From e611b132f9b8abe35b362e5870b74bce94a1e58e Mon Sep 17 00:00:00 2001 From: Adam Date: Sat, 16 May 2020 20:51:50 -0700 Subject: initial commit --- public/sdk/inc/ntregapi.h | 448 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 448 insertions(+) create mode 100644 public/sdk/inc/ntregapi.h (limited to 'public/sdk/inc/ntregapi.h') diff --git a/public/sdk/inc/ntregapi.h b/public/sdk/inc/ntregapi.h new file mode 100644 index 000000000..f75034193 --- /dev/null +++ b/public/sdk/inc/ntregapi.h @@ -0,0 +1,448 @@ +/*++ BUILD Version: 0009 // Increment this if a change has global effects + +Copyright (c) 1991-1993 Microsoft Corporation + +Module Name: + + ntregapi.h + +Abstract: + + This module contains the registration apis and related structures, + in the forms for use with the Nt api set (as opposed to the win api set). + +Author: + + Bryan M. Willman (bryanwi) 26-Aug-1991 + +Revision History: + +--*/ + +#ifndef _NTREGAPI_ +#define _NTREGAPI_ + +// +// begin_winnt +// + +// begin_ntddk begin_nthal +// +// Registry Specific Access Rights. +// + +#define KEY_QUERY_VALUE (0x0001) +#define KEY_SET_VALUE (0x0002) +#define KEY_CREATE_SUB_KEY (0x0004) +#define KEY_ENUMERATE_SUB_KEYS (0x0008) +#define KEY_NOTIFY (0x0010) +#define KEY_CREATE_LINK (0x0020) + +#define KEY_READ ((STANDARD_RIGHTS_READ |\ + KEY_QUERY_VALUE |\ + KEY_ENUMERATE_SUB_KEYS |\ + KEY_NOTIFY) \ + & \ + (~SYNCHRONIZE)) + + +#define KEY_WRITE ((STANDARD_RIGHTS_WRITE |\ + KEY_SET_VALUE |\ + KEY_CREATE_SUB_KEY) \ + & \ + (~SYNCHRONIZE)) + +#define KEY_EXECUTE ((KEY_READ) \ + & \ + (~SYNCHRONIZE)) + +#define KEY_ALL_ACCESS ((STANDARD_RIGHTS_ALL |\ + KEY_QUERY_VALUE |\ + KEY_SET_VALUE |\ + KEY_CREATE_SUB_KEY |\ + KEY_ENUMERATE_SUB_KEYS |\ + KEY_NOTIFY |\ + KEY_CREATE_LINK) \ + & \ + (~SYNCHRONIZE)) + +// +// Open/Create Options +// + +#define REG_OPTION_RESERVED (0x00000000L) // Parameter is reserved + +#define REG_OPTION_NON_VOLATILE (0x00000000L) // Key is preserved + // when system is rebooted + +#define REG_OPTION_VOLATILE (0x00000001L) // Key is not preserved + // when system is rebooted + +#define REG_OPTION_CREATE_LINK (0x00000002L) // Created key is a + // symbolic link + +#define REG_OPTION_BACKUP_RESTORE (0x00000004L) // open for backup or restore + // special access rules + // privilege required + +#define REG_OPTION_OPEN_LINK (0x00000008L) // Open symbolic link + +#define REG_LEGAL_OPTION \ + (REG_OPTION_RESERVED |\ + REG_OPTION_NON_VOLATILE |\ + REG_OPTION_VOLATILE |\ + REG_OPTION_CREATE_LINK |\ + REG_OPTION_BACKUP_RESTORE |\ + REG_OPTION_OPEN_LINK) + +// +// Key creation/open disposition +// + +#define REG_CREATED_NEW_KEY (0x00000001L) // New Registry Key created +#define REG_OPENED_EXISTING_KEY (0x00000002L) // Existing Key opened + +// +// Key restore flags +// + +#define REG_WHOLE_HIVE_VOLATILE (0x00000001L) // Restore whole hive volatile +#define REG_REFRESH_HIVE (0x00000002L) // Unwind changes to last flush +#define REG_NO_LAZY_FLUSH (0x00000004L) // Never lazy flush this hive + +// end_ntddk end_nthal + +// +// Notify filter values +// +#define REG_NOTIFY_CHANGE_NAME (0x00000001L) // Create or delete (child) +#define REG_NOTIFY_CHANGE_ATTRIBUTES (0x00000002L) +#define REG_NOTIFY_CHANGE_LAST_SET (0x00000004L) // time stamp +#define REG_NOTIFY_CHANGE_SECURITY (0x00000008L) + +#define REG_LEGAL_CHANGE_FILTER \ + (REG_NOTIFY_CHANGE_NAME |\ + REG_NOTIFY_CHANGE_ATTRIBUTES |\ + REG_NOTIFY_CHANGE_LAST_SET |\ + REG_NOTIFY_CHANGE_SECURITY) + +// +// end_winnt +// + +// begin_ntddk begin_nthal +// +// Key query structures +// + +typedef struct _KEY_BASIC_INFORMATION { + LARGE_INTEGER LastWriteTime; + ULONG TitleIndex; + ULONG NameLength; + WCHAR Name[1]; // Variable length string +} KEY_BASIC_INFORMATION, *PKEY_BASIC_INFORMATION; + +typedef struct _KEY_NODE_INFORMATION { + LARGE_INTEGER LastWriteTime; + ULONG TitleIndex; + ULONG ClassOffset; + ULONG ClassLength; + ULONG NameLength; + WCHAR Name[1]; // Variable length string +// Class[1]; // Variable length string not declared +} KEY_NODE_INFORMATION, *PKEY_NODE_INFORMATION; + +typedef struct _KEY_FULL_INFORMATION { + LARGE_INTEGER LastWriteTime; + ULONG TitleIndex; + ULONG ClassOffset; + ULONG ClassLength; + ULONG SubKeys; + ULONG MaxNameLen; + ULONG MaxClassLen; + ULONG Values; + ULONG MaxValueNameLen; + ULONG MaxValueDataLen; + WCHAR Class[1]; // Variable length +} KEY_FULL_INFORMATION, *PKEY_FULL_INFORMATION; + +typedef enum _KEY_INFORMATION_CLASS { + KeyBasicInformation, + KeyNodeInformation, + KeyFullInformation +} KEY_INFORMATION_CLASS; + +typedef struct _KEY_WRITE_TIME_INFORMATION { + LARGE_INTEGER LastWriteTime; +} KEY_WRITE_TIME_INFORMATION, *PKEY_WRITE_TIME_INFORMATION; + +typedef enum _KEY_SET_INFORMATION_CLASS { + KeyWriteTimeInformation +} KEY_SET_INFORMATION_CLASS; + +// +// Value entry query structures +// + +typedef struct _KEY_VALUE_BASIC_INFORMATION { + ULONG TitleIndex; + ULONG Type; + ULONG NameLength; + WCHAR Name[1]; // Variable size +} KEY_VALUE_BASIC_INFORMATION, *PKEY_VALUE_BASIC_INFORMATION; + +typedef struct _KEY_VALUE_FULL_INFORMATION { + ULONG TitleIndex; + ULONG Type; + ULONG DataOffset; + ULONG DataLength; + ULONG NameLength; + WCHAR Name[1]; // Variable size +// Data[1]; // Variable size data not declared +} KEY_VALUE_FULL_INFORMATION, *PKEY_VALUE_FULL_INFORMATION; + +typedef struct _KEY_VALUE_PARTIAL_INFORMATION { + ULONG TitleIndex; + ULONG Type; + ULONG DataLength; + UCHAR Data[1]; // Variable size +} KEY_VALUE_PARTIAL_INFORMATION, *PKEY_VALUE_PARTIAL_INFORMATION; + +typedef struct _KEY_VALUE_ENTRY { + PUNICODE_STRING ValueName; + ULONG DataLength; + ULONG DataOffset; + ULONG Type; +} KEY_VALUE_ENTRY, *PKEY_VALUE_ENTRY; + +typedef enum _KEY_VALUE_INFORMATION_CLASS { + KeyValueBasicInformation, + KeyValueFullInformation, + KeyValuePartialInformation +} KEY_VALUE_INFORMATION_CLASS; + + +// end_ntddk end_nthal +// +// Notify return structures +// + +typedef enum _REG_ACTION { + KeyAdded, + KeyRemoved, + KeyModified +} REG_ACTION; + +typedef struct _REG_NOTIFY_INFORMATION { + ULONG NextEntryOffset; + REG_ACTION Action; + ULONG KeyLength; + WCHAR Key[1]; // Variable size +} REG_NOTIFY_INFORMATION, *PREG_NOTIFY_INFORMATION; + + +// +// Nt level registry API calls +// + +NTSYSAPI +NTSTATUS +NTAPI +NtCreateKey( + OUT PHANDLE KeyHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes, + IN ULONG TitleIndex, + IN PUNICODE_STRING Class OPTIONAL, + IN ULONG CreateOptions, + OUT PULONG Disposition OPTIONAL + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtDeleteKey( + IN HANDLE KeyHandle + ); + + +NTSYSAPI +NTSTATUS +NTAPI +NtDeleteValueKey( + IN HANDLE KeyHandle, + IN PUNICODE_STRING ValueName + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtEnumerateKey( + IN HANDLE KeyHandle, + IN ULONG Index, + IN KEY_INFORMATION_CLASS KeyInformationClass, + OUT PVOID KeyInformation, + IN ULONG Length, + OUT PULONG ResultLength + ); + + +NTSYSAPI +NTSTATUS +NTAPI +NtEnumerateValueKey( + IN HANDLE KeyHandle, + IN ULONG Index, + IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass, + OUT PVOID KeyValueInformation, + IN ULONG Length, + OUT PULONG ResultLength + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtFlushKey( + IN HANDLE KeyHandle + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtInitializeRegistry( + IN BOOLEAN SetupBoot + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtNotifyChangeKey( + IN HANDLE KeyHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN ULONG CompletionFilter, + IN BOOLEAN WatchTree, + OUT PVOID Buffer, + IN ULONG BufferSize, + IN BOOLEAN Asynchronous + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtLoadKey( + IN POBJECT_ATTRIBUTES TargetKey, + IN POBJECT_ATTRIBUTES SourceFile + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtLoadKey2( + IN POBJECT_ATTRIBUTES TargetKey, + IN POBJECT_ATTRIBUTES SourceFile, + IN ULONG Flags + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtOpenKey( + OUT PHANDLE KeyHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtQueryKey( + IN HANDLE KeyHandle, + IN KEY_INFORMATION_CLASS KeyInformationClass, + OUT PVOID KeyInformation, + IN ULONG Length, + OUT PULONG ResultLength + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtQueryValueKey( + IN HANDLE KeyHandle, + IN PUNICODE_STRING ValueName, + IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass, + OUT PVOID KeyValueInformation, + IN ULONG Length, + OUT PULONG ResultLength + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtQueryMultipleValueKey( + IN HANDLE KeyHandle, + IN PKEY_VALUE_ENTRY ValueEntries, + IN ULONG EntryCount, + OUT PVOID ValueBuffer, + IN OUT PULONG BufferLength, + OUT OPTIONAL PULONG RequiredBufferLength + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtReplaceKey( + IN POBJECT_ATTRIBUTES NewFile, + IN HANDLE TargetHandle, + IN POBJECT_ATTRIBUTES OldFile + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtRestoreKey( + IN HANDLE KeyHandle, + IN HANDLE FileHandle, + IN ULONG Flags + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtSaveKey( + IN HANDLE KeyHandle, + IN HANDLE FileHandle + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtSetValueKey( + IN HANDLE KeyHandle, + IN PUNICODE_STRING ValueName, + IN ULONG TitleIndex OPTIONAL, + IN ULONG Type, + IN PVOID Data, + IN ULONG DataSize + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtUnloadKey( + IN POBJECT_ATTRIBUTES TargetKey + ); + +NTSYSAPI +NTSTATUS +NTAPI +NtSetInformationKey( + IN HANDLE KeyHandle, + IN KEY_SET_INFORMATION_CLASS KeySetInformationClass, + IN PVOID KeySetInformation, + IN ULONG KeySetInformationLength + ); + +#endif // _NTREGAPI_ -- cgit v1.2.3