开通博客赚积分
发布资源赚积分
分类

源码开发语言/平台
当前位置:首页 > 源码/资料 > Windows编程 > 查看源码
SSPI.H
资源名称:MSDN_VC98.zip [点击查看]
上传用户:bangxh
上传日期:2007-01-31
资源大小:42235k
文件大小:49k
源码类别:

Windows编程

开发平台:

Visual C++

SSPI.H:源码内容
  1. //+---------------------------------------------------------------------------
  2. //
  3. //  Microsoft Windows
  4. //  Copyright (C) Microsoft Corporation, 1992-1997.
  5. //
  6. //  File:       sspi.h
  7. //
  8. //  Contents:   Security Support Provider Interface
  9. //              Prototypes and structure definitions
  10. //
  11. //  Functions:  Security Support Provider API
  12. //
  13. //  History:    11-24-93   RichardW   Created
  14. //
  15. //----------------------------------------------------------------------------
  17. #ifndef __SSPI_H__
  18. #define __SSPI_H__
  21. //
  22. // Determine environment:
  23. //
  25. #ifdef SECURITY_WIN32
  26. #define ISSP_LEVEL  32
  27. #define ISSP_MODE   1
  28. #endif // SECURITY_WIN32
  30. #ifdef SECURITY_WIN16
  31. #define ISSP_LEVEL  16
  32. #define ISSP_MODE   1
  33. #endif // SECURITY_WIN16
  35. #ifdef SECURITY_KERNEL
  36. #define ISSP_LEVEL  32
  38. //
  39. // SECURITY_KERNEL trumps SECURITY_WIN32.  Undefine ISSP_MODE so that
  40. // we don't get redefine errors.
  41. //
  42. #ifdef ISSP_MODE
  43. #undef ISSP_MODE
  44. #endif
  45. #define ISSP_MODE   0
  46. #endif // SECURITY_KERNEL
  48. #ifdef SECURITY_OS212
  49. #define ISSP_LEVEL  16
  50. #define ISSP_MODE   1
  51. #endif // SECURITY_OS212
  53. #ifdef SECURITY_DOS
  54. #define ISSP_LEVEL  16
  55. #define ISSP_MODE   1
  56. #endif // SECURITY_DOS
  58. #ifdef SECURITY_MAC
  59. #define ISSP_LEVEL  32
  60. #define ISSP_MODE   1
  61. #endif // SECURITY_MAC
  64. #ifndef ISSP_LEVEL
  65. #error  You must define one of SECURITY_WIN32, SECURITY_WIN16, SECURITY_KERNEL
  66. #error  SECURITY_DOS, SECURITY_MAC or SECURITY_OS212
  67. #endif // !ISSP_LEVEL
  70. //
  71. // Now, define platform specific mappings:
  72. //
  74. #if ISSP_LEVEL == 16
  76. typedef short SECURITY_STATUS;
  77. typedef unsigned short SEC_WCHAR;
  78. typedef char SEC_CHAR;
  79. #define SEC_TEXT(_x_) _x_
  81. #ifdef SECURITY_WIN16
  83. #define SEC_FAR __far
  84. #define SEC_ENTRY __pascal __far __export
  86. #else // SECURITY_WIN16
  88. #define SEC_FAR __far
  89. #define SEC_ENTRY __pascal __far __loadds
  90. #pragma warning(disable:4147)
  92. #endif // SECURITY_WIN16
  94. #elif defined(SECURITY_MAC)  // ISSP_LEVEL == 16
  96. #define SEC_ENTRY
  97. #define SEC_TEXT(_X_) _X_
  98. #define SEC_FAR
  100. typedef unsigned short SEC_WCHAR;
  101. typedef char SEC_CHAR;
  102. typedef long SECURITY_STATUS;
  104. // No Unicode on the Mac
  106. typedef SEC_CHAR SEC_FAR * SECURITY_PSTR;
  107. typedef SEC_CHAR SEC_FAR * SECURITY_PCSTR;
  109. #else // ISSP_LEVEL == 16
  111. //
  112. // For NT-2 and up, wtypes will define HRESULT to be long.
  113. //
  115. // begin_ntifs
  117. typedef WCHAR SEC_WCHAR;
  118. typedef CHAR SEC_CHAR;
  121. typedef LONG SECURITY_STATUS;
  123. #define SEC_TEXT TEXT
  124. #define SEC_FAR
  125. #define SEC_ENTRY __stdcall
  127. // end_ntifs
  129. //
  130. // Decide what a string - 32 bits only since for 16 bits it is clear.
  131. //
  134. #ifdef UNICODE
  135. typedef SEC_WCHAR SEC_FAR * SECURITY_PSTR;
  136. typedef CONST SEC_WCHAR SEC_FAR * SECURITY_PCSTR;
  137. #else // UNICODE
  138. typedef SEC_CHAR SEC_FAR * SECURITY_PSTR;
  139. typedef CONST SEC_CHAR SEC_FAR * SECURITY_PCSTR;
  140. #endif // UNICODE
  143. #endif // ISSP_LEVEL == 16
  145. //
  146. // Equivalent string for rpcrt:
  147. //
  149. #define __SEC_FAR SEC_FAR
  152. //
  153. // Okay, security specific types:
  154. //
  156. // begin_ntifs
  158. typedef struct _SecHandle
  159. {
  160.     unsigned long dwLower;
  161.     unsigned long dwUpper;
  162. } SecHandle, SEC_FAR * PSecHandle;
  164. typedef SecHandle CredHandle;
  165. typedef PSecHandle PCredHandle;
  167. typedef SecHandle CtxtHandle;
  168. typedef PSecHandle PCtxtHandle;
  170. // end_ntifs
  172. #if ISSP_LEVEL == 32
  175. #  ifdef WIN32_CHICAGO
  177. typedef unsigned __int64 QWORD;
  178. typedef QWORD SECURITY_INTEGER, *PSECURITY_INTEGER;
  179. #define SEC_SUCCESS(Status) ((Status) >= 0)
  181. #  elif defined(_NTDEF_) || defined(_WINNT_)
  183. typedef LARGE_INTEGER _SECURITY_INTEGER, SECURITY_INTEGER, *PSECURITY_INTEGER; // ntifs
  185. #  else // _NTDEF_ || _WINNT_
  187. // BUGBUG:  Alignment for axp
  189. typedef struct _SECURITY_INTEGER
  190. {
  191.     unsigned long LowPart;
  192.     long HighPart;
  193. } SECURITY_INTEGER, *PSECURITY_INTEGER;
  195. #  endif // _NTDEF_ || _WINNT_
  197. #  ifndef SECURITY_MAC
  199. typedef SECURITY_INTEGER TimeStamp;                 // ntifs
  200. typedef SECURITY_INTEGER SEC_FAR * PTimeStamp;      // ntifs
  202. #  else // SECURITY_MAC
  203. typedef unsigned long TimeStamp;
  204. typedef unsigned long * PTimeStamp;
  205. #  endif // SECUIRT_MAC
  207. #else // ISSP_LEVEL == 32
  209. typedef unsigned long TimeStamp;
  210. typedef unsigned long SEC_FAR * PTimeStamp;
  211. #  ifdef WIN32_CHICAGO
  212. typedef TimeStamp LARGE_INTEGER;
  213. #endif // WIN32_CHICAGO
  215. #endif // ISSP_LEVEL == 32
  218. //
  219. // If we are in 32 bit mode, define the SECURITY_STRING structure,
  220. // as a clone of the base UNICODE_STRING structure.  This is used
  221. // internally in security components, an as the string interface
  222. // for kernel components (e.g. FSPs)
  223. //
  225. #if ISSP_LEVEL == 32
  226. #  ifndef _NTDEF_
  227. typedef struct _SECURITY_STRING {
  228.     unsigned short      Length;
  229.     unsigned short      MaximumLength;
  230. #    ifdef MIDL_PASS
  231.     [size_is(MaximumLength / 2), length_is(Length / 2)]
  232. #    endif // MIDL_PASS
  233.     unsigned short *    Buffer;
  234. } SECURITY_STRING, * PSECURITY_STRING;
  235. #  else // _NTDEF_
  236. typedef UNICODE_STRING SECURITY_STRING, *PSECURITY_STRING;  // ntifs
  237. #  endif // _NTDEF_
  238. #endif // ISSP_LEVEL == 32
  241. // begin_ntifs
  243. //
  244. // SecPkgInfo structure
  245. //
  246. //  Provides general information about a security provider
  247. //
  249. typedef struct _SecPkgInfoW
  250. {
  251.     unsigned long fCapabilities;        // Capability bitmask
  252.     unsigned short wVersion;            // Version of driver
  253.     unsigned short wRPCID;              // ID for RPC Runtime
  254.     unsigned long cbMaxToken;           // Size of authentication token (max)
  255. #ifdef MIDL_PASS
  256.     [string]
  257. #endif
  258.     SEC_WCHAR SEC_FAR * Name;           // Text name
  260. #ifdef MIDL_PASS
  261.     [string]
  262. #endif
  263.     SEC_WCHAR SEC_FAR * Comment;        // Comment
  264. } SecPkgInfoW, SEC_FAR * PSecPkgInfoW;
  266. // end_ntifs
  268. typedef struct _SecPkgInfoA
  269. {
  270.     unsigned long fCapabilities;        // Capability bitmask
  271.     unsigned short wVersion;            // Version of driver
  272.     unsigned short wRPCID;              // ID for RPC Runtime
  273.     unsigned long cbMaxToken;           // Size of authentication token (max)
  274. #ifdef MIDL_PASS
  275.     [string]
  276. #endif
  277.     SEC_CHAR SEC_FAR * Name;            // Text name
  279. #ifdef MIDL_PASS
  280.     [string]
  281. #endif
  282.     SEC_CHAR SEC_FAR * Comment;         // Comment
  283. } SecPkgInfoA, SEC_FAR * PSecPkgInfoA;
  285. #ifdef UNICODE
  286. #  define SecPkgInfo SecPkgInfoW        // ntifs
  287. #  define PSecPkgInfo PSecPkgInfoW      // ntifs
  288. #else
  289. #  define SecPkgInfo SecPkgInfoA
  290. #  define PSecPkgInfo PSecPkgInfoA
  291. #endif // !UNICODE
  293. // begin_ntifs
  295. //
  296. //  Security Package Capabilities
  297. //
  298. #define SECPKG_FLAG_INTEGRITY       0x00000001  // Supports integrity on messages
  299. #define SECPKG_FLAG_PRIVACY         0x00000002  // Supports privacy (confidentiality)
  300. #define SECPKG_FLAG_TOKEN_ONLY      0x00000004  // Only security token needed
  301. #define SECPKG_FLAG_DATAGRAM        0x00000008  // Datagram RPC support
  302. #define SECPKG_FLAG_CONNECTION      0x00000010  // Connection oriented RPC support
  303. #define SECPKG_FLAG_MULTI_REQUIRED  0x00000020  // Full 3-leg required for re-auth.
  304. #define SECPKG_FLAG_CLIENT_ONLY     0x00000040  // Server side functionality not available
  305. #define SECPKG_FLAG_EXTENDED_ERROR  0x00000080  // Supports extended error msgs
  306. #define SECPKG_FLAG_IMPERSONATION   0x00000100  // Supports impersonation
  307. #define SECPKG_FLAG_ACCEPT_WIN32_NAME   0x00000200  // Accepts Win32 names
  308. #define SECPKG_FLAG_STREAM          0x00000400  // Supports stream semantics
  309. #define SECPKG_FLAG_NEGOTIABLE      0x00000800  // Can be used by the negotiate package
  310. #define SECPKG_FLAG_GSS_COMPATIBLE  0x00001000  // GSS Compatibility Available
  311. #define SECPKG_FLAG_LOGON           0x00002000  // Supports common LsaLogonUser
  314. #define SECPKG_ID_NONE      0xFFFF
  317. //
  318. // SecBuffer
  319. //
  320. //  Generic memory descriptors for buffers passed in to the security
  321. //  API
  322. //
  324. typedef struct _SecBuffer {
  325.     unsigned long cbBuffer;             // Size of the buffer, in bytes
  326.     unsigned long BufferType;           // Type of the buffer (below)
  327.     void SEC_FAR * pvBuffer;            // Pointer to the buffer
  328. } SecBuffer, SEC_FAR * PSecBuffer;
  330. typedef struct _SecBufferDesc {
  331.     unsigned long ulVersion;            // Version number
  332.     unsigned long cBuffers;             // Number of buffers
  333. #ifdef MIDL_PASS
  334.     [size_is(cBuffers)]
  335. #endif
  336.     PSecBuffer pBuffers;                // Pointer to array of buffers
  337. } SecBufferDesc, SEC_FAR * PSecBufferDesc;
  339. #define SECBUFFER_VERSION           0
  341. #define SECBUFFER_EMPTY             0   // Undefined, replaced by provider
  342. #define SECBUFFER_DATA              1   // Packet data
  343. #define SECBUFFER_TOKEN             2   // Security token
  344. #define SECBUFFER_PKG_PARAMS        3   // Package specific parameters
  345. #define SECBUFFER_MISSING           4   // Missing Data indicator
  346. #define SECBUFFER_EXTRA             5   // Extra data
  347. #define SECBUFFER_STREAM_TRAILER    6   // Security Trailer
  348. #define SECBUFFER_STREAM_HEADER     7   // Security Header
  349. #define SECBUFFER_NEGOTIATION_INFO  8   // Hints from the negotiation pkg
  351. #define SECBUFFER_ATTRMASK          0xF0000000
  352. #define SECBUFFER_READONLY          0x80000000  // Buffer is read-only
  353. #define SECBUFFER_RESERVED          0x40000000
  355. typedef struct _SEC_NEGOTIATION_INFO {
  356.     unsigned long       Size;           // Size of this structure
  357.     unsigned long       NameLength;     // Length of name hint
  358.     SEC_WCHAR SEC_FAR * Name;           // Name hint
  359.     void SEC_FAR *      Reserved;       // Reserved
  360. } SEC_NEGOTIATION_INFO, SEC_FAR * PSEC_NEGOTIATION_INFO ;
  362. //
  363. //  Data Representation Constant:
  364. //
  365. #define SECURITY_NATIVE_DREP        0x00000010
  366. #define SECURITY_NETWORK_DREP       0x00000000
  368. //
  369. //  Credential Use Flags
  370. //
  371. #define SECPKG_CRED_INBOUND         0x00000001
  372. #define SECPKG_CRED_OUTBOUND        0x00000002
  373. #define SECPKG_CRED_BOTH            0x00000003
  375. //
  376. //  InitializeSecurityContext Requirement and return flags:
  377. //
  379. #define ISC_REQ_DELEGATE                0x00000001
  380. #define ISC_REQ_MUTUAL_AUTH             0x00000002
  381. #define ISC_REQ_REPLAY_DETECT           0x00000004
  382. #define ISC_REQ_SEQUENCE_DETECT         0x00000008
  383. #define ISC_REQ_CONFIDENTIALITY         0x00000010
  384. #define ISC_REQ_USE_SESSION_KEY         0x00000020
  385. #define ISC_REQ_PROMPT_FOR_CREDS        0x00000040
  386. #define ISC_REQ_USE_SUPPLIED_CREDS      0x00000080
  387. #define ISC_REQ_ALLOCATE_MEMORY         0x00000100
  388. #define ISC_REQ_USE_DCE_STYLE           0x00000200
  389. #define ISC_REQ_DATAGRAM                0x00000400
  390. #define ISC_REQ_CONNECTION              0x00000800
  391. #define ISC_REQ_CALL_LEVEL              0x00001000
  392. #define ISC_REQ_EXTENDED_ERROR          0x00004000
  393. #define ISC_REQ_STREAM                  0x00008000
  394. #define ISC_REQ_INTEGRITY               0x00010000
  395. #define ISC_REQ_IDENTIFY                0x00020000
  396. #define ISC_REQ_NULL_SESSION            0x00040000
  398. #define ISC_RET_DELEGATE                0x00000001
  399. #define ISC_RET_MUTUAL_AUTH             0x00000002
  400. #define ISC_RET_REPLAY_DETECT           0x00000004
  401. #define ISC_RET_SEQUENCE_DETECT         0x00000008
  402. #define ISC_RET_CONFIDENTIALITY         0x00000010
  403. #define ISC_RET_USE_SESSION_KEY         0x00000020
  404. #define ISC_RET_USED_COLLECTED_CREDS    0x00000040
  405. #define ISC_RET_USED_SUPPLIED_CREDS     0x00000080
  406. #define ISC_RET_ALLOCATED_MEMORY        0x00000100
  407. #define ISC_RET_USED_DCE_STYLE          0x00000200
  408. #define ISC_RET_DATAGRAM                0x00000400
  409. #define ISC_RET_CONNECTION              0x00000800
  410. #define ISC_RET_INTERMEDIATE_RETURN     0x00001000
  411. #define ISC_RET_CALL_LEVEL              0x00002000
  412. #define ISC_RET_EXTENDED_ERROR          0x00004000
  413. #define ISC_RET_STREAM                  0x00008000
  414. #define ISC_RET_INTEGRITY               0x00010000
  415. #define ISC_RET_IDENTIFY                0x00020000
  416. #define ISC_RET_NULL_SESSION            0x00040000
  418. #define ASC_REQ_DELEGATE                0x00000001
  419. #define ASC_REQ_MUTUAL_AUTH             0x00000002
  420. #define ASC_REQ_REPLAY_DETECT           0x00000004
  421. #define ASC_REQ_SEQUENCE_DETECT         0x00000008
  422. #define ASC_REQ_CONFIDENTIALITY         0x00000010
  423. #define ASC_REQ_USE_SESSION_KEY         0x00000020
  424. #define ASC_REQ_ALLOCATE_MEMORY         0x00000100
  425. #define ASC_REQ_USE_DCE_STYLE           0x00000200
  426. #define ASC_REQ_DATAGRAM                0x00000400
  427. #define ASC_REQ_CONNECTION              0x00000800
  428. #define ASC_REQ_CALL_LEVEL              0x00001000
  429. #define ASC_REQ_EXTENDED_ERROR          0x00008000
  430. #define ASC_REQ_STREAM                  0x00010000
  431. #define ASC_REQ_INTEGRITY               0x00020000
  432. #define ASC_REQ_LICENSING               0x00040000
  433. #define ASC_REQ_IDENTIFY                0x00080000
  434. #define ASC_REQ_ALLOW_NULL_SESSION      0x00100000
  436. #define ASC_RET_DELEGATE                0x00000001
  437. #define ASC_RET_MUTUAL_AUTH             0x00000002
  438. #define ASC_RET_REPLAY_DETECT           0x00000004
  439. #define ASC_RET_SEQUENCE_DETECT         0x00000008
  440. #define ASC_RET_CONFIDENTIALITY         0x00000010
  441. #define ASC_RET_USE_SESSION_KEY         0x00000020
  442. #define ASC_RET_ALLOCATED_MEMORY        0x00000100
  443. #define ASC_RET_USED_DCE_STYLE          0x00000200
  444. #define ASC_RET_DATAGRAM                0x00000400
  445. #define ASC_RET_CONNECTION              0x00000800
  446. #define ASC_RET_CALL_LEVEL              0x00002000 // skipped 1000 to be like ISC_
  447. #define ASC_RET_THIRD_LEG_FAILED        0x00004000
  448. #define ASC_RET_EXTENDED_ERROR          0x00008000
  449. #define ASC_RET_STREAM                  0x00010000
  450. #define ASC_RET_INTEGRITY               0x00020000
  451. #define ASC_RET_LICENSING               0x00040000
  452. #define ASC_RET_IDENTIFY                0x00080000
  453. #define ASC_RET_NULL_SESSION            0x00100000
  455. //
  456. //  Security Credentials Attributes:
  457. //
  459. #define SECPKG_CRED_ATTR_NAMES 1
  461. typedef struct _SecPkgCredentials_NamesW
  462. {
  463.     SEC_WCHAR SEC_FAR * sUserName;
  464. } SecPkgCredentials_NamesW, SEC_FAR * PSecPkgCredentials_NamesW;
  466. // end_ntifs
  468. typedef struct _SecPkgCredentials_NamesA
  469. {
  470.     SEC_CHAR SEC_FAR * sUserName;
  471. } SecPkgCredentials_NamesA, SEC_FAR * PSecPkgCredentials_NamesA;
  473. #ifdef UNICODE
  474. #  define SecPkgCredentials_Names SecPkgCredentials_NamesW      // ntifs
  475. #  define PSecPkgCredentials_Names PSecPkgCredentials_NamesW    // ntifs
  476. #else
  477. #  define SecPkgCredentials_Names SecPkgCredentials_NamesA
  478. #  define PSecPkgCredentials_Names PSecPkgCredentials_NamesA
  479. #endif // !UNICODE
  481. // begin_ntifs
  483. //
  484. //  Security Context Attributes:
  485. //
  487. #define SECPKG_ATTR_SIZES           0
  488. #define SECPKG_ATTR_NAMES           1
  489. #define SECPKG_ATTR_LIFESPAN        2
  490. #define SECPKG_ATTR_DCE_INFO        3
  491. #define SECPKG_ATTR_STREAM_SIZES    4
  492. #define SECPKG_ATTR_KEY_INFO        5
  493. #define SECPKG_ATTR_AUTHORITY       6
  494. #define SECPKG_ATTR_PROTO_INFO      7
  495. #define SECPKG_ATTR_PASSWORD_EXPIRY 8
  496. #define SECPKG_ATTR_SESSION_KEY     9
  497. #define SECPKG_ATTR_PACKAGE_INFO    10
  499. typedef struct _SecPkgContext_Sizes
  500. {
  501.     unsigned long cbMaxToken;
  502.     unsigned long cbMaxSignature;
  503.     unsigned long cbBlockSize;
  504.     unsigned long cbSecurityTrailer;
  505. } SecPkgContext_Sizes, SEC_FAR * PSecPkgContext_Sizes;
  507. typedef struct _SecPkgContext_StreamSizes
  508. {
  509.     unsigned long   cbHeader;
  510.     unsigned long   cbTrailer;
  511.     unsigned long   cbMaximumMessage;
  512.     unsigned long   cBuffers;
  513.     unsigned long   cbBlockSize;
  514. } SecPkgContext_StreamSizes, * PSecPkgContext_StreamSizes;
  516. typedef struct _SecPkgContext_NamesW
  517. {
  518.     SEC_WCHAR SEC_FAR * sUserName;
  519. } SecPkgContext_NamesW, SEC_FAR * PSecPkgContext_NamesW;
  521. // end_ntifs
  523. typedef struct _SecPkgContext_NamesA
  524. {
  525.     SEC_CHAR SEC_FAR * sUserName;
  526. } SecPkgContext_NamesA, SEC_FAR * PSecPkgContext_NamesA;
  528. #ifdef UNICODE
  529. #  define SecPkgContext_Names SecPkgContext_NamesW          // ntifs
  530. #  define PSecPkgContext_Names PSecPkgContext_NamesW        // ntifs
  531. #else
  532. #  define SecPkgContext_Names SecPkgContext_NamesA
  533. #  define PSecPkgContext_Names PSecPkgContext_NamesA
  534. #endif // !UNICODE
  536. // begin_ntifs
  538. typedef struct _SecPkgContext_Lifespan
  539. {
  540.     TimeStamp tsStart;
  541.     TimeStamp tsExpiry;
  542. } SecPkgContext_Lifespan, SEC_FAR * PSecPkgContext_Lifespan;
  544. typedef struct _SecPkgContext_DceInfo
  545. {
  546.     unsigned long AuthzSvc;
  547.     void SEC_FAR * pPac;
  548. } SecPkgContext_DceInfo, SEC_FAR * PSecPkgContext_DceInfo;
  550. // end_ntifs
  552. typedef struct _SecPkgContext_KeyInfoA
  553. {
  554.     SEC_CHAR SEC_FAR *  sSignatureAlgorithmName;
  555.     SEC_CHAR SEC_FAR *  sEncryptAlgorithmName;
  556.     unsigned long       KeySize;
  557.     unsigned long       SignatureAlgorithm;
  558.     unsigned long       EncryptAlgorithm;
  559. } SecPkgContext_KeyInfoA, SEC_FAR * PSecPkgContext_KeyInfoA;
  561. // begin_ntifs
  563. typedef struct _SecPkgContext_KeyInfoW
  564. {
  565.     SEC_WCHAR SEC_FAR * sSignatureAlgorithmName;
  566.     SEC_WCHAR SEC_FAR * sEncryptAlgorithmName;
  567.     unsigned long       KeySize;
  568.     unsigned long       SignatureAlgorithm;
  569.     unsigned long       EncryptAlgorithm;
  570. } SecPkgContext_KeyInfoW, SEC_FAR * PSecPkgContext_KeyInfoW;
  572. // end_ntifs
  574. #ifdef UNICODE
  575. #define SecPkgContext_KeyInfo   SecPkgContext_KeyInfoW      // ntifs
  576. #define PSecPkgContext_KeyInfo  PSecPkgContext_KeyInfoW     // ntifs
  577. #else
  578. #define SecPkgContext_KeyInfo   SecPkgContext_KeyInfoA
  579. #define PSecPkgContext_KeyInfo  PSecPkgContext_KeyInfoA
  580. #endif
  582. typedef struct _SecPkgContext_AuthorityA
  583. {
  584.     SEC_CHAR SEC_FAR *  sAuthorityName;
  585. } SecPkgContext_AuthorityA, * PSecPkgContext_AuthorityA;
  587. // begin_ntifs
  589. typedef struct _SecPkgContext_AuthorityW
  590. {
  591.     SEC_WCHAR SEC_FAR * sAuthorityName;
  592. } SecPkgContext_AuthorityW, * PSecPkgContext_AuthorityW;
  594. // end_ntifs
  596. #ifdef UNICODE
  597. #define SecPkgContext_Authority SecPkgContext_AuthorityW        // ntifs
  598. #define PSecPkgContext_Authority    PSecPkgContext_AuthorityW   // ntifs
  599. #else
  600. #define SecPkgContext_Authority SecPkgContext_AuthorityA
  601. #define PSecPkgContext_Authority    PSecPkgContext_AuthorityA
  602. #endif
  604. typedef struct _SecPkgContext_ProtoInfoA
  605. {
  606.     SEC_CHAR SEC_FAR *  sProtocolName;
  607.     unsigned long       majorVersion;
  608.     unsigned long       minorVersion;
  609. } SecPkgContext_ProtoInfoA, SEC_FAR * PSecPkgContext_ProtoInfoA;
  611. // begin_ntifs
  613. typedef struct _SecPkgContext_ProtoInfoW
  614. {
  615.     SEC_WCHAR SEC_FAR * sProtocolName;
  616.     unsigned long       majorVersion;
  617.     unsigned long       minorVersion;
  618. } SecPkgContext_ProtoInfoW, SEC_FAR * PSecPkgContext_ProtoInfoW;
  620. // end_ntifs
  622. #ifdef UNICODE
  623. #define SecPkgContext_ProtoInfo   SecPkgContext_ProtoInfoW      // ntifs
  624. #define PSecPkgContext_ProtoInfo  PSecPkgContext_ProtoInfoW     // ntifs
  625. #else
  626. #define SecPkgContext_ProtoInfo   SecPkgContext_ProtoInfoA
  627. #define PSecPkgContext_ProtoInfo  PSecPkgContext_ProtoInfoA
  628. #endif
  630. // begin_ntifs
  632. typedef struct _SecPkgContext_PasswordExpiry
  633. {
  634.     TimeStamp tsPasswordExpires;
  635. } SecPkgContext_PasswordExpiry, SEC_FAR * PSecPkgContext_PasswordExpiry;
  637. typedef struct _SecPkgContext_SessionKey
  638. {
  639.     unsigned long SessionKeyLength;
  640.     unsigned char SEC_FAR * SessionKey;
  641. } SecPkgContext_SessionKey, *PSecPkgContext_SessionKey;
  643. // end_ntifs
  644. // begin_ntifs
  647. typedef struct _SecPkgContext_PackageInfoW
  648. {
  649.     PSecPkgInfoW PackageInfo;
  650. } SecPkgContext_PackageInfoW, SEC_FAR * PSecPkgContext_PackageInfoW;
  652. // end_ntifs
  654. typedef struct _SecPkgContext_PackageInfoA
  655. {
  656.     PSecPkgInfoA PackageInfo;
  657. } SecPkgContext_PackageInfoA, SEC_FAR * PSecPkgContext_PackageInfoA;
  660. #ifdef UNICODE
  661. #define SecPkgContext_PackageInfo   SecPkgContext_PackageInfoW      // ntifs
  662. #define PSecPkgContext_PackageInfo  PSecPkgContext_PackageInfoW     // ntifs
  663. #else
  664. #define SecPkgContext_PackageInfo   SecPkgContext_PackageInfoA
  665. #define PSecPkgContext_PackageInfo  PSecPkgContext_PackageInfoA
  666. #endif
  668. // begin_ntifs
  670. typedef void
  671. (SEC_ENTRY SEC_FAR * SEC_GET_KEY_FN) (
  672.     void SEC_FAR * Arg,                 // Argument passed in
  673.     void SEC_FAR * Principal,           // Principal ID
  674.     unsigned long KeyVer,               // Key Version
  675.     void SEC_FAR * SEC_FAR * Key,       // Returned ptr to key
  676.     SECURITY_STATUS SEC_FAR * Status    // returned status
  677.     );
  679. //
  680. // Flags for ExportSecurityContext
  681. //
  683. #define SECPKG_CONTEXT_EXPORT_RESET_NEW         0x00000001      // New context is reset to initial state
  684. #define SECPKG_CONTEXT_EXPORT_DELETE_OLD        0x00000002      // Old context is deleted during export
  687. SECURITY_STATUS SEC_ENTRY
  688. AcquireCredentialsHandleW(
  689. #if ISSP_MODE == 0                      // For Kernel mode
  690.     PSECURITY_STRING pPrincipal,
  691.     PSECURITY_STRING pPackage,
  692. #else
  693.     SEC_WCHAR SEC_FAR * pszPrincipal,   // Name of principal
  694.     SEC_WCHAR SEC_FAR * pszPackage,     // Name of package
  695. #endif
  696.     unsigned long fCredentialUse,       // Flags indicating use
  697.     void SEC_FAR * pvLogonId,           // Pointer to logon ID
  698.     void SEC_FAR * pAuthData,           // Package specific data
  699.     SEC_GET_KEY_FN pGetKeyFn,           // Pointer to GetKey() func
  700.     void SEC_FAR * pvGetKeyArgument,    // Value to pass to GetKey()
  701.     PCredHandle phCredential,           // (out) Cred Handle
  702.     PTimeStamp ptsExpiry                // (out) Lifetime (optional)
  703.     );
  705. typedef SECURITY_STATUS
  706. (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_W)(
  707. #if ISSP_MODE == 0
  708.     PSECURITY_STRING,
  709.     PSECURITY_STRING,
  710. #else
  711.     SEC_WCHAR SEC_FAR *,
  712.     SEC_WCHAR SEC_FAR *,
  713. #endif
  714.     unsigned long,
  715.     void SEC_FAR *,
  716.     void SEC_FAR *,
  717.     SEC_GET_KEY_FN,
  718.     void SEC_FAR *,
  719.     PCredHandle,
  720.     PTimeStamp);
  722. // end_ntifs
  724. SECURITY_STATUS SEC_ENTRY
  725. AcquireCredentialsHandleA(
  726.     SEC_CHAR SEC_FAR * pszPrincipal,    // Name of principal
  727.     SEC_CHAR SEC_FAR * pszPackage,      // Name of package
  728.     unsigned long fCredentialUse,       // Flags indicating use
  729.     void SEC_FAR * pvLogonId,           // Pointer to logon ID
  730.     void SEC_FAR * pAuthData,           // Package specific data
  731.     SEC_GET_KEY_FN pGetKeyFn,           // Pointer to GetKey() func
  732.     void SEC_FAR * pvGetKeyArgument,    // Value to pass to GetKey()
  733.     PCredHandle phCredential,           // (out) Cred Handle
  734.     PTimeStamp ptsExpiry                // (out) Lifetime (optional)
  735.     );
  737. typedef SECURITY_STATUS
  738. (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_A)(
  739.     SEC_CHAR SEC_FAR *,
  740.     SEC_CHAR SEC_FAR *,
  741.     unsigned long,
  742.     void SEC_FAR *,
  743.     void SEC_FAR *,
  744.     SEC_GET_KEY_FN,
  745.     void SEC_FAR *,
  746.     PCredHandle,
  747.     PTimeStamp);
  749. #ifdef UNICODE
  750. #  define AcquireCredentialsHandle AcquireCredentialsHandleW            // ntifs
  751. #  define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W // ntifs
  752. #else
  753. #  define AcquireCredentialsHandle AcquireCredentialsHandleA
  754. #  define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_A
  755. #endif // !UNICODE
  757. // begin_ntifs
  759. SECURITY_STATUS SEC_ENTRY
  760. FreeCredentialsHandle(
  761.     PCredHandle phCredential            // Handle to free
  762.     );
  764. typedef SECURITY_STATUS
  765. (SEC_ENTRY * FREE_CREDENTIALS_HANDLE_FN)(
  766.     PCredHandle );
  768. #ifdef WIN32_CHICAGO
  769. SECURITY_STATUS SEC_ENTRY
  770. SspiLogonUserW(
  771.     SEC_WCHAR SEC_FAR * pszPackage,     // Name of package
  772.     SEC_WCHAR SEC_FAR * pszUserName,     // Name of package
  773.     SEC_WCHAR SEC_FAR * pszDomainName,     // Name of package
  774.     SEC_WCHAR SEC_FAR * pszPassword      // Name of package
  775.     );
  777. typedef SECURITY_STATUS
  778. (SEC_ENTRY * SSPI_LOGON_USER_FN_W)(
  779.     SEC_CHAR SEC_FAR *,
  780.     SEC_CHAR SEC_FAR *,
  781.     SEC_CHAR SEC_FAR *,
  782.     SEC_CHAR SEC_FAR *);
  784. SECURITY_STATUS SEC_ENTRY
  785. SspiLogonUserA(
  786.     SEC_CHAR SEC_FAR * pszPackage,     // Name of package
  787.     SEC_CHAR SEC_FAR * pszUserName,     // Name of package
  788.     SEC_CHAR SEC_FAR * pszDomainName,     // Name of package
  789.     SEC_CHAR SEC_FAR * pszPassword      // Name of package
  790.     );
  792. typedef SECURITY_STATUS
  793. (SEC_ENTRY * SSPI_LOGON_USER_FN_A)(
  794.     SEC_CHAR SEC_FAR *,
  795.     SEC_CHAR SEC_FAR *,
  796.     SEC_CHAR SEC_FAR *,
  797.     SEC_CHAR SEC_FAR *);
  799. #ifdef UNICODE
  800. #define SspiLogonUser SspiLogonUserW            // ntifs
  801. #define SSPI_LOGON_USER_FN SSPI_LOGON_USER_FN_W
  802. #else
  803. #define SspiLogonUser SspiLogonUserA
  804. #define SSPI_LOGON_USER_FN SSPI_LOGON_USER_FN_A
  805. #endif // !UNICODE
  806. #endif // WIN32_CHICAGO
  808. // end_ntifs
  810. // begin_ntifs
  812. ////////////////////////////////////////////////////////////////////////
  813. ///
  814. /// Context Management Functions
  815. ///
  816. ////////////////////////////////////////////////////////////////////////
  818. SECURITY_STATUS SEC_ENTRY
  819. InitializeSecurityContextW(
  820.     PCredHandle phCredential,               // Cred to base context
  821.     PCtxtHandle phContext,                  // Existing context (OPT)
  822. #if ISSP_MODE == 0
  823.     PSECURITY_STRING pTargetName,
  824. #else
  825.     SEC_WCHAR SEC_FAR * pszTargetName,      // Name of target
  826. #endif
  827.     unsigned long fContextReq,              // Context Requirements
  828.     unsigned long Reserved1,                // Reserved, MBZ
  829.     unsigned long TargetDataRep,            // Data rep of target
  830.     PSecBufferDesc pInput,                  // Input Buffers
  831.     unsigned long Reserved2,                // Reserved, MBZ
  832.     PCtxtHandle phNewContext,               // (out) New Context handle
  833.     PSecBufferDesc pOutput,                 // (inout) Output Buffers
  834.     unsigned long SEC_FAR * pfContextAttr,  // (out) Context attrs
  835.     PTimeStamp ptsExpiry                    // (out) Life span (OPT)
  836.     );
  838. typedef SECURITY_STATUS
  839. (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_W)(
  840.     PCredHandle,
  841.     PCtxtHandle,
  842. #if ISSP_MODE == 0
  843.     PSECURITY_STRING,
  844. #else
  845.     SEC_WCHAR SEC_FAR *,
  846. #endif
  847.     unsigned long,
  848.     unsigned long,
  849.     unsigned long,
  850.     PSecBufferDesc,
  851.     unsigned long,
  852.     PCtxtHandle,
  853.     PSecBufferDesc,
  854.     unsigned long SEC_FAR *,
  855.     PTimeStamp);
  857. // end_ntifs
  859. SECURITY_STATUS SEC_ENTRY
  860. InitializeSecurityContextA(
  861.     PCredHandle phCredential,               // Cred to base context
  862.     PCtxtHandle phContext,                  // Existing context (OPT)
  863.     SEC_CHAR SEC_FAR * pszTargetName,       // Name of target
  864.     unsigned long fContextReq,              // Context Requirements
  865.     unsigned long Reserved1,                // Reserved, MBZ
  866.     unsigned long TargetDataRep,            // Data rep of target
  867.     PSecBufferDesc pInput,                  // Input Buffers
  868.     unsigned long Reserved2,                // Reserved, MBZ
  869.     PCtxtHandle phNewContext,               // (out) New Context handle
  870.     PSecBufferDesc pOutput,                 // (inout) Output Buffers
  871.     unsigned long SEC_FAR * pfContextAttr,  // (out) Context attrs
  872.     PTimeStamp ptsExpiry                    // (out) Life span (OPT)
  873.     );
  875. typedef SECURITY_STATUS
  876. (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_A)(
  877.     PCredHandle,
  878.     PCtxtHandle,
  879.     SEC_CHAR SEC_FAR *,
  880.     unsigned long,
  881.     unsigned long,
  882.     unsigned long,
  883.     PSecBufferDesc,
  884.     unsigned long,
  885.     PCtxtHandle,
  886.     PSecBufferDesc,
  887.     unsigned long SEC_FAR *,
  888.     PTimeStamp);
  890. #ifdef UNICODE
  891. #  define InitializeSecurityContext InitializeSecurityContextW              // ntifs
  892. #  define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W   // ntifs
  893. #else
  894. #  define InitializeSecurityContext InitializeSecurityContextA
  895. #  define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_A
  896. #endif // !UNICODE
  898. // begin_ntifs
  900. SECURITY_STATUS SEC_ENTRY
  901. AcceptSecurityContext(
  902.     PCredHandle phCredential,               // Cred to base context
  903.     PCtxtHandle phContext,                  // Existing context (OPT)
  904.     PSecBufferDesc pInput,                  // Input buffer
  905.     unsigned long fContextReq,              // Context Requirements
  906.     unsigned long TargetDataRep,            // Target Data Rep
  907.     PCtxtHandle phNewContext,               // (out) New context handle
  908.     PSecBufferDesc pOutput,                 // (inout) Output buffers
  909.     unsigned long SEC_FAR * pfContextAttr,  // (out) Context attributes
  910.     PTimeStamp ptsExpiry                    // (out) Life span (OPT)
  911.     );
  913. typedef SECURITY_STATUS
  914. (SEC_ENTRY * ACCEPT_SECURITY_CONTEXT_FN)(
  915.     PCredHandle,
  916.     PCtxtHandle,
  917.     PSecBufferDesc,
  918.     unsigned long,
  919.     unsigned long,
  920.     PCtxtHandle,
  921.     PSecBufferDesc,
  922.     unsigned long SEC_FAR *,
  923.     PTimeStamp);
  927. SECURITY_STATUS SEC_ENTRY
  928. CompleteAuthToken(
  929.     PCtxtHandle phContext,              // Context to complete
  930.     PSecBufferDesc pToken               // Token to complete
  931.     );
  933. typedef SECURITY_STATUS
  934. (SEC_ENTRY * COMPLETE_AUTH_TOKEN_FN)(
  935.     PCtxtHandle,
  936.     PSecBufferDesc);
  939. SECURITY_STATUS SEC_ENTRY
  940. ImpersonateSecurityContext(
  941.     PCtxtHandle phContext               // Context to impersonate
  942.     );
  944. typedef SECURITY_STATUS
  945. (SEC_ENTRY * IMPERSONATE_SECURITY_CONTEXT_FN)(
  946.     PCtxtHandle);
  950. SECURITY_STATUS SEC_ENTRY
  951. RevertSecurityContext(
  952.     PCtxtHandle phContext               // Context from which to re
  953.     );
  955. typedef SECURITY_STATUS
  956. (SEC_ENTRY * REVERT_SECURITY_CONTEXT_FN)(
  957.     PCtxtHandle);
  960. SECURITY_STATUS SEC_ENTRY
  961. QuerySecurityContextToken(
  962.     PCtxtHandle phContext,
  963.     void SEC_FAR * SEC_FAR * Token
  964.     );
  966. typedef SECURITY_STATUS
  967. (SEC_ENTRY * QUERY_SECURITY_CONTEXT_TOKEN_FN)(
  968.     PCtxtHandle, void SEC_FAR * SEC_FAR *);
  972. SECURITY_STATUS SEC_ENTRY
  973. DeleteSecurityContext(
  974.     PCtxtHandle phContext               // Context to delete
  975.     );
  977. typedef SECURITY_STATUS
  978. (SEC_ENTRY * DELETE_SECURITY_CONTEXT_FN)(
  979.     PCtxtHandle);
  983. SECURITY_STATUS SEC_ENTRY
  984. ApplyControlToken(
  985.     PCtxtHandle phContext,              // Context to modify
  986.     PSecBufferDesc pInput               // Input token to apply
  987.     );
  989. typedef SECURITY_STATUS
  990. (SEC_ENTRY * APPLY_CONTROL_TOKEN_FN)(
  991.     PCtxtHandle, PSecBufferDesc);
  995. SECURITY_STATUS SEC_ENTRY
  996. QueryContextAttributesW(
  997.     PCtxtHandle phContext,              // Context to query
  998.     unsigned long ulAttribute,          // Attribute to query
  999.     void SEC_FAR * pBuffer              // Buffer for attributes
  1000.     );
  1002. typedef SECURITY_STATUS
  1003. (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)(
  1004.     PCtxtHandle,
  1005.     unsigned long,
  1006.     void SEC_FAR *);
  1008. // end_ntifs
  1010. SECURITY_STATUS SEC_ENTRY
  1011. QueryContextAttributesA(
  1012.     PCtxtHandle phContext,              // Context to query
  1013.     unsigned long ulAttribute,          // Attribute to query
  1014.     void SEC_FAR * pBuffer              // Buffer for attributes
  1015.     );
  1017. typedef SECURITY_STATUS
  1018. (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_A)(
  1019.     PCtxtHandle,
  1020.     unsigned long,
  1021.     void SEC_FAR *);
  1023. #ifdef UNICODE
  1024. #  define QueryContextAttributes QueryContextAttributesW            // ntifs
  1025. #  define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W // ntifs
  1026. #else
  1027. #  define QueryContextAttributes QueryContextAttributesA
  1028. #  define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_A
  1029. #endif // !UNICODE
  1031. // begin_ntifs
  1033. SECURITY_STATUS SEC_ENTRY
  1034. QueryCredentialsAttributesW(
  1035.     PCredHandle phCredential,              // Credential to query
  1036.     unsigned long ulAttribute,          // Attribute to query
  1037.     void SEC_FAR * pBuffer              // Buffer for attributes
  1038.     );
  1040. typedef SECURITY_STATUS
  1041. (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(
  1042.     PCredHandle,
  1043.     unsigned long,
  1044.     void SEC_FAR *);
  1046. // end_ntifs
  1048. SECURITY_STATUS SEC_ENTRY
  1049. QueryCredentialsAttributesA(
  1050.     PCredHandle phCredential,              // Credential to query
  1051.     unsigned long ulAttribute,          // Attribute to query
  1052.     void SEC_FAR * pBuffer              // Buffer for attributes
  1053.     );
  1055. typedef SECURITY_STATUS
  1056. (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(
  1057.     PCredHandle,
  1058.     unsigned long,
  1059.     void SEC_FAR *);
  1061. #ifdef UNICODE
  1062. #  define QueryCredentialsAttributes QueryCredentialsAttributesW            // ntifs
  1063. #  define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W // ntifs
  1064. #else
  1065. #  define QueryCredentialsAttributes QueryCredentialsAttributesA
  1066. #  define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_A
  1067. #endif // !UNICODE
  1069. // begin_ntifs
  1071. SECURITY_STATUS SEC_ENTRY
  1072. FreeContextBuffer(
  1073.     void SEC_FAR * pvContextBuffer      // buffer to free
  1074.     );
  1076. typedef SECURITY_STATUS
  1077. (SEC_ENTRY * FREE_CONTEXT_BUFFER_FN)(
  1078.     void SEC_FAR *);
  1080. // end_ntifs
  1082. // begin_ntifs
  1083. ///////////////////////////////////////////////////////////////////
  1084. ////
  1085. ////    Message Support API
  1086. ////
  1087. //////////////////////////////////////////////////////////////////
  1089. SECURITY_STATUS SEC_ENTRY
  1090. MakeSignature(
  1091.     PCtxtHandle phContext,              // Context to use
  1092.     unsigned long fQOP,                 // Quality of Protection
  1093.     PSecBufferDesc pMessage,            // Message to sign
  1094.     unsigned long MessageSeqNo          // Message Sequence Num.
  1095.     );
  1097. typedef SECURITY_STATUS
  1098. (SEC_ENTRY * MAKE_SIGNATURE_FN)(
  1099.     PCtxtHandle,
  1100.     unsigned long,
  1101.     PSecBufferDesc,
  1102.     unsigned long);
  1106. SECURITY_STATUS SEC_ENTRY
  1107. VerifySignature(
  1108.     PCtxtHandle phContext,              // Context to use
  1109.     PSecBufferDesc pMessage,            // Message to verify
  1110.     unsigned long MessageSeqNo,         // Sequence Num.
  1111.     unsigned long SEC_FAR * pfQOP       // QOP used
  1112.     );
  1114. typedef SECURITY_STATUS
  1115. (SEC_ENTRY * VERIFY_SIGNATURE_FN)(
  1116.     PCtxtHandle,
  1117.     PSecBufferDesc,
  1118.     unsigned long,
  1119.     unsigned long SEC_FAR *);
  1122. SECURITY_STATUS SEC_ENTRY
  1123. EncryptMessage( PCtxtHandle         phContext,
  1124.                 unsigned long       fQOP,
  1125.                 PSecBufferDesc      pMessage,
  1126.                 unsigned long       MessageSeqNo);
  1128. typedef SECURITY_STATUS
  1129. (SEC_ENTRY * ENCRYPT_MESSAGE_FN)(
  1130.     PCtxtHandle, unsigned long, PSecBufferDesc, unsigned long);
  1133. SECURITY_STATUS SEC_ENTRY
  1134. DecryptMessage( PCtxtHandle         phContext,
  1135.                 PSecBufferDesc      pMessage,
  1136.                 unsigned long       MessageSeqNo,
  1137.                 unsigned long *     pfQOP);
  1140. typedef SECURITY_STATUS
  1141. (SEC_ENTRY * DECRYPT_MESSAGE_FN)(
  1142.     PCtxtHandle, PSecBufferDesc, unsigned long,
  1143.     unsigned long SEC_FAR *);
  1146. // end_ntifs
  1148. // begin_ntifs
  1149. ///////////////////////////////////////////////////////////////////////////
  1150. ////
  1151. ////    Misc.
  1152. ////
  1153. ///////////////////////////////////////////////////////////////////////////
  1156. SECURITY_STATUS SEC_ENTRY
  1157. EnumerateSecurityPackagesW(
  1158.     unsigned long SEC_FAR * pcPackages,     // Receives num. packages
  1159.     PSecPkgInfoW SEC_FAR * ppPackageInfo    // Receives array of info
  1160.     );
  1162. typedef SECURITY_STATUS
  1163. (SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_W)(
  1164.     unsigned long SEC_FAR *,
  1165.     PSecPkgInfoW SEC_FAR *);
  1167. // end_ntifs
  1169. SECURITY_STATUS SEC_ENTRY
  1170. EnumerateSecurityPackagesA(
  1171.     unsigned long SEC_FAR * pcPackages,     // Receives num. packages
  1172.     PSecPkgInfoA SEC_FAR * ppPackageInfo    // Receives array of info
  1173.     );
  1175. typedef SECURITY_STATUS
  1176. (SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_A)(
  1177.     unsigned long SEC_FAR *,
  1178.     PSecPkgInfoA SEC_FAR *);
  1180. #ifdef UNICODE
  1181. #  define EnumerateSecurityPackages EnumerateSecurityPackagesW              // ntifs
  1182. #  define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W   // ntifs
  1183. #else
  1184. #  define EnumerateSecurityPackages EnumerateSecurityPackagesA
  1185. #  define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_A
  1186. #endif // !UNICODE
  1188. // begin_ntifs
  1190. SECURITY_STATUS SEC_ENTRY
  1191. QuerySecurityPackageInfoW(
  1192. #if ISSP_MODE == 0
  1193.     PSECURITY_STRING pPackageName,
  1194. #else
  1195.     SEC_WCHAR SEC_FAR * pszPackageName,     // Name of package
  1196. #endif
  1197.     PSecPkgInfoW SEC_FAR *ppPackageInfo              // Receives package info
  1198.     );
  1200. typedef SECURITY_STATUS
  1201. (SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_W)(
  1202. #if ISSP_MODE == 0
  1203.     PSECURITY_STRING,
  1204. #else
  1205.     SEC_WCHAR SEC_FAR *,
  1206. #endif
  1207.     PSecPkgInfoW SEC_FAR *);
  1209. // end_ntifs
  1211. SECURITY_STATUS SEC_ENTRY
  1212. QuerySecurityPackageInfoA(
  1213.     SEC_CHAR SEC_FAR * pszPackageName,      // Name of package
  1214.     PSecPkgInfoA SEC_FAR *ppPackageInfo              // Receives package info
  1215.     );
  1217. typedef SECURITY_STATUS
  1218. (SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_A)(
  1219.     SEC_CHAR SEC_FAR *,
  1220.     PSecPkgInfoA SEC_FAR *);
  1222. #ifdef UNICODE
  1223. #  define QuerySecurityPackageInfo QuerySecurityPackageInfoW                // ntifs
  1224. #  define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W   // ntifs
  1225. #else
  1226. #  define QuerySecurityPackageInfo QuerySecurityPackageInfoA
  1227. #  define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_A
  1228. #endif // !UNICODE
  1231. #if ISSP_MODE == 0
  1233. #define DeleteSecurityContextDefer  DeleteSecurityContext
  1234. #define FreeCredentialsHandleDefer  FreeCredentialsHandle
  1236. #if 0
  1237. //
  1238. // Deferred mode calls for rdr
  1239. //
  1241. SECURITY_STATUS SEC_ENTRY
  1242. DeleteSecurityContextDefer(
  1243.     PCtxtHandle     phContext);
  1245. SECURITY_STATUS SEC_ENTRY
  1246. FreeCredentialsHandleDefer(
  1247.     PCredHandle     phCreds);
  1249. #endif
  1251. #endif
  1253. typedef enum _SecDelegationType {
  1254.     SecFull,
  1255.     SecService,
  1256.     SecTree,
  1257.     SecDirectory,
  1258.     SecObject
  1259. } SecDelegationType, * PSecDelegationType;
  1261. SECURITY_STATUS SEC_ENTRY
  1262. DelegateSecurityContext(
  1263.     PCtxtHandle         phContext,          // IN Active context to delegate
  1264. #if ISSP_MODE == 0
  1265.     PSECURITY_STRING    pTarget,            // IN Target path
  1266. #else
  1267.     SEC_CHAR SEC_FAR *  pszTarget,
  1268. #endif
  1269.     SecDelegationType   DelegationType,     // IN Type of delegation
  1270.     PTimeStamp          pExpiry,            // IN OPTIONAL time limit
  1271.     PSecBuffer          pPackageParameters, // IN OPTIONAL package specific
  1272.     PSecBufferDesc      pOutput);           // OUT Token for applycontroltoken.
  1275. ///////////////////////////////////////////////////////////////////////////
  1276. ////
  1277. ////    Proxies
  1278. ////
  1279. ///////////////////////////////////////////////////////////////////////////
  1282. //
  1283. // Proxies are only available on NT platforms
  1284. //
  1286. // begin_ntifs
  1288. ///////////////////////////////////////////////////////////////////////////
  1289. ////
  1290. ////    Context export/import
  1291. ////
  1292. ///////////////////////////////////////////////////////////////////////////
  1296. SECURITY_STATUS SEC_ENTRY
  1297. ExportSecurityContext(
  1298.     PCtxtHandle          phContext,             // (in) context to export
  1299.     ULONG                fFlags,                // (in) option flags
  1300.     PSecBuffer           pPackedContext,        // (out) marshalled context
  1301.     void SEC_FAR * SEC_FAR * pToken                 // (out, optional) token handle for impersonation
  1302.     );
  1304. typedef SECURITY_STATUS
  1305. (SEC_ENTRY * EXPORT_SECURITY_CONTEXT_FN)(
  1306.     PCtxtHandle,
  1307.     ULONG,
  1308.     PSecBuffer,
  1309.     void SEC_FAR * SEC_FAR *
  1310.     );
  1312. SECURITY_STATUS SEC_ENTRY
  1313. ImportSecurityContextW(
  1314.     SEC_WCHAR SEC_FAR * pszPackage,
  1315.     PSecBuffer           pPackedContext,        // (in) marshalled context
  1316.     void SEC_FAR *       Token,                 // (in, optional) handle to token for context
  1317.     PCtxtHandle          phContext              // (out) new context handle
  1318.     );
  1320. typedef SECURITY_STATUS
  1321. (SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_W)(
  1322.     SEC_WCHAR SEC_FAR *,
  1323.     PSecBuffer,
  1324.     VOID SEC_FAR *,
  1325.     PCtxtHandle
  1326.     );
  1328. // end_ntifs
  1329. SECURITY_STATUS SEC_ENTRY
  1330. ImportSecurityContextA(
  1331.     SEC_CHAR SEC_FAR * pszPackage,
  1332.     PSecBuffer           pPackedContext,        // (in) marshalled context
  1333.     VOID SEC_FAR *       Token,                 // (in, optional) handle to token for context
  1334.     PCtxtHandle          phContext              // (out) new context handle
  1335.     );
  1337. typedef SECURITY_STATUS
  1338. (SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_A)(
  1339.     SEC_CHAR SEC_FAR *,
  1340.     PSecBuffer,
  1341.     void SEC_FAR *,
  1342.     PCtxtHandle
  1343.     );
  1345. #ifdef UNICODE
  1346. #  define ImportSecurityContext ImportSecurityContextW              // ntifs
  1347. #  define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W   // ntifs
  1348. #else
  1349. #  define ImportSecurityContext ImportSecurityContextA
  1350. #  define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_A
  1351. #endif // !UNICODE
  1354. ///////////////////////////////////////////////////////////////////////////////
  1355. ////
  1356. ////  Fast access for RPC:
  1357. ////
  1358. ///////////////////////////////////////////////////////////////////////////////
  1360. #define SECURITY_ENTRYPOINT_ANSIW "InitSecurityInterfaceW"
  1361. #define SECURITY_ENTRYPOINT_ANSIA "InitSecurityInterfaceW"
  1362. #define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW")     // ntifs
  1363. #define SECURITY_ENTRYPOINTA SEC_TEXT("InitSecurityInterfaceA")
  1364. #define SECURITY_ENTRYPOINT16 "INITSECURITYINTERFACEA"
  1366. #ifdef SECURITY_WIN32
  1367. #  ifdef UNICODE
  1368. #    define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTW                // ntifs
  1369. #    define SECURITY_ENTRYPOINT_ANSI SECURITY_ENTRYPOINT_ANSIW
  1370. #  else // UNICODE
  1371. #    define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTA
  1372. #    define SECURITY_ENTRYPOINT_ANSI SECURITY_ENTRYPOINT_ANSIA
  1373. #  endif // UNICODE
  1374. #else // SECURITY_WIN32
  1375. #  define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINT16
  1376. #  define SECURITY_ENTRYPOINT_ANSI SECURITY_ENTRYPOINT16
  1377. #endif // SECURITY_WIN32
  1379. // begin_ntifs
  1381. typedef struct _SECURITY_FUNCTION_TABLE_W {
  1382.     unsigned long                       dwVersion;
  1383.     ENUMERATE_SECURITY_PACKAGES_FN_W    EnumerateSecurityPackagesW;
  1384.     QUERY_CREDENTIALS_ATTRIBUTES_FN_W   QueryCredentialsAttributesW;
  1385.     ACQUIRE_CREDENTIALS_HANDLE_FN_W     AcquireCredentialsHandleW;
  1386.     FREE_CREDENTIALS_HANDLE_FN          FreeCredentialHandle;
  1387. #ifndef WIN32_CHICAGO
  1388.     void SEC_FAR *                      Reserved2;
  1389. #else // WIN32_CHICAGO
  1390.     SSPI_LOGON_USER_FN                       SspiLogonUserW;
  1391. #endif // WIN32_CHICAGO
  1392.     INITIALIZE_SECURITY_CONTEXT_FN_W    InitializeSecurityContextW;
  1393.     ACCEPT_SECURITY_CONTEXT_FN          AcceptSecurityContext;
  1394.     COMPLETE_AUTH_TOKEN_FN              CompleteAuthToken;
  1395.     DELETE_SECURITY_CONTEXT_FN          DeleteSecurityContext;
  1396.     APPLY_CONTROL_TOKEN_FN              ApplyControlToken;
  1397.     QUERY_CONTEXT_ATTRIBUTES_FN_W       QueryContextAttributesW;
  1398.     IMPERSONATE_SECURITY_CONTEXT_FN     ImpersonateSecurityContext;
  1399.     REVERT_SECURITY_CONTEXT_FN          RevertSecurityContext;
  1400.     MAKE_SIGNATURE_FN                   MakeSignature;
  1401.     VERIFY_SIGNATURE_FN                 VerifySignature;
  1402.     FREE_CONTEXT_BUFFER_FN              FreeContextBuffer;
  1403.     QUERY_SECURITY_PACKAGE_INFO_FN_W    QuerySecurityPackageInfoW;
  1404.     void SEC_FAR *                      Reserved3;
  1405.     void SEC_FAR *                      Reserved4;
  1406.     EXPORT_SECURITY_CONTEXT_FN          ExportSecurityContext;
  1407.     IMPORT_SECURITY_CONTEXT_FN_W        ImportSecurityContextW;
  1408.     void SEC_FAR *                      Reserved7;
  1409.     void SEC_FAR *                      Reserved8;
  1410.     QUERY_SECURITY_CONTEXT_TOKEN_FN     QuerySecurityContextToken;
  1411.     ENCRYPT_MESSAGE_FN                  EncryptMessage;
  1412.     DECRYPT_MESSAGE_FN                  DecryptMessage;
  1413. } SecurityFunctionTableW, SEC_FAR * PSecurityFunctionTableW;
  1415. // end_ntifs
  1417. typedef struct _SECURITY_FUNCTION_TABLE_A {
  1418.     unsigned long                       dwVersion;
  1419.     ENUMERATE_SECURITY_PACKAGES_FN_A    EnumerateSecurityPackagesA;
  1420.     QUERY_CREDENTIALS_ATTRIBUTES_FN_A   QueryCredentialsAttributesA;
  1421.     ACQUIRE_CREDENTIALS_HANDLE_FN_A     AcquireCredentialsHandleA;
  1422.     FREE_CREDENTIALS_HANDLE_FN          FreeCredentialHandle;
  1423. #ifndef WIN32_CHICAGO
  1424.     void SEC_FAR *                      Reserved2;
  1425. #else // WIN32_CHICAGO
  1426.     SSPI_LOGON_USER_FN                       SspiLogonUserA;
  1427. #endif // WIN32_CHICAGO
  1428.     INITIALIZE_SECURITY_CONTEXT_FN_A    InitializeSecurityContextA;
  1429.     ACCEPT_SECURITY_CONTEXT_FN          AcceptSecurityContext;
  1430.     COMPLETE_AUTH_TOKEN_FN              CompleteAuthToken;
  1431.     DELETE_SECURITY_CONTEXT_FN          DeleteSecurityContext;
  1432.     APPLY_CONTROL_TOKEN_FN              ApplyControlToken;
  1433.     QUERY_CONTEXT_ATTRIBUTES_FN_A       QueryContextAttributesA;
  1434.     IMPERSONATE_SECURITY_CONTEXT_FN     ImpersonateSecurityContext;
  1435.     REVERT_SECURITY_CONTEXT_FN          RevertSecurityContext;
  1436.     MAKE_SIGNATURE_FN                   MakeSignature;
  1437.     VERIFY_SIGNATURE_FN                 VerifySignature;
  1438.     FREE_CONTEXT_BUFFER_FN              FreeContextBuffer;
  1439.     QUERY_SECURITY_PACKAGE_INFO_FN_A    QuerySecurityPackageInfoA;
  1440.     void SEC_FAR *                      Reserved3;
  1441.     void SEC_FAR *                      Reserved4;
  1442.     EXPORT_SECURITY_CONTEXT_FN          ExportSecurityContext;
  1443.     IMPORT_SECURITY_CONTEXT_FN_A        ImportSecurityContextA;
  1444.    void SEC_FAR *                      Reserved7;
  1445.     void SEC_FAR *                      Reserved8;
  1446.     QUERY_SECURITY_CONTEXT_TOKEN_FN     QuerySecurityContextToken;
  1447.     ENCRYPT_MESSAGE_FN                  EncryptMessage;
  1448.     DECRYPT_MESSAGE_FN                  DecryptMessage;
  1449. } SecurityFunctionTableA, SEC_FAR * PSecurityFunctionTableA;
  1451. #ifdef UNICODE
  1452. #  define SecurityFunctionTable SecurityFunctionTableW
  1453. #  define PSecurityFunctionTable PSecurityFunctionTableW
  1454. #else
  1455. #  define SecurityFunctionTable SecurityFunctionTableA
  1456. #  define PSecurityFunctionTable PSecurityFunctionTableA
  1457. #endif // !UNICODE
  1459. #define SECURITY_
  1461. #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION     1
  1464. PSecurityFunctionTableA SEC_ENTRY
  1465. InitSecurityInterfaceA(
  1466.     void
  1467.     );
  1469. typedef PSecurityFunctionTableA
  1470. (SEC_ENTRY * INIT_SECURITY_INTERFACE_A)(void);
  1472. // begin_ntifs
  1474. PSecurityFunctionTableW SEC_ENTRY
  1475. InitSecurityInterfaceW(
  1476.     void
  1477.     );
  1479. typedef PSecurityFunctionTableW
  1480. (SEC_ENTRY * INIT_SECURITY_INTERFACE_W)(void);
  1482. // end_ntifs
  1484. #ifdef UNICODE
  1485. #  define InitSecurityInterface InitSecurityInterfaceW          // ntifs
  1486. #  define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W     // ntifs
  1487. #else
  1488. #  define InitSecurityInterface InitSecurityInterfaceA
  1489. #  define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_A
  1490. #endif // !UNICODE
  1492. typedef struct _SECURITY_PACKAGE_OPTIONS {
  1493.     unsigned long   Size;
  1494.     unsigned long   Type;
  1495.     unsigned long   Flags;
  1496.     unsigned long   SignatureSize;
  1497.     void SEC_FAR *  Signature;
  1498. } SECURITY_PACKAGE_OPTIONS, SEC_FAR * PSECURITY_PACKAGE_OPTIONS;
  1500. #define SECPKG_OPTIONS_TYPE_UNKNOWN 0
  1501. #define SECPKG_OPTIONS_TYPE_LSA     1
  1502. #define SECPKG_OPTIONS_TYPE_SSPI    2
  1504. #define SECPKG_OPTIONS_PERMANENT    0x00000001
  1506. SECURITY_STATUS
  1507. SEC_ENTRY
  1508. AddSecurityPackageA(
  1509.     SEC_CHAR SEC_FAR *  pszPackageName,
  1510.     SECURITY_PACKAGE_OPTIONS SEC_FAR * Options
  1511.     );
  1513. SECURITY_STATUS
  1514. SEC_ENTRY
  1515. AddSecurityPackageW(
  1516.     SEC_WCHAR SEC_FAR * pszPackageName,
  1517.     SECURITY_PACKAGE_OPTIONS SEC_FAR * Options
  1518.     );
  1520. #ifdef UNICODE
  1521. #define AddSecurityPackage  AddSecurityPackageW
  1522. #else
  1523. #define AddSecurityPackage  AddSecurityPackageA
  1524. #endif
  1526. SECURITY_STATUS
  1527. SEC_ENTRY
  1528. DeleteSecurityPackageA(
  1529.     SEC_CHAR SEC_FAR *  pszPackageName );
  1531. SECURITY_STATUS
  1532. SEC_ENTRY
  1533. DeleteSecurityPackageW(
  1534.     SEC_WCHAR SEC_FAR * pszPackageName );
  1536. #ifdef UNICODE
  1537. #define DeleteSecurityPackage   DeleteSecurityPackageW
  1538. #else
  1539. #define DeleteSecurityPackage   DeleteSecurityPackageA
  1540. #endif
  1543. //
  1544. // Extended Name APIs for NTDS
  1545. //
  1548. typedef enum
  1549. {
  1550.     // Examples for the following formats assume a fictitous company
  1551.     // which hooks into the global X.500 and DNS name spaces as follows.
  1552.     //
  1553.     // Enterprise root domain in DNS is
  1554.     //
  1555.     //      widget.com
  1556.     //
  1557.     // Enterprise root domain in X.500 (RFC 1779 format) is
  1558.     //
  1559.     //      O=Widget, C=US
  1560.     //
  1561.     // There exists the child domain
  1562.     //
  1563.     //      engineering.widget.com
  1564.     //
  1565.     // equivalent to
  1566.     //
  1567.     //      OU=Engineering, O=Widget, C=US
  1568.     //
  1569.     // There exists a container within the Engineering domain
  1570.     //
  1571.     //      OU=Software, OU=Engineering, O=Widget, C=US
  1572.     //
  1573.     // There exists the user
  1574.     //
  1575.     //      CN=Spencer Katt, OU=Software, OU=Engineering, O=Widget, C=US
  1576.     //
  1577.     // And this user's downlevel (pre-NTDS) user name is
  1578.     //
  1579.     //      EngineeringSpencerK
  1581.     // unknown name type
  1582.     NameUnknown = 0,
  1584.     // CN=Spencer Katt, OU=Software, OU=Engineering, O=Widget, C=US
  1585.     NameFullyQualifiedDN = 1,
  1587.     // EngineeringSpencerK
  1588.     NameSamCompatible = 2,
  1590.     // Probably "Spencer Katt" but could be something else.  I.e. The
  1591.     // display name is not necessarily the defining RDN.
  1592.     NameDisplay = 3,
  1594.     // xxx@engineering.widget.com where xxx could be "SpencerK" or
  1595.     // anything else.  Could be multi-valued to handle migration and aliasing.
  1596.     NameDomainSimple = 4,
  1598.     // xxx@widget.com where xxx could be "SpencerK" or anything else.
  1599.     // Could be multi-valued to handle migration and aliasing.
  1600.     NameEnterpriseSimple = 5,
  1602.     // String-ized GUID as returned by IIDFromString().
  1603.     // eg: {4fa050f0-f561-11cf-bdd9-00aa003a77b6}
  1604.     NameUniqueId = 6,
  1606.     // engineering.widget.com/software/spencer katt
  1607.     NameCanonical = 7
  1609. } EXTENDED_NAME_FORMAT, * PEXTENDED_NAME_FORMAT ;
  1611. BOOLEAN
  1612. SEC_ENTRY
  1613. GetUserNameExA(
  1614.     EXTENDED_NAME_FORMAT  NameFormat,
  1615.     LPSTR lpNameBuffer,
  1616.     PULONG nSize
  1617.     );
  1618. BOOLEAN
  1619. SEC_ENTRY
  1620. GetUserNameExW(
  1621.     EXTENDED_NAME_FORMAT NameFormat,
  1622.     LPWSTR lpNameBuffer,
  1623.     PULONG nSize
  1624.     );
  1626. #ifdef UNICODE
  1627. #define GetUserNameEx   GetUserNameExW
  1628. #else
  1629. #define GetUserNameEx   GetUserNameExA
  1630. #endif
  1632. BOOLEAN
  1633. SEC_ENTRY
  1634. TranslateNameA(
  1635.     LPCSTR lpAccountName,
  1636.     EXTENDED_NAME_FORMAT AccountNameFormat,
  1637.     EXTENDED_NAME_FORMAT DesiredNameFormat,
  1638.     LPSTR lpTranslatedName,
  1639.     PULONG nSize
  1640.     );
  1641. BOOLEAN
  1642. SEC_ENTRY
  1643. TranslateNameW(
  1644.     LPCWSTR lpAccountName,
  1645.     EXTENDED_NAME_FORMAT AccountNameFormat,
  1646.     EXTENDED_NAME_FORMAT DesiredNameFormat,
  1647.     LPWSTR lpTranslatedName,
  1648.     PULONG nSize
  1649.     );
  1650. #ifdef UNICODE
  1651. #define TranslateName   TranslateNameW
  1652. #else
  1653. #define TranslateName   TranslateNameA
  1654. #endif
  1656. #ifdef SECURITY_DOS
  1657. #pragma warning(default:4147)
  1658. #endif
  1660. #endif // __SSPI_H__