//depot/Lab03_N/DS/security/cryptoapi/common/keysvc/keysvc.idl#7 - edit change 8790 (text) //depot/Lab03_N/DS/security/cryptoapi/common/keysvc/keysvc.idl#4 - edit change 6380 (text) //+------------------------------------------------------------------------- // // Microsoft Windows // // Copyright (C) Microsoft Corporation, 1997 - 1999 // // File: keysvc.idl // //-------------------------------------------------------------------------- import "unknwn.idl"; import "basetsd.h"; //////////////////////////// // Interfaces [ uuid(8d0ffe72-d252-11d0-bf8f-00c04fd9126b), version(1.0), pointer_default(unique) ] interface IKeySvc { typedef struct _KEYSVC_UNICODE_STRING { USHORT Length; USHORT MaximumLength; //#ifdef MIDL_PASS [size_is(MaximumLength / 2), length_is((Length) / 2) ] //#endif // MIDL_PASS USHORT *Buffer; } KEYSVC_UNICODE_STRING, *PKEYSVC_UNICODE_STRING; typedef enum _KEYSVC_TYPE { KeySvcMachine, KeySvcService } KEYSVC_TYPE; typedef enum _KEYSVC_DEFTYPE { DefUserProv, DefMachineProv } KEYSVC_DEFTYPE; typedef ULONG KEYSVC_HANDLE, *PKEYSVC_HANDLE; typedef struct _KEYSVC_BLOB { ULONG cb; [size_is(cb), length_is(cb)] BYTE *pb; } KEYSVC_BLOB, *PKEYSVC_BLOB; // provider type and provider information typedef struct _KEYSVC_PROVIDER_INFO { KEYSVC_UNICODE_STRING Name; ULONG Flags; ULONG ProviderType; } KEYSVC_PROVIDER_INFO, *PKEYSVC_PROVIDER_INFO; // key information structures typedef struct _KEY_ID { ULONG Algid; ULONG dwKeySpec; } KEY_ID, *PKEY_ID; typedef struct _KEYSVC_KEY_INFO { KEYSVC_UNICODE_STRING KeyName; KEY_ID KeyID; } KEYSVC_KEY_INFO, *PKEYSVC_KEY_INFO; typedef struct _KEYSVC_KEYS { KEYSVC_UNICODE_STRING KeyName; ULONG cKeyIDs; //#ifdef MIDL_PASS [size_is(cKeyIDs), length_is(cKeyIDs) ] //#endif PKEY_ID pKeyIDs; } KEYSVC_KEYS, *PKEYSVC_KEYS; typedef enum _KEYSVC_INFOTYPE { KeySvcPublicKey, KeySvcVerifyHaveKey } KEYSVC_INFOTYPE; typedef struct _KEYSVC_RSAINFO { ULONG Algid; ULONG cbHash; BYTE rgbHash[40]; } KEYSVC_RSAINFO; typedef struct _KEYSVC_CERT_HASH { BYTE rgb[20]; } KEYSVC_CERT_HASH; typedef struct _KEYSVC_CERT_INFO { PKEYSVC_BLOB pCert; KEYSVC_CERT_HASH CertHash; KEYSVC_UNICODE_STRING KeyName; } KEYSVC_CERT_INFO, *PKEYSVC_CERT_INFO; // typedef struct _KEYSVC_CERT_REQUEST_PVK_NEW { ULONG ulProvType; //Optional: The provider type. If this field // is 0, pwszProvider is ignored KEYSVC_UNICODE_STRING Provider; //Optional: The name of the provider. // NULL means the default ULONG ulProviderFlags; //Optional: The flag passed to CryptAcquireContext KEYSVC_UNICODE_STRING KeyContainer; //Optional: The private key container. If this value is NULL, // a new key container will be generated. Its name is guaranteed // to be unique. ULONG ulKeySpec; //Optional: The key specification of the private key ULONG ulGenKeyFlags; //Optional: The flags for CryptGenKey } KEYSVC_CERT_REQUEST_PVK_NEW, *PKEYSVC_CERT_REQUEST_PVK_NEW; typedef struct _KEYSVC_CERT_REQUEST_PVK_NEW_V2 { ULONG ulProvType; //Optional: The provider type. If this field // is 0, pwszProvider is ignored KEYSVC_UNICODE_STRING Provider; //Optional: The name of the provider. // NULL means the default ULONG ulProviderFlags; //Optional: The flag passed to CryptAcquireContext KEYSVC_UNICODE_STRING KeyContainer; //Optional: The private key container. If this value is NULL, // a new key container will be generated. Its name is guaranteed // to be unique. ULONG ulKeySpec; //Optional: The key specification of the private key ULONG ulGenKeyFlags; //Optional: The flags for CryptGenKey ULONG ulEnrollmentFlags; //Optional: The enrollment cert type flags ULONG ulSubjectNameFlags; //Optional: The subject name cert type flags ULONG ulPrivateKeyFlags; //Optional: The private key cert type flags ULONG ulGeneralFlags; //Optional: The general cert type flags } KEYSVC_CERT_REQUEST_PVK_NEW_V2, *PKEYSVC_CERT_REQUEST_PVK_NEW_V2; typedef struct _KEYSVC_CERT_BLOB { DWORD cbData; //#ifdef MIDL_PASS [size_is(cbData), length_is(cbData) ] //#endif BYTE *pbData; } KEYSVC_CERT_BLOB, *PKEYSVC_CERT_BLOB; typedef struct _KEYSVC_CERT_EXTENSION { LPSTR pszObjId; BOOL fCritical; DWORD cbData; //#ifdef MIDL_PASS [size_is(cbData), length_is(cbData) ] //#endif BYTE *pbData; // KEYSVC_CERT_BLOB Value; } KEYSVC_CERT_EXTENSION, *PKEYSVC_CERT_EXTENSION; typedef struct _KEYSVC_CERT_EXTENSIONS { ULONG cExtension; //#ifdef MIDL_PASS [size_is(cExtension), length_is(cExtension) ] //#endif KEYSVC_CERT_EXTENSION *rgExtension; } KEYSVC_CERT_EXTENSIONS, *PKEYSVC_CERT_EXTENSIONS; typedef struct _KEYSVC_CERT_ENROLL_INFO { KEYSVC_UNICODE_STRING UsageOID; KEYSVC_UNICODE_STRING CertDNName; ULONG ulPostOption; //Required: A bit wise OR of the following value: // REQUEST_POST_ON_DS // REQUEST_POST_ON_CSP KEYSVC_UNICODE_STRING FriendlyName; //Optional: The friendly name of the certificate KEYSVC_UNICODE_STRING Description; //Optional: The description of the certificate KEYSVC_UNICODE_STRING Attributes; //Optional: Attributes for certificate request ULONG cExtensions; //#ifdef MIDL_PASS [size_is(cExtensions), length_is(cExtensions) ] //#endif PKEYSVC_CERT_EXTENSIONS *prgExtensions; }KEYSVC_CERT_ENROLL_INFO, *PKEYSVC_CERT_ENROLL_INFO; typedef struct _KEYSVC_OPEN_KEYSVC_INFO { ULONG ulSize; // For struct versioning ULONG ulVersion; }KEYSVC_OPEN_KEYSVC_INFO, *PKEYSVC_OPEN_KEYSVC_INFO; typedef struct _KEYSVC_QUERY_CERT_REQUEST_INFO { ULONG ulSize; // sizeof(CRYPTUI_WIZ_QUERY_CERT_REQUEST_INFO) ULONG ulStatus; // set of flags, see below } KEYSVC_QUERY_CERT_REQUEST_INFO, *PKEYSVC_QUERY_CERT_REQUEST_INFO; ULONG KeyrOpenKeyService( [in] handle_t hRPCBinding, [in] KEYSVC_TYPE OwnerType, [in] PKEYSVC_UNICODE_STRING pOwnerName, [in] ULONG ulDesiredAccess, [in] PKEYSVC_BLOB pAuthentication, [in, out] PKEYSVC_BLOB *ppReserved, [out] KEYSVC_HANDLE *phKeySvc); ULONG KeyrEnumerateProviders( [in] handle_t hRPCBinding, [in] KEYSVC_HANDLE hKeySvc, [in, out] PKEYSVC_BLOB *ppReserved, [in, out] ULONG *pcProviderCount, [in, out][size_is(,*pcProviderCount)] PKEYSVC_PROVIDER_INFO *ppProviders); ULONG KeyrEnumerateProviderTypes( [in] handle_t hRPCBinding, [in] KEYSVC_HANDLE hKeySvc, [in, out] PKEYSVC_BLOB *ppReserved, [in, out] ULONG *pcProviderCount, [in, out][size_is(,*pcProviderCount)] PKEYSVC_PROVIDER_INFO *ppProviders); ULONG KeyrEnumerateProvContainers( [in] handle_t hRPCBinding, [in] KEYSVC_HANDLE hKeySvc, [in] KEYSVC_PROVIDER_INFO Provider, [in, out] PKEYSVC_BLOB *ppReserved, [in, out] ULONG *pcContainerCount, [in, out][size_is(,*pcContainerCount)] PKEYSVC_UNICODE_STRING *ppContainers); ULONG KeyrCloseKeyService( [in] handle_t hRPCBinding, [in] KEYSVC_HANDLE hKeySvc, [in, out] PKEYSVC_BLOB *ppReserved); ULONG KeyrGetDefaultProvider( [in] handle_t hRPCBinding, [in] KEYSVC_HANDLE hKeySvc, [in] ULONG ulProvType, [in] ULONG ulFlags, [in, out] PKEYSVC_BLOB *ppReserved, [out] ULONG *pulDefType, [out] PKEYSVC_PROVIDER_INFO *ppProvider); ULONG KeyrSetDefaultProvider( [in] handle_t hRPCBinding, [in] KEYSVC_HANDLE hKeySvc, [in] ULONG ulFlags, [in, out] PKEYSVC_BLOB *ppReserved, [in] KEYSVC_PROVIDER_INFO Provider); ULONG KeyrEnroll( [in] handle_t hRPCBinding, [in] BOOL fKeyService, //IN Required: Whether the function is called remotely [in] ULONG ulPurpose, //IN Required: Specify the purpose - enrollment/renewal [in] PKEYSVC_UNICODE_STRING pAcctName, //IN Optional: Account name the service runs under [in] PKEYSVC_UNICODE_STRING pCALocation, //IN Required: The ca machine name [in] PKEYSVC_UNICODE_STRING pCAName, //IN Required: The ca name [in] BOOL fNewKey, //IN Required: Set the TRUE if new private key is needed [in] PKEYSVC_CERT_REQUEST_PVK_NEW pKeyNew, //IN Required: The private key information [in] PKEYSVC_BLOB pCert, //IN Optional: The old cert when renewing [in] PKEYSVC_CERT_REQUEST_PVK_NEW pRenewKey, //IN Optional: The new private key information when renewing [in] PKEYSVC_UNICODE_STRING pHashAlg, //IN Optional: The hash algorithm [in] PKEYSVC_UNICODE_STRING pDesStore, //IN Optional: The destination store [in] ULONG ulStoreFlags, //IN Optional: Flags for cert store [in] PKEYSVC_CERT_ENROLL_INFO pRequestInfo, //IN Required: The information about the cert request [in] ULONG ulFlags, //IN Reserved: Should be 0 [in, out] PKEYSVC_BLOB *ppReserved, [out] PKEYSVC_BLOB *ppPKCS7Blob, //OUT Optional: The PKCS7 from the CA [out] PKEYSVC_BLOB *ppHashBlob, //OUT Optioanl: The SHA1 hash of the enrolled/renewed certificate [out] ULONG *pulStatus); //OUT Optional: The status of the enrollment/renewal ULONG KeyrExportCert( [in] handle_t hRPCBinding, [in] KEYSVC_HANDLE hKeySvc, [in] PKEYSVC_UNICODE_STRING pPassword, [in] PKEYSVC_UNICODE_STRING pCertStore, [in] ULONG cHashCount, [in][size_is(cHashCount)] KEYSVC_CERT_HASH *pHashes, [in] ULONG ulFlags, [in, out] PKEYSVC_BLOB *ppReserved, [out] PKEYSVC_BLOB *ppPFXBlob); ULONG KeyrImportCert( [in] handle_t hRPCBinding, [in] KEYSVC_HANDLE hKeySvc, [in] PKEYSVC_UNICODE_STRING pPassword, [in] PKEYSVC_UNICODE_STRING pCertStore, [in] PKEYSVC_BLOB pPFXBlob, [in] ULONG ulFlags, [in, out] PKEYSVC_BLOB *ppReserved); ULONG KeyrEnumerateAvailableCertTypes( [in] handle_t hRPCBinding, [in] KEYSVC_HANDLE hKeySvc, [in, out] PKEYSVC_BLOB *ppReserved, [in, out] ULONG *pcCertTypeCount, [in, out][size_is(,*pcCertTypeCount)] PKEYSVC_UNICODE_STRING *ppCertTypes); ULONG KeyrEnumerateCAs( [in] handle_t hRPCBinding, [in] KEYSVC_HANDLE hKeySvc, [in, out] PKEYSVC_BLOB *ppReserved, [in] ULONG ulFlags, [in, out] ULONG *pcCACount, [in, out][size_is(,*pcCACount)] PKEYSVC_UNICODE_STRING *ppCAs); ULONG KeyrEnroll_V2( [in] handle_t hRPCBinding, [in] BOOL fKeyService, //IN Required: Whether the function is called remotely [in] ULONG ulPurpose, //IN Required: Specify the purpose - enrollment/renewal [in] ULONG ulFlags, //IN Required: Enrollment flags. [in] PKEYSVC_UNICODE_STRING pAcctName, //IN Optional: Account name the service runs under [in] PKEYSVC_UNICODE_STRING pCALocation, //IN Required: The ca machine name [in] PKEYSVC_UNICODE_STRING pCAName, //IN Required: The ca name [in] BOOL fNewKey, //IN Required: Set the TRUE if new private key is needed [in] PKEYSVC_CERT_REQUEST_PVK_NEW_V2 pKeyNew, //IN Required: The private key information [in] PKEYSVC_BLOB pCert, //IN Optional: The old cert when renewing [in] PKEYSVC_CERT_REQUEST_PVK_NEW_V2 pRenewKey, //IN Optional: The new private key information when renewing [in] PKEYSVC_UNICODE_STRING pHashAlg, //IN Optional: The hash algorithm [in] PKEYSVC_UNICODE_STRING pDesStore, //IN Optional: The destination store [in] ULONG ulStoreFlags, //IN Optional: Flags for cert store [in] PKEYSVC_CERT_ENROLL_INFO pRequestInfo, //IN Required: The information about the cert request [in] ULONG ulReservedFlags, //IN Reserved: Must be 0. [in, out] PKEYSVC_BLOB *ppReserved, //IN OUT Reserved: Must be NULL. [in, out] PKEYSVC_BLOB *phRequest, //OUT Optional: The HANDLE to a created request (in 3-stage enrollment) [out] PKEYSVC_BLOB *ppPKCS7Blob, //OUT Optional: The PKCS7 from the CA [out] PKEYSVC_BLOB *ppHashBlob, //OUT Optioanl: The SHA1 hash of the enrolled/renewed certificate [out] ULONG *pulStatus); //OUT Optional: The status of the enrollment/renewal ULONG KeyrQueryRequestStatus ([in] handle_t hRPCBinding, [in] unsigned __int64 hRequest, [out, ref] KEYSVC_QUERY_CERT_REQUEST_INFO *pQueryInfo); } [ uuid(a3b749b1-e3d0-4967-a521-124055d1c37d), version(1.0), pointer_default(unique) ] interface IKeySvcR // Remote keysvc { ULONG RKeyrOpenKeyService ([in] handle_t hRPCBinding, [in] KEYSVC_TYPE OwnerType, [in] PKEYSVC_UNICODE_STRING pOwnerName, [in] ULONG ulDesiredAccess, [in] PKEYSVC_BLOB pAuthentication, [in, out] PKEYSVC_BLOB *ppReserved, [out] KEYSVC_HANDLE *phKeySvc); ULONG RKeyrCloseKeyService ([in] handle_t hRPCBinding, [in] KEYSVC_HANDLE hKeySvc, [in, out] PKEYSVC_BLOB *ppReserved); ULONG RKeyrPFXInstall ([in] handle_t hRPCBinding, [in] PKEYSVC_BLOB pPFX, [in] PKEYSVC_UNICODE_STRING pPassword, [in] ULONG ulFlags); } // Define version constants. cpp_quote("#define KEYSVC_VERSION_W2K 0x0001") cpp_quote("#define KEYSVC_VERSION_WHISTLER 0x0002")