| // Copyright 2018 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| import "oaidl.idl"; |
| import "ocidl.idl"; |
| |
| typedef enum ProtectionLevel { |
| // No validation: This never validates anything. |
| NONE = 0, |
| // Path validation: This will validate that the data is being decrypted by an |
| // executable whose NT path matches the executable that originally encrypted |
| // it. This should only be used for executables in trusted paths e.g. |
| // C:\Program Files, otherwise anyone could pretend to be your executable. |
| PATH_VALIDATION = 1, |
| } ProtectionLevel; |
| |
| [ |
| object, |
| oleautomation, |
| uuid(A949CB4E-C4F9-44C4-B213-6BF8AA9AC69C), |
| helpstring("IElevator Interface"), |
| pointer_default(unique) |
| ] |
| interface IElevator : IUnknown |
| { |
| // Elevators are exposed as methods on IElevator, and provide High Integrity |
| // actions. Any changes to add or change a method in IElevator will require a |
| // security review. |
| // |
| // Runs the Chrome Recovery CRX elevated. |
| // |
| // @param crx_path Path for the recovery CRX. |
| // @param browser_appid Omaha AppID for the version of Chrome being recovered. |
| // @param browser_version Version of Chrome for the recovery CRX. |
| // @param session_id Omaha Session Id. |
| // @param caller_proc_id The process id of the calling process. |
| // @param proc_handle The process handle valid in the calling process context. |
| HRESULT RunRecoveryCRXElevated([in, string] const WCHAR* crx_path, |
| [in, string] const WCHAR* browser_appid, |
| [in, string] const WCHAR* browser_version, |
| [in, string] const WCHAR* session_id, |
| [in] DWORD caller_proc_id, |
| [out] ULONG_PTR* proc_handle); |
| |
| // Encrypts data with both caller and SYSTEM context DPAPI. |
| // |
| // @param protection_level the protection level to encrypt data at. |
| // @param plaintext The plaintext data to encrypt. |
| // @param ciphertext The ciphertext of the encrypted data. It is the |
| // responsibility of the caller to free this memory using |
| // SysFreeString. |
| // @param last_error The result of calling GetLastError if the operation |
| // failed. |
| // @return S_OK on success. Any other value on failure. |
| HRESULT EncryptData([in] ProtectionLevel protection_level, |
| [in] const BSTR plaintext, |
| [out] BSTR* ciphertext, |
| [out] DWORD* last_error); |
| |
| // Decrypts data with both caller and SYSTEM context DPAPI. |
| // |
| // This will only decrypt data that was encrypted via a paired EncryptData |
| // call from same application, with identity determined by the protection |
| // level of the original encrypt call. |
| // |
| // @param ciphertext The ciphertext data to decrypt. |
| // @param plaintext The plaintext of the decrypted data. It is the |
| // responsibility of the caller to free this memory using |
| // SysFreeString. |
| // @param last_error The result of calling GetLastError if the operation |
| // failed. |
| // @return S_OK on success. Any other value on failure. |
| HRESULT DecryptData([in] const BSTR ciphertext, |
| [out] BSTR* plaintext, |
| [out] DWORD* last_error); |
| }; |
| |
| // The interfaces below are all IElevator with unique IIDs. IElevator is |
| // registered with unique IIDs for the various flavors of Chrome and Chromium. |
| // This allows the different flavors of Chrome/Chromium to co-exist without side |
| // effects. |
| [ |
| object, |
| oleautomation, |
| uuid(B88C45B9-8825-4629-B83E-77CC67D9CEED), |
| helpstring("IElevatorChromium Interface"), |
| pointer_default(unique) |
| ] |
| interface IElevatorChromium : IElevator |
| { |
| }; |
| |
| [ |
| object, |
| oleautomation, |
| uuid(463ABECF-410D-407F-8AF5-0DF35A005CC8), |
| helpstring("IElevatorChrome Interface"), |
| pointer_default(unique) |
| ] |
| interface IElevatorChrome : IElevator |
| { |
| }; |
| |
| [ |
| object, |
| oleautomation, |
| uuid(A2721D66-376E-4D2F-9F0F-9070E9A42B5F), |
| helpstring("IElevatorChromeBeta Interface"), |
| pointer_default(unique) |
| ] |
| interface IElevatorChromeBeta : IElevator |
| { |
| }; |
| |
| [ |
| object, |
| oleautomation, |
| uuid(BB2AA26B-343A-4072-8B6F-80557B8CE571), |
| helpstring("IElevatorChromeDev Interface"), |
| pointer_default(unique) |
| ] |
| interface IElevatorChromeDev : IElevator |
| { |
| }; |
| |
| [ |
| object, |
| oleautomation, |
| uuid(4F7CE041-28E9-484F-9DD0-61A8CACEFEE4), |
| helpstring("IElevatorChromeCanary Interface"), |
| pointer_default(unique) |
| ] |
| interface IElevatorChromeCanary : IElevator |
| { |
| }; |
| |
| [ |
| uuid(0014D784-7012-4A79-8AB6-ADDB8193A06E), |
| version(1.0), |
| helpstring("Elevator 1.0 Type Library") |
| ] |
| library ElevatorLib { |
| importlib("stdole2.tlb"); |
| |
| interface IElevator; |
| interface IElevatorChromium; |
| interface IElevatorChrome; |
| interface IElevatorChromeBeta; |
| interface IElevatorChromeDev; |
| interface IElevatorChromeCanary; |
| }; |