|
|
//+-------------------------------------------------------------------------//// Microsoft Windows//// Copyright (C) Microsoft Corporation, 1996 - 1999//// File: wintrust.h//// Contents: Microsoft Internet Security Trust Provider Model//// History: 31-May-1997 pberkman created////--------------------------------------------------------------------------
#ifndef WINTRUST_H#define WINTRUST_H
#if _MSC_VER > 1000#pragma once#endif
#include <wincrypt.h>
#ifdef __cplusplusextern "C"{#endif
#ifndef WIN_CERT_REVISION_1_0 // there were duplicate definitions in winbase.h# define WT_DEFINE_ALL_APIS#else# undef WT_DEFINE_ALL_APIS#endif
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// Client definitions, typedefs, and prototypes//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
#include <pshpack8.h>
////////////////////////////////////////////////////////////////////////////////// WINTRUST_DATA Structure//----------------------------------------------------------------------------// Used when calling WinVerifyTrust to pass necessary information into// the Providers.//typedef struct _WINTRUST_DATA{ DWORD cbStruct; // = sizeof(WINTRUST_DATA)
LPVOID pPolicyCallbackData; // optional: used to pass data between the app and policy LPVOID pSIPClientData; // optional: used to pass data between the app and SIP.
DWORD dwUIChoice; // required: UI choice. One of the following.# define WTD_UI_ALL 1# define WTD_UI_NONE 2# define WTD_UI_NOBAD 3# define WTD_UI_NOGOOD 4
DWORD fdwRevocationChecks; // required: certificate revocation check options# define WTD_REVOKE_NONE 0x00000000# define WTD_REVOKE_WHOLECHAIN 0x00000001
DWORD dwUnionChoice; // required: which structure is being passed in?# define WTD_CHOICE_FILE 1# define WTD_CHOICE_CATALOG 2# define WTD_CHOICE_BLOB 3# define WTD_CHOICE_SIGNER 4# define WTD_CHOICE_CERT 5 union { struct WINTRUST_FILE_INFO_ *pFile; // individual file struct WINTRUST_CATALOG_INFO_ *pCatalog; // member of a Catalog File struct WINTRUST_BLOB_INFO_ *pBlob; // memory blob struct WINTRUST_SGNR_INFO_ *pSgnr; // signer structure only struct WINTRUST_CERT_INFO_ *pCert; };
DWORD dwStateAction; // optional (Catalog File Processing)# define WTD_STATEACTION_IGNORE 0x00000000# define WTD_STATEACTION_VERIFY 0x00000001# define WTD_STATEACTION_CLOSE 0x00000002# define WTD_STATEACTION_AUTO_CACHE 0x00000003# define WTD_STATEACTION_AUTO_CACHE_FLUSH 0x00000004
HANDLE hWVTStateData; // optional (Catalog File Processing)
WCHAR *pwszURLReference; // optional: (future) used to determine zone.
// 17-Feb-1998 philh: added DWORD dwProvFlags;# define WTD_PROV_FLAGS_MASK 0x0000FFFF# define WTD_USE_IE4_TRUST_FLAG 0x00000001# define WTD_NO_IE4_CHAIN_FLAG 0x00000002# define WTD_NO_POLICY_USAGE_FLAG 0x00000004# define WTD_REVOCATION_CHECK_NONE 0x00000010# define WTD_REVOCATION_CHECK_END_CERT 0x00000020# define WTD_REVOCATION_CHECK_CHAIN 0x00000040# define WTD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT 0x00000080# define WTD_SAFER_FLAG 0x00000100# define WTD_HASH_ONLY_FLAG 0x00000200# define WTD_USE_DEFAULT_OSVER_CHECK 0x00000400# define WTD_LIFETIME_SIGNING_FLAG 0x00000800# define WTD_CACHE_ONLY_URL_RETRIEVAL 0x00001000 // affects CRL retrieval and AIA retrieval
} WINTRUST_DATA, *PWINTRUST_DATA;
////////////////////////////////////////////////////////////////////////////////// WINTRUST_FILE_INFO Structure//----------------------------------------------------------------------------// Used when calling WinVerifyTrust against an individual file.//typedef struct WINTRUST_FILE_INFO_{ DWORD cbStruct; // = sizeof(WINTRUST_FILE_INFO)
LPCWSTR pcwszFilePath; // required, file name to be verified HANDLE hFile; // optional, open handle to pcwszFilePath
// 09-Dec-1997 pberkman: added GUID *pgKnownSubject; // optional: fill if the subject type is known.
} WINTRUST_FILE_INFO, *PWINTRUST_FILE_INFO;
////////////////////////////////////////////////////////////////////////////////// WINTRUST_CATALOG_INFO Structure//----------------------------------------------------------------------------// Used when calling WinVerifyTrust against a member of a Microsoft Catalog// file.//typedef struct WINTRUST_CATALOG_INFO_{ DWORD cbStruct; // = sizeof(WINTRUST_CATALOG_INFO)
DWORD dwCatalogVersion; // optional: Catalog version number LPCWSTR pcwszCatalogFilePath; // required: path/name to Catalog file
LPCWSTR pcwszMemberTag; // required: tag to member in Catalog LPCWSTR pcwszMemberFilePath; // required: path/name to member file HANDLE hMemberFile; // optional: open handle to pcwszMemberFilePath
// 30-Oct-1997 pberkman: added BYTE *pbCalculatedFileHash; // optional: pass in the calculated hash DWORD cbCalculatedFileHash; // optional: pass in the count bytes of the calc hash
// 15-Jan-1998 pberkman: added PCCTL_CONTEXT pcCatalogContext; // optional: pass in to use instead of CatalogFilePath.
} WINTRUST_CATALOG_INFO, *PWINTRUST_CATALOG_INFO;
////////////////////////////////////////////////////////////////////////////////// WINTRUST_BLOB_INFO Structure//----------------------------------------------------------------------------// Used when calling WinVerifyTrust against a memory blob.//typedef struct WINTRUST_BLOB_INFO_{ DWORD cbStruct; // = sizeof(WINTRUST_BLOB_INFO)
GUID gSubject; // SIP to load
LPCWSTR pcwszDisplayName; // display name of object
DWORD cbMemObject; BYTE *pbMemObject;
DWORD cbMemSignedMsg; BYTE *pbMemSignedMsg;
} WINTRUST_BLOB_INFO, *PWINTRUST_BLOB_INFO;
////////////////////////////////////////////////////////////////////////////////// WINTRUST_SGNR_INFO Structure//----------------------------------------------------------------------------// Used when calling WinVerifyTrust against a CMSG_SIGNER_INFO Structure//typedef struct WINTRUST_SGNR_INFO_{ DWORD cbStruct; // = sizeof(WINTRUST_SGNR_INFO)
LPCWSTR pcwszDisplayName; // name of the "thing" the pbMem is pointing to.
CMSG_SIGNER_INFO *psSignerInfo;
DWORD chStores; // number of stores in pahStores HCERTSTORE *pahStores; // array of stores to add to internal list
} WINTRUST_SGNR_INFO, *PWINTRUST_SGNR_INFO;
////////////////////////////////////////////////////////////////////////////////// WINTRUST_CERT_INFO Structure//----------------------------------------------------------------------------// Used when calling WinVerifyTrust against a CERT_CONTEXT Structure//typedef struct WINTRUST_CERT_INFO_{ DWORD cbStruct; // = sizeof(WINTRUST_CERT_INFO)
LPCWSTR pcwszDisplayName; // display name
CERT_CONTEXT *psCertContext;
DWORD chStores; // number of stores in pahStores HCERTSTORE *pahStores; // array of stores to add to internal list
// 17-Nov-1997 pberkman: added DWORD dwFlags;# define WTCI_DONT_OPEN_STORES 0x00000001 // only open dummy "root" all other are in pahStores.# define WTCI_OPEN_ONLY_ROOT 0x00000002
// 26-Nov-1997 pberkman: added FILETIME *psftVerifyAsOf; // if not null, each cert will be validated as of this time.
} WINTRUST_CERT_INFO, *PWINTRUST_CERT_INFO;
#include <poppack.h>
////////////////////////////////////////////////////////////////////////////////// WinVerifyTrust//----------------------------------------------------------------------------// Exported from WINTRUST.DLL.// Call this function to verify the trust based on a digital signer.//// pWVTData points to a WINTRUST_DATA data structure.//// WTD_SAFER_FLAG should be set in WINTRUST_DATA's dwProvFlags to enable// the following semantics for the WINTRUST_ACTION_GENERIC_VERIFY_V2// policy provider specified in pgActionID:// - return TRUST_E_NOSIGNATURE if the subject isn't signed, has an// invalid signature or unable to find the signer certificate.// UI will never be displayed when not signed.// - ignore NO_CHECK revocation errors. Otherwise, continue to return// CERT_E_REVOCATION_FAILURE.// - search the code hash and publisher databases for the WTD_UI_NONE// dwUIChoice case. The default is to only search these databases when// UI has been enabled or user trust has been disabled.////// Returns:// ERROR_SUCCESS If the trust is authenticated or// if the user accepted the risk.//// TRUST_E_PROVIDER_UNKNOWN there was an error loading one of the// required Providers.//// all error codes passed back are based on the Policy Provider used.//// The following errors are returned when the// WINTRUST_ACTION_GENERIC_VERIFY_V2 policy provider is specified in// pgActionID://// TRUST_E_NOSIGNATURE (when WTD_SAFER_FLAG is set in dwProvFlags)// The subject isn't signed, has an invalid signature or unable// to find the signer certificate. All signature verification// errors will map to this error. Basically all errors except for// publisher or timestamp certificate verification.//// Call GetLastError() to get the underlying reason for not having// a valid signature.//// The following LastErrors indicate that the file doesn't have a// signature: TRUST_E_NOSIGNATURE, TRUST_E_SUBJECT_FORM_UNKNOWN or// TRUST_E_PROVIDER_UNKNOWN.//// UI will never be displayed for this case.//// TRUST_E_EXPLICIT_DISTRUST// Returned if the hash representing the subject is trusted as// AUTHZLEVELID_DISALLOWED or the publisher is in the "Disallowed"// store. Also returned if the publisher certificate is revoked.//// UI will never be displayed for this case.//// ERROR_SUCCESS// No UI unless noted below.//// Returned for the following:// - Hash representing the subject is trusted as// AUTHZLEVELID_FULLYTRUSTED// - The publisher certificate exists in the// "TrustedPublisher" store and there weren't any verification errors.// - UI was enabled and the user clicked "Yes" when asked// to install and run the signed subject.// - UI was disabled. No publisher or timestamp chain error.//// TRUST_E_SUBJECT_NOT_TRUSTED// UI was enabled and the the user clicked "No" when asked to install// and run the signed subject.//// CRYPT_E_SECURITY_SETTINGS// The subject hash or publisher wasn't explicitly trusted and// user trust wasn't allowed in the safer authenticode flags.// No UI will be displayed for this case.//// The subject is signed and its signature successfully// verified.//// Any publisher or timestamp chain error. If WTD_SAFER_FLAG wasn't set in// dwProvFlags, any signed code verification error.//extern LONG WINAPI WinVerifyTrust(HWND hwnd, GUID *pgActionID, LPVOID pWVTData);
////////////////////////////////////////////////////////////////////////////////// WinVerifyTrustEx//----------------------------------------------------------------------------// *** DO NOT USE ***////extern HRESULT WINAPI WinVerifyTrustEx(HWND hwnd, GUID *pgActionID, WINTRUST_DATA *pWinTrustData);
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// Trust, Policy, and UI Provider definitions, typedefs, and prototypes//// Model:// A client wishing to validate trust through WinVerifyTrust will// select an appropriate Action ID guid for the call.// This guid is defined by each Policy Provider and represents the// functions called based on the policy for the given object.//// In this model, the Policy Provider determines which style of UI// will be shown to the user (this only applies to style, the// determination of whether UI is displayed is set by the calling client// in the UI flags member of WINTRUST_DATA).//// Since the function entry points are common (same return value and// parameters), it allows Policy Provider developers to take advantage// of existing, generic, code to fill the CRYPT_PROVIDER_DATA structure.//// This also allows the developer to simply add the specific policy they// need, then, call the generic Policy Provider - if appropriate.//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////// Wintrust Policy Flags//----------------------------------------------------------------------------// These are set during install and can be modified by the user// through various means. The SETREG.EXE utility (found in the Authenticode// Tools Pack) will select/deselect each of them.//#define WTPF_TRUSTTEST 0x00000020 // trust any "TEST" certificate#define WTPF_TESTCANBEVALID 0x00000080#define WTPF_IGNOREEXPIRATION 0x00000100 // Use expiration date#define WTPF_IGNOREREVOKATION 0x00000200 // Do revocation check#define WTPF_OFFLINEOK_IND 0x00000400 // off-line is ok individual certs#define WTPF_OFFLINEOK_COM 0x00000800 // off-line is ok commercial certs#define WTPF_OFFLINEOKNBU_IND 0x00001000 // off-line is ok individual certs, no bad ui#define WTPF_OFFLINEOKNBU_COM 0x00002000 // off-line is ok commercial certs, no bad ui#define WTPF_VERIFY_V1_OFF 0x00010000 // turn verify of v1 certs off#define WTPF_IGNOREREVOCATIONONTS 0x00020000 // ignore TimeStamp revocation checks#define WTPF_ALLOWONLYPERTRUST 0x00040000 // allow only items in personal trust db.
////////////////////////////////////////////////////////////////////////////////// WintrustGetRegPolicyFlags//----------------------------------------------------------------------------// This API call is exported from WINTRUST.DLL and is the recommended method// of retrieving the DWORD representing the Policy Flags.//extern void WINAPI WintrustGetRegPolicyFlags(DWORD *pdwPolicyFlags);
////////////////////////////////////////////////////////////////////////////////// WintrustSetRegPolicyFlags//----------------------------------------------------------------------------// This API call is exported from WINTRUST.DLL and is the recommended method// of setting the DWORD representing the Policy Flags. MAKE SURE to call// WintrustGetRegPolicyFlags to get the current value and or/and the value// you need then call the set the flags.//extern BOOL WINAPI WintrustSetRegPolicyFlags(DWORD dwPolicyFlags);
////////////////////////////////////////////////////////////////////////////////// Trust Provider "Step" Error defines//----------------------------------------------------------------------------// Each "step" of the Trust process has an error "slot" associated with it.// If an error occurs, the "step" will assign its result to this "slot". These// errors can be any valid WINERROR.H HRESULT code.//
// // step errors 0 through 20 are reserved for Authenticode specific. If // you are not calling any of the SOFTPUB.DLL (Authenticode) providers, you // may use these as needed. //#define TRUSTERROR_STEP_WVTPARAMS 0#define TRUSTERROR_STEP_FILEIO 2#define TRUSTERROR_STEP_SIP 3#define TRUSTERROR_STEP_SIPSUBJINFO 5#define TRUSTERROR_STEP_CATALOGFILE 6#define TRUSTERROR_STEP_CERTSTORE 7#define TRUSTERROR_STEP_MESSAGE 8#define TRUSTERROR_STEP_MSG_SIGNERCOUNT 9#define TRUSTERROR_STEP_MSG_INNERCNTTYPE 10#define TRUSTERROR_STEP_MSG_INNERCNT 11#define TRUSTERROR_STEP_MSG_STORE 12#define TRUSTERROR_STEP_MSG_SIGNERINFO 13#define TRUSTERROR_STEP_MSG_SIGNERCERT 14#define TRUSTERROR_STEP_MSG_CERTCHAIN 15#define TRUSTERROR_STEP_MSG_COUNTERSIGINFO 16#define TRUSTERROR_STEP_MSG_COUNTERSIGCERT 17#define TRUSTERROR_STEP_VERIFY_MSGHASH 18#define TRUSTERROR_STEP_VERIFY_MSGINDIRECTDATA 19
// // step errors 30 through 37 are reserved for the ending error code for each // entry point in the Trust Model. //#define TRUSTERROR_STEP_FINAL_WVTINIT 30#define TRUSTERROR_STEP_FINAL_INITPROV 31#define TRUSTERROR_STEP_FINAL_OBJPROV 32#define TRUSTERROR_STEP_FINAL_SIGPROV 33#define TRUSTERROR_STEP_FINAL_CERTPROV 34#define TRUSTERROR_STEP_FINAL_CERTCHKPROV 35#define TRUSTERROR_STEP_FINAL_POLICYPROV 36#define TRUSTERROR_STEP_FINAL_UIPROV 37
#define TRUSTERROR_MAX_STEPS 38
////////////////////////////////////////////////////////////////////////////////// allocation and free function prototypes//----------------------------------------------------------------------------//typedef void *(*PFN_CPD_MEM_ALLOC)(IN DWORD cbSize);typedef void (*PFN_CPD_MEM_FREE)(IN void *pvMem2Free);
typedef BOOL (*PFN_CPD_ADD_STORE)(IN struct _CRYPT_PROVIDER_DATA *pProvData, IN HCERTSTORE hStore2Add);
typedef BOOL (*PFN_CPD_ADD_SGNR)(IN struct _CRYPT_PROVIDER_DATA *pProvData, IN BOOL fCounterSigner, IN OPTIONAL DWORD idxSigner, IN struct _CRYPT_PROVIDER_SGNR *pSgnr2Add);
typedef BOOL (*PFN_CPD_ADD_CERT)(IN struct _CRYPT_PROVIDER_DATA *pProvData, IN DWORD idxSigner, IN BOOL fCounterSigner, IN OPTIONAL DWORD idxCounterSigner, IN PCCERT_CONTEXT pCert2Add);
typedef BOOL (*PFN_CPD_ADD_PRIVDATA)(IN struct _CRYPT_PROVIDER_DATA *pProvData, IN struct _CRYPT_PROVIDER_PRIVDATA *pPrivData2Add);
////////////////////////////////////////////////////////////////////////////////// Provider function prototypes//----------------------------------------------------------------------------//
//// entry point for the object provider//typedef HRESULT (*PFN_PROVIDER_INIT_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//// entry point for the object provider//typedef HRESULT (*PFN_PROVIDER_OBJTRUST_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//// entry point for the Signature Provider//typedef HRESULT (*PFN_PROVIDER_SIGTRUST_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//// entry point for the Certificate Provider//typedef HRESULT (*PFN_PROVIDER_CERTTRUST_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//// entry point for the Policy Provider's final call (from the trust provider)//typedef HRESULT (*PFN_PROVIDER_FINALPOLICY_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//// entry point for the Policy Provider's "dump structure" call//typedef HRESULT (*PFN_PROVIDER_TESTFINALPOLICY_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//// entry point for the Policy Provider's clean up routine for any PRIVDATA allocated//typedef HRESULT (*PFN_PROVIDER_CLEANUP_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//// entry point for the Policy Provider's Cert Check call. This will return// true if the Trust Provider is to continue building the certificate chain.// If the PP returns FALSE, it is assumed that we have reached a "TRUSTED",// self-signed, root. it is also the CertCheck's responsibility to set the// fTrustedRoot flag in the certificate structure.//typedef BOOL (*PFN_PROVIDER_CERTCHKPOLICY_CALL)( IN struct _CRYPT_PROVIDER_DATA *pProvData, IN DWORD idxSigner, IN BOOL fCounterSignerChain, IN OPTIONAL DWORD idxCounterSigner);
#define WVT_OFFSETOF(t,f) ((ULONG)((ULONG_PTR)(&((t*)0)->f)))
#define WVT_ISINSTRUCT(structtypedef, structpassedsize, member) \ ((WVT_OFFSETOF(structtypedef, member) < structpassedsize) ? TRUE : FALSE)
#define WVT_IS_CBSTRUCT_GT_MEMBEROFFSET(structtypedef, structpassedsize, member) \ WVT_ISINSTRUCT(structtypedef, structpassedsize, member)
#include <pshpack8.h>
////////////////////////////////////////////////////////////////////////////////// CRYPT_PROVIDER_DATA Structure//----------------------------------------------------------------------------// Used to pass information between WinVerifyTrust and all of the Provider// calls.//// IMPORTANT: 1. All dynamically allocated members MUST use the allocation// and Add2 functions provided.//typedef struct _CRYPT_PROVIDER_DATA{ DWORD cbStruct; // = sizeof(TRUST_PROVIDER_DATA) (set in WVT)
WINTRUST_DATA *pWintrustData; // NOT verified (set in WVT) BOOL fOpenedFile; // the provider opened the file handle (if applicable) HWND hWndParent; // if passed in, else, Desktop hWnd (set in WVT). GUID *pgActionID; // represents the Provider combination (set in WVT).
HCRYPTPROV hProv; // set to NULL to let CryptoAPI to assign.
DWORD dwError; // error if a low-level, system error was encountered
DWORD dwRegSecuritySettings; // ie security settings (set in WVT) DWORD dwRegPolicySettings; // setreg settings (set in WVT)
struct _CRYPT_PROVIDER_FUNCTIONS *psPfns; // set in WVT.
DWORD cdwTrustStepErrors; // set in WVT. DWORD *padwTrustStepErrors; // allocated in WVT. filled in WVT & Trust Provider
DWORD chStores; // number of stores in pahStores (root set in WVT) HCERTSTORE *pahStores; // array of known stores (root set in WVT) root is ALWAYS #0!!!
DWORD dwEncoding; // message encoding type (set in WVT and Signature Prov) HCRYPTMSG hMsg; // set in Signature Prov.
DWORD csSigners; // use Add2 and Get functions! struct _CRYPT_PROVIDER_SGNR *pasSigners; // use Add2 and Get functions!
DWORD csProvPrivData; // use Add2 and Get functions! struct _CRYPT_PROVIDER_PRIVDATA *pasProvPrivData; // use Add2 and Get functions!
DWORD dwSubjectChoice;# define CPD_CHOICE_SIP 1
union { struct _PROVDATA_SIP *pPDSip; };
char *pszUsageOID; // set in Init Provider
// 03-Oct-1997 pberkman: added BOOL fRecallWithState; // state was maintained for Catalog Files.
// 10-Nov-1997 pberkman: added FILETIME sftSystemTime;
// 16-Jan-1998 pberkman: added char *pszCTLSignerUsageOID;
// 17-Feb-1998 philh: added // LOWORD intialized from WINTRUST_DATA's dwProvFlags. DWORD dwProvFlags;# define CPD_USE_NT5_CHAIN_FLAG 0x80000000# define CPD_REVOCATION_CHECK_NONE 0x00010000# define CPD_REVOCATION_CHECK_END_CERT 0x00020000# define CPD_REVOCATION_CHECK_CHAIN 0x00040000# define CPD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT 0x00080000
// 24-Feb-1998 philh: added DWORD dwFinalError;
// 20-May-1998 KeithV: added PCERT_USAGE_MATCH pRequestUsage;
// 02-Aug-2000 philh: added DWORD dwTrustPubSettings;
} CRYPT_PROVIDER_DATA, *PCRYPT_PROVIDER_DATA;
////////////////////////////////////////////////////////////////////////////////// CRYPT_PROVIDER_FUNCTIONS structure//----------------------------------------------------------------------------//typedef struct _CRYPT_PROVIDER_FUNCTIONS{ DWORD cbStruct;
PFN_CPD_MEM_ALLOC pfnAlloc; // set in WVT PFN_CPD_MEM_FREE pfnFree; // set in WVT
PFN_CPD_ADD_STORE pfnAddStore2Chain; // call to add a store to the chain. PFN_CPD_ADD_SGNR pfnAddSgnr2Chain; // call to add a sgnr struct to a msg struct sgnr chain PFN_CPD_ADD_CERT pfnAddCert2Chain; // call to add a cert struct to a sgnr struct cert chain PFN_CPD_ADD_PRIVDATA pfnAddPrivData2Chain; // call to add provider private data to struct.
PFN_PROVIDER_INIT_CALL pfnInitialize; // initialize Policy data. PFN_PROVIDER_OBJTRUST_CALL pfnObjectTrust; // build info up to the signer info(s). PFN_PROVIDER_SIGTRUST_CALL pfnSignatureTrust; // build info to the signing cert PFN_PROVIDER_CERTTRUST_CALL pfnCertificateTrust; // build the chain PFN_PROVIDER_FINALPOLICY_CALL pfnFinalPolicy; // final call to policy PFN_PROVIDER_CERTCHKPOLICY_CALL pfnCertCheckPolicy; // check each cert will building chain PFN_PROVIDER_TESTFINALPOLICY_CALL pfnTestFinalPolicy; // dump structures to a file (or whatever the policy chooses)
struct _CRYPT_PROVUI_FUNCS *psUIpfns;
// 23-Jul-1997 pberkman: added PFN_PROVIDER_CLEANUP_CALL pfnCleanupPolicy; // PRIVDATA cleanup routine.
} CRYPT_PROVIDER_FUNCTIONS, *PCRYPT_PROVIDER_FUNCTIONS;
////////////////////////////////////////////////////////////////////////////////// CRYPT_PROVUI_FUNCS structure//----------------------------------------------------------------------------//
typedef BOOL (*PFN_PROVUI_CALL)(IN HWND hWndSecurityDialog, IN struct _CRYPT_PROVIDER_DATA *pProvData);
typedef struct _CRYPT_PROVUI_FUNCS{ DWORD cbStruct;
struct _CRYPT_PROVUI_DATA *psUIData;
PFN_PROVUI_CALL pfnOnMoreInfoClick; PFN_PROVUI_CALL pfnOnMoreInfoClickDefault;
PFN_PROVUI_CALL pfnOnAdvancedClick; PFN_PROVUI_CALL pfnOnAdvancedClickDefault;
} CRYPT_PROVUI_FUNCS, *PCRYPT_PROVUI_FUNCS;
////////////////////////////////////////////////////////////////////////////////// CRYPT_PROVUI_DATA//----------------------------------------------------------------------------//typedef struct _CRYPT_PROVUI_DATA{ DWORD cbStruct;
DWORD dwFinalError;
WCHAR *pYesButtonText; // default: "&Yes" WCHAR *pNoButtonText; // default: "&No" WCHAR *pMoreInfoButtonText; // default: "&More Info" WCHAR *pAdvancedLinkText; // default: <none>
// 15-Sep-1997 pberkman: added // good: default: // "Do you want to install and run ""%1"" signed on %2 and distributed by:" WCHAR *pCopyActionText; // good no time stamp: default: // "Do you want to install and run ""%1"" signed on an unknown date/time and distributed by:" WCHAR *pCopyActionTextNoTS; // bad: default: // "Do you want to install and run ""%1""?" WCHAR *pCopyActionTextNotSigned;
} CRYPT_PROVUI_DATA, *PCRYPT_PROVUI_DATA;
////////////////////////////////////////////////////////////////////////////////// CRYPT_PROVIDER_SGNR structure//----------------------------------------------------------------------------// After the Signature Provider is finished there will be zero to many of these// filled out. One for each signer of the message. Also, there will be zero// to many of these filled out inside this structure. One for each counter// signer of the signer.//// IMPORTANT: 1. All dynamically allocated members MUST use allocation// and Add2 functions provided.//typedef struct _CRYPT_PROVIDER_SGNR{ DWORD cbStruct;
FILETIME sftVerifyAsOf; // either today's filetime or the timestamps
DWORD csCertChain; // use Add2 and Get functions! struct _CRYPT_PROVIDER_CERT *pasCertChain; // use Add2 and Get functions!
DWORD dwSignerType; // set if known by policy# define SGNR_TYPE_TIMESTAMP 0x00000010
CMSG_SIGNER_INFO *psSigner; // must use the pfnAlloc allocator!
DWORD dwError; // error encounted while building/verifying the signer.
DWORD csCounterSigners; // use Add2 and Get functions! struct _CRYPT_PROVIDER_SGNR *pasCounterSigners; // use Add2 and Get functions!
// 11-Feb-1998 philh: added PCCERT_CHAIN_CONTEXT pChainContext;
} CRYPT_PROVIDER_SGNR, *PCRYPT_PROVIDER_SGNR;
////////////////////////////////////////////////////////////////////////////////// CRYPT_PROVIDER_CERT structure//----------------------------------------------------------------------------// After the Signature and Certificate Providers are finished there will// be zero to many of these filled out in the CRYPT_PROVIDER_SGNR// structure. One for each certificate in the chain.////typedef struct _CRYPT_PROVIDER_CERT{ DWORD cbStruct;
PCCERT_CONTEXT pCert; // must have its own ref-count!
BOOL fCommercial; BOOL fTrustedRoot; // certchk policy should set this. BOOL fSelfSigned; // set in cert provider
BOOL fTestCert; // certchk policy will set
DWORD dwRevokedReason;
DWORD dwConfidence; // set in the Certificate Provider# define CERT_CONFIDENCE_SIG 0x10000000 // this cert# define CERT_CONFIDENCE_TIME 0x01000000 // issuer cert# define CERT_CONFIDENCE_TIMENEST 0x00100000 // this cert# define CERT_CONFIDENCE_AUTHIDEXT 0x00010000 // this cert# define CERT_CONFIDENCE_HYGIENE 0x00001000 // this cert# define CERT_CONFIDENCE_HIGHEST 0x11111000
DWORD dwError;
CTL_CONTEXT *pTrustListContext;
// 16-Jan-1998 pberkman: added BOOL fTrustListSignerCert;
// 25-Feb-1998 philh: added // // The following two are only applicable to Self Signed certificates // residing in a CTL. PCCTL_CONTEXT pCtlContext; DWORD dwCtlError;
// 12-Mar-1998 philh: added BOOL fIsCyclic;
// 12-Oct-2000 DSIE: added PCERT_CHAIN_ELEMENT pChainElement;} CRYPT_PROVIDER_CERT, *PCRYPT_PROVIDER_CERT;
////////////////////////////////////////////////////////////////////////////////// CRYPT_PROVIDER_PRIVDATA structure//----------------------------------------------------------------------------// This structure is to allow Policy Provider functions to share// POLICY SPECIFIC data between Policy Functions.// The Policy must use the pfnAddPrivateData2Chain function and// must free any data within the member before the Final Policy returns// to WVT.// To allow multiple providers to use this feature, each provider that// uses this member must set the provider ID to it's Action ID so that// the provider can find its data and ignore any other.//typedef struct _CRYPT_PROVIDER_PRIVDATA{ DWORD cbStruct;
GUID gProviderID;
DWORD cbProvData; void *pvProvData;
} CRYPT_PROVIDER_PRIVDATA, *PCRYPT_PROVIDER_PRIVDATA;
////////////////////////////////////////////////////////////////////////////////// PROVDATA_SIP//----------------------------------------------------------------------------//typedef struct _PROVDATA_SIP{ DWORD cbStruct; // = sizeof(PROVDATA_SIP)
GUID gSubject; // subject guid of file/member file. (set in Sig Prov)
struct SIP_DISPATCH_INFO_ *pSip; // set in Sig Prov - defined in sipbase.h struct SIP_DISPATCH_INFO_ *pCATSip; // set in Sig Prov - defined in sipbase.h struct SIP_SUBJECTINFO_ *psSipSubjectInfo; // set in Sig Prov - defined in sipbase.h struct SIP_SUBJECTINFO_ *psSipCATSubjectInfo; // set in Sig Prov - defined in sipbase.h struct SIP_INDIRECT_DATA_ *psIndirectData; // set in Sig Prov - defined in sipbase.h
} PROVDATA_SIP, *PPROVDATA_SIP;
////////////////////////////////////////////////////////////////////////////////// structures used to register action IDs//----------------------------------------------------------------------------//#define WT_CURRENT_VERSION 0x00000200
typedef struct _CRYPT_TRUST_REG_ENTRY{ DWORD cbStruct;
WCHAR *pwszDLLName; WCHAR *pwszFunctionName; // no more than WT_MAX_FUNC_NAME!
} CRYPT_TRUST_REG_ENTRY, *PCRYPT_TRUST_REG_ENTRY;
typedef struct _CRYPT_REGISTER_ACTIONID{ DWORD cbStruct;
CRYPT_TRUST_REG_ENTRY sInitProvider; CRYPT_TRUST_REG_ENTRY sObjectProvider; CRYPT_TRUST_REG_ENTRY sSignatureProvider; CRYPT_TRUST_REG_ENTRY sCertificateProvider; CRYPT_TRUST_REG_ENTRY sCertificatePolicyProvider; CRYPT_TRUST_REG_ENTRY sFinalPolicyProvider; CRYPT_TRUST_REG_ENTRY sTestPolicyProvider;
// 23-Jul-1997 pberkman: added CRYPT_TRUST_REG_ENTRY sCleanupProvider;
} CRYPT_REGISTER_ACTIONID, *PCRYPT_REGISTER_ACTIONID;
typedef BOOL (*PFN_ALLOCANDFILLDEFUSAGE)(IN const char *pszUsageOID, IN struct _CRYPT_PROVIDER_DEFUSAGE *psDefUsage);typedef BOOL (*PFN_FREEDEFUSAGE)(IN const char *pszUsageOID, IN struct _CRYPT_PROVIDER_DEFUSAGE *psDefUsage);
typedef struct _CRYPT_PROVIDER_REGDEFUSAGE{ DWORD cbStruct; // = sizeof CRYPT_PROVIDER_REGDEFUSAGE
GUID *pgActionID;
WCHAR *pwszDllName; char *pwszLoadCallbackDataFunctionName; char *pwszFreeCallbackDataFunctionName;
} CRYPT_PROVIDER_REGDEFUSAGE, *PCRYPT_PROVIDER_REGDEFUSAGE;
typedef struct _CRYPT_PROVIDER_DEFUSAGE{ DWORD cbStruct; // = sizeof CRYPT_PROVIDER_DEFUSAGE
GUID gActionID; // ActionID of provider
LPVOID pDefPolicyCallbackData; // normally filled in WINTRUST_DATA LPVOID pDefSIPClientData; // normally filled in WINTRUST_DATA
} CRYPT_PROVIDER_DEFUSAGE, *PCRYPT_PROVIDER_DEFUSAGE;
#include <poppack.h>
////////////////////////////////////////////////////////////////////////////////// WINTRUST.DLL Provider defines//----------------------------------------------------------------------------// The following are definitions of the Microsoft Generic Cert Provider//#define WT_PROVIDER_DLL_NAME L"WINTRUST.DLL"#define WT_PROVIDER_CERTTRUST_FUNCTION L"WintrustCertificateTrust"
////////////////////////////////////////////////////////////////////////////////// WintrustAddActionID//----------------------------------------------------------------------------// Adds a new Provider combination to the users'// system. Creates all necessary registry entries, etc. This should be done// during the Policy Provider's DllRegisterServer.//// *** THE ONLY ONE WHO SHOULD CALL THIS IS THE POLICY PROVIDER ***//// Returns:// TRUE: No fatal errors// FALSE: Errors occured. See GetLastError()//extern BOOL WINAPI WintrustAddActionID(IN GUID *pgActionID, IN DWORD fdwFlags, IN CRYPT_REGISTER_ACTIONID *psProvInfo);
// By default, WintrustAddActionID doesn't return registry errors.// Set this flag to return registry errors. If FALSE is returned,// LastError is set.#define WT_ADD_ACTION_ID_RET_RESULT_FLAG 0x1
////////////////////////////////////////////////////////////////////////////////// WintrustRemoveActionID//----------------------------------------------------------------------------// Removes the Provider action combination from the users'// system.//// Returns:// TRUE: No fatal errors// FALSE: Errors occured. See GetLastError()//extern BOOL WINAPI WintrustRemoveActionID(IN GUID *pgActionID);
////////////////////////////////////////////////////////////////////////////////// WintrustLoadFunctionPointers//----------------------------------------------------------------------------// Retrieves the function entry points based on the Action ID given.//// Returns:// TRUE success.// FALSE fail.//extern BOOL WINAPI WintrustLoadFunctionPointers(GUID *pgActionID, CRYPT_PROVIDER_FUNCTIONS *pPfns);
////////////////////////////////////////////////////////////////////////////////// WintrustAddDefaultForUsage//----------------------------------------------------------------------------// Sets the default Action ID for the usage. If the provider uses this// function, and the provider requires any of the "callback" data in// WINTRUST_DATA to be filled out, it MUST completely fill out the// CRYPT_PROVIDER_REGDEFUSAGE structure.//// Returns:// TRUE success.// FALSE fail.//extern BOOL WINAPI WintrustAddDefaultForUsage(IN const char *pszUsageOID, IN CRYPT_PROVIDER_REGDEFUSAGE *psDefUsage);
////////////////////////////////////////////////////////////////////////////////// WintrustGetDefaultForUsage//----------------------------------------------------------------------------// Retrieves the Action ID and default callback data for the specified usage//// this function must be called again with dwAction set to FREE to deallocate////// Returns:// TRUE success.// FALSE fail.//#define DWACTION_ALLOCANDFILL 1#define DWACTION_FREE 2extern BOOL WINAPI WintrustGetDefaultForUsage(IN DWORD dwAction, IN const char *pszUsageOID, IN OUT CRYPT_PROVIDER_DEFUSAGE *psUsage);
extern CRYPT_PROVIDER_SGNR * WINAPI WTHelperGetProvSignerFromChain(CRYPT_PROVIDER_DATA *pProvData, DWORD idxSigner, BOOL fCounterSigner, DWORD idxCounterSigner);extern CRYPT_PROVIDER_CERT * WINAPI WTHelperGetProvCertFromChain(CRYPT_PROVIDER_SGNR *pSgnr, DWORD idxCert);
extern CRYPT_PROVIDER_DATA * WINAPI WTHelperProvDataFromStateData(HANDLE hStateData);
extern CRYPT_PROVIDER_PRIVDATA * WINAPI WTHelperGetProvPrivateDataFromChain(CRYPT_PROVIDER_DATA *pProvData, GUID *pgProviderID);extern BOOL WINAPI WTHelperCertIsSelfSigned(DWORD dwEncoding, CERT_INFO *pCert);
////////////////////////////////////////////////////////////////////////////////// Supported ASN structures contained in WINTRUST.DLL//----------------------------------------------------------------------------//#include <pshpack8.h>
//// CTL Trusted CA Lists//#define szOID_TRUSTED_CODESIGNING_CA_LIST "1.3.6.1.4.1.311.2.2.1"#define szOID_TRUSTED_CLIENT_AUTH_CA_LIST "1.3.6.1.4.1.311.2.2.2"#define szOID_TRUSTED_SERVER_AUTH_CA_LIST "1.3.6.1.4.1.311.2.2.3"
//// encode/decode OID defines//#define SPC_COMMON_NAME_OBJID szOID_COMMON_NAME#define SPC_TIME_STAMP_REQUEST_OBJID "1.3.6.1.4.1.311.3.2.1"#define SPC_INDIRECT_DATA_OBJID "1.3.6.1.4.1.311.2.1.4"#define SPC_SP_AGENCY_INFO_OBJID "1.3.6.1.4.1.311.2.1.10"#define SPC_STATEMENT_TYPE_OBJID "1.3.6.1.4.1.311.2.1.11"#define SPC_SP_OPUS_INFO_OBJID "1.3.6.1.4.1.311.2.1.12"#define SPC_CERT_EXTENSIONS_OBJID "1.3.6.1.4.1.311.2.1.14"#define SPC_PE_IMAGE_DATA_OBJID "1.3.6.1.4.1.311.2.1.15"#define SPC_RAW_FILE_DATA_OBJID "1.3.6.1.4.1.311.2.1.18"#define SPC_STRUCTURED_STORAGE_DATA_OBJID "1.3.6.1.4.1.311.2.1.19"#define SPC_JAVA_CLASS_DATA_OBJID "1.3.6.1.4.1.311.2.1.20"#define SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID "1.3.6.1.4.1.311.2.1.21"#define SPC_COMMERCIAL_SP_KEY_PURPOSE_OBJID "1.3.6.1.4.1.311.2.1.22"#define SPC_CAB_DATA_OBJID "1.3.6.1.4.1.311.2.1.25"#define SPC_GLUE_RDN_OBJID "1.3.6.1.4.1.311.2.1.25" // obsolete!#define SPC_MINIMAL_CRITERIA_OBJID "1.3.6.1.4.1.311.2.1.26"#define SPC_FINANCIAL_CRITERIA_OBJID "1.3.6.1.4.1.311.2.1.27"#define SPC_LINK_OBJID "1.3.6.1.4.1.311.2.1.28"#define SPC_SIGINFO_OBJID "1.3.6.1.4.1.311.2.1.30"
#define CAT_NAMEVALUE_OBJID "1.3.6.1.4.1.311.12.2.1"#define CAT_MEMBERINFO_OBJID "1.3.6.1.4.1.311.12.2.2"
//// encode/decode internal defines//#define SPC_SP_AGENCY_INFO_STRUCT ((LPCSTR) 2000)#define SPC_MINIMAL_CRITERIA_STRUCT ((LPCSTR) 2001)#define SPC_FINANCIAL_CRITERIA_STRUCT ((LPCSTR) 2002)#define SPC_INDIRECT_DATA_CONTENT_STRUCT ((LPCSTR) 2003)#define SPC_PE_IMAGE_DATA_STRUCT ((LPCSTR) 2004)#define SPC_LINK_STRUCT ((LPCSTR) 2005)#define SPC_STATEMENT_TYPE_STRUCT ((LPCSTR) 2006)#define SPC_SP_OPUS_INFO_STRUCT ((LPCSTR) 2007)#define SPC_CAB_DATA_STRUCT ((LPCSTR) 2008)#define SPC_JAVA_CLASS_DATA_STRUCT ((LPCSTR) 2009)
#define SPC_SIGINFO_STRUCT ((LPCSTR) 2130)
#define CAT_NAMEVALUE_STRUCT ((LPCSTR) 2221)#define CAT_MEMBERINFO_STRUCT ((LPCSTR) 2222)
#define SPC_UUID_LENGTH 16typedef BYTE SPC_UUID[SPC_UUID_LENGTH];
typedef struct _SPC_SERIALIZED_OBJECT{ SPC_UUID ClassId; CRYPT_DATA_BLOB SerializedData;
} SPC_SERIALIZED_OBJECT, *PSPC_SERIALIZED_OBJECT;
typedef struct SPC_SIGINFO_{ DWORD dwSipVersion; GUID gSIPGuid; DWORD dwReserved1; DWORD dwReserved2; DWORD dwReserved3; DWORD dwReserved4; DWORD dwReserved5;
} SPC_SIGINFO, *PSPC_SIGINFO;
typedef struct SPC_LINK_{ DWORD dwLinkChoice;# define SPC_URL_LINK_CHOICE 1# define SPC_MONIKER_LINK_CHOICE 2# define SPC_FILE_LINK_CHOICE 3
union { LPWSTR pwszUrl; SPC_SERIALIZED_OBJECT Moniker; LPWSTR pwszFile; };
} SPC_LINK, *PSPC_LINK;
typedef struct _SPC_PE_IMAGE_DATA{ CRYPT_BIT_BLOB Flags; PSPC_LINK pFile;
} SPC_PE_IMAGE_DATA, *PSPC_PE_IMAGE_DATA;
typedef struct _SPC_INDIRECT_DATA_CONTENT{ CRYPT_ATTRIBUTE_TYPE_VALUE Data; CRYPT_ALGORITHM_IDENTIFIER DigestAlgorithm; CRYPT_HASH_BLOB Digest;
} SPC_INDIRECT_DATA_CONTENT, *PSPC_INDIRECT_DATA_CONTENT;
typedef struct _SPC_FINANCIAL_CRITERIA{ BOOL fFinancialInfoAvailable; BOOL fMeetsCriteria;
} SPC_FINANCIAL_CRITERIA, *PSPC_FINANCIAL_CRITERIA;
typedef struct _SPC_IMAGE{ struct SPC_LINK_ *pImageLink; CRYPT_DATA_BLOB Bitmap; CRYPT_DATA_BLOB Metafile; CRYPT_DATA_BLOB EnhancedMetafile; CRYPT_DATA_BLOB GifFile;
} SPC_IMAGE, *PSPC_IMAGE;
typedef struct _SPC_SP_AGENCY_INFO{ struct SPC_LINK_ *pPolicyInformation; LPWSTR pwszPolicyDisplayText; PSPC_IMAGE pLogoImage; struct SPC_LINK_ *pLogoLink;
} SPC_SP_AGENCY_INFO, *PSPC_SP_AGENCY_INFO;
typedef struct _SPC_STATEMENT_TYPE{ DWORD cKeyPurposeId; LPSTR *rgpszKeyPurposeId; // pszObjId
} SPC_STATEMENT_TYPE, *PSPC_STATEMENT_TYPE;
typedef struct _SPC_SP_OPUS_INFO{ LPCWSTR pwszProgramName; struct SPC_LINK_ *pMoreInfo; struct SPC_LINK_ *pPublisherInfo;
} SPC_SP_OPUS_INFO, *PSPC_SP_OPUS_INFO;
typedef struct _CAT_NAMEVALUE{ LPWSTR pwszTag; DWORD fdwFlags; CRYPT_DATA_BLOB Value;
} CAT_NAMEVALUE, *PCAT_NAMEVALUE;
typedef struct _CAT_MEMBERINFO{ LPWSTR pwszSubjGuid; DWORD dwCertVersion;
} CAT_MEMBERINFO, *PCAT_MEMBERINFO;
#include <poppack.h>
////////////////////////////////////////////////////////////////////////////////////// support for old calling convention: *** DO NOT USE ***//#ifdef WT_DEFINE_ALL_APIS
typedef struct _WIN_CERTIFICATE{ DWORD dwLength; WORD wRevision; WORD wCertificateType; // WIN_CERT_TYPE_xxx BYTE bCertificate[ANYSIZE_ARRAY];
} WIN_CERTIFICATE, *LPWIN_CERTIFICATE;
#define WIN_CERT_REVISION_1_0 (0x0100)#define WIN_CERT_REVISION_2_0 (0x0200)
#define WIN_CERT_TYPE_X509 (0x0001) // bCertificate contains an X.509 Certificate#define WIN_CERT_TYPE_PKCS_SIGNED_DATA (0x0002) // bCertificate contains a PKCS SignedData structure#define WIN_CERT_TYPE_RESERVED_1 (0x0003) // Reserved#define WIN_CERT_TYPE_TS_STACK_SIGNED (0x0004) // Terminal Server Protocol Stack Certificate signing
typedef LPVOID WIN_TRUST_SUBJECT;
typedef struct _WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT{ HANDLE hClientToken; GUID * SubjectType; WIN_TRUST_SUBJECT Subject;
} WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT, *LPWIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT ;
typedef struct _WIN_TRUST_ACTDATA_SUBJECT_ONLY{ GUID * SubjectType; WIN_TRUST_SUBJECT Subject;
} WIN_TRUST_ACTDATA_SUBJECT_ONLY, *LPWIN_TRUST_ACTDATA_SUBJECT_ONLY;
/* RawFile == 959dc450-8d9e-11cf-8736-00aa00a485eb */#define WIN_TRUST_SUBJTYPE_RAW_FILE \ { 0x959dc450, \ 0x8d9e, \ 0x11cf, \ {0x87, 0x36, 0x00, 0xaa, 0x00, 0xa4, 0x85, 0xeb} \ }
/* PeImage == 43c9a1e0-8da0-11cf-8736-00aa00a485eb */#define WIN_TRUST_SUBJTYPE_PE_IMAGE \ { 0x43c9a1e0, \ 0x8da0, \ 0x11cf, \ {0x87, 0x36, 0x00, 0xaa, 0x00, 0xa4, 0x85, 0xeb} \ }
/* JavaClass = 08ad3990-8da1-11cf-8736-00aa00a485eb */#define WIN_TRUST_SUBJTYPE_JAVA_CLASS \ { 0x08ad3990, \ 0x8da1, \ 0x11cf, \ {0x87, 0x36, 0x00, 0xaa, 0x00, 0xa4, 0x85, 0xeb} \ }/* Cabinet = d17c5374-a392-11cf-9df5-00aa00c184e0 */#define WIN_TRUST_SUBJTYPE_CABINET \ { 0xd17c5374, \ 0xa392, \ 0x11cf, \ { 0x9d, 0xf5, 0x0, 0xaa, 0x0, 0xc1, 0x84, 0xe0 } \ }
typedef struct _WIN_TRUST_SUBJECT_FILE{ HANDLE hFile; LPCWSTR lpPath;
} WIN_TRUST_SUBJECT_FILE, *LPWIN_TRUST_SUBJECT_FILE;
#define WIN_TRUST_SUBJTYPE_RAW_FILEEX \ { 0x6f458110, \ 0xc2f1, \ 0x11cf, \ { 0x8a, 0x69, 0x0, 0xaa, 0x0, 0x6c, 0x37, 0x6 } \ }
#define WIN_TRUST_SUBJTYPE_PE_IMAGEEX \ { 0x6f458111, \ 0xc2f1, \ 0x11cf, \ { 0x8a, 0x69, 0x0, 0xaa, 0x0, 0x6c, 0x37, 0x6 } \ }
#define WIN_TRUST_SUBJTYPE_JAVA_CLASSEX \ { 0x6f458113, \ 0xc2f1, \ 0x11cf, \ { 0x8a, 0x69, 0x0, 0xaa, 0x0, 0x6c, 0x37, 0x6 } \ }
#define WIN_TRUST_SUBJTYPE_CABINETEX \ { 0x6f458114, \ 0xc2f1, \ 0x11cf, \ { 0x8a, 0x69, 0x0, 0xaa, 0x0, 0x6c, 0x37, 0x6 } \ }
typedef struct _WIN_TRUST_SUBJECT_FILE_AND_DISPLAY{ HANDLE hFile; // handle to the open file if you got it LPCWSTR lpPath; // the path to open if you don't LPCWSTR lpDisplayName; // (optional) display name to show to user
} WIN_TRUST_SUBJECT_FILE_AND_DISPLAY, *LPWIN_TRUST_SUBJECT_FILE_AND_DISPLAY;
/* OleStorage == c257e740-8da0-11cf-8736-00aa00a485eb */#define WIN_TRUST_SUBJTYPE_OLE_STORAGE \ { 0xc257e740, \ 0x8da0, \ 0x11cf, \ {0x87, 0x36, 0x00, 0xaa, 0x00, 0xa4, 0x85, 0xeb} \ }
/* TrustedPublisher == 66426730-8da1-11cf-8736-00aa00a485eb */#define WIN_SPUB_ACTION_TRUSTED_PUBLISHER \ { 0x66426730, \ 0x8da1, \ 0x11cf, \ {0x87, 0x36, 0x00, 0xaa, 0x00, 0xa4, 0x85, 0xeb} \ }
/* NtActivateImage == 8bc96b00-8da1-11cf-8736-00aa00a485eb */#define WIN_SPUB_ACTION_NT_ACTIVATE_IMAGE \ { 0x8bc96b00, \ 0x8da1, \ 0x11cf, \ {0x87, 0x36, 0x00, 0xaa, 0x00, 0xa4, 0x85, 0xeb} \ }
/* PublishedSoftware == 64b9d180-8da2-11cf-8736-00aa00a485eb */#define WIN_SPUB_ACTION_PUBLISHED_SOFTWARE \ { 0x64b9d180, \ 0x8da2, \ 0x11cf, \ {0x87, 0x36, 0x00, 0xaa, 0x00, 0xa4, 0x85, 0xeb} \ }
typedef struct _WIN_SPUB_TRUSTED_PUBLISHER_DATA{ HANDLE hClientToken; LPWIN_CERTIFICATE lpCertificate;
} WIN_SPUB_TRUSTED_PUBLISHER_DATA, *LPWIN_SPUB_TRUSTED_PUBLISHER_DATA;
#endif
#ifdef __cplusplus}#endif
#endif // WINTRUST_H
|
