//+-------------------------------------------------------------------------- // // Microsoft Windows // Copyright (C) Microsoft Corporation, 1996 - 1999 // // File: csprop.h // // Contents: Cert Server Property interfaces // // History: 31-Jul-96 vich created // //--------------------------------------------------------------------------- #ifndef __CSPROP_H__ #define __CSPROP_H__ #include "certdb.h" // begin_certsrv //+-------------------------------------------------------------------------- // Name properties: #define wszPROPDISTINGUISHEDNAME TEXT("DistinguishedName") #define wszPROPRAWNAME TEXT("RawName") #define wszPROPCOUNTRY TEXT("Country") #define wszPROPORGANIZATION TEXT("Organization") #define wszPROPORGUNIT TEXT("OrgUnit") #define wszPROPCOMMONNAME TEXT("CommonName") #define wszPROPLOCALITY TEXT("Locality") #define wszPROPSTATE TEXT("State") #define wszPROPTITLE TEXT("Title") #define wszPROPGIVENNAME TEXT("GivenName") #define wszPROPINITIALS TEXT("Initials") #define wszPROPSURNAME TEXT("SurName") #define wszPROPDOMAINCOMPONENT TEXT("DomainComponent") #define wszPROPEMAIL TEXT("EMail") #define wszPROPSTREETADDRESS TEXT("StreetAddress") #define wszPROPUNSTRUCTUREDNAME TEXT("UnstructuredName") #define wszPROPUNSTRUCTUREDADDRESS TEXT("UnstructuredAddress") #define wszPROPDEVICESERIALNUMBER TEXT("DeviceSerialNumber") //+-------------------------------------------------------------------------- // Subject Name properties: #define wszPROPSUBJECTDOT TEXT("Subject.") #define wszPROPSUBJECTDISTINGUISHEDNAME \ wszPROPSUBJECTDOT wszPROPDISTINGUISHEDNAME #define wszPROPSUBJECTRAWNAME wszPROPSUBJECTDOT wszPROPRAWNAME #define wszPROPSUBJECTCOUNTRY wszPROPSUBJECTDOT wszPROPCOUNTRY #define wszPROPSUBJECTORGANIZATION wszPROPSUBJECTDOT wszPROPORGANIZATION #define wszPROPSUBJECTORGUNIT wszPROPSUBJECTDOT wszPROPORGUNIT #define wszPROPSUBJECTCOMMONNAME wszPROPSUBJECTDOT wszPROPCOMMONNAME #define wszPROPSUBJECTLOCALITY wszPROPSUBJECTDOT wszPROPLOCALITY #define wszPROPSUBJECTSTATE wszPROPSUBJECTDOT wszPROPSTATE #define wszPROPSUBJECTTITLE wszPROPSUBJECTDOT wszPROPTITLE #define wszPROPSUBJECTGIVENNAME wszPROPSUBJECTDOT wszPROPGIVENNAME #define wszPROPSUBJECTINITIALS wszPROPSUBJECTDOT wszPROPINITIALS #define wszPROPSUBJECTSURNAME wszPROPSUBJECTDOT wszPROPSURNAME #define wszPROPSUBJECTDOMAINCOMPONENT wszPROPSUBJECTDOT wszPROPDOMAINCOMPONENT #define wszPROPSUBJECTEMAIL wszPROPSUBJECTDOT wszPROPEMAIL #define wszPROPSUBJECTSTREETADDRESS wszPROPSUBJECTDOT wszPROPSTREETADDRESS #define wszPROPSUBJECTUNSTRUCTUREDNAME wszPROPSUBJECTDOT wszPROPUNSTRUCTUREDNAME #define wszPROPSUBJECTUNSTRUCTUREDADDRESS wszPROPSUBJECTDOT wszPROPUNSTRUCTUREDADDRESS #define wszPROPSUBJECTDEVICESERIALNUMBER wszPROPSUBJECTDOT wszPROPDEVICESERIALNUMBER // end_certsrv //+-------------------------------------------------------------------------- // Issuer Name properties: #define wszPROPISSUERDOT TEXT("Issuer.") #define wszPROPISSUERDISTINGUISHEDNAME \ wszPROPISSUERDOT wszPROPDISTINGUISHEDNAME #define wszPROPISSUERRAWNAME wszPROPISSUERDOT wszPROPRAWNAME #define wszPROPISSUERCOUNTRY wszPROPISSUERDOT wszPROPCOUNTRY #define wszPROPISSUERORGANIZATION wszPROPISSUERDOT wszPROPORGANIZATION #define wszPROPISSUERORGUNIT wszPROPISSUERDOT wszPROPORGUNIT #define wszPROPISSUERCOMMONNAME wszPROPISSUERDOT wszPROPCOMMONNAME #define wszPROPISSUERLOCALITY wszPROPISSUERDOT wszPROPLOCALITY #define wszPROPISSUERSTATE wszPROPISSUERDOT wszPROPSTATE #define wszPROPISSUERTITLE wszPROPISSUERDOT wszPROPTITLE #define wszPROPISSUERGIVENNAME wszPROPISSUERDOT wszPROPGIVENNAME #define wszPROPISSUERINITIALS wszPROPISSUERDOT wszPROPINITIALS #define wszPROPISSUERSURNAME wszPROPISSUERDOT wszPROPSURNAME #define wszPROPISSUERDOMAINCOMPONENT wszPROPISSUERDOT wszPROPDOMAINCOMPONENT #define wszPROPISSUEREMAIL wszPROPISSUERDOT wszPROPEMAIL #define wszPROPISSUERSTREETADDRESS wszPROPISSUERDOT wszPROPSTREETADDRESS #define wszPROPISSUERUNSTRUCTUREDNAME wszPROPISSUERDOT wszPROPUNSTRUCTUREDNAME #define wszPROPISSUERUNSTRUCTUREDADDRESS wszPROPISSUERDOT wszPROPUNSTRUCTUREDADDRESS #define wszPROPISSUERDEVICESERIALNUMBER wszPROPISSUERDOT wszPROPDEVICESERIALNUMBER #define wszPROPISSUERCOUNTRYOBJID \ wszPROPISSUERDOT TEXT(szOID_COUNTRY_NAME) #define wszPROPISSUERORGANIZATIONOBJID \ wszPROPISSUERDOT TEXT(szOID_ORGANIZATION_NAME) #define wszPROPISSUERORGUNITOBJID \ wszPROPISSUERDOT TEXT(szOID_ORGANIZATIONAL_UNIT_NAME) #define wszPROPISSUERCOMMONNAMEOBJID \ wszPROPISSUERDOT TEXT(szOID_COMMON_NAME) #define wszPROPISSUERLOCALITYOBJID \ wszPROPISSUERDOT TEXT(szOID_LOCALITY_NAME) #define wszPROPISSUERSTATEOBJID \ wszPROPISSUERDOT TEXT(szOID_STATE_OR_PROVINCE_NAME) #define wszPROPISSUERTITLEOBJID \ wszPROPISSUERDOT TEXT(szOID_TITLE) #define wszPROPISSUERGIVENNAMEOBJID \ wszPROPISSUERDOT TEXT(szOID_GIVEN_NAME) #define wszPROPISSUERINITIALSOBJID \ wszPROPISSUERDOT TEXT(szOID_INITIALS) #define wszPROPISSUERSURNAMEOBJID \ wszPROPISSUERDOT TEXT(szOID_SUR_NAME) #define wszPROPISSUERDOMAINCOMPONENTOBJID \ wszPROPISSUERDOT TEXT(szOID_DOMAIN_COMPONENT) #define wszPROPISSUEREMAILOBJID \ wszPROPISSUERDOT TEXT(szOID_RSA_emailAddr) #define wszPROPISSUERSTREETADDRESSOBJID \ wszPROPISSUERDOT TEXT(szOID_STREET_ADDRESS) #define wszPROPISSUERUNSTRUCTUREDNAMEOBJID \ wszPROPISSUERDOT TEXT(szOID_RSA_unstructName) #define wszPROPISSUERUNSTRUCTUREDADDRESSOBJID \ wszPROPISSUERDOT TEXT(szOID_RSA_unstructAddr) #define wszPROPISSUERDEVICESERIALNUMBEROBJID \ wszPROPISSUERDOT TEXT(szOID_DEVICE_SERIAL_NUMBER) //+-------------------------------------------------------------------------- // For mapping request attribute names to internal property names: // Map to wszPROPSUBJECTCOUNTRY: #define wszATTRCOUNTRY1 TEXT("C") #define wszATTRCOUNTRY2 TEXT("Country") // Map to wszPROPSUBJECTORGANIZATION: #define wszATTRORG1 TEXT("O") #define wszATTRORG2 TEXT("Org") #define wszATTRORG3 TEXT("Organization") // Map to wszPROPSUBJECTORGUNIT: #define wszATTRORGUNIT1 TEXT("OU") #define wszATTRORGUNIT2 TEXT("OrgUnit") #define wszATTRORGUNIT3 TEXT("OrganizationUnit") #define wszATTRORGUNIT4 TEXT("OrganizationalUnit") // Map to wszPROPSUBJECTCOMMONNAME: #define wszATTRCOMMONNAME1 TEXT("CN") #define wszATTRCOMMONNAME2 TEXT("CommonName") // Map to wszPROPSUBJECTLOCALITY: #define wszATTRLOCALITY1 TEXT("L") #define wszATTRLOCALITY2 TEXT("Locality") // Map to wszPROPSUBJECTSTATE: #define wszATTRSTATE1 TEXT("S") #define wszATTRSTATE2 TEXT("ST") #define wszATTRSTATE3 TEXT("State") // Map to wszPROPSUBJECTTITLE: #define wszATTRTITLE1 TEXT("T") #define wszATTRTITLE2 TEXT("Title") // Map to wszPROPSUBJECTGIVENNAME: #define wszATTRGIVENNAME1 TEXT("G") #define wszATTRGIVENNAME2 TEXT("GivenName") // Map to wszPROPSUBJECTINITIALS: #define wszATTRINITIALS1 TEXT("I") #define wszATTRINITIALS2 TEXT("Initials") // Map to wszPROPSUBJECTSURNAME: #define wszATTRSURNAME1 TEXT("SN") #define wszATTRSURNAME2 TEXT("SurName") // Map to wszPROPSUBJECTDOMAINCOMPONENT: #define wszATTRDOMAINCOMPONENT1 TEXT("DC") #define wszATTRDOMAINCOMPONENT2 TEXT("DomainComponent") // Map to wszPROPSUBJECTEMAIL: #define wszATTREMAIL1 TEXT("E") #define wszATTREMAIL2 TEXT("EMail") // Map to wszPROPSUBJECTSTREETADDRESS: #define wszATTRSTREETADDRESS1 TEXT("Street") #define wszATTRSTREETADDRESS2 TEXT("StreetAddress") // Map to wszPROPSUBJECTUNSTRUCTUREDNAME: #define wszATTRUNSTRUCTUREDNAME1 TEXT("UnstructuredName") // Map to wszPROPSUBJECTUNSTRUCTUREDADDRESS: #define wszATTRUNSTRUCTUREDADDRESS1 TEXT("UnstructuredAddress") // Map to wszPROPSUBJECTDEVICESERIALNUMBER: #define wszATTRDEVICESERIALNUMBER1 TEXT("DeviceSerialNumber") #define wszPROPCERTCLIDLL_VERSION TEXT("..CertCli Version") // begin_certsrv //+-------------------------------------------------------------------------- // Request properties: #define wszPROPREQUESTDOT TEXT("Request.") #define wszPROPREQUESTREQUESTID TEXT("RequestID") #define wszPROPREQUESTRAWREQUEST TEXT("RawRequest") #define wszPROPREQUESTRAWARCHIVEDKEY TEXT("RawArchivedKey") #define wszPROPREQUESTKEYRECOVERYHASHES TEXT("KeyRecoveryHashes") #define wszPROPREQUESTRAWOLDCERTIFICATE TEXT("RawOldCertificate") #define wszPROPREQUESTATTRIBUTES TEXT("RequestAttributes") #define wszPROPREQUESTTYPE TEXT("RequestType") #define wszPROPREQUESTFLAGS TEXT("RequestFlags") #define wszPROPREQUESTSTATUSCODE TEXT("StatusCode") #define wszPROPREQUESTDISPOSITION TEXT("Disposition") #define wszPROPREQUESTDISPOSITIONMESSAGE TEXT("DispositionMessage") #define wszPROPREQUESTSUBMITTEDWHEN TEXT("SubmittedWhen") #define wszPROPREQUESTRESOLVEDWHEN TEXT("ResolvedWhen") #define wszPROPREQUESTREVOKEDWHEN TEXT("RevokedWhen") #define wszPROPREQUESTREVOKEDEFFECTIVEWHEN TEXT("RevokedEffectiveWhen") #define wszPROPREQUESTREVOKEDREASON TEXT("RevokedReason") #define wszPROPREQUESTERNAME TEXT("RequesterName") #define wszPROPCALLERNAME TEXT("CallerName") #define wszPROPREQUESTERADDRESS TEXT("RequesterAddress") // no_certsrv #define wszPROPSIGNERPOLICIES TEXT("SignerPolicies") #define wszPROPSIGNERAPPLICATIONPOLICIES TEXT("SignerApplicationPolicies") #define wszPROPOFFICER TEXT("Officer") //+-------------------------------------------------------------------------- // Request attribute properties: #define wszPROPCHALLENGE TEXT("Challenge") #define wszPROPEXPECTEDCHALLENGE TEXT("ExpectedChallenge") #define wszPROPDISPOSITION TEXT("Disposition") #define wszPROPDISPOSITIONDENY TEXT("Deny") #define wszPROPDISPOSITIONPENDING TEXT("Pending") #define wszPROPVALIDITYPERIODSTRING TEXT("ValidityPeriod") #define wszPROPVALIDITYPERIODCOUNT TEXT("ValidityPeriodUnits") #define wszPROPCERTTYPE TEXT("CertType") #define wszPROPCERTTEMPLATE TEXT("CertificateTemplate") #define wszPROPCERTUSAGE TEXT("CertificateUsage") #define wszPROPREQUESTOSVERSION TEXT("RequestOSVersion") #define wszPROPREQUESTCSPPROVIDER TEXT("RequestCSPProvider") #define wszPROPEXITCERTFILE TEXT("CertFile") #define wszPROPCLIENTBROWSERMACHINE TEXT("cbm") #define wszPROPCERTCLIENTMACHINE TEXT("ccm") #define wszPROPCLIENTDCDNS L"cdc" #define wszPROPREQUESTMACHINEDNS L"rmd" #define wszPROPSUBJECTALTNAME2 TEXT("san") #define wszPROPDNS TEXT("dns") #define wszPROPDN TEXT("dn") #define wszPROPURL TEXT("url") #define wszPROPIPADDRESS TEXT("ipaddress") #define wszPROPGUID TEXT("guid") #define wszPROPOID TEXT("oid") #define wszPROPUPN TEXT("upn") #define wszPROPUPN TEXT("upn") #define szPROPASNTAG "{asn}" #define wszPROPUTF8TAG TEXT("{utf8}") #define wszPROPOCTETTAG TEXT("{octet}") #define wszPROPASNTAG TEXT(szPROPASNTAG) //+-------------------------------------------------------------------------- // "System" properties // ".#" means ".0", ".1", ".2" ... may be appended to the property name to // collect context specific values. For some properties, the suffix selects // the CA certificate context. For others, it selects the the CA CRL context. #define wszPROPCATYPE TEXT("CAType") #define wszPROPSANITIZEDCANAME TEXT("SanitizedCAName") #define wszPROPSANITIZEDSHORTNAME TEXT("SanitizedShortName") #define wszPROPMACHINEDNSNAME TEXT("MachineDNSName") #define wszPROPMODULEREGLOC TEXT("ModuleRegistryLocation") #define wszPROPUSEDS TEXT("fUseDS") #define wszPROPDELTACRLSDISABLED TEXT("fDeltaCRLsDisabled") #define wszPROPSERVERUPGRADED TEXT("fServerUpgraded") #define wszPROPCONFIGDN TEXT("ConfigDN") #define wszPROPDOMAINDN TEXT("DomainDN") #define wszPROPLOGLEVEL TEXT("LogLevel") #define wszPROPSESSIONCOUNT TEXT("SessionCount") #define wszPROPTEMPLATECHANGESEQUENCENUMBER TEXT("TemplateChangeSequenceNumber") // Request Context properties: #define wszPROPREQUESTERTOKEN TEXT("RequesterToken") // no_certsrv #define wszPROPREQUESTERCAACCESS TEXT("RequesterCAAccess") #define wszPROPUSERDN TEXT("UserDN") #define wszPROPKEYARCHIVED TEXT("KeyArchived") // CA Certificate properties: (all ".#" extensible except wszPROPCERTCOUNT) #define wszPROPCERTCOUNT TEXT("CertCount") #define wszPROPRAWCACERTIFICATE TEXT("RawCACertificate") #define wszPROPCERTSTATE TEXT("CertState") #define wszPROPCERTSUFFIX TEXT("CertSuffix") // CA CRL properties: (all ".#" extensible) #define wszPROPRAWCRL TEXT("RawCRL") #define wszPROPRAWDELTACRL TEXT("RawDeltaCRL") #define wszPROPCRLINDEX TEXT("CRLIndex") #define wszPROPCRLSTATE TEXT("CRLState") #define wszPROPCRLSUFFIX TEXT("CRLSuffix") // Values for wszPROPCERTSTATE (see certadm.h): // CA_DISP_REVOKED // This Cert has been revoked. // CA_DISP_VALID // This Cert is still valid // CA_DISP_INVALID // This Cert has expired. // CA_DISP_ERROR // Cert unavailable (placehholder in registry?) // Values for wszPROPCRLSTATE (see certadm.h): // CA_DISP_REVOKED // All unexpired certs using this Cert's CRL have been // // revoked. // CA_DISP_VALID // This Cert is still publishing CRLs as needed. // CA_DISP_INVALID // All certs using this Cert's CRL are expired. // CA_DISP_ERROR // This Cert's CRL is managed by another Cert. // "Settable" system properties: #define wszPROPEVENTLOGTERSE TEXT("EventLogTerse") #define wszPROPEVENTLOGERROR TEXT("EventLogError") #define wszPROPEVENTLOGWARNING TEXT("EventLogWarning") #define wszPROPEVENTLOGVERBOSE TEXT("EventLogVerbose") #define wszPROPEVENTLOGEXHAUSTIVE TEXT("EventLogExhaustive") #define wszPROPDCNAME TEXT("DCName") //+-------------------------------------------------------------------------- // Certificate properties: #define wszPROPCERTIFICATEREQUESTID TEXT("RequestID") #define wszPROPRAWCERTIFICATE TEXT("RawCertificate") #define wszPROPCERTIFICATEHASH TEXT("CertificateHash") #define wszPROPCERTIFICATETEMPLATE TEXT("CertificateTemplate") #define wszPROPCERTIFICATEENROLLMENTFLAGS TEXT("EnrollmentFlags") #define wszPROPCERTIFICATEGENERALFLAGS TEXT("GeneralFlags") #define wszPROPCERTIFICATESERIALNUMBER TEXT("SerialNumber") #define wszPROPCERTIFICATEISSUERNAMEID TEXT("IssuerNameID")//no_certsrv #define wszPROPCERTIFICATENOTBEFOREDATE TEXT("NotBefore") #define wszPROPCERTIFICATENOTAFTERDATE TEXT("NotAfter") #define wszPROPCERTIFICATESUBJECTKEYIDENTIFIER TEXT("SubjectKeyIdentifier") #define wszPROPCERTIFICATERAWPUBLICKEY TEXT("RawPublicKey") #define wszPROPCERTIFICATEPUBLICKEYLENGTH TEXT("PublicKeyLength") #define wszPROPCERTIFICATEPUBLICKEYALGORITHM TEXT("PublicKeyAlgorithm") #define wszPROPCERTIFICATERAWPUBLICKEYALGORITHMPARAMETERS \ TEXT("RawPublicKeyAlgorithmParameters") #define wszPROPCERTIFICATEUPN TEXT("UPN") // Obsolete: #define wszPROPCERTIFICATETYPE TEXT("CertificateType") #define wszPROPCERTIFICATERAWSMIMECAPABILITIES TEXT("RawSMIMECapabilities") #define wszPROPNAMETYPE TEXT("NameType") //+-------------------------------------------------------------------------- // Certificate extension properties: #define EXTENSION_CRITICAL_FLAG 0x00000001 #define EXTENSION_DISABLE_FLAG 0x00000002 #define EXTENSION_POLICY_MASK 0x0000ffff // Settable by admin+policy #define EXTENSION_ORIGIN_REQUEST 0x00010000 #define EXTENSION_ORIGIN_POLICY 0x00020000 #define EXTENSION_ORIGIN_ADMIN 0x00030000 #define EXTENSION_ORIGIN_SERVER 0x00040000 #define EXTENSION_ORIGIN_RENEWALCERT 0x00050000 #define EXTENSION_ORIGIN_IMPORTEDCERT 0x00060000 #define EXTENSION_ORIGIN_PKCS7 0x00070000 #define EXTENSION_ORIGIN_CMC 0x00080000 #define EXTENSION_ORIGIN_CACERT 0x00090000 #define EXTENSION_ORIGIN_MASK 0x000f0000 //+-------------------------------------------------------------------------- // Extension properties: #define wszPROPEXTREQUESTID TEXT("ExtensionRequestId") #define wszPROPEXTNAME TEXT("ExtensionName") #define wszPROPEXTFLAGS TEXT("ExtensionFlags") #define wszPROPEXTRAWVALUE TEXT("ExtensionRawValue") //+-------------------------------------------------------------------------- // Attribute properties: #define wszPROPATTRIBREQUESTID TEXT("AttributeRequestId") #define wszPROPATTRIBNAME TEXT("AttributeName") #define wszPROPATTRIBVALUE TEXT("AttributeValue") //+-------------------------------------------------------------------------- // CRL properties: #define wszPROPCRLROWID TEXT("CRLRowId") #define wszPROPCRLNUMBER TEXT("CRLNumber") #define wszPROPCRLMINBASE TEXT("CRLMinBase") // Delta CRLs only #define wszPROPCRLNAMEID TEXT("CRLNameId") #define wszPROPCRLCOUNT TEXT("CRLCount") #define wszPROPCRLTHISUPDATE TEXT("CRLThisUpdate") #define wszPROPCRLNEXTUPDATE TEXT("CRLNextUpdate") #define wszPROPCRLTHISPUBLISH TEXT("CRLThisPublish") #define wszPROPCRLNEXTPUBLISH TEXT("CRLNextPublish") #define wszPROPCRLEFFECTIVE TEXT("CRLEffective") #define wszPROPCRLPROPAGATIONCOMPLETE TEXT("CRLPropagationComplete") #define wszPROPCRLLASTPUBLISHED TEXT("CRLLastPublished") #define wszPROPCRLPUBLISHATTEMPTS TEXT("CRLPublishAttempts") #define wszPROPCRLPUBLISHFLAGS TEXT("CRLPublishFlags") #define wszPROPCRLPUBLISHSTATUSCODE TEXT("CRLPublishStatusCode") #define wszPROPCRLPUBLISHERROR TEXT("CRLPublishError") #define wszPROPCRLRAWCRL TEXT("CRLRawCRL") //+-------------------------------------------------------------------------- // CRL Published Flags: #define CPF_BASE 0x00000001 #define CPF_DELTA 0x00000002 #define CPF_COMPLETE 0x00000004 #define CPF_SHADOW 0x00000008 #define CPF_CASTORE_ERROR 0x00000010 #define CPF_BADURL_ERROR 0x00000020 #define CPF_MANUAL 0x00000040 #define CPF_SIGNATURE_ERROR 0x00000080 #define CPF_LDAP_ERROR 0x00000100 #define CPF_FILE_ERROR 0x00000200 #define CPF_FTP_ERROR 0x00000400 #define CPF_HTTP_ERROR 0x00000800 //+-------------------------------------------------------------------------- // GetProperty/SetProperty Flags: // // Choose one Type #define PROPTYPE_LONG 0x00000001 // Signed long #define PROPTYPE_DATE 0x00000002 // Date+Time #define PROPTYPE_BINARY 0x00000003 // Binary data #define PROPTYPE_STRING 0x00000004 // Unicode String #define PROPTYPE_MASK 0x000000ff // Choose one Caller: #define PROPCALLER_SERVER 0x00000100 #define PROPCALLER_POLICY 0x00000200 #define PROPCALLER_EXIT 0x00000300 #define PROPCALLER_ADMIN 0x00000400 #define PROPCALLER_REQUEST 0x00000500 #define PROPCALLER_MASK 0x00000f00 // end_certsrv // Choose one Table: #define PROPTABLE_REQCERT 0x00000000 // OpenRow only #define PROPTABLE_REQUEST 0x00001000 #define PROPTABLE_CERTIFICATE 0x00002000 #define PROPTABLE_EXTENSION 0x00003000 #define PROPTABLE_ATTRIBUTE 0x00004000 #define PROPTABLE_CRL 0x00005000 #define PROPTABLE_MASK 0x0000f000 #define PROPFLAGS_INDEXED 0x00010000 // add_certsrv #define PROPFLAGS_MASK 0x000f0000 #define PROPMARSHAL_LOCALSTRING 0x00100000 #define PROPMARSHAL_NULLBSTROK 0x00200000 #define PROPOPEN_READONLY 0x00400000 // OpenRow only #define PROPOPEN_DELETE 0x00800000 // OpenRow only #define PROPOPEN_CERTHASH 0x01000000 // OpenRow only // begin_certsrv // RequestFlags definitions: #define CR_FLG_FORCETELETEX 0x00000001 #define CR_FLG_RENEWAL 0x00000002 #define CR_FLG_FORCEUTF8 0x00000004 #define CR_FLG_CAXCHGCERT 0x00000008 #define CR_FLG_ENROLLONBEHALFOF 0x00000010 #define CR_FLG_SUBJECTUNMODIFIED 0x00000020 #define CR_FLG_VALIDENCRYPTEDKEYHASH 0x00000040 #define CR_FLG_CACROSSCERT 0x00000080 #define CR_FLG_PUBLISHERROR 0x80000000 // end_certsrv #define CB_DBMAXBINARY (4 * 1024) #define CB_DBMAXRAWCERTIFICATE (16 * 1024) #define CB_DBMAXRAWREQUEST (64 * 1024) #define CB_DBMAXRAWCRL (512 * 1024 * 1024) // 512mb #define CCH_DBMAXTEXT_MAXINTERNAL (255 / sizeof(WCHAR)) // 127 chars! #define CB_DBMAXTEXT_MAXINTERNAL (CCH_DBMAXTEXT_MAXINTERNAL * sizeof(WCHAR)) #define CCH_DBMAXTEXT_SHORT 1024 #define CB_DBMAXTEXT_SHORT (CCH_DBMAXTEXT_SHORT * sizeof(WCHAR)) #define CCH_DBMAXTEXT_MEDIUM (4 * 1024) #define CB_DBMAXTEXT_MEDIUM (CCH_DBMAXTEXT_MEDIUM * sizeof(WCHAR)) #define CCH_DBMAXTEXT_LONG (16 * 1024) #define CB_DBMAXTEXT_LONG (CCH_DBMAXTEXT_LONG * sizeof(WCHAR)) #define CCH_DBMAXTEXT_OID CCH_DBMAXTEXT_MAXINTERNAL #define CB_DBMAXTEXT_OID CB_DBMAXTEXT_MAXINTERNAL #define CCH_DBMAXTEXT_REQUESTNAME CCH_DBMAXTEXT_SHORT #define CB_DBMAXTEXT_REQUESTNAME CB_DBMAXTEXT_SHORT #define CCH_DBMAXTEXT_DISPSTRING CCH_DBMAXTEXT_MEDIUM #define CB_DBMAXTEXT_DISPSTRING CB_DBMAXTEXT_MEDIUM #define CCH_DBMAXTEXT_RDN CCH_DBMAXTEXT_MEDIUM #define CB_DBMAXTEXT_RDN CB_DBMAXTEXT_MEDIUM #define CCH_DBMAXTEXT_DN CCH_DBMAXTEXT_MEDIUM #define CB_DBMAXTEXT_DN CB_DBMAXTEXT_MEDIUM #define CCH_DBMAXTEXT_ATTRNAME CCH_DBMAXTEXT_MAXINTERNAL #define CB_DBMAXTEXT_ATTRNAME CB_DBMAXTEXT_MAXINTERNAL #define CCH_DBMAXTEXT_ATTRVALUE CCH_DBMAXTEXT_MEDIUM #define CB_DBMAXTEXT_ATTRVALUE CB_DBMAXTEXT_MEDIUM #define CCH_DBMAXTEXT_ATTRSTRING CCH_DBMAXTEXT_LONG #define CB_DBMAXTEXT_ATTRSTRING CB_DBMAXTEXT_LONG #define cchHASHMAX 64 #define cchSERIALNUMBERMAX 64 #define cchUNSTRUCTUREDNAMEMAX CCH_DBMAXTEXT_SHORT #define cchUNSTRUCTUREDADDRESSMAX CCH_DBMAXTEXT_SHORT #define cchDEVICESERIALNUMBERMAX CCH_DBMAXTEXT_SHORT // Subject RDN string length limits from PKIX Part 1 doc: #define cchCOUNTRYNAMEMAX 2 #define cchORGANIZATIONNAMEMAX 64 #define cchORGANIZATIONALUNITNAMEMAX 64 #define cchCOMMONNAMEMAX 64 #define cchLOCALITYMANAMEMAX 128 #define cchSTATEORPROVINCENAMEMAX 128 #define cchTITLEMAX 64 #define cchGIVENNAMEMAX 16 #define cchINITIALSMAX 5 #define cchSURNAMEMAX 40 #define cchDOMAINCOMPONENTMAX 128 #define cchEMAILMAX 128 #define cchSTREETADDRESSMAX 30 #ifdef cchCOMMONNAMEMAX_XELIB # if cchCOMMONNAMEMAX_XELIB != cchCOMMONNAMEMAX # error cchCOMMONNAMEMAX_XELIB != cchCOMMONNAMEMAX # endif #endif // begin_certsrv // Disposition property values: // Disposition values for requests in the queue: #define DB_DISP_ACTIVE 8 // being processed #define DB_DISP_PENDING 9 // taken under submission #define DB_DISP_QUEUE_MAX 9 // max disposition value for queue view #define DB_DISP_FOREIGN 12 // archived foreign cert #define DB_DISP_CA_CERT 15 // CA cert #define DB_DISP_CA_CERT_CHAIN 16 // CA cert chain #define DB_DISP_KRA_CERT 17 // KRA cert // Disposition values for requests in the log: #define DB_DISP_LOG_MIN 20 // min disposition value for log view #define DB_DISP_ISSUED 20 // cert issued #define DB_DISP_REVOKED 21 // issued and revoked // Disposition values for failed requests in the log: #define DB_DISP_LOG_FAILED_MIN 30 // min disposition value for log view #define DB_DISP_ERROR 30 // request failed #define DB_DISP_DENIED 31 // request denied // end_certsrv // CertIF property callback support: typedef HRESULT (WINAPI FNCIGETPROPERTY)( IN LONG Context, IN DWORD Flags, IN WCHAR const *pwszPropertyName, OUT VARIANT *pvarPropertyValue); FNCIGETPROPERTY PropCIGetProperty; typedef HRESULT (WINAPI FNCISETPROPERTY)( IN LONG Context, IN DWORD Flags, IN WCHAR const *pwszPropertyName, IN VARIANT const *pvarPropertyValue); FNCISETPROPERTY PropCISetProperty; typedef HRESULT (WINAPI FNCIGETEXTENSION)( IN LONG Context, IN DWORD Flags, IN WCHAR const *pwszExtensionName, OUT DWORD *pdwExtFlags, OUT VARIANT *pvarValue); FNCIGETEXTENSION PropCIGetExtension; typedef HRESULT (WINAPI FNCISETEXTENSION)( IN LONG Context, IN DWORD Flags, IN WCHAR const *pwszExtensionName, IN DWORD ExtFlags, IN VARIANT const *pvarValue); FNCISETEXTENSION PropCISetExtension; // CertIF property enumeration callback support: #define CIE_OBJECTID 0x00000001 // return object ids for names #define CIE_RESET 0x00000002 #define CIE_TABLE_EXTENSIONS 0x00000010 #define CIE_TABLE_ATTRIBUTES 0x00000020 #define CIE_TABLE_MASK 0x000000f0 #define CIE_CALLER_POLICY 0x00000200 #define CIE_CALLER_EXIT 0x00000300 #define CIE_CALLER_MASK 0x00000f00 class CIENUM { public: CIENUM() { m_penum = NULL; } HRESULT EnumSetup(IN DWORD RequestId, IN LONG Context, IN DWORD Flags); HRESULT EnumNext(OUT BSTR *pstrPropertyName); HRESULT EnumClose(); LONG GetContext() { return(m_Context); } DWORD GetFlags() { return(m_Flags); } private: IEnumCERTDBNAME *m_penum; LONG m_Context; DWORD m_Flags; }; typedef HRESULT (WINAPI FNCIENUMSETUP)( IN LONG Context, IN LONG Flags, IN OUT CIENUM *pciEnum); FNCIENUMSETUP PropCIEnumSetup; typedef HRESULT (WINAPI FNCIENUMNEXT)( IN OUT CIENUM *pciEnum, OUT BSTR *pstrPropertyName); FNCIENUMNEXT PropCIEnumNext; typedef HRESULT (WINAPI FNCIENUMCLOSE)( IN OUT CIENUM *pciEnum); FNCIENUMCLOSE PropCIEnumClose; #endif // __CSPROP_H__