1 // Licensed under the Apache License, Version 2.0 2 // <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license 3 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option. 4 // All files in the project carrying such notice may not be copied, modified, or distributed 5 // except according to those terms. 6 use shared::basetsd::{SIZE_T, ULONG64}; 7 use shared::guiddef::GUID; 8 use shared::minwindef::{BOOL, BYTE, DWORD, FILETIME, LPBYTE, LPDWORD, LPVOID, PDWORD}; 9 use shared::windef::HWND; 10 use um::wincrypt::ALG_ID; 11 use um::winnt::{BOOLEAN, HANDLE, LARGE_INTEGER, LPCWSTR, PHANDLE, PVOID, PWCHAR, WCHAR}; 12 DECLARE_HANDLE!{SAFER_LEVEL_HANDLE, __SAFER_LEVEL_HANDLE} 13 pub const SAFER_SCOPEID_MACHINE: DWORD = 1; 14 pub const SAFER_SCOPEID_USER: DWORD = 2; 15 pub const SAFER_LEVELID_DISALLOWED: DWORD = 0x00000; 16 pub const SAFER_LEVELID_UNTRUSTED: DWORD = 0x01000; 17 pub const SAFER_LEVELID_CONSTRAINED: DWORD = 0x10000; 18 pub const SAFER_LEVELID_NORMALUSER: DWORD = 0x20000; 19 pub const SAFER_LEVELID_FULLYTRUSTED: DWORD = 0x40000; 20 pub const SAFER_LEVEL_OPEN: DWORD = 1; 21 pub const SAFER_MAX_FRIENDLYNAME_SIZE: SIZE_T = 256; 22 pub const SAFER_MAX_DESCRIPTION_SIZE: SIZE_T = 256; 23 pub const SAFER_MAX_HASH_SIZE: SIZE_T = 64; 24 pub const SAFER_TOKEN_NULL_IF_EQUAL: DWORD = 0x00000001; 25 pub const SAFER_TOKEN_COMPARE_ONLY: DWORD = 0x00000002; 26 pub const SAFER_TOKEN_MAKE_INERT: DWORD = 0x00000004; 27 pub const SAFER_TOKEN_WANT_FLAGS: DWORD = 0x00000008; 28 pub const SAFER_CRITERIA_IMAGEPATH: DWORD = 0x00001; 29 pub const SAFER_CRITERIA_NOSIGNEDHASH: DWORD = 0x00002; 30 pub const SAFER_CRITERIA_IMAGEHASH: DWORD = 0x00004; 31 pub const SAFER_CRITERIA_AUTHENTICODE: DWORD = 0x00008; 32 pub const SAFER_CRITERIA_URLZONE: DWORD = 0x00010; 33 pub const SAFER_CRITERIA_APPX_PACKAGE: DWORD = 0x00020; 34 pub const SAFER_CRITERIA_IMAGEPATH_NT: DWORD = 0x01000; 35 STRUCT!{struct SAFER_CODE_PROPERTIES_V1 { 36 cbSize: DWORD, 37 dwCheckFlags: DWORD, 38 ImagePath: LPCWSTR, 39 hImageFileHandle: HANDLE, 40 UrlZoneId: DWORD, 41 ImageHash: [BYTE; SAFER_MAX_HASH_SIZE], 42 dwImageHashSize: DWORD, 43 ImageSize: LARGE_INTEGER, 44 HashAlgorithm: ALG_ID, 45 pByteBlock: LPBYTE, 46 hWndParent: HWND, 47 dwWVTUIChoice: DWORD, 48 }} 49 pub type PSAFER_CODE_PROPERTIES_V1 = *mut SAFER_CODE_PROPERTIES_V1; 50 STRUCT!{struct SAFER_CODE_PROPERTIES_V2 { 51 cbSize: DWORD, 52 dwCheckFlags: DWORD, 53 ImagePath: LPCWSTR, 54 hImageFileHandle: HANDLE, 55 UrlZoneId: DWORD, 56 ImageHash: [BYTE; SAFER_MAX_HASH_SIZE], 57 dwImageHashSize: DWORD, 58 ImageSize: LARGE_INTEGER, 59 HashAlgorithm: ALG_ID, 60 pByteBlock: LPBYTE, 61 hWndParent: HWND, 62 dwWVTUIChoice: DWORD, 63 PackageMoniker: LPCWSTR, 64 PackagePublisher: LPCWSTR, 65 PackageName: LPCWSTR, 66 PackageVersion: ULONG64, 67 PackageIsFramework: BOOL, 68 }} 69 pub type PSAFER_CODE_PROPERTIES_V2 = *mut SAFER_CODE_PROPERTIES_V2; 70 pub type SAFER_CODE_PROPERTIES = SAFER_CODE_PROPERTIES_V2; 71 pub type PSAFER_CODE_PROPERTIES = *mut SAFER_CODE_PROPERTIES; 72 pub const SAFER_POLICY_JOBID_MASK: DWORD = 0xFF000000; 73 pub const SAFER_POLICY_JOBID_CONSTRAINED: DWORD = 0x04000000; 74 pub const SAFER_POLICY_JOBID_UNTRUSTED: DWORD = 0x03000000; 75 pub const SAFER_POLICY_ONLY_EXES: DWORD = 0x00010000; 76 pub const SAFER_POLICY_SANDBOX_INERT: DWORD = 0x00020000; 77 pub const SAFER_POLICY_HASH_DUPLICATE: DWORD = 0x00040000; 78 pub const SAFER_POLICY_ONLY_AUDIT: DWORD = 0x00001000; 79 pub const SAFER_POLICY_BLOCK_CLIENT_UI: DWORD = 0x00002000; 80 pub const SAFER_POLICY_UIFLAGS_MASK: DWORD = 0x000000FF; 81 pub const SAFER_POLICY_UIFLAGS_INFORMATION_PROMPT: DWORD = 0x00000001; 82 pub const SAFER_POLICY_UIFLAGS_OPTION_PROMPT: DWORD = 0x00000002; 83 pub const SAFER_POLICY_UIFLAGS_HIDDEN: DWORD = 0x00000004; 84 ENUM!{enum SAFER_POLICY_INFO_CLASS { 85 SaferPolicyLevelList = 1, 86 SaferPolicyEnableTransparentEnforcement, 87 SaferPolicyDefaultLevel, 88 SaferPolicyEvaluateUserScope, 89 SaferPolicyScopeFlags, 90 SaferPolicyDefaultLevelFlags, 91 SaferPolicyAuthenticodeEnabled, 92 }} 93 ENUM!{enum SAFER_OBJECT_INFO_CLASS { 94 SaferObjectLevelId = 1, 95 SaferObjectScopeId, 96 SaferObjectFriendlyName, 97 SaferObjectDescription, 98 SaferObjectBuiltin, 99 SaferObjectDisallowed, 100 SaferObjectDisableMaxPrivilege, 101 SaferObjectInvertDeletedPrivileges, 102 SaferObjectDeletedPrivileges, 103 SaferObjectDefaultOwner, 104 SaferObjectSidsToDisable, 105 SaferObjectRestrictedSidsInverted, 106 SaferObjectRestrictedSidsAdded, 107 SaferObjectAllIdentificationGuids, 108 SaferObjectSingleIdentification, 109 SaferObjectExtendedError, 110 }} 111 ENUM!{enum SAFER_IDENTIFICATION_TYPES { 112 SaferIdentityDefault, 113 SaferIdentityTypeImageName = 1, 114 SaferIdentityTypeImageHash, 115 SaferIdentityTypeUrlZone, 116 SaferIdentityTypeCertificate, 117 }} 118 STRUCT!{struct SAFER_IDENTIFICATION_HEADER { 119 dwIdentificationType: SAFER_IDENTIFICATION_TYPES, 120 cbStructSize: DWORD, 121 IdentificationGuid: GUID, 122 lastModified: FILETIME, 123 }} 124 pub type PSAFER_IDENTIFICATION_HEADER = *mut SAFER_IDENTIFICATION_HEADER; 125 STRUCT!{struct SAFER_PATHNAME_IDENTIFICATION { 126 header: SAFER_IDENTIFICATION_HEADER, 127 Description: [WCHAR; SAFER_MAX_DESCRIPTION_SIZE], 128 ImageName: PWCHAR, 129 dwSaferFlags: DWORD, 130 }} 131 pub type PSAFER_PATHNAME_IDENTIFICATION = *mut SAFER_PATHNAME_IDENTIFICATION; 132 STRUCT!{struct SAFER_HASH_IDENTIFICATION { 133 header: SAFER_IDENTIFICATION_HEADER, 134 Description: [WCHAR; SAFER_MAX_DESCRIPTION_SIZE], 135 FriendlyName: [WCHAR; SAFER_MAX_DESCRIPTION_SIZE], 136 HashSize: DWORD, 137 ImageHash: [BYTE; SAFER_MAX_HASH_SIZE], 138 HashAlgorithm: ALG_ID, 139 ImageSize: LARGE_INTEGER, 140 dwSaferFlags: DWORD, 141 }} 142 pub type PSAFER_HASH_IDENTIFICATION = *mut SAFER_HASH_IDENTIFICATION; 143 STRUCT!{struct SAFER_HASH_IDENTIFICATION2 { 144 hashIdentification: SAFER_HASH_IDENTIFICATION, 145 HashSize: DWORD, 146 ImageHash: [BYTE; SAFER_MAX_HASH_SIZE], 147 HashAlgorithm: ALG_ID, 148 }} 149 pub type PSAFER_HASH_IDENTIFICATION2 = *mut SAFER_HASH_IDENTIFICATION2; 150 STRUCT!{struct SAFER_URLZONE_IDENTIFICATION { 151 header: SAFER_IDENTIFICATION_HEADER, 152 UrlZoneId: DWORD, 153 dwSaferFlags: DWORD, 154 }} 155 pub type PSAFER_URLZONE_IDENTIFICATION = *mut SAFER_URLZONE_IDENTIFICATION; 156 extern "system" { SaferGetPolicyInformation( dwScopeId: DWORD, SaferPolicyInfoClass: SAFER_POLICY_INFO_CLASS, InfoBufferSize: DWORD, InfoBuffer: PVOID, InfoBufferRetSize: PDWORD, lpReserved: LPVOID, ) -> BOOL157 pub fn SaferGetPolicyInformation( 158 dwScopeId: DWORD, 159 SaferPolicyInfoClass: SAFER_POLICY_INFO_CLASS, 160 InfoBufferSize: DWORD, 161 InfoBuffer: PVOID, 162 InfoBufferRetSize: PDWORD, 163 lpReserved: LPVOID, 164 ) -> BOOL; SaferSetPolicyInformation( dwScopeId: DWORD, SaferPolicyInfoClass: SAFER_POLICY_INFO_CLASS, InfoBufferSize: DWORD, InfoBuffer: PVOID, lpReserved: LPVOID, ) -> BOOL165 pub fn SaferSetPolicyInformation( 166 dwScopeId: DWORD, 167 SaferPolicyInfoClass: SAFER_POLICY_INFO_CLASS, 168 InfoBufferSize: DWORD, 169 InfoBuffer: PVOID, 170 lpReserved: LPVOID, 171 ) -> BOOL; SaferCreateLevel( dwScopeId: DWORD, dwLevelId: DWORD, OpenFlags: DWORD, pLevelHandle: *mut SAFER_LEVEL_HANDLE, lpReserved: LPVOID, ) -> BOOL172 pub fn SaferCreateLevel( 173 dwScopeId: DWORD, 174 dwLevelId: DWORD, 175 OpenFlags: DWORD, 176 pLevelHandle: *mut SAFER_LEVEL_HANDLE, 177 lpReserved: LPVOID, 178 ) -> BOOL; SaferCloseLevel( hLevelHandle: SAFER_LEVEL_HANDLE, ) -> BOOL179 pub fn SaferCloseLevel( 180 hLevelHandle: SAFER_LEVEL_HANDLE, 181 ) -> BOOL; SaferIdentifyLevel( dwNumProperties: DWORD, pCodeProperties: PSAFER_CODE_PROPERTIES, pLevelHandle: *mut SAFER_LEVEL_HANDLE, lpReserved: LPVOID, ) -> BOOL182 pub fn SaferIdentifyLevel( 183 dwNumProperties: DWORD, 184 pCodeProperties: PSAFER_CODE_PROPERTIES, 185 pLevelHandle: *mut SAFER_LEVEL_HANDLE, 186 lpReserved: LPVOID, 187 ) -> BOOL; SaferComputeTokenFromLevel( LevelHandle: SAFER_LEVEL_HANDLE, InAccessToken: HANDLE, OutAccessToken: PHANDLE, dwFlags: DWORD, lpReserved: LPVOID, ) -> BOOL188 pub fn SaferComputeTokenFromLevel( 189 LevelHandle: SAFER_LEVEL_HANDLE, 190 InAccessToken: HANDLE, 191 OutAccessToken: PHANDLE, 192 dwFlags: DWORD, 193 lpReserved: LPVOID, 194 ) -> BOOL; SaferGetLevelInformation( LevelHandle: SAFER_LEVEL_HANDLE, dwInfoType: SAFER_OBJECT_INFO_CLASS, lpQueryBuffer: LPVOID, dwInBufferSize: DWORD, lpdwOutBufferSize: LPDWORD, ) -> BOOL195 pub fn SaferGetLevelInformation( 196 LevelHandle: SAFER_LEVEL_HANDLE, 197 dwInfoType: SAFER_OBJECT_INFO_CLASS, 198 lpQueryBuffer: LPVOID, 199 dwInBufferSize: DWORD, 200 lpdwOutBufferSize: LPDWORD, 201 ) -> BOOL; SaferSetLevelInformation( LevelHandle: SAFER_LEVEL_HANDLE, dwInfoType: SAFER_OBJECT_INFO_CLASS, lpQueryBuffer: LPVOID, dwInBufferSize: DWORD, ) -> BOOL202 pub fn SaferSetLevelInformation( 203 LevelHandle: SAFER_LEVEL_HANDLE, 204 dwInfoType: SAFER_OBJECT_INFO_CLASS, 205 lpQueryBuffer: LPVOID, 206 dwInBufferSize: DWORD, 207 ) -> BOOL; SaferRecordEventLogEntry( hLevel: SAFER_LEVEL_HANDLE, szTargetPath: LPCWSTR, lpReserved: LPVOID, ) -> BOOL208 pub fn SaferRecordEventLogEntry( 209 hLevel: SAFER_LEVEL_HANDLE, 210 szTargetPath: LPCWSTR, 211 lpReserved: LPVOID, 212 ) -> BOOL; SaferiIsExecutableFileType( szFullPath: LPCWSTR, bFromShellExecute: BOOLEAN, ) -> BOOL213 pub fn SaferiIsExecutableFileType( 214 szFullPath: LPCWSTR, 215 bFromShellExecute: BOOLEAN, 216 ) -> BOOL; 217 } 218 pub const SRP_POLICY_EXE: &'static str = "EXE"; 219 pub const SRP_POLICY_DLL: &'static str = "DLL"; 220 pub const SRP_POLICY_MSI: &'static str = "MSI"; 221 pub const SRP_POLICY_SCRIPT: &'static str = "SCRIPT"; 222 pub const SRP_POLICY_SHELL: &'static str = "SHELL"; 223 pub const SRP_POLICY_NOV2: &'static str = "IGNORESRPV2"; 224 pub const SRP_POLICY_APPX: &'static str = "APPX"; 225 pub const SRP_POLICY_WLDPMSI: &'static str = "WLDPMSI"; 226 pub const SRP_POLICY_WLDPSCRIPT: &'static str = "WLDPSCRIPT"; 227 pub const SRP_POLICY_WLDPCONFIGCI: &'static str = "WLDPCONFIGCI"; 228 pub const SRP_POLICY_MANAGEDINSTALLER: &'static str = "MANAGEDINSTALLER"; 229