RepoMirrors
/
mimikatz
mirror of https://github.com/gentilkiwi/mimikatz
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mimikatz/inc/wincred.h

1438 lines
44 KiB
C
Raw Blame History

/*++ BUILD Version: 0001 // Increment this if a change has global effects
Copyright (c) 2000 Microsoft Corporation
Module Name:
wincred.h
Abstract:
This module contains the public data structures and API definitions
needed for the Credential Manager.
Author:
Revision History:
--*/
#ifndef _WINCRED_H_
#define _WINCRED_H_
#if !defined(_ADVAPI32_)
#define WINADVAPI DECLSPEC_IMPORT
#else
#define WINADVAPI
#endif
#if !defined(CREDUIAPI)
#if !defined(_CREDUI_)
#define CREDUIAPI EXTERN_C DECLSPEC_IMPORT
#else
#define CREDUIAPI EXTERN_C
#endif
#endif
#ifdef __cplusplus
extern "C" {
#endif
//
// Ensure PCtxtHandle is defined
//
#ifndef __SECHANDLE_DEFINED__
typedef struct _SecHandle
{
ULONG_PTR dwLower ;
ULONG_PTR dwUpper ;
} SecHandle, * PSecHandle ;
#define __SECHANDLE_DEFINED__
#endif // __SECHANDLE_DEFINED__
typedef PSecHandle PCtxtHandle;
//
// Ensure FILETIME is defined
//
#ifndef _WINBASE_
#ifndef _FILETIME_
#define _FILETIME_
typedef struct _FILETIME
{
DWORD dwLowDateTime;
DWORD dwHighDateTime;
} FILETIME;
typedef struct _FILETIME *PFILETIME;
typedef struct _FILETIME *LPFILETIME;
#endif // !_FILETIME
#endif // _WINBASE_
//
// Ensure NTSTATUS is defined
//
#ifndef _NTDEF_
typedef LONG NTSTATUS, *PNTSTATUS;
#endif
//-----------------------------------------------------------------------------
// Macros
//-----------------------------------------------------------------------------
//
// Macro to determine whether CredUIPromptForCredentials should be called upon a failed
// authentication attempt.
//
// Implemented as a macro so that the caller can delay load credui.dll only if this
// macro returns TRUE.
//
// Include only status codes that imply the username/password are wrong or that the
// password is expired. In the former case, asking for a another username or password
// is appropriate. In the later case, we put up a different dialog asking the
// user to change the password on the server.
//
// Don't include status codes such as ERROR_ACCOUNT_DISABLED, ERROR_ACCOUNT_RESTRICTION,
// ERROR_ACCOUNT_LOCKED_OUT, ERROR_ACCOUNT_EXPIRED, ERROR_LOGON_TYPE_NOT_GRANTED.
// For those, the user isn't going to have another account so prompting him
// won't help.
//
// STATUS_DOWNGRADE_DETECTED is included to handle the case where a corporate laptop
// is brought to another LAN. A downgrade attack will indeed be detected,
// but we want to popup UI to allow the user to connect to resources in the
// other LAN.
//
// Don't use the CREDUIP_* macros directly. Their definition is private to credui.dll.
//
// Don't require ntstatus.h
#define STATUS_LOGON_FAILURE ((NTSTATUS)0xC000006DL) // ntsubauth
#define STATUS_WRONG_PASSWORD ((NTSTATUS)0xC000006AL) // ntsubauth
#define STATUS_PASSWORD_EXPIRED ((NTSTATUS)0xC0000071L) // ntsubauth
#define STATUS_PASSWORD_MUST_CHANGE ((NTSTATUS)0xC0000224L) // ntsubauth
#define STATUS_ACCESS_DENIED ((NTSTATUS)0xC0000022L)
#define STATUS_DOWNGRADE_DETECTED ((NTSTATUS)0xC0000388L)
#define STATUS_AUTHENTICATION_FIREWALL_FAILED ((NTSTATUS)0xC0000413L)
#define STATUS_ACCOUNT_DISABLED ((NTSTATUS)0xC0000072L) // ntsubauth
#define STATUS_ACCOUNT_RESTRICTION ((NTSTATUS)0xC000006EL) // ntsubauth
#define STATUS_ACCOUNT_LOCKED_OUT ((NTSTATUS)0xC0000234L) // ntsubauth
#define STATUS_ACCOUNT_EXPIRED ((NTSTATUS)0xC0000193L) // ntsubauth
#define STATUS_LOGON_TYPE_NOT_GRANTED ((NTSTATUS)0xC000015BL)
// Don't require lmerr.h
#define NERR_BASE 2100
#define NERR_PasswordExpired (NERR_BASE+142) /* The password of this user has expired. */
#define CREDUIP_IS_USER_PASSWORD_ERROR( _Status ) ( \
(_Status) == ERROR_LOGON_FAILURE || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_LOGON_FAILURE ) || \
(_Status) == STATUS_LOGON_FAILURE || \
(_Status) == HRESULT_FROM_NT( STATUS_LOGON_FAILURE ) || \
(_Status) == ERROR_ACCESS_DENIED || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_ACCESS_DENIED ) || \
(_Status) == STATUS_ACCESS_DENIED || \
(_Status) == HRESULT_FROM_NT( STATUS_ACCESS_DENIED ) || \
(_Status) == ERROR_INVALID_PASSWORD || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_INVALID_PASSWORD ) || \
(_Status) == STATUS_WRONG_PASSWORD || \
(_Status) == HRESULT_FROM_NT( STATUS_WRONG_PASSWORD ) || \
(_Status) == SEC_E_NO_CREDENTIALS || \
(_Status) == SEC_E_LOGON_DENIED || \
(_Status) == SEC_E_NO_CONTEXT || \
(_Status) == STATUS_NO_SECURITY_CONTEXT )
#define CREDUIP_IS_DOWNGRADE_ERROR( _Status ) ( \
(_Status) == ERROR_DOWNGRADE_DETECTED || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_DOWNGRADE_DETECTED ) || \
(_Status) == STATUS_DOWNGRADE_DETECTED || \
(_Status) == HRESULT_FROM_NT( STATUS_DOWNGRADE_DETECTED ) \
)
#define CREDUIP_IS_EXPIRED_ERROR( _Status ) ( \
(_Status) == ERROR_PASSWORD_EXPIRED || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_PASSWORD_EXPIRED ) || \
(_Status) == STATUS_PASSWORD_EXPIRED || \
(_Status) == HRESULT_FROM_NT( STATUS_PASSWORD_EXPIRED ) || \
(_Status) == ERROR_PASSWORD_MUST_CHANGE || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_PASSWORD_MUST_CHANGE ) || \
(_Status) == STATUS_PASSWORD_MUST_CHANGE || \
(_Status) == HRESULT_FROM_NT( STATUS_PASSWORD_MUST_CHANGE ) || \
(_Status) == NERR_PasswordExpired || \
(_Status) == __HRESULT_FROM_WIN32( NERR_PasswordExpired ) \
)
#define CREDUI_IS_AUTHENTICATION_ERROR( _Status ) ( \
CREDUIP_IS_USER_PASSWORD_ERROR( _Status ) || \
CREDUIP_IS_DOWNGRADE_ERROR( _Status ) || \
CREDUIP_IS_EXPIRED_ERROR( _Status ) \
)
#define CREDUI_NO_PROMPT_AUTHENTICATION_ERROR( _Status ) ( \
(_Status) == ERROR_AUTHENTICATION_FIREWALL_FAILED || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_AUTHENTICATION_FIREWALL_FAILED ) || \
(_Status) == STATUS_AUTHENTICATION_FIREWALL_FAILED || \
(_Status) == HRESULT_FROM_NT( STATUS_AUTHENTICATION_FIREWALL_FAILED ) || \
(_Status) == ERROR_ACCOUNT_DISABLED || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_ACCOUNT_DISABLED ) || \
(_Status) == STATUS_ACCOUNT_DISABLED || \
(_Status) == HRESULT_FROM_NT( STATUS_ACCOUNT_DISABLED ) || \
(_Status) == ERROR_ACCOUNT_RESTRICTION || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_ACCOUNT_RESTRICTION ) || \
(_Status) == STATUS_ACCOUNT_RESTRICTION || \
(_Status) == HRESULT_FROM_NT( STATUS_ACCOUNT_RESTRICTION ) || \
(_Status) == ERROR_ACCOUNT_LOCKED_OUT || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_ACCOUNT_LOCKED_OUT ) || \
(_Status) == STATUS_ACCOUNT_LOCKED_OUT || \
(_Status) == HRESULT_FROM_NT( STATUS_ACCOUNT_LOCKED_OUT ) || \
(_Status) == ERROR_ACCOUNT_EXPIRED || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_ACCOUNT_EXPIRED ) || \
(_Status) == STATUS_ACCOUNT_EXPIRED || \
(_Status) == HRESULT_FROM_NT( STATUS_ACCOUNT_EXPIRED ) || \
(_Status) == ERROR_LOGON_TYPE_NOT_GRANTED || \
(_Status) == __HRESULT_FROM_WIN32( ERROR_LOGON_TYPE_NOT_GRANTED ) || \
(_Status) == STATUS_LOGON_TYPE_NOT_GRANTED || \
(_Status) == HRESULT_FROM_NT( STATUS_LOGON_TYPE_NOT_GRANTED ) \
)
//-----------------------------------------------------------------------------
// Structures
//-----------------------------------------------------------------------------
//
// Credential Attribute
//
// Maximum length of the various credential string fields (in characters)
#define CRED_MAX_STRING_LENGTH 256
// Maximum length of the UserName field. The worst case is <User>@<DnsDomain>
#define CRED_MAX_USERNAME_LENGTH (256+1+256)
// Maximum length of the TargetName field for CRED_TYPE_GENERIC (in characters)
#define CRED_MAX_GENERIC_TARGET_NAME_LENGTH 32767
// Maximum length of the TargetName field for CRED_TYPE_DOMAIN_* (in characters)
// Largest one is <DfsRoot>\<DfsShare>
#define CRED_MAX_DOMAIN_TARGET_NAME_LENGTH (256+1+80)
// Maximum length of a target namespace
#define CRED_MAX_TARGETNAME_NAMESPACE_LENGTH (256)
// Maximum length of a target attribute
#define CRED_MAX_TARGETNAME_ATTRIBUTE_LENGTH (256)
// Maximum size of the Credential Attribute Value field (in bytes)
#define CRED_MAX_VALUE_SIZE (256)
// Maximum number of attributes per credential
#define CRED_MAX_ATTRIBUTES 64
typedef struct _CREDENTIAL_ATTRIBUTEA {
LPSTR Keyword;
DWORD Flags;
DWORD ValueSize;
LPBYTE Value;
} CREDENTIAL_ATTRIBUTEA, *PCREDENTIAL_ATTRIBUTEA;
typedef struct _CREDENTIAL_ATTRIBUTEW {
#ifdef MIDL_PASS
[string] wchar_t * Keyword;
#else // MIDL_PASS
LPWSTR Keyword;
#endif // MIDL_PASS
DWORD Flags;
#ifdef MIDL_PASS
[range(0,CRED_MAX_VALUE_SIZE)]
#endif // MIDL_PASS
DWORD ValueSize;
#ifdef MIDL_PASS
[size_is(ValueSize)]
#endif // MIDL_PASS
LPBYTE Value;
} CREDENTIAL_ATTRIBUTEW, *PCREDENTIAL_ATTRIBUTEW;
#ifdef UNICODE
typedef CREDENTIAL_ATTRIBUTEW CREDENTIAL_ATTRIBUTE;
typedef PCREDENTIAL_ATTRIBUTEW PCREDENTIAL_ATTRIBUTE;
#else
typedef CREDENTIAL_ATTRIBUTEA CREDENTIAL_ATTRIBUTE;
typedef PCREDENTIAL_ATTRIBUTEA PCREDENTIAL_ATTRIBUTE;
#endif // UNICODE
//
// Special values of the TargetName field
//
#define CRED_SESSION_WILDCARD_NAME_W L"*Session"
#define CRED_SESSION_WILDCARD_NAME_A "*Session"
#define CRED_UNIVERSAL_WILDCARD_W L'*'
#define CRED_UNIVERSAL_WILDCARD_A '*'
#define CRED_SESSION_WILDCARD_NAME_LENGTH (sizeof(CRED_SESSION_WILDCARD_NAME_A)-1)
#define CRED_TARGETNAME_DOMAIN_NAMESPACE_W L"Domain"
#define CRED_TARGETNAME_DOMAIN_NAMESPACE_A "Domain"
#define CRED_TARGETNAME_DOMAIN_NAMESPACE_LENGTH (sizeof(CRED_TARGETNAME_DOMAIN_NAMESPACE_A)-1)
#define CRED_UNIVERSAL_WILDCARD_W L'*'
#define CRED_UNIVERSAL_WILDCARD_A '*'
#define CRED_TARGETNAME_LEGACYGENERIC_NAMESPACE_W L"LegacyGeneric"
#define CRED_TARGETNAME_LEGACYGENERIC_NAMESPACE_A "LegacyGeneric"
#define CRED_TARGETNAME_LEGACYGENERIC_NAMESPACE_LENGTH (sizeof(CRED_TARGETNAME_LEGACYGENERIC_NAMESPACE_A)-1)
#define CRED_TARGETNAME_NAMESPACE_SEPERATOR_W L':'
#define CRED_TARGETNAME_NAMESPACE_SEPERATOR_A ':'
#define CRED_TARGETNAME_ATTRIBUTE_SEPERATOR_W L'='
#define CRED_TARGETNAME_ATTRIBUTE_SEPERATOR_A '='
#define CRED_TARGETNAME_DOMAIN_EXTENDED_USERNAME_SEPARATOR_W L'|'
#define CRED_TARGETNAME_DOMAIN_EXTENDED_USERNAME_SEPARATOR_A '|'
#define CRED_TARGETNAME_ATTRIBUTE_TARGET_W L"target"
#define CRED_TARGETNAME_ATTRIBUTE_TARGET_A "target"
#define CRED_TARGETNAME_ATTRIBUTE_TARGET_LENGTH (sizeof(CRED_TARGETNAME_ATTRIBUTE_TARGET_A)-1)
#define CRED_TARGETNAME_ATTRIBUTE_NAME_W L"name"
#define CRED_TARGETNAME_ATTRIBUTE_NAME_A "name"
#define CRED_TARGETNAME_ATTRIBUTE_NAME_LENGTH (sizeof(CRED_TARGETNAME_ATTRIBUTE_NAME_A)-1)
#define CRED_TARGETNAME_ATTRIBUTE_BATCH_W L"batch"
#define CRED_TARGETNAME_ATTRIBUTE_BATCH_A "batch"
#define CRED_TARGETNAME_ATTRIBUTE_BATCH_LENGTH (sizeof(CRED_TARGETNAME_ATTRIBUTE_BATCH_A)-1)
#define CRED_TARGETNAME_ATTRIBUTE_INTERACTIVE_W L"interactive"
#define CRED_TARGETNAME_ATTRIBUTE_INTERACTIVE_A "interactive"
#define CRED_TARGETNAME_ATTRIBUTE_INTERACTIVE_LENGTH (sizeof(CRED_TARGETNAME_ATTRIBUTE_INTERACTIVE_A)-1)
#define CRED_TARGETNAME_ATTRIBUTE_SERVICE_W L"service"
#define CRED_TARGETNAME_ATTRIBUTE_SERVICE_A "service"
#define CRED_TARGETNAME_ATTRIBUTE_SERVICE_LENGTH (sizeof(CRED_TARGETNAME_ATTRIBUTE_SERVICE_A)-1)
#define CRED_TARGETNAME_ATTRIBUTE_NETWORK_W L"network"
#define CRED_TARGETNAME_ATTRIBUTE_NETWORK_A "network"
#define CRED_TARGETNAME_ATTRIBUTE_NETWORK_LENGTH (sizeof(CRED_TARGETNAME_ATTRIBUTE_NETWORK_A)-1)
#define CRED_TARGETNAME_ATTRIBUTE_NETWORKCLEARTEXT_W L"networkcleartext"
#define CRED_TARGETNAME_ATTRIBUTE_NETWORKCLEARTEXT_A "networkcleartext"
#define CRED_TARGETNAME_ATTRIBUTE_NETWORKCLEARTEXT_LENGTH (sizeof(CRED_TARGETNAME_ATTRIBUTE_NETWORKCLEARTEXT_A)-1)
#define CRED_TARGETNAME_ATTRIBUTE_REMOTEINTERACTIVE_W L"remoteinteractive"
#define CRED_TARGETNAME_ATTRIBUTE_REMOTEINTERACTIVE_A "remoteinteractive"
#define CRED_TARGETNAME_ATTRIBUTE_REMOTEINTERACTIVE_LENGTH (sizeof(CRED_TARGETNAME_ATTRIBUTE_REMOTEINTERACTIVE_A)-1)
#define CRED_TARGETNAME_ATTRIBUTE_CACHEDINTERACTIVE_W L"cachedinteractive"
#define CRED_TARGETNAME_ATTRIBUTE_CACHEDINTERACTIVE_A "cachedinteractive"
#define CRED_TARGETNAME_ATTRIBUTE_CACHEDINTERACTIVE_LENGTH (sizeof(CRED_TARGETNAME_ATTRIBUTE_CACHEDINTERACTIVE_A)-1)
#ifdef UNICODE
#define CRED_SESSION_WILDCARD_NAME CRED_SESSION_WILDCARD_NAME_W
#define CRED_TARGETNAME_DOMAIN_NAMESPACE CRED_TARGETNAME_DOMAIN_NAMESPACE_W
#define CRED_UNIVERSAL_WILDCARD = CRED_UNIVERSAL_WILDCARD_W
#define CRED_TARGETNAME_NAMESPACE_SEPERATOR = CRED_TARGETNAME_NAMESPACE_SEPERATOR_W
#define CRED_TARGETNAME_ATTRIBUTE_SEPERATOR = CRED_TARGETNAME_ATTRIBUTE_SEPERATOR_W
#define CRED_TARGETNAME_ATTRIBUTE_NAME CRED_TARGETNAME_ATTRIBUTE_NAME_W
#define CRED_TARGETNAME_ATTRIBUTE_TARGET CRED_TARGETNAME_ATTRIBUTE_TARGET_W
#define CRED_TARGETNAME_ATTRIBUTE_BATCH CRED_TARGETNAME_ATTRIBUTE_BATCH_W
#define CRED_TARGETNAME_ATTRIBUTE_INTERACTIVE CRED_TARGETNAME_ATTRIBUTE_INTERACTIVE_W
#define CRED_TARGETNAME_ATTRIBUTE_SERVICE CRED_TARGETNAME_ATTRIBUTE_SERVICE_W
#define CRED_TARGETNAME_ATTRIBUTE_NETWORK CRED_TARGETNAME_ATTRIBUTE_NETWORK_W
#define CRED_TARGETNAME_ATTRIBUTE_NETWORKCLEARTEXT CRED_TARGETNAME_ATTRIBUTE_NETWORKCLEARTEXT_W
#define CRED_TARGETNAME_ATTRIBUTE_REMOTEINTERACTIVE CRED_TARGETNAME_ATTRIBUTE_REMOTEINTERACTIVE_W
#define CRED_TARGETNAME_ATTRIBUTE_CACHEDINTERACTIVE CRED_TARGETNAME_ATTRIBUTE_CACHEDINTERACTIVE_W
#else
#define CRED_SESSION_WILDCARD_NAME CRED_SESSION_WILDCARD_NAME_A
#define CRED_TARGETNAME_DOMAIN_NAMESPACE CRED_TARGETNAME_DOMAIN_NAMESPACE_A
#define CRED_UNIVERSAL_WILDCARD = CRED_UNIVERSAL_WILDCARD_A
#define CRED_TARGETNAME_NAMESPACE_SEPERATOR = CRED_TARGETNAME_NAMESPACE_SEPERATOR_A
#define CRED_TARGETNAME_ATTRIBUTE_SEPERATOR = CRED_TARGETNAME_ATTRIBUTE_SEPERATOR_A
#define CRED_TARGETNAME_ATTRIBUTE_NAME CRED_TARGETNAME_ATTRIBUTE_NAME_A
#define CRED_TARGETNAME_ATTRIBUTE_TARGET CRED_TARGETNAME_ATTRIBUTE_TARGET_A
#define CRED_TARGETNAME_ATTRIBUTE_BATCH CRED_TARGETNAME_ATTRIBUTE_BATCH_A
#define CRED_TARGETNAME_ATTRIBUTE_INTERACTIVE CRED_TARGETNAME_ATTRIBUTE_INTERACTIVE_A
#define CRED_TARGETNAME_ATTRIBUTE_SERVICE CRED_TARGETNAME_ATTRIBUTE_SERVICE_A
#define CRED_TARGETNAME_ATTRIBUTE_NETWORK CRED_TARGETNAME_ATTRIBUTE_NETWORK_A
#define CRED_TARGETNAME_ATTRIBUTE_NETWORKCLEARTEXT CRED_TARGETNAME_ATTRIBUTE_NETWORKCLEARTEXT_A
#define CRED_TARGETNAME_ATTRIBUTE_REMOTEINTERACTIVE CRED_TARGETNAME_ATTRIBUTE_REMOTEINTERACTIVE_A
#define CRED_TARGETNAME_ATTRIBUTE_CACHEDINTERACTIVE CRED_TARGETNAME_ATTRIBUTE_CACHEDINTERACTIVE_A
#endif // UNICODE
//
// Add\Extract Logon type from flags
//
#define CRED_LOGON_TYPES_MASK 0xF000 // Mask to get logon types
#define CredAppendLogonTypeToFlags(Flags, LogonType) (Flags) |= ((LogonType) << 12)
#define CredGetLogonTypeFromFlags(Flags) ((SECURITY_LOGON_TYPE)(((Flags) & CRED_LOGON_TYPES_MASK) >> 12))
#define CredRemoveLogonTypeFromFlags(Flags) (Flags) &= ~CRED_LOGON_TYPES_MASK
//
// Values of the Credential Flags field.
//
#define CRED_FLAGS_PASSWORD_FOR_CERT 0x0001
#define CRED_FLAGS_PROMPT_NOW 0x0002
#define CRED_FLAGS_USERNAME_TARGET 0x0004
#define CRED_FLAGS_OWF_CRED_BLOB 0x0008
#define CRED_FLAGS_REQUIRE_CONFIRMATION 0x0010
//
// Valid only for return and only with CredReadDomainCredentials().
// Indicates credential was returned due to wildcard match
// of targetname with credential.
//
#define CRED_FLAGS_WILDCARD_MATCH 0x0020
#define CRED_FLAGS_VALID_FLAGS 0xF03F // Mask of all valid flags
//
// Bit mask for only those flags which can be passed to the credman
// APIs.
//
#define CRED_FLAGS_VALID_INPUT_FLAGS 0xF01F
//
// Values of the Credential Type field.
//
#define CRED_TYPE_GENERIC 1
#define CRED_TYPE_DOMAIN_PASSWORD 2
#define CRED_TYPE_DOMAIN_CERTIFICATE 3
#define CRED_TYPE_DOMAIN_VISIBLE_PASSWORD 4
#define CRED_TYPE_GENERIC_CERTIFICATE 5
#define CRED_TYPE_DOMAIN_EXTENDED 6
#define CRED_TYPE_MAXIMUM 7 // Maximum supported cred type
#define CRED_TYPE_MAXIMUM_EX (CRED_TYPE_MAXIMUM+1000) // Allow new applications to run on old OSes
//
// Maximum size of the CredBlob field (in bytes)
//
#define CRED_MAX_CREDENTIAL_BLOB_SIZE (5*512)
//
// Values of the Credential Persist field
//
#define CRED_PERSIST_NONE 0
#define CRED_PERSIST_SESSION 1
#define CRED_PERSIST_LOCAL_MACHINE 2
#define CRED_PERSIST_ENTERPRISE 3
//
// A credential
//
typedef struct _CREDENTIALA {
DWORD Flags;
DWORD Type;
LPSTR TargetName;
LPSTR Comment;
FILETIME LastWritten;
DWORD CredentialBlobSize;
__field_bcount(CredentialBlobSize) LPBYTE CredentialBlob;
DWORD Persist;
DWORD AttributeCount;
PCREDENTIAL_ATTRIBUTEA Attributes;
LPSTR TargetAlias;
LPSTR UserName;
} CREDENTIALA, *PCREDENTIALA;
typedef struct _CREDENTIALW {
DWORD Flags;
DWORD Type;
#ifdef MIDL_PASS
[string,max_is(CRED_MAX_GENERIC_TARGET_NAME_LENGTH-1)] wchar_t *TargetName;
#else // MIDL_PASS
LPWSTR TargetName;
#endif // MIDL_PASS
#ifdef MIDL_PASS
[string,max_is(CRED_MAX_STRING_LENGTH-1)] wchar_t *Comment;
#else // MIDL_PASS
LPWSTR Comment;
#endif // MIDL_PASS
FILETIME LastWritten;
#ifdef MIDL_PASS
[range(0,CRED_MAX_CREDENTIAL_BLOB_SIZE)]
#endif // MIDL_PASS
DWORD CredentialBlobSize;
#ifdef MIDL_PASS
[size_is(CredentialBlobSize)]
#endif // MIDL_PASS
LPBYTE CredentialBlob;
DWORD Persist;
#ifdef MIDL_PASS
[range(0,CRED_MAX_ATTRIBUTES)]
#endif // MIDL_PASS
DWORD AttributeCount;
#ifdef MIDL_PASS
[size_is(AttributeCount)]
#endif // MIDL_PASS
PCREDENTIAL_ATTRIBUTEW Attributes;
#ifdef MIDL_PASS
[string,max_is(CRED_MAX_STRING_LENGTH-1)] wchar_t *TargetAlias;
#else // MIDL_PASS
LPWSTR TargetAlias;
#endif // MIDL_PASS
#ifdef MIDL_PASS
[string,max_is(CRED_MAX_USERNAME_LENGTH-1)] wchar_t *UserName;
#else // MIDL_PASS
LPWSTR UserName;
#endif // MIDL_PASS
} CREDENTIALW, *PCREDENTIALW;
#ifdef UNICODE
typedef CREDENTIALW CREDENTIAL;
typedef PCREDENTIALW PCREDENTIAL;
#else
typedef CREDENTIALA CREDENTIAL;
typedef PCREDENTIALA PCREDENTIAL;
#endif // UNICODE
//
// Value of the Flags field in CREDENTIAL_TARGET_INFORMATION
//
#define CRED_TI_SERVER_FORMAT_UNKNOWN 0x0001 // Don't know if server name is DNS or netbios format
#define CRED_TI_DOMAIN_FORMAT_UNKNOWN 0x0002 // Don't know if domain name is DNS or netbios format
#define CRED_TI_ONLY_PASSWORD_REQUIRED 0x0004 // Server only requires a password and not a username
#define CRED_TI_USERNAME_TARGET 0x0008 // TargetName is username
#define CRED_TI_CREATE_EXPLICIT_CRED 0x0010 // When creating a cred, create one named TargetInfo->TargetName
#define CRED_TI_WORKGROUP_MEMBER 0x0020 // Indicates the machine is a member of a workgroup
#define CRED_TI_VALID_FLAGS 0xF07F
//
// A credential target
//
typedef struct _CREDENTIAL_TARGET_INFORMATIONA {
LPSTR TargetName;
LPSTR NetbiosServerName;
LPSTR DnsServerName;
LPSTR NetbiosDomainName;
LPSTR DnsDomainName;
LPSTR DnsTreeName;
LPSTR PackageName;
ULONG Flags;
DWORD CredTypeCount;
LPDWORD CredTypes;
} CREDENTIAL_TARGET_INFORMATIONA, *PCREDENTIAL_TARGET_INFORMATIONA;
typedef struct _CREDENTIAL_TARGET_INFORMATIONW {
#ifdef MIDL_PASS
[string,max_is(CRED_MAX_DOMAIN_TARGET_NAME_LENGTH-1)] wchar_t *TargetName;
[string,max_is(CRED_MAX_DOMAIN_TARGET_NAME_LENGTH-1)] wchar_t *NetbiosServerName;
[string,max_is(CRED_MAX_DOMAIN_TARGET_NAME_LENGTH-1)] wchar_t *DnsServerName;
[string,max_is(CRED_MAX_DOMAIN_TARGET_NAME_LENGTH-1)] wchar_t *NetbiosDomainName;
[string,max_is(CRED_MAX_DOMAIN_TARGET_NAME_LENGTH-1)] wchar_t *DnsDomainName;
[string,max_is(CRED_MAX_DOMAIN_TARGET_NAME_LENGTH-1)] wchar_t *DnsTreeName;
[string,max_is(CRED_MAX_STRING_LENGTH-1)] wchar_t *PackageName;
#else // MIDL_PASS
LPWSTR TargetName;
LPWSTR NetbiosServerName;
LPWSTR DnsServerName;
LPWSTR NetbiosDomainName;
LPWSTR DnsDomainName;
LPWSTR DnsTreeName;
LPWSTR PackageName;
#endif // MIDL_PASS
ULONG Flags;
#ifdef MIDL_PASS
[range(0,CRED_TYPE_MAXIMUM_EX)]
#endif // MIDL_PASS
DWORD CredTypeCount;
#ifdef MIDL_PASS
[size_is(CredTypeCount)]
#endif // MIDL_PASS
LPDWORD CredTypes;
} CREDENTIAL_TARGET_INFORMATIONW, *PCREDENTIAL_TARGET_INFORMATIONW;
#ifdef UNICODE
typedef CREDENTIAL_TARGET_INFORMATIONW CREDENTIAL_TARGET_INFORMATION;
typedef PCREDENTIAL_TARGET_INFORMATIONW PCREDENTIAL_TARGET_INFORMATION;
#else
typedef CREDENTIAL_TARGET_INFORMATIONA CREDENTIAL_TARGET_INFORMATION;
typedef PCREDENTIAL_TARGET_INFORMATIONA PCREDENTIAL_TARGET_INFORMATION;
#endif // UNICODE
//
// Certificate credential information
//
// The cbSize should be the size of the structure, sizeof(CERT_CREDENTIAL_INFO),
// rgbHashofCert is the hash of the cert which is to be used as the credential.
//
#define CERT_HASH_LENGTH 20 // SHA1 hashes are used for cert hashes
typedef struct _CERT_CREDENTIAL_INFO {
ULONG cbSize;
UCHAR rgbHashOfCert[CERT_HASH_LENGTH];
} CERT_CREDENTIAL_INFO, *PCERT_CREDENTIAL_INFO;
//
// Username Target credential information
//
// This credential can be pass to LsaLogonUser to ask it to find a credential with a
// TargetName of UserName.
//
typedef struct _USERNAME_TARGET_CREDENTIAL_INFO {
LPWSTR UserName;
} USERNAME_TARGET_CREDENTIAL_INFO, *PUSERNAME_TARGET_CREDENTIAL_INFO;
//
// Marshaled credential blob information.
//
typedef struct _BINARY_BLOB_CREDENTIAL_INFO {
ULONG cbBlob;
LPBYTE pbBlob;
} BINARY_BLOB_CREDENTIAL_INFO, *PBINARY_BLOB_CREDENTIAL_INFO;
//
// Credential type for credential marshaling routines
//
typedef enum _CRED_MARSHAL_TYPE {
CertCredential = 1,
UsernameTargetCredential,
BinaryBlobCredential,
UsernameForPackedCredentials, // internal only, reserved
} CRED_MARSHAL_TYPE, *PCRED_MARSHAL_TYPE;
//
// Protection type for credential providers secret protection routines
//
typedef enum _CRED_PROTECTION_TYPE {
CredUnprotected,
CredUserProtection,
CredTrustedProtection
} CRED_PROTECTION_TYPE, *PCRED_PROTECTION_TYPE;
//
// Values for authentication buffers packing
//
#define CRED_PACK_PROTECTED_CREDENTIALS 0x1
#define CRED_PACK_WOW_BUFFER 0x2
#define CRED_PACK_GENERIC_CREDENTIALS 0x4
//
// Credential UI info
//
#define _CREDUI_INFO_DEFINED
typedef struct _CREDUI_INFOA
{
DWORD cbSize;
HWND hwndParent;
PCSTR pszMessageText;
PCSTR pszCaptionText;
HBITMAP hbmBanner;
} CREDUI_INFOA, *PCREDUI_INFOA;
typedef struct _CREDUI_INFOW
{
DWORD cbSize;
HWND hwndParent;
PCWSTR pszMessageText;
PCWSTR pszCaptionText;
HBITMAP hbmBanner;
} CREDUI_INFOW, *PCREDUI_INFOW;
#ifdef UNICODE
typedef CREDUI_INFOW CREDUI_INFO;
typedef PCREDUI_INFOW PCREDUI_INFO;
#else
typedef CREDUI_INFOA CREDUI_INFO;
typedef PCREDUI_INFOA PCREDUI_INFO;
#endif
//-----------------------------------------------------------------------------
// Values
//-----------------------------------------------------------------------------
// String length limits:
#define CREDUI_MAX_MESSAGE_LENGTH 32767
#define CREDUI_MAX_CAPTION_LENGTH 128
#define CREDUI_MAX_GENERIC_TARGET_LENGTH CRED_MAX_GENERIC_TARGET_NAME_LENGTH
#define CREDUI_MAX_DOMAIN_TARGET_LENGTH CRED_MAX_DOMAIN_TARGET_NAME_LENGTH
//
// Username can be in <domain>\<user> or <user>@<domain>
// Length in characters, not including NULL termination.
//
#define CREDUI_MAX_USERNAME_LENGTH CRED_MAX_USERNAME_LENGTH
#define CREDUI_MAX_PASSWORD_LENGTH (512 / 2)
//
// Packed credential returned by SspiEncodeAuthIdentityAsStrings().
// Length in characters, not including NULL termination.
//
#define CREDUI_MAX_PACKED_CREDENTIALS_LENGTH ((MAXUSHORT / 2) - 2)
// maximum length in bytes for binary credential blobs
#define CREDUI_MAX_CREDENTIALS_BLOB_SIZE (MAXUSHORT)
//
// Flags for CredUIPromptForCredentials and/or CredUICmdLinePromptForCredentials
//
#define CREDUI_FLAGS_INCORRECT_PASSWORD 0x00001 // indicates the username is valid, but password is not
#define CREDUI_FLAGS_DO_NOT_PERSIST 0x00002 // Do not show "Save" checkbox, and do not persist credentials
#define CREDUI_FLAGS_REQUEST_ADMINISTRATOR 0x00004 // Populate list box with admin accounts
#define CREDUI_FLAGS_EXCLUDE_CERTIFICATES 0x00008 // do not include certificates in the drop list
#define CREDUI_FLAGS_REQUIRE_CERTIFICATE 0x00010
#define CREDUI_FLAGS_SHOW_SAVE_CHECK_BOX 0x00040
#define CREDUI_FLAGS_ALWAYS_SHOW_UI 0x00080
#define CREDUI_FLAGS_REQUIRE_SMARTCARD 0x00100
#define CREDUI_FLAGS_PASSWORD_ONLY_OK 0x00200
#define CREDUI_FLAGS_VALIDATE_USERNAME 0x00400
#define CREDUI_FLAGS_COMPLETE_USERNAME 0x00800 //
#define CREDUI_FLAGS_PERSIST 0x01000 // Do not show "Save" checkbox, but persist credentials anyway
#define CREDUI_FLAGS_SERVER_CREDENTIAL 0x04000
#define CREDUI_FLAGS_EXPECT_CONFIRMATION 0x20000 // do not persist unless caller later confirms credential via CredUIConfirmCredential() api
#define CREDUI_FLAGS_GENERIC_CREDENTIALS 0x40000 // Credential is a generic credential
#define CREDUI_FLAGS_USERNAME_TARGET_CREDENTIALS 0x80000 // Credential has a username as the target
#define CREDUI_FLAGS_KEEP_USERNAME 0x100000 // don't allow the user to change the supplied username
//
// Mask of flags valid for CredUIPromptForCredentials
//
#define CREDUI_FLAGS_PROMPT_VALID ( \
CREDUI_FLAGS_INCORRECT_PASSWORD | \
CREDUI_FLAGS_DO_NOT_PERSIST | \
CREDUI_FLAGS_REQUEST_ADMINISTRATOR | \
CREDUI_FLAGS_EXCLUDE_CERTIFICATES | \
CREDUI_FLAGS_REQUIRE_CERTIFICATE | \
CREDUI_FLAGS_SHOW_SAVE_CHECK_BOX | \
CREDUI_FLAGS_ALWAYS_SHOW_UI | \
CREDUI_FLAGS_REQUIRE_SMARTCARD | \
CREDUI_FLAGS_PASSWORD_ONLY_OK | \
CREDUI_FLAGS_VALIDATE_USERNAME | \
CREDUI_FLAGS_COMPLETE_USERNAME | \
CREDUI_FLAGS_PERSIST | \
CREDUI_FLAGS_SERVER_CREDENTIAL | \
CREDUI_FLAGS_EXPECT_CONFIRMATION | \
CREDUI_FLAGS_GENERIC_CREDENTIALS | \
CREDUI_FLAGS_USERNAME_TARGET_CREDENTIALS | \
CREDUI_FLAGS_KEEP_USERNAME )
//
// Flags for CredUIPromptForWindowsCredentials and CPUS_CREDUI Usage Scenarios
//
#define CREDUIWIN_GENERIC 0x00000001 // Plain text username/password is being requested
#define CREDUIWIN_CHECKBOX 0x00000002 // Show the Save Credential checkbox
#define CREDUIWIN_AUTHPACKAGE_ONLY 0x00000010 // Only Cred Providers that support the input auth package should enumerate
#define CREDUIWIN_IN_CRED_ONLY 0x00000020 // Only the incoming cred for the specific auth package should be enumerated
#define CREDUIWIN_ENUMERATE_ADMINS 0x00000100 // Cred Providers should enumerate administrators only
#define CREDUIWIN_ENUMERATE_CURRENT_USER 0x00000200 // Only the incoming cred for the specific auth package should be enumerated
#define CREDUIWIN_SECURE_PROMPT 0x00001000 // The Credui prompt should be displayed on the secure desktop
#define CREDUIWIN_PACK_32_WOW 0x10000000 // Tell the credential provider it should be packing its Auth Blob 32 bit even though it is running 64 native
#define CREDUIWIN_VALID_FLAGS ( \
CREDUIWIN_GENERIC | \
CREDUIWIN_CHECKBOX | \
CREDUIWIN_AUTHPACKAGE_ONLY | \
CREDUIWIN_IN_CRED_ONLY | \
CREDUIWIN_ENUMERATE_ADMINS | \
CREDUIWIN_ENUMERATE_CURRENT_USER | \
CREDUIWIN_SECURE_PROMPT | \
CREDUIWIN_PACK_32_WOW )
//-----------------------------------------------------------------------------
// Functions
//-----------------------------------------------------------------------------
//
// Values of flags to CredWrite and CredWriteDomainCredentials
//
#define CRED_PRESERVE_CREDENTIAL_BLOB 0x1
WINADVAPI
BOOL
WINAPI
CredWriteW (
__in PCREDENTIALW Credential,
__in DWORD Flags
);
WINADVAPI
BOOL
WINAPI
CredWriteA (
__in PCREDENTIALA Credential,
__in DWORD Flags
);
#ifdef UNICODE
#define CredWrite CredWriteW
#else
#define CredWrite CredWriteA
#endif // UNICODE
WINADVAPI
BOOL
WINAPI
CredReadW (
__in LPCWSTR TargetName,
__in DWORD Type,
__reserved DWORD Flags,
__out PCREDENTIALW *Credential
);
WINADVAPI
BOOL
WINAPI
CredReadA (
__in LPCSTR TargetName,
__in DWORD Type,
__reserved DWORD Flags,
__out PCREDENTIALA *Credential
);
#ifdef UNICODE
#define CredRead CredReadW
#else
#define CredRead CredReadA
#endif // UNICODE
//
// Values of flags to CredEnumerate
//
#define CRED_ENUMERATE_ALL_CREDENTIALS 0x1
WINADVAPI
BOOL
WINAPI
CredEnumerateW (
__in_opt LPCWSTR Filter,
__reserved DWORD Flags,
__out DWORD *Count,
__deref_out_ecount(*Count) PCREDENTIALW **Credential
);
WINADVAPI
BOOL
WINAPI
CredEnumerateA (
__in_opt LPCSTR Filter,
__reserved DWORD Flags,
__out DWORD *Count,
__deref_out_ecount(*Count) PCREDENTIALA **Credential
);
#ifdef UNICODE
#define CredEnumerate CredEnumerateW
#else
#define CredEnumerate CredEnumerateA
#endif // UNICODE
WINADVAPI
BOOL
WINAPI
CredWriteDomainCredentialsW (
__in PCREDENTIAL_TARGET_INFORMATIONW TargetInfo,
__in PCREDENTIALW Credential,
__in DWORD Flags
);
WINADVAPI
BOOL
WINAPI
CredWriteDomainCredentialsA (
__in PCREDENTIAL_TARGET_INFORMATIONA TargetInfo,
__in PCREDENTIALA Credential,
__in DWORD Flags
);
#ifdef UNICODE
#define CredWriteDomainCredentials CredWriteDomainCredentialsW
#else
#define CredWriteDomainCredentials CredWriteDomainCredentialsA
#endif // UNICODE
//
// Values of flags to CredReadDomainCredentials
//
#define CRED_CACHE_TARGET_INFORMATION 0x1
WINADVAPI
BOOL
WINAPI
CredReadDomainCredentialsW (
__in PCREDENTIAL_TARGET_INFORMATIONW TargetInfo,
__in DWORD Flags,
__out DWORD *Count,
__deref_out_ecount(*Count) PCREDENTIALW **Credential
);
WINADVAPI
BOOL
WINAPI
CredReadDomainCredentialsA (
__in PCREDENTIAL_TARGET_INFORMATIONA TargetInfo,
__in DWORD Flags,
__out DWORD *Count,
__deref_out_ecount(*Count) PCREDENTIALA **Credential
);
#ifdef UNICODE
#define CredReadDomainCredentials CredReadDomainCredentialsW
#else
#define CredReadDomainCredentials CredReadDomainCredentialsA
#endif // UNICODE
WINADVAPI
BOOL
WINAPI
CredDeleteW (
__in LPCWSTR TargetName,
__in DWORD Type,
__reserved DWORD Flags
);
WINADVAPI
BOOL
WINAPI
CredDeleteA (
__in LPCSTR TargetName,
__in DWORD Type,
__reserved DWORD Flags
);
#ifdef UNICODE
#define CredDelete CredDeleteW
#else
#define CredDelete CredDeleteA
#endif // UNICODE
WINADVAPI
BOOL
WINAPI
CredRenameW (
__in LPCWSTR OldTargetName,
__in LPCWSTR NewTargetName,
__in DWORD Type,
__reserved DWORD Flags
);
WINADVAPI
BOOL
WINAPI
CredRenameA (
__in LPCSTR OldTargetName,
__in LPCSTR NewTargetName,
__in DWORD Type,
__reserved DWORD Flags
);
#ifdef UNICODE
#define CredRename CredRenameW
#else
#define CredRename CredRenameA
#endif // UNICODE
//
// Values of flags to CredGetTargetInfo
//
#define CRED_ALLOW_NAME_RESOLUTION 0x1
WINADVAPI
BOOL
WINAPI
CredGetTargetInfoW (
__in LPCWSTR TargetName,
__in DWORD Flags,
__out PCREDENTIAL_TARGET_INFORMATIONW *TargetInfo
);
WINADVAPI
BOOL
WINAPI
CredGetTargetInfoA (
__in LPCSTR TargetName,
__in DWORD Flags,
__out PCREDENTIAL_TARGET_INFORMATIONA *TargetInfo
);
#ifdef UNICODE
#define CredGetTargetInfo CredGetTargetInfoW
#else
#define CredGetTargetInfo CredGetTargetInfoA
#endif // UNICODE
WINADVAPI
BOOL
WINAPI
CredMarshalCredentialW(
__in CRED_MARSHAL_TYPE CredType,
__in PVOID Credential,
__out LPWSTR *MarshaledCredential
);
WINADVAPI
BOOL
WINAPI
CredMarshalCredentialA(
__in CRED_MARSHAL_TYPE CredType,
__in PVOID Credential,
__out LPSTR *MarshaledCredential
);
#ifdef UNICODE
#define CredMarshalCredential CredMarshalCredentialW
#else
#define CredMarshalCredential CredMarshalCredentialA
#endif // UNICODE
WINADVAPI
BOOL
WINAPI
CredUnmarshalCredentialW(
__in LPCWSTR MarshaledCredential,
__out PCRED_MARSHAL_TYPE CredType,
__out PVOID *Credential
);
WINADVAPI
BOOL
WINAPI
CredUnmarshalCredentialA(
__in LPCSTR MarshaledCredential,
__out PCRED_MARSHAL_TYPE CredType,
__out PVOID *Credential
);
#ifdef UNICODE
#define CredUnmarshalCredential CredUnmarshalCredentialW
#else
#define CredUnmarshalCredential CredUnmarshalCredentialA
#endif // UNICODE
WINADVAPI
BOOL
WINAPI
CredIsMarshaledCredentialW(
__in LPCWSTR MarshaledCredential
);
WINADVAPI
BOOL
WINAPI
CredIsMarshaledCredentialA(
__in LPCSTR MarshaledCredential
);
#ifdef UNICODE
#define CredIsMarshaledCredential CredIsMarshaledCredentialW
#else
#define CredIsMarshaledCredential CredIsMarshaledCredentialA
#endif // UNICODE
CREDUIAPI
BOOL
WINAPI
CredUnPackAuthenticationBufferW(
__in DWORD dwFlags,
__in_bcount(cbAuthBuffer) PVOID pAuthBuffer,
__in DWORD cbAuthBuffer,
__out_ecount_opt(*pcchMaxUserName) LPWSTR pszUserName,
__inout DWORD* pcchMaxUserName,
__out_ecount_opt(*pcchMaxDomainName) LPWSTR pszDomainName,
__inout_opt DWORD* pcchMaxDomainName,
__out_ecount_opt(*pcchMaxPassword) LPWSTR pszPassword,
__inout DWORD* pcchMaxPassword
);
CREDUIAPI
BOOL
WINAPI
CredUnPackAuthenticationBufferA(
__in DWORD dwFlags,
__in_bcount(cbAuthBuffer) PVOID pAuthBuffer,
__in DWORD cbAuthBuffer,
__out_ecount_opt(*pcchMaxUserName) LPSTR pszUserName,
__inout DWORD* pcchlMaxUserName,
__out_ecount_opt(*pcchMaxDomainName) LPSTR pszDomainName,
__inout_opt DWORD* pcchMaxDomainName,
__out_ecount_opt(*pcchMaxPassword) LPSTR pszPassword,
__inout DWORD* pcchMaxPassword
);
#ifdef UNICODE
#define CredUnPackAuthenticationBuffer CredUnPackAuthenticationBufferW
#else
#define CredUnPackAuthenticationBuffer CredUnPackAuthenticationBufferA
#endif //UNICODE
CREDUIAPI
BOOL
WINAPI
CredPackAuthenticationBufferW(
__in DWORD dwFlags,
__in LPWSTR pszUserName,
__in LPWSTR pszPassword,
__out_bcount_opt(*pcbPackedCredentials) PBYTE pPackedCredentials,
__inout DWORD* pcbPackedCredentials
);
CREDUIAPI
BOOL
WINAPI
CredPackAuthenticationBufferA(
__in DWORD dwFlags,
__in LPSTR pszUserName,
__in LPSTR pszPassword,
__out_bcount_opt(*pcbPackedCredentials) PBYTE pPackedCredentials,
__inout DWORD* pcbPackedCredentials
);
#ifdef UNICODE
#define CredPackAuthenticationBuffer CredPackAuthenticationBufferW
#else
#define CredPackAuthenticationBuffer CredPackAuthenticationBufferA
#endif //UNICODE
WINADVAPI
BOOL
WINAPI
CredProtectW(
__in BOOL fAsSelf,
__in_ecount(cchCredentials) LPWSTR pszCredentials,
__in DWORD cchCredentials,
__out_ecount(*pcchMaxChars) LPWSTR pszProtectedCredentials,
__inout DWORD* pcchMaxChars,
__out_opt CRED_PROTECTION_TYPE* ProtectionType
);
WINADVAPI
BOOL
WINAPI
CredProtectA(
__in BOOL fAsSelf,
__in_ecount(cchCredentials) LPSTR pszCredentials,
__in DWORD cchCredentials,
__out_ecount(*pcchMaxChars) LPSTR pszProtectedCredentials,
__inout DWORD* pcchMaxChars,
__out_opt CRED_PROTECTION_TYPE* ProtectionType
);
#ifdef UNICODE
#define CredProtect CredProtectW
#else
#define CredProtect CredProtectA
#endif //UNICODE
WINADVAPI
BOOL
WINAPI
CredUnprotectW(
__in BOOL fAsSelf,
__in_ecount(cchProtectedCredentials) LPWSTR pszProtectedCredentials,
__in DWORD cchProtectedCredentials,
__out_ecount_opt(*pcchMaxChars) LPWSTR pszCredentials,
__inout DWORD* pcchMaxChars
);
WINADVAPI
BOOL
WINAPI
CredUnprotectA(
__in BOOL fAsSelf,
__in_ecount(cchProtectedCredentials) LPSTR pszProtectedCredentials,
__in DWORD cchProtectedCredentials,
__out_ecount_opt(*pcchMaxChars) LPSTR pszCredentials,
__inout DWORD* pcchMaxChars
);
#ifdef UNICODE
#define CredUnprotect CredUnprotectW
#else
#define CredUnprotect CredUnprotectA
#endif //UNICODE
WINADVAPI
BOOL
WINAPI
CredIsProtectedW(
__in LPWSTR pszProtectedCredentials,
__out CRED_PROTECTION_TYPE* pProtectionType
);
WINADVAPI
BOOL
WINAPI
CredIsProtectedA(
__in LPSTR pszProtectedCredentials,
__out CRED_PROTECTION_TYPE* pProtectionType
);
#ifdef UNICODE
#define CredIsProtected CredIsProtectedW
#else
#define CredIsProtected CredIsProtectedA
#endif //UNICODE
WINADVAPI
BOOL
WINAPI
CredFindBestCredentialW (
IN LPCWSTR TargetName,
IN DWORD Type,
IN DWORD Flags,
OUT PCREDENTIALW *Credential
);
WINADVAPI
BOOL
WINAPI
CredFindBestCredentialA (
IN LPCSTR TargetName,
IN DWORD Type,
IN DWORD Flags,
OUT PCREDENTIALA *Credential
);
#ifdef UNICODE
#define CredFindBestCredential CredFindBestCredentialW
#else
#define CredFindBestCredential CredFindBestCredentialA
#endif // UNICODE
WINADVAPI
BOOL
WINAPI
CredGetSessionTypes (
__in DWORD MaximumPersistCount,
__out LPDWORD MaximumPersist
);
WINADVAPI
VOID
WINAPI
CredFree (
__in PVOID Buffer
);
CREDUIAPI
DWORD
WINAPI
CredUIPromptForCredentialsW(
__in_opt PCREDUI_INFOW pUiInfo,
__in_opt PCWSTR pszTargetName,
__reserved PCtxtHandle pContext,
__in DWORD dwAuthError,
__inout_ecount(ulUserNameBufferSize) PWSTR pszUserName,
__in ULONG ulUserNameBufferSize,
__inout_ecount(ulPasswordBufferSize) PWSTR pszPassword,
__in ULONG ulPasswordBufferSize,
__inout_opt BOOL *save,
__in DWORD dwFlags
);
CREDUIAPI
DWORD
WINAPI
CredUIPromptForCredentialsA(
__in_opt PCREDUI_INFOA pUiInfo,
__in_opt PCSTR pszTargetName,
__reserved PCtxtHandle pContext,
__in DWORD dwAuthError,
__inout_ecount(ulUserNameBufferSize) PSTR pszUserName,
__in ULONG ulUserNameBufferSize,
__inout_ecount(ulPasswordBufferSize) PSTR pszPassword,
__in ULONG ulPasswordBufferSize,
__inout_opt BOOL *save,
__in DWORD dwFlags
);
#ifdef UNICODE
#define CredUIPromptForCredentials CredUIPromptForCredentialsW
#else
#define CredUIPromptForCredentials CredUIPromptForCredentialsA
#endif
CREDUIAPI
DWORD
WINAPI
CredUIPromptForWindowsCredentialsW(
__in_opt PCREDUI_INFOW pUiInfo,
__in DWORD dwAuthError,
__inout ULONG *pulAuthPackage,
__in_bcount_opt(ulInAuthBufferSize) LPCVOID pvInAuthBuffer,
__in ULONG ulInAuthBufferSize,
__deref_out_bcount_full(*pulOutAuthBufferSize) LPVOID * ppvOutAuthBuffer,
__out ULONG * pulOutAuthBufferSize,
__inout_opt BOOL *pfSave,
__in DWORD dwFlags
);
CREDUIAPI
DWORD
WINAPI
CredUIPromptForWindowsCredentialsA(
__in_opt PCREDUI_INFOA pUiInfo,
__in DWORD dwAuthError,
__inout ULONG *pulAuthPackage,
__in_bcount_opt(ulInAuthBufferSize) LPCVOID pvInAuthBuffer,
__in ULONG ulInAuthBufferSize,
__deref_out_bcount_full(*pulOutAuthBufferSize) LPVOID * ppvOutAuthBuffer,
__out ULONG * pulOutAuthBufferSize,
__inout_opt BOOL *pfSave,
__in DWORD dwFlags
);
#ifdef UNICODE
#define CredUIPromptForWindowsCredentials CredUIPromptForWindowsCredentialsW
#else
#define CredUIPromptForWindowsCredentials CredUIPromptForWindowsCredentialsA
#endif
CREDUIAPI
DWORD
WINAPI
CredUIParseUserNameW(
__in CONST WCHAR *UserName,
__out_ecount(userBufferSize) WCHAR *user,
__in ULONG userBufferSize,
__out_ecount(domainBufferSize) WCHAR *domain,
__in ULONG domainBufferSize
);
CREDUIAPI
DWORD
WINAPI
CredUIParseUserNameA(
__in CONST CHAR *userName,
__out_ecount(userBufferSize) CHAR *user,
__in ULONG userBufferSize,
__out_ecount(domainBufferSize) CHAR *domain,
__in ULONG domainBufferSize
);
#ifdef UNICODE
#define CredUIParseUserName CredUIParseUserNameW
#else
#define CredUIParseUserName CredUIParseUserNameA
#endif
CREDUIAPI
DWORD
WINAPI
CredUICmdLinePromptForCredentialsW(
__in_opt PCWSTR pszTargetName,
__reserved PCtxtHandle pContext,
__in DWORD dwAuthError,
__inout_ecount(ulUserBufferSize) PWSTR UserName,
__in ULONG ulUserBufferSize,
__inout_ecount(ulPasswordBufferSize) PWSTR pszPassword,
__in ULONG ulPasswordBufferSize,
__inout_opt PBOOL pfSave,
__in DWORD dwFlags
);
CREDUIAPI
DWORD
WINAPI
CredUICmdLinePromptForCredentialsA(
__in_opt PCSTR pszTargetName,
__reserved PCtxtHandle pContext,
__in DWORD dwAuthError,
__inout_ecount(ulUserBufferSize) PSTR UserName,
__in ULONG ulUserBufferSize,
__inout_ecount(ulPasswordBufferSize) PSTR pszPassword,
__in ULONG ulPasswordBufferSize,
__inout_opt PBOOL pfSave,
__in DWORD dwFlags
);
#ifdef UNICODE
#define CredUICmdLinePromptForCredentials CredUICmdLinePromptForCredentialsW
#else
#define CredUICmdLinePromptForCredentials CredUICmdLinePromptForCredentialsA
#endif
//
// Call this API with bConfirm set to TRUE to confirm that the credential (previously created
// via CredUIGetCredentials or CredUIPromptForCredentials worked, or with bConfirm set to FALSE
// to indicate it didn't
CREDUIAPI
DWORD
WINAPI
CredUIConfirmCredentialsW(
__in PCWSTR pszTargetName,
__in BOOL bConfirm
);
CREDUIAPI
DWORD
WINAPI
CredUIConfirmCredentialsA(
__in PCSTR pszTargetName,
__in BOOL bConfirm
);
#ifdef UNICODE
#define CredUIConfirmCredentials CredUIConfirmCredentialsW
#else
#define CredUIConfirmCredentials CredUIConfirmCredentialsA
#endif
CREDUIAPI
DWORD
WINAPI
CredUIStoreSSOCredW (
__in_opt PCWSTR pszRealm,
__in PCWSTR pszUsername,
__in PCWSTR pszPassword,
__in BOOL bPersist
);
CREDUIAPI
DWORD
WINAPI
CredUIReadSSOCredW (
__in_opt PCWSTR pszRealm,
__deref_out PWSTR* ppszUsername
);
#ifdef __cplusplus
}
#endif
#endif // _WINCRED_H_
Reference in New Issue View Git Blame Copy Permalink