Headers diff for credui.dll between 6.1.7601.18276-Windows_7.0 and 6.3.9600.17415-Windows_8.1 versions



 sspi.h (6.1.7601.18276-Windows_7.0)   sspi.h (6.3.9600.17415-Windows_8.1) 
skipping to change at line 17 skipping to change at line 17
// //
// Contents: Security Support Provider Interface // Contents: Security Support Provider Interface
// Prototypes and structure definitions // Prototypes and structure definitions
// //
// Functions: Security Support Provider API // Functions: Security Support Provider API
// //
// //
//---------------------------------------------------------------------------- //----------------------------------------------------------------------------
#include <sdkddkver.h> #include <sdkddkver.h>
#include <winapifamily.h>
// begin_ntifs // begin_ntifs
#ifndef __SSPI_H__ #ifndef __SSPI_H__
#define __SSPI_H__ #define __SSPI_H__
// end_ntifs // end_ntifs
#if _MSC_VER > 1000 #if _MSC_VER > 1000
#pragma once #pragma once
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
// //
// Determine environment: // Determine environment:
// //
#ifdef SECURITY_WIN32 #ifdef SECURITY_WIN32
#define ISSP_LEVEL 32 #define ISSP_LEVEL 32
#define ISSP_MODE 1 #define ISSP_MODE 1
#endif // SECURITY_WIN32 #endif // SECURITY_WIN32
#ifdef SECURITY_KERNEL #ifdef SECURITY_KERNEL
skipping to change at line 277 skipping to change at line 281
#define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000 // GSS Compatibility Available #define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000 // GSS Compatibility Available
#define SECPKG_FLAG_LOGON 0x00002000 // Supports common L saLogonUser #define SECPKG_FLAG_LOGON 0x00002000 // Supports common L saLogonUser
#define SECPKG_FLAG_ASCII_BUFFERS 0x00004000 // Token Buffers are in ASCII #define SECPKG_FLAG_ASCII_BUFFERS 0x00004000 // Token Buffers are in ASCII
#define SECPKG_FLAG_FRAGMENT 0x00008000 // Package can fragm ent to fit #define SECPKG_FLAG_FRAGMENT 0x00008000 // Package can fragm ent to fit
#define SECPKG_FLAG_MUTUAL_AUTH 0x00010000 // Package can perfo rm mutual authentication #define SECPKG_FLAG_MUTUAL_AUTH 0x00010000 // Package can perfo rm mutual authentication
#define SECPKG_FLAG_DELEGATION 0x00020000 // Package can deleg ate #define SECPKG_FLAG_DELEGATION 0x00020000 // Package can deleg ate
#define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000 // Package can deleg ate #define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000 // Package can deleg ate
#define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000 // Package supports restricted callers #define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000 // Package supports restricted callers
#define SECPKG_FLAG_NEGO_EXTENDER 0x00100000 // this package exte nds SPNEGO, there is at most one #define SECPKG_FLAG_NEGO_EXTENDER 0x00100000 // this package exte nds SPNEGO, there is at most one
#define SECPKG_FLAG_NEGOTIABLE2 0x00200000 // this package is n egotiated under the NegoExtender #define SECPKG_FLAG_NEGOTIABLE2 0x00200000 // this package is n egotiated under the NegoExtender
#define SECPKG_FLAG_APPCONTAINER_PASSTHROUGH 0x00400000 // this package rece
ives all calls from appcontainer apps
#define SECPKG_FLAG_APPCONTAINER_CHECKS 0x00800000 // this package rece
ives calls from appcontainer apps
// if the following
checks succeed
// 1. Caller has dom
ain auth capability or
// 2. Target is a pr
oxy server or
// 3. The caller has
supplied creds
#define SECPKG_ID_NONE 0xFFFF #define SECPKG_ID_NONE 0xFFFF
// //
// Extended Call Flags that currently contains
// Appcontainer related information about the caller.
// Packages can query for these
// via an LsaFunction GetExtendedCallFlags
//
#define SECPKG_CALLFLAGS_APPCONTAINER 0x00000001
#define SECPKG_CALLFLAGS_APPCONTAINER_AUTHCAPABLE 0x00000002
#define SECPKG_CALLFLAGS_FORCE_SUPPLIED 0x00000004
//
// SecBuffer // SecBuffer
// //
// Generic memory descriptors for buffers passed in to the security // Generic memory descriptors for buffers passed in to the security
// API // API
// //
typedef struct _SecBuffer { typedef struct _SecBuffer {
unsigned long cbBuffer; // Size of the buffer, in bytes unsigned long cbBuffer; // Size of the buffer, in bytes
unsigned long BufferType; // Type of the buffer (below) unsigned long BufferType; // Type of the buffer (below)
#ifdef MIDL_PASS #ifdef MIDL_PASS
[size_is(cbBuffer)] char * pvBuffer; // Pointer to t he buffer [size_is(cbBuffer)] char * pvBuffer; // Pointer to t he buffer
#else #else
__field_bcount(cbBuffer) void SEC_FAR * pvBuffer; // Pointer to t he buffer _Field_size_bytes_(cbBuffer) void SEC_FAR * pvBuffer; // Pointer to the buffer
#endif #endif
} SecBuffer, * PSecBuffer; } SecBuffer, * PSecBuffer;
typedef struct _SecBufferDesc { typedef struct _SecBufferDesc {
unsigned long ulVersion; // Version number unsigned long ulVersion; // Version number
unsigned long cBuffers; // Number of buffers unsigned long cBuffers; // Number of buffers
#ifdef MIDL_PASS #ifdef MIDL_PASS
[size_is(cBuffers)] [size_is(cBuffers)]
#endif #endif
__field_ecount(cBuffers) PSecBuffer pBuffers; // Pointer to a rray of buffers _Field_size_(cBuffers) PSecBuffer pBuffers; // Pointer to arr ay of buffers
} SecBufferDesc, SEC_FAR * PSecBufferDesc; } SecBufferDesc, SEC_FAR * PSecBufferDesc;
#define SECBUFFER_VERSION 0 #define SECBUFFER_VERSION 0
#define SECBUFFER_EMPTY 0 // Undefined, replaced by provider #define SECBUFFER_EMPTY 0 // Undefined, replaced by provider
#define SECBUFFER_DATA 1 // Packet data #define SECBUFFER_DATA 1 // Packet data
#define SECBUFFER_TOKEN 2 // Security token #define SECBUFFER_TOKEN 2 // Security token
#define SECBUFFER_PKG_PARAMS 3 // Package specific parameters #define SECBUFFER_PKG_PARAMS 3 // Package specific parameters
#define SECBUFFER_MISSING 4 // Missing Data indicator #define SECBUFFER_MISSING 4 // Missing Data indicator
#define SECBUFFER_EXTRA 5 // Extra data #define SECBUFFER_EXTRA 5 // Extra data
skipping to change at line 326 skipping to change at line 347
#define SECBUFFER_NEGOTIATION_INFO 8 // Hints from the negotiation pkg #define SECBUFFER_NEGOTIATION_INFO 8 // Hints from the negotiation pkg
#define SECBUFFER_PADDING 9 // non-data padding #define SECBUFFER_PADDING 9 // non-data padding
#define SECBUFFER_STREAM 10 // whole encrypted message #define SECBUFFER_STREAM 10 // whole encrypted message
#define SECBUFFER_MECHLIST 11 #define SECBUFFER_MECHLIST 11
#define SECBUFFER_MECHLIST_SIGNATURE 12 #define SECBUFFER_MECHLIST_SIGNATURE 12
#define SECBUFFER_TARGET 13 // obsolete #define SECBUFFER_TARGET 13 // obsolete
#define SECBUFFER_CHANNEL_BINDINGS 14 #define SECBUFFER_CHANNEL_BINDINGS 14
#define SECBUFFER_CHANGE_PASS_RESPONSE 15 #define SECBUFFER_CHANGE_PASS_RESPONSE 15
#define SECBUFFER_TARGET_HOST 16 #define SECBUFFER_TARGET_HOST 16
#define SECBUFFER_ALERT 17 #define SECBUFFER_ALERT 17
#define SECBUFFER_APPLICATION_PROTOCOLS 18 // Lists of application protocol IDs , one per negotiation extension
#define SECBUFFER_ATTRMASK 0xF0000000 #define SECBUFFER_ATTRMASK 0xF0000000
#define SECBUFFER_READONLY 0x80000000 // Buffer is read-on ly, no checksum #define SECBUFFER_READONLY 0x80000000 // Buffer is read-on ly, no checksum
#define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000 // Buffer is read-on ly, and checksummed #define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000 // Buffer is read-on ly, and checksummed
#define SECBUFFER_RESERVED 0x60000000 // Flags reserved to security system #define SECBUFFER_RESERVED 0x60000000 // Flags reserved to security system
typedef struct _SEC_NEGOTIATION_INFO { typedef struct _SEC_NEGOTIATION_INFO {
unsigned long Size; // Size of this structure unsigned long Size; // Size of this structure
unsigned long NameLength; // Length of name hint unsigned long NameLength; // Length of name hint
SEC_WCHAR * Name; // Name hint SEC_WCHAR * Name; // Name hint
skipping to change at line 350 skipping to change at line 372
unsigned long dwInitiatorAddrType; unsigned long dwInitiatorAddrType;
unsigned long cbInitiatorLength; unsigned long cbInitiatorLength;
unsigned long dwInitiatorOffset; unsigned long dwInitiatorOffset;
unsigned long dwAcceptorAddrType; unsigned long dwAcceptorAddrType;
unsigned long cbAcceptorLength; unsigned long cbAcceptorLength;
unsigned long dwAcceptorOffset; unsigned long dwAcceptorOffset;
unsigned long cbApplicationDataLength; unsigned long cbApplicationDataLength;
unsigned long dwApplicationDataOffset; unsigned long dwApplicationDataOffset;
} SEC_CHANNEL_BINDINGS, * PSEC_CHANNEL_BINDINGS ; } SEC_CHANNEL_BINDINGS, * PSEC_CHANNEL_BINDINGS ;
typedef enum _SEC_APPLICATION_PROTOCOL_NEGOTIATION_EXT
{
SecApplicationProtocolNegotiationExt_None,
SecApplicationProtocolNegotiationExt_NPN,
SecApplicationProtocolNegotiationExt_ALPN
} SEC_APPLICATION_PROTOCOL_NEGOTIATION_EXT, *PSEC_APPLICATION_PROTOCOL_NEGOTIATI
ON_EXT;
typedef struct _SEC_APPLICATION_PROTOCOL_LIST {
SEC_APPLICATION_PROTOCOL_NEGOTIATION_EXT ProtoNegoExt; // Protocol negotiati
on extension type to use with this list of protocols
unsigned short ProtocolListSize; // Size in bytes of t
he protocol ID list
unsigned char ProtocolList[ANYSIZE_ARRAY]; // 8-bit length-prefi
xed application protocol IDs, most preferred first
} SEC_APPLICATION_PROTOCOL_LIST, *PSEC_APPLICATION_PROTOCOL_LIST;
typedef struct _SEC_APPLICATION_PROTOCOLS {
unsigned long ProtocolListsSize; // Size in bytes
of the protocol ID lists array
SEC_APPLICATION_PROTOCOL_LIST ProtocolLists[ANYSIZE_ARRAY]; // Array of prot
ocol ID lists
} SEC_APPLICATION_PROTOCOLS, *PSEC_APPLICATION_PROTOCOLS;
// //
// Data Representation Constant: // Data Representation Constant:
// //
#define SECURITY_NATIVE_DREP 0x00000010 #define SECURITY_NATIVE_DREP 0x00000010
#define SECURITY_NETWORK_DREP 0x00000000 #define SECURITY_NETWORK_DREP 0x00000000
// //
// Credential Use Flags // Credential Use Flags
// //
#define SECPKG_CRED_INBOUND 0x00000001 #define SECPKG_CRED_INBOUND 0x00000001
skipping to change at line 412 skipping to change at line 452
#define ISC_REQ_INTEGRITY 0x00010000 #define ISC_REQ_INTEGRITY 0x00010000
#define ISC_REQ_IDENTIFY 0x00020000 #define ISC_REQ_IDENTIFY 0x00020000
#define ISC_REQ_NULL_SESSION 0x00040000 #define ISC_REQ_NULL_SESSION 0x00040000
#define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000 #define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000
#define ISC_REQ_RESERVED1 0x00100000 #define ISC_REQ_RESERVED1 0x00100000
#define ISC_REQ_FRAGMENT_TO_FIT 0x00200000 #define ISC_REQ_FRAGMENT_TO_FIT 0x00200000
// This exists only in Windows Vista and greater // This exists only in Windows Vista and greater
#define ISC_REQ_FORWARD_CREDENTIALS 0x00400000 #define ISC_REQ_FORWARD_CREDENTIALS 0x00400000
#define ISC_REQ_NO_INTEGRITY 0x00800000 // honored only by SPNEGO #define ISC_REQ_NO_INTEGRITY 0x00800000 // honored only by SPNEGO
#define ISC_REQ_USE_HTTP_STYLE 0x01000000 #define ISC_REQ_USE_HTTP_STYLE 0x01000000
#define ISC_REQ_UNVERIFIED_TARGET_NAME 0x20000000
#define ISC_REQ_CONFIDENTIALITY_ONLY 0x40000000 // honored by SPNEGO/Kerberos
#define ISC_RET_DELEGATE 0x00000001 #define ISC_RET_DELEGATE 0x00000001
#define ISC_RET_MUTUAL_AUTH 0x00000002 #define ISC_RET_MUTUAL_AUTH 0x00000002
#define ISC_RET_REPLAY_DETECT 0x00000004 #define ISC_RET_REPLAY_DETECT 0x00000004
#define ISC_RET_SEQUENCE_DETECT 0x00000008 #define ISC_RET_SEQUENCE_DETECT 0x00000008
#define ISC_RET_CONFIDENTIALITY 0x00000010 #define ISC_RET_CONFIDENTIALITY 0x00000010
#define ISC_RET_USE_SESSION_KEY 0x00000020 #define ISC_RET_USE_SESSION_KEY 0x00000020
#define ISC_RET_USED_COLLECTED_CREDS 0x00000040 #define ISC_RET_USED_COLLECTED_CREDS 0x00000040
#define ISC_RET_USED_SUPPLIED_CREDS 0x00000080 #define ISC_RET_USED_SUPPLIED_CREDS 0x00000080
#define ISC_RET_ALLOCATED_MEMORY 0x00000100 #define ISC_RET_ALLOCATED_MEMORY 0x00000100
skipping to change at line 439 skipping to change at line 481
#define ISC_RET_INTEGRITY 0x00010000 #define ISC_RET_INTEGRITY 0x00010000
#define ISC_RET_IDENTIFY 0x00020000 #define ISC_RET_IDENTIFY 0x00020000
#define ISC_RET_NULL_SESSION 0x00040000 #define ISC_RET_NULL_SESSION 0x00040000
#define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000 #define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000
#define ISC_RET_RESERVED1 0x00100000 #define ISC_RET_RESERVED1 0x00100000
#define ISC_RET_FRAGMENT_ONLY 0x00200000 #define ISC_RET_FRAGMENT_ONLY 0x00200000
// This exists only in Windows Vista and greater // This exists only in Windows Vista and greater
#define ISC_RET_FORWARD_CREDENTIALS 0x00400000 #define ISC_RET_FORWARD_CREDENTIALS 0x00400000
#define ISC_RET_USED_HTTP_STYLE 0x01000000 #define ISC_RET_USED_HTTP_STYLE 0x01000000
#define ISC_RET_NO_ADDITIONAL_TOKEN 0x02000000 // *INTERNAL* #define ISC_RET_NO_ADDITIONAL_TOKEN 0x02000000 // *INTERNAL*
#define ISC_RET_REAUTHENTICATION 0x08000000 // *INTERNAL* #define ISC_RET_REAUTHENTICATION 0x08000000 // *INTERNAL*
#define ISC_RET_CONFIDENTIALITY_ONLY 0x40000000 // honored by SPNEGO/Kerberos
#define ASC_REQ_DELEGATE 0x00000001 #define ASC_REQ_DELEGATE 0x00000001
#define ASC_REQ_MUTUAL_AUTH 0x00000002 #define ASC_REQ_MUTUAL_AUTH 0x00000002
#define ASC_REQ_REPLAY_DETECT 0x00000004 #define ASC_REQ_REPLAY_DETECT 0x00000004
#define ASC_REQ_SEQUENCE_DETECT 0x00000008 #define ASC_REQ_SEQUENCE_DETECT 0x00000008
#define ASC_REQ_CONFIDENTIALITY 0x00000010 #define ASC_REQ_CONFIDENTIALITY 0x00000010
#define ASC_REQ_USE_SESSION_KEY 0x00000020 #define ASC_REQ_USE_SESSION_KEY 0x00000020
#define ASC_REQ_SESSION_TICKET 0x00000040
#define ASC_REQ_ALLOCATE_MEMORY 0x00000100 #define ASC_REQ_ALLOCATE_MEMORY 0x00000100
#define ASC_REQ_USE_DCE_STYLE 0x00000200 #define ASC_REQ_USE_DCE_STYLE 0x00000200
#define ASC_REQ_DATAGRAM 0x00000400 #define ASC_REQ_DATAGRAM 0x00000400
#define ASC_REQ_CONNECTION 0x00000800 #define ASC_REQ_CONNECTION 0x00000800
#define ASC_REQ_CALL_LEVEL 0x00001000 #define ASC_REQ_CALL_LEVEL 0x00001000
#define ASC_REQ_EXTENDED_ERROR 0x00008000 #define ASC_REQ_EXTENDED_ERROR 0x00008000
#define ASC_REQ_STREAM 0x00010000 #define ASC_REQ_STREAM 0x00010000
#define ASC_REQ_INTEGRITY 0x00020000 #define ASC_REQ_INTEGRITY 0x00020000
#define ASC_REQ_LICENSING 0x00040000 #define ASC_REQ_LICENSING 0x00040000
#define ASC_REQ_IDENTIFY 0x00080000 #define ASC_REQ_IDENTIFY 0x00080000
skipping to change at line 474 skipping to change at line 518
#define ASC_REQ_PROXY_BINDINGS 0x04000000 #define ASC_REQ_PROXY_BINDINGS 0x04000000
// SSP_RET_REAUTHENTICATION 0x08000000 // *INTERNAL* // SSP_RET_REAUTHENTICATION 0x08000000 // *INTERNAL*
#define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000 #define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000
#define ASC_RET_DELEGATE 0x00000001 #define ASC_RET_DELEGATE 0x00000001
#define ASC_RET_MUTUAL_AUTH 0x00000002 #define ASC_RET_MUTUAL_AUTH 0x00000002
#define ASC_RET_REPLAY_DETECT 0x00000004 #define ASC_RET_REPLAY_DETECT 0x00000004
#define ASC_RET_SEQUENCE_DETECT 0x00000008 #define ASC_RET_SEQUENCE_DETECT 0x00000008
#define ASC_RET_CONFIDENTIALITY 0x00000010 #define ASC_RET_CONFIDENTIALITY 0x00000010
#define ASC_RET_USE_SESSION_KEY 0x00000020 #define ASC_RET_USE_SESSION_KEY 0x00000020
#define ASC_RET_SESSION_TICKET 0x00000040
#define ASC_RET_ALLOCATED_MEMORY 0x00000100 #define ASC_RET_ALLOCATED_MEMORY 0x00000100
#define ASC_RET_USED_DCE_STYLE 0x00000200 #define ASC_RET_USED_DCE_STYLE 0x00000200
#define ASC_RET_DATAGRAM 0x00000400 #define ASC_RET_DATAGRAM 0x00000400
#define ASC_RET_CONNECTION 0x00000800 #define ASC_RET_CONNECTION 0x00000800
#define ASC_RET_CALL_LEVEL 0x00002000 // skipped 1000 to be like IS C_ #define ASC_RET_CALL_LEVEL 0x00002000 // skipped 1000 to be like IS C_
#define ASC_RET_THIRD_LEG_FAILED 0x00004000 #define ASC_RET_THIRD_LEG_FAILED 0x00004000
#define ASC_RET_EXTENDED_ERROR 0x00008000 #define ASC_RET_EXTENDED_ERROR 0x00008000
#define ASC_RET_STREAM 0x00010000 #define ASC_RET_STREAM 0x00010000
#define ASC_RET_INTEGRITY 0x00020000 #define ASC_RET_INTEGRITY 0x00020000
#define ASC_RET_LICENSING 0x00040000 #define ASC_RET_LICENSING 0x00040000
#define ASC_RET_IDENTIFY 0x00080000 #define ASC_RET_IDENTIFY 0x00080000
#define ASC_RET_NULL_SESSION 0x00100000 #define ASC_RET_NULL_SESSION 0x00100000
#define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000 #define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000
#define ASC_RET_ALLOW_CONTEXT_REPLAY 0x00400000 // deprecated - don't use th is flag!!! #define ASC_RET_ALLOW_CONTEXT_REPLAY 0x00400000 // deprecated - don't use th is flag!!!
#define ASC_RET_FRAGMENT_ONLY 0x00800000 #define ASC_RET_FRAGMENT_ONLY 0x00800000
#define ASC_RET_NO_TOKEN 0x01000000 #define ASC_RET_NO_TOKEN 0x01000000
#define ASC_RET_NO_ADDITIONAL_TOKEN 0x02000000 // *INTERNAL* #define ASC_RET_NO_ADDITIONAL_TOKEN 0x02000000 // *INTERNAL*
#define ASC_RET_NO_PROXY_BINDINGS 0x04000000
// SSP_RET_REAUTHENTICATION 0x08000000 // *INTERNAL* // SSP_RET_REAUTHENTICATION 0x08000000 // *INTERNAL*
#define ASC_RET_MISSING_BINDINGS 0x10000000
// //
// Security Credentials Attributes: // Security Credentials Attributes:
// //
#define SECPKG_CRED_ATTR_NAMES 1 #define SECPKG_CRED_ATTR_NAMES 1
#define SECPKG_CRED_ATTR_SSI_PROVIDER 2 #define SECPKG_CRED_ATTR_SSI_PROVIDER 2
#define SECPKG_CRED_ATTR_KDC_PROXY_SETTINGS 3
#define SECPKG_CRED_ATTR_CERT 4
typedef struct _SecPkgCredentials_NamesW typedef struct _SecPkgCredentials_NamesW
{ {
#ifdef MIDL_PASS #ifdef MIDL_PASS
[string] [string]
#endif #endif
SEC_WCHAR * sUserName; SEC_WCHAR * sUserName;
} SecPkgCredentials_NamesW, * PSecPkgCredentials_NamesW; } SecPkgCredentials_NamesW, * PSecPkgCredentials_NamesW;
skipping to change at line 559 skipping to change at line 604
#ifdef UNICODE #ifdef UNICODE
# define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW // n tifs # define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW // n tifs
# define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW // n tifs # define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW // n tifs
#else #else
# define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderA # define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderA
# define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderA # define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderA
#endif // !UNICODE #endif // !UNICODE
// begin_ntifs // begin_ntifs
#define KDC_PROXY_SETTINGS_V1 1
#define KDC_PROXY_SETTINGS_FLAGS_FORCEPROXY 0x1
typedef struct _SecPkgCredentials_KdcProxySettingsW
{
ULONG Version; // KDC_PROXY_SETTINGS_V1
ULONG Flags; // KDC_PROXY_SETTINGS_FLAGS_*
USHORT ProxyServerOffset; // ProxyServer, optional
USHORT ProxyServerLength;
USHORT ClientTlsCredOffset; // ClientTlsCred, optional
USHORT ClientTlsCredLength;
} SecPkgCredentials_KdcProxySettingsW, *PSecPkgCredentials_KdcProxySettingsW;
// end_ntifs
// begin_ntifs
typedef struct _SecPkgCredentials_Cert
{
unsigned long EncodedCertSize;
unsigned char* EncodedCert;
} SecPkgCredentials_Cert, * PSecPkgCredentials_Cert;
// end_ntifs
// begin_ntifs
// //
// Security Context Attributes: // Security Context Attributes:
// //
#define SECPKG_ATTR_SIZES 0 #define SECPKG_ATTR_SIZES 0
#define SECPKG_ATTR_NAMES 1 #define SECPKG_ATTR_NAMES 1
#define SECPKG_ATTR_LIFESPAN 2 #define SECPKG_ATTR_LIFESPAN 2
#define SECPKG_ATTR_DCE_INFO 3 #define SECPKG_ATTR_DCE_INFO 3
#define SECPKG_ATTR_STREAM_SIZES 4 #define SECPKG_ATTR_STREAM_SIZES 4
#define SECPKG_ATTR_KEY_INFO 5 #define SECPKG_ATTR_KEY_INFO 5
skipping to change at line 602 skipping to change at line 674
#define SECPKG_ATTR_PROMPTING_NEEDED 24 #define SECPKG_ATTR_PROMPTING_NEEDED 24
#define SECPKG_ATTR_UNIQUE_BINDINGS 25 #define SECPKG_ATTR_UNIQUE_BINDINGS 25
#define SECPKG_ATTR_ENDPOINT_BINDINGS 26 #define SECPKG_ATTR_ENDPOINT_BINDINGS 26
#define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27 #define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27
#define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30 #define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30
#define SECPKG_ATTR_NEGO_PKG_INFO 31 // contains nego info of packages #define SECPKG_ATTR_NEGO_PKG_INFO 31 // contains nego info of packages
#define SECPKG_ATTR_NEGO_STATUS 32 // contains the last error #define SECPKG_ATTR_NEGO_STATUS 32 // contains the last error
#define SECPKG_ATTR_CONTEXT_DELETED 33 // a context has been deleted #define SECPKG_ATTR_CONTEXT_DELETED 33 // a context has been deleted
//
// win8 or greater
//
#define SECPKG_ATTR_DTLS_MTU 34
#define SECPKG_ATTR_DATAGRAM_SIZES SECPKG_ATTR_STREAM_SIZES
#define SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES 128 #define SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES 128
//
// win8.1 or greater
//
#define SECPKG_ATTR_APPLICATION_PROTOCOL 35
typedef struct _SecPkgContext_SubjectAttributes { typedef struct _SecPkgContext_SubjectAttributes {
void* AttributeInfo; // contains a PAUTHZ_SECURITY_ATTRIBUTES_INFORMATION st ructure void* AttributeInfo; // contains a PAUTHZ_SECURITY_ATTRIBUTES_INFORMATION st ructure
} SecPkgContext_SubjectAttributes, *PSecPkgContext_SubjectAttributes; } SecPkgContext_SubjectAttributes, *PSecPkgContext_SubjectAttributes;
#define SECPKG_ATTR_NEGO_INFO_FLAG_NO_KERBEROS 0x1 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_KERBEROS 0x1
#define SECPKG_ATTR_NEGO_INFO_FLAG_NO_NTLM 0x2 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_NTLM 0x2
// //
// types of credentials, used by SECPKG_ATTR_PROMPTING_NEEDED // types of credentials, used by SECPKG_ATTR_PROMPTING_NEEDED
// //
skipping to change at line 655 skipping to change at line 738
typedef struct _SecPkgContext_StreamSizes typedef struct _SecPkgContext_StreamSizes
{ {
unsigned long cbHeader; unsigned long cbHeader;
unsigned long cbTrailer; unsigned long cbTrailer;
unsigned long cbMaximumMessage; unsigned long cbMaximumMessage;
unsigned long cBuffers; unsigned long cBuffers;
unsigned long cbBlockSize; unsigned long cbBlockSize;
} SecPkgContext_StreamSizes, * PSecPkgContext_StreamSizes; } SecPkgContext_StreamSizes, * PSecPkgContext_StreamSizes;
typedef SecPkgContext_StreamSizes SecPkgContext_DatagramSizes;
typedef PSecPkgContext_StreamSizes PSecPkgContext_DatagramSizes;
typedef struct _SecPkgContext_NamesW typedef struct _SecPkgContext_NamesW
{ {
SEC_WCHAR * sUserName; SEC_WCHAR * sUserName;
} SecPkgContext_NamesW, * PSecPkgContext_NamesW; } SecPkgContext_NamesW, * PSecPkgContext_NamesW;
// end_ntifs // end_ntifs
typedef enum _SECPKG_ATTR_LCT_STATUS { typedef enum _SECPKG_ATTR_LCT_STATUS {
SecPkgAttrLastClientTokenYes, SecPkgAttrLastClientTokenYes,
SecPkgAttrLastClientTokenNo, SecPkgAttrLastClientTokenNo,
skipping to change at line 796 skipping to change at line 882
#if NTDDI_VERSION > NTDDI_WS03 #if NTDDI_VERSION > NTDDI_WS03
typedef struct _SecPkgContext_LogoffTime typedef struct _SecPkgContext_LogoffTime
{ {
TimeStamp tsLogoffTime; TimeStamp tsLogoffTime;
} SecPkgContext_LogoffTime, * PSecPkgContext_LogoffTime; } SecPkgContext_LogoffTime, * PSecPkgContext_LogoffTime;
#endif // Greater than Windows Server 2003 RTM (SP1 and greater contains this) #endif // Greater than Windows Server 2003 RTM (SP1 and greater contains this)
typedef struct _SecPkgContext_SessionKey typedef struct _SecPkgContext_SessionKey
{ {
unsigned long SessionKeyLength; unsigned long SessionKeyLength;
__field_bcount(SessionKeyLength) unsigned char * SessionKey; _Field_size_bytes_(SessionKeyLength) unsigned char * SessionKey;
} SecPkgContext_SessionKey, *PSecPkgContext_SessionKey; } SecPkgContext_SessionKey, *PSecPkgContext_SessionKey;
// used by nego2 // used by nego2
typedef struct _SecPkgContext_NegoKeys typedef struct _SecPkgContext_NegoKeys
{ {
unsigned long KeyType; unsigned long KeyType;
unsigned short KeyLength; unsigned short KeyLength;
__field_bcount(KeyLength) unsigned char* KeyValue; _Field_size_bytes_(KeyLength) unsigned char* KeyValue;
unsigned long VerifyKeyType; unsigned long VerifyKeyType;
unsigned short VerifyKeyLength; unsigned short VerifyKeyLength;
__field_bcount(VerifyKeyLength) unsigned char* VerifyKeyValue; _Field_size_bytes_(VerifyKeyLength) unsigned char* VerifyKeyValue;
} SecPkgContext_NegoKeys, * PSecPkgContext_NegoKeys; } SecPkgContext_NegoKeys, * PSecPkgContext_NegoKeys;
typedef struct _SecPkgContext_PackageInfoW typedef struct _SecPkgContext_PackageInfoW
{ {
PSecPkgInfoW PackageInfo; PSecPkgInfoW PackageInfo;
} SecPkgContext_PackageInfoW, * PSecPkgContext_PackageInfoW; } SecPkgContext_PackageInfoW, * PSecPkgContext_PackageInfoW;
// end_ntifs // end_ntifs
typedef struct _SecPkgContext_PackageInfoA typedef struct _SecPkgContext_PackageInfoA
skipping to change at line 954 skipping to change at line 1040
} SecPkgContext_Target, * PSecPkgContext_Target; } SecPkgContext_Target, * PSecPkgContext_Target;
typedef struct _SecPkgContext_ClientSpecifiedTarget typedef struct _SecPkgContext_ClientSpecifiedTarget
{ {
SEC_WCHAR * sTargetName; SEC_WCHAR * sTargetName;
} SecPkgContext_ClientSpecifiedTarget, * PSecPkgContext_ClientSpecifiedTarget; } SecPkgContext_ClientSpecifiedTarget, * PSecPkgContext_ClientSpecifiedTarget;
typedef struct _SecPkgContext_Bindings typedef struct _SecPkgContext_Bindings
{ {
unsigned long BindingsLength; unsigned long BindingsLength;
__field_bcount(BindingsLength) SEC_CHANNEL_BINDINGS * Bindings; _Field_size_bytes_(BindingsLength) SEC_CHANNEL_BINDINGS * Bindings;
} SecPkgContext_Bindings, * PSecPkgContext_Bindings; } SecPkgContext_Bindings, * PSecPkgContext_Bindings;
typedef enum _SEC_APPLICATION_PROTOCOL_NEGOTIATION_STATUS
{
SecApplicationProtocolNegotiationStatus_None,
SecApplicationProtocolNegotiationStatus_Success,
SecApplicationProtocolNegotiationStatus_SelectedClientOnly
} SEC_APPLICATION_PROTOCOL_NEGOTIATION_STATUS, *PSEC_APPLICATION_PROTOCOL_NEGOTI
ATION_STATUS;
#define MAX_PROTOCOL_ID_SIZE 0xff
typedef struct _SecPkgContext_ApplicationProtocol
{
SEC_APPLICATION_PROTOCOL_NEGOTIATION_STATUS ProtoNegoStatus; // Application
protocol negotiation status
SEC_APPLICATION_PROTOCOL_NEGOTIATION_EXT ProtoNegoExt; // Protocol neg
otiation extension type corresponding to this protocol ID
unsigned char ProtocolIdSize; // Size in byte
s of the application protocol ID
unsigned char ProtocolId[MAX_PROTOCOL_ID_SIZE]; // Byte string
representing the negotiated application protocol ID
} SecPkgContext_ApplicationProtocol, *PSecPkgContext_ApplicationProtocol;
// begin_ntifs // begin_ntifs
typedef void typedef void
(SEC_ENTRY * SEC_GET_KEY_FN) ( (SEC_ENTRY * SEC_GET_KEY_FN) (
void * Arg, // Argument passed in void * Arg, // Argument passed in
void * Principal, // Principal ID void * Principal, // Principal ID
unsigned long KeyVer, // Key Version unsigned long KeyVer, // Key Version
void * * Key, // Returned ptr to key void * * Key, // Returned ptr to key
SECURITY_STATUS * Status // returned status SECURITY_STATUS * Status // returned status
); );
skipping to change at line 981 skipping to change at line 1084
#define SECPKG_CONTEXT_EXPORT_RESET_NEW 0x00000001 // New context i s reset to initial state #define SECPKG_CONTEXT_EXPORT_RESET_NEW 0x00000001 // New context i s reset to initial state
#define SECPKG_CONTEXT_EXPORT_DELETE_OLD 0x00000002 // Old context i s deleted during export #define SECPKG_CONTEXT_EXPORT_DELETE_OLD 0x00000002 // Old context i s deleted during export
// This is only valid in W2K3SP1 and greater // This is only valid in W2K3SP1 and greater
#define SECPKG_CONTEXT_EXPORT_TO_KERNEL 0x00000004 // Context is to be transferred to the kernel #define SECPKG_CONTEXT_EXPORT_TO_KERNEL 0x00000004 // Context is to be transferred to the kernel
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
AcquireCredentialsHandleW( AcquireCredentialsHandleW(
#if ISSP_MODE == 0 // For Kernel mode #if ISSP_MODE == 0 // For Kernel mode
__in_opt PSECURITY_STRING pPrincipal, _In_opt_ PSECURITY_STRING pPrincipal,
__in PSECURITY_STRING pPackage, _In_ PSECURITY_STRING pPackage,
#else #else
__in_opt LPWSTR pszPrincipal, // Name of principal _In_opt_ LPWSTR pszPrincipal, // Name of principal
__in LPWSTR pszPackage, // Name of package _In_ LPWSTR pszPackage, // Name of package
#endif #endif
__in unsigned long fCredentialUse, // Flags indicating use _In_ unsigned long fCredentialUse, // Flags indicating use
__in_opt void * pvLogonId, // Pointer to logon ID _In_opt_ void * pvLogonId, // Pointer to logon ID
__in_opt void * pAuthData, // Package specific data _In_opt_ void * pAuthData, // Package specific data
__in_opt SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func _In_opt_ SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func
__in_opt void * pvGetKeyArgument, // Value to pass to GetKey() _In_opt_ void * pvGetKeyArgument, // Value to pass to GetKey()
__out PCredHandle phCredential, // (out) Cred Handle _Out_ PCredHandle phCredential, // (out) Cred Handle
__out_opt PTimeStamp ptsExpiry // (out) Lifetime (optional) _Out_opt_ PTimeStamp ptsExpiry // (out) Lifetime (optional)
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_W)( (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_W)(
#if ISSP_MODE == 0 #if ISSP_MODE == 0
PSECURITY_STRING, PSECURITY_STRING,
PSECURITY_STRING, PSECURITY_STRING,
#else #else
SEC_WCHAR *, SEC_WCHAR *,
SEC_WCHAR *, SEC_WCHAR *,
skipping to change at line 1017 skipping to change at line 1120
void *, void *,
SEC_GET_KEY_FN, SEC_GET_KEY_FN,
void *, void *,
PCredHandle, PCredHandle,
PTimeStamp); PTimeStamp);
// end_ntifs // end_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
AcquireCredentialsHandleA( AcquireCredentialsHandleA(
__in_opt LPSTR pszPrincipal, // Name of principal _In_opt_ LPSTR pszPrincipal, // Name of principal
__in LPSTR pszPackage, // Name of package _In_ LPSTR pszPackage, // Name of package
__in unsigned long fCredentialUse, // Flags indicating use _In_ unsigned long fCredentialUse, // Flags indicating use
__in_opt void * pvLogonId, // Pointer to logon ID _In_opt_ void * pvLogonId, // Pointer to logon ID
__in_opt void * pAuthData, // Package specific data _In_opt_ void * pAuthData, // Package specific data
__in_opt SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func _In_opt_ SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func
__in_opt void * pvGetKeyArgument, // Value to pass to GetKey() _In_opt_ void * pvGetKeyArgument, // Value to pass to GetKey()
__out PCredHandle phCredential, // (out) Cred Handle _Out_ PCredHandle phCredential, // (out) Cred Handle
__out_opt PTimeStamp ptsExpiry // (out) Lifetime (optional) _Out_opt_ PTimeStamp ptsExpiry // (out) Lifetime (optional)
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_A)( (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_A)(
SEC_CHAR *, SEC_CHAR *,
SEC_CHAR *, SEC_CHAR *,
unsigned long, unsigned long,
void *, void *,
void *, void *,
SEC_GET_KEY_FN, SEC_GET_KEY_FN,
skipping to change at line 1053 skipping to change at line 1156
#else #else
# define AcquireCredentialsHandle AcquireCredentialsHandleA # define AcquireCredentialsHandle AcquireCredentialsHandleA
# define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_A # define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_A
#endif // !UNICODE #endif // !UNICODE
// begin_ntifs // begin_ntifs
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
FreeCredentialsHandle( FreeCredentialsHandle(
__in PCredHandle phCredential // Handle to free _In_ PCredHandle phCredential // Handle to free
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * FREE_CREDENTIALS_HANDLE_FN)( (SEC_ENTRY * FREE_CREDENTIALS_HANDLE_FN)(
PCredHandle ); PCredHandle );
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
AddCredentialsW( AddCredentialsW(
__in PCredHandle hCredentials, _In_ PCredHandle hCredentials,
#if ISSP_MODE == 0 // For Kernel mode #if ISSP_MODE == 0 // For Kernel mode
__in_opt PSECURITY_STRING pPrincipal, _In_opt_ PSECURITY_STRING pPrincipal,
__in PSECURITY_STRING pPackage, _In_ PSECURITY_STRING pPackage,
#else #else
__in_opt LPWSTR pszPrincipal, // Name of principal _In_opt_ LPWSTR pszPrincipal, // Name of principal
__in LPWSTR pszPackage, // Name of package _In_ LPWSTR pszPackage, // Name of package
#endif #endif
__in unsigned long fCredentialUse, // Flags indicating use _In_ unsigned long fCredentialUse, // Flags indicating use
__in_opt void * pAuthData, // Package specific data _In_opt_ void * pAuthData, // Package specific data
__in_opt SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func _In_opt_ SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func
__in_opt void * pvGetKeyArgument, // Value to pass to GetKey() _In_opt_ void * pvGetKeyArgument, // Value to pass to GetKey()
__out_opt PTimeStamp ptsExpiry // (out) Lifetime (optional) _Out_opt_ PTimeStamp ptsExpiry // (out) Lifetime (optional)
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * ADD_CREDENTIALS_FN_W)( (SEC_ENTRY * ADD_CREDENTIALS_FN_W)(
PCredHandle, PCredHandle,
#if ISSP_MODE == 0 #if ISSP_MODE == 0
PSECURITY_STRING, PSECURITY_STRING,
PSECURITY_STRING, PSECURITY_STRING,
#else #else
SEC_WCHAR *, SEC_WCHAR *,
SEC_WCHAR *, SEC_WCHAR *,
#endif #endif
unsigned long, unsigned long,
void *, void *,
SEC_GET_KEY_FN, SEC_GET_KEY_FN,
void *, void *,
PTimeStamp); PTimeStamp);
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
AddCredentialsA( AddCredentialsA(
__in PCredHandle hCredentials, _In_ PCredHandle hCredentials,
__in_opt LPSTR pszPrincipal, // Name of principal _In_opt_ LPSTR pszPrincipal, // Name of principal
__in LPSTR pszPackage, // Name of package _In_ LPSTR pszPackage, // Name of package
__in unsigned long fCredentialUse, // Flags indicating use _In_ unsigned long fCredentialUse, // Flags indicating use
__in_opt void * pAuthData, // Package specific data _In_opt_ void * pAuthData, // Package specific data
__in_opt SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func _In_opt_ SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func
__in_opt void * pvGetKeyArgument, // Value to pass to GetKey() _In_opt_ void * pvGetKeyArgument, // Value to pass to GetKey()
__out_opt PTimeStamp ptsExpiry // (out) Lifetime (optional) _Out_opt_ PTimeStamp ptsExpiry // (out) Lifetime (optional)
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * ADD_CREDENTIALS_FN_A)( (SEC_ENTRY * ADD_CREDENTIALS_FN_A)(
PCredHandle, PCredHandle,
SEC_CHAR *, SEC_CHAR *,
SEC_CHAR *, SEC_CHAR *,
unsigned long, unsigned long,
void *, void *,
SEC_GET_KEY_FN, SEC_GET_KEY_FN,
skipping to change at line 1135 skipping to change at line 1238
//////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////
/// ///
/// Password Change Functions /// Password Change Functions
/// ///
//////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////
#if ISSP_MODE != 0 #if ISSP_MODE != 0
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
ChangeAccountPasswordW( ChangeAccountPasswordW(
__in SEC_WCHAR * pszPackageName, _In_ SEC_WCHAR * pszPackageName,
__in SEC_WCHAR * pszDomainName, _In_ SEC_WCHAR * pszDomainName,
__in SEC_WCHAR * pszAccountName, _In_ SEC_WCHAR * pszAccountName,
__in SEC_WCHAR * pszOldPassword, _In_ SEC_WCHAR * pszOldPassword,
__in SEC_WCHAR * pszNewPassword, _In_ SEC_WCHAR * pszNewPassword,
__in BOOLEAN bImpersonating, _In_ BOOLEAN bImpersonating,
__in unsigned long dwReserved, _In_ unsigned long dwReserved,
__inout PSecBufferDesc pOutput _Inout_ PSecBufferDesc pOutput
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * CHANGE_PASSWORD_FN_W)( (SEC_ENTRY * CHANGE_PASSWORD_FN_W)(
SEC_WCHAR *, SEC_WCHAR *,
SEC_WCHAR *, SEC_WCHAR *,
SEC_WCHAR *, SEC_WCHAR *,
SEC_WCHAR *, SEC_WCHAR *,
SEC_WCHAR *, SEC_WCHAR *,
BOOLEAN, BOOLEAN,
unsigned long, unsigned long,
PSecBufferDesc PSecBufferDesc
); );
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
ChangeAccountPasswordA( ChangeAccountPasswordA(
__in SEC_CHAR * pszPackageName, _In_ SEC_CHAR * pszPackageName,
__in SEC_CHAR * pszDomainName, _In_ SEC_CHAR * pszDomainName,
__in SEC_CHAR * pszAccountName, _In_ SEC_CHAR * pszAccountName,
__in SEC_CHAR * pszOldPassword, _In_ SEC_CHAR * pszOldPassword,
__in SEC_CHAR * pszNewPassword, _In_ SEC_CHAR * pszNewPassword,
__in BOOLEAN bImpersonating, _In_ BOOLEAN bImpersonating,
__in unsigned long dwReserved, _In_ unsigned long dwReserved,
__inout PSecBufferDesc pOutput _Inout_ PSecBufferDesc pOutput
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * CHANGE_PASSWORD_FN_A)( (SEC_ENTRY * CHANGE_PASSWORD_FN_A)(
SEC_CHAR *, SEC_CHAR *,
SEC_CHAR *, SEC_CHAR *,
SEC_CHAR *, SEC_CHAR *,
SEC_CHAR *, SEC_CHAR *,
SEC_CHAR *, SEC_CHAR *,
BOOLEAN, BOOLEAN,
skipping to change at line 1200 skipping to change at line 1303
//////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////
/// ///
/// Context Management Functions /// Context Management Functions
/// ///
//////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
InitializeSecurityContextW( InitializeSecurityContextW(
__in_opt PCredHandle phCredential, // Cred to base context _In_opt_ PCredHandle phCredential, // Cred to base context
__in_opt PCtxtHandle phContext, // Existing context (OPT _In_opt_ PCtxtHandle phContext, // Existing context (OPT
) )
#if ISSP_MODE == 0 #if ISSP_MODE == 0
__in_opt PSECURITY_STRING pTargetName, _In_opt_ PSECURITY_STRING pTargetName,
#else #else
__in_opt SEC_WCHAR * pszTargetName, // Name of target _In_opt_ SEC_WCHAR * pszTargetName, // Name of target
#endif #endif
__in unsigned long fContextReq, // Context Requirements _In_ unsigned long fContextReq, // Context Requirements
__in unsigned long Reserved1, // Reserved, MBZ _In_ unsigned long Reserved1, // Reserved, MBZ
__in unsigned long TargetDataRep, // Data rep of target _In_ unsigned long TargetDataRep, // Data rep of target
__in_opt PSecBufferDesc pInput, // Input Buffers _In_opt_ PSecBufferDesc pInput, // Input Buffers
__in unsigned long Reserved2, // Reserved, MBZ _In_ unsigned long Reserved2, // Reserved, MBZ
__inout_opt PCtxtHandle phNewContext, // (out) New Context han _Inout_opt_ PCtxtHandle phNewContext, // (out) New Context han
dle dle
__inout_opt PSecBufferDesc pOutput, // (inout) Output Buffer _Inout_opt_ PSecBufferDesc pOutput, // (inout) Output Buffer
s s
__out unsigned long * pfContextAttr, // (out) Context attrs _Out_ unsigned long * pfContextAttr, // (out) Context attrs
__out_opt PTimeStamp ptsExpiry // (out) Life span (OPT) _Out_opt_ PTimeStamp ptsExpiry // (out) Life span (OPT)
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_W)( (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_W)(
PCredHandle, PCredHandle,
PCtxtHandle, PCtxtHandle,
#if ISSP_MODE == 0 #if ISSP_MODE == 0
PSECURITY_STRING, PSECURITY_STRING,
#else #else
SEC_WCHAR *, SEC_WCHAR *,
skipping to change at line 1241 skipping to change at line 1344
unsigned long, unsigned long,
PCtxtHandle, PCtxtHandle,
PSecBufferDesc, PSecBufferDesc,
unsigned long *, unsigned long *,
PTimeStamp); PTimeStamp);
// end_ntifs // end_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
InitializeSecurityContextA( InitializeSecurityContextA(
__in_opt PCredHandle phCredential, // Cred to base context _In_opt_ PCredHandle phCredential, // Cred to base context
__in_opt PCtxtHandle phContext, // Existing context (OPT _In_opt_ PCtxtHandle phContext, // Existing context (OPT
) )
__in_opt SEC_CHAR * pszTargetName, // Name of target _In_opt_ SEC_CHAR * pszTargetName, // Name of target
__in unsigned long fContextReq, // Context Requirements _In_ unsigned long fContextReq, // Context Requirements
__in unsigned long Reserved1, // Reserved, MBZ _In_ unsigned long Reserved1, // Reserved, MBZ
__in unsigned long TargetDataRep, // Data rep of target _In_ unsigned long TargetDataRep, // Data rep of target
__in_opt PSecBufferDesc pInput, // Input Buffers _In_opt_ PSecBufferDesc pInput, // Input Buffers
__in unsigned long Reserved2, // Reserved, MBZ _In_ unsigned long Reserved2, // Reserved, MBZ
__inout_opt PCtxtHandle phNewContext, // (out) New Context han _Inout_opt_ PCtxtHandle phNewContext, // (out) New Context han
dle dle
__inout_opt PSecBufferDesc pOutput, // (inout) Output Buffer _Inout_opt_ PSecBufferDesc pOutput, // (inout) Output Buffer
s s
__out unsigned long * pfContextAttr, // (out) Context attrs _Out_ unsigned long * pfContextAttr, // (out) Context attrs
__out_opt PTimeStamp ptsExpiry // (out) Life span (OPT) _Out_opt_ PTimeStamp ptsExpiry // (out) Life span (OPT)
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_A)( (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_A)(
PCredHandle, PCredHandle,
PCtxtHandle, PCtxtHandle,
SEC_CHAR *, SEC_CHAR *,
unsigned long, unsigned long,
unsigned long, unsigned long,
unsigned long, unsigned long,
skipping to change at line 1283 skipping to change at line 1386
#else #else
# define InitializeSecurityContext InitializeSecurityContextA # define InitializeSecurityContext InitializeSecurityContextA
# define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_A # define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_A
#endif // !UNICODE #endif // !UNICODE
// begin_ntifs // begin_ntifs
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
AcceptSecurityContext( AcceptSecurityContext(
__in_opt PCredHandle phCredential, // Cred to base context _In_opt_ PCredHandle phCredential, // Cred to base context
__in_opt PCtxtHandle phContext, // Existing context (OPT) _In_opt_ PCtxtHandle phContext, // Existing context (OPT
__in_opt PSecBufferDesc pInput, // Input buffer )
__in unsigned long fContextReq, // Context Requirements _In_opt_ PSecBufferDesc pInput, // Input buffer
__in unsigned long TargetDataRep, // Target Data Rep _In_ unsigned long fContextReq, // Context Requirements
__in_opt PCtxtHandle phNewContext, // (out) New context handl _In_ unsigned long TargetDataRep, // Target Data Rep
e _Inout_opt_ PCtxtHandle phNewContext, // (out) New context han
__in_opt PSecBufferDesc pOutput, // (inout) Output buffers dle
__out unsigned long * pfContextAttr, // (out) Context attributes _Inout_opt_ PSecBufferDesc pOutput, // (inout) Output buffer
__out_opt PTimeStamp ptsExpiry // (out) Life span (OPT) s
_Out_ unsigned long * pfContextAttr, // (out) Context attributes
_Out_opt_ PTimeStamp ptsExpiry // (out) Life span (OPT)
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * ACCEPT_SECURITY_CONTEXT_FN)( (SEC_ENTRY * ACCEPT_SECURITY_CONTEXT_FN)(
PCredHandle, PCredHandle,
PCtxtHandle, PCtxtHandle,
PSecBufferDesc, PSecBufferDesc,
unsigned long, unsigned long,
unsigned long, unsigned long,
PCtxtHandle, PCtxtHandle,
PSecBufferDesc, PSecBufferDesc,
unsigned long *, unsigned long *,
PTimeStamp); PTimeStamp);
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
CompleteAuthToken( CompleteAuthToken(
__in PCtxtHandle phContext, // Context to complete _In_ PCtxtHandle phContext, // Context to complete
__in PSecBufferDesc pToken // Token to complete _In_ PSecBufferDesc pToken // Token to complete
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * COMPLETE_AUTH_TOKEN_FN)( (SEC_ENTRY * COMPLETE_AUTH_TOKEN_FN)(
PCtxtHandle, PCtxtHandle,
PSecBufferDesc); PSecBufferDesc);
KSECDDDECLSPEC KSECDDDECLSPEC
_Check_return_
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
ImpersonateSecurityContext( ImpersonateSecurityContext(
__in PCtxtHandle phContext // Context to impersonate _In_ PCtxtHandle phContext // Context to impersonate
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * IMPERSONATE_SECURITY_CONTEXT_FN)( (SEC_ENTRY * IMPERSONATE_SECURITY_CONTEXT_FN)(
PCtxtHandle); PCtxtHandle);
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
RevertSecurityContext( RevertSecurityContext(
__in PCtxtHandle phContext // Context from which to re _In_ PCtxtHandle phContext // Context from which to re
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * REVERT_SECURITY_CONTEXT_FN)( (SEC_ENTRY * REVERT_SECURITY_CONTEXT_FN)(
PCtxtHandle); PCtxtHandle);
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
QuerySecurityContextToken( QuerySecurityContextToken(
__in PCtxtHandle phContext, _In_ PCtxtHandle phContext,
__out void * * Token _Out_ void * * Token
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_SECURITY_CONTEXT_TOKEN_FN)( (SEC_ENTRY * QUERY_SECURITY_CONTEXT_TOKEN_FN)(
PCtxtHandle, void * *); PCtxtHandle, void * *);
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
DeleteSecurityContext( DeleteSecurityContext(
__in PCtxtHandle phContext // Context to delete _In_ PCtxtHandle phContext // Context to delete
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * DELETE_SECURITY_CONTEXT_FN)( (SEC_ENTRY * DELETE_SECURITY_CONTEXT_FN)(
PCtxtHandle); PCtxtHandle);
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
ApplyControlToken( ApplyControlToken(
__in PCtxtHandle phContext, // Context to modify _In_ PCtxtHandle phContext, // Context to modify
__in PSecBufferDesc pInput // Input token to apply _In_ PSecBufferDesc pInput // Input token to apply
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * APPLY_CONTROL_TOKEN_FN)( (SEC_ENTRY * APPLY_CONTROL_TOKEN_FN)(
PCtxtHandle, PSecBufferDesc); PCtxtHandle, PSecBufferDesc);
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
QueryContextAttributesW( QueryContextAttributesW(
__in PCtxtHandle phContext, // Context to query _In_ PCtxtHandle phContext, // Context to query
__in unsigned long ulAttribute, // Attribute to query _In_ unsigned long ulAttribute, // Attribute to query
__out void * pBuffer // Buffer for attributes _Out_ void * pBuffer // Buffer for attributes
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)( (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)(
PCtxtHandle, PCtxtHandle,
unsigned long, unsigned long,
void *); void *);
// end_ntifs // end_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
QueryContextAttributesA( QueryContextAttributesA(
__in PCtxtHandle phContext, // Context to query _In_ PCtxtHandle phContext, // Context to query
__in unsigned long ulAttribute, // Attribute to query _In_ unsigned long ulAttribute, // Attribute to query
__out void * pBuffer // Buffer for attributes _Out_ void * pBuffer // Buffer for attributes
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_A)( (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_A)(
PCtxtHandle, PCtxtHandle,
unsigned long, unsigned long,
void *); void *);
#ifdef UNICODE #ifdef UNICODE
# define QueryContextAttributes QueryContextAttributesW // ntifs # define QueryContextAttributes QueryContextAttributesW // ntifs
skipping to change at line 1412 skipping to change at line 1516
# define QueryContextAttributes QueryContextAttributesA # define QueryContextAttributes QueryContextAttributesA
# define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_A # define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_A
#endif // !UNICODE #endif // !UNICODE
// begin_ntifs // begin_ntifs
#if (OSVER(NTDDI_VERSION) > NTDDI_WIN2K) #if (OSVER(NTDDI_VERSION) > NTDDI_WIN2K)
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
SetContextAttributesW( SetContextAttributesW(
__in PCtxtHandle phContext, // Context to Set _In_ PCtxtHandle phContext, // Context to Set
__in unsigned long ulAttribute, // Attribute to Set _In_ unsigned long ulAttribute, // Attribute to Set
__in_bcount(cbBuffer) void * pBuffer, // Buffer for attributes _In_reads_bytes_(cbBuffer) void * pBuffer, // Buffer for attributes
__in unsigned long cbBuffer // Size (in bytes) of Buffer _In_ unsigned long cbBuffer // Size (in bytes) of Buffer
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_W)( (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_W)(
PCtxtHandle, PCtxtHandle,
unsigned long, unsigned long,
void *, void *,
unsigned long ); unsigned long );
#endif // Greater than w2k #endif // Greater than w2k
// end_ntifs // end_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
SetContextAttributesA( SetContextAttributesA(
__in PCtxtHandle phContext, // Context to Set _In_ PCtxtHandle phContext, // Context to Set
__in unsigned long ulAttribute, // Attribute to Set _In_ unsigned long ulAttribute, // Attribute to Set
__in_bcount(cbBuffer) void * pBuffer, // Buffer for attributes _In_reads_bytes_(cbBuffer) void * pBuffer, // Buffer for attributes
__in unsigned long cbBuffer // Size (in bytes) of Buffer _In_ unsigned long cbBuffer // Size (in bytes) of Buffer
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_A)( (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_A)(
PCtxtHandle, PCtxtHandle,
unsigned long, unsigned long,
void *, void *,
unsigned long ); unsigned long );
#ifdef UNICODE #ifdef UNICODE
skipping to change at line 1457 skipping to change at line 1561
#else #else
# define SetContextAttributes SetContextAttributesA # define SetContextAttributes SetContextAttributesA
# define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_A # define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_A
#endif // !UNICODE #endif // !UNICODE
// begin_ntifs // begin_ntifs
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
QueryCredentialsAttributesW( QueryCredentialsAttributesW(
__in PCredHandle phCredential, // Credential to query _In_ PCredHandle phCredential, // Credential to query
__in unsigned long ulAttribute, // Attribute to query _In_ unsigned long ulAttribute, // Attribute to query
__inout void * pBuffer // Buffer for attributes _Inout_ void * pBuffer // Buffer for attributes
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)( (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(
PCredHandle, PCredHandle,
unsigned long, unsigned long,
void *); void *);
// end_ntifs // end_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
QueryCredentialsAttributesA( QueryCredentialsAttributesA(
__in PCredHandle phCredential, // Credential to query _In_ PCredHandle phCredential, // Credential to query
__in unsigned long ulAttribute, // Attribute to query _In_ unsigned long ulAttribute, // Attribute to query
__inout void * pBuffer // Buffer for attributes _Inout_ void * pBuffer // Buffer for attributes
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_A)( (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(
PCredHandle, PCredHandle,
unsigned long, unsigned long,
void *); void *);
#ifdef UNICODE #ifdef UNICODE
# define QueryCredentialsAttributes QueryCredentialsAttributesW // n tifs # define QueryCredentialsAttributes QueryCredentialsAttributesW // n tifs
skipping to change at line 1498 skipping to change at line 1602
# define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_A # define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_A
#endif // !UNICODE #endif // !UNICODE
// begin_ntifs // begin_ntifs
#if NTDDI_VERSION > NTDDI_WS03 #if NTDDI_VERSION > NTDDI_WS03
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
SetCredentialsAttributesW( SetCredentialsAttributesW(
__in PCredHandle phCredential, // Credential to Set _In_ PCredHandle phCredential, // Credential to Set
__in unsigned long ulAttribute, // Attribute to Set _In_ unsigned long ulAttribute, // Attribute to Set
__in_bcount(cbBuffer) void * pBuffer, // Buffer for attributes _In_reads_bytes_(cbBuffer) void * pBuffer, // Buffer for attributes
__in unsigned long cbBuffer // Size (in bytes) of Buffer _In_ unsigned long cbBuffer // Size (in bytes) of Buffer
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * SET_CREDENTIALS_ATTRIBUTES_FN_W)( (SEC_ENTRY * SET_CREDENTIALS_ATTRIBUTES_FN_W)(
PCredHandle, PCredHandle,
unsigned long, unsigned long,
void *, void *,
unsigned long ); unsigned long );
#endif // For W2k3SP1 and greater #endif // For W2k3SP1 and greater
// end_ntifs // end_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
SetCredentialsAttributesA( SetCredentialsAttributesA(
__in PCredHandle phCredential, // Credential to Set _In_ PCredHandle phCredential, // Credential to Set
__in unsigned long ulAttribute, // Attribute to Set _In_ unsigned long ulAttribute, // Attribute to Set
__in_bcount(cbBuffer) void * pBuffer, // Buffer for attributes _In_reads_bytes_(cbBuffer) void * pBuffer, // Buffer for attributes
__in unsigned long cbBuffer // Size (in bytes) of Buffer _In_ unsigned long cbBuffer // Size (in bytes) of Buffer
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * SET_CREDENTIALS_ATTRIBUTES_FN_A)( (SEC_ENTRY * SET_CREDENTIALS_ATTRIBUTES_FN_A)(
PCredHandle, PCredHandle,
unsigned long, unsigned long,
void *, void *,
unsigned long ); unsigned long );
#ifdef UNICODE #ifdef UNICODE
skipping to change at line 1542 skipping to change at line 1646
# define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W // ntifs # define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W // ntifs
#else #else
# define SetCredentialsAttributes SetCredentialsAttributesA # define SetCredentialsAttributes SetCredentialsAttributesA
# define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_A # define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_A
#endif // !UNICODE #endif // !UNICODE
// begin_ntifs // begin_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
FreeContextBuffer( FreeContextBuffer(
__inout PVOID pvContextBuffer // buffer to free _Inout_ PVOID pvContextBuffer // buffer to free
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * FREE_CONTEXT_BUFFER_FN)( (SEC_ENTRY * FREE_CONTEXT_BUFFER_FN)(
__inout PVOID _Inout_ PVOID
); );
// end_ntifs // end_ntifs
// begin_ntifs // begin_ntifs
/////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////
//// ////
//// Message Support API //// Message Support API
//// ////
////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
MakeSignature( MakeSignature(
__in PCtxtHandle phContext, // Context to use _In_ PCtxtHandle phContext, // Context to use
__in unsigned long fQOP, // Quality of Protection _In_ unsigned long fQOP, // Quality of Protection
__in PSecBufferDesc pMessage, // Message to sign _In_ PSecBufferDesc pMessage, // Message to sign
__in unsigned long MessageSeqNo // Message Sequence Num. _In_ unsigned long MessageSeqNo // Message Sequence Num.
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * MAKE_SIGNATURE_FN)( (SEC_ENTRY * MAKE_SIGNATURE_FN)(
PCtxtHandle, PCtxtHandle,
unsigned long, unsigned long,
PSecBufferDesc, PSecBufferDesc,
unsigned long); unsigned long);
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
VerifySignature( VerifySignature(
__in PCtxtHandle phContext, // Context to use _In_ PCtxtHandle phContext, // Context to use
__in PSecBufferDesc pMessage, // Message to verify _In_ PSecBufferDesc pMessage, // Message to verify
__in unsigned long MessageSeqNo, // Sequence Num. _In_ unsigned long MessageSeqNo, // Sequence Num.
__out unsigned long * pfQOP // QOP used _Out_ unsigned long * pfQOP // QOP used
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * VERIFY_SIGNATURE_FN)( (SEC_ENTRY * VERIFY_SIGNATURE_FN)(
PCtxtHandle, PCtxtHandle,
PSecBufferDesc, PSecBufferDesc,
unsigned long, unsigned long,
unsigned long *); unsigned long *);
// This only exists win Win2k3 and Greater // This only exists win Win2k3 and Greater
#define SECQOP_WRAP_NO_ENCRYPT 0x80000001 #define SECQOP_WRAP_NO_ENCRYPT 0x80000001
#define SECQOP_WRAP_OOB_DATA 0x40000000 #define SECQOP_WRAP_OOB_DATA 0x40000000
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
EncryptMessage( __in PCtxtHandle phContext, EncryptMessage( _In_ PCtxtHandle phContext,
__in unsigned long fQOP, _In_ unsigned long fQOP,
__inout PSecBufferDesc pMessage, _In_ PSecBufferDesc pMessage,
__in unsigned long MessageSeqNo); _In_ unsigned long MessageSeqNo);
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * ENCRYPT_MESSAGE_FN)( (SEC_ENTRY * ENCRYPT_MESSAGE_FN)(
PCtxtHandle, unsigned long, PSecBufferDesc, unsigned long); PCtxtHandle, unsigned long, PSecBufferDesc, unsigned long);
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
DecryptMessage( __in PCtxtHandle phContext, DecryptMessage( _In_ PCtxtHandle phContext,
__inout PSecBufferDesc pMessage, _In_ PSecBufferDesc pMessage,
__in unsigned long MessageSeqNo, _In_ unsigned long MessageSeqNo,
__out_opt unsigned long * pfQOP); _Out_opt_ unsigned long * pfQOP);
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * DECRYPT_MESSAGE_FN)( (SEC_ENTRY * DECRYPT_MESSAGE_FN)(
PCtxtHandle, PSecBufferDesc, unsigned long, PCtxtHandle, PSecBufferDesc, unsigned long,
unsigned long *); unsigned long *);
// end_ntifs // end_ntifs
// begin_ntifs // begin_ntifs
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
//// ////
//// Misc. //// Misc.
//// ////
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
EnumerateSecurityPackagesW( EnumerateSecurityPackagesW(
__out unsigned long * pcPackages, // Receives num. packages _Out_ unsigned long * pcPackages, // Receives num. packages
__deref_out PSecPkgInfoW * ppPackageInfo // Receives array of info _Outptr_ PSecPkgInfoW * ppPackageInfo // Receives array of info
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_W)( (SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_W)(
unsigned long *, unsigned long *,
PSecPkgInfoW *); PSecPkgInfoW *);
// end_ntifs // end_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
EnumerateSecurityPackagesA( EnumerateSecurityPackagesA(
__out unsigned long * pcPackages, // Receives num. packages _Out_ unsigned long * pcPackages, // Receives num. packages
__deref_out PSecPkgInfoA * ppPackageInfo // Receives array of info _Outptr_ PSecPkgInfoA * ppPackageInfo // Receives array of info
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_A)( (SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_A)(
unsigned long *, unsigned long *,
PSecPkgInfoA *); PSecPkgInfoA *);
#ifdef UNICODE #ifdef UNICODE
# define EnumerateSecurityPackages EnumerateSecurityPackagesW // n tifs # define EnumerateSecurityPackages EnumerateSecurityPackagesW // n tifs
# define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W // n tifs # define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W // n tifs
skipping to change at line 1664 skipping to change at line 1768
# define EnumerateSecurityPackages EnumerateSecurityPackagesA # define EnumerateSecurityPackages EnumerateSecurityPackagesA
# define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_A # define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_A
#endif // !UNICODE #endif // !UNICODE
// begin_ntifs // begin_ntifs
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
QuerySecurityPackageInfoW( QuerySecurityPackageInfoW(
#if ISSP_MODE == 0 #if ISSP_MODE == 0
__in PSECURITY_STRING pPackageName, _In_ PSECURITY_STRING pPackageName,
#else #else
__in LPWSTR pszPackageName, // Name of package _In_ LPWSTR pszPackageName, // Name of package
#endif #endif
__deref_out PSecPkgInfoW *ppPackageInfo // Receives package info _Outptr_ PSecPkgInfoW *ppPackageInfo // Receives package info
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_W)( (SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_W)(
#if ISSP_MODE == 0 #if ISSP_MODE == 0
PSECURITY_STRING, PSECURITY_STRING,
#else #else
SEC_WCHAR *, SEC_WCHAR *,
#endif #endif
PSecPkgInfoW *); PSecPkgInfoW *);
// end_ntifs // end_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
QuerySecurityPackageInfoA( QuerySecurityPackageInfoA(
__in LPSTR pszPackageName, // Name of package _In_ LPSTR pszPackageName, // Name of package
__deref_out PSecPkgInfoA *ppPackageInfo // Receives package info _Outptr_ PSecPkgInfoA *ppPackageInfo // Receives package info
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_A)( (SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_A)(
SEC_CHAR *, SEC_CHAR *,
PSecPkgInfoA *); PSecPkgInfoA *);
#ifdef UNICODE #ifdef UNICODE
# define QuerySecurityPackageInfo QuerySecurityPackageInfoW // n tifs # define QuerySecurityPackageInfo QuerySecurityPackageInfoW // n tifs
# define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W // n tifs # define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W // n tifs
skipping to change at line 1715 skipping to change at line 1819
SecDirectory, SecDirectory,
SecObject SecObject
} SecDelegationType, * PSecDelegationType; } SecDelegationType, * PSecDelegationType;
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
DelegateSecurityContext( DelegateSecurityContext(
PCtxtHandle phContext, // IN Active context to delegate PCtxtHandle phContext, // IN Active context to delegate
#if ISSP_MODE == 0 #if ISSP_MODE == 0
PSECURITY_STRING pTarget, // IN Target path PSECURITY_STRING pTarget, // IN Target path
#else #else
__in LPSTR pszTarget, _In_ LPSTR pszTarget,
#endif #endif
SecDelegationType DelegationType, // IN Type of delegation SecDelegationType DelegationType, // IN Type of delegation
PTimeStamp pExpiry, // IN OPTIONAL time limit PTimeStamp pExpiry, // IN OPTIONAL time limit
PSecBuffer pPackageParameters, // IN OPTIONAL package specific PSecBuffer pPackageParameters, // IN OPTIONAL package specific
PSecBufferDesc pOutput); // OUT Token for applycontroltoken. PSecBufferDesc pOutput); // OUT Token for applycontroltoken.
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
//// ////
//// Proxies //// Proxies
//// ////
skipping to change at line 1743 skipping to change at line 1847
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
//// ////
//// Context export/import //// Context export/import
//// ////
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
ExportSecurityContext( ExportSecurityContext(
__in PCtxtHandle phContext, // (in) context to export _In_ PCtxtHandle phContext, // (in) context to export
__in ULONG fFlags, // (in) option flags _In_ ULONG fFlags, // (in) option flags
__out PSecBuffer pPackedContext, // (out) marshalled contex _Out_ PSecBuffer pPackedContext, // (out) marshalled contex
t t
__out void * * pToken // (out, optional) token handle for impers _Out_ void * * pToken // (out, optional) token handle for impers
onation onation
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * EXPORT_SECURITY_CONTEXT_FN)( (SEC_ENTRY * EXPORT_SECURITY_CONTEXT_FN)(
PCtxtHandle, PCtxtHandle,
ULONG, ULONG,
PSecBuffer, PSecBuffer,
void * * void * *
); );
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
ImportSecurityContextW( ImportSecurityContextW(
#if ISSP_MODE == 0 #if ISSP_MODE == 0
__in PSECURITY_STRING pszPackage, _In_ PSECURITY_STRING pszPackage,
#else #else
__in LPWSTR pszPackage, _In_ LPWSTR pszPackage,
#endif #endif
__in PSecBuffer pPackedContext, // (in) marshalled context _In_ PSecBuffer pPackedContext, // (in) marshalled context
__in void * Token, // (in, optional) handle t _In_ void * Token, // (in, optional) handle t
o token for context o token for context
__out PCtxtHandle phContext // (out) new context handl _Out_ PCtxtHandle phContext // (out) new context handl
e e
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_W)( (SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_W)(
#if ISSP_MODE == 0 #if ISSP_MODE == 0
PSECURITY_STRING, PSECURITY_STRING,
#else #else
SEC_WCHAR *, SEC_WCHAR *,
#endif #endif
PSecBuffer, PSecBuffer,
VOID *, VOID *,
PCtxtHandle PCtxtHandle
); );
// end_ntifs // end_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
ImportSecurityContextA( ImportSecurityContextA(
__in LPSTR pszPackage, _In_ LPSTR pszPackage,
__in PSecBuffer pPackedContext, // (in) marshalled context _In_ PSecBuffer pPackedContext, // (in) marshalled context
__in VOID * Token, // (in, optional) handle t _In_ VOID * Token, // (in, optional) handle t
o token for context o token for context
__out PCtxtHandle phContext // (out) new context handl _Out_ PCtxtHandle phContext // (out) new context handl
e e
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_A)( (SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_A)(
SEC_CHAR *, SEC_CHAR *,
PSecBuffer, PSecBuffer,
void *, void *,
PCtxtHandle PCtxtHandle
); );
skipping to change at line 1865 skipping to change at line 1969
IN BOOLEAN Allocate, IN BOOLEAN Allocate,
IN BOOLEAN IsTargetInfoMarshaled IN BOOLEAN IsTargetInfoMarshaled
); );
#endif // Windows Vista and greater #endif // Windows Vista and greater
KSECDDDECLSPEC KSECDDDECLSPEC
NTSTATUS NTSTATUS
SEC_ENTRY SEC_ENTRY
SecLookupAccountSid( SecLookupAccountSid(
__in PSID Sid, _In_ PSID Sid,
__out PULONG NameSize, _Out_ PULONG NameSize,
__inout PUNICODE_STRING NameBuffer, _Inout_ PUNICODE_STRING NameBuffer,
__out PULONG DomainSize OPTIONAL, _Out_ PULONG DomainSize OPTIONAL,
__out_opt PUNICODE_STRING DomainBuffer OPTIONAL, _Out_opt_ PUNICODE_STRING DomainBuffer OPTIONAL,
__out PSID_NAME_USE NameUse _Out_ PSID_NAME_USE NameUse
); );
KSECDDDECLSPEC KSECDDDECLSPEC
NTSTATUS NTSTATUS
SEC_ENTRY SEC_ENTRY
SecLookupAccountName( SecLookupAccountName(
__in PUNICODE_STRING Name, _In_ PUNICODE_STRING Name,
__inout PULONG SidSize, _Inout_ PULONG SidSize,
__out PSID Sid, _Out_ PSID Sid,
__out PSID_NAME_USE NameUse, _Out_ PSID_NAME_USE NameUse,
__out PULONG DomainSize OPTIONAL, _Out_ PULONG DomainSize OPTIONAL,
__inout_opt PUNICODE_STRING ReferencedDomain OPTIONAL _Inout_opt_ PUNICODE_STRING ReferencedDomain OPTIONAL
); );
#endif // Greater than W2k #endif // Greater than W2k
#if OSVER(NTDDI_VERSION) > NTDDI_WINXP #if OSVER(NTDDI_VERSION) > NTDDI_WINXP
KSECDDDECLSPEC KSECDDDECLSPEC
NTSTATUS NTSTATUS
SEC_ENTRY SEC_ENTRY
SecLookupWellKnownSid( SecLookupWellKnownSid(
__in WELL_KNOWN_SID_TYPE SidType, _In_ WELL_KNOWN_SID_TYPE SidType,
__out PSID Sid, _Out_ PSID Sid,
__in ULONG SidBufferSize, _In_ ULONG SidBufferSize,
__inout_opt PULONG SidSize OPTIONAL _Inout_opt_ PULONG SidSize OPTIONAL
); );
#endif // Greater than XP #endif // Greater than XP
#endif #endif
// end_ntifs // end_ntifs
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
//// ////
skipping to change at line 2077 skipping to change at line 2181
#ifdef SECURITY_WIN32 #ifdef SECURITY_WIN32
// //
// SASL Profile Support // SASL Profile Support
// //
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SaslEnumerateProfilesA( SaslEnumerateProfilesA(
__deref_out LPSTR * ProfileList, _Outptr_ LPSTR * ProfileList,
__out ULONG * ProfileCount _Out_ ULONG * ProfileCount
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SaslEnumerateProfilesW( SaslEnumerateProfilesW(
__deref_out LPWSTR * ProfileList, _Outptr_ LPWSTR * ProfileList,
__out ULONG * ProfileCount _Out_ ULONG * ProfileCount
); );
#ifdef UNICODE #ifdef UNICODE
#define SaslEnumerateProfiles SaslEnumerateProfilesW #define SaslEnumerateProfiles SaslEnumerateProfilesW
#else #else
#define SaslEnumerateProfiles SaslEnumerateProfilesA #define SaslEnumerateProfiles SaslEnumerateProfilesA
#endif #endif
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SaslGetProfilePackageA( SaslGetProfilePackageA(
__in LPSTR ProfileName, _In_ LPSTR ProfileName,
__deref_out PSecPkgInfoA * PackageInfo _Outptr_ PSecPkgInfoA * PackageInfo
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SaslGetProfilePackageW( SaslGetProfilePackageW(
__in LPWSTR ProfileName, _In_ LPWSTR ProfileName,
__deref_out PSecPkgInfoW * PackageInfo _Outptr_ PSecPkgInfoW * PackageInfo
); );
#ifdef UNICODE #ifdef UNICODE
#define SaslGetProfilePackage SaslGetProfilePackageW #define SaslGetProfilePackage SaslGetProfilePackageW
#else #else
#define SaslGetProfilePackage SaslGetProfilePackageA #define SaslGetProfilePackage SaslGetProfilePackageA
#endif #endif
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SaslIdentifyPackageA( SaslIdentifyPackageA(
__in PSecBufferDesc pInput, _In_ PSecBufferDesc pInput,
__deref_out PSecPkgInfoA * PackageInfo _Outptr_ PSecPkgInfoA * PackageInfo
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SaslIdentifyPackageW( SaslIdentifyPackageW(
__in PSecBufferDesc pInput, _In_ PSecBufferDesc pInput,
__deref_out PSecPkgInfoW * PackageInfo _Outptr_ PSecPkgInfoW * PackageInfo
); );
#ifdef UNICODE #ifdef UNICODE
#define SaslIdentifyPackage SaslIdentifyPackageW #define SaslIdentifyPackage SaslIdentifyPackageW
#else #else
#define SaslIdentifyPackage SaslIdentifyPackageA #define SaslIdentifyPackage SaslIdentifyPackageA
#endif #endif
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SaslInitializeSecurityContextW( SaslInitializeSecurityContextW(
__in_opt PCredHandle phCredential, // Cred to base _In_opt_ PCredHandle phCredential, // Cred to base
context context
__in_opt PCtxtHandle phContext, // Existing cont _In_opt_ PCtxtHandle phContext, // Existing cont
ext (OPT) ext (OPT)
__in_opt LPWSTR pszTargetName, // Name of targe _In_opt_ LPWSTR pszTargetName, // Name of targe
t t
__in unsigned long fContextReq, // Context Requi _In_ unsigned long fContextReq, // Context Requi
rements rements
__in unsigned long Reserved1, // Reserved, MBZ _In_ unsigned long Reserved1, // Reserved, MBZ
__in unsigned long TargetDataRep, // Data rep of t _In_ unsigned long TargetDataRep, // Data rep of t
arget arget
__in_opt PSecBufferDesc pInput, // Input Buffers _In_opt_ PSecBufferDesc pInput, // Input Buffers
__in unsigned long Reserved2, // Reserved, MBZ _In_ unsigned long Reserved2, // Reserved, MBZ
__inout_opt PCtxtHandle phNewContext, // (out) New Con _Inout_opt_ PCtxtHandle phNewContext, // (out) New Con
text handle text handle
__inout_opt PSecBufferDesc pOutput, // (inout) Outpu _Inout_opt_ PSecBufferDesc pOutput, // (inout) Outpu
t Buffers t Buffers
__out unsigned long * pfContextAttr, // (out) Context attrs _Out_ unsigned long * pfContextAttr, // (out) Context attrs
__out_opt PTimeStamp ptsExpiry // (out) Life sp _Out_opt_ PTimeStamp ptsExpiry // (out) Life sp
an (OPT) an (OPT)
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SaslInitializeSecurityContextA( SaslInitializeSecurityContextA(
__in_opt PCredHandle phCredential, // Cred to base _In_opt_ PCredHandle phCredential, // Cred to base
context context
__in_opt PCtxtHandle phContext, // Existing cont _In_opt_ PCtxtHandle phContext, // Existing cont
ext (OPT) ext (OPT)
__in_opt LPSTR pszTargetName, // Name of targe _In_opt_ LPSTR pszTargetName, // Name of targe
t t
__in unsigned long fContextReq, // Context Requi _In_ unsigned long fContextReq, // Context Requi
rements rements
__in unsigned long Reserved1, // Reserved, MBZ _In_ unsigned long Reserved1, // Reserved, MBZ
__in unsigned long TargetDataRep, // Data rep of t _In_ unsigned long TargetDataRep, // Data rep of t
arget arget
__in_opt PSecBufferDesc pInput, // Input Buffers _In_opt_ PSecBufferDesc pInput, // Input Buffers
__in unsigned long Reserved2, // Reserved, MBZ _In_ unsigned long Reserved2, // Reserved, MBZ
__inout_opt PCtxtHandle phNewContext, // (out) New Con _Inout_opt_ PCtxtHandle phNewContext, // (out) New Con
text handle text handle
__inout_opt PSecBufferDesc pOutput, // (inout) Outpu _Inout_opt_ PSecBufferDesc pOutput, // (inout) Outpu
t Buffers t Buffers
__out unsigned long * pfContextAttr, // (out) Context attrs _Out_ unsigned long * pfContextAttr, // (out) Context attrs
__out_opt PTimeStamp ptsExpiry // (out) Life sp _Out_opt_ PTimeStamp ptsExpiry // (out) Life sp
an (OPT) an (OPT)
); );
#ifdef UNICODE #ifdef UNICODE
#define SaslInitializeSecurityContext SaslInitializeSecurityContextW #define SaslInitializeSecurityContext SaslInitializeSecurityContextW
#else #else
#define SaslInitializeSecurityContext SaslInitializeSecurityContextA #define SaslInitializeSecurityContext SaslInitializeSecurityContextA
#endif #endif
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SaslAcceptSecurityContext( SaslAcceptSecurityContext(
__in_opt PCredHandle phCredential, // Cred to base _In_opt_ PCredHandle phCredential, // Cred to base
context context
__in_opt PCtxtHandle phContext, // Existing cont _In_opt_ PCtxtHandle phContext, // Existing cont
ext (OPT) ext (OPT)
__in_opt PSecBufferDesc pInput, // Input buffer _In_opt_ PSecBufferDesc pInput, // Input buffer
__in unsigned long fContextReq, // Context Requi _In_ unsigned long fContextReq, // Context Requi
rements rements
__in unsigned long TargetDataRep, // Target Data R _In_ unsigned long TargetDataRep, // Target Data R
ep ep
__inout_opt PCtxtHandle phNewContext, // (out) New con _Inout_opt_ PCtxtHandle phNewContext, // (out) New con
text handle text handle
__inout_opt PSecBufferDesc pOutput, // (inout) Outpu _Inout_opt_ PSecBufferDesc pOutput, // (inout) Outpu
t buffers t buffers
__out unsigned long * pfContextAttr, // (out) Context attribu _Out_ unsigned long * pfContextAttr, // (out) Context attribu
tes tes
__out_opt PTimeStamp ptsExpiry // (out) Life sp _Out_opt_ PTimeStamp ptsExpiry // (out) Life sp
an (OPT) an (OPT)
); );
#define SASL_OPTION_SEND_SIZE 1 // Maximum size to send to peer #define SASL_OPTION_SEND_SIZE 1 // Maximum size to send to peer
#define SASL_OPTION_RECV_SIZE 2 // Maximum size willing to receive #define SASL_OPTION_RECV_SIZE 2 // Maximum size willing to receive
#define SASL_OPTION_AUTHZ_STRING 3 // Authorization string #define SASL_OPTION_AUTHZ_STRING 3 // Authorization string
#define SASL_OPTION_AUTHZ_PROCESSING 4 // Authorization string processi ng #define SASL_OPTION_AUTHZ_PROCESSING 4 // Authorization string processi ng
typedef enum _SASL_AUTHZID_STATE { typedef enum _SASL_AUTHZID_STATE {
Sasl_AuthZIDForbidden, // allow no AuthZID strings to be specifi ed - error out (default) Sasl_AuthZIDForbidden, // allow no AuthZID strings to be specifi ed - error out (default)
Sasl_AuthZIDProcessed // AuthZID Strings processed by Applicatio n or SSP Sasl_AuthZIDProcessed // AuthZID Strings processed by Applicatio n or SSP
} SASL_AUTHZID_STATE ; } SASL_AUTHZID_STATE ;
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SaslSetContextOption( SaslSetContextOption(
__in PCtxtHandle ContextHandle, _In_ PCtxtHandle ContextHandle,
__in ULONG Option, _In_ ULONG Option,
__in PVOID Value, _In_ PVOID Value,
__in ULONG Size _In_ ULONG Size
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SaslGetContextOption( SaslGetContextOption(
__in PCtxtHandle ContextHandle, _In_ PCtxtHandle ContextHandle,
__in ULONG Option, _In_ ULONG Option,
__out PVOID Value, _Out_ PVOID Value,
__in ULONG Size, _In_ ULONG Size,
__out_opt PULONG Needed OPTIONAL _Out_opt_ PULONG Needed OPTIONAL
); );
#endif #endif
#ifdef SECURITY_DOS #ifdef SECURITY_DOS
#if _MSC_VER >= 1200 #if _MSC_VER >= 1200
#pragma warning(pop) #pragma warning(pop)
#else #else
#pragma warning(default:4147) #pragma warning(default:4147)
#endif #endif
skipping to change at line 2386 skipping to change at line 2490
SEC_WINNT_AUTH_IDENTITY_A AuthId_a; SEC_WINNT_AUTH_IDENTITY_A AuthId_a;
SEC_WINNT_AUTH_IDENTITY_W AuthId_w; SEC_WINNT_AUTH_IDENTITY_W AuthId_w;
SEC_WINNT_AUTH_IDENTITY_EX2 AuthIdEx2; SEC_WINNT_AUTH_IDENTITY_EX2 AuthIdEx2;
} SEC_WINNT_AUTH_IDENTITY_INFO, *PSEC_WINNT_AUTH_IDENTITY_INFO; } SEC_WINNT_AUTH_IDENTITY_INFO, *PSEC_WINNT_AUTH_IDENTITY_INFO;
// the credential structure is encrypted via // the credential structure is encrypted via
// RtlEncryptMemory(OptionFlags = 0) // RtlEncryptMemory(OptionFlags = 0)
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_PROCESS_ENCRYPTED 0x10 #define SEC_WINNT_AUTH_IDENTITY_FLAGS_PROCESS_ENCRYPTED 0x10
// the credential structure is protected by local system via // the credential structure is protected by local system via
// RtlEncryptMemory(OptionFlags = // RtlEncryptMemory(OptionFlags=IOCTL_KSEC_ENCRYPT_MEMORY_SAME_LOGON)
// IOCTL_KSEC_ENCRYPT_MEMORY_SAME_LOGON)
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SYSTEM_PROTECTED 0x20 #define SEC_WINNT_AUTH_IDENTITY_FLAGS_SYSTEM_PROTECTED 0x20
// the credential structure is encrypted by a non-system context
// RtlEncryptMemory(OptionFlags=IOCTL_KSEC_ENCRYPT_MEMORY_SAME_LOGON)
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_USER_PROTECTED 0x40
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_RESERVED 0x10000 #define SEC_WINNT_AUTH_IDENTITY_FLAGS_RESERVED 0x10000
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_NULL_USER 0x20000 #define SEC_WINNT_AUTH_IDENTITY_FLAGS_NULL_USER 0x20000
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_NULL_DOMAIN 0x40000 #define SEC_WINNT_AUTH_IDENTITY_FLAGS_NULL_DOMAIN 0x40000
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_ID_PROVIDER 0x80000
// //
// These bits are for communication between SspiPromptForCredentials() // These bits are for communication between SspiPromptForCredentials()
// and the credential providers. Do not use these bits for any other // and the credential providers. Do not use these bits for any other
// purpose. // purpose.
// //
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_USE_MASK 0xFF000000 #define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_USE_MASK 0xFF000000
// //
// Instructs the credential provider to not save credentials itself // Instructs the credential provider to not save credentials itself
// when caller selects the "Remember my credential" checkbox. // when caller selects the "Remember my credential" checkbox.
// //
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_BY_CALLER 0x80000000 #define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_SAVE 0x80000000
//
// Support the old name for this flag for callers that were built for earlier
// versions of the SDK.
//
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_BY_CALLER SEC_WINNT_AU
TH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_SAVE
// //
// State of the "Remember my credentials" checkbox. // State of the "Remember my credentials" checkbox.
// When set, indicates checked; when cleared, indicates unchecked. // When set, indicates checked; when cleared, indicates unchecked.
// //
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_CHECKED 0x40000000 #define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_CHECKED 0x40000000
//
// The "Save" checkbox is not displayed on the credential provider tiles
//
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_NO_CHECKBOX 0x20000000
//
// Credential providers will not attempt to prepopulate the CredUI dialog
// box with credentials retrieved from Cred Man.
//
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_LOAD 0x10000000
#define SEC_WINNT_AUTH_IDENTITY_FLAGS_VALID_SSPIPFC_FLAGS \ #define SEC_WINNT_AUTH_IDENTITY_FLAGS_VALID_SSPIPFC_FLAGS \
(SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_BY_CALLER | \ (SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_SAVE | \
SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_CHECKED) SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_CHECKED | \
SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_NO_CHECKBOX | \
SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_LOAD)
#endif // _AUTH_IDENTITY_INFO_DEFINED #endif // _AUTH_IDENTITY_INFO_DEFINED
#ifndef _SSPIPFC_NONE_ // the public view #ifndef _SSPIPFC_NONE_ // the public view
// begin_ntifs // begin_ntifs
typedef PVOID PSEC_WINNT_AUTH_IDENTITY_OPAQUE; // the credential structure is op aque typedef PVOID PSEC_WINNT_AUTH_IDENTITY_OPAQUE; // the credential structure is op aque
// end_ntifs // end_ntifs
skipping to change at line 2452 skipping to change at line 2582
// the user selects the 'save' (or 'remember my password') // the user selects the 'save' (or 'remember my password')
// checkbox in the credential dialog box. The location pointed // checkbox in the credential dialog box. The location pointed
// to by the pfSave parameter indicates whether or not the user // to by the pfSave parameter indicates whether or not the user
// selected the checkbox. // selected the checkbox.
// //
// Note that some credential providers won't honour this flag and // Note that some credential providers won't honour this flag and
// may save the credentials in a persistent manner anyway if the // may save the credentials in a persistent manner anyway if the
// user selects the 'save' checbox. // user selects the 'save' checbox.
// //
#define SSPIPFC_SAVE_CRED_BY_CALLER 0x00000001 #define SSPIPFC_CREDPROV_DO_NOT_SAVE 0x00000001
#define SSPIPFC_VALID_FLAGS (SSPIPFC_SAVE_CRED_BY_CALLER) //
// Support the old name for this flag for callers that were built for earlier
// versions of the SDK.
//
#define SSPIPFC_SAVE_CRED_BY_CALLER SSPIPFC_CREDPROV_DO_NOT_SAVE
//
// The password and smart card credential providers will not display the
// "Remember my credentials" check box in the provider tiles.
//
#define SSPIPFC_NO_CHECKBOX 0x00000002
//
// Credential providers will not attempt to prepopulate the CredUI dialog
// box with credentials retrieved from Cred Man.
//
#define SSPIPFC_CREDPROV_DO_NOT_LOAD 0x00000004
//
// Credential providers along with UI Dialog will be hosted in a separate
// broker process.
//
#define SSPIPFC_USE_CREDUIBROKER 0x00000008
#define SSPIPFC_VALID_FLAGS (SSPIPFC_CREDPROV_DO_NOT_SAVE | SSPIPFC_NO_CHECKBOX
| SSPIPFC_CREDPROV_DO_NOT_LOAD | SSPIPFC_USE_CREDUIBROKER)
#ifndef _SSPIPFC_NONE_ // the public view #ifndef _SSPIPFC_NONE_ // the public view
// Use SspiFreeAuthIdentity() to free the buffer returned // Use SspiFreeAuthIdentity() to free the buffer returned
// in ppAuthIdentity. // in ppAuthIdentity.
unsigned long unsigned long
SEC_ENTRY SEC_ENTRY
SspiPromptForCredentialsW( SspiPromptForCredentialsW(
__in PCWSTR pszTargetName, _In_ PCWSTR pszTargetName,
#ifdef _CREDUI_INFO_DEFINED #ifdef _CREDUI_INFO_DEFINED
__in_opt PCREDUI_INFOW pUiInfo, _In_opt_ PCREDUI_INFOW pUiInfo,
#else #else
__in_opt PVOID pUiInfo, _In_opt_ PVOID pUiInfo,
#endif // _CREDUI_INFO_DEFINED #endif // _CREDUI_INFO_DEFINED
__in unsigned long dwAuthError, _In_ unsigned long dwAuthError,
__in PCWSTR pszPackage, _In_ PCWSTR pszPackage,
__in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE pInputAuthIdentity, _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE pInputAuthIdentity,
__deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity, _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity,
__inout_opt int* pfSave, _Inout_opt_ int* pfSave,
__in unsigned long dwFlags _In_ unsigned long dwFlags
); );
// Use SspiFreeAuthIdentity() to free the buffer returned // Use SspiFreeAuthIdentity() to free the buffer returned
// in ppAuthIdentity. // in ppAuthIdentity.
unsigned long unsigned long
SEC_ENTRY SEC_ENTRY
SspiPromptForCredentialsA( SspiPromptForCredentialsA(
__in PCSTR pszTargetName, _In_ PCSTR pszTargetName,
#ifdef _CREDUI_INFO_DEFINED #ifdef _CREDUI_INFO_DEFINED
__in_opt PCREDUI_INFOA pUiInfo, _In_opt_ PCREDUI_INFOA pUiInfo,
#else #else
__in_opt PVOID pUiInfo, _In_opt_ PVOID pUiInfo,
#endif // _CREDUI_INFO_DEFINED #endif // _CREDUI_INFO_DEFINED
__in unsigned long dwAuthError, _In_ unsigned long dwAuthError,
__in PCSTR pszPackage, _In_ PCSTR pszPackage,
__in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE pInputAuthIdentity, _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE pInputAuthIdentity,
__deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity, _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity,
__inout_opt int* pfSave, _Inout_opt_ int* pfSave,
__in unsigned long dwFlags _In_ unsigned long dwFlags
); );
#endif // _SSPIPFC_NONE_ #endif // _SSPIPFC_NONE_
#ifdef UNICODE #ifdef UNICODE
#define SspiPromptForCredentials SspiPromptForCredentialsW #define SspiPromptForCredentials SspiPromptForCredentialsW
#else #else
#define SspiPromptForCredentials SspiPromptForCredentialsA #define SspiPromptForCredentials SspiPromptForCredentialsA
#endif #endif
#ifdef _SEC_WINNT_AUTH_TYPES #ifdef _SEC_WINNT_AUTH_TYPES
skipping to change at line 2568 skipping to change at line 2725
{ {
ULONG ShortArrayOffset; // each element is a short ULONG ShortArrayOffset; // each element is a short
USHORT ShortArrayCount; // number of characters USHORT ShortArrayCount; // number of characters
} SEC_WINNT_AUTH_SHORT_VECTOR, *PSEC_WINNT_AUTH_SHORT_VECTOR; } SEC_WINNT_AUTH_SHORT_VECTOR, *PSEC_WINNT_AUTH_SHORT_VECTOR;
// free the returned memory using SspiLocalFree // free the returned memory using SspiLocalFree
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiGetCredUIContext( SspiGetCredUIContext(
__in HANDLE ContextHandle, _In_ HANDLE ContextHandle,
__in GUID* CredType, _In_ GUID* CredType,
__in_opt LUID* LogonId, // use this LogonId, the caller must be localsystem t _In_opt_ LUID* LogonId, // use this LogonId, the caller must be localsystem t
o supply a logon id o supply a logon id
__deref_out PSEC_WINNT_CREDUI_CONTEXT_VECTOR* CredUIContexts, _Outptr_ PSEC_WINNT_CREDUI_CONTEXT_VECTOR* CredUIContexts,
__out_opt HANDLE* TokenHandle _Out_opt_ HANDLE* TokenHandle
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiUpdateCredentials( SspiUpdateCredentials(
__in HANDLE ContextHandle, _In_ HANDLE ContextHandle,
__in GUID* CredType, _In_ GUID* CredType,
__in ULONG FlatCredUIContextLength, _In_ ULONG FlatCredUIContextLength,
__in_bcount(FlatCredUIContextLength) PUCHAR FlatCredUIContext _In_reads_bytes_(FlatCredUIContextLength) PUCHAR FlatCredUIContext
); );
typedef struct _CREDUIWIN_MARSHALED_CONTEXT typedef struct _CREDUIWIN_MARSHALED_CONTEXT
{ {
GUID StructureType; GUID StructureType;
USHORT cbHeaderLength; USHORT cbHeaderLength;
LUID LogonId; // user's logon id LUID LogonId; // user's logon id
GUID MarshaledDataType; GUID MarshaledDataType;
ULONG MarshaledDataOffset; ULONG MarshaledDataOffset;
USHORT MarshaledDataLength; USHORT MarshaledDataLength;
skipping to change at line 2631 skipping to change at line 2788
SEC_WINNT_AUTH_SHORT_VECTOR PackageList; SEC_WINNT_AUTH_SHORT_VECTOR PackageList;
} SEC_WINNT_AUTH_PACKED_CREDENTIALS_EX, *PSEC_WINNT_AUTH_PACKED_CREDENTIALS_EX; } SEC_WINNT_AUTH_PACKED_CREDENTIALS_EX, *PSEC_WINNT_AUTH_PACKED_CREDENTIALS_EX;
// //
// free the returned memory using SspiLocalFree // free the returned memory using SspiLocalFree
// //
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiUnmarshalCredUIContext( SspiUnmarshalCredUIContext(
__in_bcount(MarshaledCredUIContextLength) PUCHAR MarshaledCredUIContext, _In_reads_bytes_(MarshaledCredUIContextLength) PUCHAR MarshaledCredUIContext
__in ULONG MarshaledCredUIContextLength, ,
__deref_out PSEC_WINNT_CREDUI_CONTEXT* CredUIContext _In_ ULONG MarshaledCredUIContextLength,
_Outptr_ PSEC_WINNT_CREDUI_CONTEXT* CredUIContext
); );
#endif // _SEC_WINNT_AUTH_TYPES #endif // _SEC_WINNT_AUTH_TYPES
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiPrepareForCredRead( SspiPrepareForCredRead(
__in PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity, _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity,
__in PCWSTR pszTargetName, _In_ PCWSTR pszTargetName,
__out PULONG pCredmanCredentialType, _Out_ PULONG pCredmanCredentialType,
__deref_out PCWSTR* ppszCredmanTargetName _Outptr_ PCWSTR* ppszCredmanTargetName
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiPrepareForCredWrite( SspiPrepareForCredWrite(
__in PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity, _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity,
__in_opt PCWSTR pszTargetName, // supply NULL for username-target credential _In_opt_ PCWSTR pszTargetName, // supply NULL for username-target credential
s s
__out PULONG pCredmanCredentialType, _Out_ PULONG pCredmanCredentialType,
__deref_out PCWSTR* ppszCredmanTargetName, _Outptr_ PCWSTR* ppszCredmanTargetName,
__deref_out PCWSTR* ppszCredmanUserName, _Outptr_ PCWSTR* ppszCredmanUserName,
__deref_out_bcount(*pCredentialBlobSize) PUCHAR *ppCredentialBlob, _Outptr_result_bytebuffer_(*pCredentialBlobSize) PUCHAR *ppCredentialBlob,
__out PULONG pCredentialBlobSize _Out_ PULONG pCredentialBlobSize
); );
//
// Input flags for SspiEncryptAuthIdentityEx and
// SspiDecryptAuthIdentityEx functions
//
#define SEC_WINNT_AUTH_IDENTITY_ENCRYPT_SAME_LOGON 0x1
#define SEC_WINNT_AUTH_IDENTITY_ENCRYPT_SAME_PROCESS 0x2
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiEncryptAuthIdentity( SspiEncryptAuthIdentity(
__inout PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData _Inout_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
);
SECURITY_STATUS
SEC_ENTRY
SspiEncryptAuthIdentityEx(
_In_ ULONG Options,
_Inout_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiDecryptAuthIdentity( SspiDecryptAuthIdentity(
__inout PSEC_WINNT_AUTH_IDENTITY_OPAQUE EncryptedAuthData _Inout_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE EncryptedAuthData
);
SECURITY_STATUS
SEC_ENTRY
SspiDecryptAuthIdentityEx(
_In_ ULONG Options,
_Inout_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE EncryptedAuthData
); );
BOOLEAN BOOLEAN
SEC_ENTRY SEC_ENTRY
SspiIsAuthIdentityEncrypted( SspiIsAuthIdentityEncrypted(
__in PSEC_WINNT_AUTH_IDENTITY_OPAQUE EncryptedAuthData _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE EncryptedAuthData
); );
// begin_ntifs // begin_ntifs
#if (NTDDI_VERSION >= NTDDI_WIN7) #if (NTDDI_VERSION >= NTDDI_WIN7)
// //
// Convert the _OPAQUE structure passed in to the // Convert the _OPAQUE structure passed in to the
// 3 tuple <username, domainname, 'password'>. // 3 tuple <username, domainname, 'password'>.
// //
// Note: The 'strings' returned need not necessarily be // Note: The 'strings' returned need not necessarily be
skipping to change at line 2698 skipping to change at line 2877
// obtained by passing NULL to the pszPackedCredentialsString // obtained by passing NULL to the pszPackedCredentialsString
// parameter. // parameter.
// //
// zero out the pszPackedCredentialsString then // zero out the pszPackedCredentialsString then
// free the returned memory using SspiLocalFree() // free the returned memory using SspiLocalFree()
// //
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiEncodeAuthIdentityAsStrings( SspiEncodeAuthIdentityAsStrings(
__in PSEC_WINNT_AUTH_IDENTITY_OPAQUE pAuthIdentity, _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE pAuthIdentity,
__deref_out_opt PCWSTR* ppszUserName, _Outptr_result_maybenull_ PCWSTR* ppszUserName,
__deref_out_opt PCWSTR* ppszDomainName, _Outptr_result_maybenull_ PCWSTR* ppszDomainName,
__deref_opt_out_opt PCWSTR* ppszPackedCredentialsString _Outptr_opt_result_maybenull_ PCWSTR* ppszPackedCredentialsString
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiValidateAuthIdentity( SspiValidateAuthIdentity(
__in PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
); );
// //
// free the returned memory using SspiFreeAuthIdentity() // free the returned memory using SspiFreeAuthIdentity()
// //
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiCopyAuthIdentity( SspiCopyAuthIdentity(
__in PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData, _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData,
__deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* AuthDataCopy _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* AuthDataCopy
); );
// //
// use only for the memory returned by SspiCopyAuthIdentity(). // use only for the memory returned by SspiCopyAuthIdentity().
// Internally calls SspiZeroAuthIdentity(). // Internally calls SspiZeroAuthIdentity().
// //
VOID VOID
SEC_ENTRY SEC_ENTRY
SspiFreeAuthIdentity( SspiFreeAuthIdentity(
__in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
); );
VOID VOID
SEC_ENTRY SEC_ENTRY
SspiZeroAuthIdentity( SspiZeroAuthIdentity(
__in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData
); );
VOID VOID
SEC_ENTRY SEC_ENTRY
SspiLocalFree( SspiLocalFree(
__in_opt PVOID DataBuffer _In_opt_ PVOID DataBuffer
); );
// //
// call SspiFreeAuthIdentity to free the returned AuthIdentity // call SspiFreeAuthIdentity to free the returned AuthIdentity
// which zeroes out the credentials blob before freeing it // which zeroes out the credentials blob before freeing it
// //
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiEncodeStringsAsAuthIdentity( SspiEncodeStringsAsAuthIdentity(
__in_opt PCWSTR pszUserName, _In_opt_ PCWSTR pszUserName,
__in_opt PCWSTR pszDomainName, _In_opt_ PCWSTR pszDomainName,
__in_opt PCWSTR pszPackedCredentialsString, _In_opt_ PCWSTR pszPackedCredentialsString,
__deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiCompareAuthIdentities( SspiCompareAuthIdentities(
__in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity1, _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity1,
__in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity2, _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity2,
__out_opt PBOOLEAN SameSuppliedUser, _Out_opt_ PBOOLEAN SameSuppliedUser,
__out_opt PBOOLEAN SameSuppliedIdentity _Out_opt_ PBOOLEAN SameSuppliedIdentity
); );
// //
// zero out the returned AuthIdentityByteArray then // zero out the returned AuthIdentityByteArray then
// free the returned memory using SspiLocalFree() // free the returned memory using SspiLocalFree()
// //
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiMarshalAuthIdentity( SspiMarshalAuthIdentity(
__in PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity, _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity,
__out unsigned long* AuthIdentityLength, _Out_ unsigned long* AuthIdentityLength,
__deref_out_bcount(*AuthIdentityLength) char** AuthIdentityByteArray _Outptr_result_bytebuffer_(*AuthIdentityLength) char** AuthIdentityByteArray
); );
// //
// free the returned auth identity using SspiFreeAuthIdentity() // free the returned auth identity using SspiFreeAuthIdentity()
// //
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiUnmarshalAuthIdentity( SspiUnmarshalAuthIdentity(
__in unsigned long AuthIdentityLength, _In_ unsigned long AuthIdentityLength,
__in_bcount(AuthIdentityLength) char* AuthIdentityByteArray, _In_reads_bytes_(AuthIdentityLength) char* AuthIdentityByteArray,
__deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity
); );
BOOLEAN BOOLEAN
SEC_ENTRY SEC_ENTRY
SspiIsPromptingNeeded( SspiIsPromptingNeeded(
__in unsigned long ErrorOrNtStatus _In_ unsigned long ErrorOrNtStatus
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiGetTargetHostName( SspiGetTargetHostName(
__in PCWSTR pszTargetName, _In_ PCWSTR pszTargetName,
__deref_out PWSTR* pszHostName _Outptr_ PWSTR* pszHostName
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiExcludePackage( SspiExcludePackage(
__in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity, _In_opt_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity,
__in PCWSTR pszPackageName, _In_ PCWSTR pszPackageName,
__deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppNewAuthIdentity _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppNewAuthIdentity
); );
#endif // NTDDI_VERSION
// //
// Common types used by negotiable security packages // Common types used by negotiable security packages
// //
// These are defined after W2K // These are defined after W2K
// //
#define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x4 // all data is in one bu ffer #define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x4 // all data is in one bu ffer
#define SEC_WINNT_AUTH_IDENTITY_ONLY 0x8 // these credentials are for identity only - no PAC needed #define SEC_WINNT_AUTH_IDENTITY_ONLY 0x8 // these credentials are for identity only - no PAC needed
#endif // NTDDI_VERSION
// end_ntifs // end_ntifs
// //
// Routines for manipulating packages // Routines for manipulating packages
// //
typedef struct _SECURITY_PACKAGE_OPTIONS { typedef struct _SECURITY_PACKAGE_OPTIONS {
unsigned long Size; unsigned long Size;
unsigned long Type; unsigned long Type;
unsigned long Flags; unsigned long Flags;
skipping to change at line 2846 skipping to change at line 3026
#define SECPKG_OPTIONS_TYPE_UNKNOWN 0 #define SECPKG_OPTIONS_TYPE_UNKNOWN 0
#define SECPKG_OPTIONS_TYPE_LSA 1 #define SECPKG_OPTIONS_TYPE_LSA 1
#define SECPKG_OPTIONS_TYPE_SSPI 2 #define SECPKG_OPTIONS_TYPE_SSPI 2
#define SECPKG_OPTIONS_PERMANENT 0x00000001 #define SECPKG_OPTIONS_PERMANENT 0x00000001
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
AddSecurityPackageA( AddSecurityPackageA(
__in LPSTR pszPackageName, _In_ LPSTR pszPackageName,
__in_opt PSECURITY_PACKAGE_OPTIONS pOptions _In_opt_ PSECURITY_PACKAGE_OPTIONS pOptions
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
AddSecurityPackageW( AddSecurityPackageW(
__in LPWSTR pszPackageName, _In_ LPWSTR pszPackageName,
__in_opt PSECURITY_PACKAGE_OPTIONS pOptions _In_opt_ PSECURITY_PACKAGE_OPTIONS pOptions
); );
#ifdef UNICODE #ifdef UNICODE
#define AddSecurityPackage AddSecurityPackageW #define AddSecurityPackage AddSecurityPackageW
#else #else
#define AddSecurityPackage AddSecurityPackageA #define AddSecurityPackage AddSecurityPackageA
#endif #endif
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
DeleteSecurityPackageA( DeleteSecurityPackageA(
__in LPSTR pszPackageName _In_ LPSTR pszPackageName
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
DeleteSecurityPackageW( DeleteSecurityPackageW(
__in LPWSTR pszPackageName _In_ LPWSTR pszPackageName
); );
#ifdef UNICODE #ifdef UNICODE
#define DeleteSecurityPackage DeleteSecurityPackageW #define DeleteSecurityPackage DeleteSecurityPackageW
#else #else
#define DeleteSecurityPackage DeleteSecurityPackageA #define DeleteSecurityPackage DeleteSecurityPackageA
#endif #endif
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion
#ifdef __cplusplus #ifdef __cplusplus
} // extern "C" } // extern "C"
#endif #endif
// begin_ntifs // begin_ntifs
#endif // __SSPI_H__ #endif // __SSPI_H__
// end_ntifs // end_ntifs
 End of changes. 134 change blocks. 
374 lines changed or deleted 579 lines changed or added


 wincred.h (6.1.7601.18276-Windows_7.0)   wincred.h (6.3.9600.17415-Windows_8.1) 
skipping to change at line 22 skipping to change at line 22
needed for the Credential Manager. needed for the Credential Manager.
Author: Author:
Revision History: Revision History:
--*/ --*/
#ifndef _WINCRED_H_ #ifndef _WINCRED_H_
#define _WINCRED_H_ #define _WINCRED_H_
#include <winapifamily.h>
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
#if !defined(_ADVAPI32_) #if !defined(_ADVAPI32_)
#define WINADVAPI DECLSPEC_IMPORT #define WINADVAPI DECLSPEC_IMPORT
#else #else
#define WINADVAPI #define WINADVAPI
#endif #endif
#if !defined(CREDUIAPI) #if !defined(CREDUIAPI)
#if !defined(_CREDUI_) #if !defined(_CREDUI_)
#define CREDUIAPI EXTERN_C DECLSPEC_IMPORT #define CREDUIAPI EXTERN_C DECLSPEC_IMPORT
skipping to change at line 81 skipping to change at line 85
typedef struct _FILETIME *LPFILETIME; typedef struct _FILETIME *LPFILETIME;
#endif // !_FILETIME #endif // !_FILETIME
#endif // _WINBASE_ #endif // _WINBASE_
// //
// Ensure NTSTATUS is defined // Ensure NTSTATUS is defined
// //
#ifndef _NTDEF_ #ifndef _NTDEF_
typedef LONG NTSTATUS, *PNTSTATUS; typedef _Return_type_success_(return >= 0) LONG NTSTATUS, *PNTSTATUS;
#endif #endif
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
// Macros // Macros
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
// //
// Macro to determine whether CredUIPromptForCredentials should be called upon a failed // Macro to determine whether CredUIPromptForCredentials should be called upon a failed
// authentication attempt. // authentication attempt.
// //
skipping to change at line 420 skipping to change at line 424
// //
// A credential // A credential
// //
typedef struct _CREDENTIALA { typedef struct _CREDENTIALA {
DWORD Flags; DWORD Flags;
DWORD Type; DWORD Type;
LPSTR TargetName; LPSTR TargetName;
LPSTR Comment; LPSTR Comment;
FILETIME LastWritten; FILETIME LastWritten;
DWORD CredentialBlobSize; DWORD CredentialBlobSize;
__field_bcount(CredentialBlobSize) LPBYTE CredentialBlob; _Field_size_bytes_(CredentialBlobSize) LPBYTE CredentialBlob;
DWORD Persist; DWORD Persist;
DWORD AttributeCount; DWORD AttributeCount;
PCREDENTIAL_ATTRIBUTEA Attributes; PCREDENTIAL_ATTRIBUTEA Attributes;
LPSTR TargetAlias; LPSTR TargetAlias;
LPSTR UserName; LPSTR UserName;
} CREDENTIALA, *PCREDENTIALA; } CREDENTIALA, *PCREDENTIALA;
typedef struct _CREDENTIALW { typedef struct _CREDENTIALW {
DWORD Flags; DWORD Flags;
DWORD Type; DWORD Type;
skipping to change at line 606 skipping to change at line 610
CredUserProtection, CredUserProtection,
CredTrustedProtection CredTrustedProtection
} CRED_PROTECTION_TYPE, *PCRED_PROTECTION_TYPE; } CRED_PROTECTION_TYPE, *PCRED_PROTECTION_TYPE;
// //
// Values for authentication buffers packing // Values for authentication buffers packing
// //
#define CRED_PACK_PROTECTED_CREDENTIALS 0x1 #define CRED_PACK_PROTECTED_CREDENTIALS 0x1
#define CRED_PACK_WOW_BUFFER 0x2 #define CRED_PACK_WOW_BUFFER 0x2
#define CRED_PACK_GENERIC_CREDENTIALS 0x4 #define CRED_PACK_GENERIC_CREDENTIALS 0x4
#define CRED_PACK_ID_PROVIDER_CREDENTIALS 0x8
// //
// Credential UI info // Credential UI info
// //
#define _CREDUI_INFO_DEFINED #define _CREDUI_INFO_DEFINED
typedef struct _CREDUI_INFOA typedef struct _CREDUI_INFOA
{ {
DWORD cbSize; DWORD cbSize;
skipping to change at line 645 skipping to change at line 650
typedef CREDUI_INFOA CREDUI_INFO; typedef CREDUI_INFOA CREDUI_INFO;
typedef PCREDUI_INFOA PCREDUI_INFO; typedef PCREDUI_INFOA PCREDUI_INFO;
#endif #endif
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
// Values // Values
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
// String length limits: // String length limits:
#define CREDUI_MAX_MESSAGE_LENGTH 32767 #define CREDUI_MAX_MESSAGE_LENGTH 1024
#define CREDUI_MAX_CAPTION_LENGTH 128 #define CREDUI_MAX_CAPTION_LENGTH 128
#define CREDUI_MAX_GENERIC_TARGET_LENGTH CRED_MAX_GENERIC_TARGET_NAME_LENGTH #define CREDUI_MAX_GENERIC_TARGET_LENGTH CRED_MAX_GENERIC_TARGET_NAME_LENGTH
#define CREDUI_MAX_DOMAIN_TARGET_LENGTH CRED_MAX_DOMAIN_TARGET_NAME_LENGTH #define CREDUI_MAX_DOMAIN_TARGET_LENGTH CRED_MAX_DOMAIN_TARGET_NAME_LENGTH
// //
// Username can be in <domain>\<user> or <user>@<domain> // Username can be in <domain>\<user> or <user>@<domain>
// Length in characters, not including NULL termination. // Length in characters, not including NULL termination.
// //
#define CREDUI_MAX_USERNAME_LENGTH CRED_MAX_USERNAME_LENGTH #define CREDUI_MAX_USERNAME_LENGTH CRED_MAX_USERNAME_LENGTH
#define CREDUI_MAX_PASSWORD_LENGTH (512 / 2) #define CREDUI_MAX_PASSWORD_LENGTH (512 / 2)
//
// Packed credential returned by SspiEncodeAuthIdentityAsStrings(). // Packed credential returned by SspiEncodeAuthIdentityAsStrings().
// Length in characters, not including NULL termination. // Length in characters, not including NULL termination.
// //
#define CREDUI_MAX_PACKED_CREDENTIALS_LENGTH ((MAXUSHORT / 2) - 2) #define CREDUI_MAX_PACKED_CREDENTIALS_LENGTH ((MAXUSHORT / 2) - 2)
// maximum length in bytes for binary credential blobs // maximum length in bytes for binary credential blobs
#define CREDUI_MAX_CREDENTIALS_BLOB_SIZE (MAXUSHORT) #define CREDUI_MAX_CREDENTIALS_BLOB_SIZE (MAXUSHORT)
skipping to change at line 724 skipping to change at line 728
// Flags for CredUIPromptForWindowsCredentials and CPUS_CREDUI Usage Scenarios // Flags for CredUIPromptForWindowsCredentials and CPUS_CREDUI Usage Scenarios
// //
#define CREDUIWIN_GENERIC 0x00000001 // Plain text username/p assword is being requested #define CREDUIWIN_GENERIC 0x00000001 // Plain text username/p assword is being requested
#define CREDUIWIN_CHECKBOX 0x00000002 // Show the Save Credent ial checkbox #define CREDUIWIN_CHECKBOX 0x00000002 // Show the Save Credent ial checkbox
#define CREDUIWIN_AUTHPACKAGE_ONLY 0x00000010 // Only Cred Providers t hat support the input auth package should enumerate #define CREDUIWIN_AUTHPACKAGE_ONLY 0x00000010 // Only Cred Providers t hat support the input auth package should enumerate
#define CREDUIWIN_IN_CRED_ONLY 0x00000020 // Only the incoming cre d for the specific auth package should be enumerated #define CREDUIWIN_IN_CRED_ONLY 0x00000020 // Only the incoming cre d for the specific auth package should be enumerated
#define CREDUIWIN_ENUMERATE_ADMINS 0x00000100 // Cred Providers should enumerate administrators only #define CREDUIWIN_ENUMERATE_ADMINS 0x00000100 // Cred Providers should enumerate administrators only
#define CREDUIWIN_ENUMERATE_CURRENT_USER 0x00000200 // Only the incoming cre d for the specific auth package should be enumerated #define CREDUIWIN_ENUMERATE_CURRENT_USER 0x00000200 // Only the incoming cre d for the specific auth package should be enumerated
#define CREDUIWIN_SECURE_PROMPT 0x00001000 // The Credui prompt sho uld be displayed on the secure desktop #define CREDUIWIN_SECURE_PROMPT 0x00001000 // The Credui prompt sho uld be displayed on the secure desktop
#define CREDUIWIN_PREPROMPTING 0X00002000 // CredUI is invoked by SspiPromptForCredentials and the client is prompting before a prior handshake
#define CREDUIWIN_PACK_32_WOW 0x10000000 // Tell the credential p rovider it should be packing its Auth Blob 32 bit even though it is running 64 n ative #define CREDUIWIN_PACK_32_WOW 0x10000000 // Tell the credential p rovider it should be packing its Auth Blob 32 bit even though it is running 64 n ative
#define CREDUIWIN_VALID_FLAGS ( \ #define CREDUIWIN_VALID_FLAGS ( \
CREDUIWIN_GENERIC | \ CREDUIWIN_GENERIC | \
CREDUIWIN_CHECKBOX | \ CREDUIWIN_CHECKBOX | \
CREDUIWIN_AUTHPACKAGE_ONLY | \ CREDUIWIN_AUTHPACKAGE_ONLY | \
CREDUIWIN_IN_CRED_ONLY | \ CREDUIWIN_IN_CRED_ONLY | \
CREDUIWIN_ENUMERATE_ADMINS | \ CREDUIWIN_ENUMERATE_ADMINS | \
CREDUIWIN_ENUMERATE_CURRENT_USER | \ CREDUIWIN_ENUMERATE_CURRENT_USER | \
CREDUIWIN_SECURE_PROMPT | \ CREDUIWIN_SECURE_PROMPT | \
CREDUIWIN_PREPROMPTING | \
CREDUIWIN_PACK_32_WOW ) CREDUIWIN_PACK_32_WOW )
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
// Functions // Functions
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
// //
// Values of flags to CredWrite and CredWriteDomainCredentials // Values of flags to CredWrite and CredWriteDomainCredentials
// //
#define CRED_PRESERVE_CREDENTIAL_BLOB 0x1 #define CRED_PRESERVE_CREDENTIAL_BLOB 0x1
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredWriteW ( CredWriteW (
__in PCREDENTIALW Credential, _In_ PCREDENTIALW Credential,
__in DWORD Flags _In_ DWORD Flags
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredWriteA ( CredWriteA (
__in PCREDENTIALA Credential, _In_ PCREDENTIALA Credential,
__in DWORD Flags _In_ DWORD Flags
); );
#ifdef UNICODE #ifdef UNICODE
#define CredWrite CredWriteW #define CredWrite CredWriteW
#else #else
#define CredWrite CredWriteA #define CredWrite CredWriteA
#endif // UNICODE #endif // UNICODE
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredReadW ( CredReadW (
__in LPCWSTR TargetName, _In_ LPCWSTR TargetName,
__in DWORD Type, _In_ DWORD Type,
__reserved DWORD Flags, _Reserved_ DWORD Flags,
__out PCREDENTIALW *Credential _Out_ PCREDENTIALW *Credential
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredReadA ( CredReadA (
__in LPCSTR TargetName, _In_ LPCSTR TargetName,
__in DWORD Type, _In_ DWORD Type,
__reserved DWORD Flags, _Reserved_ DWORD Flags,
__out PCREDENTIALA *Credential _Out_ PCREDENTIALA *Credential
); );
#ifdef UNICODE #ifdef UNICODE
#define CredRead CredReadW #define CredRead CredReadW
#else #else
#define CredRead CredReadA #define CredRead CredReadA
#endif // UNICODE #endif // UNICODE
// //
// Values of flags to CredEnumerate // Values of flags to CredEnumerate
// //
#define CRED_ENUMERATE_ALL_CREDENTIALS 0x1 #define CRED_ENUMERATE_ALL_CREDENTIALS 0x1
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredEnumerateW ( CredEnumerateW (
__in_opt LPCWSTR Filter, _In_opt_ LPCWSTR Filter,
__reserved DWORD Flags, _Reserved_ DWORD Flags,
__out DWORD *Count, _Out_ DWORD *Count,
__deref_out_ecount(*Count) PCREDENTIALW **Credential _Outptr_result_buffer_(*Count) PCREDENTIALW **Credential
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredEnumerateA ( CredEnumerateA (
__in_opt LPCSTR Filter, _In_opt_ LPCSTR Filter,
__reserved DWORD Flags, _Reserved_ DWORD Flags,
__out DWORD *Count, _Out_ DWORD *Count,
__deref_out_ecount(*Count) PCREDENTIALA **Credential _Outptr_result_buffer_(*Count) PCREDENTIALA **Credential
); );
#ifdef UNICODE #ifdef UNICODE
#define CredEnumerate CredEnumerateW #define CredEnumerate CredEnumerateW
#else #else
#define CredEnumerate CredEnumerateA #define CredEnumerate CredEnumerateA
#endif // UNICODE #endif // UNICODE
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredWriteDomainCredentialsW ( CredWriteDomainCredentialsW (
__in PCREDENTIAL_TARGET_INFORMATIONW TargetInfo, _In_ PCREDENTIAL_TARGET_INFORMATIONW TargetInfo,
__in PCREDENTIALW Credential, _In_ PCREDENTIALW Credential,
__in DWORD Flags _In_ DWORD Flags
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredWriteDomainCredentialsA ( CredWriteDomainCredentialsA (
__in PCREDENTIAL_TARGET_INFORMATIONA TargetInfo, _In_ PCREDENTIAL_TARGET_INFORMATIONA TargetInfo,
__in PCREDENTIALA Credential, _In_ PCREDENTIALA Credential,
__in DWORD Flags _In_ DWORD Flags
); );
#ifdef UNICODE #ifdef UNICODE
#define CredWriteDomainCredentials CredWriteDomainCredentialsW #define CredWriteDomainCredentials CredWriteDomainCredentialsW
#else #else
#define CredWriteDomainCredentials CredWriteDomainCredentialsA #define CredWriteDomainCredentials CredWriteDomainCredentialsA
#endif // UNICODE #endif // UNICODE
// //
// Values of flags to CredReadDomainCredentials // Values of flags to CredReadDomainCredentials
// //
#define CRED_CACHE_TARGET_INFORMATION 0x1 #define CRED_CACHE_TARGET_INFORMATION 0x1
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredReadDomainCredentialsW ( CredReadDomainCredentialsW (
__in PCREDENTIAL_TARGET_INFORMATIONW TargetInfo, _In_ PCREDENTIAL_TARGET_INFORMATIONW TargetInfo,
__in DWORD Flags, _In_ DWORD Flags,
__out DWORD *Count, _Out_ DWORD *Count,
__deref_out_ecount(*Count) PCREDENTIALW **Credential _Outptr_result_buffer_(*Count) PCREDENTIALW **Credential
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredReadDomainCredentialsA ( CredReadDomainCredentialsA (
__in PCREDENTIAL_TARGET_INFORMATIONA TargetInfo, _In_ PCREDENTIAL_TARGET_INFORMATIONA TargetInfo,
__in DWORD Flags, _In_ DWORD Flags,
__out DWORD *Count, _Out_ DWORD *Count,
__deref_out_ecount(*Count) PCREDENTIALA **Credential _Outptr_result_buffer_(*Count) PCREDENTIALA **Credential
); );
#ifdef UNICODE #ifdef UNICODE
#define CredReadDomainCredentials CredReadDomainCredentialsW #define CredReadDomainCredentials CredReadDomainCredentialsW
#else #else
#define CredReadDomainCredentials CredReadDomainCredentialsA #define CredReadDomainCredentials CredReadDomainCredentialsA
#endif // UNICODE #endif // UNICODE
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredDeleteW ( CredDeleteW (
__in LPCWSTR TargetName, _In_ LPCWSTR TargetName,
__in DWORD Type, _In_ DWORD Type,
__reserved DWORD Flags _Reserved_ DWORD Flags
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredDeleteA ( CredDeleteA (
__in LPCSTR TargetName, _In_ LPCSTR TargetName,
__in DWORD Type, _In_ DWORD Type,
__reserved DWORD Flags _Reserved_ DWORD Flags
); );
#ifdef UNICODE #ifdef UNICODE
#define CredDelete CredDeleteW #define CredDelete CredDeleteW
#else #else
#define CredDelete CredDeleteA #define CredDelete CredDeleteA
#endif // UNICODE #endif // UNICODE
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredRenameW ( CredRenameW (
__in LPCWSTR OldTargetName, _In_ LPCWSTR OldTargetName,
__in LPCWSTR NewTargetName, _In_ LPCWSTR NewTargetName,
__in DWORD Type, _In_ DWORD Type,
__reserved DWORD Flags _Reserved_ DWORD Flags
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredRenameA ( CredRenameA (
__in LPCSTR OldTargetName, _In_ LPCSTR OldTargetName,
__in LPCSTR NewTargetName, _In_ LPCSTR NewTargetName,
__in DWORD Type, _In_ DWORD Type,
__reserved DWORD Flags _Reserved_ DWORD Flags
); );
#ifdef UNICODE #ifdef UNICODE
#define CredRename CredRenameW #define CredRename CredRenameW
#else #else
#define CredRename CredRenameA #define CredRename CredRenameA
#endif // UNICODE #endif // UNICODE
// //
// Values of flags to CredGetTargetInfo // Values of flags to CredGetTargetInfo
// //
#define CRED_ALLOW_NAME_RESOLUTION 0x1 #define CRED_ALLOW_NAME_RESOLUTION 0x1
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredGetTargetInfoW ( CredGetTargetInfoW (
__in LPCWSTR TargetName, _In_ LPCWSTR TargetName,
__in DWORD Flags, _In_ DWORD Flags,
__out PCREDENTIAL_TARGET_INFORMATIONW *TargetInfo _Out_ PCREDENTIAL_TARGET_INFORMATIONW *TargetInfo
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredGetTargetInfoA ( CredGetTargetInfoA (
__in LPCSTR TargetName, _In_ LPCSTR TargetName,
__in DWORD Flags, _In_ DWORD Flags,
__out PCREDENTIAL_TARGET_INFORMATIONA *TargetInfo _Out_ PCREDENTIAL_TARGET_INFORMATIONA *TargetInfo
); );
#ifdef UNICODE #ifdef UNICODE
#define CredGetTargetInfo CredGetTargetInfoW #define CredGetTargetInfo CredGetTargetInfoW
#else #else
#define CredGetTargetInfo CredGetTargetInfoA #define CredGetTargetInfo CredGetTargetInfoA
#endif // UNICODE #endif // UNICODE
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredMarshalCredentialW( CredMarshalCredentialW(
__in CRED_MARSHAL_TYPE CredType, _In_ CRED_MARSHAL_TYPE CredType,
__in PVOID Credential, _In_ PVOID Credential,
__out LPWSTR *MarshaledCredential _Out_ LPWSTR *MarshaledCredential
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredMarshalCredentialA( CredMarshalCredentialA(
__in CRED_MARSHAL_TYPE CredType, _In_ CRED_MARSHAL_TYPE CredType,
__in PVOID Credential, _In_ PVOID Credential,
__out LPSTR *MarshaledCredential _Out_ LPSTR *MarshaledCredential
); );
#ifdef UNICODE #ifdef UNICODE
#define CredMarshalCredential CredMarshalCredentialW #define CredMarshalCredential CredMarshalCredentialW
#else #else
#define CredMarshalCredential CredMarshalCredentialA #define CredMarshalCredential CredMarshalCredentialA
#endif // UNICODE #endif // UNICODE
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredUnmarshalCredentialW( CredUnmarshalCredentialW(
__in LPCWSTR MarshaledCredential, _In_ LPCWSTR MarshaledCredential,
__out PCRED_MARSHAL_TYPE CredType, _Out_ PCRED_MARSHAL_TYPE CredType,
__out PVOID *Credential _Out_ PVOID *Credential
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredUnmarshalCredentialA( CredUnmarshalCredentialA(
__in LPCSTR MarshaledCredential, _In_ LPCSTR MarshaledCredential,
__out PCRED_MARSHAL_TYPE CredType, _Out_ PCRED_MARSHAL_TYPE CredType,
__out PVOID *Credential _Out_ PVOID *Credential
); );
#ifdef UNICODE #ifdef UNICODE
#define CredUnmarshalCredential CredUnmarshalCredentialW #define CredUnmarshalCredential CredUnmarshalCredentialW
#else #else
#define CredUnmarshalCredential CredUnmarshalCredentialA #define CredUnmarshalCredential CredUnmarshalCredentialA
#endif // UNICODE #endif // UNICODE
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredIsMarshaledCredentialW( CredIsMarshaledCredentialW(
__in LPCWSTR MarshaledCredential _In_ LPCWSTR MarshaledCredential
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredIsMarshaledCredentialA( CredIsMarshaledCredentialA(
__in LPCSTR MarshaledCredential _In_ LPCSTR MarshaledCredential
); );
#ifdef UNICODE #ifdef UNICODE
#define CredIsMarshaledCredential CredIsMarshaledCredentialW #define CredIsMarshaledCredential CredIsMarshaledCredentialW
#else #else
#define CredIsMarshaledCredential CredIsMarshaledCredentialA #define CredIsMarshaledCredential CredIsMarshaledCredentialA
#endif // UNICODE #endif // UNICODE
CREDUIAPI CREDUIAPI
BOOL BOOL
WINAPI WINAPI
CredUnPackAuthenticationBufferW( CredUnPackAuthenticationBufferW(
__in DWORD dwFlags, _In_ DWORD dwFlags,
__in_bcount(cbAuthBuffer) PVOID pAuthBuffer, _In_reads_bytes_(cbAuthBuffer) PVOID pAuthBuffer,
__in DWORD cbAuthBuffer, _In_ DWORD cbAuthBuffer,
__out_ecount_opt(*pcchMaxUserName) LPWSTR pszUserName, _Out_writes_opt_(*pcchMaxUserName) LPWSTR pszUserName,
__inout DWORD* pcchMaxUserName, _Inout_ DWORD* pcchMaxUserName,
__out_ecount_opt(*pcchMaxDomainName) LPWSTR pszDomainName, _Out_writes_opt_(*pcchMaxDomainName) LPWSTR pszDomainName,
__inout_opt DWORD* pcchMaxDomainName, _Inout_opt_ DWORD* pcchMaxDomainName,
__out_ecount_opt(*pcchMaxPassword) LPWSTR pszPassword, _Out_writes_opt_(*pcchMaxPassword) LPWSTR pszPassword,
__inout DWORD* pcchMaxPassword _Inout_ DWORD* pcchMaxPassword
); );
CREDUIAPI CREDUIAPI
BOOL BOOL
WINAPI WINAPI
CredUnPackAuthenticationBufferA( CredUnPackAuthenticationBufferA(
__in DWORD dwFlags, _In_ DWORD dwFlags,
__in_bcount(cbAuthBuffer) PVOID pAuthBuffer, _In_reads_bytes_(cbAuthBuffer) PVOID pAuthBuffer,
__in DWORD cbAuthBuffer, _In_ DWORD cbAuthBuffer,
__out_ecount_opt(*pcchMaxUserName) LPSTR pszUserName, _Out_writes_opt_(*pcchMaxUserName) LPSTR pszUserName,
__inout DWORD* pcchlMaxUserName, _Inout_ DWORD* pcchlMaxUserName,
__out_ecount_opt(*pcchMaxDomainName) LPSTR pszDomainName, _Out_writes_opt_(*pcchMaxDomainName) LPSTR pszDomainName,
__inout_opt DWORD* pcchMaxDomainName, _Inout_opt_ DWORD* pcchMaxDomainName,
__out_ecount_opt(*pcchMaxPassword) LPSTR pszPassword, _Out_writes_opt_(*pcchMaxPassword) LPSTR pszPassword,
__inout DWORD* pcchMaxPassword _Inout_ DWORD* pcchMaxPassword
); );
#ifdef UNICODE #ifdef UNICODE
#define CredUnPackAuthenticationBuffer CredUnPackAuthenticationBufferW #define CredUnPackAuthenticationBuffer CredUnPackAuthenticationBufferW
#else #else
#define CredUnPackAuthenticationBuffer CredUnPackAuthenticationBufferA #define CredUnPackAuthenticationBuffer CredUnPackAuthenticationBufferA
#endif //UNICODE #endif //UNICODE
CREDUIAPI CREDUIAPI
BOOL BOOL
WINAPI WINAPI
CredPackAuthenticationBufferW( CredPackAuthenticationBufferW(
__in DWORD dwFlags, _In_ DWORD dwFlags,
__in LPWSTR pszUserName, _In_ LPWSTR pszUserName,
__in LPWSTR pszPassword, _In_ LPWSTR pszPassword,
__out_bcount_opt(*pcbPackedCredentials) PBYTE pPackedCredentials, _Out_writes_bytes_opt_(*pcbPackedCredentials) PBYTE pPackedCredentials,
__inout DWORD* pcbPackedCredentials _Inout_ DWORD* pcbPackedCredentials
); );
CREDUIAPI CREDUIAPI
BOOL BOOL
WINAPI WINAPI
CredPackAuthenticationBufferA( CredPackAuthenticationBufferA(
__in DWORD dwFlags, _In_ DWORD dwFlags,
__in LPSTR pszUserName, _In_ LPSTR pszUserName,
__in LPSTR pszPassword, _In_ LPSTR pszPassword,
__out_bcount_opt(*pcbPackedCredentials) PBYTE pPackedCredentials, _Out_writes_bytes_opt_(*pcbPackedCredentials) PBYTE pPackedCredentials,
__inout DWORD* pcbPackedCredentials _Inout_ DWORD* pcbPackedCredentials
); );
#ifdef UNICODE #ifdef UNICODE
#define CredPackAuthenticationBuffer CredPackAuthenticationBufferW #define CredPackAuthenticationBuffer CredPackAuthenticationBufferW
#else #else
#define CredPackAuthenticationBuffer CredPackAuthenticationBufferA #define CredPackAuthenticationBuffer CredPackAuthenticationBufferA
#endif //UNICODE #endif //UNICODE
_Success_(return)
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredProtectW( CredProtectW(
__in BOOL fAsSelf, _In_ BOOL fAsSelf,
__in_ecount(cchCredentials) LPWSTR pszCredentials, _In_reads_(cchCredentials) LPWSTR pszCredentials,
__in DWORD cchCredentials, _In_ DWORD cchCredentials,
__out_ecount(*pcchMaxChars) LPWSTR pszProtectedCredentials, _Out_writes_to_(*pcchMaxChars, *pcchMaxChars) LPWSTR pszProtectedCredentials
__inout DWORD* pcchMaxChars, ,
__out_opt CRED_PROTECTION_TYPE* ProtectionType _Inout_ DWORD* pcchMaxChars,
_Out_opt_ CRED_PROTECTION_TYPE* ProtectionType
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredProtectA( CredProtectA(
__in BOOL fAsSelf, _In_ BOOL fAsSelf,
__in_ecount(cchCredentials) LPSTR pszCredentials, _In_reads_(cchCredentials) LPSTR pszCredentials,
__in DWORD cchCredentials, _In_ DWORD cchCredentials,
__out_ecount(*pcchMaxChars) LPSTR pszProtectedCredentials, _Out_writes_(*pcchMaxChars) LPSTR pszProtectedCredentials,
__inout DWORD* pcchMaxChars, _Inout_ DWORD* pcchMaxChars,
__out_opt CRED_PROTECTION_TYPE* ProtectionType _Out_opt_ CRED_PROTECTION_TYPE* ProtectionType
); );
#ifdef UNICODE #ifdef UNICODE
#define CredProtect CredProtectW #define CredProtect CredProtectW
#else #else
#define CredProtect CredProtectA #define CredProtect CredProtectA
#endif //UNICODE #endif //UNICODE
_Success_(return)
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredUnprotectW( CredUnprotectW(
__in BOOL fAsSelf, _In_ BOOL fAsSelf,
__in_ecount(cchProtectedCredentials) LPWSTR pszProtectedCredentials, _In_reads_(cchProtectedCredentials) LPWSTR pszProtectedCredentials,
__in DWORD cchProtectedCredentials, _In_ DWORD cchProtectedCredentials,
__out_ecount_opt(*pcchMaxChars) LPWSTR pszCredentials, _Out_writes_to_opt_(*pcchMaxChars, *pcchMaxChars) LPWSTR pszCredentials,
__inout DWORD* pcchMaxChars _Inout_ DWORD* pcchMaxChars
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredUnprotectA( CredUnprotectA(
__in BOOL fAsSelf, _In_ BOOL fAsSelf,
__in_ecount(cchProtectedCredentials) LPSTR pszProtectedCredentials, _In_reads_(cchProtectedCredentials) LPSTR pszProtectedCredentials,
__in DWORD cchProtectedCredentials, _In_ DWORD cchProtectedCredentials,
__out_ecount_opt(*pcchMaxChars) LPSTR pszCredentials, _Out_writes_opt_(*pcchMaxChars) LPSTR pszCredentials,
__inout DWORD* pcchMaxChars _Inout_ DWORD* pcchMaxChars
); );
#ifdef UNICODE #ifdef UNICODE
#define CredUnprotect CredUnprotectW #define CredUnprotect CredUnprotectW
#else #else
#define CredUnprotect CredUnprotectA #define CredUnprotect CredUnprotectA
#endif //UNICODE #endif //UNICODE
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredIsProtectedW( CredIsProtectedW(
__in LPWSTR pszProtectedCredentials, _In_ LPWSTR pszProtectedCredentials,
__out CRED_PROTECTION_TYPE* pProtectionType _Out_ CRED_PROTECTION_TYPE* pProtectionType
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredIsProtectedA( CredIsProtectedA(
__in LPSTR pszProtectedCredentials, _In_ LPSTR pszProtectedCredentials,
__out CRED_PROTECTION_TYPE* pProtectionType _Out_ CRED_PROTECTION_TYPE* pProtectionType
); );
#ifdef UNICODE #ifdef UNICODE
#define CredIsProtected CredIsProtectedW #define CredIsProtected CredIsProtectedW
#else #else
#define CredIsProtected CredIsProtectedA #define CredIsProtected CredIsProtectedA
#endif //UNICODE #endif //UNICODE
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredFindBestCredentialW ( CredFindBestCredentialW (
IN LPCWSTR TargetName, _In_ LPCWSTR TargetName,
IN DWORD Type, _In_ DWORD Type,
IN DWORD Flags, _In_ DWORD Flags,
OUT PCREDENTIALW *Credential _Out_ PCREDENTIALW *Credential
); );
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredFindBestCredentialA ( CredFindBestCredentialA (
IN LPCSTR TargetName, _In_ LPCSTR TargetName,
IN DWORD Type, _In_ DWORD Type,
IN DWORD Flags, _In_ DWORD Flags,
OUT PCREDENTIALA *Credential _Out_ PCREDENTIALA *Credential
); );
#ifdef UNICODE #ifdef UNICODE
#define CredFindBestCredential CredFindBestCredentialW #define CredFindBestCredential CredFindBestCredentialW
#else #else
#define CredFindBestCredential CredFindBestCredentialA #define CredFindBestCredential CredFindBestCredentialA
#endif // UNICODE #endif // UNICODE
WINADVAPI WINADVAPI
BOOL BOOL
WINAPI WINAPI
CredGetSessionTypes ( CredGetSessionTypes (
__in DWORD MaximumPersistCount, _In_ DWORD MaximumPersistCount,
__out LPDWORD MaximumPersist _Out_writes_(MaximumPersistCount) LPDWORD MaximumPersist
); );
WINADVAPI WINADVAPI
VOID VOID
WINAPI WINAPI
CredFree ( CredFree (
__in PVOID Buffer _In_ PVOID Buffer
); );
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUIPromptForCredentialsW( CredUIPromptForCredentialsW(
__in_opt PCREDUI_INFOW pUiInfo, _In_opt_ PCREDUI_INFOW pUiInfo,
__in_opt PCWSTR pszTargetName, _In_opt_ PCWSTR pszTargetName,
__reserved PCtxtHandle pContext, _Reserved_ PCtxtHandle pContext,
__in DWORD dwAuthError, _In_ DWORD dwAuthError,
__inout_ecount(ulUserNameBufferSize) PWSTR pszUserName, _Inout_updates_(ulUserNameBufferSize) PWSTR pszUserName,
__in ULONG ulUserNameBufferSize, _In_ ULONG ulUserNameBufferSize,
__inout_ecount(ulPasswordBufferSize) PWSTR pszPassword, _Inout_updates_(ulPasswordBufferSize) PWSTR pszPassword,
__in ULONG ulPasswordBufferSize, _In_ ULONG ulPasswordBufferSize,
__inout_opt BOOL *save, _Inout_opt_ BOOL *save,
__in DWORD dwFlags _In_ DWORD dwFlags
); );
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUIPromptForCredentialsA( CredUIPromptForCredentialsA(
__in_opt PCREDUI_INFOA pUiInfo, _In_opt_ PCREDUI_INFOA pUiInfo,
__in_opt PCSTR pszTargetName, _In_opt_ PCSTR pszTargetName,
__reserved PCtxtHandle pContext, _Reserved_ PCtxtHandle pContext,
__in DWORD dwAuthError, _In_ DWORD dwAuthError,
__inout_ecount(ulUserNameBufferSize) PSTR pszUserName, _Inout_updates_(ulUserNameBufferSize) PSTR pszUserName,
__in ULONG ulUserNameBufferSize, _In_ ULONG ulUserNameBufferSize,
__inout_ecount(ulPasswordBufferSize) PSTR pszPassword, _Inout_updates_(ulPasswordBufferSize) PSTR pszPassword,
__in ULONG ulPasswordBufferSize, _In_ ULONG ulPasswordBufferSize,
__inout_opt BOOL *save, _Inout_opt_ BOOL *save,
__in DWORD dwFlags _In_ DWORD dwFlags
); );
#ifdef UNICODE #ifdef UNICODE
#define CredUIPromptForCredentials CredUIPromptForCredentialsW #define CredUIPromptForCredentials CredUIPromptForCredentialsW
#else #else
#define CredUIPromptForCredentials CredUIPromptForCredentialsA #define CredUIPromptForCredentials CredUIPromptForCredentialsA
#endif #endif
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUIPromptForWindowsCredentialsW( CredUIPromptForWindowsCredentialsW(
__in_opt PCREDUI_INFOW pUiInfo, _In_opt_ PCREDUI_INFOW pUiInfo,
__in DWORD dwAuthError, _In_ DWORD dwAuthError,
__inout ULONG *pulAuthPackage, _Inout_ ULONG *pulAuthPackage,
__in_bcount_opt(ulInAuthBufferSize) LPCVOID pvInAuthBuffer, _In_reads_bytes_opt_(ulInAuthBufferSize) LPCVOID pvInAuthBuffer,
__in ULONG ulInAuthBufferSize, _In_ ULONG ulInAuthBufferSize,
__deref_out_bcount_full(*pulOutAuthBufferSize) LPVOID * ppvOutAuthBuffer, _Outptr_result_bytebuffer_to_(*pulOutAuthBufferSize, *pulOutAuthBufferSize)
__out ULONG * pulOutAuthBufferSize, LPVOID * ppvOutAuthBuffer,
__inout_opt BOOL *pfSave, _Out_ ULONG * pulOutAuthBufferSize,
__in DWORD dwFlags _Inout_opt_ BOOL *pfSave,
_In_ DWORD dwFlags
); );
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUIPromptForWindowsCredentialsA( CredUIPromptForWindowsCredentialsA(
__in_opt PCREDUI_INFOA pUiInfo, _In_opt_ PCREDUI_INFOA pUiInfo,
__in DWORD dwAuthError, _In_ DWORD dwAuthError,
__inout ULONG *pulAuthPackage, _Inout_ ULONG *pulAuthPackage,
__in_bcount_opt(ulInAuthBufferSize) LPCVOID pvInAuthBuffer, _In_reads_bytes_opt_(ulInAuthBufferSize) LPCVOID pvInAuthBuffer,
__in ULONG ulInAuthBufferSize, _In_ ULONG ulInAuthBufferSize,
__deref_out_bcount_full(*pulOutAuthBufferSize) LPVOID * ppvOutAuthBuffer, _Outptr_result_bytebuffer_to_(*pulOutAuthBufferSize, *pulOutAuthBufferSize)
__out ULONG * pulOutAuthBufferSize, LPVOID * ppvOutAuthBuffer,
__inout_opt BOOL *pfSave, _Out_ ULONG * pulOutAuthBufferSize,
__in DWORD dwFlags _Inout_opt_ BOOL *pfSave,
_In_ DWORD dwFlags
); );
#ifdef UNICODE #ifdef UNICODE
#define CredUIPromptForWindowsCredentials CredUIPromptForWindowsCredentialsW #define CredUIPromptForWindowsCredentials CredUIPromptForWindowsCredentialsW
#else #else
#define CredUIPromptForWindowsCredentials CredUIPromptForWindowsCredentialsA #define CredUIPromptForWindowsCredentials CredUIPromptForWindowsCredentialsA
#endif #endif
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUIParseUserNameW( CredUIParseUserNameW(
__in CONST WCHAR *UserName, _In_ PCWSTR UserName,
__out_ecount(userBufferSize) WCHAR *user, _Out_writes_(userBufferSize) WCHAR *user,
__in ULONG userBufferSize, _In_ ULONG userBufferSize,
__out_ecount(domainBufferSize) WCHAR *domain, _Out_writes_(domainBufferSize) WCHAR *domain,
__in ULONG domainBufferSize _In_ ULONG domainBufferSize
); );
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUIParseUserNameA( CredUIParseUserNameA(
__in CONST CHAR *userName, _In_ PCSTR userName,
__out_ecount(userBufferSize) CHAR *user, _Out_writes_(userBufferSize) CHAR *user,
__in ULONG userBufferSize, _In_ ULONG userBufferSize,
__out_ecount(domainBufferSize) CHAR *domain, _Out_writes_(domainBufferSize) CHAR *domain,
__in ULONG domainBufferSize _In_ ULONG domainBufferSize
); );
#ifdef UNICODE #ifdef UNICODE
#define CredUIParseUserName CredUIParseUserNameW #define CredUIParseUserName CredUIParseUserNameW
#else #else
#define CredUIParseUserName CredUIParseUserNameA #define CredUIParseUserName CredUIParseUserNameA
#endif #endif
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUICmdLinePromptForCredentialsW( CredUICmdLinePromptForCredentialsW(
__in_opt PCWSTR pszTargetName, _In_opt_ PCWSTR pszTargetName,
__reserved PCtxtHandle pContext, _Reserved_ PCtxtHandle pContext,
__in DWORD dwAuthError, _In_ DWORD dwAuthError,
__inout_ecount(ulUserBufferSize) PWSTR UserName, _Inout_updates_(ulUserBufferSize) PWSTR UserName,
__in ULONG ulUserBufferSize, _In_ ULONG ulUserBufferSize,
__inout_ecount(ulPasswordBufferSize) PWSTR pszPassword, _Inout_updates_(ulPasswordBufferSize) PWSTR pszPassword,
__in ULONG ulPasswordBufferSize, _In_ ULONG ulPasswordBufferSize,
__inout_opt PBOOL pfSave, _Inout_opt_ PBOOL pfSave,
__in DWORD dwFlags _In_ DWORD dwFlags
); );
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUICmdLinePromptForCredentialsA( CredUICmdLinePromptForCredentialsA(
__in_opt PCSTR pszTargetName, _In_opt_ PCSTR pszTargetName,
__reserved PCtxtHandle pContext, _Reserved_ PCtxtHandle pContext,
__in DWORD dwAuthError, _In_ DWORD dwAuthError,
__inout_ecount(ulUserBufferSize) PSTR UserName, _Inout_updates_(ulUserBufferSize) PSTR UserName,
__in ULONG ulUserBufferSize, _In_ ULONG ulUserBufferSize,
__inout_ecount(ulPasswordBufferSize) PSTR pszPassword, _Inout_updates_(ulPasswordBufferSize) PSTR pszPassword,
__in ULONG ulPasswordBufferSize, _In_ ULONG ulPasswordBufferSize,
__inout_opt PBOOL pfSave, _Inout_opt_ PBOOL pfSave,
__in DWORD dwFlags _In_ DWORD dwFlags
); );
#ifdef UNICODE #ifdef UNICODE
#define CredUICmdLinePromptForCredentials CredUICmdLinePromptForCredentialsW #define CredUICmdLinePromptForCredentials CredUICmdLinePromptForCredentialsW
#else #else
#define CredUICmdLinePromptForCredentials CredUICmdLinePromptForCredentialsA #define CredUICmdLinePromptForCredentials CredUICmdLinePromptForCredentialsA
#endif #endif
// //
// Call this API with bConfirm set to TRUE to confirm that the credential (previ ously created // Call this API with bConfirm set to TRUE to confirm that the credential (previ ously created
// via CredUIGetCredentials or CredUIPromptForCredentials worked, or with bConfi rm set to FALSE // via CredUIGetCredentials or CredUIPromptForCredentials worked, or with bConfi rm set to FALSE
// to indicate it didn't // to indicate it didn't
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUIConfirmCredentialsW( CredUIConfirmCredentialsW(
__in PCWSTR pszTargetName, _In_ PCWSTR pszTargetName,
__in BOOL bConfirm _In_ BOOL bConfirm
); );
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUIConfirmCredentialsA( CredUIConfirmCredentialsA(
__in PCSTR pszTargetName, _In_ PCSTR pszTargetName,
__in BOOL bConfirm _In_ BOOL bConfirm
); );
#ifdef UNICODE #ifdef UNICODE
#define CredUIConfirmCredentials CredUIConfirmCredentialsW #define CredUIConfirmCredentials CredUIConfirmCredentialsW
#else #else
#define CredUIConfirmCredentials CredUIConfirmCredentialsA #define CredUIConfirmCredentials CredUIConfirmCredentialsA
#endif #endif
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUIStoreSSOCredW ( CredUIStoreSSOCredW (
__in_opt PCWSTR pszRealm, _In_opt_ PCWSTR pszRealm,
__in PCWSTR pszUsername, _In_ PCWSTR pszUsername,
__in PCWSTR pszPassword, _In_ PCWSTR pszPassword,
__in BOOL bPersist _In_ BOOL bPersist
); );
CREDUIAPI CREDUIAPI
DWORD DWORD
WINAPI WINAPI
CredUIReadSSOCredW ( CredUIReadSSOCredW (
__in_opt PCWSTR pszRealm, _In_opt_ PCWSTR pszRealm,
__deref_out PWSTR* ppszUsername _Outptr_ PWSTR* ppszUsername
); );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion
#endif // _WINCRED_H_ #endif // _WINCRED_H_
 End of changes. 59 change blocks. 
213 lines changed or deleted 227 lines changed or added

This html diff was produced by rfcdiff 1.41.