certsrv.h

希望我上传的这些东西可以对搞编程的程序员有点小小的帮助！谢谢！

//+---------------------------------------------------------------------------
//
//  Microsoft Windows
//  Copyright (C) Microsoft Corporation, 1992 - 1999
//
//  File:       CertSrv.h
//  Contents:   Main Certificate Server header
//              Also includes .h files for the COM interfaces
//
//----------------------------------------------------------------------------

#if !defined( _CERTSRV_H_ )
#pragma option push -b -a8 -pc -A- /*P_O_Push*/
#define _CERTSRV_H_

#include <certadm.h>
#include <certbcli.h>
#include <certcli.h>
#include <certenc.h>
#include <certexit.h>
#include <certif.h>
#include <certpol.h>
#include <certmod.h>
#include <certview.h>

#ifndef DBG_CERTSRV
# if defined(_DEBUG)
#  define DBG_CERTSRV     1
# elif defined(DBG)
#  define DBG_CERTSRV     DBG
# else
#  define DBG_CERTSRV     0
# endif
#endif

#define wszSERVICE_NAME		TEXT("CertSvc")

#define wszREGKEYNOSYSTEMCERTSVCPATH \
				TEXT("CurrentControlSet\\Services\\") \
				wszSERVICE_NAME

#define wszREGKEYCERTSVCPATH	TEXT("SYSTEM\\") wszREGKEYNOSYSTEMCERTSVCPATH
#define wszREGKEYBASE		wszREGKEYCERTSVCPATH	// obsolete definition

//======================================================================
// Full path to "CertSvc\Configuration\":
#define wszREGKEYCONFIGPATH	wszREGKEYCERTSVCPATH TEXT("\\") wszREGKEYCONFIG
#define wszREGKEYCONFIGPATH_BS	wszREGKEYCONFIGPATH TEXT("\\")
#define wszREGKEYCONFIGCANAME	wszREGKEYCONFIGPATH_BS	// obsolete definition

//======================================================================
// Full path to "CertSvc\Configuration\RestoreInProgress":
#define wszREGKEYCONFIGRESTORE wszREGKEYCONFIGPATH_BS wszREGKEYRESTOREINPROGRESS

//======================================================================
// Key Under "CertSvc":
#define wszREGKEYCONFIG		TEXT("Configuration")

//======================================================================
// Values Under "CertSvc\Configuration":
#define wszREGACTIVE		     TEXT("Active")
#define wszREGDIRECTORY		     TEXT("ConfigurationDirectory")
#define wszREGDBDIRECTORY            TEXT("DBDirectory")
#define wszREGDBLOGDIRECTORY         TEXT("DBLogDirectory")
#define wszREGDBSYSDIRECTORY         TEXT("DBSystemDirectory")
#define wszREGDBTEMPDIRECTORY        TEXT("DBTempDirectory")
#define wszREGDBSESSIONCOUNT	     TEXT("DBSessionCount")
#define wszREGWEBCLIENTCAMACHINE     TEXT("WebClientCAMachine")
#define wszREGWEBCLIENTCANAME        TEXT("WebClientCAName")
#define wszREGWEBCLIENTCATYPE        TEXT("WebClientCAType")

// Default value for wszREGDBSESSIONCOUNT
#define DBSESSIONCOUNTDEFAULT	     20

// Keys Under "CertSvc\Configuration":
#define wszREGKEYRESTOREINPROGRESS   TEXT("RestoreInProgress")

//======================================================================
// Values Under "CertSvc\Configuration\<CAName>":
#define wszREGCADESCRIPTION          TEXT("CADescription")
#define wszREGCACERTHASH	     TEXT("CACertHash")
#define wszREGCASERIALNUMBER	     TEXT("CACertSerialNumber")
#define wszREGCATYPE		     TEXT("CAType")
#define wszREGCERTENROLLCOMPATIBLE   TEXT("CertEnrollCompatible")
#define wszREGENFORCEX500NAMELENGTHS TEXT("EnforceX500NameLengths")
#define wszREGCOMMONNAME	     TEXT("CommonName")
#define wszREGCLOCKSKEWMINUTES	     TEXT("ClockSkewMinutes")
#define wszREGCRLNEXTPUBLISH         TEXT("CRLNextPublish")
#define wszREGCRLPERIOD		     TEXT("CRLPeriod")
#define wszREGCRLUNITS		     TEXT("CRLPeriodUnits")
#define wszREGCRLOVERLAPPERIOD   TEXT("CRLOverlapPeriod")
#define wszREGCRLOVERLAPUNITS    TEXT("CRLOverlapUnits")
#define wszREGCRLPATH                TEXT("CRLPath")
#define wszREGCRLEDITFLAGS	     TEXT("CRLEditFlags")
#define wszREGCRLATTEMPTREPUBLISH    TEXT("CRLAttemptRepublish")
#define wszREGENABLED		     TEXT("Enabled")
#define wszREGFORCETELETEX           TEXT("ForceTeletex")
#define wszREGLOGLEVEL		     TEXT("LogLevel")
#define wszREGPOLICYFLAGS	     TEXT("PolicyFlags")
#define wszREGNAMESEPARATOR          TEXT("SubjectNameSeparator")
#define wszREGSUBJECTTEMPLATE	     TEXT("SubjectTemplate")
#define wszREGCAUSEDS		     TEXT("UseDS")
#define wszREGDURATIONPERIOD	     TEXT("ValidityPeriod")
#define wszREGDURATIONUNITS	     TEXT("ValidityPeriodUnits")
#define wszREGPARENTCAMACHINE        TEXT("ParentCAMachine")
#define wszREGPARENTCANAME           TEXT("ParentCAName")
#define wszREGREQUESTFILENAME        TEXT("RequestFileName")
#define wszREGREQUESTID              TEXT("RequestId")
#define wszREGREQUESTKEYCONTAINER    TEXT("RequestKeyContainer")
#define wszREGREQUESTKEYINDEX        TEXT("RequestKeyIndex")
#define wszREGCASERVERNAME           TEXT("CAServerName")
#define wszREGCACERTFILENAME         TEXT("CACertFileName")
#define wszREGCASECURITY             TEXT("Security")

#define wszREGSETUPSTATUS            TEXT("SetupStatus")

#define wszPFXFILENAMEEXT	     TEXT(".p12")
#define wszDATFILENAMEEXT	     TEXT(".dat")
#define wszLOGFILENAMEEXT	     TEXT(".log")
#define wszPATFILENAMEEXT	     TEXT(".pat")
#define wszDBFILENAMEEXT	     TEXT(".edb")
#define szDBBASENAMEPARM	     "edb"
#define wszDBBASENAMEPARM	     TEXT(szDBBASENAMEPARM)
#define wszLOGPATH		     TEXT("CertLog")
#define wszDBBACKUPSUBDIR	     TEXT("DataBase")
#define wszDBBACKUPCERTBACKDAT	     TEXT("certback.dat")


#ifndef __ENUM_CATYPES__
#define __ENUM_CATYPES__

// Values for wszREGCATYPE:
typedef enum {
    ENUM_ENTERPRISE_ROOTCA = 0,
    ENUM_ENTERPRISE_SUBCA = 1,
    //ENUM_UNUSED2 = 2,
    ENUM_STANDALONE_ROOTCA = 3,
    ENUM_STANDALONE_SUBCA = 4,
    ENUM_UNKNOWN_CA = 5,
} ENUM_CATYPES;

#endif __ENUM_CATYPES__

// Default value for wszREGCLOCKSKEWMINUTES
#define CCLOCKSKEWMINUTESDEFAULT	10

// Values for wszREGLOGLEVEL:
#define CERTLOG_MINIMAL		(DWORD) 0
#define CERTLOG_TERSE		(DWORD) 1
#define CERTLOG_ERROR		(DWORD) 2
#define CERTLOG_WARNING		(DWORD) 3
#define CERTLOG_VERBOSE		(DWORD) 4


// Values for wszREGSETUPSTATUS:
#define SETUP_SERVER_FLAG		0x00000001	// server installed
#define SETUP_CLIENT_FLAG		0x00000002	// client installed
#define SETUP_SUSPEND_FLAG		0x00000004	// incomplete install
#define SETUP_REQUEST_FLAG		0x00000008	// new cert requested
#define SETUP_ONLINE_FLAG		0x00000010	// requested online
#define SETUP_DENIED_FLAG		0x00000020	// request denied
#define SETUP_CREATEDB_FLAG		0x00000040	// create new DB
#define SETUP_ATTEMPT_VROOT_CREATE	0x00000080	// try to create vroots
#define SETUP_FORCECRL_FLAG		0x00000100	// force new CRL(s)


//======================================================================
// Keys Under "CertSvc\Configuration\<CAName>":
#define wszREGKEYCSP			TEXT("CSP")
#define wszREGKEYEXITMODULES		TEXT("ExitModules")
#define wszREGKEYPOLICYMODULES	        TEXT("PolicyModules")
#define wszSECUREDATTRIBUTES		TEXT("SignedAttributes")

#define wszDEFAULTSIGNEDATTRIBUTES      TEXT("RequesterName\0") \
                                        TEXT("RequesterAddress\0") \
                                        TEXT("RequesterToken\0")

//======================================================================
// Values Under "CertSvc\Configuration\RestoreInProgress":
#define wszREGBACKUPLOGDIRECTORY	TEXT("BackupLogDirectory")
#define wszREGCHECKPOINTFILE		TEXT("CheckPointFile")
#define wszREGHIGHLOGNUMBER		TEXT("HighLogNumber")
#define wszREGLOWLOGNUMBER		TEXT("LowLogNumber")
#define wszREGLOGPATH			TEXT("LogPath")
#define wszREGRESTOREMAPCOUNT		TEXT("RestoreMapCount")
#define wszREGRESTOREMAP		TEXT("RestoreMap")
#define wszREGDATABASERECOVERED		TEXT("DatabaseRecovered")
#define wszREGRESTORESTATUS		TEXT("RestoreStatus")

// values under \Configuration\PolicyModules in nt5 beta 2
#define wszREGB2ICERTMANAGEMODULE   TEXT("ICertManageModule")
// values under \Configuration in nt4 sp4
#define wszREGSP4DEFAULTCONFIGURATION  TEXT("DefaultConfiguration")
// values under ca in nt4 sp4
#define wszREGSP4KEYSETNAME            TEXT("KeySetName")
#define wszREGSP4SUBJECTNAMESEPARATOR  TEXT("SubjectNameSeparator")
#define wszREGSP4NAMES                 TEXT("Names")
#define wszREGSP4QUERIES               TEXT("Queries")
// both nt4 sp4 and nt5 beta 2
#define wszREGNETSCAPECERTTYPE         TEXT("NetscapeCertType")
#define wszNETSCAPEREVOCATIONTYPE      TEXT("Netscape")


//======================================================================
// Values Under "CertSvc\Configuration\<CAName>\CSP":
#define wszREGPROVIDERTYPE    TEXT("ProviderType")
#define wszREGPROVIDER        TEXT("Provider")
#define wszHASHALGORITHM      TEXT("HashAlgorithm")
#define wszMACHINEKEYSET      TEXT("MachineKeyset")


//======================================================================
// Value strings for "CertSvc\Configuration\<CAName>\SubjectNameSeparator":
#define szNAMESEPARATORDEFAULT   "\n"
#define wszNAMESEPARATORDEFAULT   TEXT(szNAMESEPARATORDEFAULT)


//======================================================================
// Value strings for "CertSvc\Configuration\<CAName>\ValidityPeriod":
#define wszDURATIONUNITSYEARS	TEXT("Years")
#define wszDURATIONUNITSMONTHS	TEXT("Months")
#define wszDURATIONUNITSWEEKS	TEXT("Weeks")
#define wszDURATIONUNITSDAYS	TEXT("Days")
#define wszDURATIONUNITSHOURS	TEXT("Hours")
#define wszDURATIONUNITSMINUTES	TEXT("Minutes")
#define wszDURATIONUNITSSECONDS	TEXT("Seconds")

//======================================================================
// Values Under "CertSvc\Configuration\<CAName>\PolicyModules\<ProgId>":
#define wszREGISSUERCERTURLFLAGS    TEXT("IssuerCertURLFlags")
#define wszREGEDITFLAGS		    TEXT("EditFlags")
#define wszREGSUBJECTALTNAME	    TEXT("SubjectAltName")
#define wszREGSUBJECTALTNAME2	    TEXT("SubjectAltName2")
#define wszREGREQUESTDISPOSITION    TEXT("RequestDisposition")
#define wszREGCAPATHLENGTH	    TEXT("CAPathLength")
#define wszREGREVOCATIONTYPE	    TEXT("RevocationType")

#define wszREGLDAPREVOCATIONCRLURL  TEXT("LDAPRevocationCRLURL")
#define wszREGREVOCATIONCRLURL	    TEXT("RevocationCRLURL")
#define wszREGFTPREVOCATIONCRLURL   TEXT("FTPRevocationCRLURL")
#define wszREGFILEREVOCATIONCRLURL  TEXT("FileRevocationCRLURL")

#define wszREGREVOCATIONURL	    TEXT("RevocationURL")

#define wszREGLDAPISSUERCERTURL	    TEXT("LDAPIssuerCertURL")
#define wszREGISSUERCERTURL         TEXT("IssuerCertURL")
#define wszREGFTPISSUERCERTURL      TEXT("FTPIssuerCertURL")
#define wszREGFILEISSUERCERTURL     TEXT("FileIssuerCertURL")

#define wszREGENABLEREQUESTEXTENSIONLIST  TEXT("EnableRequestExtensionList")
#define wszREGDISABLEEXTENSIONLIST  TEXT("DisableExtensionList")

// wszREGCAPATHLENGTH Values:
#define CAPATHLENGTH_INFINITE		0xffffffff

// wszREGREQUESTDISPOSITION Values:
#define REQDISP_PENDING			0x00000000
#define REQDISP_ISSUE			0x00000001
#define REQDISP_DENY			0x00000002
#define REQDISP_USEREQUESTATTRIBUTE	0x00000003
#define REQDISP_MASK			0x000000ff
#define REQDISP_PENDINGFIRST		0x00000100
#define REQDISP_DEFAULT_STANDALONE	(REQDISP_PENDINGFIRST | REQDISP_ISSUE)
#define REQDISP_DEFAULT_ENTERPRISE	(REQDISP_ISSUE)

// wszREGREVOCATIONTYPE Values:
#define REVEXT_CDPLDAPURL		0x00000001
#define REVEXT_CDPHTTPURL		0x00000002
#define REVEXT_CDPFTPURL		0x00000004
#define REVEXT_CDPFILEURL		0x00000008
#define REVEXT_CDPURLMASK		0x000000ff
#define REVEXT_CDPENABLE		0x00000100
#define REVEXT_ASPENABLE		0x00000200
#define REVEXT_DEFAULT_NODS	(REVEXT_CDPENABLE | \
				 REVEXT_CDPLDAPURL | \
				 REVEXT_CDPHTTPURL | \
				 REVEXT_CDPFILEURL)

// Suppress FILE URLs if a DS is available, as LDAP access within the
// enterprise should suffice, and http: should work outside the enterprise.
// Certs with too many URLs don't always fit on smart cards.

#define REVEXT_DEFAULT_DS	(REVEXT_CDPENABLE | \
				 REVEXT_CDPLDAPURL | \
				 REVEXT_CDPHTTPURL)

// wszREGISSUERCERTURLFLAGS Values:
#define ISSCERT_LDAPURL			0x00000001
#define ISSCERT_HTTPURL			0x00000002
#define ISSCERT_FTPURL			0x00000004
#define ISSCERT_FILEURL			0x00000008
#define ISSCERT_URLMASK			0x000000ff
#define ISSCERT_ENABLE			0x00000100
#define ISSCERT_DEFAULT_NODS	(ISSCERT_ENABLE | \
				 ISSCERT_LDAPURL | \
				 ISSCERT_HTTPURL | \
				 ISSCERT_FILEURL)

// Suppress FILE URLs if a DS is available, as LDAP access within the
// enterprise should suffice, and http: should work outside the enterprise.
// Certs with too many URLs don't always fit on smart cards.

#define ISSCERT_DEFAULT_DS	(ISSCERT_ENABLE | \
				 ISSCERT_LDAPURL | \
				 ISSCERT_HTTPURL)

// wszREGEDITFLAGS Values:				   Defaults:
#define EDITF_ENABLEREQUESTEXTENSIONS	0x00000001	// neither
#define EDITF_REQUESTEXTENSIONLIST	0x00000002	// Standalone
#define EDITF_DISABLEEXTENSIONLIST	0x00000004	// both
#define EDITF_ADDOLDKEYUSAGE		0x00000008	// both
#define EDITF_ADDOLDCERTTYPE		0x00000010	// neither
#define EDITF_ATTRIBUTEENDDATE		0x00000020	// Standalone
#define EDITF_BASICCONSTRAINTSCRITICAL	0x00000040	// Standalone
#define EDITF_BASICCONSTRAINTSCA	0x00000080	// Standalone
#define EDITF_ENABLEAKIKEYID		0x00000100	// both
#define EDITF_ATTRIBUTECA		0x00000200	// Standalone
#define EDITF_IGNOREREQUESTERGROUP      0x00000400	// both
#define EDITF_ENABLEAKIISSUERNAME	0x00000800	// both
#define EDITF_ENABLEAKIISSUERSERIAL	0x00001000	// both
#define EDITF_ENABLEAKICRITICAL		0x00002000	// both

#define EDITF_DEFAULT_STANDALONE	(EDITF_REQUESTEXTENSIONLIST | \
					 EDITF_DISABLEEXTENSIONLIST | \
					 EDITF_ADDOLDKEYUSAGE | \
					 EDITF_ATTRIBUTEENDDATE | \
					 EDITF_BASICCONSTRAINTSCRITICAL | \
					 EDITF_BASICCONSTRAINTSCA | \
					 EDITF_ENABLEAKIKEYID | \
					 EDITF_ATTRIBUTECA | \
					 EDITF_ENABLEAKIISSUERNAME | \
					 EDITF_ENABLEAKIISSUERSERIAL)

#define EDITF_DEFAULT_ENTERPRISE	(EDITF_REQUESTEXTENSIONLIST | \
					 EDITF_DISABLEEXTENSIONLIST | \
                                         EDITF_BASICCONSTRAINTSCRITICAL | \
                                         EDITF_ENABLEAKIKEYID | \
					 EDITF_ADDOLDKEYUSAGE | \
					 EDITF_ENABLEAKIISSUERNAME | \
					 EDITF_ENABLEAKIISSUERSERIAL)


//======================================================================