sdk/include/psdk/winsafer.h at master · huwcampbell.com/reactos

Reactos
reactos / sdk / include / psdk / winsafer.h
at master 307 lines 8.5 kB view raw
wrap content
Colin Finck Git conversion: Make reactos the root directory, move rosapps, rostests, wallpapers into modules, and delete rossubsys. 8y ago
c2c66aff
  1/*
  2 * winsafer.h
  3 *
  4 * This file is part of the ReactOS PSDK package.
  5 *
  6 * Contributors:
  7 *   Thomas Faber (thomas.faber@reactos.org)
  8 *
  9 * THIS SOFTWARE IS NOT COPYRIGHTED
 10 *
 11 * This source code is offered for use in the public domain. You may
 12 * use, modify or distribute it freely.
 13 *
 14 * This code is distributed in the hope that it will be useful but
 15 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
 16 * DISCLAIMED. This includes but is not limited to warranties of
 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 18 *
 19 */
 20#pragma once
 21
 22#ifndef _WINSAFER_H
 23#define _WINSAFER_H
 24
 25#include <guiddef.h>
 26#include <wincrypt.h>
 27
 28#ifdef __cplusplus
 29extern "C" {
 30#endif /* __cplusplus */
 31
 32DECLARE_HANDLE(SAFER_LEVEL_HANDLE);
 33
 34#define SAFER_SCOPEID_MACHINE 1
 35#define SAFER_SCOPEID_USER    2
 36
 37#define SAFER_LEVELID_DISALLOWED   0x00000
 38#define SAFER_LEVELID_UNTRUSTED    0x01000
 39#define SAFER_LEVELID_CONSTRAINED  0x10000
 40#define SAFER_LEVELID_NORMALUSER   0x20000
 41#define SAFER_LEVELID_FULLYTRUSTED 0x40000
 42
 43#define SAFER_LEVEL_OPEN 1
 44
 45#define SAFER_MAX_HASH_SIZE          64
 46#define SAFER_MAX_DESCRIPTION_SIZE  256
 47#define SAFER_MAX_FRIENDLYNAME_SIZE 256
 48
 49#define SAFER_TOKEN_NULL_IF_EQUAL 0x1
 50#define SAFER_TOKEN_COMPARE_ONLY  0x2
 51#define SAFER_TOKEN_MAKE_INERT    0x4
 52#define SAFER_TOKEN_WANT_FLAGS    0x8
 53
 54#define SAFER_CRITERIA_IMAGEPATH    0x0001
 55#define SAFER_CRITERIA_NOSIGNEDHASH 0x0002
 56#define SAFER_CRITERIA_IMAGEHASH    0x0004
 57#define SAFER_CRITERIA_AUTHENTICODE 0x0008
 58#define SAFER_CRITERIA_URLZONE      0x0010
 59#define SAFER_CRITERIA_APPX_PACKAGE 0x0020
 60#define SAFER_CRITERIA_IMAGEPATH_NT 0x1000
 61
 62#define SAFER_POLICY_JOBID_UNTRUSTED            0x03000000
 63#define SAFER_POLICY_JOBID_CONSTRAINED          0x04000000
 64#define SAFER_POLICY_JOBID_MASK                 0xFF000000
 65#define SAFER_POLICY_ONLY_EXES                  0x00010000
 66#define SAFER_POLICY_SANDBOX_INERT              0x00020000
 67#define SAFER_POLICY_HASH_DUPLICATE             0x00040000
 68#define SAFER_POLICY_ONLY_AUDIT                 0x00001000
 69#define SAFER_POLICY_BLOCK_CLIENT_UI            0x00002000
 70#define SAFER_POLICY_UIFLAGS_INFORMATION_PROMPT 0x00000001
 71#define SAFER_POLICY_UIFLAGS_OPTION_PROMPT      0x00000002
 72#define SAFER_POLICY_UIFLAGS_HIDDEN             0x00000004
 73#define SAFER_POLICY_UIFLAGS_MASK               0x000000FF
 74
 75
 76#include <pshpack8.h>
 77
 78typedef struct _SAFER_CODE_PROPERTIES_V1
 79{
 80    DWORD cbSize;
 81    DWORD dwCheckFlags;
 82    PCWSTR ImagePath;
 83    HANDLE hImageFileHandle;
 84    DWORD UrlZoneId;
 85    BYTE ImageHash[SAFER_MAX_HASH_SIZE];
 86    DWORD dwImageHashSize;
 87    LARGE_INTEGER ImageSize;
 88    ALG_ID HashAlgorithm;
 89    PBYTE pByteBlock;
 90    HWND hWndParent;
 91    DWORD dwWVTUIChoice;
 92} SAFER_CODE_PROPERTIES_V1, *PSAFER_CODE_PROPERTIES_V1;
 93
 94typedef struct _SAFER_CODE_PROPERTIES_V2
 95{
 96    SAFER_CODE_PROPERTIES_V1;
 97    PCWSTR PackageMoniker;
 98    PCWSTR PackagePublisher;
 99    PCWSTR PackageName;
100    ULONG64 PackageVersion;
101    BOOL PackageIsFramework;
102} SAFER_CODE_PROPERTIES_V2, *PSAFER_CODE_PROPERTIES_V2;
103
104#include <poppack.h>
105
106/* NOTE: MS defines SAFER_CODE_PROPERTIES as V2 unconditionally,
107 * which is... not smart */
108#if _WIN32_WINNT >= 0x602
109typedef SAFER_CODE_PROPERTIES_V2 SAFER_CODE_PROPERTIES, *PSAFER_CODE_PROPERTIES;
110#else /* _WIN32_WINNT */
111typedef SAFER_CODE_PROPERTIES_V1 SAFER_CODE_PROPERTIES, *PSAFER_CODE_PROPERTIES;
112#endif /* _WIN32_WINNT */
113
114typedef enum _SAFER_OBJECT_INFO_CLASS
115{
116    SaferObjectLevelId = 1,
117    SaferObjectScopeId = 2,
118    SaferObjectFriendlyName = 3,
119    SaferObjectDescription = 4,
120    SaferObjectBuiltin = 5,
121    SaferObjectDisallowed = 6,
122    SaferObjectDisableMaxPrivilege = 7,
123    SaferObjectInvertDeletedPrivileges = 8,
124    SaferObjectDeletedPrivileges = 9,
125    SaferObjectDefaultOwner = 10,
126    SaferObjectSidsToDisable = 11,
127    SaferObjectRestrictedSidsInverted = 12,
128    SaferObjectRestrictedSidsAdded = 13,
129    SaferObjectAllIdentificationGuids = 14,
130    SaferObjectSingleIdentification = 15,
131    SaferObjectExtendedError = 16,
132} SAFER_OBJECT_INFO_CLASS;
133
134typedef enum _SAFER_POLICY_INFO_CLASS
135{
136    SaferPolicyLevelList = 1,
137    SaferPolicyEnableTransparentEnforcement = 2,
138    SaferPolicyDefaultLevel = 3,
139    SaferPolicyEvaluateUserScope = 4,
140    SaferPolicyScopeFlags = 5,
141    SaferPolicyDefaultLevelFlags = 6,
142    SaferPolicyAuthenticodeEnabled = 7,
143} SAFER_POLICY_INFO_CLASS;
144
145typedef enum _SAFER_IDENTIFICATION_TYPES
146{
147    SaferIdentityDefault = 0,
148    SaferIdentityTypeImageName = 1,
149    SaferIdentityTypeImageHash = 2,
150    SaferIdentityTypeUrlZone = 3,
151    SaferIdentityTypeCertificate = 4,
152} SAFER_IDENTIFICATION_TYPES;
153
154#include <pshpack8.h>
155
156typedef struct _SAFER_IDENTIFICATION_HEADER
157{
158    SAFER_IDENTIFICATION_TYPES dwIdentificationType;
159    DWORD cbStructSize;
160    GUID IdentificationGuid;
161    FILETIME lastModified;
162} SAFER_IDENTIFICATION_HEADER, *PSAFER_IDENTIFICATION_HEADER;
163
164typedef struct _SAFER_PATHNAME_IDENTIFICATION
165{
166    SAFER_IDENTIFICATION_HEADER header;
167    WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE];
168    PWCHAR ImageName;
169    DWORD dwSaferFlags;
170} SAFER_PATHNAME_IDENTIFICATION, *PSAFER_PATHNAME_IDENTIFICATION;
171
172typedef struct _SAFER_HASH_IDENTIFICATION
173{
174    SAFER_IDENTIFICATION_HEADER header;
175    WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE];
176    WCHAR FriendlyName[SAFER_MAX_FRIENDLYNAME_SIZE];
177    DWORD HashSize;
178    BYTE ImageHash[SAFER_MAX_HASH_SIZE];
179    ALG_ID HashAlgorithm;
180    LARGE_INTEGER ImageSize;
181    DWORD dwSaferFlags;
182} SAFER_HASH_IDENTIFICATION, *PSAFER_HASH_IDENTIFICATION;
183
184typedef struct _SAFER_HASH_IDENTIFICATION2
185{
186    SAFER_HASH_IDENTIFICATION hashIdentification;
187    DWORD HashSize;
188    BYTE ImageHash[SAFER_MAX_HASH_SIZE];
189    ALG_ID HashAlgorithm;
190} SAFER_HASH_IDENTIFICATION2, *PSAFER_HASH_IDENTIFICATION2;
191
192typedef struct _SAFER_URLZONE_IDENTIFICATION
193{
194    SAFER_IDENTIFICATION_HEADER header;
195    DWORD UrlZoneId;
196    DWORD dwSaferFlags;
197} SAFER_URLZONE_IDENTIFICATION, *PSAFER_URLZONE_IDENTIFICATION;
198
199#include <poppack.h>
200
201
202WINADVAPI
203BOOL
204WINAPI
205SaferCloseLevel(
206    _In_ SAFER_LEVEL_HANDLE hLevelHandle);
207
208WINADVAPI
209BOOL
210WINAPI
211SaferComputeTokenFromLevel(
212    _In_ SAFER_LEVEL_HANDLE LevelHandle,
213    _In_opt_ HANDLE InAccessToken,
214    _Out_ PHANDLE OutAccessToken,
215    _In_ DWORD dwFlags,
216    _Inout_opt_ PVOID pReserved);
217
218WINADVAPI
219BOOL
220WINAPI
221SaferCreateLevel(
222    _In_ DWORD dwScopeId,
223    _In_ DWORD dwLevelId,
224    _In_ DWORD OpenFlags,
225    _Outptr_ SAFER_LEVEL_HANDLE *pLevelHandle,
226    _Reserved_ PVOID pReserved);
227
228WINADVAPI
229BOOL
230WINAPI
231SaferGetLevelInformation(
232    _In_ SAFER_LEVEL_HANDLE LevelHandle,
233    _In_ SAFER_OBJECT_INFO_CLASS dwInfoType,
234    _Out_writes_bytes_opt_(dwInBufferSize) PVOID pQueryBuffer,
235    _In_ DWORD dwInBufferSize,
236    _Out_ PDWORD pdwOutBufferSize);
237
238WINADVAPI
239BOOL
240WINAPI
241SaferGetPolicyInformation(
242    _In_ DWORD dwScopeId,
243    _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,
244    _In_ DWORD InfoBufferSize,
245    _Out_writes_bytes_opt_(InfoBufferSize) PVOID InfoBuffer,
246    _Out_ PDWORD InfoBufferRetSize,
247    _Reserved_ PVOID pReserved);
248
249WINADVAPI
250BOOL
251WINAPI
252SaferIdentifyLevel(
253    _In_ DWORD dwNumProperties,
254    _In_reads_opt_(dwNumProperties) PSAFER_CODE_PROPERTIES pCodeProperties,
255    _Outptr_ SAFER_LEVEL_HANDLE *pLevelHandle,
256    _Reserved_ PVOID pReserved);
257
258WINADVAPI
259BOOL
260WINAPI
261SaferiIsExecutableFileType(
262    _In_ PCWSTR szFullPath,
263    _In_ BOOLEAN bFromShellExecute);
264
265WINADVAPI
266BOOL
267WINAPI
268SaferRecordEventLogEntry(
269    _In_ SAFER_LEVEL_HANDLE hLevel,
270    _In_ PCWSTR szTargetPath,
271    _Reserved_ PVOID pReserved);
272
273WINADVAPI
274BOOL
275WINAPI
276SaferSetLevelInformation(
277    _In_ SAFER_LEVEL_HANDLE LevelHandle,
278    _In_ SAFER_OBJECT_INFO_CLASS dwInfoType,
279    _In_reads_bytes_(dwInBufferSize) PVOID pQueryBuffer,
280    _In_ DWORD dwInBufferSize);
281
282WINADVAPI
283BOOL
284WINAPI
285SaferSetPolicyInformation(
286    _In_ DWORD dwScopeId,
287    _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,
288    _In_ DWORD InfoBufferSize,
289    _In_reads_bytes_(InfoBufferSize) PVOID InfoBuffer,
290    _Reserved_ PVOID pReserved);
291
292
293#define SRP_POLICY_EXE        L"EXE"
294#define SRP_POLICY_DLL        L"DLL"
295#define SRP_POLICY_MSI        L"MSI"
296#define SRP_POLICY_SCRIPT     L"SCRIPT"
297#define SRP_POLICY_SHELL      L"SHELL"
298#define SRP_POLICY_NOV2       L"IGNORESRPV2"
299#define SRP_POLICY_APPX       L"APPX"
300#define SRP_POLICY_WLDPMSI    L"WLDPMSI"
301#define SRP_POLICY_WLDPSCRIPT L"WLDPSCRIPT"
302
303#ifdef __cplusplus
304} /* extern "C" */
305#endif /* __cplusplus */
306
307#endif /* _WINSAFER_H */