3 * Copyright 2012, 2013 MinGW.org project
5 * Permission is hereby granted, free of charge, to any person obtaining a
6 * copy of this software and associated documentation files (the "Software"),
7 * to deal in the Software without restriction, including without limitation
8 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
9 * and/or sell copies of the Software, and to permit persons to whom the
10 * Software is furnished to do so, subject to the following conditions:
12 * The above copyright notice and this permission notice (including the next
13 * paragraph) shall be included in all copies or substantial portions of the
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
22 * DEALINGS IN THE SOFTWARE.
26 #pragma GCC system_header
37 #define SECPKG_CRED_INBOUND 1
38 #define SECPKG_CRED_OUTBOUND 2
39 #define SECPKG_CRED_BOTH (SECPKG_CRED_OUTBOUND|SECPKG_CRED_INBOUND)
40 #define SECPKG_CRED_ATTR_NAMES 1
42 #define SECPKG_FLAG_INTEGRITY 1
43 #define SECPKG_FLAG_PRIVACY 2
44 #define SECPKG_FLAG_TOKEN_ONLY 4
45 #define SECPKG_FLAG_DATAGRAM 8
46 #define SECPKG_FLAG_CONNECTION 16
47 #define SECPKG_FLAG_MULTI_REQUIRED 32
48 #define SECPKG_FLAG_CLIENT_ONLY 64
49 #define SECPKG_FLAG_EXTENDED_ERROR 128
50 #define SECPKG_FLAG_IMPERSONATION 256
51 #define SECPKG_FLAG_ACCEPT_WIN32_NAME 512
52 #define SECPKG_FLAG_STREAM 1024
54 #define SECPKG_ATTR_AUTHORITY 6
55 #define SECPKG_ATTR_CONNECTION_INFO 90
56 #define SECPKG_ATTR_ISSUER_LIST 80
57 #define SECPKG_ATTR_ISSUER_LIST_EX 89
58 #define SECPKG_ATTR_KEY_INFO 5
59 #define SECPKG_ATTR_LIFESPAN 2
60 #define SECPKG_ATTR_LOCAL_CERT_CONTEXT 84
61 #define SECPKG_ATTR_LOCAL_CRED 82
62 #define SECPKG_ATTR_NAMES 1
63 #define SECPKG_ATTR_PROTO_INFO 7
64 #define SECPKG_ATTR_REMOTE_CERT_CONTEXT 83
65 #define SECPKG_ATTR_REMOTE_CRED 81
66 #define SECPKG_ATTR_SIZES 0
67 #define SECPKG_ATTR_STREAM_SIZES 4
69 #define SECBUFFER_EMPTY 0
70 #define SECBUFFER_DATA 1
71 #define SECBUFFER_TOKEN 2
72 #define SECBUFFER_PKG_PARAMS 3
73 #define SECBUFFER_MISSING 4
74 #define SECBUFFER_EXTRA 5
75 #define SECBUFFER_STREAM_TRAILER 6
76 #define SECBUFFER_STREAM_HEADER 7
77 #define SECBUFFER_PADDING 9
78 #define SECBUFFER_STREAM 10
79 #define SECBUFFER_READONLY 0x80000000
80 #define SECBUFFER_ATTRMASK 0xf0000000
82 #define UNISP_NAME_A "Microsoft Unified Security Protocol Provider"
83 #define UNISP_NAME_W L"Microsoft Unified Security Protocol Provider"
84 #define SECBUFFER_VERSION 0
86 typedef UNICODE_STRING SECURITY_STRING, *PSECURITY_STRING;
88 typedef struct _SecHandle {
91 } SecHandle, *PSecHandle;
92 typedef struct _SecBuffer {
96 } SecBuffer, *PSecBuffer;
97 typedef SecHandle CredHandle;
98 typedef PSecHandle PCredHandle;
99 typedef SecHandle CtxtHandle;
100 typedef PSecHandle PCtxtHandle;
101 typedef struct _SECURITY_INTEGER {
102 unsigned long LowPart;
105 typedef SECURITY_INTEGER TimeStamp, *PTimeStamp;
106 typedef struct _SecBufferDesc {
110 } SecBufferDesc, *PSecBufferDesc;
111 typedef struct _SecPkgContext_StreamSizes {
114 ULONG cbMaximumMessage;
117 } SecPkgContext_StreamSizes, *PSecPkgContext_StreamSizes;
118 typedef struct _SecPkgContext_Sizes {
120 ULONG cbMaxSignature;
122 ULONG cbSecurityTrailer;
123 } SecPkgContext_Sizes, *PSecPkgContext_Sizes;
124 typedef struct _SecPkgContext_AuthorityW {
125 SEC_WCHAR* sAuthorityName;
126 } SecPkgContext_AuthorityW, *PSecPkgContext_AuthorityW;
127 typedef struct _SecPkgContext_AuthorityA {
128 SEC_CHAR* sAuthorityName;
129 } SecPkgContext_AuthorityA, *PSecPkgContext_AuthorityA;
130 typedef struct _SecPkgContext_KeyInfoW {
131 SEC_WCHAR* sSignatureAlgorithmName;
132 SEC_WCHAR* sEncryptAlgorithmName;
134 ULONG SignatureAlgorithm;
135 ULONG EncryptAlgorithm;
136 } SecPkgContext_KeyInfoW, *PSecPkgContext_KeyInfoW;
137 typedef struct _SecPkgContext_KeyInfoA {
138 SEC_CHAR* sSignatureAlgorithmName;
139 SEC_CHAR* sEncryptAlgorithmName;
141 ULONG SignatureAlgorithm;
142 ULONG EncryptAlgorithm;
143 } SecPkgContext_KeyInfoA, *PSecPkgContext_KeyInfoA;
144 typedef struct _SecPkgContext_LifeSpan {
147 } SecPkgContext_LifeSpan, *PSecPkgContext_LifeSpan;
148 typedef struct _SecPkgContext_NamesW {
149 SEC_WCHAR* sUserName;
150 } SecPkgContext_NamesW, *PSecPkgContext_NamesW;
151 typedef struct _SecPkgContext_NamesA {
153 } SecPkgContext_NamesA, *PSecPkgContext_NamesA;
154 typedef struct _SecPkgInfoW {
161 } SecPkgInfoW, *PSecPkgInfoW;
162 typedef struct _SecPkgInfoA {
169 } SecPkgInfoA, *PSecPkgInfoA;
170 /* supported only in win2k+, so it should be a PSecPkgInfoW */
171 /* PSDK does not say it has ANSI/Unicode versions */
172 typedef struct _SecPkgContext_PackageInfo {
173 PSecPkgInfoW PackageInfo;
174 } SecPkgContext_PackageInfo, *PSecPkgContext_PackageInfo;
175 typedef struct _SecPkgCredentials_NamesW {
176 SEC_WCHAR* sUserName;
177 } SecPkgCredentials_NamesW, *PSecPkgCredentials_NamesW;
178 typedef struct _SecPkgCredentials_NamesA {
180 } SecPkgCredentials_NamesA, *PSecPkgCredentials_NamesA;
182 /* TODO: missing type in SDK */
183 typedef void (*SEC_GET_KEY_FN)();
185 typedef SECURITY_STATUS (WINAPI *ENUMERATE_SECURITY_PACKAGES_FN_W)(PULONG,PSecPkgInfoW*);
186 typedef SECURITY_STATUS (WINAPI *ENUMERATE_SECURITY_PACKAGES_FN_A)(PULONG,PSecPkgInfoA*);
187 typedef SECURITY_STATUS (WINAPI *QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(PCredHandle,ULONG,PVOID);
188 typedef SECURITY_STATUS (WINAPI *QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(PCredHandle,ULONG,PVOID);
189 typedef SECURITY_STATUS (WINAPI *ACQUIRE_CREDENTIALS_HANDLE_FN_W)(SEC_WCHAR*,SEC_WCHAR*,ULONG,PLUID,PVOID,SEC_GET_KEY_FN,PVOID,PCredHandle,PTimeStamp);
190 typedef SECURITY_STATUS (WINAPI *ACQUIRE_CREDENTIALS_HANDLE_FN_A)(SEC_CHAR*,SEC_CHAR*,ULONG,PLUID,PVOID,SEC_GET_KEY_FN,PVOID,PCredHandle,PTimeStamp);
191 typedef SECURITY_STATUS (WINAPI *FREE_CREDENTIALS_HANDLE_FN)(PCredHandle);
192 typedef SECURITY_STATUS (WINAPI *INITIALIZE_SECURITY_CONTEXT_FN_W)(PCredHandle,PCtxtHandle,SEC_WCHAR*,ULONG,ULONG,ULONG,PSecBufferDesc,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp);
193 typedef SECURITY_STATUS (WINAPI *INITIALIZE_SECURITY_CONTEXT_FN_A)(PCredHandle,PCtxtHandle,SEC_CHAR*,ULONG,ULONG,ULONG,PSecBufferDesc,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp);
194 typedef SECURITY_STATUS (WINAPI *ACCEPT_SECURITY_CONTEXT_FN)(PCredHandle,PCtxtHandle,PSecBufferDesc,ULONG,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp);
195 typedef SECURITY_STATUS (WINAPI *COMPLETE_AUTH_TOKEN_FN)(PCtxtHandle,PSecBufferDesc);
196 typedef SECURITY_STATUS (WINAPI *DELETE_SECURITY_CONTEXT_FN)(PCtxtHandle);
197 typedef SECURITY_STATUS (WINAPI *APPLY_CONTROL_TOKEN_FN_W)(PCtxtHandle,PSecBufferDesc);
198 typedef SECURITY_STATUS (WINAPI *APPLY_CONTROL_TOKEN_FN_A)(PCtxtHandle,PSecBufferDesc);
199 typedef SECURITY_STATUS (WINAPI *QUERY_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle,ULONG,PVOID);
200 typedef SECURITY_STATUS (WINAPI *QUERY_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle,ULONG,PVOID);
201 typedef SECURITY_STATUS (WINAPI *IMPERSONATE_SECURITY_CONTEXT_FN)(PCtxtHandle);
202 typedef SECURITY_STATUS (WINAPI *REVERT_SECURITY_CONTEXT_FN)(PCtxtHandle);
203 typedef SECURITY_STATUS (WINAPI *MAKE_SIGNATURE_FN)(PCtxtHandle,ULONG,PSecBufferDesc,ULONG);
204 typedef SECURITY_STATUS (WINAPI *VERIFY_SIGNATURE_FN)(PCtxtHandle,PSecBufferDesc,ULONG,PULONG);
205 typedef SECURITY_STATUS (WINAPI *FREE_CONTEXT_BUFFER_FN)(PVOID);
206 typedef SECURITY_STATUS (WINAPI *QUERY_SECURITY_PACKAGE_INFO_FN_A)(SEC_CHAR*,PSecPkgInfoA*);
207 typedef SECURITY_STATUS (WINAPI *QUERY_SECURITY_CONTEXT_TOKEN_FN)(PCtxtHandle,HANDLE*);
208 typedef SECURITY_STATUS (WINAPI *QUERY_SECURITY_PACKAGE_INFO_FN_W)(SEC_WCHAR*,PSecPkgInfoW*);
209 typedef SECURITY_STATUS (WINAPI *ENCRYPT_MESSAGE_FN)(PCtxtHandle,ULONG,PSecBufferDesc,ULONG);
210 typedef SECURITY_STATUS (WINAPI *DECRYPT_MESSAGE_FN)(PCtxtHandle,PSecBufferDesc,ULONG,PULONG);
212 /* No, it really is FreeCredentialsHandle, see the thread beginning
213 * http://sourceforge.net/mailarchive/message.php?msg_id=4321080 for a
214 * discovery discussion. */
215 typedef struct _SECURITY_FUNCTION_TABLEW {
216 unsigned long dwVersion;
217 ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW;
218 QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW;
219 ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW;
220 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
221 void SEC_FAR* Reserved2;
222 INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW;
223 ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
224 COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
225 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
226 APPLY_CONTROL_TOKEN_FN_W ApplyControlTokenW;
227 QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW;
228 IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
229 REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
230 MAKE_SIGNATURE_FN MakeSignature;
231 VERIFY_SIGNATURE_FN VerifySignature;
232 FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
233 QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW;
234 void SEC_FAR* Reserved3;
235 void SEC_FAR* Reserved4;
236 void SEC_FAR* Reserved5;
237 void SEC_FAR* Reserved6;
238 void SEC_FAR* Reserved7;
239 void SEC_FAR* Reserved8;
240 QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
241 ENCRYPT_MESSAGE_FN EncryptMessage;
242 DECRYPT_MESSAGE_FN DecryptMessage;
243 } SecurityFunctionTableW, *PSecurityFunctionTableW;
244 typedef struct _SECURITY_FUNCTION_TABLEA {
245 unsigned long dwVersion;
246 ENUMERATE_SECURITY_PACKAGES_FN_A EnumerateSecurityPackagesA;
247 QUERY_CREDENTIALS_ATTRIBUTES_FN_A QueryCredentialsAttributesA;
248 ACQUIRE_CREDENTIALS_HANDLE_FN_A AcquireCredentialsHandleA;
249 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
250 void SEC_FAR* Reserved2;
251 INITIALIZE_SECURITY_CONTEXT_FN_A InitializeSecurityContextA;
252 ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
253 COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
254 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
255 APPLY_CONTROL_TOKEN_FN_A ApplyControlTokenA;
256 QUERY_CONTEXT_ATTRIBUTES_FN_A QueryContextAttributesA;
257 IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
258 REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
259 MAKE_SIGNATURE_FN MakeSignature;
260 VERIFY_SIGNATURE_FN VerifySignature;
261 FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
262 QUERY_SECURITY_PACKAGE_INFO_FN_A QuerySecurityPackageInfoA;
263 void SEC_FAR* Reserved3;
264 void SEC_FAR* Reserved4;
265 void SEC_FAR* Unknown1;
266 void SEC_FAR* Unknown2;
267 void SEC_FAR* Unknown3;
268 void SEC_FAR* Unknown4;
269 void SEC_FAR* Unknown5;
270 ENCRYPT_MESSAGE_FN EncryptMessage;
271 DECRYPT_MESSAGE_FN DecryptMessage;
272 } SecurityFunctionTableA, *PSecurityFunctionTableA;
273 typedef PSecurityFunctionTableA (WINAPI *INIT_SECURITY_INTERFACE_A)(VOID);
274 typedef PSecurityFunctionTableW (WINAPI *INIT_SECURITY_INTERFACE_W)(VOID);
276 SECURITY_STATUS WINAPI FreeCredentialsHandle(PCredHandle);
277 SECURITY_STATUS WINAPI EnumerateSecurityPackagesA(PULONG,PSecPkgInfoA*);
278 SECURITY_STATUS WINAPI EnumerateSecurityPackagesW(PULONG,PSecPkgInfoW*);
279 SECURITY_STATUS WINAPI AcquireCredentialsHandleA(SEC_CHAR*,SEC_CHAR*,ULONG,PLUID,PVOID,SEC_GET_KEY_FN,PVOID,PCredHandle,PTimeStamp);
280 SECURITY_STATUS WINAPI AcquireCredentialsHandleW(SEC_WCHAR*,SEC_WCHAR*,ULONG,PLUID,PVOID,SEC_GET_KEY_FN,PVOID,PCredHandle,PTimeStamp);
281 SECURITY_STATUS WINAPI AcceptSecurityContext(PCredHandle,PCtxtHandle,PSecBufferDesc,ULONG,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp);
282 SECURITY_STATUS WINAPI InitializeSecurityContextA(PCredHandle,PCtxtHandle,SEC_CHAR*,ULONG,ULONG,ULONG,PSecBufferDesc,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp);
283 SECURITY_STATUS WINAPI InitializeSecurityContextW(PCredHandle,PCtxtHandle,SEC_WCHAR*,ULONG,ULONG,ULONG,PSecBufferDesc,ULONG,PCtxtHandle,PSecBufferDesc,PULONG,PTimeStamp);
284 SECURITY_STATUS WINAPI FreeContextBuffer(PVOID);
285 SECURITY_STATUS WINAPI QueryContextAttributesA(PCtxtHandle,ULONG,PVOID);
286 SECURITY_STATUS WINAPI QueryContextAttributesW(PCtxtHandle,ULONG,PVOID);
287 SECURITY_STATUS WINAPI QueryCredentialsAttributesA(PCredHandle,ULONG,PVOID);
288 SECURITY_STATUS WINAPI QueryCredentialsAttributesW(PCredHandle,ULONG,PVOID);
290 SECURITY_STATUS WINAPI DecryptMessage(PCtxtHandle,PSecBufferDesc,ULONG,PULONG);
291 SECURITY_STATUS WINAPI EncryptMessage(PCtxtHandle,ULONG,PSecBufferDesc,ULONG);
292 SECURITY_STATUS WINAPI DeleteSecurityContext(PCtxtHandle);
293 SECURITY_STATUS WINAPI CompleteAuthToken(PCtxtHandle,PSecBufferDesc);
294 SECURITY_STATUS WINAPI ApplyControlTokenA(PCtxtHandle,PSecBufferDesc);
295 SECURITY_STATUS WINAPI ApplyControlTokenW(PCtxtHandle,PSecBufferDesc);
296 SECURITY_STATUS WINAPI ImpersonateSecurityContext(PCtxtHandle);
297 SECURITY_STATUS WINAPI RevertSecurityContext(PCtxtHandle);
298 SECURITY_STATUS WINAPI MakeSignature(PCtxtHandle,ULONG,PSecBufferDesc,ULONG);
299 SECURITY_STATUS WINAPI VerifySignature(PCtxtHandle,PSecBufferDesc,ULONG,PULONG);
300 SECURITY_STATUS WINAPI QuerySecurityPackageInfoA(SEC_CHAR*,PSecPkgInfoA*);
301 SECURITY_STATUS WINAPI QuerySecurityPackageInfoW(SEC_WCHAR*,PSecPkgInfoW*);
302 PSecurityFunctionTableA WINAPI InitSecurityInterfaceA(VOID);
303 PSecurityFunctionTableW WINAPI InitSecurityInterfaceW(VOID);
305 #define UNISP_NAME __AW(UNISP_NAME_)
306 #define SecPkgInfo __AW(SecPkgInfo)
307 #define PSecPkgInfo __AW(PSecPkgInfo)
308 #define SecPkgCredentials_Names __AW(SecPkgCredentials_Names)
309 #define PSecPkgCredentials_Names __AW(PSecPkgCredentials_Names)
310 #define SecPkgContext_Authority __AW(SecPkgContext_Authority)
311 #define PSecPkgContext_Authority __AW(PSecPkgContext_Authority)
312 #define SecPkgContext_KeyInfo __AW(SecPkgContext_KeyInfo)
313 #define PSecPkgContext_KeyInfo __AW(PSecPkgContext_KeyInfo)
314 #define SecPkgContext_Names __AW(SecPkgContext_Names)
315 #define PSecPkgContext_Names __AW(PSecPkgContext_Names)
316 #define SecurityFunctionTable __AW(SecurityFunctionTable)
317 #define PSecurityFunctionTable __AW(PSecurityFunctionTable)
318 #define AcquireCredentialsHandle __AW(AcquireCredentialsHandle)
319 #define EnumerateSecurityPackages __AW(EnumerateSecurityPackages)
320 #define InitializeSecurityContext __AW(InitializeSecurityContext)
321 #define QueryContextAttributes __AW(QueryContextAttributes)
322 #define QueryCredentialsAttributes __AW(QueryCredentialsAttributes)
323 #define QuerySecurityPackageInfo __AW(QuerySecurityPackageInfo)
324 #define ApplyControlToken __AW(ApplyControlToken)
325 #define ENUMERATE_SECURITY_PACKAGES_FN __AW(ENUMERATE_SECURITY_PACKAGES_FN_)
326 #define QUERY_CREDENTIALS_ATTRIBUTES_FN __AW(QUERY_CREDENTIALS_ATTRIBUTES_FN_)
327 #define ACQUIRE_CREDENTIALS_HANDLE_FN __AW(ACQUIRE_CREDENTIALS_HANDLE_FN_)
328 #define INITIALIZE_SECURITY_CONTEXT_FN __AW(INITIALIZE_SECURITY_CONTEXT_FN_)
329 #define APPLY_CONTROL_TOKEN_FN __AW(APPLY_CONTROL_TOKEN_FN_)
330 #define QUERY_CONTEXT_ATTRIBUTES_FN __AW(QUERY_CONTEXT_ATTRIBUTES_FN_)
331 #define QUERY_SECURITY_PACKAGE_INFO_FN __AW(QUERY_SECURITY_PACKAGE_INFO_FN_)
332 #define INIT_SECURITY_INTERFACE __AW(INIT_SECURITY_INTERFACE_)
334 #if (_WIN32_WINNT >= _WIN32_WINNT_WIN2K)
335 SECURITY_STATUS WINAPI QuerySecurityContextToken(PCtxtHandle,HANDLE*);
336 #endif /* (_WIN32_WINNT >= _WIN32_WINNT_WIN2K) */