archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/published/inc/sspi.w

2071 lines
61 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992-1999.
  5. //
  6. // File: sspi.h
  7. //
  8. // Contents: Security Support Provider Interface
  9. // Prototypes and structure definitions
  10. //
  11. // Functions: Security Support Provider API
  12. //
  13. // History: 11-24-93 RichardW Created
  14. //
  15. //----------------------------------------------------------------------------
  17. // begin_ntifs
  18. #ifndef __SSPI_H__
  19. #define __SSPI_H__
  20. // end_ntifs
  22. #if _MSC_VER > 1000
  23. #pragma once
  24. #endif
  26. #ifdef __cplusplus
  27. extern "C" {
  28. #endif
  30. //
  31. // Determine environment:
  32. //
  34. #ifdef SECURITY_WIN32
  35. #define ISSP_LEVEL 32
  36. #define ISSP_MODE 1
  37. #endif // SECURITY_WIN32
  39. #ifdef SECURITY_KERNEL
  40. #define ISSP_LEVEL 32 // ntifs
  42. //
  43. // SECURITY_KERNEL trumps SECURITY_WIN32. Undefine ISSP_MODE so that
  44. // we don't get redefine errors.
  45. //
  46. #ifdef ISSP_MODE
  47. #undef ISSP_MODE
  48. #endif
  49. #define ISSP_MODE 0 // ntifs
  50. #endif // SECURITY_KERNEL
  52. #ifdef SECURITY_MAC
  53. #define ISSP_LEVEL 32
  54. #define ISSP_MODE 1
  55. #endif // SECURITY_MAC
  58. #ifndef ISSP_LEVEL
  59. #error You must define one of SECURITY_WIN32, SECURITY_KERNEL, or
  60. #error SECURITY_MAC
  61. #endif // !ISSP_LEVEL
  64. //
  65. // Now, define platform specific mappings:
  66. //
  69. // begin_ntifs
  71. typedef WCHAR SEC_WCHAR;
  72. typedef CHAR SEC_CHAR;
  74. #ifndef __SECSTATUS_DEFINED__
  75. typedef LONG SECURITY_STATUS;
  76. #define __SECSTATUS_DEFINED__
  77. #endif
  79. #define SEC_TEXT TEXT
  80. #define SEC_FAR
  81. #define SEC_ENTRY __stdcall
  83. // end_ntifs
  85. //
  86. // Decide what a string - 32 bits only since for 16 bits it is clear.
  87. //
  90. #ifdef UNICODE
  91. typedef SEC_WCHAR SEC_FAR * SECURITY_PSTR;
  92. typedef CONST SEC_WCHAR SEC_FAR * SECURITY_PCSTR;
  93. #else // UNICODE
  94. typedef SEC_CHAR SEC_FAR * SECURITY_PSTR;
  95. typedef CONST SEC_CHAR SEC_FAR * SECURITY_PCSTR;
  96. #endif // UNICODE
  100. //
  101. // Equivalent string for rpcrt:
  102. //
  104. #define __SEC_FAR SEC_FAR
  107. //
  108. // Okay, security specific types:
  109. //
  112. // begin_ntifs
  114. #ifndef __SECHANDLE_DEFINED__
  115. typedef struct _SecHandle
  116. {
  117. ULONG_PTR dwLower ;
  118. ULONG_PTR dwUpper ;
  119. } SecHandle, * PSecHandle ;
  121. #define __SECHANDLE_DEFINED__
  122. #endif // __SECHANDLE_DEFINED__
  124. #define SecInvalidateHandle( x ) \
  125. ((PSecHandle) x)->dwLower = ((ULONG_PTR) ((INT_PTR)-1)) ; \
  126. ((PSecHandle) x)->dwUpper = ((ULONG_PTR) ((INT_PTR)-1)) ; \
  128. #define SecIsValidHandle( x ) \
  129. ( ( ((PSecHandle) x)->dwLower != ((ULONG_PTR) ((INT_PTR) -1 ))) && \
  130. ( ((PSecHandle) x)->dwUpper != ((ULONG_PTR) ((INT_PTR) -1 ))) )
  132. typedef SecHandle CredHandle;
  133. typedef PSecHandle PCredHandle;
  135. typedef SecHandle CtxtHandle;
  136. typedef PSecHandle PCtxtHandle;
  138. // end_ntifs
  141. # ifdef WIN32_CHICAGO
  143. typedef unsigned __int64 QWORD;
  144. typedef QWORD SECURITY_INTEGER, *PSECURITY_INTEGER;
  145. #define SEC_SUCCESS(Status) ((Status) >= 0)
  147. # elif defined(_NTDEF_) || defined(_WINNT_)
  149. typedef LARGE_INTEGER _SECURITY_INTEGER, SECURITY_INTEGER, *PSECURITY_INTEGER; // ntifs
  151. # else // _NTDEF_ || _WINNT_
  153. typedef struct _SECURITY_INTEGER
  154. {
  155. unsigned long LowPart;
  156. long HighPart;
  157. } SECURITY_INTEGER, *PSECURITY_INTEGER;
  159. # endif // _NTDEF_ || _WINNT_
  161. # ifndef SECURITY_MAC
  163. typedef SECURITY_INTEGER TimeStamp; // ntifs
  164. typedef SECURITY_INTEGER SEC_FAR * PTimeStamp; // ntifs
  166. # else // SECURITY_MAC
  167. typedef unsigned long TimeStamp;
  168. typedef unsigned long * PTimeStamp;
  169. # endif // SECUIRT_MAC
  173. //
  174. // If we are in 32 bit mode, define the SECURITY_STRING structure,
  175. // as a clone of the base UNICODE_STRING structure. This is used
  176. // internally in security components, an as the string interface
  177. // for kernel components (e.g. FSPs)
  178. //
  180. # ifndef _NTDEF_
  181. typedef struct _SECURITY_STRING {
  182. unsigned short Length;
  183. unsigned short MaximumLength;
  184. # ifdef MIDL_PASS
  185. [size_is(MaximumLength / 2), length_is(Length / 2)]
  186. # endif // MIDL_PASS
  187. unsigned short * Buffer;
  188. } SECURITY_STRING, * PSECURITY_STRING;
  189. # else // _NTDEF_
  190. typedef UNICODE_STRING SECURITY_STRING, *PSECURITY_STRING; // ntifs
  191. # endif // _NTDEF_
  194. // begin_ntifs
  196. //
  197. // SecPkgInfo structure
  198. //
  199. // Provides general information about a security provider
  200. //
  202. typedef struct _SecPkgInfoW
  203. {
  204. unsigned long fCapabilities; // Capability bitmask
  205. unsigned short wVersion; // Version of driver
  206. unsigned short wRPCID; // ID for RPC Runtime
  207. unsigned long cbMaxToken; // Size of authentication token (max)
  208. #ifdef MIDL_PASS
  209. [string]
  210. #endif
  211. SEC_WCHAR SEC_FAR * Name; // Text name
  213. #ifdef MIDL_PASS
  214. [string]
  215. #endif
  216. SEC_WCHAR SEC_FAR * Comment; // Comment
  217. } SecPkgInfoW, SEC_FAR * PSecPkgInfoW;
  219. // end_ntifs
  221. typedef struct _SecPkgInfoA
  222. {
  223. unsigned long fCapabilities; // Capability bitmask
  224. unsigned short wVersion; // Version of driver
  225. unsigned short wRPCID; // ID for RPC Runtime
  226. unsigned long cbMaxToken; // Size of authentication token (max)
  227. #ifdef MIDL_PASS
  228. [string]
  229. #endif
  230. SEC_CHAR SEC_FAR * Name; // Text name
  232. #ifdef MIDL_PASS
  233. [string]
  234. #endif
  235. SEC_CHAR SEC_FAR * Comment; // Comment
  236. } SecPkgInfoA, SEC_FAR * PSecPkgInfoA;
  238. #ifdef UNICODE
  239. # define SecPkgInfo SecPkgInfoW // ntifs
  240. # define PSecPkgInfo PSecPkgInfoW // ntifs
  241. #else
  242. # define SecPkgInfo SecPkgInfoA
  243. # define PSecPkgInfo PSecPkgInfoA
  244. #endif // !UNICODE
  246. // begin_ntifs
  248. //
  249. // Security Package Capabilities
  250. //
  251. #define SECPKG_FLAG_INTEGRITY 0x00000001 // Supports integrity on messages
  252. #define SECPKG_FLAG_PRIVACY 0x00000002 // Supports privacy (confidentiality)
  253. #define SECPKG_FLAG_TOKEN_ONLY 0x00000004 // Only security token needed
  254. #define SECPKG_FLAG_DATAGRAM 0x00000008 // Datagram RPC support
  255. #define SECPKG_FLAG_CONNECTION 0x00000010 // Connection oriented RPC support
  256. #define SECPKG_FLAG_MULTI_REQUIRED 0x00000020 // Full 3-leg required for re-auth.
  257. #define SECPKG_FLAG_CLIENT_ONLY 0x00000040 // Server side functionality not available
  258. #define SECPKG_FLAG_EXTENDED_ERROR 0x00000080 // Supports extended error msgs
  259. #define SECPKG_FLAG_IMPERSONATION 0x00000100 // Supports impersonation
  260. #define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200 // Accepts Win32 names
  261. #define SECPKG_FLAG_STREAM 0x00000400 // Supports stream semantics
  262. #define SECPKG_FLAG_NEGOTIABLE 0x00000800 // Can be used by the negotiate package
  263. #define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000 // GSS Compatibility Available
  264. #define SECPKG_FLAG_LOGON 0x00002000 // Supports common LsaLogonUser
  265. #define SECPKG_FLAG_ASCII_BUFFERS 0x00004000 // Token Buffers are in ASCII
  266. #define SECPKG_FLAG_FRAGMENT 0x00008000 // Package can fragment to fit
  267. #define SECPKG_FLAG_MUTUAL_AUTH 0x00010000 // Package can perform mutual authentication
  268. #define SECPKG_FLAG_DELEGATION 0x00020000 // Package can delegate
  271. #define SECPKG_ID_NONE 0xFFFF
  274. //
  275. // SecBuffer
  276. //
  277. // Generic memory descriptors for buffers passed in to the security
  278. // API
  279. //
  281. typedef struct _SecBuffer {
  282. unsigned long cbBuffer; // Size of the buffer, in bytes
  283. unsigned long BufferType; // Type of the buffer (below)
  284. void SEC_FAR * pvBuffer; // Pointer to the buffer
  285. } SecBuffer, SEC_FAR * PSecBuffer;
  287. typedef struct _SecBufferDesc {
  288. unsigned long ulVersion; // Version number
  289. unsigned long cBuffers; // Number of buffers
  290. #ifdef MIDL_PASS
  291. [size_is(cBuffers)]
  292. #endif
  293. PSecBuffer pBuffers; // Pointer to array of buffers
  294. } SecBufferDesc, SEC_FAR * PSecBufferDesc;
  296. #define SECBUFFER_VERSION 0
  298. #define SECBUFFER_EMPTY 0 // Undefined, replaced by provider
  299. #define SECBUFFER_DATA 1 // Packet data
  300. #define SECBUFFER_TOKEN 2 // Security token
  301. #define SECBUFFER_PKG_PARAMS 3 // Package specific parameters
  302. #define SECBUFFER_MISSING 4 // Missing Data indicator
  303. #define SECBUFFER_EXTRA 5 // Extra data
  304. #define SECBUFFER_STREAM_TRAILER 6 // Security Trailer
  305. #define SECBUFFER_STREAM_HEADER 7 // Security Header
  306. #define SECBUFFER_NEGOTIATION_INFO 8 // Hints from the negotiation pkg
  307. #define SECBUFFER_PADDING 9 // non-data padding
  308. #define SECBUFFER_STREAM 10 // whole encrypted message
  309. #define SECBUFFER_MECHLIST 11
  310. #define SECBUFFER_MECHLIST_SIGNATURE 12
  311. #define SECBUFFER_TARGET 13
  312. #define SECBUFFER_CHANNEL_BINDINGS 14
  314. #define SECBUFFER_ATTRMASK 0xF0000000
  315. #define SECBUFFER_READONLY 0x80000000 // Buffer is read-only
  316. #define SECBUFFER_RESERVED 0x60000000 // Flags reserved to security system
  319. typedef struct _SEC_NEGOTIATION_INFO {
  320. unsigned long Size; // Size of this structure
  321. unsigned long NameLength; // Length of name hint
  322. SEC_WCHAR SEC_FAR * Name; // Name hint
  323. void SEC_FAR * Reserved; // Reserved
  324. } SEC_NEGOTIATION_INFO, SEC_FAR * PSEC_NEGOTIATION_INFO ;
  326. typedef struct _SEC_CHANNEL_BINDINGS {
  327. unsigned long dwInitiatorAddrType;
  328. unsigned long cbInitiatorLength;
  329. unsigned long dwInitiatorOffset;
  330. unsigned long dwAcceptorAddrType;
  331. unsigned long cbAcceptorLength;
  332. unsigned long dwAcceptorOffset;
  333. unsigned long cbApplicationDataLength;
  334. unsigned long dwApplicationDataOffset;
  335. } SEC_CHANNEL_BINDINGS, SEC_FAR * PSEC_CHANNEL_BINDINGS ;
  338. //
  339. // Data Representation Constant:
  340. //
  341. #define SECURITY_NATIVE_DREP 0x00000010
  342. #define SECURITY_NETWORK_DREP 0x00000000
  344. //
  345. // Credential Use Flags
  346. //
  347. #define SECPKG_CRED_INBOUND 0x00000001
  348. #define SECPKG_CRED_OUTBOUND 0x00000002
  349. #define SECPKG_CRED_BOTH 0x00000003
  350. #define SECPKG_CRED_DEFAULT 0x00000004
  351. #define SECPKG_CRED_RESERVED 0xF0000000
  353. //
  354. // InitializeSecurityContext Requirement and return flags:
  355. //
  357. #define ISC_REQ_DELEGATE 0x00000001
  358. #define ISC_REQ_MUTUAL_AUTH 0x00000002
  359. #define ISC_REQ_REPLAY_DETECT 0x00000004
  360. #define ISC_REQ_SEQUENCE_DETECT 0x00000008
  361. #define ISC_REQ_CONFIDENTIALITY 0x00000010
  362. #define ISC_REQ_USE_SESSION_KEY 0x00000020
  363. #define ISC_REQ_PROMPT_FOR_CREDS 0x00000040
  364. #define ISC_REQ_USE_SUPPLIED_CREDS 0x00000080
  365. #define ISC_REQ_ALLOCATE_MEMORY 0x00000100
  366. #define ISC_REQ_USE_DCE_STYLE 0x00000200
  367. #define ISC_REQ_DATAGRAM 0x00000400
  368. #define ISC_REQ_CONNECTION 0x00000800
  369. #define ISC_REQ_CALL_LEVEL 0x00001000
  370. #define ISC_REQ_FRAGMENT_SUPPLIED 0x00002000
  371. #define ISC_REQ_EXTENDED_ERROR 0x00004000
  372. #define ISC_REQ_STREAM 0x00008000
  373. #define ISC_REQ_INTEGRITY 0x00010000
  374. #define ISC_REQ_IDENTIFY 0x00020000
  375. #define ISC_REQ_NULL_SESSION 0x00040000
  376. #define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000
  377. #define ISC_REQ_RESERVED1 0x00100000
  378. #define ISC_REQ_FRAGMENT_TO_FIT 0x00200000
  380. #define ISC_RET_DELEGATE 0x00000001
  381. #define ISC_RET_MUTUAL_AUTH 0x00000002
  382. #define ISC_RET_REPLAY_DETECT 0x00000004
  383. #define ISC_RET_SEQUENCE_DETECT 0x00000008
  384. #define ISC_RET_CONFIDENTIALITY 0x00000010
  385. #define ISC_RET_USE_SESSION_KEY 0x00000020
  386. #define ISC_RET_USED_COLLECTED_CREDS 0x00000040
  387. #define ISC_RET_USED_SUPPLIED_CREDS 0x00000080
  388. #define ISC_RET_ALLOCATED_MEMORY 0x00000100
  389. #define ISC_RET_USED_DCE_STYLE 0x00000200
  390. #define ISC_RET_DATAGRAM 0x00000400
  391. #define ISC_RET_CONNECTION 0x00000800
  392. #define ISC_RET_INTERMEDIATE_RETURN 0x00001000
  393. #define ISC_RET_CALL_LEVEL 0x00002000
  394. #define ISC_RET_EXTENDED_ERROR 0x00004000
  395. #define ISC_RET_STREAM 0x00008000
  396. #define ISC_RET_INTEGRITY 0x00010000
  397. #define ISC_RET_IDENTIFY 0x00020000
  398. #define ISC_RET_NULL_SESSION 0x00040000
  399. #define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000
  400. #define ISC_RET_RESERVED1 0x00100000
  401. #define ISC_RET_FRAGMENT_ONLY 0x00200000
  403. #define ASC_REQ_DELEGATE 0x00000001
  404. #define ASC_REQ_MUTUAL_AUTH 0x00000002
  405. #define ASC_REQ_REPLAY_DETECT 0x00000004
  406. #define ASC_REQ_SEQUENCE_DETECT 0x00000008
  407. #define ASC_REQ_CONFIDENTIALITY 0x00000010
  408. #define ASC_REQ_USE_SESSION_KEY 0x00000020
  409. #define ASC_REQ_ALLOCATE_MEMORY 0x00000100
  410. #define ASC_REQ_USE_DCE_STYLE 0x00000200
  411. #define ASC_REQ_DATAGRAM 0x00000400
  412. #define ASC_REQ_CONNECTION 0x00000800
  413. #define ASC_REQ_CALL_LEVEL 0x00001000
  414. #define ASC_REQ_EXTENDED_ERROR 0x00008000
  415. #define ASC_REQ_STREAM 0x00010000
  416. #define ASC_REQ_INTEGRITY 0x00020000
  417. #define ASC_REQ_LICENSING 0x00040000
  418. #define ASC_REQ_IDENTIFY 0x00080000
  419. #define ASC_REQ_ALLOW_NULL_SESSION 0x00100000
  420. #define ASC_REQ_ALLOW_NON_USER_LOGONS 0x00200000
  421. #define ASC_REQ_ALLOW_CONTEXT_REPLAY 0x00400000
  422. #define ASC_REQ_FRAGMENT_TO_FIT 0x00800000
  423. #define ASC_REQ_FRAGMENT_SUPPLIED 0x00002000
  425. #define ASC_RET_DELEGATE 0x00000001
  426. #define ASC_RET_MUTUAL_AUTH 0x00000002
  427. #define ASC_RET_REPLAY_DETECT 0x00000004
  428. #define ASC_RET_SEQUENCE_DETECT 0x00000008
  429. #define ASC_RET_CONFIDENTIALITY 0x00000010
  430. #define ASC_RET_USE_SESSION_KEY 0x00000020
  431. #define ASC_RET_ALLOCATED_MEMORY 0x00000100
  432. #define ASC_RET_USED_DCE_STYLE 0x00000200
  433. #define ASC_RET_DATAGRAM 0x00000400
  434. #define ASC_RET_CONNECTION 0x00000800
  435. #define ASC_RET_CALL_LEVEL 0x00002000 // skipped 1000 to be like ISC_
  436. #define ASC_RET_THIRD_LEG_FAILED 0x00004000
  437. #define ASC_RET_EXTENDED_ERROR 0x00008000
  438. #define ASC_RET_STREAM 0x00010000
  439. #define ASC_RET_INTEGRITY 0x00020000
  440. #define ASC_RET_LICENSING 0x00040000
  441. #define ASC_RET_IDENTIFY 0x00080000
  442. #define ASC_RET_NULL_SESSION 0x00100000
  443. #define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000
  444. #define ASC_RET_ALLOW_CONTEXT_REPLAY 0x00400000
  445. #define ASC_RET_FRAGMENT_ONLY 0x00800000
  447. //
  448. // Security Credentials Attributes:
  449. //
  451. #define SECPKG_CRED_ATTR_NAMES 1
  453. typedef struct _SecPkgCredentials_NamesW
  454. {
  455. SEC_WCHAR SEC_FAR * sUserName;
  456. } SecPkgCredentials_NamesW, SEC_FAR * PSecPkgCredentials_NamesW;
  458. // end_ntifs
  460. typedef struct _SecPkgCredentials_NamesA
  461. {
  462. SEC_CHAR SEC_FAR * sUserName;
  463. } SecPkgCredentials_NamesA, SEC_FAR * PSecPkgCredentials_NamesA;
  465. #ifdef UNICODE
  466. # define SecPkgCredentials_Names SecPkgCredentials_NamesW // ntifs
  467. # define PSecPkgCredentials_Names PSecPkgCredentials_NamesW // ntifs
  468. #else
  469. # define SecPkgCredentials_Names SecPkgCredentials_NamesA
  470. # define PSecPkgCredentials_Names PSecPkgCredentials_NamesA
  471. #endif // !UNICODE
  473. // begin_ntifs
  475. //
  476. // Security Context Attributes:
  477. //
  479. #define SECPKG_ATTR_SIZES 0
  480. #define SECPKG_ATTR_NAMES 1
  481. #define SECPKG_ATTR_LIFESPAN 2
  482. #define SECPKG_ATTR_DCE_INFO 3
  483. #define SECPKG_ATTR_STREAM_SIZES 4
  484. #define SECPKG_ATTR_KEY_INFO 5
  485. #define SECPKG_ATTR_AUTHORITY 6
  486. #define SECPKG_ATTR_PROTO_INFO 7
  487. #define SECPKG_ATTR_PASSWORD_EXPIRY 8
  488. #define SECPKG_ATTR_SESSION_KEY 9
  489. #define SECPKG_ATTR_PACKAGE_INFO 10
  490. #define SECPKG_ATTR_USER_FLAGS 11
  491. #define SECPKG_ATTR_NEGOTIATION_INFO 12
  492. #define SECPKG_ATTR_NATIVE_NAMES 13
  493. #define SECPKG_ATTR_FLAGS 14
  494. #define SECPKG_ATTR_USE_VALIDATED 15
  495. #define SECPKG_ATTR_CREDENTIAL_NAME 16
  496. #define SECPKG_ATTR_TARGET_INFORMATION 17
  497. #define SECPKG_ATTR_ACCESS_TOKEN 18
  499. typedef struct _SecPkgContext_Sizes
  500. {
  501. unsigned long cbMaxToken;
  502. unsigned long cbMaxSignature;
  503. unsigned long cbBlockSize;
  504. unsigned long cbSecurityTrailer;
  505. } SecPkgContext_Sizes, SEC_FAR * PSecPkgContext_Sizes;
  507. typedef struct _SecPkgContext_StreamSizes
  508. {
  509. unsigned long cbHeader;
  510. unsigned long cbTrailer;
  511. unsigned long cbMaximumMessage;
  512. unsigned long cBuffers;
  513. unsigned long cbBlockSize;
  514. } SecPkgContext_StreamSizes, * PSecPkgContext_StreamSizes;
  516. typedef struct _SecPkgContext_NamesW
  517. {
  518. SEC_WCHAR SEC_FAR * sUserName;
  519. } SecPkgContext_NamesW, SEC_FAR * PSecPkgContext_NamesW;
  521. // end_ntifs
  523. typedef struct _SecPkgContext_NamesA
  524. {
  525. SEC_CHAR SEC_FAR * sUserName;
  526. } SecPkgContext_NamesA, SEC_FAR * PSecPkgContext_NamesA;
  528. #ifdef UNICODE
  529. # define SecPkgContext_Names SecPkgContext_NamesW // ntifs
  530. # define PSecPkgContext_Names PSecPkgContext_NamesW // ntifs
  531. #else
  532. # define SecPkgContext_Names SecPkgContext_NamesA
  533. # define PSecPkgContext_Names PSecPkgContext_NamesA
  534. #endif // !UNICODE
  536. // begin_ntifs
  538. typedef struct _SecPkgContext_Lifespan
  539. {
  540. TimeStamp tsStart;
  541. TimeStamp tsExpiry;
  542. } SecPkgContext_Lifespan, SEC_FAR * PSecPkgContext_Lifespan;
  544. typedef struct _SecPkgContext_DceInfo
  545. {
  546. unsigned long AuthzSvc;
  547. void SEC_FAR * pPac;
  548. } SecPkgContext_DceInfo, SEC_FAR * PSecPkgContext_DceInfo;
  550. // end_ntifs
  552. typedef struct _SecPkgContext_KeyInfoA
  553. {
  554. SEC_CHAR SEC_FAR * sSignatureAlgorithmName;
  555. SEC_CHAR SEC_FAR * sEncryptAlgorithmName;
  556. unsigned long KeySize;
  557. unsigned long SignatureAlgorithm;
  558. unsigned long EncryptAlgorithm;
  559. } SecPkgContext_KeyInfoA, SEC_FAR * PSecPkgContext_KeyInfoA;
  561. // begin_ntifs
  563. typedef struct _SecPkgContext_KeyInfoW
  564. {
  565. SEC_WCHAR SEC_FAR * sSignatureAlgorithmName;
  566. SEC_WCHAR SEC_FAR * sEncryptAlgorithmName;
  567. unsigned long KeySize;
  568. unsigned long SignatureAlgorithm;
  569. unsigned long EncryptAlgorithm;
  570. } SecPkgContext_KeyInfoW, SEC_FAR * PSecPkgContext_KeyInfoW;
  572. // end_ntifs
  574. #ifdef UNICODE
  575. #define SecPkgContext_KeyInfo SecPkgContext_KeyInfoW // ntifs
  576. #define PSecPkgContext_KeyInfo PSecPkgContext_KeyInfoW // ntifs
  577. #else
  578. #define SecPkgContext_KeyInfo SecPkgContext_KeyInfoA
  579. #define PSecPkgContext_KeyInfo PSecPkgContext_KeyInfoA
  580. #endif
  582. typedef struct _SecPkgContext_AuthorityA
  583. {
  584. SEC_CHAR SEC_FAR * sAuthorityName;
  585. } SecPkgContext_AuthorityA, * PSecPkgContext_AuthorityA;
  587. // begin_ntifs
  589. typedef struct _SecPkgContext_AuthorityW
  590. {
  591. SEC_WCHAR SEC_FAR * sAuthorityName;
  592. } SecPkgContext_AuthorityW, * PSecPkgContext_AuthorityW;
  594. // end_ntifs
  596. #ifdef UNICODE
  597. #define SecPkgContext_Authority SecPkgContext_AuthorityW // ntifs
  598. #define PSecPkgContext_Authority PSecPkgContext_AuthorityW // ntifs
  599. #else
  600. #define SecPkgContext_Authority SecPkgContext_AuthorityA
  601. #define PSecPkgContext_Authority PSecPkgContext_AuthorityA
  602. #endif
  604. typedef struct _SecPkgContext_ProtoInfoA
  605. {
  606. SEC_CHAR SEC_FAR * sProtocolName;
  607. unsigned long majorVersion;
  608. unsigned long minorVersion;
  609. } SecPkgContext_ProtoInfoA, SEC_FAR * PSecPkgContext_ProtoInfoA;
  611. // begin_ntifs
  613. typedef struct _SecPkgContext_ProtoInfoW
  614. {
  615. SEC_WCHAR SEC_FAR * sProtocolName;
  616. unsigned long majorVersion;
  617. unsigned long minorVersion;
  618. } SecPkgContext_ProtoInfoW, SEC_FAR * PSecPkgContext_ProtoInfoW;
  620. // end_ntifs
  622. #ifdef UNICODE
  623. #define SecPkgContext_ProtoInfo SecPkgContext_ProtoInfoW // ntifs
  624. #define PSecPkgContext_ProtoInfo PSecPkgContext_ProtoInfoW // ntifs
  625. #else
  626. #define SecPkgContext_ProtoInfo SecPkgContext_ProtoInfoA
  627. #define PSecPkgContext_ProtoInfo PSecPkgContext_ProtoInfoA
  628. #endif
  630. // begin_ntifs
  632. typedef struct _SecPkgContext_PasswordExpiry
  633. {
  634. TimeStamp tsPasswordExpires;
  635. } SecPkgContext_PasswordExpiry, SEC_FAR * PSecPkgContext_PasswordExpiry;
  637. typedef struct _SecPkgContext_SessionKey
  638. {
  639. unsigned long SessionKeyLength;
  640. unsigned char SEC_FAR * SessionKey;
  641. } SecPkgContext_SessionKey, *PSecPkgContext_SessionKey;
  644. typedef struct _SecPkgContext_PackageInfoW
  645. {
  646. PSecPkgInfoW PackageInfo;
  647. } SecPkgContext_PackageInfoW, SEC_FAR * PSecPkgContext_PackageInfoW;
  649. // end_ntifs
  651. typedef struct _SecPkgContext_PackageInfoA
  652. {
  653. PSecPkgInfoA PackageInfo;
  654. } SecPkgContext_PackageInfoA, SEC_FAR * PSecPkgContext_PackageInfoA;
  656. // begin_ntifs
  658. typedef struct _SecPkgContext_UserFlags
  659. {
  660. unsigned long UserFlags;
  661. } SecPkgContext_UserFlags, SEC_FAR * PSecPkgContext_UserFlags;
  663. typedef struct _SecPkgContext_Flags
  664. {
  665. unsigned long Flags;
  666. } SecPkgContext_Flags, SEC_FAR * PSecPkgContext_Flags;
  668. // end_ntifs
  670. #ifdef UNICODE
  671. #define SecPkgContext_PackageInfo SecPkgContext_PackageInfoW // ntifs
  672. #define PSecPkgContext_PackageInfo PSecPkgContext_PackageInfoW // ntifs
  673. #else
  674. #define SecPkgContext_PackageInfo SecPkgContext_PackageInfoA
  675. #define PSecPkgContext_PackageInfo PSecPkgContext_PackageInfoA
  676. #endif
  679. typedef struct _SecPkgContext_NegotiationInfoA
  680. {
  681. PSecPkgInfoA PackageInfo ;
  682. unsigned long NegotiationState ;
  683. } SecPkgContext_NegotiationInfoA, SEC_FAR * PSecPkgContext_NegotiationInfoA ;
  685. // begin_ntifs
  686. typedef struct _SecPkgContext_NegotiationInfoW
  687. {
  688. PSecPkgInfoW PackageInfo ;
  689. unsigned long NegotiationState ;
  690. } SecPkgContext_NegotiationInfoW, SEC_FAR * PSecPkgContext_NegotiationInfoW ;
  692. // end_ntifs
  694. #ifdef UNICODE
  695. #define SecPkgContext_NegotiationInfo SecPkgContext_NegotiationInfoW
  696. #define PSecPkgContext_NegotiationInfo PSecPkgContext_NegotiationInfoW
  697. #else
  698. #define SecPkgContext_NegotiationInfo SecPkgContext_NegotiationInfoA
  699. #define PSecPkgContext_NegotiationInfo PSecPkgContext_NegotiationInfoA
  700. #endif
  702. #define SECPKG_NEGOTIATION_COMPLETE 0
  703. #define SECPKG_NEGOTIATION_OPTIMISTIC 1
  704. #define SECPKG_NEGOTIATION_IN_PROGRESS 2
  705. #define SECPKG_NEGOTIATION_DIRECT 3
  708. typedef struct _SecPkgContext_NativeNamesW
  709. {
  710. SEC_WCHAR SEC_FAR * sClientName;
  711. SEC_WCHAR SEC_FAR * sServerName;
  712. } SecPkgContext_NativeNamesW, SEC_FAR * PSecPkgContext_NativeNamesW;
  714. typedef struct _SecPkgContext_NativeNamesA
  715. {
  716. SEC_CHAR SEC_FAR * sClientName;
  717. SEC_CHAR SEC_FAR * sServerName;
  718. } SecPkgContext_NativeNamesA, SEC_FAR * PSecPkgContext_NativeNamesA;
  721. #ifdef UNICODE
  722. # define SecPkgContext_NativeNames SecPkgContext_NativeNamesW // ntifs
  723. # define PSecPkgContext_NativeNames PSecPkgContext_NativeNamesW // ntifs
  724. #else
  725. # define SecPkgContext_NativeNames SecPkgContext_NativeNamesA
  726. # define PSecPkgContext_NativeNames PSecPkgContext_NativeNamesA
  727. #endif // !UNICODE
  729. // begin_ntifs
  730. typedef struct _SecPkgContext_CredentialNameW
  731. {
  732. unsigned long CredentialType;
  733. SEC_WCHAR SEC_FAR *sCredentialName;
  734. } SecPkgContext_CredentialNameW, SEC_FAR * PSecPkgContext_CredentialNameW;
  736. // end_ntifs
  738. typedef struct _SecPkgContext_CredentialNameA
  739. {
  740. unsigned long CredentialType;
  741. SEC_CHAR SEC_FAR *sCredentialName;
  742. } SecPkgContext_CredentialNameA, SEC_FAR * PSecPkgContext_CredentialNameA;
  744. #ifdef UNICODE
  745. # define SecPkgContext_CredentialName SecPkgContext_CredentialNameW // ntifs
  746. # define PSecPkgContext_CredentialName PSecPkgContext_CredentialNameW // ntifs
  747. #else
  748. # define SecPkgContext_CredentialName SecPkgContext_CredentialNameA
  749. # define PSecPkgContext_CredentialName PSecPkgContext_CredentialNameA
  750. #endif // !UNICODE
  752. typedef struct _SecPkgContext_AccessToken
  753. {
  754. void SEC_FAR * AccessToken;
  755. } SecPkgContext_AccessToken, SEC_FAR * PSecPkgContext_AccessToken;
  757. typedef struct _SecPkgContext_TargetInformation
  758. {
  759. unsigned long MarshalledTargetInfoLength;
  760. unsigned char SEC_FAR * MarshalledTargetInfo;
  762. } SecPkgContext_TargetInformation, SEC_FAR * PSecPkgContext_TargetInformation;
  765. // begin_ntifs
  767. typedef void
  768. (SEC_ENTRY SEC_FAR * SEC_GET_KEY_FN) (
  769. void SEC_FAR * Arg, // Argument passed in
  770. void SEC_FAR * Principal, // Principal ID
  771. unsigned long KeyVer, // Key Version
  772. void SEC_FAR * SEC_FAR * Key, // Returned ptr to key
  773. SECURITY_STATUS SEC_FAR * Status // returned status
  774. );
  776. //
  777. // Flags for ExportSecurityContext
  778. //
  780. #define SECPKG_CONTEXT_EXPORT_RESET_NEW 0x00000001 // New context is reset to initial state
  781. #define SECPKG_CONTEXT_EXPORT_DELETE_OLD 0x00000002 // Old context is deleted during export
  784. SECURITY_STATUS SEC_ENTRY
  785. AcquireCredentialsHandleW(
  786. #if ISSP_MODE == 0 // For Kernel mode
  787. PSECURITY_STRING pPrincipal,
  788. PSECURITY_STRING pPackage,
  789. #else
  790. SEC_WCHAR SEC_FAR * pszPrincipal, // Name of principal
  791. SEC_WCHAR SEC_FAR * pszPackage, // Name of package
  792. #endif
  793. unsigned long fCredentialUse, // Flags indicating use
  794. void SEC_FAR * pvLogonId, // Pointer to logon ID
  795. void SEC_FAR * pAuthData, // Package specific data
  796. SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func
  797. void SEC_FAR * pvGetKeyArgument, // Value to pass to GetKey()
  798. PCredHandle phCredential, // (out) Cred Handle
  799. PTimeStamp ptsExpiry // (out) Lifetime (optional)
  800. );
  802. typedef SECURITY_STATUS
  803. (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_W)(
  804. #if ISSP_MODE == 0
  805. PSECURITY_STRING,
  806. PSECURITY_STRING,
  807. #else
  808. SEC_WCHAR SEC_FAR *,
  809. SEC_WCHAR SEC_FAR *,
  810. #endif
  811. unsigned long,
  812. void SEC_FAR *,
  813. void SEC_FAR *,
  814. SEC_GET_KEY_FN,
  815. void SEC_FAR *,
  816. PCredHandle,
  817. PTimeStamp);
  819. // end_ntifs
  821. SECURITY_STATUS SEC_ENTRY
  822. AcquireCredentialsHandleA(
  823. SEC_CHAR SEC_FAR * pszPrincipal, // Name of principal
  824. SEC_CHAR SEC_FAR * pszPackage, // Name of package
  825. unsigned long fCredentialUse, // Flags indicating use
  826. void SEC_FAR * pvLogonId, // Pointer to logon ID
  827. void SEC_FAR * pAuthData, // Package specific data
  828. SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func
  829. void SEC_FAR * pvGetKeyArgument, // Value to pass to GetKey()
  830. PCredHandle phCredential, // (out) Cred Handle
  831. PTimeStamp ptsExpiry // (out) Lifetime (optional)
  832. );
  834. typedef SECURITY_STATUS
  835. (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_A)(
  836. SEC_CHAR SEC_FAR *,
  837. SEC_CHAR SEC_FAR *,
  838. unsigned long,
  839. void SEC_FAR *,
  840. void SEC_FAR *,
  841. SEC_GET_KEY_FN,
  842. void SEC_FAR *,
  843. PCredHandle,
  844. PTimeStamp);
  846. #ifdef UNICODE
  847. # define AcquireCredentialsHandle AcquireCredentialsHandleW // ntifs
  848. # define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W // ntifs
  849. #else
  850. # define AcquireCredentialsHandle AcquireCredentialsHandleA
  851. # define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_A
  852. #endif // !UNICODE
  854. // begin_ntifs
  856. SECURITY_STATUS SEC_ENTRY
  857. FreeCredentialsHandle(
  858. PCredHandle phCredential // Handle to free
  859. );
  861. typedef SECURITY_STATUS
  862. (SEC_ENTRY * FREE_CREDENTIALS_HANDLE_FN)(
  863. PCredHandle );
  865. SECURITY_STATUS SEC_ENTRY
  866. AddCredentialsW(
  867. PCredHandle hCredentials,
  868. #if ISSP_MODE == 0 // For Kernel mode
  869. PSECURITY_STRING pPrincipal,
  870. PSECURITY_STRING pPackage,
  871. #else
  872. SEC_WCHAR SEC_FAR * pszPrincipal, // Name of principal
  873. SEC_WCHAR SEC_FAR * pszPackage, // Name of package
  874. #endif
  875. unsigned long fCredentialUse, // Flags indicating use
  876. void SEC_FAR * pAuthData, // Package specific data
  877. SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func
  878. void SEC_FAR * pvGetKeyArgument, // Value to pass to GetKey()
  879. PTimeStamp ptsExpiry // (out) Lifetime (optional)
  880. );
  882. typedef SECURITY_STATUS
  883. (SEC_ENTRY * ADD_CREDENTIALS_FN_W)(
  884. PCredHandle,
  885. #if ISSP_MODE == 0
  886. PSECURITY_STRING,
  887. PSECURITY_STRING,
  888. #else
  889. SEC_WCHAR SEC_FAR *,
  890. SEC_WCHAR SEC_FAR *,
  891. #endif
  892. unsigned long,
  893. void SEC_FAR *,
  894. SEC_GET_KEY_FN,
  895. void SEC_FAR *,
  896. PTimeStamp);
  898. SECURITY_STATUS SEC_ENTRY
  899. AddCredentialsA(
  900. PCredHandle hCredentials,
  901. SEC_CHAR SEC_FAR * pszPrincipal, // Name of principal
  902. SEC_CHAR SEC_FAR * pszPackage, // Name of package
  903. unsigned long fCredentialUse, // Flags indicating use
  904. void SEC_FAR * pAuthData, // Package specific data
  905. SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func
  906. void SEC_FAR * pvGetKeyArgument, // Value to pass to GetKey()
  907. PTimeStamp ptsExpiry // (out) Lifetime (optional)
  908. );
  910. typedef SECURITY_STATUS
  911. (SEC_ENTRY * ADD_CREDENTIALS_FN_A)(
  912. PCredHandle,
  913. SEC_CHAR SEC_FAR *,
  914. SEC_CHAR SEC_FAR *,
  915. unsigned long,
  916. void SEC_FAR *,
  917. SEC_GET_KEY_FN,
  918. void SEC_FAR *,
  919. PTimeStamp);
  921. #ifdef UNICODE
  922. #define AddCredentials AddCredentialsW
  923. #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W
  924. #else
  925. #define AddCredentials AddCredentialsA
  926. #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A
  927. #endif
  929. // end_ntifs
  931. #ifdef WIN32_CHICAGO
  932. SECURITY_STATUS SEC_ENTRY
  933. SspiLogonUserW(
  934. SEC_WCHAR SEC_FAR * pszPackage, // Name of package
  935. SEC_WCHAR SEC_FAR * pszUserName, // Name of package
  936. SEC_WCHAR SEC_FAR * pszDomainName, // Name of package
  937. SEC_WCHAR SEC_FAR * pszPassword // Name of package
  938. );
  940. typedef SECURITY_STATUS
  941. (SEC_ENTRY * SSPI_LOGON_USER_FN_W)(
  942. SEC_CHAR SEC_FAR *,
  943. SEC_CHAR SEC_FAR *,
  944. SEC_CHAR SEC_FAR *,
  945. SEC_CHAR SEC_FAR *);
  947. SECURITY_STATUS SEC_ENTRY
  948. SspiLogonUserA(
  949. SEC_CHAR SEC_FAR * pszPackage, // Name of package
  950. SEC_CHAR SEC_FAR * pszUserName, // Name of package
  951. SEC_CHAR SEC_FAR * pszDomainName, // Name of package
  952. SEC_CHAR SEC_FAR * pszPassword // Name of package
  953. );
  955. typedef SECURITY_STATUS
  956. (SEC_ENTRY * SSPI_LOGON_USER_FN_A)(
  957. SEC_CHAR SEC_FAR *,
  958. SEC_CHAR SEC_FAR *,
  959. SEC_CHAR SEC_FAR *,
  960. SEC_CHAR SEC_FAR *);
  962. #ifdef UNICODE
  963. #define SspiLogonUser SspiLogonUserW // ntifs
  964. #define SSPI_LOGON_USER_FN SSPI_LOGON_USER_FN_W
  965. #else
  966. #define SspiLogonUser SspiLogonUserA
  967. #define SSPI_LOGON_USER_FN SSPI_LOGON_USER_FN_A
  968. #endif // !UNICODE
  969. #endif // WIN32_CHICAGO
  972. // begin_ntifs
  974. ////////////////////////////////////////////////////////////////////////
  975. ///
  976. /// Context Management Functions
  977. ///
  978. ////////////////////////////////////////////////////////////////////////
  980. SECURITY_STATUS SEC_ENTRY
  981. InitializeSecurityContextW(
  982. PCredHandle phCredential, // Cred to base context
  983. PCtxtHandle phContext, // Existing context (OPT)
  984. #if ISSP_MODE == 0
  985. PSECURITY_STRING pTargetName,
  986. #else
  987. SEC_WCHAR SEC_FAR * pszTargetName, // Name of target
  988. #endif
  989. unsigned long fContextReq, // Context Requirements
  990. unsigned long Reserved1, // Reserved, MBZ
  991. unsigned long TargetDataRep, // Data rep of target
  992. PSecBufferDesc pInput, // Input Buffers
  993. unsigned long Reserved2, // Reserved, MBZ
  994. PCtxtHandle phNewContext, // (out) New Context handle
  995. PSecBufferDesc pOutput, // (inout) Output Buffers
  996. unsigned long SEC_FAR * pfContextAttr, // (out) Context attrs
  997. PTimeStamp ptsExpiry // (out) Life span (OPT)
  998. );
  1000. typedef SECURITY_STATUS
  1001. (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_W)(
  1002. PCredHandle,
  1003. PCtxtHandle,
  1004. #if ISSP_MODE == 0
  1005. PSECURITY_STRING,
  1006. #else
  1007. SEC_WCHAR SEC_FAR *,
  1008. #endif
  1009. unsigned long,
  1010. unsigned long,
  1011. unsigned long,
  1012. PSecBufferDesc,
  1013. unsigned long,
  1014. PCtxtHandle,
  1015. PSecBufferDesc,
  1016. unsigned long SEC_FAR *,
  1017. PTimeStamp);
  1019. // end_ntifs
  1021. SECURITY_STATUS SEC_ENTRY
  1022. InitializeSecurityContextA(
  1023. PCredHandle phCredential, // Cred to base context
  1024. PCtxtHandle phContext, // Existing context (OPT)
  1025. SEC_CHAR SEC_FAR * pszTargetName, // Name of target
  1026. unsigned long fContextReq, // Context Requirements
  1027. unsigned long Reserved1, // Reserved, MBZ
  1028. unsigned long TargetDataRep, // Data rep of target
  1029. PSecBufferDesc pInput, // Input Buffers
  1030. unsigned long Reserved2, // Reserved, MBZ
  1031. PCtxtHandle phNewContext, // (out) New Context handle
  1032. PSecBufferDesc pOutput, // (inout) Output Buffers
  1033. unsigned long SEC_FAR * pfContextAttr, // (out) Context attrs
  1034. PTimeStamp ptsExpiry // (out) Life span (OPT)
  1035. );
  1037. typedef SECURITY_STATUS
  1038. (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_A)(
  1039. PCredHandle,
  1040. PCtxtHandle,
  1041. SEC_CHAR SEC_FAR *,
  1042. unsigned long,
  1043. unsigned long,
  1044. unsigned long,
  1045. PSecBufferDesc,
  1046. unsigned long,
  1047. PCtxtHandle,
  1048. PSecBufferDesc,
  1049. unsigned long SEC_FAR *,
  1050. PTimeStamp);
  1052. #ifdef UNICODE
  1053. # define InitializeSecurityContext InitializeSecurityContextW // ntifs
  1054. # define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W // ntifs
  1055. #else
  1056. # define InitializeSecurityContext InitializeSecurityContextA
  1057. # define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_A
  1058. #endif // !UNICODE
  1060. // begin_ntifs
  1062. SECURITY_STATUS SEC_ENTRY
  1063. AcceptSecurityContext(
  1064. PCredHandle phCredential, // Cred to base context
  1065. PCtxtHandle phContext, // Existing context (OPT)
  1066. PSecBufferDesc pInput, // Input buffer
  1067. unsigned long fContextReq, // Context Requirements
  1068. unsigned long TargetDataRep, // Target Data Rep
  1069. PCtxtHandle phNewContext, // (out) New context handle
  1070. PSecBufferDesc pOutput, // (inout) Output buffers
  1071. unsigned long SEC_FAR * pfContextAttr, // (out) Context attributes
  1072. PTimeStamp ptsExpiry // (out) Life span (OPT)
  1073. );
  1075. typedef SECURITY_STATUS
  1076. (SEC_ENTRY * ACCEPT_SECURITY_CONTEXT_FN)(
  1077. PCredHandle,
  1078. PCtxtHandle,
  1079. PSecBufferDesc,
  1080. unsigned long,
  1081. unsigned long,
  1082. PCtxtHandle,
  1083. PSecBufferDesc,
  1084. unsigned long SEC_FAR *,
  1085. PTimeStamp);
  1089. SECURITY_STATUS SEC_ENTRY
  1090. CompleteAuthToken(
  1091. PCtxtHandle phContext, // Context to complete
  1092. PSecBufferDesc pToken // Token to complete
  1093. );
  1095. typedef SECURITY_STATUS
  1096. (SEC_ENTRY * COMPLETE_AUTH_TOKEN_FN)(
  1097. PCtxtHandle,
  1098. PSecBufferDesc);
  1101. SECURITY_STATUS SEC_ENTRY
  1102. ImpersonateSecurityContext(
  1103. PCtxtHandle phContext // Context to impersonate
  1104. );
  1106. typedef SECURITY_STATUS
  1107. (SEC_ENTRY * IMPERSONATE_SECURITY_CONTEXT_FN)(
  1108. PCtxtHandle);
  1112. SECURITY_STATUS SEC_ENTRY
  1113. RevertSecurityContext(
  1114. PCtxtHandle phContext // Context from which to re
  1115. );
  1117. typedef SECURITY_STATUS
  1118. (SEC_ENTRY * REVERT_SECURITY_CONTEXT_FN)(
  1119. PCtxtHandle);
  1122. SECURITY_STATUS SEC_ENTRY
  1123. QuerySecurityContextToken(
  1124. PCtxtHandle phContext,
  1125. void SEC_FAR * SEC_FAR * Token
  1126. );
  1128. typedef SECURITY_STATUS
  1129. (SEC_ENTRY * QUERY_SECURITY_CONTEXT_TOKEN_FN)(
  1130. PCtxtHandle, void SEC_FAR * SEC_FAR *);
  1134. SECURITY_STATUS SEC_ENTRY
  1135. DeleteSecurityContext(
  1136. PCtxtHandle phContext // Context to delete
  1137. );
  1139. typedef SECURITY_STATUS
  1140. (SEC_ENTRY * DELETE_SECURITY_CONTEXT_FN)(
  1141. PCtxtHandle);
  1145. SECURITY_STATUS SEC_ENTRY
  1146. ApplyControlToken(
  1147. PCtxtHandle phContext, // Context to modify
  1148. PSecBufferDesc pInput // Input token to apply
  1149. );
  1151. typedef SECURITY_STATUS
  1152. (SEC_ENTRY * APPLY_CONTROL_TOKEN_FN)(
  1153. PCtxtHandle, PSecBufferDesc);
  1157. SECURITY_STATUS SEC_ENTRY
  1158. QueryContextAttributesW(
  1159. PCtxtHandle phContext, // Context to query
  1160. unsigned long ulAttribute, // Attribute to query
  1161. void SEC_FAR * pBuffer // Buffer for attributes
  1162. );
  1164. typedef SECURITY_STATUS
  1165. (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)(
  1166. PCtxtHandle,
  1167. unsigned long,
  1168. void SEC_FAR *);
  1170. // end_ntifs
  1172. SECURITY_STATUS SEC_ENTRY
  1173. QueryContextAttributesA(
  1174. PCtxtHandle phContext, // Context to query
  1175. unsigned long ulAttribute, // Attribute to query
  1176. void SEC_FAR * pBuffer // Buffer for attributes
  1177. );
  1179. typedef SECURITY_STATUS
  1180. (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_A)(
  1181. PCtxtHandle,
  1182. unsigned long,
  1183. void SEC_FAR *);
  1185. #ifdef UNICODE
  1186. # define QueryContextAttributes QueryContextAttributesW // ntifs
  1187. # define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W // ntifs
  1188. #else
  1189. # define QueryContextAttributes QueryContextAttributesA
  1190. # define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_A
  1191. #endif // !UNICODE
  1193. // begin_ntifs
  1194. SECURITY_STATUS SEC_ENTRY
  1195. SetContextAttributesW(
  1196. PCtxtHandle phContext, // Context to Set
  1197. unsigned long ulAttribute, // Attribute to Set
  1198. void SEC_FAR * pBuffer, // Buffer for attributes
  1199. unsigned long cbBuffer // Size (in bytes) of Buffer
  1200. );
  1202. typedef SECURITY_STATUS
  1203. (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_W)(
  1204. PCtxtHandle,
  1205. unsigned long,
  1206. void SEC_FAR *,
  1207. unsigned long );
  1209. // end_ntifs
  1211. SECURITY_STATUS SEC_ENTRY
  1212. SetContextAttributesA(
  1213. PCtxtHandle phContext, // Context to Set
  1214. unsigned long ulAttribute, // Attribute to Set
  1215. void SEC_FAR * pBuffer, // Buffer for attributes
  1216. unsigned long cbBuffer // Size (in bytes) of Buffer
  1217. );
  1219. typedef SECURITY_STATUS
  1220. (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_A)(
  1221. PCtxtHandle,
  1222. unsigned long,
  1223. void SEC_FAR *,
  1224. unsigned long );
  1226. #ifdef UNICODE
  1227. # define SetContextAttributes SetContextAttributesW // ntifs
  1228. # define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W // ntifs
  1229. #else
  1230. # define SetContextAttributes SetContextAttributesA
  1231. # define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_A
  1232. #endif // !UNICODE
  1234. // begin_ntifs
  1236. SECURITY_STATUS SEC_ENTRY
  1237. QueryCredentialsAttributesW(
  1238. PCredHandle phCredential, // Credential to query
  1239. unsigned long ulAttribute, // Attribute to query
  1240. void SEC_FAR * pBuffer // Buffer for attributes
  1241. );
  1243. typedef SECURITY_STATUS
  1244. (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(
  1245. PCredHandle,
  1246. unsigned long,
  1247. void SEC_FAR *);
  1249. // end_ntifs
  1251. SECURITY_STATUS SEC_ENTRY
  1252. QueryCredentialsAttributesA(
  1253. PCredHandle phCredential, // Credential to query
  1254. unsigned long ulAttribute, // Attribute to query
  1255. void SEC_FAR * pBuffer // Buffer for attributes
  1256. );
  1258. typedef SECURITY_STATUS
  1259. (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(
  1260. PCredHandle,
  1261. unsigned long,
  1262. void SEC_FAR *);
  1264. #ifdef UNICODE
  1265. # define QueryCredentialsAttributes QueryCredentialsAttributesW // ntifs
  1266. # define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W // ntifs
  1267. #else
  1268. # define QueryCredentialsAttributes QueryCredentialsAttributesA
  1269. # define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_A
  1270. #endif // !UNICODE
  1272. // begin_ntifs
  1274. SECURITY_STATUS SEC_ENTRY
  1275. FreeContextBuffer(
  1276. void SEC_FAR * pvContextBuffer // buffer to free
  1277. );
  1279. typedef SECURITY_STATUS
  1280. (SEC_ENTRY * FREE_CONTEXT_BUFFER_FN)(
  1281. void SEC_FAR *);
  1283. // end_ntifs
  1285. // begin_ntifs
  1286. ///////////////////////////////////////////////////////////////////
  1287. ////
  1288. //// Message Support API
  1289. ////
  1290. //////////////////////////////////////////////////////////////////
  1292. SECURITY_STATUS SEC_ENTRY
  1293. MakeSignature(
  1294. PCtxtHandle phContext, // Context to use
  1295. unsigned long fQOP, // Quality of Protection
  1296. PSecBufferDesc pMessage, // Message to sign
  1297. unsigned long MessageSeqNo // Message Sequence Num.
  1298. );
  1300. typedef SECURITY_STATUS
  1301. (SEC_ENTRY * MAKE_SIGNATURE_FN)(
  1302. PCtxtHandle,
  1303. unsigned long,
  1304. PSecBufferDesc,
  1305. unsigned long);
  1309. SECURITY_STATUS SEC_ENTRY
  1310. VerifySignature(
  1311. PCtxtHandle phContext, // Context to use
  1312. PSecBufferDesc pMessage, // Message to verify
  1313. unsigned long MessageSeqNo, // Sequence Num.
  1314. unsigned long SEC_FAR * pfQOP // QOP used
  1315. );
  1317. typedef SECURITY_STATUS
  1318. (SEC_ENTRY * VERIFY_SIGNATURE_FN)(
  1319. PCtxtHandle,
  1320. PSecBufferDesc,
  1321. unsigned long,
  1322. unsigned long SEC_FAR *);
  1325. SECURITY_STATUS SEC_ENTRY
  1326. EncryptMessage( PCtxtHandle phContext,
  1327. unsigned long fQOP,
  1328. PSecBufferDesc pMessage,
  1329. unsigned long MessageSeqNo);
  1331. typedef SECURITY_STATUS
  1332. (SEC_ENTRY * ENCRYPT_MESSAGE_FN)(
  1333. PCtxtHandle, unsigned long, PSecBufferDesc, unsigned long);
  1336. SECURITY_STATUS SEC_ENTRY
  1337. DecryptMessage( PCtxtHandle phContext,
  1338. PSecBufferDesc pMessage,
  1339. unsigned long MessageSeqNo,
  1340. unsigned long * pfQOP);
  1343. typedef SECURITY_STATUS
  1344. (SEC_ENTRY * DECRYPT_MESSAGE_FN)(
  1345. PCtxtHandle, PSecBufferDesc, unsigned long,
  1346. unsigned long SEC_FAR *);
  1349. // end_ntifs
  1351. // begin_ntifs
  1352. ///////////////////////////////////////////////////////////////////////////
  1353. ////
  1354. //// Misc.
  1355. ////
  1356. ///////////////////////////////////////////////////////////////////////////
  1359. SECURITY_STATUS SEC_ENTRY
  1360. EnumerateSecurityPackagesW(
  1361. unsigned long SEC_FAR * pcPackages, // Receives num. packages
  1362. PSecPkgInfoW SEC_FAR * ppPackageInfo // Receives array of info
  1363. );
  1365. typedef SECURITY_STATUS
  1366. (SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_W)(
  1367. unsigned long SEC_FAR *,
  1368. PSecPkgInfoW SEC_FAR *);
  1370. // end_ntifs
  1372. SECURITY_STATUS SEC_ENTRY
  1373. EnumerateSecurityPackagesA(
  1374. unsigned long SEC_FAR * pcPackages, // Receives num. packages
  1375. PSecPkgInfoA SEC_FAR * ppPackageInfo // Receives array of info
  1376. );
  1378. typedef SECURITY_STATUS
  1379. (SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_A)(
  1380. unsigned long SEC_FAR *,
  1381. PSecPkgInfoA SEC_FAR *);
  1383. #ifdef UNICODE
  1384. # define EnumerateSecurityPackages EnumerateSecurityPackagesW // ntifs
  1385. # define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W // ntifs
  1386. #else
  1387. # define EnumerateSecurityPackages EnumerateSecurityPackagesA
  1388. # define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_A
  1389. #endif // !UNICODE
  1391. // begin_ntifs
  1393. SECURITY_STATUS SEC_ENTRY
  1394. QuerySecurityPackageInfoW(
  1395. #if ISSP_MODE == 0
  1396. PSECURITY_STRING pPackageName,
  1397. #else
  1398. SEC_WCHAR SEC_FAR * pszPackageName, // Name of package
  1399. #endif
  1400. PSecPkgInfoW SEC_FAR *ppPackageInfo // Receives package info
  1401. );
  1403. typedef SECURITY_STATUS
  1404. (SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_W)(
  1405. #if ISSP_MODE == 0
  1406. PSECURITY_STRING,
  1407. #else
  1408. SEC_WCHAR SEC_FAR *,
  1409. #endif
  1410. PSecPkgInfoW SEC_FAR *);
  1412. // end_ntifs
  1414. SECURITY_STATUS SEC_ENTRY
  1415. QuerySecurityPackageInfoA(
  1416. SEC_CHAR SEC_FAR * pszPackageName, // Name of package
  1417. PSecPkgInfoA SEC_FAR *ppPackageInfo // Receives package info
  1418. );
  1420. typedef SECURITY_STATUS
  1421. (SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_A)(
  1422. SEC_CHAR SEC_FAR *,
  1423. PSecPkgInfoA SEC_FAR *);
  1425. #ifdef UNICODE
  1426. # define QuerySecurityPackageInfo QuerySecurityPackageInfoW // ntifs
  1427. # define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W // ntifs
  1428. #else
  1429. # define QuerySecurityPackageInfo QuerySecurityPackageInfoA
  1430. # define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_A
  1431. #endif // !UNICODE
  1434. typedef enum _SecDelegationType {
  1435. SecFull,
  1436. SecService,
  1437. SecTree,
  1438. SecDirectory,
  1439. SecObject
  1440. } SecDelegationType, * PSecDelegationType;
  1442. SECURITY_STATUS SEC_ENTRY
  1443. DelegateSecurityContext(
  1444. PCtxtHandle phContext, // IN Active context to delegate
  1445. #if ISSP_MODE == 0
  1446. PSECURITY_STRING pTarget, // IN Target path
  1447. #else
  1448. SEC_CHAR SEC_FAR * pszTarget,
  1449. #endif
  1450. SecDelegationType DelegationType, // IN Type of delegation
  1451. PTimeStamp pExpiry, // IN OPTIONAL time limit
  1452. PSecBuffer pPackageParameters, // IN OPTIONAL package specific
  1453. PSecBufferDesc pOutput); // OUT Token for applycontroltoken.
  1456. ///////////////////////////////////////////////////////////////////////////
  1457. ////
  1458. //// Proxies
  1459. ////
  1460. ///////////////////////////////////////////////////////////////////////////
  1463. //
  1464. // Proxies are only available on NT platforms
  1465. //
  1467. // begin_ntifs
  1469. ///////////////////////////////////////////////////////////////////////////
  1470. ////
  1471. //// Context export/import
  1472. ////
  1473. ///////////////////////////////////////////////////////////////////////////
  1477. SECURITY_STATUS SEC_ENTRY
  1478. ExportSecurityContext(
  1479. PCtxtHandle phContext, // (in) context to export
  1480. ULONG fFlags, // (in) option flags
  1481. PSecBuffer pPackedContext, // (out) marshalled context
  1482. void SEC_FAR * SEC_FAR * pToken // (out, optional) token handle for impersonation
  1483. );
  1485. typedef SECURITY_STATUS
  1486. (SEC_ENTRY * EXPORT_SECURITY_CONTEXT_FN)(
  1487. PCtxtHandle,
  1488. ULONG,
  1489. PSecBuffer,
  1490. void SEC_FAR * SEC_FAR *
  1491. );
  1493. SECURITY_STATUS SEC_ENTRY
  1494. ImportSecurityContextW(
  1495. #if ISSP_MODE == 0
  1496. PSECURITY_STRING pszPackage,
  1497. #else
  1498. SEC_WCHAR SEC_FAR * pszPackage,
  1499. #endif
  1500. PSecBuffer pPackedContext, // (in) marshalled context
  1501. void SEC_FAR * Token, // (in, optional) handle to token for context
  1502. PCtxtHandle phContext // (out) new context handle
  1503. );
  1505. typedef SECURITY_STATUS
  1506. (SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_W)(
  1507. #if ISSP_MODE == 0
  1508. PSECURITY_STRING,
  1509. #else
  1510. SEC_WCHAR SEC_FAR *,
  1511. #endif
  1512. PSecBuffer,
  1513. VOID SEC_FAR *,
  1514. PCtxtHandle
  1515. );
  1517. // end_ntifs
  1518. SECURITY_STATUS SEC_ENTRY
  1519. ImportSecurityContextA(
  1520. SEC_CHAR SEC_FAR * pszPackage,
  1521. PSecBuffer pPackedContext, // (in) marshalled context
  1522. VOID SEC_FAR * Token, // (in, optional) handle to token for context
  1523. PCtxtHandle phContext // (out) new context handle
  1524. );
  1526. typedef SECURITY_STATUS
  1527. (SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_A)(
  1528. SEC_CHAR SEC_FAR *,
  1529. PSecBuffer,
  1530. void SEC_FAR *,
  1531. PCtxtHandle
  1532. );
  1534. #ifdef UNICODE
  1535. # define ImportSecurityContext ImportSecurityContextW // ntifs
  1536. # define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W // ntifs
  1537. #else
  1538. # define ImportSecurityContext ImportSecurityContextA
  1539. # define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_A
  1540. #endif // !UNICODE
  1542. // begin_ntifs
  1544. #if ISSP_MODE == 0
  1545. NTSTATUS
  1546. NTAPI
  1547. SecMakeSPN(
  1548. IN PUNICODE_STRING ServiceClass,
  1549. IN PUNICODE_STRING ServiceName,
  1550. IN PUNICODE_STRING InstanceName OPTIONAL,
  1551. IN USHORT InstancePort OPTIONAL,
  1552. IN PUNICODE_STRING Referrer OPTIONAL,
  1553. IN OUT PUNICODE_STRING Spn,
  1554. OUT PULONG Length OPTIONAL,
  1555. IN BOOLEAN Allocate
  1556. );
  1558. NTSTATUS
  1559. NTAPI
  1560. SecMakeSPNEx(
  1561. IN PUNICODE_STRING ServiceClass,
  1562. IN PUNICODE_STRING ServiceName,
  1563. IN PUNICODE_STRING InstanceName OPTIONAL,
  1564. IN USHORT InstancePort OPTIONAL,
  1565. IN PUNICODE_STRING Referrer OPTIONAL,
  1566. IN PUNICODE_STRING TargetInfo OPTIONAL,
  1567. IN OUT PUNICODE_STRING Spn,
  1568. OUT PULONG Length OPTIONAL,
  1569. IN BOOLEAN Allocate
  1570. );
  1572. NTSTATUS
  1573. SEC_ENTRY
  1574. SecLookupAccountSid(
  1575. IN PSID Sid,
  1576. IN OUT PULONG NameSize,
  1577. OUT PUNICODE_STRING NameBuffer,
  1578. IN OUT PULONG DomainSize OPTIONAL,
  1579. OUT PUNICODE_STRING DomainBuffer OPTIONAL,
  1580. OUT PSID_NAME_USE NameUse
  1581. );
  1583. NTSTATUS
  1584. SEC_ENTRY
  1585. SecLookupAccountName(
  1586. IN PUNICODE_STRING Name,
  1587. IN OUT PULONG SidSize,
  1588. OUT PSID Sid,
  1589. OUT PSID_NAME_USE NameUse,
  1590. IN OUT PULONG DomainSize OPTIONAL,
  1591. OUT PUNICODE_STRING ReferencedDomain OPTIONAL
  1592. );
  1594. #endif
  1596. // end_ntifs
  1598. ///////////////////////////////////////////////////////////////////////////////
  1599. ////
  1600. //// Fast access for RPC:
  1601. ////
  1602. ///////////////////////////////////////////////////////////////////////////////
  1604. #define SECURITY_ENTRYPOINT_ANSIW "InitSecurityInterfaceW"
  1605. #define SECURITY_ENTRYPOINT_ANSIA "InitSecurityInterfaceA"
  1606. #define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW") // ntifs
  1607. #define SECURITY_ENTRYPOINTA SEC_TEXT("InitSecurityInterfaceA")
  1608. #define SECURITY_ENTRYPOINT16 "INITSECURITYINTERFACEA"
  1610. #ifdef SECURITY_WIN32
  1611. # ifdef UNICODE
  1612. # define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTW // ntifs
  1613. # define SECURITY_ENTRYPOINT_ANSI SECURITY_ENTRYPOINT_ANSIW
  1614. # else // UNICODE
  1615. # define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTA
  1616. # define SECURITY_ENTRYPOINT_ANSI SECURITY_ENTRYPOINT_ANSIA
  1617. # endif // UNICODE
  1618. #else // SECURITY_WIN32
  1619. # define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINT16
  1620. # define SECURITY_ENTRYPOINT_ANSI SECURITY_ENTRYPOINT16
  1621. #endif // SECURITY_WIN32
  1623. // begin_ntifs
  1625. #define FreeCredentialHandle FreeCredentialsHandle
  1627. typedef struct _SECURITY_FUNCTION_TABLE_W {
  1628. unsigned long dwVersion;
  1629. ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW;
  1630. QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW;
  1631. ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW;
  1632. FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
  1633. #ifndef WIN32_CHICAGO
  1634. void SEC_FAR * Reserved2;
  1635. #else // WIN32_CHICAGO
  1636. SSPI_LOGON_USER_FN SspiLogonUserW;
  1637. #endif // WIN32_CHICAGO
  1638. INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW;
  1639. ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
  1640. COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
  1641. DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
  1642. APPLY_CONTROL_TOKEN_FN ApplyControlToken;
  1643. QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW;
  1644. IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
  1645. REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
  1646. MAKE_SIGNATURE_FN MakeSignature;
  1647. VERIFY_SIGNATURE_FN VerifySignature;
  1648. FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
  1649. QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW;
  1650. void SEC_FAR * Reserved3;
  1651. void SEC_FAR * Reserved4;
  1652. EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
  1653. IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW;
  1654. ADD_CREDENTIALS_FN_W AddCredentialsW ;
  1655. void SEC_FAR * Reserved8;
  1656. QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
  1657. ENCRYPT_MESSAGE_FN EncryptMessage;
  1658. DECRYPT_MESSAGE_FN DecryptMessage;
  1659. SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW;
  1660. } SecurityFunctionTableW, SEC_FAR * PSecurityFunctionTableW;
  1662. // end_ntifs
  1664. typedef struct _SECURITY_FUNCTION_TABLE_A {
  1665. unsigned long dwVersion;
  1666. ENUMERATE_SECURITY_PACKAGES_FN_A EnumerateSecurityPackagesA;
  1667. QUERY_CREDENTIALS_ATTRIBUTES_FN_A QueryCredentialsAttributesA;
  1668. ACQUIRE_CREDENTIALS_HANDLE_FN_A AcquireCredentialsHandleA;
  1669. FREE_CREDENTIALS_HANDLE_FN FreeCredentialHandle;
  1670. #ifndef WIN32_CHICAGO
  1671. void SEC_FAR * Reserved2;
  1672. #else // WIN32_CHICAGO
  1673. SSPI_LOGON_USER_FN SspiLogonUserA;
  1674. #endif // WIN32_CHICAGO
  1675. INITIALIZE_SECURITY_CONTEXT_FN_A InitializeSecurityContextA;
  1676. ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
  1677. COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
  1678. DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
  1679. APPLY_CONTROL_TOKEN_FN ApplyControlToken;
  1680. QUERY_CONTEXT_ATTRIBUTES_FN_A QueryContextAttributesA;
  1681. IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
  1682. REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
  1683. MAKE_SIGNATURE_FN MakeSignature;
  1684. VERIFY_SIGNATURE_FN VerifySignature;
  1685. FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
  1686. QUERY_SECURITY_PACKAGE_INFO_FN_A QuerySecurityPackageInfoA;
  1687. void SEC_FAR * Reserved3;
  1688. void SEC_FAR * Reserved4;
  1689. EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
  1690. IMPORT_SECURITY_CONTEXT_FN_A ImportSecurityContextA;
  1691. ADD_CREDENTIALS_FN_A AddCredentialsA ;
  1692. void SEC_FAR * Reserved8;
  1693. QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
  1694. ENCRYPT_MESSAGE_FN EncryptMessage;
  1695. DECRYPT_MESSAGE_FN DecryptMessage;
  1696. SET_CONTEXT_ATTRIBUTES_FN_A SetContextAttributesA;
  1697. } SecurityFunctionTableA, SEC_FAR * PSecurityFunctionTableA;
  1699. #ifdef UNICODE
  1700. # define SecurityFunctionTable SecurityFunctionTableW // ntifs
  1701. # define PSecurityFunctionTable PSecurityFunctionTableW // ntifs
  1702. #else
  1703. # define SecurityFunctionTable SecurityFunctionTableA
  1704. # define PSecurityFunctionTable PSecurityFunctionTableA
  1705. #endif // !UNICODE
  1707. #define SECURITY_
  1709. // Function table has all routines through DecryptMessage
  1710. #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION 1 // ntifs
  1712. // Function table has all routines through SetContextAttributes
  1713. #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 2 // ntifs
  1716. PSecurityFunctionTableA SEC_ENTRY
  1717. InitSecurityInterfaceA(
  1718. void
  1719. );
  1721. typedef PSecurityFunctionTableA
  1722. (SEC_ENTRY * INIT_SECURITY_INTERFACE_A)(void);
  1724. // begin_ntifs
  1726. PSecurityFunctionTableW SEC_ENTRY
  1727. InitSecurityInterfaceW(
  1728. void
  1729. );
  1731. typedef PSecurityFunctionTableW
  1732. (SEC_ENTRY * INIT_SECURITY_INTERFACE_W)(void);
  1734. // end_ntifs
  1736. #ifdef UNICODE
  1737. # define InitSecurityInterface InitSecurityInterfaceW // ntifs
  1738. # define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W // ntifs
  1739. #else
  1740. # define InitSecurityInterface InitSecurityInterfaceA
  1741. # define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_A
  1742. #endif // !UNICODE
  1745. #ifdef SECURITY_WIN32
  1747. //
  1748. // SASL Profile Support
  1749. //
  1752. SECURITY_STATUS
  1753. SEC_ENTRY
  1754. SaslEnumerateProfilesA(
  1755. OUT LPSTR * ProfileList,
  1756. OUT ULONG * ProfileCount
  1757. );
  1759. SECURITY_STATUS
  1760. SEC_ENTRY
  1761. SaslEnumerateProfilesW(
  1762. OUT LPWSTR * ProfileList,
  1763. OUT ULONG * ProfileCount
  1764. );
  1766. #ifdef UNICODE
  1767. #define SaslEnumerateProfiles SaslEnumerateProfilesW
  1768. #else
  1769. #define SaslEnumerateProfiles SaslEnumerateProfilesA
  1770. #endif
  1773. SECURITY_STATUS
  1774. SEC_ENTRY
  1775. SaslGetProfilePackageA(
  1776. IN LPSTR ProfileName,
  1777. OUT PSecPkgInfoA * PackageInfo
  1778. );
  1781. SECURITY_STATUS
  1782. SEC_ENTRY
  1783. SaslGetProfilePackageW(
  1784. IN LPWSTR ProfileName,
  1785. OUT PSecPkgInfoW * PackageInfo
  1786. );
  1788. #ifdef UNICODE
  1789. #define SaslGetProfilePackage SaslGetProfilePackageW
  1790. #else
  1791. #define SaslGetProfilePackage SaslGetProfilePackageA
  1792. #endif
  1794. SECURITY_STATUS
  1795. SEC_ENTRY
  1796. SaslIdentifyPackageA(
  1797. IN PSecBufferDesc pInput,
  1798. OUT PSecPkgInfoA * PackageInfo
  1799. );
  1801. SECURITY_STATUS
  1802. SEC_ENTRY
  1803. SaslIdentifyPackageW(
  1804. IN PSecBufferDesc pInput,
  1805. OUT PSecPkgInfoW * PackageInfo
  1806. );
  1808. #ifdef UNICODE
  1809. #define SaslIdentifyPackage SaslIdentifyPackageW
  1810. #else
  1811. #define SaslIdentifyPackage SaslIdentifyPackageA
  1812. #endif
  1814. SECURITY_STATUS
  1815. SEC_ENTRY
  1816. SaslInitializeSecurityContextW(
  1817. PCredHandle phCredential, // Cred to base context
  1818. PCtxtHandle phContext, // Existing context (OPT)
  1819. LPWSTR pszTargetName, // Name of target
  1820. unsigned long fContextReq, // Context Requirements
  1821. unsigned long Reserved1, // Reserved, MBZ
  1822. unsigned long TargetDataRep, // Data rep of target
  1823. PSecBufferDesc pInput, // Input Buffers
  1824. unsigned long Reserved2, // Reserved, MBZ
  1825. PCtxtHandle phNewContext, // (out) New Context handle
  1826. PSecBufferDesc pOutput, // (inout) Output Buffers
  1827. unsigned long SEC_FAR * pfContextAttr, // (out) Context attrs
  1828. PTimeStamp ptsExpiry // (out) Life span (OPT)
  1829. );
  1831. SECURITY_STATUS
  1832. SEC_ENTRY
  1833. SaslInitializeSecurityContextA(
  1834. PCredHandle phCredential, // Cred to base context
  1835. PCtxtHandle phContext, // Existing context (OPT)
  1836. LPSTR pszTargetName, // Name of target
  1837. unsigned long fContextReq, // Context Requirements
  1838. unsigned long Reserved1, // Reserved, MBZ
  1839. unsigned long TargetDataRep, // Data rep of target
  1840. PSecBufferDesc pInput, // Input Buffers
  1841. unsigned long Reserved2, // Reserved, MBZ
  1842. PCtxtHandle phNewContext, // (out) New Context handle
  1843. PSecBufferDesc pOutput, // (inout) Output Buffers
  1844. unsigned long SEC_FAR * pfContextAttr, // (out) Context attrs
  1845. PTimeStamp ptsExpiry // (out) Life span (OPT)
  1846. );
  1848. #ifdef UNICODE
  1849. #define SaslInitializeSecurityContext SaslInitializeSecurityContextW
  1850. #else
  1851. #define SaslInitializeSecurityContext SaslInitializeSecurityContextA
  1852. #endif
  1855. SECURITY_STATUS
  1856. SEC_ENTRY
  1857. SaslAcceptSecurityContext(
  1858. PCredHandle phCredential, // Cred to base context
  1859. PCtxtHandle phContext, // Existing context (OPT)
  1860. PSecBufferDesc pInput, // Input buffer
  1861. unsigned long fContextReq, // Context Requirements
  1862. unsigned long TargetDataRep, // Target Data Rep
  1863. PCtxtHandle phNewContext, // (out) New context handle
  1864. PSecBufferDesc pOutput, // (inout) Output buffers
  1865. unsigned long SEC_FAR * pfContextAttr, // (out) Context attributes
  1866. PTimeStamp ptsExpiry // (out) Life span (OPT)
  1867. );
  1870. #define SASL_OPTION_SEND_SIZE 1
  1871. #define SASL_OPTION_RECV_SIZE 2
  1872. #define SASL_OPTION_AUTHZ_STRING 3
  1874. SECURITY_STATUS
  1875. SEC_ENTRY
  1876. SaslSetContextOption(
  1877. PCtxtHandle ContextHandle,
  1878. ULONG Option,
  1879. PVOID Value,
  1880. ULONG Size
  1881. );
  1884. SECURITY_STATUS
  1885. SEC_ENTRY
  1886. SaslGetContextOption(
  1887. PCtxtHandle ContextHandle,
  1888. ULONG Option,
  1889. PVOID Value,
  1890. ULONG Size,
  1891. PULONG Needed OPTIONAL
  1892. );
  1894. #endif
  1896. #ifdef SECURITY_DOS
  1897. #if _MSC_VER >= 1200
  1898. #pragma warning(pop)
  1899. #else
  1900. #pragma warning(default:4147)
  1901. #endif
  1902. #endif
  1904. //
  1905. // This is the legacy credentials structure.
  1906. // The EX version below is preferred.
  1908. // begin_ntifs
  1909. #ifndef _AUTH_IDENTITY_DEFINED
  1910. #define _AUTH_IDENTITY_DEFINED
  1912. #define SEC_WINNT_AUTH_IDENTITY_ANSI 0x1
  1913. #define SEC_WINNT_AUTH_IDENTITY_UNICODE 0x2
  1915. typedef struct _SEC_WINNT_AUTH_IDENTITY_W {
  1916. unsigned short *User;
  1917. unsigned long UserLength;
  1918. unsigned short *Domain;
  1919. unsigned long DomainLength;
  1920. unsigned short *Password;
  1921. unsigned long PasswordLength;
  1922. unsigned long Flags;
  1923. } SEC_WINNT_AUTH_IDENTITY_W, *PSEC_WINNT_AUTH_IDENTITY_W;
  1925. // end_ntifs
  1927. typedef struct _SEC_WINNT_AUTH_IDENTITY_A {
  1928. unsigned char *User;
  1929. unsigned long UserLength;
  1930. unsigned char *Domain;
  1931. unsigned long DomainLength;
  1932. unsigned char *Password;
  1933. unsigned long PasswordLength;
  1934. unsigned long Flags;
  1935. } SEC_WINNT_AUTH_IDENTITY_A, *PSEC_WINNT_AUTH_IDENTITY_A;
  1938. #ifdef UNICODE
  1939. #define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W // ntifs
  1940. #define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W // ntifs
  1941. #define _SEC_WINNT_AUTH_IDENTITY _SEC_WINNT_AUTH_IDENTITY_W // ntifs
  1942. #else // UNICODE
  1943. #define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_A
  1944. #define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_A
  1945. #define _SEC_WINNT_AUTH_IDENTITY _SEC_WINNT_AUTH_IDENTITY_A
  1946. #endif // UNICODE
  1948. #endif //_AUTH_IDENTITY_DEFINED // ntifs
  1950. // begin_ntifs
  1951. //
  1952. // This is the combined authentication identity structure that may be
  1953. // used with the negotiate package, NTLM, Kerberos, or SCHANNEL
  1954. //
  1957. #ifndef SEC_WINNT_AUTH_IDENTITY_VERSION
  1958. #define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200
  1960. typedef struct _SEC_WINNT_AUTH_IDENTITY_EXW {
  1961. unsigned long Version;
  1962. unsigned long Length;
  1963. unsigned short SEC_FAR *User;
  1964. unsigned long UserLength;
  1965. unsigned short SEC_FAR *Domain;
  1966. unsigned long DomainLength;
  1967. unsigned short SEC_FAR *Password;
  1968. unsigned long PasswordLength;
  1969. unsigned long Flags;
  1970. unsigned short SEC_FAR * PackageList;
  1971. unsigned long PackageListLength;
  1972. } SEC_WINNT_AUTH_IDENTITY_EXW, *PSEC_WINNT_AUTH_IDENTITY_EXW;
  1974. // end_ntifs
  1976. typedef struct _SEC_WINNT_AUTH_IDENTITY_EXA {
  1977. unsigned long Version;
  1978. unsigned long Length;
  1979. unsigned char SEC_FAR *User;
  1980. unsigned long UserLength;
  1981. unsigned char SEC_FAR *Domain;
  1982. unsigned long DomainLength;
  1983. unsigned char SEC_FAR *Password;
  1984. unsigned long PasswordLength;
  1985. unsigned long Flags;
  1986. unsigned char SEC_FAR * PackageList;
  1987. unsigned long PackageListLength;
  1988. } SEC_WINNT_AUTH_IDENTITY_EXA, *PSEC_WINNT_AUTH_IDENTITY_EXA;
  1990. #ifdef UNICODE
  1991. #define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW // ntifs
  1992. #define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXW // ntifs
  1993. #else
  1994. #define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXA
  1995. #endif
  1997. // begin_ntifs
  1998. #endif // SEC_WINNT_AUTH_IDENTITY_VERSION
  2001. //
  2002. // Common types used by negotiable security packages
  2003. //
  2005. #define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x4 // all data is in one buffer
  2006. #define SEC_WINNT_AUTH_IDENTITY_ONLY 0x8 // these credentials are for identity only - no PAC needed
  2008. // end_ntifs
  2010. //
  2011. // Routines for manipulating packages
  2012. //
  2014. typedef struct _SECURITY_PACKAGE_OPTIONS {
  2015. unsigned long Size;
  2016. unsigned long Type;
  2017. unsigned long Flags;
  2018. unsigned long SignatureSize;
  2019. void SEC_FAR * Signature;
  2020. } SECURITY_PACKAGE_OPTIONS, SEC_FAR * PSECURITY_PACKAGE_OPTIONS;
  2022. #define SECPKG_OPTIONS_TYPE_UNKNOWN 0
  2023. #define SECPKG_OPTIONS_TYPE_LSA 1
  2024. #define SECPKG_OPTIONS_TYPE_SSPI 2
  2026. #define SECPKG_OPTIONS_PERMANENT 0x00000001
  2028. SECURITY_STATUS
  2029. SEC_ENTRY
  2030. AddSecurityPackageA(
  2031. SEC_CHAR SEC_FAR * pszPackageName,
  2032. SECURITY_PACKAGE_OPTIONS SEC_FAR * Options
  2033. );
  2035. SECURITY_STATUS
  2036. SEC_ENTRY
  2037. AddSecurityPackageW(
  2038. SEC_WCHAR SEC_FAR * pszPackageName,
  2039. SECURITY_PACKAGE_OPTIONS SEC_FAR * Options
  2040. );
  2042. #ifdef UNICODE
  2043. #define AddSecurityPackage AddSecurityPackageW
  2044. #else
  2045. #define AddSecurityPackage AddSecurityPackageA
  2046. #endif
  2048. SECURITY_STATUS
  2049. SEC_ENTRY
  2050. DeleteSecurityPackageA(
  2051. SEC_CHAR SEC_FAR * pszPackageName );
  2053. SECURITY_STATUS
  2054. SEC_ENTRY
  2055. DeleteSecurityPackageW(
  2056. SEC_WCHAR SEC_FAR * pszPackageName );
  2058. #ifdef UNICODE
  2059. #define DeleteSecurityPackage DeleteSecurityPackageW
  2060. #else
  2061. #define DeleteSecurityPackage DeleteSecurityPackageA
  2062. #endif
  2065. #ifdef __cplusplus
  2066. } // extern "C"
  2067. #endif
  2069. // begin_ntifs
  2070. #endif // __SSPI_H__
  2071. // end_ntifs