schnlsp.h

c语言编程软件vc6.0中文绿色版_vc6.0官方下载

//+---------------------------------------------------------------------------
//
//  Microsoft Windows
//  Copyright 1992 - 1998 Microsoft Corporation.
//
//  File:       schnlsp.h
//
//  Contents:   Public Definitions for SCHANNEL Security Provider
//
//  Classes:
//
//  Functions:
//
//  History:    6-8-96   Created
//
//----------------------------------------------------------------------------

#ifndef __SCHNLSP_H__
#define __SCHNLSP_H__

#include <wincrypt.h>


#define UNISP_NAME_A    "Microsoft Unified Security Protocol Provider"
#define UNISP_NAME_W    L"Microsoft Unified Security Protocol Provider"

#define SSL2SP_NAME_A    "Microsoft SSL 2.0"
#define SSL2SP_NAME_W    L"Microsoft SSL 2.0"

#define SSL3SP_NAME_A    "Microsoft SSL 3.0"
#define SSL3SP_NAME_W    L"Microsoft SSL 3.0"

#define TLS1SP_NAME_A    "Microsoft TLS 1.0"
#define TLS1SP_NAME_W    L"Microsoft TLS 1.0"

#define PCT1SP_NAME_A    "Microsoft PCT 1.0"
#define PCT1SP_NAME_W    L"Microsoft PCT 1.0"


#ifdef UNICODE

#define UNISP_NAME  UNISP_NAME_W
#define PCT1SP_NAME  PCT1SP_NAME_W
#define SSL2SP_NAME  SSL2SP_NAME_W
#define SSL3SP_NAME  SSL3SP_NAME_W
#define TLS1SP_NAME  TLS1SP_NAME_W

#else

#define UNISP_NAME  UNISP_NAME_A
#define PCT1SP_NAME  PCT1SP_NAME_A
#define SSL2SP_NAME  SSL2SP_NAME_A
#define SSL3SP_NAME  SSL3SP_NAME_A
#define TLS1SP_NAME  TLS1SP_NAME_A

#endif

#define SSL2SP_RPC_ID    12
#define PCT1SP_RPC_ID    13
#define SSL3SP_RPC_ID    14
#define UNISP_RPC_ID     15
#define TLS1SP_RPC_ID    16



#define SCH_CRED_V1              0x00000001
#define SCH_CRED_V2              0x00000002  // for legacy code
#define SCH_CRED_VERSION         0x00000002  // for legacy code
#define SCHANNEL_CRED_VERSION    0x00000003




//
// QueryContextAttributes/QueryCredentialsAttribute extensions
//
#define SECPKG_ATTR_REMOTE_CERT_CONTEXT  0x53  // returns PCCERT_CONTEXT
#define SECPKG_ATTR_LOCAL_CERT_CONTEXT   0x54  // returns PCCERT_CONTEXT
#define SECPKG_ATTR_ROOT_STORE           0x55  // returns HCERTCONTEXT to the root store
#define SECPKG_ATTR_SUPPORTED_ALGS       0x56  // returns SecPkgCred_SupportedAlgs
#define SECPKG_ATTR_CIPHER_STRENGTHS     0x57  // returns SecPkgCred_CipherStrengths
#define SECPKG_ATTR_SUPPORTED_PROTOCOLS  0x58  // returns SecPkgCred_SupportedProtocols
#define SECPKG_ATTR_ISSUER_LIST_EX       0x59  // returns SecPkgContext_IssuerListInfoEx
#define SECPKG_ATTR_CONNECTION_INFO      0x5a  // returns SecPkgContext_ConnectionInfo



typedef struct _SecPkgCred_SupportedAlgs
{
    DWORD		cSupportedAlgs;
    ALG_ID		*palgSupportedAlgs;
} SecPkgCred_SupportedAlgs, *PSecPkgCred_SupportedAlgs;

typedef struct _SecPkgCred_CipherStrengths
{
    DWORD       dwMinimumCipherStrength;
    DWORD       dwMaximumCipherStrength;
} SecPkgCred_CipherStrengths, *PSecPkgCred_CipherStrengths;

typedef struct _SecPkgCred_SupportedProtocols
{
    DWORD      	grbitProtocol;
} SecPkgCred_SupportedProtocols, *PSecPkgCred_SupportedProtocols;

typedef struct _SecPkgContext_IssuerListInfoEx
{
    PCERT_NAME_BLOB   	aIssuers;
    DWORD           	cIssuers;
} SecPkgContext_IssuerListInfoEx, *PSecPkgContext_IssuerListInfoEx;

typedef struct _SecPkgContext_ConnectionInfo
{
    DWORD    dwProtocol;
    ALG_ID   aiCipher;
    DWORD    dwCipherStrength;
    ALG_ID   aiHash;
    DWORD    dwHashStrength;
    ALG_ID   aiExch;
    DWORD    dwExchStrength;
}SecPkgContext_ConnectionInfo, *PSecPkgContext_ConnectionInfo;


//
// SCHANNEL Credentials data structure
//
struct _HMAPPER;

typedef struct _SCHANNEL_CRED
{
    DWORD           dwVersion;
    DWORD           cCreds;
    PCCERT_CONTEXT  *paCred; 
    HCERTSTORE      hRootStore;

    DWORD            cMappers;                
    struct _HMAPPER  **aphMappers;     

    DWORD           cSupportedAlgs;
    ALG_ID          *palgSupportedAlgs;

    DWORD           grbitEnabledProtocols;
    DWORD           dwMinimumCipherStrength;
    DWORD           dwMaximumCipherStrength;
    DWORD           dwSessionLifespan;

} SCHANNEL_CRED, *PSCHANNEL_CRED;


// 
//
// ApplyControlToken PkgParams types
//
// These identifiers are the DWORD types
// to be passed into ApplyControlToken
// through a PkgParams buffer.

//
// SCHANNEL_RENEGOTIATE
//
// Cause SCHANNEL to renegotiate 
// a connection.
//
#define SCHANNEL_RENEGOTIATE 0

//
// SCHANNEL_SHUTDOWN
//
// Cause SCHANNEL to shutdown 
// a connection.
//

#define SCHANNEL_SHUTDOWN    1


//
//
// ADDITIONAL SCHANNEL ERROR CODES
//
//


//
// MessageId: SEC_I_INCOMPLETE_CREDENTIALS
//
// MessageText:
//
//  If this is returned from InitializeSecurityContext, it indicates
//  that the credentials supplied were incomplete, and client-auth was
//  attempted.  On receipt, the client should call QueryContextAttributes
//  with SECPKG_ATTR_LOCAL_CERT to get the cert that was negotiated,
//  and the supply the private key with this cert to AcquireCredential
//  to get a new credential.  The context should then be closed, 
//  and renegotiation should be completed.
//  
//
#define SEC_I_INCOMPLETE_CREDENTIALS      ((HRESULT)0x00090320L)

#define SEC_E_INCOMPLETE_CREDENTIALS      ((HRESULT)0x80090320L)


//
// MessageId: SEC_I_RENEGOTIATE
//
// MessageText:
//
// This is returned by UnsealMessage, and indicates that the app should
// restart the renegotiation loop.  It should use the existing context, and
// pass in no data in the input buffers for the first call to AcceptSecurityContext
// or InitializeSecurityContext. 
//
#define SEC_I_RENEGOTIATE            ((HRESULT)0x00090321L)



//
//
// ADDITIONAL SCHANNEL CERTIFICATE PROPERTIES
//
//


// This property specifies the DER private key data associated with this
// certificate.  It is for use with legacy IIS style private keys.
//
// PBYTE
//
#define CERT_SCHANNEL_IIS_PRIVATE_KEY_PROP_ID  (CERT_FIRST_USER_PROP_ID + 0)

// The password used to crack the private key associated with the certificate.
// It is for use with legacy IIS style private keys.
//
// PBYTE
#define CERT_SCHANNEL_IIS_PASSWORD_PROP_ID  (CERT_FIRST_USER_PROP_ID + 1)

// This is the unique ID of a Server Gated Cryptography certificate associated
// with this certificate.
//
// CRYPT_BIT_BLOB
#define CERT_SCHANNEL_SGC_CERTIFICATE_PROP_ID  (CERT_FIRST_USER_PROP_ID + 2)



//
// Flags for identifying the various different protocols.
//

/* flag/identifiers for protocols we support */
#define SP_PROT_PCT1_SERVER             0x00000001
#define SP_PROT_PCT1_CLIENT             0x00000002
#define SP_PROT_PCT1                    (SP_PROT_PCT1_SERVER | SP_PROT_PCT1_CLIENT)

#define SP_PROT_SSL2_SERVER             0x00000004
#define SP_PROT_SSL2_CLIENT             0x00000008
#define SP_PROT_SSL2                    (SP_PROT_SSL2_SERVER | SP_PROT_SSL2_CLIENT)

#define SP_PROT_SSL3_SERVER             0x00000010
#define SP_PROT_SSL3_CLIENT             0x00000020
#define SP_PROT_SSL3                    (SP_PROT_SSL3_SERVER | SP_PROT_SSL3_CLIENT)

#define SP_PROT_TLS1_SERVER             0x00000040
#define SP_PROT_TLS1_CLIENT             0x00000080
#define SP_PROT_TLS1                    (SP_PROT_TLS1_SERVER | SP_PROT_TLS1_CLIENT)

#define SP_PROT_SSL3TLS1_CLIENTS        (SP_PROT_TLS1_CLIENT | SP_PROT_SSL3_CLIENT)
#define SP_PROT_SSL3TLS1_SERVERS        (SP_PROT_TLS1_SERVER | SP_PROT_SSL3_SERVER)