Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

381 lines
17 KiB

//depot/Lab03_N/DS/security/cryptoapi/common/keysvc/keysvc.idl#7 - edit change 8790 (text)
//depot/Lab03_N/DS/security/cryptoapi/common/keysvc/keysvc.idl#4 - edit change 6380 (text)
//+-------------------------------------------------------------------------
//
// Microsoft Windows
//
// Copyright (C) Microsoft Corporation, 1997 - 1999
//
// File: keysvc.idl
//
//--------------------------------------------------------------------------
import "unknwn.idl";
import "basetsd.h";
////////////////////////////
// Interfaces
[
uuid(8d0ffe72-d252-11d0-bf8f-00c04fd9126b),
version(1.0),
pointer_default(unique)
]
interface IKeySvc
{
typedef struct _KEYSVC_UNICODE_STRING {
USHORT Length;
USHORT MaximumLength;
//#ifdef MIDL_PASS
[size_is(MaximumLength / 2), length_is((Length) / 2) ]
//#endif // MIDL_PASS
USHORT *Buffer;
} KEYSVC_UNICODE_STRING, *PKEYSVC_UNICODE_STRING;
typedef enum _KEYSVC_TYPE {
KeySvcMachine,
KeySvcService
} KEYSVC_TYPE;
typedef enum _KEYSVC_DEFTYPE {
DefUserProv,
DefMachineProv
} KEYSVC_DEFTYPE;
typedef ULONG KEYSVC_HANDLE, *PKEYSVC_HANDLE;
typedef struct _KEYSVC_BLOB {
ULONG cb;
[size_is(cb), length_is(cb)]
BYTE *pb;
} KEYSVC_BLOB, *PKEYSVC_BLOB;
// provider type and provider information
typedef struct _KEYSVC_PROVIDER_INFO {
KEYSVC_UNICODE_STRING Name;
ULONG Flags;
ULONG ProviderType;
} KEYSVC_PROVIDER_INFO, *PKEYSVC_PROVIDER_INFO;
// key information structures
typedef struct _KEY_ID {
ULONG Algid;
ULONG dwKeySpec;
} KEY_ID, *PKEY_ID;
typedef struct _KEYSVC_KEY_INFO {
KEYSVC_UNICODE_STRING KeyName;
KEY_ID KeyID;
} KEYSVC_KEY_INFO, *PKEYSVC_KEY_INFO;
typedef struct _KEYSVC_KEYS {
KEYSVC_UNICODE_STRING KeyName;
ULONG cKeyIDs;
//#ifdef MIDL_PASS
[size_is(cKeyIDs), length_is(cKeyIDs) ]
//#endif
PKEY_ID pKeyIDs;
} KEYSVC_KEYS, *PKEYSVC_KEYS;
typedef enum _KEYSVC_INFOTYPE {
KeySvcPublicKey,
KeySvcVerifyHaveKey
} KEYSVC_INFOTYPE;
typedef struct _KEYSVC_RSAINFO {
ULONG Algid;
ULONG cbHash;
BYTE rgbHash[40];
} KEYSVC_RSAINFO;
typedef struct _KEYSVC_CERT_HASH {
BYTE rgb[20];
} KEYSVC_CERT_HASH;
typedef struct _KEYSVC_CERT_INFO {
PKEYSVC_BLOB pCert;
KEYSVC_CERT_HASH CertHash;
KEYSVC_UNICODE_STRING KeyName;
} KEYSVC_CERT_INFO, *PKEYSVC_CERT_INFO;
//
typedef struct _KEYSVC_CERT_REQUEST_PVK_NEW {
ULONG ulProvType; //Optional: The provider type. If this field
// is 0, pwszProvider is ignored
KEYSVC_UNICODE_STRING Provider; //Optional: The name of the provider.
// NULL means the default
ULONG ulProviderFlags; //Optional: The flag passed to CryptAcquireContext
KEYSVC_UNICODE_STRING KeyContainer; //Optional: The private key container. If this value is NULL,
// a new key container will be generated. Its name is guaranteed
// to be unique.
ULONG ulKeySpec; //Optional: The key specification of the private key
ULONG ulGenKeyFlags; //Optional: The flags for CryptGenKey
} KEYSVC_CERT_REQUEST_PVK_NEW, *PKEYSVC_CERT_REQUEST_PVK_NEW;
typedef struct _KEYSVC_CERT_REQUEST_PVK_NEW_V2 {
ULONG ulProvType; //Optional: The provider type. If this field
// is 0, pwszProvider is ignored
KEYSVC_UNICODE_STRING Provider; //Optional: The name of the provider.
// NULL means the default
ULONG ulProviderFlags; //Optional: The flag passed to CryptAcquireContext
KEYSVC_UNICODE_STRING KeyContainer; //Optional: The private key container. If this value is NULL,
// a new key container will be generated. Its name is guaranteed
// to be unique.
ULONG ulKeySpec; //Optional: The key specification of the private key
ULONG ulGenKeyFlags; //Optional: The flags for CryptGenKey
ULONG ulEnrollmentFlags; //Optional: The enrollment cert type flags
ULONG ulSubjectNameFlags; //Optional: The subject name cert type flags
ULONG ulPrivateKeyFlags; //Optional: The private key cert type flags
ULONG ulGeneralFlags; //Optional: The general cert type flags
} KEYSVC_CERT_REQUEST_PVK_NEW_V2, *PKEYSVC_CERT_REQUEST_PVK_NEW_V2;
typedef struct _KEYSVC_CERT_BLOB {
DWORD cbData;
//#ifdef MIDL_PASS
[size_is(cbData), length_is(cbData) ]
//#endif
BYTE *pbData;
} KEYSVC_CERT_BLOB, *PKEYSVC_CERT_BLOB;
typedef struct _KEYSVC_CERT_EXTENSION {
LPSTR pszObjId;
BOOL fCritical;
DWORD cbData;
//#ifdef MIDL_PASS
[size_is(cbData), length_is(cbData) ]
//#endif
BYTE *pbData;
// KEYSVC_CERT_BLOB Value;
} KEYSVC_CERT_EXTENSION, *PKEYSVC_CERT_EXTENSION;
typedef struct _KEYSVC_CERT_EXTENSIONS {
ULONG cExtension;
//#ifdef MIDL_PASS
[size_is(cExtension), length_is(cExtension) ]
//#endif
KEYSVC_CERT_EXTENSION *rgExtension;
} KEYSVC_CERT_EXTENSIONS, *PKEYSVC_CERT_EXTENSIONS;
typedef struct _KEYSVC_CERT_ENROLL_INFO
{
KEYSVC_UNICODE_STRING UsageOID;
KEYSVC_UNICODE_STRING CertDNName;
ULONG ulPostOption; //Required: A bit wise OR of the following value:
// REQUEST_POST_ON_DS
// REQUEST_POST_ON_CSP
KEYSVC_UNICODE_STRING FriendlyName; //Optional: The friendly name of the certificate
KEYSVC_UNICODE_STRING Description; //Optional: The description of the certificate
KEYSVC_UNICODE_STRING Attributes; //Optional: Attributes for certificate request
ULONG cExtensions;
//#ifdef MIDL_PASS
[size_is(cExtensions), length_is(cExtensions) ]
//#endif
PKEYSVC_CERT_EXTENSIONS *prgExtensions;
}KEYSVC_CERT_ENROLL_INFO, *PKEYSVC_CERT_ENROLL_INFO;
typedef struct _KEYSVC_OPEN_KEYSVC_INFO {
ULONG ulSize; // For struct versioning
ULONG ulVersion;
}KEYSVC_OPEN_KEYSVC_INFO, *PKEYSVC_OPEN_KEYSVC_INFO;
typedef struct _KEYSVC_QUERY_CERT_REQUEST_INFO {
ULONG ulSize; // sizeof(CRYPTUI_WIZ_QUERY_CERT_REQUEST_INFO)
ULONG ulStatus; // set of flags, see below
} KEYSVC_QUERY_CERT_REQUEST_INFO, *PKEYSVC_QUERY_CERT_REQUEST_INFO;
ULONG KeyrOpenKeyService(
[in] handle_t hRPCBinding,
[in] KEYSVC_TYPE OwnerType,
[in] PKEYSVC_UNICODE_STRING pOwnerName,
[in] ULONG ulDesiredAccess,
[in] PKEYSVC_BLOB pAuthentication,
[in, out] PKEYSVC_BLOB *ppReserved,
[out] KEYSVC_HANDLE *phKeySvc);
ULONG KeyrEnumerateProviders(
[in] handle_t hRPCBinding,
[in] KEYSVC_HANDLE hKeySvc,
[in, out] PKEYSVC_BLOB *ppReserved,
[in, out] ULONG *pcProviderCount,
[in, out][size_is(,*pcProviderCount)]
PKEYSVC_PROVIDER_INFO *ppProviders);
ULONG KeyrEnumerateProviderTypes(
[in] handle_t hRPCBinding,
[in] KEYSVC_HANDLE hKeySvc,
[in, out] PKEYSVC_BLOB *ppReserved,
[in, out] ULONG *pcProviderCount,
[in, out][size_is(,*pcProviderCount)]
PKEYSVC_PROVIDER_INFO *ppProviders);
ULONG KeyrEnumerateProvContainers(
[in] handle_t hRPCBinding,
[in] KEYSVC_HANDLE hKeySvc,
[in] KEYSVC_PROVIDER_INFO Provider,
[in, out] PKEYSVC_BLOB *ppReserved,
[in, out] ULONG *pcContainerCount,
[in, out][size_is(,*pcContainerCount)]
PKEYSVC_UNICODE_STRING *ppContainers);
ULONG KeyrCloseKeyService(
[in] handle_t hRPCBinding,
[in] KEYSVC_HANDLE hKeySvc,
[in, out] PKEYSVC_BLOB *ppReserved);
ULONG KeyrGetDefaultProvider(
[in] handle_t hRPCBinding,
[in] KEYSVC_HANDLE hKeySvc,
[in] ULONG ulProvType,
[in] ULONG ulFlags,
[in, out] PKEYSVC_BLOB *ppReserved,
[out] ULONG *pulDefType,
[out] PKEYSVC_PROVIDER_INFO *ppProvider);
ULONG KeyrSetDefaultProvider(
[in] handle_t hRPCBinding,
[in] KEYSVC_HANDLE hKeySvc,
[in] ULONG ulFlags,
[in, out] PKEYSVC_BLOB *ppReserved,
[in] KEYSVC_PROVIDER_INFO Provider);
ULONG KeyrEnroll(
[in] handle_t hRPCBinding,
[in] BOOL fKeyService, //IN Required: Whether the function is called remotely
[in] ULONG ulPurpose, //IN Required: Specify the purpose - enrollment/renewal
[in] PKEYSVC_UNICODE_STRING pAcctName, //IN Optional: Account name the service runs under
[in] PKEYSVC_UNICODE_STRING pCALocation, //IN Required: The ca machine name
[in] PKEYSVC_UNICODE_STRING pCAName, //IN Required: The ca name
[in] BOOL fNewKey, //IN Required: Set the TRUE if new private key is needed
[in] PKEYSVC_CERT_REQUEST_PVK_NEW pKeyNew, //IN Required: The private key information
[in] PKEYSVC_BLOB pCert, //IN Optional: The old cert when renewing
[in] PKEYSVC_CERT_REQUEST_PVK_NEW pRenewKey, //IN Optional: The new private key information when renewing
[in] PKEYSVC_UNICODE_STRING pHashAlg, //IN Optional: The hash algorithm
[in] PKEYSVC_UNICODE_STRING pDesStore, //IN Optional: The destination store
[in] ULONG ulStoreFlags, //IN Optional: Flags for cert store
[in] PKEYSVC_CERT_ENROLL_INFO pRequestInfo, //IN Required: The information about the cert request
[in] ULONG ulFlags, //IN Reserved: Should be 0
[in, out] PKEYSVC_BLOB *ppReserved,
[out] PKEYSVC_BLOB *ppPKCS7Blob, //OUT Optional: The PKCS7 from the CA
[out] PKEYSVC_BLOB *ppHashBlob, //OUT Optioanl: The SHA1 hash of the enrolled/renewed certificate
[out] ULONG *pulStatus); //OUT Optional: The status of the enrollment/renewal
ULONG KeyrExportCert(
[in] handle_t hRPCBinding,
[in] KEYSVC_HANDLE hKeySvc,
[in] PKEYSVC_UNICODE_STRING pPassword,
[in] PKEYSVC_UNICODE_STRING pCertStore,
[in] ULONG cHashCount,
[in][size_is(cHashCount)]
KEYSVC_CERT_HASH *pHashes,
[in] ULONG ulFlags,
[in, out] PKEYSVC_BLOB *ppReserved,
[out] PKEYSVC_BLOB *ppPFXBlob);
ULONG KeyrImportCert(
[in] handle_t hRPCBinding,
[in] KEYSVC_HANDLE hKeySvc,
[in] PKEYSVC_UNICODE_STRING pPassword,
[in] PKEYSVC_UNICODE_STRING pCertStore,
[in] PKEYSVC_BLOB pPFXBlob,
[in] ULONG ulFlags,
[in, out] PKEYSVC_BLOB *ppReserved);
ULONG KeyrEnumerateAvailableCertTypes(
[in] handle_t hRPCBinding,
[in] KEYSVC_HANDLE hKeySvc,
[in, out] PKEYSVC_BLOB *ppReserved,
[in, out] ULONG *pcCertTypeCount,
[in, out][size_is(,*pcCertTypeCount)]
PKEYSVC_UNICODE_STRING *ppCertTypes);
ULONG KeyrEnumerateCAs(
[in] handle_t hRPCBinding,
[in] KEYSVC_HANDLE hKeySvc,
[in, out] PKEYSVC_BLOB *ppReserved,
[in] ULONG ulFlags,
[in, out] ULONG *pcCACount,
[in, out][size_is(,*pcCACount)]
PKEYSVC_UNICODE_STRING *ppCAs);
ULONG KeyrEnroll_V2(
[in] handle_t hRPCBinding,
[in] BOOL fKeyService, //IN Required: Whether the function is called remotely
[in] ULONG ulPurpose, //IN Required: Specify the purpose - enrollment/renewal
[in] ULONG ulFlags, //IN Required: Enrollment flags.
[in] PKEYSVC_UNICODE_STRING pAcctName, //IN Optional: Account name the service runs under
[in] PKEYSVC_UNICODE_STRING pCALocation, //IN Required: The ca machine name
[in] PKEYSVC_UNICODE_STRING pCAName, //IN Required: The ca name
[in] BOOL fNewKey, //IN Required: Set the TRUE if new private key is needed
[in] PKEYSVC_CERT_REQUEST_PVK_NEW_V2 pKeyNew, //IN Required: The private key information
[in] PKEYSVC_BLOB pCert, //IN Optional: The old cert when renewing
[in] PKEYSVC_CERT_REQUEST_PVK_NEW_V2 pRenewKey, //IN Optional: The new private key information when renewing
[in] PKEYSVC_UNICODE_STRING pHashAlg, //IN Optional: The hash algorithm
[in] PKEYSVC_UNICODE_STRING pDesStore, //IN Optional: The destination store
[in] ULONG ulStoreFlags, //IN Optional: Flags for cert store
[in] PKEYSVC_CERT_ENROLL_INFO pRequestInfo, //IN Required: The information about the cert request
[in] ULONG ulReservedFlags, //IN Reserved: Must be 0.
[in, out] PKEYSVC_BLOB *ppReserved, //IN OUT Reserved: Must be NULL.
[in, out] PKEYSVC_BLOB *phRequest, //OUT Optional: The HANDLE to a created request (in 3-stage enrollment)
[out] PKEYSVC_BLOB *ppPKCS7Blob, //OUT Optional: The PKCS7 from the CA
[out] PKEYSVC_BLOB *ppHashBlob, //OUT Optioanl: The SHA1 hash of the enrolled/renewed certificate
[out] ULONG *pulStatus); //OUT Optional: The status of the enrollment/renewal
ULONG KeyrQueryRequestStatus
([in] handle_t hRPCBinding,
[in] unsigned __int64 hRequest,
[out, ref] KEYSVC_QUERY_CERT_REQUEST_INFO *pQueryInfo);
}
[
uuid(a3b749b1-e3d0-4967-a521-124055d1c37d),
version(1.0),
pointer_default(unique)
]
interface IKeySvcR // Remote keysvc
{
ULONG RKeyrOpenKeyService
([in] handle_t hRPCBinding,
[in] KEYSVC_TYPE OwnerType,
[in] PKEYSVC_UNICODE_STRING pOwnerName,
[in] ULONG ulDesiredAccess,
[in] PKEYSVC_BLOB pAuthentication,
[in, out] PKEYSVC_BLOB *ppReserved,
[out] KEYSVC_HANDLE *phKeySvc);
ULONG RKeyrCloseKeyService
([in] handle_t hRPCBinding,
[in] KEYSVC_HANDLE hKeySvc,
[in, out] PKEYSVC_BLOB *ppReserved);
ULONG RKeyrPFXInstall
([in] handle_t hRPCBinding,
[in] PKEYSVC_BLOB pPFX,
[in] PKEYSVC_UNICODE_STRING pPassword,
[in] ULONG ulFlags);
}
// Define version constants.
cpp_quote("#define KEYSVC_VERSION_W2K 0x0001")
cpp_quote("#define KEYSVC_VERSION_WHISTLER 0x0002")