home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Tricks of the Windows Gam…ming Gurus (2nd Edition)
/
Disc2.iso
/
vc98
/
include
/
wintrust.h
< prev
next >
Wrap
C/C++ Source or Header
|
1998-04-25
|
30KB
|
654 lines
//+-------------------------------------------------------------------------
//
// Microsoft Windows
//
// Copyright 1996 - 1998 Microsoft Corporation.
//
// File: wintrust.h
//
// Contents: Microsoft Internet Security Trust Provider Model
//
// History: 31-May-1997 created
//
//--------------------------------------------------------------------------
#ifndef WINTRUST_H
#define WINTRUST_H
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
//
// Client definitions, typedefs, and prototypes
//
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
#pragma pack(8)
//////////////////////////////////////////////////////////////////////////////
//
// WINTRUST_DATA Structure
//----------------------------------------------------------------------------
// Used when calling WinVerifyTrust to pass necessary information into
// the Providers.
//
typedef struct _WINTRUST_DATA
{
DWORD cbStruct; // = sizeof(WINTRUST_DATA)
LPVOID pPolicyCallbackData; // optional: used to pass data between the app and policy
DWORD dwUIChoice; // required: UI choice. One of the following.
# define WTD_UI_ALL 1
# define WTD_UI_NONE 2
# define WTD_UI_NOBAD 3
# define WTD_UI_NOGOOD 4
DWORD fdwRevocationChecks; // required: certificate revocation check options
# define WTD_REVOKE_NONE 0x00000000
# define WTD_REVOKE_WHOLECHAIN 0x00000001
DWORD dwUnionChoice; // required: which structure is being passed in?
# define WTD_CHOICE_FILE 1
# define WTD_CHOICE_CATALOG 2
# define WTD_CHOICE_BLOB 3
# define WTD_CHOICE_SIGNER 4
# define WTD_CHOICE_CERT 5
union
{
struct WINTRUST_FILE_INFO_ *pFile; // individual file
struct WINTRUST_CATALOG_INFO_ *pCatalog; // member of a Catalog File
struct WINTRUST_BLOB_INFO_ *pBlob; // memory blob
struct WINTRUST_SGNR_INFO_ *pSgnr; // signer structure only
struct WINTRUST_CERT_INFO_ *pCert;
};
DWORD dwStateAction; // future. DO NOT USE!!! (optional)
# define WTD_STATEACTION_OPEN 1
# define WTD_STATEACTION_VERIFY 2
# define WTD_STATEACTION_CLOSE 3
HANDLE hWVTStateData; // future. DO NOT USE!!! (optional)
} WINTRUST_DATA, *PWINTRUST_DATA;
//////////////////////////////////////////////////////////////////////////////
//
// WINTRUST_FILE_INFO Structure
//----------------------------------------------------------------------------
// Used when calling WinVerifyTrust against an individual file.
//
typedef struct WINTRUST_FILE_INFO_
{
DWORD cbStruct; // = sizeof(WINTRUST_FILE_INFO)
LPCWSTR pcwszFilePath; // required, file name to be verified
HANDLE hFile; // optional, open handle to pcwszFilePath
} WINTRUST_FILE_INFO, *PWINTRUST_FILE_INFO;
//////////////////////////////////////////////////////////////////////////////
//
// WINTRUST_CATALOG_INFO Structure
//----------------------------------------------------------------------------
// Used when calling WinVerifyTrust against a member of a Microsoft Catalog
// file.
//
typedef struct WINTRUST_CATALOG_INFO_
{
DWORD cbStruct; // = sizeof(WINTRUST_CATALOG_INFO)
DWORD dwCatalogVersion; // optional: Catalog version number
LPCWSTR pcwszCatalogFilePath; // required: path/name to Catalog file
LPCWSTR pcwszMemberTag; // required: tag to member in Catalog
LPCWSTR pcwszMemberFilePath; // required: path/name to member file
HANDLE hMemberFile; // optional: open handle to pcwszMemberFilePath
} WINTRUST_CATALOG_INFO, *PWINTRUST_CATALOG_INFO;
//////////////////////////////////////////////////////////////////////////////
//
// WINTRUST_BLOB_INFO Structure
//----------------------------------------------------------------------------
// Used when calling WinVerifyTrust against a memory blob.
//
typedef struct WINTRUST_BLOB_INFO_
{
DWORD cbStruct; // = sizeof(WINTRUST_BLOB_INFO)
LPCWSTR pcwszDisplayName; // name of the "thing" the pbMem is pointing to.
DWORD cbMem;
BYTE *pbMem;
} WINTRUST_BLOB_INFO, *PWINTRUST_BLOB_INFO;
//////////////////////////////////////////////////////////////////////////////
//
// WINTRUST_SGNR_INFO Structure
//----------------------------------------------------------------------------
// Used when calling WinVerifyTrust against a CMSG_SIGNER_INFO Structure
//
typedef struct WINTRUST_SGNR_INFO_
{
DWORD cbStruct; // = sizeof(WINTRUST_SGNR_INFO)
LPCWSTR pcwszDisplayName; // name of the "thing" the pbMem is pointing to.
CMSG_SIGNER_INFO *psSignerInfo;
DWORD chStores; // number of stores in pahStores
HCERTSTORE *pahStores; // array of stores to add to internal list
} WINTRUST_SGNR_INFO, *PWINTRUST_SGNR_INFO;
//////////////////////////////////////////////////////////////////////////////
//
// WINTRUST_CERT_INFO Structure
//----------------------------------------------------------------------------
// Used when calling WinVerifyTrust against a CERT_CONTEXT Structure
//
typedef struct WINTRUST_CERT_INFO_
{
DWORD cbStruct; // = sizeof(WINTRUST_CERT_INFO)
LPCWSTR pcwszDisplayName; // name of the "thing" the pbMem is pointing to.
CERT_CONTEXT *psCertContext;
DWORD chStores; // number of stores in pahStores
HCERTSTORE *pahStores; // array of stores to add to internal list
} WINTRUST_CERT_INFO, *PWINTRUST_CERT_INFO;
#pragma pack()
//////////////////////////////////////////////////////////////////////////////
//
// WinVerifyTrust
//----------------------------------------------------------------------------
// Exported from WINTRUST.DLL.
// Call this function to verify the trust based on a digital signer.
//
// Returns:
// ERROR_SUCCESS If the trust is authenticated or
// if the user accepted the risk.
//
// TRUST_E_PROVIDER_UNKNOWN there was an error loading one of the
// required Providers.
//
// all error codes passed back are based on the Policy Provider used.
//
LONG WINAPI WinVerifyTrust(IN OPTIONAL HWND hwnd,
IN GUID *pgActionID,
IN LPVOID pWintrustData);
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
//
// Trust, Policy, and UI Provider definitions, typedefs, and prototypes
//
// Model:
// A client wishing to validate trust through WinVerifyTrust will
// select an appropriate Action ID guid for the call.
// This guid is defined by each Policy Provider and represents the
// functions called based on the policy for the given object.
//
// In this model, the Policy Provider determines which style of UI
// will be shown to the user (this only applies to style, the
// determination of whether UI is displayed is set by the calling client
// in the UI flags member of WINTRUST_DATA).
//
// Since the function entry points are common (same return value and
// parameters), it allows Policy Provider developers to take advantage
// of existing, generic, code to fill the CRYPT_PROVIDER_DATA structure.
//
// This also allows the developer to simply add the specific policy they
// need, then, call the generic Policy Provider - if appropriate.
//
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
//
// Supported ASN structures contained in WINTRUST.DLL
//----------------------------------------------------------------------------
//
#pragma pack (8)
#define SPC_INDIRECT_DATA_CONTENT_STRUCT ((LPCSTR)2003)
#define SPC_INDIRECT_DATA_OBJID "1.3.6.1.4.1.311.2.1.4"
#define SPC_GLUE_RDN_OBJID "1.3.6.1.4.1.311.2.1.25"
typedef struct _SPC_INDIRECT_DATA_CONTENT
{
CRYPT_ATTRIBUTE_TYPE_VALUE Data;
CRYPT_ALGORITHM_IDENTIFIER DigestAlgorithm;
CRYPT_HASH_BLOB Digest;
} SPC_INDIRECT_DATA_CONTENT, *PSPC_INDIRECT_DATA_CONTENT;
#pragma pack()
//////////////////////////////////////////////////////////////////////////////
//
// Wintrust Policy Flags
//----------------------------------------------------------------------------
// These are set during install and can be modified by the user
// through various means. The SETREG.EXE utility (found in the Authenticode
// Tools Pack) will select/deselect each of them.
//
#define WTPF_TRUSTTEST 0x00000020 // trust any "TEST" generated certificate
#define WTPF_TESTCANBEVALID 0x00000080
#define WTPF_IGNOREEXPIRATION 0x00000100 // Use expiration date
#define WTPF_IGNOREREVOKATION 0x00000200 // Do revocation check
#define WTPF_OFFLINEOK_IND 0x00000400 // off-line is ok for individual certs
#define WTPF_OFFLINEOK_COM 0x00000800 // off-line is ok for commercial certs
#define WTPF_OFFLINEOKNBU_IND 0x00001000 // off-line is ok for individual certs, no bad ui
#define WTPF_OFFLINEOKNBU_COM 0x00002000 // off-line is ok for commercial certs, no bad ui
#define WTPF_TIMESTAMP_IND 0x00004000 // Use timestamp for individual certs
#define WTPF_TIMESTAMP_COM 0x00008000 // Use timestamp for commerical certs
#define WTPF_VERIFY_V1_OFF 0x00010000 // turn verify of v1 certs off
#define WTPF_IGNOREREVOCATIONONTS 0x00020000 // ignore TimeStamp revocation checks
//////////////////////////////////////////////////////////////////////////////
//
// WintrustGetRegPolicyFlags
//----------------------------------------------------------------------------
// This API call is exported from WINTRUST.DLL and is the recommended method
// of retrieving the DWORD representing the Policy Flags.
//
extern void WINAPI WintrustGetRegPolicyFlags(DWORD *pdwPolicyFlags);
//////////////////////////////////////////////////////////////////////////////
//
// Trust Provider "Step" Error defines
//----------------------------------------------------------------------------
// Each "step" of the Trust process has an error "slot" associated with it.
// If an error occurs, the "step" will assign its result to this "slot". These
// errors can be any valid WINERROR.H HRESULT code.
//
#define TRUSTERROR_STEP_WVTPARAMS 0
#define TRUSTERROR_STEP_FILEIO 2
#define TRUSTERROR_STEP_SIP 3
#define TRUSTERROR_STEP_SIPSUBJINFO 5
#define TRUSTERROR_STEP_CATALOGFILE 6
#define TRUSTERROR_STEP_CERTSTORE 7
#define TRUSTERROR_STEP_MESSAGE 8
#define TRUSTERROR_STEP_MSG_SIGNERCOUNT 9
#define TRUSTERROR_STEP_MSG_INNERCNTTYPE 10
#define TRUSTERROR_STEP_MSG_INNERCNT 11
#define TRUSTERROR_STEP_MSG_STORE 12
#define TRUSTERROR_STEP_MSG_SIGNERINFO 13
#define TRUSTERROR_STEP_MSG_SIGNERCERT 14
#define TRUSTERROR_STEP_MSG_CERTCHAIN 15
#define TRUSTERROR_STEP_MSG_COUNTERSIGINFO 16
#define TRUSTERROR_STEP_MSG_COUNTERSIGCERT 17
#define TRUSTERROR_STEP_VERIFY_MSGHASH 18
#define TRUSTERROR_STEP_VERIFY_MSGINDIRECTDATA 19
#define TRUSTERROR_STEP_FINAL_WVTINIT 30
#define TRUSTERROR_STEP_FINAL_INITPROV 31
#define TRUSTERROR_STEP_FINAL_OBJPROV 32
#define TRUSTERROR_STEP_FINAL_SIGPROV 33
#define TRUSTERROR_STEP_FINAL_CERTPROV 34
#define TRUSTERROR_STEP_FINAL_CERTCHKPROV 35
#define TRUSTERROR_STEP_FINAL_POLICYPROV 36
#define TRUSTERROR_STEP_FINAL_UIPROV 37
#define TRUSTERROR_MAX_STEPS 38
//////////////////////////////////////////////////////////////////////////////
//
// allocation and free function prototypes
//----------------------------------------------------------------------------
//
typedef void *(*PFN_CPD_MEM_ALLOC)(IN DWORD cbSize);
typedef void (*PFN_CPD_MEM_FREE)(IN void *pvMem2Free);
typedef BOOL (*PFN_CPD_ADD_STORE)(IN struct _CRYPT_PROVIDER_DATA *pProvData,
IN HCERTSTORE hStore2Add);
typedef BOOL (*PFN_CPD_ADD_SGNR)(IN struct _CRYPT_PROVIDER_DATA *pProvData,
IN BOOL fCounterSigner,
IN OPTIONAL DWORD idxSigner,
IN struct _CRYPT_PROVIDER_SGNR *pSgnr2Add);
typedef BOOL (*PFN_CPD_ADD_CERT)(IN struct _CRYPT_PROVIDER_DATA *pProvData,
IN DWORD idxSigner,
IN BOOL fCounterSigner,
IN OPTIONAL DWORD idxCounterSigner,
IN PCCERT_CONTEXT pCert2Add);
typedef BOOL (*PFN_CPD_ADD_PRIVDATA)(IN struct _CRYPT_PROVIDER_DATA *pProvData,
IN struct _CRYPT_PROVIDER_PRIVDATA *pPrivData2Add);
//////////////////////////////////////////////////////////////////////////////
//
// Provider function prototypes
//----------------------------------------------------------------------------
//
//
// entry point for the object provider
//
typedef HRESULT (*PFN_PROVIDER_INIT_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//
// entry point for the object provider
//
typedef HRESULT (*PFN_PROVIDER_OBJTRUST_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//
// entry point for the Signature Provider
//
typedef HRESULT (*PFN_PROVIDER_SIGTRUST_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//
// entry point for the Certificate Provider
//
typedef HRESULT (*PFN_PROVIDER_CERTTRUST_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//
// entry point for the Policy Provider's final call (from the trust provider)
//
typedef HRESULT (*PFN_PROVIDER_FINALPOLICY_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//
// entry point for the Policy Provider's "dump structure" call
//
typedef HRESULT (*PFN_PROVIDER_TESTFINALPOLICY_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
//
// entry point for the Policy Provider's Cert Check call. This will return
// true if the Trust Provider is to continue building the certificate chain.
// If the PP returns FALSE, it is assumed that we have reached a "TRUSTED",
// self-signed, root.
//
typedef BOOL (*PFN_PROVIDER_CERTCHKPOLICY_CALL)( IN struct _CRYPT_PROVIDER_DATA *pProvData,
IN DWORD idxSigner,
IN BOOL fCounterSignerChain,
IN OPTIONAL DWORD idxCounterSigner);
#pragma pack(8)
//////////////////////////////////////////////////////////////////////////////
//
// CRYPT_PROVIDER_FUNCTIONS structure
//----------------------------------------------------------------------------
//
//
typedef struct _CRYPT_PROVIDER_FUNCTIONS
{
DWORD cbStruct;
PFN_CPD_MEM_ALLOC pfnAlloc; // set in WVT
PFN_CPD_MEM_FREE pfnFree; // set in WVT
PFN_CPD_ADD_STORE pfnAddStore2Chain; // call to add a store to the chain.
PFN_CPD_ADD_SGNR pfnAddSgnr2Chain; // call to add a sgnr struct to a msg struct sgnr chain
PFN_CPD_ADD_CERT pfnAddCert2Chain; // call to add a cert struct to a sgnr struct cert chain
PFN_CPD_ADD_PRIVDATA pfnAddPrivData2Chain; // call to add provider private data to struct.
PFN_PROVIDER_INIT_CALL pfnInitialize; // initialize Policy data.
PFN_PROVIDER_OBJTRUST_CALL pfnObjectTrust; // build info up to the signer info(s).
PFN_PROVIDER_SIGTRUST_CALL pfnSignatureTrust; // build info to the signing cert
PFN_PROVIDER_CERTTRUST_CALL pfnCertificateTrust; // build the chain
PFN_PROVIDER_FINALPOLICY_CALL pfnFinalPolicy; // final call to policy
PFN_PROVIDER_CERTCHKPOLICY_CALL pfnCertCheckPolicy; // check each cert will building chain
PFN_PROVIDER_TESTFINALPOLICY_CALL pfnTestFinalPolicy; // dump structures to a file (or whatever the policy chooses)
} CRYPT_PROVIDER_FUNCTIONS, *PCRYPT_PROVIDER_FUNCTIONS;
//////////////////////////////////////////////////////////////////////////////
//
// CRYPT_PROVIDER_CERT structure
//----------------------------------------------------------------------------
// After the Signature and Certificate Providers are finished there will
// be zero to many of these filled out in the CRYPT_PROVIDER_SGNR
// structure. One for each certificate in the chain.
//
//
typedef struct _CRYPT_PROVIDER_CERT
{
DWORD cbStruct;
PCCERT_CONTEXT pCert; // must have its own ref-count!
BOOL fCommercial;
BOOL fTrustedRoot; // certchk policy should set this.
BOOL fSelfSigned; // set in cert provider
BOOL fTestCert; // certchk policy will set
DWORD dwRevokedReason;
DWORD dwConfidence; // set in the Certificate Provider
# define CERT_CONFIDENCE_SIG 0x10000000
# define CERT_CONFIDENCE_TIME 0x01000000
# define CERT_CONFIDENCE_TIMENEST 0x00100000
# define CERT_CONFIDENCE_AUTHIDEXT 0x00010000
# define CERT_CONFIDENCE_HIGHEST 0x11110000
DWORD dwError;
} CRYPT_PROVIDER_CERT, *PCRYPT_PROVIDER_CERT;
//////////////////////////////////////////////////////////////////////////////
//
// CRYPT_PROVIDER_SGNR structure
//----------------------------------------------------------------------------
// After the Signature Provider is finished there will be zero to many of these
// filled out. One for each signer of the message. Also, there will be zero
// to many of these filled out inside this structure. One for each counter
// signer of the signer.
//
// IMPORTANT: 1. All dynamically allocated members MUST use allocation
// and Add2 functions provided.
//
typedef struct _CRYPT_PROVIDER_SGNR
{
DWORD cbStruct;
FILETIME sftVerifyAsOf; // either today's filetime or the timestamps
DWORD csCertChain; // do NOT set manually.
CRYPT_PROVIDER_CERT *pasCertChain; // use the Add2 allocator
DWORD dwSignerType; // set if known by policy
# define SGNR_TYPE_TIMESTAMP 0x00000010
CMSG_SIGNER_INFO *psSigner; // must use the pfnAlloc allocator!
DWORD dwError; // error encounted while building/verifying the signer.
DWORD csCounterSigners; // do NOT set manually.
struct _CRYPT_PROVIDER_SGNR *pasCounterSigners; // use the Add2 allocator.
} CRYPT_PROVIDER_SGNR, *PCRYPT_PROVIDER_SGNR;
//////////////////////////////////////////////////////////////////////////////
//
// CRYPT_PROVIDER_PRIVDATA structure
//----------------------------------------------------------------------------
// This structure is to allow Policy Provider functions to share
// POLICY SPECIFIC data between Policy Functions.
// The Policy must use the pfnAddPrivateData2Chain function and
// must free any data within the member before the Final Policy returns
// to WVT.
// To allow multiple providers to use this feature, each provider that
// uses this member must set the provider ID to it's Action ID so that
// the provider can find its data and ignore any other.
//
typedef struct _CRYPT_PROVIDER_PRIVDATA
{
DWORD cbStruct;
GUID gProviderID;
DWORD cbProvData;
void *pvProvData;
} CRYPT_PROVIDER_PRIVDATA, *PCRYPT_PROVIDER_PRIVDATA;
//////////////////////////////////////////////////////////////////////////////
//
// CRYPT_PROVIDER_DATA Structure
//----------------------------------------------------------------------------
// Used to pass information between WinVerifyTrust and all of the Provider
// calls.
//
// IMPORTANT: 1. All dynamically allocated members MUST use the allocation
// and Add2 functions provided.
//
typedef struct _CRYPT_PROVIDER_DATA
{
DWORD cbStruct; // = sizeof(TRUST_PROVIDER_DATA) (set in WVT)
WINTRUST_DATA *pWintrustData; // NOT verified (set in WVT)
BOOL fOpenedFile; // the provider opened the file handle (if applicable)
HWND hWndParent; // if passed in, else, Desktop hWnd (set in WVT).
GUID *pgActionID; // represents the Provider combination (set in WVT).
HCRYPTPROV hProv; // set in WVT
DWORD dwError; // error to be returned
DWORD dwRegSecuritySettings; // ie security settings (set in WVT)
DWORD dwRegPolicySettings; // setreg settings (set in WVT)
CRYPT_PROVIDER_FUNCTIONS sPfns; // set in WVT.
DWORD cdwTrustStepErrors; // set in WVT.
DWORD *padwTrustStepErrors; // allocated in WVT. filled in WVT & Trust Provider
DWORD chStores; // number of stores in pahStores (root set in WVT)
HCERTSTORE *pahStores; // array of known stores (root set in WVT) root is ALWAYS #0!!!
DWORD dwEncoding; // message encoding type (set in WVT and Signature Prov)
HCRYPTMSG hMsg; // set in Signature Prov.
GUID gSubject; // subject guid of file/member file. (set in Sig Prov)
struct SIP_DISPATCH_INFO_ *pSip; // set in Sig Prov - defined in sipbase.h
struct SIP_DISPATCH_INFO_ *pCATSip; // set in Sig Prov - defined in sipbase.h
struct SIP_SUBJECTINFO_ *psSipSubjectInfo; // set in Sig Prov - defined in sipbase.h
struct SIP_SUBJECTINFO_ *psSipCATSubjectInfo; // set in Sig Prov - defined in sipbase.h
struct SIP_INDIRECT_DATA_ *psIndirectData; // set in Sig Prov - defined in sipbase.h
DWORD csSigners; // use Add2 function!
CRYPT_PROVIDER_SGNR *pasSigners; // use Add2 function!
DWORD csProvPrivData; // use Add2 function!
CRYPT_PROVIDER_PRIVDATA *pasProvPrivData; // use Add2 function!
} CRYPT_PROVIDER_DATA, *PCRYPT_PROVIDER_DATA;
//////////////////////////////////////////////////////////////////////////////
//
// structures used to register action IDs
//----------------------------------------------------------------------------
//
typedef struct _CRYPT_TRUST_REG_ENTRY
{
DWORD cbStruct;
WCHAR *pwszDLLName;
WCHAR *pwszFunctionName;
} CRYPT_TRUST_REG_ENTRY, *PCRYPT_TRUST_REG_ENTRY;
typedef struct _CRYPT_REGISTER_ACTIONID
{
DWORD cbStruct;
CRYPT_TRUST_REG_ENTRY sInitProvider;
CRYPT_TRUST_REG_ENTRY sObjectProvider;
CRYPT_TRUST_REG_ENTRY sSignatureProvider;
CRYPT_TRUST_REG_ENTRY sCertificateProvider;
CRYPT_TRUST_REG_ENTRY sCertificatePolicyProvider;
CRYPT_TRUST_REG_ENTRY sFinalPolicyProvider;
CRYPT_TRUST_REG_ENTRY sTestPolicyProvider;
} CRYPT_REGISTER_ACTIONID, *PCRYPT_REGISTER_ACTIONID;
#pragma pack()
//////////////////////////////////////////////////////////////////////////////
//
// WINTRUST.DLL Provider defines
//----------------------------------------------------------------------------
// The following are definitions of the Microsoft Generic Cert Provider
//
#define WT_CURRENT_VERSION 0x00000200
#define WT_MAX_FUNC_NAME 128
#define WT_PROVIDER_DLL_NAME L"WINTRUST.DLL"
#define WT_PROVIDER_CERTTRUST_FUNCTION L"WintrustCertificateTrust"
//////////////////////////////////////////////////////////////////////////////
//
// WintrustAddActionID
//----------------------------------------------------------------------------
// Adds a new Provider combination to the users'
// system. Creates all necessary registry entries, etc. This should be done
// during the Policy Provider's DllRegisterServer.
//
// *** THE ONLY ONE WHO SHOULD CALL THIS IS THE POLICY PROVIDER ***
//
// Returns:
// TRUE: No fatal errors
// FALSE: Errors occured. See GetLastError()
//
extern BOOL WINAPI WintrustAddActionID(IN GUID *pgActionID,
IN DWORD fdwReserved, // future use.
IN CRYPT_REGISTER_ACTIONID *psProvInfo);
//////////////////////////////////////////////////////////////////////////////
//
// WintrustRemoveActionID
//----------------------------------------------------------------------------
// Removes the Provider action combination from the users'
// system.
//
// Returns:
// TRUE: No fatal errors
// FALSE: Errors occured. See GetLastError()
//
extern BOOL WINAPI WintrustRemoveActionID(IN GUID *pgActionID);
//////////////////////////////////////////////////////////////////////////////
//
// WintrustLoadFunctionPointers
//----------------------------------------------------------------------------
// Retrieves the function entry points based on the Action ID given.
//
// Returns:
// TRUE success.
// FALSE fail.
//
extern BOOL WINAPI WintrustLoadFunctionPointers(GUID *pgActionID, CRYPT_PROVIDER_FUNCTIONS *pPfns);
//
// helper functions exported from wintrust.dll
//
extern HANDLE WINAPI WTHelperGetFileHandle(WINTRUST_DATA *pWintrustData);
extern WCHAR * WINAPI WTHelperGetFileName(WINTRUST_DATA *pWintrustData);
extern PCCERT_CONTEXT WINAPI WTHelperCertFindIssuerCertificate(CRYPT_PROVIDER_DATA *pProvData,
CRYPT_PROVIDER_SGNR *pSgnr,
PCCERT_CONTEXT pChildContext,
DWORD *pdwConfidence,
DWORD *pdwError);
extern BOOL WINAPI WTHelperCertIsSelfSigned(DWORD dwEncoding, CERT_INFO *pCert);
extern BOOL WINAPI WTHelperOpenKnownStores(CRYPT_PROVIDER_DATA *pProvData);
#endif // WINTRUST_H