1 /***********************************************************************\
2 * wincrypt.d *
3 * *
4 * Windows API header module *
5 * *
6 * Translated from MinGW Windows headers *
7 * by Stewart Gordon *
8 * *
9 * Placed into public domain *
10 \***********************************************************************/
11 module win32.wincrypt;
12 version(Windows):
13
14 private import win32.w32api, win32.winbase, win32.windef;
15
16 /* FIXME:
17 * Types of some constants
18 * Types of macros
19 * Inits of various "size" and "version" members
20 * Why are some #ifdefs commented out?
21 */
22
23 const TCHAR[]
24 MS_DEF_PROV = "Microsoft Base Cryptographic Provider v1.0",
25 MS_ENHANCED_PROV = "Microsoft Enhanced Cryptographic Provider v1.0",
26 MS_STRONG_PROV = "Microsoft Strong Cryptographic Provider",
27 MS_DEF_RSA_SIG_PROV = "Microsoft RSA Signature Cryptographic Provider",
28 MS_DEF_RSA_SCHANNEL_PROV = "Microsoft RSA SChannel Cryptographic Provider",
29 MS_DEF_DSS_PROV = "Microsoft Base DSS Cryptographic Provider",
30 MS_DEF_DSS_DH_PROV
31 = "Microsoft Base DSS and Diffie-Hellman Cryptographic Provider",
32 MS_ENH_DSS_DH_PROV
33 = "Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider",
34 MS_DEF_DH_SCHANNEL_PROV = "Microsoft DH SChannel Cryptographic Provider",
35 MS_SCARD_PROV = "Microsoft Base Smart Card Crypto Provider";
36
37 static if (_WIN32_WINNT > 0x501) {
38 const TCHAR[] MS_ENH_RSA_AES_PROV
39 = "Microsoft Enhanced RSA and AES Cryptographic Provider";
40 } else static if (_WIN32_WINNT == 0x501) {
41 const TCHAR[] MS_ENH_RSA_AES_PROV
42 = "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)";
43 }
44
45 ALG_ID GET_ALG_CLASS(ALG_ID x) { return x & 0xE000; }
46 ALG_ID GET_ALG_TYPE (ALG_ID x) { return x & 0x1E00; }
47 ALG_ID GET_ALG_SID (ALG_ID x) { return x & 0x01FF; }
48
49 enum : ALG_ID {
50 ALG_CLASS_ANY = 0,
51 ALG_CLASS_SIGNATURE = 0x2000,
52 ALG_CLASS_MSG_ENCRYPT = 0x4000,
53 ALG_CLASS_DATA_ENCRYPT = 0x6000,
54 ALG_CLASS_HASH = 0x8000,
55 ALG_CLASS_KEY_EXCHANGE = 0xA000,
56 ALG_CLASS_ALL = 0xE000
57 }
58
59 enum : ALG_ID {
60 ALG_TYPE_ANY = 0,
61 ALG_TYPE_DSS = 0x0200,
62 ALG_TYPE_RSA = 0x0400,
63 ALG_TYPE_BLOCK = 0x0600,
64 ALG_TYPE_STREAM = 0x0800,
65 ALG_TYPE_DH = 0x0A00,
66 ALG_TYPE_SECURECHANNEL = 0x0C00
67 }
68
69 enum : ALG_ID {
70 ALG_SID_ANY = 0,
71 ALG_SID_RSA_ANY = 0,
72 ALG_SID_RSA_PKCS,
73 ALG_SID_RSA_MSATWORK,
74 ALG_SID_RSA_ENTRUST,
75 ALG_SID_RSA_PGP, // = 4
76 ALG_SID_DSS_ANY = 0,
77 ALG_SID_DSS_PKCS,
78 ALG_SID_DSS_DMS, // = 2
79 ALG_SID_DES = 1,
80 ALG_SID_3DES = 3,
81 ALG_SID_DESX,
82 ALG_SID_IDEA,
83 ALG_SID_CAST,
84 ALG_SID_SAFERSK64,
85 ALG_SID_SAFERSK128,
86 ALG_SID_3DES_112,
87 ALG_SID_SKIPJACK,
88 ALG_SID_TEK,
89 ALG_SID_CYLINK_MEK,
90 ALG_SID_RC5, // = 13
91 ALG_SID_RC2 = 2,
92 ALG_SID_RC4 = 1,
93 ALG_SID_SEAL = 2,
94 ALG_SID_MD2 = 1,
95 ALG_SID_MD4,
96 ALG_SID_MD5,
97 ALG_SID_SHA,
98 ALG_SID_MAC,
99 ALG_SID_RIPEMD,
100 ALG_SID_RIPEMD160,
101 ALG_SID_SSL3SHAMD5,
102 ALG_SID_HMAC,
103 ALG_SID_TLS1PRF, // = 10
104 ALG_SID_AES_128 = 14,
105 ALG_SID_AES_192,
106 ALG_SID_AES_256,
107 ALG_SID_AES, // = 17
108 ALG_SID_EXAMPLE = 80
109 }
110
111 enum : ALG_ID {
112 CALG_MD2 = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD2,
113 CALG_MD4 = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD4,
114 CALG_MD5 = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD5,
115 CALG_SHA = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA,
116 CALG_SHA1 = CALG_SHA,
117 CALG_MAC = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MAC,
118 CALG_3DES = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 3,
119 CALG_CYLINK_MEK = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 12,
120 CALG_SKIPJACK = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 10,
121 CALG_KEA_KEYX = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_STREAM | ALG_TYPE_DSS | 4,
122 CALG_RSA_SIGN = ALG_CLASS_SIGNATURE | ALG_TYPE_RSA | ALG_SID_RSA_ANY,
123 CALG_DSS_SIGN = ALG_CLASS_SIGNATURE | ALG_TYPE_DSS | ALG_SID_DSS_ANY,
124 CALG_RSA_KEYX = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_RSA | ALG_SID_RSA_ANY,
125 CALG_DES = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_DES,
126 CALG_RC2 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_RC2,
127 CALG_RC4 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | ALG_SID_RC4,
128 CALG_SEAL = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | ALG_SID_SEAL,
129 CALG_DH_EPHEM = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_STREAM | ALG_TYPE_DSS
130 | ALG_SID_DSS_DMS,
131 CALG_DESX = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_DESX,
132 // is undefined ALG_CLASS_DHASH in MinGW - presuming typo
133 CALG_TLS1PRF = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_TLS1PRF,
134 CALG_AES_128 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_128,
135 CALG_AES_192 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_192,
136 CALG_AES_256 = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_256,
137 CALG_AES = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES,
138 }
139
140 enum {
141 CRYPT_VERIFYCONTEXT = 0xF0000000,
142 }
143
144 enum {
145 CRYPT_NEWKEYSET = 8,
146 CRYPT_DELETEKEYSET = 16,
147 CRYPT_MACHINE_KEYSET = 32,
148 CRYPT_SILENT = 64,
149 }
150
151 enum {
152 CRYPT_EXPORTABLE = 1,
153 CRYPT_USER_PROTECTED = 2,
154 CRYPT_CREATE_SALT = 4,
155 CRYPT_UPDATE_KEY = 8,
156 }
157
158 enum {
159 SIMPLEBLOB = 1,
160 PUBLICKEYBLOB = 6,
161 PRIVATEKEYBLOB = 7,
162 PLAINTEXTKEYBLOB = 8,
163 OPAQUEKEYBLOB = 9,
164 PUBLICKEYBLOBEX = 10,
165 SYMMETRICWRAPKEYBLOB = 11,
166 }
167
168 enum {
169 AT_KEYEXCHANGE = 1,
170 AT_SIGNATURE = 2,
171 }
172
173 enum {
174 CRYPT_USERDATA = 1,
175 }
176
177 enum {
178 PKCS5_PADDING = 1,
179 }
180
181 enum {
182 CRYPT_MODE_CBC = 1,
183 CRYPT_MODE_ECB = 2,
184 CRYPT_MODE_OFB = 3,
185 CRYPT_MODE_CFB = 4,
186 CRYPT_MODE_CTS = 5,
187 CRYPT_MODE_CBCI = 6,
188 CRYPT_MODE_CFBP = 7,
189 CRYPT_MODE_OFBP = 8,
190 CRYPT_MODE_CBCOFM = 9,
191 CRYPT_MODE_CBCOFMI = 10,
192 }
193
194 enum {
195 CRYPT_ENCRYPT = 1,
196 CRYPT_DECRYPT = 2,
197 CRYPT_EXPORT = 4,
198 CRYPT_READ = 8,
199 CRYPT_WRITE = 16,
200 CRYPT_MAC = 32,
201 }
202
203 enum {
204 HP_ALGID = 1,
205 HP_HASHVAL = 2,
206 HP_HASHSIZE = 4,
207 HP_HMAC_INFO = 5,
208 }
209
210 enum {
211 CRYPT_FAILED = FALSE,
212 CRYPT_SUCCEED = TRUE,
213 }
214
215 bool RCRYPT_SUCCEEDED(BOOL r) { return r==CRYPT_SUCCEED; }
216 bool RCRYPT_FAILED(BOOL r) { return r==CRYPT_FAILED; }
217
218 enum {
219 PP_ENUMALGS = 1,
220 PP_ENUMCONTAINERS = 2,
221 PP_IMPTYPE = 3,
222 PP_NAME = 4,
223 PP_VERSION = 5,
224 PP_CONTAINER = 6,
225 PP_CHANGE_PASSWORD = 7,
226 PP_KEYSET_SEC_DESCR = 8,
227 PP_CERTCHAIN = 9,
228 PP_KEY_TYPE_SUBTYPE = 10,
229 PP_PROVTYPE = 16,
230 PP_KEYSTORAGE = 17,
231 PP_APPLI_CERT = 18,
232 PP_SYM_KEYSIZE = 19,
233 PP_SESSION_KEYSIZE = 20,
234 PP_UI_PROMPT = 21,
235 PP_ENUMALGS_EX = 22,
236 PP_ENUMMANDROOTS = 25,
237 PP_ENUMELECTROOTS = 26,
238 PP_KEYSET_TYPE = 27,
239 PP_ADMIN_PIN = 31,
240 PP_KEYEXCHANGE_PIN = 32,
241 PP_SIGNATURE_PIN = 33,
242 PP_SIG_KEYSIZE_INC = 34,
243 PP_KEYX_KEYSIZE_INC = 35,
244 PP_UNIQUE_CONTAINER = 36,
245 PP_SGC_INFO = 37,
246 PP_USE_HARDWARE_RNG = 38,
247 PP_KEYSPEC = 39,
248 PP_ENUMEX_SIGNING_PROT = 40,
249 }
250
251 enum {
252 CRYPT_FIRST = 1,
253 CRYPT_NEXT = 2,
254 }
255
256 enum {
257 CRYPT_IMPL_HARDWARE = 1,
258 CRYPT_IMPL_SOFTWARE = 2,
259 CRYPT_IMPL_MIXED = 3,
260 CRYPT_IMPL_UNKNOWN = 4,
261 }
262
263 enum {
264 PROV_RSA_FULL = 1,
265 PROV_RSA_SIG = 2,
266 PROV_DSS = 3,
267 PROV_FORTEZZA = 4,
268 PROV_MS_MAIL = 5,
269 PROV_SSL = 6,
270 PROV_STT_MER = 7,
271 PROV_STT_ACQ = 8,
272 PROV_STT_BRND = 9,
273 PROV_STT_ROOT = 10,
274 PROV_STT_ISS = 11,
275 PROV_RSA_SCHANNEL = 12,
276 PROV_DSS_DH = 13,
277 PROV_EC_ECDSA_SIG = 14,
278 PROV_EC_ECNRA_SIG = 15,
279 PROV_EC_ECDSA_FULL = 16,
280 PROV_EC_ECNRA_FULL = 17,
281 PROV_DH_SCHANNEL = 18,
282 PROV_SPYRUS_LYNKS = 20,
283 PROV_RNG = 21,
284 PROV_INTEL_SEC = 22,
285 PROV_RSA_AES = 24,
286 MAXUIDLEN = 64,
287 }
288
289 enum {
290 CUR_BLOB_VERSION = 2,
291 }
292
293 enum {
294 X509_ASN_ENCODING = 1,
295 PKCS_7_ASN_ENCODING = 65536,
296 }
297
298 enum {
299 CERT_V1 = 0,
300 CERT_V2 = 1,
301 CERT_V3 = 2,
302 }
303
304 enum {
305 CERT_E_CHAINING = (-2146762486),
306 CERT_E_CN_NO_MATCH = (-2146762481),
307 CERT_E_EXPIRED = (-2146762495),
308 CERT_E_PURPOSE = (-2146762490),
309 CERT_E_REVOCATION_FAILURE = (-2146762482),
310 CERT_E_REVOKED = (-2146762484),
311 CERT_E_ROLE = (-2146762493),
312 CERT_E_UNTRUSTEDROOT = (-2146762487),
313 CERT_E_UNTRUSTEDTESTROOT = (-2146762483),
314 CERT_E_VALIDITYPERIODNESTING = (-2146762494),
315 CERT_E_WRONG_USAGE = (-2146762480),
316 CERT_E_PATHLENCONST = (-2146762492),
317 CERT_E_CRITICAL = (-2146762491),
318 CERT_E_ISSUERCHAINING = (-2146762489),
319 CERT_E_MALFORMED = (-2146762488),
320 CRYPT_E_REVOCATION_OFFLINE = (-2146885613),
321 CRYPT_E_REVOKED = (-2146885616),
322 TRUST_E_BASIC_CONSTRAINTS = (-2146869223),
323 TRUST_E_CERT_SIGNATURE = (-2146869244),
324 TRUST_E_FAIL = (-2146762485),
325 }
326
327 enum {
328 CERT_TRUST_NO_ERROR = 0,
329 CERT_TRUST_IS_NOT_TIME_VALID = 1,
330 CERT_TRUST_IS_NOT_TIME_NESTED = 2,
331 CERT_TRUST_IS_REVOKED = 4,
332 CERT_TRUST_IS_NOT_SIGNATURE_VALID = 8,
333 CERT_TRUST_IS_NOT_VALID_FOR_USAGE = 16,
334 CERT_TRUST_IS_UNTRUSTED_ROOT = 32,
335 CERT_TRUST_REVOCATION_STATUS_UNKNOWN = 64,
336 CERT_TRUST_IS_CYCLIC = 128,
337 CERT_TRUST_IS_PARTIAL_CHAIN = 65536,
338 CERT_TRUST_CTL_IS_NOT_TIME_VALID = 131072,
339 CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID = 262144,
340 CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE = 524288,
341 }
342
343 enum {
344 CERT_TRUST_HAS_EXACT_MATCH_ISSUER = 1,
345 CERT_TRUST_HAS_KEY_MATCH_ISSUER = 2,
346 CERT_TRUST_HAS_NAME_MATCH_ISSUER = 4,
347 CERT_TRUST_IS_SELF_SIGNED = 8,
348 CERT_TRUST_IS_COMPLEX_CHAIN = 65536,
349 }
350
351 enum {
352 CERT_CHAIN_POLICY_BASE = cast(LPCSTR) 1,
353 CERT_CHAIN_POLICY_AUTHENTICODE = cast(LPCSTR) 2,
354 CERT_CHAIN_POLICY_AUTHENTICODE_TS = cast(LPCSTR) 3,
355 CERT_CHAIN_POLICY_SSL = cast(LPCSTR) 4,
356 CERT_CHAIN_POLICY_BASIC_CONSTRAINTS = cast(LPCSTR) 5,
357 CERT_CHAIN_POLICY_NT_AUTH = cast(LPCSTR) 6,
358 }
359
360 enum {
361 USAGE_MATCH_TYPE_AND = 0,
362 USAGE_MATCH_TYPE_OR = 1,
363 }
364
365 enum {
366 CERT_SIMPLE_NAME_STR = 1,
367 CERT_OID_NAME_STR = 2,
368 CERT_X500_NAME_STR = 3,
369 }
370 enum {
371 CERT_NAME_STR_SEMICOLON_FLAG = 1073741824,
372 CERT_NAME_STR_CRLF_FLAG = 134217728,
373 CERT_NAME_STR_NO_PLUS_FLAG = 536870912,
374 CERT_NAME_STR_NO_QUOTING_FLAG = 268435456,
375 CERT_NAME_STR_REVERSE_FLAG = 33554432,
376 CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG = 131072,
377 }
378
379 enum {
380 CERT_FIND_ANY = 0,
381 CERT_FIND_CERT_ID = 1048576,
382 CERT_FIND_CTL_USAGE = 655360,
383 CERT_FIND_ENHKEY_USAGE = 655360,
384 CERT_FIND_EXISTING = 851968,
385 CERT_FIND_HASH = 65536,
386 CERT_FIND_ISSUER_ATTR = 196612,
387 CERT_FIND_ISSUER_NAME = 131076,
388 CERT_FIND_ISSUER_OF = 786432,
389 CERT_FIND_KEY_IDENTIFIER = 983040,
390 CERT_FIND_KEY_SPEC = 589824,
391 CERT_FIND_MD5_HASH = 262144,
392 CERT_FIND_PROPERTY = 327680,
393 CERT_FIND_PUBLIC_KEY = 393216,
394 CERT_FIND_SHA1_HASH = 65536,
395 CERT_FIND_SIGNATURE_HASH = 917504,
396 CERT_FIND_SUBJECT_ATTR = 196615,
397 CERT_FIND_SUBJECT_CERT = 720896,
398 CERT_FIND_SUBJECT_NAME = 131079,
399 CERT_FIND_SUBJECT_STR_A = 458759,
400 CERT_FIND_SUBJECT_STR_W = 524295,
401 CERT_FIND_ISSUER_STR_A = 458756,
402 CERT_FIND_ISSUER_STR_W = 524292,
403 }
404
405 enum {
406 CERT_FIND_OR_ENHKEY_USAGE_FLAG = 16,
407 CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG = 1,
408 CERT_FIND_NO_ENHKEY_USAGE_FLAG = 8,
409 CERT_FIND_VALID_ENHKEY_USAGE_FLAG = 32,
410 CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG = 2,
411 }
412
413 enum {
414 CERT_CASE_INSENSITIVE_IS_RDN_ATTRS_FLAG = 2,
415 CERT_UNICODE_IS_RDN_ATTRS_FLAG = 1,
416 CERT_CHAIN_FIND_BY_ISSUER = 1,
417 }
418
419 enum {
420 CERT_CHAIN_FIND_BY_ISSUER_COMPARE_KEY_FLAG = 1,
421 CERT_CHAIN_FIND_BY_ISSUER_COMPLEX_CHAIN_FLAG = 2,
422 CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG = 4,
423 CERT_CHAIN_FIND_BY_ISSUER_LOCAL_MACHINE_FLAG = 8,
424 CERT_CHAIN_FIND_BY_ISSUER_NO_KEY_FLAG = 16384,
425 CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG = 32768,
426 }
427
428 enum {
429 CERT_STORE_PROV_SYSTEM = 10,
430 CERT_SYSTEM_STORE_LOCAL_MACHINE = 131072,
431 }
432
433 enum {
434 szOID_PKIX_KP_SERVER_AUTH = "4235600",
435 szOID_SERVER_GATED_CRYPTO = "4235658",
436 szOID_SGC_NETSCAPE = "2.16.840.1.113730.4.1",
437 szOID_PKIX_KP_CLIENT_AUTH = "1.3.6.1.5.5.7.3.2",
438 }
439
440 enum {
441 CRYPT_NOHASHOID = 0x00000001,
442 CRYPT_NO_SALT = 0x10,
443 CRYPT_PREGEN = 0x40,
444 }
445
446 enum {
447 CRYPT_RECIPIENT = 0x10,
448 CRYPT_INITIATOR = 0x40,
449 CRYPT_ONLINE = 0x80,
450 CRYPT_SF = 0x100,
451 CRYPT_CREATE_IV = 0x200,
452 CRYPT_KEK = 0x400,
453 CRYPT_DATA_KEY = 0x800,
454 CRYPT_VOLATILE = 0x1000,
455 CRYPT_SGCKEY = 0x2000,
456 }
457
458 enum {
459 KP_IV = 0x00000001,
460 KP_SALT = 0x00000002,
461 KP_PADDING = 0x00000003,
462 KP_MODE = 0x00000004,
463 KP_MODE_BITS = 0x00000005,
464 KP_PERMISSIONS = 0x00000006,
465 KP_ALGID = 0x00000007,
466 KP_BLOCKLEN = 0x00000008,
467 KP_KEYLEN = 0x00000009,
468 KP_SALT_EX = 0x0000000a,
469 KP_P = 0x0000000b,
470 KP_G = 0x0000000c,
471 KP_Q = 0x0000000d,
472 KP_X = 0x0000000e,
473 KP_Y = 0x0000000f,
474 KP_RA = 0x00000010,
475 KP_RB = 0x00000011,
476 KP_INFO = 0x00000012,
477 KP_EFFECTIVE_KEYLEN = 0x00000013,
478 KP_SCHANNEL_ALG = 0x00000014,
479 KP_PUB_PARAMS = 0x00000027,
480 }
481
482 enum {
483 CRYPT_FLAG_PCT1 = 0x0001,
484 CRYPT_FLAG_SSL2 = 0x0002,
485 CRYPT_FLAG_SSL3 = 0x0004,
486 CRYPT_FLAG_TLS1 = 0x0008,
487 CRYPT_FLAG_IPSEC = 0x0010,
488 CRYPT_FLAG_SIGNING = 0x0020,
489 }
490
491 enum {
492 SCHANNEL_MAC_KEY = 0x00000000,
493 SCHANNEL_ENC_KEY = 0x00000001,
494 }
495
496 enum {
497 INTERNATIONAL_USAGE = 0x00000001,
498 }
499
500
501 alias UINT ALG_ID;
502 alias ULONG HCRYPTPROV, HCRYPTKEY, HCRYPTHASH;
503 alias PVOID HCERTSTORE, HCRYPTMSG, HCERTCHAINENGINE;
504
505 struct VTableProvStruc {
506 FARPROC FuncVerifyImage;
507 }
508 alias VTableProvStruc* PVTableProvStruc;
509
510 struct _CRYPTOAPI_BLOB {
511 DWORD cbData;
512 BYTE* pbData;
513 }
514 alias _CRYPTOAPI_BLOB CRYPT_INTEGER_BLOB, CRYPT_UINT_BLOB,
515 CRYPT_OBJID_BLOB, CERT_NAME_BLOB, CERT_RDN_VALUE_BLOB, CERT_BLOB,
516 CRL_BLOB, DATA_BLOB, CRYPT_DATA_BLOB, CRYPT_HASH_BLOB,
517 CRYPT_DIGEST_BLOB, CRYPT_DER_BLOB, CRYPT_ATTR_BLOB;
518 alias _CRYPTOAPI_BLOB* PCRYPT_INTEGER_BLOB, PCRYPT_UINT_BLOB,
519 PCRYPT_OBJID_BLOB, PCERT_NAME_BLOB, PCERT_RDN_VALUE_BLOB, PCERT_BLOB,
520 PCRL_BLOB, PDATA_BLOB, PCRYPT_DATA_BLOB, PCRYPT_HASH_BLOB,
521 PCRYPT_DIGEST_BLOB, PCRYPT_DER_BLOB, PCRYPT_ATTR_BLOB;
522
523 // not described in SDK; has the same layout as HTTPSPolicyCallbackData
524 struct SSL_EXTRA_CERT_CHAIN_POLICY_PARA {
525 DWORD cbStruct;
526 DWORD dwAuthType;
527 DWORD fdwChecks;
528 LPWSTR pwszServerName;
529 }
530 alias SSL_EXTRA_CERT_CHAIN_POLICY_PARA HTTPSPolicyCallbackData;
531 alias SSL_EXTRA_CERT_CHAIN_POLICY_PARA* PSSL_EXTRA_CERT_CHAIN_POLICY_PARA,
532 PHTTPSPolicyCallbackData;
533
534 /* #if (_WIN32_WINNT>=0x500) */
535 struct CERT_CHAIN_POLICY_PARA {
536 DWORD cbSize = CERT_CHAIN_POLICY_PARA.sizeof;
537 DWORD dwFlags;
538 void* pvExtraPolicyPara;
539 }
540 alias CERT_CHAIN_POLICY_PARA* PCERT_CHAIN_POLICY_PARA;
541
542 struct CERT_CHAIN_POLICY_STATUS {
543 DWORD cbSize = CERT_CHAIN_POLICY_STATUS.sizeof;
544 DWORD dwError;
545 LONG lChainIndex;
546 LONG lElementIndex;
547 void* pvExtraPolicyStatus;
548 }
549 alias CERT_CHAIN_POLICY_STATUS* PCERT_CHAIN_POLICY_STATUS;
550 /* #endif */
551
552 struct CRYPT_ALGORITHM_IDENTIFIER {
553 LPSTR pszObjId;
554 CRYPT_OBJID_BLOB Parameters;
555 }
556 alias CRYPT_ALGORITHM_IDENTIFIER* PCRYPT_ALGORITHM_IDENTIFIER;
557
558 struct CRYPT_BIT_BLOB {
559 DWORD cbData;
560 BYTE* pbData;
561 DWORD cUnusedBits;
562 }
563 alias CRYPT_BIT_BLOB* PCRYPT_BIT_BLOB;
564
565 struct CERT_PUBLIC_KEY_INFO {
566 CRYPT_ALGORITHM_IDENTIFIER Algorithm;
567 CRYPT_BIT_BLOB PublicKey;
568 }
569 alias CERT_PUBLIC_KEY_INFO* PCERT_PUBLIC_KEY_INFO;
570
571 struct CERT_EXTENSION {
572 LPSTR pszObjId;
573 BOOL fCritical;
574 CRYPT_OBJID_BLOB Value;
575 }
576 alias CERT_EXTENSION* PCERT_EXTENSION;
577
578 struct CERT_INFO {
579 DWORD dwVersion;
580 CRYPT_INTEGER_BLOB SerialNumber;
581 CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm;
582 CERT_NAME_BLOB Issuer;
583 FILETIME NotBefore;
584 FILETIME NotAfter;
585 CERT_NAME_BLOB Subject;
586 CERT_PUBLIC_KEY_INFO SubjectPublicKeyInfo;
587 CRYPT_BIT_BLOB IssuerUniqueId;
588 CRYPT_BIT_BLOB SubjectUniqueId;
589 DWORD cExtension;
590 PCERT_EXTENSION rgExtension;
591 }
592 alias CERT_INFO* PCERT_INFO;
593
594 struct CERT_CONTEXT {
595 DWORD dwCertEncodingType;
596 BYTE* pbCertEncoded;
597 DWORD cbCertEncoded;
598 PCERT_INFO pCertInfo;
599 HCERTSTORE hCertStore;
600 }
601 alias CERT_CONTEXT* PCERT_CONTEXT;
602 alias const(CERT_CONTEXT)* PCCERT_CONTEXT;
603
604 struct CTL_USAGE {
605 DWORD cUsageIdentifier;
606 LPSTR* rgpszUsageIdentifier;
607 }
608 alias CTL_USAGE CERT_ENHKEY_USAGE;
609 alias CTL_USAGE* PCTRL_USAGE, PCERT_ENHKEY_USAGE;
610
611 struct CERT_USAGE_MATCH {
612 DWORD dwType;
613 CERT_ENHKEY_USAGE Usage;
614 }
615 alias CERT_USAGE_MATCH* PCERT_USAGE_MATCH;
616 /* #if (_WIN32_WINNT>=0x500) */
617
618 struct CERT_CHAIN_PARA {
619 DWORD cbSize = CERT_CHAIN_PARA.sizeof;
620 CERT_USAGE_MATCH RequestedUsage;
621 //#if CERT_CHAIN_PARA_HAS_EXTRA_FIELDS
622 CERT_USAGE_MATCH RequestedIssuancePolicy;
623 DWORD dwUrlRetrievalTimeout;
624 BOOL fCheckRevocationFreshnessTime;
625 DWORD dwRevocationFreshnessTime;
626 //#endif
627 }
628 alias CERT_CHAIN_PARA* PCERT_CHAIN_PARA;
629
630 extern (Windows) alias BOOL function(PCCERT_CONTEXT, void*)
631 PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK;
632
633 struct CERT_CHAIN_FIND_BY_ISSUER_PARA {
634 DWORD cbSize = CERT_CHAIN_FIND_BY_ISSUER_PARA.sizeof;
635 LPCSTR pszUsageIdentifier;
636 DWORD dwKeySpec;
637 DWORD dwAcquirePrivateKeyFlags;
638 DWORD cIssuer;
639 CERT_NAME_BLOB* rgIssuer;
640 PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK pfnFIndCallback;
641 void* pvFindArg;
642 DWORD* pdwIssuerChainIndex;
643 DWORD* pdwIssuerElementIndex;
644 }
645 alias CERT_CHAIN_FIND_BY_ISSUER_PARA* PCERT_CHAIN_FIND_BY_ISSUER_PARA;
646 /* #endif */
647
648 struct CERT_TRUST_STATUS {
649 DWORD dwErrorStatus;
650 DWORD dwInfoStatus;
651 }
652 alias CERT_TRUST_STATUS* PCERT_TRUST_STATUS;
653
654 struct CRL_ENTRY {
655 CRYPT_INTEGER_BLOB SerialNumber;
656 FILETIME RevocationDate;
657 DWORD cExtension;
658 PCERT_EXTENSION rgExtension;
659 }
660 alias CRL_ENTRY* PCRL_ENTRY;
661
662 struct CRL_INFO {
663 DWORD dwVersion;
664 CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm;
665 CERT_NAME_BLOB Issuer;
666 FILETIME ThisUpdate;
667 FILETIME NextUpdate;
668 DWORD cCRLEntry;
669 PCRL_ENTRY rgCRLEntry;
670 DWORD cExtension;
671 PCERT_EXTENSION rgExtension;
672 }
673 alias CRL_INFO* PCRL_INFO;
674
675 struct CRL_CONTEXT {
676 DWORD dwCertEncodingType;
677 BYTE* pbCrlEncoded;
678 DWORD cbCrlEncoded;
679 PCRL_INFO pCrlInfo;
680 HCERTSTORE hCertStore;
681 }
682 alias CRL_CONTEXT* PCRL_CONTEXT;
683 alias const(CRL_CONTEXT)* PCCRL_CONTEXT;
684
685 struct CERT_REVOCATION_CRL_INFO {
686 DWORD cbSize = CERT_REVOCATION_CRL_INFO.sizeof;
687 PCCRL_CONTEXT pBaseCRLContext;
688 PCCRL_CONTEXT pDeltaCRLContext;
689 PCRL_ENTRY pCrlEntry;
690 BOOL fDeltaCrlEntry;
691 }
692 alias CERT_REVOCATION_CRL_INFO* PCERT_REVOCATION_CRL_INFO;
693
694 struct CERT_REVOCATION_INFO {
695 DWORD cbSize = CERT_REVOCATION_INFO.sizeof;
696 DWORD dwRevocationResult;
697 LPCSTR pszRevocationOid;
698 LPVOID pvOidSpecificInfo;
699 BOOL fHasFreshnessTime;
700 DWORD dwFreshnessTime;
701 PCERT_REVOCATION_CRL_INFO pCrlInfo;
702 }
703 alias CERT_REVOCATION_INFO* PCERT_REVOCATION_INFO;
704
705 /* #if (_WIN32_WINNT>=0x500) */
706 struct CERT_CHAIN_ELEMENT {
707 DWORD cbSize = CERT_CHAIN_ELEMENT.sizeof;
708 PCCERT_CONTEXT pCertContext;
709 CERT_TRUST_STATUS TrustStatus;
710 PCERT_REVOCATION_INFO pRevocationInfo;
711 PCERT_ENHKEY_USAGE pIssuanceUsage;
712 PCERT_ENHKEY_USAGE pApplicationUsage;
713 }
714 alias CERT_CHAIN_ELEMENT* PCERT_CHAIN_ELEMENT;
715 /* #endif */
716
717 struct CRYPT_ATTRIBUTE {
718 LPSTR pszObjId;
719 DWORD cValue;
720 PCRYPT_ATTR_BLOB rgValue;
721 }
722 alias CRYPT_ATTRIBUTE* PCRYPT_ATTRIBUTE;
723
724 struct CTL_ENTRY {
725 CRYPT_DATA_BLOB SubjectIdentifier;
726 DWORD cAttribute;
727 PCRYPT_ATTRIBUTE rgAttribute;
728 }
729 alias CTL_ENTRY* PCTL_ENTRY;
730
731 struct CTL_INFO {
732 DWORD dwVersion;
733 CTL_USAGE SubjectUsage;
734 CRYPT_DATA_BLOB ListIdentifier;
735 CRYPT_INTEGER_BLOB SequenceNumber;
736 FILETIME ThisUpdate;
737 FILETIME NextUpdate;
738 CRYPT_ALGORITHM_IDENTIFIER SubjectAlgorithm;
739 DWORD cCTLEntry;
740 PCTL_ENTRY rgCTLEntry;
741 DWORD cExtension;
742 PCERT_EXTENSION rgExtension;
743 }
744 alias CTL_INFO* PCTL_INFO;
745
746 struct CTL_CONTEXT {
747 DWORD dwMsgAndCertEncodingType;
748 BYTE* pbCtlEncoded;
749 DWORD cbCtlEncoded;
750 PCTL_INFO pCtlInfo;
751 HCERTSTORE hCertStore;
752 HCRYPTMSG hCryptMsg;
753 BYTE* pbCtlContent;
754 DWORD cbCtlContent;
755 }
756 alias CTL_CONTEXT* PCTL_CONTEXT;
757 alias const(CTL_CONTEXT)* PCCTL_CONTEXT;
758
759 struct CERT_TRUST_LIST_INFO {
760 DWORD cbSize = CERT_TRUST_LIST_INFO.sizeof;
761 PCTL_ENTRY pCtlEntry;
762 PCCTL_CONTEXT pCtlContext;
763 }
764 alias CERT_TRUST_LIST_INFO* PCERT_TRUST_LIST_INFO;
765
766 struct CERT_SIMPLE_CHAIN {
767 DWORD cbSize = CERT_SIMPLE_CHAIN.sizeof;
768 CERT_TRUST_STATUS TrustStatus;
769 DWORD cElement;
770 PCERT_CHAIN_ELEMENT* rgpElement;
771 PCERT_TRUST_LIST_INFO pTrustListInfo;
772 BOOL fHasRevocationFreshnessTime;
773 DWORD dwRevocationFreshnessTime;
774 }
775 alias CERT_SIMPLE_CHAIN* PCERT_SIMPLE_CHAIN;
776
777 /* #if (_WIN32_WINNT>=0x500) */
778 alias const(CERT_CHAIN_CONTEXT)* PCCERT_CHAIN_CONTEXT;
779 struct CERT_CHAIN_CONTEXT {
780 DWORD cbSize = CERT_CHAIN_CONTEXT.sizeof;
781 CERT_TRUST_STATUS TrustStatus;
782 DWORD cChain;
783 PCERT_SIMPLE_CHAIN* rgpChain;
784 DWORD cLowerQualityChainContext;
785 PCCERT_CHAIN_CONTEXT* rgpLowerQualityChainContext;
786 BOOL fHasRevocationFreshnessTime;
787 DWORD dwRevocationFreshnessTime;
788 }
789 alias CERT_CHAIN_CONTEXT* PCERT_CHAIN_CONTEXT;
790 /* #endif */
791
792 struct PROV_ENUMALGS {
793 ALG_ID aiAlgid;
794 DWORD dwBitLen;
795 DWORD dwNameLen;
796 CHAR[20] szName;
797 }
798
799 struct PUBLICKEYSTRUC {
800 BYTE bType;
801 BYTE bVersion;
802 WORD reserved;
803 ALG_ID aiKeyAlg;
804 }
805 alias PUBLICKEYSTRUC BLOBHEADER;
806
807 struct RSAPUBKEY {
808 DWORD magic;
809 DWORD bitlen;
810 DWORD pubexp;
811 }
812
813 struct HMAC_INFO {
814 ALG_ID HashAlgid;
815 BYTE* pbInnerString;
816 DWORD cbInnerString;
817 BYTE* pbOuterString;
818 DWORD cbOuterString;
819 }
820 alias HMAC_INFO* PHMAC_INFO;
821
822 extern (Windows) {
823 BOOL CertCloseStore(HCERTSTORE, DWORD);
824 BOOL CertGetCertificateChain(HCERTCHAINENGINE, PCCERT_CONTEXT, LPFILETIME,
825 HCERTSTORE, PCERT_CHAIN_PARA, DWORD, LPVOID, PCCERT_CHAIN_CONTEXT*);
826 BOOL CertVerifyCertificateChainPolicy(LPCSTR, PCCERT_CHAIN_CONTEXT,
827 PCERT_CHAIN_POLICY_PARA, PCERT_CHAIN_POLICY_STATUS);
828 void CertFreeCertificateChain(PCCERT_CHAIN_CONTEXT);
829 DWORD CertNameToStrA(DWORD, PCERT_NAME_BLOB, DWORD, LPSTR, DWORD);
830 DWORD CertNameToStrW(DWORD, PCERT_NAME_BLOB, DWORD, LPWSTR, DWORD);
831 HCERTSTORE CertOpenSystemStoreA(HCRYPTPROV, LPCSTR);
832 HCERTSTORE CertOpenSystemStoreW(HCRYPTPROV, LPCWSTR);
833 HCERTSTORE CertOpenStore(LPCSTR, DWORD, HCRYPTPROV, DWORD, const(void)*);
834 PCCERT_CONTEXT CertFindCertificateInStore(HCERTSTORE, DWORD, DWORD, DWORD,
835 const(void)*, PCCERT_CONTEXT);
836 BOOL CertFreeCertificateContext(PCCERT_CONTEXT);
837 PCCERT_CONTEXT CertGetIssuerCertificateFromStore(HCERTSTORE,
838 PCCERT_CONTEXT, PCCERT_CONTEXT, DWORD*);
839 PCCERT_CHAIN_CONTEXT CertFindChainInStore(HCERTSTORE, DWORD, DWORD, DWORD,
840 const(void)*, PCCERT_CHAIN_CONTEXT);
841
842 BOOL CryptAcquireContextA(HCRYPTPROV*, LPCSTR, LPCSTR, DWORD, DWORD);
843 BOOL CryptAcquireContextW(HCRYPTPROV*, LPCWSTR, LPCWSTR, DWORD, DWORD);
844 BOOL CryptContextAddRef(HCRYPTPROV, DWORD*, DWORD);
845 BOOL CryptReleaseContext(HCRYPTPROV, DWORD);
846 BOOL CryptGenKey(HCRYPTPROV, ALG_ID, DWORD, HCRYPTKEY*);
847 BOOL CryptDeriveKey(HCRYPTPROV, ALG_ID, HCRYPTHASH, DWORD, HCRYPTKEY*);
848 BOOL CryptDestroyKey(HCRYPTKEY);
849 static if (_WIN32_WINNT >= 0x500) {
850 BOOL CryptDuplicateHash(HCRYPTHASH, DWORD*, DWORD, HCRYPTHASH*);
851 BOOL CryptDuplicateKey(HCRYPTKEY, DWORD*, DWORD, HCRYPTKEY*);
852 }
853 BOOL CryptSetKeyParam(HCRYPTKEY, DWORD, PBYTE, DWORD);
854 BOOL CryptGetKeyParam(HCRYPTKEY, DWORD, PBYTE, PDWORD, DWORD);
855 BOOL CryptSetHashParam(HCRYPTHASH, DWORD, PBYTE, DWORD);
856 BOOL CryptGetHashParam(HCRYPTHASH, DWORD, PBYTE, PDWORD, DWORD);
857 BOOL CryptSetProvParam(HCRYPTPROV, DWORD, PBYTE, DWORD);
858 BOOL CryptGetProvParam(HCRYPTPROV, DWORD, PBYTE, PDWORD, DWORD);
859 BOOL CryptGenRandom(HCRYPTPROV, DWORD, PBYTE);
860 BOOL CryptGetUserKey(HCRYPTPROV, DWORD, HCRYPTKEY*);
861 BOOL CryptExportKey(HCRYPTKEY, HCRYPTKEY, DWORD, DWORD, PBYTE, PDWORD);
862 BOOL CryptImportKey(HCRYPTPROV, PBYTE, DWORD, HCRYPTKEY, DWORD,
863 HCRYPTKEY*);
864 BOOL CryptEncrypt(HCRYPTKEY, HCRYPTHASH, BOOL, DWORD, PBYTE, PDWORD,
865 DWORD);
866 BOOL CryptDecrypt(HCRYPTKEY, HCRYPTHASH, BOOL, DWORD, PBYTE, PDWORD);
867 BOOL CryptCreateHash(HCRYPTPROV, ALG_ID, HCRYPTKEY, DWORD, HCRYPTHASH*);
868 BOOL CryptHashData(HCRYPTHASH, PBYTE, DWORD, DWORD);
869 BOOL CryptHashSessionKey(HCRYPTHASH, HCRYPTKEY, DWORD);
870 BOOL CryptGetHashValue(HCRYPTHASH, DWORD, PBYTE, PDWORD);
871 BOOL CryptDestroyHash(HCRYPTHASH);
872 BOOL CryptSignHashA(HCRYPTHASH, DWORD, LPCSTR, DWORD, PBYTE, PDWORD);
873 BOOL CryptSignHashW(HCRYPTHASH, DWORD, LPCWSTR, DWORD, PBYTE, PDWORD);
874 BOOL CryptVerifySignatureA(HCRYPTHASH, PBYTE, DWORD, HCRYPTKEY, LPCSTR,
875 DWORD);
876 BOOL CryptVerifySignatureW(HCRYPTHASH, PBYTE, DWORD, HCRYPTKEY, LPCWSTR,
877 DWORD);
878 BOOL CryptSetProviderA(LPCSTR, DWORD);
879 BOOL CryptSetProviderW(LPCWSTR, DWORD);
880 }
881
882 version (Unicode) {
883 alias CertNameToStrW CertNameToStr;
884 alias CryptAcquireContextW CryptAcquireContext;
885 alias CryptSignHashW CryptSignHash;
886 alias CryptVerifySignatureW CryptVerifySignature;
887 alias CryptSetProviderW CryptSetProvider;
888 alias CertOpenSystemStoreW CertOpenSystemStore;
889 /+alias CERT_FIND_SUBJECT_STR_W CERT_FIND_SUBJECT_STR;
890 alias CERT_FIND_ISSUER_STR_W CERT_FIND_ISSUER_STR;+/
891 } else {
892 alias CertNameToStrA CertNameToStr;
893 alias CryptAcquireContextA CryptAcquireContext;
894 alias CryptSignHashA CryptSignHash;
895 alias CryptVerifySignatureA CryptVerifySignature;
896 alias CryptSetProviderA CryptSetProvider;
897 alias CertOpenSystemStoreA CertOpenSystemStore;
898 /+alias CERT_FIND_SUBJECT_STR_A CERT_FIND_SUBJECT_STR;
899 alias CERT_FIND_ISSUER_STR_A CERT_FIND_ISSUER_STR;+/
900 }