windows: add Wincrypt.h Cert related values
Values cross-referenced between Visual Studio 2017's "Wincrypt.h",
https://github.com/wine-mirror/wine/blob/master/include/wincrypt.h,
and the MSDN documentation at:
CertOpenStore:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa376559.aspx
CertAddCertificateContextToStore:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa376009.aspx
CertTrustStatus:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa377590.aspx
CertVerifyCertificateChainPolicy:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa377163.aspx
SSLExtraCertChainPolicyPara:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa387784.aspx
Change-Id: I143e10c4f47caa2550fb93cd10bdec00bbb2b32d
GitHub-Last-Rev: b4b8c6c41923912c7d5956ba57f55fcb2a57a163
GitHub-Pull-Request: golang/sys#15
Reviewed-on: https://go-review.googlesource.com/129275
Run-TryBot: Alex Brainman <alex.brainman@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Alex Brainman <alex.brainman@gmail.com>
diff --git a/windows/types_windows.go b/windows/types_windows.go
index 7d2a679..7f8b3af 100644
--- a/windows/types_windows.go
+++ b/windows/types_windows.go
@@ -270,15 +270,87 @@
USAGE_MATCH_TYPE_AND = 0
USAGE_MATCH_TYPE_OR = 1
+ /* msgAndCertEncodingType values for CertOpenStore function */
X509_ASN_ENCODING = 0x00000001
PKCS_7_ASN_ENCODING = 0x00010000
- CERT_STORE_PROV_MEMORY = 2
+ /* storeProvider values for CertOpenStore function */
+ CERT_STORE_PROV_MSG = 1
+ CERT_STORE_PROV_MEMORY = 2
+ CERT_STORE_PROV_FILE = 3
+ CERT_STORE_PROV_REG = 4
+ CERT_STORE_PROV_PKCS7 = 5
+ CERT_STORE_PROV_SERIALIZED = 6
+ CERT_STORE_PROV_FILENAME_A = 7
+ CERT_STORE_PROV_FILENAME_W = 8
+ CERT_STORE_PROV_FILENAME = CERT_STORE_PROV_FILENAME_W
+ CERT_STORE_PROV_SYSTEM_A = 9
+ CERT_STORE_PROV_SYSTEM_W = 10
+ CERT_STORE_PROV_SYSTEM = CERT_STORE_PROV_SYSTEM_W
+ CERT_STORE_PROV_COLLECTION = 11
+ CERT_STORE_PROV_SYSTEM_REGISTRY_A = 12
+ CERT_STORE_PROV_SYSTEM_REGISTRY_W = 13
+ CERT_STORE_PROV_SYSTEM_REGISTRY = CERT_STORE_PROV_SYSTEM_REGISTRY_W
+ CERT_STORE_PROV_PHYSICAL_W = 14
+ CERT_STORE_PROV_PHYSICAL = CERT_STORE_PROV_PHYSICAL_W
+ CERT_STORE_PROV_SMART_CARD_W = 15
+ CERT_STORE_PROV_SMART_CARD = CERT_STORE_PROV_SMART_CARD_W
+ CERT_STORE_PROV_LDAP_W = 16
+ CERT_STORE_PROV_LDAP = CERT_STORE_PROV_LDAP_W
+ CERT_STORE_PROV_PKCS12 = 17
- CERT_STORE_ADD_ALWAYS = 4
-
+ /* store characteristics (low WORD of flag) for CertOpenStore function */
+ CERT_STORE_NO_CRYPT_RELEASE_FLAG = 0x00000001
+ CERT_STORE_SET_LOCALIZED_NAME_FLAG = 0x00000002
CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG = 0x00000004
+ CERT_STORE_DELETE_FLAG = 0x00000010
+ CERT_STORE_UNSAFE_PHYSICAL_FLAG = 0x00000020
+ CERT_STORE_SHARE_STORE_FLAG = 0x00000040
+ CERT_STORE_SHARE_CONTEXT_FLAG = 0x00000080
+ CERT_STORE_MANIFOLD_FLAG = 0x00000100
+ CERT_STORE_ENUM_ARCHIVED_FLAG = 0x00000200
+ CERT_STORE_UPDATE_KEYID_FLAG = 0x00000400
+ CERT_STORE_BACKUP_RESTORE_FLAG = 0x00000800
+ CERT_STORE_MAXIMUM_ALLOWED_FLAG = 0x00001000
+ CERT_STORE_CREATE_NEW_FLAG = 0x00002000
+ CERT_STORE_OPEN_EXISTING_FLAG = 0x00004000
+ CERT_STORE_READONLY_FLAG = 0x00008000
+ /* store locations (high WORD of flag) for CertOpenStore function */
+ CERT_SYSTEM_STORE_CURRENT_USER = 0x00010000
+ CERT_SYSTEM_STORE_LOCAL_MACHINE = 0x00020000
+ CERT_SYSTEM_STORE_CURRENT_SERVICE = 0x00040000
+ CERT_SYSTEM_STORE_SERVICES = 0x00050000
+ CERT_SYSTEM_STORE_USERS = 0x00060000
+ CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY = 0x00070000
+ CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY = 0x00080000
+ CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE = 0x00090000
+ CERT_SYSTEM_STORE_UNPROTECTED_FLAG = 0x40000000
+ CERT_SYSTEM_STORE_RELOCATE_FLAG = 0x80000000
+
+ /* Miscellaneous high-WORD flags for CertOpenStore function */
+ CERT_REGISTRY_STORE_REMOTE_FLAG = 0x00010000
+ CERT_REGISTRY_STORE_SERIALIZED_FLAG = 0x00020000
+ CERT_REGISTRY_STORE_ROAMING_FLAG = 0x00040000
+ CERT_REGISTRY_STORE_MY_IE_DIRTY_FLAG = 0x00080000
+ CERT_REGISTRY_STORE_LM_GPT_FLAG = 0x01000000
+ CERT_REGISTRY_STORE_CLIENT_GPT_FLAG = 0x80000000
+ CERT_FILE_STORE_COMMIT_ENABLE_FLAG = 0x00010000
+ CERT_LDAP_STORE_SIGN_FLAG = 0x00010000
+ CERT_LDAP_STORE_AREC_EXCLUSIVE_FLAG = 0x00020000
+ CERT_LDAP_STORE_OPENED_FLAG = 0x00040000
+ CERT_LDAP_STORE_UNBIND_FLAG = 0x00080000
+
+ /* addDisposition values for CertAddCertificateContextToStore function */
+ CERT_STORE_ADD_NEW = 1
+ CERT_STORE_ADD_USE_EXISTING = 2
+ CERT_STORE_ADD_REPLACE_EXISTING = 3
+ CERT_STORE_ADD_ALWAYS = 4
+ CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES = 5
+ CERT_STORE_ADD_NEWER = 6
+ CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES = 7
+
+ /* ErrorStatus values for CertTrustStatus struct */
CERT_TRUST_NO_ERROR = 0x00000000
CERT_TRUST_IS_NOT_TIME_VALID = 0x00000001
CERT_TRUST_IS_REVOKED = 0x00000004
@@ -295,11 +367,31 @@
CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT = 0x00002000
CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT = 0x00004000
CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT = 0x00008000
+ CERT_TRUST_IS_PARTIAL_CHAIN = 0x00010000
+ CERT_TRUST_CTL_IS_NOT_TIME_VALID = 0x00020000
+ CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID = 0x00040000
+ CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE = 0x00080000
+ CERT_TRUST_HAS_WEAK_SIGNATURE = 0x00100000
CERT_TRUST_IS_OFFLINE_REVOCATION = 0x01000000
CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY = 0x02000000
CERT_TRUST_IS_EXPLICIT_DISTRUST = 0x04000000
CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT = 0x08000000
+ /* InfoStatus values for CertTrustStatus struct */
+ CERT_TRUST_HAS_EXACT_MATCH_ISSUER = 0x00000001
+ CERT_TRUST_HAS_KEY_MATCH_ISSUER = 0x00000002
+ CERT_TRUST_HAS_NAME_MATCH_ISSUER = 0x00000004
+ CERT_TRUST_IS_SELF_SIGNED = 0x00000008
+ CERT_TRUST_HAS_PREFERRED_ISSUER = 0x00000100
+ CERT_TRUST_HAS_ISSUANCE_CHAIN_POLICY = 0x00000400
+ CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS = 0x00000400
+ CERT_TRUST_IS_PEER_TRUSTED = 0x00000800
+ CERT_TRUST_HAS_CRL_VALIDITY_EXTENDED = 0x00001000
+ CERT_TRUST_IS_FROM_EXCLUSIVE_TRUST_STORE = 0x00002000
+ CERT_TRUST_IS_CA_TRUSTED = 0x00004000
+ CERT_TRUST_IS_COMPLEX_CHAIN = 0x00010000
+
+ /* policyOID values for CertVerifyCertificateChainPolicy function */
CERT_CHAIN_POLICY_BASE = 1
CERT_CHAIN_POLICY_AUTHENTICODE = 2
CERT_CHAIN_POLICY_AUTHENTICODE_TS = 3
@@ -308,6 +400,7 @@
CERT_CHAIN_POLICY_NT_AUTH = 6
CERT_CHAIN_POLICY_MICROSOFT_ROOT = 7
CERT_CHAIN_POLICY_EV = 8
+ CERT_CHAIN_POLICY_SSL_F12 = 9
CERT_E_EXPIRED = 0x800B0101
CERT_E_ROLE = 0x800B0103
@@ -315,8 +408,16 @@
CERT_E_UNTRUSTEDROOT = 0x800B0109
CERT_E_CN_NO_MATCH = 0x800B010F
+ /* AuthType values for SSLExtraCertChainPolicyPara struct */
AUTHTYPE_CLIENT = 1
AUTHTYPE_SERVER = 2
+
+ /* Checks values for SSLExtraCertChainPolicyPara struct */
+ SECURITY_FLAG_IGNORE_REVOCATION = 0x00000080
+ SECURITY_FLAG_IGNORE_UNKNOWN_CA = 0x00000100
+ SECURITY_FLAG_IGNORE_WRONG_USAGE = 0x00000200
+ SECURITY_FLAG_IGNORE_CERT_CN_INVALID = 0x00001000
+ SECURITY_FLAG_IGNORE_CERT_DATE_INVALID = 0x00002000
)
var (
