cryptlib  3.4.1
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Properties Macros
cryptlib.cs
Go to the documentation of this file.
1 using System;
2 using System.Runtime.InteropServices;
3 using System.Text;
4 
5 namespace cryptlib
6 {
7 
8 public class crypt
9 {
10 
11  /* Additional defines for compilers that provide extended function and
12  function-parameter checking */
13 
14 
15 
16  /****************************************************************************
17  * *
18  * Algorithm and Object Types *
19  * *
20  ****************************************************************************/
21 
22  /* Algorithm and mode types */
23 
24  // CRYPT_ALGO_TYPE
25  public const int ALGO_NONE = 0 ; // No encryption
26  public const int ALGO_DES = 1 ; // DES
27  public const int ALGO_3DES = 2 ; // Triple DES
28  public const int ALGO_IDEA = 3 ; // IDEA
29  public const int ALGO_CAST = 4 ; // CAST-128
30  public const int ALGO_RC2 = 5 ; // RC2
31  public const int ALGO_RC4 = 6 ; // RC4
32  public const int ALGO_RC5 = 7 ; // RC5
33  public const int ALGO_AES = 8 ; // AES
34  public const int ALGO_BLOWFISH = 9 ; // Blowfish
35  public const int ALGO_SKIPJACK = 10 ; // Skipjack
36  public const int ALGO_DH = 100; // Diffie-Hellman
37  public const int ALGO_RSA = 101; // RSA
38  public const int ALGO_DSA = 102; // DSA
39  public const int ALGO_ELGAMAL = 103; // ElGamal
40  public const int ALGO_KEA = 104; // KEA
41  public const int ALGO_ECDSA = 105; // ECDSA
42  public const int ALGO_ECDH = 106; // ECDH
43  public const int ALGO_MD2 = 200; // MD2
44  public const int ALGO_MD4 = 201; // MD4
45  public const int ALGO_MD5 = 202; // MD5
46  public const int ALGO_SHA1 = 203; // SHA/SHA1
47  public const int ALGO_SHA = 203; // Older form
48  public const int ALGO_RIPEMD160 = 204; // RIPE-MD 160
49  public const int ALGO_SHA2 = 205; // SHA-256
50  public const int ALGO_SHA256 = 205; // Alternate name
51  public const int ALGO_SHAng = 206; // Future SHA-nextgen standard
52  public const int ALGO_HMAC_MD5 = 300; // HMAC-MD5
53  public const int ALGO_HMAC_SHA1 = 301; // HMAC-SHA
54  public const int ALGO_HMAC_SHA = 301; // Older form
55  public const int ALGO_HMAC_RIPEMD160 = 302; // HMAC-RIPEMD-160
56  public const int ALGO_HMAC_SHA2 = 303; // HMAC-SHA2
57  public const int ALGO_HMAC_SHAng = 304; // HMAC-future-SHA-nextgen
58  public const int ALGO_LAST = 305; // Last possible crypt algo value
59  public const int ALGO_FIRST_CONVENTIONAL = 1 ;
60  public const int ALGO_LAST_CONVENTIONAL = 99 ;
61  public const int ALGO_FIRST_PKC = 100;
62  public const int ALGO_LAST_PKC = 199;
63  public const int ALGO_FIRST_HASH = 200;
64  public const int ALGO_LAST_HASH = 299;
65  public const int ALGO_FIRST_MAC = 300;
66  public const int ALGO_LAST_MAC = 399; // End of mac algo.range
67 
68  // CRYPT_MODE_TYPE
69  public const int MODE_NONE = 0; // No encryption mode
70  public const int MODE_ECB = 1; // ECB
71  public const int MODE_CBC = 2; // CBC
72  public const int MODE_CFB = 3; // CFB
73  public const int MODE_OFB = 4; // OFB
74  public const int MODE_GCM = 5; // GCM
75  public const int MODE_LAST = 6; // Last possible crypt mode value
76 
77 
78  /* Keyset subtypes */
79 
80  // CRYPT_KEYSET_TYPE
81  public const int KEYSET_NONE = 0; // No keyset type
82  public const int KEYSET_FILE = 1; // Generic flat file keyset
83  public const int KEYSET_HTTP = 2; // Web page containing cert/CRL
84  public const int KEYSET_LDAP = 3; // LDAP directory service
85  public const int KEYSET_ODBC = 4; // Generic ODBC interface
86  public const int KEYSET_DATABASE = 5; // Generic RDBMS interface
87  public const int KEYSET_ODBC_STORE = 6; // ODBC certificate store
88  public const int KEYSET_DATABASE_STORE = 7; // Database certificate store
89  public const int KEYSET_LAST = 8; // Last possible keyset type
90 
91  /* Device subtypes */
92 
93  // CRYPT_DEVICE_TYPE
94  public const int DEVICE_NONE = 0; // No crypto device
95  public const int DEVICE_FORTEZZA = 1; // Fortezza card
96  public const int DEVICE_PKCS11 = 2; // PKCS #11 crypto token
97  public const int DEVICE_CRYPTOAPI = 3; // Microsoft CryptoAPI
98  public const int DEVICE_HARDWARE = 4; // Generic crypo HW plugin
99  public const int DEVICE_LAST = 5; // Last possible crypto device type
100 
101  /* Certificate subtypes */
102 
103  // CRYPT_CERTTYPE_TYPE
104  public const int CERTTYPE_NONE = 0 ; // No certificate type
105  public const int CERTTYPE_CERTIFICATE = 1 ; // Certificate
106  public const int CERTTYPE_ATTRIBUTE_CERT = 2 ; // Attribute certificate
107  public const int CERTTYPE_CERTCHAIN = 3 ; // PKCS #7 certificate chain
108  public const int CERTTYPE_CERTREQUEST = 4 ; // PKCS #10 certification request
109  public const int CERTTYPE_REQUEST_CERT = 5 ; // CRMF certification request
110  public const int CERTTYPE_REQUEST_REVOCATION = 6 ; // CRMF revocation request
111  public const int CERTTYPE_CRL = 7 ; // CRL
112  public const int CERTTYPE_CMS_ATTRIBUTES = 8 ; // CMS attributes
113  public const int CERTTYPE_RTCS_REQUEST = 9 ; // RTCS request
114  public const int CERTTYPE_RTCS_RESPONSE = 10; // RTCS response
115  public const int CERTTYPE_OCSP_REQUEST = 11; // OCSP request
116  public const int CERTTYPE_OCSP_RESPONSE = 12; // OCSP response
117  public const int CERTTYPE_PKIUSER = 13; // PKI user information
118  public const int CERTTYPE_LAST = 14; // Last possible cert.type
119 
120  /* Envelope/data format subtypes */
121 
122  // CRYPT_FORMAT_TYPE
123  public const int FORMAT_NONE = 0; // No format type
124  public const int FORMAT_AUTO = 1; // Deenv, auto-determine type
125  public const int FORMAT_CRYPTLIB = 2; // cryptlib native format
126  public const int FORMAT_CMS = 3; // PKCS #7 / CMS / S/MIME fmt.
127  public const int FORMAT_PKCS7 = 3;
128  public const int FORMAT_SMIME = 4; // As CMS with MSG-style behaviour
129  public const int FORMAT_PGP = 5; // PGP format
130  public const int FORMAT_LAST = 6; // Last possible format type
131 
132  /* Session subtypes */
133 
134  // CRYPT_SESSION_TYPE
135  public const int SESSION_NONE = 0 ; // No session type
136  public const int SESSION_SSH = 1 ; // SSH
137  public const int SESSION_SSH_SERVER = 2 ; // SSH server
138  public const int SESSION_SSL = 3 ; // SSL/TLS
139  public const int SESSION_SSL_SERVER = 4 ; // SSL/TLS server
140  public const int SESSION_RTCS = 5 ; // RTCS
141  public const int SESSION_RTCS_SERVER = 6 ; // RTCS server
142  public const int SESSION_OCSP = 7 ; // OCSP
143  public const int SESSION_OCSP_SERVER = 8 ; // OCSP server
144  public const int SESSION_TSP = 9 ; // TSP
145  public const int SESSION_TSP_SERVER = 10; // TSP server
146  public const int SESSION_CMP = 11; // CMP
147  public const int SESSION_CMP_SERVER = 12; // CMP server
148  public const int SESSION_SCEP = 13; // SCEP
149  public const int SESSION_SCEP_SERVER = 14; // SCEP server
150  public const int SESSION_CERTSTORE_SERVER = 15; // HTTP cert store interface
151  public const int SESSION_LAST = 16; // Last possible session type
152 
153  /* User subtypes */
154 
155  // CRYPT_USER_TYPE
156  public const int USER_NONE = 0; // No user type
157  public const int USER_NORMAL = 1; // Normal user
158  public const int USER_SO = 2; // Security officer
159  public const int USER_CA = 3; // CA user
160  public const int USER_LAST = 4; // Last possible user type
161 
162  /****************************************************************************
163  * *
164  * Attribute Types *
165  * *
166  ****************************************************************************/
167 
168  /* Attribute types. These are arranged in the following order:
169 
170  PROPERTY - Object property
171  ATTRIBUTE - Generic attributes
172  OPTION - Global or object-specific config.option
173  CTXINFO - Context-specific attribute
174  CERTINFO - Certificate-specific attribute
175  KEYINFO - Keyset-specific attribute
176  DEVINFO - Device-specific attribute
177  ENVINFO - Envelope-specific attribute
178  SESSINFO - Session-specific attribute
179  USERINFO - User-specific attribute */
180 
181  // CRYPT_ATTRIBUTE_TYPE
182  public const int ATTRIBUTE_NONE = 0 ; // Non-value
183  public const int PROPERTY_FIRST = 1 ; // *******************
184  public const int PROPERTY_HIGHSECURITY = 2 ; // Owned+non-forwardcount+locked
185  public const int PROPERTY_OWNER = 3 ; // Object owner
186  public const int PROPERTY_FORWARDCOUNT = 4 ; // No.of times object can be forwarded
187  public const int PROPERTY_LOCKED = 5 ; // Whether properties can be chged/read
188  public const int PROPERTY_USAGECOUNT = 6 ; // Usage count before object expires
189  public const int PROPERTY_NONEXPORTABLE = 7 ; // Whether key is nonexp.from context
190  public const int PROPERTY_LAST = 8 ;
191  public const int GENERIC_FIRST = 9 ; // Extended error information
192  public const int ATTRIBUTE_ERRORTYPE = 10 ; // Type of last error
193  public const int ATTRIBUTE_ERRORLOCUS = 11 ; // Locus of last error
194  public const int ATTRIBUTE_ERRORMESSAGE = 12 ; // Detailed error description
195  public const int ATTRIBUTE_CURRENT_GROUP = 13 ; // Cursor mgt: Group in attribute list
196  public const int ATTRIBUTE_CURRENT = 14 ; // Cursor mgt: Entry in attribute list
197  public const int ATTRIBUTE_CURRENT_INSTANCE = 15 ; // Cursor mgt: Instance in attribute list
198  public const int ATTRIBUTE_BUFFERSIZE = 16 ; // Internal data buffer size
199  public const int GENERIC_LAST = 17 ;
200  public const int OPTION_FIRST = 100 ; // **************************
201  public const int OPTION_INFO_DESCRIPTION = 101 ; // Text description
202  public const int OPTION_INFO_COPYRIGHT = 102 ; // Copyright notice
203  public const int OPTION_INFO_MAJORVERSION = 103 ; // Major release version
204  public const int OPTION_INFO_MINORVERSION = 104 ; // Minor release version
205  public const int OPTION_INFO_STEPPING = 105 ; // Release stepping
206  public const int OPTION_ENCR_ALGO = 106 ; // Encryption algorithm
207  public const int OPTION_ENCR_HASH = 107 ; // Hash algorithm
208  public const int OPTION_ENCR_MAC = 108 ; // MAC algorithm
209  public const int OPTION_PKC_ALGO = 109 ; // Public-key encryption algorithm
210  public const int OPTION_PKC_KEYSIZE = 110 ; // Public-key encryption key size
211  public const int OPTION_SIG_ALGO = 111 ; // Signature algorithm
212  public const int OPTION_SIG_KEYSIZE = 112 ; // Signature keysize
213  public const int OPTION_KEYING_ALGO = 113 ; // Key processing algorithm
214  public const int OPTION_KEYING_ITERATIONS = 114 ; // Key processing iterations
215  public const int OPTION_CERT_SIGNUNRECOGNISEDATTRIBUTES = 115 ; // Whether to sign unrecog.attrs
216  public const int OPTION_CERT_VALIDITY = 116 ; // Certificate validity period
217  public const int OPTION_CERT_UPDATEINTERVAL = 117 ; // CRL update interval
218  public const int OPTION_CERT_COMPLIANCELEVEL = 118 ; // PKIX compliance level for cert chks.
219  public const int OPTION_CERT_REQUIREPOLICY = 119 ; // Whether explicit policy req'd for certs
220  public const int OPTION_CMS_DEFAULTATTRIBUTES = 120 ; // Add default CMS attributes
221  public const int OPTION_SMIME_DEFAULTATTRIBUTES = 120 ; // LDAP keyset options
222  public const int OPTION_KEYS_LDAP_OBJECTCLASS = 121 ; // Object class
223  public const int OPTION_KEYS_LDAP_OBJECTTYPE = 122 ; // Object type to fetch
224  public const int OPTION_KEYS_LDAP_FILTER = 123 ; // Query filter
225  public const int OPTION_KEYS_LDAP_CACERTNAME = 124 ; // CA certificate attribute name
226  public const int OPTION_KEYS_LDAP_CERTNAME = 125 ; // Certificate attribute name
227  public const int OPTION_KEYS_LDAP_CRLNAME = 126 ; // CRL attribute name
228  public const int OPTION_KEYS_LDAP_EMAILNAME = 127 ; // Email attribute name
229  public const int OPTION_DEVICE_PKCS11_DVR01 = 128 ; // Name of first PKCS #11 driver
230  public const int OPTION_DEVICE_PKCS11_DVR02 = 129 ; // Name of second PKCS #11 driver
231  public const int OPTION_DEVICE_PKCS11_DVR03 = 130 ; // Name of third PKCS #11 driver
232  public const int OPTION_DEVICE_PKCS11_DVR04 = 131 ; // Name of fourth PKCS #11 driver
233  public const int OPTION_DEVICE_PKCS11_DVR05 = 132 ; // Name of fifth PKCS #11 driver
234  public const int OPTION_DEVICE_PKCS11_HARDWAREONLY = 133 ; // Use only hardware mechanisms
235  public const int OPTION_NET_SOCKS_SERVER = 134 ; // Socks server name
236  public const int OPTION_NET_SOCKS_USERNAME = 135 ; // Socks user name
237  public const int OPTION_NET_HTTP_PROXY = 136 ; // Web proxy server
238  public const int OPTION_NET_CONNECTTIMEOUT = 137 ; // Timeout for network connection setup
239  public const int OPTION_NET_READTIMEOUT = 138 ; // Timeout for network reads
240  public const int OPTION_NET_WRITETIMEOUT = 139 ; // Timeout for network writes
241  public const int OPTION_MISC_ASYNCINIT = 140 ; // Whether to init cryptlib async'ly
242  public const int OPTION_MISC_SIDECHANNELPROTECTION = 141 ; // Protect against side-channel attacks
243  public const int OPTION_CONFIGCHANGED = 142 ; // Whether in-mem.opts match on-disk ones
244  public const int OPTION_SELFTESTOK = 143 ; // Whether self-test was completed and OK
245  public const int OPTION_LAST = 144 ;
246  public const int CTXINFO_FIRST = 1000; // ********************
247  public const int CTXINFO_ALGO = 1001; // Algorithm
248  public const int CTXINFO_MODE = 1002; // Mode
249  public const int CTXINFO_NAME_ALGO = 1003; // Algorithm name
250  public const int CTXINFO_NAME_MODE = 1004; // Mode name
251  public const int CTXINFO_KEYSIZE = 1005; // Key size in bytes
252  public const int CTXINFO_BLOCKSIZE = 1006; // Block size
253  public const int CTXINFO_IVSIZE = 1007; // IV size
254  public const int CTXINFO_KEYING_ALGO = 1008; // Key processing algorithm
255  public const int CTXINFO_KEYING_ITERATIONS = 1009; // Key processing iterations
256  public const int CTXINFO_KEYING_SALT = 1010; // Key processing salt
257  public const int CTXINFO_KEYING_VALUE = 1011; // Value used to derive key
258  public const int CTXINFO_KEY = 1012; // Key
259  public const int CTXINFO_KEY_COMPONENTS = 1013; // Public-key components
260  public const int CTXINFO_IV = 1014; // IV
261  public const int CTXINFO_HASHVALUE = 1015; // Hash value
262  public const int CTXINFO_LABEL = 1016; // Label for private/secret key
263  public const int CTXINFO_PERSISTENT = 1017; // Obj.is backed by device or keyset
264  public const int CTXINFO_LAST = 1018;
265  public const int CERTINFO_FIRST = 2000; // ************************
266  public const int CERTINFO_SELFSIGNED = 2001; // Cert is self-signed
267  public const int CERTINFO_IMMUTABLE = 2002; // Cert is signed and immutable
268  public const int CERTINFO_XYZZY = 2003; // Cert is a magic just-works cert
269  public const int CERTINFO_CERTTYPE = 2004; // Certificate object type
270  public const int CERTINFO_FINGERPRINT = 2005; // Certificate fingerprints
271  public const int CERTINFO_FINGERPRINT_MD5 = 2005;
272  public const int CERTINFO_FINGERPRINT_SHA1 = 2006;
273  public const int CERTINFO_FINGERPRINT_SHA = 2006;
274  public const int CERTINFO_FINGERPRINT_SHA2 = 2007;
275  public const int CERTINFO_FINGERPRINT_SHAng = 2008;
276  public const int CERTINFO_CURRENT_CERTIFICATE = 2009; // Cursor mgt: Rel.pos in chain/CRL/OCSP
277  public const int CERTINFO_TRUSTED_USAGE = 2010; // Usage that cert is trusted for
278  public const int CERTINFO_TRUSTED_IMPLICIT = 2011; // Whether cert is implicitly trusted
279  public const int CERTINFO_SIGNATURELEVEL = 2012; // Amount of detail to include in sigs.
280  public const int CERTINFO_VERSION = 2013; // Cert.format version
281  public const int CERTINFO_SERIALNUMBER = 2014; // Serial number
282  public const int CERTINFO_SUBJECTPUBLICKEYINFO = 2015; // Public key
283  public const int CERTINFO_CERTIFICATE = 2016; // User certificate
284  public const int CERTINFO_USERCERTIFICATE = 2016;
285  public const int CERTINFO_CACERTIFICATE = 2017; // CA certificate
286  public const int CERTINFO_ISSUERNAME = 2018; // Issuer DN
287  public const int CERTINFO_VALIDFROM = 2019; // Cert valid-from time
288  public const int CERTINFO_VALIDTO = 2020; // Cert valid-to time
289  public const int CERTINFO_SUBJECTNAME = 2021; // Subject DN
290  public const int CERTINFO_ISSUERUNIQUEID = 2022; // Issuer unique ID
291  public const int CERTINFO_SUBJECTUNIQUEID = 2023; // Subject unique ID
292  public const int CERTINFO_CERTREQUEST = 2024; // Cert.request (DN + public key)
293  public const int CERTINFO_THISUPDATE = 2025; // CRL/OCSP current-update time
294  public const int CERTINFO_NEXTUPDATE = 2026; // CRL/OCSP next-update time
295  public const int CERTINFO_REVOCATIONDATE = 2027; // CRL/OCSP cert-revocation time
296  public const int CERTINFO_REVOCATIONSTATUS = 2028; // OCSP revocation status
297  public const int CERTINFO_CERTSTATUS = 2029; // RTCS certificate status
298  public const int CERTINFO_DN = 2030; // Currently selected DN in string form
299  public const int CERTINFO_PKIUSER_ID = 2031; // PKI user ID
300  public const int CERTINFO_PKIUSER_ISSUEPASSWORD = 2032; // PKI user issue password
301  public const int CERTINFO_PKIUSER_REVPASSWORD = 2033; // PKI user revocation password
302  public const int CERTINFO_COUNTRYNAME = 2100; // countryName
303  public const int CERTINFO_STATEORPROVINCENAME = 2101; // stateOrProvinceName
304  public const int CERTINFO_LOCALITYNAME = 2102; // localityName
305  public const int CERTINFO_ORGANIZATIONNAME = 2103; // organizationName
306  public const int CERTINFO_ORGANISATIONNAME = 2103;
307  public const int CERTINFO_ORGANIZATIONALUNITNAME = 2104; // organizationalUnitName
308  public const int CERTINFO_ORGANISATIONALUNITNAME = 2104;
309  public const int CERTINFO_COMMONNAME = 2105; // commonName
310  public const int CERTINFO_OTHERNAME_TYPEID = 2106; // otherName.typeID
311  public const int CERTINFO_OTHERNAME_VALUE = 2107; // otherName.value
312  public const int CERTINFO_RFC822NAME = 2108; // rfc822Name
313  public const int CERTINFO_EMAIL = 2108;
314  public const int CERTINFO_DNSNAME = 2109; // dNSName
315  public const int CERTINFO_DIRECTORYNAME = 2110; // directoryName
316  public const int CERTINFO_EDIPARTYNAME_NAMEASSIGNER = 2111; // ediPartyName.nameAssigner
317  public const int CERTINFO_EDIPARTYNAME_PARTYNAME = 2112; // ediPartyName.partyName
318  public const int CERTINFO_UNIFORMRESOURCEIDENTIFIER = 2113; // uniformResourceIdentifier
319  public const int CERTINFO_IPADDRESS = 2114; // iPAddress
320  public const int CERTINFO_REGISTEREDID = 2115; // registeredID
321  public const int CERTINFO_CHALLENGEPASSWORD = 2200; // 1 3 6 1 4 1 3029 3 1 4 cRLExtReason
322  public const int CERTINFO_CRLEXTREASON = 2201; // 1 3 6 1 4 1 3029 3 1 5 keyFeatures
323  public const int CERTINFO_KEYFEATURES = 2202; // 1 3 6 1 5 5 7 1 1 authorityInfoAccess
324  public const int CERTINFO_AUTHORITYINFOACCESS = 2203;
325  public const int CERTINFO_AUTHORITYINFO_RTCS = 2204; // accessDescription.accessLocation
326  public const int CERTINFO_AUTHORITYINFO_OCSP = 2205; // accessDescription.accessLocation
327  public const int CERTINFO_AUTHORITYINFO_CAISSUERS = 2206; // accessDescription.accessLocation
328  public const int CERTINFO_AUTHORITYINFO_CERTSTORE = 2207; // accessDescription.accessLocation
329  public const int CERTINFO_AUTHORITYINFO_CRLS = 2208; // accessDescription.accessLocation
330  public const int CERTINFO_BIOMETRICINFO = 2209;
331  public const int CERTINFO_BIOMETRICINFO_TYPE = 2210; // biometricData.typeOfData
332  public const int CERTINFO_BIOMETRICINFO_HASHALGO = 2211; // biometricData.hashAlgorithm
333  public const int CERTINFO_BIOMETRICINFO_HASH = 2212; // biometricData.dataHash
334  public const int CERTINFO_BIOMETRICINFO_URL = 2213; // biometricData.sourceDataUri
335  public const int CERTINFO_QCSTATEMENT = 2214;
336  public const int CERTINFO_QCSTATEMENT_SEMANTICS = 2215; // qcStatement.statementInfo.semanticsIdentifier
337  public const int CERTINFO_QCSTATEMENT_REGISTRATIONAUTHORITY = 2216; // qcStatement.statementInfo.nameRegistrationAuthorities
338  public const int CERTINFO_IPADDRESSBLOCKS = 2217;
339  public const int CERTINFO_IPADDRESSBLOCKS_ADDRESSFAMILY = 2218; // addressFamily
340  public const int CERTINFO_IPADDRESSBLOCKS_INHERIT = 2219;
341  public const int CERTINFO_IPADDRESSBLOCKS_PREFIX = 2220; // ipAddress.addressPrefix
342  public const int CERTINFO_IPADDRESSBLOCKS_MIN = 2221; // ipAddress.addressRangeMin
343  public const int CERTINFO_IPADDRESSBLOCKS_MAX = 2222; // ipAddress.addressRangeMax
344  public const int CERTINFO_AUTONOMOUSSYSIDS = 2223; // CRYPT_CERTINFO_AUTONOMOUSSYSIDS_ASNUM_INHERIT,// asNum.inherit
345  public const int CERTINFO_AUTONOMOUSSYSIDS_ASNUM_INHERIT = 2224;
346  public const int CERTINFO_AUTONOMOUSSYSIDS_ASNUM_ID = 2225; // asNum.id
347  public const int CERTINFO_AUTONOMOUSSYSIDS_ASNUM_MIN = 2226; // asNum.min
348  public const int CERTINFO_AUTONOMOUSSYSIDS_ASNUM_MAX = 2227; // asNum.max
349  public const int CERTINFO_OCSP_NONCE = 2228; // nonce
350  public const int CERTINFO_OCSP_RESPONSE = 2229;
351  public const int CERTINFO_OCSP_RESPONSE_OCSP = 2230; // OCSP standard response
352  public const int CERTINFO_OCSP_NOCHECK = 2231; // 1 3 6 1 5 5 7 48 1 6 ocspArchiveCutoff
353  public const int CERTINFO_OCSP_ARCHIVECUTOFF = 2232; // 1 3 6 1 5 5 7 48 1 11 subjectInfoAccess
354  public const int CERTINFO_SUBJECTINFOACCESS = 2233;
355  public const int CERTINFO_SUBJECTINFO_TIMESTAMPING = 2234; // accessDescription.accessLocation
356  public const int CERTINFO_SUBJECTINFO_CAREPOSITORY = 2235; // accessDescription.accessLocation
357  public const int CERTINFO_SUBJECTINFO_SIGNEDOBJECTREPOSITORY = 2236; // accessDescription.accessLocation
358  public const int CERTINFO_SUBJECTINFO_RPKIMANIFEST = 2237; // accessDescription.accessLocation
359  public const int CERTINFO_SUBJECTINFO_SIGNEDOBJECT = 2238; // accessDescription.accessLocation
360  public const int CERTINFO_SIGG_DATEOFCERTGEN = 2239; // 1 3 36 8 3 2 siggProcuration
361  public const int CERTINFO_SIGG_PROCURATION = 2240;
362  public const int CERTINFO_SIGG_PROCURE_COUNTRY = 2241; // country
363  public const int CERTINFO_SIGG_PROCURE_TYPEOFSUBSTITUTION = 2242; // typeOfSubstitution
364  public const int CERTINFO_SIGG_PROCURE_SIGNINGFOR = 2243; // signingFor.thirdPerson
365  public const int CERTINFO_SIGG_ADMISSIONS = 2244;
366  public const int CERTINFO_SIGG_ADMISSIONS_AUTHORITY = 2245; // authority
367  public const int CERTINFO_SIGG_ADMISSIONS_NAMINGAUTHID = 2246; // namingAuth.iD
368  public const int CERTINFO_SIGG_ADMISSIONS_NAMINGAUTHURL = 2247; // namingAuth.uRL
369  public const int CERTINFO_SIGG_ADMISSIONS_NAMINGAUTHTEXT = 2248; // namingAuth.text
370  public const int CERTINFO_SIGG_ADMISSIONS_PROFESSIONITEM = 2249; // professionItem
371  public const int CERTINFO_SIGG_ADMISSIONS_PROFESSIONOID = 2250; // professionOID
372  public const int CERTINFO_SIGG_ADMISSIONS_REGISTRATIONNUMBER = 2251; // registrationNumber
373  public const int CERTINFO_SIGG_MONETARYLIMIT = 2252;
374  public const int CERTINFO_SIGG_MONETARY_CURRENCY = 2253; // currency
375  public const int CERTINFO_SIGG_MONETARY_AMOUNT = 2254; // amount
376  public const int CERTINFO_SIGG_MONETARY_EXPONENT = 2255; // exponent
377  public const int CERTINFO_SIGG_DECLARATIONOFMAJORITY = 2256;
378  public const int CERTINFO_SIGG_DECLARATIONOFMAJORITY_COUNTRY = 2257; // fullAgeAtCountry
379  public const int CERTINFO_SIGG_RESTRICTION = 2258; // 1 3 36 8 3 13 siggCertHash
380  public const int CERTINFO_SIGG_CERTHASH = 2259; // 1 3 36 8 3 15 siggAdditionalInformation
381  public const int CERTINFO_SIGG_ADDITIONALINFORMATION = 2260; // 1 3 101 1 4 1 strongExtranet
382  public const int CERTINFO_STRONGEXTRANET = 2261;
383  public const int CERTINFO_STRONGEXTRANET_ZONE = 2262; // sxNetIDList.sxNetID.zone
384  public const int CERTINFO_STRONGEXTRANET_ID = 2263; // sxNetIDList.sxNetID.id
385  public const int CERTINFO_SUBJECTDIRECTORYATTRIBUTES = 2264;
386  public const int CERTINFO_SUBJECTDIR_TYPE = 2265; // attribute.type
387  public const int CERTINFO_SUBJECTDIR_VALUES = 2266; // attribute.values
388  public const int CERTINFO_SUBJECTKEYIDENTIFIER = 2267; // 2 5 29 15 keyUsage
389  public const int CERTINFO_KEYUSAGE = 2268; // 2 5 29 16 privateKeyUsagePeriod
390  public const int CERTINFO_PRIVATEKEYUSAGEPERIOD = 2269;
391  public const int CERTINFO_PRIVATEKEY_NOTBEFORE = 2270; // notBefore
392  public const int CERTINFO_PRIVATEKEY_NOTAFTER = 2271; // notAfter
393  public const int CERTINFO_SUBJECTALTNAME = 2272; // 2 5 29 18 issuerAltName
394  public const int CERTINFO_ISSUERALTNAME = 2273; // 2 5 29 19 basicConstraints
395  public const int CERTINFO_BASICCONSTRAINTS = 2274;
396  public const int CERTINFO_CA = 2275; // cA
397  public const int CERTINFO_AUTHORITY = 2275;
398  public const int CERTINFO_PATHLENCONSTRAINT = 2276; // pathLenConstraint
399  public const int CERTINFO_CRLNUMBER = 2277; // 2 5 29 21 cRLReason
400  public const int CERTINFO_CRLREASON = 2278; // 2 5 29 23 holdInstructionCode
401  public const int CERTINFO_HOLDINSTRUCTIONCODE = 2279; // 2 5 29 24 invalidityDate
402  public const int CERTINFO_INVALIDITYDATE = 2280; // 2 5 29 27 deltaCRLIndicator
403  public const int CERTINFO_DELTACRLINDICATOR = 2281; // 2 5 29 28 issuingDistributionPoint
404  public const int CERTINFO_ISSUINGDISTRIBUTIONPOINT = 2282;
405  public const int CERTINFO_ISSUINGDIST_FULLNAME = 2283; // distributionPointName.fullName
406  public const int CERTINFO_ISSUINGDIST_USERCERTSONLY = 2284; // onlyContainsUserCerts
407  public const int CERTINFO_ISSUINGDIST_CACERTSONLY = 2285; // onlyContainsCACerts
408  public const int CERTINFO_ISSUINGDIST_SOMEREASONSONLY = 2286; // onlySomeReasons
409  public const int CERTINFO_ISSUINGDIST_INDIRECTCRL = 2287; // indirectCRL
410  public const int CERTINFO_CERTIFICATEISSUER = 2288; // 2 5 29 30 nameConstraints
411  public const int CERTINFO_NAMECONSTRAINTS = 2289;
412  public const int CERTINFO_PERMITTEDSUBTREES = 2290; // permittedSubtrees
413  public const int CERTINFO_EXCLUDEDSUBTREES = 2291; // excludedSubtrees
414  public const int CERTINFO_CRLDISTRIBUTIONPOINT = 2292;
415  public const int CERTINFO_CRLDIST_FULLNAME = 2293; // distributionPointName.fullName
416  public const int CERTINFO_CRLDIST_REASONS = 2294; // reasons
417  public const int CERTINFO_CRLDIST_CRLISSUER = 2295; // cRLIssuer
418  public const int CERTINFO_CERTIFICATEPOLICIES = 2296;
419  public const int CERTINFO_CERTPOLICYID = 2297; // policyInformation.policyIdentifier
420  public const int CERTINFO_CERTPOLICY_CPSURI = 2298; // policyInformation.policyQualifiers.qualifier.cPSuri
421  public const int CERTINFO_CERTPOLICY_ORGANIZATION = 2299; // policyInformation.policyQualifiers.qualifier.userNotice.noticeRef.organization
422  public const int CERTINFO_CERTPOLICY_NOTICENUMBERS = 2300; // policyInformation.policyQualifiers.qualifier.userNotice.noticeRef.noticeNumbers
423  public const int CERTINFO_CERTPOLICY_EXPLICITTEXT = 2301; // policyInformation.policyQualifiers.qualifier.userNotice.explicitText
424  public const int CERTINFO_POLICYMAPPINGS = 2302;
425  public const int CERTINFO_ISSUERDOMAINPOLICY = 2303; // policyMappings.issuerDomainPolicy
426  public const int CERTINFO_SUBJECTDOMAINPOLICY = 2304; // policyMappings.subjectDomainPolicy
427  public const int CERTINFO_AUTHORITYKEYIDENTIFIER = 2305;
428  public const int CERTINFO_AUTHORITY_KEYIDENTIFIER = 2306; // keyIdentifier
429  public const int CERTINFO_AUTHORITY_CERTISSUER = 2307; // authorityCertIssuer
430  public const int CERTINFO_AUTHORITY_CERTSERIALNUMBER = 2308; // authorityCertSerialNumber
431  public const int CERTINFO_POLICYCONSTRAINTS = 2309;
432  public const int CERTINFO_REQUIREEXPLICITPOLICY = 2310; // policyConstraints.requireExplicitPolicy
433  public const int CERTINFO_INHIBITPOLICYMAPPING = 2311; // policyConstraints.inhibitPolicyMapping
434  public const int CERTINFO_EXTKEYUSAGE = 2312;
435  public const int CERTINFO_EXTKEY_MS_INDIVIDUALCODESIGNING = 2313; // individualCodeSigning
436  public const int CERTINFO_EXTKEY_MS_COMMERCIALCODESIGNING = 2314; // commercialCodeSigning
437  public const int CERTINFO_EXTKEY_MS_CERTTRUSTLISTSIGNING = 2315; // certTrustListSigning
438  public const int CERTINFO_EXTKEY_MS_TIMESTAMPSIGNING = 2316; // timeStampSigning
439  public const int CERTINFO_EXTKEY_MS_SERVERGATEDCRYPTO = 2317; // serverGatedCrypto
440  public const int CERTINFO_EXTKEY_MS_ENCRYPTEDFILESYSTEM = 2318; // encrypedFileSystem
441  public const int CERTINFO_EXTKEY_SERVERAUTH = 2319; // serverAuth
442  public const int CERTINFO_EXTKEY_CLIENTAUTH = 2320; // clientAuth
443  public const int CERTINFO_EXTKEY_CODESIGNING = 2321; // codeSigning
444  public const int CERTINFO_EXTKEY_EMAILPROTECTION = 2322; // emailProtection
445  public const int CERTINFO_EXTKEY_IPSECENDSYSTEM = 2323; // ipsecEndSystem
446  public const int CERTINFO_EXTKEY_IPSECTUNNEL = 2324; // ipsecTunnel
447  public const int CERTINFO_EXTKEY_IPSECUSER = 2325; // ipsecUser
448  public const int CERTINFO_EXTKEY_TIMESTAMPING = 2326; // timeStamping
449  public const int CERTINFO_EXTKEY_OCSPSIGNING = 2327; // ocspSigning
450  public const int CERTINFO_EXTKEY_DIRECTORYSERVICE = 2328; // directoryService
451  public const int CERTINFO_EXTKEY_ANYKEYUSAGE = 2329; // anyExtendedKeyUsage
452  public const int CERTINFO_EXTKEY_NS_SERVERGATEDCRYPTO = 2330; // serverGatedCrypto
453  public const int CERTINFO_EXTKEY_VS_SERVERGATEDCRYPTO_CA = 2331; // serverGatedCrypto CA
454  public const int CERTINFO_CRLSTREAMIDENTIFIER = 2332; // 2 5 29 46 freshestCRL
455  public const int CERTINFO_FRESHESTCRL = 2333;
456  public const int CERTINFO_FRESHESTCRL_FULLNAME = 2334; // distributionPointName.fullName
457  public const int CERTINFO_FRESHESTCRL_REASONS = 2335; // reasons
458  public const int CERTINFO_FRESHESTCRL_CRLISSUER = 2336; // cRLIssuer
459  public const int CERTINFO_ORDEREDLIST = 2337; // 2 5 29 51 baseUpdateTime
460  public const int CERTINFO_BASEUPDATETIME = 2338; // 2 5 29 53 deltaInfo
461  public const int CERTINFO_DELTAINFO = 2339;
462  public const int CERTINFO_DELTAINFO_LOCATION = 2340; // deltaLocation
463  public const int CERTINFO_DELTAINFO_NEXTDELTA = 2341; // nextDelta
464  public const int CERTINFO_INHIBITANYPOLICY = 2342; // 2 5 29 58 toBeRevoked
465  public const int CERTINFO_TOBEREVOKED = 2343;
466  public const int CERTINFO_TOBEREVOKED_CERTISSUER = 2344; // certificateIssuer
467  public const int CERTINFO_TOBEREVOKED_REASONCODE = 2345; // reasonCode
468  public const int CERTINFO_TOBEREVOKED_REVOCATIONTIME = 2346; // revocationTime
469  public const int CERTINFO_TOBEREVOKED_CERTSERIALNUMBER = 2347; // certSerialNumber
470  public const int CERTINFO_REVOKEDGROUPS = 2348;
471  public const int CERTINFO_REVOKEDGROUPS_CERTISSUER = 2349; // certificateIssuer
472  public const int CERTINFO_REVOKEDGROUPS_REASONCODE = 2350; // reasonCode
473  public const int CERTINFO_REVOKEDGROUPS_INVALIDITYDATE = 2351; // invalidityDate
474  public const int CERTINFO_REVOKEDGROUPS_STARTINGNUMBER = 2352; // startingNumber
475  public const int CERTINFO_REVOKEDGROUPS_ENDINGNUMBER = 2353; // endingNumber
476  public const int CERTINFO_EXPIREDCERTSONCRL = 2354; // 2 5 29 63 aaIssuingDistributionPoint
477  public const int CERTINFO_AAISSUINGDISTRIBUTIONPOINT = 2355;
478  public const int CERTINFO_AAISSUINGDIST_FULLNAME = 2356; // distributionPointName.fullName
479  public const int CERTINFO_AAISSUINGDIST_SOMEREASONSONLY = 2357; // onlySomeReasons
480  public const int CERTINFO_AAISSUINGDIST_INDIRECTCRL = 2358; // indirectCRL
481  public const int CERTINFO_AAISSUINGDIST_USERATTRCERTS = 2359; // containsUserAttributeCerts
482  public const int CERTINFO_AAISSUINGDIST_AACERTS = 2360; // containsAACerts
483  public const int CERTINFO_AAISSUINGDIST_SOACERTS = 2361; // containsSOAPublicKeyCerts
484  public const int CERTINFO_NS_CERTTYPE = 2362; // netscape-cert-type
485  public const int CERTINFO_NS_BASEURL = 2363; // netscape-base-url
486  public const int CERTINFO_NS_REVOCATIONURL = 2364; // netscape-revocation-url
487  public const int CERTINFO_NS_CAREVOCATIONURL = 2365; // netscape-ca-revocation-url
488  public const int CERTINFO_NS_CERTRENEWALURL = 2366; // netscape-cert-renewal-url
489  public const int CERTINFO_NS_CAPOLICYURL = 2367; // netscape-ca-policy-url
490  public const int CERTINFO_NS_SSLSERVERNAME = 2368; // netscape-ssl-server-name
491  public const int CERTINFO_NS_COMMENT = 2369; // netscape-comment
492  public const int CERTINFO_SET_HASHEDROOTKEY = 2370;
493  public const int CERTINFO_SET_ROOTKEYTHUMBPRINT = 2371; // rootKeyThumbPrint
494  public const int CERTINFO_SET_CERTIFICATETYPE = 2372; // 2 23 42 7 2 SET merchantData
495  public const int CERTINFO_SET_MERCHANTDATA = 2373;
496  public const int CERTINFO_SET_MERID = 2374; // merID
497  public const int CERTINFO_SET_MERACQUIRERBIN = 2375; // merAcquirerBIN
498  public const int CERTINFO_SET_MERCHANTLANGUAGE = 2376; // merNames.language
499  public const int CERTINFO_SET_MERCHANTNAME = 2377; // merNames.name
500  public const int CERTINFO_SET_MERCHANTCITY = 2378; // merNames.city
501  public const int CERTINFO_SET_MERCHANTSTATEPROVINCE = 2379; // merNames.stateProvince
502  public const int CERTINFO_SET_MERCHANTPOSTALCODE = 2380; // merNames.postalCode
503  public const int CERTINFO_SET_MERCHANTCOUNTRYNAME = 2381; // merNames.countryName
504  public const int CERTINFO_SET_MERCOUNTRY = 2382; // merCountry
505  public const int CERTINFO_SET_MERAUTHFLAG = 2383; // merAuthFlag
506  public const int CERTINFO_SET_CERTCARDREQUIRED = 2384; // 2 23 42 7 4 SET tunneling
507  public const int CERTINFO_SET_TUNNELING = 2385;
508  public const int CERTINFO_SET_TUNNELLING = 2385;
509  public const int CERTINFO_SET_TUNNELINGFLAG = 2386; // tunneling
510  public const int CERTINFO_SET_TUNNELLINGFLAG = 2386;
511  public const int CERTINFO_SET_TUNNELINGALGID = 2387; // tunnelingAlgID
512  public const int CERTINFO_SET_TUNNELLINGALGID = 2387; // S/MIME attributes
513  public const int CERTINFO_CMS_CONTENTTYPE = 2500; // 1 2 840 113549 1 9 4 messageDigest
514  public const int CERTINFO_CMS_MESSAGEDIGEST = 2501; // 1 2 840 113549 1 9 5 signingTime
515  public const int CERTINFO_CMS_SIGNINGTIME = 2502; // 1 2 840 113549 1 9 6 counterSignature
516  public const int CERTINFO_CMS_COUNTERSIGNATURE = 2503; // counterSignature
517  public const int CERTINFO_CMS_SIGNINGDESCRIPTION = 2504; // 1 2 840 113549 1 9 15 sMIMECapabilities
518  public const int CERTINFO_CMS_SMIMECAPABILITIES = 2505;
519  public const int CERTINFO_CMS_SMIMECAP_3DES = 2506; // 3DES encryption
520  public const int CERTINFO_CMS_SMIMECAP_AES = 2507; // AES encryption
521  public const int CERTINFO_CMS_SMIMECAP_CAST128 = 2508; // CAST-128 encryption
522  public const int CERTINFO_CMS_SMIMECAP_IDEA = 2509; // IDEA encryption
523  public const int CERTINFO_CMS_SMIMECAP_RC2 = 2510; // RC2 encryption (w.128 key)
524  public const int CERTINFO_CMS_SMIMECAP_RC5 = 2511; // RC5 encryption (w.128 key)
525  public const int CERTINFO_CMS_SMIMECAP_SKIPJACK = 2512; // Skipjack encryption
526  public const int CERTINFO_CMS_SMIMECAP_DES = 2513; // DES encryption
527  public const int CERTINFO_CMS_SMIMECAP_SHAng = 2514; // SHA2-ng hash
528  public const int CERTINFO_CMS_SMIMECAP_SHA2 = 2515; // SHA2-256 hash
529  public const int CERTINFO_CMS_SMIMECAP_SHA1 = 2516; // SHA1 hash
530  public const int CERTINFO_CMS_SMIMECAP_HMAC_SHAng = 2517; // HMAC-SHA2-ng MAC
531  public const int CERTINFO_CMS_SMIMECAP_HMAC_SHA2 = 2518; // HMAC-SHA2-256 MAC
532  public const int CERTINFO_CMS_SMIMECAP_HMAC_SHA1 = 2519; // HMAC-SHA1 MAC
533  public const int CERTINFO_CMS_SMIMECAP_AUTHENC256 = 2520; // AuthEnc w.256-bit key
534  public const int CERTINFO_CMS_SMIMECAP_AUTHENC128 = 2521; // AuthEnc w.128-bit key
535  public const int CERTINFO_CMS_SMIMECAP_RSA_SHAng = 2522; // RSA with SHA-ng signing
536  public const int CERTINFO_CMS_SMIMECAP_RSA_SHA2 = 2523; // RSA with SHA2-256 signing
537  public const int CERTINFO_CMS_SMIMECAP_RSA_SHA1 = 2524; // RSA with SHA1 signing
538  public const int CERTINFO_CMS_SMIMECAP_DSA_SHA1 = 2525; // DSA with SHA-1 signing
539  public const int CERTINFO_CMS_SMIMECAP_ECDSA_SHAng = 2526; // ECDSA with SHA-ng signing
540  public const int CERTINFO_CMS_SMIMECAP_ECDSA_SHA2 = 2527; // ECDSA with SHA2-256 signing
541  public const int CERTINFO_CMS_SMIMECAP_ECDSA_SHA1 = 2528; // ECDSA with SHA-1 signing
542  public const int CERTINFO_CMS_SMIMECAP_PREFERSIGNEDDATA = 2529; // preferSignedData
543  public const int CERTINFO_CMS_SMIMECAP_CANNOTDECRYPTANY = 2530; // canNotDecryptAny
544  public const int CERTINFO_CMS_SMIMECAP_PREFERBINARYINSIDE = 2531; // preferBinaryInside
545  public const int CERTINFO_CMS_RECEIPTREQUEST = 2532;
546  public const int CERTINFO_CMS_RECEIPT_CONTENTIDENTIFIER = 2533; // contentIdentifier
547  public const int CERTINFO_CMS_RECEIPT_FROM = 2534; // receiptsFrom
548  public const int CERTINFO_CMS_RECEIPT_TO = 2535; // receiptsTo
549  public const int CERTINFO_CMS_SECURITYLABEL = 2536;
550  public const int CERTINFO_CMS_SECLABEL_POLICY = 2537; // securityPolicyIdentifier
551  public const int CERTINFO_CMS_SECLABEL_CLASSIFICATION = 2538; // securityClassification
552  public const int CERTINFO_CMS_SECLABEL_PRIVACYMARK = 2539; // privacyMark
553  public const int CERTINFO_CMS_SECLABEL_CATTYPE = 2540; // securityCategories.securityCategory.type
554  public const int CERTINFO_CMS_SECLABEL_CATVALUE = 2541; // securityCategories.securityCategory.value
555  public const int CERTINFO_CMS_MLEXPANSIONHISTORY = 2542;
556  public const int CERTINFO_CMS_MLEXP_ENTITYIDENTIFIER = 2543; // mlData.mailListIdentifier.issuerAndSerialNumber
557  public const int CERTINFO_CMS_MLEXP_TIME = 2544; // mlData.expansionTime
558  public const int CERTINFO_CMS_MLEXP_NONE = 2545; // mlData.mlReceiptPolicy.none
559  public const int CERTINFO_CMS_MLEXP_INSTEADOF = 2546; // mlData.mlReceiptPolicy.insteadOf.generalNames.generalName
560  public const int CERTINFO_CMS_MLEXP_INADDITIONTO = 2547; // mlData.mlReceiptPolicy.inAdditionTo.generalNames.generalName
561  public const int CERTINFO_CMS_CONTENTHINTS = 2548;
562  public const int CERTINFO_CMS_CONTENTHINT_DESCRIPTION = 2549; // contentDescription
563  public const int CERTINFO_CMS_CONTENTHINT_TYPE = 2550; // contentType
564  public const int CERTINFO_CMS_EQUIVALENTLABEL = 2551;
565  public const int CERTINFO_CMS_EQVLABEL_POLICY = 2552; // securityPolicyIdentifier
566  public const int CERTINFO_CMS_EQVLABEL_CLASSIFICATION = 2553; // securityClassification
567  public const int CERTINFO_CMS_EQVLABEL_PRIVACYMARK = 2554; // privacyMark
568  public const int CERTINFO_CMS_EQVLABEL_CATTYPE = 2555; // securityCategories.securityCategory.type
569  public const int CERTINFO_CMS_EQVLABEL_CATVALUE = 2556; // securityCategories.securityCategory.value
570  public const int CERTINFO_CMS_SIGNINGCERTIFICATE = 2557;
571  public const int CERTINFO_CMS_SIGNINGCERT_ESSCERTID = 2558; // certs.essCertID
572  public const int CERTINFO_CMS_SIGNINGCERT_POLICIES = 2559; // policies.policyInformation.policyIdentifier
573  public const int CERTINFO_CMS_SIGNINGCERTIFICATEV2 = 2560;
574  public const int CERTINFO_CMS_SIGNINGCERTV2_ESSCERTIDV2 = 2561; // certs.essCertID
575  public const int CERTINFO_CMS_SIGNINGCERTV2_POLICIES = 2562; // policies.policyInformation.policyIdentifier
576  public const int CERTINFO_CMS_SIGNATUREPOLICYID = 2563;
577  public const int CERTINFO_CMS_SIGPOLICYID = 2564; // sigPolicyID
578  public const int CERTINFO_CMS_SIGPOLICYHASH = 2565; // sigPolicyHash
579  public const int CERTINFO_CMS_SIGPOLICY_CPSURI = 2566; // sigPolicyQualifiers.sigPolicyQualifier.cPSuri
580  public const int CERTINFO_CMS_SIGPOLICY_ORGANIZATION = 2567; // sigPolicyQualifiers.sigPolicyQualifier.userNotice.noticeRef.organization
581  public const int CERTINFO_CMS_SIGPOLICY_NOTICENUMBERS = 2568; // sigPolicyQualifiers.sigPolicyQualifier.userNotice.noticeRef.noticeNumbers
582  public const int CERTINFO_CMS_SIGPOLICY_EXPLICITTEXT = 2569; // sigPolicyQualifiers.sigPolicyQualifier.userNotice.explicitText
583  public const int CERTINFO_CMS_SIGTYPEIDENTIFIER = 2570;
584  public const int CERTINFO_CMS_SIGTYPEID_ORIGINATORSIG = 2571; // originatorSig
585  public const int CERTINFO_CMS_SIGTYPEID_DOMAINSIG = 2572; // domainSig
586  public const int CERTINFO_CMS_SIGTYPEID_ADDITIONALATTRIBUTES = 2573; // additionalAttributesSig
587  public const int CERTINFO_CMS_SIGTYPEID_REVIEWSIG = 2574; // reviewSig
588  public const int CERTINFO_CMS_NONCE = 2575; // randomNonce
589  public const int CERTINFO_SCEP_MESSAGETYPE = 2576; // messageType
590  public const int CERTINFO_SCEP_PKISTATUS = 2577; // pkiStatus
591  public const int CERTINFO_SCEP_FAILINFO = 2578; // failInfo
592  public const int CERTINFO_SCEP_SENDERNONCE = 2579; // senderNonce
593  public const int CERTINFO_SCEP_RECIPIENTNONCE = 2580; // recipientNonce
594  public const int CERTINFO_SCEP_TRANSACTIONID = 2581; // transID
595  public const int CERTINFO_CMS_SPCAGENCYINFO = 2582;
596  public const int CERTINFO_CMS_SPCAGENCYURL = 2583; // spcAgencyInfo.url
597  public const int CERTINFO_CMS_SPCSTATEMENTTYPE = 2584;
598  public const int CERTINFO_CMS_SPCSTMT_INDIVIDUALCODESIGNING = 2585; // individualCodeSigning
599  public const int CERTINFO_CMS_SPCSTMT_COMMERCIALCODESIGNING = 2586; // commercialCodeSigning
600  public const int CERTINFO_CMS_SPCOPUSINFO = 2587;
601  public const int CERTINFO_CMS_SPCOPUSINFO_NAME = 2588; // spcOpusInfo.name
602  public const int CERTINFO_CMS_SPCOPUSINFO_URL = 2589; // spcOpusInfo.url
603  public const int CERTINFO_LAST = 2590;
604  public const int KEYINFO_FIRST = 3000; // *******************
605  public const int KEYINFO_QUERY = 3001; // Keyset query
606  public const int KEYINFO_QUERY_REQUESTS = 3002; // Query of requests in cert store
607  public const int KEYINFO_LAST = 3003;
608  public const int DEVINFO_FIRST = 4000; // *******************
609  public const int DEVINFO_INITIALISE = 4001; // Initialise device for use
610  public const int DEVINFO_INITIALIZE = 4001;
611  public const int DEVINFO_AUTHENT_USER = 4002; // Authenticate user to device
612  public const int DEVINFO_AUTHENT_SUPERVISOR = 4003; // Authenticate supervisor to dev.
613  public const int DEVINFO_SET_AUTHENT_USER = 4004; // Set user authent.value
614  public const int DEVINFO_SET_AUTHENT_SUPERVISOR = 4005; // Set supervisor auth.val.
615  public const int DEVINFO_ZEROISE = 4006; // Zeroise device
616  public const int DEVINFO_ZEROIZE = 4006;
617  public const int DEVINFO_LOGGEDIN = 4007; // Whether user is logged in
618  public const int DEVINFO_LABEL = 4008; // Device/token label
619  public const int DEVINFO_LAST = 4009;
620  public const int ENVINFO_FIRST = 5000; // *********************
621  public const int ENVINFO_DATASIZE = 5001; // Data size information
622  public const int ENVINFO_COMPRESSION = 5002; // Compression information
623  public const int ENVINFO_CONTENTTYPE = 5003; // Inner CMS content type
624  public const int ENVINFO_DETACHEDSIGNATURE = 5004; // Detached signature
625  public const int ENVINFO_SIGNATURE_RESULT = 5005; // Signature check result
626  public const int ENVINFO_INTEGRITY = 5006; // Integrity-protection level
627  public const int ENVINFO_PASSWORD = 5007; // User password
628  public const int ENVINFO_KEY = 5008; // Conventional encryption key
629  public const int ENVINFO_SIGNATURE = 5009; // Signature/signature check key
630  public const int ENVINFO_SIGNATURE_EXTRADATA = 5010; // Extra information added to CMS sigs
631  public const int ENVINFO_RECIPIENT = 5011; // Recipient email address
632  public const int ENVINFO_PUBLICKEY = 5012; // PKC encryption key
633  public const int ENVINFO_PRIVATEKEY = 5013; // PKC decryption key
634  public const int ENVINFO_PRIVATEKEY_LABEL = 5014; // Label of PKC decryption key
635  public const int ENVINFO_ORIGINATOR = 5015; // Originator info/key
636  public const int ENVINFO_SESSIONKEY = 5016; // Session key
637  public const int ENVINFO_HASH = 5017; // Hash value
638  public const int ENVINFO_TIMESTAMP = 5018; // Timestamp information
639  public const int ENVINFO_KEYSET_SIGCHECK = 5019; // Signature check keyset
640  public const int ENVINFO_KEYSET_ENCRYPT = 5020; // PKC encryption keyset
641  public const int ENVINFO_KEYSET_DECRYPT = 5021; // PKC decryption keyset
642  public const int ENVINFO_LAST = 5022;
643  public const int SESSINFO_FIRST = 6000; // ********************
644  public const int SESSINFO_ACTIVE = 6001; // Whether session is active
645  public const int SESSINFO_CONNECTIONACTIVE = 6002; // Whether network connection is active
646  public const int SESSINFO_USERNAME = 6003; // User name
647  public const int SESSINFO_PASSWORD = 6004; // Password
648  public const int SESSINFO_PRIVATEKEY = 6005; // Server/client private key
649  public const int SESSINFO_KEYSET = 6006; // Certificate store
650  public const int SESSINFO_AUTHRESPONSE = 6007; // Session authorisation OK
651  public const int SESSINFO_SERVER_NAME = 6008; // Server name
652  public const int SESSINFO_SERVER_PORT = 6009; // Server port number
653  public const int SESSINFO_SERVER_FINGERPRINT = 6010; // Server key fingerprint
654  public const int SESSINFO_CLIENT_NAME = 6011; // Client name
655  public const int SESSINFO_CLIENT_PORT = 6012; // Client port number
656  public const int SESSINFO_SESSION = 6013; // Transport mechanism
657  public const int SESSINFO_NETWORKSOCKET = 6014; // User-supplied network socket
658  public const int SESSINFO_VERSION = 6015; // Protocol version
659  public const int SESSINFO_REQUEST = 6016; // Cert.request object
660  public const int SESSINFO_RESPONSE = 6017; // Cert.response object
661  public const int SESSINFO_CACERTIFICATE = 6018; // Issuing CA certificate
662  public const int SESSINFO_CMP_REQUESTTYPE = 6019; // Request type
663  public const int SESSINFO_CMP_PRIVKEYSET = 6020; // Private-key keyset
664  public const int SESSINFO_SSH_CHANNEL = 6021; // SSH current channel
665  public const int SESSINFO_SSH_CHANNEL_TYPE = 6022; // SSH channel type
666  public const int SESSINFO_SSH_CHANNEL_ARG1 = 6023; // SSH channel argument 1
667  public const int SESSINFO_SSH_CHANNEL_ARG2 = 6024; // SSH channel argument 2
668  public const int SESSINFO_SSH_CHANNEL_ACTIVE = 6025; // SSH channel active
669  public const int SESSINFO_SSL_OPTIONS = 6026; // SSL/TLS protocol options
670  public const int SESSINFO_TSP_MSGIMPRINT = 6027; // TSP message imprint
671  public const int SESSINFO_LAST = 6028;
672  public const int USERINFO_FIRST = 7000; // ********************
673  public const int USERINFO_PASSWORD = 7001; // Password
674  public const int USERINFO_CAKEY_CERTSIGN = 7002; // CA cert signing key
675  public const int USERINFO_CAKEY_CRLSIGN = 7003; // CA CRL signing key
676  public const int USERINFO_CAKEY_RTCSSIGN = 7004; // CA RTCS signing key
677  public const int USERINFO_CAKEY_OCSPSIGN = 7005; // CA OCSP signing key
678  public const int USERINFO_LAST = 7006;
679  public const int ATTRIBUTE_LAST = 7006;
680 
681  /****************************************************************************
682  * *
683  * Attribute Subtypes and Related Values *
684  * *
685  ****************************************************************************/
686 
687  /* Flags for the X.509 keyUsage extension */
688 
689  public const int KEYUSAGE_NONE = 0x000;
690  public const int KEYUSAGE_DIGITALSIGNATURE = 0x001;
691  public const int KEYUSAGE_NONREPUDIATION = 0x002;
692  public const int KEYUSAGE_KEYENCIPHERMENT = 0x004;
693  public const int KEYUSAGE_DATAENCIPHERMENT = 0x008;
694  public const int KEYUSAGE_KEYAGREEMENT = 0x010;
695  public const int KEYUSAGE_KEYCERTSIGN = 0x020;
696  public const int KEYUSAGE_CRLSIGN = 0x040;
697  public const int KEYUSAGE_ENCIPHERONLY = 0x080;
698  public const int KEYUSAGE_DECIPHERONLY = 0x100;
699  public const int KEYUSAGE_LAST = 0x200; // Last possible value
700 
701  /* X.509 cRLReason and cryptlib cRLExtReason codes */
702 
703  public const int CRLREASON_UNSPECIFIED = 0 ;
704  public const int CRLREASON_KEYCOMPROMISE = 1 ;
705  public const int CRLREASON_CACOMPROMISE = 2 ;
706  public const int CRLREASON_AFFILIATIONCHANGED = 3 ;
707  public const int CRLREASON_SUPERSEDED = 4 ;
708  public const int CRLREASON_CESSATIONOFOPERATION = 5 ;
709  public const int CRLREASON_CERTIFICATEHOLD = 6 ;
710  public const int CRLREASON_REMOVEFROMCRL = 8 ;
711  public const int CRLREASON_PRIVILEGEWITHDRAWN = 9 ;
712  public const int CRLREASON_AACOMPROMISE = 10;
713  public const int CRLREASON_LAST = 11; // End of standard CRL reasons
714  public const int CRLREASON_NEVERVALID = 20;
715  public const int CRLEXTREASON_LAST = 21;
716 
717  /* X.509 CRL reason flags. These identify the same thing as the cRLReason
718  codes but allow for multiple reasons to be specified. Note that these
719  don't follow the X.509 naming since in that scheme the enumerated types
720  and bitflags have the same names */
721 
722  public const int CRLREASONFLAG_UNUSED = 0x001;
723  public const int CRLREASONFLAG_KEYCOMPROMISE = 0x002;
724  public const int CRLREASONFLAG_CACOMPROMISE = 0x004;
725  public const int CRLREASONFLAG_AFFILIATIONCHANGED = 0x008;
726  public const int CRLREASONFLAG_SUPERSEDED = 0x010;
727  public const int CRLREASONFLAG_CESSATIONOFOPERATION = 0x020;
728  public const int CRLREASONFLAG_CERTIFICATEHOLD = 0x040;
729  public const int CRLREASONFLAG_LAST = 0x080; // Last poss.value
730 
731  /* X.509 CRL holdInstruction codes */
732 
733  public const int HOLDINSTRUCTION_NONE = 0;
734  public const int HOLDINSTRUCTION_CALLISSUER = 1;
735  public const int HOLDINSTRUCTION_REJECT = 2;
736  public const int HOLDINSTRUCTION_PICKUPTOKEN = 3;
737  public const int HOLDINSTRUCTION_LAST = 4;
738 
739  /* Certificate checking compliance levels */
740 
741  public const int COMPLIANCELEVEL_OBLIVIOUS = 0;
742  public const int COMPLIANCELEVEL_REDUCED = 1;
743  public const int COMPLIANCELEVEL_STANDARD = 2;
744  public const int COMPLIANCELEVEL_PKIX_PARTIAL = 3;
745  public const int COMPLIANCELEVEL_PKIX_FULL = 4;
746  public const int COMPLIANCELEVEL_LAST = 5;
747 
748  /* Flags for the Netscape netscape-cert-type extension */
749 
750  public const int NS_CERTTYPE_SSLCLIENT = 0x001;
751  public const int NS_CERTTYPE_SSLSERVER = 0x002;
752  public const int NS_CERTTYPE_SMIME = 0x004;
753  public const int NS_CERTTYPE_OBJECTSIGNING = 0x008;
754  public const int NS_CERTTYPE_RESERVED = 0x010;
755  public const int NS_CERTTYPE_SSLCA = 0x020;
756  public const int NS_CERTTYPE_SMIMECA = 0x040;
757  public const int NS_CERTTYPE_OBJECTSIGNINGCA = 0x080;
758  public const int NS_CERTTYPE_LAST = 0x100; // Last possible value
759 
760  /* Flags for the SET certificate-type extension */
761 
762  public const int SET_CERTTYPE_CARD = 0x001;
763  public const int SET_CERTTYPE_MER = 0x002;
764  public const int SET_CERTTYPE_PGWY = 0x004;
765  public const int SET_CERTTYPE_CCA = 0x008;
766  public const int SET_CERTTYPE_MCA = 0x010;
767  public const int SET_CERTTYPE_PCA = 0x020;
768  public const int SET_CERTTYPE_GCA = 0x040;
769  public const int SET_CERTTYPE_BCA = 0x080;
770  public const int SET_CERTTYPE_RCA = 0x100;
771  public const int SET_CERTTYPE_ACQ = 0x200;
772  public const int SET_CERTTYPE_LAST = 0x400; // Last possible value
773 
774  /* CMS contentType values */
775 
776  // CRYPT_CONTENT_TYPE
777  public const int CONTENT_NONE = 0 ;
778  public const int CONTENT_DATA = 1 ;
779  public const int CONTENT_SIGNEDDATA = 2 ;
780  public const int CONTENT_ENVELOPEDDATA = 3 ;
781  public const int CONTENT_SIGNEDANDENVELOPEDDATA = 4 ;
782  public const int CONTENT_DIGESTEDDATA = 5 ;
783  public const int CONTENT_ENCRYPTEDDATA = 6 ;
784  public const int CONTENT_COMPRESSEDDATA = 7 ;
785  public const int CONTENT_AUTHDATA = 8 ;
786  public const int CONTENT_AUTHENVDATA = 9 ;
787  public const int CONTENT_TSTINFO = 10;
788  public const int CONTENT_SPCINDIRECTDATACONTEXT = 11;
789  public const int CONTENT_RTCSREQUEST = 12;
790  public const int CONTENT_RTCSRESPONSE = 13;
791  public const int CONTENT_RTCSRESPONSE_EXT = 14;
792  public const int CONTENT_MRTD = 15;
793  public const int CONTENT_LAST = 16;
794 
795  /* ESS securityClassification codes */
796 
797  public const int CLASSIFICATION_UNMARKED = 0 ;
798  public const int CLASSIFICATION_UNCLASSIFIED = 1 ;
799  public const int CLASSIFICATION_RESTRICTED = 2 ;
800  public const int CLASSIFICATION_CONFIDENTIAL = 3 ;
801  public const int CLASSIFICATION_SECRET = 4 ;
802  public const int CLASSIFICATION_TOP_SECRET = 5 ;
803  public const int CLASSIFICATION_LAST = 255;
804 
805  /* RTCS certificate status */
806 
807  public const int CERTSTATUS_VALID = 0;
808  public const int CERTSTATUS_NOTVALID = 1;
809  public const int CERTSTATUS_NONAUTHORITATIVE = 2;
810  public const int CERTSTATUS_UNKNOWN = 3;
811 
812  /* OCSP revocation status */
813 
814  public const int OCSPSTATUS_NOTREVOKED = 0;
815  public const int OCSPSTATUS_REVOKED = 1;
816  public const int OCSPSTATUS_UNKNOWN = 2;
817 
818  /* The amount of detail to include in signatures when signing certificate
819  objects */
820 
821  // CRYPT_SIGNATURELEVEL_TYPE
822  public const int SIGNATURELEVEL_NONE = 0; // Include only signature
823  public const int SIGNATURELEVEL_SIGNERCERT = 1; // Include signer cert
824  public const int SIGNATURELEVEL_ALL = 2; // Include all relevant info
825  public const int SIGNATURELEVEL_LAST = 3; // Last possible sig.level type
826 
827  /* The level of integrity protection to apply to enveloped data. The
828  default envelope protection for an envelope with keying information
829  applied is encryption, this can be modified to use MAC-only protection
830  (with no encryption) or hybrid encryption + authentication */
831 
832  // CRYPT_INTEGRITY_TYPE
833  public const int INTEGRITY_NONE = 0; // No integrity protection
834  public const int INTEGRITY_MACONLY = 1; // MAC only, no encryption
835  public const int INTEGRITY_FULL = 2; // Encryption + ingerity protection
836 
837  /* The certificate export format type, which defines the format in which a
838  certificate object is exported */
839 
840  // CRYPT_CERTFORMAT_TYPE
841  public const int CERTFORMAT_NONE = 0; // No certificate format
842  public const int CERTFORMAT_CERTIFICATE = 1; // DER-encoded certificate
843  public const int CERTFORMAT_CERTCHAIN = 2; // PKCS #7 certificate chain
844  public const int CERTFORMAT_TEXT_CERTIFICATE = 3; // base-64 wrapped cert
845  public const int CERTFORMAT_TEXT_CERTCHAIN = 4; // base-64 wrapped cert chain
846  public const int CERTFORMAT_XML_CERTIFICATE = 5; // XML wrapped cert
847  public const int CERTFORMAT_XML_CERTCHAIN = 6; // XML wrapped cert chain
848  public const int CERTFORMAT_LAST = 7; // Last possible cert.format type
849 
850  /* CMP request types */
851 
852  // CRYPT_REQUESTTYPE_TYPE
853  public const int REQUESTTYPE_NONE = 0; // No request type
854  public const int REQUESTTYPE_INITIALISATION = 1; // Initialisation request
855  public const int REQUESTTYPE_INITIALIZATION = 1;
856  public const int REQUESTTYPE_CERTIFICATE = 2; // Certification request
857  public const int REQUESTTYPE_KEYUPDATE = 3; // Key update request
858  public const int REQUESTTYPE_REVOCATION = 4; // Cert revocation request
859  public const int REQUESTTYPE_PKIBOOT = 5; // PKIBoot request
860  public const int REQUESTTYPE_LAST = 6; // Last possible request type
861 
862  /* Key ID types */
863 
864  // CRYPT_KEYID_TYPE
865  public const int KEYID_NONE = 0; // No key ID type
866  public const int KEYID_NAME = 1; // Key owner name
867  public const int KEYID_URI = 2; // Key owner URI
868  public const int KEYID_EMAIL = 2; // Synonym: owner email addr.
869  public const int KEYID_LAST = 3; // Last possible key ID type
870 
871  /* The encryption object types */
872 
873  // CRYPT_OBJECT_TYPE
874  public const int OBJECT_NONE = 0; // No object type
875  public const int OBJECT_ENCRYPTED_KEY = 1; // Conventionally encrypted key
876  public const int OBJECT_PKCENCRYPTED_KEY = 2; // PKC-encrypted key
877  public const int OBJECT_KEYAGREEMENT = 3; // Key agreement information
878  public const int OBJECT_SIGNATURE = 4; // Signature
879  public const int OBJECT_LAST = 5; // Last possible object type
880 
881  /* Object/attribute error type information */
882 
883  // CRYPT_ERRTYPE_TYPE
884  public const int ERRTYPE_NONE = 0; // No error information
885  public const int ERRTYPE_ATTR_SIZE = 1; // Attribute data too small or large
886  public const int ERRTYPE_ATTR_VALUE = 2; // Attribute value is invalid
887  public const int ERRTYPE_ATTR_ABSENT = 3; // Required attribute missing
888  public const int ERRTYPE_ATTR_PRESENT = 4; // Non-allowed attribute present
889  public const int ERRTYPE_CONSTRAINT = 5; // Cert: Constraint violation in object
890  public const int ERRTYPE_ISSUERCONSTRAINT = 6; // Cert: Constraint viol.in issuing cert
891  public const int ERRTYPE_LAST = 7; // Last possible error info type
892 
893  /* Cert store management action type */
894 
895  // CRYPT_CERTACTION_TYPE
896  public const int CERTACTION_NONE = 0 ; // No cert management action
897  public const int CERTACTION_CREATE = 1 ; // Create cert store
898  public const int CERTACTION_CONNECT = 2 ; // Connect to cert store
899  public const int CERTACTION_DISCONNECT = 3 ; // Disconnect from cert store
900  public const int CERTACTION_ERROR = 4 ; // Error information
901  public const int CERTACTION_ADDUSER = 5 ; // Add PKI user
902  public const int CERTACTION_DELETEUSER = 6 ; // Delete PKI user
903  public const int CERTACTION_REQUEST_CERT = 7 ; // Cert request
904  public const int CERTACTION_REQUEST_RENEWAL = 8 ; // Cert renewal request
905  public const int CERTACTION_REQUEST_REVOCATION = 9 ; // Cert revocation request
906  public const int CERTACTION_CERT_CREATION = 10; // Cert creation
907  public const int CERTACTION_CERT_CREATION_COMPLETE = 11; // Confirmation of cert creation
908  public const int CERTACTION_CERT_CREATION_DROP = 12; // Cancellation of cert creation
909  public const int CERTACTION_CERT_CREATION_REVERSE = 13; // Cancel of creation w.revocation
910  public const int CERTACTION_RESTART_CLEANUP = 14; // Delete reqs after restart
911  public const int CERTACTION_RESTART_REVOKE_CERT = 15; // Complete revocation after restart
912  public const int CERTACTION_ISSUE_CERT = 16; // Cert issue
913  public const int CERTACTION_ISSUE_CRL = 17; // CRL issue
914  public const int CERTACTION_REVOKE_CERT = 18; // Cert revocation
915  public const int CERTACTION_EXPIRE_CERT = 19; // Cert expiry
916  public const int CERTACTION_CLEANUP = 20; // Clean up on restart
917  public const int CERTACTION_LAST = 21; // Last possible cert store log action
918 
919  /* SSL/TLS protocol options. CRYPT_SSLOPTION_MINVER_SSLV3 is the same as
920  CRYPT_SSLOPTION_NONE since this is the default */
921 
922  public const int SSLOPTION_NONE = 0x00;
923  public const int SSLOPTION_MINVER_SSLV3 = 0x00; // Min.protocol version
924  public const int SSLOPTION_MINVER_TLS10 = 0x01;
925  public const int SSLOPTION_MINVER_TLS11 = 0x02;
926  public const int SSLOPTION_MINVER_TLS12 = 0x03;
927  public const int SSLOPTION_SUITEB_128 = 0x04; // SuiteB security levels
928  public const int SSLOPTION_SUITEB_256 = 0x08;
929 
930  /****************************************************************************
931  * *
932  * General Constants *
933  * *
934  ****************************************************************************/
935 
936  /* The maximum user key size - 2048 bits */
937 
938  public const int MAX_KEYSIZE = 256 ;
939 
940  /* The maximum IV size - 256 bits */
941 
942  public const int MAX_IVSIZE = 32 ;
943 
944  /* The maximum public-key component size - 4096 bits, and maximum component
945  size for ECCs - 576 bits (to handle the P521 curve) */
946 
947  public const int MAX_PKCSIZE = 512 ;
948  public const int MAX_PKCSIZE_ECC = 72 ;
949 
950  /* The maximum hash size - 512 bits. Before 3.4 this was 256 bits, in the
951  3.4 release it was increased to 512 bits to accommodate SHA-3 */
952 
953  public const int MAX_HASHSIZE = 64 ;
954 
955  /* The maximum size of a text string (e.g.key owner name) */
956 
957  public const int MAX_TEXTSIZE = 64 ;
958 
959  /* A magic value indicating that the default setting for this parameter
960  should be used. The parentheses are to catch potential erroneous use
961  in an expression */
962 
963  public const int USE_DEFAULT = -100;
964 
965  /* A magic value for unused parameters */
966 
967  public const int UNUSED = -101;
968 
969  /* Cursor positioning codes for certificate/CRL extensions. The parentheses
970  are to catch potential erroneous use in an expression */
971 
972  public const int CURSOR_FIRST = -200;
973  public const int CURSOR_PREVIOUS = -201;
974  public const int CURSOR_NEXT = -202;
975  public const int CURSOR_LAST = -203;
976 
977  /* The type of information polling to perform to get random seed
978  information. These values have to be negative because they're used
979  as magic length values for cryptAddRandom(). The parentheses are to
980  catch potential erroneous use in an expression */
981 
982  public const int RANDOM_FASTPOLL = -300;
983  public const int RANDOM_SLOWPOLL = -301;
984 
985  /* Whether the PKC key is a public or private key */
986 
987  public const int KEYTYPE_PRIVATE = 0 ;
988  public const int KEYTYPE_PUBLIC = 1 ;
989 
990  /* Keyset open options */
991 
992  // CRYPT_KEYOPT_TYPE
993  public const int KEYOPT_NONE = 0; // No options
994  public const int KEYOPT_READONLY = 1; // Open keyset in read-only mode
995  public const int KEYOPT_CREATE = 2; // Create a new keyset
996  public const int KEYOPT_LAST = 3; // Last possible key option type
997 
998  /* The various cryptlib objects - these are just integer handles */
999 
1000  //CRYPTLIBCONVERTER - NOT NEEDED: typedef int CRYPT_CERTIFICATE;
1001  //CRYPTLIBCONVERTER - NOT NEEDED: typedef int CRYPT_CONTEXT;
1002  //CRYPTLIBCONVERTER - NOT NEEDED: typedef int CRYPT_DEVICE;
1003  //CRYPTLIBCONVERTER - NOT NEEDED: typedef int CRYPT_ENVELOPE;
1004  //CRYPTLIBCONVERTER - NOT NEEDED: typedef int CRYPT_KEYSET;
1005  //CRYPTLIBCONVERTER - NOT NEEDED: typedef int CRYPT_SESSION;
1006  //CRYPTLIBCONVERTER - NOT NEEDED: typedef int CRYPT_USER;
1007 
1008  /* Sometimes we don't know the exact type of a cryptlib object, so we use a
1009  generic handle type to identify it */
1010 
1011  //CRYPTLIBCONVERTER - NOT NEEDED: typedef int CRYPT_HANDLE;
1012 
1013  /****************************************************************************
1014  * *
1015  * Encryption Data Structures *
1016  * *
1017  ****************************************************************************/
1018 
1019  /* Results returned from the capability query */
1020 
1021  //CRYPTLIBCONVERTER - NOT SUPPORTED:
1022  //typedef struct {
1023  // /* Algorithm information */
1024  // C_CHR algoName[ CRYPT_MAX_TEXTSIZE ];/* Algorithm name */
1025  // int blockSize; /* Block size of the algorithm */
1026  // int minKeySize; /* Minimum key size in bytes */
1027  // int keySize; /* Recommended key size in bytes */
1028  // int maxKeySize; /* Maximum key size in bytes */
1029  // } CRYPT_QUERY_INFO;
1030 
1031  /* Results returned from the encoded object query. These provide
1032  information on the objects created by cryptExportKey()/
1033  cryptCreateSignature() */
1034 
1035  //CRYPTLIBCONVERTER - NOT SUPPORTED:
1036  //typedef struct {
1037  // /* The object type */
1038  // CRYPT_OBJECT_TYPE objectType;
1039  //
1040  // /* The encryption algorithm and mode */
1041  // CRYPT_ALGO_TYPE cryptAlgo;
1042  // CRYPT_MODE_TYPE cryptMode;
1043  //
1044  // /* The hash algorithm for Signature objects */
1045  // CRYPT_ALGO_TYPE hashAlgo;
1046  //
1047  // /* The salt for derived keys */
1048  // unsigned char salt[ CRYPT_MAX_HASHSIZE ];
1049  // int saltSize;
1050  // } CRYPT_OBJECT_INFO;
1051 
1052  /* Key information for the public-key encryption algorithms. These fields
1053  are not accessed directly, but can be manipulated with the init/set/
1054  destroyComponents() macros */
1055 
1056  //CRYPTLIBCONVERTER - NOT SUPPORTED:
1057  //typedef struct {
1058  // /* Status information */
1059  // int isPublicKey; /* Whether this is a public or private key */
1060  //
1061  // /* Public components */
1062  // unsigned char n[ CRYPT_MAX_PKCSIZE ]; /* Modulus */
1063  // int nLen; /* Length of modulus in bits */
1064  // unsigned char e[ CRYPT_MAX_PKCSIZE ]; /* Public exponent */
1065  // int eLen; /* Length of public exponent in bits */
1066  //
1067  // /* Private components */
1068  // unsigned char d[ CRYPT_MAX_PKCSIZE ]; /* Private exponent */
1069  // int dLen; /* Length of private exponent in bits */
1070  // unsigned char p[ CRYPT_MAX_PKCSIZE ]; /* Prime factor 1 */
1071  // int pLen; /* Length of prime factor 1 in bits */
1072  // unsigned char q[ CRYPT_MAX_PKCSIZE ]; /* Prime factor 2 */
1073  // int qLen; /* Length of prime factor 2 in bits */
1074  // unsigned char u[ CRYPT_MAX_PKCSIZE ]; /* Mult.inverse of q, mod p */
1075  // int uLen; /* Length of private exponent in bits */
1076  // unsigned char e1[ CRYPT_MAX_PKCSIZE ]; /* Private exponent 1 (PKCS) */
1077  // int e1Len; /* Length of private exponent in bits */
1078  // unsigned char e2[ CRYPT_MAX_PKCSIZE ]; /* Private exponent 2 (PKCS) */
1079  // int e2Len; /* Length of private exponent in bits */
1080  // } CRYPT_PKCINFO_RSA;
1081 
1082  //CRYPTLIBCONVERTER - NOT SUPPORTED:
1083  //typedef struct {
1084  // /* Status information */
1085  // int isPublicKey; /* Whether this is a public or private key */
1086  //
1087  // /* Public components */
1088  // unsigned char p[ CRYPT_MAX_PKCSIZE ]; /* Prime modulus */
1089  // int pLen; /* Length of prime modulus in bits */
1090  // unsigned char q[ CRYPT_MAX_PKCSIZE ]; /* Prime divisor */
1091  // int qLen; /* Length of prime divisor in bits */
1092  // unsigned char g[ CRYPT_MAX_PKCSIZE ]; /* h^( ( p - 1 ) / q ) mod p */
1093  // int gLen; /* Length of g in bits */
1094  // unsigned char y[ CRYPT_MAX_PKCSIZE ]; /* Public random integer */
1095  // int yLen; /* Length of public integer in bits */
1096  //
1097  // /* Private components */
1098  // unsigned char x[ CRYPT_MAX_PKCSIZE ]; /* Private random integer */
1099  // int xLen; /* Length of private integer in bits */
1100  // } CRYPT_PKCINFO_DLP;
1101 
1102  // CRYPT_ECCCURVE_TYPE
1103  public const int ECCCURVE_NONE = 0; // No ECC curve type
1104  public const int ECCCURVE_P192 = 1; // NIST P192/X9.62 P192r1/SECG p192r1 curve
1105  public const int ECCCURVE_P224 = 2; // NIST P224/X9.62 P224r1/SECG p224r1 curve
1106  public const int ECCCURVE_P256 = 3; // NIST P256/X9.62 P256v1/SECG p256r1 curve
1107  public const int ECCCURVE_P384 = 4; // NIST P384, SECG p384r1 curve
1108  public const int ECCCURVE_P521 = 5; // NIST P521, SECG p521r1
1109  public const int ECCCURVE_LAST = 6; // Last valid ECC curve type
1110 
1111  //CRYPTLIBCONVERTER - NOT SUPPORTED:
1112  //typedef struct {
1113  // /* Status information */
1114  // int isPublicKey; /* Whether this is a public or private key */
1115  //
1116  // /* Curve domain parameters. Either the curveType or the explicit domain
1117  // parameters must be provided */
1118  // CRYPT_ECCCURVE_TYPE curveType; /* Named curve */
1119  // unsigned char p[ CRYPT_MAX_PKCSIZE_ECC ];/* Prime defining Fq */
1120  // int pLen; /* Length of prime in bits */
1121  // unsigned char a[ CRYPT_MAX_PKCSIZE_ECC ];/* Element in Fq defining curve */
1122  // int aLen; /* Length of element a in bits */
1123  // unsigned char b[ CRYPT_MAX_PKCSIZE_ECC ];/* Element in Fq defining curve */
1124  // int bLen; /* Length of element b in bits */
1125  // unsigned char gx[ CRYPT_MAX_PKCSIZE_ECC ];/* Element in Fq defining point */
1126  // int gxLen; /* Length of element gx in bits */
1127  // unsigned char gy[ CRYPT_MAX_PKCSIZE_ECC ];/* Element in Fq defining point */
1128  // int gyLen; /* Length of element gy in bits */
1129  // unsigned char n[ CRYPT_MAX_PKCSIZE_ECC ];/* Order of point */
1130  // int nLen; /* Length of order in bits */
1131  // unsigned char h[ CRYPT_MAX_PKCSIZE_ECC ];/* Optional cofactor */
1132  // int hLen; /* Length of cofactor in bits */
1133  //
1134  // /* Public components */
1135  // unsigned char qx[ CRYPT_MAX_PKCSIZE_ECC ];/* Point Q on the curve */
1136  // int qxLen; /* Length of point xq in bits */
1137  // unsigned char qy[ CRYPT_MAX_PKCSIZE_ECC ];/* Point Q on the curve */
1138  // int qyLen; /* Length of point xy in bits */
1139  //
1140  // /* Private components */
1141  // unsigned char d[ CRYPT_MAX_PKCSIZE_ECC ];/* Private random integer */
1142  // int dLen; /* Length of integer in bits */
1143  // } CRYPT_PKCINFO_ECC;
1144 
1145  /* Macros to initialise and destroy the structure that stores the components
1146  of a public key */
1147 
1148  //CRYPTLIBCONVERTER - NOT SUPPORTED:
1149  //#define cryptInitComponents( componentInfo, componentKeyType ) \
1150  // { memset( ( componentInfo ), 0, sizeof( *componentInfo ) ); \
1151  // ( componentInfo )->isPublicKey = ( ( componentKeyType ) ? 1 : 0 ); }
1152 
1153  //CRYPTLIBCONVERTER - NOT SUPPORTED:
1154  //#define cryptDestroyComponents( componentInfo ) \
1155  // memset( ( componentInfo ), 0, sizeof( *componentInfo ) )
1156 
1157  /* Macros to set a component of a public key */
1158 
1159  //CRYPTLIBCONVERTER - NOT SUPPORTED:
1160  //#define cryptSetComponent( destination, source, length ) \
1161  // { memcpy( ( destination ), ( source ), ( ( length ) + 7 ) >> 3 ); \
1162  // ( destination##Len ) = length; }
1163 
1164  /****************************************************************************
1165  * *
1166  * Status Codes *
1167  * *
1168  ****************************************************************************/
1169 
1170  /* No error in function call */
1171 
1172  public const int OK = 0 ; // No error
1173 
1174  /* Error in parameters passed to function. The parentheses are to catch
1175  potential erroneous use in an expression */
1176 
1177  public const int ERROR_PARAM1 = -1 ; // Bad argument, parameter 1
1178  public const int ERROR_PARAM2 = -2 ; // Bad argument, parameter 2
1179  public const int ERROR_PARAM3 = -3 ; // Bad argument, parameter 3
1180  public const int ERROR_PARAM4 = -4 ; // Bad argument, parameter 4
1181  public const int ERROR_PARAM5 = -5 ; // Bad argument, parameter 5
1182  public const int ERROR_PARAM6 = -6 ; // Bad argument, parameter 6
1183  public const int ERROR_PARAM7 = -7 ; // Bad argument, parameter 7
1184 
1185  /* Errors due to insufficient resources */
1186 
1187  public const int ERROR_MEMORY = -10 ; // Out of memory
1188  public const int ERROR_NOTINITED = -11 ; // Data has not been initialised
1189  public const int ERROR_INITED = -12 ; // Data has already been init'd
1190  public const int ERROR_NOSECURE = -13 ; // Opn.not avail.at requested sec.level
1191  public const int ERROR_RANDOM = -14 ; // No reliable random data available
1192  public const int ERROR_FAILED = -15 ; // Operation failed
1193  public const int ERROR_INTERNAL = -16 ; // Internal consistency check failed
1194 
1195  /* Security violations */
1196 
1197  public const int ERROR_NOTAVAIL = -20 ; // This type of opn.not available
1198  public const int ERROR_PERMISSION = -21 ; // No permiss.to perform this operation
1199  public const int ERROR_WRONGKEY = -22 ; // Incorrect key used to decrypt data
1200  public const int ERROR_INCOMPLETE = -23 ; // Operation incomplete/still in progress
1201  public const int ERROR_COMPLETE = -24 ; // Operation complete/can't continue
1202  public const int ERROR_TIMEOUT = -25 ; // Operation timed out before completion
1203  public const int ERROR_INVALID = -26 ; // Invalid/inconsistent information
1204  public const int ERROR_SIGNALLED = -27 ; // Resource destroyed by extnl.event
1205 
1206  /* High-level function errors */
1207 
1208  public const int ERROR_OVERFLOW = -30 ; // Resources/space exhausted
1209  public const int ERROR_UNDERFLOW = -31 ; // Not enough data available
1210  public const int ERROR_BADDATA = -32 ; // Bad/unrecognised data format
1211  public const int ERROR_SIGNATURE = -33 ; // Signature/integrity check failed
1212 
1213  /* Data access function errors */
1214 
1215  public const int ERROR_OPEN = -40 ; // Cannot open object
1216  public const int ERROR_READ = -41 ; // Cannot read item from object
1217  public const int ERROR_WRITE = -42 ; // Cannot write item to object
1218  public const int ERROR_NOTFOUND = -43 ; // Requested item not found in object
1219  public const int ERROR_DUPLICATE = -44 ; // Item already present in object
1220 
1221  /* Data enveloping errors */
1222 
1223  public const int ENVELOPE_RESOURCE = -50 ; // Need resource to proceed
1224 
1225  /* Macros to examine return values */
1226 
1227  //CRYPTLIBCONVERTER - NOT SUPPORTED:
1228  //#define cryptStatusError( status ) ( ( status ) < CRYPT_OK )
1229  //CRYPTLIBCONVERTER - NOT SUPPORTED:
1230  //#define cryptStatusOK( status ) ( ( status ) == CRYPT_OK )
1231 
1232  /****************************************************************************
1233  * *
1234  * General Functions *
1235  * *
1236  ****************************************************************************/
1237 
1238  /* The following is necessary to stop C++ name mangling */
1239 
1240 
1241  /* Initialise and shut down cryptlib */
1242 
1243  public static void Init()
1244  {
1245  processStatus(wrapped_Init());
1246  }
1247 
1248  public static void End()
1249  {
1250  processStatus(wrapped_End());
1251  }
1252 
1253  /* Query cryptlibs capabilities */
1254 
1255  public static CRYPT_QUERY_INFO QueryCapability(
1256  int cryptAlgo // CRYPT_ALGO_TYPE
1257  )
1258  {
1259  IntPtr cryptQueryInfoPtr = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(CRYPT_QUERY_INFO)));
1260  CRYPT_QUERY_INFO cryptQueryInfo = new CRYPT_QUERY_INFO();
1261  try
1262  {
1263  processStatus(wrapped_QueryCapability(cryptAlgo, cryptQueryInfoPtr));
1264  Marshal.PtrToStructure(cryptQueryInfoPtr, cryptQueryInfo);
1265  return cryptQueryInfo;
1266  }
1267  finally
1268  {
1269  Marshal.FreeHGlobal(cryptQueryInfoPtr);
1270  }
1271  }
1272 
1273  /* Create and destroy an encryption context */
1274 
1275  public static int CreateContext(
1276  int cryptUser, // CRYPT_USER
1277  int cryptAlgo // CRYPT_ALGO_TYPE
1278  )
1279  {
1280  IntPtr cryptContextPtr = Marshal.AllocHGlobal(4);
1281  try
1282  {
1283  processStatus(wrapped_CreateContext(cryptContextPtr, cryptUser, cryptAlgo));
1284  return Marshal.ReadInt32(cryptContextPtr);
1285  }
1286  finally
1287  {
1288  Marshal.FreeHGlobal(cryptContextPtr);
1289  }
1290  }
1291 
1292  public static void DestroyContext(
1293  int cryptContext // CRYPT_CONTEXT
1294  )
1295  {
1296  processStatus(wrapped_DestroyContext(cryptContext));
1297  }
1298 
1299  /* Generic "destroy an object" function */
1300 
1301  public static void DestroyObject(
1302  int cryptObject // CRYPT_HANDLE
1303  )
1304  {
1305  processStatus(wrapped_DestroyObject(cryptObject));
1306  }
1307 
1308  /* Generate a key into a context */
1309 
1310  public static void GenerateKey(
1311  int cryptContext // CRYPT_CONTEXT
1312  )
1313  {
1314  processStatus(wrapped_GenerateKey(cryptContext));
1315  }
1316 
1317  public static void GenerateKeyAsync(
1318  int cryptContext // CRYPT_CONTEXT
1319  )
1320  {
1321  processStatus(wrapped_GenerateKeyAsync(cryptContext));
1322  }
1323 
1324  public static void AsyncQuery(
1325  int cryptObject // CRYPT_HANDLE
1326  )
1327  {
1328  processStatus(wrapped_AsyncQuery(cryptObject));
1329  }
1330 
1331  public static void AsyncCancel(
1332  int cryptObject // CRYPT_HANDLE
1333  )
1334  {
1335  processStatus(wrapped_AsyncCancel(cryptObject));
1336  }
1337 
1338  /* Encrypt/decrypt/hash a block of memory */
1339 
1340  public static void Encrypt(
1341  int cryptContext, // CRYPT_CONTEXT
1342  byte[] buffer,
1343  int bufferOffset,
1344  int length
1345  )
1346  {
1347  GCHandle bufferHandle = new GCHandle();
1348  IntPtr bufferPtr = IntPtr.Zero;
1349  try
1350  {
1351  checkIndices(buffer, bufferOffset, length);
1352  getPointer(buffer, bufferOffset, ref bufferHandle, ref bufferPtr);
1353  processStatus(wrapped_Encrypt(cryptContext, bufferPtr, length));
1354  }
1355  finally
1356  {
1357  releasePointer(bufferHandle);
1358  }
1359  }
1360  public static void Encrypt(
1361  int cryptContext, // CRYPT_CONTEXT
1362  byte[] buffer
1363  ) { Encrypt(cryptContext, buffer, 0, buffer == null ? 0 : buffer.Length); }
1364 
1365  public static void Decrypt(
1366  int cryptContext, // CRYPT_CONTEXT
1367  byte[] buffer,
1368  int bufferOffset,
1369  int length
1370  )
1371  {
1372  GCHandle bufferHandle = new GCHandle();
1373  IntPtr bufferPtr = IntPtr.Zero;
1374  try
1375  {
1376  checkIndices(buffer, bufferOffset, length);
1377  getPointer(buffer, bufferOffset, ref bufferHandle, ref bufferPtr);
1378  processStatus(wrapped_Decrypt(cryptContext, bufferPtr, length));
1379  }
1380  finally
1381  {
1382  releasePointer(bufferHandle);
1383  }
1384  }
1385  public static void Decrypt(
1386  int cryptContext, // CRYPT_CONTEXT
1387  byte[] buffer
1388  ) { Decrypt(cryptContext, buffer, 0, buffer == null ? 0 : buffer.Length); }
1389 
1390  /* Get/set/delete attribute functions */
1391 
1392  public static void SetAttribute(
1393  int cryptHandle, // CRYPT_HANDLE
1394  int attributeType, // CRYPT_ATTRIBUTE_TYPE
1395  int value
1396  )
1397  {
1398  processStatus(wrapped_SetAttribute(cryptHandle, attributeType, value));
1399  }
1400 
1401  public static void SetAttributeString(
1402  int cryptHandle, // CRYPT_HANDLE
1403  int attributeType, // CRYPT_ATTRIBUTE_TYPE
1404  byte[] value,
1405  int valueOffset,
1406  int valueLength
1407  )
1408  {
1409  GCHandle valueHandle = new GCHandle();
1410  IntPtr valuePtr = IntPtr.Zero;
1411  try
1412  {
1413  checkIndices(value, valueOffset, valueLength);
1414  getPointer(value, valueOffset, ref valueHandle, ref valuePtr);
1415  processStatus(wrapped_SetAttributeString(cryptHandle, attributeType, valuePtr, valueLength));
1416  }
1417  finally
1418  {
1419  releasePointer(valueHandle);
1420  }
1421  }
1422  public static void SetAttributeString(
1423  int cryptHandle, // CRYPT_HANDLE
1424  int attributeType, // CRYPT_ATTRIBUTE_TYPE
1425  byte[] value
1426  ) { SetAttributeString(cryptHandle, attributeType, value, 0, value == null ? 0 : value.Length); }
1427  public static void SetAttributeString(
1428  int cryptHandle, // CRYPT_HANDLE
1429  int attributeType, // CRYPT_ATTRIBUTE_TYPE
1430  String value
1431  ) { SetAttributeString(cryptHandle, attributeType, value == null ? null : new UTF8Encoding().GetBytes(value), 0, value == null ? 0 : new UTF8Encoding().GetByteCount(value)); }
1432 
1433  public static int GetAttribute(
1434  int cryptHandle, // CRYPT_HANDLE
1435  int attributeType // CRYPT_ATTRIBUTE_TYPE
1436  )
1437  {
1438  IntPtr valuePtr = Marshal.AllocHGlobal(4);
1439  try
1440  {
1441  processStatus(wrapped_GetAttribute(cryptHandle, attributeType, valuePtr));
1442  return Marshal.ReadInt32(valuePtr);
1443  }
1444  finally
1445  {
1446  Marshal.FreeHGlobal(valuePtr);
1447  }
1448  }
1449 
1450  public static int GetAttributeString(
1451  int cryptHandle, // CRYPT_HANDLE
1452  int attributeType, // CRYPT_ATTRIBUTE_TYPE
1453  byte[] value,
1454  int valueOffset
1455  )
1456  {
1457  IntPtr valueLengthPtr = Marshal.AllocHGlobal(4);
1458  GCHandle valueHandle = new GCHandle();
1459  IntPtr valuePtr = IntPtr.Zero;
1460  try
1461  {
1462  processStatus(wrapped_GetAttributeString(cryptHandle, attributeType, valuePtr, valueLengthPtr));
1463  int valueLength = Marshal.ReadInt32(valueLengthPtr);
1464  checkIndices(value, valueOffset, valueLength);
1465  getPointer(value, valueOffset, ref valueHandle, ref valuePtr);
1466  processStatus(wrapped_GetAttributeString(cryptHandle, attributeType, valuePtr, valueLengthPtr));
1467  return Marshal.ReadInt32(valueLengthPtr);
1468  }
1469  finally
1470  {
1471  Marshal.FreeHGlobal(valueLengthPtr);
1472  releasePointer(valueHandle);
1473  }
1474  }
1475  public static int GetAttributeString(
1476  int cryptHandle, // CRYPT_HANDLE
1477  int attributeType, // CRYPT_ATTRIBUTE_TYPE
1478  byte[] value
1479  ) { return GetAttributeString(cryptHandle, attributeType, value, 0); }
1480  public static String GetAttributeString(
1481  int cryptHandle, // CRYPT_HANDLE
1482  int attributeType // CRYPT_ATTRIBUTE_TYPE
1483  )
1484  {
1485  int length = GetAttributeString(cryptHandle, attributeType, null);
1486  byte[] bytes = new byte[length];
1487  length = GetAttributeString(cryptHandle, attributeType, bytes);
1488  return new UTF8Encoding().GetString(bytes, 0, length);
1489  }
1490 
1491 
1492  public static void DeleteAttribute(
1493  int cryptHandle, // CRYPT_HANDLE
1494  int attributeType // CRYPT_ATTRIBUTE_TYPE
1495  )
1496  {
1497  processStatus(wrapped_DeleteAttribute(cryptHandle, attributeType));
1498  }
1499 
1500  /* Oddball functions: Add random data to the pool, query an encoded signature
1501  or key data. These are due to be replaced once a suitable alternative can
1502  be found */
1503 
1504  public static void AddRandom(
1505  byte[] randomData,
1506  int randomDataOffset,
1507  int randomDataLength
1508  )
1509  {
1510  GCHandle randomDataHandle = new GCHandle();
1511  IntPtr randomDataPtr = IntPtr.Zero;
1512  try
1513  {
1514  checkIndices(randomData, randomDataOffset, randomDataLength);
1515  getPointer(randomData, randomDataOffset, ref randomDataHandle, ref randomDataPtr);
1516  processStatus(wrapped_AddRandom(randomDataPtr, randomDataLength));
1517  }
1518  finally
1519  {
1520  releasePointer(randomDataHandle);
1521  }
1522  }
1523  public static void AddRandom(
1524  byte[] randomData
1525  ) { AddRandom(randomData, 0, randomData == null ? 0 : randomData.Length); }
1526  public static void AddRandom(
1527  String randomData
1528  ) { AddRandom(randomData == null ? null : new UTF8Encoding().GetBytes(randomData), 0, randomData == null ? 0 : new UTF8Encoding().GetByteCount(randomData)); }
1529  public static void AddRandom(
1530  int pollType
1531  )
1532  {
1533  processStatus(wrapped_AddRandom(IntPtr.Zero, pollType));
1534  }
1535 
1536 
1537  public static CRYPT_OBJECT_INFO QueryObject(
1538  byte[] objectData,
1539  int objectDataOffset,
1540  int objectDataLength
1541  )
1542  {
1543  IntPtr cryptObjectInfoPtr = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(CRYPT_OBJECT_INFO)));
1544  CRYPT_OBJECT_INFO cryptObjectInfo = new CRYPT_OBJECT_INFO();
1545  GCHandle objectDataHandle = new GCHandle();
1546  IntPtr objectDataPtr = IntPtr.Zero;
1547  try
1548  {
1549  checkIndices(objectData, objectDataOffset, objectDataLength);
1550  getPointer(objectData, objectDataOffset, ref objectDataHandle, ref objectDataPtr);
1551  processStatus(wrapped_QueryObject(objectDataPtr, objectDataLength, cryptObjectInfoPtr));
1552  Marshal.PtrToStructure(cryptObjectInfoPtr, cryptObjectInfo);
1553  return cryptObjectInfo;
1554  }
1555  finally
1556  {
1557  Marshal.FreeHGlobal(cryptObjectInfoPtr);
1558  releasePointer(objectDataHandle);
1559  }
1560  }
1561  public static CRYPT_OBJECT_INFO QueryObject(
1562  byte[] objectData
1563  ) { return QueryObject(objectData, 0, objectData == null ? 0 : objectData.Length); }
1564  public static CRYPT_OBJECT_INFO QueryObject(
1565  String objectData
1566  ) { return QueryObject(objectData == null ? null : new UTF8Encoding().GetBytes(objectData), 0, objectData == null ? 0 : new UTF8Encoding().GetByteCount(objectData)); }
1567 
1568  /****************************************************************************
1569  * *
1570  * Mid-level Encryption Functions *
1571  * *
1572  ****************************************************************************/
1573 
1574  /* Export and import an encrypted session key */
1575 
1576  public static int ExportKey(
1577  byte[] encryptedKey,
1578  int encryptedKeyOffset,
1579  int encryptedKeyMaxLength,
1580  int exportKey, // CRYPT_HANDLE
1581  int sessionKeyContext // CRYPT_CONTEXT
1582  )
1583  {
1584  IntPtr encryptedKeyLengthPtr = Marshal.AllocHGlobal(4);
1585  GCHandle encryptedKeyHandle = new GCHandle();
1586  IntPtr encryptedKeyPtr = IntPtr.Zero;
1587  try
1588  {
1589  processStatus(wrapped_ExportKey(encryptedKeyPtr, encryptedKeyMaxLength, encryptedKeyLengthPtr, exportKey, sessionKeyContext));
1590  int encryptedKeyLength = Marshal.ReadInt32(encryptedKeyLengthPtr);
1591  checkIndices(encryptedKey, encryptedKeyOffset, encryptedKeyLength);
1592  getPointer(encryptedKey, encryptedKeyOffset, ref encryptedKeyHandle, ref encryptedKeyPtr);
1593  processStatus(wrapped_ExportKey(encryptedKeyPtr, encryptedKeyMaxLength, encryptedKeyLengthPtr, exportKey, sessionKeyContext));
1594  return Marshal.ReadInt32(encryptedKeyLengthPtr);
1595  }
1596  finally
1597  {
1598  Marshal.FreeHGlobal(encryptedKeyLengthPtr);
1599  releasePointer(encryptedKeyHandle);
1600  }
1601  }
1602  public static int ExportKey(
1603  byte[] encryptedKey,
1604  int encryptedKeyMaxLength,
1605  int exportKey, // CRYPT_HANDLE
1606  int sessionKeyContext // CRYPT_CONTEXT
1607  ) { return ExportKey(encryptedKey, 0, encryptedKeyMaxLength, exportKey, sessionKeyContext); }
1608 
1609  public static int ExportKeyEx(
1610  byte[] encryptedKey,
1611  int encryptedKeyOffset,
1612  int encryptedKeyMaxLength,
1613  int formatType, // CRYPT_FORMAT_TYPE
1614  int exportKey, // CRYPT_HANDLE
1615  int sessionKeyContext // CRYPT_CONTEXT
1616  )
1617  {
1618  IntPtr encryptedKeyLengthPtr = Marshal.AllocHGlobal(4);
1619  GCHandle encryptedKeyHandle = new GCHandle();
1620  IntPtr encryptedKeyPtr = IntPtr.Zero;
1621  try
1622  {
1623  processStatus(wrapped_ExportKeyEx(encryptedKeyPtr, encryptedKeyMaxLength, encryptedKeyLengthPtr, formatType, exportKey, sessionKeyContext));
1624  int encryptedKeyLength = Marshal.ReadInt32(encryptedKeyLengthPtr);
1625  checkIndices(encryptedKey, encryptedKeyOffset, encryptedKeyLength);
1626  getPointer(encryptedKey, encryptedKeyOffset, ref encryptedKeyHandle, ref encryptedKeyPtr);
1627  processStatus(wrapped_ExportKeyEx(encryptedKeyPtr, encryptedKeyMaxLength, encryptedKeyLengthPtr, formatType, exportKey, sessionKeyContext));
1628  return Marshal.ReadInt32(encryptedKeyLengthPtr);
1629  }
1630  finally
1631  {
1632  Marshal.FreeHGlobal(encryptedKeyLengthPtr);
1633  releasePointer(encryptedKeyHandle);
1634  }
1635  }
1636  public static int ExportKeyEx(
1637  byte[] encryptedKey,
1638  int encryptedKeyMaxLength,
1639  int formatType, // CRYPT_FORMAT_TYPE
1640  int exportKey, // CRYPT_HANDLE
1641  int sessionKeyContext // CRYPT_CONTEXT
1642  ) { return ExportKeyEx(encryptedKey, 0, encryptedKeyMaxLength, formatType, exportKey, sessionKeyContext); }
1643 
1644  public static void ImportKey(
1645  byte[] encryptedKey,
1646  int encryptedKeyOffset,
1647  int encryptedKeyLength,
1648  int importKey, // CRYPT_CONTEXT
1649  int sessionKeyContext // CRYPT_CONTEXT
1650  )
1651  {
1652  GCHandle encryptedKeyHandle = new GCHandle();
1653  IntPtr encryptedKeyPtr = IntPtr.Zero;
1654  try
1655  {
1656  checkIndices(encryptedKey, encryptedKeyOffset, encryptedKeyLength);
1657  getPointer(encryptedKey, encryptedKeyOffset, ref encryptedKeyHandle, ref encryptedKeyPtr);
1658  processStatus(wrapped_ImportKey(encryptedKeyPtr, encryptedKeyLength, importKey, sessionKeyContext));
1659  }
1660  finally
1661  {
1662  releasePointer(encryptedKeyHandle);
1663  }
1664  }
1665  public static void ImportKey(
1666  byte[] encryptedKey,
1667  int importKey, // CRYPT_CONTEXT
1668  int sessionKeyContext // CRYPT_CONTEXT
1669  ) { ImportKey(encryptedKey, 0, encryptedKey == null ? 0 : encryptedKey.Length, importKey, sessionKeyContext); }
1670  public static void ImportKey(
1671  String encryptedKey,
1672  int importKey, // CRYPT_CONTEXT
1673  int sessionKeyContext // CRYPT_CONTEXT
1674  ) { ImportKey(encryptedKey == null ? null : new UTF8Encoding().GetBytes(encryptedKey), 0, encryptedKey == null ? 0 : new UTF8Encoding().GetByteCount(encryptedKey), importKey, sessionKeyContext); }
1675 
1676  public static int ImportKeyEx(
1677  byte[] encryptedKey,
1678  int encryptedKeyOffset,
1679  int encryptedKeyLength,
1680  int importKey, // CRYPT_CONTEXT
1681  int sessionKeyContext // CRYPT_CONTEXT
1682  )
1683  {
1684  IntPtr returnedContextPtr = Marshal.AllocHGlobal(4);
1685  GCHandle encryptedKeyHandle = new GCHandle();
1686  IntPtr encryptedKeyPtr = IntPtr.Zero;
1687  try
1688  {
1689  checkIndices(encryptedKey, encryptedKeyOffset, encryptedKeyLength);
1690  getPointer(encryptedKey, encryptedKeyOffset, ref encryptedKeyHandle, ref encryptedKeyPtr);
1691  processStatus(wrapped_ImportKeyEx(encryptedKeyPtr, encryptedKeyLength, importKey, sessionKeyContext, returnedContextPtr));
1692  return Marshal.ReadInt32(returnedContextPtr);
1693  }
1694  finally
1695  {
1696  Marshal.FreeHGlobal(returnedContextPtr);
1697  releasePointer(encryptedKeyHandle);
1698  }
1699  }
1700  public static int ImportKeyEx(
1701  byte[] encryptedKey,
1702  int importKey, // CRYPT_CONTEXT
1703  int sessionKeyContext // CRYPT_CONTEXT
1704  ) { return ImportKeyEx(encryptedKey, 0, encryptedKey == null ? 0 : encryptedKey.Length, importKey, sessionKeyContext); }
1705  public static int ImportKeyEx(
1706  String encryptedKey,
1707  int importKey, // CRYPT_CONTEXT
1708  int sessionKeyContext // CRYPT_CONTEXT
1709  ) { return ImportKeyEx(encryptedKey == null ? null : new UTF8Encoding().GetBytes(encryptedKey), 0, encryptedKey == null ? 0 : new UTF8Encoding().GetByteCount(encryptedKey), importKey, sessionKeyContext); }
1710 
1711  /* Create and check a digital signature */
1712 
1713  public static int CreateSignature(
1714  byte[] signature,
1715  int signatureOffset,
1716  int signatureMaxLength,
1717  int signContext, // CRYPT_CONTEXT
1718  int hashContext // CRYPT_CONTEXT
1719  )
1720  {
1721  IntPtr signatureLengthPtr = Marshal.AllocHGlobal(4);
1722  GCHandle signatureHandle = new GCHandle();
1723  IntPtr signaturePtr = IntPtr.Zero;
1724  try
1725  {
1726  processStatus(wrapped_CreateSignature(signaturePtr, signatureMaxLength, signatureLengthPtr, signContext, hashContext));
1727  int signatureLength = Marshal.ReadInt32(signatureLengthPtr);
1728  checkIndices(signature, signatureOffset, signatureLength);
1729  getPointer(signature, signatureOffset, ref signatureHandle, ref signaturePtr);
1730  processStatus(wrapped_CreateSignature(signaturePtr, signatureMaxLength, signatureLengthPtr, signContext, hashContext));
1731  return Marshal.ReadInt32(signatureLengthPtr);
1732  }
1733  finally
1734  {
1735  Marshal.FreeHGlobal(signatureLengthPtr);
1736  releasePointer(signatureHandle);
1737  }
1738  }
1739  public static int CreateSignature(
1740  byte[] signature,
1741  int signatureMaxLength,
1742  int signContext, // CRYPT_CONTEXT
1743  int hashContext // CRYPT_CONTEXT
1744  ) { return CreateSignature(signature, 0, signatureMaxLength, signContext, hashContext); }
1745 
1746  public static int CreateSignatureEx(
1747  byte[] signature,
1748  int signatureOffset,
1749  int signatureMaxLength,
1750  int formatType, // CRYPT_FORMAT_TYPE
1751  int signContext, // CRYPT_CONTEXT
1752  int hashContext, // CRYPT_CONTEXT
1753  int extraData // CRYPT_CERTIFICATE
1754  )
1755  {
1756  IntPtr signatureLengthPtr = Marshal.AllocHGlobal(4);
1757  GCHandle signatureHandle = new GCHandle();
1758  IntPtr signaturePtr = IntPtr.Zero;
1759  try
1760  {
1761  processStatus(wrapped_CreateSignatureEx(signaturePtr, signatureMaxLength, signatureLengthPtr, formatType, signContext, hashContext, extraData));
1762  int signatureLength = Marshal.ReadInt32(signatureLengthPtr);
1763  checkIndices(signature, signatureOffset, signatureLength);
1764  getPointer(signature, signatureOffset, ref signatureHandle, ref signaturePtr);
1765  processStatus(wrapped_CreateSignatureEx(signaturePtr, signatureMaxLength, signatureLengthPtr, formatType, signContext, hashContext, extraData));
1766  return Marshal.ReadInt32(signatureLengthPtr);
1767  }
1768  finally
1769  {
1770  Marshal.FreeHGlobal(signatureLengthPtr);
1771  releasePointer(signatureHandle);
1772  }
1773  }
1774  public static int CreateSignatureEx(
1775  byte[] signature,
1776  int signatureMaxLength,
1777  int formatType, // CRYPT_FORMAT_TYPE
1778  int signContext, // CRYPT_CONTEXT
1779  int hashContext, // CRYPT_CONTEXT
1780  int extraData // CRYPT_CERTIFICATE
1781  ) { return CreateSignatureEx(signature, 0, signatureMaxLength, formatType, signContext, hashContext, extraData); }
1782 
1783  public static void CheckSignature(
1784  byte[] signature,
1785  int signatureOffset,
1786  int signatureLength,
1787  int sigCheckKey, // CRYPT_HANDLE
1788  int hashContext // CRYPT_CONTEXT
1789  )
1790  {
1791  GCHandle signatureHandle = new GCHandle();
1792  IntPtr signaturePtr = IntPtr.Zero;
1793  try
1794  {
1795  checkIndices(signature, signatureOffset, signatureLength);
1796  getPointer(signature, signatureOffset, ref signatureHandle, ref signaturePtr);
1797  processStatus(wrapped_CheckSignature(signaturePtr, signatureLength, sigCheckKey, hashContext));
1798  }
1799  finally
1800  {
1801  releasePointer(signatureHandle);
1802  }
1803  }
1804  public static void CheckSignature(
1805  byte[] signature,
1806  int sigCheckKey, // CRYPT_HANDLE
1807  int hashContext // CRYPT_CONTEXT
1808  ) { CheckSignature(signature, 0, signature == null ? 0 : signature.Length, sigCheckKey, hashContext); }
1809  public static void CheckSignature(
1810  String signature,
1811  int sigCheckKey, // CRYPT_HANDLE
1812  int hashContext // CRYPT_CONTEXT
1813  ) { CheckSignature(signature == null ? null : new UTF8Encoding().GetBytes(signature), 0, signature == null ? 0 : new UTF8Encoding().GetByteCount(signature), sigCheckKey, hashContext); }
1814 
1815  public static int CheckSignatureEx(
1816  byte[] signature,
1817  int signatureOffset,
1818  int signatureLength,
1819  int sigCheckKey, // CRYPT_HANDLE
1820  int hashContext // CRYPT_CONTEXT
1821  )
1822  {
1823  IntPtr extraDataPtr = Marshal.AllocHGlobal(4);
1824  GCHandle signatureHandle = new GCHandle();
1825  IntPtr signaturePtr = IntPtr.Zero;
1826  try
1827  {
1828  checkIndices(signature, signatureOffset, signatureLength);
1829  getPointer(signature, signatureOffset, ref signatureHandle, ref signaturePtr);
1830  processStatus(wrapped_CheckSignatureEx(signaturePtr, signatureLength, sigCheckKey, hashContext, extraDataPtr));
1831  return Marshal.ReadInt32(extraDataPtr);
1832  }
1833  finally
1834  {
1835  Marshal.FreeHGlobal(extraDataPtr);
1836  releasePointer(signatureHandle);
1837  }
1838  }
1839  public static int CheckSignatureEx(
1840  byte[] signature,
1841  int sigCheckKey, // CRYPT_HANDLE
1842  int hashContext // CRYPT_CONTEXT
1843  ) { return CheckSignatureEx(signature, 0, signature == null ? 0 : signature.Length, sigCheckKey, hashContext); }
1844  public static int CheckSignatureEx(
1845  String signature,
1846  int sigCheckKey, // CRYPT_HANDLE
1847  int hashContext // CRYPT_CONTEXT
1848  ) { return CheckSignatureEx(signature == null ? null : new UTF8Encoding().GetBytes(signature), 0, signature == null ? 0 : new UTF8Encoding().GetByteCount(signature), sigCheckKey, hashContext); }
1849 
1850  /****************************************************************************
1851  * *
1852  * Keyset Functions *
1853  * *
1854  ****************************************************************************/
1855 
1856  /* Open and close a keyset */
1857 
1858  public static int KeysetOpen(
1859  int cryptUser, // CRYPT_USER
1860  int keysetType, // CRYPT_KEYSET_TYPE
1861  String name,
1862  int options // CRYPT_KEYOPT_TYPE
1863  )
1864  {
1865  IntPtr keysetPtr = Marshal.AllocHGlobal(4);
1866  GCHandle nameHandle = new GCHandle();
1867  IntPtr namePtr = IntPtr.Zero;
1868  byte[] nameArray = new UTF8Encoding().GetBytes(name);
1869  try
1870  {
1871  getPointer(nameArray, 0, ref nameHandle, ref namePtr);
1872  processStatus(wrapped_KeysetOpen(keysetPtr, cryptUser, keysetType, namePtr, options));
1873  return Marshal.ReadInt32(keysetPtr);
1874  }
1875  finally
1876  {
1877  Marshal.FreeHGlobal(keysetPtr);
1878  releasePointer(nameHandle);
1879  }
1880  }
1881 
1882  public static void KeysetClose(
1883  int keyset // CRYPT_KEYSET
1884  )
1885  {
1886  processStatus(wrapped_KeysetClose(keyset));
1887  }
1888 
1889  /* Get a key from a keyset or device */
1890 
1891  public static int GetPublicKey(
1892  int keyset, // CRYPT_KEYSET
1893  int keyIDtype, // CRYPT_KEYID_TYPE
1894  String keyID
1895  )
1896  {
1897  IntPtr cryptContextPtr = Marshal.AllocHGlobal(4);
1898  GCHandle keyIDHandle = new GCHandle();
1899  IntPtr keyIDPtr = IntPtr.Zero;
1900  byte[] keyIDArray = new UTF8Encoding().GetBytes(keyID);
1901  try
1902  {
1903  getPointer(keyIDArray, 0, ref keyIDHandle, ref keyIDPtr);
1904  processStatus(wrapped_GetPublicKey(keyset, cryptContextPtr, keyIDtype, keyIDPtr));
1905  return Marshal.ReadInt32(cryptContextPtr);
1906  }
1907  finally
1908  {
1909  Marshal.FreeHGlobal(cryptContextPtr);
1910  releasePointer(keyIDHandle);
1911  }
1912  }
1913 
1914  public static int GetPrivateKey(
1915  int keyset, // CRYPT_KEYSET
1916  int keyIDtype, // CRYPT_KEYID_TYPE
1917  String keyID,
1918  String password
1919  )
1920  {
1921  IntPtr cryptContextPtr = Marshal.AllocHGlobal(4);
1922  GCHandle keyIDHandle = new GCHandle();
1923  IntPtr keyIDPtr = IntPtr.Zero;
1924  byte[] keyIDArray = new UTF8Encoding().GetBytes(keyID);
1925  GCHandle passwordHandle = new GCHandle();
1926  IntPtr passwordPtr = IntPtr.Zero;
1927  byte[] passwordArray = new UTF8Encoding().GetBytes(password);
1928  try
1929  {
1930  getPointer(keyIDArray, 0, ref keyIDHandle, ref keyIDPtr);
1931  getPointer(passwordArray, 0, ref passwordHandle, ref passwordPtr);
1932  processStatus(wrapped_GetPrivateKey(keyset, cryptContextPtr, keyIDtype, keyIDPtr, passwordPtr));
1933  return Marshal.ReadInt32(cryptContextPtr);
1934  }
1935  finally
1936  {
1937  Marshal.FreeHGlobal(cryptContextPtr);
1938  releasePointer(keyIDHandle);
1939  releasePointer(passwordHandle);
1940  }
1941  }
1942 
1943  public static int GetKey(
1944  int keyset, // CRYPT_KEYSET
1945  int keyIDtype, // CRYPT_KEYID_TYPE
1946  String keyID,
1947  String password
1948  )
1949  {
1950  IntPtr cryptContextPtr = Marshal.AllocHGlobal(4);
1951  GCHandle keyIDHandle = new GCHandle();
1952  IntPtr keyIDPtr = IntPtr.Zero;
1953  byte[] keyIDArray = new UTF8Encoding().GetBytes(keyID);
1954  GCHandle passwordHandle = new GCHandle();
1955  IntPtr passwordPtr = IntPtr.Zero;
1956  byte[] passwordArray = new UTF8Encoding().GetBytes(password);
1957  try
1958  {
1959  getPointer(keyIDArray, 0, ref keyIDHandle, ref keyIDPtr);
1960  getPointer(passwordArray, 0, ref passwordHandle, ref passwordPtr);
1961  processStatus(wrapped_GetKey(keyset, cryptContextPtr, keyIDtype, keyIDPtr, passwordPtr));
1962  return Marshal.ReadInt32(cryptContextPtr);
1963  }
1964  finally
1965  {
1966  Marshal.FreeHGlobal(cryptContextPtr);
1967  releasePointer(keyIDHandle);
1968  releasePointer(passwordHandle);
1969  }
1970  }
1971 
1972  /* Add/delete a key to/from a keyset or device */
1973 
1974  public static void AddPublicKey(
1975  int keyset, // CRYPT_KEYSET
1976  int certificate // CRYPT_CERTIFICATE
1977  )
1978  {
1979  processStatus(wrapped_AddPublicKey(keyset, certificate));
1980  }
1981 
1982  public static void AddPrivateKey(
1983  int keyset, // CRYPT_KEYSET
1984  int cryptKey, // CRYPT_HANDLE
1985  String password
1986  )
1987  {
1988  GCHandle passwordHandle = new GCHandle();
1989  IntPtr passwordPtr = IntPtr.Zero;
1990  byte[] passwordArray = new UTF8Encoding().GetBytes(password);
1991  try
1992  {
1993  getPointer(passwordArray, 0, ref passwordHandle, ref passwordPtr);
1994  processStatus(wrapped_AddPrivateKey(keyset, cryptKey, passwordPtr));
1995  }
1996  finally
1997  {
1998  releasePointer(passwordHandle);
1999  }
2000  }
2001 
2002  public static void DeleteKey(
2003  int keyset, // CRYPT_KEYSET
2004  int keyIDtype, // CRYPT_KEYID_TYPE
2005  String keyID
2006  )
2007  {
2008  GCHandle keyIDHandle = new GCHandle();
2009  IntPtr keyIDPtr = IntPtr.Zero;
2010  byte[] keyIDArray = new UTF8Encoding().GetBytes(keyID);
2011  try
2012  {
2013  getPointer(keyIDArray, 0, ref keyIDHandle, ref keyIDPtr);
2014  processStatus(wrapped_DeleteKey(keyset, keyIDtype, keyIDPtr));
2015  }
2016  finally
2017  {
2018  releasePointer(keyIDHandle);
2019  }
2020  }
2021 
2022  /****************************************************************************
2023  * *
2024  * Certificate Functions *
2025  * *
2026  ****************************************************************************/
2027 
2028  /* Create/destroy a certificate */
2029 
2030  public static int CreateCert(
2031  int cryptUser, // CRYPT_USER
2032  int certType // CRYPT_CERTTYPE_TYPE
2033  )
2034  {
2035  IntPtr certificatePtr = Marshal.AllocHGlobal(4);
2036  try
2037  {
2038  processStatus(wrapped_CreateCert(certificatePtr, cryptUser, certType));
2039  return Marshal.ReadInt32(certificatePtr);
2040  }
2041  finally
2042  {
2043  Marshal.FreeHGlobal(certificatePtr);
2044  }
2045  }
2046 
2047  public static void DestroyCert(
2048  int certificate // CRYPT_CERTIFICATE
2049  )
2050  {
2051  processStatus(wrapped_DestroyCert(certificate));
2052  }
2053 
2054  /* Get/add/delete certificate extensions. These are direct data insertion
2055  functions whose use is discouraged, so they fix the string at char *
2056  rather than C_STR */
2057 
2058  public static int GetCertExtension(
2059  int certificate, // CRYPT_CERTIFICATE
2060  String oid,
2061  byte[] extension,
2062  int extensionOffset,
2063  int extensionMaxLength
2064  )
2065  {
2066  IntPtr extensionLengthPtr = Marshal.AllocHGlobal(4);
2067  IntPtr criticalFlagPtr = Marshal.AllocHGlobal(4);
2068  GCHandle oidHandle = new GCHandle();
2069  IntPtr oidPtr = IntPtr.Zero;
2070  byte[] oidArray = new UTF8Encoding().GetBytes(oid);
2071  GCHandle extensionHandle = new GCHandle();
2072  IntPtr extensionPtr = IntPtr.Zero;
2073  try
2074  {
2075  getPointer(oidArray, 0, ref oidHandle, ref oidPtr);
2076  processStatus(wrapped_GetCertExtension(certificate, oidPtr, criticalFlagPtr, extensionPtr, extensionMaxLength, extensionLengthPtr));
2077  int extensionLength = Marshal.ReadInt32(extensionLengthPtr);
2078  checkIndices(extension, extensionOffset, extensionLength);
2079  getPointer(extension, extensionOffset, ref extensionHandle, ref extensionPtr);
2080  processStatus(wrapped_GetCertExtension(certificate, oidPtr, criticalFlagPtr, extensionPtr, extensionMaxLength, extensionLengthPtr));
2081  return Marshal.ReadInt32(extensionLengthPtr);
2082  }
2083  finally
2084  {
2085  Marshal.FreeHGlobal(extensionLengthPtr);
2086  releasePointer(extensionHandle);
2087  releasePointer(oidHandle);
2088  }
2089  }
2090  public static int GetCertExtension(
2091  int certificate, // CRYPT_CERTIFICATE
2092  String oid,
2093  byte[] extension,
2094  int extensionMaxLength
2095  ) { return GetCertExtension(certificate, oid, extension, 0, extensionMaxLength); }
2096 
2097  public static void AddCertExtension(
2098  int certificate, // CRYPT_CERTIFICATE
2099  String oid,
2100  int criticalFlag,
2101  byte[] extension,
2102  int extensionOffset,
2103  int extensionLength
2104  )
2105  {
2106  GCHandle oidHandle = new GCHandle();
2107  IntPtr oidPtr = IntPtr.Zero;
2108  byte[] oidArray = new UTF8Encoding().GetBytes(oid);
2109  GCHandle extensionHandle = new GCHandle();
2110  IntPtr extensionPtr = IntPtr.Zero;
2111  try
2112  {
2113  getPointer(oidArray, 0, ref oidHandle, ref oidPtr);
2114  checkIndices(extension, extensionOffset, extensionLength);
2115  getPointer(extension, extensionOffset, ref extensionHandle, ref extensionPtr);
2116  processStatus(wrapped_AddCertExtension(certificate, oidPtr, criticalFlag, extensionPtr, extensionLength));
2117  }
2118  finally
2119  {
2120  releasePointer(extensionHandle);
2121  releasePointer(oidHandle);
2122  }
2123  }
2124  public static void AddCertExtension(
2125  int certificate, // CRYPT_CERTIFICATE
2126  String oid,
2127  int criticalFlag,
2128  byte[] extension
2129  ) { AddCertExtension(certificate, oid, criticalFlag, extension, 0, extension == null ? 0 : extension.Length); }
2130  public static void AddCertExtension(
2131  int certificate, // CRYPT_CERTIFICATE
2132  String oid,
2133  int criticalFlag,
2134  String extension
2135  ) { AddCertExtension(certificate, oid, criticalFlag, extension == null ? null : new UTF8Encoding().GetBytes(extension), 0, extension == null ? 0 : new UTF8Encoding().GetByteCount(extension)); }
2136 
2137  public static void DeleteCertExtension(
2138  int certificate, // CRYPT_CERTIFICATE
2139  String oid
2140  )
2141  {
2142  GCHandle oidHandle = new GCHandle();
2143  IntPtr oidPtr = IntPtr.Zero;
2144  byte[] oidArray = new UTF8Encoding().GetBytes(oid);
2145  try
2146  {
2147  getPointer(oidArray, 0, ref oidHandle, ref oidPtr);
2148  processStatus(wrapped_DeleteCertExtension(certificate, oidPtr));
2149  }
2150  finally
2151  {
2152  releasePointer(oidHandle);
2153  }
2154  }
2155 
2156  /* Sign/sig.check a certificate/certification request */
2157 
2158  public static void SignCert(
2159  int certificate, // CRYPT_CERTIFICATE
2160  int signContext // CRYPT_CONTEXT
2161  )
2162  {
2163  processStatus(wrapped_SignCert(certificate, signContext));
2164  }
2165 
2166  public static void CheckCert(
2167  int certificate, // CRYPT_CERTIFICATE
2168  int sigCheckKey // CRYPT_HANDLE
2169  )
2170  {
2171  processStatus(wrapped_CheckCert(certificate, sigCheckKey));
2172  }
2173 
2174  /* Import/export a certificate/certification request */
2175 
2176  public static int ImportCert(
2177  byte[] certObject,
2178  int certObjectOffset,
2179  int certObjectLength,
2180  int cryptUser // CRYPT_USER
2181  )
2182  {
2183  IntPtr certificatePtr = Marshal.AllocHGlobal(4);
2184  GCHandle certObjectHandle = new GCHandle();
2185  IntPtr certObjectPtr = IntPtr.Zero;
2186  try
2187  {
2188  checkIndices(certObject, certObjectOffset, certObjectLength);
2189  getPointer(certObject, certObjectOffset, ref certObjectHandle, ref certObjectPtr);
2190  processStatus(wrapped_ImportCert(certObjectPtr, certObjectLength, cryptUser, certificatePtr));
2191  return Marshal.ReadInt32(certificatePtr);
2192  }
2193  finally
2194  {
2195  Marshal.FreeHGlobal(certificatePtr);
2196  releasePointer(certObjectHandle);
2197  }
2198  }
2199  public static int ImportCert(
2200  byte[] certObject,
2201  int cryptUser // CRYPT_USER
2202  ) { return ImportCert(certObject, 0, certObject == null ? 0 : certObject.Length, cryptUser); }
2203  public static int ImportCert(
2204  String certObject,
2205  int cryptUser // CRYPT_USER
2206  ) { return ImportCert(certObject == null ? null : new UTF8Encoding().GetBytes(certObject), 0, certObject == null ? 0 : new UTF8Encoding().GetByteCount(certObject), cryptUser); }
2207 
2208  public static int ExportCert(
2209  byte[] certObject,
2210  int certObjectOffset,
2211  int certObjectMaxLength,
2212  int certFormatType, // CRYPT_CERTFORMAT_TYPE
2213  int certificate // CRYPT_CERTIFICATE
2214  )
2215  {
2216  IntPtr certObjectLengthPtr = Marshal.AllocHGlobal(4);
2217  GCHandle certObjectHandle = new GCHandle();
2218  IntPtr certObjectPtr = IntPtr.Zero;
2219  try
2220  {
2221  processStatus(wrapped_ExportCert(certObjectPtr, certObjectMaxLength, certObjectLengthPtr, certFormatType, certificate));
2222  int certObjectLength = Marshal.ReadInt32(certObjectLengthPtr);
2223  checkIndices(certObject, certObjectOffset, certObjectLength);
2224  getPointer(certObject, certObjectOffset, ref certObjectHandle, ref certObjectPtr);
2225  processStatus(wrapped_ExportCert(certObjectPtr, certObjectMaxLength, certObjectLengthPtr, certFormatType, certificate));
2226  return Marshal.ReadInt32(certObjectLengthPtr);
2227  }
2228  finally
2229  {
2230  Marshal.FreeHGlobal(certObjectLengthPtr);
2231  releasePointer(certObjectHandle);
2232  }
2233  }
2234  public static int ExportCert(
2235  byte[] certObject,
2236  int certObjectMaxLength,
2237  int certFormatType, // CRYPT_CERTFORMAT_TYPE
2238  int certificate // CRYPT_CERTIFICATE
2239  ) { return ExportCert(certObject, 0, certObjectMaxLength, certFormatType, certificate); }
2240 
2241  /* CA management functions */
2242 
2243  public static void CAAddItem(
2244  int keyset, // CRYPT_KEYSET
2245  int certificate // CRYPT_CERTIFICATE
2246  )
2247  {
2248  processStatus(wrapped_CAAddItem(keyset, certificate));
2249  }
2250 
2251  public static int CAGetItem(
2252  int keyset, // CRYPT_KEYSET
2253  int certType, // CRYPT_CERTTYPE_TYPE
2254  int keyIDtype, // CRYPT_KEYID_TYPE
2255  String keyID
2256  )
2257  {
2258  IntPtr certificatePtr = Marshal.AllocHGlobal(4);
2259  GCHandle keyIDHandle = new GCHandle();
2260  IntPtr keyIDPtr = IntPtr.Zero;
2261  byte[] keyIDArray = new UTF8Encoding().GetBytes(keyID);
2262  try
2263  {
2264  getPointer(keyIDArray, 0, ref keyIDHandle, ref keyIDPtr);
2265  processStatus(wrapped_CAGetItem(keyset, certificatePtr, certType, keyIDtype, keyIDPtr));
2266  return Marshal.ReadInt32(certificatePtr);
2267  }
2268  finally
2269  {
2270  Marshal.FreeHGlobal(certificatePtr);
2271  releasePointer(keyIDHandle);
2272  }
2273  }
2274 
2275  public static void CADeleteItem(
2276  int keyset, // CRYPT_KEYSET
2277  int certType, // CRYPT_CERTTYPE_TYPE
2278  int keyIDtype, // CRYPT_KEYID_TYPE
2279  String keyID
2280  )
2281  {
2282  GCHandle keyIDHandle = new GCHandle();
2283  IntPtr keyIDPtr = IntPtr.Zero;
2284  byte[] keyIDArray = new UTF8Encoding().GetBytes(keyID);
2285  try
2286  {
2287  getPointer(keyIDArray, 0, ref keyIDHandle, ref keyIDPtr);
2288  processStatus(wrapped_CADeleteItem(keyset, certType, keyIDtype, keyIDPtr));
2289  }
2290  finally
2291  {
2292  releasePointer(keyIDHandle);
2293  }
2294  }
2295 
2296  public static int CACertManagement(
2297  int action, // CRYPT_CERTACTION_TYPE
2298  int keyset, // CRYPT_KEYSET
2299  int caKey, // CRYPT_CONTEXT
2300  int certRequest // CRYPT_CERTIFICATE
2301  )
2302  {
2303  IntPtr certificatePtr = Marshal.AllocHGlobal(4);
2304  try
2305  {
2306  processStatus(wrapped_CACertManagement(certificatePtr, action, keyset, caKey, certRequest));
2307  return Marshal.ReadInt32(certificatePtr);
2308  }
2309  finally
2310  {
2311  Marshal.FreeHGlobal(certificatePtr);
2312  }
2313  }
2314 
2315  /****************************************************************************
2316  * *
2317  * Envelope and Session Functions *
2318  * *
2319  ****************************************************************************/
2320 
2321  /* Create/destroy an envelope */
2322 
2323  public static int CreateEnvelope(
2324  int cryptUser, // CRYPT_USER
2325  int formatType // CRYPT_FORMAT_TYPE
2326  )
2327  {
2328  IntPtr envelopePtr = Marshal.AllocHGlobal(4);
2329  try
2330  {
2331  processStatus(wrapped_CreateEnvelope(envelopePtr, cryptUser, formatType));
2332  return Marshal.ReadInt32(envelopePtr);
2333  }
2334  finally
2335  {
2336  Marshal.FreeHGlobal(envelopePtr);
2337  }
2338  }
2339 
2340  public static void DestroyEnvelope(
2341  int envelope // CRYPT_ENVELOPE
2342  )
2343  {
2344  processStatus(wrapped_DestroyEnvelope(envelope));
2345  }
2346 
2347  /* Create/destroy a session */
2348 
2349  public static int CreateSession(
2350  int cryptUser, // CRYPT_USER
2351  int formatType // CRYPT_SESSION_TYPE
2352  )
2353  {
2354  IntPtr sessionPtr = Marshal.AllocHGlobal(4);
2355  try
2356  {
2357  processStatus(wrapped_CreateSession(sessionPtr, cryptUser, formatType));
2358  return Marshal.ReadInt32(sessionPtr);
2359  }
2360  finally
2361  {
2362  Marshal.FreeHGlobal(sessionPtr);
2363  }
2364  }
2365 
2366  public static void DestroySession(
2367  int session // CRYPT_SESSION
2368  )
2369  {
2370  processStatus(wrapped_DestroySession(session));
2371  }
2372 
2373  /* Add/remove data to/from and envelope or session */
2374 
2375  public static int PushData(
2376  int envelope, // CRYPT_HANDLE
2377  byte[] buffer,
2378  int bufferOffset,
2379  int length
2380  )
2381  {
2382  IntPtr bytesCopiedPtr = Marshal.AllocHGlobal(4);
2383  GCHandle bufferHandle = new GCHandle();
2384  IntPtr bufferPtr = IntPtr.Zero;
2385  try
2386  {
2387  int bytesCopied = 0;
2388  int status;
2389  checkIndices(buffer, bufferOffset, length);
2390  getPointer(buffer, bufferOffset, ref bufferHandle, ref bufferPtr);
2391  status = wrapped_PushData(envelope, bufferPtr, length, bytesCopiedPtr);
2392  bytesCopied = Marshal.ReadInt32(bytesCopiedPtr);
2393  processStatus(status, bytesCopied);
2394  return bytesCopied;
2395  }
2396  finally
2397  {
2398  Marshal.FreeHGlobal(bytesCopiedPtr);
2399  releasePointer(bufferHandle);
2400  }
2401  }
2402  public static int PushData(
2403  int envelope, // CRYPT_HANDLE
2404  byte[] buffer
2405  ) { return PushData(envelope, buffer, 0, buffer == null ? 0 : buffer.Length); }
2406  public static int PushData(
2407  int envelope, // CRYPT_HANDLE
2408  String buffer
2409  ) { return PushData(envelope, buffer == null ? null : new UTF8Encoding().GetBytes(buffer), 0, buffer == null ? 0 : new UTF8Encoding().GetByteCount(buffer)); }
2410 
2411  public static void FlushData(
2412  int envelope // CRYPT_HANDLE
2413  )
2414  {
2415  processStatus(wrapped_FlushData(envelope));
2416  }
2417 
2418  public static int PopData(
2419  int envelope, // CRYPT_HANDLE
2420  byte[] buffer,
2421  int bufferOffset,
2422  int length
2423  )
2424  {
2425  IntPtr bytesCopiedPtr = Marshal.AllocHGlobal(4);
2426  GCHandle bufferHandle = new GCHandle();
2427  IntPtr bufferPtr = IntPtr.Zero;
2428  try
2429  {
2430  int bytesCopied = 0;
2431  int status;
2432  checkIndices(buffer, bufferOffset, bytesCopied);
2433  getPointer(buffer, bufferOffset, ref bufferHandle, ref bufferPtr);
2434  status = wrapped_PopData(envelope, bufferPtr, length, bytesCopiedPtr);
2435  bytesCopied = Marshal.ReadInt32(bytesCopiedPtr);
2436  processStatus(status, bytesCopied);
2437  return bytesCopied;
2438  }
2439  finally
2440  {
2441  Marshal.FreeHGlobal(bytesCopiedPtr);
2442  releasePointer(bufferHandle);
2443  }
2444  }
2445  public static int PopData(
2446  int envelope, // CRYPT_HANDLE
2447  byte[] buffer,
2448  int length
2449  ) { return PopData(envelope, buffer, 0, length); }
2450 
2451  /****************************************************************************
2452  * *
2453  * Device Functions *
2454  * *
2455  ****************************************************************************/
2456 
2457  /* Open and close a device */
2458 
2459  public static int DeviceOpen(
2460  int cryptUser, // CRYPT_USER
2461  int deviceType, // CRYPT_DEVICE_TYPE
2462  String name
2463  )
2464  {
2465  IntPtr devicePtr = Marshal.AllocHGlobal(4);
2466  GCHandle nameHandle = new GCHandle();
2467  IntPtr namePtr = IntPtr.Zero;
2468  byte[] nameArray = new UTF8Encoding().GetBytes(name);
2469  try
2470  {
2471  getPointer(nameArray, 0, ref nameHandle, ref namePtr);
2472  processStatus(wrapped_DeviceOpen(devicePtr, cryptUser, deviceType, namePtr));
2473  return Marshal.ReadInt32(devicePtr);
2474  }
2475  finally
2476  {
2477  Marshal.FreeHGlobal(devicePtr);
2478  releasePointer(nameHandle);
2479  }
2480  }
2481 
2482  public static void DeviceClose(
2483  int device // CRYPT_DEVICE
2484  )
2485  {
2486  processStatus(wrapped_DeviceClose(device));
2487  }
2488 
2489  /* Query a devices capabilities */
2490 
2491  public static CRYPT_QUERY_INFO DeviceQueryCapability(
2492  int device, // CRYPT_DEVICE
2493  int cryptAlgo // CRYPT_ALGO_TYPE
2494  )
2495  {
2496  IntPtr cryptQueryInfoPtr = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(CRYPT_QUERY_INFO)));
2497  CRYPT_QUERY_INFO cryptQueryInfo = new CRYPT_QUERY_INFO();
2498  try
2499  {
2500  processStatus(wrapped_DeviceQueryCapability(device, cryptAlgo, cryptQueryInfoPtr));
2501  Marshal.PtrToStructure(cryptQueryInfoPtr, cryptQueryInfo);
2502  return cryptQueryInfo;
2503  }
2504  finally
2505  {
2506  Marshal.FreeHGlobal(cryptQueryInfoPtr);
2507  }
2508  }
2509 
2510  /* Create an encryption context via the device */
2511 
2512  public static int DeviceCreateContext(
2513  int device, // CRYPT_DEVICE
2514  int cryptAlgo // CRYPT_ALGO_TYPE
2515  )
2516  {
2517  IntPtr cryptContextPtr = Marshal.AllocHGlobal(4);
2518  try
2519  {
2520  processStatus(wrapped_DeviceCreateContext(device, cryptContextPtr, cryptAlgo));
2521  return Marshal.ReadInt32(cryptContextPtr);
2522  }
2523  finally
2524  {
2525  Marshal.FreeHGlobal(cryptContextPtr);
2526  }
2527  }
2528 
2529  /****************************************************************************
2530  * *
2531  * User Management Functions *
2532  * *
2533  ****************************************************************************/
2534 
2535  /* Log on and off (create/destroy a user object) */
2536 
2537  public static int Login(
2538  String name,
2539  String password
2540  )
2541  {
2542  IntPtr userPtr = Marshal.AllocHGlobal(4);
2543  GCHandle nameHandle = new GCHandle();
2544  IntPtr namePtr = IntPtr.Zero;
2545  byte[] nameArray = new UTF8Encoding().GetBytes(name);
2546  GCHandle passwordHandle = new GCHandle();
2547  IntPtr passwordPtr = IntPtr.Zero;
2548  byte[] passwordArray = new UTF8Encoding().GetBytes(password);
2549  try
2550  {
2551  getPointer(nameArray, 0, ref nameHandle, ref namePtr);
2552  getPointer(passwordArray, 0, ref passwordHandle, ref passwordPtr);
2553  processStatus(wrapped_Login(userPtr, namePtr, passwordPtr));
2554  return Marshal.ReadInt32(userPtr);
2555  }
2556  finally
2557  {
2558  Marshal.FreeHGlobal(userPtr);
2559  releasePointer(nameHandle);
2560  releasePointer(passwordHandle);
2561  }
2562  }
2563 
2564  public static void Logout(
2565  int user // CRYPT_USER
2566  )
2567  {
2568  processStatus(wrapped_Logout(user));
2569  }
2570 
2571  /****************************************************************************
2572  * *
2573  * User Interface Functions *
2574  * *
2575  ****************************************************************************/
2576 
2577 
2578  [DllImport("cl32.dll", EntryPoint="cryptInit")]
2579  private static extern int wrapped_Init();
2580 
2581  [DllImport("cl32.dll", EntryPoint="cryptEnd")]
2582  private static extern int wrapped_End();
2583 
2584  [DllImport("cl32.dll", EntryPoint="cryptQueryCapability")]
2585  private static extern int wrapped_QueryCapability(int cryptAlgo, IntPtr cryptQueryInfo);
2586 
2587  [DllImport("cl32.dll", EntryPoint="cryptCreateContext")]
2588  private static extern int wrapped_CreateContext(IntPtr cryptContext, int cryptUser, int cryptAlgo);
2589 
2590  [DllImport("cl32.dll", EntryPoint="cryptDestroyContext")]
2591  private static extern int wrapped_DestroyContext(int cryptContext);
2592 
2593  [DllImport("cl32.dll", EntryPoint="cryptDestroyObject")]
2594  private static extern int wrapped_DestroyObject(int cryptObject);
2595 
2596  [DllImport("cl32.dll", EntryPoint="cryptGenerateKey")]
2597  private static extern int wrapped_GenerateKey(int cryptContext);
2598 
2599  [DllImport("cl32.dll", EntryPoint="cryptGenerateKeyAsync")]
2600  private static extern int wrapped_GenerateKeyAsync(int cryptContext);
2601 
2602  [DllImport("cl32.dll", EntryPoint="cryptAsyncQuery")]
2603  private static extern int wrapped_AsyncQuery(int cryptObject);
2604 
2605  [DllImport("cl32.dll", EntryPoint="cryptAsyncCancel")]
2606  private static extern int wrapped_AsyncCancel(int cryptObject);
2607 
2608  [DllImport("cl32.dll", EntryPoint="cryptEncrypt")]
2609  private static extern int wrapped_Encrypt(int cryptContext, IntPtr buffer, int length);
2610 
2611  [DllImport("cl32.dll", EntryPoint="cryptDecrypt")]
2612  private static extern int wrapped_Decrypt(int cryptContext, IntPtr buffer, int length);
2613 
2614  [DllImport("cl32.dll", EntryPoint="cryptSetAttribute")]
2615  private static extern int wrapped_SetAttribute(int cryptHandle, int attributeType, int value);
2616 
2617  [DllImport("cl32.dll", EntryPoint="cryptSetAttributeString")]
2618  private static extern int wrapped_SetAttributeString(int cryptHandle, int attributeType, IntPtr value, int valueLength);
2619 
2620  [DllImport("cl32.dll", EntryPoint="cryptGetAttribute")]
2621  private static extern int wrapped_GetAttribute(int cryptHandle, int attributeType, IntPtr value);
2622 
2623  [DllImport("cl32.dll", EntryPoint="cryptGetAttributeString")]
2624  private static extern int wrapped_GetAttributeString(int cryptHandle, int attributeType, IntPtr value, IntPtr valueLength);
2625 
2626  [DllImport("cl32.dll", EntryPoint="cryptDeleteAttribute")]
2627  private static extern int wrapped_DeleteAttribute(int cryptHandle, int attributeType);
2628 
2629  [DllImport("cl32.dll", EntryPoint="cryptAddRandom")]
2630  private static extern int wrapped_AddRandom(IntPtr randomData, int randomDataLength);
2631 
2632  [DllImport("cl32.dll", EntryPoint="cryptQueryObject")]
2633  private static extern int wrapped_QueryObject(IntPtr objectData, int objectDataLength, IntPtr cryptObjectInfo);
2634 
2635  [DllImport("cl32.dll", EntryPoint="cryptExportKey")]
2636  private static extern int wrapped_ExportKey(IntPtr encryptedKey, int encryptedKeyMaxLength, IntPtr encryptedKeyLength, int exportKey, int sessionKeyContext);
2637 
2638  [DllImport("cl32.dll", EntryPoint="cryptExportKeyEx")]
2639  private static extern int wrapped_ExportKeyEx(IntPtr encryptedKey, int encryptedKeyMaxLength, IntPtr encryptedKeyLength, int formatType, int exportKey, int sessionKeyContext);
2640 
2641  [DllImport("cl32.dll", EntryPoint="cryptImportKey")]
2642  private static extern int wrapped_ImportKey(IntPtr encryptedKey, int encryptedKeyLength, int importKey, int sessionKeyContext);
2643 
2644  [DllImport("cl32.dll", EntryPoint="cryptImportKeyEx")]
2645  private static extern int wrapped_ImportKeyEx(IntPtr encryptedKey, int encryptedKeyLength, int importKey, int sessionKeyContext, IntPtr returnedContext);
2646 
2647  [DllImport("cl32.dll", EntryPoint="cryptCreateSignature")]
2648  private static extern int wrapped_CreateSignature(IntPtr signature, int signatureMaxLength, IntPtr signatureLength, int signContext, int hashContext);
2649 
2650  [DllImport("cl32.dll", EntryPoint="cryptCreateSignatureEx")]
2651  private static extern int wrapped_CreateSignatureEx(IntPtr signature, int signatureMaxLength, IntPtr signatureLength, int formatType, int signContext, int hashContext, int extraData);
2652 
2653  [DllImport("cl32.dll", EntryPoint="cryptCheckSignature")]
2654  private static extern int wrapped_CheckSignature(IntPtr signature, int signatureLength, int sigCheckKey, int hashContext);
2655 
2656  [DllImport("cl32.dll", EntryPoint="cryptCheckSignatureEx")]
2657  private static extern int wrapped_CheckSignatureEx(IntPtr signature, int signatureLength, int sigCheckKey, int hashContext, IntPtr extraData);
2658 
2659  [DllImport("cl32.dll", EntryPoint="cryptKeysetOpen")]
2660  private static extern int wrapped_KeysetOpen(IntPtr keyset, int cryptUser, int keysetType, IntPtr name, int options);
2661 
2662  [DllImport("cl32.dll", EntryPoint="cryptKeysetClose")]
2663  private static extern int wrapped_KeysetClose(int keyset);
2664 
2665  [DllImport("cl32.dll", EntryPoint="cryptGetPublicKey")]
2666  private static extern int wrapped_GetPublicKey(int keyset, IntPtr cryptContext, int keyIDtype, IntPtr keyID);
2667 
2668  [DllImport("cl32.dll", EntryPoint="cryptGetPrivateKey")]
2669  private static extern int wrapped_GetPrivateKey(int keyset, IntPtr cryptContext, int keyIDtype, IntPtr keyID, IntPtr password);
2670 
2671  [DllImport("cl32.dll", EntryPoint="cryptGetKey")]
2672  private static extern int wrapped_GetKey(int keyset, IntPtr cryptContext, int keyIDtype, IntPtr keyID, IntPtr password);
2673 
2674  [DllImport("cl32.dll", EntryPoint="cryptAddPublicKey")]
2675  private static extern int wrapped_AddPublicKey(int keyset, int certificate);
2676 
2677  [DllImport("cl32.dll", EntryPoint="cryptAddPrivateKey")]
2678  private static extern int wrapped_AddPrivateKey(int keyset, int cryptKey, IntPtr password);
2679 
2680  [DllImport("cl32.dll", EntryPoint="cryptDeleteKey")]
2681  private static extern int wrapped_DeleteKey(int keyset, int keyIDtype, IntPtr keyID);
2682 
2683  [DllImport("cl32.dll", EntryPoint="cryptCreateCert")]
2684  private static extern int wrapped_CreateCert(IntPtr certificate, int cryptUser, int certType);
2685 
2686  [DllImport("cl32.dll", EntryPoint="cryptDestroyCert")]
2687  private static extern int wrapped_DestroyCert(int certificate);
2688 
2689  [DllImport("cl32.dll", EntryPoint="cryptGetCertExtension")]
2690  private static extern int wrapped_GetCertExtension(int certificate, IntPtr oid, IntPtr criticalFlag, IntPtr extension, int extensionMaxLength, IntPtr extensionLength);
2691 
2692  [DllImport("cl32.dll", EntryPoint="cryptAddCertExtension")]
2693  private static extern int wrapped_AddCertExtension(int certificate, IntPtr oid, int criticalFlag, IntPtr extension, int extensionLength);
2694 
2695  [DllImport("cl32.dll", EntryPoint="cryptDeleteCertExtension")]
2696  private static extern int wrapped_DeleteCertExtension(int certificate, IntPtr oid);
2697 
2698  [DllImport("cl32.dll", EntryPoint="cryptSignCert")]
2699  private static extern int wrapped_SignCert(int certificate, int signContext);
2700 
2701  [DllImport("cl32.dll", EntryPoint="cryptCheckCert")]
2702  private static extern int wrapped_CheckCert(int certificate, int sigCheckKey);
2703 
2704  [DllImport("cl32.dll", EntryPoint="cryptImportCert")]
2705  private static extern int wrapped_ImportCert(IntPtr certObject, int certObjectLength, int cryptUser, IntPtr certificate);
2706 
2707  [DllImport("cl32.dll", EntryPoint="cryptExportCert")]
2708  private static extern int wrapped_ExportCert(IntPtr certObject, int certObjectMaxLength, IntPtr certObjectLength, int certFormatType, int certificate);
2709 
2710  [DllImport("cl32.dll", EntryPoint="cryptCAAddItem")]
2711  private static extern int wrapped_CAAddItem(int keyset, int certificate);
2712 
2713  [DllImport("cl32.dll", EntryPoint="cryptCAGetItem")]
2714  private static extern int wrapped_CAGetItem(int keyset, IntPtr certificate, int certType, int keyIDtype, IntPtr keyID);
2715 
2716  [DllImport("cl32.dll", EntryPoint="cryptCADeleteItem")]
2717  private static extern int wrapped_CADeleteItem(int keyset, int certType, int keyIDtype, IntPtr keyID);
2718 
2719  [DllImport("cl32.dll", EntryPoint="cryptCACertManagement")]
2720  private static extern int wrapped_CACertManagement(IntPtr certificate, int action, int keyset, int caKey, int certRequest);
2721 
2722  [DllImport("cl32.dll", EntryPoint="cryptCreateEnvelope")]
2723  private static extern int wrapped_CreateEnvelope(IntPtr envelope, int cryptUser, int formatType);
2724 
2725  [DllImport("cl32.dll", EntryPoint="cryptDestroyEnvelope")]
2726  private static extern int wrapped_DestroyEnvelope(int envelope);
2727 
2728  [DllImport("cl32.dll", EntryPoint="cryptCreateSession")]
2729  private static extern int wrapped_CreateSession(IntPtr session, int cryptUser, int formatType);
2730 
2731  [DllImport("cl32.dll", EntryPoint="cryptDestroySession")]
2732  private static extern int wrapped_DestroySession(int session);
2733 
2734  [DllImport("cl32.dll", EntryPoint="cryptPushData")]
2735  private static extern int wrapped_PushData(int envelope, IntPtr buffer, int length, IntPtr bytesCopied);
2736 
2737  [DllImport("cl32.dll", EntryPoint="cryptFlushData")]
2738  private static extern int wrapped_FlushData(int envelope);
2739 
2740  [DllImport("cl32.dll", EntryPoint="cryptPopData")]
2741  private static extern int wrapped_PopData(int envelope, IntPtr buffer, int length, IntPtr bytesCopied);
2742 
2743  [DllImport("cl32.dll", EntryPoint="cryptDeviceOpen")]
2744  private static extern int wrapped_DeviceOpen(IntPtr device, int cryptUser, int deviceType, IntPtr name);
2745 
2746  [DllImport("cl32.dll", EntryPoint="cryptDeviceClose")]
2747  private static extern int wrapped_DeviceClose(int device);
2748 
2749  [DllImport("cl32.dll", EntryPoint="cryptDeviceQueryCapability")]
2750  private static extern int wrapped_DeviceQueryCapability(int device, int cryptAlgo, IntPtr cryptQueryInfo);
2751 
2752  [DllImport("cl32.dll", EntryPoint="cryptDeviceCreateContext")]
2753  private static extern int wrapped_DeviceCreateContext(int device, IntPtr cryptContext, int cryptAlgo);
2754 
2755  [DllImport("cl32.dll", EntryPoint="cryptLogin")]
2756  private static extern int wrapped_Login(IntPtr user, IntPtr name, IntPtr password);
2757 
2758  [DllImport("cl32.dll", EntryPoint="cryptLogout")]
2759  private static extern int wrapped_Logout(int user);
2760 
2761 
2762  /* Helper Functions */
2763 
2764  private static void processStatus(int status)
2765  {
2766  if (status < crypt.OK)
2767  throw new CryptException(status);
2768  }
2769 
2770 
2771  private static void processStatus(int status, int extraInfo)
2772  {
2773  if (status < crypt.OK)
2774  throw new CryptException(status, extraInfo);
2775  }
2776 
2777  private static void checkIndices(byte[] array, int sequenceOffset, int sequenceLength)
2778  {
2779  if (array == null)
2780  {
2781  if (sequenceOffset == 0)
2782  return;
2783  else
2784  throw new IndexOutOfRangeException();
2785  }
2786 
2787  int arrayLength = array.Length;
2788 
2789  if (sequenceOffset < 0 ||
2790  sequenceOffset >= arrayLength ||
2791  sequenceOffset + sequenceLength > arrayLength)
2792  throw new IndexOutOfRangeException();
2793  }
2794 
2795  private static void getPointer(byte[] buffer, int bufferOffset, ref GCHandle bufferHandle, ref IntPtr bufferPtr)
2796  {
2797  if (buffer == null)
2798  return;
2799  bufferHandle = GCHandle.Alloc(buffer, GCHandleType.Pinned);
2800  bufferPtr = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, bufferOffset);
2801  }
2802 
2803  private static void releasePointer(GCHandle bufferHandle)
2804  {
2805  if (bufferHandle.IsAllocated)
2806  bufferHandle.Free();
2807  }
2808 }
2809 
2810 [StructLayout(LayoutKind.Sequential, Pack=0, CharSet=CharSet.Ansi)]
2811 public class CRYPT_QUERY_INFO
2812 {
2813  [MarshalAs(UnmanagedType.ByValTStr, SizeConst=64)]public String algoName;
2814  public int blockSize;
2815  public int minKeySize;
2816  public int keySize;
2817  public int maxKeySize;
2818 
2819  public CRYPT_QUERY_INFO(){}
2820 
2821  public CRYPT_QUERY_INFO(String newAlgoName, int newBlockSize, int newMinKeySize, int newKeySize, int newMaxKeySize)
2822  {
2823  algoName = newAlgoName;
2824  blockSize = newBlockSize;
2825  minKeySize = newMinKeySize;
2826  keySize = newKeySize;
2827  maxKeySize = newMaxKeySize;
2828  }
2829 }
2830 
2831 [StructLayout(LayoutKind.Sequential, Pack=0, CharSet=CharSet.Ansi)]
2832 public class CRYPT_OBJECT_INFO
2833 {
2834  public int objectType;
2835  public int cryptAlgo;
2836  public int cryptMode;
2837  public int hashAlgo;
2838  [MarshalAs(UnmanagedType.ByValArray, SizeConst=32)]public byte[] salt;
2839  public int saltSize;
2840 
2841  public CRYPT_OBJECT_INFO()
2842  {
2843  salt = new byte[64];
2844  saltSize = 64;
2845  }
2846 
2847  public CRYPT_OBJECT_INFO(int newObjectType, int newCryptAlgo, int newCryptMode, int newHashAlgo, byte[] newSalt)
2848  {
2849  objectType = newObjectType;
2850  cryptAlgo = newCryptAlgo;
2851  cryptMode = newCryptMode;
2852  hashAlgo = newHashAlgo;
2853  }
2854 }
2855 
2856 public class CryptException : ApplicationException
2857 {
2858  public int Status { get { return (int)Data["Status"]; } }
2859 
2860  public int ExtraInfo { get { return (int)Data["ExtraInfo"]; } }
2861 
2862  public CryptException(int status)
2863  : base(convertMessage(status))
2864  {
2865  Data.Add("Status", status);
2866  }
2867 
2868  public CryptException(int status, int extra)
2869  : base(convertMessage(status))
2870  {
2871  Data.Add("Status", status);
2872  Data.Add("ExtraInfo", extra);
2873  }
2874 
2875  private static string convertMessage(int status)
2876  {
2877  String prefix = Convert.ToString(status) + ": ";
2878  switch (status)
2879  {
2880  case crypt.ERROR_PARAM1: return prefix + "Bad argument, parameter 1";
2881  case crypt.ERROR_PARAM2: return prefix + "Bad argument, parameter 2";
2882  case crypt.ERROR_PARAM3: return prefix + "Bad argument, parameter 3";
2883  case crypt.ERROR_PARAM4: return prefix + "Bad argument, parameter 4";
2884  case crypt.ERROR_PARAM5: return prefix + "Bad argument, parameter 5";
2885  case crypt.ERROR_PARAM6: return prefix + "Bad argument, parameter 6";
2886  case crypt.ERROR_PARAM7: return prefix + "Bad argument, parameter 7";
2887  case crypt.ERROR_MEMORY: return prefix + "Out of memory";
2888  case crypt.ERROR_NOTINITED: return prefix + "Data has not been initialised";
2889  case crypt.ERROR_INITED: return prefix + "Data has already been init'd";
2890  case crypt.ERROR_NOSECURE: return prefix + "Opn.not avail.at requested sec.level";
2891  case crypt.ERROR_RANDOM: return prefix + "No reliable random data available";
2892  case crypt.ERROR_FAILED: return prefix + "Operation failed";
2893  case crypt.ERROR_INTERNAL: return prefix + "Internal consistency check failed";
2894  case crypt.ERROR_NOTAVAIL: return prefix + "This type of opn.not available";
2895  case crypt.ERROR_PERMISSION: return prefix + "No permiss.to perform this operation";
2896  case crypt.ERROR_WRONGKEY: return prefix + "Incorrect key used to decrypt data";
2897  case crypt.ERROR_INCOMPLETE: return prefix + "Operation incomplete/still in progress";
2898  case crypt.ERROR_COMPLETE: return prefix + "Operation complete/can't continue";
2899  case crypt.ERROR_TIMEOUT: return prefix + "Operation timed out before completion";
2900  case crypt.ERROR_INVALID: return prefix + "Invalid/inconsistent information";
2901  case crypt.ERROR_SIGNALLED: return prefix + "Resource destroyed by extnl.event";
2902  case crypt.ERROR_OVERFLOW: return prefix + "Resources/space exhausted";
2903  case crypt.ERROR_UNDERFLOW: return prefix + "Not enough data available";
2904  case crypt.ERROR_BADDATA: return prefix + "Bad/unrecognised data format";
2905  case crypt.ERROR_SIGNATURE: return prefix + "Signature/integrity check failed";
2906  case crypt.ERROR_OPEN: return prefix + "Cannot open object";
2907  case crypt.ERROR_READ: return prefix + "Cannot read item from object";
2908  case crypt.ERROR_WRITE: return prefix + "Cannot write item to object";
2909  case crypt.ERROR_NOTFOUND: return prefix + "Requested item not found in object";
2910  case crypt.ERROR_DUPLICATE: return prefix + "Item already present in object";
2911  case crypt.ENVELOPE_RESOURCE: return prefix + "Need resource to proceed";
2912  default: return prefix + "Unknown Exception ?!?!";
2913  }
2914  }
2915 }
2916 
2917 }
Generated on Thu Jan 10 2013 10:00:43 for cryptlib by   doxygen 1.8.2