1 /**
2 * Windows API header module
3 *
4 * Translated from MinGW Windows headers
5 *
6 * Authors: Stewart Gordon
7 * License: $(LINK2 http://www.boost.org/LICENSE_1_0.txt, Boost License 1.0)
8 * Source: $(DRUNTIMESRC core/sys/windows/_wincrypt.d)
9 */
10 module core.sys.windows.wincrypt;
11 version (Windows):
12 @system:
13 pragma(lib, "advapi32");
14
version(ANSI)15 version (ANSI) {} else version = Unicode;
16
17 import core.sys.windows.w32api, core.sys.windows.winbase, core.sys.windows.windef;
18
19 /* FIXME:
20 * Types of some constants
21 * Types of macros
22 * Inits of various "size" and "version" members
23 * Why are some #ifdefs commented out?
24 */
25
26 const TCHAR[]
27 MS_DEF_PROV = "Microsoft Base Cryptographic Provider v1.0",
28 MS_ENHANCED_PROV = "Microsoft Enhanced Cryptographic Provider v1.0",
29 MS_STRONG_PROV = "Microsoft Strong Cryptographic Provider",
30 MS_DEF_RSA_SIG_PROV = "Microsoft RSA Signature Cryptographic Provider",
31 MS_DEF_RSA_SCHANNEL_PROV = "Microsoft RSA SChannel Cryptographic Provider",
32 MS_DEF_DSS_PROV = "Microsoft Base DSS Cryptographic Provider",
33 MS_DEF_DSS_DH_PROV
34 = "Microsoft Base DSS and Diffie-Hellman Cryptographic Provider",
35 MS_ENH_DSS_DH_PROV
36 = "Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider",
37 MS_DEF_DH_SCHANNEL_PROV = "Microsoft DH SChannel Cryptographic Provider",
38 MS_SCARD_PROV = "Microsoft Base Smart Card Crypto Provider";
39
40 static if (_WIN32_WINNT > 0x501) {
41 const TCHAR[] MS_ENH_RSA_AES_PROV
42 = "Microsoft Enhanced RSA and AES Cryptographic Provider";
43 } else static if (_WIN32_WINNT == 0x501) {
44 const TCHAR[] MS_ENH_RSA_AES_PROV
45 = "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)";
46 }
47
GET_ALG_CLASS(ALG_ID x)48 ALG_ID GET_ALG_CLASS(ALG_ID x) { return x & 0xE000; }
GET_ALG_TYPE(ALG_ID x)49 ALG_ID GET_ALG_TYPE (ALG_ID x) { return x & 0x1E00; }
GET_ALG_SID(ALG_ID x)50 ALG_ID GET_ALG_SID (ALG_ID x) { return x & 0x01FF; }
51
52 enum : ALG_ID {
53 ALG_CLASS_ANY = 0,
54 ALG_CLASS_SIGNATURE = 0x2000,
55 ALG_CLASS_MSG_ENCRYPT = 0x4000,
56 ALG_CLASS_DATA_ENCRYPT = 0x6000,
57 ALG_CLASS_HASH = 0x8000,
58 ALG_CLASS_KEY_EXCHANGE = 0xA000,
59 ALG_CLASS_ALL = 0xE000
60 }
61
62 enum : ALG_ID {
63 ALG_TYPE_ANY = 0,
64 ALG_TYPE_DSS = 0x0200,
65 ALG_TYPE_RSA = 0x0400,
66 ALG_TYPE_BLOCK = 0x0600,
67 ALG_TYPE_STREAM = 0x0800,
68 ALG_TYPE_DH = 0x0A00,
69 ALG_TYPE_SECURECHANNEL = 0x0C00
70 }
71
72 enum : ALG_ID {
73 ALG_SID_ANY = 0,
74 ALG_SID_RSA_ANY = 0,
75 ALG_SID_RSA_PKCS,
76 ALG_SID_RSA_MSATWORK,
77 ALG_SID_RSA_ENTRUST,
78 ALG_SID_RSA_PGP, // = 4
79 ALG_SID_DSS_ANY = 0,
80 ALG_SID_DSS_PKCS,
81 ALG_SID_DSS_DMS, // = 2
82 ALG_SID_DES = 1,
83 ALG_SID_3DES = 3,
84 ALG_SID_DESX,
85 ALG_SID_IDEA,
86 ALG_SID_CAST,
87 ALG_SID_SAFERSK64,
88 ALG_SID_SAFERSK128,
89 ALG_SID_3DES_112,
90 ALG_SID_SKIPJACK,
91 ALG_SID_TEK,
92 ALG_SID_CYLINK_MEK,
93 ALG_SID_RC5, // = 13
94 ALG_SID_RC2 = 2,
95 ALG_SID_RC4 = 1,
96 ALG_SID_SEAL = 2,
97 ALG_SID_MD2 = 1,
98 ALG_SID_MD4,
99 ALG_SID_MD5,
100 ALG_SID_SHA,
101 ALG_SID_MAC,
102 ALG_SID_RIPEMD,
103 ALG_SID_RIPEMD160,
104 ALG_SID_SSL3SHAMD5,
105 ALG_SID_HMAC,
106 ALG_SID_TLS1PRF, // = 10
107 ALG_SID_AES_128 = 14,
108 ALG_SID_AES_192,
109 ALG_SID_AES_256,
110 ALG_SID_AES, // = 17
111 ALG_SID_EXAMPLE = 80
112 }
113
114 enum : ALG_ID {
115 CALG_MD2 = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD2,
116 CALG_MD4 = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD4,
117 CALG_MD5 = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD5,
118 CALG_SHA = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA,
119 CALG_SHA1 = CALG_SHA,
120 CALG_MAC = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MAC,
121 CALG_3DES = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 3,
122 CALG_CYLINK_MEK = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 12,
123 CALG_SKIPJACK = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 10,
124 CALG_KEA_KEYX = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_STREAM | ALG_TYPE_DSS | 4,
125 CALG_RSA_SIGN = ALG_CLASS_SIGNATURE | ALG_TYPE_RSA | ALG_SID_RSA_ANY,
126 CALG_DSS_SIGN = ALG_CLASS_SIGNATURE | ALG_TYPE_DSS | ALG_SID_DSS_ANY,
127 CALG_RSA_KEYX = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_RSA | ALG_SID_RSA_ANY,
128 CALG_DES = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_DES,
129 CALG_RC2 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_RC2,
130 CALG_RC4 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | ALG_SID_RC4,
131 CALG_SEAL = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | ALG_SID_SEAL,
132 CALG_DH_EPHEM = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_STREAM | ALG_TYPE_DSS
133 | ALG_SID_DSS_DMS,
134 CALG_DESX = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_DESX,
135 // is undefined ALG_CLASS_DHASH in MinGW - presuming typo
136 CALG_TLS1PRF = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_TLS1PRF,
137 CALG_AES_128 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_128,
138 CALG_AES_192 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_192,
139 CALG_AES_256 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_256,
140 CALG_AES = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES,
141 }
142
143 enum {
144 CRYPT_VERIFYCONTEXT = 0xF0000000,
145 }
146
147 enum {
148 CRYPT_NEWKEYSET = 8,
149 CRYPT_DELETEKEYSET = 16,
150 CRYPT_MACHINE_KEYSET = 32,
151 CRYPT_SILENT = 64,
152 }
153
154 enum {
155 CRYPT_EXPORTABLE = 1,
156 CRYPT_USER_PROTECTED = 2,
157 CRYPT_CREATE_SALT = 4,
158 CRYPT_UPDATE_KEY = 8,
159 }
160
161 enum {
162 SIMPLEBLOB = 1,
163 PUBLICKEYBLOB = 6,
164 PRIVATEKEYBLOB = 7,
165 PLAINTEXTKEYBLOB = 8,
166 OPAQUEKEYBLOB = 9,
167 PUBLICKEYBLOBEX = 10,
168 SYMMETRICWRAPKEYBLOB = 11,
169 }
170
171 enum {
172 AT_KEYEXCHANGE = 1,
173 AT_SIGNATURE = 2,
174 }
175
176 enum {
177 CRYPT_USERDATA = 1,
178 }
179
180 enum {
181 PKCS5_PADDING = 1,
182 }
183
184 enum {
185 CRYPT_MODE_CBC = 1,
186 CRYPT_MODE_ECB = 2,
187 CRYPT_MODE_OFB = 3,
188 CRYPT_MODE_CFB = 4,
189 CRYPT_MODE_CTS = 5,
190 CRYPT_MODE_CBCI = 6,
191 CRYPT_MODE_CFBP = 7,
192 CRYPT_MODE_OFBP = 8,
193 CRYPT_MODE_CBCOFM = 9,
194 CRYPT_MODE_CBCOFMI = 10,
195 }
196
197 enum {
198 CRYPT_ENCRYPT = 1,
199 CRYPT_DECRYPT = 2,
200 CRYPT_EXPORT = 4,
201 CRYPT_READ = 8,
202 CRYPT_WRITE = 16,
203 CRYPT_MAC = 32,
204 }
205
206 enum {
207 HP_ALGID = 1,
208 HP_HASHVAL = 2,
209 HP_HASHSIZE = 4,
210 HP_HMAC_INFO = 5,
211 }
212
213 enum {
214 CRYPT_FAILED = FALSE,
215 CRYPT_SUCCEED = TRUE,
216 }
217
RCRYPT_SUCCEEDED(BOOL r)218 bool RCRYPT_SUCCEEDED(BOOL r) { return r==CRYPT_SUCCEED; }
RCRYPT_FAILED(BOOL r)219 bool RCRYPT_FAILED(BOOL r) { return r==CRYPT_FAILED; }
220
221 enum {
222 PP_ENUMALGS = 1,
223 PP_ENUMCONTAINERS = 2,
224 PP_IMPTYPE = 3,
225 PP_NAME = 4,
226 PP_VERSION = 5,
227 PP_CONTAINER = 6,
228 PP_CHANGE_PASSWORD = 7,
229 PP_KEYSET_SEC_DESCR = 8,
230 PP_CERTCHAIN = 9,
231 PP_KEY_TYPE_SUBTYPE = 10,
232 PP_PROVTYPE = 16,
233 PP_KEYSTORAGE = 17,
234 PP_APPLI_CERT = 18,
235 PP_SYM_KEYSIZE = 19,
236 PP_SESSION_KEYSIZE = 20,
237 PP_UI_PROMPT = 21,
238 PP_ENUMALGS_EX = 22,
239 PP_ENUMMANDROOTS = 25,
240 PP_ENUMELECTROOTS = 26,
241 PP_KEYSET_TYPE = 27,
242 PP_ADMIN_PIN = 31,
243 PP_KEYEXCHANGE_PIN = 32,
244 PP_SIGNATURE_PIN = 33,
245 PP_SIG_KEYSIZE_INC = 34,
246 PP_KEYX_KEYSIZE_INC = 35,
247 PP_UNIQUE_CONTAINER = 36,
248 PP_SGC_INFO = 37,
249 PP_USE_HARDWARE_RNG = 38,
250 PP_KEYSPEC = 39,
251 PP_ENUMEX_SIGNING_PROT = 40,
252 }
253
254 enum {
255 CRYPT_FIRST = 1,
256 CRYPT_NEXT = 2,
257 }
258
259 enum {
260 CRYPT_IMPL_HARDWARE = 1,
261 CRYPT_IMPL_SOFTWARE = 2,
262 CRYPT_IMPL_MIXED = 3,
263 CRYPT_IMPL_UNKNOWN = 4,
264 }
265
266 enum {
267 PROV_RSA_FULL = 1,
268 PROV_RSA_SIG = 2,
269 PROV_DSS = 3,
270 PROV_FORTEZZA = 4,
271 PROV_MS_MAIL = 5,
272 PROV_SSL = 6,
273 PROV_STT_MER = 7,
274 PROV_STT_ACQ = 8,
275 PROV_STT_BRND = 9,
276 PROV_STT_ROOT = 10,
277 PROV_STT_ISS = 11,
278 PROV_RSA_SCHANNEL = 12,
279 PROV_DSS_DH = 13,
280 PROV_EC_ECDSA_SIG = 14,
281 PROV_EC_ECNRA_SIG = 15,
282 PROV_EC_ECDSA_FULL = 16,
283 PROV_EC_ECNRA_FULL = 17,
284 PROV_DH_SCHANNEL = 18,
285 PROV_SPYRUS_LYNKS = 20,
286 PROV_RNG = 21,
287 PROV_INTEL_SEC = 22,
288 PROV_RSA_AES = 24,
289 MAXUIDLEN = 64,
290 }
291
292 enum {
293 CUR_BLOB_VERSION = 2,
294 }
295
296 enum {
297 X509_ASN_ENCODING = 1,
298 PKCS_7_ASN_ENCODING = 65536,
299 }
300
301 enum {
302 CERT_V1 = 0,
303 CERT_V2 = 1,
304 CERT_V3 = 2,
305 }
306
307 enum {
308 CERT_E_CHAINING = (-2146762486),
309 CERT_E_CN_NO_MATCH = (-2146762481),
310 CERT_E_EXPIRED = (-2146762495),
311 CERT_E_PURPOSE = (-2146762490),
312 CERT_E_REVOCATION_FAILURE = (-2146762482),
313 CERT_E_REVOKED = (-2146762484),
314 CERT_E_ROLE = (-2146762493),
315 CERT_E_UNTRUSTEDROOT = (-2146762487),
316 CERT_E_UNTRUSTEDTESTROOT = (-2146762483),
317 CERT_E_VALIDITYPERIODNESTING = (-2146762494),
318 CERT_E_WRONG_USAGE = (-2146762480),
319 CERT_E_PATHLENCONST = (-2146762492),
320 CERT_E_CRITICAL = (-2146762491),
321 CERT_E_ISSUERCHAINING = (-2146762489),
322 CERT_E_MALFORMED = (-2146762488),
323 CRYPT_E_REVOCATION_OFFLINE = (-2146885613),
324 CRYPT_E_REVOKED = (-2146885616),
325 TRUST_E_BASIC_CONSTRAINTS = (-2146869223),
326 TRUST_E_CERT_SIGNATURE = (-2146869244),
327 TRUST_E_FAIL = (-2146762485),
328 }
329
330 enum {
331 CERT_TRUST_NO_ERROR = 0,
332 CERT_TRUST_IS_NOT_TIME_VALID = 1,
333 CERT_TRUST_IS_NOT_TIME_NESTED = 2,
334 CERT_TRUST_IS_REVOKED = 4,
335 CERT_TRUST_IS_NOT_SIGNATURE_VALID = 8,
336 CERT_TRUST_IS_NOT_VALID_FOR_USAGE = 16,
337 CERT_TRUST_IS_UNTRUSTED_ROOT = 32,
338 CERT_TRUST_REVOCATION_STATUS_UNKNOWN = 64,
339 CERT_TRUST_IS_CYCLIC = 128,
340 CERT_TRUST_IS_PARTIAL_CHAIN = 65536,
341 CERT_TRUST_CTL_IS_NOT_TIME_VALID = 131072,
342 CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID = 262144,
343 CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE = 524288,
344 }
345
346 enum {
347 CERT_TRUST_HAS_EXACT_MATCH_ISSUER = 1,
348 CERT_TRUST_HAS_KEY_MATCH_ISSUER = 2,
349 CERT_TRUST_HAS_NAME_MATCH_ISSUER = 4,
350 CERT_TRUST_IS_SELF_SIGNED = 8,
351 CERT_TRUST_IS_COMPLEX_CHAIN = 65536,
352 }
353
354 enum {
355 CERT_CHAIN_POLICY_BASE = cast(LPCSTR) 1,
356 CERT_CHAIN_POLICY_AUTHENTICODE = cast(LPCSTR) 2,
357 CERT_CHAIN_POLICY_AUTHENTICODE_TS = cast(LPCSTR) 3,
358 CERT_CHAIN_POLICY_SSL = cast(LPCSTR) 4,
359 CERT_CHAIN_POLICY_BASIC_CONSTRAINTS = cast(LPCSTR) 5,
360 CERT_CHAIN_POLICY_NT_AUTH = cast(LPCSTR) 6,
361 }
362
363 enum {
364 USAGE_MATCH_TYPE_AND = 0,
365 USAGE_MATCH_TYPE_OR = 1,
366 }
367
368 enum {
369 CERT_SIMPLE_NAME_STR = 1,
370 CERT_OID_NAME_STR = 2,
371 CERT_X500_NAME_STR = 3,
372 }
373 enum {
374 CERT_NAME_STR_SEMICOLON_FLAG = 1073741824,
375 CERT_NAME_STR_CRLF_FLAG = 134217728,
376 CERT_NAME_STR_NO_PLUS_FLAG = 536870912,
377 CERT_NAME_STR_NO_QUOTING_FLAG = 268435456,
378 CERT_NAME_STR_REVERSE_FLAG = 33554432,
379 CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG = 131072,
380 }
381
382 enum {
383 CERT_FIND_ANY = 0,
384 CERT_FIND_CERT_ID = 1048576,
385 CERT_FIND_CTL_USAGE = 655360,
386 CERT_FIND_ENHKEY_USAGE = 655360,
387 CERT_FIND_EXISTING = 851968,
388 CERT_FIND_HASH = 65536,
389 CERT_FIND_ISSUER_ATTR = 196612,
390 CERT_FIND_ISSUER_NAME = 131076,
391 CERT_FIND_ISSUER_OF = 786432,
392 CERT_FIND_KEY_IDENTIFIER = 983040,
393 CERT_FIND_KEY_SPEC = 589824,
394 CERT_FIND_MD5_HASH = 262144,
395 CERT_FIND_PROPERTY = 327680,
396 CERT_FIND_PUBLIC_KEY = 393216,
397 CERT_FIND_SHA1_HASH = 65536,
398 CERT_FIND_SIGNATURE_HASH = 917504,
399 CERT_FIND_SUBJECT_ATTR = 196615,
400 CERT_FIND_SUBJECT_CERT = 720896,
401 CERT_FIND_SUBJECT_NAME = 131079,
402 CERT_FIND_SUBJECT_STR_A = 458759,
403 CERT_FIND_SUBJECT_STR_W = 524295,
404 CERT_FIND_ISSUER_STR_A = 458756,
405 CERT_FIND_ISSUER_STR_W = 524292,
406 }
407
408 enum {
409 CERT_FIND_OR_ENHKEY_USAGE_FLAG = 16,
410 CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG = 1,
411 CERT_FIND_NO_ENHKEY_USAGE_FLAG = 8,
412 CERT_FIND_VALID_ENHKEY_USAGE_FLAG = 32,
413 CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG = 2,
414 }
415
416 enum {
417 CERT_CASE_INSENSITIVE_IS_RDN_ATTRS_FLAG = 2,
418 CERT_UNICODE_IS_RDN_ATTRS_FLAG = 1,
419 CERT_CHAIN_FIND_BY_ISSUER = 1,
420 }
421
422 enum {
423 CERT_CHAIN_FIND_BY_ISSUER_COMPARE_KEY_FLAG = 1,
424 CERT_CHAIN_FIND_BY_ISSUER_COMPLEX_CHAIN_FLAG = 2,
425 CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG = 4,
426 CERT_CHAIN_FIND_BY_ISSUER_LOCAL_MACHINE_FLAG = 8,
427 CERT_CHAIN_FIND_BY_ISSUER_NO_KEY_FLAG = 16384,
428 CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG = 32768,
429 }
430
431 enum {
432 CERT_STORE_PROV_SYSTEM = 10,
433 CERT_SYSTEM_STORE_LOCAL_MACHINE = 131072,
434 }
435
436 enum {
437 szOID_PKIX_KP_SERVER_AUTH = "4235600",
438 szOID_SERVER_GATED_CRYPTO = "4235658",
439 szOID_SGC_NETSCAPE = "2.16.840.1.113730.4.1",
440 szOID_PKIX_KP_CLIENT_AUTH = "1.3.6.1.5.5.7.3.2",
441 }
442
443 enum {
444 CRYPT_NOHASHOID = 0x00000001,
445 CRYPT_NO_SALT = 0x10,
446 CRYPT_PREGEN = 0x40,
447 }
448
449 enum {
450 CRYPT_RECIPIENT = 0x10,
451 CRYPT_INITIATOR = 0x40,
452 CRYPT_ONLINE = 0x80,
453 CRYPT_SF = 0x100,
454 CRYPT_CREATE_IV = 0x200,
455 CRYPT_KEK = 0x400,
456 CRYPT_DATA_KEY = 0x800,
457 CRYPT_VOLATILE = 0x1000,
458 CRYPT_SGCKEY = 0x2000,
459 }
460
461 enum {
462 KP_IV = 0x00000001,
463 KP_SALT = 0x00000002,
464 KP_PADDING = 0x00000003,
465 KP_MODE = 0x00000004,
466 KP_MODE_BITS = 0x00000005,
467 KP_PERMISSIONS = 0x00000006,
468 KP_ALGID = 0x00000007,
469 KP_BLOCKLEN = 0x00000008,
470 KP_KEYLEN = 0x00000009,
471 KP_SALT_EX = 0x0000000a,
472 KP_P = 0x0000000b,
473 KP_G = 0x0000000c,
474 KP_Q = 0x0000000d,
475 KP_X = 0x0000000e,
476 KP_Y = 0x0000000f,
477 KP_RA = 0x00000010,
478 KP_RB = 0x00000011,
479 KP_INFO = 0x00000012,
480 KP_EFFECTIVE_KEYLEN = 0x00000013,
481 KP_SCHANNEL_ALG = 0x00000014,
482 KP_PUB_PARAMS = 0x00000027,
483 }
484
485 enum {
486 CRYPT_FLAG_PCT1 = 0x0001,
487 CRYPT_FLAG_SSL2 = 0x0002,
488 CRYPT_FLAG_SSL3 = 0x0004,
489 CRYPT_FLAG_TLS1 = 0x0008,
490 CRYPT_FLAG_IPSEC = 0x0010,
491 CRYPT_FLAG_SIGNING = 0x0020,
492 }
493
494 enum {
495 SCHANNEL_MAC_KEY = 0x00000000,
496 SCHANNEL_ENC_KEY = 0x00000001,
497 }
498
499 enum {
500 INTERNATIONAL_USAGE = 0x00000001,
501 }
502
503
504 alias UINT ALG_ID;
505 alias ULONG_PTR HCRYPTPROV, HCRYPTKEY, HCRYPTHASH;
506 alias PVOID HCERTSTORE, HCRYPTMSG, HCERTCHAINENGINE;
507
508 struct VTableProvStruc {
509 FARPROC FuncVerifyImage;
510 }
511 alias VTableProvStruc* PVTableProvStruc;
512
513 struct _CRYPTOAPI_BLOB {
514 DWORD cbData;
515 BYTE* pbData;
516 }
517 alias _CRYPTOAPI_BLOB CRYPT_INTEGER_BLOB, CRYPT_UINT_BLOB,
518 CRYPT_OBJID_BLOB, CERT_NAME_BLOB, CERT_RDN_VALUE_BLOB, CERT_BLOB,
519 CRL_BLOB, DATA_BLOB, CRYPT_DATA_BLOB, CRYPT_HASH_BLOB,
520 CRYPT_DIGEST_BLOB, CRYPT_DER_BLOB, CRYPT_ATTR_BLOB;
521 alias _CRYPTOAPI_BLOB* PCRYPT_INTEGER_BLOB, PCRYPT_UINT_BLOB,
522 PCRYPT_OBJID_BLOB, PCERT_NAME_BLOB, PCERT_RDN_VALUE_BLOB, PCERT_BLOB,
523 PCRL_BLOB, PDATA_BLOB, PCRYPT_DATA_BLOB, PCRYPT_HASH_BLOB,
524 PCRYPT_DIGEST_BLOB, PCRYPT_DER_BLOB, PCRYPT_ATTR_BLOB;
525
526 // not described in SDK; has the same layout as HTTPSPolicyCallbackData
527 struct SSL_EXTRA_CERT_CHAIN_POLICY_PARA {
528 DWORD cbStruct;
529 DWORD dwAuthType;
530 DWORD fdwChecks;
531 LPWSTR pwszServerName;
532 }
533 alias SSL_EXTRA_CERT_CHAIN_POLICY_PARA HTTPSPolicyCallbackData;
534 alias SSL_EXTRA_CERT_CHAIN_POLICY_PARA* PSSL_EXTRA_CERT_CHAIN_POLICY_PARA,
535 PHTTPSPolicyCallbackData;
536
537 /* #if (_WIN32_WINNT>=0x500) */
538 struct CERT_CHAIN_POLICY_PARA {
539 DWORD cbSize = CERT_CHAIN_POLICY_PARA.sizeof;
540 DWORD dwFlags;
541 void* pvExtraPolicyPara;
542 }
543 alias CERT_CHAIN_POLICY_PARA* PCERT_CHAIN_POLICY_PARA;
544
545 struct CERT_CHAIN_POLICY_STATUS {
546 DWORD cbSize = CERT_CHAIN_POLICY_STATUS.sizeof;
547 DWORD dwError;
548 LONG lChainIndex;
549 LONG lElementIndex;
550 void* pvExtraPolicyStatus;
551 }
552 alias CERT_CHAIN_POLICY_STATUS* PCERT_CHAIN_POLICY_STATUS;
553 /* #endif */
554
555 struct CRYPT_ALGORITHM_IDENTIFIER {
556 LPSTR pszObjId;
557 CRYPT_OBJID_BLOB Parameters;
558 }
559 alias CRYPT_ALGORITHM_IDENTIFIER* PCRYPT_ALGORITHM_IDENTIFIER;
560
561 struct CRYPT_BIT_BLOB {
562 DWORD cbData;
563 BYTE* pbData;
564 DWORD cUnusedBits;
565 }
566 alias CRYPT_BIT_BLOB* PCRYPT_BIT_BLOB;
567
568 struct CERT_PUBLIC_KEY_INFO {
569 CRYPT_ALGORITHM_IDENTIFIER Algorithm;
570 CRYPT_BIT_BLOB PublicKey;
571 }
572 alias CERT_PUBLIC_KEY_INFO* PCERT_PUBLIC_KEY_INFO;
573
574 struct CERT_EXTENSION {
575 LPSTR pszObjId;
576 BOOL fCritical;
577 CRYPT_OBJID_BLOB Value;
578 }
579 alias CERT_EXTENSION* PCERT_EXTENSION;
580
581 struct CERT_INFO {
582 DWORD dwVersion;
583 CRYPT_INTEGER_BLOB SerialNumber;
584 CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm;
585 CERT_NAME_BLOB Issuer;
586 FILETIME NotBefore;
587 FILETIME NotAfter;
588 CERT_NAME_BLOB Subject;
589 CERT_PUBLIC_KEY_INFO SubjectPublicKeyInfo;
590 CRYPT_BIT_BLOB IssuerUniqueId;
591 CRYPT_BIT_BLOB SubjectUniqueId;
592 DWORD cExtension;
593 PCERT_EXTENSION rgExtension;
594 }
595 alias CERT_INFO* PCERT_INFO;
596
597 struct CERT_CONTEXT {
598 DWORD dwCertEncodingType;
599 BYTE* pbCertEncoded;
600 DWORD cbCertEncoded;
601 PCERT_INFO pCertInfo;
602 HCERTSTORE hCertStore;
603 }
604 alias CERT_CONTEXT* PCERT_CONTEXT;
605 alias const(CERT_CONTEXT)* PCCERT_CONTEXT;
606
607 struct CTL_USAGE {
608 DWORD cUsageIdentifier;
609 LPSTR* rgpszUsageIdentifier;
610 }
611 alias CTL_USAGE CERT_ENHKEY_USAGE;
612 alias CTL_USAGE* PCTRL_USAGE, PCERT_ENHKEY_USAGE;
613
614 struct CERT_USAGE_MATCH {
615 DWORD dwType;
616 CERT_ENHKEY_USAGE Usage;
617 }
618 alias CERT_USAGE_MATCH* PCERT_USAGE_MATCH;
619 /* #if (_WIN32_WINNT>=0x500) */
620
621 struct CERT_CHAIN_PARA {
622 DWORD cbSize = CERT_CHAIN_PARA.sizeof;
623 CERT_USAGE_MATCH RequestedUsage;
624 //#if CERT_CHAIN_PARA_HAS_EXTRA_FIELDS
625 CERT_USAGE_MATCH RequestedIssuancePolicy;
626 DWORD dwUrlRetrievalTimeout;
627 BOOL fCheckRevocationFreshnessTime;
628 DWORD dwRevocationFreshnessTime;
629 //#endif
630 }
631 alias CERT_CHAIN_PARA* PCERT_CHAIN_PARA;
632
633 extern (Windows) alias BOOL function(PCCERT_CONTEXT, void*)
634 PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK;
635
636 struct CERT_CHAIN_FIND_BY_ISSUER_PARA {
637 DWORD cbSize = CERT_CHAIN_FIND_BY_ISSUER_PARA.sizeof;
638 LPCSTR pszUsageIdentifier;
639 DWORD dwKeySpec;
640 DWORD dwAcquirePrivateKeyFlags;
641 DWORD cIssuer;
642 CERT_NAME_BLOB* rgIssuer;
643 PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK pfnFIndCallback;
644 void* pvFindArg;
645 DWORD* pdwIssuerChainIndex;
646 DWORD* pdwIssuerElementIndex;
647 }
648 alias CERT_CHAIN_FIND_BY_ISSUER_PARA* PCERT_CHAIN_FIND_BY_ISSUER_PARA;
649 /* #endif */
650
651 struct CERT_TRUST_STATUS {
652 DWORD dwErrorStatus;
653 DWORD dwInfoStatus;
654 }
655 alias CERT_TRUST_STATUS* PCERT_TRUST_STATUS;
656
657 struct CRL_ENTRY {
658 CRYPT_INTEGER_BLOB SerialNumber;
659 FILETIME RevocationDate;
660 DWORD cExtension;
661 PCERT_EXTENSION rgExtension;
662 }
663 alias CRL_ENTRY* PCRL_ENTRY;
664
665 struct CRL_INFO {
666 DWORD dwVersion;
667 CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm;
668 CERT_NAME_BLOB Issuer;
669 FILETIME ThisUpdate;
670 FILETIME NextUpdate;
671 DWORD cCRLEntry;
672 PCRL_ENTRY rgCRLEntry;
673 DWORD cExtension;
674 PCERT_EXTENSION rgExtension;
675 }
676 alias CRL_INFO* PCRL_INFO;
677
678 struct CRL_CONTEXT {
679 DWORD dwCertEncodingType;
680 BYTE* pbCrlEncoded;
681 DWORD cbCrlEncoded;
682 PCRL_INFO pCrlInfo;
683 HCERTSTORE hCertStore;
684 }
685 alias CRL_CONTEXT* PCRL_CONTEXT;
686 alias const(CRL_CONTEXT)* PCCRL_CONTEXT;
687
688 struct CERT_REVOCATION_CRL_INFO {
689 DWORD cbSize = CERT_REVOCATION_CRL_INFO.sizeof;
690 PCCRL_CONTEXT pBaseCRLContext;
691 PCCRL_CONTEXT pDeltaCRLContext;
692 PCRL_ENTRY pCrlEntry;
693 BOOL fDeltaCrlEntry;
694 }
695 alias CERT_REVOCATION_CRL_INFO* PCERT_REVOCATION_CRL_INFO;
696
697 struct CERT_REVOCATION_INFO {
698 DWORD cbSize = CERT_REVOCATION_INFO.sizeof;
699 DWORD dwRevocationResult;
700 LPCSTR pszRevocationOid;
701 LPVOID pvOidSpecificInfo;
702 BOOL fHasFreshnessTime;
703 DWORD dwFreshnessTime;
704 PCERT_REVOCATION_CRL_INFO pCrlInfo;
705 }
706 alias CERT_REVOCATION_INFO* PCERT_REVOCATION_INFO;
707
708 /* #if (_WIN32_WINNT>=0x500) */
709 struct CERT_CHAIN_ELEMENT {
710 DWORD cbSize = CERT_CHAIN_ELEMENT.sizeof;
711 PCCERT_CONTEXT pCertContext;
712 CERT_TRUST_STATUS TrustStatus;
713 PCERT_REVOCATION_INFO pRevocationInfo;
714 PCERT_ENHKEY_USAGE pIssuanceUsage;
715 PCERT_ENHKEY_USAGE pApplicationUsage;
716 }
717 alias CERT_CHAIN_ELEMENT* PCERT_CHAIN_ELEMENT;
718 /* #endif */
719
720 struct CRYPT_ATTRIBUTE {
721 LPSTR pszObjId;
722 DWORD cValue;
723 PCRYPT_ATTR_BLOB rgValue;
724 }
725 alias CRYPT_ATTRIBUTE* PCRYPT_ATTRIBUTE;
726
727 struct CTL_ENTRY {
728 CRYPT_DATA_BLOB SubjectIdentifier;
729 DWORD cAttribute;
730 PCRYPT_ATTRIBUTE rgAttribute;
731 }
732 alias CTL_ENTRY* PCTL_ENTRY;
733
734 struct CTL_INFO {
735 DWORD dwVersion;
736 CTL_USAGE SubjectUsage;
737 CRYPT_DATA_BLOB ListIdentifier;
738 CRYPT_INTEGER_BLOB SequenceNumber;
739 FILETIME ThisUpdate;
740 FILETIME NextUpdate;
741 CRYPT_ALGORITHM_IDENTIFIER SubjectAlgorithm;
742 DWORD cCTLEntry;
743 PCTL_ENTRY rgCTLEntry;
744 DWORD cExtension;
745 PCERT_EXTENSION rgExtension;
746 }
747 alias CTL_INFO* PCTL_INFO;
748
749 struct CTL_CONTEXT {
750 DWORD dwMsgAndCertEncodingType;
751 BYTE* pbCtlEncoded;
752 DWORD cbCtlEncoded;
753 PCTL_INFO pCtlInfo;
754 HCERTSTORE hCertStore;
755 HCRYPTMSG hCryptMsg;
756 BYTE* pbCtlContent;
757 DWORD cbCtlContent;
758 }
759 alias CTL_CONTEXT* PCTL_CONTEXT;
760 alias const(CTL_CONTEXT)* PCCTL_CONTEXT;
761
762 struct CERT_TRUST_LIST_INFO {
763 DWORD cbSize = CERT_TRUST_LIST_INFO.sizeof;
764 PCTL_ENTRY pCtlEntry;
765 PCCTL_CONTEXT pCtlContext;
766 }
767 alias CERT_TRUST_LIST_INFO* PCERT_TRUST_LIST_INFO;
768
769 struct CERT_SIMPLE_CHAIN {
770 DWORD cbSize = CERT_SIMPLE_CHAIN.sizeof;
771 CERT_TRUST_STATUS TrustStatus;
772 DWORD cElement;
773 PCERT_CHAIN_ELEMENT* rgpElement;
774 PCERT_TRUST_LIST_INFO pTrustListInfo;
775 BOOL fHasRevocationFreshnessTime;
776 DWORD dwRevocationFreshnessTime;
777 }
778 alias CERT_SIMPLE_CHAIN* PCERT_SIMPLE_CHAIN;
779
780 /* #if (_WIN32_WINNT>=0x500) */
781 alias const(CERT_CHAIN_CONTEXT)* PCCERT_CHAIN_CONTEXT;
782 struct CERT_CHAIN_CONTEXT {
783 DWORD cbSize = CERT_CHAIN_CONTEXT.sizeof;
784 CERT_TRUST_STATUS TrustStatus;
785 DWORD cChain;
786 PCERT_SIMPLE_CHAIN* rgpChain;
787 DWORD cLowerQualityChainContext;
788 PCCERT_CHAIN_CONTEXT* rgpLowerQualityChainContext;
789 BOOL fHasRevocationFreshnessTime;
790 DWORD dwRevocationFreshnessTime;
791 }
792 alias CERT_CHAIN_CONTEXT* PCERT_CHAIN_CONTEXT;
793 /* #endif */
794
795 struct PROV_ENUMALGS {
796 ALG_ID aiAlgid;
797 DWORD dwBitLen;
798 DWORD dwNameLen;
799 CHAR[20] szName = 0;
800 }
801
802 struct PUBLICKEYSTRUC {
803 BYTE bType;
804 BYTE bVersion;
805 WORD reserved;
806 ALG_ID aiKeyAlg;
807 }
808 alias PUBLICKEYSTRUC BLOBHEADER;
809
810 struct RSAPUBKEY {
811 DWORD magic;
812 DWORD bitlen;
813 DWORD pubexp;
814 }
815
816 struct HMAC_INFO {
817 ALG_ID HashAlgid;
818 BYTE* pbInnerString;
819 DWORD cbInnerString;
820 BYTE* pbOuterString;
821 DWORD cbOuterString;
822 }
823 alias HMAC_INFO* PHMAC_INFO;
824
825 extern (Windows) @nogc nothrow {
826 BOOL CertCloseStore(HCERTSTORE, DWORD);
827 BOOL CertGetCertificateChain(HCERTCHAINENGINE, PCCERT_CONTEXT, LPFILETIME,
828 HCERTSTORE, PCERT_CHAIN_PARA, DWORD, LPVOID, PCCERT_CHAIN_CONTEXT*);
829 BOOL CertVerifyCertificateChainPolicy(LPCSTR, PCCERT_CHAIN_CONTEXT,
830 PCERT_CHAIN_POLICY_PARA, PCERT_CHAIN_POLICY_STATUS);
831 void CertFreeCertificateChain(PCCERT_CHAIN_CONTEXT);
832 DWORD CertNameToStrA(DWORD, PCERT_NAME_BLOB, DWORD, LPSTR, DWORD);
833 DWORD CertNameToStrW(DWORD, PCERT_NAME_BLOB, DWORD, LPWSTR, DWORD);
834 HCERTSTORE CertOpenSystemStoreA(HCRYPTPROV, LPCSTR);
835 HCERTSTORE CertOpenSystemStoreW(HCRYPTPROV, LPCWSTR);
836 HCERTSTORE CertOpenStore(LPCSTR, DWORD, HCRYPTPROV, DWORD, const(void)*);
837 PCCERT_CONTEXT CertFindCertificateInStore(HCERTSTORE, DWORD, DWORD, DWORD,
838 const(void)*, PCCERT_CONTEXT);
839 BOOL CertFreeCertificateContext(PCCERT_CONTEXT);
840 PCCERT_CONTEXT CertGetIssuerCertificateFromStore(HCERTSTORE,
841 PCCERT_CONTEXT, PCCERT_CONTEXT, DWORD*);
842 PCCERT_CHAIN_CONTEXT CertFindChainInStore(HCERTSTORE, DWORD, DWORD, DWORD,
843 const(void)*, PCCERT_CHAIN_CONTEXT);
844
845 BOOL CryptAcquireContextA(HCRYPTPROV*, LPCSTR, LPCSTR, DWORD, DWORD);
846 BOOL CryptAcquireContextW(HCRYPTPROV*, LPCWSTR, LPCWSTR, DWORD, DWORD);
847 BOOL CryptContextAddRef(HCRYPTPROV, DWORD*, DWORD);
848 BOOL CryptReleaseContext(HCRYPTPROV, ULONG_PTR);
849 BOOL CryptGenKey(HCRYPTPROV, ALG_ID, DWORD, HCRYPTKEY*);
850 BOOL CryptDeriveKey(HCRYPTPROV, ALG_ID, HCRYPTHASH, DWORD, HCRYPTKEY*);
851 BOOL CryptDestroyKey(HCRYPTKEY);
852 static if (_WIN32_WINNT >= 0x500) {
853 BOOL CryptDuplicateHash(HCRYPTHASH, DWORD*, DWORD, HCRYPTHASH*);
854 BOOL CryptDuplicateKey(HCRYPTKEY, DWORD*, DWORD, HCRYPTKEY*);
855 }
856 BOOL CryptSetKeyParam(HCRYPTKEY, DWORD, PBYTE, DWORD);
857 BOOL CryptGetKeyParam(HCRYPTKEY, DWORD, PBYTE, PDWORD, DWORD);
858 BOOL CryptSetHashParam(HCRYPTHASH, DWORD, PBYTE, DWORD);
859 BOOL CryptGetHashParam(HCRYPTHASH, DWORD, PBYTE, PDWORD, DWORD);
860 BOOL CryptSetProvParam(HCRYPTPROV, DWORD, PBYTE, DWORD);
861 BOOL CryptGetProvParam(HCRYPTPROV, DWORD, PBYTE, PDWORD, DWORD);
862 BOOL CryptGenRandom(HCRYPTPROV, DWORD, PBYTE);
863 BOOL CryptGetUserKey(HCRYPTPROV, DWORD, HCRYPTKEY*);
864 BOOL CryptExportKey(HCRYPTKEY, HCRYPTKEY, DWORD, DWORD, PBYTE, PDWORD);
865 BOOL CryptImportKey(HCRYPTPROV, PBYTE, DWORD, HCRYPTKEY, DWORD,
866 HCRYPTKEY*);
867 BOOL CryptEncrypt(HCRYPTKEY, HCRYPTHASH, BOOL, DWORD, PBYTE, PDWORD,
868 DWORD);
869 BOOL CryptDecrypt(HCRYPTKEY, HCRYPTHASH, BOOL, DWORD, PBYTE, PDWORD);
870 BOOL CryptCreateHash(HCRYPTPROV, ALG_ID, HCRYPTKEY, DWORD, HCRYPTHASH*);
871 BOOL CryptHashData(HCRYPTHASH, PBYTE, DWORD, DWORD);
872 BOOL CryptHashSessionKey(HCRYPTHASH, HCRYPTKEY, DWORD);
873 BOOL CryptGetHashValue(HCRYPTHASH, DWORD, PBYTE, PDWORD);
874 BOOL CryptDestroyHash(HCRYPTHASH);
875 BOOL CryptSignHashA(HCRYPTHASH, DWORD, LPCSTR, DWORD, PBYTE, PDWORD);
876 BOOL CryptSignHashW(HCRYPTHASH, DWORD, LPCWSTR, DWORD, PBYTE, PDWORD);
877 BOOL CryptVerifySignatureA(HCRYPTHASH, PBYTE, DWORD, HCRYPTKEY, LPCSTR,
878 DWORD);
879 BOOL CryptVerifySignatureW(HCRYPTHASH, PBYTE, DWORD, HCRYPTKEY, LPCWSTR,
880 DWORD);
881 BOOL CryptSetProviderA(LPCSTR, DWORD);
882 BOOL CryptSetProviderW(LPCWSTR, DWORD);
883 }
884
version(Unicode)885 version (Unicode) {
886 alias CertNameToStrW CertNameToStr;
887 alias CryptAcquireContextW CryptAcquireContext;
888 alias CryptSignHashW CryptSignHash;
889 alias CryptVerifySignatureW CryptVerifySignature;
890 alias CryptSetProviderW CryptSetProvider;
891 alias CertOpenSystemStoreW CertOpenSystemStore;
892 /+alias CERT_FIND_SUBJECT_STR_W CERT_FIND_SUBJECT_STR;
893 alias CERT_FIND_ISSUER_STR_W CERT_FIND_ISSUER_STR;+/
894 } else {
895 alias CertNameToStrA CertNameToStr;
896 alias CryptAcquireContextA CryptAcquireContext;
897 alias CryptSignHashA CryptSignHash;
898 alias CryptVerifySignatureA CryptVerifySignature;
899 alias CryptSetProviderA CryptSetProvider;
900 alias CertOpenSystemStoreA CertOpenSystemStore;
901 /+alias CERT_FIND_SUBJECT_STR_A CERT_FIND_SUBJECT_STR;
902 alias CERT_FIND_ISSUER_STR_A CERT_FIND_ISSUER_STR;+/
903 }
904