windows: add Wincrypt.h Cert related values

Values cross-referenced between Visual Studio 2017's "Wincrypt.h",
https://github.com/wine-mirror/wine/blob/master/include/wincrypt.h,
and the MSDN documentation at:

CertOpenStore:
    https://msdn.microsoft.com/en-us/library/windows/desktop/aa376559.aspx
CertAddCertificateContextToStore:
    https://msdn.microsoft.com/en-us/library/windows/desktop/aa376009.aspx
CertTrustStatus:
    https://msdn.microsoft.com/en-us/library/windows/desktop/aa377590.aspx
CertVerifyCertificateChainPolicy:
    https://msdn.microsoft.com/en-us/library/windows/desktop/aa377163.aspx
SSLExtraCertChainPolicyPara:
    https://msdn.microsoft.com/en-us/library/windows/desktop/aa387784.aspx

Change-Id: I143e10c4f47caa2550fb93cd10bdec00bbb2b32d
GitHub-Last-Rev: b4b8c6c41923912c7d5956ba57f55fcb2a57a163
GitHub-Pull-Request: golang/sys#15
Reviewed-on: https://go-review.googlesource.com/129275
Run-TryBot: Alex Brainman <alex.brainman@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Alex Brainman <alex.brainman@gmail.com>

windows/types_windows.go

@@ -270,15 +270,87 @@ const (
 	USAGE_MATCH_TYPE_AND = 0
 	USAGE_MATCH_TYPE_OR  = 1
 
+	/* msgAndCertEncodingType values for CertOpenStore function */
 	X509_ASN_ENCODING   = 0x00000001
 	PKCS_7_ASN_ENCODING = 0x00010000
 
-	CERT_STORE_PROV_MEMORY = 2
-
-	CERT_STORE_ADD_ALWAYS = 4
-
+	/* storeProvider values for CertOpenStore function */
+	CERT_STORE_PROV_MSG               = 1
+	CERT_STORE_PROV_MEMORY            = 2
+	CERT_STORE_PROV_FILE              = 3
+	CERT_STORE_PROV_REG               = 4
+	CERT_STORE_PROV_PKCS7             = 5
+	CERT_STORE_PROV_SERIALIZED        = 6
+	CERT_STORE_PROV_FILENAME_A        = 7
+	CERT_STORE_PROV_FILENAME_W        = 8
+	CERT_STORE_PROV_FILENAME          = CERT_STORE_PROV_FILENAME_W
+	CERT_STORE_PROV_SYSTEM_A          = 9
+	CERT_STORE_PROV_SYSTEM_W          = 10
+	CERT_STORE_PROV_SYSTEM            = CERT_STORE_PROV_SYSTEM_W
+	CERT_STORE_PROV_COLLECTION        = 11
+	CERT_STORE_PROV_SYSTEM_REGISTRY_A = 12
+	CERT_STORE_PROV_SYSTEM_REGISTRY_W = 13
+	CERT_STORE_PROV_SYSTEM_REGISTRY   = CERT_STORE_PROV_SYSTEM_REGISTRY_W
+	CERT_STORE_PROV_PHYSICAL_W        = 14
+	CERT_STORE_PROV_PHYSICAL          = CERT_STORE_PROV_PHYSICAL_W
+	CERT_STORE_PROV_SMART_CARD_W      = 15
+	CERT_STORE_PROV_SMART_CARD        = CERT_STORE_PROV_SMART_CARD_W
+	CERT_STORE_PROV_LDAP_W            = 16
+	CERT_STORE_PROV_LDAP              = CERT_STORE_PROV_LDAP_W
+	CERT_STORE_PROV_PKCS12            = 17
+
+	/* store characteristics (low WORD of flag) for CertOpenStore function */
+	CERT_STORE_NO_CRYPT_RELEASE_FLAG            = 0x00000001
+	CERT_STORE_SET_LOCALIZED_NAME_FLAG          = 0x00000002
 	CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG = 0x00000004
-
+	CERT_STORE_DELETE_FLAG                      = 0x00000010
+	CERT_STORE_UNSAFE_PHYSICAL_FLAG             = 0x00000020
+	CERT_STORE_SHARE_STORE_FLAG                 = 0x00000040
+	CERT_STORE_SHARE_CONTEXT_FLAG               = 0x00000080
+	CERT_STORE_MANIFOLD_FLAG                    = 0x00000100
+	CERT_STORE_ENUM_ARCHIVED_FLAG               = 0x00000200
+	CERT_STORE_UPDATE_KEYID_FLAG                = 0x00000400
+	CERT_STORE_BACKUP_RESTORE_FLAG              = 0x00000800
+	CERT_STORE_MAXIMUM_ALLOWED_FLAG             = 0x00001000
+	CERT_STORE_CREATE_NEW_FLAG                  = 0x00002000
+	CERT_STORE_OPEN_EXISTING_FLAG               = 0x00004000
+	CERT_STORE_READONLY_FLAG                    = 0x00008000
+
+	/* store locations (high WORD of flag) for CertOpenStore function */
+	CERT_SYSTEM_STORE_CURRENT_USER               = 0x00010000
+	CERT_SYSTEM_STORE_LOCAL_MACHINE              = 0x00020000
+	CERT_SYSTEM_STORE_CURRENT_SERVICE            = 0x00040000
+	CERT_SYSTEM_STORE_SERVICES                   = 0x00050000
+	CERT_SYSTEM_STORE_USERS                      = 0x00060000
+	CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY  = 0x00070000
+	CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY = 0x00080000
+	CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE   = 0x00090000
+	CERT_SYSTEM_STORE_UNPROTECTED_FLAG           = 0x40000000
+	CERT_SYSTEM_STORE_RELOCATE_FLAG              = 0x80000000
+
+	/* Miscellaneous high-WORD flags for CertOpenStore function */
+	CERT_REGISTRY_STORE_REMOTE_FLAG      = 0x00010000
+	CERT_REGISTRY_STORE_SERIALIZED_FLAG  = 0x00020000
+	CERT_REGISTRY_STORE_ROAMING_FLAG     = 0x00040000
+	CERT_REGISTRY_STORE_MY_IE_DIRTY_FLAG = 0x00080000
+	CERT_REGISTRY_STORE_LM_GPT_FLAG      = 0x01000000
+	CERT_REGISTRY_STORE_CLIENT_GPT_FLAG  = 0x80000000
+	CERT_FILE_STORE_COMMIT_ENABLE_FLAG   = 0x00010000
+	CERT_LDAP_STORE_SIGN_FLAG            = 0x00010000
+	CERT_LDAP_STORE_AREC_EXCLUSIVE_FLAG  = 0x00020000
+	CERT_LDAP_STORE_OPENED_FLAG          = 0x00040000
+	CERT_LDAP_STORE_UNBIND_FLAG          = 0x00080000
+
+	/* addDisposition values for CertAddCertificateContextToStore function */
+	CERT_STORE_ADD_NEW                                 = 1
+	CERT_STORE_ADD_USE_EXISTING                        = 2
+	CERT_STORE_ADD_REPLACE_EXISTING                    = 3
+	CERT_STORE_ADD_ALWAYS                              = 4
+	CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES = 5
+	CERT_STORE_ADD_NEWER                               = 6
+	CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES            = 7
+
+	/* ErrorStatus values for CertTrustStatus struct */
 	CERT_TRUST_NO_ERROR                          = 0x00000000
 	CERT_TRUST_IS_NOT_TIME_VALID                 = 0x00000001
 	CERT_TRUST_IS_REVOKED                        = 0x00000004
@@ -295,11 +367,31 @@ const (
 	CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT   = 0x00002000
 	CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT = 0x00004000
 	CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT      = 0x00008000
+	CERT_TRUST_IS_PARTIAL_CHAIN                  = 0x00010000
+	CERT_TRUST_CTL_IS_NOT_TIME_VALID             = 0x00020000
+	CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID        = 0x00040000
+	CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE        = 0x00080000
+	CERT_TRUST_HAS_WEAK_SIGNATURE                = 0x00100000
 	CERT_TRUST_IS_OFFLINE_REVOCATION             = 0x01000000
 	CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY          = 0x02000000
 	CERT_TRUST_IS_EXPLICIT_DISTRUST              = 0x04000000
 	CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT    = 0x08000000
 
+	/* InfoStatus values for CertTrustStatus struct */
+	CERT_TRUST_HAS_EXACT_MATCH_ISSUER        = 0x00000001
+	CERT_TRUST_HAS_KEY_MATCH_ISSUER          = 0x00000002
+	CERT_TRUST_HAS_NAME_MATCH_ISSUER         = 0x00000004
+	CERT_TRUST_IS_SELF_SIGNED                = 0x00000008
+	CERT_TRUST_HAS_PREFERRED_ISSUER          = 0x00000100
+	CERT_TRUST_HAS_ISSUANCE_CHAIN_POLICY     = 0x00000400
+	CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS    = 0x00000400
+	CERT_TRUST_IS_PEER_TRUSTED               = 0x00000800
+	CERT_TRUST_HAS_CRL_VALIDITY_EXTENDED     = 0x00001000
+	CERT_TRUST_IS_FROM_EXCLUSIVE_TRUST_STORE = 0x00002000
+	CERT_TRUST_IS_CA_TRUSTED                 = 0x00004000
+	CERT_TRUST_IS_COMPLEX_CHAIN              = 0x00010000
+
+	/* policyOID values for CertVerifyCertificateChainPolicy function */
 	CERT_CHAIN_POLICY_BASE              = 1
 	CERT_CHAIN_POLICY_AUTHENTICODE      = 2
 	CERT_CHAIN_POLICY_AUTHENTICODE_TS   = 3
@@ -308,6 +400,7 @@ const (
 	CERT_CHAIN_POLICY_NT_AUTH           = 6
 	CERT_CHAIN_POLICY_MICROSOFT_ROOT    = 7
 	CERT_CHAIN_POLICY_EV                = 8
+	CERT_CHAIN_POLICY_SSL_F12           = 9
 
 	CERT_E_EXPIRED       = 0x800B0101
 	CERT_E_ROLE          = 0x800B0103
@@ -315,8 +408,16 @@ const (
 	CERT_E_UNTRUSTEDROOT = 0x800B0109
 	CERT_E_CN_NO_MATCH   = 0x800B010F
 
+	/* AuthType values for SSLExtraCertChainPolicyPara struct */
 	AUTHTYPE_CLIENT = 1
 	AUTHTYPE_SERVER = 2
+
+	/* Checks values for SSLExtraCertChainPolicyPara struct */
+	SECURITY_FLAG_IGNORE_REVOCATION        = 0x00000080
+	SECURITY_FLAG_IGNORE_UNKNOWN_CA        = 0x00000100
+	SECURITY_FLAG_IGNORE_WRONG_USAGE       = 0x00000200
+	SECURITY_FLAG_IGNORE_CERT_CN_INVALID   = 0x00001000
+	SECURITY_FLAG_IGNORE_CERT_DATE_INVALID = 0x00002000
 )
 
 var (