ReactOS  0.4.14-dev-337-gf981a68
winsafer.h
Go to the documentation of this file.
1 /*
2  * winsafer.h
3  *
4  * This file is part of the ReactOS PSDK package.
5  *
6  * Contributors:
7  * Thomas Faber (thomas.faber@reactos.org)
8  *
9  * THIS SOFTWARE IS NOT COPYRIGHTED
10  *
11  * This source code is offered for use in the public domain. You may
12  * use, modify or distribute it freely.
13  *
14  * This code is distributed in the hope that it will be useful but
15  * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
16  * DISCLAIMED. This includes but is not limited to warranties of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
18  *
19  */
20 #pragma once
21 
22 #ifndef _WINSAFER_H
23 #define _WINSAFER_H
24 
25 #include <guiddef.h>
26 #include <wincrypt.h>
27 
28 #ifdef __cplusplus
29 extern "C" {
30 #endif /* __cplusplus */
31 
32 DECLARE_HANDLE(SAFER_LEVEL_HANDLE);
33 
34 #define SAFER_SCOPEID_MACHINE 1
35 #define SAFER_SCOPEID_USER 2
36 
37 #define SAFER_LEVELID_DISALLOWED 0x00000
38 #define SAFER_LEVELID_UNTRUSTED 0x01000
39 #define SAFER_LEVELID_CONSTRAINED 0x10000
40 #define SAFER_LEVELID_NORMALUSER 0x20000
41 #define SAFER_LEVELID_FULLYTRUSTED 0x40000
42 
43 #define SAFER_LEVEL_OPEN 1
44 
45 #define SAFER_MAX_HASH_SIZE 64
46 #define SAFER_MAX_DESCRIPTION_SIZE 256
47 #define SAFER_MAX_FRIENDLYNAME_SIZE 256
48 
49 #define SAFER_TOKEN_NULL_IF_EQUAL 0x1
50 #define SAFER_TOKEN_COMPARE_ONLY 0x2
51 #define SAFER_TOKEN_MAKE_INERT 0x4
52 #define SAFER_TOKEN_WANT_FLAGS 0x8
53 
54 #define SAFER_CRITERIA_IMAGEPATH 0x0001
55 #define SAFER_CRITERIA_NOSIGNEDHASH 0x0002
56 #define SAFER_CRITERIA_IMAGEHASH 0x0004
57 #define SAFER_CRITERIA_AUTHENTICODE 0x0008
58 #define SAFER_CRITERIA_URLZONE 0x0010
59 #define SAFER_CRITERIA_APPX_PACKAGE 0x0020
60 #define SAFER_CRITERIA_IMAGEPATH_NT 0x1000
61 
62 #define SAFER_POLICY_JOBID_UNTRUSTED 0x03000000
63 #define SAFER_POLICY_JOBID_CONSTRAINED 0x04000000
64 #define SAFER_POLICY_JOBID_MASK 0xFF000000
65 #define SAFER_POLICY_ONLY_EXES 0x00010000
66 #define SAFER_POLICY_SANDBOX_INERT 0x00020000
67 #define SAFER_POLICY_HASH_DUPLICATE 0x00040000
68 #define SAFER_POLICY_ONLY_AUDIT 0x00001000
69 #define SAFER_POLICY_BLOCK_CLIENT_UI 0x00002000
70 #define SAFER_POLICY_UIFLAGS_INFORMATION_PROMPT 0x00000001
71 #define SAFER_POLICY_UIFLAGS_OPTION_PROMPT 0x00000002
72 #define SAFER_POLICY_UIFLAGS_HIDDEN 0x00000004
73 #define SAFER_POLICY_UIFLAGS_MASK 0x000000FF
74 
75 
76 #include <pshpack8.h>
77 
79 {
93 
95 {
103 
104 #include <poppack.h>
105 
106 /* NOTE: MS defines SAFER_CODE_PROPERTIES as V2 unconditionally,
107  * which is... not smart */
108 #if _WIN32_WINNT >= 0x602
110 #else /* _WIN32_WINNT */
112 #endif /* _WIN32_WINNT */
113 
115 {
133 
135 {
144 
146 {
153 
154 #include <pshpack8.h>
155 
157 {
163 
165 {
171 
173 {
183 
185 {
191 
193 {
198 
199 #include <poppack.h>
200 
201 
202 WINADVAPI
203 BOOL
204 WINAPI
206  _In_ SAFER_LEVEL_HANDLE hLevelHandle);
207 
208 WINADVAPI
209 BOOL
210 WINAPI
212  _In_ SAFER_LEVEL_HANDLE LevelHandle,
213  _In_opt_ HANDLE InAccessToken,
214  _Out_ PHANDLE OutAccessToken,
216  _Inout_opt_ PVOID pReserved);
217 
218 WINADVAPI
219 BOOL
220 WINAPI
222  _In_ DWORD dwScopeId,
223  _In_ DWORD dwLevelId,
224  _In_ DWORD OpenFlags,
225  _Outptr_ SAFER_LEVEL_HANDLE *pLevelHandle,
226  _Reserved_ PVOID pReserved);
227 
228 WINADVAPI
229 BOOL
230 WINAPI
232  _In_ SAFER_LEVEL_HANDLE LevelHandle,
233  _In_ SAFER_OBJECT_INFO_CLASS dwInfoType,
234  _Out_writes_bytes_opt_(dwInBufferSize) PVOID pQueryBuffer,
235  _In_ DWORD dwInBufferSize,
236  _Out_ PDWORD pdwOutBufferSize);
237 
238 WINADVAPI
239 BOOL
240 WINAPI
242  _In_ DWORD dwScopeId,
243  _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,
244  _In_ DWORD InfoBufferSize,
245  _Out_writes_bytes_opt_(InfoBufferSize) PVOID InfoBuffer,
246  _Out_ PDWORD InfoBufferRetSize,
247  _Reserved_ PVOID pReserved);
248 
249 WINADVAPI
250 BOOL
251 WINAPI
253  _In_ DWORD dwNumProperties,
254  _In_reads_opt_(dwNumProperties) PSAFER_CODE_PROPERTIES pCodeProperties,
255  _Outptr_ SAFER_LEVEL_HANDLE *pLevelHandle,
256  _Reserved_ PVOID pReserved);
257 
258 WINADVAPI
259 BOOL
260 WINAPI
262  _In_ PCWSTR szFullPath,
263  _In_ BOOLEAN bFromShellExecute);
264 
265 WINADVAPI
266 BOOL
267 WINAPI
269  _In_ SAFER_LEVEL_HANDLE hLevel,
270  _In_ PCWSTR szTargetPath,
271  _Reserved_ PVOID pReserved);
272 
273 WINADVAPI
274 BOOL
275 WINAPI
277  _In_ SAFER_LEVEL_HANDLE LevelHandle,
278  _In_ SAFER_OBJECT_INFO_CLASS dwInfoType,
279  _In_reads_bytes_(dwInBufferSize) PVOID pQueryBuffer,
280  _In_ DWORD dwInBufferSize);
281 
282 WINADVAPI
283 BOOL
284 WINAPI
286  _In_ DWORD dwScopeId,
287  _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,
288  _In_ DWORD InfoBufferSize,
289  _In_reads_bytes_(InfoBufferSize) PVOID InfoBuffer,
290  _Reserved_ PVOID pReserved);
291 
292 
293 #define SRP_POLICY_EXE L"EXE"
294 #define SRP_POLICY_DLL L"DLL"
295 #define SRP_POLICY_MSI L"MSI"
296 #define SRP_POLICY_SCRIPT L"SCRIPT"
297 #define SRP_POLICY_SHELL L"SHELL"
298 #define SRP_POLICY_NOV2 L"IGNORESRPV2"
299 #define SRP_POLICY_APPX L"APPX"
300 #define SRP_POLICY_WLDPMSI L"WLDPMSI"
301 #define SRP_POLICY_WLDPSCRIPT L"WLDPSCRIPT"
302 
303 #ifdef __cplusplus
304 } /* extern "C" */
305 #endif /* __cplusplus */
306 
307 #endif /* _WINSAFER_H */
BYTE ImageHash[SAFER_MAX_HASH_SIZE]
Definition: winsafer.h:188
struct _SAFER_HASH_IDENTIFICATION * PSAFER_HASH_IDENTIFICATION
const uint16_t * PCWSTR
Definition: typedefs.h:55
struct _SAFER_PATHNAME_IDENTIFICATION SAFER_PATHNAME_IDENTIFICATION
struct _SAFER_HASH_IDENTIFICATION2 * PSAFER_HASH_IDENTIFICATION2
unsigned int ALG_ID
Definition: wincrypt.h:45
struct _SAFER_IDENTIFICATION_HEADER SAFER_IDENTIFICATION_HEADER
WINADVAPI BOOL WINAPI SaferSetLevelInformation(_In_ SAFER_LEVEL_HANDLE LevelHandle, _In_ SAFER_OBJECT_INFO_CLASS dwInfoType, _In_reads_bytes_(dwInBufferSize) PVOID pQueryBuffer, _In_ DWORD dwInBufferSize)
#define WINADVAPI
Definition: wincred.h:29
SAFER_CODE_PROPERTIES_V1 * PSAFER_CODE_PROPERTIES
Definition: winsafer.h:111
SAFER_IDENTIFICATION_HEADER header
Definition: winsafer.h:166
WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE]
Definition: winsafer.h:167
#define SAFER_MAX_DESCRIPTION_SIZE
Definition: winsafer.h:46
struct _SAFER_HASH_IDENTIFICATION2 SAFER_HASH_IDENTIFICATION2
WINADVAPI BOOL WINAPI SaferiIsExecutableFileType(_In_ PCWSTR szFullPath, _In_ BOOLEAN bFromShellExecute)
WCHAR FriendlyName[SAFER_MAX_FRIENDLYNAME_SIZE]
Definition: winsafer.h:176
WINADVAPI BOOL WINAPI SaferGetLevelInformation(_In_ SAFER_LEVEL_HANDLE LevelHandle, _In_ SAFER_OBJECT_INFO_CLASS dwInfoType, _Out_writes_bytes_opt_(dwInBufferSize) PVOID pQueryBuffer, _In_ DWORD dwInBufferSize, _Out_ PDWORD pdwOutBufferSize)
#define _Outptr_
Definition: no_sal2.h:396
struct _SAFER_CODE_PROPERTIES_V2 * PSAFER_CODE_PROPERTIES_V2
struct _SAFER_IDENTIFICATION_HEADER * PSAFER_IDENTIFICATION_HEADER
uint16_t * PWCHAR
Definition: typedefs.h:54
BYTE ImageHash[SAFER_MAX_HASH_SIZE]
Definition: winsafer.h:178
WINADVAPI BOOL WINAPI SaferComputeTokenFromLevel(_In_ SAFER_LEVEL_HANDLE LevelHandle, _In_opt_ HANDLE InAccessToken, _Out_ PHANDLE OutAccessToken, _In_ DWORD dwFlags, _Inout_opt_ PVOID pReserved)
Definition: safer.c:150
WINADVAPI BOOL WINAPI SaferCreateLevel(_In_ DWORD dwScopeId, _In_ DWORD dwLevelId, _In_ DWORD OpenFlags, _Outptr_ SAFER_LEVEL_HANDLE *pLevelHandle, _Reserved_ PVOID pReserved)
Definition: safer.c:23
#define _In_opt_
Definition: no_sal2.h:213
LARGE_INTEGER ImageSize
Definition: winsafer.h:180
_SAFER_IDENTIFICATION_TYPES
Definition: winsafer.h:145
SAFER_IDENTIFICATION_HEADER header
Definition: winsafer.h:174
WINADVAPI BOOL WINAPI SaferRecordEventLogEntry(_In_ SAFER_LEVEL_HANDLE hLevel, _In_ PCWSTR szTargetPath, _Reserved_ PVOID pReserved)
Definition: safer.c:170
unsigned int BOOL
Definition: ntddk_ex.h:94
WINADVAPI BOOL WINAPI SaferCloseLevel(_In_ SAFER_LEVEL_HANDLE hLevelHandle)
Definition: safer.c:80
unsigned char BOOLEAN
#define _Out_writes_bytes_opt_(a)
Definition: btrfs_drv.h:193
enum _SAFER_IDENTIFICATION_TYPES SAFER_IDENTIFICATION_TYPES
#define _Out_
Definition: no_sal2.h:323
enum _SAFER_POLICY_INFO_CLASS SAFER_POLICY_INFO_CLASS
SAFER_HASH_IDENTIFICATION hashIdentification
Definition: winsafer.h:186
struct _SAFER_CODE_PROPERTIES_V1 * PSAFER_CODE_PROPERTIES_V1
SAFER_CODE_PROPERTIES_V1 SAFER_CODE_PROPERTIES
Definition: winsafer.h:111
_SAFER_POLICY_INFO_CLASS
Definition: winsafer.h:134
SAFER_IDENTIFICATION_TYPES dwIdentificationType
Definition: winsafer.h:158
__wchar_t WCHAR
Definition: xmlstorage.h:180
struct _SAFER_HASH_IDENTIFICATION SAFER_HASH_IDENTIFICATION
#define WINAPI
Definition: msvc.h:8
SAFER_IDENTIFICATION_HEADER header
Definition: winsafer.h:194
unsigned long DWORD
Definition: ntddk_ex.h:95
unsigned __int64 ULONG64
Definition: imports.h:198
#define _Reserved_
Definition: no_sal2.h:573
_In_ PCCERT_CONTEXT _In_ DWORD dwFlags
Definition: wincrypt.h:1175
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:414
struct _SAFER_CODE_PROPERTIES_V1 SAFER_CODE_PROPERTIES_V1
unsigned char BYTE
Definition: mem.h:68
DECLARE_HANDLE(SAFER_LEVEL_HANDLE)
#define _In_reads_bytes_(size)
Definition: no_sal2.h:229
#define _In_
Definition: no_sal2.h:204
WINADVAPI BOOL WINAPI SaferSetPolicyInformation(_In_ DWORD dwScopeId, _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass, _In_ DWORD InfoBufferSize, _In_reads_bytes_(InfoBufferSize) PVOID InfoBuffer, _Reserved_ PVOID pReserved)
struct _SAFER_URLZONE_IDENTIFICATION SAFER_URLZONE_IDENTIFICATION
BYTE ImageHash[SAFER_MAX_HASH_SIZE]
Definition: winsafer.h:85
#define SAFER_MAX_FRIENDLYNAME_SIZE
Definition: winsafer.h:47
DWORD * PDWORD
Definition: pedump.c:68
#define SAFER_MAX_HASH_SIZE
Definition: winsafer.h:45
#define _In_reads_opt_(size)
Definition: no_sal2.h:231
WINADVAPI BOOL WINAPI SaferGetPolicyInformation(_In_ DWORD dwScopeId, _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass, _In_ DWORD InfoBufferSize, _Out_writes_bytes_opt_(InfoBufferSize) PVOID InfoBuffer, _Out_ PDWORD InfoBufferRetSize, _Reserved_ PVOID pReserved)
Definition: safer.c:119
struct _SAFER_CODE_PROPERTIES_V2 SAFER_CODE_PROPERTIES_V2
WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE]
Definition: winsafer.h:175
struct _SAFER_PATHNAME_IDENTIFICATION * PSAFER_PATHNAME_IDENTIFICATION
struct _SAFER_URLZONE_IDENTIFICATION * PSAFER_URLZONE_IDENTIFICATION
enum _SAFER_OBJECT_INFO_CLASS SAFER_OBJECT_INFO_CLASS
LARGE_INTEGER ImageSize
Definition: winsafer.h:87
BYTE * PBYTE
Definition: pedump.c:66
_SAFER_OBJECT_INFO_CLASS
Definition: winsafer.h:114
#define _Inout_opt_
Definition: no_sal2.h:258
WINADVAPI BOOL WINAPI SaferIdentifyLevel(_In_ DWORD dwNumProperties, _In_reads_opt_(dwNumProperties) PSAFER_CODE_PROPERTIES pCodeProperties, _Outptr_ SAFER_LEVEL_HANDLE *pLevelHandle, _Reserved_ PVOID pReserved)
Definition: safer.c:43