windows-server-2003/ds/security/cryptoapi/common/keysvc/keysvc.idl

//depot/Lab03_N/DS/security/cryptoapi/common/keysvc/keysvc.idl#7 - edit change 8790 (text)
//depot/Lab03_N/DS/security/cryptoapi/common/keysvc/keysvc.idl#4 - edit change 6380 (text)
//+-------------------------------------------------------------------------
//
//  Microsoft Windows
//
//  Copyright (C) Microsoft Corporation, 1997 - 1999
//
//  File:       keysvc.idl
//
//--------------------------------------------------------------------------

import "unknwn.idl";

import "basetsd.h";

////////////////////////////
// Interfaces

[
  uuid(8d0ffe72-d252-11d0-bf8f-00c04fd9126b),
  version(1.0),
  pointer_default(unique)
]
interface IKeySvc
{
typedef struct _KEYSVC_UNICODE_STRING {
    USHORT Length;
    USHORT MaximumLength;
//#ifdef MIDL_PASS
    [size_is(MaximumLength / 2), length_is((Length) / 2) ] 
//#endif // MIDL_PASS
    USHORT *Buffer;
} KEYSVC_UNICODE_STRING, *PKEYSVC_UNICODE_STRING;

typedef enum _KEYSVC_TYPE {
    KeySvcMachine,
    KeySvcService
} KEYSVC_TYPE;

typedef enum _KEYSVC_DEFTYPE {
    DefUserProv,
    DefMachineProv
} KEYSVC_DEFTYPE;

typedef ULONG   KEYSVC_HANDLE, *PKEYSVC_HANDLE;

typedef struct _KEYSVC_BLOB {
    ULONG               cb;
    [size_is(cb), length_is(cb)]
    BYTE                *pb;
} KEYSVC_BLOB, *PKEYSVC_BLOB;

// provider type and provider information
typedef struct _KEYSVC_PROVIDER_INFO {
    KEYSVC_UNICODE_STRING   Name;
    ULONG			        Flags;
    ULONG			        ProviderType;
} KEYSVC_PROVIDER_INFO, *PKEYSVC_PROVIDER_INFO;

// key information structures
typedef struct _KEY_ID {
    ULONG               Algid;
    ULONG               dwKeySpec;
} KEY_ID, *PKEY_ID;

typedef struct _KEYSVC_KEY_INFO {
    KEYSVC_UNICODE_STRING   KeyName;
    KEY_ID                  KeyID;
} KEYSVC_KEY_INFO, *PKEYSVC_KEY_INFO;
	 
typedef struct _KEYSVC_KEYS {
    KEYSVC_UNICODE_STRING   KeyName;
    ULONG                   cKeyIDs;
//#ifdef MIDL_PASS
    [size_is(cKeyIDs), length_is(cKeyIDs) ]
//#endif
    PKEY_ID                 pKeyIDs;
} KEYSVC_KEYS, *PKEYSVC_KEYS;

typedef enum _KEYSVC_INFOTYPE {
    KeySvcPublicKey,
    KeySvcVerifyHaveKey
} KEYSVC_INFOTYPE;

typedef struct _KEYSVC_RSAINFO {
    ULONG                   Algid;
    ULONG                   cbHash;
    BYTE                    rgbHash[40];
} KEYSVC_RSAINFO;

typedef struct _KEYSVC_CERT_HASH {
    BYTE                    rgb[20];
} KEYSVC_CERT_HASH;

typedef struct _KEYSVC_CERT_INFO {
    PKEYSVC_BLOB            pCert;
    KEYSVC_CERT_HASH        CertHash;
    KEYSVC_UNICODE_STRING   KeyName;
} KEYSVC_CERT_INFO, *PKEYSVC_CERT_INFO;

// 
typedef struct _KEYSVC_CERT_REQUEST_PVK_NEW {
    ULONG                   ulProvType;         //Optional: The provider type. If this field
                                                //          is 0, pwszProvider is ignored
    KEYSVC_UNICODE_STRING   Provider;           //Optional: The name of the provider.  
                                                //          NULL means the default
    ULONG                   ulProviderFlags;    //Optional: The flag passed to CryptAcquireContext
    KEYSVC_UNICODE_STRING   KeyContainer;       //Optional: The private key container.  If this value is NULL,
                                                //          a new key container will be generated.  Its name is guaranteed
                                                //          to be unique.
    ULONG                   ulKeySpec;          //Optional: The key specification of the private key
    ULONG                   ulGenKeyFlags;      //Optional: The flags for CryptGenKey
} KEYSVC_CERT_REQUEST_PVK_NEW, *PKEYSVC_CERT_REQUEST_PVK_NEW;

typedef struct _KEYSVC_CERT_REQUEST_PVK_NEW_V2 {
    ULONG                   ulProvType;         //Optional: The provider type. If this field
                                                //          is 0, pwszProvider is ignored
    KEYSVC_UNICODE_STRING   Provider;           //Optional: The name of the provider.  
                                                //          NULL means the default
    ULONG                   ulProviderFlags;    //Optional: The flag passed to CryptAcquireContext
    KEYSVC_UNICODE_STRING   KeyContainer;       //Optional: The private key container.  If this value is NULL,
                                                //          a new key container will be generated.  Its name is guaranteed
                                                //          to be unique.
    ULONG                   ulKeySpec;          //Optional: The key specification of the private key
    ULONG                   ulGenKeyFlags;      //Optional: The flags for CryptGenKey
    ULONG                   ulEnrollmentFlags;  //Optional: The enrollment cert type flags
    ULONG                   ulSubjectNameFlags; //Optional: The subject name cert type flags
    ULONG                   ulPrivateKeyFlags;  //Optional: The private key cert type flags
    ULONG                   ulGeneralFlags;     //Optional: The general cert type flags
} KEYSVC_CERT_REQUEST_PVK_NEW_V2, *PKEYSVC_CERT_REQUEST_PVK_NEW_V2;

typedef struct _KEYSVC_CERT_BLOB {
    DWORD   cbData;
//#ifdef MIDL_PASS
    [size_is(cbData), length_is(cbData) ]
//#endif
    BYTE    *pbData;
} KEYSVC_CERT_BLOB, *PKEYSVC_CERT_BLOB;

typedef struct _KEYSVC_CERT_EXTENSION {
    LPSTR               pszObjId;
    BOOL                fCritical;
    DWORD   cbData;
//#ifdef MIDL_PASS
    [size_is(cbData), length_is(cbData) ]
//#endif
    BYTE    *pbData;
//    KEYSVC_CERT_BLOB    Value;
} KEYSVC_CERT_EXTENSION, *PKEYSVC_CERT_EXTENSION;

typedef struct _KEYSVC_CERT_EXTENSIONS {
    ULONG                   cExtension;
//#ifdef MIDL_PASS
    [size_is(cExtension), length_is(cExtension) ]
//#endif
    KEYSVC_CERT_EXTENSION  *rgExtension;
} KEYSVC_CERT_EXTENSIONS, *PKEYSVC_CERT_EXTENSIONS;

typedef struct _KEYSVC_CERT_ENROLL_INFO
{
    KEYSVC_UNICODE_STRING   UsageOID;
    KEYSVC_UNICODE_STRING   CertDNName;
    ULONG                   ulPostOption;       //Required: A bit wise OR of the following value:
                                                //          REQUEST_POST_ON_DS
                                                //          REQUEST_POST_ON_CSP
    KEYSVC_UNICODE_STRING   FriendlyName;       //Optional: The friendly name of the certificate
    KEYSVC_UNICODE_STRING   Description;        //Optional: The description of the certificate
    KEYSVC_UNICODE_STRING   Attributes;         //Optional: Attributes for certificate request
    ULONG                   cExtensions;
//#ifdef MIDL_PASS
    [size_is(cExtensions), length_is(cExtensions) ]
//#endif
    PKEYSVC_CERT_EXTENSIONS *prgExtensions;
}KEYSVC_CERT_ENROLL_INFO, *PKEYSVC_CERT_ENROLL_INFO;

typedef struct _KEYSVC_OPEN_KEYSVC_INFO { 
    ULONG ulSize;      // For struct versioning
    ULONG ulVersion;   
}KEYSVC_OPEN_KEYSVC_INFO, *PKEYSVC_OPEN_KEYSVC_INFO; 

typedef struct _KEYSVC_QUERY_CERT_REQUEST_INFO { 
    ULONG ulSize;     // sizeof(CRYPTUI_WIZ_QUERY_CERT_REQUEST_INFO)
    ULONG ulStatus;   // set of flags, see below
} KEYSVC_QUERY_CERT_REQUEST_INFO,  *PKEYSVC_QUERY_CERT_REQUEST_INFO; 


    ULONG       KeyrOpenKeyService(
        [in]        handle_t                        hRPCBinding,
        [in]        KEYSVC_TYPE                     OwnerType,
        [in]        PKEYSVC_UNICODE_STRING          pOwnerName,
        [in]        ULONG                           ulDesiredAccess,
        [in]        PKEYSVC_BLOB                    pAuthentication,
        [in, out]   PKEYSVC_BLOB                    *ppReserved,
        [out]       KEYSVC_HANDLE                   *phKeySvc); 

    ULONG       KeyrEnumerateProviders(
        [in]        handle_t                        hRPCBinding,
        [in]        KEYSVC_HANDLE                   hKeySvc,
        [in, out]   PKEYSVC_BLOB                    *ppReserved,
        [in, out]   ULONG                           *pcProviderCount,
        [in, out][size_is(,*pcProviderCount)]
					PKEYSVC_PROVIDER_INFO           *ppProviders);
    ULONG       KeyrCloseKeyService(
        [in]        handle_t                        hRPCBinding,
        [in]        KEYSVC_HANDLE                   hKeySvc,
        [in, out]   PKEYSVC_BLOB                    *ppReserved);

    ULONG 	    KeyrGetDefaultProvider(
        [in]        handle_t                        hRPCBinding,
        [in]        KEYSVC_HANDLE                   hKeySvc,
        [in]        ULONG                           ulProvType,
        [in]        ULONG                           ulFlags,
        [in, out]   PKEYSVC_BLOB                    *ppReserved,
        [out]       ULONG                           *pulDefType,
        [out]       PKEYSVC_PROVIDER_INFO           *ppProvider);

    ULONG       KeyrEnroll(
        [in]        handle_t                        hRPCBinding,
        [in]        BOOL                            fKeyService,    //IN Required: Whether the function is called remotely
		[in]		ULONG							ulPurpose,		//IN Required: Specify the purpose - enrollment/renewal
        [in]        PKEYSVC_UNICODE_STRING          pAcctName,      //IN Optional: Account name the service runs under
        [in]        PKEYSVC_UNICODE_STRING          pCALocation,    //IN Required: The ca machine name
        [in]        PKEYSVC_UNICODE_STRING          pCAName,        //IN Required: The ca name
        [in]        BOOL                            fNewKey,        //IN Required: Set the TRUE if new private key is needed
        [in]        PKEYSVC_CERT_REQUEST_PVK_NEW    pKeyNew,        //IN Required: The private key information
        [in]        PKEYSVC_BLOB                    pCert,			//IN Optional: The old cert when renewing
        [in]        PKEYSVC_CERT_REQUEST_PVK_NEW    pRenewKey,      //IN Optional: The new private key information when renewing
        [in]        PKEYSVC_UNICODE_STRING          pHashAlg,       //IN Optional: The hash algorithm
        [in]        PKEYSVC_UNICODE_STRING          pDesStore,      //IN Optional: The destination store
		[in]		ULONG							ulStoreFlags,	//IN Optional: Flags for cert store
        [in]        PKEYSVC_CERT_ENROLL_INFO        pRequestInfo,   //IN Required: The information about the cert request
		[in]		ULONG							ulFlags,		//IN Reserved: Should be 0
        [in, out]   PKEYSVC_BLOB                    *ppReserved,
        [out]       PKEYSVC_BLOB                    *ppPKCS7Blob,   //OUT Optional: The PKCS7 from the CA
        [out]       PKEYSVC_BLOB                    *ppHashBlob,    //OUT Optioanl: The SHA1 hash of the enrolled/renewed certificate
        [out]       ULONG                           *pulStatus);    //OUT Optional: The status of the enrollment/renewal

    ULONG       KeyrEnumerateAvailableCertTypes(
        [in]        handle_t                        hRPCBinding,
        [in]        KEYSVC_HANDLE                   hKeySvc,
        [in, out]   PKEYSVC_BLOB                    *ppReserved,
        [in, out]   ULONG                           *pcCertTypeCount,
        [in, out][size_is(,*pcCertTypeCount)]
					PKEYSVC_UNICODE_STRING           *ppCertTypes);
    ULONG       KeyrEnumerateCAs(
        [in]        handle_t                        hRPCBinding,
        [in]        KEYSVC_HANDLE                   hKeySvc,
        [in, out]   PKEYSVC_BLOB                    *ppReserved,
		[in]        ULONG                           ulFlags,
        [in, out]   ULONG                           *pcCACount,
        [in, out][size_is(,*pcCACount)]
	PKEYSVC_UNICODE_STRING           *ppCAs);

    ULONG       KeyrEnroll_V2(
        [in]        handle_t                        hRPCBinding,
        [in]        BOOL                            fKeyService,    //IN Required: Whether the function is called remotely
        [in]        ULONG                           ulPurpose,	    //IN Required: Specify the purpose - enrollment/renewal
	[in]        ULONG                           ulFlags,        //IN Required: Enrollment flags.                      
        [in]        PKEYSVC_UNICODE_STRING          pAcctName,      //IN Optional: Account name the service runs under
        [in]        PKEYSVC_UNICODE_STRING          pCALocation,    //IN Required: The ca machine name
        [in]        PKEYSVC_UNICODE_STRING          pCAName,        //IN Required: The ca name
        [in]        BOOL                            fNewKey,        //IN Required: Set the TRUE if new private key is needed
        [in]        PKEYSVC_CERT_REQUEST_PVK_NEW_V2 pKeyNew,        //IN Required: The private key information
        [in]        PKEYSVC_BLOB                    pCert,	    //IN Optional: The old cert when renewing
        [in]        PKEYSVC_CERT_REQUEST_PVK_NEW_V2 pRenewKey,      //IN Optional: The new private key information when renewing
        [in]        PKEYSVC_UNICODE_STRING          pHashAlg,       //IN Optional: The hash algorithm
        [in]        PKEYSVC_UNICODE_STRING          pDesStore,      //IN Optional: The destination store
        [in]        ULONG                           ulStoreFlags,   //IN Optional: Flags for cert store
        [in]        PKEYSVC_CERT_ENROLL_INFO        pRequestInfo,    //IN Required: The information about the cert request
        [in]	    ULONG                           ulReservedFlags, //IN Reserved: Must be 0. 
        [in, out]   PKEYSVC_BLOB                    *ppReserved,     //IN OUT Reserved:  Must be NULL. 
	[in, out]   PKEYSVC_BLOB                    *phRequest,     //OUT Optional: The HANDLE to a created request (in 3-stage enrollment)
        [out]       PKEYSVC_BLOB                    *ppPKCS7Blob,   //OUT Optional: The PKCS7 from the CA
        [out]       PKEYSVC_BLOB                    *ppHashBlob,    //OUT Optioanl: The SHA1 hash of the enrolled/renewed certificate
        [out]       ULONG                           *pulStatus);    //OUT Optional: The status of the enrollment/renewal


    ULONG KeyrQueryRequestStatus
        ([in]        handle_t                         hRPCBinding, 
         [in]        unsigned __int64                 hRequest, 
         [out, ref]  KEYSVC_QUERY_CERT_REQUEST_INFO  *pQueryInfo); 
}


[
  uuid(a3b749b1-e3d0-4967-a521-124055d1c37d),
  version(1.0),
  pointer_default(unique)
]

interface IKeySvcR // Remote keysvc
{
    ULONG       RKeyrOpenKeyService
    ([in]        handle_t                       hRPCBinding,
     [in]        KEYSVC_TYPE                    OwnerType,
     [in]        PKEYSVC_UNICODE_STRING         pOwnerName,
     [in]        ULONG                          ulDesiredAccess,
     [in]        PKEYSVC_BLOB                   pAuthentication,
     [in, out]   PKEYSVC_BLOB                  *ppReserved,
     [out]       KEYSVC_HANDLE                 *phKeySvc); 
    
    ULONG       RKeyrCloseKeyService
    ([in]        handle_t                       hRPCBinding,
     [in]        KEYSVC_HANDLE                  hKeySvc,
     [in, out]   PKEYSVC_BLOB                  *ppReserved);

    ULONG       RKeyrPFXInstall
    ([in]        handle_t                      hRPCBinding,
     [in]        PKEYSVC_BLOB                  pPFX,
     [in]        PKEYSVC_UNICODE_STRING        pPassword,
     [in]        ULONG                         ulFlags);
}



// Define version constants. 
cpp_quote("#define KEYSVC_VERSION_W2K       0x0001")
cpp_quote("#define KEYSVC_VERSION_WHISTLER  0x0002")