ReactOS 0.4.15-dev-8135-g1bc6c90
winsafer.h
Go to the documentation of this file.
1/*
2 * winsafer.h
3 *
4 * This file is part of the ReactOS PSDK package.
5 *
6 * Contributors:
7 * Thomas Faber (thomas.faber@reactos.org)
8 *
9 * THIS SOFTWARE IS NOT COPYRIGHTED
10 *
11 * This source code is offered for use in the public domain. You may
12 * use, modify or distribute it freely.
13 *
14 * This code is distributed in the hope that it will be useful but
15 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
16 * DISCLAIMED. This includes but is not limited to warranties of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
18 *
19 */
20#pragma once
21
22#ifndef _WINSAFER_H
23#define _WINSAFER_H
24
25#include <guiddef.h>
26#include <wincrypt.h>
27
28#ifdef __cplusplus
29extern "C" {
30#endif /* __cplusplus */
31
32DECLARE_HANDLE(SAFER_LEVEL_HANDLE);
33
34#define SAFER_SCOPEID_MACHINE 1
35#define SAFER_SCOPEID_USER 2
36
37#define SAFER_LEVELID_DISALLOWED 0x00000
38#define SAFER_LEVELID_UNTRUSTED 0x01000
39#define SAFER_LEVELID_CONSTRAINED 0x10000
40#define SAFER_LEVELID_NORMALUSER 0x20000
41#define SAFER_LEVELID_FULLYTRUSTED 0x40000
42
43#define SAFER_LEVEL_OPEN 1
44
45#define SAFER_MAX_HASH_SIZE 64
46#define SAFER_MAX_DESCRIPTION_SIZE 256
47#define SAFER_MAX_FRIENDLYNAME_SIZE 256
48
49#define SAFER_TOKEN_NULL_IF_EQUAL 0x1
50#define SAFER_TOKEN_COMPARE_ONLY 0x2
51#define SAFER_TOKEN_MAKE_INERT 0x4
52#define SAFER_TOKEN_WANT_FLAGS 0x8
53
54#define SAFER_CRITERIA_IMAGEPATH 0x0001
55#define SAFER_CRITERIA_NOSIGNEDHASH 0x0002
56#define SAFER_CRITERIA_IMAGEHASH 0x0004
57#define SAFER_CRITERIA_AUTHENTICODE 0x0008
58#define SAFER_CRITERIA_URLZONE 0x0010
59#define SAFER_CRITERIA_APPX_PACKAGE 0x0020
60#define SAFER_CRITERIA_IMAGEPATH_NT 0x1000
61
62#define SAFER_POLICY_JOBID_UNTRUSTED 0x03000000
63#define SAFER_POLICY_JOBID_CONSTRAINED 0x04000000
64#define SAFER_POLICY_JOBID_MASK 0xFF000000
65#define SAFER_POLICY_ONLY_EXES 0x00010000
66#define SAFER_POLICY_SANDBOX_INERT 0x00020000
67#define SAFER_POLICY_HASH_DUPLICATE 0x00040000
68#define SAFER_POLICY_ONLY_AUDIT 0x00001000
69#define SAFER_POLICY_BLOCK_CLIENT_UI 0x00002000
70#define SAFER_POLICY_UIFLAGS_INFORMATION_PROMPT 0x00000001
71#define SAFER_POLICY_UIFLAGS_OPTION_PROMPT 0x00000002
72#define SAFER_POLICY_UIFLAGS_HIDDEN 0x00000004
73#define SAFER_POLICY_UIFLAGS_MASK 0x000000FF
74
75
76#include <pshpack8.h>
77
79{
93
95{
103
104#include <poppack.h>
105
106/* NOTE: MS defines SAFER_CODE_PROPERTIES as V2 unconditionally,
107 * which is... not smart */
108#if _WIN32_WINNT >= 0x602
110#else /* _WIN32_WINNT */
112#endif /* _WIN32_WINNT */
113
115{
133
135{
144
146{
153
154#include <pshpack8.h>
155
157{
163
165{
171
173{
183
185{
191
193{
198
199#include <poppack.h>
200
201
203BOOL
204WINAPI
206 _In_ SAFER_LEVEL_HANDLE hLevelHandle);
207
209BOOL
210WINAPI
212 _In_ SAFER_LEVEL_HANDLE LevelHandle,
213 _In_opt_ HANDLE InAccessToken,
214 _Out_ PHANDLE OutAccessToken,
216 _Inout_opt_ PVOID pReserved);
217
219BOOL
220WINAPI
222 _In_ DWORD dwScopeId,
223 _In_ DWORD dwLevelId,
224 _In_ DWORD OpenFlags,
225 _Outptr_ SAFER_LEVEL_HANDLE *pLevelHandle,
226 _Reserved_ PVOID pReserved);
227
229BOOL
230WINAPI
232 _In_ SAFER_LEVEL_HANDLE LevelHandle,
233 _In_ SAFER_OBJECT_INFO_CLASS dwInfoType,
234 _Out_writes_bytes_opt_(dwInBufferSize) PVOID pQueryBuffer,
235 _In_ DWORD dwInBufferSize,
236 _Out_ PDWORD pdwOutBufferSize);
237
239BOOL
240WINAPI
242 _In_ DWORD dwScopeId,
243 _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,
244 _In_ DWORD InfoBufferSize,
245 _Out_writes_bytes_opt_(InfoBufferSize) PVOID InfoBuffer,
246 _Out_ PDWORD InfoBufferRetSize,
247 _Reserved_ PVOID pReserved);
248
250BOOL
251WINAPI
253 _In_ DWORD dwNumProperties,
254 _In_reads_opt_(dwNumProperties) PSAFER_CODE_PROPERTIES pCodeProperties,
255 _Outptr_ SAFER_LEVEL_HANDLE *pLevelHandle,
256 _Reserved_ PVOID pReserved);
257
259BOOL
260WINAPI
262 _In_ PCWSTR szFullPath,
263 _In_ BOOLEAN bFromShellExecute);
264
266BOOL
267WINAPI
269 _In_ SAFER_LEVEL_HANDLE hLevel,
270 _In_ PCWSTR szTargetPath,
271 _Reserved_ PVOID pReserved);
272
274BOOL
275WINAPI
277 _In_ SAFER_LEVEL_HANDLE LevelHandle,
278 _In_ SAFER_OBJECT_INFO_CLASS dwInfoType,
279 _In_reads_bytes_(dwInBufferSize) PVOID pQueryBuffer,
280 _In_ DWORD dwInBufferSize);
281
283BOOL
284WINAPI
286 _In_ DWORD dwScopeId,
287 _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,
288 _In_ DWORD InfoBufferSize,
289 _In_reads_bytes_(InfoBufferSize) PVOID InfoBuffer,
290 _Reserved_ PVOID pReserved);
291
292
293#define SRP_POLICY_EXE L"EXE"
294#define SRP_POLICY_DLL L"DLL"
295#define SRP_POLICY_MSI L"MSI"
296#define SRP_POLICY_SCRIPT L"SCRIPT"
297#define SRP_POLICY_SHELL L"SHELL"
298#define SRP_POLICY_NOV2 L"IGNORESRPV2"
299#define SRP_POLICY_APPX L"APPX"
300#define SRP_POLICY_WLDPMSI L"WLDPMSI"
301#define SRP_POLICY_WLDPSCRIPT L"WLDPSCRIPT"
302
303#ifdef __cplusplus
304} /* extern "C" */
305#endif /* __cplusplus */
306
307#endif /* _WINSAFER_H */
unsigned char BOOLEAN
#define SaferIdentifyLevel(c, p, h, r)
unsigned int BOOL
Definition: ntddk_ex.h:94
unsigned long DWORD
Definition: ntddk_ex.h:95
#define DECLARE_HANDLE(name)
Definition: mimeole.idl:23
unsigned __int64 ULONG64
Definition: imports.h:198
#define _In_reads_bytes_(size)
Definition: ms_sal.h:321
#define _Outptr_
Definition: ms_sal.h:427
#define _Inout_opt_
Definition: ms_sal.h:379
#define _Out_
Definition: ms_sal.h:345
#define _In_reads_opt_(size)
Definition: ms_sal.h:320
#define _In_
Definition: ms_sal.h:308
#define _In_opt_
Definition: ms_sal.h:309
#define _Reserved_
Definition: ms_sal.h:295
#define _Out_writes_bytes_opt_(size)
Definition: ms_sal.h:351
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
BYTE * PBYTE
Definition: pedump.c:66
DWORD * PDWORD
Definition: pedump.c:68
LARGE_INTEGER ImageSize
Definition: winsafer.h:87
BYTE ImageHash[SAFER_MAX_HASH_SIZE]
Definition: winsafer.h:85
SAFER_HASH_IDENTIFICATION hashIdentification
Definition: winsafer.h:186
BYTE ImageHash[SAFER_MAX_HASH_SIZE]
Definition: winsafer.h:188
SAFER_IDENTIFICATION_HEADER header
Definition: winsafer.h:174
WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE]
Definition: winsafer.h:175
WCHAR FriendlyName[SAFER_MAX_FRIENDLYNAME_SIZE]
Definition: winsafer.h:176
BYTE ImageHash[SAFER_MAX_HASH_SIZE]
Definition: winsafer.h:178
LARGE_INTEGER ImageSize
Definition: winsafer.h:180
SAFER_IDENTIFICATION_TYPES dwIdentificationType
Definition: winsafer.h:158
WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE]
Definition: winsafer.h:167
SAFER_IDENTIFICATION_HEADER header
Definition: winsafer.h:166
SAFER_IDENTIFICATION_HEADER header
Definition: winsafer.h:194
const uint16_t * PCWSTR
Definition: typedefs.h:57
uint16_t * PWCHAR
Definition: typedefs.h:56
#define WINADVAPI
Definition: wincred.h:29
_In_ PCCERT_CONTEXT _In_ DWORD dwFlags
Definition: wincrypt.h:1176
unsigned int ALG_ID
Definition: wincrypt.h:45
#define WINAPI
Definition: msvc.h:6
WINADVAPI BOOL WINAPI SaferComputeTokenFromLevel(_In_ SAFER_LEVEL_HANDLE LevelHandle, _In_opt_ HANDLE InAccessToken, _Out_ PHANDLE OutAccessToken, _In_ DWORD dwFlags, _Inout_opt_ PVOID pReserved)
Definition: safer.c:150
WINADVAPI BOOL WINAPI SaferCreateLevel(_In_ DWORD dwScopeId, _In_ DWORD dwLevelId, _In_ DWORD OpenFlags, _Outptr_ SAFER_LEVEL_HANDLE *pLevelHandle, _Reserved_ PVOID pReserved)
Definition: safer.c:23
_SAFER_IDENTIFICATION_TYPES
Definition: winsafer.h:146
@ SaferIdentityTypeUrlZone
Definition: winsafer.h:150
@ SaferIdentityDefault
Definition: winsafer.h:147
@ SaferIdentityTypeCertificate
Definition: winsafer.h:151
@ SaferIdentityTypeImageHash
Definition: winsafer.h:149
@ SaferIdentityTypeImageName
Definition: winsafer.h:148
struct _SAFER_CODE_PROPERTIES_V1 SAFER_CODE_PROPERTIES_V1
struct _SAFER_IDENTIFICATION_HEADER SAFER_IDENTIFICATION_HEADER
#define SAFER_MAX_HASH_SIZE
Definition: winsafer.h:45
struct _SAFER_HASH_IDENTIFICATION2 SAFER_HASH_IDENTIFICATION2
struct _SAFER_IDENTIFICATION_HEADER * PSAFER_IDENTIFICATION_HEADER
struct _SAFER_URLZONE_IDENTIFICATION SAFER_URLZONE_IDENTIFICATION
struct _SAFER_PATHNAME_IDENTIFICATION SAFER_PATHNAME_IDENTIFICATION
WINADVAPI BOOL WINAPI SaferRecordEventLogEntry(_In_ SAFER_LEVEL_HANDLE hLevel, _In_ PCWSTR szTargetPath, _Reserved_ PVOID pReserved)
Definition: safer.c:170
struct _SAFER_HASH_IDENTIFICATION SAFER_HASH_IDENTIFICATION
struct _SAFER_CODE_PROPERTIES_V2 SAFER_CODE_PROPERTIES_V2
WINADVAPI BOOL WINAPI SaferGetLevelInformation(_In_ SAFER_LEVEL_HANDLE LevelHandle, _In_ SAFER_OBJECT_INFO_CLASS dwInfoType, _Out_writes_bytes_opt_(dwInBufferSize) PVOID pQueryBuffer, _In_ DWORD dwInBufferSize, _Out_ PDWORD pdwOutBufferSize)
WINADVAPI BOOL WINAPI SaferiIsExecutableFileType(_In_ PCWSTR szFullPath, _In_ BOOLEAN bFromShellExecute)
WINADVAPI BOOL WINAPI SaferSetPolicyInformation(_In_ DWORD dwScopeId, _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass, _In_ DWORD InfoBufferSize, _In_reads_bytes_(InfoBufferSize) PVOID InfoBuffer, _Reserved_ PVOID pReserved)
_SAFER_OBJECT_INFO_CLASS
Definition: winsafer.h:115
@ SaferObjectRestrictedSidsInverted
Definition: winsafer.h:127
@ SaferObjectDisallowed
Definition: winsafer.h:121
@ SaferObjectSidsToDisable
Definition: winsafer.h:126
@ SaferObjectDisableMaxPrivilege
Definition: winsafer.h:122
@ SaferObjectInvertDeletedPrivileges
Definition: winsafer.h:123
@ SaferObjectDeletedPrivileges
Definition: winsafer.h:124
@ SaferObjectScopeId
Definition: winsafer.h:117
@ SaferObjectDefaultOwner
Definition: winsafer.h:125
@ SaferObjectExtendedError
Definition: winsafer.h:131
@ SaferObjectAllIdentificationGuids
Definition: winsafer.h:129
@ SaferObjectDescription
Definition: winsafer.h:119
@ SaferObjectRestrictedSidsAdded
Definition: winsafer.h:128
@ SaferObjectSingleIdentification
Definition: winsafer.h:130
@ SaferObjectBuiltin
Definition: winsafer.h:120
@ SaferObjectFriendlyName
Definition: winsafer.h:118
@ SaferObjectLevelId
Definition: winsafer.h:116
SAFER_CODE_PROPERTIES_V1 SAFER_CODE_PROPERTIES
Definition: winsafer.h:111
struct _SAFER_URLZONE_IDENTIFICATION * PSAFER_URLZONE_IDENTIFICATION
_SAFER_POLICY_INFO_CLASS
Definition: winsafer.h:135
@ SaferPolicyEnableTransparentEnforcement
Definition: winsafer.h:137
@ SaferPolicyScopeFlags
Definition: winsafer.h:140
@ SaferPolicyDefaultLevel
Definition: winsafer.h:138
@ SaferPolicyEvaluateUserScope
Definition: winsafer.h:139
@ SaferPolicyAuthenticodeEnabled
Definition: winsafer.h:142
@ SaferPolicyLevelList
Definition: winsafer.h:136
@ SaferPolicyDefaultLevelFlags
Definition: winsafer.h:141
struct _SAFER_CODE_PROPERTIES_V2 * PSAFER_CODE_PROPERTIES_V2
enum _SAFER_OBJECT_INFO_CLASS SAFER_OBJECT_INFO_CLASS
SAFER_CODE_PROPERTIES_V1 * PSAFER_CODE_PROPERTIES
Definition: winsafer.h:111
enum _SAFER_POLICY_INFO_CLASS SAFER_POLICY_INFO_CLASS
#define SAFER_MAX_FRIENDLYNAME_SIZE
Definition: winsafer.h:47
struct _SAFER_HASH_IDENTIFICATION2 * PSAFER_HASH_IDENTIFICATION2
struct _SAFER_PATHNAME_IDENTIFICATION * PSAFER_PATHNAME_IDENTIFICATION
struct _SAFER_HASH_IDENTIFICATION * PSAFER_HASH_IDENTIFICATION
WINADVAPI BOOL WINAPI SaferCloseLevel(_In_ SAFER_LEVEL_HANDLE hLevelHandle)
Definition: safer.c:80
struct _SAFER_CODE_PROPERTIES_V1 * PSAFER_CODE_PROPERTIES_V1
WINADVAPI BOOL WINAPI SaferGetPolicyInformation(_In_ DWORD dwScopeId, _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass, _In_ DWORD InfoBufferSize, _Out_writes_bytes_opt_(InfoBufferSize) PVOID InfoBuffer, _Out_ PDWORD InfoBufferRetSize, _Reserved_ PVOID pReserved)
Definition: safer.c:119
WINADVAPI BOOL WINAPI SaferSetLevelInformation(_In_ SAFER_LEVEL_HANDLE LevelHandle, _In_ SAFER_OBJECT_INFO_CLASS dwInfoType, _In_reads_bytes_(dwInBufferSize) PVOID pQueryBuffer, _In_ DWORD dwInBufferSize)
#define SAFER_MAX_DESCRIPTION_SIZE
Definition: winsafer.h:46
enum _SAFER_IDENTIFICATION_TYPES SAFER_IDENTIFICATION_TYPES
__wchar_t WCHAR
Definition: xmlstorage.h:180
unsigned char BYTE
Definition: xxhash.c:193