📄 wincrypt.h
字号:
//--------------------------------------------------------------------------
typedef struct _CTL_USAGE {
DWORD cUsageIdentifier;
LPSTR *rgpszUsageIdentifier; // array of pszObjId
} CTL_USAGE, *PCTL_USAGE,
CERT_ENHKEY_USAGE, *PCERT_ENHKEY_USAGE;
//+-------------------------------------------------------------------------
// An entry in a CTL
//--------------------------------------------------------------------------
typedef struct _CTL_ENTRY {
CRYPT_DATA_BLOB SubjectIdentifier; // For example, its hash
DWORD cAttribute;
PCRYPT_ATTRIBUTE rgAttribute; // OPTIONAL
} CTL_ENTRY, *PCTL_ENTRY;
//+-------------------------------------------------------------------------
// Information stored in a CTL
//--------------------------------------------------------------------------
typedef struct _CTL_INFO {
DWORD dwVersion;
CTL_USAGE SubjectUsage;
CRYPT_DATA_BLOB ListIdentifier; // OPTIONAL
CRYPT_INTEGER_BLOB SequenceNumber; // OPTIONAL
FILETIME ThisUpdate;
FILETIME NextUpdate; // OPTIONAL
CRYPT_ALGORITHM_IDENTIFIER SubjectAlgorithm;
DWORD cCTLEntry;
PCTL_ENTRY rgCTLEntry; // OPTIONAL
DWORD cExtension;
PCERT_EXTENSION rgExtension; // OPTIONAL
} CTL_INFO, *PCTL_INFO;
//+-------------------------------------------------------------------------
// CTL versions
//--------------------------------------------------------------------------
#define CTL_V1 0
//+-------------------------------------------------------------------------
// TimeStamp Request
//
// The pszTimeStamp is the OID for the Time type requested
// The pszContentType is the Content Type OID for the content, usually DATA
// The Content is a un-decoded blob
//--------------------------------------------------------------------------
typedef struct _CRYPT_TIME_STAMP_REQUEST_INFO {
LPSTR pszTimeStampAlgorithm; // pszObjId
LPSTR pszContentType; // pszObjId
CRYPT_OBJID_BLOB Content;
DWORD cAttribute;
PCRYPT_ATTRIBUTE rgAttribute;
} CRYPT_TIME_STAMP_REQUEST_INFO, *PCRYPT_TIME_STAMP_REQUEST_INFO;
//+-------------------------------------------------------------------------
// Certificate and Message encoding types
//
// The encoding type is a DWORD containing both the certificate and message
// encoding types. The certificate encoding type is stored in the LOWORD.
// The message encoding type is stored in the HIWORD. Some functions or
// structure fields require only one of the encoding types. The following
// naming convention is used to indicate which encoding type(s) are
// required:
// dwEncodingType (both encoding types are required)
// dwMsgAndCertEncodingType (both encoding types are required)
// dwMsgEncodingType (only msg encoding type is required)
// dwCertEncodingType (only cert encoding type is required)
//
// Its always acceptable to specify both.
//--------------------------------------------------------------------------
#define CERT_ENCODING_TYPE_MASK 0x0000FFFF
#define CMSG_ENCODING_TYPE_MASK 0xFFFF0000
#define GET_CERT_ENCODING_TYPE(X) (X & CERT_ENCODING_TYPE_MASK)
#define GET_CMSG_ENCODING_TYPE(X) (X & CMSG_ENCODING_TYPE_MASK)
#define CRYPT_ASN_ENCODING 0x00000001
#define CRYPT_NDR_ENCODING 0x00000002
#define X509_ASN_ENCODING 0x00000001
#define X509_NDR_ENCODING 0x00000002
#define PKCS_7_ASN_ENCODING 0x00010000
#define PKCS_7_NDR_ENCODING 0x00020000
//+-------------------------------------------------------------------------
// format the specified data structure according to the certificate
// encoding type.
//
//--------------------------------------------------------------------------
WINCRYPT32API
BOOL
WINAPI
CryptFormatObject(
IN DWORD dwCertEncodingType,
IN DWORD dwFormatType,
IN DWORD dwFormatStrType,
IN void *pFormatStruct,
IN LPCSTR lpszStructType,
IN const BYTE *pbEncoded,
IN DWORD cbEncoded,
OUT void *pbFormat,
IN OUT DWORD *pcbFormat
);
//+-------------------------------------------------------------------------
// Encode / decode the specified data structure according to the certificate
// encoding type.
//
// See below for a list of the predefined data structures.
//--------------------------------------------------------------------------
WINCRYPT32API
BOOL
WINAPI
CryptEncodeObject(
IN DWORD dwCertEncodingType,
IN LPCSTR lpszStructType,
IN const void *pvStructInfo,
OUT BYTE *pbEncoded,
IN OUT DWORD *pcbEncoded
);
WINCRYPT32API
BOOL
WINAPI
CryptDecodeObject(
IN DWORD dwCertEncodingType,
IN LPCSTR lpszStructType,
IN const BYTE *pbEncoded,
IN DWORD cbEncoded,
IN DWORD dwFlags,
OUT void *pvStructInfo,
IN OUT DWORD *pcbStructInfo
);
// When the following flag is set the nocopy optimization is enabled.
// This optimization where appropriate, updates the pvStructInfo fields
// to point to content residing within pbEncoded instead of making a copy
// of and appending to pvStructInfo.
//
// Note, when set, pbEncoded can't be freed until pvStructInfo is freed.
#define CRYPT_DECODE_NOCOPY_FLAG 0x1
//+-------------------------------------------------------------------------
// Predefined X509 certificate data structures that can be encoded / decoded.
//--------------------------------------------------------------------------
#define CRYPT_ENCODE_DECODE_NONE 0
#define X509_CERT ((LPCSTR) 1)
#define X509_CERT_TO_BE_SIGNED ((LPCSTR) 2)
#define X509_CERT_CRL_TO_BE_SIGNED ((LPCSTR) 3)
#define X509_CERT_REQUEST_TO_BE_SIGNED ((LPCSTR) 4)
#define X509_EXTENSIONS ((LPCSTR) 5)
#define X509_NAME_VALUE ((LPCSTR) 6)
#define X509_NAME ((LPCSTR) 7)
#define X509_PUBLIC_KEY_INFO ((LPCSTR) 8)
//+-------------------------------------------------------------------------
// Predefined X509 certificate extension data structures that can be
// encoded / decoded.
//--------------------------------------------------------------------------
#define X509_AUTHORITY_KEY_ID ((LPCSTR) 9)
#define X509_KEY_ATTRIBUTES ((LPCSTR) 10)
#define X509_KEY_USAGE_RESTRICTION ((LPCSTR) 11)
#define X509_ALTERNATE_NAME ((LPCSTR) 12)
#define X509_BASIC_CONSTRAINTS ((LPCSTR) 13)
#define X509_KEY_USAGE ((LPCSTR) 14)
#define X509_BASIC_CONSTRAINTS2 ((LPCSTR) 15)
#define X509_CERT_POLICIES ((LPCSTR) 16)
//+-------------------------------------------------------------------------
// Additional predefined data structures that can be encoded / decoded.
//--------------------------------------------------------------------------
#define PKCS_UTC_TIME ((LPCSTR) 17)
#define PKCS_TIME_REQUEST ((LPCSTR) 18)
#define RSA_CSP_PUBLICKEYBLOB ((LPCSTR) 19)
#define X509_UNICODE_NAME ((LPCSTR) 20)
#define X509_KEYGEN_REQUEST_TO_BE_SIGNED ((LPCSTR) 21)
#define PKCS_ATTRIBUTE ((LPCSTR) 22)
#define PKCS_CONTENT_INFO_SEQUENCE_OF_ANY ((LPCSTR) 23)
//+-------------------------------------------------------------------------
// Predefined primitive data structures that can be encoded / decoded.
//--------------------------------------------------------------------------
#define X509_UNICODE_NAME_VALUE ((LPCSTR) 24)
#define X509_ANY_STRING X509_NAME_VALUE
#define X509_UNICODE_ANY_STRING X509_UNICODE_NAME_VALUE
#define X509_OCTET_STRING ((LPCSTR) 25)
#define X509_BITS ((LPCSTR) 26)
#define X509_INTEGER ((LPCSTR) 27)
#define X509_MULTI_BYTE_INTEGER ((LPCSTR) 28)
#define X509_ENUMERATED ((LPCSTR) 29)
#define X509_CHOICE_OF_TIME ((LPCSTR) 30)
//+-------------------------------------------------------------------------
// More predefined X509 certificate extension data structures that can be
// encoded / decoded.
//--------------------------------------------------------------------------
#define X509_AUTHORITY_KEY_ID2 ((LPCSTR) 31)
//#define X509_AUTHORITY_INFO_ACCESS ((LPCSTR) 32)
#define X509_CRL_REASON_CODE X509_ENUMERATED
#define PKCS_CONTENT_INFO ((LPCSTR) 33)
#define X509_SEQUENCE_OF_ANY ((LPCSTR) 34)
#define X509_CRL_DIST_POINTS ((LPCSTR) 35)
#define X509_ENHANCED_KEY_USAGE ((LPCSTR) 36)
#define PKCS_CTL ((LPCSTR) 37)
#define X509_MULTI_BYTE_UINT ((LPCSTR) 38)
#define X509_DSS_PUBLICKEY X509_MULTI_BYTE_UINT
#define X509_DSS_PARAMETERS ((LPCSTR) 39)
#define X509_DSS_SIGNATURE ((LPCSTR) 40)
#define PKCS_RC2_CBC_PARAMETERS ((LPCSTR) 41)
#define PKCS_SMIME_CAPABILITIES ((LPCSTR) 42)
//+-------------------------------------------------------------------------
// Predefined PKCS #7 data structures that can be encoded / decoded.
//--------------------------------------------------------------------------
#define PKCS7_SIGNER_INFO ((LPCSTR) 500)
//+-------------------------------------------------------------------------
// Predefined Software Publishing Credential (SPC) data structures that
// can be encoded / decoded.
//
// Predefined values: 2000 .. 2999
//
// See spc.h for value and data structure definitions.
//--------------------------------------------------------------------------
//+-------------------------------------------------------------------------
// Extension Object Identifiers
//--------------------------------------------------------------------------
#define szOID_AUTHORITY_KEY_IDENTIFIER "2.5.29.1"
#define szOID_KEY_ATTRIBUTES "2.5.29.2"
#define szOID_KEY_USAGE_RESTRICTION "2.5.29.4"
#define szOID_SUBJECT_ALT_NAME "2.5.29.7"
#define szOID_ISSUER_ALT_NAME "2.5.29.8"
#define szOID_BASIC_CONSTRAINTS "2.5.29.10"
#define szOID_KEY_USAGE "2.5.29.15"
#define szOID_BASIC_CONSTRAINTS2 "2.5.29.19"
#define szOID_CERT_POLICIES "2.5.29.32"
#define szOID_AUTHORITY_KEY_IDENTIFIER2 "2.5.29.35"
#define szOID_SUBJECT_KEY_IDENTIFIER "2.5.29.14"
#define szOID_SUBJECT_ALT_NAME2 "2.5.29.17"
#define szOID_ISSUER_ALT_NAME2 "2.5.29.18"
#define szOID_CRL_REASON_CODE "2.5.29.21"
#define szOID_CRL_DIST_POINTS "2.5.29.31"
#define szOID_ENHANCED_KEY_USAGE "2.5.29.37"
// Internet Public Key Infrastructure
#define szOID_PKIX "1.3.6.1.5.5.7"
#define szOID_AUTHORITY_INFO_ACCESS "1.3.6.1.5.5.7.2"
// Microsoft extensions or attributes
#define szOID_CERT_EXTENSIONS "1.3.6.1.4.1.311.2.1.14"
#define szOID_NEXT_UPDATE_LOCATION "1.3.6.1.4.1.311.10.2"
// Microsoft PKCS #7 ContentType Object Identifiers
#define szOID_CTL "1.3.6.1.4.1.311.10.1"
//+-------------------------------------------------------------------------
// Extension Object Identifiers (currently not implemented)
//--------------------------------------------------------------------------
#define szOID_POLICY_MAPPINGS "2.5.29.5"
#define szOID_SUBJECT_DIR_ATTRS "2.5.29.9"
//+-------------------------------------------------------------------------
// Enhanced Key Usage (Purpose) Object Identifiers
//--------------------------------------------------------------------------
#define szOID_PKIX_KP "1.3.6.1.5.5.7.3"
// Consistent key usage bits: DIGITAL_SIGNATURE, KEY_ENCIPHERMENT
// or KEY_AGREEMENT
#define szOID_PKIX_KP_SERVER_AUTH "1.3.6.1.5.5.7.3.1"
// Consistent key usage bits: DIGITAL_SIGNATURE
#define szOID_PKIX_KP_CLIENT_AUTH "1.3.6.1.5.5.7.3.2"
// Consistent key usage bits: DIGITAL_SIGNATURE
#define szOID_PKIX_KP_CODE_SIGNING "1.3.6.1.5.5.7.3.3"
// Consistent key usage bits: DIGITAL_SIGNATURE, NON_REPUDIATION and/or
// (KEY_ENCIPHERMENT or KEY_AGREEMENT)
#define szOID_PKIX_KP_EMAIL_PROTECTION "1.3.6.1.5.5.7.3.4"
//+-------------------------------------------------------------------------
// Microsoft Enhanced Key Usage (Purpose) Object Identifiers
//+-------------------------------------------------------------------------
// Signer of CTLs
#define szOID_KP_CTL_USAGE_SIGNING "1.3.6.1.4.1.311.10.3.1"
// Signer of TimeStamps
#define szOID_KP_TIME_STAMP_SIGNING "1.3.6.1.4.1.311.10.3.2"
//+-------------------------------------------------------------------------
// Microsoft Attribute Object Identifiers
//+-------------------------------------------------------------------------
#define szOID_YESNO_TRUST_ATTR "1.3.6.1.4.1.311.10.4.1"
//+-------------------------------------------------------------------------
// X509_CERT
//
// The "to be signed" encoded content plus its signature. The ToBeSigned
// content is the CryptEncodeObject() output for one of the following:
// X509_CERT_TO_BE_SIGNED, X509_CERT_CRL_TO_BE_SIGNED or
// X509_CERT_REQUEST_TO_BE_SIGNED.
//
// pvStructInfo points to CERT_SIGNED_CONTENT_INFO.
//--------------------------------------------------------------------------
//+-------------------------------------------------------------------------
// X509_CERT_TO_BE_SIGNED
//
// pvStructInfo points to CERT_INFO.
//
// For CryptDecodeObject(), the pbEncoded is the "to be signed" plus its
// signature (output of a X509_CERT CryptEncodeObject()).
//
// For CryptEncodeObject(), the pbEncoded is just the "to be signed".
//--------------------------------------------------------------------------
//+-------------------------------------------------------------------------
// X509_CERT_CRL_TO_BE_SIGNED
//
// pvStructInfo points to CRL_INFO.
//
// For CryptDecodeObject(), the pbEncoded is the "to be signed" plus its
// signature (output of a X509_CERT CryptEncodeObject()).
//
// For CryptEncodeObject(), the pbEncoded is just the "to be signed".
//--------------------------------------------------------------------------
//+-------------------------------------------------------------------------
// X509_CERT_REQUEST_TO_BE_SIGNED
//
// pvStructInfo points to CERT_REQUEST_INFO.
//
// For CryptDecodeObject(), the pbEncoded is the "to be signed" plus its
// signature (output of a X509_CERT CryptEncodeObject()).
//
// For CryptEncodeObject(), the pbEncoded is just the "to be signed".
//--------------------------------------------------------------------------
//+-------------------------------------------------------------------------
// X509_EXTENSIONS
// szOID_CERT_EXTENSIONS
//
// pvStructInfo points to following CERT_EXTENSIONS.
//---------------------------------------⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -