windows-nt/Source/XPSP1/NT/ds/security/inc/signutil.h

1493 lines
55 KiB
C
Raw Normal View History

2020-09-26 03:20:57 -05:00
//+-------------------------------------------------------------------------
//
// Microsoft Windows
//
// Copyright (C) Microsoft Corporation, 1997 - 1999
//
// File: signutil.h
//
//--------------------------------------------------------------------------
#ifndef _SIGNUTIL_H
#define _SIGNUTIL_H
// OBSOLETE :- Was used for signcde.dll that is no longer required
//---------------------------------------------------------------------
//---------------------------------------------------------------------
// SignCode.h : main header file for the SIGNCODE application
//
#include "wincrypt.h"
#include "ossglobl.h"
#include "sgnerror.h"
#include "spcmem.h"
#include "pvkhlpr.h"
#include "spc.h"
#include "wintrust.h"
#include "sipbase.h"
#include "mssip.h"
#ifdef __cplusplus
extern "C" {
#endif
//
//+-------------------------------------------------------------------------
// SPC_TIME_STAMP_REQUEST_STRUCT (placed in PKCS#7 Content for a time request)
// pvStructInfo points to SPC_TIMESTAMP_REQ
//
typedef struct _SPC_ContentInfo {
LPCSTR pszContentType;
PBYTE pbContentValue;
DWORD cbContentValue;
} SPC_CONTENT_INFO, *PSPC_CONTENT_INFO;
typedef struct _SPC_TimeStampRequest {
LPCSTR pszTimeStampAlg;
DWORD cAuthAttr;
PCRYPT_ATTRIBUTE rgAuthAttr;
SPC_CONTENT_INFO sContent;
} SPC_TIMESTAMP_REQ, *PSPC_TIMESTAMP_REQ;
//
//+-------------------------------------------------------------------------
//+------------------------------------------------------------------------------
// Certificate List structures. Ordered list of Certificate contexts
//
typedef struct CERT_CONTEXTLIST {
PCCERT_CONTEXT* psList; // List
DWORD dwCount; // Number of entries in list
DWORD dwList; // Max size of list
} CERT_CONTEXTLIST, *PCERT_CONTEXTLIST;
typedef const CERT_CONTEXTLIST *PCCERT_CONTEXTLIST;
//+------------------------------------------------------------------------------
// Crl List structures. Ordered list of Certificate contexts
//
typedef struct CRL_CONTEXTLIST {
PCCRL_CONTEXT* psList; // List
DWORD dwCount; // Number of entries in list
DWORD dwList; // Max size of list
} CRL_CONTEXTLIST, *PCRL_CONTEXTLIST;
typedef const CRL_CONTEXTLIST *PCCRL_CONTEXTLIST;
//+------------------------------------------------------------------------------
// Capi Provider information structure (see SpcGetCapiProviders)
//
typedef struct CAPIPROV
{
TCHAR szProviderName[MAX_PATH];
TCHAR szProviderDisplayName[MAX_PATH];
DWORD dwProviderType;
} CAPIPROV;
//+-------------------------------------------------------------------------
//+-------------------------------------------------------------------------
// Spc utility functions
//+-------------------------------------------------------------------------
// Converts error (see GetLastError()) to an HRESULT
//--------------------------------------------------------------------------
HRESULT SpcError();
//+-------------------------------------------------------------------------
// SPC PKCS #7 Indirect Data Content
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcGetSignedDataIndirect(
IN HCRYPTPROV hCryptProv,
IN DWORD dwMsgAndCertEncodingType,
IN PBYTE pbSignedData,
IN DWORD cbSignedData,
OUT PSPC_INDIRECT_DATA_CONTENT pInfo,
IN OUT DWORD *pcbInfo);
//+=========================================================================
//
// SPC PKCS #7 Signed Message Authenticated Attributes
//
//-=========================================================================
//+-------------------------------------------------------------------------
// Create a SignedData message consisting of the certificates and
// CRLs copied from the specified cert store and write to the specified file.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcWriteSpcFile(
IN HANDLE hFile,
IN HCERTSTORE hCertStore,
IN DWORD dwMsgAndCertEncodingType,
IN DWORD dwFlags);
//+-------------------------------------------------------------------------
// Read a SignedData message consisting of certificates and
// CRLs from the specified file and copy to the specified cert store.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcReadSpcFile(
IN HANDLE hFile,
IN HCERTSTORE hCertStore,
IN DWORD dwMsgAndCertEncodingType,
IN DWORD dwFlags);
//+-------------------------------------------------------------------------
// Create a SignedData message consisting of the certificates and
// CRLs copied from the specified cert store and write to memory
//
// If pbData == NULL || *pcbData == 0, calculates the length and doesn't
// return an error.
//
// Except for the SPC being saved to memory, identical to SpcWriteSpcFile.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcWriteSpcToMemory(
IN HANDLE hFile,
IN HCERTSTORE hCertStore,
IN DWORD dwMsgAndCertEncodingType,
IN DWORD dwFlags,
OUT BYTE *pbData,
IN OUT DWORD *pcbData);
//+-------------------------------------------------------------------------
// Read a SignedData message consisting of certificates and
// CRLs from memory and copy to the specified cert store.
//
// Except for the SPC being loaded from memory, identical to SpcReadSpcFile.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcReadSpcFromMemory(
IN BYTE *pbData,
IN DWORD cbData,
IN HCERTSTORE hCertStore,
IN DWORD dwMsgAndCertEncodingType,
IN DWORD dwFlags);
//+-------------------------------------------------------------------------
// By default (according to the world of BOB) the SignedData doesn't have
// the normal PKCS #7 ContentType at the beginning. Set the following
// flag in the SpcSign* and SpcWriteSpcFile functions to include the
// PKCS #7 ContentType.
//
// The SpcVerify* functions take SignedData with or without the PKCS #7
// ContentType.
//--------------------------------------------------------------------------
#define SPC_PKCS_7_FLAG 0x00010000
//+-------------------------------------------------------------------------
// Sign Portable Executable (PE) image file where the signed data is stored
// in the file.
//
// The signed data's IndirectDataContentAttr is updated with its type set to
// SPC_PE_IMAGE_DATA_OBJID and its optional value is set to the
// PeImageData parameter.
//
// The SPC_LENGTH_ONLY_FLAG or SPC_DISABLE_DIGEST_FILE_FLAG isn't allowed
// and return an error.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcSignPeImageFile(IN PSPC_SIGN_PARA pSignPara,
IN HANDLE hFile,
IN OPTIONAL PSPC_PE_IMAGE_DATA pPeImageData,
IN DWORD dwFlags,
OUT PBYTE* pbEncoding,
OUT DWORD* cbEncoding);
//+-------------------------------------------------------------------------
// Verify Portable Executable (PE) image file where the signed data is
// extracted from the file.
//
// See SpcVerifyFile for details about the other parameters.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcVerifyPeImageFile(
IN PSPC_VERIFY_PARA pVerifyPara,
IN HANDLE hFile,
IN DWORD dwFlags,
OUT OPTIONAL PCCERT_CONTEXT *ppSignerCert);
//+-------------------------------------------------------------------------
// Sign Java class file where the signed data is stored in the file.
//
// The signed data's IndirectDataContentAttr is updated with its type set to
// SPC_JAVA_CLASS_DATA_OBJID and its optional value is set to the
// Link parameter.
//
// The SPC_LENGTH_ONLY_FLAG or SPC_DISABLE_DIGEST_FILE_FLAG isn't allowed
// and return an error.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcSignJavaClassFile(IN PSPC_SIGN_PARA pSignPara,
IN HANDLE hFile,
IN OPTIONAL PSPC_LINK pLink,
IN DWORD dwFlags,
OUT PBYTE* pbEncoding,
OUT DWORD* cbEncoding);
//+-------------------------------------------------------------------------
// Verify Java class file where the signed data is extracted from the file.
//
// See SpcVerifyFile for details about the other parameters.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcVerifyJavaClassFile(
IN PSPC_VERIFY_PARA pVerifyPara,
IN HANDLE hFile,
IN DWORD dwFlags,
OUT OPTIONAL PCCERT_CONTEXT *ppSignerCert);
//+-------------------------------------------------------------------------
// Sign Structured Storage file where the signed data is stored in the file.
//
// The signed data's IndirectDataContentAttr is updated with its type set to
// SPC_STRUCTURED_STORAGE_DATA_OBJID and its optional value is set to the
// Link parameter.
//
// The SPC_LENGTH_ONLY_FLAG or SPC_DISABLE_DIGEST_FILE_FLAG isn't allowed
// and return an error.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcSignStructuredStorageFile(IN PSPC_SIGN_PARA pSignPara,
IN IStorage *pStg,
IN OPTIONAL PSPC_LINK pLink,
IN DWORD dwFlags,
OUT PBYTE* pbEncoding,
OUT DWORD* cbEncoding);
//+-------------------------------------------------------------------------
// Verify Structured Storage file where the signed data is extracted
// from the file.
//
// See SpcVerifyFile for details about the other parameters.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcVerifyStructuredStorageFile(
IN PSPC_VERIFY_PARA pVerifyPara,
IN IStorage *pStg,
IN DWORD dwFlags,
OUT OPTIONAL PCCERT_CONTEXT *ppSignerCert
);
//+-------------------------------------------------------------------------
// Sign Raw file. The signed data is stored OUTSIDE of the file.
//
// The signed data's IndirectDataContentAttr is updated with its type set to
// SPC_RAW_FILE_DATA_OBJID and its optional value is set to the
// Link parameter.
//
// If pbSignedData == NULL or *pcbSignedData == 0, then, the
// SPC_LENGTH_ONLY_FLAG and SPC_DISABLE_DIGEST_FILE_FLAG are implicitly set.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcSignRawFile(IN PSPC_SIGN_PARA pSignPara,
IN HANDLE hFile,
IN OPTIONAL PSPC_LINK pLink,
IN DWORD dwFlags,
OUT PBYTE *pbSignedData,
IN OUT DWORD *pcbSignedData);
//+-------------------------------------------------------------------------
// Verify Raw file. The signed data is stored OUTSIDE of the file.
//
// See SpcVerifyFile for details about the other parameters.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcVerifyRawFile(
IN PSPC_VERIFY_PARA pVerifyPara,
IN HANDLE hFile,
IN const BYTE *pbSignedData,
IN DWORD cbSignedData,
IN DWORD dwFlags,
OUT OPTIONAL PCCERT_CONTEXT *ppSignerCert
);
//+-------------------------------------------------------------------------
// Sign Diamond Cabinet (.cab) file where the signed data is stored in the
// the file's cabinet header reserved data space.
//
// The signed data's IndirectDataContentAttr is updated with its type set to
// SPC_CAB_DATA_OBJID and its optional value is set to the
// Link parameter.
//
// The SPC_LENGTH_ONLY_FLAG or SPC_DISABLE_DIGEST_FILE_FLAG isn't allowed
// and return an error.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcSignCabFile(IN PSPC_SIGN_PARA pSignPara,
IN HANDLE hFile,
IN OPTIONAL PSPC_LINK pLink,
IN DWORD dwFlags,
OUT PBYTE* pbEncoding,
OUT DWORD* cbEncoding);
//+-------------------------------------------------------------------------
// Verify cabinet file where the signed data is extracted from the file.
//
// See SpcVerifyFile for details about the other parameters.
//--------------------------------------------------------------------------
BOOL
WINAPI
SpcVerifyCabFile(
IN PSPC_VERIFY_PARA pVerifyPara,
IN HANDLE hFile,
IN DWORD dwFlags,
OUT OPTIONAL PCCERT_CONTEXT *ppSignerCert);
//+=========================================================================
//
// SPC Sign and Verify File APIs and Type Definitions
//
// Supports any file type via a table of functions for accessing the file.
// The above file types have been implemented on top of these
// sign and verify file APIs.
//
//-=========================================================================
//+-------------------------------------------------------------------------
// A convient way of setting up the SPC dll and loading the oid encode and decode
// routines. Not a required call!
//
// Returns:
// E_OUTOFMEMORY - unable to set up dll
// S_OK
HRESULT WINAPI
SpcInitialize(DWORD dwEncodingType, // Defaults to X509_ASN_ENCODING | PKCS_7_ASN_ENCODING
SpcAlloc*); // Defaults to no memory allocator
HRESULT WINAPI
SpcInitializeStd(DWORD dwEncodingType); // Defaults to X509_ASN_ENCODING | PKCS_7_ASN_ENCODING
// Sets memory to LocalAlloc and LocalFree.
////////////////////////////////////
// Helper functions
/////////////////////////////////////////////////////////////////////////////
// Time Stamping structures
typedef struct _SPC_SignerInfo {
DWORD dwVersion;
CRYPT_INTEGER_BLOB sSerialNumber;
CERT_NAME_BLOB sIssuer;
PCRYPT_ALGORITHM_IDENTIFIER psDigestEncryptionAlgorithm;
PCRYPT_ALGORITHM_IDENTIFIER psDigestAlgorithm;
DWORD cAuthAttr;
PCRYPT_ATTRIBUTE rgAuthAttr;
DWORD cUnauthAttr;
PCRYPT_ATTRIBUTE rgUnauthAttr;
PBYTE pbEncryptedDigest;
DWORD cbEncryptedDigest;
} SPC_SIGNER_INFO, *PSPC_SIGNER_INFO;
//+------------------------------------------------------------------------------
// Checks if the certificate is self signed.
// Returns: S_FALSE - certificate is not self signed
// NTE_BAD_SIGNATURE - self signed certificate but signature is invalid
// S_OK - certificate is self signed and signature is valid
// CRYPT_E_NO_PRVOIDER - no provider supplied
//
HRESULT WINAPI
SpcSelfSignedCert(IN HCRYPTPROV hCryptProv,
IN PCCERT_CONTEXT pSubject);
//+-----------------------------------------------------------------------------------
// Checks if the certificate is the Microsoft real root or one of the test roots used
// in IE30
// Returns: S_OK - For the Microsoft root
// S_FALSE - For the Microsoft test root
// CRYPT_E_NOT_FOUND - When it is not a root certificate
//
HRESULT WINAPI
SpcIsRootCert(PCCERT_CONTEXT pSubject);
//+---------------------------------------------------------------------------
// Checks if the certificate a glue certificate
// in IE30
// Returns: S_OK - Is a glue certificate
// S_FALSE - Not a certificate
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcIsGlueCert(IN PCCERT_CONTEXT pCert);
//+--------------------------------------------------------------------
// Gets the list of providers, pass in the address to a CAPIPROV
// structer and a long.
// ppsList - Vector of CAPIPROV (free pointer using the SpcAllocator)
// pdwEntries - number of entries in the vector.
//----------------------------------------------------------------------
HRESULT WINAPI
SpcGetCapiProviders(CAPIPROV** ppsList,
DWORD* pdwEntries);
//+-------------------------------------------------------------------
// Checks the certifcate chain based on trusted roots then on glue certs
// Returns:
// S_OK - Cert was found and was verified at the given time
// S_FALSE - Cert was found and verified to a test root
// CERT_E_CHAINING - Could not be verified using trusted roots
// CERT_E_EXPIRED - An issuing certificate was found but it was not currently valid
//
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcCheckTrustStore(IN HCRYPTPROV hCryptProv,
IN DWORD dwVerifyFlags,
IN OPTIONAL FILETIME* pTimeStamp,
IN HCERTSTORE hCertStore,
IN PCCERT_CONTEXT pChild,
IN OPTIONAL PCCERT_CONTEXTLIST,
OUT PCCERT_CONTEXT* pRoot);
//+---------------------------------------------------------------------------
// Checks the certifcate by finding a glue certificate and walking that chain
// Returns:
// S_OK - Cert was found and was verified at the given time
// S_FALSE - Cert was found and verified to a test root
// CERT_E_CHAINING - Could not be verified using store
// CERT_E_EXPIRED - An issuing certificate was found but it was not currently valid
//
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcCheckGlueChain(IN HCRYPTPROV hCryptProv,
IN DWORD dwVerifyFlags,
IN OPTIONAL FILETIME* pTimeStamp,
IN HCERTSTORE hCertStore,
IN OPTIONAL PCCERT_CONTEXTLIST pIssuers,
IN PCCERT_CONTEXT pChild);
//+-------------------------------------------------------------------
// Checks the certifcate chain based on trusted roots then on glue certs
// Returns:
// S_OK - Cert was found and was verified at the given time
// S_FALSE - Cert was found and verified to a test root
// CERT_E_CHAINING - Could not be verified using trusted roots
//
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcCheckCertChain(IN HCRYPTPROV hCryptProv,
IN DWORD dwVerifyFlags,
IN OPTIONAL FILETIME* pTimeStamp,
IN HCERTSTORE hTrustedRoots,
IN HCERTSTORE hCertStore,
IN PCCERT_CONTEXT pChild,
IN OPTIONAL PCCERT_CONTEXTLIST hChainStore,
OUT PCCERT_CONTEXT* pRoot);
//+--------------------------------------------------------------------------
// Sign a file, optional supply a timestamp.
//
// Returns:
//
// NOTE: By default this will use CoTaskMemAlloc. Use CryptSetMemoryAlloc() to
// specify a different memory model.
// NOTE: Time Stamp must be an encoded pkcs7 message.
HRESULT WINAPI
SpcSignCode(IN HWND hwnd,
IN LPCWSTR pwszFilename, // file to sign
IN LPCWSTR pwszCapiProvider, // NULL if to use non default CAPI provider
IN DWORD dwProviderType, // Uses default if 0
IN LPCWSTR pwszPrivKey, // private key file / CAPI key set name
IN LPCWSTR pwszSpc, // the credentials to use in the signing
IN LPCWSTR pwszOpusName, // the name of the program to appear in
IN LPCWSTR pwszOpusInfo, // the unparsed name of a link to more
IN BOOL fIncludeCerts, // add the certificates to the signature
IN BOOL fCommercial, // commerical signing
IN BOOL fIndividual, // individual signing
IN ALG_ID algidHash, // Algorithm id used to create digest
IN PBYTE pbTimeStamp, // Optional
IN DWORD cbTimeStamp ); // Optional
//+--------------------------------------------------------------------------
// Create a time stamp request. It does not actually sign the file.
//
// Returns:
//
// NOTE: By default this will use CoTaskMemAlloc. Use CryptSetMemoryAlloc() to
// specify a different memory model.
HRESULT WINAPI
SpcTimeStampCode(IN HWND hwnd,
IN LPCWSTR pwszFilename, // file to sign
IN LPCWSTR pwszCapiProvider, // NULL if to use non default CAPI provider
IN DWORD dwProviderType,
IN LPCWSTR pwszPrivKey, // private key file / CAPI key set name
IN LPCWSTR pwszSpc, // the credentials to use in the signing
IN LPCWSTR pwszOpusName, // the name of the program to appear in the UI
IN LPCWSTR pwszOpusInfo, // the unparsed name of a link to more info...
IN BOOL fIncludeCerts,
IN BOOL fCommercial,
IN BOOL fIndividual,
IN ALG_ID algidHash,
OUT PCRYPT_DATA_BLOB sTimeRequest); // Returns result in sTimeRequest
//+-------------------------------------------------------------------------
// Crack a PKCS7 message and builds an encoded response. Store should
// contain all the required certificates to crack the incoming message
// and build the out going message.
// Input:
// pbEncodedMsg - encoded time stamp request.
// cbEncodedMsg - length of time stamp request.
//
// Parameter Returns:
// pbResponse - allocated response message containing the time stamp
// cbResponse - length of response
// Returns:
// S_OK - everything worked
//
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
// CRYPT_E_NO_MATCH - could not locate certificate in store
HRESULT WINAPI
SpcCreateTimeStampResponse(IN DWORD dwCertEncodingType,
IN HCRYPTPROV hSignProv,
IN HCERTSTORE hCertStore,
IN DWORD dwAlgId,
IN OPTIONAL FILETIME* pFileTime,
IN PBYTE pbEncodedMsg,
IN DWORD cbEncodedMsg,
OUT PBYTE* pbResponse,
OUT DWORD* cbResponse);
//+-------------------------------------------------------------------------
// Creates PKCS7 message using the information supplied
// Parameter Returns:
// pbPkcs7 - allocated pkcs7 message containing the time stamp
// cbPkcs7 - length of pkcs7
// Returns:
// S_OK - everything worked
//
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcCreatePkcs7(IN DWORD dwCertEncodingType,
IN HCRYPTPROV hCryptProv, // if Null it will get provider from signing certificate
IN DWORD dwKeySpec, // if 0 it will get signing key type from signing certificate
IN PCCERT_CONTEXT pSigningCert,
IN CRYPT_ALGORITHM_IDENTIFIER dwDigestAlgorithm,
IN OPTIONAL PCCERT_CONTEXTLIST pCertList,
IN OPTIONAL PCRL_CONTEXTLIST pCrlList,
IN OPTIONAL PCRYPT_ATTRIBUTE rgAuthAttr,
IN OPTIONAL DWORD cAuthAttr,
IN OPTIONAL PCRYPT_ATTRIBUTE rgUnauthAttr,
IN OPTIONAL DWORD cUnauthAttr,
IN LPCSTR pszContentType,
IN PBYTE pbSignerData,
IN DWORD cbSignerData,
OUT PBYTE* pbPkcs7,
OUT DWORD* pcbPkcs7);
//+--------------------------------------------------------------------------
// Retrieve the signature from an encoded PKCS7 message.
//
// Returns:
//
// Note: Returns the signature of the first signer.
HRESULT WINAPI
SpcGetSignature(IN PBYTE pbMessage, // Pkcs7 Message
IN DWORD cbMessage, // length of Message
OUT PCRYPT_DATA_BLOB); // Signature returned.
//+--------------------------------------------------------------------------
// Returns the content value from within a timestamp request.
//
// Returns:
// S_OK - Success
//
// Note: By default this will use CoTaskMemAlloc. Use CryptSetMemoryAlloc() to specify
// a different allocation routine
HRESULT WINAPI
SpcGetTimeStampContent(IN PBYTE pbEncoding, // Pkcs7 Message
IN DWORD cbEncoding, // length of Message
OUT PCRYPT_DATA_BLOB pSig); // Time Stamped Data
//+--------------------------------------------------------------------------
// Returns: the type of file
//
// Note: See defines for the type returned
DWORD WINAPI
SpcGetFileType(LPCWSTR pszFile);
#define SIGN_FILE_IMAGE 1
#define SIGN_FILE_JAVACLASS 2
#define SIGN_FILE_RAW 4
#define SIGN_FILE_CAB 8
//+---------------------------------------------------------------
//+---------------------------------------------------------------
// SignCode Internal OID's and structurs
// Global values
#define EMAIL_OID "1.2.840.113549.1.9.1"
// Not implemented
#define CONTENT_TYPE_OID "1.2.840.113549.1.9.3"
// Uses a LPSTR
#define MESSAGE_DIGEST_OID "1.2.840.113549.1.9.4"
// Not implemented
#define SIGNING_TIME_OID "1.2.840.113549.1.9.5"
// Structure passed in and out is FILETIME
#define COUNTER_SIGNATURE_OID "1.2.840.113549.1.9.6"
// Not implemented
#define DIRECTORY_STRING_OID "2.5.4.4"
// Not implemented (see Printable and Wide versions below)
// OID functions
#define OID_BASE 101
#define TIMESTAMP_REQUEST_SPCID 101
// Uses TimeStampRequest structure
#define WIDE_DIRECTORY_STRING_SPCID 102
// Structure is LPWSTR
#define PRINTABLE_DIRECTORY_STRING_SPCID 103
// Structure is LPSTR
#define IA5_STRING_SPCID 104
// Structure is LPSTR
#define OCTET_STRING_SPCID 105
// Structure is CRYPT_DATA_BLOB
#define CONTENT_INFO_SPCID 106
// Structure is SPC_CONTENT_INFO
#define SIGNING_TIME_SPCID 107
// Structure is a SPC_SIGNER_INFO
#define SIGNER_INFO_SPCID 108
// Structure is a SPC_SIGNER_INFO
#define ATTRIBUTES_SPCID 109
// Structure is a CMSG_ATTR
#define OBJECTID_SPCID 110
// Structure is a LPTSTR
#define CONTENT_TYPE_SPCID 111
// Structure is a LPTSTR
#define ATTRIBUTE_TYPE_SPCID 112
// Structure is a CRYPT_ATTRIBUTE
HRESULT WINAPI
SpcEncodeOid(IN DWORD dwAlgorithm,
IN const void *pStructure,
OUT PBYTE* ppsEncoding,
IN OUT DWORD* pdwEncoding);
HRESULT WINAPI
SpcDecodeOid(IN DWORD dwAlgorithm,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID* ppStructure,
IN OUT DWORD* pdwStructure);
//+-------------------------------------------------------------------
// Pushes a certificate on the list, ONLY use SpcDeleteCertChain to free
// up certificate list.
// Returns:
// S_OK
HRESULT WINAPI
SpcPushCertChain(IN PCCERT_CONTEXT pCert,
IN PCCERT_CONTEXTLIST pIssuer);
//+-------------------------------------------------------------------
// Frees up a list of cert contexts
// Returns:
// S_OK
HRESULT WINAPI
SpcDeleteCertChain(IN PCCERT_CONTEXTLIST sIssuer);
//+--------------------------------------------------------------------------
// Creates a list of glue certs that apply to the pSubject. If the crypt memory
// allocator is set it will return a list that must be freed. (Returned memory
// is a vector so free just the returned pointer) If there is no allocator then
// use the two pass win32 style. (NOTE: PCCERT_CONTEXTLIST must be supplied)
//
// Parameter Returns:
// pGlue - List of cert contexts that must be released.
//
// Returns:
// S_OK - Created list
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
// E_OUTOFMEMORY - Memory allocation error occured
HRESULT WINAPI
SpcFindGlueCerts(IN PCCERT_CONTEXT pSubject,
IN HCERTSTORE hCertStore,
IN OUT PCCERT_CONTEXTLIST pGlue);
//+-------------------------------------------------------------------
// Locate the issuers in the trusted list. (NOTE: PCCERT_CONTEXTLIST must be supplied)
// Parameter Returns:
// pIssuerChain - List of cert contexts that must be released.
//
// Returns:
// S_OK - Created list
// E_OUTOFMEMORY - Memory allocation error occured
HRESULT WINAPI
SpcLocateIssuers(IN DWORD dwVerifyFlags,
IN HCERTSTORE hCertStore,
IN PCCERT_CONTEXT item,
IN OUT PCCERT_CONTEXTLIST pIssuerChain);
//+-------------------------------------------------------------------------
// Find the the cert from the hprov
// Parameter Returns:
// pReturnCert - context of the cert found (must pass in cert context);
// Returns:
// S_OK - everything worked
// E_OUTOFMEMORY - memory failure
// E_INVALIDARG - no pReturnCert supplied
// CRYPT_E_NO_MATCH - could not locate certificate in store
//
HRESULT WINAPI
SpcGetCertFromKey(IN DWORD dwCertEncodingType,
IN HCERTSTORE hStore,
IN HCRYPTPROV hProv,
IN OUT PCCERT_CONTEXT* pReturnCert);
/*
//+-------------------------------------------------------------------------
// Locates a certificate in the store that matches the public key
// dictated by the HCRYPTPROV
//-=========================================================================
PCCERT_CONTEXT WINAPI
SpcFindCert(IN HCERTSTORE hStore,
IN HCRYPTPROV hProv);
*/
//+-------------------------------------------------------------------
// Retrieves the a cert context from the store based on the issuer
// and serial number.
// Returns:
// Cert context - on success
// NULL - if no certificate existed or on Error
//
/*
PCCERT_CONTEXT WINAPI
SpcFindCertWithIssuer(IN DWORD dwCertEncodingType,
IN HCERTSTORE hCertStore,
IN CERT_NAME_BLOB* psIssuer,
IN CRYPT_INTEGER_BLOB* psSerial);
*/
//+-------------------------------------------------------------------------
// Given a signing cert, a store with the certs chain, hashing algorithm,
// and a time request structure it will return an encoded time stamp request
// message.
// Parameter Returns:
// pbEncoding - time stamp response (PKCS7 message)
// cbEncoding - length of encoding
// Returns:
// S_OK - everything worked
//
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcBuildTimeStampResponse(IN HCRYPTPROV hCryptProv,
IN HCERTSTORE hCertStore,
IN PCCERT_CONTEXT pSigningCert,
IN ALG_ID algidHash,
IN OPTIONAL FILETIME* pFileTime,
IN PSPC_TIMESTAMP_REQ psRequest,
OUT PBYTE* pbEncoding,
OUT DWORD* cbEncoding);
//+-------------------------------------------------------------------------
// Encodes the current time
// Parameter Returns:
// pbEncodedTime - encoded time (current UTC time)
// cbEncodedTime - length of encoding
// Returns:
// S_OK - everything worked
//
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcEncodeCurrentTime(OUT PBYTE* pbEncodedTime,
OUT DWORD* cbEncodedTime);
//+-------------------------------------------------------------------------
// Crack a PKCS7 message returns the content and content type. Data is verified
//
// Parameter Returns:
// pSignerCert - Context that was used to sign the certificate
// ppbContent - the content of the message
// pcbContent - the length
// pOid - the oid of the content (content type)
// Returns:
// S_OK - everything worked
//
// CERT_E_NOT_FOUND - Cannot load certificate from encoded pkcs7 message
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcLoadData(IN HCRYPTPROV hCryptProv,
IN PBYTE pbEncoding,
IN DWORD cbEncoding,
IN DWORD lSignerIndex,
OUT PCCERT_CONTEXT& pSignerCert,
OUT PBYTE& pbContent,
OUT DWORD& cbContent,
OUT LPSTR& pOid);
//+-------------------------------------------------------------------------
// Crack a PKCS7 message which contains a time request
// Parameter Returns:
// ppCertContext - returns contexts if pointer provided (optional)
// ppbRequest - allocates a Time request structure (delete just the pointer)
// Returns:
// S_OK - everything worked
//
// CERT_E_NOT_FOUND - Cannot load certificate from encoded pkcs7 message
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcLoadTimeStamp(IN HCRYPTPROV hCryptProv,
IN PBYTE pbEncoding,
IN DWORD cbEncoding,
OUT PCCERT_CONTEXT* ppCertContext, // Optional
OUT PSPC_TIMESTAMP_REQ* ppbRequest);
//+-------------------------------------------------------------------
// Verifies the certifcate chain based on glue certs
// Return Parameters:
// pRoot - Context to the root certificate of the chain
// (must be freed)
// pIssuers - Stores the chain in pIssuers if it is present
// Returns:
// S_OK - Cert was found and was verified at the given time
// S_FALSE - Cert was found and verified to a test root
// CERT_E_CHAINING - Could not be verified
// CERT_E_EXPIRED - An issuing certificate was found but it was not currently valid
//
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcVerifyCertChain(IN HCRYPTPROV hCryptProv,
IN DWORD dwVerifyFlags,
IN FILETIME* pTimeStamp,
IN HCERTSTORE hCertStore,
IN PCCERT_CONTEXT pChild,
IN OUT OPTIONAL PCCERT_CONTEXTLIST pIssuers,
OUT PCCERT_CONTEXT* pRoot);
//+-------------------------------------------------------------------
// Checks the certifcate chain for a glue certificate
// Returns:
// S_OK - Cert was found and was verified at the given time
// S_FALSE - Cert was found and verified to a test root
// CERT_E_CHAINING - Could not be verified using
// CERT_E_EXPIRED - An issuing certificate was found but it was not currently valid
//
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcVerifyGlueChain(IN DWORD dwVerifyFlags,
IN HCRYPTPROV hCryptProv,
IN OPTIONAL FILETIME* pTimeStamp,
IN HCERTSTORE hCertStore,
IN OPTIONAL PCCERT_CONTEXTLIST pIssuers,
IN PCCERT_CONTEXT pChild);
//-------------------------------------------------------------------
// Retrieves the a cert context from the store based on the issuer
// and serial number. psIssuer and psSerial can be obtained from
// the SPC_CONTENT_INFO.
//
// Returns:
// Cert context - on success
// NULL - if no certificate existed or on Error (use SpcError() to retirieve HRESULT)
//
PCCERT_CONTEXT WINAPI
SpcGetCertFromStore(IN DWORD dwCertEncodingType,
IN HCERTSTORE hCertStore,
IN CERT_NAME_BLOB* psIssuer,
IN CRYPT_INTEGER_BLOB* psSerial);
//+---------------------------------------------------------------------------
// Verifies the signer at the specified time. The psSignerInfo can be
// obtained be decoding and encoded signature using SIGNER_INFO_SPCID.
// Verify flags can be CERT_STORE_SIGNATURE_FLAG and/or CERT_STORE_REVOCATION_FLAG.
// If pTimeStamp is present the certificate must have been valid at that time
// Returns:
// S_OK - Time stamp was found and verified
// S_FALSE - Time stamp was found and verified to a test root
// CERT_E_CHAINING - Could not be verified using tursted roots or certificate store
//
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcVerifySignerInfo(IN DWORD dwCertEncodingType,
IN HCRYPTPROV hCryptProv,
IN DWORD dwVerifyFlags,
IN HCERTSTORE hTrustedRoots,
IN HCERTSTORE hCertStore,
IN PSPC_SIGNER_INFO psSignerInfo,
IN LPFILETIME pTimeStamp,
IN PSPC_CONTENT_INFO psData);
//+-------------------------------------------------------------------------------
// Verifies the encoded signature if there is a time stamp present. If there is no
// time stamp the CERT_E_NO_MATCH is returned. If there is a time stamp then the
// certificate and ceritifcate chain is verfified at that time.
//
// Verify flags can be CERT_STORE_SIGNATURE_FLAG and/or CERT_STORE_REVOCATION_FLAG.
//
// Parameter Returns:
// psTime - Filled in time, time is set to zero on error.
//
// Returns:
// S_OK - Time stamp was found and verified
// S_FALSE - Time stamp was found and verified to a test root
// CERT_E_NO_MATCH - Unable to find time stamp in signer info
// CERT_E_CHAINING - Could not be verified using trusted roots or certicate store
//
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcVerifyEncodedSigner(IN DWORD dwCertEncodingType,
IN HCRYPTPROV hCryptProv,
IN DWORD dwVerifyFlags,
IN HCERTSTORE hTrustedRoots,
IN HCERTSTORE hCertStore,
IN PBYTE psEncodedSigner,
IN DWORD dwEncodedSigner,
IN PSPC_CONTENT_INFO psData,
OUT FILETIME* pReturnTime);
//+-------------------------------------------------------------------
// Finds a counter signature attribute (OID: COUNTER_SIGNATURE_OID ==
// "1.2.840.113549.1.9.6"). The counter signature is then verified.
// (see CryptVerifySignerInfo)
// Parameter Returns:
// psTime - Filled in time, time is set to zero on error.
//
// Returns:
// S_OK - Time stamp was found and verified
// S_FALSE - Time stamp was found and verified to a test root
// CRYPT_E_NO_MATCH - Time stamp attribute could not be found
//
// CERT_E_CHAINING - Could not be verified using trusted roots or certicate store
// E_OUTOFMEMORY - Memory allocation error occured
// CRYPT_E_OSS_ERROR + Oss error - Encode or Decode error.
HRESULT WINAPI
SpcVerifyTimeStampAttribute(IN DWORD dwCertEncodingType,
IN HCRYPTPROV hCryptProv,
IN DWORD dwVerifyFlags,
IN HCERTSTORE hTrustedRoots,
IN HCERTSTORE hCertStore,
IN PCRYPT_ATTRIBUTE psAttributes,
IN DWORD dwAttributes,
IN PSPC_CONTENT_INFO psData,
OUT FILETIME* pReturnTime);
//+-------------------------------------------------------------------------
// Cracks the SignerInfo out of the PKCS7 message and returns the encoded representation.
// Parameter Returns:
// pbSignerData - Encoded signer info from the message.
// cbSignerData - Length of the message
// Returns:
// TRUE - Succeeded.
// FALSE - Failed.
//
HRESULT WINAPI
SpcGetEncodedSigner(IN DWORD dwMsgAndCertEncodingType,
IN HCERTSTORE hMsgCertStore,
IN PCCERT_CONTEXT pSignerCert,
IN PBYTE pbEncoding,
IN DWORD cbEncoding,
OUT PBYTE* pbSignerData,
OUT DWORD* cbSignerData);
//+-------------------------------------------------------------------------
// Gets (and will set) the CERT_KEY_PROV_INFO_PROP_ID property for a cert
// context.
//+--------------------------------------------------------------------------
HRESULT WINAPI
SpcGetCertKeyProv(IN PCCERT_CONTEXT pCert,
OUT HCRYPTPROV *phCryptProv,
OUT DWORD *pdwKeySpec,
OUT BOOL *pfDidCryptAcquire);
//+-------------------------------------------------------------------------
// Returns TRUE if message is not wrapped in a
// ContentInfo.
//+--------------------------------------------------------------------------
BOOL WINAPI
SpcNoContentWrap(IN const BYTE *pbDER,
IN DWORD cbDER);
//+-------------------------------------------------------------------------
// Retrieves the specified parameter from the Signature. The parameter is
// allocated using the SPC allocation.
//
// Parameter Returns:
// pbData: Allocated data
// cbData: size of data allocated
// Returns:
// S_OK - Created parameter
// E_OUTOFMEMORY - Memory Allocation error
//
//--------------------------------------------------------------------------
HRESULT SpcGetParam(IN HCRYPTMSG hMsg,
IN DWORD dwParamType,
IN DWORD dwIndex,
OUT PBYTE& pbData,
OUT DWORD& cbData);
//+-------------------------------------------------------------------------
// Retrieves the Signer Id from the Signature. The parameter is
// allocated using the SPC allocation.
//
// Returns:
// S_OK - Created Signer id
// E_OUTOFMEMORY - Memory Allocation error
//
//--------------------------------------------------------------------------
HRESULT SpcGetCertIdFromMsg(IN HCRYPTMSG hMsg,
IN DWORD dwIndex,
OUT PCERT_INFO& pSignerId);
//+-------------------------------------------------------------------------
//+-------------------------------------------------------------------------
//+-------------------------------------------------------------------------
// Certificate and CRL encoding types
//+--------------------------------------------------------------------------
#define CERT_OSS_ERROR 0x80093000
typedef HRESULT (*SpcEncodeFunction)(const SpcAlloc* pManager,
const void* pStructure,
PBYTE& psEncoding,
DWORD& dwEncoding);
typedef HRESULT (*SpcDecodeFunction)(const SpcAlloc* pManager,
const PBYTE pEncoding,
DWORD dwEncoding,
DWORD dwFlags,
LPVOID& pStructure,
DWORD& dwStructure);
typedef struct _SPC_OidFuncEntry {
SpcEncodeFunction pfEncode;
SpcDecodeFunction pfDecode;
} SPC_OidFuncEntry;
//
// Decode routines
// #define CRYPT_DECODE_NOCOPY_FLAG 0x1
HRESULT WINAPI
SpcEncodeOid32(IN DWORD dwAlgorithm,
IN const void *pStructure,
OUT PBYTE ppsEncoding,
IN OUT DWORD* pdwEncoding);
// Win32 version of above function
HRESULT WINAPI
SpcDecodeOid32(IN DWORD dwAlgorithm,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID ppStructure,
IN OUT DWORD* pdwStructure);
// Win32 version of above function
//+-------------------------------------------------------------------
// Asn routines, Uses specified memory allocator or Win32 dual call
// if no allocator set.
typedef OssGlobal *POssGlobal;
HRESULT WINAPI
SpcASNEncode(IN const SpcAlloc* pManager,
IN POssGlobal pOssGlobal,
IN DWORD pdu,
IN const void* sOssStructure,
OUT PBYTE& psEncoding,
OUT DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecode(IN POssGlobal pOssGlobal,
IN DWORD pdu,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psStructure);
//+-------------------------------------------------------------------
// Memory Functions
HRESULT WINAPI
SpcSetMemoryAlloc(SpcAlloc& pAlloc);
const SpcAlloc* WINAPI
SpcGetMemoryAlloc();
BOOL WINAPI
SpcGetMemorySet();
BOOL WINAPI
SpcSetMemoryAllocState(BOOL state);
HRESULT WINAPI
SpcSetEncodingType(DWORD type);
HRESULT WINAPI
SpcGetEncodingType(DWORD* type);
//+-------------------------------------------------------------------
// Time Stamp functions
HRESULT WINAPI
SpcCompareTimeStamps(IN PBYTE psTime1,
IN DWORD dwTime1,
IN PBYTE psTime2,
IN DWORD dwTime2);
HRESULT WINAPI
SpcCreateTimeStampHash(IN HCRYPTPROV hCryptProv,
IN DWORD dwAlgoCAPI,
IN PBYTE pbData,
IN DWORD cbData,
OUT HCRYPTHASH& hHash);
HRESULT WINAPI
SpcGetTimeStampHash(IN HCRYPTPROV hCryptProv,
IN DWORD dwAlgoCAPI,
IN PBYTE pbData,
IN DWORD cbData,
OUT PBYTE& pbHashValue,
IN OUT DWORD& cbHashValue);
HRESULT WINAPI
SpcTimeStampHashContent(IN HCRYPTPROV hCryptProv,
IN SPC_CONTENT_INFO& sContent,
IN SPC_SIGNER_INFO& sTimeStamp,
OUT PBYTE& pbHashValue,
IN OUT DWORD& cbHashValue);
HRESULT WINAPI
SpcVerifyTimeStampSignature(IN HCRYPTPROV hCryptProv,
IN CERT_INFO& sCertInfo,
IN SPC_SIGNER_INFO& sTimeStamp);
HRESULT WINAPI
SpcVerifyTimeStampDigest(IN HCRYPTPROV hCryptProv,
IN SPC_CONTENT_INFO& sContent,
IN SPC_SIGNER_INFO& sTimeStamp);
HRESULT WINAPI
SpcVerifyTimeStamp(IN HCRYPTPROV hCryptProv,
IN CERT_INFO& sCertInfo,
IN SPC_CONTENT_INFO& sContent,
IN SPC_SIGNER_INFO& sTimeStamp);
HRESULT SpcError();
//+-------------------------------------------------------------------
// String functions
HRESULT WINAPI
SpcCopyPrintableString(const SpcAlloc* pManager,
LPCSTR sz,
LPSTR& str,
DWORD& lgth);
BOOL WINAPI
SpcIsPrintableStringW(LPCWSTR wsz);
BOOL WINAPI
SpcIsPrintableString(LPCSTR sz);
HRESULT WINAPI
SpcWideToPrintableString(const SpcAlloc* psManager,
LPCWSTR wsz,
LPSTR& pString,
DWORD& dwString);
HRESULT WINAPI
SpcPrintableToWideString(const SpcAlloc* psManager,
LPCSTR sz,
LPWSTR& psString,
DWORD& dwString);
HRESULT WINAPI
SpcBMPToWideString(const SpcAlloc* psManager,
WORD* pbStr,
DWORD cbStr,
LPWSTR& psString,
DWORD& dwString);
HRESULT WINAPI
SpcBMPToPrintableString(const SpcAlloc* psManager,
WORD* pbStr,
DWORD cbStr,
LPSTR& psString,
DWORD& dwString);
HRESULT WINAPI
SpcUniversalToWideString(const SpcAlloc* psManager,
DWORD* pbStr,
USHORT cbStr,
LPWSTR& psString,
DWORD& dwString);
HRESULT WINAPI
SpcWideToUniversalString(const SpcAlloc* psManager,
LPWSTR pSource,
DWORD* pString,
DWORD& dwString);
HRESULT WINAPI
SpcPrintableToUniversalString(const SpcAlloc* psManager,
LPSTR pSource,
DWORD* pString,
DWORD& dwString);
HRESULT WINAPI
SpcUniversalToPrintableString(const SpcAlloc* psManager,
DWORD* pbStr,
USHORT cbStr,
LPSTR& psString,
DWORD& dwString);
//+-------------------------------------------------------------------
// Asn functions
HRESULT WINAPI
SpcASNEncodeTimeStamp(IN const SpcAlloc* pManager,
IN const void* pStructure,
OUT PBYTE& psEncoding,
IN OUT DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecodeTimeStamp(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psStructure,
IN OUT DWORD& dwStructure);
HRESULT WINAPI
SpcASNEncodeObjectId(IN const SpcAlloc* pManager,
IN const void* pStructure,
OUT PBYTE& psEncoding,
IN OUT DWORD& dwEncoding);
HRESULT
SpcASNDecodeObjectId(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psStructure,
IN OUT DWORD& dwStructure);
HRESULT WINAPI
SpcASNEncodeDirectoryString(IN const SpcAlloc* pManager,
const void* psData,
PBYTE& pEncoding,
DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecodeDirectoryString(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psString,
IN OUT DWORD& dwString);
HRESULT WINAPI
SpcASNEncodeDirectoryStringW(IN const SpcAlloc* pManager,
const void* psData,
PBYTE& pEncoding,
DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecodeDirectoryStringW(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psString,
IN OUT DWORD& dwString);
HRESULT WINAPI
SpcASNEncodeOctetString(IN const SpcAlloc* pManager,
IN const void* pStructure,
OUT PBYTE& psEncoding,
IN OUT DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecodeOctetString(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psStructure,
IN OUT DWORD& dwStructure);
HRESULT WINAPI
SpcASNEncodeAttributes(IN const SpcAlloc* pManager,
IN const void* pStructure,
OUT PBYTE& psEncoding,
IN OUT DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecodeAttributes(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psStructure,
IN OUT DWORD& dwStructure);
HRESULT WINAPI
SpcASNEncodeIA5String(IN const SpcAlloc* pManager,
IN const void* pStructure,
OUT PBYTE& psEncoding,
IN OUT DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecodeIA5String(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psStructure,
IN OUT DWORD& dwStructure);
HRESULT WINAPI
SpcASNEncodeTimeRequest(IN const SpcAlloc* pManager,
IN const void* pStructure,
OUT PBYTE& psEncoding,
IN OUT DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecodeTimeRequest(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psStructure,
IN OUT DWORD& dwStructure);
HRESULT WINAPI
SpcASNEncodeSignerInfo(IN const SpcAlloc* pManager,
IN const void* pStructure,
OUT PBYTE& psEncoding,
IN OUT DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecodeSignerInfo(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psStructure,
IN OUT DWORD& dwStructure);
HRESULT WINAPI
SpcASNEncodeContentInfo(IN const SpcAlloc* pManager,
IN const void* pStructure,
OUT PBYTE& psEncoding,
IN OUT DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecodeContentInfo(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psStructure,
IN OUT DWORD& dwStructure);
HRESULT WINAPI
SpcASNEncodeContentType(IN const SpcAlloc* pManager,
IN const void* pStructure,
OUT PBYTE& psEncoding,
IN OUT DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecodeContentType(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psStructure,
IN OUT DWORD& dwStructure);
HRESULT WINAPI
SpcASNEncodeAttribute(IN const SpcAlloc* pManager,
IN const void* pStructure,
OUT PBYTE& psEncoding,
IN OUT DWORD& dwEncoding);
HRESULT WINAPI
SpcASNDecodeAttribute(IN const SpcAlloc* pManager,
IN const PBYTE psEncoding,
IN DWORD dwEncoding,
IN DWORD dwFlags,
OUT LPVOID& psStructure,
IN OUT DWORD& dwStructure);
#ifdef __cplusplus
}
#endif
#endif