1 // Licensed under the Apache License, Version 2.0 2 // <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license 3 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option. 4 // All files in the project carrying such notice may not be copied, modified, or distributed 5 // except according to those terms. 6 //! Microsoft SIP Provider Prototypes and Definitions 7 use shared::guiddef::GUID; 8 use shared::minwindef::{BOOL, BYTE, DWORD, LPVOID}; 9 use um::mscat::{CRYPTCATMEMBER, CRYPTCATSTORE}; 10 use um::wincrypt::{ 11 CRYPT_ALGORITHM_IDENTIFIER, CRYPT_ATTRIBUTE_TYPE_VALUE, CRYPT_HASH_BLOB, HCRYPTPROV, 12 }; 13 use um::winnt::{HANDLE, LPCWSTR, PWSTR, WCHAR}; 14 pub type CRYPT_DIGEST_DATA = CRYPT_HASH_BLOB; 15 pub const MSSIP_FLAGS_PROHIBIT_RESIZE_ON_CREATE: DWORD = 0x00010000; 16 pub const MSSIP_FLAGS_USE_CATALOG: DWORD = 0x00020000; 17 pub const MSSIP_FLAGS_MULTI_HASH: DWORD = 0x00040000; 18 pub const SPC_INC_PE_RESOURCES_FLAG: DWORD = 0x80; 19 pub const SPC_INC_PE_DEBUG_INFO_FLAG: DWORD = 0x40; 20 pub const SPC_INC_PE_IMPORT_ADDR_TABLE_FLAG: DWORD = 0x20; 21 pub const SPC_EXC_PE_PAGE_HASHES_FLAG: DWORD = 0x10; 22 pub const SPC_INC_PE_PAGE_HASHES_FLAG: DWORD = 0x100; 23 pub const SPC_DIGEST_GENERATE_FLAG: DWORD = 0x200; 24 pub const SPC_DIGEST_SIGN_FLAG: DWORD = 0x400; 25 pub const SPC_RELAXED_PE_MARKER_CHECK: DWORD = 0x800; 26 pub const SPC_MARKER_CHECK_SKIP_SIP_INDIRECT_DATA_FLAG: DWORD = 0x00000001; 27 pub const SPC_MARKER_CHECK_CURRENTLY_SUPPORTED_FLAGS: DWORD 28 = SPC_MARKER_CHECK_SKIP_SIP_INDIRECT_DATA_FLAG; 29 pub const MSSIP_ADDINFO_NONE: DWORD = 0; 30 pub const MSSIP_ADDINFO_FLAT: DWORD = 1; 31 pub const MSSIP_ADDINFO_CATMEMBER: DWORD = 2; 32 pub const MSSIP_ADDINFO_BLOB: DWORD = 3; 33 pub const MSSIP_ADDINFO_NONMSSIP: DWORD = 500; 34 UNION!{union SIP_SUBJECTINFO_u { 35 [usize; 1], 36 psFlat psFlat_mut: *mut MS_ADDINFO_FLAT, 37 psCatMember psCatMember_mut: *mut MS_ADDINFO_CATALOGMEMBER, 38 psBlob psBlob_mut: *mut MS_ADDINFO_BLOB, 39 }} 40 STRUCT!{struct SIP_SUBJECTINFO { 41 cbSize: DWORD, 42 pgSubjectType: *mut GUID, 43 hFile: HANDLE, 44 pwsFileName: LPCWSTR, 45 pwsDisplayName: LPCWSTR, 46 dwReserved1: DWORD, 47 dwIntVersion: DWORD, 48 hProv: HCRYPTPROV, 49 DigestAlgorithm: CRYPT_ALGORITHM_IDENTIFIER, 50 dwFlags: DWORD, 51 dwEncodingType: DWORD, 52 dwReserved2: DWORD, 53 fdwCAPISettings: DWORD, 54 fdwSecuritySettings: DWORD, 55 dwIndex: DWORD, 56 dwUnionChoice: DWORD, 57 u: SIP_SUBJECTINFO_u, 58 pClientData: LPVOID, 59 }} 60 pub type LPSIP_SUBJECTINFO = *mut SIP_SUBJECTINFO; 61 STRUCT!{struct MS_ADDINFO_FLAT { 62 cbStruct: DWORD, 63 pIndirectData: *mut SIP_INDIRECT_DATA, 64 }} 65 pub type PMS_ADDINFO_FLAT = *mut MS_ADDINFO_FLAT; 66 STRUCT!{struct MS_ADDINFO_CATALOGMEMBER { 67 cbStruct: DWORD, 68 pStore: *mut CRYPTCATSTORE, 69 pMember: *mut CRYPTCATMEMBER, 70 }} 71 pub type PMS_ADDINFO_CATALOGMEMBER = *mut MS_ADDINFO_CATALOGMEMBER; 72 STRUCT!{struct MS_ADDINFO_BLOB { 73 cbStruct: DWORD, 74 cbMemObject: DWORD, 75 pbMemObject: *mut BYTE, 76 cbMemSignedMsg: DWORD, 77 pbMemSignedMsg: *mut BYTE, 78 }} 79 pub type PMS_ADDINFO_BLOB = *mut MS_ADDINFO_BLOB; 80 STRUCT!{struct SIP_CAP_SET_V2 { 81 cbSize: DWORD, 82 dwVersion: DWORD, 83 isMultiSign: BOOL, 84 dwReserved: DWORD, 85 }} 86 pub type PSIP_CAP_SET_V2 = *mut SIP_CAP_SET_V2; 87 UNION!{union SIP_CAP_SET_V3_u { 88 [u32; 1], 89 dwFlags dwFlags_mut: DWORD, 90 dwReserved dwReserved_mut: DWORD, 91 }} 92 STRUCT!{struct SIP_CAP_SET_V3 { 93 cbSize: DWORD, 94 dwVersion: DWORD, 95 isMultiSign: BOOL, 96 u: SIP_CAP_SET_V3_u, 97 }} 98 pub type PSIP_CAP_SET_V3 = *mut SIP_CAP_SET_V3; 99 pub type SIP_CAP_SET = SIP_CAP_SET_V3; 100 pub type PSIP_CAP_SET = PSIP_CAP_SET_V3; 101 pub const SIP_CAP_SET_VERSION_2: DWORD = 2; 102 pub const SIP_CAP_SET_VERSION_3: DWORD = 3; 103 pub const SIP_CAP_SET_CUR_VER: DWORD = 3; 104 pub const SIP_CAP_FLAG_SEALING: DWORD = 0x00000001; 105 STRUCT!{struct SIP_INDIRECT_DATA { 106 Data: CRYPT_ATTRIBUTE_TYPE_VALUE, 107 DigestAlgorithm: CRYPT_ALGORITHM_IDENTIFIER, 108 Digest: CRYPT_HASH_BLOB, 109 }} 110 pub type PSIP_INDIRECT_DATA = *mut SIP_INDIRECT_DATA; 111 extern "system" { CryptSIPGetSignedDataMsg( pSubjectInfo: *mut SIP_SUBJECTINFO, pdwEncodingType: *mut DWORD, dwIndex: DWORD, pcbSignedDataMsg: *mut DWORD, pbSignedDataMsg: *mut BYTE, ) -> BOOL112 pub fn CryptSIPGetSignedDataMsg( 113 pSubjectInfo: *mut SIP_SUBJECTINFO, 114 pdwEncodingType: *mut DWORD, 115 dwIndex: DWORD, 116 pcbSignedDataMsg: *mut DWORD, 117 pbSignedDataMsg: *mut BYTE, 118 ) -> BOOL; 119 } 120 FN!{stdcall pCryptSIPGetSignedDataMsg( 121 pSubjectInfo: *mut SIP_SUBJECTINFO, 122 pdwEncodingType: *mut DWORD, 123 dwIndex: DWORD, 124 pcbSignedDataMsg: *mut DWORD, 125 pbSignedDataMsg: *mut BYTE, 126 ) -> BOOL} 127 extern "system" { CryptSIPPutSignedDataMsg( pSubjectInfo: *mut SIP_SUBJECTINFO, dwEncodingType: DWORD, pdwIndex: *mut DWORD, cbSignedDataMsg: DWORD, pbSignedDataMsg: *mut BYTE, ) -> BOOL128 pub fn CryptSIPPutSignedDataMsg( 129 pSubjectInfo: *mut SIP_SUBJECTINFO, 130 dwEncodingType: DWORD, 131 pdwIndex: *mut DWORD, 132 cbSignedDataMsg: DWORD, 133 pbSignedDataMsg: *mut BYTE, 134 ) -> BOOL; 135 } 136 FN!{stdcall pCryptSIPPutSignedDataMsg( 137 pSubjectInfo: *mut SIP_SUBJECTINFO, 138 dwEncodingType: DWORD, 139 pdwIndex: *mut DWORD, 140 cbSignedDataMsg: DWORD, 141 pbSignedDataMsg: *mut BYTE, 142 ) -> BOOL} 143 extern "system" { CryptSIPCreateIndirectData( pSubjectInfo: *mut SIP_SUBJECTINFO, pcbIndirectData: *mut DWORD, pIndirectData: *mut SIP_INDIRECT_DATA, ) -> BOOL144 pub fn CryptSIPCreateIndirectData( 145 pSubjectInfo: *mut SIP_SUBJECTINFO, 146 pcbIndirectData: *mut DWORD, 147 pIndirectData: *mut SIP_INDIRECT_DATA, 148 ) -> BOOL; 149 } 150 FN!{stdcall pCryptSIPCreateIndirectData( 151 pSubjectInfo: *mut SIP_SUBJECTINFO, 152 pcbIndirectData: *mut DWORD, 153 pIndirectData: *mut SIP_INDIRECT_DATA, 154 ) -> BOOL} 155 extern "system" { CryptSIPVerifyIndirectData( pSubjectInfo: *mut SIP_SUBJECTINFO, pIndirectData: *mut SIP_INDIRECT_DATA, ) -> BOOL156 pub fn CryptSIPVerifyIndirectData( 157 pSubjectInfo: *mut SIP_SUBJECTINFO, 158 pIndirectData: *mut SIP_INDIRECT_DATA, 159 ) -> BOOL; 160 } 161 FN!{stdcall pCryptSIPVerifyIndirectData( 162 pSubjectInfo: *mut SIP_SUBJECTINFO, 163 pIndirectData: *mut SIP_INDIRECT_DATA, 164 ) -> BOOL} 165 extern "system" { CryptSIPRemoveSignedDataMsg( pSubjectInfo: *mut SIP_SUBJECTINFO, dwIndex: DWORD, ) -> BOOL166 pub fn CryptSIPRemoveSignedDataMsg( 167 pSubjectInfo: *mut SIP_SUBJECTINFO, 168 dwIndex: DWORD, 169 ) -> BOOL; 170 } 171 FN!{stdcall pCryptSIPRemoveSignedDataMsg( 172 pSubjectInfo: *mut SIP_SUBJECTINFO, 173 dwIndex: DWORD, 174 ) -> BOOL} 175 STRUCT!{struct SIP_DISPATCH_INFO { 176 cbSize: DWORD, 177 hSIP: HANDLE, 178 pfGet: pCryptSIPGetSignedDataMsg, 179 pfPut: pCryptSIPPutSignedDataMsg, 180 pfCreate: pCryptSIPCreateIndirectData, 181 pfVerify: pCryptSIPVerifyIndirectData, 182 pfRemove: pCryptSIPRemoveSignedDataMsg, 183 }} 184 pub type LPSIP_DISPATCH_INFO = *mut SIP_DISPATCH_INFO; 185 FN!{stdcall pfnIsFileSupported( 186 hFile: HANDLE, 187 pgSubject: *mut GUID, 188 ) -> BOOL} 189 FN!{stdcall pfnIsFileSupportedName( 190 pwszFileName: *mut WCHAR, 191 pgSubject: *mut GUID, 192 ) -> BOOL} 193 STRUCT!{struct SIP_ADD_NEWPROVIDER { 194 cbStruct: DWORD, 195 pgSubject: *mut GUID, 196 pwszDLLFileName: *mut WCHAR, 197 pwszMagicNumber: *mut WCHAR, 198 pwszIsFunctionName: *mut WCHAR, 199 pwszGetFuncName: *mut WCHAR, 200 pwszPutFuncName: *mut WCHAR, 201 pwszCreateFuncName: *mut WCHAR, 202 pwszVerifyFuncName: *mut WCHAR, 203 pwszRemoveFuncName: *mut WCHAR, 204 pwszIsFunctionNameFmt2: *mut WCHAR, 205 pwszGetCapFuncName: PWSTR, 206 }} 207 pub type PSIP_ADD_NEWPROVIDER = *mut SIP_ADD_NEWPROVIDER; 208 pub const SIP_MAX_MAGIC_NUMBER: DWORD = 4; 209 extern "system" { CryptSIPLoad( pgSubject: *const GUID, dwFlags: DWORD, pSipDispatch: *mut SIP_DISPATCH_INFO, ) -> BOOL210 pub fn CryptSIPLoad( 211 pgSubject: *const GUID, 212 dwFlags: DWORD, 213 pSipDispatch: *mut SIP_DISPATCH_INFO, 214 ) -> BOOL; CryptSIPRetrieveSubjectGuid( FileName: LPCWSTR, hFileIn: HANDLE, pgSubject: *mut GUID, ) -> BOOL215 pub fn CryptSIPRetrieveSubjectGuid( 216 FileName: LPCWSTR, 217 hFileIn: HANDLE, 218 pgSubject: *mut GUID, 219 ) -> BOOL; CryptSIPRetrieveSubjectGuidForCatalogFile( FileName: LPCWSTR, hFileIn: HANDLE, pgSubject: *mut GUID, ) -> BOOL220 pub fn CryptSIPRetrieveSubjectGuidForCatalogFile( 221 FileName: LPCWSTR, 222 hFileIn: HANDLE, 223 pgSubject: *mut GUID, 224 ) -> BOOL; CryptSIPAddProvider( psNewProv: *mut SIP_ADD_NEWPROVIDER, ) -> BOOL225 pub fn CryptSIPAddProvider( 226 psNewProv: *mut SIP_ADD_NEWPROVIDER, 227 ) -> BOOL; CryptSIPRemoveProvider( pgProv: *mut GUID, ) -> BOOL228 pub fn CryptSIPRemoveProvider( 229 pgProv: *mut GUID, 230 ) -> BOOL; CryptSIPGetCaps( pSubjInfo: *mut SIP_SUBJECTINFO, pCaps: *mut SIP_CAP_SET, ) -> BOOL231 pub fn CryptSIPGetCaps( 232 pSubjInfo: *mut SIP_SUBJECTINFO, 233 pCaps: *mut SIP_CAP_SET, 234 ) -> BOOL; 235 } 236 FN!{stdcall pCryptSIPGetCaps( 237 pSubjInfo: *mut SIP_SUBJECTINFO, 238 pCaps: *mut SIP_CAP_SET, 239 ) -> BOOL} 240 extern "system" { CryptSIPGetSealedDigest( pSubjectInfo: *mut SIP_SUBJECTINFO, pSig: *const BYTE, dwSig: DWORD, pbDigest: *mut BYTE, pcbDigest: *mut DWORD, ) -> BOOL241 pub fn CryptSIPGetSealedDigest( 242 pSubjectInfo: *mut SIP_SUBJECTINFO, 243 pSig: *const BYTE, 244 dwSig: DWORD, 245 pbDigest: *mut BYTE, 246 pcbDigest: *mut DWORD, 247 ) -> BOOL; 248 } 249 FN!{stdcall pCryptSIPGetSealedDigest( 250 pSubjectInfo: *mut SIP_SUBJECTINFO, 251 pSig: *const BYTE, 252 dwSig: DWORD, 253 pbDigest: *mut BYTE, 254 pcbDigest: *mut DWORD, 255 ) -> BOOL} 256