From: Hans Leidekker hans@codeweavers.com
--- include/Makefile.in | 1 + include/windows.security.credentials.idl | 81 ++++++++++++++++++- .../windows.security.cryptography.core.idl | 46 +++++++++++ 3 files changed, 127 insertions(+), 1 deletion(-) create mode 100644 include/windows.security.cryptography.core.idl
diff --git a/include/Makefile.in b/include/Makefile.in index 2913b018a9b..45d9932339d 100644 --- a/include/Makefile.in +++ b/include/Makefile.in @@ -920,6 +920,7 @@ SOURCES = \ windows.security.credentials.idl \ windows.security.credentials.ui.idl \ windows.security.cryptography.idl \ + windows.security.cryptography.core.idl \ windows.security.enterprisedata.idl \ windows.security.exchangeactivesyncprovisioning.idl \ windows.security.isolation.idl \ diff --git a/include/windows.security.credentials.idl b/include/windows.security.credentials.idl index ca682baaf0e..35b739f29f3 100644 --- a/include/windows.security.credentials.idl +++ b/include/windows.security.credentials.idl @@ -25,27 +25,51 @@ import "asyncinfo.idl"; import "eventtoken.idl"; import "windowscontracts.idl"; import "windows.foundation.idl"; -/* import "windows.security.cryptography.core.idl"; */ +import "windows.security.cryptography.core.idl"; import "windows.storage.streams.idl"; import "windows.system.idl";
+namespace Windows.Security.Cryptography.Core { + typedef enum CryptographicPublicKeyBlobType CryptographicPublicKeyBlobType; +} + namespace Windows.Security.Credentials { + typedef enum KeyCredentialAttestationStatus KeyCredentialAttestationStatus; typedef enum KeyCredentialCreationOption KeyCredentialCreationOption; typedef enum KeyCredentialStatus KeyCredentialStatus;
interface IKeyCredential; + interface IKeyCredentialAttestationResult; interface IKeyCredentialManagerStatics; + interface IKeyCredentialOperationResult; interface IKeyCredentialRetrievalResult;
runtimeclass KeyCredential; + runtimeclass KeyCredentialAttestationResult; runtimeclass KeyCredentialManager; + runtimeclass KeyCredentialOperationResult; runtimeclass KeyCredentialRetrievalResult;
declare { + interface Windows.Foundation.AsyncOperationCompletedHandler<Windows.Security.Credentials.KeyCredentialAttestationResult *>; + interface Windows.Foundation.AsyncOperationCompletedHandler<Windows.Security.Credentials.KeyCredentialOperationResult *>; interface Windows.Foundation.AsyncOperationCompletedHandler<Windows.Security.Credentials.KeyCredentialRetrievalResult *>; + interface Windows.Foundation.IAsyncOperation<Windows.Security.Credentials.KeyCredentialAttestationResult *>; + interface Windows.Foundation.IAsyncOperation<Windows.Security.Credentials.KeyCredentialOperationResult *>; interface Windows.Foundation.IAsyncOperation<Windows.Security.Credentials.KeyCredentialRetrievalResult *>; }
+ [ + contract(Windows.Foundation.UniversalApiContract, 1.0) + ] + enum KeyCredentialAttestationStatus + { + Success = 0, + UnknownError = 1, + NotSupported = 2, + TemporaryFailure = 3, + }; + [ contract(Windows.Foundation.UniversalApiContract, 1.0) ] @@ -69,6 +93,32 @@ namespace Windows.Security.Credentials { SecurityDeviceLocked = 6, };
+ [ + contract(Windows.Foundation.UniversalApiContract, 1.0), + exclusiveto(Windows.Security.Credentials.KeyCredential), + uuid(9585ef8d-457b-4847-b11a-fa960bbdb138) + ] + interface IKeyCredential : IInspectable + { + [propget] HRESULT Name([out, retval] HSTRING *value); + [overload("RetrievePublicKey")] HRESULT RetrievePublicKeyWithDefaultBlobType([out, retval] Windows.Storage.Streams.IBuffer **value); + [overload("RetrievePublicKey")] HRESULT RetrievePublicKeyWithBlobType([in] Windows.Security.Cryptography.Core.CryptographicPublicKeyBlobType blobType, [out, retval] Windows.Storage.Streams.IBuffer **value); + HRESULT RequestSignAsync([in] Windows.Storage.Streams.IBuffer *data, [out, retval] Windows.Foundation.IAsyncOperation<Windows.Security.Credentials.KeyCredentialOperationResult *> **value); + HRESULT GetAttestationAsync([out, retval] Windows.Foundation.IAsyncOperation<Windows.Security.Credentials.KeyCredentialAttestationResult *> **value); + } + + [ + contract(Windows.Foundation.UniversalApiContract, 1.0), + exclusiveto(Windows.Security.Credentials.KeyCredentialAttestationResult), + uuid(78aab3a1-a3c1-4103-b6cc-472c44171cbb) + ] + interface IKeyCredentialAttestationResult : IInspectable + { + [propget] HRESULT CertificateChainBuffer([out, retval] Windows.Storage.Streams.IBuffer **value); + [propget] HRESULT AttestationBuffer([out, retval] Windows.Storage.Streams.IBuffer **value); + [propget] HRESULT Status([out, retval] Windows.Security.Credentials.KeyCredentialAttestationStatus *value); + } + [ contract(Windows.Foundation.UniversalApiContract, 1.0), exclusiveto(Windows.Security.Credentials.KeyCredentialManager), @@ -84,6 +134,17 @@ namespace Windows.Security.Credentials { HRESULT DeleteAsync(HSTRING name, [out, retval] Windows.Foundation.IAsyncAction **operation); }
+ [ + contract(Windows.Foundation.UniversalApiContract, 1.0), + exclusiveto(Windows.Security.Credentials.KeyCredentialOperationResult), + uuid(f53786c1-5261-4cdd-976d-cc909ac71620) + ] + interface IKeyCredentialOperationResult : IInspectable + { + [propget] HRESULT Result([out, retval] Windows.Storage.Streams.IBuffer **value); + [propget] HRESULT Status([out, retval] Windows.Security.Credentials.KeyCredentialStatus *value); + } + [ contract(Windows.Foundation.UniversalApiContract, 1.0), exclusiveto(Windows.Security.Credentials.KeyCredentialRetrievalResult), @@ -104,6 +165,15 @@ namespace Windows.Security.Credentials { [default] interface Windows.Security.Credentials.IKeyCredential; }
+ [ + contract(Windows.Foundation.UniversalApiContract, 1.0), + marshaling_behavior(agile) + ] + runtimeclass KeyCredentialAttestationResult + { + [default] interface Windows.Security.Credentials.IKeyCredentialAttestationResult; + } + [ contract(Windows.Foundation.UniversalApiContract, 1.0), marshaling_behavior(agile), @@ -114,6 +184,15 @@ namespace Windows.Security.Credentials { { }
+ [ + contract(Windows.Foundation.UniversalApiContract, 1.0), + marshaling_behavior(agile) + ] + runtimeclass KeyCredentialOperationResult + { + [default] interface Windows.Security.Credentials.IKeyCredentialOperationResult; + } + [ contract(Windows.Foundation.UniversalApiContract, 1.0), marshaling_behavior(agile) diff --git a/include/windows.security.cryptography.core.idl b/include/windows.security.cryptography.core.idl new file mode 100644 index 00000000000..48a7f4c85a9 --- /dev/null +++ b/include/windows.security.cryptography.core.idl @@ -0,0 +1,46 @@ +/* + * Copyright 2025 Hans Leidekker for CodeWeavers + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef __WIDL__ +#pragma winrt ns_prefix +#endif + +import "inspectable.idl"; +import "asyncinfo.idl"; +import "eventtoken.idl"; +import "windowscontracts.idl"; +import "windows.foundation.idl"; +/* import "windows.security.cryptography.certificates.idl"; */ +import "windows.storage.streams.idl"; + +namespace Windows.Security.Cryptography.Core { + typedef enum CryptographicPublicKeyBlobType CryptographicPublicKeyBlobType; + + [ + contract(Windows.Foundation.UniversalApiContract, 1.0) + ] + enum CryptographicPublicKeyBlobType + { + X509SubjectPublicKeyInfo = 0, + Pkcs1RsaPublicKey = 1, + BCryptPublicKey = 2, + Capi1PublicKey = 3, + [contract(Windows.Foundation.UniversalApiContract, 1.0)] + BCryptEccFullPublicKey = 4, + }; +}