source: trunk/include/win/ntsecpkg.h

Last change on this file was 21373, checked in by vladest, 16 years ago

Added SCHANNEL api for security
File size: 18.6 KB
Line 
1/*
2 * Copyright (C) 2007 Yuval Fledel
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 */
18
19#ifndef _NTSECPKG_H
20#define _NTSECPKG_H
21
22#ifdef __cplusplus
23extern "C" {
24#endif
25
26/* Flags for the MachineState field in SECPKG_PARAMETERS */
27#define SECPKG_STATE_ENCRYPTION_PERMITTED 0x01
28#define SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED 0x02
29#define SECPKG_STATE_DOMAIN_CONTROLLER 0x04
30#define SECPKG_STATE_WORKSTATION 0x08
31#define SECPKG_STATE_STANDALONE 0x10
32
33/* Version magics as passed to or returned from Sp[Lsa,Mode]ModeInitialize */
34#define SECPKG_INTERFACE_VERSION 0x10000
35#define SECPKG_INTERFACE_VERSION_2 0x20000
36#define SECPKG_INTERFACE_VERSION_3 0x40000
37
38/* enum definitions for Secure Service Provider/Authentication Packages */
39typedef enum _LSA_TOKEN_INFORMATION_TYPE {
40 LsaTokenInformationNull,
41 LsaTokenInformationV1
42} LSA_TOKEN_INFORMATION_TYPE, *PLSA_TOKEN_INFORMATION_TYPE;
43
44typedef enum _SECPKG_EXTENDED_INFORMATION_CLASS
45{
46 SecpkgGssInfo = 1,
47 SecpkgContextThunks,
48 SecpkgMutualAuthLevel,
49 SecpkgMaxInfo
50} SECPKG_EXTENDED_INFORMATION_CLASS;
51
52typedef enum _SECPKG_NAME_TYPE {
53 SecNameSamCompatible,
54 SecNameAlternateId,
55 SecNameFlat,
56 SecNameDN
57} SECPKG_NAME_TYPE;
58
59/* struct definitions for SSP/AP */
60typedef struct _SECPKG_PRIMARY_CRED {
61 LUID LogonId;
62 UNICODE_STRING DownlevelName;
63 UNICODE_STRING DomainName;
64 UNICODE_STRING Password;
65 UNICODE_STRING OldPassword;
66 PSID UserSid;
67 ULONG Flags;
68 UNICODE_STRING DnsDomainName;
69 UNICODE_STRING Upn;
70 UNICODE_STRING LogonServer;
71 UNICODE_STRING Spare1;
72 UNICODE_STRING Spare2;
73 UNICODE_STRING Spare3;
74 UNICODE_STRING Spare4;
75} SECPKG_PRIMARY_CRED, *PSECPKG_PRIMARY_CRED;
76
77typedef struct _SECPKG_SUPPLEMENTAL_CRED {
78 UNICODE_STRING PackageName;
79 ULONG CredentialSize;
80 PUCHAR Credentials;
81} SECPKG_SUPPLEMENTAL_CRED, *PSECPKG_SUPPLEMENTAL_CRED;
82
83typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY {
84 ULONG CredentialCount;
85 SECPKG_SUPPLEMENTAL_CRED Credentials[1];
86} SECPKG_SUPPLEMENTAL_CRED_ARRAY, *PSECPKG_SUPPLEMENTAL_CRED_ARRAY;
87
88typedef struct _SECPKG_PARAMETERS {
89 ULONG Version;
90 ULONG MachineState;
91 ULONG SetupMode;
92 PSID DomainSid;
93 UNICODE_STRING DomainName;
94 UNICODE_STRING DnsDomainName;
95 GUID DomainGuid;
96} SECPKG_PARAMETERS, *PSECPKG_PARAMETERS,
97 SECPKG_EVENT_DOMAIN_CHANGE, *PSECPKG_EVENT_DOMAIN_CHANGE;
98
99typedef struct _SECPKG_CLIENT_INFO {
100 LUID LogonId;
101 ULONG ProcessID;
102 ULONG ThreadID;
103 BOOLEAN HasTcbPrivilege;
104 BOOLEAN Impersonating;
105 BOOLEAN Restricted;
106} SECPKG_CLIENT_INFO,
107 *PSECPKG_CLIENT_INFO;
108
109typedef struct _SECURITY_USER_DATA {
110 UNICODE_STRING UserName;
111 UNICODE_STRING LogonDomainName;
112 UNICODE_STRING LogonServer;
113 PSID pSid;
114} SECURITY_USER_DATA, *PSECURITY_USER_DATA,
115 SecurityUserData, *PSecurityUserData;
116
117typedef struct _SECPKG_GSS_INFO {
118 ULONG EncodedIdLength;
119 UCHAR EncodedId[4];
120} SECPKG_GSS_INFO, *PSECPKG_GSS_INFO;
121
122typedef struct _SECPKG_CONTEXT_THUNKS {
123 ULONG InfoLevelCount;
124 ULONG Levels[1];
125} SECPKG_CONTEXT_THUNKS, *PSECPKG_CONTEXT_THUNKS;
126
127typedef struct _SECPKG_MUTUAL_AUTH_LEVEL {
128 ULONG MutualAuthLevel;
129} SECPKG_MUTUAL_AUTH_LEVEL, *PSECPKG_MUTUAL_AUTH_LEVEL;
130
131typedef struct _SECPKG_CALL_INFO {
132 ULONG ProcessId;
133 ULONG ThreadId;
134 ULONG Attributes;
135 ULONG CallCount;
136} SECPKG_CALL_INFO, *PSECPKG_CALL_INFO;
137
138typedef struct _SECPKG_EXTENDED_INFORMATION {
139 SECPKG_EXTENDED_INFORMATION_CLASS Class;
140 union {
141 SECPKG_GSS_INFO GssInfo;
142 SECPKG_CONTEXT_THUNKS ContextThunks;
143 SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel;
144 } Info;
145} SECPKG_EXTENDED_INFORMATION, *PSECPKG_EXTENDED_INFORMATION;
146
147/* callbacks implemented by SSP/AP dlls and called by the LSA */
148typedef VOID (*NTAPI PLSA_CALLBACK_FUNCTION)(ULONG_PTR, ULONG_PTR, PSecBuffer,
149 PSecBuffer);
150
151/* misc typedefs used in the below prototypes */
152typedef PVOID *PLSA_CLIENT_REQUEST;
153typedef ULONG LSA_SEC_HANDLE, *PLSA_SEC_HANDLE;
154typedef LPTHREAD_START_ROUTINE SEC_THREAD_START;
155typedef PSECURITY_ATTRIBUTES SEC_ATTRS;
156
157/* functions used by SSP/AP obtainable by dispatch tables */
158typedef NTSTATUS (*NTAPI PLSA_REGISTER_CALLBACK)(ULONG, PLSA_CALLBACK_FUNCTION);
159typedef NTSTATUS (*NTAPI PLSA_CREATE_LOGON_SESSION)(PLUID);
160typedef NTSTATUS (*NTAPI PLSA_DELETE_LOGON_SESSION)(PLUID);
161typedef NTSTATUS (*NTAPI PLSA_ADD_CREDENTIAL)(PLUID, ULONG, PLSA_STRING,
162 PLSA_STRING);
163typedef NTSTATUS (*NTAPI PLSA_GET_CREDENTIALS)(PLUID, ULONG, PULONG, BOOLEAN,
164 PLSA_STRING, PULONG, PLSA_STRING);
165typedef NTSTATUS (*NTAPI PLSA_DELETE_CREDENTIAL)(PLUID, ULONG, PLSA_STRING);
166typedef PVOID (*NTAPI PLSA_ALLOCATE_LSA_HEAP)(ULONG);
167typedef VOID (*NTAPI PLSA_FREE_LSA_HEAP)(PVOID);
168typedef NTSTATUS (*NTAPI PLSA_ALLOCATE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
169 ULONG, PVOID*);
170typedef NTSTATUS (*NTAPI PLSA_FREE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, PVOID);
171typedef NTSTATUS (*NTAPI PLSA_COPY_TO_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, ULONG,
172 PVOID, PVOID);
173typedef NTSTATUS (*NTAPI PLSA_COPY_FROM_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
174 ULONG, PVOID, PVOID);
175typedef NTSTATUS (*NTAPI PLSA_IMPERSONATE_CLIENT)(void);
176typedef NTSTATUS (*NTAPI PLSA_UNLOAD_PACKAGE)(void);
177typedef NTSTATUS (*NTAPI PLSA_DUPLICATE_HANDLE)(HANDLE, PHANDLE);
178typedef NTSTATUS (*NTAPI PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS)(PLUID, ULONG,
179 PVOID, BOOLEAN);
180typedef HANDLE (*NTAPI PLSA_CREATE_THREAD)(SEC_ATTRS, ULONG, SEC_THREAD_START,
181 PVOID, ULONG, PULONG);
182typedef NTSTATUS (*NTAPI PLSA_GET_CLIENT_INFO)(PSECPKG_CLIENT_INFO);
183typedef HANDLE (*NTAPI PLSA_REGISTER_NOTIFICATION)(SEC_THREAD_START, PVOID,
184 ULONG, ULONG, ULONG, ULONG, HANDLE);
185typedef NTSTATUS (*NTAPI PLSA_CANCEL_NOTIFICATION)(HANDLE);
186typedef NTSTATUS (*NTAPI PLSA_MAP_BUFFER)(PSecBuffer, PSecBuffer);
187typedef NTSTATUS (*NTAPI PLSA_CREATE_TOKEN)(PLUID, PTOKEN_SOURCE,
188 SECURITY_LOGON_TYPE, SECURITY_IMPERSONATION_LEVEL, LSA_TOKEN_INFORMATION_TYPE,
189 PVOID, PTOKEN_GROUPS, PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING,
190 PUNICODE_STRING, PHANDLE, PNTSTATUS);
191typedef VOID (*NTAPI PLSA_AUDIT_LOGON)(NTSTATUS, NTSTATUS, PUNICODE_STRING,
192 PUNICODE_STRING, PUNICODE_STRING, OPTIONAL PSID, SECURITY_LOGON_TYPE,
193 PTOKEN_SOURCE, PLUID);
194typedef NTSTATUS (*NTAPI PLSA_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
195 PVOID*, PULONG, PNTSTATUS);
196typedef BOOLEAN (*NTAPI PLSA_GET_CALL_INFO)(PSECPKG_CALL_INFO);
197typedef NTSTATUS (*NTAPI PLSA_CALL_PACKAGEEX)(PUNICODE_STRING, PVOID, PVOID,
198 ULONG, PVOID*, PULONG, PNTSTATUS);
199typedef PVOID (*NTAPI PLSA_CREATE_SHARED_MEMORY)(ULONG, ULONG);
200typedef PVOID (*NTAPI PLSA_ALLOCATE_SHARED_MEMORY)(PVOID, ULONG);
201typedef VOID (*NTAPI PLSA_FREE_SHARED_MEMORY)(PVOID, PVOID);
202typedef BOOLEAN (*NTAPI PLSA_DELETE_SHARED_MEMORY)(PVOID);
203typedef NTSTATUS (*NTAPI PLSA_OPEN_SAM_USER)(PUNICODE_STRING, SECPKG_NAME_TYPE,
204 PUNICODE_STRING, BOOLEAN, ULONG, PVOID*);
205typedef NTSTATUS (*NTAPI PLSA_GET_USER_CREDENTIALS)(PVOID, PVOID *, PULONG,
206 PVOID *, PULONG);
207typedef NTSTATUS (*NTAPI PLSA_GET_USER_AUTH_DATA)(PVOID, PUCHAR *, PULONG);
208typedef NTSTATUS (*NTAPI PLSA_CLOSE_SAM_USER)(PVOID);
209typedef NTSTATUS (*NTAPI PLSA_CONVERT_AUTH_DATA_TO_TOKEN)(PVOID, ULONG,
210 SECURITY_IMPERSONATION_LEVEL, PTOKEN_SOURCE, SECURITY_LOGON_TYPE,
211 PUNICODE_STRING, PHANDLE, PLUID, PUNICODE_STRING, PNTSTATUS);
212typedef NTSTATUS (*NTAPI PLSA_CLIENT_CALLBACK)(PCHAR, ULONG_PTR, ULONG_PTR,
213 PSecBuffer, PSecBuffer);
214typedef NTSTATUS (*NTAPI PLSA_UPDATE_PRIMARY_CREDENTIALS)(PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY);
215typedef NTSTATUS (*NTAPI PLSA_GET_AUTH_DATA_FOR_USER)(PUNICODE_STRING,
216 SECPKG_NAME_TYPE, PUNICODE_STRING, PUCHAR *, PULONG, PUNICODE_STRING);
217typedef NTSTATUS (*NTAPI PLSA_CRACK_SINGLE_NAME)(ULONG, BOOLEAN,
218 PUNICODE_STRING, PUNICODE_STRING, ULONG, PUNICODE_STRING, PUNICODE_STRING,
219 PULONG);
220typedef NTSTATUS (*NTAPI PLSA_AUDIT_ACCOUNT_LOGON)(ULONG, BOOLEAN,
221 PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING, NTSTATUS);
222typedef NTSTATUS (*NTAPI PLSA_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING, PVOID,
223 PVOID, ULONG, PVOID*, PULONG, PNTSTATUS);
224
225/* Dispatch tables of functions used by SSP/AP */
226typedef struct SECPKG_DLL_FUNCTIONS {
227 PLSA_ALLOCATE_LSA_HEAP AllocateHeap;
228 PLSA_FREE_LSA_HEAP FreeHeap;
229 PLSA_REGISTER_CALLBACK RegisterCallback;
230} SECPKG_DLL_FUNCTIONS,
231 *PSECPKG_DLL_FUNCTIONS;
232
233typedef struct LSA_DISPATCH_TABLE {
234 PLSA_CREATE_LOGON_SESSION CreateLogonSession;
235 PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
236 PLSA_ADD_CREDENTIAL AddCredential;
237 PLSA_GET_CREDENTIALS GetCredentials;
238 PLSA_DELETE_CREDENTIAL DeleteCredential;
239 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
240 PLSA_FREE_LSA_HEAP FreeLsaHeap;
241 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
242 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
243 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
244 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
245} LSA_DISPATCH_TABLE,
246 *PLSA_DISPATCH_TABLE;
247
248typedef struct _LSA_SECPKG_FUNCTION_TABLE {
249 PLSA_CREATE_LOGON_SESSION CreateLogonSession;
250 PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
251 PLSA_ADD_CREDENTIAL AddCredential;
252 PLSA_GET_CREDENTIALS GetCredentials;
253 PLSA_DELETE_CREDENTIAL DeleteCredential;
254 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
255 PLSA_FREE_LSA_HEAP FreeLsaHeap;
256 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
257 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
258 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
259 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
260 PLSA_IMPERSONATE_CLIENT ImpersonateClient;
261 PLSA_UNLOAD_PACKAGE UnloadPackage;
262 PLSA_DUPLICATE_HANDLE DuplicateHandle;
263 PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials;
264 PLSA_CREATE_THREAD CreateThread;
265 PLSA_GET_CLIENT_INFO GetClientInfo;
266 PLSA_REGISTER_NOTIFICATION RegisterNotification;
267 PLSA_CANCEL_NOTIFICATION CancelNotification;
268 PLSA_MAP_BUFFER MapBuffer;
269 PLSA_CREATE_TOKEN CreateToken;
270 PLSA_AUDIT_LOGON AuditLogon;
271 PLSA_CALL_PACKAGE CallPackage;
272 PLSA_FREE_LSA_HEAP FreeReturnBuffer;
273 PLSA_GET_CALL_INFO GetCallInfo;
274 PLSA_CALL_PACKAGEEX CallPackageEx;
275 PLSA_CREATE_SHARED_MEMORY CreateSharedMemory;
276 PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory;
277 PLSA_FREE_SHARED_MEMORY FreeSharedMemory;
278 PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory;
279 PLSA_OPEN_SAM_USER OpenSamUser;
280 PLSA_GET_USER_CREDENTIALS GetUserCredentials;
281 PLSA_GET_USER_AUTH_DATA GetUserAuthData;
282 PLSA_CLOSE_SAM_USER CloseSamUser;
283 PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken;
284 PLSA_CLIENT_CALLBACK ClientCallback;
285 PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials;
286 PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser;
287 PLSA_CRACK_SINGLE_NAME CrackSingleName;
288 PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon;
289 PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
290} LSA_SECPKG_FUNCTION_TABLE,
291 *PLSA_SECPKG_FUNCTION_TABLE;
292
293/* LSA-mode functions implemented by SSP/AP obtainable by a dispatch table */
294typedef NTSTATUS (*NTAPI PLSA_AP_INITIALIZE_PACKAGE)(ULONG, PLSA_DISPATCH_TABLE,
295 PLSA_STRING, PLSA_STRING, PLSA_STRING *);
296typedef NTSTATUS (*NTAPI PLSA_AP_LOGON_USER)(LPWSTR, LPWSTR, LPWSTR, LPWSTR,
297 DWORD, DWORD, PHANDLE);
298typedef NTSTATUS (*NTAPI PLSA_AP_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
299 PVOID *, PULONG, PNTSTATUS);
300typedef VOID (*NTAPI PLSA_AP_LOGON_TERMINATED)(PLUID);
301typedef NTSTATUS (*NTAPI PLSA_AP_CALL_PACKAGE_UNTRUSTED)(PLSA_CLIENT_REQUEST,
302 PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
303typedef NTSTATUS (*NTAPI PLSA_AP_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING,
304 PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
305typedef NTSTATUS (*NTAPI PLSA_AP_LOGON_USER_EX)(PLSA_CLIENT_REQUEST,
306 SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
307 PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
308 PUNICODE_STRING *);
309typedef NTSTATUS (*NTAPI PLSA_AP_LOGON_USER_EX2)(PLSA_CLIENT_REQUEST,
310 SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
311 PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
312 PUNICODE_STRING *, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY *);
313typedef NTSTATUS (SpInitializeFn)(ULONG_PTR, PSECPKG_PARAMETERS,
314 PLSA_SECPKG_FUNCTION_TABLE);
315typedef NTSTATUS (NTAPI SpShutDownFn)(void);
316typedef NTSTATUS (NTAPI SpGetInfoFn)(PSecPkgInfoW);
317typedef NTSTATUS (NTAPI SpAcceptCredentialsFn)(SECURITY_LOGON_TYPE,
318 PUNICODE_STRING, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED);
319typedef NTSTATUS (NTAPI SpAcquireCredentialsHandleFn)(PUNICODE_STRING, ULONG,
320 PLUID, PVOID, PVOID, PVOID, PLSA_SEC_HANDLE, PTimeStamp);
321typedef NTSTATUS (NTAPI SpQueryCredentialsAttributesFn)(LSA_SEC_HANDLE, ULONG,
322 PVOID);
323typedef NTSTATUS (NTAPI SpFreeCredentialsHandleFn)(LSA_SEC_HANDLE);
324typedef NTSTATUS (NTAPI SpSaveCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
325typedef NTSTATUS (NTAPI SpGetCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
326typedef NTSTATUS (NTAPI SpDeleteCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
327typedef NTSTATUS (NTAPI SpInitLsaModeContextFn)(LSA_SEC_HANDLE, LSA_SEC_HANDLE,
328 PUNICODE_STRING, ULONG, ULONG, PSecBufferDesc, PLSA_SEC_HANDLE, PSecBufferDesc,
329 PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
330typedef NTSTATUS (NTAPI SpAcceptLsaModeContextFn)(LSA_SEC_HANDLE,
331 LSA_SEC_HANDLE, PSecBufferDesc, ULONG, ULONG, PLSA_SEC_HANDLE, PSecBufferDesc,
332 PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
333typedef NTSTATUS (NTAPI SpDeleteContextFn)(LSA_SEC_HANDLE);
334typedef NTSTATUS (NTAPI SpApplyControlTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
335typedef NTSTATUS (NTAPI SpGetUserInfoFn)(PLUID, ULONG, PSecurityUserData *);
336typedef NTSTATUS (NTAPI SpGetExtendedInformationFn)(
337 SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION *);
338typedef NTSTATUS (NTAPI SpQueryContextAttributesFn)(LSA_SEC_HANDLE, ULONG,
339 PVOID);
340typedef NTSTATUS (NTAPI SpAddCredentialsFn)(LSA_SEC_HANDLE, PUNICODE_STRING,
341 PUNICODE_STRING, ULONG, PVOID, PVOID, PVOID, PTimeStamp);
342typedef NTSTATUS (NTAPI SpSetExtendedInformationFn)(
343 SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION);
344typedef NTSTATUS (NTAPI SpSetContextAttributesFn)(LSA_SEC_HANDLE, ULONG, PVOID,
345 ULONG);
346typedef NTSTATUS (NTAPI SpSetCredentialsAttributesFn)(LSA_SEC_HANDLE, ULONG,
347 PVOID, ULONG);
348
349/* User-mode functions implemented by SSP/AP obtainable by a dispatch table */
350typedef NTSTATUS (NTAPI SpInstanceInitFn)(ULONG, PSECPKG_DLL_FUNCTIONS,
351 PVOID *);
352typedef NTSTATUS (NTAPI SpInitUserModeContextFn)(LSA_SEC_HANDLE, PSecBuffer);
353typedef NTSTATUS (NTAPI SpMakeSignatureFn)(LSA_SEC_HANDLE, ULONG,
354 PSecBufferDesc, ULONG);
355typedef NTSTATUS (NTAPI SpVerifySignatureFn)(LSA_SEC_HANDLE, PSecBufferDesc,
356 ULONG, PULONG);
357typedef NTSTATUS (NTAPI SpSealMessageFn)(LSA_SEC_HANDLE, ULONG, PSecBufferDesc,
358 ULONG);
359typedef NTSTATUS (NTAPI SpUnsealMessageFn)(LSA_SEC_HANDLE, PSecBufferDesc,
360 ULONG, PULONG);
361typedef NTSTATUS (NTAPI SpGetContextTokenFn)(LSA_SEC_HANDLE, PHANDLE);
362typedef NTSTATUS (NTAPI SpCompleteAuthTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
363typedef NTSTATUS (NTAPI SpFormatCredentialsFn)(PSecBuffer, PSecBuffer);
364typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn)(ULONG, PUCHAR, PULONG,
365 PVOID *);
366typedef NTSTATUS (NTAPI SpExportSecurityContextFn)(LSA_SEC_HANDLE, ULONG,
367 PSecBuffer, PHANDLE);
368typedef NTSTATUS (NTAPI SpImportSecurityContextFn)(PSecBuffer, HANDLE,
369 PLSA_SEC_HANDLE);
370
371#ifdef WINE_NO_UNICODE_MACROS
372#undef SetContextAttributes
373#endif
374
375/* dispatch tables of LSA-mode functions implemented by SSP/AP */
376typedef struct SECPKG_FUNCTION_TABLE {
377 PLSA_AP_INITIALIZE_PACKAGE InitializePackage;
378 PLSA_AP_LOGON_USER LsaLogonUser;
379 PLSA_AP_CALL_PACKAGE CallPackage;
380 PLSA_AP_LOGON_TERMINATED LogonTerminated;
381 PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted;
382 PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
383 PLSA_AP_LOGON_USER_EX LogonUserEx;
384 PLSA_AP_LOGON_USER_EX2 LogonUserEx2;
385 SpInitializeFn *Initialize;
386 SpShutDownFn *Shutdown;
387 SpGetInfoFn *GetInfo;
388 SpAcceptCredentialsFn *AcceptCredentials;
389 SpAcquireCredentialsHandleFn *SpAcquireCredentialsHandle;
390 SpQueryCredentialsAttributesFn *SpQueryCredentialsAttributes;
391 SpFreeCredentialsHandleFn *FreeCredentialsHandle;
392 SpSaveCredentialsFn *SaveCredentials;
393 SpGetCredentialsFn *GetCredentials;
394 SpDeleteCredentialsFn *DeleteCredentials;
395 SpInitLsaModeContextFn *InitLsaModeContext;
396 SpAcceptLsaModeContextFn *AcceptLsaModeContext;
397 SpDeleteContextFn *DeleteContext;
398 SpApplyControlTokenFn *ApplyControlToken;
399 SpGetUserInfoFn *GetUserInfo;
400 SpGetExtendedInformationFn *GetExtendedInformation;
401 SpQueryContextAttributesFn *SpQueryContextAttributes;
402 SpAddCredentialsFn *SpAddCredentials;
403 SpSetExtendedInformationFn *SetExtendedInformation;
404 /* Packages with version SECPKG_INTERFACE_VERSION end here */
405 SpSetContextAttributesFn *SetContextAttributes;
406 /* Packages with version SECPKG_INTERFACE_VERSION_2 end here */
407 SpSetCredentialsAttributesFn *SetCredentialsAttributes;
408 /* Packages with version SECPKG_INTERFACE_VERSION_3 end here */
409} SECPKG_FUNCTION_TABLE,
410 *PSECPKG_FUNCTION_TABLE;
411
412/* dispatch tables of user-mode functions implemented by SSP/AP */
413typedef struct SECPKG_USER_FUNCTION_TABLE {
414 SpInstanceInitFn *InstanceInit;
415 SpInitUserModeContextFn *InitUserModeContext;
416 SpMakeSignatureFn *MakeSignature;
417 SpVerifySignatureFn *VerifySignature;
418 SpSealMessageFn *SealMessage;
419 SpUnsealMessageFn *UnsealMessage;
420 SpGetContextTokenFn *GetContextToken;
421 SpQueryContextAttributesFn *SpQueryContextAttributes;
422 SpCompleteAuthTokenFn *CompleteAuthToken;
423 SpDeleteContextFn *DeleteUserModeContext;
424 SpFormatCredentialsFn *FormatCredentials;
425 SpMarshallSupplementalCredsFn *MarshallSupplementalCreds;
426 SpExportSecurityContextFn *ExportContext;
427 SpImportSecurityContextFn *ImportContext;
428} SECPKG_USER_FUNCTION_TABLE,
429 *PSECPKG_USER_FUNCTION_TABLE;
430
431/* LSA-mode entry point to SSP/APs */
432typedef NTSTATUS (*NTAPI SpLsaModeInitializeFn)(ULONG, PULONG,
433 PSECPKG_FUNCTION_TABLE *, PULONG);
434
435/* User-mode entry point to SSP/APs */
436typedef NTSTATUS (*WINAPI SpUserModeInitializeFn)(ULONG, PULONG,
437 PSECPKG_USER_FUNCTION_TABLE *, PULONG);
438
439#ifdef __cplusplus
440}
441#endif
442#endif /* _NTSECPKG_H */
Note: See TracBrowser for help on using the repository browser.