comctl32/tests: Use CRT allocation functions.
[wine.git] / include / schannel.h
blobcbe1a131381a5258bd89f1c8ab16033cb540720b
1 /*
2 * Copyright (C) 2005 Juan Lang
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 #ifndef __WINE_SCHANNEL_H__
19 #define __WINE_SCHANNEL_H__
21 #include <minschannel.h>
22 #include <wincrypt.h>
24 /* Package names */
25 #define UNISP_NAME_A "Microsoft Unified Security Protocol Provider"
26 #if defined(_MSC_VER) || defined(__MINGW32__)
27 #define UNISP_NAME_W L"Microsoft Unified Security Protocol Provider"
28 #else
29 static const WCHAR UNISP_NAME_W[] = { 'M','i','c','r','o','s','o','f','t',
30 ' ','U','n','i','f','i','e','d',' ','S','e','c','u','r','i','t','y',' ',
31 'P','r','o','t','o','c','o','l',' ','P','r','o','v','i','d','e','r',0 };
32 #endif
33 #define UNISP_NAME WINELIB_NAME_AW(UNISP_NAME_)
35 #define SSL2SP_NAME_A "Microsoft SSL 2.0"
36 #if defined(_MSC_VER) || defined(__MINGW32__)
37 #define SSL2SP_NAME_W L"Microsoft SSL 2.0"
38 #else
39 static const WCHAR SSL2SP_NAME_W[] = { 'M','i','c','r','o','s','o','f','t',
40 ' ','S','S','L',' ','2','.','0',0 };
41 #endif
42 #define SSL2SP_NAME WINELIB_NAME_AW(SSL2SP_NAME_)
44 #define SSL3SP_NAME_A "Microsoft SSL 3.0"
45 #if defined(_MSC_VER) || defined(__MINGW32__)
46 #define SSL3SP_NAME_W L"Microsoft SSL 3.0"
47 #else
48 static const WCHAR SSL3SP_NAME_W[] = { 'M','i','c','r','o','s','o','f','t',
49 ' ','S','S','L',' ','3','.','0',0 };
50 #endif
51 #define SSL3SP_NAME WINELIB_NAME_AW(SSL3SP_NAME_)
53 #define TLS1SP_NAME_A "Microsoft TLS 1.0"
54 #if defined(_MSC_VER) || defined(__MINGW32__)
55 #define TLS1SP_NAME_W L"Microsoft TLS 1.0"
56 #else
57 static const WCHAR TLS1SP_NAME_W[] = { 'M','i','c','r','o','s','o','f','t',
58 ' ','T','L','S',' ','1','.','0',0 };
59 #endif
60 #define TLS1SP_NAME WINELIB_NAME_AW(TLS1SP_NAME_)
62 #define PCT1SP_NAME_A "Microsoft PCT 1.0"
63 #if defined(_MSC_VER) || defined(__MINGW32__)
64 #define PCT1SP_NAME_W L"Microsoft PCT 1.0"
65 #else
66 static const WCHAR PCT1SP_NAME_W[] = { 'M','i','c','r','o','s','o','f','t',
67 ' ','P','C','T',' ','1','.','0',0 };
68 #endif
69 #define PCT1SP_NAME WINELIB_NAME_AW(PCT1SP_NAME_)
71 #define SCHANNEL_NAME_A "Schannel"
72 #if defined(_MSC_VER) || defined(__MINGW32__)
73 #define SCHANNEL_NAME_W L"Schannel"
74 #else
75 static const WCHAR SCHANNEL_NAME_W[] = { 'S','c','h','a','n','n','e','l',0 };
76 #endif
77 #define SCHANNEL_NAME WINELIB_NAME_AW(SCHANNEL_NAME_)
79 #define SCH_CRED_V1 1
80 #define SCH_CRED_V2 2
81 #define SCH_CRED_VERSION 2
82 #define SCH_CRED_V3 3
83 #define SCHANNEL_CRED_VERSION 4
84 #define SCH_CREDENTIALS_VERSION 5
86 #define SCHANNEL_RENEGOTIATE 0
87 #define SCHANNEL_SHUTDOWN 1
88 #define SCHANNEL_ALERT 2
89 #define SCHANNEL_SESSION 3
91 typedef struct _SCHANNEL_ALERT_TOKEN
93 DWORD dwTokenType;
94 DWORD dwAlertType;
95 DWORD dwAlertNumber;
96 } SCHANNEL_ALERT_TOKEN;
98 #define TLS1_ALERT_WARNING 1
99 #define TLS1_ALERT_FATAL 2
101 #define TLS1_ALERT_CLOSE_NOTIFY 0
102 #define TLS1_ALERT_UNEXPECTED_MESSAGE 10
103 #define TLS1_ALERT_BAD_RECORD_MAC 20
104 #define TLS1_ALERT_DECRYPTION_FAILED 21
105 #define TLS1_ALERT_RECORD_OVERFLOW 22
106 #define TLS1_ALERT_DECOMPRESSION_FAIL 30
107 #define TLS1_ALERT_HANDSHAKE_FAILURE 40
108 #define TLS1_ALERT_BAD_CERTIFICATE 42
109 #define TLS1_ALERT_UNSUPPORTED_CERT 43
110 #define TLS1_ALERT_CERTIFICATE_REVOKED 44
111 #define TLS1_ALERT_CERTIFICATE_EXPIRED 45
112 #define TLS1_ALERT_CERTIFICATE_UNKNOWN 46
113 #define TLS1_ALERT_ILLEGAL_PARAMETER 47
114 #define TLS1_ALERT_UNKNOWN_CA 48
115 #define TLS1_ALERT_ACCESS_DENIED 49
116 #define TLS1_ALERT_DECODE_ERROR 50
117 #define TLS1_ALERT_DECRYPT_ERROR 51
118 #define TLS1_ALERT_EXPORT_RESTRICTION 60
119 #define TLS1_ALERT_PROTOCOL_VERSION 70
120 #define TLS1_ALERT_INSUFFIENT_SECURITY 71
121 #define TLS1_ALERT_INTERNAL_ERROR 80
122 #define TLS1_ALERT_USER_CANCELED 90
123 #define TLS1_ALERT_NO_RENEGOTIATION 100
124 #define TLS1_ALERT_UNSUPPORTED_EXT 110
125 #define TLS1_ALERT_UNKNOWN_PSK_IDENTITY 115
126 #define TLS1_ALERT_NO_APP_PROTOCOL 120
128 #define SP_PROT_ALL 0xffffffff
129 #define SP_PROT_UNI_CLIENT 0x80000000
130 #define SP_PROT_UNI_SERVER 0x40000000
131 #define SP_PROT_DTLS1_2_SERVER 0x00040000
132 #define SP_PROT_DTLS1_2_CLIENT 0x00080000
133 #define SP_PROT_DTLS_SERVER 0x00010000
134 #define SP_PROT_DTLS_CLIENT 0x00020000
135 #define SP_PROT_DTLS1_0_SERVER SP_PROT_DTLS_SERVER
136 #define SP_PROT_DTLS1_0_CLIENT SP_PROT_DTLS_CLIENT
137 #define SP_PROT_TLS1_3_SERVER 0x00001000
138 #define SP_PROT_TLS1_3_CLIENT 0x00002000
139 #define SP_PROT_TLS1_2_CLIENT 0x00000800
140 #define SP_PROT_TLS1_2_SERVER 0x00000400
141 #define SP_PROT_TLS1_1_CLIENT 0x00000200
142 #define SP_PROT_TLS1_1_SERVER 0x00000100
143 #define SP_PROT_TLS1_0_CLIENT SP_PROT_TLS1_CLIENT
144 #define SP_PROT_TLS1_0_SERVER SP_PROT_TLS1_SERVER
145 #define SP_PROT_TLS1_CLIENT 0x00000080
146 #define SP_PROT_TLS1_SERVER 0x00000040
147 #define SP_PROT_SSL3_CLIENT 0x00000020
148 #define SP_PROT_SSL3_SERVER 0x00000010
149 #define SP_PROT_SSL2_CLIENT 0x00000008
150 #define SP_PROT_SSL2_SERVER 0x00000004
151 #define SP_PROT_PCT1_CLIENT 0x00000002
152 #define SP_PROT_PCT1_SERVER 0x00000001
153 #define SP_PROT_NONE 0x00000000
155 #define SP_PROT_UNI (SP_PROT_UNI_CLIENT | SP_PROT_UNI_SERVER)
156 #define SP_PROT_DTLS (SP_PROT_DTLS_SERVER | SP_PROT_DTLS_CLIENT)
157 #define SP_PROT_DTLS1_0 (SP_PROT_DTLS1_0_SERVER | SP_PROT_DTLS1_0_CLIENT)
158 #define SP_PROT_DTLS1_2 (SP_PROT_DTLS1_2_SERVER | SP_PROT_DTLS1_2_CLIENT)
159 #define SP_PROT_TLS1_3 (SP_PROT_TLS1_3_CLIENT | SP_PROT_TLS1_3_SERVER)
160 #define SP_PROT_TLS1_2 (SP_PROT_TLS1_2_CLIENT | SP_PROT_TLS1_2_SERVER)
161 #define SP_PROT_TLS1_1 (SP_PROT_TLS1_1_CLIENT | SP_PROT_TLS1_1_SERVER)
162 #define SP_PROT_TLS1_0 (SP_PROT_TLS1_0_CLIENT | SP_PROT_TLS1_0_SERVER)
163 #define SP_PROT_TLS1 (SP_PROT_TLS1_CLIENT | SP_PROT_TLS1_SERVER)
164 #define SP_PROT_SSL3 (SP_PROT_SSL3_CLIENT | SP_PROT_SSL3_SERVER)
165 #define SP_PROT_SSL2 (SP_PROT_SSL2_CLIENT | SP_PROT_SSL2_SERVER)
166 #define SP_PROT_PCT1 (SP_PROT_PCT1_CLIENT | SP_PROT_PCT1_SERVER)
168 #define SP_PROT_SSL3TLS1_CLIENTS (SP_PROT_SSL3_CLIENT | SP_PROT_TLS1_CLIENT)
169 #define SP_PROT_SSL3TLS1_SERVERS (SP_PROT_SSL3_SERVER | SP_PROT_TLS1_SERVER)
170 #define SP_PROT_SSL3TLS1_X_CLIENTS (SP_PROT_SSL3_CLIENT | SP_PROT_TLS1_X_CLIENT)
171 #define SP_PROT_SSL3TLS1_X_SERVERS (SP_PROT_SSL3_SERVER | SP_PROT_TLS1_X_SERVER)
172 #define SP_PROT_TLS1_X_CLIENT ( SP_PROT_TLS1_0_CLIENT \
173 | SP_PROT_TLS1_1_CLIENT \
174 | SP_PROT_TLS1_2_CLIENT \
175 | SP_PROT_TLS1_3_CLIENT )
176 #define SP_PROT_TLS1_X_SERVER ( SP_PROT_TLS1_0_SERVER \
177 | SP_PROT_TLS1_1_SERVER \
178 | SP_PROT_TLS1_2_SERVER \
179 | SP_PROT_TLS1_3_SERVER )
180 #define SP_PROT_TLS1_1PLUS_CLIENT ( SP_PROT_TLS1_1_CLIENT \
181 | SP_PROT_TLS1_2_CLIENT \
182 | SP_PROT_TLS1_3_CLIENT)
183 #define SP_PROT_TLS1_1PLUS_SERVER ( SP_PROT_TLS1_1_SERVER \
184 | SP_PROT_TLS1_2_SERVER \
185 | SP_PROT_TLS1_3_SERVER )
186 #define SP_PROT_DTLS1_X_SERVER ( SP_PROT_DTLS1_0_SERVER \
187 | SP_PROT_DTLS1_2_SERVER )
188 #define SP_PROT_DTLS1_X_CLIENT ( SP_PROT_DTLS1_0_CLIENT \
189 | SP_PROT_DTLS1_2_CLIENT )
190 #define SP_PROT_DTLS1_X ( SP_PROT_DTLS1_X_SERVER \
191 | SP_PROT_DTLS1_X_CLIENT )
192 #define SP_PROT_CLIENTS (SP_PROT_PCT1_CLIENT | SP_PROT_SSL2_CLIENT | SP_PROT_SSL3_CLIENT \
193 | SP_PROT_TLS1_CLIENT | SP_PROT_UNI_CLIENT)
194 #define SP_PROT_SERVERS (SP_PROT_PCT1_SERVER | SP_PROT_SSL2_SERVER | SP_PROT_SSL3_SERVER \
195 | SP_PROT_TLS1_SERVER | SP_PROT_UNI_SERVER)
196 #define SP_PROT_X_CLIENTS ( SP_PROT_CLIENTS \
197 | SP_PROT_TLS1_X_CLIENT \
198 | SP_PROT_DTLS1_X_CLIENT)
199 #define SP_PROT_X_SERVERS ( SP_PROT_SERVERS \
200 | SP_PROT_TLS1_X_SERVER \
201 | SP_PROT_DTLS1_X_SERVER)
203 #define SP_PROT_SSL3TLS1 (SP_PROT_SSL3 | SP_PROT_TLS1)
204 #define SP_PROT_SSL3TLS1_X (SP_PROT_SSL3 | SP_PROT_TLS1_X)
205 #define SP_PROT_TLS1_X (SP_PROT_TLS1_X_CLIENT | SP_PROT_TLS1_X_SERVER)
206 #define SP_PROT_TLS1_1PLUS (SP_PROT_TLS1_1PLUS_CLIENT | SP_PROT_TLS1_1PLUS_SERVER)
208 #define SCH_CRED_NO_SYSTEM_MAPPER 2
209 #define SCH_CRED_NO_SERVERNAME_CHECK 4
210 #define SCH_CRED_MANUAL_CRED_VALIDATION 8
211 #define SCH_CRED_NO_DEFAULT_CREDS 16
212 #define SCH_CRED_AUTO_CRED_VALIDATION 32
213 #define SCH_CRED_USE_DEFAULT_CREDS 64
214 #define SCH_CRED_REVOCATION_CHECK_CHAIN_END_CERT 256
215 #define SCH_CRED_REVOCATION_CHECK_CHAIN 512
216 #define SCH_CRED_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT 1024
217 #define SCH_CRED_IGNORE_NO_REVOCATION_CHECK 2048
218 #define SCH_CRED_IGNORE_REVOCATION_OFFLINE 4096
220 #define UNISP_RPC_ID 14
222 struct _HMAPPER;
224 typedef struct _SCHANNEL_CRED
226 DWORD dwVersion;
227 DWORD cCreds;
228 PCCERT_CONTEXT *paCred;
229 HCERTSTORE hRootStore;
230 DWORD cMappers;
231 struct _HMAPPER **aphMappers;
232 DWORD cSupportedAlgs;
233 ALG_ID *palgSupportedAlgs;
234 DWORD grbitEnabledProtocols;
235 DWORD dwMinimumCipherStrength;
236 DWORD dwMaximumCipherStrength;
237 DWORD dwSessionLifespan;
238 DWORD dwFlags;
239 DWORD dwCredFormat;
240 } SCHANNEL_CRED, *PSCHANNEL_CRED;
242 #ifdef SCHANNEL_USE_BLACKLISTS
244 typedef enum _eTlsAlgorithmUsage
246 TlsParametersCngAlgUsageKeyExchange,
247 TlsParametersCngAlgUsageSignature,
248 TlsParametersCngAlgUsageCipher,
249 TlsParametersCngAlgUsageDigest,
250 TlsParametersCngAlgUsageCertSig,
251 } eTlsAlgorithmUsage;
253 typedef struct _CRYPTO_SETTINGS
255 eTlsAlgorithmUsage eAlgorithmUsage;
256 UNICODE_STRING strCngAlgId;
257 DWORD cChainingModes;
258 PUNICODE_STRING rgstrChainingModes;
259 DWORD dwMinBitLength;
260 DWORD dwMaxBitLength;
261 } CRYPTO_SETTINGS, *PCRYPTO_SETTINGS;
263 typedef struct _TLS_PARAMETERS
265 DWORD cAlpnIds;
266 PUNICODE_STRING rgstrAlpnIds;
267 DWORD grbitDisabledProtocols;
268 DWORD cDisabledCrypto;
269 PCRYPTO_SETTINGS pDisabledCrypto;
270 DWORD dwFlags;
271 } TLS_PARAMETERS, *PTLS_PARAMETERS;
273 typedef struct _SCH_CREDENTIALS
275 DWORD dwVersion;
276 DWORD dwCredFormat;
277 DWORD cCreds;
278 PCCERT_CONTEXT *paCred;
279 HCERTSTORE hRootStore;
280 DWORD cMappers;
281 struct _HMAPPER **aphMappers;
282 DWORD dwSessionLifespan;
283 DWORD dwFlags;
284 DWORD cTlsParameters;
285 PTLS_PARAMETERS pTlsParameters;
286 } SCH_CREDENTIALS, *PSCH_CREDENTIALS;
288 #endif
290 typedef struct _SecPkgCred_SupportedAlgs
292 DWORD cSupportedAlgs;
293 ALG_ID *palgSupportedAlgs;
294 } SecPkgCred_SupportedAlgs, *PSecPkgCred_SupportedAlgs;
296 typedef struct _SecPkgCred_CipherStrengths
298 DWORD dwMinimumCipherStrength;
299 DWORD dwMaximumCipherStrength;
300 } SecPkgCred_CipherStrengths, *PSecPkgCred_CipherStrengths;
302 typedef struct _SecPkgCred_SupportedProtocols
304 DWORD grbitProtocol;
305 } SecPkgCred_SupportedProtocols, *PSecPkgCred_SupportedProtocols;
307 typedef struct _SecPkgContext_IssuerListInfoEx
309 PCERT_NAME_BLOB aIssuers;
310 DWORD cIssuers;
311 } SecPkgContext_IssuerListInfoEx, *PSecPkgContext_IssuerListInfoEx;
313 typedef struct _SecPkgContext_ConnectionInfo
315 DWORD dwProtocol;
316 ALG_ID aiCipher;
317 DWORD dwCipherStrength;
318 ALG_ID aiHash;
319 DWORD dwHashStrength;
320 ALG_ID aiExch;
321 DWORD dwExchStrength;
322 } SecPkgContext_ConnectionInfo, *PSecPkgContext_ConnectionInfo;
324 #define SECPKGCONTEXT_CIPHERINFO_V1 1
325 #define SZ_ALG_MAX_SIZE 64
327 typedef struct _SecPkgContext_CipherInfo
329 DWORD dwVersion;
330 DWORD dwProtocol;
331 DWORD dwCipherSuite;
332 DWORD dwBaseCipherSuite;
333 WCHAR szCipherSuite[SZ_ALG_MAX_SIZE];
334 WCHAR szCipher[SZ_ALG_MAX_SIZE];
335 DWORD dwCipherLen;
336 DWORD dwCipherBlockLen;
337 WCHAR szHash[SZ_ALG_MAX_SIZE];
338 DWORD dwHashLen;
339 WCHAR szExchange[SZ_ALG_MAX_SIZE];
340 DWORD dwMinExchangeLen;
341 DWORD dwMaxExchangeLen;
342 WCHAR szCertificate[SZ_ALG_MAX_SIZE];
343 DWORD dwKeyType;
344 } SecPkgContext_CipherInfo, *PSecPkgContext_CipherInfo;
346 #endif /* __WINE_SCHANNEL_H__ */