archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
4.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/gina/snapins/fde/security.cxx

331 lines
9.4 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. /*++
  3. Microsoft Windows
  4. Copyright (C) Microsoft Corporation, 1981 - 1998
  6. Module Name:
  8. security.cxx
  10. Abstract:
  11. This file contains utility functions concerning file security, e.g.
  12. convertings SIDs to strings and back, getting the display name for
  13. a given sid or getting the sid, given the display name
  16. Author:
  18. Rahul Thombre (RahulTh) 9/28/1998
  20. Revision History:
  22. 9/28/1998 RahulTh Created this module.
  24. --*/
  26. #include "precomp.hxx"
  28. //+--------------------------------------------------------------------------
  29. //
  30. // Function: LoadSidAuthFromString
  31. //
  32. // Synopsis: given a string representing the SID authority (as it is
  33. // normally represented in string format, fill the SID_AUTH..
  34. // structure. For more details on the format of the string
  35. // representation of the sid authority, refer to ntseapi.h and
  36. // ntrtl.h
  37. //
  38. // Arguments: [in] pString : pointer to the unicode string
  39. // [out] pSidAuth : pointer to the SID_IDENTIFIER_AUTH.. that is
  40. // desired
  41. //
  42. // Returns: STATUS_SUCCESS if it succeeds
  43. // or an error code
  44. //
  45. // History: 9/29/1998 RahulTh created
  46. //
  47. // Notes:
  48. //
  49. //---------------------------------------------------------------------------
  50. NTSTATUS LoadSidAuthFromString (const WCHAR* pString,
  51. PSID_IDENTIFIER_AUTHORITY pSidAuth)
  52. {
  53. size_t len;
  54. int i;
  55. NTSTATUS Status;
  56. const ULONG LowByteMask = 0xFF;
  57. ULONG n;
  59. len = wcslen (pString);
  61. if (len > 2 && 'x' == pString[1])
  62. {
  63. //this is in hex.
  64. //so we must have exactly 14 characters
  65. //(2 each for each of the 6 bytes) + 2 for the leading 0x
  66. if (14 != len)
  67. {
  68. Status = ERROR_INVALID_SID;
  69. goto LoadAuthEnd;
  70. }
  72. for (i=0; i < 6; i++)
  73. {
  74. pString += 2; //we need to skip the leading 0x
  75. pSidAuth->Value[i] = (UCHAR)(((pString[0] - L'0') << 4) +
  76. (pString[1] - L'0'));
  77. }
  78. }
  79. else
  80. {
  81. //this is in decimal
  82. Status = GetIntFromUnicodeString (pString, 10, &n);
  83. if (Status != STATUS_SUCCESS)
  84. goto LoadAuthEnd;
  86. pSidAuth->Value[0] = pSidAuth->Value[1] = 0;
  87. for (i = 5; i >=2; i--, n>>=8)
  88. pSidAuth->Value[i] = (UCHAR)(n & LowByteMask);
  89. }
  91. Status = STATUS_SUCCESS;
  93. LoadAuthEnd:
  94. return Status;
  95. }
  97. //+--------------------------------------------------------------------------
  98. //
  99. // Function: AllocateAndInitSidFromString
  100. //
  101. // Synopsis: given the string representation of a SID, this function
  102. // allocate and initializes a SID which the string represents
  103. // For more information on the string representation of SIDs
  104. // refer to ntseapi.h & ntrtl.h
  105. //
  106. // Arguments: [in] lpszSidStr : the string representation of the SID
  107. // [out] pSID : the actual SID structure created from the string
  108. //
  109. // Returns: STATUS_SUCCESS : if the sid structure was successfully created
  110. // or an error code based on errors that might occur
  111. //
  112. // History: 9/30/1998 RahulTh created
  113. //
  114. // Notes:
  115. //
  116. //---------------------------------------------------------------------------
  117. NTSTATUS AllocateAndInitSidFromString (const WCHAR* lpszSidStr, PSID* ppSid)
  118. {
  119. CString SidStr;
  120. WCHAR* pSidStr;
  121. WCHAR* pString;
  122. NTSTATUS Status;
  123. WCHAR* pEnd;
  124. int count;
  125. BYTE SubAuthCount;
  126. DWORD SubAuths[8] = {0, 0, 0, 0, 0, 0, 0, 0};
  127. ULONG n;
  128. int len;
  129. SID_IDENTIFIER_AUTHORITY Auth;
  131. SidStr = lpszSidStr;
  132. len = SidStr.GetLength();
  133. pSidStr = SidStr.GetBuffer (len);
  134. pString = pSidStr;
  136. *ppSid = NULL;
  137. count = 0;
  138. do
  139. {
  140. pString = wcschr (pString, '-');
  141. if (NULL == pString)
  142. break;
  143. count++;
  144. pString++;
  145. } while (1);
  147. SubAuthCount = (BYTE)(count - 2);
  148. if (0 > SubAuthCount || 8 < SubAuthCount)
  149. {
  150. Status = ERROR_INVALID_SID;
  151. goto AllocAndInitSidFromStr_End;
  152. }
  154. pString = wcschr (pSidStr, L'-');
  155. pString++;
  156. pString = wcschr (pString, L'-'); //ignore the revision #
  157. pString++;
  158. pEnd = wcschr (pString, L'-'); //go to the beginning of subauths.
  159. if (NULL != pEnd) *pEnd = L'\0';
  161. Status = LoadSidAuthFromString (pString, &Auth);
  163. if (STATUS_SUCCESS != Status)
  164. goto AllocAndInitSidFromStr_End;
  166. for (count = 0; count < SubAuthCount; count++)
  167. {
  168. pString = pEnd + 1;
  169. pEnd = wcschr (pString, L'-');
  170. if (pEnd)
  171. *pEnd = L'\0';
  172. Status = GetIntFromUnicodeString (pString, 10, &n);
  173. if (STATUS_SUCCESS != Status)
  174. goto AllocAndInitSidFromStr_End;
  175. SubAuths[count] = n;
  176. }
  178. Status = RtlAllocateAndInitializeSid (&Auth, SubAuthCount,
  179. SubAuths[0], SubAuths[1], SubAuths[2],
  180. SubAuths[3], SubAuths[4], SubAuths[5],
  181. SubAuths[6], SubAuths[7], ppSid);
  183. AllocAndInitSidFromStr_End:
  184. return Status;
  185. }
  187. //+--------------------------------------------------------------------------
  188. //
  189. // Function: GetFriendlyNameFromStringSid
  190. //
  191. // Synopsis: given a sid in string format, this function returns
  192. // the friendly name for it and the container in which
  193. // occurs. For more details on the string representation
  194. // of a sid, see ntseapi.h & ntrtl.h
  195. //
  196. // Arguments: [in] pSidStr : sid represented as a unicode string
  197. // [out] szDir : the container in which the account occurs
  198. // [out] szAcct : the account name
  199. //
  200. // Returns: STATUS_SUCCESS : if successful
  201. // or an error code
  202. //
  203. // History: 9/29/1998 RahulTh created
  204. //
  205. // Notes:
  206. //
  207. //---------------------------------------------------------------------------
  208. NTSTATUS GetFriendlyNameFromStringSid (const WCHAR* pSidStr,
  209. CString& szDir,
  210. CString& szAcct
  211. )
  212. {
  213. NTSTATUS Status;
  214. PSID pSid = NULL;
  215. WCHAR szName[MAX_PATH];
  216. WCHAR szDomain [MAX_PATH];
  217. DWORD dwNameLen;
  218. DWORD dwDomLen;
  219. SID_NAME_USE eUse;
  221. Status = AllocateAndInitSidFromString (pSidStr, &pSid);
  223. if (STATUS_SUCCESS != Status)
  224. goto GetFriendlyName_End;
  226. dwNameLen = dwDomLen = MAX_PATH;
  227. if (!LookupAccountSid (NULL, pSid, szName, &dwNameLen, szDomain, &dwDomLen,
  228. &eUse))
  229. goto GetFriendlyName_Err;
  231. //we have got the container and the name of the account
  232. szDir = szDomain;
  233. szAcct = szName;
  235. Status = STATUS_SUCCESS;
  236. goto GetFriendlyName_End;
  238. GetFriendlyName_Err:
  239. Status = GetLastError();
  241. GetFriendlyName_End:
  242. if (pSid)
  243. FreeSid (pSid);
  244. return Status;
  245. }
  248. //+--------------------------------------------------------------------------
  249. //
  250. // Function: GetFriendlyNameFromSid
  251. //
  252. // Synopsis: give a pointer to a sid, this function gets the friendly name
  253. // of the account to which the sid belongs and its friendly name
  254. //
  255. // Arguments: [in] pSid : pointer to the SID
  256. // [out] szDir : the domain to which the account belongs
  257. // [out] szAcct : the friendly name of the account
  258. // [out] peUse : pointer to a sid_name_use structure that
  259. // identifies the type of the account
  260. //
  261. // Returns: STATUS_SUCCESS : if successful
  262. // an error code otherwise
  263. //
  264. // History: 10/1/1998 RahulTh created
  265. //
  266. // Notes:
  267. //
  268. //---------------------------------------------------------------------------
  269. NTSTATUS GetFriendlyNameFromSid (PSID pSid,
  270. CString& szDir,
  271. CString& szAcct,
  272. SID_NAME_USE* peUse)
  273. {
  274. ASSERT (peUse);
  276. TCHAR szName[MAX_PATH];
  277. TCHAR szDomain [MAX_PATH];
  278. DWORD dwNameLen;
  279. DWORD dwDomLen;
  280. DWORD Status = STATUS_SUCCESS;
  282. dwNameLen = dwDomLen = MAX_PATH;
  283. if (!LookupAccountSid (NULL, pSid, szName, &dwNameLen, szDomain, &dwDomLen,
  284. peUse))
  285. {
  286. Status = GetLastError();
  287. }
  288. else
  289. {
  290. szDir = szDomain;
  291. szAcct = szName;
  292. }
  294. return Status;
  295. }
  297. //+--------------------------------------------------------------------------
  298. //
  299. // Function: GetStringFromSid
  300. //
  301. // Synopsis: given a SID, this function gets its string representation
  302. // for more information on string representations of sids,
  303. // refer to ntsecapi.h & ntrtl.h
  304. //
  305. // Arguments: [in] pSid : pointer to a SID
  306. // [out] szStringSid : the string representation of the SID
  307. //
  308. // Returns: STATUS_SUCCESS if successful
  309. // an error code otherwise
  310. //
  311. // History: 10/1/1998 RahulTh created
  312. //
  313. // Notes:
  314. //
  315. //---------------------------------------------------------------------------
  316. NTSTATUS GetStringFromSid (PSID pSid, CString& szStringSid)
  317. {
  318. UNICODE_STRING stringW;
  319. DWORD Status;
  321. Status = RtlConvertSidToUnicodeString (&stringW, pSid, TRUE);
  323. if (STATUS_SUCCESS == Status)
  324. {
  325. szStringSid = stringW.Buffer;
  326. }
  328. RtlFreeUnicodeString (&stringW);
  330. return Status;
  331. }