| 1 | /**
|
|---|
| 2 | * This file has no copyright assigned and is placed in the Public Domain.
|
|---|
| 3 | * This file is part of the mingw-w64 runtime package.
|
|---|
| 4 | * No warranty is given; refer to the file DISCLAIMER.PD within this package.
|
|---|
| 5 | */
|
|---|
| 6 | #ifndef _WINSAFER_H
|
|---|
| 7 | #define _WINSAFER_H
|
|---|
| 8 |
|
|---|
| 9 | #include <guiddef.h>
|
|---|
| 10 | #include <wincrypt.h>
|
|---|
| 11 |
|
|---|
| 12 | #ifdef __cplusplus
|
|---|
| 13 | extern "C" {
|
|---|
| 14 | #endif
|
|---|
| 15 |
|
|---|
| 16 | DECLARE_HANDLE(SAFER_LEVEL_HANDLE);
|
|---|
| 17 |
|
|---|
| 18 | #define SAFER_SCOPEID_MACHINE 1
|
|---|
| 19 | #define SAFER_SCOPEID_USER 2
|
|---|
| 20 |
|
|---|
| 21 | #define SAFER_LEVELID_FULLYTRUSTED 0x40000
|
|---|
| 22 | #define SAFER_LEVELID_NORMALUSER 0x20000
|
|---|
| 23 | #define SAFER_LEVELID_CONSTRAINED 0x10000
|
|---|
| 24 | #define SAFER_LEVELID_UNTRUSTED 0x01000
|
|---|
| 25 | #define SAFER_LEVELID_DISALLOWED 0x00000
|
|---|
| 26 |
|
|---|
| 27 | #define SAFER_LEVEL_OPEN 1
|
|---|
| 28 |
|
|---|
| 29 | #define SAFER_MAX_FRIENDLYNAME_SIZE 256
|
|---|
| 30 | #define SAFER_MAX_DESCRIPTION_SIZE 256
|
|---|
| 31 | #define SAFER_MAX_HASH_SIZE 64
|
|---|
| 32 |
|
|---|
| 33 | #define SAFER_TOKEN_NULL_IF_EQUAL 0x00000001
|
|---|
| 34 | #define SAFER_TOKEN_COMPARE_ONLY 0x00000002
|
|---|
| 35 | #define SAFER_TOKEN_MAKE_INERT 0x00000004
|
|---|
| 36 | #define SAFER_TOKEN_WANT_FLAGS 0x00000008
|
|---|
| 37 |
|
|---|
| 38 | #define SAFER_CRITERIA_IMAGEPATH 0x00001
|
|---|
| 39 | #define SAFER_CRITERIA_NOSIGNEDHASH 0x00002
|
|---|
| 40 | #define SAFER_CRITERIA_IMAGEHASH 0x00004
|
|---|
| 41 | #define SAFER_CRITERIA_AUTHENTICODE 0x00008
|
|---|
| 42 | #define SAFER_CRITERIA_URLZONE 0x00010
|
|---|
| 43 | #define SAFER_CRITERIA_IMAGEPATH_NT 0x01000
|
|---|
| 44 |
|
|---|
| 45 | #include <pshpack8.h>
|
|---|
| 46 |
|
|---|
| 47 | typedef struct _SAFER_CODE_PROPERTIES {
|
|---|
| 48 | DWORD cbSize;
|
|---|
| 49 | DWORD dwCheckFlags;
|
|---|
| 50 | LPCWSTR ImagePath;
|
|---|
| 51 | HANDLE hImageFileHandle;
|
|---|
| 52 | DWORD UrlZoneId;
|
|---|
| 53 | BYTE ImageHash[SAFER_MAX_HASH_SIZE];
|
|---|
| 54 | DWORD dwImageHashSize;
|
|---|
| 55 | LARGE_INTEGER ImageSize;
|
|---|
| 56 | ALG_ID HashAlgorithm;
|
|---|
| 57 | LPBYTE pByteBlock;
|
|---|
| 58 | HWND hWndParent;
|
|---|
| 59 | DWORD dwWVTUIChoice;
|
|---|
| 60 | } SAFER_CODE_PROPERTIES,*PSAFER_CODE_PROPERTIES;
|
|---|
| 61 |
|
|---|
| 62 | #include <poppack.h>
|
|---|
| 63 |
|
|---|
| 64 | #define SAFER_POLICY_JOBID_MASK 0xFF000000
|
|---|
| 65 | #define SAFER_POLICY_JOBID_CONSTRAINED 0x04000000
|
|---|
| 66 | #define SAFER_POLICY_JOBID_UNTRUSTED 0x03000000
|
|---|
| 67 | #define SAFER_POLICY_ONLY_EXES 0x00010000
|
|---|
| 68 | #define SAFER_POLICY_SANDBOX_INERT 0x00020000
|
|---|
| 69 | #define SAFER_POLICY_HASH_DUPLICATE 0x00040000
|
|---|
| 70 | #define SAFER_POLICY_UIFLAGS_MASK 0x000000FF
|
|---|
| 71 | #define SAFER_POLICY_UIFLAGS_INFORMATION_PROMPT 0x00000001
|
|---|
| 72 | #define SAFER_POLICY_UIFLAGS_OPTION_PROMPT 0x00000002
|
|---|
| 73 | #define SAFER_POLICY_UIFLAGS_HIDDEN 0x00000004
|
|---|
| 74 |
|
|---|
| 75 | typedef enum _SAFER_POLICY_INFO_CLASS {
|
|---|
| 76 | SaferPolicyLevelList = 1,SaferPolicyEnableTransparentEnforcement,SaferPolicyDefaultLevel,SaferPolicyEvaluateUserScope,SaferPolicyScopeFlags
|
|---|
| 77 | } SAFER_POLICY_INFO_CLASS;
|
|---|
| 78 |
|
|---|
| 79 | typedef enum _SAFER_OBJECT_INFO_CLASS {
|
|---|
| 80 | SaferObjectLevelId = 1,SaferObjectScopeId,SaferObjectFriendlyName,SaferObjectDescription,SaferObjectBuiltin,SaferObjectDisallowed,
|
|---|
| 81 | SaferObjectDisableMaxPrivilege,SaferObjectInvertDeletedPrivileges,SaferObjectDeletedPrivileges,SaferObjectDefaultOwner,SaferObjectSidsToDisable,
|
|---|
| 82 | SaferObjectRestrictedSidsInverted,SaferObjectRestrictedSidsAdded,SaferObjectAllIdentificationGuids,SaferObjectSingleIdentification,
|
|---|
| 83 | SaferObjectExtendedError
|
|---|
| 84 | } SAFER_OBJECT_INFO_CLASS;
|
|---|
| 85 |
|
|---|
| 86 | #include <pshpack8.h>
|
|---|
| 87 |
|
|---|
| 88 | typedef enum _SAFER_IDENTIFICATION_TYPES {
|
|---|
| 89 | SaferIdentityDefault,SaferIdentityTypeImageName = 1,SaferIdentityTypeImageHash,SaferIdentityTypeUrlZone,SaferIdentityTypeCertificate
|
|---|
| 90 | } SAFER_IDENTIFICATION_TYPES;
|
|---|
| 91 |
|
|---|
| 92 | typedef struct _SAFER_IDENTIFICATION_HEADER {
|
|---|
| 93 | SAFER_IDENTIFICATION_TYPES dwIdentificationType;
|
|---|
| 94 | DWORD cbStructSize;
|
|---|
| 95 | GUID IdentificationGuid;
|
|---|
| 96 | FILETIME lastModified;
|
|---|
| 97 | } SAFER_IDENTIFICATION_HEADER,*PSAFER_IDENTIFICATION_HEADER;
|
|---|
| 98 |
|
|---|
| 99 | typedef struct _SAFER_PATHNAME_IDENTIFICATION {
|
|---|
| 100 | SAFER_IDENTIFICATION_HEADER header;
|
|---|
| 101 | WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE];
|
|---|
| 102 | PWCHAR ImageName;
|
|---|
| 103 | DWORD dwSaferFlags;
|
|---|
| 104 | } SAFER_PATHNAME_IDENTIFICATION,*PSAFER_PATHNAME_IDENTIFICATION;
|
|---|
| 105 |
|
|---|
| 106 | typedef struct _SAFER_HASH_IDENTIFICATION {
|
|---|
| 107 | SAFER_IDENTIFICATION_HEADER header;
|
|---|
| 108 | WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE];
|
|---|
| 109 | WCHAR FriendlyName[SAFER_MAX_FRIENDLYNAME_SIZE];
|
|---|
| 110 | DWORD HashSize;
|
|---|
| 111 | BYTE ImageHash[SAFER_MAX_HASH_SIZE];
|
|---|
| 112 | ALG_ID HashAlgorithm;
|
|---|
| 113 | LARGE_INTEGER ImageSize;
|
|---|
| 114 | DWORD dwSaferFlags;
|
|---|
| 115 | } SAFER_HASH_IDENTIFICATION,*PSAFER_HASH_IDENTIFICATION;
|
|---|
| 116 |
|
|---|
| 117 | typedef struct _SAFER_URLZONE_IDENTIFICATION {
|
|---|
| 118 | SAFER_IDENTIFICATION_HEADER header;
|
|---|
| 119 | DWORD UrlZoneId;
|
|---|
| 120 | DWORD dwSaferFlags;
|
|---|
| 121 | } SAFER_URLZONE_IDENTIFICATION,*PSAFER_URLZONE_IDENTIFICATION;
|
|---|
| 122 |
|
|---|
| 123 | #include <poppack.h>
|
|---|
| 124 |
|
|---|
| 125 | WINADVAPI WINBOOL WINAPI SaferGetPolicyInformation(DWORD dwScopeId,SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,DWORD InfoBufferSize,PVOID InfoBuffer,PDWORD InfoBufferRetSize,LPVOID lpReserved);
|
|---|
| 126 | WINADVAPI WINBOOL WINAPI SaferSetPolicyInformation(DWORD dwScopeId,SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,DWORD InfoBufferSize,PVOID InfoBuffer,LPVOID lpReserved);
|
|---|
| 127 | WINADVAPI WINBOOL WINAPI SaferCreateLevel(DWORD dwScopeId,DWORD dwLevelId,DWORD OpenFlags,SAFER_LEVEL_HANDLE *pLevelHandle,LPVOID lpReserved);
|
|---|
| 128 | WINADVAPI WINBOOL WINAPI SaferCloseLevel(SAFER_LEVEL_HANDLE hLevelHandle);
|
|---|
| 129 | WINADVAPI WINBOOL WINAPI SaferIdentifyLevel(DWORD dwNumProperties,PSAFER_CODE_PROPERTIES pCodeProperties,SAFER_LEVEL_HANDLE *pLevelHandle,LPVOID lpReserved);
|
|---|
| 130 | WINADVAPI WINBOOL WINAPI SaferComputeTokenFromLevel(SAFER_LEVEL_HANDLE LevelHandle,HANDLE InAccessToken,PHANDLE OutAccessToken,DWORD dwFlags,LPVOID lpReserved);
|
|---|
| 131 | WINADVAPI WINBOOL WINAPI SaferGetLevelInformation(SAFER_LEVEL_HANDLE LevelHandle,SAFER_OBJECT_INFO_CLASS dwInfoType,LPVOID lpQueryBuffer,DWORD dwInBufferSize,LPDWORD lpdwOutBufferSize);
|
|---|
| 132 | WINADVAPI WINBOOL WINAPI SaferSetLevelInformation(SAFER_LEVEL_HANDLE LevelHandle,SAFER_OBJECT_INFO_CLASS dwInfoType,LPVOID lpQueryBuffer,DWORD dwInBufferSize);
|
|---|
| 133 | WINADVAPI WINBOOL WINAPI SaferRecordEventLogEntry(SAFER_LEVEL_HANDLE hLevel,LPCWSTR szTargetPath,LPVOID lpReserved);
|
|---|
| 134 | WINADVAPI WINBOOL WINAPI SaferiIsExecutableFileType(LPCWSTR szFullPathname,BOOLEAN bFromShellExecute);
|
|---|
| 135 |
|
|---|
| 136 | #ifdef __cplusplus
|
|---|
| 137 | }
|
|---|
| 138 | #endif
|
|---|
| 139 | #endif
|
|---|
