Share via


LoaderVerifierAuthorize (Compact 7)

3/12/2014

This function checks the authorization level for a file that Security Loader loads.

Syntax

HRESULT LoaderVerifierAuthorize(
    __in HANDLE                  hslauthnFile,
    __out LV_AUTHORIZATION*      pslauthz
);

Parameters

  • pslauthz
    [out] Pointer to a variable that receives the result of the authorization check. Callers must check this variable to determine whether to load the file. The Remarks section lists possible error return values when pslauthz returns LV_AUTHORIZATION_DENIED.

Return Value

The function returns the following value if the function successfully determines the authorization level. If the function is not successful, it returns a standard error code indicating the cause.

Value Description

S_OK

The function successfully determined the authorization result for the file.

If the function returned S_OK, but pslauthz returned LV_AUTHORIZATION_DENIED, then you can call GetLastError to determine why the authorization was denied. See Remarks for a list of LV_E_* error returns.

Remarks

The return value from this function indicates whether the function was able to successfully determine the authorization level, not the result of the authorization check itself. Use the variable pslauthz to determine the authorization level that is given to the caller.

The following table lists possible error return values when pslauthz returns LV_AUTHORIZATION_DENIED. Call GetLastError to retrieve these values.

Value Description

LV_E_BLOCKED

The file is blocked by security policy.

LV_E_NO_SIGNATURE

The file is not digitally signed by trusted authorities.

LV_E_TAMPERED

The module has been tampered with.

LV_E_CERTIFICATE_EXPIRED

The signing certificate or one of the certificates in the trust chain is expired.

LV_E_CERTIFICATE_NOT_TRUSTED

The signing certificate or one of the certificates in the trust chain is not trusted.

LV_E_CERTIFICATE_USAGE_VIOLATION

The signing certificate or one of the certificates in the trust chain violated its usage constraint.

LV_E_RESTRICTED_TO_LAUNCH

The security policy restricted the file to launches from only one specific chamber.

Requirements

Header

loaderverifier.h

Library

coredll.lib

See Also

Reference

Security Loader Functions
LV_AUTHORIZATION