Win32 API 日本語リファレンス
ホームSecurity › RtlNormalizeSecurityDescriptor

RtlNormalizeSecurityDescriptor

関数
セキュリティ記述子を正規化された自己相対形式へ変換する。
DLLntdll.dll呼出規約winapi

シグネチャ

// ntdll.dll
#include <windows.h>

BOOLEAN RtlNormalizeSecurityDescriptor(
    PSECURITY_DESCRIPTOR* SecurityDescriptor,
    DWORD SecurityDescriptorLength,
    PSECURITY_DESCRIPTOR* NewSecurityDescriptor,   // optional
    DWORD* NewSecurityDescriptorLength,   // optional
    BOOLEAN CheckOnly
);

パラメーター

名前方向説明
SecurityDescriptorPSECURITY_DESCRIPTOR*inout正規化する元のセキュリティ記述子へのポインタの入力先。
SecurityDescriptorLengthDWORDin入力セキュリティ記述子のバイト長。
NewSecurityDescriptorPSECURITY_DESCRIPTOR*outoptional正規化された新しいセキュリティ記述子へのポインタを受け取る出力先。
NewSecurityDescriptorLengthDWORD*outoptional正規化後のセキュリティ記述子のバイト長を受け取るDWORDへのポインタ。
CheckOnlyBOOLEANin正規化が必要かの確認のみ行うか。TRUEで実際の生成をせず判定だけ行う。

戻り値の型: BOOLEAN

各言語での呼び出し定義

// ntdll.dll
#include <windows.h>

BOOLEAN RtlNormalizeSecurityDescriptor(
    PSECURITY_DESCRIPTOR* SecurityDescriptor,
    DWORD SecurityDescriptorLength,
    PSECURITY_DESCRIPTOR* NewSecurityDescriptor,   // optional
    DWORD* NewSecurityDescriptorLength,   // optional
    BOOLEAN CheckOnly
);
[return: MarshalAs(UnmanagedType.U1)]
[DllImport("ntdll.dll", ExactSpelling = true)]
static extern bool RtlNormalizeSecurityDescriptor(
    IntPtr SecurityDescriptor,   // PSECURITY_DESCRIPTOR* in/out
    uint SecurityDescriptorLength,   // DWORD
    IntPtr NewSecurityDescriptor,   // PSECURITY_DESCRIPTOR* optional, out
    IntPtr NewSecurityDescriptorLength,   // DWORD* optional, out
    [MarshalAs(UnmanagedType.U1)] bool CheckOnly   // BOOLEAN
);
<DllImport("ntdll.dll", ExactSpelling:=True)>
Public Shared Function RtlNormalizeSecurityDescriptor(
    SecurityDescriptor As IntPtr,   ' PSECURITY_DESCRIPTOR* in/out
    SecurityDescriptorLength As UInteger,   ' DWORD
    NewSecurityDescriptor As IntPtr,   ' PSECURITY_DESCRIPTOR* optional, out
    NewSecurityDescriptorLength As IntPtr,   ' DWORD* optional, out
    <MarshalAs(UnmanagedType.U1)> CheckOnly As Boolean   ' BOOLEAN
) As <MarshalAs(UnmanagedType.U1)> Boolean
End Function
' SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out
' SecurityDescriptorLength : DWORD
' NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out
' NewSecurityDescriptorLength : DWORD* optional, out
' CheckOnly : BOOLEAN
Declare PtrSafe Function RtlNormalizeSecurityDescriptor Lib "ntdll" ( _
    ByVal SecurityDescriptor As LongPtr, _
    ByVal SecurityDescriptorLength As Long, _
    ByVal NewSecurityDescriptor As LongPtr, _
    ByVal NewSecurityDescriptorLength As LongPtr, _
    ByVal CheckOnly As Byte) As Byte
' VBA7前提(PtrSafe)。32bit Office では LongPtr→Long。Integer=16bit / Long=32bit / LongLong=64bit。
import ctypes
from ctypes import wintypes

RtlNormalizeSecurityDescriptor = ctypes.windll.ntdll.RtlNormalizeSecurityDescriptor
RtlNormalizeSecurityDescriptor.restype = wintypes.BOOLEAN
RtlNormalizeSecurityDescriptor.argtypes = [
    ctypes.c_void_p,  # SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out
    wintypes.DWORD,  # SecurityDescriptorLength : DWORD
    ctypes.c_void_p,  # NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out
    ctypes.POINTER(wintypes.DWORD),  # NewSecurityDescriptorLength : DWORD* optional, out
    wintypes.BOOLEAN,  # CheckOnly : BOOLEAN
]
require 'fiddle'
require 'fiddle/import'

lib = Fiddle.dlopen('ntdll.dll')
RtlNormalizeSecurityDescriptor = Fiddle::Function.new(
  lib['RtlNormalizeSecurityDescriptor'],
  [
    Fiddle::TYPE_VOIDP,  # SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out
    -Fiddle::TYPE_INT,  # SecurityDescriptorLength : DWORD
    Fiddle::TYPE_VOIDP,  # NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out
    Fiddle::TYPE_VOIDP,  # NewSecurityDescriptorLength : DWORD* optional, out
    Fiddle::TYPE_CHAR,  # CheckOnly : BOOLEAN
  ],
  Fiddle::TYPE_CHAR)
#[link(name = "ntdll")]
extern "system" {
    fn RtlNormalizeSecurityDescriptor(
        SecurityDescriptor: *mut *mut core::ffi::c_void,  // PSECURITY_DESCRIPTOR* in/out
        SecurityDescriptorLength: u32,  // DWORD
        NewSecurityDescriptor: *mut *mut core::ffi::c_void,  // PSECURITY_DESCRIPTOR* optional, out
        NewSecurityDescriptorLength: *mut u32,  // DWORD* optional, out
        CheckOnly: u8  // BOOLEAN
    ) -> u8;
}
// crates: windows-sys provides ready-made bindings for this API.
$sig = @"
[return: MarshalAs(UnmanagedType.U1)]
[DllImport("ntdll.dll")]
public static extern bool RtlNormalizeSecurityDescriptor(IntPtr SecurityDescriptor, uint SecurityDescriptorLength, IntPtr NewSecurityDescriptor, IntPtr NewSecurityDescriptorLength, [MarshalAs(UnmanagedType.U1)] bool CheckOnly);
"@
$api = Add-Type -MemberDefinition $sig -Name 'ntdll_RtlNormalizeSecurityDescriptor' -Namespace Win32 -PassThru
# $api::RtlNormalizeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorLength, NewSecurityDescriptor, NewSecurityDescriptorLength, CheckOnly)
#uselib "ntdll.dll"
#func global RtlNormalizeSecurityDescriptor "RtlNormalizeSecurityDescriptor" sptr, sptr, sptr, sptr, sptr
; RtlNormalizeSecurityDescriptor SecurityDescriptor, SecurityDescriptorLength, NewSecurityDescriptor, varptr(NewSecurityDescriptorLength), CheckOnly   ; 戻り値は stat
; SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out -> "sptr"
; SecurityDescriptorLength : DWORD -> "sptr"
; NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out -> "sptr"
; NewSecurityDescriptorLength : DWORD* optional, out -> "sptr"
; CheckOnly : BOOLEAN -> "sptr"
; ※HSP3.7は #func のため戻り値はシステム変数 stat に格納されます。
出力引数:
#uselib "ntdll.dll"
#cfunc global RtlNormalizeSecurityDescriptor "RtlNormalizeSecurityDescriptor" sptr, int, sptr, var, int
; res = RtlNormalizeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorLength, NewSecurityDescriptor, NewSecurityDescriptorLength, CheckOnly)
; SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out -> "sptr"
; SecurityDescriptorLength : DWORD -> "int"
; NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out -> "sptr"
; NewSecurityDescriptorLength : DWORD* optional, out -> "var"
; CheckOnly : BOOLEAN -> "int"
; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。
出力引数:
; BOOLEAN RtlNormalizeSecurityDescriptor(PSECURITY_DESCRIPTOR* SecurityDescriptor, DWORD SecurityDescriptorLength, PSECURITY_DESCRIPTOR* NewSecurityDescriptor, DWORD* NewSecurityDescriptorLength, BOOLEAN CheckOnly)
#uselib "ntdll.dll"
#cfunc global RtlNormalizeSecurityDescriptor "RtlNormalizeSecurityDescriptor" intptr, int, intptr, var, int
; res = RtlNormalizeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorLength, NewSecurityDescriptor, NewSecurityDescriptorLength, CheckOnly)
; SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out -> "intptr"
; SecurityDescriptorLength : DWORD -> "int"
; NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out -> "intptr"
; NewSecurityDescriptorLength : DWORD* optional, out -> "var"
; CheckOnly : BOOLEAN -> "int"
; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。
import (
	"golang.org/x/sys/windows"
	"unsafe"
)

var (
	ntdll = windows.NewLazySystemDLL("ntdll.dll")
	procRtlNormalizeSecurityDescriptor = ntdll.NewProc("RtlNormalizeSecurityDescriptor")
)

// SecurityDescriptor (PSECURITY_DESCRIPTOR* in/out), SecurityDescriptorLength (DWORD), NewSecurityDescriptor (PSECURITY_DESCRIPTOR* optional, out), NewSecurityDescriptorLength (DWORD* optional, out), CheckOnly (BOOLEAN)
r1, _, err := procRtlNormalizeSecurityDescriptor.Call(
	uintptr(SecurityDescriptor),
	uintptr(SecurityDescriptorLength),
	uintptr(NewSecurityDescriptor),
	uintptr(NewSecurityDescriptorLength),
	uintptr(CheckOnly),
)
_ = err  // syscall.Errno (valid when the call sets last-error)
_ = r1   // BOOLEAN
function RtlNormalizeSecurityDescriptor(
  SecurityDescriptor: Pointer;   // PSECURITY_DESCRIPTOR* in/out
  SecurityDescriptorLength: DWORD;   // DWORD
  NewSecurityDescriptor: Pointer;   // PSECURITY_DESCRIPTOR* optional, out
  NewSecurityDescriptorLength: Pointer;   // DWORD* optional, out
  CheckOnly: ByteBool   // BOOLEAN
): ByteBool; stdcall;
  external 'ntdll.dll' name 'RtlNormalizeSecurityDescriptor';
result := DllCall("ntdll\RtlNormalizeSecurityDescriptor"
    , "Ptr", SecurityDescriptor   ; PSECURITY_DESCRIPTOR* in/out
    , "UInt", SecurityDescriptorLength   ; DWORD
    , "Ptr", NewSecurityDescriptor   ; PSECURITY_DESCRIPTOR* optional, out
    , "Ptr", NewSecurityDescriptorLength   ; DWORD* optional, out
    , "Char", CheckOnly   ; BOOLEAN
    , "Char")   ; return: BOOLEAN
●RtlNormalizeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorLength, NewSecurityDescriptor, NewSecurityDescriptorLength, CheckOnly) = DLL("ntdll.dll", "byte RtlNormalizeSecurityDescriptor(void*, dword, void*, void*, byte)")
# 呼び出し: RtlNormalizeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorLength, NewSecurityDescriptor, NewSecurityDescriptorLength, CheckOnly)
# SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out -> "void*"
# SecurityDescriptorLength : DWORD -> "dword"
# NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out -> "void*"
# NewSecurityDescriptorLength : DWORD* optional, out -> "void*"
# CheckOnly : BOOLEAN -> "byte"
# なでしこ1は32bit・ANSI(Shift_JIS)。文字列=char*(ANSI)、ポインタ/ハンドル=void*(4byte)。
const std = @import("std");

extern "ntdll" fn RtlNormalizeSecurityDescriptor(
    SecurityDescriptor: ?*anyopaque, // PSECURITY_DESCRIPTOR* in/out
    SecurityDescriptorLength: u32, // DWORD
    NewSecurityDescriptor: ?*anyopaque, // PSECURITY_DESCRIPTOR* optional, out
    NewSecurityDescriptorLength: [*c]u32, // DWORD* optional, out
    CheckOnly: u8 // BOOLEAN
) callconv(std.os.windows.WINAPI) u8;
proc RtlNormalizeSecurityDescriptor(
    SecurityDescriptor: pointer,  # PSECURITY_DESCRIPTOR* in/out
    SecurityDescriptorLength: uint32,  # DWORD
    NewSecurityDescriptor: pointer,  # PSECURITY_DESCRIPTOR* optional, out
    NewSecurityDescriptorLength: ptr uint32,  # DWORD* optional, out
    CheckOnly: uint8  # BOOLEAN
): uint8 {.importc: "RtlNormalizeSecurityDescriptor", stdcall, dynlib: "ntdll.dll".}
pragma(lib, "ntdll");
extern(Windows)
ubyte RtlNormalizeSecurityDescriptor(
    void* SecurityDescriptor,   // PSECURITY_DESCRIPTOR* in/out
    uint SecurityDescriptorLength,   // DWORD
    void* NewSecurityDescriptor,   // PSECURITY_DESCRIPTOR* optional, out
    uint* NewSecurityDescriptorLength,   // DWORD* optional, out
    ubyte CheckOnly   // BOOLEAN
);
ccall((:RtlNormalizeSecurityDescriptor, "ntdll.dll"), stdcall, UInt8,
      (Ptr{Cvoid}, UInt32, Ptr{Cvoid}, Ptr{UInt32}, UInt8),
      SecurityDescriptor, SecurityDescriptorLength, NewSecurityDescriptor, NewSecurityDescriptorLength, CheckOnly)
# SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out -> Ptr{Cvoid}
# SecurityDescriptorLength : DWORD -> UInt32
# NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out -> Ptr{Cvoid}
# NewSecurityDescriptorLength : DWORD* optional, out -> Ptr{UInt32}
# CheckOnly : BOOLEAN -> UInt8
# stdcall は 32bit のみ意味を持つ(x64 では無視)。
local ffi = require("ffi")
ffi.cdef[[
uint8_t RtlNormalizeSecurityDescriptor(
    void* SecurityDescriptor,
    uint32_t SecurityDescriptorLength,
    void* NewSecurityDescriptor,
    uint32_t* NewSecurityDescriptorLength,
    uint8_t CheckOnly);
]]
local ntdll = ffi.load("ntdll")
-- ntdll.RtlNormalizeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorLength, NewSecurityDescriptor, NewSecurityDescriptorLength, CheckOnly)
-- SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out
-- SecurityDescriptorLength : DWORD
-- NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out
-- NewSecurityDescriptorLength : DWORD* optional, out
-- CheckOnly : BOOLEAN
-- 構造体/GUIDへのポインタは cdef が通るよう void* で表記(実型は各引数コメント参照)。値渡し構造体・enum は対応する typedef を cdef に追加すること。
const koffi = require('koffi');
const lib = koffi.load('ntdll.dll');
const RtlNormalizeSecurityDescriptor = lib.func('__stdcall', 'RtlNormalizeSecurityDescriptor', 'uint8_t', ['void *', 'uint32_t', 'void *', 'uint32_t *', 'uint8_t']);
// RtlNormalizeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorLength, NewSecurityDescriptor, NewSecurityDescriptorLength, CheckOnly)
// SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out -> 'void *'
// SecurityDescriptorLength : DWORD -> 'uint32_t'
// NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out -> 'void *'
// NewSecurityDescriptorLength : DWORD* optional, out -> 'uint32_t *'
// CheckOnly : BOOLEAN -> 'uint8_t'
// 出力ポインタは koffi.out(...) で包む。構造体は koffi.struct で定義。
const lib = Deno.dlopen("ntdll.dll", {
  RtlNormalizeSecurityDescriptor: { parameters: ["pointer", "u32", "pointer", "pointer", "u8"], result: "u8" },
});
// lib.symbols.RtlNormalizeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorLength, NewSecurityDescriptor, NewSecurityDescriptorLength, CheckOnly)
// SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out -> "pointer"
// SecurityDescriptorLength : DWORD -> "u32"
// NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out -> "pointer"
// NewSecurityDescriptorLength : DWORD* optional, out -> "pointer"
// CheckOnly : BOOLEAN -> "u8"
// 文字列引数は "buffer"(NUL 終端のバイト列を Uint8Array で渡す)。
// 値渡し構造体は { struct: [ ...field types... ] } を使用。
<?php
$ffi = FFI::cdef(<<<C
uint8_t RtlNormalizeSecurityDescriptor(
    void* SecurityDescriptor,
    uint32_t SecurityDescriptorLength,
    void* NewSecurityDescriptor,
    uint32_t* NewSecurityDescriptorLength,
    uint8_t CheckOnly);
C, "ntdll.dll");
// $ffi->RtlNormalizeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorLength, NewSecurityDescriptor, NewSecurityDescriptorLength, CheckOnly);
// SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out
// SecurityDescriptorLength : DWORD
// NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out
// NewSecurityDescriptorLength : DWORD* optional, out
// CheckOnly : BOOLEAN
// 構造体/GUIDへのポインタは cdef が通るよう void* で表記(実型は各引数コメント参照)。値渡し構造体・enum は対応する typedef を cdef に追加すること。
// WINAPI(stdcall): x64 では呼出規約が統一されるため問題なし。x86 では __stdcall 対応のラッパが必要な場合あり。
import com.sun.jna.*;
import com.sun.jna.ptr.*;
import com.sun.jna.win32.StdCallLibrary;
import com.sun.jna.win32.W32APIOptions;

public interface Ntdll extends StdCallLibrary {
    Ntdll INSTANCE = Native.load("ntdll", Ntdll.class);
    byte RtlNormalizeSecurityDescriptor(
        Pointer SecurityDescriptor,   // PSECURITY_DESCRIPTOR* in/out
        int SecurityDescriptorLength,   // DWORD
        Pointer NewSecurityDescriptor,   // PSECURITY_DESCRIPTOR* optional, out
        IntByReference NewSecurityDescriptorLength,   // DWORD* optional, out
        byte CheckOnly   // BOOLEAN
    );
}
@[Link("ntdll")]
lib Libntdll
  fun RtlNormalizeSecurityDescriptor = RtlNormalizeSecurityDescriptor(
    SecurityDescriptor : Void*,   # PSECURITY_DESCRIPTOR* in/out
    SecurityDescriptorLength : UInt32,   # DWORD
    NewSecurityDescriptor : Void*,   # PSECURITY_DESCRIPTOR* optional, out
    NewSecurityDescriptorLength : UInt32*,   # DWORD* optional, out
    CheckOnly : UInt8   # BOOLEAN
  ) : UInt8
end
# 構造体/GUID/enum は lib 内に対応する型定義が必要。
# 呼出規約: x64 は規約統一のため OK。x86(32bit)は WINAPI=stdcall だが Crystal の fun に stdcall 付与構文がなく非対応。
import 'dart:ffi';
import 'package:ffi/ffi.dart';

typedef RtlNormalizeSecurityDescriptorNative = Uint8 Function(Pointer<Void>, Uint32, Pointer<Void>, Pointer<Uint32>, Uint8);
typedef RtlNormalizeSecurityDescriptorDart = int Function(Pointer<Void>, int, Pointer<Void>, Pointer<Uint32>, int);
final RtlNormalizeSecurityDescriptor = DynamicLibrary.open('ntdll.dll')
    .lookupFunction<RtlNormalizeSecurityDescriptorNative, RtlNormalizeSecurityDescriptorDart>('RtlNormalizeSecurityDescriptor');
// SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out -> Pointer<Void>
// SecurityDescriptorLength : DWORD -> Uint32
// NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out -> Pointer<Void>
// NewSecurityDescriptorLength : DWORD* optional, out -> Pointer<Uint32>
// CheckOnly : BOOLEAN -> Uint8
// 文字列は package:ffi の "...".toNativeUtf16()/toNativeUtf8() で変換。
{$mode objfpc}{$H+}
function RtlNormalizeSecurityDescriptor(
  SecurityDescriptor: Pointer;   // PSECURITY_DESCRIPTOR* in/out
  SecurityDescriptorLength: DWORD;   // DWORD
  NewSecurityDescriptor: Pointer;   // PSECURITY_DESCRIPTOR* optional, out
  NewSecurityDescriptorLength: Pointer;   // DWORD* optional, out
  CheckOnly: ByteBool   // BOOLEAN
): ByteBool; stdcall;
  external 'ntdll.dll' name 'RtlNormalizeSecurityDescriptor';
import Foreign
import Foreign.C.Types
import Foreign.C.String

foreign import stdcall safe "RtlNormalizeSecurityDescriptor"
  c_RtlNormalizeSecurityDescriptor :: Ptr () -> Word32 -> Ptr () -> Ptr Word32 -> Word8 -> IO Word8
-- SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out -> Ptr ()
-- SecurityDescriptorLength : DWORD -> Word32
-- NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out -> Ptr ()
-- NewSecurityDescriptorLength : DWORD* optional, out -> Ptr Word32
-- CheckOnly : BOOLEAN -> Word8
-- 要 GHC(Windows)。stdcall は x64 では ccall として扱われる。ブロックする API は safe 呼び出し推奨。
open Ctypes
open Foreign

let rtlnormalizesecuritydescriptor =
  foreign "RtlNormalizeSecurityDescriptor"
    ((ptr void) @-> uint32_t @-> (ptr void) @-> (ptr uint32_t) @-> uint8_t @-> returning uint8_t)
(* SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out -> (ptr void) *)
(* SecurityDescriptorLength : DWORD -> uint32_t *)
(* NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out -> (ptr void) *)
(* NewSecurityDescriptorLength : DWORD* optional, out -> (ptr uint32_t) *)
(* CheckOnly : BOOLEAN -> uint8_t *)
(* foreign は cdecl 前提。x64 Windows では WINAPI と一致。構造体は ctypes structure を定義のこと。 *)
(cffi:define-foreign-library ntdll (t "ntdll.dll"))
(cffi:use-foreign-library ntdll)

(cffi:defcfun ("RtlNormalizeSecurityDescriptor" rtl-normalize-security-descriptor :convention :stdcall) :uint8
  (security-descriptor :pointer)   ; PSECURITY_DESCRIPTOR* in/out
  (security-descriptor-length :uint32)   ; DWORD
  (new-security-descriptor :pointer)   ; PSECURITY_DESCRIPTOR* optional, out
  (new-security-descriptor-length :pointer)   ; DWORD* optional, out
  (check-only :uint8))   ; BOOLEAN
; isize/usize(INT_PTR/SIZE_T)は x64 前提で :int64/:uint64。x86 では :int32/:uint32。
use Win32::API;
my $RtlNormalizeSecurityDescriptor = Win32::API::More->new('ntdll',
    'BYTE RtlNormalizeSecurityDescriptor(HANDLE SecurityDescriptor, DWORD SecurityDescriptorLength, HANDLE NewSecurityDescriptor, LPVOID NewSecurityDescriptorLength, BYTE CheckOnly)');
# my $ret = $RtlNormalizeSecurityDescriptor->Call($SecurityDescriptor, $SecurityDescriptorLength, $NewSecurityDescriptor, $NewSecurityDescriptorLength, $CheckOnly);
# SecurityDescriptor : PSECURITY_DESCRIPTOR* in/out -> HANDLE
# SecurityDescriptorLength : DWORD -> DWORD
# NewSecurityDescriptor : PSECURITY_DESCRIPTOR* optional, out -> HANDLE
# NewSecurityDescriptorLength : DWORD* optional, out -> LPVOID
# CheckOnly : BOOLEAN -> BYTE
# 値渡し構造体は pack() した文字列、または Win32::API::Struct を使用。