mirror of https://github.com/dahall/Vanara.git
Next round of tweaks and fixes for Crypt32
parent
3e203d6b9b
commit
d585fe18a3
|
@ -1,5 +1,5 @@
|
|||
## Correlation report for crypt32.dll, bcrypt.dll, ncrypt.dll, tokenbinding.dll
|
||||
### Methods (100% complete, 358 of 358 functions)
|
||||
## Correlation report for crypt32.dll, bcrypt.dll, ncrypt.dll, tokenbinding.dll, cryptui.dll
|
||||
### Methods (100% complete, 367 of 367 functions)
|
||||
Native Method | Native DLL | Header | Managed Method
|
||||
--- | --- | --- | ---
|
||||
[BCryptAddContextFunction](http://msdn2.microsoft.com/en-us/library/4f5b6db0-775d-42de-b9d9-a99fb11c89f2) | bcrypt.dll | bcrypt.h | [Vanara.PInvoke.BCrypt.BCryptAddContextFunction](https://github.com/dahall/Vanara/search?l=C%23&q=BCryptAddContextFunction)
|
||||
|
@ -151,6 +151,7 @@ Native Method | Native DLL | Header | Managed Method
|
|||
[CertRetrieveLogoOrBiometricInfo](http://msdn2.microsoft.com/en-us/library/35813928-728e-40b7-b627-817d3094eeb1) | crypt32.dll | wincrypt.h | [Vanara.PInvoke.Crypt32.CertRetrieveLogoOrBiometricInfo](https://github.com/dahall/Vanara/search?l=C%23&q=CertRetrieveLogoOrBiometricInfo)
|
||||
[CertSaveStore](http://msdn2.microsoft.com/en-us/library/5cc818d7-b079-4962-aabc-fc512d4e92ac) | crypt32.dll | wincrypt.h | [Vanara.PInvoke.Crypt32.CertSaveStore](https://github.com/dahall/Vanara/search?l=C%23&q=CertSaveStore)
|
||||
[CertSelectCertificateChains](http://msdn2.microsoft.com/en-us/library/b740772b-d25b-4b3d-9acb-03f7018750d6) | crypt32.dll | wincrypt.h | [Vanara.PInvoke.Crypt32.CertSelectCertificateChains](https://github.com/dahall/Vanara/search?l=C%23&q=CertSelectCertificateChains)
|
||||
[CertSelectionGetSerializedBlob](http://msdn2.microsoft.com/en-us/library/6c3240f7-5121-401d-a4d4-df3055cb301a) | cryptui.dll | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CertSelectionGetSerializedBlob](https://github.com/dahall/Vanara/search?l=C%23&q=CertSelectionGetSerializedBlob)
|
||||
[CertSerializeCertificateStoreElement](http://msdn2.microsoft.com/en-us/library/104fc986-6344-41b7-8843-23c3c72405a2) | crypt32.dll | wincrypt.h | [Vanara.PInvoke.Crypt32.CertSerializeCertificateStoreElement](https://github.com/dahall/Vanara/search?l=C%23&q=CertSerializeCertificateStoreElement)
|
||||
[CertSerializeCRLStoreElement](http://msdn2.microsoft.com/en-us/library/4ab053cd-d3d4-483c-b0ff-b8de63d88707) | crypt32.dll | wincrypt.h | [Vanara.PInvoke.Crypt32.CertSerializeCRLStoreElement](https://github.com/dahall/Vanara/search?l=C%23&q=CertSerializeCRLStoreElement)
|
||||
[CertSerializeCTLStoreElement](http://msdn2.microsoft.com/en-us/library/63d343c1-fa65-4cd1-a210-3805c7d92208) | crypt32.dll | wincrypt.h | [Vanara.PInvoke.Crypt32.CertSerializeCTLStoreElement](https://github.com/dahall/Vanara/search?l=C%23&q=CertSerializeCTLStoreElement)
|
||||
|
@ -263,6 +264,14 @@ Native Method | Native DLL | Header | Managed Method
|
|||
[CryptSIPRetrieveSubjectGuidForCatalogFile](http://msdn2.microsoft.com/en-us/library/7f757dc8-948c-476e-aca3-a9051e962ed4) | crypt32.dll | mssip.h | [Vanara.PInvoke.Crypt32.CryptSIPRetrieveSubjectGuidForCatalogFile](https://github.com/dahall/Vanara/search?l=C%23&q=CryptSIPRetrieveSubjectGuidForCatalogFile)
|
||||
[CryptSIPVerifyIndirectData](http://msdn2.microsoft.com/en-us/library/137b8858-a31f-4ef6-96bd-c5e26ae7b3e8) | crypt32.dll | mssip.h | [Vanara.PInvoke.Crypt32.CryptSIPVerifyIndirectData](https://github.com/dahall/Vanara/search?l=C%23&q=CryptSIPVerifyIndirectData)
|
||||
[CryptStringToBinary](http://msdn2.microsoft.com/en-us/library/13b6f5ef-174a-4254-8492-6e7dcc58945f) | crypt32.dll | wincrypt.h | [Vanara.PInvoke.Crypt32.CryptStringToBinary](https://github.com/dahall/Vanara/search?l=C%23&q=CryptStringToBinary)
|
||||
[CryptUIDlgCertMgr](http://msdn2.microsoft.com/en-us/library/8d94694e-1724-42aa-99bb-6ed2c6d3bc0e) | cryptui.dll | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CryptUIDlgCertMgr](https://github.com/dahall/Vanara/search?l=C%23&q=CryptUIDlgCertMgr)
|
||||
[CryptUIDlgSelectCertificateFromStore](http://msdn2.microsoft.com/en-us/library/5774af1c-f2d4-4b1e-a20b-dfb57bf9aa37) | cryptui.dll | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CryptUIDlgSelectCertificateFromStore](https://github.com/dahall/Vanara/search?l=C%23&q=CryptUIDlgSelectCertificateFromStore)
|
||||
[CryptUIDlgViewCertificate](http://msdn2.microsoft.com/en-us/library/5107ff22-78c4-4005-80af-ff45781da6c7) | cryptui.dll | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CryptUIDlgViewCertificate](https://github.com/dahall/Vanara/search?l=C%23&q=CryptUIDlgViewCertificate)
|
||||
[CryptUIDlgViewContext](http://msdn2.microsoft.com/en-us/library/d4b8f01b-7c3e-4286-bc37-d5ec4a1e1c2f) | cryptui.dll | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CryptUIDlgViewContext](https://github.com/dahall/Vanara/search?l=C%23&q=CryptUIDlgViewContext)
|
||||
[CryptUIWizDigitalSign](http://msdn2.microsoft.com/en-us/library/1d01523e-d47b-49be-82c8-5e98f97be800) | cryptui.dll | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CryptUIWizDigitalSign](https://github.com/dahall/Vanara/search?l=C%23&q=CryptUIWizDigitalSign)
|
||||
[CryptUIWizExport](http://msdn2.microsoft.com/en-us/library/62537d51-c761-4180-b857-58c819ea66aa) | cryptui.dll | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CryptUIWizExport](https://github.com/dahall/Vanara/search?l=C%23&q=CryptUIWizExport)
|
||||
[CryptUIWizFreeDigitalSignContext](http://msdn2.microsoft.com/en-us/library/039615ee-0485-4698-944f-23359253767a) | cryptui.dll | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CryptUIWizFreeDigitalSignContext](https://github.com/dahall/Vanara/search?l=C%23&q=CryptUIWizFreeDigitalSignContext)
|
||||
[CryptUIWizImport](http://msdn2.microsoft.com/en-us/library/6b2b9c89-229a-4626-a8b4-fe2b7cc0af86) | cryptui.dll | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CryptUIWizImport](https://github.com/dahall/Vanara/search?l=C%23&q=CryptUIWizImport)
|
||||
[CryptUninstallDefaultContext](http://msdn2.microsoft.com/en-us/library/ad7be5cf-f078-4a9f-81c4-959e4203dba8) | crypt32.dll | wincrypt.h | [Vanara.PInvoke.Crypt32.CryptUninstallDefaultContext](https://github.com/dahall/Vanara/search?l=C%23&q=CryptUninstallDefaultContext)
|
||||
[CryptUnprotectData](http://msdn2.microsoft.com/en-us/library/54eab3b0-d341-47c6-9c32-79328d7a7155) | crypt32.dll | dpapi.h | [Vanara.PInvoke.Crypt32.CryptUnprotectData](https://github.com/dahall/Vanara/search?l=C%23&q=CryptUnprotectData)
|
||||
[CryptUnprotectMemory](http://msdn2.microsoft.com/en-us/library/1c7980ac-4e9e-43fd-b6d7-c0d0a69c8040) | crypt32.dll | dpapi.h | [Vanara.PInvoke.Crypt32.CryptUnprotectMemory](https://github.com/dahall/Vanara/search?l=C%23&q=CryptUnprotectMemory)
|
||||
|
@ -375,6 +384,7 @@ Native Structure | Header | Managed Structure
|
|||
[BCRYPT_PSS_PADDING_INFO](http://msdn2.microsoft.com/en-us/library/28605b34-b1e1-4460-a8f0-b0fe9f9b94d4) | bcrypt.h | [Vanara.PInvoke.BCrypt.BCRYPT_PSS_PADDING_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=BCRYPT_PSS_PADDING_INFO)
|
||||
[BCRYPT_SECRET_HANDLE](https://www.google.com/search?num=5&q=BCRYPT_SECRET_HANDLE+site%3Amicrosoft.com) | | [Vanara.PInvoke.BCrypt.BCRYPT_SECRET_HANDLE](https://github.com/dahall/Vanara/search?l=C%23&q=BCRYPT_SECRET_HANDLE)
|
||||
[CERT_CHAIN_CONTEXT](http://msdn2.microsoft.com/en-us/library/609311f4-9cd6-4945-9f93-7266b3fc4a74) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_CHAIN_CONTEXT](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_CHAIN_CONTEXT)
|
||||
[CERT_CHAIN_ELEMENT](http://msdn2.microsoft.com/en-us/library/a1f6ba18-63ef-43ac-a17f-900fa13398aa) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_CHAIN_ELEMENT](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_CHAIN_ELEMENT)
|
||||
[CERT_CHAIN_ENGINE_CONFIG](http://msdn2.microsoft.com/en-us/library/9e010eb9-2cbb-4fca-ba5c-4a5a50f23786) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_CHAIN_ENGINE_CONFIG](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_CHAIN_ENGINE_CONFIG)
|
||||
[CERT_CHAIN_PARA](http://msdn2.microsoft.com/en-us/library/86094e1c-be59-4a15-a05b-21769f80e653) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_CHAIN_PARA](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_CHAIN_PARA)
|
||||
[CERT_CHAIN_POLICY_PARA](http://msdn2.microsoft.com/en-us/library/5e4fffcb-132b-42c0-81b2-9f866e274c32) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_CHAIN_POLICY_PARA](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_CHAIN_POLICY_PARA)
|
||||
|
@ -391,13 +401,18 @@ Native Structure | Header | Managed Structure
|
|||
[CERT_PHYSICAL_STORE_INFO](http://msdn2.microsoft.com/en-us/library/ad86f388-27af-442a-a76f-f386f66296ac) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_PHYSICAL_STORE_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_PHYSICAL_STORE_INFO)
|
||||
[CERT_PUBLIC_KEY_INFO](https://www.google.com/search?num=5&q=CERT_PUBLIC_KEY_INFO+site%3Amicrosoft.com) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_PUBLIC_KEY_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_PUBLIC_KEY_INFO)
|
||||
[CERT_RDN](http://msdn2.microsoft.com/en-us/library/e84254b9-e9a7-4689-a12f-2772282c5433) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_RDN](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_RDN)
|
||||
[CERT_REVOCATION_CRL_INFO](http://msdn2.microsoft.com/en-us/library/069ff521-90fd-4de8-9b5c-045e44e87f75) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_REVOCATION_CRL_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_REVOCATION_CRL_INFO)
|
||||
[CERT_REVOCATION_INFO](http://msdn2.microsoft.com/en-us/library/798aa2d7-bf8a-425f-bc36-98a44ba3a9d6) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_REVOCATION_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_REVOCATION_INFO)
|
||||
[CERT_REVOCATION_PARA](http://msdn2.microsoft.com/en-us/library/730db593-c55f-4ecf-bcac-5de54ab90db6) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_REVOCATION_PARA](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_REVOCATION_PARA)
|
||||
[CERT_REVOCATION_STATUS](http://msdn2.microsoft.com/en-us/library/087ea37a-907a-4652-a5df-dd8e86755490) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_REVOCATION_STATUS](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_REVOCATION_STATUS)
|
||||
[CERT_SELECT_CHAIN_PARA](http://msdn2.microsoft.com/en-us/library/55c6c063-2a65-40ad-8d3f-7723b83cf021) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_SELECT_CHAIN_PARA](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_SELECT_CHAIN_PARA)
|
||||
[CERT_SELECT_CRITERIA](http://msdn2.microsoft.com/en-us/library/246722a9-5db6-4a82-8f29-f60f0a2263e3) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_SELECT_CRITERIA](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_SELECT_CRITERIA)
|
||||
[CERT_SELECTUI_INPUT](http://msdn2.microsoft.com/en-us/library/8953cddd-86b6-4781-8dca-b5fd3d298bc8) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CERT_SELECTUI_INPUT](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_SELECTUI_INPUT)
|
||||
[CERT_SIMPLE_CHAIN](http://msdn2.microsoft.com/en-us/library/c130cab4-bf8d-429a-beb7-04cb5d37d466) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_SIMPLE_CHAIN](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_SIMPLE_CHAIN)
|
||||
[CERT_STRONG_SIGN_PARA](http://msdn2.microsoft.com/en-us/library/12D9F82C-F484-43B0-BD55-F07321058671) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_STRONG_SIGN_PARA](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_STRONG_SIGN_PARA)
|
||||
[CERT_SYSTEM_STORE_INFO](http://msdn2.microsoft.com/en-us/library/9c17ebd9-423b-4063-bdc3-6be70ceb8623) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_SYSTEM_STORE_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_SYSTEM_STORE_INFO)
|
||||
[CERT_SYSTEM_STORE_RELOCATE_PARA](http://msdn2.microsoft.com/en-us/library/3bcb9b64-b9cf-48b2-bfd1-0836b3d221af) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_SYSTEM_STORE_RELOCATE_PARA](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_SYSTEM_STORE_RELOCATE_PARA)
|
||||
[CERT_TRUST_LIST_INFO](http://msdn2.microsoft.com/en-us/library/774f5626-9b48-4585-b713-adbf191861cc) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_TRUST_LIST_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_TRUST_LIST_INFO)
|
||||
[CERT_TRUST_STATUS](http://msdn2.microsoft.com/en-us/library/af1e1db2-7b53-4491-8317-4abf3568fb03) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_TRUST_STATUS](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_TRUST_STATUS)
|
||||
[CERT_USAGE_MATCH](http://msdn2.microsoft.com/en-us/library/6154f1f7-4293-4b8e-91ab-9f57bb6f5743) | wincrypt.h | [Vanara.PInvoke.Crypt32.CERT_USAGE_MATCH](https://github.com/dahall/Vanara/search?l=C%23&q=CERT_USAGE_MATCH)
|
||||
[CMSG_CMS_SIGNER_INFO](http://msdn2.microsoft.com/en-us/library/177323ef-4e26-4681-a474-1a99fb6900af) | wincrypt.h | [Vanara.PInvoke.Crypt32.CMSG_CMS_SIGNER_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CMSG_CMS_SIGNER_INFO)
|
||||
|
@ -459,6 +474,18 @@ Native Structure | Header | Managed Structure
|
|||
[CRYPTCATSTORE](http://msdn2.microsoft.com/en-us/library/65a15797-453c-4f47-8ea1-c92e616b50aa) | mscat.h | [Vanara.PInvoke.Crypt32.CRYPTCATSTORE](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTCATSTORE)
|
||||
[CRYPTOAPI_BLOB](https://www.google.com/search?num=5&q=CRYPTOAPI_BLOB+site%3Amicrosoft.com) | wincrypt.h | [Vanara.PInvoke.Crypt32.CRYPTOAPI_BLOB](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTOAPI_BLOB)
|
||||
[CRYPTPROTECT_PROMPTSTRUCT](http://msdn2.microsoft.com/en-us/library/412ce598-a7c9-446d-bd98-6583a20d6cd7) | dpapi.h | [Vanara.PInvoke.Crypt32.CRYPTPROTECT_PROMPTSTRUCT](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTPROTECT_PROMPTSTRUCT)
|
||||
[CRYPTUI_CERT_MGR_STRUCT](http://msdn2.microsoft.com/en-us/library/e6c24d16-0ae2-443c-8971-2d7da3aae963) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CRYPTUI_CERT_MGR_STRUCT](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_CERT_MGR_STRUCT)
|
||||
[CRYPTUI_INITDIALOG_STRUCT](http://msdn2.microsoft.com/en-us/library/c6335c02-3b3e-45e2-bb58-b7213aea500b) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CRYPTUI_INITDIALOG_STRUCT](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_INITDIALOG_STRUCT)
|
||||
[CRYPTUI_VIEWCERTIFICATE_STRUCT](http://msdn2.microsoft.com/en-us/library/7bbd58df-3a1b-4d82-9a90-7c94260a7165) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CRYPTUI_VIEWCERTIFICATE_STRUCT](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_VIEWCERTIFICATE_STRUCT)
|
||||
[CRYPTUI_WIZ_DIGITAL_SIGN_BLOB_INFO](http://msdn2.microsoft.com/en-us/library/9750f52a-f605-4f43-98e1-0f0ea947a214) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CRYPTUI_WIZ_DIGITAL_SIGN_BLOB_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_WIZ_DIGITAL_SIGN_BLOB_INFO)
|
||||
[CRYPTUI_WIZ_DIGITAL_SIGN_CERT_PVK_INFO](http://msdn2.microsoft.com/en-us/library/0316ed0b-d4e5-4102-9ab0-637e96c7d9f5) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CRYPTUI_WIZ_DIGITAL_SIGN_CERT_PVK_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_WIZ_DIGITAL_SIGN_CERT_PVK_INFO)
|
||||
[CRYPTUI_WIZ_DIGITAL_SIGN_CONTEXT](http://msdn2.microsoft.com/en-us/library/3e4eb745-0c28-4ce5-870b-d24565ef0cae) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CRYPTUI_WIZ_DIGITAL_SIGN_CONTEXT](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_WIZ_DIGITAL_SIGN_CONTEXT)
|
||||
[CRYPTUI_WIZ_DIGITAL_SIGN_EXTENDED_INFO](http://msdn2.microsoft.com/en-us/library/e061aac4-8c9f-4282-a8f8-bc0c5a10e566) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CRYPTUI_WIZ_DIGITAL_SIGN_EXTENDED_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_WIZ_DIGITAL_SIGN_EXTENDED_INFO)
|
||||
[CRYPTUI_WIZ_DIGITAL_SIGN_PVK_FILE_INFO](http://msdn2.microsoft.com/en-us/library/0e737661-2cc3-47be-ab32-0efbc18fefbd) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CRYPTUI_WIZ_DIGITAL_SIGN_PVK_FILE_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_WIZ_DIGITAL_SIGN_PVK_FILE_INFO)
|
||||
[CRYPTUI_WIZ_DIGITAL_SIGN_STORE_INFO](http://msdn2.microsoft.com/en-us/library/d3ffbf1c-e8c2-44ab-84d2-d32350d04407) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CRYPTUI_WIZ_DIGITAL_SIGN_STORE_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_WIZ_DIGITAL_SIGN_STORE_INFO)
|
||||
[CRYPTUI_WIZ_EXPORT_CERTCONTEXT_INFO](http://msdn2.microsoft.com/en-us/library/6be86c4f-0ac7-43c2-81fb-9767279ebeaf) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CRYPTUI_WIZ_EXPORT_CERTCONTEXT_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_WIZ_EXPORT_CERTCONTEXT_INFO)
|
||||
[CRYPTUI_WIZ_EXPORT_INFO](http://msdn2.microsoft.com/en-us/library/3c509bb6-d391-4b59-809c-23466c8196ea) | cryptuiapi.h | [Vanara.PInvoke.CryptUI.CRYPTUI_WIZ_EXPORT_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_WIZ_EXPORT_INFO)
|
||||
[CRYPTUI_WIZ_EXPORT_INFO_UNION](https://www.google.com/search?num=5&q=CRYPTUI_WIZ_EXPORT_INFO_UNION+site%3Amicrosoft.com) | | [Vanara.PInvoke.CryptUI.CRYPTUI_WIZ_EXPORT_INFO.CRYPTUI_WIZ_EXPORT_INFO_UNION](https://github.com/dahall/Vanara/search?l=C%23&q=CRYPTUI_WIZ_EXPORT_INFO_UNION)
|
||||
[CTL_CONTEXT](http://msdn2.microsoft.com/en-us/library/780edddf-1b44-4292-9156-4dfd5100adb8) | wincrypt.h | [Vanara.PInvoke.Crypt32.CTL_CONTEXT](https://github.com/dahall/Vanara/search?l=C%23&q=CTL_CONTEXT)
|
||||
[CTL_ENTRY](http://msdn2.microsoft.com/en-us/library/ebc63847-b641-4205-b15c-7b32c1426c21) | wincrypt.h | [Vanara.PInvoke.Crypt32.CTL_ENTRY](https://github.com/dahall/Vanara/search?l=C%23&q=CTL_ENTRY)
|
||||
[CTL_INFO](http://msdn2.microsoft.com/en-us/library/83b015b5-a650-4a81-a9f0-c3e8a9805c81) | wincrypt.h | [Vanara.PInvoke.Crypt32.CTL_INFO](https://github.com/dahall/Vanara/search?l=C%23&q=CTL_INFO)
|
||||
|
@ -497,6 +524,7 @@ Native Structure | Header | Managed Structure
|
|||
[PCCERT_CONTEXT](https://www.google.com/search?num=5&q=PCCERT_CONTEXT+site%3Amicrosoft.com) | | [Vanara.PInvoke.Crypt32.PCCERT_CONTEXT](https://github.com/dahall/Vanara/search?l=C%23&q=PCCERT_CONTEXT)
|
||||
[PCCERT_SERVER_OCSP_RESPONSE_CONTEXT](https://www.google.com/search?num=5&q=PCCERT_SERVER_OCSP_RESPONSE_CONTEXT+site%3Amicrosoft.com) | | [Vanara.PInvoke.Crypt32.PCCERT_SERVER_OCSP_RESPONSE_CONTEXT](https://github.com/dahall/Vanara/search?l=C%23&q=PCCERT_SERVER_OCSP_RESPONSE_CONTEXT)
|
||||
[PCCRL_CONTEXT](https://www.google.com/search?num=5&q=PCCRL_CONTEXT+site%3Amicrosoft.com) | | [Vanara.PInvoke.Crypt32.PCCRL_CONTEXT](https://github.com/dahall/Vanara/search?l=C%23&q=PCCRL_CONTEXT)
|
||||
[PCCRYPTUI_WIZ_DIGITAL_SIGN_CONTEXT](https://www.google.com/search?num=5&q=PCCRYPTUI_WIZ_DIGITAL_SIGN_CONTEXT+site%3Amicrosoft.com) | | [Vanara.PInvoke.CryptUI.PCCRYPTUI_WIZ_DIGITAL_SIGN_CONTEXT](https://github.com/dahall/Vanara/search?l=C%23&q=PCCRYPTUI_WIZ_DIGITAL_SIGN_CONTEXT)
|
||||
[PCCTL_CONTEXT](https://www.google.com/search?num=5&q=PCCTL_CONTEXT+site%3Amicrosoft.com) | | [Vanara.PInvoke.Crypt32.PCCTL_CONTEXT](https://github.com/dahall/Vanara/search?l=C%23&q=PCCTL_CONTEXT)
|
||||
[PUBLICKEYSTRUC](http://msdn2.microsoft.com/en-us/library/99d41222-b4ca-40f3-a240-52b0a9b3a9aa) | wincrypt.h | [Vanara.PInvoke.Crypt32.PUBLICKEYSTRUC](https://github.com/dahall/Vanara/search?l=C%23&q=PUBLICKEYSTRUC)
|
||||
[SIP_ADD_NEWPROVIDER](http://msdn2.microsoft.com/en-us/library/5ca88c0c-a7c9-4517-a874-49d38c1bc7c3) | mssip.h | [Vanara.PInvoke.Crypt32.SIP_ADD_NEWPROVIDER](https://github.com/dahall/Vanara/search?l=C%23&q=SIP_ADD_NEWPROVIDER)
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Runtime.InteropServices;
|
||||
using Vanara.InteropServices;
|
||||
|
||||
namespace Vanara.PInvoke
|
||||
{
|
||||
|
@ -829,7 +831,7 @@ namespace Vanara.PInvoke
|
|||
// pEndTime, PCERT_EXTENSIONS pExtensions );
|
||||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "89028c4e-f896-4c50-9fa2-bcb4e1784244")]
|
||||
public static extern SafePCCERT_CONTEXT CertCreateSelfSignCertificate(HCRYPTPROV hCryptProvOrNCryptKey, in CRYPTOAPI_BLOB pSubjectIssuerBlob, CertCreateSelfSignFlags dwFlags, IntPtr pKeyProvInfo, IntPtr pSignatureAlgorithm, IntPtr pStartTime, IntPtr pEndTime, IntPtr pExtensions);
|
||||
public static extern SafePCCERT_CONTEXT CertCreateSelfSignCertificate(IntPtr hCryptProvOrNCryptKey, in CRYPTOAPI_BLOB pSubjectIssuerBlob, CertCreateSelfSignFlags dwFlags, IntPtr pKeyProvInfo, IntPtr pSignatureAlgorithm, IntPtr pStartTime, IntPtr pEndTime, IntPtr pExtensions);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertCreateSelfSignCertificate</c> function builds a self-signed certificate and returns a pointer to a CERT_CONTEXT
|
||||
|
@ -915,7 +917,7 @@ namespace Vanara.PInvoke
|
|||
// pEndTime, PCERT_EXTENSIONS pExtensions );
|
||||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "89028c4e-f896-4c50-9fa2-bcb4e1784244")]
|
||||
public static extern SafePCCERT_CONTEXT CertCreateSelfSignCertificate(NCrypt.NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey, in CRYPTOAPI_BLOB pSubjectIssuerBlob, CertCreateSelfSignFlags dwFlags, IntPtr pKeyProvInfo, IntPtr pSignatureAlgorithm, IntPtr pStartTime, IntPtr pEndTime, IntPtr pExtensions);
|
||||
public static extern SafePCCERT_CONTEXT CertCreateSelfSignCertificate(IntPtr hCryptProvOrNCryptKey, in CRYPTOAPI_BLOB pSubjectIssuerBlob, CertCreateSelfSignFlags dwFlags, in CRYPT_KEY_PROV_INFO pKeyProvInfo, in CRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, IntPtr pStartTime, IntPtr pEndTime, IntPtr pExtensions);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertCreateSelfSignCertificate</c> function builds a self-signed certificate and returns a pointer to a CERT_CONTEXT
|
||||
|
@ -1001,93 +1003,7 @@ namespace Vanara.PInvoke
|
|||
// pEndTime, PCERT_EXTENSIONS pExtensions );
|
||||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "89028c4e-f896-4c50-9fa2-bcb4e1784244")]
|
||||
public static extern SafePCCERT_CONTEXT CertCreateSelfSignCertificate(HCRYPTPROV hCryptProvOrNCryptKey, in CRYPTOAPI_BLOB pSubjectIssuerBlob, CertCreateSelfSignFlags dwFlags, in CRYPT_KEY_PROV_INFO pKeyProvInfo, in CRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, in SYSTEMTIME pStartTime, in SYSTEMTIME pEndTime, in CERT_EXTENSIONS pExtensions);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertCreateSelfSignCertificate</c> function builds a self-signed certificate and returns a pointer to a CERT_CONTEXT
|
||||
/// structure that represents the certificate.
|
||||
/// </summary>
|
||||
/// <param name="hCryptProvOrNCryptKey">
|
||||
/// <para>
|
||||
/// A handle of a cryptographic provider used to sign the certificate created. If <c>NULL</c>, information from the pKeyProvInfo
|
||||
/// parameter is used to acquire the needed handle. If pKeyProvInfo is also <c>NULL</c>, the default provider type, PROV_RSA_FULL
|
||||
/// provider type, the default key specification, AT_SIGNATURE, and a newly created key container with a unique container name are used.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// This handle must be an HCRYPTPROV handle that has been created by using the CryptAcquireContext function or an
|
||||
/// <c>NCRYPT_KEY_HANDLE</c> handle that has been created by using the NCryptOpenKey function. New applications should always pass
|
||||
/// in the <c>NCRYPT_KEY_HANDLE</c> handle of a CNG cryptographic service provider (CSP).
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <param name="pSubjectIssuerBlob">
|
||||
/// A pointer to a BLOB that contains the distinguished name (DN) for the certificate subject. This parameter cannot be <c>NULL</c>.
|
||||
/// Minimally, a pointer to an empty DN must be provided. This BLOB is normally created by using the CertStrToName function. It can
|
||||
/// also be created by using the CryptEncodeObject function and specifying either the X509_NAME or X509_UNICODE_NAME StructType.
|
||||
/// </param>
|
||||
/// <param name="dwFlags">
|
||||
/// <para>
|
||||
/// A set of flags that override the default behavior of this function. This can be zero or a combination of one or more of the
|
||||
/// following values.
|
||||
/// </para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_CREATE_SELFSIGN_NO_KEY_INFO 2</term>
|
||||
/// <term>
|
||||
/// By default, the returned PCCERT_CONTEXT references the private keys by setting the CERT_KEY_PROV_INFO_PROP_ID. If you do not
|
||||
/// want the returned PCCERT_CONTEXT to reference private keys by setting the CERT_KEY_PROV_INFO_PROP_ID, specify CERT_CREATE_SELFSIGN_NO_KEY_INFO.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_CREATE_SELFSIGN_NO_SIGN 1</term>
|
||||
/// <term>
|
||||
/// By default, the certificate being created is signed. If the certificate being created is only a dummy placeholder, the
|
||||
/// certificate might not need to be signed. Signing of the certificate is skipped if CERT_CREATE_SELFSIGN_NO_SIGN is specified.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="pKeyProvInfo">
|
||||
/// <para>
|
||||
/// A pointer to a CRYPT_KEY_PROV_INFO structure. Before a certificate is created, the CSP is queried for the key provider, key
|
||||
/// provider type, and the key container name. If the CSP queried does not support these queries, the function fails. If the default
|
||||
/// provider does not support these queries, a pKeyProvInfo value must be specified. The RSA BASE does support these queries.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// If the pKeyProvInfo parameter is not <c>NULL</c>, the corresponding values are set in the <c>CERT_KEY_PROV_INFO_PROP_ID</c>
|
||||
/// value of the generated certificate. You must ensure that all parameters of the supplied structure are correctly specified.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <param name="pSignatureAlgorithm">
|
||||
/// A pointer to a CRYPT_ALGORITHM_IDENTIFIER structure. If <c>NULL</c>, the default algorithm, SHA1RSA, is used.
|
||||
/// </param>
|
||||
/// <param name="pStartTime">A pointer to a SYSTEMTIME structure. If <c>NULL</c>, the system current time is used by default.</param>
|
||||
/// <param name="pEndTime">
|
||||
/// A pointer to a SYSTEMTIME structure. If <c>NULL</c>, the pStartTime value plus one year will be used by default.
|
||||
/// </param>
|
||||
/// <param name="pExtensions">
|
||||
/// A pointer to a CERT_EXTENSIONS array of CERT_EXTENSION structures. By default, the array is empty. An alternate subject name, if
|
||||
/// desired, can be specified as one of these extensions.
|
||||
/// </param>
|
||||
/// <returns>
|
||||
/// If the function succeeds, a PCCERT_CONTEXT variable that points to the created certificate is returned. If the function fails,
|
||||
/// it returns <c>NULL</c>. For extended error information, call GetLastError.
|
||||
/// </returns>
|
||||
/// <remarks>
|
||||
/// As the pEndTime must be a valid date, and is automatically generated if it is not supplied by the user, unexpected failures may
|
||||
/// easily be caused when this API is called on a leap day without accompanying app logic to compensate. For more information,
|
||||
/// please see leap year readiness.
|
||||
/// </remarks>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certcreateselfsigncertificate PCCERT_CONTEXT
|
||||
// CertCreateSelfSignCertificate( HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey, PCERT_NAME_BLOB pSubjectIssuerBlob, DWORD
|
||||
// dwFlags, PCRYPT_KEY_PROV_INFO pKeyProvInfo, PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, PSYSTEMTIME pStartTime, PSYSTEMTIME
|
||||
// pEndTime, PCERT_EXTENSIONS pExtensions );
|
||||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "89028c4e-f896-4c50-9fa2-bcb4e1784244")]
|
||||
public static extern SafePCCERT_CONTEXT CertCreateSelfSignCertificate(NCrypt.NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey, in CRYPTOAPI_BLOB pSubjectIssuerBlob, CertCreateSelfSignFlags dwFlags, in CRYPT_KEY_PROV_INFO pKeyProvInfo, in CRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, in SYSTEMTIME pStartTime, in SYSTEMTIME pEndTime, in CERT_EXTENSIONS pExtensions);
|
||||
public static extern SafePCCERT_CONTEXT CertCreateSelfSignCertificate(IntPtr hCryptProvOrNCryptKey, in CRYPTOAPI_BLOB pSubjectIssuerBlob, CertCreateSelfSignFlags dwFlags, in CRYPT_KEY_PROV_INFO pKeyProvInfo, in CRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, in SYSTEMTIME pStartTime, in SYSTEMTIME pEndTime, in CERT_EXTENSIONS pExtensions);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertDeleteCertificateFromStore</c> function deletes the specified certificate context from the certificate store.
|
||||
|
@ -1502,6 +1418,298 @@ namespace Vanara.PInvoke
|
|||
public static extern SafePCCERT_CONTEXT CertFindCertificateInStore(HCERTSTORE hCertStore, CertEncodingType dwCertEncodingType, CertFindUsageFlags dwFindFlags,
|
||||
CertFindType dwFindType, [In] IntPtr pvFindPara, PCCERT_CONTEXT pPrevCertContext);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertFindCertificateInStore</c> function finds the first or next certificate context in a certificate store that matches a
|
||||
/// search criteria established by the dwFindType and its associated pvFindPara. This function can be used in a loop to find all of
|
||||
/// the certificates in a certificate store that match the specified find criteria.
|
||||
/// </summary>
|
||||
/// <param name="hCertStore">A handle of the certificate store to be searched.</param>
|
||||
/// <param name="dwCertEncodingType">
|
||||
/// <para>
|
||||
/// Specifies the type of encoding used. Both the certificate and message encoding types must be specified by combining them with a
|
||||
/// bitwise- <c>OR</c> operation as shown in the following example:
|
||||
/// </para>
|
||||
/// <para>X509_ASN_ENCODING | PKCS_7_ASN_ENCODING Currently defined encoding types are:</para>
|
||||
/// <list type="bullet">
|
||||
/// <item>
|
||||
/// <term>X509_ASN_ENCODING</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>PKCS_7_ASN_ENCODING</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="dwFindFlags">
|
||||
/// Used with some dwFindType values to modify the search criteria. For most dwFindType values, dwFindFlags is not used and should
|
||||
/// be set to zero. For detailed information, see Remarks.
|
||||
/// </param>
|
||||
/// <param name="dwFindType">
|
||||
/// <para>
|
||||
/// Specifies the type of search being made. The search type determines the data type, contents, and the use of pvFindPara. This
|
||||
/// parameter can be one of the following values.
|
||||
/// </para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_ANY</term>
|
||||
/// <term>Data type of pvFindPara: NULL, not used. No search criteria used. Returns the next certificate in the store.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_CERT_ID</term>
|
||||
/// <term>Data type of pvFindPara: CERT_ID structure. Find the certificate identified by the specified CERT_ID.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_CTL_USAGE</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CTL_USAGE structure. Searches for a certificate that has a szOID_ENHANCED_KEY_USAGE extension or a
|
||||
/// CERT_CTL_PROP_ID that matches the pszUsageIdentifier member of the CTL_USAGE structure.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_ENHKEY_USAGE</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CERT_ENHKEY_USAGE structure. Searches for a certificate in the store that has either an enhanced key
|
||||
/// usage extension or an enhanced key usage property and a usage identifier that matches the cUsageIdentifier member in the
|
||||
/// CERT_ENHKEY_USAGE structure. A certificate has an enhanced key usage extension if it has a CERT_EXTENSION structure with the
|
||||
/// pszObjId member set to szOID_ENHANCED_KEY_USAGE. A certificate has an enhanced key usage property if its
|
||||
/// CERT_ENHKEY_USAGE_PROP_ID identifier is set. If CERT_FIND_OPTIONAL_ENHKEY_USAGE_FLAG is set in dwFindFlags, certificates without
|
||||
/// the key usage extension or property are also matches. Setting this flag takes precedence over passing NULL in pvFindPara. If
|
||||
/// CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG is set, a match is done only on the key usage extension. For information about flag
|
||||
/// modifications to search criteria, see Remarks.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_EXISTING</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CERT_CONTEXT structure. Searches for a certificate that is an exact match of the specified certificate context.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_HASH</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CRYPT_HASH_BLOB structure. Searches for a certificate with a SHA1 hash that matches the hash in the
|
||||
/// CRYPT_HASH_BLOB structure.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_HAS_PRIVATE_KEY</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: NULL, not used. Searches for a certificate that has a private key. The key can be ephemeral or saved on
|
||||
/// disk. The key can be a legacy Cryptography API (CAPI) key or a CNG key. Windows 8 and Windows Server 2012: Support for this flag begins.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_ISSUER_ATTR</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CERT_RDN structure. Searches for a certificate with specified issuer attributes that match attributes
|
||||
/// in the CERT_RDN structure. If these values are set, the function compares attributes of the issuer in a certificate with
|
||||
/// elements of the CERT_RDN_ATTR array in this CERT_RDN structure. Comparisons iterate through the CERT_RDN_ATTR attributes looking
|
||||
/// for a match with the certificate's issuer attributes. If the pszObjId member of CERT_RDN_ATTR is NULL, the attribute object
|
||||
/// identifier is ignored. If the dwValueType member of CERT_RDN_ATTR is CERT_RDN_ANY_TYPE, the value type is ignored. If the pbData
|
||||
/// member of CERT_RDN_VALUE_BLOB is NULL, any value is a match. Currently only an exact, case-sensitive match is supported. For
|
||||
/// information about Unicode options, see Remarks. When these values are set, the search is restricted to certificates whose
|
||||
/// encoding type matches dwCertEncodingType.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_ISSUER_NAME</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CERT_NAME_BLOB structure. Search for a certificate with an exact match of the entire issuer name with
|
||||
/// the name in CERT_NAME_BLOB The search is restricted to certificates that match the dwCertEncodingType.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_ISSUER_OF</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CERT_CONTEXT structure. Searches for a certificate with an subject that matches the issuer in
|
||||
/// CERT_CONTEXT. Instead of using CertFindCertificateInStore with this value, use the CertGetCertificateChain function.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_ISSUER_STR</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: Null-terminated Unicode string. Searches for a certificate that contains the specified issuer name
|
||||
/// string. The certificate's issuer member is converted to a name string of the appropriate type using the appropriate form of
|
||||
/// CertNameToStr formatted as CERT_SIMPLE_NAME_STR. Then a case-insensitive substring-within-a-string match is performed. When this
|
||||
/// value is set, the search is restricted to certificates whose encoding type matches dwCertEncodingType. If the substring match
|
||||
/// fails and the subject contains an email RDN with Punycode encoded string, CERT_NAME_STR_ENABLE_PUNYCODE_FLAG is used to convert
|
||||
/// the subject to a Unicode string and the substring match is performed again.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_KEY_IDENTIFIER</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CRYPT_HASH_BLOB structure. Searches for a certificate with a CERT_KEY_IDENTIFIER_PROP_ID property that
|
||||
/// matches the key identifier in CRYPT_HASH_BLOB.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_KEY_SPEC</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: DWORD variable that contains a key specification. Searches for a certificate that has a
|
||||
/// CERT_KEY_SPEC_PROP_ID property that matches the key specification in pvFindPara.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_MD5_HASH</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CRYPT_HASH_BLOB structure. Searches for a certificate with an MD5 hash that matches the hash in CRYPT_HASH_BLOB.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_PROPERTY</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: DWORD variable that contains a property identifier. Searches for a certificate with a property that
|
||||
/// matches the property identifier specified by the DWORD value in pvFindPara.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_PUBLIC_KEY</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CERT_PUBLIC_KEY_INFO structure. Searches for a certificate with a public key that matches the public
|
||||
/// key in the CERT_PUBLIC_KEY_INFO structure.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_SHA1_HASH</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CRYPT_HASH_BLOB structure. Searches for a certificate with a SHA1 hash that matches the hash in the
|
||||
/// CRYPT_HASH_BLOB structure.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_SIGNATURE_HASH</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CRYPT_HASH_BLOB structure. Searches for a certificate with a signature hash that matches the signature
|
||||
/// hash in the CRYPT_HASH_BLOB structure.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_SUBJECT_ATTR</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CERT_RDN structure. Searches for a certificate with specified subject attributes that match attributes
|
||||
/// in the CERT_RDN structure. If RDN values are set, the function compares attributes of the subject in a certificate with elements
|
||||
/// of the CERT_RDN_ATTR array in this CERT_RDN structure. Comparisons iterate through the CERT_RDN_ATTR attributes looking for a
|
||||
/// match with the certificate's subject's attributes. If the pszObjId member of CERT_RDN_ATTR is NULL, the attribute object
|
||||
/// identifier is ignored. If the dwValueType member of CERT_RDN_ATTR is CERT_RDN_ANY_TYPE, the value type is ignored. If the pbData
|
||||
/// member of CERT_RDN_VALUE_BLOB is NULL, any value is a match. Currently only an exact, case-sensitive match is supported. For
|
||||
/// information about Unicode options, see Remarks. When these values are set, the search is restricted to certificates whose
|
||||
/// encoding type matches dwCertEncodingType.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_SUBJECT_CERT</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CERT_INFO structure. Searches for a certificate with both an issuer and a serial number that match the
|
||||
/// issuer and serial number in the CERT_INFO structure.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_SUBJECT_NAME</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CERT_NAME_BLOB structure. Searches for a certificate with an exact match of the entire subject name
|
||||
/// with the name in the CERT_NAME_BLOB structure. The search is restricted to certificates that match the value of dwCertEncodingType.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_SUBJECT_STR</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: Null-terminated Unicode string. Searches for a certificate that contains the specified subject name
|
||||
/// string. The certificate's subject member is converted to a name string of the appropriate type using the appropriate form of
|
||||
/// CertNameToStr formatted as CERT_SIMPLE_NAME_STR. Then a case-insensitive substring-within-a-string match is performed. When this
|
||||
/// value is set, the search is restricted to certificates whose encoding type matches dwCertEncodingType.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_CROSS_CERT_DIST_POINTS</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: Not used. Find a certificate that has either a cross certificate distribution point extension or property.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_FIND_PUBKEY_MD5_HASH</term>
|
||||
/// <term>
|
||||
/// Data type of pvFindPara: CRYPT_HASH_BLOB structure. Find a certificate whose MD5-hashed public key matches the specified hash.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>
|
||||
/// <c>Note</c> There are alternate forms of the value of dwFindType that pass a string in pvFindPara. One form uses a Unicode
|
||||
/// string, and the other an ASCII string. Values that end in "_W" or without a suffix use Unicode. Values that end with "_A" use
|
||||
/// ASCII strings.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <param name="pvFindPara">Points to a data item or structure used with dwFindType.</param>
|
||||
/// <param name="pPrevCertContext">
|
||||
/// A pointer to the last CERT_CONTEXT structure returned by this function. This parameter must be <c>NULL</c> on the first call of
|
||||
/// the function. To find successive certificates meeting the search criteria, set pPrevCertContext to the pointer returned by the
|
||||
/// previous call to the function. This function frees the <c>CERT_CONTEXT</c> referenced by non- <c>NULL</c> values of this parameter.
|
||||
/// </param>
|
||||
/// <returns>
|
||||
/// <para>If the function succeeds, the function returns a pointer to a read-only CERT_CONTEXT structure.</para>
|
||||
/// <para>If the function fails and a certificate that matches the search criteria is not found, the return value is <c>NULL</c>.</para>
|
||||
/// <para>
|
||||
/// A non- <c>NULL</c> CERT_CONTEXT that <c>CertFindCertificateInStore</c> returns must be freed by CertFreeCertificateContext or by
|
||||
/// being passed as the pPrevCertContext parameter on a subsequent call to <c>CertFindCertificateInStore</c>.
|
||||
/// </para>
|
||||
/// <para>For extended error information, call GetLastError. Some possible error codes follow.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Return code</term>
|
||||
/// <term>Description</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CRYPT_E_NOT_FOUND</term>
|
||||
/// <term>
|
||||
/// No certificate was found matching the search criteria. This can happen if the store is empty or the end of the store's list is reached.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>E_INVALIDARG</term>
|
||||
/// <term>
|
||||
/// The handle in the hCertStore parameter is not the same as that in the certificate context pointed to by the pPrevCertContext
|
||||
/// parameter, or a value that is not valid was specified in the dwFindType parameter.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </returns>
|
||||
/// <remarks>
|
||||
/// <para>The dwFindFlags parameter is used to modify the criteria of some search types.</para>
|
||||
/// <para>
|
||||
/// The CERT_UNICODE_IS_RDN_ATTRS_FLAG dwFindFlags value is used only with the CERT_FIND_SUBJECT_ATTR and CERT_FIND_ISSUER_ATTR
|
||||
/// values for dwFindType. CERT_UNICODE_IS_RDN_ATTRS_FLAG must be set if the CERT_RDN_ATTR structure pointed to by pvFindPara was
|
||||
/// initialized with Unicode strings. Before any comparison is made, the string to be matched is converted by using
|
||||
/// X509_UNICODE_NAME to provide for Unicode comparisons.
|
||||
/// </para>
|
||||
/// <para>The following dwFindFlags values are used only with the CERT_FIND_ENKEY_USAGE value for dwFindType:</para>
|
||||
/// <para>
|
||||
/// CertDuplicateCertificateContext can be called to make a duplicate of the returned context. The returned context can be added to
|
||||
/// a different certificate store by using CertAddCertificateContextToStore, or a link to that certificate context can be added to a
|
||||
/// store that is not a collection store by using CertAddCertificateLinkToStore.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// The returned pointer is freed when passed as the pPrevCertContext parameter on a subsequent call to the function. Otherwise, the
|
||||
/// pointer must be explicitly freed by calling CertFreeCertificateContext. A pPrevCertContext that is not <c>NULL</c> is always
|
||||
/// freed by <c>CertFindCertificateInStore</c> using a call to <c>CertFreeCertificateContext</c>, even if there is an error in the function.
|
||||
/// </para>
|
||||
/// <para>Examples</para>
|
||||
/// <para>
|
||||
/// The following example shows finding a certificate context in the certificate store meeting a search criterion. For a complete
|
||||
/// example that includes the context for this example, see Example C Program: Certificate Store Operations.
|
||||
/// </para>
|
||||
/// <para>For another example that uses this function, see Example C Program: Collection and Sibling Certificate Store Operations.</para>
|
||||
/// </remarks>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certfindcertificateinstore PCCERT_CONTEXT
|
||||
// CertFindCertificateInStore( HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFindFlags, DWORD dwFindType, const void
|
||||
// *pvFindPara, PCCERT_CONTEXT pPrevCertContext );
|
||||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "20b3fcfb-55df-46ff-80a5-70f31a3d03b2")]
|
||||
public static extern SafePCCERT_CONTEXT CertFindCertificateInStore(HCERTSTORE hCertStore, CertEncodingType dwCertEncodingType, CertFindUsageFlags dwFindFlags,
|
||||
CertFindType dwFindType, [In, MarshalAs(UnmanagedType.LPWStr)] string pvFindPara, PCCERT_CONTEXT pPrevCertContext);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertFreeServerOcspResponseContext</c> function decrements the reference count for a CERT_SERVER_OCSP_RESPONSE_CONTEXT
|
||||
/// structure. If the reference count becomes zero, memory allocated for the structure is released.
|
||||
|
@ -1964,7 +2172,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "35813928-728e-40b7-b627-817d3094eeb1")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CertRetrieveLogoOrBiometricInfo(PCCERT_CONTEXT pCertContext, [MarshalAs(UnmanagedType.LPStr)] string lpszLogoOrBiometricType, CryptRetrievalFlags dwRetrievalFlags,
|
||||
public static extern bool CertRetrieveLogoOrBiometricInfo(PCCERT_CONTEXT pCertContext, [In] SafeOID lpszLogoOrBiometricType, CryptRetrievalFlags dwRetrievalFlags,
|
||||
uint dwTimeout, [Optional] uint dwFlags, [Optional] IntPtr pvReserved, out SafeCryptMem ppbData, out uint pcbData, out SafeCryptMem ppwszMimeType);
|
||||
|
||||
/// <summary>The <c>CertSelectCertificateChains</c> function retrieves certificate chains based on specified selection criteria.</summary>
|
||||
|
@ -2141,6 +2349,180 @@ namespace Vanara.PInvoke
|
|||
public static extern bool CertSelectCertificateChains(in Guid pSelectionContext, CertSelection dwFlags, [Optional] IntPtr pChainParameters, uint cCriteria, [In, Optional, MarshalAs(UnmanagedType.LPArray)] CERT_SELECT_CRITERIA[] rgpCriteria,
|
||||
HCERTSTORE hStore, out uint pcSelection, out IntPtr pprgpSelection);
|
||||
|
||||
/// <summary>The <c>CertSelectCertificateChains</c> function retrieves certificate chains based on specified selection criteria.</summary>
|
||||
/// <param name="pSelectionContext">A pointer to the GUID of the certificate selection scenario to use for this call.</param>
|
||||
/// <param name="dwFlags">
|
||||
/// <para>
|
||||
/// Flags for controlling the certificate selection process. This parameter can be a combination of zero or more of the following flags:
|
||||
/// </para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_SELECT_ALLOW_EXPIRED</term>
|
||||
/// <term>Select expired certificates that meet selection criteria. By default expired certificates are rejected from selection.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_SELECT_TRUSTED_ROOT</term>
|
||||
/// <term>
|
||||
/// Select certificates on which the error bit in the certificate chain trust status is not set to CERT_TRUST_IS_UNTRUSTED_ROOT,
|
||||
/// CERT_TRUST_IS_PARTIAL_CHAIN, or CERT_TRUST_IS_NOT_TIME_VALID. In addition, certificates that have one of the following invalid
|
||||
/// constraint errors are not selected:
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_SELECT_DISALLOW_SELFSIGNED</term>
|
||||
/// <term>Select certificates that are not self-issued and self-signed.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_SELECT_HAS_PRIVATE_KEY</term>
|
||||
/// <term>Select certificates that have a value set for the CERT_KEY_PROV_INFO_PROP_ID property of the certificate.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_SELECT_HAS_KEY_FOR_SIGNATURE</term>
|
||||
/// <term>
|
||||
/// Select certificates on which the value of the dwKeySpec member of the CERT_KEY_PROV_INFO_PROP_ID property is set to
|
||||
/// AT_SIGNATURE. If this function is being called as part of a CNG enabled application and the dwKeySpec member of the
|
||||
/// CERT_KEY_PROV_INFO_PROP_ID property is set to -1, select certificates on which the value of the NCRYPT_KEY_USAGE_PROPERTY
|
||||
/// property of the associated private key has the NCRYPT_ALLOW_SIGNING_FLAG set.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_SELECT_HAS_KEY_FOR_KEY_EXCHANGE</term>
|
||||
/// <term>
|
||||
/// Select certificates on which the value of the dwKeySpec member of the CERT_KEY_PROV_INFO_PROP_ID property is set to
|
||||
/// AT_KEYEXCHANGE. If this function is being called as part of a CNG enabled application and the dwKeySpec member of the
|
||||
/// CERT_KEY_PROV_INFO_PROP_ID property is set to -1, select certificates on which either NCRYPT_ALLOW_DECRYPT_FLAG or
|
||||
/// NCRYPT_ALLOW_KEY_AGREEMENT_FLAG is set.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_SELECT_HARDWARE_ONLY</term>
|
||||
/// <term>
|
||||
/// Select certificates on which the value of the PP_IMPTYPE property of the associated private key provider is set to either
|
||||
/// CRYPT_IMPL_HARDWARE or CRYPT_IMPL_REMOVABLE. (For CNG providers, NCRYPT_IMPL_TYPE_PROPERTY property value MUST have either the
|
||||
/// NCRYPT_IMPL_HARDWARE_FLAG or NCRYPT_IMPL_REMOVABLE_FLAG bit set). If this function is being called as part of a CNG enabled
|
||||
/// application, select certificates on which the NCRYPT_IMPL_TYPE_PROPERTY property is set to NCRYPT_IMPL_HARDWARE_FLAG or NCRYPT_IMPL_REMOVABLE_FLAG.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_SELECT_ALLOW_DUPLICATES</term>
|
||||
/// <term>
|
||||
/// Allow the selection of certificates on which the Subject and Subject Alt Name contain the same information and the certificate
|
||||
/// template extension value is equivalent. By default when certificates match this criteria, only the most recent certificate is selected.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="pChainParameters">
|
||||
/// <para>
|
||||
/// A pointer to a CERT_SELECT_CHAIN_PARA structure to specify parameters for chain building. If <c>NULL</c>, default parameters
|
||||
/// will be used.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// The <c>pChainPara</c> member of the CERT_SELECT_CHAIN_PARA structure points to a CERT_CHAIN_PARA structure that can be used to
|
||||
/// enable strong signing.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <param name="cCriteria">The number of elements in the array pointed to by the rgpCriteria array.</param>
|
||||
/// <param name="rgpCriteria">
|
||||
/// A pointer to an array of CERT_SELECT_CRITERIA structures that define the selection criteria. If this parameter is set to
|
||||
/// <c>NULL</c>, the value of the cCriteria parameter must be zero.
|
||||
/// </param>
|
||||
/// <param name="hStore">The handle to a store from which to select the certificates.</param>
|
||||
/// <param name="pcSelection">
|
||||
/// A pointer to a <c>DWORD</c> value to receive the number of elements in the array pointed to by the pprgpSelection parameter.
|
||||
/// </param>
|
||||
/// <param name="pprgpSelection">
|
||||
/// <para>
|
||||
/// A pointer to a pointer to a location to receive an array of CERT_CHAIN_CONTEXT structure. The <c>CertSelectCertificateChains</c>
|
||||
/// function only returns certificate chains that match all the selection criteria. The entries in the array are ordered by quality,
|
||||
/// i.e. the chain with the highest quality is the first entry.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// Storage for the array is allocated by the <c>CertSelectCertificateChains</c> function. To free the allocated memory you must
|
||||
/// first release each individual chain context in the array by calling the CertFreeCertificateChain function. Then you must free
|
||||
/// the memory by calling the CertFreeCertificateChainList function.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <returns>
|
||||
/// <para>If the function succeeds, the function returns <c>TRUE</c>.</para>
|
||||
/// <para>If the function fails, it returns zero (FALSE). For extended error information, call the GetLastError function.</para>
|
||||
/// <para>
|
||||
/// <c>Note</c> If the selection does not yield any results, the <c>CertSelectCertificateChains</c> function returns <c>TRUE</c>,
|
||||
/// but the value pointed to by pcSelection parameter is set to zero.
|
||||
/// </para>
|
||||
/// </returns>
|
||||
/// <remarks>
|
||||
/// <para>
|
||||
/// Selection criteria can be specified through either the dwFlags parameter, through the rgpCriteria parameter, or through both
|
||||
/// parameters. If no selection criteria are specified, the function succeeds and returns certificate chains for all certificates in
|
||||
/// the store specified by the hStore parameter.
|
||||
/// </para>
|
||||
/// <para>Certificate chains that are selected are ordered based on the following preference logic:</para>
|
||||
/// <list type="bullet">
|
||||
/// <item>
|
||||
/// <term>Prefer certificates that are smart card certificates over certificates that are not smart-card based.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>Prefer certificates that have a longer validity period (the expiration date is later.)</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>If multiple certificates have same expiration date, prefer certificates that were issued more recently.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>If there is a tie, prefer shorter chains.</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>
|
||||
/// Certain selection criteria require that a certificate chain be built before you can select that criteria for use. If the
|
||||
/// intermediate certificates required to build the chain are not available locally, a network retrieval is performed for the issuer
|
||||
/// certificates. This network retrieval is performed if the <c>CERT_SELECT_TRUSTED_ROOT</c> flag is set or for the following criteria:
|
||||
/// </para>
|
||||
/// <list type="bullet">
|
||||
/// <item>
|
||||
/// <term><c>CERT_SELECT_BY_ISSUER_NAME</c></term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term><c>CERT_SELECT_BY_ISSUER_ATTR</c></term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term><c>CERT_SELECT_BY_POLICY_OID</c></term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>Perform the following actions to enable strong signature checking:</para>
|
||||
/// <list type="bullet">
|
||||
/// <item>
|
||||
/// <term>
|
||||
/// Create a CERT_STRONG_SIGN_PARA structure, specify the required strong signing parameters, and set a pointer to the structure in
|
||||
/// the <c>pStrongSignPara</c> member of a CERT_CHAIN_PARA structure.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>Set a pointer to the CERT_CHAIN_PARA structure in the <c>pChainPara</c> member of a CERT_SELECT_CHAIN_PARA structure.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>Set a pointer to the CERT_SELECT_CHAIN_PARA structure in the pChainParameters parameter of this ( <c>CertSelectCertificateChains</c>)function.</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>
|
||||
/// When you enable strong signature checking, any certificate chain that returns a <c>CERT_TRUST_IS_NOT_SIGNATURE_VALID</c> error
|
||||
/// in the <c>dwErrorStatus</c> field of the CERT_TRUST_STATUS structure will be skipped. (The pprgpSelection parameter points to a
|
||||
/// CERT_CHAIN_CONTEXT structure which, in turn, points to the <c>CERT_TRUST_STATUS</c> structure.) The
|
||||
/// <c>CERT_TRUST_HAS_WEAK_SIGNATURE</c> value is also set for a weak signature.
|
||||
/// </para>
|
||||
/// </remarks>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certselectcertificatechains BOOL
|
||||
// CertSelectCertificateChains( LPCGUID pSelectionContext, DWORD dwFlags, PCCERT_SELECT_CHAIN_PARA pChainParameters, DWORD
|
||||
// cCriteria, PCCERT_SELECT_CRITERIA rgpCriteria, HCERTSTORE hStore, PDWORD pcSelection, PCCERT_CHAIN_CONTEXT **pprgpSelection );
|
||||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "b740772b-d25b-4b3d-9acb-03f7018750d6")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CertSelectCertificateChains([Optional] IntPtr pSelectionContext, CertSelection dwFlags, [Optional] IntPtr pChainParameters, uint cCriteria, [In, Optional, MarshalAs(UnmanagedType.LPArray)] CERT_SELECT_CRITERIA[] rgpCriteria,
|
||||
HCERTSTORE hStore, out uint pcSelection, out IntPtr pprgpSelection);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertSerializeCertificateStoreElement</c> function serializes a certificate context's encoded certificate and its encoded
|
||||
/// properties. The result can be persisted to storage so that the certificate and properties can be retrieved at a later time.
|
||||
|
@ -2313,6 +2695,140 @@ namespace Vanara.PInvoke
|
|||
|
||||
/// <summary/>
|
||||
public Guid ChainId;
|
||||
|
||||
/// <summary>Gets the chain from <see cref="rgpChain"/>.</summary>
|
||||
public unsafe CERT_SIMPLE_CHAIN*[] GetChain()
|
||||
{
|
||||
var ret = new CERT_SIMPLE_CHAIN*[(int)cChain];
|
||||
for (int i = 0; i < cChain; i++)
|
||||
ret[i] = ((CERT_SIMPLE_CHAIN**)rgpChain)[i];
|
||||
return ret;
|
||||
}
|
||||
|
||||
/// <summary>Gets the contexts from <see cref="rgpLowerQualityChainContext"/>.</summary>
|
||||
public unsafe CERT_CHAIN_CONTEXT*[] GetLowerQualityChainContext()
|
||||
{
|
||||
var ret = new CERT_CHAIN_CONTEXT*[(int)cLowerQualityChainContext];
|
||||
for (int i = 0; i < cLowerQualityChainContext; i++)
|
||||
ret[i] = ((CERT_CHAIN_CONTEXT**)rgpLowerQualityChainContext)[i];
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CERT_CHAIN_ELEMENT</c> structure is a single element in a simple certificate chain. Each element has a pointer to a
|
||||
/// certificate context, a pointer to a structure that indicates the error status and information status of the certificate, and a
|
||||
/// pointer to a structure that indicates the revocation status of the certificate.
|
||||
/// </summary>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/ns-wincrypt-cert_chain_element typedef struct _CERT_CHAIN_ELEMENT {
|
||||
// DWORD cbSize; PCCERT_CONTEXT pCertContext; CERT_TRUST_STATUS TrustStatus; PCERT_REVOCATION_INFO pRevocationInfo;
|
||||
// PCERT_ENHKEY_USAGE pIssuanceUsage; PCERT_ENHKEY_USAGE pApplicationUsage; LPCWSTR pwszExtendedErrorInfo; } CERT_CHAIN_ELEMENT, *PCERT_CHAIN_ELEMENT;
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "a1f6ba18-63ef-43ac-a17f-900fa13398aa")]
|
||||
[StructLayout(LayoutKind.Sequential)]
|
||||
public struct CERT_CHAIN_ELEMENT
|
||||
{
|
||||
/// <summary>Size of this structure in bytes.</summary>
|
||||
public uint cbSize;
|
||||
|
||||
/// <summary>A pointer to a certificate context.</summary>
|
||||
public PCCERT_CONTEXT pCertContext;
|
||||
|
||||
/// <summary>
|
||||
/// Structure indicating the status of the certificate. The structure includes an error status code and an information status
|
||||
/// code. For information about status code values, see CERT_TRUST_STATUS.
|
||||
/// </summary>
|
||||
public CERT_TRUST_STATUS TrustStatus;
|
||||
|
||||
/// <summary>
|
||||
/// A pointer to a CERT_REVOCATION_INFO structure with information on the revocation status of the certificate. If revocation
|
||||
/// checking was not enabled, <c>pRevocationInfo</c> is <c>NULL</c>.
|
||||
/// </summary>
|
||||
public IntPtr pRevocationInfo;
|
||||
|
||||
/// <summary>A pointer to a CERT_ENHKEY_USAGE structure. If <c>NULL</c>, any issuance policy is acceptable.</summary>
|
||||
public IntPtr pIssuanceUsage;
|
||||
|
||||
/// <summary>A pointer to a CERT_ENHKEY_USAGE structure. If <c>NULL</c>, any enhanced key usage is acceptable.</summary>
|
||||
public IntPtr pApplicationUsage;
|
||||
|
||||
/// <summary>
|
||||
/// A pointer to a <c>null</c>-terminated wide character string that contains extended error information. If <c>NULL</c>, there
|
||||
/// is no extended error information.
|
||||
/// </summary>
|
||||
public StrPtrUni pwszExtendedErrorInfo;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Contains information updated by a certificate revocation list (CRL) revocation type handler. The <c>CERT_REVOCATION_CRL_INFO</c>
|
||||
/// structure is used with both base and delta CRLs.
|
||||
/// </summary>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/ns-wincrypt-cert_revocation_crl_info typedef struct
|
||||
// _CERT_REVOCATION_CRL_INFO { DWORD cbSize; PCCRL_CONTEXT pBaseCrlContext; PCCRL_CONTEXT pDeltaCrlContext; PCRL_ENTRY pCrlEntry;
|
||||
// BOOL fDeltaCrlEntry; } CERT_REVOCATION_CRL_INFO, *PCERT_REVOCATION_CRL_INFO;
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "069ff521-90fd-4de8-9b5c-045e44e87f75")]
|
||||
[StructLayout(LayoutKind.Sequential)]
|
||||
public struct CERT_REVOCATION_CRL_INFO
|
||||
{
|
||||
/// <summary>Size, in bytes, of the structure.</summary>
|
||||
public uint cbSize;
|
||||
|
||||
/// <summary/>
|
||||
public PCCRL_CONTEXT pBaseCrlContext;
|
||||
|
||||
/// <summary/>
|
||||
public PCCRL_CONTEXT pDeltaCrlContext;
|
||||
|
||||
/// <summary>A pointer to an entry in either the base CRL or the delta CRL.</summary>
|
||||
public IntPtr pCrlEntry;
|
||||
|
||||
/// <summary>
|
||||
/// <c>TRUE</c> if <c>pCrlEntry</c> points to an entry in the delta CRL. <c>FALSE</c> if <c>pCrlEntry</c> points to an entry in
|
||||
/// the base CRL.
|
||||
/// </summary>
|
||||
[MarshalAs(UnmanagedType.Bool)] public bool fDeltaCrlEntry;
|
||||
}
|
||||
|
||||
/// <summary>The <c>CERT_REVOCATION_INFO</c> structure indicates the revocation status of a certificate in a CERT_CHAIN_ELEMENT.</summary>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/ns-wincrypt-cert_revocation_info typedef struct _CERT_REVOCATION_INFO
|
||||
// { DWORD cbSize; DWORD dwRevocationResult; LPCSTR pszRevocationOid; LPVOID pvOidSpecificInfo; BOOL fHasFreshnessTime; DWORD
|
||||
// dwFreshnessTime; PCERT_REVOCATION_CRL_INFO pCrlInfo; } CERT_REVOCATION_INFO, *PCERT_REVOCATION_INFO;
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "798aa2d7-bf8a-425f-bc36-98a44ba3a9d6")]
|
||||
[StructLayout(LayoutKind.Sequential)]
|
||||
public struct CERT_REVOCATION_INFO
|
||||
{
|
||||
/// <summary>Size of this structure in bytes.</summary>
|
||||
public uint cbSize;
|
||||
|
||||
/// <summary>
|
||||
/// <para>Currently defined values are:</para>
|
||||
/// <list type="bullet">
|
||||
/// <item>
|
||||
/// <term>CERT_TRUST_IS_REVOKED</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_TRUST_REVOCATION_STATUS_IS_UNKNOWN</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </summary>
|
||||
public uint dwRevocationResult;
|
||||
|
||||
/// <summary>Not currently used and is set to <c>NULL</c>.</summary>
|
||||
public StrPtrAnsi pszRevocationOid;
|
||||
|
||||
/// <summary>Not currently used and is set to <c>NULL</c>.</summary>
|
||||
public IntPtr pvOidSpecificInfo;
|
||||
|
||||
/// <summary>BOOL set to <c>TRUE</c> if dwFreshnessTime has been updated.</summary>
|
||||
[MarshalAs(UnmanagedType.Bool)] public bool fHasFreshnessTime;
|
||||
|
||||
/// <summary>
|
||||
/// If <c>fHasFreshnessTime</c> is <c>TRUE</c>, holds the CurrentTime minus the certificate revocation list's (CRL's). This time
|
||||
/// is in seconds.
|
||||
/// </summary>
|
||||
public uint dwFreshnessTime;
|
||||
|
||||
/// <summary>For CRL base revocation checking, a non- <c>NULL</c> pointer to a CERT_REVOCATION_CRL_INFO structure.</summary>
|
||||
public IntPtr pCrlInfo;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
@ -2506,6 +3022,80 @@ namespace Vanara.PInvoke
|
|||
public IntPtr ppPara;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CERT_SIMPLE_CHAIN</c> structure contains an array of chain elements and a summary trust status for the chain that the
|
||||
/// array represents.
|
||||
/// </summary>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/ns-wincrypt-cert_simple_chain typedef struct _CERT_SIMPLE_CHAIN {
|
||||
// DWORD cbSize; CERT_TRUST_STATUS TrustStatus; DWORD cElement; PCERT_CHAIN_ELEMENT *rgpElement; PCERT_TRUST_LIST_INFO
|
||||
// pTrustListInfo; BOOL fHasRevocationFreshnessTime; DWORD dwRevocationFreshnessTime; } CERT_SIMPLE_CHAIN, *PCERT_SIMPLE_CHAIN;
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "c130cab4-bf8d-429a-beb7-04cb5d37d466")]
|
||||
[StructLayout(LayoutKind.Sequential)]
|
||||
public struct CERT_SIMPLE_CHAIN
|
||||
{
|
||||
/// <summary>The size, in bytes, of this structure.</summary>
|
||||
public uint cbSize;
|
||||
|
||||
/// <summary>
|
||||
/// A structure that indicates the trust status of the whole chain. The structure includes an error status code and an
|
||||
/// information status code. For information about status code values, see CERT_TRUST_STATUS.
|
||||
/// </summary>
|
||||
public CERT_TRUST_STATUS TrustStatus;
|
||||
|
||||
/// <summary>The number of CERT_CHAIN_ELEMENT structures in the array.</summary>
|
||||
public uint cElement;
|
||||
|
||||
/// <summary>
|
||||
/// An array of pointers to CERT_CHAIN_ELEMENT structures. <c>rgpElement</c>[0] is the end certificate chain element.
|
||||
/// <c>rgpElement</c>[ <c>cElement</c>–1] is the self-signed "root" certificate element.
|
||||
/// </summary>
|
||||
public IntPtr rgpElement;
|
||||
|
||||
/// <summary>
|
||||
/// A pointer to a CERT_TRUST_LIST_INFO structure that contains a pointer to a certificate trust list (CTL) connecting this
|
||||
/// chain to a next certificate chain. If the current chain is the final chain, <c>pTrustListInfo</c> is <c>NULL</c>.
|
||||
/// </summary>
|
||||
public IntPtr pTrustListInfo;
|
||||
|
||||
/// <summary>BOOL. If <c>TRUE</c>, <c>dwRevocationFreshnessTime</c> has been calculated.</summary>
|
||||
[MarshalAs(UnmanagedType.Bool)] public bool fHasRevocationFreshnessTime;
|
||||
|
||||
/// <summary>
|
||||
/// The age of a certificate revocation list (CRL) in seconds, calculated as the CurrentTime minus the CRL's ThisUpdate time.
|
||||
/// This values is the largest time across all elements checked.
|
||||
/// </summary>
|
||||
public uint dwRevocationFreshnessTime;
|
||||
|
||||
/// <summary>Gets the elements from <see cref="rgpElement"/>.</summary>
|
||||
public unsafe CERT_CHAIN_ELEMENT*[] GetElements()
|
||||
{
|
||||
var ret = new CERT_CHAIN_ELEMENT*[(int)cElement];
|
||||
for (int i = 0; i < cElement; i++)
|
||||
ret[i] = ((CERT_CHAIN_ELEMENT**)rgpElement)[i];
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>The <c>CERT_TRUST_LIST_INFO</c> structure that indicates valid usage of a CTL.</summary>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/ns-wincrypt-cert_trust_list_info typedef struct _CERT_TRUST_LIST_INFO
|
||||
// { DWORD cbSize; PCTL_ENTRY pCtlEntry; PCCTL_CONTEXT pCtlContext; } CERT_TRUST_LIST_INFO, *PCERT_TRUST_LIST_INFO;
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "774f5626-9b48-4585-b713-adbf191861cc")]
|
||||
[StructLayout(LayoutKind.Sequential)]
|
||||
public struct CERT_TRUST_LIST_INFO
|
||||
{
|
||||
/// <summary>Size of this structure in bytes.</summary>
|
||||
public uint cbSize;
|
||||
|
||||
/// <summary>
|
||||
/// A pointer to a structure that includes a subject identifier, the count of attributes associated with a CTL, and an array of
|
||||
/// those attributes.
|
||||
/// </summary>
|
||||
public IntPtr pCtlEntry;
|
||||
|
||||
/// <summary>A pointer to a CTL context.</summary>
|
||||
public PCCTL_CONTEXT pCtlContext;
|
||||
}
|
||||
|
||||
/// <summary>Provides a handle to an online certificate status protocol (OCSP) response.</summary>
|
||||
[StructLayout(LayoutKind.Sequential)]
|
||||
public struct HCERT_SERVER_OCSP_RESPONSE : IHandle
|
||||
|
@ -2687,6 +3277,15 @@ namespace Vanara.PInvoke
|
|||
/// <returns>The result of the conversion.</returns>
|
||||
public static implicit operator PCCERT_CONTEXT(SafePCCERT_CONTEXT h) => h.handle;
|
||||
|
||||
/// <summary>
|
||||
/// Performs an explicit conversion from <see cref="SafePCCERT_CONTEXT"/> to <see cref="CERT_CONTEXT"/>.
|
||||
/// </summary>
|
||||
/// <param name="h">The h.</param>
|
||||
/// <returns>
|
||||
/// The resulting <see cref="CERT_CONTEXT"/> instance from the conversion.
|
||||
/// </returns>
|
||||
public static unsafe explicit operator CERT_CONTEXT*(SafePCCERT_CONTEXT h) => (CERT_CONTEXT*)(void*)h.handle;
|
||||
|
||||
/// <inheritdoc/>
|
||||
protected override bool InternalReleaseHandle() => CertFreeCertificateContext(handle);
|
||||
}
|
||||
|
|
|
@ -371,8 +371,7 @@ namespace Vanara.PInvoke
|
|||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certalgidtooid LPCSTR CertAlgIdToOID( DWORD dwAlgId );
|
||||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "2a66c6da-22dd-4192-9f3d-2fb85f8032e0")]
|
||||
[return: MarshalAs(UnmanagedType.LPStr)]
|
||||
public static extern string CertAlgIdToOID(uint dwAlgId);
|
||||
public static extern StrPtrAnsi CertAlgIdToOID(uint dwAlgId);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertGetNameString</c> function obtains the subject or issuer name from a certificate CERT_CONTEXT structure and converts
|
||||
|
@ -725,7 +724,7 @@ namespace Vanara.PInvoke
|
|||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certoidtoalgid DWORD CertOIDToAlgId( LPCSTR pszObjId );
|
||||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "920b2642-ce7c-4098-8720-5a6f24128787")]
|
||||
public static extern uint CertOIDToAlgId([MarshalAs(UnmanagedType.LPStr)] string pszObjId);
|
||||
public static extern uint CertOIDToAlgId(SafeOID pszObjId);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertRDNValueToStr</c> function converts a name in a CERT_RDN_VALUE_BLOB to a <c>null</c>-terminated character string.
|
||||
|
@ -1360,7 +1359,7 @@ namespace Vanara.PInvoke
|
|||
[PInvokeData("wincrypt.h", MSDNShortId = "307e0bd5-b8a6-4d85-9775-65aae99e8dc6")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptFormatObject(CertEncodingType dwCertEncodingType, [Optional] uint dwFormatType, CryptFormatStr dwFormatStrType, [Optional] IntPtr pFormatStruct,
|
||||
[MarshalAs(UnmanagedType.LPStr)] string lpszStructType, [In] IntPtr pbEncoded, uint cbEncoded, [In] IntPtr pbFormat, ref uint pcbFormat);
|
||||
[In] SafeOID lpszStructType, [In] IntPtr pbEncoded, uint cbEncoded, [In] IntPtr pbFormat, ref uint pcbFormat);
|
||||
|
||||
/// <summary>The <c>CryptStringToBinary</c> function converts a formatted string into an array of bytes.</summary>
|
||||
/// <param name="pszString">A pointer to a string that contains the formatted string to be converted.</param>
|
||||
|
|
|
@ -795,7 +795,7 @@ namespace Vanara.PInvoke
|
|||
// LPCSTR pszObjId, DWORD cAttr, CRYPT_ATTRIBUTE [] rgAttr );
|
||||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "99d690fb-ea85-4cb1-9fb0-bdb02e4ac50a")]
|
||||
public static extern IntPtr CertFindAttribute([MarshalAs(UnmanagedType.LPStr)] string pszObjId, uint cAttr, [MarshalAs(UnmanagedType.LPArray)] CRYPT_ATTRIBUTE[] rgAttr);
|
||||
public static extern IntPtr CertFindAttribute(SafeOID pszObjId, uint cAttr, [MarshalAs(UnmanagedType.LPArray)] CRYPT_ATTRIBUTE[] rgAttr);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertFindAttribute</c> function finds the first attribute in the CRYPT_ATTRIBUTE array, as identified by its object
|
||||
|
@ -823,7 +823,7 @@ namespace Vanara.PInvoke
|
|||
// LPCSTR pszObjId, DWORD cExtensions, CERT_EXTENSION [] rgExtensions );
|
||||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "489c58b6-a704-4f54-bc64-34eacafc347c")]
|
||||
public static extern IntPtr CertFindExtension([MarshalAs(UnmanagedType.LPStr)] string pszObjId, uint cExtensions, [MarshalAs(UnmanagedType.LPArray)] CERT_EXTENSION[] rgExtensions);
|
||||
public static extern IntPtr CertFindExtension(SafeOID pszObjId, uint cExtensions, [MarshalAs(UnmanagedType.LPArray)] CERT_EXTENSION[] rgExtensions);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertFindExtension</c> function finds the first extension in the CERT_EXTENSION array, as identified by its object
|
||||
|
@ -848,7 +848,7 @@ namespace Vanara.PInvoke
|
|||
// pszObjId, PCERT_NAME_INFO pName );
|
||||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "31f82a02-e90a-48de-857a-9fbb03048b5c")]
|
||||
public static extern IntPtr CertFindRDNAttr([MarshalAs(UnmanagedType.LPStr)] string pszObjId, in CERT_NAME_INFO pName);
|
||||
public static extern IntPtr CertFindRDNAttr(SafeOID pszObjId, in CERT_NAME_INFO pName);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertGetIntendedKeyUsage</c> function acquires the intended key usage bytes from a certificate. The intended key usage can
|
||||
|
@ -1413,7 +1413,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "defd0b23-d9c2-4b28-a6a6-1be7487ae656")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptExportPKCS8(HCRYPTPROV hCryptProv, CertKeySpec dwKeySpec, [MarshalAs(UnmanagedType.LPStr)] string pszPrivateKeyObjId, uint dwFlags, [In, Optional] IntPtr pvAuxInfo, [Out, Optional] IntPtr pbPrivateKeyBlob, ref uint pcbPrivateKeyBlob);
|
||||
public static extern bool CryptExportPKCS8(HCRYPTPROV hCryptProv, CertKeySpec dwKeySpec, SafeOID pszPrivateKeyObjId, uint dwFlags, [In, Optional] IntPtr pvAuxInfo, [Out, Optional] IntPtr pbPrivateKeyBlob, ref uint pcbPrivateKeyBlob);
|
||||
|
||||
/// <summary>
|
||||
/// <para>
|
||||
|
@ -1767,7 +1767,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "38274222-90b3-4038-86d3-6b2813100ce2")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptExportPublicKeyInfoEx(HCRYPTPROV hCryptProvOrNCryptKey, CertKeySpec dwKeySpec, CertEncodingType dwCertEncodingType, [MarshalAs(UnmanagedType.LPStr)] string pszPublicKeyObjId,
|
||||
public static extern bool CryptExportPublicKeyInfoEx(HCRYPTPROV hCryptProvOrNCryptKey, CertKeySpec dwKeySpec, CertEncodingType dwCertEncodingType, SafeOID pszPublicKeyObjId,
|
||||
CryptOIDInfoFlags dwFlags, [In, Optional] IntPtr pvAuxInfo, [Out, Optional] IntPtr pInfo, ref uint pcbInfo);
|
||||
|
||||
/// <summary>
|
||||
|
@ -1889,7 +1889,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "38274222-90b3-4038-86d3-6b2813100ce2")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptExportPublicKeyInfoEx(NCrypt.NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey, CertKeySpec dwKeySpec, CertEncodingType dwCertEncodingType, [MarshalAs(UnmanagedType.LPStr)] string pszPublicKeyObjId,
|
||||
public static extern bool CryptExportPublicKeyInfoEx(NCrypt.NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey, CertKeySpec dwKeySpec, CertEncodingType dwCertEncodingType, SafeOID pszPublicKeyObjId,
|
||||
CryptOIDInfoFlags dwFlags, [In, Optional] IntPtr pvAuxInfo, [Out, Optional] IntPtr pInfo, ref uint pcbInfo);
|
||||
|
||||
/// <summary>
|
||||
|
@ -1961,7 +1961,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "f96bff4a-d354-4231-907a-383aff5cfacc")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptExportPublicKeyInfoFromBCryptKeyHandle(BCrypt.BCRYPT_KEY_HANDLE hBCryptKey, CertEncodingType dwCertEncodingType, [MarshalAs(UnmanagedType.LPStr)] string pszPublicKeyObjId,
|
||||
public static extern bool CryptExportPublicKeyInfoFromBCryptKeyHandle(BCrypt.BCRYPT_KEY_HANDLE hBCryptKey, CertEncodingType dwCertEncodingType, SafeOID pszPublicKeyObjId,
|
||||
CryptOIDInfoFlags dwFlags, [In, Optional] IntPtr pvAuxInfo, [Out, Optional] IntPtr pInfo, ref uint pcbInfo);
|
||||
|
||||
/// <summary>
|
||||
|
@ -5081,7 +5081,7 @@ namespace Vanara.PInvoke
|
|||
[PInvokeData("wincrypt.h", MSDNShortId = "ee138918-ed7c-4980-8b18-64004a0dd7df")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptSignAndEncodeCertificate(BCrypt.BCRYPT_KEY_HANDLE hBCryptKey, CertKeySpec dwKeySpec, CertEncodingType dwCertEncodingType,
|
||||
[MarshalAs(UnmanagedType.LPStr)] string lpszStructType, [In] IntPtr pvStructInfo, in CRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm,
|
||||
[In] SafeOID lpszStructType, [In] IntPtr pvStructInfo, in CRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm,
|
||||
[In, Optional] IntPtr pvHashAuxInfo, [Out] IntPtr pbEncoded, ref uint pcbEncoded);
|
||||
|
||||
/// <summary>The <c>CryptSignCertificate</c> function signs the "to be signed" information in the encoded signed content.</summary>
|
||||
|
@ -5757,7 +5757,7 @@ namespace Vanara.PInvoke
|
|||
public CertKeySpec dwKeySpec;
|
||||
|
||||
/// <summary>An <c>LPSTR</c> variable that contains the object identifier (OID) of the private key to be exported.</summary>
|
||||
[MarshalAs(UnmanagedType.LPStr)] public string pszPrivateKeyObjId;
|
||||
public StrPtrAnsi pszPrivateKeyObjId;
|
||||
|
||||
/// <summary>
|
||||
/// A PCRYPT_ENCRYPT_PRIVATE_KEY_FUNC pointer that points to a callback to a function that encrypts the private key. If this is
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
using System;
|
||||
using System.Runtime.InteropServices;
|
||||
using Vanara.InteropServices;
|
||||
|
||||
namespace Vanara.PInvoke
|
||||
{
|
||||
|
@ -147,7 +148,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "1bec8d2f-aa43-4a8b-9414-c3a4e5fcb470")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CertAddEnhancedKeyUsageIdentifier([In] PCCERT_CONTEXT pCertContext, [MarshalAs(UnmanagedType.LPStr)] string pszUsageIdentifier);
|
||||
public static extern bool CertAddEnhancedKeyUsageIdentifier([In] PCCERT_CONTEXT pCertContext, SafeOID pszUsageIdentifier);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertGetEnhancedKeyUsage</c> function returns information from the enhanced key usage (EKU) extension or the EKU extended
|
||||
|
@ -247,7 +248,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "4fb27073-674c-4bac-9a62-6e33e1a5785e")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CertRemoveEnhancedKeyUsageIdentifier(PCCERT_CONTEXT pCertContext, [MarshalAs(UnmanagedType.LPStr)] string pszUsageIdentifier);
|
||||
public static extern bool CertRemoveEnhancedKeyUsageIdentifier(PCCERT_CONTEXT pCertContext, SafeOID pszUsageIdentifier);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertSetEnhancedKeyUsage</c> function sets the enhanced key usage (EKU) property for the certificate. Use of this function
|
||||
|
@ -322,7 +323,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "628e1995-8207-4daa-a445-cb21a755ffa6")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptCreateKeyIdentifierFromCSP(CertEncodingType dwCertEncodingType, [Optional, MarshalAs(UnmanagedType.LPStr)] string pszPubKeyOID,
|
||||
public static extern bool CryptCreateKeyIdentifierFromCSP(CertEncodingType dwCertEncodingType, [Optional] SafeOID pszPubKeyOID,
|
||||
in PUBLICKEYSTRUC pPubKeyStruc, uint cbPubKeyStruc, uint dwFlags, [Optional] IntPtr pvReserved, [Out] IntPtr pbHash, ref uint pcbHash);
|
||||
|
||||
/// <summary>
|
||||
|
|
|
@ -851,6 +851,93 @@ namespace Vanara.PInvoke
|
|||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptDecryptMessage(in CRYPT_DECRYPT_MESSAGE_PARA pDecryptPara, [In] IntPtr pbEncryptedBlob, uint cbEncryptedBlob, [Out] IntPtr pbDecrypted, ref uint pcbDecrypted, out SafePCCERT_CONTEXT ppXchgCert);
|
||||
|
||||
/// <summary>The <c>CryptDecryptMessage</c> function decodes and decrypts a message.</summary>
|
||||
/// <param name="pDecryptPara">A pointer to a CRYPT_DECRYPT_MESSAGE_PARA structure that contains decryption parameters.</param>
|
||||
/// <param name="pbEncryptedBlob">A pointer to a buffer that contains the encoded and encrypted message to be decrypted.</param>
|
||||
/// <param name="cbEncryptedBlob">The size, in bytes, of the encoded and encrypted message.</param>
|
||||
/// <param name="pbDecrypted">
|
||||
/// <para>A pointer to a buffer that receives the decrypted message.</para>
|
||||
/// <para>
|
||||
/// To set the size of this information for memory allocation purposes, this parameter can be <c>NULL</c>. A decrypted message will
|
||||
/// not be returned if this parameter is <c>NULL</c>. For more information, see Retrieving Data of Unknown Length.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <param name="pcbDecrypted">
|
||||
/// <para>
|
||||
/// A pointer to a <c>DWORD</c> that specifies the size, in bytes, of the buffer pointed to by the pbDecrypted parameter. When the
|
||||
/// function returns, this variable contains the size, in bytes, of the decrypted message copied to pbDecrypted.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// <c>Note</c> When processing the data returned in the pbDecrypted buffer, applications must use the actual size of the data
|
||||
/// returned. The actual size can be slightly smaller than the size of the buffer specified in pcbDecrypted on input. On input,
|
||||
/// buffer sizes are usually specified large enough to ensure that the largest possible output data will fit in the buffer. On
|
||||
/// output, the <c>DWORD</c> is updated to the actual size of the data copied to the buffer.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <param name="ppXchgCert">
|
||||
/// A pointer to a CERT_CONTEXT structure of a certificate that corresponds to the private exchange key needed to decrypt the
|
||||
/// message. To indicate that the function should not return the certificate context used to decrypt, set this parameter to <c>NULL</c>.
|
||||
/// </param>
|
||||
/// <returns>
|
||||
/// <para>If the function succeeds, the function returns nonzero ( <c>TRUE</c>).</para>
|
||||
/// <para>If the function fails, it returns zero ( <c>FALSE</c>). For extended error information, call GetLastError.</para>
|
||||
/// <para><c>Note</c> Errors from calls to CryptImportKey and CryptDecrypt might be propagated to this function.</para>
|
||||
/// <para>The GetLastError function returns the following error codes most often.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Return code</term>
|
||||
/// <term>Description</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>ERROR_MORE_DATA</term>
|
||||
/// <term>
|
||||
/// If the buffer specified by the pbDecrypted parameter is not large enough to hold the returned data, the function sets the
|
||||
/// ERROR_MORE_DATA code, and stores the required buffer size, in bytes, in the variable pointed to by pcbDecrypted.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>E_INVALIDARG</term>
|
||||
/// <term>
|
||||
/// Invalid message and certificate encoding types. Currently only PKCS_7_ASN_ENCODING and X509_ASN_ENCODING_TYPE are supported.
|
||||
/// Invalid cbSize in *pDecryptPara.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CRYPT_E_UNEXPECTED_MSG_TYPE</term>
|
||||
/// <term>Not an enveloped cryptographic message.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_ALGID</term>
|
||||
/// <term>The message was encrypted by using an unknown or unsupported algorithm.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CRYPT_E_NO_DECRYPT_CERT</term>
|
||||
/// <term>No certificate was found having a private key property to use for decrypting.</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>
|
||||
/// If the function fails, GetLastError may return an Abstract Syntax Notation One (ASN.1) encoding/decoding error. For information
|
||||
/// about these errors, see ASN.1 Encoding/Decoding Return Values.
|
||||
/// </para>
|
||||
/// </returns>
|
||||
/// <remarks>
|
||||
/// <para>
|
||||
/// When <c>NULL</c> is passed for pbDecrypted, and pcbDecrypted is not <c>NULL</c>, <c>NULL</c> is returned for the address passed
|
||||
/// in ppXchgCert; otherwise, a pointer to a CERT_CONTEXT is returned. For a successfully decrypted message, this pointer to a
|
||||
/// <c>CERT_CONTEXT</c> points to the certificate context used to decrypt the message. It must be freed by calling
|
||||
/// CertFreeCertificateContext. If the function fails, the value at ppXchgCert is set to <c>NULL</c>.
|
||||
/// </para>
|
||||
/// <para>Examples</para>
|
||||
/// <para>For an example that uses this function, see Example C Program: Using CryptEncryptMessage and CryptDecryptMessage.</para>
|
||||
/// </remarks>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptdecryptmessage BOOL CryptDecryptMessage(
|
||||
// PCRYPT_DECRYPT_MESSAGE_PARA pDecryptPara, const BYTE *pbEncryptedBlob, DWORD cbEncryptedBlob, BYTE *pbDecrypted, DWORD
|
||||
// *pcbDecrypted, PCCERT_CONTEXT *ppXchgCert );
|
||||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "e540b816-64e1-4c78-9020-2b221e813acc")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptDecryptMessage(in CRYPT_DECRYPT_MESSAGE_PARA pDecryptPara, [In] IntPtr pbEncryptedBlob, uint cbEncryptedBlob, [Out] IntPtr pbDecrypted, ref uint pcbDecrypted, IntPtr ppXchgCert = default);
|
||||
|
||||
/// <summary>The <c>CryptEncryptMessage</c> function encrypts and encodes a message.</summary>
|
||||
/// <param name="pEncryptPara">
|
||||
/// <para>A pointer to a CRYPT_ENCRYPT_MESSAGE_PARA structure that contains the encryption parameters.</para>
|
||||
|
@ -1278,7 +1365,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "1c12003a-c2f3-4069-8bd6-b8f2875b0c98")]
|
||||
public static extern uint CryptMsgCalculateEncodedLength(CertEncodingType dwMsgEncodingType, CryptMsgFlags dwFlags, CryptMsgType dwMsgType, [In] IntPtr pvMsgEncodeInfo,
|
||||
[Optional, MarshalAs(UnmanagedType.LPStr)] string pszInnerContentObjID, uint cbData);
|
||||
[Optional] SafeOID pszInnerContentObjID, uint cbData);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CryptMsgClose</c> function closes a cryptographic message handle. At each call to this function, the reference count on
|
||||
|
@ -2745,7 +2832,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "b0d2610b-05ba-4fb6-8f38-10f970a52091")]
|
||||
public static extern SafeHCRYPTMSG CryptMsgOpenToEncode(CertEncodingType dwMsgEncodingType, CryptMsgFlags dwFlags, CryptMsgType dwMsgType, [In] IntPtr pvMsgEncodeInfo,
|
||||
[Optional, MarshalAs(UnmanagedType.LPStr)] string pszInnerContentObjID, in CMSG_STREAM_INFO pStreamInfo);
|
||||
[Optional] SafeOID pszInnerContentObjID, in CMSG_STREAM_INFO pStreamInfo);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CryptMsgOpenToEncode</c> function opens a cryptographic message for encoding and returns a handle of the opened message.
|
||||
|
@ -2976,7 +3063,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "b0d2610b-05ba-4fb6-8f38-10f970a52091")]
|
||||
public static extern SafeHCRYPTMSG CryptMsgOpenToEncode(CertEncodingType dwMsgEncodingType, CryptMsgFlags dwFlags, CryptMsgType dwMsgType, [In] IntPtr pvMsgEncodeInfo,
|
||||
[Optional, MarshalAs(UnmanagedType.LPStr)] string pszInnerContentObjID, IntPtr pStreamInfo = default);
|
||||
[Optional] SafeOID pszInnerContentObjID, IntPtr pStreamInfo = default);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CryptMsgUpdate</c> function adds contents to a cryptographic message. The use of this function allows messages to be
|
||||
|
@ -4433,23 +4520,12 @@ namespace Vanara.PInvoke
|
|||
[StructLayout(LayoutKind.Explicit)]
|
||||
public struct CMSG_KEY_AGREE_RECIPIENT_INFO_UNION
|
||||
{
|
||||
/// <summary>
|
||||
/// A handle to the cryptographic service provider (CSP) used to do the recipient key encryption and export. If <c>NULL</c>,
|
||||
/// the provider specified in CMSG_ENVELOPED_ENCODE_INFO is used. The CNG function NCryptIsKeyHandle is called to determine
|
||||
/// the union choice.
|
||||
/// </summary>
|
||||
[FieldOffset(0)]
|
||||
/// <summary>A CERT_ID that identifies the public key of the message originator.</summary>
|
||||
[FieldOffset(0)]
|
||||
public CERT_ID OriginatorCertId;
|
||||
|
||||
/// <summary>
|
||||
/// A handle to the CNG CSP used to do the recipient key encryption and export. The CNG function NCryptIsKeyHandle is called
|
||||
/// to determine the union choice. New encrypt algorithms are only supported in CNG functions. The CNG function
|
||||
/// NCryptTranslateHandle will be called to convert the CryptoAPI CSP hCryptProv choice where necessary. We recommend that
|
||||
/// applications pass, to the hNCryptKey member, the CNG CSP handle that is returned from the NCryptOpenKey function.
|
||||
/// </summary>
|
||||
[FieldOffset(0)]
|
||||
/// <summary>A CERT_PUBLIC_KEY_INFO structure that contains the public key of the message originator.</summary>
|
||||
[FieldOffset(0)]
|
||||
public CERT_PUBLIC_KEY_INFO OriginatorPublicKeyInfo;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,6 +1,9 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Text;
|
||||
using System.Threading;
|
||||
using Vanara.Extensions;
|
||||
using Vanara.InteropServices;
|
||||
|
||||
namespace Vanara.PInvoke
|
||||
|
@ -8,6 +11,9 @@ namespace Vanara.PInvoke
|
|||
/// <summary>Methods and data types found in Crypt32.dll.</summary>
|
||||
public static partial class Crypt32
|
||||
{
|
||||
/// <summary>Number of bits to shift byte len into an OID Group ID.</summary>
|
||||
public const int CRYPT_OID_INFO_OID_GROUP_BIT_LEN_SHIFT = 16;
|
||||
|
||||
/// <summary>The <c>CRYPT_ENUM_OID_FUNCTION</c> callback function is used with the CryptEnumOIDFunction function.</summary>
|
||||
/// <param name="dwEncodingType">
|
||||
/// <para>Specifies the encoding type to match. Setting this parameter to CRYPT_MATCH_ANY_ENCODING_TYPE matches any encoding type.</para>
|
||||
|
@ -48,7 +54,7 @@ namespace Vanara.PInvoke
|
|||
// rgdwValueType[], LPCWSTR const rgpwszValueName[], const BYTE * const rgpbValueData[], const DWORD rgcbValueData[], void *pvArg ) {...}
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "f29a3454-fa64-4305-ba4e-027d45014024")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public delegate bool PFN_CRYPT_ENUM_OID_FUNC(CertEncodingType dwEncodingType, [MarshalAs(UnmanagedType.LPStr)] string pszFuncName, [MarshalAs(UnmanagedType.LPStr)] string pszOID,
|
||||
public delegate bool PFN_CRYPT_ENUM_OID_FUNC(CertEncodingType dwEncodingType, [MarshalAs(UnmanagedType.LPStr)] string pszFuncName, [In] SafeOID pszOID,
|
||||
uint cValue, uint[] rgdwValueType, [MarshalAs(UnmanagedType.LPArray, ArraySubType = UnmanagedType.LPWStr)] string[] rgpwszValueName, IntPtr[] rgpbValueData, uint[] rgcbValueData, IntPtr pvArg);
|
||||
|
||||
/// <summary>The <c>CRYPT_ENUM_OID_INFO</c> callback function is used with the CryptEnumOIDInfo function.</summary>
|
||||
|
@ -62,7 +68,7 @@ namespace Vanara.PInvoke
|
|||
// PfnCryptEnumOidInfo; BOOL PfnCryptEnumOidInfo( PCCRYPT_OID_INFO pInfo, void *pvArg ) {...}
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "30ae4274-631d-4c6a-96c5-18f096607cad")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public delegate bool PFN_CRYPT_ENUM_OID_INFO(in CRYPT_OID_INFO pInfo, [In, Out, Optional] IntPtr pvArg);
|
||||
public delegate bool PFN_CRYPT_ENUM_OID_INFO(PCCRYPT_OID_INFO pInfo, [In, Out, Optional] IntPtr pvArg);
|
||||
|
||||
/// <summary>Flags for <see cref="CryptInstallOIDFunctionAddress"/>.</summary>
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "934e8278-0e0b-4402-a2b6-ff1e913d54c9")]
|
||||
|
@ -176,7 +182,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "aa2fba03-183b-4b74-b306-8f4592995897")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptEnumOIDFunction(CertEncodingType dwEncodingType, [Optional, MarshalAs(UnmanagedType.LPStr)] string pszFuncName, [Optional, MarshalAs(UnmanagedType.LPStr)] string pszOID,
|
||||
public static extern bool CryptEnumOIDFunction(CertEncodingType dwEncodingType, [Optional, MarshalAs(UnmanagedType.LPStr)] string pszFuncName, [Optional, In] SafeOID pszOID,
|
||||
[Optional] uint dwFlags, [In, Out, Optional] IntPtr pvArg, PFN_CRYPT_ENUM_OID_FUNC pfnEnumOIDFunc);
|
||||
|
||||
/// <summary>
|
||||
|
@ -405,7 +411,162 @@ namespace Vanara.PInvoke
|
|||
// dwKeyType, void *pvKey, DWORD dwGroupId );
|
||||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "87acf207-d109-4173-9530-8cbbebb473b2")]
|
||||
public static extern IntPtr CryptFindOIDInfo(CryptOIDInfoFlags dwKeyType, [In] IntPtr pvKey, OIDGroupId dwGroupId);
|
||||
public static extern PCCRYPT_OID_INFO CryptFindOIDInfo(CryptOIDInfoFlags dwKeyType, [In] IntPtr pvKey, OIDGroupId dwGroupId);
|
||||
|
||||
/// <summary>
|
||||
/// <para>
|
||||
/// The <c>CryptFindOIDInfo</c> function retrieves the first predefined or registered CRYPT_OID_INFO structure that matches a
|
||||
/// specified key type and key. The search can be limited to object identifiers (OIDs) within a specified OID group.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// Use CryptEnumOIDInfo to list all or selected subsets of CRYPT_OID_INFO structures. New <c>CRYPT_OID_INFO</c> structures can be
|
||||
/// registered by using CryptRegisterOIDInfo. User-registered OIDs can be removed from the list of registered OIDs by using CryptUnregisterOIDInfo.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// New OIDs can be placed in the list of registered OIDs either before or after the predefined entries. Because
|
||||
/// <c>CryptFindOIDInfo</c> returns the first key on the list that matches the search criteria, a newly registered OID placed before
|
||||
/// a predefined OID entry with the same key overrides a predefined entry.
|
||||
/// </para>
|
||||
/// </summary>
|
||||
/// <param name="dwKeyType">
|
||||
/// <para>Specifies the key type to use when finding OID information.</para>
|
||||
/// <para>This parameter can be one of the following key types.</para>
|
||||
/// <para>CRYPT_OID_INFO_OID_KEY</para>
|
||||
/// <para>pvKey is the address of a null-terminated ANSI string that contains the OID string to find.</para>
|
||||
/// <para>CRYPT_OID_INFO_NAME_KEY</para>
|
||||
/// <para>pvKey is the address of a null-terminated Unicode string that contains the name to find.</para>
|
||||
/// <para>CRYPT_OID_INFO_ALGID_KEY</para>
|
||||
/// <para>pvKey is the address of an ALG_IDvariable. The following <c>ALG_ID</c> s are supported:</para>
|
||||
/// <para>Hash Algorithms:</para>
|
||||
/// <para>Symmetric Encryption Algorithms:</para>
|
||||
/// <para>Public Key Algorithms:</para>
|
||||
/// <para>Algorithms that are not listed are supported by using Cryptography API: Next Generation (CNG) only; instead, use <c>CRYPT_OID_INFO_CNG_ALGID_KEY</c>.</para>
|
||||
/// <para>CRYPT_OID_INFO_SIGN_KEY</para>
|
||||
/// <para>
|
||||
/// pvKey is the address of an array of two ALG_IDs where the first element contains the hash algorithm identifier and the second
|
||||
/// element contains the public key algorithm identifier.
|
||||
/// </para>
|
||||
/// <para>The following <c>ALG_ID</c> combinations are supported.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Signature algorithm identifier</term>
|
||||
/// <term>Hash algorithm identifier</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CALG_RSA_SIGN</term>
|
||||
/// <term>CALG_SHA1 CALG_MD5 CALG_MD4 CALG_MD2</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CALG_DSS_SIGN</term>
|
||||
/// <term>CALG_SHA1</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CALG_NO_SIGN</term>
|
||||
/// <term>CALG_SHA1 CALG_NO_SIGN</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>Algorithms that are not listed are supported through CNG only; instead, use <c>CRYPT_OID_INFO_CNG_SIGN_KEY</c>.</para>
|
||||
/// <para>CRYPT_OID_INFO_CNG_ALGID_KEY</para>
|
||||
/// <para>
|
||||
/// pvKey is the address of a null-terminated Unicode string that contains the CNG algorithm identifier to find. This can be one of
|
||||
/// the predefined CNG Algorithm Identifiers or another registered algorithm identifier.
|
||||
/// </para>
|
||||
/// <para>Windows Server 2003 R2 Windows Server 2003 :</para>
|
||||
/// <para>This key type is not supported.</para>
|
||||
/// <para>CRYPT_OID_INFO_CNG_SIGN_KEY</para>
|
||||
/// <para>
|
||||
/// pvKey is the address of an array of two null-terminated Unicode string pointers where the first string contains the hash CNG
|
||||
/// algorithm identifier and the second string contains the public key CNG algorithm identifier. These can be from the predefined
|
||||
/// CNG Algorithm Identifiers or another registered algorithm identifier.
|
||||
/// </para>
|
||||
/// <para>Windows Server 2003 R2 Windows Server 2003 :</para>
|
||||
/// <para>This key type is not supported.</para>
|
||||
/// <para>
|
||||
/// Optionally, the following key types can be specified in the dwKeyType parameter by using the logical <c>OR</c> operator (|).
|
||||
/// </para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CRYPT_OID_INFO_PUBKEY_SIGN_KEY_FLAG</term>
|
||||
/// <term>
|
||||
/// Skips public keys in the CRYPT_PUBKEY_ALG_OID_GROUP_ID group that are explicitly flagged with the
|
||||
/// CRYPT_OID_PUBKEY_ENCRYPT_ONLY_FLAG flag.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CRYPT_OID_INFO_PUBKEY_ENCRYPT_KEY_FLAG</term>
|
||||
/// <term>
|
||||
/// Skips public keys in the CRYPT_PUBKEY_ALG_OID_GROUP_ID group that are explicitly flagged with the
|
||||
/// CRYPT_OID_PUBKEY_SIGN_ONLY_FLAG flag.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="pvKey">
|
||||
/// The address of a buffer that contains additional search information. This parameter depends on the value of the dwKeyType
|
||||
/// parameter. For more information, see the table under dwKeyType.
|
||||
/// </param>
|
||||
/// <param name="dwGroupId">
|
||||
/// <para>
|
||||
/// The group identifier to use when finding OID information. Setting this parameter to zero searches all groups according to the
|
||||
/// dwKeyType parameter. Otherwise, only the indicated dwGroupId is searched.
|
||||
/// </para>
|
||||
/// <para>For information about code that lists the OID information by group identifier, see CryptEnumOIDInfo.</para>
|
||||
/// <para>Optionally, the following flag can be specified in the dwGroupId parameter by using the logical <c>OR</c> operator (|).</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CRYPT_OID_DISABLE_SEARCH_DS_FLAG</term>
|
||||
/// <term>Disables searching the directory server.</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>
|
||||
/// The bit length shifted left 16 bits can be specified in the dwGroupId parameter by using the logical <c>OR</c> operator (|). For
|
||||
/// more information, see Remarks.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <returns>
|
||||
/// Returns a pointer to a constant structure of type CRYPT_OID_INFO. The returned pointer must not be freed. When the specified key
|
||||
/// and group is not found, <c>NULL</c> is returned.
|
||||
/// </returns>
|
||||
/// <remarks>
|
||||
/// <para>
|
||||
/// The <c>CryptFindOIDInfo</c> function performs a lookup in the active directory to retrieve the friendly names of OIDs under the
|
||||
/// following conditions:
|
||||
/// </para>
|
||||
/// <list type="bullet">
|
||||
/// <item>
|
||||
/// <term>The key type in the dwKeyType parameter is set to <c>CRYPT_OID_INFO_OID_KEY</c> or <c>CRYPT_OID_INFO_NAME_KEY</c>.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>
|
||||
/// No group identifier is specified in the dwGroupId parameter or the GroupID refers to EKU OIDs, policy OIDs or template OIDs.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>
|
||||
/// Network retrieval of the friendly name can be suppressed by calling the function with the
|
||||
/// <c>CRYPT_OID_DISABLE_SEARCH_DS_FLAG</c> flag.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// The bit length shifted left 16 bits can be specified in the dwGroupId parameter by using the logical <c>OR</c> operator (|).
|
||||
/// This is only applicable to the <c>CRYPT_ENCRYPT_ALG_OID_GROUP_ID</c> group entries that have a bit length specified in the
|
||||
/// <c>ExtraInfo</c> member of the CRYPT_OID_INFO structure. Currently, only the AES encryption algorithms have this. The constant
|
||||
/// <c>CRYPT_OID_INFO_OID_GROUP_BIT_LEN_SHIFT</c> can be used for doing the shift. For example, to find the OID information for
|
||||
/// <c>BCRYPT_AES_ALGORITHM</c> with bit length equal to 192, call <c>CryptFindOIDInfo</c> as follows.
|
||||
/// </para>
|
||||
/// </remarks>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptfindoidinfo PCCRYPT_OID_INFO CryptFindOIDInfo( DWORD
|
||||
// dwKeyType, void *pvKey, DWORD dwGroupId );
|
||||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "87acf207-d109-4173-9530-8cbbebb473b2")]
|
||||
public static extern PCCRYPT_OID_INFO CryptFindOIDInfo(CryptOIDInfoFlags dwKeyType, [In, MarshalAs(UnmanagedType.LPWStr)] string pvKey, OIDGroupId dwGroupId);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CryptFreeOIDFunctionAddress</c> function releases a handle returned by CryptGetOIDFunctionAddress or
|
||||
|
@ -619,7 +780,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "2eef6109-a840-48c6-936c-ec0875039c39")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptGetOIDFunctionAddress([In] HCRYPTOIDFUNCSET hFuncSet, CertEncodingType dwEncodingType, [Optional, MarshalAs(UnmanagedType.LPStr)] string pszOID,
|
||||
public static extern bool CryptGetOIDFunctionAddress([In] HCRYPTOIDFUNCSET hFuncSet, CertEncodingType dwEncodingType, [Optional, In] SafeOID pszOID,
|
||||
OIDFuncFlags dwFlags, out IntPtr ppvFuncAddr, ref HCRYPTOIDFUNCADDR phFuncAddr);
|
||||
|
||||
/// <summary>
|
||||
|
@ -722,7 +883,7 @@ namespace Vanara.PInvoke
|
|||
[PInvokeData("wincrypt.h", MSDNShortId = "14eb7f10-f42a-4496-9699-62eeb9878ea2")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptGetOIDFunctionValue(CertEncodingType dwEncodingType, [MarshalAs(UnmanagedType.LPStr)] string pszFuncName,
|
||||
[MarshalAs(UnmanagedType.LPStr)] string pszOID, [Optional, MarshalAs(UnmanagedType.LPWStr)] string pwszValueName, out REG_VALUE_TYPE pdwValueType,
|
||||
[In] SafeOID pszOID, [Optional, MarshalAs(UnmanagedType.LPWStr)] string pwszValueName, out REG_VALUE_TYPE pdwValueType,
|
||||
[Out] IntPtr pbValueData, ref uint pcbValueData);
|
||||
|
||||
/// <summary>
|
||||
|
@ -856,7 +1017,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "b625597d-28fd-4a40-afbe-a09201d36512")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptRegisterOIDFunction(CertEncodingType dwEncodingType, [MarshalAs(UnmanagedType.LPStr)] string pszFuncName, StrPtrAnsi pszOID,
|
||||
public static extern bool CryptRegisterOIDFunction(CertEncodingType dwEncodingType, [MarshalAs(UnmanagedType.LPStr)] string pszFuncName, SafeOID pszOID,
|
||||
[MarshalAs(UnmanagedType.LPWStr)] string pwszDll, [Optional, MarshalAs(UnmanagedType.LPStr)] string pszOverrideFuncName);
|
||||
|
||||
/// <summary>
|
||||
|
@ -963,7 +1124,7 @@ namespace Vanara.PInvoke
|
|||
[PInvokeData("wincrypt.h", MSDNShortId = "3e167c5d-0000-4359-a7b0-9b3e4e64c50c")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptSetOIDFunctionValue(CertEncodingType dwEncodingType, [MarshalAs(UnmanagedType.LPStr)] string pszFuncName,
|
||||
StrPtrAnsi pszOID, [Optional, MarshalAs(UnmanagedType.LPWStr)] string pwszValueName, REG_VALUE_TYPE dwValueType, [In, Optional] IntPtr pbValueData, uint cbValueData);
|
||||
SafeOID pszOID, [Optional, MarshalAs(UnmanagedType.LPWStr)] string pwszValueName, REG_VALUE_TYPE dwValueType, [In, Optional] IntPtr pbValueData, uint cbValueData);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CryptUnregisterDefaultOIDFunction</c> removes the registration of a DLL containing the default function to be called for
|
||||
|
@ -1016,7 +1177,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "c06ffda5-df7c-4e0e-bf4f-8b8c968fcd4c")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptUnregisterOIDFunction(CertEncodingType dwEncodingType, [MarshalAs(UnmanagedType.LPStr)] string pszFuncName, StrPtrAnsi pszOID);
|
||||
public static extern bool CryptUnregisterOIDFunction(CertEncodingType dwEncodingType, [MarshalAs(UnmanagedType.LPStr)] string pszFuncName, SafeOID pszOID);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CryptUnregisterOIDInfo</c> function removes the registration of a specified CRYPT_OID_INFO OID information structure. The
|
||||
|
@ -1074,7 +1235,7 @@ namespace Vanara.PInvoke
|
|||
public uint cbSize;
|
||||
|
||||
/// <summary>The OID associated with this OID information.</summary>
|
||||
[MarshalAs(UnmanagedType.LPStr)] public string pszOID;
|
||||
public StrPtrAnsi pszOID;
|
||||
|
||||
/// <summary>The display name associated with an OID.</summary>
|
||||
[MarshalAs(UnmanagedType.LPWStr)] public string pwszName;
|
||||
|
@ -1408,6 +1569,59 @@ namespace Vanara.PInvoke
|
|||
public IntPtr DangerousGetHandle() => handle;
|
||||
}
|
||||
|
||||
/// <summary>Provides a pointer to a CRYPT_OID_INFO.</summary>
|
||||
[StructLayout(LayoutKind.Sequential)]
|
||||
public struct PCCRYPT_OID_INFO : IHandle
|
||||
{
|
||||
private IntPtr handle;
|
||||
|
||||
/// <summary>Initializes a new instance of the <see cref="PCCRYPT_OID_INFO"/> struct.</summary>
|
||||
/// <param name="preexistingHandle">An <see cref="IntPtr"/> object that represents the pre-existing handle to use.</param>
|
||||
public PCCRYPT_OID_INFO(IntPtr preexistingHandle) => handle = preexistingHandle;
|
||||
|
||||
/// <summary>Returns an invalid handle by instantiating a <see cref="PCCRYPT_OID_INFO"/> object with <see cref="IntPtr.Zero"/>.</summary>
|
||||
public static PCCRYPT_OID_INFO NULL => new PCCRYPT_OID_INFO(IntPtr.Zero);
|
||||
|
||||
/// <summary>Gets a value indicating whether this instance is a null handle.</summary>
|
||||
public bool IsNull => handle == IntPtr.Zero;
|
||||
|
||||
/// <summary>Performs an explicit conversion from <see cref="PCCRYPT_OID_INFO"/> to <see cref="IntPtr"/>.</summary>
|
||||
/// <param name="h">The handle.</param>
|
||||
/// <returns>The result of the conversion.</returns>
|
||||
public static explicit operator IntPtr(PCCRYPT_OID_INFO h) => h.handle;
|
||||
|
||||
/// <summary>Performs an implicit conversion from <see cref="IntPtr"/> to <see cref="PCCRYPT_OID_INFO"/>.</summary>
|
||||
/// <param name="h">The pointer to a handle.</param>
|
||||
/// <returns>The result of the conversion.</returns>
|
||||
public static implicit operator PCCRYPT_OID_INFO(IntPtr h) => new PCCRYPT_OID_INFO(h);
|
||||
|
||||
/// <summary>Performs an explicit conversion from <see cref="PCCRYPT_OID_INFO"/> to <see cref="CRYPT_OID_INFO"/>.</summary>
|
||||
/// <param name="h">The handle.</param>
|
||||
/// <returns>The resulting <see cref="CRYPT_OID_INFO"/> instance from the conversion.</returns>
|
||||
public static explicit operator CRYPT_OID_INFO(PCCRYPT_OID_INFO h) => h.handle.ToStructure<CRYPT_OID_INFO>();
|
||||
|
||||
/// <summary>Implements the operator !=.</summary>
|
||||
/// <param name="h1">The first handle.</param>
|
||||
/// <param name="h2">The second handle.</param>
|
||||
/// <returns>The result of the operator.</returns>
|
||||
public static bool operator !=(PCCRYPT_OID_INFO h1, PCCRYPT_OID_INFO h2) => !(h1 == h2);
|
||||
|
||||
/// <summary>Implements the operator ==.</summary>
|
||||
/// <param name="h1">The first handle.</param>
|
||||
/// <param name="h2">The second handle.</param>
|
||||
/// <returns>The result of the operator.</returns>
|
||||
public static bool operator ==(PCCRYPT_OID_INFO h1, PCCRYPT_OID_INFO h2) => h1.Equals(h2);
|
||||
|
||||
/// <inheritdoc/>
|
||||
public override bool Equals(object obj) => obj is PCCRYPT_OID_INFO h ? handle == h.handle : false;
|
||||
|
||||
/// <inheritdoc/>
|
||||
public override int GetHashCode() => handle.GetHashCode();
|
||||
|
||||
/// <inheritdoc/>
|
||||
public IntPtr DangerousGetHandle() => handle;
|
||||
}
|
||||
|
||||
/// <summary>Definitions of various algorithm object identifiers RSA</summary>
|
||||
[PInvokeData("wincrypt.h")]
|
||||
public static class AlgOID
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
using System;
|
||||
using System.Runtime.InteropServices;
|
||||
using Vanara.InteropServices;
|
||||
|
||||
namespace Vanara.PInvoke
|
||||
{
|
||||
|
@ -70,25 +71,6 @@ namespace Vanara.PInvoke
|
|||
CRYPT_DECODE_ENABLE_IA5CONVERSION_FLAG = CRYPT_DECODE_ENABLE_PUNYCODE_FLAG | CRYPT_DECODE_ENABLE_UTF8PERCENT_FLAG,
|
||||
}
|
||||
|
||||
/// <summary>Flags for CryptDecrypt.</summary>
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "7c3d2838-6fd1-4f6c-9586-8b94b459a31a")]
|
||||
[Flags]
|
||||
public enum CryptDecryptFlags
|
||||
{
|
||||
/// <summary>
|
||||
/// Use Optimal Asymmetric Encryption Padding (OAEP) (PKCS #1 version 2). This flag is only supported by the Microsoft Enhanced
|
||||
/// Cryptographic Provider with RSA encryption/decryption. This flag cannot be combined with the
|
||||
/// CRYPT_DECRYPT_RSA_NO_PADDING_CHECK flag.
|
||||
/// </summary>
|
||||
CRYPT_OAEP = 0x00000040,
|
||||
|
||||
/// <summary>
|
||||
/// Perform the decryption on the BLOB without checking the padding. This flag is only supported by the Microsoft Enhanced
|
||||
/// Cryptographic Provider with RSA encryption/decryption. This flag cannot be combined with the CRYPT_OAEP flag.
|
||||
/// </summary>
|
||||
CRYPT_DECRYPT_RSA_NO_PADDING_CHECK = 0x00000020,
|
||||
}
|
||||
|
||||
/// <summary>Specifies options for the encoding.</summary>
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "45134db8-059b-43d3-90c2-9b6cc970fca0")]
|
||||
[Flags]
|
||||
|
@ -139,19 +121,6 @@ namespace Vanara.PInvoke
|
|||
CRYPT_ENCODE_ENABLE_IA5CONVERSION_FLAG = CRYPT_ENCODE_ENABLE_PUNYCODE_FLAG | CRYPT_ENCODE_ENABLE_UTF8PERCENT_FLAG,
|
||||
}
|
||||
|
||||
/// <summary>Flags for CryptEncrypt.</summary>
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "697c4960-552b-4c3a-95cf-4632af56945b")]
|
||||
[Flags]
|
||||
public enum CryptEncryptFlags
|
||||
{
|
||||
/// <summary>
|
||||
/// Use Optimal Asymmetric Encryption Padding (OAEP) (PKCS #1 version 2). This flag is only supported by the Microsoft Enhanced
|
||||
/// Cryptographic Provider with RSA encryption/decryption. This flag cannot be combined with the
|
||||
/// CRYPT_DECRYPT_RSA_NO_PADDING_CHECK flag.
|
||||
/// </summary>
|
||||
CRYPT_OAEP = 0x00000040,
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CryptDecodeObject</c> function decodes a structure of the type indicated by the lpszStructType parameter. The use of
|
||||
/// CryptDecodeObjectEx is recommended as an API that performs the same function with significant performance improvements.
|
||||
|
@ -308,7 +277,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "7d5ed4f4-9d76-4a16-9059-27b0edd83459")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptDecodeObject(CertEncodingType dwCertEncodingType, [MarshalAs(UnmanagedType.LPStr)] string lpszStructType, [In] IntPtr pbEncoded, uint cbEncoded,
|
||||
public static extern bool CryptDecodeObject(CertEncodingType dwCertEncodingType, [In] SafeOID lpszStructType, [In] IntPtr pbEncoded, uint cbEncoded,
|
||||
CryptDecodeFlags dwFlags, [Out] IntPtr pvStructInfo, ref uint pcbStructInfo);
|
||||
|
||||
/// <summary>
|
||||
|
@ -621,7 +590,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "bf1935f0-1ab0-4068-9ed5-8fbb2c286b8a")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptDecodeObjectEx(CertEncodingType dwCertEncodingType, [MarshalAs(UnmanagedType.LPStr)] string lpszStructType, [In] IntPtr pbEncoded, uint cbEncoded,
|
||||
public static extern bool CryptDecodeObjectEx(CertEncodingType dwCertEncodingType, [In] SafeOID lpszStructType, [In] IntPtr pbEncoded, uint cbEncoded,
|
||||
CryptDecodeFlags dwFlags, in CRYPT_DECODE_PARA pDecodePara, [Out] IntPtr pvStructInfo, ref uint pcbStructInfo);
|
||||
|
||||
/// <summary>
|
||||
|
@ -934,184 +903,9 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "bf1935f0-1ab0-4068-9ed5-8fbb2c286b8a")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptDecodeObjectEx(CertEncodingType dwCertEncodingType, [MarshalAs(UnmanagedType.LPStr)] string lpszStructType, [In] IntPtr pbEncoded, uint cbEncoded,
|
||||
public static extern bool CryptDecodeObjectEx(CertEncodingType dwCertEncodingType, [In] SafeOID lpszStructType, [In] IntPtr pbEncoded, uint cbEncoded,
|
||||
CryptDecodeFlags dwFlags, [In, Optional] IntPtr pDecodePara, [Out] IntPtr pvStructInfo, ref uint pcbStructInfo);
|
||||
|
||||
/// <summary>
|
||||
/// Important changes to support Secure/Multipurpose Internet Mail Extensions (S/MIME) email interoperability have been made to
|
||||
/// CryptoAPI that affect the handling of enveloped messages. For more information, see the Remarks section of CryptMsgOpenToEncode.
|
||||
/// </summary>
|
||||
/// <param name="hKey">
|
||||
/// <para>
|
||||
/// A handle to the key to use for the decryption. An application obtains this handle by using either the CryptGenKey or
|
||||
/// CryptImportKey function.
|
||||
/// </para>
|
||||
/// <para>This key specifies the decryption algorithm to be used.</para>
|
||||
/// </param>
|
||||
/// <param name="hHash">
|
||||
/// <para>
|
||||
/// A handle to a hash object. If data is to be decrypted and hashed simultaneously, a handle to a hash object is passed in this
|
||||
/// parameter. The hash value is updated with the decrypted plaintext. This option is useful when simultaneously decrypting and
|
||||
/// verifying a signature.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// Before calling <c>CryptDecrypt</c>, the application must obtain a handle to the hash object by calling the CryptCreateHash
|
||||
/// function. After the decryption is complete, the hash value can be obtained by using the CryptGetHashParam function, it can also
|
||||
/// be signed by using the CryptSignHash function, or it can be used to verify a digital signature by using the CryptVerifySignature function.
|
||||
/// </para>
|
||||
/// <para>If no hash is to be done, this parameter must be zero.</para>
|
||||
/// </param>
|
||||
/// <param name="Final">
|
||||
/// A Boolean value that specifies whether this is the last section in a series being decrypted. This value is <c>TRUE</c> if this
|
||||
/// is the last or only block. If this is not the last block, this value is <c>FALSE</c>. For more information, see Remarks.
|
||||
/// </param>
|
||||
/// <param name="dwFlags">
|
||||
/// <para>The following flag values are defined.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CRYPT_OAEP 0x00000040</term>
|
||||
/// <term>
|
||||
/// Use Optimal Asymmetric Encryption Padding (OAEP) (PKCS #1 version 2). This flag is only supported by the Microsoft Enhanced
|
||||
/// Cryptographic Provider with RSA encryption/decryption. This flag cannot be combined with the CRYPT_DECRYPT_RSA_NO_PADDING_CHECK flag.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CRYPT_DECRYPT_RSA_NO_PADDING_CHECK 0x00000020</term>
|
||||
/// <term>
|
||||
/// Perform the decryption on the BLOB without checking the padding. This flag is only supported by the Microsoft Enhanced
|
||||
/// Cryptographic Provider with RSA encryption/decryption. This flag cannot be combined with the CRYPT_OAEP flag.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="pbData">
|
||||
/// <para>
|
||||
/// A pointer to a buffer that contains the data to be decrypted. After the decryption has been performed, the plaintext is placed
|
||||
/// back into this same buffer.
|
||||
/// </para>
|
||||
/// <para>The number of encrypted bytes in this buffer is specified by pdwDataLen.</para>
|
||||
/// </param>
|
||||
/// <param name="pdwDataLen">
|
||||
/// <para>
|
||||
/// A pointer to a <c>DWORD</c> value that indicates the length of the pbData buffer. Before calling this function, the calling
|
||||
/// application sets the <c>DWORD</c> value to the number of bytes to be decrypted. Upon return, the <c>DWORD</c> value contains the
|
||||
/// number of bytes of the decrypted plaintext.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// When a block cipher is used, this data length must be a multiple of the block size unless this is the final section of data to
|
||||
/// be decrypted and the Final parameter is <c>TRUE</c>.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <returns>
|
||||
/// <para>If the function succeeds, the function returns nonzero ( <c>TRUE</c>).</para>
|
||||
/// <para>If the function fails, it returns zero ( <c>FALSE</c>). For extended error information, call GetLastError.</para>
|
||||
/// <para>The error codes prefaced by NTE are generated by the particular CSP being used. Some possible error codes follow.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Description</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>ERROR_INVALID_HANDLE</term>
|
||||
/// <term>One of the parameters specifies a handle that is not valid.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>ERROR_INVALID_PARAMETER</term>
|
||||
/// <term>One of the parameters contains a value that is not valid. This is most often a pointer that is not valid.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_ALGID</term>
|
||||
/// <term>The hKey session key specifies an algorithm that this CSP does not support.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_DATA</term>
|
||||
/// <term>
|
||||
/// The data to be decrypted is not valid. For example, when a block cipher is used and the Final flag is FALSE, the value specified
|
||||
/// by pdwDataLen must be a multiple of the block size. This error can also be returned when the padding is found to be not valid.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_FLAGS</term>
|
||||
/// <term>The dwFlags parameter is nonzero.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_HASH</term>
|
||||
/// <term>The hHash parameter contains a handle that is not valid.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_KEY</term>
|
||||
/// <term>The hKey parameter does not contain a valid handle to a key.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_LEN</term>
|
||||
/// <term>The size of the output buffer is too small to hold the generated plaintext.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_UID</term>
|
||||
/// <term>The CSP context that was specified when the key was created cannot be found.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_DOUBLE_ENCRYPT</term>
|
||||
/// <term>The application attempted to decrypt the same data twice.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_FAIL</term>
|
||||
/// <term>The function failed in some unexpected way.</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </returns>
|
||||
/// <remarks>
|
||||
/// <para>
|
||||
/// If a large amount of data is to be decrypted, it can be done in sections by calling <c>CryptDecrypt</c> repeatedly. The Final
|
||||
/// parameter must be set to <c>TRUE</c> only on the last call to <c>CryptDecrypt</c>, so that the decryption engine can properly
|
||||
/// finish the decryption process. The following extra actions are performed when Final is <c>TRUE</c>:
|
||||
/// </para>
|
||||
/// <list type="bullet">
|
||||
/// <item>
|
||||
/// <term>
|
||||
/// If the key is a block cipher key, the data is padded to a multiple of the block size of the cipher. To find the block size of a
|
||||
/// cipher, use CryptGetKeyParam to get the KP_BLOCKLEN value of the key.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>
|
||||
/// If the cipher is operating in a chaining mode, the next <c>CryptDecrypt</c> operation resets the cipher's feedback register to
|
||||
/// the KP_IV value of the key.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>If the cipher is a stream cipher, the next <c>CryptDecrypt</c> call resets the cipher to its initial state.</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>
|
||||
/// There is no way to set the cipher's feedback register to the KP_IV value of the key without setting the Final parameter to
|
||||
/// <c>TRUE</c>. If this is necessary, as in the case where you do not want to add an additional padding block or change the size of
|
||||
/// each block, you can simulate this by creating a duplicate of the original key by using the CryptDuplicateKey function, and
|
||||
/// passing the duplicate key to the <c>CryptDecrypt</c> function. This causes the KP_IV of the original key to be placed in the
|
||||
/// duplicate key. After you create or import the original key, you cannot use the original key for encryption because the feedback
|
||||
/// register of the key will be changed. The following pseudocode shows how this can be done.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// The Microsoft Enhanced Cryptographic Provider supports direct encryption with RSA public keys and decryption with RSA private
|
||||
/// keys. The encryption uses PKCS #1 padding. On decryption, this padding is verified. The length of ciphertext data to be
|
||||
/// decrypted must be the same length as the modulus of the RSA key used to decrypt the data. If the ciphertext has zeros in the
|
||||
/// most significant bytes, these bytes must be included in the input data buffer and in the input buffer length. The ciphertext
|
||||
/// must be in little-endian format.
|
||||
/// </para>
|
||||
/// <para>Examples</para>
|
||||
/// <para>For an example that uses this function, see Example C Program: Decrypting a File.</para>
|
||||
/// </remarks>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptdecrypt BOOL CryptDecrypt( HCRYPTKEY hKey,
|
||||
// HCRYPTHASH hHash, BOOL Final, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen );
|
||||
[DllImport(Lib.AdvApi32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "7c3d2838-6fd1-4f6c-9586-8b94b459a31a")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptDecrypt(HCRYPTKEY hKey, HCRYPTHASH hHash, [MarshalAs(UnmanagedType.Bool)] bool Final, CryptDecryptFlags dwFlags, [In, Out] IntPtr pbData, ref uint pdwDataLen);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CryptEncodeObject</c> function encodes a structure of the type indicated by the value of the lpszStructType parameter.
|
||||
/// The use of CryptEncodeObjectEx is recommended as an API that performs the same function with significant performance improvements.
|
||||
|
@ -1219,7 +1013,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "9576a2a7-4379-4c1b-8ad5-284720cf7ccc")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptEncodeObject(CertEncodingType dwCertEncodingType, [MarshalAs(UnmanagedType.LPStr)] string lpszStructType, [In] IntPtr pvStructInfo, [Out] IntPtr pbEncoded, ref uint pcbEncoded);
|
||||
public static extern bool CryptEncodeObject(CertEncodingType dwCertEncodingType, [In] SafeOID lpszStructType, [In] IntPtr pvStructInfo, [Out] IntPtr pbEncoded, ref uint pcbEncoded);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CryptEncodeObjectEx</c> function encodes a structure of the type indicated by the value of the lpszStructType parameter.
|
||||
|
@ -1538,215 +1332,9 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "45134db8-059b-43d3-90c2-9b6cc970fca0")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptEncodeObjectEx(CertEncodingType dwCertEncodingType, [MarshalAs(UnmanagedType.LPStr)] string lpszStructType, [In] IntPtr pvStructInfo,
|
||||
public static extern bool CryptEncodeObjectEx(CertEncodingType dwCertEncodingType, [In] SafeOID lpszStructType, [In] IntPtr pvStructInfo,
|
||||
CryptEncodeFlags dwFlags, in CRYPT_ENCODE_PARA pEncodePara, [Out] IntPtr pvEncoded, ref uint pcbEncoded);
|
||||
|
||||
/// <summary>
|
||||
/// <para>
|
||||
/// Important changes to support Secure/Multipurpose Internet Mail Extensions (S/MIME) email interoperability have been made to
|
||||
/// CryptoAPI that affect the handling of enveloped messages. For more information, see the Remarks section of CryptMsgOpenToEncode.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// <c>Important</c> The <c>CryptEncrypt</c> function is not guaranteed to be thread safe and may return incorrect results if
|
||||
/// invoked simultaneously by multiple callers.
|
||||
/// </para>
|
||||
/// </summary>
|
||||
/// <param name="hKey">
|
||||
/// <para>
|
||||
/// A handle to the encryption key. An application obtains this handle by using either the CryptGenKey or the CryptImportKey function.
|
||||
/// </para>
|
||||
/// <para>The key specifies the encryption algorithm used.</para>
|
||||
/// </param>
|
||||
/// <param name="hHash">
|
||||
/// <para>
|
||||
/// A handle to a hash object. If data is to be hashed and encrypted simultaneously, a handle to a hash object can be passed in the
|
||||
/// hHash parameter. The hash value is updated with the plaintext passed in. This option is useful when generating signed and
|
||||
/// encrypted text.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// Before calling <c>CryptEncrypt</c>, the application must obtain a handle to the hash object by calling the CryptCreateHash
|
||||
/// function. After the encryption is complete, the hash value can be obtained by using the CryptGetHashParam function, or the hash
|
||||
/// can be signed by using the CryptSignHash function.
|
||||
/// </para>
|
||||
/// <para>If no hash is to be done, this parameter must be <c>NULL</c>.</para>
|
||||
/// </param>
|
||||
/// <param name="Final">
|
||||
/// A Boolean value that specifies whether this is the last section in a series being encrypted. Final is set to <c>TRUE</c> for the
|
||||
/// last or only block and to <c>FALSE</c> if there are more blocks to be encrypted. For more information, see Remarks.
|
||||
/// </param>
|
||||
/// <param name="dwFlags">
|
||||
/// <para>The following dwFlags value is defined but reserved for future use.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CRYPT_OAEP</term>
|
||||
/// <term>
|
||||
/// Use Optimal Asymmetric Encryption Padding (OAEP) (PKCS #1 version 2). This flag is only supported by the Microsoft Enhanced
|
||||
/// Cryptographic Provider with RSA encryption/decryption.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="pbData">
|
||||
/// <para>
|
||||
/// A pointer to a buffer that contains the plaintext to be encrypted. The plaintext in this buffer is overwritten with the
|
||||
/// ciphertext created by this function.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// The pdwDataLen parameter points to a variable that contains the length, in bytes, of the plaintext. The dwBufLen parameter
|
||||
/// contains the total size, in bytes, of this buffer.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// If this parameter contains <c>NULL</c>, this function will calculate the required size for the ciphertext and place that in the
|
||||
/// value pointed to by the pdwDataLen parameter.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <param name="pdwDataLen">
|
||||
/// <para>
|
||||
/// A pointer to a <c>DWORD</c> value that , on entry, contains the length, in bytes, of the plaintext in the pbData buffer. On
|
||||
/// exit, this <c>DWORD</c> contains the length, in bytes, of the ciphertext written to the pbData buffer.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// If the buffer allocated for pbData is not large enough to hold the encrypted data, GetLastError returns <c>ERROR_MORE_DATA</c>
|
||||
/// and stores the required buffer size, in bytes, in the <c>DWORD</c> value pointed to by pdwDataLen.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// If pbData is <c>NULL</c>, no error is returned, and the function stores the size of the encrypted data, in bytes, in the
|
||||
/// <c>DWORD</c> value pointed to by pdwDataLen. This allows an application to determine the correct buffer size.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// When a block cipher is used, this data length must be a multiple of the block size unless this is the final section of data to
|
||||
/// be encrypted and the Final parameter is <c>TRUE</c>.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <param name="dwBufLen">
|
||||
/// <para>Specifies the total size, in bytes, of the input pbData buffer.</para>
|
||||
/// <para>
|
||||
/// Note that, depending on the algorithm used, the encrypted text can be larger than the original plaintext. In this case, the
|
||||
/// pbData buffer needs to be large enough to contain the encrypted text and any padding.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// As a rule, if a stream cipher is used, the ciphertext is the same size as the plaintext. If a block cipher is used, the
|
||||
/// ciphertext is up to a block length larger than the plaintext.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <returns>
|
||||
/// <para>If the function succeeds, the function returns nonzero ( <c>TRUE</c>).</para>
|
||||
/// <para>If the function fails, it returns zero ( <c>FALSE</c>). For extended error information, call GetLastError.</para>
|
||||
/// <para>The error codes prefaced by NTE are generated by the particular CSP being used. Some possible error codes follow.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Description</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>ERROR_INVALID_HANDLE</term>
|
||||
/// <term>One of the parameters specifies a handle that is not valid.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>ERROR_INVALID_PARAMETER</term>
|
||||
/// <term>One of the parameters contains a value that is not valid. This is most often a pointer that is not valid.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_ALGID</term>
|
||||
/// <term>The hKey session key specifies an algorithm that this CSP does not support.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_DATA</term>
|
||||
/// <term>
|
||||
/// The data to be encrypted is not valid. For example, when a block cipher is used and the Final flag is FALSE, the value specified
|
||||
/// by pdwDataLen must be a multiple of the block size.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_FLAGS</term>
|
||||
/// <term>The dwFlags parameter is nonzero.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_HASH</term>
|
||||
/// <term>The hHash parameter contains a handle that is not valid.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_HASH_STATE</term>
|
||||
/// <term>An attempt was made to add data to a hash object that is already marked "finished."</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_KEY</term>
|
||||
/// <term>The hKey parameter does not contain a valid handle to a key.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_LEN</term>
|
||||
/// <term>The size of the output buffer is too small to hold the generated ciphertext.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_BAD_UID</term>
|
||||
/// <term>The CSP context that was specified when the key was created cannot be found.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_DOUBLE_ENCRYPT</term>
|
||||
/// <term>The application attempted to encrypt the same data twice.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_FAIL</term>
|
||||
/// <term>The function failed in some unexpected way.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>NTE_NO_MEMORY</term>
|
||||
/// <term>The CSP ran out of memory during the operation.</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </returns>
|
||||
/// <remarks>
|
||||
/// <para>
|
||||
/// If a large amount of data is to be encrypted, it can be done in sections by calling <c>CryptEncrypt</c> repeatedly. The Final
|
||||
/// parameter must be set to <c>TRUE</c> on the last call to <c>CryptEncrypt</c>, so that the encryption engine can properly finish
|
||||
/// the encryption process. The following extra actions are performed when Final is <c>TRUE</c>:
|
||||
/// </para>
|
||||
/// <list type="bullet">
|
||||
/// <item>
|
||||
/// <term>
|
||||
/// If the key is a block cipher key, the data is padded to a multiple of the block size of the cipher. If the data length equals
|
||||
/// the block size of the cipher, one additional block of padding is appended to the data. To find the block size of a cipher, use
|
||||
/// CryptGetKeyParam to get the KP_BLOCKLEN value of the key.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>
|
||||
/// If the cipher is operating in a chaining mode, the next <c>CryptEncrypt</c> operation resets the cipher's feedback register to
|
||||
/// the KP_IV value of the key.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>If the cipher is a stream cipher, the next <c>CryptEncrypt</c> resets the cipher to its initial state.</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>
|
||||
/// There is no way to set the cipher's feedback register to the KP_IV value of the key without setting the Final parameter to
|
||||
/// <c>TRUE</c>. If this is necessary, as in the case where you do not want to add an additional padding block or change the size of
|
||||
/// each block, you can simulate this by creating a duplicate of the original key by using the CryptDuplicateKey function, and
|
||||
/// passing the duplicate key to the <c>CryptEncrypt</c> function. This causes the KP_IV of the original key to be placed in the
|
||||
/// duplicate key. After you create or import the original key, you cannot use the original key for encryption because the feedback
|
||||
/// register of the key will be changed. The following pseudocode shows how this can be done.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// The Microsoft Enhanced Cryptographic Provider supports direct encryption with RSA public keys and decryption with RSA private
|
||||
/// keys. The encryption uses PKCS #1 padding. On decryption, this padding is verified. The length of plaintext data that can be
|
||||
/// encrypted with a call to <c>CryptEncrypt</c> with an RSA key is the length of the key modulus minus eleven bytes. The eleven
|
||||
/// bytes is the chosen minimum for PKCS #1 padding. The ciphertext is returned in little-endian format.
|
||||
/// </para>
|
||||
/// <para>Examples</para>
|
||||
/// <para>For examples that use this function, see Example C Program: Encrypting a File and Example C Program: Decrypting a File.</para>
|
||||
/// </remarks>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptencrypt BOOL CryptEncrypt( HCRYPTKEY hKey,
|
||||
// HCRYPTHASH hHash, BOOL Final, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen, DWORD dwBufLen );
|
||||
[DllImport(Lib.AdvApi32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "697c4960-552b-4c3a-95cf-4632af56945b")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptEncrypt(HCRYPTKEY hKey, HCRYPTHASH hHash, [MarshalAs(UnmanagedType.Bool)] bool Final, CryptEncryptFlags dwFlags, [In, Out] IntPtr pbData, ref uint pdwDataLen, uint dwBufLen);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CRYPT_DECODE_PARA</c> structure is used by the CryptDecodeObjectEx function to provide access to memory allocation and
|
||||
/// memory freeing callback functions.
|
||||
|
|
|
@ -10,63 +10,104 @@ namespace Vanara.PInvoke
|
|||
/// <summary>Methods and data types found in Crypt32.dll.</summary>
|
||||
public static partial class Crypt32
|
||||
{
|
||||
/// <summary>Well-known provider types.</summary>
|
||||
public static class CryptProviderType
|
||||
{
|
||||
/// <summary/>
|
||||
public const uint PROV_RSA_FULL = 1;
|
||||
/// <summary/>
|
||||
public const uint PROV_RSA_SIG = 2;
|
||||
/// <summary/>
|
||||
public const uint PROV_DSS = 3;
|
||||
/// <summary/>
|
||||
public const uint PROV_FORTEZZA = 4;
|
||||
/// <summary/>
|
||||
public const uint PROV_MS_EXCHANGE = 5;
|
||||
/// <summary/>
|
||||
public const uint PROV_SSL = 6;
|
||||
/// <summary/>
|
||||
public const uint PROV_RSA_SCHANNEL = 12;
|
||||
/// <summary/>
|
||||
public const uint PROV_DSS_DH = 13;
|
||||
/// <summary/>
|
||||
public const uint PROV_EC_ECDSA_SIG = 14;
|
||||
/// <summary/>
|
||||
public const uint PROV_EC_ECNRA_SIG = 15;
|
||||
/// <summary/>
|
||||
public const uint PROV_EC_ECDSA_FULL = 16;
|
||||
/// <summary/>
|
||||
public const uint PROV_EC_ECNRA_FULL = 17;
|
||||
/// <summary/>
|
||||
public const uint PROV_DH_SCHANNEL = 18;
|
||||
/// <summary/>
|
||||
public const uint PROV_SPYRUS_LYNKS = 20;
|
||||
/// <summary/>
|
||||
public const uint PROV_RNG = 21;
|
||||
/// <summary/>
|
||||
public const uint PROV_INTEL_SEC = 22;
|
||||
/// <summary/>
|
||||
public const uint PROV_REPLACE_OWF = 23;
|
||||
/// <summary/>
|
||||
public const uint PROV_RSA_AES = 24;
|
||||
}
|
||||
|
||||
/*
|
||||
CryptAcquireContext
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
CryptAcquireContext
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
|
||||
Acquires a handle to the current user's key container within a particular CSP.
|
||||
CryptContextAddRef
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
Acquires a handle to the current user's key container within a particular CSP.
|
||||
CryptContextAddRef
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
|
||||
Increments the reference count on an HCRYPTPROV handle.
|
||||
CryptEnumProviders
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
Increments the reference count on an HCRYPTPROV handle.
|
||||
CryptEnumProviders
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
|
||||
Enumerates the providers on a computer.
|
||||
CryptEnumProviderTypes
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
Enumerates the providers on a computer.
|
||||
CryptEnumProviderTypes
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
|
||||
Enumerates the types of providers supported on the computer.
|
||||
CryptGetDefaultProvider
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
Enumerates the types of providers supported on the computer.
|
||||
CryptGetDefaultProvider
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
|
||||
Determines the default CSP either for the current user or for the computer for a specified provider type.
|
||||
CryptGetProvParam
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
Determines the default CSP either for the current user or for the computer for a specified provider type.
|
||||
CryptGetProvParam
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
|
||||
Retrieves the parameters that govern the operations of a CSP.
|
||||
CryptInstallDefaultContext
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
Retrieves the parameters that govern the operations of a CSP.
|
||||
CryptInstallDefaultContext
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
|
||||
Installs a previously acquired HCRYPTPROV context to be used as a default context.
|
||||
CryptReleaseContext
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
Installs a previously acquired HCRYPTPROV context to be used as a default context.
|
||||
CryptReleaseContext
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
|
||||
Releases the handle acquired by the CryptAcquireContext function.
|
||||
CryptSetProvider and CryptSetProviderEx
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
Releases the handle acquired by the CryptAcquireContext function.
|
||||
CryptSetProvider and CryptSetProviderEx
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
|
||||
Specifies the user default CSP for a particular CSP type.
|
||||
CryptSetProvParam
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
Specifies the user default CSP for a particular CSP type.
|
||||
CryptSetProvParam
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
|
||||
Specifies attributes of a CSP.
|
||||
CryptUninstallDefaultContext
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
Specifies attributes of a CSP.
|
||||
CryptUninstallDefaultContext
|
||||
[!Important]
|
||||
This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
|
||||
|
||||
Removes a default context previously installed by CryptInstallDefaultContext.
|
||||
FreeCryptProvFromCertEx Releases the handle either to a cryptographic service provider (CSP) or to a Cryptography API: Next Generation (CNG) key.
|
||||
*/
|
||||
Removes a default context previously installed by CryptInstallDefaultContext.
|
||||
FreeCryptProvFromCertEx Releases the handle either to a cryptographic service provider (CSP) or to a Cryptography API: Next Generation (CNG) key.
|
||||
*/
|
||||
}
|
||||
}
|
|
@ -1250,7 +1250,7 @@ namespace Vanara.PInvoke
|
|||
/// <summary>Performs an explicit conversion from <see cref="SafePCCRL_CONTEXT"/> to <see cref="CRL_CONTEXT"/>.</summary>
|
||||
/// <param name="ctx">The <see cref="SafePCCRL_CONTEXT"/> instance.</param>
|
||||
/// <returns>The resulting <see cref="CRL_CONTEXT"/> instance from the conversion.</returns>
|
||||
public static explicit operator CRL_CONTEXT(SafePCCRL_CONTEXT ctx) => ctx.DangerousGetHandle().ToStructure<CRL_CONTEXT>();
|
||||
public static unsafe explicit operator CRL_CONTEXT*(SafePCCRL_CONTEXT ctx) => (CRL_CONTEXT*)(void*)ctx.handle;
|
||||
|
||||
/// <summary>Performs an implicit conversion from <see cref="SafePCCRL_CONTEXT"/> to <see cref="PCCRL_CONTEXT"/>.</summary>
|
||||
/// <param name="ctx">The <see cref="SafePCCRL_CONTEXT"/> instance.</param>
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
using System;
|
||||
using System.Runtime.InteropServices;
|
||||
using Vanara.InteropServices;
|
||||
|
||||
namespace Vanara.PInvoke
|
||||
{
|
||||
|
@ -519,6 +520,43 @@ namespace Vanara.PInvoke
|
|||
/// The system will unbind the LDAP session by using the ldap_unbind function when the store is closed.
|
||||
/// </summary>
|
||||
CERT_LDAP_STORE_UNBIND_FLAG = 0x80000,
|
||||
|
||||
/// <summary>Stores at the registry location <c>HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates</c>.</summary>
|
||||
CERT_SYSTEM_STORE_CURRENT_USER = CertSystemStore.CERT_SYSTEM_STORE_CURRENT_USER,
|
||||
|
||||
/// <summary>Stores at the registry location <c>HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates</c>.</summary>
|
||||
CERT_SYSTEM_STORE_LOCAL_MACHINE = CertSystemStore.CERT_SYSTEM_STORE_LOCAL_MACHINE,
|
||||
|
||||
/// <summary>Stores at the registry location <c>HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Services\ServiceName\SystemCertificates</c>.</summary>
|
||||
CERT_SYSTEM_STORE_CURRENT_SERVICE = CertSystemStore.CERT_SYSTEM_STORE_CURRENT_SERVICE,
|
||||
|
||||
/// <summary>
|
||||
/// Stores at the registry location
|
||||
/// <c>HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Services\ServiceName\SystemCertificates</c> and with keys starting
|
||||
/// with [ServiceName].
|
||||
/// </summary>
|
||||
CERT_SYSTEM_STORE_SERVICES = CertSystemStore.CERT_SYSTEM_STORE_SERVICES,
|
||||
|
||||
/// <summary>
|
||||
/// Stores at the registry location <c>HKEY_USERS\UserName\Software\Microsoft\SystemCertificates</c> and with keys starting with [userid].
|
||||
/// </summary>
|
||||
CERT_SYSTEM_STORE_USERS = CertSystemStore.CERT_SYSTEM_STORE_USERS,
|
||||
|
||||
/// <summary>Stores at the registry location <c>HKEY_CURRENT_USER\Software\Policy\Microsoft\SystemCertificates</c>.</summary>
|
||||
CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY = CertSystemStore.CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY,
|
||||
|
||||
/// <summary>Stores at the registry location <c>HKEY_LOCAL_MACHINE\Software\Policy\Microsoft\SystemCertificates</c>.</summary>
|
||||
CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY = CertSystemStore.CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY,
|
||||
|
||||
/// <summary>
|
||||
/// CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE contains certificates shared across domains in the enterprise and downloaded from
|
||||
/// the global enterprise directory. To synchronize the client's enterprise store, the enterprise directory is polled every
|
||||
/// eight hours and certificates are downloaded automatically in the background.
|
||||
/// </summary>
|
||||
CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE = CertSystemStore.CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE,
|
||||
|
||||
/// <summary/>
|
||||
CERT_SYSTEM_STORE_LOCAL_MACHINE_WCOS = CertSystemStore.CERT_SYSTEM_STORE_LOCAL_MACHINE_WCOS,
|
||||
}
|
||||
|
||||
/// <summary>Specifies how to save the certificate store.</summary>
|
||||
|
@ -871,7 +909,184 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "2726cd34-51ba-4f68-9a3c-7cd505eb32a1")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CertAddSerializedElementToStore(HCERTSTORE hCertStore, [In] IntPtr pbElement, uint cbElement, CertStoreAdd dwAddDisposition, [Optional] uint dwFlags, CertStoreContextFlags dwContextTypeFlags, out CertStoreContextType pdwContextType, [Optional] IntPtr ppvContext);
|
||||
public static extern bool CertAddSerializedElementToStore([Optional] HCERTSTORE hCertStore, [In] IntPtr pbElement, uint cbElement, CertStoreAdd dwAddDisposition, [Optional] uint dwFlags, CertStoreContextFlags dwContextTypeFlags, out CertStoreContextType pdwContextType, out IntPtr ppvContext);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertAddSerializedElementToStore</c> function adds a serialized certificate, certificate revocation list (CRL), or
|
||||
/// certificate trust list (CTL) element to the store. The serialized element contains the encoded certificate, CRL, or CTL and its
|
||||
/// extended properties. Extended properties are associated with a certificate and are not part of a certificate as issued by a
|
||||
/// certification authority. Extended properties are not available on a certificate when it is used on a non-Microsoft platform.
|
||||
/// </summary>
|
||||
/// <param name="hCertStore">
|
||||
/// The handle of a certificate store where the created certificate will be stored. If hCertStore is <c>NULL</c>, the function
|
||||
/// creates a copy of a certificate, CRL, or CTL context with its extended properties, but the certificate, CRL, or CTL is not
|
||||
/// persisted in any store.
|
||||
/// </param>
|
||||
/// <param name="pbElement">
|
||||
/// A pointer to a buffer that contains the certificate, CRL, or CTL information to be serialized and added to the certificate store.
|
||||
/// </param>
|
||||
/// <param name="cbElement">The size, in bytes, of the pbElement buffer.</param>
|
||||
/// <param name="dwAddDisposition">
|
||||
/// <para>
|
||||
/// Specifies the action to take if the certificate, CRL, or CTL already exists in the store. Currently defined disposition values
|
||||
/// are shown in the following table.
|
||||
/// </para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_ADD_NEW</term>
|
||||
/// <term>
|
||||
/// If the certificate, CRL, or CTL is new, it is created and persisted to the store. The operation fails if an identical
|
||||
/// certificate, CRL, or CTL already exists in the store. The last error code is set to CRYPT_E_EXISTS.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_ADD_USE_EXISTING</term>
|
||||
/// <term>
|
||||
/// If the certificate, CRL, or CTL is new, it is added to the store. If an identical certificate, CRL, or CTL already exists, the
|
||||
/// existing element is used. If ppvContext is not NULL, the existing context is duplicated. The function only adds properties that
|
||||
/// do not already exist. The SHA-1 and MD5 hash properties are not copied.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_ADD_REPLACE_EXISTING</term>
|
||||
/// <term>
|
||||
/// If an identical certificate, CRL, or CTL already exists in the store, the existing certificate, CRL, or CTL context is deleted
|
||||
/// before creating and adding the new context.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_ADD_ALWAYS</term>
|
||||
/// <term>
|
||||
/// No check is made to determine whether an identical certificate, CRL, or CTL already exists. A new element is always created.
|
||||
/// This can lead to duplicates in the store. To determine whether the element already exists in the store, call CertGetCRLFromStore
|
||||
/// or CertGetSubjectCertificateFromStore.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_ADD_NEWER</term>
|
||||
/// <term>
|
||||
/// If a matching CRL or CTL or a link to a matching CRL or CTL exists, the function compares the NotBefore times on the CRL or CTL.
|
||||
/// If the existing CRL or CTL has a NotBefore time less than the NotBefore time on the new element, the old element or link is
|
||||
/// replaced just as with CERT_STORE_ADD_REPLACE_EXISTING. If the existing element has a NotBefore time greater than or equal to the
|
||||
/// NotBefore time on the element to be added, the function fails with GetLastError returning the CRYPT_E_EXISTS code. If a matching
|
||||
/// CRL or CTL or a link to a matching CRL or CTL is not found in the store, a new element is added to the store.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES</term>
|
||||
/// <term>
|
||||
/// The action is the same as for CERT_STORE_ADD_NEWER. However, if an older CRL or CTL is replaced, the properties of the older
|
||||
/// element are incorporated into the replacement.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES</term>
|
||||
/// <term>
|
||||
/// If a matching certificate exists in the store, the existing context is deleted before creating and adding the new context. The
|
||||
/// new added context inherits properties from the existing certificate.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="dwFlags">Reserved for future use and must be zero.</param>
|
||||
/// <param name="dwContextTypeFlags">
|
||||
/// <para>
|
||||
/// Specifics the contexts that can be added. For example, to add either a certificate, CRL, or CTL, set dwContextTypeFlags to
|
||||
/// <c>CERT_STORE_CERTIFICATE_CONTEXT_FLAG</c> or <c>CERT_STORE_CRL_CONTEXT_FLAG</c>.
|
||||
/// </para>
|
||||
/// <para>Currently defined context type flags are shown in the following table.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_ALL_CONTEXT_FLAG</term>
|
||||
/// <term>Adds any context.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_CERTIFICATE_CONTEXT_FLAG</term>
|
||||
/// <term>Adds only a certificate context.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_CRL_CONTEXT_FLAG</term>
|
||||
/// <term>Adds only a CRL context.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_CTL_CONTEXT_FLAG</term>
|
||||
/// <term>Adds only a CTL context.</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="pdwContextType">
|
||||
/// <para>
|
||||
/// A pointer to the context type of the added serialized element. This is an optional parameter and can be <c>NULL</c>, which
|
||||
/// indicates that the calling application does not require the context type.
|
||||
/// </para>
|
||||
/// <para>Currently defined context types are shown in the following table.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_CERTIFICATE_CONTEXT</term>
|
||||
/// <term>Certificates</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_CRL_CONTEXT</term>
|
||||
/// <term>CRLs</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_CTL_CONTEXT</term>
|
||||
/// <term>CTLs</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="ppvContext">
|
||||
/// <para>
|
||||
/// A pointer to a pointer to the decoded certificate, CRL, or CTL context. This is an optional parameter and can be <c>NULL</c>,
|
||||
/// which indicates that the calling application does not require the context of the added or existing certificate, CRL, or CTL.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// If ppvContext is not <c>NULL</c>, it must be the address of a pointer to a CERT_CONTEXT, CRL_CONTEXT, or CTL_CONTEXT. When the
|
||||
/// application is finished with the context, the context must be freed by using CertFreeCertificateContext for a certificate,
|
||||
/// CertFreeCRLContext for a CRL, or CertFreeCTLContext for a CTL.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <returns>
|
||||
/// <para>If the function succeeds, the function returns nonzero.</para>
|
||||
/// <para>If the function fails, it returns zero. For extended error information, call GetLastError. Some possible error codes follow.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Return code</term>
|
||||
/// <term>Description</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CRYPT_E_EXISTS</term>
|
||||
/// <term>If the dwAddDisposition parameter is set to CERT_STORE_ADD_NEW, the certificate, CRL, or CTL already exists in the store.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>E_INVALIDARG</term>
|
||||
/// <term>A disposition value that is not valid was specified in the dwAddDisposition parameter.</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>
|
||||
/// If the function fails, GetLastError may return an Abstract Syntax Notation One (ASN.1) encoding/decoding error. For information
|
||||
/// about these errors, see ASN.1 Encoding/Decoding Return Values.
|
||||
/// </para>
|
||||
/// </returns>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certaddserializedelementtostore BOOL
|
||||
// CertAddSerializedElementToStore( HCERTSTORE hCertStore, const BYTE *pbElement, DWORD cbElement, DWORD dwAddDisposition, DWORD
|
||||
// dwFlags, DWORD dwContextTypeFlags, DWORD *pdwContextType, const void **ppvContext );
|
||||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "2726cd34-51ba-4f68-9a3c-7cd505eb32a1")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CertAddSerializedElementToStore([Optional] HCERTSTORE hCertStore, [In] IntPtr pbElement, uint cbElement, CertStoreAdd dwAddDisposition, [Optional] uint dwFlags, CertStoreContextFlags dwContextTypeFlags, IntPtr pdwContextType = default, IntPtr ppvContext = default);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertAddStoreToCollection</c> function adds a sibling certificate store to a collection certificate store. When a
|
||||
|
@ -2332,7 +2547,518 @@ namespace Vanara.PInvoke
|
|||
// lpszStoreProvider, DWORD dwEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const void *pvPara );
|
||||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "4edccbfe-c0a8-442b-b6b7-51ef598e7c90")]
|
||||
public static extern SafeHCERTSTORE CertOpenStore([MarshalAs(UnmanagedType.LPStr)] string lpszStoreProvider, CertEncodingType dwEncodingType, [Optional] HCRYPTPROV hCryptProv, CertStoreFlags dwFlags, [Optional] IntPtr pvPara);
|
||||
public static extern SafeHCERTSTORE CertOpenStore([In] SafeOID lpszStoreProvider, CertEncodingType dwEncodingType, [Optional] HCRYPTPROV hCryptProv, CertStoreFlags dwFlags, [Optional] IntPtr pvPara);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertOpenStore</c> function opens a certificate store by using a specified store provider type. While this function can
|
||||
/// open a certificate store for most purposes, CertOpenSystemStore is recommended to open the most common certificate stores.
|
||||
/// <c>CertOpenStore</c> is required for more complex options and special cases.
|
||||
/// </summary>
|
||||
/// <param name="lpszStoreProvider">
|
||||
/// <para>A pointer to a null-terminated ANSI string that contains the store provider type.</para>
|
||||
/// <para>
|
||||
/// The following values represent the predefined store types. The store provider type determines the contents of the pvPara
|
||||
/// parameter and the use and meaning of the high word of the dwFlags parameter. Additional store providers can be installed or
|
||||
/// registered by using the CryptInstallOIDFunctionAddress or CryptRegisterOIDFunction function. For more information about adding
|
||||
/// store providers, see Extending CertOpenStore Functionality.
|
||||
/// </para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_COLLECTION sz_CERT_STORE_PROV_COLLECTION</term>
|
||||
/// <term>
|
||||
/// Opens a store that will be a collection of other stores. Stores are added to or removed from the collection by using
|
||||
/// CertAddStoreToCollection and CertRemoveStoreFromCollection. When a store is added to a collection, all certificates, CRLs, and
|
||||
/// CTLs in that store become available to searches or enumerations of the collection store. The high word of dwFlags is set to
|
||||
/// zero. pvPara value: The pvPara parameter must be NULL.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_FILE</term>
|
||||
/// <term>
|
||||
/// Initializes the store with certificates, CRLs, and CTLs read from a specified open file. This provider expects the file to
|
||||
/// contain only a serialized store and not either PKCS #7 signed messages or a single encoded certificate. The file pointer must be
|
||||
/// positioned at the beginning of the serialized store information. After the data in the serialized store has been loaded into the
|
||||
/// certificate store, the file pointer is positioned at the beginning of any data that can follow the serialized store data in the
|
||||
/// file. If CERT_FILE_STORE_COMMIT_ENABLE is set in dwFlags, the file handle is duplicated and the store is always committed as a
|
||||
/// serialized store. The file is not closed when the store is closed. pvPara value: The pvPara parameter must contain a pointer to
|
||||
/// the handle of a file opened by using CreateFile.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_FILENAME_A</term>
|
||||
/// <term>
|
||||
/// Initializes the store with certificates, CRLs, and CTLs from a file. The provider opens the file and first attempts to read the
|
||||
/// file as a serialized store, then as a PKCS #7 signed message, and finally as a single encoded certificate. The dwEncodingType
|
||||
/// parameter must contain the encoding types to be used with both messages and certificates. If the file contains an X.509 encoded
|
||||
/// certificate, the open operation fails and a call to the GetLastError function will return ERROR_ACCESS_DENIED. If the
|
||||
/// CERT_FILE_STORE_COMMIT_ENABLE flag is set in dwFlags, the dwCreationDisposition value passed to CreateFile is as follows: If
|
||||
/// dwFlags includes CERT_FILE_STORE_COMMIT_ENABLE, the file is committed as either a PKCS #7 or a serialized store depending on the
|
||||
/// file type opened. If the file was empty or if the file name has either a .p7c or .spc extension, the file is committed as a PKCS
|
||||
/// #7. Otherwise, the file is committed as a serialized store. pvPara value: The pvPara parameter must contain a pointer to
|
||||
/// null-terminated ANSI string that contains the name of an existing, unopened file.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_FILENAME(_W) sz_CERT_STORE_PROV_FILENAME(_W)</term>
|
||||
/// <term>
|
||||
/// Same as CERT_STORE_PROV_FILENAME_A. pvPara value: The pvPara parameter must contain a pointer to null-terminated Unicode string
|
||||
/// that contains the name of an existing, unopened file.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_LDAP(_W) sz_CERT_STORE_PROV_LDAP(_W)</term>
|
||||
/// <term>
|
||||
/// Initializes the store with certificates, CRLs, and CTLs from the results of an LDAP query. To perform write operations on the
|
||||
/// store, the query string must specify a BASE query with no filter and a single attribute. pvPara value: If the dwFlags parameter
|
||||
/// contains CERT_LDAP_STORE_OPENED_FLAG, set pvPara to the address of a CERT_LDAP_STORE_OPENED_PARA structure that specifies the
|
||||
/// established LDAP session to use. Otherwise, set pvPara to point to a null-terminated Unicode string that contains the LDAP query
|
||||
/// string. For more information about LDAP query strings, see LDAP Dialect.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_MEMORY sz_CERT_STORE_PROV_MEMORY</term>
|
||||
/// <term>
|
||||
/// Creates a certificate store in cached memory. No certificates, certificate revocation lists (CRLs), or certificate trust lists
|
||||
/// (CTLs) are initially loaded into the store. Typically used to create a temporary store. Any addition of certificates, CRLs, or
|
||||
/// CTLs or changes in properties of certificates, CRLs, or CTLs in a memory store are not automatically saved. They can be saved to
|
||||
/// a file or to a memory BLOB by using CertSaveStore. pvPara value: The pvPara parameter is not used.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_MSG</term>
|
||||
/// <term>
|
||||
/// Initializes the store with certificates, CRLs, and CTLs from the specified cryptographic message. The dwEncodingType parameter
|
||||
/// must contain the encoding types used with both messages and certificates. pvPara value: The pvPara parameter contains an
|
||||
/// HCRYPTMSG handle of the encoded message, returned by a call to CryptMsgOpenToDecode.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_PHYSICAL(_W) sz_CERT_STORE_PROV_PHYSICAL(_W)</term>
|
||||
/// <term>
|
||||
/// Initializes the store with certificates, CRLs, and CTLs from a specified physical store that is a member of a logical system
|
||||
/// store. Two names are separated with an intervening backslash (), for example "Root.Default". Here, "Root" is the name of the
|
||||
/// system store and ".Default" is the name of the physical store. The system and physical store names cannot contain any
|
||||
/// backslashes. The high word of dwFlags indicates the system store location, usually CERT_SYSTEM_STORE_CURRENT_USER. For more
|
||||
/// information, see dwFlags later in this topic and see System Store Locations. Some physical store locations can be opened
|
||||
/// remotely. pvPara value: The pvPara parameter points to a null-terminated Unicode string that contains both the system store name
|
||||
/// and physical names.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_PKCS7 sz_CERT_STORE_PROV_PKCS7</term>
|
||||
/// <term>
|
||||
/// Initializes the store with certificates, CRLs, and CTLs from an encoded PKCS #7 signed message. The dwEncodingType parameter
|
||||
/// must specify the encoding types to be used with both messages and certificates. pvPara value: The pvPara parameter points to a
|
||||
/// CRYPT_DATA_BLOB structure that represents the encoded message.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_PKCS12 sz_CERT_STORE_PROV_PKCS12</term>
|
||||
/// <term>
|
||||
/// Initializes the store with the contents of a PKCS #12 packet. If the PKCS #12 packet is protected with a NULL or empty password,
|
||||
/// this function will succeed in opening the store. Beginning with Windows 8 and Windows Server 2012, if the password embedded in
|
||||
/// the PFX packet was protected to an Active Directory (AD) principal and the current user, as a member of that principal, has
|
||||
/// permission to decrypt the password, this function will succeed in opening the store. For more information, see the pvPara
|
||||
/// parameter and the PKCS12_PROTECT_TO_DOMAIN_SIDS flag of the PFXExportCertStoreEx function. You can protect PFX passwords to an
|
||||
/// AD principal beginning in Windows 8 and Windows Server 2012. pvPara value: The pvPara parameter points to a CRYPT_DATA_BLOB
|
||||
/// structure that represents the PKCS #12 packet.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_REG</term>
|
||||
/// <term>
|
||||
/// Initializes the store with certificates, CRLs, and CTLs from a registry subkey. This provider opens or creates the registry
|
||||
/// subkeys Certificates, CRLs, and CTLs under the key passed in pvPara. The input key is not closed by the provider. Before
|
||||
/// returning, the provider opens its own copy of the key passed in pvPara. If CERT_STORE_READONLY_FLAG is set in the low word of
|
||||
/// dwFlags, registry subkeys are opened by using the RegOpenKey with KEY_READ_ACCESS. Otherwise, registry subkeys are created by
|
||||
/// using RegCreateKey with KEY_ALL_ACCESS. Any changes to the contents of the opened store are immediately persisted to the
|
||||
/// registry. However, if CERT_STORE_READONLY_FLAG is set in the low word of dwFlags, any attempt to add to the contents of the
|
||||
/// store or to change a context's property results in an error with GetLastError returning the E_ACCESSDENIED code. pvPara value:
|
||||
/// The pvPara parameter contains the handle of an open registry key.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_SERIALIZED sz_CERT_STORE_PROV_SERIALIZED</term>
|
||||
/// <term>
|
||||
/// Initializes the store with certificates, CRLs, and CTLs from a memory location that contains a serialized store. pvPara value:
|
||||
/// The pvPara parameter points to a CRYPT_DATA_BLOB structure that contains the serialized memory BLOB.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_SMART_CARD(_W) sz_CERT_STORE_PROV_SMART_CARD(_W)</term>
|
||||
/// <term>Not currently used.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_SYSTEM_A</term>
|
||||
/// <term>
|
||||
/// Initializes the store with certificates, CRLs, and CTLs from the specified system store. The system store is a logical,
|
||||
/// collection store that consists of one or more physical stores. A physical store associated with a system store is registered
|
||||
/// with the CertRegisterPhysicalStore function. After the system store is opened, all of the physical stores that are associated
|
||||
/// with it are also opened by calls to CertOpenStore and are added to the system store collection by using the
|
||||
/// CertAddStoreToCollection function. The high word of dwFlags indicates the system store location, usually set to
|
||||
/// CERT_SYSTEM_STORE_CURRENT_USER. For details about registry locations, see dwFlags later in this topic and System Store
|
||||
/// Locations. Some system store locations can be opened remotely; for more information, see System Store Locations. pvPara value:
|
||||
/// The pvPara parameter points to a null-terminated ANSI string that contains a system store name, such as "My" or "Root".
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_SYSTEM(_W) sz_CERT_STORE_PROV_SYSTEM(_W)</term>
|
||||
/// <term>
|
||||
/// Same as CERT_STORE_PROV_SYSTEM_A. pvPara value: The pvPara parameter points to a null-terminated Unicode string that contains a
|
||||
/// system store name, such as "My" or "Root".
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_SYSTEM_REGISTRY_A</term>
|
||||
/// <term>
|
||||
/// Initializes the store with certificates, CRLs, and CTLs from a physical registry store. The physical store is not opened as a
|
||||
/// collection store. Enumerations and searches go through only the certificates, CRLs, and CTLs in that one physical store. The
|
||||
/// high word of dwFlags indicates the system store location, usually set to CERT_SYSTEM_STORE_CURRENT_USER. For more information,
|
||||
/// see dwFlags later in this topic. Some system store locations can be open remotely; for more information, see System Store
|
||||
/// Locations. pvPara value: The pvPara parameter points to a null-terminated ANSI string that contains a system store name, such as
|
||||
/// "My" or "Root".
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_PROV_SYSTEM_REGISTRY(_W) sz_CERT_STORE_PROV_SYSTEM_REGISTRY(_W)</term>
|
||||
/// <term>
|
||||
/// Same as CERT_STORE_PROV_SYSTEM_REGISTRY_A. pvPara value: The pvPara parameter points to a null-terminated Unicode string that
|
||||
/// contains a system store name, such as "My" or "Root".
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="dwEncodingType">
|
||||
/// <para>
|
||||
/// Specifies the certificate encoding type and message encoding type. Encoding is used only when the dwSaveAs parameter of the
|
||||
/// CertSaveStore function contains <c>CERT_STORE_SAVE_AS_PKCS7</c>. Otherwise, the dwMsgAndCertEncodingType parameter is not used.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// This parameter is only applicable when the <c>CERT_STORE_PROV_MSG</c>, <c>CERT_STORE_PROV_PKCS7</c>, or
|
||||
/// <c>CERT_STORE_PROV_FILENAME</c> provider type is specified in the lpszStoreProvider parameter. For all other provider types,
|
||||
/// this parameter is unused and should be set to zero.
|
||||
/// </para>
|
||||
/// <para>This parameter can be a combination of one or more of the following values.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>PKCS_7_ASN_ENCODING 65536 (0x10000)</term>
|
||||
/// <term>Specifies PKCS #7 message encoding.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>X509_ASN_ENCODING 1 (0x1)</term>
|
||||
/// <term>Specifies X.509 certificate encoding.</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="hCryptProv">
|
||||
/// <para>This parameter is not used and should be set to <c>NULL</c>.</para>
|
||||
/// <para>
|
||||
/// <c>Windows Server 2003 and Windows XP:</c> A handle to a cryptographic provider. Passing <c>NULL</c> for this parameter causes
|
||||
/// an appropriate, default provider to be used. Using the default provider is recommended. The default or specified cryptographic
|
||||
/// provider is used for all store functions that verify the signature of a subject certificate or CRL.This parameter's data type is <c>HCRYPTPROV</c>.
|
||||
/// </para>
|
||||
/// </param>
|
||||
/// <param name="dwFlags">
|
||||
/// <para>These values consist of high-word and low-word values combined by using a bitwise- <c>OR</c> operation.</para>
|
||||
/// <para>
|
||||
/// The low-word portion of dwFlags controls a variety of general characteristics of the certificate store opened. This portion can
|
||||
/// be used with all store provider types. The low-word portion of dwFlags can be one of the following values.
|
||||
/// </para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_BACKUP_RESTORE_FLAG</term>
|
||||
/// <term>
|
||||
/// Use the thread's SE_BACKUP_NAME and SE_RESTORE_NAME privileges to open registry or file-based system stores. If the thread does
|
||||
/// not have these privileges, this function must fail with an access denied error.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_CREATE_NEW_FLAG</term>
|
||||
/// <term>
|
||||
/// A new store is created if one did not exist. The function fails if the store already exists. If neither
|
||||
/// CERT_STORE_OPEN_EXISTING_FLAG nor CERT_STORE_CREATE_NEW_FLAG is set, a store is opened if it exists or is created and opened if
|
||||
/// it did not already exist.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG</term>
|
||||
/// <term>
|
||||
/// Defer closing of the store's provider until all certificates, CRLs, or CTLs obtained from the store are no longer in use. The
|
||||
/// store is actually closed when the last certificate, CRL, or CTL obtained from the store is freed. Any changes made to properties
|
||||
/// of these certificates, CRLs, and CTLs, even after the call to CertCloseStore, are persisted. If this flag is not set and
|
||||
/// certificates, CRLs, or CTLs obtained from the store are still in use, any changes to the properties of those certificates, CRLs,
|
||||
/// and CTLs will not be persisted. If this function is called with CERT_CLOSE_STORE_FORCE_FLAG,
|
||||
/// CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG is ignored. When this flag is set and a non-NULL hCryptProv parameter value is
|
||||
/// passed, that provider will continue to be used even after the call to this function.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_DELETE_FLAG</term>
|
||||
/// <term>
|
||||
/// The store is deleted instead of being opened. This function returns NULL for both success and failure of the deletion. To
|
||||
/// determine the success of the deletion, call GetLastError, which returns zero if the store was deleted and a nonzero value if it
|
||||
/// was not deleted.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_ENUM_ARCHIVED_FLAG</term>
|
||||
/// <term>
|
||||
/// Normally, an enumeration of all certificates in the store will ignore any certificate with the CERT_ARCHIVED_PROP_ID property
|
||||
/// set. If this flag is set, an enumeration of the certificates in the store will contain all of the certificates in the store,
|
||||
/// including those that have the CERT_ARCHIVED_PROP_ID property.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_MAXIMUM_ALLOWED_FLAG</term>
|
||||
/// <term>
|
||||
/// Open the store with the maximum set of allowed permissions. If this flag is specified, registry stores are first opened with
|
||||
/// write access and if that fails, they are reopened with read-only access.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_NO_CRYPT_RELEASE_FLAG</term>
|
||||
/// <term>
|
||||
/// This flag is not used when the hCryptProv parameter is NULL. This flag is only valid when a non-NULL CSP handle is passed as the
|
||||
/// hCryptProv parameter. Setting this flag prevents the automatic release of a nondefault CSP when the certificate store is closed.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_OPEN_EXISTING_FLAG</term>
|
||||
/// <term>Only open an existing store. If the store does not exist, the function fails.</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_READONLY_FLAG</term>
|
||||
/// <term>
|
||||
/// Open the store in read-only mode. Any attempt to change the contents of the store will result in an error. When this flag is set
|
||||
/// and a registry based store provider is being used, the registry subkeys are opened by using RegOpenKey with KEY_READ_ACCESS.
|
||||
/// Otherwise, the registry subkeys are created by using RegCreateKey with KEY_ALL_ACCESS.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_SET_LOCALIZED_NAME_FLAG</term>
|
||||
/// <term>
|
||||
/// If this flag is supported, the provider sets the store's CERT_STORE_LOCALIZED_NAME_PROP_ID property. The localized name can be
|
||||
/// retrieved by calling the CertGetStoreProperty function with dwPropID set to CERT_STORE_LOCALIZED_NAME_PROP_ID. This flag is
|
||||
/// supported for providers of types CERT_STORE_PROV_FILENAME, CERT_STORE_PROV_SYSTEM, CERT_STORE_PROV_SYSTEM_REGISTRY, and CERT_STORE_PROV_PHYSICAL_W.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_SHARE_CONTEXT_FLAG</term>
|
||||
/// <term>
|
||||
/// When opening a store multiple times, you can set this flag to ensure efficient memory usage by reusing the memory for the
|
||||
/// encoded parts of a certificate, CRL, or CTL context across the opened instances of the stores.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_STORE_UPDATE_KEYID_FLAG</term>
|
||||
/// <term>
|
||||
/// Lists of key identifiers exist within CurrentUser and LocalMachine. These key identifiers have properties much like the
|
||||
/// properties of certificates. If the CERT_STORE_UPDATE_KEYID_FLAG is set, then for every key identifier in the store's location
|
||||
/// that has a CERT_KEY_PROV_INFO_PROP_ID property, that property is automatically updated from the key identifier property
|
||||
/// CERT_KEY_PROV_INFO_PROP_ID or the CERT_KEY_IDENTIFIER_PROP_ID of the certificate related to that key identifier.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>
|
||||
/// The <c>CERT_STORE_PROV_SYSTEM</c>, <c>CERT_STORE_PROV_SYSTEM_REGISTRY</c>, and <c>CERT_STORE_PROV_PHYSICAL</c> provider types
|
||||
/// use the following high words of dwFlags to specify system store registry locations:
|
||||
/// </para>
|
||||
/// <para>CERT_SYSTEM_STORE_CURRENT_SERVICE</para>
|
||||
/// <para>CERT_SYSTEM_STORE_CURRENT_USER</para>
|
||||
/// <para>CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY</para>
|
||||
/// <para>CERT_SYSTEM_STORE_LOCAL_MACHINE</para>
|
||||
/// <para>CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE</para>
|
||||
/// <para>CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY</para>
|
||||
/// <para>CERT_SYSTEM_STORE_SERVICES</para>
|
||||
/// <para>CERT_SYSTEM_STORE_USERS</para>
|
||||
/// <para>
|
||||
/// By default, a system store location is opened relative to the <c>HKEY_CURRENT_USER</c>, <c>HKEY_LOCAL_MACHINE</c>, or
|
||||
/// <c>HKEY_USERS</c> predefined registry key. For more information, see System Store Locations.
|
||||
/// </para>
|
||||
/// <para>The following high-word flags override this default behavior.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_SYSTEM_STORE_RELOCATE_FLAG</term>
|
||||
/// <term>
|
||||
/// When set, pvPara must contain a pointer to a CERT_SYSTEM_STORE_RELOCATE_PARA structure rather than a string. The structure
|
||||
/// indicates both the name of the store and its location in the registry.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_SYSTEM_STORE_UNPROTECTED_FLAG</term>
|
||||
/// <term>
|
||||
/// By default, when the CurrentUser "Root" store is opened, any SystemRegistry roots not on the protected root list are deleted
|
||||
/// from the cache before this function returns. When this flag is set, this default is overridden and all of the roots in the
|
||||
/// SystemRegistry are returned and no check of the protected root list is made.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>The <c>CERT_STORE_PROV_REGISTRY</c> provider uses the following high-word flags.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_REGISTRY_STORE_REMOTE_FLAG</term>
|
||||
/// <term>
|
||||
/// pvPara contains a handle to a registry key on a remote computer. To access a registry key on a remote computer, security
|
||||
/// permissions on the remote computer must be set to allow access. For more information, see Remarks.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_REGISTRY_STORE_SERIALIZED_FLAG</term>
|
||||
/// <term>
|
||||
/// The CERT_STORE_PROV_REG provider saves certificates, CRLs, and CTLs in a single serialized store subkey instead of performing
|
||||
/// the default save operation. The default is that each certificate, CRL, or CTL is saved as a separate registry subkey under the
|
||||
/// appropriate subkey. This flag is mainly used for stores downloaded from the group policy template (GPT), such as the
|
||||
/// CurrentUserGroupPolicy and LocalMachineGroupPolicy stores. When CERT_REGISTRY_STORE_SERIALIZED_FLAG is set, store additions,
|
||||
/// deletions, or property changes are not persisted until there is a call to either CertCloseStore or CertControlStore using CERT_STORE_CTRL_COMMIT.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>The <c>CERT_STORE_PROV_FILE</c> and <c>CERT_STORE_PROV_FILENAME</c> provider types use the following high-word flags.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_FILE_STORE_COMMIT_ENABLE</term>
|
||||
/// <term>
|
||||
/// Setting this flag commits any additions to the store or any changes made to properties of contexts in the store to the file
|
||||
/// store either when CertCloseStore is called or when CertControlStore is called with CERT_STORE_CONTROL_COMMIT. CertOpenStore
|
||||
/// fails with E_INVALIDARG if both CERT_FILE_STORE_COMMIT_ENABLE and CERT_STORE_READONLY_FLAG are set in dwFlags.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>The <c>CERT_STORE_PROV_LDAP</c> provider type uses the following high-word flags.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_LDAP_STORE_AREC_EXCLUSIVE_FLAG</term>
|
||||
/// <term>
|
||||
/// Performs an A-Record-only DNS lookup on the URL named in the pvPara parameter. This prevents false DNS queries from being
|
||||
/// generated when resolving URL host names. Use this flag when passing a host name as opposed to a domain name for the pvPara parameter.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_LDAP_STORE_OPENED_FLAG</term>
|
||||
/// <term>
|
||||
/// Use this flag to use an existing LDAP session. When this flag is specified, the pvPara parameter is the address of a
|
||||
/// CERT_LDAP_STORE_OPENED_PARA structure that contains information about the LDAP session to use.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_LDAP_STORE_SIGN_FLAG</term>
|
||||
/// <term>
|
||||
/// To provide integrity required by some applications, digitally sign all LDAP traffic to and from an LDAP server by using the
|
||||
/// Kerberos authentication protocol.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_LDAP_STORE_UNBIND_FLAG</term>
|
||||
/// <term>
|
||||
/// Use this flag with the CERT_LDAP_STORE_OPENED_FLAG flag to cause the LDAP session to be unbound when the store is closed. The
|
||||
/// system will unbind the LDAP session by using the ldap_unbind function when the store is closed.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="pvPara">
|
||||
/// A 32-bit value that can contain additional information for this function. The contents of this parameter depends on the value of
|
||||
/// the lpszStoreProvider and other parameters.
|
||||
/// </param>
|
||||
/// <returns>
|
||||
/// <para>
|
||||
/// If the function succeeds, the function returns a handle to the certificate store. When you have finished using the store,
|
||||
/// release the handle by calling the CertCloseStore function.
|
||||
/// </para>
|
||||
/// <para>If the function fails, it returns <c>NULL</c>. For extended error information, call GetLastError.</para>
|
||||
/// <para>
|
||||
/// <c>Note</c> CreateFile, ReadFile, or registry errors might be propagated and their error codes returned. <c>CertOpenStore</c>
|
||||
/// has a single error code of its own, the ERROR_FILE_NOT_FOUND code, which indicates that the function was unable to find the
|
||||
/// provider specified by the lpszStoreProvider parameter.
|
||||
/// </para>
|
||||
/// </returns>
|
||||
/// <remarks>
|
||||
/// <para>
|
||||
/// A system store is a collection that consists of one or more physical sibling stores. For each system store, there are predefined
|
||||
/// physical sibling stores. After opening a system store such as "My" at CERT_SYSTEM_STORE_CURRENT_USER, <c>CertOpenStore</c> is
|
||||
/// called to open all of the physical stores in the system store collection. Each of these physical stores is added to the system
|
||||
/// store collection by using the CertAddStoreToCollection function. All certificates, CRLs, and CTLs in those physical stores are
|
||||
/// available through the logical system store collection.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// <c>Note</c> The order of the certificate context may not be preserved within the store. To access a specific certificate you
|
||||
/// must iterate across the certificates in the store.
|
||||
/// </para>
|
||||
/// <para>The following system store locations can be opened remotely:</para>
|
||||
/// <list type="bullet">
|
||||
/// <item>
|
||||
/// <term>CERT_SYSTEM_STORE_LOCAL_MACHINE</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_SYSTEM_STORE_SERVICES</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_SYSTEM_STORE_USERS</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>
|
||||
/// System store locations are opened remotely by prefixing the store name in the string passed to pvPara with the computer name.
|
||||
/// Examples of remote system store names are:
|
||||
/// </para>
|
||||
/// <list type="bullet">
|
||||
/// <item>
|
||||
/// <term>ComputerName\CA</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>\\ComputerName\CA</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>ComputerName\ServiceName\Trust</term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>\\ComputerName\ServiceName\Trust</term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// <para>For more information about system stores, see System Store Locations.</para>
|
||||
/// <para>For more information about the stores that are automatically migrated, see Certificate Store Migration.</para>
|
||||
/// <para>Examples</para>
|
||||
/// <para>
|
||||
/// The following example shows opening several certificate stores of different store provider types. The example uses the
|
||||
/// <c>CreateMyDACL</c> function, defined in the Creating a DACL topic, to ensure the open file is created with a proper DACL. For
|
||||
/// more examples of opening other store provider types, see Example C Code for Opening Certificate Stores.
|
||||
/// </para>
|
||||
/// </remarks>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certopenstore HCERTSTORE CertOpenStore( LPCSTR
|
||||
// lpszStoreProvider, DWORD dwEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const void *pvPara );
|
||||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "4edccbfe-c0a8-442b-b6b7-51ef598e7c90")]
|
||||
public static extern SafeHCERTSTORE CertOpenStore([In] SafeOID lpszStoreProvider, CertEncodingType dwEncodingType, [Optional] HCRYPTPROV hCryptProv, CertStoreFlags dwFlags, [MarshalAs(UnmanagedType.LPWStr)] string pvPara);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertOpenSystemStore</c> function is a simplified function that opens the most common system certificate store. To open
|
||||
|
@ -3098,7 +3824,7 @@ namespace Vanara.PInvoke
|
|||
/// CryptInstallOIDFunctionAddress or CryptRegisterOIDFunction. For more information, see CertOpenStore.
|
||||
/// </para>
|
||||
/// </summary>
|
||||
[MarshalAs(UnmanagedType.LPStr)] public string pszOpenStoreProvider;
|
||||
public StrPtrAnsi pszOpenStoreProvider;
|
||||
|
||||
/// <summary>
|
||||
/// <para>
|
||||
|
@ -3348,5 +4074,60 @@ namespace Vanara.PInvoke
|
|||
/// <inheritdoc/>
|
||||
protected override bool InternalReleaseHandle() => CertCloseStore(handle, Flag);
|
||||
}
|
||||
|
||||
/// <summary>Certificate Store Provider constants.</summary>
|
||||
public static class CertStoreProvider
|
||||
{
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_MSG = 1;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_MEMORY = 2;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_FILE = 3;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_REG = 4;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_PKCS7 = 5;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_SERIALIZED = 6;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_FILENAME = 8;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_SYSTEM = 10;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_COLLECTION = 11;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_SYSTEM_REGISTRY = 13;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_PHYSICAL = 14;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_SMART_CARD = 15;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_LDAP = 16;
|
||||
/// <summary/>
|
||||
public const int CERT_STORE_PROV_PKCS12 = 17;
|
||||
/// <summary/>
|
||||
public const string sz_CERT_STORE_PROV_MEMORY = "Memory";
|
||||
/// <summary/>
|
||||
public const string sz_CERT_STORE_PROV_FILENAME = "File";
|
||||
/// <summary/>
|
||||
public const string sz_CERT_STORE_PROV_SYSTEM = "System";
|
||||
/// <summary/>
|
||||
public const string sz_CERT_STORE_PROV_PKCS7 = "PKCS7";
|
||||
/// <summary/>
|
||||
public const string sz_CERT_STORE_PROV_PKCS12 = "PKCS12";
|
||||
/// <summary/>
|
||||
public const string sz_CERT_STORE_PROV_SERIALIZED = "Serialized";
|
||||
/// <summary/>
|
||||
public const string sz_CERT_STORE_PROV_COLLECTION = "Collection";
|
||||
/// <summary/>
|
||||
public const string sz_CERT_STORE_PROV_SYSTEM_REGISTRY = "SystemRegistry";
|
||||
/// <summary/>
|
||||
public const string sz_CERT_STORE_PROV_PHYSICAL = "Physical";
|
||||
/// <summary/>
|
||||
public const string sz_CERT_STORE_PROV_SMART_CARD = "SmartCard";
|
||||
/// <summary/>
|
||||
public const string sz_CERT_STORE_PROV_LDAP = "Ldap";
|
||||
}
|
||||
}
|
||||
}
|
|
@ -704,6 +704,11 @@ namespace Vanara.PInvoke
|
|||
/// <returns>The result of the conversion.</returns>
|
||||
public static implicit operator PCCTL_CONTEXT(SafePCCTL_CONTEXT h) => h.handle;
|
||||
|
||||
/// <summary>Performs an explicit conversion from <see cref="SafePCCTL_CONTEXT"/> to <see cref="CTL_CONTEXT"/>.</summary>
|
||||
/// <param name="ctx">The handle.</param>
|
||||
/// <returns>The resulting <see cref="CTL_CONTEXT"/> instance from the conversion.</returns>
|
||||
public static unsafe explicit operator CTL_CONTEXT*(SafePCCTL_CONTEXT ctx) => (CTL_CONTEXT*)(void*)ctx.handle;
|
||||
|
||||
/// <inheritdoc/>
|
||||
protected override bool InternalReleaseHandle() => CertFreeCTLContext(handle);
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
using System;
|
||||
using System.Runtime.InteropServices;
|
||||
using Vanara.Extensions;
|
||||
using Vanara.InteropServices;
|
||||
using FILETIME = System.Runtime.InteropServices.ComTypes.FILETIME;
|
||||
|
||||
namespace Vanara.PInvoke
|
||||
|
@ -153,6 +154,15 @@ namespace Vanara.PInvoke
|
|||
|
||||
/// <summary>Setting this flag explicitly turns off Authority Information Access (AIA) retrievals.</summary>
|
||||
CERT_CHAIN_DISABLE_AIA = 0x00002000,
|
||||
|
||||
/// <summary>Revocation checking is done on the end certificate and only the end certificate.</summary>
|
||||
CERT_CHAIN_REVOCATION_CHECK_END_CERT = 0x10000000,
|
||||
|
||||
/// <summary>Revocation checking is done on all of the certificates in every chain.</summary>
|
||||
CERT_CHAIN_REVOCATION_CHECK_CHAIN = 0x20000000,
|
||||
|
||||
/// <summary>Revocation checking is done on all certificates in all of the chains except the root certificate.</summary>
|
||||
CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT = 0x40000000,
|
||||
}
|
||||
|
||||
/// <summary>Flags used by <see cref="CERT_CHAIN_POLICY_PARA"/></summary>
|
||||
|
@ -1225,7 +1235,149 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "19c37f77-1072-4740-b244-764b816a2a1f")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CertVerifyCertificateChainPolicy([MarshalAs(UnmanagedType.LPStr)] string pszPolicyOID, [In] PCCERT_CHAIN_CONTEXT pChainContext,
|
||||
public static extern bool CertVerifyCertificateChainPolicy([In] SafeOID pszPolicyOID, [In] PCCERT_CHAIN_CONTEXT pChainContext,
|
||||
in CERT_CHAIN_POLICY_PARA pPolicyPara, ref CERT_CHAIN_POLICY_STATUS pPolicyStatus);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertVerifyCertificateChainPolicy</c> function checks a certificate chain to verify its validity, including its compliance
|
||||
/// with any specified validity policy criteria.
|
||||
/// </summary>
|
||||
/// <param name="pszPolicyOID">
|
||||
/// <para>Current predefined verify chain policy structures are listed in the following table.</para>
|
||||
/// <list type="table">
|
||||
/// <listheader>
|
||||
/// <term>Value</term>
|
||||
/// <term>Meaning</term>
|
||||
/// </listheader>
|
||||
/// <item>
|
||||
/// <term>CERT_CHAIN_POLICY_BASE (LPCSTR) 1</term>
|
||||
/// <term>
|
||||
/// Implements the base chain policy verification checks. The dwFlags member of the structure pointed to by pPolicyPara can be set
|
||||
/// to alter the default policy checking behavior.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_CHAIN_POLICY_AUTHENTICODE (LPCSTR) 2</term>
|
||||
/// <term>
|
||||
/// Implements the Authenticode chain policy verification checks. The pvExtraPolicyPara member of the structure pointed to by
|
||||
/// pPolicyPara can be set to point to an AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA structure. The pvExtraPolicyStatus member of the
|
||||
/// structure pointed to by pPolicyStatus can be set to point to an AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS structure.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_CHAIN_POLICY_AUTHENTICODE_TS (LPCSTR) 3</term>
|
||||
/// <term>
|
||||
/// Implements Authenticode Time Stamp chain policy verification checks. The pvExtraPolicyPara member of the data structure pointed
|
||||
/// to by pPolicyPara can be set to point to an AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA structure. The pvExtraPolicyStatus
|
||||
/// member of the data structure pointed to by pPolicyStatus is not used and must be set to NULL
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_CHAIN_POLICY_SSL (LPCSTR) 4</term>
|
||||
/// <term>
|
||||
/// Implements the SSL client/server chain policy verification checks. The pvExtraPolicyPara member in the data structure pointed to
|
||||
/// by pPolicyPara can be set to point to an SSL_EXTRA_CERT_CHAIN_POLICY_PARA structure initialized with additional policy criteria.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_CHAIN_POLICY_BASIC_CONSTRAINTS (LPCSTR) 5</term>
|
||||
/// <term>
|
||||
/// Implements the basic constraints chain policy. Iterates through all the certificates in the chain checking for either a
|
||||
/// szOID_BASIC_CONSTRAINTS or a szOID_BASIC_CONSTRAINTS2 extension. If neither extension is present, the certificate is assumed to
|
||||
/// have valid policy. Otherwise, for the first certificate element, checks if it matches the expected CA_FLAG or END_ENTITY_FLAG
|
||||
/// specified in the dwFlags member of the CERT_CHAIN_POLICY_PARA structure pointed to by the pPolicyPara parameter. If neither or
|
||||
/// both flags are set, then, the first element can be either a CA or END_ENTITY. All other elements must be a certification
|
||||
/// authority (CA). If the PathLenConstraint is present in the extension, it is checked. The first elements in the remaining simple
|
||||
/// chains (that is, the certificates used to sign the CTL) are checked to be an END_ENTITY. If this verification fails, dwError
|
||||
/// will be set to TRUST_E_BASIC_CONSTRAINTS.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_CHAIN_POLICY_NT_AUTH (LPCSTR) 6</term>
|
||||
/// <term>
|
||||
/// Implements the Windows NT Authentication chain policy, which consists of three distinct chain verifications in the following order:
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_CHAIN_POLICY_MICROSOFT_ROOT (LPCSTR) 7</term>
|
||||
/// <term>
|
||||
/// Checks the last element of the first simple chain for a Microsoft root public key. If that element does not contain a Microsoft
|
||||
/// root public key, the dwError member of the CERT_CHAIN_POLICY_STATUS structure pointed to by the pPolicyStatus parameter is set
|
||||
/// to CERT_E_UNTRUSTEDROOT. The dwFlags member of the CERT_CHAIN_POLICY_PARA structure pointed to by the pPolicyStatus parameter
|
||||
/// can contain the MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG flag, which causes this function to also check for
|
||||
/// the Microsoft application root "Microsoft Root Certificate Authority 2011". The dwFlags member of the CERT_CHAIN_POLICY_PARA
|
||||
/// structure pointed to by the pPolicyPara parameter can contain the MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG flag,
|
||||
/// which causes this function to also check for the Microsoft test roots.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_CHAIN_POLICY_EV (LPCSTR) 8</term>
|
||||
/// <term>
|
||||
/// Specifies that extended validation of certificates is performed. Windows Server 2008, Windows Vista, Windows Server 2003 and
|
||||
/// Windows XP: This value is not supported.
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// <item>
|
||||
/// <term>CERT_CHAIN_POLICY_SSL_F12 (LPCSTR) 9</term>
|
||||
/// <term>
|
||||
/// Checks if any certificates in the chain have weak crypto or if third party root certificate compliance and provide an error
|
||||
/// string. The pvExtraPolicyStatus member of the CERT_CHAIN_POLICY_STATUS structure pointed to by the pPolicyStatus parameter must
|
||||
/// point to SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS, which is updated with the results of the weak crypto and root program
|
||||
/// compliance checks. Before calling, the cbSize member of the CERT_CHAIN_POLICY_STATUS structure pointed to by the pPolicyStatus
|
||||
/// parameter must be set to a value greater than or equal to sizeof(SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS). The dwError member in
|
||||
/// CERT_CHAIN_POLICY_STATUS structure pointed to by the pPolicyStatus parameter will be set to TRUST_E_CERT_SIGNATURE for potential
|
||||
/// weak crypto and set to CERT_E_UNTRUSTEDROOT for Third Party Roots not in compliance with the Microsoft Root Program. Windows 10,
|
||||
/// version 1607, Windows Server 2016, Windows 10, version 1511 with KB3172985, Windows 10 RTM with KB3163912, Windows 8.1 and
|
||||
/// Windows Server 2012 R2 with KB3163912, and Windows 7 with SP1 and Windows Server 2008 R2 SP1 with KB3161029
|
||||
/// </term>
|
||||
/// </item>
|
||||
/// </list>
|
||||
/// </param>
|
||||
/// <param name="pChainContext">A pointer to a CERT_CHAIN_CONTEXT structure that contains a chain to be verified.</param>
|
||||
/// <param name="pPolicyPara">
|
||||
/// <para>
|
||||
/// A pointer to a CERT_CHAIN_POLICY_PARA structure that provides the policy verification criteria for the chain. The <c>dwFlags</c>
|
||||
/// member of that structure can be set to change the default policy checking behavior.
|
||||
/// </para>
|
||||
/// <para>In addition, policy-specific parameters can also be passed in the <c>pvExtraPolicyPara</c> member of the structure.</para>
|
||||
/// </param>
|
||||
/// <param name="pPolicyStatus">
|
||||
/// A pointer to a CERT_CHAIN_POLICY_STATUS structure where status information on the chain is returned. OID-specific extra status
|
||||
/// can be returned in the <c>pvExtraPolicyStatus</c> member of this structure.
|
||||
/// </param>
|
||||
/// <returns>
|
||||
/// <para>
|
||||
/// The return value indicates whether the function was able to check for the policy, it does not indicate whether the policy check
|
||||
/// failed or passed.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// If the chain can be verified for the specified policy, <c>TRUE</c> is returned and the <c>dwError</c> member of the
|
||||
/// pPolicyStatus is updated. A <c>dwError</c> of 0 (ERROR_SUCCESS or S_OK) indicates the chain satisfies the specified policy.
|
||||
/// </para>
|
||||
/// <para>
|
||||
/// If the chain cannot be validated, the return value is <c>TRUE</c> and you need to verify the pPolicyStatus parameter for the
|
||||
/// actual error.
|
||||
/// </para>
|
||||
/// <para>A value of <c>FALSE</c> indicates that the function wasn't able to check for the policy.</para>
|
||||
/// </returns>
|
||||
/// <remarks>
|
||||
/// <para>
|
||||
/// A <c>dwError</c> member of the CERT_CHAIN_POLICY_STATUS structure pointed to by pPolicyStatus can apply to a single chain
|
||||
/// element, to a simple chain, or to an entire chain context. If <c>dwError</c> applies to the entire chain context, both the
|
||||
/// <c>lChainIndex</c> and the <c>lElementIndex</c> members of the <c>CERT_CHAIN_POLICY_STATUS</c> structure are set to –1. If
|
||||
/// <c>dwError</c> applies to a complete simple chain, <c>lElementIndex</c> is set to –1 and <c>lChainIndex</c> is set to the index
|
||||
/// of the first chain that has an error. If <c>dwError</c> applies to a single certificate element, <c>lChainIndex</c> and
|
||||
/// <c>lElementIndex</c> index the first certificate that has the error.
|
||||
/// </para>
|
||||
/// <para>To get the certificate element use this syntax:</para>
|
||||
/// </remarks>
|
||||
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certverifycertificatechainpolicy BOOL
|
||||
// CertVerifyCertificateChainPolicy( LPCSTR pszPolicyOID, PCCERT_CHAIN_CONTEXT pChainContext, PCERT_CHAIN_POLICY_PARA pPolicyPara,
|
||||
// PCERT_CHAIN_POLICY_STATUS pPolicyStatus );
|
||||
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "19c37f77-1072-4740-b244-764b816a2a1f")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CertVerifyCertificateChainPolicy(IntPtr pszPolicyOID, [In] PCCERT_CHAIN_CONTEXT pChainContext,
|
||||
in CERT_CHAIN_POLICY_PARA pPolicyPara, ref CERT_CHAIN_POLICY_STATUS pPolicyStatus);
|
||||
|
||||
/// <summary>
|
||||
|
@ -2644,8 +2796,42 @@ namespace Vanara.PInvoke
|
|||
/// <returns>The result of the conversion.</returns>
|
||||
public static implicit operator PCCERT_CHAIN_CONTEXT(SafePCCERT_CHAIN_CONTEXT h) => h.handle;
|
||||
|
||||
/// <summary>Performs an explicit conversion from <see cref="SafePCCERT_CHAIN_CONTEXT"/> to <see cref="CERT_CHAIN_CONTEXT"/>.</summary>
|
||||
/// <param name="h">The safe handle instance.</param>
|
||||
/// <returns>The resulting <see cref="CERT_CHAIN_CONTEXT"/> instance from the conversion.</returns>
|
||||
public static explicit operator CERT_CHAIN_CONTEXT(SafePCCERT_CHAIN_CONTEXT h) => h.handle.ToStructure<CERT_CHAIN_CONTEXT>();
|
||||
|
||||
/// <inheritdoc/>
|
||||
protected override bool InternalReleaseHandle() { CertFreeCertificateChain(handle); return true; }
|
||||
}
|
||||
|
||||
/// <summary>Predefined verify chain policies.</summary>
|
||||
public static class CertVerifyChainPolicy
|
||||
{
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_BASE = 1;
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_AUTHENTICODE = 2;
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_AUTHENTICODE_TS = 3;
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_SSL = 4;
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_BASIC_CONSTRAINTS = 5;
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_NT_AUTH = 6;
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_MICROSOFT_ROOT = 7;
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_EV = 8;
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_SSL_F12 = 9;
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_SSL_HPKP_HEADER = 10;
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_THIRD_PARTY_ROOT = 11;
|
||||
/// <summary/>
|
||||
public const int CERT_CHAIN_POLICY_SSL_KEY_PIN = 12;
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,4 +1,5 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Runtime.InteropServices;
|
||||
using Vanara.Extensions;
|
||||
using Vanara.InteropServices;
|
||||
|
@ -11,6 +12,26 @@ namespace Vanara.PInvoke
|
|||
{
|
||||
private const int CERT_COMPARE_SHIFT = 16;
|
||||
|
||||
/// <summary>The class of an ALG_ID.</summary>
|
||||
[PInvokeData("wincrypt.h")]
|
||||
public enum ALG_CLASS
|
||||
{
|
||||
/// <summary/>
|
||||
ALG_CLASS_ANY = (0),
|
||||
/// <summary/>
|
||||
ALG_CLASS_SIGNATURE = (1 << 13),
|
||||
/// <summary/>
|
||||
ALG_CLASS_MSG_ENCRYPT = (2 << 13),
|
||||
/// <summary/>
|
||||
ALG_CLASS_DATA_ENCRYPT = (3 << 13),
|
||||
/// <summary/>
|
||||
ALG_CLASS_HASH = (4 << 13),
|
||||
/// <summary/>
|
||||
ALG_CLASS_KEY_EXCHANGE = (5 << 13),
|
||||
/// <summary/>
|
||||
ALG_CLASS_ALL = (7 << 13),
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// The ALG_ID data type specifies an algorithm identifier. Parameters of this data type are passed to most of the functions in CryptoAPI.
|
||||
/// </summary>
|
||||
|
@ -203,6 +224,30 @@ namespace Vanara.PInvoke
|
|||
CALG_TLS1PRF = 0x0000800a,
|
||||
}
|
||||
|
||||
/// <summary>The type of an ALG_ID.</summary>
|
||||
[PInvokeData("wincrypt.h")]
|
||||
public enum ALG_TYPE
|
||||
{
|
||||
/// <summary/>
|
||||
ALG_TYPE_ANY = (0),
|
||||
/// <summary/>
|
||||
ALG_TYPE_DSS = (1 << 9),
|
||||
/// <summary/>
|
||||
ALG_TYPE_RSA = (2 << 9),
|
||||
/// <summary/>
|
||||
ALG_TYPE_BLOCK = (3 << 9),
|
||||
/// <summary/>
|
||||
ALG_TYPE_STREAM = (4 << 9),
|
||||
/// <summary/>
|
||||
ALG_TYPE_DH = (5 << 9),
|
||||
/// <summary/>
|
||||
ALG_TYPE_SECURECHANNEL = (6 << 9),
|
||||
/// <summary/>
|
||||
ALG_TYPE_ECDH = (7 << 9),
|
||||
/// <summary/>
|
||||
ALG_TYPE_THIRDPARTY = (8 << 9),
|
||||
}
|
||||
|
||||
/// <summary>Values used by CertFindType.</summary>
|
||||
public enum CertCompareFunction : ushort
|
||||
{
|
||||
|
@ -362,7 +407,7 @@ namespace Vanara.PInvoke
|
|||
PKCS_7_NDR_ENCODING = 0x00020000
|
||||
}
|
||||
|
||||
/// <summary>Values used by <see cref="CertFindCertificateInStore "/>.</summary>
|
||||
/// <summary>Values used by <see cref="CertFindCertificateInStore(HCERTSTORE, CertEncodingType, CertFindUsageFlags, CertFindType, IntPtr, PCCERT_CONTEXT)"/>.</summary>
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "20b3fcfb-55df-46ff-80a5-70f31a3d03b2")]
|
||||
public enum CertFindType : uint
|
||||
{
|
||||
|
@ -780,6 +825,26 @@ namespace Vanara.PInvoke
|
|||
TIMESTAMP_NO_AUTH_RETRIEVAL = 0x00020000,
|
||||
}
|
||||
|
||||
/// <summary>Gets the ALG_CLASS from an ALG_ID.</summary>
|
||||
/// <param name="algId">The ALG_ID.</param>
|
||||
/// <returns>The associated ALG_CLASS.</returns>
|
||||
public static ALG_CLASS GET_ALG_CLASS(ALG_ID algId) => (ALG_CLASS)((int)algId & (7 << 13));
|
||||
|
||||
/// <summary>Gets the ALG_TYPE from an ALG_ID.</summary>
|
||||
/// <param name="algId">The ALG_ID.</param>
|
||||
/// <returns>The associated ALG_TYPE.</returns>
|
||||
public static ALG_TYPE GET_ALG_TYPE(ALG_ID algId) => (ALG_TYPE)((int)algId & (15 << 9));
|
||||
|
||||
/// <summary>Gets the ALG_CLASS from an ALG_ID.</summary>
|
||||
/// <param name="algId">The ALG_ID.</param>
|
||||
/// <returns>The associated ALG_CLASS.</returns>
|
||||
public static ALG_CLASS GetClass(this ALG_ID algId) => GET_ALG_CLASS(algId);
|
||||
|
||||
/// <summary>Gets the ALG_TYPE from an ALG_ID.</summary>
|
||||
/// <param name="algId">The ALG_ID.</param>
|
||||
/// <returns>The associated ALG_TYPE.</returns>
|
||||
public static ALG_TYPE GetType(this ALG_ID algId) => GET_ALG_TYPE(algId);
|
||||
|
||||
/// <summary>
|
||||
/// The <c>CertAddEncodedCertificateToSystemStore</c> function opens the specified system store and adds the encoded certificate to it.
|
||||
/// </summary>
|
||||
|
@ -1328,7 +1393,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "68ba3d40-08b0-4261-ab2f-6deb1795f830")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptRetrieveTimeStamp([MarshalAs(UnmanagedType.LPWStr)] string wszUrl, TimeStampRetrivalFlags dwRetrievalFlags, uint dwTimeout, [MarshalAs(UnmanagedType.LPStr)] string pszHashId,
|
||||
public static extern bool CryptRetrieveTimeStamp([MarshalAs(UnmanagedType.LPWStr)] string wszUrl, TimeStampRetrivalFlags dwRetrievalFlags, uint dwTimeout, SafeOID pszHashId,
|
||||
in CRYPT_TIMESTAMP_PARA pPara, [In] IntPtr pbData, uint cbData, out SafeCryptMem ppTsContext, out SafePCCERT_CONTEXT ppTsSigner, out SafeHCERTSTORE phStore);
|
||||
|
||||
/// <summary>
|
||||
|
@ -1394,6 +1459,11 @@ namespace Vanara.PInvoke
|
|||
public static extern bool CryptVerifyTimeStampSignature([In] IntPtr pbTSContentInfo, uint cbTSContentInfo, [In, Optional] IntPtr pbData, uint cbData,
|
||||
[In, Optional] HCERTSTORE hAdditionalStore, out SafeCryptMem ppTsContext, out SafePCCERT_CONTEXT ppTsSigner, out SafeHCERTSTORE phStore);
|
||||
|
||||
/// <summary>Determines whether a cryptography algorithm is only supported by using the CNG functions.</summary>
|
||||
/// <param name="Algid">The cryptography algorithm.</param>
|
||||
/// <returns><see langword="true"/> if algorithm is only supported by using the CNG functions; otherwise, <see langword="false"/>.</returns>
|
||||
public static bool IS_SPECIAL_OID_INFO_ALGID(ALG_ID Algid) => Algid >= ALG_ID.CALG_OID_INFO_PARAMETERS;
|
||||
|
||||
/// <summary>
|
||||
/// The CERT_CONTEXT structure contains both the encoded and decoded representations of a certificate. A certificate context
|
||||
/// returned by one of the functions defined in Wincrypt.h must be freed by calling the CertFreeCertificateContext function. The
|
||||
|
@ -1420,6 +1490,9 @@ namespace Vanara.PInvoke
|
|||
|
||||
/// <summary>A handle to the certificate store that contains the certificate context.</summary>
|
||||
public HCERTSTORE hCertStore;
|
||||
|
||||
/// <summary>The address of a CERT_INFO structure that contains the certificate information.</summary>
|
||||
public unsafe CERT_INFO* pUnsafeCertInfo => (CERT_INFO*)(void*)pCertInfo;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
@ -1436,7 +1509,7 @@ namespace Vanara.PInvoke
|
|||
/// Object identifier (OID) that specifies the structure of the extension data contained in the <c>Value</c> member. For
|
||||
/// specifics on extension OIDs and their related structures, see X.509 Certificate Extension Structures.
|
||||
/// </summary>
|
||||
[MarshalAs(UnmanagedType.LPStr)] public string pszObjId;
|
||||
public StrPtrAnsi pszObjId;
|
||||
|
||||
/// <summary>
|
||||
/// If <c>TRUE</c>, any limitations specified by the extension in the <c>Value</c> member of this structure are imperative. If
|
||||
|
@ -2057,8 +2130,8 @@ namespace Vanara.PInvoke
|
|||
/// <summary>A handle to the certificate store.</summary>
|
||||
public HCERTSTORE hCertStore;
|
||||
|
||||
/// <summary>A CRL_INFO structure containing the CRL information.</summary>
|
||||
public CRL_INFO CrlInfo => pCrlInfo.ToStructure<CRL_INFO>();
|
||||
/// <summary>A pointer to CRL_INFO structure containing the CRL information.</summary>
|
||||
public unsafe CRL_INFO* pUnsafeCrlInfo => (CRL_INFO*)(void*)pCrlInfo;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
@ -2179,7 +2252,7 @@ namespace Vanara.PInvoke
|
|||
public struct CRYPT_ATTRIBUTE
|
||||
{
|
||||
/// <summary>An object identifier (OID) that specifies the type of data contained in the <c>rgValue</c> array.</summary>
|
||||
[MarshalAs(UnmanagedType.LPStr)] public string pszObjId;
|
||||
public StrPtrAnsi pszObjId;
|
||||
|
||||
/// <summary>A <c>DWORD</c> value that indicates the number of elements in the <c>rgValue</c> array.</summary>
|
||||
public uint cValue;
|
||||
|
@ -2407,7 +2480,7 @@ namespace Vanara.PInvoke
|
|||
/// Optional. A pointer to a null-terminated string that specifies the Time Stamping Authority (TSA) policy under which the time
|
||||
/// stamp token was provided. This value must correspond with the value passed in the CRYPT_TIMESTAMP_REQUEST structure.
|
||||
/// </summary>
|
||||
[MarshalAs(UnmanagedType.LPStr)] public string pszTSAPolicyId;
|
||||
public StrPtrAnsi pszTSAPolicyId;
|
||||
|
||||
/// <summary>
|
||||
/// A CRYPT_ALGORITHM_IDENTIFIER structure that contains information about the algorithm used to calculate the hash. This value
|
||||
|
@ -2461,7 +2534,7 @@ namespace Vanara.PInvoke
|
|||
/// Optional. A pointer to a null-terminated character string that contains the Time Stamping Authority (TSA) policy under which
|
||||
/// the time stamp token should be provided.
|
||||
/// </summary>
|
||||
[MarshalAs(UnmanagedType.LPStr)] public string pszTSAPolicyId;
|
||||
public StrPtrAnsi pszTSAPolicyId;
|
||||
|
||||
/// <summary>
|
||||
/// A Boolean value that specifies whether the TSA must include the certificates used to sign the time stamp token in the
|
||||
|
@ -2489,7 +2562,7 @@ namespace Vanara.PInvoke
|
|||
/// functions that use it.
|
||||
/// </summary>
|
||||
[PInvokeData("wincrypt.h")]
|
||||
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
|
||||
[StructLayout(LayoutKind.Sequential)]
|
||||
public struct CRYPTOAPI_BLOB
|
||||
{
|
||||
/// <summary>A DWORD variable that contains the count, in bytes, of data.</summary>
|
||||
|
@ -2497,6 +2570,9 @@ namespace Vanara.PInvoke
|
|||
|
||||
/// <summary>A pointer to the data buffer.</summary>
|
||||
public IntPtr pbData;
|
||||
|
||||
/// <summary>Gets the bytes associated with this blob.</summary>
|
||||
public byte[] GetBytes() => pbData.ToArray<byte>((int)cbData);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
@ -2554,6 +2630,9 @@ namespace Vanara.PInvoke
|
|||
|
||||
/// <summary>Count, in bytes, of <c>pbCtlContent</c>.</summary>
|
||||
public uint cbCtlContent;
|
||||
|
||||
/// <summary>A pointer to CTL_INFO structure contain the CTL information.</summary>
|
||||
public unsafe CTL_INFO* pUnsafeCtlInfo => (CTL_INFO*)(void*)pCtlInfo;
|
||||
}
|
||||
|
||||
/// <summary>The <c>CTL_ENTRY</c> structure is an element of a certificate trust list (CTL).</summary>
|
||||
|
@ -2883,7 +2962,7 @@ namespace Vanara.PInvoke
|
|||
/// <summary>Performs an explicit conversion from <see cref="PCCERT_CONTEXT"/> to <see cref="CERT_CONTEXT"/>.</summary>
|
||||
/// <param name="h">The <see cref="PCCERT_CONTEXT"/> instance.</param>
|
||||
/// <returns>The resulting <see cref="CERT_CONTEXT"/> instance from the conversion.</returns>
|
||||
public static explicit operator CERT_CONTEXT(PCCERT_CONTEXT h) => h.DangerousGetHandle().ToStructure<CERT_CONTEXT>();
|
||||
public static unsafe explicit operator CERT_CONTEXT*(PCCERT_CONTEXT h) => (CERT_CONTEXT*)(void*)h.handle;
|
||||
|
||||
/// <summary>Implements the operator !=.</summary>
|
||||
/// <param name="h1">The first handle.</param>
|
||||
|
@ -2934,9 +3013,9 @@ namespace Vanara.PInvoke
|
|||
public static implicit operator PCCRL_CONTEXT(IntPtr h) => new PCCRL_CONTEXT(h);
|
||||
|
||||
/// <summary>Performs an implicit conversion from <see cref="PCCRL_CONTEXT"/> to <see cref="CRL_CONTEXT"/>.</summary>
|
||||
/// <param name="ctx">The <see cref="PCCRL_CONTEXT"/> instance.</param>
|
||||
/// <param name="h">The <see cref="PCCRL_CONTEXT"/> instance.</param>
|
||||
/// <returns>The resulting <see cref="CRL_CONTEXT"/> instance from the conversion.</returns>
|
||||
public static explicit operator CRL_CONTEXT(PCCRL_CONTEXT ctx) => ctx.DangerousGetHandle().ToStructure<CRL_CONTEXT>();
|
||||
public static unsafe explicit operator CRL_CONTEXT*(PCCRL_CONTEXT h) => (CRL_CONTEXT*)(void*)h.handle;
|
||||
|
||||
/// <summary>Implements the operator !=.</summary>
|
||||
/// <param name="h1">The first handle.</param>
|
||||
|
@ -2986,6 +3065,11 @@ namespace Vanara.PInvoke
|
|||
/// <returns>The result of the conversion.</returns>
|
||||
public static implicit operator PCCTL_CONTEXT(IntPtr h) => new PCCTL_CONTEXT(h);
|
||||
|
||||
/// <summary>Performs an explicit conversion from <see cref="PCCTL_CONTEXT"/> to <see cref="CTL_CONTEXT"/>.</summary>
|
||||
/// <param name="h">The handle.</param>
|
||||
/// <returns>The resulting <see cref="CTL_CONTEXT"/> instance from the conversion.</returns>
|
||||
public static unsafe explicit operator CTL_CONTEXT*(PCCTL_CONTEXT h) => (CTL_CONTEXT*)(void*)h.handle;
|
||||
|
||||
/// <summary>Implements the operator !=.</summary>
|
||||
/// <param name="h1">The first handle.</param>
|
||||
/// <param name="h2">The second handle.</param>
|
||||
|
@ -3007,5 +3091,172 @@ namespace Vanara.PInvoke
|
|||
/// <inheritdoc/>
|
||||
public IntPtr DangerousGetHandle() => handle;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// The BLOB structure contains an arbitrary array of bytes. The structure definition includes aliases appropriate to the various
|
||||
/// functions that use it.
|
||||
/// </summary>
|
||||
[PInvokeData("wincrypt.h")]
|
||||
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
|
||||
public class SafeCRYPTOAPI_BLOB : IDisposable
|
||||
{
|
||||
/// <summary>A DWORD variable that contains the count, in bytes, of data.</summary>
|
||||
private uint cbData;
|
||||
|
||||
/// <summary>A pointer to the data buffer.</summary>
|
||||
private IntPtr pbData;
|
||||
|
||||
/// <summary>Initializes a new instance of the <see cref="SafeCRYPTOAPI_BLOB"/> class.</summary>
|
||||
/// <param name="size">The size, in bytes, to allocate.</param>
|
||||
public SafeCRYPTOAPI_BLOB(int size)
|
||||
{
|
||||
cbData = (uint)size;
|
||||
if (size > 0)
|
||||
pbData = MemMethods.AllocMem(size);
|
||||
}
|
||||
|
||||
/// <summary>Initializes a new instance of the <see cref="SafeCRYPTOAPI_BLOB"/> class.</summary>
|
||||
/// <param name="bytes">The bytes to copy into the blob.</param>
|
||||
public SafeCRYPTOAPI_BLOB(byte[] bytes) : this(bytes?.Length ?? 0)
|
||||
{
|
||||
Marshal.Copy(bytes, 0, pbData, bytes.Length);
|
||||
}
|
||||
|
||||
/// <summary>Initializes a new instance of the <see cref="SafeCRYPTOAPI_BLOB"/> class with a string.</summary>
|
||||
/// <param name="value">The string value.</param>
|
||||
/// <param name="charSet">The character set to use.</param>
|
||||
public SafeCRYPTOAPI_BLOB(string value, CharSet charSet = CharSet.Unicode) : this(StringHelper.GetBytes(value, true, charSet))
|
||||
{
|
||||
}
|
||||
|
||||
private SafeCRYPTOAPI_BLOB(IntPtr handle, int size)
|
||||
{
|
||||
pbData = handle;
|
||||
cbData = (uint)size;
|
||||
}
|
||||
|
||||
/// <summary>Represents an empty instance of a blob.</summary>
|
||||
public static readonly SafeCRYPTOAPI_BLOB Empty = new SafeCRYPTOAPI_BLOB(IntPtr.Zero, 0);
|
||||
|
||||
/// <summary>Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.</summary>
|
||||
public void Dispose()
|
||||
{
|
||||
MemMethods.FreeMem(pbData);
|
||||
pbData = IntPtr.Zero;
|
||||
cbData = 0;
|
||||
}
|
||||
|
||||
/// <summary>Allocates from unmanaged memory sufficient memory to hold an object of type T.</summary>
|
||||
/// <typeparam name="T">Native type</typeparam>
|
||||
/// <param name="value">The value.</param>
|
||||
/// <returns><see cref="SafeCRYPTOAPI_BLOB"/> object to an native (unmanaged) memory block the size of T.</returns>
|
||||
public static SafeCRYPTOAPI_BLOB CreateFromStructure<T>(in T value = default) => new SafeCRYPTOAPI_BLOB(InteropExtensions.MarshalToPtr(value, MemMethods.AllocMem, out int s), s);
|
||||
|
||||
/// <summary>
|
||||
/// Allocates from unmanaged memory to represent a structure with a variable length array at the end and marshal these structure
|
||||
/// elements. It is the callers responsibility to marshal what precedes the trailing array into the unmanaged memory. ONLY
|
||||
/// structures with attribute StructLayout of LayoutKind.Sequential are supported.
|
||||
/// </summary>
|
||||
/// <typeparam name="T">Type of the trailing array of structures</typeparam>
|
||||
/// <param name="values">Collection of structure objects</param>
|
||||
/// <param name="count">
|
||||
/// Number of items in <paramref name="values"/>. Setting this value to -1 will cause the method to get the count by iterating
|
||||
/// through <paramref name="values"/>.
|
||||
/// </param>
|
||||
/// <param name="prefixBytes">Number of bytes preceding the trailing array of structures</param>
|
||||
/// <returns><see cref="SafeCRYPTOAPI_BLOB"/> object to an native (unmanaged) structure with a trail array of structures</returns>
|
||||
public static SafeCRYPTOAPI_BLOB CreateFromList<T>(IEnumerable<T> values, int count = -1, int prefixBytes = 0) =>
|
||||
new SafeCRYPTOAPI_BLOB(InteropExtensions.MarshalToPtr(values, MemMethods.AllocMem, out int s, prefixBytes), s);
|
||||
|
||||
/// <summary>Allocates from unmanaged memory sufficient memory to hold an array of strings.</summary>
|
||||
/// <param name="values">The list of strings.</param>
|
||||
/// <param name="packing">The packing type for the strings.</param>
|
||||
/// <param name="charSet">The character set to use for the strings.</param>
|
||||
/// <param name="prefixBytes">Number of bytes preceding the trailing strings.</param>
|
||||
/// <returns>
|
||||
/// <see cref="SafeCRYPTOAPI_BLOB"/> object to an native (unmanaged) array of strings stored using the <paramref
|
||||
/// name="packing"/> model and the character set defined by <paramref name="charSet"/>.
|
||||
/// </returns>
|
||||
public static SafeCRYPTOAPI_BLOB CreateFromStringList(IEnumerable<string> values, StringListPackMethod packing = StringListPackMethod.Concatenated, CharSet charSet = CharSet.Auto, int prefixBytes = 0) =>
|
||||
new SafeCRYPTOAPI_BLOB(InteropExtensions.MarshalToPtr(values, packing, MemMethods.AllocMem, out int s, charSet, prefixBytes), s);
|
||||
|
||||
private static IMemoryMethods MemMethods => HGlobalMemoryMethods.Instance;
|
||||
}
|
||||
|
||||
/// <summary>Provides a <see cref="SafeHandle"/> for an object identifier that can be either a string or an integer.</summary>
|
||||
public class SafeOID : SafeHANDLE
|
||||
{
|
||||
/// <summary>Initializes a new instance of the <see cref="SafeOID"/> class and assigns an existing handle.</summary>
|
||||
/// <param name="preexistingHandle">An <see cref="IntPtr"/> object that represents the pre-existing handle to use.</param>
|
||||
/// <param name="ownsHandle">
|
||||
/// <see langword="true"/> to reliably release the handle during the finalization phase; otherwise, <see langword="false"/> (not recommended).
|
||||
/// </param>
|
||||
public SafeOID(IntPtr preexistingHandle, bool ownsHandle = true) : base(preexistingHandle, ownsHandle) { }
|
||||
|
||||
/// <summary>Initializes a new instance of the <see cref="SafeOID"/> class.</summary>
|
||||
/// <param name="value">The value.</param>
|
||||
public SafeOID(int value) { SetHandle((IntPtr)unchecked((ushort)value)); }
|
||||
|
||||
/// <summary>Initializes a new instance of the <see cref="SafeOID"/> class.</summary>
|
||||
/// <param name="value">The value.</param>
|
||||
public SafeOID(uint value) { SetHandle((IntPtr)unchecked((ushort)value)); }
|
||||
|
||||
/// <summary>Initializes a new instance of the <see cref="SafeOID"/> class.</summary>
|
||||
/// <param name="value">The value.</param>
|
||||
public SafeOID(string value) : base(Marshal.StringToCoTaskMemAnsi(value)) { }
|
||||
|
||||
/// <summary>Initializes a new instance of the <see cref="SafeOID"/> class.</summary>
|
||||
private SafeOID() : base() { }
|
||||
|
||||
/// <summary>Gets a value indicating whether this instance is string.</summary>
|
||||
/// <value><see langword="true"/> if this instance is string; otherwise, <see langword="false"/>.</value>
|
||||
private bool IsString => !Macros.IS_INTRESOURCE(handle);
|
||||
|
||||
/// <summary>Performs an implicit conversion from <see cref="SafeOID"/> to <see cref="IntPtr"/>.</summary>
|
||||
/// <param name="value">The value.</param>
|
||||
/// <returns>The resulting <see cref="IntPtr"/> instance from the conversion.</returns>
|
||||
public static implicit operator IntPtr(SafeOID value) => value.handle;
|
||||
|
||||
/// <summary>Performs an implicit conversion from <see cref="System.String"/> to <see cref="SafeOID"/>.</summary>
|
||||
/// <param name="value">The value.</param>
|
||||
/// <returns>The resulting <see cref="SafeOID"/> instance from the conversion.</returns>
|
||||
public static implicit operator SafeOID(string value) => new SafeOID(value);
|
||||
|
||||
/// <summary>Performs an implicit conversion from <see cref="System.Int32"/> to <see cref="SafeOID"/>.</summary>
|
||||
/// <param name="value">The value.</param>
|
||||
/// <returns>The resulting <see cref="SafeOID"/> instance from the conversion.</returns>
|
||||
public static implicit operator SafeOID(int value) => new SafeOID(value);
|
||||
|
||||
/// <summary>Performs an implicit conversion from <see cref="System.UInt32"/> to <see cref="SafeOID"/>.</summary>
|
||||
/// <param name="value">The value.</param>
|
||||
/// <returns>The resulting <see cref="SafeOID"/> instance from the conversion.</returns>
|
||||
public static implicit operator SafeOID(uint value) => new SafeOID(value);
|
||||
|
||||
/// <summary>Performs an implicit conversion from <see cref="SafeOID"/> to <see cref="StrPtrAnsi"/>.</summary>
|
||||
/// <param name="value">The value.</param>
|
||||
/// <returns>The resulting <see cref="StrPtrAnsi"/> instance from the conversion.</returns>
|
||||
public static implicit operator StrPtrAnsi(SafeOID value) => value.handle;
|
||||
|
||||
/// <summary>Gets the integer value, if possible.</summary>
|
||||
/// <returns>The integer value, if set; otherwise <see langword="null"/>.</returns>
|
||||
public int? GetInt32Value() => IsString ? null : (int?)handle.ToInt32();
|
||||
|
||||
/// <summary>Gets the string value, if possible.</summary>
|
||||
/// <returns>The string value, if set; otherwise <see langword="null"/>.</returns>
|
||||
public string GetStringValue() => IsString ? Marshal.PtrToStringAnsi(handle) : null;
|
||||
|
||||
/// <summary>
|
||||
/// Internal method that actually releases the handle. This is called by <see cref="M:Vanara.PInvoke.SafeHANDLE.ReleaseHandle"/>
|
||||
/// for valid handles and afterwards zeros the handle.
|
||||
/// </summary>
|
||||
/// <returns><c>true</c> to indicate successful release of the handle; <c>false</c> otherwise.</returns>
|
||||
protected override bool InternalReleaseHandle()
|
||||
{
|
||||
if (IsString)
|
||||
Marshal.FreeCoTaskMem(handle);
|
||||
handle = IntPtr.Zero;
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,5 +1,6 @@
|
|||
using System;
|
||||
using System.Runtime.InteropServices;
|
||||
using Vanara.InteropServices;
|
||||
|
||||
using static Vanara.PInvoke.Crypt32;
|
||||
|
||||
|
@ -216,7 +217,7 @@ namespace Vanara.PInvoke
|
|||
[DllImport(Lib.Cryptnet, SetLastError = true, ExactSpelling = true)]
|
||||
[PInvokeData("wincrypt.h", MSDNShortId = "a92117b8-9144-4480-b88a-b9ffe1026d63")]
|
||||
[return: MarshalAs(UnmanagedType.Bool)]
|
||||
public static extern bool CryptGetObjectUrl([MarshalAs(UnmanagedType.LPStr)] string pszUrlOid, [In] IntPtr pvPara, CryptGetUrlFromFlags dwFlags,
|
||||
public static extern bool CryptGetObjectUrl([In] SafeOID pszUrlOid, [In] IntPtr pvPara, CryptGetUrlFromFlags dwFlags,
|
||||
IntPtr pUrlArray, ref uint pcbUrlArray, IntPtr pUrlInfo, ref uint pcbUrlInfo, IntPtr pvReserved = default);
|
||||
|
||||
/// <summary>
|
||||
|
|
|
@ -4069,7 +4069,7 @@ namespace Vanara.PInvoke
|
|||
// *pcbResult, DWORD dwFlags );
|
||||
[DllImport(Lib.Ncrypt, SetLastError = false, ExactSpelling = true)]
|
||||
[PInvokeData("ncrypt.h", MSDNShortId = "7404e37a-d7c6-49ed-b951-6081dd2b921a")]
|
||||
public static extern HRESULT NCryptSignHash(NCRYPT_KEY_HANDLE hKey, [In, Optional] IntPtr pPaddingInfo, [In] IntPtr pbHashValue, uint cbHashValue, [In, Out] IntPtr pbSignature, uint cbSignature, out uint pcbResult, NCryptDecryptFlag dwFlags);
|
||||
public static extern HRESULT NCryptSignHash(NCRYPT_KEY_HANDLE hKey, [In, Optional] IntPtr pPaddingInfo, [In] IntPtr pbHashValue, uint cbHashValue, [In, Out] IntPtr pbSignature, uint cbSignature, out uint pcbResult, BCrypt.EncryptFlags dwFlags);
|
||||
|
||||
/// <summary>The <c>NCryptTranslateHandle</c> function translates a CryptoAPI handle into a CNG key handle.</summary>
|
||||
/// <param name="phProvider">
|
||||
|
|
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue