382 lines
17 KiB
Plaintext
382 lines
17 KiB
Plaintext
//depot/Lab03_N/DS/security/cryptoapi/common/keysvc/keysvc.idl#7 - edit change 8790 (text)
|
|
//depot/Lab03_N/DS/security/cryptoapi/common/keysvc/keysvc.idl#4 - edit change 6380 (text)
|
|
//+-------------------------------------------------------------------------
|
|
//
|
|
// Microsoft Windows
|
|
//
|
|
// Copyright (C) Microsoft Corporation, 1997 - 1999
|
|
//
|
|
// File: keysvc.idl
|
|
//
|
|
//--------------------------------------------------------------------------
|
|
|
|
import "unknwn.idl";
|
|
|
|
import "basetsd.h";
|
|
|
|
////////////////////////////
|
|
// Interfaces
|
|
|
|
[
|
|
uuid(8d0ffe72-d252-11d0-bf8f-00c04fd9126b),
|
|
version(1.0),
|
|
pointer_default(unique)
|
|
]
|
|
interface IKeySvc
|
|
{
|
|
typedef struct _KEYSVC_UNICODE_STRING {
|
|
USHORT Length;
|
|
USHORT MaximumLength;
|
|
//#ifdef MIDL_PASS
|
|
[size_is(MaximumLength / 2), length_is((Length) / 2) ]
|
|
//#endif // MIDL_PASS
|
|
USHORT *Buffer;
|
|
} KEYSVC_UNICODE_STRING, *PKEYSVC_UNICODE_STRING;
|
|
|
|
typedef enum _KEYSVC_TYPE {
|
|
KeySvcMachine,
|
|
KeySvcService
|
|
} KEYSVC_TYPE;
|
|
|
|
typedef enum _KEYSVC_DEFTYPE {
|
|
DefUserProv,
|
|
DefMachineProv
|
|
} KEYSVC_DEFTYPE;
|
|
|
|
typedef ULONG KEYSVC_HANDLE, *PKEYSVC_HANDLE;
|
|
|
|
typedef struct _KEYSVC_BLOB {
|
|
ULONG cb;
|
|
[size_is(cb), length_is(cb)]
|
|
BYTE *pb;
|
|
} KEYSVC_BLOB, *PKEYSVC_BLOB;
|
|
|
|
// provider type and provider information
|
|
typedef struct _KEYSVC_PROVIDER_INFO {
|
|
KEYSVC_UNICODE_STRING Name;
|
|
ULONG Flags;
|
|
ULONG ProviderType;
|
|
} KEYSVC_PROVIDER_INFO, *PKEYSVC_PROVIDER_INFO;
|
|
|
|
// key information structures
|
|
typedef struct _KEY_ID {
|
|
ULONG Algid;
|
|
ULONG dwKeySpec;
|
|
} KEY_ID, *PKEY_ID;
|
|
|
|
typedef struct _KEYSVC_KEY_INFO {
|
|
KEYSVC_UNICODE_STRING KeyName;
|
|
KEY_ID KeyID;
|
|
} KEYSVC_KEY_INFO, *PKEYSVC_KEY_INFO;
|
|
|
|
typedef struct _KEYSVC_KEYS {
|
|
KEYSVC_UNICODE_STRING KeyName;
|
|
ULONG cKeyIDs;
|
|
//#ifdef MIDL_PASS
|
|
[size_is(cKeyIDs), length_is(cKeyIDs) ]
|
|
//#endif
|
|
PKEY_ID pKeyIDs;
|
|
} KEYSVC_KEYS, *PKEYSVC_KEYS;
|
|
|
|
typedef enum _KEYSVC_INFOTYPE {
|
|
KeySvcPublicKey,
|
|
KeySvcVerifyHaveKey
|
|
} KEYSVC_INFOTYPE;
|
|
|
|
typedef struct _KEYSVC_RSAINFO {
|
|
ULONG Algid;
|
|
ULONG cbHash;
|
|
BYTE rgbHash[40];
|
|
} KEYSVC_RSAINFO;
|
|
|
|
typedef struct _KEYSVC_CERT_HASH {
|
|
BYTE rgb[20];
|
|
} KEYSVC_CERT_HASH;
|
|
|
|
typedef struct _KEYSVC_CERT_INFO {
|
|
PKEYSVC_BLOB pCert;
|
|
KEYSVC_CERT_HASH CertHash;
|
|
KEYSVC_UNICODE_STRING KeyName;
|
|
} KEYSVC_CERT_INFO, *PKEYSVC_CERT_INFO;
|
|
|
|
//
|
|
typedef struct _KEYSVC_CERT_REQUEST_PVK_NEW {
|
|
ULONG ulProvType; //Optional: The provider type. If this field
|
|
// is 0, pwszProvider is ignored
|
|
KEYSVC_UNICODE_STRING Provider; //Optional: The name of the provider.
|
|
// NULL means the default
|
|
ULONG ulProviderFlags; //Optional: The flag passed to CryptAcquireContext
|
|
KEYSVC_UNICODE_STRING KeyContainer; //Optional: The private key container. If this value is NULL,
|
|
// a new key container will be generated. Its name is guaranteed
|
|
// to be unique.
|
|
ULONG ulKeySpec; //Optional: The key specification of the private key
|
|
ULONG ulGenKeyFlags; //Optional: The flags for CryptGenKey
|
|
} KEYSVC_CERT_REQUEST_PVK_NEW, *PKEYSVC_CERT_REQUEST_PVK_NEW;
|
|
|
|
typedef struct _KEYSVC_CERT_REQUEST_PVK_NEW_V2 {
|
|
ULONG ulProvType; //Optional: The provider type. If this field
|
|
// is 0, pwszProvider is ignored
|
|
KEYSVC_UNICODE_STRING Provider; //Optional: The name of the provider.
|
|
// NULL means the default
|
|
ULONG ulProviderFlags; //Optional: The flag passed to CryptAcquireContext
|
|
KEYSVC_UNICODE_STRING KeyContainer; //Optional: The private key container. If this value is NULL,
|
|
// a new key container will be generated. Its name is guaranteed
|
|
// to be unique.
|
|
ULONG ulKeySpec; //Optional: The key specification of the private key
|
|
ULONG ulGenKeyFlags; //Optional: The flags for CryptGenKey
|
|
ULONG ulEnrollmentFlags; //Optional: The enrollment cert type flags
|
|
ULONG ulSubjectNameFlags; //Optional: The subject name cert type flags
|
|
ULONG ulPrivateKeyFlags; //Optional: The private key cert type flags
|
|
ULONG ulGeneralFlags; //Optional: The general cert type flags
|
|
} KEYSVC_CERT_REQUEST_PVK_NEW_V2, *PKEYSVC_CERT_REQUEST_PVK_NEW_V2;
|
|
|
|
typedef struct _KEYSVC_CERT_BLOB {
|
|
DWORD cbData;
|
|
//#ifdef MIDL_PASS
|
|
[size_is(cbData), length_is(cbData) ]
|
|
//#endif
|
|
BYTE *pbData;
|
|
} KEYSVC_CERT_BLOB, *PKEYSVC_CERT_BLOB;
|
|
|
|
typedef struct _KEYSVC_CERT_EXTENSION {
|
|
LPSTR pszObjId;
|
|
BOOL fCritical;
|
|
DWORD cbData;
|
|
//#ifdef MIDL_PASS
|
|
[size_is(cbData), length_is(cbData) ]
|
|
//#endif
|
|
BYTE *pbData;
|
|
// KEYSVC_CERT_BLOB Value;
|
|
} KEYSVC_CERT_EXTENSION, *PKEYSVC_CERT_EXTENSION;
|
|
|
|
typedef struct _KEYSVC_CERT_EXTENSIONS {
|
|
ULONG cExtension;
|
|
//#ifdef MIDL_PASS
|
|
[size_is(cExtension), length_is(cExtension) ]
|
|
//#endif
|
|
KEYSVC_CERT_EXTENSION *rgExtension;
|
|
} KEYSVC_CERT_EXTENSIONS, *PKEYSVC_CERT_EXTENSIONS;
|
|
|
|
typedef struct _KEYSVC_CERT_ENROLL_INFO
|
|
{
|
|
KEYSVC_UNICODE_STRING UsageOID;
|
|
KEYSVC_UNICODE_STRING CertDNName;
|
|
ULONG ulPostOption; //Required: A bit wise OR of the following value:
|
|
// REQUEST_POST_ON_DS
|
|
// REQUEST_POST_ON_CSP
|
|
KEYSVC_UNICODE_STRING FriendlyName; //Optional: The friendly name of the certificate
|
|
KEYSVC_UNICODE_STRING Description; //Optional: The description of the certificate
|
|
KEYSVC_UNICODE_STRING Attributes; //Optional: Attributes for certificate request
|
|
ULONG cExtensions;
|
|
//#ifdef MIDL_PASS
|
|
[size_is(cExtensions), length_is(cExtensions) ]
|
|
//#endif
|
|
PKEYSVC_CERT_EXTENSIONS *prgExtensions;
|
|
}KEYSVC_CERT_ENROLL_INFO, *PKEYSVC_CERT_ENROLL_INFO;
|
|
|
|
typedef struct _KEYSVC_OPEN_KEYSVC_INFO {
|
|
ULONG ulSize; // For struct versioning
|
|
ULONG ulVersion;
|
|
}KEYSVC_OPEN_KEYSVC_INFO, *PKEYSVC_OPEN_KEYSVC_INFO;
|
|
|
|
typedef struct _KEYSVC_QUERY_CERT_REQUEST_INFO {
|
|
ULONG ulSize; // sizeof(CRYPTUI_WIZ_QUERY_CERT_REQUEST_INFO)
|
|
ULONG ulStatus; // set of flags, see below
|
|
} KEYSVC_QUERY_CERT_REQUEST_INFO, *PKEYSVC_QUERY_CERT_REQUEST_INFO;
|
|
|
|
|
|
ULONG KeyrOpenKeyService(
|
|
[in] handle_t hRPCBinding,
|
|
[in] KEYSVC_TYPE OwnerType,
|
|
[in] PKEYSVC_UNICODE_STRING pOwnerName,
|
|
[in] ULONG ulDesiredAccess,
|
|
[in] PKEYSVC_BLOB pAuthentication,
|
|
[in, out] PKEYSVC_BLOB *ppReserved,
|
|
[out] KEYSVC_HANDLE *phKeySvc);
|
|
|
|
ULONG KeyrEnumerateProviders(
|
|
[in] handle_t hRPCBinding,
|
|
[in] KEYSVC_HANDLE hKeySvc,
|
|
[in, out] PKEYSVC_BLOB *ppReserved,
|
|
[in, out] ULONG *pcProviderCount,
|
|
[in, out][size_is(,*pcProviderCount)]
|
|
PKEYSVC_PROVIDER_INFO *ppProviders);
|
|
|
|
ULONG KeyrEnumerateProviderTypes(
|
|
[in] handle_t hRPCBinding,
|
|
[in] KEYSVC_HANDLE hKeySvc,
|
|
[in, out] PKEYSVC_BLOB *ppReserved,
|
|
[in, out] ULONG *pcProviderCount,
|
|
[in, out][size_is(,*pcProviderCount)]
|
|
PKEYSVC_PROVIDER_INFO *ppProviders);
|
|
|
|
ULONG KeyrEnumerateProvContainers(
|
|
[in] handle_t hRPCBinding,
|
|
[in] KEYSVC_HANDLE hKeySvc,
|
|
[in] KEYSVC_PROVIDER_INFO Provider,
|
|
[in, out] PKEYSVC_BLOB *ppReserved,
|
|
[in, out] ULONG *pcContainerCount,
|
|
[in, out][size_is(,*pcContainerCount)]
|
|
PKEYSVC_UNICODE_STRING *ppContainers);
|
|
|
|
ULONG KeyrCloseKeyService(
|
|
[in] handle_t hRPCBinding,
|
|
[in] KEYSVC_HANDLE hKeySvc,
|
|
[in, out] PKEYSVC_BLOB *ppReserved);
|
|
|
|
ULONG KeyrGetDefaultProvider(
|
|
[in] handle_t hRPCBinding,
|
|
[in] KEYSVC_HANDLE hKeySvc,
|
|
[in] ULONG ulProvType,
|
|
[in] ULONG ulFlags,
|
|
[in, out] PKEYSVC_BLOB *ppReserved,
|
|
[out] ULONG *pulDefType,
|
|
[out] PKEYSVC_PROVIDER_INFO *ppProvider);
|
|
|
|
ULONG KeyrSetDefaultProvider(
|
|
[in] handle_t hRPCBinding,
|
|
[in] KEYSVC_HANDLE hKeySvc,
|
|
[in] ULONG ulFlags,
|
|
[in, out] PKEYSVC_BLOB *ppReserved,
|
|
[in] KEYSVC_PROVIDER_INFO Provider);
|
|
|
|
ULONG KeyrEnroll(
|
|
[in] handle_t hRPCBinding,
|
|
[in] BOOL fKeyService, //IN Required: Whether the function is called remotely
|
|
[in] ULONG ulPurpose, //IN Required: Specify the purpose - enrollment/renewal
|
|
[in] PKEYSVC_UNICODE_STRING pAcctName, //IN Optional: Account name the service runs under
|
|
[in] PKEYSVC_UNICODE_STRING pCALocation, //IN Required: The ca machine name
|
|
[in] PKEYSVC_UNICODE_STRING pCAName, //IN Required: The ca name
|
|
[in] BOOL fNewKey, //IN Required: Set the TRUE if new private key is needed
|
|
[in] PKEYSVC_CERT_REQUEST_PVK_NEW pKeyNew, //IN Required: The private key information
|
|
[in] PKEYSVC_BLOB pCert, //IN Optional: The old cert when renewing
|
|
[in] PKEYSVC_CERT_REQUEST_PVK_NEW pRenewKey, //IN Optional: The new private key information when renewing
|
|
[in] PKEYSVC_UNICODE_STRING pHashAlg, //IN Optional: The hash algorithm
|
|
[in] PKEYSVC_UNICODE_STRING pDesStore, //IN Optional: The destination store
|
|
[in] ULONG ulStoreFlags, //IN Optional: Flags for cert store
|
|
[in] PKEYSVC_CERT_ENROLL_INFO pRequestInfo, //IN Required: The information about the cert request
|
|
[in] ULONG ulFlags, //IN Reserved: Should be 0
|
|
[in, out] PKEYSVC_BLOB *ppReserved,
|
|
[out] PKEYSVC_BLOB *ppPKCS7Blob, //OUT Optional: The PKCS7 from the CA
|
|
[out] PKEYSVC_BLOB *ppHashBlob, //OUT Optioanl: The SHA1 hash of the enrolled/renewed certificate
|
|
[out] ULONG *pulStatus); //OUT Optional: The status of the enrollment/renewal
|
|
|
|
ULONG KeyrExportCert(
|
|
[in] handle_t hRPCBinding,
|
|
[in] KEYSVC_HANDLE hKeySvc,
|
|
[in] PKEYSVC_UNICODE_STRING pPassword,
|
|
[in] PKEYSVC_UNICODE_STRING pCertStore,
|
|
[in] ULONG cHashCount,
|
|
[in][size_is(cHashCount)]
|
|
KEYSVC_CERT_HASH *pHashes,
|
|
[in] ULONG ulFlags,
|
|
[in, out] PKEYSVC_BLOB *ppReserved,
|
|
[out] PKEYSVC_BLOB *ppPFXBlob);
|
|
|
|
ULONG KeyrImportCert(
|
|
[in] handle_t hRPCBinding,
|
|
[in] KEYSVC_HANDLE hKeySvc,
|
|
[in] PKEYSVC_UNICODE_STRING pPassword,
|
|
[in] PKEYSVC_UNICODE_STRING pCertStore,
|
|
[in] PKEYSVC_BLOB pPFXBlob,
|
|
[in] ULONG ulFlags,
|
|
[in, out] PKEYSVC_BLOB *ppReserved);
|
|
|
|
ULONG KeyrEnumerateAvailableCertTypes(
|
|
[in] handle_t hRPCBinding,
|
|
[in] KEYSVC_HANDLE hKeySvc,
|
|
[in, out] PKEYSVC_BLOB *ppReserved,
|
|
[in, out] ULONG *pcCertTypeCount,
|
|
[in, out][size_is(,*pcCertTypeCount)]
|
|
PKEYSVC_UNICODE_STRING *ppCertTypes);
|
|
|
|
ULONG KeyrEnumerateCAs(
|
|
[in] handle_t hRPCBinding,
|
|
[in] KEYSVC_HANDLE hKeySvc,
|
|
[in, out] PKEYSVC_BLOB *ppReserved,
|
|
[in] ULONG ulFlags,
|
|
[in, out] ULONG *pcCACount,
|
|
[in, out][size_is(,*pcCACount)]
|
|
PKEYSVC_UNICODE_STRING *ppCAs);
|
|
|
|
ULONG KeyrEnroll_V2(
|
|
[in] handle_t hRPCBinding,
|
|
[in] BOOL fKeyService, //IN Required: Whether the function is called remotely
|
|
[in] ULONG ulPurpose, //IN Required: Specify the purpose - enrollment/renewal
|
|
[in] ULONG ulFlags, //IN Required: Enrollment flags.
|
|
[in] PKEYSVC_UNICODE_STRING pAcctName, //IN Optional: Account name the service runs under
|
|
[in] PKEYSVC_UNICODE_STRING pCALocation, //IN Required: The ca machine name
|
|
[in] PKEYSVC_UNICODE_STRING pCAName, //IN Required: The ca name
|
|
[in] BOOL fNewKey, //IN Required: Set the TRUE if new private key is needed
|
|
[in] PKEYSVC_CERT_REQUEST_PVK_NEW_V2 pKeyNew, //IN Required: The private key information
|
|
[in] PKEYSVC_BLOB pCert, //IN Optional: The old cert when renewing
|
|
[in] PKEYSVC_CERT_REQUEST_PVK_NEW_V2 pRenewKey, //IN Optional: The new private key information when renewing
|
|
[in] PKEYSVC_UNICODE_STRING pHashAlg, //IN Optional: The hash algorithm
|
|
[in] PKEYSVC_UNICODE_STRING pDesStore, //IN Optional: The destination store
|
|
[in] ULONG ulStoreFlags, //IN Optional: Flags for cert store
|
|
[in] PKEYSVC_CERT_ENROLL_INFO pRequestInfo, //IN Required: The information about the cert request
|
|
[in] ULONG ulReservedFlags, //IN Reserved: Must be 0.
|
|
[in, out] PKEYSVC_BLOB *ppReserved, //IN OUT Reserved: Must be NULL.
|
|
[in, out] PKEYSVC_BLOB *phRequest, //OUT Optional: The HANDLE to a created request (in 3-stage enrollment)
|
|
[out] PKEYSVC_BLOB *ppPKCS7Blob, //OUT Optional: The PKCS7 from the CA
|
|
[out] PKEYSVC_BLOB *ppHashBlob, //OUT Optioanl: The SHA1 hash of the enrolled/renewed certificate
|
|
[out] ULONG *pulStatus); //OUT Optional: The status of the enrollment/renewal
|
|
|
|
|
|
ULONG KeyrQueryRequestStatus
|
|
([in] handle_t hRPCBinding,
|
|
[in] unsigned __int64 hRequest,
|
|
[out, ref] KEYSVC_QUERY_CERT_REQUEST_INFO *pQueryInfo);
|
|
}
|
|
|
|
|
|
[
|
|
uuid(a3b749b1-e3d0-4967-a521-124055d1c37d),
|
|
version(1.0),
|
|
pointer_default(unique)
|
|
]
|
|
|
|
interface IKeySvcR // Remote keysvc
|
|
{
|
|
ULONG RKeyrOpenKeyService
|
|
([in] handle_t hRPCBinding,
|
|
[in] KEYSVC_TYPE OwnerType,
|
|
[in] PKEYSVC_UNICODE_STRING pOwnerName,
|
|
[in] ULONG ulDesiredAccess,
|
|
[in] PKEYSVC_BLOB pAuthentication,
|
|
[in, out] PKEYSVC_BLOB *ppReserved,
|
|
[out] KEYSVC_HANDLE *phKeySvc);
|
|
|
|
ULONG RKeyrCloseKeyService
|
|
([in] handle_t hRPCBinding,
|
|
[in] KEYSVC_HANDLE hKeySvc,
|
|
[in, out] PKEYSVC_BLOB *ppReserved);
|
|
|
|
ULONG RKeyrPFXInstall
|
|
([in] handle_t hRPCBinding,
|
|
[in] PKEYSVC_BLOB pPFX,
|
|
[in] PKEYSVC_UNICODE_STRING pPassword,
|
|
[in] ULONG ulFlags);
|
|
}
|
|
|
|
|
|
|
|
// Define version constants.
|
|
cpp_quote("#define KEYSVC_VERSION_W2K 0x0001")
|
|
cpp_quote("#define KEYSVC_VERSION_WHISTLER 0x0002")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|