mssip.h
上传用户:dzyhzl
上传日期:2019-04-29
资源大小:56270k
文件大小:20k
- //+-------------------------------------------------------------------------
- //
- // Microsoft Windows - Internet Security
- //
- // Copyright (C) Microsoft Corporation, 1996 - 1997
- //
- // File: mssip.h
- //
- // Contents: Microsoft SIP Provider Main Include File
- //
- // History: 19-Feb-1997 pberkman Created
- //
- //--------------------------------------------------------------------------
- #ifndef MSSIP_H
- #define MSSIP_H
- #ifdef __cplusplus
- extern "C"
- {
- #endif
- #pragma pack (8)
- typedef CRYPT_HASH_BLOB CRYPT_DIGEST_DATA;
- //
- // dwflags
- //
- #define MSSIP_FLAGS_PROHIBIT_RESIZE_ON_CREATE 0x00010000
- #define MSSIP_FLAGS_USE_CATALOG 0x00020000
- #define SPC_INC_PE_RESOURCES_FLAG 0x80
- #define SPC_INC_PE_DEBUG_INFO_FLAG 0x40
- #define SPC_INC_PE_IMPORT_ADDR_TABLE_FLAG 0x20
- //////////////////////////////////////////////////////////////////////////////
- //
- // SIP_SUBJECTINFO
- //----------------------------------------------------------------------------
- // pass this structure to all defined SIPs. Make sure to initialize
- // the ENTIRE structure to binary zero before the FIRST call is made. Do
- // not initialize it BETWEEN calls!
- //
- typedef struct SIP_SUBJECTINFO_
- {
- DWORD cbSize; // set to sizeof(SIP_SUBJECTINFO)
- GUID *pgSubjectType; // subject type
- HANDLE hFile; // set to File handle that represents the subject
- // set to INVALID_HANDLE VALUE to allow
- // SIP to use pwsFileName for persistent
- // storage types (will handle open/close)
- LPCWSTR pwsFileName; // set to file name
- LPCWSTR pwsDisplayName; // optional: set to display name of
- // subject.
- DWORD dwReserved1; // do not use!
- DWORD dwIntVersion; // DO NOT SET OR CLEAR THIS.
- // This member is used by the sip for
- // passing the internal version number
- // between the ..get and verify... functions.
- HCRYPTPROV hProv;
- CRYPT_ALGORITHM_IDENTIFIER DigestAlgorithm;
- DWORD dwFlags;
- DWORD dwEncodingType;
- DWORD dwReserved2; // do not use!
- DWORD fdwCAPISettings; // setreg settings
- DWORD fdwSecuritySettings; // IE security settings
- DWORD dwIndex; // message index of last "Get"
- DWORD dwUnionChoice;
- # define MSSIP_ADDINFO_NONE 0
- # define MSSIP_ADDINFO_FLAT 1
- # define MSSIP_ADDINFO_CATMEMBER 2
- # define MSSIP_ADDINFO_BLOB 3
- # define MSSIP_ADDINFO_NONMSSIP 500 // everything < is reserved by MS.
- union
- {
- struct MS_ADDINFO_FLAT_ *psFlat;
- struct MS_ADDINFO_CATALOGMEMBER_ *psCatMember;
- struct MS_ADDINFO_BLOB_ *psBlob;
- };
- LPVOID pClientData; // data pased in from client to SIP
- } SIP_SUBJECTINFO, *LPSIP_SUBJECTINFO;
- //////////////////////////////////////////////////////////////////////////////
- //
- // MS_ADDINFO_FLAT
- //----------------------------------------------------------------------------
- // Flat or End-To-End types
- // needed for flat type files during indirect calls
- // "Digest" of file.
- //
- typedef struct MS_ADDINFO_FLAT_
- {
- DWORD cbStruct;
- struct SIP_INDIRECT_DATA_ *pIndirectData;
- } MS_ADDINFO_FLAT, *PMS_ADDINFO_FLAT;
- //////////////////////////////////////////////////////////////////////////////
- //
- // MS_ADDINFO_CATALOGMEMBER
- //----------------------------------------------------------------------------
- // Catalog Member verification.
- //
- typedef struct MS_ADDINFO_CATALOGMEMBER_
- {
- DWORD cbStruct; // = sizeof(MS_ADDINFO_CATALOGMEMBER)
- struct CRYPTCATSTORE_ *pStore; // defined in mscat.h
- struct CRYPTCATMEMBER_ *pMember; // defined in mscat.h
- } MS_ADDINFO_CATALOGMEMBER, *PMS_ADDINFO_CATALOGMEMBER;
- //////////////////////////////////////////////////////////////////////////////
- //
- // MS_ADDINFO_BLOB
- //----------------------------------------------------------------------------
- // Memory "blob" verification.
- //
- typedef struct MS_ADDINFO_BLOB_
- {
- DWORD cbStruct;
- DWORD cbMemObject;
- BYTE *pbMemObject;
-
- DWORD cbMemSignedMsg;
- BYTE *pbMemSignedMsg;
- } MS_ADDINFO_BLOB, *PMS_ADDINFO_BLOB;
- //////////////////////////////////////////////////////////////////////////////
- //
- // SIP_INDIRECT_DATA
- //----------------------------------------------------------------------------
- // Indirect data structure is used to store the hash of the subject
- // along with data that is relevant to the subject. This can include
- // names etc.
- //
- typedef struct SIP_INDIRECT_DATA_
- {
- CRYPT_ATTRIBUTE_TYPE_VALUE Data; // Encoded attribute
- CRYPT_ALGORITHM_IDENTIFIER DigestAlgorithm; // Digest algorithm used to hash
- CRYPT_HASH_BLOB Digest; // Hash of subject
- } SIP_INDIRECT_DATA, *PSIP_INDIRECT_DATA;
- #pragma pack()
- //////////////////////////////////////////////////////////////////////////////
- //
- // CryptSIPGetSignedDataMsg
- //----------------------------------------------------------------------------
- // Returns the message specified by the index count. Data, specific to
- // the subject is passed in through pSubjectInfo. To retrieve the
- // size of the signature, set pbData to NULL.
- //
- // Returns:
- // TRUE: No fatal errors
- // FALSE: Errors occured. See GetLastError()
- //
- // Last Errors:
- // ERROR_NOT_ENOUGH_MEMORY: error allocating memory
- // TRUST_E_SUBJECT_FORM_UNKNOWN: unknown subject type.
- // ERROR_INVALID_PARAMETER: bad argument passed in
- // ERROR_BAD_FORMAT: file/data format is not correct
- // for the requested SIP.
- // CRYPT_E_NO_MATCH: the signature could not be found
- // based on the dwIndex provided.
- // ERROR_INSUFFICIENT_BUFFER: the pbSignedDataMsg was not big
- // enough to hold the data. pcbSignedDataMsg
- // contains the required size.
- //
- extern BOOL WINAPI CryptSIPGetSignedDataMsg(
- IN SIP_SUBJECTINFO *pSubjectInfo,
- OUT DWORD *pdwEncodingType,
- IN DWORD dwIndex,
- IN OUT DWORD *pcbSignedDataMsg,
- OUT BYTE *pbSignedDataMsg);
- typedef BOOL (WINAPI * pCryptSIPGetSignedDataMsg)(
- IN SIP_SUBJECTINFO *pSubjectInfo,
- OUT DWORD *pdwEncodingType,
- IN DWORD dwIndex,
- IN OUT DWORD *pcbSignedDataMsg,
- OUT BYTE *pbSignedDataMsg);
- //////////////////////////////////////////////////////////////////////////////
- //
- // CryptSIPPuttSignedDataMsg
- //----------------------------------------------------------------------------
- // Adds a signature to the subject. The index that it was
- // stored with is returned for future reference.
- //
- // Returns:
- // TRUE: No fatal errors
- // FALSE: Errors occured. See GetLastError()
- //
- // Last Errors:
- // ERROR_NOT_ENOUGH_MEMORY: error allocating memory
- // TRUST_E_SUBJECT_FORM_UNKNOWN: unknown subject type.
- // CRYPT_E_BAD_LEN: the length specified in
- // psData->dwSignature was
- // insufficient.
- // CRYPT_E_NO_MATCH: could not find the specified index
- // ERROR_INVALID_PARAMETER: bad argument passed in
- // ERROR_BAD_FORMAT: file/data format is not correct
- // for the requested SIP.
- // CRYPT_E_FILERESIZED: returned when signing a fixed-length
- // file (e.g.: CABs) and the message
- // is larger than the pre-allocated
- // size. The 'put' function will re-
- // size the file and return this error.
- // The CreateIndirect function MUST be
- // called again to recalculate the
- // indirect data (hash). Then, call the
- // 'put' function again.
- //
- extern BOOL WINAPI CryptSIPPutSignedDataMsg(
- IN SIP_SUBJECTINFO *pSubjectInfo,
- IN DWORD dwEncodingType,
- OUT DWORD *pdwIndex,
- IN DWORD cbSignedDataMsg,
- IN BYTE *pbSignedDataMsg);
- typedef BOOL (WINAPI * pCryptSIPPutSignedDataMsg)(
- IN SIP_SUBJECTINFO *pSubjectInfo,
- IN DWORD dwEncodingType,
- OUT DWORD *pdwIndex,
- IN DWORD cbSignedDataMsg,
- IN BYTE *pbSignedDataMsg);
- //////////////////////////////////////////////////////////////////////////////
- //
- // CryptSIPCreateIndirectData
- //----------------------------------------------------------------------------
- // Returns a PSIP_INDIRECT_DATA structure filled in the hash, digest alogrithm
- // and an encoded attribute. If pcIndirectData points to a DWORD and
- // psIndirect data points to null the the size of the data should be returned
- // in pcIndirectData.
- //
- // Returns:
- // TRUE: No fatal errors
- // FALSE: Errors occured. See GetLastError()
- //
- // Last Errors:
- // NTE_BAD_ALGID: Bad Algorithm Identifyer
- // ERROR_NOT_ENOUGH_MEMORY: error allocating memory
- // TRUST_E_SUBJECT_FORM_UNKNOWN: unknown subject type.
- // ERROR_INVALID_PARAMETER: bad argument passed in
- // ERROR_BAD_FORMAT: file/data format is not correct
- // for the requested SIP.
- //
- extern BOOL WINAPI CryptSIPCreateIndirectData(
- IN SIP_SUBJECTINFO *pSubjectInfo,
- IN OUT DWORD *pcbIndirectData,
- OUT SIP_INDIRECT_DATA *pIndirectData);
- typedef BOOL (WINAPI * pCryptSIPCreateIndirectData)(
- IN SIP_SUBJECTINFO *pSubjectInfo,
- IN OUT DWORD *pcbIndirectData,
- OUT SIP_INDIRECT_DATA *pIndirectData);
- //////////////////////////////////////////////////////////////////////////////
- //
- // CryptSIPVerifyIndirectData
- //----------------------------------------------------------------------------
- // Takes the information stored in the indirect data and compares it to the
- // subject.
- //
- // Returns:
- // TRUE: No fatal errors
- // FALSE: Errors occured. See GetLastError()
- //
- // Last Errors:
- // NTE_BAD_ALGID: Bad Algorithm Identifyer
- // ERROR_NOT_ENOUGH_MEMORY: error allocating memory
- // TRUST_E_SUBJECT_FORM_UNKNOWN: unknown subject type.
- // CRYPT_E_NO_MATCH: could not find the specified index
- // CRYPT_E_SECURITY_SETTINGS: due to security settings, the file
- // was not verified.
- // ERROR_INVALID_PARAMETER: bad argument passed in
- // ERROR_BAD_FORMAT: file/data format is not correct
- // for the requested SIP.
- extern BOOL WINAPI CryptSIPVerifyIndirectData(
- IN SIP_SUBJECTINFO *pSubjectInfo,
- IN SIP_INDIRECT_DATA *pIndirectData);
- typedef BOOL (WINAPI * pCryptSIPVerifyIndirectData)(
- IN SIP_SUBJECTINFO *pSubjectInfo,
- IN SIP_INDIRECT_DATA *pIndirectData);
- //////////////////////////////////////////////////////////////////////////////
- //
- // CryptSIPRemoveSignedDataMsg
- //----------------------------------------------------------------------------
- // Removes the signature at the specified index
- //
- // Returns:
- // TRUE: No fatal errors
- // FALSE: Errors occured. See GetLastError()
- //
- // Last Errors:
- // TRUST_E_SUBJECT_FORM_UNKNOWN: unknown subject type.
- // CRYPT_E_NO_MATCH: could not find the specified index
- // ERROR_INVALID_PARAMETER: bad argument passed in
- // ERROR_BAD_FORMAT: file/data format is not correct
- // for the requested SIP.
- //
- extern BOOL WINAPI CryptSIPRemoveSignedDataMsg(
- IN SIP_SUBJECTINFO *pSubjectInfo,
- IN DWORD dwIndex);
- typedef BOOL (WINAPI * pCryptSIPRemoveSignedDataMsg)(
- IN SIP_SUBJECTINFO *pSubjectInfo,
- IN DWORD dwIndex);
- #pragma pack(8)
- //////////////////////////////////////////////////////////////////////////////
- //
- // SIP_DISPATCH_INFO
- //----------------------------------------------------------------------------
- //
- typedef struct SIP_DISPATCH_INFO_
- {
- DWORD cbSize; // = sizeof(SIP_DISPATCH_INFO)
- HANDLE hSIP; // used internal
- pCryptSIPGetSignedDataMsg pfGet;
- pCryptSIPPutSignedDataMsg pfPut;
- pCryptSIPCreateIndirectData pfCreate;
- pCryptSIPVerifyIndirectData pfVerify;
- pCryptSIPRemoveSignedDataMsg pfRemove;
- } SIP_DISPATCH_INFO, *LPSIP_DISPATCH_INFO;
- //
- // the sip exports this function to allow verification and signing
- // processes to pass in the file handle and check if the sip supports
- // this type of file. if it does, the sip will return TRUE and fill
- // out the pgSubject with the appropiate GUID.
- //
- typedef BOOL (WINAPI *pfnIsFileSupported)(IN HANDLE hFile,
- OUT GUID *pgSubject);
- typedef BOOL (WINAPI *pfnIsFileSupportedName)(IN WCHAR *pwszFileName,
- OUT GUID *pgSubject);
- typedef struct SIP_ADD_NEWPROVIDER_
- {
- DWORD cbStruct;
- GUID *pgSubject;
- WCHAR *pwszDLLFileName;
- WCHAR *pwszMagicNumber; // optional
-
- WCHAR *pwszIsFunctionName; // optiona: pfnIsFileSupported
- WCHAR *pwszGetFuncName;
- WCHAR *pwszPutFuncName;
- WCHAR *pwszCreateFuncName;
- WCHAR *pwszVerifyFuncName;
- WCHAR *pwszRemoveFuncName;
- WCHAR *pwszIsFunctionNameFmt2; // optiona: pfnIsFileSupported
- } SIP_ADD_NEWPROVIDER, *PSIP_ADD_NEWPROVIDER;
- #define SIP_MAX_MAGIC_NUMBER 4
- #pragma pack()
- //////////////////////////////////////////////////////////////////////////////
- //
- // CryptLoadSIP
- //----------------------------------------------------------------------------
- //
- // Returns:
- // TRUE: No fatal errors
- // FALSE: Errors occured. See GetLastError()
- //
- extern BOOL WINAPI CryptSIPLoad(IN const GUID *pgSubject, // GUID for the requried sip
- IN DWORD dwFlags, // Reserved - MUST BE ZERO
- IN OUT SIP_DISPATCH_INFO *pSipDispatch); // Table of functions
- //////////////////////////////////////////////////////////////////////////////
- //
- // CryptSIPRetrieveSubjectGuid (defined in crypt32.dll)
- //----------------------------------------------------------------------------
- // looks at the file's "Magic Number" and tries to determine which
- // SIP's object ID is right for the file type.
- //
- // NOTE: This function only supports the MSSIP32.DLL set of SIPs.
- //
- // Returns:
- // TRUE: No fatal errors
- // FALSE: Errors occured. See GetLastError()
- //
- extern BOOL WINAPI CryptSIPRetrieveSubjectGuid(IN LPCWSTR FileName, // wide file name
- IN OPTIONAL HANDLE hFileIn, // or handle of open file
- OUT GUID *pgSubject); // defined SIP's GUID
- //////////////////////////////////////////////////////////////////////////////
- //
- // CryptSIPRetrieveSubjectGuidForCatalogFile (defined in crypt32.dll)
- //----------------------------------------------------------------------------
- // looks at the file's "Magic Number" and tries to determine which
- // SIP's object ID is right for the file type.
- //
- // NOTE: This function only supports SIPs that are used for catalog files (either PE, CAB, or flat).
- //
- // Returns:
- // TRUE: No fatal errors
- // FALSE: Errors occured. See GetLastError()
- //
- extern BOOL WINAPI CryptSIPRetrieveSubjectGuidForCatalogFile(IN LPCWSTR FileName, // wide file name
- IN OPTIONAL HANDLE hFileIn, // or handle of open file
- OUT GUID *pgSubject); // defined SIP's GUID
- //////////////////////////////////////////////////////////////////////////////
- //
- // CryptSIPAddProvider
- //----------------------------------------------------------------------------
- //
- // Returns:
- // TRUE: No fatal errors
- // FALSE: Errors occured. See GetLastError()
- //
- extern BOOL WINAPI CryptSIPAddProvider(IN SIP_ADD_NEWPROVIDER *psNewProv);
- //////////////////////////////////////////////////////////////////////////////
- //
- // CryptSIPRemoveProvider
- //----------------------------------------------------------------------------
- //
- // Returns:
- // TRUE: No fatal errors
- // FALSE: Errors occured. See GetLastError()
- //
- extern BOOL WINAPI CryptSIPRemoveProvider(IN GUID *pgProv);
- #ifdef __cplusplus
- }
- #endif
- #endif // MSSIP_H
English
