winefs.h

#include <winapifamily.h>

//+---------------------------------------------------------------------------

// Microsoft Windows

// Copyright (C) Microsoft Corporation, 1992-1999.

// File: winefs.h

// Contents: EFS Data and prototypes.

//----------------------------------------------------------------------------

#ifndef __WINEFS_H__

#define __WINEFS_H__

// winefs.h was not available at all pre-W2K

#if (NTDDI_VERSION >= NTDDI_WIN2K)

#if _MSC_VER > 1000

#pragma once

#endif

#if _MSC_VER >= 1200

#pragma warning(push)

#pragma warning(disable:4820) // padding added after data member #endif

#pragma warning(disable:

4820

)

#ifdef __cplusplus

extern

"C"

{

#endif

#pragma region Desktop Family

#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)

#define WINEFS_SETUSERKEY_SET_CAPABILITIES 0x00000001

//+---------------------------------------------------------------------------------/

// /

// Data Structures /

// /

//----------------------------------------------------------------------------------/

// ALG_ID define is used as part of EFS_KEY_INFO (not available pre-WXP)

#if (NTDDI_VERSION >= NTDDI_WINXP)

#ifndef ALGIDDEF

#define ALGIDDEF

typedef unsigned int ALG_ID;

#endif

// Encoded Certificate

typedef

struct

_CERTIFICATE_BLOB

{

DWORD

dwCertEncodingType

;

#ifdef MIDL_PASS

[range(0,32768)]

#endif // MIDL_PASS

DWORD

cbData

;

#ifdef MIDL_PASS

[size_is(cbData)]

#endif // MIDL_PASS

PBYTE

pbData

; }

EFS_CERTIFICATE_BLOB

, *

PEFS_CERTIFICATE_BLOB

;

// Certificate Hash

typedef

struct

_EFS_HASH_BLOB

{

#ifdef MIDL_PASS

[range(0,100)]

#endif // MIDL_PASS

DWORD

cbData

;

#ifdef MIDL_PASS

[size_is(cbData)]

#endif // MIDL_PASS

PBYTE

pbData

; }

EFS_HASH_BLOB

, *

PEFS_HASH_BLOB

;

// EFS_RPC_BLOB was not available pre-WXP

#if (NTDDI_VERSION >= NTDDI_WINXP)

// RPC blob

typedef

struct

_EFS_RPC_BLOB

{

#ifdef MIDL_PASS

[range(0,266240)]

#endif // MIDL_PASS

DWORD

cbData

;

#ifdef MIDL_PASS

[size_is(cbData)]

#endif // MIDL_PASS

PBYTE

pbData

; }

EFS_RPC_BLOB

, *

PEFS_RPC_BLOB

;

#endif // #if (NTDDI_VERSION >= NTDDI_WINXP)

// EFS_PIN_BLOB was not available pre-LH

#if (NTDDI_VERSION >= NTDDI_VISTA)

typedef

struct

_EFS_PIN_BLOB

{

#ifdef MIDL_PASS

[range(0,8)]

#endif // MIDL_PASS

DWORD

cbPadding

;

#ifdef MIDL_PASS

[range(0,2048)]

#endif // MIDL_PASS

DWORD

cbData

;

#ifdef MIDL_PASS

[size_is(cbData+cbPadding)]

#endif // MIDL_PASS

PBYTE

pbData

; }

EFS_PIN_BLOB

, *

PEFS_PIN_BLOB

;

#endif // #if (NTDDI_VERSION >= NTDDI_VISTA)

// EFS_KEY_INFO was not available pre-WXP

#if (NTDDI_VERSION >= NTDDI_WINXP)

typedef

struct

_EFS_KEY_INFO

{

DWORD

dwVersion

;

ULONG

Entropy

;

ALG_ID

Algorithm

;

ULONG

KeyLength

; }

EFS_KEY_INFO

, *

PEFS_KEY_INFO

;

#endif // #if (NTDDI_VERSION >= NTDDI_WINXP)

// EFS_COMPATIBILITY_INFO was not available pre-Windows 7

#if (NTDDI_VERSION >= NTDDI_WIN7)

typedef

struct

_EFS_COMPATIBILITY_INFO

{

DWORD

EfsVersion

; }

EFS_COMPATIBILITY_INFO

, *

PEFS_COMPATIBILITY_INFO

;

#endif // #if (NTDDI_VERSION >= NTDDI_WIN7)

#if (NTDDI_VERSION >= NTDDI_WINBLUE)

#define EFS_COMPATIBILITY_VERSION_NCRYPT_PROTECTOR 5

#endif // #if (NTDDI_VERSION >= NTDDI_WINBLUE)

#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)

#define EFS_COMPATIBILITY_VERSION_PFILE_PROTECTOR 6

#define EFS_IS_DESCRIPTOR_VERSION(__v) \

( (__v == EFS_COMPATIBILITY_VERSION_NCRYPT_PROTECTOR) || \

(__v == EFS_COMPATIBILITY_VERSION_PFILE_PROTECTOR) )

#define EFS_SUBVER_UNKNOWN 0

#define EFS_EFS_SUBVER_EFS_CERT 1

#define EFS_PFILE_SUBVER_RMS 2

#define EFS_PFILE_SUBVER_APPX 3

typedef

struct

_EFS_VERSION_INFO

{

DWORD

EfsVersion

;

DWORD

SubVersion

; }

EFS_VERSION_INFO

, *

PEFS_VERSION_INFO

;

#define EFS_IS_APPX_VERSION(__v, __subV) \

( (__v == EFS_COMPATIBILITY_VERSION_PFILE_PROTECTOR) && \

(__subV == EFS_PFILE_SUBVER_APPX) )

#endif // #if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)

// EFS_(EN/DE)CRYPTION_STATUS_INFO was not available pre-LH

#if (NTDDI_VERSION >= NTDDI_VISTA)

typedef

struct

_EFS_DECRYPTION_STATUS_INFO

{

DWORD

dwDecryptionError

;

DWORD

dwHashOffset

;

DWORD

cbHash

; }

EFS_DECRYPTION_STATUS_INFO

, *

PEFS_DECRYPTION_STATUS_INFO

;

typedef

struct

_EFS_ENCRYPTION_STATUS_INFO

{

BOOL

bHasCurrentKey

;

DWORD

dwEncryptionError

; }

EFS_ENCRYPTION_STATUS_INFO

, *

PEFS_ENCRYPTION_STATUS_INFO

;

#endif // #if (NTDDI_VERSION >= NTDDI_VISTA)

// Input to add a user to an encrypted file

typedef

struct

_ENCRYPTION_CERTIFICATE

{

DWORD

cbTotalLength

;

SID

pUserSid

;

PEFS_CERTIFICATE_BLOB

pCertBlob

; }

ENCRYPTION_CERTIFICATE

, *

PENCRYPTION_CERTIFICATE

;

#define MAX_SID_SIZE 256

typedef

struct

_ENCRYPTION_CERTIFICATE_HASH

{

DWORD

cbTotalLength

;

SID

pUserSid

;

PEFS_HASH_BLOB

pHash

;

#ifdef MIDL_PASS

[string]

#endif // MIDL_PASS

LPWSTR

lpDisplayInformation

; }

ENCRYPTION_CERTIFICATE_HASH

, *

PENCRYPTION_CERTIFICATE_HASH

;

typedef

struct

_ENCRYPTION_CERTIFICATE_HASH_LIST

{

#ifdef MIDL_PASS

[range(0,500)]

#endif // MIDL_PASS

DWORD

nCert_Hash

;

#ifdef MIDL_PASS

[size_is(nCert_Hash)]

#endif // MIDL_PASS

PENCRYPTION_CERTIFICATE_HASH

pUsers

; }

ENCRYPTION_CERTIFICATE_HASH_LIST

, *

PENCRYPTION_CERTIFICATE_HASH_LIST

;

typedef

struct

_ENCRYPTION_CERTIFICATE_LIST

{

#ifdef MIDL_PASS

[range(0,500)]

#endif // MIDL_PASS

DWORD

nUsers

;

#ifdef MIDL_PASS

[size_is(nUsers)]

#endif // MIDL_PASS

PENCRYPTION_CERTIFICATE

pUsers

; }

ENCRYPTION_CERTIFICATE_LIST

, *

PENCRYPTION_CERTIFICATE_LIST

;

// ENCRYPTED_FILE_METADATA_SIGNATURE was not available pre-LH

#if (NTDDI_VERSION >= NTDDI_VISTA)

#define EFS_METADATA_ADD_USER 0x00000001

#define EFS_METADATA_REMOVE_USER 0x00000002

#define EFS_METADATA_REPLACE_USER 0x00000004

#define EFS_METADATA_GENERAL_OP 0x00000008

typedef

struct

_ENCRYPTED_FILE_METADATA_SIGNATURE

{

DWORD

dwEfsAccessType

;

PENCRYPTION_CERTIFICATE_HASH_LIST

pCertificatesAdded

;

PENCRYPTION_CERTIFICATE

pEncryptionCertificate

;

PEFS_RPC_BLOB

pEfsStreamSignature

; }

ENCRYPTED_FILE_METADATA_SIGNATURE

, *

PENCRYPTED_FILE_METADATA_SIGNATURE

;

#endif // #if (NTDDI_VERSION >= NTDDI_VISTA)

#if (NTDDI_VERSION >= NTDDI_WIN8)

typedef

struct

_ENCRYPTION_PROTECTOR

{

DWORD

cbTotalLength

;

SID

pUserSid

;

#ifdef MIDL_PASS

[string]

#endif // MIDL_PASS

LPWSTR

lpProtectorDescriptor

; }

ENCRYPTION_PROTECTOR

, *

PENCRYPTION_PROTECTOR

;

typedef

struct

_ENCRYPTION_PROTECTOR_LIST

{

DWORD

nProtectors

;

#ifdef MIDL_PASS

[size_is(nProtectors)]

#endif // MIDL_PASS

PENCRYPTION_PROTECTOR

pProtectors

; }

ENCRYPTION_PROTECTOR_LIST

, *

PENCRYPTION_PROTECTOR_LIST

;

#endif

//+---------------------------------------------------------------------------------/

// /

// Prototypes /

// /

//----------------------------------------------------------------------------------/

WINADVAPI

__declspec

(dllimport)

DWORD

WINAPI

__stdcall

QueryUsersOnEncryptedFile

(

_In_ LPCWSTR lpFileName,

LPCWSTR

lpFileName

_Outptr_ PENCRYPTION_CERTIFICATE_HASH_LIST *pUsers

PENCRYPTION_CERTIFICATE_HASH_LIST

pUsers

);

WINADVAPI

__declspec

(dllimport)

DWORD

WINAPI

__stdcall

QueryRecoveryAgentsOnEncryptedFile

(

_In_ LPCWSTR lpFileName,

LPCWSTR

lpFileName

_Outptr_ PENCRYPTION_CERTIFICATE_HASH_LIST *pRecoveryAgents

PENCRYPTION_CERTIFICATE_HASH_LIST

pRecoveryAgents

);

WINADVAPI

__declspec

(dllimport)

DWORD

WINAPI

__stdcall

RemoveUsersFromEncryptedFile

(

_In_ LPCWSTR lpFileName,

LPCWSTR

lpFileName

_In_ PENCRYPTION_CERTIFICATE_HASH_LIST pHashes

PENCRYPTION_CERTIFICATE_HASH_LIST

pHashes

);

WINADVAPI

__declspec

(dllimport)

DWORD

WINAPI

__stdcall

AddUsersToEncryptedFile

(

_In_ LPCWSTR lpFileName,

LPCWSTR

lpFileName

_In_ PENCRYPTION_CERTIFICATE_LIST pEncryptionCertificates

PENCRYPTION_CERTIFICATE_LIST

pEncryptionCertificates

);

// SetUserFileEncryptionKey signature change in Vista to allow NULL certificate

#if (NTDDI_VERSION >= NTDDI_VISTA)

WINADVAPI

__declspec

(dllimport)

DWORD

WINAPI

__stdcall

SetUserFileEncryptionKey

(

_In_opt_ PENCRYPTION_CERTIFICATE pEncryptionCertificate

PENCRYPTION_CERTIFICATE

pEncryptionCertificate

);

#else

WINADVAPI

DWORD

WINAPI

SetUserFileEncryptionKey(

_In_ PENCRYPTION_CERTIFICATE pEncryptionCertificate

);

#endif

// SetUserFileEncryptionKeyEx was not available pre-LH

#if (NTDDI_VERSION >= NTDDI_VISTA)

WINADVAPI

__declspec

(dllimport)

DWORD

WINAPI

__stdcall

SetUserFileEncryptionKeyEx

(

_In_opt_ PENCRYPTION_CERTIFICATE pEncryptionCertificate,

PENCRYPTION_CERTIFICATE

pEncryptionCertificate

DWORD

dwCapabilities

DWORD

dwFlags

_Reserved_ LPVOID pvReserved

LPVOID

pvReserved

);

#endif // #if (NTDDI_VERSION >= NTDDI_VISTA)

WINADVAPI

__declspec

(dllimport)

VOID

void

WINAPI

__stdcall

FreeEncryptionCertificateHashList

(

_In_ PENCRYPTION_CERTIFICATE_HASH_LIST pUsers

PENCRYPTION_CERTIFICATE_HASH_LIST

pUsers

);

WINADVAPI

__declspec

(dllimport)

BOOL

WINAPI

__stdcall

EncryptionDisable

(

_In_ LPCWSTR DirPath,

LPCWSTR

DirPath

BOOL

Disable

);

// DuplicateEncryptionInfoFile signature changed

// in WS03 to use a CONST SECURITY_ATTRIBUTES structure

#if (NTDDI_VERSION >= NTDDI_WS03)

WINADVAPI

__declspec

(dllimport)

DWORD

WINAPI

__stdcall

DuplicateEncryptionInfoFile

(

_In_ LPCWSTR SrcFileName,

LPCWSTR

SrcFileName

_In_ LPCWSTR DstFileName,

LPCWSTR

DstFileName

DWORD

dwCreationDistribution

DWORD

dwAttributes

_In_opt_ CONST LPSECURITY_ATTRIBUTES lpSecurityAttributes

const

LPSECURITY_ATTRIBUTES

lpSecurityAttributes

);

// DuplicateEncryptionInfoFile didn't exist pre-WXP

#elif (NTDDI_VERSION >= NTDDI_WINXP)

WINADVAPI

DWORD

WINAPI

DuplicateEncryptionInfoFile(

_In_ LPCWSTR SrcFileName,

_In_ LPCWSTR DstFileName,

DWORD dwCreationDistribution,

DWORD dwAttributes,

_In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes

);

#endif

// *EncryptedFileMetadata routines were not available pre-LH

#if (NTDDI_VERSION >= NTDDI_VISTA)

__declspec

(deprecated)

WINADVAPI

__declspec

(dllimport)

DWORD

WINAPI

__stdcall

GetEncryptedFileMetadata

(

_In_ LPCWSTR lpFileName,

LPCWSTR

lpFileName

_Out_ PDWORD pcbMetadata,

PDWORD

pcbMetadata

_Outptr_result_bytebuffer_(*pcbMetadata) PBYTE *ppbMetadata

PBYTE

ppbMetadata

);

__declspec

(deprecated)

WINADVAPI

__declspec

(dllimport)

DWORD

WINAPI

__stdcall

SetEncryptedFileMetadata

(

_In_ LPCWSTR lpFileName,

LPCWSTR

lpFileName

_In_opt_ PBYTE pbOldMetadata,

PBYTE

pbOldMetadata

_In_ PBYTE pbNewMetadata,

PBYTE

pbNewMetadata

_In_ PENCRYPTION_CERTIFICATE_HASH pOwnerHash,

PENCRYPTION_CERTIFICATE_HASH

pOwnerHash

DWORD

dwOperation

_In_opt_ PENCRYPTION_CERTIFICATE_HASH_LIST pCertificatesAdded

PENCRYPTION_CERTIFICATE_HASH_LIST

pCertificatesAdded

);

__declspec

(deprecated)

WINADVAPI

__declspec

(dllimport)

VOID

void

WINAPI

__stdcall

FreeEncryptedFileMetadata

(

_In_ PBYTE pbMetadata

PBYTE

pbMetadata

);

#endif // #if (NTDDI_VERSION >= NTDDI_VISTA)

#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */

#pragma endregion

#ifdef __cplusplus

}

// Balance extern "C" above

#endif

#if _MSC_VER >= 1200

#pragma warning(pop)

#endif

#endif // #if (NTDDI_VERSION >= NTDDI_WIN2K)

#endif // __WINEFS_H__