/*
- * Winsafer definitions
+ * winsafer.h
*
- * Copyright (C) 2009 Nikolay Sivov
+ * This file is part of the ReactOS PSDK package.
*
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
+ * Contributors:
+ * Thomas Faber (thomas.faber@reactos.org)
*
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
+ * THIS SOFTWARE IS NOT COPYRIGHTED
+ *
+ * This source code is offered for use in the public domain. You may
+ * use, modify or distribute it freely.
+ *
+ * This code is distributed in the hope that it will be useful but
+ * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
+ * DISCLAIMED. This includes but is not limited to warranties of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*/
+#pragma once
-#ifndef __WINE_WINSAFER_H
-#define __WINE_WINSAFER_H
+#ifndef _WINSAFER_H
+#define _WINSAFER_H
#include <guiddef.h>
#include <wincrypt.h>
#ifdef __cplusplus
extern "C" {
-#endif
+#endif /* __cplusplus */
DECLARE_HANDLE(SAFER_LEVEL_HANDLE);
-#define SAFER_SCOPEID_MACHINE 1
-#define SAFER_SCOPEID_USER 2
+#define SAFER_SCOPEID_MACHINE 1
+#define SAFER_SCOPEID_USER 2
#define SAFER_LEVELID_DISALLOWED 0x00000
#define SAFER_LEVELID_UNTRUSTED 0x01000
#define SAFER_LEVELID_NORMALUSER 0x20000
#define SAFER_LEVELID_FULLYTRUSTED 0x40000
-#define SAFER_LEVEL_OPEN 1
+#define SAFER_LEVEL_OPEN 1
+
+#define SAFER_MAX_HASH_SIZE 64
+#define SAFER_MAX_DESCRIPTION_SIZE 256
+#define SAFER_MAX_FRIENDLYNAME_SIZE 256
+
+#define SAFER_TOKEN_NULL_IF_EQUAL 0x1
+#define SAFER_TOKEN_COMPARE_ONLY 0x2
+#define SAFER_TOKEN_MAKE_INERT 0x4
+#define SAFER_TOKEN_WANT_FLAGS 0x8
+
+#define SAFER_CRITERIA_IMAGEPATH 0x0001
+#define SAFER_CRITERIA_NOSIGNEDHASH 0x0002
+#define SAFER_CRITERIA_IMAGEHASH 0x0004
+#define SAFER_CRITERIA_AUTHENTICODE 0x0008
+#define SAFER_CRITERIA_URLZONE 0x0010
+#define SAFER_CRITERIA_APPX_PACKAGE 0x0020
+#define SAFER_CRITERIA_IMAGEPATH_NT 0x1000
+
+#define SAFER_POLICY_JOBID_UNTRUSTED 0x03000000
+#define SAFER_POLICY_JOBID_CONSTRAINED 0x04000000
+#define SAFER_POLICY_JOBID_MASK 0xFF000000
+#define SAFER_POLICY_ONLY_EXES 0x00010000
+#define SAFER_POLICY_SANDBOX_INERT 0x00020000
+#define SAFER_POLICY_HASH_DUPLICATE 0x00040000
+#define SAFER_POLICY_ONLY_AUDIT 0x00001000
+#define SAFER_POLICY_BLOCK_CLIENT_UI 0x00002000
+#define SAFER_POLICY_UIFLAGS_INFORMATION_PROMPT 0x00000001
+#define SAFER_POLICY_UIFLAGS_OPTION_PROMPT 0x00000002
+#define SAFER_POLICY_UIFLAGS_HIDDEN 0x00000004
+#define SAFER_POLICY_UIFLAGS_MASK 0x000000FF
+
+
+#include <pshpack8.h>
-WINADVAPI BOOL WINAPI SaferCreateLevel(DWORD,DWORD,DWORD,SAFER_LEVEL_HANDLE*,LPVOID);
+typedef struct _SAFER_CODE_PROPERTIES_V1
+{
+ DWORD cbSize;
+ DWORD dwCheckFlags;
+ PCWSTR ImagePath;
+ HANDLE hImageFileHandle;
+ DWORD UrlZoneId;
+ BYTE ImageHash[SAFER_MAX_HASH_SIZE];
+ DWORD dwImageHashSize;
+ LARGE_INTEGER ImageSize;
+ ALG_ID HashAlgorithm;
+ PBYTE pByteBlock;
+ HWND hWndParent;
+ DWORD dwWVTUIChoice;
+} SAFER_CODE_PROPERTIES_V1, *PSAFER_CODE_PROPERTIES_V1;
-typedef enum _SAFER_POLICY_INFO_CLASS {
+typedef struct _SAFER_CODE_PROPERTIES_V2
+{
+ SAFER_CODE_PROPERTIES_V1;
+ PCWSTR PackageMoniker;
+ PCWSTR PackagePublisher;
+ PCWSTR PackageName;
+ ULONG64 PackageVersion;
+ BOOL PackageIsFramework;
+} SAFER_CODE_PROPERTIES_V2, *PSAFER_CODE_PROPERTIES_V2;
+
+#include <poppack.h>
+
+/* NOTE: MS defines SAFER_CODE_PROPERTIES as V2 unconditionally,
+ * which is... not smart */
+#if _WIN32_WINNT >= 0x602
+typedef SAFER_CODE_PROPERTIES_V2 SAFER_CODE_PROPERTIES, *PSAFER_CODE_PROPERTIES;
+#else /* _WIN32_WINNT */
+typedef SAFER_CODE_PROPERTIES_V1 SAFER_CODE_PROPERTIES, *PSAFER_CODE_PROPERTIES;
+#endif /* _WIN32_WINNT */
+
+typedef enum _SAFER_OBJECT_INFO_CLASS
+{
+ SaferObjectLevelId = 1,
+ SaferObjectScopeId = 2,
+ SaferObjectFriendlyName = 3,
+ SaferObjectDescription = 4,
+ SaferObjectBuiltin = 5,
+ SaferObjectDisallowed = 6,
+ SaferObjectDisableMaxPrivilege = 7,
+ SaferObjectInvertDeletedPrivileges = 8,
+ SaferObjectDeletedPrivileges = 9,
+ SaferObjectDefaultOwner = 10,
+ SaferObjectSidsToDisable = 11,
+ SaferObjectRestrictedSidsInverted = 12,
+ SaferObjectRestrictedSidsAdded = 13,
+ SaferObjectAllIdentificationGuids = 14,
+ SaferObjectSingleIdentification = 15,
+ SaferObjectExtendedError = 16,
+} SAFER_OBJECT_INFO_CLASS;
+
+typedef enum _SAFER_POLICY_INFO_CLASS
+{
SaferPolicyLevelList = 1,
- SaferPolicyEnableTransparentEnforcement,
- SaferPolicyDefaultLevel,
- SaferPolicyEvaluateUserScope,
- SaferPolicyScopeFlags
+ SaferPolicyEnableTransparentEnforcement = 2,
+ SaferPolicyDefaultLevel = 3,
+ SaferPolicyEvaluateUserScope = 4,
+ SaferPolicyScopeFlags = 5,
+ SaferPolicyDefaultLevelFlags = 6,
+ SaferPolicyAuthenticodeEnabled = 7,
} SAFER_POLICY_INFO_CLASS;
-WINADVAPI BOOL WINAPI SaferGetPolicyInformation(DWORD,SAFER_POLICY_INFO_CLASS,DWORD,PVOID,PDWORD,LPVOID);
+typedef enum _SAFER_IDENTIFICATION_TYPES
+{
+ SaferIdentityDefault = 0,
+ SaferIdentityTypeImageName = 1,
+ SaferIdentityTypeImageHash = 2,
+ SaferIdentityTypeUrlZone = 3,
+ SaferIdentityTypeCertificate = 4,
+} SAFER_IDENTIFICATION_TYPES;
+
+#include <pshpack8.h>
+
+typedef struct _SAFER_IDENTIFICATION_HEADER
+{
+ SAFER_IDENTIFICATION_TYPES dwIdentificationType;
+ DWORD cbStructSize;
+ GUID IdentificationGuid;
+ FILETIME lastModified;
+} SAFER_IDENTIFICATION_HEADER, *PSAFER_IDENTIFICATION_HEADER;
+
+typedef struct _SAFER_PATHNAME_IDENTIFICATION
+{
+ SAFER_IDENTIFICATION_HEADER header;
+ WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE];
+ PWCHAR ImageName;
+ DWORD dwSaferFlags;
+} SAFER_PATHNAME_IDENTIFICATION, *PSAFER_PATHNAME_IDENTIFICATION;
+
+typedef struct _SAFER_HASH_IDENTIFICATION
+{
+ SAFER_IDENTIFICATION_HEADER header;
+ WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE];
+ WCHAR FriendlyName[SAFER_MAX_FRIENDLYNAME_SIZE];
+ DWORD HashSize;
+ BYTE ImageHash[SAFER_MAX_HASH_SIZE];
+ ALG_ID HashAlgorithm;
+ LARGE_INTEGER ImageSize;
+ DWORD dwSaferFlags;
+} SAFER_HASH_IDENTIFICATION, *PSAFER_HASH_IDENTIFICATION;
+
+typedef struct _SAFER_HASH_IDENTIFICATION2
+{
+ SAFER_HASH_IDENTIFICATION hashIdentification;
+ DWORD HashSize;
+ BYTE ImageHash[SAFER_MAX_HASH_SIZE];
+ ALG_ID HashAlgorithm;
+} SAFER_HASH_IDENTIFICATION2, *PSAFER_HASH_IDENTIFICATION2;
+
+typedef struct _SAFER_URLZONE_IDENTIFICATION
+{
+ SAFER_IDENTIFICATION_HEADER header;
+ DWORD UrlZoneId;
+ DWORD dwSaferFlags;
+} SAFER_URLZONE_IDENTIFICATION, *PSAFER_URLZONE_IDENTIFICATION;
+
+#include <poppack.h>
+
+
+WINADVAPI
+BOOL
+WINAPI
+SaferCloseLevel(
+ _In_ SAFER_LEVEL_HANDLE hLevelHandle);
+
+WINADVAPI
+BOOL
+WINAPI
+SaferComputeTokenFromLevel(
+ _In_ SAFER_LEVEL_HANDLE LevelHandle,
+ _In_opt_ HANDLE InAccessToken,
+ _Out_ PHANDLE OutAccessToken,
+ _In_ DWORD dwFlags,
+ _Inout_opt_ PVOID pReserved);
+
+WINADVAPI
+BOOL
+WINAPI
+SaferCreateLevel(
+ _In_ DWORD dwScopeId,
+ _In_ DWORD dwLevelId,
+ _In_ DWORD OpenFlags,
+ _Outptr_ SAFER_LEVEL_HANDLE *pLevelHandle,
+ _Reserved_ PVOID pReserved);
+
+WINADVAPI
+BOOL
+WINAPI
+SaferGetLevelInformation(
+ _In_ SAFER_LEVEL_HANDLE LevelHandle,
+ _In_ SAFER_OBJECT_INFO_CLASS dwInfoType,
+ _Out_writes_bytes_opt_(dwInBufferSize) PVOID pQueryBuffer,
+ _In_ DWORD dwInBufferSize,
+ _Out_ PDWORD pdwOutBufferSize);
+
+WINADVAPI
+BOOL
+WINAPI
+SaferGetPolicyInformation(
+ _In_ DWORD dwScopeId,
+ _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,
+ _In_ DWORD InfoBufferSize,
+ _Out_writes_bytes_opt_(InfoBufferSize) PVOID InfoBuffer,
+ _Out_ PDWORD InfoBufferRetSize,
+ _Reserved_ PVOID pReserved);
+
+WINADVAPI
+BOOL
+WINAPI
+SaferIdentifyLevel(
+ _In_ DWORD dwNumProperties,
+ _In_reads_opt_(dwNumProperties) PSAFER_CODE_PROPERTIES pCodeProperties,
+ _Outptr_ SAFER_LEVEL_HANDLE *pLevelHandle,
+ _Reserved_ PVOID pReserved);
+
+WINADVAPI
+BOOL
+WINAPI
+SaferiIsExecutableFileType(
+ _In_ PCWSTR szFullPath,
+ _In_ BOOLEAN bFromShellExecute);
+
+WINADVAPI
+BOOL
+WINAPI
+SaferRecordEventLogEntry(
+ _In_ SAFER_LEVEL_HANDLE hLevel,
+ _In_ PCWSTR szTargetPath,
+ _Reserved_ PVOID pReserved);
+
+WINADVAPI
+BOOL
+WINAPI
+SaferSetLevelInformation(
+ _In_ SAFER_LEVEL_HANDLE LevelHandle,
+ _In_ SAFER_OBJECT_INFO_CLASS dwInfoType,
+ _In_reads_bytes_(dwInBufferSize) PVOID pQueryBuffer,
+ _In_ DWORD dwInBufferSize);
+
+WINADVAPI
+BOOL
+WINAPI
+SaferSetPolicyInformation(
+ _In_ DWORD dwScopeId,
+ _In_ SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,
+ _In_ DWORD InfoBufferSize,
+ _In_reads_bytes_(InfoBufferSize) PVOID InfoBuffer,
+ _Reserved_ PVOID pReserved);
+
+
+#define SRP_POLICY_EXE L"EXE"
+#define SRP_POLICY_DLL L"DLL"
+#define SRP_POLICY_MSI L"MSI"
+#define SRP_POLICY_SCRIPT L"SCRIPT"
+#define SRP_POLICY_SHELL L"SHELL"
+#define SRP_POLICY_NOV2 L"IGNORESRPV2"
+#define SRP_POLICY_APPX L"APPX"
+#define SRP_POLICY_WLDPMSI L"WLDPMSI"
+#define SRP_POLICY_WLDPSCRIPT L"WLDPSCRIPT"
#ifdef __cplusplus
-}
-#endif
+} /* extern "C" */
+#endif /* __cplusplus */
-#endif /* __WINE_WINSAFER_H */
+#endif /* _WINSAFER_H */
projects / reactos.git / commitdiff