Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

453 lines
16 KiB

  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 1997.
  5. //
  6. // File: cryptdlg.h
  7. //
  8. // Contents: Common Cryptographic Dialog API Prototypes and Definitions
  9. //
  10. //----------------------------------------------------------------------------
  11. #ifndef __CRYPTDLG_H__
  12. #define __CRYPTDLG_H__
  13. #if defined (_MSC_VER) && (_MSC_VER >= 1020)
  14. #pragma once
  15. #endif
  16. #ifdef _CRYPTDLG_
  17. #define CRYPTDLGAPI
  18. #else
  19. #define CRYPTDLGAPI DECLSPEC_IMPORT
  20. #endif
  21. #if (_WIN32_WINNT >= 0x0400) || defined(_MAC) || defined(WIN16)
  22. #include <prsht.h>
  23. #ifdef __cplusplus
  24. extern "C" {
  25. #endif
  26. //
  27. // Many of the common dialogs can be passed a filter proc to reduce
  28. // the set of certificates displayed. A generic filter proc has been
  29. // provided to cover many of the generic cases.
  30. // Return TRUE to display and FALSE to hide
  31. typedef BOOL (WINAPI * PFNCMFILTERPROC)(
  32. IN PCCERT_CONTEXT pCertContext,
  33. IN DWORD, // lCustData, a cookie
  34. IN DWORD, // dwFlags
  35. IN DWORD); // dwDisplayWell
  36. // Display Well Values
  37. #define CERT_DISPWELL_SELECT 1
  38. #define CERT_DISPWELL_TRUST_CA_CERT 2
  39. #define CERT_DISPWELL_TRUST_LEAF_CERT 3
  40. #define CERT_DISPWELL_TRUST_ADD_CA_CERT 4
  41. #define CERT_DISPWELL_TRUST_ADD_LEAF_CERT 5
  42. #define CERT_DISPWELL_DISTRUST_CA_CERT 6
  43. #define CERT_DISPWELL_DISTRUST_LEAF_CERT 7
  44. #define CERT_DISPWELL_DISTRUST_ADD_CA_CERT 8
  45. #define CERT_DISPWELL_DISTRUST_ADD_LEAF_CERT 9
  46. //
  47. typedef UINT (WINAPI * PFNCMHOOKPROC)(
  48. IN HWND hwndDialog,
  49. IN UINT message,
  50. IN WPARAM wParam,
  51. IN LPARAM lParam);
  52. //
  53. #define CSS_HIDE_PROPERTIES 0x00000001
  54. #define CSS_ENABLEHOOK 0x00000002
  55. #define CSS_ALLOWMULTISELECT 0x00000004
  56. #define CSS_SHOW_HELP 0x00000010
  57. #define CSS_ENABLETEMPLATE 0x00000020
  58. #define CSS_ENABLETEMPLATEHANDLE 0x00000040
  59. #define SELCERT_OK IDOK
  60. #define SELCERT_CANCEL IDCANCEL
  61. #define SELCERT_PROPERTIES 100
  62. #define SELCERT_FINEPRINT 101
  63. #define SELCERT_CERTLIST 102
  64. #define SELCERT_HELP IDHELP
  65. #define SELCERT_ISSUED_TO 103
  66. #define SELCERT_VALIDITY 104
  67. #define SELCERT_ALGORITHM 105
  68. #define SELCERT_SERIAL_NUM 106
  69. #define SELCERT_THUMBPRINT 107
  70. typedef struct tagCSSA {
  71. DWORD dwSize;
  72. HWND hwndParent;
  73. HINSTANCE hInstance;
  74. LPCSTR pTemplateName;
  75. DWORD dwFlags;
  76. LPCSTR szTitle;
  77. DWORD cCertStore;
  78. HCERTSTORE * arrayCertStore;
  79. LPCSTR szPurposeOid;
  80. DWORD cCertContext;
  81. PCCERT_CONTEXT * arrayCertContext;
  82. DWORD lCustData;
  83. PFNCMHOOKPROC pfnHook;
  84. PFNCMFILTERPROC pfnFilter;
  85. LPCSTR szHelpFileName;
  86. DWORD dwHelpId;
  87. } CERT_SELECT_STRUCT_A, *PCERT_SELECT_STRUCT_A;
  88. typedef struct tagCSSW {
  89. DWORD dwSize;
  90. HWND hwndParent;
  91. HINSTANCE hInstance;
  92. LPCWSTR pTemplateName;
  93. DWORD dwFlags;
  94. LPCWSTR szTitle;
  95. DWORD cCertStore;
  96. HCERTSTORE * arrayCertStore;
  97. LPCSTR szPurposeOid;
  98. DWORD cCertContext;
  99. PCCERT_CONTEXT * arrayCertContext;
  100. DWORD lCustData;
  101. PFNCMHOOKPROC pfnHook;
  102. PFNCMFILTERPROC pfnFilter;
  103. LPCWSTR szHelpFileName;
  104. DWORD dwHelpId;
  105. } CERT_SELECT_STRUCT_W, *PCERT_SELECT_STRUCT_W;
  106. #ifdef UNICODE
  107. typedef CERT_SELECT_STRUCT_W CERT_SELECT_STRUCT;
  108. typedef PCERT_SELECT_STRUCT_W PCERT_SELECT_STRUCT;
  109. #else
  110. typedef CERT_SELECT_STRUCT_A CERT_SELECT_STRUCT;
  111. typedef PCERT_SELECT_STRUCT_A PCERT_SELECT_STRUCT;
  112. #endif // UNICODE
  113. CRYPTDLGAPI
  114. BOOL
  115. WINAPI
  116. CertSelectCertificateA(
  117. IN OUT PCERT_SELECT_STRUCT_A pCertSelectInfo
  118. );
  119. #ifdef MAC
  120. #define CertSelectCertificate CertSelectCertificateA
  121. #else // !MAC
  122. CRYPTDLGAPI
  123. BOOL
  124. WINAPI
  125. CertSelectCertificateW(
  126. IN OUT PCERT_SELECT_STRUCT_W pCertSelectInfo
  127. );
  128. #ifdef UNICODE
  129. #define CertSelectCertificate CertSelectCertificateW
  130. #else
  131. #define CertSelectCertificate CertSelectCertificateA
  132. #endif
  133. #endif // MAC
  134. /////////////////////////////////////////////////////////////
  135. #define CM_ENABLEHOOK 0x00000001
  136. #define CM_SHOW_HELP 0x00000002
  137. #define CM_SHOW_HELPICON 0x00000004
  138. #define CM_ENABLETEMPLATE 0x00000008
  139. #define CM_HIDE_ADVANCEPAGE 0x00000010
  140. #define CM_HIDE_TRUSTPAGE 0x00000020
  141. #define CM_NO_NAMECHANGE 0x00000040
  142. #define CM_NO_EDITTRUST 0x00000080
  143. #define CM_HIDE_DETAILPAGE 0x00000100
  144. #define CM_ADD_CERT_STORES 0x00000200
  145. typedef struct tagCERT_VIEWPROPERTIES_STRUCT_A {
  146. DWORD dwSize;
  147. HWND hwndParent;
  148. HINSTANCE hInstance;
  149. DWORD dwFlags;
  150. LPCSTR szTitle;
  151. PCCERT_CONTEXT pCertContext;
  152. LPSTR * arrayPurposes;
  153. DWORD cArrayPurposes;
  154. DWORD cRootStores; // Count of Root Stores
  155. HCERTSTORE * rghstoreRoots; // Array of root stores
  156. DWORD cStores; // Count of other stores to search
  157. HCERTSTORE * rghstoreCAs; // Array of other stores to search
  158. DWORD cTrustStores; // Count of trust stores
  159. HCERTSTORE * rghstoreTrust; // Array of trust stores
  160. HCRYPTPROV hprov; // Provider to use for verification
  161. DWORD lCustData;
  162. DWORD dwPad;
  163. LPCSTR szHelpFileName;
  164. DWORD dwHelpId;
  165. DWORD nStartPage;
  166. DWORD cArrayPropSheetPages;
  167. PROPSHEETPAGE * arrayPropSheetPages;
  168. } CERT_VIEWPROPERTIES_STRUCT_A, *PCERT_VIEWPROPERTIES_STRUCT_A;
  169. typedef struct tagCERT_VIEWPROPERTIES_STRUCT_W {
  170. DWORD dwSize;
  171. HWND hwndParent;
  172. HINSTANCE hInstance;
  173. DWORD dwFlags;
  174. LPCWSTR szTitle;
  175. PCCERT_CONTEXT pCertContext;
  176. LPSTR * arrayPurposes;
  177. DWORD cArrayPurposes;
  178. DWORD cRootStores; // Count of Root Stores
  179. HCERTSTORE * rghstoreRoots; // Array of root stores
  180. DWORD cStores; // Count of other stores to search
  181. HCERTSTORE * rghstoreCAs; // Array of other stores to search
  182. DWORD cTrustStores; // Count of trust stores
  183. HCERTSTORE * rghstoreTrust; // Array of trust stores
  184. HCRYPTPROV hprov; // Provider to use for verification
  185. DWORD lCustData;
  186. DWORD dwPad;
  187. LPCWSTR szHelpFileName;
  188. DWORD dwHelpId;
  189. DWORD nStartPage;
  190. DWORD cArrayPropSheetPages;
  191. PROPSHEETPAGE * arrayPropSheetPages;
  192. } CERT_VIEWPROPERTIES_STRUCT_W, *PCERT_VIEWPROPERTIES_STRUCT_W;
  193. #ifdef UNICODE
  194. typedef CERT_VIEWPROPERTIES_STRUCT_W CERT_VIEWPROPERTIES_STRUCT;
  195. typedef PCERT_VIEWPROPERTIES_STRUCT_W PCERT_VIEWPROPERTIES_STRUCT;
  196. #else
  197. typedef CERT_VIEWPROPERTIES_STRUCT_A CERT_VIEWPROPERTIES_STRUCT;
  198. typedef PCERT_VIEWPROPERTIES_STRUCT_A PCERT_VIEWPROPERTIES_STRUCT;
  199. #endif // UNICODE
  200. CRYPTDLGAPI
  201. BOOL
  202. WINAPI
  203. CertViewPropertiesA(
  204. PCERT_VIEWPROPERTIES_STRUCT_A pCertViewInfo
  205. );
  206. #ifdef MAC
  207. #define CertViewProperties CertViewPropertiesA
  208. #else // !MAC
  209. CRYPTDLGAPI
  210. BOOL
  211. WINAPI
  212. CertViewPropertiesW(
  213. PCERT_VIEWPROPERTIES_STRUCT_W pCertViewInfo
  214. );
  215. #ifdef UNICODE
  216. #define CertViewProperties CertViewPropertiesW
  217. #else
  218. #define CertViewProperties CertViewPropertiesA
  219. #endif
  220. #endif // MAC
  221. //
  222. // We provide a default filter function that people can use to do some
  223. // of the most simple things.
  224. //
  225. #define CERT_FILTER_OP_EXISTS 1
  226. #define CERT_FILTER_OP_NOT_EXISTS 2
  227. #define CERT_FILTER_OP_EQUALITY 3
  228. typedef struct tagCMOID {
  229. LPCSTR szExtensionOID; // Extension to filter on
  230. DWORD dwTestOperation;
  231. LPBYTE pbTestData;
  232. DWORD cbTestData;
  233. } CERT_FILTER_EXTENSION_MATCH;
  234. #define CERT_FILTER_INCLUDE_V1_CERTS 0x0001
  235. #define CERT_FILTER_VALID_TIME_RANGE 0x0002
  236. #define CERT_FILTER_VALID_SIGNATURE 0x0004
  237. #define CERT_FILTER_LEAF_CERTS_ONLY 0x0008
  238. #define CERT_FILTER_ISSUER_CERTS_ONLY 0x0010
  239. #define CERT_FILTER_KEY_EXISTS 0x0020
  240. typedef struct tagCMFLTR {
  241. DWORD dwSize;
  242. DWORD cExtensionChecks;
  243. CERT_FILTER_EXTENSION_MATCH * arrayExtensionChecks;
  244. DWORD dwCheckingFlags;
  245. } CERT_FILTER_DATA;
  246. //
  247. // Maybe this should not be here -- but until it goes into wincrypt.h
  248. //
  249. //
  250. // Get a formatted friendly name for a certificate
  251. CRYPTDLGAPI
  252. DWORD
  253. WINAPI
  254. GetFriendlyNameOfCertA(PCCERT_CONTEXT pccert, LPSTR pchBuffer,
  255. DWORD cchBuffer);
  256. CRYPTDLGAPI
  257. DWORD
  258. WINAPI
  259. GetFriendlyNameOfCertW(PCCERT_CONTEXT pccert, LPWSTR pchBuffer,
  260. DWORD cchBuffer);
  261. #ifdef UNICODE
  262. #define GetFriendlyNameOfCert GetFriendlyNameOfCertW
  263. #else
  264. #define GetFriendlyNameOfCert GetFriendlyNameOfCertA
  265. #endif
  266. //
  267. // We also provide a WinTrust provider which performs the same set of
  268. // parameter checking that we do in order to validate certificates.
  269. //
  270. #define CERT_CERTIFICATE_ACTION_VERIFY \
  271. { /* 7801ebd0-cf4b-11d0-851f-0060979387ea */ \
  272. 0x7801ebd0, \
  273. 0xcf4b, \
  274. 0x11d0, \
  275. {0x85, 0x1f, 0x00, 0x60, 0x97, 0x93, 0x87, 0xea} \
  276. }
  277. typedef HRESULT (WINAPI * PFNTRUSTHELPER)(
  278. IN PCCERT_CONTEXT pCertContext,
  279. IN DWORD lCustData,
  280. IN BOOL fLeafCertificate,
  281. IN LPBYTE pbTrustBlob);
  282. //
  283. // Failure Reasons:
  284. //
  285. #define CERT_VALIDITY_BEFORE_START 0x00000001
  286. #define CERT_VALIDITY_AFTER_END 0x00000002
  287. #define CERT_VALIDITY_SIGNATURE_FAILS 0x00000004
  288. #define CERT_VALIDITY_CERTIFICATE_REVOKED 0x00000008
  289. #define CERT_VALIDITY_KEY_USAGE_EXT_FAILURE 0x00000010
  290. #define CERT_VALIDITY_EXTENDED_USAGE_FAILURE 0x00000020
  291. #define CERT_VALIDITY_NAME_CONSTRAINTS_FAILURE 0x00000040
  292. #define CERT_VALIDITY_UNKNOWN_CRITICAL_EXTENSION 0x00000080
  293. #define CERT_VALIDITY_ISSUER_INVALID 0x00000100
  294. #define CERT_VALIDITY_OTHER_EXTENSION_FAILURE 0x00000200
  295. #define CERT_VALIDITY_ISSUER_DISTRUST 0x02000000
  296. #define CERT_VALIDITY_EXPLICITLY_DISTRUSTED 0x01000000
  297. #define CERT_VALIDITY_NO_ISSUER_CERT_FOUND 0x10000000
  298. #define CERT_VALIDITY_NO_CRL_FOUND 0x20000000
  299. #define CERT_VALIDITY_CRL_OUT_OF_DATE 0x40000000
  300. #define CERT_VALIDITY_NO_TRUST_DATA 0x80000000
  301. #define CERT_VALIDITY_MASK_TRUST 0xffff0000
  302. #define CERT_VALIDITY_MASK_VALIDITY 0x0000ffff
  303. #define CERT_TRUST_DO_FULL_SEARCH 0x00000001
  304. #define CERT_TRUST_PERMIT_MISSING_CRLS 0x00000002
  305. #define CERT_TRUST_DO_FULL_TRUST 0x00000005
  306. #define CERT_TRUST_ADD_CERT_STORES CM_ADD_CERT_STORES
  307. //
  308. // Trust data structure
  309. //
  310. // Returned data arrays will be allocated using LocalAlloc and must
  311. // be freed by the caller. The data in the TrustInfo array are individually
  312. // allocated and must be freed. The data in rgChain must be freed by
  313. // calling CertFreeCertificateContext.
  314. //
  315. // Defaults:
  316. // pszUsageOid == NULL indicates that no trust validation should be done
  317. // cRootStores == 0 Will default to User's Root store
  318. // cStores == 0 Will default to User's CA and system's SPC stores
  319. // cTrustStores == 0 Will default to User's TRUST store
  320. // hprov == NULL Will default to RSABase
  321. // any returned item which has a null pointer will not return that item.
  322. // Notes:
  323. // pfnTrustHelper is nyi
  324. typedef struct _CERT_VERIFY_CERTIFICATE_TRUST {
  325. DWORD cbSize; // Size of this structure
  326. PCCERT_CONTEXT pccert; // Certificate to be verified
  327. DWORD dwFlags; // CERT_TRUST_*
  328. DWORD dwIgnoreErr; // Errors to ignore (CERT_VALIDITY_*)
  329. DWORD * pdwErrors; // Location to return error flags
  330. LPSTR pszUsageOid; // Extended Usage OID for Certificate
  331. HCRYPTPROV hprov; // Crypt Provider to use for validation
  332. DWORD cRootStores; // Count of Root Stores
  333. HCERTSTORE * rghstoreRoots; // Array of root stores
  334. DWORD cStores; // Count of other stores to search
  335. HCERTSTORE * rghstoreCAs; // Array of other stores to search
  336. DWORD cTrustStores; // Count of trust stores
  337. HCERTSTORE * rghstoreTrust; // Array of trust stores
  338. DWORD lCustData; //
  339. PFNTRUSTHELPER pfnTrustHelper; // Callback function for cert validation
  340. DWORD * pcChain; // Count of items in the chain array
  341. PCCERT_CONTEXT ** prgChain; // Chain of certificates used
  342. DWORD ** prgdwErrors; // Errors on a per certificate basis
  343. DATA_BLOB ** prgpbTrustInfo; // Array of trust information used
  344. } CERT_VERIFY_CERTIFICATE_TRUST, * PCERT_VERIFY_CERTIFICATE_TRUST;
  345. //
  346. // Trust list manipulation routine
  347. //
  348. // CertModifyCertificatesToTrust can be used to do modifications to the set of certificates
  349. // on trust lists for a given purpose.
  350. // if hcertstoreTrust is NULL, the System Store TRUST in Current User will be used
  351. // if pccertSigner is specified, it will be used to sign the resulting trust lists,
  352. // it also restricts the set of trust lists that may be modified.
  353. //
  354. #define CTL_MODIFY_REQUEST_ADD_NOT_TRUSTED 1
  355. #define CTL_MODIFY_REQUEST_REMOVE 2
  356. #define CTL_MODIFY_REQUEST_ADD_TRUSTED 3
  357. typedef struct _CTL_MODIFY_REQUEST {
  358. PCCERT_CONTEXT pccert; // Certificate to change trust on
  359. DWORD dwOperation; // Operation to be performed
  360. DWORD dwError; // Operation error code
  361. } CTL_MODIFY_REQUEST, * PCTL_MODIFY_REQUEST;
  362. CRYPTDLGAPI
  363. HRESULT
  364. WINAPI
  365. CertModifyCertificatesToTrust(
  366. int cCerts, // Count of modifications to be done
  367. PCTL_MODIFY_REQUEST rgCerts, // Array of modification requests
  368. LPCSTR szPurpose, // Purpose OID to for modifications
  369. HWND hwnd, // HWND for any dialogs
  370. HCERTSTORE hcertstoreTrust, // Cert Store to store trust information in
  371. PCCERT_CONTEXT pccertSigner); // Certificate to be used in signing trust list
  372. #ifdef WIN16
  373. // Need to define export functions in WATCOM.
  374. BOOL
  375. WINAPI CertConfigureTrustA(void);
  376. BOOL
  377. WINAPI FormatVerisignExtension(
  378. DWORD /*dwCertEncodingType*/,
  379. DWORD /*dwFormatType*/,
  380. DWORD /*dwFormatStrType*/,
  381. void * /*pFormatStruct*/,
  382. LPCSTR /*lpszStructType*/,
  383. const BYTE * /*pbEncoded*/,
  384. DWORD /*cbEncoded*/,
  385. void * pbFormat,
  386. DWORD * pcbFormat);
  387. // CertVerifyTrust for WIN16 - like as WinVerifyTrust().
  388. HRESULT
  389. WINAPI CertVerifyTrust16(
  390. PCCERT_CONTEXT pcCertToTest,
  391. DWORD cCAs,
  392. HCERTSTORE * rgCAs,
  393. DWORD * pcChain,
  394. PCCERT_CONTEXT ** prgChain,
  395. BOOL * fTrust);
  396. #endif // !WIN16
  397. #ifdef __cplusplus
  398. } // Balance extern "C" above
  399. #endif
  400. #endif // (_WIN32_WINNT >= 0x0400)
  401. #endif // _CRYPTDLG_H_