Headers diff for ncrypt.dll between 6.3.9600.17415-Windows 8.1 and 10.0.10586.0-Windows 10 1511 10586.494 versions



 ncrypt.h (6.3.9600.17415-Windows 8.1)   ncrypt.h (10.0.10586.0-Windows 10 1511 10586.494) 
skipping to change at line 16 skipping to change at line 16
// //
// File: ncrypt.h // File: ncrypt.h
// //
// Contents: Cryptographic API Prototypes and Definitions // Contents: Cryptographic API Prototypes and Definitions
// //
//---------------------------------------------------------------------------- //----------------------------------------------------------------------------
#ifndef __NCRYPT_H__ #ifndef __NCRYPT_H__
#define __NCRYPT_H__ #define __NCRYPT_H__
#if _MSC_VER >= 1200
#pragma warning(push)
#pragma warning(disable:4820) // padding added after data member
#endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#ifndef WINAPI #ifndef WINAPI
#define WINAPI __stdcall #define WINAPI __stdcall
#endif #endif
#ifndef __SECSTATUS_DEFINED__ #ifndef __SECSTATUS_DEFINED__
typedef LONG SECURITY_STATUS; typedef LONG SECURITY_STATUS;
skipping to change at line 75 skipping to change at line 80
PFN_NCRYPT_FREE pfnFree; PFN_NCRYPT_FREE pfnFree;
} NCRYPT_ALLOC_PARA; } NCRYPT_ALLOC_PARA;
// //
// Microsoft built-in providers. // Microsoft built-in providers.
// //
#define MS_KEY_STORAGE_PROVIDER L"Microsoft Software Key Storage Provide r" #define MS_KEY_STORAGE_PROVIDER L"Microsoft Software Key Storage Provide r"
#define MS_SMART_CARD_KEY_STORAGE_PROVIDER L"Microsoft Smart Card Key Storage Pr ovider" #define MS_SMART_CARD_KEY_STORAGE_PROVIDER L"Microsoft Smart Card Key Storage Pr ovider"
#define MS_PLATFORM_KEY_STORAGE_PROVIDER L"Microsoft Platform Crypto Provider" #define MS_PLATFORM_KEY_STORAGE_PROVIDER L"Microsoft Platform Crypto Provider"
#define MS_NGC_KEY_STORAGE_PROVIDER L"Microsoft Passport Key Storage Prov ider"
// //
// Common algorithm identifiers. // Common algorithm identifiers.
// //
#define NCRYPT_RSA_ALGORITHM BCRYPT_RSA_ALGORITHM #define NCRYPT_RSA_ALGORITHM BCRYPT_RSA_ALGORITHM
#define NCRYPT_RSA_SIGN_ALGORITHM BCRYPT_RSA_SIGN_ALGORITHM #define NCRYPT_RSA_SIGN_ALGORITHM BCRYPT_RSA_SIGN_ALGORITHM
#define NCRYPT_DH_ALGORITHM BCRYPT_DH_ALGORITHM #define NCRYPT_DH_ALGORITHM BCRYPT_DH_ALGORITHM
#define NCRYPT_DSA_ALGORITHM BCRYPT_DSA_ALGORITHM #define NCRYPT_DSA_ALGORITHM BCRYPT_DSA_ALGORITHM
#define NCRYPT_MD2_ALGORITHM BCRYPT_MD2_ALGORITHM #define NCRYPT_MD2_ALGORITHM BCRYPT_MD2_ALGORITHM
skipping to change at line 112 skipping to change at line 118
#define NCRYPT_DES_ALGORITHM BCRYPT_DES_ALGORITHM #define NCRYPT_DES_ALGORITHM BCRYPT_DES_ALGORITHM
#define NCRYPT_DESX_ALGORITHM BCRYPT_DESX_ALGORITHM #define NCRYPT_DESX_ALGORITHM BCRYPT_DESX_ALGORITHM
#define NCRYPT_3DES_112_ALGORITHM BCRYPT_3DES_112_ALGORITHM #define NCRYPT_3DES_112_ALGORITHM BCRYPT_3DES_112_ALGORITHM
#define NCRYPT_SP800108_CTR_HMAC_ALGORITHM BCRYPT_SP800108_CTR_HMAC_ALGORITHM #define NCRYPT_SP800108_CTR_HMAC_ALGORITHM BCRYPT_SP800108_CTR_HMAC_ALGORITHM
#define NCRYPT_SP80056A_CONCAT_ALGORITHM BCRYPT_SP80056A_CONCAT_ALGORITHM #define NCRYPT_SP80056A_CONCAT_ALGORITHM BCRYPT_SP80056A_CONCAT_ALGORITHM
#define NCRYPT_PBKDF2_ALGORITHM BCRYPT_PBKDF2_ALGORITHM #define NCRYPT_PBKDF2_ALGORITHM BCRYPT_PBKDF2_ALGORITHM
#define NCRYPT_CAPI_KDF_ALGORITHM BCRYPT_CAPI_KDF_ALGORITHM #define NCRYPT_CAPI_KDF_ALGORITHM BCRYPT_CAPI_KDF_ALGORITHM
#endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN8)
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_ECDSA_ALGORITHM BCRYPT_ECDSA_ALGORITHM
#define NCRYPT_ECDH_ALGORITHM BCRYPT_ECDH_ALGORITHM
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_KEY_STORAGE_ALGORITHM L"KEY_STORAGE" #define NCRYPT_KEY_STORAGE_ALGORITHM L"KEY_STORAGE"
// //
// Interfaces // Interfaces
// //
#if (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPT_CIPHER_INTERFACE BCRYPT_CIPHER_INTERFACE #define NCRYPT_CIPHER_INTERFACE BCRYPT_CIPHER_INTERFACE
#endif // (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPT_HASH_INTERFACE BCRYPT_HASH_INTERFACE #define NCRYPT_HASH_INTERFACE BCRYPT_HASH_INTERFACE
#define NCRYPT_ASYMMETRIC_ENCRYPTION_INTERFACE BCRYPT_ASYMMETRIC_ENCRYPTION_INT ERFACE #define NCRYPT_ASYMMETRIC_ENCRYPTION_INTERFACE BCRYPT_ASYMMETRIC_ENCRYPTION_INT ERFACE
#define NCRYPT_SECRET_AGREEMENT_INTERFACE BCRYPT_SECRET_AGREEMENT_INTERFAC E #define NCRYPT_SECRET_AGREEMENT_INTERFACE BCRYPT_SECRET_AGREEMENT_INTERFAC E
#define NCRYPT_SIGNATURE_INTERFACE BCRYPT_SIGNATURE_INTERFACE #define NCRYPT_SIGNATURE_INTERFACE BCRYPT_SIGNATURE_INTERFACE
#if (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPT_KEY_DERIVATION_INTERFACE BCRYPT_KEY_DERIVATION_INTERFACE #define NCRYPT_KEY_DERIVATION_INTERFACE BCRYPT_KEY_DERIVATION_INTERFACE
#endif #endif // (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPT_KEY_STORAGE_INTERFACE 0x00010001 #define NCRYPT_KEY_STORAGE_INTERFACE 0x00010001
#define NCRYPT_SCHANNEL_INTERFACE 0x00010002 #define NCRYPT_SCHANNEL_INTERFACE 0x00010002
#if (NTDDI_VERSION >= NTDDI_WIN7)
#define NCRYPT_SCHANNEL_SIGNATURE_INTERFACE 0x00010003 #define NCRYPT_SCHANNEL_SIGNATURE_INTERFACE 0x00010003
#endif
#if (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPT_KEY_PROTECTION_INTERFACE 0x00010004 #define NCRYPT_KEY_PROTECTION_INTERFACE 0x00010004
#endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN8)
// //
// algorithm groups. // algorithm groups.
// //
#define NCRYPT_RSA_ALGORITHM_GROUP NCRYPT_RSA_ALGORITHM #define NCRYPT_RSA_ALGORITHM_GROUP NCRYPT_RSA_ALGORITHM
#define NCRYPT_DH_ALGORITHM_GROUP NCRYPT_DH_ALGORITHM #define NCRYPT_DH_ALGORITHM_GROUP NCRYPT_DH_ALGORITHM
#define NCRYPT_DSA_ALGORITHM_GROUP NCRYPT_DSA_ALGORITHM #define NCRYPT_DSA_ALGORITHM_GROUP NCRYPT_DSA_ALGORITHM
#define NCRYPT_ECDSA_ALGORITHM_GROUP L"ECDSA" #define NCRYPT_ECDSA_ALGORITHM_GROUP L"ECDSA"
#define NCRYPT_ECDH_ALGORITHM_GROUP L"ECDH" #define NCRYPT_ECDH_ALGORITHM_GROUP L"ECDH"
#if (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPT_AES_ALGORITHM_GROUP NCRYPT_AES_ALGORITHM #define NCRYPT_AES_ALGORITHM_GROUP NCRYPT_AES_ALGORITHM
#define NCRYPT_RC2_ALGORITHM_GROUP NCRYPT_RC2_ALGORITHM #define NCRYPT_RC2_ALGORITHM_GROUP NCRYPT_RC2_ALGORITHM
#define NCRYPT_DES_ALGORITHM_GROUP L"DES" #define NCRYPT_DES_ALGORITHM_GROUP L"DES"
#define NCRYPT_KEY_DERIVATION_GROUP L"KEY_DERIVATION" #define NCRYPT_KEY_DERIVATION_GROUP L"KEY_DERIVATION"
#endif #endif // (NTDDI_VERSION >= NTDDI_WIN8)
// //
// NCrypt generic memory descriptors // NCrypt generic memory descriptors
// //
#define NCRYPTBUFFER_VERSION 0 #define NCRYPTBUFFER_VERSION 0
#define NCRYPTBUFFER_EMPTY 0 #define NCRYPTBUFFER_EMPTY 0
#define NCRYPTBUFFER_DATA 1 #define NCRYPTBUFFER_DATA 1
#if (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPTBUFFER_PROTECTION_DESCRIPTOR_STRING 3 // The buffer contains a null-terminated Unicode string that contains the Protection Descriptor. #define NCRYPTBUFFER_PROTECTION_DESCRIPTOR_STRING 3 // The buffer contains a null-terminated Unicode string that contains the Protection Descriptor.
#define NCRYPTBUFFER_PROTECTION_FLAGS 4 // DWORD flags to be pas sed to NCryptCreateProtectionDescriptor function. #define NCRYPTBUFFER_PROTECTION_FLAGS 4 // DWORD flags to be pas sed to NCryptCreateProtectionDescriptor function.
#endif // (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPTBUFFER_SSL_CLIENT_RANDOM 20 #define NCRYPTBUFFER_SSL_CLIENT_RANDOM 20
#define NCRYPTBUFFER_SSL_SERVER_RANDOM 21 #define NCRYPTBUFFER_SSL_SERVER_RANDOM 21
#define NCRYPTBUFFER_SSL_HIGHEST_VERSION 22 #define NCRYPTBUFFER_SSL_HIGHEST_VERSION 22
#define NCRYPTBUFFER_SSL_CLEAR_KEY 23 #define NCRYPTBUFFER_SSL_CLEAR_KEY 23
#define NCRYPTBUFFER_SSL_KEY_ARG_DATA 24 #define NCRYPTBUFFER_SSL_KEY_ARG_DATA 24
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPTBUFFER_SSL_SESSION_HASH 25
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPTBUFFER_PKCS_OID 40 #define NCRYPTBUFFER_PKCS_OID 40
#define NCRYPTBUFFER_PKCS_ALG_OID 41 #define NCRYPTBUFFER_PKCS_ALG_OID 41
#define NCRYPTBUFFER_PKCS_ALG_PARAM 42 #define NCRYPTBUFFER_PKCS_ALG_PARAM 42
#define NCRYPTBUFFER_PKCS_ALG_ID 43 #define NCRYPTBUFFER_PKCS_ALG_ID 43
#define NCRYPTBUFFER_PKCS_ATTRS 44 #define NCRYPTBUFFER_PKCS_ATTRS 44
#define NCRYPTBUFFER_PKCS_KEY_NAME 45 #define NCRYPTBUFFER_PKCS_KEY_NAME 45
#define NCRYPTBUFFER_PKCS_SECRET 46 #define NCRYPTBUFFER_PKCS_SECRET 46
#define NCRYPTBUFFER_CERT_BLOB 47 #define NCRYPTBUFFER_CERT_BLOB 47
//for threshold key attestation
#define NCRYPTBUFFER_CLAIM_IDBINDING_NONCE 48
#define NCRYPTBUFFER_CLAIM_KEYATTESTATION_NONCE 49
#define NCRYPTBUFFER_KEY_PROPERTY_FLAGS 50
#define NCRYPTBUFFER_ATTESTATIONSTATEMENT_BLOB 51
#define NCRYPTBUFFER_ATTESTATION_CLAIM_TYPE 52
#define NCRYPTBUFFER_ATTESTATION_CLAIM_CHALLENGE_REQUIRED 53
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
//for generic ecc
#define NCRYPTBUFFER_ECC_CURVE_NAME 60
#define NCRYPTBUFFER_ECC_PARAMETERS 61
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
// NCRYPT shares the same BCRYPT definitions // NCRYPT shares the same BCRYPT definitions
typedef BCryptBuffer NCryptBuffer; typedef BCryptBuffer NCryptBuffer;
typedef BCryptBuffer* PNCryptBuffer; typedef BCryptBuffer* PNCryptBuffer;
typedef BCryptBufferDesc NCryptBufferDesc; typedef BCryptBufferDesc NCryptBufferDesc;
typedef BCryptBufferDesc* PNCryptBufferDesc; typedef BCryptBufferDesc* PNCryptBufferDesc;
// //
// NCrypt handles // NCrypt handles
// //
skipping to change at line 259 skipping to change at line 294
ULONG magic; // 'KAPD' ULONG magic; // 'KAPD'
PUCHAR pbKeyBlob; PUCHAR pbKeyBlob;
ULONG cbKeyBlob; ULONG cbKeyBlob;
PUCHAR pbKeyAuth; PUCHAR pbKeyAuth;
ULONG cbKeyAuth; ULONG cbKeyAuth;
} NCRYPT_KEY_ATTEST_PADDING_INFO; } NCRYPT_KEY_ATTEST_PADDING_INFO;
#endif // (NTDDI_VERSION >= NTDDI_WINBLUE) #endif // (NTDDI_VERSION >= NTDDI_WINBLUE)
// //
// key attestation claim type
//
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_CLAIM_AUTHORITY_ONLY 0x00000001
#define NCRYPT_CLAIM_SUBJECT_ONLY 0x00000002
#define NCRYPT_CLAIM_AUTHORITY_AND_SUBJECT 0x00000003
#define NCRYPT_CLAIM_UNKNOWN 0x00001000
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
//
// NCrypt API Flags // NCrypt API Flags
// //
#define NCRYPT_NO_PADDING_FLAG 0x00000001 // NCryptEncrypt/Dec rypt #define NCRYPT_NO_PADDING_FLAG 0x00000001 // NCryptEncrypt/Dec rypt
#define NCRYPT_PAD_PKCS1_FLAG 0x00000002 // NCryptEncrypt/Dec rypt NCryptSignHash/VerifySignature #define NCRYPT_PAD_PKCS1_FLAG 0x00000002 // NCryptEncrypt/Dec rypt NCryptSignHash/VerifySignature
#define NCRYPT_PAD_OAEP_FLAG 0x00000004 // BCryptEncrypt/Dec rypt #define NCRYPT_PAD_OAEP_FLAG 0x00000004 // BCryptEncrypt/Dec rypt
#define NCRYPT_PAD_PSS_FLAG 0x00000008 // BCryptSignHash/Ve rifySignature #define NCRYPT_PAD_PSS_FLAG 0x00000008 // BCryptSignHash/Ve rifySignature
#if (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPT_PAD_CIPHER_FLAG 0x00000010 // NCryptEncrypt/Dec rypt #define NCRYPT_PAD_CIPHER_FLAG 0x00000010 // NCryptEncrypt/Dec rypt
#endif #endif // (NTDDI_VERSION >= NTDDI_WIN8)
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_ATTESTATION_FLAG 0x00000020 // NCryptDecrypt for
key attestation
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_REGISTER_NOTIFY_FLAG 0x00000001 // NCryptNotifyChang eKey #define NCRYPT_REGISTER_NOTIFY_FLAG 0x00000001 // NCryptNotifyChang eKey
#define NCRYPT_UNREGISTER_NOTIFY_FLAG 0x00000002 // NCryptNotifyChang eKey #define NCRYPT_UNREGISTER_NOTIFY_FLAG 0x00000002 // NCryptNotifyChang eKey
#define NCRYPT_NO_KEY_VALIDATION BCRYPT_NO_KEY_VALIDATION #define NCRYPT_NO_KEY_VALIDATION BCRYPT_NO_KEY_VALIDATION
#define NCRYPT_MACHINE_KEY_FLAG 0x00000020 // same as CAPI CRYP T_MACHINE_KEYSET #define NCRYPT_MACHINE_KEY_FLAG 0x00000020 // same as CAPI CRYP T_MACHINE_KEYSET
#define NCRYPT_SILENT_FLAG 0x00000040 // same as CAPI CRYP T_SILENT #define NCRYPT_SILENT_FLAG 0x00000040 // same as CAPI CRYP T_SILENT
#define NCRYPT_OVERWRITE_KEY_FLAG 0x00000080 #define NCRYPT_OVERWRITE_KEY_FLAG 0x00000080
#define NCRYPT_WRITE_KEY_TO_LEGACY_STORE_FLAG 0x00000200 #define NCRYPT_WRITE_KEY_TO_LEGACY_STORE_FLAG 0x00000200
#define NCRYPT_DO_NOT_FINALIZE_FLAG 0x00000400 #define NCRYPT_DO_NOT_FINALIZE_FLAG 0x00000400
#define NCRYPT_EXPORT_LEGACY_FLAG 0x00000800 #define NCRYPT_EXPORT_LEGACY_FLAG 0x00000800
#if (NTDDI_VERSION >= NTDDI_WINBLUE) #if (NTDDI_VERSION >= NTDDI_WINBLUE)
#define NCRYPT_IGNORE_DEVICE_STATE_FLAG 0x00001000 // NCryptOpenStorage Provider #define NCRYPT_IGNORE_DEVICE_STATE_FLAG 0x00001000 // NCryptOpenStorage Provider
#endif #endif // (NTDDI_VERSION >= NTDDI_WINBLUE)
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_TREAT_NIST_AS_GENERIC_ECC_FLAG 0x00002000
#define NCRYPT_NO_CACHED_PASSWORD 0x00004000
#define NCRYPT_PROTECT_TO_LOCAL_SYSTEM 0x00008000
#define NCRYPT_ECC_NO_COFACTOR_MULTIPLICATION_FLAG BCRYPT_ECC_NO_COFACTOR_MULTIP
LICATION
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_PERSIST_ONLY_FLAG 0x40000000 #define NCRYPT_PERSIST_ONLY_FLAG 0x40000000
#define NCRYPT_PERSIST_FLAG 0x80000000 #define NCRYPT_PERSIST_FLAG 0x80000000
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
// //
// Functions used to manage persisted keys. // Functions used to manage persisted keys.
// //
// NCryptOpenStorageProvider flags // NCryptOpenStorageProvider flags
#define NCRYPT_SILENT_FLAG 0x00000040 // same as CAPI CRYP T_SILENT #define NCRYPT_SILENT_FLAG 0x00000040 // same as CAPI CRYP T_SILENT
#if (NTDDI_VERSION >= NTDDI_WINBLUE) #if (NTDDI_VERSION >= NTDDI_WINBLUE)
#define NCRYPT_IGNORE_DEVICE_STATE_FLAG 0x00001000 // NCryptOpenStorage Provider #define NCRYPT_IGNORE_DEVICE_STATE_FLAG 0x00001000 // NCryptOpenStorage Provider
#endif #endif // (NTDDI_VERSION >= NTDDI_WINBLUE)
_Check_return_ _Check_return_
SECURITY_STATUS SECURITY_STATUS
WINAPI WINAPI
NCryptOpenStorageProvider( NCryptOpenStorageProvider(
_Out_ NCRYPT_PROV_HANDLE *phProvider, _Out_ NCRYPT_PROV_HANDLE *phProvider,
_In_opt_ LPCWSTR pszProviderName, _In_opt_ LPCWSTR pszProviderName,
_In_ DWORD dwFlags); _In_ DWORD dwFlags);
// AlgOperations flags for use with NCryptEnumAlgorithms() // AlgOperations flags for use with NCryptEnumAlgorithms()
skipping to change at line 373 skipping to change at line 426
_Outptr_ NCryptKeyName **ppKeyName, _Outptr_ NCryptKeyName **ppKeyName,
_Inout_ PVOID * ppEnumState, _Inout_ PVOID * ppEnumState,
_In_ DWORD dwFlags); _In_ DWORD dwFlags);
typedef struct NCryptProviderName typedef struct NCryptProviderName
{ {
LPWSTR pszName; LPWSTR pszName;
LPWSTR pszComment; LPWSTR pszComment;
} NCryptProviderName; } NCryptProviderName;
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
_Check_return_ _Check_return_
SECURITY_STATUS SECURITY_STATUS
WINAPI WINAPI
NCryptEnumStorageProviders( NCryptEnumStorageProviders(
_Out_ DWORD * pdwProviderCount, _Out_ DWORD * pdwProviderCount,
_Outptr_result_buffer_(*pdwProviderCount) NCryptProviderName **ppProviderLis t, _Outptr_result_buffer_(*pdwProviderCount) NCryptProviderName **ppProviderLis t,
_In_ DWORD dwFlags); _In_ DWORD dwFlags);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY
STEM) */
#pragma endregion
SECURITY_STATUS SECURITY_STATUS
WINAPI WINAPI
NCryptFreeBuffer( NCryptFreeBuffer(
_Pre_notnull_ PVOID pvInput); _Pre_notnull_ PVOID pvInput);
// NCryptOpenKey flags // NCryptOpenKey flags
#define NCRYPT_MACHINE_KEY_FLAG 0x00000020 #define NCRYPT_MACHINE_KEY_FLAG 0x00000020
#define NCRYPT_SILENT_FLAG 0x00000040 #define NCRYPT_SILENT_FLAG 0x00000040
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_AUTHORITY_KEY_FLAG 0x00000100
#endif
_Check_return_ _Check_return_
SECURITY_STATUS SECURITY_STATUS
WINAPI WINAPI
NCryptOpenKey( NCryptOpenKey(
_In_ NCRYPT_PROV_HANDLE hProvider, _In_ NCRYPT_PROV_HANDLE hProvider,
_Out_ NCRYPT_KEY_HANDLE *phKey, _Out_ NCRYPT_KEY_HANDLE *phKey,
_In_ LPCWSTR pszKeyName, _In_ LPCWSTR pszKeyName,
_In_opt_ DWORD dwLegacyKeySpec, _In_opt_ DWORD dwLegacyKeySpec,
_In_ DWORD dwFlags); _In_ DWORD dwFlags);
skipping to change at line 422 skipping to change at line 484
_In_ DWORD dwLegacyKeySpec, _In_ DWORD dwLegacyKeySpec,
_In_ DWORD dwFlags); _In_ DWORD dwFlags);
// Standard property names. // Standard property names.
#define NCRYPT_NAME_PROPERTY L"Name" #define NCRYPT_NAME_PROPERTY L"Name"
#define NCRYPT_UNIQUE_NAME_PROPERTY L"Unique Name" #define NCRYPT_UNIQUE_NAME_PROPERTY L"Unique Name"
#define NCRYPT_ALGORITHM_PROPERTY L"Algorithm Name" #define NCRYPT_ALGORITHM_PROPERTY L"Algorithm Name"
#define NCRYPT_LENGTH_PROPERTY L"Length" #define NCRYPT_LENGTH_PROPERTY L"Length"
#define NCRYPT_LENGTHS_PROPERTY L"Lengths" #define NCRYPT_LENGTHS_PROPERTY L"Lengths"
#define NCRYPT_BLOCK_LENGTH_PROPERTY L"Block Length" #define NCRYPT_BLOCK_LENGTH_PROPERTY L"Block Length"
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_PUBLIC_LENGTH_PROPERTY BCRYPT_PUBLIC_KEY_LENGTH
#define NCRYPT_SIGNATURE_LENGTH_PROPERTY BCRYPT_SIGNATURE_LENGTH
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#if (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPT_CHAINING_MODE_PROPERTY L"Chaining Mode" #define NCRYPT_CHAINING_MODE_PROPERTY L"Chaining Mode"
#define NCRYPT_AUTH_TAG_LENGTH L"AuthTagLength" #define NCRYPT_AUTH_TAG_LENGTH L"AuthTagLength"
#endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPT_UI_POLICY_PROPERTY L"UI Policy" #define NCRYPT_UI_POLICY_PROPERTY L"UI Policy"
#define NCRYPT_EXPORT_POLICY_PROPERTY L"Export Policy" #define NCRYPT_EXPORT_POLICY_PROPERTY L"Export Policy"
#define NCRYPT_WINDOW_HANDLE_PROPERTY L"HWND Handle" #define NCRYPT_WINDOW_HANDLE_PROPERTY L"HWND Handle"
#define NCRYPT_USE_CONTEXT_PROPERTY L"Use Context" #define NCRYPT_USE_CONTEXT_PROPERTY L"Use Context"
#define NCRYPT_IMPL_TYPE_PROPERTY L"Impl Type" #define NCRYPT_IMPL_TYPE_PROPERTY L"Impl Type"
#define NCRYPT_KEY_USAGE_PROPERTY L"Key Usage" #define NCRYPT_KEY_USAGE_PROPERTY L"Key Usage"
#define NCRYPT_KEY_TYPE_PROPERTY L"Key Type" #define NCRYPT_KEY_TYPE_PROPERTY L"Key Type"
#define NCRYPT_VERSION_PROPERTY L"Version" #define NCRYPT_VERSION_PROPERTY L"Version"
#define NCRYPT_SECURITY_DESCR_SUPPORT_PROPERTY L"Security Descr Support" #define NCRYPT_SECURITY_DESCR_SUPPORT_PROPERTY L"Security Descr Support"
#define NCRYPT_SECURITY_DESCR_PROPERTY L"Security Descr" #define NCRYPT_SECURITY_DESCR_PROPERTY L"Security Descr"
skipping to change at line 442 skipping to change at line 511
#define NCRYPT_KEY_TYPE_PROPERTY L"Key Type" #define NCRYPT_KEY_TYPE_PROPERTY L"Key Type"
#define NCRYPT_VERSION_PROPERTY L"Version" #define NCRYPT_VERSION_PROPERTY L"Version"
#define NCRYPT_SECURITY_DESCR_SUPPORT_PROPERTY L"Security Descr Support" #define NCRYPT_SECURITY_DESCR_SUPPORT_PROPERTY L"Security Descr Support"
#define NCRYPT_SECURITY_DESCR_PROPERTY L"Security Descr" #define NCRYPT_SECURITY_DESCR_PROPERTY L"Security Descr"
#define NCRYPT_USE_COUNT_ENABLED_PROPERTY L"Enabled Use Count" #define NCRYPT_USE_COUNT_ENABLED_PROPERTY L"Enabled Use Count"
#define NCRYPT_USE_COUNT_PROPERTY L"Use Count" #define NCRYPT_USE_COUNT_PROPERTY L"Use Count"
#define NCRYPT_LAST_MODIFIED_PROPERTY L"Modified" #define NCRYPT_LAST_MODIFIED_PROPERTY L"Modified"
#define NCRYPT_MAX_NAME_LENGTH_PROPERTY L"Max Name Length" #define NCRYPT_MAX_NAME_LENGTH_PROPERTY L"Max Name Length"
#define NCRYPT_ALGORITHM_GROUP_PROPERTY L"Algorithm Group" #define NCRYPT_ALGORITHM_GROUP_PROPERTY L"Algorithm Group"
#define NCRYPT_DH_PARAMETERS_PROPERTY BCRYPT_DH_PARAMETERS #define NCRYPT_DH_PARAMETERS_PROPERTY BCRYPT_DH_PARAMETERS
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_ECC_PARAMETERS_PROPERTY BCRYPT_ECC_PARAMETERS
#define NCRYPT_ECC_CURVE_NAME_PROPERTY BCRYPT_ECC_CURVE_NAME
#define NCRYPT_ECC_CURVE_NAME_LIST_PROPERTY BCRYPT_ECC_CURVE_NAME_LIST
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_PROVIDER_HANDLE_PROPERTY L"Provider Handle" #define NCRYPT_PROVIDER_HANDLE_PROPERTY L"Provider Handle"
#define NCRYPT_PIN_PROPERTY L"SmartCardPin" #define NCRYPT_PIN_PROPERTY L"SmartCardPin"
#define NCRYPT_READER_PROPERTY L"SmartCardReader" #define NCRYPT_READER_PROPERTY L"SmartCardReader"
#define NCRYPT_SMARTCARD_GUID_PROPERTY L"SmartCardGuid" #define NCRYPT_SMARTCARD_GUID_PROPERTY L"SmartCardGuid"
#define NCRYPT_CERTIFICATE_PROPERTY L"SmartCardKeyCertificate" #define NCRYPT_CERTIFICATE_PROPERTY L"SmartCardKeyCertificate"
#define NCRYPT_PIN_PROMPT_PROPERTY L"SmartCardPinPrompt" #define NCRYPT_PIN_PROMPT_PROPERTY L"SmartCardPinPrompt"
#define NCRYPT_USER_CERTSTORE_PROPERTY L"SmartCardUserCertStore" #define NCRYPT_USER_CERTSTORE_PROPERTY L"SmartCardUserCertStore"
#define NCRYPT_ROOT_CERTSTORE_PROPERTY L"SmartcardRootCertStore" #define NCRYPT_ROOT_CERTSTORE_PROPERTY L"SmartcardRootCertStore"
#define NCRYPT_SECURE_PIN_PROPERTY L"SmartCardSecurePin" #define NCRYPT_SECURE_PIN_PROPERTY L"SmartCardSecurePin"
#if (NTDDI_VERSION >= NTDDI_WIN7)
#define NCRYPT_ASSOCIATED_ECDH_KEY L"SmartCardAssociatedECDHKey" #define NCRYPT_ASSOCIATED_ECDH_KEY L"SmartCardAssociatedECDHKey"
#define NCRYPT_SCARD_PIN_ID L"SmartCardPinId" #define NCRYPT_SCARD_PIN_ID L"SmartCardPinId"
#define NCRYPT_SCARD_PIN_INFO L"SmartCardPinInfo" #define NCRYPT_SCARD_PIN_INFO L"SmartCardPinInfo"
#endif // (NTDDI_VERSION >= NTDDI_WIN7)
#if (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN8)
#define NCRYPT_READER_ICON_PROPERTY L"SmartCardReaderIcon" #define NCRYPT_READER_ICON_PROPERTY L"SmartCardReaderIcon"
#define NCRYPT_KDF_SECRET_VALUE L"KDFKeySecret" #define NCRYPT_KDF_SECRET_VALUE L"KDFKeySecret"
// //
// Additional property strings specific for the Platform Crypto Provider // Additional property strings specific for the Platform Crypto Provider
// //
#define NCRYPT_PCP_PLATFORM_TYPE_PROPERTY L"PCP_PLATFORM_TYPE" #define NCRYPT_PCP_PLATFORM_TYPE_PROPERTY L"PCP_PLATFORM_TYPE"
#define NCRYPT_PCP_PROVIDER_VERSION_PROPERTY L"PCP_PROVIDER_VERSIO N" #define NCRYPT_PCP_PROVIDER_VERSION_PROPERTY L"PCP_PROVIDER_VERSIO N"
#define NCRYPT_PCP_EKPUB_PROPERTY L"PCP_EKPUB" #define NCRYPT_PCP_EKPUB_PROPERTY L"PCP_EKPUB"
#define NCRYPT_PCP_EKCERT_PROPERTY L"PCP_EKCERT" #define NCRYPT_PCP_EKCERT_PROPERTY L"PCP_EKCERT"
#define NCRYPT_PCP_EKNVCERT_PROPERTY L"PCP_EKNVCERT" #define NCRYPT_PCP_EKNVCERT_PROPERTY L"PCP_EKNVCERT"
#define NCRYPT_PCP_RSA_EKPUB_PROPERTY L"PCP_RSA_EKPUB"
#define NCRYPT_PCP_RSA_EKCERT_PROPERTY L"PCP_RSA_EKCERT"
#define NCRYPT_PCP_RSA_EKNVCERT_PROPERTY L"PCP_RSA_EKNVCERT"
#define NCRYPT_PCP_ECC_EKPUB_PROPERTY L"PCP_ECC_EKPUB"
#define NCRYPT_PCP_ECC_EKCERT_PROPERTY L"PCP_ECC_EKCERT"
#define NCRYPT_PCP_ECC_EKNVCERT_PROPERTY L"PCP_ECC_EKNVCERT"
#define NCRYPT_PCP_SRKPUB_PROPERTY L"PCP_SRKPUB" #define NCRYPT_PCP_SRKPUB_PROPERTY L"PCP_SRKPUB"
#define NCRYPT_PCP_PCRTABLE_PROPERTY L"PCP_PCRTABLE" #define NCRYPT_PCP_PCRTABLE_PROPERTY L"PCP_PCRTABLE"
#define NCRYPT_PCP_CHANGEPASSWORD_PROPERTY L"PCP_CHANGEPASSWORD" #define NCRYPT_PCP_CHANGEPASSWORD_PROPERTY L"PCP_CHANGEPASSWORD"
#define NCRYPT_PCP_PASSWORD_REQUIRED_PROPERTY L"PCP_PASSWORD_REQUIR ED" #define NCRYPT_PCP_PASSWORD_REQUIRED_PROPERTY L"PCP_PASSWORD_REQUIR ED"
#define NCRYPT_PCP_USAGEAUTH_PROPERTY L"PCP_USAGEAUTH" #define NCRYPT_PCP_USAGEAUTH_PROPERTY L"PCP_USAGEAUTH"
#define NCRYPT_PCP_MIGRATIONPASSWORD_PROPERTY L"PCP_MIGRATIONPASSWO RD" #define NCRYPT_PCP_MIGRATIONPASSWORD_PROPERTY L"PCP_MIGRATIONPASSWO RD"
#define NCRYPT_PCP_EXPORT_ALLOWED_PROPERTY L"PCP_EXPORT_ALLOWED" #define NCRYPT_PCP_EXPORT_ALLOWED_PROPERTY L"PCP_EXPORT_ALLOWED"
#define NCRYPT_PCP_STORAGEPARENT_PROPERTY L"PCP_STORAGEPARENT" #define NCRYPT_PCP_STORAGEPARENT_PROPERTY L"PCP_STORAGEPARENT"
#define NCRYPT_PCP_PROVIDERHANDLE_PROPERTY L"PCP_PROVIDERMHANDLE " #define NCRYPT_PCP_PROVIDERHANDLE_PROPERTY L"PCP_PROVIDERMHANDLE "
#define NCRYPT_PCP_PLATFORMHANDLE_PROPERTY L"PCP_PLATFORMHANDLE" #define NCRYPT_PCP_PLATFORMHANDLE_PROPERTY L"PCP_PLATFORMHANDLE"
skipping to change at line 495 skipping to change at line 579
// BCRYPT_PCP_KEY_USAGE_POLICY values // BCRYPT_PCP_KEY_USAGE_POLICY values
// //
#define NCRYPT_TPM12_PROVIDER (0x00010000) #define NCRYPT_TPM12_PROVIDER (0x00010000)
#define NCRYPT_PCP_SIGNATURE_KEY (0x00000001) #define NCRYPT_PCP_SIGNATURE_KEY (0x00000001)
#define NCRYPT_PCP_ENCRYPTION_KEY (0x00000002) #define NCRYPT_PCP_ENCRYPTION_KEY (0x00000002)
#define NCRYPT_PCP_GENERIC_KEY (NCRYPT_PCP_SIGNATURE_KEY | NCRYP T_PCP_ENCRYPTION_KEY) #define NCRYPT_PCP_GENERIC_KEY (NCRYPT_PCP_SIGNATURE_KEY | NCRYP T_PCP_ENCRYPTION_KEY)
#define NCRYPT_PCP_STORAGE_KEY (0x00000004) #define NCRYPT_PCP_STORAGE_KEY (0x00000004)
#define NCRYPT_PCP_IDENTITY_KEY (0x00000008) #define NCRYPT_PCP_IDENTITY_KEY (0x00000008)
#endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN8)
//
// Additional property strings specific for the Smart Card Key Storage Provider
//
#if (NTDDI_VERSION >= NTDDI_WIN10)
#define NCRYPT_SCARD_NGC_KEY_NAME L"SmartCardNgcKeyName"
#endif // (NTDDI_VERSION >= NTDDI_WIN10)
#if (NTDDI_VERSION >= NTDDI_WIN10)
#define NCRYPT_PCP_PLATFORM_BINDING_PCRALGID_PROPERTY L"PCP_PLATFORM_BINDIN
G_PCRALGID"
#endif // (NTDDI_VERSION >= NTDDI_WIN10)
#if (NTDDI_VERSION >= NTDDI_WIN8) #if (NTDDI_VERSION >= NTDDI_WIN8)
// //
// Used to set IV for block ciphers, before calling NCryptEncrypt/NCryptDecrypt // Used to set IV for block ciphers, before calling NCryptEncrypt/NCryptDecrypt
// //
#define NCRYPT_INITIALIZATION_VECTOR BCRYPT_INITIALIZATION_VECTOR #define NCRYPT_INITIALIZATION_VECTOR BCRYPT_INITIALIZATION_VECTOR
#endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN8)
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_CHANGEPASSWORD_PROPERTY NCRYPT_PCP_CHANGEPASSWORD_PROPERTY
#define NCRYPT_ALTERNATE_KEY_STORAGE_LOCATION_PROPERTY NCRYPT_PCP_ALTERNATE_KEY
_STORAGE_LOCATION_PROPERTY
#define NCRYPT_KEY_ACCESS_POLICY_PROPERTY L"Key Access Policy"
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
// Maximum length of property name (in characters) // Maximum length of property name (in characters)
#define NCRYPT_MAX_PROPERTY_NAME 64 #define NCRYPT_MAX_PROPERTY_NAME 64
// Maximum length of property data (in bytes) // Maximum length of property data (in bytes)
#define NCRYPT_MAX_PROPERTY_DATA 0x100000 #define NCRYPT_MAX_PROPERTY_DATA 0x100000
// NCRYPT_EXPORT_POLICY_PROPERTY property flags. // NCRYPT_EXPORT_POLICY_PROPERTY property flags.
#define NCRYPT_ALLOW_EXPORT_FLAG 0x00000001 #define NCRYPT_ALLOW_EXPORT_FLAG 0x00000001
#define NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG 0x00000002 #define NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG 0x00000002
#define NCRYPT_ALLOW_ARCHIVING_FLAG 0x00000004 #define NCRYPT_ALLOW_ARCHIVING_FLAG 0x00000004
skipping to change at line 532 skipping to change at line 633
#define NCRYPT_ALLOW_SIGNING_FLAG 0x00000002 #define NCRYPT_ALLOW_SIGNING_FLAG 0x00000002
#define NCRYPT_ALLOW_KEY_AGREEMENT_FLAG 0x00000004 #define NCRYPT_ALLOW_KEY_AGREEMENT_FLAG 0x00000004
#define NCRYPT_ALLOW_ALL_USAGES 0x00ffffff #define NCRYPT_ALLOW_ALL_USAGES 0x00ffffff
// NCRYPT_UI_POLICY_PROPERTY property flags and structure // NCRYPT_UI_POLICY_PROPERTY property flags and structure
#define NCRYPT_UI_PROTECT_KEY_FLAG 0x00000001 #define NCRYPT_UI_PROTECT_KEY_FLAG 0x00000001
#define NCRYPT_UI_FORCE_HIGH_PROTECTION_FLAG 0x00000002 #define NCRYPT_UI_FORCE_HIGH_PROTECTION_FLAG 0x00000002
#if (NTDDI_VERSION >= NTDDI_WINBLUE) #if (NTDDI_VERSION >= NTDDI_WINBLUE)
#define NCRYPT_UI_FINGERPRINT_PROTECTION_FLAG 0x00000004 #define NCRYPT_UI_FINGERPRINT_PROTECTION_FLAG 0x00000004
#define NCRYPT_UI_APPCONTAINER_ACCESS_MEDIUM_FLAG 0x00000008 #define NCRYPT_UI_APPCONTAINER_ACCESS_MEDIUM_FLAG 0x00000008
#endif #endif // (NTDDI_VERSION >= NTDDI_WINBLUE)
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
//
// Pin Cache Provider Properties
//
#define NCRYPT_PIN_CACHE_FREE_APPLICATION_TICKET_PROPERTY L"PinCacheFreeApplic
ationTicket"
//
// Pin Cache Key Properties
//
#define NCRYPT_PIN_CACHE_APPLICATION_TICKET_PROPERTY L"PinCacheApplicatio
nTicket"
#define NCRYPT_PIN_CACHE_APPLICATION_IMAGE_PROPERTY L"PinCacheApplicatio
nImage"
#define NCRYPT_PIN_CACHE_APPLICATION_STATUS_PROPERTY L"PinCacheApplicatio
nStatus"
#define NCRYPT_PIN_CACHE_PIN_PROPERTY L"PinCachePin"
#define NCRYPT_PIN_CACHE_IS_GESTURE_REQUIRED_PROPERTY L"PinCacheIsGestureR
equired"
#define NCRYPT_PIN_CACHE_REQUIRE_GESTURE_FLAG 0x00000001
// The NCRYPT_PIN_CACHE_PIN_PROPERTY and NCRYPT_PIN_CACHE_APPLICATION_TICKET_PRO
PERTY properties
// return a 32 byte random unique ID encoded as a null terminated base64 Unicode
string. The string length
// is 32 * 4/3 + 1 characters = 45 characters, 90 bytes
#define NCRYPT_PIN_CACHE_PIN_BYTE_LENGTH 90
#define NCRYPT_PIN_CACHE_APPLICATION_TICKET_BYTE_LENGTH 90
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
typedef struct __NCRYPT_UI_POLICY typedef struct __NCRYPT_UI_POLICY
{ {
DWORD dwVersion; DWORD dwVersion;
DWORD dwFlags; DWORD dwFlags;
LPCWSTR pszCreationTitle; LPCWSTR pszCreationTitle;
LPCWSTR pszFriendlyName; LPCWSTR pszFriendlyName;
LPCWSTR pszDescription; LPCWSTR pszDescription;
} NCRYPT_UI_POLICY; } NCRYPT_UI_POLICY;
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_KEY_ACCESS_POLICY_VERSION 1
#define NCRYPT_ALLOW_SILENT_KEY_ACCESS 0x00000001
typedef struct __NCRYPT_KEY_ACCESS_POLICY_BLOB
{
DWORD dwVersion;
DWORD dwPolicyFlags;
DWORD cbUserSid;
DWORD cbApplicationSid;
// User Sid
// Application Sid
}NCRYPT_KEY_ACCESS_POLICY_BLOB;
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
// NCRYPT_LENGTHS_PROPERTY property structure. // NCRYPT_LENGTHS_PROPERTY property structure.
typedef struct __NCRYPT_SUPPORTED_LENGTHS typedef struct __NCRYPT_SUPPORTED_LENGTHS
{ {
DWORD dwMinLength; DWORD dwMinLength;
DWORD dwMaxLength; DWORD dwMaxLength;
DWORD dwIncrement; DWORD dwIncrement;
DWORD dwDefaultLength; DWORD dwDefaultLength;
} NCRYPT_SUPPORTED_LENGTHS; } NCRYPT_SUPPORTED_LENGTHS;
// NCryptGetProperty flags // NCryptGetProperty flags
skipping to change at line 706 skipping to change at line 849
WINAPI WINAPI
NCryptDeleteKey( NCryptDeleteKey(
_In_ NCRYPT_KEY_HANDLE hKey, _In_ NCRYPT_KEY_HANDLE hKey,
_In_ DWORD dwFlags); _In_ DWORD dwFlags);
SECURITY_STATUS SECURITY_STATUS
WINAPI WINAPI
NCryptFreeObject( NCryptFreeObject(
_In_ NCRYPT_HANDLE hObject); _In_ NCRYPT_HANDLE hObject);
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
BOOL BOOL
WINAPI WINAPI
NCryptIsKeyHandle( NCryptIsKeyHandle(
_In_ NCRYPT_KEY_HANDLE hKey); _In_ NCRYPT_KEY_HANDLE hKey);
_Check_return_ _Check_return_
SECURITY_STATUS SECURITY_STATUS
WINAPI WINAPI
NCryptTranslateHandle( NCryptTranslateHandle(
_Out_opt_ NCRYPT_PROV_HANDLE *phProvider, _Out_opt_ NCRYPT_PROV_HANDLE *phProvider,
_Out_ NCRYPT_KEY_HANDLE *phKey, _Out_ NCRYPT_KEY_HANDLE *phKey,
_In_ HCRYPTPROV hLegacyProv, _In_ HCRYPTPROV hLegacyProv,
_In_opt_ HCRYPTKEY hLegacyKey, _In_opt_ HCRYPTKEY hLegacyKey,
_In_opt_ DWORD dwLegacyKeySpec, _In_opt_ DWORD dwLegacyKeySpec,
_In_ DWORD dwFlags); _In_ DWORD dwFlags);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY
STEM) */
#pragma endregion
// NCryptNotifyChangeKey flags // NCryptNotifyChangeKey flags
#define NCRYPT_REGISTER_NOTIFY_FLAG 0x00000001 #define NCRYPT_REGISTER_NOTIFY_FLAG 0x00000001
#define NCRYPT_UNREGISTER_NOTIFY_FLAG 0x00000002 #define NCRYPT_UNREGISTER_NOTIFY_FLAG 0x00000002
#define NCRYPT_MACHINE_KEY_FLAG 0x00000020 #define NCRYPT_MACHINE_KEY_FLAG 0x00000020
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
_Check_return_ _Check_return_
SECURITY_STATUS SECURITY_STATUS
WINAPI WINAPI
NCryptNotifyChangeKey( NCryptNotifyChangeKey(
_In_ NCRYPT_PROV_HANDLE hProvider, _In_ NCRYPT_PROV_HANDLE hProvider,
_Inout_ HANDLE *phEvent, _Inout_ HANDLE *phEvent,
_In_ DWORD dwFlags); _In_ DWORD dwFlags);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY
STEM) */
#pragma endregion
_Check_return_ _Check_return_
SECURITY_STATUS SECURITY_STATUS
WINAPI WINAPI
NCryptSecretAgreement( NCryptSecretAgreement(
_In_ NCRYPT_KEY_HANDLE hPrivKey, _In_ NCRYPT_KEY_HANDLE hPrivKey,
_In_ NCRYPT_KEY_HANDLE hPubKey, _In_ NCRYPT_KEY_HANDLE hPubKey,
_Out_ NCRYPT_SECRET_HANDLE *phAgreedSecret, _Out_ NCRYPT_SECRET_HANDLE *phAgreedSecret,
_In_ DWORD dwFlags); _In_ DWORD dwFlags);
_Check_return_ _Check_return_
skipping to change at line 771 skipping to change at line 925
NCryptKeyDerivation( NCryptKeyDerivation(
_In_ NCRYPT_KEY_HANDLE hKey, _In_ NCRYPT_KEY_HANDLE hKey,
_In_opt_ NCryptBufferDesc *pParameterList, _In_opt_ NCryptBufferDesc *pParameterList,
_Out_writes_bytes_to_(cbDerivedKey, *pcbResult) PUCHAR pbDerivedKey, _Out_writes_bytes_to_(cbDerivedKey, *pcbResult) PUCHAR pbDerivedKey,
_In_ DWORD cbDerivedKey, _In_ DWORD cbDerivedKey,
_Out_ DWORD *pcbResult, _Out_ DWORD *pcbResult,
_In_ ULONG dwFlags); _In_ ULONG dwFlags);
#endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN8)
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
_Check_return_
SECURITY_STATUS
WINAPI
NCryptCreateClaim(
_In_ NCRYPT_KEY_HANDLE hSubjectKey,
_In_opt_ NCRYPT_KEY_HANDLE hAuthorityKey,
_In_ DWORD dwClaimType,
_In_opt_ NCryptBufferDesc *pParameterList,
_Out_writes_bytes_to_opt_(cbClaimBlob, *pcbResult) PBYTE pbClaimBlob,
_In_ DWORD cbClaimBlob,
_Out_ DWORD *pcbResult,
_In_ DWORD dwFlags);
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
_Check_return_
SECURITY_STATUS
WINAPI
NCryptVerifyClaim(
_In_ NCRYPT_KEY_HANDLE hSubjectKey,
_In_opt_ NCRYPT_KEY_HANDLE hAuthorityKey,
_In_ DWORD dwClaimType,
_In_opt_ NCryptBufferDesc *pParameterList,
_In_reads_bytes_(cbClaimBlob) PBYTE pbClaimBlob,
_In_ DWORD cbClaimBlob,
_Out_ NCryptBufferDesc *pOutput,
_In_ DWORD dwFlags);
#endif // (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
#define NCRYPT_KEY_STORAGE_INTERFACE_VERSION BCRYPT_MAKE_INTERFACE_VERSION(1,0) #define NCRYPT_KEY_STORAGE_INTERFACE_VERSION BCRYPT_MAKE_INTERFACE_VERSION(1,0)
#define NCRYPT_KEY_STORAGE_INTERFACE_VERSION_2 BCRYPT_MAKE_INTERFACE_VERSION(2,0 ) #define NCRYPT_KEY_STORAGE_INTERFACE_VERSION_2 BCRYPT_MAKE_INTERFACE_VERSION(2,0 )
#define NCRYPT_KEY_STORAGE_INTERFACE_VERSION_3 BCRYPT_MAKE_INTERFACE_VERSION(3,0
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */ )
#pragma endregion
#ifdef __cplusplus #ifdef __cplusplus
} // Balance extern "C" above } // Balance extern "C" above
#endif #endif
#if _MSC_VER >= 1200
#pragma warning(pop)
#endif
#endif // __NCRYPT_H__ #endif // __NCRYPT_H__
 End of changes. 41 change blocks. 
27 lines changed or deleted 232 lines changed or added


 ncryptprotect.h (6.3.9600.17415-Windows 8.1)   ncryptprotect.h (10.0.10586.0-Windows 10 1511 10586.494) 
skipping to change at line 25 skipping to change at line 25
// //
// //
// //
--------------------------------------------------------------------*/ --------------------------------------------------------------------*/
#if _MSC_VER > 1000 #if _MSC_VER > 1000
#pragma once #pragma once
#endif #endif
#include <winapifamily.h> #include <winapifamily.h>
#pragma region Desktop Family #pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) #if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
/* "C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C" * / /* "C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C""C" * /
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif /* __cplusplus */ #endif /* __cplusplus */
#define NCRYPT_DESCR_DELIMITER_OR L"OR" #define NCRYPT_DESCR_DELIMITER_OR L"OR"
#define NCRYPT_DESCR_DELIMITER_AND L"AND" #define NCRYPT_DESCR_DELIMITER_AND L"AND"
#define NCRYPT_DESCR_EQUAL L"=" #define NCRYPT_DESCR_EQUAL L"="
skipping to change at line 102 skipping to change at line 102
// //
#define NCRYPT_KEY_PROTECTION_ALGORITHM_WEBCREDENTIALS L"WEBCREDENTIALS" #define NCRYPT_KEY_PROTECTION_ALGORITHM_WEBCREDENTIALS L"WEBCREDENTIALS"
// //
// WEBCREDENTIALS=%Identity%[,%Source%] // WEBCREDENTIALS=%Identity%[,%Source%]
// //
// Credential Vault stores web passwords by Source:Identity name // Credential Vault stores web passwords by Source:Identity name
// If %Source% is not specified, then the default value will be used // If %Source% is not specified, then the default value will be used
// //
#define NCRYPT_KEY_PROTECTION_ALGORITHM_LOCKEDCREDENTIALS L"LOCKEDCREDENTIAL
S"
//
// LOCKEDCREDENTIALS=%ProtectionDomain%[,%EnterpriseID%]
//
#if (NTDDI_VERSION >= NTDDI_WINBLUE) #if (NTDDI_VERSION >= NTDDI_WINBLUE)
#define NCRYPT_KEY_PROTECTION_ALGORITHM_CERTIFICATE L"CERTIFICATE" #define NCRYPT_KEY_PROTECTION_ALGORITHM_CERTIFICATE L"CERTIFICATE"
#define NCRYPT_KEY_PROTECTION_CERT_HASHID L"HashId" #define NCRYPT_KEY_PROTECTION_CERT_HASHID L"HashId"
// //
// CERTIFICATE=HashId:%HexValue% // CERTIFICATE=HashId:%HexValue%
// //
// %HexValue% is hex-encoded SHA1 thumbprint of the certificate // %HexValue% is hex-encoded SHA1 thumbprint of the certificate
// //
#define NCRYPT_KEY_PROTECTION_CERT_CERTBLOB L"CertBlob" #define NCRYPT_KEY_PROTECTION_CERT_CERTBLOB L"CertBlob"
// //
skipping to change at line 667 skipping to change at line 672
****************************************************************************/ ****************************************************************************/
SECURITY_STATUS SECURITY_STATUS
WINAPI WINAPI
NCryptStreamOpenToUnprotect( NCryptStreamOpenToUnprotect(
_In_ NCRYPT_PROTECT_STREAM_INFO *pStreamInfo, _In_ NCRYPT_PROTECT_STREAM_INFO *pStreamInfo,
DWORD dwFlags, DWORD dwFlags,
_In_opt_ HWND hWnd, _In_opt_ HWND hWnd,
_Out_ NCRYPT_STREAM_HANDLE *phStream _Out_ NCRYPT_STREAM_HANDLE *phStream
); );
#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
/****************************************************************************
PFNCryptStreamOutputCallbackEx
pvCallbackCtxt
The arguments specified by NCRYPT_PROTECT_STREAM_INFO_EX.
pbData
A pointer to a block of processed data that is available to the application.
If
data is not available yet, but the descriptor is, this will be NULL.
cbData
The size, in bytes, of the block of processed data at pbData.
hDescriptor
Handle of Protection Descriptor.
fFinal
Specifies that the last block of data is being processed and that this
is the last time the callback will be executed.
Return Value
Returns a status code that indicates the success or failure of the function.
Possible return codes include, but are not limited to, the following.
ERROR_SUCCESS
NTE_INVALID_PARAMETER
NTE_BAD_FLAGS
NTE_BAD_DATA
NTE_NO_MEMORY
NTE_NOT_FOUND
NTE_NOT_SUPPORTED
NTE_INVALID_HANDLE
NTE_BAD_KEY
NTE_BAD_PROVIDER
NTE_BAD_TYPE
****************************************************************************/
typedef
SECURITY_STATUS
(WINAPI *PFNCryptStreamOutputCallbackEx)(
_In_ void *pvCallbackCtxt,
_In_reads_bytes_opt_(cbData)
const BYTE *pbData,
SIZE_T cbData,
_In_ NCRYPT_DESCRIPTOR_HANDLE hDescriptor,
BOOL fFinal
);
/****************************************************************************
NCRYPT_PROTECT_STREAM_INFO_EX
The NCRYPT_PROTECT_STREAM_INFO_EX structure is used to enable stream process
ing
of data rather than single block processing.
This structure is passed to the NCryptStreamOpenToUnprotectEx function. The
re
is not equivalent NCryptStreamOpenToProtectEx function, thus you need to use
the PFNCryptStreamOutputCallback, NCRYPT_PROTECT_STREAM_INFO and
NCryptStreamOpenToProtect functions.
pfnStreamOutput
[in] The address of a callback function used to read from and write
data to a disk when processing large messages.
pvCallbackCtxt
[in] A pointer to the argument to pass to the callback function.
****************************************************************************/
typedef struct NCRYPT_PROTECT_STREAM_INFO_EX {
PFNCryptStreamOutputCallbackEx pfnStreamOutput;
void *pvCallbackCtxt;
} NCRYPT_PROTECT_STREAM_INFO_EX;
/****************************************************************************
NCryptStreamOpenToUnprotectEx
pStreamInfo
[in] A pointer to NCRYPT_PROTECT_STREAM_INFO_EX.
dwFlags
The following flags are supported.
NCRYPT_SILENT_FLAG
hWnd
[in, optional] A window handle (HWND) to be used as the parent of any us
er
interface that is displayed.
phStream
[out] Receives a pointer to a stream handle.
Return Value
Returns a status code that indicates the success or failure of the funct
ion.
Possible return codes include, but are not limited to, the following.
ERROR_SUCCESS
NTE_INVALID_PARAMETER
NTE_BAD_FLAGS
NTE_BAD_DATA
NTE_NO_MEMORY
NTE_NOT_FOUND
NTE_NOT_SUPPORTED
NTE_INVALID_HANDLE
NTE_BAD_KEY
NTE_BAD_PROVIDER
NTE_BAD_TYPE
NTE_DECRYPTION_FAILURE
****************************************************************************/
SECURITY_STATUS
WINAPI
NCryptStreamOpenToUnprotectEx(
_In_ NCRYPT_PROTECT_STREAM_INFO_EX *pStreamInfo,
DWORD dwFlags,
_In_opt_ HWND hWnd,
_Out_ NCRYPT_STREAM_HANDLE *phStream
);
#endif
/**************************************************************************** /****************************************************************************
NCryptStreamUpdate NCryptStreamUpdate
The NCryptStreamUpdate encrypts or decrypts a chunk of data. The NCryptStreamUpdate encrypts or decrypts a chunk of data.
hStream hStream
[in] Handle returned by NCryptStreamOpenToProtect or [in] Handle returned by NCryptStreamOpenToProtect or
NCryptStreamOpenToUnprotect function. NCryptStreamOpenToUnprotect function.
pbData pbData
skipping to change at line 742 skipping to change at line 866
NCryptStreamClose( NCryptStreamClose(
_In_ NCRYPT_STREAM_HANDLE hStream _In_ NCRYPT_STREAM_HANDLE hStream
); );
#endif // (NTDDI_VERSION >= NTDDI_WIN8) #endif // (NTDDI_VERSION >= NTDDI_WIN8)
#ifdef __cplusplus #ifdef __cplusplus
} //extern "C" } //extern "C"
#endif /* __cplusplus */ #endif /* __cplusplus */
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */ #endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY STEM) */
#pragma endregion #pragma endregion
 End of changes. 4 change blocks. 
3 lines changed or deleted 133 lines changed or added

This html diff was produced by rfcdiff 1.41.