1 // Licensed under the Apache License, Version 2.0
2 // <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
3 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
4 // All files in the project carrying such notice may not be copied, modified, or distributed
5 // except according to those terms.
6 use shared::basetsd::SIZE_T;
7 use shared::minwindef::{BOOL, DWORD, LPVOID, PBYTE, PDWORD, ULONG};
8 use um::minwinbase::SECURITY_ATTRIBUTES;
9 use um::wincrypt::ALG_ID;
10 use um::winnt::{LPCWSTR, LPWSTR, SID};
11 pub const WINEFS_SETUSERKEY_SET_CAPABILITIES: DWORD = 0x00000001;
12 STRUCT!{struct EFS_CERTIFICATE_BLOB {
13 dwCertEncodingType: DWORD,
14 cbData: DWORD,
15 pbData: PBYTE,
16 }}
17 pub type PEFS_CERTIFICATE_BLOB = *mut EFS_CERTIFICATE_BLOB;
18 STRUCT!{struct EFS_HASH_BLOB {
19 cbData: DWORD,
20 pbData: PBYTE,
21 }}
22 pub type PEFS_HASH_BLOB = *mut EFS_HASH_BLOB;
23 STRUCT!{struct EFS_RPC_BLOB {
24 cbData: DWORD,
25 pbData: PBYTE,
26 }}
27 pub type PEFS_RPC_BLOB = *mut EFS_RPC_BLOB;
28 STRUCT!{struct EFS_PIN_BLOB {
29 cbPadding: DWORD,
30 cbData: DWORD,
31 pbData: PBYTE,
32 }}
33 pub type PEFS_PIN_BLOB = *mut EFS_PIN_BLOB;
34 STRUCT!{struct EFS_KEY_INFO {
35 dwVersion: DWORD,
36 Entropy: ULONG,
37 Algorithm: ALG_ID,
38 KeyLength: ULONG,
39 }}
40 pub type PEFS_KEY_INFO = *mut EFS_KEY_INFO;
41 STRUCT!{struct EFS_COMPATIBILITY_INFO {
42 EfsVersion: DWORD,
43 }}
44 pub type PEFS_COMPATIBILITY_INFO = *mut EFS_COMPATIBILITY_INFO;
45 pub const EFS_COMPATIBILITY_VERSION_NCRYPT_PROTECTOR: DWORD = 5;
46 pub const EFS_COMPATIBILITY_VERSION_PFILE_PROTECTOR: DWORD = 6;
47 #[inline]
EFS_IS_DESCRIPTOR_VERSION(v: DWORD) -> bool48 pub fn EFS_IS_DESCRIPTOR_VERSION(v: DWORD) -> bool {
49 v == EFS_COMPATIBILITY_VERSION_NCRYPT_PROTECTOR
50 || v == EFS_COMPATIBILITY_VERSION_PFILE_PROTECTOR
51 }
52 pub const EFS_SUBVER_UNKNOWN: DWORD = 0;
53 pub const EFS_EFS_SUBVER_EFS_CERT: DWORD = 1;
54 pub const EFS_PFILE_SUBVER_RMS: DWORD = 2;
55 pub const EFS_PFILE_SUBVER_APPX: DWORD = 3;
56 STRUCT!{struct EFS_VERSION_INFO {
57 EfsVersion: DWORD,
58 SubVersion: DWORD,
59 }}
60 pub type PEFS_VERSION_INFO = *mut EFS_VERSION_INFO;
61 #[inline]
EFS_IS_APPX_VERSION(v: DWORD, subV: DWORD) -> bool62 pub fn EFS_IS_APPX_VERSION(v: DWORD, subV: DWORD) -> bool {
63 v == EFS_COMPATIBILITY_VERSION_PFILE_PROTECTOR && subV == EFS_PFILE_SUBVER_APPX
64 }
65 STRUCT!{struct EFS_DECRYPTION_STATUS_INFO {
66 dwDecryptionError: DWORD,
67 dwHashOffset: DWORD,
68 cbHash: DWORD,
69 }}
70 pub type PEFS_DECRYPTION_STATUS_INFO = *mut EFS_DECRYPTION_STATUS_INFO;
71 STRUCT!{struct EFS_ENCRYPTION_STATUS_INFO {
72 bHasCurrentKey: BOOL,
73 dwEncryptionError: DWORD,
74 }}
75 pub type PEFS_ENCRYPTION_STATUS_INFO = *mut EFS_ENCRYPTION_STATUS_INFO;
76 STRUCT!{struct ENCRYPTION_CERTIFICATE {
77 cbTotalLength: DWORD,
78 pUserSid: *mut SID,
79 pCertBlob: PEFS_CERTIFICATE_BLOB,
80 }}
81 pub type PENCRYPTION_CERTIFICATE = *mut ENCRYPTION_CERTIFICATE;
82 pub const MAX_SID_SIZE: SIZE_T = 256;
83 STRUCT!{struct ENCRYPTION_CERTIFICATE_HASH {
84 cbTotalLength: DWORD,
85 pUserSid: *mut SID,
86 pHash: PEFS_HASH_BLOB,
87 lpDisplayInformation: LPWSTR,
88 }}
89 pub type PENCRYPTION_CERTIFICATE_HASH = *mut ENCRYPTION_CERTIFICATE_HASH;
90 STRUCT!{struct ENCRYPTION_CERTIFICATE_HASH_LIST {
91 nCert_Hash: DWORD,
92 pUsers: *mut PENCRYPTION_CERTIFICATE_HASH,
93 }}
94 pub type PENCRYPTION_CERTIFICATE_HASH_LIST = *mut ENCRYPTION_CERTIFICATE_HASH_LIST;
95 STRUCT!{struct ENCRYPTION_CERTIFICATE_LIST {
96 nUsers: DWORD,
97 pUsers: *mut PENCRYPTION_CERTIFICATE,
98 }}
99 pub type PENCRYPTION_CERTIFICATE_LIST = *mut ENCRYPTION_CERTIFICATE_LIST;
100 pub const EFS_METADATA_ADD_USER: DWORD = 0x00000001;
101 pub const EFS_METADATA_REMOVE_USER: DWORD = 0x00000002;
102 pub const EFS_METADATA_REPLACE_USER: DWORD = 0x00000004;
103 pub const EFS_METADATA_GENERAL_OP: DWORD = 0x00000008;
104 STRUCT!{struct ENCRYPTED_FILE_METADATA_SIGNATURE {
105 dwEfsAccessType: DWORD,
106 pCertificatesAdded: PENCRYPTION_CERTIFICATE_HASH_LIST,
107 pEncryptionCertificate: PENCRYPTION_CERTIFICATE,
108 pEfsStreamSignature: PEFS_RPC_BLOB,
109 }}
110 pub type PENCRYPTED_FILE_METADATA_SIGNATURE = *mut ENCRYPTED_FILE_METADATA_SIGNATURE;
111 STRUCT!{struct ENCRYPTION_PROTECTOR {
112 cbTotalLength: DWORD,
113 pUserSid: *mut SID,
114 lpProtectorDescriptor: LPWSTR,
115 }}
116 pub type PENCRYPTION_PROTECTOR = *mut ENCRYPTION_PROTECTOR;
117 STRUCT!{struct ENCRYPTION_PROTECTOR_LIST {
118 nProtectors: DWORD,
119 pProtectors: *mut PENCRYPTION_PROTECTOR,
120 }}
121 pub type PENCRYPTION_PROTECTOR_LIST = *mut ENCRYPTION_PROTECTOR_LIST;
122 extern "system" {
QueryUsersOnEncryptedFile( lpFileName: LPCWSTR, pUsers: *mut PENCRYPTION_CERTIFICATE_HASH_LIST, ) -> DWORD123 pub fn QueryUsersOnEncryptedFile(
124 lpFileName: LPCWSTR,
125 pUsers: *mut PENCRYPTION_CERTIFICATE_HASH_LIST,
126 ) -> DWORD;
QueryRecoveryAgentsOnEncryptedFile( lpFileName: LPCWSTR, pRecoveryAgents: *mut PENCRYPTION_CERTIFICATE_HASH_LIST, ) -> DWORD127 pub fn QueryRecoveryAgentsOnEncryptedFile(
128 lpFileName: LPCWSTR,
129 pRecoveryAgents: *mut PENCRYPTION_CERTIFICATE_HASH_LIST,
130 ) -> DWORD;
RemoveUsersFromEncryptedFile( lpFileName: LPCWSTR, pHashes: PENCRYPTION_CERTIFICATE_HASH_LIST, ) -> DWORD131 pub fn RemoveUsersFromEncryptedFile(
132 lpFileName: LPCWSTR,
133 pHashes: PENCRYPTION_CERTIFICATE_HASH_LIST,
134 ) -> DWORD;
AddUsersToEncryptedFile( lpFileName: LPCWSTR, pEncryptionCertificate: PENCRYPTION_CERTIFICATE_LIST, ) -> DWORD135 pub fn AddUsersToEncryptedFile(
136 lpFileName: LPCWSTR,
137 pEncryptionCertificate: PENCRYPTION_CERTIFICATE_LIST,
138 ) -> DWORD;
SetUserFileEncryptionKey( pEncryptionCertificate: PENCRYPTION_CERTIFICATE, ) -> DWORD139 pub fn SetUserFileEncryptionKey(
140 pEncryptionCertificate: PENCRYPTION_CERTIFICATE,
141 ) -> DWORD;
SetUserFileEncryptionKeyEx( pEncryptionCertificate: PENCRYPTION_CERTIFICATE, dwCapabilities: DWORD, dwFlags: DWORD, pvReserved: LPVOID, ) -> DWORD142 pub fn SetUserFileEncryptionKeyEx(
143 pEncryptionCertificate: PENCRYPTION_CERTIFICATE,
144 dwCapabilities: DWORD,
145 dwFlags: DWORD,
146 pvReserved: LPVOID,
147 ) -> DWORD;
FreeEncryptionCertificateHashList( pUsers: PENCRYPTION_CERTIFICATE_HASH_LIST, )148 pub fn FreeEncryptionCertificateHashList(
149 pUsers: PENCRYPTION_CERTIFICATE_HASH_LIST,
150 );
EncryptionDisable( DirPath: LPCWSTR, Disable: BOOL, ) -> BOOL151 pub fn EncryptionDisable(
152 DirPath: LPCWSTR,
153 Disable: BOOL,
154 ) -> BOOL;
DuplicateEncryptionInfoFile( SrcFileName: LPCWSTR, DstFileName: LPCWSTR, dwCreationDistribution: DWORD, dwAttributes: DWORD, lpSecurityAttributes: *const SECURITY_ATTRIBUTES, ) -> DWORD155 pub fn DuplicateEncryptionInfoFile(
156 SrcFileName: LPCWSTR,
157 DstFileName: LPCWSTR,
158 dwCreationDistribution: DWORD,
159 dwAttributes: DWORD,
160 lpSecurityAttributes: *const SECURITY_ATTRIBUTES,
161 ) -> DWORD;
GetEncryptedFileMetadata( lpFileName: LPCWSTR, pcbMetadata: PDWORD, ppbMetadata: *mut PBYTE, ) -> DWORD162 pub fn GetEncryptedFileMetadata(
163 lpFileName: LPCWSTR,
164 pcbMetadata: PDWORD,
165 ppbMetadata: *mut PBYTE,
166 ) -> DWORD;
SetEncryptedFileMetadata( lpFileName: LPCWSTR, pbOldMetadata: PBYTE, pbNewMetadata: PBYTE, pOwnerHash: PENCRYPTION_CERTIFICATE_HASH, dwOperation: DWORD, pCertificatesAdded: PENCRYPTION_CERTIFICATE_HASH_LIST, ) -> DWORD167 pub fn SetEncryptedFileMetadata(
168 lpFileName: LPCWSTR,
169 pbOldMetadata: PBYTE,
170 pbNewMetadata: PBYTE,
171 pOwnerHash: PENCRYPTION_CERTIFICATE_HASH,
172 dwOperation: DWORD,
173 pCertificatesAdded: PENCRYPTION_CERTIFICATE_HASH_LIST,
174 ) -> DWORD;
FreeEncryptedFileMetadata( pbMetadata: PBYTE, )175 pub fn FreeEncryptedFileMetadata(
176 pbMetadata: PBYTE,
177 );
178 }
179