#ifndef _NT_TOKEN_H_
#define _NT_TOKEN_H_
#include "nt_abi.h"
#include "nt_object.h"
typedef enum _nt_token_type {
NT_TOKEN_PRIMARY = 1,
NT_TOKEN_IMPERSONATION = 2,
} nt_token_type;
typedef enum _nt_token_info_class {
NT_TOKEN_USER = 1,
NT_TOKEN_GROUPS = 2,
NT_TOKEN_PRIVILEGES = 3,
NT_TOKEN_OWNER = 4,
NT_TOKEN_PRIMARY_GROUP = 5,
NT_TOKEN_DEFAULT_DACL = 6,
NT_TOKEN_SOURCE = 7,
NT_TOKEN_TYPE = 8,
NT_TOKEN_IMPERSONATION_LEVEL = 9,
NT_TOKEN_STATISTICS = 10,
NT_TOKEN_RESTRICTED_SIDS = 11,
NT_TOKEN_SESSION_ID = 12,
} nt_token_info_class;
/* token privilege constants */
#define NT_SE_CREATE_TOKEN_PRIVILEGE 2
#define NT_SE_ASSIGN_PRIMARY_TOKEN_PRIVILEGE 3
#define NT_SE_LOCK_MEMORY_PRIVILEGE 4
#define NT_SE_INCREASE_QUOTA_PRIVILEGE 5
#define NT_SE_MACHINE_ACCOUNT_PRIVILEGE 6
#define NT_SE_TCB_PRIVILEGE 7
#define NT_SE_SECURITY_PRIVILEGE 8
#define NT_SE_TAKE_OWNERSHIP_PRIVILEGE 9
#define NT_SE_LOAD_DRIVER_PRIVILEGE 10
#define NT_SE_SYSTEM_PROFILE_PRIVILEGE 11
#define NT_SE_SYSTEMTIME_PRIVILEGE 12
#define NT_SE_PROFILE_SINGLE_PROCESS_PRIVILEGE 13
#define NT_SE_INCREASE_BASE_PRIORITY_PRIVILEGE 14
#define NT_SE_CREATE_PAGEFILE_PRIVILEGE 15
#define NT_SE_CREATE_PERMANENT_PRIVILEGE 16
#define NT_SE_BACKUP_PRIVILEGE 17
#define NT_SE_RESTORE_PRIVILEGE 18
#define NT_SE_SHUTDOWN_PRIVILEGE 19
#define NT_SE_DEBUG_PRIVILEGE 20
#define NT_SE_AUDIT_PRIVILEGE 21
#define NT_SE_SYSTEM_ENVIRONMENT_PRIVILEGE 22
#define NT_SE_CHANGE_NOTIFY_PRIVILEGE 23
#define NT_SE_REMOTE_SHUTDOWN_PRIVILEGE 24
#define NT_SE_UNDOCK_PRIVILEGE 25
#define NT_SE_SYNC_AGENT_PRIVILEGE 26
#define NT_SE_ENABLE_DELEGATION_PRIVILEGE 27
#define NT_SE_MANAGE_VOLUME_PRIVILEGE 28
#define NT_SE_IMPERSONATE_PRIVILEGE 29
#define NT_SE_CREATE_GLOBAL_PRIVILEGE 30
#define NT_SE_TRUSTED_CRED_MAN_ACCESS_PRIVILEGE 31
#define NT_SE_RELABEL_PRIVILEGE 32
#define NT_SE_INCREASE_WORKING_SET_PRIVILEGE 33
#define NT_SE_TIME_ZONE_PRIVILEGE 34
#define NT_SE_CREATE_SYMBOLIC_LINK_PRIVILEGE 35
/* token attribute bits */
#define NT_SE_DISABLE_PRIVILEGE (0x0001U)
#define NT_SE_ENABLE_PRIVILEGE (0x0002U)
/* token access bits */
#define NT_TOKEN_ASSIGN_PRIMARY 0x00000001U
#define NT_TOKEN_DUPLICATE 0x00000002U
#define NT_TOKEN_IMPERSONATE 0x00000004U
#define NT_TOKEN_QUERY 0x00000008U
#define NT_TOKEN_QUERY_SOURCE 0x00000010U
#define NT_TOKEN_ADJUST_PRIVILEGES 0x00000020U
#define NT_TOKEN_ADJUST_GROUPS 0x00000040U
#define NT_TOKEN_ADJUST_DEFAULT 0x00000080U
#define NT_TOKEN_ADJUST_SESSIONID 0x00000100U
#define NT_TOKEN_ALL_ACCESS NT_SEC_STANDARD_RIGHTS_REQUIRED \
| NT_TOKEN_ASSIGN_PRIMARY \
| NT_TOKEN_DUPLICATE \
| NT_TOKEN_IMPERSONATE \
| NT_TOKEN_QUERY \
| NT_TOKEN_QUERY_SOURCE \
| NT_TOKEN_ADJUST_PRIVILEGES \
| NT_TOKEN_ADJUST_GROUPS \
| NT_TOKEN_ADJUST_SESSIONID \
| NT_TOKEN_ADJUST_DEFAULT
#define NT_TOKEN_READ NT_SEC_STANDARD_RIGHTS_READ \
| NT_TOKEN_QUERY
#define NT_TOKEN_WRITE NT_SEC_STANDARD_RIGHTS_WRITE \
| TOKEN_ADJUST_PRIVILEGES \
| NT_OKEN_ADJUST_GROUPS \
| NT_TOKEN_ADJUST_DEFAULT
#define NT_TOKEN_EXECUTE NT_SEC_STANDARD_RIGHTS_EXECUTE
/* filtered token flags */
#define NT_DISABLE_MAX_PRIVILEGE 0x01
typedef struct _nt_token_statistics {
nt_luid token_id;
nt_luid authentication_id;
nt_large_integer expiration_time;
nt_token_type token_type;
nt_security_impersonation_level impersonation_level;
uint32_t dynamic_charged;
uint32_t dynamic_available;
uint32_t group_count;
uint32_t privilege_count;
nt_luid modified_id;
} nt_token_statistics;
typedef int32_t __stdcall ntapi_zw_create_token(
__out void ** htoken,
__in uint32_t desired_access,
__in nt_object_attributes * obj_attr,
__in nt_token_type type,
__in nt_luid * authentication_id,
__in nt_large_integer * expiration_time,
__in nt_token_user * user,
__in nt_token_groups * groups,
__in nt_token_privileges * privileges,
__in nt_token_owner * owner,
__in nt_token_primary_group * primary_group,
__in nt_token_default_dacl * default_dacl,
__in nt_token_source * source);
typedef int32_t __stdcall ntapi_zw_open_process_token(
__in void * hprocess,
__in uint32_t desired_access,
__out void ** htoken);
typedef int32_t __stdcall ntapi_zw_open_thread_token(
__in void * hthread,
__in uint32_t desired_access,
__in int32_t open_as_self,
__out void ** htoken);
typedef int32_t __stdcall ntapi_zw_duplicate_token(
__in void * htoken_existing,
__in uint32_t desired_access,
__in nt_object_attributes * obj_attr,
__in int32_t effective_only,
__in nt_token_type token_type,
__out void ** htoken_new);
typedef int32_t __stdcall ntapi_zw_filter_token(
__in void * htoken_existing,
__in uint32_t flags,
__in nt_token_groups * sids_to_disable,
__in nt_token_privileges * privileges_to_delete,
__in nt_token_groups * sids_to_restrict,
__out void ** htoken_new);
typedef int32_t __stdcall ntapi_zw_adjust_privileges_token(
__in void * htoken,
__in int32_t disable_all_privileges,
__in nt_token_privileges * new_state,
__in size_t buffer_length,
__in nt_token_privileges * prev_state __optional,
__out size_t * returned_length);
typedef int32_t __stdcall ntapi_zw_adjust_groups_token(
__in void * htoken,
__in int32_t reset_to_default,
__in nt_token_groups * new_state,
__in size_t buffer_length,
__in nt_token_groups * prev_state __optional,
__out size_t * returned_length);
typedef int32_t __stdcall ntapi_zw_query_information_token(
__in void * htoken,
__in nt_token_info_class token_info_class,
__out void * token_info,
__in size_t token_info_length,
__out size_t * returned_length);
typedef int32_t __stdcall ntapi_zw_set_information_token(
__in void * htoken,
__in nt_token_info_class token_info_class,
__in void * token_info,
__in size_t token_info_length);
/* extension functions */
typedef int32_t __stdcall ntapi_tt_enable_token_privilege(
__in void * htoken,
__in uint32_t privilege);
typedef int32_t __stdcall ntapi_tt_disable_token_privilege(
__in void * htoken,
__in uint32_t privilege);
#endif