/* $Id: diCrPKI.h $ */
/* For `CryptoSys PKI Pro`.
Requires `diCrPKI.lib` and `diCrPKI.dll` for Win32/64
or `diCrPKI.a` or `libcryptosyspki.so` for Linux.
*/
/* Copyright (C) 2002-25 DI Management Services Pty Limited
<http://di-mgt.com.au> <http://cryptosys.net>
All rights reserved.
Last updated:
$Date: 2023-01-01 03:07:00 $
$Revision: 21.0.0 $
*/
#ifndef DICRPKI_H_
#define DICRPKI_H_ 1
#include <wchar.h>
/* GENERAL CONSTANTS */
#define PKI_DIR_ENCRYPT 1
#define PKI_DIR_DECRYPT 0
/* Synonyms for direction */
#define ENCRYPT 1
#define DECRYPT 0
/* Maximum number of bytes in hash digest byte array */
#define PKI_MAX_HASH_BYTES 64
#define PKI_SHA1_BYTES 20
#define PKI_SHA224_BYTES 28
#define PKI_SHA256_BYTES 32
#define PKI_SHA384_BYTES 48
#define PKI_SHA512_BYTES 64
#define PKI_MD5_BYTES 16
#define PKI_MD2_BYTES 16
#define PKI_RMD160_BYTES 20
#define PKI_BTC160_BYTES 20
/* Maximum number of hex characters in hash digest (excl null) */
#define PKI_MAX_HASH_CHARS (2*PKI_MAX_HASH_BYTES)
#define PKI_SHA1_CHARS (2*PKI_SHA1_BYTES)
#define PKI_SHA224_CHARS (2*PKI_SHA224_BYTES)
#define PKI_SHA256_CHARS (2*PKI_SHA256_BYTES)
#define PKI_SHA384_CHARS (2*PKI_SHA384_BYTES)
#define PKI_SHA512_CHARS (2*PKI_SHA512_BYTES)
#define PKI_MD5_CHARS (2*PKI_MD5_BYTES)
#define PKI_MD2_CHARS (2*PKI_MD2_BYTES)
#define PKI_RMD160_CHARS (2*PKI_RMD160_BYTES)
#define PKI_BTC160_CHARS (2*PKI_BTC160_BYTES)
/* Synonym retained for backwards compatibility */
#define PKI_MAX_HASH_LEN PKI_MAX_HASH_CHARS
/* Encryption block sizes in bytes */
#define PKI_BLK_TDEA_BYTES 8
#define PKI_BLK_AES_BYTES 16
/* Key size in bytes */
#define PKI_KEYSIZE_TDEA_BYTES 24
#define PKI_KEYSIZE_MAX_BYTES 32
/* Required size for RNG seed file */
#define PKI_RNG_SEED_BYTES 64
/* Length of GUID string - added [v12.3] */
#define PKI_RNG_GUID_CHARS 36
/* Maximum number of characters in a last error message */
#define PKI_MAX_LASTERROR_CHARS 647
#define PKI_MAX_ERROR_CHARS (PKI_MAX_LASTERROR_CHARS) /* synonym */
/* Maximum number of characters in an error lookup message */
#define PKI_MAX_ERRORLOOKUP_CHARS 127
/* OPTIONS */
#define PKI_DEFAULT 0
/* Signature algorithms */
#define PKI_SIG_SHA1RSA 0x0
#define PKI_SIG_MD5RSA 0x1
#define PKI_SIG_MD2RSA 0x2
#define PKI_SIG_SHA256RSA 0x3
#define PKI_SIG_SHA384RSA 0x4
#define PKI_SIG_SHA512RSA 0x5
#define PKI_SIG_SHA224RSA 0x6
/* Synonyms added [v12.0] */
#define PKI_SIG_RSA_SHA1 0x0
#define PKI_SIG_RSA_SHA224 0x6
#define PKI_SIG_RSA_SHA256 0x3
#define PKI_SIG_RSA_SHA384 0x4
#define PKI_SIG_RSA_SHA512 0x5
#define PKI_SIG_RSA_MD5 0x1 /* [not recommended for new implementations] */
/* New in [v11.0] */
#define PKI_SIG_ECDSA_SHA1 0x10
#define PKI_SIG_ECDSA_SHA224 0x20
#define PKI_SIG_ECDSA_SHA256 0x30
#define PKI_SIG_ECDSA_SHA384 0x40
#define PKI_SIG_ECDSA_SHA512 0x50
/* New in [v12.0] */
#define PKI_SIG_RSA_PSS_SHA1 0xB0
#define PKI_SIG_RSA_PSS_SHA224 0xB6
#define PKI_SIG_RSA_PSS_SHA256 0xB3
#define PKI_SIG_RSA_PSS_SHA384 0xB4
#define PKI_SIG_RSA_PSS_SHA512 0xB5
/* Safe curves for EdDSA - new in [v20.0] */
#define PKI_SIG_ED25519 0xC0
//-- 0xC1 Reserved for PKI_SIG_ED448
/* Safe curves for ECDH - new in [v20.0] */
#define PKI_ECDH_X25519 0xD0
//-- 0xD1 Reserved for PKI_ECDH_X448
/* Salt lengths for RSA-PSS - new in [v12.0] */
#define PKI_PSS_SALTLEN_HLEN 0x000000 /* Default */
#define PKI_PSS_SALTLEN_MAX 0x200000
#define PKI_PSS_SALTLEN_20 0x300000
#define PKI_PSS_SALTLEN_ZERO 0x400000
/* MGF parameters for RSA-OAEP/PSS - new in [v12.0] */
#define PKI_MGF_MGF1SHA1 0x800000L /* Force SHA-1 in MGF1 */
/* PKCS#5 Password-based encryption algorithms */
#define PKI_PBE_SHA_3DES 0x0 /* Default */
/* Added in [v11.0] as simpler alternative to PKI_PBE_PBES2 + PKI_BC */
#define PKI_PBE_PBKDF2_DESEDE3 0x1010L
#define PKI_PBE_PBKDF2_AES128 0x1020L
#define PKI_PBE_PBKDF2_AES192 0x1030L
#define PKI_PBE_PBKDF2_AES256 0x1040L
// --0x1820L Reserved for PKI_PBE_SCRYPT_AES128
// --0x1840L Reserved for PKI_PBE_SCRYPT_AES256
/* These next 3 changed in [v11.0] (by adding 0x8000000) */
#define PKI_PBE_MD5_DES 0x8000001L /* [not recommended for new implementations] */
#define PKI_PBE_MD2_DES 0x8000002L /* [not recommended for new implementations] */
#define PKI_PBE_SHA_DES 0x8000003L /* [not recommended for new implementations] */
/* Synonym retained for backwards compatibility */
#define PKI_PBES2_3DES PKI_PBE_PBKDF2_DESEDE3
/* Older alternative to specify PBES2 PBKDF2 */
#define PKI_PBE_PBES2 0x1000L /* Add PKI_BC_* option to specify encryption alg */
/* Message digest hash algorithms */
#define PKI_HASH_SHA1 0x0
#define PKI_HASH_MD5 0x1
#define PKI_HASH_MD2 0x2
#define PKI_HASH_SHA256 0x3
#define PKI_HASH_SHA384 0x4
#define PKI_HASH_SHA512 0x5
#define PKI_HASH_SHA224 0x6
#define PKI_HASH_RMD160 0x7
#define PKI_HASH_BTC160 0x8
#define PKI_HASH_SHA3_224 0xA
#define PKI_HASH_SHA3_256 0xB
#define PKI_HASH_SHA3_384 0xC
#define PKI_HASH_SHA3_512 0xD
#define PKI_HASH_MODE_TEXT 0x10000L
#define PKI_HASH_DOUBLE 0x20000L
/* HMAC algorithms */
#define PKI_HMAC_SHA1 0x0
#define PKI_HMAC_SHA224 0x6
#define PKI_HMAC_SHA256 0x3
#define PKI_HMAC_SHA384 0x4
#define PKI_HMAC_SHA512 0x5
#define PKI_HMAC_SHA3_224 0xA
#define PKI_HMAC_SHA3_256 0xB
#define PKI_HMAC_SHA3_384 0xC
#define PKI_HMAC_SHA3_512 0xD
/* Options for MAC/XOF/PRF functions */
#define PKI_KMAC_128 0x201
#define PKI_KMAC_256 0x202
#define PKI_XOF_SHAKE128 0x203
#define PKI_XOF_SHAKE256 0x204
#define PKI_XOF_MGF1_SHA1 0x210
#define PKI_XOF_MGF1_SHA256 0x213
#define PKI_XOF_MGF1_SHA512 0x215
/* nFermatExp values for RSA exponent */
#define PKI_RSAEXP_EQ_3 0
#define PKI_RSAEXP_EQ_5 1
#define PKI_RSAEXP_EQ_17 2
#define PKI_RSAEXP_EQ_257 3
#define PKI_RSAEXP_EQ_65537 4
/* Return values for RSA_CheckKey */
#define PKI_VALID_PUBLICKEY 1
#define PKI_VALID_PRIVATEKEY 0
/* Options for ECC Keys - New in [v20.0] */
#define PKI_ECC_PRIVATE_KEY 0x0
#define PKI_ECC_PUBLIC_KEY 0x1
/* BIT FLAGS */
/* Key generation and storage */
#define PKI_KEYGEN_INDICATE 0x1000000L
#define PKI_KEY_SECURE_OFF 0x2000000L /* New in [v20.4] */
#define PKI_KEY_FORMAT_PEM 0x10000L
#define PKI_KEY_FORMAT_SSL 0x20000L
#define PKI_KEY_TYPE_PKCS8 0x40000L
#define PKI_PFX_STRONG_CERT 0x1000000L /* New in [v12.3] */
#define PKI_PFX_PLAIN_CERT 0x2000000L
#define PKI_PFX_CLONE_KEY 0x4000000L
#define PKI_PFX_ALT_FORMAT 0x100000L
#define PKI_PFX_P7CHAIN 0x0400L
#define PKI_PFX_AES256_SHA256 0x1043L /* New in [v20.5] */
#define PKI_CMS_FORMAT_BASE64 0x10000L
#define PKI_CMS_EXCLUDE_CERTS 0x0100L
#define PKI_CMS_EXCLUDE_DATA 0x0200L
#define PKI_CMS_CERTS_ONLY 0x0400L
#define PKI_CMS_INCLUDE_ATTRS 0x0800L
#define PKI_CMS_ADD_SIGNTIME 0x1000L
#define PKI_CMS_ADD_SMIMECAP 0x2000L
#define PKI_CMS_ADD_SIGNINGCERT 0x4000L /* New in [v12.4] */
#define PKI_CMS_ADD_ALGPROTECT 0x8000L /* New in [v12.4] */
#define PKI_CMS_NO_INFLATE 0x1000000L
#define PKI_CMS_NO_OUTER 0x2000000L
#define PKI_CMS_ALT_ALGID 0x4000000L
#define PKI_CMS_BIGFILE 0x8000000L
#define PKI_CMS_PSEUDOSIG 0x100000L /* New in [v20.2] */
#ifndef PKI_XML_DEFINED_
#define PKI_XML_RSAKEYVALUE 0x0001L
#define PKI_XML_EXCLPRIVATE 0x0010L
#define PKI_XML_REQPRIVATE 0x0020L
#define PKI_XML_HEXBINARY 0x0100L
#define PKI_XML_DEFINED_
#endif /* PKI_XML_DEFINED_ */
#ifndef PKI_ENCOD_DEFINED_
#define PKI_EME_DEFAULT 0x00L
#define PKI_EME_PKCSV1_5 0x00L
#define PKI_EME_OAEP 0x10L
#define PKI_EMSIG_DEFAULT 0x20L
#define PKI_EMSIG_PKCSV1_5 0x20L
#define PKI_EMSIG_DIGESTONLY 0x1000L
#define PKI_EMSIG_DIGINFO 0x2000L
#define PKI_EMSIG_ISO9796 0x100000L
#define PKI_ENCOD_DEFINED_
#endif /* PKI_ENCOD_DEFINED_ */
#ifndef PKI_X509_DEFINED_
/* X.509 Option flags */
#define PKI_X509_FORMAT_PEM 0x10000L
#define PKI_X509_FORMAT_BIN 0x20000L
#define PKI_X509_REQ_KLUDGE 0x100000L
#define PKI_X509_NO_TIMECHECK 0x200000L
#define PKI_X509_LATIN1 0x400000L
#define PKI_X509_UTF8 0x800000L
#define PKI_X509_AUTHKEYID 0x1000000L
#define PKI_X509_NO_BASIC 0x2000000L
#define PKI_X509_CA_TRUE 0x4000000L
#define PKI_X509_VERSION1 0x8000000L
#define PKI_X509_LDAP 0x1000L
#define PKI_X509_DECIMAL 0x8000L
/* Flags for X.509 Key Usage */
#define PKI_X509_KEYUSAGE_DIGITALSIGNATURE 0x0001L
#define PKI_X509_KEYUSAGE_NONREPUDIATION 0x0002L
#define PKI_X509_KEYUSAGE_KEYENCIPHERMENT 0x0004L
#define PKI_X509_KEYUSAGE_DATAENCIPHERMENT 0x0008L
#define PKI_X509_KEYUSAGE_KEYAGREEMENT 0x0010L
#define PKI_X509_KEYUSAGE_KEYCERTSIGN 0x0020L
#define PKI_X509_KEYUSAGE_CRLSIGN 0x0040L
#define PKI_X509_KEYUSAGE_ENCIPHERONLY 0x0080L
#define PKI_X509_KEYUSAGE_DECIPHERONLY 0x0100L
/* Specific return values */
/* [v12.0] Changed from +1/-1 to proper error codes */
#define PKI_X509_EXPIRED 16 /* (EXPIRED_ERROR) CHANGED FROM -1 [v12.0] */
#define PKI_X509_VERIFY_FAILURE 22 /* (SIGNATURE_ERROR) CHANGED FROM -1 [v12.0] */
#define PKI_X509_REVOKED 42 /* (REVOCATION_ERROR) CHANGED FROM +1 [v12.0] */
#define PKI_X509_INVALID 43 /* (CERT_PATH_ERROR) CHANGED FROM +1 [v12.0] */
#define PKI_X509_VALID_NOW 0
#define PKI_X509_VERIFY_SUCCESS 0
#define PKI_X509_DEFINED_
#endif /* PKI_X509_DEFINED_ */
/* Return values for CNV_CheckUTF */
#define PKI_CHRS_NOT_UTF8 0L
#define PKI_CHRS_ALL_ASCII 1L
#define PKI_CHRS_ANSI8 2L
#define PKI_CHRS_MULTIBYTE 3L
/* Options for CNV_ByteEncoding */
#define PKI_CNV_UTF8_FROM_LATIN1 0x1L
#define PKI_CNV_LATIN1_FROM_UTF8 0x2L
/* Options for CNV_Num[To/From]Bytes - new in [v11.0] */
#define PKI_CNV_BIG_ENDIAN 0x0L
#define PKI_CNV_LITTLE_ENDIAN 0x1L
/* Flags and return values for X.509 and CMS query functions */
#define PKI_QUERY_GETTYPE 0x100000L
#define PKI_QUERY_NUMBER 1L
#define PKI_QUERY_STRING 2L
/* Options for RNG functions */
#define PKI_RNG_STRENGTH_112 0x00L
#define PKI_RNG_STRENGTH_128 0x01L
/* Block cipher (BC) algorithm options */
#define PKI_BC_TDEA 0x10L // )
#define PKI_BC_3DES 0x10L // ) equiv. synonyms for Triple DES
#define PKI_BC_DESEDE3 0x10L // )
#define PKI_BC_AES128 0x20L
#define PKI_BC_AES192 0x30L
#define PKI_BC_AES256 0x40L
/* Block cipher mode options */
#define PKI_MODE_ECB 0x000L
#define PKI_MODE_CBC 0x100L
#define PKI_MODE_OFB 0x200L
#define PKI_MODE_CFB 0x300L
#define PKI_MODE_CTR 0x400L
/* Added [v12.1] AEAD only */
#define PKI_MODE_GCM 0x500L
/* Block cipher padding options */
#define PKI_PAD_DEFAULT 0x0
#define PKI_PAD_NOPAD 0x10000
#define PKI_PAD_PKCS5 0x20000
#define PKI_PAD_1ZERO 0x30000
/* Added [v11.1] */
#define PKI_PAD_AX923 0x40000
#define PKI_PAD_W3C 0x50000
/* AEAD algorithms - added [v12.1] */
#define PKI_AEAD_AES_128_GCM 0x520L
#define PKI_AEAD_AES_192_GCM 0x530L
#define PKI_AEAD_AES_256_GCM 0x540L
/* Block cipher option flags */
#define PKI_IV_PREFIX 0x1000
/* Key wrap algorithms - added [v20.5] */
#define PKI_KWRAP_3DES 0x100000L
#define PKI_KWRAP_AES128 0x200000L
#define PKI_KWRAP_AES192 0x300000L
#define PKI_KWRAP_AES256 0x400000L
/* Key transport algorithms */
#define PKI_KT_RSAES_PKCS 0x0000L
#define PKI_KT_RSAES_OAEP 0x8000L
// --0xC000L Reserved for PKI_KT_RSA_KEM
/* Key derivation functions */
/* Changed [v20.5] */
// #define PKI_KDF_KDF2 0x000L //--historical, never used
#define PKI_KDF_X963 0x0000L /* [v20.5] new default */
#define PKI_KDF_HKDF 0x1000L
/* ASN.1 utilities - added [v10.0] */
#define PKI_ASN1_NOCOMMENTS 0x100000L
#define PKI_ASN1_ADDLEVELS 0x800000L
#define PKI_ASN1_TYPE_MAXCHARS 64
/* SIG functions */
#define PKI_SIG_USEDIGEST 0x1000L /* Added [v10.0] */
#define PKI_SIG_DETERMINISTIC 0x2000L /* Added [v11.0] */
#define PKI_SIG_ASN1DER 0x4000L /* Added [v11.0], changed from 0x200000 [v12.0] */
/* SMIME functions - added [v10.0] */
#define PKI_SMIME_ENCODE_BASE64 0x10000L
#define PKI_SMIME_ENCODE_BINARY 0x20000L
#define PKI_SMIME_ADDX 0x100000L
/* Encoding options - added [v11.0] */
#define PKI_ENCODE_HEX 0x30000L
#define PKI_ENCODE_BASE64URL 0x40000L
/* Wipefile options - added [v12.0] */
#define PKI_WIPEFILE_DOD7 0x0 /* Default */
#define PKI_WIPEFILE_SIMPLE 0x1
/* General */
#define PKI_GEN_PLATFORM 0x40
#define PKI_GEN_LEGACY 0x8000000L /* Added [v11.0] */
/* __stdcall convention required for Win32/64 DLL only */
#if defined(__linux__) || defined (linux) || defined(__linux)
#define __stdcall
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* GENERAL FUNCTIONS */
long __stdcall PKI_Version(void *nReserved1, void *nReserved2);
long __stdcall PKI_LicenceType(long nOptions);
long __stdcall PKI_CompileTime(char *szOutput, long nOutChars);
long __stdcall PKI_ModuleName(char *szOutput, long nOutChars, long nOptions);
long __stdcall PKI_PowerUpTests(long nOptions);
long __stdcall PKI_Platform(char *szOutput, long nOutChars);
long __stdcall PKI_ModuleInfo(char *szOutput, long nOutChars, long nOptions);
/* New in [v21.0] */
long __stdcall PKI_FormatErrorMessage(char *szOutput, long nOutChars, long nErrCode, const char *szUserMsg);
/* ERROR-RELATED FUNCTIONS */
long __stdcall PKI_LastError(char *szOutput, long nOutChars);
long __stdcall PKI_ErrorCode(void);
long __stdcall PKI_ErrorLookup(char *szOutput, long nOutChars, long nErrCode);
/* CRYPTOGRAPHIC MESSAGE SYNTAX (CMS) FUNCTIONS */
long __stdcall CMS_MakeEnvData(const char *szFileOut, const char *szFileIn, const char *szCertList, const char *szSeed, long nSeedLen, long nOptions);
long __stdcall CMS_MakeEnvDataFromString(const char *szFileOut, const char *szDataIn, const char *szCertList, const char *szSeed, long nSeedLen, long nOptions);
long __stdcall CMS_ReadEnvData(const char *szFileOut, const char *szFileIn, const char *szCertFile, const char *szPrivateKey, long nOptions);
long __stdcall CMS_ReadEnvDataToString(char *szOutput, long nOutChars, const char *szFileIn, const char *szCertFile, const char *szPrivateKey, long nOptions);
long __stdcall CMS_MakeSigData(const char *szFileOut, const char *szFileIn, const char *szCertList, const char *szPrivateKey, long nOptions);
long __stdcall CMS_MakeSigDataFromString(const char *szFileOut, const char *szDataIn, const char *szCertList, const char *szPrivateKey, long nOptions);
long __stdcall CMS_MakeSigDataFromSigValue(const char *szFileOut, const unsigned char *lpSigValue, long nSigLen, const unsigned char *lpData, long nDataLen, const char *szCertListOrFile, long nOptions);
long __stdcall CMS_MakeDetachedSig(const char *szFileOut, const char *szHexDigest, const char *szCertList, const char *szPrivateKey, long nOptions);
long __stdcall CMS_ReadSigData(const char *szFileOut, const char *szFileIn, long nOptions);
long __stdcall CMS_ReadSigDataToString(char *szOutput, long nOutChars, const char *szFileIn, long nOptions);
long __stdcall CMS_GetSigDataDigest(char *szOutput, long nOutChars, const char *szFileIn, const char *szCertFile, long nOptions);
long __stdcall CMS_VerifySigData(const char *szFileIn, const char *szCertFile, const char *szHexDigest, long nOptions);
long __stdcall CMS_QuerySigData(char *szOutput, long nOutChars, const char *szFileIn, const char *szQuery, long nOptions);
long __stdcall CMS_QueryEnvData(char *szOutput, long nOutChars, const char *szFileIn, const char *szQuery, long nOptions);
long __stdcall CMS_MakeComprData(const char *szFileOut, const char *szFileIn, long nOptions);
long __stdcall CMS_ReadComprData(const char *szFileOut, const char *szFileIn, long nOptions);
long __stdcall CMS_ReadEnvDataToBytes(unsigned char *lpOutput, long nOutBytes, const char *szFileIn, const char *szCertFile, const char *szPrivateKey, long nOptions);
long __stdcall CMS_ReadSigDataToBytes(unsigned char *lpOutput, long nOutBytes, const char *szFileIn, long nOptions);
long __stdcall CMS_MakeEnvDataFromBytes(const char *szFileOut, const unsigned char *lpInput, long nInputLen, const char *szCertList, const char *szSeed, long nSeedLen, long nOptions);
long __stdcall CMS_MakeSigDataFromBytes(const char *szFileOut, const unsigned char *lpInput, long nInputLen, const char *szCertList, const char *szPrivateKey, long nOptions);
/* RSA KEY FUNCTIONS */
/* New in [v12.3] */
long __stdcall RSA_MakeKeysXtd(const char *szPubKeyFile, const char *szPriKeyFile, const char *szPassword, long nBits, long nExpFermat, const char *szParams, long nOptions);
/* ...supersedes the function: */
long __stdcall RSA_MakeKeys(const char *szPubKeyFile, const char *szEpkFile, long nBits, long nExpFermat, long nTests, long nCount, const char *szPassword, const void *lpSeed, long nSeedLen, long nOptions);
/* New in [v12.3] */
long __stdcall RSA_SaveEncKey(const char *szFileOut, const char *szIntKeyString, const char *szPassword, const char *szParams, long nOptions);
/* ...supersedes the function: */
long __stdcall RSA_SaveEncPrivateKey(const char *szFileOut, const char *szKeyString, long nCount, const char *szPassword, long nOptions);
long __stdcall RSA_SavePublicKey(const char *szFileOut, const char *szKeyString, long nOptions);
long __stdcall RSA_SavePrivateKeyInfo(const char *szFileOut, const char *szKeyString, long nOptions);
long __stdcall RSA_GetPrivateKeyFromPFX(const char *szFileOut, const char *szPfxFile, long nOptions);
long __stdcall RSA_GetPublicKeyFromCert(char *szOutput, long nOutChars, const char *szCertFile, long nOptions);
long __stdcall RSA_KeyBits(const char *szKeyString);
long __stdcall RSA_KeyBytes(const char *szKeyString);
long __stdcall RSA_ToXMLString(char *szOutput, long nOutChars, const char *szKeyString, long nOptions);
long __stdcall RSA_ToXMLStringEx(char *szOutput, long nOutChars, const char *szKeyString, const char *szPrefix, long nOptions);
long __stdcall RSA_FromXMLString(char *szOutput, long nOutChars, const char *szXmlString, long nOptions);
long __stdcall RSA_CheckKey(const char *szKeyString, long nOptions);
long __stdcall RSA_KeyHashCode(const char *szKeyString);
long __stdcall RSA_KeyMatch(const char *szPrivateKey, const char *szPublicKey);
long __stdcall RSA_ReadPrivateKeyFromPFX(char *szOutput, long nOutChars, const char *szPfxFile, const char *szPassword, long nOptions);
long __stdcall RSA_PublicKeyFromPrivate(char *szOutput, long nOutChars, const char *szKeyString, long nOptions);
long __stdcall RSA_ReadAnyPrivateKey(char *szOutput, long nOutChars, const char *szKeyFileOrString, const char *szPassword, long nOptions);
long __stdcall RSA_ReadAnyPublicKey(char *szOutput, long nOutChars, const char *szKeyFileOrString, long nOptions);
long __stdcall RSA_KeyValue(char *szOutput, long nOutChars, const char *szKeyString, const char *szFieldName, long nOptions);
/* The following three functions are @deprecated - use RSA_ReadAnyPrivateKey or RSA_ReadAnyPublicKey. */
long __stdcall RSA_ReadEncPrivateKey(char *szOutput, long nOutChars, const char *szEpkFile, const char *szPassword, long nOptions);
long __stdcall RSA_ReadPrivateKeyInfo(char *szOutput, long nOutChars, const char *szKeyFile, long nOptions);
long __stdcall RSA_ReadPublicKey(char *szOutput, long nOutChars, const char *szPubKeyFile, long nOptions);
/* 'RAW' RSA ENCRYPTION/DECRYPTION FUNCTIONS */
long __stdcall RSA_RawPublic(unsigned char *lpData, long nDataLen, const char *szPublicKey, long nOptions);
long __stdcall RSA_RawPrivate(unsigned char *lpData, long nDataLen, const char *szPrivateKey, long nOptions);
long __stdcall RSA_EncodeMsg(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, long nOptions);
long __stdcall RSA_DecodeMsg(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, long nOptions);
long __stdcall RSA_Encrypt(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, const char *szPublicKeyFile, const char *szParameters, long nOptions);
long __stdcall RSA_Decrypt(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, const char *szPrivateKeyFile, const char *szPassword, const char *szParameters, long nOptions);
/* ELLIPTIC CURVE CRYPTOGRAPHY FUNCTIONS */
long __stdcall ECC_MakeKeys(const char *szPubKeyFile, const char *szPriKeyFile, const char *szCurveName, const char *szPassword, const char *szParams, long nOptions);
long __stdcall ECC_ReadKeyByCurve(char *szOutput, long nOutChars, const char *szHexKey, const char *szCurveName, long nOptions);
long __stdcall ECC_ReadPrivateKey(char *szOutput, long nOutChars, const char *szKeyFileOrString, const char *szPassword, long nOptions);
long __stdcall ECC_ReadPublicKey(char *szOutput, long nOutChars, const char *szKeyFileOrString, long nOptions);
long __stdcall ECC_SaveEncKey(const char *szFileOut, const char *szIntKeyString, const char *szPassword, const char *szParams, long nOptions);
long __stdcall ECC_SaveKey(const char *szFileOut, const char *szIntKeyString, long nOptions);
long __stdcall ECC_PublicKeyFromPrivate(char *szOutput, long nOutChars, const char *szIntKeyString, long nOptions);
long __stdcall ECC_QueryKey(char *szOutput, long nOutChars, const char *szIntKeyString, const char *szQuery, long nOptions);
long __stdcall ECC_KeyHashCode(const char *szKeyString);
/* New in [v20.0] */
long __stdcall ECC_DHSharedSecret(unsigned char *lpZZ, long nOutBytes, const char *szIntPrivateKey, const char *szIntPublicKey, long nOptions);
/* PKCS12 FILE FUNCTIONS */
long __stdcall PFX_MakeFile(const char *szFileOut, const char *szCertFile, const char *szEpkFile, const char *szPassword, const char *szFriendlyName, long nOptions);
long __stdcall PFX_VerifySig(const char *szFileName, const char *szPassword, long nOptions);
/* X509 CERTIFICATE FUNCTIONS */
long __stdcall X509_MakeCert(const char *szNewCertFile, const char *szIssuerCertFile, const char *szSubjectPubKeyFile, const char *szIssuerEpkFile, long nCertNum, long nYearsValid, const char *szDistName, const char *szExtensions, long nKeyUsageFlags, const char *szPassword, long nOptions);
long __stdcall X509_MakeCertSelf(const char *szNewCertFile, const char *szEpkFile, long nCertNum, long nYearsValid, const char *szDistName, const char *szExtensions, long nKeyUsageFlags, const char *szPassword, long nOptions);
long __stdcall X509_CertRequest(const char *szNewReqFile, const char *szEpkFile, const char *szDistName, const char *szExtensions, const char *szPassword, long nOptions);
long __stdcall X509_VerifyCert(const char *szCertToVerify, const char *szIssuerCert, long nOptions);
long __stdcall X509_CertThumb(const char *szCertFile, char *szOutput, long nOutChars, long nOptions);
long __stdcall X509_CertIsValidNow(const char *szCertFile, long nOptions);
long __stdcall X509_CertIssuedOn(const char *szCertFile, char *szOutput, long nOutChars, long nOptions);
long __stdcall X509_CertExpiresOn(const char *szCertFile, char *szOutput, long nOutChars, long nOptions);
long __stdcall X509_CertSerialNumber(const char *szCertFile, char *szOutput, long nOutChars, long nOptions);
long __stdcall X509_HashIssuerAndSN(const char *szCertFile, char *szOutput, long nOutChars, long nOptions);
long __stdcall X509_CertIssuerName(const char *szCertFile, char *szOutput, long nOutChars, const char *szDelim, long nOptions);
long __stdcall X509_CertSubjectName(const char *szCertFile, char *szOutput, long nOutChars, const char *szDelim, long nOptions);
long __stdcall X509_GetCertFromP7Chain(const char *szNewCertFile, const char *szP7cFile, long nIndex, long nOptions);
long __stdcall X509_GetCertFromPFX(const char *szNewCertFile, const char *szPfxFile, const char *szPassword, long nOptions);
long __stdcall X509_KeyUsageFlags(const char *szCertFile);
long __stdcall X509_QueryCert(char *szOutput, long nOutChars, const char *szCertFile, const char *szQuery, long nOptions);
long __stdcall X509_ReadStringFromFile(char *szOutput, long nOutChars, const char *szCertFile, long nOptions);
long __stdcall X509_SaveFileFromString(const char *szNewCertFile, const char *szCertString, long nOptions);
long __stdcall X509_TextDump(const char *szFileOut, const char *szCertFile, long nOptions);
long __stdcall X509_ValidatePath(const char *szCertListOrP7File, const char *szTrustedCert, long nOptions);
long __stdcall X509_TextDumpToString(char *szOutput, long nOutChars, const char *szCertFile, long nOptions);
long __stdcall X509_ReadCertStringFromP7Chain(char *szOutput, long nOutChars, const char *szP7cFile, long nIndex, long nOptions);
long __stdcall X509_ReadCertStringFromPFX(char *szOutput, long nOutChars, const char *szPfxFile, const char *szPassword, long nOptions);
long __stdcall X509_GetCertCountInP7Chain(const char *szP7cFile, long nOptions);
/* X509 CRL FUNCTIONS */
long __stdcall X509_MakeCRL(const char *szCrlFile, const char *szIssuerCert, const char *szIssuerKeyFile, const char *szPassword, const char *szRevokedCertList, const char *szExtensions, long nOptions);
long __stdcall X509_CheckCertInCRL(const char *szCertFile, const char *szCrlFile, const char *szCRLIssuerCert, const char *szDate, long nOptions);
/* ONLINE CERTIFICATE STATUS PROTOCOL (OCSP) FUNCTIONS */
long __stdcall OCSP_MakeRequest(char *szOutput, long nOutChars, const char *szIssuerCert, const char *szCertFileOrSerialNum, const char *szExtensions, long nOptions);
long __stdcall OCSP_ReadResponse(char *szOutput, long nOutChars, const char *szResponseFile, const char *szIssuerCert, const char *szExtensions, long nOptions);
/* TRIPLE DES FUNCTIONS */
long __stdcall TDEA_HexMode(char *szOutput, const char *szInput, const char *szKey, long fEncrypt, const char *szMode, const char *szIV);
long __stdcall TDEA_B64Mode(char *szOutput, const char *szInput, const char *szKey, long fEncrypt, const char *szMode, const char *szIV);
/* [The following two functions are @deprecated - use equivalent CIPHER_ functions] */
long __stdcall TDEA_BytesMode(unsigned char *lpOutput, const unsigned char *lpData, long nDataLen, const unsigned char *lpKey, long fEncrypt, const char *szMode, const unsigned char *lpIV);
long __stdcall TDEA_File(const char *szFileOut, const char *szFileIn, const unsigned char *lpKey, long fEncrypt, const char *szMode, const unsigned char *lpIV);
/* GENERIC BLOCK CIPHER FUNCTIONS */
/* @deprecated - prefer CIPHER_En/DecryptBytes */
long __stdcall CIPHER_Bytes(long fEncrypt, unsigned char *lpOutput, const unsigned char *lpData, long nDataLen, const unsigned char *lpKey, const unsigned char *lpIV, const char *szAlgAndMode, long nOptions);
/* @deprecated - prefer CIPHER_FileEn/Decrypt */
long __stdcall CIPHER_File(long fEncrypt, const char *szFileOut, const char *szFileIn, const unsigned char *lpKey, const unsigned char *lpIV, const char *szAlgAndMode, long nOptions);
/* @deprecated - prefer CIPHER_En/DecryptHex */
long __stdcall CIPHER_Hex(long fEncrypt, char *szOutput, long nOutChars, const char *szData, const char *szKey, const char *szIV, const char *szAlgAndMode, long nOptions);
/* Changed in [v20.2]: Renamed ~Bytes2 to ~Bytes */
long __stdcall CIPHER_EncryptBytes(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, const unsigned char *lpKey, long nKeyLen, const unsigned char *lpIV, long nIvLen, const char *szAlgModePad, long nOptions);
long __stdcall CIPHER_DecryptBytes(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, const unsigned char *lpKey, long nKeyLen, const unsigned char *lpIV, long nIvLen, const char *szAlgModePad, long nOptions);
/* @deprecated - keep old ~Bytes2 for backwards compatibility */
long __stdcall CIPHER_EncryptBytes2(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, const unsigned char *lpKey, long nKeyLen, const unsigned char *lpIV, long nIvLen, const char *szAlgModePad, long nOptions);
long __stdcall CIPHER_DecryptBytes2(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, const unsigned char *lpKey, long nKeyLen, const unsigned char *lpIV, long nIvLen, const char *szAlgModePad, long nOptions);
long __stdcall CIPHER_FileEncrypt(const char *szFileOut, const char *szFileIn, const unsigned char *lpKey, long nKeyLen, const unsigned char *lpIV, long nIvLen, const char *szAlgModePad, long nOptions);
long __stdcall CIPHER_FileDecrypt(const char *szFileOut, const char *szFileIn, const unsigned char *lpKey, long nKeyLen, const unsigned char *lpIV, long nIvLen, const char *szAlgModePad, long nOptions);
long __stdcall CIPHER_EncryptAEAD(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, const unsigned char *lpKey, long nKeyLen, const unsigned char *lpIV, long nIvLen, const unsigned char *lpAAD, long nAadLen, long nOptions);
long __stdcall CIPHER_DecryptAEAD(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, const unsigned char *lpKey, long nKeyLen, const unsigned char *lpIV, long nIvLen, const unsigned char *lpAAD, long nAadLen, long nOptions);
long __stdcall CIPHER_KeyWrap(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpData, long nDataLen, const unsigned char *lpKek, long nKekLen, long nOptions);
long __stdcall CIPHER_KeyUnwrap(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpData, long nDataLen, const unsigned char *lpKek, long nKekLen, long nOptions);
/* New in [v20.0] */
long __stdcall CIPHER_EncryptHex(char *szOutput, long nOutChars, const char *szInputHex, const char *szKeyHex, const char *szIvHex, const char *szAlgModePad, long nOptions);
long __stdcall CIPHER_DecryptHex(char *szOutput, long nOutChars, const char *szInputHex, const char *szKeyHex, const char *szIvHex, const char *szAlgModePad, long nOptions);
/* MESSAGE DIGEST HASH FUNCTIONS */
long __stdcall HASH_Bytes(unsigned char *lpOutput, long nOutBytes, const void *lpMessage, long nMsgLen, long nOptions);
long __stdcall HASH_File(unsigned char *lpOutput, long nOutBytes, const char *szFileName, long nOptions);
long __stdcall HASH_HexFromBytes(char *szOutput, long nOutChars, const void *lpMessage, long nMsgLen, long nOptions);
long __stdcall HASH_HexFromFile(char *szOutput, long nOutChars, const char *szFileName, long nOptions);
long __stdcall HASH_HexFromHex(char *szOutput, long nOutChars, const char *szMsgHex, long nOptions);
/* New in [v20.5] */
long __stdcall HASH_Length(long nAlgId);
/* HMAC FUNCTIONS */
long __stdcall HMAC_Bytes(unsigned char *lpOutput, long nOutBytes, const void *lpMessage, long nMsgLen, const void *lpKey, long nKeyLen, long nOptions);
long __stdcall HMAC_HexFromBytes(char *szOutput, long nOutChars, const void *lpMessage, long nMsgLen, const void *lpKey, long nKeyLen, long nOptions);
long __stdcall HMAC_HexFromHex(char *szOutput, long nOutChars, const char *szMsgHex, const char *szKeyHex, long nOptions);
/* BASE64 AND HEX CONVERSION FUNCTIONS */
long __stdcall CNV_B64StrFromBytes(char *szOutput, long nOutChars, const unsigned char *lpInput, long nInputLen);
long __stdcall CNV_BytesFromB64Str(unsigned char *lpOutput, long nOutBytes, const char *szInput);
long __stdcall CNV_B64Filter(char *szOutput, const char *szInput, long nStrLen);
long __stdcall CNV_HexStrFromBytes(char *szOutput, long nOutChars, const unsigned char *lpInput, long nInputLen);
long __stdcall CNV_BytesFromHexStr(unsigned char *lpOutput, long nOutBytes, const char *szInput);
long __stdcall CNV_HexFilter(char *szOutput, const char *szInput, long nStrLen);
/* BASE58 FUNCTIONS */
long __stdcall CNV_Base58FromBytes(char *szOutput, long nOutChars, const unsigned char *lpInput, long nInputLen);
long __stdcall CNV_Base58ToBytes(unsigned char *lpOutput, long nOutBytes, const char *szInput);
/* UTF-8 CONVERSION/CHECK FUNCTIONS */
long __stdcall CNV_UTF8BytesFromLatin1(unsigned char *lpOutput, long nOutBytes, const char *szInput);
long __stdcall CNV_Latin1FromUTF8Bytes(char *szOutput, long nOutChars, const unsigned char *lpInput, long nBytes);
long __stdcall CNV_CheckUTF8Bytes(const unsigned char *lpInput, long nBytes);
long __stdcall CNV_CheckUTF8File(const char *szFileName);
long __stdcall CNV_ByteEncoding(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nBytes, long nOptions);
/* New in [v20.3] */
long __stdcall CNV_Utf8FromWide(char *szOut, long nOutChars, const wchar_t* wstr);
/* New in [v21.0] */
long __stdcall CNV_ShortPathName(char *szOut, long nOutChars, const wchar_t* szwLongPath);
/* The following three functions are @deprecated... */
long __stdcall CNV_UTF8FromLatin1(char *szOutput, long nOutChars, const char *szInput); /* DEPRECATED */
long __stdcall CNV_Latin1FromUTF8(char *szOutput, long nOutChars, const char *szInput); /* DEPRECATED */
long __stdcall CNV_CheckUTF8(const char *szInput); /* DEPRECATED */
/* MISC BYTE UTILITIES */
long __stdcall CNV_ReverseBytes(unsigned char *lpOutput, const unsigned char *lpInput, long nBytes);
long __stdcall CNV_NumToBytes(unsigned char *lpOutput, long nOutBytes, long nNumber, long nOptions);
long __stdcall CNV_NumFromBytes(const unsigned char *lpInput, long nBytes, long nOptions);
/* PEM/BINARY FILE CONVERSIONS */
long __stdcall PEM_FileFromBinFile(const char *szFileOut, const char *szFileIn, const char *szHeader, long nLineLen);
long __stdcall PEM_FileFromBinFileEx(const char *szFileOut, const char *szFileIn, const char *szHeader, long nLineLen, long nOptions);
long __stdcall PEM_FileToBinFile(const char *szFileOut, const char *szFileIn);
/* RNG FUNCTIONS */
long __stdcall RNG_Bytes(unsigned char *lpOutput, long nOutBytes, const void *lpSeed, long nSeedLen);
long __stdcall RNG_Number(long nLower, long nUpper);
long __stdcall RNG_BytesWithPrompt(unsigned char *lpOutput, long nOutBytes, const char *szPrompt, long nOptions);
long __stdcall RNG_Initialize(const char *szSeedFile, long nOptions);
long __stdcall RNG_MakeSeedFile(const char *szSeedFile, const char *szPrompt, long nOptions);
long __stdcall RNG_UpdateSeedFile(const char *szSeedFile, long nOptions);
long __stdcall RNG_Test(const char *szFileOut, long nOptions);
long __stdcall RNG_Guid(char *szOutput, long nOutChars, long nOptions);
/* PADDING FUNCTIONS */
long __stdcall PAD_BytesBlock(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, long nBlkLen, long nOptions);
long __stdcall PAD_UnpadBytes(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, long nBlkLen, long nOptions);
long __stdcall PAD_HexBlock(char *szOutput, long nOutChars, const char *szInput, long nBlkLen, long nOptions);
long __stdcall PAD_UnpadHex(char *szOutput, long nOutChars, const char *szInput, long nBlkLen, long nOptions);
/* MISC UTILITIES */
long __stdcall WIPE_File(const char *szFileName, long nOptions);
long __stdcall WIPE_Data(void *lpData, long nDataLen);
long __stdcall PWD_Prompt(char *szPassword, long nPwdLen, const char *szCaption);
long __stdcall PWD_PromptEx(char *szPassword, long nPwdLen, const char *szCaption, const char *szPrompt, long nOptions);
/* PASSWORD-BASED ENCRYPTION PROTOTYPES */
long __stdcall PBE_Kdf2(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpPwd, long nPwdLen, const unsigned char *lpSalt, long nSaltLen, long nCount, long nOptions);
long __stdcall PBE_Kdf2Hex(char *szOutput, long nOutChars, long dkBytes, const char *szPwd, const char *szSaltHex, long nCount, long nOptions);
/* ASN.1 UTILITIES */
long __stdcall ASN1_TextDump(const char *szFileOut, const char *szFileOrPEMString, long nOptions);
long __stdcall ASN1_Type(char *szOutput, long nOutChars, const char *szFileOrPEMString, long nOptions);
long __stdcall ASN1_TextDumpToString(char *szOutput, long nOutChars, const char *szFileOrPEMString, const char *szDirName, long nOptions);
/* SIGNATURE FUNCTIONS */
long __stdcall SIG_SignData(char *szOutput, long nOutChars, const unsigned char *lpData, long nDataLen, const char *szKeyFile, const char *szPassword, const char *szAlgName, long nOptions);
long __stdcall SIG_SignFile(char *szOutput, long nOutChars, const char *szDataFile, const char *szKeyFile, const char *szPassword, const char *szAlgName, long nOptions);
long __stdcall SIG_VerifyData(const char *szSignature, const unsigned char *lpData, long nDataLen, const char *szCertOrKeyFile, const char *szAlgName, long nOptions);
long __stdcall SIG_VerifyFile(const char *szSignature, const char *szDataFile, const char *szCertOrKeyFile, const char *szAlgName, long nOptions);
/* SMIME FUNCTIONS */
long __stdcall SMIME_Wrap(const char *szFileOut, const char *szFileIn, const char *szFeatures, long nOptions);
long __stdcall SMIME_Extract(const char *szFileOut, const char *szFileIn, long nOptions);
long __stdcall SMIME_Query(char *szOutput, long nOutChars, const char *szFileIn, const char *szQuery, long nOptions);
/* COMPRESSION FUNCTIONS */
long __stdcall COMPR_Compress(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, long nOptions);
long __stdcall COMPR_Uncompress(unsigned char *lpOutput, long nOutBytes, const unsigned char *lpInput, long nInputLen, long nOptions);
/* KEY DERIVATION FUNCTIONS */
/* New in [v20.5] */
long __stdcall KDF_Bytes(unsigned char *lpOutput, long nOutBytes, const void *lpIKM, long nIkmLen, const void *lpInfo, long nInfoLen, const char *szParams, long nOptions);
long __stdcall KDF_ForCms(unsigned char *lpOutput, long nOutBytes, const void *lpZZ, long nZzLen, const void *lpUkm, long nUkmLen, const char *szParams, long nOptions);
/* XOF/PRF FUNCTIONS */
/* New in [v21.0] */
long __stdcall XOF_Bytes(unsigned char *lpOutput, long nOutBytes, const void *lpMessage, long nMsgLen, long nOptions);
long __stdcall PRF_Bytes(unsigned char *lpOutput, long nOutBytes, const void *lpMessage, long nMsgLen, const void *lpKey, long nKeyLen, const char *szCustom, long nOptions);
#ifdef __cplusplus
}
#endif
#endif /* end DICRPKI_H_ */