master
1/**
2 * This file has no copyright assigned and is placed in the Public Domain.
3 * This file is part of the mingw-w64 runtime package.
4 * No warranty is given; refer to the file DISCLAIMER.PD within this package.
5 */
6#ifndef _WINSAFER_H
7#define _WINSAFER_H
8
9#include <guiddef.h>
10#include <wincrypt.h>
11
12#ifdef __cplusplus
13extern "C" {
14#endif
15
16 DECLARE_HANDLE(SAFER_LEVEL_HANDLE);
17
18#define SAFER_SCOPEID_MACHINE 1
19#define SAFER_SCOPEID_USER 2
20
21#define SAFER_LEVELID_FULLYTRUSTED 0x40000
22#define SAFER_LEVELID_NORMALUSER 0x20000
23#define SAFER_LEVELID_CONSTRAINED 0x10000
24#define SAFER_LEVELID_UNTRUSTED 0x01000
25#define SAFER_LEVELID_DISALLOWED 0x00000
26
27#define SAFER_LEVEL_OPEN 1
28
29#define SAFER_MAX_FRIENDLYNAME_SIZE 256
30#define SAFER_MAX_DESCRIPTION_SIZE 256
31#define SAFER_MAX_HASH_SIZE 64
32
33#define SAFER_TOKEN_NULL_IF_EQUAL 0x00000001
34#define SAFER_TOKEN_COMPARE_ONLY 0x00000002
35#define SAFER_TOKEN_MAKE_INERT 0x00000004
36#define SAFER_TOKEN_WANT_FLAGS 0x00000008
37
38#define SAFER_CRITERIA_IMAGEPATH 0x00001
39#define SAFER_CRITERIA_NOSIGNEDHASH 0x00002
40#define SAFER_CRITERIA_IMAGEHASH 0x00004
41#define SAFER_CRITERIA_AUTHENTICODE 0x00008
42#define SAFER_CRITERIA_URLZONE 0x00010
43#define SAFER_CRITERIA_IMAGEPATH_NT 0x01000
44
45#include <pshpack8.h>
46
47 typedef struct _SAFER_CODE_PROPERTIES {
48 DWORD cbSize;
49 DWORD dwCheckFlags;
50 LPCWSTR ImagePath;
51 HANDLE hImageFileHandle;
52 DWORD UrlZoneId;
53 BYTE ImageHash[SAFER_MAX_HASH_SIZE];
54 DWORD dwImageHashSize;
55 LARGE_INTEGER ImageSize;
56 ALG_ID HashAlgorithm;
57 LPBYTE pByteBlock;
58 HWND hWndParent;
59 DWORD dwWVTUIChoice;
60 } SAFER_CODE_PROPERTIES,*PSAFER_CODE_PROPERTIES;
61
62#include <poppack.h>
63
64#define SAFER_POLICY_JOBID_MASK 0xFF000000
65#define SAFER_POLICY_JOBID_CONSTRAINED 0x04000000
66#define SAFER_POLICY_JOBID_UNTRUSTED 0x03000000
67#define SAFER_POLICY_ONLY_EXES 0x00010000
68#define SAFER_POLICY_SANDBOX_INERT 0x00020000
69#define SAFER_POLICY_HASH_DUPLICATE 0x00040000
70#define SAFER_POLICY_UIFLAGS_MASK 0x000000FF
71#define SAFER_POLICY_UIFLAGS_INFORMATION_PROMPT 0x00000001
72#define SAFER_POLICY_UIFLAGS_OPTION_PROMPT 0x00000002
73#define SAFER_POLICY_UIFLAGS_HIDDEN 0x00000004
74
75 typedef enum _SAFER_POLICY_INFO_CLASS {
76 SaferPolicyLevelList = 1,SaferPolicyEnableTransparentEnforcement,SaferPolicyDefaultLevel,SaferPolicyEvaluateUserScope,SaferPolicyScopeFlags
77 } SAFER_POLICY_INFO_CLASS;
78
79 typedef enum _SAFER_OBJECT_INFO_CLASS {
80 SaferObjectLevelId = 1,SaferObjectScopeId,SaferObjectFriendlyName,SaferObjectDescription,SaferObjectBuiltin,SaferObjectDisallowed,
81 SaferObjectDisableMaxPrivilege,SaferObjectInvertDeletedPrivileges,SaferObjectDeletedPrivileges,SaferObjectDefaultOwner,SaferObjectSidsToDisable,
82 SaferObjectRestrictedSidsInverted,SaferObjectRestrictedSidsAdded,SaferObjectAllIdentificationGuids,SaferObjectSingleIdentification,
83 SaferObjectExtendedError
84 } SAFER_OBJECT_INFO_CLASS;
85
86#include <pshpack8.h>
87
88 typedef enum _SAFER_IDENTIFICATION_TYPES {
89 SaferIdentityDefault,SaferIdentityTypeImageName = 1,SaferIdentityTypeImageHash,SaferIdentityTypeUrlZone,SaferIdentityTypeCertificate
90 } SAFER_IDENTIFICATION_TYPES;
91
92 typedef struct _SAFER_IDENTIFICATION_HEADER {
93 SAFER_IDENTIFICATION_TYPES dwIdentificationType;
94 DWORD cbStructSize;
95 GUID IdentificationGuid;
96 FILETIME lastModified;
97 } SAFER_IDENTIFICATION_HEADER,*PSAFER_IDENTIFICATION_HEADER;
98
99 typedef struct _SAFER_PATHNAME_IDENTIFICATION {
100 SAFER_IDENTIFICATION_HEADER header;
101 WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE];
102 PWCHAR ImageName;
103 DWORD dwSaferFlags;
104 } SAFER_PATHNAME_IDENTIFICATION,*PSAFER_PATHNAME_IDENTIFICATION;
105
106 typedef struct _SAFER_HASH_IDENTIFICATION {
107 SAFER_IDENTIFICATION_HEADER header;
108 WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE];
109 WCHAR FriendlyName[SAFER_MAX_FRIENDLYNAME_SIZE];
110 DWORD HashSize;
111 BYTE ImageHash[SAFER_MAX_HASH_SIZE];
112 ALG_ID HashAlgorithm;
113 LARGE_INTEGER ImageSize;
114 DWORD dwSaferFlags;
115 } SAFER_HASH_IDENTIFICATION,*PSAFER_HASH_IDENTIFICATION;
116
117 typedef struct _SAFER_URLZONE_IDENTIFICATION {
118 SAFER_IDENTIFICATION_HEADER header;
119 DWORD UrlZoneId;
120 DWORD dwSaferFlags;
121 } SAFER_URLZONE_IDENTIFICATION,*PSAFER_URLZONE_IDENTIFICATION;
122
123#include <poppack.h>
124
125 WINADVAPI WINBOOL WINAPI SaferGetPolicyInformation(DWORD dwScopeId,SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,DWORD InfoBufferSize,PVOID InfoBuffer,PDWORD InfoBufferRetSize,LPVOID lpReserved);
126 WINADVAPI WINBOOL WINAPI SaferSetPolicyInformation(DWORD dwScopeId,SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,DWORD InfoBufferSize,PVOID InfoBuffer,LPVOID lpReserved);
127 WINADVAPI WINBOOL WINAPI SaferCreateLevel(DWORD dwScopeId,DWORD dwLevelId,DWORD OpenFlags,SAFER_LEVEL_HANDLE *pLevelHandle,LPVOID lpReserved);
128 WINADVAPI WINBOOL WINAPI SaferCloseLevel(SAFER_LEVEL_HANDLE hLevelHandle);
129 WINADVAPI WINBOOL WINAPI SaferIdentifyLevel(DWORD dwNumProperties,PSAFER_CODE_PROPERTIES pCodeProperties,SAFER_LEVEL_HANDLE *pLevelHandle,LPVOID lpReserved);
130 WINADVAPI WINBOOL WINAPI SaferComputeTokenFromLevel(SAFER_LEVEL_HANDLE LevelHandle,HANDLE InAccessToken,PHANDLE OutAccessToken,DWORD dwFlags,LPVOID lpReserved);
131 WINADVAPI WINBOOL WINAPI SaferGetLevelInformation(SAFER_LEVEL_HANDLE LevelHandle,SAFER_OBJECT_INFO_CLASS dwInfoType,LPVOID lpQueryBuffer,DWORD dwInBufferSize,LPDWORD lpdwOutBufferSize);
132 WINADVAPI WINBOOL WINAPI SaferSetLevelInformation(SAFER_LEVEL_HANDLE LevelHandle,SAFER_OBJECT_INFO_CLASS dwInfoType,LPVOID lpQueryBuffer,DWORD dwInBufferSize);
133 WINADVAPI WINBOOL WINAPI SaferRecordEventLogEntry(SAFER_LEVEL_HANDLE hLevel,LPCWSTR szTargetPath,LPVOID lpReserved);
134 WINADVAPI WINBOOL WINAPI SaferiIsExecutableFileType(LPCWSTR szFullPathname,BOOLEAN bFromShellExecute);
135
136#ifdef __cplusplus
137}
138#endif
139#endif