FreeRDP
Loading...
Searching...
No Matches
include/winpr/sspi.h
1
20#ifndef WINPR_SSPI_H
21#define WINPR_SSPI_H
22
23#include <winpr/platform.h>
24#include <winpr/winpr.h>
25#include <winpr/cast.h>
26#include <winpr/wtypes.h>
27#include <winpr/windows.h>
28#include <winpr/security.h>
29
30#ifdef _WIN32
31
32#include <tchar.h>
33#include <winerror.h>
34
35#define SECURITY_WIN32
36#include <sspi.h>
37#include <security.h>
38
39#endif /* _WIN32 */
40
41#if !defined(_WIN32) || defined(_UWP)
42
43#ifndef SEC_ENTRY
44#define SEC_ENTRY
45#endif /* SEC_ENTRY */
46
47typedef CHAR SEC_CHAR;
48typedef WCHAR SEC_WCHAR;
49
50typedef struct
51{
52 UINT32 LowPart;
53 INT32 HighPart;
54} SECURITY_INTEGER;
55
56typedef SECURITY_INTEGER TimeStamp;
57typedef SECURITY_INTEGER* PTimeStamp;
58
59WINPR_PRAGMA_DIAG_PUSH
60WINPR_PRAGMA_DIAG_IGNORED_RESERVED_ID_MACRO
61
62#ifndef __SECSTATUS_DEFINED__
63typedef LONG SECURITY_STATUS;
64#define __SECSTATUS_DEFINED__
65#endif /* __SECSTATUS_DEFINED__ */
66
67WINPR_PRAGMA_DIAG_POP
68
69typedef struct
70{
71 UINT32 fCapabilities;
72 UINT16 wVersion;
73 UINT16 wRPCID;
74 UINT32 cbMaxToken;
75 SEC_CHAR* Name;
76 SEC_CHAR* Comment;
77} SecPkgInfoA;
78typedef SecPkgInfoA* PSecPkgInfoA;
79
80typedef struct
81{
82 UINT32 fCapabilities;
83 UINT16 wVersion;
84 UINT16 wRPCID;
85 UINT32 cbMaxToken;
86 SEC_WCHAR* Name;
87 SEC_WCHAR* Comment;
88} SecPkgInfoW;
89typedef SecPkgInfoW* PSecPkgInfoW;
90
91#ifdef UNICODE
92#define SecPkgInfo SecPkgInfoW
93#define PSecPkgInfo PSecPkgInfoW
94#else
95#define SecPkgInfo SecPkgInfoA
96#define PSecPkgInfo PSecPkgInfoA
97#endif /* UNICODE */
98
99#endif /* !defined(_WIN32) || defined(_UWP) */
100
101#define NTLM_SSP_NAME _T("NTLM")
102#define KERBEROS_SSP_NAME _T("Kerberos")
103#define NEGO_SSP_NAME _T("Negotiate")
104
105#define SECPKG_ID_NONE 0xFFFF
106
107#define SECPKG_FLAG_INTEGRITY 0x00000001
108#define SECPKG_FLAG_PRIVACY 0x00000002
109#define SECPKG_FLAG_TOKEN_ONLY 0x00000004
110#define SECPKG_FLAG_DATAGRAM 0x00000008
111#define SECPKG_FLAG_CONNECTION 0x00000010
112#define SECPKG_FLAG_MULTI_REQUIRED 0x00000020
113#define SECPKG_FLAG_CLIENT_ONLY 0x00000040
114#define SECPKG_FLAG_EXTENDED_ERROR 0x00000080
115#define SECPKG_FLAG_IMPERSONATION 0x00000100
116#define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200
117#define SECPKG_FLAG_STREAM 0x00000400
118#define SECPKG_FLAG_NEGOTIABLE 0x00000800
119#define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000
120#define SECPKG_FLAG_LOGON 0x00002000
121#define SECPKG_FLAG_ASCII_BUFFERS 0x00004000
122#define SECPKG_FLAG_FRAGMENT 0x00008000
123#define SECPKG_FLAG_MUTUAL_AUTH 0x00010000
124#define SECPKG_FLAG_DELEGATION 0x00020000
125#define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000
126#define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000
127#define SECPKG_FLAG_NEGO_EXTENDER 0x00100000
128#define SECPKG_FLAG_NEGOTIABLE2 0x00200000
129
130#ifndef _WINERROR_
131
132#define SEC_E_OK WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00000000)
133#define SEC_E_INSUFFICIENT_MEMORY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090300)
134#define SEC_E_INVALID_HANDLE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090301)
135#define SEC_E_UNSUPPORTED_FUNCTION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090302)
136#define SEC_E_TARGET_UNKNOWN WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090303)
137#define SEC_E_INTERNAL_ERROR WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090304)
138#define SEC_E_SECPKG_NOT_FOUND WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090305)
139#define SEC_E_NOT_OWNER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090306)
140#define SEC_E_CANNOT_INSTALL WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090307)
141#define SEC_E_INVALID_TOKEN WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090308)
142#define SEC_E_CANNOT_PACK WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090309)
143#define SEC_E_QOP_NOT_SUPPORTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030A)
144#define SEC_E_NO_IMPERSONATION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030B)
145#define SEC_E_LOGON_DENIED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030C)
146#define SEC_E_UNKNOWN_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030D)
147#define SEC_E_NO_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030E)
148#define SEC_E_MESSAGE_ALTERED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030F)
149#define SEC_E_OUT_OF_SEQUENCE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090310)
150#define SEC_E_NO_AUTHENTICATING_AUTHORITY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090311)
151#define SEC_E_BAD_PKGID WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090316)
152#define SEC_E_CONTEXT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090317)
153#define SEC_E_INCOMPLETE_MESSAGE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090318)
154#define SEC_E_INCOMPLETE_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090320)
155#define SEC_E_BUFFER_TOO_SMALL WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090321)
156#define SEC_E_WRONG_PRINCIPAL WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090322)
157#define SEC_E_TIME_SKEW WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090324)
158#define SEC_E_UNTRUSTED_ROOT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090325)
159#define SEC_E_ILLEGAL_MESSAGE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090326)
160#define SEC_E_CERT_UNKNOWN WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090327)
161#define SEC_E_CERT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090328)
162#define SEC_E_ENCRYPT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090329)
163#define SEC_E_DECRYPT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090330)
164#define SEC_E_ALGORITHM_MISMATCH WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090331)
165#define SEC_E_SECURITY_QOS_FAILED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090332)
166#define SEC_E_UNFINISHED_CONTEXT_DELETED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090333)
167#define SEC_E_NO_TGT_REPLY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090334)
168#define SEC_E_NO_IP_ADDRESSES WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090335)
169#define SEC_E_WRONG_CREDENTIAL_HANDLE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090336)
170#define SEC_E_CRYPTO_SYSTEM_INVALID WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090337)
171#define SEC_E_MAX_REFERRALS_EXCEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090338)
172#define SEC_E_MUST_BE_KDC WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090339)
173#define SEC_E_STRONG_CRYPTO_NOT_SUPPORTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033A)
174#define SEC_E_TOO_MANY_PRINCIPALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033B)
175#define SEC_E_NO_PA_DATA WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033C)
176#define SEC_E_PKINIT_NAME_MISMATCH WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033D)
177#define SEC_E_SMARTCARD_LOGON_REQUIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033E)
178#define SEC_E_SHUTDOWN_IN_PROGRESS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033F)
179#define SEC_E_KDC_INVALID_REQUEST WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090340)
180#define SEC_E_KDC_UNABLE_TO_REFER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090341)
181#define SEC_E_KDC_UNKNOWN_ETYPE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090342)
182#define SEC_E_UNSUPPORTED_PREAUTH WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090343)
183#define SEC_E_DELEGATION_REQUIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090345)
184#define SEC_E_BAD_BINDINGS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090346)
185#define SEC_E_MULTIPLE_ACCOUNTS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090347)
186#define SEC_E_NO_KERB_KEY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090348)
187#define SEC_E_CERT_WRONG_USAGE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090349)
188#define SEC_E_DOWNGRADE_DETECTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090350)
189#define SEC_E_SMARTCARD_CERT_REVOKED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090351)
190#define SEC_E_ISSUING_CA_UNTRUSTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090352)
191#define SEC_E_REVOCATION_OFFLINE_C WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090353)
192#define SEC_E_PKINIT_CLIENT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090354)
193#define SEC_E_SMARTCARD_CERT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090355)
194#define SEC_E_NO_S4U_PROT_SUPPORT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090356)
195#define SEC_E_CROSSREALM_DELEGATION_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090357)
196#define SEC_E_REVOCATION_OFFLINE_KDC WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090358)
197#define SEC_E_ISSUING_CA_UNTRUSTED_KDC WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090359)
198#define SEC_E_KDC_CERT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035A)
199#define SEC_E_KDC_CERT_REVOKED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035B)
200#define SEC_E_INVALID_PARAMETER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035D)
201#define SEC_E_DELEGATION_POLICY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035E)
202#define SEC_E_POLICY_NLTM_ONLY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035F)
203#define SEC_E_NO_CONTEXT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090361)
204#define SEC_E_PKU2U_CERT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090362)
205#define SEC_E_MUTUAL_AUTH_FAILED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090363)
206
207#define SEC_I_CONTINUE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090312)
208#define SEC_I_COMPLETE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090313)
209#define SEC_I_COMPLETE_AND_CONTINUE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090314)
210#define SEC_I_LOCAL_LOGON WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090315)
211#define SEC_I_CONTEXT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090317)
212#define SEC_I_INCOMPLETE_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090320)
213#define SEC_I_RENEGOTIATE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090321)
214#define SEC_I_NO_LSA_CONTEXT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090323)
215#define SEC_I_SIGNATURE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x0009035C)
216#define SEC_I_NO_RENEGOTIATION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090360)
217
218#endif /* _WINERROR_ */
219
220/* ============== some definitions missing in mingw ========================*/
221#ifndef SEC_E_INVALID_PARAMETER
222#define SEC_E_INVALID_PARAMETER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035D)
223#endif
224
225#ifndef SEC_E_DELEGATION_POLICY
226#define SEC_E_DELEGATION_POLICY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035E)
227#endif
228
229#ifndef SEC_E_POLICY_NLTM_ONLY
230#define SEC_E_POLICY_NLTM_ONLY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035F)
231#endif
232
233#ifndef SEC_E_NO_CONTEXT
234#define SEC_E_NO_CONTEXT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090361)
235#endif
236
237#ifndef SEC_E_PKU2U_CERT_FAILURE
238#define SEC_E_PKU2U_CERT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090362)
239#endif
240
241#ifndef SEC_E_MUTUAL_AUTH_FAILED
242#define SEC_E_MUTUAL_AUTH_FAILED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090363)
243#endif
244
245#ifndef SEC_I_SIGNATURE_NEEDED
246#define SEC_I_SIGNATURE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x0009035C)
247#endif
248
249#ifndef SEC_I_NO_RENEGOTIATION
250#define SEC_I_NO_RENEGOTIATION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090360)
251#endif
252
253/* ==================================================================================== */
254
255#define SECURITY_NATIVE_DREP 0x00000010
256#define SECURITY_NETWORK_DREP 0x00000000
257
258#define SECPKG_CRED_INBOUND 0x00000001
259#define SECPKG_CRED_OUTBOUND 0x00000002
260#define SECPKG_CRED_BOTH 0x00000003
261#define SECPKG_CRED_AUTOLOGON_RESTRICTED 0x00000010
262#define SECPKG_CRED_PROCESS_POLICY_ONLY 0x00000020
263
264/* Security Context Attributes */
265
266#define SECPKG_ATTR_SIZES 0
267#define SECPKG_ATTR_NAMES 1
268#define SECPKG_ATTR_LIFESPAN 2
269#define SECPKG_ATTR_DCE_INFO 3
270#define SECPKG_ATTR_STREAM_SIZES 4
271#define SECPKG_ATTR_KEY_INFO 5
272#define SECPKG_ATTR_AUTHORITY 6
273#define SECPKG_ATTR_PROTO_INFO 7
274#define SECPKG_ATTR_PASSWORD_EXPIRY 8
275#define SECPKG_ATTR_SESSION_KEY 9
276#define SECPKG_ATTR_PACKAGE_INFO 10
277#define SECPKG_ATTR_USER_FLAGS 11
278#define SECPKG_ATTR_NEGOTIATION_INFO 12
279#define SECPKG_ATTR_NATIVE_NAMES 13
280#define SECPKG_ATTR_FLAGS 14
281#define SECPKG_ATTR_USE_VALIDATED 15
282#define SECPKG_ATTR_CREDENTIAL_NAME 16
283#define SECPKG_ATTR_TARGET_INFORMATION 17
284#define SECPKG_ATTR_ACCESS_TOKEN 18
285#define SECPKG_ATTR_TARGET 19
286#define SECPKG_ATTR_AUTHENTICATION_ID 20
287#define SECPKG_ATTR_LOGOFF_TIME 21
288#define SECPKG_ATTR_NEGO_KEYS 22
289#define SECPKG_ATTR_PROMPTING_NEEDED 24
290#define SECPKG_ATTR_UNIQUE_BINDINGS 25
291#define SECPKG_ATTR_ENDPOINT_BINDINGS 26
292#define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27
293#define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30
294#define SECPKG_ATTR_NEGO_PKG_INFO 31
295#define SECPKG_ATTR_NEGO_STATUS 32
296#define SECPKG_ATTR_CONTEXT_DELETED 33
297
298#if !defined(_WIN32) || defined(_UWP)
299
300typedef struct
301{
302 void* AccessToken;
303} SecPkgContext_AccessToken;
304
305typedef struct
306{
307 UINT32 dwFlags;
308 UINT32 cbAppData;
309 BYTE* pbAppData;
310} SecPkgContext_SessionAppData;
311
312typedef struct
313{
314 char* sAuthorityName;
315} SecPkgContext_Authority;
316
317typedef struct
318{
319 char* sTargetName;
320} SecPkgContext_ClientSpecifiedTarget;
321
322typedef UINT32 ALG_ID;
323
324typedef struct
325{
326 UINT32 dwProtocol;
327 ALG_ID aiCipher;
328 UINT32 dwCipherStrength;
329 ALG_ID aiHash;
330 UINT32 dwHashStrength;
331 ALG_ID aiExch;
332 UINT32 dwExchStrength;
333} SecPkgContext_ConnectionInfo;
334
335typedef struct
336{
337 UINT32 AuthBufferLen;
338 BYTE* AuthBuffer;
339} SecPkgContext_ClientCreds;
340
341typedef struct
342{
343 UINT32 AuthzSvc;
344 void* pPac;
345} SecPkgContex_DceInfo;
346
347typedef struct
348{
349 UINT32 dwInitiatorAddrType;
350 UINT32 cbInitiatorLength;
351 UINT32 dwInitiatorOffset;
352 UINT32 dwAcceptorAddrType;
353 UINT32 cbAcceptorLength;
354 UINT32 dwAcceptorOffset;
355 UINT32 cbApplicationDataLength;
356 UINT32 dwApplicationDataOffset;
357} SEC_CHANNEL_BINDINGS;
358
359typedef struct
360{
361 BYTE rgbKeys[128];
362 BYTE rgbIVs[64];
363} SecPkgContext_EapKeyBlock;
364
365typedef struct
366{
367 UINT32 Flags;
368} SecPkgContext_Flags;
369
370typedef struct
371{
372 char* sSignatureAlgorithmName;
373 char* sEncryptAlgorithmName;
374 UINT32 KeySize;
375 UINT32 SignatureAlgorithm;
376 UINT32 EncryptAlgorithm;
377} SecPkgContext_KeyInfo;
378
379typedef struct
380{
381 TimeStamp tsStart;
382 TimeStamp tsExpiry;
383} SecPkgContext_Lifespan;
384
385typedef struct
386{
387 char* sUserName;
388} SecPkgContext_Names;
389
390typedef struct
391{
392 char* sClientName;
393 char* sServerName;
394} SecPkgContext_NativeNames;
395
396typedef struct
397{
398 SecPkgInfo* PackageInfo;
399 UINT32 NegotiationState;
400} SecPkgContext_NegotiationInfo;
401
402typedef struct
403{
404 SecPkgInfo* PackageInfo;
405} SecPkgContext_PackageInfo;
406
407typedef struct
408{
409 TimeStamp tsPasswordExpires;
410} SecPkgContext_PasswordExpiry;
411
412typedef struct
413{
414 UINT32 SessionKeyLength;
415 BYTE* SessionKey;
416} SecPkgContext_SessionKey;
417
418typedef struct
419{
420 UINT32 dwFlags;
421 UINT32 cbSessionId;
422 BYTE rgbSessionId[32];
423} SecPkgContext_SessionInfo;
424
425typedef struct
426{
427 UINT32 cbMaxToken;
428 UINT32 cbMaxSignature;
429 UINT32 cbBlockSize;
430 UINT32 cbSecurityTrailer;
431} SecPkgContext_Sizes;
432
433typedef struct
434{
435 UINT32 cbHeader;
436 UINT32 cbTrailer;
437 UINT32 cbMaximumMessage;
438 UINT32 cBuffers;
439 UINT32 cbBlockSize;
440} SecPkgContext_StreamSizes;
441
442typedef struct
443{
444 void* AttributeInfo;
445} SecPkgContext_SubjectAttributes;
446
447typedef struct
448{
449 UINT16 cSignatureAndHashAlgorithms;
450 UINT16* pSignatureAndHashAlgorithms;
451} SecPkgContext_SupportedSignatures;
452
453typedef struct
454{
455 UINT32 MarshalledTargetInfoLength;
456 BYTE* MarshalledTargetInfo;
457} SecPkgContext_TargetInformation;
458
459/* Security Credentials Attributes */
460
461#define SECPKG_CRED_ATTR_NAMES 1
462#define SECPKG_CRED_ATTR_SSI_PROVIDER 2
463#define SECPKG_CRED_ATTR_CERT 4
464#define SECPKG_CRED_ATTR_PAC_BYPASS 5
465
466typedef struct
467{
468 SEC_CHAR* sUserName;
469} SecPkgCredentials_NamesA;
470typedef SecPkgCredentials_NamesA* PSecPkgCredentials_NamesA;
471
472typedef struct
473{
474 SEC_WCHAR* sUserName;
475} SecPkgCredentials_NamesW;
476typedef SecPkgCredentials_NamesW* PSecPkgCredentials_NamesW;
477
478#ifdef UNICODE
479#define SecPkgCredentials_Names SecPkgCredentials_NamesW
480#define PSecPkgCredentials_Names PSecPkgCredentials_NamesW
481#else
482#define SecPkgCredentials_Names SecPkgCredentials_NamesA
483#define PSecPkgCredentials_Names PSecPkgCredentials_NamesA
484#endif
485
486typedef struct
487{
488 SEC_WCHAR* sProviderName;
489 unsigned long ProviderInfoLength;
490 char* ProviderInfo;
491} SecPkgCredentials_SSIProviderW, *PSecPkgCredentials_SSIProviderW;
492
493typedef struct
494{
495 SEC_CHAR* sProviderName;
496 unsigned long ProviderInfoLength;
497 char* ProviderInfo;
498} SecPkgCredentials_SSIProviderA, *PSecPkgCredentials_SSIProviderA;
499
500#ifdef UNICODE
501#define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW
502#define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW
503#else
504#define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderA
505#define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderA
506#endif
507
508typedef struct
509{
510 unsigned long EncodedCertSize;
511 unsigned char* EncodedCert;
512} SecPkgCredentials_Cert, *PSecPkgCredentials_Cert;
513
514#endif /* !defined(_WIN32) || defined(_UWP) */
515
516#if !defined(_WIN32) || defined(_UWP) || (defined(__MINGW32__) && (__MINGW64_VERSION_MAJOR <= 8))
517
518#define SECPKG_CRED_ATTR_KDC_PROXY_SETTINGS 3
519
520#define KDC_PROXY_SETTINGS_V1 1
521#define KDC_PROXY_SETTINGS_FLAGS_FORCEPROXY 0x1
522
523typedef struct
524{
525 ULONG Version;
526 ULONG Flags;
527 USHORT ProxyServerOffset;
528 USHORT ProxyServerLength;
529 USHORT ClientTlsCredOffset;
530 USHORT ClientTlsCredLength;
531} SecPkgCredentials_KdcProxySettingsW, *PSecPkgCredentials_KdcProxySettingsW;
532
533typedef struct
534{
535 ULONG Version;
536 ULONG Flags;
537 USHORT ProxyServerOffset;
538 USHORT ProxyServerLength;
539 USHORT ClientTlsCredOffset;
540 USHORT ClientTlsCredLength;
541} SecPkgCredentials_KdcProxySettingsA, *PSecPkgCredentials_KdcProxySettingsA;
542
543#ifdef UNICODE
544#define SecPkgCredentials_KdcProxySettings SecPkgCredentials_KdcProxySettingsW
545#define PSecPkgCredentials_KdcProxySettings PSecPkgCredentials_KdcProxySettingsW
546#else
547#define SecPkgCredentials_KdcProxySettings SecPkgCredentials_KdcProxySettingsA
548#define PSecPkgCredentials_KdcProxySettings SecPkgCredentials_KdcProxySettingsA
549#endif
550
551typedef struct
552{
553 UINT32 BindingsLength;
554 SEC_CHANNEL_BINDINGS* Bindings;
555} SecPkgContext_Bindings;
556#endif
557
558/* InitializeSecurityContext Flags */
559
560#define ISC_REQ_DELEGATE 0x00000001
561#define ISC_REQ_MUTUAL_AUTH 0x00000002
562#define ISC_REQ_REPLAY_DETECT 0x00000004
563#define ISC_REQ_SEQUENCE_DETECT 0x00000008
564#define ISC_REQ_CONFIDENTIALITY 0x00000010
565#define ISC_REQ_USE_SESSION_KEY 0x00000020
566#define ISC_REQ_PROMPT_FOR_CREDS 0x00000040
567#define ISC_REQ_USE_SUPPLIED_CREDS 0x00000080
568#define ISC_REQ_ALLOCATE_MEMORY 0x00000100
569#define ISC_REQ_USE_DCE_STYLE 0x00000200
570#define ISC_REQ_DATAGRAM 0x00000400
571#define ISC_REQ_CONNECTION 0x00000800
572#define ISC_REQ_CALL_LEVEL 0x00001000
573#define ISC_REQ_FRAGMENT_SUPPLIED 0x00002000
574#define ISC_REQ_EXTENDED_ERROR 0x00004000
575#define ISC_REQ_STREAM 0x00008000
576#define ISC_REQ_INTEGRITY 0x00010000
577#define ISC_REQ_IDENTIFY 0x00020000
578#define ISC_REQ_NULL_SESSION 0x00040000
579#define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000
580#define ISC_REQ_RESERVED1 0x00100000
581#define ISC_REQ_FRAGMENT_TO_FIT 0x00200000
582#define ISC_REQ_FORWARD_CREDENTIALS 0x00400000
583#define ISC_REQ_NO_INTEGRITY 0x00800000
584#define ISC_REQ_USE_HTTP_STYLE 0x01000000
585
586#define ISC_RET_DELEGATE 0x00000001
587#define ISC_RET_MUTUAL_AUTH 0x00000002
588#define ISC_RET_REPLAY_DETECT 0x00000004
589#define ISC_RET_SEQUENCE_DETECT 0x00000008
590#define ISC_RET_CONFIDENTIALITY 0x00000010
591#define ISC_RET_USE_SESSION_KEY 0x00000020
592#define ISC_RET_USED_COLLECTED_CREDS 0x00000040
593#define ISC_RET_USED_SUPPLIED_CREDS 0x00000080
594#define ISC_RET_ALLOCATED_MEMORY 0x00000100
595#define ISC_RET_USED_DCE_STYLE 0x00000200
596#define ISC_RET_DATAGRAM 0x00000400
597#define ISC_RET_CONNECTION 0x00000800
598#define ISC_RET_INTERMEDIATE_RETURN 0x00001000
599#define ISC_RET_CALL_LEVEL 0x00002000
600#define ISC_RET_EXTENDED_ERROR 0x00004000
601#define ISC_RET_STREAM 0x00008000
602#define ISC_RET_INTEGRITY 0x00010000
603#define ISC_RET_IDENTIFY 0x00020000
604#define ISC_RET_NULL_SESSION 0x00040000
605#define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000
606#define ISC_RET_RESERVED1 0x00100000
607#define ISC_RET_FRAGMENT_ONLY 0x00200000
608#define ISC_RET_FORWARD_CREDENTIALS 0x00400000
609#define ISC_RET_USED_HTTP_STYLE 0x01000000
610
611/* AcceptSecurityContext Flags */
612
613#define ASC_REQ_DELEGATE 0x00000001
614#define ASC_REQ_MUTUAL_AUTH 0x00000002
615#define ASC_REQ_REPLAY_DETECT 0x00000004
616#define ASC_REQ_SEQUENCE_DETECT 0x00000008
617#define ASC_REQ_CONFIDENTIALITY 0x00000010
618#define ASC_REQ_USE_SESSION_KEY 0x00000020
619#define ASC_REQ_ALLOCATE_MEMORY 0x00000100
620#define ASC_REQ_USE_DCE_STYLE 0x00000200
621#define ASC_REQ_DATAGRAM 0x00000400
622#define ASC_REQ_CONNECTION 0x00000800
623#define ASC_REQ_CALL_LEVEL 0x00001000
624#define ASC_REQ_EXTENDED_ERROR 0x00008000
625#define ASC_REQ_STREAM 0x00010000
626#define ASC_REQ_INTEGRITY 0x00020000
627#define ASC_REQ_LICENSING 0x00040000
628#define ASC_REQ_IDENTIFY 0x00080000
629#define ASC_REQ_ALLOW_NULL_SESSION 0x00100000
630#define ASC_REQ_ALLOW_NON_USER_LOGONS 0x00200000
631#define ASC_REQ_ALLOW_CONTEXT_REPLAY 0x00400000
632#define ASC_REQ_FRAGMENT_TO_FIT 0x00800000
633#define ASC_REQ_FRAGMENT_SUPPLIED 0x00002000
634#define ASC_REQ_NO_TOKEN 0x01000000
635#define ASC_REQ_PROXY_BINDINGS 0x04000000
636#define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000
637
638#define ASC_RET_DELEGATE 0x00000001
639#define ASC_RET_MUTUAL_AUTH 0x00000002
640#define ASC_RET_REPLAY_DETECT 0x00000004
641#define ASC_RET_SEQUENCE_DETECT 0x00000008
642#define ASC_RET_CONFIDENTIALITY 0x00000010
643#define ASC_RET_USE_SESSION_KEY 0x00000020
644#define ASC_RET_ALLOCATED_MEMORY 0x00000100
645#define ASC_RET_USED_DCE_STYLE 0x00000200
646#define ASC_RET_DATAGRAM 0x00000400
647#define ASC_RET_CONNECTION 0x00000800
648#define ASC_RET_CALL_LEVEL 0x00002000
649#define ASC_RET_THIRD_LEG_FAILED 0x00004000
650#define ASC_RET_EXTENDED_ERROR 0x00008000
651#define ASC_RET_STREAM 0x00010000
652#define ASC_RET_INTEGRITY 0x00020000
653#define ASC_RET_LICENSING 0x00040000
654#define ASC_RET_IDENTIFY 0x00080000
655#define ASC_RET_NULL_SESSION 0x00100000
656#define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000
657#define ASC_RET_FRAGMENT_ONLY 0x00800000
658#define ASC_RET_NO_TOKEN 0x01000000
659#define ASC_RET_NO_PROXY_BINDINGS 0x04000000
660#define ASC_RET_MISSING_BINDINGS 0x10000000
661
662#define SEC_WINNT_AUTH_IDENTITY_ANSI 0x1
663#define SEC_WINNT_AUTH_IDENTITY_UNICODE 0x2
664#define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x4
665#define SEC_WINNT_AUTH_IDENTITY_ONLY 0x8
666#define SEC_WINNT_AUTH_IDENTITY_EXTENDED 0x100
667
668#if !defined(_WIN32) || defined(_UWP) || defined(__MINGW32__)
669
670WINPR_PRAGMA_DIAG_PUSH
671WINPR_PRAGMA_DIAG_IGNORED_RESERVED_ID_MACRO
672
673#ifndef _AUTH_IDENTITY_DEFINED
674#define _AUTH_IDENTITY_DEFINED
675
676typedef struct
677{
678 UINT16* User;
679 ULONG UserLength;
680 UINT16* Domain;
681 ULONG DomainLength;
682 UINT16* Password;
683 ULONG PasswordLength;
684 UINT32 Flags;
685} SEC_WINNT_AUTH_IDENTITY_W, *PSEC_WINNT_AUTH_IDENTITY_W;
686
687typedef struct
688{
689 BYTE* User;
690 ULONG UserLength;
691 BYTE* Domain;
692 ULONG DomainLength;
693 BYTE* Password;
694 ULONG PasswordLength;
695 UINT32 Flags;
696} SEC_WINNT_AUTH_IDENTITY_A, *PSEC_WINNT_AUTH_IDENTITY_A;
697
698// Always define SEC_WINNT_AUTH_IDENTITY to SEC_WINNT_AUTH_IDENTITY_W
699
700#ifdef UNICODE
701#define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W
702#define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W
703#else
704#define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W
705#define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W
706#endif
707
708#endif /* _AUTH_IDENTITY_DEFINED */
709
710#ifndef SEC_WINNT_AUTH_IDENTITY_VERSION
711#define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200
712
713typedef struct
714{
715 UINT32 Version;
716 UINT32 Length;
717 UINT16* User;
718 UINT32 UserLength;
719 UINT16* Domain;
720 UINT32 DomainLength;
721 UINT16* Password;
722 UINT32 PasswordLength;
723 UINT32 Flags;
724 UINT16* PackageList;
725 UINT32 PackageListLength;
726} SEC_WINNT_AUTH_IDENTITY_EXW, *PSEC_WINNT_AUTH_IDENTITY_EXW;
727
728typedef struct
729{
730 UINT32 Version;
731 UINT32 Length;
732 BYTE* User;
733 UINT32 UserLength;
734 BYTE* Domain;
735 UINT32 DomainLength;
736 BYTE* Password;
737 UINT32 PasswordLength;
738 UINT32 Flags;
739 BYTE* PackageList;
740 UINT32 PackageListLength;
741} SEC_WINNT_AUTH_IDENTITY_EXA, *PSEC_WINNT_AUTH_IDENTITY_EXA;
742
743#ifdef UNICODE
744#define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW
745#define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXW
746#else
747#define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXA
748#define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXA
749#endif
750
751#endif /* SEC_WINNT_AUTH_IDENTITY_VERSION */
752
753#ifndef SEC_WINNT_AUTH_IDENTITY_VERSION_2
754#define SEC_WINNT_AUTH_IDENTITY_VERSION_2 0x201
755
756typedef struct
757{
758 UINT32 Version;
759 UINT16 cbHeaderLength;
760 UINT32 cbStructureLength;
761 UINT32 UserOffset;
762 UINT16 UserLength;
763 UINT32 DomainOffset;
764 UINT16 DomainLength;
765 UINT32 PackedCredentialsOffset;
766 UINT16 PackedCredentialsLength;
767 UINT32 Flags;
768 UINT32 PackageListOffset;
769 UINT16 PackageListLength;
770} SEC_WINNT_AUTH_IDENTITY_EX2, *PSEC_WINNT_AUTH_IDENTITY_EX2;
771
772#endif /* SEC_WINNT_AUTH_IDENTITY_VERSION_2 */
773
774#ifndef _AUTH_IDENTITY_INFO_DEFINED
775#define _AUTH_IDENTITY_INFO_DEFINED
776
777// https://docs.microsoft.com/en-us/windows/win32/api/sspi/ns-sspi-sec_winnt_auth_identity_info
778
787
788#define SEC_WINNT_AUTH_IDENTITY_FLAGS_PROCESS_ENCRYPTED 0x10
789#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SYSTEM_PROTECTED 0x20
790#define SEC_WINNT_AUTH_IDENTITY_FLAGS_USER_PROTECTED 0x40
791#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SYSTEM_ENCRYPTED 0x80
792#define SEC_WINNT_AUTH_IDENTITY_FLAGS_RESERVED 0x10000
793#define SEC_WINNT_AUTH_IDENTITY_FLAGS_NULL_USER 0x20000
794#define SEC_WINNT_AUTH_IDENTITY_FLAGS_NULL_DOMAIN 0x40000
795#define SEC_WINNT_AUTH_IDENTITY_FLAGS_ID_PROVIDER 0x80000
796
797#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_USE_MASK 0xFF000000
798#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_SAVE 0x80000000
799#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_CHECKED 0x40000000
800#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_NO_CHECKBOX 0x20000000
801#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_LOAD 0x10000000
802
803#define SEC_WINNT_AUTH_IDENTITY_FLAGS_VALID_SSPIPFC_FLAGS \
804 (SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_SAVE | \
805 SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_CHECKED | \
806 SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_NO_CHECKBOX | \
807 SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_LOAD)
808
809#endif /* _AUTH_IDENTITY_INFO_DEFINED */
810
811WINPR_PRAGMA_DIAG_POP
812
813#if !defined(__MINGW32__)
814typedef struct
815{
816 ULONG_PTR dwLower;
817 ULONG_PTR dwUpper;
818} SecHandle;
819typedef SecHandle* PSecHandle;
820
821typedef SecHandle CredHandle;
822typedef CredHandle* PCredHandle;
823typedef SecHandle CtxtHandle;
824typedef CtxtHandle* PCtxtHandle;
825
826#define SecInvalidateHandle(x) \
827 ((PSecHandle)(x))->dwLower = ((PSecHandle)(x))->dwUpper = ((ULONG_PTR)((INT_PTR)-1))
828
829#define SecIsValidHandle(x) \
830 ((((PSecHandle)(x))->dwLower != ((ULONG_PTR)((INT_PTR)-1))) && \
831 (((PSecHandle)(x))->dwUpper != ((ULONG_PTR)((INT_PTR)-1))))
832
833typedef struct
834{
835 ULONG cbBuffer;
836 ULONG BufferType;
837 void* pvBuffer;
838} SecBuffer;
839typedef SecBuffer* PSecBuffer;
840
841typedef struct
842{
843 ULONG ulVersion;
844 ULONG cBuffers;
845 PSecBuffer pBuffers;
846} SecBufferDesc;
847typedef SecBufferDesc* PSecBufferDesc;
848
849#endif /* __MINGW32__ */
850
851#endif /* !defined(_WIN32) || defined(_UWP) || defined(__MINGW32__) */
852
853typedef SECURITY_STATUS (*psSspiNtlmHashCallback)(void* client,
854 const SEC_WINNT_AUTH_IDENTITY* authIdentity,
855 const SecBuffer* ntproofvalue,
856 const BYTE* randkey, const BYTE* mic,
857 const SecBuffer* micvalue, BYTE* ntlmhash);
858
859typedef struct
860{
861 char* samFile;
862 psSspiNtlmHashCallback hashCallback;
863 void* hashCallbackArg;
864} SEC_WINPR_NTLM_SETTINGS;
865
866typedef struct
867{
868 char* kdcUrl;
869 char* keytab;
870 char* cache;
871 char* armorCache;
872 char* pkinitX509Anchors;
873 char* pkinitX509Identity;
874 BOOL withPac;
875 INT32 startTime;
876 INT32 renewLifeTime;
877 INT32 lifeTime;
878 BYTE certSha1[20];
879} SEC_WINPR_KERBEROS_SETTINGS;
880
881typedef struct
882{
883 SEC_WINNT_AUTH_IDENTITY_EXW identity;
884 SEC_WINPR_NTLM_SETTINGS* ntlmSettings;
885 SEC_WINPR_KERBEROS_SETTINGS* kerberosSettings;
886} SEC_WINNT_AUTH_IDENTITY_WINPR;
887
888#define SECBUFFER_VERSION 0
889
890/* Buffer Types */
891#define SECBUFFER_EMPTY 0
892#define SECBUFFER_DATA 1
893#define SECBUFFER_TOKEN 2
894#define SECBUFFER_PKG_PARAMS 3
895#define SECBUFFER_MISSING 4
896#define SECBUFFER_EXTRA 5
897#define SECBUFFER_STREAM_TRAILER 6
898#define SECBUFFER_STREAM_HEADER 7
899#define SECBUFFER_NEGOTIATION_INFO 8
900#define SECBUFFER_PADDING 9
901#define SECBUFFER_STREAM 10
902#define SECBUFFER_MECHLIST 11
903#define SECBUFFER_MECHLIST_SIGNATURE 12
904#define SECBUFFER_TARGET 13
905#define SECBUFFER_CHANNEL_BINDINGS 14
906#define SECBUFFER_CHANGE_PASS_RESPONSE 15
907#define SECBUFFER_TARGET_HOST 16
908#define SECBUFFER_ALERT 17
909
910/* Security Buffer Flags */
911#define SECBUFFER_ATTRMASK 0xF0000000
912#define SECBUFFER_READONLY 0x80000000
913#define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000
914#define SECBUFFER_RESERVED 0x60000000
915
916#if !defined(_WIN32) || defined(_UWP)
917
918typedef void(SEC_ENTRY* SEC_GET_KEY_FN)(void* Arg, void* Principal, UINT32 KeyVer, void** Key,
919 SECURITY_STATUS* pStatus);
920
921typedef SECURITY_STATUS(SEC_ENTRY* ENUMERATE_SECURITY_PACKAGES_FN_A)(ULONG* pcPackages,
922 PSecPkgInfoA* ppPackageInfo);
923typedef SECURITY_STATUS(SEC_ENTRY* ENUMERATE_SECURITY_PACKAGES_FN_W)(ULONG* pcPackages,
924 PSecPkgInfoW* ppPackageInfo);
925
926#ifdef UNICODE
927#define EnumerateSecurityPackages EnumerateSecurityPackagesW
928#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W
929#else
930#define EnumerateSecurityPackages EnumerateSecurityPackagesA
931#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_A
932#endif
933
934typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(PCredHandle phCredential,
935 ULONG ulAttribute,
936 void* pBuffer);
937typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(PCredHandle phCredential,
938 ULONG ulAttribute,
939 void* pBuffer);
940
941#ifdef UNICODE
942#define QueryCredentialsAttributes QueryCredentialsAttributesW
943#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W
944#else
945#define QueryCredentialsAttributes QueryCredentialsAttributesA
946#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_A
947#endif
948
949typedef SECURITY_STATUS(SEC_ENTRY* ACQUIRE_CREDENTIALS_HANDLE_FN_A)(
950 LPSTR pszPrincipal, LPSTR pszPackage, ULONG fCredentialUse, void* pvLogonID, void* pAuthData,
951 SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential,
952 PTimeStamp ptsExpiry);
953typedef SECURITY_STATUS(SEC_ENTRY* ACQUIRE_CREDENTIALS_HANDLE_FN_W)(
954 LPWSTR pszPrincipal, LPWSTR pszPackage, ULONG fCredentialUse, void* pvLogonID, void* pAuthData,
955 SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential,
956 PTimeStamp ptsExpiry);
957
958#ifdef UNICODE
959#define AcquireCredentialsHandle AcquireCredentialsHandleW
960#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W
961#else
962#define AcquireCredentialsHandle AcquireCredentialsHandleA
963#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_A
964#endif
965
966typedef SECURITY_STATUS(SEC_ENTRY* FREE_CREDENTIALS_HANDLE_FN)(PCredHandle phCredential);
967
968typedef SECURITY_STATUS(SEC_ENTRY* INITIALIZE_SECURITY_CONTEXT_FN_A)(
969 PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR* pszTargetName, ULONG fContextReq,
970 ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2,
971 PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry);
972typedef SECURITY_STATUS(SEC_ENTRY* INITIALIZE_SECURITY_CONTEXT_FN_W)(
973 PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR* pszTargetName, ULONG fContextReq,
974 ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2,
975 PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry);
976
977#ifdef UNICODE
978#define InitializeSecurityContext InitializeSecurityContextW
979#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W
980#else
981#define InitializeSecurityContext InitializeSecurityContextA
982#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_A
983#endif
984
985typedef SECURITY_STATUS(SEC_ENTRY* ACCEPT_SECURITY_CONTEXT_FN)(
986 PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput, ULONG fContextReq,
987 ULONG TargetDataRep, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr,
988 PTimeStamp ptsTimeStamp);
989
990typedef SECURITY_STATUS(SEC_ENTRY* COMPLETE_AUTH_TOKEN_FN)(PCtxtHandle phContext,
991 PSecBufferDesc pToken);
992
993typedef SECURITY_STATUS(SEC_ENTRY* DELETE_SECURITY_CONTEXT_FN)(PCtxtHandle phContext);
994
995typedef SECURITY_STATUS(SEC_ENTRY* APPLY_CONTROL_TOKEN_FN)(PCtxtHandle phContext,
996 PSecBufferDesc pInput);
997
998typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle phContext,
999 ULONG ulAttribute, void* pBuffer);
1000typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle phContext,
1001 ULONG ulAttribute, void* pBuffer);
1002
1003#ifdef UNICODE
1004#define QueryContextAttributes QueryContextAttributesW
1005#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W
1006#else
1007#define QueryContextAttributes QueryContextAttributesA
1008#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_A
1009#endif
1010
1011typedef SECURITY_STATUS(SEC_ENTRY* IMPERSONATE_SECURITY_CONTEXT_FN)(PCtxtHandle phContext);
1012
1013typedef SECURITY_STATUS(SEC_ENTRY* REVERT_SECURITY_CONTEXT_FN)(PCtxtHandle phContext);
1014
1015typedef SECURITY_STATUS(SEC_ENTRY* MAKE_SIGNATURE_FN)(PCtxtHandle phContext, ULONG fQOP,
1016 PSecBufferDesc pMessage, ULONG MessageSeqNo);
1017
1018typedef SECURITY_STATUS(SEC_ENTRY* VERIFY_SIGNATURE_FN)(PCtxtHandle phContext,
1019 PSecBufferDesc pMessage, ULONG MessageSeqNo,
1020 PULONG pfQOP);
1021
1022typedef SECURITY_STATUS(SEC_ENTRY* FREE_CONTEXT_BUFFER_FN)(void* pvContextBuffer);
1023
1024typedef SECURITY_STATUS(SEC_ENTRY* QUERY_SECURITY_PACKAGE_INFO_FN_A)(SEC_CHAR* pszPackageName,
1025 PSecPkgInfoA* ppPackageInfo);
1026typedef SECURITY_STATUS(SEC_ENTRY* QUERY_SECURITY_PACKAGE_INFO_FN_W)(SEC_WCHAR* pszPackageName,
1027 PSecPkgInfoW* ppPackageInfo);
1028
1029#ifdef UNICODE
1030#define QuerySecurityPackageInfo QuerySecurityPackageInfoW
1031#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W
1032#else
1033#define QuerySecurityPackageInfo QuerySecurityPackageInfoA
1034#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_A
1035#endif
1036
1037typedef SECURITY_STATUS(SEC_ENTRY* EXPORT_SECURITY_CONTEXT_FN)(PCtxtHandle phContext, ULONG fFlags,
1038 PSecBuffer pPackedContext,
1039 HANDLE* pToken);
1040
1041typedef SECURITY_STATUS(SEC_ENTRY* IMPORT_SECURITY_CONTEXT_FN_A)(SEC_CHAR* pszPackage,
1042 PSecBuffer pPackedContext,
1043 HANDLE pToken,
1044 PCtxtHandle phContext);
1045typedef SECURITY_STATUS(SEC_ENTRY* IMPORT_SECURITY_CONTEXT_FN_W)(SEC_WCHAR* pszPackage,
1046 PSecBuffer pPackedContext,
1047 HANDLE pToken,
1048 PCtxtHandle phContext);
1049
1050#ifdef UNICODE
1051#define ImportSecurityContext ImportSecurityContextW
1052#define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W
1053#else
1054#define ImportSecurityContext ImportSecurityContextA
1055#define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_A
1056#endif
1057
1058typedef SECURITY_STATUS(SEC_ENTRY* ADD_CREDENTIALS_FN_A)(
1059 PCredHandle hCredentials, SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, UINT32 fCredentialUse,
1060 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PTimeStamp ptsExpiry);
1061typedef SECURITY_STATUS(SEC_ENTRY* ADD_CREDENTIALS_FN_W)(
1062 PCredHandle hCredentials, SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage, UINT32 fCredentialUse,
1063 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PTimeStamp ptsExpiry);
1064
1065#ifdef UNICODE
1066#define AddCredentials AddCredentialsW
1067#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W
1068#else
1069#define AddCredentials AddCredentialsA
1070#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A
1071#endif
1072
1073typedef SECURITY_STATUS(SEC_ENTRY* QUERY_SECURITY_CONTEXT_TOKEN_FN)(PCtxtHandle phContext,
1074 HANDLE* phToken);
1075
1076typedef SECURITY_STATUS(SEC_ENTRY* ENCRYPT_MESSAGE_FN)(PCtxtHandle phContext, ULONG fQOP,
1077 PSecBufferDesc pMessage, ULONG MessageSeqNo);
1078
1079typedef SECURITY_STATUS(SEC_ENTRY* DECRYPT_MESSAGE_FN)(PCtxtHandle phContext,
1080 PSecBufferDesc pMessage, ULONG MessageSeqNo,
1081 PULONG pfQOP);
1082
1083typedef SECURITY_STATUS(SEC_ENTRY* SET_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle phContext,
1084 ULONG ulAttribute, void* pBuffer,
1085 ULONG cbBuffer);
1086typedef SECURITY_STATUS(SEC_ENTRY* SET_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle phContext,
1087 ULONG ulAttribute, void* pBuffer,
1088 ULONG cbBuffer);
1089
1090#ifdef UNICODE
1091#define SetContextAttributes SetContextAttributesW
1092#define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W
1093#else
1094#define SetContextAttributes SetContextAttributesA
1095#define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_A
1096#endif
1097
1098typedef SECURITY_STATUS(SEC_ENTRY* SET_CREDENTIALS_ATTRIBUTES_FN_A)(PCredHandle phCredential,
1099 ULONG ulAttribute,
1100 void* pBuffer, ULONG cbBuffer);
1101
1102typedef SECURITY_STATUS(SEC_ENTRY* SET_CREDENTIALS_ATTRIBUTES_FN_W)(PCredHandle phCredential,
1103 ULONG ulAttribute,
1104 void* pBuffer, ULONG cbBuffer);
1105
1106#ifdef UNICODE
1107#define SetCredentialsAttributes SetCredentialsAttributesW
1108#define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W
1109#else
1110#define SetCredentialsAttributes SetCredentialsAttributesA
1111#define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_A
1112#endif
1113
1114#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION \
1115 1 /* Interface has all routines through DecryptMessage */
1116#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 \
1117 2 /* Interface has all routines through SetContextAttributes */
1118#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 \
1119 3 /* Interface has all routines through SetCredentialsAttributes */
1120#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 \
1121 4 /* Interface has all routines through ChangeAccountPassword */
1122
1123typedef struct
1124{
1125 UINT32 dwVersion;
1126 ENUMERATE_SECURITY_PACKAGES_FN_A EnumerateSecurityPackagesA;
1127 QUERY_CREDENTIALS_ATTRIBUTES_FN_A QueryCredentialsAttributesA;
1128 ACQUIRE_CREDENTIALS_HANDLE_FN_A AcquireCredentialsHandleA;
1129 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
1130 void* Reserved2;
1131 INITIALIZE_SECURITY_CONTEXT_FN_A InitializeSecurityContextA;
1132 ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
1133 COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
1134 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
1135 APPLY_CONTROL_TOKEN_FN ApplyControlToken;
1136 QUERY_CONTEXT_ATTRIBUTES_FN_A QueryContextAttributesA;
1137 IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
1138 REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
1139 MAKE_SIGNATURE_FN MakeSignature;
1140 VERIFY_SIGNATURE_FN VerifySignature;
1141 FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
1142 QUERY_SECURITY_PACKAGE_INFO_FN_A QuerySecurityPackageInfoA;
1143 void* Reserved3;
1144 void* Reserved4;
1145 EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
1146 IMPORT_SECURITY_CONTEXT_FN_A ImportSecurityContextA;
1147 ADD_CREDENTIALS_FN_A AddCredentialsA;
1148 void* Reserved8;
1149 QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
1150 ENCRYPT_MESSAGE_FN EncryptMessage;
1151 DECRYPT_MESSAGE_FN DecryptMessage;
1152 SET_CONTEXT_ATTRIBUTES_FN_A SetContextAttributesA;
1153 SET_CREDENTIALS_ATTRIBUTES_FN_A SetCredentialsAttributesA;
1154} SecurityFunctionTableA;
1155typedef SecurityFunctionTableA* PSecurityFunctionTableA;
1156
1157typedef struct
1158{
1159 UINT32 dwVersion;
1160 ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW;
1161 QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW;
1162 ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW;
1163 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
1164 void* Reserved2;
1165 INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW;
1166 ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
1167 COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
1168 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
1169 APPLY_CONTROL_TOKEN_FN ApplyControlToken;
1170 QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW;
1171 IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
1172 REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
1173 MAKE_SIGNATURE_FN MakeSignature;
1174 VERIFY_SIGNATURE_FN VerifySignature;
1175 FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
1176 QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW;
1177 void* Reserved3;
1178 void* Reserved4;
1179 EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
1180 IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW;
1181 ADD_CREDENTIALS_FN_W AddCredentialsW;
1182 void* Reserved8;
1183 QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
1184 ENCRYPT_MESSAGE_FN EncryptMessage;
1185 DECRYPT_MESSAGE_FN DecryptMessage;
1186 SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW;
1187 SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW;
1188} SecurityFunctionTableW;
1189typedef SecurityFunctionTableW* PSecurityFunctionTableW;
1190
1191typedef PSecurityFunctionTableA(SEC_ENTRY* INIT_SECURITY_INTERFACE_A)(void);
1192typedef PSecurityFunctionTableW(SEC_ENTRY* INIT_SECURITY_INTERFACE_W)(void);
1193
1194#ifdef UNICODE
1195#define InitSecurityInterface InitSecurityInterfaceW
1196#define SecurityFunctionTable SecurityFunctionTableW
1197#define PSecurityFunctionTable PSecurityFunctionTableW
1198#define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W
1199#else
1200#define InitSecurityInterface InitSecurityInterfaceA
1201#define SecurityFunctionTable SecurityFunctionTableA
1202#define PSecurityFunctionTable PSecurityFunctionTableA
1203#define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_A
1204#endif
1205
1206#ifdef __cplusplus
1207extern "C"
1208{
1209#endif
1210
1211#ifdef SSPI_DLL
1212
1213 /* Package Management */
1214
1215 WINPR_API SECURITY_STATUS SEC_ENTRY EnumerateSecurityPackagesA(ULONG* pcPackages,
1216 PSecPkgInfoA* ppPackageInfo);
1217 WINPR_API SECURITY_STATUS SEC_ENTRY EnumerateSecurityPackagesW(ULONG* pcPackages,
1218 PSecPkgInfoW* ppPackageInfo);
1219
1220 WINPR_API PSecurityFunctionTableA SEC_ENTRY InitSecurityInterfaceA(void);
1221 WINPR_API PSecurityFunctionTableW SEC_ENTRY InitSecurityInterfaceW(void);
1222
1223 WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoA(SEC_CHAR* pszPackageName,
1224 PSecPkgInfoA* ppPackageInfo);
1225 WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoW(SEC_WCHAR* pszPackageName,
1226 PSecPkgInfoW* ppPackageInfo);
1227
1228 /* Credential Management */
1229
1230 WINPR_API SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleA(
1231 SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, ULONG fCredentialUse, void* pvLogonID,
1232 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential,
1233 PTimeStamp ptsExpiry);
1234 WINPR_API SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleW(
1235 SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage, ULONG fCredentialUse, void* pvLogonID,
1236 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential,
1237 PTimeStamp ptsExpiry);
1238
1239 WINPR_API SECURITY_STATUS SEC_ENTRY ExportSecurityContext(PCtxtHandle phContext, ULONG fFlags,
1240 PSecBuffer pPackedContext,
1241 HANDLE* pToken);
1242 WINPR_API SECURITY_STATUS SEC_ENTRY FreeCredentialsHandle(PCredHandle phCredential);
1243
1244 WINPR_API SECURITY_STATUS SEC_ENTRY ImportSecurityContextA(SEC_CHAR* pszPackage,
1245 PSecBuffer pPackedContext,
1246 HANDLE pToken,
1247 PCtxtHandle phContext);
1248 WINPR_API SECURITY_STATUS SEC_ENTRY ImportSecurityContextW(SEC_WCHAR* pszPackage,
1249 PSecBuffer pPackedContext,
1250 HANDLE pToken,
1251 PCtxtHandle phContext);
1252
1253 WINPR_API SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesA(PCredHandle phCredential,
1254 ULONG ulAttribute,
1255 void* pBuffer);
1256 WINPR_API SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesW(PCredHandle phCredential,
1257 ULONG ulAttribute,
1258 void* pBuffer);
1259
1260 /* Context Management */
1261
1262 WINPR_API SECURITY_STATUS SEC_ENTRY
1263 AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput,
1264 ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
1265 PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp);
1266
1267 WINPR_API SECURITY_STATUS SEC_ENTRY ApplyControlToken(PCtxtHandle phContext,
1268 PSecBufferDesc pInput);
1269 WINPR_API SECURITY_STATUS SEC_ENTRY CompleteAuthToken(PCtxtHandle phContext,
1270 PSecBufferDesc pToken);
1271 WINPR_API SECURITY_STATUS SEC_ENTRY DeleteSecurityContext(PCtxtHandle phContext);
1272 WINPR_API SECURITY_STATUS SEC_ENTRY FreeContextBuffer(void* pvContextBuffer);
1273 WINPR_API SECURITY_STATUS SEC_ENTRY ImpersonateSecurityContext(PCtxtHandle phContext);
1274
1275 WINPR_API SECURITY_STATUS SEC_ENTRY InitializeSecurityContextA(
1276 PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR* pszTargetName, ULONG fContextReq,
1277 ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2,
1278 PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr,
1279 PTimeStamp ptsExpiry);
1280 WINPR_API SECURITY_STATUS SEC_ENTRY InitializeSecurityContextW(
1281 PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR* pszTargetName,
1282 ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput,
1283 ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr,
1284 PTimeStamp ptsExpiry);
1285
1286 WINPR_API SECURITY_STATUS SEC_ENTRY QueryContextAttributes(PCtxtHandle phContext,
1287 ULONG ulAttribute, void* pBuffer);
1288 WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityContextToken(PCtxtHandle phContext,
1289 HANDLE* phToken);
1290 WINPR_API SECURITY_STATUS SEC_ENTRY SetContextAttributes(PCtxtHandle phContext,
1291 ULONG ulAttribute, void* pBuffer,
1292 ULONG cbBuffer);
1293 WINPR_API SECURITY_STATUS SEC_ENTRY RevertSecurityContext(PCtxtHandle phContext);
1294
1295 /* Message Support */
1296
1297 WINPR_API SECURITY_STATUS SEC_ENTRY DecryptMessage(PCtxtHandle phContext,
1298 PSecBufferDesc pMessage, ULONG MessageSeqNo,
1299 PULONG pfQOP);
1300 WINPR_API SECURITY_STATUS SEC_ENTRY EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
1301 PSecBufferDesc pMessage, ULONG MessageSeqNo);
1302 WINPR_API SECURITY_STATUS SEC_ENTRY MakeSignature(PCtxtHandle phContext, ULONG fQOP,
1303 PSecBufferDesc pMessage, ULONG MessageSeqNo);
1304 WINPR_API SECURITY_STATUS SEC_ENTRY VerifySignature(PCtxtHandle phContext,
1305 PSecBufferDesc pMessage, ULONG MessageSeqNo,
1306 PULONG pfQOP);
1307
1308#endif /* SSPI_DLL */
1309
1310#ifdef __cplusplus
1311}
1312#endif
1313
1314#endif
1315
1316#ifdef __cplusplus
1317extern "C"
1318{
1319#endif
1320
1321 /* Custom API */
1322
1323/* Extended SECPKG_ATTR IDs begin at 1000 */
1324#define SECPKG_ATTR_AUTH_IDENTITY 1001
1325#define SECPKG_ATTR_AUTH_PASSWORD 1002
1326#define SECPKG_ATTR_AUTH_NTLM_HASH 1003
1327#define SECPKG_ATTR_AUTH_NTLM_MESSAGE 1100
1328#define SECPKG_ATTR_AUTH_NTLM_TIMESTAMP 1101
1329#define SECPKG_ATTR_AUTH_NTLM_CLIENT_CHALLENGE 1102
1330#define SECPKG_ATTR_AUTH_NTLM_SERVER_CHALLENGE 1103
1331#define SECPKG_ATTR_AUTH_NTLM_NTPROOF_VALUE 1104
1332#define SECPKG_ATTR_AUTH_NTLM_RANDKEY 1105
1333#define SECPKG_ATTR_AUTH_NTLM_MIC 1106
1334#define SECPKG_ATTR_AUTH_NTLM_MIC_VALUE 1107
1335
1336#define SECPKG_CRED_ATTR_TICKET_LOGON 1200
1337
1338 typedef struct
1339 {
1340 char User[256 + 1];
1341 char Domain[256 + 1];
1342 } SecPkgContext_AuthIdentity;
1343
1344 typedef struct
1345 {
1346 char Password[256 + 1];
1347 } SecPkgContext_AuthPassword;
1348
1349 typedef struct
1350 {
1351 int Version;
1352 BYTE NtlmHash[16];
1353 } SecPkgContext_AuthNtlmHash;
1354
1355 typedef struct
1356 {
1357 BYTE Timestamp[8];
1358 BOOL ChallengeOrResponse;
1359 } SecPkgContext_AuthNtlmTimestamp;
1360
1361 typedef struct
1362 {
1363 BYTE ClientChallenge[8];
1364 } SecPkgContext_AuthNtlmClientChallenge;
1365
1366 typedef struct
1367 {
1368 BYTE ServerChallenge[8];
1369 } SecPkgContext_AuthNtlmServerChallenge;
1370
1371 typedef struct
1372 {
1373 UINT32 type;
1374 UINT32 length;
1375 BYTE* buffer;
1376 } SecPkgContext_AuthNtlmMessage;
1377
1378#define SSPI_INTERFACE_WINPR 0x00000001
1379#define SSPI_INTERFACE_NATIVE 0x00000002
1380
1381 typedef PSecurityFunctionTableA(SEC_ENTRY* INIT_SECURITY_INTERFACE_EX_A)(DWORD flags);
1382 typedef PSecurityFunctionTableW(SEC_ENTRY* INIT_SECURITY_INTERFACE_EX_W)(DWORD flags);
1383
1384 WINPR_API void sspi_GlobalInit(void);
1385 WINPR_API void sspi_GlobalFinish(void);
1386
1387 WINPR_API void* sspi_SecBufferAlloc(PSecBuffer SecBuffer, ULONG size);
1388 WINPR_API void sspi_SecBufferFree(PSecBuffer SecBuffer);
1389
1390#define sspi_SetAuthIdentity sspi_SetAuthIdentityA
1391 WINPR_API int sspi_SetAuthIdentityA(SEC_WINNT_AUTH_IDENTITY* identity, const char* user,
1392 const char* domain, const char* password);
1393 WINPR_API int sspi_SetAuthIdentityW(SEC_WINNT_AUTH_IDENTITY* identity, const WCHAR* user,
1394 const WCHAR* domain, const WCHAR* password);
1395 WINPR_API int sspi_SetAuthIdentityWithLengthW(SEC_WINNT_AUTH_IDENTITY* identity,
1396 const WCHAR* user, size_t userLen,
1397 const WCHAR* domain, size_t domainLen,
1398 const WCHAR* password, size_t passwordLen);
1399 WINPR_API UINT32 sspi_GetAuthIdentityVersion(const void* identity);
1400 WINPR_API UINT32 sspi_GetAuthIdentityFlags(const void* identity);
1401 WINPR_API BOOL sspi_GetAuthIdentityUserDomainW(const void* identity, const WCHAR** pUser,
1402 UINT32* pUserLength, const WCHAR** pDomain,
1403 UINT32* pDomainLength);
1404 WINPR_API BOOL sspi_GetAuthIdentityUserDomainA(const void* identity, const char** pUser,
1405 UINT32* pUserLength, const char** pDomain,
1406 UINT32* pDomainLength);
1407 WINPR_API BOOL sspi_GetAuthIdentityPasswordW(const void* identity, const WCHAR** pPassword,
1408 UINT32* pPasswordLength);
1409 WINPR_API BOOL sspi_GetAuthIdentityPasswordA(const void* identity, const char** pPassword,
1410 UINT32* pPasswordLength);
1411 WINPR_API BOOL sspi_CopyAuthIdentityFieldsA(const SEC_WINNT_AUTH_IDENTITY_INFO* identity,
1412 char** pUser, char** pDomain, char** pPassword);
1413 WINPR_API BOOL sspi_CopyAuthIdentityFieldsW(const SEC_WINNT_AUTH_IDENTITY_INFO* identity,
1414 WCHAR** pUser, WCHAR** pDomain, WCHAR** pPassword);
1415 WINPR_API BOOL sspi_CopyAuthPackageListA(const SEC_WINNT_AUTH_IDENTITY_INFO* identity,
1416 char** pPackageList);
1417 WINPR_API int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity,
1418 const SEC_WINNT_AUTH_IDENTITY_INFO* srcIdentity);
1419
1420 WINPR_API void sspi_FreeAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity);
1421
1422 WINPR_API const char* GetSecurityStatusString(SECURITY_STATUS status);
1423
1424 WINPR_API SecurityFunctionTableW* SEC_ENTRY InitSecurityInterfaceExW(DWORD flags);
1425 WINPR_API SecurityFunctionTableA* SEC_ENTRY InitSecurityInterfaceExA(DWORD flags);
1426
1427#ifdef UNICODE
1428#define InitSecurityInterfaceEx InitSecurityInterfaceExW
1429#define INIT_SECURITY_INTERFACE_EX INIT_SECURITY_INTERFACE_EX_W
1430#else
1431#define InitSecurityInterfaceEx InitSecurityInterfaceExA
1432#define INIT_SECURITY_INTERFACE_EX INIT_SECURITY_INTERFACE_EX_A
1433#endif
1434
1435#ifdef __cplusplus
1436}
1437#endif
1438
1439#endif /* WINPR_SSPI_H */
SECURITY_INTEGER
Definition include/winpr/sspi.h:51
SEC_CHANNEL_BINDINGS
Definition include/winpr/sspi.h:348
SEC_WINNT_AUTH_IDENTITY_A
Definition include/winpr/sspi.h:688
SEC_WINNT_AUTH_IDENTITY_EX2
Definition include/winpr/sspi.h:757
SEC_WINNT_AUTH_IDENTITY_EXA
Definition include/winpr/sspi.h:729
SEC_WINNT_AUTH_IDENTITY_EXW
Definition include/winpr/sspi.h:714
SEC_WINNT_AUTH_IDENTITY_WINPR
Definition include/winpr/sspi.h:882
SEC_WINNT_AUTH_IDENTITY_W
Definition include/winpr/sspi.h:677
SEC_WINPR_KERBEROS_SETTINGS
Definition include/winpr/sspi.h:867
SEC_WINPR_NTLM_SETTINGS
Definition include/winpr/sspi.h:860
SecPkgContex_DceInfo
Definition include/winpr/sspi.h:342
SecPkgContext_AccessToken
Definition include/winpr/sspi.h:301
SecPkgContext_AuthIdentity
Definition include/winpr/sspi.h:1339
SecPkgContext_AuthNtlmClientChallenge
Definition include/winpr/sspi.h:1362
SecPkgContext_AuthNtlmHash
Definition include/winpr/sspi.h:1350
SecPkgContext_AuthNtlmMessage
Definition include/winpr/sspi.h:1372
SecPkgContext_AuthNtlmServerChallenge
Definition include/winpr/sspi.h:1367
SecPkgContext_AuthNtlmTimestamp
Definition include/winpr/sspi.h:1356
SecPkgContext_AuthPassword
Definition include/winpr/sspi.h:1345
SecPkgContext_Authority
Definition include/winpr/sspi.h:313
SecPkgContext_Bindings
Definition include/winpr/sspi.h:552
SecPkgContext_ClientCreds
Definition include/winpr/sspi.h:336
SecPkgContext_ClientSpecifiedTarget
Definition include/winpr/sspi.h:318
SecPkgContext_ConnectionInfo
Definition include/winpr/sspi.h:325
SecPkgContext_EapKeyBlock
Definition include/winpr/sspi.h:360
SecPkgContext_Flags
Definition include/winpr/sspi.h:366
SecPkgContext_KeyInfo
Definition include/winpr/sspi.h:371
SecPkgContext_Lifespan
Definition include/winpr/sspi.h:380
SecPkgContext_Names
Definition include/winpr/sspi.h:386
SecPkgContext_NativeNames
Definition include/winpr/sspi.h:391
SecPkgContext_NegotiationInfo
Definition include/winpr/sspi.h:397
SecPkgContext_PackageInfo
Definition include/winpr/sspi.h:403
SecPkgContext_PasswordExpiry
Definition include/winpr/sspi.h:408
SecPkgContext_SessionAppData
Definition include/winpr/sspi.h:306
SecPkgContext_SessionInfo
Definition include/winpr/sspi.h:419
SecPkgContext_SessionKey
Definition include/winpr/sspi.h:413
SecPkgContext_Sizes
Definition include/winpr/sspi.h:426
SecPkgContext_StreamSizes
Definition include/winpr/sspi.h:434
SecPkgContext_SubjectAttributes
Definition include/winpr/sspi.h:443
SecPkgContext_SupportedSignatures
Definition include/winpr/sspi.h:448
SecPkgContext_TargetInformation
Definition include/winpr/sspi.h:454
SecPkgCredentials_Cert
Definition include/winpr/sspi.h:509
SecPkgCredentials_KdcProxySettingsA
Definition include/winpr/sspi.h:534
SecPkgCredentials_KdcProxySettingsW
Definition include/winpr/sspi.h:524
SecPkgCredentials_NamesA
Definition include/winpr/sspi.h:467
SecPkgCredentials_NamesW
Definition include/winpr/sspi.h:473
SecPkgCredentials_SSIProviderA
Definition include/winpr/sspi.h:494
SecPkgCredentials_SSIProviderW
Definition include/winpr/sspi.h:487
SEC_WINNT_AUTH_IDENTITY_INFO
Definition include/winpr/sspi.h:780