1 /***********************************************************************\ 2 * wincrypt.d * 3 * * 4 * Windows API header module * 5 * * 6 * Translated from MinGW Windows headers * 7 * by Stewart Gordon * 8 * * 9 * Placed into public domain * 10 \***********************************************************************/ 11 module win32.wincrypt; 12 version(Windows): 13 14 private import win32.w32api, win32.winbase, win32.windef; 15 16 /* FIXME: 17 * Types of some constants 18 * Types of macros 19 * Inits of various "size" and "version" members 20 * Why are some #ifdefs commented out? 21 */ 22 23 const TCHAR[] 24 MS_DEF_PROV = "Microsoft Base Cryptographic Provider v1.0", 25 MS_ENHANCED_PROV = "Microsoft Enhanced Cryptographic Provider v1.0", 26 MS_STRONG_PROV = "Microsoft Strong Cryptographic Provider", 27 MS_DEF_RSA_SIG_PROV = "Microsoft RSA Signature Cryptographic Provider", 28 MS_DEF_RSA_SCHANNEL_PROV = "Microsoft RSA SChannel Cryptographic Provider", 29 MS_DEF_DSS_PROV = "Microsoft Base DSS Cryptographic Provider", 30 MS_DEF_DSS_DH_PROV 31 = "Microsoft Base DSS and Diffie-Hellman Cryptographic Provider", 32 MS_ENH_DSS_DH_PROV 33 = "Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider", 34 MS_DEF_DH_SCHANNEL_PROV = "Microsoft DH SChannel Cryptographic Provider", 35 MS_SCARD_PROV = "Microsoft Base Smart Card Crypto Provider"; 36 37 static if (_WIN32_WINNT > 0x501) { 38 const TCHAR[] MS_ENH_RSA_AES_PROV 39 = "Microsoft Enhanced RSA and AES Cryptographic Provider"; 40 } else static if (_WIN32_WINNT == 0x501) { 41 const TCHAR[] MS_ENH_RSA_AES_PROV 42 = "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"; 43 } 44 45 ALG_ID GET_ALG_CLASS(ALG_ID x) { return x & 0xE000; } 46 ALG_ID GET_ALG_TYPE (ALG_ID x) { return x & 0x1E00; } 47 ALG_ID GET_ALG_SID (ALG_ID x) { return x & 0x01FF; } 48 49 enum : ALG_ID { 50 ALG_CLASS_ANY = 0, 51 ALG_CLASS_SIGNATURE = 0x2000, 52 ALG_CLASS_MSG_ENCRYPT = 0x4000, 53 ALG_CLASS_DATA_ENCRYPT = 0x6000, 54 ALG_CLASS_HASH = 0x8000, 55 ALG_CLASS_KEY_EXCHANGE = 0xA000, 56 ALG_CLASS_ALL = 0xE000 57 } 58 59 enum : ALG_ID { 60 ALG_TYPE_ANY = 0, 61 ALG_TYPE_DSS = 0x0200, 62 ALG_TYPE_RSA = 0x0400, 63 ALG_TYPE_BLOCK = 0x0600, 64 ALG_TYPE_STREAM = 0x0800, 65 ALG_TYPE_DH = 0x0A00, 66 ALG_TYPE_SECURECHANNEL = 0x0C00 67 } 68 69 enum : ALG_ID { 70 ALG_SID_ANY = 0, 71 ALG_SID_RSA_ANY = 0, 72 ALG_SID_RSA_PKCS, 73 ALG_SID_RSA_MSATWORK, 74 ALG_SID_RSA_ENTRUST, 75 ALG_SID_RSA_PGP, // = 4 76 ALG_SID_DSS_ANY = 0, 77 ALG_SID_DSS_PKCS, 78 ALG_SID_DSS_DMS, // = 2 79 ALG_SID_DES = 1, 80 ALG_SID_3DES = 3, 81 ALG_SID_DESX, 82 ALG_SID_IDEA, 83 ALG_SID_CAST, 84 ALG_SID_SAFERSK64, 85 ALG_SID_SAFERSK128, 86 ALG_SID_3DES_112, 87 ALG_SID_SKIPJACK, 88 ALG_SID_TEK, 89 ALG_SID_CYLINK_MEK, 90 ALG_SID_RC5, // = 13 91 ALG_SID_RC2 = 2, 92 ALG_SID_RC4 = 1, 93 ALG_SID_SEAL = 2, 94 ALG_SID_MD2 = 1, 95 ALG_SID_MD4, 96 ALG_SID_MD5, 97 ALG_SID_SHA, 98 ALG_SID_MAC, 99 ALG_SID_RIPEMD, 100 ALG_SID_RIPEMD160, 101 ALG_SID_SSL3SHAMD5, 102 ALG_SID_HMAC, 103 ALG_SID_TLS1PRF, // = 10 104 ALG_SID_AES_128 = 14, 105 ALG_SID_AES_192, 106 ALG_SID_AES_256, 107 ALG_SID_AES, // = 17 108 ALG_SID_EXAMPLE = 80 109 } 110 111 enum : ALG_ID { 112 CALG_MD2 = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD2, 113 CALG_MD4 = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD4, 114 CALG_MD5 = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD5, 115 CALG_SHA = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA, 116 CALG_SHA1 = CALG_SHA, 117 CALG_MAC = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MAC, 118 CALG_3DES = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 3, 119 CALG_CYLINK_MEK = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 12, 120 CALG_SKIPJACK = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 10, 121 CALG_KEA_KEYX = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_STREAM | ALG_TYPE_DSS | 4, 122 CALG_RSA_SIGN = ALG_CLASS_SIGNATURE | ALG_TYPE_RSA | ALG_SID_RSA_ANY, 123 CALG_DSS_SIGN = ALG_CLASS_SIGNATURE | ALG_TYPE_DSS | ALG_SID_DSS_ANY, 124 CALG_RSA_KEYX = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_RSA | ALG_SID_RSA_ANY, 125 CALG_DES = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_DES, 126 CALG_RC2 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_RC2, 127 CALG_RC4 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | ALG_SID_RC4, 128 CALG_SEAL = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | ALG_SID_SEAL, 129 CALG_DH_EPHEM = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_STREAM | ALG_TYPE_DSS 130 | ALG_SID_DSS_DMS, 131 CALG_DESX = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_DESX, 132 // is undefined ALG_CLASS_DHASH in MinGW - presuming typo 133 CALG_TLS1PRF = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_TLS1PRF, 134 CALG_AES_128 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_128, 135 CALG_AES_192 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_192, 136 CALG_AES_256 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_256, 137 CALG_AES = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES, 138 } 139 140 enum { 141 CRYPT_VERIFYCONTEXT = 0xF0000000, 142 } 143 144 enum { 145 CRYPT_NEWKEYSET = 8, 146 CRYPT_DELETEKEYSET = 16, 147 CRYPT_MACHINE_KEYSET = 32, 148 CRYPT_SILENT = 64, 149 } 150 151 enum { 152 CRYPT_EXPORTABLE = 1, 153 CRYPT_USER_PROTECTED = 2, 154 CRYPT_CREATE_SALT = 4, 155 CRYPT_UPDATE_KEY = 8, 156 } 157 158 enum { 159 SIMPLEBLOB = 1, 160 PUBLICKEYBLOB = 6, 161 PRIVATEKEYBLOB = 7, 162 PLAINTEXTKEYBLOB = 8, 163 OPAQUEKEYBLOB = 9, 164 PUBLICKEYBLOBEX = 10, 165 SYMMETRICWRAPKEYBLOB = 11, 166 } 167 168 enum { 169 AT_KEYEXCHANGE = 1, 170 AT_SIGNATURE = 2, 171 } 172 173 enum { 174 CRYPT_USERDATA = 1, 175 } 176 177 enum { 178 PKCS5_PADDING = 1, 179 } 180 181 enum { 182 CRYPT_MODE_CBC = 1, 183 CRYPT_MODE_ECB = 2, 184 CRYPT_MODE_OFB = 3, 185 CRYPT_MODE_CFB = 4, 186 CRYPT_MODE_CTS = 5, 187 CRYPT_MODE_CBCI = 6, 188 CRYPT_MODE_CFBP = 7, 189 CRYPT_MODE_OFBP = 8, 190 CRYPT_MODE_CBCOFM = 9, 191 CRYPT_MODE_CBCOFMI = 10, 192 } 193 194 enum { 195 CRYPT_ENCRYPT = 1, 196 CRYPT_DECRYPT = 2, 197 CRYPT_EXPORT = 4, 198 CRYPT_READ = 8, 199 CRYPT_WRITE = 16, 200 CRYPT_MAC = 32, 201 } 202 203 enum { 204 HP_ALGID = 1, 205 HP_HASHVAL = 2, 206 HP_HASHSIZE = 4, 207 HP_HMAC_INFO = 5, 208 } 209 210 enum { 211 CRYPT_FAILED = FALSE, 212 CRYPT_SUCCEED = TRUE, 213 } 214 215 bool RCRYPT_SUCCEEDED(BOOL r) { return r==CRYPT_SUCCEED; } 216 bool RCRYPT_FAILED(BOOL r) { return r==CRYPT_FAILED; } 217 218 enum { 219 PP_ENUMALGS = 1, 220 PP_ENUMCONTAINERS = 2, 221 PP_IMPTYPE = 3, 222 PP_NAME = 4, 223 PP_VERSION = 5, 224 PP_CONTAINER = 6, 225 PP_CHANGE_PASSWORD = 7, 226 PP_KEYSET_SEC_DESCR = 8, 227 PP_CERTCHAIN = 9, 228 PP_KEY_TYPE_SUBTYPE = 10, 229 PP_PROVTYPE = 16, 230 PP_KEYSTORAGE = 17, 231 PP_APPLI_CERT = 18, 232 PP_SYM_KEYSIZE = 19, 233 PP_SESSION_KEYSIZE = 20, 234 PP_UI_PROMPT = 21, 235 PP_ENUMALGS_EX = 22, 236 PP_ENUMMANDROOTS = 25, 237 PP_ENUMELECTROOTS = 26, 238 PP_KEYSET_TYPE = 27, 239 PP_ADMIN_PIN = 31, 240 PP_KEYEXCHANGE_PIN = 32, 241 PP_SIGNATURE_PIN = 33, 242 PP_SIG_KEYSIZE_INC = 34, 243 PP_KEYX_KEYSIZE_INC = 35, 244 PP_UNIQUE_CONTAINER = 36, 245 PP_SGC_INFO = 37, 246 PP_USE_HARDWARE_RNG = 38, 247 PP_KEYSPEC = 39, 248 PP_ENUMEX_SIGNING_PROT = 40, 249 } 250 251 enum { 252 CRYPT_FIRST = 1, 253 CRYPT_NEXT = 2, 254 } 255 256 enum { 257 CRYPT_IMPL_HARDWARE = 1, 258 CRYPT_IMPL_SOFTWARE = 2, 259 CRYPT_IMPL_MIXED = 3, 260 CRYPT_IMPL_UNKNOWN = 4, 261 } 262 263 enum { 264 PROV_RSA_FULL = 1, 265 PROV_RSA_SIG = 2, 266 PROV_DSS = 3, 267 PROV_FORTEZZA = 4, 268 PROV_MS_MAIL = 5, 269 PROV_SSL = 6, 270 PROV_STT_MER = 7, 271 PROV_STT_ACQ = 8, 272 PROV_STT_BRND = 9, 273 PROV_STT_ROOT = 10, 274 PROV_STT_ISS = 11, 275 PROV_RSA_SCHANNEL = 12, 276 PROV_DSS_DH = 13, 277 PROV_EC_ECDSA_SIG = 14, 278 PROV_EC_ECNRA_SIG = 15, 279 PROV_EC_ECDSA_FULL = 16, 280 PROV_EC_ECNRA_FULL = 17, 281 PROV_DH_SCHANNEL = 18, 282 PROV_SPYRUS_LYNKS = 20, 283 PROV_RNG = 21, 284 PROV_INTEL_SEC = 22, 285 PROV_RSA_AES = 24, 286 MAXUIDLEN = 64, 287 } 288 289 enum { 290 CUR_BLOB_VERSION = 2, 291 } 292 293 enum { 294 X509_ASN_ENCODING = 1, 295 PKCS_7_ASN_ENCODING = 65536, 296 } 297 298 enum { 299 CERT_V1 = 0, 300 CERT_V2 = 1, 301 CERT_V3 = 2, 302 } 303 304 enum { 305 CERT_E_CHAINING = (-2146762486), 306 CERT_E_CN_NO_MATCH = (-2146762481), 307 CERT_E_EXPIRED = (-2146762495), 308 CERT_E_PURPOSE = (-2146762490), 309 CERT_E_REVOCATION_FAILURE = (-2146762482), 310 CERT_E_REVOKED = (-2146762484), 311 CERT_E_ROLE = (-2146762493), 312 CERT_E_UNTRUSTEDROOT = (-2146762487), 313 CERT_E_UNTRUSTEDTESTROOT = (-2146762483), 314 CERT_E_VALIDITYPERIODNESTING = (-2146762494), 315 CERT_E_WRONG_USAGE = (-2146762480), 316 CERT_E_PATHLENCONST = (-2146762492), 317 CERT_E_CRITICAL = (-2146762491), 318 CERT_E_ISSUERCHAINING = (-2146762489), 319 CERT_E_MALFORMED = (-2146762488), 320 CRYPT_E_REVOCATION_OFFLINE = (-2146885613), 321 CRYPT_E_REVOKED = (-2146885616), 322 TRUST_E_BASIC_CONSTRAINTS = (-2146869223), 323 TRUST_E_CERT_SIGNATURE = (-2146869244), 324 TRUST_E_FAIL = (-2146762485), 325 } 326 327 enum { 328 CERT_TRUST_NO_ERROR = 0, 329 CERT_TRUST_IS_NOT_TIME_VALID = 1, 330 CERT_TRUST_IS_NOT_TIME_NESTED = 2, 331 CERT_TRUST_IS_REVOKED = 4, 332 CERT_TRUST_IS_NOT_SIGNATURE_VALID = 8, 333 CERT_TRUST_IS_NOT_VALID_FOR_USAGE = 16, 334 CERT_TRUST_IS_UNTRUSTED_ROOT = 32, 335 CERT_TRUST_REVOCATION_STATUS_UNKNOWN = 64, 336 CERT_TRUST_IS_CYCLIC = 128, 337 CERT_TRUST_IS_PARTIAL_CHAIN = 65536, 338 CERT_TRUST_CTL_IS_NOT_TIME_VALID = 131072, 339 CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID = 262144, 340 CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE = 524288, 341 } 342 343 enum { 344 CERT_TRUST_HAS_EXACT_MATCH_ISSUER = 1, 345 CERT_TRUST_HAS_KEY_MATCH_ISSUER = 2, 346 CERT_TRUST_HAS_NAME_MATCH_ISSUER = 4, 347 CERT_TRUST_IS_SELF_SIGNED = 8, 348 CERT_TRUST_IS_COMPLEX_CHAIN = 65536, 349 } 350 351 enum { 352 CERT_CHAIN_POLICY_BASE = cast(LPCSTR) 1, 353 CERT_CHAIN_POLICY_AUTHENTICODE = cast(LPCSTR) 2, 354 CERT_CHAIN_POLICY_AUTHENTICODE_TS = cast(LPCSTR) 3, 355 CERT_CHAIN_POLICY_SSL = cast(LPCSTR) 4, 356 CERT_CHAIN_POLICY_BASIC_CONSTRAINTS = cast(LPCSTR) 5, 357 CERT_CHAIN_POLICY_NT_AUTH = cast(LPCSTR) 6, 358 } 359 360 enum { 361 USAGE_MATCH_TYPE_AND = 0, 362 USAGE_MATCH_TYPE_OR = 1, 363 } 364 365 enum { 366 CERT_SIMPLE_NAME_STR = 1, 367 CERT_OID_NAME_STR = 2, 368 CERT_X500_NAME_STR = 3, 369 } 370 enum { 371 CERT_NAME_STR_SEMICOLON_FLAG = 1073741824, 372 CERT_NAME_STR_CRLF_FLAG = 134217728, 373 CERT_NAME_STR_NO_PLUS_FLAG = 536870912, 374 CERT_NAME_STR_NO_QUOTING_FLAG = 268435456, 375 CERT_NAME_STR_REVERSE_FLAG = 33554432, 376 CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG = 131072, 377 } 378 379 enum { 380 CERT_FIND_ANY = 0, 381 CERT_FIND_CERT_ID = 1048576, 382 CERT_FIND_CTL_USAGE = 655360, 383 CERT_FIND_ENHKEY_USAGE = 655360, 384 CERT_FIND_EXISTING = 851968, 385 CERT_FIND_HASH = 65536, 386 CERT_FIND_ISSUER_ATTR = 196612, 387 CERT_FIND_ISSUER_NAME = 131076, 388 CERT_FIND_ISSUER_OF = 786432, 389 CERT_FIND_KEY_IDENTIFIER = 983040, 390 CERT_FIND_KEY_SPEC = 589824, 391 CERT_FIND_MD5_HASH = 262144, 392 CERT_FIND_PROPERTY = 327680, 393 CERT_FIND_PUBLIC_KEY = 393216, 394 CERT_FIND_SHA1_HASH = 65536, 395 CERT_FIND_SIGNATURE_HASH = 917504, 396 CERT_FIND_SUBJECT_ATTR = 196615, 397 CERT_FIND_SUBJECT_CERT = 720896, 398 CERT_FIND_SUBJECT_NAME = 131079, 399 CERT_FIND_SUBJECT_STR_A = 458759, 400 CERT_FIND_SUBJECT_STR_W = 524295, 401 CERT_FIND_ISSUER_STR_A = 458756, 402 CERT_FIND_ISSUER_STR_W = 524292, 403 } 404 405 enum { 406 CERT_FIND_OR_ENHKEY_USAGE_FLAG = 16, 407 CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG = 1, 408 CERT_FIND_NO_ENHKEY_USAGE_FLAG = 8, 409 CERT_FIND_VALID_ENHKEY_USAGE_FLAG = 32, 410 CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG = 2, 411 } 412 413 enum { 414 CERT_CASE_INSENSITIVE_IS_RDN_ATTRS_FLAG = 2, 415 CERT_UNICODE_IS_RDN_ATTRS_FLAG = 1, 416 CERT_CHAIN_FIND_BY_ISSUER = 1, 417 } 418 419 enum { 420 CERT_CHAIN_FIND_BY_ISSUER_COMPARE_KEY_FLAG = 1, 421 CERT_CHAIN_FIND_BY_ISSUER_COMPLEX_CHAIN_FLAG = 2, 422 CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG = 4, 423 CERT_CHAIN_FIND_BY_ISSUER_LOCAL_MACHINE_FLAG = 8, 424 CERT_CHAIN_FIND_BY_ISSUER_NO_KEY_FLAG = 16384, 425 CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG = 32768, 426 } 427 428 enum { 429 CERT_STORE_PROV_SYSTEM = 10, 430 CERT_SYSTEM_STORE_LOCAL_MACHINE = 131072, 431 } 432 433 enum { 434 szOID_PKIX_KP_SERVER_AUTH = "4235600", 435 szOID_SERVER_GATED_CRYPTO = "4235658", 436 szOID_SGC_NETSCAPE = "2.16.840.1.113730.4.1", 437 szOID_PKIX_KP_CLIENT_AUTH = "1.3.6.1.5.5.7.3.2", 438 } 439 440 enum { 441 CRYPT_NOHASHOID = 0x00000001, 442 CRYPT_NO_SALT = 0x10, 443 CRYPT_PREGEN = 0x40, 444 } 445 446 enum { 447 CRYPT_RECIPIENT = 0x10, 448 CRYPT_INITIATOR = 0x40, 449 CRYPT_ONLINE = 0x80, 450 CRYPT_SF = 0x100, 451 CRYPT_CREATE_IV = 0x200, 452 CRYPT_KEK = 0x400, 453 CRYPT_DATA_KEY = 0x800, 454 CRYPT_VOLATILE = 0x1000, 455 CRYPT_SGCKEY = 0x2000, 456 } 457 458 enum { 459 KP_IV = 0x00000001, 460 KP_SALT = 0x00000002, 461 KP_PADDING = 0x00000003, 462 KP_MODE = 0x00000004, 463 KP_MODE_BITS = 0x00000005, 464 KP_PERMISSIONS = 0x00000006, 465 KP_ALGID = 0x00000007, 466 KP_BLOCKLEN = 0x00000008, 467 KP_KEYLEN = 0x00000009, 468 KP_SALT_EX = 0x0000000a, 469 KP_P = 0x0000000b, 470 KP_G = 0x0000000c, 471 KP_Q = 0x0000000d, 472 KP_X = 0x0000000e, 473 KP_Y = 0x0000000f, 474 KP_RA = 0x00000010, 475 KP_RB = 0x00000011, 476 KP_INFO = 0x00000012, 477 KP_EFFECTIVE_KEYLEN = 0x00000013, 478 KP_SCHANNEL_ALG = 0x00000014, 479 KP_PUB_PARAMS = 0x00000027, 480 } 481 482 enum { 483 CRYPT_FLAG_PCT1 = 0x0001, 484 CRYPT_FLAG_SSL2 = 0x0002, 485 CRYPT_FLAG_SSL3 = 0x0004, 486 CRYPT_FLAG_TLS1 = 0x0008, 487 CRYPT_FLAG_IPSEC = 0x0010, 488 CRYPT_FLAG_SIGNING = 0x0020, 489 } 490 491 enum { 492 SCHANNEL_MAC_KEY = 0x00000000, 493 SCHANNEL_ENC_KEY = 0x00000001, 494 } 495 496 enum { 497 INTERNATIONAL_USAGE = 0x00000001, 498 } 499 500 501 alias UINT ALG_ID; 502 alias ULONG HCRYPTPROV, HCRYPTKEY, HCRYPTHASH; 503 alias PVOID HCERTSTORE, HCRYPTMSG, HCERTCHAINENGINE; 504 505 struct VTableProvStruc { 506 FARPROC FuncVerifyImage; 507 } 508 alias VTableProvStruc* PVTableProvStruc; 509 510 struct _CRYPTOAPI_BLOB { 511 DWORD cbData; 512 BYTE* pbData; 513 } 514 alias _CRYPTOAPI_BLOB CRYPT_INTEGER_BLOB, CRYPT_UINT_BLOB, 515 CRYPT_OBJID_BLOB, CERT_NAME_BLOB, CERT_RDN_VALUE_BLOB, CERT_BLOB, 516 CRL_BLOB, DATA_BLOB, CRYPT_DATA_BLOB, CRYPT_HASH_BLOB, 517 CRYPT_DIGEST_BLOB, CRYPT_DER_BLOB, CRYPT_ATTR_BLOB; 518 alias _CRYPTOAPI_BLOB* PCRYPT_INTEGER_BLOB, PCRYPT_UINT_BLOB, 519 PCRYPT_OBJID_BLOB, PCERT_NAME_BLOB, PCERT_RDN_VALUE_BLOB, PCERT_BLOB, 520 PCRL_BLOB, PDATA_BLOB, PCRYPT_DATA_BLOB, PCRYPT_HASH_BLOB, 521 PCRYPT_DIGEST_BLOB, PCRYPT_DER_BLOB, PCRYPT_ATTR_BLOB; 522 523 // not described in SDK; has the same layout as HTTPSPolicyCallbackData 524 struct SSL_EXTRA_CERT_CHAIN_POLICY_PARA { 525 DWORD cbStruct; 526 DWORD dwAuthType; 527 DWORD fdwChecks; 528 LPWSTR pwszServerName; 529 } 530 alias SSL_EXTRA_CERT_CHAIN_POLICY_PARA HTTPSPolicyCallbackData; 531 alias SSL_EXTRA_CERT_CHAIN_POLICY_PARA* PSSL_EXTRA_CERT_CHAIN_POLICY_PARA, 532 PHTTPSPolicyCallbackData; 533 534 /* #if (_WIN32_WINNT>=0x500) */ 535 struct CERT_CHAIN_POLICY_PARA { 536 DWORD cbSize = CERT_CHAIN_POLICY_PARA.sizeof; 537 DWORD dwFlags; 538 void* pvExtraPolicyPara; 539 } 540 alias CERT_CHAIN_POLICY_PARA* PCERT_CHAIN_POLICY_PARA; 541 542 struct CERT_CHAIN_POLICY_STATUS { 543 DWORD cbSize = CERT_CHAIN_POLICY_STATUS.sizeof; 544 DWORD dwError; 545 LONG lChainIndex; 546 LONG lElementIndex; 547 void* pvExtraPolicyStatus; 548 } 549 alias CERT_CHAIN_POLICY_STATUS* PCERT_CHAIN_POLICY_STATUS; 550 /* #endif */ 551 552 struct CRYPT_ALGORITHM_IDENTIFIER { 553 LPSTR pszObjId; 554 CRYPT_OBJID_BLOB Parameters; 555 } 556 alias CRYPT_ALGORITHM_IDENTIFIER* PCRYPT_ALGORITHM_IDENTIFIER; 557 558 struct CRYPT_BIT_BLOB { 559 DWORD cbData; 560 BYTE* pbData; 561 DWORD cUnusedBits; 562 } 563 alias CRYPT_BIT_BLOB* PCRYPT_BIT_BLOB; 564 565 struct CERT_PUBLIC_KEY_INFO { 566 CRYPT_ALGORITHM_IDENTIFIER Algorithm; 567 CRYPT_BIT_BLOB PublicKey; 568 } 569 alias CERT_PUBLIC_KEY_INFO* PCERT_PUBLIC_KEY_INFO; 570 571 struct CERT_EXTENSION { 572 LPSTR pszObjId; 573 BOOL fCritical; 574 CRYPT_OBJID_BLOB Value; 575 } 576 alias CERT_EXTENSION* PCERT_EXTENSION; 577 578 struct CERT_INFO { 579 DWORD dwVersion; 580 CRYPT_INTEGER_BLOB SerialNumber; 581 CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm; 582 CERT_NAME_BLOB Issuer; 583 FILETIME NotBefore; 584 FILETIME NotAfter; 585 CERT_NAME_BLOB Subject; 586 CERT_PUBLIC_KEY_INFO SubjectPublicKeyInfo; 587 CRYPT_BIT_BLOB IssuerUniqueId; 588 CRYPT_BIT_BLOB SubjectUniqueId; 589 DWORD cExtension; 590 PCERT_EXTENSION rgExtension; 591 } 592 alias CERT_INFO* PCERT_INFO; 593 594 struct CERT_CONTEXT { 595 DWORD dwCertEncodingType; 596 BYTE* pbCertEncoded; 597 DWORD cbCertEncoded; 598 PCERT_INFO pCertInfo; 599 HCERTSTORE hCertStore; 600 } 601 alias CERT_CONTEXT* PCERT_CONTEXT; 602 alias const(CERT_CONTEXT)* PCCERT_CONTEXT; 603 604 struct CTL_USAGE { 605 DWORD cUsageIdentifier; 606 LPSTR* rgpszUsageIdentifier; 607 } 608 alias CTL_USAGE CERT_ENHKEY_USAGE; 609 alias CTL_USAGE* PCTRL_USAGE, PCERT_ENHKEY_USAGE; 610 611 struct CERT_USAGE_MATCH { 612 DWORD dwType; 613 CERT_ENHKEY_USAGE Usage; 614 } 615 alias CERT_USAGE_MATCH* PCERT_USAGE_MATCH; 616 /* #if (_WIN32_WINNT>=0x500) */ 617 618 struct CERT_CHAIN_PARA { 619 DWORD cbSize = CERT_CHAIN_PARA.sizeof; 620 CERT_USAGE_MATCH RequestedUsage; 621 //#if CERT_CHAIN_PARA_HAS_EXTRA_FIELDS 622 CERT_USAGE_MATCH RequestedIssuancePolicy; 623 DWORD dwUrlRetrievalTimeout; 624 BOOL fCheckRevocationFreshnessTime; 625 DWORD dwRevocationFreshnessTime; 626 //#endif 627 } 628 alias CERT_CHAIN_PARA* PCERT_CHAIN_PARA; 629 630 extern (Windows) alias BOOL function(PCCERT_CONTEXT, void*) 631 PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK; 632 633 struct CERT_CHAIN_FIND_BY_ISSUER_PARA { 634 DWORD cbSize = CERT_CHAIN_FIND_BY_ISSUER_PARA.sizeof; 635 LPCSTR pszUsageIdentifier; 636 DWORD dwKeySpec; 637 DWORD dwAcquirePrivateKeyFlags; 638 DWORD cIssuer; 639 CERT_NAME_BLOB* rgIssuer; 640 PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK pfnFIndCallback; 641 void* pvFindArg; 642 DWORD* pdwIssuerChainIndex; 643 DWORD* pdwIssuerElementIndex; 644 } 645 alias CERT_CHAIN_FIND_BY_ISSUER_PARA* PCERT_CHAIN_FIND_BY_ISSUER_PARA; 646 /* #endif */ 647 648 struct CERT_TRUST_STATUS { 649 DWORD dwErrorStatus; 650 DWORD dwInfoStatus; 651 } 652 alias CERT_TRUST_STATUS* PCERT_TRUST_STATUS; 653 654 struct CRL_ENTRY { 655 CRYPT_INTEGER_BLOB SerialNumber; 656 FILETIME RevocationDate; 657 DWORD cExtension; 658 PCERT_EXTENSION rgExtension; 659 } 660 alias CRL_ENTRY* PCRL_ENTRY; 661 662 struct CRL_INFO { 663 DWORD dwVersion; 664 CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm; 665 CERT_NAME_BLOB Issuer; 666 FILETIME ThisUpdate; 667 FILETIME NextUpdate; 668 DWORD cCRLEntry; 669 PCRL_ENTRY rgCRLEntry; 670 DWORD cExtension; 671 PCERT_EXTENSION rgExtension; 672 } 673 alias CRL_INFO* PCRL_INFO; 674 675 struct CRL_CONTEXT { 676 DWORD dwCertEncodingType; 677 BYTE* pbCrlEncoded; 678 DWORD cbCrlEncoded; 679 PCRL_INFO pCrlInfo; 680 HCERTSTORE hCertStore; 681 } 682 alias CRL_CONTEXT* PCRL_CONTEXT; 683 alias const(CRL_CONTEXT)* PCCRL_CONTEXT; 684 685 struct CERT_REVOCATION_CRL_INFO { 686 DWORD cbSize = CERT_REVOCATION_CRL_INFO.sizeof; 687 PCCRL_CONTEXT pBaseCRLContext; 688 PCCRL_CONTEXT pDeltaCRLContext; 689 PCRL_ENTRY pCrlEntry; 690 BOOL fDeltaCrlEntry; 691 } 692 alias CERT_REVOCATION_CRL_INFO* PCERT_REVOCATION_CRL_INFO; 693 694 struct CERT_REVOCATION_INFO { 695 DWORD cbSize = CERT_REVOCATION_INFO.sizeof; 696 DWORD dwRevocationResult; 697 LPCSTR pszRevocationOid; 698 LPVOID pvOidSpecificInfo; 699 BOOL fHasFreshnessTime; 700 DWORD dwFreshnessTime; 701 PCERT_REVOCATION_CRL_INFO pCrlInfo; 702 } 703 alias CERT_REVOCATION_INFO* PCERT_REVOCATION_INFO; 704 705 /* #if (_WIN32_WINNT>=0x500) */ 706 struct CERT_CHAIN_ELEMENT { 707 DWORD cbSize = CERT_CHAIN_ELEMENT.sizeof; 708 PCCERT_CONTEXT pCertContext; 709 CERT_TRUST_STATUS TrustStatus; 710 PCERT_REVOCATION_INFO pRevocationInfo; 711 PCERT_ENHKEY_USAGE pIssuanceUsage; 712 PCERT_ENHKEY_USAGE pApplicationUsage; 713 } 714 alias CERT_CHAIN_ELEMENT* PCERT_CHAIN_ELEMENT; 715 /* #endif */ 716 717 struct CRYPT_ATTRIBUTE { 718 LPSTR pszObjId; 719 DWORD cValue; 720 PCRYPT_ATTR_BLOB rgValue; 721 } 722 alias CRYPT_ATTRIBUTE* PCRYPT_ATTRIBUTE; 723 724 struct CTL_ENTRY { 725 CRYPT_DATA_BLOB SubjectIdentifier; 726 DWORD cAttribute; 727 PCRYPT_ATTRIBUTE rgAttribute; 728 } 729 alias CTL_ENTRY* PCTL_ENTRY; 730 731 struct CTL_INFO { 732 DWORD dwVersion; 733 CTL_USAGE SubjectUsage; 734 CRYPT_DATA_BLOB ListIdentifier; 735 CRYPT_INTEGER_BLOB SequenceNumber; 736 FILETIME ThisUpdate; 737 FILETIME NextUpdate; 738 CRYPT_ALGORITHM_IDENTIFIER SubjectAlgorithm; 739 DWORD cCTLEntry; 740 PCTL_ENTRY rgCTLEntry; 741 DWORD cExtension; 742 PCERT_EXTENSION rgExtension; 743 } 744 alias CTL_INFO* PCTL_INFO; 745 746 struct CTL_CONTEXT { 747 DWORD dwMsgAndCertEncodingType; 748 BYTE* pbCtlEncoded; 749 DWORD cbCtlEncoded; 750 PCTL_INFO pCtlInfo; 751 HCERTSTORE hCertStore; 752 HCRYPTMSG hCryptMsg; 753 BYTE* pbCtlContent; 754 DWORD cbCtlContent; 755 } 756 alias CTL_CONTEXT* PCTL_CONTEXT; 757 alias const(CTL_CONTEXT)* PCCTL_CONTEXT; 758 759 struct CERT_TRUST_LIST_INFO { 760 DWORD cbSize = CERT_TRUST_LIST_INFO.sizeof; 761 PCTL_ENTRY pCtlEntry; 762 PCCTL_CONTEXT pCtlContext; 763 } 764 alias CERT_TRUST_LIST_INFO* PCERT_TRUST_LIST_INFO; 765 766 struct CERT_SIMPLE_CHAIN { 767 DWORD cbSize = CERT_SIMPLE_CHAIN.sizeof; 768 CERT_TRUST_STATUS TrustStatus; 769 DWORD cElement; 770 PCERT_CHAIN_ELEMENT* rgpElement; 771 PCERT_TRUST_LIST_INFO pTrustListInfo; 772 BOOL fHasRevocationFreshnessTime; 773 DWORD dwRevocationFreshnessTime; 774 } 775 alias CERT_SIMPLE_CHAIN* PCERT_SIMPLE_CHAIN; 776 777 /* #if (_WIN32_WINNT>=0x500) */ 778 alias const(CERT_CHAIN_CONTEXT)* PCCERT_CHAIN_CONTEXT; 779 struct CERT_CHAIN_CONTEXT { 780 DWORD cbSize = CERT_CHAIN_CONTEXT.sizeof; 781 CERT_TRUST_STATUS TrustStatus; 782 DWORD cChain; 783 PCERT_SIMPLE_CHAIN* rgpChain; 784 DWORD cLowerQualityChainContext; 785 PCCERT_CHAIN_CONTEXT* rgpLowerQualityChainContext; 786 BOOL fHasRevocationFreshnessTime; 787 DWORD dwRevocationFreshnessTime; 788 } 789 alias CERT_CHAIN_CONTEXT* PCERT_CHAIN_CONTEXT; 790 /* #endif */ 791 792 struct PROV_ENUMALGS { 793 ALG_ID aiAlgid; 794 DWORD dwBitLen; 795 DWORD dwNameLen; 796 CHAR[20] szName; 797 } 798 799 struct PUBLICKEYSTRUC { 800 BYTE bType; 801 BYTE bVersion; 802 WORD reserved; 803 ALG_ID aiKeyAlg; 804 } 805 alias PUBLICKEYSTRUC BLOBHEADER; 806 807 struct RSAPUBKEY { 808 DWORD magic; 809 DWORD bitlen; 810 DWORD pubexp; 811 } 812 813 struct HMAC_INFO { 814 ALG_ID HashAlgid; 815 BYTE* pbInnerString; 816 DWORD cbInnerString; 817 BYTE* pbOuterString; 818 DWORD cbOuterString; 819 } 820 alias HMAC_INFO* PHMAC_INFO; 821 822 extern (Windows) { 823 BOOL CertCloseStore(HCERTSTORE, DWORD); 824 BOOL CertGetCertificateChain(HCERTCHAINENGINE, PCCERT_CONTEXT, LPFILETIME, 825 HCERTSTORE, PCERT_CHAIN_PARA, DWORD, LPVOID, PCCERT_CHAIN_CONTEXT*); 826 BOOL CertVerifyCertificateChainPolicy(LPCSTR, PCCERT_CHAIN_CONTEXT, 827 PCERT_CHAIN_POLICY_PARA, PCERT_CHAIN_POLICY_STATUS); 828 void CertFreeCertificateChain(PCCERT_CHAIN_CONTEXT); 829 DWORD CertNameToStrA(DWORD, PCERT_NAME_BLOB, DWORD, LPSTR, DWORD); 830 DWORD CertNameToStrW(DWORD, PCERT_NAME_BLOB, DWORD, LPWSTR, DWORD); 831 HCERTSTORE CertOpenSystemStoreA(HCRYPTPROV, LPCSTR); 832 HCERTSTORE CertOpenSystemStoreW(HCRYPTPROV, LPCWSTR); 833 HCERTSTORE CertOpenStore(LPCSTR, DWORD, HCRYPTPROV, DWORD, const(void)*); 834 PCCERT_CONTEXT CertFindCertificateInStore(HCERTSTORE, DWORD, DWORD, DWORD, 835 const(void)*, PCCERT_CONTEXT); 836 BOOL CertFreeCertificateContext(PCCERT_CONTEXT); 837 PCCERT_CONTEXT CertGetIssuerCertificateFromStore(HCERTSTORE, 838 PCCERT_CONTEXT, PCCERT_CONTEXT, DWORD*); 839 PCCERT_CHAIN_CONTEXT CertFindChainInStore(HCERTSTORE, DWORD, DWORD, DWORD, 840 const(void)*, PCCERT_CHAIN_CONTEXT); 841 842 BOOL CryptAcquireContextA(HCRYPTPROV*, LPCSTR, LPCSTR, DWORD, DWORD); 843 BOOL CryptAcquireContextW(HCRYPTPROV*, LPCWSTR, LPCWSTR, DWORD, DWORD); 844 BOOL CryptContextAddRef(HCRYPTPROV, DWORD*, DWORD); 845 BOOL CryptReleaseContext(HCRYPTPROV, DWORD); 846 BOOL CryptGenKey(HCRYPTPROV, ALG_ID, DWORD, HCRYPTKEY*); 847 BOOL CryptDeriveKey(HCRYPTPROV, ALG_ID, HCRYPTHASH, DWORD, HCRYPTKEY*); 848 BOOL CryptDestroyKey(HCRYPTKEY); 849 static if (_WIN32_WINNT >= 0x500) { 850 BOOL CryptDuplicateHash(HCRYPTHASH, DWORD*, DWORD, HCRYPTHASH*); 851 BOOL CryptDuplicateKey(HCRYPTKEY, DWORD*, DWORD, HCRYPTKEY*); 852 } 853 BOOL CryptSetKeyParam(HCRYPTKEY, DWORD, PBYTE, DWORD); 854 BOOL CryptGetKeyParam(HCRYPTKEY, DWORD, PBYTE, PDWORD, DWORD); 855 BOOL CryptSetHashParam(HCRYPTHASH, DWORD, PBYTE, DWORD); 856 BOOL CryptGetHashParam(HCRYPTHASH, DWORD, PBYTE, PDWORD, DWORD); 857 BOOL CryptSetProvParam(HCRYPTPROV, DWORD, PBYTE, DWORD); 858 BOOL CryptGetProvParam(HCRYPTPROV, DWORD, PBYTE, PDWORD, DWORD); 859 BOOL CryptGenRandom(HCRYPTPROV, DWORD, PBYTE); 860 BOOL CryptGetUserKey(HCRYPTPROV, DWORD, HCRYPTKEY*); 861 BOOL CryptExportKey(HCRYPTKEY, HCRYPTKEY, DWORD, DWORD, PBYTE, PDWORD); 862 BOOL CryptImportKey(HCRYPTPROV, PBYTE, DWORD, HCRYPTKEY, DWORD, 863 HCRYPTKEY*); 864 BOOL CryptEncrypt(HCRYPTKEY, HCRYPTHASH, BOOL, DWORD, PBYTE, PDWORD, 865 DWORD); 866 BOOL CryptDecrypt(HCRYPTKEY, HCRYPTHASH, BOOL, DWORD, PBYTE, PDWORD); 867 BOOL CryptCreateHash(HCRYPTPROV, ALG_ID, HCRYPTKEY, DWORD, HCRYPTHASH*); 868 BOOL CryptHashData(HCRYPTHASH, PBYTE, DWORD, DWORD); 869 BOOL CryptHashSessionKey(HCRYPTHASH, HCRYPTKEY, DWORD); 870 BOOL CryptGetHashValue(HCRYPTHASH, DWORD, PBYTE, PDWORD); 871 BOOL CryptDestroyHash(HCRYPTHASH); 872 BOOL CryptSignHashA(HCRYPTHASH, DWORD, LPCSTR, DWORD, PBYTE, PDWORD); 873 BOOL CryptSignHashW(HCRYPTHASH, DWORD, LPCWSTR, DWORD, PBYTE, PDWORD); 874 BOOL CryptVerifySignatureA(HCRYPTHASH, PBYTE, DWORD, HCRYPTKEY, LPCSTR, 875 DWORD); 876 BOOL CryptVerifySignatureW(HCRYPTHASH, PBYTE, DWORD, HCRYPTKEY, LPCWSTR, 877 DWORD); 878 BOOL CryptSetProviderA(LPCSTR, DWORD); 879 BOOL CryptSetProviderW(LPCWSTR, DWORD); 880 } 881 882 version (Unicode) { 883 alias CertNameToStrW CertNameToStr; 884 alias CryptAcquireContextW CryptAcquireContext; 885 alias CryptSignHashW CryptSignHash; 886 alias CryptVerifySignatureW CryptVerifySignature; 887 alias CryptSetProviderW CryptSetProvider; 888 alias CertOpenSystemStoreW CertOpenSystemStore; 889 /+alias CERT_FIND_SUBJECT_STR_W CERT_FIND_SUBJECT_STR; 890 alias CERT_FIND_ISSUER_STR_W CERT_FIND_ISSUER_STR;+/ 891 } else { 892 alias CertNameToStrA CertNameToStr; 893 alias CryptAcquireContextA CryptAcquireContext; 894 alias CryptSignHashA CryptSignHash; 895 alias CryptVerifySignatureA CryptVerifySignature; 896 alias CryptSetProviderA CryptSetProvider; 897 alias CertOpenSystemStoreA CertOpenSystemStore; 898 /+alias CERT_FIND_SUBJECT_STR_A CERT_FIND_SUBJECT_STR; 899 alias CERT_FIND_ISSUER_STR_A CERT_FIND_ISSUER_STR;+/ 900 }