//+---------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1992-1997.
//
// File: sspi.h
//
// Contents: Security Support Provider Interface
// Prototypes and structure definitions
//
// Functions: Security Support Provider API
//
// History: 11-24-93 RichardW Created
//
//----------------------------------------------------------------------------
#ifndef __SSPI_H__
#define __SSPI_H__
//
// Determine environment:
//
#ifdef SECURITY_WIN32
#define ISSP_LEVEL 32
#define ISSP_MODE 1
#endif // SECURITY_WIN32
#ifdef SECURITY_WIN16
#define ISSP_LEVEL 16
#define ISSP_MODE 1
#endif // SECURITY_WIN16
#ifdef SECURITY_KERNEL
#define ISSP_LEVEL 32
//
// SECURITY_KERNEL trumps SECURITY_WIN32. Undefine ISSP_MODE so that
// we don't get redefine errors.
//
#ifdef ISSP_MODE
#undef ISSP_MODE
#endif
#define ISSP_MODE 0
#endif // SECURITY_KERNEL
#ifdef SECURITY_OS212
#define ISSP_LEVEL 16
#define ISSP_MODE 1
#endif // SECURITY_OS212
#ifdef SECURITY_DOS
#define ISSP_LEVEL 16
#define ISSP_MODE 1
#endif // SECURITY_DOS
#ifdef SECURITY_MAC
#define ISSP_LEVEL 32
#define ISSP_MODE 1
#endif // SECURITY_MAC
#ifndef ISSP_LEVEL
#error You must define one of SECURITY_WIN32, SECURITY_WIN16, SECURITY_KERNEL
#error SECURITY_DOS, SECURITY_MAC or SECURITY_OS212
#endif // !ISSP_LEVEL
//
// Now, define platform specific mappings:
//
#if ISSP_LEVEL == 16
typedef short SECURITY_STATUS;
typedef unsigned short SEC_WCHAR;
typedef char SEC_CHAR;
#define SEC_TEXT(_x_) _x_
#ifdef SECURITY_WIN16
#define SEC_FAR __far
#define SEC_ENTRY __pascal __far __export
#else // SECURITY_WIN16
#define SEC_FAR __far
#define SEC_ENTRY __pascal __far __loadds
#pragma warning(disable:4147)
#endif // SECURITY_WIN16
#elif defined(SECURITY_MAC) // ISSP_LEVEL == 16
#define SEC_ENTRY
#define SEC_TEXT(_X_) _X_
#define SEC_FAR
typedef unsigned short SEC_WCHAR;
typedef char SEC_CHAR;
typedef long SECURITY_STATUS;
// No Unicode on the Mac
typedef SEC_CHAR SEC_FAR * SECURITY_PSTR;
typedef SEC_CHAR SEC_FAR * SECURITY_PCSTR;
#else // ISSP_LEVEL == 16
//
// For NT-2 and up, wtypes will define HRESULT to be long.
//
// begin_ntifs
typedef WCHAR SEC_WCHAR;
typedef CHAR SEC_CHAR;
typedef LONG SECURITY_STATUS;
#define SEC_TEXT TEXT
#define SEC_FAR
#define SEC_ENTRY __stdcall
// end_ntifs
//
// Decide what a string - 32 bits only since for 16 bits it is clear.
//
#ifdef UNICODE
typedef SEC_WCHAR SEC_FAR * SECURITY_PSTR;
typedef CONST SEC_WCHAR SEC_FAR * SECURITY_PCSTR;
#else // UNICODE
typedef SEC_CHAR SEC_FAR * SECURITY_PSTR;
typedef CONST SEC_CHAR SEC_FAR * SECURITY_PCSTR;
#endif // UNICODE
#endif // ISSP_LEVEL == 16
//
// Equivalent string for rpcrt:
//
#define __SEC_FAR SEC_FAR
//
// Okay, security specific types:
//
// begin_ntifs
typedef struct _SecHandle
{
unsigned long dwLower;
unsigned long dwUpper;
} SecHandle, SEC_FAR * PSecHandle;
typedef SecHandle CredHandle;
typedef PSecHandle PCredHandle;
typedef SecHandle CtxtHandle;
typedef PSecHandle PCtxtHandle;
// end_ntifs
#if ISSP_LEVEL == 32
# ifdef WIN32_CHICAGO
typedef unsigned __int64 QWORD;
typedef QWORD SECURITY_INTEGER, *PSECURITY_INTEGER;
#define SEC_SUCCESS(Status) ((Status) >= 0)
# elif defined(_NTDEF_) || defined(_WINNT_)
typedef LARGE_INTEGER _SECURITY_INTEGER, SECURITY_INTEGER, *PSECURITY_INTEGER; // ntifs
# else // _NTDEF_ || _WINNT_
// Alignment for axp
typedef struct _SECURITY_INTEGER
{
unsigned long LowPart;
long HighPart;
} SECURITY_INTEGER, *PSECURITY_INTEGER;
# endif // _NTDEF_ || _WINNT_
# ifndef SECURITY_MAC
typedef SECURITY_INTEGER TimeStamp; // ntifs
typedef SECURITY_INTEGER SEC_FAR * PTimeStamp; // ntifs
# else // SECURITY_MAC
typedef unsigned long TimeStamp;
typedef unsigned long * PTimeStamp;
# endif // SECUIRT_MAC
#else // ISSP_LEVEL == 32
typedef unsigned long TimeStamp;
typedef unsigned long SEC_FAR * PTimeStamp;
# ifdef WIN32_CHICAGO
typedef TimeStamp LARGE_INTEGER;
#endif // WIN32_CHICAGO
#endif // ISSP_LEVEL == 32
//
// If we are in 32 bit mode, define the SECURITY_STRING structure,
// as a clone of the base UNICODE_STRING structure. This is used
// internally in security components, an as the string interface
// for kernel components (e.g. FSPs)
//
#if ISSP_LEVEL == 32
# ifndef _NTDEF_
typedef struct _SECURITY_STRING {
unsigned short Length;
unsigned short MaximumLength;
# ifdef MIDL_PASS
[size_is(MaximumLength / 2), length_is(Length / 2)]
# endif // MIDL_PASS
unsigned short * Buffer;
} SECURITY_STRING, * PSECURITY_STRING;
# else // _NTDEF_
typedef UNICODE_STRING SECURITY_STRING, *PSECURITY_STRING; // ntifs
# endif // _NTDEF_
#endif // ISSP_LEVEL == 32
// begin_ntifs
//
// SecPkgInfo structure
//
// Provides general information about a security provider
//
typedef struct _SecPkgInfoW
{
unsigned long fCapabilities; // Capability bitmask
unsigned short wVersion; // Version of driver
unsigned short wRPCID; // ID for RPC Runtime
unsigned long cbMaxToken; // Size of authentication token (max)
#ifdef MIDL_PASS
[string]
#endif
SEC_WCHAR SEC_FAR * Name; // Text name
#ifdef MIDL_PASS
[string]
#endif
SEC_WCHAR SEC_FAR * Comment; // Comment
} SecPkgInfoW, SEC_FAR * PSecPkgInfoW;
// end_ntifs
typedef struct _SecPkgInfoA
{
unsigned long fCapabilities; // Capability bitmask
unsigned short wVersion; // Version of driver
unsigned short wRPCID; // ID for RPC Runtime
unsigned long cbMaxToken; // Size of authentication token (max)
#ifdef MIDL_PASS
[string]
#endif
SEC_CHAR SEC_FAR * Name; // Text name
#ifdef MIDL_PASS
[string]
#endif
SEC_CHAR SEC_FAR * Comment; // Comment
} SecPkgInfoA, SEC_FAR * PSecPkgInfoA;
#ifdef UNICODE
# define SecPkgInfo SecPkgInfoW // ntifs
# define PSecPkgInfo PSecPkgInfoW // ntifs
#else
# define SecPkgInfo SecPkgInfoA
# define PSecPkgInfo PSecPkgInfoA
#endif // !UNICODE
// begin_ntifs
//
// Security Package Capabilities
//
#define SECPKG_FLAG_INTEGRITY 0x00000001 // Supports integrity on messages
#define SECPKG_FLAG_PRIVACY 0x00000002 // Supports privacy (confidentiality)
#define SECPKG_FLAG_TOKEN_ONLY 0x00000004 // Only security token needed
#define SECPKG_FLAG_DATAGRAM 0x00000008 // Datagram RPC support
#define SECPKG_FLAG_CONNECTION 0x00000010 // Connection oriented RPC support
#define SECPKG_FLAG_MULTI_REQUIRED 0x00000020 // Full 3-leg required for re-auth.
#define SECPKG_FLAG_CLIENT_ONLY 0x00000040 // Server side functionality not available
#define SECPKG_FLAG_EXTENDED_ERROR 0x00000080 // Supports extended error msgs
#define SECPKG_FLAG_IMPERSONATION 0x00000100 // Supports impersonation
#define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200 // Accepts Win32 names
#define SECPKG_FLAG_STREAM 0x00000400 // Supports stream semantics
#define SECPKG_FLAG_NEGOTIABLE 0x00000800 // Can be used by the negotiate package
#define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000 // GSS Compatibility Available
#define SECPKG_FLAG_LOGON 0x00002000 // Supports common LsaLogonUser
#define SECPKG_ID_NONE 0xFFFF
//
// SecBuffer
//
// Generic memory descriptors for buffers passed in to the security
// API
//
typedef struct _SecBuffer {
unsigned long cbBuffer; // Size of the buffer, in bytes
unsigned long BufferType; // Type of the b