#ifdef _MSC_VER
#pragma once
#endif // _MSC_VER
#ifndef _APISECUREBASE_
#define _APISECUREBASE_
#include <apiset.h>
#include <apisetcconv.h>
#include <minwindef.h>
#include <minwinbase.h>
#ifdef __cplusplus
extern
"C"
{
#endif
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
(
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_In_ DWORD DesiredAccess,
_In_ PGENERIC_MAPPING GenericMapping,
_Out_writes_bytes_to_opt_(*PrivilegeSetLength,*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet,
_Inout_ LPDWORD PrivilegeSetLength,
_Out_ LPDWORD GrantedAccess,
_Out_ LPBOOL AccessStatus
);
AccessCheckAndAuditAlarmW
(
_In_ LPCWSTR SubsystemName,
_In_opt_ LPVOID HandleId,
_In_ LPWSTR ObjectTypeName,
_In_opt_ LPWSTR ObjectName,
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
_In_ DWORD DesiredAccess,
_In_ PGENERIC_MAPPING GenericMapping,
_In_ BOOL ObjectCreation,
_Out_ LPDWORD GrantedAccess,
_Out_ LPBOOL AccessStatus,
_Out_ LPBOOL pfGenerateOnClose
);
#ifdef UNICODE
#define AccessCheckAndAuditAlarm AccessCheckAndAuditAlarmW
#endif
(
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_In_opt_ PSID PrincipalSelfSid,
_In_ DWORD DesiredAccess,
_Inout_updates_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
_In_ DWORD ObjectTypeListLength,
_In_ PGENERIC_MAPPING GenericMapping,
_Out_writes_bytes_to_opt_(*PrivilegeSetLength,*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet,
_Inout_ LPDWORD PrivilegeSetLength,
_Out_ LPDWORD GrantedAccess,
_Out_ LPBOOL AccessStatus
);
AccessCheckByTypeResultList
(
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_In_opt_ PSID PrincipalSelfSid,
_In_ DWORD DesiredAccess,
_Inout_updates_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
_In_ DWORD ObjectTypeListLength,
_In_ PGENERIC_MAPPING GenericMapping,
_Out_writes_bytes_to_opt_(*PrivilegeSetLength,*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet,
_Inout_ LPDWORD PrivilegeSetLength,
_Out_writes_(ObjectTypeListLength) LPDWORD GrantedAccessList,
_Out_writes_(ObjectTypeListLength) LPDWORD AccessStatusList
);
AccessCheckByTypeAndAuditAlarmW
(
_In_ LPCWSTR SubsystemName,
_In_ LPCWSTR ObjectTypeName,
_In_opt_ LPCWSTR ObjectName,
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
_In_opt_ PSID PrincipalSelfSid,
_In_ DWORD DesiredAccess,
_In_ AUDIT_EVENT_TYPE AuditType,
_Inout_updates_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
_In_ DWORD ObjectTypeListLength,
_In_ PGENERIC_MAPPING GenericMapping,
_In_ BOOL ObjectCreation,
_Out_ LPDWORD GrantedAccess,
_Out_ LPBOOL AccessStatus,
_Out_ LPBOOL pfGenerateOnClose
);
#ifdef UNICODE
#define AccessCheckByTypeAndAuditAlarm AccessCheckByTypeAndAuditAlarmW
#endif
AccessCheckByTypeResultListAndAuditAlarmW
(
_In_ LPCWSTR SubsystemName,
_In_ LPCWSTR ObjectTypeName,
_In_opt_ LPCWSTR ObjectName,
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
_In_opt_ PSID PrincipalSelfSid,
_In_ DWORD DesiredAccess,
_In_ AUDIT_EVENT_TYPE AuditType,
_Inout_updates_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
_In_ DWORD ObjectTypeListLength,
_In_ PGENERIC_MAPPING GenericMapping,
_In_ BOOL ObjectCreation,
_Out_writes_(ObjectTypeListLength) LPDWORD GrantedAccessList,
_Out_writes_(ObjectTypeListLength) LPDWORD AccessStatusList,
_Out_ LPBOOL pfGenerateOnClose
);
#ifdef UNICODE
#define AccessCheckByTypeResultListAndAuditAlarm AccessCheckByTypeResultListAndAuditAlarmW
#endif
AccessCheckByTypeResultListAndAuditAlarmByHandleW
(
_In_ LPCWSTR SubsystemName,
_In_ LPCWSTR ObjectTypeName,
_In_opt_ LPCWSTR ObjectName,
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
_In_opt_ PSID PrincipalSelfSid,
_In_ DWORD DesiredAccess,
_In_ AUDIT_EVENT_TYPE AuditType,
_Inout_updates_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
_In_ DWORD ObjectTypeListLength,
_In_ PGENERIC_MAPPING GenericMapping,
_In_ BOOL ObjectCreation,
_Out_writes_(ObjectTypeListLength) LPDWORD GrantedAccessList,
_Out_writes_(ObjectTypeListLength) LPDWORD AccessStatusList,
_Out_ LPBOOL pfGenerateOnClose
);
#ifdef UNICODE
#define AccessCheckByTypeResultListAndAuditAlarmByHandle AccessCheckByTypeResultListAndAuditAlarmByHandleW
#endif
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
_In_ DWORD dwAceRevision,
);
(
_In_ DWORD dwAceRevision,
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
AddAccessAllowedObjectAce
(
_In_ DWORD dwAceRevision,
_In_opt_ GUID* ObjectTypeGuid,
_In_opt_ GUID* InheritedObjectTypeGuid,
);
(
_In_ DWORD dwAceRevision,
);
(
_In_ DWORD dwAceRevision,
);
(
_In_ DWORD dwAceRevision,
_In_opt_ GUID* ObjectTypeGuid,
_In_opt_ GUID* InheritedObjectTypeGuid,
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
_In_ DWORD dwAceRevision,
_In_ DWORD dwStartingAceIndex,
_In_reads_bytes_(nAceListLength) LPVOID pAceList,
_In_ DWORD nAceListLength
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
(
_In_ DWORD dwAceRevision,
);
(
_In_ DWORD dwAceRevision,
);
(
_In_ DWORD dwAceRevision,
_In_opt_ GUID* ObjectTypeGuid,
_In_opt_ GUID* InheritedObjectTypeGuid,
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
#if (_WIN32_WINNT >= 0x0600)
(
_In_ DWORD dwAceRevision,
_In_ DWORD MandatoryPolicy,
);
#endif /* _WIN32_WINNT >= 0x0600 */
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#if (_WIN32_WINNT >= _WIN32_WINNT_WIN8)
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
(
_In_ DWORD dwAceRevision,
_In_ PCLAIM_SECURITY_ATTRIBUTES_INFORMATION pAttributeInfo,
PCLAIM_SECURITY_ATTRIBUTES_INFORMATION
,
_Out_ PDWORD pReturnLength
);
(
_In_ DWORD dwAceRevision,
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#endif // (_WIN32_WINNT >= _WIN32_WINNT_WIN8)
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
_In_ BOOL ResetToDefault,
_In_opt_ PTOKEN_GROUPS NewState,
_Out_writes_bytes_to_opt_(BufferLength,*ReturnLength) PTOKEN_GROUPS PreviousState,
_Out_opt_ PDWORD ReturnLength
);
(
_In_ BOOL DisableAllPrivileges,
_In_opt_ PTOKEN_PRIVILEGES NewState,
_Out_writes_bytes_to_opt_(BufferLength,*ReturnLength) PTOKEN_PRIVILEGES PreviousState,
_Out_opt_ PDWORD ReturnLength
);
(
_In_ PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
PSID_IDENTIFIER_AUTHORITY
,
_In_ BYTE nSubAuthorityCount,
_In_ DWORD nSubAuthority0,
_In_ DWORD nSubAuthority1,
_In_ DWORD nSubAuthority2,
_In_ DWORD nSubAuthority3,
_In_ DWORD nSubAuthority4,
_In_ DWORD nSubAuthority5,
_In_ DWORD nSubAuthority6,
_In_ DWORD nSubAuthority7,
);
(
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
(
_In_ DWORD GrantedAccess,
);
(
_In_ DWORD GrantedAccess,
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
_In_opt_ HANDLE TokenHandle,
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#if (_WIN32_WINNT >= _WIN32_WINNT_WIN8)
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
(
_In_opt_ HANDLE TokenHandle,
_In_ PSID CapabilitySidToCheck,
_Out_ PBOOL HasCapability
);
(
_In_ DWORD StartingAceIndex,
_Outptr_ PVOID* AppContainerAce,
_Out_opt_ DWORD* AppContainerAceIndex
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
_In_opt_ HANDLE TokenHandle,
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#endif // (_WIN32_WINNT >= _WIN32_WINNT_WIN8)
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
ConvertToAutoInheritPrivateObjectSecurity
(
_In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor,
_In_ PSECURITY_DESCRIPTOR CurrentSecurityDescriptor,
CurrentSecurityDescriptor
,
_Outptr_ PSECURITY_DESCRIPTOR* NewSecurityDescriptor,
_In_opt_ GUID* ObjectType,
_In_ BOOLEAN IsDirectoryObject,
_In_ PGENERIC_MAPPING GenericMapping
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
_In_ DWORD nDestinationSidLength,
_Out_writes_bytes_(nDestinationSidLength) PSID pDestinationSid,
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
CreatePrivateObjectSecurity
(
_In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor,
_In_opt_ PSECURITY_DESCRIPTOR CreatorDescriptor,
_Outptr_ PSECURITY_DESCRIPTOR* NewDescriptor,
_In_ BOOL IsDirectoryObject,
_In_ PGENERIC_MAPPING GenericMapping
);
CreatePrivateObjectSecurityEx
(
_In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor,
_In_opt_ PSECURITY_DESCRIPTOR CreatorDescriptor,
_Outptr_ PSECURITY_DESCRIPTOR* NewDescriptor,
_In_opt_ GUID* ObjectType,
_In_ BOOL IsContainerObject,
_In_ ULONG AutoInheritFlags,
_In_ PGENERIC_MAPPING GenericMapping
);
CreatePrivateObjectSecurityWithMultipleInheritance
(
_In_opt_ PSECURITY_DESCRIPTOR ParentDescriptor,
_In_opt_ PSECURITY_DESCRIPTOR CreatorDescriptor,
_Outptr_ PSECURITY_DESCRIPTOR* NewDescriptor,
_In_reads_opt_(GuidCount) GUID** ObjectTypes,
_In_ BOOL IsContainerObject,
_In_ ULONG AutoInheritFlags,
_In_ PGENERIC_MAPPING GenericMapping
);
(
_In_ HANDLE ExistingTokenHandle,
_In_ DWORD DisableSidCount,
_In_reads_opt_(DisableSidCount) PSID_AND_ATTRIBUTES SidsToDisable,
_In_ DWORD DeletePrivilegeCount,
_In_reads_opt_(DeletePrivilegeCount) PLUID_AND_ATTRIBUTES PrivilegesToDelete,
_In_ DWORD RestrictedSidCount,
_In_reads_opt_(RestrictedSidCount) PSID_AND_ATTRIBUTES SidsToRestrict,
_Outptr_ PHANDLE NewTokenHandle
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
#if (_WIN32_WINNT >= 0x0501)
_Success_(return != FALSE)
(
_In_ WELL_KNOWN_SID_TYPE WellKnownSidType,
_Out_writes_bytes_to_opt_(*cbSid,*cbSid) PSID pSid,
);
_Success_(return != FALSE)
(
);
#endif //(_WIN32_WINNT >= 0x0501)
(
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
DestroyPrivateObjectSecurity
(
_Pre_valid_ _Post_invalid_ PSECURITY_DESCRIPTOR* ObjectDescriptor
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
_In_ HANDLE ExistingTokenHandle,
_In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
SECURITY_IMPERSONATION_LEVEL
,
_Outptr_ PHANDLE DuplicateTokenHandle
);
(
_In_ HANDLE hExistingToken,
_In_ DWORD dwDesiredAccess,
_In_opt_ LPSECURITY_ATTRIBUTES lpTokenAttributes,
_In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
SECURITY_IMPERSONATION_LEVEL
,
_In_ TOKEN_TYPE TokenType,
_Outptr_ PHANDLE phNewToken
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
(
);
(
);
(
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
);
(
);
(
_Out_writes_bytes_(nAclInformationLength) LPVOID pAclInformation,
_In_ DWORD nAclInformationLength,
_In_ ACL_INFORMATION_CLASS dwAclInformationClass
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
(
_In_ SECURITY_INFORMATION RequestedInformation,
_Out_writes_bytes_to_opt_(nLength,*lpnLengthNeeded) PSECURITY_DESCRIPTOR pSecurityDescriptor,
_Out_ LPDWORD lpnLengthNeeded
);
#ifdef UNICODE
#define GetFileSecurity GetFileSecurityW
#endif
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
_In_ SECURITY_INFORMATION RequestedInformation,
_Out_writes_bytes_opt_(nLength) PSECURITY_DESCRIPTOR pSecurityDescriptor,
_Out_ LPDWORD lpnLengthNeeded
);
_Post_satisfies_(return >= 8 && return <= SECURITY_MAX_SID_SIZE)
_Success_(1)
(
_In_ _Post_readable_byte_size_(return) PSID pSid
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
_Success_(return != FALSE)
(
_In_ PSECURITY_DESCRIPTOR ObjectDescriptor,
_In_ SECURITY_INFORMATION SecurityInformation,
_Out_writes_bytes_to_opt_(DescriptorLength,*ReturnLength) PSECURITY_DESCRIPTOR ResultantDescriptor,
_In_ DWORD DescriptorLength,
_Out_ PDWORD ReturnLength
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
GetSecurityDescriptorControl
(
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_Out_ PSECURITY_DESCRIPTOR_CONTROL pControl,
PSECURITY_DESCRIPTOR_CONTROL
,
_Out_ LPDWORD lpdwRevision
);
GetSecurityDescriptorDacl
(
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_Out_ LPBOOL lpbDaclPresent,
_Out_ LPBOOL lpbDaclDefaulted
);
GetSecurityDescriptorGroup
(
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_Out_ LPBOOL lpbGroupDefaulted
);
GetSecurityDescriptorLength
(
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor
);
GetSecurityDescriptorOwner
(
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_Out_ LPBOOL lpbOwnerDefaulted
);
GetSecurityDescriptorRMControl
(
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
);
GetSecurityDescriptorSacl
(
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_Out_ LPBOOL lpbSaclPresent,
_Out_ LPBOOL lpbSaclDefaulted
);
PSID_IDENTIFIER_AUTHORITY
GetSidIdentifierAuthority
(
);
(
_In_ UCHAR nSubAuthorityCount
);
(
);
(
);
(
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
_Out_writes_bytes_to_opt_(TokenInformationLength,*ReturnLength) LPVOID TokenInformation,
_In_ DWORD TokenInformationLength,
_Out_ PDWORD ReturnLength
);
#if (_WIN32_WINNT >= 0x0501)
_Success_(return != FALSE)
GetWindowsAccountDomainSid
(
_Out_writes_bytes_to_opt_(*cbDomainSid,*cbDomainSid) PSID pDomainSid,
_Inout_ DWORD* cbDomainSid
);
#endif //(_WIN32_WINNT >= 0x0501)
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
ImpersonateAnonymousToken
(
);
_Must_inspect_result_
(
);
_Must_inspect_result_
(
_In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
SECURITY_IMPERSONATION_LEVEL
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
_Out_writes_bytes_(nAclLength) PACL pAcl,
);
InitializeSecurityDescriptor
(
_Out_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
);
(
_Out_writes_bytes_(_Inexpressible_(GetSidLengthRequired(nSubAuthorityCount))) PSID Sid,
_In_ PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
PSID_IDENTIFIER_AUTHORITY
,
_In_ BYTE nSubAuthorityCount
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
(
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
);
IsValidSecurityDescriptor
(
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor
);
(
);
#if (_WIN32_WINNT >= 0x0501)
(
_In_ WELL_KNOWN_SID_TYPE WellKnownSidType
);
#endif // (_WIN32_WINNT >= 0x0501)
_Success_(return != FALSE)
(
_In_ PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
pSelfRelativeSecurityDescriptor
,
_Out_writes_bytes_to_opt_(*lpdwAbsoluteSecurityDescriptorSize,*lpdwAbsoluteSecurityDescriptorSize) PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
pAbsoluteSecurityDescriptor
,
_Inout_ LPDWORD lpdwAbsoluteSecurityDescriptorSize,
lpdwAbsoluteSecurityDescriptorSize
,
_Out_writes_bytes_to_opt_(*lpdwDaclSize,*lpdwDaclSize) PACL pDacl,
_Inout_ LPDWORD lpdwDaclSize,
_Out_writes_bytes_to_opt_(*lpdwSaclSize,*lpdwSaclSize) PACL pSacl,
_Inout_ LPDWORD lpdwSaclSize,
_Out_writes_bytes_to_opt_(*lpdwOwnerSize,*lpdwOwnerSize) PSID pOwner,
_Inout_ LPDWORD lpdwOwnerSize,
_Out_writes_bytes_to_opt_(*lpdwPrimaryGroupSize,*lpdwPrimaryGroupSize) PSID pPrimaryGroup,
_Inout_ LPDWORD lpdwPrimaryGroupSize
);
_Success_(return != FALSE)
(
_In_ PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
pAbsoluteSecurityDescriptor
,
_Out_writes_bytes_to_opt_(*lpdwBufferLength,*lpdwBufferLength) PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
pSelfRelativeSecurityDescriptor
,
_Inout_ LPDWORD lpdwBufferLength
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
(
_Inout_ PDWORD AccessMask,
_In_ PGENERIC_MAPPING GenericMapping
);
(
_In_ LPCWSTR SubsystemName,
_In_ BOOL GenerateOnClose
);
#ifdef UNICODE
#define ObjectCloseAuditAlarm ObjectCloseAuditAlarmW
#endif
(
_In_ LPCWSTR SubsystemName,
_In_ BOOL GenerateOnClose
);
#ifdef UNICODE
#define ObjectDeleteAuditAlarm ObjectDeleteAuditAlarmW
#endif
(
_In_ LPCWSTR SubsystemName,
_In_ LPWSTR ObjectTypeName,
_In_opt_ LPWSTR ObjectName,
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_In_ DWORD DesiredAccess,
_In_ DWORD GrantedAccess,
_In_opt_ PPRIVILEGE_SET Privileges,
_In_ BOOL ObjectCreation,
_Out_ LPBOOL GenerateOnClose
);
#ifdef UNICODE
#define ObjectOpenAuditAlarm ObjectOpenAuditAlarmW
#endif
ObjectPrivilegeAuditAlarmW
(
_In_ LPCWSTR SubsystemName,
_In_ DWORD DesiredAccess,
_In_ PPRIVILEGE_SET Privileges,
);
#ifdef UNICODE
#define ObjectPrivilegeAuditAlarm ObjectPrivilegeAuditAlarmW
#endif
(
_Inout_ PPRIVILEGE_SET RequiredPrivileges,
);
PrivilegedServiceAuditAlarmW
(
_In_ LPCWSTR SubsystemName,
_In_ LPCWSTR ServiceName,
_In_ PPRIVILEGE_SET Privileges,
);
#ifdef UNICODE
#define PrivilegedServiceAuditAlarm PrivilegedServiceAuditAlarmW
#endif
#if (_WIN32_WINNT >= 0x0600)
(
_In_ SECURITY_INFORMATION SecurityInformation,
_Out_ LPDWORD DesiredAccess
);
#endif // (_WIN32_WINNT >= 0x0600)
(
);
(
_In_reads_bytes_(nAclInformationLength) LPVOID pAclInformation,
_In_ DWORD nAclInformationLength,
_In_ ACL_INFORMATION_CLASS dwAclInformationClass
);
(
_In_ SECURITY_INFORMATION SecurityInformation,
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor
);
#ifdef UNICODE
#define SetFileSecurity SetFileSecurityW
#endif
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
_In_ SECURITY_INFORMATION SecurityInformation,
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
(
_In_ SECURITY_INFORMATION SecurityInformation,
_In_ PSECURITY_DESCRIPTOR ModificationDescriptor,
_Inout_ PSECURITY_DESCRIPTOR* ObjectsSecurityDescriptor,
_In_ PGENERIC_MAPPING GenericMapping,
);
(
_In_ SECURITY_INFORMATION SecurityInformation,
_In_ PSECURITY_DESCRIPTOR ModificationDescriptor,
_Inout_ PSECURITY_DESCRIPTOR* ObjectsSecurityDescriptor,
_In_ ULONG AutoInheritFlags,
_In_ PGENERIC_MAPPING GenericMapping,
);
#if (_WIN32_WINNT >= 0x0600)
(
_In_ SECURITY_INFORMATION SecurityInformation,
_Out_ LPDWORD DesiredAccess
);
#endif // (_WIN32_WINNT >= 0x0600)
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
SetSecurityDescriptorControl
(
_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_In_ SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest,
SECURITY_DESCRIPTOR_CONTROL
,
_In_ SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet
SECURITY_DESCRIPTOR_CONTROL
);
SetSecurityDescriptorDacl
(
_Inout_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
);
SetSecurityDescriptorGroup
(
_Inout_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_In_ BOOL bGroupDefaulted
);
SetSecurityDescriptorOwner
(
_Inout_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
_In_ BOOL bOwnerDefaulted
);
SetSecurityDescriptorRMControl
(
_Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
_In_opt_ PUCHAR RMControl
);
SetSecurityDescriptorSacl
(
_Inout_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
);
(
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
_In_reads_bytes_(TokenInformationLength) LPVOID TokenInformation,
_In_ DWORD TokenInformationLength
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#if (_WIN32_WINNT >= _WIN32_WINNT_WIN8)
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
(
_In_reads_(SourceFileCount) PHANDLE SourceFiles,
_In_ ULONG SourceFileCount,
_In_opt_ HANDLE TargetFile
);
(
_Out_ PULONG SigningLevel,
_Out_writes_bytes_to_opt_(*ThumbprintSize,*ThumbprintSize) PUCHAR Thumbprint,
_Inout_opt_ PULONG ThumbprintSize,
_Out_opt_ PULONG ThumbprintAlgorithm
);
#endif // WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
#pragma endregion
#endif // (_WIN32_WINNT >= _WIN32_WINNT_WIN8)
#if (_WIN32_WINNT >= _WIN32_WINNT_WIN10)
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
(
_In_opt_ PCWSTR AdditionalDetails
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#endif // (_WIN32_WINNT >= _WIN32_WINNT_WIN10)
#if (_WIN32_WINNT >= _WIN32_WINNT_WIN10)
#pragma region Application Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM)
DeriveCapabilitySidsFromName
(
_Outptr_result_buffer_maybenull_(*CapabilityGroupSidCount) PSID** CapabilityGroupSids,
_Out_ DWORD* CapabilityGroupSidCount,
_Outptr_result_buffer_maybenull_(*CapabilitySidCount) PSID** CapabilitySids,
_Out_ DWORD* CapabilitySidCount
);
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM) */
#pragma endregion
#endif // (_WIN32_WINNT >= _WIN32_WINNT_WIN10)
#ifdef __cplusplus
}
#endif
#endif // _APISECUREBASE_