Win32 API 日本語リファレンス
ホームSecurity › TOKEN_ACCESS_INFORMATION

TOKEN_ACCESS_INFORMATION

構造体
サイズx64: 88 バイト / x86: 56 バイト

サイズ=各フィールドのバイト数(x64/x86 で異なる場合は x64/x86 と併記)。x64/x86 列=フィールドのバイトオフセット(HSPで dupptr / lpoke / wpoke 等に使用)。

フィールド

フィールドサイズx64x86説明
SidHashSID_AND_ATTRIBUTES_HASH*8/4+0+0トークンのSIDと属性のハッシュ情報へのポインタ。
RestrictedSidHashSID_AND_ATTRIBUTES_HASH*8/4+8+4制限付きSIDと属性のハッシュ情報へのポインタ。
PrivilegesTOKEN_PRIVILEGES*8/4+16+8トークンの特権集合へのポインタ。
AuthenticationIdLUID8+24+12ログオンセッションを識別する認証ID(LUID)。
TokenTypeTOKEN_TYPE4+32+20トークンの種別(プライマリか偽装か)を示す列挙値。
ImpersonationLevelSECURITY_IMPERSONATION_LEVEL4+36+24偽装トークンの偽装レベルを示す列挙値。
MandatoryPolicyTOKEN_MANDATORY_POLICY4+40+28トークンの強制完全性ポリシー。
FlagsDWORD4+44+32トークンの状態を示すフラグの組み合わせ。
AppContainerNumberDWORD4+48+36AppContainer番号。0は非AppContainer。
PackageSidPSID8/4+56+40AppContainerパッケージのSIDへのポインタ。NULL可。
CapabilitiesHashSID_AND_ATTRIBUTES_HASH*8/4+64+44ケイパビリティSIDと属性のハッシュ情報へのポインタ。
TrustLevelSidPSID8/4+72+48トークンの信頼レベルを表すSIDへのポインタ。NULL可。
SecurityAttributesvoid*8/4+80+52トークンのセキュリティ属性情報へのポインタ。

各言語での定義

#include <windows.h>

// LUID  (x64 8 / x86 8 バイト)
typedef struct LUID {
    DWORD LowPart;
    INT HighPart;
} LUID;

// TOKEN_MANDATORY_POLICY  (x64 4 / x86 4 バイト)
typedef struct TOKEN_MANDATORY_POLICY {
    TOKEN_MANDATORY_POLICY_ID Policy;
} TOKEN_MANDATORY_POLICY;

// TOKEN_ACCESS_INFORMATION  (x64 88 / x86 56 バイト)
typedef struct TOKEN_ACCESS_INFORMATION {
    SID_AND_ATTRIBUTES_HASH* SidHash;
    SID_AND_ATTRIBUTES_HASH* RestrictedSidHash;
    TOKEN_PRIVILEGES* Privileges;
    LUID AuthenticationId;
    TOKEN_TYPE TokenType;
    SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
    TOKEN_MANDATORY_POLICY MandatoryPolicy;
    DWORD Flags;
    DWORD AppContainerNumber;
    PSID PackageSid;
    SID_AND_ATTRIBUTES_HASH* CapabilitiesHash;
    PSID TrustLevelSid;
    void* SecurityAttributes;
} TOKEN_ACCESS_INFORMATION;
using System;
using System.Runtime.InteropServices;

[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public struct LUID
{
    public uint LowPart;
    public int HighPart;
}

[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public struct TOKEN_MANDATORY_POLICY
{
    public uint Policy;
}

[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public struct TOKEN_ACCESS_INFORMATION
{
    public IntPtr SidHash;
    public IntPtr RestrictedSidHash;
    public IntPtr Privileges;
    public LUID AuthenticationId;
    public int TokenType;
    public int ImpersonationLevel;
    public TOKEN_MANDATORY_POLICY MandatoryPolicy;
    public uint Flags;
    public uint AppContainerNumber;
    public IntPtr PackageSid;
    public IntPtr CapabilitiesHash;
    public IntPtr TrustLevelSid;
    public IntPtr SecurityAttributes;
}
Imports System.Runtime.InteropServices

<StructLayout(LayoutKind.Sequential, CharSet:=CharSet.Unicode)>
Public Structure LUID
    Public LowPart As UInteger
    Public HighPart As Integer
End Structure

<StructLayout(LayoutKind.Sequential, CharSet:=CharSet.Unicode)>
Public Structure TOKEN_MANDATORY_POLICY
    Public Policy As UInteger
End Structure

<StructLayout(LayoutKind.Sequential, CharSet:=CharSet.Unicode)>
Public Structure TOKEN_ACCESS_INFORMATION
    Public SidHash As IntPtr
    Public RestrictedSidHash As IntPtr
    Public Privileges As IntPtr
    Public AuthenticationId As LUID
    Public TokenType As Integer
    Public ImpersonationLevel As Integer
    Public MandatoryPolicy As TOKEN_MANDATORY_POLICY
    Public Flags As UInteger
    Public AppContainerNumber As UInteger
    Public PackageSid As IntPtr
    Public CapabilitiesHash As IntPtr
    Public TrustLevelSid As IntPtr
    Public SecurityAttributes As IntPtr
End Structure
import ctypes
from ctypes import wintypes

class LUID(ctypes.Structure):
    _fields_ = [
        ("LowPart", wintypes.DWORD),
        ("HighPart", ctypes.c_int),
    ]

class TOKEN_MANDATORY_POLICY(ctypes.Structure):
    _fields_ = [
        ("Policy", wintypes.DWORD),
    ]

class TOKEN_ACCESS_INFORMATION(ctypes.Structure):
    _fields_ = [
        ("SidHash", ctypes.c_void_p),
        ("RestrictedSidHash", ctypes.c_void_p),
        ("Privileges", ctypes.c_void_p),
        ("AuthenticationId", LUID),
        ("TokenType", ctypes.c_int),
        ("ImpersonationLevel", ctypes.c_int),
        ("MandatoryPolicy", TOKEN_MANDATORY_POLICY),
        ("Flags", wintypes.DWORD),
        ("AppContainerNumber", wintypes.DWORD),
        ("PackageSid", ctypes.c_void_p),
        ("CapabilitiesHash", ctypes.c_void_p),
        ("TrustLevelSid", ctypes.c_void_p),
        ("SecurityAttributes", ctypes.c_void_p),
    ]
#[repr(C)]
pub struct LUID {
    pub LowPart: u32,
    pub HighPart: i32,
}

#[repr(C)]
pub struct TOKEN_MANDATORY_POLICY {
    pub Policy: u32,
}

#[repr(C)]
pub struct TOKEN_ACCESS_INFORMATION {
    pub SidHash: *mut core::ffi::c_void,
    pub RestrictedSidHash: *mut core::ffi::c_void,
    pub Privileges: *mut core::ffi::c_void,
    pub AuthenticationId: LUID,
    pub TokenType: i32,
    pub ImpersonationLevel: i32,
    pub MandatoryPolicy: TOKEN_MANDATORY_POLICY,
    pub Flags: u32,
    pub AppContainerNumber: u32,
    pub PackageSid: *mut core::ffi::c_void,
    pub CapabilitiesHash: *mut core::ffi::c_void,
    pub TrustLevelSid: *mut core::ffi::c_void,
    pub SecurityAttributes: *mut core::ffi::c_void,
}
import "golang.org/x/sys/windows"

type LUID struct {
	LowPart uint32
	HighPart int32
}

type TOKEN_MANDATORY_POLICY struct {
	Policy uint32
}

type TOKEN_ACCESS_INFORMATION struct {
	SidHash uintptr
	RestrictedSidHash uintptr
	Privileges uintptr
	AuthenticationId LUID
	TokenType int32
	ImpersonationLevel int32
	MandatoryPolicy TOKEN_MANDATORY_POLICY
	Flags uint32
	AppContainerNumber uint32
	PackageSid uintptr
	CapabilitiesHash uintptr
	TrustLevelSid uintptr
	SecurityAttributes uintptr
}
type
  LUID = record
    LowPart: DWORD;
    HighPart: Integer;
  end;

  TOKEN_MANDATORY_POLICY = record
    Policy: DWORD;
  end;

  TOKEN_ACCESS_INFORMATION = record
    SidHash: Pointer;
    RestrictedSidHash: Pointer;
    Privileges: Pointer;
    AuthenticationId: LUID;
    TokenType: Integer;
    ImpersonationLevel: Integer;
    MandatoryPolicy: TOKEN_MANDATORY_POLICY;
    Flags: DWORD;
    AppContainerNumber: DWORD;
    PackageSid: Pointer;
    CapabilitiesHash: Pointer;
    TrustLevelSid: Pointer;
    SecurityAttributes: Pointer;
  end;
const LUID = extern struct {
    LowPart: u32,
    HighPart: i32,
};

const TOKEN_MANDATORY_POLICY = extern struct {
    Policy: u32,
};

const TOKEN_ACCESS_INFORMATION = extern struct {
    SidHash: ?*anyopaque,
    RestrictedSidHash: ?*anyopaque,
    Privileges: ?*anyopaque,
    AuthenticationId: LUID,
    TokenType: i32,
    ImpersonationLevel: i32,
    MandatoryPolicy: TOKEN_MANDATORY_POLICY,
    Flags: u32,
    AppContainerNumber: u32,
    PackageSid: ?*anyopaque,
    CapabilitiesHash: ?*anyopaque,
    TrustLevelSid: ?*anyopaque,
    SecurityAttributes: ?*anyopaque,
};
type
  LUID {.bycopy.} = object
    LowPart: uint32
    HighPart: int32

  TOKEN_MANDATORY_POLICY {.bycopy.} = object
    Policy: uint32

  TOKEN_ACCESS_INFORMATION {.bycopy.} = object
    SidHash: pointer
    RestrictedSidHash: pointer
    Privileges: pointer
    AuthenticationId: LUID
    TokenType: int32
    ImpersonationLevel: int32
    MandatoryPolicy: TOKEN_MANDATORY_POLICY
    Flags: uint32
    AppContainerNumber: uint32
    PackageSid: pointer
    CapabilitiesHash: pointer
    TrustLevelSid: pointer
    SecurityAttributes: pointer
struct LUID
{
    uint LowPart;
    int HighPart;
}

struct TOKEN_MANDATORY_POLICY
{
    uint Policy;
}

struct TOKEN_ACCESS_INFORMATION
{
    void* SidHash;
    void* RestrictedSidHash;
    void* Privileges;
    LUID AuthenticationId;
    int TokenType;
    int ImpersonationLevel;
    TOKEN_MANDATORY_POLICY MandatoryPolicy;
    uint Flags;
    uint AppContainerNumber;
    void* PackageSid;
    void* CapabilitiesHash;
    void* TrustLevelSid;
    void* SecurityAttributes;
}

HSP用 定義

HSP3.7/3.8 は構造体機能が無いため4byte整数配列(dim)+peek/poke で操作(32/64bitでサイズ・位置が異なる場合はタブで分割)。IronHSP は NSTRUCT(#defstruct/stdim/->)で32/64bit共通。

; HSP3.7/3.8 は構造体機能が無いため、4byte整数の配列変数で操作します。(x86 レイアウト)
; TOKEN_ACCESS_INFORMATION サイズ: 56 バイト(x86)
dim st, 14    ; 4byte整数×14(構造体サイズ 56 / 4 切り上げ)
; SidHash : SID_AND_ATTRIBUTES_HASH* (+0, 4byte)  varptr(st)+0 を基点に操作(4byte:入れ子/配列)
; RestrictedSidHash : SID_AND_ATTRIBUTES_HASH* (+4, 4byte)  varptr(st)+4 を基点に操作(4byte:入れ子/配列)
; Privileges : TOKEN_PRIVILEGES* (+8, 4byte)  varptr(st)+8 を基点に操作(4byte:入れ子/配列)
; AuthenticationId : LUID (+12, 8byte)  varptr(st)+12 を基点に操作(8byte:入れ子/配列)
; TokenType : TOKEN_TYPE (+20, 4byte)  st.5 = 値  /  値 = st.5   (lpoke/lpeek も可)
; ImpersonationLevel : SECURITY_IMPERSONATION_LEVEL (+24, 4byte)  st.6 = 値  /  値 = st.6   (lpoke/lpeek も可)
; MandatoryPolicy : TOKEN_MANDATORY_POLICY (+28, 4byte)  varptr(st)+28 を基点に操作(4byte:入れ子/配列)
; Flags : DWORD (+32, 4byte)  st.8 = 値  /  値 = st.8   (lpoke/lpeek も可)
; AppContainerNumber : DWORD (+36, 4byte)  st.9 = 値  /  値 = st.9   (lpoke/lpeek も可)
; PackageSid : PSID (+40, 4byte)  st.10 = 値  /  値 = st.10   (lpoke/lpeek も可)
; CapabilitiesHash : SID_AND_ATTRIBUTES_HASH* (+44, 4byte)  varptr(st)+44 を基点に操作(4byte:入れ子/配列)
; TrustLevelSid : PSID (+48, 4byte)  st.12 = 値  /  値 = st.12   (lpoke/lpeek も可)
; SecurityAttributes : void* (+52, 4byte)  st.13 = 値  /  値 = st.13   (lpoke/lpeek も可)
; ※4byte境界の整数は添字 st.N(N=オフセット/4)で読み書き可。それ以外は peek/poke 系を使用。
; HSP3.7/3.8 は構造体機能が無いため、4byte整数の配列変数で操作します。(x64 レイアウト)
; TOKEN_ACCESS_INFORMATION サイズ: 88 バイト(x64)
dim st, 22    ; 4byte整数×22(構造体サイズ 88 / 4 切り上げ)
; SidHash : SID_AND_ATTRIBUTES_HASH* (+0, 8byte)  varptr(st)+0 を基点に操作(8byte:入れ子/配列)
; RestrictedSidHash : SID_AND_ATTRIBUTES_HASH* (+8, 8byte)  varptr(st)+8 を基点に操作(8byte:入れ子/配列)
; Privileges : TOKEN_PRIVILEGES* (+16, 8byte)  varptr(st)+16 を基点に操作(8byte:入れ子/配列)
; AuthenticationId : LUID (+24, 8byte)  varptr(st)+24 を基点に操作(8byte:入れ子/配列)
; TokenType : TOKEN_TYPE (+32, 4byte)  st.8 = 値  /  値 = st.8   (lpoke/lpeek も可)
; ImpersonationLevel : SECURITY_IMPERSONATION_LEVEL (+36, 4byte)  st.9 = 値  /  値 = st.9   (lpoke/lpeek も可)
; MandatoryPolicy : TOKEN_MANDATORY_POLICY (+40, 4byte)  varptr(st)+40 を基点に操作(4byte:入れ子/配列)
; Flags : DWORD (+44, 4byte)  st.11 = 値  /  値 = st.11   (lpoke/lpeek も可)
; AppContainerNumber : DWORD (+48, 4byte)  st.12 = 値  /  値 = st.12   (lpoke/lpeek も可)
; PackageSid : PSID (+56, 8byte)  qpoke st,56,値 / qpeek(st,56)  ※IronHSPのみ。3.7/3.8は lpoke st,56,下位 : lpoke st,60,上位
; CapabilitiesHash : SID_AND_ATTRIBUTES_HASH* (+64, 8byte)  varptr(st)+64 を基点に操作(8byte:入れ子/配列)
; TrustLevelSid : PSID (+72, 8byte)  qpoke st,72,値 / qpeek(st,72)  ※IronHSPのみ。3.7/3.8は lpoke st,72,下位 : lpoke st,76,上位
; SecurityAttributes : void* (+80, 8byte)  qpoke st,80,値 / qpeek(st,80)  ※IronHSPのみ。3.7/3.8は lpoke st,80,下位 : lpoke st,84,上位
; ※4byte境界の整数は添字 st.N(N=オフセット/4)で読み書き可。それ以外は peek/poke 系を使用。
; IronHSP は NSTRUCT(構造体)をサポート。32bit/64bit どちらでも同じコードで動作します。
; ※GUID・入れ子構造体はデフォルト型でないため、依存する #defstruct を先に定義(下記に同梱)。
#defstruct global LUID
    #field int LowPart
    #field int HighPart
#endstruct

#defstruct global TOKEN_MANDATORY_POLICY
    #field int Policy
#endstruct

#defstruct global TOKEN_ACCESS_INFORMATION
    #field intptr SidHash
    #field intptr RestrictedSidHash
    #field intptr Privileges
    #field LUID AuthenticationId
    #field int TokenType
    #field int ImpersonationLevel
    #field TOKEN_MANDATORY_POLICY MandatoryPolicy
    #field int Flags
    #field int AppContainerNumber
    #field intptr PackageSid
    #field intptr CapabilitiesHash
    #field intptr TrustLevelSid
    #field intptr SecurityAttributes
#endstruct

stdim st, TOKEN_ACCESS_INFORMATION        ; NSTRUCT 変数を確保
st->TokenType = 100
mes "TokenType=" + st->TokenType