diff --git a/winsup/w32api/ChangeLog b/winsup/w32api/ChangeLog index e84ca53a8..cccf09408 100644 --- a/winsup/w32api/ChangeLog +++ b/winsup/w32api/ChangeLog @@ -1,3 +1,39 @@ +2002-02-14 Mattia Barbon + + * include/ntsecpkg.h: New file. + * include/schannel.h: New file. + * include/schnlsp.h: New file. + * include/security.h: New file. + * include/sspi.h: New file. + * include/ntsecapi.h (KERB_WRAP_NO_ENCRYPT, + MICROSOFT_KERBEROS_NAME_[AW]): Add missing constants + * include/wincrypt.h (CALG_*, X509_ASN_ENCODING. + PKCS_7_ASN_ENCODING, CERT_*, USAGE_MATCH_TYPE_AND, + USAGE_MATCH_TYPE_OR, szOID_*): Add missing constants + (struct _CRYPTOAPI_BLOB): Add structure and typedefs. + (SSL_EXTRA_CERT_CHAIN_POLICY_PARA,HTTPSPolicyCallbackData, + CERT_CHAIN_POLICY_PARA,CERT_CHAIN_POLICY_STATUS, + CRYPT_ALGORITHM_IDENTIFIER, CRYPT_BIT_BLOB, + CERT_PUBLIC_KEY_INFO, CERT_EXTENSION, CERT_INFO, CERT_CONTEXT, + CTL_USAGE, CERT_ENHKEY_USAGE, CERT_USAGE_MATCH, + CERT_CHAIN_PARA, CERT_CHAIN_FIND_BY_ISSUER_PARA, + CERT_TRUST_STATUS, CRL_ENTRY, CRL_INFO, CRL_CONTEXT, + CERT_REVOCATION_CRL_INFO, CERT_REVOCATION_INFO, + CERT_CHAIN_ELEMENT, CRYPT_ATTRIBUTE, CTL_ENTRY, CTL_INFO, + CTL_CONTEXT, CERT_TRUST_LIST_INFO, CERT_SIMPLE_CHAIN, + CERT_CHAIN_CONTEXT): Add missing structures. + (CertCloseStore, CertGetCertificateChain, + CertVerifyCertificateChainPolicy, CertFreeCertificateChain, + CertNameToStr[AW], CertOpenSystemStore[AW], CertOpenStore, + CertFindCertificateInStore, CertFreeCertificateContext, + CertGetIssuerCertificateFromStore, + CertFindChainInStore): Add missing functions. + (CertNameToStr, CertOpenSystemStore, CERT_FIND_SUBJECT_STR, + CERT_FIND_ISSUER_STR): Add Unicode mappings. + * lib/crypt32.def: New file. + * lib/secur32.def: Add mising stubs. + * lib/test.c: Include new headers. + 2002-02-14 Danny Smith * include/windef.h (PROC,FARPROC,NEARPROC): Remove void diff --git a/winsup/w32api/include/ntsecapi.h b/winsup/w32api/include/ntsecapi.h index b752f7ab0..a5c81f908 100644 --- a/winsup/w32api/include/ntsecapi.h +++ b/winsup/w32api/include/ntsecapi.h @@ -3,6 +3,7 @@ #ifdef __cplusplus extern "C" { #endif +#define KERB_WRAP_NO_ENCRYPT 0x80000001 #define LOGON_GUEST 1 #define LOGON_NOENCRYPTION 2 #define LOGON_CACHED_ACCOUNT 4 @@ -19,6 +20,8 @@ extern "C" { #define LSA_MODE_MANDATORY_ACCESS 3 #define LSA_MODE_LOG_FULL 4 #define LSA_SUCCESS(x) ((LONG)(x)>=0) +#define MICROSOFT_KERBEROS_NAME_A "Kerberos" +#define MICROSOFT_KERBEROS_NAME_W L"Kerberos" #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 32 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 2048 #define MSV1_0_CHALLENGE_LENGTH 8 diff --git a/winsup/w32api/include/ntsecpkg.h b/winsup/w32api/include/ntsecpkg.h new file mode 100644 index 000000000..4e7696b98 --- /dev/null +++ b/winsup/w32api/include/ntsecpkg.h @@ -0,0 +1,41 @@ +#ifndef _NTSECPKG_H +#define _NTSECPKG_H + +#define ISC_REQ_DELEGATE 1 +#define ISC_REQ_MUTUAL_AUTH 2 +#define ISC_REQ_REPLAY_DETECT 4 +#define ISC_REQ_SEQUENCE_DETECT 8 +#define ISC_REQ_CONFIDENTIALITY 16 +#define ISC_REQ_USE_SESSION_KEY 32 +#define ISC_REQ_PROMPT_FOR_CREDS 64 +#define ISC_REQ_USE_SUPPLIED_CREDS 128 +#define ISC_REQ_ALLOCATE_MEMORY 256 +#define ISC_REQ_USE_DCE_STYLE 512 +#define ISC_REQ_DATAGRAM 1024 +#define ISC_REQ_CONNECTION 2048 +#define ISC_REQ_EXTENDED_ERROR 16384 +#define ISC_REQ_STREAM 32768 +#define ISC_REQ_INTEGRITY 65536 +#define ISC_REQ_MANUAL_CRED_VALIDATION 524288 +#define ISC_REQ_HTTP 268435456 + +#define ISC_RET_EXTENDED_ERROR 16384 + +#define ASC_REQ_DELEGATE 1 +#define ASC_REQ_MUTUAL_AUTH 2 +#define ASC_REQ_REPLAY_DETECT 4 +#define ASC_REQ_SEQUENCE_DETECT 8 +#define ASC_REQ_CONFIDENTIALITY 16 +#define ASC_REQ_USE_SESSION_KEY 32 +#define ASC_REQ_ALLOCATE_MEMORY 256 +#define ASC_REQ_USE_DCE_STYLE 512 +#define ASC_REQ_DATAGRAM 1024 +#define ASC_REQ_CONNECTION 2048 +#define ASC_REQ_EXTENDED_ERROR 32768 +#define ASC_REQ_STREAM 65536 +#define ASC_REQ_INTEGRITY 131072 + +#define SECURITY_NATIVE_DREP 16 +#define SECURITY_NETWORK_DREP 0 + +#endif /* _NTSECPKG_H */ diff --git a/winsup/w32api/include/schannel.h b/winsup/w32api/include/schannel.h new file mode 100644 index 000000000..ae16a4547 --- /dev/null +++ b/winsup/w32api/include/schannel.h @@ -0,0 +1,87 @@ +#ifndef _SCHANNEL_H +#define _SCHANNEL_H + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#define SCHANNEL_CRED_VERSION 4 +#define SCHANNEL_SHUTDOWN 1 +/* ? Do these belong here or in wincrypt.h */ +#define AUTHTYPE_CLIENT 1 +#define AUTHTYPE_SERVER 2 + +#define SP_PROT_TLS1_CLIENT 128 +#define SP_PROT_TLS1_SERVER 64 +#define SP_PROT_SSL3_CLIENT 32 +#define SP_PROT_SSL3_SERVER 16 +#define SP_PROT_SSL2_CLIENT 8 +#define SP_PROT_SSL2_SERVER 4 +#define SP_PROT_PCT1_SERVER 1 +#define SP_PROT_PCT1_CLIENT 2 + +#define SP_PROT_PCT1 (SP_PROT_PCT1_CLIENT|SP_PROT_PCT1_SERVER) +#define SP_PROT_TLS1 (SP_PROT_TLS1_CLIENT|SP_PROT_TLS1_SERVER) +#define SP_PROT_SSL2 (SP_PROT_SSL2_CLIENT|SP_PROT_SSL2_SERVER) +#define SP_PROT_SSL3 (SP_PROT_SSL3_CLIENT|SP_PROT_SSL3_SERVER) + +#define SCH_CRED_NO_SYSTEM_MAPPER 2 +#define SCH_CRED_NO_SERVERNAME_CHECK 4 +#define SCH_CRED_MANUAL_CRED_VALIDATION 8 +#define SCH_CRED_NO_DEFAULT_CREDS 16 +#define SCH_CRED_AUTO_CRED_VALIDATION 32 +#define SCH_CRED_REVOCATION_CHECK_CHAIN 512 +#define SCH_CRED_REVOCATION_CHECK_END_CERT 256 +#define SCH_CRED_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT 1024 +#define SCH_CRED_IGNORE_NO_REVOCATION_CHECK 2048 +#define SCH_CRED_IGNORE_REVOCATION_OFFLINE 4096 +#define SCH_CRED_USE_DEFAULT_CREDS 64 + +typedef struct _SCHANNEL_CRED { + DWORD dwVersion; + DWORD cCreds; + PCCERT_CONTEXT* paCred; + HCERTSTORE hRootStore; + DWORD cMappers; + struct _HMAPPER** aphMappers; + DWORD cSupportedAlgs; + ALG_ID* palgSupportedAlgs; + DWORD grbitEnabledProtocols; + DWORD dwMinimumCypherStrength; + DWORD dwMaximumCypherStrength; + DWORD dwSessionLifespan; + DWORD dwFlags; + DWORD reserved; +} SCHANNEL_CRED, *PSCHANNEL_CRED; +typedef struct _SecPkgCred_SupportedAlgs { + DWORD cSupportedAlgs; + ALG_ID* palgSupportedAlgs; +} SecPkgCred_SupportedAlgs, *PSecPkgCred_SupportedAlgs; +typedef struct _SecPkgCred_CypherStrengths { + DWORD dwMinimumCypherStrength; + DWORD dwMaximumCypherStrength; +} SecPkgCred_CypherStrengths, *PSecPkgCred_CypherStrengths; +typedef struct _SecPkgCred_SupportedProtocols { + DWORD grbitProtocol; +} SecPkgCred_SupportedProtocols, *PSecPkgCred_SupportedProtocols; +typedef struct _SecPkgContext_IssuerListInfoEx { + PCERT_NAME_BLOB aIssuers; + DWORD cIssuers; +} SecPkgContext_IssuerListInfoEx, *PSecPkgContext_IssuerListInfoEx; +typedef struct _SecPkgContext_ConnectionInfo { + DWORD dwProtocol; + ALG_ID aiCipher; + DWORD dwCipherStrength; + ALG_ID aiHash; + DWORD dwHashStrength; + ALG_ID aiExch; + DWORD dwExchStrength; +} SecPkgContext_ConnectionInfo, *PSecPkgContext_ConnectionInfo; + +#ifdef __cplusplus +} +#endif + +#endif /* _SCHANNEL_H */ diff --git a/winsup/w32api/include/schnlsp.h b/winsup/w32api/include/schnlsp.h new file mode 100644 index 000000000..b72a4c25c --- /dev/null +++ b/winsup/w32api/include/schnlsp.h @@ -0,0 +1,10 @@ +#ifndef _SCHNLSP_H +#define _SCHNLSP_H + +#define SECPKG_ATTR_SUPPORTED_ALGS 86 +#define SECPKG_ATTR_CIPHER_STRENGTHS 87 +#define SECPKG_ATTR_SUPPORTED_PROTOCOLS 88 + +#include + +#endif /* _SCHNLSP_H */ diff --git a/winsup/w32api/include/security.h b/winsup/w32api/include/security.h new file mode 100644 index 000000000..bdf8e4116 --- /dev/null +++ b/winsup/w32api/include/security.h @@ -0,0 +1,37 @@ +#ifndef _SECURITY_H +#define _SECURITY_H + +#define SEC_E_OK 0 +#define SEC_E_CERT_EXPIRED (-2146893016) +#define SEC_E_INCOMPLETE_MESSAGE (-2146893032) +#define SEC_E_INSUFFICIENT_MEMORY (-2146893056) +#define SEC_E_INTERNAL_ERROR (-2146893052) +#define SEC_E_INVALID_HANDLE (-2146893055) +#define SEC_E_INVALID_TOKEN (-2146893048) +#define SEC_E_LOGON_DENIED (-2146893044) +#define SEC_E_NO_AUTHENTICATING_AUTHORITY (-2146893039) +#define SEC_E_NO_CREDENTIALS (-2146893042) +#define SEC_E_TARGET_UNKNOWN (-2146893053) +#define SEC_E_UNSUPPORTED_FUNCTION (-2146893054) +#define SEC_E_UNTRUSTED_ROOT (-2146893019) +#define SEC_E_WRONG_PRINCIPAL (-2146893022) +#define SEC_E_SECPKG_NOT_FOUND (-2146893051) +#define SEC_E_QOP_NOT_SUPPORTED (-2146893046) +#define SEC_E_UNKNOWN_CREDENTIALS (-2146893043) +#define SEC_E_NOT_OWNER (-2146893050) +#define SEC_I_RENEGOTIATE 590625 +#define SEC_I_COMPLETE_AND_CONTINUE 590612 +#define SEC_I_COMPLETE_NEEDED 590611 +#define SEC_I_CONTINUE_NEEDED 590610 +#define SEC_I_INCOMPLETE_CREDENTIALS 590624 + +/* always a char */ +typedef char SEC_CHAR; +typedef wchar_t SEC_WCHAR; +typedef long SECURITY_STATUS; +#define SEC_FAR + +#include +#include + +#endif /* _SECURITY_H */ diff --git a/winsup/w32api/include/sspi.h b/winsup/w32api/include/sspi.h new file mode 100644 index 000000000..f24c42084 --- /dev/null +++ b/winsup/w32api/include/sspi.h @@ -0,0 +1,332 @@ +#ifndef _SSPI_H +#define _SSPI_H + +#ifdef __cplusplus +extern "C" { +#endif + +#define SECPKG_CRED_INBOUND 1 +#define SECPKG_CRED_OUTBOUND 2 +#define SECPKG_CRED_BOTH (SECPKG_CRED_OUTBOUND|SECPKG_CRED_INBOUND) +#define SECPKG_CRED_ATTR_NAMES 1 + +#define SECPKG_FLAG_INTEGRITY 1 +#define SECPKG_FLAG_PRIVACY 2 +#define SECPKG_FLAG_TOKEN_ONLY 4 +#define SECPKG_FLAG_DATAGRAM 8 +#define SECPKG_FLAG_CONNECTION 16 +#define SECPKG_FLAG_MULTI_REQUIRED 32 +#define SECPKG_FLAG_CLIENT_ONLY 64 +#define SECPKG_FLAG_EXTENDED_ERROR 128 +#define SECPKG_FLAG_IMPERSONATION 256 +#define SECPKG_FLAG_ACCEPT_WIN32_NAME 512 +#define SECPKG_FLAG_STREAM 1024 + +#define SECPKG_ATTR_AUTHORITY 6 +#define SECPKG_ATTR_CONNECTION_INFO 90 +#define SECPKG_ATTR_ISSUER_LIST 80 +#define SECPKG_ATTR_ISSUER_LIST_EX 89 +#define SECPKG_ATTR_KEY_INFO 5 +#define SECPKG_ATTR_LIFESPAN 2 +#define SECPKG_ATTR_LOCAL_CERT_CONTEXT 84 +#define SECPKG_ATTR_LOCAL_CRED 82 +#define SECPKG_ATTR_NAMES 1 +#define SECPKG_ATTR_PROTO_INFO 7 +#define SECPKG_ATTR_REMOTE_CERT_CONTEXT 83 +#define SECPKG_ATTR_REMOTE_CRED 81 +#define SECPKG_ATTR_SIZES 0 +#define SECPKG_ATTR_STREAM_SIZES 4 + +#define SECBUFFER_EMPTY 0 +#define SECBUFFER_DATA 1 +#define SECBUFFER_TOKEN 2 +#define SECBUFFER_PKG_PARAMS 3 +#define SECBUFFER_MISSING 4 +#define SECBUFFER_EXTRA 5 +#define SECBUFFER_STREAM_TRAILER 6 +#define SECBUFFER_STREAM_HEADER 7 +#define SECBUFFER_PADDING 9 +#define SECBUFFER_STREAM 10 +#define SECBUFFER_READONLY 0x80000000 +#define SECBUFFER_ATTRMASK 0xf0000000 + +#define UNISP_NAME_A "Microsoft Unified Security Protocol Provider" +#define UNISP_NAME_W L"Microsoft Unified Security Protocol Provider" +#define SECBUFFER_VERSION 0 + +typedef struct _SecHandle { + ULONG_PTR dwLower; + ULONG_PTR dwUpper; +} SecHandle, *PSecHandle; +typedef struct _SecBuffer { + ULONG cbBuffer; + ULONG BufferType; + PVOID pvBuffer; +} SecBuffer, *PSecBuffer; +typedef SecHandle CredHandle; +typedef PSecHandle PCredHandle; +typedef SecHandle CtxtHandle; +typedef PSecHandle PCtxtHandle; +typedef struct _SECURITY_INTEGER { + unsigned long LowPart; + long HighPart; +} SECURITY_INTEGER; +typedef SECURITY_INTEGER TimeStamp, *PTimeStamp; +typedef struct _SecBufferDesc { + ULONG ulVersion; + ULONG cBuffers; + PSecBuffer pBuffers; +} SecBufferDesc, *PSecBufferDesc; +typedef struct _SecPkgContext_StreamSizes { + ULONG cbHeader; + ULONG cbTrailer; + ULONG cbMaximumMessage; + ULONG cBuffers; + ULONG cbBlockSize; +} SecPkgContext_StreamSizes, *PSecPkgContext_StreamSizes; +typedef struct _SecPkgContext_Sizes { + ULONG cbMaxToken; + ULONG cbMaxSIgnature; + ULONG cbBlockSize; + ULONG cbSecurityTrailer; +} SecPkgContext_Sizes, *PSecPkgContext_Sizes; +typedef struct _SecPkgContext_AuthorityW { + SEC_WCHAR* sAuthorityName; +} SecPkgContext_AuthorityW, *PSecPkgContext_AuthorityW; +typedef struct _SecPkgContext_AuthorityA { + SEC_CHAR* sAuthorityName; +} SecPkgContext_AuthorityA, *PSecPkgContext_AuthorityA; +typedef struct _SecPkgContext_KeyInfoW { + SEC_WCHAR* sSignatureAlgorithmName; + SEC_WCHAR* sEncryptAlgorithmName; + ULONG KeySize; + ULONG SignatureAlgorithm; + ULONG EncryptAlgorithm; +} SecPkgContext_KeyInfoW, *PSecPkgContext_KeyInfoW; +typedef struct _SecPkgContext_KeyInfoA { + SEC_CHAR* sSignatureAlgorithmName; + SEC_CHAR* sEncryptAlgorithmName; + ULONG KeySize; + ULONG SignatureAlgorithm; + ULONG EncryptAlgorithm; +} SecPkgContext_KeyInfoA, *PSecPkgContext_KeyInfoA; +typedef struct _SecPkgContext_LifeSpan { + TimeStamp tsStart; + TimeStamp tsExpiry; +} SecPkgContext_LifeSpan, *PSecPkgContext_LifeSpan; +typedef struct _SecPkgContext_NamesW { + SEC_WCHAR* sUserName; +} SecPkgContext_NamesW, *PSecPkgContext_NamesW; +typedef struct _SecPkgContext_NamesA { + SEC_CHAR* sUserName; +} SecPkgContext_NamesA, *PSecPkgContext_NamesA; +typedef struct _SecPkgInfoW { + ULONG fCapabilities; + USHORT wVersion; + USHORT wRPCID; + ULONG cbMaxToken; + SEC_WCHAR* Name; + SEC_WCHAR* Comment; +} SecPkgInfoW, *PSecPkgInfoW; +typedef struct _SecPkgInfoA { + ULONG fCapabilities; + USHORT wVersion; + USHORT wRPCID; + ULONG cbMaxToken; + SEC_CHAR* Name; + SEC_CHAR* Comment; +} SecPkgInfoA, *PSecPkgInfoA; +/* supported only in win2k+, so it should be a PSecPkgInfoW */ +/* PSDK does not say it has ANSI/Unicode versions */ +typedef struct _SecPkgContext_PackageInfo { + PSecPkgInfoW PackageInfo; +} SecPkgContext_PackageInfo, *PSecPkgContext_PackageInfo; +typedef struct _SecPkgCredentials_NamesW { + SEC_WCHAR* sUserName; +} SecPkgCredentialsNamesW, *PSecPkgCredentialsNamesW; +typedef struct _SecPkgCredentials_NamesA { + SEC_CHAR* sUserName; +} SecPkgCredentialsNamesA, *PSecPkgCredentialsNamesA; + +/* TODO: missing type in SDK */ +typedef void (*SEC_GET_KEY_FN)(); + +typedef SECURITY_STATUS (WINAPI *ENUMERATE_SECURITY_PACKAGES_FN_W)(PULONG,PSecPkgInfoW*); +typedef SECURITY_STATUS (WINAPI *ENUMERATE_SECURITY_PACKAGES_FN_A)(PULONG,PSecPkgInfoA*); +typedef SECURITY_STATUS (WINAPI *QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(PCredHandle,ULONG,PVOID); +typedef SECURITY_STATUS (WINAPI *QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(PCredHandle,ULONG,PVOID); +typedef SECURITY_STATUS (WINAPI *ACQUIRE_CREDENTIALS_HANDLE_FN_W)(SEC_WCHAR*,SEC_WCHAR*,ULONG,PLUID,PVOID,SEC_GET_KEY_FN,PVOID,PCredHandle,PTimeStamp); +typedef SECURITY_STATUS (WINAPI *ACQUIRE_CREDENTIALS_HANDLE_FN_A)(SEC_CHAR*,SEC_CHAR*,ULONG,PLUID,PVOID,SEC_GET_KEY_FN,PVOID,PCredHandle,PTimeStamp); +typedef SECURITY_STATUS (WINAPI *FREE_CREDENTIALS_HANDLE_FN)(PCredHandle); +typedef SECURITY_STATUS (WINAPI *INITIALIZE_SECURITY_CONTEXT_FN_W)(PCredHandle,PCtxtHandle,SEC_WCHAR*,ULONG,ULONG,ULONG,PSecBufferDesc,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp); +typedef SECURITY_STATUS (WINAPI *INITIALIZE_SECURITY_CONTEXT_FN_A)(PCredHandle,PCtxtHandle,SEC_CHAR*,ULONG,ULONG,ULONG,PSecBufferDesc,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp); +typedef SECURITY_STATUS (WINAPI *ACCEPT_SECURITY_CONTEXT_FN)(PCredHandle,PCtxtHandle,PSecBufferDesc,ULONG,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp); +typedef SECURITY_STATUS (WINAPI *COMPLETE_AUTH_TOKEN_FN)(PCtxtHandle,PSecBufferDesc); +typedef SECURITY_STATUS (WINAPI *DELETE_SECURITY_CONTEXT_FN)(PCtxtHandle); +typedef SECURITY_STATUS (WINAPI *APPLY_CONTROL_TOKEN_FN_W)(PCtxtHandle,PSecBufferDesc); +typedef SECURITY_STATUS (WINAPI *APPLY_CONTROL_TOKEN_FN_A)(PCtxtHandle,PSecBufferDesc); +typedef SECURITY_STATUS (WINAPI *QUERY_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle,ULONG,PVOID); +typedef SECURITY_STATUS (WINAPI *QUERY_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle,ULONG,PVOID); +typedef SECURITY_STATUS (WINAPI *IMPERSONATE_SECURITY_CONTEXT_FN)(PCtxtHandle); +typedef SECURITY_STATUS (WINAPI *REVERT_SECURITY_CONTEXT_FN)(PCtxtHandle); +typedef SECURITY_STATUS (WINAPI *MAKE_SIGNATURE_FN)(PCtxtHandle,ULONG,PSecBufferDesc,ULONG); +typedef SECURITY_STATUS (WINAPI *VERIFY_SIGNATURE_FN)(PCtxtHandle,PSecBufferDesc,ULONG,PULONG); +typedef SECURITY_STATUS (WINAPI *FREE_CONTEXT_BUFFER_FN)(PVOID); +typedef SECURITY_STATUS (WINAPI *QUERY_SECURITY_PACKAGE_INFO_FN_A)(SEC_CHAR*,PSecPkgInfoA*); +typedef SECURITY_STATUS (WINAPI *QUERY_SECURITY_PACKAGE_INFO_FN_W)(SEC_WCHAR*,PSecPkgInfoW*); +typedef SECURITY_STATUS (WINAPI *ENCRYPT_MESSAGE_FN)(PCtxtHandle,ULONG,PSecBufferDesc,ULONG); +typedef SECURITY_STATUS (WINAPI *DECRYPT_MESSAGE_FN)(PCtxtHandle,PSecBufferDesc,ULONG,PULONG); + +typedef struct _SECURITY_FUNCTION_TABLEW { + unsigned long dwVersion; + ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW; + QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW; + ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW; + FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle; + void SEC_FAR* Reserved2; + INITIALIZE_SECURITY_CONTEXT_FN_A InitializeSecurityContextA; + ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext; + COMPLETE_AUTH_TOKEN_FN CompleteAuthToken; + DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext; + APPLY_CONTROL_TOKEN_FN_W ApplyControlTokenW; + QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW; + IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext; + REVERT_SECURITY_CONTEXT_FN RevertSecurityContext; + MAKE_SIGNATURE_FN MakeSignature; + VERIFY_SIGNATURE_FN VerifySignature; + FREE_CONTEXT_BUFFER_FN FreeContextBuffer; + QUERY_SECURITY_PACKAGE_INFO_FN_A QuerySecurityPackageInfoA; + void SEC_FAR* Reserved3; + void SEC_FAR* Reserved4; + void SEC_FAR* Unknown1; + void SEC_FAR* Unknown2; + void SEC_FAR* Unknown3; + void SEC_FAR* Unknown4; + void SEC_FAR* Unknown5; + ENCRYPT_MESSAGE_FN EncryptMessage; + DECRYPT_MESSAGE_FN DecryptMessage; +} SecurityFunctionTableW, *PSecurityFunctionTableW; +typedef struct _SECURITY_FUNCTION_TABLEA { + unsigned long dwVersion; + ENUMERATE_SECURITY_PACKAGES_FN_A EnumerateSecurityPackagesA; + QUERY_CREDENTIALS_ATTRIBUTES_FN_A QueryCredentialsAttributesA; + ACQUIRE_CREDENTIALS_HANDLE_FN_A AcquireCredentialsHandleA; + FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle; + void SEC_FAR* Reserved2; + INITIALIZE_SECURITY_CONTEXT_FN_A InitializeSecurityContextA; + ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext; + COMPLETE_AUTH_TOKEN_FN CompleteAuthToken; + DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext; + APPLY_CONTROL_TOKEN_FN_A ApplyControlTokenA; + QUERY_CONTEXT_ATTRIBUTES_FN_A QueryContextAttributesA; + IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext; + REVERT_SECURITY_CONTEXT_FN RevertSecurityContext; + MAKE_SIGNATURE_FN MakeSignature; + VERIFY_SIGNATURE_FN VerifySignature; + FREE_CONTEXT_BUFFER_FN FreeContextBuffer; + QUERY_SECURITY_PACKAGE_INFO_FN_A QuerySecurityPackageInfoA; + void SEC_FAR* Reserved3; + void SEC_FAR* Reserved4; + void SEC_FAR* Unknown1; + void SEC_FAR* Unknown2; + void SEC_FAR* Unknown3; + void SEC_FAR* Unknown4; + void SEC_FAR* Unknown5; + ENCRYPT_MESSAGE_FN EncryptMessage; + DECRYPT_MESSAGE_FN DecryptMessage; +} SecurityFunctionTableA, *PSecurityFunctionTableA; +typedef PSecurityFunctionTableA (WINAPI *INIT_SECURITY_INTERFACE_A)(VOID); +typedef PSecurityFunctionTableW (WINAPI *INIT_SECURITY_INTERFACE_W)(VOID); + +SECURITY_STATUS WINAPI FreeCredentialsHandle(PCredHandle); +SECURITY_STATUS WINAPI EnumerateSecurityPackagesA(PULONG,PSecPkgInfoA*); +SECURITY_STATUS WINAPI EnumerateSecurityPackagesW(PULONG,PSecPkgInfoW*); +SECURITY_STATUS WINAPI AcquireCredentialsHandleA(SEC_CHAR*,SEC_CHAR*,ULONG,PLUID,PVOID,SEC_GET_KEY_FN,PVOID,PCredHandle,PTimeStamp); +SECURITY_STATUS WINAPI AcquireCredentialsHandleW(SEC_WCHAR*,SEC_WCHAR*,ULONG,PLUID,PVOID,SEC_GET_KEY_FN,PVOID,PCredHandle,PTimeStamp); +SECURITY_STATUS WINAPI AcceptSecurityContext(PCredHandle,PCtxtHandle,PSecBufferDesc,ULONG,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp); +SECURITY_STATUS WINAPI InitializeSecurityContextA(PCredHandle,PCtxtHandle,SEC_CHAR*,ULONG,ULONG,ULONG,PSecBufferDesc,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp); +SECURITY_STATUS WINAPI InitializeSecurityContextW(PCredHandle,PCtxtHandle,SEC_WCHAR*,ULONG,ULONG,ULONG,PSecBufferDesc,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp); +SECURITY_STATUS WINAPI FreeContextBuffer(PVOID); +SECURITY_STATUS WINAPI QueryContextAttributesA(PCtxtHandle,ULONG,PVOID); +SECURITY_STATUS WINAPI QueryContextAttributesW(PCtxtHandle,ULONG,PVOID); +SECURITY_STATUS WINAPI QueryCredentialsAttributesA(PCredHandle,ULONG,PVOID); +SECURITY_STATUS WINAPI QueryCredentialsAttributesW(PCredHandle,ULONG,PVOID); +SECURITY_STATUS WINAPI DecryptMessage(PCtxtHandle,PSecBufferDesc,ULONG,PULONG); +SECURITY_STATUS WINAPI EncryptMessage(PCtxtHandle,ULONG,PSecBufferDesc,ULONG); +SECURITY_STATUS WINAPI DeleteSecurityContext(PCtxtHandle); +SECURITY_STATUS WINAPI CompleteAuthToken(PCtxtHandle,PSecBufferDesc); +SECURITY_STATUS WINAPI ApplyControlTokenA(PCtxtHandle,PSecBufferDesc); +SECURITY_STATUS WINAPI ApplyControlTokenW(PCtxtHandle,PSecBufferDesc); +SECURITY_STATUS WINAPI ImpersonateSecurityContext(PCtxtHandle); +SECURITY_STATUS WINAPI RevertSecurityContext(PCtxtHandle); +SECURITY_STATUS WINAPI MakeSignature(PCtxtHandle,ULONG,PSecBufferDesc,ULONG); +SECURITY_STATUS WINAPI VerifySignature(PCtxtHandle,PSecBufferDesc,ULONG,PULONG); +SECURITY_STATUS WINAPI QuerySecurityPackageInfoA(SEC_CHAR*,PSecPkgInfoA*); +SECURITY_STATUS WINAPI QuerySecurityPackageInfoW(SEC_WCHAR*,PSecPkgInfoW*); +PSecurityFunctionTableA WINAPI InitSecurityInterfaceA(VOID); +PSecurityFunctionTableW WINAPI InitSecurityInterfaceW(VOID); + +#ifdef UNICODE +#define UNISP_NAME UNISP_NAME_W +#define SecPkgInfo SecPkgInfoW +#define PSecPkgInfo PSecPkgInfoW +#define SecPkgCredentialsNames SecPkgCredentialsNamesW +#define PSecPkgCredentialsNames PSecPkgCredentialsNamesW +#define SecPkgContext_Authority SecPkgContext_AuthorityW +#define PSecPkgContext_Authority PSecPkgContext_AuthorityW +#define SecPkgContext_KeyInfo SecPkgContext_KeyInfoW +#define PSecPkgContext_KeyInfo PSecPkgContext_KeyInfoW +#define SecPkgContext_Names SecPkgContext_NamesW +#define PSecPkgContext_Names PSecPkgContext_NamesW +#define SecurityFunctionTable SecurityFunctionTableW +#define PSecurityFunctionTable PSecurityFunctionTableW +#define AcquireCredentialsHandle AcquireCredentialsHandleW +#define EnumerateSecurityPackages EnumerateSecurityPackagesW +#define InitializeSecurityContext InitializeSecurityContextW +#define QueryContextAttributes QueryContextAttributesW +#define QueryCredentialsAttributes QueryCredentialsAttributesW +#define QuerySecurityPackageInfo QuerySecurityPackageInfoW +#define ApplyControlToken ApplyControlTokenW +#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W +#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W +#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W +#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W +#define APPLY_CONTROL_TOKEN_FN APPLY_CONTROL_TOKEN_FN_W +#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W +#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W +#define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W +#else +#define UNISP_NAME UNISP_NAME_A +#define SecPkgInfo SecPkgInfoA +#define PSecPkgInfo PSecPkgInfoA +#define SecPkgCredentialsNames SecPkgCredentialsNamesA +#define PSecPkgCredentialsNames PSecPkgCredentialsNamesA +#define SecPkgContext_Authority SecPkgContext_AuthorityA +#define PSecPkgContext_Authority PSecPkgContext_AuthorityA +#define SecPkgContext_KeyInfo SecPkgContext_KeyInfoA +#define PSecPkgContext_KeyInfo PSecPkgContext_KeyInfoA +#define SecPkgContext_Names SecPkgContext_NamesA +#define PSecPkgContext_Names PSecPkgContext_NamesA +#define SecurityFunctionTable SecurityFunctionTableA +#define PSecurityFunctionTable PSecurityFunctionTableA +#define AcquireCredentialsHandle AcquireCredentialsHandleA +#define EnumerateSecurityPackages EnumerateSecurityPackagesA +#define InitializeSecurityContext InitializeSecurityContextA +#define QueryContextAttributes QueryContextAttributesA +#define QueryCredentialsAttributes QueryCredentialsAttributesA +#define QuerySecurityPackageInfo QuerySecurityPackageInfoA +#define ApplyControlToken ApplyControlTokenA +#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_A +#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_A +#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_A +#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_A +#define APPLY_CONTROL_TOKEN_FN APPLY_CONTROL_TOKEN_FN_A +#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_A +#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_A +#define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_A +#endif + +#ifdef __cplusplus +} +#endif +#endif diff --git a/winsup/w32api/include/wincrypt.h b/winsup/w32api/include/wincrypt.h index 0feba9630..8ec97703b 100644 --- a/winsup/w32api/include/wincrypt.h +++ b/winsup/w32api/include/wincrypt.h @@ -43,6 +43,10 @@ extern "C" { #define CALG_MD5 (ALG_CLASS_HASH|ALG_TYPE_ANY|ALG_SID_MD5) #define CALG_SHA (ALG_CLASS_HASH|ALG_TYPE_ANY|ALG_SID_SHA) #define CALG_MAC (ALG_CLASS_HASH|ALG_TYPE_ANY|ALG_SID_MAC) +#define CALG_3DES (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|3) +#define CALG_CYLINK_MEK (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|12) +#define CALG_SKIPJACK (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|10) +#define CALG_KEA_KEYX (ALG_CLASS_KEY_EXCHANGE|ALG_TYPE_STREAM|ALG_TYPE_DSS|4) #define CALG_RSA_SIGN (ALG_CLASS_SIGNATURE|ALG_TYPE_RSA|ALG_SID_RSA_ANY) #define CALG_DSS_SIGN (ALG_CLASS_SIGNATURE|ALG_TYPE_DSS|ALG_SID_DSS_ANY) #define CALG_RSA_KEYX (ALG_CLASS_KEY_EXCHANGE|ALG_TYPE_RSA|ALG_SID_RSA_ANY) @@ -50,6 +54,8 @@ extern "C" { #define CALG_RC2 (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_BLOCK|ALG_SID_RC2) #define CALG_RC4 (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_STREAM|ALG_SID_RC4) #define CALG_SEAL (ALG_CLASS_DATA_ENCRYPT|ALG_TYPE_STREAM|ALG_SID_SEAL) +#define CALG_DH_EPHEM (ALG_CLASS_KEY_EXCHANGE|ALG_TYPE_STREAM|ALG_TYPE_DSS|ALG_SID_DSS_DMS) + #define CRYPT_VERIFYCONTEXT 0xF0000000 #define CRYPT_NEWKEYSET 8 #define CRYPT_DELETEKEYSET 16 @@ -115,11 +121,346 @@ extern "C" { #define PROV_STT_ISS 11 #define MAXUIDLEN 64 #define CUR_BLOB_VERSION 2 +#define X509_ASN_ENCODING 1 +#define PKCS_7_ASN_ENCODING 65536 +#define CERT_V1 0 +#define CERT_V2 1 +#define CERT_V3 2 +#define CERT_E_CHAINING (-2146762486) +#define CERT_E_CN_NO_MATCH (-2146762481) +#define CERT_E_EXPIRED (-2146762495) +#define CERT_E_PURPOSE (-2146762490) +#define CERT_E_REVOCATION_FAILURE (-2146762482) +#define CERT_E_REVOKED (-2146762484) +#define CERT_E_ROLE (-2146762493) +#define CERT_E_UNTRUSTEDROOT (-2146762487) +#define CERT_E_UNTRUSTEDTESTROOT (-2146762483) +#define CERT_E_VALIDITYPERIODNESTING (-2146762494) +#define CERT_E_WRONG_USAGE (-2146762480) +#define CERT_E_PATHLENCONST (-2146762492) +#define CERT_E_CRITICAL (-2146762491) +#define CERT_E_ISSUERCHAINING (-2146762489) +#define CERT_E_MALFORMED (-2146762488) +#define CRYPT_E_REVOCATION_OFFLINE (-2146885613) +#define CRYPT_E_REVOKED (-2146885616) +#define TRUST_E_BASIC_CONSTRAINTS (-2146869223) +#define TRUST_E_CERT_SIGNATURE (-2146869244) +#define TRUST_E_FAIL (-2146762485) +#define CERT_TRUST_NO_ERROR 0 +#define CERT_TRUST_IS_NOT_TIME_VALID 1 +#define CERT_TRUST_IS_NOT_TIME_NESTED 2 +#define CERT_TRUST_IS_REVOKED 4 +#define CERT_TRUST_IS_NOT_SIGNATURE_VALID 8 +#define CERT_TRUST_IS_NOT_VALID_FOR_USAGE 16 +#define CERT_TRUST_IS_UNTRUSTED_ROOT 32 +#define CERT_TRUST_REVOCATION_STATUS_UNKNOWN 64 +#define CERT_TRUST_IS_CYCLIC 128 +#define CERT_TRUST_IS_PARTIAL_CHAIN 65536 +#define CERT_TRUST_CTL_IS_NOT_TIME_VALID 131072 +#define CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID 262144 +#define CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE 524288 +#define CERT_TRUST_HAS_EXACT_MATCH_ISSUER 1 +#define CERT_TRUST_HAS_KEY_MATCH_ISSUER 2 +#define CERT_TRUST_HAS_NAME_MATCH_ISSUER 4 +#define CERT_TRUST_IS_SELF_SIGNED 8 +#define CERT_TRUST_IS_COMPLEX_CHAIN 65536 +#define CERT_CHAIN_POLICY_BASE ((LPCSTR) 1) +#define CERT_CHAIN_POLICY_AUTHENTICODE ((LPCSTR) 2) +#define CERT_CHAIN_POLICY_AUTHENTICODE_TS ((LPCSTR) 3) +#define CERT_CHAIN_POLICY_SSL ((LPCSTR) 4) +#define CERT_CHAIN_POLICY_BASIC_CONSTRAINTS ((LPCSTR) 5) +#define CERT_CHAIN_POLICY_NT_AUTH ((LPCSTR) 6) +#define USAGE_MATCH_TYPE_AND 0 +#define USAGE_MATCH_TYPE_OR 1 +#define CERT_SIMPLE_NAME_STR 1 +#define CERT_OID_NAME_STR 2 +#define CERT_X500_NAME_STR 3 +#define CERT_NAME_STR_SEMICOLON_FLAG 1073741824 +#define CERT_NAME_STR_CRLF_FLAG 134217728 +#define CERT_NAME_STR_NO_PLUS_FLAG 536870912 +#define CERT_NAME_STR_NO_QUOTING_FLAG 268435456 +#define CERT_NAME_STR_REVERSE_FLAG 33554432 +#define CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG 131072 +#define CERT_FIND_ANY 0 +#define CERT_FIND_CERT_ID 1048576 +#define CERT_FIND_CTL_USAGE 655360 +#define CERT_FIND_ENHKEY_USAGE 655360 +#define CERT_FIND_EXISTING 851968 +#define CERT_FIND_HASH 65536 +#define CERT_FIND_ISSUER_ATTR 196612 +#define CERT_FIND_ISSUER_NAME 131076 +#define CERT_FIND_ISSUER_OF 786432 +#define CERT_FIND_KEY_IDENTIFIER 983040 +#define CERT_FIND_KEY_SPEC 589824 +#define CERT_FIND_MD5_HASH 262144 +#define CERT_FIND_PROPERTY 327680 +#define CERT_FIND_PUBLIC_KEY 393216 +#define CERT_FIND_SHA1_HASH 65536 +#define CERT_FIND_SIGNATURE_HASH 917504 +#define CERT_FIND_SUBJECT_ATTR 196615 +#define CERT_FIND_SUBJECT_CERT 720896 +#define CERT_FIND_SUBJECT_NAME 131079 +#define CERT_FIND_SUBJECT_STR_A 458759 +#define CERT_FIND_SUBJECT_STR_W 524295 +#define CERT_FIND_ISSUER_STR_A 458756 +#define CERT_FIND_ISSUER_STR_W 524292 +#define CERT_FIND_OR_ENHKEY_USAGE_FLAG 16 +#define CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG 1 +#define CERT_FIND_NO_ENHKEY_USAGE_FLAG 8 +#define CERT_FIND_VALID_ENHKEY_USAGE_FLAG 32 +#define CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG 2 +#define CERT_CASE_INSENSITIVE_IS_RDN_ATTRS_FLAG 2 +#define CERT_UNICODE_IS_RDN_ATTRS_FLAG 1 +#define CERT_CHAIN_FIND_BY_ISSUER 1 +#define CERT_CHAIN_FIND_BY_ISSUER_COMPARE_KEY_FLAG 1 +#define CERT_CHAIN_FIND_BY_ISSUER_COMPLEX_CHAIN_FLAG 2 +#define CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG 32768 +#define CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG 4 +#define CERT_CHAIN_FIND_BY_ISSUER_LOCAL_MACHINE_FLAG 8 +#define CERT_CHAIN_FIND_BY_ISSUER_NO_KEY_FLAG 16384 +#define CERT_STORE_PROV_SYSTEM 10 +#define CERT_SYSTEM_STORE_LOCAL_MACHINE 131072 +#define szOID_PKIX_KP_SERVER_AUTH "4235600" +#define szOID_SERVER_GATED_CRYPTO "4235658" +#define szOID_SGC_NETSCAPE "2.16.840.1.113730.4.1" +#define szOID_PKIX_KP_CLIENT_AUTH "1.3.6.1.5.5.7.3.2" + typedef UINT ALG_ID; typedef struct _VTableProvStruc {FARPROC FuncVerifyImage;} VTableProvStruc,*PVTableProvStruc; typedef ULONG HCRYPTPROV; typedef ULONG HCRYPTKEY; typedef ULONG HCRYPTHASH; +typedef PVOID HCERTSTORE; +typedef PVOID HCRYPTMSG; +typedef PVOID HCERTCHAINENGINE; +typedef struct _CRYPTOAPI_BLOB { + DWORD cbData; + BYTE* pbData; +} CRYPT_INTEGER_BLOB, *PCRYPT_INTEGER_BLOB, + CRYPT_UINT_BLOB, *PCRYPT_UINT_BLOB, + CRYPT_OBJID_BLOB, *PCRYPT_OBJID_BLOB, + CERT_NAME_BLOB, *PCERT_NAME_BLOB, + CERT_RDN_VALUE_BLOB,*PCERT_RDN_VALUE_BLOB, + CERT_BLOB, *PCERT_BLOB, + CRL_BLOB, *PCRL_BLOB, + DATA_BLOB, *PDATA_BLOB, + CRYPT_DATA_BLOB, *PCRYPT_DATA_BLOB, + CRYPT_HASH_BLOB, *PCRYPT_HASH_BLOB, + CRYPT_DIGEST_BLOB, *PCRYPT_DIGEST_BLOB, + CRYPT_DER_BLOB, *PCRYPT_DER_BLOB, + CRYPT_ATTR_BLOB, *PCRYPT_ATTR_BLOB; +/* not described in SDK; has the same layout as HTTPSPolicyCallbackData */ +typedef struct _SSL_EXTRA_CERT_CHAIN_POLICY_PARA { + DWORD cbStruct; + DWORD dwAuthType; + DWORD fdwChecks; + LPWSTR pwszServerName; +} SSL_EXTRA_CERT_CHAIN_POLICY_PARA, *PSSL_EXTRA_CERT_CHAIN_POLICY_PARA, + HTTPSPolicyCallbackData, *PHTTPSPolicyCallbackData; +/* #if (_WIN32_WINNT>=0x500) */ +typedef struct _CERT_CHAIN_POLICY_PARA { + DWORD cbSize; + DWORD dwFlags; + void* pvExtraPolicyPara; +} CERT_CHAIN_POLICY_PARA, *PCERT_CHAIN_POLICY_PARA; +typedef struct _CERT_CHAIN_POLICY_STATUS { + DWORD cbSize; + DWORD dwError; + LONG lChainIndex; + LONG lElementIndex; + void* pvExtraPolicyStatus; +} CERT_CHAIN_POLICY_STATUS, *PCERT_CHAIN_POLICY_STATUS; +/* #endif */ +typedef struct _CRYPT_ALGORITHM_IDENTIFIER { + LPSTR pszObjId; + CRYPT_OBJID_BLOB Parameters; +} CRYPT_ALGORITHM_IDENTIFIER, *PCRYPT_ALGORITHM_IDENTIFIER; +typedef struct _CRYPT_BIT_BLOB { + DWORD cbData; + BYTE* pbData; + DWORD cUnusedBits; +} CRYPT_BIT_BLOB, *PCRYPT_BIT_BLOB; +typedef struct _CERT_PUBLIC_KEY_INFO { + CRYPT_ALGORITHM_IDENTIFIER Algorithm; + CRYPT_BIT_BLOB PublicKey; +} CERT_PUBLIC_KEY_INFO, *PCERT_PUBLIC_KEY_INFO; +typedef struct _CERT_EXTENSION { + LPSTR pszObjId; + BOOL fCritical; + CRYPT_OBJID_BLOB Value; +} CERT_EXTENSION, *PCERT_EXTENSION; +typedef struct _CERT_INFO { + DWORD dwVersion; + CRYPT_INTEGER_BLOB SerialNumber; + CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm; + CERT_NAME_BLOB Issuer; + FILETIME NotBefore; + FILETIME NotAfter; + CERT_NAME_BLOB Subject; + CERT_PUBLIC_KEY_INFO SubjectPublicKeyInfo; + CRYPT_BIT_BLOB IssuerUniqueId; + CRYPT_BIT_BLOB SubjectUniqueId; + DWORD cExtension; + PCERT_EXTENSION rgExtension; +} CERT_INFO, *PCERT_INFO; +typedef struct _CERT_CONTEXT { + DWORD dwCertEncodingType; + BYTE* pbCertEncoded; + DWORD cbCertEncoded; + PCERT_INFO pCertInfo; + HCERTSTORE hCertStore; +} CERT_CONTEXT, *PCERT_CONTEXT; +typedef const CERT_CONTEXT *PCCERT_CONTEXT; +typedef struct _CTL_USAGE { + DWORD cUsageIdentifier; + LPSTR *rgpszUsageIdentifier; +} CTL_USAGE, *PCTRL_USAGE, + CERT_ENHKEY_USAGE, *PCERT_ENHKEY_USAGE; +typedef struct _CERT_USAGE_MATCH { + DWORD dwType; + CERT_ENHKEY_USAGE Usage; +} CERT_USAGE_MATCH, *PCERT_USAGE_MATCH; +/* #if (_WIN32_WINNT>=0x500) */ +typedef struct _CERT_CHAIN_PARA { + DWORD cbSize; + CERT_USAGE_MATCH RequestedUsage; +#if CERT_CHAIN_PARA_HAS_EXTRA_FIELDS + CERT_USAGE_MATCH RequestedIssuancePolicy; + DWORD dwUrlRetrievalTimeout; + BOOL fCheckRevocationFreshnessTime; + DWORD dwRevocationFreshnessTime; +#endif +} CERT_CHAIN_PARA, *PCERT_CHAIN_PARA; +typedef BOOL (WINAPI *PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK)(PCCERT_CONTEXT,void*); +typedef struct _CERT_CHAIN_FIND_BY_ISSUER_PARA { + DWORD cbSize; + LPCSTR pszUsageIdentifier; + DWORD dwKeySpec; + DWORD dwAcquirePrivateKeyFlags; + DWORD cIssuer; + CERT_NAME_BLOB* rgIssuer; + PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK pfnFIndCallback; + void* pvFindArg; + DWORD* pdwIssuerChainIndex; + DWORD* pdwIssuerElementIndex; +} CERT_CHAIN_FIND_BY_ISSUER_PARA, *PCERT_CHAIN_FIND_BY_ISSUER_PARA; +/* #endif */ +typedef struct _CERT_TRUST_STATUS { + DWORD dwErrorStatus; + DWORD dwInfoStatus; +} CERT_TRUST_STATUS, *PCERT_TRUST_STATUS; +typedef struct _CRL_ENTRY { + CRYPT_INTEGER_BLOB SerialNumber; + FILETIME RevocationDate; + DWORD cExtension; + PCERT_EXTENSION rgExtension; +} CRL_ENTRY, *PCRL_ENTRY; +typedef struct _CRL_INFO { + DWORD dwVersion; + CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm; + CERT_NAME_BLOB Issuer; + FILETIME ThisUpdate; + FILETIME NextUpdate; + DWORD cCRLEntry; + PCRL_ENTRY rgCRLEntry; + DWORD cExtension; + PCERT_EXTENSION rgExtension; +} CRL_INFO, *PCRL_INFO; +typedef struct _CRL_CONTEXT { + DWORD dwCertEncodingType; + BYTE* pbCrlEncoded; + DWORD cbCrlEncoded; + PCRL_INFO pCrlInfo; + HCERTSTORE hCertStore; +} CRL_CONTEXT, *PCRL_CONTEXT; +typedef const CRL_CONTEXT *PCCRL_CONTEXT; +typedef struct _CERT_REVOCATION_CRL_INFO { + DWORD cbSize; + PCCRL_CONTEXT pBaseCRLContext; + PCCRL_CONTEXT pDeltaCRLContext; + PCRL_ENTRY pCrlEntry; + BOOL fDeltaCrlEntry; +} CERT_REVOCATION_CRL_INFO, *PCERT_REVOCATION_CRL_INFO; +typedef struct _CERT_REVOCATION_INFO { + DWORD cbSize; + DWORD dwRevocationResult; + LPCSTR pszRevocationOid; + LPVOID pvOidSpecificInfo; + BOOL fHasFreshnessTime; + DWORD dwFreshnessTime; + PCERT_REVOCATION_CRL_INFO pCrlInfo; +} CERT_REVOCATION_INFO, *PCERT_REVOCATION_INFO; +/* #if (_WIN32_WINNT>=0x500) */ +typedef struct _CERT_CHAIN_ELEMENT { + DWORD cbSize; + PCCERT_CONTEXT pCertContext; + CERT_TRUST_STATUS TrustStatus; + PCERT_REVOCATION_INFO pRevocationInfo; + PCERT_ENHKEY_USAGE pIssuanceUsage; + PCERT_ENHKEY_USAGE pApplicationUsage; +} CERT_CHAIN_ELEMENT, *PCERT_CHAIN_ELEMENT; +/* #endif */ +typedef struct _CRYPT_ATTRIBUTE { + LPSTR pszObjId; + DWORD cValue; + PCRYPT_ATTR_BLOB rgValue; +} CRYPT_ATTRIBUTE, *PCRYPT_ATTRIBUTE; +typedef struct _CTL_ENTRY { + CRYPT_DATA_BLOB SubjectIdentifier; + DWORD cAttribute; + PCRYPT_ATTRIBUTE rgAttribute; +} CTL_ENTRY, *PCTL_ENTRY; +typedef struct _CTL_INFO { + DWORD dwVersion; + CTL_USAGE SubjectUsage; + CRYPT_DATA_BLOB ListIdentifier; + CRYPT_INTEGER_BLOB SequenceNumber; + FILETIME ThisUpdate; + FILETIME NextUpdate; + CRYPT_ALGORITHM_IDENTIFIER SubjectAlgorithm; + DWORD cCTLEntry; + PCTL_ENTRY rgCTLEntry; + DWORD cExtension; + PCERT_EXTENSION rgExtension; +} CTL_INFO, *PCTL_INFO; +typedef struct _CTL_CONTEXT { + DWORD dwMsgAndCertEncodingType; + BYTE* pbCtlEncoded; + DWORD cbCtlEncoded; + PCTL_INFO pCtlInfo; + HCERTSTORE hCertStore; + HCRYPTMSG hCryptMsg; + BYTE* pbCtlContent; + DWORD cbCtlContent; +} CTL_CONTEXT, *PCTL_CONTEXT; +typedef const CTL_CONTEXT *PCCTL_CONTEXT; +typedef struct _CERT_TRUST_LIST_INFO { + DWORD cbSize; + PCTL_ENTRY pCtlEntry; + PCCTL_CONTEXT pCtlContext; +} CERT_TRUST_LIST_INFO, *PCERT_TRUST_LIST_INFO; +typedef struct _CERT_SIMPLE_CHAIN { + DWORD cbSize; + CERT_TRUST_STATUS TrustStatus; + DWORD cElement; + PCERT_CHAIN_ELEMENT* rgpElement; + PCERT_TRUST_LIST_INFO pTrustListInfo; + BOOL fHasRevocationFreshnessTime; + DWORD dwRevocationFreshnessTime; +} CERT_SIMPLE_CHAIN, *PCERT_SIMPLE_CHAIN; +/* #if (_WIN32_WINNT>=0x500) */ +typedef const struct _CERT_CHAIN_CONTEXT* PCCERT_CHAIN_CONTEXT; +typedef struct _CERT_CHAIN_CONTEXT { + DWORD cbSize; + CERT_TRUST_STATUS TrustStatus; + DWORD cChain; + PCERT_SIMPLE_CHAIN* rgpChain; + DWORD cLowerQualityChainContext; + PCCERT_CHAIN_CONTEXT* rgpLowerQualityChainContext; + BOOL fHasRevocationFreshnessTime; + DWORD dwRevocationFreshnessTime; +} CERT_CHAIN_CONTEXT, *PCERT_CHAIN_CONTEXT; +/* #endif */ typedef struct _PROV_ENUMALGS { ALG_ID aiAlgid; DWORD dwBitLen; @@ -137,6 +478,20 @@ typedef struct _RSAPUBKEY { DWORD bitlen; DWORD pubexp; } RSAPUBKEY; + +BOOL WINAPI CertCloseStore(HCERTSTORE,DWORD); +BOOL WINAPI CertGetCertificateChain(HCERTCHAINENGINE,PCCERT_CONTEXT,LPFILETIME,HCERTSTORE,PCERT_CHAIN_PARA,DWORD,LPVOID,PCCERT_CHAIN_CONTEXT*); +BOOL WINAPI CertVerifyCertificateChainPolicy(LPCSTR,PCCERT_CHAIN_CONTEXT,PCERT_CHAIN_POLICY_PARA,PCERT_CHAIN_POLICY_STATUS); +void WINAPI CertFreeCertificateChain(PCCERT_CHAIN_CONTEXT); +DWORD WINAPI CertNameToStrA(DWORD,PCERT_NAME_BLOB,DWORD,LPSTR,DWORD); +DWORD WINAPI CertNameToStrW(DWORD,PCERT_NAME_BLOB,DWORD,LPWSTR,DWORD); +HCERTSTORE WINAPI CertOpenSystemStoreA(HCRYPTPROV,LPCSTR); +HCERTSTORE WINAPI CertOpenSystemStoreW(HCRYPTPROV,LPCWSTR); +HCERTSTORE WINAPI CertOpenStore(LPCSTR,DWORD,HCRYPTPROV,DWORD,const void*); +PCCERT_CONTEXT WINAPI CertFindCertificateInStore(HCERTSTORE,DWORD,DWORD,DWORD,const void*,PCCERT_CONTEXT); +BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT); +PCCERT_CONTEXT WINAPI CertGetIssuerCertificateFromStore(HCERTSTORE,PCCERT_CONTEXT,PCCERT_CONTEXT,DWORD*); +PCCERT_CHAIN_CONTEXT WINAPI CertFindChainInStore(HCERTSTORE,DWORD,DWORD,DWORD,const void*,PCCERT_CHAIN_CONTEXT); BOOL WINAPI CryptAcquireContextA(HCRYPTPROV*,LPCSTR,LPCSTR,DWORD,DWORD); BOOL WINAPI CryptAcquireContextW(HCRYPTPROV*,LPCWSTR,LPCWSTR,DWORD,DWORD); BOOL WINAPI CryptReleaseContext(HCRYPTPROV,DWORD); @@ -166,20 +521,29 @@ BOOL WINAPI CryptVerifySignatureA(HCRYPTHASH,PBYTE,DWORD,HCRYPTKEY,LPCSTR,DWORD) BOOL WINAPI CryptVerifySignatureW(HCRYPTHASH,PBYTE,DWORD,HCRYPTKEY,LPCWSTR,DWORD); BOOL WINAPI CryptSetProviderA(LPCSTR,DWORD); BOOL WINAPI CryptSetProviderW(LPCWSTR,DWORD); + #ifdef UNICODE +#define CertNameToStr CertNameToStrW #define CryptAcquireContext CryptAcquireContextW #define CryptSignHash CryptSignHashW #define CryptVerifySignature CryptVerifySignatureW #define CryptSetProvider CryptSetProviderW +#define CertOpenSystemStore CertOpenSystemStoreW +#define CERT_FIND_SUBJECT_STR CERT_FIND_SUBJECT_STR_W +#define CERT_FIND_ISSUER_STR CERT_FIND_ISSUER_STR_W #define MS_DEF_PROV MS_DEF_PROV_W #else +#define CertNameToStr CertNameToStrA #define CryptAcquireContext CryptAcquireContextA #define CryptSignHash CryptSignHashA #define CryptVerifySignature CryptVerifySignatureA #define CryptSetProvider CryptSetProviderA +#define CertOpenSystemStore CertOpenSystemStoreA +#define CERT_FIND_SUBJECT_STR CERT_FIND_SUBJECT_STR_A +#define CERT_FIND_ISSUER_STR CERT_FIND_ISSUER_STR_A #define MS_DEF_PROV MS_DEF_PROV_A #endif #ifdef __cplusplus } #endif -#endif +#endif /* _WINCRYPT_H */ diff --git a/winsup/w32api/lib/crypt32.def b/winsup/w32api/lib/crypt32.def new file mode 100644 index 000000000..fca58fd89 --- /dev/null +++ b/winsup/w32api/lib/crypt32.def @@ -0,0 +1,15 @@ +LIBRARY "CRYPT32.DLL" +EXPORTS +CertFreeCertificateChain@4 +CertGetCertificateChain@32 +CertNameToStrA@20 +CertNameToStrW@20 +CertVerifyCertificateChainPolicy@16 +CertCloseStore@8 +CertOpenSystemStoreA@8 +CertOpenSystemStoreW@8 +CertFindCertificateInStore@24 +CertFreeCertificateContext@4 +CertGetIssuerCertificateFromStore@16 +CertFindChainInStore@24 +CertOpenStore@20 diff --git a/winsup/w32api/lib/secur32.def b/winsup/w32api/lib/secur32.def index 129cec8fe..bd130a1e1 100644 --- a/winsup/w32api/lib/secur32.def +++ b/winsup/w32api/lib/secur32.def @@ -1,8 +1,33 @@ LIBRARY SECUR32.dll EXPORTS +AcquireCredentialsHandleA@36 +AcquireCredentialsHandleW@36 +AcceptSecurityContext@36 +DecryptMessage@16 +DeleteSecurityContext@4 +EncryptMessage@16 +EnumerateSecurityPackagesA@8 +EnumerateSecurityPackagesW@8 +FreeContextBuffer@4 +FreeCredentialsHandle@4 +InitializeSecurityContextA@48 +InitializeSecurityContextW@48 LsaCallAuthenticationPackage@28 LsaDeregisterLogonProcess@4 LsaFreeReturnBuffer@4 LsaLogonUser@56 LsaLookupAuthenticationPackage@12 LsaRegisterLogonProcess@12 +QueryContextAttributesA@12 +QueryContextAttributesW@12 +QueryCredentialsAttributesA@12 +QueryCredentialsAttributesW@12 +CompleteAuthToken@8 +ApplyControlTokenA@8 +ApplyControlTokenW@8 +ImpersonateSecurityContext@4 +RevertSecurityContext@4 +MakeSignature@16 +VerifySignature@16 +QuerySecurityPackageInfoA@8 +QuerySecurityPackageInfoW@8 diff --git a/winsup/w32api/lib/test.c b/winsup/w32api/lib/test.c index 9a6d79935..ce9ff3bfb 100644 --- a/winsup/w32api/lib/test.c +++ b/winsup/w32api/lib/test.c @@ -59,6 +59,8 @@ #include #include #include +#include +#include #ifndef __OBJC__ /* problems with BOOL */ #include