master
1/**
2 * This file has no copyright assigned and is placed in the Public Domain.
3 * This file is part of the mingw-w64 runtime package.
4 * No warranty is given; refer to the file DISCLAIMER.PD within this package.
5 */
6#ifndef __WINCRYPT_H__
7#define __WINCRYPT_H__
8
9#include <_mingw.h>
10#include <_mingw_unicode.h>
11#include <guiddef.h>
12#include <winapifamily.h>
13
14#ifdef __cplusplus
15extern "C" {
16#endif
17
18#ifndef _HRESULT_DEFINED
19#define _HRESULT_DEFINED
20 typedef LONG HRESULT;
21#endif
22
23#ifndef DECLSPEC_IMPORT
24#ifndef __WIDL__
25#define DECLSPEC_IMPORT __declspec(dllimport)
26#else
27#define DECLSPEC_IMPORT
28#endif
29#endif
30
31#ifndef WINIMPM
32#define WINIMPM DECLSPEC_IMPORT
33#endif
34
35#include <apisetcconv.h>
36
37#ifndef WINAPI
38#if defined(_ARM_)
39#define WINAPI
40#else
41#define WINAPI __stdcall
42#endif
43#endif
44
45#ifndef CALLBACK
46#if defined(_ARM_)
47#define CALLBACK
48#else
49#define CALLBACK __stdcall
50#endif
51#endif
52
53#ifndef CONST
54#define CONST const
55#endif
56
57#ifndef _NO_W32_PSEUDO_MODIFIERS
58#ifndef IN
59#define IN
60#endif
61
62#ifndef OUT
63#define OUT
64#endif
65
66#ifndef OPTIONAL
67#define OPTIONAL
68#endif
69#endif
70
71#ifndef WINCRYPT32API
72#define WINCRYPT32API WINIMPM
73#endif
74
75#ifndef WINCRYPT32STRINGAPI
76#define WINCRYPT32STRINGAPI WINIMPM
77#endif
78
79#define GET_ALG_CLASS(x) (x & (7 << 13))
80#define GET_ALG_TYPE(x) (x & (15 << 9))
81#define GET_ALG_SID(x) (x & 511)
82
83#define ALG_CLASS_ANY (0)
84#define ALG_CLASS_SIGNATURE (1 << 13)
85#define ALG_CLASS_MSG_ENCRYPT (2 << 13)
86#define ALG_CLASS_DATA_ENCRYPT (3 << 13)
87#define ALG_CLASS_HASH (4 << 13)
88#define ALG_CLASS_KEY_EXCHANGE (5 << 13)
89#define ALG_CLASS_ALL (7 << 13)
90
91#define ALG_TYPE_ANY (0)
92#define ALG_TYPE_DSS (1 << 9)
93#define ALG_TYPE_RSA (2 << 9)
94#define ALG_TYPE_BLOCK (3 << 9)
95#define ALG_TYPE_STREAM (4 << 9)
96#define ALG_TYPE_DH (5 << 9)
97#define ALG_TYPE_SECURECHANNEL (6 << 9)
98#if NTDDI_VERSION >= NTDDI_VISTA
99#define ALG_TYPE_ECDH (7 << 9)
100#endif
101#if NTDDI_VERSION >= NTDDI_WIN10_RS1
102#define ALG_TYPE_THIRDPARTY (8 << 9)
103#endif
104
105#define ALG_SID_ANY (0)
106
107#if NTDDI_VERSION >= NTDDI_WIN10_RS1
108#define ALG_SID_THIRDPARTY_ANY (0)
109#endif
110
111#define ALG_SID_RSA_ANY 0
112#define ALG_SID_RSA_PKCS 1
113#define ALG_SID_RSA_MSATWORK 2
114#define ALG_SID_RSA_ENTRUST 3
115#define ALG_SID_RSA_PGP 4
116
117#define ALG_SID_DSS_ANY 0
118#define ALG_SID_DSS_PKCS 1
119#define ALG_SID_DSS_DMS 2
120#if NTDDI_VERSION >= NTDDI_VISTA
121#define ALG_SID_ECDSA 3
122#endif
123
124#define ALG_SID_DES 1
125#define ALG_SID_3DES 3
126#define ALG_SID_DESX 4
127#define ALG_SID_IDEA 5
128#define ALG_SID_CAST 6
129#define ALG_SID_SAFERSK64 7
130#define ALG_SID_SAFERSK128 8
131#define ALG_SID_3DES_112 9
132#define ALG_SID_SKIPJACK 10
133#define ALG_SID_TEK 11
134#define ALG_SID_CYLINK_MEK 12
135#define ALG_SID_RC5 13
136#if NTDDI_VERSION >= NTDDI_WINXP
137#define ALG_SID_AES_128 14
138#define ALG_SID_AES_192 15
139#define ALG_SID_AES_256 16
140#define ALG_SID_AES 17
141#endif
142
143#define CRYPT_MODE_CBCI 6
144#define CRYPT_MODE_CFBP 7
145#define CRYPT_MODE_OFBP 8
146#define CRYPT_MODE_CBCOFM 9
147#define CRYPT_MODE_CBCOFMI 10
148
149#define ALG_SID_RC2 2
150
151#define ALG_SID_RC4 1
152#define ALG_SID_SEAL 2
153
154#define ALG_SID_DH_SANDF 1
155#define ALG_SID_DH_EPHEM 2
156#define ALG_SID_AGREED_KEY_ANY 3
157#define ALG_SID_KEA 4
158#if NTDDI_VERSION >= NTDDI_VISTA
159#define ALG_SID_ECDH 5
160#define ALG_SID_ECDH_EPHEM 6
161#endif
162
163#define ALG_SID_MD2 1
164#define ALG_SID_MD4 2
165#define ALG_SID_MD5 3
166#define ALG_SID_SHA 4
167#define ALG_SID_SHA1 4
168#define ALG_SID_MAC 5
169#define ALG_SID_RIPEMD 6
170#define ALG_SID_RIPEMD160 7
171#define ALG_SID_SSL3SHAMD5 8
172#define ALG_SID_HMAC 9
173#define ALG_SID_TLS1PRF 10
174#if NTDDI_VERSION >= NTDDI_WINXP
175#define ALG_SID_HASH_REPLACE_OWF 11
176#endif
177#if NTDDI_VERSION > NTDDI_WINXPSP2
178#define ALG_SID_SHA_256 12
179#define ALG_SID_SHA_384 13
180#define ALG_SID_SHA_512 14
181#endif
182
183#define ALG_SID_SSL3_MASTER 1
184#define ALG_SID_SCHANNEL_MASTER_HASH 2
185#define ALG_SID_SCHANNEL_MAC_KEY 3
186#define ALG_SID_PCT1_MASTER 4
187#define ALG_SID_SSL2_MASTER 5
188#define ALG_SID_TLS1_MASTER 6
189#define ALG_SID_SCHANNEL_ENC_KEY 7
190
191#if NTDDI_VERSION >= NTDDI_VISTA
192#define ALG_SID_ECMQV 1
193#endif
194
195#define ALG_SID_EXAMPLE 80
196
197#ifndef ALGIDDEF
198#define ALGIDDEF
199 typedef unsigned int ALG_ID;
200#endif
201
202#define CALG_MD2 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD2)
203#define CALG_MD4 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD4)
204#define CALG_MD5 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD5)
205#define CALG_SHA (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA)
206#define CALG_SHA1 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA1)
207#define CALG_MAC (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MAC)
208#define CALG_RSA_SIGN (ALG_CLASS_SIGNATURE | ALG_TYPE_RSA | ALG_SID_RSA_ANY)
209#define CALG_DSS_SIGN (ALG_CLASS_SIGNATURE | ALG_TYPE_DSS | ALG_SID_DSS_ANY)
210#if NTDDI_VERSION >= NTDDI_WINXP
211#define CALG_NO_SIGN (ALG_CLASS_SIGNATURE | ALG_TYPE_ANY | ALG_SID_ANY)
212#endif
213#define CALG_RSA_KEYX (ALG_CLASS_KEY_EXCHANGE|ALG_TYPE_RSA|ALG_SID_RSA_ANY)
214#define CALG_DES (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_DES)
215#define CALG_3DES_112 (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_3DES_112)
216#define CALG_3DES (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_3DES)
217#define CALG_DESX (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_DESX)
218#define CALG_RC2 (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_RC2)
219#define CALG_RC4 (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_STREAM|ALG_SID_RC4)
220#define CALG_SEAL (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_STREAM|ALG_SID_SEAL)
221#define CALG_DH_SF (ALG_CLASS_KEY_EXCHANGE|ALG_TYPE_DH|ALG_SID_DH_SANDF)
222#define CALG_DH_EPHEM (ALG_CLASS_KEY_EXCHANGE|ALG_TYPE_DH|ALG_SID_DH_EPHEM)
223#define CALG_AGREEDKEY_ANY (ALG_CLASS_KEY_EXCHANGE|ALG_TYPE_DH|ALG_SID_AGREED_KEY_ANY)
224#define CALG_KEA_KEYX (ALG_CLASS_KEY_EXCHANGE|ALG_TYPE_DH|ALG_SID_KEA)
225#define CALG_HUGHES_MD5 (ALG_CLASS_KEY_EXCHANGE|ALG_TYPE_ANY|ALG_SID_MD5)
226#define CALG_SKIPJACK (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_SKIPJACK)
227#define CALG_TEK (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_TEK)
228#define CALG_CYLINK_MEK (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_CYLINK_MEK)
229#define CALG_SSL3_SHAMD5 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SSL3SHAMD5)
230#define CALG_SSL3_MASTER (ALG_CLASS_MSG_ENCRYPT|ALG_TYPE_SECURECHANNEL|ALG_SID_SSL3_MASTER)
231#define CALG_SCHANNEL_MASTER_HASH (ALG_CLASS_MSG_ENCRYPT|ALG_TYPE_SECURECHANNEL|ALG_SID_SCHANNEL_MASTER_HASH)
232#define CALG_SCHANNEL_MAC_KEY (ALG_CLASS_MSG_ENCRYPT|ALG_TYPE_SECURECHANNEL|ALG_SID_SCHANNEL_MAC_KEY)
233#define CALG_SCHANNEL_ENC_KEY (ALG_CLASS_MSG_ENCRYPT|ALG_TYPE_SECURECHANNEL|ALG_SID_SCHANNEL_ENC_KEY)
234#define CALG_PCT1_MASTER (ALG_CLASS_MSG_ENCRYPT|ALG_TYPE_SECURECHANNEL|ALG_SID_PCT1_MASTER)
235#define CALG_SSL2_MASTER (ALG_CLASS_MSG_ENCRYPT|ALG_TYPE_SECURECHANNEL|ALG_SID_SSL2_MASTER)
236#define CALG_TLS1_MASTER (ALG_CLASS_MSG_ENCRYPT|ALG_TYPE_SECURECHANNEL|ALG_SID_TLS1_MASTER)
237#define CALG_RC5 (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_RC5)
238#define CALG_HMAC (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_HMAC)
239#define CALG_TLS1PRF (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_TLS1PRF)
240#if NTDDI_VERSION >= NTDDI_WINXP
241#define CALG_HASH_REPLACE_OWF (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_HASH_REPLACE_OWF)
242#define CALG_AES_128 (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_AES_128)
243#define CALG_AES_192 (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_AES_192)
244#define CALG_AES_256 (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_AES_256)
245#define CALG_AES (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_AES)
246#endif
247#if NTDDI_VERSION > NTDDI_WINXPSP2
248#define CALG_SHA_256 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_256)
249#define CALG_SHA_384 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_384)
250#define CALG_SHA_512 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_512)
251#endif
252#if NTDDI_VERSION >= NTDDI_VISTA
253#define CALG_ECDH (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_ECDH)
254#define CALG_ECDH_EPHEM (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_ECDH | ALG_SID_ECDH_EPHEM)
255#define CALG_ECMQV (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_ANY | ALG_SID_ECMQV)
256#define CALG_ECDSA (ALG_CLASS_SIGNATURE | ALG_TYPE_DSS | ALG_SID_ECDSA)
257#define CALG_NULLCIPHER (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_ANY | 0)
258#endif
259#if NTDDI_VERSION >= NTDDI_WIN10_RS1
260#define CALG_THIRDPARTY_KEY_EXCHANGE (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_THIRDPARTY | ALG_SID_THIRDPARTY_ANY)
261#define CALG_THIRDPARTY_SIGNATURE (ALG_CLASS_SIGNATURE | ALG_TYPE_THIRDPARTY | ALG_SID_THIRDPARTY_ANY)
262#define CALG_THIRDPARTY_CIPHER (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_THIRDPARTY | ALG_SID_THIRDPARTY_ANY)
263#define CALG_THIRDPARTY_HASH (ALG_CLASS_HASH | ALG_TYPE_THIRDPARTY | ALG_SID_THIRDPARTY_ANY)
264#endif
265
266#if NTDDI_VERSION < NTDDI_WINXP
267#define SIGNATURE_RESOURCE_NUMBER 0x29A
268
269 typedef struct _VTableProvStruc {
270 DWORD Version;
271 FARPROC FuncVerifyImage;
272 FARPROC FuncReturnhWnd;
273 DWORD dwProvType;
274 BYTE *pbContextInfo;
275 DWORD cbContextInfo;
276 LPSTR pszProvName;
277 } VTableProvStruc, *PVTableProvStruc;
278#endif
279
280/* In ncrypt.h too */
281#ifndef HCRYPTPROV_DEFINED
282#define HCRYPTPROV_DEFINED
283 typedef ULONG_PTR HCRYPTHASH;
284 typedef ULONG_PTR HCRYPTKEY;
285 typedef ULONG_PTR HCRYPTPROV;
286#endif
287
288#define CRYPT_VERIFYCONTEXT 0xf0000000
289#define CRYPT_NEWKEYSET 0x8
290#define CRYPT_DELETEKEYSET 0x10
291#define CRYPT_MACHINE_KEYSET 0x20
292#define CRYPT_SILENT 0x40
293#if NTDDI_VERSION >= NTDDI_VISTA
294#define CRYPT_DEFAULT_CONTAINER_OPTIONAL 0x80
295#endif
296
297#define CRYPT_EXPORTABLE 0x1
298#define CRYPT_USER_PROTECTED 0x2
299#define CRYPT_CREATE_SALT 0x4
300#define CRYPT_UPDATE_KEY 0x8
301#define CRYPT_NO_SALT 0x10
302#define CRYPT_PREGEN 0x40
303#define CRYPT_RECIPIENT 0x10
304#define CRYPT_INITIATOR 0x40
305#define CRYPT_ONLINE 0x80
306#define CRYPT_SF 0x100
307#define CRYPT_CREATE_IV 0x200
308#define CRYPT_KEK 0x400
309#define CRYPT_DATA_KEY 0x800
310#define CRYPT_VOLATILE 0x1000
311#define CRYPT_SGCKEY 0x2000
312#if NTDDI_VERSION >= NTDDI_WINXP
313#define CRYPT_ARCHIVABLE 0x4000
314#endif
315#if NTDDI_VERSION >= NTDDI_VISTA
316#define CRYPT_FORCE_KEY_PROTECTION_HIGH 0x8000
317#endif
318#define CRYPT_USER_PROTECTED_STRONG 0x100000
319
320#define RSA1024BIT_KEY 0x4000000
321
322#define CRYPT_SERVER 0x400
323
324#define KEY_LENGTH_MASK 0xffff0000
325
326#define CRYPT_Y_ONLY 0x1
327#define CRYPT_SSL2_FALLBACK 0x2
328#define CRYPT_DESTROYKEY 0x4
329#if NTDDI_VERSION >= NTDDI_WS03
330#define CRYPT_DECRYPT_RSA_NO_PADDING_CHECK 0x20
331#endif
332#define CRYPT_OAEP 0x40
333#define CRYPT_BLOB_VER3 0x80
334#if NTDDI_VERSION >= NTDDI_WINXP
335#define CRYPT_IPSEC_HMAC_KEY 0x100
336#endif
337
338#define CRYPT_SECRETDIGEST 0x1
339#if NTDDI_VERSION >= NTDDI_WINXP
340#define CRYPT_OWF_REPL_LM_HASH 0x1
341#endif
342#define CRYPT_LITTLE_ENDIAN 0x1
343
344#define CRYPT_NOHASHOID 0x1
345#define CRYPT_TYPE2_FORMAT 0x2
346#define CRYPT_X931_FORMAT 0x4
347
348#define CRYPT_MACHINE_DEFAULT 0x1
349#define CRYPT_USER_DEFAULT 0x2
350#define CRYPT_DELETE_DEFAULT 0x4
351
352#define SIMPLEBLOB 0x1
353#define PUBLICKEYBLOB 0x6
354#define PRIVATEKEYBLOB 0x7
355#define PLAINTEXTKEYBLOB 0x8
356#define OPAQUEKEYBLOB 0x9
357#define PUBLICKEYBLOBEX 0xa
358#define SYMMETRICWRAPKEYBLOB 0xb
359#if NTDDI_VERSION >= NTDDI_WS03
360#define KEYSTATEBLOB 0xc
361#endif
362
363#define AT_KEYEXCHANGE 1
364#define AT_SIGNATURE 2
365
366#define CRYPT_USERDATA 1
367
368#define KP_IV 1
369#define KP_SALT 2
370#define KP_PADDING 3
371#define KP_MODE 4
372#define KP_MODE_BITS 5
373#define KP_PERMISSIONS 6
374#define KP_ALGID 7
375#define KP_BLOCKLEN 8
376#define KP_KEYLEN 9
377#define KP_SALT_EX 10
378#define KP_P 11
379#define KP_G 12
380#define KP_Q 13
381#define KP_X 14
382#define KP_Y 15
383#define KP_RA 16
384#define KP_RB 17
385#define KP_INFO 18
386#define KP_EFFECTIVE_KEYLEN 19
387#define KP_SCHANNEL_ALG 20
388#define KP_CLIENT_RANDOM 21
389#define KP_SERVER_RANDOM 22
390#define KP_RP 23
391#define KP_PRECOMP_MD5 24
392#define KP_PRECOMP_SHA 25
393#define KP_CERTIFICATE 26
394#define KP_CLEAR_KEY 27
395#define KP_PUB_EX_LEN 28
396#define KP_PUB_EX_VAL 29
397#define KP_KEYVAL 30
398#define KP_ADMIN_PIN 31
399#define KP_KEYEXCHANGE_PIN 32
400#define KP_SIGNATURE_PIN 33
401#define KP_PREHASH 34
402#if NTDDI_VERSION >= NTDDI_WS03
403#define KP_ROUNDS 35
404#endif
405#define KP_OAEP_PARAMS 36
406#define KP_CMS_KEY_INFO 37
407#define KP_CMS_DH_KEY_INFO 38
408#define KP_PUB_PARAMS 39
409#define KP_VERIFY_PARAMS 40
410#define KP_HIGHEST_VERSION 41
411#if NTDDI_VERSION >= NTDDI_WS03
412#define KP_GET_USE_COUNT 42
413#endif
414#define KP_PIN_ID 43
415#define KP_PIN_INFO 44
416
417#define PKCS5_PADDING 1
418#define RANDOM_PADDING 2
419#define ZERO_PADDING 3
420
421#define CRYPT_MODE_CBC 1
422#define CRYPT_MODE_ECB 2
423#define CRYPT_MODE_OFB 3
424#define CRYPT_MODE_CFB 4
425#define CRYPT_MODE_CTS 5
426
427#define CRYPT_ENCRYPT 0x1
428#define CRYPT_DECRYPT 0x2
429#define CRYPT_EXPORT 0x4
430#define CRYPT_READ 0x8
431#define CRYPT_WRITE 0x10
432#define CRYPT_MAC 0x20
433#define CRYPT_EXPORT_KEY 0x40
434#define CRYPT_IMPORT_KEY 0x80
435#if NTDDI_VERSION >= NTDDI_WINXP
436#define CRYPT_ARCHIVE 0x100
437#endif
438
439#define HP_ALGID 0x1
440#define HP_HASHVAL 0x2
441#define HP_HASHSIZE 0x4
442#define HP_HMAC_INFO 0x5
443#define HP_TLS1PRF_LABEL 0x6
444#define HP_TLS1PRF_SEED 0x7
445
446#define CRYPT_FAILED FALSE
447#define CRYPT_SUCCEED TRUE
448
449#define RCRYPT_SUCCEEDED(RT) ((RT) == CRYPT_SUCCEED)
450#define RCRYPT_FAILED(RT) ((RT) == CRYPT_FAILED)
451
452#define PP_ENUMALGS 1
453#define PP_ENUMCONTAINERS 2
454#define PP_IMPTYPE 3
455#define PP_NAME 4
456#define PP_VERSION 5
457#define PP_CONTAINER 6
458#define PP_CHANGE_PASSWORD 7
459#define PP_KEYSET_SEC_DESCR 8
460#define PP_CERTCHAIN 9
461#define PP_KEY_TYPE_SUBTYPE 10
462#define PP_PROVTYPE 16
463#define PP_KEYSTORAGE 17
464#define PP_APPLI_CERT 18
465#define PP_SYM_KEYSIZE 19
466#define PP_SESSION_KEYSIZE 20
467#define PP_UI_PROMPT 21
468#define PP_ENUMALGS_EX 22
469#define PP_ENUMMANDROOTS 25
470#define PP_ENUMELECTROOTS 26
471#define PP_KEYSET_TYPE 27
472#define PP_ADMIN_PIN 31
473#define PP_KEYEXCHANGE_PIN 32
474#define PP_SIGNATURE_PIN 33
475#define PP_SIG_KEYSIZE_INC 34
476#define PP_KEYX_KEYSIZE_INC 35
477#define PP_UNIQUE_CONTAINER 36
478#define PP_SGC_INFO 37
479#define PP_USE_HARDWARE_RNG 38
480#define PP_KEYSPEC 39
481#define PP_ENUMEX_SIGNING_PROT 40
482#if NTDDI_VERSION >= NTDDI_WS03
483#define PP_CRYPT_COUNT_KEY_USE 41
484#endif
485#if NTDDI_VERSION >= NTDDI_VISTA
486#define PP_USER_CERTSTORE 42
487#define PP_SMARTCARD_READER 43
488#define PP_SMARTCARD_GUID 45
489#define PP_ROOT_CERTSTORE 46
490#endif
491#if NTDDI_VERSION >= NTDDI_WIN8
492#define PP_SMARTCARD_READER_ICON 47
493#endif
494
495#define CRYPT_FIRST 1
496#define CRYPT_NEXT 2
497#define CRYPT_SGC_ENUM 4
498
499#define CRYPT_IMPL_HARDWARE 1
500#define CRYPT_IMPL_SOFTWARE 2
501#define CRYPT_IMPL_MIXED 3
502#define CRYPT_IMPL_UNKNOWN 4
503#define CRYPT_IMPL_REMOVABLE 8
504
505#define CRYPT_SEC_DESCR 0x1
506#define CRYPT_PSTORE 0x2
507#define CRYPT_UI_PROMPT 0x4
508
509#define CRYPT_FLAG_PCT1 0x1
510#define CRYPT_FLAG_SSL2 0x2
511#define CRYPT_FLAG_SSL3 0x4
512#define CRYPT_FLAG_TLS1 0x8
513#define CRYPT_FLAG_IPSEC 0x10
514#define CRYPT_FLAG_SIGNING 0x20
515
516#define CRYPT_SGC 0x1
517#define CRYPT_FASTSGC 0x2
518
519#define PP_CLIENT_HWND 1
520#define PP_CONTEXT_INFO 11
521#define PP_KEYEXCHANGE_KEYSIZE 12
522#define PP_SIGNATURE_KEYSIZE 13
523#define PP_KEYEXCHANGE_ALG 14
524#define PP_SIGNATURE_ALG 15
525#define PP_DELETEKEY 24
526#if NTDDI_VERSION >= NTDDI_VISTA
527#define PP_PIN_PROMPT_STRING 44
528#define PP_SECURE_KEYEXCHANGE_PIN 47
529#define PP_SECURE_SIGNATURE_PIN 48
530#endif
531#if NTDDI_VERSION >= NTDDI_WIN10_RS5
532#define PP_DISMISS_PIN_UI_SEC 49
533#endif
534
535#define PROV_RSA_FULL 1
536#define PROV_RSA_SIG 2
537#define PROV_DSS 3
538#define PROV_FORTEZZA 4
539#define PROV_MS_EXCHANGE 5
540#define PROV_SSL 6
541#define PROV_STT_MER 7
542#define PROV_STT_ACQ 8
543#define PROV_STT_BRND 9
544#define PROV_STT_ROOT 10
545#define PROV_STT_ISS 11
546#define PROV_RSA_SCHANNEL 12
547#define PROV_DSS_DH 13
548#define PROV_EC_ECDSA_SIG 14
549#define PROV_EC_ECNRA_SIG 15
550#define PROV_EC_ECDSA_FULL 16
551#define PROV_EC_ECNRA_FULL 17
552#define PROV_DH_SCHANNEL 18
553#define PROV_SPYRUS_LYNKS 20
554#define PROV_RNG 21
555#define PROV_INTEL_SEC 22
556#if NTDDI_VERSION >= NTDDI_WINXP
557#define PROV_REPLACE_OWF 23
558#define PROV_RSA_AES 24
559#endif
560
561#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP)
562
563#define MS_DEF_PROV __MINGW_NAME_UAW(MS_DEF_PROV)
564#define MS_ENHANCED_PROV __MINGW_NAME_UAW(MS_ENHANCED_PROV)
565#define MS_STRONG_PROV __MINGW_NAME_UAW(MS_STRONG_PROV)
566#define MS_DEF_RSA_SIG_PROV __MINGW_NAME_UAW(MS_DEF_RSA_SIG_PROV)
567#define MS_DEF_RSA_SCHANNEL_PROV __MINGW_NAME_UAW(MS_DEF_RSA_SCHANNEL_PROV)
568#define MS_DEF_DSS_PROV __MINGW_NAME_UAW(MS_DEF_DSS_PROV)
569#define MS_DEF_DSS_DH_PROV __MINGW_NAME_UAW(MS_DEF_DSS_DH_PROV)
570#define MS_ENH_DSS_DH_PROV __MINGW_NAME_UAW(MS_ENH_DSS_DH_PROV)
571#define MS_DEF_DH_SCHANNEL_PROV __MINGW_NAME_UAW(MS_DEF_DH_SCHANNEL_PROV)
572#define MS_SCARD_PROV __MINGW_NAME_UAW(MS_SCARD_PROV)
573#if NTDDI_VERSION >= NTDDI_WINXP
574#define MS_ENH_RSA_AES_PROV_XP __MINGW_NAME_UAW(MS_ENH_RSA_AES_PROV_XP)
575#define MS_ENH_RSA_AES_PROV __MINGW_NAME_UAW(MS_ENH_RSA_AES_PROV)
576#endif
577
578#define MS_DEF_PROV_A "Microsoft Base Cryptographic Provider v1.0"
579#define MS_DEF_PROV_W L"Microsoft Base Cryptographic Provider v1.0"
580#define MS_ENHANCED_PROV_A "Microsoft Enhanced Cryptographic Provider v1.0"
581#define MS_ENHANCED_PROV_W L"Microsoft Enhanced Cryptographic Provider v1.0"
582#define MS_STRONG_PROV_A "Microsoft Strong Cryptographic Provider"
583#define MS_STRONG_PROV_W L"Microsoft Strong Cryptographic Provider"
584#define MS_DEF_RSA_SIG_PROV_A "Microsoft RSA Signature Cryptographic Provider"
585#define MS_DEF_RSA_SIG_PROV_W L"Microsoft RSA Signature Cryptographic Provider"
586#define MS_DEF_RSA_SCHANNEL_PROV_A "Microsoft RSA SChannel Cryptographic Provider"
587#define MS_DEF_RSA_SCHANNEL_PROV_W L"Microsoft RSA SChannel Cryptographic Provider"
588#define MS_DEF_DSS_PROV_A "Microsoft Base DSS Cryptographic Provider"
589#define MS_DEF_DSS_PROV_W L"Microsoft Base DSS Cryptographic Provider"
590#define MS_DEF_DSS_DH_PROV_A "Microsoft Base DSS and Diffie-Hellman Cryptographic Provider"
591#define MS_DEF_DSS_DH_PROV_W L"Microsoft Base DSS and Diffie-Hellman Cryptographic Provider"
592#define MS_ENH_DSS_DH_PROV_A "Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider"
593#define MS_ENH_DSS_DH_PROV_W L"Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider"
594#define MS_DEF_DH_SCHANNEL_PROV_A "Microsoft DH SChannel Cryptographic Provider"
595#define MS_DEF_DH_SCHANNEL_PROV_W L"Microsoft DH SChannel Cryptographic Provider"
596#define MS_SCARD_PROV_A "Microsoft Base Smart Card Crypto Provider"
597#define MS_SCARD_PROV_W L"Microsoft Base Smart Card Crypto Provider"
598#if NTDDI_VERSION >= NTDDI_WINXP
599#define MS_ENH_RSA_AES_PROV_A "Microsoft Enhanced RSA and AES Cryptographic Provider"
600#define MS_ENH_RSA_AES_PROV_W L"Microsoft Enhanced RSA and AES Cryptographic Provider"
601#define MS_ENH_RSA_AES_PROV_XP_A "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
602#define MS_ENH_RSA_AES_PROV_XP_W L"Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
603#endif
604
605#define MAXUIDLEN 64
606
607#define EXPO_OFFLOAD_REG_VALUE "ExpoOffload"
608#define EXPO_OFFLOAD_FUNC_NAME "OffloadModExpo"
609
610#ifndef szKEY_CRYPTOAPI_PRIVATE_KEY_OPTIONS
611#define szKEY_CRYPTOAPI_PRIVATE_KEY_OPTIONS "Software\\Policies\\Microsoft\\Cryptography"
612#endif
613
614#define szKEY_CACHE_ENABLED "CachePrivateKeys"
615#define szKEY_CACHE_SECONDS "PrivateKeyLifetimeSeconds"
616
617#if NTDDI_VERSION >= NTDDI_WINXP
618#define szPRIV_KEY_CACHE_MAX_ITEMS "PrivKeyCacheMaxItems"
619#define cPRIV_KEY_CACHE_MAX_ITEMS_DEFAULT 20
620
621#define szPRIV_KEY_CACHE_PURGE_INTERVAL_SECONDS "PrivKeyCachePurgeIntervalSeconds"
622#define cPRIV_KEY_CACHE_PURGE_INTERVAL_SECONDS_DEFAULT 86400
623#endif
624
625#define CUR_BLOB_VERSION 2
626
627 typedef struct _CMS_KEY_INFO {
628 DWORD dwVersion;
629 ALG_ID Algid;
630 BYTE *pbOID;
631 DWORD cbOID;
632 } CMS_KEY_INFO,*PCMS_KEY_INFO;
633
634 typedef struct _HMAC_Info {
635 ALG_ID HashAlgid;
636 BYTE *pbInnerString;
637 DWORD cbInnerString;
638 BYTE *pbOuterString;
639 DWORD cbOuterString;
640 } HMAC_INFO,*PHMAC_INFO;
641
642 typedef struct _SCHANNEL_ALG {
643 DWORD dwUse;
644 ALG_ID Algid;
645 DWORD cBits;
646 DWORD dwFlags;
647 DWORD dwReserved;
648 } SCHANNEL_ALG,*PSCHANNEL_ALG;
649#define SCHANNEL_MAC_KEY 0x0
650#define SCHANNEL_ENC_KEY 0x1
651
652#define INTERNATIONAL_USAGE 0x1
653
654 typedef struct _PROV_ENUMALGS {
655 ALG_ID aiAlgid;
656 DWORD dwBitLen;
657 DWORD dwNameLen;
658 CHAR szName[20];
659 } PROV_ENUMALGS;
660
661 typedef struct _PROV_ENUMALGS_EX {
662 ALG_ID aiAlgid;
663 DWORD dwDefaultLen;
664 DWORD dwMinLen;
665 DWORD dwMaxLen;
666 DWORD dwProtocols;
667 DWORD dwNameLen;
668 CHAR szName[20];
669 DWORD dwLongNameLen;
670 CHAR szLongName[40];
671 } PROV_ENUMALGS_EX;
672
673 typedef struct _PUBLICKEYSTRUC {
674 BYTE bType;
675 BYTE bVersion;
676 WORD reserved;
677 ALG_ID aiKeyAlg;
678 } BLOBHEADER,PUBLICKEYSTRUC;
679
680 typedef struct _RSAPUBKEY {
681 DWORD magic;
682 DWORD bitlen;
683 DWORD pubexp;
684 } RSAPUBKEY;
685
686 typedef struct _PUBKEY {
687 DWORD magic;
688 DWORD bitlen;
689 } DHPUBKEY,DSSPUBKEY,KEAPUBKEY,TEKPUBKEY;
690
691 typedef struct _DSSSEED {
692 DWORD counter;
693 BYTE seed[20];
694 } DSSSEED;
695
696 typedef struct _PUBKEYVER3 {
697 DWORD magic;
698 DWORD bitlenP;
699 DWORD bitlenQ;
700 DWORD bitlenJ;
701 DSSSEED DSSSeed;
702 } DHPUBKEY_VER3, DSSPUBKEY_VER3;
703
704 typedef struct _PRIVKEYVER3 {
705 DWORD magic;
706 DWORD bitlenP;
707 DWORD bitlenQ;
708 DWORD bitlenJ;
709 DWORD bitlenX;
710 DSSSEED DSSSeed;
711 } DHPRIVKEY_VER3,DSSPRIVKEY_VER3;
712
713 typedef struct _KEY_TYPE_SUBTYPE {
714 DWORD dwKeySpec;
715 GUID Type;
716 GUID Subtype;
717 } KEY_TYPE_SUBTYPE,*PKEY_TYPE_SUBTYPE;
718
719 typedef struct _CERT_FORTEZZA_DATA_PROP {
720 unsigned char SerialNumber[8];
721 int CertIndex;
722 unsigned char CertLabel[36];
723 } CERT_FORTEZZA_DATA_PROP;
724
725#if NTDDI_VERSION >= NTDDI_WS03
726 typedef struct _CRYPT_RC4_KEY_STATE {
727 unsigned char Key[16];
728 unsigned char SBox[256];
729 unsigned char i;
730 unsigned char j;
731 } CRYPT_RC4_KEY_STATE,*PCRYPT_RC4_KEY_STATE;
732
733 typedef struct _CRYPT_DES_KEY_STATE {
734 unsigned char Key[8];
735 unsigned char IV[8];
736 unsigned char Feedback[8];
737 } CRYPT_DES_KEY_STATE,*PCRYPT_DES_KEY_STATE;
738
739 typedef struct _CRYPT_3DES_KEY_STATE {
740 unsigned char Key[24];
741 unsigned char IV[8];
742 unsigned char Feedback[8];
743 } CRYPT_3DES_KEY_STATE,*PCRYPT_3DES_KEY_STATE;
744#endif
745
746#if NTDDI_VERSION >= NTDDI_VISTA
747 typedef struct _CRYPT_AES_128_KEY_STATE {
748 unsigned char Key[16];
749 unsigned char IV[16];
750 unsigned char EncryptionState[11][16];
751 unsigned char DecryptionState[11][16];
752 unsigned char Feedback[16];
753 } CRYPT_AES_128_KEY_STATE,*PCRYPT_AES_128_KEY_STATE;
754
755 typedef struct _CRYPT_AES_256_KEY_STATE {
756 unsigned char Key[32];
757 unsigned char IV[16];
758 unsigned char EncryptionState[15][16];
759 unsigned char DecryptionState[15][16];
760 unsigned char Feedback[16];
761 } CRYPT_AES_256_KEY_STATE,*PCRYPT_AES_256_KEY_STATE;
762#endif
763#endif
764
765#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
766
767#ifndef CRYPTO_BLOBS_DEFINED
768#define CRYPTO_BLOBS_DEFINED
769 typedef struct _CRYPTOAPI_BLOB {
770 DWORD cbData;
771 BYTE *pbData;
772 } CRYPT_INTEGER_BLOB,*PCRYPT_INTEGER_BLOB,CRYPT_UINT_BLOB,*PCRYPT_UINT_BLOB,CRYPT_OBJID_BLOB,*PCRYPT_OBJID_BLOB,CERT_NAME_BLOB,*PCERT_NAME_BLOB,CERT_RDN_VALUE_BLOB,*PCERT_RDN_VALUE_BLOB,CERT_BLOB,*PCERT_BLOB,CRL_BLOB,*PCRL_BLOB,DATA_BLOB,*PDATA_BLOB,CRYPT_DATA_BLOB,*PCRYPT_DATA_BLOB,CRYPT_HASH_BLOB,*PCRYPT_HASH_BLOB,CRYPT_DIGEST_BLOB,*PCRYPT_DIGEST_BLOB,CRYPT_DER_BLOB,*PCRYPT_DER_BLOB,CRYPT_ATTR_BLOB,*PCRYPT_ATTR_BLOB;
773#endif
774#endif
775
776#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP) || NTDDI_VERSION >= NTDDI_WIN10_RS4 || defined(WINSTORECOMPAT)
777 WINIMPM WINBOOL WINAPI CryptAcquireContextA (HCRYPTPROV *phProv, LPCSTR szContainer, LPCSTR szProvider, DWORD dwProvType, DWORD dwFlags);
778 WINIMPM WINBOOL WINAPI CryptAcquireContextW (HCRYPTPROV *phProv, LPCWSTR szContainer, LPCWSTR szProvider, DWORD dwProvType, DWORD dwFlags);
779#define CryptAcquireContext __MINGW_NAME_AW(CryptAcquireContext)
780#endif
781#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP) || NTDDI_VERSION >= NTDDI_WIN10_19H1 || defined(WINSTORECOMPAT)
782 WINIMPM WINBOOL WINAPI CryptGenRandom (HCRYPTPROV hProv, DWORD dwLen, BYTE *pbBuffer);
783#endif
784#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
785 WINIMPM WINBOOL WINAPI CryptReleaseContext (HCRYPTPROV hProv, DWORD dwFlags);
786#endif
787#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP)
788#define CryptEnumProviderTypes __MINGW_NAME_AW(CryptEnumProviderTypes)
789#define CryptSetProvider __MINGW_NAME_AW(CryptSetProvider)
790#define CryptSetProviderEx __MINGW_NAME_AW(CryptSetProviderEx)
791
792 WINIMPM WINBOOL WINAPI CryptHashSessionKey (HCRYPTHASH hHash, HCRYPTKEY hKey, DWORD dwFlags);
793 WINIMPM WINBOOL WINAPI CryptSetProviderA (LPCSTR pszProvName, DWORD dwProvType);
794 WINIMPM WINBOOL WINAPI CryptSetProviderExA (LPCSTR pszProvName, DWORD dwProvType, DWORD *pdwReserved, DWORD dwFlags);
795 WINIMPM WINBOOL WINAPI CryptSetProviderExW (LPCWSTR pszProvName, DWORD dwProvType, DWORD *pdwReserved, DWORD dwFlags);
796 WINIMPM WINBOOL WINAPI CryptEnumProviderTypesA (DWORD dwIndex, DWORD *pdwReserved, DWORD dwFlags, DWORD *pdwProvType, LPSTR szTypeName, DWORD *pcbTypeName);
797 WINIMPM WINBOOL WINAPI CryptEnumProviderTypesW (DWORD dwIndex, DWORD *pdwReserved, DWORD dwFlags, DWORD *pdwProvType, LPWSTR szTypeName, DWORD *pcbTypeName);
798 WINIMPM WINBOOL WINAPI CryptContextAddRef (HCRYPTPROV hProv, DWORD *pdwReserved, DWORD dwFlags);
799 WINIMPM WINBOOL WINAPI CryptDuplicateHash (HCRYPTHASH hHash, DWORD *pdwReserved, DWORD dwFlags, HCRYPTHASH *phHash);
800#if NTDDI_VERSION >= NTDDI_WS03
801 WINBOOL __cdecl GetEncSChannel (BYTE **pData, DWORD *dwDecSize);
802#endif
803#endif
804
805#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP) || NTDDI_VERSION >= NTDDI_WIN10_RS4
806 typedef struct _CMS_DH_KEY_INFO {
807 DWORD dwVersion;
808 ALG_ID Algid;
809 LPSTR pszContentEncObjId;
810 CRYPT_DATA_BLOB PubInfo;
811 void *pReserved;
812 } CMS_DH_KEY_INFO,*PCMS_DH_KEY_INFO;
813
814#define CryptSignHash __MINGW_NAME_AW(CryptSignHash)
815#define CryptVerifySignature __MINGW_NAME_AW(CryptVerifySignature)
816#define CryptGetDefaultProvider __MINGW_NAME_AW(CryptGetDefaultProvider)
817
818 WINIMPM WINBOOL WINAPI CryptGenKey (HCRYPTPROV hProv, ALG_ID Algid, DWORD dwFlags, HCRYPTKEY *phKey);
819 WINIMPM WINBOOL WINAPI CryptDeriveKey (HCRYPTPROV hProv, ALG_ID Algid, HCRYPTHASH hBaseData, DWORD dwFlags, HCRYPTKEY *phKey);
820 WINIMPM WINBOOL WINAPI CryptDestroyKey (HCRYPTKEY hKey);
821 WINIMPM WINBOOL WINAPI CryptSetKeyParam (HCRYPTKEY hKey, DWORD dwParam, CONST BYTE *pbData, DWORD dwFlags);
822 WINIMPM WINBOOL WINAPI CryptGetKeyParam (HCRYPTKEY hKey, DWORD dwParam, BYTE *pbData, DWORD *pdwDataLen, DWORD dwFlags);
823 WINIMPM WINBOOL WINAPI CryptSetHashParam (HCRYPTHASH hHash, DWORD dwParam, CONST BYTE *pbData, DWORD dwFlags);
824 WINIMPM WINBOOL WINAPI CryptGetHashParam (HCRYPTHASH hHash, DWORD dwParam, BYTE *pbData, DWORD *pdwDataLen, DWORD dwFlags);
825 WINIMPM WINBOOL WINAPI CryptSetProvParam (HCRYPTPROV hProv, DWORD dwParam, CONST BYTE *pbData, DWORD dwFlags);
826 WINIMPM WINBOOL WINAPI CryptGetProvParam (HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData, DWORD *pdwDataLen, DWORD dwFlags);
827 WINIMPM WINBOOL WINAPI CryptGetUserKey (HCRYPTPROV hProv, DWORD dwKeySpec, HCRYPTKEY *phUserKey);
828 WINIMPM WINBOOL WINAPI CryptExportKey (HCRYPTKEY hKey, HCRYPTKEY hExpKey, DWORD dwBlobType, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen);
829 WINIMPM WINBOOL WINAPI CryptImportKey (HCRYPTPROV hProv, CONST BYTE *pbData, DWORD dwDataLen, HCRYPTKEY hPubKey, DWORD dwFlags, HCRYPTKEY *phKey);
830 WINIMPM WINBOOL WINAPI CryptEncrypt (HCRYPTKEY hKey, HCRYPTHASH hHash, WINBOOL Final, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen, DWORD dwBufLen);
831 WINIMPM WINBOOL WINAPI CryptDecrypt (HCRYPTKEY hKey, HCRYPTHASH hHash, WINBOOL Final, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen);
832 WINIMPM WINBOOL WINAPI CryptCreateHash (HCRYPTPROV hProv, ALG_ID Algid, HCRYPTKEY hKey, DWORD dwFlags, HCRYPTHASH *phHash);
833 WINIMPM WINBOOL WINAPI CryptHashData (HCRYPTHASH hHash, CONST BYTE *pbData, DWORD dwDataLen, DWORD dwFlags);
834 WINIMPM WINBOOL WINAPI CryptDestroyHash (HCRYPTHASH hHash);
835 WINIMPM WINBOOL WINAPI CryptSignHashA (HCRYPTHASH hHash, DWORD dwKeySpec, LPCSTR szDescription, DWORD dwFlags, BYTE *pbSignature, DWORD *pdwSigLen);
836 WINIMPM WINBOOL WINAPI CryptSignHashW (HCRYPTHASH hHash, DWORD dwKeySpec, LPCWSTR szDescription, DWORD dwFlags, BYTE *pbSignature, DWORD *pdwSigLen);
837 WINIMPM WINBOOL WINAPI CryptVerifySignatureA (HCRYPTHASH hHash, CONST BYTE *pbSignature, DWORD dwSigLen, HCRYPTKEY hPubKey, LPCSTR szDescription, DWORD dwFlags);
838 WINIMPM WINBOOL WINAPI CryptVerifySignatureW (HCRYPTHASH hHash, CONST BYTE *pbSignature, DWORD dwSigLen, HCRYPTKEY hPubKey, LPCWSTR szDescription, DWORD dwFlags);
839 WINIMPM WINBOOL WINAPI CryptGetDefaultProviderA (DWORD dwProvType, DWORD *pdwReserved, DWORD dwFlags, LPSTR pszProvName, DWORD *pcbProvName);
840 WINIMPM WINBOOL WINAPI CryptGetDefaultProviderW (DWORD dwProvType, DWORD *pdwReserved, DWORD dwFlags, LPWSTR pszProvName, DWORD *pcbProvName);
841#endif
842
843#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP) || NTDDI_VERSION >= NTDDI_WIN10_19H1
844 WINIMPM WINBOOL WINAPI CryptDuplicateKey (HCRYPTKEY hKey, DWORD *pdwReserved, DWORD dwFlags, HCRYPTKEY *phKey);
845 WINIMPM WINBOOL WINAPI CryptEnumProvidersA (DWORD dwIndex, DWORD *pdwReserved, DWORD dwFlags, DWORD *pdwProvType, LPSTR szProvName, DWORD *pcbProvName);
846 WINIMPM WINBOOL WINAPI CryptEnumProvidersW (DWORD dwIndex, DWORD *pdwReserved, DWORD dwFlags, DWORD *pdwProvType, LPWSTR szProvName, DWORD *pcbProvName);
847 WINIMPM WINBOOL WINAPI CryptSetProviderW (LPCWSTR pszProvName, DWORD dwProvType);
848
849#define CryptEnumProviders __MINGW_NAME_AW(CryptEnumProviders)
850#endif
851
852#ifndef _DDK_DRIVER_
853 typedef ULONG_PTR HCRYPTPROV_OR_NCRYPT_KEY_HANDLE;
854 typedef ULONG_PTR HCRYPTPROV_LEGACY;
855
856#include <bcrypt.h>
857
858#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
859#include <ncrypt.h>
860
861 typedef struct _CRYPT_BIT_BLOB {
862 DWORD cbData;
863 BYTE *pbData;
864 DWORD cUnusedBits;
865 } CRYPT_BIT_BLOB,*PCRYPT_BIT_BLOB;
866
867 typedef struct _CRYPT_ALGORITHM_IDENTIFIER {
868 LPSTR pszObjId;
869 CRYPT_OBJID_BLOB Parameters;
870 } CRYPT_ALGORITHM_IDENTIFIER,*PCRYPT_ALGORITHM_IDENTIFIER;
871#endif
872
873#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP)
874#define szOID_RSA "1.2.840.113549"
875#define szOID_PKCS "1.2.840.113549.1"
876#define szOID_RSA_HASH "1.2.840.113549.2"
877#define szOID_RSA_ENCRYPT "1.2.840.113549.3"
878
879#define szOID_PKCS_1 "1.2.840.113549.1.1"
880#define szOID_PKCS_2 "1.2.840.113549.1.2"
881#define szOID_PKCS_3 "1.2.840.113549.1.3"
882#define szOID_PKCS_4 "1.2.840.113549.1.4"
883#define szOID_PKCS_5 "1.2.840.113549.1.5"
884#define szOID_PKCS_6 "1.2.840.113549.1.6"
885#define szOID_PKCS_7 "1.2.840.113549.1.7"
886#define szOID_PKCS_8 "1.2.840.113549.1.8"
887#define szOID_PKCS_9 "1.2.840.113549.1.9"
888#define szOID_PKCS_10 "1.2.840.113549.1.10"
889#define szOID_PKCS_12 "1.2.840.113549.1.12"
890
891#define szOID_RSA_RSA "1.2.840.113549.1.1.1"
892#define szOID_RSA_MD2RSA "1.2.840.113549.1.1.2"
893#define szOID_RSA_MD4RSA "1.2.840.113549.1.1.3"
894#define szOID_RSA_MD5RSA "1.2.840.113549.1.1.4"
895#define szOID_RSA_SHA1RSA "1.2.840.113549.1.1.5"
896#define szOID_RSA_SETOAEP_RSA "1.2.840.113549.1.1.6"
897
898#define szOID_RSAES_OAEP "1.2.840.113549.1.1.7"
899#define szOID_RSA_MGF1 "1.2.840.113549.1.1.8"
900#define szOID_RSA_PSPECIFIED "1.2.840.113549.1.1.9"
901#define szOID_RSA_SSA_PSS "1.2.840.113549.1.1.10"
902#define szOID_RSA_SHA256RSA "1.2.840.113549.1.1.11"
903#define szOID_RSA_SHA384RSA "1.2.840.113549.1.1.12"
904#define szOID_RSA_SHA512RSA "1.2.840.113549.1.1.13"
905
906#define szOID_RSA_DH "1.2.840.113549.1.3.1"
907
908#define szOID_RSA_data "1.2.840.113549.1.7.1"
909#define szOID_RSA_signedData "1.2.840.113549.1.7.2"
910#define szOID_RSA_envelopedData "1.2.840.113549.1.7.3"
911#define szOID_RSA_signEnvData "1.2.840.113549.1.7.4"
912#define szOID_RSA_digestedData "1.2.840.113549.1.7.5"
913#define szOID_RSA_hashedData "1.2.840.113549.1.7.5"
914#define szOID_RSA_encryptedData "1.2.840.113549.1.7.6"
915
916#define szOID_RSA_emailAddr "1.2.840.113549.1.9.1"
917#define szOID_RSA_unstructName "1.2.840.113549.1.9.2"
918#define szOID_RSA_contentType "1.2.840.113549.1.9.3"
919#define szOID_RSA_messageDigest "1.2.840.113549.1.9.4"
920#define szOID_RSA_signingTime "1.2.840.113549.1.9.5"
921#define szOID_RSA_counterSign "1.2.840.113549.1.9.6"
922#define szOID_RSA_challengePwd "1.2.840.113549.1.9.7"
923#define szOID_RSA_unstructAddr "1.2.840.113549.1.9.8"
924#define szOID_RSA_extCertAttrs "1.2.840.113549.1.9.9"
925#define szOID_RSA_certExtensions "1.2.840.113549.1.9.14"
926#define szOID_RSA_SMIMECapabilities "1.2.840.113549.1.9.15"
927#define szOID_RSA_preferSignedData "1.2.840.113549.1.9.15.1"
928
929#define szOID_TIMESTAMP_TOKEN "1.2.840.113549.1.9.16.1.4"
930#define szOID_RFC3161_counterSign "1.3.6.1.4.1.311.3.3.1"
931
932#define szOID_RSA_SMIMEalg "1.2.840.113549.1.9.16.3"
933#define szOID_RSA_SMIMEalgESDH "1.2.840.113549.1.9.16.3.5"
934#define szOID_RSA_SMIMEalgCMS3DESwrap "1.2.840.113549.1.9.16.3.6"
935#define szOID_RSA_SMIMEalgCMSRC2wrap "1.2.840.113549.1.9.16.3.7"
936
937#define szOID_RSA_MD2 "1.2.840.113549.2.2"
938#define szOID_RSA_MD4 "1.2.840.113549.2.4"
939#define szOID_RSA_MD5 "1.2.840.113549.2.5"
940
941#define szOID_RSA_RC2CBC "1.2.840.113549.3.2"
942#define szOID_RSA_RC4 "1.2.840.113549.3.4"
943#define szOID_RSA_DES_EDE3_CBC "1.2.840.113549.3.7"
944#define szOID_RSA_RC5_CBCPad "1.2.840.113549.3.9"
945
946#define szOID_ANSI_X942 "1.2.840.10046"
947#define szOID_ANSI_X942_DH "1.2.840.10046.2.1"
948
949#define szOID_X957 "1.2.840.10040"
950#define szOID_X957_DSA "1.2.840.10040.4.1"
951#define szOID_X957_SHA1DSA "1.2.840.10040.4.3"
952
953#define szOID_ECC_PUBLIC_KEY "1.2.840.10045.2.1"
954#define szOID_ECC_CURVE_P256 "1.2.840.10045.3.1.7"
955#define szOID_ECC_CURVE_P384 "1.3.132.0.34"
956#define szOID_ECC_CURVE_P521 "1.3.132.0.35"
957
958#define szOID_ECC_CURVE_BRAINPOOLP160R1 "1.3.36.3.3.2.8.1.1.1"
959#define szOID_ECC_CURVE_BRAINPOOLP160T1 "1.3.36.3.3.2.8.1.1.2"
960#define szOID_ECC_CURVE_BRAINPOOLP192R1 "1.3.36.3.3.2.8.1.1.3"
961#define szOID_ECC_CURVE_BRAINPOOLP192T1 "1.3.36.3.3.2.8.1.1.4"
962#define szOID_ECC_CURVE_BRAINPOOLP224R1 "1.3.36.3.3.2.8.1.1.5"
963#define szOID_ECC_CURVE_BRAINPOOLP224T1 "1.3.36.3.3.2.8.1.1.6"
964#define szOID_ECC_CURVE_BRAINPOOLP256R1 "1.3.36.3.3.2.8.1.1.7"
965#define szOID_ECC_CURVE_BRAINPOOLP256T1 "1.3.36.3.3.2.8.1.1.8"
966#define szOID_ECC_CURVE_BRAINPOOLP320R1 "1.3.36.3.3.2.8.1.1.9"
967#define szOID_ECC_CURVE_BRAINPOOLP320T1 "1.3.36.3.3.2.8.1.1.10"
968#define szOID_ECC_CURVE_BRAINPOOLP384R1 "1.3.36.3.3.2.8.1.1.11"
969#define szOID_ECC_CURVE_BRAINPOOLP384T1 "1.3.36.3.3.2.8.1.1.12"
970#define szOID_ECC_CURVE_BRAINPOOLP512R1 "1.3.36.3.3.2.8.1.1.13"
971#define szOID_ECC_CURVE_BRAINPOOLP512T1 "1.3.36.3.3.2.8.1.1.14"
972
973#define szOID_ECC_CURVE_EC192WAPI "1.2.156.11235.1.1.2.1"
974#define szOID_CN_ECDSA_SHA256 "1.2.156.11235.1.1.1"
975
976#define szOID_ECC_CURVE_NISTP192 "1.2.840.10045.3.1.1"
977#define szOID_ECC_CURVE_NISTP224 "1.3.132.0.33"
978#define szOID_ECC_CURVE_NISTP256 szOID_ECC_CURVE_P256
979#define szOID_ECC_CURVE_NISTP384 szOID_ECC_CURVE_P384
980#define szOID_ECC_CURVE_NISTP521 szOID_ECC_CURVE_P521
981
982#define szOID_ECC_CURVE_SECP160K1 "1.3.132.0.9"
983#define szOID_ECC_CURVE_SECP160R1 "1.3.132.0.8"
984#define szOID_ECC_CURVE_SECP160R2 "1.3.132.0.30"
985#define szOID_ECC_CURVE_SECP192K1 "1.3.132.0.31"
986#define szOID_ECC_CURVE_SECP192R1 szOID_ECC_CURVE_NISTP192
987#define szOID_ECC_CURVE_SECP224K1 "1.3.132.0.32"
988#define szOID_ECC_CURVE_SECP224R1 szOID_ECC_CURVE_NISTP224
989#define szOID_ECC_CURVE_SECP256K1 "1.3.132.0.10"
990#define szOID_ECC_CURVE_SECP256R1 szOID_ECC_CURVE_P256
991#define szOID_ECC_CURVE_SECP384R1 szOID_ECC_CURVE_P384
992#define szOID_ECC_CURVE_SECP521R1 szOID_ECC_CURVE_P521
993
994#define szOID_ECC_CURVE_WTLS7 szOID_ECC_CURVE_SECP160R2
995#define szOID_ECC_CURVE_WTLS9 "2.23.43.1.4.9"
996#define szOID_ECC_CURVE_WTLS12 szOID_ECC_CURVE_NISTP224
997
998#define szOID_ECC_CURVE_X962P192V1 "1.2.840.10045.3.1.1"
999#define szOID_ECC_CURVE_X962P192V2 "1.2.840.10045.3.1.2"
1000#define szOID_ECC_CURVE_X962P192V3 "1.2.840.10045.3.1.3"
1001#define szOID_ECC_CURVE_X962P239V1 "1.2.840.10045.3.1.4"
1002#define szOID_ECC_CURVE_X962P239V2 "1.2.840.10045.3.1.5"
1003#define szOID_ECC_CURVE_X962P239V3 "1.2.840.10045.3.1.6"
1004#define szOID_ECC_CURVE_X962P256V1 szOID_ECC_CURVE_P256
1005
1006#define szOID_ECDSA_SHA1 "1.2.840.10045.4.1"
1007#define szOID_ECDSA_SPECIFIED "1.2.840.10045.4.3"
1008#define szOID_ECDSA_SHA256 "1.2.840.10045.4.3.2"
1009#define szOID_ECDSA_SHA384 "1.2.840.10045.4.3.3"
1010#define szOID_ECDSA_SHA512 "1.2.840.10045.4.3.4"
1011
1012#define szOID_NIST_AES128_CBC "2.16.840.1.101.3.4.1.2"
1013#define szOID_NIST_AES192_CBC "2.16.840.1.101.3.4.1.22"
1014#define szOID_NIST_AES256_CBC "2.16.840.1.101.3.4.1.42"
1015
1016#define szOID_NIST_AES128_WRAP "2.16.840.1.101.3.4.1.5"
1017#define szOID_NIST_AES192_WRAP "2.16.840.1.101.3.4.1.25"
1018#define szOID_NIST_AES256_WRAP "2.16.840.1.101.3.4.1.45"
1019
1020#define szOID_DH_SINGLE_PASS_STDDH_SHA1_KDF "1.3.133.16.840.63.0.2"
1021#define szOID_DH_SINGLE_PASS_STDDH_SHA256_KDF "1.3.132.1.11.1"
1022#define szOID_DH_SINGLE_PASS_STDDH_SHA384_KDF "1.3.132.1.11.2"
1023
1024#define szOID_DS "2.5"
1025#define szOID_DSALG "2.5.8"
1026#define szOID_DSALG_CRPT "2.5.8.1"
1027#define szOID_DSALG_HASH "2.5.8.2"
1028#define szOID_DSALG_SIGN "2.5.8.3"
1029#define szOID_DSALG_RSA "2.5.8.1.1"
1030
1031#define szOID_OIW "1.3.14"
1032
1033#define szOID_OIWSEC "1.3.14.3.2"
1034#define szOID_OIWSEC_md4RSA "1.3.14.3.2.2"
1035#define szOID_OIWSEC_md5RSA "1.3.14.3.2.3"
1036#define szOID_OIWSEC_md4RSA2 "1.3.14.3.2.4"
1037#define szOID_OIWSEC_desECB "1.3.14.3.2.6"
1038#define szOID_OIWSEC_desCBC "1.3.14.3.2.7"
1039#define szOID_OIWSEC_desOFB "1.3.14.3.2.8"
1040#define szOID_OIWSEC_desCFB "1.3.14.3.2.9"
1041#define szOID_OIWSEC_desMAC "1.3.14.3.2.10"
1042#define szOID_OIWSEC_rsaSign "1.3.14.3.2.11"
1043#define szOID_OIWSEC_dsa "1.3.14.3.2.12"
1044#define szOID_OIWSEC_shaDSA "1.3.14.3.2.13"
1045#define szOID_OIWSEC_mdc2RSA "1.3.14.3.2.14"
1046#define szOID_OIWSEC_shaRSA "1.3.14.3.2.15"
1047#define szOID_OIWSEC_dhCommMod "1.3.14.3.2.16"
1048#define szOID_OIWSEC_desEDE "1.3.14.3.2.17"
1049#define szOID_OIWSEC_sha "1.3.14.3.2.18"
1050#define szOID_OIWSEC_mdc2 "1.3.14.3.2.19"
1051#define szOID_OIWSEC_dsaComm "1.3.14.3.2.20"
1052#define szOID_OIWSEC_dsaCommSHA "1.3.14.3.2.21"
1053#define szOID_OIWSEC_rsaXchg "1.3.14.3.2.22"
1054#define szOID_OIWSEC_keyHashSeal "1.3.14.3.2.23"
1055#define szOID_OIWSEC_md2RSASign "1.3.14.3.2.24"
1056#define szOID_OIWSEC_md5RSASign "1.3.14.3.2.25"
1057#define szOID_OIWSEC_sha1 "1.3.14.3.2.26"
1058#define szOID_OIWSEC_dsaSHA1 "1.3.14.3.2.27"
1059#define szOID_OIWSEC_dsaCommSHA1 "1.3.14.3.2.28"
1060#define szOID_OIWSEC_sha1RSASign "1.3.14.3.2.29"
1061
1062#define szOID_OIWDIR "1.3.14.7.2"
1063#define szOID_OIWDIR_CRPT "1.3.14.7.2.1"
1064#define szOID_OIWDIR_HASH "1.3.14.7.2.2"
1065#define szOID_OIWDIR_SIGN "1.3.14.7.2.3"
1066#define szOID_OIWDIR_md2 "1.3.14.7.2.2.1"
1067#define szOID_OIWDIR_md2RSA "1.3.14.7.2.3.1"
1068
1069#define szOID_INFOSEC "2.16.840.1.101.2.1"
1070#define szOID_INFOSEC_sdnsSignature "2.16.840.1.101.2.1.1.1"
1071#define szOID_INFOSEC_mosaicSignature "2.16.840.1.101.2.1.1.2"
1072#define szOID_INFOSEC_sdnsConfidentiality "2.16.840.1.101.2.1.1.3"
1073#define szOID_INFOSEC_mosaicConfidentiality "2.16.840.1.101.2.1.1.4"
1074#define szOID_INFOSEC_sdnsIntegrity "2.16.840.1.101.2.1.1.5"
1075#define szOID_INFOSEC_mosaicIntegrity "2.16.840.1.101.2.1.1.6"
1076#define szOID_INFOSEC_sdnsTokenProtection "2.16.840.1.101.2.1.1.7"
1077#define szOID_INFOSEC_mosaicTokenProtection "2.16.840.1.101.2.1.1.8"
1078#define szOID_INFOSEC_sdnsKeyManagement "2.16.840.1.101.2.1.1.9"
1079#define szOID_INFOSEC_mosaicKeyManagement "2.16.840.1.101.2.1.1.10"
1080#define szOID_INFOSEC_sdnsKMandSig "2.16.840.1.101.2.1.1.11"
1081#define szOID_INFOSEC_mosaicKMandSig "2.16.840.1.101.2.1.1.12"
1082#define szOID_INFOSEC_SuiteASignature "2.16.840.1.101.2.1.1.13"
1083#define szOID_INFOSEC_SuiteAConfidentiality "2.16.840.1.101.2.1.1.14"
1084#define szOID_INFOSEC_SuiteAIntegrity "2.16.840.1.101.2.1.1.15"
1085#define szOID_INFOSEC_SuiteATokenProtection "2.16.840.1.101.2.1.1.16"
1086#define szOID_INFOSEC_SuiteAKeyManagement "2.16.840.1.101.2.1.1.17"
1087#define szOID_INFOSEC_SuiteAKMandSig "2.16.840.1.101.2.1.1.18"
1088#define szOID_INFOSEC_mosaicUpdatedSig "2.16.840.1.101.2.1.1.19"
1089#define szOID_INFOSEC_mosaicKMandUpdSig "2.16.840.1.101.2.1.1.20"
1090#define szOID_INFOSEC_mosaicUpdatedInteg "2.16.840.1.101.2.1.1.21"
1091
1092#define szOID_NIST_sha256 "2.16.840.1.101.3.4.2.1"
1093#define szOID_NIST_sha384 "2.16.840.1.101.3.4.2.2"
1094#define szOID_NIST_sha512 "2.16.840.1.101.3.4.2.3"
1095
1096 typedef struct _CRYPT_OBJID_TABLE {
1097 DWORD dwAlgId;
1098 LPCSTR pszObjId;
1099 } CRYPT_OBJID_TABLE,*PCRYPT_OBJID_TABLE;
1100
1101 typedef struct _CRYPT_HASH_INFO {
1102 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
1103 CRYPT_HASH_BLOB Hash;
1104 } CRYPT_HASH_INFO,*PCRYPT_HASH_INFO;
1105#endif
1106
1107#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
1108 typedef struct _CERT_EXTENSION {
1109 LPSTR pszObjId;
1110 WINBOOL fCritical;
1111 CRYPT_OBJID_BLOB Value;
1112 } CERT_EXTENSION,*PCERT_EXTENSION;
1113
1114 typedef const CERT_EXTENSION *PCCERT_EXTENSION;
1115#endif
1116
1117 typedef struct _CRYPT_ATTRIBUTE_TYPE_VALUE {
1118 LPSTR pszObjId;
1119 CRYPT_OBJID_BLOB Value;
1120 } CRYPT_ATTRIBUTE_TYPE_VALUE,*PCRYPT_ATTRIBUTE_TYPE_VALUE;
1121
1122 typedef struct _CRYPT_ATTRIBUTE {
1123 LPSTR pszObjId;
1124 DWORD cValue;
1125 PCRYPT_ATTR_BLOB rgValue;
1126 } CRYPT_ATTRIBUTE,*PCRYPT_ATTRIBUTE;
1127
1128 typedef struct _CRYPT_ATTRIBUTES {
1129 DWORD cAttr;
1130 PCRYPT_ATTRIBUTE rgAttr;
1131 } CRYPT_ATTRIBUTES,*PCRYPT_ATTRIBUTES;
1132
1133 typedef struct _CERT_RDN_ATTR {
1134 LPSTR pszObjId;
1135 DWORD dwValueType;
1136 CERT_RDN_VALUE_BLOB Value;
1137 } CERT_RDN_ATTR,*PCERT_RDN_ATTR;
1138
1139#define szOID_COMMON_NAME "2.5.4.3"
1140#define szOID_SUR_NAME "2.5.4.4"
1141#define szOID_DEVICE_SERIAL_NUMBER "2.5.4.5"
1142#define szOID_COUNTRY_NAME "2.5.4.6"
1143#define szOID_LOCALITY_NAME "2.5.4.7"
1144#define szOID_STATE_OR_PROVINCE_NAME "2.5.4.8"
1145#define szOID_STREET_ADDRESS "2.5.4.9"
1146#define szOID_ORGANIZATION_NAME "2.5.4.10"
1147#define szOID_ORGANIZATIONAL_UNIT_NAME "2.5.4.11"
1148#define szOID_TITLE "2.5.4.12"
1149#define szOID_DESCRIPTION "2.5.4.13"
1150#define szOID_SEARCH_GUIDE "2.5.4.14"
1151#define szOID_BUSINESS_CATEGORY "2.5.4.15"
1152#define szOID_POSTAL_ADDRESS "2.5.4.16"
1153#define szOID_POSTAL_CODE "2.5.4.17"
1154#define szOID_POST_OFFICE_BOX "2.5.4.18"
1155#define szOID_PHYSICAL_DELIVERY_OFFICE_NAME "2.5.4.19"
1156#define szOID_TELEPHONE_NUMBER "2.5.4.20"
1157#define szOID_TELEX_NUMBER "2.5.4.21"
1158#define szOID_TELETEXT_TERMINAL_IDENTIFIER "2.5.4.22"
1159#define szOID_FACSIMILE_TELEPHONE_NUMBER "2.5.4.23"
1160#define szOID_X21_ADDRESS "2.5.4.24"
1161#define szOID_INTERNATIONAL_ISDN_NUMBER "2.5.4.25"
1162#define szOID_REGISTERED_ADDRESS "2.5.4.26"
1163#define szOID_DESTINATION_INDICATOR "2.5.4.27"
1164#define szOID_PREFERRED_DELIVERY_METHOD "2.5.4.28"
1165#define szOID_PRESENTATION_ADDRESS "2.5.4.29"
1166#define szOID_SUPPORTED_APPLICATION_CONTEXT "2.5.4.30"
1167#define szOID_MEMBER "2.5.4.31"
1168#define szOID_OWNER "2.5.4.32"
1169#define szOID_ROLE_OCCUPANT "2.5.4.33"
1170#define szOID_SEE_ALSO "2.5.4.34"
1171#define szOID_USER_PASSWORD "2.5.4.35"
1172#define szOID_USER_CERTIFICATE "2.5.4.36"
1173#define szOID_CA_CERTIFICATE "2.5.4.37"
1174#define szOID_AUTHORITY_REVOCATION_LIST "2.5.4.38"
1175#define szOID_CERTIFICATE_REVOCATION_LIST "2.5.4.39"
1176#define szOID_CROSS_CERTIFICATE_PAIR "2.5.4.40"
1177#define szOID_GIVEN_NAME "2.5.4.42"
1178#define szOID_INITIALS "2.5.4.43"
1179#define szOID_DN_QUALIFIER "2.5.4.46"
1180
1181#define szOID_DOMAIN_COMPONENT "0.9.2342.19200300.100.1.25"
1182
1183#define szOID_PKCS_12_FRIENDLY_NAME_ATTR "1.2.840.113549.1.9.20"
1184#define szOID_PKCS_12_LOCAL_KEY_ID "1.2.840.113549.1.9.21"
1185#define szOID_PKCS_12_KEY_PROVIDER_NAME_ATTR "1.3.6.1.4.1.311.17.1"
1186#define szOID_LOCAL_MACHINE_KEYSET "1.3.6.1.4.1.311.17.2"
1187#define szOID_PKCS_12_EXTENDED_ATTRIBUTES "1.3.6.1.4.1.311.17.3"
1188#define szOID_PKCS_12_PROTECTED_PASSWORD_SECRET_BAG_TYPE_ID "1.3.6.1.4.1.311.17.4"
1189
1190#define szOID_KEYID_RDN "1.3.6.1.4.1.311.10.7.1"
1191
1192#define szOID_EV_RDN_LOCALE "1.3.6.1.4.1.311.60.2.1.1"
1193#define szOID_EV_RDN_STATE_OR_PROVINCE "1.3.6.1.4.1.311.60.2.1.2"
1194#define szOID_EV_RDN_COUNTRY "1.3.6.1.4.1.311.60.2.1.3"
1195
1196#define CERT_RDN_ANY_TYPE 0
1197#define CERT_RDN_ENCODED_BLOB 1
1198#define CERT_RDN_OCTET_STRING 2
1199#define CERT_RDN_NUMERIC_STRING 3
1200#define CERT_RDN_PRINTABLE_STRING 4
1201#define CERT_RDN_TELETEX_STRING 5
1202#define CERT_RDN_T61_STRING 5
1203#define CERT_RDN_VIDEOTEX_STRING 6
1204#define CERT_RDN_IA5_STRING 7
1205#define CERT_RDN_GRAPHIC_STRING 8
1206#define CERT_RDN_VISIBLE_STRING 9
1207#define CERT_RDN_ISO646_STRING 9
1208#define CERT_RDN_GENERAL_STRING 10
1209#define CERT_RDN_UNIVERSAL_STRING 11
1210#define CERT_RDN_INT4_STRING 11
1211#define CERT_RDN_BMP_STRING 12
1212#define CERT_RDN_UNICODE_STRING 12
1213#define CERT_RDN_UTF8_STRING 13
1214
1215#define CERT_RDN_TYPE_MASK 0x000000ff
1216#define CERT_RDN_FLAGS_MASK 0xff000000
1217
1218#define CERT_RDN_ENABLE_T61_UNICODE_FLAG 0x80000000
1219#define CERT_RDN_ENABLE_UTF8_UNICODE_FLAG 0x20000000
1220#define CERT_RDN_FORCE_UTF8_UNICODE_FLAG 0x10000000
1221#define CERT_RDN_DISABLE_CHECK_TYPE_FLAG 0x40000000
1222#define CERT_RDN_DISABLE_IE4_UTF8_FLAG 0x1000000
1223#define CERT_RDN_ENABLE_PUNYCODE_FLAG 0x2000000
1224
1225#define IS_CERT_RDN_CHAR_STRING(X) (((X) & CERT_RDN_TYPE_MASK) >= CERT_RDN_NUMERIC_STRING)
1226
1227 typedef struct _CERT_RDN {
1228 DWORD cRDNAttr;
1229 PCERT_RDN_ATTR rgRDNAttr;
1230 } CERT_RDN,*PCERT_RDN;
1231
1232 typedef struct _CERT_NAME_INFO {
1233 DWORD cRDN;
1234 PCERT_RDN rgRDN;
1235 } CERT_NAME_INFO,*PCERT_NAME_INFO;
1236
1237 typedef struct _CERT_NAME_VALUE {
1238 DWORD dwValueType;
1239 CERT_RDN_VALUE_BLOB Value;
1240 } CERT_NAME_VALUE,*PCERT_NAME_VALUE;
1241
1242#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
1243 typedef struct _CERT_PUBLIC_KEY_INFO {
1244 CRYPT_ALGORITHM_IDENTIFIER Algorithm;
1245 CRYPT_BIT_BLOB PublicKey;
1246 } CERT_PUBLIC_KEY_INFO,*PCERT_PUBLIC_KEY_INFO;
1247#endif
1248
1249#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP)
1250#define CERT_RSA_PUBLIC_KEY_OBJID szOID_RSA_RSA
1251#define CERT_DEFAULT_OID_PUBLIC_KEY_SIGN szOID_RSA_RSA
1252#define CERT_DEFAULT_OID_PUBLIC_KEY_XCHG szOID_RSA_RSA
1253
1254 typedef struct _CRYPT_ECC_PRIVATE_KEY_INFO {
1255 DWORD dwVersion;
1256 CRYPT_DER_BLOB PrivateKey;
1257 LPSTR szCurveOid;
1258 CRYPT_BIT_BLOB PublicKey;
1259 } CRYPT_ECC_PRIVATE_KEY_INFO,*PCRYPT_ECC_PRIVATE_KEY_INFO;
1260
1261#define CRYPT_ECC_PRIVATE_KEY_INFO_v1 1
1262
1263 typedef struct _CRYPT_PRIVATE_KEY_INFO {
1264 DWORD Version;
1265 CRYPT_ALGORITHM_IDENTIFIER Algorithm;
1266 CRYPT_DER_BLOB PrivateKey;
1267 PCRYPT_ATTRIBUTES pAttributes;
1268 } CRYPT_PRIVATE_KEY_INFO,*PCRYPT_PRIVATE_KEY_INFO;
1269
1270 typedef struct _CRYPT_ENCRYPTED_PRIVATE_KEY_INFO {
1271 CRYPT_ALGORITHM_IDENTIFIER EncryptionAlgorithm;
1272 CRYPT_DATA_BLOB EncryptedPrivateKey;
1273 } CRYPT_ENCRYPTED_PRIVATE_KEY_INFO,*PCRYPT_ENCRYPTED_PRIVATE_KEY_INFO;
1274
1275 typedef WINBOOL (CALLBACK *PCRYPT_DECRYPT_PRIVATE_KEY_FUNC) (CRYPT_ALGORITHM_IDENTIFIER Algorithm, CRYPT_DATA_BLOB EncryptedPrivateKey, BYTE *pbClearTextKey, DWORD *pcbClearTextKey, LPVOID pVoidDecryptFunc);
1276 typedef WINBOOL (CALLBACK *PCRYPT_ENCRYPT_PRIVATE_KEY_FUNC) (CRYPT_ALGORITHM_IDENTIFIER *pAlgorithm, CRYPT_DATA_BLOB *pClearTextPrivateKey, BYTE *pbEncryptedKey, DWORD *pcbEncryptedKey, LPVOID pVoidEncryptFunc);
1277 typedef WINBOOL (CALLBACK *PCRYPT_RESOLVE_HCRYPTPROV_FUNC) (CRYPT_PRIVATE_KEY_INFO *pPrivateKeyInfo, HCRYPTPROV *phCryptProv, LPVOID pVoidResolveFunc);
1278
1279 typedef struct _CRYPT_PKCS8_IMPORT_PARAMS {
1280 CRYPT_DIGEST_BLOB PrivateKey;
1281 PCRYPT_RESOLVE_HCRYPTPROV_FUNC pResolvehCryptProvFunc;
1282 LPVOID pVoidResolveFunc;
1283 PCRYPT_DECRYPT_PRIVATE_KEY_FUNC pDecryptPrivateKeyFunc;
1284 LPVOID pVoidDecryptFunc;
1285 } CRYPT_PKCS8_IMPORT_PARAMS,*PCRYPT_PKCS8_IMPORT_PARAMS, CRYPT_PRIVATE_KEY_BLOB_AND_PARAMS,*PCRYPT_PRIVATE_KEY_BLOB_AND_PARAMS;
1286
1287 typedef struct _CRYPT_PKCS8_EXPORT_PARAMS {
1288 HCRYPTPROV hCryptProv;
1289 DWORD dwKeySpec;
1290 LPSTR pszPrivateKeyObjId;
1291 PCRYPT_ENCRYPT_PRIVATE_KEY_FUNC pEncryptPrivateKeyFunc;
1292 LPVOID pVoidEncryptFunc;
1293 } CRYPT_PKCS8_EXPORT_PARAMS,*PCRYPT_PKCS8_EXPORT_PARAMS;
1294#endif
1295
1296#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
1297 typedef struct _CERT_INFO {
1298 DWORD dwVersion;
1299 CRYPT_INTEGER_BLOB SerialNumber;
1300 CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm;
1301 CERT_NAME_BLOB Issuer;
1302 FILETIME NotBefore;
1303 FILETIME NotAfter;
1304 CERT_NAME_BLOB Subject;
1305 CERT_PUBLIC_KEY_INFO SubjectPublicKeyInfo;
1306 CRYPT_BIT_BLOB IssuerUniqueId;
1307 CRYPT_BIT_BLOB SubjectUniqueId;
1308 DWORD cExtension;
1309 PCERT_EXTENSION rgExtension;
1310 } CERT_INFO,*PCERT_INFO;
1311#endif
1312
1313#define CERT_V1 0
1314#define CERT_V2 1
1315#define CERT_V3 2
1316
1317#define CERT_INFO_VERSION_FLAG 1
1318#define CERT_INFO_SERIAL_NUMBER_FLAG 2
1319#define CERT_INFO_SIGNATURE_ALGORITHM_FLAG 3
1320#define CERT_INFO_ISSUER_FLAG 4
1321#define CERT_INFO_NOT_BEFORE_FLAG 5
1322#define CERT_INFO_NOT_AFTER_FLAG 6
1323#define CERT_INFO_SUBJECT_FLAG 7
1324#define CERT_INFO_SUBJECT_PUBLIC_KEY_INFO_FLAG 8
1325#define CERT_INFO_ISSUER_UNIQUE_ID_FLAG 9
1326#define CERT_INFO_SUBJECT_UNIQUE_ID_FLAG 10
1327#define CERT_INFO_EXTENSION_FLAG 11
1328
1329 typedef struct _CRL_ENTRY {
1330 CRYPT_INTEGER_BLOB SerialNumber;
1331 FILETIME RevocationDate;
1332 DWORD cExtension;
1333 PCERT_EXTENSION rgExtension;
1334 } CRL_ENTRY,*PCRL_ENTRY;
1335
1336 typedef struct _CRL_INFO {
1337 DWORD dwVersion;
1338 CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm;
1339 CERT_NAME_BLOB Issuer;
1340 FILETIME ThisUpdate;
1341 FILETIME NextUpdate;
1342 DWORD cCRLEntry;
1343 PCRL_ENTRY rgCRLEntry;
1344 DWORD cExtension;
1345 PCERT_EXTENSION rgExtension;
1346 } CRL_INFO,*PCRL_INFO;
1347
1348#define CRL_V1 0
1349#define CRL_V2 1
1350
1351#define CERT_BUNDLE_CERTIFICATE 0
1352#define CERT_BUNDLE_CRL 1
1353
1354 typedef struct _CERT_OR_CRL_BLOB {
1355 DWORD dwChoice;
1356 DWORD cbEncoded;
1357 BYTE *pbEncoded;
1358 } CERT_OR_CRL_BLOB,*PCERT_OR_CRL_BLOB;
1359
1360 typedef struct _CERT_OR_CRL_BUNDLE {
1361 DWORD cItem;
1362 PCERT_OR_CRL_BLOB rgItem;
1363 } CERT_OR_CRL_BUNDLE,*PCERT_OR_CRL_BUNDLE;
1364
1365 typedef struct _CERT_REQUEST_INFO {
1366 DWORD dwVersion;
1367 CERT_NAME_BLOB Subject;
1368 CERT_PUBLIC_KEY_INFO SubjectPublicKeyInfo;
1369 DWORD cAttribute;
1370 PCRYPT_ATTRIBUTE rgAttribute;
1371 } CERT_REQUEST_INFO,*PCERT_REQUEST_INFO;
1372
1373#define CERT_REQUEST_V1 0
1374
1375 typedef struct _CERT_KEYGEN_REQUEST_INFO {
1376 DWORD dwVersion;
1377 CERT_PUBLIC_KEY_INFO SubjectPublicKeyInfo;
1378 LPWSTR pwszChallengeString;
1379 } CERT_KEYGEN_REQUEST_INFO,*PCERT_KEYGEN_REQUEST_INFO;
1380
1381#define CERT_KEYGEN_REQUEST_V1 0
1382
1383 typedef struct _CERT_SIGNED_CONTENT_INFO {
1384 CRYPT_DER_BLOB ToBeSigned;
1385 CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm;
1386 CRYPT_BIT_BLOB Signature;
1387 } CERT_SIGNED_CONTENT_INFO,*PCERT_SIGNED_CONTENT_INFO;
1388
1389 typedef struct _CTL_USAGE {
1390 DWORD cUsageIdentifier;
1391 LPSTR *rgpszUsageIdentifier;
1392 } CTL_USAGE,*PCTL_USAGE,CERT_ENHKEY_USAGE,*PCERT_ENHKEY_USAGE;
1393
1394 typedef const CTL_USAGE *PCCTL_USAGE;
1395 typedef const CERT_ENHKEY_USAGE *PCCERT_ENHKEY_USAGE;
1396
1397 typedef struct _CTL_ENTRY {
1398 CRYPT_DATA_BLOB SubjectIdentifier;
1399 DWORD cAttribute;
1400 PCRYPT_ATTRIBUTE rgAttribute;
1401 } CTL_ENTRY,*PCTL_ENTRY;
1402
1403 typedef struct _CTL_INFO {
1404 DWORD dwVersion;
1405 CTL_USAGE SubjectUsage;
1406 CRYPT_DATA_BLOB ListIdentifier;
1407 CRYPT_INTEGER_BLOB SequenceNumber;
1408 FILETIME ThisUpdate;
1409 FILETIME NextUpdate;
1410 CRYPT_ALGORITHM_IDENTIFIER SubjectAlgorithm;
1411 DWORD cCTLEntry;
1412 PCTL_ENTRY rgCTLEntry;
1413 DWORD cExtension;
1414 PCERT_EXTENSION rgExtension;
1415 } CTL_INFO,*PCTL_INFO;
1416
1417#define CTL_V1 0
1418
1419 typedef struct _CRYPT_TIME_STAMP_REQUEST_INFO {
1420 LPSTR pszTimeStampAlgorithm;
1421 LPSTR pszContentType;
1422 CRYPT_OBJID_BLOB Content;
1423 DWORD cAttribute;
1424 PCRYPT_ATTRIBUTE rgAttribute;
1425 } CRYPT_TIME_STAMP_REQUEST_INFO,*PCRYPT_TIME_STAMP_REQUEST_INFO;
1426
1427 typedef struct _CRYPT_ENROLLMENT_NAME_VALUE_PAIR {
1428 LPWSTR pwszName;
1429 LPWSTR pwszValue;
1430 } CRYPT_ENROLLMENT_NAME_VALUE_PAIR,*PCRYPT_ENROLLMENT_NAME_VALUE_PAIR;
1431
1432 typedef struct _CRYPT_CSP_PROVIDER {
1433 DWORD dwKeySpec;
1434 LPWSTR pwszProviderName;
1435 CRYPT_BIT_BLOB Signature;
1436 } CRYPT_CSP_PROVIDER,*PCRYPT_CSP_PROVIDER;
1437
1438#define CERT_ENCODING_TYPE_MASK 0x0000ffff
1439#define CMSG_ENCODING_TYPE_MASK 0xffff0000
1440#define GET_CERT_ENCODING_TYPE(T) (T & CERT_ENCODING_TYPE_MASK)
1441#define GET_CMSG_ENCODING_TYPE(T) (T & CMSG_ENCODING_TYPE_MASK)
1442
1443#define CRYPT_ASN_ENCODING 0x1
1444#define CRYPT_NDR_ENCODING 0x2
1445#define X509_ASN_ENCODING 0x1
1446#define X509_NDR_ENCODING 0x2
1447#define PKCS_7_ASN_ENCODING 0x10000
1448#define PKCS_7_NDR_ENCODING 0x20000
1449
1450 WINIMPM WINBOOL WINAPI CryptFormatObject (DWORD dwCertEncodingType, DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct, LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat, DWORD *pcbFormat);
1451
1452#define CRYPT_FORMAT_STR_MULTI_LINE 0x1
1453#define CRYPT_FORMAT_STR_NO_HEX 0x10
1454
1455#define CRYPT_FORMAT_SIMPLE 0x1
1456#define CRYPT_FORMAT_X509 0x2
1457#define CRYPT_FORMAT_OID 0x4
1458#define CRYPT_FORMAT_RDN_SEMICOLON 0x100
1459#define CRYPT_FORMAT_RDN_CRLF 0x200
1460#define CRYPT_FORMAT_RDN_UNQUOTE 0x400
1461#define CRYPT_FORMAT_RDN_REVERSE 0x800
1462#define CRYPT_FORMAT_COMMA 0x1000
1463#define CRYPT_FORMAT_SEMICOLON CRYPT_FORMAT_RDN_SEMICOLON
1464#define CRYPT_FORMAT_CRLF CRYPT_FORMAT_RDN_CRLF
1465
1466 typedef LPVOID (WINAPI *PFN_CRYPT_ALLOC)(size_t cbSize);
1467 typedef VOID (WINAPI *PFN_CRYPT_FREE)(LPVOID pv);
1468
1469 typedef struct _CRYPT_ENCODE_PARA {
1470 DWORD cbSize;
1471 PFN_CRYPT_ALLOC pfnAlloc;
1472 PFN_CRYPT_FREE pfnFree;
1473 } CRYPT_ENCODE_PARA,*PCRYPT_ENCODE_PARA;
1474
1475 WINIMPM WINBOOL WINAPI CryptEncodeObjectEx (DWORD dwCertEncodingType, LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags, PCRYPT_ENCODE_PARA pEncodePara, void *pvEncoded, DWORD *pcbEncoded);
1476 WINIMPM WINBOOL WINAPI CryptEncodeObject (DWORD dwCertEncodingType, LPCSTR lpszStructType, const void *pvStructInfo, BYTE *pbEncoded, DWORD *pcbEncoded);
1477
1478#define CRYPT_ENCODE_NO_SIGNATURE_BYTE_REVERSAL_FLAG 0x8
1479#define CRYPT_ENCODE_ALLOC_FLAG 0x8000
1480#define CRYPT_UNICODE_NAME_ENCODE_ENABLE_T61_UNICODE_FLAG CERT_RDN_ENABLE_T61_UNICODE_FLAG
1481#define CRYPT_UNICODE_NAME_ENCODE_ENABLE_UTF8_UNICODE_FLAG CERT_RDN_ENABLE_UTF8_UNICODE_FLAG
1482#define CRYPT_UNICODE_NAME_ENCODE_FORCE_UTF8_UNICODE_FLAG CERT_RDN_FORCE_UTF8_UNICODE_FLAG
1483#define CRYPT_UNICODE_NAME_ENCODE_DISABLE_CHECK_TYPE_FLAG CERT_RDN_DISABLE_CHECK_TYPE_FLAG
1484#define CRYPT_SORTED_CTL_ENCODE_HASHED_SUBJECT_IDENTIFIER_FLAG 0x10000
1485#define CRYPT_ENCODE_ENABLE_PUNYCODE_FLAG 0x20000
1486#define CRYPT_ENCODE_ENABLE_UTF8PERCENT_FLAG 0x40000
1487#define CRYPT_ENCODE_ENABLE_IA5CONVERSION_FLAG (CRYPT_ENCODE_ENABLE_PUNYCODE_FLAG | CRYPT_ENCODE_ENABLE_UTF8PERCENT_FLAG)
1488
1489 typedef struct _CRYPT_DECODE_PARA {
1490 DWORD cbSize;
1491 PFN_CRYPT_ALLOC pfnAlloc;
1492 PFN_CRYPT_FREE pfnFree;
1493 } CRYPT_DECODE_PARA,*PCRYPT_DECODE_PARA;
1494
1495 WINIMPM WINBOOL WINAPI CryptDecodeObjectEx (DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo);
1496 WINIMPM WINBOOL WINAPI CryptDecodeObject (DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo);
1497
1498#define CRYPT_DECODE_NOCOPY_FLAG 0x1
1499#define CRYPT_DECODE_TO_BE_SIGNED_FLAG 0x2
1500#define CRYPT_DECODE_SHARE_OID_STRING_FLAG 0x4
1501#define CRYPT_DECODE_NO_SIGNATURE_BYTE_REVERSAL_FLAG 0x8
1502#define CRYPT_DECODE_ALLOC_FLAG 0x8000
1503#define CRYPT_UNICODE_NAME_DECODE_DISABLE_IE4_UTF8_FLAG CERT_RDN_DISABLE_IE4_UTF8_FLAG
1504#define CRYPT_DECODE_ENABLE_PUNYCODE_FLAG 0x2000000
1505#define CRYPT_DECODE_ENABLE_UTF8PERCENT_FLAG 0x4000000
1506#define CRYPT_DECODE_ENABLE_IA5CONVERSION_FLAG (CRYPT_DECODE_ENABLE_PUNYCODE_FLAG | CRYPT_DECODE_ENABLE_UTF8PERCENT_FLAG)
1507
1508#define CRYPT_ENCODE_DECODE_NONE 0
1509#define X509_CERT ((LPCSTR) 1)
1510#define X509_CERT_TO_BE_SIGNED ((LPCSTR) 2)
1511#define X509_CERT_CRL_TO_BE_SIGNED ((LPCSTR) 3)
1512#define X509_CERT_REQUEST_TO_BE_SIGNED ((LPCSTR) 4)
1513#define X509_EXTENSIONS ((LPCSTR) 5)
1514#define X509_NAME_VALUE ((LPCSTR) 6)
1515#define X509_NAME ((LPCSTR) 7)
1516#define X509_PUBLIC_KEY_INFO ((LPCSTR) 8)
1517#define X509_AUTHORITY_KEY_ID ((LPCSTR) 9)
1518#define X509_KEY_ATTRIBUTES ((LPCSTR) 10)
1519#define X509_KEY_USAGE_RESTRICTION ((LPCSTR) 11)
1520#define X509_ALTERNATE_NAME ((LPCSTR) 12)
1521#define X509_BASIC_CONSTRAINTS ((LPCSTR) 13)
1522#define X509_KEY_USAGE ((LPCSTR) 14)
1523#define X509_BASIC_CONSTRAINTS2 ((LPCSTR) 15)
1524#define X509_CERT_POLICIES ((LPCSTR) 16)
1525#define PKCS_UTC_TIME ((LPCSTR) 17)
1526#define PKCS_TIME_REQUEST ((LPCSTR) 18)
1527#define RSA_CSP_PUBLICKEYBLOB ((LPCSTR) 19)
1528#define X509_UNICODE_NAME ((LPCSTR) 20)
1529#define X509_KEYGEN_REQUEST_TO_BE_SIGNED ((LPCSTR) 21)
1530#define PKCS_ATTRIBUTE ((LPCSTR) 22)
1531#define PKCS_CONTENT_INFO_SEQUENCE_OF_ANY ((LPCSTR) 23)
1532#define X509_UNICODE_NAME_VALUE ((LPCSTR) 24)
1533#define X509_ANY_STRING X509_NAME_VALUE
1534#define X509_UNICODE_ANY_STRING X509_UNICODE_NAME_VALUE
1535#define X509_OCTET_STRING ((LPCSTR) 25)
1536#define X509_BITS ((LPCSTR) 26)
1537#define X509_INTEGER ((LPCSTR) 27)
1538#define X509_MULTI_BYTE_INTEGER ((LPCSTR) 28)
1539#define X509_ENUMERATED ((LPCSTR) 29)
1540#define X509_CHOICE_OF_TIME ((LPCSTR) 30)
1541#define X509_AUTHORITY_KEY_ID2 ((LPCSTR) 31)
1542#define X509_AUTHORITY_INFO_ACCESS ((LPCSTR) 32)
1543#define X509_SUBJECT_INFO_ACCESS X509_AUTHORITY_INFO_ACCESS
1544#define X509_CRL_REASON_CODE X509_ENUMERATED
1545#define PKCS_CONTENT_INFO ((LPCSTR) 33)
1546#define X509_SEQUENCE_OF_ANY ((LPCSTR) 34)
1547#define X509_CRL_DIST_POINTS ((LPCSTR) 35)
1548#define X509_ENHANCED_KEY_USAGE ((LPCSTR) 36)
1549#define PKCS_CTL ((LPCSTR) 37)
1550#define X509_MULTI_BYTE_UINT ((LPCSTR) 38)
1551#define X509_DSS_PUBLICKEY X509_MULTI_BYTE_UINT
1552#define X509_DSS_PARAMETERS ((LPCSTR) 39)
1553#define X509_DSS_SIGNATURE ((LPCSTR) 40)
1554#define PKCS_RC2_CBC_PARAMETERS ((LPCSTR) 41)
1555#define PKCS_SMIME_CAPABILITIES ((LPCSTR) 42)
1556#define X509_QC_STATEMENTS_EXT ((LPCSTR) 42)
1557#define PKCS_RSA_PRIVATE_KEY ((LPCSTR) 43)
1558#define PKCS_PRIVATE_KEY_INFO ((LPCSTR) 44)
1559#define PKCS_ENCRYPTED_PRIVATE_KEY_INFO ((LPCSTR) 45)
1560#define X509_PKIX_POLICY_QUALIFIER_USERNOTICE ((LPCSTR) 46)
1561#define X509_DH_PUBLICKEY X509_MULTI_BYTE_UINT
1562#define X509_DH_PARAMETERS ((LPCSTR) 47)
1563#define X509_ECC_SIGNATURE ((LPCSTR) 47)
1564#define PKCS_ATTRIBUTES ((LPCSTR) 48)
1565#define PKCS_SORTED_CTL ((LPCSTR) 49)
1566#define X942_DH_PARAMETERS ((LPCSTR) 50)
1567#define X509_BITS_WITHOUT_TRAILING_ZEROES ((LPCSTR) 51)
1568#define X942_OTHER_INFO ((LPCSTR) 52)
1569#define X509_CERT_PAIR ((LPCSTR) 53)
1570#define X509_ISSUING_DIST_POINT ((LPCSTR) 54)
1571#define X509_NAME_CONSTRAINTS ((LPCSTR) 55)
1572#define X509_POLICY_MAPPINGS ((LPCSTR) 56)
1573#define X509_POLICY_CONSTRAINTS ((LPCSTR) 57)
1574#define X509_CROSS_CERT_DIST_POINTS ((LPCSTR) 58)
1575#define CMC_DATA ((LPCSTR) 59)
1576#define CMC_RESPONSE ((LPCSTR) 60)
1577#define CMC_STATUS ((LPCSTR) 61)
1578#define CMC_ADD_EXTENSIONS ((LPCSTR) 62)
1579#define CMC_ADD_ATTRIBUTES ((LPCSTR) 63)
1580#define X509_CERTIFICATE_TEMPLATE ((LPCSTR) 64)
1581#define OCSP_SIGNED_REQUEST ((LPCSTR) 65)
1582#define OCSP_REQUEST ((LPCSTR) 66)
1583#define OCSP_RESPONSE ((LPCSTR) 67)
1584#define OCSP_BASIC_SIGNED_RESPONSE ((LPCSTR) 68)
1585#define OCSP_BASIC_RESPONSE ((LPCSTR) 69)
1586#define X509_LOGOTYPE_EXT ((LPCSTR) 70)
1587#define X509_BIOMETRIC_EXT ((LPCSTR) 71)
1588#define CNG_RSA_PUBLIC_KEY_BLOB ((LPCSTR) 72)
1589#define X509_OBJECT_IDENTIFIER ((LPCSTR) 73)
1590#define X509_ALGORITHM_IDENTIFIER ((LPCSTR) 74)
1591#define PKCS_RSA_SSA_PSS_PARAMETERS ((LPCSTR) 75)
1592#define PKCS_RSAES_OAEP_PARAMETERS ((LPCSTR) 76)
1593#define ECC_CMS_SHARED_INFO ((LPCSTR) 77)
1594#define TIMESTAMP_REQUEST ((LPCSTR) 78)
1595#define TIMESTAMP_RESPONSE ((LPCSTR) 79)
1596#define TIMESTAMP_INFO ((LPCSTR) 80)
1597#define X509_CERT_BUNDLE ((LPCSTR) 81)
1598#define X509_ECC_PRIVATE_KEY ((LPCSTR) 82)
1599#define CNG_RSA_PRIVATE_KEY_BLOB ((LPCSTR) 83)
1600#define X509_SUBJECT_DIR_ATTRS ((LPCSTR) 84)
1601#define X509_ECC_PARAMETERS ((LPCSTR) 85)
1602
1603#define PKCS7_SIGNER_INFO ((LPCSTR) 500)
1604#define CMS_SIGNER_INFO ((LPCSTR) 501)
1605
1606#define szOID_AUTHORITY_KEY_IDENTIFIER "2.5.29.1"
1607#define szOID_KEY_ATTRIBUTES "2.5.29.2"
1608#define szOID_CERT_POLICIES_95 "2.5.29.3"
1609#define szOID_KEY_USAGE_RESTRICTION "2.5.29.4"
1610#define szOID_SUBJECT_ALT_NAME "2.5.29.7"
1611#define szOID_ISSUER_ALT_NAME "2.5.29.8"
1612#define szOID_BASIC_CONSTRAINTS "2.5.29.10"
1613/* szOID_KEY_USAGE is defined incorrectly in msdn as 2.5.29.4 --
1614 http://www.oid-info.com/get/2.5.29.15 RFC3280 */
1615#define szOID_KEY_USAGE "2.5.29.15"
1616#define szOID_PRIVATEKEY_USAGE_PERIOD "2.5.29.16"
1617#define szOID_BASIC_CONSTRAINTS2 "2.5.29.19"
1618
1619#define szOID_CERT_POLICIES "2.5.29.32"
1620#define szOID_ANY_CERT_POLICY "2.5.29.32.0"
1621#define szOID_INHIBIT_ANY_POLICY "2.5.29.54"
1622
1623#define szOID_AUTHORITY_KEY_IDENTIFIER2 "2.5.29.35"
1624#define szOID_SUBJECT_KEY_IDENTIFIER "2.5.29.14"
1625#define szOID_SUBJECT_ALT_NAME2 "2.5.29.17"
1626#define szOID_ISSUER_ALT_NAME2 "2.5.29.18"
1627#define szOID_CRL_REASON_CODE "2.5.29.21"
1628#define szOID_REASON_CODE_HOLD "2.5.29.23"
1629#define szOID_CRL_DIST_POINTS "2.5.29.31"
1630#define szOID_ENHANCED_KEY_USAGE "2.5.29.37"
1631
1632#define szOID_ANY_ENHANCED_KEY_USAGE "2.5.29.37.0"
1633
1634#define szOID_CRL_NUMBER "2.5.29.20"
1635
1636#define szOID_DELTA_CRL_INDICATOR "2.5.29.27"
1637#define szOID_ISSUING_DIST_POINT "2.5.29.28"
1638
1639#define szOID_FRESHEST_CRL "2.5.29.46"
1640#define szOID_NAME_CONSTRAINTS "2.5.29.30"
1641
1642#define szOID_POLICY_MAPPINGS "2.5.29.33"
1643#define szOID_LEGACY_POLICY_MAPPINGS "2.5.29.5"
1644#define szOID_POLICY_CONSTRAINTS "2.5.29.36"
1645
1646#define szOID_RENEWAL_CERTIFICATE "1.3.6.1.4.1.311.13.1"
1647#define szOID_ENROLLMENT_NAME_VALUE_PAIR "1.3.6.1.4.1.311.13.2.1"
1648#define szOID_ENROLLMENT_CSP_PROVIDER "1.3.6.1.4.1.311.13.2.2"
1649#define szOID_OS_VERSION "1.3.6.1.4.1.311.13.2.3"
1650
1651#define szOID_ENROLLMENT_AGENT "1.3.6.1.4.1.311.20.2.1"
1652
1653#define szOID_PKIX "1.3.6.1.5.5.7"
1654#define szOID_PKIX_PE "1.3.6.1.5.5.7.1"
1655#define szOID_AUTHORITY_INFO_ACCESS "1.3.6.1.5.5.7.1.1"
1656#define szOID_SUBJECT_INFO_ACCESS "1.3.6.1.5.5.7.1.11"
1657#define szOID_BIOMETRIC_EXT "1.3.6.1.5.5.7.1.2"
1658#define szOID_QC_STATEMENTS_EXT "1.3.6.1.5.5.7.1.3"
1659#define szOID_LOGOTYPE_EXT "1.3.6.1.5.5.7.1.12"
1660#define szOID_TLS_FEATURES_EXT "1.3.6.1.5.5.7.1.24"
1661
1662#define szOID_CERT_EXTENSIONS "1.3.6.1.4.1.311.2.1.14"
1663#define szOID_NEXT_UPDATE_LOCATION "1.3.6.1.4.1.311.10.2"
1664#define szOID_REMOVE_CERTIFICATE "1.3.6.1.4.1.311.10.8.1"
1665#define szOID_CROSS_CERT_DIST_POINTS "1.3.6.1.4.1.311.10.9.1"
1666
1667#define szOID_CTL "1.3.6.1.4.1.311.10.1"
1668
1669#define szOID_SORTED_CTL "1.3.6.1.4.1.311.10.1.1"
1670
1671#ifndef szOID_SERIALIZED
1672#define szOID_SERIALIZED "1.3.6.1.4.1.311.10.3.3.1"
1673#endif
1674
1675#ifndef szOID_NT_PRINCIPAL_NAME
1676#define szOID_NT_PRINCIPAL_NAME "1.3.6.1.4.1.311.20.2.3"
1677#endif
1678
1679#ifndef szOID_INTERNATIONALIZED_EMAIL_ADDRESS
1680#define szOID_INTERNATIONALIZED_EMAIL_ADDRESS "1.3.6.1.4.1.311.20.2.4"
1681#endif
1682
1683#ifndef szOID_PRODUCT_UPDATE
1684#define szOID_PRODUCT_UPDATE "1.3.6.1.4.1.311.31.1"
1685#endif
1686
1687#define szOID_ANY_APPLICATION_POLICY "1.3.6.1.4.1.311.10.12.1"
1688
1689#define szOID_AUTO_ENROLL_CTL_USAGE "1.3.6.1.4.1.311.20.1"
1690
1691#define szOID_ENROLL_CERTTYPE_EXTENSION "1.3.6.1.4.1.311.20.2"
1692
1693#define szOID_CERT_MANIFOLD "1.3.6.1.4.1.311.20.3"
1694
1695#ifndef szOID_CERTSRV_CA_VERSION
1696#define szOID_CERTSRV_CA_VERSION "1.3.6.1.4.1.311.21.1"
1697#endif
1698#define szOID_CERTSRV_PREVIOUS_CERT_HASH "1.3.6.1.4.1.311.21.2"
1699#define szOID_CRL_VIRTUAL_BASE "1.3.6.1.4.1.311.21.3"
1700#define szOID_CRL_NEXT_PUBLISH "1.3.6.1.4.1.311.21.4"
1701#define szOID_KP_CA_EXCHANGE "1.3.6.1.4.1.311.21.5"
1702#define szOID_KP_KEY_RECOVERY_AGENT "1.3.6.1.4.1.311.21.6"
1703#define szOID_CERTIFICATE_TEMPLATE "1.3.6.1.4.1.311.21.7"
1704#define szOID_ENTERPRISE_OID_ROOT "1.3.6.1.4.1.311.21.8"
1705#define szOID_RDN_DUMMY_SIGNER "1.3.6.1.4.1.311.21.9"
1706#define szOID_APPLICATION_CERT_POLICIES "1.3.6.1.4.1.311.21.10"
1707#define szOID_APPLICATION_POLICY_MAPPINGS "1.3.6.1.4.1.311.21.11"
1708#define szOID_APPLICATION_POLICY_CONSTRAINTS "1.3.6.1.4.1.311.21.12"
1709#define szOID_ARCHIVED_KEY_ATTR "1.3.6.1.4.1.311.21.13"
1710#define szOID_CRL_SELF_CDP "1.3.6.1.4.1.311.21.14"
1711#define szOID_REQUIRE_CERT_CHAIN_POLICY "1.3.6.1.4.1.311.21.15"
1712#define szOID_ARCHIVED_KEY_CERT_HASH "1.3.6.1.4.1.311.21.16"
1713#define szOID_ISSUED_CERT_HASH "1.3.6.1.4.1.311.21.17"
1714#define szOID_DS_EMAIL_REPLICATION "1.3.6.1.4.1.311.21.19"
1715#define szOID_REQUEST_CLIENT_INFO "1.3.6.1.4.1.311.21.20"
1716#define szOID_ENCRYPTED_KEY_HASH "1.3.6.1.4.1.311.21.21"
1717#define szOID_CERTSRV_CROSSCA_VERSION "1.3.6.1.4.1.311.21.22"
1718
1719#define szOID_NTDS_REPLICATION "1.3.6.1.4.1.311.25.1"
1720
1721#define szOID_SUBJECT_DIR_ATTRS "2.5.29.9"
1722
1723#define szOID_PKIX_KP "1.3.6.1.5.5.7.3"
1724
1725#define szOID_PKIX_KP_SERVER_AUTH "1.3.6.1.5.5.7.3.1"
1726#define szOID_PKIX_KP_CLIENT_AUTH "1.3.6.1.5.5.7.3.2"
1727#define szOID_PKIX_KP_CODE_SIGNING "1.3.6.1.5.5.7.3.3"
1728#define szOID_PKIX_KP_EMAIL_PROTECTION "1.3.6.1.5.5.7.3.4"
1729#define szOID_PKIX_KP_IPSEC_END_SYSTEM "1.3.6.1.5.5.7.3.5"
1730#define szOID_PKIX_KP_IPSEC_TUNNEL "1.3.6.1.5.5.7.3.6"
1731#define szOID_PKIX_KP_IPSEC_USER "1.3.6.1.5.5.7.3.7"
1732#define szOID_PKIX_KP_TIMESTAMP_SIGNING "1.3.6.1.5.5.7.3.8"
1733#define szOID_PKIX_KP_OCSP_SIGNING "1.3.6.1.5.5.7.3.9"
1734
1735#define szOID_PKIX_OCSP_NONCE "1.3.6.1.5.5.7.48.1.2"
1736#define szOID_PKIX_OCSP_NOCHECK "1.3.6.1.5.5.7.48.1.5"
1737
1738#define szOID_IPSEC_KP_IKE_INTERMEDIATE "1.3.6.1.5.5.8.2.2"
1739
1740#define szOID_PKINIT_KP_KDC "1.3.6.1.5.2.3.5"
1741
1742#define szOID_KP_CTL_USAGE_SIGNING "1.3.6.1.4.1.311.10.3.1"
1743
1744#define szOID_KP_TIME_STAMP_SIGNING "1.3.6.1.4.1.311.10.3.2"
1745
1746#ifndef szOID_SERVER_GATED_CRYPTO
1747#define szOID_SERVER_GATED_CRYPTO "1.3.6.1.4.1.311.10.3.3"
1748#endif
1749
1750#ifndef szOID_SGC_NETSCAPE
1751#define szOID_SGC_NETSCAPE "2.16.840.1.113730.4.1"
1752#endif
1753
1754#define szOID_KP_EFS "1.3.6.1.4.1.311.10.3.4"
1755#define szOID_EFS_RECOVERY "1.3.6.1.4.1.311.10.3.4.1"
1756
1757#define szOID_WHQL_CRYPTO "1.3.6.1.4.1.311.10.3.5"
1758#define szOID_ATTEST_WHQL_CRYPTO "1.3.6.1.4.1.311.10.3.5.1"
1759#define szOID_NT5_CRYPTO "1.3.6.1.4.1.311.10.3.6"
1760#define szOID_OEM_WHQL_CRYPTO "1.3.6.1.4.1.311.10.3.7"
1761#define szOID_EMBEDDED_NT_CRYPTO "1.3.6.1.4.1.311.10.3.8"
1762#define szOID_ROOT_LIST_SIGNER "1.3.6.1.4.1.311.10.3.9"
1763#define szOID_KP_QUALIFIED_SUBORDINATION "1.3.6.1.4.1.311.10.3.10"
1764#define szOID_KP_KEY_RECOVERY "1.3.6.1.4.1.311.10.3.11"
1765#define szOID_KP_DOCUMENT_SIGNING "1.3.6.1.4.1.311.10.3.12"
1766#define szOID_KP_LIFETIME_SIGNING "1.3.6.1.4.1.311.10.3.13"
1767#define szOID_KP_MOBILE_DEVICE_SOFTWARE "1.3.6.1.4.1.311.10.3.14"
1768#define szOID_KP_SMART_DISPLAY "1.3.6.1.4.1.311.10.3.15"
1769#define szOID_KP_CSP_SIGNATURE "1.3.6.1.4.1.311.10.3.16"
1770#define szOID_KP_FLIGHT_SIGNING "1.3.6.1.4.1.311.10.3.27"
1771#define szOID_PLATFORM_MANIFEST_BINARY_ID "1.3.6.1.4.1.311.10.3.28"
1772
1773#ifndef szOID_DRM
1774#define szOID_DRM "1.3.6.1.4.1.311.10.5.1"
1775#endif
1776
1777#ifndef szOID_DRM_INDIVIDUALIZATION
1778#define szOID_DRM_INDIVIDUALIZATION "1.3.6.1.4.1.311.10.5.2"
1779#endif
1780
1781#ifndef szOID_LICENSES
1782#define szOID_LICENSES "1.3.6.1.4.1.311.10.6.1"
1783#endif
1784
1785#ifndef szOID_LICENSE_SERVER
1786#define szOID_LICENSE_SERVER "1.3.6.1.4.1.311.10.6.2"
1787#endif
1788
1789#ifndef szOID_KP_SMARTCARD_LOGON
1790#define szOID_KP_SMARTCARD_LOGON "1.3.6.1.4.1.311.20.2.2"
1791#endif
1792
1793#define szOID_KP_KERNEL_MODE_CODE_SIGNING "1.3.6.1.4.1.311.61.1.1"
1794#define szOID_KP_KERNEL_MODE_TRUSTED_BOOT_SIGNING "1.3.6.1.4.1.311.61.4.1"
1795#define szOID_REVOKED_LIST_SIGNER "1.3.6.1.4.1.311.10.3.19"
1796#define szOID_WINDOWS_KITS_SIGNER "1.3.6.1.4.1.311.10.3.20"
1797#define szOID_WINDOWS_RT_SIGNER "1.3.6.1.4.1.311.10.3.21"
1798#define szOID_PROTECTED_PROCESS_LIGHT_SIGNER "1.3.6.1.4.1.311.10.3.22"
1799#define szOID_WINDOWS_TCB_SIGNER "1.3.6.1.4.1.311.10.3.23"
1800#define szOID_PROTECTED_PROCESS_SIGNER "1.3.6.1.4.1.311.10.3.24"
1801#define szOID_WINDOWS_THIRD_PARTY_COMPONENT_SIGNER "1.3.6.1.4.1.311.10.3.25"
1802#define szOID_WINDOWS_SOFTWARE_EXTENSION_SIGNER "1.3.6.1.4.1.311.10.3.26"
1803#define szOID_DISALLOWED_LIST "1.3.6.1.4.1.311.10.3.30"
1804#define szOID_PIN_RULES_SIGNER "1.3.6.1.4.1.311.10.3.31"
1805#define szOID_PIN_RULES_CTL "1.3.6.1.4.1.311.10.3.32"
1806#define szOID_PIN_RULES_EXT "1.3.6.1.4.1.311.10.3.33"
1807#define szOID_PIN_RULES_DOMAIN_NAME "1.3.6.1.4.1.311.10.3.34"
1808#define szOID_PIN_RULES_LOG_END_DATE_EXT "1.3.6.1.4.1.311.10.3.35"
1809#define szOID_IUM_SIGNING "1.3.6.1.4.1.311.10.3.37"
1810#define szOID_EV_WHQL_CRYPTO "1.3.6.1.4.1.311.10.3.39"
1811#define szOID_BIOMETRIC_SIGNING "1.3.6.1.4.1.311.10.3.41"
1812#define szOID_ENCLAVE_SIGNING "1.3.6.1.4.1.311.10.3.42"
1813#define szOID_SYNC_ROOT_CTL_EXT "1.3.6.1.4.1.311.10.3.50"
1814#define szOID_HPKP_DOMAIN_NAME_CTL "1.3.6.1.4.1.311.10.3.60"
1815#define szOID_HPKP_HEADER_VALUE_CTL "1.3.6.1.4.1.311.10.3.61"
1816#define szOID_KP_KERNEL_MODE_HAL_EXTENSION_SIGNING "1.3.6.1.4.1.311.61.5.1"
1817#define szOID_WINDOWS_STORE_SIGNER "1.3.6.1.4.1.311.76.3.1"
1818#define szOID_DYNAMIC_CODE_GEN_SIGNER "1.3.6.1.4.1.311.76.5.1"
1819#define szOID_MICROSOFT_PUBLISHER_SIGNER "1.3.6.1.4.1.311.76.8.1"
1820#define szOID_YESNO_TRUST_ATTR "1.3.6.1.4.1.311.10.4.1"
1821#define szOID_SITE_PIN_RULES_INDEX_ATTR "1.3.6.1.4.1.311.10.4.2"
1822#define szOID_SITE_PIN_RULES_FLAGS_ATTR "1.3.6.1.4.1.311.10.4.3"
1823
1824#define SITE_PIN_RULES_ALL_SUBDOMAINS_FLAG 0x1
1825
1826#define szOID_PKIX_POLICY_QUALIFIER_CPS "1.3.6.1.5.5.7.2.1"
1827#define szOID_PKIX_POLICY_QUALIFIER_USERNOTICE "1.3.6.1.5.5.7.2.2"
1828
1829#define szOID_ROOT_PROGRAM_FLAGS "1.3.6.1.4.1.311.60.1.1"
1830#define CERT_ROOT_PROGRAM_FLAG_ORG 0x80
1831#define CERT_ROOT_PROGRAM_FLAG_LSC 0x40
1832#define CERT_ROOT_PROGRAM_FLAG_SUBJECT_LOGO 0x20
1833#define CERT_ROOT_PROGRAM_FLAG_OU 0x10
1834#define CERT_ROOT_PROGRAM_FLAG_ADDRESS 0x08
1835
1836#define szOID_CERT_POLICIES_95_QUALIFIER1 "2.16.840.1.113733.1.7.1.1"
1837
1838#define szOID_RDN_TPM_MANUFACTURER "2.23.133.2.1"
1839#define szOID_RDN_TPM_MODEL "2.23.133.2.2"
1840#define szOID_RDN_TPM_VERSION "2.23.133.2.3"
1841
1842#define szOID_RDN_TCG_PLATFORM_MANUFACTURER "2.23.133.2.4"
1843#define szOID_RDN_TCG_PLATFORM_MODEL "2.23.133.2.5"
1844#define szOID_RDN_TCG_PLATFORM_VERSION "2.23.133.2.6"
1845
1846#define szOID_CT_CERT_SCTLIST "1.3.6.1.4.1.11129.2.4.2"
1847
1848#define szOID_ENROLL_EK_INFO "1.3.6.1.4.1.311.21.23"
1849#define szOID_ENROLL_AIK_INFO "1.3.6.1.4.1.311.21.39"
1850#define szOID_ENROLL_ATTESTATION_STATEMENT "1.3.6.1.4.1.311.21.24"
1851
1852#define szOID_ENROLL_KSP_NAME "1.3.6.1.4.1.311.21.25"
1853
1854#define szOID_ENROLL_EKPUB_CHALLENGE "1.3.6.1.4.1.311.21.26"
1855#define szOID_ENROLL_CAXCHGCERT_HASH "1.3.6.1.4.1.311.21.27"
1856#define szOID_ENROLL_ATTESTATION_CHALLENGE "1.3.6.1.4.1.311.21.28"
1857#define szOID_ENROLL_ENCRYPTION_ALGORITHM "1.3.6.1.4.1.311.21.29"
1858
1859#define szOID_KP_TPM_EK_CERTIFICATE "2.23.133.8.1"
1860#define szOID_KP_TPM_PLATFORM_CERTIFICATE "2.23.133.8.2"
1861#define szOID_KP_TPM_AIK_CERTIFICATE "2.23.133.8.3"
1862
1863#define szOID_ENROLL_EKVERIFYKEY "1.3.6.1.4.1.311.21.30"
1864#define szOID_ENROLL_EKVERIFYCERT "1.3.6.1.4.1.311.21.31"
1865#define szOID_ENROLL_EKVERIFYCREDS "1.3.6.1.4.1.311.21.32"
1866
1867#define szOID_ENROLL_SCEP_ERROR "1.3.6.1.4.1.311.21.33"
1868
1869#define szOID_ENROLL_SCEP_SERVER_STATE "1.3.6.1.4.1.311.21.34"
1870#define szOID_ENROLL_SCEP_CHALLENGE_ANSWER "1.3.6.1.4.1.311.21.35"
1871#define szOID_ENROLL_SCEP_CLIENT_REQUEST "1.3.6.1.4.1.311.21.37"
1872#define szOID_ENROLL_SCEP_SERVER_MESSAGE "1.3.6.1.4.1.311.21.38"
1873#define szOID_ENROLL_SCEP_SERVER_SECRET "1.3.6.1.4.1.311.21.40"
1874
1875#define szOID_ENROLL_KEY_AFFINITY "1.3.6.1.4.1.311.21.41"
1876
1877#define szOID_ENROLL_SCEP_SIGNER_HASH "1.3.6.1.4.1.311.21.42"
1878
1879#define szOID_ENROLL_EK_CA_KEYID "1.3.6.1.4.1.311.21.43"
1880
1881#define szOID_ATTR_SUPPORTED_ALGORITHMS "2.5.4.52"
1882#define szOID_ATTR_TPM_SPECIFICATION "2.23.133.2.16"
1883#define szOID_ATTR_PLATFORM_SPECIFICATION "2.23.133.2.17"
1884#define szOID_ATTR_TPM_SECURITY_ASSERTIONS "2.23.133.2.18"
1885
1886 typedef struct _CERT_EXTENSIONS {
1887 DWORD cExtension;
1888 PCERT_EXTENSION rgExtension;
1889 } CERT_EXTENSIONS,*PCERT_EXTENSIONS;
1890
1891#define CERT_UNICODE_RDN_ERR_INDEX_MASK 0x3ff
1892#define CERT_UNICODE_RDN_ERR_INDEX_SHIFT 22
1893#define CERT_UNICODE_ATTR_ERR_INDEX_MASK 0x3f
1894#define CERT_UNICODE_ATTR_ERR_INDEX_SHIFT 16
1895#define CERT_UNICODE_VALUE_ERR_INDEX_MASK 0xffff
1896#define CERT_UNICODE_VALUE_ERR_INDEX_SHIFT 0
1897
1898#define GET_CERT_UNICODE_RDN_ERR_INDEX(X) ((X >> CERT_UNICODE_RDN_ERR_INDEX_SHIFT) &CERT_UNICODE_RDN_ERR_INDEX_MASK)
1899#define GET_CERT_UNICODE_ATTR_ERR_INDEX(X) ((X >> CERT_UNICODE_ATTR_ERR_INDEX_SHIFT) &CERT_UNICODE_ATTR_ERR_INDEX_MASK)
1900#define GET_CERT_UNICODE_VALUE_ERR_INDEX(X) (X &CERT_UNICODE_VALUE_ERR_INDEX_MASK)
1901
1902 typedef struct _CERT_AUTHORITY_KEY_ID_INFO {
1903 CRYPT_DATA_BLOB KeyId;
1904 CERT_NAME_BLOB CertIssuer;
1905 CRYPT_INTEGER_BLOB CertSerialNumber;
1906 } CERT_AUTHORITY_KEY_ID_INFO,*PCERT_AUTHORITY_KEY_ID_INFO;
1907
1908 typedef struct _CERT_PRIVATE_KEY_VALIDITY {
1909 FILETIME NotBefore;
1910 FILETIME NotAfter;
1911 } CERT_PRIVATE_KEY_VALIDITY,*PCERT_PRIVATE_KEY_VALIDITY;
1912
1913 typedef struct _CERT_KEY_ATTRIBUTES_INFO {
1914 CRYPT_DATA_BLOB KeyId;
1915 CRYPT_BIT_BLOB IntendedKeyUsage;
1916 PCERT_PRIVATE_KEY_VALIDITY pPrivateKeyUsagePeriod;
1917 } CERT_KEY_ATTRIBUTES_INFO,*PCERT_KEY_ATTRIBUTES_INFO;
1918
1919#define CERT_ENCIPHER_ONLY_KEY_USAGE 0x01
1920#define CERT_CRL_SIGN_KEY_USAGE 0x02
1921#define CERT_OFFLINE_CRL_SIGN_KEY_USAGE 0x02
1922#define CERT_KEY_CERT_SIGN_KEY_USAGE 0x04
1923#define CERT_KEY_AGREEMENT_KEY_USAGE 0x08
1924#define CERT_DATA_ENCIPHERMENT_KEY_USAGE 0x10
1925#define CERT_KEY_ENCIPHERMENT_KEY_USAGE 0x20
1926#define CERT_NON_REPUDIATION_KEY_USAGE 0x40
1927#define CERT_DIGITAL_SIGNATURE_KEY_USAGE 0x80
1928
1929#define CERT_DECIPHER_ONLY_KEY_USAGE 0x80
1930
1931 typedef struct _CERT_POLICY_ID {
1932 DWORD cCertPolicyElementId;
1933 LPSTR *rgpszCertPolicyElementId;
1934 } CERT_POLICY_ID,*PCERT_POLICY_ID;
1935
1936 typedef struct _CERT_KEY_USAGE_RESTRICTION_INFO {
1937 DWORD cCertPolicyId;
1938 PCERT_POLICY_ID rgCertPolicyId;
1939 CRYPT_BIT_BLOB RestrictedKeyUsage;
1940 } CERT_KEY_USAGE_RESTRICTION_INFO,*PCERT_KEY_USAGE_RESTRICTION_INFO;
1941
1942 typedef struct _CERT_OTHER_NAME {
1943 LPSTR pszObjId;
1944 CRYPT_OBJID_BLOB Value;
1945 } CERT_OTHER_NAME,*PCERT_OTHER_NAME;
1946
1947 typedef struct _CERT_ALT_NAME_ENTRY {
1948 DWORD dwAltNameChoice;
1949 __C89_NAMELESS union {
1950 PCERT_OTHER_NAME pOtherName;
1951 LPWSTR pwszRfc822Name;
1952 LPWSTR pwszDNSName;
1953 /* CERT_DATA_BLOB is not documented, and x400Address is documented
1954 * to be not implemented; commented out to prevent compile errors
1955 * see http://msdn.microsoft.com/en-us/library/aa377173.aspx for
1956 * CERT_ALT_NAME_ENTRY documentation where this is specified.
1957 CERT_DATA_BLOB x400Address;
1958 */
1959 CERT_NAME_BLOB DirectoryName;
1960 /* pEdiPartyName is not implemented, either. see:
1961 * http://msdn.microsoft.com/en-us/library/aa924681.aspx or
1962 * http://msdn.microsoft.com/en-us/library/aa377173.aspx
1963 LPWSTR pEdiPartyName;
1964 */
1965 LPWSTR pwszURL;
1966 CRYPT_DATA_BLOB IPAddress;
1967 LPSTR pszRegisteredID;
1968 };
1969 } CERT_ALT_NAME_ENTRY,*PCERT_ALT_NAME_ENTRY;
1970
1971#define CERT_ALT_NAME_OTHER_NAME 1
1972#define CERT_ALT_NAME_RFC822_NAME 2
1973#define CERT_ALT_NAME_DNS_NAME 3
1974#define CERT_ALT_NAME_X400_ADDRESS 4
1975#define CERT_ALT_NAME_DIRECTORY_NAME 5
1976#define CERT_ALT_NAME_EDI_PARTY_NAME 6
1977#define CERT_ALT_NAME_URL 7
1978#define CERT_ALT_NAME_IP_ADDRESS 8
1979#define CERT_ALT_NAME_REGISTERED_ID 9
1980
1981 typedef struct _CERT_ALT_NAME_INFO {
1982 DWORD cAltEntry;
1983 PCERT_ALT_NAME_ENTRY rgAltEntry;
1984 } CERT_ALT_NAME_INFO,*PCERT_ALT_NAME_INFO;
1985#define CERT_ALT_NAME_ENTRY_ERR_INDEX_MASK 0xff
1986#define CERT_ALT_NAME_ENTRY_ERR_INDEX_SHIFT 16
1987#define CERT_ALT_NAME_VALUE_ERR_INDEX_MASK 0x0000ffff
1988#define CERT_ALT_NAME_VALUE_ERR_INDEX_SHIFT 0
1989
1990#define GET_CERT_ALT_NAME_ENTRY_ERR_INDEX(X) ((X >> CERT_ALT_NAME_ENTRY_ERR_INDEX_SHIFT) &CERT_ALT_NAME_ENTRY_ERR_INDEX_MASK)
1991#define GET_CERT_ALT_NAME_VALUE_ERR_INDEX(X) (X &CERT_ALT_NAME_VALUE_ERR_INDEX_MASK)
1992
1993 typedef struct _CERT_BASIC_CONSTRAINTS_INFO {
1994 CRYPT_BIT_BLOB SubjectType;
1995 WINBOOL fPathLenConstraint;
1996 DWORD dwPathLenConstraint;
1997 DWORD cSubtreesConstraint;
1998 CERT_NAME_BLOB *rgSubtreesConstraint;
1999 } CERT_BASIC_CONSTRAINTS_INFO, *PCERT_BASIC_CONSTRAINTS_INFO;
2000
2001#define CERT_CA_SUBJECT_FLAG 0x80
2002#define CERT_END_ENTITY_SUBJECT_FLAG 0x40
2003
2004 typedef struct _CERT_BASIC_CONSTRAINTS2_INFO {
2005 WINBOOL fCA;
2006 WINBOOL fPathLenConstraint;
2007 DWORD dwPathLenConstraint;
2008 } CERT_BASIC_CONSTRAINTS2_INFO,*PCERT_BASIC_CONSTRAINTS2_INFO;
2009
2010 typedef struct _CERT_POLICY_QUALIFIER_INFO {
2011 LPSTR pszPolicyQualifierId;
2012 CRYPT_OBJID_BLOB Qualifier;
2013 } CERT_POLICY_QUALIFIER_INFO,*PCERT_POLICY_QUALIFIER_INFO;
2014
2015 typedef struct _CERT_POLICY_INFO {
2016 LPSTR pszPolicyIdentifier;
2017 DWORD cPolicyQualifier;
2018 CERT_POLICY_QUALIFIER_INFO *rgPolicyQualifier;
2019 } CERT_POLICY_INFO,*PCERT_POLICY_INFO;
2020
2021 typedef struct _CERT_POLICIES_INFO {
2022 DWORD cPolicyInfo;
2023 CERT_POLICY_INFO *rgPolicyInfo;
2024 } CERT_POLICIES_INFO,*PCERT_POLICIES_INFO;
2025
2026 typedef struct _CERT_POLICY_QUALIFIER_NOTICE_REFERENCE {
2027 LPSTR pszOrganization;
2028 DWORD cNoticeNumbers;
2029 int *rgNoticeNumbers;
2030 } CERT_POLICY_QUALIFIER_NOTICE_REFERENCE,*PCERT_POLICY_QUALIFIER_NOTICE_REFERENCE;
2031
2032 typedef struct _CERT_POLICY_QUALIFIER_USER_NOTICE {
2033 CERT_POLICY_QUALIFIER_NOTICE_REFERENCE *pNoticeReference;
2034 LPWSTR pszDisplayText;
2035 } CERT_POLICY_QUALIFIER_USER_NOTICE,*PCERT_POLICY_QUALIFIER_USER_NOTICE;
2036
2037 typedef struct _CPS_URLS {
2038 LPWSTR pszURL;
2039 CRYPT_ALGORITHM_IDENTIFIER *pAlgorithm;
2040 CRYPT_DATA_BLOB *pDigest;
2041 } CPS_URLS,*PCPS_URLS;
2042
2043 typedef struct _CERT_POLICY95_QUALIFIER1 {
2044 LPWSTR pszPracticesReference;
2045 LPSTR pszNoticeIdentifier;
2046 LPSTR pszNSINoticeIdentifier;
2047 DWORD cCPSURLs;
2048 CPS_URLS *rgCPSURLs;
2049 } CERT_POLICY95_QUALIFIER1,*PCERT_POLICY95_QUALIFIER1;
2050
2051 typedef struct _CERT_POLICY_MAPPING {
2052 LPSTR pszIssuerDomainPolicy;
2053 LPSTR pszSubjectDomainPolicy;
2054 } CERT_POLICY_MAPPING,*PCERT_POLICY_MAPPING;
2055
2056 typedef struct _CERT_POLICY_MAPPINGS_INFO {
2057 DWORD cPolicyMapping;
2058 PCERT_POLICY_MAPPING rgPolicyMapping;
2059 } CERT_POLICY_MAPPINGS_INFO,*PCERT_POLICY_MAPPINGS_INFO;
2060
2061 typedef struct _CERT_POLICY_CONSTRAINTS_INFO {
2062 WINBOOL fRequireExplicitPolicy;
2063 DWORD dwRequireExplicitPolicySkipCerts;
2064 WINBOOL fInhibitPolicyMapping;
2065 DWORD dwInhibitPolicyMappingSkipCerts;
2066 } CERT_POLICY_CONSTRAINTS_INFO,*PCERT_POLICY_CONSTRAINTS_INFO;
2067
2068 typedef struct _CRYPT_CONTENT_INFO_SEQUENCE_OF_ANY {
2069 LPSTR pszObjId;
2070 DWORD cValue;
2071 PCRYPT_DER_BLOB rgValue;
2072 } CRYPT_CONTENT_INFO_SEQUENCE_OF_ANY,*PCRYPT_CONTENT_INFO_SEQUENCE_OF_ANY;
2073
2074 typedef struct _CRYPT_CONTENT_INFO {
2075 LPSTR pszObjId;
2076 CRYPT_DER_BLOB Content;
2077 } CRYPT_CONTENT_INFO,*PCRYPT_CONTENT_INFO;
2078
2079 typedef struct _CRYPT_SEQUENCE_OF_ANY {
2080 DWORD cValue;
2081 PCRYPT_DER_BLOB rgValue;
2082 } CRYPT_SEQUENCE_OF_ANY,*PCRYPT_SEQUENCE_OF_ANY;
2083
2084 typedef struct _CERT_AUTHORITY_KEY_ID2_INFO {
2085 CRYPT_DATA_BLOB KeyId;
2086 CERT_ALT_NAME_INFO AuthorityCertIssuer;
2087 CRYPT_INTEGER_BLOB AuthorityCertSerialNumber;
2088 } CERT_AUTHORITY_KEY_ID2_INFO,*PCERT_AUTHORITY_KEY_ID2_INFO;
2089
2090 typedef struct _CERT_ACCESS_DESCRIPTION {
2091 LPSTR pszAccessMethod;
2092 CERT_ALT_NAME_ENTRY AccessLocation;
2093 } CERT_ACCESS_DESCRIPTION,*PCERT_ACCESS_DESCRIPTION;
2094
2095 typedef struct _CERT_AUTHORITY_INFO_ACCESS {
2096 DWORD cAccDescr;
2097 PCERT_ACCESS_DESCRIPTION rgAccDescr;
2098 } CERT_AUTHORITY_INFO_ACCESS,*PCERT_AUTHORITY_INFO_ACCESS;
2099
2100 typedef CERT_AUTHORITY_INFO_ACCESS CERT_SUBJECT_INFO_ACCESS,*PCERT_SUBJECT_INFO_ACCESS;
2101
2102#define szOID_PKIX_ACC_DESCR "1.3.6.1.5.5.7.48"
2103#define szOID_PKIX_OCSP "1.3.6.1.5.5.7.48.1"
2104#define szOID_PKIX_CA_ISSUERS "1.3.6.1.5.5.7.48.2"
2105#define szOID_PKIX_TIME_STAMPING "1.3.6.1.5.5.7.48.3"
2106#define szOID_PKIX_CA_REPOSITORY "1.3.6.1.5.5.7.48.5"
2107
2108#define CRL_REASON_UNSPECIFIED 0
2109#define CRL_REASON_KEY_COMPROMISE 1
2110#define CRL_REASON_CA_COMPROMISE 2
2111#define CRL_REASON_AFFILIATION_CHANGED 3
2112#define CRL_REASON_SUPERSEDED 4
2113#define CRL_REASON_CESSATION_OF_OPERATION 5
2114#define CRL_REASON_CERTIFICATE_HOLD 6
2115#define CRL_REASON_REMOVE_FROM_CRL 8
2116#define CRL_REASON_PRIVILEGE_WITHDRAWN 9
2117#define CRL_REASON_AA_COMPROMISE 10
2118
2119 typedef struct _CRL_DIST_POINT_NAME {
2120 DWORD dwDistPointNameChoice;
2121 __C89_NAMELESS union {
2122 CERT_ALT_NAME_INFO FullName;
2123 };
2124 } CRL_DIST_POINT_NAME,*PCRL_DIST_POINT_NAME;
2125
2126#define CRL_DIST_POINT_NO_NAME 0
2127#define CRL_DIST_POINT_FULL_NAME 1
2128#define CRL_DIST_POINT_ISSUER_RDN_NAME 2
2129
2130 typedef struct _CRL_DIST_POINT {
2131 CRL_DIST_POINT_NAME DistPointName;
2132 CRYPT_BIT_BLOB ReasonFlags;
2133 CERT_ALT_NAME_INFO CRLIssuer;
2134 } CRL_DIST_POINT,*PCRL_DIST_POINT;
2135
2136#define CRL_REASON_UNUSED_FLAG 0x80
2137#define CRL_REASON_KEY_COMPROMISE_FLAG 0x40
2138#define CRL_REASON_CA_COMPROMISE_FLAG 0x20
2139#define CRL_REASON_AFFILIATION_CHANGED_FLAG 0x10
2140#define CRL_REASON_SUPERSEDED_FLAG 0x08
2141#define CRL_REASON_CESSATION_OF_OPERATION_FLAG 0x04
2142#define CRL_REASON_CERTIFICATE_HOLD_FLAG 0x02
2143#define CRL_REASON_PRIVILEGE_WITHDRAWN_FLAG 0x01
2144#define CRL_REASON_AA_COMPROMISE_FLAG 0x80
2145
2146 typedef struct _CRL_DIST_POINTS_INFO {
2147 DWORD cDistPoint;
2148 PCRL_DIST_POINT rgDistPoint;
2149 } CRL_DIST_POINTS_INFO,*PCRL_DIST_POINTS_INFO;
2150
2151#define CRL_DIST_POINT_ERR_INDEX_MASK 0x7f
2152#define CRL_DIST_POINT_ERR_INDEX_SHIFT 24
2153#define GET_CRL_DIST_POINT_ERR_INDEX(X) ((X >> CRL_DIST_POINT_ERR_INDEX_SHIFT) &CRL_DIST_POINT_ERR_INDEX_MASK)
2154
2155#define CRL_DIST_POINT_ERR_CRL_ISSUER_BIT __MSABI_LONG(0x80000000)
2156#define IS_CRL_DIST_POINT_ERR_CRL_ISSUER(X) (0 != (X & CRL_DIST_POINT_ERR_CRL_ISSUER_BIT))
2157
2158 typedef struct _CROSS_CERT_DIST_POINTS_INFO {
2159 DWORD dwSyncDeltaTime;
2160 DWORD cDistPoint;
2161 PCERT_ALT_NAME_INFO rgDistPoint;
2162 } CROSS_CERT_DIST_POINTS_INFO,*PCROSS_CERT_DIST_POINTS_INFO;
2163
2164#define CROSS_CERT_DIST_POINT_ERR_INDEX_MASK 0xff
2165#define CROSS_CERT_DIST_POINT_ERR_INDEX_SHIFT 24
2166#define GET_CROSS_CERT_DIST_POINT_ERR_INDEX(X) ((X >> CROSS_CERT_DIST_POINT_ERR_INDEX_SHIFT) &CROSS_CERT_DIST_POINT_ERR_INDEX_MASK)
2167
2168 typedef struct _CERT_PAIR {
2169 CERT_BLOB Forward;
2170 CERT_BLOB Reverse;
2171 } CERT_PAIR,*PCERT_PAIR;
2172
2173 typedef struct _CRL_ISSUING_DIST_POINT {
2174 CRL_DIST_POINT_NAME DistPointName;
2175 WINBOOL fOnlyContainsUserCerts;
2176 WINBOOL fOnlyContainsCACerts;
2177 CRYPT_BIT_BLOB OnlySomeReasonFlags;
2178 WINBOOL fIndirectCRL;
2179 } CRL_ISSUING_DIST_POINT,*PCRL_ISSUING_DIST_POINT;
2180
2181 typedef struct _CERT_GENERAL_SUBTREE {
2182 CERT_ALT_NAME_ENTRY Base;
2183 DWORD dwMinimum;
2184 WINBOOL fMaximum;
2185 DWORD dwMaximum;
2186 } CERT_GENERAL_SUBTREE,*PCERT_GENERAL_SUBTREE;
2187
2188 typedef struct _CERT_NAME_CONSTRAINTS_INFO {
2189 DWORD cPermittedSubtree;
2190 PCERT_GENERAL_SUBTREE rgPermittedSubtree;
2191 DWORD cExcludedSubtree;
2192 PCERT_GENERAL_SUBTREE rgExcludedSubtree;
2193 } CERT_NAME_CONSTRAINTS_INFO,*PCERT_NAME_CONSTRAINTS_INFO;
2194
2195#define CERT_EXCLUDED_SUBTREE_BIT __MSABI_LONG(0x80000000)
2196#define IS_CERT_EXCLUDED_SUBTREE(X) (0!=(X & CERT_EXCLUDED_SUBTREE_BIT))
2197
2198#define SORTED_CTL_EXT_FLAGS_OFFSET (0)
2199#define SORTED_CTL_EXT_COUNT_OFFSET (4)
2200#define SORTED_CTL_EXT_MAX_COLLISION_OFFSET (8)
2201#define SORTED_CTL_EXT_HASH_BUCKET_OFFSET (12)
2202
2203#define SORTED_CTL_EXT_HASHED_SUBJECT_IDENTIFIER_FLAG 0x1
2204
2205 typedef struct _CERT_DSS_PARAMETERS {
2206 CRYPT_UINT_BLOB p;
2207 CRYPT_UINT_BLOB q;
2208 CRYPT_UINT_BLOB g;
2209 } CERT_DSS_PARAMETERS,*PCERT_DSS_PARAMETERS;
2210
2211#define CERT_DSS_R_LEN 20
2212#define CERT_DSS_S_LEN 20
2213#define CERT_DSS_SIGNATURE_LEN (CERT_DSS_R_LEN + CERT_DSS_S_LEN)
2214
2215#define CERT_MAX_ASN_ENCODED_DSS_SIGNATURE_LEN (48)
2216
2217 typedef struct _CERT_DH_PARAMETERS {
2218 CRYPT_UINT_BLOB p;
2219 CRYPT_UINT_BLOB g;
2220 } CERT_DH_PARAMETERS,*PCERT_DH_PARAMETERS;
2221
2222 typedef struct _CERT_ECC_SIGNATURE {
2223 CRYPT_UINT_BLOB r;
2224 CRYPT_UINT_BLOB s;
2225 } CERT_ECC_SIGNATURE,*PCERT_ECC_SIGNATURE;
2226
2227 typedef struct _CERT_X942_DH_VALIDATION_PARAMS {
2228 CRYPT_BIT_BLOB seed;
2229 DWORD pgenCounter;
2230 } CERT_X942_DH_VALIDATION_PARAMS,*PCERT_X942_DH_VALIDATION_PARAMS;
2231
2232 typedef struct _CERT_X942_DH_PARAMETERS {
2233 CRYPT_UINT_BLOB p;
2234 CRYPT_UINT_BLOB g;
2235 CRYPT_UINT_BLOB q;
2236 CRYPT_UINT_BLOB j;
2237 PCERT_X942_DH_VALIDATION_PARAMS pValidationParams;
2238 } CERT_X942_DH_PARAMETERS,*PCERT_X942_DH_PARAMETERS;
2239
2240#define CRYPT_X942_COUNTER_BYTE_LENGTH 4
2241#define CRYPT_X942_KEY_LENGTH_BYTE_LENGTH 4
2242#define CRYPT_X942_PUB_INFO_BYTE_LENGTH (512/8)
2243
2244 typedef struct _CRYPT_X942_OTHER_INFO {
2245 LPSTR pszContentEncryptionObjId;
2246 BYTE rgbCounter[CRYPT_X942_COUNTER_BYTE_LENGTH];
2247 BYTE rgbKeyLength[CRYPT_X942_KEY_LENGTH_BYTE_LENGTH];
2248 CRYPT_DATA_BLOB PubInfo;
2249 } CRYPT_X942_OTHER_INFO,*PCRYPT_X942_OTHER_INFO;
2250
2251#define CRYPT_ECC_CMS_SHARED_INFO_SUPPPUBINFO_BYTE_LENGTH 4
2252
2253 typedef struct _CRYPT_ECC_CMS_SHARED_INFO {
2254 CRYPT_ALGORITHM_IDENTIFIER Algorithm;
2255 CRYPT_DATA_BLOB EntityUInfo;
2256 BYTE rgbSuppPubInfo[CRYPT_ECC_CMS_SHARED_INFO_SUPPPUBINFO_BYTE_LENGTH];
2257 } CRYPT_ECC_CMS_SHARED_INFO,*PCRYPT_ECC_CMS_SHARED_INFO;
2258
2259 typedef struct _CRYPT_RC2_CBC_PARAMETERS {
2260 DWORD dwVersion;
2261 WINBOOL fIV;
2262 BYTE rgbIV[8];
2263 } CRYPT_RC2_CBC_PARAMETERS,*PCRYPT_RC2_CBC_PARAMETERS;
2264
2265#define CRYPT_RC2_40BIT_VERSION 160
2266#define CRYPT_RC2_56BIT_VERSION 52
2267#define CRYPT_RC2_64BIT_VERSION 120
2268#define CRYPT_RC2_128BIT_VERSION 58
2269
2270 typedef struct _CRYPT_SMIME_CAPABILITY {
2271 LPSTR pszObjId;
2272 CRYPT_OBJID_BLOB Parameters;
2273 } CRYPT_SMIME_CAPABILITY,*PCRYPT_SMIME_CAPABILITY;
2274
2275 typedef struct _CRYPT_SMIME_CAPABILITIES {
2276 DWORD cCapability;
2277 PCRYPT_SMIME_CAPABILITY rgCapability;
2278 } CRYPT_SMIME_CAPABILITIES,*PCRYPT_SMIME_CAPABILITIES;
2279
2280 typedef struct _CERT_QC_STATEMENT {
2281 LPSTR pszStatementId;
2282 CRYPT_OBJID_BLOB StatementInfo;
2283 } CERT_QC_STATEMENT,*PCERT_QC_STATEMENT;
2284
2285 typedef struct _CERT_QC_STATEMENTS_EXT_INFO {
2286 DWORD cStatement;
2287 PCERT_QC_STATEMENT rgStatement;
2288 } CERT_QC_STATEMENTS_EXT_INFO,*PCERT_QC_STATEMENTS_EXT_INFO;
2289
2290#define szOID_QC_EU_COMPLIANCE "0.4.0.1862.1.1"
2291#define szOID_QC_SSCD "0.4.0.1862.1.4"
2292
2293 typedef struct _CRYPT_MASK_GEN_ALGORITHM {
2294 LPSTR pszObjId;
2295 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
2296 } CRYPT_MASK_GEN_ALGORITHM,*PCRYPT_MASK_GEN_ALGORITHM;
2297
2298 typedef struct _CRYPT_RSA_SSA_PSS_PARAMETERS {
2299 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
2300 CRYPT_MASK_GEN_ALGORITHM MaskGenAlgorithm;
2301 DWORD dwSaltLength;
2302 DWORD dwTrailerField;
2303 } CRYPT_RSA_SSA_PSS_PARAMETERS,*PCRYPT_RSA_SSA_PSS_PARAMETERS;
2304
2305#define PKCS_RSA_SSA_PSS_TRAILER_FIELD_BC 1
2306
2307 typedef struct _CRYPT_PSOURCE_ALGORITHM {
2308 LPSTR pszObjId;
2309 CRYPT_DATA_BLOB EncodingParameters;
2310 } CRYPT_PSOURCE_ALGORITHM,*PCRYPT_PSOURCE_ALGORITHM;
2311
2312 typedef struct _CRYPT_RSAES_OAEP_PARAMETERS {
2313 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
2314 CRYPT_MASK_GEN_ALGORITHM MaskGenAlgorithm;
2315 CRYPT_PSOURCE_ALGORITHM PSourceAlgorithm;
2316 } CRYPT_RSAES_OAEP_PARAMETERS,*PCRYPT_RSAES_OAEP_PARAMETERS;
2317
2318#define szOID_VERISIGN_PRIVATE_6_9 "2.16.840.1.113733.1.6.9"
2319#define szOID_VERISIGN_ONSITE_JURISDICTION_HASH "2.16.840.1.113733.1.6.11"
2320#define szOID_VERISIGN_BITSTRING_6_13 "2.16.840.1.113733.1.6.13"
2321
2322#define szOID_VERISIGN_ISS_STRONG_CRYPTO "2.16.840.1.113733.1.8.1"
2323
2324#define szOIDVerisign_MessageType "2.16.840.1.113733.1.9.2"
2325#define szOIDVerisign_PkiStatus "2.16.840.1.113733.1.9.3"
2326#define szOIDVerisign_FailInfo "2.16.840.1.113733.1.9.4"
2327
2328#define szOIDVerisign_SenderNonce "2.16.840.1.113733.1.9.5"
2329#define szOIDVerisign_RecipientNonce "2.16.840.1.113733.1.9.6"
2330
2331#define szOIDVerisign_TransactionID "2.16.840.1.113733.1.9.7"
2332
2333#define szOID_NETSCAPE "2.16.840.1.113730"
2334#define szOID_NETSCAPE_CERT_EXTENSION "2.16.840.1.113730.1"
2335#define szOID_NETSCAPE_CERT_TYPE "2.16.840.1.113730.1.1"
2336#define szOID_NETSCAPE_BASE_URL "2.16.840.1.113730.1.2"
2337#define szOID_NETSCAPE_REVOCATION_URL "2.16.840.1.113730.1.3"
2338#define szOID_NETSCAPE_CA_REVOCATION_URL "2.16.840.1.113730.1.4"
2339#define szOID_NETSCAPE_CERT_RENEWAL_URL "2.16.840.1.113730.1.7"
2340#define szOID_NETSCAPE_CA_POLICY_URL "2.16.840.1.113730.1.8"
2341#define szOID_NETSCAPE_SSL_SERVER_NAME "2.16.840.1.113730.1.12"
2342#define szOID_NETSCAPE_COMMENT "2.16.840.1.113730.1.13"
2343
2344#define szOID_NETSCAPE_DATA_TYPE "2.16.840.1.113730.2"
2345#define szOID_NETSCAPE_CERT_SEQUENCE "2.16.840.1.113730.2.5"
2346
2347#define NETSCAPE_SIGN_CA_CERT_TYPE 0x01
2348#define NETSCAPE_SMIME_CA_CERT_TYPE 0x02
2349#define NETSCAPE_SSL_CA_CERT_TYPE 0x04
2350#define NETSCAPE_SIGN_CERT_TYPE 0x10
2351#define NETSCAPE_SMIME_CERT_TYPE 0x20
2352#define NETSCAPE_SSL_SERVER_AUTH_CERT_TYPE 0x40
2353#define NETSCAPE_SSL_CLIENT_AUTH_CERT_TYPE 0x80
2354
2355#define szOID_CT_PKI_DATA "1.3.6.1.5.5.7.12.2"
2356#define szOID_CT_PKI_RESPONSE "1.3.6.1.5.5.7.12.3"
2357
2358#define szOID_PKIX_NO_SIGNATURE "1.3.6.1.5.5.7.6.2"
2359
2360#define szOID_CMC "1.3.6.1.5.5.7.7"
2361#define szOID_CMC_STATUS_INFO "1.3.6.1.5.5.7.7.1"
2362#define szOID_CMC_IDENTIFICATION "1.3.6.1.5.5.7.7.2"
2363#define szOID_CMC_IDENTITY_PROOF "1.3.6.1.5.5.7.7.3"
2364#define szOID_CMC_DATA_RETURN "1.3.6.1.5.5.7.7.4"
2365#define szOID_CMC_TRANSACTION_ID "1.3.6.1.5.5.7.7.5"
2366#define szOID_CMC_SENDER_NONCE "1.3.6.1.5.5.7.7.6"
2367#define szOID_CMC_RECIPIENT_NONCE "1.3.6.1.5.5.7.7.7"
2368#define szOID_CMC_ADD_EXTENSIONS "1.3.6.1.5.5.7.7.8"
2369#define szOID_CMC_ENCRYPTED_POP "1.3.6.1.5.5.7.7.9"
2370#define szOID_CMC_DECRYPTED_POP "1.3.6.1.5.5.7.7.10"
2371#define szOID_CMC_LRA_POP_WITNESS "1.3.6.1.5.5.7.7.11"
2372#define szOID_CMC_GET_CERT "1.3.6.1.5.5.7.7.15"
2373#define szOID_CMC_GET_CRL "1.3.6.1.5.5.7.7.16"
2374#define szOID_CMC_REVOKE_REQUEST "1.3.6.1.5.5.7.7.17"
2375#define szOID_CMC_REG_INFO "1.3.6.1.5.5.7.7.18"
2376#define szOID_CMC_RESPONSE_INFO "1.3.6.1.5.5.7.7.19"
2377#define szOID_CMC_QUERY_PENDING "1.3.6.1.5.5.7.7.21"
2378#define szOID_CMC_ID_POP_LINK_RANDOM "1.3.6.1.5.5.7.7.22"
2379#define szOID_CMC_ID_POP_LINK_WITNESS "1.3.6.1.5.5.7.7.23"
2380#define szOID_CMC_ID_CONFIRM_CERT_ACCEPTANCE "1.3.6.1.5.5.7.7.24"
2381
2382#define szOID_CMC_ADD_ATTRIBUTES "1.3.6.1.4.1.311.10.10.1"
2383
2384 typedef struct _CMC_TAGGED_ATTRIBUTE {
2385 DWORD dwBodyPartID;
2386 CRYPT_ATTRIBUTE Attribute;
2387 } CMC_TAGGED_ATTRIBUTE,*PCMC_TAGGED_ATTRIBUTE;
2388
2389 typedef struct _CMC_TAGGED_CERT_REQUEST {
2390 DWORD dwBodyPartID;
2391 CRYPT_DER_BLOB SignedCertRequest;
2392 } CMC_TAGGED_CERT_REQUEST,*PCMC_TAGGED_CERT_REQUEST;
2393
2394 typedef struct _CMC_TAGGED_REQUEST {
2395 DWORD dwTaggedRequestChoice;
2396 __C89_NAMELESS union {
2397 PCMC_TAGGED_CERT_REQUEST pTaggedCertRequest;
2398 };
2399 } CMC_TAGGED_REQUEST,*PCMC_TAGGED_REQUEST;
2400
2401#define CMC_TAGGED_CERT_REQUEST_CHOICE 1
2402
2403 typedef struct _CMC_TAGGED_CONTENT_INFO {
2404 DWORD dwBodyPartID;
2405 CRYPT_DER_BLOB EncodedContentInfo;
2406 } CMC_TAGGED_CONTENT_INFO,*PCMC_TAGGED_CONTENT_INFO;
2407
2408 typedef struct _CMC_TAGGED_OTHER_MSG {
2409 DWORD dwBodyPartID;
2410 LPSTR pszObjId;
2411 CRYPT_OBJID_BLOB Value;
2412 } CMC_TAGGED_OTHER_MSG,*PCMC_TAGGED_OTHER_MSG;
2413
2414 typedef struct _CMC_DATA_INFO {
2415 DWORD cTaggedAttribute;
2416 PCMC_TAGGED_ATTRIBUTE rgTaggedAttribute;
2417 DWORD cTaggedRequest;
2418 PCMC_TAGGED_REQUEST rgTaggedRequest;
2419 DWORD cTaggedContentInfo;
2420 PCMC_TAGGED_CONTENT_INFO rgTaggedContentInfo;
2421 DWORD cTaggedOtherMsg;
2422 PCMC_TAGGED_OTHER_MSG rgTaggedOtherMsg;
2423 } CMC_DATA_INFO,*PCMC_DATA_INFO;
2424
2425 typedef struct _CMC_RESPONSE_INFO {
2426 DWORD cTaggedAttribute;
2427 PCMC_TAGGED_ATTRIBUTE rgTaggedAttribute;
2428 DWORD cTaggedContentInfo;
2429 PCMC_TAGGED_CONTENT_INFO rgTaggedContentInfo;
2430 DWORD cTaggedOtherMsg;
2431 PCMC_TAGGED_OTHER_MSG rgTaggedOtherMsg;
2432 } CMC_RESPONSE_INFO,*PCMC_RESPONSE_INFO;
2433
2434 typedef struct _CMC_PEND_INFO {
2435 CRYPT_DATA_BLOB PendToken;
2436 FILETIME PendTime;
2437 } CMC_PEND_INFO,*PCMC_PEND_INFO;
2438
2439 typedef struct _CMC_STATUS_INFO {
2440 DWORD dwStatus;
2441 DWORD cBodyList;
2442 DWORD *rgdwBodyList;
2443 LPWSTR pwszStatusString;
2444 DWORD dwOtherInfoChoice;
2445 __C89_NAMELESS union {
2446 DWORD dwFailInfo;
2447 PCMC_PEND_INFO pPendInfo;
2448 };
2449 } CMC_STATUS_INFO,*PCMC_STATUS_INFO;
2450
2451#define CMC_OTHER_INFO_NO_CHOICE 0
2452#define CMC_OTHER_INFO_FAIL_CHOICE 1
2453#define CMC_OTHER_INFO_PEND_CHOICE 2
2454
2455#define CMC_STATUS_SUCCESS 0
2456#define CMC_STATUS_FAILED 2
2457#define CMC_STATUS_PENDING 3
2458#define CMC_STATUS_NO_SUPPORT 4
2459#define CMC_STATUS_CONFIRM_REQUIRED 5
2460
2461#define CMC_FAIL_BAD_ALG 0
2462#define CMC_FAIL_BAD_MESSAGE_CHECK 1
2463#define CMC_FAIL_BAD_REQUEST 2
2464#define CMC_FAIL_BAD_TIME 3
2465#define CMC_FAIL_BAD_CERT_ID 4
2466#define CMC_FAIL_UNSUPORTED_EXT 5
2467#define CMC_FAIL_MUST_ARCHIVE_KEYS 6
2468#define CMC_FAIL_BAD_IDENTITY 7
2469#define CMC_FAIL_POP_REQUIRED 8
2470#define CMC_FAIL_POP_FAILED 9
2471#define CMC_FAIL_NO_KEY_REUSE 10
2472#define CMC_FAIL_INTERNAL_CA_ERROR 11
2473#define CMC_FAIL_TRY_LATER 12
2474
2475 typedef struct _CMC_ADD_EXTENSIONS_INFO {
2476 DWORD dwCmcDataReference;
2477 DWORD cCertReference;
2478 DWORD *rgdwCertReference;
2479 DWORD cExtension;
2480 PCERT_EXTENSION rgExtension;
2481 } CMC_ADD_EXTENSIONS_INFO,*PCMC_ADD_EXTENSIONS_INFO;
2482
2483 typedef struct _CMC_ADD_ATTRIBUTES_INFO {
2484 DWORD dwCmcDataReference;
2485 DWORD cCertReference;
2486 DWORD *rgdwCertReference;
2487 DWORD cAttribute;
2488 PCRYPT_ATTRIBUTE rgAttribute;
2489 } CMC_ADD_ATTRIBUTES_INFO,*PCMC_ADD_ATTRIBUTES_INFO;
2490
2491 typedef struct _CERT_TEMPLATE_EXT {
2492 LPSTR pszObjId;
2493 DWORD dwMajorVersion;
2494 WINBOOL fMinorVersion;
2495 DWORD dwMinorVersion;
2496 } CERT_TEMPLATE_EXT,*PCERT_TEMPLATE_EXT;
2497
2498 typedef struct _CERT_HASHED_URL {
2499 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
2500 CRYPT_HASH_BLOB Hash;
2501 LPWSTR pwszUrl;
2502 } CERT_HASHED_URL,*PCERT_HASHED_URL;
2503
2504 typedef struct _CERT_LOGOTYPE_DETAILS {
2505 LPWSTR pwszMimeType;
2506 DWORD cHashedUrl;
2507 PCERT_HASHED_URL rgHashedUrl;
2508 } CERT_LOGOTYPE_DETAILS,*PCERT_LOGOTYPE_DETAILS;
2509
2510 typedef struct _CERT_LOGOTYPE_REFERENCE {
2511 DWORD cHashedUrl;
2512 PCERT_HASHED_URL rgHashedUrl;
2513 } CERT_LOGOTYPE_REFERENCE,*PCERT_LOGOTYPE_REFERENCE;
2514
2515 typedef struct _CERT_LOGOTYPE_IMAGE_INFO {
2516 DWORD dwLogotypeImageInfoChoice;
2517 DWORD dwFileSize;
2518 DWORD dwXSize;
2519 DWORD dwYSize;
2520 DWORD dwLogotypeImageResolutionChoice;
2521 __C89_NAMELESS union {
2522 DWORD dwNumBits;
2523 DWORD dwTableSize;
2524 };
2525 LPWSTR pwszLanguage;
2526 } CERT_LOGOTYPE_IMAGE_INFO,*PCERT_LOGOTYPE_IMAGE_INFO;
2527
2528#define CERT_LOGOTYPE_GRAY_SCALE_IMAGE_INFO_CHOICE 1
2529#define CERT_LOGOTYPE_COLOR_IMAGE_INFO_CHOICE 2
2530
2531#define CERT_LOGOTYPE_NO_IMAGE_RESOLUTION_CHOICE 0
2532#define CERT_LOGOTYPE_BITS_IMAGE_RESOLUTION_CHOICE 1
2533#define CERT_LOGOTYPE_TABLE_SIZE_IMAGE_RESOLUTION_CHOICE 2
2534
2535 typedef struct _CERT_LOGOTYPE_IMAGE {
2536 CERT_LOGOTYPE_DETAILS LogotypeDetails;
2537 PCERT_LOGOTYPE_IMAGE_INFO pLogotypeImageInfo;
2538 } CERT_LOGOTYPE_IMAGE,*PCERT_LOGOTYPE_IMAGE;
2539
2540 typedef struct _CERT_LOGOTYPE_AUDIO_INFO {
2541 DWORD dwFileSize;
2542 DWORD dwPlayTime;
2543 DWORD dwChannels;
2544 DWORD dwSampleRate;
2545 LPWSTR pwszLanguage;
2546 } CERT_LOGOTYPE_AUDIO_INFO,*PCERT_LOGOTYPE_AUDIO_INFO;
2547
2548 typedef struct _CERT_LOGOTYPE_AUDIO {
2549 CERT_LOGOTYPE_DETAILS LogotypeDetails;
2550 PCERT_LOGOTYPE_AUDIO_INFO pLogotypeAudioInfo;
2551 } CERT_LOGOTYPE_AUDIO,*PCERT_LOGOTYPE_AUDIO;
2552
2553 typedef struct _CERT_LOGOTYPE_DATA {
2554 DWORD cLogotypeImage;
2555 PCERT_LOGOTYPE_IMAGE rgLogotypeImage;
2556 DWORD cLogotypeAudio;
2557 PCERT_LOGOTYPE_AUDIO rgLogotypeAudio;
2558 } CERT_LOGOTYPE_DATA,*PCERT_LOGOTYPE_DATA;
2559
2560 typedef struct _CERT_LOGOTYPE_INFO {
2561 DWORD dwLogotypeInfoChoice;
2562 __C89_NAMELESS union {
2563 PCERT_LOGOTYPE_DATA pLogotypeDirectInfo;
2564 PCERT_LOGOTYPE_REFERENCE pLogotypeIndirectInfo;
2565 };
2566 } CERT_LOGOTYPE_INFO,*PCERT_LOGOTYPE_INFO;
2567
2568#define CERT_LOGOTYPE_DIRECT_INFO_CHOICE 1
2569#define CERT_LOGOTYPE_INDIRECT_INFO_CHOICE 2
2570
2571 typedef struct _CERT_OTHER_LOGOTYPE_INFO {
2572 LPSTR pszObjId;
2573 CERT_LOGOTYPE_INFO LogotypeInfo;
2574 } CERT_OTHER_LOGOTYPE_INFO,*PCERT_OTHER_LOGOTYPE_INFO;
2575
2576#define szOID_LOYALTY_OTHER_LOGOTYPE "1.3.6.1.5.5.7.20.1"
2577#define szOID_BACKGROUND_OTHER_LOGOTYPE "1.3.6.1.5.5.7.20.2"
2578
2579 typedef struct _CERT_LOGOTYPE_EXT_INFO {
2580 DWORD cCommunityLogo;
2581 PCERT_LOGOTYPE_INFO rgCommunityLogo;
2582 PCERT_LOGOTYPE_INFO pIssuerLogo;
2583 PCERT_LOGOTYPE_INFO pSubjectLogo;
2584 DWORD cOtherLogo;
2585 PCERT_OTHER_LOGOTYPE_INFO rgOtherLogo;
2586 } CERT_LOGOTYPE_EXT_INFO,*PCERT_LOGOTYPE_EXT_INFO;
2587
2588 typedef struct _CERT_BIOMETRIC_DATA {
2589 DWORD dwTypeOfBiometricDataChoice;
2590 __C89_NAMELESS union {
2591 DWORD dwPredefined;
2592 LPSTR pszObjId;
2593 };
2594 CERT_HASHED_URL HashedUrl;
2595 } CERT_BIOMETRIC_DATA,*PCERT_BIOMETRIC_DATA;
2596
2597#define CERT_BIOMETRIC_PREDEFINED_DATA_CHOICE 1
2598#define CERT_BIOMETRIC_OID_DATA_CHOICE 2
2599
2600#define CERT_BIOMETRIC_PICTURE_TYPE 0
2601#define CERT_BIOMETRIC_SIGNATURE_TYPE 1
2602
2603 typedef struct _CERT_BIOMETRIC_EXT_INFO {
2604 DWORD cBiometricData;
2605 PCERT_BIOMETRIC_DATA rgBiometricData;
2606 } CERT_BIOMETRIC_EXT_INFO,*PCERT_BIOMETRIC_EXT_INFO;
2607
2608 typedef struct _OCSP_SIGNATURE_INFO {
2609 CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm;
2610 CRYPT_BIT_BLOB Signature;
2611 DWORD cCertEncoded;
2612 PCERT_BLOB rgCertEncoded;
2613 } OCSP_SIGNATURE_INFO,*POCSP_SIGNATURE_INFO;
2614
2615 typedef struct _OCSP_SIGNED_REQUEST_INFO {
2616 CRYPT_DER_BLOB ToBeSigned;
2617 POCSP_SIGNATURE_INFO pOptionalSignatureInfo;
2618 } OCSP_SIGNED_REQUEST_INFO,*POCSP_SIGNED_REQUEST_INFO;
2619
2620 typedef struct _OCSP_CERT_ID {
2621 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
2622 CRYPT_HASH_BLOB IssuerNameHash;
2623 CRYPT_HASH_BLOB IssuerKeyHash;
2624 CRYPT_INTEGER_BLOB SerialNumber;
2625 } OCSP_CERT_ID,*POCSP_CERT_ID;
2626
2627 typedef struct _OCSP_REQUEST_ENTRY {
2628 OCSP_CERT_ID CertId;
2629 DWORD cExtension;
2630 PCERT_EXTENSION rgExtension;
2631 } OCSP_REQUEST_ENTRY,*POCSP_REQUEST_ENTRY;
2632
2633 typedef struct _OCSP_REQUEST_INFO {
2634 DWORD dwVersion;
2635 PCERT_ALT_NAME_ENTRY pRequestorName;
2636 DWORD cRequestEntry;
2637 POCSP_REQUEST_ENTRY rgRequestEntry;
2638 DWORD cExtension;
2639 PCERT_EXTENSION rgExtension;
2640 } OCSP_REQUEST_INFO,*POCSP_REQUEST_INFO;
2641
2642#define OCSP_REQUEST_V1 0
2643
2644 typedef struct _OCSP_RESPONSE_INFO {
2645 DWORD dwStatus;
2646 LPSTR pszObjId;
2647 CRYPT_OBJID_BLOB Value;
2648 } OCSP_RESPONSE_INFO,*POCSP_RESPONSE_INFO;
2649
2650#define OCSP_SUCCESSFUL_RESPONSE 0
2651#define OCSP_MALFORMED_REQUEST_RESPONSE 1
2652#define OCSP_INTERNAL_ERROR_RESPONSE 2
2653#define OCSP_TRY_LATER_RESPONSE 3
2654#define OCSP_SIG_REQUIRED_RESPONSE 5
2655#define OCSP_UNAUTHORIZED_RESPONSE 6
2656
2657#define szOID_PKIX_OCSP_BASIC_SIGNED_RESPONSE "1.3.6.1.5.5.7.48.1.1"
2658
2659 typedef struct _OCSP_BASIC_SIGNED_RESPONSE_INFO {
2660 CRYPT_DER_BLOB ToBeSigned;
2661 OCSP_SIGNATURE_INFO SignatureInfo;
2662 } OCSP_BASIC_SIGNED_RESPONSE_INFO,*POCSP_BASIC_SIGNED_RESPONSE_INFO;
2663
2664 typedef struct _OCSP_BASIC_REVOKED_INFO {
2665 FILETIME RevocationDate;
2666 DWORD dwCrlReasonCode;
2667 } OCSP_BASIC_REVOKED_INFO,*POCSP_BASIC_REVOKED_INFO;
2668
2669 typedef struct _OCSP_BASIC_RESPONSE_ENTRY {
2670 OCSP_CERT_ID CertId;
2671 DWORD dwCertStatus;
2672 __C89_NAMELESS union {
2673 POCSP_BASIC_REVOKED_INFO pRevokedInfo;
2674 };
2675 FILETIME ThisUpdate;
2676 FILETIME NextUpdate;
2677 DWORD cExtension;
2678 PCERT_EXTENSION rgExtension;
2679 } OCSP_BASIC_RESPONSE_ENTRY,*POCSP_BASIC_RESPONSE_ENTRY;
2680
2681#define OCSP_BASIC_GOOD_CERT_STATUS 0
2682#define OCSP_BASIC_REVOKED_CERT_STATUS 1
2683#define OCSP_BASIC_UNKNOWN_CERT_STATUS 2
2684
2685 typedef struct _OCSP_BASIC_RESPONSE_INFO {
2686 DWORD dwVersion;
2687 DWORD dwResponderIdChoice;
2688 __C89_NAMELESS union {
2689 CERT_NAME_BLOB ByNameResponderId;
2690 CRYPT_HASH_BLOB ByKeyResponderId;
2691 };
2692 FILETIME ProducedAt;
2693 DWORD cResponseEntry;
2694 POCSP_BASIC_RESPONSE_ENTRY rgResponseEntry;
2695 DWORD cExtension;
2696 PCERT_EXTENSION rgExtension;
2697 } OCSP_BASIC_RESPONSE_INFO,*POCSP_BASIC_RESPONSE_INFO;
2698
2699#define OCSP_BASIC_RESPONSE_V1 0
2700#define OCSP_BASIC_BY_NAME_RESPONDER_ID 1
2701#define OCSP_BASIC_BY_KEY_RESPONDER_ID 2
2702
2703 typedef struct _CERT_SUPPORTED_ALGORITHM_INFO {
2704 CRYPT_ALGORITHM_IDENTIFIER Algorithm;
2705 CRYPT_BIT_BLOB IntendedKeyUsage;
2706 CERT_POLICIES_INFO IntendedCertPolicies;
2707 } CERT_SUPPORTED_ALGORITHM_INFO, *PCERT_SUPPORTED_ALGORITHM_INFO;
2708
2709 typedef struct _CERT_TPM_SPECIFICATION_INFO {
2710 LPWSTR pwszFamily;
2711 DWORD dwLevel;
2712 DWORD dwRevision;
2713 } CERT_TPM_SPECIFICATION_INFO, *PCERT_TPM_SPECIFICATION_INFO;
2714
2715 typedef void *HCRYPTOIDFUNCSET;
2716 typedef void *HCRYPTOIDFUNCADDR;
2717
2718#define CRYPT_OID_ENCODE_OBJECT_FUNC "CryptDllEncodeObject"
2719#define CRYPT_OID_DECODE_OBJECT_FUNC "CryptDllDecodeObject"
2720#define CRYPT_OID_ENCODE_OBJECT_EX_FUNC "CryptDllEncodeObjectEx"
2721#define CRYPT_OID_DECODE_OBJECT_EX_FUNC "CryptDllDecodeObjectEx"
2722#define CRYPT_OID_CREATE_COM_OBJECT_FUNC "CryptDllCreateCOMObject"
2723#define CRYPT_OID_VERIFY_REVOCATION_FUNC "CertDllVerifyRevocation"
2724#define CRYPT_OID_VERIFY_CTL_USAGE_FUNC "CertDllVerifyCTLUsage"
2725#define CRYPT_OID_FORMAT_OBJECT_FUNC "CryptDllFormatObject"
2726#define CRYPT_OID_FIND_OID_INFO_FUNC "CryptDllFindOIDInfo"
2727#define CRYPT_OID_FIND_LOCALIZED_NAME_FUNC "CryptDllFindLocalizedName"
2728
2729#define CRYPT_OID_REGPATH "Software\\Microsoft\\Cryptography\\OID"
2730#define CRYPT_OID_REG_ENCODING_TYPE_PREFIX "EncodingType "
2731#define CRYPT_OID_REG_DLL_VALUE_NAME L"Dll"
2732#define CRYPT_OID_REG_FUNC_NAME_VALUE_NAME L"FuncName"
2733#define CRYPT_OID_REG_FUNC_NAME_VALUE_NAME_A "FuncName"
2734
2735#define CRYPT_OID_REG_FLAGS_VALUE_NAME L"CryptFlags"
2736
2737#define CRYPT_DEFAULT_OID "DEFAULT"
2738
2739 typedef struct _CRYPT_OID_FUNC_ENTRY {
2740 LPCSTR pszOID;
2741 void *pvFuncAddr;
2742 } CRYPT_OID_FUNC_ENTRY,*PCRYPT_OID_FUNC_ENTRY;
2743
2744#define CRYPT_INSTALL_OID_FUNC_BEFORE_FLAG 1
2745#define CRYPT_GET_INSTALLED_OID_FUNC_FLAG 0x1
2746
2747#define CRYPT_REGISTER_FIRST_INDEX 0
2748#define CRYPT_REGISTER_LAST_INDEX 0xffffffff
2749
2750 WINIMPM WINBOOL WINAPI CryptInstallOIDFunctionAddress (HMODULE hModule, DWORD dwEncodingType, LPCSTR pszFuncName, DWORD cFuncEntry, const CRYPT_OID_FUNC_ENTRY rgFuncEntry[], DWORD dwFlags);
2751 WINIMPM HCRYPTOIDFUNCSET WINAPI CryptInitOIDFunctionSet (LPCSTR pszFuncName, DWORD dwFlags);
2752 WINIMPM WINBOOL WINAPI CryptGetOIDFunctionAddress (HCRYPTOIDFUNCSET hFuncSet, DWORD dwEncodingType, LPCSTR pszOID, DWORD dwFlags, void **ppvFuncAddr, HCRYPTOIDFUNCADDR *phFuncAddr);
2753 WINIMPM WINBOOL WINAPI CryptGetDefaultOIDDllList (HCRYPTOIDFUNCSET hFuncSet, DWORD dwEncodingType, WCHAR *pwszDllList, DWORD *pcchDllList);
2754 WINIMPM WINBOOL WINAPI CryptGetDefaultOIDFunctionAddress (HCRYPTOIDFUNCSET hFuncSet, DWORD dwEncodingType, LPCWSTR pwszDll, DWORD dwFlags, void **ppvFuncAddr, HCRYPTOIDFUNCADDR *phFuncAddr);
2755 WINIMPM WINBOOL WINAPI CryptFreeOIDFunctionAddress (HCRYPTOIDFUNCADDR hFuncAddr, DWORD dwFlags);
2756 WINIMPM WINBOOL WINAPI CryptRegisterOIDFunction (DWORD dwEncodingType, LPCSTR pszFuncName, LPCSTR pszOID, LPCWSTR pwszDll, LPCSTR pszOverrideFuncName);
2757 WINIMPM WINBOOL WINAPI CryptUnregisterOIDFunction (DWORD dwEncodingType, LPCSTR pszFuncName, LPCSTR pszOID);
2758 WINIMPM WINBOOL WINAPI CryptRegisterDefaultOIDFunction (DWORD dwEncodingType, LPCSTR pszFuncName, DWORD dwIndex, LPCWSTR pwszDll);
2759 WINIMPM WINBOOL WINAPI CryptUnregisterDefaultOIDFunction (DWORD dwEncodingType, LPCSTR pszFuncName, LPCWSTR pwszDll);
2760 WINIMPM WINBOOL WINAPI CryptSetOIDFunctionValue (DWORD dwEncodingType, LPCSTR pszFuncName, LPCSTR pszOID, LPCWSTR pwszValueName, DWORD dwValueType, const BYTE *pbValueData, DWORD cbValueData);
2761 WINIMPM WINBOOL WINAPI CryptGetOIDFunctionValue (DWORD dwEncodingType, LPCSTR pszFuncName, LPCSTR pszOID, LPCWSTR pwszValueName, DWORD *pdwValueType, BYTE *pbValueData, DWORD *pcbValueData);
2762
2763 typedef WINBOOL (WINAPI *PFN_CRYPT_ENUM_OID_FUNC) (DWORD dwEncodingType, LPCSTR pszFuncName, LPCSTR pszOID, DWORD cValue, const DWORD rgdwValueType[], LPCWSTR const rgpwszValueName[], const BYTE *const rgpbValueData[], const DWORD rgcbValueData[], void *pvArg);
2764
2765 WINIMPM WINBOOL WINAPI CryptEnumOIDFunction (DWORD dwEncodingType, LPCSTR pszFuncName, LPCSTR pszOID, DWORD dwFlags, void *pvArg, PFN_CRYPT_ENUM_OID_FUNC pfnEnumOIDFunc);
2766
2767#define CRYPT_MATCH_ANY_ENCODING_TYPE 0xffffffff
2768#define CALG_OID_INFO_CNG_ONLY 0xffffffff
2769#define CALG_OID_INFO_PARAMETERS 0xfffffffe
2770#define IS_SPECIAL_OID_INFO_ALGID(Algid) (Algid >= CALG_OID_INFO_PARAMETERS)
2771
2772#define CRYPT_OID_INFO_HASH_PARAMETERS_ALGORITHM L"CryptOIDInfoHashParameters"
2773#define CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM L"CryptOIDInfoECCParameters"
2774#define CRYPT_OID_INFO_MGF1_PARAMETERS_ALGORITHM L"CryptOIDInfoMgf1Parameters"
2775#define CRYPT_OID_INFO_NO_SIGN_ALGORITHM L"CryptOIDInfoNoSign"
2776#define CRYPT_OID_INFO_OAEP_PARAMETERS_ALGORITHM L"CryptOIDInfoOAEPParameters"
2777#define CRYPT_OID_INFO_ECC_WRAP_PARAMETERS_ALGORITHM L"CryptOIDInfoECCWrapParameters"
2778#define CRYPT_OID_INFO_NO_PARAMETERS_ALGORITHM L"CryptOIDInfoNoParameters"
2779
2780 typedef struct _CRYPT_OID_INFO {
2781 DWORD cbSize;
2782 LPCSTR pszOID;
2783 LPCWSTR pwszName;
2784 DWORD dwGroupId;
2785 __C89_NAMELESS union {
2786 DWORD dwValue;
2787 ALG_ID Algid;
2788 DWORD dwLength;
2789 };
2790 CRYPT_DATA_BLOB ExtraInfo;
2791#ifdef CRYPT_OID_INFO_HAS_EXTRA_FIELDS
2792 LPCWSTR pwszCNGAlgid;
2793 LPCWSTR pwszCNGExtraAlgid;
2794#endif
2795 } CRYPT_OID_INFO,*PCRYPT_OID_INFO;
2796
2797 typedef const CRYPT_OID_INFO CCRYPT_OID_INFO,*PCCRYPT_OID_INFO;
2798
2799#define CRYPT_HASH_ALG_OID_GROUP_ID 1
2800#define CRYPT_ENCRYPT_ALG_OID_GROUP_ID 2
2801#define CRYPT_PUBKEY_ALG_OID_GROUP_ID 3
2802#define CRYPT_SIGN_ALG_OID_GROUP_ID 4
2803#define CRYPT_RDN_ATTR_OID_GROUP_ID 5
2804#define CRYPT_EXT_OR_ATTR_OID_GROUP_ID 6
2805#define CRYPT_ENHKEY_USAGE_OID_GROUP_ID 7
2806#define CRYPT_POLICY_OID_GROUP_ID 8
2807#define CRYPT_TEMPLATE_OID_GROUP_ID 9
2808#define CRYPT_KDF_OID_GROUP_ID 10
2809#define CRYPT_LAST_OID_GROUP_ID 10
2810
2811#define CRYPT_FIRST_ALG_OID_GROUP_ID CRYPT_HASH_ALG_OID_GROUP_ID
2812#define CRYPT_LAST_ALG_OID_GROUP_ID CRYPT_SIGN_ALG_OID_GROUP_ID
2813
2814#define CRYPT_OID_INHIBIT_SIGNATURE_FORMAT_FLAG 0x1
2815#define CRYPT_OID_USE_PUBKEY_PARA_FOR_PKCS7_FLAG 0x2
2816#define CRYPT_OID_NO_NULL_ALGORITHM_PARA_FLAG 0x4
2817
2818#define CRYPT_OID_PUBKEY_ENCRYPT_ONLY_FLAG 0x40000000
2819#define CRYPT_OID_PUBKEY_SIGN_ONLY_FLAG 0x80000000
2820#define CRYPT_OID_USE_CURVE_NAME_FOR_ENCODE_FLAG 0x20000000
2821#define CRYPT_OID_USE_CURVE_PARAMETERS_FOR_ENCODE_FLAG 0x10000000
2822
2823 WINIMPM PCCRYPT_OID_INFO WINAPI CryptFindOIDInfo (DWORD dwKeyType, void *pvKey, DWORD dwGroupId);
2824
2825#define CRYPT_OID_INFO_OID_KEY 1
2826#define CRYPT_OID_INFO_NAME_KEY 2
2827#define CRYPT_OID_INFO_ALGID_KEY 3
2828#define CRYPT_OID_INFO_SIGN_KEY 4
2829#define CRYPT_OID_INFO_CNG_ALGID_KEY 5
2830#define CRYPT_OID_INFO_CNG_SIGN_KEY 6
2831
2832#define CRYPT_OID_INFO_OID_KEY_FLAGS_MASK 0xffff0000
2833#define CRYPT_OID_INFO_PUBKEY_SIGN_KEY_FLAG 0x80000000
2834#define CRYPT_OID_INFO_PUBKEY_ENCRYPT_KEY_FLAG 0x40000000
2835
2836#define CRYPT_OID_DISABLE_SEARCH_DS_FLAG 0x80000000
2837
2838#ifdef CRYPT_OID_INFO_HAS_EXTRA_FIELDS
2839#define CRYPT_OID_PREFER_CNG_ALGID_FLAG 0x40000000
2840#endif
2841
2842#define CRYPT_OID_INFO_OID_GROUP_BIT_LEN_MASK 0x0fff0000
2843#define CRYPT_OID_INFO_OID_GROUP_BIT_LEN_SHIFT 16
2844
2845#define CRYPT_INSTALL_OID_INFO_BEFORE_FLAG 1
2846
2847 typedef WINBOOL (WINAPI *PFN_CRYPT_ENUM_OID_INFO) (PCCRYPT_OID_INFO pInfo, void *pvArg);
2848
2849 WINIMPM WINBOOL WINAPI CryptRegisterOIDInfo (PCCRYPT_OID_INFO pInfo, DWORD dwFlags);
2850 WINIMPM WINBOOL WINAPI CryptUnregisterOIDInfo (PCCRYPT_OID_INFO pInfo);
2851 WINIMPM WINBOOL WINAPI CryptEnumOIDInfo (DWORD dwGroupId, DWORD dwFlags, void *pvArg, PFN_CRYPT_ENUM_OID_INFO pfnEnumOIDInfo);
2852 WINIMPM LPCWSTR WINAPI CryptFindLocalizedName (LPCWSTR pwszCryptName);
2853
2854#define CRYPT_LOCALIZED_NAME_ENCODING_TYPE 0
2855#define CRYPT_LOCALIZED_NAME_OID "LocalizedNames"
2856
2857#define CERT_STRONG_SIGN_ECDSA_ALGORITHM L"ECDSA"
2858
2859 typedef struct _CERT_STRONG_SIGN_SERIALIZED_INFO {
2860 DWORD dwFlags;
2861 LPWSTR pwszCNGSignHashAlgids;
2862 LPWSTR pwszCNGPubKeyMinBitLengths;
2863 } CERT_STRONG_SIGN_SERIALIZED_INFO,*PCERT_STRONG_SIGN_SERIALIZED_INFO;
2864
2865 typedef struct _CERT_STRONG_SIGN_PARA {
2866 DWORD cbSize;
2867 DWORD dwInfoChoice;
2868 __C89_NAMELESS union {
2869 void *pvInfo;
2870 PCERT_STRONG_SIGN_SERIALIZED_INFO pSerializedInfo;
2871 LPSTR pszOID;
2872 };
2873 } CERT_STRONG_SIGN_PARA,*PCERT_STRONG_SIGN_PARA;
2874
2875 typedef const CERT_STRONG_SIGN_PARA *PCCERT_STRONG_SIGN_PARA;
2876
2877#define CERT_STRONG_SIGN_SERIALIZED_INFO_CHOICE 1
2878#define CERT_STRONG_SIGN_OID_INFO_CHOICE 2
2879
2880#define CERT_STRONG_SIGN_ENABLE_CRL_CHECK 0x1
2881#define CERT_STRONG_SIGN_ENABLE_OCSP_CHECK 0x2
2882
2883#define szOID_CERT_STRONG_SIGN_OS_PREFIX "1.3.6.1.4.1.311.72.1."
2884
2885#define szOID_CERT_STRONG_SIGN_OS_1 "1.3.6.1.4.1.311.72.1.1"
2886#define szOID_CERT_STRONG_SIGN_OS_CURRENT szOID_CERT_STRONG_SIGN_OS_1
2887
2888#define CERT_STRONG_SIGN_PARA_OS_1 { sizeof (CERT_STRONG_SIGN_PARA), CERT_STRONG_SIGN_OID_INFO_CHOICE, szOID_CERT_STRONG_SIGN_OS_1 }
2889#define CERT_STRONG_SIGN_PARA_OS_CURRENT { sizeof (CERT_STRONG_SIGN_PARA), CERT_STRONG_SIGN_OID_INFO_CHOICE, szOID_CERT_STRONG_SIGN_OS_CURRENT }
2890
2891#define szOID_CERT_STRONG_KEY_OS_PREFIX "1.3.6.1.4.1.311.72.2."
2892#define szOID_CERT_STRONG_KEY_OS_1 "1.3.6.1.4.1.311.72.2.1"
2893#define szOID_CERT_STRONG_KEY_OS_CURRENT szOID_CERT_STRONG_KEY_OS_1
2894
2895#define CERT_STRONG_KEY_PARA_OS_1 { sizeof (CERT_STRONG_SIGN_PARA), CERT_STRONG_SIGN_OID_INFO_CHOICE, szOID_CERT_STRONG_KEY_OS_1 }
2896#define CERT_STRONG_KEY_PARA_OS_CURRENT { sizeof (CERT_STRONG_SIGN_PARA), CERT_STRONG_SIGN_OID_INFO_CHOICE, szOID_CERT_STRONG_KEY_OS_CURRENT }
2897
2898 typedef void *HCRYPTMSG;
2899
2900#define szOID_PKCS_7_DATA "1.2.840.113549.1.7.1"
2901#define szOID_PKCS_7_SIGNED "1.2.840.113549.1.7.2"
2902#define szOID_PKCS_7_ENVELOPED "1.2.840.113549.1.7.3"
2903#define szOID_PKCS_7_SIGNEDANDENVELOPED "1.2.840.113549.1.7.4"
2904#define szOID_PKCS_7_DIGESTED "1.2.840.113549.1.7.5"
2905#define szOID_PKCS_7_ENCRYPTED "1.2.840.113549.1.7.6"
2906
2907#define szOID_PKCS_9_CONTENT_TYPE "1.2.840.113549.1.9.3"
2908#define szOID_PKCS_9_MESSAGE_DIGEST "1.2.840.113549.1.9.4"
2909
2910#define CMSG_DATA 1
2911#define CMSG_SIGNED 2
2912#define CMSG_ENVELOPED 3
2913#define CMSG_SIGNED_AND_ENVELOPED 4
2914#define CMSG_HASHED 5
2915#define CMSG_ENCRYPTED 6
2916
2917#define CMSG_ALL_FLAGS (~__MSABI_LONG(0U))
2918#define CMSG_DATA_FLAG (1 << CMSG_DATA)
2919#define CMSG_SIGNED_FLAG (1 << CMSG_SIGNED)
2920#define CMSG_ENVELOPED_FLAG (1 << CMSG_ENVELOPED)
2921#define CMSG_SIGNED_AND_ENVELOPED_FLAG (1 << CMSG_SIGNED_AND_ENVELOPED)
2922#define CMSG_HASHED_FLAG (1 << CMSG_HASHED)
2923#define CMSG_ENCRYPTED_FLAG (1 << CMSG_ENCRYPTED)
2924
2925 typedef struct _CERT_ISSUER_SERIAL_NUMBER {
2926 CERT_NAME_BLOB Issuer;
2927 CRYPT_INTEGER_BLOB SerialNumber;
2928 } CERT_ISSUER_SERIAL_NUMBER,*PCERT_ISSUER_SERIAL_NUMBER;
2929
2930 typedef struct _CERT_ID {
2931 DWORD dwIdChoice;
2932 __C89_NAMELESS union {
2933 CERT_ISSUER_SERIAL_NUMBER IssuerSerialNumber;
2934 CRYPT_HASH_BLOB KeyId;
2935 CRYPT_HASH_BLOB HashId;
2936 };
2937 } CERT_ID,*PCERT_ID;
2938
2939#define CERT_ID_ISSUER_SERIAL_NUMBER 1
2940#define CERT_ID_KEY_IDENTIFIER 2
2941#define CERT_ID_SHA1_HASH 3
2942
2943 typedef struct _CMSG_SIGNER_ENCODE_INFO {
2944 DWORD cbSize;
2945 PCERT_INFO pCertInfo;
2946 __C89_NAMELESS union {
2947 HCRYPTPROV hCryptProv;
2948 NCRYPT_KEY_HANDLE hNCryptKey;
2949 };
2950 DWORD dwKeySpec;
2951 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
2952 void *pvHashAuxInfo;
2953 DWORD cAuthAttr;
2954 PCRYPT_ATTRIBUTE rgAuthAttr;
2955 DWORD cUnauthAttr;
2956 PCRYPT_ATTRIBUTE rgUnauthAttr;
2957#ifdef CMSG_SIGNER_ENCODE_INFO_HAS_CMS_FIELDS
2958 CERT_ID SignerId;
2959 CRYPT_ALGORITHM_IDENTIFIER HashEncryptionAlgorithm;
2960 void *pvHashEncryptionAuxInfo;
2961#endif
2962 } CMSG_SIGNER_ENCODE_INFO,*PCMSG_SIGNER_ENCODE_INFO;
2963
2964 typedef struct _CMSG_SIGNED_ENCODE_INFO {
2965 DWORD cbSize;
2966 DWORD cSigners;
2967 PCMSG_SIGNER_ENCODE_INFO rgSigners;
2968 DWORD cCertEncoded;
2969 PCERT_BLOB rgCertEncoded;
2970 DWORD cCrlEncoded;
2971 PCRL_BLOB rgCrlEncoded;
2972#ifdef CMSG_SIGNED_ENCODE_INFO_HAS_CMS_FIELDS
2973 DWORD cAttrCertEncoded;
2974 PCERT_BLOB rgAttrCertEncoded;
2975#endif
2976 } CMSG_SIGNED_ENCODE_INFO,*PCMSG_SIGNED_ENCODE_INFO;
2977
2978 typedef struct _CMSG_RECIPIENT_ENCODE_INFO CMSG_RECIPIENT_ENCODE_INFO,*PCMSG_RECIPIENT_ENCODE_INFO;
2979
2980 typedef struct _CMSG_ENVELOPED_ENCODE_INFO {
2981 DWORD cbSize;
2982 HCRYPTPROV_LEGACY hCryptProv;
2983 CRYPT_ALGORITHM_IDENTIFIER ContentEncryptionAlgorithm;
2984 void *pvEncryptionAuxInfo;
2985 DWORD cRecipients;
2986 PCERT_INFO *rgpRecipients;
2987#ifdef CMSG_ENVELOPED_ENCODE_INFO_HAS_CMS_FIELDS
2988 PCMSG_RECIPIENT_ENCODE_INFO rgCmsRecipients;
2989 DWORD cCertEncoded;
2990 PCERT_BLOB rgCertEncoded;
2991 DWORD cCrlEncoded;
2992 PCRL_BLOB rgCrlEncoded;
2993 DWORD cAttrCertEncoded;
2994 PCERT_BLOB rgAttrCertEncoded;
2995 DWORD cUnprotectedAttr;
2996 PCRYPT_ATTRIBUTE rgUnprotectedAttr;
2997#endif
2998 } CMSG_ENVELOPED_ENCODE_INFO,*PCMSG_ENVELOPED_ENCODE_INFO;
2999
3000 typedef struct _CMSG_KEY_TRANS_RECIPIENT_ENCODE_INFO {
3001 DWORD cbSize;
3002 CRYPT_ALGORITHM_IDENTIFIER KeyEncryptionAlgorithm;
3003 void *pvKeyEncryptionAuxInfo;
3004 HCRYPTPROV_LEGACY hCryptProv;
3005 CRYPT_BIT_BLOB RecipientPublicKey;
3006 CERT_ID RecipientId;
3007 } CMSG_KEY_TRANS_RECIPIENT_ENCODE_INFO,*PCMSG_KEY_TRANS_RECIPIENT_ENCODE_INFO;
3008
3009 typedef struct _CMSG_RECIPIENT_ENCRYPTED_KEY_ENCODE_INFO {
3010 DWORD cbSize;
3011 CRYPT_BIT_BLOB RecipientPublicKey;
3012 CERT_ID RecipientId;
3013 FILETIME Date;
3014 PCRYPT_ATTRIBUTE_TYPE_VALUE pOtherAttr;
3015 } CMSG_RECIPIENT_ENCRYPTED_KEY_ENCODE_INFO,*PCMSG_RECIPIENT_ENCRYPTED_KEY_ENCODE_INFO;
3016
3017 typedef struct _CMSG_KEY_AGREE_RECIPIENT_ENCODE_INFO {
3018 DWORD cbSize;
3019 CRYPT_ALGORITHM_IDENTIFIER KeyEncryptionAlgorithm;
3020 void *pvKeyEncryptionAuxInfo;
3021 CRYPT_ALGORITHM_IDENTIFIER KeyWrapAlgorithm;
3022 void *pvKeyWrapAuxInfo;
3023 HCRYPTPROV_LEGACY hCryptProv;
3024 DWORD dwKeySpec;
3025 DWORD dwKeyChoice;
3026 __C89_NAMELESS union {
3027 PCRYPT_ALGORITHM_IDENTIFIER pEphemeralAlgorithm;
3028 PCERT_ID pSenderId;
3029 };
3030 CRYPT_DATA_BLOB UserKeyingMaterial;
3031 DWORD cRecipientEncryptedKeys;
3032 PCMSG_RECIPIENT_ENCRYPTED_KEY_ENCODE_INFO *rgpRecipientEncryptedKeys;
3033 } CMSG_KEY_AGREE_RECIPIENT_ENCODE_INFO,*PCMSG_KEY_AGREE_RECIPIENT_ENCODE_INFO;
3034
3035#define CMSG_KEY_AGREE_EPHEMERAL_KEY_CHOICE 1
3036#define CMSG_KEY_AGREE_STATIC_KEY_CHOICE 2
3037
3038 typedef struct _CMSG_MAIL_LIST_RECIPIENT_ENCODE_INFO {
3039 DWORD cbSize;
3040 CRYPT_ALGORITHM_IDENTIFIER KeyEncryptionAlgorithm;
3041 void *pvKeyEncryptionAuxInfo;
3042 HCRYPTPROV hCryptProv;
3043 DWORD dwKeyChoice;
3044 __C89_NAMELESS union {
3045 HCRYPTKEY hKeyEncryptionKey;
3046 void *pvKeyEncryptionKey;
3047 };
3048 CRYPT_DATA_BLOB KeyId;
3049 FILETIME Date;
3050 PCRYPT_ATTRIBUTE_TYPE_VALUE pOtherAttr;
3051 } CMSG_MAIL_LIST_RECIPIENT_ENCODE_INFO,*PCMSG_MAIL_LIST_RECIPIENT_ENCODE_INFO;
3052
3053#define CMSG_MAIL_LIST_HANDLE_KEY_CHOICE 1
3054
3055#define CMSG_KEY_TRANS_RECIPIENT 1
3056#define CMSG_KEY_AGREE_RECIPIENT 2
3057#define CMSG_MAIL_LIST_RECIPIENT 3
3058
3059#define CMSG_RC4_NO_SALT_FLAG 0x40000000
3060#define CMSG_SP3_COMPATIBLE_ENCRYPT_FLAG 0x80000000
3061
3062 struct _CMSG_RECIPIENT_ENCODE_INFO {
3063 DWORD dwRecipientChoice;
3064 __C89_NAMELESS union {
3065 PCMSG_KEY_TRANS_RECIPIENT_ENCODE_INFO pKeyTrans;
3066 PCMSG_KEY_AGREE_RECIPIENT_ENCODE_INFO pKeyAgree;
3067 PCMSG_MAIL_LIST_RECIPIENT_ENCODE_INFO pMailList;
3068 };
3069 };
3070
3071 typedef struct _CMSG_RC2_AUX_INFO {
3072 DWORD cbSize;
3073 DWORD dwBitLen;
3074 } CMSG_RC2_AUX_INFO,*PCMSG_RC2_AUX_INFO;
3075
3076 typedef struct _CMSG_SP3_COMPATIBLE_AUX_INFO {
3077 DWORD cbSize;
3078 DWORD dwFlags;
3079 } CMSG_SP3_COMPATIBLE_AUX_INFO,*PCMSG_SP3_COMPATIBLE_AUX_INFO;
3080
3081 typedef struct _CMSG_RC4_AUX_INFO {
3082 DWORD cbSize;
3083 DWORD dwBitLen;
3084 } CMSG_RC4_AUX_INFO,*PCMSG_RC4_AUX_INFO;
3085
3086 typedef struct _CMSG_SIGNED_AND_ENVELOPED_ENCODE_INFO {
3087 DWORD cbSize;
3088 CMSG_SIGNED_ENCODE_INFO SignedInfo;
3089 CMSG_ENVELOPED_ENCODE_INFO EnvelopedInfo;
3090 } CMSG_SIGNED_AND_ENVELOPED_ENCODE_INFO,*PCMSG_SIGNED_AND_ENVELOPED_ENCODE_INFO;
3091
3092 typedef struct _CMSG_HASHED_ENCODE_INFO {
3093 DWORD cbSize;
3094 HCRYPTPROV_LEGACY hCryptProv;
3095 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
3096 void *pvHashAuxInfo;
3097 } CMSG_HASHED_ENCODE_INFO,*PCMSG_HASHED_ENCODE_INFO;
3098
3099 typedef struct _CMSG_ENCRYPTED_ENCODE_INFO {
3100 DWORD cbSize;
3101 CRYPT_ALGORITHM_IDENTIFIER ContentEncryptionAlgorithm;
3102 void *pvEncryptionAuxInfo;
3103 } CMSG_ENCRYPTED_ENCODE_INFO,*PCMSG_ENCRYPTED_ENCODE_INFO;
3104
3105 typedef WINBOOL (WINAPI *PFN_CMSG_STREAM_OUTPUT) (const void *pvArg, BYTE *pbData, DWORD cbData, WINBOOL fFinal);
3106
3107#define CMSG_INDEFINITE_LENGTH (0xffffffff)
3108
3109 typedef struct _CMSG_STREAM_INFO {
3110 DWORD cbContent;
3111 PFN_CMSG_STREAM_OUTPUT pfnStreamOutput;
3112 void *pvArg;
3113 } CMSG_STREAM_INFO,*PCMSG_STREAM_INFO;
3114
3115#define CMSG_BARE_CONTENT_FLAG 0x1
3116#define CMSG_LENGTH_ONLY_FLAG 0x2
3117#define CMSG_DETACHED_FLAG 0x4
3118#define CMSG_AUTHENTICATED_ATTRIBUTES_FLAG 0x8
3119#define CMSG_CONTENTS_OCTETS_FLAG 0x10
3120#define CMSG_MAX_LENGTH_FLAG 0x20
3121#define CMSG_CMS_ENCAPSULATED_CONTENT_FLAG 0x40
3122#define CMSG_SIGNED_DATA_NO_SIGN_FLAG 0x80
3123#define CMSG_CRYPT_RELEASE_CONTEXT_FLAG 0x8000
3124
3125 WINIMPM HCRYPTMSG WINAPI CryptMsgOpenToEncode (DWORD dwMsgEncodingType, DWORD dwFlags, DWORD dwMsgType, void const *pvMsgEncodeInfo, LPSTR pszInnerContentObjID, PCMSG_STREAM_INFO pStreamInfo);
3126 WINIMPM DWORD WINAPI CryptMsgCalculateEncodedLength (DWORD dwMsgEncodingType, DWORD dwFlags, DWORD dwMsgType, void const *pvMsgEncodeInfo, LPSTR pszInnerContentObjID, DWORD cbData);
3127 WINIMPM HCRYPTMSG WINAPI CryptMsgOpenToDecode (DWORD dwMsgEncodingType, DWORD dwFlags, DWORD dwMsgType, HCRYPTPROV_LEGACY hCryptProv, PCERT_INFO pRecipientInfo, PCMSG_STREAM_INFO pStreamInfo);
3128 WINIMPM HCRYPTMSG WINAPI CryptMsgDuplicate (HCRYPTMSG hCryptMsg);
3129 WINIMPM WINBOOL WINAPI CryptMsgClose (HCRYPTMSG hCryptMsg);
3130 WINIMPM WINBOOL WINAPI CryptMsgUpdate (HCRYPTMSG hCryptMsg, const BYTE *pbData, DWORD cbData, WINBOOL fFinal);
3131 WINIMPM WINBOOL WINAPI CryptMsgGetParam (HCRYPTMSG hCryptMsg, DWORD dwParamType, DWORD dwIndex, void *pvData, DWORD *pcbData);
3132
3133#define CMSG_TYPE_PARAM 1
3134#define CMSG_CONTENT_PARAM 2
3135#define CMSG_BARE_CONTENT_PARAM 3
3136#define CMSG_INNER_CONTENT_TYPE_PARAM 4
3137#define CMSG_SIGNER_COUNT_PARAM 5
3138#define CMSG_SIGNER_INFO_PARAM 6
3139#define CMSG_SIGNER_CERT_INFO_PARAM 7
3140#define CMSG_SIGNER_HASH_ALGORITHM_PARAM 8
3141#define CMSG_SIGNER_AUTH_ATTR_PARAM 9
3142#define CMSG_SIGNER_UNAUTH_ATTR_PARAM 10
3143#define CMSG_CERT_COUNT_PARAM 11
3144#define CMSG_CERT_PARAM 12
3145#define CMSG_CRL_COUNT_PARAM 13
3146#define CMSG_CRL_PARAM 14
3147#define CMSG_ENVELOPE_ALGORITHM_PARAM 15
3148#define CMSG_RECIPIENT_COUNT_PARAM 17
3149#define CMSG_RECIPIENT_INDEX_PARAM 18
3150#define CMSG_RECIPIENT_INFO_PARAM 19
3151#define CMSG_HASH_ALGORITHM_PARAM 20
3152#define CMSG_HASH_DATA_PARAM 21
3153#define CMSG_COMPUTED_HASH_PARAM 22
3154#define CMSG_ENCRYPT_PARAM 26
3155#define CMSG_ENCRYPTED_DIGEST 27
3156#define CMSG_ENCODED_SIGNER 28
3157#define CMSG_ENCODED_MESSAGE 29
3158#define CMSG_VERSION_PARAM 30
3159#define CMSG_ATTR_CERT_COUNT_PARAM 31
3160#define CMSG_ATTR_CERT_PARAM 32
3161#define CMSG_CMS_RECIPIENT_COUNT_PARAM 33
3162#define CMSG_CMS_RECIPIENT_INDEX_PARAM 34
3163#define CMSG_CMS_RECIPIENT_ENCRYPTED_KEY_INDEX_PARAM 35
3164#define CMSG_CMS_RECIPIENT_INFO_PARAM 36
3165#define CMSG_UNPROTECTED_ATTR_PARAM 37
3166#define CMSG_SIGNER_CERT_ID_PARAM 38
3167#define CMSG_CMS_SIGNER_INFO_PARAM 39
3168
3169 typedef struct _CMSG_SIGNER_INFO {
3170 DWORD dwVersion;
3171 CERT_NAME_BLOB Issuer;
3172 CRYPT_INTEGER_BLOB SerialNumber;
3173 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
3174 CRYPT_ALGORITHM_IDENTIFIER HashEncryptionAlgorithm;
3175 CRYPT_DATA_BLOB EncryptedHash;
3176 CRYPT_ATTRIBUTES AuthAttrs;
3177 CRYPT_ATTRIBUTES UnauthAttrs;
3178 } CMSG_SIGNER_INFO,*PCMSG_SIGNER_INFO;
3179
3180 typedef struct _CMSG_CMS_SIGNER_INFO {
3181 DWORD dwVersion;
3182 CERT_ID SignerId;
3183 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
3184 CRYPT_ALGORITHM_IDENTIFIER HashEncryptionAlgorithm;
3185 CRYPT_DATA_BLOB EncryptedHash;
3186 CRYPT_ATTRIBUTES AuthAttrs;
3187 CRYPT_ATTRIBUTES UnauthAttrs;
3188 } CMSG_CMS_SIGNER_INFO,*PCMSG_CMS_SIGNER_INFO;
3189
3190 typedef CRYPT_ATTRIBUTES CMSG_ATTR;
3191 typedef CRYPT_ATTRIBUTES *PCMSG_ATTR;
3192
3193#define CMSG_SIGNED_DATA_V1 1
3194#define CMSG_SIGNED_DATA_V3 3
3195#define CMSG_SIGNED_DATA_PKCS_1_5_VERSION CMSG_SIGNED_DATA_V1
3196#define CMSG_SIGNED_DATA_CMS_VERSION CMSG_SIGNED_DATA_V3
3197
3198#define CMSG_SIGNER_INFO_V1 1
3199#define CMSG_SIGNER_INFO_V3 3
3200#define CMSG_SIGNER_INFO_PKCS_1_5_VERSION CMSG_SIGNER_INFO_V1
3201#define CMSG_SIGNER_INFO_CMS_VERSION CMSG_SIGNER_INFO_V3
3202
3203#define CMSG_HASHED_DATA_V0 0
3204#define CMSG_HASHED_DATA_V2 2
3205#define CMSG_HASHED_DATA_PKCS_1_5_VERSION CMSG_HASHED_DATA_V0
3206#define CMSG_HASHED_DATA_CMS_VERSION CMSG_HASHED_DATA_V2
3207
3208#define CMSG_ENVELOPED_DATA_V0 0
3209#define CMSG_ENVELOPED_DATA_V2 2
3210#define CMSG_ENVELOPED_DATA_PKCS_1_5_VERSION CMSG_ENVELOPED_DATA_V0
3211#define CMSG_ENVELOPED_DATA_CMS_VERSION CMSG_ENVELOPED_DATA_V2
3212
3213 typedef struct _CMSG_KEY_TRANS_RECIPIENT_INFO {
3214 DWORD dwVersion;
3215 CERT_ID RecipientId;
3216 CRYPT_ALGORITHM_IDENTIFIER KeyEncryptionAlgorithm;
3217 CRYPT_DATA_BLOB EncryptedKey;
3218 } CMSG_KEY_TRANS_RECIPIENT_INFO,*PCMSG_KEY_TRANS_RECIPIENT_INFO;
3219
3220 typedef struct _CMSG_RECIPIENT_ENCRYPTED_KEY_INFO {
3221 CERT_ID RecipientId;
3222 CRYPT_DATA_BLOB EncryptedKey;
3223 FILETIME Date;
3224 PCRYPT_ATTRIBUTE_TYPE_VALUE pOtherAttr;
3225 } CMSG_RECIPIENT_ENCRYPTED_KEY_INFO,*PCMSG_RECIPIENT_ENCRYPTED_KEY_INFO;
3226
3227 typedef struct _CMSG_KEY_AGREE_RECIPIENT_INFO {
3228 DWORD dwVersion;
3229 DWORD dwOriginatorChoice;
3230 __C89_NAMELESS union {
3231 CERT_ID OriginatorCertId;
3232 CERT_PUBLIC_KEY_INFO OriginatorPublicKeyInfo;
3233 };
3234 CRYPT_DATA_BLOB UserKeyingMaterial;
3235 CRYPT_ALGORITHM_IDENTIFIER KeyEncryptionAlgorithm;
3236 DWORD cRecipientEncryptedKeys;
3237 PCMSG_RECIPIENT_ENCRYPTED_KEY_INFO *rgpRecipientEncryptedKeys;
3238 } CMSG_KEY_AGREE_RECIPIENT_INFO,*PCMSG_KEY_AGREE_RECIPIENT_INFO;
3239
3240#define CMSG_KEY_AGREE_ORIGINATOR_CERT 1
3241#define CMSG_KEY_AGREE_ORIGINATOR_PUBLIC_KEY 2
3242
3243 typedef struct _CMSG_MAIL_LIST_RECIPIENT_INFO {
3244 DWORD dwVersion;
3245 CRYPT_DATA_BLOB KeyId;
3246 CRYPT_ALGORITHM_IDENTIFIER KeyEncryptionAlgorithm;
3247 CRYPT_DATA_BLOB EncryptedKey;
3248 FILETIME Date;
3249 PCRYPT_ATTRIBUTE_TYPE_VALUE pOtherAttr;
3250 } CMSG_MAIL_LIST_RECIPIENT_INFO,*PCMSG_MAIL_LIST_RECIPIENT_INFO;
3251
3252 typedef struct _CMSG_CMS_RECIPIENT_INFO {
3253 DWORD dwRecipientChoice;
3254 __C89_NAMELESS union {
3255 PCMSG_KEY_TRANS_RECIPIENT_INFO pKeyTrans;
3256 PCMSG_KEY_AGREE_RECIPIENT_INFO pKeyAgree;
3257 PCMSG_MAIL_LIST_RECIPIENT_INFO pMailList;
3258 };
3259 } CMSG_CMS_RECIPIENT_INFO,*PCMSG_CMS_RECIPIENT_INFO;
3260
3261#define CMSG_ENVELOPED_RECIPIENT_V0 0
3262#define CMSG_ENVELOPED_RECIPIENT_V2 2
3263#define CMSG_ENVELOPED_RECIPIENT_V3 3
3264#define CMSG_ENVELOPED_RECIPIENT_V4 4
3265#define CMSG_KEY_TRANS_PKCS_1_5_VERSION CMSG_ENVELOPED_RECIPIENT_V0
3266#define CMSG_KEY_TRANS_CMS_VERSION CMSG_ENVELOPED_RECIPIENT_V2
3267#define CMSG_KEY_AGREE_VERSION CMSG_ENVELOPED_RECIPIENT_V3
3268#define CMSG_MAIL_LIST_VERSION CMSG_ENVELOPED_RECIPIENT_V4
3269
3270 WINIMPM WINBOOL WINAPI CryptMsgControl (HCRYPTMSG hCryptMsg, DWORD dwFlags, DWORD dwCtrlType, void const *pvCtrlPara);
3271
3272#define CMSG_CTRL_VERIFY_SIGNATURE 1
3273#define CMSG_CTRL_DECRYPT 2
3274#define CMSG_CTRL_VERIFY_HASH 5
3275#define CMSG_CTRL_ADD_SIGNER 6
3276#define CMSG_CTRL_DEL_SIGNER 7
3277#define CMSG_CTRL_ADD_SIGNER_UNAUTH_ATTR 8
3278#define CMSG_CTRL_DEL_SIGNER_UNAUTH_ATTR 9
3279#define CMSG_CTRL_ADD_CERT 10
3280#define CMSG_CTRL_DEL_CERT 11
3281#define CMSG_CTRL_ADD_CRL 12
3282#define CMSG_CTRL_DEL_CRL 13
3283#define CMSG_CTRL_ADD_ATTR_CERT 14
3284#define CMSG_CTRL_DEL_ATTR_CERT 15
3285#define CMSG_CTRL_KEY_TRANS_DECRYPT 16
3286#define CMSG_CTRL_KEY_AGREE_DECRYPT 17
3287#define CMSG_CTRL_MAIL_LIST_DECRYPT 18
3288#define CMSG_CTRL_VERIFY_SIGNATURE_EX 19
3289#define CMSG_CTRL_ADD_CMS_SIGNER_INFO 20
3290#define CMSG_CTRL_ENABLE_STRONG_SIGNATURE 21
3291
3292 typedef struct _CMSG_CTRL_VERIFY_SIGNATURE_EX_PARA {
3293 DWORD cbSize;
3294 HCRYPTPROV_LEGACY hCryptProv;
3295 DWORD dwSignerIndex;
3296 DWORD dwSignerType;
3297 void *pvSigner;
3298 } CMSG_CTRL_VERIFY_SIGNATURE_EX_PARA,*PCMSG_CTRL_VERIFY_SIGNATURE_EX_PARA;
3299
3300#define CMSG_VERIFY_SIGNER_PUBKEY 1
3301#define CMSG_VERIFY_SIGNER_CERT 2
3302#define CMSG_VERIFY_SIGNER_CHAIN 3
3303#define CMSG_VERIFY_SIGNER_NULL 4
3304
3305 typedef struct _CMSG_CTRL_DECRYPT_PARA {
3306 DWORD cbSize;
3307 __C89_NAMELESS union {
3308 HCRYPTPROV hCryptProv;
3309 NCRYPT_KEY_HANDLE hNCryptKey;
3310 };
3311 DWORD dwKeySpec;
3312 DWORD dwRecipientIndex;
3313 } CMSG_CTRL_DECRYPT_PARA,*PCMSG_CTRL_DECRYPT_PARA;
3314
3315 typedef struct _CMSG_CTRL_KEY_TRANS_DECRYPT_PARA {
3316 DWORD cbSize;
3317 __C89_NAMELESS union {
3318 HCRYPTPROV hCryptProv;
3319 NCRYPT_KEY_HANDLE hNCryptKey;
3320 };
3321 DWORD dwKeySpec;
3322 PCMSG_KEY_TRANS_RECIPIENT_INFO pKeyTrans;
3323 DWORD dwRecipientIndex;
3324 } CMSG_CTRL_KEY_TRANS_DECRYPT_PARA,*PCMSG_CTRL_KEY_TRANS_DECRYPT_PARA;
3325
3326 typedef struct _CMSG_CTRL_KEY_AGREE_DECRYPT_PARA {
3327 DWORD cbSize;
3328 __C89_NAMELESS union {
3329 HCRYPTPROV hCryptProv;
3330 NCRYPT_KEY_HANDLE hNCryptKey;
3331 };
3332 DWORD dwKeySpec;
3333 PCMSG_KEY_AGREE_RECIPIENT_INFO pKeyAgree;
3334 DWORD dwRecipientIndex;
3335 DWORD dwRecipientEncryptedKeyIndex;
3336 CRYPT_BIT_BLOB OriginatorPublicKey;
3337 } CMSG_CTRL_KEY_AGREE_DECRYPT_PARA,*PCMSG_CTRL_KEY_AGREE_DECRYPT_PARA;
3338
3339 typedef struct _CMSG_CTRL_MAIL_LIST_DECRYPT_PARA {
3340 DWORD cbSize;
3341 HCRYPTPROV hCryptProv;
3342 PCMSG_MAIL_LIST_RECIPIENT_INFO pMailList;
3343 DWORD dwRecipientIndex;
3344 DWORD dwKeyChoice;
3345 __C89_NAMELESS union {
3346 HCRYPTKEY hKeyEncryptionKey;
3347 void *pvKeyEncryptionKey;
3348 };
3349 } CMSG_CTRL_MAIL_LIST_DECRYPT_PARA,*PCMSG_CTRL_MAIL_LIST_DECRYPT_PARA;
3350
3351 typedef struct _CMSG_CTRL_ADD_SIGNER_UNAUTH_ATTR_PARA {
3352 DWORD cbSize;
3353 DWORD dwSignerIndex;
3354 CRYPT_DATA_BLOB blob;
3355 } CMSG_CTRL_ADD_SIGNER_UNAUTH_ATTR_PARA,*PCMSG_CTRL_ADD_SIGNER_UNAUTH_ATTR_PARA;
3356
3357 typedef struct _CMSG_CTRL_DEL_SIGNER_UNAUTH_ATTR_PARA {
3358 DWORD cbSize;
3359 DWORD dwSignerIndex;
3360 DWORD dwUnauthAttrIndex;
3361 } CMSG_CTRL_DEL_SIGNER_UNAUTH_ATTR_PARA,*PCMSG_CTRL_DEL_SIGNER_UNAUTH_ATTR_PARA;
3362
3363#define CMSG_VERIFY_COUNTER_SIGN_ENABLE_STRONG_FLAG 0x1
3364
3365 WINBOOL WINAPI CryptMsgVerifyCountersignatureEncoded (HCRYPTPROV_LEGACY hCryptProv, DWORD dwEncodingType, PBYTE pbSignerInfo, DWORD cbSignerInfo, PBYTE pbSignerInfoCountersignature, DWORD cbSignerInfoCountersignature, PCERT_INFO pciCountersigner);
3366 WINBOOL WINAPI CryptMsgVerifyCountersignatureEncodedEx (HCRYPTPROV_LEGACY hCryptProv, DWORD dwEncodingType, PBYTE pbSignerInfo, DWORD cbSignerInfo, PBYTE pbSignerInfoCountersignature, DWORD cbSignerInfoCountersignature, DWORD dwSignerType, void *pvSigner, DWORD dwFlags, void *pvExtra);
3367 WINBOOL WINAPI CryptMsgCountersign (HCRYPTMSG hCryptMsg, DWORD dwIndex, DWORD cCountersigners, PCMSG_SIGNER_ENCODE_INFO rgCountersigners);
3368 WINBOOL WINAPI CryptMsgCountersignEncoded (DWORD dwEncodingType, PBYTE pbSignerInfo, DWORD cbSignerInfo, DWORD cCountersigners, PCMSG_SIGNER_ENCODE_INFO rgCountersigners, PBYTE pbCountersignature, PDWORD pcbCountersignature);
3369
3370 typedef void *(WINAPI *PFN_CMSG_ALLOC) (size_t cb);
3371 typedef void (WINAPI *PFN_CMSG_FREE) (void *pv);
3372
3373#define CMSG_OID_GEN_ENCRYPT_KEY_FUNC "CryptMsgDllGenEncryptKey"
3374#define CMSG_OID_EXPORT_ENCRYPT_KEY_FUNC "CryptMsgDllExportEncryptKey"
3375#define CMSG_OID_IMPORT_ENCRYPT_KEY_FUNC "CryptMsgDllImportEncryptKey"
3376
3377 typedef WINBOOL (WINAPI *PFN_CMSG_GEN_ENCRYPT_KEY) (HCRYPTPROV *phCryptProv, PCRYPT_ALGORITHM_IDENTIFIER paiEncrypt, PVOID pvEncryptAuxInfo, PCERT_PUBLIC_KEY_INFO pPublicKeyInfo, PFN_CMSG_ALLOC pfnAlloc, HCRYPTKEY *phEncryptKey, PBYTE *ppbEncryptParameters, PDWORD pcbEncryptParameters);
3378 typedef WINBOOL (WINAPI *PFN_CMSG_EXPORT_ENCRYPT_KEY) (HCRYPTPROV hCryptProv, HCRYPTKEY hEncryptKey, PCERT_PUBLIC_KEY_INFO pPublicKeyInfo, PBYTE pbData, PDWORD pcbData);
3379 typedef WINBOOL (WINAPI *PFN_CMSG_IMPORT_ENCRYPT_KEY) (HCRYPTPROV hCryptProv, DWORD dwKeySpec, PCRYPT_ALGORITHM_IDENTIFIER paiEncrypt, PCRYPT_ALGORITHM_IDENTIFIER paiPubKey, PBYTE pbEncodedKey, DWORD cbEncodedKey, HCRYPTKEY *phEncryptKey);
3380
3381#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP)
3382
3383#define CMSG_DEFAULT_INSTALLABLE_FUNC_OID ((LPCSTR) 1)
3384
3385 typedef struct _CMSG_CONTENT_ENCRYPT_INFO {
3386 DWORD cbSize;
3387 HCRYPTPROV_LEGACY hCryptProv;
3388 CRYPT_ALGORITHM_IDENTIFIER ContentEncryptionAlgorithm;
3389 void *pvEncryptionAuxInfo;
3390 DWORD cRecipients;
3391 PCMSG_RECIPIENT_ENCODE_INFO rgCmsRecipients;
3392 PFN_CMSG_ALLOC pfnAlloc;
3393 PFN_CMSG_FREE pfnFree;
3394 DWORD dwEncryptFlags;
3395 __C89_NAMELESS union {
3396 HCRYPTKEY hContentEncryptKey;
3397 BCRYPT_KEY_HANDLE hCNGContentEncryptKey;
3398 };
3399 DWORD dwFlags;
3400 WINBOOL fCNG;
3401 BYTE *pbCNGContentEncryptKeyObject;
3402 BYTE *pbContentEncryptKey;
3403 DWORD cbContentEncryptKey;
3404 } CMSG_CONTENT_ENCRYPT_INFO,*PCMSG_CONTENT_ENCRYPT_INFO;
3405
3406#define CMSG_CONTENT_ENCRYPT_PAD_ENCODED_LEN_FLAG 0x1
3407
3408#define CMSG_CONTENT_ENCRYPT_FREE_PARA_FLAG 0x1
3409#define CMSG_CONTENT_ENCRYPT_FREE_OBJID_FLAG 0x2
3410#define CMSG_CONTENT_ENCRYPT_RELEASE_CONTEXT_FLAG 0x8000
3411
3412#define CMSG_OID_GEN_CONTENT_ENCRYPT_KEY_FUNC "CryptMsgDllGenContentEncryptKey"
3413#define CMSG_OID_CAPI1_GEN_CONTENT_ENCRYPT_KEY_FUNC CMSG_OID_GEN_CONTENT_ENCRYPT_KEY_FUNC
3414#define CMSG_OID_CNG_GEN_CONTENT_ENCRYPT_KEY_FUNC "CryptMsgDllCNGGenContentEncryptKey"
3415
3416 typedef WINBOOL (WINAPI *PFN_CMSG_GEN_CONTENT_ENCRYPT_KEY) (PCMSG_CONTENT_ENCRYPT_INFO pContentEncryptInfo, DWORD dwFlags, void *pvReserved);
3417
3418 typedef struct _CMSG_KEY_TRANS_ENCRYPT_INFO {
3419 DWORD cbSize;
3420 DWORD dwRecipientIndex;
3421 CRYPT_ALGORITHM_IDENTIFIER KeyEncryptionAlgorithm;
3422 CRYPT_DATA_BLOB EncryptedKey;
3423 DWORD dwFlags;
3424 } CMSG_KEY_TRANS_ENCRYPT_INFO,*PCMSG_KEY_TRANS_ENCRYPT_INFO;
3425
3426#define CMSG_KEY_TRANS_ENCRYPT_FREE_PARA_FLAG 0x1
3427#define CMSG_KEY_TRANS_ENCRYPT_FREE_OBJID_FLAG 0x2
3428
3429#define CMSG_OID_EXPORT_KEY_TRANS_FUNC "CryptMsgDllExportKeyTrans"
3430#define CMSG_OID_CAPI1_EXPORT_KEY_TRANS_FUNC CMSG_OID_EXPORT_KEY_TRANS_FUNC
3431#define CMSG_OID_CNG_EXPORT_KEY_TRANS_FUNC "CryptMsgDllCNGExportKeyTrans"
3432
3433 typedef WINBOOL (WINAPI *PFN_CMSG_EXPORT_KEY_TRANS) (PCMSG_CONTENT_ENCRYPT_INFO pContentEncryptInfo, PCMSG_KEY_TRANS_RECIPIENT_ENCODE_INFO pKeyTransEncodeInfo, PCMSG_KEY_TRANS_ENCRYPT_INFO pKeyTransEncryptInfo, DWORD dwFlags, void *pvReserved);
3434
3435 typedef struct _CMSG_KEY_AGREE_KEY_ENCRYPT_INFO {
3436 DWORD cbSize;
3437 CRYPT_DATA_BLOB EncryptedKey;
3438 } CMSG_KEY_AGREE_KEY_ENCRYPT_INFO,*PCMSG_KEY_AGREE_KEY_ENCRYPT_INFO;
3439
3440 typedef struct _CMSG_KEY_AGREE_ENCRYPT_INFO {
3441 DWORD cbSize;
3442 DWORD dwRecipientIndex;
3443 CRYPT_ALGORITHM_IDENTIFIER KeyEncryptionAlgorithm;
3444 CRYPT_DATA_BLOB UserKeyingMaterial;
3445 DWORD dwOriginatorChoice;
3446 __C89_NAMELESS union {
3447 CERT_ID OriginatorCertId;
3448 CERT_PUBLIC_KEY_INFO OriginatorPublicKeyInfo;
3449 };
3450 DWORD cKeyAgreeKeyEncryptInfo;
3451 PCMSG_KEY_AGREE_KEY_ENCRYPT_INFO *rgpKeyAgreeKeyEncryptInfo;
3452 DWORD dwFlags;
3453 } CMSG_KEY_AGREE_ENCRYPT_INFO,*PCMSG_KEY_AGREE_ENCRYPT_INFO;
3454
3455#define CMSG_KEY_AGREE_ENCRYPT_FREE_PARA_FLAG 0x1
3456#define CMSG_KEY_AGREE_ENCRYPT_FREE_MATERIAL_FLAG 0x2
3457#define CMSG_KEY_AGREE_ENCRYPT_FREE_PUBKEY_ALG_FLAG 0x4
3458#define CMSG_KEY_AGREE_ENCRYPT_FREE_PUBKEY_PARA_FLAG 0x8
3459#define CMSG_KEY_AGREE_ENCRYPT_FREE_PUBKEY_BITS_FLAG 0x10
3460#define CMSG_KEY_AGREE_ENCRYPT_FREE_OBJID_FLAG 0x20
3461
3462#define CMSG_OID_EXPORT_KEY_AGREE_FUNC "CryptMsgDllExportKeyAgree"
3463#define CMSG_OID_CAPI1_EXPORT_KEY_AGREE_FUNC CMSG_OID_EXPORT_KEY_AGREE_FUNC
3464#define CMSG_OID_CNG_EXPORT_KEY_AGREE_FUNC "CryptMsgDllCNGExportKeyAgree"
3465
3466 typedef WINBOOL (WINAPI *PFN_CMSG_EXPORT_KEY_AGREE) (PCMSG_CONTENT_ENCRYPT_INFO pContentEncryptInfo, PCMSG_KEY_AGREE_RECIPIENT_ENCODE_INFO pKeyAgreeEncodeInfo, PCMSG_KEY_AGREE_ENCRYPT_INFO pKeyAgreeEncryptInfo, DWORD dwFlags, void *pvReserved);
3467
3468 typedef struct _CMSG_MAIL_LIST_ENCRYPT_INFO {
3469 DWORD cbSize;
3470 DWORD dwRecipientIndex;
3471 CRYPT_ALGORITHM_IDENTIFIER KeyEncryptionAlgorithm;
3472 CRYPT_DATA_BLOB EncryptedKey;
3473 DWORD dwFlags;
3474 } CMSG_MAIL_LIST_ENCRYPT_INFO,*PCMSG_MAIL_LIST_ENCRYPT_INFO;
3475
3476#define CMSG_MAIL_LIST_ENCRYPT_FREE_PARA_FLAG 0x1
3477#define CMSG_MAIL_LIST_ENCRYPT_FREE_OBJID_FLAG 0x2
3478
3479#define CMSG_OID_EXPORT_MAIL_LIST_FUNC "CryptMsgDllExportMailList"
3480#define CMSG_OID_CAPI1_EXPORT_MAIL_LIST_FUNC CMSG_OID_EXPORT_MAIL_LIST_FUNC
3481#define CMSG_OID_IMPORT_KEY_TRANS_FUNC "CryptMsgDllImportKeyTrans"
3482#define CMSG_OID_CAPI1_IMPORT_KEY_TRANS_FUNC CMSG_OID_IMPORT_KEY_TRANS_FUNC
3483#define CMSG_OID_IMPORT_KEY_AGREE_FUNC "CryptMsgDllImportKeyAgree"
3484#define CMSG_OID_CAPI1_IMPORT_KEY_AGREE_FUNC CMSG_OID_IMPORT_KEY_AGREE_FUNC
3485#define CMSG_OID_IMPORT_MAIL_LIST_FUNC "CryptMsgDllImportMailList"
3486#define CMSG_OID_CAPI1_IMPORT_MAIL_LIST_FUNC CMSG_OID_IMPORT_MAIL_LIST_FUNC
3487
3488 typedef WINBOOL (WINAPI *PFN_CMSG_EXPORT_MAIL_LIST) (PCMSG_CONTENT_ENCRYPT_INFO pContentEncryptInfo, PCMSG_MAIL_LIST_RECIPIENT_ENCODE_INFO pMailListEncodeInfo, PCMSG_MAIL_LIST_ENCRYPT_INFO pMailListEncryptInfo, DWORD dwFlags, void *pvReserved);
3489 typedef WINBOOL (WINAPI *PFN_CMSG_IMPORT_KEY_TRANS) (PCRYPT_ALGORITHM_IDENTIFIER pContentEncryptionAlgorithm, PCMSG_CTRL_KEY_TRANS_DECRYPT_PARA pKeyTransDecryptPara, DWORD dwFlags, void *pvReserved, HCRYPTKEY *phContentEncryptKey);
3490 typedef WINBOOL (WINAPI *PFN_CMSG_IMPORT_KEY_AGREE) (PCRYPT_ALGORITHM_IDENTIFIER pContentEncryptionAlgorithm, PCMSG_CTRL_KEY_AGREE_DECRYPT_PARA pKeyAgreeDecryptPara, DWORD dwFlags, void *pvReserved, HCRYPTKEY *phContentEncryptKey);
3491 typedef WINBOOL (WINAPI *PFN_CMSG_IMPORT_MAIL_LIST) (PCRYPT_ALGORITHM_IDENTIFIER pContentEncryptionAlgorithm, PCMSG_CTRL_MAIL_LIST_DECRYPT_PARA pMailListDecryptPara, DWORD dwFlags, void *pvReserved, HCRYPTKEY *phContentEncryptKey);
3492
3493 typedef struct _CMSG_CNG_CONTENT_DECRYPT_INFO {
3494 DWORD cbSize;
3495 CRYPT_ALGORITHM_IDENTIFIER ContentEncryptionAlgorithm;
3496 PFN_CMSG_ALLOC pfnAlloc;
3497 PFN_CMSG_FREE pfnFree;
3498 NCRYPT_KEY_HANDLE hNCryptKey;
3499 BYTE *pbContentEncryptKey;
3500 DWORD cbContentEncryptKey;
3501 BCRYPT_KEY_HANDLE hCNGContentEncryptKey;
3502 BYTE *pbCNGContentEncryptKeyObject;
3503 } CMSG_CNG_CONTENT_DECRYPT_INFO,*PCMSG_CNG_CONTENT_DECRYPT_INFO;
3504
3505#define CMSG_OID_CNG_IMPORT_KEY_TRANS_FUNC "CryptMsgDllCNGImportKeyTrans"
3506#define CMSG_OID_CNG_IMPORT_KEY_AGREE_FUNC "CryptMsgDllCNGImportKeyAgree"
3507#define CMSG_OID_CNG_IMPORT_CONTENT_ENCRYPT_KEY_FUNC "CryptMsgDllCNGImportContentEncryptKey"
3508
3509 typedef WINBOOL (WINAPI *PFN_CMSG_CNG_IMPORT_KEY_TRANS) (PCMSG_CNG_CONTENT_DECRYPT_INFO pCNGContentDecryptInfo, PCMSG_CTRL_KEY_TRANS_DECRYPT_PARA pKeyTransDecryptPara, DWORD dwFlags, void *pvReserved);
3510 typedef WINBOOL (WINAPI *PFN_CMSG_CNG_IMPORT_KEY_AGREE) (PCMSG_CNG_CONTENT_DECRYPT_INFO pCNGContentDecryptInfo, PCMSG_CTRL_KEY_AGREE_DECRYPT_PARA pKeyAgreeDecryptPara, DWORD dwFlags, void *pvReserved);
3511 typedef WINBOOL (WINAPI *PFN_CMSG_CNG_IMPORT_CONTENT_ENCRYPT_KEY) (PCMSG_CNG_CONTENT_DECRYPT_INFO pCNGContentDecryptInfo, DWORD dwFlags, void *pvReserved);
3512
3513#endif
3514#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
3515 typedef void *HCERTSTORE;
3516
3517 typedef struct _CERT_CONTEXT {
3518 DWORD dwCertEncodingType;
3519 BYTE *pbCertEncoded;
3520 DWORD cbCertEncoded;
3521 PCERT_INFO pCertInfo;
3522 HCERTSTORE hCertStore;
3523 } CERT_CONTEXT,*PCERT_CONTEXT;
3524
3525 typedef const CERT_CONTEXT *PCCERT_CONTEXT;
3526#endif
3527
3528 typedef struct _CRL_CONTEXT {
3529 DWORD dwCertEncodingType;
3530 BYTE *pbCrlEncoded;
3531 DWORD cbCrlEncoded;
3532 PCRL_INFO pCrlInfo;
3533 HCERTSTORE hCertStore;
3534 } CRL_CONTEXT,*PCRL_CONTEXT;
3535
3536 typedef const CRL_CONTEXT *PCCRL_CONTEXT;
3537
3538 typedef struct _CTL_CONTEXT {
3539 DWORD dwMsgAndCertEncodingType;
3540 BYTE *pbCtlEncoded;
3541 DWORD cbCtlEncoded;
3542 PCTL_INFO pCtlInfo;
3543 HCERTSTORE hCertStore;
3544 HCRYPTMSG hCryptMsg;
3545 BYTE *pbCtlContent;
3546 DWORD cbCtlContent;
3547 } CTL_CONTEXT,*PCTL_CONTEXT;
3548
3549 typedef const CTL_CONTEXT *PCCTL_CONTEXT;
3550
3551#define CERT_KEY_PROV_HANDLE_PROP_ID 1
3552#define CERT_KEY_PROV_INFO_PROP_ID 2
3553#define CERT_SHA1_HASH_PROP_ID 3
3554#define CERT_MD5_HASH_PROP_ID 4
3555#define CERT_HASH_PROP_ID CERT_SHA1_HASH_PROP_ID
3556#define CERT_KEY_CONTEXT_PROP_ID 5
3557#define CERT_KEY_SPEC_PROP_ID 6
3558#define CERT_IE30_RESERVED_PROP_ID 7
3559#define CERT_PUBKEY_HASH_RESERVED_PROP_ID 8
3560#define CERT_ENHKEY_USAGE_PROP_ID 9
3561#define CERT_CTL_USAGE_PROP_ID CERT_ENHKEY_USAGE_PROP_ID
3562#define CERT_NEXT_UPDATE_LOCATION_PROP_ID 10
3563#define CERT_FRIENDLY_NAME_PROP_ID 11
3564#define CERT_PVK_FILE_PROP_ID 12
3565#define CERT_DESCRIPTION_PROP_ID 13
3566#define CERT_ACCESS_STATE_PROP_ID 14
3567#define CERT_SIGNATURE_HASH_PROP_ID 15
3568#define CERT_SMART_CARD_DATA_PROP_ID 16
3569#define CERT_EFS_PROP_ID 17
3570#define CERT_FORTEZZA_DATA_PROP_ID 18
3571#define CERT_ARCHIVED_PROP_ID 19
3572#define CERT_KEY_IDENTIFIER_PROP_ID 20
3573#define CERT_AUTO_ENROLL_PROP_ID 21
3574#define CERT_PUBKEY_ALG_PARA_PROP_ID 22
3575#define CERT_CROSS_CERT_DIST_POINTS_PROP_ID 23
3576#define CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID 24
3577#define CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID 25
3578#define CERT_ENROLLMENT_PROP_ID 26
3579#define CERT_DATE_STAMP_PROP_ID 27
3580#define CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID 28
3581#define CERT_SUBJECT_NAME_MD5_HASH_PROP_ID 29
3582#define CERT_EXTENDED_ERROR_INFO_PROP_ID 30
3583#define CERT_RENEWAL_PROP_ID 64
3584#define CERT_ARCHIVED_KEY_HASH_PROP_ID 65
3585#define CERT_AUTO_ENROLL_RETRY_PROP_ID 66
3586#define CERT_AIA_URL_RETRIEVED_PROP_ID 67
3587#define CERT_AUTHORITY_INFO_ACCESS_PROP_ID 68
3588#define CERT_BACKED_UP_PROP_ID 69
3589#define CERT_OCSP_RESPONSE_PROP_ID 70
3590#define CERT_REQUEST_ORIGINATOR_PROP_ID 71
3591#define CERT_SOURCE_LOCATION_PROP_ID 72
3592#define CERT_SOURCE_URL_PROP_ID 73
3593#define CERT_NEW_KEY_PROP_ID 74
3594#define CERT_OCSP_CACHE_PREFIX_PROP_ID 75
3595#define CERT_SMART_CARD_ROOT_INFO_PROP_ID 76
3596#define CERT_NO_AUTO_EXPIRE_CHECK_PROP_ID 77
3597#define CERT_NCRYPT_KEY_HANDLE_PROP_ID 78
3598#define CERT_HCRYPTPROV_OR_NCRYPT_KEY_HANDLE_PROP_ID 79
3599#define CERT_SUBJECT_INFO_ACCESS_PROP_ID 80
3600#define CERT_CA_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID 81
3601#define CERT_CA_DISABLE_CRL_PROP_ID 82
3602#define CERT_ROOT_PROGRAM_CERT_POLICIES_PROP_ID 83
3603#define CERT_ROOT_PROGRAM_NAME_CONSTRAINTS_PROP_ID 84
3604#define CERT_SUBJECT_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID 85
3605#define CERT_SUBJECT_DISABLE_CRL_PROP_ID 86
3606#define CERT_CEP_PROP_ID 87
3607#define CERT_SIGN_HASH_CNG_ALG_PROP_ID 89
3608#define CERT_SCARD_PIN_ID_PROP_ID 90
3609#define CERT_SCARD_PIN_INFO_PROP_ID 91
3610#define CERT_SUBJECT_PUB_KEY_BIT_LENGTH_PROP_ID 92
3611#define CERT_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID 93
3612#define CERT_ISSUER_PUB_KEY_BIT_LENGTH_PROP_ID 94
3613#define CERT_ISSUER_CHAIN_SIGN_HASH_CNG_ALG_PROP_ID 95
3614#define CERT_ISSUER_CHAIN_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID 96
3615#define CERT_NO_EXPIRE_NOTIFICATION_PROP_ID 97
3616#define CERT_AUTH_ROOT_SHA256_HASH_PROP_ID 98
3617#define CERT_NCRYPT_KEY_HANDLE_TRANSFER_PROP_ID 99
3618#define CERT_HCRYPTPROV_TRANSFER_PROP_ID 100
3619#define CERT_SMART_CARD_READER_PROP_ID 101
3620#define CERT_SEND_AS_TRUSTED_ISSUER_PROP_ID 102
3621#define CERT_KEY_REPAIR_ATTEMPTED_PROP_ID 103
3622#define CERT_DISALLOWED_FILETIME_PROP_ID 104
3623#define CERT_ROOT_PROGRAM_CHAIN_POLICIES_PROP_ID 105
3624#define CERT_SMART_CARD_READER_NON_REMOVABLE_PROP_ID 106
3625
3626#define CERT_SHA256_HASH_PROP_ID 107
3627
3628#define CERT_SCEP_SERVER_CERTS_PROP_ID 108
3629#define CERT_SCEP_RA_SIGNATURE_CERT_PROP_ID 109
3630#define CERT_SCEP_RA_ENCRYPTION_CERT_PROP_ID 110
3631#define CERT_SCEP_CA_CERT_PROP_ID 111
3632#define CERT_SCEP_SIGNER_CERT_PROP_ID 112
3633#define CERT_SCEP_NONCE_PROP_ID 113
3634
3635#define CERT_SCEP_ENCRYPT_HASH_CNG_ALG_PROP_ID 114
3636#define CERT_SCEP_FLAGS_PROP_ID 115
3637#define CERT_SCEP_GUID_PROP_ID 116
3638#define CERT_SERIALIZABLE_KEY_CONTEXT_PROP_ID 117
3639
3640#define CERT_ISOLATED_KEY_PROP_ID 118
3641
3642#define CERT_SERIAL_CHAIN_PROP_ID 119
3643#define CERT_KEY_CLASSIFICATION_PROP_ID 120
3644
3645#define CERT_OCSP_MUST_STAPLE_PROP_ID 121
3646
3647#define CERT_DISALLOWED_ENHKEY_USAGE_PROP_ID 122
3648#define CERT_NONCOMPLIANT_ROOT_URL_PROP_ID 123
3649
3650#define CERT_PIN_SHA256_HASH_PROP_ID 124
3651#define CERT_CLR_DELETE_KEY_PROP_ID 125
3652#define CERT_NOT_BEFORE_FILETIME_PROP_ID 126
3653#define CERT_NOT_BEFORE_ENHKEY_USAGE_PROP_ID 127
3654
3655#define CERT_FIRST_RESERVED_PROP_ID 107
3656#define CERT_LAST_RESERVED_PROP_ID 0x00007fff
3657#define CERT_FIRST_USER_PROP_ID 0x8000
3658#define CERT_LAST_USER_PROP_ID 0x0000ffff
3659
3660#if defined(__cplusplus) && __cplusplus >= 201103L && !defined(SORTPP_PASS)
3661#define WINCRYPT_DWORD_CPP_ONLY : DWORD
3662#else
3663#define WINCRYPT_DWORD_CPP_ONLY
3664#endif
3665
3666 typedef enum CertKeyType WINCRYPT_DWORD_CPP_ONLY {
3667 KeyTypeOther = 0,
3668 KeyTypeVirtualSmartCard = 1,
3669 KeyTypePhysicalSmartCard = 2,
3670 KeyTypePassport = 3,
3671 KeyTypePassportRemote = 4,
3672 KeyTypePassportSmartCard = 5,
3673 KeyTypeHardware = 6,
3674 KeyTypeSoftware = 7,
3675 KeyTypeSelfSigned = 8
3676 } CertKeyType;
3677
3678#define IS_CERT_HASH_PROP_ID(X) (CERT_SHA1_HASH_PROP_ID == (X) || CERT_MD5_HASH_PROP_ID == (X) || CERT_SIGNATURE_HASH_PROP_ID == (X))
3679#define IS_PUBKEY_HASH_PROP_ID(X) (CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID == (X) || CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID == (X))
3680#define IS_CHAIN_HASH_PROP_ID(X) (CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID == (X) || CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID == (X) || CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID == (X) || CERT_SUBJECT_NAME_MD5_HASH_PROP_ID == (X))
3681#define IS_STRONG_SIGN_PROP_ID(X) (CERT_SIGN_HASH_CNG_ALG_PROP_ID == (X) || CERT_SUBJECT_PUB_KEY_BIT_LENGTH_PROP_ID == (X) || CERT_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID == (X))
3682
3683#define szOID_CERT_PROP_ID_PREFIX "1.3.6.1.4.1.311.10.11."
3684#define _szPROP_ID(PropId) #PropId
3685#define szOID_CERT_PROP_ID(PropId) szOID_CERT_PROP_ID_PREFIX _szPROP_ID (PropId)
3686
3687#define __CRYPT32WTEXT(quote) L##quote
3688#define _CRYPT32WTEXT(quote) __CRYPT32WTEXT (quote)
3689#define wszOID_CERT_PROP_ID(PropId) _CRYPT32WTEXT (szOID_CERT_PROP_ID_PREFIX) _CRYPT32WTEXT (_szPROP_ID (PropId))
3690
3691#define szOID_CERT_KEY_IDENTIFIER_PROP_ID "1.3.6.1.4.1.311.10.11.20"
3692#define szOID_CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID "1.3.6.1.4.1.311.10.11.28"
3693#define szOID_CERT_SUBJECT_NAME_MD5_HASH_PROP_ID "1.3.6.1.4.1.311.10.11.29"
3694#define szOID_CERT_MD5_HASH_PROP_ID "1.3.6.1.4.1.311.10.11.4"
3695#define szOID_CERT_SIGNATURE_HASH_PROP_ID "1.3.6.1.4.1.311.10.11.15"
3696#define szOID_DISALLOWED_HASH szOID_CERT_SIGNATURE_HASH_PROP_ID
3697#define szOID_CERT_DISALLOWED_FILETIME_PROP_ID "1.3.6.1.4.1.311.10.11.104"
3698
3699#define CERT_ACCESS_STATE_WRITE_PERSIST_FLAG 0x1
3700#define CERT_ACCESS_STATE_SYSTEM_STORE_FLAG 0x2
3701#define CERT_ACCESS_STATE_LM_SYSTEM_STORE_FLAG 0x4
3702#define CERT_ACCESS_STATE_GP_SYSTEM_STORE_FLAG 0x8
3703#define CERT_ACCESS_STATE_SHARED_USER_FLAG 0x10
3704
3705#define szOID_ROOT_PROGRAM_AUTO_UPDATE_CA_REVOCATION "1.3.6.1.4.1.311.60.3.1"
3706#define szOID_ROOT_PROGRAM_AUTO_UPDATE_END_REVOCATION "1.3.6.1.4.1.311.60.3.2"
3707#define szOID_ROOT_PROGRAM_NO_OCSP_FAILOVER_TO_CRL "1.3.6.1.4.1.311.60.3.3"
3708
3709 typedef struct _CRYPT_KEY_PROV_PARAM {
3710 DWORD dwParam;
3711 BYTE *pbData;
3712 DWORD cbData;
3713 DWORD dwFlags;
3714 } CRYPT_KEY_PROV_PARAM,*PCRYPT_KEY_PROV_PARAM;
3715
3716 typedef struct _CRYPT_KEY_PROV_INFO {
3717 LPWSTR pwszContainerName;
3718 LPWSTR pwszProvName;
3719 DWORD dwProvType;
3720 DWORD dwFlags;
3721 DWORD cProvParam;
3722 PCRYPT_KEY_PROV_PARAM rgProvParam;
3723 DWORD dwKeySpec;
3724 } CRYPT_KEY_PROV_INFO,*PCRYPT_KEY_PROV_INFO;
3725
3726#define CERT_SET_KEY_PROV_HANDLE_PROP_ID 0x1
3727#define CERT_SET_KEY_CONTEXT_PROP_ID 0x1
3728
3729#define CERT_NCRYPT_KEY_SPEC 0xffffffff
3730
3731 typedef struct _CERT_KEY_CONTEXT {
3732 DWORD cbSize;
3733 __C89_NAMELESS union {
3734 HCRYPTPROV hCryptProv;
3735 NCRYPT_KEY_HANDLE hNCryptKey;
3736 };
3737 DWORD dwKeySpec;
3738 } CERT_KEY_CONTEXT,*PCERT_KEY_CONTEXT;
3739
3740 typedef struct _ROOT_INFO_LUID {
3741 DWORD LowPart;
3742 LONG HighPart;
3743 } ROOT_INFO_LUID,*PROOT_INFO_LUID;
3744
3745 typedef struct _CRYPT_SMART_CARD_ROOT_INFO {
3746 BYTE rgbCardID [16];
3747 ROOT_INFO_LUID luid;
3748 } CRYPT_SMART_CARD_ROOT_INFO,*PCRYPT_SMART_CARD_ROOT_INFO;
3749
3750#define CERT_STORE_PROV_MSG ((LPCSTR) 1)
3751#define CERT_STORE_PROV_MEMORY ((LPCSTR) 2)
3752#define CERT_STORE_PROV_FILE ((LPCSTR) 3)
3753#define CERT_STORE_PROV_REG ((LPCSTR) 4)
3754#define CERT_STORE_PROV_PKCS7 ((LPCSTR) 5)
3755#define CERT_STORE_PROV_SERIALIZED ((LPCSTR) 6)
3756#define CERT_STORE_PROV_FILENAME_A ((LPCSTR) 7)
3757#define CERT_STORE_PROV_FILENAME_W ((LPCSTR) 8)
3758#define CERT_STORE_PROV_FILENAME CERT_STORE_PROV_FILENAME_W
3759#define CERT_STORE_PROV_SYSTEM_A ((LPCSTR) 9)
3760#define CERT_STORE_PROV_SYSTEM_W ((LPCSTR) 10)
3761#define CERT_STORE_PROV_SYSTEM CERT_STORE_PROV_SYSTEM_W
3762#define CERT_STORE_PROV_COLLECTION ((LPCSTR) 11)
3763#define CERT_STORE_PROV_SYSTEM_REGISTRY_A ((LPCSTR) 12)
3764#define CERT_STORE_PROV_SYSTEM_REGISTRY_W ((LPCSTR) 13)
3765#define CERT_STORE_PROV_SYSTEM_REGISTRY CERT_STORE_PROV_SYSTEM_REGISTRY_W
3766#define CERT_STORE_PROV_PHYSICAL_W ((LPCSTR) 14)
3767#define CERT_STORE_PROV_PHYSICAL CERT_STORE_PROV_PHYSICAL_W
3768#define CERT_STORE_PROV_SMART_CARD_W ((LPCSTR) 15)
3769#define CERT_STORE_PROV_SMART_CARD CERT_STORE_PROV_SMART_CARD_W
3770#define CERT_STORE_PROV_LDAP_W ((LPCSTR) 16)
3771#define CERT_STORE_PROV_LDAP CERT_STORE_PROV_LDAP_W
3772#define CERT_STORE_PROV_PKCS12 ((LPCSTR) 17)
3773
3774#define sz_CERT_STORE_PROV_MEMORY "Memory"
3775#define sz_CERT_STORE_PROV_FILENAME_W "File"
3776#define sz_CERT_STORE_PROV_FILENAME sz_CERT_STORE_PROV_FILENAME_W
3777#define sz_CERT_STORE_PROV_SYSTEM_W "System"
3778#define sz_CERT_STORE_PROV_SYSTEM sz_CERT_STORE_PROV_SYSTEM_W
3779#define sz_CERT_STORE_PROV_PKCS7 "PKCS7"
3780#define sz_CERT_STORE_PROV_PKCS12 "PKCS12"
3781#define sz_CERT_STORE_PROV_SERIALIZED "Serialized"
3782
3783#define sz_CERT_STORE_PROV_COLLECTION "Collection"
3784#define sz_CERT_STORE_PROV_SYSTEM_REGISTRY_W "SystemRegistry"
3785#define sz_CERT_STORE_PROV_SYSTEM_REGISTRY sz_CERT_STORE_PROV_SYSTEM_REGISTRY_W
3786#define sz_CERT_STORE_PROV_PHYSICAL_W "Physical"
3787#define sz_CERT_STORE_PROV_PHYSICAL sz_CERT_STORE_PROV_PHYSICAL_W
3788
3789#define sz_CERT_STORE_PROV_SMART_CARD_W "SmartCard"
3790#define sz_CERT_STORE_PROV_SMART_CARD sz_CERT_STORE_PROV_SMART_CARD_W
3791
3792#define sz_CERT_STORE_PROV_LDAP_W "Ldap"
3793#define sz_CERT_STORE_PROV_LDAP sz_CERT_STORE_PROV_LDAP_W
3794
3795#define CERT_STORE_SIGNATURE_FLAG 0x1
3796#define CERT_STORE_TIME_VALIDITY_FLAG 0x2
3797#define CERT_STORE_REVOCATION_FLAG 0x4
3798#define CERT_STORE_NO_CRL_FLAG 0x10000
3799#define CERT_STORE_NO_ISSUER_FLAG 0x20000
3800
3801#define CERT_STORE_BASE_CRL_FLAG 0x100
3802#define CERT_STORE_DELTA_CRL_FLAG 0x200
3803
3804#define CERT_STORE_NO_CRYPT_RELEASE_FLAG 0x1
3805#define CERT_STORE_SET_LOCALIZED_NAME_FLAG 0x2
3806#define CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG 0x4
3807#define CERT_STORE_DELETE_FLAG 0x10
3808#define CERT_STORE_UNSAFE_PHYSICAL_FLAG 0x20
3809#define CERT_STORE_SHARE_STORE_FLAG 0x40
3810#define CERT_STORE_SHARE_CONTEXT_FLAG 0x80
3811#define CERT_STORE_MANIFOLD_FLAG 0x100
3812#define CERT_STORE_ENUM_ARCHIVED_FLAG 0x200
3813#define CERT_STORE_UPDATE_KEYID_FLAG 0x400
3814#define CERT_STORE_BACKUP_RESTORE_FLAG 0x800
3815#define CERT_STORE_READONLY_FLAG 0x8000
3816#define CERT_STORE_OPEN_EXISTING_FLAG 0x4000
3817#define CERT_STORE_CREATE_NEW_FLAG 0x2000
3818#define CERT_STORE_MAXIMUM_ALLOWED_FLAG 0x1000
3819
3820#define CERT_SYSTEM_STORE_MASK 0xffff0000
3821
3822#define CERT_SYSTEM_STORE_RELOCATE_FLAG 0x80000000
3823
3824 typedef struct _CERT_SYSTEM_STORE_RELOCATE_PARA {
3825 __C89_NAMELESS union {
3826 HKEY hKeyBase;
3827 void *pvBase;
3828 };
3829 __C89_NAMELESS union {
3830 void *pvSystemStore;
3831 LPCSTR pszSystemStore;
3832 LPCWSTR pwszSystemStore;
3833 };
3834 } CERT_SYSTEM_STORE_RELOCATE_PARA,*PCERT_SYSTEM_STORE_RELOCATE_PARA;
3835
3836#define CERT_SYSTEM_STORE_DEFER_READ_FLAG 0x20000000
3837#define CERT_SYSTEM_STORE_UNPROTECTED_FLAG 0x40000000
3838
3839#define CERT_SYSTEM_STORE_LOCATION_MASK 0x00ff0000
3840#define CERT_SYSTEM_STORE_LOCATION_SHIFT 16
3841
3842#define CERT_SYSTEM_STORE_CURRENT_USER_ID 1
3843#define CERT_SYSTEM_STORE_LOCAL_MACHINE_ID 2
3844#define CERT_SYSTEM_STORE_CURRENT_SERVICE_ID 4
3845#define CERT_SYSTEM_STORE_SERVICES_ID 5
3846#define CERT_SYSTEM_STORE_USERS_ID 6
3847#define CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY_ID 7
3848#define CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY_ID 8
3849#define CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE_ID 9
3850#define CERT_SYSTEM_STORE_LOCAL_MACHINE_WCOS_ID 10
3851
3852#define CERT_SYSTEM_STORE_CURRENT_USER (CERT_SYSTEM_STORE_CURRENT_USER_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
3853#define CERT_SYSTEM_STORE_LOCAL_MACHINE (CERT_SYSTEM_STORE_LOCAL_MACHINE_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
3854#define CERT_SYSTEM_STORE_CURRENT_SERVICE (CERT_SYSTEM_STORE_CURRENT_SERVICE_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
3855#define CERT_SYSTEM_STORE_SERVICES (CERT_SYSTEM_STORE_SERVICES_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
3856#define CERT_SYSTEM_STORE_USERS (CERT_SYSTEM_STORE_USERS_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
3857#define CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY (CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
3858#define CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY (CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
3859#define CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE (CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
3860#define CERT_SYSTEM_STORE_LOCAL_MACHINE_WCOS (CERT_SYSTEM_STORE_LOCAL_MACHINE_WCOS_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
3861
3862#define CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH L"Software\\Policies\\Microsoft\\SystemCertificates"
3863
3864#define CERT_EFSBLOB_REGPATH CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH L"\\EFS"
3865#define CERT_EFSBLOB_VALUE_NAME L"EFSBlob"
3866
3867#define CERT_PROT_ROOT_FLAGS_REGPATH CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH L"\\Root\\ProtectedRoots"
3868#define CERT_PROT_ROOT_FLAGS_VALUE_NAME L"Flags"
3869#define CERT_PROT_ROOT_DISABLE_CURRENT_USER_FLAG 0x1
3870#define CERT_PROT_ROOT_INHIBIT_ADD_AT_INIT_FLAG 0x2
3871#define CERT_PROT_ROOT_INHIBIT_PURGE_LM_FLAG 0x4
3872#define CERT_PROT_ROOT_DISABLE_LM_AUTH_FLAG 0x8
3873#define CERT_PROT_ROOT_ONLY_LM_GPT_FLAG 0x8
3874#define CERT_PROT_ROOT_DISABLE_NT_AUTH_REQUIRED_FLAG 0x10
3875#define CERT_PROT_ROOT_DISABLE_NOT_DEFINED_NAME_CONSTRAINT_FLAG 0x20
3876#define CERT_PROT_ROOT_DISABLE_PEER_TRUST 0x10000
3877#define CERT_PROT_ROOT_PEER_USAGES_VALUE_NAME L"PeerUsages"
3878#define CERT_PROT_ROOT_PEER_USAGES_VALUE_NAME_A "PeerUsages"
3879#define CERT_PROT_ROOT_PEER_USAGES_DEFAULT_A szOID_PKIX_KP_CLIENT_AUTH "\0" szOID_PKIX_KP_EMAIL_PROTECTION "\0" szOID_KP_EFS "\0"
3880
3881#define CERT_TRUST_PUB_SAFER_GROUP_POLICY_REGPATH CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH L"\\TrustedPublisher\\Safer"
3882#define CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH L"Software\\Microsoft\\SystemCertificates"
3883#define CERT_TRUST_PUB_SAFER_LOCAL_MACHINE_REGPATH CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH L"\\TrustedPublisher\\Safer"
3884#define CERT_TRUST_PUB_AUTHENTICODE_FLAGS_VALUE_NAME L"AuthenticodeFlags"
3885
3886#define CERT_TRUST_PUB_ALLOW_TRUST_MASK 0x3
3887#define CERT_TRUST_PUB_ALLOW_END_USER_TRUST 0x0
3888#define CERT_TRUST_PUB_ALLOW_MACHINE_ADMIN_TRUST 0x1
3889#define CERT_TRUST_PUB_ALLOW_ENTERPRISE_ADMIN_TRUST 0x2
3890#define CERT_TRUST_PUB_CHECK_PUBLISHER_REV_FLAG 0x100
3891#define CERT_TRUST_PUB_CHECK_TIMESTAMP_REV_FLAG 0x200
3892
3893#define CERT_OCM_SUBCOMPONENTS_LOCAL_MACHINE_REGPATH L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\OC Manager\\Subcomponents"
3894#define CERT_OCM_SUBCOMPONENTS_ROOT_AUTO_UPDATE_VALUE_NAME L"RootAutoUpdate"
3895
3896#define CERT_DISABLE_ROOT_AUTO_UPDATE_REGPATH CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH L"\\AuthRoot"
3897#define CERT_DISABLE_ROOT_AUTO_UPDATE_VALUE_NAME L"DisableRootAutoUpdate"
3898
3899#define CERT_ENABLE_DISALLOWED_CERT_AUTO_UPDATE_VALUE_NAME L"EnableDisallowedCertAutoUpdate"
3900
3901#define CERT_DISABLE_PIN_RULES_AUTO_UPDATE_VALUE_NAME L"DisablePinRulesAutoUpdate"
3902
3903#define CERT_AUTO_UPDATE_LOCAL_MACHINE_REGPATH CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH L"\\AuthRoot\\AutoUpdate"
3904#define CERT_AUTO_UPDATE_ROOT_DIR_URL_VALUE_NAME L"RootDirUrl"
3905
3906#define CERT_AUTO_UPDATE_SYNC_FROM_DIR_URL_VALUE_NAME L"SyncFromDirUrl"
3907
3908#define CERT_AUTH_ROOT_AUTO_UPDATE_LOCAL_MACHINE_REGPATH CERT_AUTO_UPDATE_LOCAL_MACHINE_REGPATH
3909#define CERT_AUTH_ROOT_AUTO_UPDATE_ROOT_DIR_URL_VALUE_NAME CERT_AUTO_UPDATE_ROOT_DIR_URL_VALUE_NAME
3910#define CERT_AUTH_ROOT_AUTO_UPDATE_SYNC_DELTA_TIME_VALUE_NAME L"SyncDeltaTime"
3911#define CERT_AUTH_ROOT_AUTO_UPDATE_FLAGS_VALUE_NAME L"Flags"
3912#define CERT_AUTH_ROOT_AUTO_UPDATE_DISABLE_UNTRUSTED_ROOT_LOGGING_FLAG 0x1
3913#define CERT_AUTH_ROOT_AUTO_UPDATE_DISABLE_PARTIAL_CHAIN_LOGGING_FLAG 0x2
3914#define CERT_AUTO_UPDATE_DISABLE_RANDOM_QUERY_STRING_FLAG 0x4
3915#define CERT_AUTH_ROOT_AUTO_UPDATE_LAST_SYNC_TIME_VALUE_NAME L"LastSyncTime"
3916#define CERT_AUTH_ROOT_AUTO_UPDATE_ENCODED_CTL_VALUE_NAME L"EncodedCtl"
3917#define CERT_AUTH_ROOT_CTL_FILENAME L"authroot.stl"
3918#define CERT_AUTH_ROOT_CTL_FILENAME_A "authroot.stl"
3919#define CERT_AUTH_ROOT_CAB_FILENAME L"authrootstl.cab"
3920#define CERT_AUTH_ROOT_SEQ_FILENAME L"authrootseq.txt"
3921#define CERT_AUTH_ROOT_CERT_EXT L".crt"
3922
3923#define CERT_DISALLOWED_CERT_AUTO_UPDATE_SYNC_DELTA_TIME_VALUE_NAME L"DisallowedCertSyncDeltaTime"
3924#define CERT_DISALLOWED_CERT_AUTO_UPDATE_LAST_SYNC_TIME_VALUE_NAME L"DisallowedCertLastSyncTime"
3925#define CERT_DISALLOWED_CERT_AUTO_UPDATE_ENCODED_CTL_VALUE_NAME L"DisallowedCertEncodedCtl"
3926#define CERT_DISALLOWED_CERT_CTL_FILENAME L"disallowedcert.stl"
3927#define CERT_DISALLOWED_CERT_CTL_FILENAME_A "disallowedcert.stl"
3928#define CERT_DISALLOWED_CERT_CAB_FILENAME L"disallowedcertstl.cab"
3929#define CERT_DISALLOWED_CERT_AUTO_UPDATE_LIST_IDENTIFIER L"DisallowedCert_AutoUpdate_1"
3930
3931#define CERT_PIN_RULES_AUTO_UPDATE_SYNC_DELTA_TIME_VALUE_NAME L"PinRulesSyncDeltaTime"
3932#define CERT_PIN_RULES_AUTO_UPDATE_LAST_SYNC_TIME_VALUE_NAME L"PinRulesLastSyncTime"
3933#define CERT_PIN_RULES_AUTO_UPDATE_ENCODED_CTL_VALUE_NAME L"PinRulesEncodedCtl"
3934
3935#define CERT_PIN_RULES_CTL_FILENAME L"pinrules.stl"
3936#define CERT_PIN_RULES_CTL_FILENAME_A "pinrules.stl"
3937
3938#define CERT_PIN_RULES_CAB_FILENAME L"pinrulesstl.cab"
3939
3940#define CERT_PIN_RULES_AUTO_UPDATE_LIST_IDENTIFIER L"PinRules_AutoUpdate_1"
3941
3942#define CERT_REGISTRY_STORE_REMOTE_FLAG 0x10000
3943#define CERT_REGISTRY_STORE_SERIALIZED_FLAG 0x20000
3944#define CERT_REGISTRY_STORE_CLIENT_GPT_FLAG 0x80000000
3945#define CERT_REGISTRY_STORE_LM_GPT_FLAG 0x1000000
3946
3947 typedef struct _CERT_REGISTRY_STORE_CLIENT_GPT_PARA {
3948 HKEY hKeyBase;
3949 LPWSTR pwszRegPath;
3950 } CERT_REGISTRY_STORE_CLIENT_GPT_PARA,*PCERT_REGISTRY_STORE_CLIENT_GPT_PARA;
3951
3952#define CERT_REGISTRY_STORE_ROAMING_FLAG 0x40000
3953
3954 typedef struct _CERT_REGISTRY_STORE_ROAMING_PARA {
3955 HKEY hKey;
3956 LPWSTR pwszStoreDirectory;
3957 } CERT_REGISTRY_STORE_ROAMING_PARA,*PCERT_REGISTRY_STORE_ROAMING_PARA;
3958
3959#define CERT_REGISTRY_STORE_MY_IE_DIRTY_FLAG 0x80000
3960#define CERT_REGISTRY_STORE_EXTERNAL_FLAG 0x100000
3961
3962#define CERT_IE_DIRTY_FLAGS_REGPATH L"Software\\Microsoft\\Cryptography\\IEDirtyFlags"
3963
3964#define CERT_FILE_STORE_COMMIT_ENABLE_FLAG 0x10000
3965#define CERT_LDAP_STORE_SIGN_FLAG 0x10000
3966#define CERT_LDAP_STORE_AREC_EXCLUSIVE_FLAG 0x20000
3967#define CERT_LDAP_STORE_OPENED_FLAG 0x40000
3968
3969 typedef struct _CERT_LDAP_STORE_OPENED_PARA {
3970 void *pvLdapSessionHandle;
3971 LPCWSTR pwszLdapUrl;
3972 } CERT_LDAP_STORE_OPENED_PARA,*PCERT_LDAP_STORE_OPENED_PARA;
3973
3974#define CERT_LDAP_STORE_UNBIND_FLAG 0x80000
3975
3976WINIMPM HCERTSTORE WINAPI CertOpenStore (LPCSTR lpszStoreProvider, DWORD dwEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const void *pvPara);
3977
3978 typedef void *HCERTSTOREPROV;
3979
3980#define CRYPT_OID_OPEN_STORE_PROV_FUNC "CertDllOpenStoreProv"
3981
3982 typedef struct _CERT_STORE_PROV_INFO {
3983 DWORD cbSize;
3984 DWORD cStoreProvFunc;
3985 void **rgpvStoreProvFunc;
3986 HCERTSTOREPROV hStoreProv;
3987 DWORD dwStoreProvFlags;
3988 HCRYPTOIDFUNCADDR hStoreProvFuncAddr2;
3989 } CERT_STORE_PROV_INFO,*PCERT_STORE_PROV_INFO;
3990
3991 typedef WINBOOL (WINAPI *PFN_CERT_DLL_OPEN_STORE_PROV_FUNC) (LPCSTR lpszStoreProvider, DWORD dwEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const void *pvPara, HCERTSTORE hCertStore, PCERT_STORE_PROV_INFO pStoreProvInfo);
3992
3993#define CERT_STORE_PROV_EXTERNAL_FLAG 0x1
3994#define CERT_STORE_PROV_DELETED_FLAG 0x2
3995#define CERT_STORE_PROV_NO_PERSIST_FLAG 0x4
3996#define CERT_STORE_PROV_SYSTEM_STORE_FLAG 0x8
3997#define CERT_STORE_PROV_LM_SYSTEM_STORE_FLAG 0x10
3998#define CERT_STORE_PROV_GP_SYSTEM_STORE_FLAG 0x20
3999#define CERT_STORE_PROV_SHARED_USER_FLAG 0x40
4000
4001#define CERT_STORE_PROV_CLOSE_FUNC 0
4002#define CERT_STORE_PROV_READ_CERT_FUNC 1
4003#define CERT_STORE_PROV_WRITE_CERT_FUNC 2
4004#define CERT_STORE_PROV_DELETE_CERT_FUNC 3
4005#define CERT_STORE_PROV_SET_CERT_PROPERTY_FUNC 4
4006#define CERT_STORE_PROV_READ_CRL_FUNC 5
4007#define CERT_STORE_PROV_WRITE_CRL_FUNC 6
4008#define CERT_STORE_PROV_DELETE_CRL_FUNC 7
4009#define CERT_STORE_PROV_SET_CRL_PROPERTY_FUNC 8
4010#define CERT_STORE_PROV_READ_CTL_FUNC 9
4011#define CERT_STORE_PROV_WRITE_CTL_FUNC 10
4012#define CERT_STORE_PROV_DELETE_CTL_FUNC 11
4013#define CERT_STORE_PROV_SET_CTL_PROPERTY_FUNC 12
4014#define CERT_STORE_PROV_CONTROL_FUNC 13
4015#define CERT_STORE_PROV_FIND_CERT_FUNC 14
4016#define CERT_STORE_PROV_FREE_FIND_CERT_FUNC 15
4017#define CERT_STORE_PROV_GET_CERT_PROPERTY_FUNC 16
4018#define CERT_STORE_PROV_FIND_CRL_FUNC 17
4019#define CERT_STORE_PROV_FREE_FIND_CRL_FUNC 18
4020#define CERT_STORE_PROV_GET_CRL_PROPERTY_FUNC 19
4021#define CERT_STORE_PROV_FIND_CTL_FUNC 20
4022#define CERT_STORE_PROV_FREE_FIND_CTL_FUNC 21
4023#define CERT_STORE_PROV_GET_CTL_PROPERTY_FUNC 22
4024
4025#define CERT_STORE_PROV_WRITE_ADD_FLAG 0x1
4026
4027 typedef void (WINAPI *PFN_CERT_STORE_PROV_CLOSE) (HCERTSTOREPROV hStoreProv, DWORD dwFlags);
4028 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_READ_CERT) (HCERTSTOREPROV hStoreProv, PCCERT_CONTEXT pStoreCertContext, DWORD dwFlags, PCCERT_CONTEXT *ppProvCertContext);
4029 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_WRITE_CERT) (HCERTSTOREPROV hStoreProv, PCCERT_CONTEXT pCertContext, DWORD dwFlags);
4030 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_DELETE_CERT) (HCERTSTOREPROV hStoreProv, PCCERT_CONTEXT pCertContext, DWORD dwFlags);
4031 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_SET_CERT_PROPERTY) (HCERTSTOREPROV hStoreProv, PCCERT_CONTEXT pCertContext, DWORD dwPropId, DWORD dwFlags, const void *pvData);
4032 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_READ_CRL) (HCERTSTOREPROV hStoreProv, PCCRL_CONTEXT pStoreCrlContext, DWORD dwFlags, PCCRL_CONTEXT *ppProvCrlContext);
4033 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_WRITE_CRL) (HCERTSTOREPROV hStoreProv, PCCRL_CONTEXT pCrlContext, DWORD dwFlags);
4034 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_DELETE_CRL) (HCERTSTOREPROV hStoreProv, PCCRL_CONTEXT pCrlContext, DWORD dwFlags);
4035 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_SET_CRL_PROPERTY) (HCERTSTOREPROV hStoreProv, PCCRL_CONTEXT pCrlContext, DWORD dwPropId, DWORD dwFlags, const void *pvData);
4036 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_READ_CTL) (HCERTSTOREPROV hStoreProv, PCCTL_CONTEXT pStoreCtlContext, DWORD dwFlags, PCCTL_CONTEXT *ppProvCtlContext);
4037 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_WRITE_CTL) (HCERTSTOREPROV hStoreProv, PCCTL_CONTEXT pCtlContext, DWORD dwFlags);
4038 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_DELETE_CTL) (HCERTSTOREPROV hStoreProv, PCCTL_CONTEXT pCtlContext, DWORD dwFlags);
4039 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_SET_CTL_PROPERTY) (HCERTSTOREPROV hStoreProv, PCCTL_CONTEXT pCtlContext, DWORD dwPropId, DWORD dwFlags, const void *pvData);
4040 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_CONTROL) (HCERTSTOREPROV hStoreProv, DWORD dwFlags, DWORD dwCtrlType, void const *pvCtrlPara);
4041
4042 typedef struct _CERT_STORE_PROV_FIND_INFO {
4043 DWORD cbSize;
4044 DWORD dwMsgAndCertEncodingType;
4045 DWORD dwFindFlags;
4046 DWORD dwFindType;
4047 const void *pvFindPara;
4048 } CERT_STORE_PROV_FIND_INFO,*PCERT_STORE_PROV_FIND_INFO;
4049
4050 typedef const CERT_STORE_PROV_FIND_INFO CCERT_STORE_PROV_FIND_INFO,*PCCERT_STORE_PROV_FIND_INFO;
4051
4052 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_FIND_CERT) (HCERTSTOREPROV hStoreProv, PCCERT_STORE_PROV_FIND_INFO pFindInfo, PCCERT_CONTEXT pPrevCertContext, DWORD dwFlags, void **ppvStoreProvFindInfo, PCCERT_CONTEXT *ppProvCertContext);
4053 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_FREE_FIND_CERT) (HCERTSTOREPROV hStoreProv, PCCERT_CONTEXT pCertContext, void *pvStoreProvFindInfo, DWORD dwFlags);
4054 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_GET_CERT_PROPERTY) (HCERTSTOREPROV hStoreProv, PCCERT_CONTEXT pCertContext, DWORD dwPropId, DWORD dwFlags, void *pvData, DWORD *pcbData);
4055 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_FIND_CRL) (HCERTSTOREPROV hStoreProv, PCCERT_STORE_PROV_FIND_INFO pFindInfo, PCCRL_CONTEXT pPrevCrlContext, DWORD dwFlags, void **ppvStoreProvFindInfo, PCCRL_CONTEXT *ppProvCrlContext);
4056 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_FREE_FIND_CRL) (HCERTSTOREPROV hStoreProv, PCCRL_CONTEXT pCrlContext, void *pvStoreProvFindInfo, DWORD dwFlags);
4057 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_GET_CRL_PROPERTY) (HCERTSTOREPROV hStoreProv, PCCRL_CONTEXT pCrlContext, DWORD dwPropId, DWORD dwFlags, void *pvData, DWORD *pcbData);
4058 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_FIND_CTL) (HCERTSTOREPROV hStoreProv, PCCERT_STORE_PROV_FIND_INFO pFindInfo, PCCTL_CONTEXT pPrevCtlContext, DWORD dwFlags, void **ppvStoreProvFindInfo, PCCTL_CONTEXT *ppProvCtlContext);
4059 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_FREE_FIND_CTL) (HCERTSTOREPROV hStoreProv, PCCTL_CONTEXT pCtlContext, void *pvStoreProvFindInfo, DWORD dwFlags);
4060 typedef WINBOOL (WINAPI *PFN_CERT_STORE_PROV_GET_CTL_PROPERTY) (HCERTSTOREPROV hStoreProv, PCCTL_CONTEXT pCtlContext, DWORD dwPropId, DWORD dwFlags, void *pvData, DWORD *pcbData);
4061
4062 WINIMPM HCERTSTORE WINAPI CertDuplicateStore (HCERTSTORE hCertStore);
4063
4064#define CERT_STORE_SAVE_AS_STORE 1
4065#define CERT_STORE_SAVE_AS_PKCS7 2
4066#define CERT_STORE_SAVE_AS_PKCS12 3
4067
4068#define CERT_STORE_SAVE_TO_FILE 1
4069#define CERT_STORE_SAVE_TO_MEMORY 2
4070#define CERT_STORE_SAVE_TO_FILENAME_A 3
4071#define CERT_STORE_SAVE_TO_FILENAME_W 4
4072#define CERT_STORE_SAVE_TO_FILENAME CERT_STORE_SAVE_TO_FILENAME_W
4073
4074#define CERT_CLOSE_STORE_FORCE_FLAG 0x1
4075#define CERT_CLOSE_STORE_CHECK_FLAG 0x2
4076
4077 WINIMPM WINBOOL WINAPI CertSaveStore (HCERTSTORE hCertStore, DWORD dwEncodingType, DWORD dwSaveAs, DWORD dwSaveTo, void *pvSaveToPara, DWORD dwFlags);
4078 WINIMPM WINBOOL WINAPI CertCloseStore (HCERTSTORE hCertStore, DWORD dwFlags);
4079 WINIMPM PCCERT_CONTEXT WINAPI CertGetSubjectCertificateFromStore (HCERTSTORE hCertStore, DWORD dwCertEncodingType, PCERT_INFO pCertId);
4080 WINIMPM PCCERT_CONTEXT WINAPI CertEnumCertificatesInStore (HCERTSTORE hCertStore, PCCERT_CONTEXT pPrevCertContext);
4081 WINIMPM PCCERT_CONTEXT WINAPI CertFindCertificateInStore (HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFindFlags, DWORD dwFindType, const void *pvFindPara, PCCERT_CONTEXT pPrevCertContext);
4082
4083#define CERT_COMPARE_MASK 0xffff
4084#define CERT_COMPARE_SHIFT 16
4085#define CERT_COMPARE_ANY 0
4086#define CERT_COMPARE_SHA1_HASH 1
4087#define CERT_COMPARE_NAME 2
4088#define CERT_COMPARE_ATTR 3
4089#define CERT_COMPARE_MD5_HASH 4
4090#define CERT_COMPARE_PROPERTY 5
4091#define CERT_COMPARE_PUBLIC_KEY 6
4092#define CERT_COMPARE_HASH CERT_COMPARE_SHA1_HASH
4093#define CERT_COMPARE_NAME_STR_A 7
4094#define CERT_COMPARE_NAME_STR_W 8
4095#define CERT_COMPARE_KEY_SPEC 9
4096#define CERT_COMPARE_ENHKEY_USAGE 10
4097#define CERT_COMPARE_CTL_USAGE CERT_COMPARE_ENHKEY_USAGE
4098#define CERT_COMPARE_SUBJECT_CERT 11
4099#define CERT_COMPARE_ISSUER_OF 12
4100#define CERT_COMPARE_EXISTING 13
4101#define CERT_COMPARE_SIGNATURE_HASH 14
4102#define CERT_COMPARE_KEY_IDENTIFIER 15
4103#define CERT_COMPARE_CERT_ID 16
4104#define CERT_COMPARE_CROSS_CERT_DIST_POINTS 17
4105#define CERT_COMPARE_PUBKEY_MD5_HASH 18
4106#define CERT_COMPARE_SUBJECT_INFO_ACCESS 19
4107#define CERT_COMPARE_HASH_STR 20
4108#define CERT_COMPARE_HAS_PRIVATE_KEY 21
4109
4110#define CERT_FIND_ANY (CERT_COMPARE_ANY << CERT_COMPARE_SHIFT)
4111#define CERT_FIND_SHA1_HASH (CERT_COMPARE_SHA1_HASH << CERT_COMPARE_SHIFT)
4112#define CERT_FIND_MD5_HASH (CERT_COMPARE_MD5_HASH << CERT_COMPARE_SHIFT)
4113#define CERT_FIND_SIGNATURE_HASH (CERT_COMPARE_SIGNATURE_HASH << CERT_COMPARE_SHIFT)
4114#define CERT_FIND_KEY_IDENTIFIER (CERT_COMPARE_KEY_IDENTIFIER << CERT_COMPARE_SHIFT)
4115#define CERT_FIND_HASH CERT_FIND_SHA1_HASH
4116#define CERT_FIND_PROPERTY (CERT_COMPARE_PROPERTY << CERT_COMPARE_SHIFT)
4117#define CERT_FIND_PUBLIC_KEY (CERT_COMPARE_PUBLIC_KEY << CERT_COMPARE_SHIFT)
4118#define CERT_FIND_SUBJECT_NAME (CERT_COMPARE_NAME << CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
4119#define CERT_FIND_SUBJECT_ATTR (CERT_COMPARE_ATTR << CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
4120#define CERT_FIND_ISSUER_NAME (CERT_COMPARE_NAME << CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
4121#define CERT_FIND_ISSUER_ATTR (CERT_COMPARE_ATTR << CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
4122#define CERT_FIND_SUBJECT_STR_A (CERT_COMPARE_NAME_STR_A << CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
4123#define CERT_FIND_SUBJECT_STR_W (CERT_COMPARE_NAME_STR_W << CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
4124#define CERT_FIND_SUBJECT_STR CERT_FIND_SUBJECT_STR_W
4125#define CERT_FIND_ISSUER_STR_A (CERT_COMPARE_NAME_STR_A << CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
4126#define CERT_FIND_ISSUER_STR_W (CERT_COMPARE_NAME_STR_W << CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
4127#define CERT_FIND_ISSUER_STR CERT_FIND_ISSUER_STR_W
4128#define CERT_FIND_KEY_SPEC (CERT_COMPARE_KEY_SPEC << CERT_COMPARE_SHIFT)
4129#define CERT_FIND_ENHKEY_USAGE (CERT_COMPARE_ENHKEY_USAGE << CERT_COMPARE_SHIFT)
4130#define CERT_FIND_CTL_USAGE CERT_FIND_ENHKEY_USAGE
4131#define CERT_FIND_SUBJECT_CERT (CERT_COMPARE_SUBJECT_CERT << CERT_COMPARE_SHIFT)
4132#define CERT_FIND_ISSUER_OF (CERT_COMPARE_ISSUER_OF << CERT_COMPARE_SHIFT)
4133#define CERT_FIND_EXISTING (CERT_COMPARE_EXISTING << CERT_COMPARE_SHIFT)
4134#define CERT_FIND_CERT_ID (CERT_COMPARE_CERT_ID << CERT_COMPARE_SHIFT)
4135#define CERT_FIND_CROSS_CERT_DIST_POINTS (CERT_COMPARE_CROSS_CERT_DIST_POINTS << CERT_COMPARE_SHIFT)
4136#define CERT_FIND_PUBKEY_MD5_HASH (CERT_COMPARE_PUBKEY_MD5_HASH << CERT_COMPARE_SHIFT)
4137#define CERT_FIND_SUBJECT_INFO_ACCESS (CERT_COMPARE_SUBJECT_INFO_ACCESS << CERT_COMPARE_SHIFT)
4138#define CERT_FIND_HASH_STR (CERT_COMPARE_HASH_STR << CERT_COMPARE_SHIFT)
4139#define CERT_FIND_HAS_PRIVATE_KEY (CERT_COMPARE_HAS_PRIVATE_KEY << CERT_COMPARE_SHIFT)
4140
4141#define CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG 0x1
4142#define CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG 0x2
4143#define CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG 0x4
4144#define CERT_FIND_NO_ENHKEY_USAGE_FLAG 0x8
4145#define CERT_FIND_OR_ENHKEY_USAGE_FLAG 0x10
4146#define CERT_FIND_VALID_ENHKEY_USAGE_FLAG 0x20
4147
4148#define CERT_FIND_OPTIONAL_CTL_USAGE_FLAG CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG
4149#define CERT_FIND_EXT_ONLY_CTL_USAGE_FLAG CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG
4150#define CERT_FIND_PROP_ONLY_CTL_USAGE_FLAG CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG
4151#define CERT_FIND_NO_CTL_USAGE_FLAG CERT_FIND_NO_ENHKEY_USAGE_FLAG
4152#define CERT_FIND_OR_CTL_USAGE_FLAG CERT_FIND_OR_ENHKEY_USAGE_FLAG
4153#define CERT_FIND_VALID_CTL_USAGE_FLAG CERT_FIND_VALID_ENHKEY_USAGE_FLAG
4154
4155 WINIMPM PCCERT_CONTEXT WINAPI CertGetIssuerCertificateFromStore (HCERTSTORE hCertStore, PCCERT_CONTEXT pSubjectContext, PCCERT_CONTEXT pPrevIssuerContext, DWORD *pdwFlags);
4156 WINIMPM WINBOOL WINAPI CertVerifySubjectCertificateContext (PCCERT_CONTEXT pSubject, PCCERT_CONTEXT pIssuer, DWORD *pdwFlags);
4157 WINIMPM PCCERT_CONTEXT WINAPI CertDuplicateCertificateContext (PCCERT_CONTEXT pCertContext);
4158 WINIMPM PCCERT_CONTEXT WINAPI CertCreateCertificateContext (DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded);
4159 WINIMPM WINBOOL WINAPI CertFreeCertificateContext (PCCERT_CONTEXT pCertContext);
4160 WINIMPM WINBOOL WINAPI CertSetCertificateContextProperty (PCCERT_CONTEXT pCertContext, DWORD dwPropId, DWORD dwFlags, const void *pvData);
4161
4162 typedef struct _CRL_FIND_ISSUED_FOR_PARA {
4163 PCCERT_CONTEXT pSubjectCert;
4164 PCCERT_CONTEXT pIssuerCert;
4165 } CRL_FIND_ISSUED_FOR_PARA,*PCRL_FIND_ISSUED_FOR_PARA;
4166
4167 typedef struct _CTL_ANY_SUBJECT_INFO {
4168 CRYPT_ALGORITHM_IDENTIFIER SubjectAlgorithm;
4169 CRYPT_DATA_BLOB SubjectIdentifier;
4170 } CTL_ANY_SUBJECT_INFO,*PCTL_ANY_SUBJECT_INFO;
4171
4172#define CERT_SET_PROPERTY_INHIBIT_PERSIST_FLAG 0x40000000
4173#define CERT_SET_PROPERTY_IGNORE_PERSIST_ERROR_FLAG 0x80000000
4174
4175#define CTL_ENTRY_FROM_PROP_CHAIN_FLAG 0x1
4176
4177#define CRL_FIND_ANY 0
4178#define CRL_FIND_ISSUED_BY 1
4179#define CRL_FIND_EXISTING 2
4180#define CRL_FIND_ISSUED_FOR 3
4181
4182#define CRL_FIND_ISSUED_BY_AKI_FLAG 0x1
4183#define CRL_FIND_ISSUED_BY_SIGNATURE_FLAG 0x2
4184#define CRL_FIND_ISSUED_BY_DELTA_FLAG 0x4
4185#define CRL_FIND_ISSUED_BY_BASE_FLAG 0x8
4186#define CRL_FIND_ISSUED_FOR_SET_STRONG_PROPERTIES_FLAG 0x10
4187
4188#define CERT_STORE_ADD_NEW 1
4189#define CERT_STORE_ADD_USE_EXISTING 2
4190#define CERT_STORE_ADD_REPLACE_EXISTING 3
4191#define CERT_STORE_ADD_ALWAYS 4
4192#define CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES 5
4193#define CERT_STORE_ADD_NEWER 6
4194#define CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES 7
4195
4196#define CERT_STORE_CERTIFICATE_CONTEXT 1
4197#define CERT_STORE_CRL_CONTEXT 2
4198#define CERT_STORE_CTL_CONTEXT 3
4199
4200#define CERT_STORE_ALL_CONTEXT_FLAG (~__MSABI_LONG(0U))
4201#define CERT_STORE_CERTIFICATE_CONTEXT_FLAG (1 << CERT_STORE_CERTIFICATE_CONTEXT)
4202#define CERT_STORE_CRL_CONTEXT_FLAG (1 << CERT_STORE_CRL_CONTEXT)
4203#define CERT_STORE_CTL_CONTEXT_FLAG (1 << CERT_STORE_CTL_CONTEXT)
4204
4205#define CTL_ANY_SUBJECT_TYPE 1
4206#define CTL_CERT_SUBJECT_TYPE 2
4207
4208 WINIMPM PCCRL_CONTEXT WINAPI CertEnumCRLsInStore (HCERTSTORE hCertStore, PCCRL_CONTEXT pPrevCrlContext);
4209 WINIMPM WINBOOL WINAPI CertDeleteCRLFromStore (PCCRL_CONTEXT pCrlContext);
4210 WINIMPM PCCRL_CONTEXT WINAPI CertDuplicateCRLContext (PCCRL_CONTEXT pCrlContext);
4211 WINIMPM PCCRL_CONTEXT WINAPI CertFindCRLInStore (HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFindFlags, DWORD dwFindType, const void *pvFindPara, PCCRL_CONTEXT pPrevCrlContext);
4212 WINIMPM WINBOOL WINAPI CertFreeCRLContext (PCCRL_CONTEXT pCrlContext);
4213
4214#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP) || _WIN32_WINNT >= 0x0A00
4215 WINIMPM WINBOOL WINAPI CertGetCertificateContextProperty (PCCERT_CONTEXT pCertContext, DWORD dwPropId, void *pvData, DWORD *pcbData);
4216 WINIMPM DWORD WINAPI CertEnumCertificateContextProperties (PCCERT_CONTEXT pCertContext, DWORD dwPropId);
4217 WINIMPM WINBOOL WINAPI CertDeleteCertificateFromStore (PCCERT_CONTEXT pCertContext);
4218#endif
4219
4220#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP)
4221 WINIMPM WINBOOL WINAPI CertCreateCTLEntryFromCertificateContextProperties (PCCERT_CONTEXT pCertContext, DWORD cOptAttr, PCRYPT_ATTRIBUTE rgOptAttr, DWORD dwFlags, void *pvReserved, PCTL_ENTRY pCtlEntry, DWORD *pcbCtlEntry);
4222 WINIMPM WINBOOL WINAPI CertSetCertificateContextPropertiesFromCTLEntry (PCCERT_CONTEXT pCertContext, PCTL_ENTRY pCtlEntry, DWORD dwFlags);
4223 WINIMPM PCCRL_CONTEXT WINAPI CertGetCRLFromStore (HCERTSTORE hCertStore, PCCERT_CONTEXT pIssuerContext, PCCRL_CONTEXT pPrevCrlContext, DWORD *pdwFlags);
4224 WINIMPM PCCRL_CONTEXT WINAPI CertCreateCRLContext (DWORD dwCertEncodingType, const BYTE *pbCrlEncoded, DWORD cbCrlEncoded);
4225 WINIMPM WINBOOL WINAPI CertSetCRLContextProperty (PCCRL_CONTEXT pCrlContext, DWORD dwPropId, DWORD dwFlags, const void *pvData);
4226 WINIMPM WINBOOL WINAPI CertGetCRLContextProperty (PCCRL_CONTEXT pCrlContext, DWORD dwPropId, void *pvData, DWORD *pcbData);
4227 WINIMPM DWORD WINAPI CertEnumCRLContextProperties (PCCRL_CONTEXT pCrlContext, DWORD dwPropId);
4228 WINIMPM WINBOOL WINAPI CertFindCertificateInCRL (PCCERT_CONTEXT pCert, PCCRL_CONTEXT pCrlContext, DWORD dwFlags, void *pvReserved, PCRL_ENTRY *ppCrlEntry);
4229 WINIMPM WINBOOL WINAPI CertIsValidCRLForCertificate (PCCERT_CONTEXT pCert, PCCRL_CONTEXT pCrl, DWORD dwFlags, void *pvReserved);
4230 WINIMPM WINBOOL WINAPI CertAddEncodedCertificateToStore (HCERTSTORE hCertStore, DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded, DWORD dwAddDisposition, PCCERT_CONTEXT *ppCertContext);
4231 WINIMPM WINBOOL WINAPI CertAddCertificateContextToStore (HCERTSTORE hCertStore, PCCERT_CONTEXT pCertContext, DWORD dwAddDisposition, PCCERT_CONTEXT *ppStoreContext);
4232 WINIMPM WINBOOL WINAPI CertAddSerializedElementToStore (HCERTSTORE hCertStore, const BYTE *pbElement, DWORD cbElement, DWORD dwAddDisposition, DWORD dwFlags, DWORD dwContextTypeFlags, DWORD *pdwContextType, const void **ppvContext);
4233 WINIMPM WINBOOL WINAPI CertAddEncodedCRLToStore (HCERTSTORE hCertStore, DWORD dwCertEncodingType, const BYTE *pbCrlEncoded, DWORD cbCrlEncoded, DWORD dwAddDisposition, PCCRL_CONTEXT *ppCrlContext);
4234 WINIMPM WINBOOL WINAPI CertAddCRLContextToStore (HCERTSTORE hCertStore, PCCRL_CONTEXT pCrlContext, DWORD dwAddDisposition, PCCRL_CONTEXT *ppStoreContext);
4235 WINIMPM WINBOOL WINAPI CertSerializeCertificateStoreElement (PCCERT_CONTEXT pCertContext, DWORD dwFlags, BYTE *pbElement, DWORD *pcbElement);
4236 WINIMPM WINBOOL WINAPI CertSerializeCRLStoreElement (PCCRL_CONTEXT pCrlContext, DWORD dwFlags, BYTE *pbElement, DWORD *pcbElement);
4237 WINIMPM PCCTL_CONTEXT WINAPI CertDuplicateCTLContext (PCCTL_CONTEXT pCtlContext);
4238 WINIMPM PCCTL_CONTEXT WINAPI CertCreateCTLContext (DWORD dwMsgAndCertEncodingType, const BYTE *pbCtlEncoded, DWORD cbCtlEncoded);
4239 WINIMPM WINBOOL WINAPI CertFreeCTLContext (PCCTL_CONTEXT pCtlContext);
4240 WINIMPM WINBOOL WINAPI CertSetCTLContextProperty (PCCTL_CONTEXT pCtlContext, DWORD dwPropId, DWORD dwFlags, const void *pvData);
4241 WINIMPM WINBOOL WINAPI CertGetCTLContextProperty (PCCTL_CONTEXT pCtlContext, DWORD dwPropId, void *pvData, DWORD *pcbData);
4242 WINIMPM DWORD WINAPI CertEnumCTLContextProperties (PCCTL_CONTEXT pCtlContext, DWORD dwPropId);
4243 WINIMPM PCCTL_CONTEXT WINAPI CertEnumCTLsInStore (HCERTSTORE hCertStore, PCCTL_CONTEXT pPrevCtlContext);
4244 WINIMPM PCTL_ENTRY WINAPI CertFindSubjectInCTL (DWORD dwEncodingType, DWORD dwSubjectType, void *pvSubject, PCCTL_CONTEXT pCtlContext, DWORD dwFlags);
4245 WINIMPM PCCTL_CONTEXT WINAPI CertFindCTLInStore (HCERTSTORE hCertStore, DWORD dwMsgAndCertEncodingType, DWORD dwFindFlags, DWORD dwFindType, const void *pvFindPara, PCCTL_CONTEXT pPrevCtlContext);
4246
4247#define CTL_FIND_ANY 0
4248#define CTL_FIND_SHA1_HASH 1
4249#define CTL_FIND_MD5_HASH 2
4250#define CTL_FIND_USAGE 3
4251#define CTL_FIND_SUBJECT 4
4252#define CTL_FIND_EXISTING 5
4253
4254#define CTL_FIND_SAME_USAGE_FLAG 0x1
4255
4256#define CTL_FIND_NO_LIST_ID_CBDATA 0xffffffff
4257#define CTL_FIND_NO_SIGNER_PTR ((PCERT_INFO) -1)
4258
4259#define CERT_STORE_CTRL_RESYNC 1
4260#define CERT_STORE_CTRL_NOTIFY_CHANGE 2
4261#define CERT_STORE_CTRL_COMMIT 3
4262#define CERT_STORE_CTRL_AUTO_RESYNC 4
4263#define CERT_STORE_CTRL_CANCEL_NOTIFY 5
4264
4265#define CERT_STORE_CTRL_INHIBIT_DUPLICATE_HANDLE_FLAG 0x1
4266
4267#define CERT_STORE_CTRL_COMMIT_FORCE_FLAG 0x1
4268#define CERT_STORE_CTRL_COMMIT_CLEAR_FLAG 0x2
4269
4270#define CERT_STORE_LOCALIZED_NAME_PROP_ID 0x1000
4271
4272#define CERT_CREATE_CONTEXT_NOCOPY_FLAG 0x1
4273#define CERT_CREATE_CONTEXT_SORTED_FLAG 0x2
4274#define CERT_CREATE_CONTEXT_NO_HCRYPTMSG_FLAG 0x4
4275#define CERT_CREATE_CONTEXT_NO_ENTRY_FLAG 0x8
4276
4277#define CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG 0x1
4278#define CERT_PHYSICAL_STORE_OPEN_DISABLE_FLAG 0x2
4279#define CERT_PHYSICAL_STORE_REMOTE_OPEN_DISABLE_FLAG 0x4
4280#define CERT_PHYSICAL_STORE_INSERT_COMPUTER_NAME_ENABLE_FLAG 0x8
4281
4282 typedef struct _CTL_FIND_USAGE_PARA {
4283 DWORD cbSize;
4284 CTL_USAGE SubjectUsage;
4285 CRYPT_DATA_BLOB ListIdentifier;
4286 PCERT_INFO pSigner;
4287 } CTL_FIND_USAGE_PARA,*PCTL_FIND_USAGE_PARA;
4288
4289 typedef struct _CTL_FIND_SUBJECT_PARA {
4290 DWORD cbSize;
4291 PCTL_FIND_USAGE_PARA pUsagePara;
4292 DWORD dwSubjectType;
4293 void *pvSubject;
4294 } CTL_FIND_SUBJECT_PARA,*PCTL_FIND_SUBJECT_PARA;
4295
4296 typedef WINBOOL (WINAPI *PFN_CERT_CREATE_CONTEXT_SORT_FUNC) (DWORD cbTotalEncoded, DWORD cbRemainEncoded, DWORD cEntry, void *pvSort);
4297
4298 typedef struct _CERT_CREATE_CONTEXT_PARA {
4299 DWORD cbSize;
4300 PFN_CRYPT_FREE pfnFree;
4301 void *pvFree;
4302 PFN_CERT_CREATE_CONTEXT_SORT_FUNC pfnSort;
4303 void *pvSort;
4304 } CERT_CREATE_CONTEXT_PARA,*PCERT_CREATE_CONTEXT_PARA;
4305
4306 typedef struct _CERT_SYSTEM_STORE_INFO {
4307 DWORD cbSize;
4308 } CERT_SYSTEM_STORE_INFO,*PCERT_SYSTEM_STORE_INFO;
4309
4310 typedef struct _CERT_PHYSICAL_STORE_INFO {
4311 DWORD cbSize;
4312 LPSTR pszOpenStoreProvider;
4313 DWORD dwOpenEncodingType;
4314 DWORD dwOpenFlags;
4315 CRYPT_DATA_BLOB OpenParameters;
4316 DWORD dwFlags;
4317 DWORD dwPriority;
4318 } CERT_PHYSICAL_STORE_INFO,*PCERT_PHYSICAL_STORE_INFO;
4319
4320 WINIMPM WINBOOL WINAPI CertAddEncodedCTLToStore (HCERTSTORE hCertStore, DWORD dwMsgAndCertEncodingType, const BYTE *pbCtlEncoded, DWORD cbCtlEncoded, DWORD dwAddDisposition, PCCTL_CONTEXT *ppCtlContext);
4321 WINIMPM WINBOOL WINAPI CertAddCTLContextToStore (HCERTSTORE hCertStore, PCCTL_CONTEXT pCtlContext, DWORD dwAddDisposition, PCCTL_CONTEXT *ppStoreContext);
4322 WINIMPM WINBOOL WINAPI CertSerializeCTLStoreElement (PCCTL_CONTEXT pCtlContext, DWORD dwFlags, BYTE *pbElement, DWORD *pcbElement);
4323 WINIMPM WINBOOL WINAPI CertDeleteCTLFromStore (PCCTL_CONTEXT pCtlContext);
4324 WINIMPM WINBOOL WINAPI CertAddCertificateLinkToStore (HCERTSTORE hCertStore, PCCERT_CONTEXT pCertContext, DWORD dwAddDisposition, PCCERT_CONTEXT *ppStoreContext);
4325 WINIMPM WINBOOL WINAPI CertAddCRLLinkToStore (HCERTSTORE hCertStore, PCCRL_CONTEXT pCrlContext, DWORD dwAddDisposition, PCCRL_CONTEXT *ppStoreContext);
4326 WINIMPM WINBOOL WINAPI CertAddCTLLinkToStore (HCERTSTORE hCertStore, PCCTL_CONTEXT pCtlContext, DWORD dwAddDisposition, PCCTL_CONTEXT *ppStoreContext);
4327 WINIMPM WINBOOL WINAPI CertAddStoreToCollection (HCERTSTORE hCollectionStore, HCERTSTORE hSiblingStore, DWORD dwUpdateFlags, DWORD dwPriority);
4328 WINIMPM void WINAPI CertRemoveStoreFromCollection (HCERTSTORE hCollectionStore, HCERTSTORE hSiblingStore);
4329 WINIMPM WINBOOL WINAPI CertControlStore (HCERTSTORE hCertStore, DWORD dwFlags, DWORD dwCtrlType, void const *pvCtrlPara);
4330 WINIMPM WINBOOL WINAPI CertSetStoreProperty (HCERTSTORE hCertStore, DWORD dwPropId, DWORD dwFlags, const void *pvData);
4331 WINIMPM WINBOOL WINAPI CertGetStoreProperty (HCERTSTORE hCertStore, DWORD dwPropId, void *pvData, DWORD *pcbData);
4332 WINIMPM const void *WINAPI CertCreateContext (DWORD dwContextType, DWORD dwEncodingType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, PCERT_CREATE_CONTEXT_PARA pCreatePara);
4333 WINIMPM WINBOOL WINAPI CertRegisterSystemStore (const void *pvSystemStore, DWORD dwFlags, PCERT_SYSTEM_STORE_INFO pStoreInfo, void *pvReserved);
4334 WINIMPM WINBOOL WINAPI CertRegisterPhysicalStore (const void *pvSystemStore, DWORD dwFlags, LPCWSTR pwszStoreName, PCERT_PHYSICAL_STORE_INFO pStoreInfo, void *pvReserved);
4335 WINIMPM WINBOOL WINAPI CertUnregisterSystemStore (const void *pvSystemStore, DWORD dwFlags);
4336 WINIMPM WINBOOL WINAPI CertUnregisterPhysicalStore (const void *pvSystemStore, DWORD dwFlags, LPCWSTR pwszStoreName);
4337
4338 typedef WINBOOL (WINAPI *PFN_CERT_ENUM_SYSTEM_STORE_LOCATION) (LPCWSTR pwszStoreLocation, DWORD dwFlags, void *pvReserved, void *pvArg);
4339 typedef WINBOOL (WINAPI *PFN_CERT_ENUM_SYSTEM_STORE) (const void *pvSystemStore, DWORD dwFlags, PCERT_SYSTEM_STORE_INFO pStoreInfo, void *pvReserved, void *pvArg);
4340 typedef WINBOOL (WINAPI *PFN_CERT_ENUM_PHYSICAL_STORE) (const void *pvSystemStore, DWORD dwFlags, LPCWSTR pwszStoreName, PCERT_PHYSICAL_STORE_INFO pStoreInfo, void *pvReserved, void *pvArg);
4341
4342#define CERT_PHYSICAL_STORE_PREDEFINED_ENUM_FLAG 0x1
4343
4344#define CERT_PHYSICAL_STORE_DEFAULT_NAME L".Default"
4345#define CERT_PHYSICAL_STORE_GROUP_POLICY_NAME L".GroupPolicy"
4346#define CERT_PHYSICAL_STORE_LOCAL_MACHINE_NAME L".LocalMachine"
4347#define CERT_PHYSICAL_STORE_DS_USER_CERTIFICATE_NAME L".UserCertificate"
4348#define CERT_PHYSICAL_STORE_LOCAL_MACHINE_GROUP_POLICY_NAME L".LocalMachineGroupPolicy"
4349#define CERT_PHYSICAL_STORE_ENTERPRISE_NAME L".Enterprise"
4350#define CERT_PHYSICAL_STORE_AUTH_ROOT_NAME L".AuthRoot"
4351#define CERT_PHYSICAL_STORE_SMART_CARD_NAME L".SmartCard"
4352
4353 WINIMPM WINBOOL WINAPI CertEnumSystemStoreLocation (DWORD dwFlags, void *pvArg, PFN_CERT_ENUM_SYSTEM_STORE_LOCATION pfnEnum);
4354 WINIMPM WINBOOL WINAPI CertEnumSystemStore (DWORD dwFlags, void *pvSystemStoreLocationPara, void *pvArg, PFN_CERT_ENUM_SYSTEM_STORE pfnEnum);
4355 WINIMPM WINBOOL WINAPI CertEnumPhysicalStore (const void *pvSystemStore, DWORD dwFlags, void *pvArg, PFN_CERT_ENUM_PHYSICAL_STORE pfnEnum);
4356
4357#define CRYPT_OID_OPEN_SYSTEM_STORE_PROV_FUNC "CertDllOpenSystemStoreProv"
4358#define CRYPT_OID_REGISTER_SYSTEM_STORE_FUNC "CertDllRegisterSystemStore"
4359#define CRYPT_OID_UNREGISTER_SYSTEM_STORE_FUNC "CertDllUnregisterSystemStore"
4360#define CRYPT_OID_ENUM_SYSTEM_STORE_FUNC "CertDllEnumSystemStore"
4361#define CRYPT_OID_REGISTER_PHYSICAL_STORE_FUNC "CertDllRegisterPhysicalStore"
4362#define CRYPT_OID_UNREGISTER_PHYSICAL_STORE_FUNC "CertDllUnregisterPhysicalStore"
4363#define CRYPT_OID_ENUM_PHYSICAL_STORE_FUNC "CertDllEnumPhysicalStore"
4364#define CRYPT_OID_SYSTEM_STORE_LOCATION_VALUE_NAME L"SystemStoreLocation"
4365
4366#define CMSG_TRUSTED_SIGNER_FLAG 0x1
4367#define CMSG_SIGNER_ONLY_FLAG 0x2
4368#define CMSG_USE_SIGNER_INDEX_FLAG 0x4
4369#define CMSG_CMS_ENCAPSULATED_CTL_FLAG 0x8000
4370
4371#define CMSG_ENCODE_SORTED_CTL_FLAG 0x1
4372#define CMSG_ENCODE_HASHED_SUBJECT_IDENTIFIER_FLAG 0x2
4373
4374 WINIMPM WINBOOL WINAPI CertGetEnhancedKeyUsage (PCCERT_CONTEXT pCertContext, DWORD dwFlags, PCERT_ENHKEY_USAGE pUsage, DWORD *pcbUsage);
4375 WINIMPM WINBOOL WINAPI CertSetEnhancedKeyUsage (PCCERT_CONTEXT pCertContext, PCERT_ENHKEY_USAGE pUsage);
4376 WINIMPM WINBOOL WINAPI CertAddEnhancedKeyUsageIdentifier (PCCERT_CONTEXT pCertContext, LPCSTR pszUsageIdentifier);
4377 WINIMPM WINBOOL WINAPI CertRemoveEnhancedKeyUsageIdentifier (PCCERT_CONTEXT pCertContext, LPCSTR pszUsageIdentifier);
4378 WINIMPM WINBOOL WINAPI CertGetValidUsages (DWORD cCerts, PCCERT_CONTEXT *rghCerts, int *cNumOIDs, LPSTR *rghOIDs, DWORD *pcbOIDs);
4379 WINIMPM WINBOOL WINAPI CryptMsgGetAndVerifySigner (HCRYPTMSG hCryptMsg, DWORD cSignerStore, HCERTSTORE *rghSignerStore, DWORD dwFlags, PCCERT_CONTEXT *ppSigner, DWORD *pdwSignerIndex);
4380 WINIMPM WINBOOL WINAPI CryptMsgSignCTL (DWORD dwMsgEncodingType, BYTE *pbCtlContent, DWORD cbCtlContent, PCMSG_SIGNED_ENCODE_INFO pSignInfo, DWORD dwFlags, BYTE *pbEncoded, DWORD *pcbEncoded);
4381 WINIMPM WINBOOL WINAPI CryptMsgEncodeAndSignCTL (DWORD dwMsgEncodingType, PCTL_INFO pCtlInfo, PCMSG_SIGNED_ENCODE_INFO pSignInfo, DWORD dwFlags, BYTE *pbEncoded, DWORD *pcbEncoded);
4382 WINIMPM WINBOOL WINAPI CertFindSubjectInSortedCTL (PCRYPT_DATA_BLOB pSubjectIdentifier, PCCTL_CONTEXT pCtlContext, DWORD dwFlags, void *pvReserved, PCRYPT_DER_BLOB pEncodedAttributes);
4383 WINIMPM WINBOOL WINAPI CertEnumSubjectInSortedCTL (PCCTL_CONTEXT pCtlContext, void **ppvNextSubject, PCRYPT_DER_BLOB pSubjectIdentifier, PCRYPT_DER_BLOB pEncodedAttributes);
4384
4385 typedef struct _CTL_VERIFY_USAGE_PARA {
4386 DWORD cbSize;
4387 CRYPT_DATA_BLOB ListIdentifier;
4388 DWORD cCtlStore;
4389 HCERTSTORE *rghCtlStore;
4390 DWORD cSignerStore;
4391 HCERTSTORE *rghSignerStore;
4392 } CTL_VERIFY_USAGE_PARA,*PCTL_VERIFY_USAGE_PARA;
4393
4394 typedef struct _CTL_VERIFY_USAGE_STATUS {
4395 DWORD cbSize;
4396 DWORD dwError;
4397 DWORD dwFlags;
4398 PCCTL_CONTEXT *ppCtl;
4399 DWORD dwCtlEntryIndex;
4400 PCCERT_CONTEXT *ppSigner;
4401 DWORD dwSignerIndex;
4402 } CTL_VERIFY_USAGE_STATUS,*PCTL_VERIFY_USAGE_STATUS;
4403
4404#define CERT_VERIFY_INHIBIT_CTL_UPDATE_FLAG 0x1
4405#define CERT_VERIFY_TRUSTED_SIGNERS_FLAG 0x2
4406#define CERT_VERIFY_NO_TIME_CHECK_FLAG 0x4
4407#define CERT_VERIFY_ALLOW_MORE_USAGE_FLAG 0x8
4408
4409#define CERT_VERIFY_UPDATED_CTL_FLAG 0x1
4410
4411 WINIMPM WINBOOL WINAPI CertVerifyCTLUsage (DWORD dwEncodingType, DWORD dwSubjectType, void *pvSubject, PCTL_USAGE pSubjectUsage, DWORD dwFlags, PCTL_VERIFY_USAGE_PARA pVerifyUsagePara, PCTL_VERIFY_USAGE_STATUS pVerifyUsageStatus);
4412
4413 typedef struct _CERT_REVOCATION_CRL_INFO {
4414 DWORD cbSize;
4415 PCCRL_CONTEXT pBaseCrlContext;
4416 PCCRL_CONTEXT pDeltaCrlContext;
4417 PCRL_ENTRY pCrlEntry;
4418 WINBOOL fDeltaCrlEntry;
4419 } CERT_REVOCATION_CRL_INFO,*PCERT_REVOCATION_CRL_INFO;
4420
4421 typedef struct _CERT_REVOCATION_CHAIN_PARA CERT_REVOCATION_CHAIN_PARA,*PCERT_REVOCATION_CHAIN_PARA;
4422
4423 typedef struct _CERT_REVOCATION_PARA {
4424 DWORD cbSize;
4425 PCCERT_CONTEXT pIssuerCert;
4426 DWORD cCertStore;
4427 HCERTSTORE *rgCertStore;
4428 HCERTSTORE hCrlStore;
4429 LPFILETIME pftTimeToUse;
4430#ifdef CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
4431 DWORD dwUrlRetrievalTimeout;
4432 WINBOOL fCheckFreshnessTime;
4433 DWORD dwFreshnessTime;
4434 LPFILETIME pftCurrentTime;
4435 PCERT_REVOCATION_CRL_INFO pCrlInfo;
4436 LPFILETIME pftCacheResync;
4437 PCERT_REVOCATION_CHAIN_PARA pChainPara;
4438#endif
4439 } CERT_REVOCATION_PARA,*PCERT_REVOCATION_PARA;
4440
4441 typedef struct _CERT_REVOCATION_STATUS {
4442 DWORD cbSize;
4443 DWORD dwIndex;
4444 DWORD dwError;
4445 DWORD dwReason;
4446 WINBOOL fHasFreshnessTime;
4447 DWORD dwFreshnessTime;
4448 } CERT_REVOCATION_STATUS,*PCERT_REVOCATION_STATUS;
4449
4450#define CERT_CONTEXT_REVOCATION_TYPE 1
4451
4452#define CERT_VERIFY_REV_CHAIN_FLAG 0x1
4453#define CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION 0x2
4454#define CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG 0x4
4455#define CERT_VERIFY_REV_SERVER_OCSP_FLAG 0x8
4456#define CERT_VERIFY_REV_NO_OCSP_FAILOVER_TO_CRL_FLAG 0x10
4457
4458#define CERT_UNICODE_IS_RDN_ATTRS_FLAG 0x1
4459#define CERT_CASE_INSENSITIVE_IS_RDN_ATTRS_FLAG 0x2
4460
4461#define CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB 1
4462#define CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT 2
4463#define CRYPT_VERIFY_CERT_SIGN_SUBJECT_CRL 3
4464#define CRYPT_VERIFY_CERT_SIGN_SUBJECT_OCSP_BASIC_SIGNED_RESPONSE 4
4465
4466#define CRYPT_VERIFY_CERT_SIGN_ISSUER_PUBKEY 1
4467#define CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT 2
4468#define CRYPT_VERIFY_CERT_SIGN_ISSUER_CHAIN 3
4469#define CRYPT_VERIFY_CERT_SIGN_ISSUER_NULL 4
4470
4471#define CRYPT_VERIFY_CERT_SIGN_DISABLE_MD2_MD4_FLAG 0x1
4472#define CRYPT_VERIFY_CERT_SIGN_SET_STRONG_PROPERTIES_FLAG 0x2
4473#define CRYPT_VERIFY_CERT_SIGN_RETURN_STRONG_PROPERTIES_FLAG 0x4
4474
4475#define CRYPT_OID_EXTRACT_ENCODED_SIGNATURE_PARAMETERS_FUNC "CryptDllExtractEncodedSignatureParameters"
4476#define CRYPT_OID_SIGN_AND_ENCODE_HASH_FUNC "CryptDllSignAndEncodeHash"
4477#define CRYPT_OID_VERIFY_ENCODED_SIGNATURE_FUNC "CryptDllVerifyEncodedSignature"
4478
4479#define CRYPT_DEFAULT_CONTEXT_AUTO_RELEASE_FLAG 0x1
4480#define CRYPT_DEFAULT_CONTEXT_PROCESS_FLAG 0x2
4481
4482#define CRYPT_DEFAULT_CONTEXT_CERT_SIGN_OID 1
4483#define CRYPT_DEFAULT_CONTEXT_MULTI_CERT_SIGN_OID 2
4484
4485 typedef struct _CRYPT_VERIFY_CERT_SIGN_STRONG_PROPERTIES_INFO {
4486 CRYPT_DATA_BLOB CertSignHashCNGAlgPropData;
4487 CRYPT_DATA_BLOB CertIssuerPubKeyBitLengthPropData;
4488 } CRYPT_VERIFY_CERT_SIGN_STRONG_PROPERTIES_INFO, *PCRYPT_VERIFY_CERT_SIGN_STRONG_PROPERTIES_INFO;
4489
4490 typedef WINBOOL (WINAPI *PFN_CRYPT_EXTRACT_ENCODED_SIGNATURE_PARAMETERS_FUNC) (DWORD dwCertEncodingType, PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, void **ppvDecodedSignPara, LPWSTR *ppwszCNGHashAlgid);
4491 typedef WINBOOL (WINAPI *PFN_CRYPT_SIGN_AND_ENCODE_HASH_FUNC) (NCRYPT_KEY_HANDLE hKey, DWORD dwCertEncodingType, PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, void *pvDecodedSignPara, LPCWSTR pwszCNGPubKeyAlgid, LPCWSTR pwszCNGHashAlgid, BYTE *pbComputedHash, DWORD cbComputedHash, BYTE *pbSignature, DWORD *pcbSignature);
4492 typedef WINBOOL (WINAPI *PFN_CRYPT_VERIFY_ENCODED_SIGNATURE_FUNC) (DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pPubKeyInfo, PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, void *pvDecodedSignPara, LPCWSTR pwszCNGPubKeyAlgid, LPCWSTR pwszCNGHashAlgid, BYTE *pbComputedHash, DWORD cbComputedHash, BYTE *pbSignature, DWORD cbSignature);
4493
4494 typedef void *HCRYPTDEFAULTCONTEXT;
4495
4496 typedef struct _CRYPT_DEFAULT_CONTEXT_MULTI_OID_PARA {
4497 DWORD cOID;
4498 LPSTR *rgpszOID;
4499 } CRYPT_DEFAULT_CONTEXT_MULTI_OID_PARA,*PCRYPT_DEFAULT_CONTEXT_MULTI_OID_PARA;
4500
4501 WINIMPM WINBOOL WINAPI CertVerifyRevocation (DWORD dwEncodingType, DWORD dwRevType, DWORD cContext, PVOID rgpvContext[], DWORD dwFlags, PCERT_REVOCATION_PARA pRevPara, PCERT_REVOCATION_STATUS pRevStatus);
4502 WINBOOL WINAPI CertCompareIntegerBlob (PCRYPT_INTEGER_BLOB pInt1, PCRYPT_INTEGER_BLOB pInt2);
4503 WINIMPM WINBOOL WINAPI CertCompareCertificate (DWORD dwCertEncodingType, PCERT_INFO pCertId1, PCERT_INFO pCertId2);
4504 WINIMPM WINBOOL WINAPI CertCompareCertificateName (DWORD dwCertEncodingType, PCERT_NAME_BLOB pCertName1, PCERT_NAME_BLOB pCertName2);
4505 WINIMPM WINBOOL WINAPI CertIsRDNAttrsInCertificateName (DWORD dwCertEncodingType, DWORD dwFlags, PCERT_NAME_BLOB pCertName, PCERT_RDN pRDN);
4506 WINIMPM WINBOOL WINAPI CertComparePublicKeyInfo (DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pPublicKey1, PCERT_PUBLIC_KEY_INFO pPublicKey2);
4507 WINIMPM DWORD WINAPI CertGetPublicKeyLength (DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pPublicKey);
4508 WINIMPM WINBOOL WINAPI CryptVerifyCertificateSignature (HCRYPTPROV_LEGACY hCryptProv, DWORD dwCertEncodingType, const BYTE *pbEncoded, DWORD cbEncoded, PCERT_PUBLIC_KEY_INFO pPublicKey);
4509 WINIMPM WINBOOL WINAPI CryptVerifyCertificateSignatureEx (HCRYPTPROV_LEGACY hCryptProv, DWORD dwCertEncodingType, DWORD dwSubjectType, void *pvSubject, DWORD dwIssuerType, void *pvIssuer, DWORD dwFlags, void *pvExtra);
4510 WINIMPM WINBOOL WINAPI CertIsStrongHashToSign (PCCERT_STRONG_SIGN_PARA pStrongSignPara, LPCWSTR pwszCNGHashAlgid, PCCERT_CONTEXT pSigningCert);
4511 WINIMPM WINBOOL WINAPI CryptHashToBeSigned (HCRYPTPROV_LEGACY hCryptProv, DWORD dwCertEncodingType, const BYTE *pbEncoded, DWORD cbEncoded, BYTE *pbComputedHash, DWORD *pcbComputedHash);
4512 WINIMPM WINBOOL WINAPI CryptHashCertificate (HCRYPTPROV_LEGACY hCryptProv, ALG_ID Algid, DWORD dwFlags, const BYTE *pbEncoded, DWORD cbEncoded, BYTE *pbComputedHash, DWORD *pcbComputedHash);
4513#if NTDDI_VERSION >= NTDDI_VISTA
4514 WINIMPM WINBOOL WINAPI CryptHashCertificate2 (LPCWSTR pwszCNGHashAlgid, DWORD dwFlags, void *pvReserved, const BYTE *pbEncoded, DWORD cbEncoded, BYTE *pbComputedHash, DWORD *pcbComputedHash);
4515#endif
4516 WINIMPM WINBOOL WINAPI CryptSignCertificate (HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey, DWORD dwKeySpec, DWORD dwCertEncodingType, const BYTE *pbEncodedToBeSigned, DWORD cbEncodedToBeSigned, PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, const void *pvHashAuxInfo, BYTE *pbSignature, DWORD *pcbSignature);
4517 WINIMPM WINBOOL WINAPI CryptSignAndEncodeCertificate (HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey, DWORD dwKeySpec, DWORD dwCertEncodingType, LPCSTR lpszStructType, const void *pvStructInfo, PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, const void *pvHashAuxInfo, BYTE *pbEncoded, DWORD *pcbEncoded);
4518 WINIMPM LONG WINAPI CertVerifyTimeValidity (LPFILETIME pTimeToVerify, PCERT_INFO pCertInfo);
4519 WINIMPM LONG WINAPI CertVerifyCRLTimeValidity (LPFILETIME pTimeToVerify, PCRL_INFO pCrlInfo);
4520 WINIMPM WINBOOL WINAPI CertVerifyValidityNesting (PCERT_INFO pSubjectInfo, PCERT_INFO pIssuerInfo);
4521 WINIMPM WINBOOL WINAPI CertVerifyCRLRevocation (DWORD dwCertEncodingType, PCERT_INFO pCertId, DWORD cCrlInfo, PCRL_INFO rgpCrlInfo[]);
4522 WINIMPM LPCSTR WINAPI CertAlgIdToOID (DWORD dwAlgId);
4523 WINIMPM DWORD WINAPI CertOIDToAlgId (LPCSTR pszObjId);
4524 WINIMPM PCERT_EXTENSION WINAPI CertFindExtension (LPCSTR pszObjId, DWORD cExtensions, CERT_EXTENSION rgExtensions[]);
4525 WINIMPM PCRYPT_ATTRIBUTE WINAPI CertFindAttribute (LPCSTR pszObjId, DWORD cAttr, CRYPT_ATTRIBUTE rgAttr[]);
4526 WINIMPM PCERT_RDN_ATTR WINAPI CertFindRDNAttr (LPCSTR pszObjId, PCERT_NAME_INFO pName);
4527 WINIMPM WINBOOL WINAPI CertGetIntendedKeyUsage (DWORD dwCertEncodingType, PCERT_INFO pCertInfo, BYTE *pbKeyUsage, DWORD cbKeyUsage);
4528 WINIMPM WINBOOL WINAPI CryptInstallDefaultContext (HCRYPTPROV hCryptProv, DWORD dwDefaultType, const void *pvDefaultPara, DWORD dwFlags, void *pvReserved, HCRYPTDEFAULTCONTEXT *phDefaultContext);
4529 WINIMPM WINBOOL WINAPI CryptUninstallDefaultContext (HCRYPTDEFAULTCONTEXT hDefaultContext, DWORD dwFlags, void *pvReserved);
4530 WINIMPM WINBOOL WINAPI CryptExportPublicKeyInfo (HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey, DWORD dwKeySpec, DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, DWORD *pcbInfo);
4531 WINIMPM WINBOOL WINAPI CryptExportPublicKeyInfoEx (HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey, DWORD dwKeySpec, DWORD dwCertEncodingType, LPSTR pszPublicKeyObjId, DWORD dwFlags, void *pvAuxInfo, PCERT_PUBLIC_KEY_INFO pInfo, DWORD *pcbInfo);
4532
4533#define CRYPT_OID_EXPORT_PUBLIC_KEY_INFO_FUNC "CryptDllExportPublicKeyInfoEx"
4534#define CRYPT_OID_EXPORT_PUBLIC_KEY_INFO_EX2_FUNC "CryptDllExportPublicKeyInfoEx2"
4535
4536 typedef WINBOOL (WINAPI *PFN_CRYPT_EXPORT_PUBLIC_KEY_INFO_EX2_FUNC) (NCRYPT_KEY_HANDLE hNCryptKey, DWORD dwCertEncodingType, LPSTR pszPublicKeyObjId, DWORD dwFlags, void *pvAuxInfo, PCERT_PUBLIC_KEY_INFO pInfo, DWORD *pcbInfo);
4537
4538#if NTDDI_VERSION >= NTDDI_WIN7
4539#define CRYPT_OID_EXPORT_PUBLIC_KEY_INFO_FROM_BCRYPT_HANDLE_FUNC "CryptDllExportPublicKeyInfoFromBCryptKeyHandle"
4540
4541 typedef WINBOOL (WINAPI *PFN_CRYPT_EXPORT_PUBLIC_KEY_INFO_FROM_BCRYPT_HANDLE_FUNC) (BCRYPT_KEY_HANDLE hBCryptKey, DWORD dwCertEncodingType, LPSTR pszPublicKeyObjId, DWORD dwFlags, void *pvAuxInfo, PCERT_PUBLIC_KEY_INFO pInfo, DWORD *pcbInfo);
4542
4543 WINIMPM WINBOOL WINAPI CryptExportPublicKeyInfoFromBCryptKeyHandle (BCRYPT_KEY_HANDLE hBCryptKey, DWORD dwCertEncodingType, LPSTR pszPublicKeyObjId, DWORD dwFlags, void *pvAuxInfo, PCERT_PUBLIC_KEY_INFO pInfo, DWORD *pcbInfo);
4544#endif
4545
4546#define CRYPT_OID_IMPORT_PUBLIC_KEY_INFO_FUNC "CryptDllImportPublicKeyInfoEx"
4547#define CRYPT_OID_IMPORT_PRIVATE_KEY_INFO_FUNC "CryptDllImportPrivateKeyInfoEx"
4548#define CRYPT_OID_EXPORT_PRIVATE_KEY_INFO_FUNC "CryptDllExportPrivateKeyInfoEx"
4549
4550#define CRYPT_ACQUIRE_CACHE_FLAG 0x1
4551#define CRYPT_ACQUIRE_USE_PROV_INFO_FLAG 0x2
4552#define CRYPT_ACQUIRE_COMPARE_KEY_FLAG 0x4
4553#define CRYPT_ACQUIRE_NO_HEALING 0x8
4554#define CRYPT_ACQUIRE_SILENT_FLAG 0x40
4555#define CRYPT_ACQUIRE_WINDOW_HANDLE_FLAG 0x80
4556
4557#define CRYPT_ACQUIRE_NCRYPT_KEY_FLAGS_MASK 0x70000
4558#define CRYPT_ACQUIRE_ALLOW_NCRYPT_KEY_FLAG 0x10000
4559#define CRYPT_ACQUIRE_PREFER_NCRYPT_KEY_FLAG 0x20000
4560#define CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG 0x40000
4561
4562#define CRYPT_FIND_USER_KEYSET_FLAG 0x1
4563#define CRYPT_FIND_MACHINE_KEYSET_FLAG 0x2
4564#define CRYPT_FIND_SILENT_KEYSET_FLAG 0x40
4565
4566#define CRYPT_DELETE_KEYSET CRYPT_DELETEKEYSET
4567
4568 typedef WINBOOL (WINAPI *PFN_IMPORT_PRIV_KEY_FUNC) (HCRYPTPROV hCryptProv, CRYPT_PRIVATE_KEY_INFO *pPrivateKeyInfo, DWORD dwFlags, void *pvAuxInfo);
4569 typedef WINBOOL (WINAPI *PFN_EXPORT_PRIV_KEY_FUNC) (HCRYPTPROV hCryptProv, DWORD dwKeySpec, LPSTR pszPrivateKeyObjId, DWORD dwFlags, void *pvAuxInfo, CRYPT_PRIVATE_KEY_INFO *pPrivateKeyInfo, DWORD *pcbPrivateKeyInfo);
4570
4571#define CertRDNValueToStr __MINGW_NAME_AW(CertRDNValueToStr)
4572#define CertNameToStr __MINGW_NAME_AW(CertNameToStr)
4573
4574 WINIMPM WINBOOL WINAPI CryptImportPublicKeyInfo (HCRYPTPROV hCryptProv, DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, HCRYPTKEY *phKey);
4575 WINIMPM WINBOOL WINAPI CryptImportPublicKeyInfoEx (HCRYPTPROV hCryptProv, DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, ALG_ID aiKeyAlg, DWORD dwFlags, void *pvAuxInfo, HCRYPTKEY *phKey);
4576
4577#if NTDDI_VERSION >= NTDDI_VISTA
4578#define CRYPT_OID_IMPORT_PUBLIC_KEY_INFO_EX2_FUNC "CryptDllImportPublicKeyInfoEx2"
4579
4580 typedef WINBOOL (WINAPI *PFN_IMPORT_PUBLIC_KEY_INFO_EX2_FUNC) (DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, DWORD dwFlags, void *pvAuxInfo, BCRYPT_KEY_HANDLE *phKey);
4581
4582 WINIMPM WINBOOL WINAPI CryptImportPublicKeyInfoEx2 (DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, DWORD dwFlags, void *pvAuxInfo, BCRYPT_KEY_HANDLE *phKey);
4583#endif
4584 WINIMPM WINBOOL WINAPI CryptAcquireCertificatePrivateKey (PCCERT_CONTEXT pCert, DWORD dwFlags, void *pvParameters, HCRYPTPROV_OR_NCRYPT_KEY_HANDLE *phCryptProvOrNCryptKey, DWORD *pdwKeySpec, WINBOOL *pfCallerFreeProvOrNCryptKey);
4585 WINIMPM WINBOOL WINAPI CryptFindCertificateKeyProvInfo (PCCERT_CONTEXT pCert, DWORD dwFlags, void *pvReserved);
4586 WINIMPM WINBOOL WINAPI CryptImportPKCS8 (CRYPT_PKCS8_IMPORT_PARAMS sPrivateKeyAndParams, DWORD dwFlags, HCRYPTPROV *phCryptProv, void *pvAuxInfo);
4587 WINIMPM WINBOOL WINAPI CryptExportPKCS8 (HCRYPTPROV hCryptProv, DWORD dwKeySpec, LPSTR pszPrivateKeyObjId, DWORD dwFlags, void *pvAuxInfo, BYTE *pbPrivateKeyBlob, DWORD *pcbPrivateKeyBlob);
4588 WINIMPM WINBOOL WINAPI CryptExportPKCS8Ex (CRYPT_PKCS8_EXPORT_PARAMS *psExportParams, DWORD dwFlags, void *pvAuxInfo, BYTE *pbPrivateKeyBlob, DWORD *pcbPrivateKeyBlob);
4589 WINIMPM WINBOOL WINAPI CryptHashPublicKeyInfo (HCRYPTPROV_LEGACY hCryptProv, ALG_ID Algid, DWORD dwFlags, DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, BYTE *pbComputedHash, DWORD *pcbComputedHash);
4590 WINIMPM DWORD WINAPI CertRDNValueToStrA (DWORD dwValueType, PCERT_RDN_VALUE_BLOB pValue, LPSTR psz, DWORD csz);
4591 WINIMPM DWORD WINAPI CertRDNValueToStrW (DWORD dwValueType, PCERT_RDN_VALUE_BLOB pValue, LPWSTR psz, DWORD csz);
4592 WINIMPM DWORD WINAPI CertNameToStrA (DWORD dwCertEncodingType, PCERT_NAME_BLOB pName, DWORD dwStrType, LPSTR psz, DWORD csz);
4593 WINIMPM DWORD WINAPI CertNameToStrW (DWORD dwCertEncodingType, PCERT_NAME_BLOB pName, DWORD dwStrType, LPWSTR psz, DWORD csz);
4594
4595
4596#define CERT_SIMPLE_NAME_STR 1
4597#define CERT_OID_NAME_STR 2
4598#define CERT_X500_NAME_STR 3
4599#define CERT_XML_NAME_STR 4
4600
4601#define CERT_NAME_STR_DISABLE_IE4_UTF8_FLAG 0x10000
4602#define CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG 0x20000
4603#define CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG 0x40000
4604#define CERT_NAME_STR_FORCE_UTF8_DIR_STR_FLAG 0x80000
4605#define CERT_NAME_STR_FORWARD_FLAG 0x1000000
4606#define CERT_NAME_STR_REVERSE_FLAG 0x2000000
4607#define CERT_NAME_STR_COMMA_FLAG 0x4000000
4608#define CERT_NAME_STR_CRLF_FLAG 0x8000000
4609#define CERT_NAME_STR_NO_QUOTING_FLAG 0x10000000
4610#define CERT_NAME_STR_NO_PLUS_FLAG 0x20000000
4611#define CERT_NAME_STR_SEMICOLON_FLAG 0x40000000
4612#define CERT_NAME_STR_DISABLE_UTF8_DIR_STR_FLAG 0x100000
4613#define CERT_NAME_STR_ENABLE_PUNYCODE_FLAG 0x200000
4614
4615#define CertStrToName __MINGW_NAME_AW(CertStrToName)
4616#define CertGetNameString __MINGW_NAME_AW(CertGetNameString)
4617
4618 WINIMPM WINBOOL WINAPI CertStrToNameA (DWORD dwCertEncodingType, LPCSTR pszX500, DWORD dwStrType, void *pvReserved, BYTE *pbEncoded, DWORD *pcbEncoded, LPCSTR *ppszError);
4619 WINIMPM WINBOOL WINAPI CertStrToNameW (DWORD dwCertEncodingType, LPCWSTR pszX500, DWORD dwStrType, void *pvReserved, BYTE *pbEncoded, DWORD *pcbEncoded, LPCWSTR *ppszError);
4620 WINIMPM DWORD WINAPI CertGetNameStringA (PCCERT_CONTEXT pCertContext, DWORD dwType, DWORD dwFlags, void *pvTypePara, LPSTR pszNameString, DWORD cchNameString);
4621 WINIMPM DWORD WINAPI CertGetNameStringW (PCCERT_CONTEXT pCertContext, DWORD dwType, DWORD dwFlags, void *pvTypePara, LPWSTR pszNameString, DWORD cchNameString);
4622
4623#define CERT_NAME_EMAIL_TYPE 1
4624#define CERT_NAME_RDN_TYPE 2
4625#define CERT_NAME_ATTR_TYPE 3
4626#define CERT_NAME_SIMPLE_DISPLAY_TYPE 4
4627#define CERT_NAME_FRIENDLY_DISPLAY_TYPE 5
4628#define CERT_NAME_DNS_TYPE 6
4629#define CERT_NAME_URL_TYPE 7
4630#define CERT_NAME_UPN_TYPE 8
4631
4632#define CERT_NAME_ISSUER_FLAG 0x1
4633#define CERT_NAME_DISABLE_IE4_UTF8_FLAG 0x10000
4634
4635#define CERT_NAME_SEARCH_ALL_NAMES_FLAG 0x2
4636
4637 typedef PCCERT_CONTEXT (WINAPI *PFN_CRYPT_GET_SIGNER_CERTIFICATE) (void *pvGetArg, DWORD dwCertEncodingType, PCERT_INFO pSignerId, HCERTSTORE hMsgCertStore);
4638
4639 typedef struct _CRYPT_SIGN_MESSAGE_PARA {
4640 DWORD cbSize;
4641 DWORD dwMsgEncodingType;
4642 PCCERT_CONTEXT pSigningCert;
4643 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
4644 void *pvHashAuxInfo;
4645 DWORD cMsgCert;
4646 PCCERT_CONTEXT *rgpMsgCert;
4647 DWORD cMsgCrl;
4648 PCCRL_CONTEXT *rgpMsgCrl;
4649 DWORD cAuthAttr;
4650 PCRYPT_ATTRIBUTE rgAuthAttr;
4651 DWORD cUnauthAttr;
4652 PCRYPT_ATTRIBUTE rgUnauthAttr;
4653 DWORD dwFlags;
4654 DWORD dwInnerContentType;
4655#ifdef CRYPT_SIGN_MESSAGE_PARA_HAS_CMS_FIELDS
4656 CRYPT_ALGORITHM_IDENTIFIER HashEncryptionAlgorithm;
4657 void *pvHashEncryptionAuxInfo;
4658#endif
4659 } CRYPT_SIGN_MESSAGE_PARA,*PCRYPT_SIGN_MESSAGE_PARA;
4660
4661#define CRYPT_MESSAGE_BARE_CONTENT_OUT_FLAG 0x1
4662#define CRYPT_MESSAGE_ENCAPSULATED_CONTENT_OUT_FLAG 0x2
4663#define CRYPT_MESSAGE_KEYID_SIGNER_FLAG 0x4
4664#define CRYPT_MESSAGE_SILENT_KEYSET_FLAG 0x40
4665
4666 typedef struct _CRYPT_VERIFY_MESSAGE_PARA {
4667 DWORD cbSize;
4668 DWORD dwMsgAndCertEncodingType;
4669 HCRYPTPROV_LEGACY hCryptProv;
4670 PFN_CRYPT_GET_SIGNER_CERTIFICATE pfnGetSignerCertificate;
4671 void *pvGetArg;
4672#ifdef CRYPT_VERIFY_MESSAGE_PARA_HAS_EXTRA_FIELDS
4673 PCCERT_STRONG_SIGN_PARA pStrongSignPara;
4674#endif
4675 } CRYPT_VERIFY_MESSAGE_PARA,*PCRYPT_VERIFY_MESSAGE_PARA;
4676
4677 typedef struct _CRYPT_ENCRYPT_MESSAGE_PARA {
4678 DWORD cbSize;
4679 DWORD dwMsgEncodingType;
4680 HCRYPTPROV_LEGACY hCryptProv;
4681 CRYPT_ALGORITHM_IDENTIFIER ContentEncryptionAlgorithm;
4682 void *pvEncryptionAuxInfo;
4683 DWORD dwFlags;
4684 DWORD dwInnerContentType;
4685 } CRYPT_ENCRYPT_MESSAGE_PARA,*PCRYPT_ENCRYPT_MESSAGE_PARA;
4686
4687#define CRYPT_MESSAGE_KEYID_RECIPIENT_FLAG 0x4
4688
4689 typedef struct _CRYPT_DECRYPT_MESSAGE_PARA {
4690 DWORD cbSize;
4691 DWORD dwMsgAndCertEncodingType;
4692 DWORD cCertStore;
4693 HCERTSTORE *rghCertStore;
4694#ifdef CRYPT_DECRYPT_MESSAGE_PARA_HAS_EXTRA_FIELDS
4695 DWORD dwFlags;
4696#endif
4697 } CRYPT_DECRYPT_MESSAGE_PARA,*PCRYPT_DECRYPT_MESSAGE_PARA;
4698
4699 typedef struct _CRYPT_HASH_MESSAGE_PARA {
4700 DWORD cbSize;
4701 DWORD dwMsgEncodingType;
4702 HCRYPTPROV_LEGACY hCryptProv;
4703 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
4704 void *pvHashAuxInfo;
4705 } CRYPT_HASH_MESSAGE_PARA,*PCRYPT_HASH_MESSAGE_PARA;
4706
4707 typedef struct _CRYPT_KEY_SIGN_MESSAGE_PARA {
4708 DWORD cbSize;
4709 DWORD dwMsgAndCertEncodingType;
4710 __C89_NAMELESS union {
4711 HCRYPTPROV hCryptProv;
4712 NCRYPT_KEY_HANDLE hNCryptKey;
4713 };
4714 DWORD dwKeySpec;
4715 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
4716 void *pvHashAuxInfo;
4717 CRYPT_ALGORITHM_IDENTIFIER PubKeyAlgorithm;
4718 } CRYPT_KEY_SIGN_MESSAGE_PARA,*PCRYPT_KEY_SIGN_MESSAGE_PARA;
4719
4720 typedef struct _CRYPT_KEY_VERIFY_MESSAGE_PARA {
4721 DWORD cbSize;
4722 DWORD dwMsgEncodingType;
4723 HCRYPTPROV_LEGACY hCryptProv;
4724 } CRYPT_KEY_VERIFY_MESSAGE_PARA,*PCRYPT_KEY_VERIFY_MESSAGE_PARA;
4725
4726 typedef struct _CERT_CHAIN {
4727 DWORD cCerts;
4728 PCERT_BLOB certs;
4729 CRYPT_KEY_PROV_INFO keyLocatorInfo;
4730 } CERT_CHAIN,*PCERT_CHAIN;
4731
4732#define CertOpenSystemStore __MINGW_NAME_AW(CertOpenSystemStore)
4733#define CertAddEncodedCertificateToSystemStore __MINGW_NAME_AW(CertAddEncodedCertificateToSystemStore)
4734
4735 WINIMPM WINBOOL WINAPI CryptSignMessage (PCRYPT_SIGN_MESSAGE_PARA pSignPara, WINBOOL fDetachedSignature, DWORD cToBeSigned, const BYTE *rgpbToBeSigned[], DWORD rgcbToBeSigned[], BYTE *pbSignedBlob, DWORD *pcbSignedBlob);
4736 WINIMPM WINBOOL WINAPI CryptVerifyMessageSignature (PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara, DWORD dwSignerIndex, const BYTE *pbSignedBlob, DWORD cbSignedBlob, BYTE *pbDecoded, DWORD *pcbDecoded, PCCERT_CONTEXT *ppSignerCert);
4737 WINIMPM LONG WINAPI CryptGetMessageSignerCount (DWORD dwMsgEncodingType, const BYTE *pbSignedBlob, DWORD cbSignedBlob);
4738 WINIMPM HCERTSTORE WINAPI CryptGetMessageCertificates (DWORD dwMsgAndCertEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const BYTE *pbSignedBlob, DWORD cbSignedBlob);
4739 WINIMPM WINBOOL WINAPI CryptVerifyDetachedMessageSignature (PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara, DWORD dwSignerIndex, const BYTE *pbDetachedSignBlob, DWORD cbDetachedSignBlob, DWORD cToBeSigned, const BYTE *rgpbToBeSigned[], DWORD rgcbToBeSigned[], PCCERT_CONTEXT *ppSignerCert);
4740 WINIMPM WINBOOL WINAPI CryptEncryptMessage (PCRYPT_ENCRYPT_MESSAGE_PARA pEncryptPara, DWORD cRecipientCert, PCCERT_CONTEXT rgpRecipientCert[], const BYTE *pbToBeEncrypted, DWORD cbToBeEncrypted, BYTE *pbEncryptedBlob, DWORD *pcbEncryptedBlob);
4741 WINIMPM WINBOOL WINAPI CryptDecryptMessage (PCRYPT_DECRYPT_MESSAGE_PARA pDecryptPara, const BYTE *pbEncryptedBlob, DWORD cbEncryptedBlob, BYTE *pbDecrypted, DWORD *pcbDecrypted, PCCERT_CONTEXT *ppXchgCert);
4742 WINIMPM WINBOOL WINAPI CryptSignAndEncryptMessage (PCRYPT_SIGN_MESSAGE_PARA pSignPara, PCRYPT_ENCRYPT_MESSAGE_PARA pEncryptPara, DWORD cRecipientCert, PCCERT_CONTEXT rgpRecipientCert[], const BYTE *pbToBeSignedAndEncrypted, DWORD cbToBeSignedAndEncrypted, BYTE *pbSignedAndEncryptedBlob, DWORD *pcbSignedAndEncryptedBlob);
4743 WINIMPM WINBOOL WINAPI CryptDecryptAndVerifyMessageSignature (PCRYPT_DECRYPT_MESSAGE_PARA pDecryptPara, PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara, DWORD dwSignerIndex, const BYTE *pbEncryptedBlob, DWORD cbEncryptedBlob, BYTE *pbDecrypted, DWORD *pcbDecrypted, PCCERT_CONTEXT *ppXchgCert, PCCERT_CONTEXT *ppSignerCert);
4744 WINIMPM WINBOOL WINAPI CryptDecodeMessage (DWORD dwMsgTypeFlags, PCRYPT_DECRYPT_MESSAGE_PARA pDecryptPara, PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara, DWORD dwSignerIndex, const BYTE *pbEncodedBlob, DWORD cbEncodedBlob, DWORD dwPrevInnerContentType, DWORD *pdwMsgType, DWORD *pdwInnerContentType, BYTE *pbDecoded, DWORD *pcbDecoded, PCCERT_CONTEXT *ppXchgCert, PCCERT_CONTEXT *ppSignerCert);
4745 WINIMPM WINBOOL WINAPI CryptHashMessage (PCRYPT_HASH_MESSAGE_PARA pHashPara, WINBOOL fDetachedHash, DWORD cToBeHashed, const BYTE *rgpbToBeHashed[], DWORD rgcbToBeHashed[], BYTE *pbHashedBlob, DWORD *pcbHashedBlob, BYTE *pbComputedHash, DWORD *pcbComputedHash);
4746 WINIMPM WINBOOL WINAPI CryptVerifyMessageHash (PCRYPT_HASH_MESSAGE_PARA pHashPara, BYTE *pbHashedBlob, DWORD cbHashedBlob, BYTE *pbToBeHashed, DWORD *pcbToBeHashed, BYTE *pbComputedHash, DWORD *pcbComputedHash);
4747 WINIMPM WINBOOL WINAPI CryptVerifyDetachedMessageHash (PCRYPT_HASH_MESSAGE_PARA pHashPara, BYTE *pbDetachedHashBlob, DWORD cbDetachedHashBlob, DWORD cToBeHashed, const BYTE *rgpbToBeHashed[], DWORD rgcbToBeHashed[], BYTE *pbComputedHash, DWORD *pcbComputedHash);
4748 WINIMPM WINBOOL WINAPI CryptSignMessageWithKey (PCRYPT_KEY_SIGN_MESSAGE_PARA pSignPara, const BYTE *pbToBeSigned, DWORD cbToBeSigned, BYTE *pbSignedBlob, DWORD *pcbSignedBlob);
4749 WINIMPM WINBOOL WINAPI CryptVerifyMessageSignatureWithKey (PCRYPT_KEY_VERIFY_MESSAGE_PARA pVerifyPara, PCERT_PUBLIC_KEY_INFO pPublicKeyInfo, const BYTE *pbSignedBlob, DWORD cbSignedBlob, BYTE *pbDecoded, DWORD *pcbDecoded);
4750 WINIMPM HCERTSTORE WINAPI CertOpenSystemStoreA (HCRYPTPROV_LEGACY hProv, LPCSTR szSubsystemProtocol);
4751 WINIMPM HCERTSTORE WINAPI CertOpenSystemStoreW (HCRYPTPROV_LEGACY hProv, LPCWSTR szSubsystemProtocol);
4752 WINIMPM WINBOOL WINAPI CertAddEncodedCertificateToSystemStoreA (LPCSTR szCertStoreName, const BYTE *pbCertEncoded, DWORD cbCertEncoded);
4753 WINIMPM WINBOOL WINAPI CertAddEncodedCertificateToSystemStoreW (LPCWSTR szCertStoreName, const BYTE *pbCertEncoded, DWORD cbCertEncoded);
4754 HRESULT WINAPI FindCertsByIssuer (PCERT_CHAIN pCertChains, DWORD *pcbCertChains, DWORD *pcCertChains, BYTE *pbEncodedIssuerName, DWORD cbEncodedIssuerName, LPCWSTR pwszPurpose, DWORD dwKeySpec);
4755 WINIMPM WINBOOL WINAPI CryptQueryObject (DWORD dwObjectType, const void *pvObject, DWORD dwExpectedContentTypeFlags, DWORD dwExpectedFormatTypeFlags, DWORD dwFlags, DWORD *pdwMsgAndCertEncodingType, DWORD *pdwContentType, DWORD *pdwFormatType, HCERTSTORE *phCertStore, HCRYPTMSG *phMsg, const void **ppvContext);
4756
4757#define CERT_QUERY_OBJECT_FILE 0x1
4758#define CERT_QUERY_OBJECT_BLOB 0x2
4759
4760#define CERT_QUERY_CONTENT_CERT 1
4761#define CERT_QUERY_CONTENT_CTL 2
4762#define CERT_QUERY_CONTENT_CRL 3
4763#define CERT_QUERY_CONTENT_SERIALIZED_STORE 4
4764#define CERT_QUERY_CONTENT_SERIALIZED_CERT 5
4765#define CERT_QUERY_CONTENT_SERIALIZED_CTL 6
4766#define CERT_QUERY_CONTENT_SERIALIZED_CRL 7
4767#define CERT_QUERY_CONTENT_PKCS7_SIGNED 8
4768#define CERT_QUERY_CONTENT_PKCS7_UNSIGNED 9
4769#define CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED 10
4770#define CERT_QUERY_CONTENT_PKCS10 11
4771#define CERT_QUERY_CONTENT_PFX 12
4772#define CERT_QUERY_CONTENT_CERT_PAIR 13
4773#define CERT_QUERY_CONTENT_PFX_AND_LOAD 14
4774
4775#define CERT_QUERY_CONTENT_FLAG_CERT (1 << CERT_QUERY_CONTENT_CERT)
4776#define CERT_QUERY_CONTENT_FLAG_CTL (1 << CERT_QUERY_CONTENT_CTL)
4777#define CERT_QUERY_CONTENT_FLAG_CRL (1 << CERT_QUERY_CONTENT_CRL)
4778#define CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE (1 << CERT_QUERY_CONTENT_SERIALIZED_STORE)
4779#define CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT (1 << CERT_QUERY_CONTENT_SERIALIZED_CERT)
4780#define CERT_QUERY_CONTENT_FLAG_SERIALIZED_CTL (1 << CERT_QUERY_CONTENT_SERIALIZED_CTL)
4781#define CERT_QUERY_CONTENT_FLAG_SERIALIZED_CRL (1 << CERT_QUERY_CONTENT_SERIALIZED_CRL)
4782#define CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED (1 << CERT_QUERY_CONTENT_PKCS7_SIGNED)
4783#define CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED (1 << CERT_QUERY_CONTENT_PKCS7_UNSIGNED)
4784#define CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED (1 << CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED)
4785#define CERT_QUERY_CONTENT_FLAG_PKCS10 (1 << CERT_QUERY_CONTENT_PKCS10)
4786#define CERT_QUERY_CONTENT_FLAG_PFX (1 << CERT_QUERY_CONTENT_PFX)
4787#define CERT_QUERY_CONTENT_FLAG_CERT_PAIR (1 << CERT_QUERY_CONTENT_CERT_PAIR)
4788#define CERT_QUERY_CONTENT_FLAG_PFX_AND_LOAD (1 << CERT_QUERY_CONTENT_PFX_AND_LOAD)
4789
4790#define CERT_QUERY_CONTENT_FLAG_ALL (CERT_QUERY_CONTENT_FLAG_CERT | CERT_QUERY_CONTENT_FLAG_CTL | CERT_QUERY_CONTENT_FLAG_CRL | CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CTL | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CRL | CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED | CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED | CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED | CERT_QUERY_CONTENT_FLAG_PKCS10 | CERT_QUERY_CONTENT_FLAG_PFX | CERT_QUERY_CONTENT_FLAG_CERT_PAIR)
4791#define CERT_QUERY_CONTENT_FLAG_ALL_ISSUER_CERT (CERT_QUERY_CONTENT_FLAG_CERT | CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE | CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT | CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED | CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED)
4792
4793#define CERT_QUERY_FORMAT_BINARY 1
4794#define CERT_QUERY_FORMAT_BASE64_ENCODED 2
4795#define CERT_QUERY_FORMAT_ASN_ASCII_HEX_ENCODED 3
4796
4797#define CERT_QUERY_FORMAT_FLAG_BINARY (1 << CERT_QUERY_FORMAT_BINARY)
4798#define CERT_QUERY_FORMAT_FLAG_BASE64_ENCODED (1 << CERT_QUERY_FORMAT_BASE64_ENCODED)
4799#define CERT_QUERY_FORMAT_FLAG_ASN_ASCII_HEX_ENCODED (1 << CERT_QUERY_FORMAT_ASN_ASCII_HEX_ENCODED)
4800
4801#define CERT_QUERY_FORMAT_FLAG_ALL (CERT_QUERY_FORMAT_FLAG_BINARY | CERT_QUERY_FORMAT_FLAG_BASE64_ENCODED | CERT_QUERY_FORMAT_FLAG_ASN_ASCII_HEX_ENCODED)
4802
4803 typedef HANDLE HCRYPTASYNC,*PHCRYPTASYNC;
4804 typedef VOID (WINAPI *PFN_CRYPT_ASYNC_PARAM_FREE_FUNC) (LPSTR pszParamOid, LPVOID pvParam);
4805
4806 WINIMPM LPVOID WINAPI CryptMemAlloc (ULONG cbSize);
4807 WINIMPM LPVOID WINAPI CryptMemRealloc (LPVOID pv, ULONG cbSize);
4808 WINIMPM VOID WINAPI CryptMemFree (LPVOID pv);
4809 WINIMPM WINBOOL WINAPI CryptCreateAsyncHandle (DWORD dwFlags, PHCRYPTASYNC phAsync);
4810 WINIMPM WINBOOL WINAPI CryptSetAsyncParam (HCRYPTASYNC hAsync, LPSTR pszParamOid, LPVOID pvParam, PFN_CRYPT_ASYNC_PARAM_FREE_FUNC pfnFree);
4811 WINIMPM WINBOOL WINAPI CryptGetAsyncParam (HCRYPTASYNC hAsync, LPSTR pszParamOid, LPVOID *ppvParam, PFN_CRYPT_ASYNC_PARAM_FREE_FUNC *ppfnFree);
4812 WINIMPM WINBOOL WINAPI CryptCloseAsyncHandle (HCRYPTASYNC hAsync);
4813
4814 typedef struct _CRYPT_BLOB_ARRAY {
4815 DWORD cBlob;
4816 PCRYPT_DATA_BLOB rgBlob;
4817 } CRYPT_BLOB_ARRAY,*PCRYPT_BLOB_ARRAY;
4818
4819 typedef struct _CRYPT_CREDENTIALS {
4820 DWORD cbSize;
4821 LPCSTR pszCredentialsOid;
4822 LPVOID pvCredentials;
4823 } CRYPT_CREDENTIALS,*PCRYPT_CREDENTIALS;
4824
4825#define CREDENTIAL_OID_PASSWORD_CREDENTIALS_A ((LPCSTR)1)
4826#define CREDENTIAL_OID_PASSWORD_CREDENTIALS_W ((LPCSTR)2)
4827
4828#define CREDENTIAL_OID_PASSWORD_CREDENTIALS __MINGW_NAME_UAW(CREDENTIAL_OID_PASSWORD_CREDENTIALS)
4829
4830 typedef struct _CRYPT_PASSWORD_CREDENTIALSA {
4831 DWORD cbSize;
4832 LPSTR pszUsername;
4833 LPSTR pszPassword;
4834 } CRYPT_PASSWORD_CREDENTIALSA,*PCRYPT_PASSWORD_CREDENTIALSA;
4835
4836 typedef struct _CRYPT_PASSWORD_CREDENTIALSW {
4837 DWORD cbSize;
4838 LPWSTR pszUsername;
4839 LPWSTR pszPassword;
4840 } CRYPT_PASSWORD_CREDENTIALSW,*PCRYPT_PASSWORD_CREDENTIALSW;
4841
4842 typedef __MINGW_NAME_AW(CRYPT_PASSWORD_CREDENTIALS) CRYPT_PASSWORD_CREDENTIALS;
4843 typedef __MINGW_NAME_AW(PCRYPT_PASSWORD_CREDENTIALS) PCRYPT_PASSWORD_CREDENTIALS;
4844
4845#define SCHEME_OID_RETRIEVE_ENCODED_OBJECT_FUNC "SchemeDllRetrieveEncodedObject"
4846#define SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC "SchemeDllRetrieveEncodedObjectW"
4847#define CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC "ContextDllCreateObjectContext"
4848
4849 typedef VOID (WINAPI *PFN_FREE_ENCODED_OBJECT_FUNC) (LPCSTR pszObjectOid, PCRYPT_BLOB_ARRAY pObject, LPVOID pvFreeContext);
4850
4851#define CONTEXT_OID_CERTIFICATE ((LPCSTR)1)
4852#define CONTEXT_OID_CRL ((LPCSTR)2)
4853#define CONTEXT_OID_CTL ((LPCSTR)3)
4854#define CONTEXT_OID_PKCS7 ((LPCSTR)4)
4855#define CONTEXT_OID_CAPI2_ANY ((LPCSTR)5)
4856#define CONTEXT_OID_OCSP_RESP ((LPCSTR)6)
4857
4858#define CRYPT_RETRIEVE_MULTIPLE_OBJECTS 0x1
4859#define CRYPT_CACHE_ONLY_RETRIEVAL 0x2
4860#define CRYPT_WIRE_ONLY_RETRIEVAL 0x4
4861#define CRYPT_DONT_CACHE_RESULT 0x8
4862#define CRYPT_ASYNC_RETRIEVAL 0x10
4863#define CRYPT_VERIFY_CONTEXT_SIGNATURE 0x20
4864#define CRYPT_VERIFY_DATA_HASH 0x40
4865#define CRYPT_KEEP_TIME_VALID 0x80
4866#define CRYPT_DONT_VERIFY_SIGNATURE 0x100
4867#define CRYPT_DONT_CHECK_TIME_VALIDITY 0x200
4868#define CRYPT_CHECK_FRESHNESS_TIME_VALIDITY 0x400
4869#define CRYPT_ACCUMULATIVE_TIMEOUT 0x800
4870#define CRYPT_STICKY_CACHE_RETRIEVAL 0x1000
4871#define CRYPT_LDAP_SCOPE_BASE_ONLY_RETRIEVAL 0x2000
4872#define CRYPT_OFFLINE_CHECK_RETRIEVAL 0x4000
4873#define CRYPT_LDAP_INSERT_ENTRY_ATTRIBUTE 0x8000
4874#define CRYPT_LDAP_SIGN_RETRIEVAL 0x10000
4875#define CRYPT_NO_AUTH_RETRIEVAL 0x20000
4876#define CRYPT_LDAP_AREC_EXCLUSIVE_RETRIEVAL 0x40000
4877#define CRYPT_AIA_RETRIEVAL 0x80000
4878#define CRYPT_HTTP_POST_RETRIEVAL 0x100000
4879#define CRYPT_PROXY_CACHE_RETRIEVAL 0x200000
4880#define CRYPT_NOT_MODIFIED_RETRIEVAL 0x400000
4881#define CRYPT_ENABLE_SSL_REVOCATION_RETRIEVAL 0x800000
4882#define CRYPT_OCSP_ONLY_RETRIEVAL 0x1000000
4883#define CRYPT_NO_OCSP_FAILOVER_TO_CRL_RETRIEVAL 0x2000000
4884#define CRYPT_RANDOM_QUERY_STRING_RETRIEVAL 0x4000000
4885#define CRYPT_ENABLE_FILE_RETRIEVAL 0x08000000
4886#define CRYPT_CREATE_NEW_FLUSH_ENTRY 0x10000000
4887
4888 typedef struct _CRYPTNET_URL_CACHE_PRE_FETCH_INFO {
4889 DWORD cbSize;
4890 DWORD dwObjectType;
4891 DWORD dwError;
4892 DWORD dwReserved;
4893 FILETIME ThisUpdateTime;
4894 FILETIME NextUpdateTime;
4895 FILETIME PublishTime;
4896 } CRYPTNET_URL_CACHE_PRE_FETCH_INFO,*PCRYPTNET_URL_CACHE_PRE_FETCH_INFO;
4897
4898#define CRYPTNET_URL_CACHE_PRE_FETCH_NONE 0
4899#define CRYPTNET_URL_CACHE_PRE_FETCH_BLOB 1
4900#define CRYPTNET_URL_CACHE_PRE_FETCH_CRL 2
4901#define CRYPTNET_URL_CACHE_PRE_FETCH_OCSP 3
4902#define CRYPTNET_URL_CACHE_PRE_FETCH_AUTOROOT_CAB 5
4903#define CRYPTNET_URL_CACHE_PRE_FETCH_DISALLOWED_CERT_CAB 6
4904#define CRYPTNET_URL_CACHE_PRE_FETCH_PIN_RULES_CAB 7
4905
4906 typedef struct _CRYPTNET_URL_CACHE_FLUSH_INFO {
4907 DWORD cbSize;
4908 DWORD dwExemptSeconds;
4909 FILETIME ExpireTime;
4910 } CRYPTNET_URL_CACHE_FLUSH_INFO,*PCRYPTNET_URL_CACHE_FLUSH_INFO;
4911
4912#define CRYPTNET_URL_CACHE_DEFAULT_FLUSH 0
4913#define CRYPTNET_URL_CACHE_DISABLE_FLUSH 0xffffffff
4914
4915 typedef struct _CRYPTNET_URL_CACHE_RESPONSE_INFO {
4916 DWORD cbSize;
4917 WORD wResponseType;
4918 WORD wResponseFlags;
4919 FILETIME LastModifiedTime;
4920 DWORD dwMaxAge;
4921 LPCWSTR pwszETag;
4922 DWORD dwProxyId;
4923 } CRYPTNET_URL_CACHE_RESPONSE_INFO,*PCRYPTNET_URL_CACHE_RESPONSE_INFO;
4924
4925#define CRYPTNET_URL_CACHE_RESPONSE_NONE 0
4926#define CRYPTNET_URL_CACHE_RESPONSE_HTTP 1
4927
4928#define CRYPTNET_URL_CACHE_RESPONSE_VALIDATED 0x8000
4929
4930 typedef struct _CRYPT_RETRIEVE_AUX_INFO {
4931 DWORD cbSize;
4932 FILETIME *pLastSyncTime;
4933 DWORD dwMaxUrlRetrievalByteCount;
4934 PCRYPTNET_URL_CACHE_PRE_FETCH_INFO pPreFetchInfo;
4935 PCRYPTNET_URL_CACHE_FLUSH_INFO pFlushInfo;
4936 PCRYPTNET_URL_CACHE_RESPONSE_INFO *ppResponseInfo;
4937 LPWSTR pwszCacheFileNamePrefix;
4938 LPFILETIME pftCacheResync;
4939 WINBOOL fProxyCacheRetrieval;
4940 DWORD dwHttpStatusCode;
4941 } CRYPT_RETRIEVE_AUX_INFO,*PCRYPT_RETRIEVE_AUX_INFO;
4942
4943#define CRYPT_RETRIEVE_MAX_ERROR_CONTENT_LENGTH 0x1000
4944
4945 WINIMPM WINBOOL WINAPI CryptRetrieveObjectByUrlA (LPCSTR pszUrl, LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject, HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo);
4946 WINIMPM WINBOOL WINAPI CryptRetrieveObjectByUrlW (LPCWSTR pszUrl, LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout, LPVOID *ppvObject, HCRYPTASYNC hAsyncRetrieve, PCRYPT_CREDENTIALS pCredentials, LPVOID pvVerify, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo);
4947
4948#define CryptRetrieveObjectByUrl __MINGW_NAME_AW(CryptRetrieveObjectByUrl)
4949
4950 typedef WINBOOL (WINAPI *PFN_CRYPT_CANCEL_RETRIEVAL) (DWORD dwFlags, void *pvArg);
4951
4952 WINIMPM WINBOOL WINAPI CryptInstallCancelRetrieval (PFN_CRYPT_CANCEL_RETRIEVAL pfnCancel, const void *pvArg, DWORD dwFlags, void *pvReserved);
4953 WINIMPM WINBOOL WINAPI CryptUninstallCancelRetrieval (DWORD dwFlags, void *pvReserved);
4954 WINIMPM WINBOOL WINAPI CryptCancelAsyncRetrieval (HCRYPTASYNC hAsyncRetrieval);
4955
4956#define CRYPT_PARAM_ASYNC_RETRIEVAL_COMPLETION ((LPCSTR)1)
4957
4958 typedef VOID (WINAPI *PFN_CRYPT_ASYNC_RETRIEVAL_COMPLETION_FUNC) (LPVOID pvCompletion, DWORD dwCompletionCode, LPCSTR pszUrl, LPSTR pszObjectOid, LPVOID pvObject);
4959
4960 typedef struct _CRYPT_ASYNC_RETRIEVAL_COMPLETION {
4961 PFN_CRYPT_ASYNC_RETRIEVAL_COMPLETION_FUNC pfnCompletion;
4962 LPVOID pvCompletion;
4963 } CRYPT_ASYNC_RETRIEVAL_COMPLETION,*PCRYPT_ASYNC_RETRIEVAL_COMPLETION;
4964
4965#define CRYPT_PARAM_CANCEL_ASYNC_RETRIEVAL ((LPCSTR)2)
4966
4967 typedef WINBOOL (WINAPI *PFN_CANCEL_ASYNC_RETRIEVAL_FUNC) (HCRYPTASYNC hAsyncRetrieve);
4968
4969#define CRYPT_GET_URL_FROM_PROPERTY 0x1
4970#define CRYPT_GET_URL_FROM_EXTENSION 0x2
4971#define CRYPT_GET_URL_FROM_UNAUTH_ATTRIBUTE 0x4
4972#define CRYPT_GET_URL_FROM_AUTH_ATTRIBUTE 0x8
4973
4974 typedef struct _CRYPT_URL_ARRAY {
4975 DWORD cUrl;
4976 LPWSTR *rgwszUrl;
4977 } CRYPT_URL_ARRAY,*PCRYPT_URL_ARRAY;
4978
4979 typedef struct _CRYPT_URL_INFO {
4980 DWORD cbSize;
4981 DWORD dwSyncDeltaTime;
4982 DWORD cGroup;
4983 DWORD *rgcGroupEntry;
4984 } CRYPT_URL_INFO,*PCRYPT_URL_INFO;
4985
4986 WINIMPM WINBOOL WINAPI CryptGetObjectUrl (LPCSTR pszUrlOid, LPVOID pvPara, DWORD dwFlags, PCRYPT_URL_ARRAY pUrlArray, DWORD *pcbUrlArray, PCRYPT_URL_INFO pUrlInfo, DWORD *pcbUrlInfo, LPVOID pvReserved);
4987
4988#define URL_OID_GET_OBJECT_URL_FUNC "UrlDllGetObjectUrl"
4989
4990#define URL_OID_CERTIFICATE_ISSUER ((LPCSTR) 1)
4991#define URL_OID_CERTIFICATE_CRL_DIST_POINT ((LPCSTR) 2)
4992#define URL_OID_CTL_ISSUER ((LPCSTR) 3)
4993#define URL_OID_CTL_NEXT_UPDATE ((LPCSTR) 4)
4994#define URL_OID_CRL_ISSUER ((LPCSTR) 5)
4995#define URL_OID_CERTIFICATE_FRESHEST_CRL ((LPCSTR) 6)
4996#define URL_OID_CRL_FRESHEST_CRL ((LPCSTR) 7)
4997#define URL_OID_CROSS_CERT_DIST_POINT ((LPCSTR) 8)
4998#define URL_OID_CERTIFICATE_OCSP ((LPCSTR) 9)
4999#define URL_OID_CERTIFICATE_OCSP_AND_CRL_DIST_POINT ((LPCSTR) 10)
5000#define URL_OID_CERTIFICATE_CRL_DIST_POINT_AND_OCSP ((LPCSTR) 11)
5001#define URL_OID_CROSS_CERT_SUBJECT_INFO_ACCESS ((LPCSTR) 12)
5002#define URL_OID_CERTIFICATE_ONLY_OCSP ((LPCSTR) 13)
5003
5004 typedef struct _CERT_CRL_CONTEXT_PAIR {
5005 PCCERT_CONTEXT pCertContext;
5006 PCCRL_CONTEXT pCrlContext;
5007 } CERT_CRL_CONTEXT_PAIR,*PCERT_CRL_CONTEXT_PAIR;
5008
5009 typedef const CERT_CRL_CONTEXT_PAIR *PCCERT_CRL_CONTEXT_PAIR;
5010
5011 typedef struct _CRYPT_GET_TIME_VALID_OBJECT_EXTRA_INFO {
5012 DWORD cbSize;
5013 int iDeltaCrlIndicator;
5014 LPFILETIME pftCacheResync;
5015 LPFILETIME pLastSyncTime;
5016 LPFILETIME pMaxAgeTime;
5017 PCERT_REVOCATION_CHAIN_PARA pChainPara;
5018 PCRYPT_INTEGER_BLOB pDeltaCrlIndicator;
5019 } CRYPT_GET_TIME_VALID_OBJECT_EXTRA_INFO, *PCRYPT_GET_TIME_VALID_OBJECT_EXTRA_INFO;
5020
5021 typedef WINBOOL (WINAPI *PFN_CRYPT_ENUM_KEYID_PROP) (const CRYPT_HASH_BLOB *pKeyIdentifier, DWORD dwFlags, void *pvReserved, void *pvArg, DWORD cProp, DWORD *rgdwPropId, void **rgpvData, DWORD *rgcbData);
5022
5023#define TIME_VALID_OID_GET_OBJECT_FUNC "TimeValidDllGetObject"
5024#define CERT_CHAIN_CONFIG_REGPATH L"Software\\Microsoft\\Cryptography\\OID\\EncodingType 0\\CertDllCreateCertificateChainEngine\\Config"
5025
5026#define TIME_VALID_OID_GET_CTL ((LPCSTR)1)
5027#define TIME_VALID_OID_GET_CRL ((LPCSTR)2)
5028#define TIME_VALID_OID_GET_CRL_FROM_CERT ((LPCSTR)3)
5029
5030#define TIME_VALID_OID_GET_FRESHEST_CRL_FROM_CERT ((LPCSTR)4)
5031#define TIME_VALID_OID_GET_FRESHEST_CRL_FROM_CRL ((LPCSTR)5)
5032
5033#define TIME_VALID_OID_FLUSH_OBJECT_FUNC "TimeValidDllFlushObject"
5034
5035#define TIME_VALID_OID_FLUSH_CTL ((LPCSTR)1)
5036#define TIME_VALID_OID_FLUSH_CRL ((LPCSTR)2)
5037#define TIME_VALID_OID_FLUSH_CRL_FROM_CERT ((LPCSTR)3)
5038#define TIME_VALID_OID_FLUSH_FRESHEST_CRL_FROM_CERT ((LPCSTR)4)
5039#define TIME_VALID_OID_FLUSH_FRESHEST_CRL_FROM_CRL ((LPCSTR)5)
5040
5041#define CERT_CREATE_SELFSIGN_NO_SIGN 1
5042#define CERT_CREATE_SELFSIGN_NO_KEY_INFO 2
5043
5044#define CRYPT_KEYID_DELETE_FLAG 0x10
5045#define CRYPT_KEYID_MACHINE_FLAG 0x20
5046#define CRYPT_KEYID_SET_NEW_FLAG 0x2000
5047#define CRYPT_KEYID_ALLOC_FLAG 0x8000
5048
5049 WINIMPM WINBOOL WINAPI CryptGetTimeValidObject (LPCSTR pszTimeValidOid, LPVOID pvPara, PCCERT_CONTEXT pIssuer, LPFILETIME pftValidFor, DWORD dwFlags, DWORD dwTimeout, LPVOID *ppvObject, PCRYPT_CREDENTIALS pCredentials, PCRYPT_GET_TIME_VALID_OBJECT_EXTRA_INFO pExtraInfo);
5050 WINIMPM WINBOOL WINAPI CryptFlushTimeValidObject (LPCSTR pszFlushTimeValidOid, LPVOID pvPara, PCCERT_CONTEXT pIssuer, DWORD dwFlags, LPVOID pvReserved);
5051 WINIMPM PCCERT_CONTEXT WINAPI CertCreateSelfSignCertificate (HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey, PCERT_NAME_BLOB pSubjectIssuerBlob, DWORD dwFlags, PCRYPT_KEY_PROV_INFO pKeyProvInfo, PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, PSYSTEMTIME pStartTime, PSYSTEMTIME pEndTime, PCERT_EXTENSIONS pExtensions);
5052 WINIMPM WINBOOL WINAPI CryptGetKeyIdentifierProperty (const CRYPT_HASH_BLOB *pKeyIdentifier, DWORD dwPropId, DWORD dwFlags, LPCWSTR pwszComputerName, void *pvReserved, void *pvData, DWORD *pcbData);
5053 WINIMPM WINBOOL WINAPI CryptSetKeyIdentifierProperty (const CRYPT_HASH_BLOB *pKeyIdentifier, DWORD dwPropId, DWORD dwFlags, LPCWSTR pwszComputerName, void *pvReserved, const void *pvData);
5054 WINIMPM WINBOOL WINAPI CryptEnumKeyIdentifierProperties (const CRYPT_HASH_BLOB *pKeyIdentifier, DWORD dwPropId, DWORD dwFlags, LPCWSTR pwszComputerName, void *pvReserved, void *pvArg, PFN_CRYPT_ENUM_KEYID_PROP pfnEnum);
5055 WINIMPM WINBOOL WINAPI CryptCreateKeyIdentifierFromCSP (DWORD dwCertEncodingType, LPCSTR pszPubKeyOID, const PUBLICKEYSTRUC *pPubKeyStruc, DWORD cbPubKeyStruc, DWORD dwFlags, void *pvReserved, BYTE *pbHash, DWORD *pcbHash);
5056
5057#define CERT_CHAIN_MAX_URL_RETRIEVAL_BYTE_COUNT_VALUE_NAME L"MaxUrlRetrievalByteCount"
5058#define CERT_CHAIN_MAX_URL_RETRIEVAL_BYTE_COUNT_DEFAULT (100 *1024 *1024)
5059#define CERT_CHAIN_CACHE_RESYNC_FILETIME_VALUE_NAME L"ChainCacheResyncFiletime"
5060#define CERT_CHAIN_DISABLE_MANDATORY_BASIC_CONSTRAINTS_VALUE_NAME L"DisableMandatoryBasicConstraints"
5061#define CERT_CHAIN_DISABLE_CA_NAME_CONSTRAINTS_VALUE_NAME L"DisableCANameConstraints"
5062#define CERT_CHAIN_DISABLE_UNSUPPORTED_CRITICAL_EXTENSIONS_VALUE_NAME L"DisableUnsupportedCriticalExtensions"
5063#define CERT_CHAIN_MAX_AIA_URL_COUNT_IN_CERT_VALUE_NAME L"MaxAIAUrlCountInCert"
5064#define CERT_CHAIN_MAX_AIA_URL_COUNT_IN_CERT_DEFAULT 5
5065#define CERT_CHAIN_MAX_AIA_URL_RETRIEVAL_COUNT_PER_CHAIN_VALUE_NAME L"MaxAIAUrlRetrievalCountPerChain"
5066#define CERT_CHAIN_MAX_AIA_URL_RETRIEVAL_COUNT_PER_CHAIN_DEFAULT 3
5067#define CERT_CHAIN_MAX_AIA_URL_RETRIEVAL_BYTE_COUNT_VALUE_NAME L"MaxAIAUrlRetrievalByteCount"
5068#define CERT_CHAIN_MAX_AIA_URL_RETRIEVAL_BYTE_COUNT_DEFAULT 100000
5069#define CERT_CHAIN_MAX_AIA_URL_RETRIEVAL_CERT_COUNT_VALUE_NAME L"MaxAIAUrlRetrievalCertCount"
5070#define CERT_CHAIN_MAX_AIA_URL_RETRIEVAL_CERT_COUNT_DEFAULT 10
5071#define CERT_CHAIN_OCSP_VALIDITY_SECONDS_VALUE_NAME L"OcspValiditySeconds"
5072#define CERT_CHAIN_OCSP_VALIDITY_SECONDS_DEFAULT (12 *60 *60)
5073#define CERT_CHAIN_DISABLE_SERIAL_CHAIN_VALUE_NAME L"DisableSerialChain"
5074#define CERT_CHAIN_SERIAL_CHAIN_LOG_FILE_NAME_VALUE_NAME L"SerialChainLogFileName"
5075#define CERT_CHAIN_DISABLE_SYNC_WITH_SSL_TIME_VALUE_NAME L"DisableSyncWithSslTime"
5076#define CERT_CHAIN_MAX_SSL_TIME_UPDATED_EVENT_COUNT_VALUE_NAME L"MaxSslTimeUpdatedEventCount"
5077#define CERT_CHAIN_MAX_SSL_TIME_UPDATED_EVENT_COUNT_DEFAULT 5
5078#define CERT_CHAIN_MAX_SSL_TIME_UPDATED_EVENT_COUNT_DISABLE 0xFFFFFFFF
5079#define CERT_CHAIN_SSL_HANDSHAKE_LOG_FILE_NAME_VALUE_NAME L"SslHandshakeLogFileName"
5080#define CERT_CHAIN_ENABLE_WEAK_SIGNATURE_FLAGS_VALUE_NAME L"EnableWeakSignatureFlags"
5081#define CERT_CHAIN_ENABLE_MD2_MD4_FLAG 0x1
5082#define CERT_CHAIN_ENABLE_WEAK_RSA_ROOT_FLAG 0x2
5083#define CERT_CHAIN_ENABLE_WEAK_LOGGING_FLAG 0x4
5084#define CERT_CHAIN_ENABLE_ONLY_WEAK_LOGGING_FLAG 0x8
5085#define CERT_CHAIN_MIN_RSA_PUB_KEY_BIT_LENGTH_VALUE_NAME L"MinRsaPubKeyBitLength"
5086#define CERT_CHAIN_MIN_RSA_PUB_KEY_BIT_LENGTH_DEFAULT 1023
5087#define CERT_CHAIN_MIN_RSA_PUB_KEY_BIT_LENGTH_DISABLE 0xffffffff
5088#define CERT_CHAIN_WEAK_RSA_PUB_KEY_TIME_VALUE_NAME L"WeakRsaPubKeyTime"
5089#define CERT_CHAIN_WEAK_RSA_PUB_KEY_TIME_DEFAULT 0x01ca8a755c6e0000ULL
5090#define CERT_CHAIN_WEAK_SIGNATURE_LOG_DIR_VALUE_NAME L"WeakSignatureLogDir"
5091
5092#define CERT_CHAIN_DEFAULT_CONFIG_SUBDIR L"Default"
5093
5094#define CERT_CHAIN_WEAK_PREFIX_NAME L"Weak"
5095#define CERT_CHAIN_WEAK_THIRD_PARTY_CONFIG_NAME L"ThirdParty"
5096#define CERT_CHAIN_WEAK_ALL_CONFIG_NAME L"All"
5097#define CERT_CHAIN_WEAK_FLAGS_NAME L"Flags"
5098#define CERT_CHAIN_WEAK_HYGIENE_NAME L"Hygiene"
5099#define CERT_CHAIN_WEAK_AFTER_TIME_NAME L"AfterTime"
5100#define CERT_CHAIN_WEAK_FILE_HASH_AFTER_TIME_NAME L"FileHashAfterTime"
5101#define CERT_CHAIN_WEAK_TIMESTAMP_HASH_AFTER_TIME_NAME L"TimestampHashAfterTime"
5102#define CERT_CHAIN_WEAK_MIN_BIT_LENGTH_NAME L"MinBitLength"
5103#define CERT_CHAIN_WEAK_SHA256_ALLOW_NAME L"Sha256Allow"
5104
5105#define CERT_CHAIN_MIN_PUB_KEY_BIT_LENGTH_DISABLE 0xFFFFFFFF
5106
5107#define CERT_CHAIN_ENABLE_WEAK_SETTINGS_FLAG 0x80000000
5108#define CERT_CHAIN_DISABLE_ALL_EKU_WEAK_FLAG 0x00010000
5109#define CERT_CHAIN_ENABLE_ALL_EKU_HYGIENE_FLAG 0x00020000
5110#define CERT_CHAIN_DISABLE_OPT_IN_SERVER_AUTH_WEAK_FLAG 0x00040000
5111#define CERT_CHAIN_DISABLE_SERVER_AUTH_WEAK_FLAG 0x00100000
5112#define CERT_CHAIN_ENABLE_SERVER_AUTH_HYGIENE_FLAG 0x00200000
5113#define CERT_CHAIN_DISABLE_CODE_SIGNING_WEAK_FLAG 0x00400000
5114#define CERT_CHAIN_DISABLE_MOTW_CODE_SIGNING_WEAK_FLAG 0x00800000
5115#define CERT_CHAIN_ENABLE_CODE_SIGNING_HYGIENE_FLAG 0x01000000
5116#define CERT_CHAIN_ENABLE_MOTW_CODE_SIGNING_HYGIENE_FLAG 0x02000000
5117#define CERT_CHAIN_DISABLE_TIMESTAMP_WEAK_FLAG 0x04000000
5118#define CERT_CHAIN_DISABLE_MOTW_TIMESTAMP_WEAK_FLAG 0x08000000
5119#define CERT_CHAIN_ENABLE_TIMESTAMP_HYGIENE_FLAG 0x10000000
5120#define CERT_CHAIN_ENABLE_MOTW_TIMESTAMP_HYGIENE_FLAG 0x20000000
5121#define CERT_CHAIN_MOTW_IGNORE_AFTER_TIME_WEAK_FLAG 0x40000000
5122#define CERT_CHAIN_DISABLE_FILE_HASH_WEAK_FLAG 0x00001000
5123#define CERT_CHAIN_DISABLE_MOTW_FILE_HASH_WEAK_FLAG 0x00002000
5124#define CERT_CHAIN_DISABLE_TIMESTAMP_HASH_WEAK_FLAG 0x00004000
5125#define CERT_CHAIN_DISABLE_MOTW_TIMESTAMP_HASH_WEAK_FLAG 0x00008000
5126#define CERT_CHAIN_DISABLE_WEAK_FLAGS ( CERT_CHAIN_DISABLE_ALL_EKU_WEAK_FLAG | CERT_CHAIN_DISABLE_SERVER_AUTH_WEAK_FLAG | CERT_CHAIN_DISABLE_OPT_IN_SERVER_AUTH_WEAK_FLAG | CERT_CHAIN_DISABLE_CODE_SIGNING_WEAK_FLAG | CERT_CHAIN_DISABLE_MOTW_CODE_SIGNING_WEAK_FLAG | CERT_CHAIN_DISABLE_TIMESTAMP_WEAK_FLAG | CERT_CHAIN_DISABLE_MOTW_TIMESTAMP_WEAK_FLAG )
5127#define CERT_CHAIN_DISABLE_FILE_HASH_WEAK_FLAGS ( CERT_CHAIN_DISABLE_FILE_HASH_WEAK_FLAG | CERT_CHAIN_DISABLE_MOTW_FILE_HASH_WEAK_FLAG )
5128#define CERT_CHAIN_DISABLE_TIMESTAMP_HASH_WEAK_FLAGS ( CERT_CHAIN_DISABLE_TIMESTAMP_HASH_WEAK_FLAG | CERT_CHAIN_DISABLE_MOTW_TIMESTAMP_HASH_WEAK_FLAG )
5129#define CERT_CHAIN_ENABLE_HYGIENE_FLAGS ( CERT_CHAIN_ENABLE_ALL_EKU_HYGIENE_FLAG | CERT_CHAIN_ENABLE_SERVER_AUTH_HYGIENE_FLAG | CERT_CHAIN_ENABLE_CODE_SIGNING_HYGIENE_FLAG | CERT_CHAIN_ENABLE_MOTW_CODE_SIGNING_HYGIENE_FLAG | CERT_CHAIN_ENABLE_TIMESTAMP_HYGIENE_FLAG | CERT_CHAIN_ENABLE_MOTW_TIMESTAMP_HYGIENE_FLAG )
5130#define CERT_CHAIN_MOTW_WEAK_FLAGS ( CERT_CHAIN_DISABLE_MOTW_CODE_SIGNING_WEAK_FLAG | CERT_CHAIN_DISABLE_MOTW_TIMESTAMP_WEAK_FLAG | CERT_CHAIN_ENABLE_MOTW_CODE_SIGNING_HYGIENE_FLAG | CERT_CHAIN_ENABLE_MOTW_TIMESTAMP_HYGIENE_FLAG | CERT_CHAIN_MOTW_IGNORE_AFTER_TIME_WEAK_FLAG)
5131#define CERT_CHAIN_OPT_IN_WEAK_FLAGS ( CERT_CHAIN_DISABLE_OPT_IN_SERVER_AUTH_WEAK_FLAG)
5132
5133#define CERT_CHAIN_AUTO_CURRENT_USER 1
5134#define CERT_CHAIN_AUTO_LOCAL_MACHINE 2
5135#define CERT_CHAIN_AUTO_IMPERSONATED 3
5136#define CERT_CHAIN_AUTO_PROCESS_INFO 4
5137#define CERT_CHAIN_AUTO_PINRULE_INFO 5
5138#define CERT_CHAIN_AUTO_NETWORK_INFO 6
5139#define CERT_CHAIN_AUTO_SERIAL_LOCAL_MACHINE 7
5140#define CERT_CHAIN_AUTO_HPKP_RULE_INFO 8
5141
5142#define CERT_CHAIN_AUTO_FLAGS_VALUE_NAME L"AutoFlags"
5143
5144#define CERT_CHAIN_AUTO_FLUSH_DISABLE_FLAG 0x00000001
5145#define CERT_CHAIN_AUTO_LOG_CREATE_FLAG 0x00000002
5146#define CERT_CHAIN_AUTO_LOG_FREE_FLAG 0x00000004
5147#define CERT_CHAIN_AUTO_LOG_FLUSH_FLAG 0x00000008
5148#define CERT_CHAIN_AUTO_LOG_FLAGS ( CERT_CHAIN_AUTO_LOG_CREATE_FLAG | CERT_CHAIN_AUTO_LOG_FREE_FLAG | CERT_CHAIN_AUTO_LOG_FLUSH_FLAG )
5149
5150#define CERT_CHAIN_AUTO_FLUSH_FIRST_DELTA_SECONDS_VALUE_NAME L"AutoFlushFirstDeltaSeconds"
5151#define CERT_CHAIN_AUTO_FLUSH_FIRST_DELTA_SECONDS_DEFAULT (5 * 60)
5152#define CERT_CHAIN_AUTO_FLUSH_NEXT_DELTA_SECONDS_VALUE_NAME L"AutoFlushNextDeltaSeconds"
5153#define CERT_CHAIN_AUTO_FLUSH_NEXT_DELTA_SECONDS_DEFAULT (30 * 60)
5154#define CERT_CHAIN_AUTO_LOG_FILE_NAME_VALUE_NAME L"AutoLogFileName"
5155#define CERT_CHAIN_DISABLE_AUTO_FLUSH_PROCESS_NAME_LIST_VALUE_NAME L"DisableAutoFlushProcessNameList"
5156
5157#define CERT_SRV_OCSP_RESP_MIN_VALIDITY_SECONDS_VALUE_NAME L"SrvOcspRespMinValiditySeconds"
5158#define CERT_SRV_OCSP_RESP_MIN_VALIDITY_SECONDS_DEFAULT (10 *60)
5159#define CERT_SRV_OCSP_RESP_URL_RETRIEVAL_TIMEOUT_MILLISECONDS_VALUE_NAME L"SrvOcspRespUrlRetrievalTimeoutMilliseconds"
5160#define CERT_SRV_OCSP_RESP_URL_RETRIEVAL_TIMEOUT_MILLISECONDS_DEFAULT (15 *1000)
5161#define CERT_SRV_OCSP_RESP_MAX_BEFORE_NEXT_UPDATE_SECONDS_VALUE_NAME L"SrvOcspRespMaxBeforeNextUpdateSeconds"
5162#define CERT_SRV_OCSP_RESP_MAX_BEFORE_NEXT_UPDATE_SECONDS_DEFAULT (4 *60 *60)
5163#define CERT_SRV_OCSP_RESP_MIN_BEFORE_NEXT_UPDATE_SECONDS_VALUE_NAME L"SrvOcspRespMinBeforeNextUpdateSeconds"
5164#define CERT_SRV_OCSP_RESP_MIN_BEFORE_NEXT_UPDATE_SECONDS_DEFAULT (2 *60)
5165#define CERT_SRV_OCSP_RESP_MIN_AFTER_NEXT_UPDATE_SECONDS_VALUE_NAME L"SrvOcspRespMinAfterNextUpdateSeconds"
5166#define CERT_SRV_OCSP_RESP_MIN_AFTER_NEXT_UPDATE_SECONDS_DEFAULT (1 *60)
5167#define CERT_SRV_OCSP_RESP_MIN_SYNC_CERT_FILE_SECONDS_VALUE_NAME L"SrvOcspRespMinSyncCertFileSeconds"
5168#define CERT_SRV_OCSP_RESP_MIN_SYNC_CERT_FILE_SECONDS_DEFAULT 5
5169#define CERT_SRV_OCSP_RESP_MAX_SYNC_CERT_FILE_SECONDS_VALUE_NAME L"SrvOcspRespMaxSyncCertFileSeconds"
5170#define CERT_SRV_OCSP_RESP_MAX_SYNC_CERT_FILE_SECONDS_DEFAULT (1 * 60 * 60)
5171#define CRYPTNET_MAX_CACHED_OCSP_PER_CRL_COUNT_VALUE_NAME L"CryptnetMaxCachedOcspPerCrlCount"
5172#define CRYPTNET_MAX_CACHED_OCSP_PER_CRL_COUNT_DEFAULT 500
5173#define CRYPTNET_OCSP_AFTER_CRL_DISABLE 0xffffffff
5174#define CRYPTNET_URL_CACHE_DEFAULT_FLUSH_EXEMPT_SECONDS_VALUE_NAME L"CryptnetDefaultFlushExemptSeconds"
5175#define CRYPTNET_URL_CACHE_DEFAULT_FLUSH_EXEMPT_SECONDS_DEFAULT (28 *24 *60 *60)
5176#define CRYPTNET_PRE_FETCH_MIN_MAX_AGE_SECONDS_VALUE_NAME L"CryptnetPreFetchMinMaxAgeSeconds"
5177#define CRYPTNET_PRE_FETCH_MIN_MAX_AGE_SECONDS_DEFAULT (1 *60 *60)
5178#define CRYPTNET_PRE_FETCH_MAX_MAX_AGE_SECONDS_VALUE_NAME L"CryptnetPreFetchMaxMaxAgeSeconds"
5179#define CRYPTNET_PRE_FETCH_MAX_MAX_AGE_SECONDS_DEFAULT (14 *24 *60 *60)
5180#define CRYPTNET_PRE_FETCH_MIN_OCSP_VALIDITY_PERIOD_SECONDS_VALUE_NAME L"CryptnetPreFetchMinOcspValidityPeriodSeconds"
5181#define CRYPTNET_PRE_FETCH_MIN_OCSP_VALIDITY_PERIOD_SECONDS_DEFAULT (14 *24 *60 *60)
5182#define CRYPTNET_PRE_FETCH_AFTER_PUBLISH_PRE_FETCH_DIVISOR_VALUE_NAME L"CryptnetPreFetchAfterPublishPreFetchDivisor"
5183#define CRYPTNET_PRE_FETCH_AFTER_PUBLISH_PRE_FETCH_DIVISOR_DEFAULT 10
5184#define CRYPTNET_PRE_FETCH_BEFORE_NEXT_UPDATE_PRE_FETCH_DIVISOR_VALUE_NAME L"CryptnetPreFetchBeforeNextUpdatePreFetchDivisor"
5185#define CRYPTNET_PRE_FETCH_BEFORE_NEXT_UPDATE_PRE_FETCH_DIVISOR_DEFAULT 20
5186#define CRYPTNET_PRE_FETCH_MIN_BEFORE_NEXT_UPDATE_PRE_FETCH_PERIOD_SECONDS_VALUE_NAME L"CryptnetPreFetchMinBeforeNextUpdatePreFetchSeconds"
5187#define CRYPTNET_PRE_FETCH_MIN_BEFORE_NEXT_UPDATE_PRE_FETCH_PERIOD_SECONDS_DEFAULT (1 *60 *60)
5188#define CRYPTNET_PRE_FETCH_VALIDITY_PERIOD_AFTER_NEXT_UPDATE_PRE_FETCH_DIVISOR_VALUE_NAME L"CryptnetPreFetchValidityPeriodAfterNextUpdatePreFetchDivisor"
5189#define CRYPTNET_PRE_FETCH_VALIDITY_PERIOD_AFTER_NEXT_UPDATE_PRE_FETCH_DIVISOR_DEFAULT 10
5190#define CRYPTNET_PRE_FETCH_MAX_AFTER_NEXT_UPDATE_PRE_FETCH_PERIOD_SECONDS_VALUE_NAME L"CryptnetPreFetchMaxAfterNextUpdatePreFetchPeriodSeconds"
5191#define CRYPTNET_PRE_FETCH_MAX_AFTER_NEXT_UPDATE_PRE_FETCH_PERIOD_SECONDS_DEFAULT (4 *60 *60)
5192#define CRYPTNET_PRE_FETCH_MIN_AFTER_NEXT_UPDATE_PRE_FETCH_PERIOD_SECONDS_VALUE_NAME L"CryptnetPreFetchMinAfterNextUpdatePreFetchPeriodSeconds"
5193#define CRYPTNET_PRE_FETCH_MIN_AFTER_NEXT_UPDATE_PRE_FETCH_PERIOD_SECONDS_DEFAULT (30 *60)
5194#define CRYPTNET_PRE_FETCH_AFTER_CURRENT_TIME_PRE_FETCH_PERIOD_SECONDS_VALUE_NAME L"CryptnetPreFetchAfterCurrentTimePreFetchPeriodSeconds"
5195#define CRYPTNET_PRE_FETCH_AFTER_CURRENT_TIME_PRE_FETCH_PERIOD_SECONDS_DEFAULT (30 *60)
5196#define CRYPTNET_PRE_FETCH_TRIGGER_PERIOD_SECONDS_VALUE_NAME L"CryptnetPreFetchTriggerPeriodSeconds"
5197#define CRYPTNET_PRE_FETCH_TRIGGER_PERIOD_SECONDS_DEFAULT (10 *60)
5198#define CRYPTNET_PRE_FETCH_TRIGGER_DISABLE 0xffffffff
5199#define CRYPTNET_PRE_FETCH_SCAN_AFTER_TRIGGER_DELAY_SECONDS_VALUE_NAME L"CryptnetPreFetchScanAfterTriggerDelaySeconds"
5200#define CRYPTNET_PRE_FETCH_SCAN_AFTER_TRIGGER_DELAY_SECONDS_DEFAULT 30
5201#define CRYPTNET_PRE_FETCH_RETRIEVAL_TIMEOUT_SECONDS_VALUE_NAME L"CryptnetPreFetchRetrievalTimeoutSeconds"
5202#define CRYPTNET_PRE_FETCH_RETRIEVAL_TIMEOUT_SECONDS_DEFAULT (5 *60)
5203#define CRYPTNET_CRL_PRE_FETCH_CONFIG_REGPATH CERT_CHAIN_CONFIG_REGPATH L"\\CrlPreFetch"
5204#define CRYPTNET_CRL_PRE_FETCH_PROCESS_NAME_LIST_VALUE_NAME L"ProcessNameList"
5205#define CRYPTNET_CRL_PRE_FETCH_URL_LIST_VALUE_NAME L"PreFetchUrlList"
5206#define CRYPTNET_CRL_PRE_FETCH_DISABLE_INFORMATION_EVENTS_VALUE_NAME L"DisableInformationEvents"
5207#define CRYPTNET_CRL_PRE_FETCH_LOG_FILE_NAME_VALUE_NAME L"LogFileName"
5208#define CRYPTNET_CRL_PRE_FETCH_TIMEOUT_SECONDS_VALUE_NAME L"TimeoutSeconds"
5209#define CRYPTNET_CRL_PRE_FETCH_TIMEOUT_SECONDS_DEFAULT (5 * 60)
5210#define CRYPTNET_CRL_PRE_FETCH_MAX_AGE_SECONDS_VALUE_NAME L"MaxAgeSeconds"
5211#define CRYPTNET_CRL_PRE_FETCH_MAX_AGE_SECONDS_DEFAULT (2 * 60 * 60)
5212#define CRYPTNET_CRL_PRE_FETCH_MAX_AGE_SECONDS_MIN (5 * 60)
5213#define CRYPTNET_CRL_PRE_FETCH_PUBLISH_BEFORE_NEXT_UPDATE_SECONDS_VALUE_NAME L"PublishBeforeNextUpdateSeconds"
5214#define CRYPTNET_CRL_PRE_FETCH_PUBLISH_BEFORE_NEXT_UPDATE_SECONDS_DEFAULT (1 * 60 * 60)
5215#define CRYPTNET_CRL_PRE_FETCH_PUBLISH_RANDOM_INTERVAL_SECONDS_VALUE_NAME L"PublishRandomIntervalSeconds"
5216#define CRYPTNET_CRL_PRE_FETCH_PUBLISH_RANDOM_INTERVAL_SECONDS_DEFAULT (5 * 60)
5217#define CRYPTNET_CRL_PRE_FETCH_MIN_BEFORE_NEXT_UPDATE_SECONDS_VALUE_NAME L"MinBeforeNextUpdateSeconds"
5218#define CRYPTNET_CRL_PRE_FETCH_MIN_BEFORE_NEXT_UPDATE_SECONDS_DEFAULT (5 * 60)
5219#define CRYPTNET_CRL_PRE_FETCH_MIN_AFTER_NEXT_UPDATE_SECONDS_VALUE_NAME L"MinAfterNextUpdateSeconds"
5220#define CRYPTNET_CRL_PRE_FETCH_MIN_AFTER_NEXT_UPDATE_SECONDS_DEFAULT (5 * 60)
5221#define CERT_GROUP_POLICY_CHAIN_CONFIG_REGPATH CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH L"\\ChainEngine\\Config"
5222#define CERT_CHAIN_URL_RETRIEVAL_TIMEOUT_MILLISECONDS_VALUE_NAME L"ChainUrlRetrievalTimeoutMilliseconds"
5223#define CERT_CHAIN_URL_RETRIEVAL_TIMEOUT_MILLISECONDS_DEFAULT (15 *1000)
5224#define CERT_CHAIN_REV_ACCUMULATIVE_URL_RETRIEVAL_TIMEOUT_MILLISECONDS_VALUE_NAME L"ChainRevAccumulativeUrlRetrievalTimeoutMilliseconds"
5225#define CERT_CHAIN_REV_ACCUMULATIVE_URL_RETRIEVAL_TIMEOUT_MILLISECONDS_DEFAULT (20 *1000)
5226#define CERT_RETR_BEHAVIOR_INET_AUTH_VALUE_NAME L"EnableInetUnknownAuth"
5227#define CERT_RETR_BEHAVIOR_INET_STATUS_VALUE_NAME L"EnableInetLocal"
5228#define CERT_RETR_BEHAVIOR_FILE_VALUE_NAME L"AllowFileUrlScheme"
5229#define CERT_RETR_BEHAVIOR_LDAP_VALUE_NAME L"DisableLDAPSignAndEncrypt"
5230#define CRYPTNET_CACHED_OCSP_SWITCH_TO_CRL_COUNT_VALUE_NAME L"CryptnetCachedOcspSwitchToCrlCount"
5231#define CRYPTNET_CACHED_OCSP_SWITCH_TO_CRL_COUNT_DEFAULT 50
5232#define CRYPTNET_CRL_BEFORE_OCSP_ENABLE 0xffffffff
5233#define CERT_CHAIN_DISABLE_AIA_URL_RETRIEVAL_VALUE_NAME L"DisableAIAUrlRetrieval"
5234#define CERT_CHAIN_OPTIONS_VALUE_NAME L"Options"
5235#define CERT_CHAIN_OPTION_DISABLE_AIA_URL_RETRIEVAL 0x2
5236#define CERT_CHAIN_OPTION_ENABLE_SIA_URL_RETRIEVAL 0x4
5237#define CERT_CHAIN_CROSS_CERT_DOWNLOAD_INTERVAL_HOURS_VALUE_NAME L"CrossCertDownloadIntervalHours"
5238#define CERT_CHAIN_CROSS_CERT_DOWNLOAD_INTERVAL_HOURS_DEFAULT (24 *7)
5239#define CERT_CHAIN_CRL_VALIDITY_EXT_PERIOD_HOURS_VALUE_NAME L"CRLValidityExtensionPeriod"
5240#define CERT_CHAIN_CRL_VALIDITY_EXT_PERIOD_HOURS_DEFAULT 12
5241
5242#define HCCE_CURRENT_USER ((HCERTCHAINENGINE)NULL)
5243#define HCCE_LOCAL_MACHINE ((HCERTCHAINENGINE)0x1)
5244#define HCCE_SERIAL_LOCAL_MACHINE ((HCERTCHAINENGINE)0x2)
5245
5246#define CERT_CHAIN_CACHE_END_CERT 0x1
5247#define CERT_CHAIN_THREAD_STORE_SYNC 0x2
5248#define CERT_CHAIN_CACHE_ONLY_URL_RETRIEVAL 0x4
5249#define CERT_CHAIN_USE_LOCAL_MACHINE_STORE 0x8
5250#define CERT_CHAIN_ENABLE_CACHE_AUTO_UPDATE 0x10
5251#define CERT_CHAIN_ENABLE_SHARE_STORE 0x20
5252
5253 typedef HANDLE HCERTCHAINENGINE;
5254
5255 typedef struct _CERT_CHAIN_ENGINE_CONFIG {
5256 DWORD cbSize;
5257 HCERTSTORE hRestrictedRoot;
5258 HCERTSTORE hRestrictedTrust;
5259 HCERTSTORE hRestrictedOther;
5260 DWORD cAdditionalStore;
5261 HCERTSTORE *rghAdditionalStore;
5262 DWORD dwFlags;
5263 DWORD dwUrlRetrievalTimeout;
5264 DWORD MaximumCachedCertificates;
5265 DWORD CycleDetectionModulus;
5266#if NTDDI_VERSION >= NTDDI_WIN7
5267 HCERTSTORE hExclusiveRoot;
5268 HCERTSTORE hExclusiveTrustedPeople;
5269#endif
5270#if NTDDI_VERSION >= NTDDI_WIN8
5271 DWORD dwExclusiveFlags;
5272#endif
5273 } CERT_CHAIN_ENGINE_CONFIG,*PCERT_CHAIN_ENGINE_CONFIG;
5274
5275#if NTDDI_VERSION >= NTDDI_WIN8
5276#define CERT_CHAIN_EXCLUSIVE_ENABLE_CA_FLAG 0x1
5277#endif
5278
5279 WINIMPM WINBOOL WINAPI CertCreateCertificateChainEngine (PCERT_CHAIN_ENGINE_CONFIG pConfig, HCERTCHAINENGINE *phChainEngine);
5280 WINIMPM VOID WINAPI CertFreeCertificateChainEngine (HCERTCHAINENGINE hChainEngine);
5281 WINIMPM WINBOOL WINAPI CertResyncCertificateChainEngine (HCERTCHAINENGINE hChainEngine);
5282
5283 typedef struct _CERT_TRUST_STATUS {
5284 DWORD dwErrorStatus;
5285 DWORD dwInfoStatus;
5286 } CERT_TRUST_STATUS,*PCERT_TRUST_STATUS;
5287
5288#define CERT_TRUST_NO_ERROR 0x0
5289#define CERT_TRUST_IS_NOT_TIME_VALID 0x1
5290#define CERT_TRUST_IS_NOT_TIME_NESTED 0x2
5291#define CERT_TRUST_IS_REVOKED 0x4
5292#define CERT_TRUST_IS_NOT_SIGNATURE_VALID 0x8
5293#define CERT_TRUST_IS_NOT_VALID_FOR_USAGE 0x10
5294#define CERT_TRUST_IS_UNTRUSTED_ROOT 0x20
5295#define CERT_TRUST_REVOCATION_STATUS_UNKNOWN 0x40
5296#define CERT_TRUST_IS_CYCLIC 0x80
5297#define CERT_TRUST_INVALID_EXTENSION 0x100
5298#define CERT_TRUST_INVALID_POLICY_CONSTRAINTS 0x200
5299#define CERT_TRUST_INVALID_BASIC_CONSTRAINTS 0x400
5300#define CERT_TRUST_INVALID_NAME_CONSTRAINTS 0x800
5301#define CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT 0x1000
5302#define CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT 0x2000
5303#define CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT 0x4000
5304#define CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT 0x8000
5305#define CERT_TRUST_IS_PARTIAL_CHAIN 0x10000
5306#define CERT_TRUST_CTL_IS_NOT_TIME_VALID 0x20000
5307#define CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID 0x40000
5308#define CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE 0x80000
5309#define CERT_TRUST_IS_OFFLINE_REVOCATION 0x1000000
5310#define CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY 0x2000000
5311#define CERT_TRUST_IS_EXPLICIT_DISTRUST 0x4000000
5312#define CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT 0x8000000
5313#define CERT_TRUST_HAS_WEAK_SIGNATURE 0x100000
5314
5315#define CERT_TRUST_HAS_EXACT_MATCH_ISSUER 0x1
5316#define CERT_TRUST_HAS_KEY_MATCH_ISSUER 0x2
5317#define CERT_TRUST_HAS_NAME_MATCH_ISSUER 0x4
5318#define CERT_TRUST_IS_SELF_SIGNED 0x8
5319#define CERT_TRUST_AUTO_UPDATE_CA_REVOCATION 0x10
5320#define CERT_TRUST_AUTO_UPDATE_END_REVOCATION 0x20
5321#define CERT_TRUST_NO_OCSP_FAILOVER_TO_CRL 0x40
5322#define CERT_TRUST_IS_KEY_ROLLOVER 0x00000080
5323#define CERT_TRUST_SSL_HANDSHAKE_OCSP 0x00040000
5324#define CERT_TRUST_SSL_TIME_VALID_OCSP 0x00080000
5325#define CERT_TRUST_SSL_RECONNECT_OCSP 0x00100000
5326
5327#define CERT_TRUST_HAS_PREFERRED_ISSUER 0x100
5328#define CERT_TRUST_HAS_ISSUANCE_CHAIN_POLICY 0x200
5329#define CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS 0x400
5330#define CERT_TRUST_IS_PEER_TRUSTED 0x800
5331#define CERT_TRUST_HAS_CRL_VALIDITY_EXTENDED 0x1000
5332#define CERT_TRUST_IS_FROM_EXCLUSIVE_TRUST_STORE 0x2000
5333#if NTDDI_VERSION >= NTDDI_WIN8
5334#define CERT_TRUST_IS_CA_TRUSTED 0x00004000
5335#define CERT_TRUST_HAS_AUTO_UPDATE_WEAK_SIGNATURE 0x00008000
5336#define CERT_TRUST_HAS_ALLOW_WEAK_SIGNATURE 0x00020000
5337#endif
5338#define CERT_TRUST_IS_COMPLEX_CHAIN 0x00010000
5339#define CERT_TRUST_SSL_TIME_VALID 0x01000000
5340#define CERT_TRUST_NO_TIME_CHECK 0x02000000
5341
5342 typedef struct _CERT_REVOCATION_INFO {
5343 DWORD cbSize;
5344 DWORD dwRevocationResult;
5345 LPCSTR pszRevocationOid;
5346 LPVOID pvOidSpecificInfo;
5347 WINBOOL fHasFreshnessTime;
5348 DWORD dwFreshnessTime;
5349 PCERT_REVOCATION_CRL_INFO pCrlInfo;
5350 } CERT_REVOCATION_INFO,*PCERT_REVOCATION_INFO;
5351
5352 typedef struct _CERT_TRUST_LIST_INFO {
5353 DWORD cbSize;
5354 PCTL_ENTRY pCtlEntry;
5355 PCCTL_CONTEXT pCtlContext;
5356 } CERT_TRUST_LIST_INFO,*PCERT_TRUST_LIST_INFO;
5357
5358 typedef struct _CERT_CHAIN_ELEMENT {
5359 DWORD cbSize;
5360 PCCERT_CONTEXT pCertContext;
5361 CERT_TRUST_STATUS TrustStatus;
5362 PCERT_REVOCATION_INFO pRevocationInfo;
5363 PCERT_ENHKEY_USAGE pIssuanceUsage;
5364 PCERT_ENHKEY_USAGE pApplicationUsage;
5365 LPCWSTR pwszExtendedErrorInfo;
5366 } CERT_CHAIN_ELEMENT,*PCERT_CHAIN_ELEMENT;
5367
5368 typedef const CERT_CHAIN_ELEMENT *PCCERT_CHAIN_ELEMENT;
5369
5370 typedef struct _CERT_SIMPLE_CHAIN {
5371 DWORD cbSize;
5372 CERT_TRUST_STATUS TrustStatus;
5373 DWORD cElement;
5374 PCERT_CHAIN_ELEMENT *rgpElement;
5375 PCERT_TRUST_LIST_INFO pTrustListInfo;
5376 WINBOOL fHasRevocationFreshnessTime;
5377 DWORD dwRevocationFreshnessTime;
5378 } CERT_SIMPLE_CHAIN,*PCERT_SIMPLE_CHAIN;
5379
5380 typedef const CERT_SIMPLE_CHAIN *PCCERT_SIMPLE_CHAIN;
5381
5382 typedef struct _CERT_CHAIN_CONTEXT CERT_CHAIN_CONTEXT,*PCERT_CHAIN_CONTEXT;
5383 typedef const CERT_CHAIN_CONTEXT *PCCERT_CHAIN_CONTEXT;
5384
5385 struct _CERT_CHAIN_CONTEXT {
5386 DWORD cbSize;
5387 CERT_TRUST_STATUS TrustStatus;
5388 DWORD cChain;
5389 PCERT_SIMPLE_CHAIN *rgpChain;
5390 DWORD cLowerQualityChainContext;
5391 PCCERT_CHAIN_CONTEXT *rgpLowerQualityChainContext;
5392 WINBOOL fHasRevocationFreshnessTime;
5393 DWORD dwRevocationFreshnessTime;
5394 DWORD dwCreateFlags;
5395 GUID ChainId;
5396 };
5397
5398#define USAGE_MATCH_TYPE_AND 0x0
5399#define USAGE_MATCH_TYPE_OR 0x1
5400
5401 typedef struct _CERT_USAGE_MATCH {
5402 DWORD dwType;
5403 CERT_ENHKEY_USAGE Usage;
5404 } CERT_USAGE_MATCH,*PCERT_USAGE_MATCH;
5405
5406 typedef struct _CTL_USAGE_MATCH {
5407 DWORD dwType;
5408 CTL_USAGE Usage;
5409 } CTL_USAGE_MATCH,*PCTL_USAGE_MATCH;
5410
5411 typedef struct _CERT_CHAIN_PARA {
5412 DWORD cbSize;
5413 CERT_USAGE_MATCH RequestedUsage;
5414#ifdef CERT_CHAIN_PARA_HAS_EXTRA_FIELDS
5415 CERT_USAGE_MATCH RequestedIssuancePolicy;
5416 DWORD dwUrlRetrievalTimeout;
5417 WINBOOL fCheckRevocationFreshnessTime;
5418 DWORD dwRevocationFreshnessTime;
5419 LPFILETIME pftCacheResync;
5420 PCCERT_STRONG_SIGN_PARA pStrongSignPara;
5421 DWORD dwStrongSignFlags;
5422#endif
5423 } CERT_CHAIN_PARA,*PCERT_CHAIN_PARA;
5424
5425#define CERT_CHAIN_STRONG_SIGN_DISABLE_END_CHECK_FLAG 0x1
5426#define CERT_CHAIN_DISABLE_PASS1_QUALITY_FILTERING 0x40
5427#define CERT_CHAIN_RETURN_LOWER_QUALITY_CONTEXTS 0x80
5428#define CERT_CHAIN_DISABLE_AUTH_ROOT_AUTO_UPDATE 0x100
5429#define CERT_CHAIN_TIMESTAMP_TIME 0x200
5430#define CERT_CHAIN_ENABLE_PEER_TRUST 0x400
5431#define CERT_CHAIN_DISABLE_MY_PEER_TRUST 0x800
5432#define CERT_CHAIN_DISABLE_MD2_MD4 0x1000
5433#define CERT_CHAIN_DISABLE_AIA 0x2000
5434#define CERT_CHAIN_HAS_MOTW 0x4000
5435#define CERT_CHAIN_ONLY_ADDITIONAL_AND_AUTH_ROOT 0x8000
5436#define CERT_CHAIN_OPT_IN_WEAK_SIGNATURE 0x10000
5437#define CERT_CHAIN_REVOCATION_CHECK_END_CERT 0x10000000
5438#define CERT_CHAIN_REVOCATION_CHECK_CHAIN 0x20000000
5439#define CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT 0x40000000
5440#define CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY 0x80000000
5441#define CERT_CHAIN_REVOCATION_ACCUMULATIVE_TIMEOUT 0x8000000
5442#define CERT_CHAIN_REVOCATION_CHECK_OCSP_CERT 0x4000000
5443
5444 WINIMPM WINBOOL WINAPI CertGetCertificateChain (HCERTCHAINENGINE hChainEngine, PCCERT_CONTEXT pCertContext, LPFILETIME pTime, HCERTSTORE hAdditionalStore, PCERT_CHAIN_PARA pChainPara, DWORD dwFlags, LPVOID pvReserved, PCCERT_CHAIN_CONTEXT *ppChainContext);
5445 WINIMPM VOID WINAPI CertFreeCertificateChain (PCCERT_CHAIN_CONTEXT pChainContext);
5446 WINIMPM PCCERT_CHAIN_CONTEXT WINAPI CertDuplicateCertificateChain (PCCERT_CHAIN_CONTEXT pChainContext);
5447
5448 struct _CERT_REVOCATION_CHAIN_PARA {
5449 DWORD cbSize;
5450 HCERTCHAINENGINE hChainEngine;
5451 HCERTSTORE hAdditionalStore;
5452 DWORD dwChainFlags;
5453 DWORD dwUrlRetrievalTimeout;
5454 LPFILETIME pftCurrentTime;
5455 LPFILETIME pftCacheResync;
5456 DWORD cbMaxUrlRetrievalByteCount;
5457 };
5458
5459#define REVOCATION_OID_CRL_REVOCATION ((LPCSTR)1)
5460
5461 typedef struct _CRL_REVOCATION_INFO {
5462 PCRL_ENTRY pCrlEntry;
5463 PCCRL_CONTEXT pCrlContext;
5464 PCCERT_CHAIN_CONTEXT pCrlIssuerChain;
5465 } CRL_REVOCATION_INFO,*PCRL_REVOCATION_INFO;
5466
5467 WINIMPM PCCERT_CHAIN_CONTEXT WINAPI CertFindChainInStore (HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFindFlags, DWORD dwFindType, const void *pvFindPara, PCCERT_CHAIN_CONTEXT pPrevChainContext);
5468
5469#define CERT_CHAIN_FIND_BY_ISSUER 1
5470
5471 typedef WINBOOL (WINAPI *PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK) (PCCERT_CONTEXT pCert, void *pvFindArg);
5472
5473 typedef struct _CERT_CHAIN_FIND_BY_ISSUER_PARA {
5474 DWORD cbSize;
5475 LPCSTR pszUsageIdentifier;
5476 DWORD dwKeySpec;
5477 DWORD dwAcquirePrivateKeyFlags;
5478 DWORD cIssuer;
5479 CERT_NAME_BLOB *rgIssuer;
5480 PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK pfnFindCallback;
5481 void *pvFindArg;
5482#ifdef CERT_CHAIN_FIND_BY_ISSUER_PARA_HAS_EXTRA_FIELDS
5483 DWORD *pdwIssuerChainIndex;
5484 DWORD *pdwIssuerElementIndex;
5485#endif
5486 } CERT_CHAIN_FIND_ISSUER_PARA,*PCERT_CHAIN_FIND_ISSUER_PARA,CERT_CHAIN_FIND_BY_ISSUER_PARA,*PCERT_CHAIN_FIND_BY_ISSUER_PARA;
5487
5488#define CERT_CHAIN_FIND_BY_ISSUER_COMPARE_KEY_FLAG 0x1
5489#define CERT_CHAIN_FIND_BY_ISSUER_COMPLEX_CHAIN_FLAG 0x2
5490#define CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG 0x4
5491#define CERT_CHAIN_FIND_BY_ISSUER_LOCAL_MACHINE_FLAG 0x8
5492#define CERT_CHAIN_FIND_BY_ISSUER_NO_KEY_FLAG 0x4000
5493#define CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG 0x8000
5494
5495 typedef struct _CERT_CHAIN_POLICY_PARA {
5496 DWORD cbSize;
5497 DWORD dwFlags;
5498 void *pvExtraPolicyPara;
5499 } CERT_CHAIN_POLICY_PARA,*PCERT_CHAIN_POLICY_PARA;
5500
5501 typedef struct _CERT_CHAIN_POLICY_STATUS {
5502 DWORD cbSize;
5503 DWORD dwError;
5504 LONG lChainIndex;
5505 LONG lElementIndex;
5506 void *pvExtraPolicyStatus;
5507 } CERT_CHAIN_POLICY_STATUS,*PCERT_CHAIN_POLICY_STATUS;
5508
5509#define CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG 0x1
5510#define CERT_CHAIN_POLICY_IGNORE_CTL_NOT_TIME_VALID_FLAG 0x2
5511#define CERT_CHAIN_POLICY_IGNORE_NOT_TIME_NESTED_FLAG 0x4
5512#define CERT_CHAIN_POLICY_IGNORE_INVALID_BASIC_CONSTRAINTS_FLAG 0x8
5513
5514#define CERT_CHAIN_POLICY_IGNORE_ALL_NOT_TIME_VALID_FLAGS (CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG | CERT_CHAIN_POLICY_IGNORE_CTL_NOT_TIME_VALID_FLAG | CERT_CHAIN_POLICY_IGNORE_NOT_TIME_NESTED_FLAG)
5515
5516#define CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG 0x10
5517#define CERT_CHAIN_POLICY_IGNORE_WRONG_USAGE_FLAG 0x20
5518#define CERT_CHAIN_POLICY_IGNORE_INVALID_NAME_FLAG 0x40
5519#define CERT_CHAIN_POLICY_IGNORE_INVALID_POLICY_FLAG 0x80
5520
5521#define CERT_CHAIN_POLICY_IGNORE_END_REV_UNKNOWN_FLAG 0x100
5522#define CERT_CHAIN_POLICY_IGNORE_CTL_SIGNER_REV_UNKNOWN_FLAG 0x200
5523#define CERT_CHAIN_POLICY_IGNORE_CA_REV_UNKNOWN_FLAG 0x400
5524#define CERT_CHAIN_POLICY_IGNORE_ROOT_REV_UNKNOWN_FLAG 0x800
5525
5526#define CERT_CHAIN_POLICY_IGNORE_ALL_REV_UNKNOWN_FLAGS (CERT_CHAIN_POLICY_IGNORE_END_REV_UNKNOWN_FLAG | CERT_CHAIN_POLICY_IGNORE_CTL_SIGNER_REV_UNKNOWN_FLAG | CERT_CHAIN_POLICY_IGNORE_CA_REV_UNKNOWN_FLAG | CERT_CHAIN_POLICY_IGNORE_ROOT_REV_UNKNOWN_FLAG)
5527
5528#define CERT_CHAIN_POLICY_IGNORE_PEER_TRUST_FLAG 0x1000
5529#define CERT_CHAIN_POLICY_IGNORE_NOT_SUPPORTED_CRITICAL_EXT_FLAG 0x2000
5530#define CERT_CHAIN_POLICY_TRUST_TESTROOT_FLAG 0x4000
5531#define CERT_CHAIN_POLICY_ALLOW_TESTROOT_FLAG 0x8000
5532
5533 WINIMPM WINBOOL WINAPI CertVerifyCertificateChainPolicy (LPCSTR pszPolicyOID, PCCERT_CHAIN_CONTEXT pChainContext, PCERT_CHAIN_POLICY_PARA pPolicyPara, PCERT_CHAIN_POLICY_STATUS pPolicyStatus);
5534
5535#define CRYPT_OID_VERIFY_CERTIFICATE_CHAIN_POLICY_FUNC "CertDllVerifyCertificateChainPolicy"
5536
5537#define CERT_CHAIN_POLICY_BASE ((LPCSTR) 1)
5538#define CERT_CHAIN_POLICY_AUTHENTICODE ((LPCSTR) 2)
5539#define CERT_CHAIN_POLICY_AUTHENTICODE_TS ((LPCSTR) 3)
5540#define CERT_CHAIN_POLICY_SSL ((LPCSTR) 4)
5541#define CERT_CHAIN_POLICY_BASIC_CONSTRAINTS ((LPCSTR) 5)
5542#define CERT_CHAIN_POLICY_NT_AUTH ((LPCSTR) 6)
5543#define CERT_CHAIN_POLICY_MICROSOFT_ROOT ((LPCSTR) 7)
5544#define CERT_CHAIN_POLICY_EV ((LPCSTR) 8)
5545#define CERT_CHAIN_POLICY_SSL_F12 ((LPCSTR) 9)
5546#define CERT_CHAIN_POLICY_SSL_HPKP_HEADER ((LPCSTR) 10)
5547#define CERT_CHAIN_POLICY_THIRD_PARTY_ROOT ((LPCSTR) 11)
5548#define CERT_CHAIN_POLICY_SSL_KEY_PIN ((LPCSTR) 12)
5549
5550 typedef struct _AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA {
5551 DWORD cbSize;
5552 DWORD dwRegPolicySettings;
5553 PCMSG_SIGNER_INFO pSignerInfo;
5554 } AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA, *PAUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA;
5555
5556 typedef struct _AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS {
5557 DWORD cbSize;
5558 WINBOOL fCommercial;
5559 } AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS, *PAUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS;
5560
5561 typedef struct _AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA {
5562 DWORD cbSize;
5563 DWORD dwRegPolicySettings;
5564 WINBOOL fCommercial;
5565 } AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA,*PAUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA;
5566
5567#define AUTHTYPE_CLIENT 1
5568#define AUTHTYPE_SERVER 2
5569
5570 typedef struct _HTTPSPolicyCallbackData {
5571 __C89_NAMELESS union {
5572 DWORD cbStruct;
5573 DWORD cbSize;
5574 };
5575 DWORD dwAuthType;
5576 DWORD fdwChecks;
5577 WCHAR *pwszServerName;
5578 } HTTPSPolicyCallbackData,*PHTTPSPolicyCallbackData,SSL_EXTRA_CERT_CHAIN_POLICY_PARA,*PSSL_EXTRA_CERT_CHAIN_POLICY_PARA;
5579
5580#define BASIC_CONSTRAINTS_CERT_CHAIN_POLICY_CA_FLAG 0x80000000
5581#define BASIC_CONSTRAINTS_CERT_CHAIN_POLICY_END_ENTITY_FLAG 0x40000000
5582#define MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG 0x00010000
5583#define MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG 0x00020000
5584#define MICROSOFT_ROOT_CERT_CHAIN_POLICY_DISABLE_FLIGHT_ROOT_FLAG 0x00040000
5585
5586 typedef struct _EV_EXTRA_CERT_CHAIN_POLICY_PARA {
5587 DWORD cbSize;
5588 DWORD dwRootProgramQualifierFlags;
5589 } EV_EXTRA_CERT_CHAIN_POLICY_PARA,*PEV_EXTRA_CERT_CHAIN_POLICY_PARA;
5590
5591 typedef struct _EV_EXTRA_CERT_CHAIN_POLICY_STATUS {
5592 DWORD cbSize;
5593 DWORD dwQualifiers;
5594 DWORD dwIssuanceUsageIndex;
5595 } EV_EXTRA_CERT_CHAIN_POLICY_STATUS,*PEV_EXTRA_CERT_CHAIN_POLICY_STATUS;
5596
5597#define SSL_F12_ERROR_TEXT_LENGTH 256
5598 typedef struct _SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS {
5599 DWORD cbSize;
5600 DWORD dwErrorLevel;
5601 DWORD dwErrorCategory;
5602 DWORD dwReserved;
5603 WCHAR wszErrorText[SSL_F12_ERROR_TEXT_LENGTH]; /* Localized */
5604 } SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS, *PSSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS;
5605
5606#define CERT_CHAIN_POLICY_SSL_F12_SUCCESS_LEVEL 0
5607#define CERT_CHAIN_POLICY_SSL_F12_WARNING_LEVEL 1
5608#define CERT_CHAIN_POLICY_SSL_F12_ERROR_LEVEL 2
5609
5610#define CERT_CHAIN_POLICY_SSL_F12_NONE_CATEGORY 0
5611#define CERT_CHAIN_POLICY_SSL_F12_WEAK_CRYPTO_CATEGORY 1
5612#define CERT_CHAIN_POLICY_SSL_F12_ROOT_PROGRAM_CATEGORY 2
5613
5614#define SSL_HPKP_PKP_HEADER_INDEX 0
5615#define SSL_HPKP_PKP_RO_HEADER_INDEX 1
5616#define SSL_HPKP_HEADER_COUNT 2
5617
5618 typedef struct _SSL_HPKP_HEADER_EXTRA_CERT_CHAIN_POLICY_PARA {
5619 DWORD cbSize;
5620 DWORD dwReserved;
5621 LPWSTR pwszServerName;
5622 LPSTR rgpszHpkpValue[SSL_HPKP_HEADER_COUNT];
5623 } SSL_HPKP_HEADER_EXTRA_CERT_CHAIN_POLICY_PARA, *PSSL_HPKP_HEADER_EXTRA_CERT_CHAIN_POLICY_PARA;
5624
5625 typedef struct _SSL_KEY_PIN_EXTRA_CERT_CHAIN_POLICY_PARA {
5626 DWORD cbSize;
5627 DWORD dwReserved;
5628 PCWSTR pwszServerName;
5629 } SSL_KEY_PIN_EXTRA_CERT_CHAIN_POLICY_PARA, *PSSL_KEY_PIN_EXTRA_CERT_CHAIN_POLICY_PARA;
5630
5631#define SSL_KEY_PIN_ERROR_TEXT_LENGTH 512
5632 typedef struct _SSL_KEY_PIN_EXTRA_CERT_CHAIN_POLICY_STATUS {
5633 DWORD cbSize;
5634 LONG lError;
5635 WCHAR wszErrorText[SSL_KEY_PIN_ERROR_TEXT_LENGTH];
5636 } SSL_KEY_PIN_EXTRA_CERT_CHAIN_POLICY_STATUS, *PSSL_KEY_PIN_EXTRA_CERT_CHAIN_POLICY_STATUS;
5637
5638#define CERT_CHAIN_POLICY_SSL_KEY_PIN_MISMATCH_ERROR -2
5639#define CERT_CHAIN_POLICY_SSL_KEY_PIN_MITM_ERROR -1
5640#define CERT_CHAIN_POLICY_SSL_KEY_PIN_SUCCESS 0
5641#define CERT_CHAIN_POLICY_SSL_KEY_PIN_MITM_WARNING 1
5642#define CERT_CHAIN_POLICY_SSL_KEY_PIN_MISMATCH_WARNING 2
5643
5644#define CryptStringToBinary __MINGW_NAME_AW(CryptStringToBinary)
5645#define CryptBinaryToString __MINGW_NAME_AW(CryptBinaryToString)
5646
5647 WINIMPM WINBOOL WINAPI CryptStringToBinaryA (LPCSTR pszString, DWORD cchString, DWORD dwFlags, BYTE *pbBinary, DWORD *pcbBinary, DWORD *pdwSkip, DWORD *pdwFlags);
5648 WINIMPM WINBOOL WINAPI CryptStringToBinaryW (LPCWSTR pszString, DWORD cchString, DWORD dwFlags, BYTE *pbBinary, DWORD *pcbBinary, DWORD *pdwSkip, DWORD *pdwFlags);
5649 WINIMPM WINBOOL WINAPI CryptBinaryToStringA (CONST BYTE *pbBinary, DWORD cbBinary, DWORD dwFlags, LPSTR pszString, DWORD *pcchString);
5650 WINIMPM WINBOOL WINAPI CryptBinaryToStringW (CONST BYTE *pbBinary, DWORD cbBinary, DWORD dwFlags, LPWSTR pszString, DWORD *pcchString);
5651
5652#define CRYPT_STRING_BASE64HEADER 0x0
5653#define CRYPT_STRING_BASE64 0x1
5654#define CRYPT_STRING_BINARY 0x2
5655#define CRYPT_STRING_BASE64REQUESTHEADER 0x00000003
5656#define CRYPT_STRING_HEX 0x4
5657#define CRYPT_STRING_HEXASCII 0x00000005
5658#define CRYPT_STRING_BASE64_ANY 0x00000006
5659#define CRYPT_STRING_ANY 0x00000007
5660#define CRYPT_STRING_HEX_ANY 0x8
5661#define CRYPT_STRING_BASE64X509CRLHEADER 0x00000009
5662#define CRYPT_STRING_HEXADDR 0x0000000a
5663#define CRYPT_STRING_HEXASCIIADDR 0x0000000b
5664#define CRYPT_STRING_HEXRAW 0x0000000c
5665#define CRYPT_STRING_BASE64URI 0x0000000d
5666
5667#define CRYPT_STRING_ENCODEMASK 0x000000ff
5668#define CRYPT_STRING_RESERVED100 0x00000100
5669#define CRYPT_STRING_RESERVED200 0x00000200
5670
5671#define CRYPT_STRING_PERCENTESCAPE 0x08000000
5672#define CRYPT_STRING_HASHDATA 0x10000000
5673#define CRYPT_STRING_STRICT 0x20000000
5674#define CRYPT_STRING_NOCRLF 0x40000000
5675#define CRYPT_STRING_NOCR 0x80000000
5676
5677#define szOID_PKCS_12_PbeIds "1.2.840.113549.1.12.1"
5678#define szOID_PKCS_12_pbeWithSHA1And128BitRC4 "1.2.840.113549.1.12.1.1"
5679#define szOID_PKCS_12_pbeWithSHA1And40BitRC4 "1.2.840.113549.1.12.1.2"
5680#define szOID_PKCS_12_pbeWithSHA1And3KeyTripleDES "1.2.840.113549.1.12.1.3"
5681#define szOID_PKCS_12_pbeWithSHA1And2KeyTripleDES "1.2.840.113549.1.12.1.4"
5682#define szOID_PKCS_12_pbeWithSHA1And128BitRC2 "1.2.840.113549.1.12.1.5"
5683#define szOID_PKCS_12_pbeWithSHA1And40BitRC2 "1.2.840.113549.1.12.1.6"
5684#define szOID_PKCS_5_PBKDF2 "1.2.840.113549.1.5.12"
5685#define szOID_PKCS_5_PBES2 "1.2.840.113549.1.5.13"
5686
5687 typedef struct _CRYPT_PKCS12_PBE_PARAMS {
5688 int iIterations;
5689 ULONG cbSalt;
5690 } CRYPT_PKCS12_PBE_PARAMS;
5691
5692#endif
5693
5694#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP) || _WIN32_WINNT >= 0x0A00
5695 WINIMPM HCERTSTORE WINAPI PFXImportCertStore (CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword, DWORD dwFlags);
5696#endif
5697
5698#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP)
5699
5700#define PKCS12_IMPORT_SILENT 0x40
5701#define CRYPT_USER_KEYSET 0x1000
5702#define PKCS12_PREFER_CNG_KSP 0x100
5703#define PKCS12_ALWAYS_CNG_KSP 0x200
5704#define PKCS12_ONLY_CERTIFICATES 0x00000400
5705#define PKCS12_ONLY_NOT_ENCRYPTED_CERTIFICATES 0x00000800
5706#define PKCS12_ALLOW_OVERWRITE_KEY 0x4000
5707#define PKCS12_NO_PERSIST_KEY 0x8000
5708#define PKCS12_VIRTUAL_ISOLATION_KEY 0x00010000
5709#define PKCS12_IMPORT_RESERVED_MASK 0xffff0000
5710
5711#define PKCS12_OBJECT_LOCATOR_ALL_IMPORT_FLAGS (PKCS12_ALWAYS_CNG_KSP | PKCS12_NO_PERSIST_KEY | PKCS12_IMPORT_SILENT | PKCS12_INCLUDE_EXTENDED_PROPERTIES)
5712
5713#define PKCS12_ONLY_CERTIFICATES_PROVIDER_TYPE 0
5714#define PKCS12_ONLY_CERTIFICATES_PROVIDER_NAME L"PfxProvider"
5715#define PKCS12_ONLY_CERTIFICATES_CONTAINER_NAME L"PfxContainer"
5716
5717 WINIMPM WINBOOL WINAPI PFXIsPFXBlob (CRYPT_DATA_BLOB *pPFX);
5718 WINIMPM WINBOOL WINAPI PFXVerifyPassword (CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword, DWORD dwFlags);
5719 WINIMPM WINBOOL WINAPI PFXExportCertStoreEx (HCERTSTORE hStore, CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword, void *pvPara, DWORD dwFlags);
5720
5721#define REPORT_NO_PRIVATE_KEY 0x1
5722#define REPORT_NOT_ABLE_TO_EXPORT_PRIVATE_KEY 0x2
5723#define EXPORT_PRIVATE_KEYS 0x4
5724#define PKCS12_INCLUDE_EXTENDED_PROPERTIES 0x10
5725#define PKCS12_PROTECT_TO_DOMAIN_SIDS 0x20
5726#define PKCS12_EXPORT_SILENT 0x40
5727#define PKCS12_EXPORT_PBES2_PARAMS 0x0080
5728#define PKCS12_DISABLE_ENCRYPT_CERTIFICATES 0x0100
5729#define PKCS12_ENCRYPT_CERTIFICATES 0x0200
5730#define PKCS12_EXPORT_ECC_CURVE_PARAMETERS 0x1000
5731#define PKCS12_EXPORT_ECC_CURVE_OID 0x2000
5732#define PKCS12_EXPORT_RESERVED_MASK 0xffff0000
5733
5734#define PKCS12_PBKDF2_ID_HMAC_SHA1 "1.2.840.113549.2.7"
5735#define PKCS12_PBKDF2_ID_HMAC_SHA256 "1.2.840.113549.2.9"
5736#define PKCS12_PBKDF2_ID_HMAC_SHA384 "1.2.840.113549.2.10"
5737#define PKCS12_PBKDF2_ID_HMAC_SHA512 "1.2.840.113549.2.11"
5738
5739 typedef struct _PKCS12_PBES2_EXPORT_PARAMS {
5740 DWORD dwSize;
5741 PVOID hNcryptDescriptor;
5742 LPWSTR pwszPbes2Alg;
5743 } PKCS12_PBES2_EXPORT_PARAMS, *PPKCS12_PBES2_EXPORT_PARAMS;
5744
5745#define PKCS12_PBES2_ALG_AES256_SHA256 L"AES256-SHA256"
5746#define PKCS12_CONFIG_REGPATH L"Software\\Microsoft\\Windows\\CurrentVersion\\PFX"
5747#define PKCS12_ENCRYPT_CERTIFICATES_VALUE_NAME L"EncryptCertificates"
5748
5749 WINIMPM WINBOOL WINAPI PFXExportCertStore (HCERTSTORE hStore, CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword, DWORD dwFlags);
5750
5751#if NTDDI_VERSION >= NTDDI_VISTA
5752 typedef VOID *HCERT_SERVER_OCSP_RESPONSE;
5753
5754 WINIMPM HCERT_SERVER_OCSP_RESPONSE WINAPI CertOpenServerOcspResponse (PCCERT_CHAIN_CONTEXT pChainContext, DWORD dwFlags, LPVOID pvReserved);
5755
5756#define CERT_SERVER_OCSP_RESPONSE_ASYNC_FLAG 0x1
5757
5758 WINIMPM VOID WINAPI CertAddRefServerOcspResponse (HCERT_SERVER_OCSP_RESPONSE hServerOcspResponse);
5759 WINIMPM VOID WINAPI CertCloseServerOcspResponse (HCERT_SERVER_OCSP_RESPONSE hServerOcspResponse, DWORD dwFlags);
5760
5761 typedef struct _CERT_SERVER_OCSP_RESPONSE_CONTEXT CERT_SERVER_OCSP_RESPONSE_CONTEXT,*PCERT_SERVER_OCSP_RESPONSE_CONTEXT;
5762 typedef const CERT_SERVER_OCSP_RESPONSE_CONTEXT *PCCERT_SERVER_OCSP_RESPONSE_CONTEXT;
5763
5764 struct _CERT_SERVER_OCSP_RESPONSE_CONTEXT {
5765 DWORD cbSize;
5766 BYTE *pbEncodedOcspResponse;
5767 DWORD cbEncodedOcspResponse;
5768 };
5769
5770 typedef VOID (CALLBACK *PFN_CERT_SERVER_OCSP_RESPONSE_UPDATE_CALLBACK)(PCCERT_CHAIN_CONTEXT pChainContext, PCCERT_SERVER_OCSP_RESPONSE_CONTEXT pServerOcspResponseContext, PCCRL_CONTEXT pNewCrlContext, PCCRL_CONTEXT pPrevCrlContext, PVOID pvArg, DWORD dwWriteOcspFileError);
5771
5772 typedef struct _CERT_SERVER_OCSP_RESPONSE_OPEN_PARA {
5773 DWORD cbSize;
5774 DWORD dwFlags;
5775 DWORD *pcbUsedSize;
5776 PWSTR pwszOcspDirectory;
5777 PFN_CERT_SERVER_OCSP_RESPONSE_UPDATE_CALLBACK pfnUpdateCallback;
5778 PVOID pvUpdateCallbackArg;
5779 } CERT_SERVER_OCSP_RESPONSE_OPEN_PARA, *PCERT_SERVER_OCSP_RESPONSE_OPEN_PARA;
5780
5781#define CERT_SERVER_OCSP_RESPONSE_OPEN_PARA_READ_FLAG 0x00000001
5782#define CERT_SERVER_OCSP_RESPONSE_OPEN_PARA_WRITE_FLAG 0x00000002
5783
5784 WINIMPM PCCERT_SERVER_OCSP_RESPONSE_CONTEXT WINAPI CertGetServerOcspResponseContext (HCERT_SERVER_OCSP_RESPONSE hServerOcspResponse, DWORD dwFlags, LPVOID pvReserved);
5785 WINIMPM VOID WINAPI CertAddRefServerOcspResponseContext (PCCERT_SERVER_OCSP_RESPONSE_CONTEXT pServerOcspResponseContext);
5786 WINIMPM VOID WINAPI CertFreeServerOcspResponseContext (PCCERT_SERVER_OCSP_RESPONSE_CONTEXT pServerOcspResponseContext);
5787#endif
5788 WINIMPM WINBOOL WINAPI CertRetrieveLogoOrBiometricInfo (PCCERT_CONTEXT pCertContext, LPCSTR lpszLogoOrBiometricType, DWORD dwRetrievalFlags, DWORD dwTimeout, DWORD dwFlags, void *pvReserved, BYTE **ppbData, DWORD *pcbData, LPWSTR *ppwszMimeType);
5789
5790#define CERT_RETRIEVE_ISSUER_LOGO ((LPCSTR) 1)
5791#define CERT_RETRIEVE_SUBJECT_LOGO ((LPCSTR) 2)
5792#define CERT_RETRIEVE_COMMUNITY_LOGO ((LPCSTR) 3)
5793
5794#define CERT_RETRIEVE_BIOMETRIC_PREDEFINED_BASE_TYPE ((LPCSTR) 1000)
5795
5796#define CERT_RETRIEVE_BIOMETRIC_PICTURE_TYPE (CERT_RETRIEVE_BIOMETRIC_PREDEFINED_BASE_TYPE + CERT_BIOMETRIC_PICTURE_TYPE)
5797#define CERT_RETRIEVE_BIOMETRIC_SIGNATURE_TYPE (CERT_RETRIEVE_BIOMETRIC_PREDEFINED_BASE_TYPE + CERT_BIOMETRIC_SIGNATURE_TYPE)
5798
5799#if NTDDI_VERSION >= NTDDI_WIN7
5800 typedef struct _CERT_SELECT_CHAIN_PARA {
5801 HCERTCHAINENGINE hChainEngine;
5802 PFILETIME pTime;
5803 HCERTSTORE hAdditionalStore;
5804 PCERT_CHAIN_PARA pChainPara;
5805 DWORD dwFlags;
5806 } CERT_SELECT_CHAIN_PARA,*PCERT_SELECT_CHAIN_PARA;
5807
5808 typedef const CERT_SELECT_CHAIN_PARA *PCCERT_SELECT_CHAIN_PARA;
5809
5810#define CERT_SELECT_MAX_PARA 500
5811
5812 typedef struct _CERT_SELECT_CRITERIA {
5813 DWORD dwType;
5814 DWORD cPara;
5815 void **ppPara;
5816 } CERT_SELECT_CRITERIA,*PCERT_SELECT_CRITERIA;
5817
5818 typedef const CERT_SELECT_CRITERIA *PCCERT_SELECT_CRITERIA;
5819
5820#define CERT_SELECT_BY_ENHKEY_USAGE 1
5821#define CERT_SELECT_BY_KEY_USAGE 2
5822#define CERT_SELECT_BY_POLICY_OID 3
5823#define CERT_SELECT_BY_PROV_NAME 4
5824#define CERT_SELECT_BY_EXTENSION 5
5825#define CERT_SELECT_BY_SUBJECT_HOST_NAME 6
5826#define CERT_SELECT_BY_ISSUER_ATTR 7
5827#define CERT_SELECT_BY_SUBJECT_ATTR 8
5828#define CERT_SELECT_BY_ISSUER_NAME 9
5829#define CERT_SELECT_BY_PUBLIC_KEY 10
5830#define CERT_SELECT_BY_TLS_SIGNATURES 11
5831#define CERT_SELECT_BY_ISSUER_DISPLAYNAME 12
5832#define CERT_SELECT_BY_FRIENDLYNAME 13
5833#define CERT_SELECT_BY_THUMBPRINT 14
5834
5835#define CERT_SELECT_LAST CERT_SELECT_BY_TLS_SIGNATURES
5836#define CERT_SELECT_MAX (CERT_SELECT_LAST *3)
5837
5838#define CERT_SELECT_ALLOW_EXPIRED 0x1
5839#define CERT_SELECT_TRUSTED_ROOT 0x2
5840#define CERT_SELECT_DISALLOW_SELFSIGNED 0x4
5841#define CERT_SELECT_HAS_PRIVATE_KEY 0x8
5842#define CERT_SELECT_HAS_KEY_FOR_SIGNATURE 0x10
5843#define CERT_SELECT_HAS_KEY_FOR_KEY_EXCHANGE 0x20
5844#define CERT_SELECT_HARDWARE_ONLY 0x40
5845#define CERT_SELECT_ALLOW_DUPLICATES 0x80
5846#define CERT_SELECT_IGNORE_AUTOSELECT 0x00000100
5847
5848 WINIMPM WINBOOL WINAPI CertSelectCertificateChains (LPCGUID pSelectionContext, DWORD dwFlags, PCCERT_SELECT_CHAIN_PARA pChainParameters, DWORD cCriteria, PCCERT_SELECT_CRITERIA rgpCriteria, HCERTSTORE hStore, PDWORD pcSelection, PCCERT_CHAIN_CONTEXT **pprgpSelection);
5849 WINIMPM VOID WINAPI CertFreeCertificateChainList (PCCERT_CHAIN_CONTEXT *prgpSelection);
5850#endif
5851
5852#if NTDDI_VERSION >= NTDDI_WIN7
5853#define TIMESTAMP_VERSION 1
5854
5855 typedef struct _CRYPT_TIMESTAMP_REQUEST {
5856 DWORD dwVersion;
5857 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
5858 CRYPT_DER_BLOB HashedMessage;
5859 LPSTR pszTSAPolicyId;
5860 CRYPT_INTEGER_BLOB Nonce;
5861 WINBOOL fCertReq;
5862 DWORD cExtension;
5863 PCERT_EXTENSION rgExtension;
5864 } CRYPT_TIMESTAMP_REQUEST,*PCRYPT_TIMESTAMP_REQUEST;
5865
5866 typedef struct _CRYPT_TIMESTAMP_RESPONSE {
5867 DWORD dwStatus;
5868 DWORD cFreeText;
5869 LPWSTR *rgFreeText;
5870 CRYPT_BIT_BLOB FailureInfo;
5871 CRYPT_DER_BLOB ContentInfo;
5872 } CRYPT_TIMESTAMP_RESPONSE,*PCRYPT_TIMESTAMP_RESPONSE;
5873
5874#define TIMESTAMP_STATUS_GRANTED 0
5875#define TIMESTAMP_STATUS_GRANTED_WITH_MODS 1
5876#define TIMESTAMP_STATUS_REJECTED 2
5877#define TIMESTAMP_STATUS_WAITING 3
5878#define TIMESTAMP_STATUS_REVOCATION_WARNING 4
5879#define TIMESTAMP_STATUS_REVOKED 5
5880
5881#define TIMESTAMP_FAILURE_BAD_ALG 0
5882#define TIMESTAMP_FAILURE_BAD_REQUEST 2
5883#define TIMESTAMP_FAILURE_BAD_FORMAT 5
5884#define TIMESTAMP_FAILURE_TIME_NOT_AVAILABLE 14
5885#define TIMESTAMP_FAILURE_POLICY_NOT_SUPPORTED 15
5886#define TIMESTAMP_FAILURE_EXTENSION_NOT_SUPPORTED 16
5887#define TIMESTAMP_FAILURE_INFO_NOT_AVAILABLE 17
5888#define TIMESTAMP_FAILURE_SYSTEM_FAILURE 25
5889
5890 typedef struct _CRYPT_TIMESTAMP_ACCURACY {
5891 DWORD dwSeconds;
5892 DWORD dwMillis;
5893 DWORD dwMicros;
5894 } CRYPT_TIMESTAMP_ACCURACY,*PCRYPT_TIMESTAMP_ACCURACY;
5895
5896 typedef struct _CRYPT_TIMESTAMP_INFO {
5897 DWORD dwVersion;
5898 LPSTR pszTSAPolicyId;
5899 CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
5900 CRYPT_DER_BLOB HashedMessage;
5901 CRYPT_INTEGER_BLOB SerialNumber;
5902 FILETIME ftTime;
5903 PCRYPT_TIMESTAMP_ACCURACY pvAccuracy;
5904 WINBOOL fOrdering;
5905 CRYPT_DER_BLOB Nonce;
5906 CRYPT_DER_BLOB Tsa;
5907 DWORD cExtension;
5908 PCERT_EXTENSION rgExtension;
5909 } CRYPT_TIMESTAMP_INFO,*PCRYPT_TIMESTAMP_INFO;
5910
5911 typedef struct _CRYPT_TIMESTAMP_CONTEXT {
5912 DWORD cbEncoded;
5913 BYTE *pbEncoded;
5914 PCRYPT_TIMESTAMP_INFO pTimeStamp;
5915 } CRYPT_TIMESTAMP_CONTEXT,*PCRYPT_TIMESTAMP_CONTEXT;
5916
5917 typedef struct _CRYPT_TIMESTAMP_PARA {
5918 LPCSTR pszTSAPolicyId;
5919 WINBOOL fRequestCerts;
5920 CRYPT_INTEGER_BLOB Nonce;
5921 DWORD cExtension;
5922 PCERT_EXTENSION rgExtension;
5923 } CRYPT_TIMESTAMP_PARA,*PCRYPT_TIMESTAMP_PARA;
5924
5925 WINBOOL WINAPI CryptRetrieveTimeStamp (LPCWSTR wszUrl, DWORD dwRetrievalFlags, DWORD dwTimeout, LPCSTR pszHashId, const CRYPT_TIMESTAMP_PARA *pPara, const BYTE *pbData, DWORD cbData, PCRYPT_TIMESTAMP_CONTEXT *ppTsContext, PCCERT_CONTEXT *ppTsSigner, HCERTSTORE *phStore);
5926
5927#define TIMESTAMP_DONT_HASH_DATA 0x1
5928#define TIMESTAMP_VERIFY_CONTEXT_SIGNATURE 0x20
5929#define TIMESTAMP_NO_AUTH_RETRIEVAL 0x20000
5930
5931 WINBOOL WINAPI CryptVerifyTimeStampSignature (const BYTE *pbTSContentInfo, DWORD cbTSContentInfo, const BYTE *pbData, DWORD cbData, HCERTSTORE hAdditionalStore, PCRYPT_TIMESTAMP_CONTEXT *ppTsContext, PCCERT_CONTEXT *ppTsSigner, HCERTSTORE *phStore);
5932#endif
5933
5934#if NTDDI_VERSION >= NTDDI_WIN8
5935#define CRYPT_OBJECT_LOCATOR_SPN_NAME_TYPE 1
5936#define CRYPT_OBJECT_LOCATOR_LAST_RESERVED_NAME_TYPE 32
5937#define CRYPT_OBJECT_LOCATOR_FIRST_RESERVED_USER_NAME_TYPE 33
5938#define CRYPT_OBJECT_LOCATOR_LAST_RESERVED_USER_NAME_TYPE 0x0000ffff
5939
5940#define SSL_OBJECT_LOCATOR_PFX_FUNC "SslObjectLocatorInitializePfx"
5941#define SSL_OBJECT_LOCATOR_ISSUER_LIST_FUNC "SslObjectLocatorInitializeIssuerList"
5942#define SSL_OBJECT_LOCATOR_CERT_VALIDATION_CONFIG_FUNC "SslObjectLocatorInitializeCertValidationConfig"
5943
5944#define CRYPT_OBJECT_LOCATOR_RELEASE_SYSTEM_SHUTDOWN 1
5945#define CRYPT_OBJECT_LOCATOR_RELEASE_SERVICE_STOP 2
5946#define CRYPT_OBJECT_LOCATOR_RELEASE_PROCESS_EXIT 3
5947#define CRYPT_OBJECT_LOCATOR_RELEASE_DLL_UNLOAD 4
5948
5949 typedef WINBOOL (WINAPI *PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FLUSH) (LPVOID pContext, PCERT_NAME_BLOB *rgIdentifierOrNameList, DWORD dwIdentifierOrNameListCount);
5950 typedef WINBOOL (WINAPI *PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_GET) (LPVOID pPluginContext, PCRYPT_DATA_BLOB pIdentifier, DWORD dwNameType, PCERT_NAME_BLOB pNameBlob, PBYTE *ppbContent, DWORD *pcbContent, PCWSTR *ppwszPassword, PCRYPT_DATA_BLOB *ppIdentifier);
5951 typedef void (WINAPI *PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_RELEASE) (DWORD dwReason, LPVOID pPluginContext);
5952 typedef void (WINAPI *PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE_PASSWORD) (LPVOID pPluginContext, PCWSTR pwszPassword);
5953 typedef void (WINAPI *PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE) (LPVOID pPluginContext, PBYTE pbData);
5954 typedef void (WINAPI *PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE_IDENTIFIER) (LPVOID pPluginContext, PCRYPT_DATA_BLOB pIdentifier);
5955
5956 typedef struct _CRYPT_OBJECT_LOCATOR_PROVIDER_TABLE {
5957 DWORD cbSize;
5958 PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_GET pfnGet;
5959 PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_RELEASE pfnRelease;
5960 PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE_PASSWORD pfnFreePassword;
5961 PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE pfnFree;
5962 PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE_IDENTIFIER pfnFreeIdentifier;
5963 } CRYPT_OBJECT_LOCATOR_PROVIDER_TABLE,*PCRYPT_OBJECT_LOCATOR_PROVIDER_TABLE;
5964
5965 typedef WINBOOL (WINAPI *PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_INITIALIZE) (PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FLUSH pfnFlush, LPVOID pContext, DWORD *pdwExpectedObjectCount, PCRYPT_OBJECT_LOCATOR_PROVIDER_TABLE *ppFuncTable, void **ppPluginContext);
5966
5967 WINIMPM WINBOOL WINAPI CertIsWeakHash(DWORD dwHashUseType, LPCWSTR pwszCNGHashAlgid, DWORD dwChainFlags, PCCERT_CHAIN_CONTEXT pSignerChainContext, LPFILETIME pTimeStamp, LPCWSTR pwszFileName);
5968
5969 typedef WINBOOL (WINAPI *PFN_CERT_IS_WEAK_HASH)(DWORD dwHashUseType, LPCWSTR pwszCNGHashAlgid, DWORD dwChainFlags, PCCERT_CHAIN_CONTEXT pSignerChainContext, LPFILETIME pTimeStamp, LPCWSTR pwszFileName);
5970
5971#define CERT_FILE_HASH_USE_TYPE 1
5972#define CERT_TIMESTAMP_HASH_USE_TYPE 2
5973
5974#endif
5975#endif
5976
5977#endif
5978
5979#ifdef __cplusplus
5980}
5981#endif
5982
5983#ifndef _WINCRYPT_NO_DPAPI
5984#include <dpapi.h>
5985#endif
5986#endif