diff --git a/NSspi/SecPkgInfo.cs b/NSspi/SecPkgInfo.cs
index 9b85a42..c5502f4 100644
--- a/NSspi/SecPkgInfo.cs
+++ b/NSspi/SecPkgInfo.cs
@@ -7,69 +7,161 @@ using System.Threading.Tasks;
namespace NSspi
{
+ ///
+ /// Stores information about a particular security package.
+ ///
[StructLayout( LayoutKind.Sequential )]
public class SecPkgInfo
{
+ ///
+ /// The packages capabilities and options.
+ ///
public SecPkgCapability Capabilities;
+ ///
+ /// The package's version number.
+ ///
public short Version;
+ ///
+ /// The package's Id when used in RPC contexts.
+ ///
public short RpcId;
+ ///
+ /// The maximum size, in bytes, of tokens generated by the package.
+ ///
public int MaxTokenLength;
+ ///
+ /// The human-readable name of the package.
+ ///
[MarshalAs( UnmanagedType.LPWStr )]
public string Name;
+ ///
+ /// A short description of the package.
+ ///
[MarshalAs( UnmanagedType.LPWStr )]
public string Comment;
}
+ ///
+ /// Describes the capabilities of a security package.
+ ///
[Flags]
public enum SecPkgCapability : uint
{
+ ///
+ /// Whether the package supports generating messages with integrity information. Required for MakeSignature and VerifySignature.
+ ///
Integrity = 0x1,
+ ///
+ /// Whether the package supports generating encrypted messages. Required for EncryptMessage and DecryptMessage.
+ ///
Privacy = 0x2,
+ ///
+ /// Whether the package uses any other buffer information than token buffers.
+ ///
TokenOnly = 0x4,
+ ///
+ /// Whether the package supports datagram-style authentication.
+ ///
Datagram = 0x8,
+ ///
+ /// Whether the package supports creating contexts with connection semantics
+ ///
Connection = 0x10,
+ ///
+ /// Multiple legs are neccessary for authentication.
+ ///
MultiLeg = 0x20,
+ ///
+ /// Server authentication is not supported.
+ ///
ClientOnly = 0x40,
+ ///
+ /// Supports extended error handling facilities.
+ ///
ExtendedError = 0x80,
+ ///
+ /// Supports client impersonation on the server.
+ ///
Impersonation = 0x100,
+ ///
+ /// Understands Windows princple and target names.
+ ///
AcceptWin32Name = 0x200,
+ ///
+ /// Supports stream semantics
+ ///
Stream = 0x400,
+ ///
+ /// Package may be used by the Negiotiate meta-package.
+ ///
Negotiable = 0x800,
+ ///
+ /// Compatible with GSS.
+ ///
GssCompatible = 0x1000,
+ ///
+ /// Supports LsaLogonUser
+ ///
Logon = 0x2000,
+ ///
+ /// Token buffers are in Ascii format.
+ ///
AsciiBuffers = 0x4000,
+ ///
+ /// Supports separating large tokens into multiple buffers.
+ ///
Fragment = 0x8000,
+ ///
+ /// Supports mutual authentication between a client and server.
+ ///
MutualAuth = 0x10000,
+ ///
+ /// Supports credential delegation from the server to a third context.
+ ///
Delegation = 0x20000,
+ ///
+ /// Supports calling EncryptMessage with the read-only-checksum flag, which protects data only
+ /// with a checksum and does not encrypt it.
+ ///
ReadOnlyChecksum = 0x40000,
+ ///
+ /// Whether the package supports handling restricted tokens, which are tokens derived from existing tokens
+ /// that have had restrictions placed on them.
+ ///
RestrictedTokens = 0x80000,
+ ///
+ /// Extends the negotiate package; only one such package may be registered at any time.
+ ///
ExtendsNego = 0x00100000,
+ ///
+ /// This package is negotiated by the package of type ExtendsNego.
+ ///
Negotiable2 = 0x00200000,
}
}
diff --git a/NSspi/SecurityStatus.cs b/NSspi/SecurityStatus.cs
index ea3caa7..bb86ed7 100644
--- a/NSspi/SecurityStatus.cs
+++ b/NSspi/SecurityStatus.cs
@@ -22,11 +22,34 @@ namespace NSspi
public enum SecurityStatus : uint
{
- // Success / Informational
+ // --- Success / Informational ---
+
+ ///
+ /// The request completed successfully
+ ///
OK = 0x00000000,
+
+ ///
+ /// The token returned by the context needs to be provided to the cooperating party
+ /// to continue construction of the context.
+ ///
ContinueNeeded = 0x00090312,
+
+ ///
+ /// Occurs after a client calls InitializeSecurityContext to indicate that the client
+ /// must call CompleteAuthToken.
+ ///
CompleteNeeded = 0x00090313,
+
+ ///
+ /// Occurs after a client calls InitializeSecurityContext to indicate that the client
+ /// must call CompleteAuthToken and pass the result to the server.
+ ///
CompAndContinue = 0x00090314,
+
+ ///
+ /// An attempt to use the context was performed after the context's expiration time elapsed.
+ ///
ContextExpired = 0x00090317,
CredentialsNeeded = 0x00090320,
Renegotiate = 0x00090321,