|
|
#ifndef _PFXHELP_H
#define _PFXHELP_H
//+---------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1992 - 1999
//
// File: pfxhelp.h
//
// Contents: PFX helper function defintions and types
//
//----------------------------------------------------------------------------
#include "pfx.h"
//+-------------------------------------------------------------------------
// Safe Bag Type Object Identifiers
//--------------------------------------------------------------------------
#define szOID_PKCS_12_VERSION1 szOID_PKCS_12 ".10"
#define szOID_PKCS_12_BAG_IDS szOID_PKCS_12_VERSION1 ".1"
#define szOID_PKCS_12_KEY_BAG szOID_PKCS_12_BAG_IDS ".1"
#define szOID_PKCS_12_SHROUDEDKEY_BAG szOID_PKCS_12_BAG_IDS ".2"
#define szOID_PKCS_12_CERT_BAG szOID_PKCS_12_BAG_IDS ".3"
#define szOID_PKCS_12_CRL_BAG szOID_PKCS_12_BAG_IDS ".4"
#define szOID_PKCS_12_SECRET_BAG szOID_PKCS_12_BAG_IDS ".5"
#define szOID_PKCS_12_SAFECONTENTS_BAG szOID_PKCS_12_BAG_IDS ".6"
#define PBE_SALT_LENGTH 8
typedef struct _SAFE_BAG{ LPSTR pszBagTypeOID; CRYPT_DER_BLOB BagContents; CRYPT_ATTRIBUTES Attributes; } SAFE_BAG, *PSAFE_BAG;
typedef struct _SAFE_CONTENTS{ DWORD cSafeBags; SAFE_BAG *pSafeBags;} SAFE_CONTENTS, *PSAFE_CONTENTS;
typedef struct _EXPORT_SAFE_CALLBACK_STRUCT { PCRYPT_ENCRYPT_PRIVATE_KEY_FUNC pEncryptPrivateKeyFunc; LPVOID pVoidEncryptFunc;} EXPORT_SAFE_CALLBACK_STRUCT, *PEXPORT_SAFE_CALLBACK_STRUCT;
//+-------------------------------------------------------------------------
// hCertStore - handle to the cert store that contains the certs whose
// corresponding private keys are to be exported
// pSafeContents - pointer to a buffer to receive the SAFE_CONTENTS structure
// and supporting data
// pcbSafeContents - (in) specifies the length, in bytes, of the pSafeContents
// buffer. (out) gets filled in with the number of bytes
// used by the operation. If this is set to 0, the
// required length of pSafeContents is filled in, and
// pSafeContents is ignored.
// ExportSafeCallbackStruct - pointer to callbacks to handle PKCS8 encryption. If NULL,
// no encryption is performed.
// dwFlags - the current available flags are:
// EXPORT_PRIVATE_KEYS
// if this flag is set then the private keys are exported as well
// as the certificates
// REPORT_NO_PRIVATE_KEY
// if this flag is set and a certificate is encountered that has no
// no associated private key, the function will return immediately
// with ppCertContext filled in with a pointer to the cert context
// in question. the caller is responsible for freeing the cert
// context which is passed back.
// REPORT_NOT_ABLE_TO_EXPORT_PRIVATE_KEY
// if this flag is set and a certificate is encountered that has a
// non-exportable private key, the function will return immediately
// with ppCertContext filled in with a pointer to the cert context
// in question. the caller is responsible for freeing the cert
// context which is passed back.
// ppCertContext - a pointer to a pointer to a cert context. this is used
// if REPORT_NO_PRIVATE_KEY or REPORT_NOT_ABLE_TO_EXPORT_PRIVATE_KEY
// flags are set. the caller is responsible for freeing the
// cert context.
// pvAuxInfo - reserved for future use, must be set to NULL
//+-------------------------------------------------------------------------
BOOL WINAPI CertExportSafeContents( HCERTSTORE hCertStore, // in
SAFE_CONTENTS *pSafeContents, // out
DWORD *pcbSafeContents, // in, out
EXPORT_SAFE_CALLBACK_STRUCT* ExportSafeCallbackStruct, // in
DWORD dwFlags, // in
PCCERT_CONTEXT *ppCertContext, // out
void *pvAuxInfo // in
);
// this callback is called when a private key is going to be imported,
// this gives the caller a chance specify which provider to import the
// key to.
// the parameters are:
// pPrivateKeyInfo - a PRIVATE_KEY_INFO structure which contains all
// the information about the private key being imported
// dwSafeBagIndex - the idex into the safe bag array so the caller can
// identify which SAFE_BAG this key cam out of
// phCryptProvInfo - a pointer to a HCRYPTPROV that is to be filled in
// with the handle of the provider to import to
// ppVoidhCryptProvQueryVoid - the LPVOID that was passed in when
// CertImportSafeContents called, this is
// preserved and passed back to the caller for
// context
typedef BOOL (CALLBACK *PHCRYPTPROV_QUERY_FUNC)( CRYPT_PRIVATE_KEY_INFO *pPrivateKeyInfo, DWORD dwSafeBagIndex, HCRYPTPROV *phCryptProv, LPVOID pVoidhCryptProvQuery, DWORD dwPFXImportFlags);
typedef struct _IMPORT_SAFE_CALLBACK_STRUCT { PHCRYPTPROV_QUERY_FUNC phCryptProvQueryFunc; LPVOID pVoidhCryptProvQuery; PCRYPT_DECRYPT_PRIVATE_KEY_FUNC pDecryptPrivateKeyFunc; LPVOID pVoidDecryptFunc;} IMPORT_SAFE_CALLBACK_STRUCT, *PIMPORT_SAFE_CALLBACK_STRUCT;
//+-------------------------------------------------------------------------
// hCertStore - handle of the cert store to import the safe contents to
// pSafeContents - pointer to the safe contents to import to the store
// dwCertAddDisposition - used when importing certificate to the store.
// for a full explanation of the possible values
// and their meanings see documentation for
// CertAddEncodedCertificateToStore
// ImportSafeCallbackStruct - structure that contains pointers to functions
// which are callled to get a HCRYPTPROV for import
// and to decrypt the key if a EncryptPrivateKeyInfo
// is encountered during import
// dwFlags - The available flags are:
// CRYPT_EXPORTABLE
// this flag is used when importing private keys, for a full
// explanation please see the documentation for CryptImportKey.
// pvAuxInfo - reserved for future use, must be set to NULL
//+-------------------------------------------------------------------------
BOOL WINAPI CertImportSafeContents( HCERTSTORE hCertStore, // in
SAFE_CONTENTS *pSafeContents, // in
DWORD dwCertAddDisposition, // in
IMPORT_SAFE_CALLBACK_STRUCT* ImportSafeCallbackStruct, // in
DWORD dwFlags, // in
void *pvAuxInfo // in
);
#endif
|
