Win32 API 日本語リファレンス
ホームSecurity.Cryptography.Certificates › PstValidate

PstValidate

関数
指定証明書がポリシーに照らして有効か検証する。
DLLcertpoleng.dll呼出規約winapi対応OSWindows 7 以降

シグネチャ

// certpoleng.dll
#include <windows.h>

NTSTATUS PstValidate(
    UNICODE_STRING* pTargetName,   // optional
    BOOL bIsClient,
    CERT_USAGE_MATCH* pRequestedIssuancePolicy,   // optional
    HCERTSTORE* phAdditionalCertStore,   // optional
    const CERT_CONTEXT* pCert,
    GUID* pProvGUID   // optional
);

パラメーター

名前方向説明
pTargetNameUNICODE_STRING*inoptional検証時の対象名を示すUNICODE_STRING構造体へのポインタ。NULL可。
bIsClientBOOLinTRUEでクライアント証明書、FALSEでサーバ証明書として検証する。
pRequestedIssuancePolicyCERT_USAGE_MATCH*inoptional要求する発行ポリシーを示すCERT_USAGE_MATCH構造体へのポインタ。NULL可。
phAdditionalCertStoreHCERTSTORE*inoptional検証に併用する追加証明書ストアのハンドルへのポインタ。NULL可。
pCertCERT_CONTEXT*in検証対象となる証明書のCERT_CONTEXTへのポインタ。
pProvGUIDGUID*outoptional検証に使用するプロバイダを示すGUIDへのポインタを受け取る。

戻り値の型: NTSTATUS

各言語での呼び出し定義

// certpoleng.dll
#include <windows.h>

NTSTATUS PstValidate(
    UNICODE_STRING* pTargetName,   // optional
    BOOL bIsClient,
    CERT_USAGE_MATCH* pRequestedIssuancePolicy,   // optional
    HCERTSTORE* phAdditionalCertStore,   // optional
    const CERT_CONTEXT* pCert,
    GUID* pProvGUID   // optional
);
[DllImport("certpoleng.dll", ExactSpelling = true)]
static extern int PstValidate(
    IntPtr pTargetName,   // UNICODE_STRING* optional
    bool bIsClient,   // BOOL
    IntPtr pRequestedIssuancePolicy,   // CERT_USAGE_MATCH* optional
    IntPtr phAdditionalCertStore,   // HCERTSTORE* optional
    IntPtr pCert,   // CERT_CONTEXT*
    IntPtr pProvGUID   // GUID* optional, out
);
<DllImport("certpoleng.dll", ExactSpelling:=True)>
Public Shared Function PstValidate(
    pTargetName As IntPtr,   ' UNICODE_STRING* optional
    bIsClient As Boolean,   ' BOOL
    pRequestedIssuancePolicy As IntPtr,   ' CERT_USAGE_MATCH* optional
    phAdditionalCertStore As IntPtr,   ' HCERTSTORE* optional
    pCert As IntPtr,   ' CERT_CONTEXT*
    pProvGUID As IntPtr   ' GUID* optional, out
) As Integer
End Function
' pTargetName : UNICODE_STRING* optional
' bIsClient : BOOL
' pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional
' phAdditionalCertStore : HCERTSTORE* optional
' pCert : CERT_CONTEXT*
' pProvGUID : GUID* optional, out
Declare PtrSafe Function PstValidate Lib "certpoleng" ( _
    ByVal pTargetName As LongPtr, _
    ByVal bIsClient As Long, _
    ByVal pRequestedIssuancePolicy As LongPtr, _
    ByVal phAdditionalCertStore As LongPtr, _
    ByVal pCert As LongPtr, _
    ByVal pProvGUID As LongPtr) As Long
' VBA7前提(PtrSafe)。32bit Office では LongPtr→Long。Integer=16bit / Long=32bit / LongLong=64bit。
import ctypes
from ctypes import wintypes

PstValidate = ctypes.windll.certpoleng.PstValidate
PstValidate.restype = ctypes.c_int
PstValidate.argtypes = [
    ctypes.c_void_p,  # pTargetName : UNICODE_STRING* optional
    wintypes.BOOL,  # bIsClient : BOOL
    ctypes.c_void_p,  # pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional
    ctypes.c_void_p,  # phAdditionalCertStore : HCERTSTORE* optional
    ctypes.c_void_p,  # pCert : CERT_CONTEXT*
    ctypes.c_void_p,  # pProvGUID : GUID* optional, out
]
require 'fiddle'
require 'fiddle/import'

lib = Fiddle.dlopen('certpoleng.dll')
PstValidate = Fiddle::Function.new(
  lib['PstValidate'],
  [
    Fiddle::TYPE_VOIDP,  # pTargetName : UNICODE_STRING* optional
    Fiddle::TYPE_INT,  # bIsClient : BOOL
    Fiddle::TYPE_VOIDP,  # pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional
    Fiddle::TYPE_VOIDP,  # phAdditionalCertStore : HCERTSTORE* optional
    Fiddle::TYPE_VOIDP,  # pCert : CERT_CONTEXT*
    Fiddle::TYPE_VOIDP,  # pProvGUID : GUID* optional, out
  ],
  Fiddle::TYPE_INT)
#[link(name = "certpoleng")]
extern "system" {
    fn PstValidate(
        pTargetName: *mut UNICODE_STRING,  // UNICODE_STRING* optional
        bIsClient: i32,  // BOOL
        pRequestedIssuancePolicy: *mut CERT_USAGE_MATCH,  // CERT_USAGE_MATCH* optional
        phAdditionalCertStore: *mut *mut core::ffi::c_void,  // HCERTSTORE* optional
        pCert: *const CERT_CONTEXT,  // CERT_CONTEXT*
        pProvGUID: *mut GUID  // GUID* optional, out
    ) -> i32;
}
// crates: windows-sys provides ready-made bindings for this API.
$sig = @"
[DllImport("certpoleng.dll")]
public static extern int PstValidate(IntPtr pTargetName, bool bIsClient, IntPtr pRequestedIssuancePolicy, IntPtr phAdditionalCertStore, IntPtr pCert, IntPtr pProvGUID);
"@
$api = Add-Type -MemberDefinition $sig -Name 'certpoleng_PstValidate' -Namespace Win32 -PassThru
# $api::PstValidate(pTargetName, bIsClient, pRequestedIssuancePolicy, phAdditionalCertStore, pCert, pProvGUID)
#uselib "certpoleng.dll"
#func global PstValidate "PstValidate" sptr, sptr, sptr, sptr, sptr, sptr
; PstValidate varptr(pTargetName), bIsClient, varptr(pRequestedIssuancePolicy), phAdditionalCertStore, varptr(pCert), varptr(pProvGUID)   ; 戻り値は stat
; pTargetName : UNICODE_STRING* optional -> "sptr"
; bIsClient : BOOL -> "sptr"
; pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional -> "sptr"
; phAdditionalCertStore : HCERTSTORE* optional -> "sptr"
; pCert : CERT_CONTEXT* -> "sptr"
; pProvGUID : GUID* optional, out -> "sptr"
; ※HSP3.7は #func のため戻り値はシステム変数 stat に格納されます。
出力引数:
#uselib "certpoleng.dll"
#cfunc global PstValidate "PstValidate" var, int, var, sptr, var, var
; res = PstValidate(pTargetName, bIsClient, pRequestedIssuancePolicy, phAdditionalCertStore, pCert, pProvGUID)
; pTargetName : UNICODE_STRING* optional -> "var"
; bIsClient : BOOL -> "int"
; pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional -> "var"
; phAdditionalCertStore : HCERTSTORE* optional -> "sptr"
; pCert : CERT_CONTEXT* -> "var"
; pProvGUID : GUID* optional, out -> "var"
; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。
出力引数:
; NTSTATUS PstValidate(UNICODE_STRING* pTargetName, BOOL bIsClient, CERT_USAGE_MATCH* pRequestedIssuancePolicy, HCERTSTORE* phAdditionalCertStore, CERT_CONTEXT* pCert, GUID* pProvGUID)
#uselib "certpoleng.dll"
#cfunc global PstValidate "PstValidate" var, int, var, intptr, var, var
; res = PstValidate(pTargetName, bIsClient, pRequestedIssuancePolicy, phAdditionalCertStore, pCert, pProvGUID)
; pTargetName : UNICODE_STRING* optional -> "var"
; bIsClient : BOOL -> "int"
; pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional -> "var"
; phAdditionalCertStore : HCERTSTORE* optional -> "intptr"
; pCert : CERT_CONTEXT* -> "var"
; pProvGUID : GUID* optional, out -> "var"
; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。
import (
	"golang.org/x/sys/windows"
	"unsafe"
)

var (
	certpoleng = windows.NewLazySystemDLL("certpoleng.dll")
	procPstValidate = certpoleng.NewProc("PstValidate")
)

// pTargetName (UNICODE_STRING* optional), bIsClient (BOOL), pRequestedIssuancePolicy (CERT_USAGE_MATCH* optional), phAdditionalCertStore (HCERTSTORE* optional), pCert (CERT_CONTEXT*), pProvGUID (GUID* optional, out)
r1, _, err := procPstValidate.Call(
	uintptr(pTargetName),
	uintptr(bIsClient),
	uintptr(pRequestedIssuancePolicy),
	uintptr(phAdditionalCertStore),
	uintptr(pCert),
	uintptr(pProvGUID),
)
_ = err  // syscall.Errno (valid when the call sets last-error)
_ = r1   // NTSTATUS
function PstValidate(
  pTargetName: Pointer;   // UNICODE_STRING* optional
  bIsClient: BOOL;   // BOOL
  pRequestedIssuancePolicy: Pointer;   // CERT_USAGE_MATCH* optional
  phAdditionalCertStore: Pointer;   // HCERTSTORE* optional
  pCert: Pointer;   // CERT_CONTEXT*
  pProvGUID: PGUID   // GUID* optional, out
): Integer; stdcall;
  external 'certpoleng.dll' name 'PstValidate';
result := DllCall("certpoleng\PstValidate"
    , "Ptr", pTargetName   ; UNICODE_STRING* optional
    , "Int", bIsClient   ; BOOL
    , "Ptr", pRequestedIssuancePolicy   ; CERT_USAGE_MATCH* optional
    , "Ptr", phAdditionalCertStore   ; HCERTSTORE* optional
    , "Ptr", pCert   ; CERT_CONTEXT*
    , "Ptr", pProvGUID   ; GUID* optional, out
    , "Int")   ; return: NTSTATUS
●PstValidate(pTargetName, bIsClient, pRequestedIssuancePolicy, phAdditionalCertStore, pCert, pProvGUID) = DLL("certpoleng.dll", "int PstValidate(void*, bool, void*, void*, void*, void*)")
# 呼び出し: PstValidate(pTargetName, bIsClient, pRequestedIssuancePolicy, phAdditionalCertStore, pCert, pProvGUID)
# pTargetName : UNICODE_STRING* optional -> "void*"
# bIsClient : BOOL -> "bool"
# pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional -> "void*"
# phAdditionalCertStore : HCERTSTORE* optional -> "void*"
# pCert : CERT_CONTEXT* -> "void*"
# pProvGUID : GUID* optional, out -> "void*"
# なでしこ1は32bit・ANSI(Shift_JIS)。文字列=char*(ANSI)、ポインタ/ハンドル=void*(4byte)。
const std = @import("std");

extern "certpoleng" fn PstValidate(
    pTargetName: [*c]UNICODE_STRING, // UNICODE_STRING* optional
    bIsClient: i32, // BOOL
    pRequestedIssuancePolicy: [*c]CERT_USAGE_MATCH, // CERT_USAGE_MATCH* optional
    phAdditionalCertStore: ?*anyopaque, // HCERTSTORE* optional
    pCert: [*c]CERT_CONTEXT, // CERT_CONTEXT*
    pProvGUID: [*c]GUID // GUID* optional, out
) callconv(std.os.windows.WINAPI) i32;
proc PstValidate(
    pTargetName: ptr UNICODE_STRING,  # UNICODE_STRING* optional
    bIsClient: int32,  # BOOL
    pRequestedIssuancePolicy: ptr CERT_USAGE_MATCH,  # CERT_USAGE_MATCH* optional
    phAdditionalCertStore: pointer,  # HCERTSTORE* optional
    pCert: ptr CERT_CONTEXT,  # CERT_CONTEXT*
    pProvGUID: ptr GUID  # GUID* optional, out
): int32 {.importc: "PstValidate", stdcall, dynlib: "certpoleng.dll".}
pragma(lib, "certpoleng");
extern(Windows)
int PstValidate(
    UNICODE_STRING* pTargetName,   // UNICODE_STRING* optional
    int bIsClient,   // BOOL
    CERT_USAGE_MATCH* pRequestedIssuancePolicy,   // CERT_USAGE_MATCH* optional
    void* phAdditionalCertStore,   // HCERTSTORE* optional
    CERT_CONTEXT* pCert,   // CERT_CONTEXT*
    GUID* pProvGUID   // GUID* optional, out
);
ccall((:PstValidate, "certpoleng.dll"), stdcall, Int32,
      (Ptr{UNICODE_STRING}, Int32, Ptr{CERT_USAGE_MATCH}, Ptr{Cvoid}, Ptr{CERT_CONTEXT}, Ptr{GUID}),
      pTargetName, bIsClient, pRequestedIssuancePolicy, phAdditionalCertStore, pCert, pProvGUID)
# pTargetName : UNICODE_STRING* optional -> Ptr{UNICODE_STRING}
# bIsClient : BOOL -> Int32
# pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional -> Ptr{CERT_USAGE_MATCH}
# phAdditionalCertStore : HCERTSTORE* optional -> Ptr{Cvoid}
# pCert : CERT_CONTEXT* -> Ptr{CERT_CONTEXT}
# pProvGUID : GUID* optional, out -> Ptr{GUID}
# stdcall は 32bit のみ意味を持つ(x64 では無視)。
local ffi = require("ffi")
ffi.cdef[[
int32_t PstValidate(
    void* pTargetName,
    int32_t bIsClient,
    void* pRequestedIssuancePolicy,
    void* phAdditionalCertStore,
    void* pCert,
    void* pProvGUID);
]]
local certpoleng = ffi.load("certpoleng")
-- certpoleng.PstValidate(pTargetName, bIsClient, pRequestedIssuancePolicy, phAdditionalCertStore, pCert, pProvGUID)
-- pTargetName : UNICODE_STRING* optional
-- bIsClient : BOOL
-- pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional
-- phAdditionalCertStore : HCERTSTORE* optional
-- pCert : CERT_CONTEXT*
-- pProvGUID : GUID* optional, out
-- 構造体/GUIDへのポインタは cdef が通るよう void* で表記(実型は各引数コメント参照)。値渡し構造体・enum は対応する typedef を cdef に追加すること。
const koffi = require('koffi');
const lib = koffi.load('certpoleng.dll');
const PstValidate = lib.func('__stdcall', 'PstValidate', 'int32_t', ['void *', 'int32_t', 'void *', 'void *', 'void *', 'void *']);
// PstValidate(pTargetName, bIsClient, pRequestedIssuancePolicy, phAdditionalCertStore, pCert, pProvGUID)
// pTargetName : UNICODE_STRING* optional -> 'void *'
// bIsClient : BOOL -> 'int32_t'
// pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional -> 'void *'
// phAdditionalCertStore : HCERTSTORE* optional -> 'void *'
// pCert : CERT_CONTEXT* -> 'void *'
// pProvGUID : GUID* optional, out -> 'void *'
// 出力ポインタは koffi.out(...) で包む。構造体は koffi.struct で定義。
const lib = Deno.dlopen("certpoleng.dll", {
  PstValidate: { parameters: ["pointer", "i32", "pointer", "pointer", "pointer", "pointer"], result: "i32" },
});
// lib.symbols.PstValidate(pTargetName, bIsClient, pRequestedIssuancePolicy, phAdditionalCertStore, pCert, pProvGUID)
// pTargetName : UNICODE_STRING* optional -> "pointer"
// bIsClient : BOOL -> "i32"
// pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional -> "pointer"
// phAdditionalCertStore : HCERTSTORE* optional -> "pointer"
// pCert : CERT_CONTEXT* -> "pointer"
// pProvGUID : GUID* optional, out -> "pointer"
// 文字列引数は "buffer"(NUL 終端のバイト列を Uint8Array で渡す)。
// 値渡し構造体は { struct: [ ...field types... ] } を使用。
<?php
$ffi = FFI::cdef(<<<C
int32_t PstValidate(
    void* pTargetName,
    int32_t bIsClient,
    void* pRequestedIssuancePolicy,
    void* phAdditionalCertStore,
    void* pCert,
    void* pProvGUID);
C, "certpoleng.dll");
// $ffi->PstValidate(pTargetName, bIsClient, pRequestedIssuancePolicy, phAdditionalCertStore, pCert, pProvGUID);
// pTargetName : UNICODE_STRING* optional
// bIsClient : BOOL
// pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional
// phAdditionalCertStore : HCERTSTORE* optional
// pCert : CERT_CONTEXT*
// pProvGUID : GUID* optional, out
// 構造体/GUIDへのポインタは cdef が通るよう void* で表記(実型は各引数コメント参照)。値渡し構造体・enum は対応する typedef を cdef に追加すること。
// WINAPI(stdcall): x64 では呼出規約が統一されるため問題なし。x86 では __stdcall 対応のラッパが必要な場合あり。
import com.sun.jna.*;
import com.sun.jna.ptr.*;
import com.sun.jna.win32.StdCallLibrary;
import com.sun.jna.win32.W32APIOptions;

public interface Certpoleng extends StdCallLibrary {
    Certpoleng INSTANCE = Native.load("certpoleng", Certpoleng.class);
    int PstValidate(
        Pointer pTargetName,   // UNICODE_STRING* optional
        boolean bIsClient,   // BOOL
        Pointer pRequestedIssuancePolicy,   // CERT_USAGE_MATCH* optional
        Pointer phAdditionalCertStore,   // HCERTSTORE* optional
        Pointer pCert,   // CERT_CONTEXT*
        Pointer pProvGUID   // GUID* optional, out
    );
}
@[Link("certpoleng")]
lib Libcertpoleng
  fun PstValidate = PstValidate(
    pTargetName : UNICODE_STRING*,   # UNICODE_STRING* optional
    bIsClient : Int32,   # BOOL
    pRequestedIssuancePolicy : CERT_USAGE_MATCH*,   # CERT_USAGE_MATCH* optional
    phAdditionalCertStore : Void*,   # HCERTSTORE* optional
    pCert : CERT_CONTEXT*,   # CERT_CONTEXT*
    pProvGUID : GUID*   # GUID* optional, out
  ) : Int32
end
# 構造体/GUID/enum は lib 内に対応する型定義が必要。
# 呼出規約: x64 は規約統一のため OK。x86(32bit)は WINAPI=stdcall だが Crystal の fun に stdcall 付与構文がなく非対応。
import 'dart:ffi';
import 'package:ffi/ffi.dart';

typedef PstValidateNative = Int32 Function(Pointer<Void>, Int32, Pointer<Void>, Pointer<Void>, Pointer<Void>, Pointer<Void>);
typedef PstValidateDart = int Function(Pointer<Void>, int, Pointer<Void>, Pointer<Void>, Pointer<Void>, Pointer<Void>);
final PstValidate = DynamicLibrary.open('certpoleng.dll')
    .lookupFunction<PstValidateNative, PstValidateDart>('PstValidate');
// pTargetName : UNICODE_STRING* optional -> Pointer<Void>
// bIsClient : BOOL -> Int32
// pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional -> Pointer<Void>
// phAdditionalCertStore : HCERTSTORE* optional -> Pointer<Void>
// pCert : CERT_CONTEXT* -> Pointer<Void>
// pProvGUID : GUID* optional, out -> Pointer<Void>
// 文字列は package:ffi の "...".toNativeUtf16()/toNativeUtf8() で変換。
{$mode objfpc}{$H+}
function PstValidate(
  pTargetName: Pointer;   // UNICODE_STRING* optional
  bIsClient: BOOL;   // BOOL
  pRequestedIssuancePolicy: Pointer;   // CERT_USAGE_MATCH* optional
  phAdditionalCertStore: Pointer;   // HCERTSTORE* optional
  pCert: Pointer;   // CERT_CONTEXT*
  pProvGUID: PGUID   // GUID* optional, out
): Integer; stdcall;
  external 'certpoleng.dll' name 'PstValidate';
import Foreign
import Foreign.C.Types
import Foreign.C.String

foreign import stdcall safe "PstValidate"
  c_PstValidate :: Ptr () -> CInt -> Ptr () -> Ptr () -> Ptr () -> Ptr () -> IO Int32
-- pTargetName : UNICODE_STRING* optional -> Ptr ()
-- bIsClient : BOOL -> CInt
-- pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional -> Ptr ()
-- phAdditionalCertStore : HCERTSTORE* optional -> Ptr ()
-- pCert : CERT_CONTEXT* -> Ptr ()
-- pProvGUID : GUID* optional, out -> Ptr ()
-- 要 GHC(Windows)。stdcall は x64 では ccall として扱われる。ブロックする API は safe 呼び出し推奨。
open Ctypes
open Foreign

let pstvalidate =
  foreign "PstValidate"
    ((ptr void) @-> int32_t @-> (ptr void) @-> (ptr void) @-> (ptr void) @-> (ptr void) @-> returning int32_t)
(* pTargetName : UNICODE_STRING* optional -> (ptr void) *)
(* bIsClient : BOOL -> int32_t *)
(* pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional -> (ptr void) *)
(* phAdditionalCertStore : HCERTSTORE* optional -> (ptr void) *)
(* pCert : CERT_CONTEXT* -> (ptr void) *)
(* pProvGUID : GUID* optional, out -> (ptr void) *)
(* foreign は cdecl 前提。x64 Windows では WINAPI と一致。構造体は ctypes structure を定義のこと。 *)
(cffi:define-foreign-library certpoleng (t "certpoleng.dll"))
(cffi:use-foreign-library certpoleng)

(cffi:defcfun ("PstValidate" pst-validate :convention :stdcall) :int32
  (p-target-name :pointer)   ; UNICODE_STRING* optional
  (b-is-client :int32)   ; BOOL
  (p-requested-issuance-policy :pointer)   ; CERT_USAGE_MATCH* optional
  (ph-additional-cert-store :pointer)   ; HCERTSTORE* optional
  (p-cert :pointer)   ; CERT_CONTEXT*
  (p-prov-guid :pointer))   ; GUID* optional, out
; isize/usize(INT_PTR/SIZE_T)は x64 前提で :int64/:uint64。x86 では :int32/:uint32。
use Win32::API;
my $PstValidate = Win32::API::More->new('certpoleng',
    'int PstValidate(LPVOID pTargetName, BOOL bIsClient, LPVOID pRequestedIssuancePolicy, HANDLE phAdditionalCertStore, LPVOID pCert, LPVOID pProvGUID)');
# my $ret = $PstValidate->Call($pTargetName, $bIsClient, $pRequestedIssuancePolicy, $phAdditionalCertStore, $pCert, $pProvGUID);
# pTargetName : UNICODE_STRING* optional -> LPVOID
# bIsClient : BOOL -> BOOL
# pRequestedIssuancePolicy : CERT_USAGE_MATCH* optional -> LPVOID
# phAdditionalCertStore : HCERTSTORE* optional -> HANDLE
# pCert : CERT_CONTEXT* -> LPVOID
# pProvGUID : GUID* optional, out -> LPVOID
# 値渡し構造体は pack() した文字列、または Win32::API::Struct を使用。

関連項目

使用する型