mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
671 lines
28 KiB
671 lines
28 KiB
//+--------------------------------------------------------------------------
|
|
//
|
|
// Microsoft Windows
|
|
// Copyright (C) Microsoft Corporation, 1996 - 1999
|
|
//
|
|
// File: csregstr.h
|
|
//
|
|
// Contents: Cert Server registry string definitions
|
|
//
|
|
//---------------------------------------------------------------------------
|
|
|
|
#ifndef __CSREGSTR_H__
|
|
#define __CSREGSTR_H__
|
|
|
|
#define wszROOT_CERTSTORE TEXT("ROOT")
|
|
#define wszKRA_CERTSTORE TEXT("KRA")
|
|
#define wszCA_CERTSTORE TEXT("CA")
|
|
#define wszMY_CERTSTORE TEXT("MY")
|
|
#define wszACRS_CERTSTORE TEXT("ACRS")
|
|
#define wszREQUEST_CERTSTORE TEXT("REQUEST")
|
|
#define wszNTAUTH_CERTSTORE TEXT("NTAUTH")
|
|
|
|
|
|
// begin_certsrv
|
|
|
|
#define wszSERVICE_NAME TEXT("CertSvc")
|
|
|
|
#define wszREGKEYNOSYSTEMCERTSVCPATH \
|
|
TEXT("CurrentControlSet\\Services\\") \
|
|
wszSERVICE_NAME
|
|
|
|
#define wszREGKEYCERTSVCPATH TEXT("SYSTEM\\") wszREGKEYNOSYSTEMCERTSVCPATH
|
|
#define wszREGKEYBASE wszREGKEYCERTSVCPATH // obsolete definition
|
|
|
|
//======================================================================
|
|
// Full path to "CertSvc\Configuration\":
|
|
#define wszREGKEYCONFIGPATH wszREGKEYCERTSVCPATH TEXT("\\") wszREGKEYCONFIG
|
|
#define wszREGKEYCONFIGPATH_BS wszREGKEYCONFIGPATH TEXT("\\")
|
|
#define wszREGKEYCONFIGCANAME wszREGKEYCONFIGPATH_BS // obsolete definition
|
|
|
|
//======================================================================
|
|
// Full path to "CertSvc\Configuration\RestoreInProgress":
|
|
#define wszREGKEYCONFIGRESTORE wszREGKEYCONFIGPATH_BS wszREGKEYRESTOREINPROGRESS
|
|
|
|
//======================================================================
|
|
// Key Under "CertSvc":
|
|
#define wszREGKEYCONFIG TEXT("Configuration")
|
|
|
|
//======================================================================
|
|
// Values Under "CertSvc\Configuration":
|
|
#define wszREGACTIVE TEXT("Active")
|
|
#define wszREGDIRECTORY TEXT("ConfigurationDirectory")
|
|
#define wszREGDBDIRECTORY TEXT("DBDirectory")
|
|
#define wszREGDBLOGDIRECTORY TEXT("DBLogDirectory")
|
|
#define wszREGDBSYSDIRECTORY TEXT("DBSystemDirectory")
|
|
#define wszREGDBTEMPDIRECTORY TEXT("DBTempDirectory")
|
|
#define wszREGDBSESSIONCOUNT TEXT("DBSessionCount")
|
|
#define wszREGDBLASTFULLBACKUP TEXT("DBLastFullBackup")
|
|
#define wszREGDBLASTINCREMENTALBACKUP TEXT("DBLastIncrementalBackup")
|
|
#define wszREGDBLASTRECOVERY TEXT("DBLastRecovery")
|
|
#define wszREGWEBCLIENTCAMACHINE TEXT("WebClientCAMachine")
|
|
#define wszREGVERSION TEXT("Version")
|
|
#define wszREGWEBCLIENTCANAME TEXT("WebClientCAName")
|
|
#define wszREGWEBCLIENTCATYPE TEXT("WebClientCAType")
|
|
#define wszREGDBOPTIONALFLAGS TEXT("DBOptionalFlags")
|
|
|
|
// end_certsrv
|
|
|
|
#define wszREGCERTSRVDEBUG TEXT("Debug")
|
|
#define wszREGCERTSRVMEMTRACK TEXT("MemTrack")
|
|
|
|
// Environment variables:
|
|
#define szCERTSRV_DEBUG "CERTSRV_DEBUG"
|
|
#define szCERTSRV_LOGFILE "CERTSRV_LOGFILE"
|
|
#define szCERTSRV_LOGMAX "CERTSRV_LOGMAX"
|
|
#define szCERTSRV_MEMTRACK "CERTSRV_MEMTRACK"
|
|
|
|
// begin_certsrv
|
|
|
|
// Default value for wszREGDBSESSIONCOUNT
|
|
#define DBSESSIONCOUNTDEFAULT 20
|
|
|
|
// Default value for wszREGMAXINCOMINGMESSAGESIZE
|
|
#define MAXINCOMINGMESSAGESIZEDEFAULT (64 * 1024)
|
|
|
|
// Value for wszREGVERSION:
|
|
#define CSVER_MAJOR 2 // high 16 bits
|
|
#define CSVER_MINOR 1 // low 16 bits
|
|
|
|
// stamp, for all time,the whistler version:
|
|
#define CSVER_WHISTLER ((2<<16)|(1))
|
|
|
|
// Keys Under "CertSvc\Configuration":
|
|
#define wszREGKEYRESTOREINPROGRESS TEXT("RestoreInProgress")
|
|
|
|
//======================================================================
|
|
// Values Under "CertSvc\Configuration\<CAName>":
|
|
#define wszREGCADESCRIPTION TEXT("CADescription")
|
|
#define wszREGCACERTHASH TEXT("CACertHash")
|
|
#define wszREGCASERIALNUMBER TEXT("CACertSerialNumber")
|
|
#define wszREGCAXCHGCERTHASH TEXT("CAXchgCertHash")
|
|
#define wszREGKRACERTHASH TEXT("KRACertHash")
|
|
#define wszREGKRACERTCOUNT TEXT("KRACertCount")
|
|
#define wszREGKRAFLAGS TEXT("KRAFlags")
|
|
#define wszREGCATYPE TEXT("CAType")
|
|
#define wszREGCERTENROLLCOMPATIBLE TEXT("CertEnrollCompatible")
|
|
#define wszREGENFORCEX500NAMELENGTHS TEXT("EnforceX500NameLengths")
|
|
#define wszREGCOMMONNAME TEXT("CommonName")
|
|
#define wszREGCLOCKSKEWMINUTES TEXT("ClockSkewMinutes")
|
|
|
|
#define wszREGCRLNEXTPUBLISH TEXT("CRLNextPublish")
|
|
#define wszREGCRLPERIODSTRING TEXT("CRLPeriod")
|
|
#define wszREGCRLPERIODCOUNT TEXT("CRLPeriodUnits")
|
|
#define wszREGCRLOVERLAPPERIODSTRING TEXT("CRLOverlapPeriod")
|
|
#define wszREGCRLOVERLAPPERIODCOUNT TEXT("CRLOverlapUnits")
|
|
|
|
#define wszREGCRLDELTANEXTPUBLISH TEXT("CRLDeltaNextPublish")
|
|
#define wszREGCRLDELTAPERIODSTRING TEXT("CRLDeltaPeriod")
|
|
#define wszREGCRLDELTAPERIODCOUNT TEXT("CRLDeltaPeriodUnits")
|
|
#define wszREGCRLDELTAOVERLAPPERIODSTRING TEXT("CRLDeltaOverlapPeriod")
|
|
#define wszREGCRLDELTAOVERLAPPERIODCOUNT TEXT("CRLDeltaOverlapUnits")
|
|
|
|
#define wszREGCRLPUBLICATIONURLS TEXT("CRLPublicationURLs")
|
|
#define wszREGCACERTPUBLICATIONURLS TEXT("CACertPublicationURLs")
|
|
|
|
#define wszREGCAXCHGVALIDITYPERIODSTRING TEXT("CAXchgValidityPeriod")
|
|
#define wszREGCAXCHGVALIDITYPERIODCOUNT TEXT("CAXchgValidityPeriodUnits")
|
|
#define wszREGCAXCHGOVERLAPPERIODSTRING TEXT("CAXchgOverlapPeriod")
|
|
#define wszREGCAXCHGOVERLAPPERIODCOUNT TEXT("CAXchgOverlapPeriodUnits")
|
|
|
|
#define wszREGCRLPATH_OLD TEXT("CRLPath")
|
|
#define wszREGCRLEDITFLAGS TEXT("CRLEditFlags")
|
|
#define wszREGCRLFLAGS TEXT("CRLFlags")
|
|
#define wszREGCRLATTEMPTREPUBLISH TEXT("CRLAttemptRepublish")
|
|
#define wszREGENABLED TEXT("Enabled")
|
|
#define wszREGFORCETELETEX TEXT("ForceTeletex")
|
|
#define wszREGLOGLEVEL TEXT("LogLevel")
|
|
#define wszREGHIGHSERIAL TEXT("HighSerial")
|
|
#define wszREGPOLICYFLAGS TEXT("PolicyFlags")
|
|
#define wszREGNAMESEPARATOR TEXT("SubjectNameSeparator")
|
|
#define wszREGSUBJECTTEMPLATE TEXT("SubjectTemplate")
|
|
#define wszREGCAUSEDS TEXT("UseDS")
|
|
#define wszREGVALIDITYPERIODSTRING TEXT("ValidityPeriod")
|
|
#define wszREGVALIDITYPERIODCOUNT TEXT("ValidityPeriodUnits")
|
|
#define wszREGPARENTCAMACHINE TEXT("ParentCAMachine")
|
|
#define wszREGPARENTCANAME TEXT("ParentCAName")
|
|
#define wszREGREQUESTFILENAME TEXT("RequestFileName")
|
|
#define wszREGREQUESTID TEXT("RequestId")
|
|
#define wszREGREQUESTKEYCONTAINER TEXT("RequestKeyContainer")
|
|
#define wszREGREQUESTKEYINDEX TEXT("RequestKeyIndex")
|
|
#define wszREGCASERVERNAME TEXT("CAServerName")
|
|
#define wszREGCACERTFILENAME TEXT("CACertFileName")
|
|
#define wszREGCASECURITY TEXT("Security")
|
|
#define wszREGAUDITFILTER TEXT("AuditFilter")
|
|
#define wszREGOFFICERRIGHTS TEXT("OfficerRights")
|
|
#define wszREGMAXINCOMINGMESSAGESIZE TEXT("MaxIncomingMessageSize")
|
|
#define wszREGROLESEPARATIONENABLED TEXT("RoleSeparationEnabled")
|
|
|
|
#define wszREGSETUPSTATUS TEXT("SetupStatus")
|
|
#define wszLOCKICERTREQUEST TEXT("LockICertRequest")
|
|
#define wszREGDSCONFIGDN TEXT("DSConfigDN")
|
|
#define wszREGDSDOMAINDN TEXT("DSDomainDN")
|
|
|
|
#define wszPFXFILENAMEEXT TEXT(".p12")
|
|
#define wszDATFILENAMEEXT TEXT(".dat")
|
|
#define wszLOGFILENAMEEXT TEXT(".log")
|
|
#define wszPATFILENAMEEXT TEXT(".pat")
|
|
#define wszDBFILENAMEEXT TEXT(".edb")
|
|
#define szDBBASENAMEPARM "edb"
|
|
#define wszDBBASENAMEPARM TEXT(szDBBASENAMEPARM)
|
|
#define wszLOGPATH TEXT("CertLog")
|
|
#define wszDBBACKUPSUBDIR TEXT("DataBase")
|
|
#define wszDBBACKUPCERTBACKDAT TEXT("certbkxp.dat")
|
|
|
|
#ifndef __ENUM_CATYPES__
|
|
#define __ENUM_CATYPES__
|
|
|
|
// Values for wszREGCATYPE:
|
|
typedef enum {
|
|
ENUM_ENTERPRISE_ROOTCA = 0,
|
|
ENUM_ENTERPRISE_SUBCA = 1,
|
|
//ENUM_UNUSED2 = 2,
|
|
ENUM_STANDALONE_ROOTCA = 3,
|
|
ENUM_STANDALONE_SUBCA = 4,
|
|
ENUM_UNKNOWN_CA = 5,
|
|
} ENUM_CATYPES;
|
|
|
|
#endif __ENUM_CATYPES__
|
|
|
|
// Default value for wszREGCLOCKSKEWMINUTES
|
|
#define CCLOCKSKEWMINUTESDEFAULT 10
|
|
|
|
// Default validity period for ROOT CA certs:
|
|
#define dwVALIDITYPERIODCOUNTDEFAULT_ROOT 5
|
|
|
|
// Default validity periods for certs issued by a CA:
|
|
#define dwVALIDITYPERIODCOUNTDEFAULT_ENTERPRISE 2
|
|
#define dwVALIDITYPERIODCOUNTDEFAULT_STANDALONE 1
|
|
#define dwVALIDITYPERIODENUMDEFAULT ENUM_PERIOD_YEARS
|
|
#define wszVALIDITYPERIODSTRINGDEFAULT wszPERIODYEARS
|
|
|
|
#define dwCAXCHGVALIDITYPERIODCOUNTDEFAULT 1
|
|
#define dwCAXCHGVALIDITYPERIODENUMDEFAULT ENUM_PERIOD_WEEKS
|
|
#define wszCAXCHGVALIDITYPERIODSTRINGDEFAULT wszPERIODWEEKS
|
|
|
|
#define dwCAXCHGOVERLAPPERIODCOUNTDEFAULT 1
|
|
#define dwCAXCHGOVERLAPPERIODENUMDEFAULT ENUM_PERIOD_DAYS
|
|
#define wszCAXCHGOVERLAPPERIODSTRINGDEFAULT wszPERIODDAYS
|
|
|
|
#define dwCRLPERIODCOUNTDEFAULT 1
|
|
#define wszCRLPERIODSTRINGDEFAULT wszPERIODWEEKS
|
|
|
|
#define dwCRLOVERLAPPERIODCOUNTDEFAULT 0 // 0 --> disabled
|
|
#define wszCRLOVERLAPPERIODSTRINGDEFAULT wszPERIODHOURS
|
|
|
|
#define dwCRLDELTAPERIODCOUNTDEFAULT 1
|
|
#define wszCRLDELTAPERIODSTRINGDEFAULT wszPERIODDAYS
|
|
|
|
#define dwCRLDELTAOVERLAPPERIODCOUNTDEFAULT 0 // 0 --> disabled
|
|
#define wszCRLDELTAOVERLAPPERIODSTRINGDEFAULT wszPERIODMINUTES
|
|
|
|
|
|
// Values for wszREGLOGLEVEL:
|
|
#define CERTLOG_MINIMAL (DWORD) 0
|
|
#define CERTLOG_TERSE (DWORD) 1
|
|
#define CERTLOG_ERROR (DWORD) 2
|
|
#define CERTLOG_WARNING (DWORD) 3
|
|
#define CERTLOG_VERBOSE (DWORD) 4
|
|
|
|
|
|
// Values for wszREGSETUPSTATUS:
|
|
#define SETUP_SERVER_FLAG 0x00000001 // server installed
|
|
#define SETUP_CLIENT_FLAG 0x00000002 // client installed
|
|
#define SETUP_SUSPEND_FLAG 0x00000004 // incomplete install
|
|
#define SETUP_REQUEST_FLAG 0x00000008 // new cert requested
|
|
#define SETUP_ONLINE_FLAG 0x00000010 // requested online
|
|
#define SETUP_DENIED_FLAG 0x00000020 // request denied
|
|
#define SETUP_CREATEDB_FLAG 0x00000040 // create new DB
|
|
#define SETUP_ATTEMPT_VROOT_CREATE 0x00000080 // try to create vroots
|
|
#define SETUP_FORCECRL_FLAG 0x00000100 // force new CRL(s)
|
|
#define SETUP_UPDATE_CAOBJECT_SVRTYPE 0x00000200 // add server type to CA DS object "flags" attr
|
|
#define SETUP_SERVER_UPGRADED_FLAG 0x00000400 // server was upgraded
|
|
#define SETUP_W2K_SECURITY_NOT_UPGRADED_FLAG 0x00000800 // still need to upgrade security
|
|
|
|
// Values for wszREGCRLFLAGS:
|
|
#define CRLF_DELTA_USE_OLDEST_UNEXPIRED_BASE 0x00000001 // use oldest base:
|
|
// else use newest base CRL that satisfies base CRL propagation delay
|
|
|
|
#define CRLF_DELETE_EXPIRED_CRLS 0x00000002
|
|
#define CRLF_CRLNUMBER_CRITICAL 0x00000004
|
|
#define CRLF_REVCHECK_IGNORE_OFFLINE 0x00000008
|
|
#define CRLF_IGNORE_INVALID_POLICIES 0x00000010
|
|
#define CRLF_REBUILD_MODIFIED_SUBJECT_ONLY 0x00000020
|
|
#define CRLF_SAVE_FAILED_CERTS 0x00000040
|
|
#define CRLF_IGNORE_UNKNOWN_CMC_ATTRIBUTES 0x00000080
|
|
#define CRLF_ACCEPT_OLDRFC_CMC 0x00000100
|
|
#define CRLF_PUBLISH_EXPIRED_CERT_CRLS 0x00000200
|
|
|
|
// Values for wszREGKRAFLAGS:
|
|
#define KRAF_ENABLEFOREIGN 0x00000001 // allow foreign cert, key archival
|
|
#define KRAF_SAVEBADREQUESTKEY 0x00000002 // save failed request w/archived key
|
|
|
|
// Values for numeric prefixes for
|
|
// wszREGCRLPUBLICATIONURLS and wszREGCACERTPUBLICATIONURLS:
|
|
//
|
|
// URL publication template Flags values, encoded as a decimal prefix for URL
|
|
// publication templates in the registry:
|
|
// "1:c:\winnt\System32\CertSrv\CertEnroll\MyCA.crl"
|
|
// "2:http:\//MyServer.MyDomain.com/CertEnroll\MyCA.crl"
|
|
|
|
#define CSURL_SERVERPUBLISH 0x00000001
|
|
#define CSURL_ADDTOCERTCDP 0x00000002
|
|
#define CSURL_ADDTOFRESHESTCRL 0x00000004
|
|
#define CSURL_ADDTOCRLCDP 0x00000008
|
|
#define CSURL_PUBLISHRETRY 0x00000010
|
|
#define CSURL_ADDTOCERTOCSP 0x00000020
|
|
// end_certsrv
|
|
|
|
// Initialization internal definitions -- not written to the registry:
|
|
#define CSURL_ADDSYSTEM32DIR 0x20000000
|
|
#define CSURL_NODS 0x40000000
|
|
#define CSURL_DSONLY 0x80000000
|
|
#define CSURL_INITMASK 0xf0000000
|
|
|
|
// begin_certsrv
|
|
//======================================================================
|
|
// Keys Under "CertSvc\Configuration\<CAName>":
|
|
#define wszREGKEYCSP TEXT("CSP")
|
|
#define wszREGKEYENCRYPTIONCSP TEXT("EncryptionCSP")
|
|
#define wszREGKEYEXITMODULES TEXT("ExitModules")
|
|
#define wszREGKEYPOLICYMODULES TEXT("PolicyModules")
|
|
#define wszSECUREDATTRIBUTES TEXT("SignedAttributes")
|
|
|
|
#define wszzDEFAULTSIGNEDATTRIBUTES TEXT("RequesterName\0")
|
|
|
|
//======================================================================
|
|
// Values Under "CertSvc\Configuration\RestoreInProgress":
|
|
#define wszREGBACKUPLOGDIRECTORY TEXT("BackupLogDirectory")
|
|
#define wszREGCHECKPOINTFILE TEXT("CheckPointFile")
|
|
#define wszREGHIGHLOGNUMBER TEXT("HighLogNumber")
|
|
#define wszREGLOWLOGNUMBER TEXT("LowLogNumber")
|
|
#define wszREGLOGPATH TEXT("LogPath")
|
|
#define wszREGRESTOREMAPCOUNT TEXT("RestoreMapCount")
|
|
#define wszREGRESTOREMAP TEXT("RestoreMap")
|
|
#define wszREGDATABASERECOVERED TEXT("DatabaseRecovered")
|
|
#define wszREGRESTORESTATUS TEXT("RestoreStatus")
|
|
|
|
// values under \Configuration\PolicyModules in nt5 beta 2
|
|
#define wszREGB2ICERTMANAGEMODULE TEXT("ICertManageModule")
|
|
// values under \Configuration in nt4 sp4
|
|
#define wszREGSP4DEFAULTCONFIGURATION TEXT("DefaultConfiguration")
|
|
// values under ca in nt4 sp4
|
|
#define wszREGSP4KEYSETNAME TEXT("KeySetName")
|
|
#define wszREGSP4SUBJECTNAMESEPARATOR TEXT("SubjectNameSeparator")
|
|
#define wszREGSP4NAMES TEXT("Names")
|
|
#define wszREGSP4QUERIES TEXT("Queries")
|
|
// both nt4 sp4 and nt5 beta 2
|
|
#define wszREGNETSCAPECERTTYPE TEXT("NetscapeCertType")
|
|
#define wszNETSCAPEREVOCATIONTYPE TEXT("Netscape")
|
|
|
|
// end_certsrv
|
|
|
|
|
|
// CSPs
|
|
#define wszBASECSP MS_STRONG_PROV_W
|
|
#define wszENHCSP TEXT("Microsoft Enhanced Cryptographic Provider v1.0")
|
|
#define wszMITVCSP TEXT("MITV Smart Card Crypto Provider V0.2")
|
|
#define wszBBNCSP TEXT("BBN SafeKeyer Crypto Provider V0.1")
|
|
#define wszSLBCSP TEXT("Schlumberger Cryptographic Service Provider v0.1")
|
|
#define wszSLBCSP2 TEXT("Schlumberger Cryptographic Service Provider")
|
|
#define wszGEMPLUS TEXT("Gemplus GemPASS Card CSP v1.0")
|
|
#define wszGEMPLUS2 TEXT("Gemplus GemSAFE Card CSP v1.0")
|
|
#define wszDDSCSP TEXT("Microsoft Base DSS Cryptographic Provider")
|
|
|
|
// Hash Algorithms
|
|
#define wszHashMD5 TEXT("MD5")
|
|
#define wszHashMD4 TEXT("MD4")
|
|
#define wszHashMD2 TEXT("MD2")
|
|
#define wszHashSHA1 TEXT("SHA-1")
|
|
|
|
// begin_certsrv
|
|
|
|
//======================================================================
|
|
// Values Under "CertSvc\Configuration\<CAName>\CSP":
|
|
// and "CertSvc\Configuration\<CAName>\EncryptionCSP":
|
|
#define wszREGPROVIDERTYPE TEXT("ProviderType")
|
|
#define wszREGPROVIDER TEXT("Provider")
|
|
#define wszHASHALGORITHM TEXT("HashAlgorithm")
|
|
#define wszENCRYPTIONALGORITHM TEXT("EncryptionAlgorithm")
|
|
#define wszMACHINEKEYSET TEXT("MachineKeyset")
|
|
#define wszREGKEYSIZE TEXT("KeySize")
|
|
|
|
|
|
//======================================================================
|
|
// Value strings for "CertSvc\Configuration\<CAName>\SubjectNameSeparator":
|
|
#define szNAMESEPARATORDEFAULT "\n"
|
|
#define wszNAMESEPARATORDEFAULT TEXT(szNAMESEPARATORDEFAULT)
|
|
|
|
|
|
//======================================================================
|
|
// Value strings for "CertSvc\Configuration\<CAName>\ValidityPeriod", etc.:
|
|
#define wszPERIODYEARS TEXT("Years")
|
|
#define wszPERIODMONTHS TEXT("Months")
|
|
#define wszPERIODWEEKS TEXT("Weeks")
|
|
#define wszPERIODDAYS TEXT("Days")
|
|
#define wszPERIODHOURS TEXT("Hours")
|
|
#define wszPERIODMINUTES TEXT("Minutes")
|
|
#define wszPERIODSECONDS TEXT("Seconds")
|
|
|
|
//======================================================================
|
|
// Values Under "CertSvc\Configuration\<CAName>\PolicyModules\<ProgId>":
|
|
#define wszREGISSUERCERTURLFLAGS TEXT("IssuerCertURLFlags")
|
|
#define wszREGEDITFLAGS TEXT("EditFlags")
|
|
#define wszREGSUBJECTALTNAME TEXT("SubjectAltName")
|
|
#define wszREGSUBJECTALTNAME2 TEXT("SubjectAltName2")
|
|
#define wszREGREQUESTDISPOSITION TEXT("RequestDisposition")
|
|
#define wszREGCAPATHLENGTH TEXT("CAPathLength")
|
|
#define wszREGREVOCATIONTYPE TEXT("RevocationType")
|
|
|
|
#define wszREGLDAPREVOCATIONCRLURL_OLD TEXT("LDAPRevocationCRLURL")
|
|
#define wszREGREVOCATIONCRLURL_OLD TEXT("RevocationCRLURL")
|
|
#define wszREGFTPREVOCATIONCRLURL_OLD TEXT("FTPRevocationCRLURL")
|
|
#define wszREGFILEREVOCATIONCRLURL_OLD TEXT("FileRevocationCRLURL")
|
|
|
|
#define wszREGREVOCATIONURL TEXT("RevocationURL")
|
|
|
|
#define wszREGLDAPISSUERCERTURL_OLD TEXT("LDAPIssuerCertURL")
|
|
#define wszREGISSUERCERTURL_OLD TEXT("IssuerCertURL")
|
|
#define wszREGFTPISSUERCERTURL_OLD TEXT("FTPIssuerCertURL")
|
|
#define wszREGFILEISSUERCERTURL_OLD TEXT("FileIssuerCertURL")
|
|
|
|
#define wszREGENABLEREQUESTEXTENSIONLIST TEXT("EnableRequestExtensionList")
|
|
#define wszREGDISABLEEXTENSIONLIST TEXT("DisableExtensionList")
|
|
|
|
#define wszREGDEFAULTSMIME TEXT("DefaultSMIME")
|
|
|
|
// wszREGCAPATHLENGTH Values:
|
|
#define CAPATHLENGTH_INFINITE 0xffffffff
|
|
|
|
// wszREGREQUESTDISPOSITION Values:
|
|
#define REQDISP_PENDING 0x00000000
|
|
#define REQDISP_ISSUE 0x00000001
|
|
#define REQDISP_DENY 0x00000002
|
|
#define REQDISP_USEREQUESTATTRIBUTE 0x00000003
|
|
#define REQDISP_MASK 0x000000ff
|
|
#define REQDISP_PENDINGFIRST 0x00000100
|
|
#define REQDISP_DEFAULT_STANDALONE (REQDISP_PENDINGFIRST | REQDISP_ISSUE)
|
|
#define REQDISP_DEFAULT_ENTERPRISE (REQDISP_ISSUE)
|
|
|
|
// wszREGREVOCATIONTYPE Values:
|
|
#define REVEXT_CDPLDAPURL_OLD 0x00000001
|
|
#define REVEXT_CDPHTTPURL_OLD 0x00000002
|
|
#define REVEXT_CDPFTPURL_OLD 0x00000004
|
|
#define REVEXT_CDPFILEURL_OLD 0x00000008
|
|
#define REVEXT_CDPURLMASK_OLD 0x000000ff
|
|
#define REVEXT_CDPENABLE 0x00000100
|
|
#define REVEXT_ASPENABLE 0x00000200
|
|
|
|
#define REVEXT_DEFAULT_NODS (REVEXT_CDPENABLE)
|
|
#define REVEXT_DEFAULT_DS (REVEXT_CDPENABLE)
|
|
|
|
// wszREGISSUERCERTURLFLAGS Values:
|
|
#define ISSCERT_LDAPURL_OLD 0x00000001
|
|
#define ISSCERT_HTTPURL_OLD 0x00000002
|
|
#define ISSCERT_FTPURL_OLD 0x00000004
|
|
#define ISSCERT_FILEURL_OLD 0x00000008
|
|
#define ISSCERT_URLMASK_OLD 0x000000ff
|
|
#define ISSCERT_ENABLE 0x00000100
|
|
|
|
#define ISSCERT_DEFAULT_NODS (ISSCERT_ENABLE)
|
|
#define ISSCERT_DEFAULT_DS (ISSCERT_ENABLE)
|
|
|
|
// wszREGEDITFLAGS Values: Defaults:
|
|
// Under CA key: wszREGCRLEDITFLAGS Values (EDITF_ENABLEAKI* only):
|
|
#define EDITF_ENABLEREQUESTEXTENSIONS 0x00000001 // neither
|
|
#define EDITF_REQUESTEXTENSIONLIST 0x00000002 // Standalone
|
|
#define EDITF_DISABLEEXTENSIONLIST 0x00000004 // both
|
|
#define EDITF_ADDOLDKEYUSAGE 0x00000008 // both
|
|
#define EDITF_ADDOLDCERTTYPE 0x00000010 // neither
|
|
#define EDITF_ATTRIBUTEENDDATE 0x00000020 // Standalone
|
|
#define EDITF_BASICCONSTRAINTSCRITICAL 0x00000040 // Standalone
|
|
#define EDITF_BASICCONSTRAINTSCA 0x00000080 // Standalone
|
|
#define EDITF_ENABLEAKIKEYID 0x00000100 // both
|
|
#define EDITF_ATTRIBUTECA 0x00000200 // Standalone
|
|
#define EDITF_IGNOREREQUESTERGROUP 0x00000400 // Standalone
|
|
#define EDITF_ENABLEAKIISSUERNAME 0x00000800 // both
|
|
#define EDITF_ENABLEAKIISSUERSERIAL 0x00001000 // both
|
|
#define EDITF_ENABLEAKICRITICAL 0x00002000 // both
|
|
#define EDITF_SERVERUPGRADED 0x00004000 // neither
|
|
#define EDITF_ATTRIBUTEEKU 0x00008000 // Standalone
|
|
#define EDITF_ENABLEDEFAULTSMIME 0x00010000 // Enterprise
|
|
|
|
#define EDITF_DEFAULT_STANDALONE (EDITF_REQUESTEXTENSIONLIST | \
|
|
EDITF_DISABLEEXTENSIONLIST | \
|
|
EDITF_ADDOLDKEYUSAGE | \
|
|
EDITF_ATTRIBUTEENDDATE | \
|
|
EDITF_BASICCONSTRAINTSCRITICAL | \
|
|
EDITF_BASICCONSTRAINTSCA | \
|
|
EDITF_ENABLEAKIKEYID | \
|
|
EDITF_ATTRIBUTECA | \
|
|
EDITF_ATTRIBUTEEKU)
|
|
|
|
#define EDITF_DEFAULT_ENTERPRISE (EDITF_REQUESTEXTENSIONLIST | \
|
|
EDITF_DISABLEEXTENSIONLIST | \
|
|
EDITF_BASICCONSTRAINTSCRITICAL | \
|
|
EDITF_ENABLEAKIKEYID | \
|
|
EDITF_ADDOLDKEYUSAGE | \
|
|
EDITF_ENABLEDEFAULTSMIME)
|
|
|
|
|
|
//======================================================================
|
|
// Values Under "CertSvc\Configuration\<CAName>\ExitModules\<ProgId>":
|
|
|
|
// LDAP based CRL and URL issuance
|
|
#define wszREGLDAPREVOCATIONDN_OLD TEXT("LDAPRevocationDN")
|
|
#define wszREGLDAPREVOCATIONDNTEMPLATE_OLD TEXT("LDAPRevocationDNTemplate")
|
|
#define wszCRLPUBLISHRETRYCOUNT TEXT("CRLPublishRetryCount")
|
|
#define wszREGCERTPUBLISHFLAGS TEXT("PublishCertFlags")
|
|
|
|
// wszREGCERTPUBLISHFLAGS Values:
|
|
#define EXITPUB_FILE 0x00000001
|
|
#define EXITPUB_ACTIVEDIRECTORY 0x00000002
|
|
#define EXITPUB_EMAILNOTIFYALL 0x00000004
|
|
#define EXITPUB_EMAILNOTIFYSMARTCARD 0x00000008
|
|
#define EXITPUB_REMOVEOLDCERTS 0x00000010
|
|
|
|
#define EXITPUB_DEFAULT_ENTERPRISE EXITPUB_ACTIVEDIRECTORY
|
|
|
|
#define EXITPUB_DEFAULT_STANDALONE EXITPUB_FILE
|
|
|
|
// end_certsrv
|
|
|
|
//======================================================================
|
|
// KeysNotToRestore Registry Key:
|
|
|
|
#define wszREGKEYKEYSNOTTORESTORE TEXT("SYSTEM\\CurrentControlSet\\Control\\BackupRestore\\KeysNotToRestore")
|
|
|
|
// Certificate Authority = REG_MULTI_SZ "CurrentControlSet\Control\Services\CertSvc\Configuration\RestoreInProgress\\0"
|
|
|
|
#define wszREGRESTORECERTIFICATEAUTHORITY TEXT("Certificate Authority")
|
|
|
|
#define wszzREGVALUERESTORECERTIFICATEAUTHORITY \
|
|
wszREGKEYNOSYSTEMCERTSVCPATH \
|
|
TEXT("\\") \
|
|
wszREGKEYCONFIG \
|
|
TEXT("\\") \
|
|
wszREGKEYRESTOREINPROGRESS \
|
|
TEXT("\\\0")
|
|
|
|
//======================================================================
|
|
// FilesNotToRestore Registry Key:
|
|
|
|
#define wszREGKEYFILESNOTTOBACKUP TEXT("SYSTEM\\CurrentControlSet\\Control\\BackupRestore\\FilesNotToBackup")
|
|
|
|
// Certificate Authority = REG_MULTI_SZ DBFile DBLogDir DBSysDir DBTempDir
|
|
|
|
//#define wszREGRESTORECERTIFICATEAUTHORITY TEXT("Certificate Authority")
|
|
|
|
//======================================================================
|
|
// Key Manager Base Registry Key, value name and value string:
|
|
#define wszREGKEYKEYRING TEXT("SOFTWARE\\Microsoft\\KeyRing\\Parameters\\Certificate Authorities\\Microsoft Certificate Server")
|
|
#define wszREGCERTGETCONFIG TEXT("CertGetConfig")
|
|
#define wszREGCERTREQUEST TEXT("CertRequest")
|
|
|
|
// begin_certsrv
|
|
|
|
#define wszCLASS_CERTADMIN TEXT("CertificateAuthority.Admin")
|
|
#define wszCLASS_CERTCONFIG TEXT("CertificateAuthority.Config")
|
|
#define wszCLASS_CERTGETCONFIG TEXT("CertificateAuthority.GetConfig")
|
|
#define wszCLASS_CERTENCODE TEXT("CertificateAuthority.Encode")
|
|
#define wszCLASS_CERTDB TEXT("CertificateAuthority.DB") // no_certsrv
|
|
#define wszCLASS_CERTDBRESTORE TEXT("CertificateAuthority.DBRestore") // no_certsrv
|
|
#define wszCLASS_CERTREQUEST TEXT("CertificateAuthority.Request")
|
|
#define wszCLASS_CERTSERVEREXIT TEXT("CertificateAuthority.ServerExit")
|
|
#define wszCLASS_CERTSERVERPOLICY TEXT("CertificateAuthority.ServerPolicy")
|
|
#define wszCLASS_CERTVIEW TEXT("CertificateAuthority.View")
|
|
|
|
// class name templates
|
|
#define wszMICROSOFTCERTMODULE_PREFIX TEXT("CertificateAuthority_MicrosoftDefault")
|
|
#define wszCERTEXITMODULE_POSTFIX TEXT(".Exit")
|
|
#define wszCERTMANAGEEXIT_POSTFIX TEXT(".ExitManage")
|
|
#define wszCERTPOLICYMODULE_POSTFIX TEXT(".Policy")
|
|
#define wszCERTMANAGEPOLICY_POSTFIX TEXT(".PolicyManage")
|
|
|
|
// actual policy/exit manage class names
|
|
#define wszCLASS_CERTMANAGEEXITMODULE wszMICROSOFTCERTMODULE_PREFIX wszCERTMANAGEEXIT_POSTFIX
|
|
|
|
#define wszCLASS_CERTMANAGEPOLICYMODULE wszMICROSOFTCERTMODULE_PREFIX wszCERTMANAGEPOLICY_POSTFIX
|
|
|
|
// actual policy/exit class names
|
|
#define wszCLASS_CERTEXIT wszMICROSOFTCERTMODULE_PREFIX wszCERTEXITMODULE_POSTFIX
|
|
|
|
#define wszCLASS_CERTPOLICY wszMICROSOFTCERTMODULE_PREFIX wszCERTPOLICYMODULE_POSTFIX
|
|
|
|
|
|
#define wszCAPOLICYFILE L"CAPolicy.inf"
|
|
|
|
#define wszINFSECTION_CDP L"CRLDistributionPoint"
|
|
#define wszINFSECTION_AIA L"AuthorityInformationAccess"
|
|
#define wszINFSECTION_EKU L"EnhancedKeyUsageExtension"
|
|
#define wszINFSECTION_CCDP L"CrossCertificateDistributionPointsExtension"
|
|
|
|
#define wszINFSECTION_CERTSERVER L"certsrv_server"
|
|
#define wszINFKEY_RENEWALKEYLENGTH L"RenewalKeyLength"
|
|
#define wszINFKEY_RENEWALVALIDITYPERIODSTRING L"RenewalValidityPeriod"
|
|
#define wszINFKEY_RENEWALVALIDITYPERIODCOUNT L"RenewalValidityPeriodUnits"
|
|
#define wszINFKEY_UTF8 L"UTF8"
|
|
#define wszINFKEY_CRLPERIODSTRING wszREGCRLPERIODSTRING
|
|
#define wszINFKEY_CRLPERIODCOUNT wszREGCRLPERIODCOUNT
|
|
#define wszINFKEY_CRLDELTAPERIODSTRING wszREGCRLDELTAPERIODSTRING
|
|
#define wszINFKEY_CRLDELTAPERIODCOUNT wszREGCRLDELTAPERIODCOUNT
|
|
|
|
#define wszINFKEY_CRITICAL L"Critical"
|
|
#define wszINFKEY_EMPTY L"Empty"
|
|
|
|
#define wszINFKEY_CCDPSYNCDELTATIME L"SyncDeltaTime"
|
|
|
|
#define wszINFSECTION_CAPOLICY L"CAPolicy"
|
|
#define wszINFSECTION_POLICYSTATEMENT L"PolicyStatementExtension"
|
|
#define wszINFSECTION_APPLICATIONPOLICYSTATEMENT L"ApplicationPolicyStatementExtension"
|
|
#define wszINFKEY_POLICIES L"Policies"
|
|
#define wszINFKEY_OID L"OID"
|
|
#define wszINFKEY_NOTICE L"Notice"
|
|
|
|
#define wszINFSECTION_REQUESTATTRIBUTES L"RequestAttributes"
|
|
|
|
#define wszINFSECTION_NAMECONSTRAINTS L"NameConstraintsExtension"
|
|
#define wszINFKEY_INCLUDE L"Include"
|
|
#define wszINFKEY_EXCLUDE L"Exclude"
|
|
|
|
#define wszINFKEY_UPN L"UPN"
|
|
#define wszINFKEY_EMAIL L"EMail"
|
|
#define wszINFKEY_DNS L"DNS"
|
|
#define wszINFKEY_DIRECTORYNAME L"DirectoryName"
|
|
#define wszINFKEY_URL L"URL"
|
|
#define wszINFKEY_IPADDRESS L"IPAddress"
|
|
#define wszINFKEY_REGISTEREDID L"RegisteredId"
|
|
|
|
#define wszINFSECTION_POLICYMAPPINGS L"PolicyMappingsExtension"
|
|
#define wszINFSECTION_APPLICATIONPOLICYMAPPINGS L"ApplicationPolicyMappingsExtension"
|
|
|
|
#define wszINFSECTION_POLICYCONSTRAINTS L"PolicyConstraintsExtension"
|
|
#define wszINFSECTION_APPLICATIONPOLICYCONSTRAINTS L"ApplicationPolicyConstraintsExtension"
|
|
#define wszINFKEY_REQUIREEXPLICITPOLICY L"RequireExplicitPolicy"
|
|
#define wszINFKEY_INHIBITPOLICYMAPPING L"InhibitPolicyMapping"
|
|
|
|
#define wszINFSECTION_BASICCONSTRAINTS L"BasicConstraintsExtension"
|
|
#define wszINFKEY_PATHLENGTH L"PathLength"
|
|
|
|
|
|
// exit module mail support
|
|
#define wszREGEXITSMTPKEY L"SMTP"
|
|
#define wszREGEXITSMTPFROM L"From"
|
|
#define wszREGEXITSMTPCC L"CC"
|
|
#define wszREGEXITSMTPSUBJECT L"Subject"
|
|
|
|
// end_certsrv
|
|
|
|
|
|
// begin CertSrv MMC Snapin
|
|
#define wszREGKEYMGMT L"Software\\Microsoft\\MMC"
|
|
#define wszREGKEYMGMTSNAPIN wszREGKEYMGMT L"\\SnapIns"
|
|
#define wszREGKEYMGMTNODETYPES wszREGKEYMGMT L"\\NodeTypes"
|
|
#define wszSNAPINNAMESTRING L"NameString"
|
|
#define wszSNAPINNAMESTRINGINDIRECT L"NameStringIndirect"
|
|
#define wszSNAPINABOUT L"About"
|
|
#define wszSNAPINSTANDALONE L"StandAlone"
|
|
#define wszSNAPINNODETYPES L"NodeTypes"
|
|
#define wszSNAPINEXTENSIONS L"Extensions"
|
|
#define wszSNAPINNAMESPACE L"NameSpace"
|
|
#define wszSNAPINPROPERTYSHEET L"PropertySheet"
|
|
#define wszSNAPINNAMESTRINGINDIRECT_TEMPLATE L"@%s,-%d" // "@dllname, -<resource id>"
|
|
|
|
// main snapin uuid
|
|
#define wszSNAPINNODETYPE_UUID1 L"{de751566-4cc6-11d1-8ca0-00c04fc297eb}"
|
|
#define wszREGKEYMGMTSNAPINUUID1 wszREGKEYMGMTSNAPIN L"\\" wszSNAPINNODETYPE_UUID1
|
|
#define wszSNAPINNODETYPE_ABOUT L"{4653e860-4cc7-11d1-8ca0-00c04fc297eb}"
|
|
#define wszREGKEYMGMTSNAPINUUID1_STANDALONE wszREGKEYMGMTSNAPINUUID1 L"\\" wszSNAPINSTANDALONE
|
|
#define wszREGKEYMGMTSNAPINUUID1_NODETYPES wszREGKEYMGMTSNAPINUUID1 L"\\" wszSNAPINNODETYPES
|
|
|
|
#define wszSNAPINNODETYPE_1 L"{89b31b94-4cc7-11d1-8ca0-00c04fc297eb}" // cNODETYPEMACHINEINSTANCE
|
|
#define wszSNAPINNODETYPE_2 L"{5d972ee4-7576-11d1-8cbe-00c04fc297eb}" // cNODETYPESERVERINSTANCE
|
|
#define wszSNAPINNODETYPE_3 L"{5946E36C-757C-11d1-8CBE-00C04FC297EB}" // cNODETYPECRLPUBLICATION
|
|
#define wszSNAPINNODETYPE_4 L"{783E4E5F-757C-11d1-8CBE-00C04FC297EB}" // cNODETYPEISSUEDCERTS
|
|
#define wszSNAPINNODETYPE_5 L"{783E4E63-757C-11d1-8CBE-00C04FC297EB}" // cNODETYPEPENDINGCERTS
|
|
#define wszREGKEYMGMTSNAPINUUID1_NODETYPES_1 wszREGKEYMGMTSNAPINUUID1_NODETYPES L"\\" wszSNAPINNODETYPE_1
|
|
#define wszREGKEYMGMTSNAPINUUID1_NODETYPES_2 wszREGKEYMGMTSNAPINUUID1_NODETYPES L"\\" wszSNAPINNODETYPE_2
|
|
#define wszREGKEYMGMTSNAPINUUID1_NODETYPES_3 wszREGKEYMGMTSNAPINUUID1_NODETYPES L"\\" wszSNAPINNODETYPE_3
|
|
#define wszREGKEYMGMTSNAPINUUID1_NODETYPES_4 wszREGKEYMGMTSNAPINUUID1_NODETYPES L"\\" wszSNAPINNODETYPE_4
|
|
#define wszREGKEYMGMTSNAPINUUID1_NODETYPES_5 wszREGKEYMGMTSNAPINUUID1_NODETYPES L"\\" wszSNAPINNODETYPE_5
|
|
|
|
|
|
// register snapin nodetypes
|
|
#define wszREGKEYMGMTSNAPIN_NODETYPES_1 wszREGKEYMGMTNODETYPES L"\\" wszSNAPINNODETYPE_1
|
|
#define wszREGKEYMGMTSNAPIN_NODETYPES_2 wszREGKEYMGMTNODETYPES L"\\" wszSNAPINNODETYPE_2
|
|
#define wszREGKEYMGMTSNAPIN_NODETYPES_3 wszREGKEYMGMTNODETYPES L"\\" wszSNAPINNODETYPE_3
|
|
#define wszREGKEYMGMTSNAPIN_NODETYPES_4 wszREGKEYMGMTNODETYPES L"\\" wszSNAPINNODETYPE_4
|
|
#define wszREGKEYMGMTSNAPIN_NODETYPES_5 wszREGKEYMGMTNODETYPES L"\\" wszSNAPINNODETYPE_5
|
|
#define wszREGCERTSNAPIN_NODETYPES_1 L"CertSvr MMC Machine Instance"
|
|
#define wszREGCERTSNAPIN_NODETYPES_2 L"CertSvr MMC Server Instance"
|
|
#define wszREGCERTSNAPIN_NODETYPES_3 L"CertSvr MMC CRL Publication"
|
|
#define wszREGCERTSNAPIN_NODETYPES_4 L"CertSvr MMC Issued Certificates"
|
|
#define wszREGCERTSNAPIN_NODETYPES_5 L"CertSvr MMC Pending Certificates"
|
|
|
|
|
|
// restore through ini file
|
|
#define wszRESTORE_FILENAME L"CertsrvRestore"
|
|
#define wszRESTORE_SECTION L"Restore"
|
|
#define wszRESTORE_NEWLOGSUFFIX L"New"
|
|
|
|
#endif // __CSREGSTR_H__
|