588 lines
23 KiB
C
588 lines
23 KiB
C
|
/*++
|
||
|
|
||
|
Copyright (c) 1995 Microsoft Corporation
|
||
|
|
||
|
Module Name:
|
||
|
|
||
|
PKCSlib
|
||
|
|
||
|
Abstract:
|
||
|
|
||
|
This header file describes the services and definitions necessary to use the
|
||
|
Crypto Certificate API.
|
||
|
|
||
|
Author:
|
||
|
|
||
|
Doug Barlow (dbarlow) 8/17/1995
|
||
|
|
||
|
Environment:
|
||
|
|
||
|
Win32, Crypto API
|
||
|
|
||
|
Notes:
|
||
|
|
||
|
Current X.509 Support Level : V3
|
||
|
Current PKCS Support Level : V1
|
||
|
|
||
|
--*/
|
||
|
|
||
|
#ifndef _PKCSLIB_H_
|
||
|
#define _PKCSLIB_H_
|
||
|
|
||
|
#include <wincrypt.h>
|
||
|
|
||
|
#ifdef _cplusplus
|
||
|
extern "C" {
|
||
|
#endif
|
||
|
|
||
|
#ifndef PKCSDLLAPI
|
||
|
#define PKCSDLLAPI
|
||
|
#endif
|
||
|
|
||
|
typedef const void *
|
||
|
PKCSHANDLE;
|
||
|
|
||
|
|
||
|
//
|
||
|
//==============================================================================
|
||
|
//
|
||
|
// Attribute List services.
|
||
|
//
|
||
|
// Also see the list of standard Attribute types, below.
|
||
|
//
|
||
|
|
||
|
typedef PKCSHANDLE
|
||
|
ATTRIBLISTHANDLE; // Reference handle type.
|
||
|
typedef ATTRIBLISTHANDLE
|
||
|
*PATTRIBLISTHANDLE, // Pointers to reference handles.
|
||
|
*LPATTRIBLISTHANDLE;
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsAttributeListCreate(
|
||
|
OUT LPATTRIBLISTHANDLE hAtrList); // Handle for future reference.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsAttributeListClose(
|
||
|
IN ATTRIBLISTHANDLE hAtrList); // The handle to the attrList to discard
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsAttributeListAdd(
|
||
|
IN ATTRIBLISTHANDLE hAtrList, // The reference handle to the List.
|
||
|
IN LPCTSTR szAtrType, // The Object Identifier of the attribute
|
||
|
IN const BYTE * pbAtrValue); // The Value of the ASN.1 encoded attribute
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsAttributeListLookup(
|
||
|
IN ATTRIBLISTHANDLE hAtrList, // The reference handle to the List.
|
||
|
IN LPCTSTR szAtrType, // The Object Identifier of the attribute
|
||
|
OUT LPBYTE pbAtrValue, // The value of the attribute
|
||
|
IN OUT LPDWORD pcbAtrValLen); // The length of the pbAtrValue buffer
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsAttributeListContents(
|
||
|
IN ATTRIBLISTHANDLE hAtrList, // The reference handle to the List.
|
||
|
OUT LPTSTR mszAtrTypes, // The Object Identifier list
|
||
|
IN OUT LPDWORD pcbAtrTypesLen); // The length of the mszAtrTypes buffer
|
||
|
|
||
|
//
|
||
|
// ?Q? - Is there any need for a remove service?
|
||
|
//
|
||
|
|
||
|
|
||
|
//
|
||
|
//==============================================================================
|
||
|
//
|
||
|
// X.509 v3 Certificate Extension List services.
|
||
|
//
|
||
|
// ?TODO?
|
||
|
//
|
||
|
|
||
|
typedef PKCSHANDLE
|
||
|
EXTENSIONLISTHANDLE; // Reference handle type.
|
||
|
typedef EXTENSIONLISTHANDLE
|
||
|
*PEXTENSIONLISTHANDLE, // Pointers to reference handles.
|
||
|
*LPEXTENSIONLISTHANDLE;
|
||
|
|
||
|
|
||
|
//
|
||
|
//==============================================================================
|
||
|
//
|
||
|
// Subject services. To use these services, you must have created a
|
||
|
// key, either directly via the CryptoAPI, or via the
|
||
|
// convenience service PkcsCreateSubject.
|
||
|
//
|
||
|
|
||
|
typedef PKCSHANDLE
|
||
|
SUBJECTHANDLE; // Reference handle type.
|
||
|
typedef SUBJECTHANDLE
|
||
|
*PSUBJECTHANDLE, // Pointers to reference handles.
|
||
|
*LPSUBJECTHANDLE;
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsSetDNamePrefix(
|
||
|
IN DWORD dwStore, // The Certificate Store.
|
||
|
IN LPCTSTR szPrefix); // The Prefix to set.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsSubjectCreate(
|
||
|
OUT LPSUBJECTHANDLE phSubject, // Handle for future reference
|
||
|
IN LPCTSTR szKeySet, // What to name the new Subject keyset
|
||
|
IN LPCTSTR szProvider, // The specific name of the CSP, or Blank
|
||
|
IN DWORD dwKeyType, // Specifies the type of key
|
||
|
IN DWORD dwProvType, // Should be PROV_RSA_FULL
|
||
|
IN ALG_ID algPref, // Suggest optional algorithm preferences
|
||
|
IN DWORD dwStore); // Store Id or zero.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsSubjectOpen(
|
||
|
OUT LPSUBJECTHANDLE phSubject, // Handle for future reference
|
||
|
IN LPCTSTR szKeySet, // The name of the Subject keyset
|
||
|
IN LPCTSTR szProvider, // The specific name of the CSP, or Blank
|
||
|
IN DWORD dwKeyType, // Specifies the type of key
|
||
|
IN DWORD dwProvType, // Should be PROV_RSA_FULL
|
||
|
IN ALG_ID algPref, // Suggest optional algorithm preferences
|
||
|
IN DWORD dwStore); // Store Id or zero.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsSubjectSign(
|
||
|
IN SUBJECTHANDLE hSubject, // The reference handle to the Subject
|
||
|
IN const BYTE *pbData, // The data to be signed
|
||
|
IN DWORD cbDataLen, // The length of the data to be signed
|
||
|
IN LPCTSTR szComment, // Comment string associated with signature
|
||
|
OUT LPBYTE pbSignature, // Buffer to receive the signature
|
||
|
IN OUT LPDWORD pcbSigLen); // Length of the pbSignature buffer.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsSubjectClose(
|
||
|
IN SUBJECTHANDLE hSubject); // The reference handle to the Subject
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsSubjectDelete(
|
||
|
IN SUBJECTHANDLE hSubject); // The handle to the Subject to remove
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsSubjectRequestCertification(
|
||
|
IN SUBJECTHANDLE hSubject, // The reference handle to the Subject
|
||
|
IN ATTRIBLISTHANDLE hAtrList, // reference to subject attributes, if any
|
||
|
OUT LPBYTE pbCertReq, // Buffer to receive certificate request
|
||
|
IN OUT LPDWORD pcbCertReqLen); // Length of pbCertReq buffer
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsSubjectDistinguishedName(
|
||
|
IN SUBJECTHANDLE hSubject, // The reference handle to the Subject
|
||
|
OUT LPTSTR szDname, // Buffer to receive the distinguished name
|
||
|
IN OUT LPDWORD pcbDnameLen); // Length of pbCertReq buffer
|
||
|
|
||
|
//
|
||
|
// ?TODO? - Need to attach an X.509 v2 UniqueIdentifier to the Subject.
|
||
|
// ?HOW? - Can we attach an X.509 v2 UniqueIdentifier to the request?
|
||
|
//
|
||
|
|
||
|
|
||
|
//
|
||
|
//==============================================================================
|
||
|
//
|
||
|
// Issuer services. To use these services, you must have created an
|
||
|
// AT_SIGNATURE key, either directly via the CryptoAPI, or via the
|
||
|
// convienience service PkcsCreateIssuer, and you will be certifying
|
||
|
// other's keys.
|
||
|
//
|
||
|
|
||
|
typedef PKCSHANDLE
|
||
|
ISSUERHANDLE; // Reference handle type.
|
||
|
typedef ISSUERHANDLE
|
||
|
*PISSUERHANDLE, // Pointers to reference handles.
|
||
|
*LPISSUERHANDLE;
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsIssuerCreate(
|
||
|
OUT LPISSUERHANDLE phIssuer, // Handle for future reference
|
||
|
IN LPCTSTR szKeySet, // What to name the new Issuer keyset
|
||
|
IN LPCTSTR szProvider, // The specific name of the CSP, or Blank
|
||
|
IN DWORD dwProvType, // Should be PROV_RSA_FULL
|
||
|
IN ALG_ID algPref, // Suggest optional algorithm preferences
|
||
|
IN DWORD dwStore); // Store Id or zero.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsIssuerOpen(
|
||
|
OUT LPISSUERHANDLE phIssuer, // Handle for future reference
|
||
|
IN LPCTSTR szKeySet, // The name of the Issuer keyset
|
||
|
IN LPCTSTR szProvider, // The specific name of the CSP, or Blank
|
||
|
IN DWORD dwProvType, // Should be PROV_RSA_FULL
|
||
|
IN ALG_ID algPref, // Suggest optional algorithm preferences
|
||
|
IN DWORD dwStore); // Store Id or zero.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsIssuerClose(
|
||
|
IN ISSUERHANDLE hIssuer); // The reference handle to the Issuer
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsIssuerDelete(
|
||
|
IN ISSUERHANDLE hIssuer); // The handle to the Issuer to remove
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsIssuerRequestCertification(
|
||
|
IN ISSUERHANDLE hIssuer, // The reference handle to the Issuer
|
||
|
IN ATTRIBLISTHANDLE hAtrList, // reference to issuer attributes, if any
|
||
|
OUT LPBYTE pbCertReq, // Buffer to receive the certificate request
|
||
|
IN OUT LPDWORD pcbCertReqLen); // Length of the pbCertReq buffer
|
||
|
|
||
|
//
|
||
|
// ?TODO? - Need to attach an X.509 v2 UniqueIdentifier to the Issuer.
|
||
|
// It would be nice to get at the X.509 name. Other info?
|
||
|
// ?HOW? - How can we attach an X.509 v2 UniqueIdentifier to the request?
|
||
|
//
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsIssuerIssueLocalCA(
|
||
|
IN ISSUERHANDLE hIssuer, // The reference handle to the Issuer
|
||
|
OUT LPBYTE pbCert, // Buffer to receive certificate
|
||
|
IN OUT LPDWORD pcbCertLen); // Length of the pbCert buffer.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsIssuerCertify(
|
||
|
IN ISSUERHANDLE hIssuer, // The reference handle to the Issuer
|
||
|
IN const BYTE *pbCertReq, // Buffer containing the certificate request
|
||
|
IN const BYTE *pbSerialNo, // Serial number to assign to certificate
|
||
|
IN DWORD cbSerialNoLen, // Length of the serial number
|
||
|
IN LPFILETIME pftStartDate, // Effective date of the certificate
|
||
|
IN LPFILETIME pftEndDate, // Termination date of the certificate
|
||
|
OUT LPBYTE pbCert, // Buffer to receive the certificate
|
||
|
IN OUT LPDWORD pcbCertLen); // Length of the pbCert buffer.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsIssuerRecertify(
|
||
|
IN ISSUERHANDLE hIssuer, // The reference handle to the Issuer
|
||
|
IN const BYTE *pbInCert, // Buffer containing the old certificate
|
||
|
IN const BYTE *pbSerialNo, // Serial number to assign to certificate
|
||
|
IN DWORD cbSerialNoLen, // Length of the serial number
|
||
|
IN LPFILETIME pftStartDate, // Effective date of the certificate
|
||
|
IN LPFILETIME pftEndDate, // Termination date of the certificate
|
||
|
OUT LPBYTE pbOutCert, // Buffer to receive the certificate
|
||
|
IN OUT LPDWORD pcbCertLen); // Length of the pbCert buffer.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsIssuerDistinguishedName(
|
||
|
IN ISSUERHANDLE hIssuer, // The reference handle to the Issuer
|
||
|
OUT LPTSTR szDname, // Buffer to receive the distinguished name
|
||
|
IN OUT LPDWORD pcbDnameLen); // Length of pbCertReq buffer
|
||
|
|
||
|
//
|
||
|
// ?HOW? - How do we get the Issuer's UniqueIdentifier?
|
||
|
// How do we attach X.509 v3 Extensions to the certificate?
|
||
|
//
|
||
|
|
||
|
|
||
|
//
|
||
|
//==============================================================================
|
||
|
//
|
||
|
// CRL services.
|
||
|
//
|
||
|
|
||
|
typedef PKCSHANDLE
|
||
|
CRLHANDLE; // Reference handle type.
|
||
|
typedef CRLHANDLE
|
||
|
*PCRLHANDLE, // Pointers to reference handles.
|
||
|
*LPCRLHANDLE;
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCrlCreate(
|
||
|
OUT LPCRLHANDLE phCrl, // Handle for future reference
|
||
|
IN ISSUERHANDLE hIssuer); // Handle of controlling issuer
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCrlLoad(
|
||
|
OUT LPCRLHANDLE phCrl, // Handle for future reference
|
||
|
IN ISSUERHANDLE hIssuer, // Handle of controlling issuer
|
||
|
IN const BYTE *pbCrl); // Buffer containing the CRL.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCrlRevoke(
|
||
|
IN CRLHANDLE hCrl, // The reference handle to the CRL
|
||
|
IN const BYTE *pbSerialNo, // Serial number of certificate to revoke
|
||
|
IN DWORD cbSerialNoLen, // Length of the serial number
|
||
|
IN LPFILETIME pfmStartDate); // Effective date of revokation
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCrlIssue(
|
||
|
IN CRLHANDLE hCrl, // The reference handle to the CRL
|
||
|
IN LPFILETIME pftEndDate, // Termination date of the CRL
|
||
|
OUT LPBYTE pbCrl, // Buffer to receive the CRL
|
||
|
IN OUT LPDWORD pcbCrlLen); // Length of the pbCrl buffer
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCrlClose(
|
||
|
IN CRLHANDLE hCrl); // The reference handle to the Crl
|
||
|
|
||
|
//
|
||
|
// ?HOW? - How do we attach X.509 CRL v2 Extensions to the revokee?
|
||
|
//
|
||
|
|
||
|
|
||
|
//
|
||
|
//==============================================================================
|
||
|
//
|
||
|
// Certificate services.
|
||
|
//
|
||
|
|
||
|
typedef PKCSHANDLE
|
||
|
CERTIFICATEHANDLE; // Reference handle type.
|
||
|
typedef CERTIFICATEHANDLE
|
||
|
*PCERTIFICATEHANDLE, // Pointers to reference handles.
|
||
|
*LPCERTIFICATEHANDLE;
|
||
|
|
||
|
#define CERT_PKCSV1_INFO 1 // The type of Cert Info Struct following:
|
||
|
|
||
|
//
|
||
|
// Supported Certificate Types.
|
||
|
//
|
||
|
|
||
|
#define CERTYPE_UNKNOWN 0 // Unknown Certificate Type.
|
||
|
#define CERTYPE_LOCAL_CA 1 // A local CA pointer.
|
||
|
#define CERTYPE_X509 2 // An X.509 certificate.
|
||
|
#define CERTYPE_PKCS_X509 3 // A PKCS & imbedded X.509 Certificate.
|
||
|
#define CERTYPE_PKCS_REQUEST 4 // A PKCS Certificate Request (internal use)
|
||
|
|
||
|
|
||
|
//
|
||
|
// Supported Certificate Types.
|
||
|
//
|
||
|
|
||
|
// Local CA Specifics
|
||
|
|
||
|
#define LCA_VERSION_1 0 // This Local CA is version 1.
|
||
|
#define LCA_MAX_VERSION LCA_VERSION_1 // Max version supported.
|
||
|
|
||
|
typedef struct {
|
||
|
DWORD dwVersion; // The version of the local CA
|
||
|
LPTSTR szSubject; // Address for Subject name
|
||
|
DWORD cbSubjectLen; // Length of szSubject buffer
|
||
|
LPTSTR szProvider; // Address for the provider name
|
||
|
DWORD cbProviderLen; // Length of szProvider buffer
|
||
|
DWORD dwProvType; // The type of Provider
|
||
|
LPTSTR szKeyset; // Address for the keyset name
|
||
|
DWORD cbKeysetLen; // Length of the szKeyset buffer
|
||
|
DWORD dwKeySpec; // The specific key identifier
|
||
|
} LOCALCACERTINFO, *PLOCALCACERTINFO, *LPLOCALCACERTINFO;
|
||
|
|
||
|
|
||
|
// X.509 Certificate specifics
|
||
|
|
||
|
#define X509_VERSION_1 0 // This certificate is X.509 version 1
|
||
|
#define X509_VERSION_2 1 // This certificate is X.509 version 2
|
||
|
#define X509_VERSION_3 2 // This certificate is X.509 version 3
|
||
|
#define X509_MAX_VERSION X509_VERSION_1 // Max version supported.
|
||
|
|
||
|
typedef struct {
|
||
|
DWORD dwX509Version; // The version of the certificate
|
||
|
LPBYTE pbSerialNumber; // Address for serial number.
|
||
|
DWORD cbSerialNumLen; // Length of pbSerialNumber buffer.
|
||
|
ALG_ID algId; // Algorithm Id.
|
||
|
LPTSTR szIssuer; // Address for Issuer name
|
||
|
DWORD cbIssuerLen; // Length of szIssuer buffer
|
||
|
FILETIME ftNotBefore; // Certificate effective date
|
||
|
FILETIME ftNotAfter; // Certificate expiration date
|
||
|
LPTSTR szSubject; // Address for Subject name
|
||
|
DWORD cbSubjectLen; // Length of szSubject buffer
|
||
|
LPVOID pvIssuerUid; // Address for Issuer Id ?q?
|
||
|
DWORD cbIssuerUidLen; // Length of pvIssuerUid buffer
|
||
|
LPVOID pvSubjectUid; // Address for Subject Id ?q?
|
||
|
DWORD cbSubjectUidLen; // Length of pvSubjectUid buffer
|
||
|
EXTENSIONLISTHANDLE
|
||
|
hExtensions; // Extension List handle
|
||
|
} X509CERTINFO, *PX509CERTINFO, *LPX509CERTINFO;
|
||
|
|
||
|
|
||
|
// PKCS-6 with embedded X.509 Certificate specifics
|
||
|
|
||
|
#define PKCS_NOTUSED 0xffff // PKCS isn't used on this certificate
|
||
|
#define PKCS_VERSION_1 0 // This certificate is PKCS version 1
|
||
|
#define PKCS_MAX_VERSION PKCS_VERSION_1 // Max version supported.
|
||
|
|
||
|
typedef struct {
|
||
|
DWORD dwPKCSVersion; // The version of the certificate
|
||
|
ATTRIBLISTHANDLE hAttributes; // Attribute list handle
|
||
|
X509CERTINFO x509Info; // Info from the X.509 Certificate
|
||
|
} PKCSX509CERTINFO, *PPKCSX509CERTINFO, *LPPKCSX509CERTINFO;
|
||
|
|
||
|
|
||
|
// PKCS-10 Certificate Request Specifics
|
||
|
typedef struct {
|
||
|
DWORD dwPKCSVersion; // The version of the certificate request
|
||
|
LPTSTR szSubject; // Address for Subject name
|
||
|
DWORD cbSubjectLen; // Length of szSubject buffer
|
||
|
ATTRIBLISTHANDLE hAttributes; // Attribute list handle
|
||
|
} PKCSREQCERTINFO, *PPKCSREQCERTINFO, *LPPKCSREQCERTINFO;
|
||
|
|
||
|
|
||
|
// Common Certificate Info Header.
|
||
|
|
||
|
typedef struct {
|
||
|
// This part is common to all certificate info structure types. (?Q?)
|
||
|
DWORD cbStructLen; // Length of this structure
|
||
|
WORD wCertInfoVersion; // The version (CERT_PKCSV1_INFO)
|
||
|
WORD wCertInfoType; // The type of the following structure
|
||
|
union {
|
||
|
LOCALCACERTINFO localCA; // Local CA Characteristics
|
||
|
X509CERTINFO x509; // X.509 Characteristics
|
||
|
PKCSX509CERTINFO pkcs; // PKCS-6 Characteristics
|
||
|
PKCSREQCERTINFO req; // PKCS-10 Request Characteristics
|
||
|
} certInfo;
|
||
|
} CERTIFICATEINFO, *PCERTIFICATEINFO, *LPCERTIFICATEINFO;
|
||
|
|
||
|
|
||
|
// Crypto API Definitions
|
||
|
#define CAPI_MAX_VERSION 2 // Supported version of CAPI.
|
||
|
|
||
|
|
||
|
// Certificate Store Definitions
|
||
|
#define CERTSTORE_NONE 0 // No store to be used.
|
||
|
#define CERTSTORE_APPLICATION 1 // Store in application volatile memory
|
||
|
#define CERTSTORE_CURRENT_USER 3 // Store in Registry under current user
|
||
|
#define CERTSTORE_LOCAL_MACHINE 5 // Store in Registry under local machine
|
||
|
|
||
|
|
||
|
// Certificate Warning Definitions
|
||
|
#define CERTWARN_NOCRL 0x01 // At least one of the signing CAs didn't
|
||
|
// have an associated CRL.
|
||
|
#define CERTWARN_EARLYCRL 0x02 // At least one of the signing CAs had an
|
||
|
// associated CRL who's issuing date was
|
||
|
// in the future.
|
||
|
#define CERTWARN_LATECRL 0x04 // At least one of the signing CAs had an
|
||
|
// expired CRL.
|
||
|
#define CERTWARN_TOBEREVOKED 0x08 // At least one of the signing CAs contained
|
||
|
// a revocation for a certificate, but its
|
||
|
// effective date has not yet been reached.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCertificateLoad(
|
||
|
OUT LPCERTIFICATEHANDLE phCert, // Handle for future reference
|
||
|
IN const BYTE *pbCert, // Buffer containing the certificate
|
||
|
IN const BYTE *pbCrl, // Buffer containing any associated CRL
|
||
|
IN OUT LPDWORD pdwType, // Certificate Type
|
||
|
IN DWORD dwStore, // Which certificate store to load
|
||
|
IN LPCTSTR szKeySet, // The name of the keyset to use
|
||
|
IN LPCTSTR szProvider, // The specific name of the CSP to use
|
||
|
IN DWORD dwProvType, // Provider type hint
|
||
|
OUT LPBYTE szIssuerName, // The root or missing issuer
|
||
|
IN OUT LPDWORD pcbIssuerLen, // Length of the szIssuerName buffer
|
||
|
OUT LPDWORD pdwWarnings); // Receives warning flags.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCertificateOpen(
|
||
|
OUT LPCERTIFICATEHANDLE phCert, // Handle for future reference
|
||
|
IN LPCTSTR szSubjName, // Name of subject of existing certificate
|
||
|
IN LPCTSTR szKeySet, // The name of the keyset to use
|
||
|
IN LPCTSTR szProvider, // The specific name of the CSP to use
|
||
|
IN DWORD dwProvType, // Provider type hint
|
||
|
OUT LPDWORD pdwCertType, // Certificate Type
|
||
|
IN OUT LPDWORD pfStore, // Certificate store search/found limits
|
||
|
OUT LPTSTR szIssuerName, // The root or missing issuer
|
||
|
IN OUT LPDWORD pcbIssuerLen, // Length of the szIssuerName buffer
|
||
|
OUT LPDWORD pdwWarnings); // Receives warning flags.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCertificateUpdateCrl(
|
||
|
IN CERTIFICATEHANDLE hCert, // The reference handle to the Certificate
|
||
|
IN const BYTE *pbCrl); // Buffer containing the associated CRL
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCertificateVerify(
|
||
|
IN CERTIFICATEHANDLE hCert, // The reference handle to the Certificate
|
||
|
IN const BYTE *pbData, // The data to be verified
|
||
|
IN DWORD cbDataLen, // The length of the data to be signed
|
||
|
IN LPCTSTR szComment, // Comment string associated with signature
|
||
|
IN ALG_ID algId, // Algorithm suggestion
|
||
|
IN const BYTE *pbSignature, // The supplied signature
|
||
|
IN DWORD cbSigLen); // Length of the pbSignature buffer.
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCertificateGetInfo(
|
||
|
IN CERTIFICATEHANDLE hCert, // The reference handle to the Certificate
|
||
|
IN OUT LPCERTIFICATEINFO pCertInfo); // The info structure to fill in
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCertificateClose(
|
||
|
IN CERTIFICATEHANDLE hCert); // The reference handle to the Certificate
|
||
|
|
||
|
extern PKCSDLLAPI BOOL WINAPI
|
||
|
PkcsCertificateDelete(
|
||
|
IN CERTIFICATEHANDLE hCert); // The handle to the Certificate to remove
|
||
|
|
||
|
|
||
|
#if defined(_MSVC) && defined(_DEBUG)
|
||
|
//
|
||
|
//==============================================================================
|
||
|
//
|
||
|
// Debugging extensions
|
||
|
//
|
||
|
|
||
|
extern PKCSDLLAPI void WINAPI
|
||
|
PkcsMemoryClean(
|
||
|
void);
|
||
|
#endif
|
||
|
|
||
|
|
||
|
//
|
||
|
//==============================================================================
|
||
|
//
|
||
|
// Attribute Type definitions
|
||
|
//
|
||
|
|
||
|
#define X500_commonName TEXT("2.5.4.3")
|
||
|
#define X500_surname TEXT("2.5.4.4")
|
||
|
#define X500_serialNumber TEXT("2.5.4.5")
|
||
|
#define X500_countryName TEXT("2.5.4.6")
|
||
|
#define X500_locality TEXT("2.5.4.7")
|
||
|
#define X500_stateOrProvinceName TEXT("2.5.4.8")
|
||
|
#define X500_streetAddress TEXT("2.5.4.9")
|
||
|
#define X500_organizationName TEXT("2.5.4.10")
|
||
|
#define X500_orginazationalUnitName TEXT("2.5.4.11")
|
||
|
#define X500_title TEXT("2.5.4.12")
|
||
|
#define X500_description TEXT("2.5.4.13")
|
||
|
#define X500_businessCategory TEXT("2.5.4.15")
|
||
|
#define X500_postalCode TEXT("2.5.4.17")
|
||
|
#define X500_postOfficeBox TEXT("2.5.4.18")
|
||
|
#define X500_physicalDeliveryOfficeName TEXT("2.5.4.19")
|
||
|
#define X500_telephoneNumber TEXT("2.5.4.20")
|
||
|
#define X500_x121Address TEXT("2.5.4.24")
|
||
|
#define X500_internationalISDNNumber TEXT("2.5.4.25")
|
||
|
#define X500_destinationIndicator TEXT("2.5.4.27")
|
||
|
|
||
|
#define PKCS1_md2 TEXT("1.2.840.113549.2.2")
|
||
|
#define PKCS1_md4 TEXT("1.2.840.113549.2.4")
|
||
|
#define PKCS1_md5 TEXT("1.2.840.113549.2.5")
|
||
|
#define PKCS1_rsaEncryption TEXT("1.2.840.113549.1.1.1")
|
||
|
#define PKCS1_md2WithRSAEncryption TEXT("1.2.840.113549.1.1.2")
|
||
|
#define PKCS1_md4WithRSAEncryption TEXT("1.2.840.113549.1.1.3")
|
||
|
#define PKCS1_md5WithRSAEncryption TEXT("1.2.840.113549.1.1.4")
|
||
|
|
||
|
#define PKCS3_dhKeyAgreement TEXT("1.2.840.113549.1.3.1")
|
||
|
|
||
|
#define PKCS5_pbeWithMD2AndDES_CBC TEXT("1.2.840.113549.1.5.1")
|
||
|
#define PKCS5_pbeWithMD5AndDES_CBC TEXT("1.2.840.113549.1.5.3")
|
||
|
|
||
|
#define PKCS7_data TEXT("1.2.840.113549.1.7.1")
|
||
|
#define PKCS7_signedData TEXT("1.2.840.113549.1.7.2")
|
||
|
#define PKCS7_envelopedData TEXT("1.2.840.113549.1.7.3")
|
||
|
#define PKCS7_signedAndEnvelopedData TEXT("1.2.840.113549.1.7.4")
|
||
|
#define PKCS7_digestedData TEXT("1.2.840.113549.1.7.5")
|
||
|
#define PKCS7_encryptedData TEXT("1.2.840.113549.1.7.6")
|
||
|
|
||
|
#define PKCS9_emailAddress TEXT("1.2.840.113549.1.9.1")
|
||
|
#define PKCS9_unstructuredName TEXT("1.2.840.113549.1.9.2")
|
||
|
#define PKCS9_contentType TEXT("1.2.840.113549.1.9.3")
|
||
|
#define PKCS9_messageDigest TEXT("1.2.840.113549.1.9.4")
|
||
|
#define PKCS9_signingTime TEXT("1.2.840.113549.1.9.5")
|
||
|
#define PKCS9_countersignature TEXT("1.2.840.113549.1.9.6")
|
||
|
#define PKCS9_challengePassword TEXT("1.2.840.113549.1.9.7")
|
||
|
#define PKCS9_unstructuredAddress TEXT("1.2.840.113549.1.9.8")
|
||
|
#define PKCS9_extendedCertificateAttributes TEXT("1.2.840.113549.1.9.9")
|
||
|
#define PKCS9_description TEXT("1.2.840.113549.1.9.10")
|
||
|
|
||
|
#ifdef _cplusplus
|
||
|
}
|
||
|
#endif
|
||
|
#endif // _PKCSLIB_H_
|
||
|
|