mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
102 lines
2.9 KiB
102 lines
2.9 KiB
/*++
|
|
|
|
Copyright (c) 1998 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
licecert.h
|
|
|
|
Abstract:
|
|
|
|
The header file for the X509 certificates parsing and verification API
|
|
|
|
Author:
|
|
|
|
Frederick Chong (fredch) 6/1/1998
|
|
|
|
Environment:
|
|
|
|
Win32, WinCE, Win16
|
|
|
|
Notes:
|
|
|
|
--*/
|
|
|
|
#ifndef _LICE_CERT_H_
|
|
#define _LICE_CERT_H_
|
|
|
|
//-----------------------------------------------------------------------------
|
|
//
|
|
// Flags to indicate to VerifyCertChain on how should the validity dates in the
|
|
// certificate chain be handled.
|
|
//
|
|
//-----------------------------------------------------------------------------
|
|
|
|
#define CERT_DATE_ERROR_IF_INVALID 0x00000001
|
|
#define CERT_DATE_WARN_IF_INVALID 0x00000002
|
|
#define CERT_DATE_DONT_VALIDATE 0x00000003
|
|
|
|
#define CERT_DATE_OK 0x00000004
|
|
#define CERT_DATE_NOT_BEFORE_INVALID 0x00000005
|
|
#define CERT_DATE_NOT_AFTER_INVALID 0x00000006
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
//+----------------------------------------------------------------------------
|
|
//
|
|
// Function:
|
|
//
|
|
// VerifyCertChain
|
|
//
|
|
// Abstract:
|
|
//
|
|
// Verifies a chain of X509 certificates
|
|
//
|
|
// Parameters:
|
|
//
|
|
// pbCert - The certificate chain to verify
|
|
// cbCert - Size of the certificate chain
|
|
// pbPublicKey - The memory to store the public key of the subject on output.
|
|
// If set to NULL on input, the API will return
|
|
// LICENSE_STATUS_INSUFFICIENT_BUFFER and the size of the
|
|
// required buffer set in pcbPublicKey.
|
|
// pcbPublicKey - Size of the allocated memory on input. On output, contains
|
|
// the actual size of the public key.
|
|
// pfDates - How the API should check the validity dates in the cert chain.
|
|
// This flag may be set to the following values:
|
|
//
|
|
// CERT_DATE_ERROR_IF_INVALID - The API will return an error if the
|
|
// dates are invalid. When the API returns,
|
|
// this flag will be set to CERT_DATE_OK if the
|
|
// dates are OK or one of CERT_DATE_NOT_BEFORE_INVALID
|
|
// or CERT_DATE_NOT_AFTER_INVALID.
|
|
// CERT_DATE_DONT_VALIDATE - Don't validate the dates in the cert chain. The value
|
|
// in this flag is not changed when the API returns.
|
|
// CERT_DATE_WARN_IF_INVALID - Don't return an error for invalid cert dates.
|
|
// When the API returns, this flag will be set to
|
|
// CERT_DATE_OK if the dates are OK or one of
|
|
// CERT_DATE_NOT_BEFORE_INVALID or
|
|
// CERT_DATE_NOT_AFTER_INVALID.
|
|
//
|
|
// Return:
|
|
//
|
|
// LICENSE_STATUS_OK if the function is successful.
|
|
//
|
|
//+----------------------------------------------------------------------------
|
|
|
|
LICENSE_STATUS
|
|
VerifyCertChain(
|
|
LPBYTE pbCert,
|
|
DWORD cbCert,
|
|
LPBYTE pbPublicKey,
|
|
LPDWORD pcbPublicKey,
|
|
LPDWORD pfDate );
|
|
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif
|