"Fossies" - the Fresh Open Source Software Archive

Member "dmd2/src/druntime/import/core/sys/windows/wincrypt.d" (20 Nov 2020, 26953 Bytes) of package /linux/misc/dmd.2.094.2.linux.tar.xz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) D source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file.

    1 /**
    2  * Windows API header module
    3  *
    4  * Translated from MinGW Windows headers
    5  *
    6  * Authors: Stewart Gordon
    7  * License: $(LINK2 http://www.boost.org/LICENSE_1_0.txt, Boost License 1.0)
    8  * Source: $(DRUNTIMESRC src/core/sys/windows/_wincrypt.d)
    9  */
   10 module core.sys.windows.wincrypt;
   11 version (Windows):
   12 @system:
   13 pragma(lib, "advapi32");
   14 
   15 version (ANSI) {} else version = Unicode;
   16 
   17 private import core.sys.windows.w32api, core.sys.windows.winbase, core.sys.windows.windef;
   18 
   19 /* FIXME:
   20  *  Types of some constants
   21  *  Types of macros
   22  *  Inits of various "size" and "version" members
   23  *  Why are some #ifdefs commented out?
   24  */
   25 
   26 const TCHAR[]
   27     MS_DEF_PROV = "Microsoft Base Cryptographic Provider v1.0",
   28     MS_ENHANCED_PROV = "Microsoft Enhanced Cryptographic Provider v1.0",
   29     MS_STRONG_PROV = "Microsoft Strong Cryptographic Provider",
   30     MS_DEF_RSA_SIG_PROV = "Microsoft RSA Signature Cryptographic Provider",
   31     MS_DEF_RSA_SCHANNEL_PROV = "Microsoft RSA SChannel Cryptographic Provider",
   32     MS_DEF_DSS_PROV = "Microsoft Base DSS Cryptographic Provider",
   33     MS_DEF_DSS_DH_PROV
   34       = "Microsoft Base DSS and Diffie-Hellman Cryptographic Provider",
   35     MS_ENH_DSS_DH_PROV
   36       = "Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider",
   37     MS_DEF_DH_SCHANNEL_PROV = "Microsoft DH SChannel Cryptographic Provider",
   38     MS_SCARD_PROV = "Microsoft Base Smart Card Crypto Provider";
   39 
   40 static if (_WIN32_WINNT > 0x501) {
   41 const TCHAR[] MS_ENH_RSA_AES_PROV
   42       = "Microsoft Enhanced RSA and AES Cryptographic Provider";
   43 } else static if (_WIN32_WINNT == 0x501) {
   44 const TCHAR[] MS_ENH_RSA_AES_PROV
   45       = "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)";
   46 }
   47 
   48 ALG_ID GET_ALG_CLASS(ALG_ID x) { return x & 0xE000; }
   49 ALG_ID GET_ALG_TYPE (ALG_ID x) { return x & 0x1E00; }
   50 ALG_ID GET_ALG_SID  (ALG_ID x) { return x & 0x01FF; }
   51 
   52 enum : ALG_ID {
   53     ALG_CLASS_ANY           = 0,
   54     ALG_CLASS_SIGNATURE     = 0x2000,
   55     ALG_CLASS_MSG_ENCRYPT   = 0x4000,
   56     ALG_CLASS_DATA_ENCRYPT  = 0x6000,
   57     ALG_CLASS_HASH          = 0x8000,
   58     ALG_CLASS_KEY_EXCHANGE  = 0xA000,
   59     ALG_CLASS_ALL           = 0xE000
   60 }
   61 
   62 enum : ALG_ID {
   63     ALG_TYPE_ANY           = 0,
   64     ALG_TYPE_DSS           = 0x0200,
   65     ALG_TYPE_RSA           = 0x0400,
   66     ALG_TYPE_BLOCK         = 0x0600,
   67     ALG_TYPE_STREAM        = 0x0800,
   68     ALG_TYPE_DH            = 0x0A00,
   69     ALG_TYPE_SECURECHANNEL = 0x0C00
   70 }
   71 
   72 enum : ALG_ID {
   73     ALG_SID_ANY          =  0,
   74     ALG_SID_RSA_ANY      =  0,
   75     ALG_SID_RSA_PKCS,
   76     ALG_SID_RSA_MSATWORK,
   77     ALG_SID_RSA_ENTRUST,
   78     ALG_SID_RSA_PGP,  // =  4
   79     ALG_SID_DSS_ANY      =  0,
   80     ALG_SID_DSS_PKCS,
   81     ALG_SID_DSS_DMS,  // =  2
   82     ALG_SID_DES          =  1,
   83     ALG_SID_3DES         =  3,
   84     ALG_SID_DESX,
   85     ALG_SID_IDEA,
   86     ALG_SID_CAST,
   87     ALG_SID_SAFERSK64,
   88     ALG_SID_SAFERSK128,
   89     ALG_SID_3DES_112,
   90     ALG_SID_SKIPJACK,
   91     ALG_SID_TEK,
   92     ALG_SID_CYLINK_MEK,
   93     ALG_SID_RC5,      // = 13
   94     ALG_SID_RC2          =  2,
   95     ALG_SID_RC4          =  1,
   96     ALG_SID_SEAL         =  2,
   97     ALG_SID_MD2          =  1,
   98     ALG_SID_MD4,
   99     ALG_SID_MD5,
  100     ALG_SID_SHA,
  101     ALG_SID_MAC,
  102     ALG_SID_RIPEMD,
  103     ALG_SID_RIPEMD160,
  104     ALG_SID_SSL3SHAMD5,
  105     ALG_SID_HMAC,
  106     ALG_SID_TLS1PRF,  // = 10
  107     ALG_SID_AES_128      = 14,
  108     ALG_SID_AES_192,
  109     ALG_SID_AES_256,
  110     ALG_SID_AES,      // = 17
  111     ALG_SID_EXAMPLE      = 80
  112 }
  113 
  114 enum : ALG_ID {
  115     CALG_MD2        = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD2,
  116     CALG_MD4        = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD4,
  117     CALG_MD5        = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MD5,
  118     CALG_SHA        = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA,
  119     CALG_SHA1       = CALG_SHA,
  120     CALG_MAC        = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_MAC,
  121     CALG_3DES       = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 3,
  122     CALG_CYLINK_MEK = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 12,
  123     CALG_SKIPJACK   = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | 10,
  124     CALG_KEA_KEYX   = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_STREAM | ALG_TYPE_DSS | 4,
  125     CALG_RSA_SIGN   = ALG_CLASS_SIGNATURE | ALG_TYPE_RSA | ALG_SID_RSA_ANY,
  126     CALG_DSS_SIGN   = ALG_CLASS_SIGNATURE | ALG_TYPE_DSS | ALG_SID_DSS_ANY,
  127     CALG_RSA_KEYX   = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_RSA | ALG_SID_RSA_ANY,
  128     CALG_DES        = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_DES,
  129     CALG_RC2        = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_RC2,
  130     CALG_RC4        = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | ALG_SID_RC4,
  131     CALG_SEAL       = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | ALG_SID_SEAL,
  132     CALG_DH_EPHEM   = ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_STREAM | ALG_TYPE_DSS
  133                       | ALG_SID_DSS_DMS,
  134     CALG_DESX       = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_DESX,
  135 // is undefined ALG_CLASS_DHASH in MinGW - presuming typo
  136     CALG_TLS1PRF    = ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_TLS1PRF,
  137     CALG_AES_128    = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_128,
  138     CALG_AES_192    = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_192,
  139     CALG_AES_256    = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES_256,
  140     CALG_AES        = ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_AES,
  141 }
  142 
  143 enum {
  144     CRYPT_VERIFYCONTEXT = 0xF0000000,
  145 }
  146 
  147 enum {
  148     CRYPT_NEWKEYSET = 8,
  149     CRYPT_DELETEKEYSET = 16,
  150     CRYPT_MACHINE_KEYSET = 32,
  151     CRYPT_SILENT = 64,
  152 }
  153 
  154 enum {
  155     CRYPT_EXPORTABLE = 1,
  156     CRYPT_USER_PROTECTED = 2,
  157     CRYPT_CREATE_SALT = 4,
  158     CRYPT_UPDATE_KEY = 8,
  159 }
  160 
  161 enum {
  162     SIMPLEBLOB = 1,
  163     PUBLICKEYBLOB = 6,
  164     PRIVATEKEYBLOB = 7,
  165     PLAINTEXTKEYBLOB = 8,
  166     OPAQUEKEYBLOB = 9,
  167     PUBLICKEYBLOBEX = 10,
  168     SYMMETRICWRAPKEYBLOB = 11,
  169 }
  170 
  171 enum {
  172     AT_KEYEXCHANGE = 1,
  173     AT_SIGNATURE = 2,
  174 }
  175 
  176 enum {
  177     CRYPT_USERDATA = 1,
  178 }
  179 
  180 enum {
  181     PKCS5_PADDING = 1,
  182 }
  183 
  184 enum {
  185     CRYPT_MODE_CBC = 1,
  186     CRYPT_MODE_ECB = 2,
  187     CRYPT_MODE_OFB = 3,
  188     CRYPT_MODE_CFB = 4,
  189     CRYPT_MODE_CTS = 5,
  190     CRYPT_MODE_CBCI = 6,
  191     CRYPT_MODE_CFBP = 7,
  192     CRYPT_MODE_OFBP = 8,
  193     CRYPT_MODE_CBCOFM = 9,
  194     CRYPT_MODE_CBCOFMI = 10,
  195 }
  196 
  197 enum {
  198     CRYPT_ENCRYPT = 1,
  199     CRYPT_DECRYPT = 2,
  200     CRYPT_EXPORT = 4,
  201     CRYPT_READ = 8,
  202     CRYPT_WRITE = 16,
  203     CRYPT_MAC = 32,
  204 }
  205 
  206 enum {
  207     HP_ALGID = 1,
  208     HP_HASHVAL = 2,
  209     HP_HASHSIZE = 4,
  210     HP_HMAC_INFO = 5,
  211 }
  212 
  213 enum {
  214     CRYPT_FAILED = FALSE,
  215     CRYPT_SUCCEED = TRUE,
  216 }
  217 
  218 bool RCRYPT_SUCCEEDED(BOOL r) { return r==CRYPT_SUCCEED; }
  219 bool RCRYPT_FAILED(BOOL r) { return r==CRYPT_FAILED; }
  220 
  221 enum {
  222     PP_ENUMALGS = 1,
  223     PP_ENUMCONTAINERS = 2,
  224     PP_IMPTYPE = 3,
  225     PP_NAME = 4,
  226     PP_VERSION = 5,
  227     PP_CONTAINER = 6,
  228     PP_CHANGE_PASSWORD  = 7,
  229     PP_KEYSET_SEC_DESCR = 8,
  230     PP_CERTCHAIN    = 9,
  231     PP_KEY_TYPE_SUBTYPE = 10,
  232     PP_PROVTYPE = 16,
  233     PP_KEYSTORAGE   = 17,
  234     PP_APPLI_CERT   = 18,
  235     PP_SYM_KEYSIZE  = 19,
  236     PP_SESSION_KEYSIZE  = 20,
  237     PP_UI_PROMPT    = 21,
  238     PP_ENUMALGS_EX  = 22,
  239     PP_ENUMMANDROOTS = 25,
  240     PP_ENUMELECTROOTS = 26,
  241     PP_KEYSET_TYPE = 27,
  242     PP_ADMIN_PIN = 31,
  243     PP_KEYEXCHANGE_PIN = 32,
  244     PP_SIGNATURE_PIN = 33,
  245     PP_SIG_KEYSIZE_INC = 34,
  246     PP_KEYX_KEYSIZE_INC = 35,
  247     PP_UNIQUE_CONTAINER = 36,
  248     PP_SGC_INFO = 37,
  249     PP_USE_HARDWARE_RNG = 38,
  250     PP_KEYSPEC = 39,
  251     PP_ENUMEX_SIGNING_PROT = 40,
  252 }
  253 
  254 enum {
  255     CRYPT_FIRST = 1,
  256     CRYPT_NEXT = 2,
  257 }
  258 
  259 enum {
  260     CRYPT_IMPL_HARDWARE = 1,
  261     CRYPT_IMPL_SOFTWARE = 2,
  262     CRYPT_IMPL_MIXED = 3,
  263     CRYPT_IMPL_UNKNOWN = 4,
  264 }
  265 
  266 enum {
  267     PROV_RSA_FULL = 1,
  268     PROV_RSA_SIG = 2,
  269     PROV_DSS = 3,
  270     PROV_FORTEZZA = 4,
  271     PROV_MS_MAIL = 5,
  272     PROV_SSL = 6,
  273     PROV_STT_MER = 7,
  274     PROV_STT_ACQ = 8,
  275     PROV_STT_BRND = 9,
  276     PROV_STT_ROOT = 10,
  277     PROV_STT_ISS = 11,
  278     PROV_RSA_SCHANNEL = 12,
  279     PROV_DSS_DH = 13,
  280     PROV_EC_ECDSA_SIG = 14,
  281     PROV_EC_ECNRA_SIG = 15,
  282     PROV_EC_ECDSA_FULL = 16,
  283     PROV_EC_ECNRA_FULL = 17,
  284     PROV_DH_SCHANNEL = 18,
  285     PROV_SPYRUS_LYNKS = 20,
  286     PROV_RNG = 21,
  287     PROV_INTEL_SEC = 22,
  288     PROV_RSA_AES = 24,
  289     MAXUIDLEN = 64,
  290 }
  291 
  292 enum {
  293     CUR_BLOB_VERSION = 2,
  294 }
  295 
  296 enum {
  297     X509_ASN_ENCODING = 1,
  298     PKCS_7_ASN_ENCODING  = 65536,
  299 }
  300 
  301 enum {
  302     CERT_V1 = 0,
  303     CERT_V2 = 1,
  304     CERT_V3 = 2,
  305 }
  306 
  307 enum {
  308     CERT_E_CHAINING = (-2146762486),
  309     CERT_E_CN_NO_MATCH = (-2146762481),
  310     CERT_E_EXPIRED = (-2146762495),
  311     CERT_E_PURPOSE = (-2146762490),
  312     CERT_E_REVOCATION_FAILURE = (-2146762482),
  313     CERT_E_REVOKED = (-2146762484),
  314     CERT_E_ROLE = (-2146762493),
  315     CERT_E_UNTRUSTEDROOT = (-2146762487),
  316     CERT_E_UNTRUSTEDTESTROOT = (-2146762483),
  317     CERT_E_VALIDITYPERIODNESTING = (-2146762494),
  318     CERT_E_WRONG_USAGE = (-2146762480),
  319     CERT_E_PATHLENCONST = (-2146762492),
  320     CERT_E_CRITICAL = (-2146762491),
  321     CERT_E_ISSUERCHAINING = (-2146762489),
  322     CERT_E_MALFORMED = (-2146762488),
  323     CRYPT_E_REVOCATION_OFFLINE = (-2146885613),
  324     CRYPT_E_REVOKED = (-2146885616),
  325     TRUST_E_BASIC_CONSTRAINTS = (-2146869223),
  326     TRUST_E_CERT_SIGNATURE = (-2146869244),
  327     TRUST_E_FAIL = (-2146762485),
  328 }
  329 
  330 enum {
  331     CERT_TRUST_NO_ERROR = 0,
  332     CERT_TRUST_IS_NOT_TIME_VALID = 1,
  333     CERT_TRUST_IS_NOT_TIME_NESTED = 2,
  334     CERT_TRUST_IS_REVOKED = 4,
  335     CERT_TRUST_IS_NOT_SIGNATURE_VALID = 8,
  336     CERT_TRUST_IS_NOT_VALID_FOR_USAGE = 16,
  337     CERT_TRUST_IS_UNTRUSTED_ROOT = 32,
  338     CERT_TRUST_REVOCATION_STATUS_UNKNOWN = 64,
  339     CERT_TRUST_IS_CYCLIC = 128,
  340     CERT_TRUST_IS_PARTIAL_CHAIN = 65536,
  341     CERT_TRUST_CTL_IS_NOT_TIME_VALID = 131072,
  342     CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID = 262144,
  343     CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE = 524288,
  344 }
  345 
  346 enum {
  347     CERT_TRUST_HAS_EXACT_MATCH_ISSUER = 1,
  348     CERT_TRUST_HAS_KEY_MATCH_ISSUER = 2,
  349     CERT_TRUST_HAS_NAME_MATCH_ISSUER = 4,
  350     CERT_TRUST_IS_SELF_SIGNED = 8,
  351     CERT_TRUST_IS_COMPLEX_CHAIN = 65536,
  352 }
  353 
  354 enum {
  355     CERT_CHAIN_POLICY_BASE              = cast(LPCSTR) 1,
  356     CERT_CHAIN_POLICY_AUTHENTICODE      = cast(LPCSTR) 2,
  357     CERT_CHAIN_POLICY_AUTHENTICODE_TS   = cast(LPCSTR) 3,
  358     CERT_CHAIN_POLICY_SSL               = cast(LPCSTR) 4,
  359     CERT_CHAIN_POLICY_BASIC_CONSTRAINTS = cast(LPCSTR) 5,
  360     CERT_CHAIN_POLICY_NT_AUTH           = cast(LPCSTR) 6,
  361 }
  362 
  363 enum {
  364     USAGE_MATCH_TYPE_AND = 0,
  365     USAGE_MATCH_TYPE_OR = 1,
  366 }
  367 
  368 enum {
  369     CERT_SIMPLE_NAME_STR = 1,
  370     CERT_OID_NAME_STR = 2,
  371     CERT_X500_NAME_STR = 3,
  372 }
  373 enum {
  374     CERT_NAME_STR_SEMICOLON_FLAG = 1073741824,
  375     CERT_NAME_STR_CRLF_FLAG = 134217728,
  376     CERT_NAME_STR_NO_PLUS_FLAG = 536870912,
  377     CERT_NAME_STR_NO_QUOTING_FLAG = 268435456,
  378     CERT_NAME_STR_REVERSE_FLAG = 33554432,
  379     CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG = 131072,
  380 }
  381 
  382 enum {
  383     CERT_FIND_ANY = 0,
  384     CERT_FIND_CERT_ID = 1048576,
  385     CERT_FIND_CTL_USAGE = 655360,
  386     CERT_FIND_ENHKEY_USAGE = 655360,
  387     CERT_FIND_EXISTING = 851968,
  388     CERT_FIND_HASH = 65536,
  389     CERT_FIND_ISSUER_ATTR = 196612,
  390     CERT_FIND_ISSUER_NAME = 131076,
  391     CERT_FIND_ISSUER_OF = 786432,
  392     CERT_FIND_KEY_IDENTIFIER = 983040,
  393     CERT_FIND_KEY_SPEC = 589824,
  394     CERT_FIND_MD5_HASH = 262144,
  395     CERT_FIND_PROPERTY = 327680,
  396     CERT_FIND_PUBLIC_KEY = 393216,
  397     CERT_FIND_SHA1_HASH = 65536,
  398     CERT_FIND_SIGNATURE_HASH = 917504,
  399     CERT_FIND_SUBJECT_ATTR = 196615,
  400     CERT_FIND_SUBJECT_CERT = 720896,
  401     CERT_FIND_SUBJECT_NAME = 131079,
  402     CERT_FIND_SUBJECT_STR_A = 458759,
  403     CERT_FIND_SUBJECT_STR_W = 524295,
  404     CERT_FIND_ISSUER_STR_A = 458756,
  405     CERT_FIND_ISSUER_STR_W = 524292,
  406 }
  407 
  408 enum {
  409     CERT_FIND_OR_ENHKEY_USAGE_FLAG = 16,
  410     CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG  = 1,
  411     CERT_FIND_NO_ENHKEY_USAGE_FLAG  = 8,
  412     CERT_FIND_VALID_ENHKEY_USAGE_FLAG  = 32,
  413     CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG  = 2,
  414 }
  415 
  416 enum {
  417     CERT_CASE_INSENSITIVE_IS_RDN_ATTRS_FLAG  = 2,
  418     CERT_UNICODE_IS_RDN_ATTRS_FLAG = 1,
  419     CERT_CHAIN_FIND_BY_ISSUER = 1,
  420 }
  421 
  422 enum {
  423     CERT_CHAIN_FIND_BY_ISSUER_COMPARE_KEY_FLAG = 1,
  424     CERT_CHAIN_FIND_BY_ISSUER_COMPLEX_CHAIN_FLAG = 2,
  425     CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG = 4,
  426     CERT_CHAIN_FIND_BY_ISSUER_LOCAL_MACHINE_FLAG = 8,
  427     CERT_CHAIN_FIND_BY_ISSUER_NO_KEY_FLAG = 16384,
  428     CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG = 32768,
  429 }
  430 
  431 enum {
  432     CERT_STORE_PROV_SYSTEM = 10,
  433     CERT_SYSTEM_STORE_LOCAL_MACHINE = 131072,
  434 }
  435 
  436 enum {
  437     szOID_PKIX_KP_SERVER_AUTH = "4235600",
  438     szOID_SERVER_GATED_CRYPTO = "4235658",
  439     szOID_SGC_NETSCAPE = "2.16.840.1.113730.4.1",
  440     szOID_PKIX_KP_CLIENT_AUTH = "1.3.6.1.5.5.7.3.2",
  441 }
  442 
  443 enum {
  444     CRYPT_NOHASHOID = 0x00000001,
  445     CRYPT_NO_SALT = 0x10,
  446     CRYPT_PREGEN = 0x40,
  447 }
  448 
  449 enum {
  450     CRYPT_RECIPIENT = 0x10,
  451     CRYPT_INITIATOR = 0x40,
  452     CRYPT_ONLINE = 0x80,
  453     CRYPT_SF = 0x100,
  454     CRYPT_CREATE_IV = 0x200,
  455     CRYPT_KEK = 0x400,
  456     CRYPT_DATA_KEY = 0x800,
  457     CRYPT_VOLATILE = 0x1000,
  458     CRYPT_SGCKEY = 0x2000,
  459 }
  460 
  461 enum {
  462     KP_IV               = 0x00000001,
  463     KP_SALT             = 0x00000002,
  464     KP_PADDING          = 0x00000003,
  465     KP_MODE             = 0x00000004,
  466     KP_MODE_BITS        = 0x00000005,
  467     KP_PERMISSIONS      = 0x00000006,
  468     KP_ALGID            = 0x00000007,
  469     KP_BLOCKLEN         = 0x00000008,
  470     KP_KEYLEN           = 0x00000009,
  471     KP_SALT_EX          = 0x0000000a,
  472     KP_P                = 0x0000000b,
  473     KP_G                = 0x0000000c,
  474     KP_Q                = 0x0000000d,
  475     KP_X                = 0x0000000e,
  476     KP_Y                = 0x0000000f,
  477     KP_RA               = 0x00000010,
  478     KP_RB               = 0x00000011,
  479     KP_INFO             = 0x00000012,
  480     KP_EFFECTIVE_KEYLEN = 0x00000013,
  481     KP_SCHANNEL_ALG     = 0x00000014,
  482     KP_PUB_PARAMS       = 0x00000027,
  483 }
  484 
  485 enum {
  486     CRYPT_FLAG_PCT1    = 0x0001,
  487     CRYPT_FLAG_SSL2    = 0x0002,
  488     CRYPT_FLAG_SSL3    = 0x0004,
  489     CRYPT_FLAG_TLS1    = 0x0008,
  490     CRYPT_FLAG_IPSEC   = 0x0010,
  491     CRYPT_FLAG_SIGNING = 0x0020,
  492 }
  493 
  494 enum {
  495     SCHANNEL_MAC_KEY    = 0x00000000,
  496     SCHANNEL_ENC_KEY    = 0x00000001,
  497 }
  498 
  499 enum {
  500     INTERNATIONAL_USAGE = 0x00000001,
  501 }
  502 
  503 
  504 alias UINT ALG_ID;
  505 alias ULONG_PTR HCRYPTPROV, HCRYPTKEY, HCRYPTHASH;
  506 alias PVOID HCERTSTORE, HCRYPTMSG, HCERTCHAINENGINE;
  507 
  508 struct VTableProvStruc {
  509     FARPROC FuncVerifyImage;
  510 }
  511 alias VTableProvStruc* PVTableProvStruc;
  512 
  513 struct _CRYPTOAPI_BLOB {
  514     DWORD cbData;
  515     BYTE* pbData;
  516 }
  517 alias _CRYPTOAPI_BLOB CRYPT_INTEGER_BLOB, CRYPT_UINT_BLOB,
  518   CRYPT_OBJID_BLOB, CERT_NAME_BLOB, CERT_RDN_VALUE_BLOB, CERT_BLOB,
  519   CRL_BLOB, DATA_BLOB, CRYPT_DATA_BLOB, CRYPT_HASH_BLOB,
  520   CRYPT_DIGEST_BLOB, CRYPT_DER_BLOB, CRYPT_ATTR_BLOB;
  521 alias _CRYPTOAPI_BLOB* PCRYPT_INTEGER_BLOB, PCRYPT_UINT_BLOB,
  522   PCRYPT_OBJID_BLOB, PCERT_NAME_BLOB, PCERT_RDN_VALUE_BLOB, PCERT_BLOB,
  523   PCRL_BLOB, PDATA_BLOB, PCRYPT_DATA_BLOB, PCRYPT_HASH_BLOB,
  524   PCRYPT_DIGEST_BLOB, PCRYPT_DER_BLOB, PCRYPT_ATTR_BLOB;
  525 
  526 // not described in SDK; has the same layout as HTTPSPolicyCallbackData
  527 struct SSL_EXTRA_CERT_CHAIN_POLICY_PARA {
  528     DWORD  cbStruct;
  529     DWORD  dwAuthType;
  530     DWORD  fdwChecks;
  531     LPWSTR pwszServerName;
  532 }
  533 alias SSL_EXTRA_CERT_CHAIN_POLICY_PARA HTTPSPolicyCallbackData;
  534 alias SSL_EXTRA_CERT_CHAIN_POLICY_PARA* PSSL_EXTRA_CERT_CHAIN_POLICY_PARA,
  535   PHTTPSPolicyCallbackData;
  536 
  537 /* #if (_WIN32_WINNT>=0x500) */
  538 struct CERT_CHAIN_POLICY_PARA {
  539     DWORD cbSize = CERT_CHAIN_POLICY_PARA.sizeof;
  540     DWORD dwFlags;
  541     void* pvExtraPolicyPara;
  542 }
  543 alias CERT_CHAIN_POLICY_PARA* PCERT_CHAIN_POLICY_PARA;
  544 
  545 struct CERT_CHAIN_POLICY_STATUS {
  546     DWORD cbSize = CERT_CHAIN_POLICY_STATUS.sizeof;
  547     DWORD dwError;
  548     LONG  lChainIndex;
  549     LONG  lElementIndex;
  550     void* pvExtraPolicyStatus;
  551 }
  552 alias CERT_CHAIN_POLICY_STATUS* PCERT_CHAIN_POLICY_STATUS;
  553 /* #endif */
  554 
  555 struct CRYPT_ALGORITHM_IDENTIFIER {
  556     LPSTR pszObjId;
  557     CRYPT_OBJID_BLOB Parameters;
  558 }
  559 alias CRYPT_ALGORITHM_IDENTIFIER* PCRYPT_ALGORITHM_IDENTIFIER;
  560 
  561 struct CRYPT_BIT_BLOB {
  562     DWORD cbData;
  563     BYTE* pbData;
  564     DWORD cUnusedBits;
  565 }
  566 alias CRYPT_BIT_BLOB* PCRYPT_BIT_BLOB;
  567 
  568 struct CERT_PUBLIC_KEY_INFO {
  569     CRYPT_ALGORITHM_IDENTIFIER Algorithm;
  570     CRYPT_BIT_BLOB             PublicKey;
  571 }
  572 alias CERT_PUBLIC_KEY_INFO* PCERT_PUBLIC_KEY_INFO;
  573 
  574 struct CERT_EXTENSION {
  575     LPSTR            pszObjId;
  576     BOOL             fCritical;
  577     CRYPT_OBJID_BLOB Value;
  578 }
  579 alias CERT_EXTENSION* PCERT_EXTENSION;
  580 
  581 struct CERT_INFO {
  582     DWORD dwVersion;
  583     CRYPT_INTEGER_BLOB SerialNumber;
  584     CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm;
  585     CERT_NAME_BLOB Issuer;
  586     FILETIME NotBefore;
  587     FILETIME NotAfter;
  588     CERT_NAME_BLOB Subject;
  589     CERT_PUBLIC_KEY_INFO SubjectPublicKeyInfo;
  590     CRYPT_BIT_BLOB IssuerUniqueId;
  591     CRYPT_BIT_BLOB SubjectUniqueId;
  592     DWORD cExtension;
  593     PCERT_EXTENSION rgExtension;
  594 }
  595 alias CERT_INFO* PCERT_INFO;
  596 
  597 struct CERT_CONTEXT {
  598     DWORD      dwCertEncodingType;
  599     BYTE*      pbCertEncoded;
  600     DWORD      cbCertEncoded;
  601     PCERT_INFO pCertInfo;
  602     HCERTSTORE hCertStore;
  603 }
  604 alias CERT_CONTEXT*        PCERT_CONTEXT;
  605 alias const(CERT_CONTEXT)* PCCERT_CONTEXT;
  606 
  607 struct CTL_USAGE {
  608     DWORD  cUsageIdentifier;
  609     LPSTR* rgpszUsageIdentifier;
  610 }
  611 alias CTL_USAGE CERT_ENHKEY_USAGE;
  612 alias CTL_USAGE* PCTRL_USAGE, PCERT_ENHKEY_USAGE;
  613 
  614 struct CERT_USAGE_MATCH {
  615     DWORD             dwType;
  616     CERT_ENHKEY_USAGE Usage;
  617 }
  618 alias CERT_USAGE_MATCH* PCERT_USAGE_MATCH;
  619 /* #if (_WIN32_WINNT>=0x500) */
  620 
  621 struct CERT_CHAIN_PARA {
  622     DWORD            cbSize = CERT_CHAIN_PARA.sizeof;
  623     CERT_USAGE_MATCH RequestedUsage;
  624 //#if CERT_CHAIN_PARA_HAS_EXTRA_FIELDS
  625     CERT_USAGE_MATCH RequestedIssuancePolicy;
  626     DWORD            dwUrlRetrievalTimeout;
  627     BOOL             fCheckRevocationFreshnessTime;
  628     DWORD            dwRevocationFreshnessTime;
  629 //#endif
  630 }
  631 alias CERT_CHAIN_PARA* PCERT_CHAIN_PARA;
  632 
  633 extern (Windows) alias BOOL function(PCCERT_CONTEXT, void*)
  634   PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK;
  635 
  636 struct CERT_CHAIN_FIND_BY_ISSUER_PARA {
  637     DWORD  cbSize = CERT_CHAIN_FIND_BY_ISSUER_PARA.sizeof;
  638     LPCSTR pszUsageIdentifier;
  639     DWORD  dwKeySpec;
  640     DWORD  dwAcquirePrivateKeyFlags;
  641     DWORD  cIssuer;
  642     CERT_NAME_BLOB* rgIssuer;
  643     PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK pfnFIndCallback;
  644     void*  pvFindArg;
  645     DWORD* pdwIssuerChainIndex;
  646     DWORD* pdwIssuerElementIndex;
  647 }
  648 alias CERT_CHAIN_FIND_BY_ISSUER_PARA* PCERT_CHAIN_FIND_BY_ISSUER_PARA;
  649 /* #endif */
  650 
  651 struct CERT_TRUST_STATUS {
  652     DWORD dwErrorStatus;
  653     DWORD dwInfoStatus;
  654 }
  655 alias CERT_TRUST_STATUS* PCERT_TRUST_STATUS;
  656 
  657 struct CRL_ENTRY {
  658     CRYPT_INTEGER_BLOB SerialNumber;
  659     FILETIME           RevocationDate;
  660     DWORD              cExtension;
  661     PCERT_EXTENSION    rgExtension;
  662 }
  663 alias CRL_ENTRY* PCRL_ENTRY;
  664 
  665 struct CRL_INFO {
  666     DWORD           dwVersion;
  667     CRYPT_ALGORITHM_IDENTIFIER SignatureAlgorithm;
  668     CERT_NAME_BLOB  Issuer;
  669     FILETIME        ThisUpdate;
  670     FILETIME        NextUpdate;
  671     DWORD           cCRLEntry;
  672     PCRL_ENTRY      rgCRLEntry;
  673     DWORD           cExtension;
  674     PCERT_EXTENSION rgExtension;
  675 }
  676 alias CRL_INFO* PCRL_INFO;
  677 
  678 struct CRL_CONTEXT {
  679     DWORD      dwCertEncodingType;
  680     BYTE*      pbCrlEncoded;
  681     DWORD      cbCrlEncoded;
  682     PCRL_INFO  pCrlInfo;
  683     HCERTSTORE hCertStore;
  684 }
  685 alias CRL_CONTEXT*        PCRL_CONTEXT;
  686 alias const(CRL_CONTEXT)* PCCRL_CONTEXT;
  687 
  688 struct CERT_REVOCATION_CRL_INFO {
  689     DWORD         cbSize = CERT_REVOCATION_CRL_INFO.sizeof;
  690     PCCRL_CONTEXT pBaseCRLContext;
  691     PCCRL_CONTEXT pDeltaCRLContext;
  692     PCRL_ENTRY    pCrlEntry;
  693     BOOL          fDeltaCrlEntry;
  694 }
  695 alias CERT_REVOCATION_CRL_INFO* PCERT_REVOCATION_CRL_INFO;
  696 
  697 struct CERT_REVOCATION_INFO {
  698     DWORD  cbSize = CERT_REVOCATION_INFO.sizeof;
  699     DWORD  dwRevocationResult;
  700     LPCSTR pszRevocationOid;
  701     LPVOID pvOidSpecificInfo;
  702     BOOL   fHasFreshnessTime;
  703     DWORD  dwFreshnessTime;
  704     PCERT_REVOCATION_CRL_INFO pCrlInfo;
  705 }
  706 alias CERT_REVOCATION_INFO* PCERT_REVOCATION_INFO;
  707 
  708 /* #if (_WIN32_WINNT>=0x500) */
  709 struct CERT_CHAIN_ELEMENT {
  710     DWORD                 cbSize = CERT_CHAIN_ELEMENT.sizeof;
  711     PCCERT_CONTEXT        pCertContext;
  712     CERT_TRUST_STATUS     TrustStatus;
  713     PCERT_REVOCATION_INFO pRevocationInfo;
  714     PCERT_ENHKEY_USAGE    pIssuanceUsage;
  715     PCERT_ENHKEY_USAGE    pApplicationUsage;
  716 }
  717 alias CERT_CHAIN_ELEMENT* PCERT_CHAIN_ELEMENT;
  718 /* #endif */
  719 
  720 struct CRYPT_ATTRIBUTE {
  721     LPSTR            pszObjId;
  722     DWORD            cValue;
  723     PCRYPT_ATTR_BLOB rgValue;
  724 }
  725 alias CRYPT_ATTRIBUTE* PCRYPT_ATTRIBUTE;
  726 
  727 struct CTL_ENTRY {
  728     CRYPT_DATA_BLOB  SubjectIdentifier;
  729     DWORD            cAttribute;
  730     PCRYPT_ATTRIBUTE rgAttribute;
  731 }
  732 alias CTL_ENTRY* PCTL_ENTRY;
  733 
  734 struct CTL_INFO {
  735     DWORD              dwVersion;
  736     CTL_USAGE          SubjectUsage;
  737     CRYPT_DATA_BLOB    ListIdentifier;
  738     CRYPT_INTEGER_BLOB SequenceNumber;
  739     FILETIME           ThisUpdate;
  740     FILETIME           NextUpdate;
  741     CRYPT_ALGORITHM_IDENTIFIER SubjectAlgorithm;
  742     DWORD              cCTLEntry;
  743     PCTL_ENTRY         rgCTLEntry;
  744     DWORD              cExtension;
  745     PCERT_EXTENSION    rgExtension;
  746 }
  747 alias CTL_INFO* PCTL_INFO;
  748 
  749 struct CTL_CONTEXT {
  750     DWORD      dwMsgAndCertEncodingType;
  751     BYTE*      pbCtlEncoded;
  752     DWORD      cbCtlEncoded;
  753     PCTL_INFO  pCtlInfo;
  754     HCERTSTORE hCertStore;
  755     HCRYPTMSG  hCryptMsg;
  756     BYTE*      pbCtlContent;
  757     DWORD      cbCtlContent;
  758 }
  759 alias CTL_CONTEXT*        PCTL_CONTEXT;
  760 alias const(CTL_CONTEXT)* PCCTL_CONTEXT;
  761 
  762 struct CERT_TRUST_LIST_INFO {
  763     DWORD         cbSize = CERT_TRUST_LIST_INFO.sizeof;
  764     PCTL_ENTRY    pCtlEntry;
  765     PCCTL_CONTEXT pCtlContext;
  766 }
  767 alias CERT_TRUST_LIST_INFO* PCERT_TRUST_LIST_INFO;
  768 
  769 struct CERT_SIMPLE_CHAIN {
  770     DWORD                 cbSize = CERT_SIMPLE_CHAIN.sizeof;
  771     CERT_TRUST_STATUS     TrustStatus;
  772     DWORD                 cElement;
  773     PCERT_CHAIN_ELEMENT*  rgpElement;
  774     PCERT_TRUST_LIST_INFO pTrustListInfo;
  775     BOOL                  fHasRevocationFreshnessTime;
  776     DWORD                 dwRevocationFreshnessTime;
  777 }
  778 alias CERT_SIMPLE_CHAIN* PCERT_SIMPLE_CHAIN;
  779 
  780 /* #if (_WIN32_WINNT>=0x500) */
  781 alias const(CERT_CHAIN_CONTEXT)* PCCERT_CHAIN_CONTEXT;
  782 struct CERT_CHAIN_CONTEXT {
  783     DWORD                 cbSize = CERT_CHAIN_CONTEXT.sizeof;
  784     CERT_TRUST_STATUS     TrustStatus;
  785     DWORD                 cChain;
  786     PCERT_SIMPLE_CHAIN*   rgpChain;
  787     DWORD                 cLowerQualityChainContext;
  788     PCCERT_CHAIN_CONTEXT* rgpLowerQualityChainContext;
  789     BOOL                  fHasRevocationFreshnessTime;
  790     DWORD                 dwRevocationFreshnessTime;
  791 }
  792 alias CERT_CHAIN_CONTEXT* PCERT_CHAIN_CONTEXT;
  793 /* #endif */
  794 
  795 struct PROV_ENUMALGS {
  796     ALG_ID   aiAlgid;
  797     DWORD    dwBitLen;
  798     DWORD    dwNameLen;
  799     CHAR[20] szName = 0;
  800 }
  801 
  802 struct PUBLICKEYSTRUC {
  803     BYTE   bType;
  804     BYTE   bVersion;
  805     WORD   reserved;
  806     ALG_ID aiKeyAlg;
  807 }
  808 alias PUBLICKEYSTRUC BLOBHEADER;
  809 
  810 struct RSAPUBKEY {
  811     DWORD magic;
  812     DWORD bitlen;
  813     DWORD pubexp;
  814 }
  815 
  816 struct HMAC_INFO {
  817     ALG_ID HashAlgid;
  818     BYTE*  pbInnerString;
  819     DWORD  cbInnerString;
  820     BYTE*  pbOuterString;
  821     DWORD  cbOuterString;
  822 }
  823 alias HMAC_INFO* PHMAC_INFO;
  824 
  825 extern (Windows) @nogc nothrow {
  826     BOOL CertCloseStore(HCERTSTORE, DWORD);
  827     BOOL CertGetCertificateChain(HCERTCHAINENGINE, PCCERT_CONTEXT, LPFILETIME,
  828       HCERTSTORE, PCERT_CHAIN_PARA, DWORD, LPVOID, PCCERT_CHAIN_CONTEXT*);
  829     BOOL CertVerifyCertificateChainPolicy(LPCSTR, PCCERT_CHAIN_CONTEXT,
  830       PCERT_CHAIN_POLICY_PARA, PCERT_CHAIN_POLICY_STATUS);
  831     void CertFreeCertificateChain(PCCERT_CHAIN_CONTEXT);
  832     DWORD CertNameToStrA(DWORD, PCERT_NAME_BLOB, DWORD, LPSTR, DWORD);
  833     DWORD CertNameToStrW(DWORD, PCERT_NAME_BLOB, DWORD, LPWSTR, DWORD);
  834     HCERTSTORE CertOpenSystemStoreA(HCRYPTPROV, LPCSTR);
  835     HCERTSTORE CertOpenSystemStoreW(HCRYPTPROV, LPCWSTR);
  836     HCERTSTORE CertOpenStore(LPCSTR, DWORD, HCRYPTPROV, DWORD, const(void)*);
  837     PCCERT_CONTEXT CertFindCertificateInStore(HCERTSTORE, DWORD, DWORD, DWORD,
  838 const(void)*, PCCERT_CONTEXT);
  839     BOOL CertFreeCertificateContext(PCCERT_CONTEXT);
  840     PCCERT_CONTEXT CertGetIssuerCertificateFromStore(HCERTSTORE,
  841       PCCERT_CONTEXT, PCCERT_CONTEXT, DWORD*);
  842     PCCERT_CHAIN_CONTEXT CertFindChainInStore(HCERTSTORE, DWORD, DWORD, DWORD,
  843 const(void)*, PCCERT_CHAIN_CONTEXT);
  844 
  845     BOOL CryptAcquireContextA(HCRYPTPROV*, LPCSTR, LPCSTR, DWORD, DWORD);
  846     BOOL CryptAcquireContextW(HCRYPTPROV*, LPCWSTR, LPCWSTR, DWORD, DWORD);
  847      BOOL CryptContextAddRef(HCRYPTPROV, DWORD*, DWORD);
  848     BOOL CryptReleaseContext(HCRYPTPROV, ULONG_PTR);
  849     BOOL CryptGenKey(HCRYPTPROV, ALG_ID, DWORD, HCRYPTKEY*);
  850     BOOL CryptDeriveKey(HCRYPTPROV, ALG_ID, HCRYPTHASH, DWORD, HCRYPTKEY*);
  851     BOOL CryptDestroyKey(HCRYPTKEY);
  852     static if (_WIN32_WINNT >= 0x500) {
  853         BOOL CryptDuplicateHash(HCRYPTHASH, DWORD*, DWORD, HCRYPTHASH*);
  854         BOOL CryptDuplicateKey(HCRYPTKEY, DWORD*, DWORD, HCRYPTKEY*);
  855     }
  856     BOOL CryptSetKeyParam(HCRYPTKEY, DWORD, PBYTE, DWORD);
  857     BOOL CryptGetKeyParam(HCRYPTKEY, DWORD, PBYTE, PDWORD, DWORD);
  858     BOOL CryptSetHashParam(HCRYPTHASH, DWORD, PBYTE, DWORD);
  859     BOOL CryptGetHashParam(HCRYPTHASH, DWORD, PBYTE, PDWORD, DWORD);
  860     BOOL CryptSetProvParam(HCRYPTPROV, DWORD, PBYTE, DWORD);
  861     BOOL CryptGetProvParam(HCRYPTPROV, DWORD, PBYTE, PDWORD, DWORD);
  862     BOOL CryptGenRandom(HCRYPTPROV, DWORD, PBYTE);
  863     BOOL CryptGetUserKey(HCRYPTPROV, DWORD, HCRYPTKEY*);
  864     BOOL CryptExportKey(HCRYPTKEY, HCRYPTKEY, DWORD, DWORD, PBYTE, PDWORD);
  865     BOOL CryptImportKey(HCRYPTPROV, PBYTE, DWORD, HCRYPTKEY, DWORD,
  866       HCRYPTKEY*);
  867     BOOL CryptEncrypt(HCRYPTKEY, HCRYPTHASH, BOOL, DWORD, PBYTE, PDWORD,
  868       DWORD);
  869     BOOL CryptDecrypt(HCRYPTKEY, HCRYPTHASH, BOOL, DWORD, PBYTE, PDWORD);
  870     BOOL CryptCreateHash(HCRYPTPROV, ALG_ID, HCRYPTKEY, DWORD, HCRYPTHASH*);
  871     BOOL CryptHashData(HCRYPTHASH, PBYTE, DWORD, DWORD);
  872     BOOL CryptHashSessionKey(HCRYPTHASH, HCRYPTKEY, DWORD);
  873     BOOL CryptGetHashValue(HCRYPTHASH, DWORD, PBYTE, PDWORD);
  874     BOOL CryptDestroyHash(HCRYPTHASH);
  875     BOOL CryptSignHashA(HCRYPTHASH, DWORD, LPCSTR, DWORD, PBYTE, PDWORD);
  876     BOOL CryptSignHashW(HCRYPTHASH, DWORD, LPCWSTR, DWORD, PBYTE, PDWORD);
  877     BOOL CryptVerifySignatureA(HCRYPTHASH, PBYTE, DWORD, HCRYPTKEY, LPCSTR,
  878       DWORD);
  879     BOOL CryptVerifySignatureW(HCRYPTHASH, PBYTE, DWORD, HCRYPTKEY, LPCWSTR,
  880       DWORD);
  881     BOOL CryptSetProviderA(LPCSTR, DWORD);
  882     BOOL CryptSetProviderW(LPCWSTR, DWORD);
  883 }
  884 
  885 version (Unicode) {
  886     alias CertNameToStrW CertNameToStr;
  887     alias CryptAcquireContextW CryptAcquireContext;
  888     alias CryptSignHashW CryptSignHash;
  889     alias CryptVerifySignatureW CryptVerifySignature;
  890     alias CryptSetProviderW CryptSetProvider;
  891     alias CertOpenSystemStoreW CertOpenSystemStore;
  892     /+alias CERT_FIND_SUBJECT_STR_W CERT_FIND_SUBJECT_STR;
  893     alias CERT_FIND_ISSUER_STR_W CERT_FIND_ISSUER_STR;+/
  894 } else {
  895     alias CertNameToStrA CertNameToStr;
  896     alias CryptAcquireContextA CryptAcquireContext;
  897     alias CryptSignHashA CryptSignHash;
  898     alias CryptVerifySignatureA CryptVerifySignature;
  899     alias CryptSetProviderA CryptSetProvider;
  900     alias CertOpenSystemStoreA CertOpenSystemStore;
  901     /+alias CERT_FIND_SUBJECT_STR_A CERT_FIND_SUBJECT_STR;
  902     alias CERT_FIND_ISSUER_STR_A CERT_FIND_ISSUER_STR;+/
  903 }