23#include <winpr/platform.h>
24#include <winpr/winpr.h>
25#include <winpr/cast.h>
26#include <winpr/wtypes.h>
27#include <winpr/windows.h>
28#include <winpr/security.h>
41#if !defined(_WIN32) || defined(_UWP)
48typedef WCHAR SEC_WCHAR;
60WINPR_PRAGMA_DIAG_IGNORED_RESERVED_ID_MACRO
62#ifndef __SECSTATUS_DEFINED__
63typedef LONG SECURITY_STATUS;
64#define __SECSTATUS_DEFINED__
92#define SecPkgInfo SecPkgInfoW
93#define PSecPkgInfo PSecPkgInfoW
95#define SecPkgInfo SecPkgInfoA
96#define PSecPkgInfo PSecPkgInfoA
101#define NTLM_SSP_NAME _T("NTLM")
102#define KERBEROS_SSP_NAME _T("Kerberos")
103#define NEGO_SSP_NAME _T("Negotiate")
105#define SECPKG_ID_NONE 0xFFFF
107#define SECPKG_FLAG_INTEGRITY 0x00000001
108#define SECPKG_FLAG_PRIVACY 0x00000002
109#define SECPKG_FLAG_TOKEN_ONLY 0x00000004
110#define SECPKG_FLAG_DATAGRAM 0x00000008
111#define SECPKG_FLAG_CONNECTION 0x00000010
112#define SECPKG_FLAG_MULTI_REQUIRED 0x00000020
113#define SECPKG_FLAG_CLIENT_ONLY 0x00000040
114#define SECPKG_FLAG_EXTENDED_ERROR 0x00000080
115#define SECPKG_FLAG_IMPERSONATION 0x00000100
116#define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200
117#define SECPKG_FLAG_STREAM 0x00000400
118#define SECPKG_FLAG_NEGOTIABLE 0x00000800
119#define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000
120#define SECPKG_FLAG_LOGON 0x00002000
121#define SECPKG_FLAG_ASCII_BUFFERS 0x00004000
122#define SECPKG_FLAG_FRAGMENT 0x00008000
123#define SECPKG_FLAG_MUTUAL_AUTH 0x00010000
124#define SECPKG_FLAG_DELEGATION 0x00020000
125#define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000
126#define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000
127#define SECPKG_FLAG_NEGO_EXTENDER 0x00100000
128#define SECPKG_FLAG_NEGOTIABLE2 0x00200000
132#define SEC_E_OK WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00000000)
133#define SEC_E_INSUFFICIENT_MEMORY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090300)
134#define SEC_E_INVALID_HANDLE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090301)
135#define SEC_E_UNSUPPORTED_FUNCTION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090302)
136#define SEC_E_TARGET_UNKNOWN WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090303)
137#define SEC_E_INTERNAL_ERROR WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090304)
138#define SEC_E_SECPKG_NOT_FOUND WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090305)
139#define SEC_E_NOT_OWNER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090306)
140#define SEC_E_CANNOT_INSTALL WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090307)
141#define SEC_E_INVALID_TOKEN WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090308)
142#define SEC_E_CANNOT_PACK WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090309)
143#define SEC_E_QOP_NOT_SUPPORTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030A)
144#define SEC_E_NO_IMPERSONATION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030B)
145#define SEC_E_LOGON_DENIED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030C)
146#define SEC_E_UNKNOWN_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030D)
147#define SEC_E_NO_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030E)
148#define SEC_E_MESSAGE_ALTERED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030F)
149#define SEC_E_OUT_OF_SEQUENCE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090310)
150#define SEC_E_NO_AUTHENTICATING_AUTHORITY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090311)
151#define SEC_E_BAD_PKGID WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090316)
152#define SEC_E_CONTEXT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090317)
153#define SEC_E_INCOMPLETE_MESSAGE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090318)
154#define SEC_E_INCOMPLETE_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090320)
155#define SEC_E_BUFFER_TOO_SMALL WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090321)
156#define SEC_E_WRONG_PRINCIPAL WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090322)
157#define SEC_E_TIME_SKEW WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090324)
158#define SEC_E_UNTRUSTED_ROOT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090325)
159#define SEC_E_ILLEGAL_MESSAGE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090326)
160#define SEC_E_CERT_UNKNOWN WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090327)
161#define SEC_E_CERT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090328)
162#define SEC_E_ENCRYPT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090329)
163#define SEC_E_DECRYPT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090330)
164#define SEC_E_ALGORITHM_MISMATCH WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090331)
165#define SEC_E_SECURITY_QOS_FAILED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090332)
166#define SEC_E_UNFINISHED_CONTEXT_DELETED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090333)
167#define SEC_E_NO_TGT_REPLY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090334)
168#define SEC_E_NO_IP_ADDRESSES WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090335)
169#define SEC_E_WRONG_CREDENTIAL_HANDLE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090336)
170#define SEC_E_CRYPTO_SYSTEM_INVALID WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090337)
171#define SEC_E_MAX_REFERRALS_EXCEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090338)
172#define SEC_E_MUST_BE_KDC WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090339)
173#define SEC_E_STRONG_CRYPTO_NOT_SUPPORTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033A)
174#define SEC_E_TOO_MANY_PRINCIPALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033B)
175#define SEC_E_NO_PA_DATA WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033C)
176#define SEC_E_PKINIT_NAME_MISMATCH WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033D)
177#define SEC_E_SMARTCARD_LOGON_REQUIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033E)
178#define SEC_E_SHUTDOWN_IN_PROGRESS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033F)
179#define SEC_E_KDC_INVALID_REQUEST WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090340)
180#define SEC_E_KDC_UNABLE_TO_REFER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090341)
181#define SEC_E_KDC_UNKNOWN_ETYPE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090342)
182#define SEC_E_UNSUPPORTED_PREAUTH WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090343)
183#define SEC_E_DELEGATION_REQUIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090345)
184#define SEC_E_BAD_BINDINGS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090346)
185#define SEC_E_MULTIPLE_ACCOUNTS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090347)
186#define SEC_E_NO_KERB_KEY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090348)
187#define SEC_E_CERT_WRONG_USAGE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090349)
188#define SEC_E_DOWNGRADE_DETECTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090350)
189#define SEC_E_SMARTCARD_CERT_REVOKED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090351)
190#define SEC_E_ISSUING_CA_UNTRUSTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090352)
191#define SEC_E_REVOCATION_OFFLINE_C WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090353)
192#define SEC_E_PKINIT_CLIENT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090354)
193#define SEC_E_SMARTCARD_CERT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090355)
194#define SEC_E_NO_S4U_PROT_SUPPORT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090356)
195#define SEC_E_CROSSREALM_DELEGATION_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090357)
196#define SEC_E_REVOCATION_OFFLINE_KDC WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090358)
197#define SEC_E_ISSUING_CA_UNTRUSTED_KDC WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090359)
198#define SEC_E_KDC_CERT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035A)
199#define SEC_E_KDC_CERT_REVOKED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035B)
200#define SEC_E_INVALID_PARAMETER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035D)
201#define SEC_E_DELEGATION_POLICY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035E)
202#define SEC_E_POLICY_NLTM_ONLY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035F)
203#define SEC_E_NO_CONTEXT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090361)
204#define SEC_E_PKU2U_CERT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090362)
205#define SEC_E_MUTUAL_AUTH_FAILED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090363)
207#define SEC_I_CONTINUE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090312)
208#define SEC_I_COMPLETE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090313)
209#define SEC_I_COMPLETE_AND_CONTINUE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090314)
210#define SEC_I_LOCAL_LOGON WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090315)
211#define SEC_I_CONTEXT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090317)
212#define SEC_I_INCOMPLETE_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090320)
213#define SEC_I_RENEGOTIATE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090321)
214#define SEC_I_NO_LSA_CONTEXT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090323)
215#define SEC_I_SIGNATURE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x0009035C)
216#define SEC_I_NO_RENEGOTIATION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090360)
221#ifndef SEC_E_INVALID_PARAMETER
222#define SEC_E_INVALID_PARAMETER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035D)
225#ifndef SEC_E_DELEGATION_POLICY
226#define SEC_E_DELEGATION_POLICY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035E)
229#ifndef SEC_E_POLICY_NLTM_ONLY
230#define SEC_E_POLICY_NLTM_ONLY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035F)
233#ifndef SEC_E_NO_CONTEXT
234#define SEC_E_NO_CONTEXT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090361)
237#ifndef SEC_E_PKU2U_CERT_FAILURE
238#define SEC_E_PKU2U_CERT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090362)
241#ifndef SEC_E_MUTUAL_AUTH_FAILED
242#define SEC_E_MUTUAL_AUTH_FAILED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090363)
245#ifndef SEC_I_SIGNATURE_NEEDED
246#define SEC_I_SIGNATURE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x0009035C)
249#ifndef SEC_I_NO_RENEGOTIATION
250#define SEC_I_NO_RENEGOTIATION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090360)
255#define SECURITY_NATIVE_DREP 0x00000010
256#define SECURITY_NETWORK_DREP 0x00000000
258#define SECPKG_CRED_INBOUND 0x00000001
259#define SECPKG_CRED_OUTBOUND 0x00000002
260#define SECPKG_CRED_BOTH 0x00000003
261#define SECPKG_CRED_AUTOLOGON_RESTRICTED 0x00000010
262#define SECPKG_CRED_PROCESS_POLICY_ONLY 0x00000020
266#define SECPKG_ATTR_SIZES 0
267#define SECPKG_ATTR_NAMES 1
268#define SECPKG_ATTR_LIFESPAN 2
269#define SECPKG_ATTR_DCE_INFO 3
270#define SECPKG_ATTR_STREAM_SIZES 4
271#define SECPKG_ATTR_KEY_INFO 5
272#define SECPKG_ATTR_AUTHORITY 6
273#define SECPKG_ATTR_PROTO_INFO 7
274#define SECPKG_ATTR_PASSWORD_EXPIRY 8
275#define SECPKG_ATTR_SESSION_KEY 9
276#define SECPKG_ATTR_PACKAGE_INFO 10
277#define SECPKG_ATTR_USER_FLAGS 11
278#define SECPKG_ATTR_NEGOTIATION_INFO 12
279#define SECPKG_ATTR_NATIVE_NAMES 13
280#define SECPKG_ATTR_FLAGS 14
281#define SECPKG_ATTR_USE_VALIDATED 15
282#define SECPKG_ATTR_CREDENTIAL_NAME 16
283#define SECPKG_ATTR_TARGET_INFORMATION 17
284#define SECPKG_ATTR_ACCESS_TOKEN 18
285#define SECPKG_ATTR_TARGET 19
286#define SECPKG_ATTR_AUTHENTICATION_ID 20
287#define SECPKG_ATTR_LOGOFF_TIME 21
288#define SECPKG_ATTR_NEGO_KEYS 22
289#define SECPKG_ATTR_PROMPTING_NEEDED 24
290#define SECPKG_ATTR_UNIQUE_BINDINGS 25
291#define SECPKG_ATTR_ENDPOINT_BINDINGS 26
292#define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27
293#define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30
294#define SECPKG_ATTR_NEGO_PKG_INFO 31
295#define SECPKG_ATTR_NEGO_STATUS 32
296#define SECPKG_ATTR_CONTEXT_DELETED 33
298#if !defined(_WIN32) || defined(_UWP)
314 char* sAuthorityName;
322typedef UINT32 ALG_ID;
328 UINT32 dwCipherStrength;
330 UINT32 dwHashStrength;
332 UINT32 dwExchStrength;
337 UINT32 AuthBufferLen;
349 UINT32 dwInitiatorAddrType;
350 UINT32 cbInitiatorLength;
351 UINT32 dwInitiatorOffset;
352 UINT32 dwAcceptorAddrType;
353 UINT32 cbAcceptorLength;
354 UINT32 dwAcceptorOffset;
355 UINT32 cbApplicationDataLength;
356 UINT32 dwApplicationDataOffset;
372 char* sSignatureAlgorithmName;
373 char* sEncryptAlgorithmName;
375 UINT32 SignatureAlgorithm;
376 UINT32 EncryptAlgorithm;
398 SecPkgInfo* PackageInfo;
399 UINT32 NegotiationState;
404 SecPkgInfo* PackageInfo;
414 UINT32 SessionKeyLength;
422 BYTE rgbSessionId[32];
428 UINT32 cbMaxSignature;
430 UINT32 cbSecurityTrailer;
437 UINT32 cbMaximumMessage;
449 UINT16 cSignatureAndHashAlgorithms;
450 UINT16* pSignatureAndHashAlgorithms;
455 UINT32 MarshalledTargetInfoLength;
456 BYTE* MarshalledTargetInfo;
461#define SECPKG_CRED_ATTR_NAMES 1
462#define SECPKG_CRED_ATTR_SSI_PROVIDER 2
463#define SECPKG_CRED_ATTR_CERT 4
464#define SECPKG_CRED_ATTR_PAC_BYPASS 5
474 SEC_WCHAR* sUserName;
479#define SecPkgCredentials_Names SecPkgCredentials_NamesW
480#define PSecPkgCredentials_Names PSecPkgCredentials_NamesW
482#define SecPkgCredentials_Names SecPkgCredentials_NamesA
483#define PSecPkgCredentials_Names PSecPkgCredentials_NamesA
488 SEC_WCHAR* sProviderName;
489 unsigned long ProviderInfoLength;
495 SEC_CHAR* sProviderName;
496 unsigned long ProviderInfoLength;
501#define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW
502#define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW
504#define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderA
505#define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderA
510 unsigned long EncodedCertSize;
511 unsigned char* EncodedCert;
516#if !defined(_WIN32) || defined(_UWP) || (defined(__MINGW32__) && (__MINGW64_VERSION_MAJOR <= 8))
518#define SECPKG_CRED_ATTR_KDC_PROXY_SETTINGS 3
520#define KDC_PROXY_SETTINGS_V1 1
521#define KDC_PROXY_SETTINGS_FLAGS_FORCEPROXY 0x1
527 USHORT ProxyServerOffset;
528 USHORT ProxyServerLength;
529 USHORT ClientTlsCredOffset;
530 USHORT ClientTlsCredLength;
537 USHORT ProxyServerOffset;
538 USHORT ProxyServerLength;
539 USHORT ClientTlsCredOffset;
540 USHORT ClientTlsCredLength;
544#define SecPkgCredentials_KdcProxySettings SecPkgCredentials_KdcProxySettingsW
545#define PSecPkgCredentials_KdcProxySettings PSecPkgCredentials_KdcProxySettingsW
547#define SecPkgCredentials_KdcProxySettings SecPkgCredentials_KdcProxySettingsA
548#define PSecPkgCredentials_KdcProxySettings SecPkgCredentials_KdcProxySettingsA
553 UINT32 BindingsLength;
560#define ISC_REQ_DELEGATE 0x00000001
561#define ISC_REQ_MUTUAL_AUTH 0x00000002
562#define ISC_REQ_REPLAY_DETECT 0x00000004
563#define ISC_REQ_SEQUENCE_DETECT 0x00000008
564#define ISC_REQ_CONFIDENTIALITY 0x00000010
565#define ISC_REQ_USE_SESSION_KEY 0x00000020
566#define ISC_REQ_PROMPT_FOR_CREDS 0x00000040
567#define ISC_REQ_USE_SUPPLIED_CREDS 0x00000080
568#define ISC_REQ_ALLOCATE_MEMORY 0x00000100
569#define ISC_REQ_USE_DCE_STYLE 0x00000200
570#define ISC_REQ_DATAGRAM 0x00000400
571#define ISC_REQ_CONNECTION 0x00000800
572#define ISC_REQ_CALL_LEVEL 0x00001000
573#define ISC_REQ_FRAGMENT_SUPPLIED 0x00002000
574#define ISC_REQ_EXTENDED_ERROR 0x00004000
575#define ISC_REQ_STREAM 0x00008000
576#define ISC_REQ_INTEGRITY 0x00010000
577#define ISC_REQ_IDENTIFY 0x00020000
578#define ISC_REQ_NULL_SESSION 0x00040000
579#define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000
580#define ISC_REQ_RESERVED1 0x00100000
581#define ISC_REQ_FRAGMENT_TO_FIT 0x00200000
582#define ISC_REQ_FORWARD_CREDENTIALS 0x00400000
583#define ISC_REQ_NO_INTEGRITY 0x00800000
584#define ISC_REQ_USE_HTTP_STYLE 0x01000000
586#define ISC_RET_DELEGATE 0x00000001
587#define ISC_RET_MUTUAL_AUTH 0x00000002
588#define ISC_RET_REPLAY_DETECT 0x00000004
589#define ISC_RET_SEQUENCE_DETECT 0x00000008
590#define ISC_RET_CONFIDENTIALITY 0x00000010
591#define ISC_RET_USE_SESSION_KEY 0x00000020
592#define ISC_RET_USED_COLLECTED_CREDS 0x00000040
593#define ISC_RET_USED_SUPPLIED_CREDS 0x00000080
594#define ISC_RET_ALLOCATED_MEMORY 0x00000100
595#define ISC_RET_USED_DCE_STYLE 0x00000200
596#define ISC_RET_DATAGRAM 0x00000400
597#define ISC_RET_CONNECTION 0x00000800
598#define ISC_RET_INTERMEDIATE_RETURN 0x00001000
599#define ISC_RET_CALL_LEVEL 0x00002000
600#define ISC_RET_EXTENDED_ERROR 0x00004000
601#define ISC_RET_STREAM 0x00008000
602#define ISC_RET_INTEGRITY 0x00010000
603#define ISC_RET_IDENTIFY 0x00020000
604#define ISC_RET_NULL_SESSION 0x00040000
605#define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000
606#define ISC_RET_RESERVED1 0x00100000
607#define ISC_RET_FRAGMENT_ONLY 0x00200000
608#define ISC_RET_FORWARD_CREDENTIALS 0x00400000
609#define ISC_RET_USED_HTTP_STYLE 0x01000000
613#define ASC_REQ_DELEGATE 0x00000001
614#define ASC_REQ_MUTUAL_AUTH 0x00000002
615#define ASC_REQ_REPLAY_DETECT 0x00000004
616#define ASC_REQ_SEQUENCE_DETECT 0x00000008
617#define ASC_REQ_CONFIDENTIALITY 0x00000010
618#define ASC_REQ_USE_SESSION_KEY 0x00000020
619#define ASC_REQ_ALLOCATE_MEMORY 0x00000100
620#define ASC_REQ_USE_DCE_STYLE 0x00000200
621#define ASC_REQ_DATAGRAM 0x00000400
622#define ASC_REQ_CONNECTION 0x00000800
623#define ASC_REQ_CALL_LEVEL 0x00001000
624#define ASC_REQ_EXTENDED_ERROR 0x00008000
625#define ASC_REQ_STREAM 0x00010000
626#define ASC_REQ_INTEGRITY 0x00020000
627#define ASC_REQ_LICENSING 0x00040000
628#define ASC_REQ_IDENTIFY 0x00080000
629#define ASC_REQ_ALLOW_NULL_SESSION 0x00100000
630#define ASC_REQ_ALLOW_NON_USER_LOGONS 0x00200000
631#define ASC_REQ_ALLOW_CONTEXT_REPLAY 0x00400000
632#define ASC_REQ_FRAGMENT_TO_FIT 0x00800000
633#define ASC_REQ_FRAGMENT_SUPPLIED 0x00002000
634#define ASC_REQ_NO_TOKEN 0x01000000
635#define ASC_REQ_PROXY_BINDINGS 0x04000000
636#define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000
638#define ASC_RET_DELEGATE 0x00000001
639#define ASC_RET_MUTUAL_AUTH 0x00000002
640#define ASC_RET_REPLAY_DETECT 0x00000004
641#define ASC_RET_SEQUENCE_DETECT 0x00000008
642#define ASC_RET_CONFIDENTIALITY 0x00000010
643#define ASC_RET_USE_SESSION_KEY 0x00000020
644#define ASC_RET_ALLOCATED_MEMORY 0x00000100
645#define ASC_RET_USED_DCE_STYLE 0x00000200
646#define ASC_RET_DATAGRAM 0x00000400
647#define ASC_RET_CONNECTION 0x00000800
648#define ASC_RET_CALL_LEVEL 0x00002000
649#define ASC_RET_THIRD_LEG_FAILED 0x00004000
650#define ASC_RET_EXTENDED_ERROR 0x00008000
651#define ASC_RET_STREAM 0x00010000
652#define ASC_RET_INTEGRITY 0x00020000
653#define ASC_RET_LICENSING 0x00040000
654#define ASC_RET_IDENTIFY 0x00080000
655#define ASC_RET_NULL_SESSION 0x00100000
656#define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000
657#define ASC_RET_FRAGMENT_ONLY 0x00800000
658#define ASC_RET_NO_TOKEN 0x01000000
659#define ASC_RET_NO_PROXY_BINDINGS 0x04000000
660#define ASC_RET_MISSING_BINDINGS 0x10000000
662#define SEC_WINNT_AUTH_IDENTITY_ANSI 0x1
663#define SEC_WINNT_AUTH_IDENTITY_UNICODE 0x2
664#define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x4
665#define SEC_WINNT_AUTH_IDENTITY_ONLY 0x8
666#define SEC_WINNT_AUTH_IDENTITY_EXTENDED 0x100
668#if !defined(_WIN32) || defined(_UWP) || defined(__MINGW32__)
670WINPR_PRAGMA_DIAG_PUSH
671WINPR_PRAGMA_DIAG_IGNORED_RESERVED_ID_MACRO
673#ifndef _AUTH_IDENTITY_DEFINED
674#define _AUTH_IDENTITY_DEFINED
683 ULONG PasswordLength;
694 ULONG PasswordLength;
701#define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W
702#define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W
704#define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W
705#define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W
710#ifndef SEC_WINNT_AUTH_IDENTITY_VERSION
711#define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200
722 UINT32 PasswordLength;
725 UINT32 PackageListLength;
737 UINT32 PasswordLength;
740 UINT32 PackageListLength;
744#define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW
745#define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXW
747#define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXA
748#define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXA
753#ifndef SEC_WINNT_AUTH_IDENTITY_VERSION_2
754#define SEC_WINNT_AUTH_IDENTITY_VERSION_2 0x201
759 UINT16 cbHeaderLength;
760 UINT32 cbStructureLength;
765 UINT32 PackedCredentialsOffset;
766 UINT16 PackedCredentialsLength;
768 UINT32 PackageListOffset;
769 UINT16 PackageListLength;
774#ifndef _AUTH_IDENTITY_INFO_DEFINED
775#define _AUTH_IDENTITY_INFO_DEFINED
788#define SEC_WINNT_AUTH_IDENTITY_FLAGS_PROCESS_ENCRYPTED 0x10
789#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SYSTEM_PROTECTED 0x20
790#define SEC_WINNT_AUTH_IDENTITY_FLAGS_USER_PROTECTED 0x40
791#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SYSTEM_ENCRYPTED 0x80
792#define SEC_WINNT_AUTH_IDENTITY_FLAGS_RESERVED 0x10000
793#define SEC_WINNT_AUTH_IDENTITY_FLAGS_NULL_USER 0x20000
794#define SEC_WINNT_AUTH_IDENTITY_FLAGS_NULL_DOMAIN 0x40000
795#define SEC_WINNT_AUTH_IDENTITY_FLAGS_ID_PROVIDER 0x80000
797#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_USE_MASK 0xFF000000
798#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_SAVE 0x80000000
799#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_CHECKED 0x40000000
800#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_NO_CHECKBOX 0x20000000
801#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_LOAD 0x10000000
803#define SEC_WINNT_AUTH_IDENTITY_FLAGS_VALID_SSPIPFC_FLAGS \
804 (SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_SAVE | \
805 SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_CHECKED | \
806 SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_NO_CHECKBOX | \
807 SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_LOAD)
813#if !defined(__MINGW32__)
826#define SecInvalidateHandle(x) \
827 ((PSecHandle)(x))->dwLower = ((PSecHandle)(x))->dwUpper = ((ULONG_PTR)((INT_PTR)-1))
829#define SecIsValidHandle(x) \
830 ((((PSecHandle)(x))->dwLower != ((ULONG_PTR)((INT_PTR)-1))) && \
831 (((PSecHandle)(x))->dwUpper != ((ULONG_PTR)((INT_PTR)-1))))
853typedef SECURITY_STATUS (*psSspiNtlmHashCallback)(
void* client,
854 const SEC_WINNT_AUTH_IDENTITY* authIdentity,
856 const BYTE* randkey,
const BYTE* mic,
857 const SecBuffer* micvalue, BYTE* ntlmhash);
862 psSspiNtlmHashCallback hashCallback;
863 void* hashCallbackArg;
872 char* pkinitX509Anchors;
873 char* pkinitX509Identity;
888#define SECBUFFER_VERSION 0
891#define SECBUFFER_EMPTY 0
892#define SECBUFFER_DATA 1
893#define SECBUFFER_TOKEN 2
894#define SECBUFFER_PKG_PARAMS 3
895#define SECBUFFER_MISSING 4
896#define SECBUFFER_EXTRA 5
897#define SECBUFFER_STREAM_TRAILER 6
898#define SECBUFFER_STREAM_HEADER 7
899#define SECBUFFER_NEGOTIATION_INFO 8
900#define SECBUFFER_PADDING 9
901#define SECBUFFER_STREAM 10
902#define SECBUFFER_MECHLIST 11
903#define SECBUFFER_MECHLIST_SIGNATURE 12
904#define SECBUFFER_TARGET 13
905#define SECBUFFER_CHANNEL_BINDINGS 14
906#define SECBUFFER_CHANGE_PASS_RESPONSE 15
907#define SECBUFFER_TARGET_HOST 16
908#define SECBUFFER_ALERT 17
911#define SECBUFFER_ATTRMASK 0xF0000000
912#define SECBUFFER_READONLY 0x80000000
913#define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000
914#define SECBUFFER_RESERVED 0x60000000
916#if !defined(_WIN32) || defined(_UWP)
918typedef void(SEC_ENTRY* SEC_GET_KEY_FN)(
void* Arg,
void* Principal, UINT32 KeyVer,
void** Key,
919 SECURITY_STATUS* pStatus);
921typedef SECURITY_STATUS(SEC_ENTRY* ENUMERATE_SECURITY_PACKAGES_FN_A)(ULONG* pcPackages,
923typedef SECURITY_STATUS(SEC_ENTRY* ENUMERATE_SECURITY_PACKAGES_FN_W)(ULONG* pcPackages,
927#define EnumerateSecurityPackages EnumerateSecurityPackagesW
928#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W
930#define EnumerateSecurityPackages EnumerateSecurityPackagesA
931#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_A
934typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(
PCredHandle phCredential,
937typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(
PCredHandle phCredential,
942#define QueryCredentialsAttributes QueryCredentialsAttributesW
943#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W
945#define QueryCredentialsAttributes QueryCredentialsAttributesA
946#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_A
949typedef SECURITY_STATUS(SEC_ENTRY* ACQUIRE_CREDENTIALS_HANDLE_FN_A)(
950 LPSTR pszPrincipal, LPSTR pszPackage, ULONG fCredentialUse,
void* pvLogonID,
void* pAuthData,
951 SEC_GET_KEY_FN pGetKeyFn,
void* pvGetKeyArgument,
PCredHandle phCredential,
953typedef SECURITY_STATUS(SEC_ENTRY* ACQUIRE_CREDENTIALS_HANDLE_FN_W)(
954 LPWSTR pszPrincipal, LPWSTR pszPackage, ULONG fCredentialUse,
void* pvLogonID,
void* pAuthData,
955 SEC_GET_KEY_FN pGetKeyFn,
void* pvGetKeyArgument,
PCredHandle phCredential,
959#define AcquireCredentialsHandle AcquireCredentialsHandleW
960#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W
962#define AcquireCredentialsHandle AcquireCredentialsHandleA
963#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_A
966typedef SECURITY_STATUS(SEC_ENTRY* FREE_CREDENTIALS_HANDLE_FN)(
PCredHandle phCredential);
968typedef SECURITY_STATUS(SEC_ENTRY* INITIALIZE_SECURITY_CONTEXT_FN_A)(
970 ULONG Reserved1, ULONG TargetDataRep,
PSecBufferDesc pInput, ULONG Reserved2,
972typedef SECURITY_STATUS(SEC_ENTRY* INITIALIZE_SECURITY_CONTEXT_FN_W)(
974 ULONG Reserved1, ULONG TargetDataRep,
PSecBufferDesc pInput, ULONG Reserved2,
978#define InitializeSecurityContext InitializeSecurityContextW
979#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W
981#define InitializeSecurityContext InitializeSecurityContextA
982#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_A
985typedef SECURITY_STATUS(SEC_ENTRY* ACCEPT_SECURITY_CONTEXT_FN)(
990typedef SECURITY_STATUS(SEC_ENTRY* COMPLETE_AUTH_TOKEN_FN)(
PCtxtHandle phContext,
993typedef SECURITY_STATUS(SEC_ENTRY* DELETE_SECURITY_CONTEXT_FN)(
PCtxtHandle phContext);
995typedef SECURITY_STATUS(SEC_ENTRY* APPLY_CONTROL_TOKEN_FN)(
PCtxtHandle phContext,
998typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CONTEXT_ATTRIBUTES_FN_A)(
PCtxtHandle phContext,
999 ULONG ulAttribute,
void* pBuffer);
1000typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CONTEXT_ATTRIBUTES_FN_W)(
PCtxtHandle phContext,
1001 ULONG ulAttribute,
void* pBuffer);
1004#define QueryContextAttributes QueryContextAttributesW
1005#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W
1007#define QueryContextAttributes QueryContextAttributesA
1008#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_A
1011typedef SECURITY_STATUS(SEC_ENTRY* IMPERSONATE_SECURITY_CONTEXT_FN)(
PCtxtHandle phContext);
1013typedef SECURITY_STATUS(SEC_ENTRY* REVERT_SECURITY_CONTEXT_FN)(
PCtxtHandle phContext);
1015typedef SECURITY_STATUS(SEC_ENTRY* MAKE_SIGNATURE_FN)(
PCtxtHandle phContext, ULONG fQOP,
1018typedef SECURITY_STATUS(SEC_ENTRY* VERIFY_SIGNATURE_FN)(
PCtxtHandle phContext,
1022typedef SECURITY_STATUS(SEC_ENTRY* FREE_CONTEXT_BUFFER_FN)(
void* pvContextBuffer);
1024typedef SECURITY_STATUS(SEC_ENTRY* QUERY_SECURITY_PACKAGE_INFO_FN_A)(SEC_CHAR* pszPackageName,
1026typedef SECURITY_STATUS(SEC_ENTRY* QUERY_SECURITY_PACKAGE_INFO_FN_W)(SEC_WCHAR* pszPackageName,
1030#define QuerySecurityPackageInfo QuerySecurityPackageInfoW
1031#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W
1033#define QuerySecurityPackageInfo QuerySecurityPackageInfoA
1034#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_A
1037typedef SECURITY_STATUS(SEC_ENTRY* EXPORT_SECURITY_CONTEXT_FN)(
PCtxtHandle phContext, ULONG fFlags,
1041typedef SECURITY_STATUS(SEC_ENTRY* IMPORT_SECURITY_CONTEXT_FN_A)(SEC_CHAR* pszPackage,
1045typedef SECURITY_STATUS(SEC_ENTRY* IMPORT_SECURITY_CONTEXT_FN_W)(SEC_WCHAR* pszPackage,
1051#define ImportSecurityContext ImportSecurityContextW
1052#define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W
1054#define ImportSecurityContext ImportSecurityContextA
1055#define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_A
1058typedef SECURITY_STATUS(SEC_ENTRY* ADD_CREDENTIALS_FN_A)(
1059 PCredHandle hCredentials, SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, UINT32 fCredentialUse,
1060 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
void* pvGetKeyArgument,
PTimeStamp ptsExpiry);
1061typedef SECURITY_STATUS(SEC_ENTRY* ADD_CREDENTIALS_FN_W)(
1062 PCredHandle hCredentials, SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage, UINT32 fCredentialUse,
1063 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
void* pvGetKeyArgument,
PTimeStamp ptsExpiry);
1066#define AddCredentials AddCredentialsW
1067#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W
1069#define AddCredentials AddCredentialsA
1070#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A
1073typedef SECURITY_STATUS(SEC_ENTRY* QUERY_SECURITY_CONTEXT_TOKEN_FN)(
PCtxtHandle phContext,
1076typedef SECURITY_STATUS(SEC_ENTRY* ENCRYPT_MESSAGE_FN)(
PCtxtHandle phContext, ULONG fQOP,
1079typedef SECURITY_STATUS(SEC_ENTRY* DECRYPT_MESSAGE_FN)(
PCtxtHandle phContext,
1083typedef SECURITY_STATUS(SEC_ENTRY* SET_CONTEXT_ATTRIBUTES_FN_A)(
PCtxtHandle phContext,
1084 ULONG ulAttribute,
void* pBuffer,
1086typedef SECURITY_STATUS(SEC_ENTRY* SET_CONTEXT_ATTRIBUTES_FN_W)(
PCtxtHandle phContext,
1087 ULONG ulAttribute,
void* pBuffer,
1091#define SetContextAttributes SetContextAttributesW
1092#define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W
1094#define SetContextAttributes SetContextAttributesA
1095#define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_A
1098typedef SECURITY_STATUS(SEC_ENTRY* SET_CREDENTIALS_ATTRIBUTES_FN_A)(
PCredHandle phCredential,
1100 void* pBuffer, ULONG cbBuffer);
1102typedef SECURITY_STATUS(SEC_ENTRY* SET_CREDENTIALS_ATTRIBUTES_FN_W)(
PCredHandle phCredential,
1104 void* pBuffer, ULONG cbBuffer);
1107#define SetCredentialsAttributes SetCredentialsAttributesW
1108#define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W
1110#define SetCredentialsAttributes SetCredentialsAttributesA
1111#define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_A
1114#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION \
1116#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 \
1118#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 \
1120#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 \
1126 ENUMERATE_SECURITY_PACKAGES_FN_A EnumerateSecurityPackagesA;
1127 QUERY_CREDENTIALS_ATTRIBUTES_FN_A QueryCredentialsAttributesA;
1128 ACQUIRE_CREDENTIALS_HANDLE_FN_A AcquireCredentialsHandleA;
1129 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
1131 INITIALIZE_SECURITY_CONTEXT_FN_A InitializeSecurityContextA;
1132 ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
1133 COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
1134 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
1135 APPLY_CONTROL_TOKEN_FN ApplyControlToken;
1136 QUERY_CONTEXT_ATTRIBUTES_FN_A QueryContextAttributesA;
1137 IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
1138 REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
1139 MAKE_SIGNATURE_FN MakeSignature;
1140 VERIFY_SIGNATURE_FN VerifySignature;
1141 FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
1142 QUERY_SECURITY_PACKAGE_INFO_FN_A QuerySecurityPackageInfoA;
1145 EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
1146 IMPORT_SECURITY_CONTEXT_FN_A ImportSecurityContextA;
1147 ADD_CREDENTIALS_FN_A AddCredentialsA;
1149 QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
1150 ENCRYPT_MESSAGE_FN EncryptMessage;
1151 DECRYPT_MESSAGE_FN DecryptMessage;
1152 SET_CONTEXT_ATTRIBUTES_FN_A SetContextAttributesA;
1153 SET_CREDENTIALS_ATTRIBUTES_FN_A SetCredentialsAttributesA;
1160 ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW;
1161 QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW;
1162 ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW;
1163 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
1165 INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW;
1166 ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
1167 COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
1168 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
1169 APPLY_CONTROL_TOKEN_FN ApplyControlToken;
1170 QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW;
1171 IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
1172 REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
1173 MAKE_SIGNATURE_FN MakeSignature;
1174 VERIFY_SIGNATURE_FN VerifySignature;
1175 FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
1176 QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW;
1179 EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
1180 IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW;
1181 ADD_CREDENTIALS_FN_W AddCredentialsW;
1183 QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
1184 ENCRYPT_MESSAGE_FN EncryptMessage;
1185 DECRYPT_MESSAGE_FN DecryptMessage;
1186 SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW;
1187 SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW;
1195#define InitSecurityInterface InitSecurityInterfaceW
1196#define SecurityFunctionTable SecurityFunctionTableW
1197#define PSecurityFunctionTable PSecurityFunctionTableW
1198#define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W
1200#define InitSecurityInterface InitSecurityInterfaceA
1201#define SecurityFunctionTable SecurityFunctionTableA
1202#define PSecurityFunctionTable PSecurityFunctionTableA
1203#define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_A
1215 WINPR_API SECURITY_STATUS SEC_ENTRY EnumerateSecurityPackagesA(ULONG* pcPackages,
1217 WINPR_API SECURITY_STATUS SEC_ENTRY EnumerateSecurityPackagesW(ULONG* pcPackages,
1223 WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoA(SEC_CHAR* pszPackageName,
1225 WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoW(SEC_WCHAR* pszPackageName,
1230 WINPR_API SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleA(
1231 SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, ULONG fCredentialUse,
void* pvLogonID,
1232 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
void* pvGetKeyArgument,
PCredHandle phCredential,
1234 WINPR_API SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleW(
1235 SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage, ULONG fCredentialUse,
void* pvLogonID,
1236 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
void* pvGetKeyArgument,
PCredHandle phCredential,
1239 WINPR_API SECURITY_STATUS SEC_ENTRY ExportSecurityContext(
PCtxtHandle phContext, ULONG fFlags,
1242 WINPR_API SECURITY_STATUS SEC_ENTRY FreeCredentialsHandle(
PCredHandle phCredential);
1244 WINPR_API SECURITY_STATUS SEC_ENTRY ImportSecurityContextA(SEC_CHAR* pszPackage,
1248 WINPR_API SECURITY_STATUS SEC_ENTRY ImportSecurityContextW(SEC_WCHAR* pszPackage,
1253 WINPR_API SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesA(
PCredHandle phCredential,
1256 WINPR_API SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesW(
PCredHandle phCredential,
1262 WINPR_API SECURITY_STATUS SEC_ENTRY
1264 ULONG fContextReq, ULONG TargetDataRep,
PCtxtHandle phNewContext,
1267 WINPR_API SECURITY_STATUS SEC_ENTRY ApplyControlToken(
PCtxtHandle phContext,
1269 WINPR_API SECURITY_STATUS SEC_ENTRY CompleteAuthToken(
PCtxtHandle phContext,
1271 WINPR_API SECURITY_STATUS SEC_ENTRY DeleteSecurityContext(
PCtxtHandle phContext);
1272 WINPR_API SECURITY_STATUS SEC_ENTRY FreeContextBuffer(
void* pvContextBuffer);
1273 WINPR_API SECURITY_STATUS SEC_ENTRY ImpersonateSecurityContext(
PCtxtHandle phContext);
1275 WINPR_API SECURITY_STATUS SEC_ENTRY InitializeSecurityContextA(
1277 ULONG Reserved1, ULONG TargetDataRep,
PSecBufferDesc pInput, ULONG Reserved2,
1280 WINPR_API SECURITY_STATUS SEC_ENTRY InitializeSecurityContextW(
1282 ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
PSecBufferDesc pInput,
1286 WINPR_API SECURITY_STATUS SEC_ENTRY QueryContextAttributes(
PCtxtHandle phContext,
1287 ULONG ulAttribute,
void* pBuffer);
1288 WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityContextToken(
PCtxtHandle phContext,
1290 WINPR_API SECURITY_STATUS SEC_ENTRY SetContextAttributes(
PCtxtHandle phContext,
1291 ULONG ulAttribute,
void* pBuffer,
1293 WINPR_API SECURITY_STATUS SEC_ENTRY RevertSecurityContext(
PCtxtHandle phContext);
1297 WINPR_API SECURITY_STATUS SEC_ENTRY DecryptMessage(
PCtxtHandle phContext,
1300 WINPR_API SECURITY_STATUS SEC_ENTRY EncryptMessage(
PCtxtHandle phContext, ULONG fQOP,
1302 WINPR_API SECURITY_STATUS SEC_ENTRY MakeSignature(
PCtxtHandle phContext, ULONG fQOP,
1304 WINPR_API SECURITY_STATUS SEC_ENTRY VerifySignature(
PCtxtHandle phContext,
1324#define SECPKG_ATTR_AUTH_IDENTITY 1001
1325#define SECPKG_ATTR_AUTH_PASSWORD 1002
1326#define SECPKG_ATTR_AUTH_NTLM_HASH 1003
1327#define SECPKG_ATTR_AUTH_NTLM_MESSAGE 1100
1328#define SECPKG_ATTR_AUTH_NTLM_TIMESTAMP 1101
1329#define SECPKG_ATTR_AUTH_NTLM_CLIENT_CHALLENGE 1102
1330#define SECPKG_ATTR_AUTH_NTLM_SERVER_CHALLENGE 1103
1331#define SECPKG_ATTR_AUTH_NTLM_NTPROOF_VALUE 1104
1332#define SECPKG_ATTR_AUTH_NTLM_RANDKEY 1105
1333#define SECPKG_ATTR_AUTH_NTLM_MIC 1106
1334#define SECPKG_ATTR_AUTH_NTLM_MIC_VALUE 1107
1336#define SECPKG_CRED_ATTR_TICKET_LOGON 1200
1341 char Domain[256 + 1];
1346 char Password[256 + 1];
1358 BOOL ChallengeOrResponse;
1363 BYTE ClientChallenge[8];
1368 BYTE ServerChallenge[8];
1378#define SSPI_INTERFACE_WINPR 0x00000001
1379#define SSPI_INTERFACE_NATIVE 0x00000002
1384 WINPR_API
void sspi_GlobalInit(
void);
1385 WINPR_API
void sspi_GlobalFinish(
void);
1390#define sspi_SetAuthIdentity sspi_SetAuthIdentityA
1391 WINPR_API
int sspi_SetAuthIdentityA(SEC_WINNT_AUTH_IDENTITY* identity,
const char* user,
1392 const char* domain,
const char* password);
1393 WINPR_API
int sspi_SetAuthIdentityW(SEC_WINNT_AUTH_IDENTITY* identity,
const WCHAR* user,
1394 const WCHAR* domain,
const WCHAR* password);
1395 WINPR_API
int sspi_SetAuthIdentityWithLengthW(SEC_WINNT_AUTH_IDENTITY* identity,
1396 const WCHAR* user,
size_t userLen,
1397 const WCHAR* domain,
size_t domainLen,
1398 const WCHAR* password,
size_t passwordLen);
1399 WINPR_API UINT32 sspi_GetAuthIdentityVersion(
const void* identity);
1400 WINPR_API UINT32 sspi_GetAuthIdentityFlags(
const void* identity);
1401 WINPR_API BOOL sspi_GetAuthIdentityUserDomainW(
const void* identity,
const WCHAR** pUser,
1402 UINT32* pUserLength,
const WCHAR** pDomain,
1403 UINT32* pDomainLength);
1404 WINPR_API BOOL sspi_GetAuthIdentityUserDomainA(
const void* identity,
const char** pUser,
1405 UINT32* pUserLength,
const char** pDomain,
1406 UINT32* pDomainLength);
1407 WINPR_API BOOL sspi_GetAuthIdentityPasswordW(
const void* identity,
const WCHAR** pPassword,
1408 UINT32* pPasswordLength);
1409 WINPR_API BOOL sspi_GetAuthIdentityPasswordA(
const void* identity,
const char** pPassword,
1410 UINT32* pPasswordLength);
1412 char** pUser,
char** pDomain,
char** pPassword);
1414 WCHAR** pUser, WCHAR** pDomain, WCHAR** pPassword);
1416 char** pPackageList);
1417 WINPR_API
int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity,
1420 WINPR_API
void sspi_FreeAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity);
1422 WINPR_API
const char* GetSecurityStatusString(SECURITY_STATUS status);
1428#define InitSecurityInterfaceEx InitSecurityInterfaceExW
1429#define INIT_SECURITY_INTERFACE_EX INIT_SECURITY_INTERFACE_EX_W
1431#define InitSecurityInterfaceEx InitSecurityInterfaceExA
1432#define INIT_SECURITY_INTERFACE_EX INIT_SECURITY_INTERFACE_EX_A