3 * @copy 2012 MinGW.org project
5 * Permission is hereby granted, free of charge, to any person obtaining a
6 * copy of this software and associated documentation files (the "Software"),
7 * to deal in the Software without restriction, including without limitation
8 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
9 * and/or sell copies of the Software, and to permit persons to whom the
10 * Software is furnished to do so, subject to the following conditions:
12 * The above copyright notice and this permission notice (including the next
13 * paragraph) shall be included in all copies or substantial portions of the
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
22 * DEALINGS IN THE SOFTWARE.
26 #pragma GCC system_header
36 #define ISC_REQ_DELEGATE 1
37 #define ISC_REQ_MUTUAL_AUTH 2
38 #define ISC_REQ_REPLAY_DETECT 4
39 #define ISC_REQ_SEQUENCE_DETECT 8
40 #define ISC_REQ_CONFIDENTIALITY 16
41 #define ISC_REQ_USE_SESSION_KEY 32
42 #define ISC_REQ_PROMPT_FOR_CREDS 64
43 #define ISC_REQ_USE_SUPPLIED_CREDS 128
44 #define ISC_REQ_ALLOCATE_MEMORY 256
45 #define ISC_REQ_USE_DCE_STYLE 512
46 #define ISC_REQ_DATAGRAM 1024
47 #define ISC_REQ_CONNECTION 2048
48 #define ISC_REQ_EXTENDED_ERROR 16384
49 #define ISC_REQ_STREAM 32768
50 #define ISC_REQ_INTEGRITY 65536
51 #define ISC_REQ_MANUAL_CRED_VALIDATION 524288
52 #define ISC_REQ_HTTP 268435456
54 #define ISC_RET_EXTENDED_ERROR 16384
56 #define ASC_REQ_DELEGATE 1
57 #define ASC_REQ_MUTUAL_AUTH 2
58 #define ASC_REQ_REPLAY_DETECT 4
59 #define ASC_REQ_SEQUENCE_DETECT 8
60 #define ASC_REQ_CONFIDENTIALITY 16
61 #define ASC_REQ_USE_SESSION_KEY 32
62 #define ASC_REQ_ALLOCATE_MEMORY 256
63 #define ASC_REQ_USE_DCE_STYLE 512
64 #define ASC_REQ_DATAGRAM 1024
65 #define ASC_REQ_CONNECTION 2048
66 #define ASC_REQ_EXTENDED_ERROR 32768
67 #define ASC_REQ_STREAM 65536
68 #define ASC_REQ_INTEGRITY 131072
70 #define SECURITY_NATIVE_DREP 16
71 #define SECURITY_NETWORK_DREP 0
73 #define SECPKG_STATE_ENCRYPTION_PERMITTED 0x01
74 #define SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED 0x02
75 #define SECPKG_STATE_DOMAIN_CONTROLLER 0x04
76 #define SECPKG_STATE_WORKSTATION 0x08
77 #define SECPKG_STATE_STANDALONE 0x10
79 /* enum definitions for Secure Service Provider/Authentication Packages */
80 typedef enum _LSA_TOKEN_INFORMATION_TYPE {
81 LsaTokenInformationNull,
83 } LSA_TOKEN_INFORMATION_TYPE, *PLSA_TOKEN_INFORMATION_TYPE;
84 typedef enum _SECPKG_EXTENDED_INFORMATION_CLASS
88 SecpkgMutualAuthLevel,
90 } SECPKG_EXTENDED_INFORMATION_CLASS;
91 typedef enum _SECPKG_NAME_TYPE {
98 /* struct definitions for SSP/AP */
99 typedef struct _SECPKG_PRIMARY_CRED {
101 UNICODE_STRING DownlevelName;
102 UNICODE_STRING DomainName;
103 UNICODE_STRING Password;
104 UNICODE_STRING OldPassword;
107 UNICODE_STRING DnsDomainName;
109 UNICODE_STRING LogonServer;
110 UNICODE_STRING Spare1;
111 UNICODE_STRING Spare2;
112 UNICODE_STRING Spare3;
113 UNICODE_STRING Spare4;
114 } SECPKG_PRIMARY_CRED, *PSECPKG_PRIMARY_CRED;
115 typedef struct _SECPKG_SUPPLEMENTAL_CRED {
116 UNICODE_STRING PackageName;
117 ULONG CredentialSize;
119 } SECPKG_SUPPLEMENTAL_CRED, *PSECPKG_SUPPLEMENTAL_CRED;
120 typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY {
121 ULONG CredentialCount;
122 SECPKG_SUPPLEMENTAL_CRED Credentials[1];
123 } SECPKG_SUPPLEMENTAL_CRED_ARRAY, *PSECPKG_SUPPLEMENTAL_CRED_ARRAY;
124 typedef struct _SECPKG_PARAMETERS {
129 UNICODE_STRING DomainName;
130 UNICODE_STRING DnsDomainName;
132 } SECPKG_PARAMETERS, *PSECPKG_PARAMETERS,
133 SECPKG_EVENT_DOMAIN_CHANGE, *PSECPKG_EVENT_DOMAIN_CHANGE;
134 typedef struct _SECPKG_CLIENT_INFO {
138 BOOLEAN HasTcbPrivilege;
139 BOOLEAN Impersonating;
141 } SECPKG_CLIENT_INFO,
142 *PSECPKG_CLIENT_INFO;
143 typedef struct _SECURITY_USER_DATA {
144 SECURITY_STRING UserName;
145 SECURITY_STRING LogonDomainName;
146 SECURITY_STRING LogonServer;
148 } SECURITY_USER_DATA, *PSECURITY_USER_DATA,
149 SecurityUserData, *PSecurityUserData;
150 typedef struct _SECPKG_GSS_INFO {
151 ULONG EncodedIdLength;
153 } SECPKG_GSS_INFO, *PSECPKG_GSS_INFO;
154 typedef struct _SECPKG_CONTEXT_THUNKS {
155 ULONG InfoLevelCount;
157 } SECPKG_CONTEXT_THUNKS, *PSECPKG_CONTEXT_THUNKS;
158 typedef struct _SECPKG_MUTUAL_AUTH_LEVEL {
159 ULONG MutualAuthLevel;
160 } SECPKG_MUTUAL_AUTH_LEVEL, *PSECPKG_MUTUAL_AUTH_LEVEL;
161 typedef struct _SECPKG_CALL_INFO {
166 } SECPKG_CALL_INFO, *PSECPKG_CALL_INFO;
167 typedef struct _SECPKG_EXTENDED_INFORMATION {
168 SECPKG_EXTENDED_INFORMATION_CLASS Class;
170 SECPKG_GSS_INFO GssInfo;
171 SECPKG_CONTEXT_THUNKS ContextThunks;
172 SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel;
174 } SECPKG_EXTENDED_INFORMATION, *PSECPKG_EXTENDED_INFORMATION;
176 /* callbacks implemented by SSP/AP dlls and called by the LSA */
177 typedef VOID (NTAPI *PLSA_CALLBACK_FUNCTION)(ULONG_PTR, ULONG_PTR, PSecBuffer,
180 /* misc typedefs used in the below prototypes */
181 typedef PVOID *PLSA_CLIENT_REQUEST;
182 typedef ULONG LSA_SEC_HANDLE, *PLSA_SEC_HANDLE;
183 typedef LPTHREAD_START_ROUTINE SEC_THREAD_START;
184 typedef PSECURITY_ATTRIBUTES SEC_ATTRS;
186 /* functions used by SSP/AP obtainable by dispatch tables */
187 typedef NTSTATUS (NTAPI *PLSA_REGISTER_CALLBACK)(ULONG, PLSA_CALLBACK_FUNCTION);
188 typedef NTSTATUS (NTAPI *PLSA_CREATE_LOGON_SESSION)(PLUID);
189 typedef NTSTATUS (NTAPI *PLSA_DELETE_LOGON_SESSION)(PLUID);
190 typedef NTSTATUS (NTAPI *PLSA_ADD_CREDENTIAL)(PLUID, ULONG, PLSA_STRING,
192 typedef NTSTATUS (NTAPI *PLSA_GET_CREDENTIALS)(PLUID, ULONG, PULONG, BOOLEAN,
193 PLSA_STRING, PULONG, PLSA_STRING);
194 typedef NTSTATUS (NTAPI *PLSA_DELETE_CREDENTIAL)(PLUID, ULONG, PLSA_STRING);
195 typedef PVOID (NTAPI *PLSA_ALLOCATE_LSA_HEAP)(ULONG);
196 typedef VOID (NTAPI *PLSA_FREE_LSA_HEAP)(PVOID);
197 typedef NTSTATUS (NTAPI *PLSA_ALLOCATE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
199 typedef NTSTATUS (NTAPI *PLSA_FREE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, PVOID);
200 typedef NTSTATUS (NTAPI *PLSA_COPY_TO_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, ULONG,
202 typedef NTSTATUS (NTAPI *PLSA_COPY_FROM_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
203 ULONG, PVOID, PVOID);
204 typedef NTSTATUS (NTAPI *PLSA_IMPERSONATE_CLIENT)(void);
205 typedef NTSTATUS (NTAPI *PLSA_UNLOAD_PACKAGE)(void);
206 typedef NTSTATUS (NTAPI *PLSA_DUPLICATE_HANDLE)(HANDLE, PHANDLE);
207 typedef NTSTATUS (NTAPI *PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS)(PLUID, ULONG,
209 typedef HANDLE (NTAPI *PLSA_CREATE_THREAD)(SEC_ATTRS, ULONG, SEC_THREAD_START,
210 PVOID, ULONG, PULONG);
211 typedef NTSTATUS (NTAPI *PLSA_GET_CLIENT_INFO)(PSECPKG_CLIENT_INFO);
212 typedef HANDLE (NTAPI *PLSA_REGISTER_NOTIFICATION)(SEC_THREAD_START, PVOID,
213 ULONG, ULONG, ULONG, ULONG, HANDLE);
214 typedef NTSTATUS (NTAPI *PLSA_CANCEL_NOTIFICATION)(HANDLE);
215 typedef NTSTATUS (NTAPI *PLSA_MAP_BUFFER)(PSecBuffer, PSecBuffer);
216 typedef NTSTATUS (NTAPI *PLSA_CREATE_TOKEN)(PLUID, PTOKEN_SOURCE,
217 SECURITY_LOGON_TYPE, SECURITY_IMPERSONATION_LEVEL, LSA_TOKEN_INFORMATION_TYPE,
218 PVOID, PTOKEN_GROUPS, PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING,
219 PUNICODE_STRING, PHANDLE, PNTSTATUS);
220 typedef VOID (NTAPI *PLSA_AUDIT_LOGON)(NTSTATUS, NTSTATUS, PUNICODE_STRING,
221 PUNICODE_STRING, PUNICODE_STRING, OPTIONAL PSID, SECURITY_LOGON_TYPE,
222 PTOKEN_SOURCE, PLUID);
223 typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
224 PVOID*, PULONG, PNTSTATUS);
225 typedef VOID (NTAPI *PLSA_FREE_LSA_HEAP)(PVOID);
226 typedef BOOLEAN (NTAPI *PLSA_GET_CALL_INFO)(PSECPKG_CALL_INFO);
227 typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGEEX)(PUNICODE_STRING, PVOID, PVOID,
228 ULONG, PVOID*, PULONG, PNTSTATUS);
229 typedef PVOID (NTAPI *PLSA_CREATE_SHARED_MEMORY)(ULONG, ULONG);
230 typedef PVOID (NTAPI *PLSA_ALLOCATE_SHARED_MEMORY)(PVOID, ULONG);
231 typedef VOID (NTAPI *PLSA_FREE_SHARED_MEMORY)(PVOID, PVOID);
232 typedef BOOLEAN (NTAPI *PLSA_DELETE_SHARED_MEMORY)(PVOID);
233 typedef NTSTATUS (NTAPI *PLSA_OPEN_SAM_USER)(PSECURITY_STRING, SECPKG_NAME_TYPE,
234 PSECURITY_STRING, BOOLEAN, ULONG, PVOID*);
235 typedef NTSTATUS (NTAPI *PLSA_GET_USER_CREDENTIALS)(PVOID, PVOID *, PULONG,
237 typedef NTSTATUS (NTAPI *PLSA_GET_USER_AUTH_DATA)(PVOID, PUCHAR *, PULONG);
238 typedef NTSTATUS (NTAPI *PLSA_CLOSE_SAM_USER)(PVOID);
239 typedef NTSTATUS (NTAPI *PLSA_CONVERT_AUTH_DATA_TO_TOKEN)(PVOID, ULONG,
240 SECURITY_IMPERSONATION_LEVEL, PTOKEN_SOURCE, SECURITY_LOGON_TYPE,
241 PUNICODE_STRING, PHANDLE, PLUID, PUNICODE_STRING, PNTSTATUS);
242 typedef NTSTATUS (NTAPI *PLSA_CLIENT_CALLBACK)(PCHAR, ULONG_PTR, ULONG_PTR,
243 PSecBuffer, PSecBuffer);
244 typedef NTSTATUS (NTAPI *PLSA_UPDATE_PRIMARY_CREDENTIALS)(PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY);
245 typedef NTSTATUS (NTAPI *PLSA_GET_AUTH_DATA_FOR_USER)(PSECURITY_STRING,
246 SECPKG_NAME_TYPE, PSECURITY_STRING, PUCHAR *, PULONG, PUNICODE_STRING);
247 typedef NTSTATUS (NTAPI *PLSA_CRACK_SINGLE_NAME)(ULONG, BOOLEAN,
248 PUNICODE_STRING, PUNICODE_STRING, ULONG, PUNICODE_STRING, PUNICODE_STRING,
250 typedef NTSTATUS (NTAPI *PLSA_AUDIT_ACCOUNT_LOGON)(ULONG, BOOLEAN,
251 PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING, NTSTATUS);
252 typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING, PVOID,
253 PVOID, ULONG, PVOID*, PULONG, PNTSTATUS);
255 /* Dispatch tables of functions used by SSP/AP */
256 typedef struct SECPKG_DLL_FUNCTIONS {
257 PLSA_ALLOCATE_LSA_HEAP AllocateHeap;
258 PLSA_FREE_LSA_HEAP FreeHeap;
259 PLSA_REGISTER_CALLBACK RegisterCallback;
260 } SECPKG_DLL_FUNCTIONS,
261 *PSECPKG_DLL_FUNCTIONS;
262 typedef struct LSA_DISPATCH_TABLE {
263 PLSA_CREATE_LOGON_SESSION CreateLogonSession;
264 PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
265 PLSA_ADD_CREDENTIAL AddCredential;
266 PLSA_GET_CREDENTIALS GetCredentials;
267 PLSA_DELETE_CREDENTIAL DeleteCredential;
268 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
269 PLSA_FREE_LSA_HEAP FreeLsaHeap;
270 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
271 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
272 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
273 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
274 } LSA_DISPATCH_TABLE,
275 *PLSA_DISPATCH_TABLE;
276 typedef struct _LSA_SECPKG_FUNCTION_TABLE {
277 PLSA_CREATE_LOGON_SESSION CreateLogonSession;
278 PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
279 PLSA_ADD_CREDENTIAL AddCredential;
280 PLSA_GET_CREDENTIALS GetCredentials;
281 PLSA_DELETE_CREDENTIAL DeleteCredential;
282 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
283 PLSA_FREE_LSA_HEAP FreeLsaHeap;
284 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
285 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
286 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
287 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
288 PLSA_IMPERSONATE_CLIENT ImpersonateClient;
289 PLSA_UNLOAD_PACKAGE UnloadPackage;
290 PLSA_DUPLICATE_HANDLE DuplicateHandle;
291 PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials;
292 PLSA_CREATE_THREAD CreateThread;
293 PLSA_GET_CLIENT_INFO GetClientInfo;
294 PLSA_REGISTER_NOTIFICATION RegisterNotification;
295 PLSA_CANCEL_NOTIFICATION CancelNotification;
296 PLSA_MAP_BUFFER MapBuffer;
297 PLSA_CREATE_TOKEN CreateToken;
298 PLSA_AUDIT_LOGON AuditLogon;
299 PLSA_CALL_PACKAGE CallPackage;
300 PLSA_FREE_LSA_HEAP FreeReturnBuffer;
301 PLSA_GET_CALL_INFO GetCallInfo;
302 PLSA_CALL_PACKAGEEX CallPackageEx;
303 PLSA_CREATE_SHARED_MEMORY CreateSharedMemory;
304 PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory;
305 PLSA_FREE_SHARED_MEMORY FreeSharedMemory;
306 PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory;
307 PLSA_OPEN_SAM_USER OpenSamUser;
308 PLSA_GET_USER_CREDENTIALS GetUserCredentials;
309 PLSA_GET_USER_AUTH_DATA GetUserAuthData;
310 PLSA_CLOSE_SAM_USER CloseSamUser;
311 PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken;
312 PLSA_CLIENT_CALLBACK ClientCallback;
313 PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials;
314 PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser;
315 PLSA_CRACK_SINGLE_NAME CrackSingleName;
316 PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon;
317 PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
318 } LSA_SECPKG_FUNCTION_TABLE,
319 *PLSA_SECPKG_FUNCTION_TABLE;
321 /* functions implemented by SSP/AP obtainable by dispatch tables */
322 typedef NTSTATUS (NTAPI *PLSA_AP_INITIALIZE_PACKAGE)(ULONG, PLSA_DISPATCH_TABLE,
323 PLSA_STRING, PLSA_STRING, PLSA_STRING *);
324 typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER)(LPWSTR, LPWSTR, LPWSTR, LPWSTR,
325 DWORD, DWORD, PHANDLE);
326 typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
327 PVOID *, PULONG, PNTSTATUS);
328 typedef VOID (NTAPI *PLSA_AP_LOGON_TERMINATED)(PLUID);
329 typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE_UNTRUSTED)(PLSA_CLIENT_REQUEST,
330 PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
331 typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING,
332 PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
333 typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER_EX)(PLSA_CLIENT_REQUEST,
334 SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
335 PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
337 typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER_EX2)(PLSA_CLIENT_REQUEST,
338 SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
339 PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
340 PUNICODE_STRING *, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY *);
341 typedef NTSTATUS (SpInitializeFn)(ULONG_PTR, PSECPKG_PARAMETERS,
342 PLSA_SECPKG_FUNCTION_TABLE);
343 typedef NTSTATUS (NTAPI SpShutDownFn)(void);
344 typedef NTSTATUS (NTAPI SpGetInfoFn)(PSecPkgInfoW);
345 typedef NTSTATUS (NTAPI SpAcceptCredentialsFn)(SECURITY_LOGON_TYPE,
346 PUNICODE_STRING, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED);
347 typedef NTSTATUS (NTAPI SpAcquireCredentialsHandleFn)(PUNICODE_STRING, ULONG,
348 PLUID, PVOID, PVOID, PVOID, PLSA_SEC_HANDLE, PTimeStamp);
349 typedef NTSTATUS (NTAPI SpQueryCredentialsAttributesFn)(LSA_SEC_HANDLE, ULONG,
351 typedef NTSTATUS (NTAPI SpFreeCredentialsHandleFn)(LSA_SEC_HANDLE);
352 typedef NTSTATUS (NTAPI SpSaveCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
353 typedef NTSTATUS (NTAPI SpGetCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
354 typedef NTSTATUS (NTAPI SpDeleteCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
355 typedef NTSTATUS (NTAPI SpInitLsaModeContextFn)(LSA_SEC_HANDLE, LSA_SEC_HANDLE,
356 PUNICODE_STRING, ULONG, ULONG, PSecBufferDesc, PLSA_SEC_HANDLE, PSecBufferDesc,
357 PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
358 typedef NTSTATUS (NTAPI SpAcceptLsaModeContextFn)(LSA_SEC_HANDLE,
359 LSA_SEC_HANDLE, PSecBufferDesc, ULONG, ULONG, PLSA_SEC_HANDLE, PSecBufferDesc,
360 PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
361 typedef NTSTATUS (NTAPI SpDeleteContextFn)(LSA_SEC_HANDLE);
362 typedef NTSTATUS (NTAPI SpApplyControlTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
363 typedef NTSTATUS (NTAPI SpGetUserInfoFn)(PLUID, ULONG, PSecurityUserData *);
364 typedef NTSTATUS (NTAPI SpGetExtendedInformationFn)(
365 SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION *);
366 typedef NTSTATUS (NTAPI SpQueryContextAttributesFn)(LSA_SEC_HANDLE, ULONG,
368 typedef NTSTATUS (NTAPI SpAddCredentialsFn)(LSA_SEC_HANDLE, PUNICODE_STRING,
369 PUNICODE_STRING, ULONG, PVOID, PVOID, PVOID, PTimeStamp);
370 typedef NTSTATUS (NTAPI SpSetExtendedInformationFn)(
371 SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION);
372 typedef NTSTATUS (NTAPI SpInstanceInitFn)(ULONG, PSECPKG_DLL_FUNCTIONS,
374 typedef NTSTATUS (NTAPI SpInitUserModeContextFn)(LSA_SEC_HANDLE, PSecBuffer);
375 typedef NTSTATUS (NTAPI SpMakeSignatureFn)(LSA_SEC_HANDLE, ULONG,
376 PSecBufferDesc, ULONG);
377 typedef NTSTATUS (NTAPI SpVerifySignatureFn)(LSA_SEC_HANDLE, PSecBufferDesc,
379 typedef NTSTATUS (NTAPI SpSealMessageFn)(LSA_SEC_HANDLE, ULONG, PSecBufferDesc,
381 typedef NTSTATUS (NTAPI SpUnsealMessageFn)(LSA_SEC_HANDLE, PSecBufferDesc,
383 typedef NTSTATUS (NTAPI SpGetContextTokenFn)(LSA_SEC_HANDLE, PHANDLE);
384 typedef NTSTATUS (NTAPI SpCompleteAuthTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
385 typedef NTSTATUS (NTAPI SpFormatCredentialsFn)(PSecBuffer, PSecBuffer);
386 typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn)(ULONG, PUCHAR, PULONG,
388 typedef NTSTATUS (NTAPI SpExportSecurityContextFn)(LSA_SEC_HANDLE, ULONG,
389 PSecBuffer, PHANDLE);
390 typedef NTSTATUS (NTAPI SpImportSecurityContextFn)(PSecBuffer, HANDLE,
393 /* Dispatch tables of functions implemented by SSP/AP */
394 typedef struct SECPKG_FUNCTION_TABLE {
395 PLSA_AP_INITIALIZE_PACKAGE InitializePackage;
396 PLSA_AP_LOGON_USER LogonUser;
397 PLSA_AP_CALL_PACKAGE CallPackage;
398 PLSA_AP_LOGON_TERMINATED LogonTerminated;
399 PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted;
400 PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
401 PLSA_AP_LOGON_USER_EX LogonUserEx;
402 PLSA_AP_LOGON_USER_EX2 LogonUserEx2;
403 SpInitializeFn *Initialize;
404 SpShutDownFn *Shutdown;
405 SpGetInfoFn *GetInfo;
406 SpAcceptCredentialsFn *AcceptCredentials;
407 SpAcquireCredentialsHandleFn *AcquireCredentialsHandle;
408 SpQueryCredentialsAttributesFn *QueryCredentialsAttributes;
409 SpFreeCredentialsHandleFn *FreeCredentialsHandle;
410 SpSaveCredentialsFn *SaveCredentials;
411 SpGetCredentialsFn *GetCredentials;
412 SpDeleteCredentialsFn *DeleteCredentials;
413 SpInitLsaModeContextFn *InitLsaModeContext;
414 SpAcceptLsaModeContextFn *AcceptLsaModeContext;
415 SpDeleteContextFn *DeleteContext;
416 SpApplyControlTokenFn *ApplyControlToken;
417 SpGetUserInfoFn *GetUserInfo;
418 SpGetExtendedInformationFn *GetExtendedInformation;
419 SpQueryContextAttributesFn *QueryContextAttributes;
420 SpAddCredentialsFn *AddCredentials;
421 SpSetExtendedInformationFn *SetExtendedInformation;
422 } SECPKG_FUNCTION_TABLE,
423 *PSECPKG_FUNCTION_TABLE;
425 typedef struct SECPKG_USER_FUNCTION_TABLE {
426 SpInstanceInitFn *InstanceInit;
427 SpInitUserModeContextFn *InitUserModeContext;
428 SpMakeSignatureFn *MakeSignature;
429 SpVerifySignatureFn *VerifySignature;
430 SpSealMessageFn *SealMessage;
431 SpUnsealMessageFn *UnsealMessage;
432 SpGetContextTokenFn *GetContextToken;
433 SpQueryContextAttributesFn *QueryContextAttributes;
434 SpCompleteAuthTokenFn *CompleteAuthToken;
435 SpDeleteContextFn *DeleteUserModeContext;
436 SpFormatCredentialsFn *FormatCredentials;
437 SpMarshallSupplementalCredsFn *MarshallSupplementalCreds;
438 SpExportSecurityContextFn *ExportContext;
439 SpImportSecurityContextFn *ImportContext;
440 } SECPKG_USER_FUNCTION_TABLE,
441 *PSECPKG_USER_FUNCTION_TABLE;
443 /* Entry points to SSP/AP */
444 typedef NTSTATUS (NTAPI *SpLsaModeInitializeFn)(ULONG, PULONG,
445 PSECPKG_FUNCTION_TABLE *, PULONG);
446 typedef NTSTATUS (WINAPI *SpUserModeInitializeFn)(ULONG, PULONG,
447 PSECPKG_USER_FUNCTION_TABLE *, PULONG);
452 #endif /* _NTSECPKG_H */