/mingw-w64-headers/include/schannel.h
C Header | 376 lines | 302 code | 69 blank | 5 comment | 0 complexity | b38c81f1d17594f218fdc4dacb7b4b7a MD5 | raw file
- /**
- * This file has no copyright assigned and is placed in the Public Domain.
- * This file is part of the mingw-w64 runtime package.
- * No warranty is given; refer to the file DISCLAIMER.PD within this package.
- */
- #ifndef __SCHANNEL_H__
- #define __SCHANNEL_H__
- #include <_mingw_unicode.h>
- #include <wincrypt.h>
- #define UNISP_NAME_A "Microsoft Unified Security Protocol Provider"
- #define UNISP_NAME_W L"Microsoft Unified Security Protocol Provider"
- #define SSL2SP_NAME_A "Microsoft SSL 2.0"
- #define SSL2SP_NAME_W L"Microsoft SSL 2.0"
- #define SSL3SP_NAME_A "Microsoft SSL 3.0"
- #define SSL3SP_NAME_W L"Microsoft SSL 3.0"
- #define TLS1SP_NAME_A "Microsoft TLS 1.0"
- #define TLS1SP_NAME_W L"Microsoft TLS 1.0"
- #define PCT1SP_NAME_A "Microsoft PCT 1.0"
- #define PCT1SP_NAME_W L"Microsoft PCT 1.0"
- #define SCHANNEL_NAME_A "Schannel"
- #define SCHANNEL_NAME_W L"Schannel"
- #define UNISP_NAME __MINGW_NAME_UAW(UNISP_NAME)
- #define PCT1SP_NAME __MINGW_NAME_UAW(PCT1SP_NAME)
- #define SSL2SP_NAME __MINGW_NAME_UAW(SSL2SP_NAME)
- #define SSL3SP_NAME __MINGW_NAME_UAW(SSL3SP_NAME)
- #define TLS1SP_NAME __MINGW_NAME_UAW(TLS1SP_NAME)
- #define SCHANNEL_NAME __MINGW_NAME_UAW(SCHANNEL_NAME)
- #define UNISP_RPC_ID 14
- #define SECPKG_ATTR_ISSUER_LIST 0x50
- #define SECPKG_ATTR_REMOTE_CRED 0x51
- #define SECPKG_ATTR_LOCAL_CRED 0x52
- #define SECPKG_ATTR_REMOTE_CERT_CONTEXT 0x53
- #define SECPKG_ATTR_LOCAL_CERT_CONTEXT 0x54
- #define SECPKG_ATTR_ROOT_STORE 0x55
- #define SECPKG_ATTR_SUPPORTED_ALGS 0x56
- #define SECPKG_ATTR_CIPHER_STRENGTHS 0x57
- #define SECPKG_ATTR_SUPPORTED_PROTOCOLS 0x58
- #define SECPKG_ATTR_ISSUER_LIST_EX 0x59
- #define SECPKG_ATTR_CONNECTION_INFO 0x5a
- #define SECPKG_ATTR_EAP_KEY_BLOCK 0x5b
- #define SECPKG_ATTR_MAPPED_CRED_ATTR 0x5c
- #define SECPKG_ATTR_SESSION_INFO 0x5d
- #define SECPKG_ATTR_APP_DATA 0x5e
- typedef struct _SecPkgContext_IssuerListInfo {
- DWORD cbIssuerList;
- PBYTE pIssuerList;
- } SecPkgContext_IssuerListInfo,*PSecPkgContext_IssuerListInfo;
- typedef struct _SecPkgContext_RemoteCredentialInfo {
- DWORD cbCertificateChain;
- PBYTE pbCertificateChain;
- DWORD cCertificates;
- DWORD fFlags;
- DWORD dwBits;
- } SecPkgContext_RemoteCredentialInfo,*PSecPkgContext_RemoteCredentialInfo;
- typedef SecPkgContext_RemoteCredentialInfo SecPkgContext_RemoteCredenitalInfo,*PSecPkgContext_RemoteCredenitalInfo;
- #define RCRED_STATUS_NOCRED 0x00000000
- #define RCRED_CRED_EXISTS 0x00000001
- #define RCRED_STATUS_UNKNOWN_ISSUER 0x00000002
- typedef struct _SecPkgContext_LocalCredentialInfo {
- DWORD cbCertificateChain;
- PBYTE pbCertificateChain;
- DWORD cCertificates;
- DWORD fFlags;
- DWORD dwBits;
- } SecPkgContext_LocalCredentialInfo,*PSecPkgContext_LocalCredentialInfo;
- typedef SecPkgContext_LocalCredentialInfo SecPkgContext_LocalCredenitalInfo,*PSecPkgContext_LocalCredenitalInfo;
- #define LCRED_STATUS_NOCRED 0x00000000
- #define LCRED_CRED_EXISTS 0x00000001
- #define LCRED_STATUS_UNKNOWN_ISSUER 0x00000002
- typedef struct _SecPkgCred_SupportedAlgs {
- DWORD cSupportedAlgs;
- ALG_ID *palgSupportedAlgs;
- } SecPkgCred_SupportedAlgs,*PSecPkgCred_SupportedAlgs;
- typedef struct _SecPkgCred_CipherStrengths {
- DWORD dwMinimumCipherStrength;
- DWORD dwMaximumCipherStrength;
- } SecPkgCred_CipherStrengths,*PSecPkgCred_CipherStrengths;
- typedef struct _SecPkgCred_SupportedProtocols {
- DWORD grbitProtocol;
- } SecPkgCred_SupportedProtocols,*PSecPkgCred_SupportedProtocols;
- typedef struct _SecPkgContext_IssuerListInfoEx {
- PCERT_NAME_BLOB aIssuers;
- DWORD cIssuers;
- } SecPkgContext_IssuerListInfoEx,*PSecPkgContext_IssuerListInfoEx;
- typedef struct _SecPkgContext_ConnectionInfo {
- DWORD dwProtocol;
- ALG_ID aiCipher;
- DWORD dwCipherStrength;
- ALG_ID aiHash;
- DWORD dwHashStrength;
- ALG_ID aiExch;
- DWORD dwExchStrength;
- } SecPkgContext_ConnectionInfo,*PSecPkgContext_ConnectionInfo;
- typedef struct _SecPkgContext_EapKeyBlock {
- BYTE rgbKeys[128];
- BYTE rgbIVs[64];
- } SecPkgContext_EapKeyBlock,*PSecPkgContext_EapKeyBlock;
- typedef struct _SecPkgContext_MappedCredAttr {
- DWORD dwAttribute;
- PVOID pvBuffer;
- } SecPkgContext_MappedCredAttr,*PSecPkgContext_MappedCredAttr;
- #define SSL_SESSION_RECONNECT 1
- typedef struct _SecPkgContext_SessionInfo {
- DWORD dwFlags;
- DWORD cbSessionId;
- BYTE rgbSessionId[32];
- } SecPkgContext_SessionInfo,*PSecPkgContext_SessionInfo;
- typedef struct _SecPkgContext_SessionAppData {
- DWORD dwFlags;
- DWORD cbAppData;
- PBYTE pbAppData;
- } SecPkgContext_SessionAppData,*PSecPkgContext_SessionAppData;
- #define SCH_CRED_V1 0x00000001
- #define SCH_CRED_V2 0x00000002
- #define SCH_CRED_VERSION 0x00000002
- #define SCH_CRED_V3 0x00000003
- #define SCHANNEL_CRED_VERSION 0x00000004
- struct _HMAPPER;
- typedef struct _SCHANNEL_CRED {
- DWORD dwVersion;
- DWORD cCreds;
- PCCERT_CONTEXT *paCred;
- HCERTSTORE hRootStore;
- DWORD cMappers;
- struct _HMAPPER **aphMappers;
- DWORD cSupportedAlgs;
- ALG_ID *palgSupportedAlgs;
- DWORD grbitEnabledProtocols;
- DWORD dwMinimumCipherStrength;
- DWORD dwMaximumCipherStrength;
- DWORD dwSessionLifespan;
- DWORD dwFlags;
- DWORD dwCredFormat;
- } SCHANNEL_CRED,*PSCHANNEL_CRED;
- #define SCH_CRED_FORMAT_CERT_HASH 0x00000001
- #define SCH_CRED_MAX_SUPPORTED_ALGS 256
- #define SCH_CRED_MAX_SUPPORTED_CERTS 100
- typedef struct _SCHANNEL_CERT_HASH {
- DWORD dwLength;
- DWORD dwFlags;
- HCRYPTPROV hProv;
- BYTE ShaHash[20];
- } SCHANNEL_CERT_HASH,*PSCHANNEL_CERT_HASH;
- #define SCH_MACHINE_CERT_HASH 0x00000001
- #define SCH_CRED_NO_SYSTEM_MAPPER 0x00000002
- #define SCH_CRED_NO_SERVERNAME_CHECK 0x00000004
- #define SCH_CRED_MANUAL_CRED_VALIDATION 0x00000008
- #define SCH_CRED_NO_DEFAULT_CREDS 0x00000010
- #define SCH_CRED_AUTO_CRED_VALIDATION 0x00000020
- #define SCH_CRED_USE_DEFAULT_CREDS 0x00000040
- #define SCH_CRED_DISABLE_RECONNECTS 0x00000080
- #define SCH_CRED_REVOCATION_CHECK_END_CERT 0x00000100
- #define SCH_CRED_REVOCATION_CHECK_CHAIN 0x00000200
- #define SCH_CRED_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT 0x00000400
- #define SCH_CRED_IGNORE_NO_REVOCATION_CHECK 0x00000800
- #define SCH_CRED_IGNORE_REVOCATION_OFFLINE 0x00001000
- #define SCH_CRED_REVOCATION_CHECK_CACHE_ONLY 0x00004000
- #define SCH_CRED_CACHE_ONLY_URL_RETRIEVAL 0x00008000
- #define SCHANNEL_RENEGOTIATE 0
- #define SCHANNEL_SHUTDOWN 1
- #define SCHANNEL_ALERT 2
- #define SCHANNEL_SESSION 3
- typedef struct _SCHANNEL_ALERT_TOKEN {
- DWORD dwTokenType;
- DWORD dwAlertType;
- DWORD dwAlertNumber;
- } SCHANNEL_ALERT_TOKEN;
- #define TLS1_ALERT_WARNING 1
- #define TLS1_ALERT_FATAL 2
- #define TLS1_ALERT_CLOSE_NOTIFY 0
- #define TLS1_ALERT_UNEXPECTED_MESSAGE 10
- #define TLS1_ALERT_BAD_RECORD_MAC 20
- #define TLS1_ALERT_DECRYPTION_FAILED 21
- #define TLS1_ALERT_RECORD_OVERFLOW 22
- #define TLS1_ALERT_DECOMPRESSION_FAIL 30
- #define TLS1_ALERT_HANDSHAKE_FAILURE 40
- #define TLS1_ALERT_BAD_CERTIFICATE 42
- #define TLS1_ALERT_UNSUPPORTED_CERT 43
- #define TLS1_ALERT_CERTIFICATE_REVOKED 44
- #define TLS1_ALERT_CERTIFICATE_EXPIRED 45
- #define TLS1_ALERT_CERTIFICATE_UNKNOWN 46
- #define TLS1_ALERT_ILLEGAL_PARAMETER 47
- #define TLS1_ALERT_UNKNOWN_CA 48
- #define TLS1_ALERT_ACCESS_DENIED 49
- #define TLS1_ALERT_DECODE_ERROR 50
- #define TLS1_ALERT_DECRYPT_ERROR 51
- #define TLS1_ALERT_EXPORT_RESTRICTION 60
- #define TLS1_ALERT_PROTOCOL_VERSION 70
- #define TLS1_ALERT_INSUFFIENT_SECURITY 71
- #define TLS1_ALERT_INTERNAL_ERROR 80
- #define TLS1_ALERT_USER_CANCELED 90
- #define TLS1_ALERT_NO_RENEGOTIATATION 100
- #define SSL_SESSION_ENABLE_RECONNECTS 1
- #define SSL_SESSION_DISABLE_RECONNECTS 2
- typedef struct _SCHANNEL_SESSION_TOKEN {
- DWORD dwTokenType;
- DWORD dwFlags;
- } SCHANNEL_SESSION_TOKEN;
- #define CERT_SCHANNEL_IIS_PRIVATE_KEY_PROP_ID (CERT_FIRST_USER_PROP_ID + 0)
- #define CERT_SCHANNEL_IIS_PASSWORD_PROP_ID (CERT_FIRST_USER_PROP_ID + 1)
- #define CERT_SCHANNEL_SGC_CERTIFICATE_PROP_ID (CERT_FIRST_USER_PROP_ID + 2)
- #define SP_PROT_PCT1_SERVER 0x00000001
- #define SP_PROT_PCT1_CLIENT 0x00000002
- #define SP_PROT_PCT1 (SP_PROT_PCT1_SERVER | SP_PROT_PCT1_CLIENT)
- #define SP_PROT_SSL2_SERVER 0x00000004
- #define SP_PROT_SSL2_CLIENT 0x00000008
- #define SP_PROT_SSL2 (SP_PROT_SSL2_SERVER | SP_PROT_SSL2_CLIENT)
- #define SP_PROT_SSL3_SERVER 0x00000010
- #define SP_PROT_SSL3_CLIENT 0x00000020
- #define SP_PROT_SSL3 (SP_PROT_SSL3_SERVER | SP_PROT_SSL3_CLIENT)
- #define SP_PROT_TLS1_SERVER 0x00000040
- #define SP_PROT_TLS1_CLIENT 0x00000080
- #define SP_PROT_TLS1 (SP_PROT_TLS1_SERVER | SP_PROT_TLS1_CLIENT)
- #define SP_PROT_SSL3TLS1_CLIENTS (SP_PROT_TLS1_CLIENT | SP_PROT_SSL3_CLIENT)
- #define SP_PROT_SSL3TLS1_SERVERS (SP_PROT_TLS1_SERVER | SP_PROT_SSL3_SERVER)
- #define SP_PROT_SSL3TLS1 (SP_PROT_SSL3 | SP_PROT_TLS1)
- #define SP_PROT_UNI_SERVER 0x40000000
- #define SP_PROT_UNI_CLIENT 0x80000000
- #define SP_PROT_UNI (SP_PROT_UNI_SERVER | SP_PROT_UNI_CLIENT)
- #define SP_PROT_ALL 0xffffffff
- #define SP_PROT_NONE 0
- #define SP_PROT_CLIENTS (SP_PROT_PCT1_CLIENT | SP_PROT_SSL2_CLIENT | SP_PROT_SSL3_CLIENT | SP_PROT_UNI_CLIENT | SP_PROT_TLS1_CLIENT)
- #define SP_PROT_SERVERS (SP_PROT_PCT1_SERVER | SP_PROT_SSL2_SERVER | SP_PROT_SSL3_SERVER | SP_PROT_UNI_SERVER | SP_PROT_TLS1_SERVER)
- typedef WINBOOL (*SSL_EMPTY_CACHE_FN_A)(LPSTR pszTargetName,DWORD dwFlags);
- WINBOOL SslEmptyCacheA(LPSTR pszTargetName,DWORD dwFlags);
- typedef WINBOOL (*SSL_EMPTY_CACHE_FN_W)(LPWSTR pszTargetName,DWORD dwFlags);
- WINBOOL SslEmptyCacheW(LPWSTR pszTargetName,DWORD dwFlags);
- #define SSL_EMPTY_CACHE_FN __MINGW_NAME_UAW(SSL_EMPTY_CACHE_FN)
- #define SslEmptyCache __MINGW_NAME_AW(SslEmptyCache)
- typedef struct _SSL_CREDENTIAL_CERTIFICATE {
- DWORD cbPrivateKey;
- PBYTE pPrivateKey;
- DWORD cbCertificate;
- PBYTE pCertificate;
- PSTR pszPassword;
- } SSL_CREDENTIAL_CERTIFICATE,*PSSL_CREDENTIAL_CERTIFICATE;
- #define SCHANNEL_SECRET_TYPE_CAPI 0x00000001
- #define SCHANNEL_SECRET_PRIVKEY 0x00000002
- #define SCH_CRED_X509_CERTCHAIN 0x00000001
- #define SCH_CRED_X509_CAPI 0x00000002
- #define SCH_CRED_CERT_CONTEXT 0x00000003
- struct _HMAPPER;
- typedef struct _SCH_CRED {
- DWORD dwVersion;
- DWORD cCreds;
- PVOID *paSecret;
- PVOID *paPublic;
- DWORD cMappers;
- struct _HMAPPER **aphMappers;
- } SCH_CRED,*PSCH_CRED;
- typedef struct _SCH_CRED_SECRET_CAPI {
- DWORD dwType;
- HCRYPTPROV hProv;
- } SCH_CRED_SECRET_CAPI,*PSCH_CRED_SECRET_CAPI;
- typedef struct _SCH_CRED_SECRET_PRIVKEY {
- DWORD dwType;
- PBYTE pPrivateKey;
- DWORD cbPrivateKey;
- PSTR pszPassword;
- } SCH_CRED_SECRET_PRIVKEY,*PSCH_CRED_SECRET_PRIVKEY;
- typedef struct _SCH_CRED_PUBLIC_CERTCHAIN {
- DWORD dwType;
- DWORD cbCertChain;
- PBYTE pCertChain;
- } SCH_CRED_PUBLIC_CERTCHAIN,*PSCH_CRED_PUBLIC_CERTCHAIN;
- typedef struct _SCH_CRED_PUBLIC_CAPI {
- DWORD dwType;
- HCRYPTPROV hProv;
- } SCH_CRED_PUBLIC_CAPI,*PSCH_CRED_PUBLIC_CAPI;
- typedef struct _PctPublicKey {
- DWORD Type;
- DWORD cbKey;
- UCHAR pKey[1];
- } PctPublicKey;
- typedef struct _X509Certificate {
- DWORD Version;
- DWORD SerialNumber[4];
- ALG_ID SignatureAlgorithm;
- FILETIME ValidFrom;
- FILETIME ValidUntil;
- PSTR pszIssuer;
- PSTR pszSubject;
- PctPublicKey *pPublicKey;
- } X509Certificate,*PX509Certificate;
- WINBOOL SslGenerateKeyPair(PSSL_CREDENTIAL_CERTIFICATE pCerts,PSTR pszDN,PSTR pszPassword,DWORD Bits);
- VOID SslGenerateRandomBits(PUCHAR pRandomData,LONG cRandomData);
- WINBOOL SslCrackCertificate(PUCHAR pbCertificate,DWORD cbCertificate,DWORD dwFlags,PX509Certificate *ppCertificate);
- VOID SslFreeCertificate(PX509Certificate pCertificate);
- DWORD WINAPI SslGetMaximumKeySize(DWORD Reserved);
- WINBOOL SslGetDefaultIssuers(PBYTE pbIssuers,DWORD *pcbIssuers);
- #define SSL_CRACK_CERTIFICATE_NAME TEXT("SslCrackCertificate")
- #define SSL_FREE_CERTIFICATE_NAME TEXT("SslFreeCertificate")
- typedef WINBOOL (WINAPI *SSL_CRACK_CERTIFICATE_FN)(PUCHAR pbCertificate,DWORD cbCertificate,WINBOOL VerifySignature,PX509Certificate *ppCertificate);
- typedef VOID (WINAPI *SSL_FREE_CERTIFICATE_FN)(PX509Certificate pCertificate);
- #if (_WIN32_WINNT >= 0x0600)
- typedef struct _SecPkgContext_EapPrfInfo {
- DWORD dwVersion;
- DWORD cbPrfData;
- } SecPkgContext_EapPrfInfo, *PSecPkgContext_EapPrfInfo;
- #endif /*(_WIN32_WINNT >= 0x0600)*/
- #if (_WIN32_WINNT >= 0x0601)
- typedef struct _SecPkgContext_SupportedSignatures {
- WORD cSignatureAndHashAlgorithms;
- WORD *pSignatureAndHashAlgorithms;
- } SecPkgContext_SupportedSignatures, *PSecPkgContext_SupportedSignatures;
- #endif /*(_WIN32_WINNT >= 0x0601)*/
- #endif