// Licensed under the Apache License, Version 2.0 // or the MIT license // , at your option. // All files in the project carrying such notice may not be copied, modified, or distributed // except according to those terms. use shared::basetsd::SIZE_T; use shared::minwindef::{BOOL, DWORD, LPVOID, PBYTE, PDWORD, ULONG}; use um::minwinbase::SECURITY_ATTRIBUTES; use um::wincrypt::ALG_ID; use um::winnt::{LPCWSTR, LPWSTR, SID}; pub const WINEFS_SETUSERKEY_SET_CAPABILITIES: DWORD = 0x00000001; STRUCT!{struct EFS_CERTIFICATE_BLOB { dwCertEncodingType: DWORD, cbData: DWORD, pbData: PBYTE, }} pub type PEFS_CERTIFICATE_BLOB = *mut EFS_CERTIFICATE_BLOB; STRUCT!{struct EFS_HASH_BLOB { cbData: DWORD, pbData: PBYTE, }} pub type PEFS_HASH_BLOB = *mut EFS_HASH_BLOB; STRUCT!{struct EFS_RPC_BLOB { cbData: DWORD, pbData: PBYTE, }} pub type PEFS_RPC_BLOB = *mut EFS_RPC_BLOB; STRUCT!{struct EFS_PIN_BLOB { cbPadding: DWORD, cbData: DWORD, pbData: PBYTE, }} pub type PEFS_PIN_BLOB = *mut EFS_PIN_BLOB; STRUCT!{struct EFS_KEY_INFO { dwVersion: DWORD, Entropy: ULONG, Algorithm: ALG_ID, KeyLength: ULONG, }} pub type PEFS_KEY_INFO = *mut EFS_KEY_INFO; STRUCT!{struct EFS_COMPATIBILITY_INFO { EfsVersion: DWORD, }} pub type PEFS_COMPATIBILITY_INFO = *mut EFS_COMPATIBILITY_INFO; pub const EFS_COMPATIBILITY_VERSION_NCRYPT_PROTECTOR: DWORD = 5; pub const EFS_COMPATIBILITY_VERSION_PFILE_PROTECTOR: DWORD = 6; #[inline] pub fn EFS_IS_DESCRIPTOR_VERSION(v: DWORD) -> bool { v == EFS_COMPATIBILITY_VERSION_NCRYPT_PROTECTOR || v == EFS_COMPATIBILITY_VERSION_PFILE_PROTECTOR } pub const EFS_SUBVER_UNKNOWN: DWORD = 0; pub const EFS_EFS_SUBVER_EFS_CERT: DWORD = 1; pub const EFS_PFILE_SUBVER_RMS: DWORD = 2; pub const EFS_PFILE_SUBVER_APPX: DWORD = 3; STRUCT!{struct EFS_VERSION_INFO { EfsVersion: DWORD, SubVersion: DWORD, }} pub type PEFS_VERSION_INFO = *mut EFS_VERSION_INFO; #[inline] pub fn EFS_IS_APPX_VERSION(v: DWORD, subV: DWORD) -> bool { v == EFS_COMPATIBILITY_VERSION_PFILE_PROTECTOR && subV == EFS_PFILE_SUBVER_APPX } STRUCT!{struct EFS_DECRYPTION_STATUS_INFO { dwDecryptionError: DWORD, dwHashOffset: DWORD, cbHash: DWORD, }} pub type PEFS_DECRYPTION_STATUS_INFO = *mut EFS_DECRYPTION_STATUS_INFO; STRUCT!{struct EFS_ENCRYPTION_STATUS_INFO { bHasCurrentKey: BOOL, dwEncryptionError: DWORD, }} pub type PEFS_ENCRYPTION_STATUS_INFO = *mut EFS_ENCRYPTION_STATUS_INFO; STRUCT!{struct ENCRYPTION_CERTIFICATE { cbTotalLength: DWORD, pUserSid: *mut SID, pCertBlob: PEFS_CERTIFICATE_BLOB, }} pub type PENCRYPTION_CERTIFICATE = *mut ENCRYPTION_CERTIFICATE; pub const MAX_SID_SIZE: SIZE_T = 256; STRUCT!{struct ENCRYPTION_CERTIFICATE_HASH { cbTotalLength: DWORD, pUserSid: *mut SID, pHash: PEFS_HASH_BLOB, lpDisplayInformation: LPWSTR, }} pub type PENCRYPTION_CERTIFICATE_HASH = *mut ENCRYPTION_CERTIFICATE_HASH; STRUCT!{struct ENCRYPTION_CERTIFICATE_HASH_LIST { nCert_Hash: DWORD, pUsers: *mut PENCRYPTION_CERTIFICATE_HASH, }} pub type PENCRYPTION_CERTIFICATE_HASH_LIST = *mut ENCRYPTION_CERTIFICATE_HASH_LIST; STRUCT!{struct ENCRYPTION_CERTIFICATE_LIST { nUsers: DWORD, pUsers: *mut PENCRYPTION_CERTIFICATE, }} pub type PENCRYPTION_CERTIFICATE_LIST = *mut ENCRYPTION_CERTIFICATE_LIST; pub const EFS_METADATA_ADD_USER: DWORD = 0x00000001; pub const EFS_METADATA_REMOVE_USER: DWORD = 0x00000002; pub const EFS_METADATA_REPLACE_USER: DWORD = 0x00000004; pub const EFS_METADATA_GENERAL_OP: DWORD = 0x00000008; STRUCT!{struct ENCRYPTED_FILE_METADATA_SIGNATURE { dwEfsAccessType: DWORD, pCertificatesAdded: PENCRYPTION_CERTIFICATE_HASH_LIST, pEncryptionCertificate: PENCRYPTION_CERTIFICATE, pEfsStreamSignature: PEFS_RPC_BLOB, }} pub type PENCRYPTED_FILE_METADATA_SIGNATURE = *mut ENCRYPTED_FILE_METADATA_SIGNATURE; STRUCT!{struct ENCRYPTION_PROTECTOR { cbTotalLength: DWORD, pUserSid: *mut SID, lpProtectorDescriptor: LPWSTR, }} pub type PENCRYPTION_PROTECTOR = *mut ENCRYPTION_PROTECTOR; STRUCT!{struct ENCRYPTION_PROTECTOR_LIST { nProtectors: DWORD, pProtectors: *mut PENCRYPTION_PROTECTOR, }} pub type PENCRYPTION_PROTECTOR_LIST = *mut ENCRYPTION_PROTECTOR_LIST; extern "system" { pub fn QueryUsersOnEncryptedFile( lpFileName: LPCWSTR, pUsers: *mut PENCRYPTION_CERTIFICATE_HASH_LIST, ) -> DWORD; pub fn QueryRecoveryAgentsOnEncryptedFile( lpFileName: LPCWSTR, pRecoveryAgents: *mut PENCRYPTION_CERTIFICATE_HASH_LIST, ) -> DWORD; pub fn RemoveUsersFromEncryptedFile( lpFileName: LPCWSTR, pHashes: PENCRYPTION_CERTIFICATE_HASH_LIST, ) -> DWORD; pub fn AddUsersToEncryptedFile( lpFileName: LPCWSTR, pEncryptionCertificate: PENCRYPTION_CERTIFICATE_LIST, ) -> DWORD; pub fn SetUserFileEncryptionKey( pEncryptionCertificate: PENCRYPTION_CERTIFICATE, ) -> DWORD; pub fn SetUserFileEncryptionKeyEx( pEncryptionCertificate: PENCRYPTION_CERTIFICATE, dwCapabilities: DWORD, dwFlags: DWORD, pvReserved: LPVOID, ) -> DWORD; pub fn FreeEncryptionCertificateHashList( pUsers: PENCRYPTION_CERTIFICATE_HASH_LIST, ); pub fn EncryptionDisable( DirPath: LPCWSTR, Disable: BOOL, ) -> BOOL; pub fn DuplicateEncryptionInfoFile( SrcFileName: LPCWSTR, DstFileName: LPCWSTR, dwCreationDistribution: DWORD, dwAttributes: DWORD, lpSecurityAttributes: *const SECURITY_ATTRIBUTES, ) -> DWORD; pub fn GetEncryptedFileMetadata( lpFileName: LPCWSTR, pcbMetadata: PDWORD, ppbMetadata: *mut PBYTE, ) -> DWORD; pub fn SetEncryptedFileMetadata( lpFileName: LPCWSTR, pbOldMetadata: PBYTE, pbNewMetadata: PBYTE, pOwnerHash: PENCRYPTION_CERTIFICATE_HASH, dwOperation: DWORD, pCertificatesAdded: PENCRYPTION_CERTIFICATE_HASH_LIST, ) -> DWORD; pub fn FreeEncryptedFileMetadata( pbMetadata: PBYTE, ); }