SecPkgInfoA structure

The SecPkgInfo structure provides general information about a security package, such as its name and capabilities.

Syntax

typedef struct _SecPkgInfoA {
  unsigned long  fCapabilities;
  unsigned short wVersion;
  unsigned short wRPCID;
  unsigned long  cbMaxToken;
  SEC_CHAR       *Name;
  SEC_CHAR       *Comment;
} SecPkgInfoA, *PSecPkgInfoA;

Members

fCapabilities

Set of bit flags that describes the capabilities of the security package. This member can be a combination of the following flags.

Value Meaning
SECPKG_FLAG_INTEGRITY
0x1
The security package supports the MakeSignature and VerifySignature functions.
SECPKG_FLAG_PRIVACY
0x2
The security package supports the EncryptMessage (General) and DecryptMessage (General) functions.
SECPKG_FLAG_TOKEN_ONLY
0x4
The package is interested only in the security-token portion of messages, and will ignore any other buffers. This is a performance-related issue.
SECPKG_FLAG_DATAGRAM
0x8
Supports datagram-style authentication. For more information, see SSPI Context Semantics.
Important  The Microsoft Kerberos package does not support datagram contexts in user-to-user mode.
 
SECPKG_FLAG_CONNECTION
0x10
Supports connection-oriented style authentication. For more information, see SSPI Context Semantics.
SECPKG_FLAG_MULTI_REQUIRED
0x20
Multiple legs are required for authentication.
SECPKG_FLAG_CLIENT_ONLY
0x40
Server authentication support is not provided.
SECPKG_FLAG_EXTENDED_ERROR
0x80
Supports extended error handling. For more information, see Extended Error Information.
SECPKG_FLAG_IMPERSONATION
0x100
Supports Windows impersonation in server contexts.
SECPKG_FLAG_ACCEPT_WIN32_NAME
0x200
Understands Windows principal and target names.
SECPKG_FLAG_STREAM
0x400
Supports stream semantics. For more information, see SSPI Context Semantics.
SECPKG_FLAG_NEGOTIABLE
0X800
Can be used by the Microsoft Negotiate security package.
SECPKG_FLAG_GSS_COMPATIBLE
0x1000
Supports GSS compatibility.
SECPKG_FLAG_LOGON
0x2000
Supports LsaLogonUser.
SECPKG_FLAG_ASCII_BUFFERS
0x4000
Token buffers are in ASCII characters format.
SECPKG_FLAG_FRAGMENT
0x8000
Supports separating large tokens into smaller buffers so that applications can make repeated calls to InitializeSecurityContext (General) and AcceptSecurityContext (General) with the smaller buffers to complete authentication.
SECPKG_FLAG_MUTUAL_AUTH
0x10000
Supports mutual authentication.
SECPKG_FLAG_DELEGATION
0x20000
Supports delegation.
SECPKG_FLAG_READONLY_WITH_CHECKSUM
0x40000
The security package supports using a checksum instead of in-place encryption when calling the EncryptMessage function.
SECPKG_FLAG_RESTRICTED_TOKENS
0x80000
Supports callers with restricted tokens.
SECPKG_FLAG_NEGO_EXTENDER
0x00100000
The security package extends the Microsoft Negotiate security package. There can be at most one package of this type.
SECPKG_FLAG_NEGOTIABLE2
0x00200000
This package is negotiated by the package of type SECPKG_FLAG_NEGO_EXTENDER.
SECPKG_FLAG_APPCONTAINER_PASSTHROUGH
0x00400000
This package receives all calls from app container apps.
SECPKG_FLAG_APPCONTAINER_CHECKS
0x00800000
This package receives calls from app container apps if one of the following checks succeeds.
  • Caller has default credentials capability.
  • The target is a proxy server.
  • The caller has supplied credentials.
SECPKG_CALLFLAGS_APPCONTAINER
0x00000001
The caller is an app container.
SECPKG_CALLFLAGS_AUTHCAPABLE
0x00000002
The caller can use default credentials.
SECPKG_CALLFLAGS_FORCE_SUPPLIED
0x00000004
The caller can only use supplied credentials.

wVersion

Specifies the version of the package protocol. Must be 1.

wRPCID

Specifies a DCE RPC identifier, if appropriate. If the package does not implement one of the DCE registered security systems, the reserved value SECPKG_ID_NONE is used.

cbMaxToken

Specifies the maximum size, in bytes, of the token.

Name

Pointer to a null-terminated string that contains the name of the security package.

Comment

Pointer to a null-terminated string. This can be any additional string passed back by the package.

Requirements

   
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Header sspi.h (include Security.h)

See Also

EnumerateSecurityPackages

QuerySecurityPackageInfo