ReactOS  0.4.12-dev-90-g2e2e63e
wincrypt.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2002 Travis Michielsen
3  * Copyright (C) 2004-2005 Juan Lang
4  * Copyright (C) 2007 Vijay Kiran Kamuju
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19  */
20 
21 #ifndef __WINE_WINCRYPT_H
22 #define __WINE_WINCRYPT_H
23 
24 #include <specstrings.h>
25 
26 #ifdef __cplusplus
27 extern "C" {
28 #endif
29 
30 #ifdef _MSC_VER
31 #pragma warning(push)
32 #pragma warning(disable:4201)
33 #endif
34 
35 #include <bcrypt.h>
36 /* FIXME: #include <ncrypt.h> */
37 
38 #ifdef _ADVAPI32_
39 # define WINADVAPI
40 #else
41 # define WINADVAPI DECLSPEC_IMPORT
42 #endif
43 
44 /* some typedefs for function parameters */
45 typedef unsigned int ALG_ID;
51 typedef void *HCERTSTORE;
52 typedef void *HCRYPTMSG;
53 typedef void *HCERTSTOREPROV;
54 typedef void *HCRYPTOIDFUNCSET;
55 typedef void *HCRYPTOIDFUNCADDR;
56 typedef void *HCRYPTDEFAULTCONTEXT;
57 
58 /* CSP Structs */
59 
60 typedef struct _PROV_ENUMALGS {
61  ALG_ID aiAlgid;
64  CHAR szName[20];
66 
67 typedef struct _PROV_ENUMALGS_EX {
68  ALG_ID aiAlgid;
74  CHAR szName[20];
76  CHAR szLongName[40];
78 
79 #define SCHANNEL_MAC_KEY 0
80 #define SCHANNEL_ENC_KEY 1
81 
82 typedef struct _SCHANNEL_ALG {
84  ALG_ID Algid;
89 
90 
91 #define CRYPT_IPSEC_HMAC_KEY 0x0100
92 
93 typedef struct _HMAC_INFO {
94  ALG_ID HashAlgid;
100 
101 typedef struct _CRYPTOAPI_BLOB {
117 
124 
127  CRYPT_OBJID_BLOB Parameters;
129 
132  CRYPT_OBJID_BLOB Value;
134 
135 typedef struct _PUBLICKEYSTRUC {
139  ALG_ID aiKeyAlg;
141 
142 typedef struct _RSAPUBKEY {
146 } RSAPUBKEY;
147 
148 typedef struct _PUBKEY {
152 
153 typedef struct _DSSSEED {
155  BYTE seed[20];
156 } DSSSEED;
157 
158 typedef struct _PUBKEYVER3 {
165 
166 typedef struct _PRIVKEYVER3 {
174 
175 typedef struct _KEY_TYPE_SUBTYPE {
180 
181 typedef struct _CERT_FORTEZZA_DATA_PROP {
182  unsigned char SerialNumber[8];
184  unsigned char CertLabel[36];
186 
187 typedef struct _CMS_DH_KEY_INFO {
189  ALG_ID Algid;
191  CRYPT_DATA_BLOB PubInfo;
192  void *pReserved;
194 
195 typedef struct _CRYPT_BIT_BLOB {
200 
201 typedef struct _CRYPT_KEY_PROV_PARAM {
207 
208 typedef struct _CRYPT_KEY_PROV_INFO {
214  PCRYPT_KEY_PROV_PARAM rgProvParam;
217 
218 typedef struct _CERT_KEY_CONTEXT {
220  HCRYPTPROV hCryptProv;
223 
224 typedef struct _CERT_PUBLIC_KEY_INFO {
228 
229 typedef struct _CERT_EXTENSION {
232  CRYPT_OBJID_BLOB Value;
234 
235 typedef struct _CERT_EXTENSIONS {
237  PCERT_EXTENSION rgExtension;
239 
240 typedef struct _CERT_INFO {
244  CERT_NAME_BLOB Issuer;
247  CERT_NAME_BLOB Subject;
252  PCERT_EXTENSION rgExtension;
254 
255 typedef struct _CERT_RDN_ATTR {
258  CERT_RDN_VALUE_BLOB Value;
260 
261 typedef struct _CERT_RDN {
263  PCERT_RDN_ATTR rgRDNAttr;
264 } CERT_RDN, *PCERT_RDN;
265 
266 typedef struct _CERT_NAME_INFO {
268  PCERT_RDN rgRDN;
270 
271 typedef struct _CERT_NAME_VALUE {
273  CERT_RDN_VALUE_BLOB Value;
275 
278  CRYPT_DATA_BLOB EncryptedPrivateKey;
280 
282  CRYPT_DATA_BLOB KeyId;
283  CERT_NAME_BLOB CertIssuer;
286 
291 
293  CRYPT_DATA_BLOB KeyId;
295  PCERT_PRIVATE_KEY_VALIDITY pPrivateKeyUsagePeriod;
297 
298 typedef struct _CERT_ECC_SIGNATURE {
299  CRYPT_UINT_BLOB r;
300  CRYPT_UINT_BLOB s;
302 
303 /* byte 0 */
304 #define CERT_DIGITAL_SIGNATURE_KEY_USAGE 0x80
305 #define CERT_NON_REPUDIATION_KEY_USAGE 0x40
306 #define CERT_KEY_ENCIPHERMENT_KEY_USAGE 0x20
307 #define CERT_DATA_ENCIPHERMENT_KEY_USAGE 0x10
308 #define CERT_KEY_AGREEMENT_KEY_USAGE 0x08
309 #define CERT_KEY_CERT_SIGN_KEY_USAGE 0x04
310 #define CERT_OFFLINE_CRL_SIGN_KEY_USAGE 0x02
311 #define CERT_CRL_SIGN_KEY_USAGE 0x02
312 #define CERT_ENCIPHER_ONLY_KEY_USAGE 0x01
313 /* byte 1 */
314 #define CERT_DECIPHER_ONLY_KEY_USAGE 0x80
315 
316 typedef struct _CERT_POLICY_ID {
320 
323  PCERT_POLICY_ID rgCertPolicyId;
326 
327 typedef struct _CERT_OTHER_NAME {
329  CRYPT_OBJID_BLOB Value;
331 
332 typedef struct _CERT_ALT_NAME_ENTRY {
334  union {
335  PCERT_OTHER_NAME pOtherName;
338  CERT_NAME_BLOB DirectoryName;
340  CRYPT_DATA_BLOB IPAddress;
342  } DUMMYUNIONNAME;
344 
345 #define CERT_ALT_NAME_OTHER_NAME 1
346 #define CERT_ALT_NAME_RFC822_NAME 2
347 #define CERT_ALT_NAME_DNS_NAME 3
348 #define CERT_ALT_NAME_X400_ADDRESS 4
349 #define CERT_ALT_NAME_DIRECTORY_NAME 5
350 #define CERT_ALT_NAME_EDI_PARTY_NAME 6
351 #define CERT_ALT_NAME_URL 7
352 #define CERT_ALT_NAME_IP_ADDRESS 8
353 #define CERT_ALT_NAME_REGISTERED_ID 9
354 
355 typedef struct _CERT_ALT_NAME_INFO {
357  PCERT_ALT_NAME_ENTRY rgAltEntry;
359 
360 #define CERT_ALT_NAME_ENTRY_ERR_INDEX_MASK 0xff
361 #define CERT_ALT_NAME_ENTRY_ERR_INDEX_SHIFT 16
362 #define CERT_ALT_NAME_VALUE_ERR_INDEX_MASK 0x0000ffff
363 #define CERT_ALT_NAME_VALUE_ERR_INDEX_SHIFT 0
364 #define GET_CERT_ALT_NAME_ENTRY_ERR_INDEX(x) \
365  (((x) >> CERT_ALT_NAME_ENTRY_ERR_INDEX_SHIFT) & \
366  CERT_ALT_NAME_ENTRY_ERR_INDEX_MASK)
367 #define GET_CERT_ALT_NAME_VALUE_ERR_INDEX(x) \
368  ((x) & CERT_ALT_NAME_VALUE_ERR_INDEX_MASK)
369 
375  CERT_NAME_BLOB *rgSubtreesConstraint;
377 
378 #define CERT_CA_SUBJECT_FLAG 0x80
379 #define CERT_END_ENTITY_SUBJECT_FLAG 0x40
380 
386 
389  CRYPT_OBJID_BLOB Qualifier;
391 
392 typedef struct _CERT_POLICY_INFO {
397 
398 typedef struct _CERT_POLICIES_INFO {
402 
409 
414 
415 typedef struct _CPS_URLS {
418  CRYPT_DATA_BLOB *pDigest;
419 } CPS_URLS, *PCPS_URLS;
420 
428 
429 typedef struct _CERT_POLICY_MAPPING {
433 
436  PCERT_POLICY_MAPPING rgPolicyMapping;
438 
445 
449  PCRYPT_DER_BLOB rgValue;
451 
452 typedef struct _CRYPT_CONTENT_INFO {
454  CRYPT_DER_BLOB Content;
456 
457 typedef struct _CRYPT_SEQUENCE_OF_ANY {
459  PCRYPT_DER_BLOB rgValue;
461 
463  CRYPT_DATA_BLOB KeyId;
467 
468 typedef struct _CERT_ACCESS_DESCRIPTION {
472 
475  PCERT_ACCESS_DESCRIPTION rgAccDescr;
477 
478 typedef struct _CERT_CONTEXT {
482  PCERT_INFO pCertInfo;
483  HCERTSTORE hCertStore;
486 
487 typedef struct _CRL_ENTRY {
491  PCERT_EXTENSION rgExtension;
493 
494 typedef struct _CRL_INFO {
497  CERT_NAME_BLOB Issuer;
501  PCRL_ENTRY rgCRLEntry;
503  PCERT_EXTENSION rgExtension;
504 } CRL_INFO, *PCRL_INFO;
505 
506 typedef struct _CRL_DIST_POINT_NAME {
508  union {
510  } DUMMYUNIONNAME;
512 
513 #define CRL_DIST_POINT_NO_NAME 0
514 #define CRL_DIST_POINT_FULL_NAME 1
515 #define CRL_DIST_POINT_ISSUER_RDN_NAME 2
516 
517 typedef struct _CRL_DIST_POINT {
522 
523 #define CRL_REASON_UNUSED_FLAG 0x80
524 #define CRL_REASON_KEY_COMPROMISE_FLAG 0x40
525 #define CRL_REASON_CA_COMPROMISE_FLAG 0x20
526 #define CRL_REASON_AFFILIATION_CHANGED_FLAG 0x10
527 #define CRL_REASON_SUPERSEDED_FLAG 0x08
528 #define CRL_REASON_CESSATION_OF_OPERATION_FLAG 0x04
529 #define CRL_REASON_CERTIFICATE_HOLD_FLAG 0x02
530 
531 typedef struct _CRL_DIST_POINTS_INFO {
533  PCRL_DIST_POINT rgDistPoint;
535 
536 #define CRL_DIST_POINT_ERR_INDEX_MASK 0x7f
537 #define CRL_DIST_POINT_ERR_INDEX_SHIFT 24
538 #define GET_CRL_DIST_POINT_ERR_INDEX(x) \
539  (((x) >> CRL_DIST_POINT_ERR_INDEX_SHIFT) & CRL_DIST_POINT_ERR_INDEX_MASK)
540 
541 #define CRL_DIST_POINT_ERR_CRL_ISSUER_BIT 0x80000000L
542 #define IS_CRL_DIST_POINT_ERR_CRL_ISSUER(x) \
543  ((x) & CRL_DIST_POINT_ERR_CRL_ISSUER_BIT)
544 
548  PCERT_ALT_NAME_INFO rgDistPoint;
550 
551 #define CROSS_CERT_DIST_POINT_ERR_INDEX_MASK 0xff
552 #define CROSS_CERT_DIST_POINT_ERR_INDEX_SHIFT 24
553 #define GET_CROSS_CERT_DIST_POINT_ERR_INDEX(x) \
554  (((x) >> CROSS_CERT_DIST_POINT_ERR_INDEX_SHIFT) & \
555  CROSS_CERT_DIST_POINT_ERR_INDEX_MASK)
556 
557 typedef struct _CERT_PAIR {
558  CERT_BLOB Forward;
559  CERT_BLOB Reverse;
561 
562 typedef struct _CRL_ISSUING_DIST_POINT {
569 
570 typedef struct _CERT_GENERAL_SUBTREE {
576 
579  PCERT_GENERAL_SUBTREE rgPermittedSubtree;
581  PCERT_GENERAL_SUBTREE rgExcludedSubtree;
583 
584 #define CERT_EXCLUDED_SUBTREE_BIT 0x80000000L
585 #define IS_CERT_EXCLUDED_SUBTREE(x) ((x) & CERT_EXCLUDED_SUBTREE_BIT)
586 
587 typedef struct _CRYPT_ATTRIBUTE {
590  PCRYPT_DATA_BLOB rgValue;
592 
593 typedef struct _CRYPT_ATTRIBUTES {
595  PCRYPT_ATTRIBUTE rgAttr;
597 
598 typedef struct _CERT_REQUEST_INFO {
600  CERT_NAME_BLOB Subject;
603  PCRYPT_ATTRIBUTE rgAttribute;
605 
611 
613  CRYPT_DER_BLOB ToBeSigned;
617 
618 typedef struct _CRL_CONTEXT {
622  PCRL_INFO pCrlInfo;
623  HCERTSTORE hCertStore;
625 typedef const CRL_CONTEXT *PCCRL_CONTEXT;
626 
627 #define SORTED_CTL_EXT_FLAGS_OFFSET (0*4)
628 #define SORTED_CTL_EXT_COUNT_OFFSET (1*4)
629 #define SORTED_CTL_EXT_MAX_COLLISION_OFFSET (2*4)
630 #define SORTED_CTL_EXT_HASH_BUCKET_OFFSET (3*4)
631 
632 #define SORTED_CTL_EXT_HASHED_SUBJECT_IDENTIFIER_FLAG 0x1
633 
634 typedef struct _CERT_DSS_PARAMETERS {
635  CRYPT_UINT_BLOB p;
636  CRYPT_UINT_BLOB q;
637  CRYPT_UINT_BLOB g;
639 
640 #define CERT_DSS_R_LEN 20
641 #define CERT_DSS_S_LEN 20
642 #define CERT_DSS_SIGNATURE_LEN (CERT_DSS_R_LEN + CERT_DSS_S_LEN)
643 
644 #define CERT_MAX_ENCODED_DSS_SIGNATURE_LEN (2 + 2*(2 + 20 +1))
645 
646 typedef struct _CERT_DH_PARAMETERS {
647  CRYPT_UINT_BLOB p;
648  CRYPT_UINT_BLOB g;
650 
655 
656 typedef struct _CERT_X942_DH_PARAMETERS {
657  CRYPT_UINT_BLOB p;
658  CRYPT_UINT_BLOB g;
659  CRYPT_UINT_BLOB q;
660  CRYPT_UINT_BLOB j;
661  PCERT_X942_DH_VALIDATION_PARAMS pValidationParams;
663 
664 #define CRYPT_X942_COUNTER_BYTE_LENGTH 4
665 #define CRYPT_X942_KEY_LENGTH_BYTE_LENGTH 4
666 #define CRYPT_X942_PUB_INFO_BYTE_LENGTH (512/8)
667 
668 typedef struct _CRYPT_X942_OTHER_INFO {
672  CRYPT_DATA_BLOB PubInfo;
674 
678  BYTE rgbIV[4];
680 
681 #define CRYPT_RC2_40BIT_VERSION 160
682 #define CRYPT_RC2_56BIT_VERSION 52
683 #define CRYPT_RC2_64BIT_VERSION 120
684 #define CRYPT_RC2_128BIT_VERSION 58
685 
686 typedef struct _CRYPT_SMIME_CAPABILITY {
688  CRYPT_OBJID_BLOB Parameters;
690 
693  PCRYPT_SMIME_CAPABILITY rgCapability;
695 
696 typedef struct _VTableProvStruc {
698 #ifdef WINE_STRICT_PROTOTYPES
699  BOOL (WINAPI *FuncVerifyImage)(LPCSTR,BYTE*);
700  void (WINAPI *FuncReturnhWnd)(HWND*);
701 #else
704 #endif
710 
711 typedef struct _CERT_PRIVATE_KEY_INFO {
714  CRYPT_DER_BLOB PrivateKey;
715  PCRYPT_ATTRIBUTES pAttributes;
717 
718 typedef struct _CTL_USAGE {
722 
723 typedef struct _CTL_ENTRY {
724  CRYPT_DATA_BLOB SubjectIdentifier;
726  PCRYPT_ATTRIBUTE rgAttribute;
728 
729 typedef struct _CTL_INFO {
732  CRYPT_DATA_BLOB ListIdentifier;
738  PCTL_ENTRY rgCTLEntry;
740  PCERT_EXTENSION rgExtension;
741 } CTL_INFO, *PCTL_INFO;
742 
743 typedef struct _CTL_CONTEXT {
747  PCTL_INFO pCtlInfo;
748  HCERTSTORE hCertStore;
749  HCRYPTMSG hCryptMsg;
753 typedef const CTL_CONTEXT *PCCTL_CONTEXT;
754 
758  CRYPT_OBJID_BLOB Content;
760  PCRYPT_ATTRIBUTE rgAttribute;
762 
767 
768 typedef struct _CMSG_SIGNER_INFO {
770  CERT_NAME_BLOB Issuer;
774  CRYPT_DATA_BLOB EncryptedHash;
778 
779 #define CMSG_VERIFY_SIGNER_PUBKEY 1
780 #define CMSG_VERIFY_SIGNER_CERT 2
781 #define CMSG_VERIFY_SIGNER_CHAIN 3
782 #define CMSG_VERIFY_SIGNER_NULL 4
783 
786  PCCRL_CONTEXT pBaseCrlContext;
787  PCCRL_CONTEXT pDeltaCrlContext;
788  PCRL_ENTRY pCrlEntry;
791 
792 typedef struct _CERT_REVOCATION_INFO {
799  PCERT_REVOCATION_CRL_INFO pCrlInfo;
801 
802 typedef struct _CERT_REVOCATION_PARA {
804  PCCERT_CONTEXT pIssuerCert;
806  HCERTSTORE *rgCertStore;
807  HCERTSTORE hCrlStore;
809 #ifdef CERT_REVOCATION_PARA_HAS_EXTRA_FIELDS
810  DWORD dwUrlRetrievalTimeout;
811  BOOL fCheckFreshnessTime;
812  DWORD dwFreshnessTime;
813  LPFILETIME pftCurrentTime;
814  PCERT_REVOCATION_CRL_INFO pCrlInfo;
815 #endif
817 
818 #define CERT_CONTEXT_REVOCATION_TYPE 1
819 #define CERT_VERIFY_REV_CHAIN_FLAG 0x00000001
820 #define CERT_VERIFY_CACHE_ONLY_BASED_REVOCATION 0x00000002
821 #define CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG 0x00000004
822 
823 typedef struct _CTL_VERIFY_USAGE_PARA {
825  CRYPT_DATA_BLOB ListIdentifier;
827  HCERTSTORE *rghCtlStore;
829  HCERTSTORE *rghSignerStore;
831 
832 typedef struct _CTL_VERIFY_USAGE_STATUS {
836  PCCTL_CONTEXT *ppCtl;
838  PCCERT_CONTEXT *ppSigner;
841 
842 #define CERT_VERIFY_INHIBIT_CTL_UPDATE_FLAG 0x1
843 #define CERT_VERIFY_TRUSTED_SIGNERS_FLAG 0x2
844 #define CERT_VERIFY_NO_TIME_CHECK_FLAG 0x4
845 #define CERT_VERIFY_ALLOW_MORE_USAGE_FLAG 0x8
846 #define CERT_VERIFY_UPDATED_CTL_FLAG 0x1
847 
848 typedef struct _CERT_CHAIN {
850  PCERT_BLOB certs;
853 
854 typedef struct _CERT_REVOCATION_STATUS {
862 
863 typedef struct _CERT_TRUST_LIST_INFO {
865  PCTL_ENTRY pCtlEntry;
866  PCCTL_CONTEXT pCtlContext;
868 
869 #define CERT_TRUST_NO_ERROR 0x00000000
870 #define CERT_TRUST_IS_NOT_TIME_VALID 0x00000001
871 #define CERT_TRUST_IS_NOT_TIME_NESTED 0x00000002
872 #define CERT_TRUST_IS_REVOKED 0x00000004
873 #define CERT_TRUST_IS_NOT_SIGNATURE_VALID 0x00000008
874 #define CERT_TRUST_IS_NOT_VALID_FOR_USAGE 0x00000010
875 #define CERT_TRUST_IS_UNTRUSTED_ROOT 0x00000020
876 #define CERT_TRUST_REVOCATION_STATUS_UNKNOWN 0x00000040
877 #define CERT_TRUST_IS_CYCLIC 0x00000080
878 #define CERT_TRUST_INVALID_EXTENSION 0x00000100
879 #define CERT_TRUST_INVALID_POLICY_CONSTRAINTS 0x00000200
880 #define CERT_TRUST_INVALID_BASIC_CONSTRAINTS 0x00000400
881 #define CERT_TRUST_INVALID_NAME_CONSTRAINTS 0x00000800
882 #define CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT 0x00001000
883 #define CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT 0x00002000
884 #define CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT 0x00004000
885 #define CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT 0x00008000
886 #define CERT_TRUST_IS_OFFLINE_REVOCATION 0x01000000
887 #define CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY 0x02000000
888 #define CERT_TRUST_IS_EXPLICIT_DISTRUST 0x04000000
889 #define CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT 0x08000000
890 
891 #define CERT_TRUST_IS_PARTIAL_CHAIN 0x00010000
892 #define CERT_TRUST_CTL_IS_NOT_TIME_VALID 0x00020000
893 #define CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID 0x00040000
894 #define CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE 0x00080000
895 
896 #define CERT_TRUST_HAS_EXACT_MATCH_ISSUER 0x00000001
897 #define CERT_TRUST_HAS_KEY_MATCH_ISSUER 0x00000002
898 #define CERT_TRUST_HAS_NAME_MATCH_ISSUER 0x00000004
899 #define CERT_TRUST_IS_SELF_SIGNED 0x00000008
900 
901 #define CERT_TRUST_HAS_PREFERRED_ISSUER 0x00000100
902 #define CERT_TRUST_HAS_ISSUANCE_CHAIN_POLICY 0x00000200
903 #define CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS 0x00000400
904 #define CERT_TRUST_IS_PEER_TRUSTED 0x00000800
905 #define CERT_TRUST_HAS_CRL_VALIDITY_EXTENDED 0x00001000
906 
907 #define CERT_TRUST_IS_COMPLEX_CHAIN 0x00010000
908 
909 typedef struct _CERT_TRUST_STATUS {
913 
914 typedef struct _CERT_CHAIN_ELEMENT {
916  PCCERT_CONTEXT pCertContext;
918  PCERT_REVOCATION_INFO pRevocationInfo;
919  PCERT_ENHKEY_USAGE pIssuanceUsage;
920  PCERT_ENHKEY_USAGE pApplicationUsage;
923 
924 typedef struct _CERT_SIMPLE_CHAIN {
928  PCERT_CHAIN_ELEMENT *rgpElement;
929  PCERT_TRUST_LIST_INFO pTrustListInfo;
933 
936 
941  PCERT_SIMPLE_CHAIN *rgpChain;
943  PCCERT_CHAIN_CONTEXT *rgpLowerQualityChainContext;
946 };
947 
948 typedef struct _CERT_CHAIN_POLICY_PARA {
953 
961 
962 #define CERT_CHAIN_POLICY_BASE ((LPCSTR)1)
963 #define CERT_CHAIN_POLICY_AUTHENTICODE ((LPCSTR)2)
964 #define CERT_CHAIN_POLICY_AUTHENTICODE_TS ((LPCSTR)3)
965 #define CERT_CHAIN_POLICY_SSL ((LPCSTR)4)
966 #define CERT_CHAIN_POLICY_BASIC_CONSTRAINTS ((LPCSTR)5)
967 #define CERT_CHAIN_POLICY_NT_AUTH ((LPCSTR)6)
968 #define CERT_CHAIN_POLICY_MICROSOFT_ROOT ((LPCSTR)7)
969 
970 #define CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG 0x00000001
971 #define CERT_CHAIN_POLICY_IGNORE_CTL_NOT_TIME_VALID_FLAG 0x00000002
972 #define CERT_CHAIN_POLICY_IGNORE_NOT_TIME_NESTED_FLAG 0x00000004
973 #define CERT_CHAIN_POLICY_IGNORE_INVALID_BASIC_CONSTRAINTS_FLAG 0x00000008
974 
975 #define CERT_CHAIN_POLICY_IGNORE_ALL_NOT_TIME_VALID_FLAGS ( \
976  CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG \
977  CERT_CHAIN_POLICY_IGNORE_CTL_NOT_TIME_VALID_FLAG \
978  CERT_CHAIN_POLICY_IGNORE_NOT_TIME_NESTED_FLAG )
979 
980 #define CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG 0x00000010
981 #define CERT_CHAIN_POLICY_IGNORE_WRONG_USAGE_FLAG 0x00000020
982 #define CERT_CHAIN_POLICY_IGNORE_INVALID_NAME_FLAG 0x00000040
983 #define CERT_CHAIN_POLICY_IGNORE_INVALID_POLICY_FLAG 0x00000080
984 
985 #define CERT_CHAIN_POLICY_IGNORE_END_REV_UNKNOWN_FLAG 0x00000100
986 #define CERT_CHAIN_POLICY_IGNORE_CTL_SIGNER_REV_UNKNOWN_FLAG 0x00000200
987 #define CERT_CHAIN_POLICY_IGNORE_CA_REV_UNKNOWN_FLAG 0x00000400
988 #define CERT_CHAIN_POLICY_IGNORE_ROOT_REV_UNKNOWN_FLAG 0x00000800
989 
990 #define CERT_CHAIN_POLICY_IGNORE_ALL_REV_UNKNOWN_FLAGS ( \
991  CERT_CHAIN_POLICY_IGNORE_END_REV_UNKNOWN_FLAG \
992  CERT_CHAIN_POLICY_IGNORE_CTL_SIGNER_REV_UNKNOWN_FLAG \
993  CERT_CHAIN_POLICY_IGNORE_CA_REV_UNKNOWN_FLAG \
994  CERT_CHAIN_POLICY_IGNORE_ROOT_REV_UNKNOWN_FLAG )
995 
996 #define CERT_CHAIN_POLICY_IGNORE_PEER_TRUST_FLAG 0x00001000
997 #define CERT_CHAIN_POLICY_IGNORE_NOT_SUPPORTED_CRITICAL_EXT_FLAG 0x00002000
998 #define CERT_CHAIN_POLICY_TRUST_TESTROOT_FLAG 0x00004000
999 #define CERT_CHAIN_POLICY_ALLOW_TESTROOT_FLAG 0x00008000
1000 #define MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG 0x00010000
1001 
1005  PCMSG_SIGNER_INFO pSignerInfo;
1008 
1014 
1021 
1023  union {
1026  } DUMMYUNIONNAME;
1032 
1033 /* Values for HTTPSPolicyCallbackData's dwAuthType */
1034 #define AUTHTYPE_CLIENT 1
1035 #define AUTHTYPE_SERVER 2
1036 /* Values for HTTPSPolicyCallbackData's fdwChecks are defined in wininet.h */
1037 
1038 #define BASIC_CONSTRAINTS_CERT_CHAIN_POLICY_CA_FLAG 0x80000000
1039 #define BASIC_CONSTRAINTS_CERT_CHAIN_POLICY_END_ENTITY_FLAG 0x40000000
1040 
1041 #define MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG 0x00010000
1042 
1043 #define USAGE_MATCH_TYPE_AND 0x00000000
1044 #define USAGE_MATCH_TYPE_OR 0x00000001
1045 
1046 typedef struct _CERT_USAGE_MATCH {
1048  CERT_ENHKEY_USAGE Usage;
1050 
1051 typedef struct _CTL_USAGE_MATCH {
1055 
1056 #define CERT_CHAIN_REVOCATION_CHECK_END_CERT 0x10000000
1057 #define CERT_CHAIN_REVOCATION_CHECK_CHAIN 0x20000000
1058 #define CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT 0x40000000
1059 #define CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY 0x80000000
1060 
1061 #define CERT_CHAIN_REVOCATION_ACCUMULATIVE_TIMEOUT 0x08000000
1062 
1063 #define CERT_CHAIN_DISABLE_PASS1_QUALITY_FILTERING 0x00000040
1064 #define CERT_CHAIN_RETURN_LOWER_QUALITY_CONTEXTS 0x00000080
1065 #define CERT_CHAIN_DISABLE_AUTH_ROOT_AUTO_UPDATE 0x00000100
1066 #define CERT_CHAIN_TIMESTAMP_TIME 0x00000200
1067 
1068 typedef struct _CERT_CHAIN_PARA {
1071 #ifdef CERT_CHAIN_PARA_HAS_EXTRA_FIELDS
1072  CERT_USAGE_MATCH RequestedIssuancePolicy;
1073  DWORD dwUrlRetrievalTimeout;
1074  BOOL fCheckRevocationFreshnessTime;
1075  DWORD dwRevocationFreshnessTime;
1076  LPFILETIME pftCacheResync;
1077 #endif
1079 
1080 typedef struct _CERT_SYSTEM_STORE_INFO {
1083 
1089  CRYPT_DATA_BLOB OpenParameters;
1093 
1095  union {
1098  } DUMMYUNIONNAME;
1099  union {
1103  } DUMMYUNIONNAME2;
1105 
1106 typedef BOOL
1108  _In_ LPCWSTR pwszStoreLocation,
1109  _In_ DWORD dwFlags,
1110  _Reserved_ void *pvReserved,
1111  _Inout_opt_ void *pvArg);
1112 
1113 typedef BOOL
1115  _In_ const void *pvSystemStore,
1116  _In_ DWORD dwFlags,
1117  _In_ PCERT_SYSTEM_STORE_INFO pStoreInfo,
1118  _Reserved_ void *pvReserved,
1119  _Inout_opt_ void *pvArg);
1120 
1121 typedef BOOL
1123  _In_ const void *pvSystemStore,
1124  _In_ DWORD dwFlags,
1125  _In_ LPCWSTR pwszStoreName,
1126  _In_ PCERT_PHYSICAL_STORE_INFO pStoreInfo,
1127  _Reserved_ void *pvReserved,
1128  _Inout_opt_ void *pvArg);
1129 
1130 /* Encode/decode object */
1131 typedef LPVOID (__WINE_ALLOC_SIZE(1) WINAPI *PFN_CRYPT_ALLOC)(_In_ size_t cbsize);
1133 
1134 typedef struct _CRYPT_ENCODE_PARA {
1136  PFN_CRYPT_ALLOC pfnAlloc;
1139 
1140 typedef struct _CRYPT_DECODE_PARA {
1142  PFN_CRYPT_ALLOC pfnAlloc;
1145 
1146 typedef struct _CERT_STORE_PROV_INFO {
1150  HCERTSTOREPROV hStoreProv;
1152  HCRYPTOIDFUNCADDR hStoreProvFuncAddr2;
1154 
1155 typedef BOOL
1157  _In_ LPCSTR lpszStoreProvider,
1159  _In_opt_ HCRYPTPROV_LEGACY hCryptProv,
1160  _In_ DWORD dwFlags,
1161  _In_opt_ const void *pvPara,
1162  _In_ HCERTSTORE hCertStore,
1163  _Inout_ PCERT_STORE_PROV_INFO pStoreProvInfo);
1164 
1165 typedef void
1167  _Inout_opt_ HCERTSTOREPROV hStoreProv,
1168  _In_ DWORD dwFlags);
1169 
1170 typedef
1171 _Success_(return != 0)
1172 BOOL
1173 (WINAPI *PFN_CERT_STORE_PROV_READ_CERT)(
1174  _Inout_ HCERTSTOREPROV hStoreProv,
1175  _In_ PCCERT_CONTEXT pStoreCertContext,
1176  _In_ DWORD dwFlags,
1177  _Outptr_ PCCERT_CONTEXT *ppProvCertContext);
1178 
1179 typedef BOOL
1181  _Inout_ HCERTSTOREPROV hStoreProv,
1182  _In_ PCCERT_CONTEXT pCertContext,
1183  _In_ DWORD dwFlags);
1184 
1185 typedef BOOL
1187  _Inout_ HCERTSTOREPROV hStoreProv,
1188  _In_ PCCERT_CONTEXT pCertContext,
1189  _In_ DWORD dwFlags);
1190 
1191 typedef BOOL
1193  _Inout_ HCERTSTOREPROV hStoreProv,
1194  _In_ PCCERT_CONTEXT pCertContext,
1196  _In_ DWORD dwFlags,
1197  _In_opt_ const void *pvData);
1198 
1199 typedef
1200 _Success_(return != 0)
1201 BOOL
1202 (WINAPI *PFN_CERT_STORE_PROV_READ_CRL)(
1203  _Inout_ HCERTSTOREPROV hStoreProv,
1204  _In_ PCCRL_CONTEXT pStoreCrlContext,
1205  _In_ DWORD dwFlags,
1206  _Outptr_ PCCRL_CONTEXT *ppProvCrlContext);
1207 
1208 typedef BOOL
1210  _Inout_ HCERTSTOREPROV hStoreProv,
1211  _In_ PCCRL_CONTEXT pCrlContext,
1212  _In_ DWORD dwFlags);
1213 
1214 typedef BOOL
1216  _Inout_ HCERTSTOREPROV hStoreProv,
1217  _In_ PCCRL_CONTEXT pCrlContext,
1218  _In_ DWORD dwFlags);
1219 
1220 typedef BOOL
1222  _Inout_ HCERTSTOREPROV hStoreProv,
1223  _In_ PCCRL_CONTEXT pCrlContext,
1224  _In_ DWORD dwPropId,
1225  _In_ DWORD dwFlags,
1226  _In_opt_ const void *pvData);
1227 
1228 typedef
1229 _Success_(return != 0)
1230 BOOL
1231 (WINAPI *PFN_CERT_STORE_PROV_READ_CTL)(
1232  _Inout_ HCERTSTOREPROV hStoreProv,
1233  _In_ PCCTL_CONTEXT pStoreCtlContext,
1234  _In_ DWORD dwFlags,
1235  _Outptr_ PCCTL_CONTEXT *ppProvCtlContext);
1236 
1237 typedef BOOL
1239  _Inout_ HCERTSTOREPROV hStoreProv,
1240  _In_ PCCTL_CONTEXT pCtlContext,
1241  _In_ DWORD dwFlags);
1242 
1243 typedef BOOL
1245  _Inout_ HCERTSTOREPROV hStoreProv,
1246  _In_ PCCTL_CONTEXT pCtlContext,
1247  _In_ DWORD dwFlags);
1248 
1249 typedef BOOL
1251  _Inout_ HCERTSTOREPROV hStoreProv,
1252  _In_ PCCTL_CONTEXT pCtlContext,
1253  _In_ DWORD dwPropId,
1254  _In_ DWORD dwFlags,
1255  _In_opt_ const void *pvData);
1256 
1257 typedef BOOL
1259  _Inout_ HCERTSTOREPROV hStoreProv,
1260  _In_ DWORD dwFlags,
1261  _In_ DWORD dwCtrlType,
1262  _In_opt_ void const *pvCtrlPara);
1263 
1269  const void *pvFindPara;
1273 
1274 typedef
1275 _Success_(return != 0)
1276 BOOL
1277 (WINAPI *PFN_CERT_STORE_PROV_FIND_CERT)(
1278  _Inout_ HCERTSTOREPROV hStoreProv,
1279  _In_ PCCERT_STORE_PROV_FIND_INFO pFindInfo,
1280  _In_ PCCERT_CONTEXT pPrevCertContext,
1281  _In_ DWORD dwFlags,
1283  _Outptr_ PCCERT_CONTEXT *ppProvCertContext);
1284 
1285 typedef BOOL
1287  _Inout_ HCERTSTOREPROV hStoreProv,
1288  _In_ PCCERT_CONTEXT pCertContext,
1289  _In_ void *pvStoreProvFindInfo,
1290  _In_ DWORD dwFlags);
1291 
1292 typedef BOOL
1294  _Inout_ HCERTSTOREPROV hStoreProv,
1295  _In_ PCCERT_CONTEXT pCertContext,
1297  _In_ DWORD dwFlags,
1298  _Out_writes_bytes_to_opt_(*pcbData, *pcbData) void *pvData,
1299  _Inout_ DWORD *pcbData);
1300 
1301 typedef
1302 _Success_(return != 0)
1303 BOOL
1304 (WINAPI *PFN_CERT_STORE_PROV_FIND_CRL)(
1305  _Inout_ HCERTSTOREPROV hStoreProv,
1306  _In_ PCCERT_STORE_PROV_FIND_INFO pFindInfo,
1307  _In_ PCCRL_CONTEXT pPrevCrlContext,
1308  _In_ DWORD dwFlags,
1309  _Inout_ void **ppvStoreProvFindInfo,
1310  _Outptr_ PCCRL_CONTEXT *ppProvCrlContext);
1311 
1312 typedef BOOL
1314  _Inout_ HCERTSTOREPROV hStoreProv,
1315  _In_ PCCRL_CONTEXT pCrlContext,
1316  _In_ void *pvStoreProvFindInfo,
1317  _In_ DWORD dwFlags);
1318 
1319 typedef BOOL
1321  _Inout_ HCERTSTOREPROV hStoreProv,
1322  _In_ PCCRL_CONTEXT pCrlContext,
1323  _In_ DWORD dwPropId,
1324  _In_ DWORD dwFlags,
1325  _Out_writes_bytes_to_opt_(*pcbData, *pcbData) void *pvData,
1326  _Inout_ DWORD *pcbData);
1327 
1328 typedef
1329 _Success_(return != 0)
1330 BOOL
1331 (WINAPI *PFN_CERT_STORE_PROV_FIND_CTL)(
1332  _In_ HCERTSTOREPROV hStoreProv,
1333  _In_ PCCERT_STORE_PROV_FIND_INFO pFindInfo,
1334  _In_ PCCTL_CONTEXT pPrevCtlContext,
1335  _In_ DWORD dwFlags,
1336  _Inout_ void **ppvStoreProvFindInfo,
1337  _Outptr_ PCCTL_CONTEXT *ppProvCtlContext);
1338 
1339 typedef BOOL
1341  _Inout_ HCERTSTOREPROV hStoreProv,
1342  _In_ PCCTL_CONTEXT pCtlContext,
1343  _In_ DWORD dwPropId,
1344  _In_ DWORD dwFlags,
1345  _Out_writes_bytes_to_opt_(*pcbData, *pcbData) void *pvData,
1346  _Inout_ DWORD *pcbData);
1347 
1351  void *pvFree;
1353 
1354 typedef struct _CRYPT_OID_FUNC_ENTRY {
1356  void *pvFuncAddr;
1358 
1359 typedef BOOL
1362  _In_ LPCSTR pszFuncName,
1363  _In_ LPCSTR pszOID,
1364  _In_ DWORD cValue,
1365  _In_reads_(cValue) const DWORD rgdwValueType[],
1366  _In_reads_(cValue) LPCWSTR const rgpwszValueName[],
1367  _In_reads_(cValue) const BYTE * const rgpbValueData[],
1368  _In_reads_(cValue) const DWORD rgcbValueData[],
1369  _Inout_opt_ void *pvArg);
1370 
1371 #define CRYPT_MATCH_ANY_ENCODING_TYPE 0xffffffff
1372 
1373 #define CALG_OID_INFO_CNG_ONLY 0xffffffff
1374 #define CALG_OID_INFO_PARAMETERS 0xfffffffe
1375 
1376 #if defined(__GNUC__)
1377 #define CRYPT_OID_INFO_HASH_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','H','a','s','h','P','a','r','a','m','e','t','e','r','s',0}
1378 #define CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','E','C','C','P','a','r','a','m','e','t','e','r','s',0}
1379 #define CRYPT_OID_INFO_MGF1_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','M','g','f','1','P','a','r','a','m','e','t','e','r','s',0}
1380 #define CRYPT_OID_INFO_NO_SIGN_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','N','o','S','i','g','n',0}
1381 #define CRYPT_OID_INFO_OAEP_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','O','A','E','P','P','a','r','a','m','e','t','e','r','s',0}
1382 #define CRYPT_OID_INFO_ECC_WRAP_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','E','C','C','W','r','a','p','P','a','r','a','m','e','t','e','r','s',0}
1383 #define CRYPT_OID_INFO_NO_PARAMETERS_ALGORITHM (const WCHAR []){'C','r','y','p','t','O','I','D','I','n','f','o','N','o','P','a','r','a','m','e','t','e','r','s',0}
1384 #elif defined(_MSC_VER)
1385 #define CRYPT_OID_INFO_HASH_PARAMETERS_ALGORITHM L"CryptOIDInfoHashParameters"
1386 #define CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM L"CryptOIDInfoECCParameters"
1387 #define CRYPT_OID_INFO_MGF1_PARAMETERS_ALGORITHM L"CryptOIDInfoMgf1Parameters"
1388 #define CRYPT_OID_INFO_NO_SIGN_ALGORITHM L"CryptOIDInfoNoSign"
1389 #define CRYPT_OID_INFO_OAEP_PARAMETERS_ALGORITHM L"CryptOIDInfoOAEPParameters"
1390 #define CRYPT_OID_INFO_ECC_WRAP_PARAMETERS_ALGORITHM L"CryptOIDInfoECCWrapParameters"
1391 #define CRYPT_OID_INFO_NO_PARAMETERS_ALGORITHM L"CryptOIDInfoNoParameters"
1392 #else
1393 static const WCHAR CRYPT_OID_INFO_HASH_PARAMETERS_ALGORITHM[] = {'C','r','y','p','t','O','I','D','I','n','f','o','H','a','s','h','P','a','r','a','m','e','t','e','r','s',0};
1394 static const WCHAR CRYPT_OID_INFO_ECC_PARAMETERS_ALGORITHM[] = {'C','r','y','p','t','O','I','D','I','n','f','o','E','C','C','P','a','r','a','m','e','t','e','r','s',0};
1395 static const WCHAR CRYPT_OID_INFO_MGF1_PARAMETERS_ALGORITHM[] = {'C','r','y','p','t','O','I','D','I','n','f','o','M','g','f','1','P','a','r','a','m','e','t','e','r','s',0};
1396 static const WCHAR CRYPT_OID_INFO_NO_SIGN_ALGORITHM[] = {'C','r','y','p','t','O','I','D','I','n','f','o','N','o','S','i','g','n',0};
1397 static const WCHAR CRYPT_OID_INFO_OAEP_PARAMETERS_ALGORITHM[] = {'C','r','y','p','t','O','I','D','I','n','f','o','O','A','E','P','P','a','r','a','m','e','t','e','r','s',0};
1398 static const WCHAR CRYPT_OID_INFO_ECC_WRAP_PARAMETERS_ALGORITHM[] = {'C','r','y','p','t','O','I','D','I','n','f','o','E','C','C','W','r','a','p','P','a','r','a','m','e','t','e','r','s',0};
1399 static const WCHAR CRYPT_OID_INFO_NO_PARAMETERS_ALGORITHM[] = {'C','r','y','p','t','O','I','D','I','n','f','o','N','o','P','a','r','a','m','e','t','e','r','s',0};
1400 #endif
1401 
1402 typedef struct _CRYPT_OID_INFO {
1407  union {
1409  ALG_ID Algid;
1411  } DUMMYUNIONNAME;
1412  CRYPT_DATA_BLOB ExtraInfo;
1413 #ifdef CRYPT_OID_INFO_HAS_EXTRA_FIELDS
1414  LPCWSTR pwszCNGAlgid;
1415  LPCWSTR pwszCNGExtraAlgid;
1416 #endif
1419 
1420 typedef BOOL
1422  _In_ PCCRYPT_OID_INFO pInfo,
1423  _Inout_opt_ void *pvArg);
1424 
1428  PCCERT_CONTEXT pSigningCert;
1432  PCCERT_CONTEXT *rgpMsgCert;
1434  PCCRL_CONTEXT *rgpMsgCrl;
1436  PCRYPT_ATTRIBUTE rgAuthAttr;
1438  PCRYPT_ATTRIBUTE rgUnauthAttr;
1441 #ifdef CRYPT_SIGN_MESSAGE_PARA_HAS_CMS_FIELDS
1442  CRYPT_ALGORITHM_IDENTIFIER HashEncryptionAlgorithm;
1443  void * pvHashEncryptionAuxInfo;
1444 #endif
1446 
1447 #define CRYPT_MESSAGE_BARE_CONTENT_OUT_FLAG 0x00000001
1448 #define CRYPT_MESSAGE_ENCAPSULATED_CONTENT_OUT_FLAG 0x00000002
1449 #define CRYPT_MESSAGE_KEYID_SIGNER_FLAG 0x00000004
1450 #define CRYPT_MESSAGE_SILENT_KEYSET_FLAG 0x00000008
1451 
1452 typedef PCCERT_CONTEXT
1454  _Inout_opt_ void *pvGetArg,
1456  _In_ PCERT_INFO pSignerId,
1457  _In_ HCERTSTORE hMsgCertStore);
1458 
1462  HCRYPTPROV_LEGACY hCryptProv;
1463  PFN_CRYPT_GET_SIGNER_CERTIFICATE pfnGetSignerCertificate;
1464  void * pvGetArg;
1466 
1470  HCRYPTPROV_LEGACY hCryptProv;
1476 
1477 #define CRYPT_MESSAGE_KEYID_RECIPIENT_FLAG 0x00000004
1478 
1483  HCERTSTORE *rghCertStore;
1484 #ifdef CRYPT_DECRYPT_MESSAGE_PARA_HAS_EXTRA_FIELDS
1485  DWORD dwFlags;
1486 #endif
1488 
1492  HCRYPTPROV_LEGACY hCryptProv;
1496 
1500  HCRYPTPROV hCryptProv;
1505 
1509  HCRYPTPROV_LEGACY hCryptProv;
1511 
1512 typedef struct _CRYPT_URL_ARRAY {
1516 
1517 typedef struct _CRYPT_URL_INFO {
1523 
1524 #define URL_OID_CERTIFICATE_ISSUER ((LPCSTR)1)
1525 #define URL_OID_CERTIFICATE_CRL_DIST_POINT ((LPCSTR)2)
1526 #define URL_OID_CTL_ISSUER ((LPCSTR)3)
1527 #define URL_OID_CTL_NEXT_UPDATE ((LPCSTR)4)
1528 #define URL_OID_CRL_ISSUER ((LPCSTR)5)
1529 #define URL_OID_CERTIFICATE_FRESHEST_CRL ((LPCSTR)6)
1530 #define URL_OID_CRL_FRESHEST_CRL ((LPCSTR)7)
1531 #define URL_OID_CROSS_CERT_DIST_POINT ((LPCSTR)8)
1532 #define URL_OID_CERTIFICATE_OCSP ((LPCSTR)9)
1533 #define URL_OID_CERTIFICATE_OCSP_AND_CRL_DIST_POINT ((LPCSTR)10)
1534 #define URL_OID_CERTIFICATE_CRL_DIST_POINT_AND_OCSP ((LPCSTR)11)
1535 #define URL_OID_CROSS_CERT_SUBJECT_INFO_ACCESS ((LPCSTR)12)
1536 
1537 #define URL_OID_GET_OBJECT_URL_FUNC "UrlDllGetObjectUrl"
1538 
1540 
1541 typedef void
1543  _In_ LPSTR pszParamOid,
1544  _In_ LPVOID pvParam);
1545 
1546 #define CRYPT_PARAM_ASYNC_RETRIEVAL_COMPLETION ((LPCSTR)1)
1547 #define CRYPT_PARAM_CANCEL_ASYNC_RETRIEVAL ((LPCSTR)2)
1548 
1549 typedef void
1551  _Inout_opt_ void *pvCompletion,
1552  _In_ DWORD dwCompletionCode,
1553  _In_ LPCSTR pszURL,
1555  _In_ void *pvObject);
1556 
1558  __callback PFN_CRYPT_ASYNC_RETRIEVAL_COMPLETION_FUNC pfnCompletion;
1561 
1562 typedef BOOL
1564  _In_opt_ HCRYPTASYNC hAsyncRetrieve);
1565 
1566 typedef struct _CRYPT_BLOB_ARRAY
1567 {
1569  PCRYPT_DATA_BLOB rgBlob;
1571 
1572 typedef struct _CRYPT_CREDENTIALS {
1577 
1578 #define CREDENTIAL_OID_PASSWORD_CREDENTIALS_A ((LPCSTR)1)
1579 #define CREDENTIAL_OID_PASSWORD_CREDENTIALS_W ((LPCSTR)2)
1580 #define CREDENTIAL_OID_PASSWORD_CREDENTIALS \
1581  WINELIB_NAME_AW(CREDENTIAL_OID_PASSWORD_CREDENTIALS_)
1582 
1588 
1594 #define CRYPT_PASSWORD_CREDENTIALS WINELIB_NAME_AW(CRYPT_PASSWORD_CREDENTIALS)
1595 #define PCRYPT_PASSWORD_CREDENTIALS WINELIB_NAME_AW(PCRYPT_PASSWORD_CREDENTIALS)
1596 
1602 
1603 typedef void
1606  _Inout_ PCRYPT_BLOB_ARRAY pObject,
1607  _Inout_opt_ void *pvFreeContext);
1608 
1609 #define SCHEME_OID_RETRIEVE_ENCODED_OBJECT_FUNC \
1610  "SchemeDllRetrieveEncodedObject"
1611 #define SCHEME_OID_RETRIEVE_ENCODED_OBJECTW_FUNC \
1612  "SchemeDllRetrieveEncodedObjectW"
1613 /* The signature of SchemeDllRetrieveEncodedObjectW is:
1614 BOOL WINAPI SchemeDllRetrieveEncodedObjectW(LPCWSTR pwszUrl,
1615  LPCSTR pszObjectOid, DWORD dwRetrievalFlags, DWORD dwTimeout,
1616  PCRYPT_BLOB_ARRAY pObject, PFN_FREE_ENCODED_OBJECT_FUNC *ppfnFreeObject,
1617  void **ppvFreeContext, HCRYPTASYNC hAsyncRetrieve,
1618  PCRYPT_CREDENTIALS pCredentials, PCRYPT_RETRIEVE_AUX_INFO pAuxInfo);
1619  */
1620 
1621 #define CONTEXT_OID_CREATE_OBJECT_CONTEXT_FUNC "ContextDllCreateObjectContext"
1622 /* The signature of ContextDllCreateObjectContext is:
1623 BOOL WINAPI ContextDllCreateObjectContext(LPCSTR pszObjectOid,
1624  DWORD dwRetrievalFlags, PCRYPT_BLOB_ARRAY pObject, void **ppvContxt);
1625  */
1626 
1627 #define CONTEXT_OID_CERTIFICATE ((LPCSTR)1)
1628 #define CONTEXT_OID_CRL ((LPCSTR)2)
1629 #define CONTEXT_OID_CTL ((LPCSTR)3)
1630 #define CONTEXT_OID_PKCS7 ((LPCSTR)4)
1631 #define CONTEXT_OID_CAPI2_ANY ((LPCSTR)5)
1632 
1633 #define CRYPT_RETRIEVE_MULTIPLE_OBJECTS 0x00000001
1634 #define CRYPT_CACHE_ONLY_RETRIEVAL 0x00000002
1635 #define CRYPT_WIRE_ONLY_RETRIEVAL 0x00000004
1636 #define CRYPT_DONT_CACHE_RESULT 0x00000008
1637 #define CRYPT_ASYNC_RETRIEVAL 0x00000010
1638 #define CRYPT_STICKY_CACHE_RETRIEVAL 0x00001000
1639 #define CRYPT_LDAP_SCOPE_BASE_ONLY_RETRIEVAL 0x00002000
1640 #define CRYPT_OFFLINE_CHECK_RETRIEVAL 0x00004000
1641 #define CRYPT_LDAP_INSERT_ENTRY_ATTRIBUTE 0x00008000
1642 #define CRYPT_LDAP_SIGN_RETRIEVAL 0x00010000
1643 #define CRYPT_NO_AUTH_RETRIEVAL 0x00020000
1644 #define CRYPT_LDAP_AREC_EXCLUSIVE_RETRIEVAL 0x00040000
1645 #define CRYPT_AIA_RETRIEVAL 0x00080000
1646 
1647 #define CRYPT_VERIFY_CONTEXT_SIGNATURE 0x00000020
1648 #define CRYPT_VERIFY_DATA_HASH 0x00000040
1649 #define CRYPT_KEEP_TIME_VALID 0x00000080
1650 #define CRYPT_DONT_VERIFY_SIGNATURE 0x00000100
1651 #define CRYPT_DONT_CHECK_TIME_VALIDITY 0x00000200
1652 #define CRYPT_CHECK_FRESHNESS_TIME_VALIDITY 0x00000400
1653 #define CRYPT_ACCUMULATIVE_TIMEOUT 0x00000800
1654 
1655 typedef BOOL
1657  _In_ DWORD dwFlags,
1658  _Inout_opt_ void *pvArg);
1659 
1661 {
1662  PCCERT_CONTEXT pCertContext;
1663  PCCRL_CONTEXT pCrlContext;
1666 
1667 #define TIME_VALID_OID_GET_OBJECT_FUNC "TimeValidDllGetObject"
1668 
1669 #define TIME_VALID_OID_GET_CTL ((LPCSTR)1)
1670 #define TIME_VALID_OID_GET_CRL ((LPCSTR)2)
1671 #define TIME_VALID_OID_GET_CRL_FROM_CERT ((LPCSTR)3)
1672 #define TIME_VALID_OID_GET_FRESHEST_CRL_FROM_CERT ((LPCSTR)4)
1673 #define TIME_VALID_OID_GET_FRESHEST_CRL_FROM_CRL ((LPCSTR)5)
1674 
1675 #define TIME_VALID_OID_FLUSH_OBJECT_FUNC "TimeValidDllFlushObject"
1676 
1677 #define TIME_VALID_OID_FLUSH_CTL ((LPCSTR)1)
1678 #define TIME_VALID_OID_FLUSH_CRL ((LPCSTR)2)
1679 #define TIME_VALID_OID_FLUSH_CRL_FROM_CERT ((LPCSTR)3)
1680 #define TIME_VALID_OID_FLUSH_FRESHEST_CRL_FROM_CERT ((LPCSTR)4)
1681 #define TIME_VALID_OID_FLUSH_FRESHEST_CRL_FROM_CRL ((LPCSTR)5)
1682 
1683 /* OID group IDs */
1684 #define CRYPT_HASH_ALG_OID_GROUP_ID 1
1685 #define CRYPT_ENCRYPT_ALG_OID_GROUP_ID 2
1686 #define CRYPT_PUBKEY_ALG_OID_GROUP_ID 3
1687 #define CRYPT_SIGN_ALG_OID_GROUP_ID 4
1688 #define CRYPT_RDN_ATTR_OID_GROUP_ID 5
1689 #define CRYPT_EXT_OR_ATTR_OID_GROUP_ID 6
1690 #define CRYPT_ENHKEY_USAGE_OID_GROUP_ID 7
1691 #define CRYPT_POLICY_OID_GROUP_ID 8
1692 #define CRYPT_TEMPLATE_OID_GROUP_ID 9
1693 #define CRYPT_LAST_OID_GROUP_ID 9
1694 
1695 #define CRYPT_FIRST_ALG_OID_GROUP_ID CRYPT_HASH_ALG_OID_GROUP_ID
1696 #define CRYPT_LAST_ALG_OID_GROUP_ID CRYPT_SIGN_ALG_OID_GROUP_ID
1697 
1698 #define CRYPT_OID_INHIBIT_SIGNATURE_FORMAT_FLAG 0x1
1699 #define CRYPT_OID_USE_PUBKEY_PARA_FOR_PKCS7_FLAG 0x2
1700 #define CRYPT_OID_NO_NULL_ALGORITHM_PARA_FLAG 0x4
1701 
1702 #define CRYPT_OID_INFO_OID_KEY 1
1703 #define CRYPT_OID_INFO_NAME_KEY 2
1704 #define CRYPT_OID_INFO_ALGID_KEY 3
1705 #define CRYPT_OID_INFO_SIGN_KEY 4
1706 
1707 /* Algorithm IDs */
1708 
1709 #define GET_ALG_CLASS(x) (x & (7 << 13))
1710 #define GET_ALG_TYPE(x) (x & (15 << 9))
1711 #define GET_ALG_SID(x) (x & (511))
1712 
1713 /* Algorithm Classes */
1714 #define ALG_CLASS_ANY (0)
1715 #define ALG_CLASS_SIGNATURE (1 << 13)
1716 #define ALG_CLASS_MSG_ENCRYPT (2 << 13)
1717 #define ALG_CLASS_DATA_ENCRYPT (3 << 13)
1718 #define ALG_CLASS_HASH (4 << 13)
1719 #define ALG_CLASS_KEY_EXCHANGE (5 << 13)
1720 #define ALG_CLASS_ALL (7 << 13)
1721 /* Algorithm types */
1722 #define ALG_TYPE_ANY (0)
1723 #define ALG_TYPE_DSS (1 << 9)
1724 #define ALG_TYPE_RSA (2 << 9)
1725 #define ALG_TYPE_BLOCK (3 << 9)
1726 #define ALG_TYPE_STREAM (4 << 9)
1727 #define ALG_TYPE_DH (5 << 9)
1728 #define ALG_TYPE_SECURECHANNEL (6 << 9)
1729 #define ALG_TYPE_DH_EPHEM (7 << 9) /* FIXME: find the real TYPE name */
1730 
1731 /* SIDs */
1732 #define ALG_SID_ANY (0)
1733 /* RSA SIDs */
1734 #define ALG_SID_RSA_ANY 0
1735 #define ALG_SID_RSA_PKCS 1
1736 #define ALG_SID_RSA_MSATWORK 2
1737 #define ALG_SID_RSA_ENTRUST 3
1738 #define ALG_SID_RSA_PGP 4
1739 /* DSS SIDs */
1740 #define ALG_SID_DSS_ANY 0
1741 #define ALG_SID_DSS_PKCS 1
1742 #define ALG_SID_DSS_DMS 2
1743 #define ALG_SID_ECDSA 3
1744 
1745 /* DES SIDs */
1746 #define ALG_SID_DES 1
1747 #define ALG_SID_3DES 3
1748 #define ALG_SID_DESX 4
1749 #define ALG_SID_IDEA 5
1750 #define ALG_SID_CAST 6
1751 #define ALG_SID_SAFERSK64 7
1752 #define ALG_SID_SAFERSK128 8
1753 #define ALG_SID_3DES_112 9
1754 #define ALG_SID_CYLINK_MEK 12
1755 #define ALG_SID_RC5 13
1756 #define ALG_SID_AES_128 14
1757 #define ALG_SID_AES_192 15
1758 #define ALG_SID_AES_256 16
1759 #define ALG_SID_AES 17
1760 /* Fortezza */
1761 #define ALG_SID_SKIPJACK 10
1762 #define ALG_SID_TEK 11
1763 /* Diffie-Hellman SIDs */
1764 #define ALG_SID_DH_SANDF 1
1765 #define ALG_SID_DH_EPHEM 2
1766 #define ALG_SID_AGREED_KEY_ANY 3
1767 #define ALG_SID_KEA 4
1768 #define ALG_SID_ECDH 5
1769 #define ALG_SID_ECDH_EPHEM 6 /* FIXME: find the real SID name */
1770 /* RC2 SIDs */
1771 #define ALG_SID_RC4 1
1772 #define ALG_SID_RC2 2
1773 #define ALG_SID_SEAL 2
1774 /* Hash SIDs */
1775 #define ALG_SID_MD2 1
1776 #define ALG_SID_MD4 2
1777 #define ALG_SID_MD5 3
1778 #define ALG_SID_SHA 4
1779 #define ALG_SID_SHA1 ALG_SID_SHA
1780 #define ALG_SID_MAC 5
1781 #define ALG_SID_RIPEMD 6
1782 #define ALG_SID_RIPEMD160 7
1783 #define ALG_SID_SSL3SHAMD5 8
1784 #define ALG_SID_HMAC 9
1785 #define ALG_SID_TLS1PRF 10
1786 #define ALG_SID_HASH_REPLACE_OWF 11
1787 #define ALG_SID_SHA_256 12
1788 #define ALG_SID_SHA_384 13
1789 #define ALG_SID_SHA_512 14
1790 /* SCHANNEL SIDs */
1791 #define ALG_SID_SSL3_MASTER 1
1792 #define ALG_SID_SCHANNEL_MASTER_HASH 2
1793 #define ALG_SID_SCHANNEL_MAC_KEY 3
1794 #define ALG_SID_PCT1_MASTER 4
1795 #define ALG_SID_SSL2_MASTER 5
1796 #define ALG_SID_TLS1_MASTER 6
1797 #define ALG_SID_SCHANNEL_ENC_KEY 7
1798 #define ALG_SID_EXAMPLE 80
1799 
1800 #define ALG_SID_ECMQV 1
1801 
1802 /* Algorithm Definitions */
1803 #define CALG_MD2 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD2)
1804 #define CALG_MD4 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD4)
1805 #define CALG_MD5 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD5)
1806 #define CALG_SHA (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA)
1807 #define CALG_SHA1 CALG_SHA
1808 #define CALG_MAC (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MAC)
1809 #define CALG_SSL3_SHAMD5 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SSL3SHAMD5)
1810 #define CALG_HMAC (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_HMAC)
1811 #define CALG_TLS1PRF (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_TLS1PRF)
1812 #define CALG_HASH_REPLACE_OWF (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_HASH_REPLACE_OWF)
1813 #define CALG_SHA_256 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_256)
1814 #define CALG_SHA_384 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_384)
1815 #define CALG_SHA_512 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_512)
1816 #define CALG_RSA_SIGN (ALG_CLASS_SIGNATURE | ALG_TYPE_RSA | ALG_SID_RSA_ANY)
1817 #define CALG_DSS_SIGN (ALG_CLASS_SIGNATURE | ALG_TYPE_DSS | ALG_SID_DSS_ANY)
1818 #define CALG_NO_SIGN (ALG_CLASS_SIGNATURE | ALG_TYPE_ANY | ALG_SID_ANY)
1819 #define CALG_DH_SF (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_DH_SANDF)
1820 #define CALG_DH_EPHEM (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_DH_EPHEM)
1821 #define CALG_AGREEDKEY_ANY (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_AGREED_KEY_ANY)
1822 #define CALG_KEA_KEYX (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_KEA)
1823 #define CALG_HUGHES_MD5 (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_ANY | ALG_SID_MD5)
1824 #define CALG_RSA_KEYX (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_RSA | ALG_SID_RSA_ANY)
1825 #define CALG_ECDH (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_ECDH)
1826 #define CALG_ECDH_EPHEM (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH_EPHEM | ALG_SID_ECDH_EPHEM) /* FIXME: find the original TYPE and SID names */
1827 #define CALG_ECMQV (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_ANY | ALG_SID_ECMQV)
1828 #define CALG_DES (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_DES)
1829 #define CALG_RC2 (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_RC2)
1830 #define CALG_3DES (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_3DES)
1831 #define CALG_3DES_112 (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_3DES_112)
1832 #define CALG_DESX (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_DESX)
1833 #define CALG_AES_128 (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_128)
1834 #define CALG_AES_192 (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_192)
1835 #define CALG_AES_256 (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_256)
1836 #define CALG_AES (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES)
1837 #define CALG_RC4 (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | ALG_SID_RC4)
1838 #define CALG_SEAL (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | ALG_SID_SEAL)
1839 #define CALG_RC5 (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | ALG_SID_RC5)
1840 #define CALG_SKIPJACK (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_SKIPJACK)
1841 #define CALG_TEK (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_TEK)
1842 #define CALG_CYLINK_MEK (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_CYLINK_MEK)
1843 #define CALG_SSL3_MASTER (ALG_CLASS_MSG_ENCRYPT | ALG_TYPE_SECURECHANNEL | ALG_SID_SSL3_MASTER)
1844 #define CALG_SCHANNEL_MASTER_HASH (ALG_CLASS_MSG_ENCRYPT | ALG_TYPE_SECURECHANNEL | ALG_SID_SCHANNEL_MASTER_HASH)
1845 #define CALG_SCHANNEL_MAC_KEY (ALG_CLASS_MSG_ENCRYPT | ALG_TYPE_SECURECHANNEL | ALG_SID_SCHANNEL_MAC_KEY)
1846 #define CALG_SCHANNEL_ENC_KEY (ALG_CLASS_MSG_ENCRYPT | ALG_TYPE_SECURECHANNEL | ALG_SID_SCHANNEL_ENC_KEY)
1847 #define CALG_PCT1_MASTER (ALG_CLASS_MSG_ENCRYPT | ALG_TYPE_SECURECHANNEL | ALG_SID_PCT1_MASTER)
1848 #define CALG_SSL2_MASTER (ALG_CLASS_MSG_ENCRYPT | ALG_TYPE_SECURECHANNEL | ALG_SID_SSL2_MASTER)
1849 #define CALG_TLS1_MASTER (ALG_CLASS_MSG_ENCRYPT | ALG_TYPE_SECURECHANNEL | ALG_SID_TLS1_MASTER)
1850 #define CALG_ECDSA (ALG_CLASS_SIGNATURE | ALG_TYPE_DSS | ALG_SID_ECDSA)
1851 /* Protocol Flags */
1852 #define CRYPT_FLAG_PCT1 0x0001
1853 #define CRYPT_FLAG_SSL2 0x0002
1854 #define CRYPT_FLAG_SSL3 0x0004
1855 #define CRYPT_FLAG_TLS1 0x0008
1856 #define CRYPT_FLAG_IPSEC 0x0010
1857 #define CRYPT_FLAG_SIGNING 0x0020
1858 
1859 /* Provider names */
1860 #define MS_DEF_PROV_A "Microsoft Base Cryptographic Provider v1.0"
1861 #if defined(__GNUC__)
1862 # define MS_DEF_PROV_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
1863  'B','a','s','e',' ','C','r','y','p','t','o','g','r','a','p','h','i','c',' ', \
1864  'P','r','o','v','i','d','e','r',' ','v','1','.','0',0 }
1865 #elif defined(_MSC_VER)
1866 # define MS_DEF_PROV_W L"Microsoft Base Cryptographic Provider v1.0"
1867 #else
1868 static const WCHAR MS_DEF_PROV_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
1869  'B','a','s','e',' ','C','r','y','p','t','o','g','r','a','p','h','i','c',' ',
1870  'P','r','o','v','i','d','e','r',' ','v','1','.','0',0 };
1871 #endif
1872 #define MS_DEF_PROV WINELIB_NAME_AW(MS_DEF_PROV_)
1873 
1874 #define MS_ENHANCED_PROV_A "Microsoft Enhanced Cryptographic Provider v1.0"
1875 #if defined(__GNUC__)
1876 # define MS_ENHANCED_PROV_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
1877  'E','n','h','a','n','c','e','d',' ','C','r','y','p','t','o','g','r','a','p','h','i','c',' ', \
1878  'P','r','o','v','i','d','e','r',' ','v','1','.','0',0 }
1879 #elif defined(_MSC_VER)
1880 # define MS_ENHANCED_PROV_W L"Microsoft Enhanced Cryptographic Provider v1.0"
1881 #else
1882 static const WCHAR MS_ENHANCED_PROV_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
1883  'E','n','h','a','n','c','e','d',' ','C','r','y','p','t','o','g','r','a','p','h','i','c',' ',
1884  'P','r','o','v','i','d','e','r',' ','v','1','.','0',0 };
1885 #endif
1886 #define MS_ENHANCED_PROV WINELIB_NAME_AW(MS_ENHANCED_PROV_)
1887 
1888 #define MS_STRONG_PROV_A "Microsoft Strong Cryptographic Provider"
1889 #if defined(__GNUC__)
1890 # define MS_STRONG_PROV_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
1891  'S','t','r','o','n','g',' ','C','r','y','p','t','o','g','r','a','p','h','i','c',' ', \
1892  'P','r','o','v','i','d','e','r',0 }
1893 #elif defined(_MSC_VER)
1894 # define MS_STRONG_PROV_W L"Microsoft Strong Cryptographic Provider"
1895 #else
1896 static const WCHAR MS_STRONG_PROV_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
1897  'S','t','r','o','n','g',' ','C','r','y','p','t','o','g','r','a','p','h','i','c',' ',
1898  'P','r','o','v','i','d','e','r',0 };
1899 #endif
1900 #define MS_STRONG_PROV WINELIB_NAME_AW(MS_STRONG_PROV_)
1901 
1902 #define MS_DEF_RSA_SIG_PROV_A "Microsoft RSA Signature Cryptographic Provider"
1903 #if defined(__GNUC__)
1904 # define MS_DEF_RSA_SIG_PROV_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
1905  'R','S','A',' ','S','i','g','n','a','t','u','r','e',' ', \
1906  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 }
1907 #elif defined(_MSC_VER)
1908 # define MS_DEF_RSA_SIG_PROV_W L"Microsoft RSA Signature Cryptographic Provider"
1909 #else
1910 static const WCHAR MS_DEF_RSA_SIG_PROV_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
1911  'R','S','A',' ','S','i','g','n','a','t','u','r','e',' ',
1912  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 };
1913 #endif
1914 #define MS_DEF_RSA_SIG_PROV WINELIB_NAME_AW(MS_DEF_RSA_SIG_PROV_)
1915 
1916 #define MS_DEF_RSA_SCHANNEL_PROV_A "Microsoft RSA SChannel Cryptographic Provider"
1917 #if defined(__GNUC__)
1918 # define MS_DEF_RSA_SCHANNEL_PROV_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
1919  'R','S','A',' ','S','C','h','a','n','n','e','l',' ', \
1920  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 }
1921 #elif defined(_MSC_VER)
1922 # define MS_DEF_RSA_SCHANNEL_PROV_W L"Microsoft RSA SChannel Cryptographic Provider"
1923 #else
1924 static const WCHAR MS_DEF_RSA_SCHANNEL_PROV_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
1925  'R','S','A',' ','S','C','h','a','n','n','e','l',' ',
1926  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 };
1927 #endif
1928 #define MS_DEF_RSA_SCHANNEL_PROV WINELIB_NAME_AW(MS_DEF_RSA_SCHANNEL_PROV_)
1929 
1930 #define MS_DEF_DSS_PROV_A "Microsoft Base DSS Cryptographic Provider"
1931 #if defined(__GNUC__)
1932 # define MS_DEF_DSS_PROV_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
1933  'B','a','s','e',' ','D','S','S',' ', \
1934  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 }
1935 #elif defined(_MSC_VER)
1936 # define MS_DEF_DSS_PROV_W L"Microsoft Base DSS Cryptographic Provider"
1937 #else
1938 static const WCHAR MS_DEF_DSS_PROV_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
1939  'B','a','s','e',' ','D','S','S',' ',
1940  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 };
1941 #endif
1942 #define MS_DEF_DSS_PROV WINELIB_NAME_AW(MS_DEF_DSS_PROV_)
1943 
1944 #define MS_DEF_DSS_DH_PROV_A "Microsoft Base DSS and Diffie-Hellman Cryptographic Provider"
1945 #if defined(__GNUC__)
1946 # define MS_DEF_DSS_DH_PROV_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
1947  'B','a','s','e',' ','D','S','S',' ','a','n','d',' ', \
1948  'D','i','f','f','i','e','-','H','e','l','l','m','a','n',' ', \
1949  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 }
1950 #elif defined(_MSC_VER)
1951 # define MS_DEF_DSS_DH_PROV_W L"Microsoft Base DSS and Diffie-Hellman Cryptographic Provider"
1952 #else
1953 static const WCHAR MS_DEF_DSS_DH_PROV_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
1954  'B','a','s','e',' ','D','S','S',' ','a','n','d',' ',
1955  'D','i','f','f','i','e','-','H','e','l','l','m','a','n',' ',
1956  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 };
1957 #endif
1958 #define MS_DEF_DSS_DH_PROV WINELIB_NAME_AW(MS_DEF_DSS_DH_PROV_)
1959 
1960 #define MS_ENH_DSS_DH_PROV_A "Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider"
1961 #if defined(__GNUC__)
1962 # define MS_ENH_DSS_DH_PROV_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
1963  'E','n','h','a','n','c','e','d',' ','D','S','S',' ','a','n','d',' ', \
1964  'D','i','f','f','i','e','-','H','e','l','l','m','a','n',' ', \
1965  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 }
1966 #elif defined(_MSC_VER)
1967 # define MS_ENH_DSS_DH_PROV_W L"Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider"
1968 #else
1969 static const WCHAR MS_ENH_DSS_DH_PROV_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
1970  'E','n','h','a','n','c','e','d',' ','D','S','S',' ','a','n','d',' ',
1971  'D','i','f','f','i','e','-','H','e','l','l','m','a','n',' ',
1972  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 };
1973 #endif
1974 #define MS_ENH_DSS_DH_PROV WINELIB_NAME_AW(MS_ENH_DSS_DH_PROV_)
1975 
1976 #define MS_DEF_DH_SCHANNEL_PROV_A "Microsoft DH SChannel Cryptographic Provider"
1977 #if defined(__GNUC__)
1978 # define MS_DEF_DH_SCHANNEL_PROV_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
1979  'D','H',' ','S','C','h','a','n','n','e','l',' ', \
1980  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 }
1981 #elif defined(_MSC_VER)
1982 # define MS_DEF_DH_SCHANNEL_PROV_W L"Microsoft DH SChannel Cryptographic Provider"
1983 #else
1984 static const WCHAR MS_DEF_DH_SCHANNEL_PROV_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
1985  'D','H',' ','S','C','h','a','n','n','e','l',' ',
1986  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 };
1987 #endif
1988 #define MS_DEF_DH_SCHANNEL_PROV WINELIB_NAME_AW(MS_DEF_DH_SCHANNEL_PROV_)
1989 
1990 #define MS_SCARD_PROV_A "Microsoft Base Smart Card Cryptographic Provider"
1991 #if defined(__GNUC__)
1992 # define MS_SCARD_PROV_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
1993  'B','a','s','e',' ','S','m','a','r','t',' ','C','a','r','d',' ', \
1994  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 }
1995 #elif defined(_MSC_VER)
1996 # define MS_SCARD_PROV_W L"Microsoft Base Smart Card Cryptographic Provider"
1997 #else
1998 static const WCHAR MS_SCARD_PROV_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
1999  'B','a','s','e',' ','S','m','a','r','t',' ','C','a','r','d',' ',
2000  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 };
2001 #endif
2002 #define MS_SCARD_PROV WINELIB_NAME_AW(MS_SCARD_PROV_)
2003 
2004 #define MS_ENH_RSA_AES_PROV_A "Microsoft Enhanced RSA and AES Cryptographic Provider"
2005 #if defined(__GNUC__)
2006 # define MS_ENH_RSA_AES_PROV_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
2007  'E','n','h','a','n','c','e','d',' ','R','S','A',' ','a','n','d',' ','A','E','S',' ',\
2008  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 }
2009 #elif defined(_MSC_VER)
2010 # define MS_ENH_RSA_AES_PROV_W L"Microsoft Enhanced RSA and AES Cryptographic Provider"
2011 #else
2012 static const WCHAR MS_ENH_RSA_AES_PROV_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
2013  'E','n','h','a','n','c','e','d',' ','R','S','A',' ','a','n','d',' ','A','E','S',' ',
2014  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',0 };
2015 #endif
2016 #define MS_ENH_RSA_AES_PROV WINELIB_NAME_AW(MS_ENH_RSA_AES_PROV_)
2017 
2018 #define MS_ENH_RSA_AES_PROV_XP_A "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
2019 #if defined(__GNUC__)
2020 # define MS_ENH_RSA_AES_PROV_XP_W (const WCHAR []){ 'M','i','c','r','o','s','o','f','t',' ', \
2021  'E','n','h','a','n','c','e','d',' ','R','S','A',' ','a','n','d',' ','A','E','S',' ',\
2022  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',' ',\
2023  '(','P','r','o','t','o','t','y','p','e',')',0 }
2024 #elif defined(_MSC_VER)
2025 # define MS_ENH_RSA_AES_PROV_XP_W L"Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
2026 #else
2027 static const WCHAR MS_ENH_RSA_AES_PROV_XP_W[] = { 'M','i','c','r','o','s','o','f','t',' ',
2028  'E','n','h','a','n','c','e','d',' ','R','S','A',' ','a','n','d',' ','A','E','S',' ',
2029  'C','r','y','p','t','o','g','r','a','p','h','i','c',' ','P','r','o','v','i','d','e','r',' ',
2030  '(','P','r','o','t','o','t','y','p','e',')',0 };
2031 #endif
2032 #define MS_ENH_RSA_AES_PROV_XP WINELIB_NAME_AW(MS_ENH_RSA_AES_PROV_XP_)
2033 
2034 /* Key Specs*/
2035 #define AT_KEYEXCHANGE 1
2036 #define AT_SIGNATURE 2
2037 
2038 /* Provider Types */
2039 #define PROV_RSA_FULL 1
2040 #define PROV_RSA_SIG 2
2041 #define PROV_DSS 3
2042 #define PROV_FORTEZZA 4
2043 #define PROV_MS_EXCHANGE 5
2044 #define PROV_SSL 6
2045 #define PROV_RSA_SCHANNEL 12
2046 #define PROV_DSS_DH 13
2047 #define PROV_EC_ECDSA_SIG 14
2048 #define PROV_EC_ECNRA_SIG 15
2049 #define PROV_EC_ECDSA_FULL 16
2050 #define PROV_EC_ECNRA_FULL 17
2051 #define PROV_DH_SCHANNEL 18
2052 #define PROV_SPYRUS_LYNKS 20
2053 #define PROV_RNG 21
2054 #define PROV_INTEL_SEC 22
2055 #define PROV_REPLACE_OWF 23
2056 #define PROV_RSA_AES 24
2057 
2058 /* FLAGS Section */
2059 
2060 #define CRYPT_FIRST 1
2061 #define CRYPT_NEXT 2
2062 
2063 #define CRYPT_IMPL_HARDWARE 1
2064 #define CRYPT_IMPL_SOFTWARE 2
2065 #define CRYPT_IMPL_MIXED 3
2066 #define CRYPT_IMPL_UNKNOWN 4
2067 
2068 /* CryptAcquireContext */
2069 #define CRYPT_VERIFYCONTEXT 0xF0000000
2070 #define CRYPT_NEWKEYSET 0x00000008
2071 #define CRYPT_DELETEKEYSET 0x00000010
2072 #define CRYPT_MACHINE_KEYSET 0x00000020
2073 #define CRYPT_SILENT 0x00000040
2074 
2075 /* Crypt{Get|Set}Provider */
2076 #define CRYPT_MACHINE_DEFAULT 0x00000001
2077 #define CRYPT_USER_DEFAULT 0x00000002
2078 #define CRYPT_DELETE_DEFAULT 0x00000004
2079 
2080 /* Crypt{Get/Set}ProvParam */
2081 #define PP_CLIENT_HWND 1
2082 #define PP_ENUMALGS 1
2083 #define PP_ENUMCONTAINERS 2
2084 #define PP_IMPTYPE 3
2085 #define PP_NAME 4
2086 #define PP_VERSION 5
2087 #define PP_CONTAINER 6
2088 #define PP_CHANGE_PASSWORD 7
2089 #define PP_KEYSET_SEC_DESCR 8
2090 #define PP_KEY_TYPE_SUBTYPE 10
2091 #define PP_CONTEXT_INFO 11
2092 #define PP_KEYEXCHANGE_KEYSIZE 12
2093 #define PP_SIGNATURE_KEYSIZE 13
2094 #define PP_KEYEXCHANGE_ALG 14
2095 #define PP_SIGNATURE_ALG 15
2096 #define PP_PROVTYPE 16
2097 #define PP_KEYSTORAGE 17
2098 #define PP_SYM_KEYSIZE 19
2099 #define PP_SESSION_KEYSIZE 20
2100 #define PP_UI_PROMPT 21
2101 #define PP_ENUMALGS_EX 22
2102 #define PP_DELETEKEY 24
2103 #define PP_ENUMMANDROOTS 25
2104 #define PP_ENUMELECTROOTS 26
2105 #define PP_KEYSET_TYPE 27
2106 #define PP_ADMIN_PIN 31
2107 #define PP_KEYEXCHANGE_PIN 32
2108 #define PP_SIGNATURE_PIN 33
2109 #define PP_SIG_KEYSIZE_INC 34
2110 #define PP_KEYX_KEYSIZE_INC 35
2111 #define PP_UNIQUE_CONTAINER 36
2112 #define PP_SGC_INFO 37
2113 #define PP_USE_HARDWARE_RNG 38
2114 #define PP_KEYSPEC 39
2115 #define PP_ENUMEX_SIGNING_PROT 40
2116 #define PP_CRYPT_COUNT_KEY_USE 41
2117 #define PP_USER_CERTSTORE 42
2118 #define PP_SMARTCARD_READER 43
2119 #define PP_SMARTCARD_GUID 45
2120 #define PP_ROOT_CERTSTORE 46
2121 
2122 /* Values returned by CryptGetProvParam of PP_KEYSTORAGE */
2123 #define CRYPT_SEC_DESCR 0x00000001
2124 #define CRYPT_PSTORE 0x00000002
2125 #define CRYPT_UI_PROMPT 0x00000004
2126 
2127 /* Crypt{Get/Set}KeyParam */
2128 #define KP_IV 1
2129 #define KP_SALT 2
2130 #define KP_PADDING 3
2131 #define KP_MODE 4
2132 #define KP_MODE_BITS 5
2133 #define KP_PERMISSIONS 6
2134 #define KP_ALGID 7
2135 #define KP_BLOCKLEN 8
2136 #define KP_KEYLEN 9
2137 #define KP_SALT_EX 10
2138 #define KP_P 11
2139 #define KP_G 12
2140 #define KP_Q 13
2141 #define KP_X 14
2142 #define KP_Y 15
2143 #define KP_RA 16
2144 #define KP_RB 17
2145 #define KP_INFO 18
2146 #define KP_EFFECTIVE_KEYLEN 19
2147 #define KP_SCHANNEL_ALG 20
2148 #define KP_CLIENT_RANDOM 21
2149 #define KP_SERVER_RANDOM 22
2150 #define KP_RP 23
2151 #define KP_PRECOMP_MD5 24
2152 #define KP_PRECOMP_SHA 25
2153 #define KP_CERTIFICATE 26
2154 #define KP_CLEAR_KEY 27
2155 #define KP_PUB_EX_LEN 28
2156 #define KP_PUB_EX_VAL 29
2157 #define KP_KEYVAL 30
2158 #define KP_ADMIN_PIN 31
2159 #define KP_KEYEXCHANGE_PIN 32
2160 #define KP_SIGNATURE_PIN 33
2161 #define KP_PREHASH 34
2162 #define KP_ROUNDS 35
2163 #define KP_OAEP_PARAMS 36
2164 #define KP_CMS_KEY_INFO 37
2165 #define KP_CMS_DH_KEY_INFO 38
2166 #define KP_PUB_PARAMS 39
2167 #define KP_VERIFY_PARAMS 40
2168 #define KP_HIGHEST_VERSION 41
2169 #define KP_GET_USE_COUNT 42
2170 
2171 /* Values for KP_PADDING */
2172 #define PKCS5_PADDING 1
2173 #define RANDOM_PADDING 2
2174 #define ZERO_PADDING 3
2175 
2176 /* CryptSignHash/CryptVerifySignature */
2177 #define CRYPT_NOHASHOID 0x00000001
2178 #define CRYPT_TYPE2_FORMAT 0x00000002
2179 #define CRYPT_X931_FORMAT 0x00000004
2180 
2181 /* Crypt{Get,Set}HashParam */
2182 #define HP_ALGID 0x0001
2183 #define HP_HASHVAL 0x0002
2184 #define HP_HASHSIZE 0x0004
2185 #define HP_HMAC_INFO 0x0005
2186 #define HP_TLS1PRF_LABEL 0x0006
2187 #define HP_TLS1PRF_SEED 0x0007
2188 
2189 /* Crypt{Get,Set}KeyParam */
2190 #define CRYPT_MODE_CBC 1
2191 #define CRYPT_MODE_ECB 2
2192 #define CRYPT_MODE_OFB 3
2193 #define CRYPT_MODE_CFB 4
2194 
2195 #define CRYPT_ENCRYPT 0x0001
2196 #define CRYPT_DECRYPT 0x0002
2197 #define CRYPT_EXPORT 0x0004
2198 #define CRYPT_READ 0x0008
2199 #define CRYPT_WRITE 0x0010
2200 #define CRYPT_MAC 0x0020
2201 #define CRYPT_EXPORT_KEY 0x0040
2202 #define CRYPT_IMPORT_KEY 0x0080
2203 #define CRYPT_ARCHIVE 0x0100
2204 
2205 /* Crypt*Key */
2206 #define CRYPT_EXPORTABLE 0x00000001
2207 #define CRYPT_USER_PROTECTED 0x00000002
2208 #define CRYPT_CREATE_SALT 0x00000004
2209 #define CRYPT_UPDATE_KEY 0x00000008
2210 #define CRYPT_NO_SALT 0x00000010
2211 #define CRYPT_PREGEN 0x00000040
2212 #define CRYPT_SERVER 0x00000400
2213 #define CRYPT_ARCHIVABLE 0x00004000
2214 
2215 /* CryptExportKey */
2216 #define CRYPT_SSL2_FALLBACK 0x00000002
2217 #define CRYPT_DESTROYKEY 0x00000004
2218 #define CRYPT_OAEP 0x00000040
2219 
2220 /* CryptHashSessionKey */
2221 #define CRYPT_LITTLE_ENDIAN 0x00000001
2222 
2223 /* Crypt{Protect,Unprotect}Data PROMPTSTRUCT flags */
2224 #define CRYPTPROTECT_PROMPT_ON_PROTECT 0x0001
2225 #define CRYPTPROTECT_PROMPT_ON_UNPROTECT 0x0002
2226 /* Crypt{Protect,Unprotect}Data flags */
2227 #define CRYPTPROTECT_UI_FORBIDDEN 0x0001
2228 #define CRYPTPROTECT_LOCAL_MACHINE 0x0004
2229 #define CRYPTPROTECT_AUDIT 0x0010
2230 #define CRYPTPROTECT_VERIFY_PROTECTION 0x0040
2231 
2232 /* Crypt{Protect,Unprotect}Memory */
2233 #define CRYPTPROTECTMEMORY_BLOCK_SIZE 16
2234 #define CRYPTPROTECTMEMORY_SAME_PROCESS 0x0000
2235 #define CRYPTPROTECTMEMORY_CROSS_PROCESS 0x0001
2236 #define CRYPTPROTECTMEMORY_SAME_LOGON 0x0002
2237 
2238 /* Blob Types */
2239 #define SIMPLEBLOB 0x1
2240 #define PUBLICKEYBLOB 0x6
2241 #define PRIVATEKEYBLOB 0x7
2242 #define PLAINTEXTKEYBLOB 0x8
2243 #define OPAQUEKEYBLOB 0x9
2244 #define PUBLICKEYBLOBEX 0xA
2245 #define SYMMETRICWRAPKEYBLOB 0xB
2246 
2247 #define CUR_BLOB_VERSION 2
2248 
2249 /* cert store provider types */
2250 #define CERT_STORE_PROV_MSG ((LPCSTR)1)
2251 #define CERT_STORE_PROV_MEMORY ((LPCSTR)2)
2252 #define CERT_STORE_PROV_FILE ((LPCSTR)3)
2253 #define CERT_STORE_PROV_REG ((LPCSTR)4)
2254 #define CERT_STORE_PROV_PKCS7 ((LPCSTR)5)
2255 #define CERT_STORE_PROV_SERIALIZED ((LPCSTR)6)
2256 #define CERT_STORE_PROV_FILENAME_A ((LPCSTR)7)
2257 #define CERT_STORE_PROV_FILENAME_W ((LPCSTR)8)
2258 #define CERT_STORE_PROV_SYSTEM_A ((LPCSTR)9)
2259 #define CERT_STORE_PROV_SYSTEM_W ((LPCSTR)10)
2260 #define CERT_STORE_PROV_SYSTEM CERT_STORE_PROV_SYSTEM_W
2261 #define CERT_STORE_PROV_COLLECTION ((LPCSTR)11)
2262 #define CERT_STORE_PROV_SYSTEM_REGISTRY_A ((LPCSTR)12)
2263 #define CERT_STORE_PROV_SYSTEM_REGISTRY_W ((LPCSTR)13)
2264 #define CERT_STORE_PROV_SYSTEM_REGISTRY CERT_STORE_PROV_SYSTEM_REGISTRY_W
2265 #define CERT_STORE_PROV_PHYSICAL_W ((LPCSTR)14)
2266 #define CERT_STORE_PROV_PHYSICAL CERT_STORE_PROV_PHYSICAL_W
2267 #define CERT_STORE_PROV_SMART_CARD_W ((LPCSTR)15)
2268 #define CERT_STORE_PROV_SMART_CARD CERT_STORE_PROV_SMART_CARD_W
2269 #define CERT_STORE_PROV_LDAP_W ((LPCSTR)16)
2270 #define CERT_STORE_PROV_LDAP CERT_STORE_PROV_LDAP_W
2271 
2272 #define sz_CERT_STORE_PROV_MEMORY "Memory"
2273 #define sz_CERT_STORE_PROV_FILENAME_W "File"
2274 #define sz_CERT_STORE_PROV_FILENAME sz_CERT_STORE_PROV_FILENAME_W
2275 #define sz_CERT_STORE_PROV_SYSTEM_W "System"
2276 #define sz_CERT_STORE_PROV_SYSTEM sz_CERT_STORE_PROV_SYSTEM_W
2277 #define sz_CERT_STORE_PROV_PKCS7 "PKCS7"
2278 #define sz_CERT_STORE_PROV_SERIALIZED "Serialized"
2279 #define sz_CERT_STORE_PROV_COLLECTION "Collection"
2280 #define sz_CERT_STORE_PROV_SYSTEM_REGISTRY_W "SystemRegistry"
2281 #define sz_CERT_STORE_PROV_SYSTEM_REGISTRY sz_CERT_STORE_PROV_SYSTEM_REGISTRY_W
2282 #define sz_CERT_STORE_PROV_PHYSICAL_W "Physical"
2283 #define sz_CERT_STORE_PROV_PHYSICAL sz_CERT_STORE_PROV_PHYSICAL_W
2284 #define sz_CERT_STORE_PROV_SMART_CARD_W "SmartCard"
2285 #define sz_CERT_STORE_PROV_SMART_CARD sz_CERT_STORE_PROV_SMART_CARD_W
2286 #define sz_CERT_STORE_PROV_LDAP_W "Ldap"
2287 #define sz_CERT_STORE_PROV_LDAP sz_CERT_STORE_PROV_LDAP_W
2288 
2289 /* types for CertOpenStore dwEncodingType */
2290 #define CERT_ENCODING_TYPE_MASK 0x0000ffff
2291 #define CMSG_ENCODING_TYPE_MASK 0xffff0000
2292 #define GET_CERT_ENCODING_TYPE(x) ((x) & CERT_ENCODING_TYPE_MASK)
2293 #define GET_CMSG_ENCODING_TYPE(x) ((x) & CMSG_ENCODING_TYPE_MASK)
2294 
2295 #define CRYPT_ASN_ENCODING 0x00000001
2296 #define CRYPT_NDR_ENCODING 0x00000002
2297 #define X509_ASN_ENCODING 0x00000001
2298 #define X509_NDR_ENCODING 0x00000002
2299 #define PKCS_7_ASN_ENCODING 0x00010000
2300 #define PKCS_7_NDR_ENCODING 0x00020000
2301 
2302 /* system store locations */
2303 #define CERT_SYSTEM_STORE_LOCATION_MASK 0x00ff0000
2304 #define CERT_SYSTEM_STORE_LOCATION_SHIFT 16
2305 
2306 /* system store location ids */
2307 /* hkcu */
2308 #define CERT_SYSTEM_STORE_CURRENT_USER_ID 1
2309 /* hklm */
2310 #define CERT_SYSTEM_STORE_LOCAL_MACHINE_ID 2
2311 /* hklm\Software\Microsoft\Cryptography\Services */
2312 #define CERT_SYSTEM_STORE_CURRENT_SERVICE_ID 4
2313 #define CERT_SYSTEM_STORE_SERVICES_ID 5
2314 /* HKEY_USERS */
2315 #define CERT_SYSTEM_STORE_USERS_ID 6
2316 /* hkcu\Software\Policies\Microsoft\SystemCertificates */
2317 #define CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY_ID 7
2318 /* hklm\Software\Policies\Microsoft\SystemCertificates */
2319 #define CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY_ID 8
2320 /* hklm\Software\Microsoft\EnterpriseCertificates */
2321 #define CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE_ID 9
2322 
2323 /* system store location values */
2324 #define CERT_SYSTEM_STORE_CURRENT_USER \
2325  (CERT_SYSTEM_STORE_CURRENT_USER_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
2326 #define CERT_SYSTEM_STORE_LOCAL_MACHINE \
2327  (CERT_SYSTEM_STORE_LOCAL_MACHINE_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
2328 #define CERT_SYSTEM_STORE_CURRENT_SERVICE \
2329  (CERT_SYSTEM_STORE_CURRENT_SERVICE_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
2330 #define CERT_SYSTEM_STORE_SERVICES \
2331  (CERT_SYSTEM_STORE_SERVICES_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
2332 #define CERT_SYSTEM_STORE_USERS \
2333  (CERT_SYSTEM_STORE_USERS_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
2334 #define CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY \
2335  (CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
2336 #define CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY \
2337  (CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
2338 #define CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE \
2339  (CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT)
2340 
2341 #if defined(__GNUC__)
2342 #define CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH (const WCHAR[])\
2343  {'S','o','f','t','w','a','r','e','\\','M','i','c','r','o','s','o','f','t',\
2344  '\\','S','y','s','t','e','m','C','e','r','t','i','f','i','c','a','t','e','s',\
2345  0 }
2346 #define CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH (const WCHAR[])\
2347  {'S','o','f','t','w','a','r','e','\\','P','o','l','i','c','i','e','s','\\',\
2348  'M','i','c','r','o','s','o','f','t','\\','S','y','s','t','e','m','C','e','r',\
2349  't','i','f','i','c','a','t','e','s',0 }
2350 #elif defined(_MSC_VER)
2351 #define CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH \
2352  L"Software\\Microsoft\\SystemCertificates"
2353 #define CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH \
2354  L"Software\\Policies\\Microsoft\\SystemCertificates"
2355 #else
2357  {'S','o','f','t','w','a','r','e','\\','M','i','c','r','o','s','o','f','t','\\',
2358  'S','y','s','t','e','m','C','e','r','t','i','f','i','c','a','t','e','s',0 };
2360  {'S','o','f','t','w','a','r','e','\\','P','o','l','i','c','i','e','s','\\',
2361  'M','i','c','r','o','s','o','f','t','\\','S','y','s','t','e','m','C','e','r',
2362  't','i','f','i','c','a','t','e','s',0 };
2363 #endif
2364 
2365 #if defined(__GNUC__)
2366 #define CERT_EFSBLOB_REGPATH (const WCHAR[])\
2367 {'S','o','f','t','w','a','r','e','\\','P','o','l','i','c','i','e','s','\\',\
2368  'M','i','c','r','o','s','o','f','t','\\','S','y','s','t','e','m','C','e','r',\
2369  't','i','f','i','c','a','t','e','s','\\','E','F','S',0 }
2370 #define CERT_EFSBLOB_VALUE_NAME (const WCHAR[]) {'E','F','S','B','l','o','b',0 }
2371 #elif defined(_MSC_VER)
2372 #define CERT_EFSBLOB_REGPATH CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH L"\\EFS"
2373 #define CERT_EFSBLOB_VALUE_NAME L"EFSBlob"
2374 #else
2375 static const WCHAR CERT_EFSBLOB_REGPATH[] =
2376  {'S','o','f','t','w','a','r','e','\\','P','o','l','i','c','i','e','s','\\',
2377  'M','i','c','r','o','s','o','f','t','\\','S','y','s','t','e','m','C','e','r',
2378  't','i','f','i','c','a','t','e','s','\\','E','F','S',0 };
2379 static const CERT_EFSBLOB_VALUE_NAME[] = { 'E','F','S','B','l','o','b',0 };
2380 #endif
2381 
2382 #if defined(__GNUC__)
2383 #define CERT_PROT_ROOT_FLAGS_REGPATH (const WCHAR[])\
2384 {'\\','R','o','o','t','\\','P','r','o','t','e','c','t','e','d','R','o','o','t',\
2385  's',0 }
2386 #define CERT_PROT_ROOT_FLAGS_VALUE_NAME (const WCHAR[])\
2387 {'F','l','a','g','s',0 }
2388 #elif defined(_MSC_VER)
2389 #define CERT_PROT_ROOT_FLAGS_REGPATH L"\\Root\\ProtectedRoots"
2390 #define CERT_PROT_ROOT_FLAGS_VALUE_NAME L"Flags"
2391 #else
2393  { '\\','R','o','o','t','\\','P','r','o','t','e','c','t','e','d','R','o','o',
2394  't','s',0 };
2395 static const WCHAR CERT_PROT_ROOT_FLAGS_VALUE_NAME[] = {'F','l','a','g','s',0 };
2396 #endif
2397 
2398 #define CERT_PROT_ROOT_DISABLE_CURRENT_USER_FLAG 0x01
2399 #define CERT_PROT_ROOT_INHIBIT_ADD_AT_INIT_FLAG 0x02
2400 #define CERT_PROT_ROOT_INHIBIT_PURGE_LM_FLAG 0x04
2401 #define CERT_PROT_ROOT_DISABLE_LM_AUTH_FLAG 0x08
2402 #define CERT_PROT_ROOT_DISABLE_NT_AUTH_REQUIRED_FLAG 0x10
2403 #define CERT_PROT_ROOT_DISABLE_NOT_DEFINED_NAME_CONSTRAINT_FLAG 0x20
2404 
2405 #if defined(__GNUC__)
2406 #define CERT_TRUST_PUB_SAFER_GROUP_POLICY_REGPATH (const WCHAR[])\
2407 {'S','o','f','t','w','a','r','e','\\','P','o','l','i','c','i','e','s','\\',\
2408  'M','i','c','r','o','s','o','f','t','\\','S','y','s','t','e','m','C','e','r',\
2409  't','i','f','i','c','a','t','e','s','\\','T','r','u','s','t','e','d',\
2410  'P','u','b','l','i','s','h','e','r','\\','S','a','f','e','r',0 }
2411 #elif defined(_MSC_VER)
2412 #define CERT_TRUST_PUB_SAFER_GROUP_POLICY_REGPATH \
2413  CERT_GROUP_POLICY_SYSTEM_STORE_REGPATH L"\\TrustedPublisher\\Safer"
2414 #else
2416  {'S','o','f','t','w','a','r','e','\\','P','o','l','i','c','i','e','s','\\',
2417  'M','i','c','r','o','s','o','f','t','\\','S','y','s','t','e','m','C','e','r',
2418  't','i','f','i','c','a','t','e','s','\\','T','r','u','s','t','e','d',
2419  'P','u','b','l','i','s','h','e','r','\\','S','a','f','e','r',0 };
2420 #endif
2421 
2422 #if defined(__GNUC__)
2423 #define CERT_TRUST_PUB_SAFER_LOCAL_MACHINE_REGPATH (const WCHAR[])\
2424 {'S','o','f','t','w','a','r','e','\\','M','i','c','r','o','s','o','f','t','\\',\
2425  'S','y','s','t','e','m','C','e','r','t','i','f','i','c','a','t','e','s','\\',\
2426  'T','r','u','s','t','e','d','P','u','b','l','i','s','h','e','r','\\',\
2427  'S','a','f','e','r',0 }
2428 #define CERT_TRUST_PUB_AUTHENTICODE_FLAGS_VALUE_NAME (const WCHAR[])\
2429 {'A','u','t','h','e','n','t','i','c','o','d','e','F','l','a','g','s',0 };
2430 #elif defined(_MSC_VER)
2431 #define CERT_TRUST_PUB_SAFER_LOCAL_MACHINE_REGPATH \
2432  CERT_LOCAL_MACHINE_SYSTEM_STORE_REGPATH L"\\TrustedPublisher\\Safer"
2433 #define CERT_TRUST_PUB_AUTHENTICODE_FLAGS_VALUE_NAME L"AuthenticodeFlags"
2434 #else
2436  {'S','o','f','t','w','a','r','e','\\','M','i','c','r','o','s','o','f','t','\\',
2437  'S','y','s','t','e','m','C','e','r','t','i','f','i','c','a','t','e','s','\\',
2438  'T','r','u','s','t','e','d','P','u','b','l','i','s','h','e','r','\\',
2439  'S','a','f','e','r',0 };
2441  { 'A','u','t','h','e','n','t','i','c','o','d','e','F','l','a','g','s',0 };
2442 #endif
2443 
2444 #define CERT_TRUST_PUB_ALLOW_END_USER_TRUST 0x00000000
2445 #define CERT_TRUST_PUB_ALLOW_MACHINE_ADMIN_TRUST 0x00000001
2446 #define CERT_TRUST_PUB_ALLOW_ENTERPRISE_ADMIN_TRUST 0x00000002
2447 #define CERT_TRUST_PUB_ALLOW_TRUST_MASK 0x00000003
2448 #define CERT_TRUST_PUB_CHECK_PUBLISHER_REV_FLAG 0x00000100
2449 #define CERT_TRUST_PUB_CHECK_TIMESTAMP_REV_FLAG 0x00000200
2450 
2451 /* flags for CertOpenStore dwFlags */
2452 #define CERT_STORE_NO_CRYPT_RELEASE_FLAG 0x00000001
2453 #define CERT_STORE_SET_LOCALIZED_NAME_FLAG 0x00000002
2454 #define CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG 0x00000004
2455 #define CERT_STORE_DELETE_FLAG 0x00000010
2456 #define CERT_STORE_UNSAFE_PHYSICAL_FLAG 0x00000020
2457 #define CERT_STORE_SHARE_STORE_FLAG 0x00000040
2458 #define CERT_STORE_SHARE_CONTEXT_FLAG 0x00000080
2459 #define CERT_STORE_MANIFOLD_FLAG 0x00000100
2460 #define CERT_STORE_ENUM_ARCHIVED_FLAG 0x00000200
2461 #define CERT_STORE_UPDATE_KEYID_FLAG 0x00000400
2462 #define CERT_STORE_BACKUP_RESTORE_FLAG 0x00000800
2463 #define CERT_STORE_MAXIMUM_ALLOWED_FLAG 0x00001000
2464 #define CERT_STORE_CREATE_NEW_FLAG 0x00002000
2465 #define CERT_STORE_OPEN_EXISTING_FLAG 0x00004000
2466 #define CERT_STORE_READONLY_FLAG 0x00008000
2467 
2468 #define CERT_REGISTRY_STORE_REMOTE_FLAG 0x00010000
2469 #define CERT_REGISTRY_STORE_SERIALIZED_FLAG 0x00020000
2470 #define CERT_REGISTRY_STORE_ROAMING_FLAG 0x00040000
2471 #define CERT_REGISTRY_STORE_MY_IE_DIRTY_FLAG 0x00080000
2472 #define CERT_REGISTRY_STORE_LM_GPT_FLAG 0x01000000
2473 #define CERT_REGISTRY_STORE_CLIENT_GPT_FLAG 0x80000000
2474 
2475 #define CERT_FILE_STORE_COMMIT_ENABLE_FLAG 0x00010000
2476 
2477 /* CertCloseStore dwFlags */
2478 #define CERT_CLOSE_STORE_FORCE_FLAG 0x00000001
2479 #define CERT_CLOSE_STORE_CHECK_FLAG 0x00000002
2480 
2481 /* dwAddDisposition */
2482 #define CERT_STORE_ADD_NEW 1
2483 #define CERT_STORE_ADD_USE_EXISTING 2
2484 #define CERT_STORE_ADD_REPLACE_EXISTING 3
2485 #define CERT_STORE_ADD_ALWAYS 4
2486 #define CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES 5
2487 #define CERT_STORE_ADD_NEWER 6
2488 #define CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES 7
2489 
2490 /* Installable OID function defs */
2491 #define CRYPT_OID_OPEN_STORE_PROV_FUNC "CertDllOpenStoreProv"
2492 #define CRYPT_OID_ENCODE_OBJECT_FUNC "CryptDllEncodeObject"
2493 #define CRYPT_OID_DECODE_OBJECT_FUNC "CryptDllDecodeObject"
2494 #define CRYPT_OID_ENCODE_OBJECT_EX_FUNC "CryptDllEncodeObjectEx"
2495 #define CRYPT_OID_DECODE_OBJECT_EX_FUNC "CryptDllDecodeObjectEx"
2496 #define CRYPT_OID_CREATE_COM_OBJECT_FUNC "CryptDllCreateComObject"
2497 #define CRYPT_OID_VERIFY_REVOCATION_FUNC "CertDllVerifyRevocation"
2498 #define CRYPT_OID_VERIFY_CTL_USAGE_FUNC "CertDllVerifyCTLUsage"
2499 #define CRYPT_OID_FORMAT_OBJECT_FUNC "CryptDllFormatObject"
2500 #define CRYPT_OID_FIND_OID_INFO_FUNC "CryptDllFindOIDInfo"
2501 #define CRYPT_OID_FIND_LOCALIZED_NAME_FUNC "CryptDllFindLocalizedName"
2502 #define CRYPT_OID_EXPORT_PUBLIC_KEY_INFO_FUNC "CryptDllExportPublicKeyInfoEx"
2503 #define CRYPT_OID_IMPORT_PUBLIC_KEY_INFO_FUNC "CryptDllImportPublicKeyInfoEx"
2504 #define CRYPT_OID_EXPORT_PRIVATE_KEY_INFO_FUNC "CryptDllExportPrivateKeyInfoEx"
2505 #define CRYPT_OID_IMPORT_PRIVATE_KEY_INFO_FUNC "CryptDllImportPrivateKeyInfoEx"
2506 #define CRYPT_OID_VERIFY_CERTIFICATE_CHAIN_POLICY_FUNC \
2507  "CertDllVerifyCertificateChainPolicy"
2508 #define URL_OID_GET_OBJECT_URL_FUNC "UrlDllGetObjectUrl"
2509 #define TIME_VALID_OID_GET_OBJECT_FUNC "TimeValidDllGetObject"
2510 #define CMSG_OID_GEN_CONTENT_ENCRYPT_KEY_FUNC "CryptMsgDllGenContentEncryptKey"
2511 #define CMSG_OID_EXPORT_KEY_TRANS_FUNC "CryptMsgDllExportKeyTrans"
2512 #define CMSG_OID_IMPORT_KEY_TRANS_FUNC "CryptMsgDllImportKeyTrans"
2513 
2514 #define CRYPT_OID_REGPATH "Software\\Microsoft\\Cryptography\\OID"
2515 #define CRYPT_OID_REG_ENCODING_TYPE_PREFIX "EncodingType "
2516 #if defined(__GNUC__)
2517 # define CRYPT_OID_REG_DLL_VALUE_NAME (const WCHAR []){ 'D','l','l',0 }
2518 # define CRYPT_OID_REG_FUNC_NAME_VALUE_NAME \
2519  (const WCHAR []){ 'F','u','n','c','N','a','m','e',0 }
2520 # define CRYPT_OID_REG_FLAGS_VALUE_NAME \
2521  (const WCHAR []){ 'C','r','y','p','t','F','l','a','g','s',0 }
2522 #elif defined(_MSC_VER)
2523 # define CRYPT_OID_REG_DLL_VALUE_NAME L"Dll"
2524 # define CRYPT_OID_REG_FUNC_NAME_VALUE_NAME L"FuncName"
2525 # define CRYPT_OID_REG_FLAGS_VALUE_NAME L"CryptFlags"
2526 #else
2527 static const WCHAR CRYPT_OID_REG_DLL_VALUE_NAME[] = { 'D','l','l',0 };
2529  { 'F','u','n','c','N','a','m','e',0 };
2531  { 'C','r','y','p','t','F','l','a','g','s',0 };
2532 #endif
2533 #define CRYPT_OID_REG_FUNC_NAME_VALUE_NAME_A "FuncName"
2534 #define CRYPT_DEFAULT_OID "DEFAULT"
2535 
2536 #define CRYPT_INSTALL_OID_FUNC_BEFORE_FLAG 1
2537 
2538 #define CRYPT_GET_INSTALLED_OID_FUNC_FLAG 0x1
2539 
2540 #define CRYPT_REGISTER_FIRST_INDEX 0
2541 #define CRYPT_REGISTER_LAST_INDEX 0xffffffff
2542 
2543 /* values for CERT_STORE_PROV_INFO's dwStoreProvFlags */
2544 #define CERT_STORE_PROV_EXTERNAL_FLAG 0x1
2545 #define CERT_STORE_PROV_DELETED_FLAG 0x2
2546 #define CERT_STORE_PROV_NO_PERSIST_FLAG 0x4
2547 #define CERT_STORE_PROV_SYSTEM_STORE_FLAG 0x8
2548 #define CERT_STORE_PROV_LM_SYSTEM_STORE_FLAG 0x10
2549 
2550 /* function indices */
2551 #define CERT_STORE_PROV_CLOSE_FUNC 0
2552 #define CERT_STORE_PROV_READ_CERT_FUNC 1
2553 #define CERT_STORE_PROV_WRITE_CERT_FUNC 2
2554 #define CERT_STORE_PROV_DELETE_CERT_FUNC 3
2555 #define CERT_STORE_PROV_SET_CERT_PROPERTY_FUNC 4
2556 #define CERT_STORE_PROV_READ_CRL_FUNC 5
2557 #define CERT_STORE_PROV_WRITE_CRL_FUNC 6
2558 #define CERT_STORE_PROV_DELETE_CRL_FUNC 7
2559 #define CERT_STORE_PROV_SET_CRL_PROPERTY_FUNC 8
2560 #define CERT_STORE_PROV_READ_CTL_FUNC 9
2561 #define CERT_STORE_PROV_WRITE_CTL_FUNC 10
2562 #define CERT_STORE_PROV_DELETE_CTL_FUNC 11
2563 #define CERT_STORE_PROV_SET_CTL_PROPERTY_FUNC 12
2564 #define CERT_STORE_PROV_CONTROL_FUNC 13
2565 #define CERT_STORE_PROV_FIND_CERT_FUNC 14
2566 #define CERT_STORE_PROV_FREE_FIND_CERT_FUNC 15
2567 #define CERT_STORE_PROV_GET_CERT_PROPERTY_FUNC 16
2568 #define CERT_STORE_PROV_FIND_CRL_FUNC 17
2569 #define CERT_STORE_PROV_FREE_FIND_CRL_FUNC 18
2570 #define CERT_STORE_PROV_GET_CRL_PROPERTY_FUNC 19
2571 #define CERT_STORE_PROV_FIND_CTL_FUNC 20
2572 #define CERT_STORE_PROV_FREE_FIND_CTL_FUNC 21
2573 #define CERT_STORE_PROV_GET_CTL_PROPERTY_FUNC 22
2574 
2575 /* physical store dwFlags, also used by CertAddStoreToCollection as
2576  * dwUpdateFlags
2577  */
2578 #define CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG 0x1
2579 #define CERT_PHYSICAL_STORE_OPEN_DISABLE_FLAG 0x2
2580 #define CERT_PHYSICAL_STORE_REMOVE_OPEN_DISABLE_FLAG 0x4
2581 #define CERT_PHYSICAL_STORE_INSERT_COMPUTER_NAME_ENABLE_FLAG 0x8
2582 
2583 /* dwFlag values for CertEnumPhysicalStore callback */
2584 #define CERT_PHYSICAL_STORE_PREDEFINED_ENUM_FLAG 0x1
2585 
2586 /* predefined store names */
2587 #if defined(__GNUC__)
2588 # define CERT_PHYSICAL_STORE_DEFAULT_NAME (const WCHAR[])\
2589  {'.','D','e','f','a','u','l','t','0'}
2590 # define CERT_PHYSICAL_STORE_GROUP_POLICY_NAME (const WCHAR[])\
2591  {'.','G','r','o','u','p','P','o','l','i','c','y',0}
2592 # define CERT_PHYSICAL_STORE_LOCAL_MACHINE_NAME (const WCHAR[])\
2593  {'.','L','o','c','a','l','M','a','c','h','i','n','e',0}
2594 # define CERT_PHYSICAL_STORE_DS_USER_CERTIFICATE_NAME (const WCHAR[])\
2595  {'.','U','s','e','r','C','e','r','t','i','f','i','c','a','t','e',0}
2596 # define CERT_PHYSICAL_STORE_LOCAL_MACHINE_GROUP_POLICY_NAME (const WCHAR[])\
2597  {'.','L','o','c','a','l','M','a','c','h','i','n','e','G','r','o','u','p',\
2598  'P','o','l','i','c','y',0}
2599 # define CERT_PHYSICAL_STORE_ENTERPRISE_NAME (const WCHAR[])\
2600  {'.','E','n','t','e','r','p','r','i','s','e',0}
2601 # define CERT_PHYSICAL_STORE_AUTH_ROOT_NAME (const WCHAR[])\
2602  {'.','A','u','t','h','R','o','o','t',0}
2603 #elif defined(_MSC_VER)
2604 # define CERT_PHYSICAL_STORE_DEFAULT_NAME \
2605  L".Default"
2606 # define CERT_PHYSICAL_STORE_GROUP_POLICY_NAME \
2607  L".GroupPolicy"
2608 # define CERT_PHYSICAL_STORE_LOCAL_MACHINE_NAME \
2609  L".LocalMachine"
2610 # define CERT_PHYSICAL_STORE_DS_USER_CERTIFICATE_NAME \
2611  L".UserCertificate"
2612 # define CERT_PHYSICAL_STORE_LOCAL_MACHINE_GROUP_POLICY_NAME \
2613  L".LocalMachineGroupPolicy"
2614 # define CERT_PHYSICAL_STORE_ENTERPRISE_NAME \
2615  L".Enterprise"
2616 # define CERT_PHYSICAL_STORE_AUTH_ROOT_NAME \
2617  L".AuthRoot"
2618 #else
2620  {'.','D','e','f','a','u','l','t','0'};
2622  {'.','G','r','o','u','p','P','o','l','i','c','y',0};
2624  {'.','L','o','c','a','l','M','a','c','h','i','n','e',0};
2626  {'.','U','s','e','r','C','e','r','t','i','f','i','c','a','t','e',0};
2628  {'.','L','o','c','a','l','M','a','c','h','i','n','e','G','r','o','u','p',
2629  'P','o','l','i','c','y',0};
2631  {'.','E','n','t','e','r','p','r','i','s','e',0};
2633  {'.','A','u','t','h','R','o','o','t',0};
2634 #endif
2635 
2636 /* cert system store flags */
2637 #define CERT_SYSTEM_STORE_MASK 0xffff0000
2638 #define CERT_SYSTEM_STORE_RELOCATE_FLAG 0x80000000
2639 
2640 /* CertFindChainInStore dwFindType types */
2641 #define CERT_CHAIN_FIND_BY_ISSUER 1
2642 
2643 /* CertSaveStore dwSaveAs values */
2644 #define CERT_STORE_SAVE_AS_STORE 1
2645 #define CERT_STORE_SAVE_AS_PKCS7 2
2646 /* CertSaveStore dwSaveTo values */
2647 #define CERT_STORE_SAVE_TO_FILE 1
2648 #define CERT_STORE_SAVE_TO_MEMORY 2
2649 #define CERT_STORE_SAVE_TO_FILENAME_A 3
2650 #define CERT_STORE_SAVE_TO_FILENAME_W 4
2651 #define CERT_STORE_SAVE_TO_FILENAME CERT_STORE_SAVE_TO_FILENAME_W
2652 
2653 /* CERT_INFO versions/flags */
2654 #define CERT_V1 0
2655 #define CERT_V2 1
2656 #define CERT_V3 2
2657 #define CERT_INFO_VERSION_FLAG 1
2658 #define CERT_INFO_SERIAL_NUMBER_FLAG 2
2659 #define CERT_INFO_SIGNATURE_ALGORITHM_FLAG 3
2660 #define CERT_INFO_ISSUER_FLAG 4
2661 #define CERT_INFO_NOT_BEFORE_FLAG 5
2662 #define CERT_INFO_NOT_AFTER_FLAG 6
2663 #define CERT_INFO_SUBJECT_FLAG 7
2664 #define CERT_INFO_SUBJECT_PUBLIC_KEY_INFO_FLAG 8
2665 #define CERT_INFO_ISSUER_UNIQUE_ID_FLAG 9
2666 #define CERT_INFO_SUBJECT_UNIQUE_ID_FLAG 10
2667 #define CERT_INFO_EXTENSION_FLAG 11
2668 
2669 /* CERT_REQUEST_INFO versions */
2670 #define CERT_REQUEST_V1 0
2671 
2672 /* CERT_KEYGEN_REQUEST_INFO versions */
2673 #define CERT_KEYGEN_REQUEST_V1 0
2674 
2675 /* CRL versions */
2676 #define CRL_V1 0
2677 #define CRL_V2 1
2678 
2679 /* CTL versions */
2680 #define CTL_V1 0
2681 
2682 /* Certificate, CRL, CTL property IDs */
2683 #define CERT_KEY_PROV_HANDLE_PROP_ID 1
2684 #define CERT_KEY_PROV_INFO_PROP_ID 2
2685 #define CERT_SHA1_HASH_PROP_ID 3
2686 #define CERT_HASH_PROP_ID CERT_SHA1_HASH_PROP_ID
2687 #define CERT_MD5_HASH_PROP_ID 4
2688 #define CERT_KEY_CONTEXT_PROP_ID 5
2689 #define CERT_KEY_SPEC_PROP_ID 6
2690 #define CERT_IE30_RESERVED_PROP_ID 7
2691 #define CERT_PUBKEY_HASH_RESERVED_PROP_ID 8
2692 #define CERT_ENHKEY_USAGE_PROP_ID 9
2693 #define CERT_CTL_USAGE_PROP_ID CERT_ENHKEY_USAGE_PROP_ID
2694 #define CERT_NEXT_UPDATE_LOCATION_PROP_ID 10
2695 #define CERT_FRIENDLY_NAME_PROP_ID 11
2696 #define CERT_PVK_FILE_PROP_ID 12
2697 #define CERT_DESCRIPTION_PROP_ID 13
2698 #define CERT_ACCESS_STATE_PROP_ID 14
2699 #define CERT_SIGNATURE_HASH_PROP_ID 15
2700 #define CERT_SMART_CARD_DATA_PROP_ID 16
2701 #define CERT_EFS_PROP_ID 17
2702 #define CERT_FORTEZZA_DATA_PROP 18
2703 #define CERT_ARCHIVED_PROP_ID 19
2704 #define CERT_KEY_IDENTIFIER_PROP_ID 20
2705 #define CERT_AUTO_ENROLL_PROP_ID 21
2706 #define CERT_PUBKEY_ALG_PARA_PROP_ID 22
2707 #define CERT_CROSS_CERT_DIST_POINTS_PROP_ID 23
2708 #define CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID 24
2709 #define CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID 25
2710 #define CERT_ENROLLMENT_PROP_ID 26
2711 #define CERT_DATE_STAMP_PROP_ID 27
2712 #define CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID 28
2713 #define CERT_SUBJECT_NAME_MD5_HASH_PROP_ID 29
2714 #define CERT_EXTENDED_ERROR_INFO_PROP_ID 30
2715 /* 31 -- unused?
2716  32 -- cert prop id
2717  33 -- CRL prop id
2718  34 -- CTL prop id
2719  35 -- KeyId prop id
2720  36-63 -- reserved
2721  */
2722 #define CERT_RENEWAL_PROP_ID 64
2723 #define CERT_ARCHIVED_KEY_HASH_PROP_ID 65
2724 #define CERT_AUTO_ENROLL_RETRY_PROP_ID 66
2725 #define CERT_AIA_URL_RETRIEVED_PROP_ID 67
2726 #define CERT_AUTHORITY_INFO_ACCESS_PROP_ID 68
2727 #define CERT_BACKED_UP_PROP_ID 69
2728 #define CERT_OCSP_RESPONSE_PROP_ID 70
2729 #define CERT_REQUEST_ORIGINATOR_PROP_ID 71
2730 #define CERT_SOURCE_LOCATION_PROP_ID 72
2731 #define CERT_SOURCE_URL_PROP_ID 73
2732 #define CERT_NEW_KEY_PROP_ID 74
2733 #define CERT_OCSP_CACHE_PREFIX_PROP_ID 75
2734 #define CERT_SMART_CARD_ROOT_INFO_PROP_ID 76
2735 #define CERT_NO_AUTO_EXPIRE_CHECK_PROP_ID 77
2736 #define CERT_NCRYPT_KEY_HANDLE_PROP_ID 78
2737 #define CERT_HCRYPTPROV_OR_NCRYPT_KEY_HANDLE_PROP_ID 79
2738 #define CERT_SUBJECT_INFO_ACCESS_PROP_ID 80
2739 #define CERT_CA_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID 81
2740 #define CERT_CA_DISABLE_CRL_PROP_ID 82
2741 #define CERT_ROOT_PROGRAM_CERT_POLICIES_PROP_ID 83
2742 #define CERT_ROOT_PROGRAM_NAME_CONSTRAINTS_PROP_ID 84
2743 
2744 #define CERT_FIRST_RESERVED_PROP_ID 85
2745 #define CERT_LAST_RESERVED_PROP_ID 0x00007fff
2746 #define CERT_FIRST_USER_PROP_ID 0x00008000
2747 #define CERT_LAST_USER_PROP_ID 0x0000ffff
2748 
2749 #define IS_CERT_HASH_PROP_ID(x) \
2750  ((x) == CERT_SHA1_HASH_PROP_ID || (x) == CERT_MD5_HASH_PROP_ID || \
2751  (x) == CERT_SIGNATURE_HASH_PROP_ID)
2752 
2753 #define IS_PUBKEY_HASH_PROP_ID(x) \
2754  ((x) == CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID || \
2755  (x) == CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID)
2756 
2757 #define IS_CHAIN_HASH_PROP_ID(x) \
2758  ((x) == CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID || \
2759  (x) == CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID || \
2760  (x) == CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID || \
2761  (x) == CERT_SUBJECT_NAME_MD5_HASH_PROP_ID)
2762 
2763 /* access state flags */
2764 #define CERT_ACCESS_STATE_WRITE_PERSIST_FLAG 0x1
2765 #define CERT_ACCESS_STATE_SYSTEM_STORE_FLAG 0x2
2766 #define CERT_ACCESS_STATE_LM_SYSTEM_STORE_FLAG 0x4
2767 
2768 /* CertSetCertificateContextProperty flags */
2769 #define CERT_SET_PROPERTY_INHIBIT_PERSIST_FLAG 0x40000000
2770 #define CERT_SET_PROPERTY_IGNORE_PERSIST_ERROR_FLAG 0x80000000
2771 
2772 /* CERT_RDN attribute dwValueType types */
2773 #define CERT_RDN_TYPE_MASK 0x000000ff
2774 #define CERT_RDN_ANY_TYPE 0
2775 #define CERT_RDN_ENCODED_BLOB 1
2776 #define CERT_RDN_OCTET_STRING 2
2777 #define CERT_RDN_NUMERIC_STRING 3
2778 #define CERT_RDN_PRINTABLE_STRING 4
2779 #define CERT_RDN_TELETEX_STRING 5
2780 #define CERT_RDN_T61_STRING 5
2781 #define CERT_RDN_VIDEOTEX_STRING 6
2782 #define CERT_RDN_IA5_STRING 7
2783 #define CERT_RDN_GRAPHIC_STRING 8
2784 #define CERT_RDN_VISIBLE_STRING 9
2785 #define CERT_RDN_ISO646_STRING 9
2786 #define CERT_RDN_GENERAL_STRING 10
2787 #define CERT_RDN_UNIVERSAL_STRING 11
2788 #define CERT_RDN_INT4_STRING 11
2789 #define CERT_RDN_BMP_STRING 12
2790 #define CERT_RDN_UNICODE_STRING 12
2791 #define CERT_RDN_UTF8_STRING 13
2792 
2793 /* CERT_RDN attribute dwValueType flags */
2794 #define CERT_RDN_FLAGS_MASK 0xff000000
2795 #define CERT_RDN_ENABLE_T61_UNICODE_FLAG 0x80000000
2796 #define CERT_RDN_DISABLE_CHECK_TYPE_FLAG 0x4000000
2797 #define CERT_RDN_ENABLE_UTF8_UNICODE_FLAG 0x2000000
2798 #define CERT_RDN_DISABLE_IE4_UTF8_FLAG 0x0100000
2799 
2800 #define IS_CERT_RDN_CHAR_STRING(x) \
2801  (((x) & CERT_RDN_TYPE_MASK) >= CERT_RDN_NUMERIC_STRING)
2802 
2803 /* CertIsRDNAttrsInCertificateName flags */
2804 #define CERT_UNICODE_IS_RDN_ATTRS_FLAG 0x1
2805 #define CERT_CASE_INSENSITIVE_IS_RDN_ATTRS_FLAG 0x2
2806 
2807 /* CRL reason codes */
2808 #define CRL_REASON_UNSPECIFIED 0
2809 #define CRL_REASON_KEY_COMPROMISE 1
2810 #define CRL_REASON_CA_COMPROMISE 2
2811 #define CRL_REASON_AFFILIATION_CHANGED 3
2812 #define CRL_REASON_SUPERSEDED 4
2813 #define CRL_REASON_CESSATION_OF_OPERATION 5
2814 #define CRL_REASON_CERTIFICATE_HOLD 6
2815 #define CRL_REASON_REMOVE_FROM_CRL 8
2816 
2817 /* CertControlStore control types */
2818 #define CERT_STORE_CTRL_RESYNC 1
2819 #define CERT_STORE_CTRL_NOTIFY_CHANGE 2
2820 #define CERT_STORE_CTRL_COMMIT 3
2821 #define CERT_STORE_CTRL_AUTO_RESYNC 4
2822 #define CERT_STORE_CTRL_CANCEL_NOTIFY 5
2823 
2824 #define CERT_STORE_CTRL_COMMIT_FORCE_FLAG 0x1
2825 #define CERT_STORE_CTRL_COMMIT_CLEAR_FLAG 0x2
2826 
2827 /* cert store properties */
2828 #define CERT_STORE_LOCALIZED_NAME_PROP_ID 0x1000
2829 
2830 /* CertCreateContext flags */
2831 #define CERT_CREATE_CONTEXT_NOCOPY_FLAG 0x1
2832 #define CERT_CREATE_CONTEXT_SORTED_FLAG 0x2
2833 #define CERT_CREATE_CONTEXT_NO_HCRYPTMSG_FLAG 0x4
2834 #define CERT_CREATE_CONTEXT_NO_ENTRY_FLAG 0x8
2835 
2836 #define CERT_COMPARE_MASK 0xffff
2837 #define CERT_COMPARE_SHIFT 16
2838 #define CERT_COMPARE_ANY 0
2839 #define CERT_COMPARE_SHA1_HASH 1
2840 #define CERT_COMPARE_HASH CERT_COMPARE_SHA1_HASH
2841 #define CERT_COMPARE_NAME 2
2842 #define CERT_COMPARE_ATTR 3
2843 #define CERT_COMPARE_MD5_HASH 4
2844 #define CERT_COMPARE_PROPERTY 5
2845 #define CERT_COMPARE_PUBLIC_KEY 6
2846 #define CERT_COMPARE_NAME_STR_A 7
2847 #define CERT_COMPARE_NAME_STR_W 8
2848 #define CERT_COMPARE_KEY_SPEC 9
2849 #define CERT_COMPARE_ENHKEY_USAGE 10
2850 #define CERT_COMPARE_CTL_USAGE CERT_COMPARE_ENHKEY_USAGE
2851 #define CERT_COMPARE_SUBJECT_CERT 11
2852 #define CERT_COMPARE_ISSUER_OF 12
2853 #define CERT_COMPARE_EXISTING 13
2854 #define CERT_COMPARE_SIGNATURE_HASH 14
2855 #define CERT_COMPARE_KEY_IDENTIFIER 15
2856 #define CERT_COMPARE_CERT_ID 16
2857 #define CERT_COMPARE_CROSS_CERT_DIST_POINTS 17
2858 #define CERT_COMPARE_PUBKEY_MD5_HASH 18
2859 
2860 /* values of dwFindType for CertFind*InStore */
2861 #define CERT_FIND_ANY \
2862  (CERT_COMPARE_ANY << CERT_COMPARE_SHIFT)
2863 #define CERT_FIND_SHA1_HASH \
2864  (CERT_COMPARE_SHA1_HASH << CERT_COMPARE_SHIFT)
2865 #define CERT_FIND_MD5_HASH \
2866  (CERT_COMPARE_MD5_HASH << CERT_COMPARE_SHIFT)
2867 #define CERT_FIND_SIGNATURE_HASH \
2868  (CERT_COMPARE_SIGNATURE_HASH << CERT_COMPARE_SHIFT)
2869 #define CERT_FIND_KEY_IDENTIFIER \
2870  (CERT_COMPARE_KEY_IDENTIFIER << CERT_COMPARE_SHIFT)
2871 #define CERT_FIND_HASH CERT_FIND_SHA1_HASH
2872 #define CERT_FIND_PROPERTY \
2873  (CERT_COMPARE_PROPERTY << CERT_COMPARE_SHIFT)
2874 #define CERT_FIND_PUBLIC_KEY \
2875  (CERT_COMPARE_PUBLIC_KEY << CERT_COMPARE_SHIFT)
2876 #define CERT_FIND_SUBJECT_NAME \
2877  (CERT_COMPARE_NAME << CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
2878 #define CERT_FIND_SUBJECT_ATTR \
2879  (CERT_COMPARE_ATTR << CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
2880 #define CERT_FIND_ISSUER_NAME \
2881  (CERT_COMPARE_NAME << CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
2882 #define CERT_FIND_ISSUER_ATTR \
2883  (CERT_COMPARE_ATTR << CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
2884 #define CERT_FIND_SUBJECT_STR_A \
2885  (CERT_COMPARE_NAME_STR_A << CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
2886 #define CERT_FIND_SUBJECT_STR_W \
2887  (CERT_COMPARE_NAME_STR_W << CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG)
2888 #define CERT_FIND_SUBJECT_STR CERT_FIND_SUBJECT_STR_W
2889 #define CERT_FIND_ISSUER_STR_A \
2890  (CERT_COMPARE_NAME_STR_A << CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
2891 #define CERT_FIND_ISSUER_STR_W \
2892  (CERT_COMPARE_NAME_STR_W << CERT_COMPARE_SHIFT | CERT_INFO_ISSUER_FLAG)
2893 #define CERT_FIND_ISSUER_STR CERT_FIND_ISSUER_STR_W
2894 #define CERT_FIND_KEY_SPEC \
2895  (CERT_COMPARE_KEY_SPEC << CERT_COMPARE_SHIFT)
2896 #define CERT_FIND_ENHKEY_USAGE \
2897  (CERT_COMPARE_ENHKEY_USAGE << CERT_COMPARE_SHIFT)
2898 #define CERT_FIND_CTL_USAGE CERT_FIND_ENHKEY_USAGE
2899 #define CERT_FIND_SUBJECT_CERT \
2900  (CERT_COMPARE_SUBJECT_CERT << CERT_COMPARE_SHIFT)
2901 #define CERT_FIND_ISSUER_OF \
2902  (CERT_COMPARE_ISSUER_OF << CERT_COMPARE_SHIFT)
2903 #define CERT_FIND_EXISTING \
2904  (CERT_COMPARE_EXISTING << CERT_COMPARE_SHIFT)
2905 #define CERT_FIND_CERT_ID \
2906  (CERT_COMPARE_CERT_ID << CERT_COMPARE_SHIFT)
2907 #define CERT_FIND_CROSS_CERT_DIST_POINTS \
2908  (CERT_COMPARE_CROSS_CERT_DIST_POINTS << CERT_COMPARE_SHIFT)
2909 #define CERT_FIND_PUBKEY_MD5_HASH \
2910  (CERT_COMPARE_PUBKEY_MD5_HASH << CERT_COMPARE_SHIFT)
2911 
2912 #define CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG 0x1
2913 #define CERT_FIND_OPTIONAL_CTL_USAGE_FLAG 0x1
2914 #define CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG 0x2
2915 #define CERT_FIND_EXT_ONLY_CTL_USAGE_FLAG 0x2
2916 #define CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG 0x4
2917 #define CERT_FIND_PROP_ONLY_CTL_USAGE_FLAG 0x4
2918 #define CERT_FIND_NO_ENHKEY_USAGE_FLAG 0x8
2919 #define CERT_FIND_NO_CTL_USAGE_FLAG 0x8
2920 #define CERT_FIND_OR_ENHKEY_USAGE_FLAG 0x10
2921 #define CERT_FIND_OR_CTL_USAGE_FLAG 0x10
2922 #define CERT_FIND_VALID_ENHKEY_USAGE_FLAG 0x20
2923 #define CERT_FIND_VALID_CTL_USAGE_FLAG 0x20
2924 
2925 #define CRL_FIND_ANY 0
2926 #define CRL_FIND_ISSUED_BY 1
2927 #define CRL_FIND_EXISTING 2
2928 #define CRL_FIND_ISSUED_FOR 3
2929 
2930 #define CRL_FIND_ISSUED_BY_AKI_FLAG 0x1
2931 #define CRL_FIND_ISSUED_BY_SIGNATURE_FLAG 0x2
2932 #define CRL_FIND_ISSUED_BY_DELTA_FLAG 0x4
2933 #define CRL_FIND_ISSUED_BY_BASE_FLAG 0x8
2934 
2936 {
2937  PCCERT_CONTEXT pSubjectCert;
2938  PCCERT_CONTEXT pIssuerCert;
2940 
2941 #define CTL_FIND_ANY 0
2942 #define CTL_FIND_SHA1_HASH 1
2943 #define CTL_FIND_MD5_HASH 2
2944 #define CTL_FIND_USAGE 3
2945 #define CTL_FIND_SUBJECT 4
2946 #define CTL_FIND_EXISTING 5
2947 
2948 typedef struct _CTL_FIND_USAGE_PARA
2949 {
2952  CRYPT_DATA_BLOB ListIdentifier;
2953  PCERT_INFO pSigner;
2955 
2956 #define CTL_FIND_NO_LIST_ID_CBDATA 0xffffffff
2957 #define CTL_FIND_NO_SIGNER_PTR ((PCERT_INFO)-1)
2958 #define CTL_FIND_SAME_USAGE_FLAG 0x00000001
2959 
2961 {
2963  PCTL_FIND_USAGE_PARA pUsagePara;
2965  void *pvSubject;
2967 
2968 /* PFN_CERT_STORE_PROV_WRITE_CERT dwFlags values */
2969 #define CERT_STORE_PROV_WRITE_ADD_FLAG 0x1
2970 
2971 /* CertAddSerializedElementToStore context types */
2972 #define CERT_STORE_CERTIFICATE_CONTEXT 1
2973 #define CERT_STORE_CRL_CONTEXT 2
2974 #define CERT_STORE_CTL_CONTEXT 3
2975 #define CERT_STORE_ALL_CONTEXT_FLAG ~0U
2976 #define CERT_STORE_CERTIFICATE_CONTEXT_FLAG \
2977  (1 << CERT_STORE_CERTIFICATE_CONTEXT)
2978 #define CERT_STORE_CRL_CONTEXT_FLAG (1 << CERT_STORE_CRL_CONTEXT)
2979 #define CERT_STORE_CTL_CONTEXT_FLAG (1 << CERT_STORE_CTL_CONTEXT)
2980 
2981 /* CryptBinaryToString/CryptStringToBinary flags */
2982 #define CRYPT_STRING_BASE64HEADER 0x00000000
2983 #define CRYPT_STRING_BASE64 0x00000001
2984 #define CRYPT_STRING_BINARY 0x00000002
2985 #define CRYPT_STRING_BASE64REQUESTHEADER 0x00000003
2986 #define CRYPT_STRING_HEX 0x00000004
2987 #define CRYPT_STRING_HEXASCII 0x00000005
2988 #define CRYPT_STRING_BASE64_ANY 0x00000006
2989 #define CRYPT_STRING_ANY 0x00000007
2990 #define CRYPT_STRING_HEX_ANY 0x00000008
2991 #define CRYPT_STRING_BASE64X509CRLHEADER 0x00000009
2992 #define CRYPT_STRING_HEXADDR 0x0000000a
2993 #define CRYPT_STRING_HEXASCIIADDR 0x0000000b
2994 #define CRYPT_STRING_NOCRLF 0x40000000
2995 #define CRYPT_STRING_NOCR 0x80000000
2996 
2997 /* OIDs */
2998 #define szOID_RSA "1.2.840.113549"
2999 #define szOID_PKCS "1.2.840.113549.1"
3000 #define szOID_RSA_HASH "1.2.840.113549.2"
3001 #define szOID_RSA_ENCRYPT "1.2.840.113549.3"
3002 #define szOID_PKCS_1 "1.2.840.113549.1.1"
3003 #define szOID_PKCS_2 "1.2.840.113549.1.2"
3004 #define szOID_PKCS_3 "1.2.840.113549.1.3"
3005 #define szOID_PKCS_4 "1.2.840.113549.1.4"
3006 #define szOID_PKCS_5 "1.2.840.113549.1.5"
3007 #define szOID_PKCS_6 "1.2.840.113549.1.6"
3008 #define szOID_PKCS_7 "1.2.840.113549.1.7"
3009 #define szOID_PKCS_8 "1.2.840.113549.1.8"
3010 #define szOID_PKCS_9 "1.2.840.113549.1.9"
3011 #define szOID_PKCS_10 "1.2.840.113549.1.10"
3012 #define szOID_PKCS_11 "1.2.840.113549.1.12"
3013 #define szOID_RSA_RSA "1.2.840.113549.1.1.1"
3014 #define CERT_RSA_PUBLIC_KEY_OBJID szOID_RSA_RSA
3015 #define CERT_DEFAULT_OID_PUBLIC_KEY_SIGN szOID_RSA_RSA
3016 #define CERT_DEFAULT_OID_PUBLIC_KEY_XCHG szOID_RSA_RSA
3017 #define szOID_RSA_MD2RSA "1.2.840.113549.1.1.2"
3018 #define szOID_RSA_MD4RSA "1.2.840.113549.1.1.3"
3019 #define szOID_RSA_MD5RSA "1.2.840.113549.1.1.4"
3020 #define szOID_RSA_SHA1RSA "1.2.840.113549.1.1.5"
3021 #define szOID_RSA_SET0AEP_RSA "1.2.840.113549.1.1.6"
3022 #define szOID_RSA_SHA256RSA "1.2.840.113549.1.1.11"
3023 #define szOID_RSA_SHA384RSA "1.2.840.113549.1.1.12"
3024 #define szOID_RSA_SHA512RSA "1.2.840.113549.1.1.13"
3025 #define szOID_RSA_DH "1.2.840.113549.1.3.1"
3026 #define szOID_RSA_data "1.2.840.113549.1.7.1"
3027 #define szOID_RSA_signedData "1.2.840.113549.1.7.2"
3028 #define szOID_RSA_envelopedData "1.2.840.113549.1.7.3"
3029 #define szOID_RSA_signEnvData "1.2.840.113549.1.7.4"
3030 #define szOID_RSA_digestedData "1.2.840.113549.1.7.5"
3031 #define szOID_RSA_hashedData "1.2.840.113549.1.7.5"
3032 #define szOID_RSA_encryptedData "1.2.840.113549.1.7.6"
3033 #define szOID_RSA_emailAddr "1.2.840.113549.1.9.1"
3034 #define szOID_RSA_unstructName "1.2.840.113549.1.9.2"
3035 #define szOID_RSA_contentType "1.2.840.113549.1.9.3"
3036 #define szOID_RSA_messageDigest "1.2.840.113549.1.9.4"
3037 #define szOID_RSA_signingTime "1.2.840.113549.1.9.5"
3038 #define szOID_RSA_counterSign "1.2.840.113549.1.9.6"
3039 #define szOID_RSA_challengePwd "1.2.840.113549.1.9.7"
3040 #define szOID_RSA_unstructAddr "1.2.840.113549.1.9.9"
3041 #define szOID_RSA_extCertAttrs "1.2.840.113549.1.9.9"
3042 #define szOID_RSA_certExtensions "1.2.840.113549.1.9.14"
3043 #define szOID_RSA_SMIMECapabilities "1.2.840.113549.1.9.15"
3044 #define szOID_RSA_preferSignedData "1.2.840.113549.1.9.15.1"
3045 #define szOID_RSA_SMIMEalg "1.2.840.113549.1.9.16.3"
3046 #define szOID_RSA_SMIMEalgESDH "1.2.840.113549.1.9.16.3.5"
3047 #define szOID_RSA_SMIMEalgCMS3DESwrap "1.2.840.113549.1.9.16.3.6"
3048 #define szOID_RSA_SMIMEalgCMSRC2wrap "1.2.840.113549.1.9.16.3.7"
3049 #define szOID_RSA_MD2 "1.2.840.113549.2.2"
3050 #define szOID_RSA_MD4 "1.2.840.113549.2.4"
3051 #define szOID_RSA_MD5 "1.2.840.113549.2.5"
3052 #define szOID_RSA_RC2CBC "1.2.840.113549.3.2"
3053 #define szOID_RSA_RC4 "1.2.840.113549.3.4"
3054 #define szOID_RSA_DES_EDE3_CBC "1.2.840.113549.3.7"
3055 #define szOID_RSA_RC5_CBCPad "1.2.840.113549.3.9"
3056 #define szOID_ANSI_X942 "1.2.840.10046"
3057 #define szOID_ANSI_X942_DH "1.2.840.10046.2.1"
3058 #define szOID_X957 "1.2.840.10040"
3059 #define szOID_X957_DSA "1.2.840.10040.4.1"
3060 #define szOID_X957_SHA1DSA "1.2.840.10040.4.3"
3061 #define szOID_ECC_PUBLIC_KEY "1.2.840.10045.2.1"
3062 #define szOID_ECC_CURVE_P256 "1.2.840.10045.3.1.7"
3063 #define szOID_ECDSA_SPECIFIED "1.2.840.10045.4.3"
3064 #define szOID_ECDSA_SHA256 "1.2.840.10045.4.3.2"
3065 #define szOID_ECDSA_SHA384 "1.2.840.10045.4.3.3"
3066 #define szOID_ECDSA_SHA512 "1.2.840.10045.4.3.4"
3067 #define szOID_DS "2.5"
3068 #define szOID_DSALG "2.5.8"
3069 #define szOID_DSALG_CRPT "2.5.8.1"
3070 #define szOID_DSALG_HASH "2.5.8.2"
3071 #define szOID_DSALG_SIGN "2.5.8.3"
3072 #define szOID_DSALG_RSA "2.5.8.1.1"
3073 #define szOID_OIW "1.3.14"
3074 #define szOID_OIWSEC "1.3.14.3.2"
3075 #define szOID_OIWSEC_md4RSA "1.3.14.3.2.2"
3076 #define szOID_OIWSEC_md5RSA "1.3.14.3.2.3"
3077 #define szOID_OIWSEC_md4RSA2 "1.3.14.3.2.4"
3078 #define szOID_OIWSEC_desECB "1.3.14.3.2.6"
3079 #define szOID_OIWSEC_desCBC "1.3.14.3.2.7"
3080 #define szOID_OIWSEC_desOFB "1.3.14.3.2.8"
3081 #define szOID_OIWSEC_desCFB "1.3.14.3.2.9"
3082 #define szOID_OIWSEC_desMAC "1.3.14.3.2.10"
3083 #define szOID_OIWSEC_rsaSign "1.3.14.3.2.11"
3084 #define szOID_OIWSEC_dsa "1.3.14.3.2.12"
3085 #define szOID_OIWSEC_shaDSA "1.3.14.3.2.13"
3086 #define szOID_OIWSEC_mdc2RSA "1.3.14.3.2.14"
3087 #define szOID_OIWSEC_shaRSA "1.3.14.3.2.15"
3088 #define szOID_OIWSEC_dhCommMod "1.3.14.3.2.16"
3089 #define szOID_OIWSEC_desEDE "1.3.14.3.2.17"
3090 #define szOID_OIWSEC_sha "1.3.14.3.2.18"
3091 #define szOID_OIWSEC_mdc2 "1.3.14.3.2.19"
3092 #define szOID_OIWSEC_dsaComm "1.3.14.3.2.20"
3093 #define szOID_OIWSEC_dsaCommSHA "1.3.14.3.2.21"
3094 #define szOID_OIWSEC_rsaXchg "1.3.14.3.2.22"
3095 #define szOID_OIWSEC_keyHashSeal "1.3.14.3.2.23"
3096 #define szOID_OIWSEC_md2RSASign "1.3.14.3.2.24"
3097 #define szOID_OIWSEC_md5RSASign "1.3.14.3.2.25"
3098 #define szOID_OIWSEC_sha1 "1.3.14.3.2.26"
3099 #define szOID_OIWSEC_dsaSHA1 "1.3.14.3.2.27"
3100 #define szOID_OIWSEC_dsaCommSHA1 "1.3.14.3.2.28"
3101 #define szOID_OIWSEC_sha1RSASign "1.3.14.3.2.29"
3102 #define szOID_OIWDIR "1.3.14.7.2"
3103 #define szOID_OIWDIR_CRPT "1.3.14.7.2.1"
3104 #define szOID_OIWDIR_HASH "1.3.14.7.2.2"
3105 #define szOID_OIWDIR_SIGN "1.3.14.7.2.3"
3106 #define szOID_OIWDIR_md2 "1.3.14.7.2.2.1"
3107 #define szOID_OIWDIR_md2RSA "1.3.14.7.2.3.1"
3108 #define szOID_ECC_CURVE_P384 "1.3.132.0.34"
3109 #define szOID_ECC_CURVE_P521 "1.3.132.0.35"
3110 #define szOID_INFOSEC "2.16.840.1.101.2.1"
3111 #define szOID_INFOSEC_sdnsSignature "2.16.840.1.101.2.1.1.1"
3112 #define szOID_INFOSEC_mosaicSignature "2.16.840.1.101.2.1.1.2"
3113 #define szOID_INFOSEC_sdnsConfidentiality "2.16.840.1.101.2.1.1.3"
3114 #define szOID_INFOSEC_mosaicConfidentiality "2.16.840.1.101.2.1.1.4"
3115 #define szOID_INFOSEC_sdnsIntegrity "2.16.840.1.101.2.1.1.5"
3116 #define szOID_INFOSEC_mosaicIntegrity "2.16.840.1.101.2.1.1.6"
3117 #define szOID_INFOSEC_sdnsTokenProtection "2.16.840.1.101.2.1.1.7"
3118 #define szOID_INFOSEC_mosaicTokenProtection "2.16.840.1.101.2.1.1.8"
3119 #define szOID_INFOSEC_sdnsKeyManagement "2.16.840.1.101.2.1.1.9"
3120 #define szOID_INFOSEC_mosaicKeyManagement "2.16.840.1.101.2.1.1.10"
3121 #define szOID_INFOSEC_sdnsKMandSig "2.16.840.1.101.2.1.1.11"
3122 #define szOID_INFOSEC_mosaicKMandSig "2.16.840.1.101.2.1.1.12"
3123 #define szOID_INFOSEC_SuiteASignature "2.16.840.1.101.2.1.1.13"
3124 #define szOID_INFOSEC_SuiteAConfidentiality "2.16.840.1.101.2.1.1.14"
3125 #define szOID_INFOSEC_SuiteAIntegrity "2.16.840.1.101.2.1.1.15"
3126 #define szOID_INFOSEC_SuiteATokenProtection "2.16.840.1.101.2.1.1.16"
3127 #define szOID_INFOSEC_SuiteAKeyManagement "2.16.840.1.101.2.1.1.17"
3128 #define szOID_INFOSEC_SuiteAKMandSig "2.16.840.1.101.2.1.1.18"
3129 #define szOID_INFOSEC_mosaicUpdatedSig "2.16.840.1.101.2.1.1.19"
3130 #define szOID_INFOSEC_mosaicKMandUpdSig "2.16.840.1.101.2.1.1.20"
3131 #define szOID_INFOSEC_mosaicUpdateInteg "2.16.840.1.101.2.1.1.21"
3132 #define szOID_COMMON_NAME "2.5.4.3"
3133 #define szOID_SUR_NAME "2.5.4.4"
3134 #define szOID_DEVICE_SERIAL_NUMBER "2.5.4.5"
3135 #define szOID_COUNTRY_NAME "2.5.4.6"
3136 #define szOID_LOCALITY_NAME "2.5.4.7"
3137 #define szOID_STATE_OR_PROVINCE_NAME "2.5.4.8"
3138 #define szOID_STREET_ADDRESS "2.5.4.9"
3139 #define szOID_ORGANIZATION_NAME "2.5.4.10"
3140 #define szOID_ORGANIZATIONAL_UNIT_NAME "2.5.4.11"
3141 #define szOID_TITLE "2.5.4.12"
3142 #define szOID_DESCRIPTION "2.5.4.13"
3143 #define szOID_SEARCH_GUIDE "2.5.4.14"
3144 #define szOID_BUSINESS_CATEGORY "2.5.4.15"
3145 #define szOID_POSTAL_ADDRESS "2.5.4.16"
3146 #define szOID_POSTAL_CODE "2.5.4.17"
3147 #define szOID_POST_OFFICE_BOX "2.5.4.18"
3148 #define szOID_PHYSICAL_DELIVERY_OFFICE_NAME "2.5.4.19"
3149 #define szOID_TELEPHONE_NUMBER "2.5.4.20"
3150 #define szOID_TELEX_NUMBER "2.5.4.21"
3151 #define szOID_TELETEXT_TERMINAL_IDENTIFIER "2.5.4.22"
3152 #define szOID_FACSIMILE_TELEPHONE_NUMBER "2.5.4.23"
3153 #define szOID_X21_ADDRESS "2.5.4.24"
3154 #define szOID_INTERNATIONAL_ISDN_NUMBER "2.5.4.25"
3155 #define szOID_REGISTERED_ADDRESS "2.5.4.26"
3156 #define szOID_DESTINATION_INDICATOR "2.5.4.27"
3157 #define szOID_PREFERRED_DELIVERY_METHOD "2.5.4.28"
3158 #define szOID_PRESENTATION_ADDRESS "2.5.4.29"
3159 #define szOID_SUPPORTED_APPLICATION_CONTEXT "2.5.4.30"
3160 #define szOID_MEMBER "2.5.4.31"
3161 #define szOID_OWNER "2.5.4.32"
3162 #define szOID_ROLE_OCCUPANT "2.5.4.33"
3163 #define szOID_SEE_ALSO "2.5.4.34"
3164 #define szOID_USER_PASSWORD "2.5.4.35"
3165 #define szOID_USER_CERTIFICATE "2.5.4.36"
3166 #define szOID_CA_CERTIFICATE "2.5.4.37"
3167 #define szOID_AUTHORITY_REVOCATION_LIST "2.5.4.38"
3168 #define szOID_CERTIFICATE_REVOCATION_LIST "2.5.4.39"
3169 #define szOID_CROSS_CERTIFICATE_PAIR "2.5.4.40"
3170 #define szOID_GIVEN_NAME "2.5.4.42"
3171 #define szOID_INITIALS "2.5.4.43"
3172 #define szOID_DN_QUALIFIER "2.5.4.46"
3173 #define szOID_AUTHORITY_KEY_IDENTIFIER "2.5.29.1"
3174 #define szOID_KEY_ATTRIBUTES "2.5.29.2"
3175 #define szOID_CERT_POLICIES_95 "2.5.29.3"
3176 #define szOID_KEY_USAGE_RESTRICTION "2.5.29.4"
3177 #define szOID_LEGACY_POLICY_MAPPINGS "2.5.29.5"
3178 #define szOID_SUBJECT_ALT_NAME "2.5.29.7"
3179 #define szOID_ISSUER_ALT_NAME "2.5.29.8"
3180 #define szOID_SUBJECT_DIR_ATTRS "2.5.29.9"
3181 #define szOID_BASIC_CONSTRAINTS "2.5.29.10"
3182 #define szOID_SUBJECT_KEY_IDENTIFIER "2.5.29.14"
3183 #define szOID_KEY_USAGE "2.5.29.15"
3184 #define szOID_PRIVATEKEY_USAGE_PERIOD "2.5.29.16"
3185 #define szOID_SUBJECT_ALT_NAME2 "2.5.29.17"
3186 #define szOID_ISSUER_ALT_NAME2 "2.5.29.18"
3187 #define szOID_BASIC_CONSTRAINTS2 "2.5.29.19"
3188 #define szOID_CRL_NUMBER "2.5.29.20"
3189 #define szOID_CRL_REASON_CODE "2.5.29.21"
3190 #define szOID_REASON_CODE_HOLD "2.5.29.23"
3191 #define szOID_DELTA_CRL_INDICATOR "2.5.29.27"
3192 #define szOID_ISSUING_DIST_POINT "2.5.29.28"
3193 #define szOID_NAME_CONSTRAINTS "2.5.29.30"
3194 #define szOID_CRL_DIST_POINTS "2.5.29.31"
3195 #define szOID_CERT_POLICIES "2.5.29.32"
3196 #define szOID_ANY_CERT_POLICY "2.5.29.32.0"
3197 #define szOID_POLICY_MAPPINGS "2.5.29.33"
3198 #define szOID_AUTHORITY_KEY_IDENTIFIER2 "2.5.29.35"
3199 #define szOID_POLICY_CONSTRAINTS "2.5.29.36"
3200 #define szOID_ENHANCED_KEY_USAGE "2.5.29.37"
3201 #define szOID_FRESHEST_CRL "2.5.29.46"
3202 #define szOID_INHIBIT_ANY_POLICY "2.5.29.54"
3203 #define szOID_DOMAIN_COMPONENT "0.9.2342.19200300.100.1.25"
3204 #define szOID_PKCS_12_FRIENDLY_NAME_ATTR "1.2.840.113549.1.9.20"
3205 #define szOID_PKCS_12_LOCAL_KEY_ID "1.2.840.113549.1.9.21"
3206 #define szOID_CERT_EXTENSIONS "1.3.6.1.4.1.311.2.1.14"
3207 #define szOID_NEXT_UPDATE_LOCATION "1.3.6.1.4.1.311.10.2"
3208 #define szOID_KP_CTL_USAGE_SIGNING "1.3.6.1.4.1.311.10.3.1"
3209 #define szOID_KP_TIME_STAMP_SIGNING "1.3.6.1.4.1.311.10.3.2"
3210 #ifndef szOID_SERVER_GATED_CRYPTO
3211 #define szOID_SERVER_GATED_CRYPTO "1.3.6.1.4.1.311.10.3.3"
3212 #endif
3213 #ifndef szOID_SGC_NETSCAPE
3214 #define szOID_SGC_NETSCAPE "2.16.840.1.113730.4.1"
3215 #endif
3216 #define szOID_KP_EFS "1.3.6.1.4.1.311.10.3.4"
3217 #define szOID_EFS_RECOVERY "1.3.6.1.4.1.311.10.3.4.1"
3218 #define szOID_WHQL_CRYPTO "1.3.6.1.4.1.311.10.3.5"
3219 #define szOID_NT5_CRYPTO "1.3.6.1.4.1.311.10.3.6"
3220 #define szOID_OEM_WHQL_CRYPTO "1.3.6.1.4.1.311.10.3.7"
3221 #define szOID_EMBEDDED_NT_CRYPTO "1.3.6.1.4.1.311.10.3.8"
3222 #define szOID_ROOT_LIST_SIGNER "1.3.6.1.4.1.311.10.3.9"
3223 #define szOID_KP_QUALIFIED_SUBORDINATION "1.3.6.1.4.1.311.10.3.10"
3224 #define szOID_KP_KEY_RECOVERY "1.3.6.1.4.1.311.10.3.11"
3225 #define szOID_KP_DOCUMENT_SIGNING "1.3.6.1.4.1.311.10.3.12"
3226 #define szOID_KP_LIFETIME_SIGNING "1.3.6.1.4.1.311.10.3.13"
3227 #define szOID_KP_MOBILE_DEVICE_SOFTWARE "1.3.6.1.4.1.311.10.3.14"
3228 #define szOID_YESNO_TRUST_ATTR "1.3.6.1.4.1.311.10.4.1"
3229 #ifndef szOID_DRM
3230 #define szOID_DRM "1.3.6.1.4.1.311.10.5.1"
3231 #endif
3232 #ifndef szOID_DRM_INDIVIDUALIZATION
3233 #define szOID_DRM_INDIVIDUALIZATION "1.3.6.1.4.1.311.10.5.2"
3234 #endif
3235 #ifndef szOID_LICENSES
3236 #define szOID_LICENSES "1.3.6.1.4.1.311.10.6.1"
3237 #endif
3238 #ifndef szOID_LICENSE_SERVER
3239 #define szOID_LICENSE_SERVER "1.3.6.1.4.1.311.10.6.2"
3240 #endif
3241 #define szOID_REMOVE_CERTIFICATE "1.3.6.1.4.1.311.10.8.1"
3242 #define szOID_CROSS_CERT_DIST_POINTS "1.3.6.1.4.1.311.10.9.1"
3243 #define szOID_CTL "1.3.6.1.4.1.311.10.1"
3244 #define szOID_SORTED_CTL "1.3.6.1.4.1.311.10.1.1"
3245 #define szOID_ANY_APPLICATION_POLICY "1.3.6.1.4.1.311.10.12.1"
3246 #define szOID_RENEWAL_CERTIFICATE "1.3.6.1.4.1.311.13.1"
3247 #define szOID_ENROLLMENT_NAME_VALUE_PAIR "1.3.6.1.4.1.311.13.2.1"
3248 #define szOID_ENROLLMENT_CSP_PROVIDER "1.3.6.1.4.1.311.13.2.2"
3249 #define szOID_OS_VERSION "1.3.6.1.4.1.311.13.2.3"
3250 #define szOID_PKCS_12_KEY_PROVIDER_NAME_ATTR "1.3.6.1.4.1.311.17.1"
3251 #define szOID_LOCAL_MACHINE_KEYSET "1.3.6.1.4.1.311.17.2"
3252 #define szOID_AUTO_ENROLL_CTL_USAGE "1.3.6.1.4.1.311.20.1"
3253 #define szOID_ENROLL_CERTTYPE_EXTENSION "1.3.6.1.4.1.311.20.2"
3254 #define szOID_ENROLLMENT_AGENT "1.3.6.1.4.1.311.20.2.1"
3255 #ifndef szOID_KP_SMARTCARD_LOGON
3256 #define szOID_KP_SMARTCARD_LOGON "1.3.6.1.4.1.311.20.2.2"
3257 #endif
3258 #ifndef szOID_NT_PRINCIPAL_NAME
3259 #define szOID_NT_PRINCIPAL_NAME "1.3.6.1.4.1.311.20.2.3"
3260 #endif
3261 #define szOID_CERT_MANIFOLD "1.3.6.1.4.1.311.20.3"
3262 #ifndef szOID_CERTSRV_CA_VERSION
3263 #define szOID_CERTSRV_CA_VERSION "1.3.6.1.4.1.311.21.1"
3264 #endif
3265 #define szOID_CERTSRV_PREVIOUS_CERT_HASH "1.3.6.1.4.1.311.21.2"
3266 #define szOID_CRL_VIRTUAL_BASE "1.3.6.1.4.1.311.21.3"
3267 #define szOID_CRL_NEXT_PUBLISH "1.3.6.1.4.1.311.21.4"
3268 #define szOID_KP_CA_EXCHANGE "1.3.6.1.4.1.311.21.5"
3269 #define szOID_KP_KEY_RECOVERY_AGENT "1.3.6.1.4.1.311.21.6"
3270 #define szOID_CERTIFICATE_TEMPLATE "1.3.6.1.4.1.311.21.7"
3271 #define szOID_ENTERPRISE_OID_ROOT "1.3.6.1.4.1.311.21.8"
3272 #define szOID_RDN_DUMMY_SIGNER "1.3.6.1.4.1.311.21.9"
3273 #define szOID_APPLICATION_CERT_POLICIES "1.3.6.1.4.1.311.21.10"
3274 #define szOID_APPLICATION_POLICY_MAPPINGS "1.3.6.1.4.1.311.21.11"
3275 #define szOID_APPLICATION_POLICY_CONSTRAINTS "1.3.6.1.4.1.311.21.12"
3276 #define szOID_ARCHIVED_KEY_ATTR "1.3.6.1.4.1.311.21.13"
3277 #define szOID_CRL_SELF_CDP "1.3.6.1.4.1.311.21.14"
3278 #define szOID_REQUIRE_CERT_CHAIN_POLICY "1.3.6.1.4.1.311.21.15"
3279 #define szOID_ARCHIVED_KEY_CERT_HASH "1.3.6.1.4.1.311.21.16"
3280 #define szOID_ISSUED_CERT_HASH "1.3.6.1.4.1.311.21.17"
3281 #define szOID_DS_EMAIL_REPLICATION "1.3.6.1.4.1.311.21.19"
3282 #define szOID_REQUEST_CLIENT_INFO "1.3.6.1.4.1.311.21.20"
3283 #define szOID_ENCRYPTED_KEY_HASH "1.3.6.1.4.1.311.21.21"
3284 #define szOID_CERTSRV_CROSSCA_VERSION "1.3.6.1.4.1.311.21.22"
3285 #define szOID_KEYID_RDN "1.3.6.1.4.1.311.10.7.1"
3286 #define szOID_PKIX "1.3.6.1.5.5.7"
3287 #define szOID_PKIX_PE "1.3.6.1.5.5.7.1"
3288 #define szOID_AUTHORITY_INFO_ACCESS "1.3.6.1.5.5.7.1.1"
3289 #define szOID_PKIX_POLICY_QUALIFIER_CPS "1.3.6.1.5.5.7.2.1"
3290 #define szOID_PKIX_POLICY_QUALIFIER_USERNOTICE "1.3.6.1.5.5.7.2.2"
3291 #define szOID_PKIX_KP "1.3.6.1.5.5.7.3"
3292 #define szOID_PKIX_KP_SERVER_AUTH "1.3.6.1.5.5.7.3.1"
3293 #define szOID_PKIX_KP_CLIENT_AUTH "1.3.6.1.5.5.7.3.2"
3294 #define szOID_PKIX_KP_CODE_SIGNING "1.3.6.1.5.5.7.3.3"
3295 #define szOID_PKIX_KP_EMAIL_PROTECTION "1.3.6.1.5.5.7.3.4"
3296 #define szOID_PKIX_KP_IPSEC_END_SYSTEM "1.3.6.1.5.5.7.3.5"
3297 #define szOID_PKIX_KP_IPSEC_TUNNEL "1.3.6.1.5.5.7.3.6"
3298 #define szOID_PKIX_KP_IPSEC_USER "1.3.6.1.5.5.7.3.7"
3299 #define szOID_PKIX_KP_TIMESTAMP_SIGNING "1.3.6.1.5.5.7.3.8"
3300 #define szOID_PKIX_NO_SIGNATURE "1.3.6.1.5.5.7.6.2"
3301 #define szOID_CMC "1.3.6.1.5.5.7.7"
3302 #define szOID_CMC_STATUS_INFO "1.3.6.1.5.5.7.7.1"
3303 #define szOID_CMC_IDENTIFICATION "1.3.6.1.5.5.7.7.2"
3304 #define szOID_CMC_IDENTITY_PROOF "1.3.6.1.5.5.7.7.3"
3305 #define szOID_CMC_DATA_RETURN "1.3.6.1.5.5.7.7.4"
3306 #define szOID_CMC_TRANSACTION_ID "1.3.6.1.5.5.7.7.5"
3307 #define szOID_CMC_SENDER_NONCE "1.3.6.1.5.5.7.7.6"
3308 #define szOID_CMC_RECIPIENT_NONCE "1.3.6.1.5.5.7.7.7"
3309 #define szOID_CMC_ADD_EXTENSIONS "1.3.6.1.5.5.7.7.8"
3310 #define szOID_CMC_ENCRYPTED_POP "1.3.6.1.5.5.7.7.9"
3311 #define szOID_CMC_DECRYPTED_POP "1.3.6.1.5.5.7.7.10"
3312 #define szOID_CMC_LRA_POP_WITNESS "1.3.6.1.5.5.7.7.11"
3313 #define szOID_CMC_GET_CERT "1.3.6.1.5.5.7.7.15"
3314 #define szOID_CMC_GET_CRL "1.3.6.1.5.5.7.7.16"
3315 #define szOID_CMC_REVOKE_REQUEST "1.3.6.1.5.5.7.7.17"
3316 #define szOID_CMC_REG_INFO "1.3.6.1.5.5.7.7.18"
3317 #define szOID_CMC_RESPONSE_INFO "1.3.6.1.5.5.7.7.19"
3318 #define szOID_CMC_QUERY_PENDING "1.3.6.1.5.5.7.7.21"
3319 #define szOID_CMC_ID_POP_LINK_RANDOM "1.3.6.1.5.5.7.7.22"
3320 #define szOID_CMC_ID_POP_LINK_WITNESS "1.3.6.1.5.5.7.7.23"
3321 #define szOID_CT_PKI_DATA "1.3.6.1.5.5.7.12.2"
3322 #define szOID_CT_PKI_RESPONSE "1.3.6.1.5.5.7.12.3"
3323 #define szOID_PKIX_ACC_DESCR "1.3.6.1.5.5.7.48"
3324 #define szOID_PKIX_OCSP "1.3.6.1.5.5.7.48.1"
3325 #define szOID_PKIX_CA_ISSUERS "1.3.6.1.5.5.7.48.2"
3326 #define szOID_IPSEC_KP_IKE_INTERMEDIATE "1.3.6.1.5.5.8.2.2"
3327 
3328 #ifndef szOID_SERIALIZED
3329 #define szOID_SERIALIZED "1.3.6.1.4.1.311.10.3.3.1"
3330 #endif
3331 
3332 #ifndef szOID_PRODUCT_UPDATE
3333 #define szOID_PRODUCT_UPDATE "1.3.6.1.4.1.311.31.1"
3334 #endif
3335 
3336 #define szOID_NETSCAPE "2.16.840.1.113730"
3337 #define szOID_NETSCAPE_CERT_EXTENSION "2.16.840.1.113730.1"
3338 #define szOID_NETSCAPE_CERT_TYPE "2.16.840.1.113730.1.1"
3339 #define szOID_NETSCAPE_BASE_URL "2.16.840.1.113730.1.2"
3340 #define szOID_NETSCAPE_REVOCATION_URL "2.16.840.1.113730.1.3"
3341 #define szOID_NETSCAPE_CA_REVOCATION_URL "2.16.840.1.113730.1.4"
3342 #define szOID_NETSCAPE_CERT_RENEWAL_URL "2.16.840.1.113730.1.7"
3343 #define szOID_NETSCAPE_CA_POLICY_URL "2.16.840.1.113730.1.8"
3344 #define szOID_NETSCAPE_SSL_SERVER_NAME "2.16.840.1.113730.1.12"
3345 #define szOID_NETSCAPE_COMMENT "2.16.840.1.113730.1.13"
3346 #define szOID_NETSCAPE_DATA_TYPE "2.16.840.1.113730.2"
3347 #define szOID_NETSCAPE_CERT_SEQUENCE "2.16.840.1.113730.2.5"
3348 
3349 #define szOID_NIST_sha256 "2.16.840.1.101.3.4.2.1"
3350 #define szOID_NIST_sha384 "2.16.840.1.101.3.4.2.2"
3351 #define szOID_NIST_sha512 "2.16.840.1.101.3.4.2.3"
3352 
3353 /* Bits for szOID_NETSCAPE_CERT_TYPE */
3354 #define NETSCAPE_SSL_CLIENT_AUTH_CERT_TYPE 0x80
3355 #define NETSCAPE_SSL_SERVER_AUTH_CERT_TYPE 0x40
3356 #define NETSCAPE_SMIME_CERT_TYPE 0x20
3357 #define NETSCAPE_SIGN_CERT_TYPE 0x10
3358 #define NETSCAPE_SSL_CA_CERT_TYPE 0x04
3359 #define NETSCAPE_SMIME_CA_CERT_TYPE 0x02
3360 #define NETSCAPE_SIGN_CA_CERT_TYPE 0x01
3361 
3362 #define CRYPT_ENCODE_DECODE_NONE 0
3363 #define X509_CERT ((LPCSTR)1)
3364 #define X509_CERT_TO_BE_SIGNED ((LPCSTR)2)
3365 #define X509_CERT_CRL_TO_BE_SIGNED ((LPCSTR)3)
3366 #define X509_CERT_REQUEST_TO_BE_SIGNED ((LPCSTR)4)
3367 #define X509_EXTENSIONS ((LPCSTR)5)
3368 #define X509_NAME_VALUE ((LPCSTR)6)
3369 #define X509_ANY_STRING X509_NAME_VALUE
3370 #define X509_NAME ((LPCSTR)7)
3371 #define X509_PUBLIC_KEY_INFO ((LPCSTR)8)
3372 #define X509_AUTHORITY_KEY_ID ((LPCSTR)9)
3373 #define X509_KEY_ATTRIBUTES ((LPCSTR)10)
3374 #define X509_KEY_USAGE_RESTRICTION ((LPCSTR)11)
3375 #define X509_ALTERNATE_NAME ((LPCSTR)12)
3376 #define X509_BASIC_CONSTRAINTS ((LPCSTR)13)
3377 #define X509_KEY_USAGE ((LPCSTR)14)
3378 #define X509_BASIC_CONSTRAINTS2 ((LPCSTR)15)
3379 #define X509_CERT_POLICIES ((LPCSTR)16)
3380 #define PKCS_UTC_TIME ((LPCSTR)17)
3381 #define PKCS_TIME_REQUEST ((LPCSTR)18)
3382 #define RSA_CSP_PUBLICKEYBLOB ((LPCSTR)19)
3383 #define X509_UNICODE_NAME ((LPCSTR)20)
3384 #define X509_KEYGEN_REQUEST_TO_BE_SIGNED ((LPCSTR)21)
3385 #define PKCS_ATTRIBUTE ((LPCSTR)22)
3386 #define PKCS_CONTENT_INFO_SEQUENCE_OF_ANY ((LPCSTR)23)
3387 #define X509_UNICODE_NAME_VALUE ((LPCSTR)24)
3388 #define X509_UNICODE_ANY_STRING X509_UNICODE_NAME_VALUE
3389 #define X509_OCTET_STRING ((LPCSTR)25)
3390 #define X509_BITS ((LPCSTR)26)
3391 #define X509_INTEGER ((LPCSTR)27)
3392 #define X509_MULTI_BYTE_INTEGER ((LPCSTR)28)
3393 #define X509_ENUMERATED ((LPCSTR)29)
3394 #define X509_CRL_REASON_CODE X509_ENUMERATED
3395 #define X509_CHOICE_OF_TIME ((LPCSTR)30)
3396 #define X509_AUTHORITY_KEY_ID2 ((LPCSTR)31)
3397 #define X509_AUTHORITY_INFO_ACCESS ((LPCSTR)32)
3398 #define PKCS_CONTENT_INFO ((LPCSTR)33)
3399 #define X509_SEQUENCE_OF_ANY ((LPCSTR)34)
3400 #define X509_CRL_DIST_POINTS ((LPCSTR)35)
3401 #define X509_ENHANCED_KEY_USAGE ((LPCSTR)36)
3402 #define PKCS_CTL ((LPCSTR)37)
3403 #define X509_MULTI_BYTE_UINT ((LPCSTR)38)
3404 #define X509_DSS_PUBLICKEY X509_MULTI_BYTE_UINT
3405 #define X509_DSS_PARAMETERS ((LPCSTR)39)
3406 #define X509_DSS_SIGNATURE ((LPCSTR)40)
3407 #define PKCS_RC2_CBC_PARAMETERS ((LPCSTR)41)
3408 #define PKCS_SMIME_CAPABILITIES ((LPCSTR)42)
3409 #define PKCS_RSA_PRIVATE_KEY ((LPCSTR)43)
3410 #define PKCS_PRIVATE_KEY_INFO ((LPCSTR)44)
3411 #define PKCS_ENCRYPTED_PRIVATE_KEY_INFO ((LPCSTR)45)
3412 #define X509_PKIX_POLICY_QUALIFIER_USERNOTICE ((LPCSTR)46)
3413 #define X509_DH_PUBLICKEY X509_MULTI_BYTE_UINT
3414 #define X509_DH_PARAMETERS ((LPCSTR)47)
3415 #define X509_ECC_SIGNATURE ((LPCSTR)47)
3416 #define PKCS_ATTRIBUTES ((LPCSTR)48)
3417 #define PKCS_SORTED_CTL ((LPCSTR)49)
3418 #define X942_DH_PARAMETERS ((LPCSTR)50)
3419 #define X509_BITS_WITHOUT_TRAILING_ZEROES ((LPCSTR)51)
3420 #define X942_OTHER_INFO ((LPCSTR)52)
3421 #define X509_CERT_PAIR ((LPCSTR)53)
3422 #define X509_ISSUING_DIST_POINT ((LPCSTR)54)
3423 #define X509_NAME_CONSTRAINTS ((LPCSTR)55)
3424 #define X509_POLICY_MAPPINGS ((LPCSTR)56)
3425 #define X509_POLICY_CONSTRAINTS ((LPCSTR)57)
3426 #define X509_CROSS_CERT_DIST_POINTS ((LPCSTR)58)
3427 #define CMC_DATA ((LPCSTR)59)
3428 #define CMC_RESPONSE ((LPCSTR)60)
3429 #define CMC_STATUS ((LPCSTR)61)
3430 #define CMC_ADD_EXTENSIONS ((LPCSTR)62)
3431 #define CMC_ADD_ATTRIBUTES ((LPCSTR)63)
3432 #define X509_CERTIFICATE_TEMPLATE ((LPCSTR)64)
3433 #define X509_OBJECT_IDENTIFIER ((LPCSTR)73)
3434 #define PKCS7_SIGNER_INFO ((LPCSTR)500)
3435 #define CMS_SIGNER_INFO ((LPCSTR)501)
3436 
3437 /* encode/decode flags */
3438 #define CRYPT_ENCODE_NO_SIGNATURE_BYTE_REVERSAL_FLAG 0x00008
3439 #define CRYPT_ENCODE_ALLOC_FLAG 0x08000
3440 #define CRYPT_SORTED_CTL_ENCODE_HASHED_SUBJECT_IDENTIFIER_FLAG 0x10000
3441 #define CRYPT_UNICODE_NAME_ENCODE_ENABLE_T61_UNICODE_FLAG \
3442  CERT_RDN_ENABLE_T61_UNICODE_FLAG
3443 #define CRYPT_UNICODE_NAME_ENCODE_ENABLE_UTF8_UNICODE_FLAG \
3444  CERT_RDN_ENABLE_UTF8_UNICODE_FLAG
3445 #define CRYPT_UNICODE_NAME_ENCODE_DISABLE_CHECK_TYPE_FLAG \
3446  CERT_RDN_DISABLE_CHECK_TYPE_FLAG
3447 
3448 #define CRYPT_DECODE_NOCOPY_FLAG 0x00001
3449 #define CRYPT_DECODE_TO_BE_SIGNED_FLAG 0x00002
3450 #define CRYPT_DECODE_SHARE_OID_STRING_FLAG 0x00004
3451 #define CRYPT_DECODE_NO_SIGNATURE_BYTE_REVERSAL_FLAG 0x00008
3452 #define CRYPT_DECODE_ALLOC_FLAG 0x08000
3453 #define CRYPT_UNICODE_NAME_DECODE_DISABLE_IE4_UTF8_FLAG \
3454  CERT_RDN_DISABLE_IE4_UTF8_FLAG
3455 
3456 #define CERT_STORE_SIGNATURE_FLAG 0x00000001
3457 #define CERT_STORE_TIME_VALIDITY_FLAG 0x00000002
3458 #define CERT_STORE_REVOCATION_FLAG 0x00000004
3459 #define CERT_STORE_NO_CRL_FLAG 0x00010000
3460 #define CERT_STORE_NO_ISSUER_FLAG 0x00020000
3461 
3462 #define CERT_STORE_BASE_CRL_FLAG 0x00000100
3463 #define CERT_STORE_DELTA_CRL_FLAG 0x00000200
3464 
3465 /* subject types for CryptVerifyCertificateSignatureEx */
3466 #define CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB 1
3467 #define CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT 2
3468 #define CRYPT_VERIFY_CERT_SIGN_SUBJECT_CRL 3
3469 
3470 /* issuer types for CryptVerifyCertificateSignatureEx */
3471 #define CRYPT_VERIFY_CERT_SIGN_ISSUER_PUBKEY 1
3472 #define CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT 2
3473 #define CRYPT_VERIFY_CERT_SIGN_ISSUER_CHAIN 3
3474 #define CRYPT_VERIFY_CERT_SIGN_ISSUER_NULL 4
3475 
3476 #define CRYPT_GET_URL_FROM_PROPERTY 0x00000001
3477 #define CRYPT_GET_URL_FROM_EXTENSION 0x00000002
3478 #define CRYPT_GET_URL_FROM_UNAUTH_ATTRIBUTE 0x00000004
3479 #define CRYPT_GET_URL_FROM_AUTH_ATTRIBUTE 0x00000008
3480 
3481 /* Certificate name string types and flags */
3482 #define CERT_SIMPLE_NAME_STR 1
3483 #define CERT_OID_NAME_STR 2
3484 #define CERT_X500_NAME_STR 3
3485 #define CERT_NAME_STR_SEMICOLON_FLAG 0x40000000
3486 #define CERT_NAME_STR_NO_PLUS_FLAG 0x20000000
3487 #define CERT_NAME_STR_NO_QUOTING_FLAG 0x10000000
3488 #define CERT_NAME_STR_CRLF_FLAG 0x08000000
3489 #define CERT_NAME_STR_COMMA_FLAG 0x04000000
3490 #define CERT_NAME_STR_REVERSE_FLAG 0x02000000
3491 #define CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG 0x00040000
3492 #define CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG 0x00020000
3493 #define CERT_NAME_STR_DISABLE_IE4_UTF8_FLAG 0x00010000
3494 
3495 #define CERT_NAME_EMAIL_TYPE 1
3496 #define CERT_NAME_RDN_TYPE 2
3497 #define CERT_NAME_ATTR_TYPE 3
3498 #define CERT_NAME_SIMPLE_DISPLAY_TYPE 4
3499 #define CERT_NAME_FRIENDLY_DISPLAY_TYPE 5
3500 #define CERT_NAME_DNS_TYPE 6
3501 #define CERT_NAME_URL_TYPE 7
3502 #define CERT_NAME_UPN_TYPE 8
3503 
3504 #define CERT_NAME_ISSUER_FLAG 0x00000001
3505 #define CERT_NAME_DISABLE_IE4_UTF8_FLAG 0x00010000
3506 
3507 /* CryptFormatObject flags */
3508 #define CRYPT_FORMAT_STR_MULTI_LINE 0x0001
3509 #define CRYPT_FORMAT_STR_NO_HEX 0x0010
3510 
3511 #define CRYPT_FORMAT_SIMPLE 0x0001
3512 #define CRYPT_FORMAT_X509 0x0002
3513 #define CRYPT_FORMAT_OID 0x0004
3514 #define CRYPT_FORMAT_RDN_SEMICOLON 0x0100
3515 #define CRYPT_FORMAT_RDN_CRLF 0x0200
3516 #define CRYPT_FORMAT_RDN_UNQUOTE 0x0400
3517 #define CRYPT_FORMAT_RDN_REVERSE 0x0800
3518 
3519 #define CRYPT_FORMAT_COMMA 0x1000
3520 #define CRYPT_FORMAT_SEMICOLON CRYPT_FORMAT_RDN_SEMICOLON
3521 #define CRYPT_FORMAT_CRLF CRYPT_FORMAT_RDN_CRLF
3522 
3523 /* CryptQueryObject types and flags */
3524 #define CERT_QUERY_OBJECT_FILE 1
3525 #define CERT_QUERY_OBJECT_BLOB 2
3526 
3527 #define CERT_QUERY_CONTENT_CERT 1
3528 #define CERT_QUERY_CONTENT_CTL 2
3529 #define CERT_QUERY_CONTENT_CRL 3
3530 #define CERT_QUERY_CONTENT_SERIALIZED_STORE 4
3531 #define CERT_QUERY_CONTENT_SERIALIZED_CERT 5
3532 #define CERT_QUERY_CONTENT_SERIALIZED_CTL 6
3533 #define CERT_QUERY_CONTENT_SERIALIZED_CRL 7
3534 #define CERT_QUERY_CONTENT_PKCS7_SIGNED 8
3535 #define CERT_QUERY_CONTENT_PKCS7_UNSIGNED 9
3536 #define CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED 10
3537 #define CERT_QUERY_CONTENT_PKCS10 11
3538 #define CERT_QUERY_CONTENT_PFX 12
3539 #define CERT_QUERY_CONTENT_CERT_PAIR 13
3540 
3541 #define CERT_QUERY_CONTENT_FLAG_CERT (1 << CERT_QUERY_CONTENT_CERT)
3542 #define CERT_QUERY_CONTENT_FLAG_CTL (1 << CERT_QUERY_CONTENT_CTL)
3543 #define CERT_QUERY_CONTENT_FLAG_CRL (1 << CERT_QUERY_CONTENT_CRL)
3544 #define CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE \
3545  (1 << CERT_QUERY_CONTENT_SERIALIZED_STORE)
3546 #define CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT \
3547  (1 << CERT_QUERY_CONTENT_SERIALIZED_CERT)
3548 #define CERT_QUERY_CONTENT_FLAG_SERIALIZED_CTL \
3549  (1 << CERT_QUERY_CONTENT_SERIALIZED_CTL)
3550 #define CERT_QUERY_CONTENT_FLAG_SERIALIZED_CRL \
3551  (1 << CERT_QUERY_CONTENT_SERIALIZED_CRL)
3552 #define CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED \
3553  (1 << CERT_QUERY_CONTENT_PKCS7_SIGNED)
3554 #define CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED \
3555  (1 << CERT_QUERY_CONTENT_PKCS7_UNSIGNED)
3556 #define CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED \
3557  (1 << CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED)
3558 #define CERT_QUERY_CONTENT_FLAG_PKCS10 (1 << CERT_QUERY_CONTENT_PKCS10)
3559 #define CERT_QUERY_CONTENT_FLAG_PFX (1 << CERT_QUERY_CONTENT_PFX)
3560 #define CERT_QUERY_CONTENT_FLAG_CERT_PAIR (1 << CERT_QUERY_CONTENT_CERT_PAIR)
3561 
3562 #define CERT_QUERY_CONTENT_FLAG_ALL \
3563  CERT_QUERY_CONTENT_FLAG_CERT | \
3564  CERT_QUERY_CONTENT_FLAG_CTL | \
3565  CERT_QUERY_CONTENT_FLAG_CRL | \
3566  CERT_QUERY_CONTENT_FLAG_SERIALIZED_STORE | \
3567  CERT_QUERY_CONTENT_FLAG_SERIALIZED_CERT | \
3568  CERT_QUERY_CONTENT_FLAG_SERIALIZED_CTL | \
3569  CERT_QUERY_CONTENT_FLAG_SERIALIZED_CRL | \
3570  CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED | \
3571  CERT_QUERY_CONTENT_FLAG_PKCS7_UNSIGNED | \
3572  CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED | \
3573  CERT_QUERY_CONTENT_FLAG_PKCS10 | \
3574  CERT_QUERY_CONTENT_FLAG_PFX | \
3575  CERT_QUERY_CONTENT_FLAG_CERT_PAIR
3576 
3577 #define CERT_QUERY_FORMAT_BINARY 1
3578 #define CERT_QUERY_FORMAT_BASE64_ENCODED 2
3579 #define CERT_QUERY_FORMAT_ASN_ASCII_HEX_ENCODED 3
3580 
3581 #define CERT_QUERY_FORMAT_FLAG_BINARY (1 << CERT_QUERY_FORMAT_BINARY)
3582 #define CERT_QUERY_FORMAT_FLAG_BASE64_ENCODED \
3583  (1 << CERT_QUERY_FORMAT_BASE64_ENCODED)
3584 #define CERT_QUERY_FORMAT_FLAG_ASN_ASCII_HEX_ENCODED \
3585  (1 << CERT_QUERY_FORMAT_ASN_ASCII_HEX_ENCODED)
3586 
3587 #define CERT_QUERY_FORMAT_FLAG_ALL \
3588  CERT_QUERY_FORMAT_FLAG_BINARY | \
3589  CERT_QUERY_FORMAT_FLAG_BASE64_ENCODED | \
3590  CERT_QUERY_FORMAT_FLAG_ASN_ASCII_HEX_ENCODED \
3591 
3592 #define CERT_SET_KEY_PROV_HANDLE_PROP_ID 0x00000001
3593 #define CERT_SET_KEY_CONTEXT_PROP_ID 0x00000001
3594 
3595 #define CERT_CREATE_SELFSIGN_NO_SIGN 1
3596 #define CERT_CREATE_SELFSIGN_NO_KEY_INFO 2
3597 
3598 /* flags for CryptAcquireCertificatePrivateKey */
3599 #define CRYPT_ACQUIRE_CACHE_FLAG 0x00000001
3600 #define CRYPT_ACQUIRE_USE_PROV_INFO_FLAG 0x00000002
3601 #define CRYPT_ACQUIRE_COMPARE_KEY_FLAG 0x00000004
3602 #define CRYPT_ACQUIRE_SILENT_FLAG 0x00000040
3603 
3604 /* flags for CryptFindCertificateKeyProvInfo */
3605 #define CRYPT_FIND_USER_KEYSET_FLAG 0x00000001
3606 #define CRYPT_FIND_MACHINE_KEYSET_FLAG 0x00000002
3607 #define CRYPT_FIND_SILENT_KEYSET_FLAG 0x00000040
3608 
3609 /* Chain engines and chains */
3611 #define HCCE_CURRENT_USER ((HCERTCHAINENGINE)NULL)
3612 #define HCCE_LOCAL_MACHINE ((HCERTCHAINENGINE)1)
3613 
3614 #define CERT_CHAIN_CACHE_END_CERT 0x00000001
3615 #define CERT_CHAIN_THREAD_STORE_SYNC 0x00000002
3616 #define CERT_CHAIN_CACHE_ONLY_URL_RETRIEVAL 0x00000004
3617 #define CERT_CHAIN_USE_LOCAL_MACHINE_STORE 0x00000008
3618 #define CERT_CHAIN_ENABLE_CACHE_AUTO_UPDATE 0x00000010
3619 #define CERT_CHAIN_ENABLE_SHARE_STORE 0x00000020
3620 
3622 {
3624  HCERTSTORE hRestrictedRoot;
3625  HCERTSTORE hRestrictedTrust;
3626  HCERTSTORE hRestrictedOther;
3628  HCERTSTORE *rghAdditionalStore;
3633  HCERTSTORE hExclusiveRoot;
3636 
3637 /* message-related definitions */
3638 
3639 typedef BOOL
3641  _In_opt_ const void *pvArg,
3642  _In_reads_bytes_opt_(cbData) BYTE *pbData,
3643  _In_ DWORD cbData,
3644  _In_ BOOL fFinal);
3645 
3646 #define CMSG_INDEFINITE_LENGTH 0xffffffff
3647 
3648 typedef struct _CMSG_STREAM_INFO
3649 {
3651  PFN_CMSG_STREAM_OUTPUT pfnStreamOutput;
3652  void *pvArg;
3654 
3656 {
3657  CERT_NAME_BLOB Issuer;
3660 
3661 typedef struct _CERT_ID
3662 {
3664  union {
3666  CRYPT_HASH_BLOB KeyId;
3667  CRYPT_HASH_BLOB HashId;
3668  } DUMMYUNIONNAME;
3669 } CERT_ID, *PCERT_ID;
3670 
3671 #define CERT_ID_ISSUER_SERIAL_NUMBER 1
3672 #define CERT_ID_KEY_IDENTIFIER 2
3673 #define CERT_ID_SHA1_HASH 3
3674 
3675 #ifndef USE_WC_PREFIX
3676 #undef CMSG_DATA /* may be defined by sys/socket.h */
3677 #define CMSG_DATA 1
3678 #define CMSG_SIGNED 2
3679 #define CMSG_ENVELOPED 3
3680 #define CMSG_SIGNED_AND_ENVELOPED 4
3681 #define CMSG_HASHED 5
3682 #define CMSG_ENCRYPTED 6
3683 
3684 #define CMSG_ALL_FLAGS ~0U
3685 #define CMSG_DATA_FLAG (1 << CMSG_DATA)
3686 #define CMSG_SIGNED_FLAG (1 << CMSG_SIGNED)
3687 #define CMSG_ENVELOPED_FLAG (1 << CMSG_ENVELOPED)
3688 #define CMSG_SIGNED_AND_ENVELOPED_FLAG (1 << CMSG_SIGNED_AND_ENVELOPED)
3689 #define CMSG_ENCRYPTED_FLAG (1 << CMSG_ENCRYPTED)
3690 #else
3691 #define WC_CMSG_DATA 1
3692 #define WC_CMSG_SIGNED 2
3693 #define WC_CMSG_ENVELOPED 3
3694 #define WC_CMSG_SIGNED_AND_ENVELOPED 4
3695 #define WC_CMSG_HASHED 5
3696 #define WC_CMSG_ENCRYPTED 6
3697 
3698 #define WC_CMSG_ALL_FLAGS ~0U
3699 #define WC_CMSG_DATA_FLAG (1 << WC_CMSG_DATA)
3700 #define WC_CMSG_SIGNED_FLAG (1 << WC_CMSG_SIGNED)
3701 #define WC_CMSG_ENVELOPED_FLAG (1 << WC_CMSG_ENVELOPED)
3702 #define WC_CMSG_SIGNED_AND_ENVELOPED_FLAG (1 << WC_CMSG_SIGNED_AND_ENVELOPED)
3703 #define WC_CMSG_ENCRYPTED_FLAG (1 << WC_CMSG_ENCRYPTED)
3704 #endif
3705 
3707 {
3709  PCERT_INFO pCertInfo;
3710  HCRYPTPROV hCryptProv;
3715  PCRYPT_ATTRIBUTE rgAuthAttr;
3717  PCRYPT_ATTRIBUTE rgUnauthAttr;
3718 #ifdef CMSG_SIGNER_ENCODE_INFO_HAS_CMS_FIELDS
3719  CERT_ID SignerId;
3720  CRYPT_ALGORITHM_IDENTIFIER HashEncryptionAlgorithm;
3721  void *pvHashEncryptionAuxInfo;
3722 #endif
3724 
3726 {
3729  PCMSG_SIGNER_ENCODE_INFO rgSigners;
3731  PCERT_BLOB rgCertEncoded;
3733  PCRL_BLOB rgCrlEncoded;
3734 #ifdef CMSG_SIGNED_ENCODE_INFO_HAS_CMS_FIELDS
3735  DWORD cAttrCertEncoded;
3736  PCERT_BLOB rgAttrCertEncoded;
3737 #endif
3739 
3741 {
3745  HCRYPTPROV_LEGACY hCryptProv;
3749 
3751 {
3756  PCRYPT_ATTRIBUTE_TYPE_VALUE pOtherAttr;
3759 
3761 {
3767  HCRYPTPROV_LEGACY hCryptProv;
3770  union {
3771  PCRYPT_ALGORITHM_IDENTIFIER pEphemeralAlgorithm;
3772  PCERT_ID pSenderId;
3773  } DUMMYUNIONNAME;