home *** CD-ROM | disk | FTP | other *** search

---

/ Tricks of the Windows Gam…ming Gurus (2nd Edition) / Disc2.iso / vc98 / include / wintrust.h

< prev

next >

Wrap

C/C++ Source or Header  |  1998-04-25  |  30KB  |  654 lines

---

1. //+-------------------------------------------------------------------------
2. //
3. //  Microsoft Windows
4. //
5. //  Copyright 1996 - 1998 Microsoft Corporation.
6. //
7. //  File:       wintrust.h
8. //
9. //  Contents:   Microsoft Internet Security Trust Provider Model
10. //
11. //  History:    31-May-1997 created
12. //
13. //--------------------------------------------------------------------------
14.  
15. #ifndef WINTRUST_H
16. #define WINTRUST_H
17.  
18. //////////////////////////////////////////////////////////////////////////////
19. //////////////////////////////////////////////////////////////////////////////
20. //
21. //      Client definitions, typedefs, and prototypes
22. //
23. //////////////////////////////////////////////////////////////////////////////
24. //////////////////////////////////////////////////////////////////////////////
25.  
26. #pragma pack(8)
27.  
28. //////////////////////////////////////////////////////////////////////////////
29. //
30. // WINTRUST_DATA Structure
31. //----------------------------------------------------------------------------
32. //  Used when calling WinVerifyTrust to pass necessary information into
33. //  the Providers.
34. //
35. typedef struct _WINTRUST_DATA
36. {
37.     DWORD           cbStruct;                   // = sizeof(WINTRUST_DATA)
38.  
39.     LPVOID          pPolicyCallbackData;        // optional: used to pass data between the app and policy
40.  
41.     DWORD           dwUIChoice;                 // required: UI choice.  One of the following.
42. #                       define      WTD_UI_ALL              1
43. #                       define      WTD_UI_NONE             2
44. #                       define      WTD_UI_NOBAD            3
45. #                       define      WTD_UI_NOGOOD           4
46.  
47.     DWORD           fdwRevocationChecks;        // required: certificate revocation check options
48. #                       define      WTD_REVOKE_NONE         0x00000000
49. #                       define      WTD_REVOKE_WHOLECHAIN   0x00000001
50.  
51.     DWORD           dwUnionChoice;              // required: which structure is being passed in?
52. #                       define      WTD_CHOICE_FILE         1
53. #                       define      WTD_CHOICE_CATALOG      2
54. #                       define      WTD_CHOICE_BLOB         3
55. #                       define      WTD_CHOICE_SIGNER       4
56. #                       define      WTD_CHOICE_CERT         5
57.     union
58.     {
59.         struct WINTRUST_FILE_INFO_      *pFile;         // individual file
60.         struct WINTRUST_CATALOG_INFO_   *pCatalog;      // member of a Catalog File
61.         struct WINTRUST_BLOB_INFO_      *pBlob;         // memory blob
62.         struct WINTRUST_SGNR_INFO_      *pSgnr;         // signer structure only
63.         struct WINTRUST_CERT_INFO_      *pCert;
64.     };
65.  
66.     DWORD           dwStateAction;                      // future. DO NOT USE!!! (optional)
67. #                       define      WTD_STATEACTION_OPEN    1
68. #                       define      WTD_STATEACTION_VERIFY  2
69. #                       define      WTD_STATEACTION_CLOSE   3
70.  
71.     HANDLE          hWVTStateData;                      // future. DO NOT USE!!! (optional)
72.  
73. } WINTRUST_DATA, *PWINTRUST_DATA;
74.  
75. //////////////////////////////////////////////////////////////////////////////
76. //
77. // WINTRUST_FILE_INFO Structure
78. //----------------------------------------------------------------------------
79. //  Used when calling WinVerifyTrust against an individual file.
80. //
81. typedef struct WINTRUST_FILE_INFO_
82. {
83.     DWORD           cbStruct;                   // = sizeof(WINTRUST_FILE_INFO)
84.  
85.     LPCWSTR         pcwszFilePath;              // required, file name to be verified
86.     HANDLE          hFile;                      // optional, open handle to pcwszFilePath
87.       
88. } WINTRUST_FILE_INFO, *PWINTRUST_FILE_INFO;
89.  
90. //////////////////////////////////////////////////////////////////////////////
91. //
92. // WINTRUST_CATALOG_INFO Structure
93. //----------------------------------------------------------------------------
94. //  Used when calling WinVerifyTrust against a member of a Microsoft Catalog
95. //  file.
96. //
97. typedef struct WINTRUST_CATALOG_INFO_
98. {
99.     DWORD               cbStruct;               // = sizeof(WINTRUST_CATALOG_INFO)
100.  
101.     DWORD               dwCatalogVersion;       // optional: Catalog version number
102.     LPCWSTR             pcwszCatalogFilePath;   // required: path/name to Catalog file
103.  
104.     LPCWSTR             pcwszMemberTag;         // required: tag to member in Catalog
105.     LPCWSTR             pcwszMemberFilePath;    // required: path/name to member file
106.     HANDLE              hMemberFile;            // optional: open handle to pcwszMemberFilePath
107.  
108. } WINTRUST_CATALOG_INFO, *PWINTRUST_CATALOG_INFO;
109.  
110. //////////////////////////////////////////////////////////////////////////////
111. //
112. // WINTRUST_BLOB_INFO Structure
113. //----------------------------------------------------------------------------
114. //  Used when calling WinVerifyTrust against a memory blob.
115. //
116. typedef struct WINTRUST_BLOB_INFO_
117. {
118.     DWORD               cbStruct;               // = sizeof(WINTRUST_BLOB_INFO)
119.  
120.     LPCWSTR             pcwszDisplayName;       // name of the "thing" the pbMem is pointing to.
121.  
122.     DWORD               cbMem;
123.     BYTE                *pbMem;
124.  
125. } WINTRUST_BLOB_INFO, *PWINTRUST_BLOB_INFO;
126.  
127. //////////////////////////////////////////////////////////////////////////////
128. //
129. // WINTRUST_SGNR_INFO Structure
130. //----------------------------------------------------------------------------
131. //  Used when calling WinVerifyTrust against a CMSG_SIGNER_INFO Structure
132. //
133. typedef struct WINTRUST_SGNR_INFO_
134. {
135.     DWORD               cbStruct;               // = sizeof(WINTRUST_SGNR_INFO)
136.  
137.     LPCWSTR             pcwszDisplayName;       // name of the "thing" the pbMem is pointing to.
138.  
139.     CMSG_SIGNER_INFO    *psSignerInfo;
140.  
141.     DWORD               chStores;               // number of stores in pahStores
142.     HCERTSTORE          *pahStores;             // array of stores to add to internal list
143.  
144. } WINTRUST_SGNR_INFO, *PWINTRUST_SGNR_INFO;
145.  
146. //////////////////////////////////////////////////////////////////////////////
147. //
148. // WINTRUST_CERT_INFO Structure
149. //----------------------------------------------------------------------------
150. //  Used when calling WinVerifyTrust against a CERT_CONTEXT Structure
151. //
152. typedef struct WINTRUST_CERT_INFO_
153. {
154.     DWORD               cbStruct;               // = sizeof(WINTRUST_CERT_INFO)
155.  
156.     LPCWSTR             pcwszDisplayName;       // name of the "thing" the pbMem is pointing to.
157.  
158.     CERT_CONTEXT        *psCertContext;
159.  
160.     DWORD               chStores;               // number of stores in pahStores
161.     HCERTSTORE          *pahStores;             // array of stores to add to internal list
162.  
163. } WINTRUST_CERT_INFO, *PWINTRUST_CERT_INFO;
164.  
165. #pragma pack()
166.  
167.  
168. //////////////////////////////////////////////////////////////////////////////
169. //
170. // WinVerifyTrust
171. //----------------------------------------------------------------------------
172. //  Exported from WINTRUST.DLL.
173. //  Call this function to verify the trust based on a digital signer.
174. //
175. //  Returns:
176. //          ERROR_SUCCESS               If the trust is authenticated or
177. //                                      if the user accepted the risk.
178. //
179. //          TRUST_E_PROVIDER_UNKNOWN    there was an error loading one of the 
180. //                                      required Providers.
181. //
182. //          all error codes passed back are based on the Policy Provider used.
183. //
184.  
185. LONG WINAPI WinVerifyTrust(IN OPTIONAL HWND hwnd,
186.                               IN          GUID *pgActionID,
187.                               IN          LPVOID pWintrustData);
188.  
189.  
190. //////////////////////////////////////////////////////////////////////////////
191. //////////////////////////////////////////////////////////////////////////////
192. //
193. //      Trust, Policy, and UI Provider definitions, typedefs, and prototypes
194. //
195. //  Model:
196. //      A client wishing to validate trust through WinVerifyTrust will
197. //      select an appropriate Action ID guid for the call.
198. //      This guid is defined by each Policy Provider and represents the 
199. //      functions called based on the policy for the given object.
200. //
201. //      In this model, the Policy Provider determines which style of UI
202. //      will be shown to the user (this only applies to style, the 
203. //      determination of whether UI is displayed is set by the calling client
204. //      in the UI flags member of WINTRUST_DATA).
205. //
206. //      Since the function entry points are common (same return value and
207. //      parameters), it allows Policy Provider developers to take advantage 
208. //      of existing, generic, code to fill the CRYPT_PROVIDER_DATA structure.
209. //    
210. //      This also allows the developer to simply add the specific policy they
211. //      need, then, call the generic Policy Provider - if appropriate.
212. //
213. //////////////////////////////////////////////////////////////////////////////
214. //////////////////////////////////////////////////////////////////////////////
215.  
216. //////////////////////////////////////////////////////////////////////////////
217. //
218. // Supported ASN structures contained in WINTRUST.DLL
219. //----------------------------------------------------------------------------
220. //  
221. #pragma pack (8)
222.  
223. #define SPC_INDIRECT_DATA_CONTENT_STRUCT    ((LPCSTR)2003)
224. #define SPC_INDIRECT_DATA_OBJID             "1.3.6.1.4.1.311.2.1.4"
225. #define SPC_GLUE_RDN_OBJID                  "1.3.6.1.4.1.311.2.1.25"
226.  
227. typedef struct _SPC_INDIRECT_DATA_CONTENT 
228. {
229.     CRYPT_ATTRIBUTE_TYPE_VALUE    Data;
230.     CRYPT_ALGORITHM_IDENTIFIER    DigestAlgorithm;
231.     CRYPT_HASH_BLOB               Digest;
232.  
233. } SPC_INDIRECT_DATA_CONTENT, *PSPC_INDIRECT_DATA_CONTENT;
234.  
235. #pragma pack()
236.  
237.  
238. //////////////////////////////////////////////////////////////////////////////
239. //
240. // Wintrust Policy Flags
241. //----------------------------------------------------------------------------
242. //  These are set during install and can be modified by the user
243. //  through various means.  The SETREG.EXE utility (found in the Authenticode
244. //  Tools Pack) will select/deselect each of them.
245. //
246. #define WTPF_TRUSTTEST              0x00000020  // trust any "TEST" generated certificate
247. #define WTPF_TESTCANBEVALID         0x00000080 
248. #define WTPF_IGNOREEXPIRATION       0x00000100  // Use expiration date
249. #define WTPF_IGNOREREVOKATION       0x00000200  // Do revocation check
250. #define WTPF_OFFLINEOK_IND          0x00000400  // off-line is ok for individual certs
251. #define WTPF_OFFLINEOK_COM          0x00000800  // off-line is ok for commercial certs
252. #define WTPF_OFFLINEOKNBU_IND       0x00001000  // off-line is ok for individual certs, no bad ui
253. #define WTPF_OFFLINEOKNBU_COM       0x00002000  // off-line is ok for commercial certs, no bad ui
254. #define WTPF_TIMESTAMP_IND          0x00004000  // Use timestamp for individual certs
255. #define WTPF_TIMESTAMP_COM          0x00008000  // Use timestamp for commerical certs
256. #define WTPF_VERIFY_V1_OFF          0x00010000  // turn verify of v1 certs off
257. #define WTPF_IGNOREREVOCATIONONTS   0x00020000  // ignore TimeStamp revocation checks
258.  
259. //////////////////////////////////////////////////////////////////////////////
260. //
261. // WintrustGetRegPolicyFlags
262. //----------------------------------------------------------------------------
263. //  This API call is exported from WINTRUST.DLL and is the recommended method
264. //  of retrieving the DWORD representing the Policy Flags.
265. //
266. extern void WINAPI      WintrustGetRegPolicyFlags(DWORD *pdwPolicyFlags);
267.  
268.  
269. //////////////////////////////////////////////////////////////////////////////
270. //
271. // Trust Provider "Step" Error defines
272. //----------------------------------------------------------------------------
273. //  Each "step" of the Trust process has an error "slot" associated with it.
274. //  If an error occurs, the "step" will assign its result to this "slot".  These
275. //  errors can be any valid WINERROR.H HRESULT code.
276. //
277. #define TRUSTERROR_STEP_WVTPARAMS                   0
278. #define TRUSTERROR_STEP_FILEIO                      2
279. #define TRUSTERROR_STEP_SIP                         3
280. #define TRUSTERROR_STEP_SIPSUBJINFO                 5
281. #define TRUSTERROR_STEP_CATALOGFILE                 6
282. #define TRUSTERROR_STEP_CERTSTORE                   7
283. #define TRUSTERROR_STEP_MESSAGE                     8
284. #define TRUSTERROR_STEP_MSG_SIGNERCOUNT             9
285. #define TRUSTERROR_STEP_MSG_INNERCNTTYPE            10
286. #define TRUSTERROR_STEP_MSG_INNERCNT                11
287. #define TRUSTERROR_STEP_MSG_STORE                   12
288. #define TRUSTERROR_STEP_MSG_SIGNERINFO              13
289. #define TRUSTERROR_STEP_MSG_SIGNERCERT              14
290. #define TRUSTERROR_STEP_MSG_CERTCHAIN               15
291. #define TRUSTERROR_STEP_MSG_COUNTERSIGINFO          16
292. #define TRUSTERROR_STEP_MSG_COUNTERSIGCERT          17
293. #define TRUSTERROR_STEP_VERIFY_MSGHASH              18
294. #define TRUSTERROR_STEP_VERIFY_MSGINDIRECTDATA      19
295.  
296. #define TRUSTERROR_STEP_FINAL_WVTINIT               30
297. #define TRUSTERROR_STEP_FINAL_INITPROV              31
298. #define TRUSTERROR_STEP_FINAL_OBJPROV               32
299. #define TRUSTERROR_STEP_FINAL_SIGPROV               33
300. #define TRUSTERROR_STEP_FINAL_CERTPROV              34
301. #define TRUSTERROR_STEP_FINAL_CERTCHKPROV           35
302. #define TRUSTERROR_STEP_FINAL_POLICYPROV            36
303. #define TRUSTERROR_STEP_FINAL_UIPROV                37
304.  
305. #define TRUSTERROR_MAX_STEPS                        38
306.  
307. //////////////////////////////////////////////////////////////////////////////
308. //
309. //  allocation and free function prototypes
310. //----------------------------------------------------------------------------
311. //
312. typedef void        *(*PFN_CPD_MEM_ALLOC)(IN DWORD cbSize);
313. typedef void        (*PFN_CPD_MEM_FREE)(IN void *pvMem2Free);
314.  
315. typedef BOOL        (*PFN_CPD_ADD_STORE)(IN struct _CRYPT_PROVIDER_DATA *pProvData, 
316.                                          IN HCERTSTORE hStore2Add);
317.  
318. typedef BOOL        (*PFN_CPD_ADD_SGNR)(IN          struct _CRYPT_PROVIDER_DATA *pProvData, 
319.                                         IN          BOOL fCounterSigner,
320.                                         IN OPTIONAL DWORD idxSigner,
321.                                         IN          struct _CRYPT_PROVIDER_SGNR *pSgnr2Add);
322.  
323. typedef BOOL        (*PFN_CPD_ADD_CERT)(IN          struct _CRYPT_PROVIDER_DATA *pProvData, 
324.                                         IN          DWORD idxSigner,
325.                                         IN          BOOL fCounterSigner,
326.                                         IN OPTIONAL DWORD idxCounterSigner,
327.                                         IN          PCCERT_CONTEXT pCert2Add);
328.  
329. typedef BOOL        (*PFN_CPD_ADD_PRIVDATA)(IN struct _CRYPT_PROVIDER_DATA *pProvData,
330.                                             IN struct _CRYPT_PROVIDER_PRIVDATA *pPrivData2Add);
331.  
332. //////////////////////////////////////////////////////////////////////////////
333. //
334. //  Provider function prototypes
335. //----------------------------------------------------------------------------
336. //
337.  
338. //
339. //  entry point for the object provider
340. //
341. typedef HRESULT     (*PFN_PROVIDER_INIT_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
342.  
343. //
344. //  entry point for the object provider
345. //
346. typedef HRESULT     (*PFN_PROVIDER_OBJTRUST_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
347.  
348. //
349. //  entry point for the Signature Provider
350. //
351. typedef HRESULT     (*PFN_PROVIDER_SIGTRUST_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
352.  
353. //
354. //  entry point for the Certificate Provider
355. //
356. typedef HRESULT     (*PFN_PROVIDER_CERTTRUST_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
357.  
358. //
359. //  entry point for the Policy Provider's final call (from the trust provider)
360. //
361. typedef HRESULT     (*PFN_PROVIDER_FINALPOLICY_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
362.  
363. //
364. //  entry point for the Policy Provider's "dump structure" call 
365. //
366. typedef HRESULT     (*PFN_PROVIDER_TESTFINALPOLICY_CALL)(IN OUT struct _CRYPT_PROVIDER_DATA *pProvData);
367.  
368. //
369. //  entry point for the Policy Provider's Cert Check call.  This will return
370. //  true if the Trust Provider is to continue building the certificate chain.
371. //  If the PP returns FALSE, it is assumed that we have reached a "TRUSTED",
372. //  self-signed, root.
373. //
374. typedef BOOL        (*PFN_PROVIDER_CERTCHKPOLICY_CALL)( IN          struct _CRYPT_PROVIDER_DATA *pProvData, 
375.                                                         IN          DWORD idxSigner,
376.                                                         IN          BOOL fCounterSignerChain,
377.                                                         IN OPTIONAL DWORD idxCounterSigner);
378.  
379. #pragma pack(8)
380.  
381. //////////////////////////////////////////////////////////////////////////////
382. //
383. // CRYPT_PROVIDER_FUNCTIONS structure
384. //----------------------------------------------------------------------------
385. //
386. //
387. typedef struct _CRYPT_PROVIDER_FUNCTIONS
388. {
389.     DWORD                               cbStruct;
390.  
391.     PFN_CPD_MEM_ALLOC                   pfnAlloc;               // set in WVT
392.     PFN_CPD_MEM_FREE                    pfnFree;                // set in WVT
393.  
394.     PFN_CPD_ADD_STORE                   pfnAddStore2Chain;      // call to add a store to the chain.
395.     PFN_CPD_ADD_SGNR                    pfnAddSgnr2Chain;       // call to add a sgnr struct to a msg struct sgnr chain
396.     PFN_CPD_ADD_CERT                    pfnAddCert2Chain;       // call to add a cert struct to a sgnr struct cert chain
397.     PFN_CPD_ADD_PRIVDATA                pfnAddPrivData2Chain;   // call to add provider private data to struct.
398.  
399.     PFN_PROVIDER_INIT_CALL              pfnInitialize;          // initialize Policy data.
400.     PFN_PROVIDER_OBJTRUST_CALL          pfnObjectTrust;         // build info up to the signer info(s).
401.     PFN_PROVIDER_SIGTRUST_CALL          pfnSignatureTrust;      // build info to the signing cert
402.     PFN_PROVIDER_CERTTRUST_CALL         pfnCertificateTrust;    // build the chain
403.     PFN_PROVIDER_FINALPOLICY_CALL       pfnFinalPolicy;         // final call to policy
404.     PFN_PROVIDER_CERTCHKPOLICY_CALL     pfnCertCheckPolicy;     // check each cert will building chain
405.     PFN_PROVIDER_TESTFINALPOLICY_CALL   pfnTestFinalPolicy;     // dump structures to a file (or whatever the policy chooses)
406.  
407. } CRYPT_PROVIDER_FUNCTIONS, *PCRYPT_PROVIDER_FUNCTIONS;
408.  
409. //////////////////////////////////////////////////////////////////////////////
410. //
411. // CRYPT_PROVIDER_CERT structure
412. //----------------------------------------------------------------------------
413. //  After the Signature and Certificate Providers are finished there will 
414. //  be zero to many of these filled out in the CRYPT_PROVIDER_SGNR 
415. //  structure.  One for each certificate in the chain.
416. //  
417. //
418. typedef struct _CRYPT_PROVIDER_CERT
419. {
420.     DWORD                       cbStruct;
421.  
422.     PCCERT_CONTEXT              pCert;              // must have its own ref-count!
423.  
424.     BOOL                        fCommercial;
425.     BOOL                        fTrustedRoot;       // certchk policy should set this.
426.     BOOL                        fSelfSigned;        // set in cert provider
427.  
428.     BOOL                        fTestCert;          // certchk policy will set
429.  
430.     DWORD                       dwRevokedReason;
431.  
432.     DWORD                       dwConfidence;       // set in the Certificate Provider
433. #                                   define  CERT_CONFIDENCE_SIG          0x10000000
434. #                                   define  CERT_CONFIDENCE_TIME         0x01000000
435. #                                   define  CERT_CONFIDENCE_TIMENEST     0x00100000
436. #                                   define  CERT_CONFIDENCE_AUTHIDEXT    0x00010000
437. #                                   define  CERT_CONFIDENCE_HIGHEST      0x11110000
438.  
439.     DWORD                       dwError;
440.  
441. } CRYPT_PROVIDER_CERT, *PCRYPT_PROVIDER_CERT;
442.  
443. //////////////////////////////////////////////////////////////////////////////
444. //
445. // CRYPT_PROVIDER_SGNR structure
446. //----------------------------------------------------------------------------
447. //  After the Signature Provider is finished there will be zero to many of these
448. //  filled out.  One for each signer of the message.  Also, there will be zero 
449. //  to many of these filled out inside this structure.  One for each counter 
450. //  signer of the signer.
451. //  
452. //  IMPORTANT:  1.  All dynamically allocated members MUST use allocation
453. //                  and Add2 functions provided.
454. //
455. typedef struct _CRYPT_PROVIDER_SGNR
456. {
457.     DWORD                       cbStruct;
458.  
459.     FILETIME                    sftVerifyAsOf;      // either today's filetime or the timestamps
460.  
461.     DWORD                       csCertChain;        // do NOT set manually.
462.     CRYPT_PROVIDER_CERT         *pasCertChain;      // use the Add2 allocator
463.  
464.     DWORD                       dwSignerType;       // set if known by policy
465. #                                   define  SGNR_TYPE_TIMESTAMP     0x00000010
466.  
467.     CMSG_SIGNER_INFO            *psSigner;          // must use the pfnAlloc allocator!
468.  
469.     DWORD                       dwError;            // error encounted while building/verifying the signer.
470.  
471.     DWORD                       csCounterSigners;   // do NOT set manually.
472.     struct _CRYPT_PROVIDER_SGNR *pasCounterSigners; // use the Add2 allocator.
473.  
474. } CRYPT_PROVIDER_SGNR, *PCRYPT_PROVIDER_SGNR;
475.  
476. //////////////////////////////////////////////////////////////////////////////
477. //
478. // CRYPT_PROVIDER_PRIVDATA structure
479. //----------------------------------------------------------------------------
480. //  This structure is to allow Policy Provider functions to share
481. //  POLICY SPECIFIC data between Policy Functions.
482. //  The Policy must use the pfnAddPrivateData2Chain function and 
483. //  must free any data within the member before the Final Policy returns
484. //  to WVT.  
485. //  To allow multiple providers to use this feature, each provider that
486. //  uses this member must set the provider ID to it's Action ID so that 
487. //  the provider can find its data and ignore any other.
488. //
489. typedef struct _CRYPT_PROVIDER_PRIVDATA
490. {
491.     DWORD                           cbStruct;
492.  
493.     GUID                            gProviderID;
494.  
495.     DWORD                           cbProvData;
496.     void                            *pvProvData;
497.  
498. } CRYPT_PROVIDER_PRIVDATA, *PCRYPT_PROVIDER_PRIVDATA;
499.  
500. //////////////////////////////////////////////////////////////////////////////
501. //
502. // CRYPT_PROVIDER_DATA Structure
503. //----------------------------------------------------------------------------
504. //  Used to pass information between WinVerifyTrust and all of the Provider
505. //  calls.
506. //
507. //  IMPORTANT:  1.  All dynamically allocated members MUST use the allocation
508. //                  and Add2 functions provided.
509. //
510. typedef struct _CRYPT_PROVIDER_DATA
511. {
512.     DWORD                       cbStruct;               // = sizeof(TRUST_PROVIDER_DATA) (set in WVT)
513.  
514.     WINTRUST_DATA               *pWintrustData;         // NOT verified (set in WVT)
515.     BOOL                        fOpenedFile;            // the provider opened the file handle (if applicable)
516.     HWND                        hWndParent;             // if passed in, else, Desktop hWnd (set in WVT).
517.     GUID                        *pgActionID;            // represents the Provider combination (set in WVT).
518.  
519.     HCRYPTPROV                  hProv;                  // set in WVT
520.  
521.     DWORD                       dwError;                // error to be returned
522.  
523.     DWORD                       dwRegSecuritySettings;  // ie security settings (set in WVT)
524.     DWORD                       dwRegPolicySettings;    // setreg settings (set in WVT)
525.  
526.     CRYPT_PROVIDER_FUNCTIONS    sPfns;                  // set in WVT.
527.  
528.     DWORD                       cdwTrustStepErrors;     // set in WVT.
529.     DWORD                       *padwTrustStepErrors;   // allocated in WVT.  filled in WVT & Trust Provider
530.  
531.     DWORD                       chStores;               // number of stores in pahStores (root set in WVT)
532.     HCERTSTORE                  *pahStores;             // array of known stores (root set in WVT) root is ALWAYS #0!!!
533.  
534.     DWORD                       dwEncoding;             // message encoding type (set in WVT and Signature Prov)
535.     HCRYPTMSG                   hMsg;                   // set in Signature Prov.
536.  
537.     GUID                        gSubject;               // subject guid of file/member file. (set in Sig Prov)
538.     struct SIP_DISPATCH_INFO_   *pSip;                  // set in Sig Prov - defined in sipbase.h
539.     struct SIP_DISPATCH_INFO_   *pCATSip;               // set in Sig Prov - defined in sipbase.h
540.     struct SIP_SUBJECTINFO_     *psSipSubjectInfo;      // set in Sig Prov - defined in sipbase.h
541.     struct SIP_SUBJECTINFO_     *psSipCATSubjectInfo;   // set in Sig Prov - defined in sipbase.h
542.     struct SIP_INDIRECT_DATA_   *psIndirectData;        // set in Sig Prov - defined in sipbase.h
543.  
544.     DWORD                       csSigners;              // use Add2 function!
545.     CRYPT_PROVIDER_SGNR         *pasSigners;            // use Add2 function!
546.  
547.     DWORD                       csProvPrivData;         // use Add2 function!
548.     CRYPT_PROVIDER_PRIVDATA     *pasProvPrivData;       // use Add2 function!
549.  
550. } CRYPT_PROVIDER_DATA, *PCRYPT_PROVIDER_DATA;
551.  
552.  
553. //////////////////////////////////////////////////////////////////////////////
554. //
555. // structures used to register action IDs
556. //----------------------------------------------------------------------------
557. //
558. typedef struct _CRYPT_TRUST_REG_ENTRY
559. {
560.     DWORD                   cbStruct;
561.  
562.     WCHAR                   *pwszDLLName;
563.     WCHAR                   *pwszFunctionName;
564.  
565. } CRYPT_TRUST_REG_ENTRY, *PCRYPT_TRUST_REG_ENTRY;
566.  
567. typedef struct _CRYPT_REGISTER_ACTIONID
568. {
569.     DWORD                   cbStruct;
570.  
571.     CRYPT_TRUST_REG_ENTRY   sInitProvider;
572.     CRYPT_TRUST_REG_ENTRY   sObjectProvider;
573.     CRYPT_TRUST_REG_ENTRY   sSignatureProvider;
574.     CRYPT_TRUST_REG_ENTRY   sCertificateProvider;
575.     CRYPT_TRUST_REG_ENTRY   sCertificatePolicyProvider;
576.     CRYPT_TRUST_REG_ENTRY   sFinalPolicyProvider;
577.     CRYPT_TRUST_REG_ENTRY   sTestPolicyProvider;
578.  
579. } CRYPT_REGISTER_ACTIONID, *PCRYPT_REGISTER_ACTIONID;
580.  
581. #pragma pack()
582.  
583. //////////////////////////////////////////////////////////////////////////////
584. //
585. // WINTRUST.DLL Provider defines
586. //----------------------------------------------------------------------------
587. //  The following are definitions of the Microsoft Generic Cert Provider
588. //  
589. #define WT_CURRENT_VERSION                  0x00000200
590. #define WT_MAX_FUNC_NAME                    128
591.  
592. #define WT_PROVIDER_DLL_NAME                L"WINTRUST.DLL"
593. #define WT_PROVIDER_CERTTRUST_FUNCTION      L"WintrustCertificateTrust"
594.  
595. //////////////////////////////////////////////////////////////////////////////
596. //
597. // WintrustAddActionID
598. //----------------------------------------------------------------------------
599. //  Adds a new Provider combination to the users' 
600. //  system.  Creates all necessary registry entries, etc.  This should be done
601. //  during the Policy Provider's DllRegisterServer.
602. //
603. //  *** THE ONLY ONE WHO SHOULD CALL THIS IS THE POLICY PROVIDER ***
604. // 
605. // Returns: 
606. //      TRUE:                           No fatal errors
607. //      FALSE:                          Errors occured.  See GetLastError()
608. //
609. extern BOOL WINAPI  WintrustAddActionID(IN GUID *pgActionID, 
610.                                         IN DWORD fdwReserved,    // future use.
611.                                         IN CRYPT_REGISTER_ACTIONID *psProvInfo);
612.  
613.  
614. //////////////////////////////////////////////////////////////////////////////
615. //
616. // WintrustRemoveActionID
617. //----------------------------------------------------------------------------
618. //  Removes the Provider action combination from the users'
619. //  system.
620. // 
621. // Returns: 
622. //      TRUE:                           No fatal errors
623. //      FALSE:                          Errors occured.  See GetLastError()
624. //
625. extern BOOL WINAPI  WintrustRemoveActionID(IN GUID *pgActionID);
626.  
627. //////////////////////////////////////////////////////////////////////////////
628. //
629. // WintrustLoadFunctionPointers
630. //----------------------------------------------------------------------------
631. //  Retrieves the function entry points based on the Action ID given.
632. // 
633. // Returns: 
634. //      TRUE                            success.
635. //      FALSE                           fail.
636. //
637. extern BOOL WINAPI WintrustLoadFunctionPointers(GUID *pgActionID, CRYPT_PROVIDER_FUNCTIONS *pPfns);
638.  
639. //
640. //  helper functions exported from wintrust.dll
641. //
642. extern HANDLE WINAPI            WTHelperGetFileHandle(WINTRUST_DATA *pWintrustData);
643. extern WCHAR * WINAPI           WTHelperGetFileName(WINTRUST_DATA *pWintrustData);
644. extern PCCERT_CONTEXT WINAPI    WTHelperCertFindIssuerCertificate(CRYPT_PROVIDER_DATA *pProvData, 
645.                                                                   CRYPT_PROVIDER_SGNR *pSgnr,
646.                                                                   PCCERT_CONTEXT pChildContext,
647.                                                                   DWORD *pdwConfidence,
648.                                                                   DWORD *pdwError);
649. extern BOOL WINAPI              WTHelperCertIsSelfSigned(DWORD dwEncoding, CERT_INFO *pCert);
650. extern BOOL WINAPI              WTHelperOpenKnownStores(CRYPT_PROVIDER_DATA *pProvData);
651.  
652.  
653. #endif // WINTRUST_H
654.