1 /**
2  * Windows API header module
3  *
4  * Translated from MinGW Windows headers
5  *
6  * Authors: Ellery Newcomer
7  * License: $(LINK2 http://www.boost.org/LICENSE_1_0.txt, Boost License 1.0)
8  * Source: $(DRUNTIMESRC core/sys/windows/_ntsecpkg.d)
9  */
10 module core.sys.windows.ntsecpkg;
11 version (Windows):
12 
13 import core.sys.windows.windef, core.sys.windows.ntsecapi, core.sys.windows.security, core.sys.windows.ntdef, core.sys.windows.sspi;
14 import core.sys.windows.basetyps : GUID;
15 import core.sys.windows.winbase;
16 
17 extern(Windows):
18 
19 enum :ULONG{
20     ISC_REQ_DELEGATE = 1,
21     ISC_REQ_MUTUAL_AUTH = 2,
22     ISC_REQ_REPLAY_DETECT = 4,
23     ISC_REQ_SEQUENCE_DETECT = 8,
24     ISC_REQ_CONFIDENTIALITY  = 16,
25     ISC_REQ_USE_SESSION_KEY = 32,
26     ISC_REQ_PROMPT_FOR_CREDS = 64,
27     ISC_REQ_USE_SUPPLIED_CREDS  = 128,
28     ISC_REQ_ALLOCATE_MEMORY = 256,
29     ISC_REQ_USE_DCE_STYLE = 512,
30     ISC_REQ_DATAGRAM = 1024,
31     ISC_REQ_CONNECTION = 2048,
32     ISC_REQ_EXTENDED_ERROR = 16384,
33     ISC_REQ_STREAM = 32768,
34     ISC_REQ_INTEGRITY = 65536,
35     ISC_REQ_MANUAL_CRED_VALIDATION = 524288,
36     ISC_REQ_HTTP  = 268435456,
37 }
38 
39 enum ISC_RET_EXTENDED_ERROR = 16384;
40 
41 enum :ULONG{
42     ASC_REQ_DELEGATE = 1,
43     ASC_REQ_MUTUAL_AUTH = 2,
44     ASC_REQ_REPLAY_DETECT = 4,
45     ASC_REQ_SEQUENCE_DETECT = 8,
46     ASC_REQ_CONFIDENTIALITY = 16,
47     ASC_REQ_USE_SESSION_KEY = 32,
48     ASC_REQ_ALLOCATE_MEMORY = 256,
49     ASC_REQ_USE_DCE_STYLE = 512,
50     ASC_REQ_DATAGRAM = 1024,
51     ASC_REQ_CONNECTION = 2048,
52     ASC_REQ_EXTENDED_ERROR = 32768,
53     ASC_REQ_STREAM = 65536,
54     ASC_REQ_INTEGRITY = 131072,
55 }
56 
57 enum SECURITY_NATIVE_DREP  = 16;
58 enum SECURITY_NETWORK_DREP = 0;
59 
60 enum :ULONG{
61     SECPKG_STATE_ENCRYPTION_PERMITTED               = 0x01,
62     SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED        = 0x02,
63     SECPKG_STATE_DOMAIN_CONTROLLER                  = 0x04,
64     SECPKG_STATE_WORKSTATION                        = 0x08,
65     SECPKG_STATE_STANDALONE                         = 0x10,
66 }
67 
68 /* enum definitions for Secure Service Provider/Authentication Packages */
69 enum LSA_TOKEN_INFORMATION_TYPE {
70     LsaTokenInformationNull,
71     LsaTokenInformationV1
72 }
73 alias LSA_TOKEN_INFORMATION_TYPE* PLSA_TOKEN_INFORMATION_TYPE;
74 enum SECPKG_EXTENDED_INFORMATION_CLASS
75 {
76     SecpkgGssInfo = 1,
77     SecpkgContextThunks,
78     SecpkgMutualAuthLevel,
79     SecpkgMaxInfo
80 }
81 enum SECPKG_NAME_TYPE {
82     SecNameSamCompatible,
83     SecNameAlternateId,
84     SecNameFlat,
85     SecNameDN
86 }
87 
88 /* struct definitions for SSP/AP */
89 struct SECPKG_PRIMARY_CRED {
90     LUID LogonId;
91     UNICODE_STRING DownlevelName;
92     UNICODE_STRING DomainName;
93     UNICODE_STRING Password;
94     UNICODE_STRING OldPassword;
95     PSID UserSid;
96     ULONG Flags;
97     UNICODE_STRING DnsDomainName;
98     UNICODE_STRING Upn;
99     UNICODE_STRING LogonServer;
100     UNICODE_STRING Spare1;
101     UNICODE_STRING Spare2;
102     UNICODE_STRING Spare3;
103     UNICODE_STRING Spare4;
104 }
105 alias SECPKG_PRIMARY_CRED* PSECPKG_PRIMARY_CRED;
106 struct SECPKG_SUPPLEMENTAL_CRED {
107     UNICODE_STRING PackageName;
108     ULONG CredentialSize;
109     PUCHAR Credentials;
110 }
111 alias SECPKG_SUPPLEMENTAL_CRED* PSECPKG_SUPPLEMENTAL_CRED;
112 struct SECPKG_SUPPLEMENTAL_CRED_ARRAY {
113     ULONG CredentialCount;
114     SECPKG_SUPPLEMENTAL_CRED[1] Credentials;
115 }
116 alias SECPKG_SUPPLEMENTAL_CRED_ARRAY* PSECPKG_SUPPLEMENTAL_CRED_ARRAY;
117 struct SECPKG_PARAMETERS {
118     ULONG Version;
119     ULONG MachineState;
120     ULONG SetupMode;
121     PSID DomainSid;
122     UNICODE_STRING DomainName;
123     UNICODE_STRING DnsDomainName;
124     GUID DomainGuid;
125 }
126 alias SECPKG_PARAMETERS* PSECPKG_PARAMETERS,PSECPKG_EVENT_DOMAIN_CHANGE;
127 alias SECPKG_PARAMETERS SECPKG_EVENT_DOMAIN_CHANGE;
128 struct SECPKG_CLIENT_INFO {
129   LUID LogonId;
130   ULONG ProcessID;
131   ULONG ThreadID;
132   BOOLEAN HasTcbPrivilege;
133   BOOLEAN Impersonating;
134   BOOLEAN Restricted;
135 }
136 alias SECPKG_CLIENT_INFO* PSECPKG_CLIENT_INFO;
137 struct SECURITY_USER_DATA {
138     SECURITY_STRING UserName;
139     SECURITY_STRING LogonDomainName;
140     SECURITY_STRING LogonServer;
141     PSID pSid;
142 }
143 alias SECURITY_USER_DATA* PSECURITY_USER_DATA,PSecurityUserData;
144 alias SECURITY_USER_DATA SecurityUserData;
145 struct SECPKG_GSS_INFO {
146     ULONG EncodedIdLength;
147     UCHAR[4] EncodedId;
148 }
149 alias SECPKG_GSS_INFO* PSECPKG_GSS_INFO;
150 struct SECPKG_CONTEXT_THUNKS {
151     ULONG InfoLevelCount;
152     ULONG[1] Levels;
153 }
154 alias SECPKG_CONTEXT_THUNKS* PSECPKG_CONTEXT_THUNKS;
155 struct SECPKG_MUTUAL_AUTH_LEVEL {
156     ULONG MutualAuthLevel;
157 }
158 alias SECPKG_MUTUAL_AUTH_LEVEL* PSECPKG_MUTUAL_AUTH_LEVEL;
159 struct SECPKG_CALL_INFO {
160     ULONG ProcessId;
161     ULONG ThreadId;
162     ULONG Attributes;
163     ULONG CallCount;
164 }
165 alias SECPKG_CALL_INFO* PSECPKG_CALL_INFO;
166 struct SECPKG_EXTENDED_INFORMATION {
167     SECPKG_EXTENDED_INFORMATION_CLASS Class;
168     union _Info{
169         SECPKG_GSS_INFO GssInfo;
170         SECPKG_CONTEXT_THUNKS ContextThunks;
171         SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel;
172     }
173     _Info Info;
174 }
175 alias SECPKG_EXTENDED_INFORMATION* PSECPKG_EXTENDED_INFORMATION;
176 
177 /* callbacks implemented by SSP/AP dlls and called by the LSA */
178 alias void function(ULONG_PTR, ULONG_PTR, PSecBuffer,
179  PSecBuffer) PLSA_CALLBACK_FUNCTION;
180 
181 /* misc typedefs used in the below prototypes */
182 alias PVOID* PLSA_CLIENT_REQUEST;
183 alias ULONG_PTR LSA_SEC_HANDLE;
184 alias LSA_SEC_HANDLE* PLSA_SEC_HANDLE;
185 alias LPTHREAD_START_ROUTINE SEC_THREAD_START;
186 alias PSECURITY_ATTRIBUTES SEC_ATTRS;
187 
188 /* functions used by SSP/AP obtainable by dispatch tables */
189 alias NTSTATUS function(ULONG, PLSA_CALLBACK_FUNCTION) PLSA_REGISTER_CALLBACK;
190 alias NTSTATUS function(PLUID) PLSA_CREATE_LOGON_SESSION;
191 alias NTSTATUS function(PLUID) PLSA_DELETE_LOGON_SESSION;
192 alias NTSTATUS function(PLUID, ULONG, PLSA_STRING,
193  PLSA_STRING) PLSA_ADD_CREDENTIAL;
194 alias NTSTATUS function(PLUID, ULONG, PULONG, BOOLEAN,
195  PLSA_STRING, PULONG, PLSA_STRING) PLSA_GET_CREDENTIALS;
196 alias NTSTATUS function(PLUID, ULONG, PLSA_STRING) PLSA_DELETE_CREDENTIAL;
197 alias PVOID function(ULONG) PLSA_ALLOCATE_LSA_HEAP;
198 alias void function(PVOID) PLSA_FREE_LSA_HEAP;
199 alias NTSTATUS function(PLSA_CLIENT_REQUEST,
200  ULONG, PVOID*) PLSA_ALLOCATE_CLIENT_BUFFER;
201 alias NTSTATUS function(PLSA_CLIENT_REQUEST, PVOID) PLSA_FREE_CLIENT_BUFFER;
202 alias NTSTATUS function(PLSA_CLIENT_REQUEST, ULONG,
203  PVOID, PVOID) PLSA_COPY_TO_CLIENT_BUFFER;
204 alias NTSTATUS function(PLSA_CLIENT_REQUEST,
205  ULONG, PVOID, PVOID) PLSA_COPY_FROM_CLIENT_BUFFER;
206 alias NTSTATUS function() PLSA_IMPERSONATE_CLIENT;
207 alias NTSTATUS function() PLSA_UNLOAD_PACKAGE;
208 alias NTSTATUS function(HANDLE, PHANDLE) PLSA_DUPLICATE_HANDLE;
209 alias NTSTATUS function(PLUID, ULONG,
210  PVOID, BOOLEAN) PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS;
211 alias HANDLE function(SEC_ATTRS, ULONG, SEC_THREAD_START,
212  PVOID, ULONG, PULONG) PLSA_CREATE_THREAD;
213 alias NTSTATUS function(PSECPKG_CLIENT_INFO) PLSA_GET_CLIENT_INFO;
214 alias HANDLE function(SEC_THREAD_START, PVOID,
215  ULONG, ULONG, ULONG, ULONG, HANDLE) PLSA_REGISTER_NOTIFICATION;
216 alias NTSTATUS function(HANDLE) PLSA_CANCEL_NOTIFICATION;
217 alias NTSTATUS function(PSecBuffer, PSecBuffer) PLSA_MAP_BUFFER;
218 alias NTSTATUS function(PLUID, PTOKEN_SOURCE,
219  SECURITY_LOGON_TYPE, SECURITY_IMPERSONATION_LEVEL, LSA_TOKEN_INFORMATION_TYPE,
220  PVOID, PTOKEN_GROUPS, PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING,
221  PUNICODE_STRING, PHANDLE, PNTSTATUS) PLSA_CREATE_TOKEN;
222 alias void function(NTSTATUS, NTSTATUS, PUNICODE_STRING,
223  PUNICODE_STRING, PUNICODE_STRING, PSID, SECURITY_LOGON_TYPE,
224  PTOKEN_SOURCE, PLUID) PLSA_AUDIT_LOGON;
225 alias NTSTATUS function(PUNICODE_STRING, PVOID, ULONG,
226  PVOID*, PULONG, PNTSTATUS) PLSA_CALL_PACKAGE;
227 alias BOOLEAN function(PSECPKG_CALL_INFO) PLSA_GET_CALL_INFO;
228 alias NTSTATUS function(PUNICODE_STRING, PVOID, PVOID,
229  ULONG, PVOID*, PULONG, PNTSTATUS) PLSA_CALL_PACKAGEEX;
230 alias PVOID function(ULONG, ULONG) PLSA_CREATE_SHARED_MEMORY;
231 alias PVOID function(PVOID, ULONG) PLSA_ALLOCATE_SHARED_MEMORY;
232 alias void function(PVOID, PVOID) PLSA_FREE_SHARED_MEMORY;
233 alias BOOLEAN function(PVOID) PLSA_DELETE_SHARED_MEMORY;
234 alias NTSTATUS function(PSECURITY_STRING, SECPKG_NAME_TYPE,
235  PSECURITY_STRING, BOOLEAN, ULONG, PVOID*) PLSA_OPEN_SAM_USER;
236 alias NTSTATUS function(PVOID, PVOID *, PULONG,
237  PVOID *, PULONG) PLSA_GET_USER_CREDENTIALS;
238 alias NTSTATUS function(PVOID, PUCHAR *, PULONG) PLSA_GET_USER_AUTH_DATA;
239 alias NTSTATUS function(PVOID) PLSA_CLOSE_SAM_USER;
240 alias NTSTATUS function(PVOID, ULONG,
241  SECURITY_IMPERSONATION_LEVEL, PTOKEN_SOURCE, SECURITY_LOGON_TYPE,
242  PUNICODE_STRING, PHANDLE, PLUID, PUNICODE_STRING, PNTSTATUS) PLSA_CONVERT_AUTH_DATA_TO_TOKEN;
243 alias NTSTATUS function(PCHAR, ULONG_PTR, ULONG_PTR,
244  PSecBuffer, PSecBuffer) PLSA_CLIENT_CALLBACK;
245 alias NTSTATUS function(PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY) PLSA_UPDATE_PRIMARY_CREDENTIALS;
246 alias NTSTATUS function(PSECURITY_STRING,
247  SECPKG_NAME_TYPE, PSECURITY_STRING, PUCHAR *, PULONG, PUNICODE_STRING) PLSA_GET_AUTH_DATA_FOR_USER;
248 alias NTSTATUS function(ULONG, BOOLEAN,
249  PUNICODE_STRING, PUNICODE_STRING, ULONG, PUNICODE_STRING, PUNICODE_STRING,
250  PULONG) PLSA_CRACK_SINGLE_NAME;
251 alias NTSTATUS function(ULONG, BOOLEAN,
252  PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING, NTSTATUS) PLSA_AUDIT_ACCOUNT_LOGON;
253 alias NTSTATUS function(PUNICODE_STRING, PVOID,
254  PVOID, ULONG, PVOID*, PULONG, PNTSTATUS) PLSA_CALL_PACKAGE_PASSTHROUGH;
255 
256 /* Dispatch tables of functions used by SSP/AP */
257 struct SECPKG_DLL_FUNCTIONS {
258     PLSA_ALLOCATE_LSA_HEAP AllocateHeap;
259     PLSA_FREE_LSA_HEAP FreeHeap;
260     PLSA_REGISTER_CALLBACK RegisterCallback;
261 }
262 alias SECPKG_DLL_FUNCTIONS* PSECPKG_DLL_FUNCTIONS;
263 struct LSA_DISPATCH_TABLE {
264     PLSA_CREATE_LOGON_SESSION CreateLogonSession;
265     PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
266     PLSA_ADD_CREDENTIAL AddCredential;
267     PLSA_GET_CREDENTIALS GetCredentials;
268     PLSA_DELETE_CREDENTIAL DeleteCredential;
269     PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
270     PLSA_FREE_LSA_HEAP FreeLsaHeap;
271     PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
272     PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
273     PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
274     PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
275 }
276 alias LSA_DISPATCH_TABLE* PLSA_DISPATCH_TABLE;
277 struct LSA_SECPKG_FUNCTION_TABLE {
278     PLSA_CREATE_LOGON_SESSION CreateLogonSession;
279     PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
280     PLSA_ADD_CREDENTIAL AddCredential;
281     PLSA_GET_CREDENTIALS GetCredentials;
282     PLSA_DELETE_CREDENTIAL DeleteCredential;
283     PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
284     PLSA_FREE_LSA_HEAP FreeLsaHeap;
285     PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
286     PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
287     PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
288     PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
289     PLSA_IMPERSONATE_CLIENT ImpersonateClient;
290     PLSA_UNLOAD_PACKAGE UnloadPackage;
291     PLSA_DUPLICATE_HANDLE DuplicateHandle;
292     PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials;
293     PLSA_CREATE_THREAD CreateThread;
294     PLSA_GET_CLIENT_INFO GetClientInfo;
295     PLSA_REGISTER_NOTIFICATION RegisterNotification;
296     PLSA_CANCEL_NOTIFICATION CancelNotification;
297     PLSA_MAP_BUFFER MapBuffer;
298     PLSA_CREATE_TOKEN CreateToken;
299     PLSA_AUDIT_LOGON AuditLogon;
300     PLSA_CALL_PACKAGE CallPackage;
301     PLSA_FREE_LSA_HEAP FreeReturnBuffer;
302     PLSA_GET_CALL_INFO GetCallInfo;
303     PLSA_CALL_PACKAGEEX CallPackageEx;
304     PLSA_CREATE_SHARED_MEMORY CreateSharedMemory;
305     PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory;
306     PLSA_FREE_SHARED_MEMORY FreeSharedMemory;
307     PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory;
308     PLSA_OPEN_SAM_USER OpenSamUser;
309     PLSA_GET_USER_CREDENTIALS GetUserCredentials;
310     PLSA_GET_USER_AUTH_DATA GetUserAuthData;
311     PLSA_CLOSE_SAM_USER CloseSamUser;
312     PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken;
313     PLSA_CLIENT_CALLBACK ClientCallback;
314     PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials;
315     PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser;
316     PLSA_CRACK_SINGLE_NAME CrackSingleName;
317     PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon;
318     PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
319 }
320 alias LSA_SECPKG_FUNCTION_TABLE* PLSA_SECPKG_FUNCTION_TABLE;
321 
322 /* functions implemented by SSP/AP obtainable by dispatch tables */
323 alias NTSTATUS function(ULONG, PLSA_DISPATCH_TABLE,
324  PLSA_STRING, PLSA_STRING, PLSA_STRING *) PLSA_AP_INITIALIZE_PACKAGE;
325 alias NTSTATUS function(LPWSTR, LPWSTR, LPWSTR, LPWSTR,
326  DWORD, DWORD, PHANDLE) PLSA_AP_LOGON_USER;
327 alias NTSTATUS function(PUNICODE_STRING, PVOID, ULONG,
328  PVOID *, PULONG, PNTSTATUS) PLSA_AP_CALL_PACKAGE;
329 alias void function(PLUID) PLSA_AP_LOGON_TERMINATED;
330 alias NTSTATUS function(PLSA_CLIENT_REQUEST,
331  PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS) PLSA_AP_CALL_PACKAGE_UNTRUSTED;
332 alias NTSTATUS function(PUNICODE_STRING,
333  PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS) PLSA_AP_CALL_PACKAGE_PASSTHROUGH;
334 alias NTSTATUS function(PLSA_CLIENT_REQUEST,
335  SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
336  PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
337  PUNICODE_STRING *) PLSA_AP_LOGON_USER_EX;
338 alias NTSTATUS function(PLSA_CLIENT_REQUEST,
339  SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
340  PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
341  PUNICODE_STRING *, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY *) PLSA_AP_LOGON_USER_EX2;
342 alias NTSTATUS function(ULONG_PTR, PSECPKG_PARAMETERS,
343  PLSA_SECPKG_FUNCTION_TABLE) SpInitializeFn;
344 alias NTSTATUS function() SpShutDownFn;
345 alias NTSTATUS function(PSecPkgInfoW) SpGetInfoFn;
346 alias NTSTATUS function(SECURITY_LOGON_TYPE,
347  PUNICODE_STRING, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED) SpAcceptCredentialsFn;
348 alias NTSTATUS function(PUNICODE_STRING, ULONG,
349  PLUID, PVOID, PVOID, PVOID, PLSA_SEC_HANDLE, PTimeStamp) SpAcquireCredentialsHandleFn;
350 alias NTSTATUS function(LSA_SEC_HANDLE, ULONG, PVOID) SpQueryCredentialsAttributesFn;
351 alias NTSTATUS function(LSA_SEC_HANDLE) SpFreeCredentialsHandleFn;
352 alias NTSTATUS function(LSA_SEC_HANDLE, PSecBuffer) SpSaveCredentialsFn;
353 alias NTSTATUS function(LSA_SEC_HANDLE, PSecBuffer) SpGetCredentialsFn;
354 alias NTSTATUS function(LSA_SEC_HANDLE, PSecBuffer) SpDeleteCredentialsFn;
355 alias NTSTATUS function(LSA_SEC_HANDLE, LSA_SEC_HANDLE,
356  PUNICODE_STRING, ULONG, ULONG, PSecBufferDesc, PLSA_SEC_HANDLE, PSecBufferDesc,
357  PULONG, PTimeStamp, PBOOLEAN, PSecBuffer) SpInitLsaModeContextFn;
358 alias NTSTATUS function(LSA_SEC_HANDLE,
359  LSA_SEC_HANDLE, PSecBufferDesc, ULONG, ULONG, PLSA_SEC_HANDLE, PSecBufferDesc,
360  PULONG, PTimeStamp, PBOOLEAN, PSecBuffer) SpAcceptLsaModeContextFn;
361 alias NTSTATUS function(LSA_SEC_HANDLE) SpDeleteContextFn;
362 alias NTSTATUS function(LSA_SEC_HANDLE, PSecBufferDesc) SpApplyControlTokenFn;
363 alias NTSTATUS function(PLUID, ULONG, PSecurityUserData *) SpGetUserInfoFn;
364 alias NTSTATUS function(SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION *) SpGetExtendedInformationFn;
365 alias NTSTATUS function(LSA_SEC_HANDLE, ULONG, PVOID) SpQueryContextAttributesFn;
366 alias NTSTATUS function(LSA_SEC_HANDLE, PUNICODE_STRING,
367  PUNICODE_STRING, ULONG, PVOID, PVOID, PVOID, PTimeStamp) SpAddCredentialsFn;
368 alias NTSTATUS function(
369  SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION) SpSetExtendedInformationFn;
370 alias NTSTATUS function(ULONG, PSECPKG_DLL_FUNCTIONS,
371  PVOID *) SpInstanceInitFn;
372 alias NTSTATUS function(LSA_SEC_HANDLE, PSecBuffer) SpInitUserModeContextFn;
373 alias NTSTATUS function(LSA_SEC_HANDLE, ULONG,
374  PSecBufferDesc, ULONG) SpMakeSignatureFn;
375 alias NTSTATUS function(LSA_SEC_HANDLE, PSecBufferDesc,
376  ULONG, PULONG) SpVerifySignatureFn;
377 alias NTSTATUS function(LSA_SEC_HANDLE, ULONG, PSecBufferDesc,
378  ULONG) SpSealMessageFn;
379 alias NTSTATUS function(LSA_SEC_HANDLE, PSecBufferDesc,
380  ULONG, PULONG) SpUnsealMessageFn;
381 alias NTSTATUS function(LSA_SEC_HANDLE, PHANDLE) SpGetContextTokenFn;
382 alias NTSTATUS function(LSA_SEC_HANDLE, PSecBufferDesc) SpCompleteAuthTokenFn;
383 alias NTSTATUS function(PSecBuffer, PSecBuffer) SpFormatCredentialsFn;
384 alias NTSTATUS function(ULONG, PUCHAR, PULONG,
385  PVOID *) SpMarshallSupplementalCredsFn;
386 alias NTSTATUS function(LSA_SEC_HANDLE, ULONG,
387  PSecBuffer, PHANDLE) SpExportSecurityContextFn;
388 alias NTSTATUS function(PSecBuffer, HANDLE,
389  PLSA_SEC_HANDLE) SpImportSecurityContextFn;
390 
391 /* Dispatch tables of functions implemented by SSP/AP */
392 struct SECPKG_FUNCTION_TABLE {
393     PLSA_AP_INITIALIZE_PACKAGE InitializePackage;
394     PLSA_AP_LOGON_USER LogonUser;
395     PLSA_AP_CALL_PACKAGE CallPackage;
396     PLSA_AP_LOGON_TERMINATED LogonTerminated;
397     PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted;
398     PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
399     PLSA_AP_LOGON_USER_EX LogonUserEx;
400     PLSA_AP_LOGON_USER_EX2 LogonUserEx2;
401     SpInitializeFn *Initialize;
402     SpShutDownFn *Shutdown;
403     SpGetInfoFn *GetInfo;
404     SpAcceptCredentialsFn *AcceptCredentials;
405     SpAcquireCredentialsHandleFn *AcquireCredentialsHandle;
406     SpQueryCredentialsAttributesFn *QueryCredentialsAttributes;
407     SpFreeCredentialsHandleFn *FreeCredentialsHandle;
408     SpSaveCredentialsFn *SaveCredentials;
409     SpGetCredentialsFn *GetCredentials;
410     SpDeleteCredentialsFn *DeleteCredentials;
411     SpInitLsaModeContextFn *InitLsaModeContext;
412     SpAcceptLsaModeContextFn *AcceptLsaModeContext;
413     SpDeleteContextFn *DeleteContext;
414     SpApplyControlTokenFn *ApplyControlToken;
415     SpGetUserInfoFn *GetUserInfo;
416     SpGetExtendedInformationFn *GetExtendedInformation;
417     SpQueryContextAttributesFn *QueryContextAttributes;
418     SpAddCredentialsFn *AddCredentials;
419     SpSetExtendedInformationFn *SetExtendedInformation;
420 }
421 alias SECPKG_FUNCTION_TABLE* PSECPKG_FUNCTION_TABLE;
422 
423 struct SECPKG_USER_FUNCTION_TABLE {
424     SpInstanceInitFn *InstanceInit;
425     SpInitUserModeContextFn *InitUserModeContext;
426     SpMakeSignatureFn *MakeSignature;
427     SpVerifySignatureFn *VerifySignature;
428     SpSealMessageFn *SealMessage;
429     SpUnsealMessageFn *UnsealMessage;
430     SpGetContextTokenFn *GetContextToken;
431     SpQueryContextAttributesFn *QueryContextAttributes;
432     SpCompleteAuthTokenFn *CompleteAuthToken;
433     SpDeleteContextFn *DeleteUserModeContext;
434     SpFormatCredentialsFn *FormatCredentials;
435     SpMarshallSupplementalCredsFn *MarshallSupplementalCreds;
436     SpExportSecurityContextFn *ExportContext;
437     SpImportSecurityContextFn *ImportContext;
438 }
439 alias SECPKG_USER_FUNCTION_TABLE* PSECPKG_USER_FUNCTION_TABLE;
440 
441 /* Entry points to SSP/AP */
442 alias NTSTATUS function(ULONG, PULONG,
443  PSECPKG_FUNCTION_TABLE *, PULONG) SpLsaModeInitializeFn;
444 alias NTSTATUS function(ULONG, PULONG,
445  PSECPKG_USER_FUNCTION_TABLE *, PULONG) SpUserModeInitializeFn;