Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

102 lines
2.9 KiB

  1. /*++
  2. Copyright (c) 1998 Microsoft Corporation
  3. Module Name:
  4. licecert.h
  5. Abstract:
  6. The header file for the X509 certificates parsing and verification API
  7. Author:
  8. Frederick Chong (fredch) 6/1/1998
  9. Environment:
  10. Win32, WinCE, Win16
  11. Notes:
  12. --*/
  13. #ifndef _LICE_CERT_H_
  14. #define _LICE_CERT_H_
  15. //-----------------------------------------------------------------------------
  16. //
  17. // Flags to indicate to VerifyCertChain on how should the validity dates in the
  18. // certificate chain be handled.
  19. //
  20. //-----------------------------------------------------------------------------
  21. #define CERT_DATE_ERROR_IF_INVALID 0x00000001
  22. #define CERT_DATE_WARN_IF_INVALID 0x00000002
  23. #define CERT_DATE_DONT_VALIDATE 0x00000003
  24. #define CERT_DATE_OK 0x00000004
  25. #define CERT_DATE_NOT_BEFORE_INVALID 0x00000005
  26. #define CERT_DATE_NOT_AFTER_INVALID 0x00000006
  27. #ifdef __cplusplus
  28. extern "C" {
  29. #endif
  30. //+----------------------------------------------------------------------------
  31. //
  32. // Function:
  33. //
  34. // VerifyCertChain
  35. //
  36. // Abstract:
  37. //
  38. // Verifies a chain of X509 certificates
  39. //
  40. // Parameters:
  41. //
  42. // pbCert - The certificate chain to verify
  43. // cbCert - Size of the certificate chain
  44. // pbPublicKey - The memory to store the public key of the subject on output.
  45. // If set to NULL on input, the API will return
  46. // LICENSE_STATUS_INSUFFICIENT_BUFFER and the size of the
  47. // required buffer set in pcbPublicKey.
  48. // pcbPublicKey - Size of the allocated memory on input. On output, contains
  49. // the actual size of the public key.
  50. // pfDates - How the API should check the validity dates in the cert chain.
  51. // This flag may be set to the following values:
  52. //
  53. // CERT_DATE_ERROR_IF_INVALID - The API will return an error if the
  54. // dates are invalid. When the API returns,
  55. // this flag will be set to CERT_DATE_OK if the
  56. // dates are OK or one of CERT_DATE_NOT_BEFORE_INVALID
  57. // or CERT_DATE_NOT_AFTER_INVALID.
  58. // CERT_DATE_DONT_VALIDATE - Don't validate the dates in the cert chain. The value
  59. // in this flag is not changed when the API returns.
  60. // CERT_DATE_WARN_IF_INVALID - Don't return an error for invalid cert dates.
  61. // When the API returns, this flag will be set to
  62. // CERT_DATE_OK if the dates are OK or one of
  63. // CERT_DATE_NOT_BEFORE_INVALID or
  64. // CERT_DATE_NOT_AFTER_INVALID.
  65. //
  66. // Return:
  67. //
  68. // LICENSE_STATUS_OK if the function is successful.
  69. //
  70. //+----------------------------------------------------------------------------
  71. LICENSE_STATUS
  72. VerifyCertChain(
  73. LPBYTE pbCert,
  74. DWORD cbCert,
  75. LPBYTE pbPublicKey,
  76. LPDWORD pcbPublicKey,
  77. LPDWORD pfDate );
  78. #ifdef __cplusplus
  79. }
  80. #endif
  81. #endif