ArchiveReader Component
Properties Methods Events Config Settings Errors
The ArchiveReader component supports inspection and extraction of files from zip, tar, gzip and bzip2 archives.
Syntax
TsbxArchiveReader
Remarks
ArchiveReader shows and extracts archived files.
Property List
The following is the full list of the properties of the component with short descriptions. Click on the links for further details.
ArchiveType | The type of the archive file. |
DecryptionCertificates | A collection of decryption certificates. |
DecryptionPassword | The decryption password. |
FileData | The contents of the last extracted file. |
Files | Lists all files contained in the archive. |
FIPSMode | Reserved. |
HashAlgorithm | Returns the hash algorithm that was used to generate the signature. |
KnownCertificates | A collection of certificates to be used for signature validation. |
Opened | Indicates if the component is in the open state. |
SignatureValidationResult | The signature validation result. |
SigningCertificate | The certificate of the signature creator. |
Method List
The following is the full list of the methods of the component with short descriptions. Click on the links for further details.
Close | Closes the current archive. |
Config | Sets or retrieves a configuration setting. |
DoAction | Performs an additional action. |
Extract | Extracts a single file from the archive. |
ExtractAll | Extract all the files contained in the archive. |
Open | Opens an archive file. |
OpenBytes | Loads an archive file from a byte array. |
OpenStream | Loads an archive file from a stream. |
Event List
The following is the full list of the events fired by the component with short descriptions. Click on the links for further details.
AfterExtractFile | Marks the completion of extraction of an archived file. |
BeforeExtractFile | Marks the start of extraction of an archived file. |
DecryptionPasswordNeeded | Requests a decryption password, when needed. |
Error | Reports information about errors during archive processing. |
Notification | This event notifies the application about an underlying control flow event. |
Progress | Reports the progress of data extraction. |
RecipientFound | Informs the application that an archive is encrypted with a digital certificate. |
SignatureFound | Signifies the start of signature validation. |
Config Settings
The following is a list of config settings for the component with short descriptions. Click on the links for further details.
OverwriteExisting | Whether the component should overwrite existing files. |
TempPath | Path for storing temporary files. |
CheckKeyIntegrityBeforeUse | Enables or disable private key integrity check before use. |
CookieCaching | Specifies whether a cookie cache should be used for HTTP(S) transports. |
Cookies | Gets or sets local cookies for the component (supported for HTTPClient, RESTClient and SOAPClient only). |
DefDeriveKeyIterations | Specifies the default key derivation algorithm iteration count. |
EnableClientSideSSLFFDHE | Enables or disables finite field DHE key exchange support in TLS clients. |
GlobalCookies | Gets or sets global cookies for all the HTTP transports. |
HttpUserAgent | Specifies the user agent name to be used by all HTTP clients. |
LogDestination | Specifies the debug log destination. |
LogDetails | Specifies the debug log details to dump. |
LogFile | Specifies the debug log filename. |
LogFilters | Specifies the debug log filters. |
LogFlushMode | Specifies the log flush mode. |
LogLevel | Specifies the debug log level. |
LogMaxEventCount | Specifies the maximum number of events to cache before further action is taken. |
LogRotationMode | Specifies the log rotation mode. |
MaxASN1BufferLength | Specifies the maximal allowed length for ASN.1 primitive tag data. |
MaxASN1TreeDepth | Specifies the maximal depth for processed ASN.1 trees. |
OCSPHashAlgorithm | Specifies the hash algorithm to be used to identify certificates in OCSP requests. |
StaticDNS | Specifies whether static DNS rules should be used. |
StaticIPAddress[domain] | Gets or sets an IP address for the specified domain name. |
StaticIPAddresses | Gets or sets all the static DNS rules. |
Tag | Allows to store any custom data. |
UseOwnDNSResolver | Specifies whether the client components should use own DNS resolver. |
UseSharedSystemStorages | Specifies whether the validation engine should use a global per-process copy of the system certificate stores. |
UseSystemOAEPAndPSS | Enforces or disables the use of system-driven RSA OAEP and PSS computations. |
UseSystemRandom | Enables or disables the use of the OS PRNG. |
ArchiveType Property (ArchiveReader Component)
The type of the archive file.
Syntax
property ArchiveType: TsbxArchiveTypes read get_ArchiveType;
TsbxArchiveTypes = ( aftUnknown, aftZip, aftGzip, aftBzip2, aftTar, aftTarGzip, aftTarBzip2, aftSFX );
Default Value
aftUnknown
Remarks
Use this property to learn about the type (format) of the opened archive.
aftUnknown (0) | It was not possible to establish the type of the archive file. |
aftZip (1) | The archive contains data in ZIP format. |
aftGzip (2) | The archive file contains data in GZIP format. |
aftBzip2 (3) | The archive contains BZIP2 data. |
aftTar (4) | The archive contains a .tar file. |
aftTarGzip (5) | The archive contains a .tar.gz file. |
aftTarBzip2 (6) | The archive contains data in .tar.bz2 format. |
This property is read-only.
DecryptionCertificates Property (ArchiveReader Component)
A collection of decryption certificates.
Syntax
property DecryptionCertificates: TsbxCertificateList read get_DecryptionCertificates write set_DecryptionCertificates;
Remarks
Use this property to provide a collection of decryption certificates. All certificates should contain their respective private keys.
When processing an encrypted archive, the component will walk through the certificate list to locate the matching decryption certificate.
This property is not available at design time.
DecryptionPassword Property (ArchiveReader Component)
The decryption password.
Syntax
property DecryptionPassword: String read get_DecryptionPassword write set_DecryptionPassword;
Default Value
''
Remarks
Use this property to provide the decryption password for the archive.
FileData Property (ArchiveReader Component)
The contents of the last extracted file.
Syntax
property FileData: TBytes read get_FileData write set_FileData;
Remarks
Use this property to get the contents of the last extracted file with DataSource set to stBuffer (2).
This property is not available at design time.
Files Property (ArchiveReader Component)
Lists all files contained in the archive.
Syntax
property Files: TsbxArchivedFileList read get_Files;
Remarks
Use this collection property to walk through the list of files contained in the archive. Use individual file entries to cherry-pick the files that should be extracted by adjusting their Action property, or fine-tune extraction paths using LocalPath property.
This property is read-only and not available at design time.
FIPSMode Property (ArchiveReader Component)
Reserved.
Syntax
property FIPSMode: Boolean read get_FIPSMode write set_FIPSMode;
Default Value
false
Remarks
This property is reserved for future use.
HashAlgorithm Property (ArchiveReader Component)
Returns the hash algorithm that was used to generate the signature.
Syntax
property HashAlgorithm: String read get_HashAlgorithm;
Default Value
''
Remarks
Check this property after calling Extract to get the hash algorithm which was used to calculate the signature.
SB_HASH_ALGORITHM_SHA1 | SHA1 | |
SB_HASH_ALGORITHM_SHA224 | SHA224 | |
SB_HASH_ALGORITHM_SHA256 | SHA256 | |
SB_HASH_ALGORITHM_SHA384 | SHA384 | |
SB_HASH_ALGORITHM_SHA512 | SHA512 | |
SB_HASH_ALGORITHM_MD2 | MD2 | |
SB_HASH_ALGORITHM_MD4 | MD4 | |
SB_HASH_ALGORITHM_MD5 | MD5 | |
SB_HASH_ALGORITHM_RIPEMD160 | RIPEMD160 | |
SB_HASH_ALGORITHM_CRC32 | CRC32 | |
SB_HASH_ALGORITHM_SSL3 | SSL3 | |
SB_HASH_ALGORITHM_GOST_R3411_1994 | GOST1994 | |
SB_HASH_ALGORITHM_WHIRLPOOL | WHIRLPOOL | |
SB_HASH_ALGORITHM_POLY1305 | POLY1305 | |
SB_HASH_ALGORITHM_SHA3_224 | SHA3_224 | |
SB_HASH_ALGORITHM_SHA3_256 | SHA3_256 | |
SB_HASH_ALGORITHM_SHA3_384 | SHA3_384 | |
SB_HASH_ALGORITHM_SHA3_512 | SHA3_512 | |
SB_HASH_ALGORITHM_BLAKE2S_128 | BLAKE2S_128 | |
SB_HASH_ALGORITHM_BLAKE2S_160 | BLAKE2S_160 | |
SB_HASH_ALGORITHM_BLAKE2S_224 | BLAKE2S_224 | |
SB_HASH_ALGORITHM_BLAKE2S_256 | BLAKE2S_256 | |
SB_HASH_ALGORITHM_BLAKE2B_160 | BLAKE2B_160 | |
SB_HASH_ALGORITHM_BLAKE2B_256 | BLAKE2B_256 | |
SB_HASH_ALGORITHM_BLAKE2B_384 | BLAKE2B_384 | |
SB_HASH_ALGORITHM_BLAKE2B_512 | BLAKE2B_512 | |
SB_HASH_ALGORITHM_SHAKE_128 | SHAKE_128 | |
SB_HASH_ALGORITHM_SHAKE_256 | SHAKE_256 | |
SB_HASH_ALGORITHM_SHAKE_128_LEN | SHAKE_128_LEN | |
SB_HASH_ALGORITHM_SHAKE_256_LEN | SHAKE_256_LEN |
This property is read-only and not available at design time.
KnownCertificates Property (ArchiveReader Component)
A collection of certificates to be used for signature validation.
Syntax
property KnownCertificates: TsbxCertificateList read get_KnownCertificates write set_KnownCertificates;
Remarks
Use this property to provide a list of certificates to be used for signature validation.
This property is not available at design time.
Opened Property (ArchiveReader Component)
Indicates if the component is in the open state.
Syntax
property Opened: Boolean read get_Opened;
Default Value
false
Remarks
Use this property to check if the component provides access to an open archive file.
This property is read-only.
SignatureValidationResult Property (ArchiveReader Component)
The signature validation result.
Syntax
property SignatureValidationResult: TsbxSignatureValidities read get_SignatureValidationResult;
TsbxSignatureValidities = ( svtValid, svtUnknown, svtCorrupted, svtSignerNotFound, svtFailure );
Default Value
svtValid
Remarks
Use this property to check the result of the most recent signature validation.
svtValid | 0 | The signature is valid |
svtUnknown | 1 | Signature validity is unknown |
svtCorrupted | 2 | The signature is corrupted |
svtSignerNotFound | 3 | Failed to acquire the signing certificate. The signature cannot be validated. |
svtFailure | 4 | General failure |
This property is read-only and not available at design time.
SigningCertificate Property (ArchiveReader Component)
The certificate of the signature creator.
Syntax
property SigningCertificate: TsbxCertificate read get_SigningCertificate;
Remarks
Use this property to access the certificate that was used to create the signature.
This property is read-only and not available at design time.
Close Method (ArchiveReader Component)
Closes the current archive.
Syntax
procedure Close();
Remarks
Use this method to close the archive that is currently opened and release the associated memory. You won't be able to extract files or access the archive details after closing the archive.
Config Method (ArchiveReader Component)
Sets or retrieves a configuration setting.
Syntax
function Config(ConfigurationString: String): String;
Remarks
Config is a generic method available in every component. It is used to set and retrieve configuration settings for the component.
These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.
To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).
To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.
DoAction Method (ArchiveReader Component)
Performs an additional action.
Syntax
function DoAction(ActionID: String; ActionParams: String): String;
Remarks
DoAction is a generic method available in every component. It is used to perform an additional action introduced after the product major release. The list of actions is not fixed, and may be flexibly extended over time.
The unique identifier of the action is provided in ActionID parameter. ActionParams contains a list of parameters for the action in the form of PARAM1=VALUE1;PARAM2=VALUE2;....
Extract Method (ArchiveReader Component)
Extracts a single file from the archive.
Syntax
procedure Extract(Path: String; LocalPath: String; PreserveFullPath: Boolean);
Remarks
Use this method to extract a single file from the archive.
Pass the internal path to the entry in the archive via the Path parameter, and the path where to save the extracted entry via the LocalPath parameter. Set PreserveFullPath to true to enforce full-path extraction, in which case LocalPath would indicate the mount point at which the full Path needs to be rooted. If PreserveFullPath is false, the LocalPath provides the final location for the extracted file.
Use ExtractAll to extract all files at once.
ExtractAll Method (ArchiveReader Component)
Extract all the files contained in the archive.
Syntax
procedure ExtractAll(OutputPath: String; OverwriteExisting: Boolean);
Remarks
Use this method to extract all the files contained in the archive file. Pass the path where the extracted files should be saved via the OutputPath parameter. Existing files will be overwritten if the OverwriteExisting parameter is set to true.
You can cherry-pick the files to extract, as well as choose different extraction destinations (including files at custom locations, streams, or memory buffers) by subscribing to BeforeExtractFile and AfterExtractFile events.
Use Extract to extract a single file.
Open Method (ArchiveReader Component)
Opens an archive file.
Syntax
procedure Open(ArchiveType: Integer; ArchivePath: String);
Remarks
Call this method to open an archive file. Provide the archive type via the ArchiveType parameter, and the path via the ArchivePath parameter.
The following archive types (formats) are supported:
aftUnknown (0) | Unknown type. |
aftZip (1) | The archive contains data in ZIP format. |
aftGzip (2) | The archive file contains data in GZIP format. |
aftBzip2 (3) | The archive contains BZIP2 data. |
aftTarGzip (4) | The archive contains a .tar.gz file. |
aftTarBzip2 (5) | The archive contains data in .tar.bz2 format. |
OpenBytes Method (ArchiveReader Component)
Loads an archive file from a byte array.
Syntax
procedure OpenBytes(ArchiveType: Integer; ArchiveBytes: TBytes);
Remarks
Call this method to load an archive file from a byte array. Provide the archive type via the ArchiveType parameter, and the byte array containing the archive data via the ArchiveBytes parameter.
The following archive types (formats) are supported:
aftUnknown (0) | Unknown type. |
aftZip (1) | The archive contains data in ZIP format. |
aftGzip (2) | The archive file contains data in GZIP format. |
aftBzip2 (3) | The archive contains BZIP2 data. |
aftTarGzip (4) | The archive contains a .tar.gz file. |
aftTarBzip2 (5) | The archive contains data in .tar.bz2 format. |
OpenStream Method (ArchiveReader Component)
Loads an archive file from a stream.
Syntax
procedure OpenStream(ArchiveType: Integer; ArchiveStream: TStream);
Remarks
Call this method to load an archive file from a stream. Provide the archive type via the ArchiveType parameter, and the stream containing the archive data via the ArchiveStream parameter.
The following archive types (formats) are supported:
aftUnknown (0) | Unknown type. |
aftZip (1) | The archive contains data in ZIP format. |
aftGzip (2) | The archive file contains data in GZIP format. |
aftBzip2 (3) | The archive contains BZIP2 data. |
aftTarGzip (4) | The archive contains a .tar.gz file. |
aftTarBzip2 (5) | The archive contains data in .tar.bz2 format. |
AfterExtractFile Event (ArchiveReader Component)
Marks the completion of extraction of an archived file.
Syntax
type TAfterExtractFileEvent = procedure ( Sender: TObject; const Path: String; FileSize: Int64; DataSource: Integer ) of Object;
property OnAfterExtractFile: TAfterExtractFileEvent read FOnAfterExtractFile write FOnAfterExtractFile;
Remarks
Subscribe to this event to get notified about the completion of extraction of an archived file.
The Path parameter specifies the internal path to the entry inside the archive. The FileSize indicates the size of the decompressed file, and the DataSource specifies the type of the destination media.
fdsFile (0) | The data was saved to a file. |
fdsStream (1) | The data was saved into a stream assigned to FileStream property. |
fdsBuffer (2) | The file data is available in FileData buffer. |
BeforeExtractFile Event (ArchiveReader Component)
Marks the start of extraction of an archived file.
Syntax
type TBeforeExtractFileEvent = procedure ( Sender: TObject; const Path: String; FileSize: Int64; var DataSource: Integer; var ExtractionPath: String; var Skip: Boolean ) of Object;
property OnBeforeExtractFile: TBeforeExtractFileEvent read FOnBeforeExtractFile write FOnBeforeExtractFile;
Remarks
Subscribe to this event to be notified about the start of extraction of an archived entry. The handler of this event is a good place to tune up the destination media.
The Path parameter indicates the path to the extracted entry in the archive. The FileSize specifies the uncompressed size of the file. Set the by-reference DataSource parameter in accordance with the desired extraction media type:
fdsFile (0) | The data will be saved to a file indicated by the ExtractionPath parameter. You can change the path here. |
fdsStream (1) | The data will be saved into a stream assigned to FileStream property. |
fdsBuffer (2) | The file data will be saved to a buffer and returned via the FileData property. |
Use the Skip parameter to cancel extraction of this file and proceed to the next one.
DecryptionPasswordNeeded Event (ArchiveReader Component)
Requests a decryption password, when needed.
Syntax
type TDecryptionPasswordNeededEvent = procedure ( Sender: TObject; const PasswordTarget: String; var Cancel: Boolean ) of Object;
property OnDecryptionPasswordNeeded: TDecryptionPasswordNeededEvent read FOnDecryptionPasswordNeeded write FOnDecryptionPasswordNeeded;
Remarks
Component fires this event when it needs a password to decrypt the archive. Subscribe to this event if you expect to process encrypted archives.
Inside the event handler, please assign the correct password to DecryptionPassword property, or set Cancel parameter to true to terminate the processing.
Error Event (ArchiveReader Component)
Reports information about errors during archive processing.
Syntax
type TErrorEvent = procedure ( Sender: TObject; ErrorCode: Integer; const Description: String ) of Object;
property OnError: TErrorEvent read FOnError write FOnError;
Remarks
The event is fired in case of exceptional conditions during archive processing.
ErrorCode contains an error code and Description contains a textual description of the error.
Notification Event (ArchiveReader Component)
This event notifies the application about an underlying control flow event.
Syntax
type TNotificationEvent = procedure ( Sender: TObject; const EventID: String; const EventParam: String ) of Object;
property OnNotification: TNotificationEvent read FOnNotification write FOnNotification;
Remarks
The component fires this event to let the application know about some event, occurrence, or milestone in the component. For example, it may fire to report completion of the document processing. The list of events being reported is not fixed, and may be flexibly extended over time.
The unique identifier of the event is provided in EventID parameter. EventParam contains any parameters accompanying the occurrence. Depending on the type of the component, the exact action it is performing, or the document being processed, one or both may be omitted.
Progress Event (ArchiveReader Component)
Reports the progress of data extraction.
Syntax
type TProgressEvent = procedure ( Sender: TObject; Processed: Int64; Total: Int64; OverallProcessed: Int64; OverallTotal: Int64; var Cancel: Boolean ) of Object;
property OnProgress: TProgressEvent read FOnProgress write FOnProgress;
Remarks
Subscribe to this event to be notified about decompression progress.
Processed and Total report the progress of extraction of the current entry; OverallProcessed and OverallTotal report the progress of the whole operation. Set Cancel to true to stop the operation.
RecipientFound Event (ArchiveReader Component)
Informs the application that an archive is encrypted with a digital certificate.
Syntax
type TRecipientFoundEvent = procedure ( Sender: TObject; RecipientHash: TBytes; CertFound: Boolean ) of Object;
property OnRecipientFound: TRecipientFoundEvent read FOnRecipientFound write FOnRecipientFound;
Remarks
The component fires this event when processing archives encrypted with an X.509 certificate. CertFound indicates whether the matching certificate has been found in DecryptionCertificates collection.
This event is an opportunity to add the decryption certificate on a later stage if it was not known at the start of the processing.
SignatureFound Event (ArchiveReader Component)
Signifies the start of signature validation.
Syntax
type TSignatureFoundEvent = procedure ( Sender: TObject; const IssuerRDN: String; SerialNumber: TBytes; SubjectKeyID: TBytes; CertFound: Boolean; var ValidateSignature: Boolean; var ValidateChain: Boolean ) of Object;
property OnSignatureFound: TSignatureFoundEvent read FOnSignatureFound write FOnSignatureFound;
Remarks
This event tells the application that signature validation is about to start, and provides the details about the signer's certificate via its IssuerRDN, SerialNumber, and SubjectKeyID parameters. It fires for every signature located in the verified document or message.
The CertFound is set to True if the component has found the needed certificate in one of the known locations, and to False otherwise, in which case you must provide it manually via KnownCertificates property.
Signature validation consists of two independent stages: cryptographic signature validation and chain validation. Separate validation results are reported for each, with SignatureValidationResult and ChainValidationResult properties respectively.
Use the ValidateSignature and ValidateChain parameters to tell the verifier which stages to include in the validation.
ArchivedFile Type
Provides information about the compressed file.
Remarks
Use this type to access compressed file details.
Fields
Action TsbxActions |
The action to apply to the file. Use this property to control the action that should be applied to the file during the compression or extraction. The following actions are supported:
|
||||||||||||
CompressedSize Int64 |
The size of the file after compression. |
||||||||||||
DataSource TsbxFileDataSources |
The type of the data source for this entry. Use this property to control the data source for this entry.
|
||||||||||||
Directory Boolean |
Tells if the entry is a directory or a regular file. |
||||||||||||
EncryptionAlgorithm String |
Returns the symmetric algorithm that was used to encrypt the file. |
||||||||||||
EncryptionKeyLength Integer |
Returns the length, in bits, of the encryption key. |
||||||||||||
EncryptionType TsbxEncryptionTypes |
The type of encryption applied to the file. Use this property to find out what kind of encryption was applied to the file.
|
||||||||||||
FileName String |
The original name of the compressed file or folder. |
||||||||||||
Folder String |
The containing folder of the entry. |
||||||||||||
LocalPath String |
The local path associated with this entry. It typically specifies the source path that the data should be taken from, or the destination it should be extracted to. |
||||||||||||
MTime String |
The entry's last modification time. |
||||||||||||
NewFile Boolean |
Indicates whether the entry corresponds to a file to be added to the archive. |
||||||||||||
Path String |
The full internal path of the archived entry. |
||||||||||||
SignatureCount Integer |
The number of signatures covering the entry. |
||||||||||||
Signed Boolean |
Indicates whether the entry is signed. |
||||||||||||
Size Int64 |
The size of the file before compression. |
Constructors
>
constructor Create();
Creates a new ArchivedFile object.
Certificate Type
Provides details of an individual X.509 certificate.
Remarks
This type provides access to X.509 certificate details.
Fields
Bytes TBytes |
Returns raw certificate data in DER format. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CA Boolean |
Indicates whether the certificate has a CA capability (a setting in BasicConstraints extension). |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CAKeyID TBytes |
A unique identifier (fingerprint) of the CA certificate's private key. Authority Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates produced by the same issuer, but with different public keys. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CRLDistributionPoints String |
Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Curve String |
Specifies the elliptic curve of the EC public key.
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Fingerprint TBytes |
Contains the fingerprint (a hash imprint) of this certificate. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
FriendlyName String |
Contains an associated alias (friendly name) of the certificate. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Handle Int64 |
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise. When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
HashAlgorithm String |
Specifies the hash algorithm to be used in the operations on the certificate (such as key signing)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Issuer String |
The common name of the certificate issuer (CA), typically a company name. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
IssuerRDN String |
A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
KeyAlgorithm String |
Specifies the public key algorithm of this certificate.
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
KeyBits Integer |
Returns the length of the public key. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
KeyFingerprint TBytes |
Returns a fingerprint of the public key contained in the certificate. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
KeyUsage Integer |
Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set. This value is a bit mask of the following values:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
KeyValid Boolean |
Returns True if the certificate's key is cryptographically valid, and False otherwise. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OCSPLocations String |
Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OCSPNoCheck Boolean |
Accessor to the value of the certificates ocsp-no-check extension. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Origin Integer |
Returns the origin of this certificate. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PolicyIDs String |
Contains identifiers (OIDs) of the applicable certificate policies. The Certificate Policies extension identifies a sequence of policies under which the certificate has been issued, and which regulate its usage. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PrivateKeyBytes TBytes |
Contains the certificate's private key. It is normal for this property to be empty if the private key is non-exportable. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PrivateKeyExists Boolean |
Indicates whether the certificate has an associated private key. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PrivateKeyExtractable Boolean |
Indicates whether the private key is extractable |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PublicKeyBytes TBytes |
Contains the certificate's public key in DER format. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
QualifiedStatements TsbxQualifiedStatementsTypes |
Returns the qualified status of the certificate. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
SelfSigned Boolean |
Indicates whether the certificate is self-signed (root) or signed by an external CA. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
SerialNumber TBytes |
Returns the certificate's serial number. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
SigAlgorithm String |
Indicates the algorithm that was used by the CA to sign this certificate. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Subject String |
The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
SubjectAlternativeName String |
Returns or sets the value of the Subject Alternative Name extension of the certificate. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
SubjectKeyID TBytes |
Contains a unique identifier (fingerprint) of the certificate's private key. Subject Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates containing a particular public key. In SecureBlackbox, the unique identifier is represented with a SHA1 hash of the bit string of the subject public key. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
SubjectRDN String |
A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject). |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
ValidFrom String |
The time point at which the certificate becomes valid, in UTC. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
ValidTo String |
The time point at which the certificate expires, in UTC. |
Constructors
>
constructor Create();
Creates a new object with default field values.
Config Settings (ArchiveReader Component)
The component accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.ArchiveReader Config Settings | ||||||||||||||||||||||||||||||
OverwriteExisting: Whether the component should overwrite existing files.Enable this property to force overwriting of existing files. | ||||||||||||||||||||||||||||||
TempPath: Path for storing temporary files.This setting specifies an absolute path to the location on disk where temporary files are stored. | ||||||||||||||||||||||||||||||
Base Config Settings | ||||||||||||||||||||||||||||||
CheckKeyIntegrityBeforeUse:
Enables or disable private key integrity check before use.This global property enables or disables private key material check before each signing operation. This slows down performance a bit,
but prevents a selection of attacks on RSA keys where keys with unknown origins are used.
You can switch this property off to improve performance if your project only uses known, good private keys. |
||||||||||||||||||||||||||||||
CookieCaching:
Specifies whether a cookie cache should be used for HTTP(S) transports.Set this property to enable or disable cookies caching for the component.
Supported values are:
|
||||||||||||||||||||||||||||||
Cookies: Gets or sets local cookies for the component (supported for HTTPClient, RESTClient and SOAPClient only).Use this property to get cookies from the internal cookie storage of the component and/or restore them back between application sessions. | ||||||||||||||||||||||||||||||
DefDeriveKeyIterations: Specifies the default key derivation algorithm iteration count.This global property sets the default number of iterations for all supported key derivation algorithms. Note that you can provide the required number of iterations by using properties of the relevant key generation component; this global setting is used in scenarios where specific iteration count is not or cannot be provided. | ||||||||||||||||||||||||||||||
EnableClientSideSSLFFDHE:
Enables or disables finite field DHE key exchange support in TLS clients.This global property enables or disables support for finite field DHE key exchange methods in TLS clients. FF DHE is a slower
algorithm if compared to EC DHE; enabling it may result in slower connections.
This setting only applies to sessions negotiated with TLS version 1.3. |
||||||||||||||||||||||||||||||
GlobalCookies: Gets or sets global cookies for all the HTTP transports.Use this property to get cookies from the GLOBAL cookie storage or restore them back between application sessions. These cookies will be used by all the components that have its CookieCaching property set to "global". | ||||||||||||||||||||||||||||||
HttpUserAgent: Specifies the user agent name to be used by all HTTP clients.This global setting defines the User-Agent field of the HTTP request provides information about the software that initiates the request. This value will be used by all the HTTP clients including the ones used internally in other components. | ||||||||||||||||||||||||||||||
LogDestination:
Specifies the debug log destination.Contains a comma-separated list of values that specifies where debug log should be dumped.
Supported values are:
|
||||||||||||||||||||||||||||||
LogDetails:
Specifies the debug log details to dump.Contains a comma-separated list of values that specifies which debug log details to dump.
Supported values are:
|
||||||||||||||||||||||||||||||
LogFile: Specifies the debug log filename.Use this property to provide a path to the log file. | ||||||||||||||||||||||||||||||
LogFilters:
Specifies the debug log filters.Contains a comma-separated list of value pairs ("name:value") that describe filters.
Supported filter names are:
|
||||||||||||||||||||||||||||||
LogFlushMode:
Specifies the log flush mode.Use this property to set the log flush mode. The following values are defined:
|
||||||||||||||||||||||||||||||
LogLevel:
Specifies the debug log level.Use this property to provide the desired debug log level.
Supported values are:
|
||||||||||||||||||||||||||||||
LogMaxEventCount:
Specifies the maximum number of events to cache before further action is taken.Use this property to specify the log event number threshold. This threshold may have different effects,
depending on the rotation setting and/or the flush mode.
The default value of this setting is 100. |
||||||||||||||||||||||||||||||
LogRotationMode:
Specifies the log rotation mode.Use this property to set the log rotation mode. The following values are defined:
|
||||||||||||||||||||||||||||||
MaxASN1BufferLength: Specifies the maximal allowed length for ASN.1 primitive tag data.This global property limits the maximal allowed length for ASN.1 tag data for non-content-carrying structures, such as certificates, CRLs, or timestamps. It does not affect structures that can carry content, such as CMS/CAdES messages. This is a security property aiming at preventing DoS attacks. | ||||||||||||||||||||||||||||||
MaxASN1TreeDepth: Specifies the maximal depth for processed ASN.1 trees.This global property limits the maximal depth of ASN.1 trees that the component can handle without throwing an error. This is a security property aiming at preventing DoS attacks. | ||||||||||||||||||||||||||||||
OCSPHashAlgorithm: Specifies the hash algorithm to be used to identify certificates in OCSP requests.This global setting defines the hash algorithm to use in OCSP requests during chain validation. Some OCSP responders can only use older algorithms, in which case setting this property to SHA1 may be helpful. | ||||||||||||||||||||||||||||||
StaticDNS:
Specifies whether static DNS rules should be used.Set this property to enable or disable static DNS rules for the component. Works only if UseOwnDNSResolver is set to true.
Supported values are:
|
||||||||||||||||||||||||||||||
StaticIPAddress[domain]: Gets or sets an IP address for the specified domain name.Use this property to get or set an IP address for the specified domain name in the internal (of the component) or global DNS rules storage depending on the StaticDNS value. The type of the IP address (IPv4 or IPv6) is determined automatically. If both addresses are available, they are devided by the | (pipe) character. | ||||||||||||||||||||||||||||||
StaticIPAddresses: Gets or sets all the static DNS rules.Use this property to get static DNS rules from the current rules storage or restore them back between application sessions. If StaticDNS of the component is set to "local", the property returns/restores the rules from/to the internal storage of the component. If StaticDNS of the component is set to "global", the property returns/restores the rules from/to the GLOBAL storage. The rules list is returned and accepted in JSON format. | ||||||||||||||||||||||||||||||
Tag: Allows to store any custom data.Use this config property to store any custom data. | ||||||||||||||||||||||||||||||
UseOwnDNSResolver: Specifies whether the client components should use own DNS resolver.Set this global property to false to force all the client components to use the DNS resolver provided by the target OS instead of using own one. | ||||||||||||||||||||||||||||||
UseSharedSystemStorages: Specifies whether the validation engine should use a global per-process copy of the system certificate stores.Set this global property to false to make each validation run use its own copy of system certificate stores. | ||||||||||||||||||||||||||||||
UseSystemOAEPAndPSS:
Enforces or disables the use of system-driven RSA OAEP and PSS computations.This global setting defines who is responsible for performing RSA-OAEP and RSA-PSS computations where the private key is stored in a Windows system store and is exportable.
If set to true, SBB will delegate the computations to Windows via a CryptoAPI call. Otherwise, it will export the key material and perform the computations
using its own OAEP/PSS implementation.
This setting only applies to certificates originating from a Windows system store. |
||||||||||||||||||||||||||||||
UseSystemRandom: Enables or disables the use of the OS PRNG.Use this global property to enable or disable the use of operating system-driven pseudorandom number generation. |