Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

102 lines
2.9 KiB

/*++
Copyright (c) 1998 Microsoft Corporation
Module Name:
licecert.h
Abstract:
The header file for the X509 certificates parsing and verification API
Author:
Frederick Chong (fredch) 6/1/1998
Environment:
Win32, WinCE, Win16
Notes:
--*/
#ifndef _LICE_CERT_H_
#define _LICE_CERT_H_
//-----------------------------------------------------------------------------
//
// Flags to indicate to VerifyCertChain on how should the validity dates in the
// certificate chain be handled.
//
//-----------------------------------------------------------------------------
#define CERT_DATE_ERROR_IF_INVALID 0x00000001
#define CERT_DATE_WARN_IF_INVALID 0x00000002
#define CERT_DATE_DONT_VALIDATE 0x00000003
#define CERT_DATE_OK 0x00000004
#define CERT_DATE_NOT_BEFORE_INVALID 0x00000005
#define CERT_DATE_NOT_AFTER_INVALID 0x00000006
#ifdef __cplusplus
extern "C" {
#endif
//+----------------------------------------------------------------------------
//
// Function:
//
// VerifyCertChain
//
// Abstract:
//
// Verifies a chain of X509 certificates
//
// Parameters:
//
// pbCert - The certificate chain to verify
// cbCert - Size of the certificate chain
// pbPublicKey - The memory to store the public key of the subject on output.
// If set to NULL on input, the API will return
// LICENSE_STATUS_INSUFFICIENT_BUFFER and the size of the
// required buffer set in pcbPublicKey.
// pcbPublicKey - Size of the allocated memory on input. On output, contains
// the actual size of the public key.
// pfDates - How the API should check the validity dates in the cert chain.
// This flag may be set to the following values:
//
// CERT_DATE_ERROR_IF_INVALID - The API will return an error if the
// dates are invalid. When the API returns,
// this flag will be set to CERT_DATE_OK if the
// dates are OK or one of CERT_DATE_NOT_BEFORE_INVALID
// or CERT_DATE_NOT_AFTER_INVALID.
// CERT_DATE_DONT_VALIDATE - Don't validate the dates in the cert chain. The value
// in this flag is not changed when the API returns.
// CERT_DATE_WARN_IF_INVALID - Don't return an error for invalid cert dates.
// When the API returns, this flag will be set to
// CERT_DATE_OK if the dates are OK or one of
// CERT_DATE_NOT_BEFORE_INVALID or
// CERT_DATE_NOT_AFTER_INVALID.
//
// Return:
//
// LICENSE_STATUS_OK if the function is successful.
//
//+----------------------------------------------------------------------------
LICENSE_STATUS
VerifyCertChain(
LPBYTE pbCert,
DWORD cbCert,
LPBYTE pbPublicKey,
LPDWORD pcbPublicKey,
LPDWORD pfDate );
#ifdef __cplusplus
}
#endif
#endif