1 /** 2 * This file has no copyright assigned and is placed in the Public Domain. 3 * This file is part of the mingw-w64 runtime package. 4 * No warranty is given; refer to the file DISCLAIMER.PD within this package. 5 */ 6 #ifndef _WINSAFER_H 7 #define _WINSAFER_H 8 9 #include <guiddef.h> 10 #include <wincrypt.h> 11 12 #ifdef __cplusplus 13 extern "C" { 14 #endif 15 16 DECLARE_HANDLE(SAFER_LEVEL_HANDLE); 17 18 #define SAFER_SCOPEID_MACHINE 1 19 #define SAFER_SCOPEID_USER 2 20 21 #define SAFER_LEVELID_FULLYTRUSTED 0x40000 22 #define SAFER_LEVELID_NORMALUSER 0x20000 23 #define SAFER_LEVELID_CONSTRAINED 0x10000 24 #define SAFER_LEVELID_UNTRUSTED 0x01000 25 #define SAFER_LEVELID_DISALLOWED 0x00000 26 27 #define SAFER_LEVEL_OPEN 1 28 29 #define SAFER_MAX_FRIENDLYNAME_SIZE 256 30 #define SAFER_MAX_DESCRIPTION_SIZE 256 31 #define SAFER_MAX_HASH_SIZE 64 32 33 #define SAFER_TOKEN_NULL_IF_EQUAL 0x00000001 34 #define SAFER_TOKEN_COMPARE_ONLY 0x00000002 35 #define SAFER_TOKEN_MAKE_INERT 0x00000004 36 #define SAFER_TOKEN_WANT_FLAGS 0x00000008 37 38 #define SAFER_CRITERIA_IMAGEPATH 0x00001 39 #define SAFER_CRITERIA_NOSIGNEDHASH 0x00002 40 #define SAFER_CRITERIA_IMAGEHASH 0x00004 41 #define SAFER_CRITERIA_AUTHENTICODE 0x00008 42 #define SAFER_CRITERIA_URLZONE 0x00010 43 #define SAFER_CRITERIA_IMAGEPATH_NT 0x01000 44 45 #include <pshpack8.h> 46 47 typedef struct _SAFER_CODE_PROPERTIES { 48 DWORD cbSize; 49 DWORD dwCheckFlags; 50 LPCWSTR ImagePath; 51 HANDLE hImageFileHandle; 52 DWORD UrlZoneId; 53 BYTE ImageHash[SAFER_MAX_HASH_SIZE]; 54 DWORD dwImageHashSize; 55 LARGE_INTEGER ImageSize; 56 ALG_ID HashAlgorithm; 57 LPBYTE pByteBlock; 58 HWND hWndParent; 59 DWORD dwWVTUIChoice; 60 } SAFER_CODE_PROPERTIES,*PSAFER_CODE_PROPERTIES; 61 62 #include <poppack.h> 63 64 #define SAFER_POLICY_JOBID_MASK 0xFF000000 65 #define SAFER_POLICY_JOBID_CONSTRAINED 0x04000000 66 #define SAFER_POLICY_JOBID_UNTRUSTED 0x03000000 67 #define SAFER_POLICY_ONLY_EXES 0x00010000 68 #define SAFER_POLICY_SANDBOX_INERT 0x00020000 69 #define SAFER_POLICY_HASH_DUPLICATE 0x00040000 70 #define SAFER_POLICY_UIFLAGS_MASK 0x000000FF 71 #define SAFER_POLICY_UIFLAGS_INFORMATION_PROMPT 0x00000001 72 #define SAFER_POLICY_UIFLAGS_OPTION_PROMPT 0x00000002 73 #define SAFER_POLICY_UIFLAGS_HIDDEN 0x00000004 74 75 typedef enum _SAFER_POLICY_INFO_CLASS { 76 SaferPolicyLevelList = 1,SaferPolicyEnableTransparentEnforcement,SaferPolicyDefaultLevel,SaferPolicyEvaluateUserScope,SaferPolicyScopeFlags 77 } SAFER_POLICY_INFO_CLASS; 78 79 typedef enum _SAFER_OBJECT_INFO_CLASS { 80 SaferObjectLevelId = 1,SaferObjectScopeId,SaferObjectFriendlyName,SaferObjectDescription,SaferObjectBuiltin,SaferObjectDisallowed, 81 SaferObjectDisableMaxPrivilege,SaferObjectInvertDeletedPrivileges,SaferObjectDeletedPrivileges,SaferObjectDefaultOwner,SaferObjectSidsToDisable, 82 SaferObjectRestrictedSidsInverted,SaferObjectRestrictedSidsAdded,SaferObjectAllIdentificationGuids,SaferObjectSingleIdentification, 83 SaferObjectExtendedError 84 } SAFER_OBJECT_INFO_CLASS; 85 86 #include <pshpack8.h> 87 88 typedef enum _SAFER_IDENTIFICATION_TYPES { 89 SaferIdentityDefault,SaferIdentityTypeImageName = 1,SaferIdentityTypeImageHash,SaferIdentityTypeUrlZone,SaferIdentityTypeCertificate 90 } SAFER_IDENTIFICATION_TYPES; 91 92 typedef struct _SAFER_IDENTIFICATION_HEADER { 93 SAFER_IDENTIFICATION_TYPES dwIdentificationType; 94 DWORD cbStructSize; 95 GUID IdentificationGuid; 96 FILETIME lastModified; 97 } SAFER_IDENTIFICATION_HEADER,*PSAFER_IDENTIFICATION_HEADER; 98 99 typedef struct _SAFER_PATHNAME_IDENTIFICATION { 100 SAFER_IDENTIFICATION_HEADER header; 101 WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE]; 102 PWCHAR ImageName; 103 DWORD dwSaferFlags; 104 } SAFER_PATHNAME_IDENTIFICATION,*PSAFER_PATHNAME_IDENTIFICATION; 105 106 typedef struct _SAFER_HASH_IDENTIFICATION { 107 SAFER_IDENTIFICATION_HEADER header; 108 WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE]; 109 WCHAR FriendlyName[SAFER_MAX_FRIENDLYNAME_SIZE]; 110 DWORD HashSize; 111 BYTE ImageHash[SAFER_MAX_HASH_SIZE]; 112 ALG_ID HashAlgorithm; 113 LARGE_INTEGER ImageSize; 114 DWORD dwSaferFlags; 115 } SAFER_HASH_IDENTIFICATION,*PSAFER_HASH_IDENTIFICATION; 116 117 typedef struct _SAFER_URLZONE_IDENTIFICATION { 118 SAFER_IDENTIFICATION_HEADER header; 119 DWORD UrlZoneId; 120 DWORD dwSaferFlags; 121 } SAFER_URLZONE_IDENTIFICATION,*PSAFER_URLZONE_IDENTIFICATION; 122 123 #include <poppack.h> 124 125 WINADVAPI WINBOOL WINAPI SaferGetPolicyInformation(DWORD dwScopeId,SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,DWORD InfoBufferSize,PVOID InfoBuffer,PDWORD InfoBufferRetSize,LPVOID lpReserved); 126 WINADVAPI WINBOOL WINAPI SaferSetPolicyInformation(DWORD dwScopeId,SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,DWORD InfoBufferSize,PVOID InfoBuffer,LPVOID lpReserved); 127 WINADVAPI WINBOOL WINAPI SaferCreateLevel(DWORD dwScopeId,DWORD dwLevelId,DWORD OpenFlags,SAFER_LEVEL_HANDLE *pLevelHandle,LPVOID lpReserved); 128 WINADVAPI WINBOOL WINAPI SaferCloseLevel(SAFER_LEVEL_HANDLE hLevelHandle); 129 WINADVAPI WINBOOL WINAPI SaferIdentifyLevel(DWORD dwNumProperties,PSAFER_CODE_PROPERTIES pCodeProperties,SAFER_LEVEL_HANDLE *pLevelHandle,LPVOID lpReserved); 130 WINADVAPI WINBOOL WINAPI SaferComputeTokenFromLevel(SAFER_LEVEL_HANDLE LevelHandle,HANDLE InAccessToken,PHANDLE OutAccessToken,DWORD dwFlags,LPVOID lpReserved); 131 WINADVAPI WINBOOL WINAPI SaferGetLevelInformation(SAFER_LEVEL_HANDLE LevelHandle,SAFER_OBJECT_INFO_CLASS dwInfoType,LPVOID lpQueryBuffer,DWORD dwInBufferSize,LPDWORD lpdwOutBufferSize); 132 WINADVAPI WINBOOL WINAPI SaferSetLevelInformation(SAFER_LEVEL_HANDLE LevelHandle,SAFER_OBJECT_INFO_CLASS dwInfoType,LPVOID lpQueryBuffer,DWORD dwInBufferSize); 133 WINADVAPI WINBOOL WINAPI SaferRecordEventLogEntry(SAFER_LEVEL_HANDLE hLevel,LPCWSTR szTargetPath,LPVOID lpReserved); 134 WINADVAPI WINBOOL WINAPI SaferiIsExecutableFileType(LPCWSTR szFullPathname,BOOLEAN bFromShellExecute); 135 136 #ifdef __cplusplus 137 } 138 #endif 139 #endif 140