/** * This file has no copyright assigned and is placed in the Public Domain. * This file is part of the mingw-w64 runtime package. * No warranty is given; refer to the file DISCLAIMER.PD within this package. */ #ifndef _WINSAFER_H #define _WINSAFER_H #include #include #ifdef __cplusplus extern "C" { #endif DECLARE_HANDLE(SAFER_LEVEL_HANDLE); #define SAFER_SCOPEID_MACHINE 1 #define SAFER_SCOPEID_USER 2 #define SAFER_LEVELID_FULLYTRUSTED 0x40000 #define SAFER_LEVELID_NORMALUSER 0x20000 #define SAFER_LEVELID_CONSTRAINED 0x10000 #define SAFER_LEVELID_UNTRUSTED 0x01000 #define SAFER_LEVELID_DISALLOWED 0x00000 #define SAFER_LEVEL_OPEN 1 #define SAFER_MAX_FRIENDLYNAME_SIZE 256 #define SAFER_MAX_DESCRIPTION_SIZE 256 #define SAFER_MAX_HASH_SIZE 64 #define SAFER_TOKEN_NULL_IF_EQUAL 0x00000001 #define SAFER_TOKEN_COMPARE_ONLY 0x00000002 #define SAFER_TOKEN_MAKE_INERT 0x00000004 #define SAFER_TOKEN_WANT_FLAGS 0x00000008 #define SAFER_CRITERIA_IMAGEPATH 0x00001 #define SAFER_CRITERIA_NOSIGNEDHASH 0x00002 #define SAFER_CRITERIA_IMAGEHASH 0x00004 #define SAFER_CRITERIA_AUTHENTICODE 0x00008 #define SAFER_CRITERIA_URLZONE 0x00010 #define SAFER_CRITERIA_IMAGEPATH_NT 0x01000 #include typedef struct _SAFER_CODE_PROPERTIES { DWORD cbSize; DWORD dwCheckFlags; LPCWSTR ImagePath; HANDLE hImageFileHandle; DWORD UrlZoneId; BYTE ImageHash[SAFER_MAX_HASH_SIZE]; DWORD dwImageHashSize; LARGE_INTEGER ImageSize; ALG_ID HashAlgorithm; LPBYTE pByteBlock; HWND hWndParent; DWORD dwWVTUIChoice; } SAFER_CODE_PROPERTIES,*PSAFER_CODE_PROPERTIES; #include #define SAFER_POLICY_JOBID_MASK 0xFF000000 #define SAFER_POLICY_JOBID_CONSTRAINED 0x04000000 #define SAFER_POLICY_JOBID_UNTRUSTED 0x03000000 #define SAFER_POLICY_ONLY_EXES 0x00010000 #define SAFER_POLICY_SANDBOX_INERT 0x00020000 #define SAFER_POLICY_HASH_DUPLICATE 0x00040000 #define SAFER_POLICY_UIFLAGS_MASK 0x000000FF #define SAFER_POLICY_UIFLAGS_INFORMATION_PROMPT 0x00000001 #define SAFER_POLICY_UIFLAGS_OPTION_PROMPT 0x00000002 #define SAFER_POLICY_UIFLAGS_HIDDEN 0x00000004 typedef enum _SAFER_POLICY_INFO_CLASS { SaferPolicyLevelList = 1,SaferPolicyEnableTransparentEnforcement,SaferPolicyDefaultLevel,SaferPolicyEvaluateUserScope,SaferPolicyScopeFlags } SAFER_POLICY_INFO_CLASS; typedef enum _SAFER_OBJECT_INFO_CLASS { SaferObjectLevelId = 1,SaferObjectScopeId,SaferObjectFriendlyName,SaferObjectDescription,SaferObjectBuiltin,SaferObjectDisallowed, SaferObjectDisableMaxPrivilege,SaferObjectInvertDeletedPrivileges,SaferObjectDeletedPrivileges,SaferObjectDefaultOwner,SaferObjectSidsToDisable, SaferObjectRestrictedSidsInverted,SaferObjectRestrictedSidsAdded,SaferObjectAllIdentificationGuids,SaferObjectSingleIdentification, SaferObjectExtendedError } SAFER_OBJECT_INFO_CLASS; #include typedef enum _SAFER_IDENTIFICATION_TYPES { SaferIdentityDefault,SaferIdentityTypeImageName = 1,SaferIdentityTypeImageHash,SaferIdentityTypeUrlZone,SaferIdentityTypeCertificate } SAFER_IDENTIFICATION_TYPES; typedef struct _SAFER_IDENTIFICATION_HEADER { SAFER_IDENTIFICATION_TYPES dwIdentificationType; DWORD cbStructSize; GUID IdentificationGuid; FILETIME lastModified; } SAFER_IDENTIFICATION_HEADER,*PSAFER_IDENTIFICATION_HEADER; typedef struct _SAFER_PATHNAME_IDENTIFICATION { SAFER_IDENTIFICATION_HEADER header; WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE]; PWCHAR ImageName; DWORD dwSaferFlags; } SAFER_PATHNAME_IDENTIFICATION,*PSAFER_PATHNAME_IDENTIFICATION; typedef struct _SAFER_HASH_IDENTIFICATION { SAFER_IDENTIFICATION_HEADER header; WCHAR Description[SAFER_MAX_DESCRIPTION_SIZE]; WCHAR FriendlyName[SAFER_MAX_FRIENDLYNAME_SIZE]; DWORD HashSize; BYTE ImageHash[SAFER_MAX_HASH_SIZE]; ALG_ID HashAlgorithm; LARGE_INTEGER ImageSize; DWORD dwSaferFlags; } SAFER_HASH_IDENTIFICATION,*PSAFER_HASH_IDENTIFICATION; typedef struct _SAFER_URLZONE_IDENTIFICATION { SAFER_IDENTIFICATION_HEADER header; DWORD UrlZoneId; DWORD dwSaferFlags; } SAFER_URLZONE_IDENTIFICATION,*PSAFER_URLZONE_IDENTIFICATION; #include WINADVAPI WINBOOL WINAPI SaferGetPolicyInformation(DWORD dwScopeId,SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,DWORD InfoBufferSize,PVOID InfoBuffer,PDWORD InfoBufferRetSize,LPVOID lpReserved); WINADVAPI WINBOOL WINAPI SaferSetPolicyInformation(DWORD dwScopeId,SAFER_POLICY_INFO_CLASS SaferPolicyInfoClass,DWORD InfoBufferSize,PVOID InfoBuffer,LPVOID lpReserved); WINADVAPI WINBOOL WINAPI SaferCreateLevel(DWORD dwScopeId,DWORD dwLevelId,DWORD OpenFlags,SAFER_LEVEL_HANDLE *pLevelHandle,LPVOID lpReserved); WINADVAPI WINBOOL WINAPI SaferCloseLevel(SAFER_LEVEL_HANDLE hLevelHandle); WINADVAPI WINBOOL WINAPI SaferIdentifyLevel(DWORD dwNumProperties,PSAFER_CODE_PROPERTIES pCodeProperties,SAFER_LEVEL_HANDLE *pLevelHandle,LPVOID lpReserved); WINADVAPI WINBOOL WINAPI SaferComputeTokenFromLevel(SAFER_LEVEL_HANDLE LevelHandle,HANDLE InAccessToken,PHANDLE OutAccessToken,DWORD dwFlags,LPVOID lpReserved); WINADVAPI WINBOOL WINAPI SaferGetLevelInformation(SAFER_LEVEL_HANDLE LevelHandle,SAFER_OBJECT_INFO_CLASS dwInfoType,LPVOID lpQueryBuffer,DWORD dwInBufferSize,LPDWORD lpdwOutBufferSize); WINADVAPI WINBOOL WINAPI SaferSetLevelInformation(SAFER_LEVEL_HANDLE LevelHandle,SAFER_OBJECT_INFO_CLASS dwInfoType,LPVOID lpQueryBuffer,DWORD dwInBufferSize); WINADVAPI WINBOOL WINAPI SaferRecordEventLogEntry(SAFER_LEVEL_HANDLE hLevel,LPCWSTR szTargetPath,LPVOID lpReserved); WINADVAPI WINBOOL WINAPI SaferiIsExecutableFileType(LPCWSTR szFullPathname,BOOLEAN bFromShellExecute); #ifdef __cplusplus } #endif #endif