//+----------------------------------------------------------------------- // // File: kerbsupp.h // // Contents: prototypes for kerberos support routines // // // History: // //------------------------------------------------------------------------ #ifndef _INC_KERBSUPP_ #define _INC_KERBSUPP_ #include #include #include #include // // Global time constants // const TimeStamp tsInfinity = {0xFFFFFFFF, 0x7FFFFFFF}; const TimeStamp tsZero = {0, 0}; const LONG lInfinity = 0x7FFFFFFF; // Prototypes #ifdef __cplusplus class CAuthenticatorList; class CLogonAccount; // // Contains domain account policies that are required for checking logon // restrictions. // typedef struct _LogonPolicies { TimeStamp MaxPasswordAge; } LogonPolicies, *PLogonPolicies; SECURITY_STATUS NTAPI KerbCheckTicket(IN PKerbTicket pktTicket, IN PEncryptedData pedAuth, IN const KerbKey& kKey, IN OUT CAuthenticatorList& alAuthenList, IN const TimeStamp& tsSkew, IN const PWCHAR pwzServiceName, OUT PKerbInternalTicket pkitTicket, OUT PKerbInternalAuthenticator pkiaAuth, OUT PKerbKey pkSessionKey ); SECURITY_STATUS NTAPI CheckLogonRestrictions( IN SAMPR_HANDLE UserHandle, IN const TimeStamp& tsNow, IN const SECURITY_STRING& sMachineName, IN PLogonPolicies LogonData, OUT PULONG pcLogonSeconds ); #endif // ifdef __cplusplus #ifdef __cplusplus extern "C" { #endif SECURITY_STATUS NTAPI KerbPackTicket( PKerbInternalTicket pkitTicket, PKerbKey pkKey, ULONG dwEncrType, PKerbTicket * ppktTicket); SECURITY_STATUS NTAPI KerbUnpackTicket(PKerbTicket, PKerbKey, PKerbInternalTicket); SECURITY_STATUS NTAPI KerbMakeKey(PKerbKey); SECURITY_STATUS NTAPI KerbRandomFill(PUCHAR, ULONG); SECURITY_STATUS NTAPI KerbCreateAuthenticator(IN PKerbKey pkKey, IN DWORD dwEncrType, IN DWORD dwSeq, IN PUNICODE_STRING ClientName, IN PUNICODE_STRING ClientDomainName, IN PTimeStamp ptsTime, IN PKerbKey pkSubKey, IN OUT PULONG pcbAuthenIn, OUT PEncryptedData* ppedAuthenticator ); SECURITY_STATUS NTAPI KerbUnpackAuthenticator(PKerbInternalTicket, PEncryptedData, PKerbInternalAuthenticator); SECURITY_STATUS NTAPI KerbPackKDCReply(PKerbKDCReply, PKerbKey, ULONG, PEncryptedData *); SECURITY_STATUS NTAPI KerbUnpackKDCReply(PEncryptedData, PKerbKey, PKerbKDCReply); SECURITY_STATUS NTAPI KerbFreeTicket( PKerbInternalTicket pkitTicket ); SECURITY_STATUS NTAPI KerbFreeAuthenticator( PKerbInternalAuthenticator pkiaAuth ); SECURITY_STATUS NTAPI KerbFreeKDCReply( PKerbKDCReply pkrReply ); void NTAPI KerbHashPassword(PSECURITY_STRING, PKerbKey); SECURITY_STATUS NTAPI KIEncryptData(PEncryptedData, ULONG, ULONG, PKerbKey); SECURITY_STATUS NTAPI KIDecryptData(PEncryptedData, PKerbKey); void * KerbSafeAlloc(unsigned long); void KerbSafeFree(void *); typedef struct _KerbScatterBlock { ULONG cbData; PUCHAR pbData; } KerbScatterBlock, * PKerbScatterBlock; #ifdef __CRYPTDLL_H__ SECURITY_STATUS NTAPI KICheckSum( PUCHAR pbData, ULONG cbData, PCheckSumFunction pcsfSum, PCheckSum pcsCheckSum); SECURITY_STATUS NTAPI KICheckSumVerify( PUCHAR pbBuffer, ULONG cbBuffer, PCheckSum pcsCheck); SECURITY_STATUS NTAPI KIScatterEncrypt( PUCHAR pbHeader, ULONG cBlocks, PKerbScatterBlock psbList, PCryptoSystem pcsCrypt, PCheckSumFunction pcsfSum, PKerbKey pkKey); SECURITY_STATUS NTAPI KIScatterDecrypt( PUCHAR pbHeader, ULONG cBlocks, PKerbScatterBlock psbList, PCryptoSystem pcsCrypt, PCheckSumFunction pcsfSum, PKerbKey pkKey); #endif // using CRYPTDLL.h defines #ifdef __cplusplus } // extern "C" #endif #endif // _INC_KERBSUPP_