LYFZ
/
lyfz_repos


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469
							//+---------------------------------------------------------------------------
//
//  Microsoft Windows
//  Copyright (C) Microsoft Corporation, 1992 - 1997.
//
//  File:       cryptdlg.h
//
//  Contents:   Common Cryptographic Dialog API Prototypes and Definitions
//
//----------------------------------------------------------------------------

#ifndef __CRYPTDLG_H__
#define __CRYPTDLG_H__

#if defined (_MSC_VER) && (_MSC_VER >= 1020)
#pragma once
#endif

#ifdef _CRYPTDLG_
#define CRYPTDLGAPI
#else
#define CRYPTDLGAPI DECLSPEC_IMPORT
#endif

#if (_WIN32_WINNT >= 0x0400) || defined(_MAC) || defined(WIN16)

#include <prsht.h>

#ifdef __cplusplus
extern "C" {
#endif

// Master flags to control how revocation is managed

#define CRYTPDLG_FLAGS_MASK                 0xff000000
#define CRYPTDLG_REVOCATION_DEFAULT         0x00000000
#define CRYPTDLG_REVOCATION_ONLINE          0x80000000
#define CRYPTDLG_REVOCATION_CACHE           0x40000000
#define CRYPTDLG_REVOCATION_NONE            0x20000000


// Policy flags which control how we deal with user's certificates

#define CRYPTDLG_POLICY_MASK                0x0000FFFF
#define POLICY_IGNORE_NON_CRITICAL_BC       0x00000001

#define CRYPTDLG_ACTION_MASK                0xFFFF0000
#define ACTION_REVOCATION_DEFAULT_ONLINE    0x00010000
#define ACTION_REVOCATION_DEFAULT_CACHE     0x00020000

//
//  Many of the common dialogs can be passed a filter proc to reduce
//      the set of certificates displayed.  A generic filter proc has been
//      provided to cover many of the generic cases.
//  Return TRUE to display and FALSE to hide

typedef BOOL (WINAPI * PFNCMFILTERPROC)(
        IN PCCERT_CONTEXT pCertContext,
        IN DWORD,   // lCustData, a cookie
        IN DWORD,   // dwFlags
        IN DWORD);  // dwDisplayWell

//  Display Well Values
#define CERT_DISPWELL_SELECT                    1
#define CERT_DISPWELL_TRUST_CA_CERT             2
#define CERT_DISPWELL_TRUST_LEAF_CERT           3
#define CERT_DISPWELL_TRUST_ADD_CA_CERT         4
#define CERT_DISPWELL_TRUST_ADD_LEAF_CERT       5
#define CERT_DISPWELL_DISTRUST_CA_CERT          6
#define CERT_DISPWELL_DISTRUST_LEAF_CERT        7
#define CERT_DISPWELL_DISTRUST_ADD_CA_CERT      8
#define CERT_DISPWELL_DISTRUST_ADD_LEAF_CERT    9

//
typedef UINT (WINAPI * PFNCMHOOKPROC)(
        IN HWND hwndDialog,
        IN UINT message,
        IN WPARAM wParam,
        IN LPARAM lParam);

//
#define CSS_SELECTCERT_MASK             0x00ffffff
#define CSS_HIDE_PROPERTIES             0x00000001
#define CSS_ENABLEHOOK                  0x00000002
#define CSS_ALLOWMULTISELECT            0x00000004
#define CSS_SHOW_HELP                   0x00000010
#define CSS_ENABLETEMPLATE              0x00000020
#define CSS_ENABLETEMPLATEHANDLE        0x00000040

#define SELCERT_OK                      IDOK
#define SELCERT_CANCEL                  IDCANCEL
#define SELCERT_PROPERTIES              100
#define SELCERT_FINEPRINT               101
#define SELCERT_CERTLIST                102
#define SELCERT_HELP                    IDHELP
#define SELCERT_ISSUED_TO               103
#define SELCERT_VALIDITY                104
#define SELCERT_ALGORITHM               105
#define SELCERT_SERIAL_NUM              106
#define SELCERT_THUMBPRINT              107

typedef struct tagCSSA {
    DWORD               dwSize;
    HWND                hwndParent;
    HINSTANCE           hInstance;
    LPCSTR              pTemplateName;
    DWORD               dwFlags;
    LPCSTR              szTitle;
    DWORD               cCertStore;
    HCERTSTORE *        arrayCertStore;
    LPCSTR              szPurposeOid;
    DWORD               cCertContext;
    PCCERT_CONTEXT *    arrayCertContext;
    DWORD               lCustData;
    PFNCMHOOKPROC       pfnHook;
    PFNCMFILTERPROC     pfnFilter;
    LPCSTR              szHelpFileName;
    DWORD               dwHelpId;
    HCRYPTPROV          hprov;
} CERT_SELECT_STRUCT_A, *PCERT_SELECT_STRUCT_A;

typedef struct tagCSSW {
    DWORD               dwSize;
    HWND                hwndParent;
    HINSTANCE           hInstance;
    LPCWSTR             pTemplateName;
    DWORD               dwFlags;
    LPCWSTR             szTitle;
    DWORD               cCertStore;
    HCERTSTORE *        arrayCertStore;
    LPCSTR              szPurposeOid;
    DWORD               cCertContext;
    PCCERT_CONTEXT *    arrayCertContext;
    DWORD               lCustData;
    PFNCMHOOKPROC       pfnHook;
    PFNCMFILTERPROC     pfnFilter;
    LPCWSTR             szHelpFileName;
    DWORD               dwHelpId;
    HCRYPTPROV          hprov;
} CERT_SELECT_STRUCT_W, *PCERT_SELECT_STRUCT_W;

#ifdef UNICODE
typedef CERT_SELECT_STRUCT_W CERT_SELECT_STRUCT;
typedef PCERT_SELECT_STRUCT_W PCERT_SELECT_STRUCT;
#else
typedef CERT_SELECT_STRUCT_A CERT_SELECT_STRUCT;
typedef PCERT_SELECT_STRUCT_A PCERT_SELECT_STRUCT;
#endif // UNICODE

CRYPTDLGAPI
BOOL
WINAPI
CertSelectCertificateA(
        IN OUT PCERT_SELECT_STRUCT_A pCertSelectInfo
        );
#ifdef MAC
#define CertSelectCertificate CertSelectCertificateA
#else   // !MAC
CRYPTDLGAPI
BOOL
WINAPI
CertSelectCertificateW(
        IN OUT PCERT_SELECT_STRUCT_W pCertSelectInfo
        );
#ifdef UNICODE
#define CertSelectCertificate CertSelectCertificateW
#else
#define CertSelectCertificate CertSelectCertificateA
#endif
#endif  // MAC

/////////////////////////////////////////////////////////////

#define CM_VIEWFLAGS_MASK       0x00ffffff
#define CM_ENABLEHOOK           0x00000001
#define CM_SHOW_HELP            0x00000002
#define CM_SHOW_HELPICON        0x00000004
#define CM_ENABLETEMPLATE       0x00000008
#define CM_HIDE_ADVANCEPAGE     0x00000010
#define CM_HIDE_TRUSTPAGE       0x00000020
#define CM_NO_NAMECHANGE        0x00000040
#define CM_NO_EDITTRUST         0x00000080
#define CM_HIDE_DETAILPAGE      0x00000100
#define CM_ADD_CERT_STORES      0x00000200
#define CERTVIEW_CRYPTUI_LPARAM 0x00800000

typedef struct tagCERT_VIEWPROPERTIES_STRUCT_A {
    DWORD               dwSize;
    HWND                hwndParent;
    HINSTANCE           hInstance;
    DWORD               dwFlags;
    LPCSTR              szTitle;
    PCCERT_CONTEXT      pCertContext;
    LPSTR *             arrayPurposes;
    DWORD               cArrayPurposes;
    DWORD               cRootStores;    // Count of Root Stores
    HCERTSTORE *        rghstoreRoots;  // Array of root stores
    DWORD               cStores;        // Count of other stores to search
    HCERTSTORE *        rghstoreCAs;    // Array of other stores to search
    DWORD               cTrustStores;   // Count of trust stores
    HCERTSTORE *        rghstoreTrust;  // Array of trust stores
    HCRYPTPROV          hprov;          // Provider to use for verification
    DWORD               lCustData;
    DWORD               dwPad;
    LPCSTR              szHelpFileName;
    DWORD               dwHelpId;
    DWORD               nStartPage;
    DWORD               cArrayPropSheetPages;
    PROPSHEETPAGE *     arrayPropSheetPages;
} CERT_VIEWPROPERTIES_STRUCT_A, *PCERT_VIEWPROPERTIES_STRUCT_A;

typedef struct tagCERT_VIEWPROPERTIES_STRUCT_W {
    DWORD               dwSize;
    HWND                hwndParent;
    HINSTANCE           hInstance;
    DWORD               dwFlags;
    LPCWSTR             szTitle;
    PCCERT_CONTEXT      pCertContext;
    LPSTR *             arrayPurposes;
    DWORD               cArrayPurposes;
    DWORD               cRootStores;    // Count of Root Stores
    HCERTSTORE *        rghstoreRoots;  // Array of root stores
    DWORD               cStores;        // Count of other stores to search
    HCERTSTORE *        rghstoreCAs;    // Array of other stores to search
    DWORD               cTrustStores;   // Count of trust stores
    HCERTSTORE *        rghstoreTrust;  // Array of trust stores
    HCRYPTPROV          hprov;          // Provider to use for verification
    DWORD               lCustData;
    DWORD               dwPad;
    LPCWSTR             szHelpFileName;
    DWORD               dwHelpId;
    DWORD               nStartPage;
    DWORD               cArrayPropSheetPages;
    PROPSHEETPAGE *     arrayPropSheetPages;
} CERT_VIEWPROPERTIES_STRUCT_W, *PCERT_VIEWPROPERTIES_STRUCT_W;

#ifdef UNICODE
typedef CERT_VIEWPROPERTIES_STRUCT_W CERT_VIEWPROPERTIES_STRUCT;
typedef PCERT_VIEWPROPERTIES_STRUCT_W PCERT_VIEWPROPERTIES_STRUCT;
#else
typedef CERT_VIEWPROPERTIES_STRUCT_A CERT_VIEWPROPERTIES_STRUCT;
typedef PCERT_VIEWPROPERTIES_STRUCT_A PCERT_VIEWPROPERTIES_STRUCT;
#endif // UNICODE

CRYPTDLGAPI
BOOL
WINAPI
CertViewPropertiesA(
        PCERT_VIEWPROPERTIES_STRUCT_A pCertViewInfo
        );
#ifdef MAC
#define CertViewProperties CertViewPropertiesA
#else   // !MAC
CRYPTDLGAPI
BOOL
WINAPI
CertViewPropertiesW(
        PCERT_VIEWPROPERTIES_STRUCT_W pCertViewInfo
        );

#ifdef UNICODE
#define CertViewProperties CertViewPropertiesW
#else
#define CertViewProperties CertViewPropertiesA
#endif
#endif  // MAC


//
//  We provide a default filter function that people can use to do some
//      of the most simple things.
//

#define CERT_FILTER_OP_EXISTS           1
#define CERT_FILTER_OP_NOT_EXISTS       2
#define CERT_FILTER_OP_EQUALITY         3

typedef struct tagCMOID {
    LPCSTR              szExtensionOID;         // Extension to filter on
    DWORD               dwTestOperation;
    LPBYTE              pbTestData;
    DWORD               cbTestData;
} CERT_FILTER_EXTENSION_MATCH;

#define CERT_FILTER_INCLUDE_V1_CERTS    0x0001
#define CERT_FILTER_VALID_TIME_RANGE    0x0002
#define CERT_FILTER_VALID_SIGNATURE     0x0004
#define CERT_FILTER_LEAF_CERTS_ONLY     0x0008
#define CERT_FILTER_ISSUER_CERTS_ONLY   0x0010
#define CERT_FILTER_KEY_EXISTS          0x0020

typedef struct tagCMFLTR {
    DWORD               dwSize;
    DWORD               cExtensionChecks;
    CERT_FILTER_EXTENSION_MATCH * arrayExtensionChecks;
    DWORD               dwCheckingFlags;
} CERT_FILTER_DATA;

//
//  Maybe this should not be here -- but until it goes into wincrypt.h
//

//
//   Get a formatted friendly name for a certificate

CRYPTDLGAPI
DWORD
WINAPI
GetFriendlyNameOfCertA(PCCERT_CONTEXT pccert, LPSTR pchBuffer,
                             DWORD cchBuffer);
CRYPTDLGAPI
DWORD
WINAPI
GetFriendlyNameOfCertW(PCCERT_CONTEXT pccert, LPWSTR pchBuffer,
                              DWORD cchBuffer);
#ifdef UNICODE
#define GetFriendlyNameOfCert GetFriendlyNameOfCertW
#else
#define GetFriendlyNameOfCert GetFriendlyNameOfCertA
#endif


//
//  We also provide a WinTrust provider which performs the same set of
//      parameter checking that we do in order to validate certificates.
//

#define CERT_CERTIFICATE_ACTION_VERIFY  \
  { /* 7801ebd0-cf4b-11d0-851f-0060979387ea */  \
    0x7801ebd0, \
    0xcf4b,     \
    0x11d0,     \
    {0x85, 0x1f, 0x00, 0x60, 0x97, 0x93, 0x87, 0xea} \
  }
#define szCERT_CERTIFICATE_ACTION_VERIFY    \
    "{7801ebd0-cf4b-11d0-851f-0060979387ea}"  

typedef HRESULT (WINAPI * PFNTRUSTHELPER)(
        IN PCCERT_CONTEXT       pCertContext,
        IN DWORD                lCustData,
        IN BOOL                 fLeafCertificate,
        IN LPBYTE               pbTrustBlob);
//
//  Failure Reasons:
//

#define CERT_VALIDITY_BEFORE_START              0x00000001
#define CERT_VALIDITY_AFTER_END                 0x00000002
#define CERT_VALIDITY_SIGNATURE_FAILS           0x00000004
#define CERT_VALIDITY_CERTIFICATE_REVOKED       0x00000008
#define CERT_VALIDITY_KEY_USAGE_EXT_FAILURE     0x00000010
#define CERT_VALIDITY_EXTENDED_USAGE_FAILURE    0x00000020
#define CERT_VALIDITY_NAME_CONSTRAINTS_FAILURE  0x00000040
#define CERT_VALIDITY_UNKNOWN_CRITICAL_EXTENSION 0x00000080
#define CERT_VALIDITY_ISSUER_INVALID            0x00000100
#define CERT_VALIDITY_OTHER_EXTENSION_FAILURE   0x00000200
#define CERT_VALIDITY_PERIOD_NESTING_FAILURE    0x00000400
#define CERT_VALIDITY_OTHER_ERROR               0x00000800
#define CERT_VALIDITY_ISSUER_DISTRUST           0x02000000
#define CERT_VALIDITY_EXPLICITLY_DISTRUSTED     0x01000000
#define CERT_VALIDITY_NO_ISSUER_CERT_FOUND      0x10000000
#define CERT_VALIDITY_NO_CRL_FOUND              0x20000000
#define CERT_VALIDITY_CRL_OUT_OF_DATE           0x40000000
#define CERT_VALIDITY_NO_TRUST_DATA             0x80000000
#define CERT_VALIDITY_MASK_TRUST                0xffff0000
#define CERT_VALIDITY_MASK_VALIDITY             0x0000ffff

#define CERT_TRUST_MASK                         0x00ffffff
#define CERT_TRUST_DO_FULL_SEARCH               0x00000001
#define CERT_TRUST_PERMIT_MISSING_CRLS          0x00000002
#define CERT_TRUST_DO_FULL_TRUST                0x00000005
#define CERT_TRUST_ADD_CERT_STORES              CM_ADD_CERT_STORES

//
//  Trust data structure
//
//      Returned data arrays will be allocated using LocalAlloc and must
//      be freed by the caller.  The data in the TrustInfo array are individually
//      allocated and must be freed.  The data in rgChain must be freed by
//      calling CertFreeCertificateContext.
//
//  Defaults:
//      pszUsageOid == NULL     indicates that no trust validation should be done
//      cRootStores == 0        Will default to User's Root store
//      cStores == 0            Will default to User's CA and system's SPC stores
//      cTrustStores == 0       Will default to User's TRUST store
//      hprov == NULL           Will default to RSABase
//      any returned item which has a null pointer will not return that item.
//  Notes:
//      pfnTrustHelper is nyi

typedef struct _CERT_VERIFY_CERTIFICATE_TRUST {
    DWORD               cbSize;         // Size of this structure
    PCCERT_CONTEXT      pccert;         // Certificate to be verified
    DWORD               dwFlags;        // CERT_TRUST_*
    DWORD               dwIgnoreErr;    // Errors to ignore (CERT_VALIDITY_*)
    DWORD *             pdwErrors;      // Location to return error flags
    LPSTR               pszUsageOid;    // Extended Usage OID for Certificate
    HCRYPTPROV          hprov;          // Crypt Provider to use for validation
    DWORD               cRootStores;    // Count of Root Stores
    HCERTSTORE *        rghstoreRoots;  // Array of root stores
    DWORD               cStores;        // Count of other stores to search
    HCERTSTORE *        rghstoreCAs;    // Array of other stores to search
    DWORD               cTrustStores;   // Count of trust stores
    HCERTSTORE *        rghstoreTrust;  // Array of trust stores
    DWORD               lCustData;      //
    PFNTRUSTHELPER      pfnTrustHelper; // Callback function for cert validation
    DWORD *             pcChain;        // Count of items in the chain array
    PCCERT_CONTEXT **   prgChain;       // Chain of certificates used
    DWORD **            prgdwErrors;    // Errors on a per certificate basis
    DATA_BLOB **        prgpbTrustInfo; // Array of trust information used
} CERT_VERIFY_CERTIFICATE_TRUST, * PCERT_VERIFY_CERTIFICATE_TRUST;

//
//  Trust list manipulation routine
//
//  CertModifyCertificatesToTrust can be used to do modifications to the set of certificates
//      on trust lists for a given purpose.
//      if hcertstoreTrust is NULL, the System Store TRUST in Current User will be used
//      if pccertSigner is specified, it will be used to sign the resulting trust lists,
//              it also restricts the set of trust lists that may be modified.
//

#define CTL_MODIFY_REQUEST_ADD_NOT_TRUSTED      1
#define CTL_MODIFY_REQUEST_REMOVE               2
#define CTL_MODIFY_REQUEST_ADD_TRUSTED          3

typedef struct _CTL_MODIFY_REQUEST {
    PCCERT_CONTEXT      pccert;         // Certificate to change trust on
    DWORD               dwOperation;    // Operation to be performed
    DWORD               dwError;        // Operation error code
} CTL_MODIFY_REQUEST, * PCTL_MODIFY_REQUEST;

CRYPTDLGAPI
HRESULT
WINAPI
CertModifyCertificatesToTrust(
        int cCerts,                     // Count of modifications to be done
        PCTL_MODIFY_REQUEST rgCerts,    // Array of modification requests
        LPCSTR szPurpose,               // Purpose OID to for modifications
        HWND hwnd,                      // HWND for any dialogs
        HCERTSTORE hcertstoreTrust,     // Cert Store to store trust information in
        PCCERT_CONTEXT pccertSigner);   // Certificate to be used in signing trust list

#ifdef WIN16
// Need to define export functions in WATCOM.
BOOL
WINAPI CertConfigureTrustA(void);

BOOL
WINAPI FormatVerisignExtension(
    DWORD /*dwCertEncodingType*/,
    DWORD /*dwFormatType*/,
    DWORD /*dwFormatStrType*/,
    void * /*pFormatStruct*/,
    LPCSTR /*lpszStructType*/,
    const BYTE * /*pbEncoded*/,
    DWORD /*cbEncoded*/,
    void * pbFormat,
    DWORD * pcbFormat);
#endif // !WIN16

#ifdef __cplusplus
}       // Balance extern "C" above
#endif

#endif // (_WIN32_WINNT >= 0x0400)

#endif // _CRYPTDLG_H_