[MMIXER_TEST] Fix build (Use %Iu for dwUser)
[reactos.git] / sdk / include / xdk / sspi.h
1 #ifndef __SSPI_H__
2 #define __SSPI_H__
3
4 // for ntifs.h:
5 #define ISSP_LEVEL 32
6 #define ISSP_MODE 0
7
8 #ifdef MIDL_PASS
9 #define MIDL_PROP(x) x
10 #else
11 #define MIDL_PROP(x)
12 #endif
13
14 #define SEC_TEXT TEXT
15 #define SEC_FAR
16 #define SEC_ENTRY __stdcall
17
18 #if defined(_NO_KSECDD_IMPORT_)
19 #define KSECDDDECLSPEC
20 #else
21 #define KSECDDDECLSPEC __declspec(dllimport)
22 #endif
23
24 #define SECQOP_WRAP_NO_ENCRYPT 0x80000001
25 #define SECQOP_WRAP_OOB_DATA 0x40000000
26
27 #define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW")
28 #define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTW
29
30 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION 1
31 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 2
32 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 3
33 #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 4
34
35 #define SECURITY_NATIVE_DREP 0x00000010
36 #define SECURITY_NETWORK_DREP 0x00000000
37
38 #define SECPKG_ID_NONE 0xFFFF
39
40 #define SECPKG_CRED_ATTR_NAMES 1
41 #define SECPKG_CRED_ATTR_SSI_PROVIDER 2
42
43 #define SECPKG_ATTR_SIZES 0
44 #define SECPKG_ATTR_NAMES 1
45 #define SECPKG_ATTR_LIFESPAN 2
46 #define SECPKG_ATTR_DCE_INFO 3
47 #define SECPKG_ATTR_STREAM_SIZES 4
48 #define SECPKG_ATTR_KEY_INFO 5
49 #define SECPKG_ATTR_AUTHORITY 6
50 #define SECPKG_ATTR_PROTO_INFO 7
51 #define SECPKG_ATTR_PASSWORD_EXPIRY 8
52 #define SECPKG_ATTR_SESSION_KEY 9
53 #define SECPKG_ATTR_PACKAGE_INFO 10
54 #define SECPKG_ATTR_USER_FLAGS 11
55 #define SECPKG_ATTR_NEGOTIATION_INFO 12
56 #define SECPKG_ATTR_NATIVE_NAMES 13
57 #define SECPKG_ATTR_FLAGS 14
58 #define SECPKG_ATTR_USE_VALIDATED 15
59 #define SECPKG_ATTR_CREDENTIAL_NAME 16
60 #define SECPKG_ATTR_TARGET_INFORMATION 17
61 #define SECPKG_ATTR_ACCESS_TOKEN 18
62 #define SECPKG_ATTR_TARGET 19
63 #define SECPKG_ATTR_AUTHENTICATION_ID 20
64 #define SECPKG_ATTR_LOGOFF_TIME 21
65 #define SECPKG_ATTR_NEGO_KEYS 22
66 #define SECPKG_ATTR_PROMPTING_NEEDED 24
67 #define SECPKG_ATTR_UNIQUE_BINDINGS 25
68 #define SECPKG_ATTR_ENDPOINT_BINDINGS 26
69 #define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27
70 #define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30
71 #define SECPKG_ATTR_NEGO_PKG_INFO 31
72 #define SECPKG_ATTR_NEGO_STATUS 32
73 #define SECPKG_ATTR_CONTEXT_DELETED 33
74
75 #define SECPKG_FLAG_INTEGRITY 0x00000001
76 #define SECPKG_FLAG_PRIVACY 0x00000002
77 #define SECPKG_FLAG_TOKEN_ONLY 0x00000004
78 #define SECPKG_FLAG_DATAGRAM 0x00000008
79 #define SECPKG_FLAG_CONNECTION 0x00000010
80 #define SECPKG_FLAG_MULTI_REQUIRED 0x00000020
81 #define SECPKG_FLAG_CLIENT_ONLY 0x00000040
82 #define SECPKG_FLAG_EXTENDED_ERROR 0x00000080
83 #define SECPKG_FLAG_IMPERSONATION 0x00000100
84 #define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200
85 #define SECPKG_FLAG_STREAM 0x00000400
86 #define SECPKG_FLAG_NEGOTIABLE 0x00000800
87 #define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000
88 #define SECPKG_FLAG_LOGON 0x00002000
89 #define SECPKG_FLAG_ASCII_BUFFERS 0x00004000
90 #define SECPKG_FLAG_FRAGMENT 0x00008000
91 #define SECPKG_FLAG_MUTUAL_AUTH 0x00010000
92 #define SECPKG_FLAG_DELEGATION 0x00020000
93 #define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000
94 #define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000
95 #define SECPKG_FLAG_NEGO_EXTENDER 0x00100000
96 #define SECPKG_FLAG_NEGOTIABLE2 0x00200000
97
98 #define SECPKG_CRED_INBOUND 0x00000001
99 #define SECPKG_CRED_OUTBOUND 0x00000002
100 #define SECPKG_CRED_BOTH 0x00000003
101 #define SECPKG_CRED_DEFAULT 0x00000004
102 #define SECPKG_CRED_RESERVED 0xF0000000
103 #define SECPKG_CRED_AUTOLOGON_RESTRICTED 0x00000010
104 #define SECPKG_CRED_PROCESS_POLICY_ONLY 0x00000020
105
106 #define SECPKG_CONTEXT_EXPORT_RESET_NEW 0x00000001
107 #define SECPKG_CONTEXT_EXPORT_DELETE_OLD 0x00000002
108 #define SECPKG_CONTEXT_EXPORT_TO_KERNEL 0x00000004
109
110 #define SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES 128
111 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_KERBEROS 0x1
112 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_NTLM 0x2
113
114 #define SecPkgContext_NativeNames SecPkgContext_NativeNamesW
115 #define PSecPkgContext_NativeNames PSecPkgContext_NativeNamesW
116
117 #define SECBUFFER_VERSION 0
118
119 #define SECBUFFER_EMPTY 0
120 #define SECBUFFER_DATA 1
121 #define SECBUFFER_TOKEN 2
122 #define SECBUFFER_PKG_PARAMS 3
123 #define SECBUFFER_MISSING 4
124 #define SECBUFFER_EXTRA 5
125 #define SECBUFFER_STREAM_TRAILER 6
126 #define SECBUFFER_STREAM_HEADER 7
127 #define SECBUFFER_NEGOTIATION_INFO 8
128 #define SECBUFFER_PADDING 9
129 #define SECBUFFER_STREAM 10
130 #define SECBUFFER_MECHLIST 11
131 #define SECBUFFER_MECHLIST_SIGNATURE 12
132 #define SECBUFFER_TARGET 13
133 #define SECBUFFER_CHANNEL_BINDINGS 14
134 #define SECBUFFER_CHANGE_PASS_RESPONSE 15
135 #define SECBUFFER_TARGET_HOST 16
136 #define SECBUFFER_ALERT 17
137
138 #define SECBUFFER_ATTRMASK 0xF0000000
139 #define SECBUFFER_READONLY 0x80000000
140 #define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000
141 #define SECBUFFER_RESERVED 0x60000000
142
143 #define ISC_REQ_DELEGATE 0x00000001
144 #define ISC_REQ_MUTUAL_AUTH 0x00000002
145 #define ISC_REQ_REPLAY_DETECT 0x00000004
146 #define ISC_REQ_SEQUENCE_DETECT 0x00000008
147 #define ISC_REQ_CONFIDENTIALITY 0x00000010
148 #define ISC_REQ_USE_SESSION_KEY 0x00000020
149 #define ISC_REQ_PROMPT_FOR_CREDS 0x00000040
150 #define ISC_REQ_USE_SUPPLIED_CREDS 0x00000080
151 #define ISC_REQ_ALLOCATE_MEMORY 0x00000100
152 #define ISC_REQ_USE_DCE_STYLE 0x00000200
153 #define ISC_REQ_DATAGRAM 0x00000400
154 #define ISC_REQ_CONNECTION 0x00000800
155 #define ISC_REQ_CALL_LEVEL 0x00001000
156 #define ISC_REQ_FRAGMENT_SUPPLIED 0x00002000
157 #define ISC_REQ_EXTENDED_ERROR 0x00004000
158 #define ISC_REQ_STREAM 0x00008000
159 #define ISC_REQ_INTEGRITY 0x00010000
160 #define ISC_REQ_IDENTIFY 0x00020000
161 #define ISC_REQ_NULL_SESSION 0x00040000
162 #define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000
163 #define ISC_REQ_RESERVED1 0x00100000
164 #define ISC_REQ_FRAGMENT_TO_FIT 0x00200000
165 #define ISC_REQ_FORWARD_CREDENTIALS 0x00400000
166 #define ISC_REQ_NO_INTEGRITY 0x00800000
167 #define ISC_REQ_USE_HTTP_STYLE 0x01000000
168
169 #define ISC_RET_DELEGATE 0x00000001
170 #define ISC_RET_MUTUAL_AUTH 0x00000002
171 #define ISC_RET_REPLAY_DETECT 0x00000004
172 #define ISC_RET_SEQUENCE_DETECT 0x00000008
173 #define ISC_RET_CONFIDENTIALITY 0x00000010
174 #define ISC_RET_USE_SESSION_KEY 0x00000020
175 #define ISC_RET_USED_COLLECTED_CREDS 0x00000040
176 #define ISC_RET_USED_SUPPLIED_CREDS 0x00000080
177 #define ISC_RET_ALLOCATED_MEMORY 0x00000100
178 #define ISC_RET_USED_DCE_STYLE 0x00000200
179 #define ISC_RET_DATAGRAM 0x00000400
180 #define ISC_RET_CONNECTION 0x00000800
181 #define ISC_RET_INTERMEDIATE_RETURN 0x00001000
182 #define ISC_RET_CALL_LEVEL 0x00002000
183 #define ISC_RET_EXTENDED_ERROR 0x00004000
184 #define ISC_RET_STREAM 0x00008000
185 #define ISC_RET_INTEGRITY 0x00010000
186 #define ISC_RET_IDENTIFY 0x00020000
187 #define ISC_RET_NULL_SESSION 0x00040000
188 #define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000
189 #define ISC_RET_RESERVED1 0x00100000
190 #define ISC_RET_FRAGMENT_ONLY 0x00200000
191 #define ISC_RET_FORWARD_CREDENTIALS 0x00400000
192 #define ISC_RET_USED_HTTP_STYLE 0x01000000
193 #define ISC_RET_NO_ADDITIONAL_TOKEN 0x02000000
194 #define ISC_RET_REAUTHENTICATION 0x08000000
195
196 #define ASC_REQ_DELEGATE 0x00000001
197 #define ASC_REQ_MUTUAL_AUTH 0x00000002
198 #define ASC_REQ_REPLAY_DETECT 0x00000004
199 #define ASC_REQ_SEQUENCE_DETECT 0x00000008
200 #define ASC_REQ_CONFIDENTIALITY 0x00000010
201 #define ASC_REQ_USE_SESSION_KEY 0x00000020
202 #define ASC_REQ_ALLOCATE_MEMORY 0x00000100
203 #define ASC_REQ_USE_DCE_STYLE 0x00000200
204 #define ASC_REQ_DATAGRAM 0x00000400
205 #define ASC_REQ_CONNECTION 0x00000800
206 #define ASC_REQ_CALL_LEVEL 0x00001000
207 #define ASC_REQ_EXTENDED_ERROR 0x00008000
208 #define ASC_REQ_STREAM 0x00010000
209 #define ASC_REQ_INTEGRITY 0x00020000
210 #define ASC_REQ_LICENSING 0x00040000
211 #define ASC_REQ_IDENTIFY 0x00080000
212 #define ASC_REQ_ALLOW_NULL_SESSION 0x00100000
213 #define ASC_REQ_ALLOW_NON_USER_LOGONS 0x00200000
214 #define ASC_REQ_ALLOW_CONTEXT_REPLAY 0x00400000
215 #define ASC_REQ_FRAGMENT_TO_FIT 0x00800000
216 #define ASC_REQ_FRAGMENT_SUPPLIED 0x00002000
217 #define ASC_REQ_NO_TOKEN 0x01000000
218 #define ASC_REQ_PROXY_BINDINGS 0x04000000
219 //#define SSP_RET_REAUTHENTICATION 0x08000000 // internal
220
221 #define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000
222 #define ASC_RET_DELEGATE 0x00000001
223 #define ASC_RET_MUTUAL_AUTH 0x00000002
224 #define ASC_RET_REPLAY_DETECT 0x00000004
225 #define ASC_RET_SEQUENCE_DETECT 0x00000008
226 #define ASC_RET_CONFIDENTIALITY 0x00000010
227 #define ASC_RET_USE_SESSION_KEY 0x00000020
228 #define ASC_RET_ALLOCATED_MEMORY 0x00000100
229 #define ASC_RET_USED_DCE_STYLE 0x00000200
230 #define ASC_RET_DATAGRAM 0x00000400
231 #define ASC_RET_CONNECTION 0x00000800
232 #define ASC_RET_CALL_LEVEL 0x00002000
233 #define ASC_RET_THIRD_LEG_FAILED 0x00004000
234 #define ASC_RET_EXTENDED_ERROR 0x00008000
235 #define ASC_RET_STREAM 0x00010000
236 #define ASC_RET_INTEGRITY 0x00020000
237 #define ASC_RET_LICENSING 0x00040000
238 #define ASC_RET_IDENTIFY 0x00080000
239 #define ASC_RET_NULL_SESSION 0x00100000
240 #define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000
241 #define ASC_RET_ALLOW_CONTEXT_REPLAY 0x00400000
242 #define ASC_RET_FRAGMENT_ONLY 0x00800000
243 #define ASC_RET_NO_TOKEN 0x01000000
244 #define ASC_RET_NO_ADDITIONAL_TOKEN 0x02000000
245 #define ASC_RET_NO_PROXY_BINDINGS 0x04000000
246 //#define SSP_RET_REAUTHENTICATION 0x08000000 // internal
247 #define ASC_RET_MISSING_BINDINGS 0x10000000
248
249 #define SEC_DELETED_HANDLE ((ULONG_PTR)(-2))
250
251 #define SecInvalidateHandle(x) \
252 ((PSecHandle)(x))->dwLower = ((PSecHandle)(x))->dwUpper = ((ULONG_PTR)((INT_PTR)-1));
253
254 #define SecIsValidHandle(x) \
255 ( ( ((PSecHandle)(x))->dwLower != (ULONG_PTR)(INT_PTR)-1 ) && \
256 ( ((PSecHandle)(x))->dwUpper != (ULONG_PTR)(INT_PTR)-1 ) )
257
258 typedef WCHAR SEC_WCHAR;
259 typedef CHAR SEC_CHAR;
260 typedef LARGE_INTEGER _SECURITY_INTEGER, SECURITY_INTEGER, *PSECURITY_INTEGER;
261 typedef SECURITY_INTEGER TimeStamp, *PTimeStamp;
262 typedef UNICODE_STRING SECURITY_STRING, *PSECURITY_STRING;
263 #if ISSP_MODE == 0
264 #define PSSPI_SEC_STRING PSECURITY_STRING
265 #else
266 #define PSSPI_SEC_STRING SEC_WCHAR*
267 #endif
268
269 typedef PVOID PSEC_WINNT_AUTH_IDENTITY_OPAQUE;
270
271 #ifndef __SECSTATUS_DEFINED__
272 typedef LONG SECURITY_STATUS;
273 #define __SECSTATUS_DEFINED__
274 #endif
275
276 typedef enum _SECPKG_CRED_CLASS
277 {
278 SecPkgCredClass_None = 0,
279 SecPkgCredClass_Ephemeral = 10,
280 SecPkgCredClass_PersistedGeneric = 20,
281 SecPkgCredClass_PersistedSpecific = 30,
282 SecPkgCredClass_Explicit = 40,
283 } SECPKG_CRED_CLASS, *PSECPKG_CRED_CLASS;
284
285 typedef struct _SEC_NEGOTIATION_INFO
286 {
287 ULONG Size;
288 ULONG NameLength;
289 SEC_WCHAR *Name;
290 PVOID Reserved;
291 } SEC_NEGOTIATION_INFO, *PSEC_NEGOTIATION_INFO;
292
293 typedef struct _SEC_CHANNEL_BINDINGS
294 {
295 ULONG dwInitiatorAddrType;
296 ULONG cbInitiatorLength;
297 ULONG dwInitiatorOffset;
298 ULONG dwAcceptorAddrType;
299 ULONG cbAcceptorLength;
300 ULONG dwAcceptorOffset;
301 ULONG cbApplicationDataLength;
302 ULONG dwApplicationDataOffset;
303 } SEC_CHANNEL_BINDINGS, *PSEC_CHANNEL_BINDINGS;
304
305 #ifndef _AUTH_IDENTITY_EX2_DEFINED
306 #define _AUTH_IDENTITY_EX2_DEFINED
307 typedef struct _SEC_WINNT_AUTH_IDENTITY_EX2
308 {
309 ULONG Version;
310 USHORT cbHeaderLength;
311 ULONG cbStructureLength;
312 ULONG UserOffset;
313 USHORT UserLength;
314 ULONG DomainOffset;
315 USHORT DomainLength;
316 ULONG PackedCredentialsOffset;
317 USHORT PackedCredentialsLength;
318 ULONG Flags;
319 ULONG PackageListOffset;
320 USHORT PackageListLength;
321 } SEC_WINNT_AUTH_IDENTITY_EX2, *PSEC_WINNT_AUTH_IDENTITY_EX2;
322 #define SEC_WINNT_AUTH_IDENTITY_VERSION_2 0x201
323 #endif
324
325 #ifndef _AUTH_IDENTITY_DEFINED
326 #define _AUTH_IDENTITY_DEFINED
327 typedef struct _SEC_WINNT_AUTH_IDENTITY_W
328 {
329 PUSHORT User;
330 ULONG UserLength;
331 PUSHORT Domain;
332 ULONG DomainLength;
333 PUSHORT Password;
334 ULONG PasswordLength;
335 ULONG Flags;
336 } SEC_WINNT_AUTH_IDENTITY_W, *PSEC_WINNT_AUTH_IDENTITY_W;
337 #define SEC_WINNT_AUTH_IDENTITY_ANSI 0x1
338 #define SEC_WINNT_AUTH_IDENTITY_UNICODE 0x2
339 #define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W
340 #define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W
341 #define _SEC_WINNT_AUTH_IDENTITY _SEC_WINNT_AUTH_IDENTITY_W
342 #endif
343
344 #ifndef SEC_WINNT_AUTH_IDENTITY_VERSION
345 #define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200
346 typedef struct _SEC_WINNT_AUTH_IDENTITY_EXW
347 {
348 ULONG Version;
349 ULONG Length;
350 PUSHORT User;
351 ULONG UserLength;
352 PUSHORT Domain;
353 ULONG DomainLength;
354 PUSHORT Password;
355 ULONG PasswordLength;
356 ULONG Flags;
357 PUSHORT PackageList;
358 ULONG PackageListLength;
359 } SEC_WINNT_AUTH_IDENTITY_EXW, *PSEC_WINNT_AUTH_IDENTITY_EXW;
360 #define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW
361 #define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXW
362 #endif
363
364 #ifndef __SECHANDLE_DEFINED__
365 typedef struct _SecHandle
366 {
367 ULONG_PTR dwLower;
368 ULONG_PTR dwUpper;
369 } SecHandle, *PSecHandle;
370 #define __SECHANDLE_DEFINED__
371 #endif
372
373 typedef SecHandle CredHandle, *PCredHandle, CtxtHandle, *PCtxtHandle;
374
375 typedef struct _SecBuffer
376 {
377 ULONG cbBuffer;
378 ULONG BufferType;
379 #ifdef MIDL_PASS
380 MIDL_PROP([size_is(cbBuffer)]) PCHAR pvBuffer;
381 #else
382 _Field_size_bytes_(cbBuffer) void SEC_FAR *pvBuffer;
383 #endif
384 } SecBuffer, *PSecBuffer;
385
386 typedef struct _SecBufferDesc
387 {
388 ULONG ulVersion;
389 ULONG cBuffers;
390 MIDL_PROP([size_is(cBuffers)]) _Field_size_(cBuffers) PSecBuffer pBuffers;
391 } SecBufferDesc, SEC_FAR *PSecBufferDesc;
392
393 typedef struct _SecPkgInfoW
394 {
395 ULONG fCapabilities;
396 USHORT wVersion;
397 USHORT wRPCID;
398 ULONG cbMaxToken;
399 MIDL_PROP([string]) SEC_WCHAR *Name;
400 MIDL_PROP([string]) SEC_WCHAR *Comment;
401 } SecPkgInfoW, *PSecPkgInfoW;
402 #define SecPkgInfo SecPkgInfoW
403 #define PSecPkgInfo PSecPkgInfoW
404
405 typedef struct _SecPkgCredentials_NamesW
406 {
407 MIDL_PROP([string]) SEC_WCHAR *sUserName;
408 } SecPkgCredentials_NamesW, *PSecPkgCredentials_NamesW;
409 #define SecPkgCredentials_Names SecPkgCredentials_NamesW
410 #define PSecPkgCredentials_Names PSecPkgCredentials_NamesW
411
412 typedef struct _SecPkgContext_NamesW
413 {
414 SEC_WCHAR *sUserName;
415 } SecPkgContext_NamesW, *PSecPkgContext_NamesW;
416 #define SecPkgContext_Names SecPkgContext_NamesW
417 #define PSecPkgContext_Names PSecPkgContext_NamesW
418
419 #if OSVER(NTDDI_VERSION) > NTDDI_WIN2K
420 typedef struct _SecPkgContext_CredentialNameW
421 {
422 ULONG CredentialType;
423 SEC_WCHAR *sCredentialName;
424 } SecPkgContext_CredentialNameW, *PSecPkgContext_CredentialNameW;
425 #endif
426 #define SecPkgContext_CredentialName SecPkgContext_CredentialNameW
427 #define PSecPkgContext_CredentialName PSecPkgContext_CredentialNameW
428
429 typedef struct _SecPkgContext_SubjectAttributes
430 {
431 PVOID AttributeInfo;
432 } SecPkgContext_SubjectAttributes, *PSecPkgContext_SubjectAttributes;
433
434 typedef struct _SecPkgContext_CredInfo
435 {
436 SECPKG_CRED_CLASS CredClass;
437 ULONG IsPromptingNeeded;
438 } SecPkgContext_CredInfo, *PSecPkgContext_CredInfo;
439
440 typedef struct _SecPkgContext_NegoPackageInfo
441 {
442 ULONG PackageMask;
443 } SecPkgContext_NegoPackageInfo, *PSecPkgContext_NegoPackageInfo;
444
445 typedef struct _SecPkgContext_NegoStatus
446 {
447 ULONG LastStatus;
448 } SecPkgContext_NegoStatus, *PSecPkgContext_NegoStatus;
449
450 typedef struct _SecPkgContext_Sizes
451 {
452 ULONG cbMaxToken;
453 ULONG cbMaxSignature;
454 ULONG cbBlockSize;
455 ULONG cbSecurityTrailer;
456 } SecPkgContext_Sizes, *PSecPkgContext_Sizes;
457
458 typedef struct _SecPkgContext_StreamSizes
459 {
460 ULONG cbHeader;
461 ULONG cbTrailer;
462 ULONG cbMaximumMessage;
463 ULONG cBuffers;
464 ULONG cbBlockSize;
465 } SecPkgContext_StreamSizes, *PSecPkgContext_StreamSizes;
466
467 typedef struct _SecPkgContext_Lifespan
468 {
469 TimeStamp tsStart;
470 TimeStamp tsExpiry;
471 } SecPkgContext_Lifespan, *PSecPkgContext_Lifespan;
472
473 typedef struct _SecPkgContext_PasswordExpiry
474 {
475 TimeStamp tsPasswordExpires;
476 } SecPkgContext_PasswordExpiry, *PSecPkgContext_PasswordExpiry;
477
478 typedef struct _SecPkgContext_ProtoInfoW
479 {
480 SEC_WCHAR *sProtocolName;
481 ULONG majorVersion;
482 ULONG minorVersion;
483 } SecPkgContext_ProtoInfoW, *PSecPkgContext_ProtoInfoW;
484 #define SecPkgContext_ProtoInfo SecPkgContext_ProtoInfoW
485 #define PSecPkgContext_ProtoInfo PSecPkgContext_ProtoInfoW
486
487 typedef struct _SecPkgContext_KeyInfoW
488 {
489 SEC_WCHAR *sSignatureAlgorithmName;
490 SEC_WCHAR *sEncryptAlgorithmName;
491 ULONG KeySize;
492 ULONG SignatureAlgorithm;
493 ULONG EncryptAlgorithm;
494 } SecPkgContext_KeyInfoW, *PSecPkgContext_KeyInfoW;
495 #define SecPkgContext_KeyInfo SecPkgContext_KeyInfoW
496 #define PSecPkgContext_KeyInfo PSecPkgContext_KeyInfoW
497
498 typedef struct _SecPkgContext_SessionKey
499 {
500 ULONG SessionKeyLength;
501 _Field_size_bytes_(SessionKeyLength) PUCHAR SessionKey;
502 } SecPkgContext_SessionKey, *PSecPkgContext_SessionKey;
503
504 typedef struct _SecPkgContext_NegoKeys
505 {
506 ULONG KeyType;
507 USHORT KeyLength;
508 _Field_size_bytes_(KeyLength) PUCHAR KeyValue;
509 ULONG VerifyKeyType;
510 USHORT VerifyKeyLength;
511 _Field_size_bytes_(VerifyKeyLength) PUCHAR VerifyKeyValue;
512 } SecPkgContext_NegoKeys, *PSecPkgContext_NegoKeys;
513
514 typedef struct _SecPkgContext_DceInfo
515 {
516 ULONG AuthzSvc;
517 PVOID pPac;
518 } SecPkgContext_DceInfo, *PSecPkgContext_DceInfo;
519
520 typedef struct _SecPkgContext_PackageInfoW
521 {
522 PSecPkgInfoW PackageInfo;
523 } SecPkgContext_PackageInfoW, *PSecPkgContext_PackageInfoW;
524 #define SecPkgContext_PackageInfo SecPkgContext_PackageInfoW
525 #define PSecPkgContext_PackageInfo PSecPkgContext_PackageInfoW
526
527 typedef struct _SecPkgContext_UserFlags
528 {
529 ULONG UserFlags;
530 } SecPkgContext_UserFlags, *PSecPkgContext_UserFlags;
531
532 typedef struct _SecPkgContext_Flags
533 {
534 ULONG Flags;
535 } SecPkgContext_Flags, *PSecPkgContext_Flags;
536
537 typedef struct _SecPkgContext_NegotiationInfoW
538 {
539 PSecPkgInfoW PackageInfo ;
540 ULONG NegotiationState ;
541 } SecPkgContext_NegotiationInfoW, *PSecPkgContext_NegotiationInfoW;
542
543 typedef struct _SecPkgContext_AuthorityW
544 {
545 SEC_WCHAR *sAuthorityName;
546 } SecPkgContext_AuthorityW, *PSecPkgContext_AuthorityW;
547 #define SecPkgContext_Authority SecPkgContext_AuthorityW
548 #define PSecPkgContext_Authority PSecPkgContext_AuthorityW
549
550
551 #if NTDDI_VERSION > NTDDI_WS03
552 typedef struct _SecPkgCredentials_SSIProviderW
553 {
554 SEC_WCHAR *sProviderName;
555 ULONG ProviderInfoLength;
556 PCHAR ProviderInfo;
557 } SecPkgCredentials_SSIProviderW, *PSecPkgCredentials_SSIProviderW;
558 #define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW
559 #define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW
560
561 typedef struct _SecPkgContext_LogoffTime
562 {
563 TimeStamp tsLogoffTime;
564 } SecPkgContext_LogoffTime, *PSecPkgContext_LogoffTime;
565 #endif
566
567 /* forward declaration */
568 typedef struct _SECURITY_FUNCTION_TABLE_W SecurityFunctionTableW, *PSecurityFunctionTableW;
569 #define SecurityFunctionTable SecurityFunctionTableW
570 #define PSecurityFunctionTable PSecurityFunctionTableW
571
572 typedef
573 VOID
574 (SEC_ENTRY * SEC_GET_KEY_FN)(
575 PVOID Arg,
576 PVOID Principal,
577 ULONG KeyVer,
578 PVOID *Key,
579 SECURITY_STATUS *Status);
580
581 KSECDDDECLSPEC
582 SECURITY_STATUS
583 SEC_ENTRY
584 AcceptSecurityContext(
585 _In_opt_ PCredHandle phCredential,
586 _In_opt_ PCtxtHandle phContext,
587 _In_opt_ PSecBufferDesc pInput,
588 _In_ ULONG fContextReq,
589 _In_ ULONG TargetDataRep,
590 _In_opt_ PCtxtHandle phNewContext,
591 _In_opt_ PSecBufferDesc pOutput,
592 _Out_ PULONG pfContextAttr,
593 _Out_opt_ PTimeStamp ptsExpiry);
594
595 typedef
596 SECURITY_STATUS
597 (SEC_ENTRY * ACCEPT_SECURITY_CONTEXT_FN)(
598 PCredHandle,
599 PCtxtHandle,
600 PSecBufferDesc,
601 ULONG,
602 ULONG,
603 PCtxtHandle,
604 PSecBufferDesc,
605 PULONG,
606 PTimeStamp);
607
608 KSECDDDECLSPEC
609 SECURITY_STATUS
610 SEC_ENTRY
611 AcquireCredentialsHandleW(
612 _In_opt_ PSSPI_SEC_STRING pPrincipal,
613 _In_ PSSPI_SEC_STRING pPackage,
614 _In_ ULONG fCredentialUse,
615 _In_opt_ PVOID pvLogonId,
616 _In_opt_ PVOID pAuthData,
617 _In_opt_ SEC_GET_KEY_FN pGetKeyFn,
618 _In_opt_ PVOID pvGetKeyArgument,
619 _Out_ PCredHandle phCredential,
620 _Out_opt_ PTimeStamp ptsExpiry);
621 #define AcquireCredentialsHandle AcquireCredentialsHandleW
622
623 typedef
624 SECURITY_STATUS
625 (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_W)(
626 PSSPI_SEC_STRING,
627 PSSPI_SEC_STRING,
628 ULONG,
629 PVOID,
630 PVOID,
631 SEC_GET_KEY_FN,
632 PVOID,
633 PCredHandle,
634 PTimeStamp);
635 #define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W
636
637 SECURITY_STATUS
638 SEC_ENTRY
639 AddCredentialsA(
640 _In_ PCredHandle hCredentials,
641 _In_opt_ LPSTR pszPrincipal,
642 _In_ LPSTR pszPackage,
643 _In_ ULONG fCredentialUse,
644 _In_opt_ PVOID pAuthData,
645 _In_opt_ SEC_GET_KEY_FN pGetKeyFn,
646 _In_opt_ PVOID pvGetKeyArgument,
647 _Out_opt_ PTimeStamp ptsExpiry);
648
649 typedef
650 SECURITY_STATUS
651 (SEC_ENTRY * ADD_CREDENTIALS_FN_A)(
652 PCredHandle,
653 SEC_CHAR *,
654 SEC_CHAR *,
655 ULONG,
656 PVOID,
657 SEC_GET_KEY_FN,
658 PVOID,
659 PTimeStamp);
660
661 KSECDDDECLSPEC
662 SECURITY_STATUS
663 SEC_ENTRY
664 AddCredentialsW(
665 _In_ PCredHandle hCredentials,
666 _In_opt_ PSSPI_SEC_STRING pPrincipal,
667 _In_ PSSPI_SEC_STRING pPackage,
668 _In_ ULONG fCredentialUse,
669 _In_opt_ PVOID pAuthData,
670 _In_opt_ SEC_GET_KEY_FN pGetKeyFn,
671 _In_opt_ PVOID pvGetKeyArgument,
672 _Out_opt_ PTimeStamp ptsExpiry);
673
674 typedef
675 SECURITY_STATUS
676 (SEC_ENTRY * ADD_CREDENTIALS_FN_W)(
677 PCredHandle,
678 PSSPI_SEC_STRING,
679 PSSPI_SEC_STRING,
680 ULONG,
681 PVOID,
682 SEC_GET_KEY_FN,
683 PVOID,
684 PTimeStamp);
685
686 #ifdef UNICODE
687 #define AddCredentials AddCredentialsW
688 #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W
689 #else
690 #define AddCredentials AddCredentialsA
691 #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A
692 #endif
693
694 KSECDDDECLSPEC
695 SECURITY_STATUS
696 SEC_ENTRY
697 ApplyControlToken(
698 _In_ PCtxtHandle phContext,
699 _In_ PSecBufferDesc pInput);
700
701 typedef
702 SECURITY_STATUS
703 (SEC_ENTRY * APPLY_CONTROL_TOKEN_FN)(
704 PCtxtHandle, PSecBufferDesc);
705
706 #if (ISSP_MODE != 0)
707
708 SECURITY_STATUS
709 SEC_ENTRY
710 ChangeAccountPasswordA(
711 _In_ SEC_CHAR* pszPackageName,
712 _In_ SEC_CHAR* pszDomainName,
713 _In_ SEC_CHAR* pszAccountName,
714 _In_ SEC_CHAR* pszOldPassword,
715 _In_ SEC_CHAR* pszNewPassword,
716 _In_ BOOLEAN bImpersonating,
717 _In_ ULONG dwReserved,
718 _Inout_ PSecBufferDesc pOutput);
719
720 typedef
721 SECURITY_STATUS
722 (SEC_ENTRY * CHANGE_PASSWORD_FN_A)(
723 SEC_CHAR *,
724 SEC_CHAR *,
725 SEC_CHAR *,
726 SEC_CHAR *,
727 SEC_CHAR *,
728 BOOLEAN,
729 ULONG,
730 PSecBufferDesc);
731
732 SECURITY_STATUS
733 SEC_ENTRY
734 ChangeAccountPasswordW(
735 _In_ SEC_WCHAR* pszPackageName,
736 _In_ SEC_WCHAR* pszDomainName,
737 _In_ SEC_WCHAR* pszAccountName,
738 _In_ SEC_WCHAR* pszOldPassword,
739 _In_ SEC_WCHAR* pszNewPassword,
740 _In_ BOOLEAN bImpersonating,
741 _In_ ULONG dwReserved,
742 _Inout_ PSecBufferDesc pOutput);
743
744 typedef
745 SECURITY_STATUS
746 (SEC_ENTRY * CHANGE_PASSWORD_FN_W)(
747 SEC_WCHAR *,
748 SEC_WCHAR *,
749 SEC_WCHAR *,
750 SEC_WCHAR *,
751 SEC_WCHAR *,
752 BOOLEAN,
753 ULONG,
754 PSecBufferDesc);
755
756 #ifdef UNICODE
757 #define ChangeAccountPassword ChangeAccountPasswordW
758 #define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_W
759 #else
760 #define ChangeAccountPassword ChangeAccountPasswordA
761 #define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_A
762 #endif
763
764 #endif /* ISSP_MODE != 0 */
765
766 SECURITY_STATUS
767 SEC_ENTRY
768 CompleteAuthToken(
769 _In_ PCtxtHandle phContext,
770 _In_ PSecBufferDesc pToken);
771
772 typedef
773 SECURITY_STATUS
774 (SEC_ENTRY * COMPLETE_AUTH_TOKEN_FN)(
775 PCtxtHandle,
776 PSecBufferDesc);
777
778 SECURITY_STATUS
779 SEC_ENTRY
780 DecryptMessage(
781 _In_ PCtxtHandle phContext,
782 _Inout_ PSecBufferDesc pMessage,
783 _In_ ULONG MessageSeqNo,
784 _Out_opt_ PULONG pfQOP);
785
786 typedef
787 SECURITY_STATUS
788 (SEC_ENTRY * DECRYPT_MESSAGE_FN)(
789 PCtxtHandle,
790 PSecBufferDesc,
791 ULONG,
792 PULONG);
793
794 KSECDDDECLSPEC
795 SECURITY_STATUS
796 SEC_ENTRY
797 DeleteSecurityContext(
798 _In_ PCtxtHandle phContext);
799
800 typedef
801 SECURITY_STATUS
802 (SEC_ENTRY * DELETE_SECURITY_CONTEXT_FN)(
803 PCtxtHandle);
804
805 SECURITY_STATUS
806 SEC_ENTRY
807 EncryptMessage(
808 _In_ PCtxtHandle phContext,
809 _In_ ULONG fQOP,
810 _Inout_ PSecBufferDesc pMessage,
811 _In_ ULONG MessageSeqNo);
812
813 typedef
814 SECURITY_STATUS
815 (SEC_ENTRY * ENCRYPT_MESSAGE_FN)(
816 PCtxtHandle,
817 ULONG,
818 PSecBufferDesc,
819 ULONG);
820
821 KSECDDDECLSPEC
822 SECURITY_STATUS
823 SEC_ENTRY
824 EnumerateSecurityPackagesW(
825 _Out_ PULONG pcPackages,
826 _Deref_out_ PSecPkgInfoW* ppPackageInfo);
827 #define EnumerateSecurityPackages EnumerateSecurityPackagesW
828
829 typedef
830 SECURITY_STATUS
831 (SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_W)(
832 PULONG,
833 PSecPkgInfoW*);
834 #define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W
835
836 KSECDDDECLSPEC
837 SECURITY_STATUS
838 SEC_ENTRY
839 ExportSecurityContext(
840 _In_ PCtxtHandle phContext,
841 _In_ ULONG fFlags,
842 _Out_ PSecBuffer pPackedContext,
843 _Out_ PVOID* pToken);
844
845 typedef
846 SECURITY_STATUS
847 (SEC_ENTRY * EXPORT_SECURITY_CONTEXT_FN)(
848 PCtxtHandle,
849 ULONG,
850 PSecBuffer,
851 PVOID*);
852
853 SECURITY_STATUS
854 SEC_ENTRY
855 FreeContextBuffer(
856 _Inout_ PVOID pvContextBuffer);
857
858 typedef
859 SECURITY_STATUS
860 (SEC_ENTRY * FREE_CONTEXT_BUFFER_FN)(
861 _Inout_ PVOID);
862
863 KSECDDDECLSPEC
864 SECURITY_STATUS
865 SEC_ENTRY
866 FreeCredentialsHandle(
867 _In_ PCredHandle phCredential);
868
869 typedef
870 SECURITY_STATUS
871 (SEC_ENTRY * FREE_CREDENTIALS_HANDLE_FN)(
872 PCredHandle);
873
874 KSECDDDECLSPEC
875 SECURITY_STATUS
876 SEC_ENTRY
877 ImpersonateSecurityContext(
878 _In_ PCtxtHandle phContext);
879
880 typedef
881 SECURITY_STATUS
882 (SEC_ENTRY * IMPERSONATE_SECURITY_CONTEXT_FN)(
883 PCtxtHandle);
884
885 KSECDDDECLSPEC
886 SECURITY_STATUS
887 SEC_ENTRY
888 ImportSecurityContextW(
889 _In_ PSSPI_SEC_STRING pszPackage,
890 _In_ PSecBuffer pPackedContext,
891 _In_ PVOID Token,
892 _Out_ PCtxtHandle phContext);
893 #define ImportSecurityContext ImportSecurityContextW
894
895 typedef
896 SECURITY_STATUS
897 (SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_W)(
898 PSSPI_SEC_STRING,
899 PSecBuffer,
900 PVOID,
901 PCtxtHandle);
902 #define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W
903
904 KSECDDDECLSPEC
905 SECURITY_STATUS
906 SEC_ENTRY
907 InitializeSecurityContextW(
908 _In_opt_ PCredHandle phCredential,
909 _In_opt_ PCtxtHandle phContext,
910 _In_opt_ PSSPI_SEC_STRING pTargetName,
911 _In_ ULONG fContextReq,
912 _In_ ULONG Reserved1,
913 _In_ ULONG TargetDataRep,
914 _In_opt_ PSecBufferDesc pInput,
915 _In_ ULONG Reserved2,
916 _Inout_opt_ PCtxtHandle phNewContext,
917 _Inout_opt_ PSecBufferDesc pOutput,
918 _Out_ PULONG pfContextAttr,
919 _Out_opt_ PTimeStamp ptsExpiry);
920 #define InitializeSecurityContext InitializeSecurityContextW
921
922 typedef
923 SECURITY_STATUS
924 (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_W)(
925 PCredHandle,
926 PCtxtHandle,
927 PSSPI_SEC_STRING,
928 ULONG,
929 ULONG,
930 ULONG,
931 PSecBufferDesc,
932 ULONG,
933 PCtxtHandle,
934 PSecBufferDesc,
935 PULONG,
936 PTimeStamp);
937 #define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W
938
939 KSECDDDECLSPEC
940 PSecurityFunctionTableW
941 SEC_ENTRY
942 InitSecurityInterfaceW(VOID);
943 #define InitSecurityInterface InitSecurityInterfaceW
944
945 typedef
946 PSecurityFunctionTableW
947 (SEC_ENTRY * INIT_SECURITY_INTERFACE_W)(VOID);
948 #define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W
949
950 KSECDDDECLSPEC
951 SECURITY_STATUS
952 SEC_ENTRY
953 MakeSignature(
954 _In_ PCtxtHandle phContext,
955 _In_ ULONG fQOP,
956 _In_ PSecBufferDesc pMessage,
957 _In_ ULONG MessageSeqNo);
958
959 typedef
960 SECURITY_STATUS
961 (SEC_ENTRY * MAKE_SIGNATURE_FN)(
962 PCtxtHandle,
963 ULONG,
964 PSecBufferDesc,
965 ULONG);
966
967 KSECDDDECLSPEC
968 SECURITY_STATUS
969 SEC_ENTRY
970 QueryContextAttributesW(
971 _In_ PCtxtHandle phContext,
972 _In_ ULONG ulAttribute,
973 _Out_ PVOID pBuffer);
974 #define QueryContextAttributes QueryContextAttributesW
975
976 typedef
977 SECURITY_STATUS
978 (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)(
979 PCtxtHandle,
980 ULONG,
981 PVOID);
982 #define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W
983
984 KSECDDDECLSPEC
985 SECURITY_STATUS
986 SEC_ENTRY
987 QueryCredentialsAttributesW(
988 _In_ PCredHandle phCredential,
989 _In_ ULONG ulAttribute,
990 _Inout_ PVOID pBuffer);
991 #define QueryCredentialsAttributes QueryCredentialsAttributesW
992
993 typedef
994 SECURITY_STATUS
995 (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(
996 PCredHandle,
997 ULONG,
998 PVOID);
999 #define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W
1000
1001 KSECDDDECLSPEC
1002 SECURITY_STATUS
1003 SEC_ENTRY
1004 QuerySecurityContextToken(
1005 _In_ PCtxtHandle phContext,
1006 _Out_ PVOID* Token);
1007
1008 typedef
1009 SECURITY_STATUS
1010 (SEC_ENTRY * QUERY_SECURITY_CONTEXT_TOKEN_FN)(
1011 PCtxtHandle, PVOID *);
1012
1013 KSECDDDECLSPEC
1014 SECURITY_STATUS
1015 SEC_ENTRY
1016 QuerySecurityPackageInfoW(
1017 _In_ PSSPI_SEC_STRING pPackageName,
1018 _Deref_out_ PSecPkgInfoW *ppPackageInfo);
1019 #define QuerySecurityPackageInfo QuerySecurityPackageInfoW
1020
1021 typedef
1022 SECURITY_STATUS
1023 (SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_W)(
1024 PSSPI_SEC_STRING,
1025 PSecPkgInfoW *);
1026 #define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W
1027
1028 KSECDDDECLSPEC
1029 SECURITY_STATUS
1030 SEC_ENTRY
1031 RevertSecurityContext(
1032 _In_ PCtxtHandle phContext);
1033
1034 typedef
1035 SECURITY_STATUS
1036 (SEC_ENTRY * REVERT_SECURITY_CONTEXT_FN)(
1037 PCtxtHandle);
1038
1039 #if (OSVER(NTDDI_VERSION) > NTDDI_WIN2K)
1040 SECURITY_STATUS
1041 SEC_ENTRY
1042 SetContextAttributesW(
1043 _In_ PCtxtHandle phContext,
1044 _In_ ULONG ulAttribute,
1045 _In_bytecount_(cbBuffer) PVOID pBuffer,
1046 _In_ ULONG cbBuffer);
1047 #define SetContextAttributes SetContextAttributesW
1048
1049 typedef
1050 SECURITY_STATUS
1051 (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_W)(
1052 PCtxtHandle,
1053 ULONG,
1054 PVOID,
1055 ULONG);
1056 #define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W
1057 #endif
1058
1059 #if (NTDDI_VERSION > NTDDI_WS03)
1060 KSECDDDECLSPEC
1061 SECURITY_STATUS
1062 SEC_ENTRY
1063 SetCredentialsAttributesW(
1064 _In_ PCredHandle phCredential,
1065 _In_ ULONG ulAttribute,
1066 _In_bytecount_(cbBuffer) PVOID pBuffer,
1067 _In_ ULONG cbBuffer);
1068 #define SetCredentialsAttributes SetCredentialsAttributesW
1069
1070 typedef
1071 SECURITY_STATUS
1072 (SEC_ENTRY * SET_CREDENTIALS_ATTRIBUTES_FN_W)(
1073 PCredHandle,
1074 ULONG,
1075 PVOID,
1076 ULONG);
1077 #define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W
1078 #endif /* NTDDI_VERSION > NTDDI_WS03 */
1079
1080 KSECDDDECLSPEC
1081 SECURITY_STATUS
1082 SEC_ENTRY
1083 VerifySignature(
1084 _In_ PCtxtHandle phContext,
1085 _In_ PSecBufferDesc pMessage,
1086 _In_ ULONG MessageSeqNo,
1087 _Out_ PULONG pfQOP);
1088
1089 typedef
1090 SECURITY_STATUS
1091 (SEC_ENTRY * VERIFY_SIGNATURE_FN)(
1092 PCtxtHandle,
1093 PSecBufferDesc,
1094 ULONG,
1095 PULONG);
1096
1097 #if (ISSP_MODE == 0)
1098
1099 KSECDDDECLSPEC
1100 NTSTATUS
1101 NTAPI
1102 SecMakeSPN(
1103 _In_ PUNICODE_STRING ServiceClass,
1104 _In_ PUNICODE_STRING ServiceName,
1105 _In_opt_ PUNICODE_STRING InstanceName,
1106 _In_opt_ USHORT InstancePort,
1107 _In_opt_ PUNICODE_STRING Referrer,
1108 _Inout_ PUNICODE_STRING Spn,
1109 _Out_opt_ PULONG Length,
1110 _In_ BOOLEAN Allocate);
1111
1112 #if (NTDDI_VERSION >= NTDDI_WINXP)
1113 KSECDDDECLSPEC
1114 NTSTATUS
1115 NTAPI
1116 SecMakeSPNEx(
1117 _In_ PUNICODE_STRING ServiceClass,
1118 _In_ PUNICODE_STRING ServiceName,
1119 _In_opt_ PUNICODE_STRING InstanceName,
1120 _In_opt_ USHORT InstancePort,
1121 _In_opt_ PUNICODE_STRING Referrer,
1122 _In_opt_ PUNICODE_STRING TargetInfo,
1123 _Inout_ PUNICODE_STRING Spn,
1124 _Out_ PULONG Length OPTIONAL,
1125 _In_ BOOLEAN Allocate);
1126
1127 KSECDDDECLSPEC
1128 NTSTATUS
1129 SEC_ENTRY
1130 SecLookupAccountSid(
1131 _In_ PSID Sid,
1132 _Out_ PULONG NameSize,
1133 _Inout_ PUNICODE_STRING NameBuffer,
1134 _Out_ PULONG DomainSize OPTIONAL,
1135 _Out_opt_ PUNICODE_STRING DomainBuffer,
1136 _Out_ PSID_NAME_USE NameUse);
1137
1138 KSECDDDECLSPEC
1139 NTSTATUS
1140 SEC_ENTRY
1141 SecLookupAccountName(
1142 _In_ PUNICODE_STRING Name,
1143 _Inout_ PULONG SidSize,
1144 _Out_ PSID Sid,
1145 _Out_ PSID_NAME_USE NameUse,
1146 _Out_opt_ PULONG DomainSize, // WDK says _Out_ only + ... OPTIONAL
1147 _Inout_opt_ PUNICODE_STRING ReferencedDomain);
1148 #endif
1149
1150 #if (NTDDI_VERSION >= NTDDI_WS03)
1151 KSECDDDECLSPEC
1152 NTSTATUS
1153 SEC_ENTRY
1154 SecLookupWellKnownSid(
1155 _In_ WELL_KNOWN_SID_TYPE SidType,
1156 _Out_ PSID Sid,
1157 _In_ ULONG SidBufferSize,
1158 _Inout_opt_ PULONG SidSize);
1159 #endif
1160
1161 #if (NTDDI_VERSION >= NTDDI_VISTA)
1162 KSECDDDECLSPEC
1163 NTSTATUS
1164 NTAPI
1165 SecMakeSPNEx2(
1166 _In_ PUNICODE_STRING ServiceClass,
1167 _In_ PUNICODE_STRING ServiceName,
1168 _In_opt_ PUNICODE_STRING InstanceName,
1169 _In_opt_ USHORT InstancePort,
1170 _In_opt_ PUNICODE_STRING Referrer,
1171 _In_opt_ PUNICODE_STRING InTargetInfo,
1172 _Inout_ PUNICODE_STRING Spn,
1173 _Out_opt_ PULONG TotalSize,
1174 _In_ BOOLEAN Allocate,
1175 _In_ BOOLEAN IsTargetInfoMarshaled);
1176 #endif
1177
1178 #endif /* ISSP_MODE == 0 */
1179
1180 #if (NTDDI_VERSION >= NTDDI_WIN7)
1181
1182 SECURITY_STATUS
1183 SEC_ENTRY
1184 SspiEncodeAuthIdentityAsStrings(
1185 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE pAuthIdentity,
1186 _Deref_out_opt_ PCWSTR* ppszUserName,
1187 _Deref_out_opt_ PCWSTR* ppszDomainName,
1188 _Deref_opt_out_opt_ PCWSTR* ppszPackedCredentialsString);
1189
1190 SECURITY_STATUS
1191 SEC_ENTRY
1192 SspiValidateAuthIdentity(
1193 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData);
1194
1195 SECURITY_STATUS
1196 SEC_ENTRY
1197 SspiCopyAuthIdentity(
1198 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData,
1199 _Deref_out_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* AuthDataCopy);
1200
1201 VOID
1202 SEC_ENTRY
1203 SspiFreeAuthIdentity(
1204 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData);
1205
1206 VOID
1207 SEC_ENTRY
1208 SspiZeroAuthIdentity(
1209 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData);
1210
1211 VOID
1212 SEC_ENTRY
1213 SspiLocalFree(
1214 _In_opt_ PVOID DataBuffer);
1215
1216 SECURITY_STATUS
1217 SEC_ENTRY
1218 SspiEncodeStringsAsAuthIdentity(
1219 _In_opt_ PCWSTR pszUserName,
1220 _In_opt_ PCWSTR pszDomainName,
1221 _In_opt_ PCWSTR pszPackedCredentialsString,
1222 _Deref_out_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity);
1223
1224 SECURITY_STATUS
1225 SEC_ENTRY
1226 SspiCompareAuthIdentities(
1227 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity1,
1228 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity2,
1229 _Out_opt_ PBOOLEAN SameSuppliedUser,
1230 _Out_opt_ PBOOLEAN SameSuppliedIdentity);
1231
1232 SECURITY_STATUS
1233 SEC_ENTRY
1234 SspiMarshalAuthIdentity(
1235 _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity,
1236 _Out_ PULONG AuthIdentityLength,
1237 _Outptr_result_bytebuffer_(*AuthIdentityLength) PCHAR* AuthIdentityByteArray);
1238
1239 SECURITY_STATUS
1240 SEC_ENTRY
1241 SspiUnmarshalAuthIdentity(
1242 _In_ PULONG AuthIdentityLength,
1243 _In_reads_bytes_(AuthIdentityLength) PCHAR AuthIdentityByteArray,
1244 _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity);
1245
1246 BOOLEAN
1247 SEC_ENTRY
1248 SspiIsPromptingNeeded(
1249 _In_ PULONG ErrorOrNtStatus);
1250
1251 SECURITY_STATUS
1252 SEC_ENTRY
1253 SspiGetTargetHostName(
1254 _In_ PCWSTR pszTargetName,
1255 _Outptr_ PWSTR* pszHostName);
1256
1257 SECURITY_STATUS
1258 SEC_ENTRY
1259 SspiExcludePackage(
1260 _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity,
1261 _In_ PCWSTR pszPackageName,
1262 _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppNewAuthIdentity);
1263
1264 #define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x04
1265 #define SEC_WINNT_AUTH_IDENTITY_ONLY 0x08
1266
1267 #endif /* NTDDI_VERSION >= NTDDI_WIN7 */
1268
1269 #define FreeCredentialHandle FreeCredentialsHandle
1270 struct _SECURITY_FUNCTION_TABLE_W
1271 {
1272 ULONG dwVersion;
1273 ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW;
1274 QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW;
1275 ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW;
1276 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
1277 PVOID Reserved2;
1278 INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW;
1279 ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
1280 COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
1281 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
1282 APPLY_CONTROL_TOKEN_FN ApplyControlToken;
1283 QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW;
1284 IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
1285 REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
1286 MAKE_SIGNATURE_FN MakeSignature;
1287 VERIFY_SIGNATURE_FN VerifySignature;
1288 FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
1289 QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW;
1290 PVOID Reserved3;
1291 PVOID Reserved4;
1292 EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
1293 IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW;
1294 ADD_CREDENTIALS_FN_W AddCredentialsW ;
1295 PVOID Reserved8;
1296 QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
1297 ENCRYPT_MESSAGE_FN EncryptMessage;
1298 DECRYPT_MESSAGE_FN DecryptMessage;
1299 #if OSVER(NTDDI_VERSION) > NTDDI_WIN2K
1300 SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW;
1301 #endif
1302 #if NTDDI_VERSION > NTDDI_WS03SP1
1303 SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW;
1304 #endif
1305 #if ISSP_MODE != 0
1306 CHANGE_PASSWORD_FN_W ChangeAccountPasswordW;
1307 #else
1308 PVOID Reserved9;
1309 #endif
1310 };
1311
1312 #endif /* !__SSPI_H__ */