Trusted APIs (Windows CE 5.0)
In addition to the original equipment manufacturer functions, the CeGetCurrentTrust and CeGetCallerTrust API functions enable a DLL to query the trust level of a calling application.
The following table shows the API functions that can be called only by trusted applications.
The following table shows file-based API functions that are influenced by the SYSTEM attribute that can be set on a file. For more information, see File System Security.
| API | API |
|---|---|
| CreateFile | CreateFileForMapping |
| CopyFile | DeleteFile |
| DeleteAndRenameFile | MoveFile |
| RemoveDirectory | SetFileAttributes |
The following table shows database API functions that are influenced by the SYSTEM attribute that can be set on a database. For more information, see Database Security.
| API | API |
|---|---|
| CeMountDBVol | CeCreateDatabaseEx2 |
| CeOpenDatabaseEx2 | CeDeleteDatabaseEx |
| CeSetDatabaseInfoEx2 |
In addition, the debug flags DEBUG_ONLY_THIS_PROCESS and DEBUG_PROCESS of the CreateProcess API are restricted. If these flags are used by a non-trusted application, the identified process will still launch but no debugging will occur.
Debug flags, DEBUG_ONLY_THIS_PROCESS and DEBUG_PROCESS, in the CreateProcess API are restricted as well.
The secure registry architecture in Windows CE allows only trusted applications that you have identified to modify keys and values in protected portions of the registry.
Because most of the registry is unprotected, original equipment manufacturers must place all-important registry information in one of the protected keys.
**Note **All applications have read-only access to all registry keys and values.
In Windows CE, the following registry root keys and their subkeys are protected from untrusted applications:
- HKEY_LOCAL_MACHINE\Comm
- HKEY_LOCAL_MACHINE\Drivers
- HKEY_LOCAL_MACHINE\HARDWARE
- HKEY_LOCAL_MACHINE\Init
- HKEY_LOCAL_MACHINE\Services
- HKEY_LOCAL_MACHINE\SYSTEM
- HKEY_LOCAL_MACHINE\WDMDrivers
Untrusted applications are also not allowed to modify protected data. They receive the ERROR_ACCESS_DENIED return value if they attempt to use the following registry functions:
- RegSetValueEx
- RegCreateKeyEx
- RegDeleteKey
- RegDeleteValue
Windows Mobile 5.0
In Windows Mobile 5.0 software there are additional APIs and registry root keys that are also protected from untrusted applications.
The following table shows the Extended Telephony Application Program Interface (ExTAPI) functions that can be called by trusted applications.
The following table shows the SIM Manager functions that can be called by trusted applications.
| API | API |
|---|---|
| SimChangeLockingPassword | SimReadRecord |
| SimDeleteMessage | SimSetLockingStatus |
| SimGetRecordInfo | SimUnlockPhone |
| SimGetSmsStorageStatus | SimWriteMessage |
| SimReadMessage | SimWriteRecord |
The following table shows the Short Message Service (SMS) functions that can be called by trusted applications.
| API |
|---|
| SmsClearMessageNotification |
| SmsSetMessageNotification |
| SmsSetSMSC |
The following table shows other functions that can be called by trusted applications.
| API |
|---|
| Connection Manager function ConnMgrProviderMessage |
| Critical Process Monitor function CPMRegister (Reboot) |
In Windows Mobile 5.0-based devices, the following registry root keys and subkeys are protected from untrusted applications in addition the list for Windows CE:
- HKEY_LOCAL_MACHINE\Security
- HKEY_CURRENT_USER\Security
- HKEY_LOCAL_MACHINE\Loader
See Also
Trusted Environment Creation | Protected Registry Keys and Values | Database Security | Core OS Reference
Last updated on Thursday, February 02, 2006
Send Feedback on this topic to the authors