/** * This file has no copyright assigned and is placed in the Public Domain. * This file is part of the mingw-w64 runtime package. * No warranty is given; refer to the file DISCLAIMER.PD within this package. */ #ifndef _NTSECPKG_ #define _NTSECPKG_ #ifdef __cplusplus extern "C" { #endif typedef PVOID *PLSA_CLIENT_REQUEST; typedef enum _LSA_TOKEN_INFORMATION_TYPE { LsaTokenInformationNull, LsaTokenInformationV1, LsaTokenInformationV2, LsaTokenInformationV3 } LSA_TOKEN_INFORMATION_TYPE,*PLSA_TOKEN_INFORMATION_TYPE; typedef struct _LSA_TOKEN_INFORMATION_NULL { LARGE_INTEGER ExpirationTime; PTOKEN_GROUPS Groups; } LSA_TOKEN_INFORMATION_NULL,*PLSA_TOKEN_INFORMATION_NULL; typedef struct _LSA_TOKEN_INFORMATION_V1 { LARGE_INTEGER ExpirationTime; TOKEN_USER User; PTOKEN_GROUPS Groups; TOKEN_PRIMARY_GROUP PrimaryGroup; PTOKEN_PRIVILEGES Privileges; TOKEN_OWNER Owner; TOKEN_DEFAULT_DACL DefaultDacl; } LSA_TOKEN_INFORMATION_V1,*PLSA_TOKEN_INFORMATION_V1; typedef LSA_TOKEN_INFORMATION_V1 LSA_TOKEN_INFORMATION_V2,*PLSA_TOKEN_INFORMATION_V2; typedef struct _LSA_TOKEN_INFORMATION_V3 { LARGE_INTEGER ExpirationTime; TOKEN_USER User; PTOKEN_GROUPS Groups; TOKEN_PRIMARY_GROUP PrimaryGroup; PTOKEN_PRIVILEGES Privileges; TOKEN_OWNER Owner; TOKEN_DEFAULT_DACL DefaultDacl; TOKEN_USER_CLAIMS UserClaims; TOKEN_DEVICE_CLAIMS DeviceClaims; PTOKEN_GROUPS DeviceGroups; } LSA_TOKEN_INFORMATION_V3, *PLSA_TOKEN_INFORMATION_V3; typedef NTSTATUS (NTAPI LSA_CREATE_LOGON_SESSION)(PLUID LogonId); typedef NTSTATUS (NTAPI LSA_DELETE_LOGON_SESSION)(PLUID LogonId); typedef NTSTATUS (NTAPI LSA_ADD_CREDENTIAL)(PLUID LogonId,ULONG AuthenticationPackage,PLSA_STRING PrimaryKeyValue,PLSA_STRING Credentials); typedef NTSTATUS (NTAPI LSA_GET_CREDENTIALS)(PLUID LogonId,ULONG AuthenticationPackage,PULONG QueryContext,BOOLEAN RetrieveAllCredentials,PLSA_STRING PrimaryKeyValue,PULONG PrimaryKeyLength,PLSA_STRING Credentials); typedef NTSTATUS (NTAPI LSA_DELETE_CREDENTIAL)(PLUID LogonId,ULONG AuthenticationPackage,PLSA_STRING PrimaryKeyValue); typedef PVOID (NTAPI LSA_ALLOCATE_LSA_HEAP)(ULONG Length); typedef VOID (NTAPI LSA_FREE_LSA_HEAP)(PVOID Base); typedef PVOID (NTAPI LSA_ALLOCATE_PRIVATE_HEAP)(SIZE_T Length); typedef VOID (NTAPI LSA_FREE_PRIVATE_HEAP)(PVOID Base); typedef NTSTATUS (NTAPI LSA_ALLOCATE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST ClientRequest,ULONG LengthRequired,PVOID *ClientBaseAddress); typedef NTSTATUS (NTAPI LSA_FREE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST ClientRequest,PVOID ClientBaseAddress); typedef NTSTATUS (NTAPI LSA_COPY_TO_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST ClientRequest,ULONG Length,PVOID ClientBaseAddress,PVOID BufferToCopy); typedef NTSTATUS (NTAPI LSA_COPY_FROM_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST ClientRequest,ULONG Length,PVOID BufferToCopy,PVOID ClientBaseAddress); typedef LSA_CREATE_LOGON_SESSION *PLSA_CREATE_LOGON_SESSION; typedef LSA_DELETE_LOGON_SESSION *PLSA_DELETE_LOGON_SESSION; typedef LSA_ADD_CREDENTIAL *PLSA_ADD_CREDENTIAL; typedef LSA_GET_CREDENTIALS *PLSA_GET_CREDENTIALS; typedef LSA_DELETE_CREDENTIAL *PLSA_DELETE_CREDENTIAL; typedef LSA_ALLOCATE_LSA_HEAP *PLSA_ALLOCATE_LSA_HEAP; typedef LSA_FREE_LSA_HEAP *PLSA_FREE_LSA_HEAP; typedef LSA_ALLOCATE_PRIVATE_HEAP *PLSA_ALLOCATE_PRIVATE_HEAP; typedef LSA_FREE_PRIVATE_HEAP *PLSA_FREE_PRIVATE_HEAP; typedef LSA_ALLOCATE_CLIENT_BUFFER *PLSA_ALLOCATE_CLIENT_BUFFER; typedef LSA_FREE_CLIENT_BUFFER *PLSA_FREE_CLIENT_BUFFER; typedef LSA_COPY_TO_CLIENT_BUFFER *PLSA_COPY_TO_CLIENT_BUFFER; typedef LSA_COPY_FROM_CLIENT_BUFFER *PLSA_COPY_FROM_CLIENT_BUFFER; typedef struct _LSA_DISPATCH_TABLE { PLSA_CREATE_LOGON_SESSION CreateLogonSession; PLSA_DELETE_LOGON_SESSION DeleteLogonSession; PLSA_ADD_CREDENTIAL AddCredential; PLSA_GET_CREDENTIALS GetCredentials; PLSA_DELETE_CREDENTIAL DeleteCredential; PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap; PLSA_FREE_LSA_HEAP FreeLsaHeap; PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer; PLSA_FREE_CLIENT_BUFFER FreeClientBuffer; PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer; PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer; } LSA_DISPATCH_TABLE,*PLSA_DISPATCH_TABLE; #define LSA_AP_NAME_INITIALIZE_PACKAGE "LsaApInitializePackage\0" #define LSA_AP_NAME_LOGON_USER "LsaApLogonUser\0" #define LSA_AP_NAME_LOGON_USER_EX "LsaApLogonUserEx\0" #define LSA_AP_NAME_CALL_PACKAGE "LsaApCallPackage\0" #define LSA_AP_NAME_LOGON_TERMINATED "LsaApLogonTerminated\0" #define LSA_AP_NAME_CALL_PACKAGE_UNTRUSTED "LsaApCallPackageUntrusted\0" #define LSA_AP_NAME_CALL_PACKAGE_PASSTHROUGH "LsaApCallPackagePassthrough\0" typedef NTSTATUS (NTAPI LSA_AP_INITIALIZE_PACKAGE)(ULONG AuthenticationPackageId,PLSA_DISPATCH_TABLE LsaDispatchTable,PLSA_STRING Database,PLSA_STRING Confidentiality,PLSA_STRING *AuthenticationPackageName); typedef NTSTATUS (NTAPI LSA_AP_LOGON_USER)(PLSA_CLIENT_REQUEST ClientRequest,SECURITY_LOGON_TYPE LogonType,PVOID AuthenticationInformation,PVOID ClientAuthenticationBase,ULONG AuthenticationInformationLength,PVOID *ProfileBuffer,PULONG ProfileBufferLength,PLUID LogonId,PNTSTATUS SubStatus,PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,PVOID *TokenInformation,PLSA_UNICODE_STRING *AccountName,PLSA_UNICODE_STRING *AuthenticatingAuthority); typedef NTSTATUS (NTAPI LSA_AP_LOGON_USER_EX)(PLSA_CLIENT_REQUEST ClientRequest,SECURITY_LOGON_TYPE LogonType,PVOID AuthenticationInformation,PVOID ClientAuthenticationBase,ULONG AuthenticationInformationLength,PVOID *ProfileBuffer,PULONG ProfileBufferLength,PLUID LogonId,PNTSTATUS SubStatus,PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,PVOID *TokenInformation,PUNICODE_STRING *AccountName,PUNICODE_STRING *AuthenticatingAuthority,PUNICODE_STRING *MachineName); typedef NTSTATUS (NTAPI LSA_AP_CALL_PACKAGE)(PLSA_CLIENT_REQUEST ClientRequest,PVOID ProtocolSubmitBuffer,PVOID ClientBufferBase,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus); typedef NTSTATUS (NTAPI LSA_AP_CALL_PACKAGE_PASSTHROUGH)(PLSA_CLIENT_REQUEST ClientRequest,PVOID ProtocolSubmitBuffer,PVOID ClientBufferBase,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus); typedef VOID (NTAPI LSA_AP_LOGON_TERMINATED)(PLUID LogonId); typedef LSA_AP_CALL_PACKAGE LSA_AP_CALL_PACKAGE_UNTRUSTED; typedef LSA_AP_INITIALIZE_PACKAGE *PLSA_AP_INITIALIZE_PACKAGE; typedef LSA_AP_LOGON_USER *PLSA_AP_LOGON_USER; typedef LSA_AP_LOGON_USER_EX *PLSA_AP_LOGON_USER_EX; typedef LSA_AP_CALL_PACKAGE *PLSA_AP_CALL_PACKAGE; typedef LSA_AP_CALL_PACKAGE_PASSTHROUGH *PLSA_AP_CALL_PACKAGE_PASSTHROUGH; typedef LSA_AP_LOGON_TERMINATED *PLSA_AP_LOGON_TERMINATED; typedef LSA_AP_CALL_PACKAGE_UNTRUSTED *PLSA_AP_CALL_PACKAGE_UNTRUSTED; #ifndef _SAM_CREDENTIAL_UPDATE_DEFINED #define _SAM_CREDENTIAL_UPDATE_DEFINED typedef NTSTATUS (*PSAM_CREDENTIAL_UPDATE_NOTIFY_ROUTINE)(PUNICODE_STRING ClearPassword,PVOID OldCredentials,ULONG OldCredentialSize,ULONG UserAccountControl,PUNICODE_STRING UPN,PUNICODE_STRING UserName,PUNICODE_STRING NetbiosDomainName,PUNICODE_STRING DnsDomainName,PVOID *NewCredentials,ULONG *NewCredentialSize); #define SAM_CREDENTIAL_UPDATE_NOTIFY_ROUTINE "CredentialUpdateNotify" typedef BOOLEAN (*PSAM_CREDENTIAL_UPDATE_REGISTER_ROUTINE)(PUNICODE_STRING CredentialName); #define SAM_CREDENTIAL_UPDATE_REGISTER_ROUTINE "CredentialUpdateRegister" typedef VOID (*PSAM_CREDENTIAL_UPDATE_FREE_ROUTINE)(PVOID p); #define SAM_CREDENTIAL_UPDATE_FREE_ROUTINE "CredentialUpdateFree" typedef struct { PSTR Original; PSTR Mapped; BOOLEAN Continuable; } SAM_REGISTER_MAPPING_ELEMENT, *PSAM_REGISTER_MAPPING_ELEMENT; typedef struct { ULONG Count; PSAM_REGISTER_MAPPING_ELEMENT Elements; } SAM_REGISTER_MAPPING_LIST, *PSAM_REGISTER_MAPPING_LIST; typedef struct { ULONG Count; PSAM_REGISTER_MAPPING_LIST Lists; } SAM_REGISTER_MAPPING_TABLE, *PSAM_REGISTER_MAPPING_TABLE; typedef NTSTATUS (*PSAM_CREDENTIAL_UPDATE_REGISTER_MAPPED_ENTRYPOINTS_ROUTINE)(SAM_REGISTER_MAPPING_TABLE *Table); #define SAM_CREDENTIAL_UPDATE_REGISTER_MAPPED_ENTRYPOINTS_ROUTINE "RegisterMappedEntrypoints" #endif /* _SAM_CREDENTIAL_UPDATE_DEFINED */ #ifdef SECURITY_KERNEL typedef PVOID SEC_THREAD_START; typedef PVOID SEC_ATTRS; #else typedef LPTHREAD_START_ROUTINE SEC_THREAD_START; typedef LPSECURITY_ATTRIBUTES SEC_ATTRS; #endif #define SecEqualLuid(L1,L2) ((((PLUID)L1)->LowPart==((PLUID)L2)->LowPart) && (((PLUID)L1)->HighPart==((PLUID)L2)->HighPart)) #define SecIsZeroLuid(L1) ((L1->LowPart | L1->HighPart)==0) typedef struct _SECPKG_CLIENT_INFO { LUID LogonId; ULONG ProcessID; ULONG ThreadID; BOOLEAN HasTcbPrivilege; BOOLEAN Impersonating; BOOLEAN Restricted; UCHAR ClientFlags; SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; HANDLE ClientToken; } SECPKG_CLIENT_INFO,*PSECPKG_CLIENT_INFO; typedef struct _SECPKG_CLIENT_INFO_EX { LUID LogonId; ULONG ProcessID; ULONG ThreadID; BOOLEAN HasTcbPrivilege; BOOLEAN Impersonating; BOOLEAN Restricted; UCHAR ClientFlags; SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; HANDLE ClientToken; LUID IdentificationLogonId; HANDLE IdentificationToken; } SECPKG_CLIENT_INFO_EX, *PSECPKG_CLIENT_INFO_EX; #define SECPKG_CLIENT_PROCESS_TERMINATED 0x01 #define SECPKG_CLIENT_THREAD_TERMINATED 0x02 typedef struct _SECPKG_CALL_INFO { ULONG ProcessId; ULONG ThreadId; ULONG Attributes; ULONG CallCount; PVOID MechOid; } SECPKG_CALL_INFO,*PSECPKG_CALL_INFO; #define SECPKG_CALL_KERNEL_MODE 0x00000001 #define SECPKG_CALL_ANSI 0x00000002 #define SECPKG_CALL_URGENT 0x00000004 #define SECPKG_CALL_RECURSIVE 0x00000008 #define SECPKG_CALL_IN_PROC 0x00000010 #define SECPKG_CALL_CLEANUP 0x00000020 #define SECPKG_CALL_WOWCLIENT 0x00000040 #define SECPKG_CALL_THREAD_TERM 0x00000080 #define SECPKG_CALL_PROCESS_TERM 0x00000100 #define SECPKG_CALL_IS_TCB 0x00000200 #define SECPKG_CALL_NETWORK_ONLY 0x00000400 #define SECPKG_CALL_WINLOGON 0x00000800 #define SECPKG_CALL_ASYNC_UPDATE 0x00001000 #define SECPKG_CALL_SYSTEM_PROC 0x00002000 #define SECPKG_CALL_NEGO 0x00004000 #define SECPKG_CALL_NEGO_EXTENDER 0x00008000 #define SECPKG_CALL_BUFFER_MARSHAL 0x00010000 #define SECPKG_CALL_UNLOCK 0x00020000 #define SECPKG_CALL_CLOUDAP_CONNECT 0x00040000 #define SECPKG_CALL_WOWX86 0x00000040 #define SECPKG_CALL_WOWA32 0x00040000 typedef struct _SECPKG_SUPPLEMENTAL_CRED { UNICODE_STRING PackageName; ULONG CredentialSize; PUCHAR Credentials; } SECPKG_SUPPLEMENTAL_CRED,*PSECPKG_SUPPLEMENTAL_CRED; typedef struct _SECPKG_BYTE_VECTOR { ULONG ByteArrayOffset; USHORT ByteArrayLength; } SECPKG_BYTE_VECTOR, *PSECPKG_BYTE_VECTOR; typedef struct _SECPKG_SHORT_VECTOR { ULONG ShortArrayOffset; USHORT ShortArrayCount; } SECPKG_SHORT_VECTOR, *PSECPKG_SHORT_VECTOR; typedef struct _SECPKG_SUPPLIED_CREDENTIAL { USHORT cbHeaderLength; USHORT cbStructureLength; SECPKG_SHORT_VECTOR UserName; SECPKG_SHORT_VECTOR DomainName; SECPKG_BYTE_VECTOR PackedCredentials; ULONG CredFlags; } SECPKG_SUPPLIED_CREDENTIAL, *PSECPKG_SUPPLIED_CREDENTIAL; #define SECPKG_CREDENTIAL_VERSION 201 #define SECPKG_CREDENTIAL_FLAGS_CALLER_HAS_TCB 0x1 #define SECPKG_CREDENTIAL_FLAGS_CREDMAN_CRED 0x2 typedef struct _SECPKG_CREDENTIAL { ULONG64 Version; USHORT cbHeaderLength; ULONG cbStructureLength; ULONG ClientProcess; ULONG ClientThread; LUID LogonId; HANDLE ClientToken; ULONG SessionId; LUID ModifiedId; ULONG fCredentials; ULONG Flags; SECPKG_BYTE_VECTOR PrincipalName; SECPKG_BYTE_VECTOR PackageList; SECPKG_BYTE_VECTOR MarshaledSuppliedCreds; } SECPKG_CREDENTIAL, *PSECPKG_CREDENTIAL; typedef ULONG_PTR LSA_SEC_HANDLE; typedef LSA_SEC_HANDLE *PLSA_SEC_HANDLE; typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY { ULONG CredentialCount; SECPKG_SUPPLEMENTAL_CRED Credentials[1]; } SECPKG_SUPPLEMENTAL_CRED_ARRAY,*PSECPKG_SUPPLEMENTAL_CRED_ARRAY; typedef struct _SECPKG_SURROGATE_LOGON_ENTRY { GUID Type; PVOID Data; } SECPKG_SURROGATE_LOGON_ENTRY, *PSECPKG_SURROGATE_LOGON_ENTRY; typedef struct _SECPKG_SURROGATE_LOGON { ULONG Version; LUID SurrogateLogonID; ULONG EntryCount; PSECPKG_SURROGATE_LOGON_ENTRY Entries; } SECPKG_SURROGATE_LOGON, *PSECPKG_SURROGATE_LOGON; #define SECPKG_SURROGATE_LOGON_VERSION_1 1 #define SECBUFFER_UNMAPPED 0x40000000 #define SECBUFFER_KERNEL_MAP 0x20000000 typedef NTSTATUS (NTAPI LSA_CALLBACK_FUNCTION)(ULONG_PTR Argument1,ULONG_PTR Argument2,PSecBuffer InputBuffer,PSecBuffer OutputBuffer); typedef LSA_CALLBACK_FUNCTION *PLSA_CALLBACK_FUNCTION; #define PRIMARY_CRED_CLEAR_PASSWORD 0x00000001 #define PRIMARY_CRED_OWF_PASSWORD 0x00000002 #define PRIMARY_CRED_UPDATE 0x00000004 #define PRIMARY_CRED_CACHED_LOGON 0x00000008 #define PRIMARY_CRED_LOGON_NO_TCB 0x00000010 #define PRIMARY_CRED_LOGON_LUA 0x00000020 #define PRIMARY_CRED_INTERACTIVE_SMARTCARD_LOGON 0x00000040 #define PRIMARY_CRED_REFRESH_NEEDED 0x00000080 #define PRIMARY_CRED_INTERNET_USER 0x00000100 #define PRIMARY_CRED_AUTH_ID 0x00000200 #define PRIMARY_CRED_DO_NOT_SPLIT 0x00000400 #define PRIMARY_CRED_PROTECTED_USER 0x00000800 #define PRIMARY_CRED_EX 0x00001000 #define PRIMARY_CRED_TRANSFER 0x00002000 #define PRIMARY_CRED_RESTRICTED_TS 0x00004000 #define PRIMARY_CRED_PACKED_CREDS 0x00008000 #define PRIMARY_CRED_ENTERPRISE_INTERNET_USER 0x00010000 #define PRIMARY_CRED_ENCRYPTED_CREDGUARD_PASSWORD 0x00020000 #define PRIMARY_CRED_CACHED_INTERACTIVE_LOGON 0x00040000 #define PRIMARY_CRED_INTERACTIVE_NGC_LOGON 0x00080000 #define PRIMARY_CRED_INTERACTIVE_FIDO_LOGON 0x00100000 #define PRIMARY_CRED_ARSO_LOGON 0x00200000 #define PRIMARY_CRED_SUPPLEMENTAL 0x00400000 #define PRIMARY_CRED_LOGON_PACKAGE_SHIFT 24 #define PRIMARY_CRED_PACKAGE_MASK 0xff000000 typedef struct _SECPKG_PRIMARY_CRED { LUID LogonId; UNICODE_STRING DownlevelName; UNICODE_STRING DomainName; UNICODE_STRING Password; UNICODE_STRING OldPassword; PSID UserSid; ULONG Flags; UNICODE_STRING DnsDomainName; UNICODE_STRING Upn; UNICODE_STRING LogonServer; UNICODE_STRING Spare1; UNICODE_STRING Spare2; UNICODE_STRING Spare3; UNICODE_STRING Spare4; } SECPKG_PRIMARY_CRED,*PSECPKG_PRIMARY_CRED; #define SECPKG_PRIMARY_CRED_EX_FLAGS_EX_DELEGATION_TOKEN 0x1 typedef struct _SECPKG_PRIMARY_CRED_EX { LUID LogonId; UNICODE_STRING DownlevelName; UNICODE_STRING DomainName; UNICODE_STRING Password; UNICODE_STRING OldPassword; PSID UserSid; ULONG Flags; UNICODE_STRING DnsDomainName; UNICODE_STRING Upn; UNICODE_STRING LogonServer; UNICODE_STRING Spare1; UNICODE_STRING Spare2; UNICODE_STRING Spare3; UNICODE_STRING Spare4; ULONG_PTR PackageId; LUID PrevLogonId; ULONG FlagsEx; } SECPKG_PRIMARY_CRED_EX, *PSECPKG_PRIMARY_CRED_EX; #define MAX_CRED_SIZE 1024 #define SECPKG_STATE_ENCRYPTION_PERMITTED 0x01 #define SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED 0x02 #define SECPKG_STATE_DOMAIN_CONTROLLER 0x04 #define SECPKG_STATE_WORKSTATION 0x08 #define SECPKG_STATE_STANDALONE 0x10 #define SECPKG_STATE_CRED_ISOLATION_ENABLED 0x20 #define SECPKG_STATE_RESERVED_1 0x80000000 typedef struct _SECPKG_PARAMETERS { ULONG Version; ULONG MachineState; ULONG SetupMode; PSID DomainSid; UNICODE_STRING DomainName; UNICODE_STRING DnsDomainName; GUID DomainGuid; } SECPKG_PARAMETERS,*PSECPKG_PARAMETERS; typedef enum _SECPKG_EXTENDED_INFORMATION_CLASS { SecpkgGssInfo = 1, SecpkgContextThunks, SecpkgMutualAuthLevel, SecpkgWowClientDll, SecpkgExtraOids, SecpkgMaxInfo, SecpkgNego2Info } SECPKG_EXTENDED_INFORMATION_CLASS; typedef struct _SECPKG_GSS_INFO { ULONG EncodedIdLength; UCHAR EncodedId[4]; } SECPKG_GSS_INFO,*PSECPKG_GSS_INFO; typedef struct _SECPKG_CONTEXT_THUNKS { ULONG InfoLevelCount; ULONG Levels[1]; } SECPKG_CONTEXT_THUNKS,*PSECPKG_CONTEXT_THUNKS; typedef struct _SECPKG_MUTUAL_AUTH_LEVEL { ULONG MutualAuthLevel; } SECPKG_MUTUAL_AUTH_LEVEL,*PSECPKG_MUTUAL_AUTH_LEVEL; typedef struct _SECPKG_WOW_CLIENT_DLL { SECURITY_STRING WowClientDllPath; } SECPKG_WOW_CLIENT_DLL,*PSECPKG_WOW_CLIENT_DLL; #define SECPKG_MAX_OID_LENGTH 32 typedef struct _SECPKG_SERIALIZED_OID { ULONG OidLength; ULONG OidAttributes; UCHAR OidValue[SECPKG_MAX_OID_LENGTH ]; } SECPKG_SERIALIZED_OID,*PSECPKG_SERIALIZED_OID; typedef struct _SECPKG_EXTRA_OIDS { ULONG OidCount; SECPKG_SERIALIZED_OID Oids[1 ]; } SECPKG_EXTRA_OIDS,*PSECPKG_EXTRA_OIDS; typedef struct _SECPKG_NEGO2_INFO { UCHAR AuthScheme[16]; ULONG PackageFlags; } SECPKG_NEGO2_INFO, *PSECPKG_NEGO2_INFO; typedef struct _SECPKG_EXTENDED_INFORMATION { SECPKG_EXTENDED_INFORMATION_CLASS Class; union { SECPKG_GSS_INFO GssInfo; SECPKG_CONTEXT_THUNKS ContextThunks; SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel; SECPKG_WOW_CLIENT_DLL WowClientDll; SECPKG_EXTRA_OIDS ExtraOids; SECPKG_NEGO2_INFO Nego2Info; } Info; } SECPKG_EXTENDED_INFORMATION,*PSECPKG_EXTENDED_INFORMATION; typedef struct _SECPKG_TARGETINFO { PSID DomainSid; PCWSTR ComputerName; } SECPKG_TARGETINFO, *PSECPKG_TARGETINFO; #define SECPKG_MSVAV_FLAGS_VALID 0x01 #define SECPKG_MSVAV_TIMESTAMP_VALID 0x02 typedef struct _SECPKG_NTLM_TARGETINFO { ULONG Flags; LPWSTR MsvAvNbComputerName; LPWSTR MsvAvNbDomainName; LPWSTR MsvAvDnsComputerName; LPWSTR MsvAvDnsDomainName; LPWSTR MsvAvDnsTreeName; ULONG MsvAvFlags; FILETIME MsvAvTimestamp; LPWSTR MsvAvTargetName; } SECPKG_NTLM_TARGETINFO, *PSECPKG_NTLM_TARGETINFO; #define SECPKG_ATTR_SASL_CONTEXT 0x00010000 typedef struct _SecPkgContext_SaslContext { PVOID SaslContext; } SecPkgContext_SaslContext,*PSecPkgContext_SaslContext; #define SECPKG_ATTR_THUNK_ALL 0x00010000 #ifndef SECURITY_USER_DATA_DEFINED #define SECURITY_USER_DATA_DEFINED typedef struct _SECURITY_USER_DATA { SECURITY_STRING UserName; SECURITY_STRING LogonDomainName; SECURITY_STRING LogonServer; PSID pSid; } SECURITY_USER_DATA,*PSECURITY_USER_DATA; typedef SECURITY_USER_DATA SecurityUserData,*PSecurityUserData; #define UNDERSTANDS_LONG_NAMES 1 #define NO_LONG_NAMES 2 #endif #define SECPKG_ALL_PACKAGES ((ULONG) -2) typedef enum _SECPKG_CALL_PACKAGE_MESSAGE_TYPE { SecPkgCallPackageMinMessage = 1024, SecPkgCallPackagePinDcMessage = SecPkgCallPackageMinMessage, SecPkgCallPackageUnpinAllDcsMessage, SecPkgCallPackageTransferCredMessage, SecPkgCallPackageMaxMessage = SecPkgCallPackageTransferCredMessage } SECPKG_CALL_PACKAGE_MESSAGE_TYPE, *PSECPKG_CALL_PACKAGE_MESSAGE_TYPE; typedef struct _SECPKG_CALL_PACKAGE_PIN_DC_REQUEST { ULONG MessageType; ULONG Flags; UNICODE_STRING DomainName; UNICODE_STRING DcName; ULONG DcFlags; } SECPKG_CALL_PACKAGE_PIN_DC_REQUEST, *PSECPKG_CALL_PACKAGE_PIN_DC_REQUEST; typedef struct _SECPKG_CALL_PACKAGE_UNPIN_ALL_DCS_REQUEST { ULONG MessageType; ULONG Flags; } SECPKG_CALL_PACKAGE_UNPIN_ALL_DCS_REQUEST, *PSECPKG_CALL_PACKAGE_UNPIN_ALL_DCS_REQUEST; #define SECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST_FLAG_OPTIMISTIC_LOGON 0x1 #define SECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST_FLAG_CLEANUP_CREDENTIALS 0x2 #define SECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST_FLAG_TO_SSO_SESSION 0x4 typedef struct _SECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST { ULONG MessageType; LUID OriginLogonId; LUID DestinationLogonId; ULONG Flags; } SECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST, *PSECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST; typedef NTSTATUS (NTAPI LSA_REDIRECTED_LOGON_INIT)(HANDLE RedirectedLogonHandle, const UNICODE_STRING *PackageName, ULONG SessionId, const LUID *LogonId); typedef NTSTATUS (NTAPI LSA_REDIRECTED_LOGON_CALLBACK)(HANDLE RedirectedLogonHandle, PVOID Buffer, ULONG BufferLength, PVOID *ReturnBuffer, ULONG *ReturnBufferLength); typedef VOID (NTAPI LSA_REDIRECTED_LOGON_CLEANUP_CALLBACK)(HANDLE RedirectedLogonHandle); typedef NTSTATUS (NTAPI LSA_REDIRECTED_LOGON_GET_LOGON_CREDS)(HANDLE RedirectedLogonHandle, PBYTE *LogonBuffer, PULONG LogonBufferLength); typedef NTSTATUS (NTAPI LSA_REDIRECTED_LOGON_GET_SUPP_CREDS)(HANDLE RedirectedLogonHandle, PSECPKG_SUPPLEMENTAL_CRED_ARRAY* SupplementalCredentials); typedef NTSTATUS (NTAPI LSA_REDIRECTED_LOGON_GET_SID)(HANDLE RedirectedLogonHandle, PSID *Sid); typedef LSA_REDIRECTED_LOGON_INIT *PLSA_REDIRECTED_LOGON_INIT; typedef LSA_REDIRECTED_LOGON_CALLBACK *PLSA_REDIRECTED_LOGON_CALLBACK; typedef LSA_REDIRECTED_LOGON_GET_LOGON_CREDS *PLSA_REDIRECTED_LOGON_GET_LOGON_CREDS; typedef LSA_REDIRECTED_LOGON_GET_SUPP_CREDS *PLSA_REDIRECTED_LOGON_GET_SUPP_CREDS; typedef LSA_REDIRECTED_LOGON_CLEANUP_CALLBACK *PLSA_REDIRECTED_LOGON_CLEANUP_CALLBACK; typedef LSA_REDIRECTED_LOGON_GET_SID *PLSA_REDIRECTED_LOGON_GET_SID; #define SECPKG_REDIRECTED_LOGON_GUID_INITIALIZER { 0xc2be5457, 0x82eb, 0x483e, { 0xae, 0x4e, 0x74, 0x68, 0xef, 0x14, 0xd5, 0x9 } } typedef struct _SECPKG_REDIRECTED_LOGON_BUFFER { GUID RedirectedLogonGuid; HANDLE RedirectedLogonHandle; PLSA_REDIRECTED_LOGON_INIT Init; PLSA_REDIRECTED_LOGON_CALLBACK Callback; PLSA_REDIRECTED_LOGON_CLEANUP_CALLBACK CleanupCallback; PLSA_REDIRECTED_LOGON_GET_LOGON_CREDS GetLogonCreds; PLSA_REDIRECTED_LOGON_GET_SUPP_CREDS GetSupplementalCreds; PLSA_REDIRECTED_LOGON_GET_SID GetRedirectedLogonSid; } SECPKG_REDIRECTED_LOGON_BUFFER, *PSECPKG_REDIRECTED_LOGON_BUFFER; typedef struct _SECPKG_POST_LOGON_USER_INFO { ULONG Flags; LUID LogonId; LUID LinkedLogonId; } SECPKG_POST_LOGON_USER_INFO, *PSECPKG_POST_LOGON_USER_INFO; typedef NTSTATUS (NTAPI LSA_IMPERSONATE_CLIENT)(VOID); typedef NTSTATUS (NTAPI LSA_UNLOAD_PACKAGE)(VOID); typedef NTSTATUS (NTAPI LSA_DUPLICATE_HANDLE)(HANDLE SourceHandle,PHANDLE DestionationHandle); typedef NTSTATUS (NTAPI LSA_SAVE_SUPPLEMENTAL_CREDENTIALS)(PLUID LogonId,ULONG SupplementalCredSize,PVOID SupplementalCreds,BOOLEAN Synchronous); typedef HANDLE (NTAPI LSA_CREATE_THREAD)(SEC_ATTRS SecurityAttributes,ULONG StackSize,SEC_THREAD_START StartFunction,PVOID ThreadParameter,ULONG CreationFlags,PULONG ThreadId); typedef NTSTATUS (NTAPI LSA_GET_CLIENT_INFO)(PSECPKG_CLIENT_INFO ClientInfo); typedef NTSTATUS (NTAPI LSA_GET_CLIENT_INFO_EX)(PSECPKG_CLIENT_INFO_EX ClientInfo, ULONG StructSize); typedef HANDLE (NTAPI LSA_REGISTER_NOTIFICATION)(SEC_THREAD_START StartFunction,PVOID Parameter,ULONG NotificationType,ULONG NotificationClass,ULONG NotificationFlags,ULONG IntervalMinutes,HANDLE WaitEvent); typedef NTSTATUS (NTAPI LSA_CANCEL_NOTIFICATION)(HANDLE NotifyHandle); typedef NTSTATUS (NTAPI LSA_MAP_BUFFER)(PSecBuffer InputBuffer,PSecBuffer OutputBuffer); typedef NTSTATUS (NTAPI LSA_CREATE_TOKEN)(PLUID LogonId,PTOKEN_SOURCE TokenSource,SECURITY_LOGON_TYPE LogonType,SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,LSA_TOKEN_INFORMATION_TYPE TokenInformationType,PVOID TokenInformation,PTOKEN_GROUPS TokenGroups,PUNICODE_STRING AccountName,PUNICODE_STRING AuthorityName,PUNICODE_STRING Workstation,PUNICODE_STRING ProfilePath,PHANDLE Token,PNTSTATUS SubStatus); typedef enum _SECPKG_SESSIONINFO_TYPE { SecSessionPrimaryCred } SECPKG_SESSIONINFO_TYPE; typedef NTSTATUS (NTAPI LSA_CREATE_TOKEN_EX)(PLUID LogonId,PTOKEN_SOURCE TokenSource,SECURITY_LOGON_TYPE LogonType,SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,LSA_TOKEN_INFORMATION_TYPE TokenInformationType,PVOID TokenInformation,PTOKEN_GROUPS TokenGroups,PUNICODE_STRING Workstation,PUNICODE_STRING ProfilePath,PVOID SessionInformation,SECPKG_SESSIONINFO_TYPE SessionInformationType,PHANDLE Token,PNTSTATUS SubStatus); typedef VOID (NTAPI LSA_AUDIT_LOGON)(NTSTATUS Status,NTSTATUS SubStatus,PUNICODE_STRING AccountName,PUNICODE_STRING AuthenticatingAuthority,PUNICODE_STRING WorkstationName,PSID UserSid,SECURITY_LOGON_TYPE LogonType,PTOKEN_SOURCE TokenSource,PLUID LogonId); typedef NTSTATUS (NTAPI LSA_CALL_PACKAGE)(PUNICODE_STRING AuthenticationPackage,PVOID ProtocolSubmitBuffer,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus); typedef NTSTATUS (NTAPI LSA_CALL_PACKAGEEX)(PUNICODE_STRING AuthenticationPackage,PVOID ClientBufferBase,PVOID ProtocolSubmitBuffer,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus); typedef NTSTATUS (NTAPI LSA_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING AuthenticationPackage,PVOID ClientBufferBase,PVOID ProtocolSubmitBuffer,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus); typedef BOOLEAN (NTAPI LSA_GET_CALL_INFO)(PSECPKG_CALL_INFO Info); typedef PVOID (NTAPI LSA_CREATE_SHARED_MEMORY)(ULONG MaxSize,ULONG InitialSize); typedef PVOID (NTAPI LSA_ALLOCATE_SHARED_MEMORY)(PVOID SharedMem,ULONG Size); typedef VOID (NTAPI LSA_FREE_SHARED_MEMORY)(PVOID SharedMem,PVOID Memory); typedef BOOLEAN (NTAPI LSA_DELETE_SHARED_MEMORY)(PVOID SharedMem); typedef NTSTATUS (NTAPI LSA_GET_APP_MODE_INFO)(PULONG UserFunction, PULONG_PTR Argument1, PULONG_PTR Argument2, PSecBuffer UserData, PBOOLEAN ReturnToLsa); typedef NTSTATUS (NTAPI LSA_SET_APP_MODE_INFO)(ULONG UserFunction, ULONG_PTR Argument1, ULONG_PTR Argument2, PSecBuffer UserData, BOOLEAN ReturnToLsa); typedef enum _SECPKG_NAME_TYPE { SecNameSamCompatible, SecNameAlternateId, SecNameFlat, SecNameDN, SecNameSPN } SECPKG_NAME_TYPE; typedef NTSTATUS (NTAPI LSA_OPEN_SAM_USER)(PSECURITY_STRING Name,SECPKG_NAME_TYPE NameType,PSECURITY_STRING Prefix,BOOLEAN AllowGuest,ULONG Reserved,PVOID *UserHandle); typedef NTSTATUS (NTAPI LSA_GET_USER_CREDENTIALS)(PVOID UserHandle,PVOID *PrimaryCreds,PULONG PrimaryCredsSize,PVOID *SupplementalCreds,PULONG SupplementalCredsSize); typedef NTSTATUS (NTAPI LSA_GET_USER_AUTH_DATA)(PVOID UserHandle,PUCHAR *UserAuthData,PULONG UserAuthDataSize); typedef NTSTATUS (NTAPI LSA_CLOSE_SAM_USER)(PVOID UserHandle); typedef NTSTATUS (NTAPI LSA_GET_AUTH_DATA_FOR_USER)(PSECURITY_STRING Name,SECPKG_NAME_TYPE NameType,PSECURITY_STRING Prefix,PUCHAR *UserAuthData,PULONG UserAuthDataSize,PUNICODE_STRING UserFlatName); typedef NTSTATUS (NTAPI LSA_CONVERT_AUTH_DATA_TO_TOKEN)(PVOID UserAuthData,ULONG UserAuthDataSize,SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,PTOKEN_SOURCE TokenSource,SECURITY_LOGON_TYPE LogonType,PUNICODE_STRING AuthorityName,PHANDLE Token,PLUID LogonId,PUNICODE_STRING AccountName,PNTSTATUS SubStatus); typedef NTSTATUS (NTAPI LSA_CRACK_SINGLE_NAME)(ULONG FormatOffered,BOOLEAN PerformAtGC,PUNICODE_STRING NameInput,PUNICODE_STRING Prefix,ULONG RequestedFormat,PUNICODE_STRING CrackedName,PUNICODE_STRING DnsDomainName,PULONG SubStatus); typedef NTSTATUS (NTAPI LSA_AUDIT_ACCOUNT_LOGON)(ULONG AuditId,BOOLEAN Success,PUNICODE_STRING Source,PUNICODE_STRING ClientName,PUNICODE_STRING MappedName,NTSTATUS Status); typedef NTSTATUS (NTAPI LSA_CLIENT_CALLBACK)(PCHAR Callback,ULONG_PTR Argument1,ULONG_PTR Argument2,PSecBuffer Input,PSecBuffer Output); typedef NTSTATUS (NTAPI LSA_REGISTER_CALLBACK)(ULONG CallbackId,PLSA_CALLBACK_FUNCTION Callback); typedef NTSTATUS (NTAPI LSA_GET_EXTENDED_CALL_FLAGS)(PULONG Flags); #define NOTIFIER_FLAG_NEW_THREAD 0x00000001 #define NOTIFIER_FLAG_ONE_SHOT 0x00000002 #define NOTIFIER_FLAG_SECONDS 0x80000000 #define NOTIFIER_TYPE_INTERVAL 1 #define NOTIFIER_TYPE_HANDLE_WAIT 2 #define NOTIFIER_TYPE_STATE_CHANGE 3 #define NOTIFIER_TYPE_NOTIFY_EVENT 4 #define NOTIFIER_TYPE_IMMEDIATE 16 #define NOTIFY_CLASS_PACKAGE_CHANGE 1 #define NOTIFY_CLASS_ROLE_CHANGE 2 #define NOTIFY_CLASS_DOMAIN_CHANGE 3 #define NOTIFY_CLASS_REGISTRY_CHANGE 4 typedef struct _SECPKG_EVENT_PACKAGE_CHANGE { ULONG ChangeType; LSA_SEC_HANDLE PackageId; SECURITY_STRING PackageName; } SECPKG_EVENT_PACKAGE_CHANGE,*PSECPKG_EVENT_PACKAGE_CHANGE; #define SECPKG_PACKAGE_CHANGE_LOAD 0 #define SECPKG_PACKAGE_CHANGE_UNLOAD 1 #define SECPKG_PACKAGE_CHANGE_SELECT 2 typedef struct _SECPKG_EVENT_ROLE_CHANGE { ULONG PreviousRole; ULONG NewRole; } SECPKG_EVENT_ROLE_CHANGE,*PSECPKG_EVENT_ROLE_CHANGE; typedef struct _SECPKG_PARAMETERS SECPKG_EVENT_DOMAIN_CHANGE; typedef struct _SECPKG_PARAMETERS *PSECPKG_EVENT_DOMAIN_CHANGE; typedef struct _SECPKG_EVENT_NOTIFY { ULONG EventClass; ULONG Reserved; ULONG EventDataSize; PVOID EventData; PVOID PackageParameter; } SECPKG_EVENT_NOTIFY,*PSECPKG_EVENT_NOTIFY; typedef NTSTATUS (NTAPI LSA_UPDATE_PRIMARY_CREDENTIALS)(PSECPKG_PRIMARY_CRED PrimaryCredentials,PSECPKG_SUPPLEMENTAL_CRED_ARRAY Credentials); typedef VOID (NTAPI LSA_PROTECT_MEMORY)(PVOID Buffer,ULONG BufferSize); typedef NTSTATUS (NTAPI LSA_OPEN_TOKEN_BY_LOGON_ID)(PLUID LogonId,HANDLE *RetTokenHandle); typedef NTSTATUS (NTAPI LSA_EXPAND_AUTH_DATA_FOR_DOMAIN)(PUCHAR UserAuthData,ULONG UserAuthDataSize,PVOID Reserved,PUCHAR *ExpandedAuthData,PULONG ExpandedAuthDataSize); typedef enum _CRED_FETCH { CredFetchDefault = 0, CredFetchDPAPI, CredFetchForced } CRED_FETCH, *PCRED_FETCH; typedef NTSTATUS (NTAPI LSA_GET_SERVICE_ACCOUNT_PASSWORD)(PUNICODE_STRING AccountName, PUNICODE_STRING DomainName, CRED_FETCH CredFetch, FILETIME *FileTimeExpiry, PUNICODE_STRING CurrentPassword, PUNICODE_STRING PreviousPassword, FILETIME *FileTimeCurrPwdValidForOutbound); typedef VOID (NTAPI LSA_AUDIT_LOGON_EX)(NTSTATUS Status, NTSTATUS SubStatus, PUNICODE_STRING AccountName, PUNICODE_STRING AuthenticatingAuthority, PUNICODE_STRING WorkstationName, PSID UserSid, SECURITY_LOGON_TYPE LogonType, SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, PTOKEN_SOURCE TokenSource, PLUID LogonId); typedef NTSTATUS (NTAPI LSA_CHECK_PROTECTED_USER_BY_TOKEN)(HANDLE UserToken, PBOOLEAN ProtectedUser); typedef NTSTATUS (NTAPI LSA_QUERY_CLIENT_REQUEST)(PLSA_CLIENT_REQUEST ClientRequest, ULONG QueryType, PVOID *ReplyBuffer); #define LSA_QUERY_CLIENT_PRELOGON_SESSION_ID 1 typedef LSA_IMPERSONATE_CLIENT *PLSA_IMPERSONATE_CLIENT; typedef LSA_UNLOAD_PACKAGE *PLSA_UNLOAD_PACKAGE; typedef LSA_DUPLICATE_HANDLE *PLSA_DUPLICATE_HANDLE; typedef LSA_SAVE_SUPPLEMENTAL_CREDENTIALS *PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS; typedef LSA_CREATE_THREAD *PLSA_CREATE_THREAD; typedef LSA_GET_CLIENT_INFO *PLSA_GET_CLIENT_INFO; typedef LSA_GET_CLIENT_INFO_EX *PLSA_GET_CLIENT_INFO_EX; typedef LSA_REGISTER_NOTIFICATION *PLSA_REGISTER_NOTIFICATION; typedef LSA_CANCEL_NOTIFICATION *PLSA_CANCEL_NOTIFICATION; typedef LSA_MAP_BUFFER *PLSA_MAP_BUFFER; typedef LSA_CREATE_TOKEN *PLSA_CREATE_TOKEN; typedef LSA_AUDIT_LOGON *PLSA_AUDIT_LOGON; typedef LSA_CALL_PACKAGE *PLSA_CALL_PACKAGE; typedef LSA_CALL_PACKAGEEX *PLSA_CALL_PACKAGEEX; typedef LSA_GET_CALL_INFO *PLSA_GET_CALL_INFO; typedef LSA_CREATE_SHARED_MEMORY *PLSA_CREATE_SHARED_MEMORY; typedef LSA_ALLOCATE_SHARED_MEMORY *PLSA_ALLOCATE_SHARED_MEMORY; typedef LSA_FREE_SHARED_MEMORY *PLSA_FREE_SHARED_MEMORY; typedef LSA_DELETE_SHARED_MEMORY *PLSA_DELETE_SHARED_MEMORY; typedef LSA_OPEN_SAM_USER *PLSA_OPEN_SAM_USER; typedef LSA_GET_USER_CREDENTIALS *PLSA_GET_USER_CREDENTIALS; typedef LSA_GET_USER_AUTH_DATA *PLSA_GET_USER_AUTH_DATA; typedef LSA_CLOSE_SAM_USER *PLSA_CLOSE_SAM_USER; typedef LSA_CONVERT_AUTH_DATA_TO_TOKEN *PLSA_CONVERT_AUTH_DATA_TO_TOKEN; typedef LSA_CLIENT_CALLBACK *PLSA_CLIENT_CALLBACK; typedef LSA_REGISTER_CALLBACK *PLSA_REGISTER_CALLBACK; typedef LSA_UPDATE_PRIMARY_CREDENTIALS *PLSA_UPDATE_PRIMARY_CREDENTIALS; typedef LSA_GET_AUTH_DATA_FOR_USER *PLSA_GET_AUTH_DATA_FOR_USER; typedef LSA_CRACK_SINGLE_NAME *PLSA_CRACK_SINGLE_NAME; typedef LSA_AUDIT_ACCOUNT_LOGON *PLSA_AUDIT_ACCOUNT_LOGON; typedef LSA_CALL_PACKAGE_PASSTHROUGH *PLSA_CALL_PACKAGE_PASSTHROUGH; typedef LSA_PROTECT_MEMORY *PLSA_PROTECT_MEMORY; typedef LSA_OPEN_TOKEN_BY_LOGON_ID *PLSA_OPEN_TOKEN_BY_LOGON_ID; typedef LSA_EXPAND_AUTH_DATA_FOR_DOMAIN *PLSA_EXPAND_AUTH_DATA_FOR_DOMAIN; typedef LSA_CREATE_TOKEN_EX *PLSA_CREATE_TOKEN_EX; typedef LSA_GET_EXTENDED_CALL_FLAGS *PLSA_GET_EXTENDED_CALL_FLAGS; typedef LSA_GET_SERVICE_ACCOUNT_PASSWORD *PLSA_GET_SERVICE_ACCOUNT_PASSWORD; typedef LSA_AUDIT_LOGON_EX *PLSA_AUDIT_LOGON_EX; typedef LSA_CHECK_PROTECTED_USER_BY_TOKEN *PLSA_CHECK_PROTECTED_USER_BY_TOKEN; typedef LSA_QUERY_CLIENT_REQUEST *PLSA_QUERY_CLIENT_REQUEST; typedef LSA_GET_APP_MODE_INFO *PLSA_GET_APP_MODE_INFO; typedef LSA_SET_APP_MODE_INFO *PLSA_SET_APP_MODE_INFO; #ifdef _WINCRED_H_ #ifndef _ENCRYPTED_CREDENTIAL_DEFINED #define _ENCRYPTED_CREDENTIAL_DEFINED typedef struct _ENCRYPTED_CREDENTIALW { CREDENTIALW Cred; ULONG ClearCredentialBlobSize; } ENCRYPTED_CREDENTIALW,*PENCRYPTED_CREDENTIALW; #endif #define CREDP_FLAGS_IN_PROCESS 0x01 #define CREDP_FLAGS_USE_MIDL_HEAP 0x02 #define CREDP_FLAGS_DONT_CACHE_TI 0x04 #define CREDP_FLAGS_CLEAR_PASSWORD 0x08 #define CREDP_FLAGS_USER_ENCRYPTED_PASSWORD 0x10 #define CREDP_FLAGS_TRUSTED_CALLER 0x20 #define CREDP_FLAGS_VALIDATE_PROXY_TARGET 0x40 typedef NTSTATUS (NTAPI CredReadFn)(PLUID LogonId,ULONG CredFlags,LPWSTR TargetName,ULONG Type,ULONG Flags,PENCRYPTED_CREDENTIALW *Credential); typedef NTSTATUS (NTAPI CredReadDomainCredentialsFn)(PLUID LogonId,ULONG CredFlags,PCREDENTIAL_TARGET_INFORMATIONW TargetInfo,ULONG Flags,PULONG Count,PENCRYPTED_CREDENTIALW **Credential); typedef VOID (NTAPI CredFreeCredentialsFn)(ULONG Count,PENCRYPTED_CREDENTIALW *Credentials); typedef NTSTATUS (NTAPI CredWriteFn)(PLUID LogonId,ULONG CredFlags,PENCRYPTED_CREDENTIALW Credential,ULONG Flags); typedef NTSTATUS (NTAPI CrediUnmarshalandDecodeStringFn)(LPWSTR MarshaledString, LPBYTE *Blob, ULONG *BlobSize, BOOLEAN *IsFailureFatal); NTSTATUS CredMarshalTargetInfo (PCREDENTIAL_TARGET_INFORMATIONW InTargetInfo,PUSHORT *Buffer,PULONG BufferSize); NTSTATUS CredUnmarshalTargetInfo (PUSHORT Buffer,ULONG BufferSize,PCREDENTIAL_TARGET_INFORMATIONW *RetTargetInfo,PULONG RetActualSize); #define CRED_MARSHALED_TI_SIZE_SIZE 12 #endif typedef struct _SEC_WINNT_AUTH_IDENTITY32 { ULONG User; ULONG UserLength; ULONG Domain; ULONG DomainLength; ULONG Password; ULONG PasswordLength; ULONG Flags; } SEC_WINNT_AUTH_IDENTITY32,*PSEC_WINNT_AUTH_IDENTITY32; typedef struct _SEC_WINNT_AUTH_IDENTITY_EX32 { ULONG Version; ULONG Length; ULONG User; ULONG UserLength; ULONG Domain; ULONG DomainLength; ULONG Password; ULONG PasswordLength; ULONG Flags; ULONG PackageList; ULONG PackageListLength; } SEC_WINNT_AUTH_IDENTITY_EX32,*PSEC_WINNT_AUTH_IDENTITY_EX32; typedef struct _LSA_SECPKG_FUNCTION_TABLE { PLSA_CREATE_LOGON_SESSION CreateLogonSession; PLSA_DELETE_LOGON_SESSION DeleteLogonSession; PLSA_ADD_CREDENTIAL AddCredential; PLSA_GET_CREDENTIALS GetCredentials; PLSA_DELETE_CREDENTIAL DeleteCredential; PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap; PLSA_FREE_LSA_HEAP FreeLsaHeap; PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer; PLSA_FREE_CLIENT_BUFFER FreeClientBuffer; PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer; PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer; PLSA_IMPERSONATE_CLIENT ImpersonateClient; PLSA_UNLOAD_PACKAGE UnloadPackage; PLSA_DUPLICATE_HANDLE DuplicateHandle; PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials; PLSA_CREATE_THREAD CreateThread; PLSA_GET_CLIENT_INFO GetClientInfo; PLSA_REGISTER_NOTIFICATION RegisterNotification; PLSA_CANCEL_NOTIFICATION CancelNotification; PLSA_MAP_BUFFER MapBuffer; PLSA_CREATE_TOKEN CreateToken; PLSA_AUDIT_LOGON AuditLogon; PLSA_CALL_PACKAGE CallPackage; PLSA_FREE_LSA_HEAP FreeReturnBuffer; PLSA_GET_CALL_INFO GetCallInfo; PLSA_CALL_PACKAGEEX CallPackageEx; PLSA_CREATE_SHARED_MEMORY CreateSharedMemory; PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory; PLSA_FREE_SHARED_MEMORY FreeSharedMemory; PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory; PLSA_OPEN_SAM_USER OpenSamUser; PLSA_GET_USER_CREDENTIALS GetUserCredentials; PLSA_GET_USER_AUTH_DATA GetUserAuthData; PLSA_CLOSE_SAM_USER CloseSamUser; PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken; PLSA_CLIENT_CALLBACK ClientCallback; PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials; PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser; PLSA_CRACK_SINGLE_NAME CrackSingleName; PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon; PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough; #ifdef _WINCRED_H_ CredReadFn *CrediRead; CredReadDomainCredentialsFn *CrediReadDomainCredentials; CredFreeCredentialsFn *CrediFreeCredentials; #else PLSA_PROTECT_MEMORY DummyFunction1; PLSA_PROTECT_MEMORY DummyFunction2; PLSA_PROTECT_MEMORY DummyFunction3; #endif PLSA_PROTECT_MEMORY LsaProtectMemory; PLSA_PROTECT_MEMORY LsaUnprotectMemory; PLSA_OPEN_TOKEN_BY_LOGON_ID OpenTokenByLogonId; PLSA_EXPAND_AUTH_DATA_FOR_DOMAIN ExpandAuthDataForDomain; PLSA_ALLOCATE_PRIVATE_HEAP AllocatePrivateHeap; PLSA_FREE_PRIVATE_HEAP FreePrivateHeap; PLSA_CREATE_TOKEN_EX CreateTokenEx; #ifdef _WINCRED_H_ CredWriteFn *CrediWrite; CrediUnmarshalandDecodeStringFn *CrediUnmarshalandDecodeString; #else PLSA_PROTECT_MEMORY DummyFunction4; PLSA_PROTECT_MEMORY DummyFunction5; #endif PLSA_PROTECT_MEMORY DummyFunction6; PLSA_GET_EXTENDED_CALL_FLAGS GetExtendedCallFlags; PLSA_DUPLICATE_HANDLE DuplicateTokenHandle; PLSA_GET_SERVICE_ACCOUNT_PASSWORD GetServiceAccountPassword; PLSA_PROTECT_MEMORY DummyFunction7; PLSA_AUDIT_LOGON_EX AuditLogonEx; PLSA_CHECK_PROTECTED_USER_BY_TOKEN CheckProtectedUserByToken; PLSA_QUERY_CLIENT_REQUEST QueryClientRequest; PLSA_GET_APP_MODE_INFO GetAppModeInfo; PLSA_SET_APP_MODE_INFO SetAppModeInfo; PLSA_GET_CLIENT_INFO_EX GetClientInfoEx; } LSA_SECPKG_FUNCTION_TABLE,*PLSA_SECPKG_FUNCTION_TABLE; typedef PVOID (NTAPI LSA_LOCATE_PKG_BY_ID)(ULONG PackgeId); typedef LSA_LOCATE_PKG_BY_ID *PLSA_LOCATE_PKG_BY_ID; typedef struct _SECPKG_DLL_FUNCTIONS { PLSA_ALLOCATE_LSA_HEAP AllocateHeap; PLSA_FREE_LSA_HEAP FreeHeap; PLSA_REGISTER_CALLBACK RegisterCallback; PLSA_LOCATE_PKG_BY_ID LocatePackageById; } SECPKG_DLL_FUNCTIONS,*PSECPKG_DLL_FUNCTIONS; typedef NTSTATUS (NTAPI SpInitializeFn)(ULONG_PTR PackageId,PSECPKG_PARAMETERS Parameters,PLSA_SECPKG_FUNCTION_TABLE FunctionTable); typedef NTSTATUS (NTAPI SpShutdownFn)(VOID); typedef NTSTATUS (NTAPI SpGetInfoFn)(PSecPkgInfo PackageInfo); typedef NTSTATUS (NTAPI SpGetExtendedInformationFn)(SECPKG_EXTENDED_INFORMATION_CLASS Class,PSECPKG_EXTENDED_INFORMATION *ppInformation); typedef NTSTATUS (NTAPI SpSetExtendedInformationFn)(SECPKG_EXTENDED_INFORMATION_CLASS Class,PSECPKG_EXTENDED_INFORMATION Info); typedef NTSTATUS (LSA_AP_LOGON_USER_EX2)(PLSA_CLIENT_REQUEST ClientRequest,SECURITY_LOGON_TYPE LogonType,PVOID AuthenticationInformation,PVOID ClientAuthenticationBase,ULONG AuthenticationInformationLength,PVOID *ProfileBuffer,PULONG ProfileBufferLength,PLUID LogonId,PNTSTATUS SubStatus,PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,PVOID *TokenInformation,PUNICODE_STRING *AccountName,PUNICODE_STRING *AuthenticatingAuthority,PUNICODE_STRING *MachineName,PSECPKG_PRIMARY_CRED PrimaryCredentials,PSECPKG_SUPPLEMENTAL_CRED_ARRAY *CachedCredentials); typedef LSA_AP_LOGON_USER_EX2 *PLSA_AP_LOGON_USER_EX2; #define LSA_AP_NAME_LOGON_USER_EX2 "LsaApLogonUserEx2\0" typedef NTSTATUS (LSA_AP_LOGON_USER_EX3)(PLSA_CLIENT_REQUEST ClientRequest, SECURITY_LOGON_TYPE LogonType, PVOID ProtocolSubmitBuffer, PVOID ClientBufferBase, ULONG SubmitBufferSize, PSECPKG_SURROGATE_LOGON SurrogateLogon, PVOID *ProfileBuffer, PULONG ProfileBufferSize, PLUID LogonId, PNTSTATUS SubStatus, PLSA_TOKEN_INFORMATION_TYPE TokenInformationType, PVOID *TokenInformation, PUNICODE_STRING *AccountName, PUNICODE_STRING *AuthenticatingAuthority, PUNICODE_STRING *MachineName, PSECPKG_PRIMARY_CRED PrimaryCredentials, PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials); typedef LSA_AP_LOGON_USER_EX3 *PLSA_AP_LOGON_USER_EX3; typedef NTSTATUS (LSA_AP_PRE_LOGON_USER_SURROGATE)(PLSA_CLIENT_REQUEST ClientRequest, SECURITY_LOGON_TYPE LogonType, PVOID ProtocolSubmitBuffer, PVOID ClientBufferBase, ULONG SubmitBufferSize, PSECPKG_SURROGATE_LOGON SurrogateLogon, PNTSTATUS SubStatus); typedef LSA_AP_PRE_LOGON_USER_SURROGATE *PLSA_AP_PRE_LOGON_USER_SURROGATE; typedef NTSTATUS (LSA_AP_POST_LOGON_USER_SURROGATE)(PLSA_CLIENT_REQUEST ClientRequest, SECURITY_LOGON_TYPE LogonType, PVOID ProtocolSubmitBuffer, PVOID ClientBufferBase, ULONG SubmitBufferSize, PSECPKG_SURROGATE_LOGON SurrogateLogon, PVOID ProfileBuffer, ULONG ProfileBufferSize, PLUID LogonId, NTSTATUS Status, NTSTATUS SubStatus, LSA_TOKEN_INFORMATION_TYPE TokenInformationType, PVOID TokenInformation, PUNICODE_STRING AccountName, PUNICODE_STRING AuthenticatingAuthority, PUNICODE_STRING MachineName, PSECPKG_PRIMARY_CRED PrimaryCredentials, PSECPKG_SUPPLEMENTAL_CRED_ARRAY SupplementalCredentials); typedef LSA_AP_POST_LOGON_USER_SURROGATE *PLSA_AP_POST_LOGON_USER_SURROGATE; typedef NTSTATUS (NTAPI SpAcceptCredentialsFn)(SECURITY_LOGON_TYPE LogonType,PUNICODE_STRING AccountName,PSECPKG_PRIMARY_CRED PrimaryCredentials,PSECPKG_SUPPLEMENTAL_CRED SupplementalCredentials); #define SP_ACCEPT_CREDENTIALS_NAME "SpAcceptCredentials\0" typedef NTSTATUS (NTAPI SpAcquireCredentialsHandleFn)(PUNICODE_STRING PrincipalName,ULONG CredentialUseFlags,PLUID LogonId,PVOID AuthorizationData,PVOID GetKeyFunciton,PVOID GetKeyArgument,PLSA_SEC_HANDLE CredentialHandle,PTimeStamp ExpirationTime); typedef NTSTATUS (NTAPI SpFreeCredentialsHandleFn)(LSA_SEC_HANDLE CredentialHandle); typedef NTSTATUS (NTAPI SpQueryCredentialsAttributesFn)(LSA_SEC_HANDLE CredentialHandle,ULONG CredentialAttribute,PVOID Buffer); typedef NTSTATUS (NTAPI SpSetCredentialsAttributesFn)(LSA_SEC_HANDLE CredentialHandle,ULONG CredentialAttribute,PVOID Buffer,ULONG BufferSize); typedef NTSTATUS (NTAPI SpAddCredentialsFn)(LSA_SEC_HANDLE CredentialHandle,PUNICODE_STRING PrincipalName,PUNICODE_STRING Package,ULONG CredentialUseFlags,PVOID AuthorizationData,PVOID GetKeyFunciton,PVOID GetKeyArgument,PTimeStamp ExpirationTime); typedef NTSTATUS (NTAPI SpSaveCredentialsFn)(LSA_SEC_HANDLE CredentialHandle,PSecBuffer Credentials); typedef NTSTATUS (NTAPI SpGetCredentialsFn)(LSA_SEC_HANDLE CredentialHandle,PSecBuffer Credentials); typedef NTSTATUS (NTAPI SpDeleteCredentialsFn)(LSA_SEC_HANDLE CredentialHandle,PSecBuffer Key); typedef NTSTATUS (NTAPI SpInitLsaModeContextFn)(LSA_SEC_HANDLE CredentialHandle,LSA_SEC_HANDLE ContextHandle,PUNICODE_STRING TargetName,ULONG ContextRequirements,ULONG TargetDataRep,PSecBufferDesc InputBuffers,PLSA_SEC_HANDLE NewContextHandle,PSecBufferDesc OutputBuffers,PULONG ContextAttributes,PTimeStamp ExpirationTime,PBOOLEAN MappedContext,PSecBuffer ContextData); typedef NTSTATUS (NTAPI SpDeleteContextFn)(LSA_SEC_HANDLE ContextHandle); typedef NTSTATUS (NTAPI SpApplyControlTokenFn)(LSA_SEC_HANDLE ContextHandle,PSecBufferDesc ControlToken); typedef NTSTATUS (NTAPI SpAcceptLsaModeContextFn)(LSA_SEC_HANDLE CredentialHandle,LSA_SEC_HANDLE ContextHandle,PSecBufferDesc InputBuffer,ULONG ContextRequirements,ULONG TargetDataRep,PLSA_SEC_HANDLE NewContextHandle,PSecBufferDesc OutputBuffer,PULONG ContextAttributes,PTimeStamp ExpirationTime,PBOOLEAN MappedContext,PSecBuffer ContextData); typedef NTSTATUS (NTAPI SpGetUserInfoFn)(PLUID LogonId,ULONG Flags,PSecurityUserData *UserData); typedef NTSTATUS (NTAPI SpQueryContextAttributesFn)(LSA_SEC_HANDLE ContextHandle,ULONG ContextAttribute,PVOID Buffer); typedef NTSTATUS (NTAPI SpSetContextAttributesFn)(LSA_SEC_HANDLE ContextHandle,ULONG ContextAttribute,PVOID Buffer,ULONG BufferSize); typedef NTSTATUS (NTAPI SpChangeAccountPasswordFn)(PUNICODE_STRING pDomainName, PUNICODE_STRING pAccountName, PUNICODE_STRING pOldPassword, PUNICODE_STRING pNewPassword, BOOLEAN Impersonating, PSecBufferDesc pOutput); typedef NTSTATUS (NTAPI SpQueryMetaDataFn)(LSA_SEC_HANDLE CredentialHandle, PUNICODE_STRING TargetName, ULONG ContextRequirements, PULONG MetaDataLength, PUCHAR *MetaData, PLSA_SEC_HANDLE ContextHandle); typedef NTSTATUS (NTAPI SpExchangeMetaDataFn)(LSA_SEC_HANDLE CredentialHandle, PUNICODE_STRING TargetName, ULONG ContextRequirements, ULONG MetaDataLength, PUCHAR MetaData, PLSA_SEC_HANDLE ContextHandle); typedef NTSTATUS (NTAPI SpGetCredUIContextFn)(LSA_SEC_HANDLE ContextHandle, GUID *CredType, PULONG FlatCredUIContextLength, PUCHAR *FlatCredUIContext); typedef NTSTATUS (NTAPI SpUpdateCredentialsFn)(LSA_SEC_HANDLE ContextHandle, GUID *CredType, ULONG FlatCredUIContextLength, PUCHAR FlatCredUIContext); typedef NTSTATUS (NTAPI SpValidateTargetInfoFn)(PLSA_CLIENT_REQUEST ClientRequest, PVOID ProtocolSubmitBuffer, PVOID ClientBufferBase, ULONG SubmitBufferLength, PSECPKG_TARGETINFO TargetInfo); typedef NTSTATUS (NTAPI SpExtractTargetInfoFn)(PLSA_CLIENT_REQUEST ClientRequest, PVOID ProtocolSubmitBuffer, PVOID ClientBufferBase, ULONG SubmitBufferLength, PVOID *ppvTargetInfo, ULONG *pcbTargetInfo); typedef NTSTATUS (NTAPI LSA_AP_POST_LOGON_USER)(PSECPKG_POST_LOGON_USER_INFO PostLogonUserInfo); typedef NTSTATUS (NTAPI SpGetRemoteCredGuardLogonBufferFn)(LSA_SEC_HANDLE CredHandle, LSA_SEC_HANDLE ContextHandle, const UNICODE_STRING *TargetName, PHANDLE RedirectedLogonHandle, PLSA_REDIRECTED_LOGON_CALLBACK *Callback, PLSA_REDIRECTED_LOGON_CLEANUP_CALLBACK *CleanupCallback, PULONG LogonBufferSize, PVOID *LogonBuffer); typedef NTSTATUS (NTAPI SpGetRemoteCredGuardSupplementalCredsFn)(LSA_SEC_HANDLE CredHandle, const UNICODE_STRING *TargetName, PHANDLE RedirectedLogonHandle, PLSA_REDIRECTED_LOGON_CALLBACK *Callback, PLSA_REDIRECTED_LOGON_CLEANUP_CALLBACK *CleanupCallback, PULONG SupplementalCredsSize, PVOID *SupplementalCreds); typedef NTSTATUS (NTAPI SpGetTbalSupplementalCredsFn)(LUID LogonId, PULONG SupplementalCredsSize, PVOID *SupplementalCreds); typedef struct _SECPKG_FUNCTION_TABLE { PLSA_AP_INITIALIZE_PACKAGE InitializePackage; PLSA_AP_LOGON_USER LogonUser; PLSA_AP_CALL_PACKAGE CallPackage; PLSA_AP_LOGON_TERMINATED LogonTerminated; PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted; PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough; PLSA_AP_LOGON_USER_EX LogonUserEx; PLSA_AP_LOGON_USER_EX2 LogonUserEx2; SpInitializeFn *Initialize; SpShutdownFn *Shutdown; SpGetInfoFn *GetInfo; SpAcceptCredentialsFn *AcceptCredentials; SpAcquireCredentialsHandleFn *AcquireCredentialsHandle; SpQueryCredentialsAttributesFn *QueryCredentialsAttributes; SpFreeCredentialsHandleFn *FreeCredentialsHandle; SpSaveCredentialsFn *SaveCredentials; SpGetCredentialsFn *GetCredentials; SpDeleteCredentialsFn *DeleteCredentials; SpInitLsaModeContextFn *InitLsaModeContext; SpAcceptLsaModeContextFn *AcceptLsaModeContext; SpDeleteContextFn *DeleteContext; SpApplyControlTokenFn *ApplyControlToken; SpGetUserInfoFn *GetUserInfo; SpGetExtendedInformationFn *GetExtendedInformation; SpQueryContextAttributesFn *QueryContextAttributes; SpAddCredentialsFn *AddCredentials; SpSetExtendedInformationFn *SetExtendedInformation; SpSetContextAttributesFn *SetContextAttributes; SpSetCredentialsAttributesFn *SetCredentialsAttributes; SpChangeAccountPasswordFn *ChangeAccountPassword; SpQueryMetaDataFn *QueryMetaData; SpExchangeMetaDataFn *ExchangeMetaData; SpGetCredUIContextFn *GetCredUIContext; SpUpdateCredentialsFn *UpdateCredentials; SpValidateTargetInfoFn *ValidateTargetInfo; LSA_AP_POST_LOGON_USER *PostLogonUser; SpGetRemoteCredGuardLogonBufferFn *GetRemoteCredGuardLogonBuffer; SpGetRemoteCredGuardSupplementalCredsFn *GetRemoteCredGuardSupplementalCreds; SpGetTbalSupplementalCredsFn *GetTbalSupplementalCreds; PLSA_AP_LOGON_USER_EX3 LogonUserEx3; PLSA_AP_PRE_LOGON_USER_SURROGATE PreLogonUserSurrogate; PLSA_AP_POST_LOGON_USER_SURROGATE PostLogonUserSurrogate; SpExtractTargetInfoFn *ExtractTargetInfo; } SECPKG_FUNCTION_TABLE,*PSECPKG_FUNCTION_TABLE; typedef NTSTATUS (NTAPI SpInstanceInitFn)(ULONG Version,PSECPKG_DLL_FUNCTIONS FunctionTable,PVOID *UserFunctions); typedef NTSTATUS (NTAPI SpInitUserModeContextFn)(LSA_SEC_HANDLE ContextHandle,PSecBuffer PackedContext); typedef NTSTATUS (NTAPI SpMakeSignatureFn)(LSA_SEC_HANDLE ContextHandle,ULONG QualityOfProtection,PSecBufferDesc MessageBuffers,ULONG MessageSequenceNumber); typedef NTSTATUS (NTAPI SpVerifySignatureFn)(LSA_SEC_HANDLE ContextHandle,PSecBufferDesc MessageBuffers,ULONG MessageSequenceNumber,PULONG QualityOfProtection); typedef NTSTATUS (NTAPI SpSealMessageFn)(LSA_SEC_HANDLE ContextHandle,ULONG QualityOfProtection,PSecBufferDesc MessageBuffers,ULONG MessageSequenceNumber); typedef NTSTATUS (NTAPI SpUnsealMessageFn)(LSA_SEC_HANDLE ContextHandle,PSecBufferDesc MessageBuffers,ULONG MessageSequenceNumber,PULONG QualityOfProtection); typedef NTSTATUS (NTAPI SpGetContextTokenFn)(LSA_SEC_HANDLE ContextHandle,PHANDLE ImpersonationToken); typedef NTSTATUS (NTAPI SpExportSecurityContextFn)(LSA_SEC_HANDLE phContext,ULONG fFlags,PSecBuffer pPackedContext,PHANDLE pToken); typedef NTSTATUS (NTAPI SpImportSecurityContextFn)(PSecBuffer pPackedContext,HANDLE Token,PLSA_SEC_HANDLE phContext); typedef NTSTATUS (NTAPI SpCompleteAuthTokenFn)(LSA_SEC_HANDLE ContextHandle,PSecBufferDesc InputBuffer); typedef NTSTATUS (NTAPI SpFormatCredentialsFn)(PSecBuffer Credentials,PSecBuffer FormattedCredentials); typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn)(ULONG CredentialSize,PUCHAR Credentials,PULONG MarshalledCredSize,PVOID *MarshalledCreds); #define SECPKG_UNICODE_ATTRIBUTE 0x80000000 #define SECPKG_ANSI_ATTRIBUTE 0 #define SECPKG_CREDENTIAL_ATTRIBUTE 0 typedef NTSTATUS (NTAPI SpMarshalAttributeDataFn)(DWORD AttributeInfo, ULONG Attribute, ULONG AttributeDataSize, PBYTE AttributeData, PULONG MarshaledAttributeDataSize, PBYTE *MarshaledAttributeData); typedef struct _SECPKG_USER_FUNCTION_TABLE { SpInstanceInitFn *InstanceInit; SpInitUserModeContextFn *InitUserModeContext; SpMakeSignatureFn *MakeSignature; SpVerifySignatureFn *VerifySignature; SpSealMessageFn *SealMessage; SpUnsealMessageFn *UnsealMessage; SpGetContextTokenFn *GetContextToken; SpQueryContextAttributesFn *QueryContextAttributes; SpCompleteAuthTokenFn *CompleteAuthToken; SpDeleteContextFn *DeleteUserModeContext; SpFormatCredentialsFn *FormatCredentials; SpMarshallSupplementalCredsFn *MarshallSupplementalCreds; SpExportSecurityContextFn *ExportContext; SpImportSecurityContextFn *ImportContext; SpMarshalAttributeDataFn *MarshalAttributeData; } SECPKG_USER_FUNCTION_TABLE,*PSECPKG_USER_FUNCTION_TABLE; typedef NTSTATUS (SEC_ENTRY *SpLsaModeInitializeFn)(ULONG LsaVersion,PULONG PackageVersion,PSECPKG_FUNCTION_TABLE *ppTables,PULONG pcTables); typedef NTSTATUS (SEC_ENTRY *SpUserModeInitializeFn)(ULONG LsaVersion,PULONG PackageVersion,PSECPKG_USER_FUNCTION_TABLE *ppTables,PULONG pcTables); #define SECPKG_LSAMODEINIT_NAME "SpLsaModeInitialize" #define SECPKG_USERMODEINIT_NAME "SpUserModeInitialize" #define SECPKG_INTERFACE_VERSION 0x00010000 #define SECPKG_INTERFACE_VERSION_2 0x00020000 #define SECPKG_INTERFACE_VERSION_3 0x00040000 #define SECPKG_INTERFACE_VERSION_4 0x00080000 #define SECPKG_INTERFACE_VERSION_5 0x00100000 #define SECPKG_INTERFACE_VERSION_6 0x00200000 #define SECPKG_INTERFACE_VERSION_7 0x00400000 #define SECPKG_INTERFACE_VERSION_8 0x00800000 #define SECPKG_INTERFACE_VERSION_9 0x01000000 #define SECPKG_INTERFACE_VERSION_10 0x02000000 #define SECPKG_INTERFACE_VERSION_11 0x04000000 typedef enum _KSEC_CONTEXT_TYPE { KSecPaged,KSecNonPaged } KSEC_CONTEXT_TYPE; typedef struct _KSEC_LIST_ENTRY { LIST_ENTRY List; LONG RefCount; ULONG Signature; PVOID OwningList; PVOID Reserved; } KSEC_LIST_ENTRY,*PKSEC_LIST_ENTRY; #define KsecInitializeListEntry(Entry,SigValue) ((PKSEC_LIST_ENTRY) Entry)->List.Flink = ((PKSEC_LIST_ENTRY) Entry)->List.Blink = NULL; ((PKSEC_LIST_ENTRY) Entry)->RefCount = 1; ((PKSEC_LIST_ENTRY) Entry)->Signature = SigValue; ((PKSEC_LIST_ENTRY) Entry)->OwningList = NULL; ((PKSEC_LIST_ENTRY) Entry)->Reserved = NULL; typedef PVOID (SEC_ENTRY KSEC_CREATE_CONTEXT_LIST)(KSEC_CONTEXT_TYPE Type); typedef VOID (SEC_ENTRY KSEC_INSERT_LIST_ENTRY)(PVOID List,PKSEC_LIST_ENTRY Entry); typedef NTSTATUS (SEC_ENTRY KSEC_REFERENCE_LIST_ENTRY)(PKSEC_LIST_ENTRY Entry,ULONG Signature,BOOLEAN RemoveNoRef); typedef VOID (SEC_ENTRY KSEC_DEREFERENCE_LIST_ENTRY)(PKSEC_LIST_ENTRY Entry,BOOLEAN *Delete); typedef NTSTATUS (SEC_ENTRY KSEC_SERIALIZE_WINNT_AUTH_DATA)(PVOID pvAuthData,PULONG Size,PVOID *SerializedData); typedef NTSTATUS (SEC_ENTRY KSEC_SERIALIZE_SCHANNEL_AUTH_DATA)(PVOID pvAuthData,PULONG Size,PVOID *SerializedData); KSEC_CREATE_CONTEXT_LIST KSecCreateContextList; KSEC_INSERT_LIST_ENTRY KSecInsertListEntry; KSEC_REFERENCE_LIST_ENTRY KSecReferenceListEntry; KSEC_DEREFERENCE_LIST_ENTRY KSecDereferenceListEntry; KSEC_SERIALIZE_WINNT_AUTH_DATA KSecSerializeWinntAuthData; KSEC_SERIALIZE_SCHANNEL_AUTH_DATA KSecSerializeSchannelAuthData; typedef KSEC_CREATE_CONTEXT_LIST *PKSEC_CREATE_CONTEXT_LIST; typedef KSEC_INSERT_LIST_ENTRY *PKSEC_INSERT_LIST_ENTRY; typedef KSEC_REFERENCE_LIST_ENTRY *PKSEC_REFERENCE_LIST_ENTRY; typedef KSEC_DEREFERENCE_LIST_ENTRY *PKSEC_DEREFERENCE_LIST_ENTRY; typedef KSEC_SERIALIZE_WINNT_AUTH_DATA *PKSEC_SERIALIZE_WINNT_AUTH_DATA; typedef KSEC_SERIALIZE_SCHANNEL_AUTH_DATA *PKSEC_SERIALIZE_SCHANNEL_AUTH_DATA; typedef PVOID (SEC_ENTRY KSEC_LOCATE_PKG_BY_ID)(ULONG PackageId); typedef KSEC_LOCATE_PKG_BY_ID *PKSEC_LOCATE_PKG_BY_ID; KSEC_LOCATE_PKG_BY_ID KSecLocatePackageById; typedef struct _SECPKG_KERNEL_FUNCTIONS { PLSA_ALLOCATE_LSA_HEAP AllocateHeap; PLSA_FREE_LSA_HEAP FreeHeap; PKSEC_CREATE_CONTEXT_LIST CreateContextList; PKSEC_INSERT_LIST_ENTRY InsertListEntry; PKSEC_REFERENCE_LIST_ENTRY ReferenceListEntry; PKSEC_DEREFERENCE_LIST_ENTRY DereferenceListEntry; PKSEC_SERIALIZE_WINNT_AUTH_DATA SerializeWinntAuthData; PKSEC_SERIALIZE_SCHANNEL_AUTH_DATA SerializeSchannelAuthData; PKSEC_LOCATE_PKG_BY_ID LocatePackageById; } SECPKG_KERNEL_FUNCTIONS,*PSECPKG_KERNEL_FUNCTIONS; typedef NTSTATUS (NTAPI KspInitPackageFn)(PSECPKG_KERNEL_FUNCTIONS FunctionTable); typedef NTSTATUS (NTAPI KspDeleteContextFn)(LSA_SEC_HANDLE ContextId,PLSA_SEC_HANDLE LsaContextId); typedef NTSTATUS (NTAPI KspInitContextFn)(LSA_SEC_HANDLE ContextId,PSecBuffer ContextData,PLSA_SEC_HANDLE NewContextId); typedef NTSTATUS (NTAPI KspMakeSignatureFn)(LSA_SEC_HANDLE ContextId,ULONG fQOP,PSecBufferDesc Message,ULONG MessageSeqNo); typedef NTSTATUS (NTAPI KspVerifySignatureFn)(LSA_SEC_HANDLE ContextId,PSecBufferDesc Message,ULONG MessageSeqNo,PULONG pfQOP); typedef NTSTATUS (NTAPI KspSealMessageFn)(LSA_SEC_HANDLE ContextId,ULONG fQOP,PSecBufferDesc Message,ULONG MessageSeqNo); typedef NTSTATUS (NTAPI KspUnsealMessageFn)(LSA_SEC_HANDLE ContextId,PSecBufferDesc Message,ULONG MessageSeqNo,PULONG pfQOP); typedef NTSTATUS (NTAPI KspGetTokenFn)(LSA_SEC_HANDLE ContextId,PHANDLE ImpersonationToken,PACCESS_TOKEN *RawToken); typedef NTSTATUS (NTAPI KspQueryAttributesFn)(LSA_SEC_HANDLE ContextId,ULONG Attribute,PVOID Buffer); typedef NTSTATUS (NTAPI KspCompleteTokenFn)(LSA_SEC_HANDLE ContextId,PSecBufferDesc Token); typedef NTSTATUS (NTAPI KspMapHandleFn)(LSA_SEC_HANDLE ContextId,PLSA_SEC_HANDLE LsaContextId); typedef NTSTATUS (NTAPI KspSetPagingModeFn)(BOOLEAN PagingMode); typedef NTSTATUS (NTAPI KspSerializeAuthDataFn)(PVOID pvAuthData,PULONG Size,PVOID *SerializedData); typedef struct _SECPKG_KERNEL_FUNCTION_TABLE { KspInitPackageFn *Initialize; KspDeleteContextFn *DeleteContext; KspInitContextFn *InitContext; KspMapHandleFn *MapHandle; KspMakeSignatureFn *Sign; KspVerifySignatureFn *Verify; KspSealMessageFn *Seal; KspUnsealMessageFn *Unseal; KspGetTokenFn *GetToken; KspQueryAttributesFn *QueryAttributes; KspCompleteTokenFn *CompleteToken; SpExportSecurityContextFn *ExportContext; SpImportSecurityContextFn *ImportContext; KspSetPagingModeFn *SetPackagePagingMode; KspSerializeAuthDataFn *SerializeAuthData; } SECPKG_KERNEL_FUNCTION_TABLE,*PSECPKG_KERNEL_FUNCTION_TABLE; SECURITY_STATUS SEC_ENTRY KSecRegisterSecurityProvider(PSECURITY_STRING ProviderName,PSECPKG_KERNEL_FUNCTION_TABLE Table); SECURITY_STATUS SEC_ENTRY KSecLocatePackage(PUNICODE_STRING PackageName, PSECPKG_KERNEL_FUNCTION_TABLE *Package, PULONG_PTR PackageId); extern SECPKG_KERNEL_FUNCTIONS KspKernelFunctions; #ifdef __cplusplus } #endif #endif