Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

473 lines
16 KiB

//+---------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1992 - 1999
//
// File: signhlp.h
//
// Contents: Digital Signing Helper APIs
//
// History: June-25-1997 Xiaohs Created
//----------------------------------------------------------------------------
#ifndef _SIGNHLP_H
#define _SIGNHLP_H
#ifdef __cplusplus
extern "C" {
#endif
//--------------------------------------------------------------------------
//
// Copy all the certs from store name to hDescStore
//
//--------------------------------------------------------------------------
HRESULT MoveStoreName(HCRYPTPROV hCryptProv,
DWORD dwCertEncodingType,
HCERTSTORE hDescStore,
DWORD dwStoreName,
DWORD dwStoreFlag);
//--------------------------------------------------------------------------
//
// Copy all the certs from hSrcStore to hDescStore
//
//--------------------------------------------------------------------------
HRESULT MoveStore(HCERTSTORE hDescStore,
HCERTSTORE hSrcStore);
//--------------------------------------------------------------------------
//
// Build up the certificate chain. Put the whole chain to the store
//
//
//--------------------------------------------------------------------------
HRESULT BuildCertChain(HCRYPTPROV hCryptProv,
DWORD dwCertEncodingType,
HCERTSTORE hStore,
HCERTSTORE hOptionalStore,
PCCERT_CONTEXT pSigningCert,
DWORD dwCertPolicy);
//+-------------------------------------------------------------------------
// Build the spc certificate store from the cert chain
//--------------------------------------------------------------------------
HRESULT BuildStoreFromStore(HCRYPTPROV hPvkProv,
DWORD dwKeySpec,
HCRYPTPROV hCryptProv,
DWORD dwCertEncodingType,
SIGNER_CERT_STORE_INFO *pCertStoreInfo,
HCERTSTORE *phSpcStore,
PCCERT_CONTEXT *ppSignCert);
//+-------------------------------------------------------------------------
// Build the spc certificate store from a spc file
//--------------------------------------------------------------------------
HRESULT BuildStoreFromSpcFile(HCRYPTPROV hPvkProv,
DWORD dwKeySpec,
HCRYPTPROV hCryptProv,
DWORD dwCertEncodingType,
LPCWSTR pwszSpcFile,
HCERTSTORE *phSpcStore,
PCCERT_CONTEXT *ppSignCert);
//+-------------------------------------------------------------------------
// Build the spc certificate store from either a spc file or the
// cert chain
//--------------------------------------------------------------------------
HRESULT BuildCertStore(HCRYPTPROV hPvkProv,
DWORD dwKeySpec,
HCRYPTPROV hCryptProv,
DWORD dwCertEncodingType,
SIGNER_CERT *pSignerCert,
HCERTSTORE *phSpcStore,
PCCERT_CONTEXT *ppSigningCert);
//-----------------------------------------------------------------------------
//
// Parse the private key information from a pCertContext's property
// CERT_PVK_FILE_PROP_ID
//
//----------------------------------------------------------------------------
BOOL GetProviderInfoFromCert(PCCERT_CONTEXT pCertContext,
CRYPT_KEY_PROV_INFO *pKeyProvInfo);
//+-------------------------------------------------------------------------
// Get hCryptProv handle and key spec for the certificate
//--------------------------------------------------------------------------
BOOL WINAPI GetCryptProvFromCert(
HWND hwnd,
PCCERT_CONTEXT pCert,
HCRYPTPROV *phCryptProv,
DWORD *pdwKeySpec,
BOOL *pfDidCryptAcquire,
LPWSTR *ppwszTmpContainer,
LPWSTR *ppwszProviderName,
DWORD *pdwProviderType
);
//This is a subst of GetCryptProvFromCert. This function does not consider
//the private key file property of the certificate
BOOL WINAPI CryptProvFromCert(
HWND hwnd,
PCCERT_CONTEXT pCert,
HCRYPTPROV *phCryptProv,
DWORD *pdwKeySpec,
BOOL *pfDidCryptAcquire
);
//+-------------------------------------------------------------------------
// Free hCryptProv handle and key spec for the certificate
//--------------------------------------------------------------------------
void WINAPI FreeCryptProvFromCert(BOOL fAcquired,
HCRYPTPROV hProv,
LPWSTR pwszCapiProvider,
DWORD dwProviderType,
LPWSTR pwszTmpContainer);
//+-----------------------------------------------------------------------
// Check the input parameters of Signcode. Make sure they are valid.
//
//+-----------------------------------------------------------------------
BOOL CheckSigncodeParam(
SIGNER_SUBJECT_INFO *pSubjectInfo,
SIGNER_CERT *pSignerCert,
SIGNER_SIGNATURE_INFO *pSignatureInfo,
SIGNER_PROVIDER_INFO *pProviderInfo);
//+-----------------------------------------------------------------------
// Check the SIGNER_SUBJECT_INFO
//
//+-----------------------------------------------------------------------
BOOL CheckSigncodeSubjectInfo(
PSIGNER_SUBJECT_INFO pSubjectInfo);
//+-----------------------------------------------------------------------
//
//
// Parameters:
// Return Values:
// Error Codes:
//
//------------------------------------------------------------------------
HRESULT WINAPI
AddTimeStampSubj(IN DWORD dwEncodingType,
IN HCRYPTPROV hCryptProv,
IN LPSIP_SUBJECTINFO pSipInfo,
IN DWORD *pdwIndex,
IN PBYTE pbTimeStampResponse,
IN DWORD cbTimeStampResponse,
IN PBYTE pbEncodedSignerInfo,
IN DWORD cbEncodedSignerInfo,
OUT PBYTE* ppbMessage,
OUT DWORD* pcbMessage);
//+-----------------------------------------------------------------------
//
//
// Parameters:
// Return Values:
// Error Codes:
//
//------------------------------------------------------------------------
HRESULT WINAPI
GetSignedMessageDigest(IN SIGNER_SUBJECT_INFO *pSubjectInfo, //Required: The subject based on which to create a timestamp request
IN LPVOID pSipData,
IN OUT PBYTE* ppbDigest,
IN OUT DWORD* pcbDigest);
//+-----------------------------------------------------------------------
//
//
// Parameters:
// Return Values:
// Error Codes:
//
//------------------------------------------------------------------------
HRESULT WINAPI
GetSignedMessageDigestSubj(IN DWORD dwEncodingType,
IN HCRYPTPROV hCryptProv,
IN struct SIP_SUBJECTINFO_ *pSipInfo, // SIP information
IN DWORD* pdwIndex,
IN OUT PBYTE* ppbTimeDigest,
IN OUT DWORD* pcbTimeDigest);
//+-----------------------------------------------------------------------
//
//
// Parameters:
// Return Values:
// Error Codes:
//
//------------------------------------------------------------------------
HRESULT WINAPI
TimeStampRequest(IN DWORD dwEncodingType,
IN PCRYPT_ATTRIBUTES psRequest,
IN PBYTE pbDigest,
IN DWORD cbDigest,
OUT PBYTE pbTimeRequest,
IN OUT DWORD* pcbTimeRequest);
//+-----------------------------------------------------------------------
// FileToSubjectType
//
// Parameters:
// Return Values:
// Error Codes:
// E_INVALIDARG
// Invalid arguement passed in (Requires a file name
// and pointer to a guid ptr)
// TRUST_E_SUBJECT_FORM_UNKNOWN
// Unknow file type
// See also:
// GetFileInformationByHandle()
// CreateFile()
//
//------------------------------------------------------------------------
HRESULT SignOpenFile(LPCWSTR pwszFilename,
HANDLE* pFileHandle);
//+-----------------------------------------------------------------------
// SignGetFileType
//
// Parameters:
// Return Values:
// Error Codes:
// E_INVALIDARG
// Invalid arguement passed in (Requires a file name
// and pointer to a guid ptr)
// See also:
// GetFileInformationByHandle()
// CreateFile()
//
//------------------------------------------------------------------------
HRESULT SignGetFileType(HANDLE hFile,
const WCHAR *pwszFile,
GUID* pGuid);
//+-----------------------------------------------------------------------
// SpcGetFileType
//
// Parameters:
// Return Values:
// Error Codes:
// E_INVALIDARG
// Invalid arguement passed in (Requires a file name
// and pointer to a guid ptr)
// See also:
// GetFileInformationByHandle()
// CreateFile()
//
//------------------------------------------------------------------------
HRESULT SpcGetFileType(HANDLE hFile,
GUID* pGuid);
//+-----------------------------------------------------------------------
// SpcOpenFile
//
// Parameters:
// Return Values:
// Error Codes:
// E_INVALIDARG
// Invalid arguement passed in (Requires a file name
// and pointer to a handle);
// See also:
// GetFileInformationByHandle()
// CreateFile()
//
//------------------------------------------------------------------------
HRESULT SpcOpenFile(LPCWSTR pwszFileName,
HANDLE* pFileHandle);
//+-------------------------------------------------------------------------
// Find the the cert from the hprov
// Parameter Returns:
// pReturnCert - context of the cert found (must pass in cert context);
// Returns:
// S_OK - everything worked
// E_OUTOFMEMORY - memory failure
// E_INVALIDARG - no pReturnCert supplied
// CRYPT_E_NO_MATCH - could not locate certificate in store
//
HRESULT
SpcGetCertFromKey(IN DWORD dwCertEncodingType,
IN HCERTSTORE hStore,
IN HCRYPTPROV hProv,
IN DWORD hKeySpec,
OUT PCCERT_CONTEXT* pReturnCert);
//+-------------------------------------------------------------------------
//If all of the following three conditions are true, we should not put
// commercial or individual authenticated attributes into signer info
//
//1. the enhanced key usage extension of the signer's certificate has no code signing usage (szOID_PKIX_KP_CODE_SIGNING)
//2. basic constraints extension of the signer's cert is missing, or it is neither commercial nor individual
//3. user did not specify -individual or -commercial in signcode.exe.
//--------------------------------------------------------------------------
BOOL NeedStatementTypeAttr(IN PCCERT_CONTEXT psSigningContext,
IN BOOL fCommercial,
IN BOOL fIndividual);
//+-------------------------------------------------------------------------
// Returns TRUE if the Signer Cert has a Key Usage Restriction extension and
// only the commercial key purpose policy object identifier.
//
// Returns FALSE if it contains both a commercial and individual purpose
// policy object identifier.
//--------------------------------------------------------------------------
HRESULT CheckCommercial(IN PCCERT_CONTEXT pSignerCert,
IN BOOL fCommercial,
IN BOOL fIndividual,
OUT BOOL *pfCommercial);
//+-------------------------------------------------------------------------
// Encode the StatementType authenticated attribute value
//--------------------------------------------------------------------------
HRESULT CreateStatementType(IN BOOL fCommercial,
OUT BYTE **ppbEncoded,
IN OUT DWORD *pcbEncoded);
//+-------------------------------------------------------------------------
// Encode the SpOpusInfo authenticated attribute value
//--------------------------------------------------------------------------
HRESULT CreateOpusInfo(IN LPCWSTR pwszOpusName,
IN LPCWSTR pwszOpusInfo,
OUT BYTE **ppbEncoded,
IN OUT DWORD *pcbEncoded);
//+-----------------------------------------------------------------------
//
//
// Parameters:
// Return Values:
// Error Codes:
//
//------------------------------------------------------------------------
HRESULT SpcLoadSipFlags(GUID* pSubjectGuid,
DWORD *dwFlags);
//+-----------------------------------------------------------------------
//
//
// Parameters:
// Return Values:
// Error Codes:
//
//------------------------------------------------------------------------
HINSTANCE GetInstanceHandle();
//+-----------------------------------------------------------------------
//
//
// Parameters:
// Return Values:
// Error Codes:
//
//------------------------------------------------------------------------
void WINAPI PvkFreeCryptProv(IN HCRYPTPROV hProv,
IN LPCWSTR pwszCapiProvider,
IN DWORD dwProviderType,
IN LPWSTR pwszTmpContainer);
//+-----------------------------------------------------------------------
//
//
// Parameters:
// Return Values:
// Error Codes:
//
//------------------------------------------------------------------------
HRESULT WINAPI PvkGetCryptProv( IN HWND hwnd,
IN LPCWSTR pwszCaption,
IN LPCWSTR pwszCapiProvider,
IN DWORD dwProviderType,
IN LPCWSTR pwszPvkFile,
IN LPCWSTR pwszKeyContainerName,
IN DWORD *pdwKeySpec,
OUT LPWSTR *ppwszTmpContainer,
OUT HCRYPTPROV *phCryptProv);
//+-----------------------------------------------------------------------
// Check to see if the certificate is a glue cert
//------------------------------------------------------------------------
HRESULT SignIsGlueCert(IN PCCERT_CONTEXT pCert);
//+-----------------------------------------------------------------------
// Return hr based on GetLastError().
//------------------------------------------------------------------------
HRESULT WINAPI SignError();
//+-----------------------------------------------------------------------
// Check if there is TAG in front of a PKCS7 signed message
//------------------------------------------------------------------------
BOOL WINAPI SignNoContentWrap(IN const BYTE *pbDER,
IN DWORD cbDER);
//-------------------------------------------------------------------------
//
// WSZtoSZ:
// Convert a wchar string to a multi-byte string.
//
//-------------------------------------------------------------------------
HRESULT WSZtoSZ(LPWSTR wsz, LPSTR *psz);
//-------------------------------------------------------------------------
//
// BytesToBase64:
// convert bytes to base64 bstr
//
//-------------------------------------------------------------------------
HRESULT BytesToBase64(BYTE *pb, DWORD cb, CHAR **pszEncode, DWORD *pdwEncode);
//-------------------------------------------------------------------------
//
// BytesToBase64:
// conver base64 bstr to bytes
//
//-------------------------------------------------------------------------
HRESULT Base64ToBytes(CHAR *pEncode, DWORD cbEncode, BYTE **ppb, DWORD *pcb);
#ifdef __cplusplus
}
#endif
#endif