_SECLABEL_CATTYPE ; ;/* securityCategories.securityCategory.type */
#CRYPT_CERTINFO_CMS_SECLABEL_CATVALUE ; ;/* securityCategories.securityCategory.value */
; ;/* 1 2 840 113549 1 9 16 2 3 mlExpansionHistory */
#CRYPT_CERTINFO_CMS_MLEXPANSIONHISTORY
#CRYPT_CERTINFO_CMS_MLEXP_ENTITYIDENTIFIER ; ;/* mlData.mailListIdentifier.issuerAndSerialNumber */
#CRYPT_CERTINFO_CMS_MLEXP_TIME ; ;/* mlData.expansionTime */
#CRYPT_CERTINFO_CMS_MLEXP_NONE ; ;/* mlData.mlReceiptPolicy.none */
#CRYPT_CERTINFO_CMS_MLEXP_INSTEADOF ; ;/* mlData.mlReceiptPolicy.insteadOf.generalNames.generalName */
#CRYPT_CERTINFO_CMS_MLEXP_INADDITIONTO ; ;/* mlData.mlReceiptPolicy.inAdditionTo.generalNames.generalName */
; ;/* 1 2 840 113549 1 9 16 2 4 contentHints */
#CRYPT_CERTINFO_CMS_CONTENTHINTS
#CRYPT_CERTINFO_CMS_CONTENTHINT_DESCRIPTION ; ;/* contentDescription */
#CRYPT_CERTINFO_CMS_CONTENTHINT_TYPE ; ;/* contentType */
; ;/* 1 2 840 113549 1 9 16 2 9 equivalentLabels */
#CRYPT_CERTINFO_CMS_EQUIVALENTLABEL
#CRYPT_CERTINFO_CMS_EQVLABEL_POLICY ; ;/* securityPolicyIdentifier */
#CRYPT_CERTINFO_CMS_EQVLABEL_CLASSIFICATION ; ;/* securityClassification */
#CRYPT_CERTINFO_CMS_EQVLABEL_PRIVACYMARK ; ;/* privacyMark */
#CRYPT_CERTINFO_CMS_EQVLABEL_CATTYPE ; ;/* securityCategories.securityCategory.type */
#CRYPT_CERTINFO_CMS_EQVLABEL_CATVALUE ; ;/* securityCategories.securityCategory.value */
; ;/* 1 2 840 113549 1 9 16 2 12 signingCertificate */
#CRYPT_CERTINFO_CMS_SIGNINGCERTIFICATE
#CRYPT_CERTINFO_CMS_SIGNINGCERT_ESSCERTID ; ;/* certs.essCertID */
#CRYPT_CERTINFO_CMS_SIGNINGCERT_POLICIES ; ;/* policies.policyInformation.policyIdentifier */
; ;/* 1 2 840 113549 1 9 16 2 15 signaturePolicyID */
#CRYPT_CERTINFO_CMS_SIGNATUREPOLICYID
#CRYPT_CERTINFO_CMS_SIGPOLICYID ; ;/* sigPolicyID */
#CRYPT_CERTINFO_CMS_SIGPOLICYHASH ; ;/* sigPolicyHash */
#CRYPT_CERTINFO_CMS_SIGPOLICY_CPSURI ; ;/* sigPolicyQualifiers.sigPolicyQualifier.cPSuri */
#CRYPT_CERTINFO_CMS_SIGPOLICY_ORGANIZATION
; ;/* sigPolicyQualifiers.sigPolicyQualifier.userNotice.noticeRef.organization */
#CRYPT_CERTINFO_CMS_SIGPOLICY_NOTICENUMBERS
; ;/* sigPolicyQualifiers.sigPolicyQualifier.userNotice.noticeRef.noticeNumbers */
#CRYPT_CERTINFO_CMS_SIGPOLICY_EXPLICITTEXT
; ;/* sigPolicyQualifiers.sigPolicyQualifier.userNotice.explicitText */
; ;/* 1 2 840 113549 1 9 16 9 signatureTypeIdentifier */
#CRYPT_CERTINFO_CMS_SIGTYPEIDENTIFIER
#CRYPT_CERTINFO_CMS_SIGTYPEID_ORIGINATORSIG ; ;/* originatorSig */
#CRYPT_CERTINFO_CMS_SIGTYPEID_DOMAINSIG ; ;/* domainSig */
#CRYPT_CERTINFO_CMS_SIGTYPEID_ADDITIONALATTRIBUTES ; ;/* additionalAttributesSig */
#CRYPT_CERTINFO_CMS_SIGTYPEID_REVIEWSIG ; ;/* reviewSig */
; ;/* 1 2 840 113549 1 9 25 3 randomNonce */
#CRYPT_CERTINFO_CMS_NONCE ; ;/* randomNonce */
; ;/* SCEP attributes:
; 2 16 840 1 113733 1 9 2 messageType
; 2 16 840 1 113733 1 9 3 pkiStatus
; 2 16 840 1 113733 1 9 4 failInfo
; 2 16 840 1 113733 1 9 5 senderNonce
; 2 16 840 1 113733 1 9 6 recipientNonce
; 2 16 840 1 113733 1 9 7 transID */
#CRYPT_CERTINFO_SCEP_MESSAGETYPE ; ;/* messageType */
#CRYPT_CERTINFO_SCEP_PKISTATUS ; ;/* pkiStatus */
#CRYPT_CERTINFO_SCEP_FAILINFO ; ;/* failInfo */
#CRYPT_CERTINFO_SCEP_SENDERNONCE ; ;/* senderNonce */
#CRYPT_CERTINFO_SCEP_RECIPIENTNONCE ; ;/* recipientNonce */
#CRYPT_CERTINFO_SCEP_TRANSACTIONID ; ;/* transID */
; ;/* 1 3 6 1 4 1 311 2 1 10 spcAgencyInfo */
#CRYPT_CERTINFO_CMS_SPCAGENCYINFO
#CRYPT_CERTINFO_CMS_SPCAGENCYURL ; ;/* spcAgencyInfo.url */
; ;/* 1 3 6 1 4 1 311 2 1 11 spcStatementType */
#CRYPT_CERTINFO_CMS_SPCSTATEMENTTYPE
#CRYPT_CERTINFO_CMS_SPCSTMT_INDIVIDUALCODESIGNING ; ;/* individualCodeSigning */
#CRYPT_CERTINFO_CMS_SPCSTMT_COMMERCIALCODESIGNING ; ;/* commercialCodeSigning */
; ;/* 1 3 6 1 4 1 311 2 1 12 spcOpusInfo */
#CRYPT_CERTINFO_CMS_SPCOPUSINFO
#CRYPT_CERTINFO_CMS_SPCOPUSINFO_NAME ; ;/* spcOpusInfo.name */
#CRYPT_CERTINFO_CMS_SPCOPUSINFO_URL ; ;/* spcOpusInfo.url */
; ;/* Used internally */
#CRYPT_CERTINFO_LAST
#CRYPT_KEYINFO_FIRST = 3000
; ;/*********************/
; ;/* Keyset attributes */
; ;/*********************/
#CRYPT_KEYINFO_QUERY ; ;/* Keyset query */
#CRYPT_KEYINFO_QUERY_REQUESTS ; ;/* Query of requests in cert store */
; ;/* Used internally */
#CRYPT_KEYINFO_LAST
#CRYPT_DEVINFO_FIRST = 4000
; ;/*********************/
; ;/* Device attributes */
; ;/*********************/
#CRYPT_DEVINFO_INITIALISE ; ;/* Initialise device For use */
#CRYPT_DEVINFO_INITIALIZE = #CRYPT_DEVINFO_INITIALISE
#CRYPT_DEVINFO_AUTHENT_USER ; ;/* Authenticate user To device */
#CRYPT_DEVINFO_AUTHENT_SUPERVISOR ; ;/* Authenticate supervisor To dev.*/
#CRYPT_DEVINFO_SET_AUTHENT_USER ; ;/* Set user authent.value */
#CRYPT_DEVINFO_SET_AUTHENT_SUPERVISOR ; ;/* Set supervisor auth.val.*/
#CRYPT_DEVINFO_ZEROISE ; ;/* Zeroise device */
#CRYPT_DEVINFO_ZEROIZE = #CRYPT_DEVINFO_ZEROISE
#CRYPT_DEVINFO_LOGGEDIN ; ;/* Whether user is logged in */
#CRYPT_DEVINFO_LABEL ; ;/* Device/token label */
; ;/* Used internally */
#CRYPT_DEVINFO_LAST
#CRYPT_ENVINFO_FIRST = 5000
; ;/***********************/
; ;/* Envelope attributes */
; ;/***********************/
; ;/* Pseudo-information on an envelope Or meta-information which is used To
; control the way that Data in an envelope is processed */
#CRYPT_ENVINFO_DATASIZE ; ;/* Data size information */
#CRYPT_ENVINFO_COMPRESSION ; ;/* Compression information */
#CRYPT_ENVINFO_CONTENTTYPE ; ;/* Inner CMS content type */
#CRYPT_ENVINFO_DETACHEDSIGNATURE ; ;/* Detached signature */
#CRYPT_ENVINFO_SIGNATURE_RESULT ; ;/* Signature check result */
#CRYPT_ENVINFO_INTEGRITY ; ;/* Integrity-protection level */
; ;/* Resources required For enveloping/deenveloping */
#CRYPT_ENVINFO_PASSWORD ; ;/* User password */
#CRYPT_ENVINFO_KEY ; ;/* Conventional encryption key */
#CRYPT_ENVINFO_SIGNATURE ; ;/* Signature/signature check key */
#CRYPT_ENVINFO_SIGNATURE_EXTRADATA ; ;/* Extra information added To CMS sigs */
#CRYPT_ENVINFO_RECIPIENT ; ;/* Recipient email address */
#CRYPT_ENVINFO_PUBLICKEY ; ;/* PKC encryption key */
#CRYPT_ENVINFO_PRIVATEKEY ; ;/* PKC decryption key */
#CRYPT_ENVINFO_PRIVATEKEY_LABEL ; ;/* Label of PKC decryption key */
#CRYPT_ENVINFO_ORIGINATOR ; ;/* Originator info/key */
#CRYPT_ENVINFO_SESSIONKEY ; ;/* Session key */
#CRYPT_ENVINFO_HASH ; ;/* Hash value */
#CRYPT_ENVINFO_TIMESTAMP ; ;/* Timestamp information */
; ;/* Keysets used To retrieve keys needed For enveloping/deenveloping */
#CRYPT_ENVINFO_KEYSET_SIGCHECK ; ;/* Signature check keyset */
#CRYPT_ENVINFO_KEYSET_ENCRYPT ; ;/* PKC encryption keyset */
#CRYPT_ENVINFO_KEYSET_DECRYPT ; ;/* PKC decryption keyset */
; ;/* Used internally */
#CRYPT_ENVINFO_LAST
#CRYPT_SESSINFO_FIRST = 6000
; ;/**********************/
; ;/* Session attributes */
; ;/**********************/
; ;/* Pseudo-information about the session */
#CRYPT_SESSINFO_ACTIVE ; ;/* Whether session is active */
#CRYPT_SESSINFO_CONNECTIONACTIVE ; ;/* Whether network connection is active */
; ;/* Security-related information */
#CRYPT_SESSINFO_USERNAME ; ;/* User name */
#CRYPT_SESSINFO_PASSWORD ; ;/* Password */
#CRYPT_SESSINFO_PRIVATEKEY ; ;/* Server/client private key */
#CRYPT_SESSINFO_KEYSET ; ;/* Certificate store */
#CRYPT_SESSINFO_AUTHRESPONSE ; ;/* Session authorisation OK */
; ;/* Client/server information */
#CRYPT_SESSINFO_SERVER_NAME ; ;/* Server name */
#CRYPT_SESSINFO_SERVER_PORT ; ;/* Server port number */
#CRYPT_SESSINFO_SERVER_FINGERPRINT ; ;/* Server key fingerprint */
#CRYPT_SESSINFO_CLIENT_NAME ; ;/* Client name */
#CRYPT_SESSINFO_CLIENT_PORT ; ;/* Client port number */
#CRYPT_SESSINFO_SESSION ; ;/* Transport mechanism */
#CRYPT_SESSINFO_NETWORKSOCKET ; ;/* User-supplied network socket */
; ;/* Generic protocol-related information */
#CRYPT_SESSINFO_VERSION ; ;/* Protocol version */
#CRYPT_SESSINFO_REQUEST ; ;/* Cert.request object */
#CRYPT_SESSINFO_RESPONSE ; ;/* Cert.response object */
#CRYPT_SESSINFO_CACERTIFICATE ; ;/* Issuing CA certificate */
; ;/* Protocol-specific information */
#CRYPT_SESSINFO_TSP_MSGIMPRINT ; ;/* TSP message imprint */
#CRYPT_SESSINFO_CMP_REQUESTTYPE ; ;/* Request type */
#CRYPT_SESSINFO_CMP_PKIBOOT ; ;/* Unused To be removed in 3.4 */
#CRYPT_SESSINFO_CMP_PRIVKEYSET ; ;/* Private-key keyset */
#CRYPT_SESSINFO_SSH_CHANNEL ; ;/* SSH current channel */
#CRYPT_SESSINFO_SSH_CHANNEL_TYPE ; ;/* SSH channel type */
#CRYPT_SESSINFO_SSH_CHANNEL_ARG1 ; ;/* SSH channel argument 1 */
#CRYPT_SESSINFO_SSH_CHANNEL_ARG2 ; ;/* SSH channel argument 2 */
#CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE ; ;/* SSH channel active */
; ;/* Used internally */
#CRYPT_SESSINFO_LAST
#CRYPT_USERINFO_FIRST = 7000
; ;/**********************/
; ;/* User attributes */
; ;/**********************/
; ;/* Security-related information */
#CRYPT_USERINFO_PASSWORD ; ;/* Password */
; ;/* User role-related information */
#CRYPT_USERINFO_CAKEY_CERTSIGN ; ;/* CA cert signing key */
#CRYPT_USERINFO_CAKEY_CRLSIGN ; ;/* CA CRL signing key */
#CRYPT_USERINFO_CAKEY_RTCSSIGN ; ;/* CA RTCS signing key */
#CRYPT_USERINFO_CAKEY_OCSPSIGN ; ;/* CA OCSP signing key */
; ;/* Used internally For range checking */
#CRYPT_USERINFO_LAST
#CRYPT_ATTRIBUTE_LAST = #CRYPT_USERINFO_LAST
;ifdef _#CRYPT_DEFINED
; ; ;/***********************/
; ; ;/* Internal attributes */
; ; ;/***********************/;
;
; ; ;/* The following attributes are only visible internally And are Protected
; from any external access by the kernel (And For good measure by checks
; in other places As well). The two attributes #CRYPT_IATTRIBUTE_KEY_SPKI
; And #CRYPT_IATTRIBUTE_SPKI are actually the same thing the difference
; is that the former is write-only For contexts And the latter is Read-
; only For certificates (the former is used when loading a context from
; a key contained in a device where the actual key components aren't
; directly available in the context but may be needed in the future For
; things like cert requests). Because a single object can act As both a
; context And a cert having two explicitly different attribute names
; makes things less confusing. In addition some public-key attributes
; have _PARTIAL variants that load the public-key components but don't
; initialise the key/move the context into the high state. This is
; used For formats in which public And private-key components are loaded
; separately */
#CRYPT_IATTRIBUTE_FIRST = 8000
#CRYPT_IATTRIBUTE_TYPE ; ;/* Object type */
#CRYPT_IATTRIBUTE_SUBTYPE ; ;/* Object subtype */
#CRYPT_IATTRIBUTE_STATUS ; ;/* Object status */
#CRYPT_IATTRIBUTE_INTERNAL ; ;/* Object internal flag */
#CRYPT_IATTRIBUTE_ACTIONPERMS ; ;/* Object action permissions */
#CRYPT_IATTRIBUTE_LOCKED ; ;/* Object locked For exclusive use */
#CRYPT_IATTRIBUTE_INITIALISED ; ;/* Object inited (in high state) */
; ;/* Context internal attributes */
#CRYPT_IATTRIBUTE_KEYSIZE ; ;/* Key size (written To non-native ctxs) */
#CRYPT_IATTRIBUTE_KEYFEATURES ; ;/* Key feature info */
#CRYPT_IATTRIBUTE_KEYID ; ;/* Key ID */
#CRYPT_IATTRIBUTE_KEYID_PGP2 ; ;/* PGP 2 key ID */
#CRYPT_IATTRIBUTE_KEYID_OPENPGP ; ;/* OpenPGP key ID */
#CRYPT_IATTRIBUTE_KEY_KEADOMAINPARAMS ; ;/* Key agreement domain parameters */
#CRYPT_IATTRIBUTE_KEY_KEAPUBLICVALUE ; ;/* Key agreement public value */
#CRYPT_IATTRIBUTE_KEY_SPKI ; ;/* SubjectPublicKeyInfo */
#CRYPT_IATTRIBUTE_KEY_PGP ; ;/* PGP-format public key */
#CRYPT_IATTRIBUTE_KEY_SSH ; ;/* SSH-format public key */
#CRYPT_IATTRIBUTE_KEY_SSH1 ; ;/* SSHv1-format public key */
#CRYPT_IATTRIBUTE_KEY_SSL ; ;/* SSL-format public key */
#CRYPT_IATTRIBUTE_KEY_SPKI_PARTIAL ; ;/* SubjectPublicKeyInfo w/o trigger */
#CRYPT_IATTRIBUTE_KEY_PGP_PARTIAL ; ;/* PGP public key w/o trigger */
#CRYPT_IATTRIBUTE_PGPVALIDITY ; ;/* PGP key validity */
#CRYPT_IATTRIBUTE_DEVICEOBJECT ; ;/* Device object handle */
#CRYPT_IATTRIBUTE_DEVICESTORAGEID ; ;/* Storage ID For Data in device */
#CRYPT_IATTRIBUTE_EXISTINGLABEL ; ;/* Existing label For object in device */
; ;/* Certificate internal attributes */
#CRYPT_IATTRIBUTE_SUBJECT ; ;/* SubjectName */
#CRYPT_IATTRIBUTE_ISSUER ; ;/* IssuerName */
#CRYPT_IATTRIBUTE_ISSUERANDSERIALNUMBER ; ;/* IssuerAndSerial */
#CRYPT_IATTRIBUTE_HOLDERNAME ; ;/* Best approximation To cert.owner name */
#CRYPT_IATTRIBUTE_HOLDERURI ; ;/* Best approximation To cert.owner URI */
#CRYPT_IATTRIBUTE_SPKI ; ;/* Encoded SubjectPublicKeyInfo */
#CRYPT_IATTRIBUTE_CERTHASHALGO ; ;/* Hash algo.used For cert */
#CRYPT_IATTRIBUTE_CERTCOLLECTION ; ;/* Certs added To cert chain */
#CRYPT_IATTRIBUTE_CRLENTRY ; ;/* Individual entry from CRL */
#CRYPT_IATTRIBUTE_RESPONDERURL ; ;/* RTCS/OCSP responder name */
#CRYPT_IATTRIBUTE_RTCSREQUEST ; ;/* RTCS req.info added To RTCS resp.*/
#CRYPT_IATTRIBUTE_OCSPREQUEST ; ;/* OCSP req.info added To OCSP resp.*/
#CRYPT_IATTRIBUTE_REVREQUEST ; ;/* CRMF rev.request added To CRL */
#CRYPT_IATTRIBUTE_PKIUSERINFO ; ;/* Additional user info added To cert.req.*/
#CRYPT_IATTRIBUTE_BLOCKEDATTRS ; ;/* Template of disallowed attrs.in cert */
#CRYPT_IATTRIBUTE_AUTHCERTID ; ;/* Authorising cert ID For a cert/rev.req.*/
#CRYPT_IATTRIBUTE_ESSCERTID ; ;/* ESSCertID */
#CRYPT_IATTRIBUTE_CERTCOPY ; ;/* Copy of cert object */
#CRYPT_IATTRIBUTE_CERTCOPY_DATAONLY ; ;/* Copy of cert object As Data-only cert */
#CRYPT_IATTRIBUTE_FINGERPRINT_SHA2 ; ;/* Certificate fingerprint: SHA-2 */
#CRYPT_IATTRIBUTE_FINGERPRINT_SHAng ; ;/* Certificate fingerprint: SHAng */
; ;/* Device internal attributes */
#CRYPT_IATTRIBUTE_ENTROPY ; ;/* Polled entropy Data */
#CRYPT_IATTRIBUTE_ENTROPY_QUALITY ; ;/* Quality of entropy Data */
#CRYPT_IATTRIBUTE_RANDOM_POLL ; ;/* Slow/fast entropy poll */
#CRYPT_IATTRIBUTE_RANDOM_LOPICKET ; ;/* Low picket For random Data attrs.*/
#CRYPT_IATTRIBUTE_RANDOM ; ;/* Random Data */
#CRYPT_IATTRIBUTE_RANDOM_NZ ; ;/* Nonzero random Data */
#CRYPT_IATTRIBUTE_RANDOM_HIPICKET ; ;/* High picket For random Data attrs.*/
#CRYPT_IATTRIBUTE_RANDOM_NONCE ; ;/* Basic nonce */
#CRYPT_IATTRIBUTE_TIME ; ;/* Reliable (hardware-based) time value */
; ; ;/* Envelope internal attributes */
#CRYPT_IATTRIBUTE_INCLUDESIGCERT ; ;/* Whether To include signing cert(s) */
#CRYPT_IATTRIBUTE_ATTRONLY ; ;/* Signed Data contains only CMS attrs.*/
; ; ;/* Keyset internal attributes */
#CRYPT_IATTRIBUTE_CONFIGDATA ; ;/* Config information */
#CRYPT_IATTRIBUTE_USERINDEX ; ;/* Index of users */
#CRYPT_IATTRIBUTE_USERID ; ;/* User ID */
#CRYPT_IATTRIBUTE_USERINFO ; ;/* User information */
#CRYPT_IATTRIBUTE_TRUSTEDCERT ; ;/* First trusted cert */
#CRYPT_IATTRIBUTE_TRUSTEDCERT_NEXT ; ;/* Successive trusted certs */
#CRYPT_IATTRIBUTE_HWSTORAGE ; ;/* Associated device For priv.key Data */;
; ; ;/* Session internal attributes */
#CRYPT_IATTRIBUTE_ENC_TIMESTAMP ; ;/* Encoded TSA timestamp */;
; ; ;/* User internal attributes */
#CRYPT_IATTRUBUTE_CERTKEYSET ; ;/* Keyset To send trusted certs To */
#CRYPT_IATTRIBUTE_CTL ; ;/* Cert.trust List */
#CRYPT_IATTRIBUTE_LAST
; ;/* Subrange values used internally For range checking */
#CRYPT_CERTINFO_FIRST_CERTINFO = #CRYPT_CERTINFO_FIRST + 1
#CRYPT_CERTINFO_LAST_CERTINFO = #CRYPT_CERTINFO_PKIUSER_REVPASSWORD
#CRYPT_CERTINFO_FIRST_PSEUDOINFO = #CRYPT_CERTINFO_SELFSIGNED
#CRYPT_CERTINFO_LAST_PSEUDOINFO = #CRYPT_CERTINFO_SIGNATURELEVEL
#CRYPT_CERTINFO_FIRST_NAME = #CRYPT_CERTINFO_COUNTRYNAME
#CRYPT_CERTINFO_LAST_NAME = #CRYPT_CERTINFO_REGISTEREDID
#CRYPT_CERTINFO_FIRST_DN = #CRYPT_CERTINFO_COUNTRYNAME
#CRYPT_CERTINFO_LAST_DN = #CRYPT_CERTINFO_COMMONNAME
#CRYPT_CERTINFO_FIRST_GENERALNAME = #CRYPT_CERTINFO_OTHERNAME_TYPEID
#CRYPT_CERTINFO_LAST_GENERALNAME = #CRYPT_CERTINFO_REGISTEREDID
#CRYPT_CERTINFO_FIRST_EXTENSION = #CRYPT_CERTINFO_CHALLENGEPASSWORD
#CRYPT_CERTINFO_LAST_EXTENSION = #CRYPT_CERTINFO_SET_TUNNELINGALGID
#CRYPT_CERTINFO_FIRST_CMS = #CRYPT_CERTINFO_CMS_CONTENTTYPE
#CRYPT_CERTINFO_LAST_CMS = #CRYPT_CERTINFO_LAST - 1
#CRYPT_SESSINFO_FIRST_SPECIFIC = #CRYPT_SESSINFO_REQUEST
#CRYPT_SESSINFO_LAST_SPECIFIC = #CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE
;EndIf ; ;/* _#CRYPT_DEFINED */
EndEnumeration
#CRYPT_OK = 0
;/* Error in parameters passed To function. The parentheses are To catch
; potential erroneous use in an expression */
#CRYPT_ERROR_PARAM1 = -1 ;/* Bad argument, parameter 1 */
#CRYPT_ERROR_PARAM2 = -2 ;/* Bad argument, parameter 2 */
#CRYPT_ERROR_PARAM3 = -3 ;/* Bad argument, parameter 3 */
#CRYPT_ERROR_PARAM4 = -4 ;/* Bad argument, parameter 4 */
#CRYPT_ERROR_PARAM5 = -5 ;/* Bad argument, parameter 5 */
#CRYPT_ERROR_PARAM6 = -6 ;/* Bad argument, parameter 6 */
#CRYPT_ERROR_PARAM7 = -7 ;/* Bad argument, parameter 7 */
;/* Errors due To insufficient resources */
#CRYPT_ERROR_MEMORY = -10 ;/* Out of memory */
#CRYPT_ERROR_NOTINITED = -11 ;/* Data has Not been initialised */
#CRYPT_ERROR_INITED = -12 ;/* Data has already been init'd */
#CRYPT_ERROR_NOSECURE = -13 ;/* Opn.Not avail.at requested sec.level */
#CRYPT_ERROR_RANDOM = -14 ;/* No reliable random Data available */
#CRYPT_ERROR_FAILED = -15 ;/* Operation failed */
#CRYPT_ERROR_INTERNAL = -16 ;/* Internal consistency check failed */
;/* Security violations */
#CRYPT_ERROR_NOTAVAIL = -20 ;/* This type of opn.Not available */
#CRYPT_ERROR_PERMISSION = -21 ;/* No permiss.To perform this operation */
#CRYPT_ERROR_WRONGKEY = -22 ;/* Incorrect key used To decrypt Data */
#CRYPT_ERROR_INCOMPLETE = -23 ;/* Operation incomplete/still in progress */
#CRYPT_ERROR_COMPLETE = -24 ;/* Operation complete/can't continue */
#CRYPT_ERROR_TIMEOUT = -25 ;/* Operation timed out before completion */
#CRYPT_ERROR_INVALID = -26 ;/* Invalid/inconsistent information */
#CRYPT_ERROR_SIGNALLED = -27 ;/* Resource destroyed by extnl.event */
;/* High-level function errors */
#CRYPT_ERROR_OVERFLOW = -30 ;/* Resources/space exhausted */
#CRYPT_ERROR_UNDERFLOW = -31 ;/* Not enough Data available */
#CRYPT_ERROR_BADDATA = -32 ;/* Bad/unrecognised Data format */
#CRYPT_ERROR_SIGNATURE = -33 ;/* Signature/integrity check failed */
;/* Data access function errors */
#CRYPT_ERROR_OPEN = -40 ;/* Cannot open object */
#CRYPT_ERROR_READ = -41 ;/* Cannot Read item from object */
#CRYPT_ERROR_WRITE = -42 ;/* Cannot write item To object */
#CRYPT_ERROR_NOTFOUND = -43 ;/* Requested item Not found in object */
#CRYPT_ERROR_DUPLICATE = -44 ;/* Item already present in object */
;/* Data enveloping errors */
#CRYPT_ENVELOPE_RESOURCE = -50 ;/* Need resource To proceed */
;/* Macros To examine Return values */
#cryptStatusOK = #CRYPT_OK
